10:41 p.m.
after making all virFirewall objects use g_autoptr().
Signed-off-by: Laine Stump <laine(a)redhat.com>
---
src/network/bridge_driver_linux.c | 27 +++++++------------
src/nwfilter/nwfilter_ebiptables_driver.c | 32 +++++++----------------
src/util/virebtables.c | 16 ++----------
src/util/viriptables.c | 8 ++----
4 files changed, 22 insertions(+), 61 deletions(-)
diff --git a/src/network/bridge_driver_linux.c b/src/network/bridge_driver_linux.c
index f72f94f38d..5fc77785dc 100644
--- a/src/network/bridge_driver_linux.c
+++ b/src/network/bridge_driver_linux.c
@@ -839,7 +839,6 @@ int networkAddFirewallRules(virNetworkDefPtr def)
size_t i;
virNetworkIPDefPtr ipdef;
g_autoptr(virFirewall) fw = virFirewallNew();
- int ret = -1;
if (virOnce(&createdOnce, networkSetupPrivateChains) < 0)
return -1;
@@ -869,11 +868,11 @@ int networkAddFirewallRules(virNetworkDefPtr def)
_("zone %s requested for network %s "
"but firewalld is not active"),
def->bridgeZone, def->name);
- goto cleanup;
+ return -1;
}
if (virFirewallDInterfaceSetZone(def->bridge, def->bridgeZone) < 0)
- goto cleanup;
+ return -1;
} else {
@@ -893,13 +892,13 @@ int networkAddFirewallRules(virNetworkDefPtr def)
*/
if (virFirewallDZoneExists("libvirt")) {
if (virFirewallDInterfaceSetZone(def->bridge, "libvirt")
< 0)
- goto cleanup;
+ return -1;
} else {
unsigned long version;
int vresult = virFirewallDGetVersion(&version);
if (vresult < 0)
- goto cleanup;
+ return -1;
/* Support for nftables backend was added in firewalld
* 0.6.0. Support for rule priorities (required by the
@@ -919,7 +918,7 @@ int networkAddFirewallRules(virNetworkDefPtr def)
"version supporting rule priorities "
"(0.7.0+) and/or rebuilding "
"libvirt with --with-firewalld-zone"));
- goto cleanup;
+ return -1;
}
}
}
@@ -933,7 +932,7 @@ int networkAddFirewallRules(virNetworkDefPtr def)
(ipdef = virNetworkDefGetIPByIndex(def, AF_UNSPEC, i));
i++) {
if (networkAddIPSpecificFirewallRules(fw, def, ipdef) < 0)
- goto cleanup;
+ return -1;
}
virFirewallStartRollback(fw, 0);
@@ -942,19 +941,14 @@ int networkAddFirewallRules(virNetworkDefPtr def)
(ipdef = virNetworkDefGetIPByIndex(def, AF_UNSPEC, i));
i++) {
if (networkRemoveIPSpecificFirewallRules(fw, def, ipdef) < 0)
- goto cleanup;
+ return -1;
}
networkRemoveGeneralFirewallRules(fw, def);
virFirewallStartTransaction(fw, VIR_FIREWALL_TRANSACTION_IGNORE_ERRORS);
networkAddChecksumFirewallRules(fw, def);
- if (virFirewallApply(fw) < 0)
- goto cleanup;
-
- ret = 0;
- cleanup:
- return ret;
+ return virFirewallApply(fw);
}
/* Remove all rules for all ip addresses (and general rules) on a network */
@@ -973,12 +967,9 @@ void networkRemoveFirewallRules(virNetworkDefPtr def)
(ipdef = virNetworkDefGetIPByIndex(def, AF_UNSPEC, i));
