From 1524134b0bc013bf8facd62295dd537197d95230 Mon Sep 17 00:00:00 2001
From: Fernando Fernandez Mancera <ffmancera@riseup.net>
Date: Thu, 30 Aug 2018 19:18:42 +0200
Subject: src: osf: load pf.os from expr_evaluate_osf()

Remove osf_init variable and call nfnl_osf_load_fingerprints() from
expr_evaluate_osf() instead of doing that from do_command_add() path.

Signed-off-by: Fernando Fernandez Mancera <ffmancera@riseup.net>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
---
 include/osf.h  |  1 -
 src/evaluate.c | 11 +++++++++++
 src/nfnl_osf.c |  2 --
 src/osf.c      |  1 -
 src/rule.c     |  6 +-----
 5 files changed, 12 insertions(+), 9 deletions(-)

diff --git a/include/osf.h b/include/osf.h
index 074ba9a3..54cdd4af 100644
--- a/include/osf.h
+++ b/include/osf.h
@@ -3,7 +3,6 @@
 
 struct expr *osf_expr_alloc(const struct location *loc);
 
-extern bool osf_init;
 extern int nfnl_osf_load_fingerprints(struct netlink_ctx *ctx, int del);
 
 #endif /* NFTABLES_OSF_H */
diff --git a/src/evaluate.c b/src/evaluate.c
index 9a7118ec..19550823 100644
--- a/src/evaluate.c
+++ b/src/evaluate.c
@@ -26,6 +26,8 @@
 
 #include <expression.h>
 #include <statement.h>
+#include <netlink.h>
+#include <time.h>
 #include <rule.h>
 #include <erec.h>
 #include <gmputil.h>
@@ -1727,6 +1729,15 @@ static int expr_evaluate_socket(struct eval_ctx *ctx, struct expr **expr)
 
 static int expr_evaluate_osf(struct eval_ctx *ctx, struct expr **expr)
 {
+	struct netlink_ctx nl_ctx = {
+		.nf_sock	= ctx->nf_sock,
+		.debug_mask	= ctx->debug_mask,
+		.octx		= ctx->octx,
+		.seqnum		= time(NULL),
+	};
+
+	nfnl_osf_load_fingerprints(&nl_ctx, 0);
+
 	return expr_evaluate_primary(ctx, expr);
 }
 
diff --git a/src/nfnl_osf.c b/src/nfnl_osf.c
index e37510bd..fb76fb0e 100644
--- a/src/nfnl_osf.c
+++ b/src/nfnl_osf.c
@@ -43,8 +43,6 @@
 #define OSFPDEL 		':'
 #define MAXOPTSTRLEN		128
 
-bool osf_init;
-
 static struct nf_osf_opt IANA_opts[] = {
 	{ .kind = 0, .length = 1,},
 	{ .kind=1, .length=1,},
diff --git a/src/osf.c b/src/osf.c
index fc09e157..85c95739 100644
--- a/src/osf.c
+++ b/src/osf.c
@@ -28,7 +28,6 @@ struct expr *osf_expr_alloc(const struct location *loc)
 	const struct datatype *type = &string_type;
 	struct expr *expr;
 
-	osf_init = true;
 	expr = expr_alloc(loc, &osf_expr_ops, type,
 			  BYTEORDER_HOST_ENDIAN, len);
 
diff --git a/src/rule.c b/src/rule.c
index 68abdc34..e6d61b67 100644
--- a/src/rule.c
+++ b/src/rule.c
@@ -1394,7 +1394,6 @@ static int do_add_set(struct netlink_ctx *ctx, const struct cmd *cmd,
 static int do_command_add(struct netlink_ctx *ctx, struct cmd *cmd, bool excl)
 {
 	uint32_t flags = excl ? NLM_F_EXCL : 0;
-	int err;
 
 	if (ctx->octx->echo) {
 		int ret;
@@ -1413,10 +1412,7 @@ static int do_command_add(struct netlink_ctx *ctx, struct cmd *cmd, bool excl)
 	case CMD_OBJ_CHAIN:
 		return netlink_add_chain_batch(ctx, cmd, flags);
 	case CMD_OBJ_RULE:
-		err = netlink_add_rule_batch(ctx, cmd, flags | NLM_F_APPEND);
-		if (osf_init)
-			nfnl_osf_load_fingerprints(ctx, 0);
-		return err;
+		return netlink_add_rule_batch(ctx, cmd, flags | NLM_F_APPEND);
 	case CMD_OBJ_SET:
 		return do_add_set(ctx, cmd, flags);
 	case CMD_OBJ_SETELEM:
-- 
cgit v1.2.3