diff --git a/bin/check/check-tool.c b/bin/check/check-tool.c index 52b4da821f..0c5fe28c83 100644 --- a/bin/check/check-tool.c +++ b/bin/check/check-tool.c @@ -58,13 +58,6 @@ #define CHECK_LOCAL 1 #endif /* ifndef CHECK_LOCAL */ -#define CHECK(r) \ - do { \ - result = (r); \ - if (result != ISC_R_SUCCESS) \ - goto cleanup; \ - } while (0) - #define ERR_IS_CNAME 1 #define ERR_NO_ADDRESSES 2 #define ERR_LOOKUP_FAILURE 3 diff --git a/bin/check/named-checkconf.c b/bin/check/named-checkconf.c index a303cf187f..c65642ddd5 100644 --- a/bin/check/named-checkconf.c +++ b/bin/check/named-checkconf.c @@ -50,13 +50,6 @@ static bool loadplugins = true; isc_log_t *logc = NULL; -#define CHECK(r) \ - do { \ - result = (r); \ - if (result != ISC_R_SUCCESS) \ - goto cleanup; \ - } while (0) - /*% usage */ noreturn static void usage(void); diff --git a/bin/delv/delv.c b/bin/delv/delv.c index 0fed3312e4..8348b7d31a 100644 --- a/bin/delv/delv.c +++ b/bin/delv/delv.c @@ -67,13 +67,6 @@ #include -#define CHECK(r) \ - do { \ - result = (r); \ - if (result != ISC_R_SUCCESS) \ - goto cleanup; \ - } while (0) - #define MAXNAME (DNS_NAME_MAXTEXT + 1) /* diff --git a/bin/named/controlconf.c b/bin/named/controlconf.c index f648ba41ce..efae601177 100644 --- a/bin/named/controlconf.c +++ b/bin/named/controlconf.c @@ -801,14 +801,6 @@ register_keys(const cfg_obj_t *control, const cfg_obj_t *keylist, } } -#define CHECK(x) \ - do { \ - result = (x); \ - if (result != ISC_R_SUCCESS) { \ - goto cleanup; \ - } \ - } while (0) - static isc_result_t get_rndckey(isc_mem_t *mctx, controlkeylist_t *keyids) { isc_result_t result; diff --git a/bin/named/logconf.c b/bin/named/logconf.c index 3cc220077b..697c2c3d64 100644 --- a/bin/named/logconf.c +++ b/bin/named/logconf.c @@ -31,13 +31,6 @@ #include #include -#define CHECK(op) \ - do { \ - result = (op); \ - if (result != ISC_R_SUCCESS) \ - goto cleanup; \ - } while (0) - /*% * Set up a logging category according to the named.conf data * in 'ccat' and add it to 'logconfig'. diff --git a/bin/named/server.c b/bin/named/server.c index da2fb01709..125bfa8f94 100644 --- a/bin/named/server.c +++ b/bin/named/server.c @@ -172,13 +172,6 @@ * Check an operation for failure. Assumes that the function * using it has a 'result' variable and a 'cleanup' label. */ -#define CHECK(op) \ - do { \ - result = (op); \ - if (result != ISC_R_SUCCESS) \ - goto cleanup; \ - } while (0) - #define TCHECK(op) \ do { \ tresult = (op); \ diff --git a/bin/named/statschannel.c b/bin/named/statschannel.c index 5a8483714f..a70d6797b5 100644 --- a/bin/named/statschannel.c +++ b/bin/named/statschannel.c @@ -62,14 +62,6 @@ #define STATS_JSON_VERSION_MINOR "7" #define STATS_JSON_VERSION STATS_JSON_VERSION_MAJOR "." STATS_JSON_VERSION_MINOR -#define CHECK(m) \ - do { \ - result = (m); \ - if (result != ISC_R_SUCCESS) { \ - goto cleanup; \ - } \ - } while (0) - struct named_statschannel { /* Unlocked */ isc_httpdmgr_t *httpdmgr; diff --git a/bin/named/tkeyconf.c b/bin/named/tkeyconf.c index 3b26273bb6..26c171868f 100644 --- a/bin/named/tkeyconf.c +++ b/bin/named/tkeyconf.c @@ -28,16 +28,8 @@ #include -#include - -#define RETERR(x) \ - do { \ - result = (x); \ - if (result != ISC_R_SUCCESS) \ - goto failure; \ - } while (0) - #include +#include #define LOG(msg) \ isc_log_write(named_g_lctx, NAMED_LOGCATEGORY_GENERAL, \ NAMED_LOGMODULE_SERVER, ISC_LOG_ERROR, "%s", msg) @@ -47,12 +39,12 @@ named_tkeyctx_fromconfig(const cfg_obj_t *options, isc_mem_t *mctx, dns_tkeyctx_t **tctxp) { isc_result_t result; dns_tkeyctx_t *tctx = NULL; - const char *s; + const char *s = NULL; uint32_t n; dns_fixedname_t fname; - dns_name_t *name; + dns_name_t *name = NULL; isc_buffer_t b; - const cfg_obj_t *obj; + const cfg_obj_t *obj = NULL; int type; result = dns_tkeyctx_create(mctx, &tctx); @@ -60,7 +52,6 @@ named_tkeyctx_fromconfig(const cfg_obj_t *options, isc_mem_t *mctx, return result; } - obj = NULL; result = cfg_map_get(options, "tkey-dhkey", &obj); if (result == ISC_R_SUCCESS) { s = cfg_obj_asstring(cfg_tuple_get(obj, "name")); @@ -95,8 +86,8 @@ named_tkeyctx_fromconfig(const cfg_obj_t *options, isc_mem_t *mctx, isc_buffer_constinit(&b, s, strlen(s)); isc_buffer_add(&b, strlen(s)); name = dns_fixedname_initname(&fname); - RETERR(dns_name_fromtext(name, &b, dns_rootname, 0, NULL)); - RETERR(dst_gssapi_acquirecred(name, false, &tctx->gsscred)); + CHECK(dns_name_fromtext(name, &b, dns_rootname, 0, NULL)); + CHECK(dst_gssapi_acquirecred(name, false, &tctx->gsscred)); } obj = NULL; @@ -109,7 +100,7 @@ named_tkeyctx_fromconfig(const cfg_obj_t *options, isc_mem_t *mctx, *tctxp = tctx; return ISC_R_SUCCESS; -failure: +cleanup: dns_tkeyctx_destroy(&tctx); return result; } diff --git a/bin/named/transportconf.c b/bin/named/transportconf.c index cf56cbad0e..e09eca9850 100644 --- a/bin/named/transportconf.c +++ b/bin/named/transportconf.c @@ -190,11 +190,6 @@ failure: return result; } -#define CHECK(f) \ - if ((result = f) != ISC_R_SUCCESS) { \ - goto failure; \ - } - static isc_result_t transport_list_fromconfig(const cfg_obj_t *config, dns_transport_list_t *list) { const cfg_obj_t *obj = NULL; diff --git a/bin/named/zoneconf.c b/bin/named/zoneconf.c index c3cfbe8a98..2194fffe95 100644 --- a/bin/named/zoneconf.c +++ b/bin/named/zoneconf.c @@ -62,20 +62,6 @@ typedef enum { allow_update_forwarding } acl_type_t; -#define RETERR(x) \ - do { \ - isc_result_t _r = (x); \ - if (_r != ISC_R_SUCCESS) \ - return ((_r)); \ - } while (0) - -#define CHECK(x) \ - do { \ - result = (x); \ - if (result != ISC_R_SUCCESS) \ - goto cleanup; \ - } while (0) - /*% * Convenience function for configuring a single zone ACL. */ diff --git a/bin/plugins/filter-a.c b/bin/plugins/filter-a.c index db08f459bd..fd8dde59d5 100644 --- a/bin/plugins/filter-a.c +++ b/bin/plugins/filter-a.c @@ -48,14 +48,6 @@ #include #include -#define CHECK(op) \ - do { \ - result = (op); \ - if (result != ISC_R_SUCCESS) { \ - goto cleanup; \ - } \ - } while (0) - /* * Possible values for the settings of filter-a-on-v6 and * filter-a-on-v4: "no" is NONE, "yes" is FILTER, "break-dnssec" diff --git a/bin/plugins/filter-aaaa.c b/bin/plugins/filter-aaaa.c index 3230881bce..8f05c51ebe 100644 --- a/bin/plugins/filter-aaaa.c +++ b/bin/plugins/filter-aaaa.c @@ -48,14 +48,6 @@ #include #include -#define CHECK(op) \ - do { \ - result = (op); \ - if (result != ISC_R_SUCCESS) { \ - goto cleanup; \ - } \ - } while (0) - /* * Possible values for the settings of filter-aaaa-on-v4 and * filter-aaaa-on-v6: "no" is NONE, "yes" is FILTER, "break-dnssec" diff --git a/bin/tests/system/dlzexternal/driver/driver.c b/bin/tests/system/dlzexternal/driver/driver.c index 9750fdc96a..47ab393e73 100644 --- a/bin/tests/system/dlzexternal/driver/driver.c +++ b/bin/tests/system/dlzexternal/driver/driver.c @@ -49,13 +49,6 @@ dlz_dlopen_addrdataset_t dlz_addrdataset; dlz_dlopen_subrdataset_t dlz_subrdataset; dlz_dlopen_delrdataset_t dlz_delrdataset; -#define CHECK(x) \ - do { \ - result = (x); \ - if (result != ISC_R_SUCCESS) \ - goto failure; \ - } while (0) - #define loginfo(...) \ ({ \ if ((state != NULL) && (state->log != NULL)) \ @@ -258,7 +251,6 @@ dlz_create(const char *dlzname, unsigned int argc, char *argv[], void **dbdata, const char *helper_name; va_list ap; char soa_data[sizeof("@ hostmaster.root 123 900 600 86400 3600")]; - isc_result_t result; size_t n; UNUSED(dlzname); @@ -306,7 +298,8 @@ dlz_create(const char *dlzname, unsigned int argc, char *argv[], void **dbdata, } if (n >= sizeof(soa_data)) { - CHECK(ISC_R_NOSPACE); + free(state); + return ISC_R_NOSPACE; } add_name(state, &state->current[0], state->zone_name, "soa", 3600, @@ -320,10 +313,6 @@ dlz_create(const char *dlzname, unsigned int argc, char *argv[], void **dbdata, *dbdata = state; return ISC_R_SUCCESS; - -failure: - free(state); - return result; } /* diff --git a/bin/tests/system/dyndb/driver/util.h b/bin/tests/system/dyndb/driver/util.h index d59a7fd6ea..ddd935c0c7 100644 --- a/bin/tests/system/dyndb/driver/util.h +++ b/bin/tests/system/dyndb/driver/util.h @@ -39,19 +39,6 @@ #include "log.h" -#define CLEANUP_WITH(result_code) \ - do { \ - result = (result_code); \ - goto cleanup; \ - } while (0) - -#define CHECK(op) \ - do { \ - result = (op); \ - if (result != ISC_R_SUCCESS) \ - goto cleanup; \ - } while (0) - #define CHECKED_MEM_GET(m, target_ptr, s) \ do { \ (target_ptr) = isc_mem_get((m), (s)); \ diff --git a/bin/tests/system/dyndb/driver/zone.c b/bin/tests/system/dyndb/driver/zone.c index 32f9004b8a..75523a1a22 100644 --- a/bin/tests/system/dyndb/driver/zone.c +++ b/bin/tests/system/dyndb/driver/zone.c @@ -142,8 +142,8 @@ publish_zone(sample_instance_t *inst, dns_zone_t *zone) { /* Return success if the zone is already in the view as expected. */ result = dns_view_findzone(inst->view, dns_zone_getorigin(zone), &zone_in_view); - if (result != ISC_R_SUCCESS && result != ISC_R_NOTFOUND) { - goto cleanup; + if (result != ISC_R_NOTFOUND) { + CHECK(result); } view_in_zone = dns_zone_getview(zone); @@ -151,7 +151,8 @@ publish_zone(sample_instance_t *inst, dns_zone_t *zone) { /* Zone has a view set -> view should contain the same zone. */ if (zone_in_view == zone) { /* Zone is already published in the right view. */ - CLEANUP_WITH(ISC_R_SUCCESS); + result = ISC_R_SUCCESS; + goto cleanup; } else if (view_in_zone != inst->view) { /* * Un-published inactive zone will have @@ -161,7 +162,7 @@ publish_zone(sample_instance_t *inst, dns_zone_t *zone) { dns_zone_log(zone, ISC_LOG_ERROR, "zone->view doesn't " "match data in the view"); - CLEANUP_WITH(ISC_R_UNEXPECTED); + CHECK(ISC_R_UNEXPECTED); } } @@ -169,7 +170,7 @@ publish_zone(sample_instance_t *inst, dns_zone_t *zone) { dns_zone_log(zone, ISC_LOG_ERROR, "cannot publish zone: view already " "contains another zone with this name"); - CLEANUP_WITH(ISC_R_UNEXPECTED); + CHECK(ISC_R_UNEXPECTED); } run_exclusive_enter(inst, &lock_state); diff --git a/bin/tests/system/hooks/driver/test-async.c b/bin/tests/system/hooks/driver/test-async.c index ac38c1626c..8d601b9f32 100644 --- a/bin/tests/system/hooks/driver/test-async.c +++ b/bin/tests/system/hooks/driver/test-async.c @@ -36,14 +36,6 @@ #include #include -#define CHECK(op) \ - do { \ - result = (op); \ - if (result != ISC_R_SUCCESS) { \ - goto cleanup; \ - } \ - } while (0) - /* * Persistent data for use by this module. This will be associated * with client object address in the hash table, and will remain diff --git a/bin/tests/system/pipelined/pipequeries.c b/bin/tests/system/pipelined/pipequeries.c index b95a987106..11f4c3fd09 100644 --- a/bin/tests/system/pipelined/pipequeries.c +++ b/bin/tests/system/pipelined/pipequeries.c @@ -45,7 +45,7 @@ #include #include -#define CHECK(str, x) \ +#define CHECKM(str, x) \ { \ if ((x) != ISC_R_SUCCESS) { \ fprintf(stderr, "I:%s: %s\n", (str), \ @@ -91,7 +91,7 @@ recvresponse(isc_task_t *task, isc_event_t *event) { result = dns_request_getresponse(reqev->request, response, DNS_MESSAGEPARSE_PRESERVEORDER); - CHECK("dns_request_getresponse", result); + CHECKM("dns_request_getresponse", result); if (response->rcode != dns_rcode_noerror) { result = dns_result_fromrcode(response->rcode); @@ -108,7 +108,7 @@ recvresponse(isc_task_t *task, isc_event_t *event) { result = dns_message_sectiontotext( response, DNS_SECTION_ANSWER, &dns_master_style_simple, DNS_MESSAGETEXTFLAG_NOCOMMENTS, &outbuf); - CHECK("dns_message_sectiontotext", result); + CHECKM("dns_message_sectiontotext", result); printf("%.*s", (int)isc_buffer_usedlength(&outbuf), (char *)isc_buffer_base(&outbuf)); fflush(stdout); @@ -148,7 +148,7 @@ sendquery(isc_task_t *task) { isc_buffer_add(&buf, strlen(host)); result = dns_name_fromtext(dns_fixedname_name(&queryname), &buf, dns_rootname, 0, NULL); - CHECK("dns_name_fromtext", result); + CHECKM("dns_name_fromtext", result); dns_message_create(mctx, DNS_MESSAGE_INTENTRENDER, &message); @@ -158,10 +158,10 @@ sendquery(isc_task_t *task) { message->id = (unsigned short)(random() & 0xFFFF); result = dns_message_gettempname(message, &qname); - CHECK("dns_message_gettempname", result); + CHECKM("dns_message_gettempname", result); result = dns_message_gettemprdataset(message, &qrdataset); - CHECK("dns_message_gettemprdataset", result); + CHECKM("dns_message_gettemprdataset", result); dns_name_clone(dns_fixedname_name(&queryname), qname); dns_rdataset_makequestion(qrdataset, dns_rdataclass_in, @@ -173,7 +173,7 @@ sendquery(isc_task_t *task) { have_src ? &srcaddr : NULL, &dstaddr, DNS_REQUESTOPT_TCP, NULL, TIMEOUT, 0, 0, task, recvresponse, message, &request); - CHECK("dns_request_create", result); + CHECKM("dns_request_create", result); return ISC_R_SUCCESS; } @@ -248,13 +248,13 @@ main(int argc, char *argv[]) { result = ISC_R_FAILURE; if (inet_pton(AF_INET, "10.53.0.7", &inaddr) != 1) { - CHECK("inet_pton", result); + CHECKM("inet_pton", result); } isc_sockaddr_fromin(&srcaddr, &inaddr, 0); result = ISC_R_FAILURE; if (inet_pton(AF_INET, "10.53.0.4", &inaddr) != 1) { - CHECK("inet_pton", result); + CHECKM("inet_pton", result); } isc_sockaddr_fromin(&dstaddr, &inaddr, port); diff --git a/bin/tests/system/rsabigexponent/bigkey.c b/bin/tests/system/rsabigexponent/bigkey.c index e6d5c40615..6be31f1904 100644 --- a/bin/tests/system/rsabigexponent/bigkey.c +++ b/bin/tests/system/rsabigexponent/bigkey.c @@ -58,7 +58,7 @@ RSA *rsa; BIGNUM *e; EVP_PKEY *pkey; -#define CHECK(op, msg) \ +#define CHECKM(op, msg) \ do { \ result = (op); \ if (result != ISC_R_SUCCESS) { \ @@ -127,22 +127,20 @@ main(int argc, char **argv) { name = dns_fixedname_initname(&fname); isc_buffer_constinit(&buf, "example.", strlen("example.")); isc_buffer_add(&buf, strlen("example.")); - CHECK(dns_name_fromtext(name, &buf, dns_rootname, 0, NULL), "dns_name_" - "fromtext(" - "\"example." - "\")"); + CHECKM(dns_name_fromtext(name, &buf, dns_rootname, 0, NULL), + "dns_name_fromtext(\"example.\")"); - CHECK(dst_key_buildinternal(name, DNS_KEYALG_RSASHA256, bits, - DNS_KEYOWNER_ZONE, DNS_KEYPROTO_DNSSEC, - dns_rdataclass_in, pkey, mctx, &key), - "dst_key_buildinternal(...)"); + CHECKM(dst_key_buildinternal(name, DNS_KEYALG_RSASHA256, bits, + DNS_KEYOWNER_ZONE, DNS_KEYPROTO_DNSSEC, + dns_rdataclass_in, pkey, mctx, &key), + "dst_key_buildinternal(...)"); - CHECK(dst_key_tofile(key, DST_TYPE_PRIVATE | DST_TYPE_PUBLIC, NULL), - "dst_key_tofile()"); + CHECKM(dst_key_tofile(key, DST_TYPE_PRIVATE | DST_TYPE_PUBLIC, NULL), + "dst_key_tofile()"); isc_buffer_init(&buf, filename, sizeof(filename) - 1); isc_buffer_clear(&buf); - CHECK(dst_key_buildfilename(key, 0, NULL, &buf), "dst_key_" - "buildfilename()"); + CHECKM(dst_key_buildfilename(key, 0, NULL, &buf), + "dst_key_buildfilename()"); printf("%s\n", filename); dst_key_free(&key); diff --git a/bin/tests/system/tkey/keycreate.c b/bin/tests/system/tkey/keycreate.c index 7d023aabed..3d0c9e4246 100644 --- a/bin/tests/system/tkey/keycreate.c +++ b/bin/tests/system/tkey/keycreate.c @@ -40,7 +40,7 @@ #include #include -#define CHECK(str, x) \ +#define CHECKM(str, x) \ { \ if ((x) != ISC_R_SUCCESS) { \ fprintf(stderr, "I:%s: %s\n", (str), \ @@ -90,7 +90,7 @@ recvquery(isc_task_t *task, isc_event_t *event) { result = dns_request_getresponse(reqev->request, response, DNS_MESSAGEPARSE_PRESERVEORDER); - CHECK("dns_request_getresponse", result); + CHECKM("dns_request_getresponse", result); if (response->rcode != dns_rcode_noerror) { result = dns_result_fromrcode(response->rcode); @@ -101,19 +101,19 @@ recvquery(isc_task_t *task, isc_event_t *event) { result = dns_tkey_processdhresponse(query, response, ourkey, &nonce, &tsigkey, ring); - CHECK("dns_tkey_processdhresponse", result); + CHECKM("dns_tkey_processdhresponse", result); /* * Yes, this is a hack. */ isc_buffer_init(&keynamebuf, keyname, sizeof(keyname)); result = dst_key_buildfilename(tsigkey->key, 0, "", &keynamebuf); - CHECK("dst_key_buildfilename", result); + CHECKM("dst_key_buildfilename", result); printf("%.*s\n", (int)isc_buffer_usedlength(&keynamebuf), (char *)isc_buffer_base(&keynamebuf)); type = DST_TYPE_PRIVATE | DST_TYPE_PUBLIC | DST_TYPE_KEY; result = dst_key_tofile(tsigkey->key, type, ""); - CHECK("dst_key_tofile", result); + CHECKM("dst_key_tofile", result); dns_message_detach(&query); dns_message_detach(&response); @@ -141,7 +141,7 @@ sendquery(isc_task_t *task, isc_event_t *event) { result = ISC_R_FAILURE; if (inet_pton(AF_INET, ip_address, &inaddr) != 1) { - CHECK("inet_pton", result); + CHECKM("inet_pton", result); } isc_sockaddr_fromin(&address, &inaddr, port); @@ -150,18 +150,18 @@ sendquery(isc_task_t *task, isc_event_t *event) { isc_buffer_add(&namestr, 9); result = dns_name_fromtext(dns_fixedname_name(&keyname), &namestr, NULL, 0, NULL); - CHECK("dns_name_fromtext", result); + CHECKM("dns_name_fromtext", result); dns_fixedname_init(&ownername); isc_buffer_constinit(&namestr, ownername_str, strlen(ownername_str)); isc_buffer_add(&namestr, strlen(ownername_str)); result = dns_name_fromtext(dns_fixedname_name(&ownername), &namestr, NULL, 0, NULL); - CHECK("dns_name_fromtext", result); + CHECKM("dns_name_fromtext", result); isc_buffer_init(&keybuf, keydata, 9); result = isc_base64_decodestring(keystr, &keybuf); - CHECK("isc_base64_decodestring", result); + CHECKM("isc_base64_decodestring", result); isc_buffer_usedregion(&keybuf, &r); @@ -169,19 +169,19 @@ sendquery(isc_task_t *task, isc_event_t *event) { dns_fixedname_name(&keyname), DNS_TSIG_HMACMD5_NAME, isc_buffer_base(&keybuf), isc_buffer_usedlength(&keybuf), false, NULL, 0, 0, mctx, ring, &initialkey); - CHECK("dns_tsigkey_create", result); + CHECKM("dns_tsigkey_create", result); dns_message_create(mctx, DNS_MESSAGE_INTENTRENDER, &query); result = dns_tkey_builddhquery(query, ourkey, dns_fixedname_name(&ownername), DNS_TSIG_HMACMD5_NAME, &nonce, 3600); - CHECK("dns_tkey_builddhquery", result); + CHECKM("dns_tkey_builddhquery", result); result = dns_request_create(requestmgr, query, NULL, &address, DNS_REQUESTOPT_TCP, initialkey, TIMEOUT, 0, 0, task, recvquery, query, &request); - CHECK("dns_request_create", result); + CHECKM("dns_request_create", result); } int @@ -242,7 +242,7 @@ main(int argc, char *argv[]) { type = DST_TYPE_PUBLIC | DST_TYPE_PRIVATE | DST_TYPE_KEY; result = dst_key_fromnamedfile(ourkeyname, NULL, type, mctx, &ourkey); - CHECK("dst_key_fromnamedfile", result); + CHECKM("dst_key_fromnamedfile", result); isc_buffer_init(&nonce, noncedata, sizeof(noncedata)); isc_nonce_buf(noncedata, sizeof(noncedata)); diff --git a/bin/tests/system/tkey/keydelete.c b/bin/tests/system/tkey/keydelete.c index 8fc3aab06d..c4c8a40685 100644 --- a/bin/tests/system/tkey/keydelete.c +++ b/bin/tests/system/tkey/keydelete.c @@ -39,7 +39,7 @@ #include #include -#define CHECK(str, x) \ +#define CHECKM(str, x) \ { \ if ((x) != ISC_R_SUCCESS) { \ fprintf(stderr, "I:%s: %s\n", (str), \ @@ -81,7 +81,7 @@ recvquery(isc_task_t *task, isc_event_t *event) { result = dns_request_getresponse(reqev->request, response, DNS_MESSAGEPARSE_PRESERVEORDER); - CHECK("dns_request_getresponse", result); + CHECKM("dns_request_getresponse", result); if (response->rcode != dns_rcode_noerror) { result = dns_result_fromrcode(response->rcode); @@ -91,7 +91,7 @@ recvquery(isc_task_t *task, isc_event_t *event) { } result = dns_tkey_processdeleteresponse(query, response, ring); - CHECK("dns_tkey_processdhresponse", result); + CHECKM("dns_tkey_processdhresponse", result); dns_message_detach(&query); dns_message_detach(&response); @@ -113,19 +113,19 @@ sendquery(isc_task_t *task, isc_event_t *event) { result = ISC_R_FAILURE; if (inet_pton(AF_INET, ip_address, &inaddr) != 1) { - CHECK("inet_pton", result); + CHECKM("inet_pton", result); } isc_sockaddr_fromin(&address, &inaddr, port); dns_message_create(mctx, DNS_MESSAGE_INTENTRENDER, &query); result = dns_tkey_builddeletequery(query, tsigkey); - CHECK("dns_tkey_builddeletequery", result); + CHECKM("dns_tkey_builddeletequery", result); result = dns_request_create(requestmgr, query, NULL, &address, DNS_REQUESTOPT_TCP, tsigkey, TIMEOUT, 0, 0, task, recvquery, query, &request); - CHECK("dns_request_create", result); + CHECKM("dns_request_create", result); } int @@ -184,12 +184,12 @@ main(int argc, char **argv) { type = DST_TYPE_PUBLIC | DST_TYPE_PRIVATE | DST_TYPE_KEY; result = dst_key_fromnamedfile(keyname, NULL, type, mctx, &dstkey); - CHECK("dst_key_fromnamedfile", result); + CHECKM("dst_key_fromnamedfile", result); result = dns_tsigkey_createfromkey(dst_key_name(dstkey), DNS_TSIG_HMACMD5_NAME, dstkey, true, NULL, 0, 0, mctx, ring, &tsigkey); dst_key_free(&dstkey); - CHECK("dns_tsigkey_createfromkey", result); + CHECKM("dns_tsigkey_createfromkey", result); (void)isc_app_run(); diff --git a/bin/tools/mdig.c b/bin/tools/mdig.c index e1bbeb125b..90897574ff 100644 --- a/bin/tools/mdig.c +++ b/bin/tools/mdig.c @@ -56,7 +56,7 @@ #include -#define CHECK(str, x) \ +#define CHECKM(str, x) \ { \ if ((x) != ISC_R_SUCCESS) { \ fprintf(stderr, "mdig: %s failed with %s\n", (str), \ @@ -222,7 +222,7 @@ recvresponse(isc_task_t *task, isc_event_t *event) { msgbuf = dns_request_getanswer(reqev->request); result = dns_request_getresponse(reqev->request, response, parseflags); - CHECK("dns_request_getresponse", result); + CHECKM("dns_request_getresponse", result); styleflags |= DNS_STYLEFLAG_REL_OWNER; if (yaml) { @@ -278,7 +278,7 @@ recvresponse(isc_task_t *task, isc_event_t *event) { 48, 80, 8, display_splitwidth, mctx); } - CHECK("dns_master_stylecreate2", result); + CHECKM("dns_master_stylecreate2", result); flags = 0; if (!display_headers) { @@ -342,7 +342,7 @@ recvresponse(isc_task_t *task, isc_event_t *event) { printf(" %s:\n", "response_message_data"); result = dns_message_headertotext(response, style, flags, buf); - CHECK("dns_message_headertotext", result); + CHECKM("dns_message_headertotext", result); } else if (display_comments && !display_short_form) { printf(";; Got answer:\n"); @@ -405,7 +405,7 @@ repopulate_buffer: isc_buffer_allocate(mctx, &buf, len); goto repopulate_buffer; } - CHECK("dns_message_pseudosectiontotext", result); + CHECKM("dns_message_pseudosectiontotext", result); } if (display_question && display_headers && !display_short_form) { @@ -414,7 +414,7 @@ repopulate_buffer: if (result == ISC_R_NOSPACE) { goto buftoosmall; } - CHECK("dns_message_sectiontotext", result); + CHECKM("dns_message_sectiontotext", result); } if (display_answer && !display_short_form) { @@ -423,7 +423,7 @@ repopulate_buffer: if (result == ISC_R_NOSPACE) { goto buftoosmall; } - CHECK("dns_message_sectiontotext", result); + CHECKM("dns_message_sectiontotext", result); } else if (display_answer) { dns_name_t *name; dns_rdataset_t *rdataset; @@ -442,14 +442,14 @@ repopulate_buffer: dns_name_init(&empty_name, NULL); result = dns_message_firstname(response, DNS_SECTION_ANSWER); if (result != ISC_R_NOMORE) { - CHECK("dns_message_firstname", result); + CHECKM("dns_message_firstname", result); } for (;;) { if (result == ISC_R_NOMORE) { break; } - CHECK("dns_message_nextname", result); + CHECKM("dns_message_nextname", result); name = NULL; dns_message_currentname(response, DNS_SECTION_ANSWER, &name); @@ -467,7 +467,7 @@ repopulate_buffer: if (result == ISC_R_NOSPACE) { goto buftoosmall; } - CHECK("dns_rdata_tofmttext", result); + CHECKM("dns_rdata_tofmttext", result); loopresult = dns_rdataset_next(rdataset); dns_rdata_reset(&rdata); @@ -490,7 +490,7 @@ repopulate_buffer: if (result == ISC_R_NOSPACE) { goto buftoosmall; } - CHECK("dns_message_sectiontotext", result); + CHECKM("dns_message_sectiontotext", result); } if (display_additional && !display_short_form) { @@ -499,7 +499,7 @@ repopulate_buffer: if (result == ISC_R_NOSPACE) { goto buftoosmall; } - CHECK("dns_message_sectiontotext", result); + CHECKM("dns_message_sectiontotext", result); } if (display_additional && !display_short_form && display_headers) { @@ -511,13 +511,13 @@ repopulate_buffer: if (result == ISC_R_NOSPACE) { goto buftoosmall; } - CHECK("dns_message_pseudosectiontotext", result); + CHECKM("dns_message_pseudosectiontotext", result); result = dns_message_pseudosectiontotext( response, DNS_PSEUDOSECTION_SIG0, style, flags, buf); if (result == ISC_R_NOSPACE) { goto buftoosmall; } - CHECK("dns_message_pseudosectiontotext", result); + CHECKM("dns_message_pseudosectiontotext", result); } if (display_headers && display_comments && !display_short_form && !yaml) @@ -562,9 +562,9 @@ add_opt(dns_message_t *msg, uint16_t udpsize, uint16_t edns, unsigned int flags, result = dns_message_buildopt(msg, &rdataset, edns, udpsize, flags, opts, count); - CHECK("dns_message_buildopt", result); + CHECKM("dns_message_buildopt", result); result = dns_message_setopt(msg, rdataset); - CHECK("dns_message_setopt", result); + CHECKM("dns_message_setopt", result); } static void @@ -592,7 +592,7 @@ sendquery(struct query *query, isc_task_t *task) { isc_buffer_add(&buf, strlen(query->textname)); result = dns_name_fromtext(dns_fixedname_name(&queryname), &buf, dns_rootname, 0, NULL); - CHECK("dns_name_fromtext", result); + CHECKM("dns_name_fromtext", result); dns_message_create(mctx, DNS_MESSAGE_INTENTRENDER, &message); @@ -616,10 +616,10 @@ sendquery(struct query *query, isc_task_t *task) { message->id = (unsigned short)(random() & 0xFFFF); result = dns_message_gettempname(message, &qname); - CHECK("dns_message_gettempname", result); + CHECKM("dns_message_gettempname", result); result = dns_message_gettemprdataset(message, &qrdataset); - CHECK("dns_message_gettemprdataset", result); + CHECKM("dns_message_gettemprdataset", result); dns_name_clone(dns_fixedname_name(&queryname), qname); dns_rdataset_makequestion(qrdataset, query->rdclass, query->rdtype); @@ -668,7 +668,7 @@ sendquery(struct query *query, isc_task_t *task) { INSIST(i < DNS_EDNSOPTIONS); opts[i].code = DNS_OPT_CLIENT_SUBNET; opts[i].length = (uint16_t)addrl + 4; - CHECK("isc_buffer_allocate", result); + CHECKM("isc_buffer_allocate", result); isc_buffer_init(&b, ecsbuf, sizeof(ecsbuf)); if (sa->sa_family == AF_INET) { family = 1; @@ -713,7 +713,7 @@ sendquery(struct query *query, isc_task_t *task) { isc_buffer_init(&b, cookie, sizeof(cookie)); result = isc_hex_decodestring(query->cookie, &b); - CHECK("isc_hex_decodestring", result); + CHECKM("isc_hex_decodestring", result); opts[i].value = isc_buffer_base(&b); opts[i].length = isc_buffer_usedlength(&b); } else { @@ -756,7 +756,7 @@ sendquery(struct query *query, isc_task_t *task) { requestmgr, message, have_src ? &srcaddr : NULL, &dstaddr, options, NULL, query->timeout, query->udptimeout, query->udpretries, task, recvresponse, message, &request); - CHECK("dns_request_create", result); + CHECKM("dns_request_create", result); return ISC_R_SUCCESS; } @@ -973,7 +973,7 @@ save_opt(struct query *query, char *code, char *value) { buf = isc_mem_allocate(mctx, strlen(value) / 2 + 1); isc_buffer_init(&b, buf, strlen(value) / 2 + 1); result = isc_hex_decodestring(value, &b); - CHECK("isc_hex_decodestring", result); + CHECKM("isc_hex_decodestring", result); query->ednsopts[query->ednsoptscnt].value = isc_buffer_base(&b); query->ednsopts[query->ednsoptscnt].length = isc_buffer_usedlength(&b); @@ -1070,9 +1070,9 @@ reverse_octets(const char *in, char **p, char *end) { if (dot != NULL) { isc_result_t result; result = reverse_octets(dot + 1, p, end); - CHECK("reverse_octets", result); + CHECKM("reverse_octets", result); result = append(".", 1, p, end); - CHECK("append", result); + CHECKM("append", result); len = (int)(dot - in); } else { len = strlen(in); @@ -1096,7 +1096,7 @@ get_reverse(char *reverse, size_t len, const char *value) { name = dns_fixedname_initname(&fname); result = dns_byaddr_createptrname(&addr, options, name); - CHECK("dns_byaddr_createptrname2", result); + CHECKM("dns_byaddr_createptrname2", result); dns_name_format(name, reverse, (unsigned int)len); return; } else { @@ -1110,10 +1110,10 @@ get_reverse(char *reverse, size_t len, const char *value) { char *p = reverse; char *end = reverse + len; result = reverse_octets(value, &p, end); - CHECK("reverse_octets", result); + CHECKM("reverse_octets", result); /* Append .in-addr.arpa. and a terminating NUL. */ result = append(".in-addr.arpa.", 15, &p, end); - CHECK("append", result); + CHECKM("append", result); return; } } @@ -1230,7 +1230,7 @@ plus_option(char *option, struct query *query, bool global) { } result = parse_uint(&num, value, COMMSIZE, "buffer size"); - CHECK("parse_uint(buffer size)", result); + CHECKM("parse_uint(buffer size)", result); query->udpsize = num; break; case 'r': /* burst */ @@ -1346,8 +1346,8 @@ plus_option(char *option, struct query *query, bool global) { result = parse_uint(&num, value, 255, "edns"); - CHECK("parse_uint(edns)", - result); + CHECKM("parse_uint(edns)", + result); query->edns = num; break; case 'f': @@ -1363,8 +1363,8 @@ plus_option(char *option, struct query *query, bool global) { result = parse_xint( &num, value, 0xffff, "ednsflags"); - CHECK("parse_xint(ednsflags)", - result); + CHECKM("parse_xint(ednsflags)", + result); if (query->edns == -1) { query->edns = 1; } @@ -1446,7 +1446,7 @@ plus_option(char *option, struct query *query, bool global) { } result = parse_uint(&query->udpretries, value, MAXTRIES - 1, "udpretries"); - CHECK("parse_uint(udpretries)", result); + CHECKM("parse_uint(udpretries)", result); break; default: goto invalid_option; @@ -1510,7 +1510,7 @@ plus_option(char *option, struct query *query, bool global) { if (display_splitwidth) { display_splitwidth += 3; } - CHECK("parse_uint(split)", result); + CHECKM("parse_uint(split)", result); break; case 'u': /* subnet */ FULLCHECK("subnet"); @@ -1528,7 +1528,7 @@ plus_option(char *option, struct query *query, bool global) { query->edns = 0; } result = parse_netprefix(&query->ecs_addr, value); - CHECK("parse_netprefix", result); + CHECKM("parse_netprefix", result); break; default: goto invalid_option; @@ -1551,7 +1551,7 @@ plus_option(char *option, struct query *query, bool global) { } result = parse_uint(&query->timeout, value, MAXTIMEOUT, "timeout"); - CHECK("parse_uint(timeout)", result); + CHECKM("parse_uint(timeout)", result); if (query->timeout == 0) { query->timeout = 1; } @@ -1566,7 +1566,7 @@ plus_option(char *option, struct query *query, bool global) { } result = parse_uint(&query->udpretries, value, MAXTRIES, "udpretries"); - CHECK("parse_uint(udpretries)", result); + CHECKM("parse_uint(udpretries)", result); if (query->udpretries > 0) { query->udpretries -= 1; } @@ -1611,7 +1611,7 @@ plus_option(char *option, struct query *query, bool global) { } result = parse_uint(&query->udptimeout, value, MAXTIMEOUT, "udptimeout"); - CHECK("parse_uint(udptimeout)", result); + CHECKM("parse_uint(udptimeout)", result); break; case 'n': FULLCHECK("unknownformat"); @@ -1742,7 +1742,7 @@ dash_option(const char *option, char *next, struct query *query, bool global, if (hash != NULL) { result = parse_uint(&num, hash + 1, MAXPORT, "port number"); - CHECK("parse_uint(srcport)", result); + CHECKM("parse_uint(srcport)", result); srcport = num; *hash = '\0'; } else { @@ -1770,7 +1770,7 @@ dash_option(const char *option, char *next, struct query *query, bool global, tr.length = strlen(value); result = dns_rdataclass_fromtext(&rdclass, (isc_textregion_t *)&tr); - CHECK("dns_rdataclass_fromtext", result); + CHECKM("dns_rdataclass_fromtext", result); query->rdclass = rdclass; return value_from_next; case 'f': @@ -1779,7 +1779,7 @@ dash_option(const char *option, char *next, struct query *query, bool global, case 'p': GLOBAL(); result = parse_uint(&num, value, MAXPORT, "port number"); - CHECK("parse_uint(port)", result); + CHECKM("parse_uint(port)", result); port = num; return value_from_next; case 't': @@ -1787,7 +1787,7 @@ dash_option(const char *option, char *next, struct query *query, bool global, tr.length = strlen(value); result = dns_rdatatype_fromtext(&rdtype, (isc_textregion_t *)&tr); - CHECK("dns_rdatatype_fromtext", result); + CHECKM("dns_rdatatype_fromtext", result); query->rdtype = rdtype; return value_from_next; case 'x': diff --git a/fuzz/dns_rdata_fromwire_text.c b/fuzz/dns_rdata_fromwire_text.c index 11be4adb1c..790ab89997 100644 --- a/fuzz/dns_rdata_fromwire_text.c +++ b/fuzz/dns_rdata_fromwire_text.c @@ -47,7 +47,7 @@ LLVMFuzzerInitialize(int *argc __attribute__((unused)), isc_lexspecials_t specials; isc_mem_create(&mctx); - CHECK(isc_lex_create(mctx, 64, &lex)); + RETERR(isc_lex_create(mctx, 64, &lex)); memset(specials, 0, sizeof(specials)); specials[0] = 1; @@ -215,5 +215,6 @@ LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) { assert(target.used == size); assert(!memcmp(target.base, data, size)); +cleanup: return 0; } diff --git a/fuzz/fuzz.h b/fuzz/fuzz.h index 769f846815..1627aa1e01 100644 --- a/fuzz/fuzz.h +++ b/fuzz/fuzz.h @@ -37,9 +37,4 @@ LLVMFuzzerInitialize(int *argc __attribute__((unused)), int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size); -#define CHECK(x) \ - if ((x) != ISC_R_SUCCESS) { \ - return 0; \ - } - ISC_LANG_ENDDECLS diff --git a/fuzz/isc_lex_getmastertoken.c b/fuzz/isc_lex_getmastertoken.c index 972845f089..fb3a26c976 100644 --- a/fuzz/isc_lex_getmastertoken.c +++ b/fuzz/isc_lex_getmastertoken.c @@ -77,5 +77,6 @@ LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) { result = isc_lex_getmastertoken(lex, &token, expect, eol); } while (result == ISC_R_SUCCESS && token.type != isc_tokentype_eof); +cleanup: return 0; } diff --git a/fuzz/isc_lex_gettoken.c b/fuzz/isc_lex_gettoken.c index 39c876074b..d035df70ee 100644 --- a/fuzz/isc_lex_gettoken.c +++ b/fuzz/isc_lex_gettoken.c @@ -55,5 +55,6 @@ LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) { result = isc_lex_gettoken(lex, 0, &token); } while (result == ISC_R_SUCCESS); +cleanup: return 0; } diff --git a/lib/dns/client.c b/lib/dns/client.c index bde6ec61a3..bfaefd1753 100644 --- a/lib/dns/client.c +++ b/lib/dns/client.c @@ -60,13 +60,6 @@ #define UCTX_MAGIC ISC_MAGIC('U', 'c', 't', 'x') #define UCTX_VALID(c) ISC_MAGIC_VALID(c, UCTX_MAGIC) -#define CHECK(r) \ - do { \ - result = (r); \ - if (result != ISC_R_SUCCESS) \ - goto cleanup; \ - } while (0) - /*% * DNS client object */ diff --git a/lib/dns/diff.c b/lib/dns/diff.c index 067d3ce53d..a6a78f5d16 100644 --- a/lib/dns/diff.c +++ b/lib/dns/diff.c @@ -35,13 +35,6 @@ #include #include -#define CHECK(op) \ - do { \ - result = (op); \ - if (result != ISC_R_SUCCESS) \ - goto failure; \ - } while (0) - #define DIFF_COMMON_LOGARGS \ dns_lctx, DNS_LOGCATEGORY_GENERAL, DNS_LOGMODULE_DIFF @@ -486,7 +479,7 @@ diff_apply(dns_diff_t *diff, dns_db_t *db, dns_dbversion_t *ver, bool warn) { } return ISC_R_SUCCESS; -failure: +cleanup: if (node != NULL) { dns_db_detachnode(db, &node); } @@ -569,7 +562,7 @@ dns_diff_load(dns_diff_t *diff, dns_addrdatasetfunc_t addfunc, } } result = ISC_R_SUCCESS; -failure: +cleanup: return result; } diff --git a/lib/dns/dnssec.c b/lib/dns/dnssec.c index 400a41f16f..c7e922437c 100644 --- a/lib/dns/dnssec.c +++ b/lib/dns/dnssec.c @@ -46,13 +46,6 @@ isc_stats_t *dns_dnssec_stats; #define is_response(msg) ((msg->flags & DNS_MESSAGEFLAG_QR) != 0) -#define RETERR(x) \ - do { \ - result = (x); \ - if (result != ISC_R_SUCCESS) \ - goto failure; \ - } while (0) - #define TYPE_SIGN 0 #define TYPE_VERIFY 1 @@ -752,13 +745,13 @@ dns_dnssec_findzonekeys(dns_db_t *db, dns_dbversion_t *ver, dns_dbnode_t *node, *nkeys = 0; memset(keys, 0, sizeof(*keys) * maxkeys); dns_rdataset_init(&rdataset); - RETERR(dns_db_findrdataset(db, node, ver, dns_rdatatype_dnskey, 0, 0, - &rdataset, NULL)); - RETERR(dns_rdataset_first(&rdataset)); + CHECK(dns_db_findrdataset(db, node, ver, dns_rdatatype_dnskey, 0, 0, + &rdataset, NULL)); + CHECK(dns_rdataset_first(&rdataset)); while (result == ISC_R_SUCCESS && count < maxkeys) { pubkey = NULL; dns_rdataset_current(&rdataset, &rdata); - RETERR(dns_dnssec_keyfromrdata(name, &rdata, mctx, &pubkey)); + CHECK(dns_dnssec_keyfromrdata(name, &rdata, mctx, &pubkey)); dst_key_setttl(pubkey, rdataset.ttl); if (!is_zone_key(pubkey) || @@ -845,9 +838,7 @@ dns_dnssec_findzonekeys(dns_db_t *db, dns_dbversion_t *ver, dns_dbnode_t *node, goto next; } - if (result != ISC_R_SUCCESS) { - goto failure; - } + CHECK(result); /* * If a key is marked inactive, skip it @@ -881,7 +872,7 @@ dns_dnssec_findzonekeys(dns_db_t *db, dns_dbversion_t *ver, dns_dbnode_t *node, result = dns_rdataset_next(&rdataset); } if (result != ISC_R_NOMORE) { - goto failure; + goto cleanup; } if (count == 0) { result = ISC_R_NOTFOUND; @@ -889,7 +880,7 @@ dns_dnssec_findzonekeys(dns_db_t *db, dns_dbversion_t *ver, dns_dbnode_t *node, result = ISC_R_SUCCESS; } -failure: +cleanup: if (dns_rdataset_isassociated(&rdataset)) { dns_rdataset_disassociate(&rdataset); } @@ -961,25 +952,25 @@ dns_dnssec_signmessage(dns_message_t *msg, dst_key_t *key) { isc_buffer_init(&databuf, data, sizeof(data)); - RETERR(dst_context_create(key, mctx, DNS_LOGCATEGORY_DNSSEC, true, 0, - &ctx)); + CHECK(dst_context_create(key, mctx, DNS_LOGCATEGORY_DNSSEC, true, 0, + &ctx)); /* * Digest the fields of the SIG - we can cheat and use * dns_rdata_fromstruct. Since siglen is 0, the digested data * is identical to dns format. */ - RETERR(dns_rdata_fromstruct(NULL, dns_rdataclass_any, - dns_rdatatype_sig /* SIG(0) */, &sig, - &databuf)); + CHECK(dns_rdata_fromstruct(NULL, dns_rdataclass_any, + dns_rdatatype_sig /* SIG(0) */, &sig, + &databuf)); isc_buffer_usedregion(&databuf, &r); - RETERR(dst_context_adddata(ctx, &r)); + CHECK(dst_context_adddata(ctx, &r)); /* * If this is a response, digest the query. */ if (is_response(msg)) { - RETERR(dst_context_adddata(ctx, &msg->query)); + CHECK(dst_context_adddata(ctx, &msg->query)); } /* @@ -988,48 +979,48 @@ dns_dnssec_signmessage(dns_message_t *msg, dst_key_t *key) { isc_buffer_init(&headerbuf, header, sizeof(header)); dns_message_renderheader(msg, &headerbuf); isc_buffer_usedregion(&headerbuf, &r); - RETERR(dst_context_adddata(ctx, &r)); + CHECK(dst_context_adddata(ctx, &r)); /* * Digest the remainder of the message. */ isc_buffer_usedregion(msg->buffer, &r); isc_region_consume(&r, DNS_MESSAGE_HEADERLEN); - RETERR(dst_context_adddata(ctx, &r)); + CHECK(dst_context_adddata(ctx, &r)); - RETERR(dst_key_sigsize(key, &sigsize)); + CHECK(dst_key_sigsize(key, &sigsize)); sig.siglen = sigsize; sig.signature = isc_mem_get(mctx, sig.siglen); isc_buffer_init(&sigbuf, sig.signature, sig.siglen); - RETERR(dst_context_sign(ctx, &sigbuf)); + CHECK(dst_context_sign(ctx, &sigbuf)); dst_context_destroy(&ctx); rdata = NULL; - RETERR(dns_message_gettemprdata(msg, &rdata)); + CHECK(dns_message_gettemprdata(msg, &rdata)); isc_buffer_allocate(msg->mctx, &dynbuf, 1024); - RETERR(dns_rdata_fromstruct(rdata, dns_rdataclass_any, - dns_rdatatype_sig /* SIG(0) */, &sig, - dynbuf)); + CHECK(dns_rdata_fromstruct(rdata, dns_rdataclass_any, + dns_rdatatype_sig /* SIG(0) */, &sig, + dynbuf)); isc_mem_put(mctx, sig.signature, sig.siglen); dns_message_takebuffer(msg, &dynbuf); datalist = NULL; - RETERR(dns_message_gettemprdatalist(msg, &datalist)); + CHECK(dns_message_gettemprdatalist(msg, &datalist)); datalist->rdclass = dns_rdataclass_any; datalist->type = dns_rdatatype_sig; /* SIG(0) */ ISC_LIST_APPEND(datalist->rdata, rdata, link); dataset = NULL; - RETERR(dns_message_gettemprdataset(msg, &dataset)); + CHECK(dns_message_gettemprdataset(msg, &dataset)); RUNTIME_CHECK(dns_rdatalist_tordataset(datalist, dataset) == ISC_R_SUCCESS); msg->sig0 = dataset; return ISC_R_SUCCESS; -failure: +cleanup: if (dynbuf != NULL) { isc_buffer_free(&dynbuf); } @@ -1075,21 +1066,19 @@ dns_dnssec_verifymessage(isc_buffer_t *source, dns_message_t *msg, isc_buffer_usedregion(source, &source_r); - RETERR(dns_rdataset_first(msg->sig0)); + CHECK(dns_rdataset_first(msg->sig0)); dns_rdataset_current(msg->sig0, &rdata); - RETERR(dns_rdata_tostruct(&rdata, &sig, NULL)); + CHECK(dns_rdata_tostruct(&rdata, &sig, NULL)); signeedsfree = true; if (sig.labels != 0) { - result = DNS_R_SIGINVALID; - goto failure; + CHECK(DNS_R_SIGINVALID); } if (isc_serial_lt(sig.timeexpire, sig.timesigned)) { - result = DNS_R_SIGINVALID; msg->sig0status = dns_tsigerror_badtime; - goto failure; + CHECK(DNS_R_SIGINVALID); } if (msg->fuzzing) { @@ -1099,36 +1088,33 @@ dns_dnssec_verifymessage(isc_buffer_t *source, dns_message_t *msg, } if (isc_serial_lt((uint32_t)now, sig.timesigned)) { - result = DNS_R_SIGFUTURE; msg->sig0status = dns_tsigerror_badtime; - goto failure; + CHECK(DNS_R_SIGFUTURE); } else if (isc_serial_lt(sig.timeexpire, (uint32_t)now)) { - result = DNS_R_SIGEXPIRED; msg->sig0status = dns_tsigerror_badtime; - goto failure; + CHECK(DNS_R_SIGEXPIRED); } if (!dns_name_equal(dst_key_name(key), &sig.signer)) { - result = DNS_R_SIGINVALID; msg->sig0status = dns_tsigerror_badkey; - goto failure; + CHECK(DNS_R_SIGINVALID); } - RETERR(dst_context_create(key, mctx, DNS_LOGCATEGORY_DNSSEC, false, 0, - &ctx)); + CHECK(dst_context_create(key, mctx, DNS_LOGCATEGORY_DNSSEC, false, 0, + &ctx)); /* * Digest the SIG(0) record, except for the signature. */ dns_rdata_toregion(&rdata, &r); r.length -= sig.siglen; - RETERR(dst_context_adddata(ctx, &r)); + CHECK(dst_context_adddata(ctx, &r)); /* * If this is a response, digest the query. */ if (is_response(msg)) { - RETERR(dst_context_adddata(ctx, &msg->query)); + CHECK(dst_context_adddata(ctx, &msg->query)); } /* @@ -1149,21 +1135,21 @@ dns_dnssec_verifymessage(isc_buffer_t *source, dns_message_t *msg, */ header_r.base = (unsigned char *)header; header_r.length = DNS_MESSAGE_HEADERLEN; - RETERR(dst_context_adddata(ctx, &header_r)); + CHECK(dst_context_adddata(ctx, &header_r)); /* * Digest all non-SIG(0) records. */ r.base = source_r.base + DNS_MESSAGE_HEADERLEN; r.length = msg->sigstart - DNS_MESSAGE_HEADERLEN; - RETERR(dst_context_adddata(ctx, &r)); + CHECK(dst_context_adddata(ctx, &r)); sig_r.base = sig.signature; sig_r.length = sig.siglen; result = dst_context_verify(ctx, &sig_r); if (result != ISC_R_SUCCESS) { msg->sig0status = dns_tsigerror_badsig; - goto failure; + goto cleanup; } msg->verified_sig = 1; @@ -1174,7 +1160,7 @@ dns_dnssec_verifymessage(isc_buffer_t *source, dns_message_t *msg, return ISC_R_SUCCESS; -failure: +cleanup: if (signeedsfree) { dns_rdata_freestruct(&sig); } @@ -1395,14 +1381,14 @@ dns_dnssec_findmatchingkeys(const dns_name_t *origin, const char *directory, isc_dir_init(&dir); isc_buffer_init(&b, namebuf, sizeof(namebuf) - 1); - RETERR(dns_name_tofilenametext(origin, false, &b)); + CHECK(dns_name_tofilenametext(origin, false, &b)); len = isc_buffer_usedlength(&b); namebuf[len] = '\0'; if (directory == NULL) { directory = "."; } - RETERR(isc_dir_open(&dir, directory)); + CHECK(isc_dir_open(&dir, directory)); dir_open = true; while (isc_dir_read(&dir) == ISC_R_SUCCESS) { @@ -1479,7 +1465,7 @@ dns_dnssec_findmatchingkeys(const dns_name_t *origin, const char *directory, continue; } - RETERR(dns_dnsseckey_create(mctx, &dstkey, &key)); + CHECK(dns_dnsseckey_create(mctx, &dstkey, &key)); key->source = dns_keysource_repository; dns_dnssec_get_hints(key, now); @@ -1498,7 +1484,7 @@ dns_dnssec_findmatchingkeys(const dns_name_t *origin, const char *directory, result = ISC_R_NOTFOUND; } -failure: +cleanup: if (dir_open) { isc_dir_close(&dir); } @@ -1658,7 +1644,7 @@ dns_dnssec_keylistfromrdataset(const dns_name_t *origin, const char *directory, goto skip; } - RETERR(dns_dnssec_keyfromrdata(origin, &rdata, mctx, &dnskey)); + CHECK(dns_dnssec_keyfromrdata(origin, &rdata, mctx, &dnskey)); dst_key_setttl(dnskey, keys.ttl); if (!is_zone_key(dnskey)) { @@ -1671,7 +1657,7 @@ dns_dnssec_keylistfromrdataset(const dns_name_t *origin, const char *directory, } if (publickey) { - RETERR(addkey(keylist, &dnskey, savekeys, mctx)); + CHECK(addkey(keylist, &dnskey, savekeys, mctx)); goto skip; } @@ -1683,7 +1669,7 @@ dns_dnssec_keylistfromrdataset(const dns_name_t *origin, const char *directory, if (result == ISC_R_FILENOTFOUND || result == ISC_R_NOPERM) { result = ISC_R_SUCCESS; } - RETERR(result); + CHECK(result); /* Now read the private key. */ result = dst_key_fromfile( @@ -1754,15 +1740,13 @@ dns_dnssec_keylistfromrdataset(const dns_name_t *origin, const char *directory, if (result == ISC_R_FILENOTFOUND || result == ISC_R_NOPERM) { if (pubkey != NULL) { - RETERR(addkey(keylist, &pubkey, savekeys, - mctx)); + CHECK(addkey(keylist, &pubkey, savekeys, mctx)); } else { - RETERR(addkey(keylist, &dnskey, savekeys, - mctx)); + CHECK(addkey(keylist, &dnskey, savekeys, mctx)); } goto skip; } - RETERR(result); + CHECK(result); /* * Whatever the key's default TTL may have @@ -1770,7 +1754,7 @@ dns_dnssec_keylistfromrdataset(const dns_name_t *origin, const char *directory, */ dst_key_setttl(privkey, dst_key_getttl(dnskey)); - RETERR(addkey(keylist, &privkey, savekeys, mctx)); + CHECK(addkey(keylist, &privkey, savekeys, mctx)); skip: if (dnskey != NULL) { dst_key_free(&dnskey); @@ -1784,20 +1768,20 @@ dns_dnssec_keylistfromrdataset(const dns_name_t *origin, const char *directory, } if (result != ISC_R_NOMORE) { - RETERR(result); + CHECK(result); } if (keysigs != NULL && dns_rdataset_isassociated(keysigs)) { - RETERR(mark_active_keys(keylist, keysigs)); + CHECK(mark_active_keys(keylist, keysigs)); } if (soasigs != NULL && dns_rdataset_isassociated(soasigs)) { - RETERR(mark_active_keys(keylist, soasigs)); + CHECK(mark_active_keys(keylist, soasigs)); } result = ISC_R_SUCCESS; -failure: +cleanup: if (dns_rdataset_isassociated(&keys)) { dns_rdataset_disassociate(&keys); } @@ -1836,29 +1820,25 @@ dns_dnssec_make_dnskey(dst_key_t *key, unsigned char *buf, int bufsize, static isc_result_t addrdata(dns_rdata_t *rdata, dns_diff_t *diff, const dns_name_t *origin, dns_ttl_t ttl, isc_mem_t *mctx) { - isc_result_t result; dns_difftuple_t *tuple = NULL; RETERR(dns_difftuple_create(mctx, DNS_DIFFOP_ADD, origin, ttl, rdata, &tuple)); dns_diff_appendminimal(diff, &tuple); -failure: - return result; + return ISC_R_SUCCESS; } static isc_result_t delrdata(dns_rdata_t *rdata, dns_diff_t *diff, const dns_name_t *origin, dns_ttl_t ttl, isc_mem_t *mctx) { - isc_result_t result; dns_difftuple_t *tuple = NULL; RETERR(dns_difftuple_create(mctx, DNS_DIFFOP_DEL, origin, ttl, rdata, &tuple)); dns_diff_appendminimal(diff, &tuple); -failure: - return result; + return ISC_R_SUCCESS; } static isc_result_t @@ -1871,7 +1851,7 @@ publish_key(dns_diff_t *diff, dns_dnsseckey_t *key, const dns_name_t *origin, dns_rdata_t dnskey = DNS_RDATA_INIT; dns_rdata_reset(&dnskey); - RETERR(dns_dnssec_make_dnskey(key->key, buf, sizeof(buf), &dnskey)); + CHECK(dns_dnssec_make_dnskey(key->key, buf, sizeof(buf), &dnskey)); dst_key_format(key->key, keystr, sizeof(keystr)); report("Fetching %s (%s) from key %s.", keystr, @@ -1892,7 +1872,7 @@ publish_key(dns_diff_t *diff, dns_dnsseckey_t *key, const dns_name_t *origin, /* publish key */ result = addrdata(&dnskey, diff, origin, ttl, mctx); -failure: +cleanup: return result; } @@ -1911,10 +1891,10 @@ remove_key(dns_diff_t *diff, dns_dnsseckey_t *key, const dns_name_t *origin, report("Removing %s key %s/%d/%s from DNSKEY RRset.", reason, namebuf, dst_key_id(key->key), alg); - RETERR(dns_dnssec_make_dnskey(key->key, buf, sizeof(buf), &dnskey)); + CHECK(dns_dnssec_make_dnskey(key->key, buf, sizeof(buf), &dnskey)); result = delrdata(&dnskey, diff, origin, ttl, mctx); -failure: +cleanup: return result; } @@ -1972,8 +1952,8 @@ dns_dnssec_syncupdate(dns_dnsseckeylist_t *keys, dns_dnsseckeylist_t *rmkeys, dns_rdata_t cdnskeyrdata = DNS_RDATA_INIT; dns_name_t *origin = dst_key_name(key->key); - RETERR(dns_dnssec_make_dnskey(key->key, keybuf, sizeof(keybuf), - &cdnskeyrdata)); + CHECK(dns_dnssec_make_dnskey(key->key, keybuf, sizeof(keybuf), + &cdnskeyrdata)); /* * We construct the SHA-1 version of the record so we can @@ -1983,11 +1963,11 @@ dns_dnssec_syncupdate(dns_dnsseckeylist_t *keys, dns_dnsseckeylist_t *rmkeys, * XXXMPA we need to be able to specify the DS algorithms * to be used here and below with rmkeys. */ - RETERR(dns_ds_buildrdata(origin, &cdnskeyrdata, - DNS_DSDIGEST_SHA1, dsbuf1, &cds_sha1)); - RETERR(dns_ds_buildrdata(origin, &cdnskeyrdata, - DNS_DSDIGEST_SHA256, dsbuf2, - &cds_sha256)); + CHECK(dns_ds_buildrdata(origin, &cdnskeyrdata, + DNS_DSDIGEST_SHA1, dsbuf1, &cds_sha1)); + CHECK(dns_ds_buildrdata(origin, &cdnskeyrdata, + DNS_DSDIGEST_SHA256, dsbuf2, + &cds_sha256)); /* * Now that the we have created the DS records convert @@ -2009,8 +1989,8 @@ dns_dnssec_syncupdate(dns_dnsseckeylist_t *keys, dns_dnsseckeylist_t *rmkeys, DNS_LOGMODULE_DNSSEC, ISC_LOG_INFO, "CDNSKEY for key %s is now published", keystr); - RETERR(addrdata(&cdnskeyrdata, diff, origin, - cdnskeyttl, mctx)); + CHECK(addrdata(&cdnskeyrdata, diff, origin, + cdnskeyttl, mctx)); } /* Only publish SHA-256 (SHA-1 is deprecated) */ if (!dns_rdataset_isassociated(cds) || @@ -2021,8 +2001,8 @@ dns_dnssec_syncupdate(dns_dnsseckeylist_t *keys, dns_dnsseckeylist_t *rmkeys, ISC_LOG_INFO, "CDS for key %s is now published", keystr); - RETERR(addrdata(&cds_sha256, diff, origin, - cdsttl, mctx)); + CHECK(addrdata(&cds_sha256, diff, origin, + cdsttl, mctx)); } } @@ -2040,8 +2020,8 @@ dns_dnssec_syncupdate(dns_dnsseckeylist_t *keys, dns_dnsseckeylist_t *rmkeys, "CDS (SHA-1) for key %s " "is now deleted", keystr); - RETERR(delrdata(&cds_sha1, diff, origin, - cds->ttl, mctx)); + CHECK(delrdata(&cds_sha1, diff, origin, + cds->ttl, mctx)); } if (exists(cds, &cds_sha256)) { isc_log_write(dns_lctx, @@ -2051,9 +2031,8 @@ dns_dnssec_syncupdate(dns_dnsseckeylist_t *keys, dns_dnsseckeylist_t *rmkeys, "CDS (SHA-256) for key " "%s is now deleted", keystr); - RETERR(delrdata(&cds_sha256, diff, - origin, cds->ttl, - mctx)); + CHECK(delrdata(&cds_sha256, diff, + origin, cds->ttl, mctx)); } } @@ -2066,9 +2045,9 @@ dns_dnssec_syncupdate(dns_dnsseckeylist_t *keys, dns_dnsseckeylist_t *rmkeys, "CDNSKEY for key %s is " "now deleted", keystr); - RETERR(delrdata(&cdnskeyrdata, diff, - origin, cdnskey->ttl, - mctx)); + CHECK(delrdata(&cdnskeyrdata, diff, + origin, cdnskey->ttl, + mctx)); } } } @@ -2094,24 +2073,24 @@ dns_dnssec_syncupdate(dns_dnsseckeylist_t *keys, dns_dnsseckeylist_t *rmkeys, char keystr[DST_KEY_FORMATSIZE]; dst_key_format(key->key, keystr, sizeof(keystr)); - RETERR(dns_dnssec_make_dnskey(key->key, keybuf, sizeof(keybuf), - &cdnskeyrdata)); + CHECK(dns_dnssec_make_dnskey(key->key, keybuf, sizeof(keybuf), + &cdnskeyrdata)); if (dns_rdataset_isassociated(cds)) { - RETERR(dns_ds_buildrdata(origin, &cdnskeyrdata, - DNS_DSDIGEST_SHA1, dsbuf1, - &cds_sha1)); - RETERR(dns_ds_buildrdata(origin, &cdnskeyrdata, - DNS_DSDIGEST_SHA256, dsbuf2, - &cds_sha256)); + CHECK(dns_ds_buildrdata(origin, &cdnskeyrdata, + DNS_DSDIGEST_SHA1, dsbuf1, + &cds_sha1)); + CHECK(dns_ds_buildrdata(origin, &cdnskeyrdata, + DNS_DSDIGEST_SHA256, dsbuf2, + &cds_sha256)); if (exists(cds, &cds_sha1)) { isc_log_write( dns_lctx, DNS_LOGCATEGORY_GENERAL, DNS_LOGMODULE_DNSSEC, ISC_LOG_INFO, "CDS (SHA-1) for key %s is now deleted", keystr); - RETERR(delrdata(&cds_sha1, diff, origin, - cds->ttl, mctx)); + CHECK(delrdata(&cds_sha1, diff, origin, + cds->ttl, mctx)); } if (exists(cds, &cds_sha256)) { isc_log_write(dns_lctx, DNS_LOGCATEGORY_GENERAL, @@ -2120,8 +2099,8 @@ dns_dnssec_syncupdate(dns_dnsseckeylist_t *keys, dns_dnsseckeylist_t *rmkeys, "CDS (SHA-256) for key %s is now " "deleted", keystr); - RETERR(delrdata(&cds_sha256, diff, origin, - cds->ttl, mctx)); + CHECK(delrdata(&cds_sha256, diff, origin, + cds->ttl, mctx)); } } @@ -2132,15 +2111,15 @@ dns_dnssec_syncupdate(dns_dnsseckeylist_t *keys, dns_dnsseckeylist_t *rmkeys, DNS_LOGMODULE_DNSSEC, ISC_LOG_INFO, "CDNSKEY for key %s is now deleted", keystr); - RETERR(delrdata(&cdnskeyrdata, diff, origin, - cdnskey->ttl, mctx)); + CHECK(delrdata(&cdnskeyrdata, diff, origin, + cdnskey->ttl, mctx)); } } } result = ISC_R_SUCCESS; -failure: +cleanup: return result; } @@ -2149,13 +2128,13 @@ dns_dnssec_syncdelete(dns_rdataset_t *cds, dns_rdataset_t *cdnskey, dns_name_t *origin, dns_rdataclass_t zclass, dns_ttl_t ttl, dns_diff_t *diff, isc_mem_t *mctx, bool expect_cds_delete, bool expect_cdnskey_delete) { + isc_result_t result; unsigned char dsbuf[5] = { 0, 0, 0, 0, 0 }; /* CDS DELETE rdata */ unsigned char keybuf[5] = { 0, 0, 3, 0, 0 }; /* CDNSKEY DELETE rdata */ char namebuf[DNS_NAME_FORMATSIZE]; dns_rdata_t cds_delete = DNS_RDATA_INIT; dns_rdata_t cdnskey_delete = DNS_RDATA_INIT; isc_region_t r; - isc_result_t result; r.base = keybuf; r.length = sizeof(keybuf); @@ -2177,7 +2156,7 @@ dns_dnssec_syncdelete(dns_rdataset_t *cds, dns_rdataset_t *cdnskey, "CDS (DELETE) for zone %s is now " "published", namebuf); - RETERR(addrdata(&cds_delete, diff, origin, ttl, mctx)); + CHECK(addrdata(&cds_delete, diff, origin, ttl, mctx)); } } else { if (dns_rdataset_isassociated(cds) && exists(cds, &cds_delete)) @@ -2187,8 +2166,8 @@ dns_dnssec_syncdelete(dns_rdataset_t *cds, dns_rdataset_t *cdnskey, "CDS (DELETE) for zone %s is now " "deleted", namebuf); - RETERR(delrdata(&cds_delete, diff, origin, cds->ttl, - mctx)); + CHECK(delrdata(&cds_delete, diff, origin, cds->ttl, + mctx)); } } @@ -2201,8 +2180,8 @@ dns_dnssec_syncdelete(dns_rdataset_t *cds, dns_rdataset_t *cdnskey, "CDNSKEY (DELETE) for zone %s is now " "published", namebuf); - RETERR(addrdata(&cdnskey_delete, diff, origin, ttl, - mctx)); + CHECK(addrdata(&cdnskey_delete, diff, origin, ttl, + mctx)); } } else { if (dns_rdataset_isassociated(cdnskey) && @@ -2213,15 +2192,13 @@ dns_dnssec_syncdelete(dns_rdataset_t *cds, dns_rdataset_t *cdnskey, "CDNSKEY (DELETE) for zone %s is now " "deleted", namebuf); - RETERR(delrdata(&cdnskey_delete, diff, origin, - cdnskey->ttl, mctx)); + CHECK(delrdata(&cdnskey_delete, diff, origin, + cdnskey->ttl, mctx)); } } - result = ISC_R_SUCCESS; - -failure: - return result; +cleanup: + return ISC_R_SUCCESS; } /* @@ -2255,8 +2232,8 @@ dns_dnssec_updatekeys(dns_dnsseckeylist_t *keys, dns_dnsseckeylist_t *newkeys, if (key->source == dns_keysource_user && (key->hint_publish || key->force_publish)) { - RETERR(publish_key(diff, key, origin, ttl, mctx, - report)); + CHECK(publish_key(diff, key, origin, ttl, mctx, + report)); } if (key->source == dns_keysource_zoneapex) { ttl = dst_key_getttl(key->key); @@ -2330,8 +2307,8 @@ dns_dnssec_updatekeys(dns_dnsseckeylist_t *keys, dns_dnsseckeylist_t *newkeys, if (key1->source != dns_keysource_zoneapex && (key1->hint_publish || key1->force_publish)) { - RETERR(publish_key(diff, key1, origin, ttl, - mctx, report)); + CHECK(publish_key(diff, key1, origin, ttl, mctx, + report)); isc_log_write( dns_lctx, DNS_LOGCATEGORY_DNSSEC, DNS_LOGMODULE_DNSSEC, ISC_LOG_INFO, @@ -2366,8 +2343,8 @@ dns_dnssec_updatekeys(dns_dnsseckeylist_t *keys, dns_dnsseckeylist_t *newkeys, /* Match found: remove or update it as needed */ if (key1->hint_remove) { - RETERR(remove_key(diff, key2, origin, ttl, mctx, - "expired", report)); + CHECK(remove_key(diff, key2, origin, ttl, mctx, + "expired", report)); ISC_LIST_UNLINK(*keys, key2, link); if (removed != NULL) { @@ -2390,8 +2367,8 @@ dns_dnssec_updatekeys(dns_dnsseckeylist_t *keys, dns_dnsseckeylist_t *newkeys, * We need to remove the old version and pull * in the new one. */ - RETERR(remove_key(diff, key2, origin, ttl, mctx, - "revoked", report)); + CHECK(remove_key(diff, key2, origin, ttl, mctx, + "revoked", report)); ISC_LIST_UNLINK(*keys, key2, link); if (removed != NULL) { ISC_LIST_APPEND(*removed, key2, link); @@ -2408,8 +2385,8 @@ dns_dnssec_updatekeys(dns_dnsseckeylist_t *keys, dns_dnsseckeylist_t *newkeys, dns_dnsseckey_destroy(mctx, &key2); } - RETERR(publish_key(diff, key1, origin, ttl, mctx, - report)); + CHECK(publish_key(diff, key1, origin, ttl, mctx, + report)); ISC_LIST_UNLINK(*newkeys, key1, link); ISC_LIST_APPEND(*keys, key1, link); @@ -2460,7 +2437,7 @@ dns_dnssec_updatekeys(dns_dnsseckeylist_t *keys, dns_dnsseckeylist_t *newkeys, result = ISC_R_SUCCESS; -failure: +cleanup: return result; } diff --git a/lib/dns/dnstap.c b/lib/dns/dnstap.c index b515b6e6ac..eb94336e8d 100644 --- a/lib/dns/dnstap.c +++ b/lib/dns/dnstap.c @@ -124,13 +124,6 @@ struct dns_dtenv { isc_stats_t *stats; }; -#define CHECK(x) \ - do { \ - result = (x); \ - if (result != ISC_R_SUCCESS) \ - goto cleanup; \ - } while (0) - typedef struct ioq { unsigned int generation; struct fstrm_iothr_queue *ioq; diff --git a/lib/dns/dst_api.c b/lib/dns/dst_api.c index 5ee6098777..e0c22eb7f5 100644 --- a/lib/dns/dst_api.c +++ b/lib/dns/dst_api.c @@ -68,35 +68,35 @@ #define DST_AS_STR(t) ((t).value.as_textregion.base) -#define NEXTTOKEN(lex, opt, token) \ - { \ - ret = isc_lex_gettoken(lex, opt, token); \ - if (ret != ISC_R_SUCCESS) \ - goto cleanup; \ +#define NEXTTOKEN(lex, opt, token) \ + { \ + CHECK(isc_lex_gettoken(lex, opt, token)); \ } -#define NEXTTOKEN_OR_EOF(lex, opt, token) \ - do { \ - ret = isc_lex_gettoken(lex, opt, token); \ - if (ret == ISC_R_EOF) \ - break; \ - if (ret != ISC_R_SUCCESS) \ - goto cleanup; \ +#define NEXTTOKEN_OR_EOF(lex, opt, token) \ + do { \ + result = isc_lex_gettoken(lex, opt, token); \ + if (result == ISC_R_EOF) { \ + break; \ + } \ + if (result != ISC_R_SUCCESS) { \ + goto cleanup; \ + } \ } while ((*token).type == isc_tokentype_eol); -#define READLINE(lex, opt, token) \ - do { \ - ret = isc_lex_gettoken(lex, opt, token); \ - if (ret == ISC_R_EOF) \ - break; \ - if (ret != ISC_R_SUCCESS) \ - goto cleanup; \ +#define READLINE(lex, opt, token) \ + do { \ + result = isc_lex_gettoken(lex, opt, token); \ + if (result == ISC_R_EOF) \ + break; \ + if (result != ISC_R_SUCCESS) \ + goto cleanup; \ } while ((*token).type != isc_tokentype_eol) -#define BADTOKEN() \ - { \ - ret = ISC_R_UNEXPECTEDTOKEN; \ - goto cleanup; \ +#define BADTOKEN() \ + { \ + result = ISC_R_UNEXPECTEDTOKEN; \ + goto cleanup; \ } #define NUMERIC_NTAGS (DST_MAX_NUMERIC + 1) @@ -174,13 +174,6 @@ static isc_result_t addsuffix(char *filename, int len, const char *dirname, const char *ofilename, const char *suffix); -#define RETERR(x) \ - do { \ - result = (x); \ - if (result != ISC_R_SUCCESS) \ - goto out; \ - } while (0) - #define CHECKALG(alg) \ do { \ isc_result_t _r; \ @@ -199,39 +192,39 @@ dst_lib_init(isc_mem_t *mctx, const char *engine) { UNUSED(engine); memset(dst_t_func, 