summaryrefslogtreecommitdiffstats
path: root/src/plugins/nat
diff options
context:
space:
mode:
authorOle Troan <ot@cisco.com>2019-08-23 22:55:18 +0200
committerAndrew Yourtchenko <ayourtch@gmail.com>2019-09-03 20:04:13 +0000
commite5ff5a36dd126ee57dca4e0b03da2f7704e0a4f5 (patch)
tree2108baa60e8a697624288fe2c3050be29697bc88 /src/plugins/nat
parentb6fde4a8bae474c6b73d08d223028f42e396d452 (diff)
api: enforce vla is last and fixed string type
Enforce that variable length fields are the last element of API messages. Add a 'fixed' version of string type, since dealing with multiple variable length strings turned out too painful for the C language bindings. The string type is now: { string name[64]; // NUL terminated C-string. Essentially decays to u8 name[64] string name[]; // Variable length string with embedded len field (vl_api_string_t) }; The latter notation could be made available to other types as well. e.g. { vl_api_address_t addresses[]; } instead of { u32 n_addr; vl_api_address_t addresses[n_addr]; }; Type: fix Change-Id: I18fa17ef47227633752ab50453e8d20a652a9f9b Signed-off-by: Ole Troan <ot@cisco.com>
Diffstat (limited to 'src/plugins/nat')
-rw-r--r--src/plugins/nat/nat.api16
-rw-r--r--src/plugins/nat/nat_api.c147
-rw-r--r--src/plugins/nat/test/test_nat.py2
3 files changed, 42 insertions, 123 deletions
diff --git a/src/plugins/nat/nat.api b/src/plugins/nat/nat.api
index bd880a6498d..8cf26d4900d 100644
--- a/src/plugins/nat/nat.api
+++ b/src/plugins/nat/nat.api
@@ -13,7 +13,7 @@
* limitations under the License.
*/
-option version = "5.1.0";
+option version = "5.2.0";
import "vnet/ip/ip_types.api";
import "vnet/interface_types.api";
@@ -171,7 +171,7 @@ define nat_worker_details {
u32 context;
u32 worker_index;
u32 lcore_id;
- string name;
+ string name[64];
};
/** \brief Enable/disable NAT IPFIX logging
@@ -678,7 +678,7 @@ autoreply define nat44_add_del_static_mapping {
u16 external_port;
vl_api_interface_index_t external_sw_if_index;
u32 vrf_id;
- string tag;
+ string tag[64];
};
/** \brief Dump NAT44 static mappings
@@ -717,7 +717,7 @@ define nat44_static_mapping_details {
u16 external_port;
vl_api_interface_index_t external_sw_if_index;
u32 vrf_id;
- string tag;
+ string tag[64];
};
/** \brief Add/delete NAT44 identity mapping
@@ -743,7 +743,7 @@ autoreply define nat44_add_del_identity_mapping {
u16 port;
vl_api_interface_index_t sw_if_index;
u32 vrf_id;
- string tag;
+ string tag[64];
};
/** \brief Dump NAT44 identity mappings
@@ -773,7 +773,7 @@ define nat44_identity_mapping_details {
u16 port;
vl_api_interface_index_t sw_if_index;
u32 vrf_id;
- string tag;
+ string tag[64];
};
/** \brief Add/delete NAT44 pool address from specific interfce
@@ -927,9 +927,9 @@ autoreply manual_endian define nat44_add_del_lb_static_mapping {
u16 external_port;
u8 protocol;
u32 affinity;
+ string tag[64];
u32 local_num;
vl_api_nat44_lb_addr_port_t locals[local_num];
