V3:
 - moved MAX_COMMENT_LENGTH #define into nwfilter_conf.h

V2:
  - introducing a field 'maxstrlen' to control the length of accepted string
  - removed function validating comment string assuming the XML parser
    already sinity checked the string

The patch below extends the XML parser and generator so that every protocol
now can have a comment node. Comments are limited to 256 characters.

Signed-off-by: Stefan Berger <stef...@us.ibm.com>

---
 src/conf/nwfilter_conf.c |   76 +++++++++++++++++++++++++++++++++++++++++++++++
 src/conf/nwfilter_conf.h |   12 ++++++-
 2 files changed, 87 insertions(+), 1 deletion(-)

Index: libvirt-acl/src/conf/nwfilter_conf.c
===================================================================
--- libvirt-acl.orig/src/conf/nwfilter_conf.c
+++ libvirt-acl/src/conf/nwfilter_conf.c
@@ -246,7 +246,11 @@ virNWFilterRuleDefFree(virNWFilterRuleDe
     for (i = 0; i < def->nvars; i++)
         VIR_FREE(def->vars[i]);
 
+    for (i = 0; i < def->nstrings; i++)
+        VIR_FREE(def->strings[i]);
+
     VIR_FREE(def->vars);
+    VIR_FREE(def->strings);
 
     VIR_FREE(def);
 }
@@ -350,6 +354,29 @@ virNWFilterRuleDefAddVar(virNWFilterRule
 }
 
 
+static char *
+virNWFilterRuleDefAddString(virNWFilterRuleDefPtr nwf,
+                            const char *string,
+                            size_t maxstrlen)
+{
+    if (VIR_REALLOC_N(nwf->strings, nwf->nstrings+1) < 0) {
+        virReportOOMError();
+        return NULL;
+    }
+
+    nwf->strings[nwf->nstrings] = strndup(string, maxstrlen);
+
+    if (!nwf->strings[nwf->nstrings]) {
+        virReportOOMError();
+        return NULL;
+    }
+
+    nwf->nstrings++;
+
+    return nwf->strings[nwf->nstrings-1];
+}
+
+
 void
 virNWFilterPoolObjRemove(virNWFilterPoolObjListPtr pools,
                          virNWFilterPoolObjPtr pool)
@@ -399,6 +426,7 @@ struct _virXMLAttr2Struct
     int dataIdx;               // offset of the hasXYZ boolean
     valueValidator validator;   // beyond-standard checkers
     valueFormatter formatter;   // beyond-standard formatter
+    size_t maxstrlen;
 };
 
 
@@ -655,6 +683,18 @@ dscpValidator(enum attrDatatype datatype
     }
 
 
+#define COMMENT_PROP(STRUCT) \
+    {\
+        .name = "comment",\
+        .datatype = DATATYPE_STRINGCOPY,\
+        .dataIdx = offsetof(virNWFilterRuleDef, p.STRUCT.dataComment),\
+        .maxstrlen = MAX_COMMENT_LENGTH,\
+    }
+
+#define COMMENT_PROP_IPHDR(STRUCT) \
+    COMMENT_PROP(STRUCT.ipHdr)
+
+
 static const virXMLAttr2Struct macAttributes[] = {
     COMMON_MAC_PROPS(ethHdrFilter),
     {
@@ -664,6 +704,7 @@ static const virXMLAttr2Struct macAttrib
         .validator= checkMacProtocolID,
         .formatter= macProtocolIDFormatter,
     },
+    COMMENT_PROP(ethHdrFilter),
     {
         .name = NULL,
     }
@@ -702,6 +743,7 @@ static const virXMLAttr2Struct arpAttrib
         .datatype = DATATYPE_IPADDR,
         .dataIdx = offsetof(virNWFilterRuleDef, 
p.arpHdrFilter.dataARPDstIPAddr),
     },
+    COMMENT_PROP(arpHdrFilter),
     {
         .name = NULL,
     }
@@ -762,6 +804,7 @@ static const virXMLAttr2Struct ipAttribu
         .dataIdx = offsetof(virNWFilterRuleDef, p.ipHdrFilter.ipHdr.dataDSCP),
         .validator = dscpValidator,
     },
+    COMMENT_PROP_IPHDR(ipHdrFilter),
     {
         .name = NULL,
     }
@@ -817,6 +860,7 @@ static const virXMLAttr2Struct ipv6Attri
         .datatype = DATATYPE_UINT16 | DATATYPE_UINT16_HEX,
         .dataIdx = offsetof(virNWFilterRuleDef, 
p.ipv6HdrFilter.portData.dataDstPortEnd),
     },
+    COMMENT_PROP_IPHDR(ipv6HdrFilter),
     {
         .name = NULL,
     }
@@ -914,6 +958,7 @@ static const virXMLAttr2Struct tcpAttrib
         .datatype = DATATYPE_UINT8 | DATATYPE_UINT8_HEX,
         .dataIdx = offsetof(virNWFilterRuleDef, p.tcpHdrFilter.dataTCPOption),
     },
+    COMMENT_PROP_IPHDR(tcpHdrFilter),
     {
         .name = NULL,
     }
@@ -922,6 +967,7 @@ static const virXMLAttr2Struct tcpAttrib
 static const virXMLAttr2Struct udpAttributes[] = {
     COMMON_IP_PROPS(udpHdrFilter, DATATYPE_IPADDR, DATATYPE_IPMASK),
     COMMON_PORT_PROPS(udpHdrFilter),
+    COMMENT_PROP_IPHDR(udpHdrFilter),
     {
         .name = NULL,
     }
@@ -929,6 +975,7 @@ static const virXMLAttr2Struct udpAttrib
 
