diff --git a/bin/check/check-tool.c b/bin/check/check-tool.c index b7ca8a8936..0fd104c437 100644 --- a/bin/check/check-tool.c +++ b/bin/check/check-tool.c @@ -52,13 +52,6 @@ #define CHECK_LOCAL 1 #endif /* ifndef CHECK_LOCAL */ -#define CHECK(r) \ - do { \ - result = (r); \ - if (result != ISC_R_SUCCESS) \ - goto cleanup; \ - } while (0) - #define ERR_IS_CNAME 1 #define ERR_NO_ADDRESSES 2 #define ERR_LOOKUP_FAILURE 3 diff --git a/bin/check/named-checkconf.c b/bin/check/named-checkconf.c index 6355079f40..5b2c934e52 100644 --- a/bin/check/named-checkconf.c +++ b/bin/check/named-checkconf.c @@ -44,13 +44,6 @@ #include "check-tool.h" -#define CHECK(r) \ - do { \ - result = (r); \ - if (result != ISC_R_SUCCESS) \ - goto cleanup; \ - } while (0) - /*% usage */ ISC_NORETURN static void usage(void); @@ -115,7 +108,6 @@ get_checknames(const cfg_obj_t **maps, const cfg_obj_t **obj) { static isc_result_t configure_hint(const char *zfile, const char *zclass) { - isc_result_t result; dns_db_t *db = NULL; dns_rdataclass_t rdclass; isc_textregion_t r; @@ -126,15 +118,8 @@ configure_hint(const char *zfile, const char *zclass) { r.base = UNCONST(zclass); r.length = strlen(zclass); - result = dns_rdataclass_fromtext(&rdclass, &r); - if (result != ISC_R_SUCCESS) { - return result; - } - - result = dns_rootns_create(isc_g_mctx, rdclass, zfile, &db); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(dns_rdataclass_fromtext(&rdclass, &r)); + RETERR(dns_rootns_create(isc_g_mctx, rdclass, zfile, &db)); dns_db_detach(&db); return ISC_R_SUCCESS; @@ -512,7 +497,7 @@ load_zones_fromconfig(const cfg_obj_t *config, bool list_zones) { } if (dns_rdataclass_ismeta(viewclass)) { - CHECK(ISC_R_FAILURE); + CLEANUP(ISC_R_FAILURE); } dns_rdataclass_format(viewclass, buf, sizeof(buf)); @@ -698,7 +683,7 @@ main(int argc, char **argv) { fprintf(stderr, "%s: unhandled option -%c\n", isc_commandline_progname, isc_commandline_option); - CHECK(ISC_R_FAILURE); + CLEANUP(ISC_R_FAILURE); } } @@ -710,12 +695,12 @@ main(int argc, char **argv) { if (((flags & CFG_PRINTER_XKEY) != 0) && !print) { fprintf(stderr, "%s: -x cannot be used without -p\n", isc_commandline_progname); - CHECK(ISC_R_FAILURE); + CLEANUP(ISC_R_FAILURE); } if (print && list_zones) { fprintf(stderr, "%s: -l cannot be used with -p\n", isc_commandline_progname); - CHECK(ISC_R_FAILURE); + CLEANUP(ISC_R_FAILURE); } if (isc_commandline_index + 1 < argc) { diff --git a/bin/delv/delv.c b/bin/delv/delv.c index f805e7dd88..262497da41 100644 --- a/bin/delv/delv.c +++ b/bin/delv/delv.c @@ -84,13 +84,6 @@ #include -#define CHECK(r) \ - do { \ - result = (r); \ - if (result != ISC_R_SUCCESS) \ - goto cleanup; \ - } while (0) - #define MAXNAME (DNS_NAME_MAXTEXT + 1) #define MAX_QUERIES 50 @@ -683,8 +676,7 @@ key_fromconfig(const cfg_obj_t *key, dns_client_t *client, dns_view_t *toview) { delv_log(ISC_LOG_ERROR, "key '%s': invalid initialization method '%s'", keynamestr, atstr); - result = ISC_R_FAILURE; - goto cleanup; + CLEANUP(ISC_R_FAILURE); } } @@ -692,13 +684,13 @@ key_fromconfig(const cfg_obj_t *key, dns_client_t *client, dns_view_t *toview) { isc_buffer_init(&rrdatabuf, rrdata, sizeof(rrdata)); if (rdata1 > 0xffff) { - CHECK(ISC_R_RANGE); + CLEANUP(ISC_R_RANGE); } if (rdata2 > 0xff) { - CHECK(ISC_R_RANGE); + CLEANUP(ISC_R_RANGE); } if (rdata3 > 0xff) { - CHECK(ISC_R_RANGE); + CLEANUP(ISC_R_RANGE); } switch (anchortype) { @@ -749,17 +741,17 @@ key_fromconfig(const cfg_obj_t *key, dns_client_t *client, dns_view_t *toview) { switch (ds.digest_type) { case DNS_DSDIGEST_SHA1: if (r.length != ISC_SHA1_DIGESTLENGTH) { - CHECK(ISC_R_UNEXPECTEDEND); + CLEANUP(ISC_R_UNEXPECTEDEND); } break; case DNS_DSDIGEST_SHA256: if (r.length != ISC_SHA256_DIGESTLENGTH) { - CHECK(ISC_R_UNEXPECTEDEND); + CLEANUP(ISC_R_UNEXPECTEDEND); } break; case DNS_DSDIGEST_SHA384: if (r.length != ISC_SHA384_DIGESTLENGTH) { - CHECK(ISC_R_UNEXPECTEDEND); + CLEANUP(ISC_R_UNEXPECTEDEND); } break; } @@ -1765,15 +1757,8 @@ reverse_octets(const char *in, char **p, char *end) { char *dot = strchr(in, '.'); int len; if (dot != NULL) { - isc_result_t result; - result = reverse_octets(dot + 1, p, end); - if (result != ISC_R_SUCCESS) { - return result; - } - result = append_str(".", 1, p, end); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(reverse_octets(dot + 1, p, end)); + RETERR(append_str(".", 1, p, end)); len = (int)(dot - in); } else { len = strlen(in); @@ -1784,7 +1769,6 @@ reverse_octets(const char *in, char **p, char *end) { static isc_result_t get_reverse(char *reverse, size_t len, char *value, bool strict) { int r; - isc_result_t result; isc_netaddr_t addr; addr.family = AF_INET6; @@ -1795,10 +1779,7 @@ get_reverse(char *reverse, size_t len, char *value, bool strict) { dns_name_t *name; name = dns_fixedname_initname(&fname); - result = dns_byaddr_createptrname(&addr, name); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(dns_byaddr_createptrname(&addr, name)); dns_name_format(name, reverse, (unsigned int)len); return ISC_R_SUCCESS; } else { @@ -1815,14 +1796,8 @@ get_reverse(char *reverse, size_t len, char *value, bool strict) { if (strict && inet_pton(AF_INET, value, &addr.type.in) != 1) { return DNS_R_BADDOTTEDQUAD; } - result = reverse_octets(value, &p, end); - if (result != ISC_R_SUCCESS) { - return result; - } - result = append_str(".in-addr.arpa.", 15, &p, end); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(reverse_octets(value, &p, end)); + RETERR(append_str(".in-addr.arpa.", 15, &p, end)); return ISC_R_SUCCESS; } } diff --git a/bin/dig/dig.c b/bin/dig/dig.c index b1d12ec2b6..ecb722b78e 100644 --- a/bin/dig/dig.c +++ b/bin/dig/dig.c @@ -503,10 +503,7 @@ say_message(dns_rdata_t *rdata, dig_query_t *query, isc_buffer_t *buf) { unsigned int styleflags = 0; if (query->lookup->trace || query->lookup->ns_search_only) { - result = dns_rdatatype_totext(rdata->type, buf); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(dns_rdatatype_totext(rdata->type, buf)); ADD_STRING(buf, " "); } @@ -583,14 +580,8 @@ dns64prefix_answer(dns_message_t *msg, isc_buffer_t *buf) { count = 10; } for (i = 0; i < count; i++) { - result = isc_netaddr_totext(&prefix[i].addr, buf); - if (result != ISC_R_SUCCESS) { - return result; - } - result = isc_buffer_printf(buf, "/%u\n", prefix[i].prefixlen); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(isc_netaddr_totext(&prefix[i].addr, buf)); + RETERR(isc_buffer_printf(buf, "/%u\n", prefix[i].prefixlen)); } return ISC_R_SUCCESS; diff --git a/bin/dig/dighost.c b/bin/dig/dighost.c index 30895c8103..80253b18d6 100644 --- a/bin/dig/dighost.c +++ b/bin/dig/dighost.c @@ -291,15 +291,8 @@ reverse_octets(const char *in, char **p, char *end) { const char *dot = strchr(in, '.'); size_t len; if (dot != NULL) { - isc_result_t result; - result = reverse_octets(dot + 1, p, end); - if (result != ISC_R_SUCCESS) { - return result; - } - result = append(".", 1, p, end); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(reverse_octets(dot + 1, p, end)); + RETERR(append(".", 1, p, end)); len = (int)(dot - in); } else { len = (int)strlen(in); @@ -310,7 +303,6 @@ reverse_octets(const char *in, char **p, char *end) { isc_result_t get_reverse(char *reverse, size_t len, char *value, bool strict) { int r; - isc_result_t result; isc_netaddr_t addr; addr.family = AF_INET6; @@ -321,10 +313,7 @@ get_reverse(char *reverse, size_t len, char *value, bool strict) { dns_name_t *name; name = dns_fixedname_initname(&fname); - result = dns_byaddr_createptrname(&addr, name); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(dns_byaddr_createptrname(&addr, name)); dns_name_format(name, reverse, (unsigned int)len); return ISC_R_SUCCESS; } else { @@ -341,15 +330,9 @@ get_reverse(char *reverse, size_t len, char *value, bool strict) { if (strict && inet_pton(AF_INET, value, &addr.type.in) != 1) { return DNS_R_BADDOTTEDQUAD; } - result = reverse_octets(value, &p, end); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(reverse_octets(value, &p, end)); /* Append .in-addr.arpa. and a terminating NUL. */ - result = append(".in-addr.arpa.", 15, &p, end); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(append(".in-addr.arpa.", 15, &p, end)); return ISC_R_SUCCESS; } } @@ -862,26 +845,19 @@ setup_text_key(void) { secretsize = (unsigned int)strlen(keysecret) * 3 / 4; secretstore = isc_mem_allocate(isc_g_mctx, secretsize); isc_buffer_init(&secretbuf, secretstore, secretsize); - result = isc_base64_decodestring(keysecret, &secretbuf); - if (result != ISC_R_SUCCESS) { - goto failure; - } + CHECK(isc_base64_decodestring(keysecret, &secretbuf)); secretsize = isc_buffer_usedlength(&secretbuf); if (hmac_alg == DST_ALG_UNKNOWN) { - result = DST_R_UNSUPPORTEDALG; - goto failure; + CLEANUP(DST_R_UNSUPPORTEDALG); } - result = dns_name_fromtext(keyname, namebuf, dns_rootname, 0); - if (result != ISC_R_SUCCESS) { - goto failure; - } + CHECK(dns_name_fromtext(keyname, namebuf, dns_rootname, 0)); result = dns_tsigkey_create(keyname, hmac_alg, secretstore, (int)secretsize, isc_g_mctx, &tsigkey); -failure: +cleanup: if (result != ISC_R_SUCCESS) { printf(";; Couldn't create key %s: %s\n", keynametext, isc_result_totext(result)); @@ -1086,16 +1062,10 @@ read_confkey(void) { return ISC_R_FILENOTFOUND; } - result = cfg_parse_file(isc_g_mctx, keyfile, &cfg_type_sessionkey, 0, - &file); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(cfg_parse_file(isc_g_mctx, keyfile, &cfg_type_sessionkey, 0, + &file)); - result = cfg_map_get(file, "key", &keyobj); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(cfg_map_get(file, "key", &keyobj)); (void)cfg_map_get(keyobj, "secret", &secretobj); (void)cfg_map_get(keyobj, "algorithm", &algorithmobj); @@ -1147,7 +1117,7 @@ setup_file_key(void) { if (result != ISC_R_SUCCESS) { fprintf(stderr, "Couldn't read key from %s: %s\n", keyfile, isc_result_totext(result)); - goto failure; + goto cleanup; } switch (dst_key_alg(dstkey)) { @@ -1175,7 +1145,7 @@ setup_file_key(void) { } } -failure: +cleanup: if (dstkey != NULL) { dst_key_free(&dstkey); } @@ -2764,21 +2734,14 @@ get_create_tls_context(dig_query_t *query, const bool is_https, if (result != ISC_R_SUCCESS) { if (query->lookup->tls_ca_set) { if (found_store == NULL) { - result = isc_tls_cert_store_create( - query->lookup->tls_ca_file, &store); - - if (result != ISC_R_SUCCESS) { - goto failure; - } + CHECK(isc_tls_cert_store_create( + query->lookup->tls_ca_file, &store)); } else { store = found_store; } } - result = isc_tlsctx_createclient(&ctx); - if (result != ISC_R_SUCCESS) { - goto failure; - } + CHECK(isc_tlsctx_createclient(&ctx)); if (store != NULL) { const char *hostname = get_tls_sni_hostname(query); @@ -2788,23 +2751,17 @@ get_create_tls_context(dig_query_t *query, const bool is_https, * SubjectAltName must be checked. That is NOT the case * for HTTPS. */ - result = isc_tlsctx_enable_peer_verification( + CHECK(isc_tlsctx_enable_peer_verification( ctx, false, store, hostname, - hostname_ignore_subject); - if (result != ISC_R_SUCCESS) { - goto failure; - } + hostname_ignore_subject)); } if (query->lookup->tls_key_file_set && query->lookup->tls_cert_file_set) { - result = isc_tlsctx_load_certificate( + CHECK(isc_tlsctx_load_certificate( ctx, query->lookup->tls_key_file, - query->lookup->tls_cert_file); - if (result != ISC_R_SUCCESS) { - goto failure; - } + query->lookup->tls_cert_file)); } if (!is_https) { @@ -2840,7 +2797,7 @@ get_create_tls_context(dig_query_t *query, const bool is_https, INSIST(!query->lookup->tls_ca_set || found_store != NULL); return found_ctx; -failure: +cleanup: if (ctx != NULL) { isc_tlsctx_free(&ctx); } diff --git a/bin/dig/host.c b/bin/dig/host.c index df38b0f24a..4156aec9a8 100644 --- a/bin/dig/host.c +++ b/bin/dig/host.c @@ -208,7 +208,6 @@ printsection(dns_message_t *msg, dns_section_t sectionid, const char *section_name, bool headers, dig_query_t *query) { dns_name_t *print_name; isc_buffer_t target; - isc_result_t result; isc_region_t r; dns_name_t empty_name; char tbuf[4096] = { 0 }; @@ -245,12 +244,9 @@ printsection(dns_message_t *msg, dns_section_t sectionid, continue; } if (!short_form) { - result = dns_rdataset_totext(rdataset, - print_name, false, - no_rdata, &target); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(dns_rdataset_totext(rdataset, print_name, + false, no_rdata, + &target)); #ifdef USEINITALWS if (first) { print_name = &empty_name; @@ -305,7 +301,6 @@ static isc_result_t printrdata(dns_message_t *msg, dns_rdataset_t *rdataset, const dns_name_t *owner, const char *set_name, bool headers) { isc_buffer_t target; - isc_result_t result; isc_region_t r; char tbuf[4096]; @@ -316,10 +311,7 @@ printrdata(dns_message_t *msg, dns_rdataset_t *rdataset, isc_buffer_init(&target, tbuf, sizeof(tbuf)); - result = dns_rdataset_totext(rdataset, owner, false, false, &target); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(dns_rdataset_totext(rdataset, owner, false, false, &target)); isc_buffer_usedregion(&target, &r); printf("%.*s", (int)r.length, (char *)r.base); @@ -501,50 +493,35 @@ printmessage(dig_query_t *query, const isc_buffer_t *msgbuf, dns_message_t *msg, if (!ISC_LIST_EMPTY(msg->sections[DNS_SECTION_QUESTION]) && !short_form) { printf("\n"); - result = printsection(msg, DNS_SECTION_QUESTION, "QUESTION", - true, query); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(printsection(msg, DNS_SECTION_QUESTION, "QUESTION", true, + query)); } if (!ISC_LIST_EMPTY(msg->sections[DNS_SECTION_ANSWER])) { if (!short_form) { printf("\n"); } - result = printsection(msg, DNS_SECTION_ANSWER, "ANSWER", - !short_form, query); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(printsection(msg, DNS_SECTION_ANSWER, "ANSWER", + !short_form, query)); } if (!ISC_LIST_EMPTY(msg->sections[DNS_SECTION_AUTHORITY]) && !short_form) { printf("\n"); - result = printsection(msg, DNS_SECTION_AUTHORITY, "AUTHORITY", - true, query); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(printsection(msg, DNS_SECTION_AUTHORITY, "AUTHORITY", + true, query)); } if (!ISC_LIST_EMPTY(msg->sections[DNS_SECTION_ADDITIONAL]) && !short_form) { printf("\n"); - result = printsection(msg, DNS_SECTION_ADDITIONAL, "ADDITIONAL", - true, query); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(printsection(msg, DNS_SECTION_ADDITIONAL, "ADDITIONAL", + true, query)); } if ((tsig != NULL) && !short_form) { printf("\n"); - result = printrdata(msg, tsig, tsigname, "PSEUDOSECTION TSIG", - true); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(printrdata(msg, tsig, tsigname, "PSEUDOSECTION TSIG", + true)); } if (!short_form) { printf("\n"); diff --git a/bin/dnssec/dnssec-keyfromlabel.c b/bin/dnssec/dnssec-keyfromlabel.c index 9245fb7cef..288b7fc85d 100644 --- a/bin/dnssec/dnssec-keyfromlabel.c +++ b/bin/dnssec/dnssec-keyfromlabel.c @@ -116,7 +116,7 @@ main(int argc, char **argv) { dst_algorithm_t alg; bool oldstyle = false; int ch; - isc_result_t ret; + isc_result_t result; isc_textregion_t r; char filename[255]; isc_buffer_t buf; @@ -182,10 +182,10 @@ main(int argc, char **argv) { break; case 'K': directory = isc_commandline_argument; - ret = try_dir(directory); - if (ret != ISC_R_SUCCESS) { + result = try_dir(directory); + if (result != ISC_R_SUCCESS) { fatal("cannot open directory %s: %s", directory, - isc_result_totext(ret)); + isc_result_totext(result)); } break; case 'k': @@ -358,11 +358,11 @@ main(int argc, char **argv) { isc_buffer_init(&buf, argv[isc_commandline_index], strlen(argv[isc_commandline_index])); isc_buffer_add(&buf, strlen(argv[isc_commandline_index])); - ret = dns_name_fromtext(name, &buf, dns_rootname, 0); - if (ret != ISC_R_SUCCESS) { + result = dns_name_fromtext(name, &buf, dns_rootname, 0); + if (result != ISC_R_SUCCESS) { fatal("invalid key name %s: %s", argv[isc_commandline_index], - isc_result_totext(ret)); + isc_result_totext(result)); } if (strchr(label, ':') == NULL) { @@ -382,8 +382,8 @@ main(int argc, char **argv) { r.base = algname; r.length = strlen(algname); - ret = dst_algorithm_fromtext(&alg, &r); - if (ret != ISC_R_SUCCESS) { + result = dst_algorithm_fromtext(&alg, &r); + if (result != ISC_R_SUCCESS) { fatal("unknown algorithm %s", algname); } @@ -459,12 +459,13 @@ main(int argc, char **argv) { fatal("-S and -G cannot be used together"); } - ret = dst_key_fromnamedfile(predecessor, directory, - DST_TYPE_PUBLIC | DST_TYPE_PRIVATE, - isc_g_mctx, &prevkey); - if (ret != ISC_R_SUCCESS) { + result = dst_key_fromnamedfile(predecessor, directory, + DST_TYPE_PUBLIC | + DST_TYPE_PRIVATE, + isc_g_mctx, &prevkey); + if (result != ISC_R_SUCCESS) { fatal("Invalid keyfile %s: %s", predecessor, - isc_result_totext(ret)); + isc_result_totext(result)); } if (!dst_key_isprivate(prevkey)) { fatal("%s is not a private key", predecessor); @@ -482,16 +483,16 @@ main(int argc, char **argv) { keystr, major, minor); } - ret = dst_key_gettime(prevkey, DST_TIME_ACTIVATE, &when); - if (ret != ISC_R_SUCCESS) { + result = dst_key_gettime(prevkey, DST_TIME_ACTIVATE, &when); + if (result != ISC_R_SUCCESS) { fatal("Key %s has no activation date.\n\t" "You must use dnssec-settime -A to set one " "before generating a successor.", keystr); } - ret = dst_key_gettime(prevkey, DST_TIME_INACTIVE, &activate); - if (ret != ISC_R_SUCCESS) { + result = dst_key_gettime(prevkey, DST_TIME_INACTIVE, &activate); + if (result != ISC_R_SUCCESS) { fatal("Key %s has no inactivation date.\n\t" "You must use dnssec-settime -I to set one " "before generating a successor.", @@ -510,8 +511,8 @@ main(int argc, char **argv) { keystr); } - ret = dst_key_gettime(prevkey, DST_TIME_DELETE, &when); - if (ret != ISC_R_SUCCESS) { + result = dst_key_gettime(prevkey, DST_TIME_DELETE, &when); + if (result != ISC_R_SUCCESS) { fprintf(stderr, "%s: WARNING: Key %s has no removal " "date;\n\t it will remain in the zone " @@ -556,16 +557,16 @@ main(int argc, char **argv) { isc_buffer_init(&buf, filename, sizeof(filename) - 1); /* associate the key */ - ret = dst_key_fromlabel(name, alg, flags, DNS_KEYPROTO_DNSSEC, rdclass, - label, NULL, isc_g_mctx, &key); + result = dst_key_fromlabel(name, alg, flags, DNS_KEYPROTO_DNSSEC, + rdclass, label, NULL, isc_g_mctx, &key); - if (ret != ISC_R_SUCCESS) { + if (result != ISC_R_SUCCESS) { char namestr[DNS_NAME_FORMATSIZE]; char algstr[DNS_SECALG_FORMATSIZE]; dns_name_format(name, namestr, sizeof(namestr)); dns_secalg_format(alg, algstr, sizeof(algstr)); fatal("failed to get key %s/%s: %s", namestr, algstr, - isc_result_totext(ret)); + isc_result_totext(result)); UNREACHABLE(); exit(EXIT_FAILURE); } @@ -651,10 +652,10 @@ main(int argc, char **argv) { &exact)) { isc_buffer_clear(&buf); - ret = dst_key_buildfilename(key, 0, directory, &buf); - if (ret != ISC_R_SUCCESS) { + result = dst_key_buildfilename(key, 0, directory, &buf); + if (result != ISC_R_SUCCESS) { fatal("dst_key_buildfilename returned: %s\n", - isc_result_totext(ret)); + isc_result_totext(result)); } if (exact) { fatal("%s: %s already exists\n", @@ -675,19 +676,19 @@ main(int argc, char **argv) { isc_commandline_progname, filename); } - ret = dst_key_tofile(key, options, directory); - if (ret != ISC_R_SUCCESS) { + result = dst_key_tofile(key, options, directory); + if (result != ISC_R_SUCCESS) { char keystr[DST_KEY_FORMATSIZE]; dst_key_format(key, keystr, sizeof(keystr)); fatal("failed to write key %s: %s\n", keystr, - isc_result_totext(ret)); + isc_result_totext(result)); } isc_buffer_clear(&buf); - ret = dst_key_buildfilename(key, 0, NULL, &buf); - if (ret != ISC_R_SUCCESS) { + result = dst_key_buildfilename(key, 0, NULL, &buf); + if (result != ISC_R_SUCCESS) { fatal("dst_key_buildfilename returned: %s\n", - isc_result_totext(ret)); + isc_result_totext(result)); } printf("%s\n", filename); dst_key_free(&key); diff --git a/bin/dnssec/dnssec-keygen.c b/bin/dnssec/dnssec-keygen.c index 6c6e82f097..17556b17b9 100644 --- a/bin/dnssec/dnssec-keygen.c +++ b/bin/dnssec/dnssec-keygen.c @@ -241,7 +241,7 @@ keygen(keygen_ctx_t *ctx, int argc, char **argv) { isc_buffer_t buf; dns_name_t *name; dns_fixedname_t fname; - isc_result_t ret; + isc_result_t result; dst_key_t *key = NULL; dst_key_t *prevkey = NULL; @@ -258,11 +258,11 @@ keygen(keygen_ctx_t *ctx, int argc, char **argv) { isc_buffer_init(&buf, argv[isc_commandline_index], strlen(argv[isc_commandline_index])); isc_buffer_add(&buf, strlen(argv[isc_commandline_index])); - ret = dns_name_fromtext(name, &buf, dns_rootname, 0); - if (ret != ISC_R_SUCCESS) { + result = dns_name_fromtext(name, &buf, dns_rootname, 0); + if (result != ISC_R_SUCCESS) { fatal("invalid key name %s: %s", argv[isc_commandline_index], - isc_result_totext(ret)); + isc_result_totext(result)); } if (!dst_algorithm_supported(ctx->alg)) { @@ -391,13 +391,13 @@ keygen(keygen_ctx_t *ctx, int argc, char **argv) { fatal("-S and -G cannot be used together"); } - ret = dst_key_fromnamedfile(ctx->predecessor, ctx->directory, - DST_TYPE_PUBLIC | DST_TYPE_PRIVATE | - DST_TYPE_STATE, - isc_g_mctx, &prevkey); - if (ret != ISC_R_SUCCESS) { + result = dst_key_fromnamedfile( + ctx->predecessor, ctx->directory, + DST_TYPE_PUBLIC | DST_TYPE_PRIVATE | DST_TYPE_STATE, + isc_g_mctx, &prevkey); + if (result != ISC_R_SUCCESS) { fatal("Invalid keyfile %s: %s", ctx->predecessor, - isc_result_totext(ret)); + isc_result_totext(result)); } if (!dst_key_isprivate(prevkey)) { fatal("%s is not a private key", ctx->predecessor); @@ -416,17 +416,17 @@ keygen(keygen_ctx_t *ctx, int argc, char **argv) { keystr, major, minor); } - ret = dst_key_gettime(prevkey, DST_TIME_ACTIVATE, &when); - if (ret != ISC_R_SUCCESS) { + result = dst_key_gettime(prevkey, DST_TIME_ACTIVATE, &when); + if (result != ISC_R_SUCCESS) { fatal("Key %s has no activation date.\n\t" "You must use dnssec-settime -A to set one " "before generating a successor.", keystr); } - ret = dst_key_gettime(prevkey, DST_TIME_INACTIVE, - &ctx->activate); - if (ret != ISC_R_SUCCESS) { + result = dst_key_gettime(prevkey, DST_TIME_INACTIVE, + &ctx->activate); + if (result != ISC_R_SUCCESS) { fatal("Key %s has no inactivation date.\n\t" "You must use dnssec-settime -I to set one " "before generating a successor.", @@ -445,8 +445,8 @@ keygen(keygen_ctx_t *ctx, int argc, char **argv) { keystr); } - ret = dst_key_gettime(prevkey, DST_TIME_DELETE, &when); - if (ret != ISC_R_SUCCESS) { + result = dst_key_gettime(prevkey, DST_TIME_DELETE, &when); + if (result != ISC_R_SUCCESS) { fprintf(stderr, "%s: WARNING: Key %s has no removal " "date;\n\t it will remain in the zone " @@ -558,19 +558,19 @@ keygen(keygen_ctx_t *ctx, int argc, char **argv) { } if (ctx->keystore != NULL && ctx->policy != NULL) { - ret = dns_keystore_keygen( + result = dns_keystore_keygen( ctx->keystore, name, ctx->policy, ctx->rdclass, isc_g_mctx, ctx->alg, ctx->size, flags, &key); } else if (!ctx->quiet && show_progress) { - ret = dst_key_generate(name, ctx->alg, ctx->size, 0, - flags, DNS_KEYPROTO_DNSSEC, - ctx->rdclass, NULL, isc_g_mctx, - &key, &progress); + result = dst_key_generate(name, ctx->alg, ctx->size, 0, + flags, DNS_KEYPROTO_DNSSEC, + ctx->rdclass, NULL, + isc_g_mctx, &key, &progress); } else { - ret = dst_key_generate(name, ctx->alg, ctx->size, 0, - flags, DNS_KEYPROTO_DNSSEC, - ctx->rdclass, NULL, isc_g_mctx, - &key, NULL); + result = dst_key_generate(name, ctx->alg, ctx->size, 0, + flags, DNS_KEYPROTO_DNSSEC, + ctx->rdclass, NULL, + isc_g_mctx, &key, NULL); } if (!ctx->quiet && show_progress) { @@ -578,11 +578,11 @@ keygen(keygen_ctx_t *ctx, int argc, char **argv) { fflush(stderr); } - if (ret != ISC_R_SUCCESS) { + if (result != ISC_R_SUCCESS) { char namestr[DNS_NAME_FORMATSIZE]; dns_name_format(name, namestr, sizeof(namestr)); fatal("failed to generate key %s/%s: %s\n", namestr, - algstr, isc_result_totext(ret)); + algstr, isc_result_totext(result)); } /* @@ -715,9 +715,9 @@ keygen(keygen_ctx_t *ctx, int argc, char **argv) { if (verbose > 0) { isc_buffer_clear(&buf); - ret = dst_key_buildfilename( + result = dst_key_buildfilename( key, 0, ctx->directory, &buf); - if (ret == ISC_R_SUCCESS) { + if (result == ISC_R_SUCCESS) { fprintf(stderr, "%s: %s already exists, or " "might collide with another " @@ -741,28 +741,28 @@ keygen(keygen_ctx_t *ctx, int argc, char **argv) { dst_key_setnum(prevkey, DST_NUM_SUCCESSOR, dst_key_id(key)); dst_key_setnum(key, DST_NUM_PREDECESSOR, dst_key_id(prevkey)); - ret = dst_key_tofile(prevkey, ctx->options, ctx->directory); - if (ret != ISC_R_SUCCESS) { + result = dst_key_tofile(prevkey, ctx->options, ctx->directory); + if (result != ISC_R_SUCCESS) { char keystr[DST_KEY_FORMATSIZE]; dst_key_format(prevkey, keystr, sizeof(keystr)); fatal("failed to update predecessor %s: %s\n", keystr, - isc_result_totext(ret)); + isc_result_totext(result)); } } - ret = dst_key_tofile(key, ctx->options, ctx->directory); - if (ret != ISC_R_SUCCESS) { + result = dst_key_tofile(key, ctx->options, ctx->directory); + if (result != ISC_R_SUCCESS) { char keystr[DST_KEY_FORMATSIZE]; dst_key_format(key, keystr, sizeof(keystr)); fatal("failed to write key %s: %s\n", keystr, - isc_result_totext(ret)); + isc_result_totext(result)); } isc_buffer_clear(&buf); - ret = dst_key_buildfilename(key, 0, NULL, &buf); - if (ret != ISC_R_SUCCESS) { + result = dst_key_buildfilename(key, 0, NULL, &buf); + if (result != ISC_R_SUCCESS) { fatal("dst_key_buildfilename returned: %s\n", - isc_result_totext(ret)); + isc_result_totext(result)); } printf("%s\n", filename); @@ -776,10 +776,10 @@ static void check_keystore_options(keygen_ctx_t *ctx) { ctx->directory = dns_keystore_directory(ctx->keystore, NULL); if (ctx->directory != NULL) { - isc_result_t ret = try_dir(ctx->directory); - if (ret != ISC_R_SUCCESS) { + isc_result_t result = try_dir(ctx->directory); + if (result != ISC_R_SUCCESS) { fatal("cannot open directory %s: %s", ctx->directory, - isc_result_totext(ret)); + isc_result_totext(result)); } } } @@ -789,7 +789,7 @@ main(int argc, char **argv) { char *algname = NULL, *freeit = NULL; char *classname = NULL; char *endp; - isc_result_t ret; + isc_result_t result; isc_textregion_t r; unsigned char c; int ch; @@ -878,10 +878,10 @@ main(int argc, char **argv) { break; case 'K': ctx.directory = isc_commandline_argument; - ret = try_dir(ctx.directory); - if (ret != ISC_R_SUCCESS) { + result = try_dir(ctx.directory); + if (result != ISC_R_SUCCESS) { fatal("cannot open directory %s: %s", - ctx.directory, isc_result_totext(ret)); + ctx.directory, isc_result_totext(result)); } break; case 'k': @@ -1096,8 +1096,8 @@ main(int argc, char **argv) { } r.base = algname; r.length = strlen(algname); - ret = dst_algorithm_fromtext(&ctx.alg, &r); - if (ret != ISC_R_SUCCESS) { + result = dst_algorithm_fromtext(&ctx.alg, &r); + if (result != ISC_R_SUCCESS) { fatal("unknown algorithm %s", algname); } if (!dst_algorithm_supported(ctx.alg)) { diff --git a/bin/dnssec/dnssec-ksr.c b/bin/dnssec/dnssec-ksr.c index a4ef81b82e..8f0c61c7a1 100644 --- a/bin/dnssec/dnssec-ksr.c +++ b/bin/dnssec/dnssec-ksr.c @@ -91,24 +91,9 @@ static int min_dh = 128; #define READLINE(lex, opt, token) -#define NEXTTOKEN(lex, opt, token) \ - { \ - ret = isc_lex_gettoken(lex, opt, token); \ - if (ret != ISC_R_SUCCESS) \ - goto cleanup; \ - } +#define NEXTTOKEN(lex, opt, token) CHECK(isc_lex_gettoken(lex, opt, token)) -#define BADTOKEN() \ - { \ - ret = ISC_R_UNEXPECTEDTOKEN; \ - goto cleanup; \ - } - -#define CHECK(r) \ - ret = (r); \ - if (ret != ISC_R_SUCCESS) { \ - goto fail; \ - } +#define BADTOKEN() CLEANUP(ISC_R_UNEXPECTEDTOKEN) isc_bufferlist_t cleanup_list = ISC_LIST_INITIALIZER; @@ -209,16 +194,16 @@ get_dnskeys(ksr_ctx_t *ksr, dns_dnsseckeylist_t *keys) { dns_dnsseckeylist_t keys_read; dns_dnsseckey_t **keys_sorted; int i = 0, n = 0; - isc_result_t ret; + isc_result_t result; ISC_LIST_INIT(*keys); ISC_LIST_INIT(keys_read); - ret = dns_dnssec_findmatchingkeys(name, NULL, ksr->keydir, NULL, - ksr->now, false, isc_g_mctx, - &keys_read); - if (ret != ISC_R_SUCCESS && ret != ISC_R_NOTFOUND) { + result = dns_dnssec_findmatchingkeys(name, NULL, ksr->keydir, NULL, + ksr->now, false, isc_g_mctx, + &keys_read); + if (result != ISC_R_SUCCESS && result != ISC_R_NOTFOUND) { fatal("failed to load existing keys from %s: %s", ksr->keydir, - isc_result_totext(ret)); + isc_result_totext(result)); } /* Sort on keytag. */ ISC_LIST_FOREACH(keys_read, dk, link) { @@ -323,7 +308,7 @@ create_key(ksr_ctx_t *ksr, dns_kasp_t *kasp, dns_kasp_key_t *kaspkey, dst_key_t *key = NULL; int options = (DST_TYPE_PRIVATE | DST_TYPE_PUBLIC | DST_TYPE_STATE); isc_buffer_t buf; - isc_result_t ret; + isc_result_t result; isc_stdtime_t prepub; uint16_t flags = DNS_KEYOWNER_ZONE; @@ -421,26 +406,26 @@ create_key(ksr_ctx_t *ksr, dns_kasp_t *kasp, dns_kasp_key_t *kaspkey, "Generating key pair for bundle %s: ", timestr); } if (ksr->keystore != NULL && ksr->policy != NULL) { - ret = dns_keystore_keygen( + result = dns_keystore_keygen( ksr->keystore, name, ksr->policy, dns_rdataclass_in, isc_g_mctx, ksr->alg, ksr->size, flags, &key); } else if (show_progress) { - ret = dst_key_generate(name, ksr->alg, ksr->size, 0, - flags, DNS_KEYPROTO_DNSSEC, - dns_rdataclass_in, NULL, - isc_g_mctx, &key, &progress); + result = dst_key_generate(name, ksr->alg, ksr->size, 0, + flags, DNS_KEYPROTO_DNSSEC, + dns_rdataclass_in, NULL, + isc_g_mctx, &key, &progress); fflush(stderr); } else { - ret = dst_key_generate(name, ksr->alg, ksr->size, 0, - flags, DNS_KEYPROTO_DNSSEC, - dns_rdataclass_in, NULL, - isc_g_mctx, &key, NULL); + result = dst_key_generate(name, ksr->alg, ksr->size, 0, + flags, DNS_KEYPROTO_DNSSEC, + dns_rdataclass_in, NULL, + isc_g_mctx, &key, NULL); } - if (ret != ISC_R_SUCCESS) { + if (result != ISC_R_SUCCESS) { fatal("failed to generate key %s/%s: %s\n", namestr, - algstr, isc_result_totext(ret)); + algstr, isc_result_totext(result)); } /* Do not overwrite an existing key. */ @@ -451,9 +436,9 @@ create_key(ksr_ctx_t *ksr, dns_kasp_t *kasp, dns_kasp_key_t *kaspkey, conflict = true; if (verbose > 0) { isc_buffer_clear(&buf); - ret = dst_key_buildfilename(key, 0, ksr->keydir, - &buf); - if (ret == ISC_R_SUCCESS) { + result = dst_key_buildfilename( + key, 0, ksr->keydir, &buf); + if (result == ISC_R_SUCCESS) { fprintf(stderr, "%s: %s already exists, or " "might collide with another " @@ -502,20 +487,20 @@ create_key(ksr_ctx_t *ksr, dns_kasp_t *kasp, dns_kasp_key_t *kaspkey, *expiration = 0; } - ret = dst_key_tofile(key, options, ksr->keydir); - if (ret != ISC_R_SUCCESS) { + result = dst_key_tofile(key, options, ksr->keydir); + if (result != ISC_R_SUCCESS) { char keystr[DST_KEY_FORMATSIZE]; dst_key_format(key, keystr, sizeof(keystr)); fatal("failed to write key %s: %s\n", keystr, - isc_result_totext(ret)); + isc_result_totext(result)); } output: isc_buffer_clear(&buf); - ret = dst_key_buildfilename(key, 0, NULL, &buf); - if (ret != ISC_R_SUCCESS) { + result = dst_key_buildfilename(key, 0, NULL, &buf); + if (result != ISC_R_SUCCESS) { fatal("dst_key_buildfilename returned: %s\n", - isc_result_totext(ret)); + isc_result_totext(result)); } printf("%s\n", filename); fflush(stdout); @@ -528,12 +513,12 @@ static void print_rdata(dns_rdataset_t *rrset) { isc_buffer_t target; isc_region_t r; - isc_result_t ret; + isc_result_t result; char buf[4096]; isc_buffer_init(&target, buf, sizeof(buf)); - ret = dns_rdataset_totext(rrset, name, false, false, &target); - if (ret != ISC_R_SUCCESS) { + result = dns_rdataset_totext(rrset, name, false, false, &target); + if (result != ISC_R_SUCCESS) { fatal("failed to print rdata"); } isc_buffer_usedregion(&target, &r); @@ -547,7 +532,7 @@ print_dnskeys(dns_kasp_key_t *kaspkey, dns_ttl_t ttl, dns_dnsseckeylist_t *keys, char timestr[26]; /* Minimal buf as per ctime_r() spec. */ dns_rdatalist_t *rdatalist = NULL; dns_rdataset_t rdataset = DNS_RDATASET_INIT; - isc_result_t ret = ISC_R_SUCCESS; + isc_result_t result = ISC_R_SUCCESS; isc_stdtime_t next_bundle = next_inception; isc_stdtime_tostring(inception, timestr, sizeof(timestr)); @@ -614,11 +599,11 @@ print_dnskeys(dns_kasp_key_t *kaspkey, dns_ttl_t ttl, dns_dnsseckeylist_t *keys, dns_rdatalist_tordataset(rdatalist, &rdataset); print_rdata(&rdataset); -fail: +cleanup: /* Cleanup */ freerrset(&rdataset); - if (ret != ISC_R_SUCCESS) { + if (result != ISC_R_SUCCESS) { fatal("failed to print %s/%s zsk key pair found for bundle %s", namestr, algstr, timestr); } @@ -631,7 +616,7 @@ sign_rrset(ksr_ctx_t *ksr, isc_stdtime_t inception, isc_stdtime_t expiration, dns_rdataset_t *rrset, dns_dnsseckeylist_t *keys) { dns_rdatalist_t *rrsiglist = NULL; dns_rdataset_t rrsigset = DNS_RDATASET_INIT; - isc_result_t ret; + isc_result_t result; isc_stdtime_t next_bundle = expiration; UNUSED(ksr); @@ -646,10 +631,10 @@ sign_rrset(ksr_ctx_t *ksr, isc_stdtime_t inception, isc_stdtime_t expiration, isc_buffer_init(&timebuf, timestr, sizeof(timestr)); isc_stdtime_tostring(inception, timestr, sizeof(timestr)); isc_buffer_init(&b, utc, sizeof(utc)); - ret = dns_time32_totext(inception, &b); - if (ret != ISC_R_SUCCESS) { + result = dns_time32_totext(inception, &b); + if (result != ISC_R_SUCCESS) { fatal("failed to convert bundle time32 to text: %s", - isc_result_totext(ret)); + isc_result_totext(result)); } isc_buffer_usedregion(&b, &r); fprintf(stdout, ";; SignedKeyResponse 1.0 %.*s (%s)\n", @@ -696,9 +681,9 @@ sign_rrset(ksr_ctx_t *ksr, isc_stdtime_t inception, isc_stdtime_t expiration, rrsig = isc_mem_get(isc_g_mctx, sizeof(*rrsig)); dns_rdata_init(rrsig); isc_buffer_init(&buf, rdatabuf, sizeof(rdatabuf)); - ret = dns_dnssec_sign(name, rrset, dk->key, &clockskew, - &expiration, isc_g_mctx, &buf, &rdata); - if (ret != ISC_R_SUCCESS) { + result = dns_dnssec_sign(name, rrset, dk->key, &clockskew, + &expiration, isc_g_mctx, &buf, &rdata); + if (result != ISC_R_SUCCESS) { fatal("failed to sign KSR"); } isc_buffer_usedregion(&buf, &rs); @@ -733,7 +718,7 @@ get_keymaterial(ksr_ctx_t *ksr, dns_kasp_t *kasp, isc_stdtime_t inception, dns_rdatalist_t *cdnskeylist = isc_mem_get(isc_g_mctx, sizeof(*cdnskeylist)); dns_rdatalist_t *cdslist = isc_mem_get(isc_g_mctx, sizeof(*cdslist)); - isc_result_t ret = ISC_R_SUCCESS; + isc_result_t result = ISC_R_SUCCESS; isc_stdtime_t next_bundle = next_inception; dns_rdatalist_init(dnskeylist); @@ -873,7 +858,7 @@ get_keymaterial(ksr_ctx_t *ksr, dns_kasp_t *kasp, isc_stdtime_t inception, return next_bundle; -fail: +cleanup: fatal("failed to create KSK/CDS/CDNSKEY"); return 0; } @@ -968,7 +953,7 @@ parse_dnskey(isc_lex_t *lex, char *owner, isc_buffer_t *buf, dns_ttl_t *ttl) { dns_name_t *dname = NULL; dns_rdataclass_t rdclass = dns_rdataclass_in; isc_buffer_t b; - isc_result_t ret; + isc_result_t result; isc_token_t token; unsigned int opt = ISC_LEXOPT_EOL; @@ -982,12 +967,9 @@ parse_dnskey(isc_lex_t *lex, char *owner, isc_buffer_t *buf, dns_ttl_t *ttl) { dname = dns_fixedname_initname(&dfname); isc_buffer_init(&b, owner, strlen(owner)); isc_buffer_add(&b, strlen(owner)); - ret = dns_name_fromtext(dname, &b, dns_rootname, 0); - if (ret != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(dns_name_fromtext(dname, &b, dns_rootname, 0)); if (dns_name_compare(dname, name) != 0) { - ret = DNS_R_BADOWNERNAME; + result = DNS_R_BADOWNERNAME; goto cleanup; } isc_buffer_clear(&b); @@ -999,8 +981,8 @@ parse_dnskey(isc_lex_t *lex, char *owner, isc_buffer_t *buf, dns_ttl_t *ttl) { } /* If it's a TTL, read the next one */ - ret = dns_ttl_fromtext(&token.value.as_textregion, ttl); - if (ret == ISC_R_SUCCESS) { + result = dns_ttl_fromtext(&token.value.as_textregion, ttl); + if (result == ISC_R_SUCCESS) { NEXTTOKEN(lex, opt, &token); } if (token.type != isc_tokentype_string) { @@ -1008,8 +990,8 @@ parse_dnskey(isc_lex_t *lex, char *owner, isc_buffer_t *buf, dns_ttl_t *ttl) { } /* If it's a class, read the next one */ - ret = dns_rdataclass_fromtext(&rdclass, &token.value.as_textregion); - if (ret == ISC_R_SUCCESS) { + result = dns_rdataclass_fromtext(&rdclass, &token.value.as_textregion); + if (result == ISC_R_SUCCESS) { NEXTTOKEN(lex, opt, &token); } if (token.type != isc_tokentype_string) { @@ -1021,12 +1003,12 @@ parse_dnskey(isc_lex_t *lex, char *owner, isc_buffer_t *buf, dns_ttl_t *ttl) { BADTOKEN(); } - ret = dns_rdata_fromtext(NULL, rdclass, dns_rdatatype_dnskey, lex, name, - 0, isc_g_mctx, buf, NULL); + result = dns_rdata_fromtext(NULL, rdclass, dns_rdatatype_dnskey, lex, + name, 0, isc_g_mctx, buf, NULL); cleanup: isc_lex_setcomments(lex, 0); - return ret; + return result; } static void @@ -1097,14 +1079,14 @@ request(ksr_ctx_t *ksr) { char utc[sizeof("YYYYMMDDHHSSMM")]; isc_buffer_t b; isc_region_t r; - isc_result_t ret; + isc_result_t result; isc_stdtime_tostring(inception, timestr, sizeof(timestr)); isc_buffer_init(&b, utc, sizeof(utc)); - ret = dns_time32_totext(inception, &b); - if (ret != ISC_R_SUCCESS) { + result = dns_time32_totext(inception, &b); + if (result != ISC_R_SUCCESS) { fatal("failed to convert bundle time32 to text: %s", - isc_result_totext(ret)); + isc_result_totext(result)); } isc_buffer_usedregion(&b, &r); fprintf(stdout, ";; KeySigningRequest 1.0 %.*s (%s)\n", @@ -1146,7 +1128,7 @@ sign(ksr_ctx_t *ksr) { dns_dnsseckeylist_t keys; dns_kasp_t *kasp = NULL; dns_rdatalist_t *rdatalist = NULL; - isc_result_t ret; + isc_result_t result; isc_stdtime_t inception; isc_lex_t *lex = NULL; isc_lexspecials_t specials; @@ -1172,14 +1154,15 @@ sign(ksr_ctx_t *ksr) { specials[')'] = 1; specials['"'] = 1; isc_lex_setspecials(lex, specials); - ret = isc_lex_openfile(lex, ksr->file); - if (ret != ISC_R_SUCCESS) { + result = isc_lex_openfile(lex, ksr->file); + if (result != ISC_R_SUCCESS) { fatal("unable to open KSR file %s: %s", ksr->file, - isc_result_totext(ret)); + isc_result_totext(result)); } - for (ret = isc_lex_gettoken(lex, opt, &token); ret == ISC_R_SUCCESS; - ret = isc_lex_gettoken(lex, opt, &token)) + for (result = isc_lex_gettoken(lex, opt, &token); + result == ISC_R_SUCCESS; + result = isc_lex_gettoken(lex, opt, &token)) { if (token.type != isc_tokentype_string) { fatal("bad KSR file %s(%lu): syntax error", ksr->file, @@ -1245,13 +1228,13 @@ sign(ksr_ctx_t *ksr) { readline: /* Read remainder of header line */ do { - ret = isc_lex_gettoken(lex, opt, &token); - if (ret != ISC_R_SUCCESS) { + result = isc_lex_gettoken(lex, opt, &token); + if (result != ISC_R_SUCCESS) { fatal("bad KSR file %s(%lu): bad " "header (%s)", ksr->file, isc_lex_getsourceline(lex), - isc_result_totext(ret)); + isc_result_totext(result)); } } while (token.type != isc_tokentype_eol); } else { @@ -1268,11 +1251,11 @@ sign(ksr_ctx_t *ksr) { rdata = isc_mem_get(isc_g_mctx, sizeof(*rdata)); dns_rdata_init(rdata); isc_buffer_init(&buf, rdatabuf, sizeof(rdatabuf)); - ret = parse_dnskey(lex, STR(token), &buf, &ttl); - if (ret != ISC_R_SUCCESS) { + result = parse_dnskey(lex, STR(token), &buf, &ttl); + if (result != ISC_R_SUCCESS) { fatal("bad KSR file %s(%lu): bad DNSKEY (%s)", ksr->file, isc_lex_getsourceline(lex), - isc_result_totext(ret)); + isc_result_totext(result)); } isc_buffer_usedregion(&buf, &r); isc_buffer_allocate(isc_g_mctx, &newbuf, r.length); @@ -1290,7 +1273,7 @@ sign(ksr_ctx_t *ksr) { } } - if (ret != ISC_R_EOF) { + if (result != ISC_R_EOF) { fatal("bad KSR file %s(%lu): trailing garbage data", ksr->file, isc_lex_getsourceline(lex)); } @@ -1308,14 +1291,14 @@ sign(ksr_ctx_t *ksr) { fprintf(stdout, ";; SignedKeyResponse 1.0 generated at %s by %s\n", timestr, PACKAGE_VERSION); -fail: +cleanup: isc_lex_destroy(&lex); cleanup(&keys, kasp); } int main(int argc, char *argv[]) { - isc_result_t ret; + isc_result_t result; isc_buffer_t buf; int ch; char *endp; @@ -1354,10 +1337,10 @@ main(int argc, char *argv[]) { break; case 'K': ksr.keydir = isc_commandline_argument; - ret = try_dir(ksr.keydir); - if (ret != ISC_R_SUCCESS) { + result = try_dir(ksr.keydir); + if (result != ISC_R_SUCCESS) { fatal("cannot open directory %s: %s", - ksr.keydir, isc_result_totext(ret)); + ksr.keydir, isc_result_totext(result)); } break; case 'k': @@ -1405,10 +1388,10 @@ main(int argc, char *argv[]) { name = dns_fixedname_initname(&fname); isc_buffer_init(&buf, argv[1], strlen(argv[1])); isc_buffer_add(&buf, strlen(argv[1])); - ret = dns_name_fromtext(name, &buf, dns_rootname, 0); - if (ret != ISC_R_SUCCESS) { + result = dns_name_fromtext(name, &buf, dns_rootname, 0); + if (result != ISC_R_SUCCESS) { fatal("invalid zone name %s: %s", argv[1], - isc_result_totext(ret)); + isc_result_totext(result)); } /* command */ diff --git a/bin/dnssec/dnssec-signzone.c b/bin/dnssec/dnssec-signzone.c index 7057ed8a2e..3b139ef91c 100644 --- a/bin/dnssec/dnssec-signzone.c +++ b/bin/dnssec/dnssec-signzone.c @@ -727,9 +727,9 @@ signset(dns_diff_t *del, dns_diff_t *add, dns_dbnode_t *node, dns_name_t *name, */ bool have_pre_sig = false; uint32_t pre; - isc_result_t ret = dst_key_getnum( - key->key, DST_NUM_PREDECESSOR, &pre); - if (ret == ISC_R_SUCCESS) { + result = dst_key_getnum(key->key, DST_NUM_PREDECESSOR, + &pre); + if (result == ISC_R_SUCCESS) { /* * This key has a predecessor, look for the * corresponding key in the keylist. The @@ -749,10 +749,10 @@ signset(dns_diff_t *del, dns_diff_t *add, dns_dbnode_t *node, dns_name_t *name, { continue; } - ret = dst_key_getnum(curr->key, - DST_NUM_SUCCESSOR, - &suc); - if (ret != ISC_R_SUCCESS || + result = dst_key_getnum( + curr->key, DST_NUM_SUCCESSOR, + &suc); + if (result != ISC_R_SUCCESS || dst_key_id(key->key) != suc) { continue; @@ -1377,18 +1377,12 @@ setsoaserial(uint32_t serial, dns_updatemethod_t method) { uint32_t old_serial, new_serial = 0; dns_updatemethod_t used = dns_updatemethod_none; - result = dns_db_getoriginnode(gdb, &node); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(dns_db_getoriginnode(gdb, &node)); dns_rdataset_init(&rdataset); - result = dns_db_findrdataset(gdb, node, gversion, dns_rdatatype_soa, 0, - 0, &rdataset, NULL); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(dns_db_findrdataset(gdb, node, gversion, dns_rdatatype_soa, 0, 0, + &rdataset, NULL)); result = dns_rdataset_first(&rdataset); RUNTIME_CHECK(result == ISC_R_SUCCESS); @@ -2520,22 +2514,14 @@ loadzonekeys(bool preserve_keys, bool load_public) { dns_rdataset_init(&keysigs); /* Make note of the keys which signed the SOA, if any */ - result = dns_db_findrdataset(gdb, node, currentversion, - dns_rdatatype_soa, 0, 0, &rdataset, - &soasigs); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(dns_db_findrdataset(gdb, node, currentversion, dns_rdatatype_soa, + 0, 0, &rdataset, &soasigs)); /* Preserve the TTL of the DNSKEY RRset, if any */ dns_rdataset_disassociate(&rdataset); - result = dns_db_findrdataset(gdb, node, currentversion, - dns_rdatatype_dnskey, 0, 0, &rdataset, - &keysigs); - - if (result != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(dns_db_findrdataset(gdb, node, currentversion, + dns_rdatatype_dnskey, 0, 0, &rdataset, + &keysigs)); if (set_keyttl && keyttl != rdataset.ttl) { fprintf(stderr, @@ -2886,12 +2872,8 @@ set_nsec3params(bool update, bool set_salt, bool set_optout, bool set_iter) { dns_rdataset_init(&rdataset); orig_saltlen = sizeof(orig_salt); - result = dns_db_getnsec3parameters(gdb, ver, &orig_hash, NULL, - &orig_iter, orig_salt, - &orig_saltlen); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(dns_db_getnsec3parameters(gdb, ver, &orig_hash, NULL, &orig_iter, + orig_salt, &orig_saltlen)); nsec_datatype = dns_rdatatype_nsec3; @@ -2928,16 +2910,10 @@ set_nsec3params(bool update, bool set_salt, bool set_optout, bool set_iter) { orig_saltlen); check_result(result, "dns_nsec3_hashname"); - result = dns_db_findnsec3node(gdb, hashname, false, &node); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(dns_db_findnsec3node(gdb, hashname, false, &node)); - result = dns_db_findrdataset(gdb, node, ver, dns_rdatatype_nsec3, 0, 0, - &rdataset, NULL); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(dns_db_findrdataset(gdb, node, ver, dns_rdatatype_nsec3, 0, 0, + &rdataset, NULL)); result = dns_rdataset_first(&rdataset); check_result(result, "dns_rdataset_first"); diff --git a/bin/named/builtin.c b/bin/named/builtin.c index c24fbe164e..9ab76d5063 100644 --- a/bin/named/builtin.c +++ b/bin/named/builtin.c @@ -166,10 +166,7 @@ putrr(bdbnode_t *node, const char *type, dns_ttl_t ttl, const char *data) { origin = &node->bdb->common.origin; isc_constregion_t r = { .base = type, .length = strlen(type) }; - result = dns_rdatatype_fromtext(&typeval, (isc_textregion_t *)&r); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(dns_rdatatype_fromtext(&typeval, (isc_textregion_t *)&r)); isc_lex_create(mctx, 64, &lex); @@ -177,10 +174,7 @@ putrr(bdbnode_t *node, const char *type, dns_ttl_t ttl, const char *data) { isc_buffer_constinit(&b, data, datalen); isc_buffer_add(&b, datalen); - result = isc_lex_openbuffer(lex, &b); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(isc_lex_openbuffer(lex, &b)); isc_buffer_allocate(mctx, &rb, DNS_RDATA_MAXLENGTH); result = dns_rdata_fromtext(NULL, node->bdb->common.rdclass, typeval, @@ -535,7 +529,6 @@ hostname_lookup(bdbnode_t *node) { static isc_result_t authors_lookup(bdbnode_t *node) { - isc_result_t result; const char **p = NULL; static const char *authors[] = { "Mark Andrews", "Curtis Blackburn", @@ -559,10 +552,7 @@ authors_lookup(bdbnode_t *node) { } for (p = authors; *p != NULL; p++) { - result = puttxt(node, *p); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(puttxt(node, *p)); } return ISC_R_SUCCESS; } @@ -591,14 +581,10 @@ empty_lookup(bdbnode_t *node) { static isc_result_t ipv4only_lookup(bdbnode_t *node) { - isc_result_t result; unsigned char data[2][4] = { { 192, 0, 0, 170 }, { 192, 0, 0, 171 } }; for (int i = 0; i < 2; i++) { - result = putrdata(node, dns_rdatatype_a, 3600, data[i], 4); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(putrdata(node, dns_rdatatype_a, 3600, data[i], 4)); } return ISC_R_SUCCESS; } @@ -846,10 +832,7 @@ findnode(dns_db_t *db, const dns_name_t *name, bool create, dns_name_getlabelsequence(name, 0, labels, &relname); name = &relname; - result = createnode(bdb, &node); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(createnode(bdb, &node)); result = builtin_lookup(bdb, name, node); if (result != ISC_R_SUCCESS && (!isorigin || result != ISC_R_NOTFOUND)) @@ -1173,15 +1156,13 @@ create(isc_mem_t *mctx, const dns_name_t *origin, dns_dbtype_t type, if (needargs) { if (argc != 3) { - result = DNS_R_SYNTAX; - goto cleanup; + CLEANUP(DNS_R_SYNTAX); } bdb->server = isc_mem_strdup(isc_g_mctx, argv[1]); bdb->contact = isc_mem_strdup(isc_g_mctx, argv[2]); } else if (argc != 1) { - result = DNS_R_SYNTAX; - goto cleanup; + CLEANUP(DNS_R_SYNTAX); } bdb->common.magic = DNS_DB_MAGIC; @@ -1214,11 +1195,8 @@ isc_result_t named_builtin_init(void) { isc_result_t result; - result = dns_db_register("_builtin", create, &builtin, isc_g_mctx, - &builtin.dbimp); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(dns_db_register("_builtin", create, &builtin, isc_g_mctx, + &builtin.dbimp)); result = dns_db_register("_dns64", create, &dns64, isc_g_mctx, &dns64.dbimp); diff --git a/bin/named/config.c b/bin/named/config.c index 81eb498925..c953f4c45a 100644 --- a/bin/named/config.c +++ b/bin/named/config.c @@ -72,11 +72,8 @@ named_config_parsefile(cfg_obj_t **conf) { ISC_LOG_INFO, "parsing user configuration from '%s'", named_g_conffile); - result = cfg_parse_file(isc_g_mctx, named_g_conffile, - &cfg_type_namedconf, 0, conf); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(cfg_parse_file(isc_g_mctx, named_g_conffile, &cfg_type_namedconf, + 0, conf)); /* * Check the validity of the configuration. @@ -85,11 +82,7 @@ named_config_parsefile(cfg_obj_t **conf) { * checked later when the modules are actually loaded and * registered.) */ - result = isccfg_check_namedconf(*conf, BIND_CHECK_ALGORITHMS, - isc_g_mctx); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(isccfg_check_namedconf(*conf, BIND_CHECK_ALGORITHMS, isc_g_mctx)); goto out; @@ -255,17 +248,13 @@ named_config_getzonetype(const cfg_obj_t *zonetypeobj) { isc_result_t named_config_getremotesdef(const cfg_obj_t *cctx, const char *list, const char *name, const cfg_obj_t **ret) { - isc_result_t result; const cfg_obj_t *obj = NULL; REQUIRE(cctx != NULL); REQUIRE(name != NULL); REQUIRE(ret != NULL && *ret == NULL); - result = cfg_map_get(cctx, list, &obj); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(cfg_map_get(cctx, list, &obj)); CFG_LIST_FOREACH(obj, elt) { obj = cfg_listelt_value(elt); if (strcasecmp(cfg_obj_asstring(cfg_tuple_get(obj, "name")), @@ -568,24 +557,15 @@ named_config_getipandkeylist(const cfg_obj_t *config, const cfg_obj_t *list, /* * Get system defaults. */ - result = named_config_getport(config, "port", &def_port); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(named_config_getport(config, "port", &def_port)); - result = named_config_getport(config, "tls-port", &def_tlsport); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(named_config_getport(config, "tls-port", &def_tlsport)); /* * Process the (nested) list(s). */ - result = getipandkeylist(def_port, def_tlsport, config, list, - (in_port_t)0, NULL, NULL, mctx, &s); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(getipandkeylist(def_port, def_tlsport, config, list, (in_port_t)0, + NULL, NULL, mctx, &s)); shrink_array(mctx, s.addrs, s.count, s.addrsallocated); shrink_array(mctx, s.keys, s.count, s.keysallocated); @@ -713,7 +693,6 @@ named_config_getkeyalgorithm(const char *str, unsigned int *typep, int i; size_t len = 0; uint16_t bits; - isc_result_t result; for (i = 0; algorithms[i].str != NULL; i++) { len = strlen(algorithms[i].str); @@ -728,10 +707,7 @@ named_config_getkeyalgorithm(const char *str, unsigned int *typep, return ISC_R_NOTFOUND; } if (str[len] == '-') { - result = isc_parse_uint16(&bits, str + len + 1, 10); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(isc_parse_uint16(&bits, str + len + 1, 10)); if (bits > algorithms[i].size) { return ISC_R_RANGE; } diff --git a/bin/named/control.c b/bin/named/control.c index 8857f5eb90..709d74ea55 100644 --- a/bin/named/control.c +++ b/bin/named/control.c @@ -37,15 +37,11 @@ static isc_result_t getcommand(isc_lex_t *lex, char **cmdp) { - isc_result_t result; isc_token_t token; REQUIRE(cmdp != NULL && *cmdp == NULL); - result = isc_lex_gettoken(lex, ISC_LEXOPT_EOF, &token); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(isc_lex_gettoken(lex, ISC_LEXOPT_EOF, &token)); isc_lex_ungettoken(lex, &token); @@ -89,27 +85,15 @@ named_control_docommand(isccc_sexpr_t *message, bool readonly, return ISC_R_FAILURE; } - result = isccc_cc_lookupstring(data, "type", &cmdline); - if (result != ISC_R_SUCCESS) { - /* - * We have no idea what this is. - */ - return result; - } + RETERR(isccc_cc_lookupstring(data, "type", &cmdline)); isc_lex_create(isc_g_mctx, strlen(cmdline), &lex); isc_buffer_init(&src, cmdline, strlen(cmdline)); isc_buffer_add(&src, strlen(cmdline)); - result = isc_lex_openbuffer(lex, &src); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(isc_lex_openbuffer(lex, &src)); - result = getcommand(lex, &command); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(getcommand(lex, &command)); /* * Compare the 'command' parameter against all known control commands. @@ -140,8 +124,7 @@ named_control_docommand(isccc_sexpr_t *message, bool readonly, "rejecting restricted control channel " "command '%s'", cmdline); - result = ISC_R_FAILURE; - goto cleanup; + CLEANUP(ISC_R_FAILURE); } isc_log_write(NAMED_LOGCATEGORY_GENERAL, NAMED_LOGMODULE_CONTROL, diff --git a/bin/named/controlconf.c b/bin/named/controlconf.c index e1d1a46d7e..4653bcafa7 100644 --- a/bin/named/controlconf.c +++ b/bin/named/controlconf.c @@ -149,14 +149,6 @@ ISC_REFCOUNT_DECL(controlconnection); #define CLOCKSKEW 300 -#define CHECK(x) \ - { \ - result = (x); \ - if (result != ISC_R_SUCCESS) { \ - goto cleanup; \ - } \ - } - static void free_controlkey(controlkey_t *key, isc_mem_t *mctx) { if (key->keyname != NULL) { @@ -313,11 +305,8 @@ control_respond(controlconnection_t *conn) { isc_region_t r; isc_result_t result; - result = isccc_cc_createresponse(conn->request, conn->now, - conn->now + 60, &conn->response); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(isccc_cc_createresponse(conn->request, conn->now, conn->now + 60, + &conn->response)); if (conn->result == ISC_R_SHUTTINGDOWN) { result = ISC_R_SUCCESS; @@ -453,14 +442,12 @@ control_recvmessage(isc_nmhandle_t *handle ISC_ATTR_UNUSED, isc_result_t result, } if (!match) { - result = ISCCC_R_BADAUTH; - goto cleanup; + CLEANUP(ISCCC_R_BADAUTH); } /* We shouldn't be getting a reply. */ if (isccc_cc_isreply(conn->request)) { - result = ISC_R_FAILURE; - goto cleanup; + CLEANUP(ISC_R_FAILURE); } conn->now = isc_stdtime_now(); @@ -470,20 +457,17 @@ control_recvmessage(isc_nmhandle_t *handle ISC_ATTR_UNUSED, isc_result_t result, */ conn->ctrl = isccc_alist_lookup(conn->request, "_ctrl"); if (!isccc_alist_alistp(conn->ctrl)) { - result = ISC_R_FAILURE; - goto cleanup; + CLEANUP(ISC_R_FAILURE); } if (isccc_cc_lookupuint32(conn->ctrl, "_tim", &sent) == ISC_R_SUCCESS) { if ((sent + CLOCKSKEW) < conn->now || (sent - CLOCKSKEW) > conn->now) { - result = DNS_R_CLOCKSKEW; - goto cleanup; + CLEANUP(DNS_R_CLOCKSKEW); } } else { - result = ISC_R_FAILURE; - goto cleanup; + CLEANUP(ISC_R_FAILURE); } /* @@ -492,8 +476,7 @@ control_recvmessage(isc_nmhandle_t *handle ISC_ATTR_UNUSED, isc_result_t result, if (isccc_cc_lookupuint32(conn->ctrl, "_exp", &exp) == ISC_R_SUCCESS && conn->now > exp) { - result = DNS_R_EXPIRED; - goto cleanup; + CLEANUP(DNS_R_EXPIRED); } /* @@ -516,8 +499,7 @@ control_recvmessage(isc_nmhandle_t *handle ISC_ATTR_UNUSED, isc_result_t result, ISC_R_SUCCESS || conn->nonce != nonce)) { - result = ISCCC_R_BADAUTH; - goto cleanup; + CLEANUP(ISCCC_R_BADAUTH); } isc_buffer_allocate(listener->mctx, &conn->text, 2 * 2048); @@ -1094,7 +1076,7 @@ add_listener(named_controls_t *cp, controllistener_t **listenerp, if ((pf == AF_INET && isc_net_probeipv4() != ISC_R_SUCCESS) || (pf == AF_INET6 && isc_net_probeipv6() != ISC_R_SUCCESS)) { - CHECK(ISC_R_FAMILYNOSUPPORT); + CLEANUP(ISC_R_FAMILYNOSUPPORT); } CHECK(isc_nm_listentcp(ISC_NM_LISTEN_ONE, &listener->address, diff --git a/bin/named/log.c b/bin/named/log.c index e4867ffbc5..c2a2acc855 100644 --- a/bin/named/log.c +++ b/bin/named/log.c @@ -44,10 +44,7 @@ named_log_init(bool safe) { named_log_setdefaultchannels(lcfg); } - result = named_log_setdefaultcategory(lcfg); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(named_log_setdefaultcategory(lcfg)); named_log_setdefaultsslkeylogfile(lcfg); rcu_read_unlock(); @@ -199,12 +196,8 @@ isc_result_t named_log_setdefaultcategory(isc_logconfig_t *lcfg) { isc_result_t result = ISC_R_SUCCESS; - result = isc_log_usechannel(lcfg, "default_debug", - ISC_LOGCATEGORY_DEFAULT, - ISC_LOGMODULE_DEFAULT); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(isc_log_usechannel(lcfg, "default_debug", ISC_LOGCATEGORY_DEFAULT, + ISC_LOGMODULE_DEFAULT)); if (!named_g_logstderr) { if (named_g_logfile != NULL) { diff --git a/bin/named/logconf.c b/bin/named/logconf.c index 1b0412009d..b1e8cdc7f9 100644 --- a/bin/named/logconf.c +++ b/bin/named/logconf.c @@ -28,13 +28,6 @@ #include #include -#define CHECK(op) \ - do { \ - result = (op); \ - if (result != ISC_R_SUCCESS) \ - goto cleanup; \ - } while (0) - /*% * Set up a logging category according to the named.conf data * in 'ccat' and add it to 'logconfig'. diff --git a/bin/named/server.c b/bin/named/server.c index a6f262b3c0..4dc7b91afa 100644 --- a/bin/named/server.c +++ b/bin/named/server.c @@ -180,13 +180,6 @@ * Check an operation for failure. Assumes that the function * using it has a 'result' variable and a 'cleanup' label. */ -#define CHECK(op) \ - do { \ - result = (op); \ - if (result != ISC_R_SUCCESS) \ - goto cleanup; \ - } while (0) - #define TCHECK(op) \ do { \ tresult = (op); \ @@ -677,7 +670,7 @@ ta_fromconfig(const cfg_obj_t *key, bool *initialp, const char **namestrp, INIT_DS, STATIC_DS, TRUSTED - } anchortype; + } anchortype = TRUSTED; dst_algorithm_t algorithm; REQUIRE(namestrp != NULL && *namestrp == NULL); @@ -718,11 +711,8 @@ ta_fromconfig(const cfg_obj_t *key, bool *initialp, const char **namestrp, "key '%s': " "invalid initialization method '%s'", namestr, atstr); - result = ISC_R_FAILURE; - goto cleanup; + CLEANUP(ISC_R_FAILURE); } - } else { - anchortype = TRUSTED; } isc_buffer_init(&databuf, data, sizeof(data)); @@ -773,7 +763,7 @@ ta_fromconfig(const cfg_obj_t *key, bool *initialp, const char **namestrp, keystruct.algorithm, keystruct.data, keystruct.datalen); if (!dst_algorithm_supported(algorithm)) { - CHECK(DST_R_UNSUPPORTEDALG); + CLEANUP(DST_R_UNSUPPORTEDALG); } CHECK(dns_rdata_fromstruct(&rdata, keystruct.common.rdclass, @@ -806,30 +796,30 @@ ta_fromconfig(const cfg_obj_t *key, bool *initialp, const char **namestrp, switch (ds->digest_type) { case DNS_DSDIGEST_SHA1: if (r.length != ISC_SHA1_DIGESTLENGTH) { - CHECK(ISC_R_UNEXPECTEDEND); + CLEANUP(ISC_R_UNEXPECTEDEND); } break; case DNS_DSDIGEST_SHA256: if (r.length != ISC_SHA256_DIGESTLENGTH) { - CHECK(ISC_R_UNEXPECTEDEND); + CLEANUP(ISC_R_UNEXPECTEDEND); } break; case DNS_DSDIGEST_SHA384: if (r.length != ISC_SHA384_DIGESTLENGTH) { - CHECK(ISC_R_UNEXPECTEDEND); + CLEANUP(ISC_R_UNEXPECTEDEND); } break; #if defined(DNS_DSDIGEST_SHA256PRIVATE) case DNS_DSDIGEST_SHA256PRIVATE: if (r.length < ISC_SHA256_DIGESTLENGTH) { - CHECK(ISC_R_UNEXPECTEDEND); + CLEANUP(ISC_R_UNEXPECTEDEND); } break; #endif #if defined(DNS_DSDIGEST_SHA384PRIVATE) case DNS_DSDIGEST_SHA384PRIVATE: if (r.length < ISC_SHA384_DIGESTLENGTH) { - CHECK(ISC_R_UNEXPECTEDEND); + CLEANUP(ISC_R_UNEXPECTEDEND); } break; #endif @@ -838,13 +828,12 @@ ta_fromconfig(const cfg_obj_t *key, bool *initialp, const char **namestrp, "key '%s': " "unknown ds digest type %u", namestr, ds->digest_type); - result = ISC_R_FAILURE; - goto cleanup; + CLEANUP(ISC_R_FAILURE); break; } if (r.length > digest_len) { - CHECK(ISC_R_NOSPACE); + CLEANUP(ISC_R_NOSPACE); } ds->length = r.length; ds->digest = digest; @@ -883,7 +872,7 @@ ta_fromconfig(const cfg_obj_t *key, bool *initialp, const char **namestrp, } #endif if (!dst_algorithm_supported(algorithm)) { - CHECK(DST_R_UNSUPPORTEDALG); + CLEANUP(DST_R_UNSUPPORTEDALG); } break; @@ -939,10 +928,7 @@ process_key(const cfg_obj_t *key, dns_keytable_t *secroots, isc_buffer_constinit(&b, namestr, strlen(namestr)); isc_buffer_add(&b, strlen(namestr)); keyname = dns_fixedname_initname(&fkeyname); - result = dns_name_fromtext(keyname, &b, dns_rootname, 0); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(dns_name_fromtext(keyname, &b, dns_rootname, 0)); break; case DST_R_UNSUPPORTEDALG: case DST_R_BADKEYTYPE: @@ -1159,8 +1145,7 @@ configure_view_dnsseckeys(dns_view_t *view, const cfg_obj_t *vconfig, isc_log_write(DNS_LOGCATEGORY_SECURITY, NAMED_LOGMODULE_SERVER, ISC_LOG_ERROR, "root key not loaded"); - result = ISC_R_FAILURE; - goto cleanup; + CLEANUP(ISC_R_FAILURE); } } @@ -1191,8 +1176,7 @@ configure_view_dnsseckeys(dns_view_t *view, const cfg_obj_t *vconfig, "managed-keys-directory '%s' " "is not writable", directory); - result = ISC_R_NOPERM; - goto cleanup; + CLEANUP(ISC_R_NOPERM); } } @@ -1303,20 +1287,12 @@ configure_order(dns_order_t *order, const cfg_obj_t *ent) { dns_orderopt_t mode = dns_order_none; const char *str; isc_buffer_t b; - isc_result_t result; bool addroot; - result = named_config_getclass(cfg_tuple_get(ent, "class"), - dns_rdataclass_any, &rdclass); - if (result != ISC_R_SUCCESS) { - return result; - } - - result = named_config_gettype(cfg_tuple_get(ent, "type"), - dns_rdatatype_any, &rdtype); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(named_config_getclass(cfg_tuple_get(ent, "class"), + dns_rdataclass_any, &rdclass)); + RETERR(named_config_gettype(cfg_tuple_get(ent, "type"), + dns_rdatatype_any, &rdtype)); obj = cfg_tuple_get(ent, "name"); if (cfg_obj_isstring(obj)) { @@ -1328,11 +1304,8 @@ configure_order(dns_order_t *order, const cfg_obj_t *ent) { isc_buffer_constinit(&b, str, strlen(str)); isc_buffer_add(&b, strlen(str)); dns_fixedname_init(&fixed); - result = dns_name_fromtext(dns_fixedname_name(&fixed), &b, dns_rootname, - 0); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(dns_name_fromtext(dns_fixedname_name(&fixed), &b, dns_rootname, + 0)); obj = cfg_tuple_get(ent, "ordering"); INSIST(cfg_obj_isstring(obj)); @@ -1367,19 +1340,14 @@ configure_order(dns_order_t *order, const cfg_obj_t *ent) { static isc_result_t configure_peer(const cfg_obj_t *cpeer, isc_mem_t *mctx, dns_peer_t **peerp) { isc_netaddr_t na; - dns_peer_t *peer; - const cfg_obj_t *obj; - const char *str; - isc_result_t result; + dns_peer_t *peer = NULL; + const cfg_obj_t *obj = NULL; + isc_result_t result = ISC_R_SUCCESS; unsigned int prefixlen; cfg_obj_asnetprefix(cfg_map_getname(cpeer), &na, &prefixlen); - peer = NULL; - result = dns_peer_newprefix(mctx, &na, prefixlen, &peer); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(dns_peer_newprefix(mctx, &na, prefixlen, &peer)); obj = NULL; (void)cfg_map_get(cpeer, "bogus", &obj); @@ -1513,7 +1481,7 @@ configure_peer(const cfg_obj_t *cpeer, isc_mem_t *mctx, dns_peer_t **peerp) { obj = NULL; (void)cfg_map_get(cpeer, "transfer-format", &obj); if (obj != NULL) { - str = cfg_obj_asstring(obj); + const char *str = cfg_obj_asstring(obj); if (strcasecmp(str, "many-answers") == 0) { CHECK(dns_peer_settransferformat(peer, dns_many_answers)); @@ -1527,10 +1495,7 @@ configure_peer(const cfg_obj_t *cpeer, isc_mem_t *mctx, dns_peer_t **peerp) { obj = NULL; (void)cfg_map_get(cpeer, "keys", &obj); if (obj != NULL) { - result = dns_peer_setkeybycharp(peer, cfg_obj_asstring(obj)); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(dns_peer_setkeybycharp(peer, cfg_obj_asstring(obj))); } obj = NULL; @@ -1540,11 +1505,8 @@ configure_peer(const cfg_obj_t *cpeer, isc_mem_t *mctx, dns_peer_t **peerp) { (void)cfg_map_get(cpeer, "transfer-source-v6", &obj); } if (obj != NULL) { - result = dns_peer_settransfersource(peer, - cfg_obj_assockaddr(obj)); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(dns_peer_settransfersource(peer, + cfg_obj_assockaddr(obj))); } obj = NULL; @@ -1554,11 +1516,7 @@ configure_peer(const cfg_obj_t *cpeer, isc_mem_t *mctx, dns_peer_t **peerp) { (void)cfg_map_get(cpeer, "notify-source-v6", &obj); } if (obj != NULL) { - result = dns_peer_setnotifysource(peer, - cfg_obj_assockaddr(obj)); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(dns_peer_setnotifysource(peer, cfg_obj_assockaddr(obj))); } obj = NULL; @@ -1569,10 +1527,7 @@ configure_peer(const cfg_obj_t *cpeer, isc_mem_t *mctx, dns_peer_t **peerp) { } if (obj != NULL) { INSIST(cfg_obj_issockaddr(obj)); - result = dns_peer_setquerysource(peer, cfg_obj_assockaddr(obj)); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(dns_peer_setquerysource(peer, cfg_obj_assockaddr(obj))); } *peerp = peer; @@ -1719,7 +1674,7 @@ check_dbtype(dns_zone_t *zone, unsigned int dbtypec, const char **dbargv, */ for (i = 0; i < dbtypec; i++) { if (argv[i] == NULL || strcmp(argv[i], dbargv[i]) != 0) { - CHECK(ISC_R_FAILURE); + CLEANUP(ISC_R_FAILURE); } } @@ -1818,12 +1773,9 @@ static isc_result_t dlzconfigure_callback(dns_view_t *view, dns_dlzdb_t *dlzdb, dns_zone_t *zone) { dns_name_t *origin = dns_zone_getorigin(zone); dns_rdataclass_t zclass = view->rdclass; - isc_result_t result; - result = dns_zonemgr_managezone(named_g_server->zonemgr, zone); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(dns_zonemgr_managezone(named_g_server->zonemgr, zone)); + dns_zone_setstats(zone, named_g_server->zonestats); return named_zone_configure_writeable_dlz(dlzdb, zone, zclass, origin); @@ -2004,10 +1956,8 @@ configure_rpz_zone(dns_view_t *view, const cfg_listelt_t *element, } str = cfg_obj_asstring(cfg_tuple_get(rpz_obj, "zone name")); - result = configure_rpz_name(view, rpz_obj, &zone->origin, str, "zone"); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(configure_rpz_name(view, rpz_obj, &zone->origin, str, "zone")); + if (dns_name_equal(&zone->origin, dns_rootname)) { cfg_obj_log(rpz_obj, DNS_RPZ_ERROR_LEVEL, "invalid zone name '%s'", str); @@ -2027,47 +1977,20 @@ configure_rpz_zone(dns_view_t *view, const cfg_listelt_t *element, *old_rpz_okp = false; } - result = configure_rpz_name2(view, rpz_obj, &zone->client_ip, - DNS_RPZ_CLIENT_IP_ZONE, &zone->origin); - if (result != ISC_R_SUCCESS) { - return result; - } - - result = configure_rpz_name2(view, rpz_obj, &zone->ip, DNS_RPZ_IP_ZONE, - &zone->origin); - if (result != ISC_R_SUCCESS) { - return result; - } - - result = configure_rpz_name2(view, rpz_obj, &zone->nsdname, - DNS_RPZ_NSDNAME_ZONE, &zone->origin); - if (result != ISC_R_SUCCESS) { - return result; - } - - result = configure_rpz_name2(view, rpz_obj, &zone->nsip, - DNS_RPZ_NSIP_ZONE, &zone->origin); - if (result != ISC_R_SUCCESS) { - return result; - } - - result = configure_rpz_name(view, rpz_obj, &zone->passthru, - DNS_RPZ_PASSTHRU_NAME, "name"); - if (result != ISC_R_SUCCESS) { - return result; - } - - result = configure_rpz_name(view, rpz_obj, &zone->drop, - DNS_RPZ_DROP_NAME, "name"); - if (result != ISC_R_SUCCESS) { - return result; - } - - result = configure_rpz_name(view, rpz_obj, &zone->tcp_only, - DNS_RPZ_TCP_ONLY_NAME, "name"); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(configure_rpz_name2(view, rpz_obj, &zone->client_ip, + DNS_RPZ_CLIENT_IP_ZONE, &zone->origin)); + RETERR(configure_rpz_name2(view, rpz_obj, &zone->ip, DNS_RPZ_IP_ZONE, + &zone->origin)); + RETERR(configure_rpz_name2(view, rpz_obj, &zone->nsdname, + DNS_RPZ_NSDNAME_ZONE, &zone->origin)); + RETERR(configure_rpz_name2(view, rpz_obj, &zone->nsip, + DNS_RPZ_NSIP_ZONE, &zone->origin)); + RETERR(configure_rpz_name(view, rpz_obj, &zone->passthru, + DNS_RPZ_PASSTHRU_NAME, "name")); + RETERR(configure_rpz_name(view, rpz_obj, &zone->drop, DNS_RPZ_DROP_NAME, + "name")); + RETERR(configure_rpz_name(view, rpz_obj, &zone->tcp_only, + DNS_RPZ_TCP_ONLY_NAME, "name")); obj = cfg_tuple_get(rpz_obj, "policy"); if (cfg_obj_isvoid(obj)) { @@ -2078,11 +2001,8 @@ configure_rpz_zone(dns_view_t *view, const cfg_listelt_t *element, INSIST(zone->policy != DNS_RPZ_POLICY_ERROR); if (zone->policy == DNS_RPZ_POLICY_CNAME) { str = cfg_obj_asstring(cfg_tuple_get(obj, "cname")); - result = configure_rpz_name(view, rpz_obj, &zone->cname, - str, "cname"); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(configure_rpz_name(view, rpz_obj, &zone->cname, + str, "cname")); } } if (*old_rpz_okp && (zone->policy != old->policy || @@ -2130,7 +2050,7 @@ configure_rpz(dns_view_t *view, dns_view_t *pview, const cfg_obj_t *rpz_obj, const dns_rpz_zones_t *old = NULL; bool pview_must_detach = false; const dns_rpz_zone_t *old_zone = NULL; - isc_result_t result; + isc_result_t result = ISC_R_SUCCESS; *old_rpz_okp = false; @@ -2153,10 +2073,7 @@ configure_rpz(dns_view_t *view, dns_view_t *pview, const cfg_obj_t *rpz_obj, } nsdname_on = nsdname_enabled ? DNS_RPZ_ALL_ZBITS : 0; - result = dns_rpz_new_zones(view, &view->rpzs, first_time); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(dns_rpz_new_zones(view, &view->rpzs, first_time)); zones = view->rpzs; @@ -2451,7 +2368,7 @@ catz_addmodzone_cb(void *arg) { } CHECK(cfg_map_get(zoneconf, "zone", &zlist)); if (!cfg_obj_islist(zlist)) { - CHECK(ISC_R_FAILURE); + CLEANUP(ISC_R_FAILURE); } /* For now we only support adding one zone at a time */ @@ -2661,11 +2578,10 @@ static void catz_changeview(dns_catz_entry_t *entry, void *arg1, void *arg2) { dns_view_t *pview = arg1; dns_view_t *view = arg2; - dns_zone_t *zone = NULL; + isc_result_t result = dns_view_findzone( pview, dns_catz_entry_getname(entry), DNS_ZTFIND_EXACT, &zone); - if (result != ISC_R_SUCCESS) { return; } @@ -2721,7 +2637,7 @@ catz_reconfigure(dns_catz_entry_t *entry, void *arg1, void *arg2) { CHECK(cfg_map_get(zoneconf, "zone", &zlist)); if (!cfg_obj_islist(zlist)) { - CHECK(ISC_R_FAILURE); + CLEANUP(ISC_R_FAILURE); } zoneobj = cfg_listelt_value(cfg_list_first(zlist)); @@ -2966,10 +2882,7 @@ configure_rrl(dns_view_t *view, const cfg_obj_t *config, const cfg_obj_t *map, min_entries = 1; } } - result = dns_rrl_init(&rrl, view, min_entries); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(dns_rrl_init(&rrl, view, min_entries)); i = ISC_MAX(20000, min_entries); obj = NULL; @@ -3868,8 +3781,7 @@ configure_view(dns_view_t *view, dns_viewlist_t *viewlist, cfg_obj_t *config, "rpz '%s' is not a primary or a " "secondary zone", namebuf); - result = ISC_R_NOTFOUND; - goto cleanup; + CLEANUP(ISC_R_NOTFOUND); } } } @@ -3927,11 +3839,8 @@ configure_view(dns_view_t *view, dns_viewlist_t *viewlist, cfg_obj_t *config, (void)cfg_map_get(dlz, "search", &search); if (search == NULL || cfg_obj_asboolean(search)) { dlzdb->search = true; - result = dns_dlzconfigure( - view, dlzdb, dlzconfigure_callback); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(dns_dlzconfigure(view, dlzdb, + dlzconfigure_callback)); ISC_LIST_APPEND(view->dlz_searched, dlzdb, link); } else { @@ -4101,35 +4010,23 @@ configure_view(dns_view_t *view, dns_viewlist_t *viewlist, cfg_obj_t *config, obj = NULL; (void)cfg_map_get(map, "clients", &obj); if (obj != NULL) { - result = cfg_acl_fromconfig(obj, config, aclctx, - mctx, 0, &clients); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(cfg_acl_fromconfig(obj, config, aclctx, + mctx, 0, &clients)); } obj = NULL; (void)cfg_map_get(map, "mapped", &obj); if (obj != NULL) { - result = cfg_acl_fromconfig(obj, config, aclctx, - mctx, 0, &mapped); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(cfg_acl_fromconfig(obj, config, aclctx, + mctx, 0, &mapped)); } obj = NULL; (void)cfg_map_get(map, "exclude", &obj); if (obj != NULL) { - result = cfg_acl_fromconfig(obj, config, aclctx, - mctx, 0, &excluded); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(cfg_acl_fromconfig(obj, config, aclctx, + mctx, 0, &excluded)); } else { if (named_g_mapped == NULL) { - result = create_mapped_acl(); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(create_mapped_acl()); } dns_acl_attach(named_g_mapped, &excluded); } @@ -4151,11 +4048,8 @@ configure_view(dns_view_t *view, dns_viewlist_t *viewlist, cfg_obj_t *config, &dns64); dns_dns64_append(&view->dns64, dns64); view->dns64cnt++; - result = dns64_reverse(view, mctx, &na, prefixlen, - server, contact); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(dns64_reverse(view, mctx, &na, prefixlen, server, + contact)); if (clients != NULL) { dns_acl_detach(&clients); } @@ -4416,8 +4310,7 @@ configure_view(dns_view_t *view, dns_viewlist_t *viewlist, cfg_obj_t *config, if (dispatch4 == NULL && dispatch6 == NULL) { UNEXPECTED_ERROR("unable to obtain either an IPv4 or" " an IPv6 dispatch"); - result = ISC_R_UNEXPECTED; - goto cleanup; + CLEANUP(ISC_R_UNEXPECTED); } CHECK(dns_view_createresolver(view, resopts, tlsctx_client_cache, @@ -5427,10 +5320,7 @@ configure_view(dns_view_t *view, dns_viewlist_t *viewlist, cfg_obj_t *config, obj = NULL; result = named_config_get(maps, "rate-limit", &obj); if (result == ISC_R_SUCCESS) { - result = configure_rrl(view, config, obj, aclctx); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(configure_rrl(view, config, obj, aclctx)); } /* @@ -5755,7 +5645,7 @@ configure_forward(const cfg_obj_t *config, dns_view_t *view, const cfg_obj_t *faddresses = NULL; dns_fwdpolicy_t fwdpolicy = dns_fwdpolicy_none; dns_forwarderlist_t fwdlist; - isc_result_t result; + isc_result_t result = ISC_R_SUCCESS; in_port_t port; in_port_t tls_port; const char *tls = NULL; @@ -5789,11 +5679,8 @@ configure_forward(const cfg_obj_t *config, dns_view_t *view, if (cfg_obj_isstring(tlspobj)) { tls = cfg_obj_asstring(tlspobj); if (tls != NULL) { - result = validate_tls(config, view, tlspobj, - tls, NULL); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(validate_tls(config, view, tlspobj, tls, + NULL)); } } } @@ -5869,8 +5756,6 @@ configure_forward(const cfg_obj_t *config, dns_view_t *view, dns_view_sfd_add(view, origin); } - result = ISC_R_SUCCESS; - cleanup: ISC_LIST_FOREACH(fwdlist, fwd, link) { @@ -5908,7 +5793,7 @@ get_viewinfo(const cfg_obj_t *vconfig, const char **namep, NAMED_LOGMODULE_SERVER, ISC_LOG_ERROR, "view '%s': class must not be meta", viewname); - CHECK(ISC_R_FAILURE); + CLEANUP(ISC_R_FAILURE); } } else { viewname = "_default"; @@ -5930,20 +5815,12 @@ cleanup: static isc_result_t find_view(const cfg_obj_t *vconfig, dns_viewlist_t *viewlist, dns_view_t **viewp) { - isc_result_t result; const char *viewname = NULL; dns_rdataclass_t viewclass; dns_view_t *view = NULL; - result = get_viewinfo(vconfig, &viewname, &viewclass); - if (result != ISC_R_SUCCESS) { - return result; - } - - result = dns_viewlist_find(viewlist, viewname, viewclass, &view); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(get_viewinfo(vconfig, &viewname, &viewclass)); + RETERR(dns_viewlist_find(viewlist, viewname, viewclass, &view)); *viewp = view; return ISC_R_SUCCESS; @@ -5964,10 +5841,7 @@ create_view(const cfg_obj_t *vconfig, dns_viewlist_t *viewlist, dns_rdataclass_t viewclass; dns_view_t *view = NULL; - result = get_viewinfo(vconfig, &viewname, &viewclass); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(get_viewinfo(vconfig, &viewname, &viewclass)); result = dns_viewlist_find(viewlist, viewname, viewclass, &view); if (result == ISC_R_SUCCESS) { @@ -6089,8 +5963,7 @@ configure_zone(const cfg_obj_t *config, const cfg_obj_t *zconfig, ISC_LOG_ERROR, "zone '%s': wrong class for view '%s'", zname, vname); - result = ISC_R_FAILURE; - goto cleanup; + CLEANUP(ISC_R_FAILURE); } (void)cfg_map_get(zoptions, "in-view", &viewobj); @@ -6102,8 +5975,7 @@ configure_zone(const cfg_obj_t *config, const cfg_obj_t *zconfig, cfg_obj_log(zconfig, ISC_LOG_ERROR, "'in-view' option is not permitted in " "dynamically added zones"); - result = ISC_R_FAILURE; - goto cleanup; + CLEANUP(ISC_R_FAILURE); } result = dns_viewlist_find(viewlist, inview, view->rdclass, @@ -6111,8 +5983,7 @@ configure_zone(const cfg_obj_t *config, const cfg_obj_t *zconfig, if (result != ISC_R_SUCCESS) { cfg_obj_log(zconfig, ISC_LOG_ERROR, "view '%s' is not yet defined.", inview); - result = ISC_R_FAILURE; - goto cleanup; + CLEANUP(ISC_R_FAILURE); } result = dns_view_findzone(otherview, origin, DNS_ZTFIND_EXACT, @@ -6122,8 +5993,7 @@ configure_zone(const cfg_obj_t *config, const cfg_obj_t *zconfig, cfg_obj_log(zconfig, ISC_LOG_ERROR, "zone '%s' not defined in view '%s'", zname, inview); - result = ISC_R_FAILURE; - goto cleanup; + CLEANUP(ISC_R_FAILURE); } CHECK(dns_view_addzone(view, zone)); @@ -6150,8 +6020,7 @@ configure_zone(const cfg_obj_t *config, const cfg_obj_t *zconfig, if (typeobj == NULL) { cfg_obj_log(zconfig, ISC_LOG_ERROR, "zone '%s' 'type' not specified", zname); - result = ISC_R_FAILURE; - goto cleanup; + CLEANUP(ISC_R_FAILURE); } ztypestr = cfg_obj_asstring(typeobj); @@ -6167,8 +6036,7 @@ configure_zone(const cfg_obj_t *config, const cfg_obj_t *zconfig, isc_log_write(NAMED_LOGCATEGORY_GENERAL, NAMED_LOGMODULE_SERVER, ISC_LOG_ERROR, "zone '%s': 'file' not specified", zname); - result = ISC_R_FAILURE; - goto cleanup; + CLEANUP(ISC_R_FAILURE); } if (dns_name_equal(origin, dns_rootname)) { const char *hintsfile = cfg_obj_asstring(fileobj); @@ -6209,8 +6077,7 @@ configure_zone(const cfg_obj_t *config, const cfg_obj_t *zconfig, if (view->redirect != NULL) { cfg_obj_log(zconfig, ISC_LOG_ERROR, "redirect zone already exists"); - result = ISC_R_EXISTS; - goto cleanup; + CLEANUP(ISC_R_EXISTS); } result = dns_viewlist_find(viewlist, view->name, view->rdclass, &pview); @@ -6249,8 +6116,7 @@ configure_zone(const cfg_obj_t *config, const cfg_obj_t *zconfig, cfg_obj_log(zconfig, ISC_LOG_ERROR, "zone '%s' already exists", zname); dns_zone_detach(&dupzone); - result = ISC_R_EXISTS; - goto cleanup; + CLEANUP(ISC_R_EXISTS); } INSIST(dupzone == NULL); } @@ -6943,11 +6809,8 @@ generate_session_key(const char *filename, const char *keynamestr, ISC_LOG_INFO, "generating session key for dynamic DNS"); /* generate key */ - result = dst_key_generate(keyname, alg, bits, 1, 0, DNS_KEYPROTO_ANY, - dns_rdataclass_in, NULL, mctx, &key, NULL); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(dst_key_generate(keyname, alg, bits, 1, 0, DNS_KEYPROTO_ANY, + dns_rdataclass_in, NULL, mctx, &key, NULL)); /* * Dump the key to the buffer for later use. @@ -6964,8 +6827,7 @@ generate_session_key(const char *filename, const char *keynamestr, if (fp == NULL) { isc_log_write(NAMED_LOGCATEGORY_GENERAL, NAMED_LOGMODULE_SERVER, ISC_LOG_ERROR, "could not create %s", filename); - result = ISC_R_NOPERM; - goto cleanup; + CLEANUP(ISC_R_NOPERM); } fprintf(fp, @@ -6977,10 +6839,7 @@ generate_session_key(const char *filename, const char *keynamestr, (char *)isc_buffer_base(&key_txtbuffer)); CHECK(isc_stdio_flush(fp)); - result = isc_stdio_close(fp); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(isc_stdio_close(fp)); *keyp = key; return ISC_R_SUCCESS; @@ -7035,10 +6894,7 @@ configure_session_key(const cfg_obj_t **maps, named_server_t *server, isc_buffer_constinit(&buffer, keynamestr, strlen(keynamestr)); isc_buffer_add(&buffer, strlen(keynamestr)); keyname = dns_fixedname_initname(&fname); - result = dns_name_fromtext(keyname, &buffer, dns_rootname, 0); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(dns_name_fromtext(keyname, &buffer, dns_rootname, 0)); obj = NULL; result = named_config_get(maps, "session-keyalg", &obj); @@ -7426,11 +7282,8 @@ data_to_cfg(dns_view_t *view, MDB_val *key, MDB_val *data, isc_buffer_t *text, INSIST(zone_config != NULL && zone_config_len > 0); /* zone zonename { config; }; */ - result = isc_buffer_reserve(text, 6 + zone_name_len + 2 + - zone_config_len + 2); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(isc_buffer_reserve(text, + 6 + zone_name_len + 2 + zone_config_len + 2)); CHECK(putstr(text, "zone \"")); CHECK(putmem(text, (const void *)zone_name, zone_name_len)); @@ -7729,10 +7582,7 @@ configure_views(cfg_obj_t *config, const cfg_obj_t *bindkeys, cfg_obj_t *vconfig = cfg_listelt_value(element); dns_view_t *view = NULL; - result = find_view(vconfig, viewlist, &view); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(find_view(vconfig, viewlist, &view)); result = configure_view(view, viewlist, config, vconfig, cachelist, &server->cachelist, kasplist, @@ -7759,10 +7609,7 @@ configure_views(cfg_obj_t *config, const cfg_obj_t *bindkeys, */ if (explicitviews == false) { dns_view_t *view = NULL; - result = find_view(NULL, viewlist, &view); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(find_view(NULL, viewlist, &view)); result = configure_view(view, viewlist, config, NULL, cachelist, &server->cachelist, kasplist, bindkeys, isc_g_mctx, aclctx, tlsctx_client_cache, @@ -7809,10 +7656,7 @@ configure_keystores(const cfg_obj_t *config, dns_keystorelist_t *keystorelist) { /* * Create the built-in key store ("key-directory"). */ - result = cfg_keystore_fromconfig(NULL, isc_g_mctx, keystorelist, NULL); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(cfg_keystore_fromconfig(NULL, isc_g_mctx, keystorelist, NULL)); /* * Create the DNSSEC key stores. @@ -7822,11 +7666,8 @@ configure_keystores(const cfg_obj_t *config, dns_keystorelist_t *keystorelist) { CFG_LIST_FOREACH(keystores, element) { cfg_obj_t *kconfig = cfg_listelt_value(element); - result = cfg_keystore_fromconfig(kconfig, isc_g_mctx, - keystorelist, NULL); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(cfg_keystore_fromconfig(kconfig, isc_g_mctx, + keystorelist, NULL)); } return result; @@ -7852,13 +7693,9 @@ configure_kasplist(const cfg_obj_t *config, dns_kasplist_t *kasplist, cfg_obj_t *kconfig = cfg_listelt_value(element); dns_kasp_t *kasp = NULL; - result = cfg_kasp_fromconfig(kconfig, default_kasp, kaspopts, - isc_g_mctx, keystorelist, kasplist, - &kasp); - if (result != ISC_R_SUCCESS) { - return result; - } - + RETERR(cfg_kasp_fromconfig(kconfig, default_kasp, kaspopts, + isc_g_mctx, keystorelist, kasplist, + &kasp)); INSIST(kasp != NULL); dns_kasp_freeze(kasp); @@ -10155,7 +9992,7 @@ cleanup: isc_result_t named_server_retransfercommand(named_server_t *server, isc_lex_t *lex, isc_buffer_t *text) { - isc_result_t result; + isc_result_t result = ISC_R_SUCCESS; const char *arg = NULL; dns_zone_t *zone = NULL; dns_zone_t *raw = NULL; @@ -10173,10 +10010,8 @@ named_server_retransfercommand(named_server_t *server, isc_lex_t *lex, arg = next_token(lex, text); } - result = zone_from_args(server, lex, arg, &zone, NULL, text, false); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(zone_from_args(server, lex, arg, &zone, NULL, text, false)); + if (zone == NULL) { return ISC_R_UNEXPECTEDEND; } @@ -10218,17 +10053,15 @@ named_server_retransfercommand(named_server_t *server, isc_lex_t *lex, isc_result_t named_server_reloadcommand(named_server_t *server, isc_lex_t *lex, isc_buffer_t *text) { - isc_result_t result; + isc_result_t result = ISC_R_SUCCESS; dns_zone_t *zone = NULL; dns_zonetype_t type; const char *msg = NULL; REQUIRE(text != NULL); - result = zone_from_args(server, lex, NULL, &zone, NULL, text, true); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(zone_from_args(server, lex, NULL, &zone, NULL, text, true)); + if (zone == NULL) { result = reload(server); switch (result) { @@ -10381,16 +10214,13 @@ cleanup: isc_result_t named_server_notifycommand(named_server_t *server, isc_lex_t *lex, isc_buffer_t *text) { - isc_result_t result; dns_zone_t *zone = NULL; const char msg[] = "zone notify queued"; REQUIRE(text != NULL); - result = zone_from_args(server, lex, NULL, &zone, NULL, text, true); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(zone_from_args(server, lex, NULL, &zone, NULL, text, true)); + if (zone == NULL) { return ISC_R_UNEXPECTEDEND; } @@ -10409,7 +10239,6 @@ named_server_notifycommand(named_server_t *server, isc_lex_t *lex, isc_result_t named_server_refreshcommand(named_server_t *server, isc_lex_t *lex, isc_buffer_t *text) { - isc_result_t result; dns_zone_t *zone = NULL, *raw = NULL; const char msg1[] = "zone refresh queued"; const char msg2[] = "not a secondary, mirror, or stub zone"; @@ -10417,10 +10246,8 @@ named_server_refreshcommand(named_server_t *server, isc_lex_t *lex, REQUIRE(text != NULL); - result = zone_from_args(server, lex, NULL, &zone, NULL, text, true); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(zone_from_args(server, lex, NULL, &zone, NULL, text, true)); + if (zone == NULL) { return ISC_R_UNEXPECTEDEND; } @@ -10495,24 +10322,18 @@ listenlist_fromconfig(const cfg_obj_t *listenlist, const cfg_obj_t *config, cfg_aclconfctx_t *aclctx, isc_mem_t *mctx, uint16_t family, isc_tlsctx_cache_t *tlsctx_cache, ns_listenlist_t **target) { - isc_result_t result; + isc_result_t result = ISC_R_SUCCESS; ns_listenlist_t *dlist = NULL; REQUIRE(target != NULL && *target == NULL); - result = ns_listenlist_create(mctx, &dlist); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(ns_listenlist_create(mctx, &dlist)); CFG_LIST_FOREACH(listenlist, element) { ns_listenelt_t *delt = NULL; const cfg_obj_t *listener = cfg_listelt_value(element); - result = listenelt_fromconfig(listener, config, aclctx, mctx, - family, tlsctx_cache, &delt); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(listenelt_fromconfig(listener, config, aclctx, mctx, + family, tlsctx_cache, &delt)); ISC_LIST_APPEND(dlist->elts, delt, link); } *target = dlist; @@ -10557,7 +10378,7 @@ listenelt_fromconfig(const cfg_obj_t *listener, const cfg_obj_t *config, cfg_aclconfctx_t *aclctx, isc_mem_t *mctx, uint16_t family, isc_tlsctx_cache_t *tlsctx_cache, ns_listenelt_t **target) { - isc_result_t result; + isc_result_t result = ISC_R_SUCCESS; const cfg_obj_t *ltup = NULL; const cfg_obj_t *tlsobj = NULL, *httpobj = NULL; const cfg_obj_t *portobj = NULL; @@ -10720,41 +10541,29 @@ listenelt_fromconfig(const cfg_obj_t *listener, const cfg_obj_t *config, if (named_g_httpsport != 0) { port = named_g_httpsport; } else { - result = named_config_getport( - config, "https-port", &port); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(named_config_getport( + config, "https-port", &port)); } } else if (http && !do_tls) { if (named_g_httpport != 0) { port = named_g_httpport; } else { - result = named_config_getport( - config, "http-port", &port); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(named_config_getport(config, "http-port", + &port)); } } else if (do_tls) { if (named_g_tlsport != 0) { port = named_g_tlsport; } else { - result = named_config_getport( - config, "tls-port", &port); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(named_config_getport(config, "tls-port", + &port)); } } else { if (named_g_port != 0) { port = named_g_port; } else { - result = named_config_getport(config, "port", - &port); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(named_config_getport(config, "port", + &port)); } } } else { @@ -11629,11 +11438,11 @@ named_server_flushcache(named_server_t *server, isc_lex_t *lex) { isc_result_t named_server_flushnode(named_server_t *server, isc_lex_t *lex, bool tree) { - char *ptr, *viewname; + char *ptr = NULL, *viewname = NULL; char target[DNS_NAME_FORMATSIZE]; bool flushed; bool found; - isc_result_t result; + isc_result_t result = ISC_R_SUCCESS; isc_buffer_t b; dns_fixedname_t fixed; dns_name_t *name = NULL; @@ -11654,10 +11463,7 @@ named_server_flushnode(named_server_t *server, isc_lex_t *lex, bool tree) { isc_buffer_constinit(&b, target, strlen(target)); isc_buffer_add(&b, strlen(target)); name = dns_fixedname_initname(&fixed); - result = dns_name_fromtext(name, &b, dns_rootname, 0); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(dns_name_fromtext(name, &b, dns_rootname, 0)); /* Look for the view name. */ viewname = next_token(lex, NULL); @@ -11901,11 +11707,11 @@ cleanup: */ isc_result_t named_server_rekey(named_server_t *server, isc_lex_t *lex, isc_buffer_t *text) { - isc_result_t result; + isc_result_t result = ISC_R_SUCCESS; dns_zone_t *zone = NULL; dns_zonetype_t type; bool fullsign = false; - char *ptr; + char *ptr = NULL; REQUIRE(text != NULL); @@ -11920,10 +11726,8 @@ named_server_rekey(named_server_t *server, isc_lex_t *lex, isc_buffer_t *text) { REQUIRE(text != NULL); - result = zone_from_args(server, lex, NULL, &zone, NULL, text, false); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(zone_from_args(server, lex, NULL, &zone, NULL, text, false)); + if (zone == NULL) { return ISC_R_UNEXPECTEDEND; /* XXX: or do all zones? */ } @@ -11979,7 +11783,7 @@ synczone(dns_zone_t *zone, void *uap) { isc_result_t named_server_sync(named_server_t *server, isc_lex_t *lex, isc_buffer_t *text) { - isc_result_t result, tresult; + isc_result_t result = ISC_R_SUCCESS, tresult; dns_zone_t *zone = NULL; char classstr[DNS_RDATACLASS_FORMATSIZE]; char zonename[DNS_NAME_FORMATSIZE]; @@ -12000,10 +11804,7 @@ named_server_sync(named_server_t *server, isc_lex_t *lex, isc_buffer_t *text) { REQUIRE(text != NULL); - result = zone_from_args(server, lex, arg, &zone, NULL, text, false); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(zone_from_args(server, lex, arg, &zone, NULL, text, false)); if (zone == NULL) { isc_loopmgr_pause(); @@ -12056,7 +11857,7 @@ named_server_sync(named_server_t *server, isc_lex_t *lex, isc_buffer_t *text) { isc_result_t named_server_freeze(named_server_t *server, bool freeze, isc_lex_t *lex, isc_buffer_t *text) { - isc_result_t result, tresult; + isc_result_t result = ISC_R_SUCCESS; dns_zone_t *mayberaw = NULL, *raw = NULL; dns_zonetype_t type; char classstr[DNS_RDATACLASS_FORMATSIZE]; @@ -12067,26 +11868,24 @@ named_server_freeze(named_server_t *server, bool freeze, isc_lex_t *lex, REQUIRE(text != NULL); - result = zone_from_args(server, lex, NULL, &mayberaw, NULL, text, true); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(zone_from_args(server, lex, NULL, &mayberaw, NULL, text, true)); + if (mayberaw == NULL) { + isc_result_t tresult = ISC_R_SUCCESS; isc_loopmgr_pause(); - tresult = ISC_R_SUCCESS; ISC_LIST_FOREACH(server->viewlist, view, link) { - result = dns_view_freezezones(view, freeze); - if (result != ISC_R_SUCCESS && tresult == ISC_R_SUCCESS) + tresult = dns_view_freezezones(view, freeze); + if (tresult != ISC_R_SUCCESS && result == ISC_R_SUCCESS) { - tresult = result; + result = tresult; } } isc_loopmgr_resume(); isc_log_write(NAMED_LOGCATEGORY_GENERAL, NAMED_LOGMODULE_SERVER, ISC_LOG_INFO, "%s all zones: %s", freeze ? "freezing" : "thawing", - isc_result_totext(tresult)); - return tresult; + isc_result_totext(result)); + return result; } dns_zone_getraw(mayberaw, &raw); if (raw != NULL) { @@ -12286,7 +12085,7 @@ nzf_writeconf(const cfg_obj_t *config, dns_view_t *view) { cfg_map_get(config, "zone", &zl); if (!cfg_obj_islist(zl)) { - CHECK(ISC_R_FAILURE); + CLEANUP(ISC_R_FAILURE); } list = UNCONST(&zl->value.list); @@ -12393,8 +12192,7 @@ nzd_save(MDB_txn **txnp, MDB_dbi dbi, dns_zone_t *zone, "Error deleting zone %s " "from NZD database: %s", namebuf, mdb_strerror(status)); - result = ISC_R_FAILURE; - goto cleanup; + CLEANUP(ISC_R_FAILURE); } else if (status != MDB_NOTFOUND) { commit = true; } @@ -12408,8 +12206,7 @@ nzd_save(MDB_txn **txnp, MDB_dbi dbi, dns_zone_t *zone, NAMED_LOGMODULE_SERVER, ISC_LOG_ERROR, "Unable to get options from config in " "nzd_save()"); - result = ISC_R_FAILURE; - goto cleanup; + CLEANUP(ISC_R_FAILURE); } dzarg.magic = DZARG_MAGIC; @@ -12422,8 +12219,7 @@ nzd_save(MDB_txn **txnp, MDB_dbi dbi, dns_zone_t *zone, "Error writing zone config to " "buffer in nzd_save(): %s", isc_result_totext(dzarg.result)); - result = dzarg.result; - goto cleanup; + CHECK(dzarg.result); } data.mv_data = isc_buffer_base(text); @@ -12436,8 +12232,7 @@ nzd_save(MDB_txn **txnp, MDB_dbi dbi, dns_zone_t *zone, "Error inserting zone in " "NZD database: %s", mdb_strerror(status)); - result = ISC_R_FAILURE; - goto cleanup; + CLEANUP(ISC_R_FAILURE); } commit = true; @@ -12599,7 +12394,7 @@ nzd_env_reopen(dns_view_t *view) { isc_log_write(DNS_LOGCATEGORY_GENERAL, ISC_LOGMODULE_OTHER, ISC_LOG_ERROR, "mdb_env_create failed: %s", mdb_strerror(status)); - CHECK(ISC_R_FAILURE); + CLEANUP(ISC_R_FAILURE); } if (view->newzone.mapsize != 0ULL) { @@ -12609,7 +12404,7 @@ nzd_env_reopen(dns_view_t *view) { ISC_LOGMODULE_OTHER, ISC_LOG_ERROR, "mdb_env_set_mapsize failed: %s", mdb_strerror(status)); - CHECK(ISC_R_FAILURE); + CLEANUP(ISC_R_FAILURE); } } @@ -12618,7 +12413,7 @@ nzd_env_reopen(dns_view_t *view) { isc_log_write(DNS_LOGCATEGORY_GENERAL, ISC_LOGMODULE_OTHER, ISC_LOG_ERROR, "mdb_env_open of '%s' failed: %s", view->newzone.db, mdb_strerror(status)); - CHECK(ISC_R_FAILURE); + CLEANUP(ISC_R_FAILURE); } view->newzone.dbenv = env; @@ -12713,7 +12508,7 @@ load_nzf(dns_view_t *view) { zonelist = NULL; CHECK(cfg_map_get(nzf_config, "zone", &zonelist)); if (!cfg_obj_islist(zonelist)) { - CHECK(ISC_R_FAILURE); + CLEANUP(ISC_R_FAILURE); } CHECK(nzd_open(view, 0, &txn, &dbi)); @@ -12731,8 +12526,7 @@ load_nzf(dns_view_t *view) { origin = cfg_obj_asstring(cfg_tuple_get(zconfig, "name")); if (origin == NULL) { - result = ISC_R_FAILURE; - goto cleanup; + CLEANUP(ISC_R_FAILURE); } /* Normalize zone name */ @@ -12748,8 +12542,7 @@ load_nzf(dns_view_t *view) { zoptions = cfg_tuple_get(zconfig, "options"); if (zoptions == NULL) { - result = ISC_R_FAILURE; - goto cleanup; + CLEANUP(ISC_R_FAILURE); } isc_buffer_clear(text); @@ -12763,8 +12556,7 @@ load_nzf(dns_view_t *view) { "Error writing zone config to " "buffer in load_nzf(): %s", isc_result_totext(result)); - result = dzarg.result; - goto cleanup; + CHECK(dzarg.result); } data.mv_data = isc_buffer_base(text); @@ -12777,8 +12569,7 @@ load_nzf(dns_view_t *view) { "Error inserting zone in " "NZD database: %s", mdb_strerror(status)); - result = ISC_R_FAILURE; - goto cleanup; + CLEANUP(ISC_R_FAILURE); } commit = true; @@ -12861,7 +12652,7 @@ newzone_parse(named_server_t *server, char *command, dns_view_t **viewp, CHECK(cfg_map_get(zoneconf, "zone", &zlist)); if (!cfg_obj_islist(zlist)) { - CHECK(ISC_R_FAILURE); + CLEANUP(ISC_R_FAILURE); } /* For now we only support adding one zone at a time */ @@ -12877,14 +12668,14 @@ newzone_parse(named_server_t *server, char *command, dns_view_t **viewp, if (obj != NULL) { (void)putstr(text, "'in-view' zones not supported by "); (void)putstr(text, bn); - CHECK(ISC_R_FAILURE); + CLEANUP(ISC_R_FAILURE); } (void)cfg_map_get(zoptions, "template", &obj); if (obj == NULL) { (void)putstr(text, "no zone type or " "template specified"); - CHECK(ISC_R_FAILURE); + CLEANUP(ISC_R_FAILURE); } } @@ -12895,7 +12686,7 @@ newzone_parse(named_server_t *server, char *command, dns_view_t **viewp, (void)putstr(text, cfg_obj_asstring(obj)); (void)putstr(text, "' zones not supported by "); (void)putstr(text, bn); - CHECK(ISC_R_FAILURE); + CLEANUP(ISC_R_FAILURE); } if (strcasecmp(cfg_obj_asstring(obj), "redirect") == 0) { @@ -12957,7 +12748,7 @@ delete_zoneconf(dns_view_t *view, const cfg_obj_t *config, cfg_map_get(config, "zone", &zl); if (!cfg_obj_islist(zl)) { - CHECK(ISC_R_FAILURE); + CLEANUP(ISC_R_FAILURE); } cfg_list_t *list = UNCONST(&zl->value.list); @@ -13057,8 +12848,7 @@ do_addzone(named_server_t *server, dns_view_t *view, dns_name_t *name, TCHECK(putstr(text, "unable to open NZD database for '")); TCHECK(putstr(text, view->newzone.db)); TCHECK(putstr(text, "'")); - result = ISC_R_FAILURE; - goto cleanup; + CLEANUP(ISC_R_FAILURE); } #endif /* HAVE_LMDB */ @@ -13094,7 +12884,7 @@ do_addzone(named_server_t *server, dns_view_t *view, dns_name_t *name, /* Is it there yet? */ if (redirect) { if (view->redirect == NULL) { - CHECK(ISC_R_NOTFOUND); + CLEANUP(ISC_R_NOTFOUND); } dns_zone_attach(view->redirect, &zone); } else { @@ -13290,7 +13080,7 @@ do_modzone(named_server_t *server, dns_view_t *view, dns_name_t *name, /* Is it there yet? */ if (redirect) { if (view->redirect == NULL) { - CHECK(ISC_R_NOTFOUND); + CLEANUP(ISC_R_NOTFOUND); } dns_zone_attach(view->redirect, &zone); } else { @@ -13456,7 +13246,7 @@ named_server_changezone(named_server_t *server, char *command, (void)putstr(text, "Not allowing new zones in view '"); (void)putstr(text, view->name); (void)putstr(text, "'"); - CHECK(ISC_R_NOPERM); + CLEANUP(ISC_R_NOPERM); } zonename = cfg_obj_asstring(cfg_tuple_get(zoneobj, "name")); @@ -13470,7 +13260,7 @@ named_server_changezone(named_server_t *server, char *command, if (!dns_name_equal(dnsname, dns_rootname)) { (void)putstr(text, "redirect zones must be called " "\".\""); - CHECK(ISC_R_FAILURE); + CLEANUP(ISC_R_FAILURE); } } @@ -13719,8 +13509,7 @@ named_server_delzone(named_server_t *server, isc_lex_t *lex, CHECK(zone_from_args(server, lex, ptr, &zone, zonename, text, false)); if (zone == NULL) { - result = ISC_R_UNEXPECTEDEND; - goto cleanup; + CLEANUP(ISC_R_UNEXPECTEDEND); } INSIST(zonename != NULL); @@ -13731,8 +13520,7 @@ named_server_delzone(named_server_t *server, isc_lex_t *lex, TCHECK(putstr(text, zonename)); TCHECK(putstr(text, "' cannot be deleted: response-policy zone.")); - result = ISC_R_FAILURE; - goto cleanup; + CLEANUP(ISC_R_FAILURE); } view = dns_zone_getview(zone); @@ -13839,15 +13627,14 @@ named_server_showzone(named_server_t *server, isc_lex_t *lex, /* Parse parameters */ CHECK(zone_from_args(server, lex, NULL, &zone, zonename, text, true)); if (zone == NULL) { - result = ISC_R_UNEXPECTEDEND; - goto cleanup; + CLEANUP(ISC_R_UNEXPECTEDEND); } zconfig = dns_zone_getcfg(zone); dns_zone_detach(&zone); if (zconfig == NULL) { - CHECK(ISC_R_NOTFOUND); + CLEANUP(ISC_R_NOTFOUND); } CHECK(putstr(text, "zone ")); @@ -14036,12 +13823,12 @@ named_server_signing(named_server_t *server, isc_lex_t *lex, CHECK(isc_parse_uint32(&serial, ptr, 10)); setserial = true; } else { - CHECK(DNS_R_SYNTAX); + CLEANUP(DNS_R_SYNTAX); } CHECK(zone_from_args(server, lex, NULL, &zone, NULL, text, false)); if (zone == NULL) { - CHECK(ISC_R_UNEXPECTEDEND); + CLEANUP(ISC_R_UNEXPECTEDEND); } if (dns_zone_getkasp(zone) != NULL) { @@ -14203,7 +13990,7 @@ named_server_dnssec(named_server_t *server, isc_lex_t *lex, } else if (strcasecmp(ptr, "-step") == 0) { forcestep = true; } else { - CHECK(DNS_R_SYNTAX); + CLEANUP(DNS_R_SYNTAX); } if (status) { @@ -14231,13 +14018,13 @@ named_server_dnssec(named_server_t *server, isc_lex_t *lex, ptr = next_token(lex, text); if (ptr == NULL) { msg = "Bad format"; - CHECK(ISC_R_UNEXPECTEDEND); + CLEANUP(ISC_R_UNEXPECTEDEND); } else if (argcheck(ptr, "alg")) { isc_consttextregion_t alg; ptr = next_token(lex, text); if (ptr == NULL) { msg = "No key algorithm specified"; - CHECK(ISC_R_UNEXPECTEDEND); + CLEANUP(ISC_R_UNEXPECTEDEND); } alg.base = ptr; alg.length = strlen(alg.base); @@ -14245,7 +14032,7 @@ named_server_dnssec(named_server_t *server, isc_lex_t *lex, &algorithm, (isc_textregion_t *)&alg); if (result != ISC_R_SUCCESS) { msg = "Bad algorithm"; - CHECK(DNS_R_SYNTAX); + CLEANUP(DNS_R_SYNTAX); } continue; } else if (argcheck(ptr, "key")) { @@ -14253,7 +14040,7 @@ named_server_dnssec(named_server_t *server, isc_lex_t *lex, ptr = next_token(lex, text); if (ptr == NULL) { msg = "No key identifier specified"; - CHECK(ISC_R_UNEXPECTEDEND); + CLEANUP(ISC_R_UNEXPECTEDEND); } CHECK(isc_parse_uint16(&id, ptr, 10)); keyid = (dns_keytag_t)id; @@ -14264,14 +14051,14 @@ named_server_dnssec(named_server_t *server, isc_lex_t *lex, ptr = next_token(lex, text); if (ptr == NULL) { msg = "No time specified"; - CHECK(ISC_R_UNEXPECTEDEND); + CLEANUP(ISC_R_UNEXPECTEDEND); } CHECK(dns_time32_fromtext(ptr, &tw)); when = (isc_stdtime_t)tw; continue; } else if (ptr[0] == '-') { msg = "Unknown option"; - CHECK(DNS_R_SYNTAX); + CLEANUP(DNS_R_SYNTAX); } else if (checkds) { /* * No arguments provided, so we must be @@ -14280,7 +14067,7 @@ named_server_dnssec(named_server_t *server, isc_lex_t *lex, if (strcasecmp(ptr, "published") == 0) { dspublish = true; } else if (strcasecmp(ptr, "withdrawn") != 0) { - CHECK(DNS_R_SYNTAX); + CLEANUP(DNS_R_SYNTAX); } } else if (rollover) { /* @@ -14294,12 +14081,12 @@ named_server_dnssec(named_server_t *server, isc_lex_t *lex, if (rollover && !use_keyid) { msg = "Key id is required when scheduling rollover"; - CHECK(DNS_R_SYNTAX); + CLEANUP(DNS_R_SYNTAX); } if (algorithm > 0 && !use_keyid) { msg = "Key id is required when setting algorithm"; - CHECK(DNS_R_SYNTAX); + CLEANUP(DNS_R_SYNTAX); } } @@ -14307,14 +14094,14 @@ named_server_dnssec(named_server_t *server, isc_lex_t *lex, CHECK(zone_from_args(server, lex, zonetext, &zone, NULL, text, false)); if (zone == NULL) { msg = "Zone not found"; - CHECK(ISC_R_UNEXPECTEDEND); + CLEANUP(ISC_R_UNEXPECTEDEND); } /* Trailing garbage? */ ptr = next_token(lex, text); if (ptr != NULL) { msg = "Too many arguments"; - CHECK(DNS_R_SYNTAX); + CLEANUP(DNS_R_SYNTAX); } /* Get dnssec-policy. */ @@ -14551,8 +14338,7 @@ named_server_zonestatus(named_server_t *server, isc_lex_t *lex, CHECK(zone_from_args(server, lex, NULL, &zone, zonename, text, true)); if (zone == NULL) { - result = ISC_R_UNEXPECTEDEND; - goto cleanup; + CLEANUP(ISC_R_UNEXPECTEDEND); } /* Inline signing? */ @@ -14834,7 +14620,7 @@ named_server_nta(named_server_t *server, isc_lex_t *lex, bool readonly, ptr = next_token(lex, text); if (ptr == NULL) { msg = "No lifetime specified"; - CHECK(ISC_R_UNEXPECTEDEND); + CLEANUP(ISC_R_UNEXPECTEDEND); } tr.base = ptr; @@ -14847,7 +14633,7 @@ named_server_nta(named_server_t *server, isc_lex_t *lex, bool readonly, if (ntattl > 604800) { msg = "NTA lifetime cannot exceed one week"; - CHECK(ISC_R_RANGE); + CLEANUP(ISC_R_RANGE); } ttlset = true; @@ -14858,7 +14644,7 @@ named_server_nta(named_server_t *server, isc_lex_t *lex, bool readonly, ptr = next_token(lex, text); if (ptr == NULL) { msg = "No class specified"; - CHECK(ISC_R_UNEXPECTEDEND); + CLEANUP(ISC_R_UNEXPECTEDEND); } tr.base = ptr; @@ -14867,7 +14653,7 @@ named_server_nta(named_server_t *server, isc_lex_t *lex, bool readonly, continue; } else if (ptr[0] == '-') { msg = "Unknown option"; - CHECK(DNS_R_SYNTAX); + CLEANUP(DNS_R_SYNTAX); } else { nametext = ptr; } @@ -14908,7 +14694,7 @@ named_server_nta(named_server_t *server, isc_lex_t *lex, bool readonly, NAMED_LOGMODULE_CONTROL, ISC_LOG_INFO, "rejecting restricted control channel " "NTA command"); - CHECK(ISC_R_FAILURE); + CLEANUP(ISC_R_FAILURE); } /* Get the NTA name if not found above. */ @@ -14940,7 +14726,7 @@ named_server_nta(named_server_t *server, isc_lex_t *lex, bool readonly, } if (next_token(lex, text) != NULL) { - CHECK(DNS_R_SYNTAX); + CLEANUP(DNS_R_SYNTAX); } now = isc_stdtime_now(); @@ -15131,7 +14917,7 @@ mkey_destroy(dns_view_t *view, isc_buffer_t *text) { bool removed_a_file = false; if (view->managed_keys == NULL) { - CHECK(ISC_R_NOTFOUND); + CLEANUP(ISC_R_NOTFOUND); } snprintf(msg, sizeof(msg), "destroying managed-keys database for '%s'", @@ -15174,7 +14960,7 @@ mkey_destroy(dns_view_t *view, isc_buffer_t *text) { if (!removed_a_file) { CHECK(putstr(text, "error: no files could be removed")); - CHECK(ISC_R_FAILURE); + CLEANUP(ISC_R_FAILURE); } dns_zone_detach(&mkzone); @@ -15361,8 +15147,7 @@ named_server_mkeys(named_server_t *server, isc_lex_t *lex, isc_buffer_t *text) { } else { snprintf(msg, sizeof(msg), "unknown command '%s'", cmd); (void)putstr(text, msg); - result = ISC_R_UNEXPECTED; - goto cleanup; + CLEANUP(ISC_R_UNEXPECTED); } /* Look for the optional class name. */ @@ -15530,10 +15315,10 @@ named_server_tcptimeouts(isc_lex_t *lex, isc_buffer_t *text) { CHECK(isc_parse_uint32(&initial, ptr, 10)); initial *= 100; if (initial > MAX_INITIAL_TIMEOUT) { - CHECK(ISC_R_RANGE); + CLEANUP(ISC_R_RANGE); } if (initial < MIN_INITIAL_TIMEOUT) { - CHECK(ISC_R_RANGE); + CLEANUP(ISC_R_RANGE); } ptr = next_token(lex, text); @@ -15543,10 +15328,10 @@ named_server_tcptimeouts(isc_lex_t *lex, isc_buffer_t *text) { CHECK(isc_parse_uint32(&idle, ptr, 10)); idle *= 100; if (idle > MAX_IDLE_TIMEOUT) { - CHECK(ISC_R_RANGE); + CLEANUP(ISC_R_RANGE); } if (idle < MIN_IDLE_TIMEOUT) { - CHECK(ISC_R_RANGE); + CLEANUP(ISC_R_RANGE); } ptr = next_token(lex, text); @@ -15556,10 +15341,10 @@ named_server_tcptimeouts(isc_lex_t *lex, isc_buffer_t *text) { CHECK(isc_parse_uint32(&keepalive, ptr, 10)); keepalive *= 100; if (keepalive > MAX_KEEPALIVE_TIMEOUT) { - CHECK(ISC_R_RANGE); + CLEANUP(ISC_R_RANGE); } if (keepalive < MIN_KEEPALIVE_TIMEOUT) { - CHECK(ISC_R_RANGE); + CLEANUP(ISC_R_RANGE); } ptr = next_token(lex, text); @@ -15569,7 +15354,7 @@ named_server_tcptimeouts(isc_lex_t *lex, isc_buffer_t *text) { CHECK(isc_parse_uint32(&advertised, ptr, 10)); advertised *= 100; if (advertised > MAX_ADVERTISED_TIMEOUT) { - CHECK(ISC_R_RANGE); + CLEANUP(ISC_R_RANGE); } ptr = next_token(lex, text); @@ -15579,10 +15364,10 @@ named_server_tcptimeouts(isc_lex_t *lex, isc_buffer_t *text) { CHECK(isc_parse_uint32(&primaries, ptr, 10)); primaries *= 100; if (primaries > MAX_PRIMARIES_TIMEOUT) { - CHECK(ISC_R_RANGE); + CLEANUP(ISC_R_RANGE); } if (primaries < MIN_PRIMARIES_TIMEOUT) { - CHECK(ISC_R_RANGE); + CLEANUP(ISC_R_RANGE); } isc_nm_setinitialtimeout(initial); @@ -15823,7 +15608,7 @@ named_server_fetchlimit(named_server_t *server, isc_lex_t *lex, s = snprintf(tbuf, sizeof(tbuf), " (fetches-per-server %u):", val); if (s < 0 || (unsigned int)s > sizeof(tbuf)) { - CHECK(ISC_R_NOSPACE); + CLEANUP(ISC_R_NOSPACE); } first = false; CHECK(putstr(text, tbuf)); @@ -15839,7 +15624,7 @@ named_server_fetchlimit(named_server_t *server, isc_lex_t *lex, s = snprintf(tbuf, sizeof(tbuf), " (fetches-per-zone %u):", val); if (s < 0 || (unsigned int)s > sizeof(tbuf)) { - CHECK(ISC_R_NOSPACE); + CLEANUP(ISC_R_NOSPACE); } CHECK(putstr(text, tbuf)); used = isc_buffer_usedlength(text); @@ -15881,7 +15666,7 @@ named_server_skr(named_server_t *server, isc_lex_t *lex, isc_buffer_t *text) { } if (strcasecmp(ptr, "-import") != 0) { - CHECK(DNS_R_SYNTAX); + CLEANUP(DNS_R_SYNTAX); } ptr = next_token(lex, NULL); @@ -15892,7 +15677,7 @@ named_server_skr(named_server_t *server, isc_lex_t *lex, isc_buffer_t *text) { CHECK(zone_from_args(server, lex, NULL, &zone, NULL, text, false)); if (zone == NULL) { - CHECK(ISC_R_UNEXPECTEDEND); + CLEANUP(ISC_R_UNEXPECTEDEND); } kasp = dns_zone_getkasp(zone); if (kasp == NULL) { diff --git a/bin/named/statschannel.c b/bin/named/statschannel.c index eacb2d25ea..51184ffe44 100644 --- a/bin/named/statschannel.c +++ b/bin/named/statschannel.c @@ -64,14 +64,6 @@ #define STATS_JSON_VERSION_MINOR "8" #define STATS_JSON_VERSION STATS_JSON_VERSION_MAJOR "." STATS_JSON_VERSION_MINOR -#define CHECK(m) \ - do { \ - result = (m); \ - if (result != ISC_R_SUCCESS) { \ - goto cleanup; \ - } \ - } while (0) - struct named_statschannel { /* Unlocked */ isc_httpdmgr_t *httpdmgr; @@ -2413,8 +2405,7 @@ zone_jsonrender(dns_zone_t *zone, void *arg) { if (zonestats != NULL) { json_object *counters = json_object_new_object(); if (counters == NULL) { - result = ISC_R_NOMEMORY; - goto cleanup; + CLEANUP(ISC_R_NOMEMORY); } result = dump_stats(zonestats, isc_statsformat_json, @@ -2438,8 +2429,7 @@ zone_jsonrender(dns_zone_t *zone, void *arg) { if (gluecachestats != NULL) { json_object *counters = json_object_new_object(); if (counters == NULL) { - result = ISC_R_NOMEMORY; - goto cleanup; + CLEANUP(ISC_R_NOMEMORY); } result = dump_stats( @@ -2592,8 +2582,7 @@ xfrin_jsonrender(dns_zone_t *zone, void *arg) { } if (xfrinobj == NULL) { - result = ISC_R_NOMEMORY; - goto cleanup; + CLEANUP(ISC_R_NOMEMORY); } result = dns_zone_getxfr(zone, &xfr, &is_firstrefresh, &is_running, @@ -3175,8 +3164,7 @@ generatejson(named_server_t *server, size_t *msglen, const char **msg, 0); if (result != ISC_R_SUCCESS) { json_object_put(counters); - result = dumparg.result; - goto cleanup; + CHECK(dumparg.result); } json_object_object_add(res, "adb", @@ -3662,7 +3650,7 @@ add_listener(named_server_t *server, named_statschannel_t **listenerp, if ((pf == AF_INET && isc_net_probeipv4() != ISC_R_SUCCESS) || (pf == AF_INET6 && isc_net_probeipv6() != ISC_R_SUCCESS)) { - CHECK(ISC_R_FAMILYNOSUPPORT); + CLEANUP(ISC_R_FAMILYNOSUPPORT); } CHECK(isc_httpdmgr_create(server->mctx, addr, client_ok, diff --git a/bin/named/tkeyconf.c b/bin/named/tkeyconf.c index 768e0fac05..633d19c61e 100644 --- a/bin/named/tkeyconf.c +++ b/bin/named/tkeyconf.c @@ -21,6 +21,7 @@ #include +#include #include void @@ -28,11 +29,10 @@ named_tkeyctx_fromconfig(const cfg_obj_t *options, isc_mem_t *mctx, dns_tkeyctx_t **tctxp) { isc_result_t result; dns_tkeyctx_t *tctx = NULL; - const cfg_obj_t *obj; + const cfg_obj_t *obj = NULL; dns_tkeyctx_create(mctx, &tctx); - obj = NULL; result = cfg_map_get(options, "tkey-gssapi-keytab", &obj); if (result == ISC_R_SUCCESS) { const char *s = cfg_obj_asstring(obj); diff --git a/bin/named/transportconf.c b/bin/named/transportconf.c index bedb3d5243..5f3701b393 100644 --- a/bin/named/transportconf.c +++ b/bin/named/transportconf.c @@ -36,7 +36,7 @@ result = (dns_name_fromtext(name, &namesrc, dns_rootname, \ DNS_NAME_DOWNCASE)); \ if (result != ISC_R_SUCCESS) { \ - goto failure; \ + goto cleanup; \ } #define parse_transport_option(map, transport, name, setter) \ @@ -126,7 +126,7 @@ add_doh_transports(const cfg_obj_t *transportlist, dns_transport_list_t *list) { } return ISC_R_SUCCESS; -failure: +cleanup: cfg_obj_log(doh, ISC_LOG_ERROR, "configuring DoH '%s': %s", dohid, isc_result_totext(result)); @@ -147,8 +147,7 @@ add_tls_transports(const cfg_obj_t *transportlist, dns_transport_list_t *list) { tlsid = cfg_obj_asstring(cfg_map_getname(tls)); if (!strcmp(tlsid, "ephemeral")) { - result = ISC_R_UNEXPECTEDTOKEN; - goto failure; + CLEANUP(ISC_R_UNEXPECTEDTOKEN); } create_name(tlsid, tlsname); @@ -176,18 +175,13 @@ add_tls_transports(const cfg_obj_t *transportlist, dns_transport_list_t *list) { } return ISC_R_SUCCESS; -failure: +cleanup: cfg_obj_log(tls, ISC_LOG_ERROR, "configuring tls '%s': %s", tlsid, isc_result_totext(result)); return result; } -#define CHECK(f) \ - if ((result = f) != ISC_R_SUCCESS) { \ - goto failure; \ - } - static isc_result_t transport_list_fromconfig(const cfg_obj_t *config, dns_transport_list_t *list) { const cfg_obj_t *obj = NULL; @@ -222,7 +216,7 @@ transport_list_add_ephemeral(dns_transport_list_t *list) { dns_transport_set_tlsname(transport, "ephemeral"); return; -failure: +cleanup: RUNTIME_CHECK(result == ISC_R_SUCCESS); } @@ -237,10 +231,7 @@ named_transports_fromconfig(const cfg_obj_t *config, const cfg_obj_t *vconfig, transport_list_add_ephemeral(list); if (config != NULL) { - result = transport_list_fromconfig(config, list); - if (result != ISC_R_SUCCESS) { - goto failure; - } + CHECK(transport_list_fromconfig(config, list)); } if (vconfig != NULL) { @@ -250,7 +241,7 @@ named_transports_fromconfig(const cfg_obj_t *config, const cfg_obj_t *vconfig, *listp = list; return ISC_R_SUCCESS; -failure: +cleanup: dns_transport_list_detach(&list); return result; } diff --git a/bin/named/tsigconf.c b/bin/named/tsigconf.c index 9133bc750e..1a790a6823 100644 --- a/bin/named/tsigconf.c +++ b/bin/named/tsigconf.c @@ -38,7 +38,7 @@ add_initial_keys(const cfg_obj_t *list, dns_tsigkeyring_t *ring, const char *keyid = NULL; unsigned char *secret = NULL; int secretalloc = 0; - isc_result_t ret; + isc_result_t result; CFG_LIST_FOREACH(list, element) { const cfg_obj_t *algobj = NULL; @@ -67,11 +67,8 @@ add_initial_keys(const cfg_obj_t *list, dns_tsigkeyring_t *ring, */ isc_buffer_constinit(&keynamesrc, keyid, strlen(keyid)); isc_buffer_add(&keynamesrc, strlen(keyid)); - ret = dns_name_fromtext(keyname, &keynamesrc, dns_rootname, - DNS_NAME_DOWNCASE); - if (ret != ISC_R_SUCCESS) { - goto failure; - } + CHECK(dns_name_fromtext(keyname, &keynamesrc, dns_rootname, + DNS_NAME_DOWNCASE)); /* * Create the algorithm. @@ -84,31 +81,27 @@ add_initial_keys(const cfg_obj_t *list, dns_tsigkeyring_t *ring, "key '%s': has a " "unsupported algorithm '%s'", keyid, algstr); - ret = DNS_R_BADALG; - goto failure; + CLEANUP(DNS_R_BADALG); } secretstr = cfg_obj_asstring(secretobj); secretalloc = secretlen = strlen(secretstr) * 3 / 4; secret = isc_mem_get(mctx, secretlen); isc_buffer_init(&secretbuf, secret, secretlen); - ret = isc_base64_decodestring(secretstr, &secretbuf); - if (ret != ISC_R_SUCCESS) { - goto failure; - } + CHECK(isc_base64_decodestring(secretstr, &secretbuf)); secretlen = isc_buffer_usedlength(&secretbuf); - ret = dns_tsigkey_create(keyname, alg, secret, secretlen, mctx, - &tsigkey); + result = dns_tsigkey_create(keyname, alg, secret, secretlen, + mctx, &tsigkey); isc_mem_put(mctx, secret, secretalloc); - if (ret == ISC_R_SUCCESS) { - ret = dns_tsigkeyring_add(ring, tsigkey); + if (result == ISC_R_SUCCESS) { + result = dns_tsigkeyring_add(ring, tsigkey); } - if (ret != ISC_R_SUCCESS) { + if (result != ISC_R_SUCCESS) { if (tsigkey != NULL) { dns_tsigkey_detach(&tsigkey); } - goto failure; + goto cleanup; } /* * Set digest bits. @@ -119,13 +112,13 @@ add_initial_keys(const cfg_obj_t *list, dns_tsigkeyring_t *ring, return ISC_R_SUCCESS; -failure: +cleanup: if (secret != NULL) { isc_mem_put(mctx, secret, secretalloc); } cfg_obj_log(key, ISC_LOG_ERROR, "configuring key '%s': %s", keyid, - isc_result_totext(ret)); - return ret; + isc_result_totext(result)); + return result; } isc_result_t @@ -159,16 +152,13 @@ named_tsigkeyring_fromconfig(const cfg_obj_t *config, const cfg_obj_t *vconfig, if (result != ISC_R_SUCCESS) { continue; } - result = add_initial_keys(keylist, ring, mctx); - if (result != ISC_R_SUCCESS) { - goto failure; - } + CHECK(add_initial_keys(keylist, ring, mctx)); } *ringp = ring; return ISC_R_SUCCESS; -failure: +cleanup: dns_tsigkeyring_detach(&ring); return result; } diff --git a/bin/named/zoneconf.c b/bin/named/zoneconf.c index 15a1a8c71a..b43223395f 100644 --- a/bin/named/zoneconf.c +++ b/bin/named/zoneconf.c @@ -62,13 +62,6 @@ typedef enum { allow_update_forwarding } acl_type_t; -#define CHECK(x) \ - do { \ - result = (x); \ - if (result != ISC_R_SUCCESS) \ - goto cleanup; \ - } while (0) - /*% * Convenience function for configuring a single zone ACL. */ @@ -78,7 +71,6 @@ configure_zone_acl(const cfg_obj_t *zconfig, const cfg_obj_t *vconfig, cfg_aclconfctx_t *aclctx, dns_zone_t *zone, void (*setzacl)(dns_zone_t *, dns_acl_t *), void (*clearzacl)(dns_zone_t *)) { - isc_result_t result; const cfg_obj_t *maps[6] = { 0 }; const cfg_obj_t *aclobj = NULL; int i = 0; @@ -176,11 +168,7 @@ configure_zone_acl(const cfg_obj_t *zconfig, const cfg_obj_t *vconfig, } parse_acl: - result = cfg_acl_fromconfig(aclobj, config, aclctx, isc_g_mctx, 0, - &acl); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(cfg_acl_fromconfig(aclobj, config, aclctx, isc_g_mctx, 0, &acl)); (*setzacl)(zone, acl); /* Set the view default now */ @@ -376,8 +364,7 @@ configure_zone_ssutable(const cfg_obj_t *zconfig, const cfg_obj_t *tconfig, "failed to enable auto DDNS policy " "for zone %s: session key not found", zname); - result = ISC_R_NOTFOUND; - goto cleanup; + CLEANUP(ISC_R_NOTFOUND); } dns_ssutable_addrule( @@ -566,12 +553,9 @@ configure_staticstub(const cfg_obj_t *zconfig, const cfg_obj_t *tconfig, isc_region_t region; /* Create the DB beforehand */ - result = dns_db_create(mctx, dbtype, dns_zone_getorigin(zone), - dns_dbtype_stub, dns_zone_getclass(zone), 0, - NULL, &db); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(dns_db_create(mctx, dbtype, dns_zone_getorigin(zone), + dns_dbtype_stub, dns_zone_getclass(zone), 0, NULL, + &db)); dns_rdataset_init(&rdataset); @@ -616,8 +600,7 @@ configure_staticstub(const cfg_obj_t *zconfig, const cfg_obj_t *tconfig, "No NS record is configured for a " "static-stub zone '%s'", zname); - result = ISC_R_FAILURE; - goto cleanup; + CLEANUP(ISC_R_FAILURE); } /* @@ -703,8 +686,6 @@ zonetype_fromconfig(const cfg_obj_t *zmap, const cfg_obj_t *tmap) { static isc_result_t strtoargvsub(isc_mem_t *mctx, char *s, unsigned int *argcp, char ***argvp, unsigned int n) { - isc_result_t result; - /* Discard leading whitespace. */ while (*s == ' ' || *s == '\t') { s++; @@ -723,10 +704,7 @@ strtoargvsub(isc_mem_t *mctx, char *s, unsigned int *argcp, char ***argvp, *p++ = '\0'; } - result = strtoargvsub(mctx, p, argcp, argvp, n + 1); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(strtoargvsub(mctx, p, argcp, argvp, n + 1)); (*argvp)[n] = s; } return ISC_R_SUCCESS; @@ -1926,10 +1904,7 @@ named_zone_configure_writeable_dlz(dns_dlzdb_t *dlzdatabase, dns_zone_t *zone, isc_result_t result; dns_zone_settype(zone, dns_zone_dlz); - result = dns_sdlz_setdb(dlzdatabase, rdclass, name, &db); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(dns_sdlz_setdb(dlzdatabase, rdclass, name, &db)); result = dns_zone_dlzpostload(zone, db); dns_db_detach(&db); return result; @@ -2141,12 +2116,9 @@ named_zone_loadplugins(dns_zone_t *zone, const cfg_obj_t *config, ns_plugins_create(zmctx, &hookdata.plugins); dns_zone_setplugins(zone, hookdata.plugins, ns_plugins_free); - result = cfg_pluginlist_foreach(config, tpluginlist, aclctx, - named_register_one_plugin, - &hookdata); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(cfg_pluginlist_foreach(config, tpluginlist, aclctx, + named_register_one_plugin, + &hookdata)); result = cfg_pluginlist_foreach(config, zpluginlist, aclctx, named_register_one_plugin, diff --git a/bin/nsupdate/nsupdate.c b/bin/nsupdate/nsupdate.c index 318c8dd96a..cc8e5b4cd6 100644 --- a/bin/nsupdate/nsupdate.c +++ b/bin/nsupdate/nsupdate.c @@ -569,16 +569,10 @@ read_sessionkey(isc_mem_t *mctx) { return ISC_R_FILENOTFOUND; } - result = cfg_parse_file(mctx, keyfile, &cfg_type_sessionkey, 0, - &sessionkey); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(cfg_parse_file(mctx, keyfile, &cfg_type_sessionkey, 0, + &sessionkey)); - result = cfg_map_get(sessionkey, "key", &key); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(cfg_map_get(sessionkey, "key", &key)); (void)cfg_map_get(key, "secret", &secretobj); (void)cfg_map_get(key, "algorithm", &algorithmobj); diff --git a/bin/plugins/filter-a.c b/bin/plugins/filter-a.c index fff9cc9745..d5a9d0b268 100644 --- a/bin/plugins/filter-a.c +++ b/bin/plugins/filter-a.c @@ -46,14 +46,6 @@ #include #include -#define CHECK(op) \ - do { \ - result = (op); \ - if (result != ISC_R_SUCCESS) { \ - goto cleanup; \ - } \ - } while (0) - /* * Possible values for the settings of filter-a-on-v6 and * filter-a-on-v4: "no" is NONE, "yes" is FILTER, "break-dnssec" diff --git a/bin/plugins/filter-aaaa.c b/bin/plugins/filter-aaaa.c index 986267c5a6..007d952e7e 100644 --- a/bin/plugins/filter-aaaa.c +++ b/bin/plugins/filter-aaaa.c @@ -46,14 +46,6 @@ #include #include -#define CHECK(op) \ - do { \ - result = (op); \ - if (result != ISC_R_SUCCESS) { \ - goto cleanup; \ - } \ - } while (0) - /* * Possible values for the settings of filter-aaaa-on-v4 and * filter-aaaa-on-v6: "no" is NONE, "yes" is FILTER, "break-dnssec" diff --git a/bin/plugins/synthrecord.c b/bin/plugins/synthrecord.c index e348d55a64..8dc3e257b1 100644 --- a/bin/plugins/synthrecord.c +++ b/bin/plugins/synthrecord.c @@ -21,14 +21,6 @@ #include -#define CHECK(op) \ - do { \ - result = (op); \ - if (result != ISC_R_SUCCESS) { \ - goto cleanup; \ - } \ - } while (0) - #define DEFAULT_TTL 300 typedef enum { UNDEFINED, FORWARD, REVERSE } synthrecord_mode_t; @@ -70,7 +62,6 @@ synthrecord_reverseanswer(synthrecord_t *inst, isc_netaddr_t *na, isc_buffer_t addrb; char addrbdata[DNS_NAME_FORMATSIZE]; isc_region_t addrr; - isc_result_t result; REQUIRE(DNS_NAME_VALID(synthname)); REQUIRE(na->family == AF_INET || na->family == AF_INET6); @@ -79,10 +70,7 @@ synthrecord_reverseanswer(synthrecord_t *inst, isc_netaddr_t *na, isc_buffer_copyregion(&b, &inst->prefix); isc_buffer_init(&addrb, addrbdata, sizeof(addrbdata)); - result = isc_netaddr_totext(na, &addrb); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(isc_netaddr_totext(na, &addrb)); /* * IDN compatibility, as an IPv6 begining or ending with `::` will be @@ -476,11 +464,8 @@ synthrecord_initorigin(synthrecord_t *inst, const cfg_obj_t *synthrecordcfg, dns_name_init(&inst->origin); if (result == ISC_R_SUCCESS) { originstr = cfg_obj_asstring(obj); - result = dns_name_fromstring(&inst->origin, originstr, NULL, 0, - inst->mctx); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(dns_name_fromstring(&inst->origin, originstr, NULL, 0, + inst->mctx)); if (!dns_name_isabsolute(&inst->origin)) { isc_log_write(NS_LOGCATEGORY_GENERAL, @@ -525,11 +510,8 @@ synthrecord_parseallowsynth(synthrecord_t *inst, const cfg_obj_t *cfg, return result; } - result = cfg_acl_fromconfig(obj, cfg, aclctx, inst->mctx, 0, - &inst->allowedsynth); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(cfg_acl_fromconfig(obj, cfg, aclctx, inst->mctx, 0, + &inst->allowedsynth)); for (unsigned int i = 0; i < inst->allowedsynth->length; i++) { switch (inst->allowedsynth->elements[i].type) { diff --git a/bin/tests/system/dlzexternal/driver/driver.c b/bin/tests/system/dlzexternal/driver/driver.c index 9750fdc96a..34a64c8c8a 100644 --- a/bin/tests/system/dlzexternal/driver/driver.c +++ b/bin/tests/system/dlzexternal/driver/driver.c @@ -49,13 +49,6 @@ dlz_dlopen_addrdataset_t dlz_addrdataset; dlz_dlopen_subrdataset_t dlz_subrdataset; dlz_dlopen_delrdataset_t dlz_delrdataset; -#define CHECK(x) \ - do { \ - result = (x); \ - if (result != ISC_R_SUCCESS) \ - goto failure; \ - } while (0) - #define loginfo(...) \ ({ \ if ((state != NULL) && (state->log != NULL)) \ @@ -258,7 +251,6 @@ dlz_create(const char *dlzname, unsigned int argc, char *argv[], void **dbdata, const char *helper_name; va_list ap; char soa_data[sizeof("@ hostmaster.root 123 900 600 86400 3600")]; - isc_result_t result; size_t n; UNUSED(dlzname); @@ -306,7 +298,8 @@ dlz_create(const char *dlzname, unsigned int argc, char *argv[], void **dbdata, } if (n >= sizeof(soa_data)) { - CHECK(ISC_R_NOSPACE); + free(state); + return ISC_R_NOSPACE; } add_name(state, &state->current[0], state->zone_name, "soa", 3600, @@ -320,10 +313,6 @@ dlz_create(const char *dlzname, unsigned int argc, char *argv[], void **dbdata, *dbdata = state; return ISC_R_SUCCESS; - -failure: - free(state); - return result; } /* @@ -513,10 +502,7 @@ dlz_lookup(const char *zone, const char *name, void *dbdata, loginfo("dlz_example: lookup connection from %s", buf); found = true; - result = state->putrr(lookup, "TXT", 0, buf); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(state->putrr(lookup, "TXT", 0, buf)); } if (strcmp(name, "too-long") == 0 || @@ -527,10 +513,7 @@ dlz_lookup(const char *zone, const char *name, void *dbdata, } buf[i] = '\0'; found = true; - result = state->putrr(lookup, "TXT", 0, buf); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(state->putrr(lookup, "TXT", 0, buf)); } /* Tests for DLZ redirection zones */ @@ -556,12 +539,9 @@ dlz_lookup(const char *zone, const char *name, void *dbdata, for (i = 0; i < MAX_RECORDS; i++) { if (strcasecmp(state->current[i].name, full_name) == 0) { found = true; - result = state->putrr(lookup, state->current[i].type, - state->current[i].ttl, - state->current[i].data); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(state->putrr(lookup, state->current[i].type, + state->current[i].ttl, + state->current[i].data)); } } @@ -627,17 +607,13 @@ dlz_allnodes(const char *zone, void *dbdata, dns_sdlzallnodes_t *allnodes) { } for (i = 0; i < MAX_RECORDS; i++) { - isc_result_t result; if (strlen(state->current[i].name) == 0U) { continue; } - result = state->putnamedrr(allnodes, state->current[i].name, - state->current[i].type, - state->current[i].ttl, - state->current[i].data); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(state->putnamedrr(allnodes, state->current[i].name, + state->current[i].type, + state->current[i].ttl, + state->current[i].data)); } return ISC_R_SUCCESS; diff --git a/bin/tests/system/dyndb/driver/instance.c b/bin/tests/system/dyndb/driver/instance.c index db087895be..7c3b842cca 100644 --- a/bin/tests/system/dyndb/driver/instance.c +++ b/bin/tests/system/dyndb/driver/instance.c @@ -78,8 +78,7 @@ parse_params(isc_mem_t *mctx, int argc, char **argv, dns_name_t *z1, if (argc != 2) { log_error("exactly two parameters " "(absolute zone names) are required"); - result = ISC_R_FAILURE; - goto cleanup; + CLEANUP(ISC_R_FAILURE); } result = dns_name_fromstring(z1, argv[0], dns_rootname, 0, mctx); if (result != ISC_R_SUCCESS) { diff --git a/bin/tests/system/dyndb/driver/util.h b/bin/tests/system/dyndb/driver/util.h index e3ccedfe7e..b870b781f7 100644 --- a/bin/tests/system/dyndb/driver/util.h +++ b/bin/tests/system/dyndb/driver/util.h @@ -38,16 +38,3 @@ #include #include "log.h" - -#define CLEANUP_WITH(result_code) \ - do { \ - result = (result_code); \ - goto cleanup; \ - } while (0) - -#define CHECK(op) \ - do { \ - result = (op); \ - if (result != ISC_R_SUCCESS) \ - goto cleanup; \ - } while (0) diff --git a/bin/tests/system/dyndb/driver/zone.c b/bin/tests/system/dyndb/driver/zone.c index 9a02d4357c..da6fef47f5 100644 --- a/bin/tests/system/dyndb/driver/zone.c +++ b/bin/tests/system/dyndb/driver/zone.c @@ -130,8 +130,8 @@ publish_zone(sample_instance_t *inst, dns_zone_t *zone) { /* Return success if the zone is already in the view as expected. */ result = dns_view_findzone(inst->view, dns_zone_getorigin(zone), DNS_ZTFIND_EXACT, &zone_in_view); - if (result != ISC_R_SUCCESS && result != ISC_R_NOTFOUND) { - goto cleanup; + if (result != ISC_R_NOTFOUND) { + CHECK(result); } view_in_zone = dns_zone_getview(zone); @@ -139,7 +139,7 @@ publish_zone(sample_instance_t *inst, dns_zone_t *zone) { /* Zone has a view set -> view should contain the same zone. */ if (zone_in_view == zone) { /* Zone is already published in the right view. */ - CLEANUP_WITH(ISC_R_SUCCESS); + CLEANUP(ISC_R_SUCCESS); } else if (view_in_zone != inst->view) { /* * Un-published inactive zone will have @@ -149,7 +149,7 @@ publish_zone(sample_instance_t *inst, dns_zone_t *zone) { dns_zone_log(zone, ISC_LOG_ERROR, "zone->view doesn't " "match data in the view"); - CLEANUP_WITH(ISC_R_UNEXPECTED); + CLEANUP(ISC_R_UNEXPECTED); } } @@ -157,7 +157,7 @@ publish_zone(sample_instance_t *inst, dns_zone_t *zone) { dns_zone_log(zone, ISC_LOG_ERROR, "cannot publish zone: view already " "contains another zone with this name"); - CLEANUP_WITH(ISC_R_UNEXPECTED); + CLEANUP(ISC_R_UNEXPECTED); } if (inst->view->frozen) { diff --git a/bin/tests/system/hooks/driver/test-async.c b/bin/tests/system/hooks/driver/test-async.c index 376529e15e..af140e39ba 100644 --- a/bin/tests/system/hooks/driver/test-async.c +++ b/bin/tests/system/hooks/driver/test-async.c @@ -35,14 +35,6 @@ #include #include -#define CHECK(op) \ - do { \ - result = (op); \ - if (result != ISC_R_SUCCESS) { \ - goto cleanup; \ - } \ - } while (0) - /* * Persistent data for use by this module. This will be associated * with client object address in the hash table, and will remain diff --git a/bin/tests/system/hooks/driver/test-syncplugin.c b/bin/tests/system/hooks/driver/test-syncplugin.c index a38379a916..36409bbda9 100644 --- a/bin/tests/system/hooks/driver/test-syncplugin.c +++ b/bin/tests/system/hooks/driver/test-syncplugin.c @@ -28,14 +28,6 @@ typedef struct { char *firstlbl; } syncplugin_t; -#define CHECK(op) \ - do { \ - result = (op); \ - if (result != ISC_R_SUCCESS) { \ - goto cleanup; \ - } \ - } while (0) - static ns_hookresult_t syncplugin__hook(void *arg, void *cbdata, isc_result_t *resp) { query_ctx_t *qctx = (query_ctx_t *)arg; @@ -82,14 +74,11 @@ static cfg_type_t syncplugin__cfgparams = { static isc_result_t syncplugin__parse_rcode(const cfg_obj_t *syncplugincfg, uint8_t *rcode) { - isc_result_t result; + isc_result_t result = ISC_R_SUCCESS; const cfg_obj_t *obj = NULL; const char *rcodestr = NULL; - result = cfg_map_get(syncplugincfg, "rcode", &obj); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(cfg_map_get(syncplugincfg, "rcode", &obj)); rcodestr = obj->value.string.base; diff --git a/bin/tests/system/pipelined/pipequeries.c b/bin/tests/system/pipelined/pipequeries.c index 1e3340e06f..3d6c26211b 100644 --- a/bin/tests/system/pipelined/pipequeries.c +++ b/bin/tests/system/pipelined/pipequeries.c @@ -43,7 +43,7 @@ #include #include -#define CHECK(str, x) \ +#define CHECKM(str, x) \ { \ if ((x) != ISC_R_SUCCESS) { \ fprintf(stderr, "I:%s: %s\n", (str), \ @@ -84,7 +84,7 @@ recvresponse(void *arg) { result = dns_request_getresponse(request, response, DNS_MESSAGEPARSE_PRESERVEORDER); - CHECK("dns_request_getresponse", result); + CHECKM("dns_request_getresponse", result); if (response->rcode != dns_rcode_noerror) { result = dns_result_fromrcode(response->rcode); @@ -101,7 +101,7 @@ recvresponse(void *arg) { result = dns_message_sectiontotext( response, DNS_SECTION_ANSWER, &dns_master_style_simple, DNS_MESSAGETEXTFLAG_NOCOMMENTS, &outbuf); - CHECK("dns_message_sectiontotext", result); + CHECKM("dns_message_sectiontotext", result); printf("%.*s", (int)isc_buffer_usedlength(&outbuf), (char *)isc_buffer_base(&outbuf)); fflush(stdout); @@ -140,7 +140,7 @@ sendquery(void) { isc_buffer_add(&buf, strlen(host)); result = dns_name_fromtext(dns_fixedname_name(&queryname), &buf, dns_rootname, 0); - CHECK("dns_name_fromtext", result); + CHECKM("dns_name_fromtext", result); dns_message_create(isc_g_mctx, NULL, NULL, DNS_MESSAGE_INTENTRENDER, &message); @@ -164,7 +164,7 @@ sendquery(void) { requestmgr, message, have_src ? &srcaddr : NULL, &dstaddr, NULL, NULL, DNS_REQUESTOPT_TCP, NULL, TIMEOUT, TIMEOUT, 0, 0, isc_loop_main(), recvresponse, message, &request); - CHECK("dns_request_create", result); + CHECKM("dns_request_create", result); return ISC_R_SUCCESS; } @@ -258,13 +258,13 @@ main(int argc, char *argv[]) { result = ISC_R_FAILURE; if (inet_pton(AF_INET, "10.53.0.7", &inaddr) != 1) { - CHECK("inet_pton", result); + CHECKM("inet_pton", result); } isc_sockaddr_fromin(&srcaddr, &inaddr, 0); result = ISC_R_FAILURE; if (inet_pton(AF_INET, "10.53.0.4", &inaddr) != 1) { - CHECK("inet_pton", result); + CHECKM("inet_pton", result); } isc_sockaddr_fromin(&dstaddr, &inaddr, port); diff --git a/bin/tests/system/rsabigexponent/bigkey.c b/bin/tests/system/rsabigexponent/bigkey.c index af09f42b77..9e6e57ef0c 100644 --- a/bin/tests/system/rsabigexponent/bigkey.c +++ b/bin/tests/system/rsabigexponent/bigkey.c @@ -57,7 +57,7 @@ RSA *rsa; BIGNUM *e; EVP_PKEY *pkey; -#define CHECK(op, msg) \ +#define CHECKM(op, msg) \ do { \ result = (op); \ if (result != ISC_R_SUCCESS) { \ @@ -116,22 +116,20 @@ main(int argc, char **argv) { name = dns_fixedname_initname(&fname); isc_buffer_constinit(&buf, "example.", strlen("example.")); isc_buffer_add(&buf, strlen("example.")); - CHECK(dns_name_fromtext(name, &buf, dns_rootname, 0, NULL), "dns_name_" - "fromtext(" - "\"example." - "\")"); + CHECKM(dns_name_fromtext(name, &buf, dns_rootname, 0, NULL), + "dns_name_fromtext(\"example.