- string tag;
};
/** \brief Add/delete NAT44 load-balancing static mapping rule backend
@@ -983,9 +983,9 @@ manual_endian define nat44_lb_static_mapping_details {
u8 protocol;
vl_api_nat_config_flags_t flags;
u32 affinity;
+ string tag[64];
u32 local_num;
vl_api_nat44_lb_addr_port_t locals[local_num];
- string tag;
};
/** \brief Delete NAT44 session
diff --git a/src/plugins/nat/nat_api.c b/src/plugins/nat/nat_api.c
index ff46ae9421a..b83ea0b49f8 100644
--- a/src/plugins/nat/nat_api.c
+++ b/src/plugins/nat/nat_api.c
@@ -200,20 +200,14 @@ send_nat_worker_details (u32 worker_index, vl_api_registration_t * reg,
snat_main_t *sm = &snat_main;
vlib_worker_thread_t *w =
vlib_worker_threads + worker_index + sm->first_worker_index;
- u32 len = vec_len (w->name);
- if (len)
- --len;
-
- rmp = vl_msg_api_alloc (sizeof (*rmp) + len);
- clib_memset (rmp, 0, sizeof (*rmp) + len);
+ rmp = vl_msg_api_alloc (sizeof (*rmp));
+ clib_memset (rmp, 0, sizeof (*rmp));
rmp->_vl_msg_id = ntohs (VL_API_NAT_WORKER_DETAILS + sm->msg_id_base);
rmp->context = context;
rmp->worker_index = htonl (worker_index);
rmp->lcore_id = htonl (w->cpu_id);
-
- if (len)
- vl_api_to_api_string (len, (char *) w->name, &rmp->name);
+ strncpy ((char *) rmp->name, (char *) w->name, ARRAY_LEN (rmp->name) - 1);
vl_api_send_msg (reg, (u8 *) rmp);
}
@@ -1208,7 +1202,6 @@ static void
int rv = 0;
snat_protocol_t proto;
u8 *tag = 0;
- u32 len = 0;
if (sm->deterministic)
{
@@ -1216,14 +1209,6 @@ static void
goto send_reply;
}
- len = vl_api_string_len (&mp->tag);
-
- if (len > 64)
- {
- rv = VNET_API_ERROR_INVALID_VALUE;
- goto send_reply;
- }
-
memcpy (&local_addr.as_u8, mp->local_ip_address, 4);
memcpy (&external_addr.as_u8, mp->external_ip_address, 4);
@@ -1241,10 +1226,8 @@ static void
twice_nat = TWICE_NAT;
else if (mp->flags & NAT_API_IS_SELF_TWICE_NAT)
twice_nat = TWICE_NAT_SELF;
-
- tag = vec_new (u8, len);
-
- memcpy (tag, mp->tag.buf, len);
+ mp->tag[sizeof (mp->tag) - 1] = 0;
+ tag = format (0, "%s", mp->tag);
vec_terminate_c_string (tag);
rv = snat_add_static_mapping (local_addr, external_addr, local_port,
@@ -1296,19 +1279,8 @@ send_nat44_static_mapping_details (snat_static_mapping_t * m,
snat_main_t *sm = &snat_main;
u32 len = sizeof (*rmp);
- if (m->tag)
- {
- len += vec_len (m->tag);
- rmp = vl_msg_api_alloc (len);
- clib_memset (rmp, 0, len);
- vl_api_to_api_string (vec_len (m->tag), (char *) m->tag, &rmp->tag);
- }
- else
- {
- rmp = vl_msg_api_alloc (len);
- clib_memset (rmp, 0, len);
- }
-
+ rmp = vl_msg_api_alloc (len);
+ clib_memset (rmp, 0, len);
rmp->_vl_msg_id =
ntohs (VL_API_NAT44_STATIC_MAPPING_DETAILS + sm->msg_id_base);
@@ -1337,6 +1309,9 @@ send_nat44_static_mapping_details (snat_static_mapping_t * m,
rmp->local_port = htons (m->local_port);
}
+ if (m->tag)
+ strncpy ((char *) rmp->tag, (char *) m->tag, vec_len (m->tag));
+
vl_api_send_msg (reg, (u8 *) rmp);
}