0, sizeof(dst_t_func)); - RETERR(dst__hmacmd5_init(&dst_t_func[DST_ALG_HMACMD5])); - RETERR(dst__hmacsha1_init(&dst_t_func[DST_ALG_HMACSHA1])); - RETERR(dst__hmacsha224_init(&dst_t_func[DST_ALG_HMACSHA224])); - RETERR(dst__hmacsha256_init(&dst_t_func[DST_ALG_HMACSHA256])); - RETERR(dst__hmacsha384_init(&dst_t_func[DST_ALG_HMACSHA384])); - RETERR(dst__hmacsha512_init(&dst_t_func[DST_ALG_HMACSHA512])); - RETERR(dst__openssl_init(engine)); - RETERR(dst__openssldh_init(&dst_t_func[DST_ALG_DH])); - RETERR(dst__opensslrsa_init(&dst_t_func[DST_ALG_RSASHA1], - DST_ALG_RSASHA1)); - RETERR(dst__opensslrsa_init(&dst_t_func[DST_ALG_NSEC3RSASHA1], - DST_ALG_NSEC3RSASHA1)); - RETERR(dst__opensslrsa_init(&dst_t_func[DST_ALG_RSASHA256], - DST_ALG_RSASHA256)); - RETERR(dst__opensslrsa_init(&dst_t_func[DST_ALG_RSASHA512], - DST_ALG_RSASHA512)); - RETERR(dst__opensslecdsa_init(&dst_t_func[DST_ALG_ECDSA256])); - RETERR(dst__opensslecdsa_init(&dst_t_func[DST_ALG_ECDSA384])); + CHECK(dst__hmacmd5_init(&dst_t_func[DST_ALG_HMACMD5])); + CHECK(dst__hmacsha1_init(&dst_t_func[DST_ALG_HMACSHA1])); + CHECK(dst__hmacsha224_init(&dst_t_func[DST_ALG_HMACSHA224])); + CHECK(dst__hmacsha256_init(&dst_t_func[DST_ALG_HMACSHA256])); + CHECK(dst__hmacsha384_init(&dst_t_func[DST_ALG_HMACSHA384])); + CHECK(dst__hmacsha512_init(&dst_t_func[DST_ALG_HMACSHA512])); + CHECK(dst__openssl_init(engine)); + CHECK(dst__openssldh_init(&dst_t_func[DST_ALG_DH])); + CHECK(dst__opensslrsa_init(&dst_t_func[DST_ALG_RSASHA1], + DST_ALG_RSASHA1)); + CHECK(dst__opensslrsa_init(&dst_t_func[DST_ALG_NSEC3RSASHA1], + DST_ALG_NSEC3RSASHA1)); + CHECK(dst__opensslrsa_init(&dst_t_func[DST_ALG_RSASHA256], + DST_ALG_RSASHA256)); + CHECK(dst__opensslrsa_init(&dst_t_func[DST_ALG_RSASHA512], + DST_ALG_RSASHA512)); + CHECK(dst__opensslecdsa_init(&dst_t_func[DST_ALG_ECDSA256])); + CHECK(dst__opensslecdsa_init(&dst_t_func[DST_ALG_ECDSA384])); #ifdef HAVE_OPENSSL_ED25519 - RETERR(dst__openssleddsa_init(&dst_t_func[DST_ALG_ED25519])); + CHECK(dst__openssleddsa_init(&dst_t_func[DST_ALG_ED25519])); #endif /* ifdef HAVE_OPENSSL_ED25519 */ #ifdef HAVE_OPENSSL_ED448 - RETERR(dst__openssleddsa_init(&dst_t_func[DST_ALG_ED448])); + CHECK(dst__openssleddsa_init(&dst_t_func[DST_ALG_ED448])); #endif /* ifdef HAVE_OPENSSL_ED448 */ #if HAVE_GSSAPI - RETERR(dst__gssapi_init(&dst_t_func[DST_ALG_GSSAPI])); + CHECK(dst__gssapi_init(&dst_t_func[DST_ALG_GSSAPI])); #endif /* HAVE_GSSAPI */ dst_initialized = true; return ISC_R_SUCCESS; -out: +cleanup: /* avoid immediate crash! */ dst_initialized = true; dst_lib_destroy(); @@ -428,9 +421,6 @@ dst_key_computesecret(const dst_key_t *pub, const dst_key_t *priv, isc_result_t dst_key_tofile(const dst_key_t *key, int type, const char *directory) { - isc_result_t ret = ISC_R_SUCCESS; - - REQUIRE(dst_initialized); REQUIRE(VALID_KEY(key)); REQUIRE((type & (DST_TYPE_PRIVATE | DST_TYPE_PUBLIC | DST_TYPE_STATE)) != 0); @@ -442,17 +432,11 @@ dst_key_tofile(const dst_key_t *key, int type, const char *directory) { } if ((type & DST_TYPE_PUBLIC) != 0) { - ret = write_public_key(key, type, directory); - if (ret != ISC_R_SUCCESS) { - return ret; - } + RETERR(write_public_key(key, type, directory)); } if ((type & DST_TYPE_STATE) != 0) { - ret = write_key_state(key, type, directory); - if (ret != ISC_R_SUCCESS) { - return ret; - } + RETERR(write_key_state(key, type, directory)); } if (((type & DST_TYPE_PRIVATE) != 0) && @@ -545,32 +529,20 @@ dst_key_fromfile(dns_name_t *name, dns_keytag_t id, unsigned int alg, int type, key = NULL; isc_buffer_init(&buf, filename, NAME_MAX); - result = dst_key_getfilename(name, id, alg, type, NULL, mctx, &buf); - if (result != ISC_R_SUCCESS) { - goto out; - } - - result = dst_key_fromnamedfile(filename, directory, type, mctx, &key); - if (result != ISC_R_SUCCESS) { - goto out; - } - - result = computeid(key); - if (result != ISC_R_SUCCESS) { - goto out; - } + CHECK(dst_key_getfilename(name, id, alg, type, NULL, mctx, &buf)); + CHECK(dst_key_fromnamedfile(filename, directory, type, mctx, &key)); + CHECK(computeid(key)); if (!dns_name_equal(name, key->key_name) || id != key->key_id || alg != key->key_alg) { - result = DST_R_INVALIDPRIVATEKEY; - goto out; + CHECK(DST_R_INVALIDPRIVATEKEY); } *keyp = key; result = ISC_R_SUCCESS; -out: +cleanup: if ((key != NULL) && (result != ISC_R_SUCCESS)) { dst_key_free(&key); } @@ -607,7 +579,7 @@ dst_key_fromnamedfile(const char *filename, const char *dirname, int type, ".key"); INSIST(result == ISC_R_SUCCESS); - RETERR(dst_key_read_public(newfilename, type, mctx, &pubkey)); + CHECK(dst_key_read_public(newfilename, type, mctx, &pubkey)); isc_mem_put(mctx, newfilename, newfilenamelen); /* @@ -633,31 +605,31 @@ dst_key_fromnamedfile(const char *filename, const char *dirname, int type, /* Having no state is valid. */ result = ISC_R_SUCCESS; } - RETERR(result); + CHECK(result); } if ((type & (DST_TYPE_PRIVATE | DST_TYPE_PUBLIC)) == DST_TYPE_PUBLIC || (pubkey->key_flags & DNS_KEYFLAG_TYPEMASK) == DNS_KEYTYPE_NOKEY) { - RETERR(computeid(pubkey)); + CHECK(computeid(pubkey)); pubkey->modified = false; *keyp = pubkey; pubkey = NULL; - goto out; + goto cleanup; } - RETERR(algorithm_status(pubkey->key_alg)); + CHECK(algorithm_status(pubkey->key_alg)); key = get_key_struct(pubkey->key_name, pubkey->key_alg, pubkey->key_flags, pubkey->key_proto, pubkey->key_size, pubkey->key_class, pubkey->key_ttl, mctx); if (key == NULL) { - RETERR(ISC_R_NOMEMORY); + CHECK(ISC_R_NOMEMORY); } if (key->func->parse == NULL) { - RETERR(DST_R_UNSUPPORTEDALG); + CHECK(DST_R_UNSUPPORTEDALG); } newfilenamelen = strlen(filename) + 9; @@ -669,11 +641,11 @@ dst_key_fromnamedfile(const char *filename, const char *dirname, int type, ".private"); INSIST(result == ISC_R_SUCCESS); - RETERR(isc_lex_create(mctx, 1500, &lex)); - RETERR(isc_lex_openfile(lex, newfilename)); + CHECK(isc_lex_create(mctx, 1500, &lex)); + CHECK(isc_lex_openfile(lex, newfilename)); isc_mem_put(mctx, newfilename, newfilenamelen); - RETERR(key->func->parse(key, lex, pubkey)); + CHECK(key->func->parse(key, lex, pubkey)); isc_lex_destroy(&lex); key->kasp = false; @@ -685,20 +657,20 @@ dst_key_fromnamedfile(const char *filename, const char *dirname, int type, /* Having no state is valid. */ result = ISC_R_SUCCESS; } - RETERR(result); + CHECK(result); } - RETERR(computeid(key)); + CHECK(computeid(key)); if (pubkey->key_id != key->key_id) { - RETERR(DST_R_INVALIDPRIVATEKEY); + CHECK(DST_R_INVALIDPRIVATEKEY); } key->modified = false; *keyp = key; key = NULL; -out: +cleanup: if (pubkey != NULL) { dst_key_free(&pubkey); } @@ -853,13 +825,13 @@ dst_key_privatefrombuffer(dst_key_t *key, isc_buffer_t *buffer) { REQUIRE(buffer != NULL); if (key->func->parse == NULL) { - RETERR(DST_R_UNSUPPORTEDALG); + CHECK(DST_R_UNSUPPORTEDALG); } - RETERR(isc_lex_create(key->mctx, 1500, &lex)); - RETERR(isc_lex_openbuffer(lex, buffer)); - RETERR(key->func->parse(key, lex, NULL)); -out: + CHECK(isc_lex_create(key->mctx, 1500, &lex)); + CHECK(isc_lex_openbuffer(lex, buffer)); + CHECK(key->func->parse(key, lex, NULL)); +cleanup: if (lex != NULL) { isc_lex_destroy(&lex); } @@ -895,13 +867,13 @@ dst_key_fromgssapi(const dns_name_t *name, dns_gss_ctx_id_t gssctx, */ isc_buffer_allocate(key->mctx, &key->key_tkeytoken, intoken->length); - RETERR(isc_buffer_copyregion(key->key_tkeytoken, intoken)); + CHECK(isc_buffer_copyregion(key->key_tkeytoken, intoken)); } key->keydata.gssctx = gssctx; *keyp = key; result = ISC_R_SUCCESS; -out: +cleanup: if (result != ISC_R_SUCCESS) { dst_key_free(&key); } @@ -1050,7 +1022,7 @@ dst_key_generate(const dns_name_t *name, unsigned int alg, unsigned int bits, dns_rdataclass_t rdclass, isc_mem_t *mctx, dst_key_t **keyp, void (*callback)(int)) { dst_key_t *key; - isc_result_t ret; + isc_result_t result; REQUIRE(dst_initialized); REQUIRE(dns_name_isabsolute(name)); @@ -1076,16 +1048,16 @@ dst_key_generate(const dns_name_t *name, unsigned int alg, unsigned int bits, return DST_R_UNSUPPORTEDALG; } - ret = key->func->generate(key, param, callback); - if (ret != ISC_R_SUCCESS) { + result = key->func->generate(key, param, callback); + if (result != ISC_R_SUCCESS) { dst_key_free(&key); - return ret; + return result; } - ret = computeid(key); - if (ret != ISC_R_SUCCESS) { + result = computeid(key); + if (result != ISC_R_SUCCESS) { dst_key_free(&key); - return ret; + return result; } *keyp = key; @@ -1653,13 +1625,12 @@ dst_key_read_public(const char *filename, int type, isc_mem_t *mctx, dns_fixedname_t name; isc_lex_t *lex = NULL; isc_token_t token; - isc_result_t ret; + isc_result_t result; dns_rdata_t rdata = DNS_RDATA_INIT; unsigned int opt = ISC_LEXOPT_DNSMULTILINE | ISC_LEXOPT_ESCAPE; dns_rdataclass_t rdclass = dns_rdataclass_in; isc_lexspecials_t specials; uint32_t ttl = 0; - isc_result_t result; dns_rdatatype_t keytype; /* @@ -1670,10 +1641,7 @@ dst_key_read_public(const char *filename, int type, isc_mem_t *mctx, */ /* 1500 should be large enough for any key */ - ret = isc_lex_create(mctx, 1500, &lex); - if (ret != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(isc_lex_create(mctx, 1500, &lex)); memset(specials, 0, sizeof(specials)); specials['('] = 1; @@ -1682,10 +1650,7 @@ dst_key_read_public(const char *filename, int type, isc_mem_t *mctx, isc_lex_setspecials(lex, specials); isc_lex_setcomments(lex, ISC_LEXCOMMENT_DNSMASTERFILE); - ret = isc_lex_openfile(lex, filename); - if (ret != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(isc_lex_openfile(lex, filename)); /* Read the domain name */ NEXTTOKEN(lex, opt, &token); @@ -1703,11 +1668,8 @@ dst_key_read_public(const char *filename, int type, isc_mem_t *mctx, dns_fixedname_init(&name); isc_buffer_init(&b, DST_AS_STR(token), strlen(DST_AS_STR(token))); isc_buffer_add(&b, strlen(DST_AS_STR(token))); - ret = dns_name_fromtext(dns_fixedname_name(&name), &b, dns_rootname, 0, - NULL); - if (ret != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(dns_name_fromtext(dns_fixedname_name(&name), &b, dns_rootname, 0, + NULL)); /* Read the next word: either TTL, class, or 'KEY' */ NEXTTOKEN(lex, opt, &token); @@ -1726,8 +1688,8 @@ dst_key_read_public(const char *filename, int type, isc_mem_t *mctx, BADTOKEN(); } - ret = dns_rdataclass_fromtext(&rdclass, &token.value.as_textregion); - if (ret == ISC_R_SUCCESS) { + result = dns_rdataclass_fromtext(&rdclass, &token.value.as_textregion); + if (result == ISC_R_SUCCESS) { NEXTTOKEN(lex, opt, &token); } @@ -1746,22 +1708,16 @@ dst_key_read_public(const char *filename, int type, isc_mem_t *mctx, if (((type & DST_TYPE_KEY) != 0 && keytype != dns_rdatatype_key) || ((type & DST_TYPE_KEY) == 0 && keytype != dns_rdatatype_dnskey)) { - ret = DST_R_BADKEYTYPE; + result = DST_R_BADKEYTYPE; goto cleanup; } isc_buffer_init(&b, rdatabuf, sizeof(rdatabuf)); - ret = dns_rdata_fromtext(&rdata, rdclass, keytype, lex, NULL, false, - mctx, &b, NULL); - if (ret != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(dns_rdata_fromtext(&rdata, rdclass, keytype, lex, NULL, false, + mctx, &b, NULL)); - ret = dst_key_fromdns(dns_fixedname_name(&name), rdclass, &b, mctx, - keyp); - if (ret != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(dst_key_fromdns(dns_fixedname_name(&name), rdclass, &b, mctx, + keyp)); dst_key_setttl(*keyp, ttl); @@ -1769,7 +1725,7 @@ cleanup: if (lex != NULL) { isc_lex_destroy(&lex); } - return ret; + return result; } static int @@ -1820,19 +1776,13 @@ isc_result_t dst_key_read_state(const char *filename, isc_mem_t *mctx, dst_key_t **keyp) { isc_lex_t *lex = NULL; isc_token_t token; - isc_result_t ret; + isc_result_t result; unsigned int opt = ISC_LEXOPT_EOL; - ret = isc_lex_create(mctx, 1500, &lex); - if (ret != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(isc_lex_create(mctx, 1500, &lex)); isc_lex_setcomments(lex, ISC_LEXCOMMENT_DNSMASTERFILE); - ret = isc_lex_openfile(lex, filename); - if (ret != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(isc_lex_openfile(lex, filename)); /* * Read the comment line. @@ -1884,7 +1834,7 @@ dst_key_read_state(const char *filename, isc_mem_t *mctx, dst_key_t **keyp) { int tag; NEXTTOKEN_OR_EOF(lex, opt, &token); - if (ret == ISC_R_EOF) { + if (result == ISC_R_EOF) { break; } if (token.type != isc_tokentype_string) { @@ -1937,10 +1887,7 @@ dst_key_read_state(const char *filename, isc_mem_t *mctx, dst_key_t **keyp) { BADTOKEN(); } - ret = dns_time32_fromtext(DST_AS_STR(token), &when); - if (ret != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(dns_time32_fromtext(DST_AS_STR(token), &when)); dst_key_settime(*keyp, tag, when); goto next; @@ -1958,10 +1905,7 @@ dst_key_read_state(const char *filename, isc_mem_t *mctx, dst_key_t **keyp) { BADTOKEN(); } - ret = keystate_fromtext(DST_AS_STR(token), &state); - if (ret != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(keystate_fromtext(DST_AS_STR(token), &state)); dst_key_setstate(*keyp, tag, state); goto next; @@ -1972,13 +1916,13 @@ dst_key_read_state(const char *filename, isc_mem_t *mctx, dst_key_t **keyp) { } /* Done, successfully parsed the whole file. */ - ret = ISC_R_SUCCESS; + result = ISC_R_SUCCESS; cleanup: if (lex != NULL) { isc_lex_destroy(&lex); } - return ret; + return result; } static bool @@ -2342,13 +2286,9 @@ computeid(dst_key_t *key) { isc_buffer_t dnsbuf; unsigned char dns_array[DST_KEY_MAXSIZE]; isc_region_t r; - isc_result_t ret; isc_buffer_init(&dnsbuf, dns_array, sizeof(dns_array)); - ret = dst_key_todns(key, &dnsbuf); - if (ret != ISC_R_SUCCESS) { - return ret; - } + RETERR(dst_key_todns(key, &dnsbuf)); isc_buffer_usedregion(&dnsbuf, &r); key->key_id = dst_region_computeid(&r); @@ -2362,7 +2302,7 @@ frombuffer(const dns_name_t *name, unsigned int alg, unsigned int flags, isc_buffer_t *source, isc_mem_t *mctx, bool no_rdata, dst_key_t **keyp) { dst_key_t *key; - isc_result_t ret; + isc_result_t result; REQUIRE(dns_name_isabsolute(name)); REQUIRE(source != NULL); @@ -2375,10 +2315,10 @@ frombuffer(const dns_name_t *name, unsigned int alg, unsigned int flags, } if (isc_buffer_remaininglength(source) > 0) { - ret = algorithm_status(alg); - if (ret != ISC_R_SUCCESS) { + result = algorithm_status(alg); + if (result != ISC_R_SUCCESS) { dst_key_free(&key); - return ret; + return result; } if (key->func->fromdns == NULL) { dst_key_free(&key); @@ -2386,10 +2326,10 @@ frombuffer(const dns_name_t *name, unsigned int alg, unsigned int flags, } if (!no_rdata) { - ret = key->func->fromdns(key, source); - if (ret != ISC_R_SUCCESS) { + result = key->func->fromdns(key, source); + if (result != ISC_R_SUCCESS) { dst_key_free(&key); - return ret; + return result; } } } diff --git a/lib/dns/dst_parse.c b/lib/dns/dst_parse.c index d5ea0e418b..a353b8613d 100644 --- a/lib/dns/dst_parse.c +++ b/lib/dns/dst_parse.c @@ -417,7 +417,7 @@ dst__privstruct_parse(dst_key_t *key, unsigned int alg, isc_lex_t *lex, unsigned char *data = NULL; unsigned int opt = ISC_LEXOPT_EOL; isc_stdtime_t when; - isc_result_t ret; + isc_result_t result; bool external = false; REQUIRE(priv != NULL); @@ -425,20 +425,19 @@ dst__privstruct_parse(dst_key_t *key, unsigned int alg, isc_lex_t *lex, priv->nelements = 0; memset(priv->elements, 0, sizeof(priv->elements)); -#define NEXTTOKEN(lex, opt, token) \ - do { \ - ret = isc_lex_gettoken(lex, opt, token); \ - if (ret != ISC_R_SUCCESS) \ - goto fail; \ +#define NEXTTOKEN(lex, opt, token) \ + do { \ + CHECK(isc_lex_gettoken(lex, opt, token)); \ } while (0) -#define READLINE(lex, opt, token) \ - do { \ - ret = isc_lex_gettoken(lex, opt, token); \ - if (ret == ISC_R_EOF) \ - break; \ - else if (ret != ISC_R_SUCCESS) \ - goto fail; \ +#define READLINE(lex, opt, token) \ + do { \ + result = isc_lex_gettoken(lex, opt, token); \ + if (result == ISC_R_EOF) { \ + break; \ + } else if (result != ISC_R_SUCCESS) { \ + goto cleanup; \ + } \ } while ((*token).type != isc_tokentype_eol) /* @@ -448,24 +447,24 @@ dst__privstruct_parse(dst_key_t *key, unsigned int alg, isc_lex_t *lex, if (token.type != isc_tokentype_string || strcmp(DST_AS_STR(token), PRIVATE_KEY_STR) != 0) { - ret = DST_R_INVALIDPRIVATEKEY; - goto fail; + result = DST_R_INVALIDPRIVATEKEY; + goto cleanup; } NEXTTOKEN(lex, opt, &token); if (token.type != isc_tokentype_string || (DST_AS_STR(token))[0] != 'v') { - ret = DST_R_INVALIDPRIVATEKEY; - goto fail; + result = DST_R_INVALIDPRIVATEKEY; + goto cleanup; } if (sscanf(DST_AS_STR(token), "v%d.%d", &major, &minor) != 2) { - ret = DST_R_INVALIDPRIVATEKEY; - goto fail; + result = DST_R_INVALIDPRIVATEKEY; + goto cleanup; } if (major > DST_MAJOR_VERSION) { - ret = DST_R_INVALIDPRIVATEKEY; - goto fail; + result = DST_R_INVALIDPRIVATEKEY; + goto cleanup; } /* @@ -482,16 +481,16 @@ dst__privstruct_parse(dst_key_t *key, unsigned int alg, isc_lex_t *lex, if (token.type != isc_tokentype_string || strcmp(DST_AS_STR(token), ALGORITHM_STR) != 0) { - ret = DST_R_INVALIDPRIVATEKEY; - goto fail; + result = DST_R_INVALIDPRIVATEKEY; + goto cleanup; } NEXTTOKEN(lex, opt | ISC_LEXOPT_NUMBER, &token); if (token.type != isc_tokentype_number || token.value.as_ulong != (unsigned long)dst_key_alg(key)) { - ret = DST_R_INVALIDPRIVATEKEY; - goto fail; + result = DST_R_INVALIDPRIVATEKEY; + goto cleanup; } READLINE(lex, opt, &token); @@ -503,18 +502,18 @@ dst__privstruct_parse(dst_key_t *key, unsigned int alg, isc_lex_t *lex, int tag; isc_region_t r; do { - ret = isc_lex_gettoken(lex, opt, &token); - if (ret == ISC_R_EOF) { + result = isc_lex_gettoken(lex, opt, &token); + if (result == ISC_R_EOF) { goto done; } - if (ret != ISC_R_SUCCESS) { - goto fail; + if (result != ISC_R_SUCCESS) { + goto cleanup; } } while (token.type == isc_tokentype_eol); if (token.type != isc_tokentype_string) { - ret = DST_R_INVALIDPRIVATEKEY; - goto fail; + result = DST_R_INVALIDPRIVATEKEY; + goto cleanup; } if (strcmp(DST_AS_STR(token), "External:") == 0) { @@ -529,8 +528,8 @@ dst__privstruct_parse(dst_key_t *key, unsigned int alg, isc_lex_t *lex, NEXTTOKEN(lex, opt | ISC_LEXOPT_NUMBER, &token); if (token.type != isc_tokentype_number) { - ret = DST_R_INVALIDPRIVATEKEY; - goto fail; + result = DST_R_INVALIDPRIVATEKEY; + goto cleanup; } dst_key_setnum(key, tag, token.value.as_ulong); @@ -544,14 +543,11 @@ dst__privstruct_parse(dst_key_t *key, unsigned int alg, isc_lex_t *lex, NEXTTOKEN(lex, opt, &token); if (token.type != isc_tokentype_string) { - ret = DST_R_INVALIDPRIVATEKEY; - goto fail; + result = DST_R_INVALIDPRIVATEKEY; + goto cleanup; } - ret = dns_time32_fromtext(DST_AS_STR(token), &when); - if (ret != ISC_R_SUCCESS) { - goto fail; - } + CHECK(dns_time32_fromtext(DST_AS_STR(token), &when)); dst_key_settime(key, tag, when); @@ -563,8 +559,8 @@ dst__privstruct_parse(dst_key_t *key, unsigned int alg, isc_lex_t *lex, if (tag < 0 && minor > DST_MINOR_VERSION) { goto next; } else if (tag < 0) { - ret = DST_R_INVALIDPRIVATEKEY; - goto fail; + result = DST_R_INVALIDPRIVATEKEY; + goto cleanup; } priv->elements[n].tag = tag; @@ -572,10 +568,7 @@ dst__privstruct_parse(dst_key_t *key, unsigned int alg, isc_lex_t *lex, data = isc_mem_get(mctx, MAXFIELDSIZE); isc_buffer_init(&b, data, MAXFIELDSIZE); - ret = isc_base64_tobuffer(lex, &b, -1); - if (ret != ISC_R_SUCCESS) { - goto fail; - } + CHECK(isc_base64_tobuffer(lex, &b, -1)); isc_buffer_usedregion(&b, &r); priv->elements[n].length = r.length; @@ -589,30 +582,30 @@ dst__privstruct_parse(dst_key_t *key, unsigned int alg, isc_lex_t *lex, done: if (external && priv->nelements != 0) { - ret = DST_R_INVALIDPRIVATEKEY; - goto fail; + result = DST_R_INVALIDPRIVATEKEY; + goto cleanup; } check = check_data(priv, alg, true, external); if (check < 0) { - ret = DST_R_INVALIDPRIVATEKEY; - goto fail; + result = DST_R_INVALIDPRIVATEKEY; + goto cleanup; } else if (check != ISC_R_SUCCESS) { - ret = check; - goto fail; + result = check; + goto cleanup; } key->external = external; return ISC_R_SUCCESS; -fail: +cleanup: dst__privstruct_free(priv, mctx); if (data != NULL) { isc_mem_put(mctx, data, MAXFIELDSIZE); } - return ret; + return result; } isc_result_t diff --git a/lib/dns/dyndb.c b/lib/dns/dyndb.c index 37a87449d5..f89d364164 100644 --- a/lib/dns/dyndb.c +++ b/lib/dns/dyndb.c @@ -30,13 +30,6 @@ #include #include -#define CHECK(op) \ - do { \ - result = (op); \ - if (result != ISC_R_SUCCESS) \ - goto cleanup; \ - } while (0) - typedef struct dyndb_implementation dyndb_implementation_t; struct dyndb_implementation { isc_mem_t *mctx; diff --git a/lib/dns/gssapictx.c b/lib/dns/gssapictx.c index 06580c2352..74505e3cd0 100644 --- a/lib/dns/gssapictx.c +++ b/lib/dns/gssapictx.c @@ -93,13 +93,6 @@ static gss_OID_desc __gss_spnego_mechanism_oid_desc = { (r).base = (gb).value; \ } while (0) -#define RETERR(x) \ - do { \ - result = (x); \ - if (result != ISC_R_SUCCESS) \ - goto out; \ - } while (0) - static void name_to_gbuffer(const dns_name_t *name, isc_buffer_t *buffer, gss_buffer_desc *gbuffer) { @@ -589,8 +582,7 @@ dst_gssapi_initctx(const dns_name_t *name, isc_buffer_t *intoken, gret = gss_import_name(&minor, &gnamebuf, GSS_C_NO_OID, &gname); if (gret != GSS_S_COMPLETE) { gss_err_message(mctx, gret, minor, err_message); - result = ISC_R_FAILURE; - goto out; + CHECK(ISC_R_FAILURE); } if (intoken != NULL) { @@ -621,8 +613,7 @@ dst_gssapi_initctx(const dns_name_t *name, isc_buffer_t *intoken, gss_log(3, "Failure initiating security context"); } - result = ISC_R_FAILURE; - goto out; + CHECK(ISC_R_FAILURE); } /* @@ -635,7 +626,7 @@ dst_gssapi_initctx(const dns_name_t *name, isc_buffer_t *intoken, */ if (gouttoken.length != 0U) { GBUFFER_TO_REGION(gouttoken, r); - RETERR(isc_buffer_copyregion(outtoken, &r)); + CHECK(isc_buffer_copyregion(outtoken, &r)); } if (gret == GSS_S_COMPLETE) { @@ -644,7 +635,7 @@ dst_gssapi_initctx(const dns_name_t *name, isc_buffer_t *intoken, result = DNS_R_CONTINUE; } -out: +cleanup: if (gouttoken.length != 0U) { (void)gss_release_buffer(&minor, &gouttoken); } @@ -749,7 +740,7 @@ dst_gssapi_acceptctx(dns_gss_cred_id_t cred, const char *gssapi_keytab, isc_buffer_allocate(mctx, outtoken, (unsigned int)gouttoken.length); GBUFFER_TO_REGION(gouttoken, r); - RETERR(isc_buffer_copyregion(*outtoken, &r)); + CHECK(isc_buffer_copyregion(*outtoken, &r)); (void)gss_release_buffer(&minor, &gouttoken); } @@ -759,7 +750,7 @@ dst_gssapi_acceptctx(dns_gss_cred_id_t cred, const char *gssapi_keytab, gss_log(3, "failed gss_display_name: %s", gss_error_tostring(gret, minor, buf, sizeof(buf))); - RETERR(ISC_R_FAILURE); + CHECK(ISC_R_FAILURE); } /* @@ -781,8 +772,8 @@ dst_gssapi_acceptctx(dns_gss_cred_id_t cred, const char *gssapi_keytab, isc_buffer_init(&namebuf, r.base, r.length); isc_buffer_add(&namebuf, r.length); - RETERR(dns_name_fromtext(principal, &namebuf, dns_rootname, 0, - NULL)); + CHECK(dns_name_fromtext(principal, &namebuf, dns_rootname, 0, + NULL)); if (gnamebuf.length != 0U) { gret = gss_release_buffer(&minor, &gnamebuf); @@ -798,7 +789,7 @@ dst_gssapi_acceptctx(dns_gss_cred_id_t cred, const char *gssapi_keytab, *ctxout = context; -out: +cleanup: if (gname != NULL) { gret = gss_release_name(&minor, &gname); if (gret != GSS_S_COMPLETE) { diff --git a/lib/dns/journal.c b/lib/dns/journal.c index b8e7d729bc..a0d378bd0d 100644 --- a/lib/dns/journal.c +++ b/lib/dns/journal.c @@ -86,25 +86,6 @@ #define JOURNAL_DEBUG_LOGARGS(n) JOURNAL_COMMON_LOGARGS, ISC_LOG_DEBUG(n) -/*% - * It would be non-sensical (or at least obtuse) to use FAIL() with an - * ISC_R_SUCCESS code, but the test is there to keep the Solaris compiler - * from complaining about "end-of-loop code not reached". - */ -#define FAIL(code) \ - do { \ - result = (code); \ - if (result != ISC_R_SUCCESS) \ - goto failure; \ - } while (0) - -#define CHECK(op) \ - do { \ - result = (op); \ - if (result != ISC_R_SUCCESS) \ - goto failure; \ - } while (0) - #define JOURNAL_SERIALSET 0x01U static isc_result_t @@ -648,14 +629,14 @@ journal_open(isc_mem_t *mctx, const char *filename, bool writable, bool create, */ result = isc_stdio_open(j->filename, "rb+", &fp); } else { - FAIL(ISC_R_NOTFOUND); + CHECK(ISC_R_NOTFOUND); } } if (result != ISC_R_SUCCESS) { isc_log_write(JOURNAL_COMMON_LOGARGS, ISC_LOG_ERROR, "%s: open: %s", j->filename, isc_result_totext(result)); - FAIL(ISC_R_UNEXPECTED); + CHECK(ISC_R_UNEXPECTED); } j->fp = fp; @@ -693,7 +674,7 @@ journal_open(isc_mem_t *mctx, const char *filename, bool writable, bool create, } else { isc_log_write(JOURNAL_COMMON_LOGARGS, ISC_LOG_ERROR, "%s: journal format not recognized", j->filename); - FAIL(ISC_R_UNEXPECTED); + CHECK(ISC_R_UNEXPECTED); } journal_header_decode(&rawheader, &j->header); @@ -745,7 +726,7 @@ journal_open(isc_mem_t *mctx, const char *filename, bool writable, bool create, *journalp = j; return ISC_R_SUCCESS; -failure: +cleanup: j->magic = 0; if (j->rawindex != NULL) { isc_mem_put(j->mctx, j->rawindex, @@ -921,7 +902,7 @@ maybe_fixup_xhdr(dns_journal_t *j, journal_xhdr_t *xhdr, uint32_t serial, j->recovered = true; } -failure: +cleanup: return result; } @@ -1001,7 +982,7 @@ journal_next(dns_journal_t *j, journal_pos_t *pos) { pos->serial = xhdr.serial1; return ISC_R_SUCCESS; -failure: +cleanup: return result; } @@ -1181,7 +1162,7 @@ dns_journal_begin_transaction(dns_journal_t *j) { j->state = JOURNAL_STATE_TRANSACTION; result = ISC_R_SUCCESS; -failure: +cleanup: return result; } @@ -1272,7 +1253,7 @@ dns_journal_writediff(dns_journal_t *j, dns_diff_t *diff) { result = ISC_R_SUCCESS; -failure: +cleanup: if (mem != NULL) { isc_mem_put(j->mctx, mem, size); } @@ -1415,7 +1396,7 @@ dns_journal_commit(dns_journal_t *j) { result = ISC_R_SUCCESS; -failure: +cleanup: return result; } @@ -1428,7 +1409,7 @@ dns_journal_write_transaction(dns_journal_t *j, dns_diff_t *diff) { CHECK(dns_journal_writediff(j, diff)); CHECK(dns_journal_commit(j)); result = ISC_R_SUCCESS; -failure: +cleanup: return result; } @@ -1566,7 +1547,7 @@ dns_journal_rollforward(dns_journal_t *j, dns_db_t *db, unsigned int options) { "%s: journal file corrupt: missing " "initial SOA", j->filename); - FAIL(ISC_R_UNEXPECTED); + CHECK(ISC_R_UNEXPECTED); } if ((options & DNS_JOURNALOPT_RESIGN) != 0) { op = (n_soa == 1) ? DNS_DIFFOP_DELRESIGN @@ -1603,7 +1584,7 @@ dns_journal_rollforward(dns_journal_t *j, dns_db_t *db, unsigned int options) { dns_diff_clear(&diff); } -failure: +cleanup: if (ver != NULL) { dns_db_closeversion(db, &ver, result == ISC_R_SUCCESS ? true : false); @@ -1709,7 +1690,7 @@ dns_journal_print(isc_mem_t *mctx, uint32_t flags, const char *filename, "%s: journal file corrupt: missing " "initial SOA", j->filename); - FAIL(ISC_R_UNEXPECTED); + CHECK(ISC_R_UNEXPECTED); } if (print) { @@ -1751,13 +1732,13 @@ dns_journal_print(isc_mem_t *mctx, uint32_t flags, const char *filename, result = dns_diff_print(&diff, file); dns_diff_clear(&diff); } - goto cleanup; + goto done; -failure: +cleanup: isc_log_write(JOURNAL_COMMON_LOGARGS, ISC_LOG_ERROR, "%s: cannot print: journal file corrupt", j->filename); -cleanup: +done: if (source.base != NULL) { isc_mem_put(j->mctx, source.base, source.length); } @@ -1921,7 +1902,7 @@ dns_journal_iter_init(dns_journal_t *j, uint32_t begin_serial, } result = ISC_R_SUCCESS; -failure: +cleanup: j->it.result = result; return j->it.result; } @@ -1942,7 +1923,7 @@ dns_journal_first_rr(dns_journal_t *j) { return read_one_rr(j); -failure: +cleanup: return result; } @@ -1976,7 +1957,7 @@ read_one_rr(dns_journal_t *j) { isc_log_write(JOURNAL_COMMON_LOGARGS, ISC_LOG_ERROR, "%s: journal corrupt: empty transaction", j->filename); - FAIL(ISC_R_UNEXPECTED); + CHECK(ISC_R_UNEXPECTED); } if (j->header_ver1) { @@ -1992,7 +1973,7 @@ read_one_rr(dns_journal_t *j) { "expected serial %u, got %u", j->filename, j->it.current_serial, xhdr.serial0); - FAIL(ISC_R_UNEXPECTED); + CHECK(ISC_R_UNEXPECTED); } j->it.xsize = xhdr.size; @@ -2014,7 +1995,7 @@ read_one_rr(dns_journal_t *j) { "%s: journal corrupt: impossible RR size " "(%d bytes)", j->filename, rrhdr.size); - FAIL(ISC_R_UNEXPECTED); + CHECK(ISC_R_UNEXPECTED); } CHECK(size_buffer(j->mctx, &j->it.source, rrhdr.size)); @@ -2043,7 +2024,7 @@ read_one_rr(dns_journal_t *j) { * Check that the RR header is there, and parse it. */ if (isc_buffer_remaininglength(&j->it.source) < 10) { - FAIL(DNS_R_FORMERR); + CHECK(DNS_R_FORMERR); } rdtype = isc_buffer_getuint16(&j->it.source); @@ -2056,14 +2037,14 @@ read_one_rr(dns_journal_t *j) { "%s: journal corrupt: impossible rdlen " "(%u bytes)", j->filename, rdlen); - FAIL(ISC_R_FAILURE); + CHECK(ISC_R_FAILURE); } /* * Parse the rdata. */ if (isc_buffer_remaininglength(&j->it.source) != rdlen) { - FAIL(DNS_R_FORMERR); + CHECK(DNS_R_FORMERR); } isc_buffer_setactive(&j->it.source, rdlen); dns_rdata_reset(&j->it.rdata); @@ -2079,7 +2060,7 @@ read_one_rr(dns_journal_t *j) { result = ISC_R_SUCCESS; -failure: +cleanup: j->it.result = result; return result; } @@ -2255,7 +2236,7 @@ dns_diff_subtract(dns_diff_t diff[2], dns_diff_t *r) { ISC_LIST_APPENDLIST(r->tuples, del, link); ISC_LIST_APPENDLIST(r->tuples, add, link); result = ISC_R_SUCCESS; -failure: +cleanup: return result; } @@ -2347,16 +2328,16 @@ diff_namespace(dns_db_t *dba, dns_dbversion_t *dbvera, dns_db_t *dbb, next:; } if (itresult[0] != ISC_R_NOMORE) { - FAIL(itresult[0]); + CHECK(itresult[0]); } if (itresult[1] != ISC_R_NOMORE) { - FAIL(itresult[1]); + CHECK(itresult[1]); } INSIST(ISC_LIST_EMPTY(diff[0].tuples)); INSIST(ISC_LIST_EMPTY(diff[1].tuples)); -failure: +cleanup: dns_dbiterator_destroy(&dbit[1]); cleanup_iterator: @@ -2412,7 +2393,7 @@ dns_db_diffx(dns_diff_t *diff, dns_db_t *dba, dns_dbversion_t *dbvera, } } -failure: +cleanup: if (journal != NULL) { dns_journal_destroy(&journal); } @@ -2796,7 +2777,7 @@ dns_journal_compact(isc_mem_t *mctx, char *filename, uint32_t serial, if (result != ISC_R_SUCCESS && result != ISC_R_FILENOTFOUND) { - goto failure; + CHECK(result); } if (rename(filename, backup) == -1) { goto maperrno; @@ -2807,14 +2788,13 @@ dns_journal_compact(isc_mem_t *mctx, char *filename, uint32_t serial, (void)isc_file_remove(backup); } else { maperrno: - result = ISC_R_FAILURE; - goto failure; + CHECK(ISC_R_FAILURE); } } result = ISC_R_SUCCESS; -failure: +cleanup: (void)isc_file_remove(newname); if (buf != NULL) { isc_mem_put(mctx, buf, size); @@ -2851,6 +2831,6 @@ index_to_disk(dns_journal_t *j) { CHECK(journal_seek(j, sizeof(journal_rawheader_t))); CHECK(journal_write(j, j->rawindex, rawbytes)); } -failure: +cleanup: return result; } diff --git a/lib/dns/keymgr.c b/lib/dns/keymgr.c index 9b1fc03d2b..68e1bccdb4 100644 --- a/lib/dns/keymgr.c +++ b/lib/dns/keymgr.c @@ -34,13 +34,6 @@ #include -#define RETERR(x) \ - do { \ - result = (x); \ - if (result != ISC_R_SUCCESS) \ - goto failure; \ - } while (0) - /* * Set key state to `target` state and change last changed * to `time`, only if key state has not been set before. @@ -494,9 +487,9 @@ keymgr_createkey(dns_kasp_key_t *kkey, const dns_name_t *origin, if (dns_kasp_key_ksk(kkey)) { keyflags |= DNS_KEYFLAG_KSK; } - RETERR(dst_key_generate(origin, algo, size, 0, keyflags, - DNS_KEYPROTO_DNSSEC, rdclass, mctx, - &newkey, NULL)); + CHECK(dst_key_generate(origin, algo, size, 0, keyflags, + DNS_KEYPROTO_DNSSEC, rdclass, mctx, + &newkey, NULL)); /* Key collision? */ conflict = keymgr_keyid_conflict(newkey, keylist); @@ -520,7 +513,7 @@ keymgr_createkey(dns_kasp_key_t *kkey, const dns_name_t *origin, *dst_key = newkey; return ISC_R_SUCCESS; -failure: +cleanup: return result; } @@ -2238,7 +2231,7 @@ dns_keymgr_run(const dns_name_t *origin, dns_rdataclass_t rdclass, } /* See if this key requires a rollover. */ - RETERR(keymgr_key_rollover( + CHECK(keymgr_key_rollover( kkey, active_key, keyring, &newkeys, origin, rdclass, kasp, lifetime, rollover_allowed, now, nexttime, mctx)); } @@ -2268,14 +2261,14 @@ dns_keymgr_run(const dns_name_t *origin, dns_rdataclass_t rdclass, } if (modified && !dkey->purge) { dns_dnssec_get_hints(dkey, now); - RETERR(dst_key_tofile(dkey->key, options, directory)); + CHECK(dst_key_tofile(dkey->key, options, directory)); } dst_key_setmodified(dkey->key, false); } result = ISC_R_SUCCESS; -failure: +cleanup: if (dir_open) { isc_dir_close(&dir); } @@ -2437,7 +2430,7 @@ static void rollover_status(dns_dnsseckey_t *dkey, dns_kasp_t *kasp, isc_stdtime_t now, isc_buffer_t *buf, bool zsk) { char timestr[26]; /* Minimal buf as per ctime_r() spec. */ - isc_result_t ret = ISC_R_SUCCESS; + isc_result_t result = ISC_R_SUCCESS; isc_stdtime_t active_time = 0; dst_key_state_t state = NA, goal = NA; int rrsig, active, retire; @@ -2469,9 +2462,9 @@ rollover_status(dns_dnsseckey_t *dkey, dns_kasp_t *kasp, isc_stdtime_t now, state = NA; (void)dst_key_getstate(key, DST_KEY_DNSKEY, &state); if (state == RUMOURED || state == OMNIPRESENT) { - ret = dst_key_gettime(key, DST_TIME_DELETE, - &remove_time); - if (ret == ISC_R_SUCCESS) { + result = dst_key_gettime(key, DST_TIME_DELETE, + &remove_time); + if (result == ISC_R_SUCCESS) { isc_buffer_printf(buf, " Key is retired, will " "be removed on "); isc_stdtime_tostring(remove_time, timestr, @@ -2484,8 +2477,8 @@ rollover_status(dns_dnsseckey_t *dkey, dns_kasp_t *kasp, isc_stdtime_t now, } } else { isc_stdtime_t retire_time = 0; - ret = dst_key_gettime(key, retire, &retire_time); - if (ret == ISC_R_SUCCESS) { + result = dst_key_gettime(key, retire, &retire_time); + if (result == ISC_R_SUCCESS) { if (now < retire_time) { if (goal == OMNIPRESENT) { isc_buffer_printf(buf, diff --git a/lib/dns/masterdump.c b/lib/dns/masterdump.c index 1c850d9125..f7993616c0 100644 --- a/lib/dns/masterdump.c +++ b/lib/dns/masterdump.c @@ -52,19 +52,6 @@ #define DNS_DCTX_MAGIC ISC_MAGIC('D', 'c', 't', 'x') #define DNS_DCTX_VALID(d) ISC_MAGIC_VALID(d, DNS_DCTX_MAGIC) -#define RETERR(x) \ - do { \ - isc_result_t _r = (x); \ - if (_r != ISC_R_SUCCESS) \ - return ((_r)); \ - } while (0) - -#define CHECK(x) \ - do { \ - if ((x) != ISC_R_SUCCESS) \ - goto cleanup; \ - } while (0) - struct dns_master_style { dns_masterstyle_flags_t flags; /* DNS_STYLEFLAG_* */ unsigned int ttl_column; diff --git a/lib/dns/nsec.c b/lib/dns/nsec.c index fe53e2a4e3..80ee8d7d58 100644 --- a/lib/dns/nsec.c +++ b/lib/dns/nsec.c @@ -30,13 +30,6 @@ #include -#define RETERR(x) \ - do { \ - result = (x); \ - if (result != ISC_R_SUCCESS) \ - goto failure; \ - } while (0) - void dns_nsec_setbit(unsigned char *array, unsigned int type, unsigned int bit) { unsigned int shift, mask; @@ -189,20 +182,20 @@ dns_nsec_build(dns_db_t *db, dns_dbversion_t *version, dns_dbnode_t *node, dns_rdataset_init(&rdataset); dns_rdata_init(&rdata); - RETERR(dns_nsec_buildrdata(db, version, node, target, data, &rdata)); + CHECK(dns_nsec_buildrdata(db, version, node, target, data, &rdata)); dns_rdatalist_init(&rdatalist); rdatalist.rdclass = dns_db_class(db); rdatalist.type = dns_rdatatype_nsec; rdatalist.ttl = ttl; ISC_LIST_APPEND(rdatalist.rdata, &rdata, link); - RETERR(dns_rdatalist_tordataset(&rdatalist, &rdataset)); + CHECK(dns_rdatalist_tordataset(&rdatalist, &rdataset)); result = dns_db_addrdataset(db, node, version, 0, &rdataset, 0, NULL); if (result == DNS_R_UNCHANGED) { result = ISC_R_SUCCESS; } -failure: +cleanup: if (dns_rdataset_isassociated(&rdataset)) { dns_rdataset_disassociate(&rdataset); } diff --git a/lib/dns/nsec3.c b/lib/dns/nsec3.c index f3987b9c5a..f902c63022 100644 --- a/lib/dns/nsec3.c +++ b/lib/dns/nsec3.c @@ -41,13 +41,6 @@ #include -#define CHECK(x) \ - do { \ - result = (x); \ - if (result != ISC_R_SUCCESS) \ - goto failure; \ - } while (0) - #define OPTOUT(x) (((x) & DNS_NSEC3FLAG_OPTOUT) != 0) #define CREATE(x) (((x) & DNS_NSEC3FLAG_CREATE) != 0) #define INITIAL(x) (((x) & DNS_NSEC3FLAG_INITIAL) != 0) @@ -444,22 +437,16 @@ delnsec3(dns_db_t *db, dns_dbversion_t *version, const dns_name_t *name, continue; } - result = dns_difftuple_create(diff->mctx, DNS_DIFFOP_DEL, name, - rdataset.ttl, &rdata, &tuple); - if (result != ISC_R_SUCCESS) { - goto failure; - } - result = do_one_tuple(&tuple, db, version, diff); - if (result != ISC_R_SUCCESS) { - goto failure; - } + CHECK(dns_difftuple_create(diff->mctx, DNS_DIFFOP_DEL, name, + rdataset.ttl, &rdata, &tuple)); + CHECK(do_one_tuple(&tuple, db, version, diff)); } if (result != ISC_R_NOMORE) { - goto failure; + goto cleanup; } result = ISC_R_SUCCESS; -failure: +cleanup: dns_rdataset_disassociate(&rdataset); cleanup_node: dns_db_detachnode(db, &node); @@ -532,7 +519,7 @@ find_nsec3(dns_rdata_nsec3_t *nsec3, dns_rdataset_t *rdataset, break; } } -failure: +cleanup: return result; } @@ -640,14 +627,14 @@ dns_nsec3_addnsec3(dns_db_t *db, dns_dbversion_t *version, } else if (CREATE(nsec3param->flags) && OPTOUT(flags)) { result = dns_nsec3_delnsec3(db, version, name, nsec3param, diff); - goto failure; + goto cleanup; } else { maybe_remove_unsecure = true; } } else { dns_rdataset_disassociate(&rdataset); if (result != ISC_R_NOMORE) { - goto failure; + goto cleanup; } } } @@ -677,9 +664,7 @@ dns_nsec3_addnsec3(dns_db_t *db, dns_dbversion_t *version, dns_rdataset_disassociate(&rdataset); continue; } - if (result != ISC_R_SUCCESS) { - goto failure; - } + CHECK(result); if (maybe_remove_unsecure) { dns_rdataset_disassociate(&rdataset); @@ -691,7 +676,7 @@ dns_nsec3_addnsec3(dns_db_t *db, dns_dbversion_t *version, if (OPTOUT(nsec3.flags)) { result = dns_nsec3_delnsec3(db, version, name, nsec3param, diff); - goto failure; + goto cleanup; } goto addnsec3; } else { @@ -701,7 +686,7 @@ dns_nsec3_addnsec3(dns_db_t *db, dns_dbversion_t *version, */ if (OPTOUT(nsec3.flags) && unsecure) { dns_rdataset_disassociate(&rdataset); - goto failure; + goto cleanup; } } @@ -795,7 +780,7 @@ addnsec3: break; } if (result != ISC_R_NOMORE) { - goto failure; + goto cleanup; } } @@ -824,9 +809,7 @@ addnsec3: dns_rdataset_disassociate(&rdataset); continue; } - if (result != ISC_R_SUCCESS) { - goto failure; - } + CHECK(result); old_next = nsec3.next; old_length = nsec3.next_length; @@ -886,7 +869,7 @@ addnsec3: /* result cannot be ISC_R_NOMORE here */ INSIST(result != ISC_R_NOMORE); -failure: +cleanup: if (dbit != NULL) { dns_dbiterator_destroy(&dbit); } @@ -960,7 +943,7 @@ dns_nsec3_addnsec3s(dns_db_t *db, dns_dbversion_t *version, result = ISC_R_SUCCESS; } -failure: +cleanup: if (dns_rdataset_isassociated(&rdataset)) { dns_rdataset_disassociate(&rdataset); } @@ -1036,7 +1019,7 @@ rr_exists(dns_db_t *db, dns_dbversion_t *ver, const dns_name_t *name, if (result == ISC_R_NOTFOUND) { *flag = false; result = ISC_R_SUCCESS; - goto failure; + goto cleanup; } for (result = dns_rdataset_first(&rdataset); result == ISC_R_SUCCESS; @@ -1056,7 +1039,7 @@ rr_exists(dns_db_t *db, dns_dbversion_t *ver, const dns_name_t *name, result = ISC_R_SUCCESS; } -failure: +cleanup: if (node != NULL) { dns_db_detachnode(db, &node); } @@ -1128,9 +1111,7 @@ dns_nsec3param_deletechains(dns_db_t *db, dns_dbversion_t *ver, if (result == ISC_R_NOTFOUND) { goto try_private; } - if (result != ISC_R_SUCCESS) { - goto failure; - } + CHECK(result); for (result = dns_rdataset_first(&rdataset); result == ISC_R_SUCCESS; result = dns_rdataset_next(&rdataset)) @@ -1157,23 +1138,23 @@ dns_nsec3param_deletechains(dns_db_t *db, dns_dbversion_t *ver, dns_rdata_reset(&rdata); } if (result != ISC_R_NOMORE) { - goto failure; + goto cleanup; } dns_rdataset_disassociate(&rdataset); try_private: if (privatetype == 0) { - goto success; + result = ISC_R_SUCCESS; + goto cleanup; } result = dns_db_findrdataset(db, node, ver, privatetype, 0, (isc_stdtime_t)0, &rdataset, NULL); if (result == ISC_R_NOTFOUND) { - goto success; - } - if (result != ISC_R_SUCCESS) { - goto failure; + result = ISC_R_SUCCESS; + goto cleanup; } + CHECK(result); for (result = dns_rdataset_first(&rdataset); result == ISC_R_SUCCESS; result = dns_rdataset_next(&rdataset)) @@ -1215,12 +1196,12 @@ try_private: } } if (result != ISC_R_NOMORE) { - goto failure; + goto cleanup; } -success: + result = ISC_R_SUCCESS; -failure: +cleanup: if (dns_rdataset_isassociated(&rdataset)) { dns_rdataset_disassociate(&rdataset); } @@ -1252,7 +1233,7 @@ dns_nsec3_addnsec3sx(dns_db_t *db, dns_dbversion_t *version, result = dns_db_findrdataset(db, node, version, type, 0, 0, &prdataset, NULL); if (result != ISC_R_SUCCESS && result != ISC_R_NOTFOUND) { - goto failure; + CHECK(result); } result = dns_db_findrdataset(db, node, version, @@ -1261,9 +1242,7 @@ dns_nsec3_addnsec3sx(dns_db_t *db, dns_dbversion_t *version, if (result == ISC_R_NOTFOUND) { goto try_private; } - if (result != ISC_R_SUCCESS) { - goto failure; - } + CHECK(result); /* * Update each active NSEC3 chain. @@ -1287,15 +1266,17 @@ dns_nsec3_addnsec3sx(dns_db_t *db, dns_dbversion_t *version, nsecttl, unsecure, diff)); } if (result != ISC_R_NOMORE) { - goto failure; + goto cleanup; } dns_rdataset_disassociate(&rdataset); try_private: if (!dns_rdataset_isassociated(&prdataset)) { - goto success; + result = ISC_R_SUCCESS; + goto cleanup; } + /* * Update each active NSEC3 chain. */ @@ -1328,10 +1309,10 @@ try_private: nsecttl, unsecure, diff)); } if (result == ISC_R_NOMORE) { - success: result = ISC_R_SUCCESS; } -failure: + +cleanup: if (dns_rdataset_isassociated(&rdataset)) { dns_rdataset_disassociate(&rdataset); } @@ -1439,9 +1420,7 @@ dns_nsec3_delnsec3(dns_db_t *db, dns_dbversion_t *version, if (result == ISC_R_NOTFOUND || result == DNS_R_PARTIALMATCH) { goto cleanup_orphaned_ents; } - if (result != ISC_R_SUCCESS) { - goto failure; - } + CHECK(result); CHECK(dns_dbiterator_current(dbit, &node, NULL)); CHECK(dns_dbiterator_pause(dbit)); @@ -1451,9 +1430,7 @@ dns_nsec3_delnsec3(dns_db_t *db, dns_dbversion_t *version, if (result == ISC_R_NOTFOUND) { goto cleanup_orphaned_ents; } - if (result != ISC_R_SUCCESS) { - goto failure; - } + CHECK(result); /* * If we find a existing NSEC3 for this chain then save the @@ -1467,11 +1444,9 @@ dns_nsec3_delnsec3(dns_db_t *db, dns_dbversion_t *version, } dns_rdataset_disassociate(&rdataset); if (result == ISC_R_NOMORE) { - goto success; - } - if (result != ISC_R_SUCCESS) { - goto failure; + result = ISC_R_SUCCESS; } + CHECK(result); /* * Find the previous NSEC3 and update it. @@ -1497,9 +1472,7 @@ dns_nsec3_delnsec3(dns_db_t *db, dns_dbversion_t *version, dns_rdataset_disassociate(&rdataset); continue; } - if (result != ISC_R_SUCCESS) { - goto failure; - } + CHECK(result); /* * Delete the old previous NSEC3. @@ -1553,11 +1526,10 @@ cleanup_orphaned_ents: salt_length)); result = dns_dbiterator_seek(dbit, hashname); if (result == ISC_R_NOTFOUND || result == DNS_R_PARTIALMATCH) { - goto success; - } - if (result != ISC_R_SUCCESS) { - goto failure; + result = ISC_R_SUCCESS; + goto cleanup; } + CHECK(result); CHECK(dns_dbiterator_current(dbit, &node, NULL)); CHECK(dns_dbiterator_pause(dbit)); @@ -1566,11 +1538,10 @@ cleanup_orphaned_ents: (isc_stdtime_t)0, &rdataset, NULL); dns_db_detachnode(db, &node); if (result == ISC_R_NOTFOUND) { - goto success; - } - if (result != ISC_R_SUCCESS) { - goto failure; + result = ISC_R_SUCCESS; + goto cleanup; } + CHECK(result); result = find_nsec3(&nsec3, &rdataset, nsec3param); if (result == ISC_R_SUCCESS) { @@ -1580,11 +1551,9 @@ cleanup_orphaned_ents: } dns_rdataset_disassociate(&rdataset); if (result == ISC_R_NOMORE) { - goto success; - } - if (result != ISC_R_SUCCESS) { - goto failure; + result = ISC_R_SUCCESS; } + CHECK(result); pass = 0; do { @@ -1607,9 +1576,7 @@ cleanup_orphaned_ents: dns_rdataset_disassociate(&rdataset); continue; } - if (result != ISC_R_SUCCESS) { - goto failure; - } + CHECK(result); /* * Delete the old previous NSEC3. @@ -1642,10 +1609,9 @@ cleanup_orphaned_ents: CHECK(delnsec3(db, version, hashname, nsec3param, diff)); } while (1); -success: result = ISC_R_SUCCESS; -failure: +cleanup: if (dbit != NULL) { dns_dbiterator_destroy(&dbit); } @@ -1689,9 +1655,7 @@ dns_nsec3_delnsec3sx(dns_db_t *db, dns_dbversion_t *version, if (result == ISC_R_NOTFOUND) { goto try_private; } - if (result != ISC_R_SUCCESS) { - goto failure; - } + CHECK(result); /* * Update each active NSEC3 chain. @@ -1716,16 +1680,16 @@ dns_nsec3_delnsec3sx(dns_db_t *db, dns_dbversion_t *version, try_private: if (privatetype == 0) { - goto success; + result = ISC_R_SUCCESS; + goto cleanup; } result = dns_db_findrdataset(db, node, version, privatetype, 0, 0, &rdataset, NULL); if (result == ISC_R_NOTFOUND) { - goto success; - } - if (result != ISC_R_SUCCESS) { - goto failure; + result = ISC_R_SUCCESS; + goto cleanup; } + CHECK(result); /* * Update each NSEC3 chain being built. @@ -1758,11 +1722,10 @@ try_private: CHECK(dns_nsec3_delnsec3(db, version, name, &nsec3param, diff)); } if (result == ISC_R_NOMORE) { - success: result = ISC_R_SUCCESS; } -failure: +cleanup: if (dns_rdataset_isassociated(&rdataset)) { dns_rdataset_disassociate(&rdataset); } diff --git a/lib/dns/opensslecdsa_link.c b/lib/dns/opensslecdsa_link.c index ca12bb5620..af45fdc00f 100644 --- a/lib/dns/opensslecdsa_link.c +++ b/lib/dns/opensslecdsa_link.c @@ -51,17 +51,17 @@ #error "P-384 group is not known (NID_secp384r1)" #endif /* ifndef NID_secp384r1 */ -#define DST_RET(a) \ - { \ - ret = a; \ - goto err; \ +#define DST_RET(a) \ + { \ + result = a; \ + goto cleanup; \ } #if OPENSSL_VERSION_NUMBER >= 0x30000000L && OPENSSL_API_LEVEL >= 30000 static isc_result_t raw_key_to_ossl(unsigned int key_alg, int private, const unsigned char *key, size_t key_len, EVP_PKEY **pkey) { - isc_result_t ret; + isc_result_t result; int status; const char *groupname; OSSL_PARAM_BLD *bld = NULL; @@ -141,9 +141,9 @@ raw_key_to_ossl(unsigned int key_alg, int private, const unsigned char *key, DST_R_OPENSSLFAILURE)); } - ret = ISC_R_SUCCESS; + result = ISC_R_SUCCESS; -err: +cleanup: if (params != NULL) { OSSL_PARAM_free(params); } @@ -157,14 +157,14 @@ err: BN_clear_free(priv); } - return ret; + return result; } #endif /* OPENSSL_VERSION_NUMBER >= 0x30000000L && OPENSSL_API_LEVEL >= 30000 \ */ static isc_result_t opensslecdsa_createctx(dst_key_t *key, dst_context_t *dctx) { - isc_result_t ret = ISC_R_SUCCESS; + isc_result_t result = ISC_R_SUCCESS; EVP_MD_CTX *evp_md_ctx; const EVP_MD *type = NULL; @@ -205,8 +205,8 @@ opensslecdsa_createctx(dst_key_t *key, dst_context_t *dctx) { dctx->ctxdata.evp_md_ctx = evp_md_ctx; -err: - return ret; +cleanup: + return result; } static void @@ -225,7 +225,7 @@ opensslecdsa_destroyctx(dst_context_t *dctx) { static isc_result_t opensslecdsa_adddata(dst_context_t *dctx, const isc_region_t *data) { - isc_result_t ret = ISC_R_SUCCESS; + isc_result_t result = ISC_R_SUCCESS; EVP_MD_CTX *evp_md_ctx = dctx->ctxdata.evp_md_ctx; REQUIRE(dctx->key->key_alg == DST_ALG_ECDSA256 || @@ -250,8 +250,8 @@ opensslecdsa_adddata(dst_context_t *dctx, const isc_region_t *data) { } } -err: - return ret; +cleanup: + return result; } static int @@ -269,7 +269,7 @@ BN_bn2bin_fixed(const BIGNUM *bn, unsigned char *buf, int size) { static isc_result_t opensslecdsa_sign(dst_context_t *dctx, isc_buffer_t *sig) { - isc_result_t ret; + isc_result_t result; dst_key_t *key = dctx->key; isc_region_t region; EVP_MD_CTX *evp_md_ctx = dctx->ctxdata.evp_md_ctx; @@ -320,19 +320,19 @@ opensslecdsa_sign(dst_context_t *dctx, isc_buffer_t *sig) { isc_region_consume(®ion, siglen / 2); ECDSA_SIG_free(ecdsasig); isc_buffer_add(sig, siglen); - ret = ISC_R_SUCCESS; + result = ISC_R_SUCCESS; -err: +cleanup: if (sigder != NULL && sigder_alloced != 0) { isc_mem_put(dctx->mctx, sigder, sigder_alloced); } - return ret; + return result; } static isc_result_t opensslecdsa_verify(dst_context_t *dctx, const isc_region_t *sig) { - isc_result_t ret; + isc_result_t result; dst_key_t *key = dctx->key; int status; unsigned char *cp = sig->base; @@ -388,19 +388,19 @@ opensslecdsa_verify(dst_context_t *dctx, const isc_region_t *sig) { switch (status) { case 1: - ret = ISC_R_SUCCESS; + result = ISC_R_SUCCESS; break; case 0: - ret = dst__openssl_toresult(DST_R_VERIFYFAILURE); + result = dst__openssl_toresult(DST_R_VERIFYFAILURE); break; default: - ret = dst__openssl_toresult3(dctx->category, - "EVP_DigestVerifyFinal", - DST_R_VERIFYFAILURE); + result = dst__openssl_toresult3(dctx->category, + "EVP_DigestVerifyFinal", + DST_R_VERIFYFAILURE); break; } -err: +cleanup: if (ecdsasig != NULL) { ECDSA_SIG_free(ecdsasig); } @@ -408,12 +408,12 @@ err: isc_mem_put(dctx->mctx, sigder, sigder_alloced); } - return ret; + return result; } static bool opensslecdsa_compare(const dst_key_t *key1, const dst_key_t *key2) { - bool ret; + bool result; EVP_PKEY *pkey1 = key1->keydata.pkey; EVP_PKEY *pkey2 = key2->keydata.pkey; #if OPENSSL_VERSION_NUMBER < 0x30000000L || OPENSSL_API_LEVEL < 30000 @@ -464,9 +464,9 @@ opensslecdsa_compare(const dst_key_t *key1, const dst_key_t *key2) { ERR_clear_error(); } - ret = true; + result = true; -err: +cleanup: #if OPENSSL_VERSION_NUMBER < 0x30000000L || OPENSSL_API_LEVEL < 30000 if (eckey1 != NULL) { EC_KEY_free(eckey1); @@ -483,12 +483,12 @@ err: } #endif /* OPENSSL_VERSION_NUMBER < 0x30000000L || OPENSSL_API_LEVEL < 30000 */ - return ret; + return result; } static isc_result_t opensslecdsa_generate(dst_key_t *key, int unused, void (*callback)(int)) { - isc_result_t ret; + isc_result_t result; int status; EVP_PKEY *pkey = NULL; #if OPENSSL_VERSION_NUMBER < 0x30000000L || OPENSSL_API_LEVEL < 30000 @@ -577,9 +577,9 @@ opensslecdsa_generate(dst_key_t *key, int unused, void (*callback)(int)) { key->keydata.pkey = pkey; pkey = NULL; - ret = ISC_R_SUCCESS; + result = ISC_R_SUCCESS; -err: +cleanup: if (pkey != NULL) { EVP_PKEY_free(pkey); } @@ -596,12 +596,12 @@ err: } #endif /* OPENSSL_VERSION_NUMBER < 0x30000000L || OPENSSL_API_LEVEL < 30000 */ - return ret; + return result; } static bool opensslecdsa_isprivate(const dst_key_t *key) { - bool ret; + bool result; EVP_PKEY *pkey; #if OPENSSL_VERSION_NUMBER < 0x30000000L || OPENSSL_API_LEVEL < 30000 EC_KEY *eckey; @@ -620,22 +620,22 @@ opensslecdsa_isprivate(const dst_key_t *key) { #if OPENSSL_VERSION_NUMBER < 0x30000000L || OPENSSL_API_LEVEL < 30000 eckey = EVP_PKEY_get1_EC_KEY(pkey); - ret = (eckey != NULL && EC_KEY_get0_private_key(eckey) != NULL); + result = (eckey != NULL && EC_KEY_get0_private_key(eckey) != NULL); if (eckey != NULL) { EC_KEY_free(eckey); } else { ERR_clear_error(); } #else - ret = (EVP_PKEY_get_bn_param(pkey, OSSL_PKEY_PARAM_PRIV_KEY, &priv) == - 1 && - priv != NULL); + result = (EVP_PKEY_get_bn_param(pkey, OSSL_PKEY_PARAM_PRIV_KEY, + &priv) == 1 && + priv != NULL); if (priv != NULL) { BN_clear_free(priv); } #endif /* OPENSSL_VERSION_NUMBER < 0x30000000L || OPENSSL_API_LEVEL < 30000 */ - return ret; + return result; } static void @@ -650,7 +650,7 @@ opensslecdsa_destroy(dst_key_t *key) { static isc_result_t opensslecdsa_todns(const dst_key_t *key, isc_buffer_t *data) { - isc_result_t ret; + isc_result_t result; EVP_PKEY *pkey; #if OPENSSL_VERSION_NUMBER < 0x30000000L || OPENSSL_API_LEVEL < 30000 EC_KEY *eckey = NULL; @@ -719,9 +719,9 @@ opensslecdsa_todns(const dst_key_t *key, isc_buffer_t *data) { #endif /* OPENSSL_VERSION_NUMBER < 0x30000000L || OPENSSL_API_LEVEL < 30000 */ isc_buffer_add(data, len); - ret = ISC_R_SUCCESS; + result = ISC_R_SUCCESS; -err: +cleanup: #if OPENSSL_VERSION_NUMBER < 0x30000000L || OPENSSL_API_LEVEL < 30000 if (eckey != NULL) { EC_KEY_free(eckey); @@ -735,12 +735,12 @@ err: } #endif /* OPENSSL_VERSION_NUMBER < 0x30000000L || OPENSSL_API_LEVEL < 30000 */ - return ret; + return result; } static isc_result_t opensslecdsa_fromdns(dst_key_t *key, isc_buffer_t *data) { - isc_result_t ret; + isc_result_t result; EVP_PKEY *pkey = NULL; isc_region_t r; #if OPENSSL_VERSION_NUMBER < 0x30000000L || OPENSSL_API_LEVEL < 30000 @@ -803,29 +803,29 @@ opensslecdsa_fromdns(dst_key_t *key, isc_buffer_t *data) { DST_RET(dst__openssl_toresult(ISC_R_FAILURE)); } #else - ret = raw_key_to_ossl(key->key_alg, 0, r.base, len, &pkey); - if (ret != ISC_R_SUCCESS) { - DST_RET(ret); + result = raw_key_to_ossl(key->key_alg, 0, r.base, len, &pkey); + if (result != ISC_R_SUCCESS) { + DST_RET(result); } #endif /* OPENSSL_VERSION_NUMBER < 0x30000000L || OPENSSL_API_LEVEL < 30000 */ isc_buffer_forward(data, len); key->keydata.pkey = pkey; key->key_size = len * 4; - ret = ISC_R_SUCCESS; + result = ISC_R_SUCCESS; -err: +cleanup: #if OPENSSL_VERSION_NUMBER < 0x30000000L || OPENSSL_API_LEVEL < 30000 if (eckey != NULL) { EC_KEY_free(eckey); } #endif /* OPENSSL_VERSION_NUMBER < 0x30000000L || OPENSSL_API_LEVEL < 30000 */ - return ret; + return result; } static isc_result_t opensslecdsa_tofile(const dst_key_t *key, const char *directory) { - isc_result_t ret; + isc_result_t result; EVP_PKEY *pkey; #if OPENSSL_VERSION_NUMBER < 0x30000000L || OPENSSL_API_LEVEL < 30000 EC_KEY *eckey = NULL; @@ -895,9 +895,9 @@ opensslecdsa_tofile(const dst_key_t *key, const char *directory) { } priv.nelements = i; - ret = dst__privstruct_writefile(key, &priv, directory); + result = dst__privstruct_writefile(key, &priv, directory); -err: +cleanup: if (buf != NULL && privkey != NULL) { isc_mem_put(key->mctx, buf, BN_num_bytes(privkey)); } @@ -911,7 +911,7 @@ err: } #endif /* OPENSSL_VERSION_NUMBER < 0x30000000L || OPENSSL_API_LEVEL < 30000 */ - return ret; + return result; } #if OPENSSL_VERSION_NUMBER < 0x30000000L || OPENSSL_API_LEVEL < 30000 @@ -940,7 +940,7 @@ ecdsa_check(EC_KEY *eckey, EC_KEY *pubeckey) { #else static isc_result_t ecdsa_check(EVP_PKEY **pkey, EVP_PKEY *pubpkey) { - isc_result_t ret = ISC_R_FAILURE; + isc_result_t result = ISC_R_FAILURE; int status; size_t pkey_len = 0; BIGNUM *x = NULL; @@ -1057,7 +1057,7 @@ ecdsa_check(EVP_PKEY **pkey, EVP_PKEY *pubpkey) { DST_RET(ISC_R_SUCCESS); } -err: +cleanup: if (ctx != NULL) { EVP_PKEY_CTX_free(ctx); } @@ -1077,7 +1077,7 @@ err: BN_clear_free(y); } - return ret; + return result; } #endif /* OPENSSL_VERSION_NUMBER < 0x30000000L || OPENSSL_API_LEVEL < 30000 */ @@ -1186,7 +1186,7 @@ opensslecdsa_fromlabel(dst_key_t *key, const char *engine, const char *label, static isc_result_t opensslecdsa_parse(dst_key_t *key, isc_lex_t *lexer, dst_key_t *pub) { dst_private_t priv; - isc_result_t ret; + isc_result_t result; #if OPENSSL_VERSION_NUMBER < 0x30000000L || OPENSSL_API_LEVEL < 30000 EC_KEY *eckey = NULL; EC_KEY *pubeckey = NULL; @@ -1200,11 +1200,8 @@ opensslecdsa_parse(dst_key_t *key, isc_lex_t *lexer, dst_key_t *pub) { key->key_alg == DST_ALG_ECDSA384); /* read private key file */ - ret = dst__privstruct_parse(key, DST_ALG_ECDSA256, lexer, key->mctx, - &priv); - if (ret != ISC_R_SUCCESS) { - goto err; - } + CHECK(dst__privstruct_parse(key, DST_ALG_ECDSA256, lexer, key->mctx, + &priv)); if (key->external) { if (priv.nelements != 0 || pub == NULL) { @@ -1236,10 +1233,7 @@ opensslecdsa_parse(dst_key_t *key, isc_lex_t *lexer, dst_key_t *pub) { } if (label != NULL) { - ret = opensslecdsa_fromlabel(key, engine, label, NULL); - if (ret != ISC_R_SUCCESS) { - goto err; - } + CHECK(opensslecdsa_fromlabel(key, engine, label, NULL)); #if OPENSSL_VERSION_NUMBER < 0x30000000L || OPENSSL_API_LEVEL < 30000 eckey = EVP_PKEY_get1_EC_KEY(key->keydata.pkey); @@ -1249,28 +1243,22 @@ opensslecdsa_parse(dst_key_t *key, isc_lex_t *lexer, dst_key_t *pub) { #endif /* OPENSSL_VERSION_NUMBER < 0x30000000L || OPENSSL_API_LEVEL < 30000 */ } else { #if OPENSSL_VERSION_NUMBER < 0x30000000L || OPENSSL_API_LEVEL < 30000 - ret = dst__key_to_eckey(key, &eckey); - if (ret != ISC_R_SUCCESS) { - goto err; - } + CHECK(dst__key_to_eckey(key, &eckey)); - ret = load_privkey_from_privstruct(eckey, &priv, privkey_index); + CHECK(load_privkey_from_privstruct(eckey, &priv, + privkey_index)); #else if (key->keydata.pkey != NULL) { EVP_PKEY_free(key->keydata.pkey); key->keydata.pkey = NULL; } - ret = raw_key_to_ossl(key->key_alg, 1, + CHECK(raw_key_to_ossl(key->key_alg, 1, priv.elements[privkey_index].data, priv.elements[privkey_index].length, - &key->keydata.pkey); + &key->keydata.pkey)); #endif /* OPENSSL_VERSION_NUMBER < 0x30000000L || OPENSSL_API_LEVEL < 30000 */ - if (ret != ISC_R_SUCCESS) { - goto err; - } - finalize_key = true; } @@ -1284,7 +1272,7 @@ opensslecdsa_parse(dst_key_t *key, isc_lex_t *lexer, dst_key_t *pub) { } if (finalize_key) { - ret = finalize_eckey(key, eckey, engine, label); + result = finalize_eckey(key, eckey, engine, label); } #else if (ecdsa_check(&key->keydata.pkey, @@ -1295,11 +1283,11 @@ opensslecdsa_parse(dst_key_t *key, isc_lex_t *lexer, dst_key_t *pub) { } if (finalize_key) { - ret = finalize_eckey(key, engine, label); + result = finalize_eckey(key, engine, label); } #endif /* OPENSSL_VERSION_NUMBER < 0x30000000L || OPENSSL_API_LEVEL < 30000 */ -err: +cleanup: #if OPENSSL_VERSION_NUMBER < 0x30000000L || OPENSSL_API_LEVEL < 30000 if (pubeckey != NULL) { EC_KEY_free(pubeckey); @@ -1308,21 +1296,21 @@ err: EC_KEY_free(eckey); } #endif /* OPENSSL_VERSION_NUMBER < 0x30000000L || OPENSSL_API_LEVEL < 30000 */ - if (ret != ISC_R_SUCCESS) { + if (result != ISC_R_SUCCESS) { key->keydata.generic = NULL; } dst__privstruct_free(&priv, key->mctx); isc_safe_memwipe(&priv, sizeof(priv)); - return ret; + return result; } static isc_result_t opensslecdsa_fromlabel(dst_key_t *key, const char *engine, const char *label, const char *pin) { #if !defined(OPENSSL_NO_ENGINE) && OPENSSL_API_LEVEL < 30000 - isc_result_t ret = ISC_R_SUCCESS; + isc_result_t result = ISC_R_SUCCESS; ENGINE *e; EC_KEY *eckey = NULL; EC_KEY *pubeckey = NULL; @@ -1395,7 +1383,7 @@ opensslecdsa_fromlabel(dst_key_t *key, const char *engine, const char *label, key->keydata.pkey = pkey; pkey = NULL; -err: +cleanup: if (pubpkey != NULL) { EVP_PKEY_free(pubpkey); } @@ -1409,7 +1397,7 @@ err: EC_KEY_free(eckey); } - return ret; + return result; #else UNUSED(key); UNUSED(engine); diff --git a/lib/dns/openssleddsa_link.c b/lib/dns/openssleddsa_link.c index 74dac17bc6..6301db4c36 100644 --- a/lib/dns/openssleddsa_link.c +++ b/lib/dns/openssleddsa_link.c @@ -38,10 +38,10 @@ #include "dst_parse.h" #include "openssl_shim.h" -#define DST_RET(a) \ - { \ - ret = a; \ - goto err; \ +#define DST_RET(a) \ + { \ + result = a; \ + goto cleanup; \ } #if HAVE_OPENSSL_ED25519 @@ -59,7 +59,7 @@ static isc_result_t raw_key_to_ossl(unsigned int key_alg, int private, const unsigned char *key, size_t *key_len, EVP_PKEY **pkey) { - isc_result_t ret; + isc_result_t result; int pkey_type = EVP_PKEY_NONE; size_t len = 0; @@ -79,9 +79,9 @@ raw_key_to_ossl(unsigned int key_alg, int private, const unsigned char *key, return ISC_R_NOTIMPLEMENTED; } - ret = (private ? DST_R_INVALIDPRIVATEKEY : DST_R_INVALIDPUBLICKEY); + result = (private ? DST_R_INVALIDPRIVATEKEY : DST_R_INVALIDPUBLICKEY); if (*key_len < len) { - return ret; + return result; } if (private) { @@ -90,7 +90,7 @@ raw_key_to_ossl(unsigned int key_alg, int private, const unsigned char *key, *pkey = EVP_PKEY_new_raw_public_key(pkey_type, NULL, key, len); } if (*pkey == NULL) { - return dst__openssl_toresult(ret); + return dst__openssl_toresult(result); } *key_len = len; @@ -156,7 +156,7 @@ openssleddsa_adddata(dst_context_t *dctx, const isc_region_t *data) { static isc_result_t openssleddsa_sign(dst_context_t *dctx, isc_buffer_t *sig) { - isc_result_t ret; + isc_result_t result; dst_key_t *key = dctx->key; isc_region_t tbsreg; isc_region_t sigreg; @@ -196,19 +196,19 @@ openssleddsa_sign(dst_context_t *dctx, isc_buffer_t *sig) { DST_R_SIGNFAILURE)); } isc_buffer_add(sig, (unsigned int)siglen); - ret = ISC_R_SUCCESS; + result = ISC_R_SUCCESS; -err: +cleanup: EVP_MD_CTX_free(ctx); isc_buffer_free(&buf); dctx->ctxdata.generic = NULL; - return ret; + return result; } static isc_result_t openssleddsa_verify(dst_context_t *dctx, const isc_region_t *sig) { - isc_result_t ret; + isc_result_t result; dst_key_t *key = dctx->key; int status; isc_region_t tbsreg; @@ -254,23 +254,24 @@ openssleddsa_verify(dst_context_t *dctx, const isc_region_t *sig) { switch (status) { case 1: - ret = ISC_R_SUCCESS; + result = ISC_R_SUCCESS; break; case 0: - ret = dst__openssl_toresult(DST_R_VERIFYFAILURE); + result = dst__openssl_toresult(DST_R_VERIFYFAILURE); break; default: - ret = dst__openssl_toresult3(dctx->category, "EVP_DigestVerify", - DST_R_VERIFYFAILURE); + result = dst__openssl_toresult3(dctx->category, + "EVP_DigestVerify", + DST_R_VERIFYFAILURE); break; } -err: +cleanup: EVP_MD_CTX_free(ctx); isc_buffer_free(&buf); dctx->ctxdata.generic = NULL; - return ret; + return result; } static bool @@ -294,7 +295,7 @@ openssleddsa_compare(const dst_key_t *key1, const dst_key_t *key2) { static isc_result_t openssleddsa_generate(dst_key_t *key, int unused, void (*callback)(int)) { - isc_result_t ret; + isc_result_t result; EVP_PKEY *pkey = NULL; EVP_PKEY_CTX *ctx = NULL; int nid = 0, status; @@ -339,11 +340,11 @@ openssleddsa_generate(dst_key_t *key, int unused, void (*callback)(int)) { } key->keydata.pkey = pkey; - ret = ISC_R_SUCCESS; + result = ISC_R_SUCCESS; -err: +cleanup: EVP_PKEY_CTX_free(ctx); - return ret; + return result; } static bool @@ -412,7 +413,6 @@ openssleddsa_todns(const dst_key_t *key, isc_buffer_t *data) { static isc_result_t openssleddsa_fromdns(dst_key_t *key, isc_buffer_t *data) { - isc_result_t ret; isc_region_t r; size_t len; EVP_PKEY *pkey; @@ -426,10 +426,7 @@ openssleddsa_fromdns(dst_key_t *key, isc_buffer_t *data) { } len = r.length; - ret = raw_key_to_ossl(key->key_alg, 0, r.base, &len, &pkey); - if (ret != ISC_R_SUCCESS) { - return ret; - } + RETERR(raw_key_to_ossl(key->key_alg, 0, r.base, &len, &pkey)); isc_buffer_forward(data, len); key->keydata.pkey = pkey; @@ -439,7 +436,7 @@ openssleddsa_fromdns(dst_key_t *key, isc_buffer_t *data) { static isc_result_t openssleddsa_tofile(const dst_key_t *key, const char *directory) { - isc_result_t ret; + isc_result_t result; dst_private_t priv; unsigned char *buf = NULL; size_t len; @@ -492,13 +489,13 @@ openssleddsa_tofile(const dst_key_t *key, const char *directory) { } priv.nelements = i; - ret = dst__privstruct_writefile(key, &priv, directory); + result = dst__privstruct_writefile(key, &priv, directory); -err: +cleanup: if (buf != NULL) { isc_mem_put(key->mctx, buf, len); } - return ret; + return result; } static isc_result_t @@ -515,7 +512,7 @@ eddsa_check(EVP_PKEY *pkey, EVP_PKEY *pubpkey) { static isc_result_t openssleddsa_parse(dst_key_t *key, isc_lex_t *lexer, dst_key_t *pub) { dst_private_t priv; - isc_result_t ret; + isc_result_t result; int i, privkey_index = -1; const char *engine = NULL, *label = NULL; EVP_PKEY *pkey = NULL, *pubpkey = NULL; @@ -526,10 +523,7 @@ openssleddsa_parse(dst_key_t *key, isc_lex_t *lexer, dst_key_t *pub) { key->key_alg == DST_ALG_ED448); /* read private key file */ - ret = dst__privstruct_parse(key, DST_ALG_ED25519, lexer, mctx, &priv); - if (ret != ISC_R_SUCCESS) { - goto err; - } + CHECK(dst__privstruct_parse(key, DST_ALG_ED25519, lexer, mctx, &priv)); if (key->external) { if (priv.nelements != 0) { @@ -566,10 +560,7 @@ openssleddsa_parse(dst_key_t *key, isc_lex_t *lexer, dst_key_t *pub) { } if (label != NULL) { - ret = openssleddsa_fromlabel(key, engine, label, NULL); - if (ret != ISC_R_SUCCESS) { - goto err; - } + CHECK(openssleddsa_fromlabel(key, engine, label, NULL)); if (eddsa_check(key->keydata.pkey, pubpkey) != ISC_R_SUCCESS) { DST_RET(DST_R_INVALIDPRIVATEKEY); } @@ -581,30 +572,27 @@ openssleddsa_parse(dst_key_t *key, isc_lex_t *lexer, dst_key_t *pub) { } len = priv.elements[privkey_index].length; - ret = raw_key_to_ossl(key->key_alg, 1, - priv.elements[privkey_index].data, &len, &pkey); - if (ret != ISC_R_SUCCESS) { - goto err; - } + CHECK(raw_key_to_ossl(key->key_alg, 1, + priv.elements[privkey_index].data, &len, &pkey)); if (eddsa_check(pkey, pubpkey) != ISC_R_SUCCESS) { EVP_PKEY_free(pkey); DST_RET(DST_R_INVALIDPRIVATEKEY); } key->keydata.pkey = pkey; key->key_size = len * 8; - ret = ISC_R_SUCCESS; + result = ISC_R_SUCCESS; -err: +cleanup: dst__privstruct_free(&priv, mctx); isc_safe_memwipe(&priv, sizeof(priv)); - return ret; + return result; } static isc_result_t openssleddsa_fromlabel(dst_key_t *key, const char *engine, const char *label, const char *pin) { #if !defined(OPENSSL_NO_ENGINE) && OPENSSL_API_LEVEL < 30000 - isc_result_t ret; + isc_result_t result; ENGINE *e; EVP_PKEY *pkey = NULL, *pubpkey = NULL; int baseid = EVP_PKEY_NONE; @@ -654,16 +642,16 @@ openssleddsa_fromlabel(dst_key_t *key, const char *engine, const char *label, key->key_size = EVP_PKEY_bits(pkey); key->keydata.pkey = pkey; pkey = NULL; - ret = ISC_R_SUCCESS; + result = ISC_R_SUCCESS; -err: +cleanup: if (pubpkey != NULL) { EVP_PKEY_free(pubpkey); } if (pkey != NULL) { EVP_PKEY_free(pkey); } - return ret; + return result; #else /* if !defined(OPENSSL_NO_ENGINE) && OPENSSL_API_LEVEL < 30000 */ UNUSED(key); UNUSED(engine); diff --git a/lib/dns/opensslrsa_link.c b/lib/dns/opensslrsa_link.c index 37e8a63a61..b92e1bfc88 100644 --- a/lib/dns/opensslrsa_link.c +++ b/lib/dns/opensslrsa_link.c @@ -42,10 +42,10 @@ #include "dst_parse.h" #include "openssl_shim.h" -#define DST_RET(a) \ - { \ - ret = a; \ - goto err; \ +#define DST_RET(a) \ + { \ + result = a; \ + goto cleanup; \ } static isc_result_t @@ -256,7 +256,7 @@ opensslrsa_verify(dst_context_t *dctx, const isc_region_t *sig) { static bool opensslrsa_compare(const dst_key_t *key1, const dst_key_t *key2) { - bool ret; + bool result; int status; EVP_PKEY *pkey1 = key1->keydata.pkey; EVP_PKEY *pkey2 = key2->keydata.pkey; @@ -323,9 +323,9 @@ opensslrsa_compare(const dst_key_t *key1, const dst_key_t *key2) { } } - ret = true; + result = true; -err: +cleanup: #if OPENSSL_VERSION_NUMBER < 0x30000000L || OPENSSL_API_LEVEL < 30000 if (rsa1 != NULL) { RSA_free(rsa1); @@ -354,7 +354,7 @@ err: } #endif /* OPENSSL_VERSION_NUMBER < 0x30000000L || OPENSSL_API_LEVEL < 30000 */ - return ret; + return result; } #if OPENSSL_VERSION_NUMBER < 0x30000000L || OPENSSL_API_LEVEL < 30000 @@ -392,7 +392,7 @@ progress_cb(EVP_PKEY_CTX *ctx) { static isc_result_t opensslrsa_generate(dst_key_t *key, int exp, void (*callback)(int)) { - isc_result_t ret; + isc_result_t result; union { void *dptr; void (*fptr)(int); @@ -500,9 +500,9 @@ opensslrsa_generate(dst_key_t *key, int exp, void (*callback)(int)) { key->keydata.pkey = pkey; pkey = NULL; - ret = ISC_R_SUCCESS; + result = ISC_R_SUCCESS; -err: +cleanup: if (pkey != NULL) { EVP_PKEY_free(pkey); } @@ -521,7 +521,7 @@ err: if (e != NULL) { BN_free(e); } - return ret; + return result; } static bool @@ -584,7 +584,7 @@ opensslrsa_todns(const dst_key_t *key, isc_buffer_t *data) { isc_region_t r; unsigned int e_bytes; unsigned int mod_bytes; - isc_result_t ret; + isc_result_t result; EVP_PKEY *pkey; #if OPENSSL_VERSION_NUMBER < 0x30000000L || OPENSSL_API_LEVEL < 30000 RSA *rsa; @@ -641,8 +641,8 @@ opensslrsa_todns(const dst_key_t *key, isc_buffer_t *data) { isc_buffer_add(data, e_bytes + mod_bytes); - ret = ISC_R_SUCCESS; -err: + result = ISC_R_SUCCESS; +cleanup: #if OPENSSL_VERSION_NUMBER < 0x30000000L || OPENSSL_API_LEVEL < 30000 if (rsa != NULL) { RSA_free(rsa); @@ -655,12 +655,12 @@ err: BN_free(n); } #endif /* OPENSSL_VERSION_NUMBER < 0x30000000L || OPENSSL_API_LEVEL < 30000 */ - return ret; + return result; } static isc_result_t opensslrsa_fromdns(dst_key_t *key, isc_buffer_t *data) { - isc_result_t ret; + isc_result_t result; int status; isc_region_t r; unsigned int e_bytes; @@ -778,9 +778,9 @@ opensslrsa_fromdns(dst_key_t *key, isc_buffer_t *data) { key->keydata.pkey = pkey; pkey = NULL; - ret = ISC_R_SUCCESS; + result = ISC_R_SUCCESS; -err: +cleanup: #if OPENSSL_VERSION_NUMBER < 0x30000000L || OPENSSL_API_LEVEL < 30000 if (rsa != NULL) { @@ -807,12 +807,12 @@ err: EVP_PKEY_free(pkey); } - return ret; + return result; } static isc_result_t opensslrsa_tofile(const dst_key_t *key, const char *directory) { - isc_result_t ret; + isc_result_t result; dst_private_t priv = { 0 }; unsigned char *bufs[8] = { NULL }; unsigned short i = 0; @@ -952,9 +952,9 @@ opensslrsa_tofile(const dst_key_t *key, const char *directory) { } priv.nelements = i; - ret = dst__privstruct_writefile(key, &priv, directory); + result = dst__privstruct_writefile(key, &priv, directory); -err: +cleanup: for (i = 0; i < ARRAY_SIZE(bufs); i++) { if (bufs[i] != NULL) { isc_mem_put(key->mctx, bufs[i], @@ -990,7 +990,7 @@ err: } #endif /* OPENSSL_VERSION_NUMBER < 0x30000000L || OPENSSL_API_LEVEL < 30000 */ - return ret; + return result; } #if OPENSSL_VERSION_NUMBER < 0x30000000L || OPENSSL_API_LEVEL < 30000 @@ -1053,7 +1053,7 @@ rsa_check(RSA *rsa, RSA *pub) { #else static isc_result_t rsa_check(EVP_PKEY *pkey, EVP_PKEY *pubpkey) { - isc_result_t ret = ISC_R_FAILURE; + isc_result_t result = ISC_R_FAILURE; int status; BIGNUM *n1 = NULL, *n2 = NULL; BIGNUM *e1 = NULL, *e2 = NULL; @@ -1101,7 +1101,7 @@ rsa_check(EVP_PKEY *pkey, EVP_PKEY *pubpkey) { DST_RET(ISC_R_SUCCESS); } -err: +cleanup: if (n1 != NULL) { BN_free(n1); } @@ -1115,14 +1115,14 @@ err: BN_free(e2); } - return ret; + return result; } #endif /* OPENSSL_VERSION_NUMBER < 0x30000000L || OPENSSL_API_LEVEL < 30000 */ static isc_result_t opensslrsa_parse(dst_key_t *key, isc_lex_t *lexer, dst_key_t *pub) { dst_private_t priv; - isc_result_t ret; + isc_result_t result; int i; #if OPENSSL_VERSION_NUMBER < 0x30000000L || OPENSSL_API_LEVEL < 30000 RSA *rsa = NULL, *pubrsa = NULL; @@ -1152,10 +1152,7 @@ opensslrsa_parse(dst_key_t *key, isc_lex_t *lexer, dst_key_t *pub) { mctx = key->mctx; /* read private key file */ - ret = dst__privstruct_parse(key, DST_ALG_RSA, lexer, mctx, &priv); - if (ret != ISC_R_SUCCESS) { - goto err; - } + CHECK(dst__privstruct_parse(key, DST_ALG_RSA, lexer, mctx, &priv)); if (key->external) { if (priv.nelements != 0 || pub == NULL) { @@ -1405,7 +1402,7 @@ opensslrsa_parse(dst_key_t *key, isc_lex_t *lexer, dst_key_t *pub) { key->keydata.pkey = pkey; pkey = NULL; -err: +cleanup: if (pkey != NULL) { EVP_PKEY_free(pkey); } @@ -1451,14 +1448,14 @@ err: BN_clear_free(iqmp); } #endif /* OPENSSL_VERSION_NUMBER < 0x30000000L || OPENSSL_API_LEVEL < 30000 */ - if (ret != ISC_R_SUCCESS) { + if (result != ISC_R_SUCCESS) { key->keydata.generic = NULL; } dst__privstruct_free(&priv, mctx); isc_safe_memwipe(&priv, sizeof(priv)); - return ret; + return result; } static isc_result_t @@ -1466,7 +1463,7 @@ opensslrsa_fromlabel(dst_key_t *key, const char *engine, const char *label, const char *pin) { #if !defined(OPENSSL_NO_ENGINE) && OPENSSL_API_LEVEL < 30000 ENGINE *e = NULL; - isc_result_t ret = ISC_R_SUCCESS; + isc_result_t result = ISC_R_SUCCESS; EVP_PKEY *pkey = NULL, *pubpkey = NULL; RSA *rsa = NULL, *pubrsa = NULL; const BIGNUM *ex = NULL; @@ -1520,7 +1517,7 @@ opensslrsa_fromlabel(dst_key_t *key, const char *engine, const char *label, key->keydata.pkey = pkey; pkey = NULL; -err: +cleanup: if (rsa != NULL) { RSA_free(rsa); } @@ -1533,7 +1530,7 @@ err: if (pubpkey != NULL) { EVP_PKEY_free(pubpkey); } - return ret; + return result; #else /* if !defined(OPENSSL_NO_ENGINE) && OPENSSL_API_LEVEL < 30000 */ UNUSED(key); UNUSED(engine); @@ -1651,7 +1648,7 @@ check_algorithm(unsigned char algorithm) { const EVP_MD *type = NULL; const unsigned char *sig = NULL; int status; - isc_result_t ret = ISC_R_SUCCESS; + isc_result_t result = ISC_R_SUCCESS; size_t len; #if OPENSSL_VERSION_NUMBER < 0x30000000L || OPENSSL_API_LEVEL < 30000 RSA *rsa = NULL; @@ -1769,7 +1766,7 @@ check_algorithm(unsigned char algorithm) { DST_RET(ISC_R_NOTIMPLEMENTED); } -err: +cleanup: BN_free(e); BN_free(n); #if OPENSSL_VERSION_NUMBER < 0x30000000L || OPENSSL_API_LEVEL < 30000 @@ -1794,7 +1791,7 @@ err: EVP_MD_CTX_destroy(evp_md_ctx); } ERR_clear_error(); - return ret; + return result; } isc_result_t diff --git a/lib/dns/private.c b/lib/dns/private.c index b165440348..eef3bbb4a4 100644 --- a/lib/dns/private.c +++ b/lib/dns/private.c @@ -44,13 +44,6 @@ #define INITIAL(x) (((x) & DNS_NSEC3FLAG_INITIAL) != 0) #define NONSEC(x) (((x) & DNS_NSEC3FLAG_NONSEC) != 0) -#define CHECK(x) \ - do { \ - result = (x); \ - if (result != ISC_R_SUCCESS) \ - goto failure; \ - } while (0) - /* * Work out if 'param' should be ignored or not (i.e. it is in the process * of being removed). @@ -126,14 +119,14 @@ dns_private_chains(dns_db_t *db, dns_dbversion_t *ver, result = dns_db_findrdataset(db, node, ver, dns_rdatatype_nsec, 0, (isc_stdtime_t)0, &nsecset, NULL); - if (result != ISC_R_SUCCESS && result != ISC_R_NOTFOUND) { - goto failure; + if (result != ISC_R_NOTFOUND) { + CHECK(result); } result = dns_db_findrdataset(db, node, ver, dns_rdatatype_nsec3param, 0, (isc_stdtime_t)0, &nsec3paramset, NULL); - if (result != ISC_R_SUCCESS && result != ISC_R_NOTFOUND) { - goto failure; + if (result != ISC_R_NOTFOUND) { + CHECK(result); } if (dns_rdataset_isassociated(&nsecset) && @@ -152,8 +145,8 @@ dns_private_chains(dns_db_t *db, dns_dbversion_t *ver, result = dns_db_findrdataset(db, node, ver, privatetype, 0, (isc_stdtime_t)0, &privateset, NULL); - if (result != ISC_R_SUCCESS && result != ISC_R_NOTFOUND) { - goto failure; + if (result != ISC_R_NOTFOUND) { + CHECK(result); } } @@ -318,7 +311,7 @@ dns_private_chains(dns_db_t *db, dns_dbversion_t *ver, success: result = ISC_R_SUCCESS; -failure: +cleanup: if (dns_rdataset_isassociated(&nsecset)) { dns_rdataset_disassociate(&nsecset); } @@ -412,6 +405,6 @@ dns_private_totext(dns_rdata_t *private, isc_buffer_t *buf) { isc_buffer_putuint8(buf, 0); result = ISC_R_SUCCESS; -failure: +cleanup: return result; } diff --git a/lib/dns/rbt.c b/lib/dns/rbt.c index d054acadb4..7e8ee98ac3 100644 --- a/lib/dns/rbt.c +++ b/lib/dns/rbt.c @@ -42,13 +42,6 @@ #include #include -#define CHECK(x) \ - do { \ - result = (x); \ - if (result != ISC_R_SUCCESS) \ - goto cleanup; \ - } while (0) - #define RBT_MAGIC ISC_MAGIC('R', 'B', 'T', '+') #define VALID_RBT(rbt) ISC_MAGIC_VALID(rbt, RBT_MAGIC) diff --git a/lib/dns/rbtdb.c b/lib/dns/rbtdb.c index 82cb74db26..cb7f410311 100644 --- a/lib/dns/rbtdb.c +++ b/lib/dns/rbtdb.c @@ -65,13 +65,6 @@ #define RBTDB_MAGIC ISC_MAGIC('R', 'B', 'D', '4') -#define CHECK(op) \ - do { \ - result = (op); \ - if (result != ISC_R_SUCCESS) \ - goto failure; \ - } while (0) - /*% * Note that "impmagic" is not the first four bytes of the struct, so * ISC_MAGIC_VALID cannot be used. diff --git a/lib/dns/rcode.c b/lib/dns/rcode.c index a60997873c..37b8148a26 100644 --- a/lib/dns/rcode.c +++ b/lib/dns/rcode.c @@ -37,13 +37,6 @@ #include #include -#define RETERR(x) \ - do { \ - isc_result_t _r = (x); \ - if (_r != ISC_R_SUCCESS) \ - return ((_r)); \ - } while (0) - #define NUMBERSIZE sizeof("037777777777") /* 2^32-1 octal + NUL */ #define TOTEXTONLY 0x01 diff --git a/lib/dns/rdata.c b/lib/dns/rdata.c index 9087bae11c..2f6595d732 100644 --- a/lib/dns/rdata.c +++ b/lib/dns/rdata.c @@ -48,13 +48,6 @@ #include #include -#define RETERR(x) \ - do { \ - isc_result_t _r = (x); \ - if (_r != ISC_R_SUCCESS) \ - return ((_r)); \ - } while (0) - #define RETTOK(x) \ do { \ isc_result_t _r = (x); \ @@ -64,13 +57,6 @@ } \ } while (0) -#define CHECK(op) \ - do { \ - result = (op); \ - if (result != ISC_R_SUCCESS) \ - goto cleanup; \ - } while (0) - #define CHECKTOK(op) \ do { \ result = (op); \ diff --git a/lib/dns/tkey.c b/lib/dns/tkey.c index f03716c7d2..8aa4c076d3 100644 --- a/lib/dns/tkey.c +++ b/lib/dns/tkey.c @@ -54,13 +54,6 @@ #define TEMP_BUFFER_SZ 8192 #define TKEY_RANDOM_AMOUNT 16 -#define RETERR(x) \ - do { \ - result = (x); \ - if (result != ISC_R_SUCCESS) \ - goto failure; \ - } while (0) - static void tkey_log(const char *fmt, ...) ISC_FORMAT_PRINTF(1, 2); @@ -167,7 +160,7 @@ add_rdata_to_list(dns_message_t *msg, dns_name_t *name, dns_rdata_t *rdata, dns_rdataset_t *newset = NULL; isc_buffer_t *tmprdatabuf = NULL; - RETERR(dns_message_gettemprdata(msg, &newrdata)); + CHECK(dns_message_gettemprdata(msg, &newrdata)); dns_rdata_toregion(rdata, &r); isc_buffer_allocate(msg->mctx, &tmprdatabuf, r.length); @@ -176,17 +169,17 @@ add_rdata_to_list(dns_message_t *msg, dns_name_t *name, dns_rdata_t *rdata, dns_rdata_fromregion(newrdata, rdata->rdclass, rdata->type, &newr); dns_message_takebuffer(msg, &tmprdatabuf); - RETERR(dns_message_gettempname(msg, &newname)); + CHECK(dns_message_gettempname(msg, &newname)); dns_name_copy(name, newname); - RETERR(dns_message_gettemprdatalist(msg, &newlist)); + CHECK(dns_message_gettemprdatalist(msg, &newlist)); newlist->rdclass = newrdata->rdclass; newlist->type = newrdata->type; newlist->ttl = ttl; ISC_LIST_APPEND(newlist->rdata, newrdata, link); - RETERR(dns_message_gettemprdataset(msg, &newset)); - RETERR(dns_rdatalist_tordataset(newlist, newset)); + CHECK(dns_message_gettemprdataset(msg, &newset)); + CHECK(dns_rdatalist_tordataset(newlist, newset)); ISC_LIST_INIT(newname->list); ISC_LIST_APPEND(newname->list, newset, link); @@ -195,7 +188,7 @@ add_rdata_to_list(dns_message_t *msg, dns_name_t *name, dns_rdata_t *rdata, return ISC_R_SUCCESS; -failure: +cleanup: if (newrdata != NULL) { if (ISC_LINK_LINKED(newrdata, link)) { INSIST(newlist != NULL); @@ -430,10 +423,10 @@ process_dhtkey(dns_message_t *msg, dns_name_t *signer, dns_name_t *name, } } - RETERR(add_rdata_to_list(msg, keyname, &keyrdata, ttl, namelist)); + CHECK(add_rdata_to_list(msg, keyname, &keyrdata, ttl, namelist)); isc_buffer_init(&ourkeybuf, keydata, sizeof(keydata)); - RETERR(dst_key_todns(tctx->dhkey, &ourkeybuf)); + CHECK(dst_key_todns(tctx->dhkey, &ourkeybuf)); isc_buffer_usedregion(&ourkeybuf, &ourkeyr); dns_rdata_fromregion(&ourkeyrdata, dns_rdataclass_any, dns_rdatatype_key, &ourkeyr); @@ -444,16 +437,16 @@ process_dhtkey(dns_message_t *msg, dns_name_t *signer, dns_name_t *name, /* * XXXBEW The TTL should be obtained from the database, if it exists. */ - RETERR(add_rdata_to_list(msg, &ourname, &ourkeyrdata, 0, namelist)); + CHECK(add_rdata_to_list(msg, &ourname, &ourkeyrdata, 0, namelist)); - RETERR(dst_key_secretsize(tctx->dhkey, &sharedsize)); + CHECK(dst_key_secretsize(tctx->dhkey, &sharedsize)); isc_buffer_allocate(msg->mctx, &shared, sharedsize); result = dst_key_computesecret(pubkey, tctx->dhkey, shared); if (result != ISC_R_SUCCESS) { tkey_log("process_dhtkey: failed to compute shared secret: %s", isc_result_totext(result)); - goto failure; + goto cleanup; } dst_key_free(&pubkey); @@ -467,10 +460,10 @@ process_dhtkey(dns_message_t *msg, dns_name_t *signer, dns_name_t *name, r.length = TKEY_RANDOM_AMOUNT; r2.base = tkeyin->key; r2.length = tkeyin->keylen; - RETERR(compute_secret(shared, &r2, &r, &secret)); + CHECK(compute_secret(shared, &r2, &r, &secret)); isc_buffer_free(&shared); - RETERR(dns_tsigkey_create( + CHECK(dns_tsigkey_create( name, &tkeyin->algorithm, isc_buffer_base(&secret), isc_buffer_usedlength(&secret), true, signer, tkeyin->inception, tkeyin->expire, ring->mctx, ring, NULL)); @@ -484,7 +477,7 @@ process_dhtkey(dns_message_t *msg, dns_name_t *signer, dns_name_t *name, return ISC_R_SUCCESS; -failure: +cleanup: if (!ISC_LIST_EMPTY(*namelist)) { free_namelist(msg, namelist); } @@ -566,7 +559,7 @@ process_gsstkey(dns_message_t *msg, dns_name_t *name, dns_rdata_tkey_t *tkeyin, return ISC_R_SUCCESS; } if (result != DNS_R_CONTINUE && result != ISC_R_SUCCESS) { - goto failure; + CHECK(result); } /* * XXXDCL Section 4.1.3: Limit GSS_S_CONTINUE_NEEDED to 10 times. @@ -584,8 +577,8 @@ process_gsstkey(dns_message_t *msg, dns_name_t *name, dns_rdata_tkey_t *tkeyin, #endif /* HAVE_GSSAPI */ uint32_t expire; - RETERR(dst_key_fromgssapi(name, gss_ctx, ring->mctx, &dstkey, - &intoken)); + CHECK(dst_key_fromgssapi(name, gss_ctx, ring->mctx, &dstkey, + &intoken)); /* * Limit keys to 1 hour or the context's lifetime whichever * is smaller. @@ -597,7 +590,7 @@ process_gsstkey(dns_message_t *msg, dns_name_t *name, dns_rdata_tkey_t *tkeyin, expire = now + lifetime; } #endif /* HAVE_GSSAPI */ - RETERR(dns_tsigkey_createfromkey( + CHECK(dns_tsigkey_createfromkey( name, &tkeyin->algorithm, dstkey, true, principal, now, expire, ring->mctx, ring, &tsigkey)); dst_key_free(&dstkey); @@ -639,7 +632,7 @@ process_gsstkey(dns_message_t *msg, dns_name_t *name, dns_rdata_tkey_t *tkeyin, return ISC_R_SUCCESS; -failure: +cleanup: if (tsigkey != NULL) { dns_tsigkey_detach(&tsigkey); } @@ -743,26 +736,23 @@ dns_tkey_processquery(dns_message_t *msg, dns_tkeyctx_t *tctx, dns_rdatatype_tkey, 0, &name, &tkeyset) != ISC_R_SUCCESS) { - result = DNS_R_FORMERR; tkey_log("dns_tkey_processquery: couldn't find a TKEY " "matching the question"); - goto failure; + CHECK(DNS_R_FORMERR); } } result = dns_rdataset_first(tkeyset); if (result != ISC_R_SUCCESS) { - result = DNS_R_FORMERR; - goto failure; + CHECK(DNS_R_FORMERR); } dns_rdata_init(&rdata); dns_rdataset_current(tkeyset, &rdata); - RETERR(dns_rdata_tostruct(&rdata, &tkeyin, NULL)); + CHECK(dns_rdata_tostruct(&rdata, &tkeyin, NULL)); freetkeyin = true; if (tkeyin.error != dns_rcode_noerror) { - result = DNS_R_FORMERR; - goto failure; + CHECK(DNS_R_FORMERR); } /* @@ -779,8 +769,7 @@ dns_tkey_processquery(dns_message_t *msg, dns_tkeyctx_t *tctx, } else { tkey_log("dns_tkey_processquery: query was not " "properly signed - rejecting"); - result = DNS_R_FORMERR; - goto failure; + CHECK(DNS_R_FORMERR); } } else { signer = &tsigner; @@ -814,8 +803,7 @@ dns_tkey_processquery(dns_message_t *msg, dns_tkeyctx_t *tctx, if (tctx->domain == NULL && tkeyin.mode != DNS_TKEYMODE_GSSAPI) { tkey_log("dns_tkey_processquery: tkey-domain not set"); - result = DNS_R_REFUSED; - goto failure; + CHECK(DNS_R_REFUSED); } keyname = dns_fixedname_initname(&fkeyname); @@ -843,35 +831,25 @@ dns_tkey_processquery(dns_message_t *msg, dns_tkeyctx_t *tctx, } isc_buffer_init(&b, randomtext, sizeof(randomtext)); isc_buffer_add(&b, sizeof(randomtext)); - result = dns_name_fromtext(keyname, &b, NULL, 0, NULL); - if (result != ISC_R_SUCCESS) { - goto failure; - } + CHECK(dns_name_fromtext(keyname, &b, NULL, 0, NULL)); } if (tkeyin.mode == DNS_TKEYMODE_GSSAPI) { /* Yup. This is a hack */ - result = dns_name_concatenate(keyname, dns_rootname, - keyname, NULL); - if (result != ISC_R_SUCCESS) { - goto failure; - } + CHECK(dns_name_concatenate(keyname, dns_rootname, + keyname, NULL)); } else { - result = dns_name_concatenate(keyname, tctx->domain, - keyname, NULL); - if (result != ISC_R_SUCCESS) { - goto failure; - } + CHECK(dns_name_concatenate(keyname, tctx->domain, + keyname, NULL)); } result = dns_tsigkey_find(&tsigkey, keyname, NULL, ring); - if (result == ISC_R_SUCCESS) { tkeyout.error = dns_tsigerror_badname; dns_tsigkey_detach(&tsigkey); goto failure_with_tkey; } else if (result != ISC_R_NOTFOUND) { - goto failure; + CHECK(result); } } else { keyname = qname; @@ -880,23 +858,23 @@ dns_tkey_processquery(dns_message_t *msg, dns_tkeyctx_t *tctx, switch (tkeyin.mode) { case DNS_TKEYMODE_DIFFIEHELLMAN: tkeyout.error = dns_rcode_noerror; - RETERR(process_dhtkey(msg, signer, keyname, &tkeyin, tctx, - &tkeyout, ring, &namelist)); + CHECK(process_dhtkey(msg, signer, keyname, &tkeyin, tctx, + &tkeyout, ring, &namelist)); break; case DNS_TKEYMODE_GSSAPI: tkeyout.error = dns_rcode_noerror; - RETERR(process_gsstkey(msg, keyname, &tkeyin, tctx, &tkeyout, - ring)); + CHECK(process_gsstkey(msg, keyname, &tkeyin, tctx, &tkeyout, + ring)); break; case DNS_TKEYMODE_DELETE: tkeyout.error = dns_rcode_noerror; - RETERR(process_deletetkey(signer, keyname, &tkeyin, &tkeyout, - ring)); + CHECK(process_deletetkey(signer, keyname, &tkeyin, &tkeyout, + ring)); break; case DNS_TKEYMODE_SERVERASSIGNED: case DNS_TKEYMODE_RESOLVERASSIGNED: result = DNS_R_NOTIMP; - goto failure; + goto cleanup; default: tkeyout.error = dns_tsigerror_badmode; } @@ -920,13 +898,11 @@ failure_with_tkey: if (tkeyout.other != NULL) { isc_mem_put(tkeyout.mctx, tkeyout.other, tkeyout.otherlen); } - if (result != ISC_R_SUCCESS) { - goto failure; - } + CHECK(result); - RETERR(add_rdata_to_list(msg, keyname, &rdata, 0, &namelist)); + CHECK(add_rdata_to_list(msg, keyname, &rdata, 0, &namelist)); - RETERR(dns_message_reply(msg, true)); + CHECK(dns_message_reply(msg, true)); name = ISC_LIST_HEAD(namelist); while (name != NULL) { @@ -938,7 +914,7 @@ failure_with_tkey: return ISC_R_SUCCESS; -failure: +cleanup: if (freetkeyin) { dns_rdata_freestruct(&tkeyin); @@ -964,28 +940,28 @@ buildquery(dns_message_t *msg, const dns_name_t *name, dns_rdata_tkey_t *tkey, REQUIRE(name != NULL); REQUIRE(tkey != NULL); - RETERR(dns_message_gettempname(msg, &qname)); - RETERR(dns_message_gettempname(msg, &aname)); + CHECK(dns_message_gettempname(msg, &qname)); + CHECK(dns_message_gettempname(msg, &aname)); - RETERR(dns_message_gettemprdataset(msg, &question)); + CHECK(dns_message_gettemprdataset(msg, &question)); dns_rdataset_makequestion(question, dns_rdataclass_any, dns_rdatatype_tkey); len = 16 + tkey->algorithm.length + tkey->keylen + tkey->otherlen; isc_buffer_allocate(msg->mctx, &dynbuf, len); - RETERR(dns_message_gettemprdata(msg, &rdata)); + CHECK(dns_message_gettemprdata(msg, &rdata)); - RETERR(dns_rdata_fromstruct(rdata, dns_rdataclass_any, - dns_rdatatype_tkey, tkey, dynbuf)); + CHECK(dns_rdata_fromstruct(rdata, dns_rdataclass_any, + dns_rdatatype_tkey, tkey, dynbuf)); dns_message_takebuffer(msg, &dynbuf); - RETERR(dns_message_gettemprdatalist(msg, &tkeylist)); + CHECK(dns_message_gettemprdatalist(msg, &tkeylist)); tkeylist->rdclass = dns_rdataclass_any; tkeylist->type = dns_rdatatype_tkey; ISC_LIST_APPEND(tkeylist->rdata, rdata, link); - RETERR(dns_message_gettemprdataset(msg, &tkeyset)); - RETERR(dns_rdatalist_tordataset(tkeylist, tkeyset)); + CHECK(dns_message_gettemprdataset(msg, &tkeyset)); + CHECK(dns_rdatalist_tordataset(tkeylist, tkeyset)); dns_name_copy(name, qname); dns_name_copy(name, aname); @@ -1007,7 +983,7 @@ buildquery(dns_message_t *msg, const dns_name_t *name, dns_rdata_tkey_t *tkey, return ISC_R_SUCCESS; -failure: +cleanup: if (qname != NULL) { dns_message_puttempname(msg, &qname); } @@ -1079,11 +1055,11 @@ dns_tkey_builddhquery(dns_message_t *msg, dst_key_t *key, tkey.other = NULL; tkey.otherlen = 0; - RETERR(buildquery(msg, name, &tkey, false)); + CHECK(buildquery(msg, name, &tkey, false)); - RETERR(dns_message_gettemprdata(msg, &rdata)); + CHECK(dns_message_gettemprdata(msg, &rdata)); isc_buffer_allocate(msg->mctx, &dynbuf, 1024); - RETERR(dst_key_todns(key, dynbuf)); + CHECK(dst_key_todns(key, dynbuf)); isc_buffer_usedregion(dynbuf, &r); dns_rdata_fromregion(rdata, dns_rdataclass_any, dns_rdatatype_key, &r); dns_message_takebuffer(msg, &dynbuf); @@ -1092,7 +1068,7 @@ dns_tkey_builddhquery(dns_message_t *msg, dst_key_t *key, dns_name_clone(dst_key_name(key), &keyname); ISC_LIST_INIT(namelist); - RETERR(add_rdata_to_list(msg, &keyname, rdata, 0, &namelist)); + CHECK(add_rdata_to_list(msg, &keyname, rdata, 0, &namelist)); item = ISC_LIST_HEAD(namelist); while (item != NULL) { dns_name_t *next = ISC_LIST_NEXT(item, link); @@ -1103,7 +1079,7 @@ dns_tkey_builddhquery(dns_message_t *msg, dst_key_t *key, return ISC_R_SUCCESS; -failure: +cleanup: if (dynbuf != NULL) { isc_buffer_free(&dynbuf); @@ -1242,12 +1218,12 @@ dns_tkey_processdhresponse(dns_message_t *qmsg, dns_message_t *rmsg, if (rmsg->rcode != dns_rcode_noerror) { return dns_result_fromrcode(rmsg->rcode); } - RETERR(find_tkey(rmsg, &tkeyname, &rtkeyrdata, DNS_SECTION_ANSWER)); - RETERR(dns_rdata_tostruct(&rtkeyrdata, &rtkey, NULL)); + CHECK(find_tkey(rmsg, &tkeyname, &rtkeyrdata, DNS_SECTION_ANSWER)); + CHECK(dns_rdata_tostruct(&rtkeyrdata, &rtkey, NULL)); freertkey = true; - RETERR(find_tkey(qmsg, &tempname, &qtkeyrdata, DNS_SECTION_ADDITIONAL)); - RETERR(dns_rdata_tostruct(&qtkeyrdata, &qtkey, NULL)); + CHECK(find_tkey(qmsg, &tempname, &qtkeyrdata, DNS_SECTION_ADDITIONAL)); + CHECK(dns_rdata_tostruct(&qtkeyrdata, &qtkey, NULL)); if (rtkey.error != dns_rcode_noerror || rtkey.mode != DNS_TKEYMODE_DIFFIEHELLMAN || @@ -1257,9 +1233,8 @@ dns_tkey_processdhresponse(dns_message_t *qmsg, dns_message_t *rmsg, { tkey_log("dns_tkey_processdhresponse: tkey mode invalid " "or error set(1)"); - result = DNS_R_INVALIDTKEY; dns_rdata_freestruct(&qtkey); - goto failure; + CHECK(DNS_R_INVALIDTKEY); } dns_rdata_freestruct(&qtkey); @@ -1269,9 +1244,9 @@ dns_tkey_processdhresponse(dns_message_t *qmsg, dns_message_t *rmsg, ourkeyname = NULL; ourkeyset = NULL; - RETERR(dns_message_findname(rmsg, DNS_SECTION_ANSWER, &keyname, - dns_rdatatype_key, 0, &ourkeyname, - &ourkeyset)); + CHECK(dns_message_findname(rmsg, DNS_SECTION_ANSWER, &keyname, + dns_rdatatype_key, 0, &ourkeyname, + &ourkeyset)); result = dns_message_firstname(rmsg, DNS_SECTION_ANSWER); while (result == ISC_R_SUCCESS) { @@ -1285,7 +1260,7 @@ dns_tkey_processdhresponse(dns_message_t *qmsg, dns_message_t *rmsg, result = dns_message_findtype(theirkeyname, dns_rdatatype_key, 0, &theirkeyset); if (result == ISC_R_SUCCESS) { - RETERR(dns_rdataset_first(theirkeyset)); + CHECK(dns_rdataset_first(theirkeyset)); break; } next: @@ -1295,18 +1270,17 @@ dns_tkey_processdhresponse(dns_message_t *qmsg, dns_message_t *rmsg, if (theirkeyset == NULL) { tkey_log("dns_tkey_processdhresponse: failed to find server " "key"); - result = ISC_R_NOTFOUND; - goto failure; + CHECK(ISC_R_NOTFOUND); } dns_rdataset_current(theirkeyset, &theirkeyrdata); - RETERR(dns_dnssec_keyfromrdata(theirkeyname, &theirkeyrdata, rmsg->mctx, - &theirkey)); + CHECK(dns_dnssec_keyfromrdata(theirkeyname, &theirkeyrdata, rmsg->mctx, + &theirkey)); - RETERR(dst_key_secretsize(key, &sharedsize)); + CHECK(dst_key_secretsize(key, &sharedsize)); isc_buffer_allocate(rmsg->mctx, &shared, sharedsize); - RETERR(dst_key_computesecret(theirkey, key, shared)); + CHECK(dst_key_computesecret(theirkey, key, shared)); isc_buffer_init(&secret, secretdata, sizeof(secretdata)); @@ -1318,7 +1292,7 @@ dns_tkey_processdhresponse(dns_message_t *qmsg, dns_message_t *rmsg, r2.base = NULL; r2.length = 0; } - RETERR(compute_secret(shared, &r2, &r, &secret)); + CHECK(compute_secret(shared, &r2, &r, &secret)); isc_buffer_usedregion(&secret, &r); result = dns_tsigkey_create(tkeyname, &rtkey.algorithm, r.base, @@ -1329,7 +1303,7 @@ dns_tkey_processdhresponse(dns_message_t *qmsg, dns_message_t *rmsg, dst_key_free(&theirkey); return result; -failure: +cleanup: if (shared != NULL) { isc_buffer_free(&shared); } @@ -1370,8 +1344,8 @@ dns_tkey_processgssresponse(dns_message_t *qmsg, dns_message_t *rmsg, if (rmsg->rcode != dns_rcode_noerror) { return dns_result_fromrcode(rmsg->rcode); } - RETERR(find_tkey(rmsg, &tkeyname, &rtkeyrdata, DNS_SECTION_ANSWER)); - RETERR(dns_rdata_tostruct(&rtkeyrdata, &rtkey, NULL)); + CHECK(find_tkey(rmsg, &tkeyname, &rtkeyrdata, DNS_SECTION_ANSWER)); + CHECK(dns_rdata_tostruct(&rtkeyrdata, &rtkey, NULL)); /* * Win2k puts the item in the ANSWER section, while the RFC @@ -1384,11 +1358,9 @@ dns_tkey_processgssresponse(dns_message_t *qmsg, dns_message_t *rmsg, result = find_tkey(qmsg, &tkeyname, &qtkeyrdata, DNS_SECTION_ANSWER); } - if (result != ISC_R_SUCCESS) { - goto failure; - } + CHECK(result); - RETERR(dns_rdata_tostruct(&qtkeyrdata, &qtkey, NULL)); + CHECK(dns_rdata_tostruct(&qtkeyrdata, &qtkey, NULL)); if (rtkey.error != dns_rcode_noerror || rtkey.mode != DNS_TKEYMODE_GSSAPI || @@ -1399,26 +1371,25 @@ dns_tkey_processgssresponse(dns_message_t *qmsg, dns_message_t *rmsg, rtkey.error); dumpmessage(qmsg); dumpmessage(rmsg); - result = DNS_R_INVALIDTKEY; - goto failure; + CHECK(DNS_R_INVALIDTKEY); } isc_buffer_init(outtoken, array, sizeof(array)); isc_buffer_init(&intoken, rtkey.key, rtkey.keylen); - RETERR(dst_gssapi_initctx(gname, &intoken, outtoken, context, - ring->mctx, err_message)); + CHECK(dst_gssapi_initctx(gname, &intoken, outtoken, context, ring->mctx, + err_message)); - RETERR(dst_key_fromgssapi(dns_rootname, *context, rmsg->mctx, &dstkey, - NULL)); + CHECK(dst_key_fromgssapi(dns_rootname, *context, rmsg->mctx, &dstkey, + NULL)); - RETERR(dns_tsigkey_createfromkey( + CHECK(dns_tsigkey_createfromkey( tkeyname, DNS_TSIG_GSSAPI_NAME, dstkey, false, NULL, rtkey.inception, rtkey.expire, ring->mctx, ring, outkey)); dst_key_free(&dstkey); dns_rdata_freestruct(&rtkey); return result; -failure: +cleanup: /* * XXXSRA This probably leaks memory from rtkey and qtkey. */ @@ -1444,11 +1415,11 @@ dns_tkey_processdeleteresponse(dns_message_t *qmsg, dns_message_t *rmsg, return dns_result_fromrcode(rmsg->rcode); } - RETERR(find_tkey(rmsg, &tkeyname, &rtkeyrdata, DNS_SECTION_ANSWER)); - RETERR(dns_rdata_tostruct(&rtkeyrdata, &rtkey, NULL)); + CHECK(find_tkey(rmsg, &tkeyname, &rtkeyrdata, DNS_SECTION_ANSWER)); + CHECK(dns_rdata_tostruct(&rtkeyrdata, &rtkey, NULL)); - RETERR(find_tkey(qmsg, &tempname, &qtkeyrdata, DNS_SECTION_ADDITIONAL)); - RETERR(dns_rdata_tostruct(&qtkeyrdata, &qtkey, NULL)); + CHECK(find_tkey(qmsg, &tempname, &qtkeyrdata, DNS_SECTION_ADDITIONAL)); + CHECK(dns_rdata_tostruct(&qtkeyrdata, &qtkey, NULL)); if (rtkey.error != dns_rcode_noerror || rtkey.mode != DNS_TKEYMODE_DELETE || rtkey.mode != qtkey.mode || @@ -1457,15 +1428,14 @@ dns_tkey_processdeleteresponse(dns_message_t *qmsg, dns_message_t *rmsg, { tkey_log("dns_tkey_processdeleteresponse: tkey mode invalid " "or error set(3)"); - result = DNS_R_INVALIDTKEY; dns_rdata_freestruct(&qtkey); dns_rdata_freestruct(&rtkey); - goto failure; + CHECK(DNS_R_INVALIDTKEY); } dns_rdata_freestruct(&qtkey); - RETERR(dns_tsigkey_find(&tsigkey, tkeyname, &rtkey.algorithm, ring)); + CHECK(dns_tsigkey_find(&tsigkey, tkeyname, &rtkey.algorithm, ring)); dns_rdata_freestruct(&rtkey); @@ -1478,7 +1448,7 @@ dns_tkey_processdeleteresponse(dns_message_t *qmsg, dns_message_t *rmsg, */ dns_tsigkey_detach(&tsigkey); -failure: +cleanup: return result; } @@ -1507,19 +1477,19 @@ dns_tkey_gssnegotiate(dns_message_t *qmsg, dns_message_t *rmsg, return dns_result_fromrcode(rmsg->rcode); } - RETERR(find_tkey(rmsg, &tkeyname, &rtkeyrdata, DNS_SECTION_ANSWER)); - RETERR(dns_rdata_tostruct(&rtkeyrdata, &rtkey, NULL)); + CHECK(find_tkey(rmsg, &tkeyname, &rtkeyrdata, DNS_SECTION_ANSWER)); + CHECK(dns_rdata_tostruct(&rtkeyrdata, &rtkey, NULL)); freertkey = true; if (win2k) { - RETERR(find_tkey(qmsg, &tkeyname, &qtkeyrdata, - DNS_SECTION_ANSWER)); + CHECK(find_tkey(qmsg, &tkeyname, &qtkeyrdata, + DNS_SECTION_ANSWER)); } else { - RETERR(find_tkey(qmsg, &tkeyname, &qtkeyrdata, - DNS_SECTION_ADDITIONAL)); + CHECK(find_tkey(qmsg, &tkeyname, &qtkeyrdata, + DNS_SECTION_ADDITIONAL)); } - RETERR(dns_rdata_tostruct(&qtkeyrdata, &qtkey, NULL)); + CHECK(dns_rdata_tostruct(&qtkeyrdata, &qtkey, NULL)); if (rtkey.error != dns_rcode_noerror || rtkey.mode != DNS_TKEYMODE_GSSAPI || @@ -1527,8 +1497,7 @@ dns_tkey_gssnegotiate(dns_message_t *qmsg, dns_message_t *rmsg, { tkey_log("dns_tkey_processdhresponse: tkey mode invalid " "or error set(4)"); - result = DNS_R_INVALIDTKEY; - goto failure; + CHECK(DNS_R_INVALIDTKEY); } isc_buffer_init(&intoken, rtkey.key, rtkey.keylen); @@ -1569,12 +1538,12 @@ dns_tkey_gssnegotiate(dns_message_t *qmsg, dns_message_t *rmsg, tkey.otherlen = 0; dns_message_reset(qmsg, DNS_MESSAGE_INTENTRENDER); - RETERR(buildquery(qmsg, tkeyname, &tkey, win2k)); + CHECK(buildquery(qmsg, tkeyname, &tkey, win2k)); return DNS_R_CONTINUE; } - RETERR(dst_key_fromgssapi(dns_rootname, *context, rmsg->mctx, &dstkey, - NULL)); + CHECK(dst_key_fromgssapi(dns_rootname, *context, rmsg->mctx, &dstkey, + NULL)); /* * XXXSRA This seems confused. If we got CONTINUE from initctx, @@ -1582,7 +1551,7 @@ dns_tkey_gssnegotiate(dns_message_t *qmsg, dns_message_t *rmsg, * anything yet. */ - RETERR(dns_tsigkey_createfromkey( + CHECK(dns_tsigkey_createfromkey( tkeyname, win2k ? DNS_TSIG_GSSAPIMS_NAME : DNS_TSIG_GSSAPI_NAME, dstkey, true, NULL, rtkey.inception, rtkey.expire, ring->mctx, ring, outkey)); @@ -1590,7 +1559,7 @@ dns_tkey_gssnegotiate(dns_message_t *qmsg, dns_message_t *rmsg, dns_rdata_freestruct(&rtkey); return result; -failure: +cleanup: /* * XXXSRA This probably leaks memory from qtkey. */ diff --git a/lib/dns/ttl.c b/lib/dns/ttl.c index 79d45593c5..33ab78a560 100644 --- a/lib/dns/ttl.c +++ b/lib/dns/ttl.c @@ -30,13 +30,6 @@ #include -#define RETERR(x) \ - do { \ - isc_result_t _r = (x); \ - if (_r != ISC_R_SUCCESS) \ - return ((_r)); \ - } while (0) - static isc_result_t bind_ttl(isc_textregion_t *source, uint32_t *ttl); diff --git a/lib/dns/update.c b/lib/dns/update.c index 6f2f80479d..c6dacad5b2 100644 --- a/lib/dns/update.c +++ b/lib/dns/update.c @@ -73,116 +73,6 @@ */ #define LOGLEVEL_DEBUG ISC_LOG_DEBUG(8) -/*% - * Check an operation for failure. These macros all assume that - * the function using them has a 'result' variable and a 'failure' - * label. - */ -#define CHECK(op) \ - do { \ - result = (op); \ - if (result != ISC_R_SUCCESS) \ - goto failure; \ - } while (0) - -/*% - * Fail unconditionally with result 'code', which must not - * be ISC_R_SUCCESS. The reason for failure presumably has - * been logged already. - * - * The test against ISC_R_SUCCESS is there to keep the Solaris compiler - * from complaining about "end-of-loop code not reached". - */ - -#define FAIL(code) \ - do { \ - result = (code); \ - if (result != ISC_R_SUCCESS) \ - goto failure; \ - } while (0) - -/*% - * Fail unconditionally and log as a client error. - * The test against ISC_R_SUCCESS is there to keep the Solaris compiler - * from complaining about "end-of-loop code not reached". - */ -#define FAILC(code, msg) \ - do { \ - const char *_what = "failed"; \ - result = (code); \ - switch (result) { \ - case DNS_R_NXDOMAIN: \ - case DNS_R_YXDOMAIN: \ - case DNS_R_YXRRSET: \ - case DNS_R_NXRRSET: \ - _what = "unsuccessful"; \ - } \ - update_log(log, zone, LOGLEVEL_PROTOCOL, "update %s: %s (%s)", \ - _what, msg, isc_result_totext(result)); \ - if (result != ISC_R_SUCCESS) \ - goto failure; \ - } while (0) - -#define FAILN(code, name, msg) \ - do { \ - const char *_what = "failed"; \ - result = (code); \ - switch (result) { \ - case DNS_R_NXDOMAIN: \ - case DNS_R_YXDOMAIN: \ - case DNS_R_YXRRSET: \ - case DNS_R_NXRRSET: \ - _what = "unsuccessful"; \ - } \ - if (isc_log_wouldlog(dns_lctx, LOGLEVEL_PROTOCOL)) { \ - char _nbuf[DNS_NAME_FORMATSIZE]; \ - dns_name_format(name, _nbuf, sizeof(_nbuf)); \ - update_log(log, zone, LOGLEVEL_PROTOCOL, \ - "update %s: %s: %s (%s)", _what, _nbuf, \ - msg, isc_result_totext(result)); \ - } \ - if (result != ISC_R_SUCCESS) \ - goto failure; \ - } while (0) - -#define FAILNT(code, name, type, msg) \ - do { \ - const char *_what = "failed"; \ - result = (code); \ - switch (result) { \ - case DNS_R_NXDOMAIN: \ - case DNS_R_YXDOMAIN: \ - case DNS_R_YXRRSET: \ - case DNS_R_NXRRSET: \ - _what = "unsuccessful"; \ - } \ - if (isc_log_wouldlog(dns_lctx, LOGLEVEL_PROTOCOL)) { \ - char _nbuf[DNS_NAME_FORMATSIZE]; \ - char _tbuf[DNS_RDATATYPE_FORMATSIZE]; \ - dns_name_format(name, _nbuf, sizeof(_nbuf)); \ - dns_rdatatype_format(type, _tbuf, sizeof(_tbuf)); \ - update_log(log, zone, LOGLEVEL_PROTOCOL, \ - "update %s: %s/%s: %s (%s)", _what, _nbuf, \ - _tbuf, msg, isc_result_totext(result)); \ - } \ - if (result != ISC_R_SUCCESS) \ - goto failure; \ - } while (0) - -/*% - * Fail unconditionally and log as a server error. - * The test against ISC_R_SUCCESS is there to keep the Solaris compiler - * from complaining about "end-of-loop code not reached". - */ -#define FAILS(code, msg) \ - do { \ - result = (code); \ - update_log(log, zone, LOGLEVEL_PROTOCOL, "error: %s: %s", msg, \ - isc_result_totext(result)); \ - if (result != ISC_R_SUCCESS) \ - goto failure; \ - } while (0) - /**************************************************************************/ typedef struct rr rr_t; @@ -735,7 +625,7 @@ namelist_append_name(dns_diff_t *list, dns_name_t *name) { CHECK(dns_difftuple_create(list->mctx, DNS_DIFFOP_EXISTS, name, 0, &dummy_rdata, &tuple)); dns_diff_append(list, &tuple); -failure: +cleanup: return result; } @@ -765,7 +655,7 @@ namelist_append_subdomain(dns_db_t *db, dns_name_t *name, if (result == ISC_R_NOMORE) { result = ISC_R_SUCCESS; } -failure: +cleanup: if (dbit != NULL) { dns_dbiterator_destroy(&dbit); } @@ -836,7 +726,7 @@ uniqify_name_list(dns_diff_t *list) { } while (1); p = ISC_LIST_NEXT(p, link); } -failure: +cleanup: return result; } @@ -938,8 +828,7 @@ next_active(dns_update_log_t *log, dns_zone_t *zone, dns_db_t *db, if (wraps == 2) { update_log(log, zone, ISC_LOG_ERROR, "secure zone with no NSECs"); - result = DNS_R_BADZONE; - goto failure; + CHECK(DNS_R_BADZONE); } } CHECK(dns_dbiterator_current(dbit, &node, newname)); @@ -975,7 +864,7 @@ next_active(dns_update_log_t *log, dns_zone_t *zone, dns_db_t *db, } } } while (!has_nsec); -failure: +cleanup: if (dbit != NULL) { dns_dbiterator_destroy(&dbit); } @@ -1027,7 +916,7 @@ add_nsec(dns_update_log_t *log, dns_zone_t *zone, dns_db_t *db, CHECK(do_one_tuple(&tuple, db, ver, diff)); INSIST(tuple == NULL); -failure: +cleanup: if (node != NULL) { dns_db_detachnode(db, &node); } @@ -1052,7 +941,7 @@ add_placeholder_nsec(dns_db_t *db, dns_dbversion_t *ver, dns_name_t *name, CHECK(dns_difftuple_create(diff->mctx, DNS_DIFFOP_ADD, name, 0, &rdata, &tuple)); CHECK(do_one_tuple(&tuple, db, ver, diff)); -failure: +cleanup: return result; } @@ -1074,7 +963,7 @@ find_zone_keys(dns_zone_t *zone, dns_db_t *db, dns_dbversion_t *ver, nkeys); dns_zone_unlock_keyfiles(zone); -failure: +cleanup: if (node != NULL) { dns_db_detachnode(db, &node); } @@ -1275,7 +1164,7 @@ add_sigs(dns_update_log_t *log, dns_zone_t *zone, dns_db_t *db, result = ISC_R_NOTFOUND; } -failure: +cleanup: if (dns_rdataset_isassociated(&rdataset)) { dns_rdataset_disassociate(&rdataset); } @@ -1306,9 +1195,8 @@ del_keysigs(dns_db_t *db, dns_dbversion_t *ver, dns_name_t *name, if (result == ISC_R_NOTFOUND) { return ISC_R_SUCCESS; } - if (result != ISC_R_SUCCESS) { - goto failure; - } + CHECK(result); + result = dns_db_findrdataset(db, node, ver, dns_rdatatype_rrsig, dns_rdatatype_dnskey, (isc_stdtime_t)0, &rdataset, NULL); @@ -1317,9 +1205,7 @@ del_keysigs(dns_db_t *db, dns_dbversion_t *ver, dns_name_t *name, if (result == ISC_R_NOTFOUND) { return ISC_R_SUCCESS; } - if (result != ISC_R_SUCCESS) { - goto failure; - } + CHECK(result); for (result = dns_rdataset_first(&rdataset); result == ISC_R_SUCCESS; result = dns_rdataset_next(&rdataset)) @@ -1363,7 +1249,8 @@ del_keysigs(dns_db_t *db, dns_dbversion_t *ver, dns_name_t *name, if (result == ISC_R_NOMORE) { result = ISC_R_SUCCESS; } -failure: + +cleanup: if (node != NULL) { dns_db_detachnode(db, &node); } @@ -1568,7 +1455,7 @@ dns_update_signaturesinc(dns_update_log_t *log, dns_zone_t *zone, dns_db_t *db, update_log(log, zone, ISC_LOG_ERROR, "could not get zone keys for secure " "dynamic update"); - goto failure; + goto cleanup; } isc_stdtime_get(&state->now); @@ -2012,7 +1899,7 @@ next_state: if (!state->build_nsec3) { update_log(log, zone, ISC_LOG_DEBUG(3), "no NSEC3 chains to rebuild"); - goto failure; + goto cleanup; } update_log(log, zone, ISC_LOG_DEBUG(3), @@ -2186,7 +2073,7 @@ next_state: UNREACHABLE(); } -failure: +cleanup: if (node != NULL) { dns_db_detachnode(db, &node); } diff --git a/lib/dns/view.c b/lib/dns/view.c index 14effbee60..62bf21978d 100644 --- a/lib/dns/view.c +++ b/lib/dns/view.c @@ -64,13 +64,6 @@ #include #include -#define CHECK(op) \ - do { \ - result = (op); \ - if (result != ISC_R_SUCCESS) \ - goto cleanup; \ - } while (0) - #define RESSHUTDOWN(v) \ ((atomic_load(&(v)->attributes) & DNS_VIEWATTR_RESSHUTDOWN) != 0) #define ADBSHUTDOWN(v) \ diff --git a/lib/dns/xfrin.c b/lib/dns/xfrin.c index 3a4f7616f4..6a46ea3cdd 100644 --- a/lib/dns/xfrin.c +++ b/lib/dns/xfrin.c @@ -51,25 +51,6 @@ * Incoming AXFR and IXFR. */ -/*% - * It would be non-sensical (or at least obtuse) to use FAIL() with an - * ISC_R_SUCCESS code, but the test is there to keep the Solaris compiler - * from complaining about "end-of-loop code not reached". - */ -#define FAIL(code) \ - do { \ - result = (code); \ - if (result != ISC_R_SUCCESS) \ - goto failure; \ - } while (0) - -#define CHECK(op) \ - do { \ - result = (op); \ - if (result != ISC_R_SUCCESS) \ - goto failure; \ - } while (0) - /*% * The states of the *XFR state machine. We handle both IXFR and AXFR * with a single integrated state machine because they cannot be distinguished @@ -294,7 +275,7 @@ axfr_init(dns_xfrin_ctx_t *xfr) { dns_rdatacallbacks_init(&xfr->axfr); CHECK(dns_db_beginload(xfr->db, &xfr->axfr)); result = ISC_R_SUCCESS; -failure: +cleanup: return result; } @@ -317,7 +298,7 @@ axfr_putdata(dns_xfrin_ctx_t *xfr, dns_diffop_t op, dns_name_t *name, CHECK(axfr_apply(xfr)); } result = ISC_R_SUCCESS; -failure: +cleanup: return result; } @@ -335,12 +316,11 @@ axfr_apply(dns_xfrin_ctx_t *xfr) { if (xfr->maxrecords != 0U) { result = dns_db_getsize(xfr->db, xfr->ver, &records, NULL); if (result == ISC_R_SUCCESS && records > xfr->maxrecords) { - result = DNS_R_TOOMANYRECORDS; - goto failure; + CHECK(DNS_R_TOOMANYRECORDS); } } result = ISC_R_SUCCESS; -failure: +cleanup: return result; } @@ -353,7 +333,7 @@ axfr_commit(dns_xfrin_ctx_t *xfr) { CHECK(dns_zone_verifydb(xfr->zone, xfr->db, NULL)); result = ISC_R_SUCCESS; -failure: +cleanup: return result; } @@ -364,7 +344,7 @@ axfr_finalize(dns_xfrin_ctx_t *xfr) { CHECK(dns_zone_replacedb(xfr->zone, xfr->db, true)); result = ISC_R_SUCCESS; -failure: +cleanup: return result; } @@ -395,7 +375,7 @@ ixfr_init(dns_xfrin_ctx_t *xfr) { } result = ISC_R_SUCCESS; -failure: +cleanup: return result; } @@ -419,7 +399,7 @@ ixfr_putdata(dns_xfrin_ctx_t *xfr, dns_diffop_t op, dns_name_t *name, CHECK(ixfr_apply(xfr)); } result = ISC_R_SUCCESS; -failure: +cleanup: return result; } @@ -441,20 +421,16 @@ ixfr_apply(dns_xfrin_ctx_t *xfr) { if (xfr->maxrecords != 0U) { result = dns_db_getsize(xfr->db, xfr->ver, &records, NULL); if (result == ISC_R_SUCCESS && records > xfr->maxrecords) { - result = DNS_R_TOOMANYRECORDS; - goto failure; + CHECK(DNS_R_TOOMANYRECORDS); } } if (xfr->ixfr.journal != NULL) { - result = dns_journal_writediff(xfr->ixfr.journal, &xfr->diff); - if (result != ISC_R_SUCCESS) { - goto failure; - } + CHECK(dns_journal_writediff(xfr->ixfr.journal, &xfr->diff)); } dns_diff_clear(&xfr->diff); xfr->difflen = 0; result = ISC_R_SUCCESS; -failure: +cleanup: return result; } @@ -473,7 +449,7 @@ ixfr_commit(dns_xfrin_ctx_t *xfr) { dns_zone_markdirty(xfr->zone); } result = ISC_R_SUCCESS; -failure: +cleanup: return result; } @@ -500,7 +476,7 @@ xfr_rr(dns_xfrin_ctx_t *xfr, dns_name_t *name, uint32_t ttl, dns_rdatatype_format(rdata->type, buf, sizeof(buf)); xfrin_log(xfr, ISC_LOG_NOTICE, "Unexpected %s record in zone transfer", buf); - FAIL(DNS_R_FORMERR); + CHECK(DNS_R_FORMERR); } /* @@ -515,7 +491,7 @@ xfr_rr(dns_xfrin_ctx_t *xfr, dns_name_t *name, uint32_t ttl, dns_name_format(name, namebuf, sizeof(namebuf)); xfrin_log(xfr, ISC_LOG_DEBUG(3), "SOA name mismatch: '%s'", namebuf); - FAIL(DNS_R_NOTZONETOP); + CHECK(DNS_R_NOTZONETOP); } redo: @@ -524,7 +500,7 @@ redo: if (rdata->type != dns_rdatatype_soa) { xfrin_log(xfr, ISC_LOG_NOTICE, "non-SOA response to SOA query"); - FAIL(DNS_R_FORMERR); + CHECK(DNS_R_FORMERR); } xfr->end_serial = dns_soa_getserial(rdata); if (!DNS_SERIAL_GT(xfr->end_serial, xfr->ixfr.request_serial) && @@ -534,7 +510,7 @@ redo: "requested serial %u, " "primary has %u, not updating", xfr->ixfr.request_serial, xfr->end_serial); - FAIL(DNS_R_UPTODATE); + CHECK(DNS_R_UPTODATE); } xfr->state = XFRST_GOTSOA; break; @@ -549,7 +525,7 @@ redo: if (rdata->type != dns_rdatatype_soa) { xfrin_log(xfr, ISC_LOG_NOTICE, "first RR in zone transfer must be SOA"); - FAIL(DNS_R_FORMERR); + CHECK(DNS_R_FORMERR); } /* * Remember the serial number in the initial SOA. @@ -569,7 +545,7 @@ redo: "requested serial %u, " "primary has %u, not updating", xfr->ixfr.request_serial, xfr->end_serial); - FAIL(DNS_R_UPTODATE); + CHECK(DNS_R_UPTODATE); } xfr->firstsoa = *rdata; if (xfr->firstsoa_data != NULL) { @@ -636,7 +612,7 @@ redo: "IXFR out of sync: " "expected serial %u, got %u", xfr->ixfr.current_serial, soa_serial); - FAIL(DNS_R_FORMERR); + CHECK(DNS_R_FORMERR); } else { CHECK(ixfr_commit(xfr)); xfr->state = XFRST_IXFR_DELSOA; @@ -646,7 +622,7 @@ redo: if (rdata->type == dns_rdatatype_ns && dns_name_iswildcard(name)) { - FAIL(DNS_R_INVALIDNS); + CHECK(DNS_R_INVALIDNS); } CHECK(ixfr_putdata(xfr, DNS_DIFFOP_ADD, name, ttl, rdata)); break; @@ -671,7 +647,7 @@ redo: xfrin_log(xfr, ISC_LOG_NOTICE, "start and ending SOA records " "mismatch"); - FAIL(DNS_R_FORMERR); + CHECK(DNS_R_FORMERR); } CHECK(axfr_commit(xfr)); xfr->state = XFRST_AXFR_END; @@ -680,13 +656,13 @@ redo: break; case XFRST_AXFR_END: case XFRST_IXFR_END: - FAIL(DNS_R_EXTRADATA); + CHECK(DNS_R_EXTRADATA); FALLTHROUGH; default: UNREACHABLE(); } result = ISC_R_SUCCESS; -failure: +cleanup: return result; } @@ -1010,10 +986,7 @@ get_create_tlsctx(const dns_xfrin_ctx_t *xfr, isc_tlsctx_t **pctx, * parameters from the configuration file and try to * store it for further reuse. */ - result = isc_tlsctx_createclient(&tlsctx); - if (result != ISC_R_SUCCESS) { - goto failure; - } + CHECK(isc_tlsctx_createclient(&tlsctx)); tls_versions = dns_transport_get_tls_versions(xfr->transport); if (tls_versions != 0) { isc_tlsctx_set_protocols(tlsctx, tls_versions); @@ -1045,12 +1018,8 @@ get_create_tlsctx(const dns_xfrin_ctx_t *xfr, isc_tlsctx_t **pctx, * CA certificates will be created, just * as planned. */ - result = isc_tls_cert_store_create(ca_file, - &store); - - if (result != ISC_R_SUCCESS) { - goto failure; - } + CHECK(isc_tls_cert_store_create(ca_file, + &store)); } else { store = found_store; } @@ -1077,12 +1046,9 @@ get_create_tlsctx(const dns_xfrin_ctx_t *xfr, isc_tlsctx_t **pctx, * Only SubjectAltName must be checked. */ hostname_ignore_subject = true; - result = isc_tlsctx_enable_peer_verification( + CHECK(isc_tlsctx_enable_peer_verification( tlsctx, false, store, hostname, - hostname_ignore_subject); - if (result != ISC_R_SUCCESS) { - goto failure; - } + hostname_ignore_subject)); /* * Let's load client certificate and enable @@ -1093,11 +1059,8 @@ get_create_tlsctx(const dns_xfrin_ctx_t *xfr, isc_tlsctx_t **pctx, if (cert_file != NULL) { INSIST(key_file != NULL); - result = isc_tlsctx_load_certificate( - tlsctx, key_file, cert_file); - if (result != ISC_R_SUCCESS) { - goto failure; - } + CHECK(isc_tlsctx_load_certificate( + tlsctx, key_file, cert_file)); } } @@ -1171,7 +1134,7 @@ get_create_tlsctx(const dns_xfrin_ctx_t *xfr, isc_tlsctx_t **pctx, return ISC_R_SUCCESS; -failure: +cleanup: if (tlsctx != NULL) { isc_tlsctx_free(&tlsctx); } @@ -1232,10 +1195,7 @@ xfrin_start(dns_xfrin_ctx_t *xfr) { connect_xfr, 30000, 0); break; case DNS_TRANSPORT_TLS: { - result = get_create_tlsctx(xfr, &tlsctx, &sess_cache); - if (result != ISC_R_SUCCESS) { - goto failure; - } + CHECK(get_create_tlsctx(xfr, &tlsctx, &sess_cache)); INSIST(tlsctx != NULL); isc_nm_tlsdnsconnect(xfr->netmgr, &xfr->sourceaddr, &xfr->primaryaddr, xfrin_connect_done, @@ -1247,7 +1207,7 @@ xfrin_start(dns_xfrin_ctx_t *xfr) { return ISC_R_SUCCESS; -failure: +cleanup: isc_refcount_decrement0(&xfr->connects); dns_xfrin_detach(&connect_xfr); return result; @@ -1270,7 +1230,7 @@ render(dns_message_t *msg, isc_mem_t *mctx, isc_buffer_t *buf) { CHECK(dns_message_rendersection(msg, DNS_SECTION_ADDITIONAL, 0)); CHECK(dns_message_renderend(msg)); result = ISC_R_SUCCESS; -failure: +cleanup: if (cleanup_cctx) { dns_compress_invalidate(&cctx); } @@ -1299,13 +1259,13 @@ xfrin_connect_done(isc_nmhandle_t *handle, isc_result_t result, void *cbarg) { if (result != ISC_R_SUCCESS) { xfrin_fail(xfr, result, "failed to connect"); - goto failure; + goto cleanup; } result = isc_nm_xfr_checkperm(handle); if (result != ISC_R_SUCCESS) { xfrin_fail(xfr, result, "connected but unable to transfer"); - goto failure; + goto cleanup; } zmgr = dns_zone_getmgr(xfr->zone); @@ -1333,7 +1293,7 @@ xfrin_connect_done(isc_nmhandle_t *handle, isc_result_t result, void *cbarg) { xfrin_fail(xfr, result, "connected but unable to send"); } -failure: +cleanup: switch (result) { case ISC_R_SUCCESS: break; @@ -1401,8 +1361,7 @@ tuple2msgname(dns_difftuple_t *tuple, dns_message_t *msg, dns_name_t **target) { *target = name; return ISC_R_SUCCESS; -failure: - +cleanup: if (rds != NULL) { dns_rdataset_disassociate(rds); dns_message_puttemprdataset(msg, &rds); @@ -1501,7 +1460,7 @@ xfrin_send_request(dns_xfrin_ctx_t *xfr) { isc_refcount_increment0(&send_xfr->sends); isc_nm_send(xfr->handle, ®ion, xfrin_send_done, send_xfr); -failure: +cleanup: if (qname != NULL) { dns_message_puttempname(msg, &qname); } @@ -1542,7 +1501,7 @@ xfrin_send_done(isc_nmhandle_t *handle, isc_result_t result, void *cbarg) { isc_refcount_increment0(&recv_xfr->recvs); isc_nm_read(recv_xfr->handle, xfrin_recv_done, recv_xfr); -failure: +cleanup: if (result != ISC_R_SUCCESS) { xfrin_fail(xfr, result, "failed sending request data"); } @@ -1629,7 +1588,7 @@ xfrin_recv_done(isc_nmhandle_t *handle, isc_result_t result, if (xfr->reqtype == dns_rdatatype_axfr || xfr->reqtype == dns_rdatatype_soa) { - goto failure; + goto cleanup; } xfrin_log(xfr, ISC_LOG_DEBUG(3), "got %s, retrying with AXFR", @@ -1658,16 +1617,14 @@ xfrin_recv_done(isc_nmhandle_t *handle, isc_result_t result, if (msg->counts[DNS_SECTION_QUESTION] > 1) { xfrin_log(xfr, ISC_LOG_NOTICE, "too many questions (%u)", msg->counts[DNS_SECTION_QUESTION]); - result = DNS_R_FORMERR; - goto failure; + CHECK(DNS_R_FORMERR); } if ((xfr->state == XFRST_SOAQUERY || xfr->state == XFRST_INITIALSOA) && msg->counts[DNS_SECTION_QUESTION] != 1) { xfrin_log(xfr, ISC_LOG_NOTICE, "missing question section"); - result = DNS_R_FORMERR; - goto failure; + CHECK(DNS_R_FORMERR); } for (result = dns_message_firstname(msg, DNS_SECTION_QUESTION); @@ -1679,28 +1636,25 @@ xfrin_recv_done(isc_nmhandle_t *handle, isc_result_t result, name = NULL; dns_message_currentname(msg, DNS_SECTION_QUESTION, &name); if (!dns_name_equal(name, &xfr->name)) { - result = DNS_R_FORMERR; xfrin_log(xfr, ISC_LOG_NOTICE, "question name mismatch"); - goto failure; + CHECK(DNS_R_FORMERR); } rds = ISC_LIST_HEAD(name->list); INSIST(rds != NULL); if (rds->type != xfr->reqtype) { - result = DNS_R_FORMERR; xfrin_log(xfr, ISC_LOG_NOTICE, "question type mismatch"); - goto failure; + CHECK(DNS_R_FORMERR); } if (rds->rdclass != xfr->rdclass) { - result = DNS_R_FORMERR; xfrin_log(xfr, ISC_LOG_NOTICE, "question class mismatch"); - goto failure; + CHECK(DNS_R_FORMERR); } } if (result != ISC_R_NOMORE) { - goto failure; + goto cleanup; } /* @@ -1721,14 +1675,14 @@ xfrin_recv_done(isc_nmhandle_t *handle, isc_result_t result, if (xfr->reqtype == dns_rdatatype_soa && (msg->flags & DNS_MESSAGEFLAG_AA) == 0) { - FAIL(DNS_R_NOTAUTHORITATIVE); + CHECK(DNS_R_NOTAUTHORITATIVE); } result = dns_message_checksig(msg, dns_zone_getview(xfr->zone)); if (result != ISC_R_SUCCESS) { xfrin_log(xfr, ISC_LOG_DEBUG(3), "TSIG check failed: %s", isc_result_totext(result)); - goto failure; + goto cleanup; } for (result = dns_message_firstname(msg, DNS_SECTION_ANSWER); @@ -1753,7 +1707,7 @@ xfrin_recv_done(isc_nmhandle_t *handle, isc_result_t result, } } if (result != ISC_R_NOMORE) { - goto failure; + goto cleanup; } if (dns_message_gettsig(msg, &tsigowner) != NULL) { @@ -1779,8 +1733,7 @@ xfrin_recv_done(isc_nmhandle_t *handle, isc_result_t result, xfr->state == XFRST_AXFR_END || xfr->state == XFRST_IXFR_END) { - result = DNS_R_EXPECTEDTSIG; - goto failure; + CHECK(DNS_R_EXPECTEDTSIG); } } @@ -1850,7 +1803,7 @@ xfrin_recv_done(isc_nmhandle_t *handle, isc_result_t result, return; } -failure: +cleanup: if (result != ISC_R_SUCCESS) { xfrin_fail(xfr, result, "failed while receiving responses"); } diff --git a/lib/dns/zone.c b/lib/dns/zone.c index ad8d9ac24d..e7cd32a6c7 100644 --- a/lib/dns/zone.c +++ b/lib/dns/zone.c @@ -593,13 +593,6 @@ typedef enum { #define UNREACH_CACHE_SIZE 10U #define UNREACH_HOLD_TIME 600 /* 10 minutes */ -#define CHECK(op) \ - do { \ - result = (op); \ - if (result != ISC_R_SUCCESS) \ - goto failure; \ - } while (0) - struct dns_unreachable { isc_sockaddr_t remote; isc_sockaddr_t local; @@ -4350,7 +4343,7 @@ create_keydata(dns_zone_t *zone, dns_db_t *db, dns_dbversion_t *ver, set_refreshkeytimer(zone, &kd, now, true); return ISC_R_SUCCESS; -failure: +cleanup: return result; } @@ -4451,7 +4444,7 @@ trust_key(dns_zone_t *zone, dns_name_t *keyname, dns_rdata_dnskey_t *dnskey, dns_keytable_detach(&sr); -failure: +cleanup: if (sr != NULL) { dns_keytable_detach(&sr); } @@ -4624,7 +4617,7 @@ update_soa_serial(dns_zone_t *zone, dns_db_t *db, dns_dbversion_t *ver, CHECK(do_one_tuple(&addtuple, db, ver, diff)); result = ISC_R_SUCCESS; -failure: +cleanup: if (addtuple != NULL) { dns_difftuple_free(&addtuple); } @@ -4693,7 +4686,7 @@ add_soa(dns_zone_t *zone, dns_db_t *db) { dns_zone_log(zone, ISC_LOG_ERROR, "add_soa:dns_db_newversion -> %s", isc_result_totext(result)); - goto failure; + goto cleanup; } /* Build SOA record */ @@ -4703,13 +4696,13 @@ add_soa(dns_zone_t *zone, dns_db_t *db) { dns_zone_log(zone, ISC_LOG_ERROR, "add_soa:dns_soa_buildrdata -> %s", isc_result_totext(result)); - goto failure; + goto cleanup; } result = update_one_rr(db, ver, &diff, DNS_DIFFOP_ADD, &zone->origin, 0, &rdata); -failure: +cleanup: dns_diff_clear(&diff); if (ver != NULL) { dns_db_closeversion(db, &ver, result == ISC_R_SUCCESS); @@ -4813,7 +4806,7 @@ sync_keyzone(dns_zone_t *zone, dns_db_t *db) { dnssec_log(zone, ISC_LOG_ERROR, "sync_keyzone:dns_db_newversion -> %s", isc_result_totext(result)); - goto failure; + goto cleanup; } /* @@ -4840,7 +4833,7 @@ sync_keyzone(dns_zone_t *zone, dns_db_t *db) { dns_rriterator_current(&rrit, &rrname, &ttl, &rdataset, NULL); if (!dns_rdataset_isassociated(rdataset)) { dns_rriterator_destroy(&rrit); - goto failure; + goto cleanup; } if (rdataset->type != dns_rdatatype_keydata) { @@ -4915,7 +4908,7 @@ sync_keyzone(dns_zone_t *zone, dns_db_t *db) { commit = true; } -failure: +cleanup: if (result != ISC_R_SUCCESS) { dnssec_log(zone, ISC_LOG_ERROR, "unable to synchronize managed keys: %s", @@ -4953,7 +4946,7 @@ dns_zone_synckeyzone(dns_zone_t *zone) { result = sync_keyzone(zone, db); UNLOCK_ZONE(zone); -failure: +cleanup: if (db != NULL) { dns_db_detach(&db); } @@ -6680,7 +6673,7 @@ dns__zone_findkeys(dns_zone_t *zone, dns_db_t *db, dns_dbversion_t *ver, result = ISC_R_SUCCESS; } -failure: +cleanup: if (node != NULL) { dns_db_detachnode(db, &node); @@ -6719,8 +6712,8 @@ dns_zone_getdnsseckeys(dns_zone_t *zone, dns_db_t *db, dns_dbversion_t *ver, dns_zone_getmctx(zone), keys); dns_zone_unlock_keyfiles(zone); - if (result != ISC_R_SUCCESS && result != ISC_R_NOTFOUND) { - goto failure; + if (result != ISC_R_NOTFOUND) { + CHECK(result); } /* Get public keys (dnskeys). */ @@ -6756,7 +6749,7 @@ dns_zone_getdnsseckeys(dns_zone_t *zone, dns_db_t *db, dns_dbversion_t *ver, } } -failure: +cleanup: if (dns_rdataset_isassociated(&keyset)) { dns_rdataset_disassociate(&keyset); } @@ -6942,9 +6935,8 @@ del_sigs(dns_zone_t *zone, dns_db_t *db, dns_dbversion_t *ver, dns_name_t *name, if (result == ISC_R_NOTFOUND) { return ISC_R_SUCCESS; } - if (result != ISC_R_SUCCESS) { - goto failure; - } + CHECK(result); + result = dns_db_findrdataset(db, node, ver, dns_rdatatype_rrsig, type, (isc_stdtime_t)0, &rdataset, NULL); dns_db_detachnode(db, &node); @@ -6955,7 +6947,7 @@ del_sigs(dns_zone_t *zone, dns_db_t *db, dns_dbversion_t *ver, dns_name_t *name, } if (result != ISC_R_SUCCESS) { INSIST(!dns_rdataset_isassociated(&rdataset)); - goto failure; + goto cleanup; } for (result = dns_rdataset_first(&rdataset); result == ISC_R_SUCCESS; @@ -7105,7 +7097,7 @@ del_sigs(dns_zone_t *zone, dns_db_t *db, dns_dbversion_t *ver, dns_name_t *name, "key expiry warning time out of range"); } } -failure: +cleanup: if (node != NULL) { dns_db_detachnode(db, &node); } @@ -7145,9 +7137,8 @@ add_sigs(dns_db_t *db, dns_dbversion_t *ver, dns_name_t *name, dns_zone_t *zone, if (result == ISC_R_NOTFOUND) { return ISC_R_SUCCESS; } - if (result != ISC_R_SUCCESS) { - goto failure; - } + CHECK(result); + result = dns_db_findrdataset(db, node, ver, type, 0, (isc_stdtime_t)0, &rdataset, NULL); dns_db_detachnode(db, &node); @@ -7157,7 +7148,7 @@ add_sigs(dns_db_t *db, dns_dbversion_t *ver, dns_name_t *name, dns_zone_t *zone, } if (result != ISC_R_SUCCESS) { INSIST(!dns_rdataset_isassociated(&rdataset)); - goto failure; + goto cleanup; } for (i = 0; i < nkeys; i++) { @@ -7364,7 +7355,7 @@ add_sigs(dns_db_t *db, dns_dbversion_t *ver, dns_name_t *name, dns_zone_t *zone, } } -failure: +cleanup: if (dns_rdataset_isassociated(&rdataset)) { dns_rdataset_disassociate(&rdataset); } @@ -7460,8 +7451,7 @@ zone_resigninc(dns_zone_t *zone) { if (zone->update_disabled || DNS_ZONEKEY_OPTION(zone, DNS_ZONEKEY_NORESIGN)) { - result = ISC_R_FAILURE; - goto failure; + CHECK(ISC_R_FAILURE); } ZONEDB_LOCK(&zone->dblock, isc_rwlocktype_read); @@ -7470,8 +7460,7 @@ zone_resigninc(dns_zone_t *zone) { } ZONEDB_UNLOCK(&zone->dblock, isc_rwlocktype_read); if (db == NULL) { - result = ISC_R_FAILURE; - goto failure; + CHECK(ISC_R_FAILURE); } result = dns_db_newversion(db, &version); @@ -7479,7 +7468,7 @@ zone_resigninc(dns_zone_t *zone) { dns_zone_log(zone, ISC_LOG_ERROR, "zone_resigninc:dns_db_newversion -> %s", isc_result_totext(result)); - goto failure; + goto cleanup; } isc_stdtime_get(&now); @@ -7490,7 +7479,7 @@ zone_resigninc(dns_zone_t *zone) { dns_zone_log(zone, ISC_LOG_ERROR, "zone_resigninc:dns__zone_findkeys -> %s", isc_result_totext(result)); - goto failure; + goto cleanup; } calculate_rrsig_validity(zone, now, &inception, &soaexpire, &expire, @@ -7568,8 +7557,8 @@ zone_resigninc(dns_zone_t *zone) { } } - if (result != ISC_R_NOMORE && result != ISC_R_SUCCESS) { - goto failure; + if (result != ISC_R_NOMORE) { + CHECK(result); } result = del_sigs(zone, db, version, &zone->origin, dns_rdatatype_soa, @@ -7578,7 +7567,7 @@ zone_resigninc(dns_zone_t *zone) { dns_zone_log(zone, ISC_LOG_ERROR, "zone_resigninc:del_sigs -> %s", isc_result_totext(result)); - goto failure; + goto cleanup; } /* @@ -7591,7 +7580,7 @@ zone_resigninc(dns_zone_t *zone) { if (zonediff.offline) { dns_db_closeversion(db, &version, true); } - goto failure; + goto cleanup; } /* Increment SOA serial if we have made changes */ @@ -7601,7 +7590,7 @@ zone_resigninc(dns_zone_t *zone) { dns_zone_log(zone, ISC_LOG_ERROR, "zone_resigninc:update_soa_serial -> %s", isc_result_totext(result)); - goto failure; + goto cleanup; } /* @@ -7615,7 +7604,7 @@ zone_resigninc(dns_zone_t *zone) { dns_zone_log(zone, ISC_LOG_ERROR, "zone_resigninc:add_sigs -> %s", isc_result_totext(result)); - goto failure; + goto cleanup; } /* Write changes to journal file. */ @@ -7624,7 +7613,7 @@ zone_resigninc(dns_zone_t *zone) { /* Everything has succeeded. Commit the changes. */ dns_db_closeversion(db, &version, true); -failure: +cleanup: dns_diff_clear(&_sig_diff); for (i = 0; i < nkeys; i++) { dst_key_free(&zone_keys[i]); @@ -7687,7 +7676,7 @@ next_active(dns_db_t *db, dns_dbversion_t *version, dns_name_t *oldname, break; } } while (1); -failure: +cleanup: if (node != NULL) { dns_db_detachnode(db, &node); } @@ -7786,7 +7775,7 @@ add_nsec(dns_db_t *db, dns_dbversion_t *version, dns_name_t *name, CHECK(dns_nsec_buildrdata(db, version, node, next, nsecbuffer, &rdata)); CHECK(update_one_rr(db, version, diff, DNS_DIFFOP_ADD, name, ttl, &rdata)); -failure: +cleanup: return result; } @@ -7827,14 +7816,14 @@ check_if_bottom_of_zone(dns_db_t *db, dns_dbnode_t *node, dns_rdataset_disassociate(&rdataset); } if (result != ISC_R_NOMORE) { - goto failure; + goto cleanup; } if ((seen_ns && !seen_soa) || seen_dname) { *is_bottom_of_zone = true; } result = ISC_R_SUCCESS; -failure: +cleanup: dns_rdatasetiter_destroy(&iterator); return result; @@ -7890,7 +7879,7 @@ sign_a_node(dns_db_t *db, dns_zone_t *zone, dns_name_t *name, dns_rdataset_disassociate(&rdataset); } if (result != ISC_R_NOMORE) { - goto failure; + goto cleanup; } /* * Going from insecure to NSEC3. @@ -7990,7 +7979,8 @@ sign_a_node(dns_db_t *db, dns_zone_t *zone, dns_name_t *name, if (result == ISC_R_NOMORE) { result = ISC_R_SUCCESS; } -failure: + +cleanup: if (dns_rdataset_isassociated(&rdataset)) { dns_rdataset_disassociate(&rdataset); } @@ -8022,15 +8012,13 @@ updatesecure(dns_db_t *db, dns_dbversion_t *version, dns_name_t *name, if (result == ISC_R_NOTFOUND) { goto success; } - if (result != ISC_R_SUCCESS) { - goto failure; - } + CHECK(result); } CHECK(delete_nsec(db, version, node, name, diff)); CHECK(add_nsec(db, version, name, node, nsecttl, false, diff)); success: result = ISC_R_SUCCESS; -failure: +cleanup: if (node != NULL) { dns_db_detachnode(db, &node); } @@ -8050,10 +8038,7 @@ updatesignwithkey(dns_zone_t *zone, dns_signing_t *signing, bool have_rr = false; dns_rdataset_init(&rdataset); - result = dns_db_getoriginnode(signing->db, &node); - if (result != ISC_R_SUCCESS) { - goto failure; - } + CHECK(dns_db_getoriginnode(signing->db, &node)); result = dns_db_findrdataset(signing->db, node, version, zone->privatetype, dns_rdatatype_none, 0, @@ -8061,11 +8046,11 @@ updatesignwithkey(dns_zone_t *zone, dns_signing_t *signing, if (result == ISC_R_NOTFOUND) { INSIST(!dns_rdataset_isassociated(&rdataset)); result = ISC_R_SUCCESS; - goto failure; + goto cleanup; } if (result != ISC_R_SUCCESS) { INSIST(!dns_rdataset_isassociated(&rdataset)); - goto failure; + goto cleanup; } for (result = dns_rdataset_first(&rdataset); result == ISC_R_SUCCESS; result = dns_rdataset_next(&rdataset)) @@ -8137,7 +8122,7 @@ updatesignwithkey(dns_zone_t *zone, dns_signing_t *signing, diff)); } -failure: +cleanup: if (dns_rdataset_isassociated(&rdataset)) { dns_rdataset_disassociate(&rdataset); } @@ -8195,7 +8180,7 @@ fixup_nsec3param(dns_db_t *db, dns_dbversion_t *ver, dns_nsec3chain_t *chain, goto try_private; } if (result != ISC_R_SUCCESS) { - goto failure; + goto cleanup; } /* @@ -8228,7 +8213,7 @@ fixup_nsec3param(dns_db_t *db, dns_dbversion_t *ver, dns_nsec3chain_t *chain, dns_rdata_reset(&rdata); } if (result != ISC_R_NOMORE) { - goto failure; + goto cleanup; } dns_rdataset_disassociate(&rdataset); @@ -8250,9 +8235,7 @@ try_private: if (result == ISC_R_NOTFOUND) { goto add; } - if (result != ISC_R_SUCCESS) { - goto failure; - } + CHECK(result); for (result = dns_rdataset_first(&rdataset); result == ISC_R_SUCCESS; result = dns_rdataset_next(&rdataset)) @@ -8285,13 +8268,13 @@ try_private: dns_rdata_reset(&rdata); } if (result != ISC_R_NOMORE) { - goto failure; + goto cleanup; } add: if ((chain->nsec3param.flags & DNS_NSEC3FLAG_REMOVE) != 0) { result = ISC_R_SUCCESS; - goto failure; + goto cleanup; } /* @@ -8308,7 +8291,7 @@ add: rdata.data[1] = 0; /* Clear flag bits. */ CHECK(update_one_rr(db, ver, diff, DNS_DIFFOP_ADD, name, ttl, &rdata)); -failure: +cleanup: dns_db_detachnode(db, &node); if (dns_rdataset_isassociated(&rdataset)) { dns_rdataset_disassociate(&rdataset); @@ -8344,7 +8327,8 @@ delete_nsec(dns_db_t *db, dns_dbversion_t *ver, dns_dbnode_t *node, if (result == ISC_R_NOMORE) { result = ISC_R_SUCCESS; } -failure: + +cleanup: dns_rdataset_disassociate(&rdataset); return result; } @@ -8387,7 +8371,8 @@ deletematchingnsec3(dns_db_t *db, dns_dbversion_t *ver, dns_dbnode_t *node, if (result == ISC_R_NOMORE) { result = ISC_R_SUCCESS; } -failure: + +cleanup: dns_rdataset_disassociate(&rdataset); return result; } @@ -8464,7 +8449,7 @@ need_nsec_chain(dns_db_t *db, dns_dbversion_t *ver, result = ISC_R_SUCCESS; } -failure: +cleanup: if (dns_rdataset_isassociated(&rdataset)) { dns_rdataset_disassociate(&rdataset); } @@ -8617,8 +8602,7 @@ zone_nsec3chain(dns_zone_t *zone) { * Updates are disabled. Pause for 5 minutes. */ if (zone->update_disabled) { - result = ISC_R_FAILURE; - goto failure; + CHECK(ISC_R_FAILURE); } ZONEDB_LOCK(&zone->dblock, isc_rwlocktype_read); @@ -8644,7 +8628,7 @@ zone_nsec3chain(dns_zone_t *zone) { dnssec_log(zone, ISC_LOG_ERROR, "zone_nsec3chain:dns_db_newversion -> %s", isc_result_totext(result)); - goto failure; + goto cleanup; } isc_stdtime_get(&now); @@ -8655,7 +8639,7 @@ zone_nsec3chain(dns_zone_t *zone) { dnssec_log(zone, ISC_LOG_ERROR, "zone_nsec3chain:dns__zone_findkeys -> %s", isc_result_totext(result)); - goto failure; + goto cleanup; } calculate_rrsig_validity(zone, now, &inception, &soaexpire, NULL, @@ -8773,9 +8757,7 @@ zone_nsec3chain(dns_zone_t *zone) { /* Empty node? */ goto next_addnode; } - if (result != ISC_R_SUCCESS) { - goto failure; - } + CHECK(result); seen_soa = seen_ns = seen_dname = seen_ds = seen_nsec = false; for (result = dns_rdatasetiter_first(iterator); @@ -8823,7 +8805,7 @@ zone_nsec3chain(dns_zone_t *zone) { "zone_nsec3chain:" "dns_nsec3_addnsec3 -> %s", isc_result_totext(result)); - goto failure; + goto cleanup; } /* @@ -8880,7 +8862,7 @@ zone_nsec3chain(dns_zone_t *zone) { "zone_nsec3chain:" "dns_dbiterator_next -> %s", isc_result_totext(result)); - goto failure; + goto cleanup; } else if (delegation) { dns_dbiterator_current(nsec3chain->dbiterator, &node, nextname); @@ -8960,7 +8942,7 @@ zone_nsec3chain(dns_zone_t *zone) { "zone_nsec3chain:" "need_nsec_chain -> %s", isc_result_totext(result)); - goto failure; + goto cleanup; } } @@ -8987,7 +8969,7 @@ zone_nsec3chain(dns_zone_t *zone) { "zone_nsec3chain:" "fixup_nsec3param -> %s", isc_result_totext(result)); - goto failure; + goto cleanup; } } @@ -9002,7 +8984,7 @@ zone_nsec3chain(dns_zone_t *zone) { "zone_nsec3chain:" "deletematchingnsec3 -> %s", isc_result_totext(result)); - goto failure; + goto cleanup; } goto next_removenode; } @@ -9037,9 +9019,7 @@ zone_nsec3chain(dns_zone_t *zone) { /* Empty node? */ goto next_removenode; } - if (result != ISC_R_SUCCESS) { - goto failure; - } + CHECK(result); seen_soa = seen_ns = seen_dname = seen_nsec3 = seen_nsec = seen_rr = false; @@ -9111,7 +9091,7 @@ zone_nsec3chain(dns_zone_t *zone) { "zone_nsec3chain:" "fixup_nsec3param -> %s", isc_result_totext(result)); - goto failure; + goto cleanup; } goto next_removechain; } else if (result != ISC_R_SUCCESS) { @@ -9119,7 +9099,7 @@ zone_nsec3chain(dns_zone_t *zone) { "zone_nsec3chain:" "dns_dbiterator_next -> %s", isc_result_totext(result)); - goto failure; + goto cleanup; } else if (delegation) { dns_dbiterator_current(nsec3chain->dbiterator, &node, nextname); @@ -9159,7 +9139,7 @@ skip_removals: dnssec_log(zone, ISC_LOG_ERROR, "zone_nsec3chain:dns_db_allrdatasets -> %s", isc_result_totext(result)); - goto failure; + goto cleanup; } for (result = dns_rdatasetiter_first(iterator); result == ISC_R_SUCCESS; @@ -9188,7 +9168,7 @@ skip_removals: dnssec_log(zone, ISC_LOG_ERROR, "zone_nsec3chain:updatesecure -> %s", isc_result_totext(result)); - goto failure; + goto cleanup; } } @@ -9205,7 +9185,7 @@ skip_removals: "zone_nsec3chain:" "dns_nsec3_addnsec3s -> %s", isc_result_totext(result)); - goto failure; + goto cleanup; } } } @@ -9223,7 +9203,7 @@ skip_removals: dnssec_log(zone, ISC_LOG_ERROR, "zone_nsec3chain:dns__zone_updatesigs -> %s", isc_result_totext(result)); - goto failure; + goto cleanup; } /* @@ -9237,7 +9217,7 @@ skip_removals: dnssec_log(zone, ISC_LOG_ERROR, "zone_nsec3chain:dns__zone_updatesigs -> %s", isc_result_totext(result)); - goto failure; + goto cleanup; } if (updatensec) { @@ -9247,7 +9227,7 @@ skip_removals: dnssec_log(zone, ISC_LOG_ERROR, "zone_nsec3chain:updatesecure -> %s", isc_result_totext(result)); - goto failure; + goto cleanup; } } @@ -9258,7 +9238,7 @@ skip_removals: dnssec_log(zone, ISC_LOG_ERROR, "zone_nsec3chain:dns__zone_updatesigs -> %s", isc_result_totext(result)); - goto failure; + goto cleanup; } /* @@ -9270,7 +9250,7 @@ skip_removals: * No need to call dns_db_closeversion() here as it is * called with commit = true below. */ - goto done; + goto closeversion; } result = del_sigs(zone, db, version, &zone->origin, dns_rdatatype_soa, @@ -9279,7 +9259,7 @@ skip_removals: dnssec_log(zone, ISC_LOG_ERROR, "zone_nsec3chain:del_sigs -> %s", isc_result_totext(result)); - goto failure; + goto cleanup; } result = update_soa_serial(zone, db, version, zonediff.diff, zone->mctx, @@ -9288,7 +9268,7 @@ skip_removals: dnssec_log(zone, ISC_LOG_ERROR, "zone_nsec3chain:update_soa_serial -> %s", isc_result_totext(result)); - goto failure; + goto cleanup; } result = add_sigs(db, version, &zone->origin, zone, dns_rdatatype_soa, @@ -9298,7 +9278,7 @@ skip_removals: dnssec_log(zone, ISC_LOG_ERROR, "zone_nsec3chain:add_sigs -> %s", isc_result_totext(result)); - goto failure; + goto cleanup; } /* Write changes to journal file. */ @@ -9309,7 +9289,7 @@ skip_removals: DNS_ZONE_SETFLAG(zone, DNS_ZONEFLG_NEEDNOTIFY); UNLOCK_ZONE(zone); -done: +closeversion: /* * Pause all iterators so that dns_db_closeversion() can succeed. */ @@ -9343,7 +9323,7 @@ done: set_resigntime(zone); UNLOCK_ZONE(zone); -failure: +cleanup: if (result != ISC_R_SUCCESS) { dnssec_log(zone, ISC_LOG_ERROR, "zone_nsec3chain: %s", isc_result_totext(result)); @@ -9481,7 +9461,7 @@ del_sig(dns_db_t *db, dns_dbversion_t *version, dns_name_t *name, rdataset.ttl, &rdata)); } if (result != ISC_R_NOMORE) { - goto failure; + goto cleanup; } dns_rdataset_disassociate(&rdataset); continue; @@ -9533,7 +9513,7 @@ del_sig(dns_db_t *db, dns_dbversion_t *version, dns_name_t *name, * i.e., found in at least one, and not missing from any. */ *has_algp = (alg_found && !alg_missed); -failure: +cleanup: if (dns_rdataset_isassociated(&rdataset)) { dns_rdataset_disassociate(&rdataset); } @@ -9631,12 +9611,12 @@ dns_zone_check_dnskey_nsec3(dns_zone_t *zone, dns_db_t *db, /* Refuse to allow NSEC3 with NSEC-only keys */ if (nseconly && nsec3) { - goto failure; + goto cleanup; } return true; -failure: +cleanup: return false; } @@ -9691,7 +9671,7 @@ zone_sign(dns_zone_t *zone) { */ if (zone->update_disabled) { result = ISC_R_FAILURE; - goto cleanup; + goto done; } ZONEDB_LOCK(&zone->dblock, isc_rwlocktype_read); @@ -9701,7 +9681,7 @@ zone_sign(dns_zone_t *zone) { ZONEDB_UNLOCK(&zone->dblock, isc_rwlocktype_read); if (db == NULL) { result = ISC_R_FAILURE; - goto cleanup; + goto done; } result = dns_db_newversion(db, &version); @@ -9709,7 +9689,7 @@ zone_sign(dns_zone_t *zone) { dnssec_log(zone, ISC_LOG_ERROR, "zone_sign:dns_db_newversion -> %s", isc_result_totext(result)); - goto cleanup; + goto done; } isc_stdtime_get(&now); @@ -9720,7 +9700,7 @@ zone_sign(dns_zone_t *zone) { dnssec_log(zone, ISC_LOG_ERROR, "zone_sign:dns__zone_findkeys -> %s", isc_result_totext(result)); - goto cleanup; + goto done; } calculate_rrsig_validity(zone, now, &inception, &soaexpire, NULL, @@ -10037,7 +10017,7 @@ zone_sign(dns_zone_t *zone) { "updatesecure -> %s", isc_result_totext( result)); - goto cleanup; + goto done; } } result = updatesignwithkey( @@ -10047,7 +10027,7 @@ zone_sign(dns_zone_t *zone) { dnssec_log(zone, ISC_LOG_ERROR, "updatesignwithkey -> %s", isc_result_totext(result)); - goto cleanup; + goto done; } build_nsec = false; goto next_signing; @@ -10056,7 +10036,7 @@ zone_sign(dns_zone_t *zone) { "zone_sign:" "dns_dbiterator_next -> %s", isc_result_totext(result)); - goto cleanup; + goto done; } else if (is_bottom_of_zone) { dns_dbiterator_current(signing->dbiterator, &node, nextname); @@ -10085,7 +10065,7 @@ zone_sign(dns_zone_t *zone) { dnssec_log(zone, ISC_LOG_ERROR, "zone_sign:dns__zone_updatesigs -> %s", isc_result_totext(result)); - goto cleanup; + goto done; } } @@ -10107,7 +10087,7 @@ zone_sign(dns_zone_t *zone) { if (result != ISC_R_SUCCESS) { dnssec_log(zone, ISC_LOG_ERROR, "zone_sign:del_sigs -> %s", isc_result_totext(result)); - goto cleanup; + goto done; } result = update_soa_serial(zone, db, version, zonediff.diff, zone->mctx, @@ -10116,7 +10096,7 @@ zone_sign(dns_zone_t *zone) { dnssec_log(zone, ISC_LOG_ERROR, "zone_sign:update_soa_serial -> %s", isc_result_totext(result)); - goto cleanup; + goto done; } /* @@ -10129,7 +10109,7 @@ zone_sign(dns_zone_t *zone) { if (result != ISC_R_SUCCESS) { dnssec_log(zone, ISC_LOG_ERROR, "zone_sign:add_sigs -> %s", isc_result_totext(result)); - goto cleanup; + goto done; } /* @@ -10178,13 +10158,13 @@ pauseall: } UNLOCK_ZONE(zone); -failure: +cleanup: if (result != ISC_R_SUCCESS) { dnssec_log(zone, ISC_LOG_ERROR, "zone_sign: failed: %s", isc_result_totext(result)); } -cleanup: +done: /* * Pause all dbiterators. */ @@ -10430,9 +10410,8 @@ minimal_update(dns_keyfetch_t *kfetch, dns_dbversion_t *ver, dns_diff_t *diff) { if (result == ISC_R_UNEXPECTEDEND) { continue; } - if (result != ISC_R_SUCCESS) { - goto failure; - } + CHECK(result); + keydata.refresh = refresh_time(kfetch, true); set_refreshkeytimer(zone, &keydata, now, false); @@ -10447,7 +10426,7 @@ minimal_update(dns_keyfetch_t *kfetch, dns_dbversion_t *ver, dns_diff_t *diff) { 0, &rdata)); } result = ISC_R_SUCCESS; -failure: +cleanup: return result; } @@ -10583,7 +10562,7 @@ keyfetch_done(isc_task_t *task, isc_event_t *event) { LOCK_ZONE(zone); if (DNS_ZONE_FLAG(zone, DNS_ZONEFLG_EXITING) || zone->view == NULL) { - goto cleanup; + goto out; } isc_stdtime_get(&now); @@ -11142,7 +11121,7 @@ done: result = ISC_R_SUCCESS; } -failure: +cleanup: if (result != ISC_R_SUCCESS) { dnssec_log(zone, ISC_LOG_ERROR, "error during managed-keys processing (%s): " @@ -11154,7 +11133,7 @@ failure: dns_db_closeversion(kfetch->db, &ver, commit); } -cleanup: +out: dns_db_detach(&kfetch->db); /* The zone must be managed */ @@ -11418,7 +11397,7 @@ zone_refreshkeys(dns_zone_t *zone) { zone_needdump(zone, 30); } -failure: +cleanup: if (!timerset) { isc_time_settoepoch(&zone->refreshkeytime); } @@ -11762,7 +11741,7 @@ zone_expire(dns_zone_t *zone) { "policies unloaded"); } -failure: +cleanup: if (db != NULL) { dns_db_detach(&db); } @@ -16794,7 +16773,7 @@ sync_secure_journal(dns_zone_t *zone, dns_zone_t *raw, dns_journal_t *journal, result = ISC_R_SUCCESS; } -failure: +cleanup: return result; } @@ -17182,8 +17161,8 @@ nextevent: result = dns_journal_open(zone->mctx, zone->journal, DNS_JOURNAL_READ, &sjournal); - if (result != ISC_R_SUCCESS && result != ISC_R_NOTFOUND) { - goto failure; + if (result != ISC_R_NOTFOUND) { + CHECK(result); } if (!dns_journal_get_sourceserial(rjournal, &start)) { @@ -17217,7 +17196,7 @@ nextevent: start, end, &soatuple, &zone->rss_diff); if (result == DNS_R_UNCHANGED) { - goto failure; + goto cleanup; } else if (result != ISC_R_SUCCESS) { CHECK(sync_secure_db(zone, zone->rss_raw, zone->rss_db, zone->rss_oldver, &soatuple, @@ -17273,7 +17252,7 @@ nextevent: * that contents of the raw zone and the secure zone are kept in sync. */ if (result != ISC_R_SUCCESS && dns_db_issecure(zone->rss_db)) { - goto failure; + goto cleanup; } if (rjournal == NULL) { @@ -17311,7 +17290,7 @@ nextevent: newserial, desired); } -failure: +cleanup: isc_event_free(&zone->rss_event); event = ISC_LIST_HEAD(zone->rss_events); @@ -17589,7 +17568,7 @@ done: result = ISC_R_SUCCESS; } -failure: +cleanup: if (node != NULL) { dns_db_detachnode(db, &node); } @@ -17744,8 +17723,7 @@ receive_secure_db(isc_task_t *task, isc_event_t *event) { LOCK_ZONE(zone); if (DNS_ZONE_FLAG(zone, DNS_ZONEFLG_EXITING) || !inline_secure(zone)) { - result = ISC_R_SHUTTINGDOWN; - goto failure; + CHECK(ISC_R_SHUTTINGDOWN); } TIME_NOW(&loadtime); @@ -17763,45 +17741,32 @@ receive_secure_db(isc_task_t *task, isc_event_t *event) { result = save_nsec3param(zone, &nsec3list); if (result != ISC_R_SUCCESS) { ZONEDB_UNLOCK(&zone->dblock, isc_rwlocktype_read); - goto failure; + goto cleanup; } } ZONEDB_UNLOCK(&zone->dblock, isc_rwlocktype_read); - result = dns_db_create(zone->mctx, zone->db_argv[0], &zone->origin, - dns_dbtype_zone, zone->rdclass, - zone->db_argc - 1, zone->db_argv + 1, &db); - if (result != ISC_R_SUCCESS) { - goto failure; - } + CHECK(dns_db_create(zone->mctx, zone->db_argv[0], &zone->origin, + dns_dbtype_zone, zone->rdclass, zone->db_argc - 1, + zone->db_argv + 1, &db)); result = dns_db_setgluecachestats(db, zone->gluecachestats); - if (result != ISC_R_SUCCESS && result != ISC_R_NOTIMPLEMENTED) { - goto failure; + if (result != ISC_R_NOTIMPLEMENTED) { + CHECK(result); } - result = dns_db_newversion(db, &version); - if (result != ISC_R_SUCCESS) { - goto failure; - } - - result = dns_db_createiterator(rawdb, 0, &dbiterator); - if (result != ISC_R_SUCCESS) { - goto failure; - } + CHECK(dns_db_newversion(db, &version)); + CHECK(dns_db_createiterator(rawdb, 0, &dbiterator)); for (result = dns_dbiterator_first(dbiterator); result == ISC_R_SUCCESS; result = dns_dbiterator_next(dbiterator)) { - result = copy_non_dnssec_records(db, version, rawdb, dbiterator, - oldserialp); - if (result != ISC_R_SUCCESS) { - goto failure; - } + CHECK(copy_non_dnssec_records(db, version, rawdb, dbiterator, + oldserialp)); } dns_dbiterator_destroy(&dbiterator); if (result != ISC_R_NOMORE) { - goto failure; + goto cleanup; } /* @@ -17809,10 +17774,7 @@ receive_secure_db(isc_task_t *task, isc_event_t *event) { * the old nsec3 parameters and insert them into db */ if (!ISC_LIST_EMPTY(nsec3list)) { - result = restore_nsec3param(zone, db, version, &nsec3list); - if (result != ISC_R_SUCCESS) { - goto failure; - } + CHECK(restore_nsec3param(zone, db, version, &nsec3list)); } dns_db_closeversion(db, &version, true); @@ -17839,7 +17801,7 @@ receive_secure_db(isc_task_t *task, isc_event_t *event) { isc_task_send(zone->task, &setnsec3param_event); } -failure: +cleanup: UNLOCK_ZONE(zone); if (dbiterator != NULL) { dns_dbiterator_destroy(&dbiterator); @@ -20939,7 +20901,7 @@ rr_exists(dns_db_t *db, dns_dbversion_t *ver, dns_name_t *name, if (result == ISC_R_NOTFOUND) { *flag = false; result = ISC_R_SUCCESS; - goto failure; + goto cleanup; } for (result = dns_rdataset_first(&rdataset); result == ISC_R_SUCCESS; @@ -20959,7 +20921,7 @@ rr_exists(dns_db_t *db, dns_dbversion_t *ver, dns_name_t *name, result = ISC_R_SUCCESS; } -failure: +cleanup: if (node != NULL) { dns_db_detachnode(db, &node); } @@ -21102,7 +21064,7 @@ add_signing_records(dns_db_t *db, dns_rdatatype_t privatetype, } } -failure: +cleanup: /* * Put the DNSKEY changes we cared about back on diff->tuples. */ @@ -21198,37 +21160,26 @@ sign_apex(dns_zone_t *zone, dns_db_t *db, dns_dbversion_t *ver, * signature and if not cause them to sign so that newly activated * keys are used. */ - result = tickle_apex_rrset(dns_rdatatype_dnskey, zone, db, ver, now, - diff, zonediff, zone_keys, nkeys, inception, - keyexpire, check_ksk, keyset_kskonly); - if (result != ISC_R_SUCCESS) { - goto failure; - } - result = tickle_apex_rrset(dns_rdatatype_cds, zone, db, ver, now, diff, - zonediff, zone_keys, nkeys, inception, - keyexpire, check_ksk, keyset_kskonly); - if (result != ISC_R_SUCCESS) { - goto failure; - } - result = tickle_apex_rrset(dns_rdatatype_cdnskey, zone, db, ver, now, - diff, zonediff, zone_keys, nkeys, inception, - keyexpire, check_ksk, keyset_kskonly); - if (result != ISC_R_SUCCESS) { - goto failure; - } + CHECK(tickle_apex_rrset(dns_rdatatype_dnskey, zone, db, ver, now, diff, + zonediff, zone_keys, nkeys, inception, + keyexpire, check_ksk, keyset_kskonly)); + CHECK(tickle_apex_rrset(dns_rdatatype_cds, zone, db, ver, now, diff, + zonediff, zone_keys, nkeys, inception, + keyexpire, check_ksk, keyset_kskonly)); + CHECK(tickle_apex_rrset(dns_rdatatype_cdnskey, zone, db, ver, now, diff, + zonediff, zone_keys, nkeys, inception, + keyexpire, check_ksk, keyset_kskonly)); result = dns__zone_updatesigs(diff, db, ver, zone_keys, nkeys, zone, inception, soaexpire, keyexpire, now, check_ksk, keyset_kskonly, zonediff); - if (result != ISC_R_SUCCESS) { dnssec_log(zone, ISC_LOG_ERROR, "sign_apex:dns__zone_updatesigs -> %s", isc_result_totext(result)); - goto failure; } -failure: +cleanup: for (i = 0; i < nkeys; i++) { dst_key_free(&zone_keys[i]); } @@ -21251,12 +21202,12 @@ clean_nsec3param(dns_zone_t *zone, dns_db_t *db, dns_dbversion_t *ver, dns_rdataset_disassociate(&rdataset); } if (result != ISC_R_NOTFOUND) { - goto failure; + goto cleanup; } result = dns_nsec3param_deletechains(db, ver, zone, true, diff); -failure: +cleanup: if (node != NULL) { dns_db_detachnode(db, &node); } @@ -21309,7 +21260,7 @@ add_chains(dns_zone_t *zone, dns_db_t *db, dns_dbversion_t *ver, } CHECK(updatesecure(db, ver, origin, zone_nsecttl(zone), true, diff)); -failure: +cleanup: return result; } @@ -21516,7 +21467,7 @@ checkds_done(isc_task_t *task, isc_event_t *event) { dns_zone_log(zone, ISC_LOG_NOTICE, "checkds: bad DS response from %s: %.