\")"); - CHECK(dst_key_buildinternal(name, DNS_KEYALG_RSASHA256, bits, - DNS_KEYOWNER_ZONE, DNS_KEYPROTO_DNSSEC, - dns_rdataclass_in, pkey, isc_g_mctx, &key), - "dst_key_buildinternal(...)"); + CHECKM(dst_key_buildinternal(name, DNS_KEYALG_RSASHA256, bits, + DNS_KEYOWNER_ZONE, DNS_KEYPROTO_DNSSEC, + dns_rdataclass_in, pkey, isc_g_mctx, &key), + "dst_key_buildinternal(...)"); - CHECK(dst_key_tofile(key, DST_TYPE_PRIVATE | DST_TYPE_PUBLIC, NULL), - "dst_key_tofile()"); + CHECKM(dst_key_tofile(key, DST_TYPE_PRIVATE | DST_TYPE_PUBLIC, NULL), + "dst_key_tofile()"); isc_buffer_init(&buf, filename, sizeof(filename) - 1); isc_buffer_clear(&buf); - CHECK(dst_key_buildfilename(key, 0, NULL, &buf), "dst_key_" - "buildfilename()"); + CHECKM(dst_key_buildfilename(key, 0, NULL, &buf), + "dst_key_buildfilename()"); printf("%s\n", filename); dst_key_free(&key); diff --git a/bin/tools/mdig.c b/bin/tools/mdig.c index 4aa31d9c29..4a25eeecf8 100644 --- a/bin/tools/mdig.c +++ b/bin/tools/mdig.c @@ -53,7 +53,7 @@ #include #include -#define CHECK(str, x) \ +#define CHECKM(str, x) \ { \ if ((x) != ISC_R_SUCCESS) { \ fprintf(stderr, "mdig: %s failed with %s\n", (str), \ @@ -221,7 +221,7 @@ recvresponse(void *arg) { msgbuf = dns_request_getanswer(request); result = dns_request_getresponse(request, response, parseflags); - CHECK("dns_request_getresponse", result); + CHECKM("dns_request_getresponse", result); styleflags |= DNS_STYLEFLAG_REL_OWNER; if (yaml) { @@ -277,7 +277,7 @@ recvresponse(void *arg) { 48, 80, 8, display_splitwidth, isc_g_mctx); } - CHECK("dns_master_stylecreate2", result); + CHECKM("dns_master_stylecreate2", result); flags = 0; if (!display_headers) { @@ -341,7 +341,7 @@ recvresponse(void *arg) { printf(" %s:\n", "response_message_data"); result = dns_message_headertotext(response, style, flags, buf); - CHECK("dns_message_headertotext", result); + CHECKM("dns_message_headertotext", result); } else if (display_comments && !display_short_form) { printf(";; Got answer:\n"); @@ -404,7 +404,7 @@ repopulate_buffer: isc_buffer_allocate(isc_g_mctx, &buf, len); goto repopulate_buffer; } - CHECK("dns_message_pseudosectiontotext", result); + CHECKM("dns_message_pseudosectiontotext", result); } if (display_question && display_headers && !display_short_form) { @@ -413,7 +413,7 @@ repopulate_buffer: if (result == ISC_R_NOSPACE) { goto buftoosmall; } - CHECK("dns_message_sectiontotext", result); + CHECKM("dns_message_sectiontotext", result); } if (display_answer && !display_short_form) { @@ -422,7 +422,7 @@ repopulate_buffer: if (result == ISC_R_NOSPACE) { goto buftoosmall; } - CHECK("dns_message_sectiontotext", result); + CHECKM("dns_message_sectiontotext", result); } else if (display_answer) { dns_name_t empty_name; unsigned int answerstyleflags = 0; @@ -447,8 +447,7 @@ repopulate_buffer: if (result == ISC_R_NOSPACE) { goto buftoosmall; } - - CHECK("dns_rdata_tofmttext", result); + CHECKM("dns_rdata_tofmttext", result); if (strlen("\n") >= isc_buffer_availablelength(buf)) { @@ -466,7 +465,7 @@ repopulate_buffer: if (result == ISC_R_NOSPACE) { goto buftoosmall; } - CHECK("dns_message_sectiontotext", result); + CHECKM("dns_message_sectiontotext", result); } if (display_additional && !display_short_form) { @@ -475,7 +474,7 @@ repopulate_buffer: if (result == ISC_R_NOSPACE) { goto buftoosmall; } - CHECK("dns_message_sectiontotext", result); + CHECKM("dns_message_sectiontotext", result); } if (display_additional && !display_short_form && display_headers) { @@ -487,13 +486,13 @@ repopulate_buffer: if (result == ISC_R_NOSPACE) { goto buftoosmall; } - CHECK("dns_message_pseudosectiontotext", result); + CHECKM("dns_message_pseudosectiontotext", result); result = dns_message_pseudosectiontotext( response, DNS_PSEUDOSECTION_SIG0, style, flags, buf); if (result == ISC_R_NOSPACE) { goto buftoosmall; } - CHECK("dns_message_pseudosectiontotext", result); + CHECKM("dns_message_pseudosectiontotext", result); } if (display_headers && display_comments && !display_short_form && !yaml) @@ -549,7 +548,7 @@ sendquery(struct query *query) { isc_buffer_add(&buf, strlen(query->textname)); result = dns_name_fromtext(dns_fixedname_name(&queryname), &buf, dns_rootname, 0); - CHECK("dns_name_fromtext", result); + CHECKM("dns_name_fromtext", result); dns_message_create(isc_g_mctx, NULL, NULL, DNS_MESSAGE_INTENTRENDER, &message); @@ -608,7 +607,7 @@ sendquery(struct query *query) { if (query->nsid) { dns_ednsopt_t option = { .code = DNS_OPT_NSID }; result = dns_message_ednsaddopt(message, &option); - CHECK("dns_message_ednsaddopt", result); + CHECKM("dns_message_ednsaddopt", result); } if (query->ecs_addr != NULL) { @@ -663,7 +662,7 @@ sendquery(struct query *query) { .length = (uint16_t)addrl + 4 }; result = dns_message_ednsaddopt(message, &option); - CHECK("dns_message_ednsaddopt", result); + CHECKM("dns_message_ednsaddopt", result); } if (query->send_cookie) { @@ -674,7 +673,7 @@ sendquery(struct query *query) { isc_buffer_init(&b, cookie, sizeof(cookie)); result = isc_hex_decodestring(query->cookie, &b); - CHECK("isc_hex_decodestring", result); + CHECKM("isc_hex_decodestring", result); option.value = isc_buffer_base(&b); option.length = isc_buffer_usedlength(&b); } else { @@ -684,25 +683,25 @@ sendquery(struct query *query) { } result = dns_message_ednsaddopt(message, &option); - CHECK("dns_message_ednsaddopt", result); + CHECKM("dns_message_ednsaddopt", result); } if (query->expire) { dns_ednsopt_t option = { .code = DNS_OPT_EXPIRE }; result = dns_message_ednsaddopt(message, &option); - CHECK("dns_message_ednsaddopt", result); + CHECKM("dns_message_ednsaddopt", result); } if (query->ednsoptscnt != 0) { for (size_t i = 0; i < query->ednsoptscnt; i++) { result = dns_message_ednsaddopt( message, &query->ednsopts[i]); - CHECK("dns_message_ednsaddopt", result); + CHECKM("dns_message_ednsaddopt", result); } } result = dns_message_setopt(message); - CHECK("dns_message_setopt", result); + CHECKM("dns_message_setopt", result); } if (tcp_mode) { @@ -714,7 +713,7 @@ sendquery(struct query *query) { NULL, options, NULL, query->timeout, query->timeout, query->udptimeout, query->udpretries, isc_loop_main(), recvresponse, message, &request); - CHECK("dns_request_create", result); + CHECKM("dns_request_create", result); return ISC_R_SUCCESS; } @@ -928,7 +927,7 @@ save_opt(struct query *query, char *code, char *value) { buf = isc_mem_allocate(isc_g_mctx, strlen(value) / 2 + 1); isc_buffer_init(&b, buf, strlen(value) / 2 + 1); result = isc_hex_decodestring(value, &b); - CHECK("isc_hex_decodestring", result); + CHECKM("isc_hex_decodestring", result); query->ednsopts[query->ednsoptscnt].value = isc_buffer_base(&b); query->ednsopts[query->ednsoptscnt].length = isc_buffer_usedlength(&b); @@ -1025,9 +1024,9 @@ reverse_octets(const char *in, char **p, char *end) { if (dot != NULL) { isc_result_t result; result = reverse_octets(dot + 1, p, end); - CHECK("reverse_octets", result); + CHECKM("reverse_octets", result); result = append(".", 1, p, end); - CHECK("append", result); + CHECKM("append", result); len = (int)(dot - in); } else { len = strlen(in); @@ -1050,7 +1049,7 @@ get_reverse(char *reverse, size_t len, const char *value) { name = dns_fixedname_initname(&fname); result = dns_byaddr_createptrname(&addr, name); - CHECK("dns_byaddr_createptrname", result); + CHECKM("dns_byaddr_createptrname", result); dns_name_format(name, reverse, (unsigned int)len); return; } else { @@ -1064,10 +1063,10 @@ get_reverse(char *reverse, size_t len, const char *value) { char *p = reverse; char *end = reverse + len; result = reverse_octets(value, &p, end); - CHECK("reverse_octets", result); + CHECKM("reverse_octets", result); /* Append .in-addr.arpa. and a terminating NUL. */ result = append(".in-addr.arpa.", 15, &p, end); - CHECK("append", result); + CHECKM("append", result); return; } } @@ -1184,7 +1183,7 @@ plus_option(char *option, struct query *query, bool global) { } result = parse_uint(&num, value, COMMSIZE, "buffer size"); - CHECK("parse_uint(buffer size)", result); + CHECKM("parse_uint(buffer size)", result); query->udpsize = num; break; case 'r': /* burst */ @@ -1294,8 +1293,8 @@ plus_option(char *option, struct query *query, bool global) { result = parse_uint(&num, value, 255, "edns"); - CHECK("parse_uint(edns)", - result); + CHECKM("parse_uint(edns)", + result); query->edns = num; break; case 'f': @@ -1311,8 +1310,8 @@ plus_option(char *option, struct query *query, bool global) { result = parse_xint( &num, value, 0xffff, "ednsflags"); - CHECK("parse_xint(ednsflags)", - result); + CHECKM("parse_xint(ednsflags)", + result); if (query->edns == -1) { query->edns = 1; } @@ -1394,7 +1393,7 @@ plus_option(char *option, struct query *query, bool global) { } result = parse_uint(&query->udpretries, value, MAXTRIES - 1, "udpretries"); - CHECK("parse_uint(udpretries)", result); + CHECKM("parse_uint(udpretries)", result); break; default: goto invalid_option; @@ -1458,7 +1457,7 @@ plus_option(char *option, struct query *query, bool global) { if (display_splitwidth) { display_splitwidth += 3; } - CHECK("parse_uint(split)", result); + CHECKM("parse_uint(split)", result); break; case 'u': /* subnet */ FULLCHECK("subnet"); @@ -1476,7 +1475,7 @@ plus_option(char *option, struct query *query, bool global) { query->edns = 0; } result = parse_netprefix(&query->ecs_addr, value); - CHECK("parse_netprefix", result); + CHECKM("parse_netprefix", result); break; default: goto invalid_option; @@ -1499,7 +1498,7 @@ plus_option(char *option, struct query *query, bool global) { } result = parse_uint(&query->timeout, value, MAXTIMEOUT, "timeout"); - CHECK("parse_uint(timeout)", result); + CHECKM("parse_uint(timeout)", result); if (query->timeout == 0) { query->timeout = 1; } @@ -1514,7 +1513,7 @@ plus_option(char *option, struct query *query, bool global) { } result = parse_uint(&query->udpretries, value, MAXTRIES, "udpretries"); - CHECK("parse_uint(udpretries)", result); + CHECKM("parse_uint(udpretries)", result); if (query->udpretries > 0) { query->udpretries -= 1; } @@ -1559,7 +1558,7 @@ plus_option(char *option, struct query *query, bool global) { } result = parse_uint(&query->udptimeout, value, MAXTIMEOUT, "udptimeout"); - CHECK("parse_uint(udptimeout)", result); + CHECKM("parse_uint(udptimeout)", result); break; case 'n': FULLCHECK("unknownformat"); @@ -1689,7 +1688,7 @@ dash_option(const char *option, char *next, struct query *query, bool global, if (hash != NULL) { result = parse_uint(&num, hash + 1, MAXPORT, "port number"); - CHECK("parse_uint(srcport)", result); + CHECKM("parse_uint(srcport)", result); srcport = num; *hash = '\0'; } else { @@ -1717,7 +1716,7 @@ dash_option(const char *option, char *next, struct query *query, bool global, tr.length = strlen(value); result = dns_rdataclass_fromtext(&rdclass, (isc_textregion_t *)&tr); - CHECK("dns_rdataclass_fromtext", result); + CHECKM("dns_rdataclass_fromtext", result); query->rdclass = rdclass; return value_from_next; case 'f': @@ -1726,7 +1725,7 @@ dash_option(const char *option, char *next, struct query *query, bool global, case 'p': GLOBAL(); result = parse_uint(&num, value, MAXPORT, "port number"); - CHECK("parse_uint(port)", result); + CHECKM("parse_uint(port)", result); port = num; return value_from_next; case 't': @@ -1734,7 +1733,7 @@ dash_option(const char *option, char *next, struct query *query, bool global, tr.length = strlen(value); result = dns_rdatatype_fromtext(&rdtype, (isc_textregion_t *)&tr); - CHECK("dns_rdatatype_fromtext", result); + CHECKM("dns_rdatatype_fromtext", result); query->rdtype = rdtype; return value_from_next; case 'x': diff --git a/bin/tools/named-makejournal.c b/bin/tools/named-makejournal.c index c18da012e2..52cea70517 100644 --- a/bin/tools/named-makejournal.c +++ b/bin/tools/named-makejournal.c @@ -45,20 +45,11 @@ static isc_result_t loadzone(dns_db_t **db, const char *origin, const char *filename) { isc_result_t result; dns_fixedname_t fixed; - dns_name_t *name = NULL; + dns_name_t *name = dns_fixedname_initname(&fixed); - name = dns_fixedname_initname(&fixed); - - result = dns_name_fromstring(name, origin, dns_rootname, 0, NULL); - if (result != ISC_R_SUCCESS) { - return result; - } - - result = dns_db_create(isc_g_mctx, ZONEDB_DEFAULT, name, - dns_dbtype_zone, dns_rdataclass_in, 0, NULL, db); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(dns_name_fromstring(name, origin, dns_rootname, 0, NULL)); + RETERR(dns_db_create(isc_g_mctx, ZONEDB_DEFAULT, name, dns_dbtype_zone, + dns_rdataclass_in, 0, NULL, db)); result = dns_db_load(*db, filename, dns_masterformat_text, 0); if (result == DNS_R_SEENINCLUDE) { @@ -177,10 +168,7 @@ main(int argc, char **argv) { goto cleanup; } - result = loadjournal(olddb, journal); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(loadjournal(olddb, journal)); result = dns_db_getsoaserial(olddb, NULL, &s2); RUNTIME_CHECK(result == ISC_R_SUCCESS); diff --git a/cocci/check-reterr.spatch b/cocci/check-reterr.spatch new file mode 100644 index 0000000000..bba9841b50 --- /dev/null +++ b/cocci/check-reterr.spatch @@ -0,0 +1,30 @@ +@@ +expression E1; +@@ + +- result = E1; +- if (result != ISC_R_SUCCESS) { +- goto cleanup; +- } ++ CHECK(E1); + +@@ +expression E1; +isc_result_t result; +@@ + +- result = E1; +- if (result != ISC_R_SUCCESS) { +- return result; +- } ++ RETERR(E1); + +@@ +expression E1; +@@ + +- result = E1; +- if (result != ISC_R_SUCCESS) { +- CHECK(result); +- } ++ CHECK(E1); diff --git a/fuzz/dns_message_parse.c b/fuzz/dns_message_parse.c index 5f6069266e..236c789514 100644 --- a/fuzz/dns_message_parse.c +++ b/fuzz/dns_message_parse.c @@ -156,25 +156,13 @@ LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) { isc_buffer_add(&buffer, size); isc_buffer_setactive(&buffer, size); - result = parse_message(&buffer, &message); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(parse_message(&buffer, &message)); - result = print_message(message); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(print_message(message)); - result = render_message(&message); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(render_message(&message)); - result = print_message(message); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(print_message(message)); cleanup: if (message != NULL) { diff --git a/fuzz/dns_qpkey_name.c b/fuzz/dns_qpkey_name.c index c66eba8ea8..ca7bb5ae2a 100644 --- a/fuzz/dns_qpkey_name.c +++ b/fuzz/dns_qpkey_name.c @@ -44,6 +44,7 @@ LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) { isc_buffer_t buf; dns_qpkey_t key, cmp; dns_namespace_t space; + isc_result_t result; namein = dns_fixedname_initname(&fixedin); nameout = dns_fixedname_initname(&fixedout); @@ -77,5 +78,6 @@ LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) { assert((namerel > 0) == (keyrel > 0)); assert(space == DNS_DBNAMESPACE_NORMAL); +cleanup: return 0; } diff --git a/fuzz/dns_rdata_fromtext.c b/fuzz/dns_rdata_fromtext.c index 8f2988e2c1..a8ee8949b1 100644 --- a/fuzz/dns_rdata_fromtext.c +++ b/fuzz/dns_rdata_fromtext.c @@ -79,10 +79,7 @@ LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) { RUNTIME_CHECK(isc_lex_openbuffer(lex, &inbuf) == ISC_R_SUCCESS); - result = isc_lex_gettoken(lex, options | ISC_LEXOPT_NUMBER, &token); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(isc_lex_gettoken(lex, options | ISC_LEXOPT_NUMBER, &token)); if (token.type == isc_tokentype_eof) { goto cleanup; } @@ -98,18 +95,12 @@ LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) { } rdclass = (dns_rdataclass_t)token.value.as_ulong; } else if (token.type == isc_tokentype_string) { - result = dns_rdataclass_fromtext(&rdclass, - &token.value.as_textregion); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(dns_rdataclass_fromtext(&rdclass, + &token.value.as_textregion)); } else { goto cleanup; } - result = isc_lex_gettoken(lex, options | ISC_LEXOPT_NUMBER, &token); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(isc_lex_gettoken(lex, options | ISC_LEXOPT_NUMBER, &token)); if (token.type == isc_tokentype_eol) { goto cleanup; } @@ -126,11 +117,8 @@ LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) { } rdtype = (dns_rdatatype_t)token.value.as_ulong; } else if (token.type == isc_tokentype_string) { - result = dns_rdatatype_fromtext(&rdtype, - &token.value.as_textregion); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(dns_rdatatype_fromtext(&rdtype, + &token.value.as_textregion)); } else { goto cleanup; } diff --git a/fuzz/dns_rdata_fromwire_text.c b/fuzz/dns_rdata_fromwire_text.c index cea16f5595..0e0f244766 100644 --- a/fuzz/dns_rdata_fromwire_text.c +++ b/fuzz/dns_rdata_fromwire_text.c @@ -210,5 +210,6 @@ LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) { assert(target.used == size); assert(!memcmp(target.base, data, size)); +cleanup: return 0; } diff --git a/fuzz/fuzz.h b/fuzz/fuzz.h index 7f8a2f1feb..95532e3855 100644 --- a/fuzz/fuzz.h +++ b/fuzz/fuzz.h @@ -32,8 +32,3 @@ LLVMFuzzerInitialize(int *argc ISC_ATTR_UNUSED, char ***argv ISC_ATTR_UNUSED); int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size); - -#define CHECK(x) \ - if ((x) != ISC_R_SUCCESS) { \ - return (0); \ - } diff --git a/fuzz/isc_lex_getmastertoken.c b/fuzz/isc_lex_getmastertoken.c index 2a65705054..1fa5803d66 100644 --- a/fuzz/isc_lex_getmastertoken.c +++ b/fuzz/isc_lex_getmastertoken.c @@ -71,5 +71,6 @@ LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) { result = isc_lex_getmastertoken(lex, &token, expect, eol); } while (result == ISC_R_SUCCESS && token.type != isc_tokentype_eof); +cleanup: return 0; } diff --git a/fuzz/isc_lex_gettoken.c b/fuzz/isc_lex_gettoken.c index 3acbe2ddba..a574368df2 100644 --- a/fuzz/isc_lex_gettoken.c +++ b/fuzz/isc_lex_gettoken.c @@ -50,5 +50,6 @@ LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) { result = isc_lex_gettoken(lex, 0, &token); } while (result == ISC_R_SUCCESS); +cleanup: return 0; } diff --git a/lib/dns/acl.c b/lib/dns/acl.c index d0a65a62d1..9c9faa3535 100644 --- a/lib/dns/acl.c +++ b/lib/dns/acl.c @@ -271,7 +271,6 @@ dns_acl_match_port_transport(const isc_netaddr_t *reqaddr, */ isc_result_t dns_acl_merge(dns_acl_t *dest, dns_acl_t *source, bool pos) { - isc_result_t result; unsigned int nelem, i; int max_node = 0, nodes; @@ -345,10 +344,7 @@ dns_acl_merge(dns_acl_t *dest, dns_acl_t *source, bool pos) { * node_count value is set correctly afterward. */ nodes = max_node + dns_acl_node_count(dest); - result = dns_iptable_merge(dest->iptable, source->iptable, pos); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(dns_iptable_merge(dest->iptable, source->iptable, pos)); if (nodes > dns_acl_node_count(dest)) { dns_acl_node_count(dest) = nodes; } diff --git a/lib/dns/adb.c b/lib/dns/adb.c index af36a8f878..467caa2662 100644 --- a/lib/dns/adb.c +++ b/lib/dns/adb.c @@ -2351,12 +2351,7 @@ print_find_list(FILE *f, dns_adbname_t *name) { static isc_result_t putstr(isc_buffer_t *b, const char *str) { - isc_result_t result; - - result = isc_buffer_reserve(b, strlen(str)); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(isc_buffer_reserve(b, strlen(str))); isc_buffer_putstr(b, str); return ISC_R_SUCCESS; diff --git a/lib/dns/cache.c b/lib/dns/cache.c index 0fbce6c372..e9c904eda0 100644 --- a/lib/dns/cache.c +++ b/lib/dns/cache.c @@ -184,11 +184,7 @@ dns_cache_create(dns_rdataclass_t rdclass, const char *cachename, /* * Create the database */ - result = cache_create_db(cache, &cache->db, &cache->tmctx, - &cache->hmctx); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(cache_create_db(cache, &cache->db, &cache->tmctx, &cache->hmctx)); *cachep = cache; return ISC_R_SUCCESS; @@ -327,15 +323,11 @@ dns_cache_getservestalerefresh(dns_cache_t *cache) { isc_result_t dns_cache_flush(dns_cache_t *cache) { - dns_db_t *db = NULL, *olddb; - isc_mem_t *tmctx = NULL, *oldtmctx; - isc_mem_t *hmctx = NULL, *oldhmctx; - isc_result_t result; + dns_db_t *db = NULL, *olddb = NULL; + isc_mem_t *tmctx = NULL, *oldtmctx = NULL; + isc_mem_t *hmctx = NULL, *oldhmctx = NULL; - result = cache_create_db(cache, &db, &tmctx, &hmctx); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(cache_create_db(cache, &db, &tmctx, &hmctx)); LOCK(&cache->lock); isc_mem_clearwater(cache->tmctx); @@ -357,16 +349,13 @@ dns_cache_flush(dns_cache_t *cache) { static isc_result_t clearnode(dns_db_t *db, dns_dbnode_t *node) { - isc_result_t result; dns_rdatasetiter_t *iter = NULL; - result = dns_db_allrdatasets(db, node, NULL, DNS_DB_STALEOK, - (isc_stdtime_t)0, &iter); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(dns_db_allrdatasets(db, node, NULL, DNS_DB_STALEOK, + (isc_stdtime_t)0, &iter)); DNS_RDATASETITER_FOREACH(iter) { + isc_result_t result; dns_rdataset_t rdataset = DNS_RDATASET_INIT; dns_rdatasetiter_current(iter, &rdataset); @@ -379,7 +368,7 @@ clearnode(dns_db_t *db, dns_dbnode_t *node) { } dns_rdatasetiter_destroy(&iter); - return result; + return ISC_R_SUCCESS; } static isc_result_t @@ -398,10 +387,7 @@ cleartree(dns_db_t *db, const dns_name_t *name) { nodename = dns_fixedname_initname(&fnodename); - result = dns_db_createiterator(db, 0, &iter); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(dns_db_createiterator(db, 0, &iter)); result = dns_dbiterator_seek(iter, name); if (result == DNS_R_PARTIALMATCH) { diff --git a/lib/dns/catz.c b/lib/dns/catz.c index fa0724db42..198e68ad6d 100644 --- a/lib/dns/catz.c +++ b/lib/dns/catz.c @@ -1200,34 +1200,22 @@ catz_process_coo(dns_catz_zone_t *catz, dns_label_t *mhash, return ISC_R_FAILURE; } - result = dns_rdataset_first(value); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(dns_rdataset_first(value)); dns_rdata_init(&rdata); dns_rdataset_current(value, &rdata); - result = dns_rdata_tostruct(&rdata, &ptr, NULL); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(dns_rdata_tostruct(&rdata, &ptr, NULL)); if (dns_name_countlabels(&ptr.ptr) == 0) { - result = ISC_R_FAILURE; - goto cleanup; + CLEANUP(ISC_R_FAILURE); } - result = isc_ht_find(catz->entries, mhash->base, mhash->length, - (void **)&entry); - if (result != ISC_R_SUCCESS) { - /* The entry was not found .*/ - goto cleanup; - } + CHECK(isc_ht_find(catz->entries, mhash->base, mhash->length, + (void **)&entry)); if (dns_name_countlabels(&entry->name) == 0) { - result = ISC_R_FAILURE; - goto cleanup; + CLEANUP(ISC_R_FAILURE); } catz_coo_add(catz, entry, &ptr.ptr); @@ -1259,18 +1247,12 @@ catz_process_zones_entry(dns_catz_zone_t *catz, dns_rdataset_t *value, return ISC_R_FAILURE; } - result = dns_rdataset_first(value); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(dns_rdataset_first(value)); dns_rdata_init(&rdata); dns_rdataset_current(value, &rdata); - result = dns_rdata_tostruct(&rdata, &ptr, NULL); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(dns_rdata_tostruct(&rdata, &ptr, NULL)); result = isc_ht_find(catz->entries, mhash->base, mhash->length, (void **)&entry); @@ -1320,44 +1302,27 @@ catz_process_version(dns_catz_zone_t *catz, dns_rdataset_t *value) { return ISC_R_FAILURE; } - result = dns_rdataset_first(value); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(dns_rdataset_first(value)); dns_rdata_init(&rdata); dns_rdataset_current(value, &rdata); - result = dns_rdata_tostruct(&rdata, &rdatatxt, NULL); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(dns_rdata_tostruct(&rdata, &rdatatxt, NULL)); - result = dns_rdata_txt_first(&rdatatxt); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(dns_rdata_txt_first(&rdatatxt)); - result = dns_rdata_txt_current(&rdatatxt, &rdatastr); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(dns_rdata_txt_current(&rdatatxt, &rdatastr)); result = dns_rdata_txt_next(&rdatatxt); if (result != ISC_R_NOMORE) { - result = ISC_R_FAILURE; - goto cleanup; + CLEANUP(ISC_R_FAILURE); } if (rdatastr.length > 15) { - result = ISC_R_BADNUMBER; - goto cleanup; + CLEANUP(ISC_R_BADNUMBER); } memmove(t, rdatastr.data, rdatastr.length); t[rdatastr.length] = 0; - result = isc_parse_uint32(&tversion, t, 10); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(isc_parse_uint32(&tversion, t, 10)); catz->version = tversion; result = ISC_R_SUCCESS; @@ -1576,10 +1541,7 @@ catz_process_apl(dns_catz_zone_t *catz, isc_buffer_t **aclbp, RUNTIME_CHECK(result == ISC_R_SUCCESS); dns_rdata_init(&rdata); dns_rdataset_current(value, &rdata); - result = dns_rdata_tostruct(&rdata, &rdata_apl, catz->catzs->mctx); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(dns_rdata_tostruct(&rdata, &rdata_apl, catz->catzs->mctx)); isc_buffer_allocate(catz->catzs->mctx, &aclb, 16); for (result = dns_rdata_apl_first(&rdata_apl); result == ISC_R_SUCCESS; result = dns_rdata_apl_next(&rdata_apl)) @@ -1819,10 +1781,7 @@ dns__catz_update_process(dns_catz_zone_t *catz, const dns_name_t *src_name, nrres = dns_name_fullcompare(src_name, &catz->name, &order, &nlabels); if (nrres == dns_namereln_equal) { if (rdataset->type == dns_rdatatype_soa) { - result = dns_rdataset_first(rdataset); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(dns_rdataset_first(rdataset)); dns_rdataset_current(rdataset, &rdata); result = dns_rdata_tostruct(&rdata, &soa, NULL); @@ -1883,16 +1842,10 @@ dns_catz_generate_masterfilename(dns_catz_zone_t *catz, dns_catz_entry_t *entry, isc_buffer_putstr(tbuf, catz->catzs->view->name); isc_buffer_putstr(tbuf, "_"); - result = dns_name_totext(&catz->name, DNS_NAME_OMITFINALDOT, tbuf); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(dns_name_totext(&catz->name, DNS_NAME_OMITFINALDOT, tbuf)); isc_buffer_putstr(tbuf, "_"); - result = dns_name_totext(&entry->name, DNS_NAME_OMITFINALDOT, tbuf); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(dns_name_totext(&entry->name, DNS_NAME_OMITFINALDOT, tbuf)); /* * Search for slash and other special characters in the view and @@ -1913,10 +1866,7 @@ dns_catz_generate_masterfilename(dns_catz_zone_t *catz, dns_catz_entry_t *entry, rlen += strlen(entry->opts.zonedir) + 1; } - result = isc_buffer_reserve(*buffer, (unsigned int)rlen); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(isc_buffer_reserve(*buffer, (unsigned int)rlen)); if (entry->opts.zonedir != NULL) { isc_buffer_putstr(*buffer, entry->opts.zonedir); @@ -1930,16 +1880,10 @@ dns_catz_generate_masterfilename(dns_catz_zone_t *catz, dns_catz_entry_t *entry, unsigned int digestlen; /* we can do that because digest string < 2 * DNS_NAME */ - result = isc_md(ISC_MD_SHA256, r.base, r.length, digest, - &digestlen); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } - result = digest2hex(digest, digestlen, (char *)r.base, - ISC_SHA256_DIGESTLENGTH * 2 + 1); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(isc_md(ISC_MD_SHA256, r.base, r.length, digest, + &digestlen)); + CHECK(digest2hex(digest, digestlen, (char *)r.base, + ISC_SHA256_DIGESTLENGTH * 2 + 1)); isc_buffer_putstr(*buffer, (char *)r.base); } else { isc_buffer_copyregion(*buffer, &r); @@ -2002,8 +1946,7 @@ dns_catz_generate_zonecfg(dns_catz_zone_t *catz, dns_catz_entry_t *entry, "catz: zone '%s' uses an invalid primary " "(no IP address assigned)", zname); - result = ISC_R_FAILURE; - goto cleanup; + CLEANUP(ISC_R_FAILURE); } isc_netaddr_fromsockaddr(&netaddr, &entry->opts.masters.addrs[i]); @@ -2018,30 +1961,21 @@ dns_catz_generate_zonecfg(dns_catz_zone_t *catz, dns_catz_entry_t *entry, if (entry->opts.masters.keys[i] != NULL) { isc_buffer_putstr(buffer, " key "); - result = dns_name_totext(entry->opts.masters.keys[i], - DNS_NAME_OMITFINALDOT, buffer); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(dns_name_totext(entry->opts.masters.keys[i], + DNS_NAME_OMITFINALDOT, buffer)); } if (entry->opts.masters.tlss[i] != NULL) { isc_buffer_putstr(buffer, " tls "); - result = dns_name_totext(entry->opts.masters.tlss[i], - DNS_NAME_OMITFINALDOT, buffer); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(dns_name_totext(entry->opts.masters.tlss[i], + DNS_NAME_OMITFINALDOT, buffer)); } isc_buffer_putstr(buffer, "; "); } isc_buffer_putstr(buffer, "}; "); if (!entry->opts.in_memory) { isc_buffer_putstr(buffer, "file \""); - result = dns_catz_generate_masterfilename(catz, entry, &buffer); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(dns_catz_generate_masterfilename(catz, entry, &buffer)); isc_buffer_putstr(buffer, "\"; "); } if (entry->opts.allow_query != NULL) { @@ -2140,13 +2074,9 @@ dns_catz_dbupdate_callback(dns_db_t *db, void *fn_arg) { LOCK(&catzs->lock); if (catzs->zones == NULL) { - result = ISC_R_SHUTTINGDOWN; - goto cleanup; - } - result = isc_ht_find(catzs->zones, r.base, r.length, (void **)&catz); - if (result != ISC_R_SUCCESS) { - goto cleanup; + CLEANUP(ISC_R_SHUTTINGDOWN); } + CHECK(isc_ht_find(catzs->zones, r.base, r.length, (void **)&catz)); /* New zone came as AXFR */ if (catz->db != NULL && catz->db != db) { diff --git a/lib/dns/client.c b/lib/dns/client.c index c4f32e7595..abfa407857 100644 --- a/lib/dns/client.c +++ b/lib/dns/client.c @@ -59,13 +59,6 @@ #define UCTX_MAGIC ISC_MAGIC('U', 'c', 't', 'x') #define UCTX_VALID(c) ISC_MAGIC_VALID(c, UCTX_MAGIC) -#define CHECK(r) \ - do { \ - result = (r); \ - if (result != ISC_R_SUCCESS) \ - goto cleanup; \ - } while (0) - /*% * DNS client object */ @@ -149,17 +142,11 @@ setsourceports(isc_mem_t *mctx, dns_dispatchmgr_t *manager) { isc_result_t result; isc_portset_create(mctx, &v4portset); - result = isc_net_getudpportrange(AF_INET, &udpport_low, &udpport_high); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(isc_net_getudpportrange(AF_INET, &udpport_low, &udpport_high)); isc_portset_addrange(v4portset, udpport_low, udpport_high); isc_portset_create(mctx, &v6portset); - result = isc_net_getudpportrange(AF_INET6, &udpport_low, &udpport_high); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(isc_net_getudpportrange(AF_INET6, &udpport_low, &udpport_high)); isc_portset_addrange(v6portset, udpport_low, udpport_high); result = dns_dispatchmgr_setavailports(manager, v4portset, v6portset); @@ -907,17 +894,11 @@ startresolve(dns_client_t *client, const dns_name_t *name, .link = ISC_LINK_INITIALIZER, }; - result = getrdataset(mctx, &rdataset); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(getrdataset(mctx, &rdataset)); rctx->rdataset = rdataset; if (want_dnssec) { - result = getrdataset(mctx, &sigrdataset); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(getrdataset(mctx, &sigrdataset)); } rctx->sigrdataset = sigrdataset; diff --git a/lib/dns/db.c b/lib/dns/db.c index 2ab84644c9..80f505d02b 100644 --- a/lib/dns/db.c +++ b/lib/dns/db.c @@ -317,10 +317,7 @@ dns_db_load(dns_db_t *db, const char *filename, dns_masterformat_t format, } dns_rdatacallbacks_init(&callbacks); - result = dns_db_beginload(db, &callbacks); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(dns_db_beginload(db, &callbacks)); result = dns_master_loadfile(filename, &db->origin, &db->origin, db->rdclass, options, 0, &callbacks, NULL, NULL, db->mctx, format, 0); @@ -697,10 +694,7 @@ dns_db_getsoaserial(dns_db_t *db, dns_dbversion_t *ver, uint32_t *serialp) { REQUIRE(dns_db_iszone(db) || dns_db_isstub(db)); - result = dns_db_findnode(db, dns_db_origin(db), false, &node); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(dns_db_findnode(db, dns_db_origin(db), false, &node)); dns_rdataset_init(&rdataset); result = dns_db_findrdataset(db, node, ver, dns_rdatatype_soa, 0, diff --git a/lib/dns/diff.c b/lib/dns/diff.c index 82452968ad..d873c4365b 100644 --- a/lib/dns/diff.c +++ b/lib/dns/diff.c @@ -36,13 +36,6 @@ #include #include -#define CHECK(op) \ - do { \ - result = (op); \ - if (result != ISC_R_SUCCESS) \ - goto failure; \ - } while (0) - static dns_rdatatype_t rdata_covers(dns_rdata_t *rdata) { return rdata->type == dns_rdatatype_rrsig ? dns_rdata_covers(rdata) : 0; @@ -494,7 +487,7 @@ diff_apply(const dns_diff_t *diff, dns_db_t *db, dns_dbversion_t *ver, } return ISC_R_SUCCESS; -failure: +cleanup: if (node != NULL) { dns_db_detachnode(&node); } @@ -584,7 +577,7 @@ dns_diff_load(const dns_diff_t *diff, dns_rdatacallbacks_t *callbacks) { } result = ISC_R_SUCCESS; -failure: +cleanup: if (callbacks->commit != NULL) { callbacks->commit(callbacks->add_private); } diff --git a/lib/dns/dispatch.c b/lib/dns/dispatch.c index 3927ef1162..67a27894d5 100644 --- a/lib/dns/dispatch.c +++ b/lib/dns/dispatch.c @@ -1328,10 +1328,7 @@ dispatch_createudp(dns_dispatchmgr_t *mgr, const isc_sockaddr_t *localaddr, */ isc_sockaddr_anyofpf(&sa_any, isc_sockaddr_pf(localaddr)); if (!isc_sockaddr_eqaddr(&sa_any, localaddr)) { - result = isc_nm_checkaddr(localaddr, isc_socktype_udp); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(isc_nm_checkaddr(localaddr, isc_socktype_udp)); } dispatch_allocate(mgr, isc_socktype_udp, tid, &disp); @@ -1978,15 +1975,9 @@ tcp_dispatch_connect(dns_dispatch_t *disp, dns_dispentry_t *resp) { } if (transport_type == DNS_TRANSPORT_TLS) { - isc_result_t result; - - result = dns_transport_get_tlsctx( - resp->transport, &resp->peer, resp->tlsctx_cache, - resp->mctx, &tlsctx, &sess_cache); - - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(dns_transport_get_tlsctx(resp->transport, &resp->peer, + resp->tlsctx_cache, resp->mctx, + &tlsctx, &sess_cache)); INSIST(tlsctx != NULL); } diff --git a/lib/dns/dlz.c b/lib/dns/dlz.c index 452a6ee90f..e9481c50d1 100644 --- a/lib/dns/dlz.c +++ b/lib/dns/dlz.c @@ -203,20 +203,17 @@ dns_dlzcreate(isc_mem_t *mctx, const char *dlzname, const char *drivername, /* Create a new database using implementation 'drivername'. */ result = ((impinfo->methods->create)(mctx, dlzname, argc, argv, impinfo->driverarg, &db->dbdata)); - RWUNLOCK(&dlz_implock, isc_rwlocktype_read); - /* mark the DLZ driver as valid */ - if (result != ISC_R_SUCCESS) { - goto failure; - } + CHECK(result); + /* Mark the DLZ driver as valid */ db->magic = DNS_DLZ_MAGIC; isc_mem_attach(mctx, &db->mctx); isc_log_write(DNS_LOGCATEGORY_DATABASE, DNS_LOGMODULE_DLZ, ISC_LOG_DEBUG(2), "DLZ driver loaded successfully."); *dbp = db; return ISC_R_SUCCESS; -failure: +cleanup: isc_log_write(DNS_LOGCATEGORY_DATABASE, DNS_LOGMODULE_DLZ, ISC_LOG_ERROR, "DLZ driver failed to load."); @@ -402,11 +399,8 @@ dns_dlz_writeablezone(dns_view_t *view, dns_dlzdb_t *dlzdb, isc_buffer_constinit(&buffer, zone_name, strlen(zone_name)); isc_buffer_add(&buffer, strlen(zone_name)); dns_fixedname_init(&fixorigin); - result = dns_name_fromtext(dns_fixedname_name(&fixorigin), &buffer, - dns_rootname, 0); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(dns_name_fromtext(dns_fixedname_name(&fixorigin), &buffer, + dns_rootname, 0)); origin = dns_fixedname_name(&fixorigin); if (!dlzdb->search) { @@ -423,8 +417,7 @@ dns_dlz_writeablezone(dns_view_t *view, dns_dlzdb_t *dlzdb, result = dns_view_findzone(view, origin, DNS_ZTFIND_EXACT, &dupzone); if (result == ISC_R_SUCCESS) { dns_zone_detach(&dupzone); - result = ISC_R_EXISTS; - goto cleanup; + CLEANUP(ISC_R_EXISTS); } INSIST(dupzone == NULL); @@ -440,10 +433,7 @@ dns_dlz_writeablezone(dns_view_t *view, dns_dlzdb_t *dlzdb, } dns_zone_setssutable(zone, dlzdb->ssutable); - result = dlzdb->configure_callback(view, dlzdb, zone); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(dlzdb->configure_callback(view, dlzdb, zone)); result = dns_view_addzone(view, zone); diff --git a/lib/dns/dns64.c b/lib/dns/dns64.c index f13c06ec12..92c4399998 100644 --- a/lib/dns/dns64.c +++ b/lib/dns/dns64.c @@ -131,7 +131,6 @@ dns_dns64_aaaafroma(const dns_dns64_t *dns64, const isc_netaddr_t *reqaddr, const dns_name_t *reqsigner, dns_aclenv_t *env, unsigned int flags, unsigned char *a, unsigned char *aaaa) { unsigned int nbytes, i; - isc_result_t result; int match; if ((dns64->flags & DNS_DNS64_RECURSIVE_ONLY) != 0 && @@ -147,11 +146,8 @@ dns_dns64_aaaafroma(const dns_dns64_t *dns64, const isc_netaddr_t *reqaddr, } if (dns64->clients != NULL && reqaddr != NULL) { - result = dns_acl_match(reqaddr, reqsigner, dns64->clients, env, - &match, NULL); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(dns_acl_match(reqaddr, reqsigner, dns64->clients, env, + &match, NULL)); if (match <= 0) { return DNS_R_DISALLOWED; } @@ -163,11 +159,8 @@ dns_dns64_aaaafroma(const dns_dns64_t *dns64, const isc_netaddr_t *reqaddr, memmove(&ina.s_addr, a, 4); isc_netaddr_fromin(&netaddr, &ina); - result = dns_acl_match(&netaddr, NULL, dns64->mapped, env, - &match, NULL); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(dns_acl_match(&netaddr, NULL, dns64->mapped, env, &match, + NULL)); if (match <= 0) { return DNS_R_DISALLOWED; } diff --git a/lib/dns/dnssec.c b/lib/dns/dnssec.c index 1432a10f92..0d5ef95c53 100644 --- a/lib/dns/dnssec.c +++ b/lib/dns/dnssec.c @@ -43,13 +43,6 @@ isc_stats_t *dns_dnssec_stats; #define is_response(msg) ((msg->flags & DNS_MESSAGEFLAG_QR) != 0) -#define RETERR(x) \ - do { \ - result = (x); \ - if (result != ISC_R_SUCCESS) \ - goto failure; \ - } while (0) - #define TYPE_SIGN 0 #define TYPE_VERIFY 1 @@ -92,7 +85,7 @@ rdata_compare_wrapper(const void *rdata1, const void *rdata2) { static isc_result_t rdataset_to_sortedarray(dns_rdataset_t *set, isc_mem_t *mctx, dns_rdata_t **rdata, int *nrdata) { - isc_result_t ret; + isc_result_t result; int i = 0, n; dns_rdata_t *data; dns_rdataset_t rdataset; @@ -103,11 +96,11 @@ rdataset_to_sortedarray(dns_rdataset_t *set, isc_mem_t *mctx, dns_rdataset_init(&rdataset); dns_rdataset_clone(set, &rdataset); - ret = dns_rdataset_first(&rdataset); - if (ret != ISC_R_SUCCESS) { + result = dns_rdataset_first(&rdataset); + if (result != ISC_R_SUCCESS) { dns_rdataset_disassociate(&rdataset); isc_mem_cput(mctx, data, n, sizeof(dns_rdata_t)); - return ret; + return result; } /* @@ -152,17 +145,13 @@ static isc_result_t digest_sig(dst_context_t *ctx, bool downcase, dns_rdata_t *sigrdata, dns_rdata_rrsig_t *rrsig) { isc_region_t r; - isc_result_t ret; dns_fixedname_t fname; dns_rdata_toregion(sigrdata, &r); INSIST(r.length >= 19); r.length = 18; - ret = dst_context_adddata(ctx, &r); - if (ret != ISC_R_SUCCESS) { - return ret; - } + RETERR(dst_context_adddata(ctx, &r)); if (downcase) { dns_fixedname_init(&fname); @@ -188,7 +177,7 @@ dns_dnssec_sign(const dns_name_t *name, dns_rdataset_t *set, dst_key_t *key, isc_buffer_t sigbuf, envbuf; isc_region_t r; dst_context_t *ctx = NULL; - isc_result_t ret; + isc_result_t result; isc_buffer_t *databuf = NULL; char data[256 + 8]; unsigned int sigsize; @@ -232,10 +221,7 @@ dns_dnssec_sign(const dns_name_t *name, dns_rdataset_t *set, dst_key_t *key, sig.timesigned = *inception; sig.timeexpire = *expire; sig.keyid = dst_key_id(key); - ret = dst_key_sigsize(key, &sigsize); - if (ret != ISC_R_SUCCESS) { - return ret; - } + RETERR(dst_key_sigsize(key, &sigsize)); sig.siglen = sigsize; /* * The actual contents of sig.signature are not important yet, since @@ -246,22 +232,23 @@ dns_dnssec_sign(const dns_name_t *name, dns_rdataset_t *set, dst_key_t *key, isc_buffer_allocate(mctx, &databuf, sigsize + 256 + 18); dns_rdata_init(&tmpsigrdata); - ret = dns_rdata_fromstruct(&tmpsigrdata, sig.common.rdclass, - sig.common.rdtype, &sig, databuf); - if (ret != ISC_R_SUCCESS) { + result = dns_rdata_fromstruct(&tmpsigrdata, sig.common.rdclass, + sig.common.rdtype, &sig, databuf); + if (result != ISC_R_SUCCESS) { goto cleanup_databuf; } - ret = dst_context_create(key, mctx, DNS_LOGCATEGORY_DNSSEC, true, &ctx); - if (ret != ISC_R_SUCCESS) { + result = dst_context_create(key, mctx, DNS_LOGCATEGORY_DNSSEC, true, + &ctx); + if (result != ISC_R_SUCCESS) { goto cleanup_databuf; } /* * Digest the SIG rdata. */ - ret = digest_sig(ctx, false, &tmpsigrdata, &sig); - if (ret != ISC_R_SUCCESS) { + result = digest_sig(ctx, false, &tmpsigrdata, &sig); + if (result != ISC_R_SUCCESS) { goto cleanup_context; } @@ -280,8 +267,8 @@ dns_dnssec_sign(const dns_name_t *name, dns_rdataset_t *set, dst_key_t *key, isc_buffer_putuint16(&envbuf, set->rdclass); isc_buffer_putuint32(&envbuf, set->ttl); - ret = rdataset_to_sortedarray(set, mctx, &rdatas, &nrdatas); - if (ret != ISC_R_SUCCESS) { + result = rdataset_to_sortedarray(set, mctx, &rdatas, &nrdatas); + if (result != ISC_R_SUCCESS) { goto cleanup_context; } isc_buffer_usedregion(&envbuf, &r); @@ -302,8 +289,8 @@ dns_dnssec_sign(const dns_name_t *name, dns_rdataset_t *set, dst_key_t *key, /* * Digest the envelope. */ - ret = dst_context_adddata(ctx, &r); - if (ret != ISC_R_SUCCESS) { + result = dst_context_adddata(ctx, &r); + if (result != ISC_R_SUCCESS) { goto cleanup_array; } @@ -313,33 +300,33 @@ dns_dnssec_sign(const dns_name_t *name, dns_rdataset_t *set, dst_key_t *key, isc_buffer_init(&lenbuf, &len, sizeof(len)); isc_buffer_putuint16(&lenbuf, (uint16_t)rdatas[i].length); isc_buffer_usedregion(&lenbuf, &lenr); - ret = dst_context_adddata(ctx, &lenr); - if (ret != ISC_R_SUCCESS) { + result = dst_context_adddata(ctx, &lenr); + if (result != ISC_R_SUCCESS) { goto cleanup_array; } /* * Digest the rdata. */ - ret = dns_rdata_digest(&rdatas[i], digest_callback, ctx); - if (ret != ISC_R_SUCCESS) { + result = dns_rdata_digest(&rdatas[i], digest_callback, ctx); + if (result != ISC_R_SUCCESS) { goto cleanup_array; } } isc_buffer_init(&sigbuf, sig.signature, sig.siglen); - ret = dst_context_sign(ctx, &sigbuf); - if (ret != ISC_R_SUCCESS) { + result = dst_context_sign(ctx, &sigbuf); + if (result != ISC_R_SUCCESS) { goto cleanup_array; } isc_buffer_usedregion(&sigbuf, &r); if (r.length != sig.siglen) { - ret = ISC_R_NOSPACE; + result = ISC_R_NOSPACE; goto cleanup_array; } - ret = dns_rdata_fromstruct(sigrdata, sig.common.rdclass, - sig.common.rdtype, &sig, buffer); + result = dns_rdata_fromstruct(sigrdata, sig.common.rdclass, + sig.common.rdtype, &sig, buffer); cleanup_array: isc_mem_cput(mctx, rdatas, nrdatas, sizeof(dns_rdata_t)); @@ -349,7 +336,7 @@ cleanup_databuf: isc_buffer_free(&databuf); isc_mem_put(mctx, sig.signature, sig.siglen); - return ret; + return result; } isc_result_t @@ -363,7 +350,7 @@ dns_dnssec_verify(const dns_name_t *name, dns_rdataset_t *set, dst_key_t *key, dns_rdata_t *rdatas; int nrdatas, i; isc_stdtime_t now; - isc_result_t ret; + isc_result_t result; unsigned char data[300]; dst_context_t *ctx = NULL; int labels = 0; @@ -375,10 +362,7 @@ dns_dnssec_verify(const dns_name_t *name, dns_rdataset_t *set, dst_key_t *key, REQUIRE(mctx != NULL); REQUIRE(sigrdata != NULL && sigrdata->type == dns_rdatatype_rrsig); - ret = dns_rdata_tostruct(sigrdata, &sig, NULL); - if (ret != ISC_R_SUCCESS) { - return ret; - } + RETERR(dns_rdata_tostruct(sigrdata, &sig, NULL)); if (set->type != sig.covered) { return DNS_R_SIGINVALID; @@ -432,17 +416,17 @@ dns_dnssec_verify(const dns_name_t *name, dns_rdataset_t *set, dst_key_t *key, } again: - ret = dst_context_create(key, mctx, DNS_LOGCATEGORY_DNSSEC, false, - &ctx); - if (ret != ISC_R_SUCCESS) { + result = dst_context_create(key, mctx, DNS_LOGCATEGORY_DNSSEC, false, + &ctx); + if (result != ISC_R_SUCCESS) { goto cleanup_struct; } /* * Digest the SIG rdata (not including the signature). */ - ret = digest_sig(ctx, downcase, sigrdata, &sig); - if (ret != ISC_R_SUCCESS) { + result = digest_sig(ctx, downcase, sigrdata, &sig); + if (result != ISC_R_SUCCESS) { goto cleanup_context; } @@ -476,8 +460,8 @@ again: isc_buffer_putuint16(&envbuf, set->rdclass); isc_buffer_putuint32(&envbuf, sig.originalttl); - ret = rdataset_to_sortedarray(set, mctx, &rdatas, &nrdatas); - if (ret != ISC_R_SUCCESS) { + result = rdataset_to_sortedarray(set, mctx, &rdatas, &nrdatas); + if (result != ISC_R_SUCCESS) { goto cleanup_context; } @@ -499,8 +483,8 @@ again: /* * Digest the envelope. */ - ret = dst_context_adddata(ctx, &r); - if (ret != ISC_R_SUCCESS) { + result = dst_context_adddata(ctx, &r); + if (result != ISC_R_SUCCESS) { goto cleanup_array; } @@ -514,20 +498,20 @@ again: /* * Digest the rdata. */ - ret = dst_context_adddata(ctx, &lenr); - if (ret != ISC_R_SUCCESS) { + result = dst_context_adddata(ctx, &lenr); + if (result != ISC_R_SUCCESS) { goto cleanup_array; } - ret = dns_rdata_digest(&rdatas[i], digest_callback, ctx); - if (ret != ISC_R_SUCCESS) { + result = dns_rdata_digest(&rdatas[i], digest_callback, ctx); + if (result != ISC_R_SUCCESS) { goto cleanup_array; } } r.base = sig.signature; r.length = sig.siglen; - ret = dst_context_verify(ctx, &r); - if (ret == ISC_R_SUCCESS && downcase) { + result = dst_context_verify(ctx, &r); + if (result == ISC_R_SUCCESS && downcase) { char namebuf[DNS_NAME_FORMATSIZE]; dns_name_format(&sig.signer, namebuf, sizeof(namebuf)); isc_log_write(DNS_LOGCATEGORY_DNSSEC, DNS_LOGMODULE_DNSSEC, @@ -536,7 +520,7 @@ again: "signer '%s'", namebuf); inc_stat(dns_dnssecstats_downcase); - } else if (ret == ISC_R_SUCCESS) { + } else if (result == ISC_R_SUCCESS) { inc_stat(dns_dnssecstats_asis); } @@ -544,22 +528,22 @@ cleanup_array: isc_mem_cput(mctx, rdatas, nrdatas, sizeof(dns_rdata_t)); cleanup_context: dst_context_destroy(&ctx); - if (ret == DST_R_VERIFYFAILURE && !downcase) { + if (result == DST_R_VERIFYFAILURE && !downcase) { downcase = true; goto again; } cleanup_struct: dns_rdata_freestruct(&sig); - if (ret == DST_R_VERIFYFAILURE) { - ret = DNS_R_SIGINVALID; + if (result == DST_R_VERIFYFAILURE) { + result = DNS_R_SIGINVALID; } - if (ret != ISC_R_SUCCESS) { + if (result != ISC_R_SUCCESS) { inc_stat(dns_dnssecstats_fail); } - if (ret == ISC_R_SUCCESS && labels - sig.labels > 0) { + if (result == ISC_R_SUCCESS && labels - sig.labels > 0) { if (wild != NULL) { RUNTIME_CHECK(dns_name_concatenate( dns_wildcardname, @@ -567,9 +551,9 @@ cleanup_struct: wild) == ISC_R_SUCCESS); } inc_stat(dns_dnssecstats_wildcard); - ret = DNS_R_FROMWILDCARD; + result = DNS_R_FROMWILDCARD; } - return ret; + return result; } bool @@ -579,19 +563,18 @@ dns_dnssec_keyactive(dst_key_t *key, isc_stdtime_t now) { bool hint_publish, hint_zsign, hint_ksign, hint_revoke, hint_remove; int major, minor; bool ksk = false, zsk = false; - isc_result_t ret; /* Is this an old-style key? */ result = dst_key_getprivateformat(key, &major, &minor); RUNTIME_CHECK(result == ISC_R_SUCCESS); /* Is this a KSK? */ - ret = dst_key_getbool(key, DST_BOOL_KSK, &ksk); - if (ret != ISC_R_SUCCESS) { + result = dst_key_getbool(key, DST_BOOL_KSK, &ksk); + if (result != ISC_R_SUCCESS) { ksk = ((dst_key_flags(key) & DNS_KEYFLAG_KSK) != 0); } - ret = dst_key_getbool(key, DST_BOOL_ZSK, &zsk); - if (ret != ISC_R_SUCCESS) { + result = dst_key_getbool(key, DST_BOOL_ZSK, &zsk); + if (result != ISC_R_SUCCESS) { zsk = ((dst_key_flags(key) & DNS_KEYFLAG_KSK) == 0); } @@ -782,25 +765,25 @@ dns_dnssec_signmessage(dns_message_t *msg, dst_key_t *key) { isc_buffer_init(&databuf, data, sizeof(data)); - RETERR(dst_context_create(key, mctx, DNS_LOGCATEGORY_DNSSEC, true, - &ctx)); + CHECK(dst_context_create(key, mctx, DNS_LOGCATEGORY_DNSSEC, true, + &ctx)); /* * Digest the fields of the SIG - we can cheat and use * dns_rdata_fromstruct. Since siglen is 0, the digested data * is identical to dns format. */ - RETERR(dns_rdata_fromstruct(NULL, dns_rdataclass_any, - dns_rdatatype_sig /* SIG(0) */, &sig, - &databuf)); + CHECK(dns_rdata_fromstruct(NULL, dns_rdataclass_any, + dns_rdatatype_sig /* SIG(0) */, &sig, + &databuf)); isc_buffer_usedregion(&databuf, &r); - RETERR(dst_context_adddata(ctx, &r)); + CHECK(dst_context_adddata(ctx, &r)); /* * If this is a response, digest the query. */ if (is_response(msg)) { - RETERR(dst_context_adddata(ctx, &msg->query)); + CHECK(dst_context_adddata(ctx, &msg->query)); } /* @@ -809,29 +792,29 @@ dns_dnssec_signmessage(dns_message_t *msg, dst_key_t *key) { isc_buffer_init(&headerbuf, header, sizeof(header)); dns_message_renderheader(msg, &headerbuf); isc_buffer_usedregion(&headerbuf, &r); - RETERR(dst_context_adddata(ctx, &r)); + CHECK(dst_context_adddata(ctx, &r)); /* * Digest the remainder of the message. */ isc_buffer_usedregion(msg->buffer, &r); isc_region_consume(&r, DNS_MESSAGE_HEADERLEN); - RETERR(dst_context_adddata(ctx, &r)); + CHECK(dst_context_adddata(ctx, &r)); - RETERR(dst_key_sigsize(key, &sigsize)); + CHECK(dst_key_sigsize(key, &sigsize)); sig.siglen = sigsize; sig.signature = isc_mem_get(mctx, sig.siglen); isc_buffer_init(&sigbuf, sig.signature, sig.siglen); - RETERR(dst_context_sign(ctx, &sigbuf)); + CHECK(dst_context_sign(ctx, &sigbuf)); dst_context_destroy(&ctx); rdata = NULL; dns_message_gettemprdata(msg, &rdata); isc_buffer_allocate(msg->mctx, &dynbuf, 1024); - RETERR(dns_rdata_fromstruct(rdata, dns_rdataclass_any, - dns_rdatatype_sig /* SIG(0) */, &sig, - dynbuf)); + CHECK(dns_rdata_fromstruct(rdata, dns_rdataclass_any, + dns_rdatatype_sig /* SIG(0) */, &sig, + dynbuf)); isc_mem_put(mctx, sig.signature, sig.siglen); @@ -849,7 +832,7 @@ dns_dnssec_signmessage(dns_message_t *msg, dst_key_t *key) { return ISC_R_SUCCESS; -failure: +cleanup: if (dynbuf != NULL) { isc_buffer_free(&dynbuf); } @@ -895,21 +878,19 @@ dns_dnssec_verifymessage(isc_buffer_t *source, dns_message_t *msg, isc_buffer_usedregion(source, &source_r); - RETERR(dns_rdataset_first(msg->sig0)); + CHECK(dns_rdataset_first(msg->sig0)); dns_rdataset_current(msg->sig0, &rdata); - RETERR(dns_rdata_tostruct(&rdata, &sig, NULL)); + CHECK(dns_rdata_tostruct(&rdata, &sig, NULL)); signeedsfree = true; if (sig.labels != 0) { - result = DNS_R_SIGINVALID; - goto failure; + CLEANUP(DNS_R_SIGINVALID); } if (isc_serial_lt(sig.timeexpire, sig.timesigned)) { - result = DNS_R_SIGINVALID; msg->sig0status = dns_tsigerror_badtime; - goto failure; + CLEANUP(DNS_R_SIGINVALID); } if (msg->fuzzing) { @@ -919,36 +900,33 @@ dns_dnssec_verifymessage(isc_buffer_t *source, dns_message_t *msg, } if (isc_serial_lt((uint32_t)now, sig.timesigned)) { - result = DNS_R_SIGFUTURE; msg->sig0status = dns_tsigerror_badtime; - goto failure; + CLEANUP(DNS_R_SIGFUTURE); } else if (isc_serial_lt(sig.timeexpire, (uint32_t)now)) { - result = DNS_R_SIGEXPIRED; msg->sig0status = dns_tsigerror_badtime; - goto failure; + CLEANUP(DNS_R_SIGEXPIRED); } if (!dns_name_equal(dst_key_name(key), &sig.signer)) { - result = DNS_R_SIGINVALID; msg->sig0status = dns_tsigerror_badkey; - goto failure; + CLEANUP(DNS_R_SIGINVALID); } - RETERR(dst_context_create(key, mctx, DNS_LOGCATEGORY_DNSSEC, false, - &ctx)); + CHECK(dst_context_create(key, mctx, DNS_LOGCATEGORY_DNSSEC, false, + &ctx)); /* * Digest the SIG(0) record, except for the signature. */ dns_rdata_toregion(&rdata, &r); r.length -= sig.siglen; - RETERR(dst_context_adddata(ctx, &r)); + CHECK(dst_context_adddata(ctx, &r)); /* * If this is a response, digest the query. */ if (is_response(msg)) { - RETERR(dst_context_adddata(ctx, &msg->query)); + CHECK(dst_context_adddata(ctx, &msg->query)); } /* @@ -969,21 +947,21 @@ dns_dnssec_verifymessage(isc_buffer_t *source, dns_message_t *msg, */ header_r.base = (unsigned char *)header; header_r.length = DNS_MESSAGE_HEADERLEN; - RETERR(dst_context_adddata(ctx, &header_r)); + CHECK(dst_context_adddata(ctx, &header_r)); /* * Digest all non-SIG(0) records. */ r.base = source_r.base + DNS_MESSAGE_HEADERLEN; r.length = msg->sigstart - DNS_MESSAGE_HEADERLEN; - RETERR(dst_context_adddata(ctx, &r)); + CHECK(dst_context_adddata(ctx, &r)); sig_r.base = sig.signature; sig_r.length = sig.siglen; result = dst_context_verify(ctx, &sig_r); if (result != ISC_R_SUCCESS) { msg->sig0status = dns_tsigerror_badsig; - goto failure; + goto cleanup; } msg->verified_sig = 1; @@ -994,7 +972,7 @@ dns_dnssec_verifymessage(isc_buffer_t *source, dns_message_t *msg, return ISC_R_SUCCESS; -failure: +cleanup: if (signeedsfree) { dns_rdata_freestruct(&sig); } @@ -1236,7 +1214,7 @@ findmatchingkeys(const char *directory, bool rrtypekey, char *namebuf, directory = "."; } - RETERR(isc_dir_open(&dir, directory)); + CHECK(isc_dir_open(&dir, directory)); dir_open = true; while (isc_dir_read(&dir) == ISC_R_SUCCESS) { @@ -1315,7 +1293,7 @@ findmatchingkeys(const char *directory, bool rrtypekey, char *namebuf, } result = match ? ISC_R_SUCCESS : ISC_R_NOTFOUND; -failure: +cleanup: if (dir_open) { isc_dir_close(&dir); } @@ -1344,15 +1322,15 @@ dns_dnssec_findmatchingkeys(const dns_name_t *origin, dns_kasp_t *kasp, ISC_LIST_INIT(list); isc_buffer_init(&b, namebuf, sizeof(namebuf) - 1); - RETERR(dns_name_tofilenametext(origin, false, &b)); + CHECK(dns_name_tofilenametext(origin, false, &b)); len = isc_buffer_usedlength(&b); namebuf[len] = '\0'; if (kasp == NULL || (strcmp(dns_kasp_getname(kasp), "none") == 0) || (strcmp(dns_kasp_getname(kasp), "insecure") == 0)) { - RETERR(findmatchingkeys(keydir, rrtypekey, namebuf, len, mctx, - now, &list)); + CHECK(findmatchingkeys(keydir, rrtypekey, namebuf, len, mctx, + now, &list)); } else if (keystores != NULL) { ISC_LIST_FOREACH(*keystores, keystore, link) { ISC_LIST_FOREACH(dns_kasp_keys(kasp), kkey, link) { @@ -1360,7 +1338,7 @@ dns_dnssec_findmatchingkeys(const dns_name_t *origin, dns_kasp_t *kasp, const char *directory = dns_keystore_directory(keystore, keydir); - RETERR(findmatchingkeys( + CHECK(findmatchingkeys( directory, rrtypekey, namebuf, len, mctx, now, &list)); break; @@ -1376,7 +1354,7 @@ dns_dnssec_findmatchingkeys(const dns_name_t *origin, dns_kasp_t *kasp, result = ISC_R_NOTFOUND; } -failure: +cleanup: ISC_LIST_FOREACH(list, key, link) { ISC_LIST_UNLINK(list, key, link); INSIST(key->key != NULL); @@ -1556,7 +1534,7 @@ dns_dnssec_keylistfromrdataset(const dns_name_t *origin, dns_kasp_t *kasp, goto skip; } - RETERR(dns_dnssec_keyfromrdata(origin, &rdata, mctx, &dnskey)); + CHECK(dns_dnssec_keyfromrdata(origin, &rdata, mctx, &dnskey)); dst_key_setttl(dnskey, keys.ttl); if (!is_zone_key(dnskey)) { @@ -1580,7 +1558,7 @@ dns_dnssec_keylistfromrdataset(const dns_name_t *origin, dns_kasp_t *kasp, if (result == ISC_R_FILENOTFOUND || result == ISC_R_NOPERM) { result = ISC_R_SUCCESS; } - RETERR(result); + CHECK(result); if (kasp != NULL && dns_kasp_offlineksk(kasp) && (dst_key_flags(dnskey) & DNS_KEYFLAG_KSK) != 0) @@ -1663,7 +1641,7 @@ dns_dnssec_keylistfromrdataset(const dns_name_t *origin, dns_kasp_t *kasp, } goto skip; } - RETERR(result); + CHECK(result); /* * Whatever the key's default TTL may have @@ -1685,16 +1663,16 @@ dns_dnssec_keylistfromrdataset(const dns_name_t *origin, dns_kasp_t *kasp, } if (keysigs != NULL && dns_rdataset_isassociated(keysigs)) { - RETERR(mark_active_keys(keylist, keysigs)); + CHECK(mark_active_keys(keylist, keysigs)); } if (soasigs != NULL && dns_rdataset_isassociated(soasigs)) { - RETERR(mark_active_keys(keylist, soasigs)); + CHECK(mark_active_keys(keylist, soasigs)); } result = ISC_R_SUCCESS; -failure: +cleanup: if (dns_rdataset_isassociated(&keys)) { dns_rdataset_disassociate(&keys); } @@ -1713,15 +1691,11 @@ failure: isc_result_t dns_dnssec_make_dnskey(dst_key_t *key, unsigned char *buf, int bufsize, dns_rdata_t *target) { - isc_result_t result; isc_buffer_t b; isc_region_t r; isc_buffer_init(&b, buf, bufsize); - result = dst_key_todns(key, &b); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(dst_key_todns(key, &b)); dns_rdata_reset(target); isc_buffer_usedregion(&b, &r); @@ -1758,7 +1732,7 @@ publish_key(dns_diff_t *diff, dns_dnsseckey_t *key, const dns_name_t *origin, dns_rdata_t dnskey = DNS_RDATA_INIT; dns_rdata_reset(&dnskey); - RETERR(dns_dnssec_make_dnskey(key->key, buf, sizeof(buf), &dnskey)); + CHECK(dns_dnssec_make_dnskey(key->key, buf, sizeof(buf), &dnskey)); dst_key_format(key->key, keystr, sizeof(keystr)); report("Fetching %s (%s) from key %s.", keystr, @@ -1779,7 +1753,7 @@ publish_key(dns_diff_t *diff, dns_dnsseckey_t *key, const dns_name_t *origin, /* publish key */ addrdata(&dnskey, diff, origin, ttl, mctx); -failure: +cleanup: return result; } @@ -1798,10 +1772,10 @@ remove_key(dns_diff_t *diff, dns_dnsseckey_t *key, const dns_name_t *origin, report("Removing %s key %s/%d/%s from DNSKEY RRset.", reason, namebuf, dst_key_id(key->key), alg); - RETERR(dns_dnssec_make_dnskey(key->key, buf, sizeof(buf), &dnskey)); + CHECK(dns_dnssec_make_dnskey(key->key, buf, sizeof(buf), &dnskey)); delrdata(&dnskey, diff, origin, ttl, mctx); -failure: +cleanup: return result; } @@ -1863,16 +1837,12 @@ static isc_result_t delete_cds(dns_dnsseckey_t *key, dns_rdata_t *keyrdata, const char *keystr, dns_rdataset_t *cds, unsigned int digesttype, dns_diff_t *diff, isc_mem_t *mctx) { - isc_result_t r; unsigned char dsbuf[DNS_DS_BUFFERSIZE]; dns_rdata_t cdsrdata = DNS_RDATA_INIT; dns_name_t *origin = dst_key_name(key->key); - r = dns_ds_buildrdata(origin, keyrdata, digesttype, dsbuf, - sizeof(dsbuf), &cdsrdata); - if (r != ISC_R_SUCCESS) { - return r; - } + RETERR(dns_ds_buildrdata(origin, keyrdata, digesttype, dsbuf, + sizeof(dsbuf), &cdsrdata)); cdsrdata.type = dns_rdatatype_cds; if (exists(cds, &cdsrdata)) { @@ -1915,8 +1885,8 @@ dns_dnssec_syncupdate(dns_dnsseckeylist_t *keys, dns_dnsseckeylist_t *rmkeys, dns_rdata_t cdnskeyrdata = DNS_RDATA_INIT; dns_name_t *origin = dst_key_name(key->key); - RETERR(dns_dnssec_make_dnskey(key->key, keybuf, sizeof(keybuf), - &cdnskeyrdata)); + CHECK(dns_dnssec_make_dnskey(key->key, keybuf, sizeof(keybuf), + &cdnskeyrdata)); cdnskeyrdata.type = dns_rdatatype_cdnskey; if (syncpublish(key->key, now)) { @@ -1924,10 +1894,9 @@ dns_dnssec_syncupdate(dns_dnsseckeylist_t *keys, dns_dnsseckeylist_t *rmkeys, dst_key_format(key->key, keystr, sizeof(keystr)); ISC_LIST_FOREACH(*digests, alg, link) { - RETERR(add_cds(key, &cdnskeyrdata, - (const char *)keystr, cds, - alg->digest, cdsttl, diff, - mctx)); + CHECK(add_cds(key, &cdnskeyrdata, + (const char *)keystr, cds, + alg->digest, cdsttl, diff, mctx)); } if (gencdnskey && @@ -1992,8 +1961,8 @@ dns_dnssec_syncupdate(dns_dnsseckeylist_t *keys, dns_dnsseckeylist_t *rmkeys, char keystr[DST_KEY_FORMATSIZE]; dst_key_format(key->key, keystr, sizeof(keystr)); - RETERR(dns_dnssec_make_dnskey(key->key, keybuf, sizeof(keybuf), - &cdnskeyrdata)); + CHECK(dns_dnssec_make_dnskey(key->key, keybuf, sizeof(keybuf), + &cdnskeyrdata)); if (dns_rdataset_isassociated(cds)) { delete_cds(key, &cdnskeyrdata, (const char *)keystr, @@ -2019,7 +1988,7 @@ dns_dnssec_syncupdate(dns_dnsseckeylist_t *keys, dns_dnsseckeylist_t *rmkeys, result = ISC_R_SUCCESS; -failure: +cleanup: return result; } @@ -2125,8 +2094,8 @@ dns_dnssec_updatekeys(dns_dnsseckeylist_t *keys, dns_dnsseckeylist_t *newkeys, if (key->source == dns_keysource_user && (key->hint_publish || key->force_publish)) { - RETERR(publish_key(diff, key, origin, ttl, mctx, - report)); + CHECK(publish_key(diff, key, origin, ttl, mctx, + report)); } if (key->source == dns_keysource_zoneapex) { ttl = dst_key_getttl(key->key); @@ -2195,8 +2164,8 @@ dns_dnssec_updatekeys(dns_dnsseckeylist_t *keys, dns_dnsseckeylist_t *newkeys, if (key1->source != dns_keysource_zoneapex && (key1->hint_publish || key1->force_publish)) { - RETERR(publish_key(diff, key1, origin, ttl, - mctx, report)); + CHECK(publish_key(diff, key1, origin, ttl, mctx, + report)); isc_log_write( DNS_LOGCATEGORY_DNSSEC, DNS_LOGMODULE_DNSSEC, ISC_LOG_INFO, @@ -2230,8 +2199,8 @@ dns_dnssec_updatekeys(dns_dnsseckeylist_t *keys, dns_dnsseckeylist_t *newkeys, /* Match found: remove or update it as needed */ if (key1->hint_remove) { - RETERR(remove_key(diff, key2, origin, ttl, mctx, - "expired", report)); + CHECK(remove_key(diff, key2, origin, ttl, mctx, + "expired", report)); ISC_LIST_UNLINK(*keys, key2, link); if (removed != NULL) { @@ -2254,8 +2223,8 @@ dns_dnssec_updatekeys(dns_dnsseckeylist_t *keys, dns_dnsseckeylist_t *newkeys, * We need to remove the old version and pull * in the new one. */ - RETERR(remove_key(diff, key2, origin, ttl, mctx, - "revoked", report)); + CHECK(remove_key(diff, key2, origin, ttl, mctx, + "revoked", report)); ISC_LIST_UNLINK(*keys, key2, link); if (removed != NULL) { ISC_LIST_APPEND(*removed, key2, link); @@ -2272,8 +2241,8 @@ dns_dnssec_updatekeys(dns_dnsseckeylist_t *keys, dns_dnsseckeylist_t *newkeys, dns_dnsseckey_destroy(mctx, &key2); } - RETERR(publish_key(diff, key1, origin, ttl, mctx, - report)); + CHECK(publish_key(diff, key1, origin, ttl, mctx, + report)); ISC_LIST_UNLINK(*newkeys, key1, link); ISC_LIST_APPEND(*keys, key1, link); @@ -2323,7 +2292,7 @@ dns_dnssec_updatekeys(dns_dnsseckeylist_t *keys, dns_dnsseckeylist_t *newkeys, result = ISC_R_SUCCESS; -failure: +cleanup: return result; } diff --git a/lib/dns/dnstap.c b/lib/dns/dnstap.c index 40750b5936..087dc5cebb 100644 --- a/lib/dns/dnstap.c +++ b/lib/dns/dnstap.c @@ -120,13 +120,6 @@ struct dns_dtenv { isc_stats_t *stats; }; -#define CHECK(x) \ - do { \ - result = (x); \ - if (result != ISC_R_SUCCESS) \ - goto cleanup; \ - } while (0) - typedef struct ioq { unsigned int generation; struct fstrm_iothr_queue *ioq; @@ -171,13 +164,13 @@ dns_dt_create(isc_mem_t *mctx, dns_dtmode_t mode, const char *path, fwopt = fstrm_writer_options_init(); if (fwopt == NULL) { - CHECK(ISC_R_NOMEMORY); + CLEANUP(ISC_R_NOMEMORY); } res = fstrm_writer_options_add_content_type( fwopt, DNSTAP_CONTENT_TYPE, sizeof(DNSTAP_CONTENT_TYPE) - 1); if (res != fstrm_res_success) { - CHECK(ISC_R_FAILURE); + CLEANUP(ISC_R_FAILURE); } if (mode == dns_dtmode_file) { @@ -194,11 +187,11 @@ dns_dt_create(isc_mem_t *mctx, dns_dtmode_t mode, const char *path, fw = fstrm_unix_writer_init(fuwopt, fwopt); } } else { - CHECK(ISC_R_FAILURE); + CLEANUP(ISC_R_FAILURE); } if (fw == NULL) { - CHECK(ISC_R_FAILURE); + CLEANUP(ISC_R_FAILURE); } env->iothr = fstrm_iothr_init(*foptp, &fw); @@ -207,7 +200,7 @@ dns_dt_create(isc_mem_t *mctx, dns_dtmode_t mode, const char *path, ISC_LOG_WARNING, "unable to initialize dnstap I/O thread"); fstrm_writer_destroy(&fw); - CHECK(ISC_R_FAILURE); + CLEANUP(ISC_R_FAILURE); } env->mode = mode; env->max_size = 0; @@ -288,13 +281,13 @@ dns_dt_reopen(dns_dtenv_t *env, int roll) { */ fwopt = fstrm_writer_options_init(); if (fwopt == NULL) { - CHECK(ISC_R_NOMEMORY); + CLEANUP(ISC_R_NOMEMORY); } res = fstrm_writer_options_add_content_type( fwopt, DNSTAP_CONTENT_TYPE, sizeof(DNSTAP_CONTENT_TYPE) - 1); if (res != fstrm_res_success) { - CHECK(ISC_R_FAILURE); + CLEANUP(ISC_R_FAILURE); } if (env->mode == dns_dtmode_file) { @@ -311,11 +304,11 @@ dns_dt_reopen(dns_dtenv_t *env, int roll) { fw = fstrm_unix_writer_init(fuwopt, fwopt); } } else { - CHECK(ISC_R_NOTIMPLEMENTED); + CLEANUP(ISC_R_NOTIMPLEMENTED); } if (fw == NULL) { - CHECK(ISC_R_FAILURE); + CLEANUP(ISC_R_FAILURE); } /* @@ -357,7 +350,7 @@ dns_dt_reopen(dns_dtenv_t *env, int roll) { isc_log_write(DNS_LOGCATEGORY_DNSTAP, DNS_LOGMODULE_DNSTAP, ISC_LOG_WARNING, "unable to initialize dnstap I/O thread"); - CHECK(ISC_R_FAILURE); + CLEANUP(ISC_R_FAILURE); } cleanup: @@ -945,23 +938,23 @@ dns_dt_open(const char *filename, dns_dtmode_t mode, isc_mem_t *mctx, case dns_dtmode_file: fopt = fstrm_file_options_init(); if (fopt == NULL) { - CHECK(ISC_R_NOMEMORY); + CLEANUP(ISC_R_NOMEMORY); } fstrm_file_options_set_file_path(fopt, filename); handle->reader = fstrm_file_reader_init(fopt, NULL); if (handle->reader == NULL) { - CHECK(ISC_R_NOMEMORY); + CLEANUP(ISC_R_NOMEMORY); } res = fstrm_reader_open(handle->reader); if (res != fstrm_res_success) { - CHECK(ISC_R_FAILURE); + CLEANUP(ISC_R_FAILURE); } if (!dnstap_file(handle->reader)) { - CHECK(DNS_R_BADDNSTAP); + CLEANUP(DNS_R_BADDNSTAP); } break; case dns_dtmode_unix: @@ -1050,13 +1043,13 @@ dns_dt_parse(isc_mem_t *mctx, isc_region_t *src, dns_dtdata_t **destp) { d->frame = dnstap__dnstap__unpack(NULL, src->length, src->base); if (d->frame == NULL) { - CHECK(ISC_R_NOMEMORY); + CLEANUP(ISC_R_NOMEMORY); } frame = (Dnstap__Dnstap *)d->frame; if (frame->type != DNSTAP__DNSTAP__TYPE__MESSAGE) { - CHECK(DNS_R_BADDNSTAP); + CLEANUP(DNS_R_BADDNSTAP); } m = frame->message; @@ -1106,7 +1099,7 @@ dns_dt_parse(isc_mem_t *mctx, isc_region_t *src, dns_dtdata_t **destp) { d->type = DNS_DTTYPE_UR; break; default: - CHECK(DNS_R_BADDNSTAP); + CLEANUP(DNS_R_BADDNSTAP); } /* Query? */ diff --git a/lib/dns/ds.c b/lib/dns/ds.c index 773a880127..e8c71a80c7 100644 --- a/lib/dns/ds.c +++ b/lib/dns/ds.c @@ -186,10 +186,7 @@ dns_ds_buildrdata(dns_name_t *owner, dns_rdata_t *key, dns_rdata_ds_t ds; isc_buffer_t b; - result = dns_ds_fromkeyrdata(owner, key, digest_type, digest, len, &ds); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(dns_ds_fromkeyrdata(owner, key, digest_type, digest, len, &ds)); memset(buffer, 0, DNS_DS_BUFFERSIZE); isc_buffer_init(&b, buffer, DNS_DS_BUFFERSIZE); diff --git a/lib/dns/dst_api.c b/lib/dns/dst_api.c index 2d6f739c03..2f4ebf9753 100644 --- a/lib/dns/dst_api.c +++ b/lib/dns/dst_api.c @@ -68,36 +68,27 @@ #define DST_AS_STR(t) ((t).value.as_textregion.base) -#define NEXTTOKEN(lex, opt, token) \ - { \ - ret = isc_lex_gettoken(lex, opt, token); \ - if (ret != ISC_R_SUCCESS) \ - goto cleanup; \ - } +#define NEXTTOKEN(lex, opt, token) CHECK(isc_lex_gettoken(lex, opt, token)) -#define NEXTTOKEN_OR_EOF(lex, opt, token) \ - do { \ - ret = isc_lex_gettoken(lex, opt, token); \ - if (ret == ISC_R_EOF) \ - break; \ - if (ret != ISC_R_SUCCESS) \ - goto cleanup; \ +#define NEXTTOKEN_OR_EOF(lex, opt, token) \ + do { \ + result = isc_lex_gettoken(lex, opt, token); \ + if (result == ISC_R_EOF) { \ + break; \ + } \ + CHECK(result); \ } while ((*token).type == isc_tokentype_eol); -#define READLINE(lex, opt, token) \ - do { \ - ret = isc_lex_gettoken(lex, opt, token); \ - if (ret == ISC_R_EOF) \ - break; \ - if (ret != ISC_R_SUCCESS) \ - goto cleanup; \ +#define READLINE(lex, opt, token) \ + do { \ + result = isc_lex_gettoken(lex, opt, token); \ + if (result == ISC_R_EOF) { \ + break; \ + } \ + CHECK(result); \ } while ((*token).type != isc_tokentype_eol) -#define BADTOKEN() \ - { \ - ret = ISC_R_UNEXPECTEDTOKEN; \ - goto cleanup; \ - } +#define BADTOKEN() CLEANUP(ISC_R_UNEXPECTEDTOKEN) static const char *numerictags[DST_MAX_NUMERIC] = { [DST_NUM_PREDECESSOR] = "Predecessor:", @@ -193,13 +184,6 @@ static isc_result_t addsuffix(char *filename, int len, const char *dirname, const char *ofilename, const char *suffix); -#define RETERR(x) \ - do { \ - result = (x); \ - if (result != ISC_R_SUCCESS) \ - goto out; \ - } while (0) - #define CHECKALG(alg) \ do { \ isc_result_t _r; \ @@ -383,8 +367,6 @@ dst_context_verify(dst_context_t *dctx, isc_region_t *sig) { isc_result_t dst_key_tofile(const dst_key_t *key, int type, const char *directory) { - isc_result_t ret = ISC_R_SUCCESS; - REQUIRE(VALID_KEY(key)); REQUIRE((type & (DST_TYPE_PRIVATE | DST_TYPE_PUBLIC | DST_TYPE_STATE)) != 0); @@ -396,17 +378,11 @@ dst_key_tofile(const dst_key_t *key, int type, const char *directory) { } if ((type & DST_TYPE_PUBLIC) != 0) { - ret = write_public_key(key, type, directory); - if (ret != ISC_R_SUCCESS) { - return ret; - } + RETERR(write_public_key(key, type, directory)); } if ((type & DST_TYPE_STATE) != 0) { - ret = write_key_state(key, type, directory); - if (ret != ISC_R_SUCCESS) { - return ret; - } + RETERR(write_key_state(key, type, directory)); } if (((type & DST_TYPE_PRIVATE) != 0) && @@ -497,32 +473,20 @@ dst_key_fromfile(dns_name_t *name, dns_keytag_t id, unsigned int alg, int type, key = NULL; isc_buffer_init(&buf, filename, NAME_MAX); - result = dst_key_getfilename(name, id, alg, type, NULL, mctx, &buf); - if (result != ISC_R_SUCCESS) { - goto out; - } - - result = dst_key_fromnamedfile(filename, directory, type, mctx, &key); - if (result != ISC_R_SUCCESS) { - goto out; - } - - result = computeid(key); - if (result != ISC_R_SUCCESS) { - goto out; - } + CHECK(dst_key_getfilename(name, id, alg, type, NULL, mctx, &buf)); + CHECK(dst_key_fromnamedfile(filename, directory, type, mctx, &key)); + CHECK(computeid(key)); if (!dns_name_equal(name, key->key_name) || id != key->key_id || alg != key->key_alg) { - result = DST_R_INVALIDPRIVATEKEY; - goto out; + CLEANUP(DST_R_INVALIDPRIVATEKEY); } *keyp = key; result = ISC_R_SUCCESS; -out: +cleanup: if ((key != NULL) && (result != ISC_R_SUCCESS)) { dst_key_free(&key); } @@ -558,7 +522,7 @@ dst_key_fromnamedfile(const char *filename, const char *dirname, int type, ".key"); INSIST(result == ISC_R_SUCCESS); - RETERR(dst_key_read_public(newfilename, type, mctx, &pubkey)); + CHECK(dst_key_read_public(newfilename, type, mctx, &pubkey)); isc_mem_put(mctx, newfilename, newfilenamelen); /* @@ -584,20 +548,20 @@ dst_key_fromnamedfile(const char *filename, const char *dirname, int type, /* Having no state is valid. */ result = ISC_R_SUCCESS; } - RETERR(result); + CHECK(result); } if ((type & (DST_TYPE_PRIVATE | DST_TYPE_PUBLIC)) == DST_TYPE_PUBLIC || (pubkey->key_flags & DNS_KEYFLAG_TYPEMASK) == DNS_KEYTYPE_NOKEY) { - RETERR(computeid(pubkey)); + CHECK(computeid(pubkey)); pubkey->modified = false; *keyp = pubkey; pubkey = NULL; - goto out; + goto cleanup; } - RETERR(algorithm_status(pubkey->key_alg)); + CHECK(algorithm_status(pubkey->key_alg)); key = get_key_struct(pubkey->key_name, pubkey->key_alg, pubkey->key_flags, pubkey->key_proto, @@ -605,7 +569,7 @@ dst_key_fromnamedfile(const char *filename, const char *dirname, int type, pubkey->key_ttl, mctx); if (key->func->parse == NULL) { - RETERR(DST_R_UNSUPPORTEDALG); + CLEANUP(DST_R_UNSUPPORTEDALG); } newfilenamelen = strlen(filename) + 9; @@ -618,10 +582,10 @@ dst_key_fromnamedfile(const char *filename, const char *dirname, int type, INSIST(result == ISC_R_SUCCESS); isc_lex_create(mctx, 1500, &lex); - RETERR(isc_lex_openfile(lex, newfilename)); + CHECK(isc_lex_openfile(lex, newfilename)); isc_mem_put(mctx, newfilename, newfilenamelen); - RETERR(key->func->parse(key, lex, pubkey)); + CHECK(key->func->parse(key, lex, pubkey)); isc_lex_destroy(&lex); key->kasp = false; @@ -633,13 +597,13 @@ dst_key_fromnamedfile(const char *filename, const char *dirname, int type, /* Having no state is valid. */ result = ISC_R_SUCCESS; } - RETERR(result); + CHECK(result); } - RETERR(computeid(key)); + CHECK(computeid(key)); if (pubkey->key_id != key->key_id) { - RETERR(DST_R_INVALIDPRIVATEKEY); + CLEANUP(DST_R_INVALIDPRIVATEKEY); } key->modified = false; @@ -650,7 +614,7 @@ dst_key_fromnamedfile(const char *filename, const char *dirname, int type, *keyp = key; key = NULL; -out: +cleanup: if (pubkey != NULL) { dst_key_free(&pubkey); } @@ -711,7 +675,6 @@ dst_key_fromdns(const dns_name_t *name, dns_rdataclass_t rdclass, dst_key_t *key = NULL; dns_keytag_t id, rid; isc_region_t r; - isc_result_t result; isc_buffer_remainingregion(source, &r); @@ -733,11 +696,8 @@ dst_key_fromdns(const dns_name_t *name, dns_rdataclass_t rdclass, flags |= (extflags << 16); } - result = frombuffer(name, alg, flags, proto, rdclass, source, mctx, - &key); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(frombuffer(name, alg, flags, proto, rdclass, source, mctx, + &key)); key->key_id = id; key->key_rid = rid; @@ -752,11 +712,8 @@ dst_key_frombuffer(const dns_name_t *name, unsigned int alg, unsigned int flags, dst_key_t *key = NULL; isc_result_t result; - result = frombuffer(name, alg, flags, protocol, rdclass, source, mctx, - &key); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(frombuffer(name, alg, flags, protocol, rdclass, source, mctx, + &key)); result = computeid(key); if (result != ISC_R_SUCCESS) { @@ -808,13 +765,13 @@ dst_key_fromgssapi(const dns_name_t *name, dns_gss_ctx_id_t gssctx, */ isc_buffer_allocate(key->mctx, &key->key_tkeytoken, intoken->length); - RETERR(isc_buffer_copyregion(key->key_tkeytoken, intoken)); + CHECK(isc_buffer_copyregion(key->key_tkeytoken, intoken)); } key->keydata.gssctx = gssctx; *keyp = key; result = ISC_R_SUCCESS; -out: +cleanup: if (result != ISC_R_SUCCESS) { dst_key_free(&key); } @@ -955,7 +912,7 @@ dst_key_generate(const dns_name_t *name, unsigned int alg, unsigned int bits, dns_rdataclass_t rdclass, const char *label, isc_mem_t *mctx, dst_key_t **keyp, void (*callback)(int)) { dst_key_t *key; - isc_result_t ret; + isc_result_t result; REQUIRE(dns_name_isabsolute(name)); REQUIRE(mctx != NULL); @@ -981,16 +938,16 @@ dst_key_generate(const dns_name_t *name, unsigned int alg, unsigned int bits, return DST_R_UNSUPPORTEDALG; } - ret = key->func->generate(key, param, callback); - if (ret != ISC_R_SUCCESS) { + result = key->func->generate(key, param, callback); + if (result != ISC_R_SUCCESS) { dst_key_free(&key); - return ret; + return result; } - ret = computeid(key); - if (ret != ISC_R_SUCCESS) { + result = computeid(key); + if (result != ISC_R_SUCCESS) { dst_key_free(&key); - return ret; + return result; } *keyp = key; @@ -1514,13 +1471,12 @@ dst_key_read_public(const char *filename, int type, isc_mem_t *mctx, dns_fixedname_t name; isc_lex_t *lex = NULL; isc_token_t token; - isc_result_t ret; + isc_result_t result; dns_rdata_t rdata = DNS_RDATA_INIT; unsigned int opt = ISC_LEXOPT_DNSMULTILINE | ISC_LEXOPT_ESCAPE; dns_rdataclass_t rdclass = dns_rdataclass_in; isc_lexspecials_t specials; uint32_t ttl = 0; - isc_result_t result; dns_rdatatype_t keytype; /* @@ -1540,10 +1496,7 @@ dst_key_read_public(const char *filename, int type, isc_mem_t *mctx, isc_lex_setspecials(lex, specials); isc_lex_setcomments(lex, ISC_LEXCOMMENT_DNSMASTERFILE); - ret = isc_lex_openfile(lex, filename); - if (ret != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(isc_lex_openfile(lex, filename)); /* Read the domain name */ NEXTTOKEN(lex, opt, &token); @@ -1561,10 +1514,8 @@ dst_key_read_public(const char *filename, int type, isc_mem_t *mctx, dns_fixedname_init(&name); isc_buffer_init(&b, DST_AS_STR(token), strlen(DST_AS_STR(token))); isc_buffer_add(&b, strlen(DST_AS_STR(token))); - ret = dns_name_fromtext(dns_fixedname_name(&name), &b, dns_rootname, 0); - if (ret != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(dns_name_fromtext(dns_fixedname_name(&name), &b, dns_rootname, + 0)); /* Read the next word: either TTL, class, or 'KEY' */ NEXTTOKEN(lex, opt, &token); @@ -1583,8 +1534,8 @@ dst_key_read_public(const char *filename, int type, isc_mem_t *mctx, BADTOKEN(); } - ret = dns_rdataclass_fromtext(&rdclass, &token.value.as_textregion); - if (ret == ISC_R_SUCCESS) { + result = dns_rdataclass_fromtext(&rdclass, &token.value.as_textregion); + if (result == ISC_R_SUCCESS) { NEXTTOKEN(lex, opt, &token); } @@ -1603,22 +1554,16 @@ dst_key_read_public(const char *filename, int type, isc_mem_t *mctx, if (((type & DST_TYPE_KEY) != 0 && keytype != dns_rdatatype_key) || ((type & DST_TYPE_KEY) == 0 && keytype != dns_rdatatype_dnskey)) { - ret = DST_R_BADKEYTYPE; + result = DST_R_BADKEYTYPE; goto cleanup; } isc_buffer_init(&b, rdatabuf, sizeof(rdatabuf)); - ret = dns_rdata_fromtext(&rdata, rdclass, keytype, lex, NULL, false, - mctx, &b, NULL); - if (ret != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(dns_rdata_fromtext(&rdata, rdclass, keytype, lex, NULL, false, + mctx, &b, NULL)); - ret = dst_key_fromdns(dns_fixedname_name(&name), rdclass, &b, mctx, - keyp); - if (ret != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(dst_key_fromdns(dns_fixedname_name(&name), rdclass, &b, mctx, + keyp)); dst_key_setttl(*keyp, ttl); @@ -1626,7 +1571,7 @@ cleanup: if (lex != NULL) { isc_lex_destroy(&lex); } - return ret; + return result; } static int @@ -1677,16 +1622,13 @@ isc_result_t dst_key_read_state(const char *filename, isc_mem_t *mctx, dst_key_t **keyp) { isc_lex_t *lex = NULL; isc_token_t token; - isc_result_t ret; + isc_result_t result; unsigned int opt = ISC_LEXOPT_EOL; isc_lex_create(mctx, 1500, &lex); isc_lex_setcomments(lex, ISC_LEXCOMMENT_DNSMASTERFILE); - ret = isc_lex_openfile(lex, filename); - if (ret != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(isc_lex_openfile(lex, filename)); /* * Read the comment line. @@ -1738,7 +1680,7 @@ dst_key_read_state(const char *filename, isc_mem_t *mctx, dst_key_t **keyp) { int tag; NEXTTOKEN_OR_EOF(lex, opt, &token); - if (ret == ISC_R_EOF) { + if (result == ISC_R_EOF) { break; } if (token.type != isc_tokentype_string) { @@ -1791,10 +1733,7 @@ dst_key_read_state(const char *filename, isc_mem_t *mctx, dst_key_t **keyp) { BADTOKEN(); } - ret = dns_time32_fromtext(DST_AS_STR(token), &when); - if (ret != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(dns_time32_fromtext(DST_AS_STR(token), &when)); dst_key_settime(*keyp, tag, when); goto next; @@ -1812,10 +1751,7 @@ dst_key_read_state(const char *filename, isc_mem_t *mctx, dst_key_t **keyp) { BADTOKEN(); } - ret = keystate_fromtext(DST_AS_STR(token), &state); - if (ret != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(keystate_fromtext(DST_AS_STR(token), &state)); dst_key_setstate(*keyp, tag, state); goto next; @@ -1826,13 +1762,13 @@ dst_key_read_state(const char *filename, isc_mem_t *mctx, dst_key_t **keyp) { } /* Done, successfully parsed the whole file. */ - ret = ISC_R_SUCCESS; + result = ISC_R_SUCCESS; cleanup: if (lex != NULL) { isc_lex_destroy(&lex); } - return ret; + return result; } static bool @@ -1957,17 +1893,10 @@ write_key_state(const dst_key_t *key, int type, const char *directory) { * Make the filename. */ isc_buffer_init(&fileb, filename, sizeof(filename)); - result = dst_key_buildfilename(key, DST_TYPE_STATE, directory, &fileb); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(dst_key_buildfilename(key, DST_TYPE_STATE, directory, &fileb)); isc_buffer_init(&tmpb, tmpname, sizeof(tmpname)); - result = dst_key_buildfilename(key, DST_TYPE_TEMPLATE, directory, - &tmpb); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(dst_key_buildfilename(key, DST_TYPE_TEMPLATE, directory, &tmpb)); mode_t mode = issymmetric(key) ? S_IRUSR | S_IWUSR : S_IRUSR | S_IWUSR | S_IRGRP | S_IROTH; @@ -2050,10 +1979,7 @@ write_public_key(const dst_key_t *key, int type, const char *directory) { isc_buffer_init(&textb, text_array, sizeof(text_array)); isc_buffer_init(&classb, class_array, sizeof(class_array)); - result = dst_key_todns(key, &keyb); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(dst_key_todns(key, &keyb)); isc_buffer_usedregion(&keyb, &r); dns_rdata_fromregion(&rdata, key->key_class, dns_rdatatype_dnskey, &r); @@ -2072,17 +1998,10 @@ write_public_key(const dst_key_t *key, int type, const char *directory) { * Make the filename. */ isc_buffer_init(&fileb, filename, sizeof(filename)); - result = dst_key_buildfilename(key, DST_TYPE_PUBLIC, directory, &fileb); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(dst_key_buildfilename(key, DST_TYPE_PUBLIC, directory, &fileb)); isc_buffer_init(&tmpb, tmpname, sizeof(tmpname)); - result = dst_key_buildfilename(key, DST_TYPE_TEMPLATE, directory, - &tmpb); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(dst_key_buildfilename(key, DST_TYPE_TEMPLATE, directory, &tmpb)); /* Create temporary public key file. */ mode_t mode = issymmetric(key) ? S_IRUSR | S_IWUSR @@ -2153,7 +2072,6 @@ static isc_result_t buildfilename(dns_name_t *name, dns_keytag_t id, unsigned int alg, unsigned int type, const char *directory, isc_buffer_t *out) { const char *suffix = ""; - isc_result_t result; REQUIRE(out != NULL); REQUIRE(alg != 0 && alg != DST_ALG_PRIVATEOID && @@ -2184,10 +2102,7 @@ buildfilename(dns_name_t *name, dns_keytag_t id, unsigned int alg, return ISC_R_NOSPACE; } isc_buffer_putstr(out, "K"); - result = dns_name_tofilenametext(name, false, out); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(dns_name_tofilenametext(name, false, out)); return isc_buffer_printf(out, "+%03d+%05d%s", alg, id, suffix); } @@ -2197,13 +2112,9 @@ computeid(dst_key_t *key) { isc_buffer_t dnsbuf; unsigned char dns_array[DST_KEY_MAXSIZE]; isc_region_t r; - isc_result_t ret; isc_buffer_init(&dnsbuf, dns_array, sizeof(dns_array)); - ret = dst_key_todns(key, &dnsbuf); - if (ret != ISC_R_SUCCESS) { - return ret; - } + RETERR(dst_key_todns(key, &dnsbuf)); isc_buffer_usedregion(&dnsbuf, &r); key->key_id = dst_region_computeid(&r); @@ -2216,7 +2127,7 @@ frombuffer(const dns_name_t *name, unsigned int alg, unsigned int flags, unsigned int protocol, dns_rdataclass_t rdclass, isc_buffer_t *source, isc_mem_t *mctx, dst_key_t **keyp) { dst_key_t *key; - isc_result_t ret; + isc_result_t result; REQUIRE(dns_name_isabsolute(name)); REQUIRE(source != NULL); @@ -2242,20 +2153,20 @@ frombuffer(const dns_name_t *name, unsigned int alg, unsigned int flags, key = get_key_struct(name, alg, flags, protocol, 0, rdclass, 0, mctx); if (isc_buffer_remaininglength(source) > 0) { - ret = algorithm_status(alg); - if (ret != ISC_R_SUCCESS) { + result = algorithm_status(alg); + if (result != ISC_R_SUCCESS) { dst_key_free(&key); - return ret; + return result; } if (key->func->fromdns == NULL) { dst_key_free(&key); return DST_R_UNSUPPORTEDALG; } - ret = key->func->fromdns(key, source); - if (ret != ISC_R_SUCCESS) { + result = key->func->fromdns(key, source); + if (result != ISC_R_SUCCESS) { dst_key_free(&key); - return ret; + return result; } } diff --git a/lib/dns/dst_parse.c b/lib/dns/dst_parse.c index 9dc4f9cedd..6a402c79e3 100644 --- a/lib/dns/dst_parse.c +++ b/lib/dns/dst_parse.c @@ -184,7 +184,8 @@ check_rsa(const dst_private_t *priv, bool external) { unsigned int mask; if (external) { - return (priv->nelements == 0) ? 0 : -1; + return (priv->nelements == 0) ? ISC_R_SUCCESS + : DST_R_INVALIDPRIVATEKEY; } for (i = 0; i < RSA_NTAGS; i++) { @@ -198,7 +199,7 @@ check_rsa(const dst_private_t *priv, bool external) { } } if (i == RSA_NTAGS) { - return -1; + return DST_R_INVALIDPRIVATEKEY; } have[i] = true; } @@ -218,7 +219,7 @@ check_rsa(const dst_private_t *priv, bool external) { have[TAG_RSA_EXPONENT2 & mask] && have[TAG_RSA_COEFFICIENT & mask]; } - return ok ? 0 : -1; + return ok ? ISC_R_SUCCESS : DST_R_INVALIDPRIVATEKEY; } static int @@ -229,7 +230,8 @@ check_ecdsa(const dst_private_t *priv, bool external) { unsigned int mask; if (external) { - return (priv->nelements == 0) ? 0 : -1; + return (priv->nelements == 0) ? ISC_R_SUCCESS + : DST_R_INVALIDPRIVATEKEY; } for (i = 0; i < ECDSA_NTAGS; i++) { @@ -242,7 +244,7 @@ check_ecdsa(const dst_private_t *priv, bool external) { } } if (i == ECDSA_NTAGS) { - return -1; + return DST_R_INVALIDPRIVATEKEY; } have[i] = true; } @@ -251,10 +253,10 @@ check_ecdsa(const dst_private_t *priv, bool external) { ok = have[TAG_ECDSA_LABEL & mask] || have[TAG_ECDSA_PRIVATEKEY & mask]; - return ok ? 0 : -1; + return ok ? ISC_R_SUCCESS : DST_R_INVALIDPRIVATEKEY; } -static int +static isc_result_t check_eddsa(const dst_private_t *priv, bool external) { int i, j; bool have[EDDSA_NTAGS]; @@ -262,7 +264,8 @@ check_eddsa(const dst_private_t *priv, bool external) { unsigned int mask; if (external) { - return (priv->nelements == 0) ? 0 : -1; + return (priv->nelements == 0) ? ISC_R_SUCCESS + : DST_R_INVALIDPRIVATEKEY; } for (i = 0; i < EDDSA_NTAGS; i++) { @@ -275,7 +278,7 @@ check_eddsa(const dst_private_t *priv, bool external) { } } if (i == EDDSA_NTAGS) { - return -1; + return DST_R_INVALIDPRIVATEKEY; } have[i] = true; } @@ -284,10 +287,10 @@ check_eddsa(const dst_private_t *priv, bool external) { ok = have[TAG_EDDSA_LABEL & mask] || have[TAG_EDDSA_PRIVATEKEY & mask]; - return ok ? 0 : -1; + return ok ? ISC_R_SUCCESS : DST_R_INVALIDPRIVATEKEY; } -static int +static isc_result_t check_hmac_md5(const dst_private_t *priv, bool old) { int i, j; @@ -299,9 +302,9 @@ check_hmac_md5(const dst_private_t *priv, bool old) { if (old && priv->nelements == OLD_HMACMD5_NTAGS && priv->elements[0].tag == TAG_HMACMD5_KEY) { - return 0; + return ISC_R_SUCCESS; } - return -1; + return DST_R_INVALIDPRIVATEKEY; } /* * We must be new format at this point. @@ -313,18 +316,18 @@ check_hmac_md5(const dst_private_t *priv, bool old) { } } if (j == priv->nelements) { - return -1; + return DST_R_INVALIDPRIVATEKEY; } } return 0; } -static int +static isc_result_t check_hmac_sha(const dst_private_t *priv, unsigned int ntags, unsigned int alg) { unsigned int i, j; if (priv->nelements != ntags) { - return -1; + return DST_R_INVALIDPRIVATEKEY; } for (i = 0; i < ntags; i++) { for (j = 0; j < priv->nelements; j++) { @@ -333,13 +336,13 @@ check_hmac_sha(const dst_private_t *priv, unsigned int ntags, } } if (j == priv->nelements) { - return -1; + return DST_R_INVALIDPRIVATEKEY; } } - return 0; + return ISC_R_SUCCESS; } -static int +static isc_result_t check_data(const dst_private_t *priv, const unsigned int alg, bool old, bool external) { switch (alg) { @@ -394,13 +397,13 @@ dst__privstruct_free(dst_private_t *priv, isc_mem_t *mctx) { isc_result_t dst__privstruct_parse(dst_key_t *key, unsigned int alg, isc_lex_t *lex, isc_mem_t *mctx, dst_private_t *priv) { - int n = 0, major, minor, check; + int n = 0, major, minor; isc_buffer_t b; isc_token_t token; unsigned char *data = NULL; unsigned int opt = ISC_LEXOPT_EOL; isc_stdtime_t when; - isc_result_t ret; + isc_result_t result; bool external = false; REQUIRE(priv != NULL); @@ -408,20 +411,19 @@ dst__privstruct_parse(dst_key_t *key, unsigned int alg, isc_lex_t *lex, priv->nelements = 0; memset(priv->elements, 0, sizeof(priv->elements)); -#define NEXTTOKEN(lex, opt, token) \ - do { \ - ret = isc_lex_gettoken(lex, opt, token); \ - if (ret != ISC_R_SUCCESS) \ - goto fail; \ +#define NEXTTOKEN(lex, opt, token) \ + do { \ + CHECK(isc_lex_gettoken(lex, opt, token)); \ } while (0) -#define READLINE(lex, opt, token) \ - do { \ - ret = isc_lex_gettoken(lex, opt, token); \ - if (ret == ISC_R_EOF) \ - break; \ - else if (ret != ISC_R_SUCCESS) \ - goto fail; \ +#define READLINE(lex, opt, token) \ + do { \ + result = isc_lex_gettoken(lex, opt, token); \ + if (result == ISC_R_EOF) { \ + break; \ + } else if (result != ISC_R_SUCCESS) { \ + goto cleanup; \ + } \ } while ((*token).type != isc_tokentype_eol) /* @@ -431,24 +433,24 @@ dst__privstruct_parse(dst_key_t *key, unsigned int alg, isc_lex_t *lex, if (token.type != isc_tokentype_string || strcmp(DST_AS_STR(token), PRIVATE_KEY_STR) != 0) { - ret = DST_R_INVALIDPRIVATEKEY; - goto fail; + result = DST_R_INVALIDPRIVATEKEY; + goto cleanup; } NEXTTOKEN(lex, opt, &token); if (token.type != isc_tokentype_string || (DST_AS_STR(token))[0] != 'v') { - ret = DST_R_INVALIDPRIVATEKEY; - goto fail; + result = DST_R_INVALIDPRIVATEKEY; + goto cleanup; } if (sscanf(DST_AS_STR(token), "v%d.%d", &major, &minor) != 2) { - ret = DST_R_INVALIDPRIVATEKEY; - goto fail; + result = DST_R_INVALIDPRIVATEKEY; + goto cleanup; } if (major > DST_MAJOR_VERSION) { - ret = DST_R_INVALIDPRIVATEKEY; - goto fail; + result = DST_R_INVALIDPRIVATEKEY; + goto cleanup; } /* @@ -465,16 +467,16 @@ dst__privstruct_parse(dst_key_t *key, unsigned int alg, isc_lex_t *lex, if (token.type != isc_tokentype_string || strcmp(DST_AS_STR(token), ALGORITHM_STR) != 0) { - ret = DST_R_INVALIDPRIVATEKEY; - goto fail; + result = DST_R_INVALIDPRIVATEKEY; + goto cleanup; } NEXTTOKEN(lex, opt | ISC_LEXOPT_NUMBER, &token); if (token.type != isc_tokentype_number || token.value.as_ulong != (unsigned long)dst_key_alg(key)) { - ret = DST_R_INVALIDPRIVATEKEY; - goto fail; + result = DST_R_INVALIDPRIVATEKEY; + goto cleanup; } READLINE(lex, opt, &token); @@ -486,18 +488,18 @@ dst__privstruct_parse(dst_key_t *key, unsigned int alg, isc_lex_t *lex, int tag; isc_region_t r; do { - ret = isc_lex_gettoken(lex, opt, &token); - if (ret == ISC_R_EOF) { + result = isc_lex_gettoken(lex, opt, &token); + if (result == ISC_R_EOF) { goto done; } - if (ret != ISC_R_SUCCESS) { - goto fail; + if (result != ISC_R_SUCCESS) { + goto cleanup; } } while (token.type == isc_tokentype_eol); if (token.type != isc_tokentype_string) { - ret = DST_R_INVALIDPRIVATEKEY; - goto fail; + result = DST_R_INVALIDPRIVATEKEY; + goto cleanup; } if (strcmp(DST_AS_STR(token), "External:") == 0) { @@ -512,8 +514,8 @@ dst__privstruct_parse(dst_key_t *key, unsigned int alg, isc_lex_t *lex, NEXTTOKEN(lex, opt | ISC_LEXOPT_NUMBER, &token); if (token.type != isc_tokentype_number) { - ret = DST_R_INVALIDPRIVATEKEY; - goto fail; + result = DST_R_INVALIDPRIVATEKEY; + goto cleanup; } dst_key_setnum(key, tag, token.value.as_ulong); @@ -527,14 +529,11 @@ dst__privstruct_parse(dst_key_t *key, unsigned int alg, isc_lex_t *lex, NEXTTOKEN(lex, opt, &token); if (token.type != isc_tokentype_string) { - ret = DST_R_INVALIDPRIVATEKEY; - goto fail; + result = DST_R_INVALIDPRIVATEKEY; + goto cleanup; } - ret = dns_time32_fromtext(DST_AS_STR(token), &when); - if (ret != ISC_R_SUCCESS) { - goto fail; - } + CHECK(dns_time32_fromtext(DST_AS_STR(token), &when)); dst_key_settime(key, tag, when); @@ -546,8 +545,8 @@ dst__privstruct_parse(dst_key_t *key, unsigned int alg, isc_lex_t *lex, if (tag < 0 && minor > DST_MINOR_VERSION) { goto next; } else if (tag < 0) { - ret = DST_R_INVALIDPRIVATEKEY; - goto fail; + result = DST_R_INVALIDPRIVATEKEY; + goto cleanup; } priv->elements[n].tag = tag; @@ -555,10 +554,7 @@ dst__privstruct_parse(dst_key_t *key, unsigned int alg, isc_lex_t *lex, data = isc_mem_get(mctx, MAXFIELDSIZE); isc_buffer_init(&b, data, MAXFIELDSIZE); - ret = isc_base64_tobuffer(lex, &b, -1); - if (ret != ISC_R_SUCCESS) { - goto fail; - } + CHECK(isc_base64_tobuffer(lex, &b, -1)); isc_buffer_usedregion(&b, &r); priv->elements[n].length = r.length; @@ -572,30 +568,23 @@ dst__privstruct_parse(dst_key_t *key, unsigned int alg, isc_lex_t *lex, done: if (external && priv->nelements != 0) { - ret = DST_R_INVALIDPRIVATEKEY; - goto fail; + result = DST_R_INVALIDPRIVATEKEY; + goto cleanup; } - check = check_data(priv, alg, true, external); - if (check < 0) { - ret = DST_R_INVALIDPRIVATEKEY; - goto fail; - } else if (check != ISC_R_SUCCESS) { - ret = check; - goto fail; - } + CHECK(check_data(priv, alg, true, external)); key->external = external; return ISC_R_SUCCESS; -fail: +cleanup: dst__privstruct_free(priv, mctx); if (data != NULL) { isc_mem_put(mctx, data, MAXFIELDSIZE); } - return ret; + return result; } isc_result_t @@ -626,11 +615,7 @@ dst__privstruct_writefile(const dst_key_t *key, const dst_private_t *priv, } isc_buffer_init(&fileb, filename, sizeof(filename)); - result = dst_key_buildfilename(key, DST_TYPE_PRIVATE, directory, - &fileb); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(dst_key_buildfilename(key, DST_TYPE_PRIVATE, directory, &fileb)); result = isc_file_mode(filename, &mode); if (result == ISC_R_SUCCESS && mode != (S_IRUSR | S_IWUSR)) { @@ -647,11 +632,7 @@ dst__privstruct_writefile(const dst_key_t *key, const dst_private_t *priv, } isc_buffer_init(&tmpb, tmpname, sizeof(tmpname)); - result = dst_key_buildfilename(key, DST_TYPE_TEMPLATE, directory, - &tmpb); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(dst_key_buildfilename(key, DST_TYPE_TEMPLATE, directory, &tmpb)); fp = dst_key_open(tmpname, S_IRUSR | S_IWUSR); if (fp == NULL) { diff --git a/lib/dns/dyndb.c b/lib/dns/dyndb.c index 646d179cf8..1b5337f3ec 100644 --- a/lib/dns/dyndb.c +++ b/lib/dns/dyndb.c @@ -28,13 +28,6 @@ #include "dyndb_p.h" -#define CHECK(op) \ - do { \ - result = (op); \ - if (result != ISC_R_SUCCESS) \ - goto cleanup; \ - } while (0) - typedef struct dyndb_implementation dyndb_implementation_t; struct dyndb_implementation { isc_mem_t *mctx; @@ -144,7 +137,7 @@ load_library(isc_mem_t *mctx, const char *filename, const char *instname, "failed to dlopen() DynDB instance '%s' driver " "'%s': %s", instname, filename, errmsg); - CHECK(ISC_R_FAILURE); + CLEANUP(ISC_R_FAILURE); } CHECK(load_symbol(&imp->handle, filename, "dyndb_version", @@ -158,7 +151,7 @@ load_library(isc_mem_t *mctx, const char *filename, const char *instname, ISC_LOG_ERROR, "driver API version mismatch: %d/%d", version, DNS_DYNDB_VERSION); - CHECK(ISC_R_FAILURE); + CLEANUP(ISC_R_FAILURE); } CHECK(load_symbol(&imp->handle, filename, "dyndb_init", @@ -214,7 +207,7 @@ dns_dyndb_load(const char *libname, const char *name, const char *parameters, /* duplicate instance names are not allowed */ if (impfind(name) != NULL) { - CHECK(ISC_R_EXISTS); + CLEANUP(ISC_R_EXISTS); } CHECK(load_library(mctx, libname, name, &implementation)); diff --git a/lib/dns/gssapictx.c b/lib/dns/gssapictx.c index ea39bb5d98..bebad47677 100644 --- a/lib/dns/gssapictx.c +++ b/lib/dns/gssapictx.c @@ -82,13 +82,6 @@ static gss_OID_desc __gss_spnego_mechanism_oid_desc = { (r).base = (gb).value; \ } while (0) -#define RETERR(x) \ - do { \ - result = (x); \ - if (result != ISC_R_SUCCESS) \ - goto out; \ - } while (0) - static void name_to_gbuffer(const dns_name_t *name, isc_buffer_t *buffer, gss_buffer_desc *gbuffer) { @@ -321,8 +314,7 @@ dst_gssapi_initctx(const dns_name_t *name, isc_buffer_t *intoken, gret = gss_import_name(&minor, &gnamebuf, GSS_C_NO_OID, &gname); if (gret != GSS_S_COMPLETE) { gss_err_message(mctx, gret, minor, err_message); - result = ISC_R_FAILURE; - goto out; + CLEANUP(ISC_R_FAILURE); } if (intoken != NULL) { @@ -353,8 +345,7 @@ dst_gssapi_initctx(const dns_name_t *name, isc_buffer_t *intoken, gss_log(3, "Failure initiating security context"); } - result = ISC_R_FAILURE; - goto out; + CLEANUP(ISC_R_FAILURE); } /* @@ -367,7 +358,7 @@ dst_gssapi_initctx(const dns_name_t *name, isc_buffer_t *intoken, */ if (gouttoken.length != 0U) { GBUFFER_TO_REGION(gouttoken, r); - RETERR(isc_buffer_copyregion(outtoken, &r)); + CHECK(isc_buffer_copyregion(outtoken, &r)); } if (gret == GSS_S_COMPLETE) { @@ -376,7 +367,7 @@ dst_gssapi_initctx(const dns_name_t *name, isc_buffer_t *intoken, result = DNS_R_CONTINUE; } -out: +cleanup: if (gouttoken.length != 0U) { (void)gss_release_buffer(&minor, &gouttoken); } @@ -479,7 +470,7 @@ dst_gssapi_acceptctx(const char *gssapi_keytab, isc_region_t *intoken, isc_buffer_allocate(mctx, outtoken, (unsigned int)gouttoken.length); GBUFFER_TO_REGION(gouttoken, r); - RETERR(isc_buffer_copyregion(*outtoken, &r)); + CHECK(isc_buffer_copyregion(*outtoken, &r)); (void)gss_release_buffer(&minor, &gouttoken); } @@ -489,7 +480,7 @@ dst_gssapi_acceptctx(const char *gssapi_keytab, isc_region_t *intoken, gss_log(3, "failed gss_display_name: %s", gss_error_tostring(gret, minor, buf, sizeof(buf))); - RETERR(ISC_R_FAILURE); + CLEANUP(ISC_R_FAILURE); } /* @@ -511,7 +502,7 @@ dst_gssapi_acceptctx(const char *gssapi_keytab, isc_region_t *intoken, isc_buffer_init(&namebuf, r.base, r.length); isc_buffer_add(&namebuf, r.length); - RETERR(dns_name_fromtext(principal, &namebuf, dns_rootname, 0)); + CHECK(dns_name_fromtext(principal, &namebuf, dns_rootname, 0)); if (gnamebuf.length != 0U) { gret = gss_release_buffer(&minor, &gnamebuf); @@ -527,7 +518,7 @@ dst_gssapi_acceptctx(const char *gssapi_keytab, isc_region_t *intoken, *ctxout = context; -out: +cleanup: if (gname != NULL) { gret = gss_release_name(&minor, &gname); if (gret != GSS_S_COMPLETE) { diff --git a/lib/dns/hmac_link.c b/lib/dns/hmac_link.c index c84ce8efc1..320b8adb85 100644 --- a/lib/dns/hmac_link.c +++ b/lib/dns/hmac_link.c @@ -272,7 +272,7 @@ hmac_compare(const isc_md_type_t *type, const dst_key_t *key1, static isc_result_t hmac_generate(const isc_md_type_t *type, dst_key_t *key) { isc_buffer_t b; - isc_result_t ret; + isc_result_t result; unsigned int bytes, len; unsigned char data[ISC_MAX_MD_SIZE] = { 0 }; @@ -290,11 +290,11 @@ hmac_generate(const isc_md_type_t *type, dst_key_t *key) { isc_buffer_init(&b, data, bytes); isc_buffer_add(&b, bytes); - ret = hmac_fromdns(type, key, &b); + result = hmac_fromdns(type, key, &b); isc_safe_memwipe(data, sizeof(data)); - return ret; + return result; } static bool @@ -456,18 +456,15 @@ static isc_result_t hmac_parse(const isc_md_type_t *type, dst_key_t *key, isc_lex_t *lexer, dst_key_t *pub) { dst_private_t priv; - isc_result_t result, tresult; + isc_result_t result = ISC_R_SUCCESS, tresult; isc_buffer_t b; isc_mem_t *mctx = key->mctx; unsigned int i; UNUSED(pub); /* read private key file */ - result = dst__privstruct_parse(key, hmac__to_dst_alg(type), lexer, mctx, - &priv); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(dst__privstruct_parse(key, hmac__to_dst_alg(type), lexer, mctx, + &priv)); if (key->external) { result = DST_R_EXTERNALKEY; diff --git a/lib/dns/iptable.c b/lib/dns/iptable.c index c405ce54cd..3b2884dded 100644 --- a/lib/dns/iptable.c +++ b/lib/dns/iptable.c @@ -90,17 +90,12 @@ dns_iptable_addprefix(dns_iptable_t *tab, const isc_netaddr_t *addr, */ isc_result_t dns_iptable_merge(dns_iptable_t *tab, dns_iptable_t *source, bool pos) { - isc_result_t result; isc_radix_node_t *node, *new_node; int i, max_node = 0; RADIX_WALK(source->radix->head, node) { new_node = NULL; - result = isc_radix_insert(tab->radix, &new_node, node, NULL); - - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(isc_radix_insert(tab->radix, &new_node, node, NULL)); /* * If we're negating a nested ACL, then we should diff --git a/lib/dns/journal.c b/lib/dns/journal.c index 894fbea9f3..3af3efa4e6 100644 --- a/lib/dns/journal.c +++ b/lib/dns/journal.c @@ -80,25 +80,6 @@ * Miscellaneous utilities. */ -/*% - * It would be non-sensical (or at least obtuse) to use FAIL() with an - * ISC_R_SUCCESS code, but the test is there to keep the Solaris compiler - * from complaining about "end-of-loop code not reached". - */ -#define FAIL(code) \ - do { \ - result = (code); \ - if (result != ISC_R_SUCCESS) \ - goto failure; \ - } while (0) - -#define CHECK(op) \ - do { \ - result = (op); \ - if (result != ISC_R_SUCCESS) \ - goto failure; \ - } while (0) - #define JOURNAL_SERIALSET 0x01U static isc_result_t @@ -479,17 +460,12 @@ journal_fsync(dns_journal_t *j) { */ static isc_result_t journal_read_xhdr(dns_journal_t *j, journal_xhdr_t *xhdr) { - isc_result_t result; - j->it.cpos.offset = j->offset; switch (j->xhdr_version) { case XHDR_VERSION1: { journal_rawxhdr_ver1_t raw; - result = journal_read(j, &raw, sizeof(raw)); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(journal_read(j, &raw, sizeof(raw))); xhdr->size = decode_uint32(raw.size); xhdr->count = 0; xhdr->serial0 = decode_uint32(raw.serial0); @@ -500,10 +476,7 @@ journal_read_xhdr(dns_journal_t *j, journal_xhdr_t *xhdr) { case XHDR_VERSION2: { journal_rawxhdr_t raw; - result = journal_read(j, &raw, sizeof(raw)); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(journal_read(j, &raw, sizeof(raw))); xhdr->size = decode_uint32(raw.size); xhdr->count = decode_uint32(raw.count); xhdr->serial0 = decode_uint32(raw.serial0); @@ -543,12 +516,8 @@ journal_write_xhdr(dns_journal_t *j, uint32_t size, uint32_t count, static isc_result_t journal_read_rrhdr(dns_journal_t *j, journal_rrhdr_t *rrhdr) { journal_rawrrhdr_t raw; - isc_result_t result; - result = journal_read(j, &raw, sizeof(raw)); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(journal_read(j, &raw, sizeof(raw))); rrhdr->size = decode_uint32(raw.size); return ISC_R_SUCCESS; } @@ -641,14 +610,14 @@ journal_open(isc_mem_t *mctx, const char *filename, bool writable, bool create, */ result = isc_stdio_open(j->filename, "rb+", &fp); } else { - FAIL(ISC_R_NOTFOUND); + CLEANUP(ISC_R_NOTFOUND); } } if (result != ISC_R_SUCCESS) { isc_log_write(DNS_LOGCATEGORY_GENERAL, DNS_LOGMODULE_JOURNAL, ISC_LOG_ERROR, "%s: open: %s", j->filename, isc_result_totext(result)); - FAIL(ISC_R_UNEXPECTED); + CLEANUP(ISC_R_UNEXPECTED); } j->fp = fp; @@ -687,7 +656,7 @@ journal_open(isc_mem_t *mctx, const char *filename, bool writable, bool create, isc_log_write(DNS_LOGCATEGORY_GENERAL, DNS_LOGMODULE_JOURNAL, ISC_LOG_ERROR, "%s: journal format not recognized", j->filename); - FAIL(ISC_R_UNEXPECTED); + CLEANUP(ISC_R_UNEXPECTED); } journal_header_decode(&rawheader, &j->header); @@ -740,7 +709,7 @@ journal_open(isc_mem_t *mctx, const char *filename, bool writable, bool create, *journalp = j; return ISC_R_SUCCESS; -failure: +cleanup: j->magic = 0; if (j->rawindex != NULL) { isc_mem_cput(j->mctx, j->rawindex, j->header.index_size, @@ -920,7 +889,7 @@ maybe_fixup_xhdr(dns_journal_t *j, journal_xhdr_t *xhdr, uint32_t serial, j->recovered = true; } -failure: +cleanup: return result; } @@ -948,10 +917,7 @@ journal_next(dns_journal_t *j, journal_pos_t *pos) { REQUIRE(DNS_JOURNAL_VALID(j)); - result = journal_seek(j, pos->offset); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(journal_seek(j, pos->offset)); if (pos->serial == j->header.end.serial) { return ISC_R_NOMORE; @@ -961,10 +927,7 @@ journal_next(dns_journal_t *j, journal_pos_t *pos) { * Read the header of the current transaction. * This will return ISC_R_NOMORE if we are at EOF. */ - result = journal_read_xhdr(j, &xhdr); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(journal_read_xhdr(j, &xhdr)); if (j->header_ver1) { CHECK(maybe_fixup_xhdr(j, &xhdr, pos->serial, pos->offset)); @@ -1002,7 +965,7 @@ journal_next(dns_journal_t *j, journal_pos_t *pos) { pos->serial = xhdr.serial1; return ISC_R_SUCCESS; -failure: +cleanup: return result; } @@ -1115,7 +1078,6 @@ index_invalidate(dns_journal_t *j, uint32_t serial) { */ static isc_result_t journal_find(dns_journal_t *j, uint32_t serial, journal_pos_t *pos) { - isc_result_t result; journal_pos_t current_pos; REQUIRE(DNS_JOURNAL_VALID(j)); @@ -1138,10 +1100,7 @@ journal_find(dns_journal_t *j, uint32_t serial, journal_pos_t *pos) { if (DNS_SERIAL_GT(current_pos.serial, serial)) { return ISC_R_NOTFOUND; } - result = journal_next(j, ¤t_pos); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(journal_next(j, ¤t_pos)); } *pos = current_pos; return ISC_R_SUCCESS; @@ -1183,7 +1142,7 @@ dns_journal_begin_transaction(dns_journal_t *j) { j->state = JOURNAL_STATE_TRANSACTION; result = ISC_R_SUCCESS; -failure: +cleanup: return result; } @@ -1270,7 +1229,7 @@ dns_journal_writediff(dns_journal_t *j, dns_diff_t *diff) { result = ISC_R_SUCCESS; -failure: +cleanup: if (mem != NULL) { isc_mem_put(j->mctx, mem, size); } @@ -1417,7 +1376,7 @@ dns_journal_commit(dns_journal_t *j) { result = ISC_R_SUCCESS; -failure: +cleanup: return result; } @@ -1430,7 +1389,7 @@ dns_journal_write_transaction(dns_journal_t *j, dns_diff_t *diff) { CHECK(dns_journal_writediff(j, diff)); CHECK(dns_journal_commit(j)); result = ISC_R_SUCCESS; -failure: +cleanup: return result; } @@ -1538,7 +1497,7 @@ dns_journal_rollforward(dns_journal_t *j, dns_db_t *db, unsigned int options) { } if (db_serial == end_serial) { - CHECK(DNS_R_UPTODATE); + CLEANUP(DNS_R_UPTODATE); } CHECK(dns_journal_iter_init(j, db_serial, end_serial, NULL)); @@ -1568,7 +1527,7 @@ dns_journal_rollforward(dns_journal_t *j, dns_db_t *db, unsigned int options) { "%s: journal file corrupt: missing " "initial SOA", j->filename); - FAIL(ISC_R_UNEXPECTED); + CLEANUP(ISC_R_UNEXPECTED); } if ((options & DNS_JOURNALOPT_RESIGN) != 0) { op = (n_soa == 1) ? DNS_DIFFOP_DELRESIGN @@ -1606,7 +1565,7 @@ dns_journal_rollforward(dns_journal_t *j, dns_db_t *db, unsigned int options) { dns_diff_clear(&diff); } -failure: +cleanup: if (ver != NULL) { dns_db_closeversion(db, &ver, result == ISC_R_SUCCESS ? true : false); @@ -1714,7 +1673,7 @@ dns_journal_print(isc_mem_t *mctx, uint32_t flags, const char *filename, "%s: journal file corrupt: missing " "initial SOA", j->filename); - FAIL(ISC_R_UNEXPECTED); + CLEANUP(ISC_R_UNEXPECTED); } if (print) { @@ -1756,14 +1715,14 @@ dns_journal_print(isc_mem_t *mctx, uint32_t flags, const char *filename, result = dns_diff_print(&diff, file); dns_diff_clear(&diff); } - goto cleanup; + goto done; -failure: +cleanup: isc_log_write(DNS_LOGCATEGORY_GENERAL, DNS_LOGMODULE_JOURNAL, ISC_LOG_ERROR, "%s: cannot print: journal file corrupt", j->filename); -cleanup: +done: if (source.base != NULL) { isc_mem_put(j->mctx, source.base, source.length); } @@ -1900,7 +1859,7 @@ dns_journal_iter_init(dns_journal_t *j, uint32_t begin_serial, if (xhdr.serial0 != pos.serial || isc_serial_le(xhdr.serial1, xhdr.serial0)) { - CHECK(ISC_R_UNEXPECTED); + CLEANUP(ISC_R_UNEXPECTED); } size += xhdr.size; @@ -1924,7 +1883,7 @@ dns_journal_iter_init(dns_journal_t *j, uint32_t begin_serial, } result = ISC_R_SUCCESS; -failure: +cleanup: j->it.result = result; return j->it.result; } @@ -1945,7 +1904,7 @@ dns_journal_first_rr(dns_journal_t *j) { return read_one_rr(j); -failure: +cleanup: return result; } @@ -1981,7 +1940,7 @@ read_one_rr(dns_journal_t *j) { DNS_LOGMODULE_JOURNAL, ISC_LOG_ERROR, "%s: journal corrupt: empty transaction", j->filename); - FAIL(ISC_R_UNEXPECTED); + CLEANUP(ISC_R_UNEXPECTED); } if (j->header_ver1) { @@ -1998,7 +1957,7 @@ read_one_rr(dns_journal_t *j) { "expected serial %u, got %u", j->filename, j->it.current_serial, xhdr.serial0); - FAIL(ISC_R_UNEXPECTED); + CLEANUP(ISC_R_UNEXPECTED); } j->it.xsize = xhdr.size; @@ -2021,7 +1980,7 @@ read_one_rr(dns_journal_t *j) { "%s: journal corrupt: impossible RR size " "(%d bytes)", j->filename, rrhdr.size); - FAIL(ISC_R_UNEXPECTED); + CLEANUP(ISC_R_UNEXPECTED); } size_buffer(j->mctx, &j->it.source, rrhdr.size); @@ -2050,7 +2009,7 @@ read_one_rr(dns_journal_t *j) { * Check that the RR header is there, and parse it. */ if (isc_buffer_remaininglength(&j->it.source) < 10) { - FAIL(DNS_R_FORMERR); + CLEANUP(DNS_R_FORMERR); } rdtype = isc_buffer_getuint16(&j->it.source); @@ -2064,14 +2023,14 @@ read_one_rr(dns_journal_t *j) { "%s: journal corrupt: impossible rdlen " "(%u bytes)", j->filename, rdlen); - FAIL(ISC_R_FAILURE); + CLEANUP(ISC_R_FAILURE); } /* * Parse the rdata. */ if (isc_buffer_remaininglength(&j->it.source) != rdlen) { - FAIL(DNS_R_FORMERR); + CLEANUP(DNS_R_FORMERR); } isc_buffer_setactive(&j->it.source, rdlen); dns_rdata_reset(&j->it.rdata); @@ -2087,7 +2046,7 @@ read_one_rr(dns_journal_t *j) { result = ISC_R_SUCCESS; -failure: +cleanup: j->it.result = result; return result; } @@ -2130,10 +2089,7 @@ get_name_diff(dns_db_t *db, dns_dbversion_t *ver, isc_stdtime_t now, dns_rdatasetiter_t *rdsiter = NULL; dns_difftuple_t *tuple = NULL; - result = dns_dbiterator_current(dbit, &node, name); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(dns_dbiterator_current(dbit, &node, name)); result = dns_db_allrdatasets(db, node, ver, 0, now, &rdsiter); if (result != ISC_R_SUCCESS) { @@ -2243,7 +2199,7 @@ dns_diff_subtract(dns_diff_t diff[2], dns_diff_t *r) { ISC_LIST_APPENDLIST(r->tuples, del, link); ISC_LIST_APPENDLIST(r->tuples, add, link); result = ISC_R_SUCCESS; -failure: +cleanup: return result; } @@ -2269,10 +2225,7 @@ diff_namespace(dns_db_t *dba, dns_dbversion_t *dbvera, dns_db_t *dbb, dns_fixedname_init(&fixname[0]); dns_fixedname_init(&fixname[1]); - result = dns_db_createiterator(db[0], options, &dbit[0]); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(dns_db_createiterator(db[0], options, &dbit[0])); result = dns_db_createiterator(db[1], options, &dbit[1]); if (result != ISC_R_SUCCESS) { goto cleanup_iterator; @@ -2335,16 +2288,16 @@ diff_namespace(dns_db_t *dba, dns_dbversion_t *dbvera, dns_db_t *dbb, next:; } if (itresult[0] != ISC_R_NOMORE) { - FAIL(itresult[0]); + CHECK(itresult[0]); } if (itresult[1] != ISC_R_NOMORE) { - FAIL(itresult[1]); + CHECK(itresult[1]); } INSIST(ISC_LIST_EMPTY(diff[0].tuples)); INSIST(ISC_LIST_EMPTY(diff[1].tuples)); -failure: +cleanup: dns_dbiterator_destroy(&dbit[1]); cleanup_iterator: @@ -2382,11 +2335,8 @@ dns_db_diffx(dns_diff_t *diff, dns_db_t *dba, dns_dbversion_t *dbvera, dns_journal_t *journal = NULL; if (filename != NULL) { - result = dns_journal_open(diff->mctx, filename, - DNS_JOURNAL_CREATE, &journal); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(dns_journal_open(diff->mctx, filename, + DNS_JOURNAL_CREATE, &journal)); } CHECK(diff_namespace(dba, dbvera, dbb, dbverb, DNS_DB_NONSEC3, diff)); @@ -2402,7 +2352,7 @@ dns_db_diffx(dns_diff_t *diff, dns_db_t *dba, dns_dbversion_t *dbvera, } } -failure: +cleanup: if (journal != NULL) { dns_journal_destroy(&journal); } @@ -2631,7 +2581,7 @@ dns_journal_compact(isc_mem_t *mctx, char *filename, uint32_t serial, "%s: journal file corrupt, " "transaction too large", j1->filename); - CHECK(ISC_R_FAILURE); + CLEANUP(ISC_R_FAILURE); } buf = isc_mem_get(mctx, size); result = journal_read(j1, buf, size); @@ -2666,13 +2616,13 @@ dns_journal_compact(isc_mem_t *mctx, char *filename, uint32_t serial, "%s: journal file corrupt, " "transaction too large", j1->filename); - CHECK(ISC_R_FAILURE); + CLEANUP(ISC_R_FAILURE); } buf = isc_mem_get(mctx, size); CHECK(journal_read(j1, buf, size)); if (!check_delta(buf, size)) { - CHECK(ISC_R_UNEXPECTED); + CLEANUP(ISC_R_UNEXPECTED); } } else { CHECK(result); @@ -2699,7 +2649,7 @@ dns_journal_compact(isc_mem_t *mctx, char *filename, uint32_t serial, if (xhdr.serial0 != serial || isc_serial_le(xhdr.serial1, xhdr.serial0)) { - CHECK(ISC_R_UNEXPECTED); + CLEANUP(ISC_R_UNEXPECTED); } /* @@ -2789,7 +2739,7 @@ dns_journal_compact(isc_mem_t *mctx, char *filename, uint32_t serial, if (result != ISC_R_SUCCESS && result != ISC_R_FILENOTFOUND) { - goto failure; + CHECK(result); } if (rename(filename, backup) == -1) { goto maperrno; @@ -2800,14 +2750,13 @@ dns_journal_compact(isc_mem_t *mctx, char *filename, uint32_t serial, (void)isc_file_remove(backup); } else { maperrno: - result = ISC_R_FAILURE; - goto failure; + CLEANUP(ISC_R_FAILURE); } } result = ISC_R_SUCCESS; -failure: +cleanup: (void)isc_file_remove(newname); if (buf != NULL) { isc_mem_put(mctx, buf, size); @@ -2845,6 +2794,6 @@ index_to_disk(dns_journal_t *j) { CHECK(journal_seek(j, sizeof(journal_rawheader_t))); CHECK(journal_write(j, j->rawindex, rawbytes)); } -failure: +cleanup: return result; } diff --git a/lib/dns/kasp.c b/lib/dns/kasp.c index 76a59c225d..f3ea00eb96 100644 --- a/lib/dns/kasp.c +++ b/lib/dns/kasp.c @@ -522,7 +522,7 @@ dns_kasp_key_tagmax(dns_kasp_key_t *key) { bool dns_kasp_key_match(dns_kasp_key_t *key, dns_dnsseckey_t *dkey) { - isc_result_t ret; + isc_result_t result; bool role = false; REQUIRE(key != NULL); @@ -537,12 +537,12 @@ dns_kasp_key_match(dns_kasp_key_t *key, dns_dnsseckey_t *dkey) { return false; } /* Matching role? */ - ret = dst_key_getbool(dkey->key, DST_BOOL_KSK, &role); - if (ret != ISC_R_SUCCESS || role != dns_kasp_key_ksk(key)) { + result = dst_key_getbool(dkey->key, DST_BOOL_KSK, &role); + if (result != ISC_R_SUCCESS || role != dns_kasp_key_ksk(key)) { return false; } - ret = dst_key_getbool(dkey->key, DST_BOOL_ZSK, &role); - if (ret != ISC_R_SUCCESS || role != dns_kasp_key_zsk(key)) { + result = dst_key_getbool(dkey->key, DST_BOOL_ZSK, &role); + if (result != ISC_R_SUCCESS || role != dns_kasp_key_zsk(key)) { return false; } /* Valid key tag range? */ diff --git a/lib/dns/keymgr.c b/lib/dns/keymgr.c index 6ccb4ef877..f38936aef8 100644 --- a/lib/dns/keymgr.c +++ b/lib/dns/keymgr.c @@ -34,13 +34,6 @@ #include -#define RETERR(x) \ - do { \ - result = (x); \ - if (result != ISC_R_SUCCESS) \ - goto failure; \ - } while (0) - /* * Set key state to `target` state and change last changed * to `time`, only if key state has not been set before. @@ -103,13 +96,13 @@ log_key_overflow(dst_key_t *key, const char *what) { static const char * keymgr_keyrole(dst_key_t *key) { bool ksk = false, zsk = false; - isc_result_t ret; - ret = dst_key_getbool(key, DST_BOOL_KSK, &ksk); - if (ret != ISC_R_SUCCESS) { + isc_result_t result; + result = dst_key_getbool(key, DST_BOOL_KSK, &ksk); + if (result != ISC_R_SUCCESS) { return "UNKNOWN"; } - ret = dst_key_getbool(key, DST_BOOL_ZSK, &zsk); - if (ret != ISC_R_SUCCESS) { + result = dst_key_getbool(key, DST_BOOL_ZSK, &zsk); + if (result != ISC_R_SUCCESS) { return "UNKNOWN"; } if (ksk && zsk) { @@ -130,26 +123,26 @@ static void keymgr_settime_remove(dns_dnsseckey_t *key, dns_kasp_t *kasp) { isc_stdtime_t retire = 0, remove = 0, ksk_remove = 0, zsk_remove = 0; bool zsk = false, ksk = false; - isc_result_t ret; + isc_result_t result; REQUIRE(key != NULL); REQUIRE(key->key != NULL); - ret = dst_key_gettime(key->key, DST_TIME_INACTIVE, &retire); - if (ret != ISC_R_SUCCESS) { + result = dst_key_gettime(key->key, DST_TIME_INACTIVE, &retire); + if (result != ISC_R_SUCCESS) { return; } - ret = dst_key_getbool(key->key, DST_BOOL_ZSK, &zsk); - if (ret == ISC_R_SUCCESS && zsk) { + result = dst_key_getbool(key->key, DST_BOOL_ZSK, &zsk); + if (result == ISC_R_SUCCESS && zsk) { dns_ttl_t ttlsig = dns_kasp_zonemaxttl(kasp, true); /* ZSK: Iret = Dsgn + Dprp + TTLsig */ zsk_remove = retire + ttlsig + dns_kasp_zonepropagationdelay(kasp) + dns_kasp_retiresafety(kasp) + dns_kasp_signdelay(kasp); } - ret = dst_key_getbool(key->key, DST_BOOL_KSK, &ksk); - if (ret == ISC_R_SUCCESS && ksk) { + result = dst_key_getbool(key->key, DST_BOOL_KSK, &ksk); + if (result == ISC_R_SUCCESS && ksk) { /* KSK: Iret = DprpP + TTLds */ ksk_remove = retire + dns_kasp_dsttl(kasp) + dns_kasp_parentpropagationdelay(kasp) + @@ -168,17 +161,17 @@ void dns_keymgr_settime_syncpublish(dst_key_t *key, dns_kasp_t *kasp, bool first) { isc_stdtime_t published, syncpublish; bool ksk = false; - isc_result_t ret; + isc_result_t result; REQUIRE(key != NULL); - ret = dst_key_gettime(key, DST_TIME_PUBLISH, &published); - if (ret != ISC_R_SUCCESS) { + result = dst_key_gettime(key, DST_TIME_PUBLISH, &published); + if (result != ISC_R_SUCCESS) { return; } - ret = dst_key_getbool(key, DST_BOOL_KSK, &ksk); - if (ret != ISC_R_SUCCESS || !ksk) { + result = dst_key_getbool(key, DST_BOOL_KSK, &ksk); + if (result != ISC_R_SUCCESS || !ksk) { return; } @@ -198,8 +191,8 @@ dns_keymgr_settime_syncpublish(dst_key_t *key, dns_kasp_t *kasp, bool first) { dst_key_settime(key, DST_TIME_SYNCPUBLISH, syncpublish); uint32_t lifetime = 0; - ret = dst_key_getnum(key, DST_NUM_LIFETIME, &lifetime); - if (ret == ISC_R_SUCCESS && lifetime > 0) { + result = dst_key_getnum(key, DST_NUM_LIFETIME, &lifetime); + if (result == ISC_R_SUCCESS && lifetime > 0) { dst_key_settime(key, DST_TIME_SYNCDELETE, syncpublish + lifetime); } @@ -222,7 +215,7 @@ dns_keymgr_settime_syncpublish(dst_key_t *key, dns_kasp_t *kasp, bool first) { static isc_stdtime_t keymgr_prepublication_time(dns_dnsseckey_t *key, dns_kasp_t *kasp, uint32_t lifetime, isc_stdtime_t now) { - isc_result_t ret; + isc_result_t result; isc_stdtime_t active, retire, pub, prepub; bool zsk = false, ksk = false; @@ -237,14 +230,14 @@ keymgr_prepublication_time(dns_dnsseckey_t *key, dns_kasp_t *kasp, * An active key must have publish and activate timing * metadata. */ - ret = dst_key_gettime(key->key, DST_TIME_ACTIVATE, &active); - if (ret != ISC_R_SUCCESS) { + result = dst_key_gettime(key->key, DST_TIME_ACTIVATE, &active); + if (result != ISC_R_SUCCESS) { /* Super weird, but if it happens, set it to now. */ dst_key_settime(key->key, DST_TIME_ACTIVATE, now); active = now; } - ret = dst_key_gettime(key->key, DST_TIME_PUBLISH, &pub); - if (ret != ISC_R_SUCCESS) { + result = dst_key_gettime(key->key, DST_TIME_PUBLISH, &pub); + if (result != ISC_R_SUCCESS) { /* Super weird, but if it happens, set it to now. */ dst_key_settime(key->key, DST_TIME_PUBLISH, now); pub = now; @@ -255,8 +248,8 @@ keymgr_prepublication_time(dns_dnsseckey_t *key, dns_kasp_t *kasp, * the key lifetime is required. */ uint32_t klifetime = 0; - ret = dst_key_getnum(key->key, DST_NUM_LIFETIME, &klifetime); - if (ret != ISC_R_SUCCESS) { + result = dst_key_getnum(key->key, DST_NUM_LIFETIME, &klifetime); + if (result != ISC_R_SUCCESS) { dst_key_setnum(key->key, DST_NUM_LIFETIME, lifetime); klifetime = lifetime; } @@ -266,23 +259,24 @@ keymgr_prepublication_time(dns_dnsseckey_t *key, dns_kasp_t *kasp, */ prepub = dst_key_getttl(key->key) + dns_kasp_publishsafety(kasp) + dns_kasp_zonepropagationdelay(kasp); - ret = dst_key_getbool(key->key, DST_BOOL_KSK, &ksk); - if (ret == ISC_R_SUCCESS && ksk) { + result = dst_key_getbool(key->key, DST_BOOL_KSK, &ksk); + if (result == ISC_R_SUCCESS && ksk) { isc_stdtime_t syncpub; /* * Set PublishCDS if not set. */ - ret = dst_key_gettime(key->key, DST_TIME_SYNCPUBLISH, &syncpub); - if (ret != ISC_R_SUCCESS) { + result = dst_key_gettime(key->key, DST_TIME_SYNCPUBLISH, + &syncpub); + if (result != ISC_R_SUCCESS) { uint32_t tag; isc_stdtime_t syncpub1, syncpub2; syncpub1 = pub + prepub; syncpub2 = 0; - ret = dst_key_getnum(key->key, DST_NUM_PREDECESSOR, - &tag); - if (ret != ISC_R_SUCCESS) { + result = dst_key_getnum(key->key, DST_NUM_PREDECESSOR, + &tag); + if (result != ISC_R_SUCCESS) { /* * No predecessor, wait for zone to be * completely signed. @@ -310,8 +304,8 @@ keymgr_prepublication_time(dns_dnsseckey_t *key, dns_kasp_t *kasp, */ (void)dst_key_getbool(key->key, DST_BOOL_ZSK, &zsk); - ret = dst_key_gettime(key->key, DST_TIME_INACTIVE, &retire); - if (ret != ISC_R_SUCCESS) { + result = dst_key_gettime(key->key, DST_TIME_INACTIVE, &retire); + if (result != ISC_R_SUCCESS) { if (klifetime == 0) { /* * No inactive time and no lifetime, @@ -346,7 +340,7 @@ static void keymgr_key_retire(dns_dnsseckey_t *key, dns_kasp_t *kasp, uint8_t opts, isc_stdtime_t now) { char keystr[DST_KEY_FORMATSIZE]; - isc_result_t ret; + isc_result_t result; isc_stdtime_t retire; dst_key_state_t s; bool ksk = false, zsk = false; @@ -356,8 +350,8 @@ keymgr_key_retire(dns_dnsseckey_t *key, dns_kasp_t *kasp, uint8_t opts, dst_key_format(key->key, keystr, sizeof(keystr)); - ret = dst_key_getstate(key->key, DST_KEY_GOAL, &s); - INSIST(ret == ISC_R_SUCCESS); + result = dst_key_getstate(key->key, DST_KEY_GOAL, &s); + INSIST(result == ISC_R_SUCCESS); if (dns_kasp_manualmode(kasp) && (opts & DNS_KEYMGRATTR_FORCESTEP) == 0 && s != HIDDEN) @@ -381,8 +375,8 @@ keymgr_key_retire(dns_dnsseckey_t *key, dns_kasp_t *kasp, uint8_t opts, * This key may not have key states set yet. Pretend as if they are * in the OMNIPRESENT state. */ - ret = dst_key_gettime(key->key, DST_TIME_INACTIVE, &retire); - if (ret != ISC_R_SUCCESS || (retire > now)) { + result = dst_key_gettime(key->key, DST_TIME_INACTIVE, &retire); + if (result != ISC_R_SUCCESS || (retire > now)) { dst_key_settime(key->key, DST_TIME_INACTIVE, now); } keymgr_settime_remove(key, kasp); @@ -392,8 +386,8 @@ keymgr_key_retire(dns_dnsseckey_t *key, dns_kasp_t *kasp, uint8_t opts, dst_key_settime(key->key, DST_TIME_DNSKEY, now); } - ret = dst_key_getbool(key->key, DST_BOOL_KSK, &ksk); - if (ret == ISC_R_SUCCESS && ksk) { + result = dst_key_getbool(key->key, DST_BOOL_KSK, &ksk); + if (result == ISC_R_SUCCESS && ksk) { if (dst_key_getstate(key->key, DST_KEY_KRRSIG, &s) != ISC_R_SUCCESS) { @@ -406,8 +400,8 @@ keymgr_key_retire(dns_dnsseckey_t *key, dns_kasp_t *kasp, uint8_t opts, dst_key_settime(key->key, DST_TIME_DS, now); } } - ret = dst_key_getbool(key->key, DST_BOOL_ZSK, &zsk); - if (ret == ISC_R_SUCCESS && zsk) { + result = dst_key_getbool(key->key, DST_BOOL_ZSK, &zsk); + if (result == ISC_R_SUCCESS && zsk) { if (dst_key_getstate(key->key, DST_KEY_ZRRSIG, &s) != ISC_R_SUCCESS) { @@ -520,16 +514,16 @@ keymgr_createkey(dns_kasp_key_t *kkey, const dns_name_t *origin, result = dns_dnssec_findmatchingkeys(origin, NULL, keydir, NULL, now, true, mctx, &keykeys); if (result != ISC_R_SUCCESS && result != ISC_R_NOTFOUND) { - goto failure; + goto cleanup; } do { if (keystore == NULL) { - RETERR(dst_key_generate(origin, alg, size, 0, flags, - DNS_KEYPROTO_DNSSEC, rdclass, - NULL, mctx, &newkey, NULL)); + CHECK(dst_key_generate(origin, alg, size, 0, flags, + DNS_KEYPROTO_DNSSEC, rdclass, + NULL, mctx, &newkey, NULL)); } else { - RETERR(dns_keystore_keygen( + CHECK(dns_keystore_keygen( keystore, origin, dns_kasp_getname(kasp), rdclass, mctx, alg, size, flags, &newkey)); } @@ -567,7 +561,7 @@ keymgr_createkey(dns_kasp_key_t *kkey, const dns_name_t *origin, *dst_key = newkey; result = ISC_R_SUCCESS; -failure: +cleanup: while (!ISC_LIST_EMPTY(keykeys)) { dns_dnsseckey_t *key = ISC_LIST_HEAD(keykeys); ISC_LIST_UNLINK(keykeys, key, link); @@ -1316,7 +1310,7 @@ static void keymgr_transition_time(dns_dnsseckey_t *key, int type, dst_key_state_t next_state, dns_kasp_t *kasp, isc_stdtime_t now, isc_stdtime_t *when) { - isc_result_t ret; + isc_result_t result; isc_stdtime_t lastchange, dstime, sigtime, nexttime = now; dns_ttl_t ttlsig = dns_kasp_zonemaxttl(kasp, true); uint32_t dsstate, sigstate, signdelay = 0; @@ -1329,8 +1323,8 @@ keymgr_transition_time(dns_dnsseckey_t *key, int type, return; } - ret = dst_key_gettime(key->key, keystatetimes[type], &lastchange); - if (ret != ISC_R_SUCCESS) { + result = dst_key_gettime(key->key, keystatetimes[type], &lastchange); + if (result != ISC_R_SUCCESS) { /* No last change, for safety purposes let's set it to now. */ dst_key_settime(key->key, keystatetimes[type], now); lastchange = now; @@ -1376,8 +1370,8 @@ keymgr_transition_time(dns_dnsseckey_t *key, int type, /* Was there a full sign? */ sigstate = (next_state == HIDDEN) ? DST_TIME_SIGDELETE : DST_TIME_SIGPUBLISH; - ret = dst_key_gettime(key->key, sigstate, &sigtime); - if (ret == ISC_R_SUCCESS && sigtime <= now) { + result = dst_key_gettime(key->key, sigstate, &sigtime); + if (result == ISC_R_SUCCESS && sigtime <= now) { signdelay = 0; } else { sigtime = lastchange; @@ -1408,13 +1402,13 @@ keymgr_transition_time(dns_dnsseckey_t *key, int type, * there is an actual predecessor or successor key. */ uint32_t tag; - ret = dst_key_getnum(key->key, DST_NUM_PREDECESSOR, - &tag); - if (ret != ISC_R_SUCCESS) { - ret = dst_key_getnum(key->key, - DST_NUM_SUCCESSOR, &tag); + result = dst_key_getnum(key->key, DST_NUM_PREDECESSOR, + &tag); + if (result != ISC_R_SUCCESS) { + result = dst_key_getnum( + key->key, DST_NUM_SUCCESSOR, &tag); } - if (ret == ISC_R_SUCCESS) { + if (result == ISC_R_SUCCESS) { nexttime += signdelay + dns_kasp_retiresafety(kasp); } @@ -1449,8 +1443,8 @@ keymgr_transition_time(dns_dnsseckey_t *key, int type, * parent. */ dsstate = next_state == HIDDEN ? DST_TIME_DSDELETE : DST_TIME_DSPUBLISH; - ret = dst_key_gettime(key->key, dsstate, &dstime); - if (ret != ISC_R_SUCCESS || dstime > now) { + result = dst_key_gettime(key->key, dsstate, &dstime); + if (result != ISC_R_SUCCESS || dstime > now) { /* Not yet, try again in an hour. */ nexttime = now + 3600; } else { @@ -1462,14 +1456,14 @@ keymgr_transition_time(dns_dnsseckey_t *key, int type, * actual predecessor or successor key. */ uint32_t tag; - ret = dst_key_getnum(key->key, - DST_NUM_PREDECESSOR, &tag); - if (ret != ISC_R_SUCCESS) { - ret = dst_key_getnum(key->key, - DST_NUM_SUCCESSOR, - &tag); + result = dst_key_getnum( + key->key, DST_NUM_PREDECESSOR, &tag); + if (result != ISC_R_SUCCESS) { + result = dst_key_getnum( + key->key, DST_NUM_SUCCESSOR, + &tag); } - if (ret == ISC_R_SUCCESS) { + if (result == ISC_R_SUCCESS) { nexttime += dns_kasp_retiresafety(kasp); } } @@ -1515,12 +1509,12 @@ transition: /* For all records related to this key. */ for (int i = 0; i < NUM_KEYSTATES; i++) { - isc_result_t ret; isc_stdtime_t when; dst_key_state_t state, next_state; - ret = dst_key_getstate(dkey->key, i, &state); - if (ret == ISC_R_NOTFOUND) { + if (dst_key_getstate(dkey->key, i, &state) == + ISC_R_NOTFOUND) + { /* * This record type is not applicable for this * key, continue to the next record type. @@ -1671,7 +1665,7 @@ void dns_keymgr_key_init(dns_dnsseckey_t *key, dns_kasp_t *kasp, isc_stdtime_t now, bool csk) { bool ksk, zsk; - isc_result_t ret; + isc_result_t result; isc_stdtime_t active = 0, pub = 0, syncpub = 0, retire = 0, remove = 0; dst_key_state_t dnskey_state = HIDDEN; dst_key_state_t ds_state = HIDDEN; @@ -1682,20 +1676,20 @@ dns_keymgr_key_init(dns_dnsseckey_t *key, dns_kasp_t *kasp, isc_stdtime_t now, REQUIRE(key->key != NULL); /* Initialize role. */ - ret = dst_key_getbool(key->key, DST_BOOL_KSK, &ksk); - if (ret != ISC_R_SUCCESS) { + result = dst_key_getbool(key->key, DST_BOOL_KSK, &ksk); + if (result != ISC_R_SUCCESS) { ksk = ((dst_key_flags(key->key) & DNS_KEYFLAG_KSK) != 0); dst_key_setbool(key->key, DST_BOOL_KSK, ksk || csk); } - ret = dst_key_getbool(key->key, DST_BOOL_ZSK, &zsk); - if (ret != ISC_R_SUCCESS) { + result = dst_key_getbool(key->key, DST_BOOL_ZSK, &zsk); + if (result != ISC_R_SUCCESS) { zsk = ((dst_key_flags(key->key) & DNS_KEYFLAG_KSK) == 0); dst_key_setbool(key->key, DST_BOOL_ZSK, zsk || csk); } /* Get time metadata. */ - ret = dst_key_gettime(key->key, DST_TIME_ACTIVATE, &active); - if (active <= now && ret == ISC_R_SUCCESS) { + result = dst_key_gettime(key->key, DST_TIME_ACTIVATE, &active); + if (active <= now && result == ISC_R_SUCCESS) { dns_ttl_t ttlsig = dns_kasp_zonemaxttl(kasp, true); ttlsig += dns_kasp_zonepropagationdelay(kasp); if ((active + ttlsig) <= now) { @@ -1705,8 +1699,8 @@ dns_keymgr_key_init(dns_dnsseckey_t *key, dns_kasp_t *kasp, isc_stdtime_t now, } goal_state = OMNIPRESENT; } - ret = dst_key_gettime(key->key, DST_TIME_PUBLISH, &pub); - if (pub <= now && ret == ISC_R_SUCCESS) { + result = dst_key_gettime(key->key, DST_TIME_PUBLISH, &pub); + if (pub <= now && result == ISC_R_SUCCESS) { dns_ttl_t key_ttl = dst_key_getttl(key->key); key_ttl += dns_kasp_zonepropagationdelay(kasp); if ((pub + key_ttl) <= now) { @@ -1716,8 +1710,8 @@ dns_keymgr_key_init(dns_dnsseckey_t *key, dns_kasp_t *kasp, isc_stdtime_t now, } goal_state = OMNIPRESENT; } - ret = dst_key_gettime(key->key, DST_TIME_SYNCPUBLISH, &syncpub); - if (syncpub <= now && ret == ISC_R_SUCCESS) { + result = dst_key_gettime(key->key, DST_TIME_SYNCPUBLISH, &syncpub); + if (syncpub <= now && result == ISC_R_SUCCESS) { dns_ttl_t ds_ttl = dns_kasp_dsttl(kasp); ds_ttl += dns_kasp_parentpropagationdelay(kasp); if ((syncpub + ds_ttl) <= now) { @@ -1727,8 +1721,8 @@ dns_keymgr_key_init(dns_dnsseckey_t *key, dns_kasp_t *kasp, isc_stdtime_t now, } goal_state = OMNIPRESENT; } - ret = dst_key_gettime(key->key, DST_TIME_INACTIVE, &retire); - if (retire <= now && ret == ISC_R_SUCCESS) { + result = dst_key_gettime(key->key, DST_TIME_INACTIVE, &result); + if (result <= now && result == ISC_R_SUCCESS) { dns_ttl_t ttlsig = dns_kasp_zonemaxttl(kasp, true); ttlsig += dns_kasp_zonepropagationdelay(kasp); if ((retire + ttlsig) <= now) { @@ -1739,8 +1733,8 @@ dns_keymgr_key_init(dns_dnsseckey_t *key, dns_kasp_t *kasp, isc_stdtime_t now, ds_state = UNRETENTIVE; goal_state = HIDDEN; } - ret = dst_key_gettime(key->key, DST_TIME_DELETE, &remove); - if (remove <= now && ret == ISC_R_SUCCESS) { + result = dst_key_gettime(key->key, DST_TIME_DELETE, &remove); + if (remove <= now && result == ISC_R_SUCCESS) { dns_ttl_t key_ttl = dst_key_getttl(key->key); key_ttl += dns_kasp_zonepropagationdelay(kasp); if ((remove + key_ttl) <= now) { @@ -2094,7 +2088,7 @@ dns_keymgr_key_may_be_purged(const dst_key_t *key, uint32_t after, static void keymgr_purge_keyfile(dst_key_t *key, int type) { - isc_result_t ret; + isc_result_t result; isc_buffer_t fileb; char filename[NAME_MAX]; @@ -2102,8 +2096,9 @@ keymgr_purge_keyfile(dst_key_t *key, int type) { * Make the filename. */ isc_buffer_init(&fileb, filename, sizeof(filename)); - ret = dst_key_buildfilename(key, type, dst_key_directory(key), &fileb); - if (ret != ISC_R_SUCCESS) { + result = dst_key_buildfilename(key, type, dst_key_directory(key), + &fileb); + if (result != ISC_R_SUCCESS) { char keystr[DST_KEY_FORMATSIZE]; dst_key_format(key, keystr, sizeof(keystr)); isc_log_write(DNS_LOGCATEGORY_DNSSEC, DNS_LOGMODULE_DNSSEC, @@ -2111,7 +2106,7 @@ keymgr_purge_keyfile(dst_key_t *key, int type) { "keymgr: failed to purge DNSKEY %s (%s): cannot " "build filename (%s)", keystr, keymgr_keyrole(key), - isc_result_totext(ret)); + isc_result_totext(result)); return; } @@ -2141,24 +2136,23 @@ dst_key_doublematch(dns_dnsseckey_t *key, dns_kasp_t *kasp) { static void keymgr_zrrsig(dns_dnsseckeylist_t *keyring, isc_stdtime_t now) { ISC_LIST_FOREACH(*keyring, dkey, link) { - isc_result_t ret; + isc_result_t result; bool zsk = false; + dst_key_state_t state; - ret = dst_key_getbool(dkey->key, DST_BOOL_ZSK, &zsk); - if (ret == ISC_R_SUCCESS && zsk) { - dst_key_state_t state; - isc_result_t result = dst_key_getstate( - dkey->key, DST_KEY_ZRRSIG, &state); - if (result == ISC_R_SUCCESS) { - if (state == RUMOURED) { - dst_key_settime(dkey->key, - DST_TIME_SIGPUBLISH, - now); - } else if (state == UNRETENTIVE) { - dst_key_settime(dkey->key, - DST_TIME_SIGDELETE, - now); - } + result = dst_key_getbool(dkey->key, DST_BOOL_ZSK, &zsk); + if (result != ISC_R_SUCCESS || !zsk) { + continue; + } + + result = dst_key_getstate(dkey->key, DST_KEY_ZRRSIG, &state); + if (result == ISC_R_SUCCESS) { + if (state == RUMOURED) { + dst_key_settime(dkey->key, DST_TIME_SIGPUBLISH, + now); + } else if (state == UNRETENTIVE) { + dst_key_settime(dkey->key, DST_TIME_SIGDELETE, + now); } } } @@ -2346,9 +2340,9 @@ dns_keymgr_run(const dns_name_t *origin, dns_rdataclass_t rdclass, } /* See if this key requires a rollover. */ - RETERR(keymgr_key_rollover( - kkey, active_key, keyring, &newkeys, origin, rdclass, - kasp, keydir, lifetime, opts, now, nexttime, mctx)); + CHECK(keymgr_key_rollover(kkey, active_key, keyring, &newkeys, + origin, rdclass, kasp, keydir, + lifetime, opts, now, nexttime, mctx)); opts &= ~DNS_KEYMGRATTR_NOROLL; } @@ -2389,7 +2383,7 @@ dns_keymgr_run(const dns_name_t *origin, dns_rdataclass_t rdclass, } dns_dnssec_get_hints(dkey, now); - RETERR(dst_key_tofile(dkey->key, options, directory)); + CHECK(dst_key_tofile(dkey->key, options, directory)); dst_key_setmodified(dkey->key, false); if (!isc_log_wouldlog(ISC_LOG_DEBUG(3))) { @@ -2407,8 +2401,9 @@ dns_keymgr_run(const dns_name_t *origin, dns_rdataclass_t rdclass, } result = retval; -failure: - if (result != ISC_R_SUCCESS && result != DNS_R_UNCHANGED) { + +cleanup: + if (result != ISC_R_SUCCESS) { ISC_LIST_FOREACH(newkeys, newkey, link) { ISC_LIST_UNLINK(newkeys, newkey, link); INSIST(newkey->key != NULL); @@ -2439,11 +2434,10 @@ keymgr_checkds(dns_kasp_t *kasp, dns_dnsseckeylist_t *keyring, REQUIRE(keyring != NULL); ISC_LIST_FOREACH(*keyring, dkey, link) { - isc_result_t ret; bool ksk = false; - ret = dst_key_getbool(dkey->key, DST_BOOL_KSK, &ksk); - if (ret == ISC_R_SUCCESS && ksk) { + result = dst_key_getbool(dkey->key, DST_BOOL_KSK, &ksk); + if (result == ISC_R_SUCCESS && ksk) { if (check_id && dst_key_id(dkey->key) != id) { continue; } @@ -2532,22 +2526,22 @@ keytime_status(dst_key_t *key, isc_stdtime_t now, isc_buffer_t *buf, isc_stdtime_t when = 0; dst_key_state_t state = NA; - RETERR(isc_buffer_printf(buf, "%s", pre)); + CHECK(isc_buffer_printf(buf, "%s", pre)); (void)dst_key_getstate(key, ks, &state); isc_result_t r = dst_key_gettime(key, kt, &when); if (state == RUMOURED || state == OMNIPRESENT) { - RETERR(isc_buffer_printf(buf, "yes - since ")); + CHECK(isc_buffer_printf(buf, "yes - since ")); } else if (now < when) { - RETERR(isc_buffer_printf(buf, "no - scheduled ")); + CHECK(isc_buffer_printf(buf, "no - scheduled ")); } else { return isc_buffer_printf(buf, "no\n"); } if (r == ISC_R_SUCCESS) { isc_stdtime_tostring(when, timestr, sizeof(timestr)); - RETERR(isc_buffer_printf(buf, "%s\n", timestr)); + CHECK(isc_buffer_printf(buf, "%s\n", timestr)); } -failure: +cleanup: return result; } @@ -2559,16 +2553,16 @@ keystate_status(dst_key_t *key, isc_buffer_t *buf, const char *pre, int ks) { (void)dst_key_getstate(key, ks, &state); switch (state) { case HIDDEN: - RETERR(isc_buffer_printf(buf, " - %shidden\n", pre)); + CHECK(isc_buffer_printf(buf, " - %shidden\n", pre)); break; case RUMOURED: - RETERR(isc_buffer_printf(buf, " - %srumoured\n", pre)); + CHECK(isc_buffer_printf(buf, " - %srumoured\n", pre)); break; case OMNIPRESENT: - RETERR(isc_buffer_printf(buf, " - %somnipresent\n", pre)); + CHECK(isc_buffer_printf(buf, " - %somnipresent\n", pre)); break; case UNRETENTIVE: - RETERR(isc_buffer_printf(buf, " - %sunretentive\n", pre)); + CHECK(isc_buffer_printf(buf, " - %sunretentive\n", pre)); break; case NA: default: @@ -2576,7 +2570,7 @@ keystate_status(dst_key_t *key, isc_buffer_t *buf, const char *pre, int ks) { break; } -failure: +cleanup: return result; } @@ -2602,47 +2596,47 @@ rollover_status(dns_dnsseckey_t *dkey, dns_kasp_t *kasp, (void)dst_key_getstate(key, DST_KEY_DS, &ds); // publish status - RETERR(keytime_status(key, now, buf, " Published: ", DST_KEY_DNSKEY, - DST_TIME_PUBLISH)); + CHECK(keytime_status(key, now, buf, " Published: ", DST_KEY_DNSKEY, + DST_TIME_PUBLISH)); // signing status result = dst_key_getbool(key, DST_BOOL_KSK, &ksk); if (result == ISC_R_SUCCESS && ksk) { - RETERR(keytime_status(key, now, buf, " Key signing: ", - DST_KEY_KRRSIG, DST_TIME_PUBLISH)); + CHECK(keytime_status(key, now, buf, " Key signing: ", + DST_KEY_KRRSIG, DST_TIME_PUBLISH)); } result = dst_key_getbool(key, DST_BOOL_ZSK, &zsk); if (result == ISC_R_SUCCESS && zsk) { - RETERR(keytime_status(key, now, buf, " Zone signing: ", - DST_KEY_ZRRSIG, DST_TIME_ACTIVATE)); + CHECK(keytime_status(key, now, buf, " Zone signing: ", + DST_KEY_ZRRSIG, DST_TIME_ACTIVATE)); } if (zsk) { if (goal == OMNIPRESENT) { if (dnskey == HIDDEN && zrrsig == HIDDEN) { - RETERR(isc_buffer_printf( + CHECK(isc_buffer_printf( buf, " Key is created but not " "published yet.\n")); } else if (dnskey == RUMOURED && zrrsig == HIDDEN) { - RETERR(isc_buffer_printf( + CHECK(isc_buffer_printf( buf, " Key is pre-published.\n")); } else if (dnskey == RUMOURED && zrrsig == RUMOURED) { - RETERR(isc_buffer_printf(buf, " Introducing " - "new key.\n")); + CHECK(isc_buffer_printf(buf, " Introducing " + "new key.\n")); } else if (dnskey == OMNIPRESENT && zrrsig == HIDDEN) { - RETERR(isc_buffer_printf( + CHECK(isc_buffer_printf( buf, " Key is published, but not yet " "signing.\n")); } else if (dnskey == OMNIPRESENT && zrrsig == RUMOURED) { if (keymgr_dep(key, keyring, NULL)) { - RETERR(isc_buffer_printf( + CHECK(isc_buffer_printf( buf, " Key is published, waiting " "for the zone to be completely " "signed with this key.\n")); } else { - RETERR(isc_buffer_printf( + CHECK(isc_buffer_printf( buf, " Key is published, " "introducing signatures.\n")); @@ -2654,7 +2648,7 @@ rollover_status(dns_dnsseckey_t *dkey, dns_kasp_t *kasp, log_next_rollover = true; } } else { - RETERR(isc_buffer_printf( + CHECK(isc_buffer_printf( buf, " Key is in unexpected state, " "performing auto-healing.\n")); *verbose = true; @@ -2662,7 +2656,7 @@ rollover_status(dns_dnsseckey_t *dkey, dns_kasp_t *kasp, } else if (goal == HIDDEN) { if (dnskey == OMNIPRESENT && zrrsig == OMNIPRESENT) { if (!ksk) { - RETERR(isc_buffer_printf( + CHECK(isc_buffer_printf( buf, " Key will be retired " "after successor key " "becomes active.\n")); @@ -2670,24 +2664,24 @@ rollover_status(dns_dnsseckey_t *dkey, dns_kasp_t *kasp, } else if (dnskey == OMNIPRESENT && zrrsig == UNRETENTIVE) { - RETERR(isc_buffer_printf( + CHECK(isc_buffer_printf( buf, " Key is retired, waiting until all " "signatures generated with this key " "are replaced with successor.\n")); } else if (dnskey == OMNIPRESENT && zrrsig == HIDDEN) { - RETERR(isc_buffer_printf( + CHECK(isc_buffer_printf( buf, " Key is retired, no longer " "signing the zone.\n")); } else if (dnskey == UNRETENTIVE && zrrsig == HIDDEN) { - RETERR(isc_buffer_printf( - buf, " Key is removed from zone.\n")); + CHECK(isc_buffer_printf(buf, " Key is removed " + "from zone.\n")); } else if (dnskey == HIDDEN && zrrsig == HIDDEN) { - RETERR(isc_buffer_printf( + CHECK(isc_buffer_printf( buf, " Key is completely hidden " "(waiting to be purged).\n")); } else { - RETERR(isc_buffer_printf( + CHECK(isc_buffer_printf( buf, " WARNING: Key is in unexpected " "state, " "performing auto-healing.\n")); @@ -2698,24 +2692,24 @@ rollover_status(dns_dnsseckey_t *dkey, dns_kasp_t *kasp, if (goal == OMNIPRESENT) { if (dnskey == HIDDEN && ds == HIDDEN) { if (!zsk) { - RETERR(isc_buffer_printf( + CHECK(isc_buffer_printf( buf, " Key is created but not " "published yet.\n")); } } else if (dnskey == RUMOURED && ds == HIDDEN) { if (!zsk) { - RETERR(isc_buffer_printf( + CHECK(isc_buffer_printf( buf, " Key is pre-published.\n")); } } else if (dnskey == OMNIPRESENT && ds == HIDDEN) { if (keymgr_dep(key, keyring, NULL)) { - RETERR(isc_buffer_printf( + CHECK(isc_buffer_printf( buf, " Waiting for the DS to be " "submitted to the parent.\n")); } else { - RETERR(isc_buffer_printf( + CHECK(isc_buffer_printf( buf, " Wait for zone to be fully " "signed before submitting the " @@ -2726,19 +2720,19 @@ rollover_status(dns_dnsseckey_t *dkey, dns_kasp_t *kasp, isc_result_t ret = dst_key_gettime( key, DST_TIME_DSPUBLISH, &dstime); if (ret != ISC_R_SUCCESS || dstime > now) { - RETERR(isc_buffer_printf( + CHECK(isc_buffer_printf( buf, " Waiting for the DS to be " "published to the parent.\n")); if (checkds) { - RETERR(isc_buffer_printf( + CHECK(isc_buffer_printf( buf, " checkds is enabled, " "BIND will check the " "DS RRset " "periodically.\n")); } else { - RETERR(isc_buffer_printf( + CHECK(isc_buffer_printf( buf, " ! Once the DS is in " "the parent, run 'rndc " @@ -2748,7 +2742,7 @@ rollover_status(dns_dnsseckey_t *dkey, dns_kasp_t *kasp, dst_key_id(key))); } } else { - RETERR(isc_buffer_printf( + CHECK(isc_buffer_printf( buf, " Waiting TTL period for " "validators to pick up " "the new DS RRset.\n")); @@ -2758,7 +2752,7 @@ rollover_status(dns_dnsseckey_t *dkey, dns_kasp_t *kasp, active_state = DST_TIME_PUBLISH; retire_state = DST_TIME_DELETE; } else { - RETERR(isc_buffer_printf( + CHECK(isc_buffer_printf( buf, " WARNING: Key is in unexpected " "state, " "performing auto-healing.\n")); @@ -2766,7 +2760,7 @@ rollover_status(dns_dnsseckey_t *dkey, dns_kasp_t *kasp, } } else if (goal == HIDDEN) { if (dnskey == OMNIPRESENT && ds == OMNIPRESENT) { - RETERR(isc_buffer_printf( + CHECK(isc_buffer_printf( buf, " Key will be retired after the DS is " "withdrawn from the parent.\n")); @@ -2775,19 +2769,19 @@ rollover_status(dns_dnsseckey_t *dkey, dns_kasp_t *kasp, isc_result_t ret = dst_key_gettime( key, DST_TIME_DSDELETE, &dstime); if (ret != ISC_R_SUCCESS || dstime > now) { - RETERR(isc_buffer_printf( + CHECK(isc_buffer_printf( buf, " Waiting for the DS to be " "removed from the parent.\n")); if (checkds) { - RETERR(isc_buffer_printf( + CHECK(isc_buffer_printf( buf, " checkds is enabled, " "BIND will check the " "DS RRset " "periodically.\n")); } else { - RETERR(isc_buffer_printf( + CHECK(isc_buffer_printf( buf, " ! Once the DS is " "removed from the " @@ -2798,30 +2792,30 @@ rollover_status(dns_dnsseckey_t *dkey, dns_kasp_t *kasp, dst_key_id(key))); } } else { - RETERR(isc_buffer_printf( + CHECK(isc_buffer_printf( buf, " Waiting TTL period for " "validators to pick up " "the new DS RRset.\n")); } } else if (dnskey == OMNIPRESENT && ds == HIDDEN) { - RETERR(isc_buffer_printf( - buf, " Key is removed from chain of " - "trust.\n")); + CHECK(isc_buffer_printf(buf, " Key is removed " + "from chain of " + "trust.\n")); } else if (dnskey == UNRETENTIVE && ds == HIDDEN) { if (!zsk) { - RETERR(isc_buffer_printf( + CHECK(isc_buffer_printf( buf, " Key is removed from " "zone.\n")); } } else if (dnskey == HIDDEN && ds == HIDDEN) { if (!zsk) { - RETERR(isc_buffer_printf( + CHECK(isc_buffer_printf( buf, " Key is completely hidden " "(waiting to be purged).\n")); } } else { - RETERR(isc_buffer_printf( + CHECK(isc_buffer_printf( buf, " WARNING: Key is in unexpected " "state, " "performing auto-healing.\n")); @@ -2840,25 +2834,25 @@ rollover_status(dns_dnsseckey_t *dkey, dns_kasp_t *kasp, char timestr[26]; /* Minimal buf as per ctime_r() spec. */ if (now < retire_time) { - RETERR(isc_buffer_printf(buf, " Next rollover " - "scheduled on ")); + CHECK(isc_buffer_printf(buf, " Next rollover " + "scheduled on ")); retire_time = keymgr_prepublication_time( dkey, kasp, retire_time - active_time, now); } else { - RETERR(isc_buffer_printf(buf, " Rollover is " - "due since ")); + CHECK(isc_buffer_printf(buf, " Rollover is " + "due since ")); } isc_stdtime_tostring(retire_time, timestr, sizeof(timestr)); - RETERR(isc_buffer_printf(buf, "%s\n", timestr)); + CHECK(isc_buffer_printf(buf, "%s\n", timestr)); } else { - RETERR(isc_buffer_printf(buf, - " No rollover scheduled.\n")); + CHECK(isc_buffer_printf(buf, + " No rollover scheduled.