@@ -1347,21 +1322,9 @@ send_nat44_static_map_resolve_details (snat_static_map_resolve_t * m,
{
vl_api_nat44_static_mapping_details_t *rmp;
snat_main_t *sm = &snat_main;
- u32 len = sizeof (*rmp);
-
- if (m->tag)
- {
- len += vec_len (m->tag);
- rmp = vl_msg_api_alloc (len);
- clib_memset (rmp, 0, len);
- vl_api_to_api_string (vec_len (m->tag), (char *) m->tag, &rmp->tag);
- }
- else
- {
- rmp = vl_msg_api_alloc (len);
- clib_memset (rmp, 0, len);
- }
+ rmp = vl_msg_api_alloc (sizeof (*rmp));
+ clib_memset (rmp, 0, sizeof (*rmp));
rmp->_vl_msg_id =
ntohs (VL_API_NAT44_STATIC_MAPPING_DETAILS + sm->msg_id_base);
clib_memcpy (rmp->local_ip_address, &(m->l_addr), 4);
@@ -1382,6 +1345,8 @@ send_nat44_static_map_resolve_details (snat_static_map_resolve_t * m,
rmp->external_port = htons (m->e_port);
rmp->local_port = htons (m->l_port);
}
+ if (m->tag)
+ strncpy ((char *) rmp->tag, (char *) m->tag, vec_len (m->tag));
vl_api_send_msg (reg, (u8 *) rmp);
}
@@ -1442,7 +1407,6 @@ static void
int rv = 0;
snat_protocol_t proto = ~0;
u8 *tag = 0;
- u32 len = 0;
if (sm->deterministic)
{
@@ -1461,11 +1425,8 @@ static void
addr.as_u32 = 0;
else
memcpy (&addr.as_u8, mp->ip_address, 4);
-
- len = vl_api_string_len (&mp->tag);
-
- tag = vec_new (u8, len);
- memcpy (tag, mp->tag.buf, len);
+ mp->tag[sizeof (mp->tag) - 1] = 0;
+ tag = format (0, "%s", mp->tag);
vec_terminate_c_string (tag);
rv =
@@ -1507,21 +1468,9 @@ send_nat44_identity_mapping_details (snat_static_mapping_t * m, int index,
vl_api_nat44_identity_mapping_details_t *rmp;
snat_main_t *sm = &snat_main;
nat44_lb_addr_port_t *local = pool_elt_at_index (m->locals, index);
- u32 len = sizeof (*rmp);
-
- if (m->tag)
- {
- len += vec_len (m->tag);
- rmp = vl_msg_api_alloc (len);
- clib_memset (rmp, 0, len);
- vl_api_to_api_string (vec_len (m->tag), (char *) m->tag, &rmp->tag);
- }
- else
- {
- rmp = vl_msg_api_alloc (len);
- clib_memset (rmp, 0, len);
- }
+ rmp = vl_msg_api_alloc (sizeof (*rmp));
+ clib_memset (rmp, 0, sizeof (*rmp));
rmp->_vl_msg_id =
ntohs (VL_API_NAT44_IDENTITY_MAPPING_DETAILS + sm->msg_id_base);
@@ -1534,6 +1483,8 @@ send_nat44_identity_mapping_details (snat_static_mapping_t * m, int index,
rmp->vrf_id = htonl (local->vrf_id);
rmp->protocol = snat_proto_to_ip_proto (m->proto);
rmp->context = context;
+ if (m->tag)
+ strncpy ((char *) rmp->tag, (char *) m->tag, vec_len (m->tag));
vl_api_send_msg (reg, (u8 *) rmp);
}
@@ -1545,21 +1496,9 @@ send_nat44_identity_map_resolve_details (snat_static_map_resolve_t * m,
{
vl_api_nat44_identity_mapping_details_t *rmp;
snat_main_t *sm = &snat_main;
- u32 len = sizeof (*rmp);
-
- if (m->tag)
- {
- len += vec_len (m->tag);
- rmp = vl_msg_api_alloc (len);
- clib_memset (rmp, 0, len);
- vl_api_to_api_string (vec_len (m->tag), (char *) m->tag, &rmp->tag);
- }
- else
- {
- rmp = vl_msg_api_alloc (len);
- clib_memset (rmp, 0, len);
- }
+ rmp = vl_msg_api_alloc (sizeof (*rmp));
