From: Thomas Haller <thaller@redhat.com>
Date: Mon, 10 Jul 2023 08:45:16 +0000 (+0200)
Subject: libnftables: always initialize netlink socket in nft_ctx_new()
X-Git-Tag: v1.0.8~9
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=057f5ffe7dd500a379ca882cfec699d52bfa40a1;p=thirdparty%2Fnftables.git

libnftables: always initialize netlink socket in nft_ctx_new()

nft_ctx_new() has a flags argument, but currently no flags are
supported. The documentation suggests to pass 0 (NFT_CTX_DEFAULT).

Initializing the netlink socket happens by default already, we should do
it for all flags. Also because  nft_ctx_netlink_init() is not public
API so it's not clear how the user gets a functioning context instance
otherwise.

If we ever want to not initialize the netlink socket for a context
instance, then there should be a dedicated flag for doing that (and
additional API for making that mode of operation usable).

Signed-off-by: Thomas Haller <thaller@redhat.com>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
---

diff --git a/src/libnftables.c b/src/libnftables.c
index de16d203..57e0fc77 100644
--- a/src/libnftables.c
+++ b/src/libnftables.c
@@ -219,8 +219,7 @@ struct nft_ctx *nft_ctx_new(uint32_t flags)
 	ctx->output.error_fp = stderr;
 	init_list_head(&ctx->vars_ctx.indesc_list);
 
-	if (flags == NFT_CTX_DEFAULT)
-		nft_ctx_netlink_init(ctx);
+	nft_ctx_netlink_init(ctx);
 
 	return ctx;
 }