git: 497ccc21ef93 - main - libpfctl: handle the 'pfctl' netlink family not being supported

From: Kristof Provost <kp_at_FreeBSD.org>
Date: Mon, 06 Nov 2023 13:52:24 UTC
The branch main has been updated by kp:

URL: https://cgit.FreeBSD.org/src/commit/?id=497ccc21ef9378f92e30867fa2b473759fd64b45

commit 497ccc21ef9378f92e30867fa2b473759fd64b45
Author:     Kristof Provost <kp@FreeBSD.org>
AuthorDate: 2023-11-06 10:57:35 +0000
Commit:     Kristof Provost <kp@FreeBSD.org>
CommitDate: 2023-11-06 12:53:56 +0000

    libpfctl: handle the 'pfctl' netlink family not being supported
    
    If we fail to find the pfctl family we should not attempt to make the
    call. That means that either pf is not loaded, or it's a very old (i.e.
    pre-netlink) version.
    
    Reported by: manu
    Sponsored by:   Rubicon Communications, LLC ("Netgate")
---
 lib/libpfctl/libpfctl.c | 10 ++++++++++
 1 file changed, 10 insertions(+)

diff --git a/lib/libpfctl/libpfctl.c b/lib/libpfctl/libpfctl.c
index 1554b81acf59..12b7c1df7ee8 100644
--- a/lib/libpfctl/libpfctl.c
+++ b/lib/libpfctl/libpfctl.c
@@ -189,6 +189,8 @@ pfctl_startstop(int start)
 
 	snl_init(&ss, NETLINK_GENERIC);
 	family_id = snl_get_genl_family(&ss, PFNL_FAMILY_NAME);
+	if (family_id == 0)
+		return (ENOTSUP);
 
 	snl_init_writer(&ss, &nw);
 	hdr = snl_create_genl_msg_request(&nw, family_id,
@@ -1077,6 +1079,8 @@ pfctl_add_rule(int dev __unused, const struct pfctl_rule *r, const char *anchor,
 
 	snl_init(&ss, NETLINK_GENERIC);
 	family_id = snl_get_genl_family(&ss, PFNL_FAMILY_NAME);
+	if (family_id == 0)
+		return (ENOTSUP);
 
 	snl_init_writer(&ss, &nw);
 	hdr = snl_create_genl_msg_request(&nw, family_id, PFNL_CMD_ADDRULE);
@@ -1213,6 +1217,9 @@ pfctl_get_creators_nl(struct snl_state *ss, uint32_t *creators, size_t *len)
 	struct nlmsghdr *hdr;
 	struct snl_writer nw;
 
+	if (family_id == 0)
+		return (ENOTSUP);
+
 	snl_init_writer(ss, &nw);
 	hdr = snl_create_genl_msg_request(&nw, family_id, PFNL_CMD_GETCREATORS);
 	hdr->nlmsg_flags |= NLM_F_DUMP;
@@ -1363,6 +1370,9 @@ pfctl_get_states_nl(struct pfctl_state_filter *filter, struct snl_state *ss, pfc
 	struct nlmsghdr *hdr;
 	struct snl_writer nw;
 
+	if (family_id == 0)
+		return (ENOTSUP);
+
 	snl_init_writer(ss, &nw);
 	hdr = snl_create_genl_msg_request(&nw, family_id, PFNL_CMD_GETSTATES);
 	hdr->nlmsg_flags |= NLM_F_DUMP;