+ clib_memset (rmp, 0, sizeof (*rmp));
rmp->_vl_msg_id =
ntohs (VL_API_NAT44_IDENTITY_MAPPING_DETAILS + sm->msg_id_base);
@@ -1571,6 +1510,8 @@ send_nat44_identity_map_resolve_details (snat_static_map_resolve_t * m,
rmp->vrf_id = htonl (m->vrf_id);
rmp->protocol = snat_proto_to_ip_proto (m->proto);
rmp->context = context;
+ if (m->tag)
+ strncpy ((char *) rmp->tag, (char *) m->tag, vec_len (m->tag));
vl_api_send_msg (reg, (u8 *) rmp);
}
@@ -1936,9 +1877,7 @@ static void
nat44_lb_addr_port_t *locals = 0;
ip4_address_t e_addr;
snat_protocol_t proto;
- vl_api_string_t *sp;
u8 *tag = 0;
- u32 len = 0;
if (!sm->endpoint_dependent)
{
@@ -1956,15 +1895,8 @@ static void
twice_nat = TWICE_NAT;
else if (mp->flags & NAT_API_IS_SELF_TWICE_NAT)
twice_nat = TWICE_NAT_SELF;
-
- sp = (void *) &mp->locals +
- sizeof (vl_api_nat44_lb_addr_port_t) *
- clib_net_to_host_u32 (mp->local_num);
-
- len = vl_api_string_len (sp);
-
- tag = vec_new (u8, len);
- memcpy (tag, sp->buf, len);
+ mp->tag[sizeof (mp->tag) - 1] = 0;
+ tag = format (0, "%s", mp->tag);
vec_terminate_c_string (tag);
rv =
@@ -2051,28 +1983,13 @@ send_nat44_lb_static_mapping_details (snat_static_mapping_t * m,
snat_main_t *sm = &snat_main;
nat44_lb_addr_port_t *ap;
vl_api_nat44_lb_addr_port_t *locals;
- vl_api_string_t *sp;
u32 local_num = 0;
- u32 len = sizeof (*rmp);
-
- if (m->tag)
- {
- len += pool_elts (m->locals) *
- sizeof (nat44_lb_addr_port_t) + vec_len (m->tag);
- rmp = vl_msg_api_alloc (len);
- clib_memset (rmp, 0, len);
-
- sp = (void *) &rmp->locals +
- sizeof (vl_api_nat44_lb_addr_port_t) * pool_elts (m->locals);
- vl_api_to_api_string (vec_len (m->tag), (char *) m->tag, sp);
- }
- else
- {
- len += pool_elts (m->locals) * sizeof (nat44_lb_addr_port_t);
- rmp = vl_msg_api_alloc (len);
- clib_memset (rmp, 0, len);
- }
+ rmp =
+ vl_msg_api_alloc (sizeof (*rmp) +
+ (pool_elts (m->locals) *
+ sizeof (nat44_lb_addr_port_t)));
+ clib_memset (rmp, 0, sizeof (*rmp));
rmp->_vl_msg_id =
ntohs (VL_API_NAT44_LB_STATIC_MAPPING_DETAILS + sm->msg_id_base);
@@ -2087,6 +2004,8 @@ send_nat44_lb_static_mapping_details (snat_static_mapping_t * m,
rmp->flags |= NAT_API_IS_SELF_TWICE_NAT;
if (is_out2in_only_static_mapping (m))
rmp->flags |= NAT_API_IS_OUT2IN_ONLY;
+ if (m->tag)
+ strncpy ((char *) rmp->tag, (char *) m->tag, vec_len (m->tag));
locals = (vl_api_nat44_lb_addr_port_t *) rmp->locals;
/* *INDENT-OFF* */
diff --git a/src/plugins/nat/test/test_nat.py b/src/plugins/nat/test/test_nat.py
index a64b5709c72..4d48ee494c6 100644
--- a/src/plugins/nat/test/test_nat.py
+++ b/src/plugins/nat/test/test_nat.py
@@ -1894,7 +1894,7 @@ class TestNAT44(MethodHolder):
is_add=1)
sm = self.vapi.nat44_static_mapping_dump()
self.assertEqual(len(sm), 1)
- self.assertEqual((sm[0].tag).split(b'\0', 1)[0], b'')
+ self.assertEqual(sm[0].tag, '')
self.assertEqual(sm[0].protocol, 0)
self.assertEqual(sm[0].local_port, 0)
self.assertEqual(sm[0].external_port, 0)