From: Eric Jallot <ejallot@gmail.com>
Date: Tue, 20 Aug 2019 15:50:05 +0000 (+0200)
Subject: src: secmark: fix brace indentation and missing quotes in selctx output
X-Git-Tag: v0.9.3~88
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=03478af1bea03eafd43df94334cb001ed26145a3;p=thirdparty%2Fnftables.git

src: secmark: fix brace indentation and missing quotes in selctx output

Before patch:
 # nft list secmarks | tee rules.nft
 table inet t {
        secmark s {
                system_u:object_r:ssh_server_packet_t:s0        }
 }
 # nft flush ruleset
 # nft -f rules.nft
 rules.nft:3:11-11: Error: syntax error, unexpected colon
                system_u:object_r:ssh_server_packet_t:s0

Colon is not allowed in strings and breaks nft -f.
So move to quoted string in selctx output.

After patch:
 # nft list secmarks | tee rules.nft
 table inet t {
         secmark s {
                 "system_u:object_r:ssh_server_packet_t:s0"
         }
 }
 # nft flush ruleset
 # nft -f rules.nft

Fixes: 3bc84e5c ("src: add support for setting secmark")
Signed-off-by: Eric Jallot <ejallot@gmail.com>
Signed-off-by: Florian Westphal <fw@strlen.de>
---

diff --git a/src/rule.c b/src/rule.c
index 5655e8c0..19125131 100644
--- a/src/rule.c
+++ b/src/rule.c
@@ -1820,7 +1820,7 @@ static void obj_print_data(const struct obj *obj,
 		if (nft_output_handle(octx))
 			nft_print(octx, " # handle %" PRIu64, obj->handle.handle.id);
 		nft_print(octx, "%s%s%s", opts->nl, opts->tab, opts->tab);
-		nft_print(octx, "%s", obj->secmark.ctx);
+		nft_print(octx, "\"%s\"%s", obj->secmark.ctx, opts->nl);
 		break;
 	case NFT_OBJECT_CT_HELPER:
 		nft_print(octx, " %s {", obj->handle.obj.name);