*s", addrbuf, (int)buf.used, rcode); - goto failure; + goto cleanup; } /* Make sure that either AA or RA bit is set. */ @@ -21527,7 +21478,7 @@ checkds_done(isc_task_t *task, isc_event_t *event) { "checkds: bad DS response from %s: expected AA or " "RA bit set", addrbuf); - goto failure; + goto cleanup; } /* Lookup DS RRset. */ @@ -21672,7 +21623,7 @@ checkds_done(isc_task_t *task, isc_event_t *event) { dns_zone_rekey(zone, false); } -failure: +cleanup: if (result != ISC_R_SUCCESS) { dns_zone_log(zone, ISC_LOG_DEBUG(3), "checkds: DS request failed: %s", @@ -22293,7 +22244,7 @@ zone_rekey(dns_zone_t *zone) { "failed: %s", keyset.ttl, ttl, isc_result_totext(result)); - goto failure; + goto cleanup; } dnssec_log(zone, ISC_LOG_INFO, "Updating DNSKEY TTL from %u to %u", @@ -22309,11 +22260,9 @@ zone_rekey(dns_zone_t *zone) { dns_zone_unlock_keyfiles(zone); - if (result != ISC_R_SUCCESS) { - goto failure; - } + CHECK(result); } else if (result != ISC_R_NOTFOUND) { - goto failure; + goto cleanup; } /* Get the CDS rdataset */ @@ -22328,7 +22277,7 @@ zone_rekey(dns_zone_t *zone) { dnssec_log(zone, ISC_LOG_ERROR, "Updating CDS TTL from %u to %u failed: %s", cdsset.ttl, ttl, isc_result_totext(result)); - goto failure; + goto cleanup; } dnssec_log(zone, ISC_LOG_INFO, "Updating CDS TTL from %u to %u", cdsset.ttl, ttl); @@ -22349,7 +22298,7 @@ zone_rekey(dns_zone_t *zone) { zone, ISC_LOG_ERROR, "Updating CDNSKEY TTL from %u to %u failed: %s", cdnskeyset.ttl, ttl, isc_result_totext(result)); - goto failure; + goto cleanup; } dnssec_log(zone, ISC_LOG_INFO, "Updating CDNSKEY TTL from %u to %u", cdnskeyset.ttl, @@ -22385,7 +22334,7 @@ zone_rekey(dns_zone_t *zone) { "zone_rekey:zone_verifykeys failed: " "some key files are missing"); KASP_UNLOCK(kasp); - goto failure; + goto cleanup; } /* @@ -22424,7 +22373,7 @@ zone_rekey(dns_zone_t *zone) { "failed: %s", isc_result_totext(result)); KASP_UNLOCK(kasp); - goto failure; + goto cleanup; } } } @@ -22515,7 +22464,7 @@ zone_rekey(dns_zone_t *zone) { dnssec_log(zone, ISC_LOG_ERROR, "zone_rekey:couldn't update zone keys: %s", isc_result_totext(result)); - goto failure; + goto cleanup; } /* @@ -22528,7 +22477,7 @@ zone_rekey(dns_zone_t *zone) { dnssec_log(zone, ISC_LOG_ERROR, "zone_rekey:couldn't update CDS/CDNSKEY: %s", isc_result_totext(result)); - goto failure; + goto cleanup; } if (cdsdel || cdnskeydel) { @@ -22567,7 +22516,7 @@ zone_rekey(dns_zone_t *zone) { "zone_rekey:couldn't update CDS/CDNSKEY " "DELETE records: %s", isc_result_totext(result)); - goto failure; + goto cleanup; } /* @@ -22875,7 +22824,7 @@ zone_rekey(dns_zone_t *zone) { result = ISC_R_SUCCESS; -failure: +cleanup: LOCK_ZONE(zone); if (result != ISC_R_SUCCESS) { /* @@ -22992,29 +22941,29 @@ dns_zone_cdscheck(dns_zone_t *zone, dns_db_t *db, dns_dbversion_t *version) { result = dns_db_findrdataset(db, node, version, dns_rdatatype_cds, dns_rdatatype_none, 0, &cds, NULL); - if (result != ISC_R_SUCCESS && result != ISC_R_NOTFOUND) { - goto failure; + if (result != ISC_R_NOTFOUND) { + CHECK(result); } result = dns_db_findrdataset(db, node, version, dns_rdatatype_cdnskey, dns_rdatatype_none, 0, &cdnskey, NULL); - if (result != ISC_R_SUCCESS && result != ISC_R_NOTFOUND) { - goto failure; + if (result != ISC_R_NOTFOUND) { + CHECK(result); } if (!dns_rdataset_isassociated(&cds) && !dns_rdataset_isassociated(&cdnskey)) { result = ISC_R_SUCCESS; - goto failure; + goto cleanup; } result = dns_db_findrdataset(db, node, version, dns_rdatatype_dnskey, dns_rdatatype_none, 0, &dnskey, NULL); if (result == ISC_R_NOTFOUND) { empty = true; - } else if (result != ISC_R_SUCCESS) { - goto failure; + } else { + CHECK(result); } /* @@ -23046,8 +22995,7 @@ dns_zone_cdscheck(dns_zone_t *zone, dns_db_t *db, dns_dbversion_t *version) { } if (empty) { - result = DNS_R_BADCDS; - goto failure; + CHECK(DNS_R_BADCDS); } CHECK(dns_rdata_tostruct(&crdata, &structcds, NULL)); @@ -23096,18 +23044,16 @@ dns_zone_cdscheck(dns_zone_t *zone, dns_db_t *db, dns_dbversion_t *version) { } } if (result != ISC_R_NOMORE) { - goto failure; + goto cleanup; } } for (i = 0; i < sizeof(algorithms); i++) { if (delete) { if (algorithms[i] != notexpected) { - result = DNS_R_BADCDS; - goto failure; + CHECK(DNS_R_BADCDS); } } else if (algorithms[i] == expected) { - result = DNS_R_BADCDS; - goto failure; + CHECK(DNS_R_BADCDS); } } } @@ -23142,8 +23088,7 @@ dns_zone_cdscheck(dns_zone_t *zone, dns_db_t *db, dns_dbversion_t *version) { } if (empty) { - result = DNS_R_BADCDNSKEY; - goto failure; + CHECK(DNS_R_BADCDNSKEY); } CHECK(dns_rdata_tostruct(&crdata, &structcdnskey, @@ -23170,24 +23115,22 @@ dns_zone_cdscheck(dns_zone_t *zone, dns_db_t *db, dns_dbversion_t *version) { } } if (result != ISC_R_NOMORE) { - goto failure; + goto cleanup; } } for (i = 0; i < sizeof(algorithms); i++) { if (delete) { if (algorithms[i] != notexpected) { - result = DNS_R_BADCDNSKEY; - goto failure; + CHECK(DNS_R_BADCDNSKEY); } } else if (algorithms[i] == expected) { - result = DNS_R_BADCDNSKEY; - goto failure; + CHECK(DNS_R_BADCDNSKEY); } } } result = ISC_R_SUCCESS; -failure: +cleanup: if (dns_rdataset_isassociated(&cds)) { dns_rdataset_disassociate(&cds); } @@ -23446,7 +23389,7 @@ keydone(isc_task_t *task, isc_event_t *event) { } ZONEDB_UNLOCK(&zone->dblock, isc_rwlocktype_read); if (db == NULL) { - goto failure; + goto cleanup; } dns_db_currentversion(db, &oldver); @@ -23455,23 +23398,16 @@ keydone(isc_task_t *task, isc_event_t *event) { dnssec_log(zone, ISC_LOG_ERROR, "keydone:dns_db_newversion -> %s", isc_result_totext(result)); - goto failure; + goto cleanup; } - result = dns_db_getoriginnode(db, &node); - if (result != ISC_R_SUCCESS) { - goto failure; - } + CHECK(dns_db_getoriginnode(db, &node)); result = dns_db_findrdataset(db, node, newver, zone->privatetype, dns_rdatatype_none, 0, &rdataset, NULL); - if (result == ISC_R_NOTFOUND) { - INSIST(!dns_rdataset_isassociated(&rdataset)); - goto failure; - } if (result != ISC_R_SUCCESS) { INSIST(!dns_rdataset_isassociated(&rdataset)); - goto failure; + goto cleanup; } for (result = dns_rdataset_first(&rdataset); result == ISC_R_SUCCESS; @@ -23528,7 +23464,7 @@ keydone(isc_task_t *task, isc_event_t *event) { UNLOCK_ZONE(zone); } -failure: +cleanup: if (dns_rdataset_isassociated(&rdataset)) { dns_rdataset_disassociate(&rdataset); } @@ -23610,7 +23546,7 @@ dns_zone_keydone(dns_zone_t *zone, const char *keystr) { zone_iattach(zone, &dummy); isc_task_send(zone->task, &e); -failure: +cleanup: if (e != NULL) { isc_event_free(&e); } @@ -23725,7 +23661,7 @@ rss_post(dns_zone_t *zone, isc_event_t *event) { } ZONEDB_UNLOCK(&zone->dblock, isc_rwlocktype_read); if (db == NULL) { - goto failure; + goto cleanup; } dns_db_currentversion(db, &oldver); @@ -23734,7 +23670,7 @@ rss_post(dns_zone_t *zone, isc_event_t *event) { dnssec_log(zone, ISC_LOG_ERROR, "setnsec3param:dns_db_newversion -> %s", isc_result_totext(result)); - goto failure; + goto cleanup; } CHECK(dns_db_getoriginnode(db, &node)); @@ -23756,15 +23692,15 @@ rss_post(dns_zone_t *zone, isc_event_t *event) { if (result == ISC_R_SUCCESS) { /* * Success because the NSEC3PARAM already exists, but - * function returns void, so goto failure to clean up. + * function returns void, so goto cleanup. */ - goto failure; + goto cleanup; } if (result != DNS_R_NSEC3RESALT && result != ISC_R_NOTFOUND) { dnssec_log(zone, ISC_LOG_DEBUG(3), "setnsec3param:lookup nsec3param -> %s", isc_result_totext(result)); - goto failure; + goto cleanup; } INSIST(param.salt != NULL); @@ -23808,7 +23744,7 @@ rss_post(dns_zone_t *zone, isc_event_t *event) { } } else if (result != ISC_R_NOTFOUND) { INSIST(!dns_rdataset_isassociated(&prdataset)); - goto failure; + goto cleanup; } /* @@ -23834,7 +23770,7 @@ rss_post(dns_zone_t *zone, isc_event_t *event) { } } else if (result != ISC_R_NOTFOUND) { INSIST(!dns_rdataset_isassociated(&nrdataset)); - goto failure; + goto cleanup; } /* @@ -23898,7 +23834,7 @@ rss_post(dns_zone_t *zone, isc_event_t *event) { UNLOCK_ZONE(zone); } -failure: +cleanup: if (dns_rdataset_isassociated(&prdataset)) { dns_rdataset_disassociate(&prdataset); } @@ -24038,8 +23974,8 @@ setparam: param->salt = lookup->salt; } - if (result != ISC_R_NOTFOUND && result != ISC_R_SUCCESS) { - goto failure; + if (result != ISC_R_NOTFOUND) { + CHECK(result); } if (param->salt_length == 0) { @@ -24074,7 +24010,7 @@ setparam: INSIST(result != ISC_R_SUCCESS); } -failure: +cleanup: if (dns_rdataset_isassociated(&rdataset)) { dns_rdataset_disassociate(&rdataset); } @@ -24224,7 +24160,7 @@ dns_zone_setnsec3param(dns_zone_t *zone, uint8_t hash, uint8_t flags, result = ISC_R_SUCCESS; -failure: +cleanup: if (e != NULL) { isc_event_free(&e); } @@ -24354,7 +24290,7 @@ setserial(isc_task_t *task, isc_event_t *event) { } ZONEDB_UNLOCK(&zone->dblock, isc_rwlocktype_read); if (db == NULL) { - goto failure; + goto cleanup; } dns_db_currentversion(db, &oldver); @@ -24363,7 +24299,7 @@ setserial(isc_task_t *task, isc_event_t *event) { dns_zone_log(zone, ISC_LOG_ERROR, "setserial:dns_db_newversion -> %s", isc_result_totext(result)); - goto failure; + goto cleanup; } CHECK(dns_db_createsoatuple(db, oldver, diff.mctx, DNS_DIFFOP_DEL, @@ -24383,7 +24319,7 @@ setserial(isc_task_t *task, isc_event_t *event) { desired, oldserial + 1, oldserial + 0x7fffffff); } - goto failure; + goto cleanup; } dns_soa_setserial(desired, &newtuple->rdata); @@ -24403,7 +24339,7 @@ setserial(isc_task_t *task, isc_event_t *event) { zone_needdump(zone, 30); UNLOCK_ZONE(zone); -failure: +cleanup: if (oldtuple != NULL) { dns_difftuple_free(&oldtuple); } @@ -24442,14 +24378,12 @@ dns_zone_setserial(dns_zone_t *zone, uint32_t serial) { if (!inline_secure(zone)) { if (!dns_zone_isdynamic(zone, true)) { - result = DNS_R_NOTDYNAMIC; - goto failure; + CHECK(DNS_R_NOTDYNAMIC); } } if (zone->update_disabled) { - result = DNS_R_FROZEN; - goto failure; + CHECK(DNS_R_FROZEN); } e = isc_event_allocate(zone->mctx, zone, DNS_EVENT_SETSERIAL, setserial, @@ -24461,7 +24395,7 @@ dns_zone_setserial(dns_zone_t *zone, uint32_t serial) { zone_iattach(zone, &dummy); isc_task_send(zone->task, &e); -failure: +cleanup: if (e != NULL) { isc_event_free(&e); } @@ -24509,16 +24443,14 @@ dns_zone_verifydb(dns_zone_t *zone, dns_db_t *db, dns_dbversion_t *ver) { if (zone->view != NULL) { result = dns_view_getsecroots(zone->view, &secroots); - if (result != ISC_R_SUCCESS) { - goto done; - } + CHECK(result); } origin = dns_db_origin(db); result = dns_zoneverify_dnssec(zone, db, version, origin, secroots, zone->mctx, true, false, dnssec_report); -done: +cleanup: if (secroots != NULL) { dns_keytable_detach(&secroots); } diff --git a/lib/irs/resconf.c b/lib/irs/resconf.c index cc9fb826d9..3f8fade0bd 100644 --- a/lib/irs/resconf.c +++ b/lib/irs/resconf.c @@ -76,13 +76,6 @@ #define RESCONFMAXLINELEN 256U /*%< max size of a line */ #define RESCONFMAXSORTLIST 10U /*%< max 10 */ -#define CHECK(op) \ - do { \ - result = (op); \ - if (result != ISC_R_SUCCESS) \ - goto cleanup; \ - } while (0) - /*! * configuration data structure */ diff --git a/lib/isc/base32.c b/lib/isc/base32.c index 582b818e28..5650c8a8e0 100644 --- a/lib/isc/base32.c +++ b/lib/isc/base32.c @@ -22,13 +22,6 @@ #include #include -#define RETERR(x) \ - do { \ - isc_result_t _r = (x); \ - if (_r != ISC_R_SUCCESS) \ - return ((_r)); \ - } while (0) - /*@{*/ /*! * These static functions are also present in lib/dns/rdata.c. I'm not diff --git a/lib/isc/base64.c b/lib/isc/base64.c index a51aa0d163..ba4ee7148f 100644 --- a/lib/isc/base64.c +++ b/lib/isc/base64.c @@ -21,13 +21,6 @@ #include #include -#define RETERR(x) \ - do { \ - isc_result_t _r = (x); \ - if (_r != ISC_R_SUCCESS) \ - return ((_r)); \ - } while (0) - /*@{*/ /*! * These static functions are also present in lib/dns/rdata.c. I'm not diff --git a/lib/isc/hex.c b/lib/isc/hex.c index b06b790b73..13f0ba31b9 100644 --- a/lib/isc/hex.c +++ b/lib/isc/hex.c @@ -22,13 +22,6 @@ #include #include -#define RETERR(x) \ - do { \ - isc_result_t _r = (x); \ - if (_r != ISC_R_SUCCESS) \ - return ((_r)); \ - } while (0) - /* * BEW: These static functions are copied from lib/dns/rdata.c. */ diff --git a/lib/isc/httpd.c b/lib/isc/httpd.c index 1064da64c9..72f595589c 100644 --- a/lib/isc/httpd.c +++ b/lib/isc/httpd.c @@ -37,14 +37,6 @@ #include #endif /* ifdef HAVE_ZLIB */ -#define CHECK(m) \ - do { \ - result = (m); \ - if (result != ISC_R_SUCCESS) { \ - goto cleanup; \ - } \ - } while (0) - /* * Size the recv buffer to hold at maximum two full buffers from isc_nm_read(), * so we don't have to handle the truncation. diff --git a/lib/isc/include/isc/util.h b/lib/isc/include/isc/util.h index af197d24cf..2d507c3f7e 100644 --- a/lib/isc/include/isc/util.h +++ b/lib/isc/include/isc/util.h @@ -345,6 +345,29 @@ mock_assert(const int result, const char *const expression, #endif /* UNIT_TESTING */ +/* + * Check for ISC_R_SUCCESS. On any other result, jump to a cleanup + * label. (This macro requires the function to define `result` + * and `cleanup:`.) + */ +#define CHECK(r) \ + do { \ + result = (r); \ + if (result != ISC_R_SUCCESS) \ + goto cleanup; \ + } while (0) + +/* + * Check for ISC_R_SUCCESS and continue if found. For any other + * result, return the result. + */ +#define RETERR(x) \ + do { \ + isc_result_t _r = (x); \ + if (_r != ISC_R_SUCCESS) \ + return ((_r)); \ + } while (0) + /*% * Time */ diff --git a/lib/isccfg/namedconf.c b/lib/isccfg/namedconf.c index 29699611f6..d66ba17695 100644 --- a/lib/isccfg/namedconf.c +++ b/lib/isccfg/namedconf.c @@ -34,14 +34,6 @@ #define TOKEN_STRING(pctx) (pctx->token.value.as_textregion.base) -/*% Check a return value. */ -#define CHECK(op) \ - do { \ - result = (op); \ - if (result != ISC_R_SUCCESS) \ - goto cleanup; \ - } while (0) - /*% Clean up a configuration object if non-NULL. */ #define CLEANUP_OBJ(obj) \ do { \ diff --git a/lib/isccfg/parser.c b/lib/isccfg/parser.c index 333b5af035..fa97009e42 100644 --- a/lib/isccfg/parser.c +++ b/lib/isccfg/parser.c @@ -78,14 +78,6 @@ #define TOKEN_STRING(pctx) (pctx->token.value.as_textregion.base) -/* Check a return value. */ -#define CHECK(op) \ - do { \ - result = (op); \ - if (result != ISC_R_SUCCESS) \ - goto cleanup; \ - } while (0) - /* Clean up a configuration object if non-NULL. */ #define CLEANUP_OBJ(obj) \ do { \ diff --git a/lib/ns/hooks.c b/lib/ns/hooks.c index a266c19598..03f2a83c8a 100644 --- a/lib/ns/hooks.c +++ b/lib/ns/hooks.c @@ -34,14 +34,6 @@ #include #include -#define CHECK(op) \ - do { \ - result = (op); \ - if (result != ISC_R_SUCCESS) { \ - goto cleanup; \ - } \ - } while (0) - struct ns_plugin { isc_mem_t *mctx; uv_lib_t handle; diff --git a/lib/ns/update.c b/lib/ns/update.c index 7819d98bcc..c3e4eb115d 100644 --- a/lib/ns/update.c +++ b/lib/ns/update.c @@ -77,34 +77,6 @@ */ #define LOGLEVEL_DEBUG ISC_LOG_DEBUG(8) -/*% - * Check an operation for failure. These macros all assume that - * the function using them has a 'result' variable and a 'failure' - * label. - */ -#define CHECK(op) \ - do { \ - result = (op); \ - if (result != ISC_R_SUCCESS) \ - goto failure; \ - } while (0) - -/*% - * Fail unconditionally with result 'code', which must not - * be ISC_R_SUCCESS. The reason for failure presumably has - * been logged already. - * - * The test against ISC_R_SUCCESS is there to keep the Solaris compiler - * from complaining about "end-of-loop code not reached". - */ - -#define FAIL(code) \ - do { \ - result = (code); \ - if (result != ISC_R_SUCCESS) \ - goto failure; \ - } while (0) - /*% * Fail unconditionally and log as a client error. * The test against ISC_R_SUCCESS is there to keep the Solaris compiler @@ -127,7 +99,7 @@ "update %s: %s (%s)", _what, msg, \ isc_result_totext(result)); \ if (result != ISC_R_SUCCESS) \ - goto failure; \ + goto cleanup; \ } while (0) #define PREREQFAILC(code, msg) \ do { \ @@ -156,7 +128,7 @@ msg, isc_result_totext(result)); \ } \ if (result != ISC_R_SUCCESS) \ - goto failure; \ + goto cleanup; \ } while (0) #define PREREQFAILN(code, name, msg) \ do { \ @@ -187,7 +159,7 @@ _tbuf, msg, isc_result_totext(result)); \ } \ if (result != ISC_R_SUCCESS) \ - goto failure; \ + goto cleanup; \ } while (0) #define PREREQFAILNT(code, name, type, msg) \ do { \ @@ -206,7 +178,7 @@ update_log(client, zone, LOGLEVEL_PROTOCOL, "error: %s: %s", \ msg, isc_result_totext(result)); \ if (result != ISC_R_SUCCESS) \ - goto failure; \ + goto cleanup; \ } while (0) /* @@ -493,7 +465,7 @@ do_diff(dns_diff_t *updates, dns_db_t *db, dns_dbversion_t *ver, } return ISC_R_SUCCESS; -failure: +cleanup: dns_diff_clear(diff); return result; } @@ -1063,7 +1035,7 @@ temp_append(dns_diff_t *diff, dns_name_t *name, dns_rdata_t *rdata) { CHECK(dns_difftuple_create(diff->mctx, DNS_DIFFOP_EXISTS, name, 0, rdata, &tuple)); ISC_LIST_APPEND(diff->tuples, tuple, link); -failure: +cleanup: return result; } @@ -1208,18 +1180,12 @@ temp_check(isc_mem_t *mctx, dns_diff_t *temp, dns_db_t *db, { dns_rdata_t rdata = DNS_RDATA_INIT; dns_rdataset_current(&rdataset, &rdata); - result = temp_append(&d_rrs, name, &rdata); - if (result != ISC_R_SUCCESS) { - goto failure; - } + CHECK(temp_append(&d_rrs, name, &rdata)); } if (result != ISC_R_NOMORE) { - goto failure; - } - result = dns_diff_sort(&d_rrs, temp_order); - if (result != ISC_R_SUCCESS) { - goto failure; + goto cleanup; } + CHECK(dns_diff_sort(&d_rrs, temp_order)); /* * Collect all update RRs for this name and type @@ -1236,11 +1202,8 @@ temp_check(isc_mem_t *mctx, dns_diff_t *temp, dns_db_t *db, } /* Compare the two sorted lists. */ - result = temp_check_rrset(ISC_LIST_HEAD(u_rrs.tuples), - ISC_LIST_HEAD(d_rrs.tuples)); - if (result != ISC_R_SUCCESS) { - goto failure; - } + CHECK(temp_check_rrset(ISC_LIST_HEAD(u_rrs.tuples), + ISC_LIST_HEAD(d_rrs.tuples))); /* * We are done with the tuples, but we can't free @@ -1253,7 +1216,7 @@ temp_check(isc_mem_t *mctx, dns_diff_t *temp, dns_db_t *db, continue; - failure: + cleanup: dns_diff_clear(&d_rrs); dns_diff_clear(&u_rrs); dns_diff_clear(&trash); @@ -1516,7 +1479,7 @@ add_rr_prepare_action(void *data, rr_t *rr) { dns_diff_append(&ctx->add_diff, &tuple); } } -failure: +cleanup: return result; } @@ -1584,7 +1547,7 @@ update_soa_serial(dns_db_t *db, dns_dbversion_t *ver, dns_diff_t *diff, CHECK(do_one_tuple(&addtuple, db, ver, diff)); result = ISC_R_SUCCESS; -failure: +cleanup: if (addtuple != NULL) { dns_difftuple_free(&addtuple); } @@ -1733,7 +1696,7 @@ send_update_event(ns_client_t *client, dns_zone_t *zone) { } result = dns_zone_checknames(zone, name, &rdata); if (result != ISC_R_SUCCESS) { - FAIL(DNS_R_REFUSED); + CHECK(DNS_R_REFUSED); } } else if (update_class == dns_rdataclass_any) { if (ttl != 0 || rdata.length != 0 || @@ -1750,7 +1713,7 @@ send_update_event(ns_client_t *client, dns_zone_t *zone) { update_log(client, zone, ISC_LOG_WARNING, "update RR has incorrect class %d", update_class); - FAIL(DNS_R_FORMERR); + CHECK(DNS_R_FORMERR); } /* @@ -1866,7 +1829,7 @@ send_update_event(ns_client_t *client, dns_zone_t *zone) { } } if (result != ISC_R_NOMORE) { - FAIL(result); + CHECK(result); } update_log(client, zone, LOGLEVEL_DEBUG, "update section prescan OK"); @@ -1899,7 +1862,7 @@ send_update_event(ns_client_t *client, dns_zone_t *zone) { dns_zone_gettask(zone, &zonetask); isc_task_send(zonetask, ISC_EVENT_PTR(&event)); -failure: +cleanup: if (db != NULL) { dns_db_closeversion(db, &ver, false); dns_db_detach(&db); @@ -2012,9 +1975,7 @@ ns_update_start(ns_client_t *client, isc_nmhandle_t *handle, * We can now fail due to a bad signature as we now know * that we are the primary. */ - if (sigresult != ISC_R_SUCCESS) { - FAIL(sigresult); - } + CHECK(sigresult); dns_message_clonebuffer(client->message); CHECK(send_update_event(client, zone)); break; @@ -2028,7 +1989,7 @@ ns_update_start(ns_client_t *client, isc_nmhandle_t *handle, } return; -failure: +cleanup: if (result == DNS_R_REFUSED) { inc_stats(client, zone, ns_statscounter_updaterej); } @@ -2087,7 +2048,7 @@ remove_orphaned_ds(dns_db_t *db, dns_dbversion_t *newver, dns_diff_t *diff) { } result = ISC_R_SUCCESS; -failure: +cleanup: for (tuple = ISC_LIST_HEAD(temp_diff.tuples); tuple != NULL; tuple = ISC_LIST_HEAD(temp_diff.tuples)) { @@ -2225,7 +2186,7 @@ rr_exists(dns_db_t *db, dns_dbversion_t *ver, dns_name_t *name, if (result == ISC_R_NOTFOUND) { *flag = false; result = ISC_R_SUCCESS; - goto failure; + goto cleanup; } else { CHECK(result); } @@ -2234,7 +2195,7 @@ rr_exists(dns_db_t *db, dns_dbversion_t *ver, dns_name_t *name, if (result == ISC_R_NOTFOUND) { *flag = false; result = ISC_R_SUCCESS; - goto failure; + goto cleanup; } for (result = dns_rdataset_first(&rdataset); result == ISC_R_SUCCESS; @@ -2254,7 +2215,7 @@ rr_exists(dns_db_t *db, dns_dbversion_t *ver, dns_name_t *name, result = ISC_R_SUCCESS; } -failure: +cleanup: if (node != NULL) { dns_db_detachnode(db, &node); } @@ -2281,9 +2242,7 @@ get_iterations(dns_db_t *db, dns_dbversion_t *ver, dns_rdatatype_t privatetype, if (result == ISC_R_NOTFOUND) { goto try_private; } - if (result != ISC_R_SUCCESS) { - goto failure; - } + CHECK(result); for (result = dns_rdataset_first(&rdataset); result == ISC_R_SUCCESS; result = dns_rdataset_next(&rdataset)) @@ -2299,7 +2258,7 @@ get_iterations(dns_db_t *db, dns_dbversion_t *ver, dns_rdatatype_t privatetype, } } if (result != ISC_R_NOMORE) { - goto failure; + goto cleanup; } dns_rdataset_disassociate(&rdataset); @@ -2314,9 +2273,7 @@ try_private: if (result == ISC_R_NOTFOUND) { goto success; } - if (result != ISC_R_SUCCESS) { - goto failure; - } + CHECK(result); for (result = dns_rdataset_first(&rdataset); result == ISC_R_SUCCESS; result = dns_rdataset_next(&rdataset)) @@ -2340,14 +2297,14 @@ try_private: } } if (result != ISC_R_NOMORE) { - goto failure; + goto cleanup; } success: *iterationsp = iterations; result = ISC_R_SUCCESS; -failure: +cleanup: if (node != NULL) { dns_db_detachnode(db, &node); } @@ -2372,8 +2329,7 @@ check_dnssec(ns_client_t *client, dns_zone_t *zone, dns_db_t *db, if (!dns_zone_check_dnskey_nsec3(zone, db, ver, diff, NULL, 0)) { update_log(client, zone, ISC_LOG_ERROR, "NSEC only DNSKEYs and NSEC3 chains not allowed"); - result = DNS_R_REFUSED; - goto failure; + CHECK(DNS_R_REFUSED); } /* Verify NSEC3 params */ @@ -2381,11 +2337,10 @@ check_dnssec(ns_client_t *client, dns_zone_t *zone, dns_db_t *db, if (iterations > dns_nsec3_maxiterations()) { update_log(client, zone, ISC_LOG_ERROR, "too many NSEC3 iterations (%u)", iterations); - result = DNS_R_REFUSED; - goto failure; + CHECK(DNS_R_REFUSED); } -failure: +cleanup: return result; } @@ -2660,7 +2615,7 @@ add_nsec3param_records(ns_client_t *client, dns_zone_t *zone, dns_db_t *db, } result = ISC_R_SUCCESS; -failure: +cleanup: dns_diff_clear(&temp_diff); return result; } @@ -2719,7 +2674,7 @@ rollback_private(dns_db_t *db, dns_rdatatype_t privatetype, } result = ISC_R_SUCCESS; -failure: +cleanup: dns_diff_clear(&temp_diff); return result; } @@ -2860,7 +2815,7 @@ add_signing_records(dns_db_t *db, dns_rdatatype_t privatetype, } } -failure: +cleanup: dns_diff_clear(&temp_diff); return result; } @@ -3013,14 +2968,14 @@ update_action(isc_task_t *task, isc_event_t *event) { UNEXPECTED_ERROR( "temp entry creation failed: %s", isc_result_totext(result)); - FAIL(ISC_R_UNEXPECTED); + CHECK(ISC_R_UNEXPECTED); } } else { PREREQFAILC(DNS_R_FORMERR, "malformed prerequisite"); } } if (result != ISC_R_NOMORE) { - FAIL(result); + CHECK(result); } /* @@ -3287,7 +3242,7 @@ update_action(isc_task_t *task, isc_event_t *event) { if (result != ISC_R_SUCCESS) { dns_diff_clear(&ctx.del_diff); dns_diff_clear(&ctx.add_diff); - goto failure; + goto cleanup; } result = update_one_rr( db, ver, &diff, DNS_DIFFOP_ADD, @@ -3299,7 +3254,7 @@ update_action(isc_task_t *task, isc_event_t *event) { "failed: %s", isc_result_totext( result)); - goto failure; + goto cleanup; } } } @@ -3390,13 +3345,9 @@ update_action(isc_task_t *task, isc_event_t *event) { * that are in use (under our control). */ if (dns_rdatatype_iskeymaterial(rdata.type)) { - isc_result_t r; bool inuse = false; - r = dns_zone_dnskey_inuse(zone, &rdata, - &inuse); - if (r != ISC_R_SUCCESS) { - FAIL(r); - } + CHECK(dns_zone_dnskey_inuse( + zone, &rdata, &inuse)); if (inuse) { char typebuf [DNS_RDATATYPE_FORMATSIZE]; @@ -3423,7 +3374,7 @@ update_action(isc_task_t *task, isc_event_t *event) { } } if (result != ISC_R_NOMORE) { - FAIL(result); + CHECK(result); } /* @@ -3442,8 +3393,7 @@ update_action(isc_task_t *task, isc_event_t *event) { update_log(client, zone, LOGLEVEL_PROTOCOL, "update rejected: post update name server " "sanity check failed"); - result = DNS_R_REFUSED; - goto failure; + CHECK(DNS_R_REFUSED); } } if (!ISC_LIST_EMPTY(diff.tuples)) { @@ -3452,12 +3402,9 @@ update_action(isc_task_t *task, isc_event_t *event) { update_log(client, zone, LOGLEVEL_PROTOCOL, "update rejected: bad %s RRset", result == DNS_R_BADCDS ? "CDS" : "CDNSKEY"); - result = DNS_R_REFUSED; - goto failure; - } - if (result != ISC_R_SUCCESS) { - goto failure; + CHECK(DNS_R_REFUSED); } + CHECK(result); } /* @@ -3499,8 +3446,7 @@ update_action(isc_task_t *task, isc_event_t *event) { "records removed and " "'dnssec-secure-to-insecure' " "not set"); - result = DNS_R_REFUSED; - goto failure; + CHECK(DNS_R_REFUSED); } } @@ -3533,7 +3479,7 @@ update_action(isc_task_t *task, isc_event_t *event) { update_log(client, zone, ISC_LOG_ERROR, "RRSIG/NSEC/NSEC3 update failed: %s", isc_result_totext(result)); - goto failure; + goto cleanup; } } @@ -3545,8 +3491,7 @@ update_action(isc_task_t *task, isc_event_t *event) { "records in zone (%" PRIu64 ") exceeds max-records (%u)", records, maxrecords); - result = DNS_R_TOOMANYRECORDS; - goto failure; + CHECK(DNS_R_TOOMANYRECORDS); } } @@ -3674,7 +3619,7 @@ update_action(isc_task_t *task, isc_event_t *event) { result = ISC_R_SUCCESS; goto common; -failure: +cleanup: /* * The reason for failure should have been logged at this point. */ diff --git a/lib/ns/xfrout.c b/lib/ns/xfrout.c index b1e8cca324..d022a68999 100644 --- a/lib/ns/xfrout.c +++ b/lib/ns/xfrout.c @@ -81,7 +81,7 @@ "bad zone transfer request: %s (%s)", msg, \ isc_result_totext(code)); \ if (result != ISC_R_SUCCESS) \ - goto failure; \ + goto cleanup; \ } while (0) #define FAILQ(code, msg, question, rdclass) \ @@ -96,14 +96,7 @@ "bad zone transfer request: '%s/%s': %s (%s)", \ _buf1, _buf2, msg, isc_result_totext(code)); \ if (result != ISC_R_SUCCESS) \ - goto failure; \ - } while (0) - -#define CHECK(op) \ - do { \ - result = (op); \ - if (result != ISC_R_SUCCESS) \ - goto failure; \ + goto cleanup; \ } while (0) /**************************************************************************/ @@ -250,7 +243,7 @@ ixfr_rrstream_create(isc_mem_t *mctx, const char *journal_filename, *sp = (rrstream_t *)s; return ISC_R_SUCCESS; -failure: +cleanup: ixfr_rrstream_destroy((rrstream_t **)(void *)&s); return result; } @@ -331,7 +324,7 @@ axfr_rrstream_create(isc_mem_t *mctx, dns_db_t *db, dns_dbversion_t *ver, *sp = (rrstream_t *)s; return ISC_R_SUCCESS; -failure: +cleanup: axfr_rrstream_destroy((rrstream_t **)(void *)&s); return result; } @@ -451,7 +444,7 @@ soa_rrstream_create(isc_mem_t *mctx, dns_db_t *db, dns_dbversion_t *ver, *sp = (rrstream_t *)s; return ISC_R_SUCCESS; -failure: +cleanup: soa_rrstream_destroy((rrstream_t **)(void *)&s); return result; } @@ -772,7 +765,7 @@ ns_xfr_start(ns_client_t *client, dns_rdatatype_t reqtype) { isc_log_write(XFROUT_COMMON_LOGARGS, ISC_LOG_WARNING, "%s request denied: %s", mnemonic, isc_result_totext(result)); - goto failure; + goto cleanup; } /* @@ -829,7 +822,7 @@ ns_xfr_start(ns_client_t *client, dns_rdatatype_t reqtype) { ISC_LOG_ERROR, "zone transfer '%s/%s' denied", _buf1, _buf2); - goto failure; + goto cleanup; } if (result != ISC_R_SUCCESS) { FAILQ(DNS_R_NOTAUTH, "non-authoritative zone", @@ -1171,7 +1164,7 @@ have_stream: result = ISC_R_SUCCESS; -failure: +cleanup: if (result == DNS_R_REFUSED) { inc_stats(client, zone, ns_statscounter_xfrrej); } @@ -1279,7 +1272,7 @@ xfrout_ctx_create(isc_mem_t *mctx, ns_client_t *client, unsigned int id, xfr->txmemlen = len; /* - * These MUST be after the last "goto failure;" / CHECK to + * These MUST be after the last "goto cleanup;" / CHECK to * prevent a double free by the caller. */ xfr->quota = quota; @@ -1387,18 +1380,12 @@ sendstream(xfrout_ctx_t *xfr) { isc_buffer_add(&xfr->buf, 12 + 4); qrdataset = NULL; - result = dns_message_gettemprdataset(msg, &qrdataset); - if (result != ISC_R_SUCCESS) { - goto failure; - } + CHECK(dns_message_gettemprdataset(msg, &qrdataset)); dns_rdataset_makequestion(qrdataset, xfr->client->message->rdclass, xfr->qtype); - result = dns_message_gettempname(msg, &qname); - if (result != ISC_R_SUCCESS) { - goto failure; - } + CHECK(dns_message_gettempname(msg, &qname)); isc_buffer_availableregion(&xfr->buf, &r); INSIST(r.length >= xfr->qname->length); r.length = xfr->qname->length; @@ -1458,8 +1445,7 @@ sendstream(xfrout_ctx_t *xfr) { "(%d bytes)", size); /* XXX DNS_R_RRTOOLARGE? */ - result = ISC_R_NOSPACE; - goto failure; + CHECK(ISC_R_NOSPACE); } break; } @@ -1468,10 +1454,7 @@ sendstream(xfrout_ctx_t *xfr) { log_rr(name, rdata, ttl); /* XXX */ } - result = dns_message_gettempname(msg, &msgname); - if (result != ISC_R_SUCCESS) { - goto failure; - } + CHECK(dns_message_gettempname(msg, &msgname)); isc_buffer_availableregion(&xfr->buf, &r); INSIST(r.length >= name->length); r.length = name->length; @@ -1481,20 +1464,14 @@ sendstream(xfrout_ctx_t *xfr) { /* Reserve space for RR header. */ isc_buffer_add(&xfr->buf, 10); - result = dns_message_gettemprdata(msg, &msgrdata); - if (result != ISC_R_SUCCESS) { - goto failure; - } + CHECK(dns_message_gettemprdata(msg, &msgrdata)); isc_buffer_availableregion(&xfr->buf, &r); r.length = rdata->length; isc_buffer_putmem(&xfr->buf, rdata->data, rdata->length); dns_rdata_init(msgrdata); dns_rdata_fromregion(msgrdata, rdata->rdclass, rdata->type, &r); - result = dns_message_gettemprdatalist(msg, &msgrdl); - if (result != ISC_R_SUCCESS) { - goto failure; - } + CHECK(dns_message_gettemprdatalist(msg, &msgrdl)); msgrdl->type = rdata->type; msgrdl->rdclass = rdata->rdclass; msgrdl->ttl = ttl; @@ -1507,10 +1484,7 @@ sendstream(xfrout_ctx_t *xfr) { } ISC_LIST_APPEND(msgrdl->rdata, msgrdata, link); - result = dns_message_gettemprdataset(msg, &msgrds); - if (result != ISC_R_SUCCESS) { - goto failure; - } + CHECK(dns_message_gettemprdataset(msg, &msgrds)); result = dns_rdatalist_tordataset(msgrdl, msgrds); INSIST(result == ISC_R_SUCCESS); @@ -1616,7 +1590,7 @@ sendstream(xfrout_ctx_t *xfr) { /* Advance lasttsig to be the last TSIG generated */ CHECK(dns_message_getquerytsig(msg, xfr->mctx, &xfr->lasttsig)); -failure: +cleanup: if (msgname != NULL) { if (msgrds != NULL) { if (dns_rdataset_isassociated(msgrds)) { diff --git a/tests/dns/rbtdb_test.c b/tests/dns/rbtdb_test.c index 2cd5213e87..a06e4a1ad0 100644 --- a/tests/dns/rbtdb_test.c +++ b/tests/dns/rbtdb_test.c @@ -35,11 +35,9 @@ #pragma GCC diagnostic push #pragma GCC diagnostic ignored "-Wshadow" -#undef CHECK #include "rbtdb.c" #pragma GCC diagnostic pop -#undef CHECK #include const char *ownercase_vectors[12][2] = { diff --git a/tests/dns/update_test.c b/tests/dns/update_test.c index 3661e21260..d260236415 100644 --- a/tests/dns/update_test.c +++ b/tests/dns/update_test.c @@ -38,11 +38,9 @@ */ #pragma GCC diagnostic push #pragma GCC diagnostic ignored "-Wshadow" -#undef CHECK #include "update.c" #pragma GCC diagnostic pop -#undef CHECK #include static int