 static const virXMLAttr2Struct udpliteAttributes[] = {
     COMMON_IP_PROPS(udpliteHdrFilter, DATATYPE_IPADDR, DATATYPE_IPMASK),
+    COMMENT_PROP_IPHDR(udpliteHdrFilter),
     {
         .name = NULL,
     }
@@ -936,6 +983,7 @@ static const virXMLAttr2Struct udpliteAt
 
 static const virXMLAttr2Struct espAttributes[] = {
     COMMON_IP_PROPS(espHdrFilter, DATATYPE_IPADDR, DATATYPE_IPMASK),
+    COMMENT_PROP_IPHDR(espHdrFilter),
     {
         .name = NULL,
     }
@@ -943,6 +991,7 @@ static const virXMLAttr2Struct espAttrib
 
 static const virXMLAttr2Struct ahAttributes[] = {
     COMMON_IP_PROPS(ahHdrFilter, DATATYPE_IPADDR, DATATYPE_IPMASK),
+    COMMENT_PROP_IPHDR(ahHdrFilter),
     {
         .name = NULL,
     }
@@ -951,6 +1000,7 @@ static const virXMLAttr2Struct ahAttribu
 static const virXMLAttr2Struct sctpAttributes[] = {
     COMMON_IP_PROPS(sctpHdrFilter, DATATYPE_IPADDR, DATATYPE_IPMASK),
     COMMON_PORT_PROPS(sctpHdrFilter),
+    COMMENT_PROP_IPHDR(sctpHdrFilter),
     {
         .name = NULL,
     }
@@ -969,6 +1019,7 @@ static const virXMLAttr2Struct icmpAttri
         .datatype = DATATYPE_UINT8 | DATATYPE_UINT8_HEX,
         .dataIdx = offsetof(virNWFilterRuleDef, p.icmpHdrFilter.dataICMPCode),
     },
+    COMMENT_PROP_IPHDR(icmpHdrFilter),
     {
         .name = NULL,
     }
@@ -977,6 +1028,7 @@ static const virXMLAttr2Struct icmpAttri
 
 static const virXMLAttr2Struct allAttributes[] = {
     COMMON_IP_PROPS(allHdrFilter, DATATYPE_IPADDR, DATATYPE_IPMASK),
+    COMMENT_PROP_IPHDR(allHdrFilter),
     {
         .name = NULL,
     }
@@ -985,6 +1037,7 @@ static const virXMLAttr2Struct allAttrib
 
 static const virXMLAttr2Struct igmpAttributes[] = {
     COMMON_IP_PROPS(igmpHdrFilter, DATATYPE_IPADDR, DATATYPE_IPMASK),
+    COMMENT_PROP_IPHDR(igmpHdrFilter),
     {
         .name = NULL,
     }
@@ -999,6 +1052,7 @@ static const virXMLAttr2Struct tcpipv6At
         .datatype = DATATYPE_UINT8 | DATATYPE_UINT8_HEX,
         .dataIdx = offsetof(virNWFilterRuleDef, p.tcpHdrFilter.dataTCPOption),
     },
+    COMMENT_PROP_IPHDR(tcpHdrFilter),
     {
         .name = NULL,
     }
@@ -1007,6 +1061,7 @@ static const virXMLAttr2Struct tcpipv6At
 static const virXMLAttr2Struct udpipv6Attributes[] = {
     COMMON_IP_PROPS(udpHdrFilter, DATATYPE_IPV6ADDR, DATATYPE_IPV6MASK),
     COMMON_PORT_PROPS(udpHdrFilter),
+    COMMENT_PROP_IPHDR(udpHdrFilter),
     {
         .name = NULL,
     }
@@ -1015,6 +1070,7 @@ static const virXMLAttr2Struct udpipv6At
 
 static const virXMLAttr2Struct udpliteipv6Attributes[] = {
     COMMON_IP_PROPS(udpliteHdrFilter, DATATYPE_IPV6ADDR, DATATYPE_IPV6MASK),
+    COMMENT_PROP_IPHDR(udpliteHdrFilter),
     {
         .name = NULL,
     }
@@ -1023,6 +1079,7 @@ static const virXMLAttr2Struct udpliteip
 
