Introduce various API changes throughout the library stack

1) make libnfnetlink dynamically allocate it's handles
2) apply that change throughout libnetfilter_*
3) add {nfq,nflog,nfct}_open_nfnl() functions that open
   the specific subsystem on top of an existing nfnl_handle,
   which is required for upcoming libnetfilter_conntrack_helper

The changes break ABI and API compatibility of libnfnetlink, but don't
break ABI or API compatibility of the libnetfilter_* libraries.

diff --git a/configure.in b/configure.in
index d22cf6d..a30ccc8 100644 (file)
--- a/configure.in
+++ b/configure.in
@@ -3,7 +3,7 @@ dnl Process this file with autoconf to create configure.
 AC_INIT
 AC_CANONICAL_SYSTEM
 
-AM_INIT_AUTOMAKE(libnetfilter_queue, 0.0.11)
+AM_INIT_AUTOMAKE(libnetfilter_queue, 0.0.12)
 
 AC_PROG_CC
 AC_EXEEXT

diff --git a/include/libnetfilter_queue/libnetfilter_queue.h b/include/libnetfilter_queue/libnetfilter_queue.h
index d017e40..17facaf 100644 (file)
--- a/include/libnetfilter_queue/libnetfilter_queue.h
+++ b/include/libnetfilter_queue/libnetfilter_queue.h
@@ -32,6 +32,7 @@ typedef int  nfq_callback(struct nfq_q_handle *gh, struct nfgenmsg *nfmsg,
 
 
 extern struct nfq_handle *nfq_open(void);
+extern struct nfq_handle *nfq_open_nfnl(struct nfnl_handle *nfnlh);
 extern int nfq_close(struct nfq_handle *h);
 
 extern int nfq_bind_pf(struct nfq_handle *h, u_int16_t pf);

diff --git a/src/Makefile.am b/src/Makefile.am
index 9045c91..37cbfab 100644 (file)
--- a/src/Makefile.am
+++ b/src/Makefile.am
@@ -1,6 +1,6 @@
 # This is _NOT_ the library release version, it's an API version.
 # Please read Chapter 6 "Library interface versions" of the libtool documentation before making any modification
-LIBVERSION=1:0:0
+LIBVERSION=2:0:1
 
 INCLUDES = $(all_includes) -I$(top_srcdir)/include -I${KERNELDIR}
 AM_CFLAGS=-fPIC -Wall

diff --git a/src/libnetfilter_queue.c b/src/libnetfilter_queue.c
index 7fa0643..3c7b48f 100644 (file)
--- a/src/libnetfilter_queue.c
+++ b/src/libnetfilter_queue.c
@@ -31,7 +31,8 @@
 
 struct nfq_handle
 {
-       struct nfnl_handle nfnlh;
+       struct nfnl_handle *nfnlh;
+       struct nfnl_subsys_handle *nfnlssh;
        struct nfq_q_handle *qh_list;
 };
 
@@ -98,14 +99,14 @@ __build_send_cfg_msg(struct nfq_handle *h, u_int8_t command,
        struct nfqnl_msg_config_cmd cmd;
        struct nlmsghdr *nmh = (struct nlmsghdr *) buf;
 
-       nfnl_fill_hdr(&h->nfnlh, nmh, 0, AF_UNSPEC, queuenum,
+       nfnl_fill_hdr(h->nfnlssh, nmh, 0, AF_UNSPEC, queuenum,
                        NFQNL_MSG_CONFIG, NLM_F_REQUEST|NLM_F_ACK);
 
        cmd.command = command;
        cmd.pf = htons(pf);
        nfnl_addattr_l(nmh, sizeof(buf), NFQA_CFG_CMD, &cmd, sizeof(cmd));
 
-       return nfnl_talk(&h->nfnlh, nmh, 0, 0, NULL, NULL, NULL);
+       return nfnl_talk(h->nfnlh, nmh, 0, 0, NULL, NULL, NULL);
 }
 
 static int __nfq_rcv_pkt(struct nlmsghdr *nlh, struct nfattr *nfa[],
@@ -137,7 +138,7 @@ static struct nfnl_callback pkt_cb = {
 
 struct nfnl_handle *nfq_nfnlh(struct nfq_handle *h)
 {
-       return &h->nfnlh;
+       return h->nfnlh;
 }
 
 int nfq_fd(struct nfq_handle *h)
@@ -147,6 +148,21 @@ int nfq_fd(struct nfq_handle *h)
 
 struct nfq_handle *nfq_open(void)
 {
+       struct nfnl_handle *nfnlh = nfnl_open();
+       struct nfq_handle *qh;
+
+       if (!nfnlh)
+               return NULL;
+
+       qh = nfq_open_nfnl(nfnlh);
+       if (!qh)
+               nfnl_close(nfnlh);
+
+       return qh;
+}
+
+struct nfq_handle *nfq_open_nfnl(struct nfnl_handle *nfnlh)
+{
        struct nfq_handle *h;
        int err;
 
