If nl_socket_alloc() failes in nl_cache_mngr_alloc() we would currently
return 0 due to the previous assignment of the err variable, even though
the failed allocation is an error condition. Fix this by setting err to
-NLE_NOMEM if nl_socket_alloc() fails.
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
Signed-off-by: Thomas Haller <thaller@redhat.com>
This patch adds support for ip6 tunnel that works with
the ip6_tunnel kernel module.
Signed-off-by: Susant Sahani <susant@redhat.com>
Signed-off-by: Thomas Haller <thaller@redhat.com>
nfnlmsg_*_parse() does not assign *result on error. So this will
lead to freeing a dangling pointer.
Error found by coverity.
Acked-by: Thomas Graf <tgraf@suug.ch>
Signed-off-by: Thomas Haller <thaller@redhat.com>
Fixed bug that left a dangling pointer after clearing the ifalias
property. This happened when calling 'rtnl_link_get_ifalias(link, NULL)'
on a link that has already an ifalias set.
This can cause a crash and/or a double-free.
Error found by coverity.
Acked-by: Thomas Graf <tgraf@suug.ch>
Signed-off-by: Thomas Haller <thaller@redhat.com>
This check is not necessary, and also they cause coverity to
complain.
Acked-by: Thomas Graf <tgraf@suug.ch>
Signed-off-by: Thomas Haller <thaller@redhat.com>
Previously coverity was complaining about a use-after-free.
This was not a real problem, because the printf statement
does not dereferenciate the pointer. Change it to avoid
the warning.
Acked-by: Thomas Graf <tgraf@suug.ch>
Signed-off-by: Thomas Haller <thaller@redhat.com>
This fixes the following coverity warning:
lib/route/link/vlan.c:148:23:warning – Result of 'calloc' is converted to a pointer of type 'struct vlan_map', which is incompatible with sizeof operand type 'struct ifla_vlan_qos_mapping'
This was not a real problem, because the types are effectively
the same.
Acked-by: Thomas Graf <tgraf@suug.ch>
Signed-off-by: Thomas Haller <thaller@redhat.com>
It is proved that actions are not always put from 0,
they could be discontinuous.
http://lists.infradead.org/pipermail/libnl/2014-April/001374.html
Signed-off-by: Cong Wang <xiyou.wangcong@gmail.com>
Acked-by: Thomas Graf <tgraf@suug.ch>
Signed-off-by: Thomas Haller <thaller@redhat.com>
In nlmsg_convert, if __nlmsg_alloc fails we can return NULL directly
instead of unnecessarily calling nlmsg_free on the NULL pointer.
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
Acked-by: Thomas Graf <tgraf@suug.ch>
Signed-off-by: Thomas Haller <thaller@redhat.com>
The check for !obj indicates that obj might be NULL, thus move the call
to obj_ops(obj) - which dereferences obj - after the check.
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
Acked-by: Thomas Graf <tgraf@suug.ch>
Signed-off-by: Thomas Haller <thaller@redhat.com>
Currently, setup.py is created by configure in builddir while source
files (.py and .i) reside in srcdir. Adjust paths in setup.py
appropriately to make it possible to perform an out-of-source build.
This is far from perfect but it mostly works. Python files are copied
from srcdir, and swig *.i files are read from there. However, swig
output files are created in srcdir rather than builddir, and distutils
copies '..' literally when constructing '.o' paths. As a result,
'../python/foo.i' would end up being compiled to
'build/temp*/../python/foo.i'.
The alternative would be to copy '*.i' files to builddir before
proceeding with the build, either in Makefile or through creating
additional distutils command.
When out-of-source build with '--disable-dependency-tracking' is
performed, the 'lib/route' and 'lib/route/cls' directories required for
flex/yacc output do not exist. As a result, the flex/yacc calls fail
with ENOENT.
Create the necessary directories explicitly via $(MKDIR_P)
in the flex/yacc rules to guarantee proper out-of-source and in-source
build.
This patch adds support for IFLA_VLAN_PROTOCOL
Signed-off-by: Susant Sahani <susant@redhat.com>
Acked-by: Thomas Graf <tgraf@suug.ch>
[thaller@redhat.com: minor fixes (whitespace, documentation, and a typo)]
Signed-off-by: Thomas Haller <thaller@redhat.com>
This should fix the following compile error:
route/link/ipip.c:52: error: ‘IFLA_IPTUN_MAX’ undeclared here (not in a function)
route/link/ipip.c:53: error: ‘IFLA_IPTUN_LINK’ undeclared here (not in a function)
route/link/ipip.c:53: error: array index in initializer not of integer type
route/link/ipip.c:53: error: (near initialization for ‘ipip_policy’)
route/link/ipip.c:53: error: field name not in record or union initializer
route/link/ipip.c:53: error: (near initialization for ‘ipip_policy’)
...
Reported-by: Vinson Lee <vlee@twitter.com>
Cc: Susant Sahani <susant@redhat.com>
Signed-off-by: Cong Wang <xiyou.wangcong@gmail.com>
Acked-by: Thomas Graf <tgraf@suug.ch>
Signed-off-by: Thomas Haller <thaller@redhat.com>
Instead of always trying the same order of ports when
looking for an unused port, randomize the order (naively).