 static const virXMLAttr2Struct espipv6Attributes[] = {
     COMMON_IP_PROPS(espHdrFilter, DATATYPE_IPV6ADDR, DATATYPE_IPV6MASK),
+    COMMENT_PROP_IPHDR(espHdrFilter),
     {
         .name = NULL,
     }
@@ -1031,6 +1088,7 @@ static const virXMLAttr2Struct espipv6At
 
 static const virXMLAttr2Struct ahipv6Attributes[] = {
     COMMON_IP_PROPS(ahHdrFilter, DATATYPE_IPV6ADDR, DATATYPE_IPV6MASK),
+    COMMENT_PROP_IPHDR(ahHdrFilter),
     {
         .name = NULL,
     }
@@ -1040,6 +1098,7 @@ static const virXMLAttr2Struct ahipv6Att
 static const virXMLAttr2Struct sctpipv6Attributes[] = {
     COMMON_IP_PROPS(sctpHdrFilter, DATATYPE_IPV6ADDR, DATATYPE_IPV6MASK),
     COMMON_PORT_PROPS(sctpHdrFilter),
+    COMMENT_PROP_IPHDR(sctpHdrFilter),
     {
         .name = NULL,
     }
@@ -1058,6 +1117,7 @@ static const virXMLAttr2Struct icmpv6Att
         .datatype = DATATYPE_UINT8 | DATATYPE_UINT8_HEX,
         .dataIdx = offsetof(virNWFilterRuleDef, p.icmpHdrFilter.dataICMPCode),
     },
+    COMMENT_PROP_IPHDR(icmpHdrFilter),
     {
         .name = NULL,
     }
@@ -1066,6 +1126,7 @@ static const virXMLAttr2Struct icmpv6Att
 
 static const virXMLAttr2Struct allipv6Attributes[] = {
     COMMON_IP_PROPS(allHdrFilter, DATATYPE_IPV6ADDR, DATATYPE_IPV6MASK),
+    COMMENT_PROP_IPHDR(allHdrFilter),
     {
         .name = NULL,
     }
@@ -1332,6 +1393,17 @@ virNWFilterRuleDetailsParse(xmlNodePtr n
                             found = 1;
                         break;
 
+                        case DATATYPE_STRINGCOPY:
+                            if (!(item->u.string =
+                                  virNWFilterRuleDefAddString(nwf, prop,
+                                                       att[idx].maxstrlen))) {
+                                rc = -1;
+                                break;
+                            }
+                            data.c = item->u.string;
+                            found = 1;
+                        break;
+
                         case DATATYPE_LAST:
                         default:
                         break;
@@ -2510,6 +2582,10 @@ virNWFilterRuleDefDetailsFormat(virBuffe
                                       (j < 5) ? ":" : "");
                break;
 
+               case DATATYPE_STRINGCOPY:
+                   virBufferEscapeString(buf, "%s", item->u.string);
+               break;
+
                case DATATYPE_STRING:
                default:
                    virBufferVSprintf(buf,
Index: libvirt-acl/src/conf/nwfilter_conf.h
===================================================================
--- libvirt-acl.orig/src/conf/nwfilter_conf.h
+++ libvirt-acl/src/conf/nwfilter_conf.h
@@ -73,6 +73,8 @@ enum virNWFilterEntryItemFlags {
 };
 
 
+# define MAX_COMMENT_LENGTH  256
+
 # define HAS_ENTRY_ITEM(data) \
   (((data)->flags) & NWFILTER_ENTRY_ITEM_FLAG_EXISTS)
 
@@ -92,8 +94,9 @@ enum attrDatatype {
     DATATYPE_STRING           = (1 << 8),
     DATATYPE_IPV6ADDR         = (1 << 9),
     DATATYPE_IPV6MASK         = (1 << 10),
+    DATATYPE_STRINGCOPY       = (1 << 11),
 
-    DATATYPE_LAST             = (1 << 11),
+    DATATYPE_LAST             = (1 << 12),
 };
 
 
@@ -123,6 +126,7 @@ struct _nwItemDesc {
         uint8_t      u8;
         uint16_t     u16;
         char         protocolID[10];
+        char         *string;
     } u;
 };
 
@@ -142,6 +146,7 @@ typedef ethHdrFilterDef *ethHdrFilterDef
 struct _ethHdrFilterDef {
     ethHdrDataDef ethHdr;
     nwItemDesc dataProtocolID;
+    nwItemDesc dataComment;
 };
 
 
@@ -156,6 +161,7 @@ struct _arpHdrFilterDef {
     nwItemDesc dataARPSrcIPAddr;
     nwItemDesc dataARPDstMACAddr;
     nwItemDesc dataARPDstIPAddr;
+    nwItemDesc dataComment;
 };
 
 
@@ -174,6 +180,7 @@ struct _ipHdrDataDef {
     nwItemDesc dataDstIPTo;
     nwItemDesc dataDSCP;
     nwItemDesc dataConnlimitAbove;
+    nwItemDesc dataComment;
 };
 
 
@@ -376,6 +383,9 @@ struct _virNWFilterRuleDef {
 
     int nvars;
     char **vars;
+
+    int nstrings;
+    char **strings;
 };
 
 

--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list

Reply via email to