Use an internal array and expose maximum size so we can just use the
same array size for all protocol timeouts. This simplifies handling
a bit and we don't need to set NFTNL_OBJ_CT_TIMEOUT_L4PROTO in first
place.
Signed-off-by: Pablo Neira Ayuso <pa...@netfilter.org>
---
include/libnftnl/object.h | 2 ++
include/obj.h | 2 +-
src/obj/ct_timeout.c | 28 +++++-----------------------
3 files changed, 8 insertions(+), 24 deletions(-)
diff --git a/include/libnftnl/object.h b/include/libnftnl/object.h
index e8466980a140..0279705135d1 100644
--- a/include/libnftnl/object.h
+++ b/include/libnftnl/object.h
@@ -62,6 +62,8 @@ enum nftnl_cttimeout_array_udp {
NFTNL_CTTIMEOUT_UDP_MAX
};
+#define NFTNL_CTTIMEOUT_ARRAY_MAX NFTNL_CTTIMEOUT_TCP_MAX
+
enum {
NFTNL_OBJ_CT_TIMEOUT_L3PROTO = NFTNL_OBJ_BASE,
NFTNL_OBJ_CT_TIMEOUT_L4PROTO,
diff --git a/include/obj.h b/include/obj.h
index 837a54a1f352..dfdbb73191c6 100644
--- a/include/obj.h
+++ b/include/obj.h
@@ -39,7 +39,7 @@ struct nftnl_obj {
struct nftnl_obj_ct_timeout {
uint16_t l3proto;
uint8_t l4proto;
- uint32_t *timeout;
+ uint32_t timeout[NFTNL_CTTIMEOUT_ARRAY_MAX];
} ct_timeout;
struct nftnl_obj_limit {
uint64_t rate;
diff --git a/src/obj/ct_timeout.c b/src/obj/ct_timeout.c
index f39e5adfbfbd..fe0689a8adab 100644
--- a/src/obj/ct_timeout.c
+++ b/src/obj/ct_timeout.c
@@ -86,27 +86,8 @@ nftnl_timeout_policy_attr_set_u32(struct nftnl_obj *e,
uint32_t type, uint32_t data)
{
struct nftnl_obj_ct_timeout *t = nftnl_obj_data(e);
- size_t timeout_array_size;
- /* Layer 4 protocol needs to be already set. */
- if (!(e->flags & (1 << NFTNL_OBJ_CT_TIMEOUT_L4PROTO)))
- return -1;
- if (t->timeout == NULL) {
- /* if not supported, default to generic protocol tracker. */
- if (timeout_protocol[t->l4proto].attr_max != 0) {
- timeout_array_size = sizeof(uint32_t) *
- timeout_protocol[t->l4proto].attr_max;
- } else {
- timeout_array_size = sizeof(uint32_t) *
- timeout_protocol[IPPROTO_RAW].attr_max;
- }
- t->timeout = calloc(1, timeout_array_size);
- if (t->timeout == NULL)
- return -1;
- }
-
- /* this state does not exists in this protocol tracker.*/
- if (type > timeout_protocol[t->l4proto].attr_max)
+ if (type >= NFTNL_CTTIMEOUT_ARRAY_MAX)
return -1;
t->timeout[type] = data;
@@ -173,11 +154,12 @@ static int nftnl_obj_ct_timeout_set(struct nftnl_obj *e,
uint16_t type,
timeout->l4proto = *((uint8_t *)data);
break;
case NFTNL_OBJ_CT_TIMEOUT_ARRAY:
- timeout->timeout = ((uint32_t *)data);
+ memcpy(timeout->timeout, data,
+ sizeof(uint32_t) * NFTNL_CTTIMEOUT_ARRAY_MAX);
break;
default:
return -1;
- }
+ }
return 0;
}
@@ -194,7 +176,7 @@ static const void *nftnl_obj_ct_timeout_get(const struct
nftnl_obj *e,
*data_len = sizeof(timeout->l4proto);
return &timeout->l4proto;
case NFTNL_OBJ_CT_TIMEOUT_ARRAY:
- *data_len = sizeof(timeout->timeout);
+ *data_len = sizeof(uint32_t) * NFTNL_CTTIMEOUT_ARRAY_MAX;
return timeout->timeout;
}
return NULL;
--
2.11.0