i++) {
if (networkRemoveIPSpecificFirewallRules(fw, def, ipdef) < 0)
- goto cleanup;
+ return;
}
networkRemoveGeneralFirewallRules(fw, def);
virFirewallApply(fw);
-
- cleanup:
- return;
}
diff --git a/src/nwfilter/nwfilter_ebiptables_driver.c
b/src/nwfilter/nwfilter_ebiptables_driver.c
index 2976521e6d..78a52408b2 100644
--- a/src/nwfilter/nwfilter_ebiptables_driver.c
+++ b/src/nwfilter/nwfilter_ebiptables_driver.c
@@ -2866,7 +2866,7 @@ ebtablesApplyBasicRules(const char *ifname,
virMacAddrFormat(macaddr, macaddr_str);
if (ebiptablesAllTeardown(ifname) < 0)
- goto error;
+ return -1;
virFirewallStartTransaction(fw, 0);
@@ -2899,7 +2899,6 @@ ebtablesApplyBasicRules(const char *ifname,
tear_down_tmpebchains:
ebtablesCleanAll(ifname);
- error:
return -1;
}
@@ -2937,7 +2936,7 @@ ebtablesApplyDHCPOnlyRules(const char *ifname,
virMacAddrFormat(macaddr, macaddr_str);
if (ebiptablesAllTeardown(ifname) < 0)
- goto error;
+ return -1;
virFirewallStartTransaction(fw, 0);
@@ -3016,7 +3015,6 @@ ebtablesApplyDHCPOnlyRules(const char *ifname,
tear_down_tmpebchains:
ebtablesCleanAll(ifname);
- error:
return -1;
}
@@ -3038,7 +3036,7 @@ ebtablesApplyDropAllRules(const char *ifname)
g_autoptr(virFirewall) fw = virFirewallNew();
if (ebiptablesAllTeardown(ifname) < 0)
- goto error;
+ return -1;
virFirewallStartTransaction(fw, 0);
@@ -3068,7 +3066,6 @@ ebtablesApplyDropAllRules(const char *ifname)
tear_down_tmpebchains:
ebtablesCleanAll(ifname);
- error:
return -1;
}
@@ -3084,7 +3081,6 @@ static int
ebtablesCleanAll(const char *ifname)
{
g_autoptr(virFirewall) fw = virFirewallNew();
- int ret = -1;
virFirewallStartTransaction(fw, VIR_FIREWALL_TRANSACTION_IGNORE_ERRORS);
@@ -3100,8 +3096,7 @@ ebtablesCleanAll(const char *ifname)
ebtablesRemoveTmpRootChainFW(fw, true, ifname);
ebtablesRemoveTmpRootChainFW(fw, false, ifname);
- ret = virFirewallApply(fw);
- return ret;
+ return virFirewallApply(fw);
}
@@ -3578,21 +3573,18 @@ static int
ebiptablesTearNewRules(const char *ifname)
{
g_autoptr(virFirewall) fw = virFirewallNew();
- int ret = -1;
virFirewallStartTransaction(fw, VIR_FIREWALL_TRANSACTION_IGNORE_ERRORS);
ebiptablesTearNewRulesFW(fw, ifname);
- ret = virFirewallApply(fw);
- return ret;
+ return virFirewallApply(fw);
}
static int
ebiptablesTearOldRules(const char *ifname)
{
g_autoptr(virFirewall) fw = virFirewallNew();
- int ret = -1;
virFirewallStartTransaction(fw, VIR_FIREWALL_TRANSACTION_IGNORE_ERRORS);
@@ -3611,8 +3603,7 @@ ebiptablesTearOldRules(const char *ifname)
ebtablesRemoveRootChainFW(fw, false, ifname);
ebtablesRenameTmpSubAndRootChainsFW(fw, ifname);
- ret = virFirewallApply(fw);
- return ret;
+ return virFirewallApply(fw);
}
@@ -3629,7 +3620,6 @@ static int
ebiptablesAllTeardown(const char *ifname)
