nft: Introduce fetch_chain_cache()

Move chain cache population from nft_chain_list_get() into a dedicated
function.

Signed-off-by: Phil Sutter <phil@nwl.cc>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>

diff --git a/iptables/nft.c b/iptables/nft.c
index 469448f42cd6dd8b5c8a032ce0779b616d6c4a08..b425577798679015e0704ab27ba903e38ed38fb8 100644 (file)
--- a/iptables/nft.c
+++ b/iptables/nft.c
@@ -1295,20 +1295,12 @@ err:
        return MNL_CB_OK;
 }
 
-struct nftnl_chain_list *nft_chain_list_get(struct nft_handle *h,
-                                           const char *table)
+static int fetch_chain_cache(struct nft_handle *h)
 {
        char buf[16536];
        struct nlmsghdr *nlh;
-       const struct builtin_table *t;
        int i, ret;
 
-       t = nft_table_builtin_find(h, table);
-       if (!t)
-               return NULL;
-
-       if (h->table[t->type].chain_cache)
-               return h->table[t->type].chain_cache;
 retry:
        for (i = 0; i < NFT_TABLE_MAX; i++) {
                enum nft_table_type type = h->tables[i].type;
@@ -1318,7 +1310,7 @@ retry:
 
                h->table[type].chain_cache = nftnl_chain_list_alloc();
                if (!h->table[type].chain_cache)
-                       return NULL;
+                       return -1;
        }
 
        nlh = nftnl_chain_nlmsg_build_hdr(buf, NFT_MSG_GETCHAIN, h->family,
@@ -1331,6 +1323,21 @@ retry:
                goto retry;
        }
 
+       return ret;
+}
+
+struct nftnl_chain_list *nft_chain_list_get(struct nft_handle *h,
+                                           const char *table)
+{
+       const struct builtin_table *t;
+
+       t = nft_table_builtin_find(h, table);
+       if (!t)
+               return NULL;
+
+       if (!h->table[t->type].chain_cache)
+               fetch_chain_cache(h);
+
        return h->table[t->type].chain_cache;
 }