configure: Auto-detect libz unless explicitly requested

If user did not pass --with-zlib and it is not available, simply turn
off rule compat expression compression. It is not strictly necessary and
users may not care.

While at it, drop the conditional AC_DEFINE() call: In fact,
AC_CHECK_LIB() does that already.

Fixes: ff5f6a208efcc ("nft-ruleparse: Fallback to compat expressions in userdata")
Signed-off-by: Phil Sutter <phil@nwl.cc>

diff --git a/configure.ac b/configure.ac
index d42588c8a4b6d8dde79a2cb7be2b339635a6a665..2a8abf21b98c5220c2741a5b6b1761e223fe5bfc 100644 (file)
--- a/configure.ac
+++ b/configure.ac
@@ -79,11 +79,12 @@ AC_ARG_ENABLE([profiling],
        [enable_profiling="$enableval"], [enable_profiling="no"])
 AC_ARG_WITH([zlib], [AS_HELP_STRING([--without-zlib],
            [Disable payload compression of rule compat expressions])],
        [enable_profiling="$enableval"], [enable_profiling="no"])
 AC_ARG_WITH([zlib], [AS_HELP_STRING([--without-zlib],
            [Disable payload compression of rule compat expressions])],

-           [], [with_zlib=yes])
+           [], [with_zlib=check])

 AS_IF([test "x$with_zlib" != xno], [
        AC_CHECK_LIB([z], [compress], ,
 AS_IF([test "x$with_zlib" != xno], [
        AC_CHECK_LIB([z], [compress], ,

-                   AC_MSG_ERROR([No suitable version of zlib found]))
-       AC_DEFINE([HAVE_ZLIB], [1], [Define if you have zlib])
+                   [if test "x$with_zlib" != xcheck; then
+                       AC_MSG_ERROR([No suitable version of zlib found])
+                    fi; with_zlib=no])

 ])
 
 AC_MSG_CHECKING([whether $LD knows -Wl,--no-undefined])
 ])
 
 AC_MSG_CHECKING([whether $LD knows -Wl,--no-undefined])


@@ -297,7 +298,7 @@ Iptables Configuration:
   nftables support:                    ${enable_nftables}
   connlabel support:                   ${enable_connlabel}
   profiling support:                   ${enable_profiling}
   nftables support:                    ${enable_nftables}
   connlabel support:                   ${enable_connlabel}
   profiling support:                   ${enable_profiling}

-  compress rule compat expressions:    ${with_zlib}
+  compress rule compat expressions:    ${with_zlib/check/yes}

 
 Build parameters:
   Put plugins into executable (static):        ${enable_static}
 
 Build parameters:
   Put plugins into executable (static):        ${enable_static}

diff --git a/iptables/nft-compat.c b/iptables/nft-compat.c
index 632733ca0cadee27476c16e20dab2bfee18c8663..dfcc05b89856a8f42da6b91a2de57e1077d0536c 100644 (file)
--- a/iptables/nft-compat.c
+++ b/iptables/nft-compat.c
@@ -16,7 +16,7 @@
 #include <string.h>
 #include <xtables.h>
 
 #include <string.h>
 #include <xtables.h>
 

-#ifdef HAVE_ZLIB
+#ifdef HAVE_LIBZ

 #include <zlib.h>
 #endif
 
 #include <zlib.h>
 #endif
 


@@ -64,7 +64,7 @@ pack_rule_udata_ext_data(struct rule_udata_ext *rue,
                         const void *data, size_t datalen)
 {
        size_t datalen_out = datalen;
                         const void *data, size_t datalen)
 {
        size_t datalen_out = datalen;

-#ifdef HAVE_ZLIB
+#ifdef HAVE_LIBZ

        compress(rue->data, &datalen_out, data, datalen);
        rue->flags |= RUE_FLAG_ZIP;
 #else
        compress(rue->data, &datalen_out, data, datalen);
        rue->flags |= RUE_FLAG_ZIP;
 #else


@@ -144,7 +144,7 @@ __nftnl_expr_from_udata_ext(struct rule_udata_ext *rue, const void *data)
 static struct nftnl_expr *
 nftnl_expr_from_zipped_udata_ext(struct rule_udata_ext *rue)
 {
 static struct nftnl_expr *
 nftnl_expr_from_zipped_udata_ext(struct rule_udata_ext *rue)
 {

-#ifdef HAVE_ZLIB
+#ifdef HAVE_LIBZ

        uLongf datalen = rue->orig_size;
        struct nftnl_expr *expr = NULL;
        void *data;
        uLongf datalen = rue->orig_size;
        struct nftnl_expr *expr = NULL;
        void *data;