{
g_autoptr(virFirewall) fw = virFirewallNew();
- int ret = -1;
virFirewallStartTransaction(fw, VIR_FIREWALL_TRANSACTION_IGNORE_ERRORS);
@@ -3651,8 +3641,7 @@ ebiptablesAllTeardown(const char *ifname)
ebtablesRemoveRootChainFW(fw, true, ifname);
ebtablesRemoveRootChainFW(fw, false, ifname);
- ret = virFirewallApply(fw);
- return ret;
+ return virFirewallApply(fw);
}
@@ -3738,7 +3727,6 @@ ebiptablesDriverProbeStateMatch(void)
{
unsigned long version;
g_autoptr(virFirewall) fw = virFirewallNew();
- int ret = -1;
virFirewallStartTransaction(fw, 0);
virFirewallAddRuleFull(fw, VIR_FIREWALL_LAYER_IPV4,
@@ -3746,7 +3734,7 @@ ebiptablesDriverProbeStateMatch(void)
"--version", NULL);
if (virFirewallApply(fw) < 0)
- goto cleanup;
+ return -1;
/*
* since version 1.4.16 '-m state --state ...' will be converted to
@@ -3755,9 +3743,7 @@ ebiptablesDriverProbeStateMatch(void)
if (version >= 1 * 1000000 + 4 * 1000 + 16)
newMatchState = true;
- ret = 0;
- cleanup:
- return ret;
+ return 0;
}
static int
diff --git a/src/util/virebtables.c b/src/util/virebtables.c
index 69483f35ec..610c399414 100644
--- a/src/util/virebtables.c
+++ b/src/util/virebtables.c
@@ -83,7 +83,6 @@ int
ebtablesAddForwardPolicyReject(ebtablesContext *ctx)
{
g_autoptr(virFirewall) fw = virFirewallNew();
- int ret = -1;
virFirewallStartTransaction(fw, VIR_FIREWALL_TRANSACTION_IGNORE_ERRORS);
virFirewallAddRule(fw, VIR_FIREWALL_LAYER_ETHERNET,
@@ -98,12 +97,7 @@ ebtablesAddForwardPolicyReject(ebtablesContext *ctx)
"-P", ctx->chain, "DROP",
NULL);
- if (virFirewallApply(fw) < 0)
- goto cleanup;
-
- ret = 0;
- cleanup:
- return ret;
+ return virFirewallApply(fw);
}
@@ -117,7 +111,6 @@ ebtablesForwardAllowIn(ebtablesContext *ctx,
int action)
{
g_autoptr(virFirewall) fw = virFirewallNew();
- int ret = -1;
virFirewallStartTransaction(fw, 0);
virFirewallAddRule(fw, VIR_FIREWALL_LAYER_ETHERNET,
@@ -128,12 +121,7 @@ ebtablesForwardAllowIn(ebtablesContext *ctx,
"--jump", "ACCEPT",
NULL);
- if (virFirewallApply(fw) < 0)
- goto cleanup;
-
- ret = 0;
- cleanup:
- return ret;
+ return virFirewallApply(fw);
}
/**
diff --git a/src/util/viriptables.c b/src/util/viriptables.c
index b1ef3a2db6..b5dd2edbd3 100644
--- a/src/util/viriptables.c
+++ b/src/util/viriptables.c
@@ -129,7 +129,6 @@ int
iptablesSetupPrivateChains(virFirewallLayer layer)
{
g_autoptr(virFirewall) fw = virFirewallNew();
- int ret = -1;
iptablesGlobalChain filter_chains[] = {
{"INPUT", "LIBVIRT_INP"},
{"OUTPUT", "LIBVIRT_OUT"},
@@ -160,12 +159,9 @@ iptablesSetupPrivateChains(virFirewallLayer layer)
"--list-rules", NULL);
if (virFirewallApply(fw) < 0)
- goto cleanup;
-
- ret = changed ? 1 : 0;
+ return -1;
- cleanup:
- return ret;
+ return changed ? 1 : 0;
}
--
2.25.4