As libnl-1 uses the same function, it is likely that two applications
that are using both libraries generate the same ports. By chosing a
different order how to select the local port, the chances are smaller
for this to happen (however, it cannot avoid it entirely. The user
and/or libnl3 still has to cope with the situation, that somebody
else might already use the port).
Signed-off-by: Thomas Haller <thaller@redhat.com>
It can easily happen that the generated local netlink port is alrady in
use. In that case bind will fail with ADDRINUSE.
Users of libnl3 could workaround this, by managing the local ports
themselves, but sometimes these users are libraries too and they also
don't know which ports might be used by other components.
This patch changes that nl_socket_alloc() no longer initilizes the local
port id immediately. Instead it will be initialized when the user calls
nl_socket_get_local_port() the first time and thereby shows interest in
the value.
If bind() fails with ADDRINUSE, check if the user ever cared about the
local port, i.e. whether the local port is still unset. If it is still
unset, assume that libnl should choose a suitable port and retry until
an unused port can be found.
Signed-off-by: Thomas Haller <thaller@redhat.com>
By failing inside of nl_socket_alloc(), the user can not even work around
when running out of local ports. This patch changes that if there are no more
local ports, we set the port to UINT32_MAX. This is a consistent behavior
to calling nl_socket_set_local_port(sk, 0).
In general, since nl_socket_set_local_port() does not restict the generated
ports in any way we cannot assume to have a valid port. So the check in
the constructor was harmful and users who ever encountered it (because they
created 1024 libnl3 sockets) could not even work around it.
Acked-by: Thomas Graf <tgraf@suug.ch>
Signed-off-by: Thomas Haller <thaller@redhat.com>
This was a bug on architectures with native int type less then 32 bit.
Acked-by: Thomas Graf <tgraf@suug.ch>
Signed-off-by: Thomas Haller <thaller@redhat.com>
This patch introduces sit tunnel support
Signed-off-by: Susant Sahani <susant@redhat.com>
Acked-by: Thomas Graf <tgraf@suug.ch>
[thaller@redhat.com: change WS to TAB, fix code doc]
Signed-off-by: Thomas Haller <thaller@redhat.com>
This patch introduces gre tunnel support
Signed-off-by: Susant Sahani <susant@redhat.com>
Acked-by: Thomas Graf <tgraf@suug.ch>
[thaller@redhat.com: change WS to TAB, fix code doc]
Signed-off-by: Thomas Haller <thaller@redhat.com>
This patch introduces ipip tunnel support. This
works with kernel module ipip.
Signed-off-by: Susant Sahani <susant@redhat.com>
Acked-by: Thomas Graf <tgraf@suug.ch>
[thaller@redhat.com: change WS to TAB, fix code doc]
Signed-off-by: Thomas Haller <thaller@redhat.com>
When we add an action to a filter, its lifetime becomes
same with the filter. So in case user frees it before
us, we could just grab a reference here.
Signed-off-by: Cong Wang <xiyou.wangcong@gmail.com>
Acked-by: Thomas Graf <tgraf@suug.ch>
Signed-off-by: Thomas Haller <thaller@redhat.com>
So that users could keep a refcount for the peer.
The capability trick is from Thomas Haller.
Signed-off-by: Cong Wang <xiyou.wangcong@gmail.com>
Signed-off-by: Thomas Haller <thaller@redhat.com>
Signed-off-by: Hangbin Liu <liuhangbin@gmail.com>
[thaller@redhat.com: change to ignore /tags only on top-level]
Signed-off-by: Thomas Haller <thaller@redhat.com>
This expands functionality for manipulating conntracks over netlink by
adding other attributes to nfnl_ct_build_message(). Added a command link
program to add conntracks.
https://github.com/thom311/libnl/pull/55
[thaller@redhat.com: cleaned up whitespace from original patch]
Acked-by: Thomas Graf <tgraf@suug.ch>
Signed-off-by: Thomas Haller <thaller@redhat.com>
self.__next__() bound method does not take an extra argument.
https://github.com/thom311/libnl/pull/57
Signed-off-by: Hiroaki KAWAI <kawai@stratosphere.co.jp>
Signed-off-by: Thomas Haller <thaller@redhat.com>
rtnl_link_veth_add() is a helper API we provide, it makes sense to
set NLM_F_EXCL for it since it doesn't accept flags as a parameter.
BTW, correct an indention too.
Signed-off-by: Cong Wang <xiyou.wangcong@gmail.com>
Acked-by: Thomas Graf <tgraf@suug.ch>
Signed-off-by: Thomas Haller <thaller@redhat.com>
Currently we use memcpy() to copy the peer rtnl_link for veth device,
this is wrong, we should do deep copy by calling nl_object_clone()
recursively. We should be careful and need to make sure we only call
it once.
Acked-by: Thomas Graf <tgraf@suug.ch>
Signed-off-by: Cong Wang <xiyou.wangcong@gmail.com>
Signed-off-by: Thomas Haller <thaller@redhat.com>
So that veth link can be just put by rtnl_link_put()
Signed-off-by: Cong Wang <xiyou.wangcong@gmail.com>
Acked-by: Thomas Graf <tgraf@suug.ch>
Signed-off-by: Thomas Haller <thaller@redhat.com>
