cli: Use nft_run_cmd_from_buffer()

Make CLI code adhere to intended libnftables API by not open coding what
nft_run_cmd_from_buffer() does. This way, nft_run() has no users outside
of src/libnftables.c anymore and therefore can become static.

Since nft_run_cmd_from_buffer() takes care of scanner initialization and
libmnl socket passed to cli_init() is present as nft_ctx field as well,
signature of cli_init() can be reduced to just take nft_ctx pointer as
single argument.

Note that this change introduces two (possibly unwanted) side-effects:

* Input descriptor passed to scanner_push_buffer() is changed from the
  CLI-specific one to the one used by nft_run_cmd_from_buffer().

In practice though, this doesn't make a difference: input descriptor
types INDESC_CLI and INDESC_BUFFER are treated equally by erec_print().
Also, scanner_push_buffer() NULLs input descriptor name, so that is not
used at all in latter code.

* Error messages are printed to stderr instead of cli_nft->output.

This could be fixed by introducing an 'error_output' field in nft_ctx
for nft_run_cmd_from_buffer() to use when printing error messages.

Signed-off-by: Phil Sutter <phil@nwl.cc>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>

diff --git a/include/cli.h b/include/cli.h
index 3ae1c459bce2d65bc91cd02f74837e5df09af0d0..3780e0917969dd37f2b3747e9261e216281e5e8f 100644 (file)
--- a/include/cli.h
+++ b/include/cli.h
@@ -5,11 +5,9 @@
 
 struct parser_state;
 #ifdef HAVE_LIBREADLINE
-extern int cli_init(struct nft_ctx *nft, struct mnl_socket *nf_sock,
-                   struct parser_state *state);
+extern int cli_init(struct nft_ctx *nft);
 #else
-static inline int cli_init(struct nft_ctx *nft, struct mnl_socket *nf_sock,
-                          struct parser_state *state)
+static inline int cli_init(struct nft_ctx *nft)
 {
         return -1;
 }

diff --git a/include/nftables.h b/include/nftables.h
index eb39dbd1487dde4a3fb6a58078a51b0d973759a7..98d619a3ab8d282b037a407bb30bfa8c7c25ec16 100644 (file)
--- a/include/nftables.h
+++ b/include/nftables.h
@@ -103,13 +103,6 @@ struct input_descriptor {
        off_t                           line_offset;
 };
 
-struct parser_state;
-struct mnl_socket;
-
-int nft_run(struct nft_ctx *nft, struct mnl_socket *nf_sock,
-           void *scanner, struct parser_state *state,
-           struct list_head *msgs);
-
 void ct_label_table_init(void);
 void mark_table_init(void);
 void gmp_init(void);

diff --git a/src/cli.c b/src/cli.c
index 3174cfed05a7d3fa2c59f6cd678522bac6871743..37351f2f8b04f4acab8b0573682f1c2004fd1821 100644 (file)
--- a/src/cli.c
+++ b/src/cli.c
@@ -35,15 +35,7 @@
 
 #define CMDLINE_HISTFILE       ".nft.history"
 
-static const struct input_descriptor indesc_cli = {
-       .type   = INDESC_CLI,
-       .name   = "<cli>",
-};
-
-static struct parser_state *state;
 static struct nft_ctx *cli_nft;
-static struct mnl_socket *cli_nf_sock;
-static void *scanner;
 static char histfile[PATH_MAX];
 static char *multiline;
 static bool eof;
@@ -134,11 +126,7 @@ static void cli_complete(char *line)
        xfree(line);
        line = s;
 
-       parser_init(cli_nf_sock, &cli_nft->cache, state, &msgs,
-                   cli_nft->debug_mask, &cli_nft->output);
-       scanner_push_buffer(scanner, &indesc_cli, line);
-       nft_run(cli_nft, cli_nf_sock, scanner, state, &msgs);
-       erec_print_list(&cli_nft->output, &msgs, cli_nft->debug_mask);
+       nft_run_cmd_from_buffer(cli_nft, line, len + 2);
        xfree(line);
        nft_ctx_flush_cache(cli_nft);
 }
@@ -148,12 +136,10 @@ static char **cli_completion(const char *text, int start, int end)
        return NULL;
 }
 
-int cli_init(struct nft_ctx *nft, struct mnl_socket *nf_sock,
-            struct parser_state *_state)
+int cli_init(struct nft_ctx *nft)
 {
        const char *home;
 
-       cli_nf_sock = nf_sock;
        cli_nft = nft;
        rl_readline_name = "nft";
        rl_instream  = stdin;
@@ -170,9 +156,6 @@ int cli_init(struct nft_ctx *nft, struct mnl_socket *nf_sock,
        read_history(histfile);
        history_set_pos(history_length);
 
-       state   = _state;
-       scanner = scanner_init(state);
-
        while (!eof)
                rl_callback_read_char();
        return 0;

diff --git a/src/libnftables.c b/src/libnftables.c
index d34e52759e947e149ad3e5ccfc9a63aa75dd4419..51a87dc34bc601c8b2550428fe50bc9e4f8d4456 100644 (file)
--- a/src/libnftables.c
+++ b/src/libnftables.c
@@ -75,9 +75,9 @@ out:
        return ret;
 }
 
-int nft_run(struct nft_ctx *nft, struct mnl_socket *nf_sock,
-           void *scanner, struct parser_state *state,
-           struct list_head *msgs)
+static int nft_run(struct nft_ctx *nft, struct mnl_socket *nf_sock,
+                  void *scanner, struct parser_state *state,
+                  struct list_head *msgs)
 {
        struct cmd *cmd, *next;
        int ret;

diff --git a/src/main.c b/src/main.c
index b9938c9cd86e6dd878013e02a8433ffbdbe30d68..a28564172e9a0263e166b79e6454a92699e74adc 100644 (file)
--- a/src/main.c
+++ b/src/main.c
@@ -20,7 +20,7 @@
 
 #include <nftables/nftables.h>
 #include <utils.h>
-#include <parser.h>
+#include <nftables.h>
 #include <cli.h>
 
 static struct nft_ctx *nft;
@@ -169,7 +169,6 @@ int main(int argc, char * const *argv)
        char *buf = NULL, *filename = NULL;
        unsigned int len;
        bool interactive = false;
-       struct parser_state state;
        int i, val, rc;
 
        nft = nft_ctx_new(NFT_CTX_DEFAULT);
@@ -273,7 +272,7 @@ int main(int argc, char * const *argv)
        } else if (filename != NULL) {
                rc = nft_run_cmd_from_filename(nft, filename);
        } else if (interactive) {
-               if (cli_init(nft, nft->nf_sock, &state) < 0) {
+               if (cli_init(nft) < 0) {
                        fprintf(stderr, "%s: interactive CLI not supported in this build\n",
                                argv[0]);
                        exit(NFT_EXIT_FAILURE);