@@ -156,14 +172,15 @@ struct nfq_handle *nfq_open(void)
 
        memset(h, 0, sizeof(*h));
 
-       err = nfnl_open(&h->nfnlh, NFNL_SUBSYS_QUEUE, NFQNL_MSG_MAX, 0);
-       if (err < 0) {
-               nfq_errno = err;
+       h->nfnlssh = nfnl_subsys_open(h->nfnlh, NFNL_SUBSYS_QUEUE, 
+                                     NFQNL_MSG_MAX, 0);
+       if (!h->nfnlssh) {
+               /* FIXME: nfq_errno */
                goto out_free;
        }
 
        pkt_cb.data = h;
-       err = nfnl_callback_register(&h->nfnlh, NFQNL_MSG_PACKET, &pkt_cb);
+       err = nfnl_callback_register(h->nfnlssh, NFQNL_MSG_PACKET, &pkt_cb);
        if (err < 0) {
                nfq_errno = err;
                goto out_close;
@@ -171,7 +188,7 @@ struct nfq_handle *nfq_open(void)
 
        return h;
 out_close:
-       nfnl_close(&h->nfnlh);
+       nfnl_subsys_close(h->nfnlssh);
 out_free:
        free(h);
        return NULL;
@@ -179,7 +196,10 @@ out_free:
 
 int nfq_close(struct nfq_handle *h)
 {
-       int ret = nfnl_close(&h->nfnlh);
+       int ret;
+       
+       nfnl_subsys_close(h->nfnlssh);
+       ret = nfnl_close(h->nfnlh);
        if (ret == 0)
                free(h);
        return ret;
@@ -242,7 +262,7 @@ int nfq_destroy_queue(struct nfq_q_handle *qh)
 
 int nfq_handle_packet(struct nfq_handle *h, char *buf, int len)
 {
-       return nfnl_handle_packet(&h->nfnlh, buf, len);
+       return nfnl_handle_packet(h->nfnlh, buf, len);
 }
 
 int nfq_set_mode(struct nfq_q_handle *qh,
@@ -253,7 +273,7 @@ int nfq_set_mode(struct nfq_q_handle *qh,
        struct nfqnl_msg_config_params params;
        struct nlmsghdr *nmh = (struct nlmsghdr *) buf;
 
-       nfnl_fill_hdr(&qh->h->nfnlh, nmh, 0, AF_UNSPEC, qh->id,
+       nfnl_fill_hdr(qh->h->nfnlssh, nmh, 0, AF_UNSPEC, qh->id,
                        NFQNL_MSG_CONFIG, NLM_F_REQUEST|NLM_F_ACK);
 
        params.copy_range = htonl(range);
@@ -261,7 +281,7 @@ int nfq_set_mode(struct nfq_q_handle *qh,
        nfnl_addattr_l(nmh, sizeof(buf), NFQA_CFG_PARAMS, &params,
                        sizeof(params));
 
-       return nfnl_talk(&qh->h->nfnlh, nmh, 0, 0, NULL, NULL, NULL);
+       return nfnl_talk(qh->h->nfnlh, nmh, 0, 0, NULL, NULL, NULL);
 }
 
 static int __set_verdict(struct nfq_q_handle *qh, u_int32_t id,
@@ -282,7 +302,7 @@ static int __set_verdict(struct nfq_q_handle *qh, u_int32_t id,
        vh.verdict = htonl(verdict);
        vh.id = htonl(id);
 
-       nfnl_fill_hdr(&qh->h->nfnlh, nmh, 0, AF_UNSPEC, qh->id,
+       nfnl_fill_hdr(qh->h->nfnlssh, nmh, 0, AF_UNSPEC, qh->id,
                        NFQNL_MSG_VERDICT, NLM_F_REQUEST);
 
        /* add verdict header */
@@ -303,7 +323,7 @@ static int __set_verdict(struct nfq_q_handle *qh, u_int32_t id,
                nvecs += 2;
        }
 
-       return nfnl_sendiov(&qh->h->nfnlh, iov, nvecs, 0);
+       return nfnl_sendiov(qh->h->nfnlh, iov, nvecs, 0);
 }
 
 int nfq_set_verdict(struct nfq_q_handle *qh, u_int32_t id,