\n")); } } -failure: +cleanup: return result; } @@ -2886,36 +2880,36 @@ dns_keymgr_status(dns_kasp_t *kasp, dns_dnsseckeylist_t *keyring, // key data dns_secalg_format((dns_secalg_t)dst_key_alg(dkey->key), algstr, sizeof(algstr)); - RETERR(isc_buffer_printf(buf, "\n%s %d (%s):\n", - keymgr_keyrole(dkey->key), - dst_key_id(dkey->key), algstr)); + CHECK(isc_buffer_printf(buf, "\n%s %d (%s):\n", + keymgr_keyrole(dkey->key), + dst_key_id(dkey->key), algstr)); // rollover status - RETERR(rollover_status(dkey, kasp, keyring, now, buf, &verbose, - checkds)); + CHECK(rollover_status(dkey, kasp, keyring, now, buf, &verbose, + checkds)); if (verbose) { // key states - RETERR(isc_buffer_printf(buf, " Key states:\n")); + CHECK(isc_buffer_printf(buf, " Key states:\n")); - RETERR(keystate_status( + CHECK(keystate_status( dkey->key, buf, "goal: ", DST_KEY_GOAL)); - RETERR(keystate_status( + CHECK(keystate_status( dkey->key, buf, "dnskey: ", DST_KEY_DNSKEY)); - RETERR(keystate_status(dkey->key, buf, - "ds: ", DST_KEY_DS)); - RETERR(keystate_status( + CHECK(keystate_status(dkey->key, buf, + "ds: ", DST_KEY_DS)); + CHECK(keystate_status( dkey->key, buf, "zone rrsig: ", DST_KEY_ZRRSIG)); - RETERR(keystate_status( + CHECK(keystate_status( dkey->key, buf, "key rrsig: ", DST_KEY_KRRSIG)); } } -failure: +cleanup: return result; } @@ -3024,15 +3018,13 @@ dns_keymgr_offline(const dns_name_t *origin, dns_dnsseckeylist_t *keyring, dns_keymgr_key_init(dkey, kasp, now, false); /* Get current metadata */ - RETERR(dst_key_getstate(dkey->key, DST_KEY_DNSKEY, - ¤t_dnskey)); - RETERR(dst_key_getstate(dkey->key, DST_KEY_ZRRSIG, - ¤t_zrrsig)); - RETERR(dst_key_getstate(dkey->key, DST_KEY_GOAL, - ¤t_goal)); - RETERR(dst_key_gettime(dkey->key, DST_TIME_PUBLISH, - &published)); - RETERR(dst_key_gettime(dkey->key, DST_TIME_ACTIVATE, &active)); + CHECK(dst_key_getstate(dkey->key, DST_KEY_DNSKEY, + ¤t_dnskey)); + CHECK(dst_key_getstate(dkey->key, DST_KEY_ZRRSIG, + ¤t_zrrsig)); + CHECK(dst_key_getstate(dkey->key, DST_KEY_GOAL, ¤t_goal)); + CHECK(dst_key_gettime(dkey->key, DST_TIME_PUBLISH, &published)); + CHECK(dst_key_gettime(dkey->key, DST_TIME_ACTIVATE, &active)); (void)dst_key_gettime(dkey->key, DST_TIME_INACTIVE, &inactive); (void)dst_key_gettime(dkey->key, DST_TIME_DELETE, &remove); @@ -3136,7 +3128,7 @@ dns_keymgr_offline(const dns_name_t *origin, dns_dnsseckeylist_t *keyring, dns_dnssec_get_hints(dkey, now); - RETERR(dst_key_tofile(dkey->key, options, directory)); + CHECK(dst_key_tofile(dkey->key, options, directory)); dst_key_setmodified(dkey->key, false); if (!isc_log_wouldlog(ISC_LOG_DEBUG(3))) { @@ -3155,7 +3147,7 @@ dns_keymgr_offline(const dns_name_t *origin, dns_dnsseckeylist_t *keyring, result = ISC_R_SUCCESS; -failure: +cleanup: if (isc_log_wouldlog(ISC_LOG_DEBUG(3))) { char namebuf[DNS_NAME_FORMATSIZE]; dns_name_format(origin, namebuf, sizeof(namebuf)); diff --git a/lib/dns/keystore.c b/lib/dns/keystore.c index ff05486f16..a08846e37e 100644 --- a/lib/dns/keystore.c +++ b/lib/dns/keystore.c @@ -134,7 +134,6 @@ buildpkcs11label(const char *uri, const dns_name_t *zname, const char *policy, bool ksk = ((flags & DNS_KEYFLAG_KSK) != 0); char timebuf[18]; isc_time_t now = isc_time_now(); - isc_result_t result; dns_fixedname_t fname; dns_name_t *pname = dns_fixedname_initname(&fname); @@ -146,10 +145,7 @@ buildpkcs11label(const char *uri, const dns_name_t *zname, const char *policy, isc_buffer_putstr(buf, uri); isc_buffer_putstr(buf, ";object="); /* zone name */ - result = dns_name_tofilenametext(zname, false, buf); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(dns_name_tofilenametext(zname, false, buf)); /* * policy name * @@ -161,14 +157,8 @@ buildpkcs11label(const char *uri, const dns_name_t *zname, const char *policy, return ISC_R_NOSPACE; } isc_buffer_putstr(buf, "-"); - result = dns_name_fromstring(pname, policy, dns_rootname, 0, NULL); - if (result != ISC_R_SUCCESS) { - return result; - } - result = dns_name_tofilenametext(pname, false, buf); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(dns_name_fromstring(pname, policy, dns_rootname, 0, NULL)); + RETERR(dns_name_tofilenametext(pname, false, buf)); /* key type + current time */ isc_time_formatshorttimestamp(&now, timebuf, sizeof(timebuf)); return isc_buffer_printf(buf, "-%s-%s", ksk ? "ksk" : "zsk", timebuf); diff --git a/lib/dns/keytable.c b/lib/dns/keytable.c index 67523178ea..1c04b95132 100644 --- a/lib/dns/keytable.c +++ b/lib/dns/keytable.c @@ -558,12 +558,7 @@ dns_keytable_issecuredomain(dns_keytable_t *keytable, const dns_name_t *name, static isc_result_t putstr(isc_buffer_t *b, const char *str) { - isc_result_t result; - - result = isc_buffer_reserve(b, strlen(str)); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(isc_buffer_reserve(b, strlen(str))); isc_buffer_putstr(b, str); return ISC_R_SUCCESS; diff --git a/lib/dns/master.c b/lib/dns/master.c index 35a935e5ac..ca12731a0b 100644 --- a/lib/dns/master.c +++ b/lib/dns/master.c @@ -2183,10 +2183,7 @@ pushfile(const char *master_file, dns_name_t *origin, dns_loadctx_t *lctx) { newctx->drop = ictx->drop; } - result = (lctx->openfile)(lctx, master_file); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK((lctx->openfile)(lctx, master_file)); newctx->parent = ictx; lctx->inc = newctx; @@ -2207,17 +2204,12 @@ cleanup: static isc_result_t read_and_check(bool do_read, isc_buffer_t *buffer, size_t len, FILE *f, uint32_t *totallen) { - isc_result_t result; - REQUIRE(totallen != NULL); if (do_read) { INSIST(isc_buffer_availablelength(buffer) >= len); - result = isc_stdio_read(isc_buffer_used(buffer), 1, len, f, - NULL); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(isc_stdio_read(isc_buffer_used(buffer), 1, len, f, + NULL)); isc_buffer_add(buffer, (unsigned int)len); if (*totallen < len) { return ISC_R_RANGE; @@ -2339,10 +2331,7 @@ load_raw(dns_loadctx_t *lctx) { dctx = DNS_DECOMPRESS_NEVER; if (lctx->first) { - result = load_header(lctx); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(load_header(lctx)); } ISC_LIST_INIT(head); @@ -2400,8 +2389,7 @@ load_raw(dns_loadctx_t *lctx) { sizeof(uint16_t) + sizeof(uint16_t) + sizeof(uint32_t) + sizeof(uint32_t); if (totallen < minlen) { - result = ISC_R_RANGE; - goto cleanup; + CLEANUP(ISC_R_RANGE); } totallen -= sizeof(totallen); @@ -2428,10 +2416,7 @@ load_raw(dns_loadctx_t *lctx) { */ readlen = totallen; } - result = isc_stdio_read(target.base, 1, readlen, lctx->f, NULL); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(isc_stdio_read(target.base, 1, readlen, lctx->f, NULL)); isc_buffer_add(&target, (unsigned int)readlen); totallen -= (uint32_t)readlen; @@ -2439,42 +2424,30 @@ load_raw(dns_loadctx_t *lctx) { dns_rdatalist_init(&rdatalist); rdatalist.rdclass = isc_buffer_getuint16(&target); if (lctx->zclass != rdatalist.rdclass) { - result = DNS_R_BADCLASS; - goto cleanup; + CLEANUP(DNS_R_BADCLASS); } rdatalist.type = isc_buffer_getuint16(&target); rdatalist.covers = isc_buffer_getuint16(&target); rdatalist.ttl = isc_buffer_getuint32(&target); rdcount = isc_buffer_getuint32(&target); if (rdcount == 0 || rdcount > 0xffff) { - result = ISC_R_RANGE; - goto cleanup; + CLEANUP(ISC_R_RANGE); } INSIST(isc_buffer_consumedlength(&target) <= readlen); /* Owner name: length followed by name */ - result = read_and_check(sequential_read, &target, - sizeof(namelen), lctx->f, &totallen); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(read_and_check(sequential_read, &target, sizeof(namelen), + lctx->f, &totallen)); namelen = isc_buffer_getuint16(&target); if (namelen > sizeof(namebuf)) { - result = ISC_R_RANGE; - goto cleanup; + CLEANUP(ISC_R_RANGE); } - result = read_and_check(sequential_read, &target, namelen, - lctx->f, &totallen); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(read_and_check(sequential_read, &target, namelen, lctx->f, + &totallen)); isc_buffer_setactive(&target, (unsigned int)namelen); - result = dns_name_fromwire(name, &target, dctx, NULL); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(dns_name_fromwire(name, &target, dctx, NULL)); if ((lctx->options & DNS_MASTER_CHECKTTL) != 0 && rdatalist.ttl > lctx->maxttl) @@ -2484,8 +2457,7 @@ load_raw(dns_loadctx_t *lctx) { "TTL %d exceeds configured " "max-zone-ttl %d", rdatalist.ttl, lctx->maxttl); - result = ISC_R_RANGE; - goto cleanup; + CLEANUP(ISC_R_RANGE); } /* Rdata contents. */ @@ -2533,20 +2505,14 @@ load_raw(dns_loadctx_t *lctx) { } /* rdata length */ - result = read_and_check(sequential_read, &target, - sizeof(rdlen), lctx->f, - &totallen); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(read_and_check(sequential_read, &target, + sizeof(rdlen), lctx->f, + &totallen)); rdlen = isc_buffer_getuint16(&target); /* rdata */ - result = read_and_check(sequential_read, &target, rdlen, - lctx->f, &totallen); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(read_and_check(sequential_read, &target, rdlen, + lctx->f, &totallen)); isc_buffer_setactive(&target, (unsigned int)rdlen); /* * It is safe to have the source active region and @@ -2556,12 +2522,9 @@ load_raw(dns_loadctx_t *lctx) { */ isc_buffer_init(&buf, isc_buffer_current(&target), (unsigned int)rdlen); - result = dns_rdata_fromwire( - &rdata[i], rdatalist.rdclass, rdatalist.type, - &target, dctx, &buf); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(dns_rdata_fromwire(&rdata[i], rdatalist.rdclass, + rdatalist.type, &target, dctx, + &buf)); ISC_LIST_APPEND(rdatalist.rdata, &rdata[i], link); } @@ -2571,8 +2534,7 @@ load_raw(dns_loadctx_t *lctx) { * or malformed data. */ if (isc_buffer_remaininglength(&target) != 0 || totallen != 0) { - result = ISC_R_RANGE; - goto cleanup; + CLEANUP(ISC_R_RANGE); } ISC_LIST_APPEND(head, &rdatalist, link); @@ -2635,10 +2597,7 @@ dns_master_loadfile(const char *master_file, dns_name_t *top, lctx->maxttl = maxttl; - result = (lctx->openfile)(lctx, master_file); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK((lctx->openfile)(lctx, master_file)); result = (lctx->load)(lctx); INSIST(result != DNS_R_CONTINUE); @@ -2729,10 +2688,7 @@ dns_master_loadbuffer(isc_buffer_t *buffer, dns_name_t *top, dns_name_t *origin, loadctx_create(dns_masterformat_text, mctx, options, 0, top, zclass, origin, callbacks, NULL, NULL, NULL, NULL, NULL, &lctx); - result = isc_lex_openbuffer(lctx->lex, buffer); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(isc_lex_openbuffer(lctx->lex, buffer)); result = (lctx->load)(lctx); INSIST(result != DNS_R_CONTINUE); diff --git a/lib/dns/masterdump.c b/lib/dns/masterdump.c index 0ce0a8b936..f80c40232a 100644 --- a/lib/dns/masterdump.c +++ b/lib/dns/masterdump.c @@ -50,19 +50,6 @@ #define DNS_DCTX_MAGIC ISC_MAGIC('D', 'c', 't', 'x') #define DNS_DCTX_VALID(d) ISC_MAGIC_VALID(d, DNS_DCTX_MAGIC) -#define RETERR(x) \ - do { \ - isc_result_t _r = (x); \ - if (_r != ISC_R_SUCCESS) \ - return ((_r)); \ - } while (0) - -#define CHECK(x) \ - do { \ - if ((x) != ISC_R_SUCCESS) \ - goto cleanup; \ - } while (0) - struct dns_master_style { dns_masterstyle_flags_t flags; /* DNS_STYLEFLAG_* */ unsigned int ttl_column; @@ -658,11 +645,8 @@ rdataset_totext(dns_rdataset_t *rdataset, const dns_name_t *owner_name, INDENT_TO(ttl_column); if ((ctx->style.flags & DNS_STYLEFLAG_TTL_UNITS) != 0) { length = target->used; - result = dns_ttl_totext(rdataset->ttl, false, - false, target); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(dns_ttl_totext(rdataset->ttl, false, + false, target)); column += target->used - length; } else { length = snprintf(ttlbuf, sizeof(ttlbuf), "%u", @@ -1584,10 +1568,7 @@ dumpctx_create(isc_mem_t *mctx, dns_db_t *db, dns_dbversion_t *version, } else { options = 0; } - result = dns_db_createiterator(dctx->db, options, &dctx->dbiter); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(dns_db_createiterator(dctx->db, options, &dctx->dbiter)); isc_mutex_init(&dctx->lock); isc_mem_attach(mctx, &dctx->mctx); @@ -1756,17 +1737,13 @@ dns_master_dumptostreamasync(isc_mem_t *mctx, dns_db_t *db, isc_loop_t *loop, dns_dumpdonefunc_t done, void *done_arg, dns_dumpctx_t **dctxp) { dns_dumpctx_t *dctx = NULL; - isc_result_t result; REQUIRE(loop != NULL); REQUIRE(f != NULL); REQUIRE(done != NULL); - result = dumpctx_create(mctx, db, version, style, f, &dctx, - dns_masterformat_text, NULL); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(dumpctx_create(mctx, db, version, style, f, &dctx, + dns_masterformat_text, NULL)); dctx->done = done; dctx->done_arg = done_arg; @@ -1784,11 +1761,8 @@ dns_master_dumptostream(isc_mem_t *mctx, dns_db_t *db, dns_dbversion_t *version, dns_dumpctx_t *dctx = NULL; isc_result_t result; - result = dumpctx_create(mctx, db, version, style, f, &dctx, format, - header); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(dumpctx_create(mctx, db, version, style, f, &dctx, format, + header)); result = dumptostream(dctx); INSIST(result != DNS_R_CONTINUE); @@ -1808,10 +1782,7 @@ opentmp(isc_mem_t *mctx, const char *file, char **tempp, FILE **fp) { tempnamelen = strlen(file) + 20; tempname = isc_mem_allocate(mctx, tempnamelen); - result = isc_file_mktemplate(file, tempname, tempnamelen); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(isc_file_mktemplate(file, tempname, tempnamelen)); result = isc_file_openunique(tempname, &f); if (result != ISC_R_SUCCESS) { @@ -1890,16 +1861,10 @@ dns_master_dump(isc_mem_t *mctx, dns_db_t *db, dns_dbversion_t *version, char *tempname; dns_dumpctx_t *dctx = NULL; - result = opentmp(mctx, filename, &tempname, &f); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(opentmp(mctx, filename, &tempname, &f)); - result = dumpctx_create(mctx, db, version, style, f, &dctx, format, - header); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(dumpctx_create(mctx, db, version, style, f, &dctx, format, + header)); result = dumptostream(dctx); INSIST(result != DNS_R_CONTINUE); diff --git a/lib/dns/message.c b/lib/dns/message.c index 4b094b04cb..2d71e97df4 100644 --- a/lib/dns/message.c +++ b/lib/dns/message.c @@ -295,15 +295,13 @@ msgblock_free(isc_mem_t *mctx, dns_msgblock_t *block, * "current" buffer. (which is always the last on the list, for our * uses) */ -static isc_result_t +static void newbuffer(dns_message_t *msg, unsigned int size) { - isc_buffer_t *dynbuf; + isc_buffer_t *dynbuf = NULL; - dynbuf = NULL; isc_buffer_allocate(msg->mctx, &dynbuf, size); ISC_LIST_APPEND(msg->scratchpad, dynbuf, link); - return ISC_R_SUCCESS; } static isc_buffer_t * @@ -849,11 +847,7 @@ getname(dns_name_t *name, isc_buffer_t *source, dns_message_t *msg, if (result == ISC_R_NOSPACE) { tries++; - result = newbuffer(msg, SCRATCHPAD_SIZE); - if (result != ISC_R_SUCCESS) { - return result; - } - + newbuffer(msg, SCRATCHPAD_SIZE); scratch = currentbuffer(msg); dns_name_reset(name); } else { @@ -906,10 +900,7 @@ getrdata(isc_buffer_t *source, dns_message_t *msg, dns_decompress_t dctx, trysize *= 2; } tries++; - result = newbuffer(msg, trysize); - if (result != ISC_R_SUCCESS) { - return result; - } + newbuffer(msg, trysize); scratch = currentbuffer(msg); } else { @@ -965,10 +956,7 @@ getquestions(isc_buffer_t *source, dns_message_t *msg, dns_decompress_t dctx, */ isc_buffer_remainingregion(source, &r); isc_buffer_setactive(source, r.length); - result = getname(name, source, msg, dctx); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(getname(name, source, msg, dctx)); ISC_LIST_APPEND(*section, name, link); @@ -979,8 +967,7 @@ getquestions(isc_buffer_t *source, dns_message_t *msg, dns_decompress_t dctx, */ isc_buffer_remainingregion(source, &r); if (r.length < 4) { - result = ISC_R_UNEXPECTEDEND; - goto cleanup; + CLEANUP(ISC_R_UNEXPECTEDEND); } rdtype = isc_buffer_getuint16(source); rdclass = isc_buffer_getuint16(source); @@ -1104,10 +1091,7 @@ getsection(isc_buffer_t *source, dns_message_t *msg, dns_decompress_t dctx, */ isc_buffer_remainingregion(source, &r); isc_buffer_setactive(source, r.length); - result = getname(name, source, msg, dctx); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(getname(name, source, msg, dctx)); /* * Get type, class, ttl, and rdatalen. Verify that at least @@ -1116,8 +1100,7 @@ getsection(isc_buffer_t *source, dns_message_t *msg, dns_decompress_t dctx, */ isc_buffer_remainingregion(source, &r); if (r.length < 2 + 2 + 4 + 2) { - result = ISC_R_UNEXPECTEDEND; - goto cleanup; + CLEANUP(ISC_R_UNEXPECTEDEND); } rdtype = isc_buffer_getuint16(source); rdclass = isc_buffer_getuint16(source); @@ -1226,8 +1209,7 @@ getsection(isc_buffer_t *source, dns_message_t *msg, dns_decompress_t dctx, rdatalen = isc_buffer_getuint16(source); r.length -= (2 + 2 + 4 + 2); if (r.length < rdatalen) { - result = ISC_R_UNEXPECTEDEND; - goto cleanup; + CLEANUP(ISC_R_UNEXPECTEDEND); } /* @@ -1241,8 +1223,7 @@ getsection(isc_buffer_t *source, dns_message_t *msg, dns_decompress_t dctx, update(sectionid, rdclass)) { if (rdatalen != 0) { - result = DNS_R_FORMERR; - goto cleanup; + CLEANUP(DNS_R_FORMERR); } /* * When the rdata is empty, the data pointer is @@ -1309,8 +1290,7 @@ getsection(isc_buffer_t *source, dns_message_t *msg, dns_decompress_t dctx, if (rdtype == dns_rdatatype_nsec3 && !dns_rdata_checkowner(name, msg->rdclass, rdtype, false)) { - result = DNS_R_BADOWNERNAME; - goto cleanup; + CLEANUP(DNS_R_BADOWNERNAME); } /* @@ -1592,7 +1572,7 @@ dns_message_parse(dns_message_t *msg, isc_buffer_t *source, unsigned int options) { isc_region_t r; dns_decompress_t dctx; - isc_result_t ret; + isc_result_t result; uint16_t tmpflags; isc_buffer_t origsource; bool seen_problem; @@ -1647,54 +1627,54 @@ dns_message_parse(dns_message_t *msg, isc_buffer_t *source, return early_check_ret; } - ret = getquestions(source, msg, dctx, options); + result = getquestions(source, msg, dctx, options); - if (ret == ISC_R_UNEXPECTEDEND && ignore_tc) { + if (result == ISC_R_UNEXPECTEDEND && ignore_tc) { goto truncated; } - if (ret == DNS_R_RECOVERABLE) { + if (result == DNS_R_RECOVERABLE) { seen_problem = true; - ret = ISC_R_SUCCESS; + result = ISC_R_SUCCESS; } - if (ret != ISC_R_SUCCESS) { - return ret; + if (result != ISC_R_SUCCESS) { + return result; } msg->question_ok = 1; - ret = getsection(source, msg, dctx, DNS_SECTION_ANSWER, options); - if (ret == ISC_R_UNEXPECTEDEND && ignore_tc) { + result = getsection(source, msg, dctx, DNS_SECTION_ANSWER, options); + if (result == ISC_R_UNEXPECTEDEND && ignore_tc) { goto truncated; } - if (ret == DNS_R_RECOVERABLE) { + if (result == DNS_R_RECOVERABLE) { seen_problem = true; - ret = ISC_R_SUCCESS; + result = ISC_R_SUCCESS; } - if (ret != ISC_R_SUCCESS) { - return ret; + if (result != ISC_R_SUCCESS) { + return result; } - ret = getsection(source, msg, dctx, DNS_SECTION_AUTHORITY, options); - if (ret == ISC_R_UNEXPECTEDEND && ignore_tc) { + result = getsection(source, msg, dctx, DNS_SECTION_AUTHORITY, options); + if (result == ISC_R_UNEXPECTEDEND && ignore_tc) { goto truncated; } - if (ret == DNS_R_RECOVERABLE) { + if (result == DNS_R_RECOVERABLE) { seen_problem = true; - ret = ISC_R_SUCCESS; + result = ISC_R_SUCCESS; } - if (ret != ISC_R_SUCCESS) { - return ret; + if (result != ISC_R_SUCCESS) { + return result; } - ret = getsection(source, msg, dctx, DNS_SECTION_ADDITIONAL, options); - if (ret == ISC_R_UNEXPECTEDEND && ignore_tc) { + result = getsection(source, msg, dctx, DNS_SECTION_ADDITIONAL, options); + if (result == ISC_R_UNEXPECTEDEND && ignore_tc) { goto truncated; } - if (ret == DNS_R_RECOVERABLE) { + if (result == DNS_R_RECOVERABLE) { seen_problem = true; - ret = ISC_R_SUCCESS; + result = ISC_R_SUCCESS; } - if (ret != ISC_R_SUCCESS) { - return ret; + if (result != ISC_R_SUCCESS) { + return result; } isc_buffer_remainingregion(source, &r); @@ -1707,7 +1687,7 @@ dns_message_parse(dns_message_t *msg, isc_buffer_t *source, truncated: - if (ret == ISC_R_UNEXPECTEDEND && ignore_tc) { + if (result == ISC_R_UNEXPECTEDEND && ignore_tc) { return DNS_R_RECOVERABLE; } if (seen_problem) { @@ -2228,10 +2208,7 @@ dns_message_renderend(dns_message_t *msg) { if (msg->tsigkey != NULL) { dns_message_renderrelease(msg, msg->sig_reserved); msg->sig_reserved = 0; - result = dns_tsig_sign(msg); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(dns_tsig_sign(msg)); count = 0; result = renderset(msg->tsig, msg->tsigname, msg->id, msg->cctx, msg->buffer, msg->reserved, 0, &count); @@ -2247,10 +2224,7 @@ dns_message_renderend(dns_message_t *msg) { if (msg->sig0key != NULL) { dns_message_renderrelease(msg, msg->sig_reserved); msg->sig_reserved = 0; - result = dns_dnssec_signmessage(msg, msg->sig0key); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(dns_dnssec_signmessage(msg, msg->sig0key)); count = 0; /* * Note: dns_rootname is used here, not msg->sig0name, since @@ -2659,17 +2633,11 @@ dns_message_setopt(dns_message_t *msg) { REQUIRE(msg->from_to_wire == DNS_MESSAGE_INTENTRENDER); REQUIRE(msg->state == DNS_SECTION_ANY); - result = buildopt(msg, &opt); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(buildopt(msg, &opt)); msgresetopt(msg); - result = dns_rdataset_first(opt); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(dns_rdataset_first(opt)); dns_rdataset_current(opt, &rdata); msg->opt_reserved = 11 + rdata.length; result = dns_message_renderreserve(msg, msg->opt_reserved); @@ -2780,7 +2748,6 @@ dns_message_setquerytsig(dns_message_t *msg, isc_buffer_t *querytsig) { isc_result_t dns_message_getquerytsig(dns_message_t *msg, isc_mem_t *mctx, isc_buffer_t **querytsig) { - isc_result_t result; dns_rdata_t rdata = DNS_RDATA_INIT; isc_region_t r; @@ -2792,10 +2759,7 @@ dns_message_getquerytsig(dns_message_t *msg, isc_mem_t *mctx, return ISC_R_SUCCESS; } - result = dns_rdataset_first(msg->tsig); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(dns_rdataset_first(msg->tsig)); dns_rdataset_current(msg->tsig, &rdata); dns_rdata_toregion(&rdata, &r); @@ -2931,10 +2895,7 @@ dns_message_signer(dns_message_t *msg, dns_name_t *signer) { INSIST(result == ISC_R_SUCCESS); dns_rdataset_current(msg->sig0, &rdata); - result = dns_rdata_tostruct(&rdata, &sig, NULL); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(dns_rdata_tostruct(&rdata, &sig, NULL)); if (msg->verified_sig && msg->sig0status == dns_rcode_noerror) { result = ISC_R_SUCCESS; @@ -3125,10 +3086,7 @@ dns_message_checksig(dns_message_t *msg, dns_view_t *view) { return ISC_R_UNEXPECTEDEND; } - result = dns_rdata_tostruct(&sigrdata, &sig, NULL); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(dns_rdata_tostruct(&sigrdata, &sig, NULL)); dns_rdataset_init(&keyset); if (view == NULL) { @@ -3628,8 +3586,7 @@ render_zoneversion(dns_message_t *msg, isc_buffer_t *optbuf, if (isc_buffer_availablelength(target) < 1) { - result = ISC_R_NOSPACE; - goto cleanup; + CLEANUP(ISC_R_NOSPACE); } isc_buffer_putmem(target, &data[i], 1); } else { @@ -3755,11 +3712,8 @@ dns_message_pseudosectiontoyaml(dns_message_t *msg, dns_pseudosection_t section, switch (optcode) { case DNS_OPT_LLQ: if (optlen == 18U) { - result = render_llq(&optbuf, msg, style, - target); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(render_llq(&optbuf, msg, style, + target)); ADD_STRING(target, "\n"); continue; } @@ -3777,11 +3731,8 @@ dns_message_pseudosectiontoyaml(dns_message_t *msg, dns_pseudosection_t section, ADD_STRING(target, buf); ADD_STRING(target, " # "); - result = dns_ttl_totext(secs, true, - true, target); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(dns_ttl_totext(secs, true, true, + target)); ADD_STRING(target, "\n"); if (optlen == 8U) { @@ -3795,12 +3746,9 @@ dns_message_pseudosectiontoyaml(dns_message_t *msg, dns_pseudosection_t section, ADD_STRING(target, buf); ADD_STRING(target, " # "); - result = dns_ttl_totext( - key, true, true, - target); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(dns_ttl_totext(key, true, + true, + target)); ADD_STRING(target, "\n"); } continue; @@ -3829,11 +3777,8 @@ dns_message_pseudosectiontoyaml(dns_message_t *msg, dns_pseudosection_t section, snprintf(buf, sizeof(buf), " %u", secs); ADD_STRING(target, buf); ADD_STRING(target, " # "); - result = dns_ttl_totext(secs, true, - true, target); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(dns_ttl_totext(secs, true, true, + target)); ADD_STRING(target, "\n"); continue; } @@ -3920,11 +3865,8 @@ dns_message_pseudosectiontoyaml(dns_message_t *msg, dns_pseudosection_t section, if (optlen >= 2U) { isc_buffer_t zonebuf = optbuf; isc_buffer_setactive(&zonebuf, optlen); - result = render_zoneversion( - msg, &zonebuf, style, target); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(render_zoneversion( + msg, &zonebuf, style, target)); isc_buffer_forward(&optbuf, optlen); ADD_STRING(target, "\n"); continue; @@ -4198,11 +4140,8 @@ dns_message_pseudosectiontotext(dns_message_t *msg, dns_pseudosection_t section, switch (optcode) { case DNS_OPT_LLQ: if (optlen == 18U) { - result = render_llq(&optbuf, msg, style, - target); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(render_llq(&optbuf, msg, style, + target)); ADD_STRING(target, "\n"); continue; } @@ -4221,19 +4160,13 @@ dns_message_pseudosectiontotext(dns_message_t *msg, dns_pseudosection_t section, ADD_STRING(target, buf); } ADD_STRING(target, " ("); - result = dns_ttl_totext(secs, true, - true, target); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(dns_ttl_totext(secs, true, true, + target)); if (optlen == 8U) { ADD_STRING(target, "/"); - result = dns_ttl_totext( - key, true, true, - target); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(dns_ttl_totext(key, true, + true, + target)); } ADD_STRING(target, ")\n"); continue; @@ -4261,11 +4194,8 @@ dns_message_pseudosectiontotext(dns_message_t *msg, dns_pseudosection_t section, snprintf(buf, sizeof(buf), " %u", secs); ADD_STRING(target, buf); ADD_STRING(target, " ("); - result = dns_ttl_totext(secs, true, - true, target); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(dns_ttl_totext(secs, true, true, + target)); ADD_STRING(target, ")\n"); continue; } @@ -4365,11 +4295,8 @@ dns_message_pseudosectiontotext(dns_message_t *msg, dns_pseudosection_t section, if (optlen >= 2U) { isc_buffer_t zonebuf = optbuf; isc_buffer_setactive(&zonebuf, optlen); - result = render_zoneversion( - msg, &zonebuf, style, target); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(render_zoneversion( + msg, &zonebuf, style, target)); ADD_STRING(target, "\n"); isc_buffer_forward(&optbuf, optlen); continue; @@ -4518,7 +4445,7 @@ isc_result_t dns_message_headertotext(dns_message_t *msg, const dns_master_style_t *style, dns_messagetextflag_t flags, isc_buffer_t *target) { char buf[sizeof("1234567890")]; - isc_result_t result; + isc_result_t result = ISC_R_SUCCESS; REQUIRE(DNS_MESSAGE_VALID(msg)); REQUIRE(target != NULL); @@ -4534,10 +4461,7 @@ dns_message_headertotext(dns_message_t *msg, const dns_master_style_t *style, ADD_STRING(target, "\n"); INDENT(style); ADD_STRING(target, "status: "); - result = dns_rcode_totext(msg->rcode, target); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(dns_rcode_totext(msg->rcode, target)); ADD_STRING(target, "\n"); INDENT(style); ADD_STRING(target, "id: "); @@ -4620,10 +4544,7 @@ dns_message_headertotext(dns_message_t *msg, const dns_master_style_t *style, ADD_STRING(target, ";; ->>HEADER<<- opcode: "); ADD_STRING(target, opcodetext[msg->opcode]); ADD_STRING(target, ", status: "); - result = dns_rcode_totext(msg->rcode, target); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(dns_rcode_totext(msg->rcode, target)); ADD_STRING(target, ", id: "); snprintf(buf, sizeof(buf), "%6u", msg->id); ADD_STRING(target, buf); @@ -4698,55 +4619,24 @@ cleanup: isc_result_t dns_message_totext(dns_message_t *msg, const dns_master_style_t *style, dns_messagetextflag_t flags, isc_buffer_t *target) { - isc_result_t result; - REQUIRE(DNS_MESSAGE_VALID(msg)); REQUIRE(target != NULL); - result = dns_message_headertotext(msg, style, flags, target); - if (result != ISC_R_SUCCESS) { - return result; - } - - result = dns_message_pseudosectiontotext(msg, DNS_PSEUDOSECTION_OPT, - style, flags, target); - if (result != ISC_R_SUCCESS) { - return result; - } - - result = dns_message_sectiontotext(msg, DNS_SECTION_QUESTION, style, - flags, target); - if (result != ISC_R_SUCCESS) { - return result; - } - - result = dns_message_sectiontotext(msg, DNS_SECTION_ANSWER, style, - flags, target); - if (result != ISC_R_SUCCESS) { - return result; - } - - result = dns_message_sectiontotext(msg, DNS_SECTION_AUTHORITY, style, - flags, target); - if (result != ISC_R_SUCCESS) { - return result; - } - - result = dns_message_sectiontotext(msg, DNS_SECTION_ADDITIONAL, style, - flags, target); - if (result != ISC_R_SUCCESS) { - return result; - } - - result = dns_message_pseudosectiontotext(msg, DNS_PSEUDOSECTION_TSIG, - style, flags, target); - if (result != ISC_R_SUCCESS) { - return result; - } - - result = dns_message_pseudosectiontotext(msg, DNS_PSEUDOSECTION_SIG0, - style, flags, target); - return result; + RETERR(dns_message_headertotext(msg, style, flags, target)); + RETERR(dns_message_pseudosectiontotext(msg, DNS_PSEUDOSECTION_OPT, + style, flags, target)); + RETERR(dns_message_sectiontotext(msg, DNS_SECTION_QUESTION, style, + flags, target)); + RETERR(dns_message_sectiontotext(msg, DNS_SECTION_ANSWER, style, flags, + target)); + RETERR(dns_message_sectiontotext(msg, DNS_SECTION_AUTHORITY, style, + flags, target)); + RETERR(dns_message_sectiontotext(msg, DNS_SECTION_ADDITIONAL, style, + flags, target)); + RETERR(dns_message_pseudosectiontotext(msg, DNS_PSEUDOSECTION_TSIG, + style, flags, target)); + return dns_message_pseudosectiontotext(msg, DNS_PSEUDOSECTION_SIG0, + style, flags, target); } isc_region_t * @@ -4940,8 +4830,7 @@ buildopt(dns_message_t *message, dns_rdataset_t **rdatasetp) { } if (len > 0xffffU) { - result = ISC_R_NOSPACE; - goto cleanup; + CLEANUP(ISC_R_NOSPACE); } isc_buffer_allocate(message->mctx, &buf, len); diff --git a/lib/dns/name.c b/lib/dns/name.c index 9613d7e3b4..c9b3709c1e 100644 --- a/lib/dns/name.c +++ b/lib/dns/name.c @@ -1707,7 +1707,6 @@ dns_name_dynamic(const dns_name_t *name) { isc_result_t dns_name_print(const dns_name_t *name, FILE *stream) { - isc_result_t result; isc_buffer_t b; isc_region_t r; char t[1024]; @@ -1719,10 +1718,7 @@ dns_name_print(const dns_name_t *name, FILE *stream) { REQUIRE(DNS_NAME_VALID(name)); isc_buffer_init(&b, t, sizeof(t)); - result = dns_name_totext(name, 0, &b); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(dns_name_totext(name, 0, &b)); isc_buffer_usedregion(&b, &r); fprintf(stream, "%.*s", (int)r.length, (char *)r.base); @@ -1774,7 +1770,6 @@ dns_name_format(const dns_name_t *name, char *cp, unsigned int size) { */ isc_result_t dns_name_tostring(const dns_name_t *name, char **target, isc_mem_t *mctx) { - isc_result_t result; isc_buffer_t buf; isc_region_t reg; char *p, txt[DNS_NAME_FORMATSIZE]; @@ -1783,10 +1778,7 @@ dns_name_tostring(const dns_name_t *name, char **target, isc_mem_t *mctx) { REQUIRE(target != NULL && *target == NULL); isc_buffer_init(&buf, txt, sizeof(txt)); - result = dns_name_totext(name, 0, &buf); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(dns_name_totext(name, 0, &buf)); isc_buffer_usedregion(&buf, ®); p = isc_mem_allocate(mctx, reg.length + 1); @@ -1801,7 +1793,6 @@ isc_result_t dns_name_fromstring(dns_name_t *target, const char *src, const dns_name_t *origin, unsigned int options, isc_mem_t *mctx) { - isc_result_t result; isc_buffer_t buf; dns_fixedname_t fn; dns_name_t *name; @@ -1816,15 +1807,13 @@ dns_name_fromstring(dns_name_t *target, const char *src, name = dns_fixedname_initname(&fn); } - result = dns_name_fromtext(name, &buf, origin, options); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(dns_name_fromtext(name, &buf, origin, options)); if (name != target) { dns_name_dup(name, mctx, target); } - return result; + + return ISC_R_SUCCESS; } void diff --git a/lib/dns/ncache.c b/lib/dns/ncache.c index 3436321105..54e72928fb 100644 --- a/lib/dns/ncache.c +++ b/lib/dns/ncache.c @@ -68,7 +68,6 @@ copy_rdataset(dns_rdataset_t *rdataset, isc_buffer_t *buffer) { isc_buffer_putuint16(buffer, (uint16_t)count); DNS_RDATASET_FOREACH(rdataset) { - isc_result_t result; dns_rdata_t rdata = DNS_RDATA_INIT; dns_rdataset_current(rdataset, &rdata); @@ -85,10 +84,7 @@ copy_rdataset(dns_rdataset_t *rdataset, isc_buffer_t *buffer) { /* * Copy the rdata to the buffer. */ - result = isc_buffer_copyregion(buffer, &r); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(isc_buffer_copyregion(buffer, &r)); } return ISC_R_SUCCESS; @@ -142,8 +138,6 @@ dns_ncache_add(dns_message_t *message, dns_db_t *cache, dns_dbnode_t *node, isc_buffer_init(&buffer, data, sizeof(data)); MSG_SECTION_FOREACH(message, DNS_SECTION_AUTHORITY, name) { - result = ISC_R_SUCCESS; - if (name->attributes.ncache) { ISC_LIST_FOREACH(name->list, rdataset, link) { if (!rdataset->attributes.ncache) { @@ -169,11 +163,8 @@ dns_ncache_add(dns_message_t *message, dns_db_t *cache, dns_dbnode_t *node, * Copy the owner name to the buffer. */ dns_name_toregion(name, &r); - result = isc_buffer_copyregion(&buffer, - &r); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(isc_buffer_copyregion(&buffer, + &r)); /* * Copy the type to the buffer. */ @@ -189,11 +180,8 @@ dns_ncache_add(dns_message_t *message, dns_db_t *cache, dns_dbnode_t *node, /* * Copy the rdataset into the buffer. */ - result = copy_rdataset(rdataset, - &buffer); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(copy_rdataset(rdataset, + &buffer)); if (next >= DNS_NCACHE_RDATA) { return ISC_R_NOSPACE; diff --git a/lib/dns/notify.c b/lib/dns/notify.c index ed47a92447..da06276393 100644 --- a/lib/dns/notify.c +++ b/lib/dns/notify.c @@ -347,10 +347,7 @@ notify_send_toaddr(void *arg) { goto cleanup; } - result = notify_createmessage(notify, &message); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(notify_createmessage(notify, &message)); if (notify->key != NULL) { /* Transfer ownership of key */ @@ -654,10 +651,7 @@ notify_send(dns_notify_t *notify) { isc_sockaddr_any6(&newnotify->src); } startup = ((notify->flags & DNS_NOTIFY_STARTUP) != 0); - result = dns_notify_queue(newnotify, startup); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(dns_notify_queue(newnotify, startup)); newnotify = NULL; } diff --git a/lib/dns/nsec.c b/lib/dns/nsec.c index 20e1c34fe3..145ada6b17 100644 --- a/lib/dns/nsec.c +++ b/lib/dns/nsec.c @@ -95,7 +95,6 @@ isc_result_t dns_nsec_buildrdata(dns_db_t *db, dns_dbversion_t *version, dns_dbnode_t *node, const dns_name_t *target, unsigned char *buffer, dns_rdata_t *rdata) { - isc_result_t result; isc_region_t r; unsigned int i; unsigned char *nsec_bits, *bm; @@ -118,10 +117,7 @@ dns_nsec_buildrdata(dns_db_t *db, dns_dbversion_t *version, dns_dbnode_t *node, dns_nsec_setbit(bm, dns_rdatatype_nsec, 1); max_type = dns_rdatatype_nsec; rdsiter = NULL; - result = dns_db_allrdatasets(db, node, version, 0, 0, &rdsiter); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(dns_db_allrdatasets(db, node, version, 0, 0, &rdsiter)); DNS_RDATASETITER_FOREACH(rdsiter) { dns_rdataset_t rdataset = DNS_RDATASET_INIT; dns_rdatasetiter_current(rdsiter, &rdataset); @@ -173,10 +169,7 @@ dns_nsec_build(dns_db_t *db, dns_dbversion_t *version, dns_dbnode_t *node, dns_rdataset_init(&rdataset); dns_rdata_init(&rdata); - result = dns_nsec_buildrdata(db, version, node, target, data, &rdata); - if (result != ISC_R_SUCCESS) { - goto failure; - } + CHECK(dns_nsec_buildrdata(db, version, node, target, data, &rdata)); dns_rdatalist_init(&rdatalist); rdatalist.rdclass = dns_db_class(db); @@ -189,7 +182,7 @@ dns_nsec_build(dns_db_t *db, dns_dbversion_t *version, dns_dbnode_t *node, result = ISC_R_SUCCESS; } -failure: +cleanup: if (dns_rdataset_isassociated(&rdataset)) { dns_rdataset_disassociate(&rdataset); } @@ -246,10 +239,7 @@ dns_nsec_nseconly(dns_db_t *db, dns_dbversion_t *version, dns_diff_t *diff, dns_rdataset_init(&rdataset); - result = dns_db_getoriginnode(db, &node); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(dns_db_getoriginnode(db, &node)); result = dns_db_findrdataset(db, node, version, dns_rdatatype_dnskey, 0, 0, &rdataset, NULL); @@ -422,10 +412,7 @@ dns_nsec_noexistnodata(dns_rdatatype_t type, const dns_name_t *name, return DNS_R_DNAME; } - result = dns_rdata_tostruct(&rdata, &nsec, NULL); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(dns_rdata_tostruct(&rdata, &nsec, NULL)); relation = dns_name_fullcompare(&nsec.next, name, &order, &nlabels); if (order == 0) { dns_rdata_freestruct(&nsec); diff --git a/lib/dns/nsec3.c b/lib/dns/nsec3.c index 48a3aede03..ff53e90be9 100644 --- a/lib/dns/nsec3.c +++ b/lib/dns/nsec3.c @@ -41,13 +41,6 @@ #include -#define CHECK(x) \ - do { \ - result = (x); \ - if (result != ISC_R_SUCCESS) \ - goto failure; \ - } while (0) - #define OPTOUT(x) (((x) & DNS_NSEC3FLAG_OPTOUT) != 0) #define CREATE(x) (((x) & DNS_NSEC3FLAG_CREATE) != 0) #define INITIAL(x) (((x) & DNS_NSEC3FLAG_INITIAL) != 0) @@ -60,7 +53,6 @@ dns_nsec3_buildrdata(dns_db_t *db, dns_dbversion_t *version, dns_dbnode_t *node, size_t salt_length, const unsigned char *nexthash, size_t hash_length, unsigned char *buffer, dns_rdata_t *rdata) { - isc_result_t result; isc_region_t r; unsigned int i; bool found; @@ -115,10 +107,7 @@ dns_nsec3_buildrdata(dns_db_t *db, dns_dbversion_t *version, dns_dbnode_t *node, goto collapse_bitmap; } rdsiter = NULL; - result = dns_db_allrdatasets(db, node, version, 0, 0, &rdsiter); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(dns_db_allrdatasets(db, node, version, 0, 0, &rdsiter)); found = found_ns = need_rrsig = false; DNS_RDATASETITER_FOREACH(rdsiter) { dns_rdataset_t rdataset = DNS_RDATASET_INIT; @@ -434,15 +423,12 @@ delnsec3(dns_db_t *db, dns_dbversion_t *version, const dns_name_t *name, dns_difftuple_create(diff->mctx, DNS_DIFFOP_DEL, name, rdataset.ttl, &rdata, &tuple); - result = do_one_tuple(&tuple, db, version, diff); - if (result != ISC_R_SUCCESS) { - goto failure; - } + CHECK(do_one_tuple(&tuple, db, version, diff)); } result = ISC_R_SUCCESS; -failure: +cleanup: dns_rdataset_disassociate(&rdataset); cleanup_node: dns_db_detachnode(&node); @@ -615,7 +601,7 @@ dns_nsec3_addnsec3(dns_db_t *db, dns_dbversion_t *version, } else if (CREATE(nsec3param->flags) && OPTOUT(flags)) { result = dns_nsec3_delnsec3(db, version, name, nsec3param, diff); - goto failure; + goto cleanup; } else { maybe_remove_unsecure = true; } @@ -660,7 +646,7 @@ dns_nsec3_addnsec3(dns_db_t *db, dns_dbversion_t *version, if (OPTOUT(nsec3.flags)) { result = dns_nsec3_delnsec3(db, version, name, nsec3param, diff); - goto failure; + goto cleanup; } goto addnsec3; } else { @@ -670,7 +656,7 @@ dns_nsec3_addnsec3(dns_db_t *db, dns_dbversion_t *version, */ if (OPTOUT(nsec3.flags) && unsecure) { dns_rdataset_disassociate(&rdataset); - goto failure; + goto cleanup; } } @@ -859,7 +845,7 @@ addnsec3: /* result cannot be ISC_R_NOMORE here */ INSIST(result != ISC_R_NOMORE); -failure: +cleanup: if (dbit != NULL) { dns_dbiterator_destroy(&dbit); } @@ -893,10 +879,7 @@ dns_nsec3_addnsec3s(dns_db_t *db, dns_dbversion_t *version, /* * Find the NSEC3 parameters for this zone. */ - result = dns_db_getoriginnode(db, &node); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(dns_db_getoriginnode(db, &node)); result = dns_db_findrdataset(db, node, version, dns_rdatatype_nsec3param, 0, 0, &rdataset, @@ -928,7 +911,7 @@ dns_nsec3_addnsec3s(dns_db_t *db, dns_dbversion_t *version, nsecttl, unsecure, diff)); } -failure: +cleanup: if (dns_rdataset_isassociated(&rdataset)) { dns_rdataset_disassociate(&rdataset); } @@ -1001,7 +984,7 @@ rr_exists(dns_db_t *db, dns_dbversion_t *ver, const dns_name_t *name, if (result == ISC_R_NOTFOUND) { *flag = false; result = ISC_R_SUCCESS; - goto failure; + goto cleanup; } bool matched = false; @@ -1016,7 +999,7 @@ rr_exists(dns_db_t *db, dns_dbversion_t *ver, const dns_name_t *name, dns_rdataset_disassociate(&rdataset); *flag = matched; -failure: +cleanup: if (node != NULL) { dns_db_detachnode(&node); } @@ -1026,7 +1009,6 @@ failure: isc_result_t dns_nsec3param_salttotext(dns_rdata_nsec3param_t *nsec3param, char *dst, size_t dstlen) { - isc_result_t result; isc_region_t r; isc_buffer_t b; @@ -1045,10 +1027,7 @@ dns_nsec3param_salttotext(dns_rdata_nsec3param_t *nsec3param, char *dst, r.length = nsec3param->salt_length; isc_buffer_init(&b, dst, (unsigned int)dstlen); - result = isc_hex_totext(&r, 2, "", &b); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(isc_hex_totext(&r, 2, "", &b)); if (isc_buffer_availablelength(&b) < 1) { return ISC_R_NOSPACE; @@ -1074,10 +1053,7 @@ dns_nsec3param_deletechains(dns_db_t *db, dns_dbversion_t *ver, dns_name_init(&next); dns_rdataset_init(&rdataset); - result = dns_db_getoriginnode(db, &node); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(dns_db_getoriginnode(db, &node)); /* * Cause all NSEC3 chains to be deleted. @@ -1087,9 +1063,7 @@ dns_nsec3param_deletechains(dns_db_t *db, dns_dbversion_t *ver, if (result == ISC_R_NOTFOUND) { goto try_private; } - if (result != ISC_R_SUCCESS) { - goto failure; - } + CHECK(result); DNS_RDATASET_FOREACH(&rdataset) { dns_rdata_t rdata = DNS_RDATA_INIT; @@ -1117,16 +1091,16 @@ dns_nsec3param_deletechains(dns_db_t *db, dns_dbversion_t *ver, try_private: if (privatetype == 0) { - goto success; + result = ISC_R_SUCCESS; + goto cleanup; } result = dns_db_findrdataset(db, node, ver, privatetype, 0, (isc_stdtime_t)0, &rdataset, NULL); if (result == ISC_R_NOTFOUND) { - goto success; - } - if (result != ISC_R_SUCCESS) { - goto failure; + result = ISC_R_SUCCESS; + goto cleanup; } + CHECK(result); DNS_RDATASET_FOREACH(&rdataset) { dns_rdata_t rdata = DNS_RDATA_INIT; @@ -1166,10 +1140,9 @@ try_private: } } -success: result = ISC_R_SUCCESS; -failure: +cleanup: if (dns_rdataset_isassociated(&rdataset)) { dns_rdataset_disassociate(&rdataset); } @@ -1193,15 +1166,12 @@ dns_nsec3_addnsec3sx(dns_db_t *db, dns_dbversion_t *version, /* * Find the NSEC3 parameters for this zone. */ - result = dns_db_getoriginnode(db, &node); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(dns_db_getoriginnode(db, &node)); result = dns_db_findrdataset(db, node, version, type, 0, 0, &prdataset, NULL); if (result != ISC_R_SUCCESS && result != ISC_R_NOTFOUND) { - goto failure; + CHECK(result); } result = dns_db_findrdataset(db, node, version, @@ -1210,9 +1180,7 @@ dns_nsec3_addnsec3sx(dns_db_t *db, dns_dbversion_t *version, if (result == ISC_R_NOTFOUND) { goto try_private; } - if (result != ISC_R_SUCCESS) { - goto failure; - } + CHECK(result); /* * Update each active NSEC3 chain. @@ -1238,8 +1206,10 @@ dns_nsec3_addnsec3sx(dns_db_t *db, dns_dbversion_t *version, try_private: if (!dns_rdataset_isassociated(&prdataset)) { - goto success; + result = ISC_R_SUCCESS; + goto cleanup; } + /* * Update each active NSEC3 chain. */ @@ -1270,9 +1240,9 @@ try_private: nsecttl, unsecure, diff)); } -success: result = ISC_R_SUCCESS; -failure: + +cleanup: if (dns_rdataset_isassociated(&rdataset)) { dns_rdataset_disassociate(&rdataset); } @@ -1380,9 +1350,7 @@ dns_nsec3_delnsec3(dns_db_t *db, dns_dbversion_t *version, if (result == ISC_R_NOTFOUND || result == DNS_R_PARTIALMATCH) { goto cleanup_orphaned_ents; } - if (result != ISC_R_SUCCESS) { - goto failure; - } + CHECK(result); CHECK(dns_dbiterator_current(dbit, &node, NULL)); CHECK(dns_dbiterator_pause(dbit)); @@ -1392,9 +1360,7 @@ dns_nsec3_delnsec3(dns_db_t *db, dns_dbversion_t *version, if (result == ISC_R_NOTFOUND) { goto cleanup_orphaned_ents; } - if (result != ISC_R_SUCCESS) { - goto failure; - } + CHECK(result); /* * If we find a existing NSEC3 for this chain then save the @@ -1408,7 +1374,8 @@ dns_nsec3_delnsec3(dns_db_t *db, dns_dbversion_t *version, } dns_rdataset_disassociate(&rdataset); if (result == ISC_R_NOTFOUND) { - goto success; + result = ISC_R_SUCCESS; + goto cleanup; } /* @@ -1488,11 +1455,10 @@ cleanup_orphaned_ents: salt_length)); result = dns_dbiterator_seek(dbit, hashname); if (result == ISC_R_NOTFOUND || result == DNS_R_PARTIALMATCH) { - goto success; - } - if (result != ISC_R_SUCCESS) { - goto failure; + result = ISC_R_SUCCESS; + goto cleanup; } + CHECK(result); CHECK(dns_dbiterator_current(dbit, &node, NULL)); CHECK(dns_dbiterator_pause(dbit)); @@ -1501,11 +1467,10 @@ cleanup_orphaned_ents: (isc_stdtime_t)0, &rdataset, NULL); dns_db_detachnode(&node); if (result == ISC_R_NOTFOUND) { - goto success; - } - if (result != ISC_R_SUCCESS) { - goto failure; + result = ISC_R_SUCCESS; + goto cleanup; } + CHECK(result); result = find_nsec3(&nsec3, &rdataset, nsec3param); if (result == ISC_R_SUCCESS) { @@ -1515,7 +1480,8 @@ cleanup_orphaned_ents: } dns_rdataset_disassociate(&rdataset); if (result == ISC_R_NOTFOUND) { - goto success; + result = ISC_R_SUCCESS; + goto cleanup; } pass = 0; @@ -1570,10 +1536,9 @@ cleanup_orphaned_ents: CHECK(delnsec3(db, version, hashname, nsec3param, diff)); } while (1); -success: result = ISC_R_SUCCESS; -failure: +cleanup: if (dbit != NULL) { dns_dbiterator_destroy(&dbit); } @@ -1606,10 +1571,7 @@ dns_nsec3_delnsec3sx(dns_db_t *db, dns_dbversion_t *version, /* * Find the NSEC3 parameters for this zone. */ - result = dns_db_getoriginnode(db, &node); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(dns_db_getoriginnode(db, &node)); result = dns_db_findrdataset(db, node, version, dns_rdatatype_nsec3param, 0, 0, &rdataset, @@ -1617,9 +1579,7 @@ dns_nsec3_delnsec3sx(dns_db_t *db, dns_dbversion_t *version, if (result == ISC_R_NOTFOUND) { goto try_private; } - if (result != ISC_R_SUCCESS) { - goto failure; - } + CHECK(result); /* * Update each active NSEC3 chain. @@ -1642,16 +1602,16 @@ dns_nsec3_delnsec3sx(dns_db_t *db, dns_dbversion_t *version, try_private: if (privatetype == 0) { - goto success; + result = ISC_R_SUCCESS; + goto cleanup; } result = dns_db_findrdataset(db, node, version, privatetype, 0, 0, &rdataset, NULL); if (result == ISC_R_NOTFOUND) { - goto success; - } - if (result != ISC_R_SUCCESS) { - goto failure; + result = ISC_R_SUCCESS; + goto cleanup; } + CHECK(result); /* * Update each NSEC3 chain being built. @@ -1682,9 +1642,9 @@ try_private: CHECK(dns_nsec3_delnsec3(db, version, name, &nsec3param, diff)); } -success: result = ISC_R_SUCCESS; -failure: + +cleanup: if (dns_rdataset_isassociated(&rdataset)) { dns_rdataset_disassociate(&rdataset); } @@ -1713,10 +1673,7 @@ dns_nsec3_activex(dns_db_t *db, dns_dbversion_t *version, bool complete, dns_rdataset_init(&rdataset); - result = dns_db_getoriginnode(db, &node); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(dns_db_getoriginnode(db, &node)); result = dns_db_findrdataset(db, node, version, dns_rdatatype_nsec3param, 0, 0, &rdataset, @@ -1839,10 +1796,7 @@ dns_nsec3_noexistnodata(dns_rdatatype_t type, const dns_name_t *name, dns_rdataset_current(nsec3set, &rdata); - result = dns_rdata_tostruct(&rdata, &nsec3, NULL); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(dns_rdata_tostruct(&rdata, &nsec3, NULL)); (*logit)(arg, ISC_LOG_DEBUG(3), "looking for relevant NSEC3"); @@ -1904,10 +1858,7 @@ dns_nsec3_noexistnodata(dns_rdatatype_t type, const dns_name_t *name, dns_name_getlabel(nsec3name, 0, &hashlabel); isc_region_consume(&hashlabel, 1); isc_buffer_init(&buffer, owner, sizeof(owner)); - result = isc_base32hex_decoderegion(&hashlabel, &buffer); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(isc_base32hex_decoderegion(&hashlabel, &buffer)); /* * The hash lengths should match. If not ignore the record. diff --git a/lib/dns/nta.c b/lib/dns/nta.c index b95d1067a9..e2a20faf8b 100644 --- a/lib/dns/nta.c +++ b/lib/dns/nta.c @@ -453,12 +453,7 @@ done: static isc_result_t putstr(isc_buffer_t *b, const char *str) { - isc_result_t result; - - result = isc_buffer_reserve(b, strlen(str)); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(isc_buffer_reserve(b, strlen(str))); isc_buffer_putstr(b, str); return ISC_R_SUCCESS; @@ -509,10 +504,7 @@ dns_ntatable_totext(dns_ntatable_t *ntatable, const char *view, } first = false; - result = putstr(buf, obuf); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(putstr(buf, obuf)); } cleanup: diff --git a/lib/dns/openssl_link.c b/lib/dns/openssl_link.c index 9f06b54553..366e8fcb2d 100644 --- a/lib/dns/openssl_link.c +++ b/lib/dns/openssl_link.c @@ -46,25 +46,19 @@ #include "openssl_shim.h" -#define DST_RET(a) \ - { \ - ret = a; \ - goto err; \ - } - static isc_result_t dst__openssl_fromlabel_provider(int key_base_id, const char *label, const char *pin, EVP_PKEY **ppub, EVP_PKEY **ppriv) { #if OPENSSL_VERSION_NUMBER >= 0x30000000L - isc_result_t ret = DST_R_OPENSSLFAILURE; + isc_result_t result = DST_R_OPENSSLFAILURE; OSSL_STORE_CTX *ctx = NULL; UNUSED(pin); ctx = OSSL_STORE_open(label, NULL, NULL, NULL, NULL); if (!ctx) { - DST_RET(dst__openssl_toresult(DST_R_OPENSSLFAILURE)); + CLEANUP(dst__openssl_toresult(DST_R_OPENSSLFAILURE)); } while (!OSSL_STORE_eof(ctx)) { @@ -76,34 +70,34 @@ dst__openssl_fromlabel_provider(int key_base_id, const char *label, case OSSL_STORE_INFO_PKEY: if (*ppriv != NULL) { OSSL_STORE_INFO_free(info); - DST_RET(DST_R_INVALIDPRIVATEKEY); + CLEANUP(DST_R_INVALIDPRIVATEKEY); } *ppriv = OSSL_STORE_INFO_get1_PKEY(info); if (EVP_PKEY_get_base_id(*ppriv) != key_base_id) { OSSL_STORE_INFO_free(info); - DST_RET(DST_R_BADKEYTYPE); + CLEANUP(DST_R_BADKEYTYPE); } break; case OSSL_STORE_INFO_PUBKEY: if (*ppub != NULL) { OSSL_STORE_INFO_free(info); - DST_RET(DST_R_INVALIDPUBLICKEY); + CLEANUP(DST_R_INVALIDPUBLICKEY); } *ppub = OSSL_STORE_INFO_get1_PUBKEY(info); if (EVP_PKEY_get_base_id(*ppub) != key_base_id) { OSSL_STORE_INFO_free(info); - DST_RET(DST_R_BADKEYTYPE); + CLEANUP(DST_R_BADKEYTYPE); } break; } OSSL_STORE_INFO_free(info); } if (*ppriv != NULL && *ppub != NULL) { - ret = ISC_R_SUCCESS; + result = ISC_R_SUCCESS; } -err: +cleanup: OSSL_STORE_close(ctx); - return ret; + return result; #else UNUSED(key_base_id); UNUSED(label); diff --git a/lib/dns/opensslecdsa_link.c b/lib/dns/opensslecdsa_link.c index c95050020b..54213d5cdf 100644 --- a/lib/dns/opensslecdsa_link.c +++ b/lib/dns/opensslecdsa_link.c @@ -50,12 +50,6 @@ #define MAX_PRIVKEY_SIZE (MAX_PUBKEY_SIZE / 2) -#define DST_RET(a) \ - { \ - ret = a; \ - goto err; \ - } - #if OPENSSL_VERSION_NUMBER >= 0x30200000L static isc_result_t opensslecdsa_set_deterministic(EVP_PKEY_CTX *pctx, unsigned int key_alg) { @@ -170,7 +164,7 @@ static isc_result_t opensslecdsa_create_pkey_params(unsigned int key_alg, bool private, const unsigned char *key, size_t key_len, EVP_PKEY **pkey) { - isc_result_t ret; + isc_result_t result; int status; int group_nid = opensslecdsa_key_alg_to_group_nid(key_alg); const char *groupname = opensslecdsa_key_alg_to_group_name(key_alg); @@ -184,13 +178,13 @@ opensslecdsa_create_pkey_params(unsigned int key_alg, bool private, bld = OSSL_PARAM_BLD_new(); if (bld == NULL) { - DST_RET(dst__openssl_toresult2("OSSL_PARAM_BLD_new", + CLEANUP(dst__openssl_toresult2("OSSL_PARAM_BLD_new", DST_R_OPENSSLFAILURE)); } status = OSSL_PARAM_BLD_push_utf8_string( bld, OSSL_PKEY_PARAM_GROUP_NAME, groupname, 0); if (status != 1) { - DST_RET(dst__openssl_toresult2("OSSL_PARAM_BLD_push_" + CLEANUP(dst__openssl_toresult2("OSSL_PARAM_BLD_push_" "utf8_string", DST_R_OPENSSLFAILURE)); } @@ -198,27 +192,27 @@ opensslecdsa_create_pkey_params(unsigned int key_alg, bool private, if (private) { group = EC_GROUP_new_by_curve_name(group_nid); if (group == NULL) { - DST_RET(dst__openssl_toresult2("EC_GROUP_new_by_" + CLEANUP(dst__openssl_toresult2("EC_GROUP_new_by_" "curve_name", DST_R_OPENSSLFAILURE)); } priv = BN_bin2bn(key, key_len, NULL); if (priv == NULL) { - DST_RET(dst__openssl_toresult2("BN_bin2bn", + CLEANUP(dst__openssl_toresult2("BN_bin2bn", DST_R_OPENSSLFAILURE)); } status = OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_PRIV_KEY, priv); if (status != 1) { - DST_RET(dst__openssl_toresult2("OSSL_PARAM_BLD_push_BN", + CLEANUP(dst__openssl_toresult2("OSSL_PARAM_BLD_push_BN", DST_R_OPENSSLFAILURE)); } pubkey = opensslecdsa_generate_public_key(group, priv); if (pubkey == NULL) { - DST_RET(dst__openssl_toresult(DST_R_OPENSSLFAILURE)); + CLEANUP(dst__openssl_toresult(DST_R_OPENSSLFAILURE)); } key = buf; @@ -226,7 +220,7 @@ opensslecdsa_create_pkey_params(unsigned int key_alg, bool private, POINT_CONVERSION_UNCOMPRESSED, buf, sizeof(buf), NULL); if (key_len == 0) { - DST_RET(dst__openssl_toresult2("EC_POINT_point2oct", + CLEANUP(dst__openssl_toresult2("EC_POINT_point2oct", DST_R_OPENSSLFAILURE)); } } else { @@ -240,38 +234,38 @@ opensslecdsa_create_pkey_params(unsigned int key_alg, bool private, status = OSSL_PARAM_BLD_push_octet_string(bld, OSSL_PKEY_PARAM_PUB_KEY, key, key_len); if (status != 1) { - DST_RET(dst__openssl_toresult2("OSSL_PARAM_BLD_push_" + CLEANUP(dst__openssl_toresult2("OSSL_PARAM_BLD_push_" "octet_string", DST_R_OPENSSLFAILURE)); } params = OSSL_PARAM_BLD_to_param(bld); if (params == NULL) { - DST_RET(dst__openssl_toresult2("OSSL_PARAM_BLD_to_param", + CLEANUP(dst__openssl_toresult2("OSSL_PARAM_BLD_to_param", DST_R_OPENSSLFAILURE)); } ctx = EVP_PKEY_CTX_new_from_name(NULL, "EC", NULL); if (ctx == NULL) { - DST_RET(dst__openssl_toresult2("EVP_PKEY_CTX_new_from_name", + CLEANUP(dst__openssl_toresult2("EVP_PKEY_CTX_new_from_name", DST_R_OPENSSLFAILURE)); } status = EVP_PKEY_fromdata_init(ctx); if (status != 1) { /* This will fail if the default provider is an engine. * Return ISC_R_FAILURE to retry using the legacy API. */ - DST_RET(dst__openssl_toresult(ISC_R_FAILURE)); + CLEANUP(dst__openssl_toresult(ISC_R_FAILURE)); } status = EVP_PKEY_fromdata( ctx, pkey, private ? EVP_PKEY_KEYPAIR : EVP_PKEY_PUBLIC_KEY, params); if (status != 1 || *pkey == NULL) { - DST_RET(dst__openssl_toresult2("EVP_PKEY_fromdata", + CLEANUP(dst__openssl_toresult2("EVP_PKEY_fromdata", DST_R_OPENSSLFAILURE)); } - ret = ISC_R_SUCCESS; + result = ISC_R_SUCCESS; -err: +cleanup: OSSL_PARAM_free(params); OSSL_PARAM_BLD_free(bld); EVP_PKEY_CTX_free(ctx); @@ -279,7 +273,7 @@ err: EC_POINT_free(pubkey); EC_GROUP_free(group); - return ret; + return result; } static bool @@ -310,7 +304,7 @@ static isc_result_t opensslecdsa_create_pkey_legacy(unsigned int key_alg, bool private, const unsigned char *key, size_t key_len, EVP_PKEY **retkey) { - isc_result_t ret = ISC_R_SUCCESS; + isc_result_t result = ISC_R_SUCCESS; EC_KEY *eckey = NULL; EVP_PKEY *pkey = NULL; BIGNUM *privkey = NULL; @@ -320,7 +314,7 @@ opensslecdsa_create_pkey_legacy(unsigned int key_alg, bool private, eckey = EC_KEY_new_by_curve_name(group_nid); if (eckey == NULL) { - DST_RET(dst__openssl_toresult(DST_R_OPENSSLFAILURE)); + CLEANUP(dst__openssl_toresult(DST_R_OPENSSLFAILURE)); } if (private) { @@ -328,18 +322,18 @@ opensslecdsa_create_pkey_legacy(unsigned int key_alg, bool private, privkey = BN_bin2bn(key, key_len, NULL); if (privkey == NULL) { - DST_RET(dst__openssl_toresult(DST_R_OPENSSLFAILURE)); + CLEANUP(dst__openssl_toresult(DST_R_OPENSSLFAILURE)); } if (!EC_KEY_set_private_key(eckey, privkey)) { - DST_RET(dst__openssl_toresult(DST_R_INVALIDPRIVATEKEY)); + CLEANUP(dst__openssl_toresult(DST_R_INVALIDPRIVATEKEY)); } pubkey = opensslecdsa_generate_public_key(group, privkey); if (pubkey == NULL) { - DST_RET(dst__openssl_toresult(DST_R_OPENSSLFAILURE)); + CLEANUP(dst__openssl_toresult(DST_R_OPENSSLFAILURE)); } if (EC_KEY_set_public_key(eckey, pubkey) != 1) { - DST_RET(dst__openssl_toresult(DST_R_OPENSSLFAILURE)); + CLEANUP(dst__openssl_toresult(DST_R_OPENSSLFAILURE)); } } else { const unsigned char *cp = buf; @@ -347,30 +341,30 @@ opensslecdsa_create_pkey_legacy(unsigned int key_alg, bool private, buf[0] = POINT_CONVERSION_UNCOMPRESSED; memmove(buf + 1, key, key_len); if (o2i_ECPublicKey(&eckey, &cp, key_len + 1) == NULL) { - DST_RET(dst__openssl_toresult(DST_R_INVALIDPUBLICKEY)); + CLEANUP(dst__openssl_toresult(DST_R_INVALIDPUBLICKEY)); } if (EC_KEY_check_key(eckey) != 1) { - DST_RET(dst__openssl_toresult(DST_R_INVALIDPUBLICKEY)); + CLEANUP(dst__openssl_toresult(DST_R_INVALIDPUBLICKEY)); } } pkey = EVP_PKEY_new(); if (pkey == NULL) { - DST_RET(dst__openssl_toresult(ISC_R_NOMEMORY)); + CLEANUP(dst__openssl_toresult(ISC_R_NOMEMORY)); } if (!EVP_PKEY_set1_EC_KEY(pkey, eckey)) { - DST_RET(dst__openssl_toresult(ISC_R_FAILURE)); + CLEANUP(dst__openssl_toresult(ISC_R_FAILURE)); } *retkey = pkey; pkey = NULL; -err: +cleanup: BN_clear_free(privkey); EC_POINT_free(pubkey); EC_KEY_free(eckey); EVP_PKEY_free(pkey); - return ret; + return result; } static bool @@ -419,18 +413,18 @@ static isc_result_t opensslecdsa_create_pkey(unsigned int key_alg, bool private, const unsigned char *key, size_t key_len, EVP_PKEY **retkey) { - isc_result_t ret; + isc_result_t result; #if OPENSSL_VERSION_NUMBER >= 0x30000000L - ret = opensslecdsa_create_pkey_params(key_alg, private, key, key_len, - retkey); - if (ret != ISC_R_FAILURE) { - return ret; + result = opensslecdsa_create_pkey_params(key_alg, private, key, key_len, + retkey); + if (result != ISC_R_FAILURE) { + return result; } #else - ret = opensslecdsa_create_pkey_legacy(key_alg, private, key, key_len, - retkey); - if (ret == ISC_R_SUCCESS) { - return ret; + result = opensslecdsa_create_pkey_legacy(key_alg, private, key, key_len, + retkey); + if (result == ISC_R_SUCCESS) { + return result; } #endif return DST_R_OPENSSLFAILURE; @@ -442,7 +436,7 @@ static isc_result_t opensslecdsa_generate_pkey_with_uri(int group_nid, const char *label, EVP_PKEY **retkey) { int status; - isc_result_t ret; + isc_result_t result; char *uri = UNCONST(label); EVP_PKEY_CTX *ctx = NULL; OSSL_PARAM params[3]; @@ -455,19 +449,19 @@ opensslecdsa_generate_pkey_with_uri(int group_nid, const char *label, ctx = EVP_PKEY_CTX_new_from_name(NULL, "EC", "provider=pkcs11"); if (ctx == NULL) { - DST_RET(dst__openssl_toresult2("EVP_PKEY_CTX_new_from_name", + CLEANUP(dst__openssl_toresult2("EVP_PKEY_CTX_new_from_name", DST_R_OPENSSLFAILURE)); } status = EVP_PKEY_keygen_init(ctx); if (status != 1) { - DST_RET(dst__openssl_toresult2("EVP_PKEY_keygen_init", + CLEANUP(dst__openssl_toresult2("EVP_PKEY_keygen_init", DST_R_OPENSSLFAILURE)); } status = EVP_PKEY_CTX_set_params(ctx, params); if (status != 1) { - DST_RET(dst__openssl_toresult2("EVP_PKEY_CTX_set_params", + CLEANUP(dst__openssl_toresult2("EVP_PKEY_CTX_set_params", DST_R_OPENSSLFAILURE)); } /* @@ -478,7 +472,7 @@ opensslecdsa_generate_pkey_with_uri(int group_nid, const char *label, */ status = EVP_PKEY_CTX_set_ec_paramgen_curve_nid(ctx, group_nid); if (status != 1) { - DST_RET(dst__openssl_toresult2("EVP_PKEY_CTX_set_ec_paramgen_" + CLEANUP(dst__openssl_toresult2("EVP_PKEY_CTX_set_ec_paramgen_" "curve_nid", DST_R_OPENSSLFAILURE)); } @@ -486,21 +480,21 @@ opensslecdsa_generate_pkey_with_uri(int group_nid, const char *label, /* Generate the key. */ status = EVP_PKEY_generate(ctx, retkey); if (status != 1) { - DST_RET(dst__openssl_toresult2("EVP_PKEY_generate", + CLEANUP(dst__openssl_toresult2("EVP_PKEY_generate", DST_R_OPENSSLFAILURE)); } - ret = ISC_R_SUCCESS; + result = ISC_R_SUCCESS; -err: +cleanup: EVP_PKEY_CTX_free(ctx); - return ret; + return result; } static isc_result_t opensslecdsa_generate_pkey(unsigned int key_alg, const char *label, EVP_PKEY **retkey) { - isc_result_t ret; + isc_result_t result; EVP_PKEY_CTX *ctx = NULL; EVP_PKEY *params_pkey = NULL; int group_nid = opensslecdsa_key_alg_to_group_nid(key_alg); @@ -514,23 +508,23 @@ opensslecdsa_generate_pkey(unsigned int key_alg, const char *label, /* Generate the key's parameters. */ ctx = EVP_PKEY_CTX_new_from_name(NULL, "EC", NULL); if (ctx == NULL) { - DST_RET(dst__openssl_toresult2("EVP_PKEY_CTX_new_from_name", + CLEANUP(dst__openssl_toresult2("EVP_PKEY_CTX_new_from_name", DST_R_OPENSSLFAILURE)); } status = EVP_PKEY_paramgen_init(ctx); if (status != 1) { - DST_RET(dst__openssl_toresult2("EVP_PKEY_paramgen_init", + CLEANUP(dst__openssl_toresult2("EVP_PKEY_paramgen_init", DST_R_OPENSSLFAILURE)); } status = EVP_PKEY_CTX_set_ec_paramgen_curve_nid(ctx, group_nid); if (status != 1) { - DST_RET(dst__openssl_toresult2("EVP_PKEY_CTX_set_ec_paramgen_" + CLEANUP(dst__openssl_toresult2("EVP_PKEY_CTX_set_ec_paramgen_" "curve_nid", DST_R_OPENSSLFAILURE)); } status = EVP_PKEY_paramgen(ctx, ¶ms_pkey); if (status != 1 || params_pkey == NULL) { - DST_RET(dst__openssl_toresult2("EVP_PKEY_paramgen", + CLEANUP(dst__openssl_toresult2("EVP_PKEY_paramgen", DST_R_OPENSSLFAILURE)); } EVP_PKEY_CTX_free(ctx); @@ -538,26 +532,26 @@ opensslecdsa_generate_pkey(unsigned int key_alg, const char *label, /* Generate the key. */ ctx = EVP_PKEY_CTX_new(params_pkey, NULL); if (ctx == NULL) { - DST_RET(dst__openssl_toresult2("EVP_PKEY_CTX_new", + CLEANUP(dst__openssl_toresult2("EVP_PKEY_CTX_new", DST_R_OPENSSLFAILURE)); } status = EVP_PKEY_keygen_init(ctx); if (status != 1) { - DST_RET(dst__openssl_toresult2("EVP_PKEY_keygen_init", + CLEANUP(dst__openssl_toresult2("EVP_PKEY_keygen_init", DST_R_OPENSSLFAILURE)); } status = EVP_PKEY_keygen(ctx, retkey); if (status != 1) { - DST_RET(dst__openssl_toresult2("EVP_PKEY_keygen", + CLEANUP(dst__openssl_toresult2("EVP_PKEY_keygen", DST_R_OPENSSLFAILURE)); } - ret = ISC_R_SUCCESS; + result = ISC_R_SUCCESS; -err: +cleanup: EVP_PKEY_free(params_pkey); EVP_PKEY_CTX_free(ctx); - return ret; + return result; } static isc_result_t @@ -594,7 +588,7 @@ opensslecdsa_extract_private_key(const dst_key_t *key, unsigned char *buf, static isc_result_t opensslecdsa_generate_pkey(unsigned int key_alg, const char *label, EVP_PKEY **retkey) { - isc_result_t ret; + isc_result_t result; EC_KEY *eckey = NULL; EVP_PKEY *pkey = NULL; int group_nid; @@ -605,31 +599,31 @@ opensslecdsa_generate_pkey(unsigned int key_alg, const char *label, eckey = EC_KEY_new_by_curve_name(group_nid); if (eckey == NULL) { - DST_RET(dst__openssl_toresult2("EC_KEY_new_by_curve_name", + CLEANUP(dst__openssl_toresult2("EC_KEY_new_by_curve_name", DST_R_OPENSSLFAILURE)); } if (EC_KEY_generate_key(eckey) != 1) { - DST_RET(dst__openssl_toresult2("EC_KEY_generate_key", + CLEANUP(dst__openssl_toresult2("EC_KEY_generate_key", DST_R_OPENSSLFAILURE)); } pkey = EVP_PKEY_new(); if (pkey == NULL) { - DST_RET(dst__openssl_toresult(ISC_R_NOMEMORY)); + CLEANUP(dst__openssl_toresult(ISC_R_NOMEMORY)); } if (EVP_PKEY_set1_EC_KEY(pkey, eckey) != 1) { - DST_RET(dst__openssl_toresult2("EVP_PKEY_set1_EC_KEY", + CLEANUP(dst__openssl_toresult2("EVP_PKEY_set1_EC_KEY", DST_R_OPENSSLFAILURE)); } *retkey = pkey; pkey = NULL; - ret = ISC_R_SUCCESS; + result = ISC_R_SUCCESS; -err: +cleanup: EC_KEY_free(eckey); EVP_PKEY_free(pkey); - return ret; + return result; } static isc_result_t @@ -676,7 +670,7 @@ opensslecdsa_extract_private_key(const dst_key_t *key, unsigned char *buf, static isc_result_t opensslecdsa_createctx(dst_key_t *key, dst_context_t *dctx) { - isc_result_t ret = ISC_R_SUCCESS; + isc_result_t result = ISC_R_SUCCESS; EVP_MD_CTX *evp_md_ctx; EVP_PKEY_CTX *pctx = NULL; const EVP_MD *type = NULL; @@ -687,7 +681,7 @@ opensslecdsa_createctx(dst_key_t *key, dst_context_t *dctx) { evp_md_ctx = EVP_MD_CTX_create(); if (evp_md_ctx == NULL) { - DST_RET(dst__openssl_toresult(ISC_R_NOMEMORY)); + CLEANUP(dst__openssl_toresult(ISC_R_NOMEMORY)); } if (dctx->key->key_alg == DST_ALG_ECDSA256) { type = isc__crypto_sha256; @@ -700,18 +694,15 @@ opensslecdsa_createctx(dst_key_t *key, dst_context_t *dctx) { dctx->key->keydata.pkeypair.priv) != 1) { EVP_MD_CTX_destroy(evp_md_ctx); - DST_RET(dst__openssl_toresult3(dctx->category, + CLEANUP(dst__openssl_toresult3(dctx->category, "EVP_DigestSignInit", ISC_R_FAILURE)); } #if OPENSSL_VERSION_NUMBER >= 0x30200000L if (!isc_crypto_fips_mode()) { - ret = opensslecdsa_set_deterministic( - pctx, dctx->key->key_alg); - if (ret != ISC_R_SUCCESS) { - goto err; - } + CHECK(opensslecdsa_set_deterministic( + pctx, dctx->key->key_alg)); } #endif /* OPENSSL_VERSION_NUMBER >= 0x30200000L */ @@ -720,7 +711,7 @@ opensslecdsa_createctx(dst_key_t *key, dst_context_t *dctx) { dctx->key->keydata.pkeypair.pub) != 1) { EVP_MD_CTX_destroy(evp_md_ctx); - DST_RET(dst__openssl_toresult3(dctx->category, + CLEANUP(dst__openssl_toresult3(dctx->category, "EVP_DigestVerifyInit", ISC_R_FAILURE)); } @@ -728,8 +719,8 @@ opensslecdsa_createctx(dst_key_t *key, dst_context_t *dctx) { dctx->ctxdata.evp_md_ctx = evp_md_ctx; -err: - return ret; +cleanup: + return result; } static void @@ -747,7 +738,7 @@ opensslecdsa_destroyctx(dst_context_t *dctx) { static isc_result_t opensslecdsa_adddata(dst_context_t *dctx, const isc_region_t *data) { - isc_result_t ret = ISC_R_SUCCESS; + isc_result_t result = ISC_R_SUCCESS; EVP_MD_CTX *evp_md_ctx = dctx->ctxdata.evp_md_ctx; REQUIRE(opensslecdsa_valid_key_alg(dctx->key->key_alg)); @@ -757,7 +748,7 @@ opensslecdsa_adddata(dst_context_t *dctx, const isc_region_t *data) { if (EVP_DigestSignUpdate(evp_md_ctx, data->base, data->length) != 1) { - DST_RET(dst__openssl_toresult3(dctx->category, + CLEANUP(dst__openssl_toresult3(dctx->category, "EVP_DigestSignUpdate", ISC_R_FAILURE)); } @@ -765,19 +756,19 @@ opensslecdsa_adddata(dst_context_t *dctx, const isc_region_t *data) { if (EVP_DigestVerifyUpdate(evp_md_ctx, data->base, data->length) != 1) { - DST_RET(dst__openssl_toresult3(dctx->category, + CLEANUP(dst__openssl_toresult3(dctx->category, "EVP_DigestVerifyUpdate", ISC_R_FAILURE)); } } -err: - return ret; +cleanup: + return result; } static isc_result_t opensslecdsa_sign(dst_context_t *dctx, isc_buffer_t *sig) { - isc_result_t ret; + isc_result_t result; dst_key_t *key = dctx->key; isc_region_t region; EVP_MD_CTX *evp_md_ctx = dctx->ctxdata.evp_md_ctx; @@ -798,25 +789,25 @@ opensslecdsa_sign(dst_context_t *dctx, isc_buffer_t *sig) { isc_buffer_availableregion(sig, ®ion); if (region.length < siglen) { - DST_RET(ISC_R_NOSPACE); + CLEANUP(ISC_R_NOSPACE); } if (EVP_DigestSignFinal(evp_md_ctx, NULL, &sigder_len) != 1) { - DST_RET(dst__openssl_toresult3( + CLEANUP(dst__openssl_toresult3( dctx->category, "EVP_DigestSignFinal", ISC_R_FAILURE)); } if (sigder_len == 0) { - DST_RET(ISC_R_FAILURE); + CLEANUP(ISC_R_FAILURE); } sigder = isc_mem_get(dctx->mctx, sigder_len); sigder_alloced = sigder_len; if (EVP_DigestSignFinal(evp_md_ctx, sigder, &sigder_len) != 1) { - DST_RET(dst__openssl_toresult3( + CLEANUP(dst__openssl_toresult3( dctx->category, "EVP_DigestSignFinal", ISC_R_FAILURE)); } sigder_copy = sigder; if (d2i_ECDSA_SIG(&ecdsasig, &sigder_copy, sigder_len) == NULL) { - DST_RET(dst__openssl_toresult3(dctx->category, "d2i_ECDSA_SIG", + CLEANUP(dst__openssl_toresult3(dctx->category, "d2i_ECDSA_SIG", ISC_R_FAILURE)); } @@ -827,19 +818,19 @@ opensslecdsa_sign(dst_context_t *dctx, isc_buffer_t *sig) { isc_region_consume(®ion, siglen / 2); ECDSA_SIG_free(ecdsasig); isc_buffer_add(sig, siglen); - ret = ISC_R_SUCCESS; + result = ISC_R_SUCCESS; -err: +cleanup: if (sigder != NULL && sigder_alloced != 0) { isc_mem_put(dctx->mctx, sigder, sigder_alloced); } - return ret; + return result; } static isc_result_t opensslecdsa_verify(dst_context_t *dctx, const isc_region_t *sig) { - isc_result_t ret; + isc_result_t result; dst_key_t *key = dctx->key; int status; unsigned char *cp = sig->base; @@ -860,12 +851,12 @@ opensslecdsa_verify(dst_context_t *dctx, const isc_region_t *sig) { } if (sig->length != siglen) { - DST_RET(DST_R_VERIFYFAILURE); + CLEANUP(DST_R_VERIFYFAILURE); } ecdsasig = ECDSA_SIG_new(); if (ecdsasig == NULL) { - DST_RET(dst__openssl_toresult(ISC_R_NOMEMORY)); + CLEANUP(dst__openssl_toresult(ISC_R_NOMEMORY)); } r = BN_bin2bn(cp, siglen / 2, NULL); cp += siglen / 2; @@ -875,7 +866,7 @@ opensslecdsa_verify(dst_context_t *dctx, const isc_region_t *sig) { status = i2d_ECDSA_SIG(ecdsasig, NULL); if (status < 0) { - DST_RET(dst__openssl_toresult3(dctx->category, "i2d_ECDSA_SIG", + CLEANUP(dst__openssl_toresult3(dctx->category, "i2d_ECDSA_SIG", DST_R_VERIFYFAILURE)); } @@ -886,7 +877,7 @@ opensslecdsa_verify(dst_context_t *dctx, const isc_region_t *sig) { sigder_copy = sigder; status = i2d_ECDSA_SIG(ecdsasig, &sigder_copy); if (status < 0) { - DST_RET(dst__openssl_toresult3(dctx->category, "i2d_ECDSA_SIG", + CLEANUP(dst__openssl_toresult3(dctx->category, "i2d_ECDSA_SIG", DST_R_VERIFYFAILURE)); } @@ -894,19 +885,19 @@ opensslecdsa_verify(dst_context_t *dctx, const isc_region_t *sig) { switch (status) { case 1: - ret = ISC_R_SUCCESS; + result = ISC_R_SUCCESS; break; case 0: - ret = dst__openssl_toresult(DST_R_VERIFYFAILURE); + result = dst__openssl_toresult(DST_R_VERIFYFAILURE); break; default: - ret = dst__openssl_toresult3(dctx->category, - "EVP_DigestVerifyFinal", - DST_R_VERIFYFAILURE); + result = dst__openssl_toresult3(dctx->category, + "EVP_DigestVerifyFinal", + DST_R_VERIFYFAILURE); break; } -err: +cleanup: if (ecdsasig != NULL) { ECDSA_SIG_free(ecdsasig); } @@ -914,32 +905,28 @@ err: isc_mem_put(dctx->mctx, sigder, sigder_alloced); } - return ret; + return result; } static isc_result_t opensslecdsa_generate(dst_key_t *key, int unused, void (*callback)(int)) { - isc_result_t ret; EVP_PKEY *pkey = NULL; REQUIRE(opensslecdsa_valid_key_alg(key->key_alg)); UNUSED(unused); UNUSED(callback); - ret = opensslecdsa_generate_pkey(key->key_alg, key->label, &pkey); - if (ret != ISC_R_SUCCESS) { - return ret; - } + RETERR(opensslecdsa_generate_pkey(key->key_alg, key->label, &pkey)); key->key_size = EVP_PKEY_bits(pkey); key->keydata.pkeypair.priv = pkey; key->keydata.pkeypair.pub = pkey; - return ret; + return ISC_R_SUCCESS; } static isc_result_t opensslecdsa_todns(const dst_key_t *key, isc_buffer_t *data) { - isc_result_t ret; + isc_result_t result; isc_region_t r; size_t keysize; @@ -949,22 +936,22 @@ opensslecdsa_todns(const dst_key_t *key, isc_buffer_t *data) { keysize = opensslecdsa_key_alg_to_publickey_size(key->key_alg); isc_buffer_availableregion(data, &r); if (r.length < keysize) { - DST_RET(ISC_R_NOSPACE); + CLEANUP(ISC_R_NOSPACE); } if (!opensslecdsa_extract_public_key(key, r.base, keysize)) { - DST_RET(dst__openssl_toresult(DST_R_OPENSSLFAILURE)); + CLEANUP(dst__openssl_toresult(DST_R_OPENSSLFAILURE)); } isc_buffer_add(data, keysize); - ret = ISC_R_SUCCESS; + result = ISC_R_SUCCESS; -err: - return ret; +cleanup: + return result; } static isc_result_t opensslecdsa_fromdns(dst_key_t *key, isc_buffer_t *data) { - isc_result_t ret; + isc_result_t result; EVP_PKEY *pkey = NULL; isc_region_t r; size_t len; @@ -974,45 +961,43 @@ opensslecdsa_fromdns(dst_key_t *key, isc_buffer_t *data) { isc_buffer_remainingregion(data, &r); if (r.length == 0) { - DST_RET(ISC_R_SUCCESS); + CLEANUP(ISC_R_SUCCESS); } if (r.length != len) { - DST_RET(DST_R_INVALIDPUBLICKEY); + CLEANUP(DST_R_INVALIDPUBLICKEY); } - ret = opensslecdsa_create_pkey(key->key_alg, false, r.base, len, &pkey); - if (ret != ISC_R_SUCCESS) { - DST_RET(ret); - } + CHECK(opensslecdsa_create_pkey(key->key_alg, false, r.base, len, + &pkey)); isc_buffer_forward(data, len); key->key_size = EVP_PKEY_bits(pkey); key->keydata.pkeypair.pub = pkey; - ret = ISC_R_SUCCESS; + result = ISC_R_SUCCESS; -err: - return ret; +cleanup: + return result; } static isc_result_t opensslecdsa_tofile(const dst_key_t *key, const char *directory) { - isc_result_t ret; + isc_result_t result; dst_private_t priv; unsigned char buf[MAX_PRIVKEY_SIZE]; size_t keylen = 0; unsigned short i; if (key->keydata.pkeypair.pub == NULL) { - DST_RET(DST_R_NULLKEY); + CLEANUP(DST_R_NULLKEY); } if (key->external) { priv.nelements = 0; - DST_RET(dst__privstruct_writefile(key, &priv, directory)); + CLEANUP(dst__privstruct_writefile(key, &priv, directory)); } if (key->keydata.pkeypair.priv == NULL) { - DST_RET(DST_R_NULLKEY); + CLEANUP(DST_R_NULLKEY); } keylen = opensslecdsa_key_alg_to_publickey_size(key->key_alg) / 2; @@ -1035,11 +1020,11 @@ opensslecdsa_tofile(const dst_key_t *key, const char *directory) { } priv.nelements = i; - ret = dst__privstruct_writefile(key, &priv, directory); + result = dst__privstruct_writefile(key, &priv, directory); -err: +cleanup: isc_safe_memwipe(buf, keylen); - return ret; + return result; } static isc_result_t @@ -1048,7 +1033,7 @@ opensslecdsa_fromlabel(dst_key_t *key, const char *label, const char *pin); static isc_result_t opensslecdsa_parse(dst_key_t *key, isc_lex_t *lexer, dst_key_t *pub) { dst_private_t priv; - isc_result_t ret; + isc_result_t result; EVP_PKEY *pkey = NULL; const char *label = NULL; int i, privkey_index = -1; @@ -1056,21 +1041,18 @@ opensslecdsa_parse(dst_key_t *key, isc_lex_t *lexer, dst_key_t *pub) { REQUIRE(opensslecdsa_valid_key_alg(key->key_alg)); /* read private key file */ - ret = dst__privstruct_parse(key, DST_ALG_ECDSA256, lexer, key->mctx, - &priv); - if (ret != ISC_R_SUCCESS) { - goto err; - } + CHECK(dst__privstruct_parse(key, DST_ALG_ECDSA256, lexer, key->mctx, + &priv)); if (key->external) { if (priv.nelements != 0 || pub == NULL) { - DST_RET(dst__openssl_toresult(DST_R_INVALIDPRIVATEKEY)); + CLEANUP(dst__openssl_toresult(DST_R_INVALIDPRIVATEKEY)); } key->keydata.pkeypair.priv = pub->keydata.pkeypair.priv; key->keydata.pkeypair.pub = pub->keydata.pkeypair.pub; pub->keydata.pkeypair.priv = NULL; pub->keydata.pkeypair.pub = NULL; - DST_RET(ISC_R_SUCCESS); + CLEANUP(ISC_R_SUCCESS); } for (i = 0; i < priv.nelements; i++) { @@ -1090,33 +1072,27 @@ opensslecdsa_parse(dst_key_t *key, isc_lex_t *lexer, dst_key_t *pub) { } if (label != NULL) { - ret = opensslecdsa_fromlabel(key, label, NULL); - if (ret != ISC_R_SUCCESS) { - goto err; - } + CHECK(opensslecdsa_fromlabel(key, label, NULL)); /* Check that the public component matches if given */ if (pub != NULL && EVP_PKEY_eq(key->keydata.pkeypair.pub, pub->keydata.pkeypair.pub) != 1) { - DST_RET(DST_R_INVALIDPRIVATEKEY); + CLEANUP(DST_R_INVALIDPRIVATEKEY); } - DST_RET(ISC_R_SUCCESS); + CLEANUP(ISC_R_SUCCESS); } if (privkey_index < 0) { - DST_RET(dst__openssl_toresult(DST_R_INVALIDPRIVATEKEY)); + CLEANUP(dst__openssl_toresult(DST_R_INVALIDPRIVATEKEY)); } - ret = opensslecdsa_create_pkey( + CHECK(opensslecdsa_create_pkey( key->key_alg, true, priv.elements[privkey_index].data, - priv.elements[privkey_index].length, &pkey); - if (ret != ISC_R_SUCCESS) { - goto err; - } + priv.elements[privkey_index].length, &pkey)); /* Check that the public component matches if given */ if (pub != NULL && EVP_PKEY_eq(pkey, pub->keydata.pkeypair.pub) != 1) { - DST_RET(DST_R_INVALIDPRIVATEKEY); + CLEANUP(DST_R_INVALIDPRIVATEKEY); } key->key_size = EVP_PKEY_bits(pkey); @@ -1124,39 +1100,30 @@ opensslecdsa_parse(dst_key_t *key, isc_lex_t *lexer, dst_key_t *pub) { key->keydata.pkeypair.pub = pkey; pkey = NULL; -err: +cleanup: EVP_PKEY_free(pkey); - if (ret != ISC_R_SUCCESS) { + if (result != ISC_R_SUCCESS) { key->keydata.generic = NULL; } dst__privstruct_free(&priv, key->mctx); isc_safe_memwipe(&priv, sizeof(priv)); - return ret; + return result; } static isc_result_t opensslecdsa_fromlabel(dst_key_t *key, const char *label, const char *pin) { EVP_PKEY *privpkey = NULL, *pubpkey = NULL; - isc_result_t ret; + isc_result_t result; REQUIRE(opensslecdsa_valid_key_alg(key->key_alg)); UNUSED(pin); - ret = dst__openssl_fromlabel(EVP_PKEY_EC, label, pin, &pubpkey, - &privpkey); - if (ret != ISC_R_SUCCESS) { - goto err; - } + CHECK(dst__openssl_fromlabel(EVP_PKEY_EC, label, pin, &pubpkey, + &privpkey)); - ret = opensslecdsa_validate_pkey_group(key->key_alg, privpkey); - if (ret != ISC_R_SUCCESS) { - goto err; - } - ret = opensslecdsa_validate_pkey_group(key->key_alg, pubpkey); - if (ret != ISC_R_SUCCESS) { - goto err; - } + CHECK(opensslecdsa_validate_pkey_group(key->key_alg, privpkey)); + CHECK(opensslecdsa_validate_pkey_group(key->key_alg, pubpkey)); key->label = isc_mem_strdup(key->mctx, label); key->key_size = EVP_PKEY_bits(privpkey); @@ -1165,10 +1132,10 @@ opensslecdsa_fromlabel(dst_key_t *key, const char *label, const char *pin) { privpkey = NULL; pubpkey = NULL; -err: +cleanup: EVP_PKEY_free(privpkey); EVP_PKEY_free(pubpkey); - return ret; + return result; } static dst_func_t opensslecdsa_functions = { diff --git a/lib/dns/openssleddsa_link.c b/lib/dns/openssleddsa_link.c index fd383f688b..7ef6e495c5 100644 --- a/lib/dns/openssleddsa_link.c +++ b/lib/dns/openssleddsa_link.c @@ -33,12 +33,6 @@ #include "dst_parse.h" #include "openssl_shim.h" -#define DST_RET(a) \ - { \ - ret = a; \ - goto err; \ - } - #ifndef NID_ED25519 #error "Ed25519 group is not known (NID_ED25519)" #endif /* ifndef NID_ED25519 */ @@ -82,13 +76,13 @@ openssleddsa_alg_info(unsigned int key_alg) { static isc_result_t raw_key_to_ossl(const eddsa_alginfo_t *alginfo, int private, const unsigned char *key, size_t *key_len, EVP_PKEY **pkey) { - isc_result_t ret; + isc_result_t result; int pkey_type = alginfo->pkey_type; size_t len = alginfo->key_size; - ret = (private ? DST_R_INVALIDPRIVATEKEY : DST_R_INVALIDPUBLICKEY); + result = (private ? DST_R_INVALIDPRIVATEKEY : DST_R_INVALIDPUBLICKEY); if (*key_len < len) { - return ret; + return result; } if (private) { @@ -97,7 +91,7 @@ raw_key_to_ossl(const eddsa_alginfo_t *alginfo, int private, *pkey = EVP_PKEY_new_raw_public_key(pkey_type, NULL, key, len); } if (*pkey == NULL) { - return dst__openssl_toresult(ret); + return dst__openssl_toresult(result); } *key_len = len; @@ -165,7 +159,7 @@ openssleddsa_adddata(dst_context_t *dctx, const isc_region_t *data) { static isc_result_t openssleddsa_sign(dst_context_t *dctx, isc_buffer_t *sig) { - isc_result_t ret; + isc_result_t result; dst_key_t *key = dctx->key; isc_region_t tbsreg; isc_region_t sigreg; @@ -184,35 +178,35 @@ openssleddsa_sign(dst_context_t *dctx, isc_buffer_t *sig) { siglen = alginfo->sig_size; isc_buffer_availableregion(sig, &sigreg); if (sigreg.length < (unsigned int)siglen) { - DST_RET(ISC_R_NOSPACE); + CLEANUP(ISC_R_NOSPACE); } isc_buffer_usedregion(buf, &tbsreg); if (EVP_DigestSignInit(ctx, NULL, NULL, NULL, pkey) != 1) { - DST_RET(dst__openssl_toresult3( + CLEANUP(dst__openssl_toresult3( dctx->category, "EVP_DigestSignInit", ISC_R_FAILURE)); } if (EVP_DigestSign(ctx, sigreg.base, &siglen, tbsreg.base, tbsreg.length) != 1) { - DST_RET(dst__openssl_toresult3(dctx->category, "EVP_DigestSign", + CLEANUP(dst__openssl_toresult3(dctx->category, "EVP_DigestSign", DST_R_SIGNFAILURE)); } isc_buffer_add(sig, (unsigned int)siglen); - ret = ISC_R_SUCCESS; + result = ISC_R_SUCCESS; -err: +cleanup: EVP_MD_CTX_free(ctx); isc_buffer_free(&buf); dctx->ctxdata.generic = NULL; - return ret; + return result; } static isc_result_t openssleddsa_verify(dst_context_t *dctx, const isc_region_t *sig) { - isc_result_t ret; + isc_result_t result; dst_key_t *key = dctx->key; int status; isc_region_t tbsreg; @@ -228,13 +222,13 @@ openssleddsa_verify(dst_context_t *dctx, const isc_region_t *sig) { } if (sig->length != alginfo->sig_size) { - DST_RET(DST_R_VERIFYFAILURE); + CLEANUP(DST_R_VERIFYFAILURE); } isc_buffer_usedregion(buf, &tbsreg); if (EVP_DigestVerifyInit(ctx, NULL, NULL, NULL, pkey) != 1) { - DST_RET(dst__openssl_toresult3( + CLEANUP(dst__openssl_toresult3( dctx->category, "EVP_DigestVerifyInit", ISC_R_FAILURE)); } @@ -243,28 +237,29 @@ openssleddsa_verify(dst_context_t *dctx, const isc_region_t *sig) { switch (status) { case 1: - ret = ISC_R_SUCCESS; + result = ISC_R_SUCCESS; break; case 0: - ret = dst__openssl_toresult(DST_R_VERIFYFAILURE); + result = dst__openssl_toresult(DST_R_VERIFYFAILURE); break; default: - ret = dst__openssl_toresult3(dctx->category, "EVP_DigestVerify", - DST_R_VERIFYFAILURE); + result = dst__openssl_toresult3(dctx->category, + "EVP_DigestVerify", + DST_R_VERIFYFAILURE); break; } -err: +cleanup: EVP_MD_CTX_free(ctx); isc_buffer_free(&buf); dctx->ctxdata.generic = NULL; - return ret; + return result; } static isc_result_t openssleddsa_generate(dst_key_t *key, int unused, void (*callback)(int)) { - isc_result_t ret; + isc_result_t result; EVP_PKEY *pkey = NULL; EVP_PKEY_CTX *ctx = NULL; const eddsa_alginfo_t *alginfo = openssleddsa_alg_info(key->key_alg); @@ -282,24 +277,24 @@ openssleddsa_generate(dst_key_t *key, int unused, void (*callback)(int)) { status = EVP_PKEY_keygen_init(ctx); if (status != 1) { - DST_RET(dst__openssl_toresult2("EVP_PKEY_keygen_init", + CLEANUP(dst__openssl_toresult2("EVP_PKEY_keygen_init", DST_R_OPENSSLFAILURE)); } status = EVP_PKEY_keygen(ctx, &pkey); if (status != 1) { - DST_RET(dst__openssl_toresult2("EVP_PKEY_keygen", + CLEANUP(dst__openssl_toresult2("EVP_PKEY_keygen", DST_R_OPENSSLFAILURE)); } key->key_size = alginfo->key_size * 8; key->keydata.pkeypair.priv = pkey; key->keydata.pkeypair.pub = pkey; - ret = ISC_R_SUCCESS; + result = ISC_R_SUCCESS; -err: +cleanup: EVP_PKEY_CTX_free(ctx); - return ret; + return result; } static isc_result_t @@ -329,7 +324,6 @@ openssleddsa_todns(const dst_key_t *key, isc_buffer_t *data) { static isc_result_t openssleddsa_fromdns(dst_key_t *key, isc_buffer_t *data) { const eddsa_alginfo_t *alginfo = openssleddsa_alg_info(key->key_alg); - isc_result_t ret; isc_region_t r; size_t len; EVP_PKEY *pkey = NULL; @@ -342,10 +336,7 @@ openssleddsa_fromdns(dst_key_t *key, isc_buffer_t *data) { } len = r.length; - ret = raw_key_to_ossl(alginfo, 0, r.base, &len, &pkey); - if (ret != ISC_R_SUCCESS) { - return ret; - } + RETERR(raw_key_to_ossl(alginfo, 0, r.base, &len, &pkey)); isc_buffer_forward(data, len); key->keydata.pkeypair.pub = pkey; @@ -356,7 +347,7 @@ openssleddsa_fromdns(dst_key_t *key, isc_buffer_t *data) { static isc_result_t openssleddsa_tofile(const dst_key_t *key, const char *directory) { const eddsa_alginfo_t *alginfo = openssleddsa_alg_info(key->key_alg); - isc_result_t ret; + isc_result_t result; dst_private_t priv; unsigned char *buf = NULL; size_t len; @@ -381,7 +372,7 @@ openssleddsa_tofile(const dst_key_t *key, const char *directory) { if (EVP_PKEY_get_raw_private_key(key->keydata.pkeypair.priv, buf, &len) != 1) { - DST_RET(dst__openssl_toresult(ISC_R_FAILURE)); + CLEANUP(dst__openssl_toresult(ISC_R_FAILURE)); } priv.elements[i].tag = TAG_EDDSA_PRIVATEKEY; priv.elements[i].length = len; @@ -397,20 +388,20 @@ openssleddsa_tofile(const dst_key_t *key, const char *directory) { } priv.nelements = i; - ret = dst__privstruct_writefile(key, &priv, directory); + result = dst__privstruct_writefile(key, &priv, directory); -err: +cleanup: if (buf != NULL) { isc_mem_put(key->mctx, buf, len); } - return ret; + return result; } static isc_result_t openssleddsa_parse(dst_key_t *key, isc_lex_t *lexer, dst_key_t *pub) { const eddsa_alginfo_t *alginfo = openssleddsa_alg_info(key->key_alg); dst_private_t priv; - isc_result_t ret; + isc_result_t result; int i, privkey_index = -1; const char *label = NULL; EVP_PKEY *pkey = NULL; @@ -420,23 +411,20 @@ openssleddsa_parse(dst_key_t *key, isc_lex_t *lexer, dst_key_t *pub) { REQUIRE(alginfo != NULL); /* read private key file */ - ret = dst__privstruct_parse(key, DST_ALG_ED25519, lexer, mctx, &priv); - if (ret != ISC_R_SUCCESS) { - goto err; - } + CHECK(dst__privstruct_parse(key, DST_ALG_ED25519, lexer, mctx, &priv)); if (key->external) { if (priv.nelements != 0) { - DST_RET(DST_R_INVALIDPRIVATEKEY); + CLEANUP(DST_R_INVALIDPRIVATEKEY); } if (pub == NULL) { - DST_RET(DST_R_INVALIDPRIVATEKEY); + CLEANUP(DST_R_INVALIDPRIVATEKEY); } key->keydata.pkeypair.priv = pub->keydata.pkeypair.priv; key->keydata.pkeypair.pub = pub->keydata.pkeypair.pub; pub->keydata.pkeypair.priv = NULL; pub->keydata.pkeypair.pub = NULL; - DST_RET(ISC_R_SUCCESS); + CLEANUP(ISC_R_SUCCESS); } for (i = 0; i < priv.nelements; i++) { @@ -456,61 +444,52 @@ openssleddsa_parse(dst_key_t *key, isc_lex_t *lexer, dst_key_t *pub) { } if (label != NULL) { - ret = openssleddsa_fromlabel(key, label, NULL); - if (ret != ISC_R_SUCCESS) { - goto err; - } + CHECK(openssleddsa_fromlabel(key, label, NULL)); /* Check that the public component matches if given */ if (pub != NULL && EVP_PKEY_eq(key->keydata.pkeypair.pub, pub->keydata.pkeypair.pub) != 1) { - DST_RET(DST_R_INVALIDPRIVATEKEY); + CLEANUP(DST_R_INVALIDPRIVATEKEY); } - DST_RET(ISC_R_SUCCESS); + CLEANUP(ISC_R_SUCCESS); } if (privkey_index < 0) { - DST_RET(DST_R_INVALIDPRIVATEKEY); + CLEANUP(DST_R_INVALIDPRIVATEKEY); } len = priv.elements[privkey_index].length; - ret = raw_key_to_ossl(alginfo, 1, priv.elements[privkey_index].data, - &len, &pkey); - if (ret != ISC_R_SUCCESS) { - goto err; - } + CHECK(raw_key_to_ossl(alginfo, 1, priv.elements[privkey_index].data, + &len, &pkey)); /* Check that the public component matches if given */ if (pub != NULL && EVP_PKEY_eq(pkey, pub->keydata.pkeypair.pub) != 1) { - DST_RET(DST_R_INVALIDPRIVATEKEY); + CLEANUP(DST_R_INVALIDPRIVATEKEY); } key->keydata.pkeypair.priv = pkey; key->keydata.pkeypair.pub = pkey; key->key_size = len * 8; pkey = NULL; - ret = ISC_R_SUCCESS; + result = ISC_R_SUCCESS; -err: +cleanup: EVP_PKEY_free(pkey); dst__privstruct_free(&priv, mctx); isc_safe_memwipe(&priv, sizeof(priv)); - return ret; + return result; } static isc_result_t openssleddsa_fromlabel(dst_key_t *key, const char *label, const char *pin) { const eddsa_alginfo_t *alginfo = openssleddsa_alg_info(key->key_alg); EVP_PKEY *privpkey = NULL, *pubpkey = NULL; - isc_result_t ret; + isc_result_t result; REQUIRE(alginfo != NULL); UNUSED(pin); - ret = dst__openssl_fromlabel(alginfo->pkey_type, label, pin, &pubpkey, - &privpkey); - if (ret != ISC_R_SUCCESS) { - goto err; - } + CHECK(dst__openssl_fromlabel(alginfo->pkey_type, label, pin, &pubpkey, + &privpkey)); key->label = isc_mem_strdup(key->mctx, label); key->key_size = EVP_PKEY_bits(privpkey); @@ -519,10 +498,10 @@ openssleddsa_fromlabel(dst_key_t *key, const char *label, const char *pin) { privpkey = NULL; pubpkey = NULL; -err: +cleanup: EVP_PKEY_free(privpkey); EVP_PKEY_free(pubpkey); - return ret; + return result; } static dst_func_t openssleddsa_functions = { @@ -578,11 +557,11 @@ check_algorithm(unsigned char algorithm) { const unsigned char *key = NULL; const unsigned char *sig = NULL; const unsigned char test[] = "test"; - isc_result_t ret = ISC_R_SUCCESS; + isc_result_t result = ISC_R_SUCCESS; size_t key_len, sig_len; if (evp_md_ctx == NULL) { - DST_RET(ISC_R_NOMEMORY); + CLEANUP(ISC_R_NOMEMORY); } switch (algorithm) { @@ -603,14 +582,11 @@ check_algorithm(unsigned char algorithm) { alginfo = openssleddsa_alg_info(algorithm); break; default: - DST_RET(ISC_R_NOTIMPLEMENTED); + CLEANUP(ISC_R_NOTIMPLEMENTED); } INSIST(alginfo != NULL); - ret = raw_key_to_ossl(alginfo, 0, key, &key_len, &pkey); - if (ret != ISC_R_SUCCESS) { - goto err; - } + CHECK(raw_key_to_ossl(alginfo, 0, key, &key_len, &pkey)); /* * Check that we can verify the signature. @@ -619,10 +595,10 @@ check_algorithm(unsigned char algorithm) { EVP_DigestVerify(evp_md_ctx, sig, sig_len, test, sizeof(test) - 1) != 1) { - DST_RET(ISC_R_NOTIMPLEMENTED); + CLEANUP(ISC_R_NOTIMPLEMENTED); } -err: +cleanup: if (pkey != NULL) { EVP_PKEY_free(pkey); } @@ -630,7 +606,7 @@ err: EVP_MD_CTX_destroy(evp_md_ctx); } ERR_clear_error(); - return ret; + return result; } void diff --git a/lib/dns/opensslrsa_link.c b/lib/dns/opensslrsa_link.c index e31ba6b15d..465e1f663d 100644 --- a/lib/dns/opensslrsa_link.c +++ b/lib/dns/opensslrsa_link.c @@ -37,12 +37,6 @@ #include "dst_parse.h" #include "openssl_shim.h" -#define DST_RET(a) \ - { \ - ret = a; \ - goto err; \ - } - #define OPENSSLRSA_MAX_MODULUS_BITS 4096 typedef struct rsa_components { @@ -428,46 +422,46 @@ opensslrsa_generate_pkey(unsigned int key_size, const char *label, BIGNUM *e, RSA *rsa = NULL; EVP_PKEY *pkey = NULL; BN_GENCB *cb = NULL; - isc_result_t ret; + isc_result_t result; UNUSED(label); rsa = RSA_new(); pkey = EVP_PKEY_new(); if (rsa == NULL || pkey == NULL) { - DST_RET(dst__openssl_toresult(DST_R_OPENSSLFAILURE)); + CLEANUP(dst__openssl_toresult(DST_R_OPENSSLFAILURE)); } if (EVP_PKEY_set1_RSA(pkey, rsa) != 1) { - DST_RET(dst__openssl_toresult(DST_R_OPENSSLFAILURE)); + CLEANUP(dst__openssl_toresult(DST_R_OPENSSLFAILURE)); } if (callback != NULL) { cb = BN_GENCB_new(); if (cb == NULL) { - DST_RET(dst__openssl_toresult(ISC_R_NOMEMORY)); + CLEANUP(dst__openssl_toresult(ISC_R_NOMEMORY)); } BN_GENCB_set(cb, progress_cb, (void *)callback); } if (RSA_generate_key_ex(rsa, key_size, e, cb) != 1) { - DST_RET(dst__openssl_toresult2("RSA_generate_key_ex", + CLEANUP(dst__openssl_toresult2("RSA_generate_key_ex", DST_R_OPENSSLFAILURE)); } *retkey = pkey; pkey = NULL; - ret = ISC_R_SUCCESS; + result = ISC_R_SUCCESS; -err: +cleanup: EVP_PKEY_free(pkey); RSA_free(rsa); BN_GENCB_free(cb); - return ret; + return result; } static isc_result_t opensslrsa_build_pkey(bool private, rsa_components_t *c, EVP_PKEY **retpkey) { - isc_result_t ret; + isc_result_t result; EVP_PKEY *pkey = NULL; RSA *rsa = RSA_new(); int status; @@ -476,20 +470,20 @@ opensslrsa_build_pkey(bool private, rsa_components_t *c, EVP_PKEY **retpkey) { if (c->n == NULL || c->e == NULL) { if (private) { - DST_RET(DST_R_INVALIDPRIVATEKEY); + CLEANUP(DST_R_INVALIDPRIVATEKEY); } - DST_RET(DST_R_INVALIDPUBLICKEY); + CLEANUP(DST_R_INVALIDPUBLICKEY); } if (rsa == NULL) { - DST_RET(dst__openssl_toresult2("RSA_new", + CLEANUP(dst__openssl_toresult2("RSA_new", DST_R_OPENSSLFAILURE)); } if (RSA_set0_key(rsa, (BIGNUM *)c->n, (BIGNUM *)c->e, (BIGNUM *)c->d) != 1) { - DST_RET(dst__openssl_toresult2("RSA_set0_key", + CLEANUP(dst__openssl_toresult2("RSA_set0_key", DST_R_OPENSSLFAILURE)); } c->n = NULL; @@ -499,7 +493,7 @@ opensslrsa_build_pkey(bool private, rsa_components_t *c, EVP_PKEY **retpkey) { if (c->p != NULL || c->q != NULL) { if (RSA_set0_factors(rsa, (BIGNUM *)c->p, (BIGNUM *)c->q) != 1) { - DST_RET(dst__openssl_toresult2("RSA_set0_factors", + CLEANUP(dst__openssl_toresult2("RSA_set0_factors", DST_R_OPENSSLFAILURE)); } c->p = NULL; @@ -511,7 +505,7 @@ opensslrsa_build_pkey(bool private, rsa_components_t *c, EVP_PKEY **retpkey) { (BIGNUM *)c->dmq1, (BIGNUM *)c->iqmp) == 0) { - DST_RET(dst__openssl_toresult2("RSA_set0_crt_params", + CLEANUP(dst__openssl_toresult2("RSA_set0_crt_params", DST_R_OPENSSLFAILURE)); } c->dmp1 = NULL; @@ -521,24 +515,24 @@ opensslrsa_build_pkey(bool private, rsa_components_t *c, EVP_PKEY **retpkey) { pkey = EVP_PKEY_new(); if (pkey == NULL) { - DST_RET(dst__openssl_toresult2("EVP_PKEY_new", + CLEANUP(dst__openssl_toresult2("EVP_PKEY_new", DST_R_OPENSSLFAILURE)); } status = EVP_PKEY_set1_RSA(pkey, rsa); if (status != 1) { - DST_RET(dst__openssl_toresult2("EVP_PKEY_set1_RSA", + CLEANUP(dst__openssl_toresult2("EVP_PKEY_set1_RSA", DST_R_OPENSSLFAILURE)); } *retpkey = pkey; pkey = NULL; - ret = ISC_R_SUCCESS; + result = ISC_R_SUCCESS; -err: +cleanup: EVP_PKEY_free(pkey); RSA_free(rsa); opensslrsa_components_free(c); - return ret; + return result; } #else static int @@ -559,7 +553,7 @@ opensslrsa_generate_pkey_with_uri(size_t key_size, const char *label, EVP_PKEY_CTX *ctx = NULL; OSSL_PARAM params[4]; char *uri = UNCONST(label); - isc_result_t ret; + isc_result_t result; int status; params[0] = OSSL_PARAM_construct_utf8_string("pkcs11_uri", uri, 0); @@ -570,39 +564,39 @@ opensslrsa_generate_pkey_with_uri(size_t key_size, const char *label, ctx = EVP_PKEY_CTX_new_from_name(NULL, "RSA", "provider=pkcs11"); if (ctx == NULL) { - DST_RET(dst__openssl_toresult2("EVP_PKEY_CTX_new_from_name", + CLEANUP(dst__openssl_toresult2("EVP_PKEY_CTX_new_from_name", DST_R_OPENSSLFAILURE)); } status = EVP_PKEY_keygen_init(ctx); if (status != 1) { - DST_RET(dst__openssl_toresult2("EVP_PKEY_keygen_init", + CLEANUP(dst__openssl_toresult2("EVP_PKEY_keygen_init", DST_R_OPENSSLFAILURE)); } status = EVP_PKEY_CTX_set_params(ctx, params); if (status != 1) { - DST_RET(dst__openssl_toresult2("EVP_PKEY_CTX_set_params", + CLEANUP(dst__openssl_toresult2("EVP_PKEY_CTX_set_params", DST_R_OPENSSLFAILURE)); } status = EVP_PKEY_generate(ctx, retkey); if (status != 1) { - DST_RET(dst__openssl_toresult2("EVP_PKEY_generate", + CLEANUP(dst__openssl_toresult2("EVP_PKEY_generate", DST_R_OPENSSLFAILURE)); } - ret = ISC_R_SUCCESS; -err: + result = ISC_R_SUCCESS; +cleanup: EVP_PKEY_CTX_free(ctx); - return ret; + return result; } static isc_result_t opensslrsa_generate_pkey(unsigned int key_size, const char *label, BIGNUM *e, void (*callback)(int), EVP_PKEY **retkey) { EVP_PKEY_CTX *ctx; - isc_result_t ret; + isc_result_t result; if (label != NULL) { return opensslrsa_generate_pkey_with_uri(key_size, label, @@ -611,19 +605,19 @@ opensslrsa_generate_pkey(unsigned int key_size, const char *label, BIGNUM *e, ctx = EVP_PKEY_CTX_new_from_name(NULL, "RSA", NULL); if (ctx == NULL) { - DST_RET(dst__openssl_toresult(DST_R_OPENSSLFAILURE)); + CLEANUP(dst__openssl_toresult(DST_R_OPENSSLFAILURE)); } if (EVP_PKEY_keygen_init(ctx) != 1) { - DST_RET(dst__openssl_toresult(DST_R_OPENSSLFAILURE)); + CLEANUP(dst__openssl_toresult(DST_R_OPENSSLFAILURE)); } if (EVP_PKEY_CTX_set_rsa_keygen_bits(ctx, (int)key_size) != 1) { - DST_RET(dst__openssl_toresult(DST_R_OPENSSLFAILURE)); + CLEANUP(dst__openssl_toresult(DST_R_OPENSSLFAILURE)); } if (EVP_PKEY_CTX_set1_rsa_keygen_pubexp(ctx, e) != 1) { - DST_RET(dst__openssl_toresult(DST_R_OPENSSLFAILURE)); + CLEANUP(dst__openssl_toresult(DST_R_OPENSSLFAILURE)); } if (callback != NULL) { @@ -632,18 +626,18 @@ opensslrsa_generate_pkey(unsigned int key_size, const char *label, BIGNUM *e, } if (EVP_PKEY_keygen(ctx, retkey) != 1) { - DST_RET(dst__openssl_toresult2("EVP_PKEY_keygen", + CLEANUP(dst__openssl_toresult2("EVP_PKEY_keygen", DST_R_OPENSSLFAILURE)); } - ret = ISC_R_SUCCESS; -err: + result = ISC_R_SUCCESS; +cleanup: EVP_PKEY_CTX_free(ctx); - return ret; + return result; } static isc_result_t opensslrsa_build_pkey(bool private, rsa_components_t *c, EVP_PKEY **retpkey) { - isc_result_t ret; + isc_result_t result; int status; OSSL_PARAM_BLD *bld = NULL; OSSL_PARAM *params = NULL; @@ -651,69 +645,69 @@ opensslrsa_build_pkey(bool private, rsa_components_t *c, EVP_PKEY **retpkey) { bld = OSSL_PARAM_BLD_new(); if (bld == NULL) { - DST_RET(dst__openssl_toresult2("OSSL_PARAM_BLD_new", + CLEANUP(dst__openssl_toresult2("OSSL_PARAM_BLD_new", DST_R_OPENSSLFAILURE)); } if (OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_RSA_N, c->n) != 1 || OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_RSA_E, c->e) != 1) { - DST_RET(dst__openssl_toresult2("OSSL_PARAM_BLD_push_BN", + CLEANUP(dst__openssl_toresult2("OSSL_PARAM_BLD_push_BN", DST_R_OPENSSLFAILURE)); } if (c->d != NULL && OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_RSA_D, c->d) != 1) { - DST_RET(dst__openssl_toresult2("OSSL_PARAM_BLD_push_BN", + CLEANUP(dst__openssl_toresult2("OSSL_PARAM_BLD_push_BN", DST_R_OPENSSLFAILURE)); } if (c->p != NULL && OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_RSA_FACTOR1, c->p) != 1) { - DST_RET(dst__openssl_toresult2("OSSL_PARAM_BLD_push_BN", + CLEANUP(dst__openssl_toresult2("OSSL_PARAM_BLD_push_BN", DST_R_OPENSSLFAILURE)); } if (c->q != NULL && OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_RSA_FACTOR2, c->q) != 1) { - DST_RET(dst__openssl_toresult2("OSSL_PARAM_BLD_push_BN", + CLEANUP(dst__openssl_toresult2("OSSL_PARAM_BLD_push_BN", DST_R_OPENSSLFAILURE)); } if (c->dmp1 != NULL && OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_RSA_EXPONENT1, c->dmp1) != 1) { - DST_RET(dst__openssl_toresult2("OSSL_PARAM_BLD_push_BN", + CLEANUP(dst__openssl_toresult2("OSSL_PARAM_BLD_push_BN", DST_R_OPENSSLFAILURE)); } if (c->dmq1 != NULL && OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_RSA_EXPONENT2, c->dmq1) != 1) { - DST_RET(dst__openssl_toresult2("OSSL_PARAM_BLD_push_BN", + CLEANUP(dst__openssl_toresult2("OSSL_PARAM_BLD_push_BN", DST_R_OPENSSLFAILURE)); } if (c->iqmp != NULL && OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_RSA_COEFFICIENT1, c->iqmp) != 1) { - DST_RET(dst__openssl_toresult2("OSSL_PARAM_BLD_push_BN", + CLEANUP(dst__openssl_toresult2("OSSL_PARAM_BLD_push_BN", DST_R_OPENSSLFAILURE)); } params = OSSL_PARAM_BLD_to_param(bld); if (params == NULL) { - DST_RET(dst__openssl_toresult2("OSSL_PARAM_BLD_to_param", + CLEANUP(dst__openssl_toresult2("OSSL_PARAM_BLD_to_param", DST_R_OPENSSLFAILURE)); } ctx = EVP_PKEY_CTX_new_from_name(NULL, "RSA", NULL); if (ctx == NULL) { - DST_RET(dst__openssl_toresult2("EVP_PKEY_CTX_new_from_name", + CLEANUP(dst__openssl_toresult2("EVP_PKEY_CTX_new_from_name", DST_R_OPENSSLFAILURE)); } status = EVP_PKEY_fromdata_init(ctx); if (status != 1) { - DST_RET(dst__openssl_toresult2("EVP_PKEY_fromdata_init", + CLEANUP(dst__openssl_toresult2("EVP_PKEY_fromdata_init", DST_R_OPENSSLFAILURE)); } @@ -721,29 +715,29 @@ opensslrsa_build_pkey(bool private, rsa_components_t *c, EVP_PKEY **retpkey) { ctx, retpkey, private ? EVP_PKEY_KEYPAIR : EVP_PKEY_PUBLIC_KEY, params); if (status != 1) { - DST_RET(dst__openssl_toresult2("EVP_PKEY_fromdata", + CLEANUP(dst__openssl_toresult2("EVP_PKEY_fromdata", DST_R_OPENSSLFAILURE)); } - ret = ISC_R_SUCCESS; + result = ISC_R_SUCCESS; -err: +cleanup: EVP_PKEY_CTX_free(ctx); OSSL_PARAM_free(params); OSSL_PARAM_BLD_free(bld); - return ret; + return result; } #endif /* OPENSSL_VERSION_NUMBER < 0x30000000L */ static isc_result_t opensslrsa_generate(dst_key_t *key, int unused, void (*callback)(int)) { - isc_result_t ret; + isc_result_t result; BIGNUM *e = BN_new(); EVP_PKEY *pkey = NULL; UNUSED(unused); if (e == NULL) { - DST_RET(dst__openssl_toresult(DST_R_OPENSSLFAILURE)); + CLEANUP(dst__openssl_toresult(DST_R_OPENSSLFAILURE)); } /* @@ -754,21 +748,21 @@ opensslrsa_generate(dst_key_t *key, int unused, void (*callback)(int)) { case DST_ALG_NSEC3RSASHA1: /* From RFC 3110 */ if (key->key_size > 4096) { - DST_RET(DST_R_INVALIDPARAM); + CLEANUP(DST_R_INVALIDPARAM); } break; case DST_ALG_RSASHA256: case DST_ALG_RSASHA256PRIVATEOID: /* From RFC 5702 */ if (key->key_size < 512 || key->key_size > 4096) { - DST_RET(DST_R_INVALIDPARAM); + CLEANUP(DST_R_INVALIDPARAM); } break; case DST_ALG_RSASHA512: case DST_ALG_RSASHA512PRIVATEOID: /* From RFC 5702 */ if (key->key_size < 1024 || key->key_size > 4096) { - DST_RET(DST_R_INVALIDPARAM); + CLEANUP(DST_R_INVALIDPARAM); } break; default: @@ -779,21 +773,18 @@ opensslrsa_generate(dst_key_t *key, int unused, void (*callback)(int)) { BN_set_bit(e, 0); BN_set_bit(e, 16); - ret = opensslrsa_generate_pkey(key->key_size, key->label, e, callback, - &pkey); - if (ret != ISC_R_SUCCESS) { - goto err; - } + CHECK(opensslrsa_generate_pkey(key->key_size, key->label, e, callback, + &pkey)); key->keydata.pkeypair.pub = pkey; key->keydata.pkeypair.priv = pkey; pkey = NULL; - ret = ISC_R_SUCCESS; + result = ISC_R_SUCCESS; -err: +cleanup: EVP_PKEY_free(pkey); BN_free(e); - return ret; + return result; } static isc_result_t @@ -801,7 +792,7 @@ opensslrsa_todns(const dst_key_t *key, isc_buffer_t *data) { isc_region_t r; unsigned int e_bytes; unsigned int mod_bytes; - isc_result_t ret; + isc_result_t result; rsa_components_t c = { 0 }; REQUIRE(key->keydata.pkeypair.pub != NULL); @@ -814,37 +805,34 @@ opensslrsa_todns(const dst_key_t *key, isc_buffer_t *data) { switch (key->key_alg) { case DST_ALG_RSASHA256PRIVATEOID: if (r.length < sizeof(oid_rsasha256)) { - DST_RET(ISC_R_NOSPACE); + CLEANUP(ISC_R_NOSPACE); } isc_buffer_putmem(data, oid_rsasha256, sizeof(oid_rsasha256)); isc_region_consume(&r, sizeof(oid_rsasha256)); break; case DST_ALG_RSASHA512PRIVATEOID: if (r.length < sizeof(oid_rsasha512)) { - DST_RET(ISC_R_NOSPACE); + CLEANUP(ISC_R_NOSPACE); } isc_buffer_putmem(data, oid_rsasha512, sizeof(oid_rsasha512)); isc_region_consume(&r, sizeof(oid_rsasha512)); break; } - ret = opensslrsa_components_get(key, &c, false); - if (ret != ISC_R_SUCCESS) { - goto err; - } + CHECK(opensslrsa_components_get(key, &c, false)); mod_bytes = BN_num_bytes(c.n); e_bytes = BN_num_bytes(c.e); if (e_bytes < 256) { /*%< key exponent is <= 2040 bits */ if (r.length < 1) { - DST_RET(ISC_R_NOSPACE); + CLEANUP(ISC_R_NOSPACE); } isc_buffer_putuint8(data, (uint8_t)e_bytes); isc_region_consume(&r, 1); } else { if (r.length < 3) { - DST_RET(ISC_R_NOSPACE); + CLEANUP(ISC_R_NOSPACE); } isc_buffer_putuint8(data, 0); isc_buffer_putuint16(data, (uint16_t)e_bytes); @@ -852,7 +840,7 @@ opensslrsa_todns(const dst_key_t *key, isc_buffer_t *data) { } if (r.length < e_bytes + mod_bytes) { - DST_RET(ISC_R_NOSPACE); + CLEANUP(ISC_R_NOSPACE); } BN_bn2bin(c.e, r.base); @@ -862,15 +850,15 @@ opensslrsa_todns(const dst_key_t *key, isc_buffer_t *data) { isc_buffer_add(data, e_bytes + mod_bytes); - ret = ISC_R_SUCCESS; -err: + result = ISC_R_SUCCESS; +cleanup: opensslrsa_components_free(&c); - return ret; + return result; } static isc_result_t opensslrsa_fromdns(dst_key_t *key, isc_buffer_t *data) { - isc_result_t ret; + isc_result_t result; isc_region_t r; unsigned int e_bytes; unsigned int length; @@ -880,7 +868,7 @@ opensslrsa_fromdns(dst_key_t *key, isc_buffer_t *data) { isc_buffer_remainingregion(data, &r); if (r.length == 0) { - DST_RET(ISC_R_SUCCESS); + CLEANUP(ISC_R_SUCCESS); } /* @@ -891,7 +879,7 @@ opensslrsa_fromdns(dst_key_t *key, isc_buffer_t *data) { if (r.length < sizeof(oid_rsasha256) || memcmp(r.base, oid_rsasha256, sizeof(oid_rsasha256)) != 0) { - DST_RET(DST_R_INVALIDPUBLICKEY); + CLEANUP(DST_R_INVALIDPUBLICKEY); } isc_region_consume(&r, sizeof(oid_rsasha256)); isc_buffer_forward(data, sizeof(oid_rsasha256)); @@ -900,7 +888,7 @@ opensslrsa_fromdns(dst_key_t *key, isc_buffer_t *data) { if (r.length < sizeof(oid_rsasha512) || memcmp(r.base, oid_rsasha512, sizeof(oid_rsasha512)) != 0) { - DST_RET(DST_R_INVALIDPUBLICKEY); + CLEANUP(DST_R_INVALIDPUBLICKEY); } isc_region_consume(&r, sizeof(oid_rsasha512)); isc_buffer_forward(data, sizeof(oid_rsasha512)); @@ -909,7 +897,7 @@ opensslrsa_fromdns(dst_key_t *key, isc_buffer_t *data) { length = r.length; if (r.length < 1) { - DST_RET(DST_R_INVALIDPUBLICKEY); + CLEANUP(DST_R_INVALIDPUBLICKEY); } e_bytes = *r.base; @@ -917,7 +905,7 @@ opensslrsa_fromdns(dst_key_t *key, isc_buffer_t *data) { if (e_bytes == 0) { if (r.length < 2) { - DST_RET(DST_R_INVALIDPUBLICKEY); + CLEANUP(DST_R_INVALIDPUBLICKEY); } e_bytes = (*r.base) << 8; isc_region_consume(&r, 1); @@ -926,27 +914,27 @@ opensslrsa_fromdns(dst_key_t *key, isc_buffer_t *data) { } if (r.length < e_bytes) { - DST_RET(DST_R_INVALIDPUBLICKEY); + CLEANUP(DST_R_INVALIDPUBLICKEY); } c.e = BN_bin2bn(r.base, e_bytes, NULL); isc_region_consume(&r, e_bytes); c.n = BN_bin2bn(r.base, r.length, NULL); if (c.e == NULL || c.n == NULL) { - DST_RET(ISC_R_NOMEMORY); + CLEANUP(ISC_R_NOMEMORY); } isc_buffer_forward(data, length); key->key_size = BN_num_bits(c.n); - ret = opensslrsa_build_pkey(false, &c, &key->keydata.pkeypair.pub); + result = opensslrsa_build_pkey(false, &c, &key->keydata.pkeypair.pub); -err: +cleanup: opensslrsa_components_free(&c); - return ret; + return result; } static isc_result_t opensslrsa_tofile(const dst_key_t *key, const char *directory) { - isc_result_t ret; + isc_result_t result; dst_private_t priv = { 0 }; unsigned char *bufs[8] = { NULL }; unsigned short i = 0; @@ -956,10 +944,7 @@ opensslrsa_tofile(const dst_key_t *key, const char *directory) { return dst__privstruct_writefile(key, &priv, directory); } - ret = opensslrsa_components_get(key, &c, true); - if (ret != ISC_R_SUCCESS) { - goto err; - } + CHECK(opensslrsa_components_get(key, &c, true)); priv.elements[i].tag = TAG_RSA_MODULUS; priv.elements[i].length = BN_num_bytes(c.n); @@ -1044,9 +1029,9 @@ opensslrsa_tofile(const dst_key_t *key, const char *directory) { } priv.nelements = i; - ret = dst__privstruct_writefile(key, &priv, directory); + result = dst__privstruct_writefile(key, &priv, directory); -err: +cleanup: for (i = 0; i < ARRAY_SIZE(bufs); i++) { if (bufs[i] != NULL) { isc_mem_put(key->mctx, bufs[i], @@ -1055,7 +1040,7 @@ err: } opensslrsa_components_free(&c); - return ret; + return result; } static isc_result_t @@ -1064,7 +1049,7 @@ opensslrsa_fromlabel(dst_key_t *key, const char *label, const char *pin); static isc_result_t opensslrsa_parse(dst_key_t *key, isc_lex_t *lexer, dst_key_t *pub) { dst_private_t priv; - isc_result_t ret; + isc_result_t result; int i; isc_mem_t *mctx = NULL; const char *label = NULL; @@ -1077,21 +1062,18 @@ opensslrsa_parse(dst_key_t *key, isc_lex_t *lexer, dst_key_t *pub) { mctx = key->mctx; /* read private key file */ - ret = dst__privstruct_parse(key, DST_ALG_RSA, lexer, mctx, &priv); - if (ret != ISC_R_SUCCESS) { - goto err; - } + CHECK(dst__privstruct_parse(key, DST_ALG_RSA, lexer, mctx, &priv)); if (key->external) { if (priv.nelements != 0 || pub == NULL) { - DST_RET(DST_R_INVALIDPRIVATEKEY); + CLEANUP(DST_R_INVALIDPRIVATEKEY); } key->keydata.pkeypair.pub = pub->keydata.pkeypair.pub; key->keydata.pkeypair.priv = pub->keydata.pkeypair.priv; pub->keydata.pkeypair.pub = NULL; pub->keydata.pkeypair.priv = NULL; key->key_size = pub->key_size; - DST_RET(ISC_R_SUCCESS); + CLEANUP(ISC_R_SUCCESS); } for (i = 0; i < priv.nelements; i++) { @@ -1112,17 +1094,14 @@ opensslrsa_parse(dst_key_t *key, isc_lex_t *lexer, dst_key_t *pub) { * See if we can fetch it. */ if (label != NULL) { - ret = opensslrsa_fromlabel(key, label, NULL); - if (ret != ISC_R_SUCCESS) { - DST_RET(ret); - } + CHECK(opensslrsa_fromlabel(key, label, NULL)); /* Check that the public component matches if given */ if (pub != NULL && EVP_PKEY_eq(key->keydata.pkeypair.pub, pub->keydata.pkeypair.pub) != 1) { - DST_RET(DST_R_INVALIDPRIVATEKEY); + CLEANUP(DST_R_INVALIDPRIVATEKEY); } - DST_RET(ISC_R_SUCCESS); + CLEANUP(ISC_R_SUCCESS); } for (i = 0; i < priv.nelements; i++) { @@ -1136,7 +1115,7 @@ opensslrsa_parse(dst_key_t *key, isc_lex_t *lexer, dst_key_t *pub) { bn = BN_bin2bn(priv.elements[i].data, priv.elements[i].length, NULL); if (bn == NULL) { - DST_RET(ISC_R_NOMEMORY); + CLEANUP(ISC_R_NOMEMORY); } switch (priv.elements[i].tag) { case TAG_RSA_MODULUS: @@ -1171,53 +1150,47 @@ opensslrsa_parse(dst_key_t *key, isc_lex_t *lexer, dst_key_t *pub) { /* Basic sanity check for public key portion */ if (c.n == NULL || c.e == NULL) { - DST_RET(DST_R_INVALIDPRIVATEKEY); + CLEANUP(DST_R_INVALIDPRIVATEKEY); } if (BN_num_bits(c.e) > RSA_MAX_PUBEXP_BITS) { - DST_RET(ISC_R_RANGE); + CLEANUP(ISC_R_RANGE); } key->key_size = BN_num_bits(c.n); - ret = opensslrsa_build_pkey(true, &c, &pkey); - if (ret != ISC_R_SUCCESS) { - goto err; - } + CHECK(opensslrsa_build_pkey(true, &c, &pkey)); /* Check that the public component matches if given */ if (pub != NULL && EVP_PKEY_eq(pkey, pub->keydata.pkeypair.pub) != 1) { - DST_RET(DST_R_INVALIDPRIVATEKEY); + CLEANUP(DST_R_INVALIDPRIVATEKEY); } key->keydata.pkeypair.pub = pkey; key->keydata.pkeypair.priv = pkey; pkey = NULL; -err: +cleanup: opensslrsa_components_free(&c); EVP_PKEY_free(pkey); - if (ret != ISC_R_SUCCESS) { + if (result != ISC_R_SUCCESS) { key->keydata.generic = NULL; } dst__privstruct_free(&priv, mctx); isc_safe_memwipe(&priv, sizeof(priv)); - return ret; + return result; } static isc_result_t opensslrsa_fromlabel(dst_key_t *key, const char *label, const char *pin) { EVP_PKEY *privpkey = NULL, *pubpkey = NULL; - isc_result_t ret; + isc_result_t result; - ret = dst__openssl_fromlabel(EVP_PKEY_RSA, label, pin, &pubpkey, - &privpkey); - if (ret != ISC_R_SUCCESS) { - goto err; - } + CHECK(dst__openssl_fromlabel(EVP_PKEY_RSA, label, pin, &pubpkey, + &privpkey)); if (!opensslrsa_check_exponent_bits(pubpkey, RSA_MAX_PUBEXP_BITS)) { - DST_RET(ISC_R_RANGE); + CLEANUP(ISC_R_RANGE); } key->label = isc_mem_strdup(key->mctx, label); @@ -1227,10 +1200,10 @@ opensslrsa_fromlabel(dst_key_t *key, const char *label, const char *pin) { privpkey = NULL; pubpkey = NULL; -err: +cleanup: EVP_PKEY_free(privpkey); EVP_PKEY_free(pubpkey); - return ret; + return result; } static dst_func_t opensslrsa_functions = { @@ -1333,7 +1306,7 @@ check_algorithm(unsigned short algorithm) { EVP_PKEY *pkey = NULL; const EVP_MD *type = NULL; const unsigned char *sig = NULL; - isc_result_t ret = ISC_R_SUCCESS; + isc_result_t result = ISC_R_SUCCESS; size_t len; switch (algorithm) { @@ -1356,7 +1329,7 @@ check_algorithm(unsigned short algorithm) { len = sizeof(sha512_sig) - 1; break; default: - DST_RET(ISC_R_NOTIMPLEMENTED); + CLEANUP(ISC_R_NOTIMPLEMENTED); } /* @@ -1365,8 +1338,8 @@ check_algorithm(unsigned short algorithm) { c.e = BN_bin2bn(e_bytes, sizeof(e_bytes) - 1, NULL); c.n = BN_bin2bn(n_bytes, sizeof(n_bytes) - 1, NULL); - ret = opensslrsa_build_pkey(false, &c, &pkey); - INSIST(ret == ISC_R_SUCCESS); + result = opensslrsa_build_pkey(false, &c, &pkey); + INSIST(result == ISC_R_SUCCESS); /* * Check that we can verify the signature. @@ -1375,15 +1348,15 @@ check_algorithm(unsigned short algorithm) { EVP_DigestUpdate(evp_md_ctx, "test", 4) != 1 || EVP_VerifyFinal(evp_md_ctx, sig, len, pkey) != 1) { - DST_RET(ISC_R_NOTIMPLEMENTED); + CLEANUP(ISC_R_NOTIMPLEMENTED); } -err: +cleanup: opensslrsa_components_free(&c); EVP_PKEY_free(pkey); EVP_MD_CTX_destroy(evp_md_ctx); ERR_clear_error(); - return ret; + return result; } void diff --git a/lib/dns/peer.c b/lib/dns/peer.c index 194f55b004..c5771703ec 100644 --- a/lib/dns/peer.c +++ b/lib/dns/peer.c @@ -485,11 +485,8 @@ dns_peer_setkeybycharp(dns_peer_t *peer, const char *keyval) { dns_fixedname_init(&fname); isc_buffer_constinit(&b, keyval, strlen(keyval)); isc_buffer_add(&b, strlen(keyval)); - result = dns_name_fromtext(dns_fixedname_name(&fname), &b, dns_rootname, - 0); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(dns_name_fromtext(dns_fixedname_name(&fname), &b, dns_rootname, + 0)); name = isc_mem_get(peer->mem, sizeof(dns_name_t)); diff --git a/lib/dns/private.c b/lib/dns/private.c index 41b854f3d8..8982b7a73f 100644 --- a/lib/dns/private.c +++ b/lib/dns/private.c @@ -43,13 +43,6 @@ #define INITIAL(x) (((x) & DNS_NSEC3FLAG_INITIAL) != 0) #define NONSEC(x) (((x) & DNS_NSEC3FLAG_NONSEC) != 0) -#define CHECK(x) \ - do { \ - result = (x); \ - if (result != ISC_R_SUCCESS) \ - goto failure; \ - } while (0) - /* * Work out if 'param' should be ignored or not (i.e. it is in the process * of being removed). @@ -121,14 +114,14 @@ dns_private_chains(dns_db_t *db, dns_dbversion_t *ver, result = dns_db_findrdataset(db, node, ver, dns_rdatatype_nsec, 0, (isc_stdtime_t)0, &nsecset, NULL); - if (result != ISC_R_SUCCESS && result != ISC_R_NOTFOUND) { - goto failure; + if (result != ISC_R_NOTFOUND) { + CHECK(result); } result = dns_db_findrdataset(db, node, ver, dns_rdatatype_nsec3param, 0, (isc_stdtime_t)0, &nsec3paramset, NULL); - if (result != ISC_R_SUCCESS && result != ISC_R_NOTFOUND) { - goto failure; + if (result != ISC_R_NOTFOUND) { + CHECK(result); } if (dns_rdataset_isassociated(&nsecset) && @@ -143,8 +136,8 @@ dns_private_chains(dns_db_t *db, dns_dbversion_t *ver, result = dns_db_findrdataset(db, node, ver, privatetype, 0, (isc_stdtime_t)0, &privateset, NULL); - if (result != ISC_R_SUCCESS && result != ISC_R_NOTFOUND) { - goto failure; + if (result != ISC_R_NOTFOUND) { + CHECK(result); } } @@ -278,7 +271,7 @@ dns_private_chains(dns_db_t *db, dns_dbversion_t *ver, success: result = ISC_R_SUCCESS; -failure: +cleanup: if (dns_rdataset_isassociated(&nsecset)) { dns_rdataset_disassociate(&nsecset); } @@ -313,7 +306,7 @@ dns_private_totext(dns_rdata_t *private, isc_buffer_t *buf) { if (!dns_nsec3param_fromprivate(private, &rdata, nsec3buf, sizeof(nsec3buf))) { - CHECK(ISC_R_FAILURE); + CLEANUP(ISC_R_FAILURE); } CHECK(dns_rdata_tostruct(&rdata, &nsec3param, NULL)); @@ -400,6 +393,6 @@ dns_private_totext(dns_rdata_t *private, isc_buffer_t *buf) { isc_buffer_putuint8(buf, 0); result = ISC_R_SUCCESS; -failure: +cleanup: return result; } diff --git a/lib/dns/qpcache.c b/lib/dns/qpcache.c index 7f2ab9640a..725d51fe9c 100644 --- a/lib/dns/qpcache.c +++ b/lib/dns/qpcache.c @@ -66,13 +66,6 @@ #define DNS_QPCACHE_LOG_STATS_LEVEL 3 #endif -#define CHECK(op) \ - do { \ - result = (op); \ - if (result != ISC_R_SUCCESS) \ - goto failure; \ - } while (0) - #define STALE_TTL(header, qpdb) \ (NXDOMAIN(header) ? 0 : qpdb->common.serve_stale_ttl) @@ -1515,11 +1508,8 @@ find_coveringnsec(qpc_search_t *search, const dns_name_t *name, * Lookup the predecessor in the normal namespace. */ node = NULL; - result = dns_qp_getname(search->qpdb->tree, predecessor, - DNS_DBNAMESPACE_NORMAL, (void **)&node, NULL); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(dns_qp_getname(search->qpdb->tree, predecessor, + DNS_DBNAMESPACE_NORMAL, (void **)&node, NULL)); dns_name_copy(&node->name, fname); nlock = &search->qpdb->buckets[node->locknum].lock; @@ -2988,15 +2978,9 @@ addnoqname(isc_mem_t *mctx, dns_slabheader_t *newheader, uint32_t maxrrperset, result = dns_rdataset_getnoqname(rdataset, &name, &neg, &negsig); RUNTIME_CHECK(result == ISC_R_SUCCESS); - result = dns_rdataslab_fromrdataset(&neg, mctx, &r1, maxrrperset); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(dns_rdataslab_fromrdataset(&neg, mctx, &r1, maxrrperset)); - result = dns_rdataslab_fromrdataset(&negsig, mctx, &r2, maxrrperset); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(dns_rdataslab_fromrdataset(&negsig, mctx, &r2, maxrrperset)); noqname = isc_mem_get(mctx, sizeof(*noqname)); *noqname = (dns_slabheader_proof_t){ @@ -3027,15 +3011,9 @@ addclosest(isc_mem_t *mctx, dns_slabheader_t *newheader, uint32_t maxrrperset, result = dns_rdataset_getclosest(rdataset, &name, &neg, &negsig); RUNTIME_CHECK(result == ISC_R_SUCCESS); - result = dns_rdataslab_fromrdataset(&neg, mctx, &r1, maxrrperset); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(dns_rdataslab_fromrdataset(&neg, mctx, &r1, maxrrperset)); - result = dns_rdataslab_fromrdataset(&negsig, mctx, &r2, maxrrperset); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(dns_rdataslab_fromrdataset(&negsig, mctx, &r2, maxrrperset)); closest = isc_mem_get(mctx, sizeof(*closest)); *closest = (dns_slabheader_proof_t){ @@ -3120,18 +3098,12 @@ qpcache_addrdataset(dns_db_t *db, dns_dbnode_t *node, dns_dbversion_t *version, DNS_SLABHEADER_SETATTR(newheader, DNS_SLABHEADERATTR_OPTOUT); } if (rdataset->attributes.noqname) { - result = addnoqname(qpnode->mctx, newheader, qpdb->maxrrperset, - rdataset); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(addnoqname(qpnode->mctx, newheader, qpdb->maxrrperset, + rdataset)); } if (rdataset->attributes.closest) { - result = addclosest(qpnode->mctx, newheader, qpdb->maxrrperset, - rdataset); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(addclosest(qpnode->mctx, newheader, qpdb->maxrrperset, + rdataset)); } nlock = &qpdb->buckets[qpnode->locknum].lock; diff --git a/lib/dns/qpzone.c b/lib/dns/qpzone.c index 834af41b97..be5e050007 100644 --- a/lib/dns/qpzone.c +++ b/lib/dns/qpzone.c @@ -64,14 +64,6 @@ #include "qpzone_p.h" #include "rdataslab_p.h" -#define CHECK(op) \ - { \ - result = (op); \ - if (result != ISC_R_SUCCESS) { \ - goto failure; \ - } \ - } - #define HEADERNODE(h) ((qpznode_t *)((h)->node)) #define QPDB_ATTR_LOADED 0x01 diff --git a/lib/dns/rcode.c b/lib/dns/rcode.c index c749959a49..a1ad5abeae 100644 --- a/lib/dns/rcode.c +++ b/lib/dns/rcode.c @@ -39,13 +39,6 @@ #include -#define RETERR(x) \ - do { \ - isc_result_t _r = (x); \ - if (_r != ISC_R_SUCCESS) \ - return ((_r)); \ - } while (0) - #define NUMBERSIZE sizeof("037777777777") /* 2^32-1 octal + NUL */ #define TOTEXTONLY 0x01 diff --git a/lib/dns/rdata.c b/lib/dns/rdata.c index 5fd872fe3f..3330d47d71 100644 --- a/lib/dns/rdata.c +++ b/lib/dns/rdata.c @@ -52,13 +52,6 @@ #include #include -#define RETERR(x) \ - do { \ - isc_result_t _r = (x); \ - if (_r != ISC_R_SUCCESS) \ - return ((_r)); \ - } while (0) - #define RETTOK(x) \ do { \ isc_result_t _r = (x); \ @@ -68,13 +61,6 @@ } \ } while (0) -#define CHECK(op) \ - do { \ - result = (op); \ - if (result != ISC_R_SUCCESS) \ - goto cleanup; \ - } while (0) - #define CHECKTOK(op) \ do { \ result = (op); \ @@ -1104,14 +1090,10 @@ unknown_fromtext(dns_rdataclass_t rdclass, dns_rdatatype_t type, isc_buffer_allocate(mctx, &buf, token.value.as_ulong); if (token.value.as_ulong != 0U) { - result = isc_hex_tobuffer(lexer, buf, - (unsigned int)token.value.as_ulong); - if (result != ISC_R_SUCCESS) { - goto failure; - } + CHECK(isc_hex_tobuffer(lexer, buf, + (unsigned int)token.value.as_ulong)); if (isc_buffer_usedlength(buf) != token.value.as_ulong) { - result = ISC_R_UNEXPECTEDEND; - goto failure; + CLEANUP(ISC_R_UNEXPECTEDEND); } } @@ -1122,14 +1104,12 @@ unknown_fromtext(dns_rdataclass_t rdclass, dns_rdatatype_t type, isc_buffer_usedregion(buf, &r); result = isc_buffer_copyregion(target, &r); } - if (result != ISC_R_SUCCESS) { - goto failure; - } + CHECK(result); isc_buffer_free(&buf); return ISC_R_SUCCESS; -failure: +cleanup: isc_buffer_free(&buf); return result; } @@ -1272,33 +1252,23 @@ dns_rdata_fromtext(dns_rdata_t *rdata, dns_rdataclass_t rdclass, static isc_result_t unknown_totext(dns_rdata_t *rdata, dns_rdata_textctx_t *tctx, isc_buffer_t *target) { - isc_result_t result; + isc_result_t result = ISC_R_SUCCESS; char buf[sizeof("65535")]; isc_region_t sr; strlcpy(buf, "\\# ", sizeof(buf)); - result = str_totext(buf, target); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(str_totext(buf, target)); dns_rdata_toregion(rdata, &sr); INSIST(sr.length < 65536); snprintf(buf, sizeof(buf), "%u", sr.length); - result = str_totext(buf, target); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(str_totext(buf, target)); if (sr.length != 0U) { if ((tctx->flags & DNS_STYLEFLAG_MULTILINE) != 0) { - result = str_totext(" ( ", target); + RETERR(str_totext(" ( ", target)); } else { - result = str_totext(" ", target); - } - - if (result != ISC_R_SUCCESS) { - return result; + RETERR(str_totext(" ", target)); } if (tctx->width == 0) { /* No splitting */ diff --git a/lib/dns/rdata/generic/lp_107.c b/lib/dns/rdata/generic/lp_107.c index 1351ab420f..f2fe025af8 100644 --- a/lib/dns/rdata/generic/lp_107.c +++ b/lib/dns/rdata/generic/lp_107.c @@ -187,7 +187,6 @@ static isc_result_t additionaldata_lp(ARGS_ADDLDATA) { dns_name_t name; isc_region_t region; - isc_result_t result; REQUIRE(rdata->type == dns_rdatatype_lp); @@ -198,10 +197,7 @@ additionaldata_lp(ARGS_ADDLDATA) { isc_region_consume(®ion, 2); dns_name_fromregion(&name, ®ion); - result = (add)(arg, &name, dns_rdatatype_l32, NULL DNS__DB_FILELINE); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR((add)(arg, &name, dns_rdatatype_l32, NULL DNS__DB_FILELINE)); return (add)(arg, &name, dns_rdatatype_l64, NULL DNS__DB_FILELINE); } diff --git a/lib/dns/rdata/generic/minfo_14.c b/lib/dns/rdata/generic/minfo_14.c index 2eb8036d9f..96b738251e 100644 --- a/lib/dns/rdata/generic/minfo_14.c +++ b/lib/dns/rdata/generic/minfo_14.c @@ -255,17 +255,13 @@ static isc_result_t digest_minfo(ARGS_DIGEST) { isc_region_t r; dns_name_t name; - isc_result_t result; REQUIRE(rdata->type == dns_rdatatype_minfo); dns_rdata_toregion(rdata, &r); dns_name_init(&name); dns_name_fromregion(&name, &r); - result = dns_name_digest(&name, digest, arg); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(dns_name_digest(&name, digest, arg)); isc_region_consume(&r, name_length(&name)); dns_name_init(&name); dns_name_fromregion(&name, &r); diff --git a/lib/dns/rdata/generic/mx_15.c b/lib/dns/rdata/generic/mx_15.c index 25cbfe9224..474fae4409 100644 --- a/lib/dns/rdata/generic/mx_15.c +++ b/lib/dns/rdata/generic/mx_15.c @@ -282,10 +282,7 @@ additionaldata_mx(ARGS_ADDLDATA) { return ISC_R_SUCCESS; } - result = (add)(arg, &name, dns_rdatatype_a, NULL DNS__DB_FILELINE); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR((add)(arg, &name, dns_rdatatype_a, NULL DNS__DB_FILELINE)); dns_fixedname_init(&fixed); result = dns_name_concatenate(&port25, &name, diff --git a/lib/dns/rdata/generic/naptr_35.c b/lib/dns/rdata/generic/naptr_35.c index fcc11a5b84..158dea6f88 100644 --- a/lib/dns/rdata/generic/naptr_35.c +++ b/lib/dns/rdata/generic/naptr_35.c @@ -626,7 +626,6 @@ static isc_result_t digest_naptr(ARGS_DIGEST) { isc_region_t r1, r2; unsigned int length, n; - isc_result_t result; dns_name_t name; REQUIRE(rdata->type == dns_rdatatype_naptr); @@ -666,10 +665,7 @@ digest_naptr(ARGS_DIGEST) { * Digest the RR up to the replacement name. */ r1.length = length; - result = (digest)(arg, &r1); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR((digest)(arg, &r1)); /* * Replacement. diff --git a/lib/dns/rdata/generic/nxt_30.c b/lib/dns/rdata/generic/nxt_30.c index 95bd1e8de8..1eec28ffd8 100644 --- a/lib/dns/rdata/generic/nxt_30.c +++ b/lib/dns/rdata/generic/nxt_30.c @@ -290,17 +290,13 @@ static isc_result_t digest_nxt(ARGS_DIGEST) { isc_region_t r; dns_name_t name; - isc_result_t result; REQUIRE(rdata->type == dns_rdatatype_nxt); dns_rdata_toregion(rdata, &r); dns_name_init(&name); dns_name_fromregion(&name, &r); - result = dns_name_digest(&name, digest, arg); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(dns_name_digest(&name, digest, arg)); isc_region_consume(&r, name_length(&name)); return (digest)(arg, &r); diff --git a/lib/dns/rdata/generic/rt_21.c b/lib/dns/rdata/generic/rt_21.c index 1138fb7525..8323f9233c 100644 --- a/lib/dns/rdata/generic/rt_21.c +++ b/lib/dns/rdata/generic/rt_21.c @@ -239,7 +239,6 @@ static isc_result_t additionaldata_rt(ARGS_ADDLDATA) { dns_name_t name; isc_region_t region; - isc_result_t result; REQUIRE(rdata->type == dns_rdatatype_rt); @@ -250,21 +249,14 @@ additionaldata_rt(ARGS_ADDLDATA) { isc_region_consume(®ion, 2); dns_name_fromregion(&name, ®ion); - result = (add)(arg, &name, dns_rdatatype_x25, NULL DNS__DB_FILELINE); - if (result != ISC_R_SUCCESS) { - return result; - } - result = (add)(arg, &name, dns_rdatatype_isdn, NULL DNS__DB_FILELINE); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR((add)(arg, &name, dns_rdatatype_x25, NULL DNS__DB_FILELINE)); + RETERR((add)(arg, &name, dns_rdatatype_isdn, NULL DNS__DB_FILELINE)); return (add)(arg, &name, dns_rdatatype_a, NULL DNS__DB_FILELINE); } static isc_result_t digest_rt(ARGS_DIGEST) { isc_region_t r1, r2; - isc_result_t result; dns_name_t name; REQUIRE(rdata->type == dns_rdatatype_rt); @@ -273,10 +265,7 @@ digest_rt(ARGS_DIGEST) { r2 = r1; isc_region_consume(&r2, 2); r1.length = 2; - result = (digest)(arg, &r1); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR((digest)(arg, &r1)); dns_name_init(&name); dns_name_fromregion(&name, &r2); return dns_name_digest(&name, digest, arg); diff --git a/lib/dns/rdata/generic/txt_16.c b/lib/dns/rdata/generic/txt_16.c index b61ee8889c..d4e9878aba 100644 --- a/lib/dns/rdata/generic/txt_16.c +++ b/lib/dns/rdata/generic/txt_16.c @@ -71,17 +71,12 @@ generic_totext_txt(ARGS_TOTEXT) { static isc_result_t generic_fromwire_txt(ARGS_FROMWIRE) { - isc_result_t result; - UNUSED(type); UNUSED(dctx); UNUSED(rdclass); do { - result = txt_fromwire(source, target); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(txt_fromwire(source, target)); } while (!buffer_empty(source)); return ISC_R_SUCCESS; } diff --git a/lib/dns/rdata/in_1/a6_38.c b/lib/dns/rdata/in_1/a6_38.c index e6c14ed74b..99f9e3cb9a 100644 --- a/lib/dns/rdata/in_1/a6_38.c +++ b/lib/dns/rdata/in_1/a6_38.c @@ -415,7 +415,6 @@ static isc_result_t digest_in_a6(ARGS_DIGEST) { isc_region_t r1, r2; unsigned char prefixlen, octets; - isc_result_t result; dns_name_t name; REQUIRE(rdata->type == dns_rdatatype_a6); @@ -427,10 +426,7 @@ digest_in_a6(ARGS_DIGEST) { octets = 1 + 16 - prefixlen / 8; r1.length = octets; - result = (digest)(arg, &r1); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR((digest)(arg, &r1)); if (prefixlen == 0) { return ISC_R_SUCCESS; } diff --git a/lib/dns/rdata/in_1/px_26.c b/lib/dns/rdata/in_1/px_26.c index 46e82202d4..cfc24d5d3c 100644 --- a/lib/dns/rdata/in_1/px_26.c +++ b/lib/dns/rdata/in_1/px_26.c @@ -309,7 +309,6 @@ static isc_result_t digest_in_px(ARGS_DIGEST) { isc_region_t r1, r2; dns_name_t name; - isc_result_t result; REQUIRE(rdata->type == dns_rdatatype_px); REQUIRE(rdata->rdclass == dns_rdataclass_in); @@ -318,16 +317,10 @@ digest_in_px(ARGS_DIGEST) { r2 = r1; isc_region_consume(&r2, 2); r1.length = 2; - result = (digest)(arg, &r1); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR((digest)(arg, &r1)); dns_name_init(&name); dns_name_fromregion(&name, &r2); - result = dns_name_digest(&name, digest, arg); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(dns_name_digest(&name, digest, arg)); isc_region_consume(&r2, name_length(&name)); dns_name_init(&name); dns_name_fromregion(&name, &r2); diff --git a/lib/dns/rdata/in_1/srv_33.c b/lib/dns/rdata/in_1/srv_33.c index c0b2cf86e3..755a875180 100644 --- a/lib/dns/rdata/in_1/srv_33.c +++ b/lib/dns/rdata/in_1/srv_33.c @@ -328,10 +328,7 @@ additionaldata_in_srv(ARGS_ADDLDATA) { return ISC_R_SUCCESS; } - result = (add)(arg, &name, dns_rdatatype_a, NULL DNS__DB_FILELINE); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR((add)(arg, &name, dns_rdatatype_a, NULL DNS__DB_FILELINE)); dns_fixedname_init(&fixed); snprintf(buf, sizeof(buf), "_%u._tcp", port); diff --git a/lib/dns/rdataset.c b/lib/dns/rdataset.c index 83a08ff469..c418bed890 100644 --- a/lib/dns/rdataset.c +++ b/lib/dns/rdataset.c @@ -324,18 +324,12 @@ towire_answer(dns_rdataset_t *rdataset, const dns_name_t *name, for (size_t i = start; i < count; i++) { dns_rdata_t rdata = DNS_RDATA_INIT; - result = towire_addtypeclass(rdataset, name, cctx, target, - rrbuffer, sizeof(dns_ttl_t) + 2); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(towire_addtypeclass(rdataset, name, cctx, target, + rrbuffer, sizeof(dns_ttl_t) + 2)); towire_addttl(rdataset, target, &rdlen); dns_rdataset_current(rdataset, &rdata); - result = towire_addrdata(&rdata, cctx, target, &rdlen); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(towire_addrdata(&rdata, cctx, target, &rdlen)); added++; result = dns_rdataset_next(rdataset); @@ -348,17 +342,11 @@ towire_answer(dns_rdataset_t *rdataset, const dns_name_t *name, } for (size_t i = 0; i < start; i++) { - result = towire_addtypeclass(rdataset, name, cctx, target, - rrbuffer, sizeof(dns_ttl_t) + 2); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(towire_addtypeclass(rdataset, name, cctx, target, + rrbuffer, sizeof(dns_ttl_t) + 2)); towire_addttl(rdataset, target, &rdlen); - result = towire_addrdata(&rdatas[i], cctx, target, &rdlen); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(towire_addrdata(&rdatas[i], cctx, target, &rdlen)); added++; } @@ -459,13 +447,9 @@ dns_rdataset_additionaldata(dns_rdataset_t *rdataset, } DNS_RDATASET_FOREACH(rdataset) { - isc_result_t result; dns_rdata_t rdata = DNS_RDATA_INIT; dns_rdataset_current(rdataset, &rdata); - result = dns_rdata_additionaldata(&rdata, owner_name, add, arg); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(dns_rdata_additionaldata(&rdata, owner_name, add, arg)); } return ISC_R_SUCCESS; diff --git a/lib/dns/rdataslab.c b/lib/dns/rdataslab.c index 703c2f6b1e..2fa0f30c1b 100644 --- a/lib/dns/rdataslab.c +++ b/lib/dns/rdataslab.c @@ -514,8 +514,7 @@ dns_rdataslab_merge(dns_slabheader_t *oheader, dns_slabheader_t *nheader, * than ncount, then we found such a duplicate. */ if (((flags & DNS_RDATASLAB_EXACT) != 0) && (tcount < ncount)) { - result = DNS_R_NOTEXACT; - goto cleanup; + CLEANUP(DNS_R_NOTEXACT); } /* @@ -523,8 +522,7 @@ dns_rdataslab_merge(dns_slabheader_t *oheader, dns_slabheader_t *nheader, * FORCE flag isn't set, we're done. */ if (tcount == 0 && (flags & DNS_RDATASLAB_FORCE) == 0) { - result = DNS_R_UNCHANGED; - goto cleanup; + CLEANUP(DNS_R_UNCHANGED); } /* Add to tcount the total number of items from the old slab. */ @@ -535,13 +533,11 @@ dns_rdataslab_merge(dns_slabheader_t *oheader, dns_slabheader_t *nheader, /* Single types can't have more than one RR. */ if (tcount > 1 && dns_rdatatype_issingleton(type)) { - result = DNS_R_SINGLETON; - goto cleanup; + CLEANUP(DNS_R_SINGLETON); } if (tcount > 0xffff) { - result = ISC_R_NOSPACE; - goto cleanup; + CLEANUP(ISC_R_NOSPACE); } /* Allocate the target buffer and copy the new slab's header */ @@ -677,8 +673,7 @@ dns_rdataslab_subtract(dns_slabheader_t *oheader, dns_slabheader_t *sheader, * duplicates.) */ if ((flags & DNS_RDATASLAB_EXACT) != 0 && rcount != scount) { - result = DNS_R_NOTEXACT; - goto cleanup; + CLEANUP(DNS_R_NOTEXACT); } /* @@ -686,16 +681,14 @@ dns_rdataslab_subtract(dns_slabheader_t *oheader, dns_slabheader_t *sheader, * create a new buffer, just return. */ if (tcount == 0) { - result = DNS_R_NXRRSET; - goto cleanup; + CLEANUP(DNS_R_NXRRSET); } /* * If nothing is going to change, stop. */ if (rcount == 0) { - result = DNS_R_UNCHANGED; - goto cleanup; + CLEANUP(DNS_R_UNCHANGED); } /* diff --git a/lib/dns/request.c b/lib/dns/request.c index 2d9d445624..93c868ecfd 100644 --- a/lib/dns/request.c +++ b/lib/dns/request.c @@ -463,17 +463,11 @@ dns_request_createraw(dns_requestmgr_t *requestmgr, isc_buffer_t *msgbuf, timeout, udptimeout, udpretries); isc_buffer_allocate(mctx, &request->query, r.length + (tcp ? 2 : 0)); - result = isc_buffer_copyregion(request->query, &r); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(isc_buffer_copyregion(request->query, &r)); again: - result = get_dispatch(tcp, newtcp, requestmgr, srcaddr, destaddr, - transport, &request->dispatch); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(get_dispatch(tcp, newtcp, requestmgr, srcaddr, destaddr, + transport, &request->dispatch)); if ((options & DNS_REQUESTOPT_FIXEDID) != 0) { id = (r.base[0] << 8) | r.base[1]; @@ -589,26 +583,17 @@ dns_request_create(dns_requestmgr_t *requestmgr, dns_message_t *message, dns_tsigkey_attach(key, &request->tsigkey); } - result = dns_message_settsigkey(message, request->tsigkey); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(dns_message_settsigkey(message, request->tsigkey)); again: - result = get_dispatch(tcp, false, requestmgr, srcaddr, destaddr, - transport, &request->dispatch); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(get_dispatch(tcp, false, requestmgr, srcaddr, destaddr, transport, + &request->dispatch)); - result = dns_dispatch_add(request->dispatch, loop, 0, - request->connect_timeout, request->timeout, - destaddr, transport, tlsctx_cache, - req_connected, req_senddone, req_response, - request, &id, &request->dispentry); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(dns_dispatch_add(request->dispatch, loop, 0, + request->connect_timeout, request->timeout, + destaddr, transport, tlsctx_cache, req_connected, + req_senddone, req_response, request, &id, + &request->dispentry)); message->id = id; result = req_render(message, &request->query, options, mctx); @@ -624,10 +609,7 @@ again: goto cleanup; } - result = dns_message_getquerytsig(message, mctx, &request->tsig); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(dns_message_getquerytsig(message, mctx, &request->tsig)); request->destaddr = *destaddr; request->flags |= DNS_REQUEST_F_CONNECTING; @@ -692,44 +674,22 @@ req_render(dns_message_t *message, isc_buffer_t **bufferp, unsigned int options, /* * Render message. */ - result = dns_message_renderbegin(message, &cctx, buf1); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } - result = dns_message_rendersection(message, DNS_SECTION_QUESTION, 0); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } - result = dns_message_rendersection(message, DNS_SECTION_ANSWER, 0); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } - result = dns_message_rendersection(message, DNS_SECTION_AUTHORITY, 0); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } - result = dns_message_rendersection(message, DNS_SECTION_ADDITIONAL, 0); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } - result = dns_message_renderend(message); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(dns_message_renderbegin(message, &cctx, buf1)); + CHECK(dns_message_rendersection(message, DNS_SECTION_QUESTION, 0)); + CHECK(dns_message_rendersection(message, DNS_SECTION_ANSWER, 0)); + CHECK(dns_message_rendersection(message, DNS_SECTION_AUTHORITY, 0)); + CHECK(dns_message_rendersection(message, DNS_SECTION_ADDITIONAL, 0)); + CHECK(dns_message_renderend(message)); /* * Copy rendered message to exact sized buffer. */ isc_buffer_usedregion(buf1, &r); if ((options & DNS_REQUESTOPT_TCP) == 0 && r.length > 512) { - result = DNS_R_USETCP; - goto cleanup; + CLEANUP(DNS_R_USETCP); } isc_buffer_allocate(mctx, &buf2, r.length); - result = isc_buffer_copyregion(buf2, &r); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(isc_buffer_copyregion(buf2, &r)); /* * Cleanup and return. @@ -788,8 +748,6 @@ dns_request_cancel(dns_request_t *request) { isc_result_t dns_request_getresponse(dns_request_t *request, dns_message_t *message, unsigned int options) { - isc_result_t result; - REQUIRE(VALID_REQUEST(request)); REQUIRE(request->tid == isc_tid()); REQUIRE(request->answer != NULL); @@ -797,18 +755,12 @@ dns_request_getresponse(dns_request_t *request, dns_message_t *message, req_log(ISC_LOG_DEBUG(3), "%s: request %p", __func__, request); dns_message_setquerytsig(message, request->tsig); - result = dns_message_settsigkey(message, request->tsigkey); - if (result != ISC_R_SUCCESS) { - return result; - } - result = dns_message_parse(message, request->answer, options); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(dns_message_settsigkey(message, request->tsigkey)); + RETERR(dns_message_parse(message, request->answer, options)); if (request->tsigkey != NULL) { - result = dns_tsig_verify(request->answer, message, NULL, NULL); + RETERR(dns_tsig_verify(request->answer, message, NULL, NULL)); } - return result; + return ISC_R_SUCCESS; } isc_buffer_t * diff --git a/lib/dns/resconf.c b/lib/dns/resconf.c index fda0fcddf9..cc7524ed41 100644 --- a/lib/dns/resconf.c +++ b/lib/dns/resconf.c @@ -75,13 +75,6 @@ #define RESCONFMAXLINELEN 256U /*%< max size of a line */ #define RESCONFMAXSORTLIST 10U /*%< max 10 */ -#define CHECK(op) \ - do { \ - result = (op); \ - if (result != ISC_R_SUCCESS) \ - goto cleanup; \ - } while (0) - /*! * configuration data structure */ @@ -224,8 +217,7 @@ add_server(isc_mem_t *mctx, const char *address_str, address = isc_mem_get(mctx, sizeof(*address)); if (res->ai_addrlen > sizeof(address->type)) { isc_mem_put(mctx, address, sizeof(*address)); - result = ISC_R_RANGE; - goto cleanup; + CLEANUP(ISC_R_RANGE); } if (res->ai_family == AF_INET) { @@ -245,8 +237,7 @@ add_server(isc_mem_t *mctx, const char *address_str, isc_mem_put(mctx, address, sizeof(*address)); UNEXPECTED_ERROR("ai_family (%d) not INET nor INET6", res->ai_family); - result = ISC_R_UNEXPECTED; - goto cleanup; + CLEANUP(ISC_R_UNEXPECTED); } address->length = (unsigned int)res->ai_addrlen; @@ -290,7 +281,6 @@ static isc_result_t resconf_parsenameserver(irs_resconf_t *conf, FILE *fp) { char word[RESCONFMAXLINELEN]; int cp; - isc_result_t result; cp = getword(fp, word, sizeof(word)); if (cp == EOF || strlen(word) == 0U) { @@ -307,10 +297,7 @@ resconf_parsenameserver(irs_resconf_t *conf, FILE *fp) { return ISC_R_SUCCESS; } - result = add_server(conf->mctx, word, &conf->nameservers); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(add_server(conf->mctx, word, &conf->nameservers)); conf->numns++; return ISC_R_SUCCESS; @@ -379,7 +366,6 @@ static isc_result_t resconf_parsesearch(irs_resconf_t *conf, FILE *fp) { int delim; char word[RESCONFMAXLINELEN]; - isc_result_t result; if (conf->domainname != NULL) { /* @@ -398,10 +384,7 @@ resconf_parsesearch(irs_resconf_t *conf, FILE *fp) { return ISC_R_UNEXPECTEDEND; /* Nothing else on line. */ } do { - result = add_search(conf, word); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(add_search(conf, word)); if (delim == '\n') { break; diff --git a/lib/dns/resolver.c b/lib/dns/resolver.c index 9e0e578cfb..404086b898 100644 --- a/lib/dns/resolver.c +++ b/lib/dns/resolver.c @@ -4524,10 +4524,7 @@ resume_qmin(void *arg) { fcount_decr(fctx); dns_name_copy(fname, fctx->domain); - result = fcount_incr(fctx, false); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(fcount_incr(fctx, false)); dns_name_copy(dcname, fctx->qmindcname); fctx->ns_ttl = fctx->nameservers.ttl; @@ -6045,7 +6042,6 @@ static isc_result_t rctx_cache_secure(respctx_t *rctx, dns_message_t *message, dns_name_t *name, dns_dbnode_t *node, dns_rdataset_t *rdataset, dns_rdataset_t *sigrdataset, bool need_validation) { - isc_result_t result; fetchctx_t *fctx = rctx->fctx; resquery_t *query = rctx->query; dns_rdataset_t *ardataset = NULL, *asigset = NULL; @@ -6129,12 +6125,8 @@ rctx_cache_secure(respctx_t *rctx, dns_message_t *message, dns_name_t *name, * in-between. */ - result = cache_rrset(fctx, rctx->now, name, rdataset, - sigrdataset, &node, ardataset, asigset, - need_validation); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(cache_rrset(fctx, rctx->now, name, rdataset, sigrdataset, + &node, ardataset, asigset, need_validation)); } return ISC_R_SUCCESS; @@ -6182,7 +6174,7 @@ rctx_cache_insecure(respctx_t *rctx, dns_message_t *message, dns_name_t *name, static isc_result_t rctx_cachename(respctx_t *rctx, dns_message_t *message, dns_name_t *name) { - isc_result_t result; + isc_result_t result = ISC_R_SUCCESS; fetchctx_t *fctx = rctx->fctx; resquery_t *query = rctx->query; dns_resolver_t *res = fctx->res; @@ -6206,10 +6198,7 @@ rctx_cachename(respctx_t *rctx, dns_message_t *message, dns_name_t *name) { /* * Find or create the cache node. */ - result = dns_db_findnode(fctx->cache, name, true, &node); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(dns_db_findnode(fctx->cache, name, true, &node)); /* * Cache or validate each cacheable rdataset. @@ -6247,9 +6236,7 @@ rctx_cachename(respctx_t *rctx, dns_message_t *message, dns_name_t *name) { result = rctx_cache_insecure(rctx, message, name, node, rdataset, sigrdataset); } - if (result != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(result); } /* @@ -6319,10 +6306,7 @@ rctx_cachemessage(respctx_t *rctx) { { MSG_SECTION_FOREACH(message, section, name) { if (name->attributes.cache) { - result = rctx_cachename(rctx, message, name); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(rctx_cachename(rctx, message, name)); } } } @@ -6386,10 +6370,7 @@ negcache(dns_message_t *message, fetchctx_t *fctx, const dns_name_t *name, /* * Cache the negative entry. */ - result = dns_db_findnode(fctx->cache, name, true, &node); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(dns_db_findnode(fctx->cache, name, true, &node)); result = dns_ncache_add(message, cache, node, covers, now, minttl, maxttl, optout, secure, added); @@ -6976,10 +6957,7 @@ resume_dslookup(void *arg) { fcount_decr(fctx); dns_name_copy(fctx->nsname, fctx->domain); - result = fcount_incr(fctx, false); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(fcount_incr(fctx, false)); /* Try again. */ fctx_try(fctx, true); @@ -7009,8 +6987,7 @@ resume_dslookup(void *arg) { * made. Interrupt the DS chasing process, returning SERVFAIL. */ if (dns_name_equal(fctx->nsname, fetch->private->domain)) { - result = DNS_R_SERVFAIL; - goto cleanup; + CLEANUP(DNS_R_SERVFAIL); } /* Get nameservers from fetch before we destroy it. */ @@ -10863,10 +10840,7 @@ dns_resolver_dumpquota(dns_resolver_t *res, isc_buffer_t *buf) { " spilled %" PRIuFAST32 ")", nb, count, allowed, dropped); - result = isc_buffer_reserve(buf, strlen(text)); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(isc_buffer_reserve(buf, strlen(text))); isc_buffer_putstr(buf, text); } if (result == ISC_R_NOMORE) { diff --git a/lib/dns/rootns.c b/lib/dns/rootns.c index 48bd1e1673..f5eadd9839 100644 --- a/lib/dns/rootns.c +++ b/lib/dns/rootns.c @@ -101,7 +101,6 @@ static struct upcoming { static isc_result_t in_rootns(dns_rdataset_t *rootns, dns_name_t *name) { - isc_result_t result; dns_rdata_ns_t ns; if (!dns_rdataset_isassociated(rootns)) { @@ -111,10 +110,7 @@ in_rootns(dns_rdataset_t *rootns, dns_name_t *name) { DNS_RDATASET_FOREACH(rootns) { dns_rdata_t rdata = DNS_RDATA_INIT; dns_rdataset_current(rootns, &rdata); - result = dns_rdata_tostruct(&rdata, &ns, NULL); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(dns_rdata_tostruct(&rdata, &ns, NULL)); if (dns_name_compare(name, &ns.name) == 0) { return ISC_R_SUCCESS; } @@ -164,23 +160,11 @@ check_hints(dns_db_t *db) { dns_rdataset_init(&rootns); (void)dns_db_find(db, dns_rootname, NULL, dns_rdatatype_ns, 0, now, NULL, name, &rootns, NULL); - result = dns_db_createiterator(db, 0, &dbiter); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(dns_db_createiterator(db, 0, &dbiter)); DNS_DBITERATOR_FOREACH(dbiter) { - result = dns_dbiterator_current(dbiter, &node, name); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } - result = dns_db_allrdatasets(db, node, NULL, 0, now, &rdsiter); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } - result = check_node(&rootns, name, rdsiter); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(dns_dbiterator_current(dbiter, &node, name)); + CHECK(dns_db_allrdatasets(db, node, NULL, 0, now, &rdsiter)); + CHECK(check_node(&rootns, name, rdsiter)); dns_rdatasetiter_destroy(&rdsiter); dns_db_detachnode(&node); } @@ -212,21 +196,15 @@ dns_rootns_create(isc_mem_t *mctx, dns_rdataclass_t rdclass, REQUIRE(target != NULL && *target == NULL); - result = dns_db_create(mctx, ZONEDB_DEFAULT, dns_rootname, - dns_dbtype_zone, rdclass, 0, NULL, &db); - if (result != ISC_R_SUCCESS) { - goto failure; - } + CHECK(dns_db_create(mctx, ZONEDB_DEFAULT, dns_rootname, dns_dbtype_zone, + rdclass, 0, NULL, &db)); len = strlen(root_ns); isc_buffer_init(&source, root_ns, len); isc_buffer_add(&source, len); dns_rdatacallbacks_init(&callbacks); - result = dns_db_beginload(db, &callbacks); - if (result != ISC_R_SUCCESS) { - goto failure; - } + CHECK(dns_db_beginload(db, &callbacks)); if (filename != NULL) { /* * Load the hints from the specified filename. @@ -249,8 +227,8 @@ dns_rootns_create(isc_mem_t *mctx, dns_rdataclass_t rdclass, if (result == ISC_R_SUCCESS || result == DNS_R_SEENINCLUDE) { result = eresult; } - if (result != ISC_R_SUCCESS && result != DNS_R_SEENINCLUDE) { - goto failure; + if (result != DNS_R_SEENINCLUDE) { + CHECK(result); } if (check_hints(db) != ISC_R_SUCCESS) { isc_log_write(DNS_LOGCATEGORY_GENERAL, DNS_LOGMODULE_HINTS, @@ -260,7 +238,7 @@ dns_rootns_create(isc_mem_t *mctx, dns_rdataclass_t rdclass, *target = db; return ISC_R_SUCCESS; -failure: +cleanup: isc_log_write(DNS_LOGCATEGORY_GENERAL, DNS_LOGMODULE_HINTS, ISC_LOG_ERROR, "could not configure root hints from " diff --git a/lib/dns/rpz.c b/lib/dns/rpz.c index a1b7fe13d2..e0e9bbd6d4 100644 --- a/lib/dns/rpz.c +++ b/lib/dns/rpz.c @@ -1480,7 +1480,6 @@ dns_rpz_new_zones(dns_view_t *view, dns_rpz_zones_t **rpzsp, bool first_time) { isc_result_t dns_rpz_new_zone(dns_rpz_zones_t *rpzs, dns_rpz_zone_t **rpzp) { - isc_result_t result; dns_rpz_zone_t *rpz = NULL; REQUIRE(DNS_RPZ_ZONES_VALID(rpzs)); @@ -1490,10 +1489,7 @@ dns_rpz_new_zone(dns_rpz_zones_t *rpzs, dns_rpz_zone_t **rpzp) { return ISC_R_NOSPACE; } - result = dns__rpz_shuttingdown(rpzs); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(dns__rpz_shuttingdown(rpzs)); rpz = isc_mem_get(rpzs->mctx, sizeof(*rpz)); *rpz = (dns_rpz_zone_t){ @@ -1738,10 +1734,7 @@ update_nodes(dns_rpz_zone_t *rpz, isc_ht_t *newnodes) { dns_rdatasetiter_t *rdsiter = NULL; dns_dbnode_t *node = NULL; - result = dns__rpz_shuttingdown(rpz->rpzs); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(dns__rpz_shuttingdown(rpz->rpzs)); result = dns_dbiterator_current(updbit, &node, name); if (result != ISC_R_SUCCESS) { @@ -1921,15 +1914,9 @@ update_rpz_cb(void *data) { isc_ht_init(&newnodes, rpz->rpzs->mctx, 1, ISC_HT_CASE_SENSITIVE); - result = update_nodes(rpz, newnodes); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(update_nodes(rpz, newnodes)); - result = cleanup_nodes(rpz); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(cleanup_nodes(rpz)); /* Finalize the update */ ISC_SWAP(rpz->nodes, newnodes); diff --git a/lib/dns/rriterator.c b/lib/dns/rriterator.c index 2adf531cb3..3e468cbe5f 100644 --- a/lib/dns/rriterator.c +++ b/lib/dns/rriterator.c @@ -37,17 +37,13 @@ isc_result_t dns_rriterator_init(dns_rriterator_t *it, dns_db_t *db, dns_dbversion_t *ver, isc_stdtime_t now) { - isc_result_t result; it->magic = RRITERATOR_MAGIC; it->db = db; it->dbit = NULL; it->ver = ver; it->now = now; it->node = NULL; - result = dns_db_createiterator(it->db, 0, &it->dbit); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(dns_db_createiterator(it->db, 0, &it->dbit)); it->rdatasetit = NULL; dns_rdata_init(&it->rdata); dns_rdataset_init(&it->rdataset); diff --git a/lib/dns/sdlz.c b/lib/dns/sdlz.c index 3852b06b1e..22bd0ee210 100644 --- a/lib/dns/sdlz.c +++ b/lib/dns/sdlz.c @@ -492,30 +492,18 @@ getnodedata(dns_db_t *db, const dns_name_t *name, bool create, dns_name_countlabels(&sdlz->common.origin); dns_name_init(&relname); dns_name_getlabelsequence(name, 0, labels, &relname); - result = dns_name_totext(&relname, DNS_NAME_OMITFINALDOT, &b); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(dns_name_totext(&relname, DNS_NAME_OMITFINALDOT, &b)); } else { - result = dns_name_totext(name, DNS_NAME_OMITFINALDOT, &b); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(dns_name_totext(name, DNS_NAME_OMITFINALDOT, &b)); } isc_buffer_putuint8(&b, 0); isc_buffer_init(&b2, zonestr, sizeof(zonestr)); - result = dns_name_totext(&sdlz->common.origin, DNS_NAME_OMITFINALDOT, - &b2); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(dns_name_totext(&sdlz->common.origin, DNS_NAME_OMITFINALDOT, + &b2)); isc_buffer_putuint8(&b2, 0); - result = createnode(sdlz, &node); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(createnode(sdlz, &node)); isorigin = dns_name_equal(name, &sdlz->common.origin); @@ -687,11 +675,8 @@ createiterator(dns_db_t *db, unsigned int options, } isc_buffer_init(&b, zonestr, sizeof(zonestr)); - result = dns_name_totext(&sdlz->common.origin, DNS_NAME_OMITFINALDOT, - &b); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(dns_name_totext(&sdlz->common.origin, DNS_NAME_OMITFINALDOT, + &b)); isc_buffer_putuint8(&b, 0); sdlziter = isc_mem_get(sdlz->common.mctx, sizeof(sdlz_dbiterator_t)); @@ -990,21 +975,14 @@ modrdataset(dns_db_t *db, dns_dbnode_t *node, dns_dbversion_t *version, isc_buffer_allocate(mctx, &buffer, 1024); - result = dns_master_stylecreate(&style, 0, 0, 0, 0, 0, 0, 1, 0xffffffff, - mctx); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(dns_master_stylecreate(&style, 0, 0, 0, 0, 0, 0, 1, 0xffffffff, + mctx)); - result = dns_master_rdatasettotext(&sdlznode->name, rdataset, style, - NULL, buffer); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(dns_master_rdatasettotext(&sdlznode->name, rdataset, style, NULL, + buffer)); if (isc_buffer_usedlength(buffer) < 1) { - result = ISC_R_BADADDRESSFORM; - goto cleanup; + CLEANUP(ISC_R_BADADDRESSFORM); } rdatastr = isc_buffer_base(buffer); @@ -1343,19 +1321,13 @@ dns_sdlzallowzonexfr(void *driverarg, void *dbdata, isc_mem_t *mctx, /* Convert DNS name to ascii text */ isc_buffer_init(&b, namestr, sizeof(namestr)); - result = dns_name_totext(name, DNS_NAME_OMITFINALDOT, &b); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(dns_name_totext(name, DNS_NAME_OMITFINALDOT, &b)); isc_buffer_putuint8(&b, 0); /* convert client address to ascii text */ isc_buffer_init(&b2, clientstr, sizeof(clientstr)); isc_netaddr_fromsockaddr(&netaddr, clientaddr); - result = isc_netaddr_totext(&netaddr, &b2); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(isc_netaddr_totext(&netaddr, &b2)); isc_buffer_putuint8(&b2, 0); /* make sure strings are always lowercase */ @@ -1462,10 +1434,7 @@ dns_sdlzfindzone(void *driverarg, void *dbdata, isc_mem_t *mctx, /* Convert DNS name to ascii text */ isc_buffer_init(&b, namestr, sizeof(namestr)); - result = dns_name_totext(name, DNS_NAME_OMITFINALDOT, &b); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(dns_name_totext(name, DNS_NAME_OMITFINALDOT, &b)); isc_buffer_putuint8(&b, 0); /* make sure strings are always lowercase */ @@ -1606,10 +1575,7 @@ dns_sdlz_putrr(dns_sdlzlookup_t *lookup, const char *type, dns_ttl_t ttl, r.base = type; r.length = strlen(type); - result = dns_rdatatype_fromtext(&typeval, (void *)&r); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(dns_rdatatype_fromtext(&typeval, (void *)&r)); rdatalist = ISC_LIST_HEAD(lookup->lists); while (rdatalist != NULL) { @@ -1654,10 +1620,7 @@ dns_sdlz_putrr(dns_sdlzlookup_t *lookup, const char *type, dns_ttl_t ttl, isc_buffer_constinit(&b, data, strlen(data)); isc_buffer_add(&b, strlen(data)); - result = isc_lex_openbuffer(lex, &b); - if (result != ISC_R_SUCCESS) { - goto failure; - } + CHECK(isc_lex_openbuffer(lex, &b)); rdatabuf = NULL; isc_buffer_allocate(mctx, &rdatabuf, size); @@ -1678,8 +1641,7 @@ dns_sdlz_putrr(dns_sdlzlookup_t *lookup, const char *type, dns_ttl_t ttl, } while (result == ISC_R_NOSPACE); if (result != ISC_R_SUCCESS) { - result = DNS_R_SERVFAIL; - goto failure; + CLEANUP(DNS_R_SERVFAIL); } ISC_LIST_APPEND(rdatalist->rdata, rdata, link); @@ -1691,7 +1653,7 @@ dns_sdlz_putrr(dns_sdlzlookup_t *lookup, const char *type, dns_ttl_t ttl, return ISC_R_SUCCESS; -failure: +cleanup: if (rdatabuf != NULL) { isc_buffer_free(&rdatabuf); } @@ -1713,7 +1675,6 @@ dns_sdlz_putnamedrr(dns_sdlzallnodes_t *allnodes, const char *name, dns_sdlznode_t *sdlznode; isc_mem_t *mctx = sdlz->common.mctx; isc_buffer_t b; - isc_result_t result; newname = dns_fixedname_initname(&fnewname); @@ -1725,10 +1686,7 @@ dns_sdlz_putnamedrr(dns_sdlzallnodes_t *allnodes, const char *name, isc_buffer_constinit(&b, name, strlen(name)); isc_buffer_add(&b, strlen(name)); - result = dns_name_fromtext(newname, &b, origin, 0); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(dns_name_fromtext(newname, &b, origin, 0)); if (allnodes->common.relative_names) { /* All names are relative to the root */ @@ -1739,10 +1697,7 @@ dns_sdlz_putnamedrr(dns_sdlzallnodes_t *allnodes, const char *name, sdlznode = ISC_LIST_HEAD(allnodes->nodelist); if (sdlznode == NULL || !dns_name_equal(&sdlznode->name, newname)) { sdlznode = NULL; - result = createnode(sdlz, &sdlznode); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(createnode(sdlz, &sdlznode)); dns_name_dup(newname, mctx, &sdlznode->name); ISC_LIST_PREPEND(allnodes->nodelist, sdlznode, link); if (allnodes->origin == NULL && diff --git a/lib/dns/skr.c b/lib/dns/skr.c index 537683d363..7eec1f4531 100644 --- a/lib/dns/skr.c +++ b/lib/dns/skr.c @@ -25,27 +25,11 @@ #include #include -#define CHECK(op) \ - do { \ - result = (op); \ - if (result != ISC_R_SUCCESS) \ - goto failure; \ - } while (0) - #define READLINE(lex, opt, token) -#define NEXTTOKEN(lex, opt, token) \ - { \ - ret = isc_lex_gettoken(lex, opt, token); \ - if (ret != ISC_R_SUCCESS) \ - goto cleanup; \ - } +#define NEXTTOKEN(lex, opt, token) CHECK(isc_lex_gettoken(lex, opt, token)) -#define BADTOKEN() \ - { \ - ret = ISC_R_UNEXPECTEDTOKEN; \ - goto cleanup; \ - } +#define BADTOKEN() CLEANUP(ISC_R_UNEXPECTEDTOKEN) #define TOKENSIZ (8 * 1024) #define STR(t) ((t).value.as_textregion.base) @@ -61,7 +45,7 @@ parse_rr(isc_lex_t *lex, isc_mem_t *mctx, char *owner, dns_name_t *origin, isc_buffer_t b; isc_token_t token; unsigned int opt = ISC_LEXOPT_EOL; - isc_result_t ret = ISC_R_SUCCESS; + isc_result_t result = ISC_R_SUCCESS; isc_lex_setcomments(lex, ISC_LEXCOMMENT_DNSMASTERFILE); @@ -72,13 +56,9 @@ parse_rr(isc_lex_t *lex, isc_mem_t *mctx, char *owner, dns_name_t *origin, dname = dns_fixedname_initname(&dfname); isc_buffer_init(&b, owner, strlen(owner)); isc_buffer_add(&b, strlen(owner)); - ret = dns_name_fromtext(dname, &b, dns_rootname, 0); - if (ret != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(dns_name_fromtext(dname, &b, dns_rootname, 0)); if (dns_name_compare(dname, origin) != 0) { - ret = DNS_R_BADOWNERNAME; - goto cleanup; + CLEANUP(DNS_R_BADOWNERNAME); } isc_buffer_clear(&b); @@ -89,8 +69,8 @@ parse_rr(isc_lex_t *lex, isc_mem_t *mctx, char *owner, dns_name_t *origin, } /* If it's a TTL, read the next one */ - ret = dns_ttl_fromtext(&token.value.as_textregion, ttl); - if (ret == ISC_R_SUCCESS) { + result = dns_ttl_fromtext(&token.value.as_textregion, ttl); + if (result == ISC_R_SUCCESS) { NEXTTOKEN(lex, opt, &token); } if (token.type != isc_tokentype_string) { @@ -98,8 +78,8 @@ parse_rr(isc_lex_t *lex, isc_mem_t *mctx, char *owner, dns_name_t *origin, } /* If it's a class, read the next one */ - ret = dns_rdataclass_fromtext(&clas, &token.value.as_textregion); - if (ret == ISC_R_SUCCESS) { + result = dns_rdataclass_fromtext(&clas, &token.value.as_textregion); + if (result == ISC_R_SUCCESS) { if (clas != rdclass) { BADTOKEN(); } @@ -110,8 +90,8 @@ parse_rr(isc_lex_t *lex, isc_mem_t *mctx, char *owner, dns_name_t *origin, } /* Must be the record type */ - ret = dns_rdatatype_fromtext(rdtype, &token.value.as_textregion); - if (ret != ISC_R_SUCCESS) { + result = dns_rdatatype_fromtext(rdtype, &token.value.as_textregion); + if (result != ISC_R_SUCCESS) { BADTOKEN(); } switch (*rdtype) { @@ -126,11 +106,11 @@ parse_rr(isc_lex_t *lex, isc_mem_t *mctx, char *owner, dns_name_t *origin, } dns_rdatacallbacks_init(&callbacks); - ret = dns_rdata_fromtext(*rdata, rdclass, *rdtype, lex, dname, 0, mctx, - buf, &callbacks); + result = dns_rdata_fromtext(*rdata, rdclass, *rdtype, lex, dname, 0, + mctx, buf, &callbacks); cleanup: isc_lex_setcomments(lex, 0); - return ret; + return result; } static void @@ -162,8 +142,6 @@ skrbundle_addtuple(dns_skrbundle_t *bundle, dns_difftuple_t **tuple) { isc_result_t dns_skrbundle_getsig(dns_skrbundle_t *bundle, dst_key_t *key, dns_rdatatype_t covering_type, dns_rdata_t *sigrdata) { - isc_result_t result = ISC_R_SUCCESS; - REQUIRE(DNS_SKRBUNDLE_VALID(bundle)); REQUIRE(DNS_DIFF_VALID(&bundle->diff)); @@ -175,10 +153,7 @@ dns_skrbundle_getsig(dns_skrbundle_t *bundle, dst_key_t *key, } INSIST(tuple->rdata.type == dns_rdatatype_rrsig); - result = dns_rdata_tostruct(&tuple->rdata, &rrsig, NULL); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(dns_rdata_tostruct(&tuple->rdata, &rrsig, NULL)); /* * Check if covering type matches, and if the signature is @@ -273,7 +248,7 @@ dns_skr_read(isc_mem_t *mctx, const char *filename, dns_name_t *origin, } if (token.type != isc_tokentype_string) { - CHECK(DNS_R_SYNTAX); + CLEANUP(DNS_R_SYNTAX); } if (strcmp(STR(token), ";;") == 0) { @@ -282,7 +257,7 @@ dns_skr_read(isc_mem_t *mctx, const char *filename, dns_name_t *origin, if (token.type != isc_tokentype_string || strcmp(STR(token), "SignedKeyResponse") != 0) { - CHECK(DNS_R_SYNTAX); + CLEANUP(DNS_R_SYNTAX); } /* Version */ @@ -290,20 +265,20 @@ dns_skr_read(isc_mem_t *mctx, const char *filename, dns_name_t *origin, if (token.type != isc_tokentype_string || strcmp(STR(token), "1.0") != 0) { - CHECK(DNS_R_SYNTAX); + CLEANUP(DNS_R_SYNTAX); } /* Date and time of bundle */ CHECK(isc_lex_gettoken(lex, opt, &token)); if (token.type != isc_tokentype_string) { - CHECK(DNS_R_SYNTAX); + CLEANUP(DNS_R_SYNTAX); } if (strcmp(STR(token), "generated") == 0) { /* Final bundle */ goto readline; } if (token.type != isc_tokentype_string) { - CHECK(DNS_R_SYNTAX); + CLEANUP(DNS_R_SYNTAX); } /* Add previous bundle */ @@ -345,7 +320,7 @@ dns_skr_read(isc_mem_t *mctx, const char *filename, dns_name_t *origin, filename, isc_lex_getsourceline(lex), isc_result_totext(result)); isc_mem_put(mctx, rdata, sizeof(*rdata)); - goto failure; + goto cleanup; } /* Create new diff tuple */ @@ -365,7 +340,7 @@ dns_skr_read(isc_mem_t *mctx, const char *filename, dns_name_t *origin, } if (result != ISC_R_EOF) { - CHECK(DNS_R_SYNTAX); + CLEANUP(DNS_R_SYNTAX); } result = ISC_R_SUCCESS; @@ -374,7 +349,7 @@ dns_skr_read(isc_mem_t *mctx, const char *filename, dns_name_t *origin, addbundle(*skrp, &bundle); } -failure: +cleanup: if (result != ISC_R_SUCCESS) { isc_log_write(DNS_LOGCATEGORY_GENERAL, DNS_LOGMODULE_ZONE, ISC_LOG_DEBUG(1), diff --git a/lib/dns/time.c b/lib/dns/time.c index ae23ce0a99..ec49f522e0 100644 --- a/lib/dns/time.c +++ b/lib/dns/time.c @@ -204,11 +204,8 @@ dns_time64_fromtext(const char *source, int64_t *target) { isc_result_t dns_time32_fromtext(const char *source, uint32_t *target) { int64_t value64; - isc_result_t result; - result = dns_time64_fromtext(source, &value64); - if (result != ISC_R_SUCCESS) { - return result; - } + + RETERR(dns_time64_fromtext(source, &value64)); *target = (uint32_t)value64; return ISC_R_SUCCESS; diff --git a/lib/dns/tkey.c b/lib/dns/tkey.c index 79ca4da3e0..028aed74de 100644 --- a/lib/dns/tkey.c +++ b/lib/dns/tkey.c @@ -55,13 +55,6 @@ #define TEMP_BUFFER_SZ 8192 #define TKEY_RANDOM_AMOUNT 16 -#define RETERR(x) \ - do { \ - result = (x); \ - if (result != ISC_R_SUCCESS) \ - goto failure; \ - } while (0) - static void tkey_log(const char *fmt, ...) ISC_FORMAT_PRINTF(1, 2); @@ -208,7 +201,7 @@ process_gsstkey(dns_message_t *msg, dns_name_t *name, dns_rdata_tkey_t *tkeyin, return ISC_R_SUCCESS; } if (result != DNS_R_CONTINUE && result != ISC_R_SUCCESS) { - goto failure; + CHECK(result); } /* @@ -224,8 +217,8 @@ process_gsstkey(dns_message_t *msg, dns_name_t *name, dns_rdata_tkey_t *tkeyin, #endif /* HAVE_GSSAPI */ uint32_t expire; - RETERR(dst_key_fromgssapi(name, gss_ctx, ring->mctx, &dstkey, - &intoken)); + CHECK(dst_key_fromgssapi(name, gss_ctx, ring->mctx, &dstkey, + &intoken)); /* * Limit keys to 1 hour or the context's lifetime whichever * is smaller. @@ -237,11 +230,11 @@ process_gsstkey(dns_message_t *msg, dns_name_t *name, dns_rdata_tkey_t *tkeyin, expire = now + lifetime; } #endif /* HAVE_GSSAPI */ - RETERR(dns_tsigkey_createfromkey( + CHECK(dns_tsigkey_createfromkey( name, dns__tsig_algfromname(&tkeyin->algorithm), dstkey, true, false, principal, now, expire, ring->mctx, &tsigkey)); - RETERR(dns_tsigkeyring_add(ring, tsigkey)); + CHECK(dns_tsigkeyring_add(ring, tsigkey)); dst_key_free(&dstkey); tkeyout->inception = now; tkeyout->expire = expire; @@ -277,7 +270,7 @@ process_gsstkey(dns_message_t *msg, dns_name_t *name, dns_rdata_tkey_t *tkeyin, return ISC_R_SUCCESS; -failure: +cleanup: if (tsigkey != NULL) { dns_tsigkey_detach(&tsigkey); } @@ -363,24 +356,21 @@ dns_tkey_processquery(dns_message_t *msg, dns_tkeyctx_t *tctx, result = dns_message_findname(msg, DNS_SECTION_ADDITIONAL, qname, dns_rdatatype_tkey, 0, NULL, &tkeyset); if (result != ISC_R_SUCCESS) { - result = DNS_R_FORMERR; tkey_log("dns_tkey_processquery: couldn't find a TKEY " "matching the question"); - goto failure; + CLEANUP(DNS_R_FORMERR); } result = dns_rdataset_first(tkeyset); if (result != ISC_R_SUCCESS) { - result = DNS_R_FORMERR; - goto failure; + CLEANUP(DNS_R_FORMERR); } dns_rdataset_current(tkeyset, &rdata); - RETERR(dns_rdata_tostruct(&rdata, &tkeyin, NULL)); + CHECK(dns_rdata_tostruct(&rdata, &tkeyin, NULL)); if (tkeyin.error != dns_rcode_noerror) { - result = DNS_R_FORMERR; - goto failure; + CLEANUP(DNS_R_FORMERR); } /* @@ -396,8 +386,7 @@ dns_tkey_processquery(dns_message_t *msg, dns_tkeyctx_t *tctx, { tkey_log("dns_tkey_processquery: query was not " "properly signed - rejecting"); - result = DNS_R_FORMERR; - goto failure; + CLEANUP(DNS_R_FORMERR); } tkeyout = (dns_rdata_tkey_t){ @@ -414,8 +403,8 @@ dns_tkey_processquery(dns_message_t *msg, dns_tkeyctx_t *tctx, /* * A delete operation uses the fully specified qname. */ - RETERR(process_deletetkey(signer, qname, &tkeyin, &tkeyout, - ring)); + CHECK(process_deletetkey(signer, qname, &tkeyin, &tkeyout, + ring)); break; case DNS_TKEYMODE_GSSAPI: keyname = dns_fixedname_initname(&fkeyname); @@ -435,10 +424,10 @@ dns_tkey_processquery(dns_message_t *msg, dns_tkeyctx_t *tctx, isc_nonce_buf(randomdata, sizeof(randomdata)); isc_buffer_init(&b, randomtext, sizeof(randomtext)); - RETERR(isc_hex_totext(&r, 2, "", &b)); - RETERR(dns_name_fromtext(keyname, &b, NULL, 0)); + CHECK(isc_hex_totext(&r, 2, "", &b)); + CHECK(dns_name_fromtext(keyname, &b, NULL, 0)); } - RETERR(dns_name_concatenate(keyname, dns_rootname, keyname)); + CHECK(dns_name_concatenate(keyname, dns_rootname, keyname)); result = dns_tsigkey_find(&tsigkey, keyname, NULL, ring); if (result == ISC_R_SUCCESS) { @@ -446,15 +435,15 @@ dns_tkey_processquery(dns_message_t *msg, dns_tkeyctx_t *tctx, dns_tsigkey_detach(&tsigkey); break; } else if (result == ISC_R_NOTFOUND) { - RETERR(process_gsstkey(msg, keyname, &tkeyin, tctx, - &tkeyout, ring)); + CHECK(process_gsstkey(msg, keyname, &tkeyin, tctx, + &tkeyout, ring)); break; } - goto failure; + goto cleanup; case DNS_TKEYMODE_SERVERASSIGNED: case DNS_TKEYMODE_RESOLVERASSIGNED: result = DNS_R_NOTIMP; - goto failure; + goto cleanup; default: tkeyout.error = dns_tsigerror_badmode; } @@ -467,9 +456,9 @@ dns_tkey_processquery(dns_message_t *msg, dns_tkeyctx_t *tctx, if (tkeyout.key != NULL) { isc_mem_put(tkeyout.mctx, tkeyout.key, tkeyout.keylen); } - RETERR(result); + CHECK(result); - RETERR(dns_message_reply(msg, true)); + CHECK(dns_message_reply(msg, true)); add_rdata_to_list(msg, keyname, &rdata, 0, &namelist); ISC_LIST_FOREACH(namelist, name, link) { @@ -478,7 +467,7 @@ dns_tkey_processquery(dns_message_t *msg, dns_tkeyctx_t *tctx, } return ISC_R_SUCCESS; -failure: +cleanup: free_namelist(msg, &namelist); return result; } @@ -585,10 +574,7 @@ find_tkey(dns_message_t *msg, dns_name_t **name, dns_rdata_t *rdata, result = dns_message_findtype(cur, dns_rdatatype_tkey, 0, &tkeyset); if (result == ISC_R_SUCCESS) { - result = dns_rdataset_first(tkeyset); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(dns_rdataset_first(tkeyset)); dns_rdataset_current(tkeyset, rdata); *name = cur; @@ -622,11 +608,11 @@ dns_tkey_gssnegotiate(dns_message_t *qmsg, dns_message_t *rmsg, return dns_result_fromrcode(rmsg->rcode); } - RETERR(find_tkey(rmsg, &tkeyname, &rtkeyrdata, DNS_SECTION_ANSWER)); - RETERR(dns_rdata_tostruct(&rtkeyrdata, &rtkey, NULL)); + CHECK(find_tkey(rmsg, &tkeyname, &rtkeyrdata, DNS_SECTION_ANSWER)); + CHECK(dns_rdata_tostruct(&rtkeyrdata, &rtkey, NULL)); - RETERR(find_tkey(qmsg, &tkeyname, &qtkeyrdata, DNS_SECTION_ADDITIONAL)); - RETERR(dns_rdata_tostruct(&qtkeyrdata, &qtkey, NULL)); + CHECK(find_tkey(qmsg, &tkeyname, &qtkeyrdata, DNS_SECTION_ADDITIONAL)); + CHECK(dns_rdata_tostruct(&qtkeyrdata, &qtkey, NULL)); if (rtkey.error != dns_rcode_noerror || rtkey.mode != DNS_TKEYMODE_GSSAPI || @@ -634,8 +620,7 @@ dns_tkey_gssnegotiate(dns_message_t *qmsg, dns_message_t *rmsg, { tkey_log("dns_tkey_gssnegotiate: tkey mode invalid " "or error set(4)"); - result = DNS_R_INVALIDTKEY; - goto failure; + CLEANUP(DNS_R_INVALIDTKEY); } isc_buffer_init(&intoken, rtkey.key, rtkey.keylen); @@ -662,22 +647,22 @@ dns_tkey_gssnegotiate(dns_message_t *qmsg, dns_message_t *rmsg, dns_name_clone(DNS_TSIG_GSSAPI_NAME, &tkey.algorithm); dns_message_reset(qmsg, DNS_MESSAGE_INTENTRENDER); - RETERR(buildquery(qmsg, tkeyname, &tkey)); + CHECK(buildquery(qmsg, tkeyname, &tkey)); return DNS_R_CONTINUE; } - RETERR(dst_key_fromgssapi(dns_rootname, *context, rmsg->mctx, &dstkey, - NULL)); + CHECK(dst_key_fromgssapi(dns_rootname, *context, rmsg->mctx, &dstkey, + NULL)); /* * XXXSRA This seems confused. If we got CONTINUE from initctx, * the GSS negotiation hasn't completed yet, so we can't sign * anything yet. */ - RETERR(dns_tsigkey_createfromkey(tkeyname, DST_ALG_GSSAPI, dstkey, true, - false, NULL, rtkey.inception, - rtkey.expire, ring->mctx, &tsigkey)); - RETERR(dns_tsigkeyring_add(ring, tsigkey)); + CHECK(dns_tsigkey_createfromkey(tkeyname, DST_ALG_GSSAPI, dstkey, true, + false, NULL, rtkey.inception, + rtkey.expire, ring->mctx, &tsigkey)); + CHECK(dns_tsigkeyring_add(ring, tsigkey)); if (outkey == NULL) { dns_tsigkey_detach(&tsigkey); } else { @@ -687,7 +672,7 @@ dns_tkey_gssnegotiate(dns_message_t *qmsg, dns_message_t *rmsg, dst_key_free(&dstkey); return result; -failure: +cleanup: if (tsigkey != NULL) { dns_tsigkey_detach(&tsigkey); } diff --git a/lib/dns/transport.c b/lib/dns/transport.c index 558473890a..a6acbf15dd 100644 --- a/lib/dns/transport.c +++ b/lib/dns/transport.c @@ -436,10 +436,7 @@ dns_transport_get_tlsctx(dns_transport_t *transport, const isc_sockaddr_t *peer, * parameters from the configuration file and try to * store it for further reuse. */ - result = isc_tlsctx_createclient(&tlsctx); - if (result != ISC_R_SUCCESS) { - goto failure; - } + CHECK(isc_tlsctx_createclient(&tlsctx)); tls_versions = dns_transport_get_tls_versions(transport); if (tls_versions != 0) { isc_tlsctx_set_protocols(tlsctx, tls_versions); @@ -475,12 +472,8 @@ dns_transport_get_tlsctx(dns_transport_t *transport, const isc_sockaddr_t *peer, * which case the store with system-wide * CA certificates will be created. */ - result = isc_tls_cert_store_create(ca_file, - &store); - - if (result != ISC_R_SUCCESS) { - goto failure; - } + CHECK(isc_tls_cert_store_create(ca_file, + &store)); } else { store = found_store; } @@ -503,12 +496,9 @@ dns_transport_get_tlsctx(dns_transport_t *transport, const isc_sockaddr_t *peer, * Only SubjectAltName must be checked. */ hostname_ignore_subject = true; - result = isc_tlsctx_enable_peer_verification( + CHECK(isc_tlsctx_enable_peer_verification( tlsctx, false, store, hostname, - hostname_ignore_subject); - if (result != ISC_R_SUCCESS) { - goto failure; - } + hostname_ignore_subject)); /* * Let's load client certificate and enable @@ -519,11 +509,8 @@ dns_transport_get_tlsctx(dns_transport_t *transport, const isc_sockaddr_t *peer, if (cert_file != NULL) { INSIST(key_file != NULL); - result = isc_tlsctx_load_certificate( - tlsctx, key_file, cert_file); - if (result != ISC_R_SUCCESS) { - goto failure; - } + CHECK(isc_tlsctx_load_certificate( + tlsctx, key_file, cert_file)); } } @@ -597,7 +584,7 @@ dns_transport_get_tlsctx(dns_transport_t *transport, const isc_sockaddr_t *peer, return ISC_R_SUCCESS; -failure: +cleanup: if (tlsctx != NULL) { isc_tlsctx_free(&tlsctx); } diff --git a/lib/dns/tsig.c b/lib/dns/tsig.c index 88b9d18213..03bcc37a4c 100644 --- a/lib/dns/tsig.c +++ b/lib/dns/tsig.c @@ -350,38 +350,26 @@ restore_key(dns_tsigkeyring_t *ring, isc_stdtime_t now, FILE *fp) { name = dns_fixedname_initname(&fname); isc_buffer_init(&b, namestr, strlen(namestr)); isc_buffer_add(&b, strlen(namestr)); - result = dns_name_fromtext(name, &b, dns_rootname, 0); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(dns_name_fromtext(name, &b, dns_rootname, 0)); creator = dns_fixedname_initname(&fcreator); isc_buffer_init(&b, creatorstr, strlen(creatorstr)); isc_buffer_add(&b, strlen(creatorstr)); - result = dns_name_fromtext(creator, &b, dns_rootname, 0); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(dns_name_fromtext(creator, &b, dns_rootname, 0)); algorithm = dns_fixedname_initname(&falgorithm); isc_buffer_init(&b, algorithmstr, strlen(algorithmstr)); isc_buffer_add(&b, strlen(algorithmstr)); - result = dns_name_fromtext(algorithm, &b, dns_rootname, 0); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(dns_name_fromtext(algorithm, &b, dns_rootname, 0)); dstalg = dns__tsig_algfromname(algorithm); if (dstalg == DST_ALG_UNKNOWN) { return DNS_R_BADALG; } - result = dst_key_restore(name, dstalg, DNS_KEYOWNER_ENTITY, - DNS_KEYPROTO_DNSSEC, dns_rdataclass_in, - ring->mctx, keystr, &dstkey); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(dst_key_restore(name, dstalg, DNS_KEYOWNER_ENTITY, + DNS_KEYPROTO_DNSSEC, dns_rdataclass_in, + ring->mctx, keystr, &dstkey)); result = dns_tsigkey_createfromkey(name, dstalg, dstkey, true, true, creator, inception, expire, @@ -483,13 +471,10 @@ dns_tsigkey_create(const dns_name_t *name, dst_algorithm_t algorithm, isc_buffer_init(&b, secret, length); isc_buffer_add(&b, length); - result = dst_key_frombuffer( + RETERR(dst_key_frombuffer( name, algorithm, DNS_KEYOWNER_ENTITY, DNS_KEYPROTO_DNSSEC, dns_rdataclass_in, &b, - mctx, &dstkey); - if (result != ISC_R_SUCCESS) { - return result; - } + mctx, &dstkey)); } } else if (length > 0) { return DNS_R_BADALG; @@ -609,11 +594,8 @@ dns_tsig_sign(dns_message_t *msg) { * has validated at this point. This is why we include a * MAC length > 0 in the reply. */ - result = dst_context_create(key->key, mctx, - DNS_LOGCATEGORY_DNSSEC, true, &ctx); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(dst_context_create(key->key, mctx, + DNS_LOGCATEGORY_DNSSEC, true, &ctx)); /* * If this is a response, and if there was a TSIG in @@ -880,26 +862,14 @@ dns_tsig_verify(isc_buffer_t *source, dns_message_t *msg, */ keyname = msg->tsigname; - result = dns_rdataset_first(msg->tsig); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(dns_rdataset_first(msg->tsig)); dns_rdataset_current(msg->tsig, &rdata); - result = dns_rdata_tostruct(&rdata, &tsig, NULL); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(dns_rdata_tostruct(&rdata, &tsig, NULL)); dns_rdata_reset(&rdata); if (response) { - result = dns_rdataset_first(msg->querytsig); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(dns_rdataset_first(msg->querytsig)); dns_rdataset_current(msg->querytsig, &rdata); - result = dns_rdata_tostruct(&rdata, &querytsig, NULL); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(dns_rdata_tostruct(&rdata, &querytsig, NULL)); } /* @@ -940,11 +910,8 @@ dns_tsig_verify(isc_buffer_t *source, dns_message_t *msg, if (result != ISC_R_SUCCESS) { msg->tsigstatus = dns_tsigerror_badkey; alg = dns__tsig_algfromname(&tsig.algorithm); - result = dns_tsigkey_create(keyname, alg, NULL, 0, mctx, - &msg->tsigkey); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(dns_tsigkey_create(keyname, alg, NULL, 0, mctx, + &msg->tsigkey)); if (alg == DST_ALG_UNKNOWN) { dns_name_clone(&tsig.algorithm, &msg->tsigkey->algname); @@ -962,10 +929,7 @@ dns_tsig_verify(isc_buffer_t *source, dns_message_t *msg, * Check digest length. */ alg = dst_key_alg(key); - result = dst_key_sigsize(key, &siglen); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(dst_key_sigsize(key, &siglen)); if (dns__tsig_algvalid(alg)) { if (tsig.siglen > siglen) { tsig_log(msg->tsigkey, 2, "signature length too big"); @@ -986,11 +950,8 @@ dns_tsig_verify(isc_buffer_t *source, dns_message_t *msg, sig_r.base = tsig.signature; sig_r.length = tsig.siglen; - result = dst_context_create(key, mctx, DNS_LOGCATEGORY_DNSSEC, - false, &ctx); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(dst_context_create(key, mctx, DNS_LOGCATEGORY_DNSSEC, + false, &ctx)); if (response) { isc_buffer_init(&databuf, data, sizeof(data)); @@ -1220,15 +1181,9 @@ tsig_verify_tcp(isc_buffer_t *source, dns_message_t *msg) { /* * Extract and parse the previous TSIG */ - result = dns_rdataset_first(msg->querytsig); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(dns_rdataset_first(msg->querytsig)); dns_rdataset_current(msg->querytsig, &rdata); - result = dns_rdata_tostruct(&rdata, &querytsig, NULL); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(dns_rdata_tostruct(&rdata, &querytsig, NULL)); dns_rdata_reset(&rdata); /* diff --git a/lib/dns/ttl.c b/lib/dns/ttl.c index 4605abb068..9c0a02d1e3 100644 --- a/lib/dns/ttl.c +++ b/lib/dns/ttl.c @@ -30,13 +30,6 @@ #include -#define RETERR(x) \ - do { \ - isc_result_t _r = (x); \ - if (_r != ISC_R_SUCCESS) \ - return ((_r)); \ - } while (0) - static isc_result_t bind_ttl(isc_textregion_t *source, uint32_t *ttl); diff --git a/lib/dns/update.c b/lib/dns/update.c index ff4ae03c61..99f8318d53 100644 --- a/lib/dns/update.c +++ b/lib/dns/update.c @@ -70,116 +70,6 @@ */ #define LOGLEVEL_DEBUG ISC_LOG_DEBUG(8) -/*% - * Check an operation for failure. These macros all assume that - * the function using them has a 'result' variable and a 'failure' - * label. - */ -#define CHECK(op) \ - do { \ - result = (op); \ - if (result != ISC_R_SUCCESS) \ - goto failure; \ - } while (0) - -/*% - * Fail unconditionally with result 'code', which must not - * be ISC_R_SUCCESS. The reason for failure presumably has - * been logged already. - * - * The test against ISC_R_SUCCESS is there to keep the Solaris compiler - * from complaining about "end-of-loop code not reached". - */ - -#define FAIL(code) \ - do { \ - result = (code); \ - if (result != ISC_R_SUCCESS) \ - goto failure; \ - } while (0) - -/*% - * Fail unconditionally and log as a client error. - * The test against ISC_R_SUCCESS is there to keep the Solaris compiler - * from complaining about "end-of-loop code not reached". - */ -#define FAILC(code, msg) \ - do { \ - const char *_what = "failed"; \ - result = (code); \ - switch (result) { \ - case DNS_R_NXDOMAIN: \ - case DNS_R_YXDOMAIN: \ - case DNS_R_YXRRSET: \ - case DNS_R_NXRRSET: \ - _what = "unsuccessful"; \ - } \ - update_log(log, zone, LOGLEVEL_PROTOCOL, "update %s: %s (%s)", \ - _what, msg, isc_result_totext(result)); \ - if (result != ISC_R_SUCCESS) \ - goto failure; \ - } while (0) - -#define FAILN(code, name, msg) \ - do { \ - const char *_what = "failed"; \ - result = (code); \ - switch (result) { \ - case DNS_R_NXDOMAIN: \ - case DNS_R_YXDOMAIN: \ - case DNS_R_YXRRSET: \ - case DNS_R_NXRRSET: \ - _what = "unsuccessful"; \ - } \ - if (isc_log_wouldlog(LOGLEVEL_PROTOCOL)) { \ - char _nbuf[DNS_NAME_FORMATSIZE]; \ - dns_name_format(name, _nbuf, sizeof(_nbuf)); \ - update_log(log, zone, LOGLEVEL_PROTOCOL, \ - "update %s: %s: %s (%s)", _what, _nbuf, \ - msg, isc_result_totext(result)); \ - } \ - if (result != ISC_R_SUCCESS) \ - goto failure; \ - } while (0) - -#define FAILNT(code, name, type, msg) \ - do { \ - const char *_what = "failed"; \ - result = (code); \ - switch (result) { \ - case DNS_R_NXDOMAIN: \ - case DNS_R_YXDOMAIN: \ - case DNS_R_YXRRSET: \ - case DNS_R_NXRRSET: \ - _what = "unsuccessful"; \ - } \ - if (isc_log_wouldlog(LOGLEVEL_PROTOCOL)) { \ - char _nbuf[DNS_NAME_FORMATSIZE]; \ - char _tbuf[DNS_RDATATYPE_FORMATSIZE]; \ - dns_name_format(name, _nbuf, sizeof(_nbuf)); \ - dns_rdatatype_format(type, _tbuf, sizeof(_tbuf)); \ - update_log(log, zone, LOGLEVEL_PROTOCOL, \ - "update %s: %s/%s: %s (%s)", _what, _nbuf, \ - _tbuf, msg, isc_result_totext(result)); \ - } \ - if (result != ISC_R_SUCCESS) \ - goto failure; \ - } while (0) - -/*% - * Fail unconditionally and log as a server error. - * The test against ISC_R_SUCCESS is there to keep the Solaris compiler - * from complaining about "end-of-loop code not reached". - */ -#define FAILS(code, msg) \ - do { \ - result = (code); \ - update_log(log, zone, LOGLEVEL_PROTOCOL, "error: %s: %s", msg, \ - isc_result_totext(result)); \ - if (result != ISC_R_SUCCESS) \ - goto failure; \ - } while (0) - /**************************************************************************/ typedef struct rr rr_t; @@ -314,17 +204,13 @@ typedef struct { */ static isc_result_t foreach_node_rr_action(void *data, dns_rdataset_t *rdataset) { - isc_result_t result; foreach_node_rr_ctx_t *ctx = data; DNS_RDATASET_FOREACH(rdataset) { rr_t rr = { 0, DNS_RDATA_INIT }; dns_rdataset_current(rdataset, &rr.rdata); rr.ttl = rdataset->ttl; - result = (*ctx->rr_action)(ctx->rr_action_data, &rr); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR((*ctx->rr_action)(ctx->rr_action_data, &rr)); } return ISC_R_SUCCESS; @@ -737,7 +623,7 @@ namelist_append_subdomain(dns_db_t *db, dns_name_t *name, if (result == ISC_R_NOMORE) { result = ISC_R_SUCCESS; } -failure: +cleanup: if (dbit != NULL) { dns_dbiterator_destroy(&dbit); } @@ -802,7 +688,7 @@ uniqify_name_list(dns_diff_t *list) { dns_difftuple_free(&p); } } -failure: +cleanup: return result; } @@ -898,8 +784,7 @@ next_active(dns_update_log_t *log, dns_zone_t *zone, dns_db_t *db, if (wraps == 2) { update_log(log, zone, ISC_LOG_ERROR, "secure zone with no NSECs"); - result = DNS_R_BADZONE; - goto failure; + CLEANUP(DNS_R_BADZONE); } } CHECK(dns_dbiterator_current(dbit, &node, newname)); @@ -935,7 +820,7 @@ next_active(dns_update_log_t *log, dns_zone_t *zone, dns_db_t *db, } } } while (!has_nsec); -failure: +cleanup: if (dbit != NULL) { dns_dbiterator_destroy(&dbit); } @@ -987,7 +872,7 @@ add_nsec(dns_update_log_t *log, dns_zone_t *zone, dns_db_t *db, CHECK(do_one_tuple(&tuple, db, ver, diff)); INSIST(tuple == NULL); -failure: +cleanup: if (node != NULL) { dns_db_detachnode(&node); } @@ -1012,7 +897,7 @@ add_placeholder_nsec(dns_db_t *db, dns_dbversion_t *ver, dns_name_t *name, dns_difftuple_create(diff->mctx, DNS_DIFFOP_ADD, name, 0, &rdata, &tuple); CHECK(do_one_tuple(&tuple, db, ver, diff)); -failure: +cleanup: return result; } @@ -1219,7 +1104,7 @@ add_sigs(dns_update_log_t *log, dns_zone_t *zone, dns_db_t *db, /* Look up the signature in the SKR bundle */ dns_skrbundle_t *bundle = dns_zone_getskrbundle(zone); if (bundle == NULL) { - CHECK(DNS_R_NOSKRBUNDLE); + CLEANUP(DNS_R_NOSKRBUNDLE); } CHECK(dns_skrbundle_getsig(bundle, keys[i], type, &sig_rdata)); @@ -1251,7 +1136,7 @@ add_sigs(dns_update_log_t *log, dns_zone_t *zone, dns_db_t *db, result = ISC_R_NOTFOUND; } -failure: +cleanup: if (dns_rdataset_isassociated(&rdataset)) { dns_rdataset_disassociate(&rdataset); } @@ -1281,9 +1166,8 @@ del_keysigs(dns_db_t *db, dns_dbversion_t *ver, dns_name_t *name, if (result == ISC_R_NOTFOUND) { return ISC_R_SUCCESS; } - if (result != ISC_R_SUCCESS) { - goto failure; - } + CHECK(result); + result = dns_db_findrdataset(db, node, ver, dns_rdatatype_rrsig, dns_rdatatype_dnskey, (isc_stdtime_t)0, &rdataset, NULL); @@ -1292,9 +1176,7 @@ del_keysigs(dns_db_t *db, dns_dbversion_t *ver, dns_name_t *name, if (result == ISC_R_NOTFOUND) { return ISC_R_SUCCESS; } - if (result != ISC_R_SUCCESS) { - goto failure; - } + CHECK(result); DNS_RDATASET_FOREACH(&rdataset) { dns_rdata_t rdata = DNS_RDATA_INIT; @@ -1335,7 +1217,7 @@ del_keysigs(dns_db_t *db, dns_dbversion_t *ver, dns_name_t *name, } dns_rdataset_disassociate(&rdataset); -failure: +cleanup: if (node != NULL) { dns_db_detachnode(&node); } @@ -1525,7 +1407,7 @@ dns_update_signaturesinc(dns_update_log_t *log, dns_zone_t *zone, dns_db_t *db, update_log(log, zone, ISC_LOG_ERROR, "could not get zone keys for secure " "dynamic update"); - goto failure; + goto cleanup; } state->now = isc_stdtime_now(); @@ -1947,7 +1829,7 @@ next_state: if (!state->build_nsec3) { update_log(log, zone, ISC_LOG_DEBUG(3), "no NSEC3 chains to rebuild"); - goto failure; + goto cleanup; } update_log(log, zone, ISC_LOG_DEBUG(3), @@ -2119,7 +2001,7 @@ next_state: UNREACHABLE(); } -failure: +cleanup: if (node != NULL) { dns_db_detachnode(&node); } diff --git a/lib/dns/validator.c b/lib/dns/validator.c index ba62d9a344..1721f671c7 100644 --- a/lib/dns/validator.c +++ b/lib/dns/validator.c @@ -445,8 +445,7 @@ fetch_callback_dnskey(void *arg) { dns_resolver_destroyfetch(&val->fetch); if (CANCELED(val) || CANCELING(val)) { - result = ISC_R_CANCELED; - goto cleanup; + CLEANUP(ISC_R_CANCELED); } if (trustchain) { @@ -541,8 +540,7 @@ fetch_callback_ds(void *arg) { dns_resolver_destroyfetch(&val->fetch); if (CANCELED(val) || CANCELING(val)) { - result = ISC_R_CANCELED; - goto cleanup; + CLEANUP(ISC_R_CANCELED); } if (trustchain) { @@ -650,8 +648,7 @@ validator_callback_dnskey(void *arg) { val->subvalidator = NULL; if (CANCELED(val) || CANCELING(val)) { - result = ISC_R_CANCELED; - goto cleanup; + CLEANUP(ISC_R_CANCELED); } validator_log(val, ISC_LOG_DEBUG(3), "in validator_callback_dnskey"); @@ -704,8 +701,7 @@ validator_callback_ds(void *arg) { val->subvalidator = NULL; if (CANCELED(val) || CANCELING(val)) { - result = ISC_R_CANCELED; - goto cleanup; + CLEANUP(ISC_R_CANCELED); } validator_log(val, ISC_LOG_DEBUG(3), "in validator_callback_ds"); @@ -769,8 +765,7 @@ validator_callback_cname(void *arg) { val->subvalidator = NULL; if (CANCELED(val) || CANCELING(val)) { - result = ISC_R_CANCELED; - goto cleanup; + CLEANUP(ISC_R_CANCELED); } validator_log(val, ISC_LOG_DEBUG(3), "in validator_callback_cname"); @@ -814,8 +809,7 @@ validator_callback_nsec(void *arg) { val->subvalidator = NULL; if (CANCELED(val) || CANCELING(val)) { - result = ISC_R_CANCELED; - goto cleanup; + CLEANUP(ISC_R_CANCELED); } validator_log(val, ISC_LOG_DEBUG(3), "in validator_callback_nsec"); @@ -1186,13 +1180,10 @@ seek_dnskey(dns_validator_t *val) { * we had a key with trust level "answer" and * a DS record for the zone has now been added. */ - result = create_validator( + RETERR(create_validator( val, &siginfo->signer, dns_rdatatype_dnskey, &val->frdataset, &val->fsigrdataset, - validator_callback_dnskey, "seek_dnskey"); - if (result != ISC_R_SUCCESS) { - return result; - } + validator_callback_dnskey, "seek_dnskey")); return DNS_R_WAIT; } else if (val->frdataset.trust < dns_trust_secure) { /* @@ -1229,12 +1220,8 @@ seek_dnskey(dns_validator_t *val) { /* * We don't know anything about this key. */ - result = create_fetch(val, &siginfo->signer, - dns_rdatatype_dnskey, - fetch_callback_dnskey, "seek_dnskey"); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(create_fetch(val, &siginfo->signer, dns_rdatatype_dnskey, + fetch_callback_dnskey, "seek_dnskey")); return DNS_R_WAIT; case DNS_R_NCACHENXDOMAIN: @@ -1575,8 +1562,7 @@ validate_answer_iter_start(dns_validator_t *val) { val->attributes &= ~VALATTR_OFFLOADED; if (CANCELING(val)) { validator_cancel_finish(val); - result = ISC_R_CANCELED; - goto cleanup; + CLEANUP(ISC_R_CANCELED); } if (val->resume) { @@ -1607,8 +1593,7 @@ validate_answer_iter_next(void *arg) { val->attributes &= ~VALATTR_OFFLOADED; if (CANCELING(val)) { validator_cancel_finish(val); - result = ISC_R_CANCELED; - goto cleanup; + CLEANUP(ISC_R_CANCELED); } val->resume = false; @@ -1698,8 +1683,7 @@ validate_answer_process(void *arg) { val->attributes &= ~VALATTR_OFFLOADED; if (CANCELING(val)) { validator_cancel_finish(val); - result = ISC_R_CANCELED; - goto cleanup; + CLEANUP(ISC_R_CANCELED); } dns_rdata_reset(&val->rdata); @@ -1709,10 +1693,7 @@ validate_answer_process(void *arg) { val->siginfo = isc_mem_get(val->view->mctx, sizeof(*val->siginfo)); } - result = dns_rdata_tostruct(&val->rdata, val->siginfo, NULL); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(dns_rdata_tostruct(&val->rdata, val->siginfo, NULL)); /* * At this point we could check that the signature algorithm @@ -1760,7 +1741,6 @@ validate_answer_process(void *arg) { next_key: result = validate_async_run(val, validate_answer_iter_next); - goto cleanup; cleanup: validate_async_done(val, result); @@ -1921,11 +1901,8 @@ check_signer(dns_validator_t *val, dns_rdata_t *keyrdata, uint16_t keyid, dst_key_t *dstkey = NULL; dns_rdataset_t rdataset = DNS_RDATASET_INIT; - result = dns_dnssec_keyfromrdata(val->name, keyrdata, val->view->mctx, - &dstkey); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(dns_dnssec_keyfromrdata(val->name, keyrdata, val->view->mctx, + &dstkey)); dns_rdataset_clone(val->sigrdataset, &rdataset); DNS_RDATASET_FOREACH(&rdataset) { @@ -2256,8 +2233,7 @@ validate_dnskey(void *arg) { dns_rdata_ds_t ds; if (CANCELED(val) || CANCELING(val)) { - result = ISC_R_CANCELED; - goto cleanup; + CLEANUP(ISC_R_CANCELED); } /* @@ -2292,8 +2268,7 @@ validate_dnskey(void *arg) { validator_log(val, ISC_LOG_DEBUG(3), "no trusted root key"); } - result = DNS_R_NOVALIDSIG; - goto cleanup; + CLEANUP(DNS_R_NOVALIDSIG); } /* @@ -2380,7 +2355,7 @@ static isc_result_t val_rdataset_first(dns_validator_t *val, dns_name_t **namep, dns_rdataset_t **rdatasetp) { dns_message_t *message = val->message; - isc_result_t result; + isc_result_t result = ISC_R_SUCCESS; REQUIRE(rdatasetp != NULL); REQUIRE(namep != NULL); @@ -2393,10 +2368,7 @@ val_rdataset_first(dns_validator_t *val, dns_name_t **namep, } if (message != NULL) { - result = dns_message_firstname(message, DNS_SECTION_AUTHORITY); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(dns_message_firstname(message, DNS_SECTION_AUTHORITY)); dns_message_currentname(message, DNS_SECTION_AUTHORITY, namep); *rdatasetp = ISC_LIST_HEAD((*namep)->list); INSIST(*rdatasetp != NULL); @@ -2406,6 +2378,7 @@ val_rdataset_first(dns_validator_t *val, dns_name_t **namep, dns_ncache_current(val->rdataset, *namep, *rdatasetp); } } + return result; } @@ -2760,8 +2733,6 @@ findnsec3proofs(dns_validator_t *val) { static isc_result_t validate_neg_rrset(dns_validator_t *val, dns_name_t *name, dns_rdataset_t *rdataset, dns_rdataset_t *sigrdataset) { - isc_result_t result; - /* * If a signed zone is missing the zone key, bad * things could happen. A query for data in the zone @@ -2778,10 +2749,7 @@ validate_neg_rrset(dns_validator_t *val, dns_name_t *name, { dns_rdata_t nsec = DNS_RDATA_INIT; - result = dns_rdataset_first(rdataset); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(dns_rdataset_first(rdataset)); dns_rdataset_current(rdataset, &nsec); if (dns_nsec_typepresent(&nsec, dns_rdatatype_soa)) { return DNS_R_CONTINUE; @@ -2789,12 +2757,9 @@ validate_neg_rrset(dns_validator_t *val, dns_name_t *name, } val->nxset = rdataset; - result = create_validator(val, name, rdataset->type, rdataset, - sigrdataset, validator_callback_nsec, - "validate_neg_rrset"); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(create_validator(val, name, rdataset->type, rdataset, + sigrdataset, validator_callback_nsec, + "validate_neg_rrset")); val->authcount++; return DNS_R_WAIT; @@ -2999,10 +2964,7 @@ validate_nx(dns_validator_t *val, bool resume) { if (FOUNDNOQNAME(val) && FOUNDCLOSEST(val) && ((NEEDNODATA(val) && !FOUNDNODATA(val)) || NEEDNOWILDCARD(val))) { - result = checkwildcard(val, dns_rdatatype_nsec, NULL); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(checkwildcard(val, dns_rdatatype_nsec, NULL)); } if ((NEEDNODATA(val) && (FOUNDNODATA(val) || FOUNDOPTOUT(val))) || @@ -3587,8 +3549,7 @@ validator_start(void *arg) { isc_result_t result = ISC_R_FAILURE; if (CANCELED(val) || CANCELING(val)) { - result = ISC_R_CANCELED; - goto cleanup; + CLEANUP(ISC_R_CANCELED); } validator_log(val, ISC_LOG_DEBUG(3), "starting"); @@ -3680,7 +3641,6 @@ dns_validator_create(dns_view_t *view, dns_name_t *name, dns_rdatatype_t type, isc_counter_t *nvalidations, isc_counter_t *nfails, isc_counter_t *qc, isc_counter_t *gqc, fetchctx_t *parent, dns_edectx_t *edectx, dns_validator_t **validatorp) { - isc_result_t result = ISC_R_FAILURE; dns_validator_t *val = NULL; dns_keytable_t *kt = NULL; @@ -3690,10 +3650,7 @@ dns_validator_create(dns_view_t *view, dns_name_t *name, dns_rdatatype_t type, REQUIRE(validatorp != NULL && *validatorp == NULL); REQUIRE(edectx != NULL); - result = dns_view_getsecroots(view, &kt); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(dns_view_getsecroots(view, &kt)); val = isc_mem_get(view->mctx, sizeof(*val)); *val = (dns_validator_t){ diff --git a/lib/dns/view.c b/lib/dns/view.c index 7efc9234a2..492cab865a 100644 --- a/lib/dns/view.c +++ b/lib/dns/view.c @@ -66,13 +66,6 @@ #include #include -#define CHECK(op) \ - do { \ - result = (op); \ - if (result != ISC_R_SUCCESS) \ - goto cleanup; \ - } while (0) - #define DNS_VIEW_DELONLYHASH 111 /*% @@ -544,12 +537,8 @@ dns_view_createresolver(dns_view_t *view, unsigned int options, REQUIRE(view->resolver == NULL); REQUIRE(view->dispatchmgr != NULL); - result = dns_resolver_create(view, options, tlsctx_cache, dispatchv4, - dispatchv6, &view->resolver); - if (result != ISC_R_SUCCESS) { - return result; - } - + RETERR(dns_resolver_create(view, options, tlsctx_cache, dispatchv4, + dispatchv6, &view->resolver)); isc_mem_create("ADB", &mctx); dns_adb_create(mctx, view, &view->adb); isc_mem_detach(&mctx); @@ -1082,8 +1071,7 @@ dns_view_findzonecut(dns_view_t *view, const dns_name_t *name, try_hints = true; goto finish; } else { - result = DNS_R_NXDOMAIN; - goto cleanup; + CLEANUP(DNS_R_NXDOMAIN); } } else if (result != ISC_R_SUCCESS) { /* @@ -1361,15 +1349,9 @@ dns_view_getpeertsig(dns_view_t *view, const isc_netaddr_t *peeraddr, dns_name_t *keyname = NULL; dns_peer_t *peer = NULL; - result = dns_peerlist_peerbyaddr(view->peers, peeraddr, &peer); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(dns_peerlist_peerbyaddr(view->peers, peeraddr, &peer)); - result = dns_peer_getkey(peer, &keyname); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(dns_peer_getkey(peer, &keyname)); result = dns_view_gettsig(view, keyname, keyp); return (result == ISC_R_NOTFOUND) ? ISC_R_FAILURE : result; @@ -1386,7 +1368,6 @@ dns_view_checksig(dns_view_t *view, isc_buffer_t *source, dns_message_t *msg) { isc_result_t dns_view_flushcache(dns_view_t *view, bool fixuponly) { - isc_result_t result; dns_adb_t *adb = NULL; REQUIRE(DNS_VIEW_VALID(view)); @@ -1395,10 +1376,7 @@ dns_view_flushcache(dns_view_t *view, bool fixuponly) { return ISC_R_SUCCESS; } if (!fixuponly) { - result = dns_cache_flush(view->cache); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(dns_cache_flush(view->cache)); } dns_db_detach(&view->cachedb); dns_cache_attachdb(view->cache, &view->cachedb); @@ -1857,7 +1835,7 @@ dns_view_loadnta(dns_view_t *view) { if (token.type == isc_tokentype_eof) { break; } else if (token.type != isc_tokentype_string) { - CHECK(ISC_R_UNEXPECTEDTOKEN); + CLEANUP(ISC_R_UNEXPECTEDTOKEN); } name = TSTR(token); len = TLEN(token); @@ -1876,7 +1854,7 @@ dns_view_loadnta(dns_view_t *view) { CHECK(isc_lex_gettoken(lex, options, &token)); if (token.type != isc_tokentype_string) { - CHECK(ISC_R_UNEXPECTEDTOKEN); + CLEANUP(ISC_R_UNEXPECTEDTOKEN); } type = TSTR(token); @@ -1885,12 +1863,12 @@ dns_view_loadnta(dns_view_t *view) { } else if (strcmp(type, "forced") == 0) { forced = true; } else { - CHECK(ISC_R_UNEXPECTEDTOKEN); + CLEANUP(ISC_R_UNEXPECTEDTOKEN); } CHECK(isc_lex_gettoken(lex, options, &token)); if (token.type != isc_tokentype_string) { - CHECK(ISC_R_UNEXPECTEDTOKEN); + CLEANUP(ISC_R_UNEXPECTEDTOKEN); } timestamp = TSTR(token); CHECK(dns_time32_fromtext(timestamp, &t)); @@ -1899,7 +1877,7 @@ dns_view_loadnta(dns_view_t *view) { if (token.type != isc_tokentype_eol && token.type != isc_tokentype_eof) { - CHECK(ISC_R_UNEXPECTEDTOKEN); + CLEANUP(ISC_R_UNEXPECTEDTOKEN); } if (now <= t) { @@ -2132,8 +2110,7 @@ dns_view_addtrustedkey(dns_view_t *view, dns_rdatatype_t rdtype, REQUIRE(view->rdclass == dns_rdataclass_in); if (rdtype != dns_rdatatype_dnskey && rdtype != dns_rdatatype_ds) { - result = ISC_R_NOTIMPLEMENTED; - goto cleanup; + CLEANUP(ISC_R_NOTIMPLEMENTED); } isc_buffer_init(&b, rdatabuf, sizeof(rdatabuf)); diff --git a/lib/dns/xfrin.c b/lib/dns/xfrin.c index f68f63b515..60bee11806 100644 --- a/lib/dns/xfrin.c +++ b/lib/dns/xfrin.c @@ -55,14 +55,6 @@ * Incoming AXFR and IXFR. */ -#define CHECK(op) \ - { \ - result = (op); \ - if (result != ISC_R_SUCCESS) { \ - goto failure; \ - } \ - } - /*% * The states of the *XFR state machine. We handle both IXFR and AXFR * with a single integrated state machine because they cannot be @@ -306,7 +298,7 @@ axfr_init(dns_xfrin_t *xfr) { dns_rdatacallbacks_init(&xfr->axfr); CHECK(dns_db_beginload(xfr->db, &xfr->axfr)); result = ISC_R_SUCCESS; -failure: +cleanup: return result; } @@ -341,7 +333,7 @@ axfr_putdata(dns_xfrin_t *xfr, dns_diffop_t op, dns_name_t *name, dns_ttl_t ttl, dns_diff_append(&xfr->diff, &tuple); result = ISC_R_SUCCESS; -failure: +cleanup: return result; } @@ -360,20 +352,18 @@ axfr_apply(void *arg) { uint64_t records; if (atomic_load(&xfr->shuttingdown)) { - result = ISC_R_SHUTTINGDOWN; - goto failure; + CLEANUP(ISC_R_SHUTTINGDOWN); } CHECK(dns_diff_load(&xfr->diff, &xfr->axfr)); if (xfr->maxrecords != 0U) { result = dns_db_getsize(xfr->db, xfr->ver, &records, NULL); if (result == ISC_R_SUCCESS && records > xfr->maxrecords) { - result = DNS_R_TOOMANYRECORDS; - goto failure; + CLEANUP(DNS_R_TOOMANYRECORDS); } } -failure: +cleanup: dns_diff_clear(&xfr->diff); work->result = result; } @@ -399,7 +389,7 @@ axfr_apply_done(void *arg) { (void)dns_db_endload(xfr->db, &xfr->axfr); } -failure: +cleanup: xfr->diff_running = false; isc_mem_put(xfr->mctx, work, sizeof(*work)); @@ -471,7 +461,7 @@ ixfr_init(dns_xfrin_t *xfr) { } result = ISC_R_SUCCESS; -failure: +cleanup: return result; } @@ -493,7 +483,7 @@ ixfr_putdata(dns_xfrin_t *xfr, dns_diffop_t op, dns_name_t *name, dns_ttl_t ttl, dns_diff_append(&xfr->diff, &tuple); xfr->ixfr.diffs++; -failure: +cleanup: return result; } @@ -504,7 +494,7 @@ ixfr_begin_transaction(dns_xfrin_t *xfr) { if (xfr->ixfr.journal != NULL) { CHECK(dns_journal_begin_transaction(xfr->ixfr.journal)); } -failure: +cleanup: return result; } @@ -517,7 +507,7 @@ ixfr_end_transaction(dns_xfrin_t *xfr) { if (xfr->ixfr.journal != NULL) { CHECK(dns_journal_commit(xfr->ixfr.journal)); } -failure: +cleanup: return result; } @@ -532,8 +522,7 @@ ixfr_apply_one(dns_xfrin_t *xfr, ixfr_apply_data_t *data) { if (xfr->maxrecords != 0U) { result = dns_db_getsize(xfr->db, xfr->ver, &records, NULL); if (result == ISC_R_SUCCESS && records > xfr->maxrecords) { - result = DNS_R_TOOMANYRECORDS; - goto failure; + CLEANUP(DNS_R_TOOMANYRECORDS); } } if (xfr->ixfr.journal != NULL) { @@ -543,7 +532,7 @@ ixfr_apply_one(dns_xfrin_t *xfr, ixfr_apply_data_t *data) { result = ixfr_end_transaction(xfr); return result; -failure: +cleanup: /* We need to end the transaction, but keep the previous error */ (void)ixfr_end_transaction(xfr); @@ -606,9 +595,7 @@ ixfr_apply_done(void *arg) { result = ISC_R_SHUTTINGDOWN; } - if (result != ISC_R_SUCCESS) { - goto failure; - } + CHECK(result); /* Reschedule */ if (!cds_wfcq_empty(&xfr->diff_head, &xfr->diff_tail)) { @@ -616,7 +603,7 @@ ixfr_apply_done(void *arg) { return; } -failure: +cleanup: xfr->diff_running = false; isc_mem_put(xfr->mctx, work, sizeof(*work)); @@ -670,7 +657,7 @@ ixfr_commit(dns_xfrin_t *xfr) { isc_work_enqueue(xfr->loop, ixfr_apply, ixfr_apply_done, work); } -failure: +cleanup: return result; } @@ -697,8 +684,7 @@ xfr_rr(dns_xfrin_t *xfr, dns_name_t *name, uint32_t ttl, dns_rdata_t *rdata) { dns_rdatatype_format(rdata->type, buf, sizeof(buf)); xfrin_log(xfr, ISC_LOG_NOTICE, "Unexpected %s record in zone transfer", buf); - result = DNS_R_FORMERR; - goto failure; + CLEANUP(DNS_R_FORMERR); } /* @@ -713,8 +699,7 @@ xfr_rr(dns_xfrin_t *xfr, dns_name_t *name, uint32_t ttl, dns_rdata_t *rdata) { dns_name_format(name, namebuf, sizeof(namebuf)); xfrin_log(xfr, ISC_LOG_DEBUG(3), "SOA name mismatch: '%s'", namebuf); - result = DNS_R_NOTZONETOP; - goto failure; + CLEANUP(DNS_R_NOTZONETOP); } redo: @@ -723,8 +708,7 @@ redo: if (rdata->type != dns_rdatatype_soa) { xfrin_log(xfr, ISC_LOG_NOTICE, "non-SOA response to SOA query"); - result = DNS_R_FORMERR; - goto failure; + CLEANUP(DNS_R_FORMERR); } end_serial = dns_soa_getserial(rdata); atomic_store_relaxed(&xfr->end_serial, end_serial); @@ -735,8 +719,7 @@ redo: "requested serial %u, " "primary has %" PRIuFAST32 ", not updating", xfr->ixfr.request_serial, end_serial); - result = DNS_R_UPTODATE; - goto failure; + CLEANUP(DNS_R_UPTODATE); } atomic_store(&xfr->state, XFRST_GOTSOA); break; @@ -751,8 +734,7 @@ redo: if (rdata->type != dns_rdatatype_soa) { xfrin_log(xfr, ISC_LOG_NOTICE, "first RR in zone transfer must be SOA"); - result = DNS_R_FORMERR; - goto failure; + CLEANUP(DNS_R_FORMERR); } /* * Remember the serial number in the initial SOA. @@ -773,8 +755,7 @@ redo: "requested serial %u, " "primary has %" PRIuFAST32 ", not updating", xfr->ixfr.request_serial, end_serial); - result = DNS_R_UPTODATE; - goto failure; + CLEANUP(DNS_R_UPTODATE); } xfr->firstsoa = *rdata; if (xfr->firstsoa_data != NULL) { @@ -842,8 +823,7 @@ redo: "IXFR out of sync: " "expected serial %u, got %u", xfr->ixfr.current_serial, soa_serial); - result = DNS_R_FORMERR; - goto failure; + CLEANUP(DNS_R_FORMERR); } else { CHECK(ixfr_commit(xfr)); atomic_store(&xfr->state, XFRST_IXFR_DELSOA); @@ -853,8 +833,7 @@ redo: if (rdata->type == dns_rdatatype_ns && dns_name_iswildcard(name)) { - result = DNS_R_INVALIDNS; - goto failure; + CLEANUP(DNS_R_INVALIDNS); } CHECK(ixfr_putdata(xfr, DNS_DIFFOP_ADD, name, ttl, rdata)); break; @@ -879,8 +858,7 @@ redo: xfrin_log(xfr, ISC_LOG_NOTICE, "start and ending SOA records " "mismatch"); - result = DNS_R_FORMERR; - goto failure; + CLEANUP(DNS_R_FORMERR); } axfr_commit(xfr); atomic_store(&xfr->state, XFRST_AXFR_END); @@ -889,13 +867,13 @@ redo: break; case XFRST_AXFR_END: case XFRST_IXFR_END: - result = DNS_R_EXTRADATA; - goto failure; + CLEANUP(DNS_R_EXTRADATA); + break; default: UNREACHABLE(); } result = ISC_R_SUCCESS; -failure: +cleanup: return result; } @@ -1310,8 +1288,7 @@ xfrin_start(dns_xfrin_t *xfr) { dns_dispatchmgr_t *dispmgr = dns_view_getdispatchmgr(xfr->view); if (dispmgr == NULL) { - result = ISC_R_SHUTTINGDOWN; - goto failure; + CLEANUP(ISC_R_SHUTTINGDOWN); } primaries_timeout = isc_nm_getprimariestimeout(); @@ -1319,9 +1296,7 @@ xfrin_start(dns_xfrin_t *xfr) { &xfr->primaryaddr, xfr->transport, DNS_DISPATCHOPT_UNSHARED, &xfr->disp); dns_dispatchmgr_detach(&dispmgr); - if (result != ISC_R_SUCCESS) { - goto failure; - } + CHECK(result); LIBDNS_XFRIN_START(xfr, xfr->info); @@ -1388,7 +1363,7 @@ xfrin_start(dns_xfrin_t *xfr) { return ISC_R_SUCCESS; -failure: +cleanup: xfrin_cancelio(xfr); dns_xfrin_detach(&xfr); @@ -1410,7 +1385,7 @@ render(dns_message_t *msg, isc_mem_t *mctx, isc_buffer_t *buf) { CHECK(dns_message_rendersection(msg, DNS_SECTION_ADDITIONAL, 0)); CHECK(dns_message_renderend(msg)); result = ISC_R_SUCCESS; -failure: +cleanup: dns_compress_invalidate(&cctx); return result; } @@ -1437,13 +1412,13 @@ xfrin_connect_done(isc_result_t result, isc_region_t *region ISC_ATTR_UNUSED, if (result != ISC_R_SUCCESS) { xfrin_fail(xfr, result, "failed to connect"); - goto failure; + goto cleanup; } result = dns_dispatch_checkperm(xfr->disp); if (result != ISC_R_SUCCESS) { xfrin_fail(xfr, result, "connected but unable to transfer"); - goto failure; + goto cleanup; } zmgr = dns_zone_getmgr(xfr->zone); @@ -1472,7 +1447,7 @@ xfrin_connect_done(isc_result_t result, isc_region_t *region ISC_ATTR_UNUSED, return; -failure: +cleanup: switch (result) { case ISC_R_NETDOWN: case ISC_R_HOSTDOWN: @@ -1551,24 +1526,16 @@ request_type(dns_xfrin_t *xfr) { static isc_result_t add_opt(dns_message_t *message, uint16_t udpsize, bool reqnsid, bool reqexpire) { - isc_result_t result; - dns_message_ednsinit(message, 0, udpsize, 0, 0); /* Set EDNS options if applicable. */ if (reqnsid) { dns_ednsopt_t option = { .code = DNS_OPT_NSID }; - result = dns_message_ednsaddopt(message, &option); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(dns_message_ednsaddopt(message, &option)); } if (reqexpire) { dns_ednsopt_t option = { .code = DNS_OPT_EXPIRE }; - result = dns_message_ednsaddopt(message, &option); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(dns_message_ednsaddopt(message, &option)); } return dns_message_setopt(message); @@ -1682,7 +1649,7 @@ xfrin_send_request(dns_xfrin_t *xfr) { xfrin_log(xfr, ISC_LOG_DEBUG(3), "sending %s request, QID %d", request_type(xfr), xfr->id); -failure: +cleanup: dns_message_detach(&msg); if (soatuple != NULL) { dns_difftuple_free(&soatuple); @@ -1712,7 +1679,7 @@ xfrin_send_done(isc_result_t result, isc_region_t *region, void *arg) { xfrin_log(xfr, ISC_LOG_DEBUG(3), "sent request data"); -failure: +cleanup: if (result != ISC_R_SUCCESS) { xfrin_fail(xfr, result, "failed sending request data"); } @@ -1866,7 +1833,7 @@ xfrin_recv_done(isc_result_t result, isc_region_t *region, void *arg) { if (xfr->reqtype == dns_rdatatype_axfr || xfr->reqtype == dns_rdatatype_soa) { - goto failure; + goto cleanup; } xfrin_log(xfr, ISC_LOG_DEBUG(3), "got %s, retrying with AXFR", @@ -1896,8 +1863,7 @@ xfrin_recv_done(isc_result_t result, isc_region_t *region, void *arg) { if (msg->counts[DNS_SECTION_QUESTION] > 1) { xfrin_log(xfr, ISC_LOG_NOTICE, "too many questions (%u)", msg->counts[DNS_SECTION_QUESTION]); - result = DNS_R_FORMERR; - goto failure; + CLEANUP(DNS_R_FORMERR); } if ((atomic_load(&xfr->state) == XFRST_SOAQUERY || @@ -1905,8 +1871,7 @@ xfrin_recv_done(isc_result_t result, isc_region_t *region, void *arg) { msg->counts[DNS_SECTION_QUESTION] != 1) { xfrin_log(xfr, ISC_LOG_NOTICE, "missing question section"); - result = DNS_R_FORMERR; - goto failure; + CLEANUP(DNS_R_FORMERR); } MSG_SECTION_FOREACH(msg, DNS_SECTION_QUESTION, name) { @@ -1917,22 +1882,19 @@ xfrin_recv_done(isc_result_t result, isc_region_t *region, void *arg) { if (!dns_name_equal(name, &xfr->name)) { xfrin_log(xfr, ISC_LOG_NOTICE, "question name mismatch"); - result = DNS_R_FORMERR; - goto failure; + CLEANUP(DNS_R_FORMERR); } rds = ISC_LIST_HEAD(name->list); INSIST(rds != NULL); if (rds->type != xfr->reqtype) { xfrin_log(xfr, ISC_LOG_NOTICE, "question type mismatch"); - result = DNS_R_FORMERR; - goto failure; + CLEANUP(DNS_R_FORMERR); } if (rds->rdclass != xfr->rdclass) { xfrin_log(xfr, ISC_LOG_NOTICE, "question class mismatch"); - result = DNS_R_FORMERR; - goto failure; + CLEANUP(DNS_R_FORMERR); } } @@ -1954,15 +1916,14 @@ xfrin_recv_done(isc_result_t result, isc_region_t *region, void *arg) { if (xfr->reqtype == dns_rdatatype_soa && (msg->flags & DNS_MESSAGEFLAG_AA) == 0) { - result = DNS_R_NOTAUTHORITATIVE; - goto failure; + CLEANUP(DNS_R_NOTAUTHORITATIVE); } result = dns_message_checksig(msg, xfr->view); if (result != ISC_R_SUCCESS) { xfrin_log(xfr, ISC_LOG_DEBUG(3), "TSIG check failed: %s", isc_result_totext(result)); - goto failure; + goto cleanup; } MSG_SECTION_FOREACH(msg, DNS_SECTION_ANSWER, name) { @@ -2014,8 +1975,7 @@ xfrin_recv_done(isc_result_t result, isc_region_t *region, void *arg) { atomic_load(&xfr->state) == XFRST_AXFR_END || atomic_load(&xfr->state) == XFRST_IXFR_END) { - result = DNS_R_EXPECTEDTSIG; - goto failure; + CLEANUP(DNS_R_EXPECTEDTSIG); } } @@ -2055,10 +2015,7 @@ xfrin_recv_done(isc_result_t result, isc_region_t *region, void *arg) { * Read the next message. */ dns_message_detach(&msg); - result = dns_dispatch_getnext(xfr->dispentry); - if (result != ISC_R_SUCCESS) { - goto failure; - } + CHECK(dns_dispatch_getnext(xfr->dispentry)); isc_interval_t interval; isc_interval_set(&interval, dns_zone_getidlein(xfr->zone), 0); @@ -2069,7 +2026,7 @@ xfrin_recv_done(isc_result_t result, isc_region_t *region, void *arg) { return; } -failure: +cleanup: if (result != ISC_R_SUCCESS) { xfrin_fail(xfr, result, "failed while receiving responses"); } diff --git a/lib/dns/zone.c b/lib/dns/zone.c index cfe76c9706..927c57e809 100644 --- a/lib/dns/zone.c +++ b/lib/dns/zone.c @@ -219,13 +219,6 @@ typedef struct dns_include dns_include_t; #define ZONEDB_LOCK(l, t) RWLOCK((l), (t)) #define ZONEDB_UNLOCK(l, t) RWUNLOCK((l), (t)) -#define RETERR(x) \ - do { \ - result = (x); \ - if (result != ISC_R_SUCCESS) \ - goto failure; \ - } while (0) - #ifdef ENABLE_AFL extern bool dns_fuzzing_resolver; #endif /* ifdef ENABLE_AFL */ @@ -604,13 +597,6 @@ typedef enum { * load. */ } dns_zoneloadflag_t; -#define CHECK(op) \ - do { \ - result = (op); \ - if (result != ISC_R_SUCCESS) \ - goto failure; \ - } while (0) - struct dns_zonemgr { unsigned int magic; isc_mem_t *mctx; @@ -1935,7 +1921,7 @@ setfilename(dns_zone_t *zone, char **field, const char *value) { const char *end = value + strlen(value); putmem(&b, p, end - p); -failure: +cleanup: isc_buffer_putuint8(&b, 0); setstring(zone, field, filename); } @@ -2270,14 +2256,14 @@ copy_initfile(dns_zone_t *zone) { size_t rval; result = isc_stdio_read(buf, 1, sizeof(buf), input, &rval); - if (result != ISC_R_SUCCESS && result != ISC_R_EOF) { - goto failure; + if (result != ISC_R_EOF) { + CHECK(result); } CHECK(isc_stdio_write(buf, rval, 1, output, NULL)); len -= rval; } while (len > 0); -failure: +cleanup: if (input != NULL) { isc_stdio_close(input); } @@ -2353,8 +2339,7 @@ zone_load(dns_zone_t *zone, unsigned int flags, bool locked) { if ((flags & DNS_ZONELOADFLAG_THAW) != 0) { DNS_ZONE_SETFLAG(zone, DNS_ZONEFLG_THAW); } - result = ISC_R_LOADING; - goto cleanup; + CLEANUP(ISC_R_LOADING); } INSIST(zone->db_argc >= 1); @@ -2418,8 +2403,7 @@ zone_load(dns_zone_t *zone, unsigned int flags, bool locked) { ISC_LOG_DEBUG(1), "skipping load: master file " "older than last load"); - result = DNS_R_UPTODATE; - goto cleanup; + CLEANUP(DNS_R_UPTODATE); } /* @@ -2469,8 +2453,7 @@ zone_load(dns_zone_t *zone, unsigned int flags, bool locked) { "DLZ %s does not exist or is set " "to 'search yes;'", zone->db_argv[1]); - result = ISC_R_NOTFOUND; - goto cleanup; + CLEANUP(ISC_R_NOTFOUND); } ZONEDB_LOCK(&zone->dblock, isc_rwlocktype_write); @@ -2861,21 +2844,15 @@ zone_startload(dns_db_t *db, dns_zone_t *zone, isc_time_t loadtime) { load->callbacks.rawdata = zone_setrawdata; zone_iattach(zone, &load->callbacks.zone); - result = dns_db_beginload(db, &load->callbacks); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(dns_db_beginload(db, &load->callbacks)); if (zone->zmgr != NULL && zone->db != NULL) { - result = dns_master_loadfileasync( + CHECK(dns_master_loadfileasync( zone->masterfile, dns_db_origin(db), dns_db_origin(db), zone->rdclass, options, 0, &load->callbacks, zone->loop, zone_loaddone, load, &zone->loadctx, zone_registerinclude, zone, zone->mctx, - zone->masterformat, zone->maxttl); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } + zone->masterformat, zone->maxttl)); return DNS_R_CONTINUE; } else if (zone->stream != NULL) { @@ -3484,10 +3461,7 @@ integrity_checks(dns_zone_t *zone, dns_db_t *db) { } DNS_DBITERATOR_FOREACH(dbiterator) { - result = dns_dbiterator_current(dbiterator, &node, name); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(dns_dbiterator_current(dbiterator, &node, name)); /* * Is this name visible in the zone? @@ -3871,18 +3845,12 @@ zone_check_dnskeys(dns_zone_t *zone, dns_db_t *db) { bool logged_algorithm[DST_MAX_ALGS] = { 0 }; bool alldeprecated = true; - result = dns_db_findnode(db, &zone->origin, false, &node); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(dns_db_findnode(db, &zone->origin, false, &node)); dns_db_currentversion(db, &version); dns_rdataset_init(&rdataset); - result = dns_db_findrdataset(db, node, version, dns_rdatatype_dnskey, - dns_rdatatype_none, 0, &rdataset, NULL); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(dns_db_findrdataset(db, node, version, dns_rdatatype_dnskey, + dns_rdatatype_none, 0, &rdataset, NULL)); DNS_RDATASET_FOREACH(&rdataset) { char algbuf[DNS_SECALG_FORMATSIZE]; @@ -3986,10 +3954,7 @@ resume_signingwithkey(dns_zone_t *zone) { goto cleanup; } - result = dns_db_findnode(db, &zone->origin, false, &node); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(dns_db_findnode(db, &zone->origin, false, &node)); dns_db_currentversion(db, &version); dns_rdataset_init(&rdataset); @@ -4254,10 +4219,7 @@ resume_addnsec3chain(dns_zone_t *zone) { goto cleanup; } - result = dns_db_findnode(db, &zone->origin, false, &node); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(dns_db_findnode(db, &zone->origin, false, &node)); dns_db_currentversion(db, &version); @@ -4568,7 +4530,7 @@ create_keydata(dns_zone_t *zone, dns_db_t *db, dns_dbversion_t *ver, set_refreshkeytimer(zone, &kd, now, true); return ISC_R_SUCCESS; -failure: +cleanup: return result; } @@ -4578,16 +4540,11 @@ failure: static isc_result_t delete_keydata(dns_db_t *db, dns_dbversion_t *ver, dns_diff_t *diff, dns_name_t *name, dns_rdataset_t *rdataset) { - isc_result_t uresult; - DNS_RDATASET_FOREACH(rdataset) { dns_rdata_t rdata = DNS_RDATA_INIT; dns_rdataset_current(rdataset, &rdata); - uresult = update_one_rr(db, ver, diff, DNS_DIFFOP_DEL, name, 0, - &rdata); - if (uresult != ISC_R_SUCCESS) { - return uresult; - } + RETERR(update_one_rr(db, ver, diff, DNS_DIFFOP_DEL, name, 0, + &rdata)); } return ISC_R_SUCCESS; @@ -4664,7 +4621,7 @@ trust_key(dns_zone_t *zone, dns_name_t *keyname, dns_rdata_dnskey_t *dnskey, dns_keytable_detach(&sr); -failure: +cleanup: if (sr != NULL) { dns_keytable_detach(&sr); } @@ -4829,7 +4786,7 @@ update_soa_serial(dns_zone_t *zone, dns_db_t *db, dns_dbversion_t *ver, CHECK(do_one_tuple(&addtuple, db, ver, diff)); result = ISC_R_SUCCESS; -failure: +cleanup: if (addtuple != NULL) { dns_difftuple_free(&addtuple); } @@ -4897,7 +4854,7 @@ add_soa(dns_zone_t *zone, dns_db_t *db) { dns_zone_log(zone, ISC_LOG_ERROR, "add_soa:dns_db_newversion -> %s", isc_result_totext(result)); - goto failure; + goto cleanup; } /* Build SOA record */ @@ -4907,13 +4864,13 @@ add_soa(dns_zone_t *zone, dns_db_t *db) { dns_zone_log(zone, ISC_LOG_ERROR, "add_soa:dns_soa_buildrdata -> %s", isc_result_totext(result)); - goto failure; + goto cleanup; } result = update_one_rr(db, ver, &diff, DNS_DIFFOP_ADD, &zone->origin, 0, &rdata); -failure: +cleanup: dns_diff_clear(&diff); if (ver != NULL) { dns_db_closeversion(db, &ver, result == ISC_R_SUCCESS); @@ -5017,7 +4974,7 @@ sync_keyzone(dns_zone_t *zone, dns_db_t *db) { dnssec_log(zone, ISC_LOG_ERROR, "sync_keyzone:dns_db_newversion -> %s", isc_result_totext(result)); - goto failure; + goto cleanup; } /* @@ -5041,7 +4998,7 @@ sync_keyzone(dns_zone_t *zone, dns_db_t *db) { dns_rriterator_current(&rrit, &rrname, &ttl, &rdataset, NULL); if (!dns_rdataset_isassociated(rdataset)) { dns_rriterator_destroy(&rrit); - goto failure; + goto cleanup; } if (rdataset->type != dns_rdatatype_keydata) { @@ -5113,7 +5070,7 @@ sync_keyzone(dns_zone_t *zone, dns_db_t *db) { commit = true; } -failure: +cleanup: if (result != ISC_R_SUCCESS) { dnssec_log(zone, ISC_LOG_ERROR, "unable to synchronize managed keys: %s", @@ -5151,7 +5108,7 @@ dns_zone_synckeyzone(dns_zone_t *zone) { result = sync_keyzone(zone, db); UNLOCK_ZONE(zone); -failure: +cleanup: if (db != NULL) { dns_db_detach(&db); } @@ -5250,7 +5207,7 @@ check_reportchannel(dns_zone_t *zone, dns_db_t *db) { dns_rdataset_disassociate(&rdataset); } -failure: +cleanup: return result; } @@ -5346,10 +5303,7 @@ zone_postload(dns_zone_t *zone, dns_db_t *db, isc_time_t loadtime, * a sane starting point.) */ if (noprimary && zone->type == dns_zone_key) { - result = add_soa(zone, db); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(add_soa(zone, db)); } /* @@ -5359,11 +5313,8 @@ zone_postload(dns_zone_t *zone, dns_db_t *db, isc_time_t loadtime, !DNS_ZONE_OPTION(zone, DNS_ZONEOPT_NOMERGE) && !DNS_ZONE_FLAG(zone, DNS_ZONEFLG_LOADED)) { - result = zone_journal_rollforward(zone, db, &needdump, - &fixjournal); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(zone_journal_rollforward(zone, db, &needdump, + &fixjournal)); } /* @@ -5461,30 +5412,24 @@ zone_postload(dns_zone_t *zone, dns_db_t *db, isc_time_t loadtime, goto cleanup; } if (zone->type == dns_zone_primary && errors != 0) { - result = DNS_R_BADZONE; - goto cleanup; + CLEANUP(DNS_R_BADZONE); } if (zone->type != dns_zone_stub && zone->type != dns_zone_redirect) { - result = check_nsec3param(zone, db); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(check_nsec3param(zone, db)); } if (zone->type == dns_zone_primary && DNS_ZONE_OPTION(zone, DNS_ZONEOPT_CHECKINTEGRITY) && !integrity_checks(zone, db)) { - result = DNS_R_BADZONE; - goto cleanup; + CLEANUP(DNS_R_BADZONE); } if (zone->type == dns_zone_primary && DNS_ZONE_OPTION(zone, DNS_ZONEOPT_CHECKDUPRR) && !zone_check_dup(zone, db)) { - result = DNS_R_BADZONE; - goto cleanup; + CLEANUP(DNS_R_BADZONE); } if (zone->type == dns_zone_primary) { @@ -5502,14 +5447,10 @@ zone_postload(dns_zone_t *zone, dns_db_t *db, isc_time_t loadtime, dns_zone_log(zone, ISC_LOG_ERROR, "'log-report-channel' is set, but no " "'*._er/TXT' wildcard found"); - result = DNS_R_BADZONE; - goto cleanup; + CLEANUP(DNS_R_BADZONE); } - result = dns_zone_verifydb(zone, db, NULL); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(dns_zone_verifydb(zone, db, NULL)); if (zone->db != NULL) { unsigned int oldsoacount; @@ -5552,8 +5493,7 @@ zone_postload(dns_zone_t *zone, dns_db_t *db, isc_time_t loadtime, "new serial (%u) out of range " "[%u - %u]", serial, serialmin, serialmax); - result = DNS_R_BADZONE; - goto cleanup; + CLEANUP(DNS_R_BADZONE); } else if (!isc_serial_ge(serial, oldserial)) { dns_zone_logc(zone, DNS_LOGCATEGORY_ZONELOAD, ISC_LOG_ERROR, @@ -5638,8 +5578,7 @@ zone_postload(dns_zone_t *zone, dns_db_t *db, isc_time_t loadtime, default: UNEXPECTED_ERROR("unexpected zone type %d", zone->type); - result = ISC_R_UNEXPECTED; - goto cleanup; + CLEANUP(ISC_R_UNEXPECTED); } /* @@ -6717,13 +6656,13 @@ findzonekeys(dns_zone_t *zone, dns_db_t *db, dns_dbversion_t *ver, *nkeys = 0; memset(keys, 0, sizeof(*keys) * maxkeys); dns_rdataset_init(&rdataset); - RETERR(dns_db_findrdataset(db, node, ver, dns_rdatatype_dnskey, 0, 0, - &rdataset, NULL)); - RETERR(dns_rdataset_first(&rdataset)); + CHECK(dns_db_findrdataset(db, node, ver, dns_rdatatype_dnskey, 0, 0, + &rdataset, NULL)); + CHECK(dns_rdataset_first(&rdataset)); while (result == ISC_R_SUCCESS && count < maxkeys) { pubkey = NULL; dns_rdataset_current(&rdataset, &rdata); - RETERR(dns_dnssec_keyfromrdata(name, &rdata, mctx, &pubkey)); + CHECK(dns_dnssec_keyfromrdata(name, &rdata, mctx, &pubkey)); dst_key_setttl(pubkey, rdataset.ttl); if (!is_zone_key(pubkey)) { @@ -6799,9 +6738,7 @@ findzonekeys(dns_zone_t *zone, dns_db_t *db, dns_dbversion_t *ver, goto next; } - if (result != ISC_R_SUCCESS) { - goto failure; - } + CHECK(result); /* * If a key is marked inactive, skip it @@ -6829,7 +6766,7 @@ findzonekeys(dns_zone_t *zone, dns_db_t *db, dns_dbversion_t *ver, result = dns_rdataset_next(&rdataset); } if (result != ISC_R_NOMORE) { - goto failure; + CHECK(result); } if (count == 0) { result = ISC_R_NOTFOUND; @@ -6837,7 +6774,7 @@ findzonekeys(dns_zone_t *zone, dns_db_t *db, dns_dbversion_t *ver, result = ISC_R_SUCCESS; } -failure: +cleanup: if (dns_rdataset_isassociated(&rdataset)) { dns_rdataset_disassociate(&rdataset); } @@ -6884,7 +6821,7 @@ dns_zone_findkeys(dns_zone_t *zone, dns_db_t *db, dns_dbversion_t *ver, result = ISC_R_SUCCESS; } -failure: +cleanup: if (node != NULL) { dns_db_detachnode(&node); @@ -6932,8 +6869,8 @@ dns_zone_getdnsseckeys(dns_zone_t *zone, dns_db_t *db, dns_dbversion_t *ver, dns_zone_getmctx(zone), keys); dns_zone_unlock_keyfiles(zone); - if (result != ISC_R_SUCCESS && result != ISC_R_NOTFOUND) { - goto failure; + if (result != ISC_R_NOTFOUND) { + CHECK(result); } /* Get public keys (dnskeys). */ @@ -6966,7 +6903,7 @@ dns_zone_getdnsseckeys(dns_zone_t *zone, dns_db_t *db, dns_dbversion_t *ver, } } -failure: +cleanup: if (dns_rdataset_isassociated(&keyset)) { dns_rdataset_disassociate(&keyset); } @@ -6988,11 +6925,8 @@ offline(dns_db_t *db, dns_dbversion_t *ver, dns__zonediff_t *zonediff, if ((rdata->flags & DNS_RDATA_OFFLINE) != 0) { return ISC_R_SUCCESS; } - result = update_one_rr(db, ver, zonediff->diff, DNS_DIFFOP_DELRESIGN, - name, ttl, rdata); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(update_one_rr(db, ver, zonediff->diff, DNS_DIFFOP_DELRESIGN, + name, ttl, rdata)); rdata->flags |= DNS_RDATA_OFFLINE; result = update_one_rr(db, ver, zonediff->diff, DNS_DIFFOP_ADDRESIGN, name, ttl, rdata); @@ -7160,9 +7094,8 @@ del_sigs(dns_zone_t *zone, dns_db_t *db, dns_dbversion_t *ver, dns_name_t *name, if (result == ISC_R_NOTFOUND) { return ISC_R_SUCCESS; } - if (result != ISC_R_SUCCESS) { - goto failure; - } + CHECK(result); + result = dns_db_findrdataset(db, node, ver, dns_rdatatype_rrsig, type, (isc_stdtime_t)0, &rdataset, NULL); dns_db_detachnode(&node); @@ -7173,7 +7106,7 @@ del_sigs(dns_zone_t *zone, dns_db_t *db, dns_dbversion_t *ver, dns_name_t *name, } if (result != ISC_R_SUCCESS) { INSIST(!dns_rdataset_isassociated(&rdataset)); - goto failure; + goto cleanup; } DNS_RDATASET_FOREACH(&rdataset) { @@ -7321,7 +7254,7 @@ del_sigs(dns_zone_t *zone, dns_db_t *db, dns_dbversion_t *ver, dns_name_t *name, "key expiry warning time out of range"); } } -failure: +cleanup: if (node != NULL) { dns_db_detachnode(&node); } @@ -7360,9 +7293,8 @@ add_sigs(dns_db_t *db, dns_dbversion_t *ver, dns_name_t *name, dns_zone_t *zone, if (result == ISC_R_NOTFOUND) { return ISC_R_SUCCESS; } - if (result != ISC_R_SUCCESS) { - goto failure; - } + CHECK(result); + result = dns_db_findrdataset(db, node, ver, type, 0, (isc_stdtime_t)0, &rdataset, NULL); dns_db_detachnode(&node); @@ -7372,7 +7304,7 @@ add_sigs(dns_db_t *db, dns_dbversion_t *ver, dns_name_t *name, dns_zone_t *zone, } if (result != ISC_R_SUCCESS) { INSIST(!dns_rdataset_isassociated(&rdataset)); - goto failure; + goto cleanup; } for (i = 0; i < nkeys; i++) { @@ -7492,7 +7424,7 @@ add_sigs(dns_db_t *db, dns_dbversion_t *ver, dns_name_t *name, dns_zone_t *zone, /* Look up the signature in the SKR bundle */ dns_skrbundle_t *bundle = dns_zone_getskrbundle(zone); if (bundle == NULL) { - CHECK(DNS_R_NOSKRBUNDLE); + CLEANUP(DNS_R_NOSKRBUNDLE); } CHECK(dns_skrbundle_getsig(bundle, keys[i], type, &sig_rdata)); @@ -7525,7 +7457,7 @@ add_sigs(dns_db_t *db, dns_dbversion_t *ver, dns_name_t *name, dns_zone_t *zone, } } -failure: +cleanup: if (dns_rdataset_isassociated(&rdataset)) { dns_rdataset_disassociate(&rdataset); } @@ -7607,8 +7539,7 @@ zone_resigninc(dns_zone_t *zone) { * Zone is frozen. Pause for 5 minutes. */ if (zone->update_disabled) { - result = ISC_R_FAILURE; - goto failure; + CLEANUP(ISC_R_FAILURE); } ZONEDB_LOCK(&zone->dblock, isc_rwlocktype_read); @@ -7617,8 +7548,7 @@ zone_resigninc(dns_zone_t *zone) { } ZONEDB_UNLOCK(&zone->dblock, isc_rwlocktype_read); if (db == NULL) { - result = ISC_R_FAILURE; - goto failure; + CLEANUP(ISC_R_FAILURE); } result = dns_db_newversion(db, &version); @@ -7626,7 +7556,7 @@ zone_resigninc(dns_zone_t *zone) { dns_zone_log(zone, ISC_LOG_ERROR, "zone_resigninc:dns_db_newversion -> %s", isc_result_totext(result)); - goto failure; + goto cleanup; } now = isc_stdtime_now(); @@ -7637,7 +7567,7 @@ zone_resigninc(dns_zone_t *zone) { dns_zone_log(zone, ISC_LOG_ERROR, "zone_resigninc:dns_zone_findkeys -> %s", isc_result_totext(result)); - goto failure; + goto cleanup; } calculate_rrsig_validity(zone, now, &inception, &soaexpire, &expire, @@ -7710,8 +7640,8 @@ zone_resigninc(dns_zone_t *zone) { } } - if (result != ISC_R_NOMORE && result != ISC_R_SUCCESS) { - goto failure; + if (result != ISC_R_NOMORE) { + CHECK(result); } result = del_sigs(zone, db, version, &zone->origin, dns_rdatatype_soa, @@ -7720,7 +7650,7 @@ zone_resigninc(dns_zone_t *zone) { dns_zone_log(zone, ISC_LOG_ERROR, "zone_resigninc:del_sigs -> %s", isc_result_totext(result)); - goto failure; + goto cleanup; } /* @@ -7733,7 +7663,7 @@ zone_resigninc(dns_zone_t *zone) { if (zonediff.offline) { dns_db_closeversion(db, &version, true); } - goto failure; + goto cleanup; } /* Increment SOA serial if we have made changes */ @@ -7743,7 +7673,7 @@ zone_resigninc(dns_zone_t *zone) { dns_zone_log(zone, ISC_LOG_ERROR, "zone_resigninc:update_soa_serial -> %s", isc_result_totext(result)); - goto failure; + goto cleanup; } /* @@ -7757,7 +7687,7 @@ zone_resigninc(dns_zone_t *zone) { dns_zone_log(zone, ISC_LOG_ERROR, "zone_resigninc:add_sigs -> %s", isc_result_totext(result)); - goto failure; + goto cleanup; } /* Write changes to journal file. */ @@ -7766,7 +7696,7 @@ zone_resigninc(dns_zone_t *zone) { /* Everything has succeeded. Commit the changes. */ dns_db_closeversion(db, &version, true); -failure: +cleanup: dns_diff_clear(&_sig_diff); for (i = 0; i < nkeys; i++) { dst_key_free(&zone_keys[i]); @@ -7829,7 +7759,7 @@ next_active(dns_db_t *db, dns_dbversion_t *version, dns_name_t *oldname, break; } } while (1); -failure: +cleanup: if (node != NULL) { dns_db_detachnode(&node); } @@ -7925,7 +7855,7 @@ add_nsec(dns_db_t *db, dns_dbversion_t *version, dns_name_t *name, CHECK(dns_nsec_buildrdata(db, version, node, next, nsecbuffer, &rdata)); CHECK(update_one_rr(db, version, diff, DNS_DIFFOP_ADD, name, ttl, &rdata)); -failure: +cleanup: return result; } @@ -8099,7 +8029,7 @@ sign_a_node(dns_db_t *db, dns_zone_t *zone, dns_name_t *name, /* Look up the signature in the SKR bundle */ dns_skrbundle_t *bundle = dns_zone_getskrbundle(zone); if (bundle == NULL) { - CHECK(DNS_R_NOSKRBUNDLE); + CLEANUP(DNS_R_NOSKRBUNDLE); } CHECK(dns_skrbundle_getsig(bundle, key, rdataset.type, &rdata)); @@ -8130,7 +8060,7 @@ sign_a_node(dns_db_t *db, dns_zone_t *zone, dns_name_t *name, (*signatures)--; } -failure: +cleanup: if (dns_rdataset_isassociated(&rdataset)) { dns_rdataset_disassociate(&rdataset); } @@ -8162,15 +8092,13 @@ updatesecure(dns_db_t *db, dns_dbversion_t *version, dns_name_t *name, if (result == ISC_R_NOTFOUND) { goto success; } - if (result != ISC_R_SUCCESS) { - goto failure; - } + CHECK(result); } CHECK(delete_nsec(db, version, node, name, diff)); CHECK(add_nsec(db, version, name, node, nsecttl, false, diff)); success: result = ISC_R_SUCCESS; -failure: +cleanup: if (node != NULL) { dns_db_detachnode(&node); } @@ -8188,10 +8116,7 @@ updatesignwithkey(dns_zone_t *zone, dns_signing_t *signing, bool have_rr = false; dns_rdataset_init(&rdataset); - result = dns_db_getoriginnode(signing->db, &node); - if (result != ISC_R_SUCCESS) { - goto failure; - } + CHECK(dns_db_getoriginnode(signing->db, &node)); result = dns_db_findrdataset(signing->db, node, version, zone->privatetype, dns_rdatatype_none, 0, @@ -8199,11 +8124,11 @@ updatesignwithkey(dns_zone_t *zone, dns_signing_t *signing, if (result == ISC_R_NOTFOUND) { INSIST(!dns_rdataset_isassociated(&rdataset)); result = ISC_R_SUCCESS; - goto failure; + goto cleanup; } if (result != ISC_R_SUCCESS) { INSIST(!dns_rdataset_isassociated(&rdataset)); - goto failure; + goto cleanup; } DNS_RDATASET_FOREACH(&rdataset) { @@ -8295,7 +8220,7 @@ updatesignwithkey(dns_zone_t *zone, dns_signing_t *signing, diff)); } -failure: +cleanup: if (dns_rdataset_isassociated(&rdataset)) { dns_rdataset_disassociate(&rdataset); } @@ -8369,7 +8294,7 @@ fixup_nsec3param(dns_db_t *db, dns_dbversion_t *ver, dns_nsec3chain_t *chain, goto try_private; } if (result != ISC_R_SUCCESS) { - goto failure; + goto cleanup; } /* @@ -8449,9 +8374,7 @@ try_private: if (result == ISC_R_NOTFOUND) { goto add; } - if (result != ISC_R_SUCCESS) { - goto failure; - } + CHECK(result); DNS_RDATASET_FOREACH(&rdataset) { dns_rdata_t private = DNS_RDATA_INIT; @@ -8484,7 +8407,7 @@ try_private: add: if ((chain->nsec3param.flags & DNS_NSEC3FLAG_REMOVE) != 0) { result = ISC_R_SUCCESS; - goto failure; + goto cleanup; } /* @@ -8501,7 +8424,7 @@ add: rdata.data[1] = 0; /* Clear flag bits. */ CHECK(update_one_rr(db, ver, diff, DNS_DIFFOP_ADD, name, ttl, &rdata)); -failure: +cleanup: dns_db_detachnode(&node); if (dns_rdataset_isassociated(&rdataset)) { dns_rdataset_disassociate(&rdataset); @@ -8534,7 +8457,7 @@ delete_nsec(dns_db_t *db, dns_dbversion_t *ver, dns_dbnode_t *node, rdataset.ttl, &rdata)); } -failure: +cleanup: dns_rdataset_disassociate(&rdataset); return result; } @@ -8573,7 +8496,7 @@ deletematchingnsec3(dns_db_t *db, dns_dbversion_t *ver, dns_dbnode_t *node, rdataset.ttl, &rdata)); } -failure: +cleanup: dns_rdataset_disassociate(&rdataset); return result; } @@ -8649,7 +8572,7 @@ need_nsec_chain(dns_db_t *db, dns_dbversion_t *ver, *answer = !active; -failure: +cleanup: if (dns_rdataset_isassociated(&rdataset)) { dns_rdataset_disassociate(&rdataset); } @@ -8796,8 +8719,7 @@ zone_nsec3chain(dns_zone_t *zone) { * Updates are disabled. Pause for 5 minutes. */ if (zone->update_disabled) { - result = ISC_R_FAILURE; - goto failure; + CLEANUP(ISC_R_FAILURE); } ZONEDB_LOCK(&zone->dblock, isc_rwlocktype_read); @@ -8823,7 +8745,7 @@ zone_nsec3chain(dns_zone_t *zone) { dnssec_log(zone, ISC_LOG_ERROR, "zone_nsec3chain:dns_db_newversion -> %s", isc_result_totext(result)); - goto failure; + goto cleanup; } now = isc_stdtime_now(); @@ -8834,7 +8756,7 @@ zone_nsec3chain(dns_zone_t *zone) { dnssec_log(zone, ISC_LOG_ERROR, "zone_nsec3chain:dns_zone_findkeys -> %s", isc_result_totext(result)); - goto failure; + goto cleanup; } calculate_rrsig_validity(zone, now, &inception, &soaexpire, NULL, @@ -8950,9 +8872,7 @@ zone_nsec3chain(dns_zone_t *zone) { /* Empty node? */ goto next_addnode; } - if (result != ISC_R_SUCCESS) { - goto failure; - } + CHECK(result); seen_soa = seen_ns = seen_dname = seen_ds = seen_nsec = false; DNS_RDATASETITER_FOREACH(iterator) { @@ -8998,7 +8918,7 @@ zone_nsec3chain(dns_zone_t *zone) { "zone_nsec3chain:" "dns_nsec3_addnsec3 -> %s", isc_result_totext(result)); - goto failure; + goto cleanup; } /* @@ -9055,7 +8975,7 @@ zone_nsec3chain(dns_zone_t *zone) { "zone_nsec3chain:" "dns_dbiterator_next -> %s", isc_result_totext(result)); - goto failure; + goto cleanup; } else if (delegation) { dns_dbiterator_current(nsec3chain->dbiterator, &node, nextname); @@ -9136,7 +9056,7 @@ zone_nsec3chain(dns_zone_t *zone) { "zone_nsec3chain:" "need_nsec_chain -> %s", isc_result_totext(result)); - goto failure; + goto cleanup; } } @@ -9163,7 +9083,7 @@ zone_nsec3chain(dns_zone_t *zone) { "zone_nsec3chain:" "fixup_nsec3param -> %s", isc_result_totext(result)); - goto failure; + goto cleanup; } } @@ -9178,7 +9098,7 @@ zone_nsec3chain(dns_zone_t *zone) { "zone_nsec3chain:" "deletematchingnsec3 -> %s", isc_result_totext(result)); - goto failure; + goto cleanup; } goto next_removenode; } @@ -9213,9 +9133,7 @@ zone_nsec3chain(dns_zone_t *zone) { /* Empty node? */ goto next_removenode; } - if (result != ISC_R_SUCCESS) { - goto failure; - } + CHECK(result); seen_soa = seen_ns = seen_dname = seen_nsec3 = seen_nsec = seen_rr = false; @@ -9285,7 +9203,7 @@ zone_nsec3chain(dns_zone_t *zone) { "zone_nsec3chain:" "fixup_nsec3param -> %s", isc_result_totext(result)); - goto failure; + goto cleanup; } goto next_removechain; } else if (result != ISC_R_SUCCESS) { @@ -9293,7 +9211,7 @@ zone_nsec3chain(dns_zone_t *zone) { "zone_nsec3chain:" "dns_dbiterator_next -> %s", isc_result_totext(result)); - goto failure; + goto cleanup; } else if (delegation) { dns_dbiterator_current(nsec3chain->dbiterator, &node, nextname); @@ -9333,7 +9251,7 @@ skip_removals: dnssec_log(zone, ISC_LOG_ERROR, "zone_nsec3chain:dns_db_allrdatasets -> %s", isc_result_totext(result)); - goto failure; + goto cleanup; } DNS_RDATASETITER_FOREACH(iterator) { dns_rdataset_t rdataset = DNS_RDATASET_INIT; @@ -9360,7 +9278,7 @@ skip_removals: dnssec_log(zone, ISC_LOG_ERROR, "zone_nsec3chain:updatesecure -> %s", isc_result_totext(result)); - goto failure; + goto cleanup; } } @@ -9377,7 +9295,7 @@ skip_removals: "zone_nsec3chain:" "dns_nsec3_addnsec3s -> %s", isc_result_totext(result)); - goto failure; + goto cleanup; } } } @@ -9395,7 +9313,7 @@ skip_removals: dnssec_log(zone, ISC_LOG_ERROR, "zone_nsec3chain:dns__zone_updatesigs -> %s", isc_result_totext(result)); - goto failure; + goto cleanup; } /* @@ -9409,7 +9327,7 @@ skip_removals: dnssec_log(zone, ISC_LOG_ERROR, "zone_nsec3chain:dns__zone_updatesigs -> %s", isc_result_totext(result)); - goto failure; + goto cleanup; } if (updatensec) { @@ -9419,7 +9337,7 @@ skip_removals: dnssec_log(zone, ISC_LOG_ERROR, "zone_nsec3chain:updatesecure -> %s", isc_result_totext(result)); - goto failure; + goto cleanup; } } @@ -9430,7 +9348,7 @@ skip_removals: dnssec_log(zone, ISC_LOG_ERROR, "zone_nsec3chain:dns__zone_updatesigs -> %s", isc_result_totext(result)); - goto failure; + goto cleanup; } /* @@ -9442,7 +9360,7 @@ skip_removals: * No need to call dns_db_closeversion() here as it is * called with commit = true below. */ - goto done; + goto closeversion; } result = del_sigs(zone, db, version, &zone->origin, dns_rdatatype_soa, @@ -9451,7 +9369,7 @@ skip_removals: dnssec_log(zone, ISC_LOG_ERROR, "zone_nsec3chain:del_sigs -> %s", isc_result_totext(result)); - goto failure; + goto cleanup; } result = update_soa_serial(zone, db, version, zonediff.diff, zone->mctx, @@ -9460,7 +9378,7 @@ skip_removals: dnssec_log(zone, ISC_LOG_ERROR, "zone_nsec3chain:update_soa_serial -> %s", isc_result_totext(result)); - goto failure; + goto cleanup; } result = add_sigs(db, version, &zone->origin, zone, dns_rdatatype_soa, @@ -9470,7 +9388,7 @@ skip_removals: dnssec_log(zone, ISC_LOG_ERROR, "zone_nsec3chain:add_sigs -> %s", isc_result_totext(result)); - goto failure; + goto cleanup; } /* Write changes to journal file. */ @@ -9481,7 +9399,7 @@ skip_removals: DNS_ZONE_SETFLAG(zone, DNS_ZONEFLG_NEEDNOTIFY); UNLOCK_ZONE(zone); -done: +closeversion: /* * Pause all iterators so that dns_db_closeversion() can succeed. */ @@ -9511,7 +9429,7 @@ done: set_resigntime(zone); UNLOCK_ZONE(zone); -failure: +cleanup: if (result != ISC_R_SUCCESS) { dnssec_log(zone, ISC_LOG_ERROR, "zone_nsec3chain: %s", isc_result_totext(result)); @@ -9685,7 +9603,7 @@ del_sig(dns_db_t *db, dns_dbversion_t *version, dns_name_t *name, * i.e., found in at least one, and not missing from any. */ *has_algp = (alg_found && !alg_missed); -failure: +cleanup: if (dns_rdataset_isassociated(&rdataset)) { dns_rdataset_disassociate(&rdataset); } @@ -9780,12 +9698,12 @@ dns_zone_check_dnskey_nsec3(dns_zone_t *zone, dns_db_t *db, /* Refuse to allow NSEC3 with NSEC-only keys */ if (nseconly && nsec3) { - goto failure; + goto cleanup; } return true; -failure: +cleanup: return false; } @@ -9839,7 +9757,7 @@ zone_sign(dns_zone_t *zone) { */ if (zone->update_disabled) { result = ISC_R_FAILURE; - goto cleanup; + goto done; } ZONEDB_LOCK(&zone->dblock, isc_rwlocktype_read); @@ -9849,7 +9767,7 @@ zone_sign(dns_zone_t *zone) { ZONEDB_UNLOCK(&zone->dblock, isc_rwlocktype_read); if (db == NULL) { result = ISC_R_FAILURE; - goto cleanup; + goto done; } result = dns_db_newversion(db, &version); @@ -9857,7 +9775,7 @@ zone_sign(dns_zone_t *zone) { dnssec_log(zone, ISC_LOG_ERROR, "zone_sign:dns_db_newversion -> %s", isc_result_totext(result)); - goto cleanup; + goto done; } now = isc_stdtime_now(); @@ -9868,7 +9786,7 @@ zone_sign(dns_zone_t *zone) { dnssec_log(zone, ISC_LOG_ERROR, "zone_sign:dns_zone_findkeys -> %s", isc_result_totext(result)); - goto cleanup; + goto done; } kasp = zone->kasp; @@ -10151,7 +10069,7 @@ zone_sign(dns_zone_t *zone) { "updatesecure -> %s", isc_result_totext( result)); - goto cleanup; + goto done; } } result = updatesignwithkey( @@ -10161,7 +10079,7 @@ zone_sign(dns_zone_t *zone) { dnssec_log(zone, ISC_LOG_ERROR, "updatesignwithkey -> %s", isc_result_totext(result)); - goto cleanup; + goto done; } build_nsec = false; goto next_signing; @@ -10170,7 +10088,7 @@ zone_sign(dns_zone_t *zone) { "zone_sign:" "dns_dbiterator_next -> %s", isc_result_totext(result)); - goto cleanup; + goto done; } else if (is_bottom_of_zone) { dns_dbiterator_current(signing->dbiterator, &node, nextname); @@ -10198,7 +10116,7 @@ zone_sign(dns_zone_t *zone) { dnssec_log(zone, ISC_LOG_ERROR, "zone_sign:dns__zone_updatesigs -> %s", isc_result_totext(result)); - goto cleanup; + goto done; } } @@ -10220,7 +10138,7 @@ zone_sign(dns_zone_t *zone) { if (result != ISC_R_SUCCESS) { dnssec_log(zone, ISC_LOG_ERROR, "zone_sign:del_sigs -> %s", isc_result_totext(result)); - goto cleanup; + goto done; } result = update_soa_serial(zone, db, version, zonediff.diff, zone->mctx, @@ -10229,7 +10147,7 @@ zone_sign(dns_zone_t *zone) { dnssec_log(zone, ISC_LOG_ERROR, "zone_sign:update_soa_serial -> %s", isc_result_totext(result)); - goto cleanup; + goto done; } /* @@ -10242,7 +10160,7 @@ zone_sign(dns_zone_t *zone) { if (result != ISC_R_SUCCESS) { dnssec_log(zone, ISC_LOG_ERROR, "zone_sign:add_sigs -> %s", isc_result_totext(result)); - goto cleanup; + goto done; } /* @@ -10285,13 +10203,13 @@ pauseall: } UNLOCK_ZONE(zone); -failure: +cleanup: if (result != ISC_R_SUCCESS) { dnssec_log(zone, ISC_LOG_ERROR, "zone_sign: failed: %s", isc_result_totext(result)); } -cleanup: +done: /* * Pause all dbiterators. */ @@ -10533,9 +10451,8 @@ minimal_update(dns_zonefetch_t *fetch, dns_dbversion_t *ver, dns_diff_t *diff) { if (result == ISC_R_UNEXPECTEDEND) { continue; } - if (result != ISC_R_SUCCESS) { - goto failure; - } + CHECK(result); + keydata.refresh = refresh_time(fetch, true); set_refreshkeytimer(zone, &keydata, now, false); @@ -10550,7 +10467,7 @@ minimal_update(dns_zonefetch_t *fetch, dns_dbversion_t *ver, dns_diff_t *diff) { 0, &rdata)); } result = ISC_R_SUCCESS; -failure: +cleanup: return result; } @@ -11266,7 +11183,7 @@ done: result = ISC_R_SUCCESS; } -failure: +cleanup: if (result != ISC_R_SUCCESS) { dnssec_log(zone, ISC_LOG_ERROR, "error during trust anchor processing (%s): " @@ -11440,7 +11357,7 @@ zone_refreshkeys(dns_zone_t *zone) { zone_needdump(zone, 30); } -failure: +cleanup: if (!timerset) { isc_time_settoepoch(&zone->refreshkeytime); } @@ -11798,7 +11715,7 @@ zone_expire(dns_zone_t *zone) { "policies unloaded"); } -failure: +cleanup: if (db != NULL) { dns_db_detach(&db); } @@ -12861,24 +12778,16 @@ create_query(dns_zone_t *zone, dns_rdatatype_t rdtype, dns_name_t *name, static isc_result_t add_opt(dns_message_t *message, uint16_t udpsize, bool reqnsid, bool reqexpire) { - isc_result_t result; - dns_message_ednsinit(message, 0, udpsize, 0, 0); /* Set EDNS options if applicable. */ if (reqnsid) { dns_ednsopt_t option = { .code = DNS_OPT_NSID }; - result = dns_message_ednsaddopt(message, &option); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(dns_message_ednsaddopt(message, &option)); } if (reqexpire) { dns_ednsopt_t option = { .code = DNS_OPT_EXPIRE }; - result = dns_message_ednsaddopt(message, &option); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(dns_message_ednsaddopt(message, &option)); } return dns_message_setopt(message); @@ -14315,8 +14224,7 @@ again: } break; default: - result = ISC_R_NOTIMPLEMENTED; - goto cleanup; + CLEANUP(ISC_R_NOTIMPLEMENTED); } /* @@ -16156,7 +16064,7 @@ sync_secure_journal(dns_zone_t *zone, dns_zone_t *raw, dns_journal_t *journal, result = ISC_R_SUCCESS; } -failure: +cleanup: return result; } @@ -16525,8 +16433,8 @@ receive_secure_serial(void *arg) { result = dns_journal_open(zone->mctx, zone->journal, DNS_JOURNAL_READ, &sjournal); - if (result != ISC_R_SUCCESS && result != ISC_R_NOTFOUND) { - goto failure; + if (result != ISC_R_NOTFOUND) { + CHECK(result); } if (!dns_journal_get_sourceserial(rjournal, &start)) { @@ -16560,7 +16468,7 @@ receive_secure_serial(void *arg) { start, end, &soatuple, &zone->rss_diff); if (result == DNS_R_UNCHANGED) { - goto failure; + goto cleanup; } else if (result != ISC_R_SUCCESS) { CHECK(sync_secure_db(zone, zone->rss_raw, zone->rss_db, zone->rss_oldver, &soatuple, @@ -16617,7 +16525,7 @@ receive_secure_serial(void *arg) { * that contents of the raw zone and the secure zone are kept in sync. */ if (result != ISC_R_SUCCESS && dns_db_issecure(zone->rss_db)) { - goto failure; + goto cleanup; } if (rjournal == NULL) { @@ -16655,7 +16563,7 @@ receive_secure_serial(void *arg) { newserial, desired); } -failure: +cleanup: isc_mem_put(zone->mctx, rss, sizeof(*rss)); zone->rss = NULL; @@ -16904,7 +16812,7 @@ done: result = ISC_R_SUCCESS; } -failure: +cleanup: if (node != NULL) { dns_db_detachnode(&node); } @@ -16977,15 +16885,9 @@ copy_non_dnssec_records(dns_db_t *db, dns_dbversion_t *version, dns_db_t *rawdb, dns_dbiterator_pause(dbiterator); - result = dns_db_findnode(db, name, true, &node); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(dns_db_findnode(db, name, true, &node)); - result = dns_db_allrdatasets(rawdb, rawnode, NULL, 0, 0, &rdsit); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(dns_db_allrdatasets(rawdb, rawnode, NULL, 0, 0, &rdsit)); DNS_RDATASETITER_FOREACH(rdsit) { dns_rdataset_t rdataset = DNS_RDATASET_INIT; @@ -17046,8 +16948,7 @@ receive_secure_db(void *arg) { LOCK_ZONE(zone); if (DNS_ZONE_FLAG(zone, DNS_ZONEFLG_EXITING) || !inline_secure(zone)) { - result = ISC_R_SHUTTINGDOWN; - goto failure; + CLEANUP(ISC_R_SHUTTINGDOWN); } loadtime = isc_time_now(); @@ -17065,39 +16966,26 @@ receive_secure_db(void *arg) { result = save_nsec3param(zone, &nsec3list); if (result != ISC_R_SUCCESS) { ZONEDB_UNLOCK(&zone->dblock, isc_rwlocktype_read); - goto failure; + goto cleanup; } } ZONEDB_UNLOCK(&zone->dblock, isc_rwlocktype_read); - result = dns_db_create(zone->mctx, zone->db_argv[0], &zone->origin, - dns_dbtype_zone, zone->rdclass, - zone->db_argc - 1, zone->db_argv + 1, &db); - if (result != ISC_R_SUCCESS) { - goto failure; - } + CHECK(dns_db_create(zone->mctx, zone->db_argv[0], &zone->origin, + dns_dbtype_zone, zone->rdclass, zone->db_argc - 1, + zone->db_argv + 1, &db)); result = dns_db_setgluecachestats(db, zone->gluecachestats); - if (result != ISC_R_SUCCESS && result != ISC_R_NOTIMPLEMENTED) { - goto failure; + if (result != ISC_R_NOTIMPLEMENTED) { + CHECK(result); } - result = dns_db_newversion(db, &version); - if (result != ISC_R_SUCCESS) { - goto failure; - } - - result = dns_db_createiterator(rawdb, DNS_DB_NONSEC3, &dbiterator); - if (result != ISC_R_SUCCESS) { - goto failure; - } + CHECK(dns_db_newversion(db, &version)); + CHECK(dns_db_createiterator(rawdb, DNS_DB_NONSEC3, &dbiterator)); DNS_DBITERATOR_FOREACH(dbiterator) { - result = copy_non_dnssec_records(db, version, rawdb, dbiterator, - oldserialp); - if (result != ISC_R_SUCCESS) { - goto failure; - } + CHECK(copy_non_dnssec_records(db, version, rawdb, dbiterator, + oldserialp)); } dns_dbiterator_destroy(&dbiterator); @@ -17106,10 +16994,7 @@ receive_secure_db(void *arg) { * the old nsec3 parameters and insert them into db */ if (!ISC_LIST_EMPTY(nsec3list)) { - result = restore_nsec3param(zone, db, version, &nsec3list); - if (result != ISC_R_SUCCESS) { - goto failure; - } + CHECK(restore_nsec3param(zone, db, version, &nsec3list)); } dns_db_closeversion(db, &version, true); @@ -17129,7 +17014,7 @@ receive_secure_db(void *arg) { */ process_zone_setnsec3param(zone); -failure: +cleanup: UNLOCK_ZONE(zone); if (dbiterator != NULL) { dns_dbiterator_destroy(&dbiterator); @@ -17242,10 +17127,7 @@ zone_replacedb(dns_zone_t *zone, dns_db_t *db, bool dump) { return result; } - result = check_nsec3param(zone, db); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(check_nsec3param(zone, db)); ver = NULL; dns_db_currentversion(db, &ver); @@ -18492,15 +18374,11 @@ dns_zone_forwardupdate(dns_zone_t *zone, dns_message_t *msg, mr = dns_message_getrawmessage(msg); if (mr == NULL) { - result = ISC_R_UNEXPECTEDEND; - goto cleanup; + CLEANUP(ISC_R_UNEXPECTEDEND); } isc_buffer_allocate(zone->mctx, &forward->msgbuf, mr->length); - result = isc_buffer_copyregion(forward->msgbuf, mr); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(isc_buffer_copyregion(forward->msgbuf, mr)); isc_mem_attach(zone->mctx, &forward->mctx); dns_zone_iattach(zone, &forward->zone); @@ -19078,15 +18956,9 @@ zone_saveunique(dns_zone_t *zone, const char *path, const char *templat) { buf = isc_mem_get(zone->mctx, buflen); - result = isc_file_template(path, templat, buf, buflen); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(isc_file_template(path, templat, buf, buflen)); - result = isc_file_renameunique(path, buf); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(isc_file_renameunique(path, buf)); dns_zone_log(zone, ISC_LOG_WARNING, "unable to load from '%s'; " @@ -19738,8 +19610,7 @@ zone_signwithkey(dns_zone_t *zone, dst_algorithm_t algorithm, uint16_t keyid, ZONEDB_UNLOCK(&zone->dblock, isc_rwlocktype_read); if (db == NULL) { - result = ISC_R_NOTFOUND; - goto cleanup; + CLEANUP(ISC_R_NOTFOUND); } dns_db_attach(db, &signing->db); @@ -19834,7 +19705,7 @@ rr_exists(dns_db_t *db, dns_dbversion_t *ver, dns_name_t *name, if (result == ISC_R_NOTFOUND) { *flag = false; result = ISC_R_SUCCESS; - goto failure; + goto cleanup; } bool matched = false; @@ -19849,7 +19720,7 @@ rr_exists(dns_db_t *db, dns_dbversion_t *ver, dns_name_t *name, dns_rdataset_disassociate(&rdataset); *flag = matched; -failure: +cleanup: if (node != NULL) { dns_db_detachnode(&node); } @@ -19990,7 +19861,7 @@ add_signing_records(dns_db_t *db, dns_rdatatype_t privatetype, } } -failure: +cleanup: /* * Put the DNSKEY changes we cared about back on diff->tuples. */ @@ -20079,37 +19950,26 @@ sign_apex(dns_zone_t *zone, dns_db_t *db, dns_dbversion_t *ver, * signature and if not cause them to sign so that newly activated * keys are used. */ - result = tickle_apex_rrset(dns_rdatatype_dnskey, zone, db, ver, now, - diff, zonediff, zone_keys, nkeys, inception, - keyexpire); - if (result != ISC_R_SUCCESS) { - goto failure; - } - result = tickle_apex_rrset(dns_rdatatype_cds, zone, db, ver, now, diff, - zonediff, zone_keys, nkeys, inception, - keyexpire); - if (result != ISC_R_SUCCESS) { - goto failure; - } - result = tickle_apex_rrset(dns_rdatatype_cdnskey, zone, db, ver, now, - diff, zonediff, zone_keys, nkeys, inception, - keyexpire); - if (result != ISC_R_SUCCESS) { - goto failure; - } + CHECK(tickle_apex_rrset(dns_rdatatype_dnskey, zone, db, ver, now, diff, + zonediff, zone_keys, nkeys, inception, + keyexpire)); + CHECK(tickle_apex_rrset(dns_rdatatype_cds, zone, db, ver, now, diff, + zonediff, zone_keys, nkeys, inception, + keyexpire)); + CHECK(tickle_apex_rrset(dns_rdatatype_cdnskey, zone, db, ver, now, diff, + zonediff, zone_keys, nkeys, inception, + keyexpire)); result = dns__zone_updatesigs(diff, db, ver, zone_keys, nkeys, zone, inception, soaexpire, keyexpire, now, zonediff); - if (result != ISC_R_SUCCESS) { dnssec_log(zone, ISC_LOG_ERROR, "sign_apex:dns__zone_updatesigs -> %s", isc_result_totext(result)); - goto failure; } -failure: +cleanup: for (i = 0; i < nkeys; i++) { dst_key_free(&zone_keys[i]); } @@ -20132,12 +19992,12 @@ clean_nsec3param(dns_zone_t *zone, dns_db_t *db, dns_dbversion_t *ver, dns_rdataset_disassociate(&rdataset); } if (result != ISC_R_NOTFOUND) { - goto failure; + goto cleanup; } result = dns_nsec3param_deletechains(db, ver, zone, true, diff); -failure: +cleanup: if (node != NULL) { dns_db_detachnode(&node); } @@ -20189,7 +20049,7 @@ add_chains(dns_zone_t *zone, dns_db_t *db, dns_dbversion_t *ver, } CHECK(updatesecure(db, ver, origin, zone_nsecttl(zone), true, diff)); -failure: +cleanup: return result; } @@ -20249,15 +20109,11 @@ checkds_destroy(dns_checkds_t *checkds, bool locked) { static isc_result_t make_dnskey(dst_key_t *key, unsigned char *buf, int bufsize, dns_rdata_t *target) { - isc_result_t result; isc_buffer_t b; isc_region_t r; isc_buffer_init(&b, buf, bufsize); - result = dst_key_todns(key, &b); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(dst_key_todns(key, &b)); dns_rdata_reset(target); isc_buffer_usedregion(&b, &r); @@ -20409,7 +20265,7 @@ checkds_done(void *arg) { dns_zone_log(zone, ISC_LOG_NOTICE, "checkds: bad DS response from %s: %.*s", addrbuf, (int)buf.used, rcode); - goto failure; + goto cleanup; } /* Make sure that either AA or RA bit is set. */ @@ -20420,7 +20276,7 @@ checkds_done(void *arg) { "checkds: bad DS response from %s: expected AA or " "RA bit set", addrbuf); - goto failure; + goto cleanup; } /* Lookup DS RRset. */ @@ -20554,7 +20410,7 @@ checkds_done(void *arg) { dns_zone_rekey(zone, false, false); } -failure: +cleanup: if (result != ISC_R_SUCCESS) { dns_zone_log(zone, ISC_LOG_DEBUG(3), "checkds: DS request failed: %s", @@ -20753,8 +20609,7 @@ checkds_send_toaddr(void *arg) { checkds->zone->view->requestmgr == NULL || checkds->zone->db == NULL) { - result = ISC_R_CANCELED; - goto cleanup; + CLEANUP(ISC_R_CANCELED); } /* @@ -20768,8 +20623,7 @@ checkds_send_toaddr(void *arg) { dns_zone_log(checkds->zone, ISC_LOG_DEBUG(3), "checkds: ignoring IPv6 mapped IPV4 address: %s", addrbuf); - result = ISC_R_CANCELED; - goto cleanup; + CLEANUP(ISC_R_CANCELED); } checkds_createmessage(checkds->zone, &message); @@ -20904,10 +20758,7 @@ checkds_send_tons(dns_checkds_t *checkds) { } newcheckds = NULL; - result = checkds_create(checkds->mctx, 0, &newcheckds); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(checkds_create(checkds->mctx, 0, &newcheckds)); zone_iattach(zone, &newcheckds->zone); ISC_LIST_APPEND(newcheckds->zone->checkds_requests, newcheckds, link); @@ -20929,13 +20780,10 @@ checkds_send_tons(dns_checkds_t *checkds) { * publicly available on the default transport protocol. */ - result = isc_ratelimiter_enqueue( - newcheckds->zone->zmgr->checkdsrl, - newcheckds->zone->loop, checkds_send_toaddr, newcheckds, - &newcheckds->rlevent); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(isc_ratelimiter_enqueue(newcheckds->zone->zmgr->checkdsrl, + newcheckds->zone->loop, + checkds_send_toaddr, newcheckds, + &newcheckds->rlevent)); newcheckds = NULL; } @@ -21168,10 +21016,7 @@ nsfetch_done(dns_zonefetch_t *fetch, isc_result_t eresult) { return DNS_R_CONTINUE; } - result = dns_zonefetch_verify(fetch, eresult, dns_trust_secure); - if (result != ISC_R_SUCCESS) { - goto done; - } + CHECK(dns_zonefetch_verify(fetch, eresult, dns_trust_secure)); /* Record the number of NS records we found. */ zone->parent_nscount = dns_rdataset_count(nsrrset); @@ -21224,7 +21069,7 @@ nsfetch_done(dns_zonefetch_t *fetch, isc_result_t eresult) { LOCK_ZONE(zone); -done: +cleanup: if (result != ISC_R_SUCCESS) { dnssec_log( zone, ISC_LOG_ERROR, @@ -21552,11 +21397,9 @@ zone_rekey(dns_zone_t *zone) { dns_zone_unlock_keyfiles(zone); - if (result != ISC_R_SUCCESS) { - goto failure; - } + CHECK(result); } else if (result != ISC_R_NOTFOUND) { - goto failure; + goto cleanup; } /* Get the current CDS rdataset */ @@ -21613,8 +21456,7 @@ zone_rekey(dns_zone_t *zone) { dnssec_log(zone, ISC_LOG_DEBUG(1), "zone_rekey:dns_skr_lookup failed: " "no SKR available"); - result = DNS_R_NOSKRFILE; - goto failure; + CLEANUP(DNS_R_NOSKRFILE); } bundle = dns_skr_lookup(zone->skr, now, sigval); zone->skrbundle = bundle; @@ -21635,8 +21477,7 @@ zone_rekey(dns_zone_t *zone) { "no available SKR bundle for time " "%.*s (%s)", (int)r.length, r.base, nowstr); - result = DNS_R_NOSKRBUNDLE; - goto failure; + CLEANUP(DNS_R_NOSKRBUNDLE); } zone_apply_skrbundle(zone, bundle, &keyset, &cdsset, @@ -21681,7 +21522,7 @@ zone_rekey(dns_zone_t *zone) { "zone_rekey:zone_verifykeys failed: " "some key files are missing"); KASP_UNLOCK(kasp); - goto failure; + goto cleanup; } /* @@ -21724,7 +21565,7 @@ zone_rekey(dns_zone_t *zone) { "failed: %s", isc_result_totext(result)); KASP_UNLOCK(kasp); - goto failure; + goto cleanup; } } } else if (offlineksk) { @@ -21772,7 +21613,7 @@ zone_rekey(dns_zone_t *zone) { dnssec_log(zone, ISC_LOG_ERROR, "zone_rekey:couldn't update zone keys: %s", isc_result_totext(result)); - goto failure; + goto cleanup; } if (offlineksk) { @@ -21849,7 +21690,7 @@ zone_rekey(dns_zone_t *zone) { dnssec_log(zone, ISC_LOG_ERROR, "zone_rekey:couldn't update CDS/CDNSKEY: %s", isc_result_totext(result)); - goto failure; + goto cleanup; } if (cdsdel || cdnskeydel) { @@ -21886,7 +21727,7 @@ zone_rekey(dns_zone_t *zone) { "zone_rekey:couldn't update CDS/CDNSKEY " "DELETE records: %s", isc_result_totext(result)); - goto failure; + goto cleanup; } post_sync: @@ -22198,7 +22039,7 @@ zone_rekey(dns_zone_t *zone) { result = ISC_R_SUCCESS; -failure: +cleanup: LOCK_ZONE(zone); if (result != ISC_R_SUCCESS) { /* @@ -22288,7 +22129,6 @@ dns_zone_dnssecstatus(dns_zone_t *zone, dns_kasp_t *kasp, dns_dnsseckeylist_t *keys, isc_stdtime_t now, bool verbose, char *out, size_t out_len) { isc_buffer_t buf; - isc_result_t result = ISC_R_SUCCESS; isc_time_t refreshkeytime; isc_stdtime_t refresh; char timestr[26]; @@ -22312,11 +22152,10 @@ dns_zone_dnssecstatus(dns_zone_t *zone, dns_kasp_t *kasp, bool checkds = zone->checkdstype != dns_checkdstype_no; LOCK(&kasp->lock); - result = dns_keymgr_status(kasp, keys, &buf, now, verbose, checkds); + RETERR(dns_keymgr_status(kasp, keys, &buf, now, verbose, checkds)); UNLOCK(&kasp->lock); -failure: - return result; + return ISC_R_SUCCESS; } isc_result_t @@ -22328,10 +22167,7 @@ dns_zone_nscheck(dns_zone_t *zone, dns_db_t *db, dns_dbversion_t *version, REQUIRE(DNS_ZONE_VALID(zone)); REQUIRE(errors != NULL); - result = dns_db_getoriginnode(db, &node); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(dns_db_getoriginnode(db, &node)); result = zone_count_ns_rr(zone, db, node, version, NULL, errors, false); dns_db_detachnode(&node); return result; @@ -22350,10 +22186,7 @@ dns_zone_cdscheck(dns_zone_t *zone, dns_db_t *db, dns_dbversion_t *version) { REQUIRE(DNS_ZONE_VALID(zone)); - result = dns_db_getoriginnode(db, &node); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(dns_db_getoriginnode(db, &node)); dns_rdataset_init(&cds); dns_rdataset_init(&dnskey); @@ -22361,29 +22194,29 @@ dns_zone_cdscheck(dns_zone_t *zone, dns_db_t *db, dns_dbversion_t *version) { result = dns_db_findrdataset(db, node, version, dns_rdatatype_cds, dns_rdatatype_none, 0, &cds, NULL); - if (result != ISC_R_SUCCESS && result != ISC_R_NOTFOUND) { - goto failure; + if (result != ISC_R_NOTFOUND) { + CHECK(result); } result = dns_db_findrdataset(db, node, version, dns_rdatatype_cdnskey, dns_rdatatype_none, 0, &cdnskey, NULL); - if (result != ISC_R_SUCCESS && result != ISC_R_NOTFOUND) { - goto failure; + if (result != ISC_R_NOTFOUND) { + CHECK(result); } if (!dns_rdataset_isassociated(&cds) && !dns_rdataset_isassociated(&cdnskey)) { result = ISC_R_SUCCESS; - goto failure; + goto cleanup; } result = dns_db_findrdataset(db, node, version, dns_rdatatype_dnskey, dns_rdatatype_none, 0, &dnskey, NULL); if (result == ISC_R_NOTFOUND) { empty = true; - } else if (result != ISC_R_SUCCESS) { - goto failure; + } else { + CHECK(result); } /* @@ -22413,8 +22246,7 @@ dns_zone_cdscheck(dns_zone_t *zone, dns_db_t *db, dns_dbversion_t *version) { } if (empty) { - result = DNS_R_BADCDS; - goto failure; + CLEANUP(DNS_R_BADCDS); } CHECK(dns_rdata_tostruct(&crdata, &structcds, NULL)); @@ -22475,8 +22307,7 @@ dns_zone_cdscheck(dns_zone_t *zone, dns_db_t *db, dns_dbversion_t *version) { &crdata, &dnskey, &rdata); if (result != ISC_R_SUCCESS) { - result = DNS_R_BADCDS; - goto failure; + CLEANUP(DNS_R_BADCDS); } CHECK(dns_rdata_tostruct(&rdata, &structdnskey, NULL)); @@ -22490,12 +22321,10 @@ dns_zone_cdscheck(dns_zone_t *zone, dns_db_t *db, dns_dbversion_t *version) { for (i = 0; i < sizeof(algorithms); i++) { if (delete) { if (algorithms[i] != notexpected) { - result = DNS_R_BADCDS; - goto failure; + CLEANUP(DNS_R_BADCDS); } } else if (algorithms[i] == expected) { - result = DNS_R_BADCDS; - goto failure; + CLEANUP(DNS_R_BADCDS); } } } @@ -22528,8 +22357,7 @@ dns_zone_cdscheck(dns_zone_t *zone, dns_db_t *db, dns_dbversion_t *version) { } if (empty) { - result = DNS_R_BADCDNSKEY; - goto failure; + CLEANUP(DNS_R_BADCDNSKEY); } CHECK(dns_rdata_tostruct(&crdata, &structcdnskey, @@ -22561,18 +22389,16 @@ dns_zone_cdscheck(dns_zone_t *zone, dns_db_t *db, dns_dbversion_t *version) { for (i = 0; i < sizeof(algorithms); i++) { if (delete) { if (algorithms[i] != notexpected) { - result = DNS_R_BADCDNSKEY; - goto failure; + CLEANUP(DNS_R_BADCDNSKEY); } } else if (algorithms[i] == expected) { - result = DNS_R_BADCDNSKEY; - goto failure; + CLEANUP(DNS_R_BADCDNSKEY); } } } result = ISC_R_SUCCESS; -failure: +cleanup: if (dns_rdataset_isassociated(&cds)) { dns_rdataset_disassociate(&cds); } @@ -22841,7 +22667,7 @@ keydone(void *arg) { } ZONEDB_UNLOCK(&zone->dblock, isc_rwlocktype_read); if (db == NULL) { - goto failure; + goto cleanup; } dns_db_currentversion(db, &oldver); @@ -22850,23 +22676,16 @@ keydone(void *arg) { dnssec_log(zone, ISC_LOG_ERROR, "keydone:dns_db_newversion -> %s", isc_result_totext(result)); - goto failure; + goto cleanup; } - result = dns_db_getoriginnode(db, &node); - if (result != ISC_R_SUCCESS) { - goto failure; - } + CHECK(dns_db_getoriginnode(db, &node)); result = dns_db_findrdataset(db, node, newver, zone->privatetype, dns_rdatatype_none, 0, &rdataset, NULL); - if (result == ISC_R_NOTFOUND) { - INSIST(!dns_rdataset_isassociated(&rdataset)); - goto failure; - } if (result != ISC_R_SUCCESS) { INSIST(!dns_rdataset_isassociated(&rdataset)); - goto failure; + goto cleanup; } DNS_RDATASET_FOREACH(&rdataset) { @@ -22930,7 +22749,7 @@ keydone(void *arg) { UNLOCK_ZONE(zone); } -failure: +cleanup: if (dns_rdataset_isassociated(&rdataset)) { dns_rdataset_disassociate(&rdataset); } @@ -22978,14 +22797,14 @@ dns_zone_keydone(dns_zone_t *zone, const char *keystr) { n = sscanf(keystr, "%hu/", &keyid); if (n == 0U) { - CHECK(ISC_R_FAILURE); + CLEANUP(ISC_R_FAILURE); } algstr = strchr(keystr, '/'); if (algstr != NULL) { algstr++; } else { - CHECK(ISC_R_FAILURE); + CLEANUP(ISC_R_FAILURE); } n = sscanf(algstr, "%u", &alg); @@ -23008,7 +22827,7 @@ dns_zone_keydone(dns_zone_t *zone, const char *keystr) { isc_async_run(zone->loop, keydone, kd); kd = NULL; -failure: +cleanup: if (kd != NULL) { isc_mem_put(zone->mctx, kd, sizeof(*kd)); } @@ -23115,7 +22934,7 @@ rss_post(void *arg) { } ZONEDB_UNLOCK(&zone->dblock, isc_rwlocktype_read); if (db == NULL) { - goto failure; + goto cleanup; } dns_db_currentversion(db, &oldver); @@ -23124,7 +22943,7 @@ rss_post(void *arg) { dnssec_log(zone, ISC_LOG_ERROR, "setnsec3param:dns_db_newversion -> %s", isc_result_totext(result)); - goto failure; + goto cleanup; } CHECK(dns_db_getoriginnode(db, &node)); @@ -23146,15 +22965,15 @@ rss_post(void *arg) { if (result == ISC_R_SUCCESS) { /* * Success because the NSEC3PARAM already exists, but - * function returns void, so goto failure to clean up. + * function returns void, so goto cleanup. */ - goto failure; + goto cleanup; } if (result != DNS_R_NSEC3RESALT && result != ISC_R_NOTFOUND) { dnssec_log(zone, ISC_LOG_DEBUG(3), "setnsec3param:lookup nsec3param -> %s", isc_result_totext(result)); - goto failure; + goto cleanup; } INSIST(param.salt != NULL); @@ -23195,7 +23014,7 @@ rss_post(void *arg) { } } else if (result != ISC_R_NOTFOUND) { INSIST(!dns_rdataset_isassociated(&prdataset)); - goto failure; + goto cleanup; } /* @@ -23218,7 +23037,7 @@ rss_post(void *arg) { } } else if (result != ISC_R_NOTFOUND) { INSIST(!dns_rdataset_isassociated(&nrdataset)); - goto failure; + goto cleanup; } /* @@ -23282,7 +23101,7 @@ rss_post(void *arg) { UNLOCK_ZONE(zone); } -failure: +cleanup: if (dns_rdataset_isassociated(&prdataset)) { dns_rdataset_disassociate(&prdataset); } @@ -23415,8 +23234,8 @@ setparam: param->salt = lookup->salt; } - if (result != ISC_R_NOTFOUND && result != ISC_R_SUCCESS) { - goto failure; + if (result != ISC_R_NOTFOUND) { + CHECK(result); } if (param->salt_length == 0) { @@ -23451,7 +23270,7 @@ setparam: INSIST(result != ISC_R_SUCCESS); } -failure: +cleanup: if (dns_rdataset_isassociated(&rdataset)) { dns_rdataset_disassociate(&rdataset); } @@ -23602,7 +23421,7 @@ dns_zone_setnsec3param(dns_zone_t *zone, uint8_t hash, uint8_t flags, result = ISC_R_SUCCESS; -failure: +cleanup: UNLOCK_ZONE(zone); return result; } @@ -23722,7 +23541,7 @@ setserial(void *arg) { } ZONEDB_UNLOCK(&zone->dblock, isc_rwlocktype_read); if (db == NULL) { - goto failure; + goto cleanup; } dns_db_currentversion(db, &oldver); @@ -23731,7 +23550,7 @@ setserial(void *arg) { dns_zone_log(zone, ISC_LOG_ERROR, "setserial:dns_db_newversion -> %s", isc_result_totext(result)); - goto failure; + goto cleanup; } CHECK(dns_db_createsoatuple(db, oldver, diff.mctx, DNS_DIFFOP_DEL, @@ -23751,7 +23570,7 @@ setserial(void *arg) { desired, oldserial + 1, oldserial + 0x7fffffff); } - goto failure; + goto cleanup; } dns_soa_setserial(desired, &newtuple->rdata); @@ -23771,7 +23590,7 @@ setserial(void *arg) { zone_needdump(zone, 30); UNLOCK_ZONE(zone); -failure: +cleanup: if (oldtuple != NULL) { dns_difftuple_free(&oldtuple); } @@ -23808,14 +23627,12 @@ dns_zone_setserial(dns_zone_t *zone, uint32_t serial) { if (!inline_secure(zone)) { if (!dns_zone_isdynamic(zone, true)) { - result = DNS_R_NOTDYNAMIC; - goto failure; + CLEANUP(DNS_R_NOTDYNAMIC); } } if (zone->update_disabled) { - result = DNS_R_FROZEN; - goto failure; + CLEANUP(DNS_R_FROZEN); } sse = isc_mem_get(zone->mctx, sizeof(*sse)); @@ -23823,7 +23640,7 @@ dns_zone_setserial(dns_zone_t *zone, uint32_t serial) { zone_iattach(zone, &sse->zone); isc_async_run(zone->loop, setserial, sse); -failure: +cleanup: UNLOCK_ZONE(zone); return result; } @@ -23866,16 +23683,14 @@ dns_zone_verifydb(dns_zone_t *zone, dns_db_t *db, dns_dbversion_t *ver) { if (zone->view != NULL) { result = dns_view_getsecroots(zone->view, &secroots); - if (result != ISC_R_SUCCESS) { - goto done; - } + CHECK(result); } origin = dns_db_origin(db); result = dns_zoneverify_dnssec(zone, db, version, origin, secroots, zone->mctx, true, false, dnssec_report); -done: +cleanup: if (secroots != NULL) { dns_keytable_detach(&secroots); } @@ -24004,7 +23819,7 @@ dns_zone_import_skr(dns_zone_t *zone, const char *file) { dns_zone_setskr(zone, skr); dnssec_log(zone, ISC_LOG_DEBUG(1), "imported skr file %s", file); -failure: +cleanup: dns_skr_detach(&skr); return result; diff --git a/lib/dns/zoneverify.c b/lib/dns/zoneverify.c index 2451c2bcdf..5cde1aa4f0 100644 --- a/lib/dns/zoneverify.c +++ b/lib/dns/zoneverify.c @@ -704,10 +704,7 @@ verifynsec3(const vctx_t *vctx, const dns_name_t *name, return result; } - result = isoptout(vctx, &nsec3param, &optout); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(isoptout(vctx, &nsec3param, &optout)); dns_fixedname_init(&fixed); result = dns_nsec3_hashname( @@ -772,23 +769,18 @@ verifynsec3s(const vctx_t *vctx, const dns_name_t *name, dns_rdataset_t *nsec3paramset, bool delegation, bool empty, const unsigned char types[8192], unsigned int maxtype, isc_result_t *vresult) { - isc_result_t result = ISC_R_NOMORE; - DNS_RDATASET_FOREACH(nsec3paramset) { dns_rdata_t rdata = DNS_RDATA_INIT; dns_rdataset_current(nsec3paramset, &rdata); - result = verifynsec3(vctx, name, &rdata, delegation, empty, - types, maxtype, vresult); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(verifynsec3(vctx, name, &rdata, delegation, empty, types, + maxtype, vresult)); if (*vresult != ISC_R_SUCCESS) { break; } } - return result; + return ISC_R_SUCCESS; } static isc_result_t @@ -970,19 +962,13 @@ verifynode(vctx_t *vctx, const dns_name_t *name, dns_dbnode_t *node, *vresult = ISC_R_SUCCESS; if (nsecset != NULL && dns_rdataset_isassociated(nsecset)) { - result = verifynsec(vctx, name, node, nextname, &tvresult); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(verifynsec(vctx, name, node, nextname, &tvresult)); *vresult = tvresult; } if (nsec3paramset != NULL && dns_rdataset_isassociated(nsec3paramset)) { - result = verifynsec3s(vctx, name, nsec3paramset, delegation, - false, types, maxtype, &tvresult); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(verifynsec3s(vctx, name, nsec3paramset, delegation, + false, types, maxtype, &tvresult)); if (*vresult == ISC_R_SUCCESS) { *vresult = tvresult; } @@ -1217,7 +1203,7 @@ verifyemptynodes(const vctx_t *vctx, const dns_name_t *name, int order; unsigned int labels, nlabels, i; dns_name_t suffix; - isc_result_t result, tvresult = ISC_R_UNSET; + isc_result_t tvresult = ISC_R_UNSET; *vresult = ISC_R_SUCCESS; @@ -1238,12 +1224,9 @@ verifyemptynodes(const vctx_t *vctx, const dns_name_t *name, if (nsec3paramset != NULL && dns_rdataset_isassociated(nsec3paramset)) { - result = verifynsec3s( - vctx, &suffix, nsec3paramset, - isdelegation, true, NULL, 0, &tvresult); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(verifynsec3s(vctx, &suffix, + nsec3paramset, isdelegation, + true, NULL, 0, &tvresult)); if (*vresult == ISC_R_SUCCESS) { *vresult = tvresult; } @@ -1486,11 +1469,7 @@ check_dnskey_sigs(vctx_t *vctx, const dns_rdata_dnskey_t *dnskey, * is NULL, then we have neither a DNSKEY nor a DS format * trust anchor, and can give up. */ - result = dns_keytable_find(vctx->secroots, vctx->origin, &keynode); - if (result != ISC_R_SUCCESS) { - /* No such trust anchor */ - goto cleanup; - } + CHECK(dns_keytable_find(vctx->secroots, vctx->origin, &keynode)); /* * If the keynode has any DS format trust anchors, that means diff --git a/lib/isc/base32.c b/lib/isc/base32.c index 74e74839f2..7ba1b33b43 100644 --- a/lib/isc/base32.c +++ b/lib/isc/base32.c @@ -22,13 +22,6 @@ #include #include -#define RETERR(x) \ - do { \ - isc_result_t _r = (x); \ - if (_r != ISC_R_SUCCESS) \ - return ((_r)); \ - } while (0) - /*@{*/ /*! * These static functions are also present in lib/dns/rdata.c. I'm not diff --git a/lib/isc/base64.c b/lib/isc/base64.c index a51aa0d163..ba4ee7148f 100644 --- a/lib/isc/base64.c +++ b/lib/isc/base64.c @@ -21,13 +21,6 @@ #include #include -#define RETERR(x) \ - do { \ - isc_result_t _r = (x); \ - if (_r != ISC_R_SUCCESS) \ - return ((_r)); \ - } while (0) - /*@{*/ /*! * These static functions are also present in lib/dns/rdata.c. I'm not diff --git a/lib/isc/commandline.c b/lib/isc/commandline.c index fdbcbb46e3..513f85a92d 100644 --- a/lib/isc/commandline.c +++ b/lib/isc/commandline.c @@ -211,8 +211,6 @@ isc_commandline_parse(int argc, char *const *argv, const char *options) { isc_result_t isc_commandline_strtoargv(isc_mem_t *mctx, char *s, unsigned int *argcp, char ***argvp, unsigned int n) { - isc_result_t result; - restart: /* Discard leading whitespace. */ while (*s == ' ' || *s == '\t') { @@ -256,11 +254,7 @@ restart: *p++ = '\0'; } - result = isc_commandline_strtoargv(mctx, p, argcp, argvp, - n + 1); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(isc_commandline_strtoargv(mctx, p, argcp, argvp, n + 1)); (*argvp)[n] = s; } diff --git a/lib/isc/file.c b/lib/isc/file.c index fe027ae24c..fbf0b80fb1 100644 --- a/lib/isc/file.c +++ b/lib/isc/file.c @@ -576,15 +576,13 @@ dir_current(char *dirname, size_t length) { isc_result_t isc_file_absolutepath(const char *filename, char *path, size_t pathlen) { - isc_result_t result; - result = dir_current(path, pathlen); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(dir_current(path, pathlen)); + if (strlen(path) + strlen(filename) + 1 > pathlen) { return ISC_R_NOSPACE; } strlcat(path, filename, pathlen); + return ISC_R_SUCCESS; } @@ -697,7 +695,6 @@ isc_file_sanitize(const char *dir, const char *base, const char *ext, unsigned int digestlen; char hash[ISC_MAX_MD_SIZE * 2 + 1]; size_t l = 0; - isc_result_t err; REQUIRE(base != NULL); REQUIRE(path != NULL); @@ -724,16 +721,10 @@ isc_file_sanitize(const char *dir, const char *base, const char *ext, } /* Check whether the full-length SHA256 hash filename exists */ - err = isc_md(ISC_MD_SHA256, (const unsigned char *)base, strlen(base), - digest, &digestlen); - if (err != ISC_R_SUCCESS) { - return err; - } + RETERR(isc_md(ISC_MD_SHA256, (const unsigned char *)base, strlen(base), + digest, &digestlen)); - err = digest2hex(digest, digestlen, hash, sizeof(hash)); - if (err != ISC_R_SUCCESS) { - return err; - } + RETERR(digest2hex(digest, digestlen, hash, sizeof(hash))); snprintf(buf, sizeof(buf), "%s%s%s%s%s", dir != NULL ? dir : "", dir != NULL ? "/" : "", hash, ext != NULL ? "." : "", diff --git a/lib/isc/getaddresses.c b/lib/isc/getaddresses.c index e77ef7a085..ff9922d066 100644 --- a/lib/isc/getaddresses.c +++ b/lib/isc/getaddresses.c @@ -81,14 +81,8 @@ isc_getaddresses(const char *hostname, in_port_t port, isc_sockaddr_t *addrs, } if (d != NULL) { - isc_result_t iresult; - - iresult = isc_netscope_pton(AF_INET6, d + 1, - &in6, &zone); - - if (iresult != ISC_R_SUCCESS) { - return iresult; - } + RETERR(isc_netscope_pton(AF_INET6, d + 1, &in6, + &zone)); } isc_netaddr_fromin6(&na, &in6); diff --git a/lib/isc/hex.c b/lib/isc/hex.c index cf174daa98..7f63df7aa6 100644 --- a/lib/isc/hex.c +++ b/lib/isc/hex.c @@ -38,13 +38,6 @@ const uint8_t isc__hex_char[256] = { #undef U #undef L -#define RETERR(x) \ - do { \ - isc_result_t _r = (x); \ - if (_r != ISC_R_SUCCESS) \ - return ((_r)); \ - } while (0) - /* * BEW: These static functions are copied from lib/dns/rdata.c. */ diff --git a/lib/isc/httpd.c b/lib/isc/httpd.c index 06c61e316b..13b3d55a63 100644 --- a/lib/isc/httpd.c +++ b/lib/isc/httpd.c @@ -37,14 +37,6 @@ #include #endif /* ifdef HAVE_ZLIB */ -#define CHECK(m) \ - do { \ - result = (m); \ - if (result != ISC_R_SUCCESS) { \ - goto cleanup; \ - } \ - } while (0) - /* * Size the recv buffer to hold at maximum two full buffers from isc_nm_read(), * so we don't have to handle the truncation. @@ -369,7 +361,6 @@ process_request(isc_httpd_t *httpd, size_t last_len) { size_t path_len = 0; struct phr_header headers[HTTP_HEADERS_NUM]; size_t num_headers; - isc_result_t result; num_headers = ARRAY_SIZE(headers); @@ -409,10 +400,7 @@ process_request(isc_httpd_t *httpd, size_t last_len) { /* * Parse the URL */ - result = isc_url_parse(path, path_len, 0, &httpd->up); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(isc_url_parse(path, path_len, 0, &httpd->up)); httpd->path = path; /* diff --git a/lib/isc/include/isc/buffer.h b/lib/isc/include/isc/buffer.h index 75754bf08e..3987fef824 100644 --- a/lib/isc/include/isc/buffer.h +++ b/lib/isc/include/isc/buffer.h @@ -1190,16 +1190,11 @@ isc_buffer_dup(isc_mem_t *mctx, isc_buffer_t **restrict dstp, static inline isc_result_t isc_buffer_copyregion(isc_buffer_t *restrict b, const isc_region_t *restrict r) { - isc_result_t result; - REQUIRE(ISC_BUFFER_VALID(b)); REQUIRE(r != NULL); if (b->mctx) { - result = isc_buffer_reserve(b, r->length); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(isc_buffer_reserve(b, r->length)); } if (r->length > isc_buffer_availablelength(b)) { @@ -1216,9 +1211,8 @@ isc_buffer_copyregion(isc_buffer_t *restrict b, static inline isc_result_t isc_buffer_printf(isc_buffer_t *restrict b, const char *restrict format, ...) { - va_list ap; - int n; - isc_result_t result; + va_list ap; + int n; REQUIRE(ISC_BUFFER_VALID(b)); @@ -1231,10 +1225,7 @@ isc_buffer_printf(isc_buffer_t *restrict b, const char *restrict format, ...) { } if (b->mctx) { - result = isc_buffer_reserve(b, n + 1); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(isc_buffer_reserve(b, n + 1)); } if (isc_buffer_availablelength(b) < (unsigned int)n + 1) { diff --git a/lib/isc/include/isc/util.h b/lib/isc/include/isc/util.h index 95d93fd332..5564bb7199 100644 --- a/lib/isc/include/isc/util.h +++ b/lib/isc/include/isc/util.h @@ -241,6 +241,40 @@ mock_assert(const int result, const char *const expression, #endif /* UNIT_TESTING */ +/* + * Check for ISC_R_SUCCESS. On any other result, jump to a cleanup + * label. (This macro requires the function to define `result` + * and `cleanup:`.) + */ +#define CHECK(r) \ + { \ + result = (r); \ + if (result != ISC_R_SUCCESS) { \ + goto cleanup; \ + } \ + } + +/* + * Unconditionally jump to the cleanup tag with 'result' set to 'r'. + */ +#define CLEANUP(r) \ + { \ + result = (r); \ + goto cleanup; \ + } + +/* + * Check for ISC_R_SUCCESS and continue if found. For any other + * result, return the result. + */ +#define RETERR(x) \ + { \ + isc_result_t _r = (x); \ + if (_r != ISC_R_SUCCESS) { \ + return ((_r)); \ + } \ + } + /*% * Runtime check which logs the error value returned by a POSIX Threads * function and the error string that corresponds to it diff --git a/lib/isc/interfaceiter.c b/lib/isc/interfaceiter.c index cd03dbf91c..4a5518a141 100644 --- a/lib/isc/interfaceiter.c +++ b/lib/isc/interfaceiter.c @@ -170,8 +170,7 @@ isc_interfaceiter_create(isc_mem_t *mctx, isc_interfaceiter_t **iterp) { strerror_r(errno, strbuf, sizeof(strbuf)); UNEXPECTED_ERROR("getting interface addresses: getifaddrs: %s", strbuf); - result = ISC_R_UNEXPECTED; - goto failure; + CLEANUP(ISC_R_UNEXPECTED); } /* @@ -185,7 +184,7 @@ isc_interfaceiter_create(isc_mem_t *mctx, isc_interfaceiter_t **iterp) { *iterp = iter; return ISC_R_SUCCESS; -failure: +cleanup: if (iter->ifaddrs != NULL) { /* just in case */ freeifaddrs(iter->ifaddrs); } diff --git a/lib/isc/lex.c b/lib/isc/lex.c index e38947cbdd..588ffa6bf1 100644 --- a/lib/isc/lex.c +++ b/lib/isc/lex.c @@ -200,7 +200,6 @@ new_source(isc_lex_t *lex, bool is_file, bool need_close, void *input, isc_result_t isc_lex_openfile(isc_lex_t *lex, const char *filename) { - isc_result_t result; FILE *stream = NULL; /* @@ -209,10 +208,7 @@ isc_lex_openfile(isc_lex_t *lex, const char *filename) { REQUIRE(VALID_LEX(lex)); - result = isc_stdio_open(filename, "r", &stream); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(isc_stdio_open(filename, "r", &stream)); new_source(lex, true, true, stream, filename); return ISC_R_SUCCESS; diff --git a/lib/isc/log.c b/lib/isc/log.c index ad984c0068..5893eb4a86 100644 --- a/lib/isc/log.c +++ b/lib/isc/log.c @@ -796,14 +796,7 @@ greatest_version(isc_logfile_t *file, int versions, int *greatestp) { bnamelen = strlen(bname); isc_dir_init(&dir); - result = isc_dir_open(&dir, dirname); - - /* - * Return if the directory open failed. - */ - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(isc_dir_open(&dir, dirname)); while (isc_dir_read(&dir) == ISC_R_SUCCESS) { if (dir.entry.length > bnamelen && @@ -943,14 +936,7 @@ remove_old_tsversions(isc_logfile_t *file, int versions) { bnamelen = strlen(bname); isc_dir_init(&dir); - result = isc_dir_open(&dir, dirname); - - /* - * Return if the directory open failed. - */ - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(isc_dir_open(&dir, dirname)); last = last_to_keep(versions, &dir, bname, bnamelen); @@ -1023,10 +1009,7 @@ roll_increment(isc_logfile_t *file) { * Get the largest existing version and remove any * version greater than the permitted version. */ - result = greatest_version(file, file->versions, &greatest); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(greatest_version(file, file->versions, &greatest)); /* * Increment if greatest is not the actual maximum value. diff --git a/lib/isc/netmgr/tcp.c b/lib/isc/netmgr/tcp.c index 694286aebd..84e57693bb 100644 --- a/lib/isc/netmgr/tcp.c +++ b/lib/isc/netmgr/tcp.c @@ -720,15 +720,11 @@ isc__nm_tcp_read(isc_nmhandle_t *handle, isc_nm_recv_cb_t cb, void *cbarg) { } if (isc__nmsocket_closing(sock)) { - result = ISC_R_CANCELED; - goto failure; + CLEANUP(ISC_R_CANCELED); } if (!sock->reading_throttled) { - result = isc__nm_start_reading(sock); - if (result != ISC_R_SUCCESS) { - goto failure; - } + CHECK(isc__nm_start_reading(sock)); } sock->reading = true; @@ -738,7 +734,7 @@ isc__nm_tcp_read(isc_nmhandle_t *handle, isc_nm_recv_cb_t cb, void *cbarg) { } return; -failure: +cleanup: isc__nm_tcp_failed_read_cb(sock, result, true); } @@ -916,15 +912,14 @@ accept_connection(isc_nmsocket_t *csock) { * isc__nm_tcp_close() can't handle uninitalized TCP nmsocket. */ if (isc__nmsocket_closing(csock)) { - result = ISC_R_CANCELED; - goto failure; + CLEANUP(ISC_R_CANCELED); } r = uv_accept(&csock->server->uv_handle.stream, &csock->uv_handle.stream); if (r != 0) { result = isc_uverr2result(r); - goto failure; + goto cleanup; } /* Check if the connection is not expired */ @@ -941,8 +936,7 @@ accept_connection(isc_nmsocket_t *csock) { * it has expired. We cannot do anything better than * drop it on the floor at this point. */ - result = ISC_R_TIMEDOUT; - goto failure; + CLEANUP(ISC_R_TIMEDOUT); } else { /* Adjust the initial read timeout accordingly */ csock->read_timeout -= time_elapsed_ms; @@ -953,33 +947,26 @@ accept_connection(isc_nmsocket_t *csock) { &(int){ sizeof(ss) }); if (r != 0) { result = isc_uverr2result(r); - goto failure; + goto cleanup; } - result = isc_sockaddr_fromsockaddr(&csock->peer, - (struct sockaddr *)&ss); - if (result != ISC_R_SUCCESS) { - goto failure; - } + CHECK(isc_sockaddr_fromsockaddr(&csock->peer, (struct sockaddr *)&ss)); r = uv_tcp_getsockname(&csock->uv_handle.tcp, (struct sockaddr *)&ss, &(int){ sizeof(ss) }); if (r != 0) { result = isc_uverr2result(r); - goto failure; + goto cleanup; } - result = isc_sockaddr_fromsockaddr(&local, (struct sockaddr *)&ss); - if (result != ISC_R_SUCCESS) { - goto failure; - } + CHECK(isc_sockaddr_fromsockaddr(&local, (struct sockaddr *)&ss)); handle = isc__nmhandle_get(csock, NULL, &local); result = csock->accept_cb(handle, ISC_R_SUCCESS, csock->accept_cbarg); if (result != ISC_R_SUCCESS) { isc_nmhandle_detach(&handle); - goto failure; + goto cleanup; } csock->accepting = false; @@ -1001,7 +988,7 @@ accept_connection(isc_nmsocket_t *csock) { return ISC_R_SUCCESS; -failure: +cleanup: csock->active = false; csock->accepting = false; diff --git a/lib/isc/netmgr/udp.c b/lib/isc/netmgr/udp.c index bb3cb67045..7922683bdc 100644 --- a/lib/isc/netmgr/udp.c +++ b/lib/isc/netmgr/udp.c @@ -281,18 +281,14 @@ isc_nm_listenudp(uint32_t workers, isc_sockaddr_t *iface, isc_nm_recv_cb_t cb, #ifdef USE_ROUTE_SOCKET static isc_result_t route_socket(uv_os_sock_t *fdp) { - isc_result_t result; uv_os_sock_t fd = -1; #ifdef USE_NETLINK struct sockaddr_nl sa; int r; #endif - result = isc__nm_socket(ROUTE_SOCKET_PF, SOCK_RAW, - ROUTE_SOCKET_PROTOCOL, &fd); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(isc__nm_socket(ROUTE_SOCKET_PF, SOCK_RAW, ROUTE_SOCKET_PROTOCOL, + &fd)); #ifdef USE_NETLINK sa.nl_family = PF_NETLINK; @@ -361,10 +357,7 @@ isc_nm_routeconnect(isc_nm_cb_t cb, void *cbarg) { return ISC_R_SHUTTINGDOWN; } - result = route_socket(&fd); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(route_socket(&fd)); sock = isc_mempool_get(worker->nmsocket_pool); isc__nmsocket_init(sock, worker, isc_nm_udpsocket, NULL, NULL); diff --git a/lib/isc/parseint.c b/lib/isc/parseint.c index 001fe9d416..d9887aef1d 100644 --- a/lib/isc/parseint.c +++ b/lib/isc/parseint.c @@ -51,11 +51,8 @@ isc_parse_uint32(uint32_t *uip, const char *string, int base) { isc_result_t isc_parse_uint16(uint16_t *uip, const char *string, int base) { uint32_t val; - isc_result_t result; - result = isc_parse_uint32(&val, string, base); - if (result != ISC_R_SUCCESS) { - return result; - } + + RETERR(isc_parse_uint32(&val, string, base)); if (val > 0xFFFF) { return ISC_R_RANGE; } @@ -66,11 +63,8 @@ isc_parse_uint16(uint16_t *uip, const char *string, int base) { isc_result_t isc_parse_uint8(uint8_t *uip, const char *string, int base) { uint32_t val; - isc_result_t result; - result = isc_parse_uint32(&val, string, base); - if (result != ISC_R_SUCCESS) { - return result; - } + + RETERR(isc_parse_uint32(&val, string, base)); if (val > 0xFF) { return ISC_R_RANGE; } diff --git a/lib/isc/proxy2.c b/lib/isc/proxy2.c index 7837b65528..5c9644097a 100644 --- a/lib/isc/proxy2.c +++ b/lib/isc/proxy2.c @@ -673,7 +673,6 @@ isc_proxy2_handler_addresses(const isc_proxy2_handler_t *restrict handler, int *restrict psocktype, isc_sockaddr_t *restrict psrc_addr, isc_sockaddr_t *restrict pdst_addr) { - isc_result_t result; size_t ret; isc_region_t header_region = { 0 }; isc_buffer_t buf = { 0 }; @@ -693,12 +692,8 @@ isc_proxy2_handler_addresses(const isc_proxy2_handler_t *restrict handler, INSIST(handler->expect_data == 0); - result = isc__proxy2_handler_get_addresses( - (isc_proxy2_handler_t *)handler, &buf, psrc_addr, pdst_addr); - - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(isc__proxy2_handler_get_addresses( + (isc_proxy2_handler_t *)handler, &buf, psrc_addr, pdst_addr)); SET_IF_NOT_NULL(psocktype, proxy2_socktype_to_socktype(handler->proxy_socktype)); @@ -840,12 +835,8 @@ isc_proxy2_subtlv_tls_iterate(const isc_region_t *restrict tls_tlv_data, return ISC_R_RANGE; } - result = isc_proxy2_subtlv_tls_header_data(tls_tlv_data, &client_flags, - &client_cert_verified); - - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(isc_proxy2_subtlv_tls_header_data(tls_tlv_data, &client_flags, + &client_cert_verified)); p = tls_tlv_data->base; p += ISC_PROXY2_TLS_SUBHEADER_MIN_SIZE; @@ -1041,14 +1032,10 @@ error_range: isc_result_t isc_proxy2_tlv_data_verify(const isc_region_t *restrict tlv_data) { - isc_result_t result; tlv_verify_cbarg_t cbarg = { .verify_result = ISC_R_SUCCESS }; - result = isc_proxy2_tlv_iterate(tlv_data, isc_proxy2_tlv_verify_cb, - &cbarg); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(isc_proxy2_tlv_iterate(tlv_data, isc_proxy2_tlv_verify_cb, + &cbarg)); return cbarg.verify_result; } diff --git a/lib/isc/radix.c b/lib/isc/radix.c index 31cceed1b0..afa38ea453 100644 --- a/lib/isc/radix.c +++ b/lib/isc/radix.c @@ -450,11 +450,7 @@ isc_radix_insert(isc_radix_tree_t *radix, isc_radix_node_t **target, *target = node; return ISC_R_SUCCESS; } else { - result = _ref_prefix(radix->mctx, &node->prefix, - prefix); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(_ref_prefix(radix->mctx, &node->prefix, prefix)); } INSIST(node->data[RADIX_V4] == NULL && node->node_num[RADIX_V4] == -1 && diff --git a/lib/isc/sockaddr.c b/lib/isc/sockaddr.c index f09d8aacbc..cd1d7eb74f 100644 --- a/lib/isc/sockaddr.c +++ b/lib/isc/sockaddr.c @@ -114,7 +114,6 @@ isc_sockaddr_eqaddrprefix(const isc_sockaddr_t *a, const isc_sockaddr_t *b, isc_result_t isc_sockaddr_totext(const isc_sockaddr_t *sockaddr, isc_buffer_t *target) { - isc_result_t result; isc_netaddr_t netaddr; char pbuf[sizeof("65000")]; unsigned int plen; @@ -144,10 +143,7 @@ isc_sockaddr_totext(const isc_sockaddr_t *sockaddr, isc_buffer_t *target) { INSIST(plen < sizeof(pbuf)); isc_netaddr_fromsockaddr(&netaddr, sockaddr); - result = isc_netaddr_totext(&netaddr, target); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(isc_netaddr_totext(&netaddr, target)); if (1 + plen + 1 > isc_buffer_availablelength(target)) { return ISC_R_NOSPACE; diff --git a/lib/isc/url.c b/lib/isc/url.c index 6ba4cb4991..eaa10129b0 100644 --- a/lib/isc/url.c +++ b/lib/isc/url.c @@ -622,12 +622,7 @@ isc_url_parse(const char *buf, size_t buflen, bool is_connect, } if (up->field_set & (1 << ISC_UF_HOST)) { - isc_result_t result; - - result = http_parse_host(buf, up, found_at); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(http_parse_host(buf, up, found_at)); } /* CONNECT requests can only contain "hostname:port" */ diff --git a/lib/isccc/base64.c b/lib/isccc/base64.c index 3ead3633e7..73f65641f5 100644 --- a/lib/isccc/base64.c +++ b/lib/isccc/base64.c @@ -42,17 +42,13 @@ isccc_base64_encode(isccc_region_t *source, int wordlength, const char *wordbreak, isccc_region_t *target) { isc_region_t sr; isc_buffer_t tb; - isc_result_t result; sr.base = source->rstart; sr.length = (unsigned int)(source->rend - source->rstart); isc_buffer_init(&tb, target->rstart, (unsigned int)(target->rend - target->rstart)); - result = isc_base64_totext(&sr, wordlength, wordbreak, &tb); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(isc_base64_totext(&sr, wordlength, wordbreak, &tb)); source->rstart = source->rend; target->rstart = isc_buffer_used(&tb); return ISC_R_SUCCESS; @@ -61,14 +57,10 @@ isccc_base64_encode(isccc_region_t *source, int wordlength, isc_result_t isccc_base64_decode(const char *cstr, isccc_region_t *target) { isc_buffer_t b; - isc_result_t result; isc_buffer_init(&b, target->rstart, (unsigned int)(target->rend - target->rstart)); - result = isc_base64_decodestring(cstr, &b); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(isc_base64_decodestring(cstr, &b)); target->rstart = isc_buffer_used(&b); return ISC_R_SUCCESS; } diff --git a/lib/isccc/cc.c b/lib/isccc/cc.c index 2df9305f36..a8f1a759af 100644 --- a/lib/isccc/cc.c +++ b/lib/isccc/cc.c @@ -146,10 +146,7 @@ value_towire(isccc_sexpr_t *elt, isc_buffer_t **buffer) { /* * Emit the table. */ - result = table_towire(elt, buffer); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(table_towire(elt, buffer)); len = (*buffer)->used - used; /* @@ -180,10 +177,7 @@ value_towire(isccc_sexpr_t *elt, isc_buffer_t **buffer) { /* * Emit the list. */ - result = list_towire(elt, buffer); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(list_towire(elt, buffer)); len = (*buffer)->used - used; /* @@ -229,10 +223,7 @@ table_towire(isccc_sexpr_t *alist, isc_buffer_t **buffer) { /* * Emit the value. */ - result = value_towire(v, buffer); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(value_towire(v, buffer)); } return ISC_R_SUCCESS; @@ -240,13 +231,8 @@ table_towire(isccc_sexpr_t *alist, isc_buffer_t **buffer) { static isc_result_t list_towire(isccc_sexpr_t *list, isc_buffer_t **buffer) { - isc_result_t result; - while (list != NULL) { - result = value_towire(ISCCC_SEXPR_CAR(list), buffer); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(value_towire(ISCCC_SEXPR_CAR(list), buffer)); list = ISCCC_SEXPR_CDR(list); } @@ -257,7 +243,6 @@ static isc_result_t sign(unsigned char *data, unsigned int length, unsigned char *out, uint32_t algorithm, isccc_region_t *secret) { const isc_md_type_t *md_type; - isc_result_t result; isccc_region_t source, target; unsigned char digest[ISC_MAX_MD_SIZE]; unsigned int digestlen = sizeof(digest); @@ -288,20 +273,14 @@ sign(unsigned char *data, unsigned int length, unsigned char *out, return ISC_R_NOTIMPLEMENTED; } - result = isc_hmac(md_type, secret->rstart, REGION_SIZE(*secret), data, - length, digest, &digestlen); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(isc_hmac(md_type, secret->rstart, REGION_SIZE(*secret), data, + length, digest, &digestlen)); source.rend = digest + digestlen; memset(digestb64, 0, sizeof(digestb64)); target.rstart = digestb64; target.rend = digestb64 + sizeof(digestb64); - result = isccc_base64_encode(&source, 64, "", &target); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(isccc_base64_encode(&source, 64, "", &target)); if (algorithm == ISCCC_ALG_HMACMD5) { PUT_MEM(digestb64, HMD5_LENGTH, out); } else { @@ -361,10 +340,7 @@ isccc_cc_towire(isccc_sexpr_t *alist, isc_buffer_t **buffer, uint32_t algorithm, /* * Emit the message. */ - result = table_towire(alist, buffer); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(table_towire(alist, buffer)); if (secret != NULL) { return sign((unsigned char *)(*buffer)->base + signed_base, (*buffer)->used - signed_base, @@ -380,7 +356,6 @@ verify(isccc_sexpr_t *alist, unsigned char *data, unsigned int length, const isc_md_type_t *md_type; isccc_region_t source; isccc_region_t target; - isc_result_t result; isccc_sexpr_t *_auth, *hmacvalue; unsigned char digest[ISC_MAX_MD_SIZE]; unsigned int digestlen = sizeof(digest); @@ -429,20 +404,14 @@ verify(isccc_sexpr_t *alist, unsigned char *data, unsigned int length, return ISC_R_NOTIMPLEMENTED; } - result = isc_hmac(md_type, secret->rstart, REGION_SIZE(*secret), data, - length, digest, &digestlen); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(isc_hmac(md_type, secret->rstart, REGION_SIZE(*secret), data, + length, digest, &digestlen)); source.rend = digest + digestlen; target.rstart = digestb64; target.rend = digestb64 + sizeof(digestb64); memset(digestb64, 0, sizeof(digestb64)); - result = isccc_base64_encode(&source, 64, "", &target); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(isccc_base64_encode(&source, 64, "", &target)); /* * Verify. @@ -752,10 +721,7 @@ isccc_cc_createack(isccc_sexpr_t *message, bool ok, isccc_sexpr_t **ackp) { * Create the ack. */ ack = NULL; - result = createmessage(1, _to, _frm, serial, t, 0, &ack, false); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(createmessage(1, _to, _frm, serial, t, 0, &ack, false)); _ctrl = isccc_alist_lookup(ack, "_ctrl"); if (_ctrl == NULL) { @@ -834,11 +800,8 @@ isccc_cc_createresponse(isccc_sexpr_t *message, isccc_time_t now, * Create the response. */ alist = NULL; - result = isccc_cc_createmessage(1, _to, _frm, serial, now, expires, - &alist); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(isccc_cc_createmessage(1, _to, _frm, serial, now, expires, + &alist)); _ctrl = isccc_alist_lookup(alist, "_ctrl"); if (_ctrl == NULL) { diff --git a/lib/isccfg/aclconf.c b/lib/isccfg/aclconf.c index 8076c82971..cea7a84328 100644 --- a/lib/isccfg/aclconf.c +++ b/lib/isccfg/aclconf.c @@ -75,13 +75,9 @@ ISC_REFCOUNT_IMPL(cfg_aclconfctx, destroy_aclctx); */ static isc_result_t get_acl_def(const cfg_obj_t *cctx, const char *name, const cfg_obj_t **ret) { - isc_result_t result; const cfg_obj_t *acls = NULL; - result = cfg_map_get(cctx, "acl", &acls); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(cfg_map_get(cctx, "acl", &acls)); CFG_LIST_FOREACH(acls, elt) { const cfg_obj_t *acl = cfg_listelt_value(elt); const char *aclname = @@ -202,11 +198,8 @@ count_acl_elements(const cfg_obj_t *caml, const cfg_obj_t *cctx, } else if (cfg_obj_islist(ce)) { bool negative; uint32_t sub; - result = count_acl_elements(ce, cctx, ctx, mctx, &sub, - &negative); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(count_acl_elements(ce, cctx, ctx, mctx, &sub, + &negative)); n += sub; if (negative) { n++; @@ -642,11 +635,8 @@ cfg_acl_fromconfig(const cfg_obj_t *acl_data, const cfg_obj_t *cctx, uint32_t nelem; if (nest_level == 0) { - result = count_acl_elements(caml, cctx, ctx, mctx, - &nelem, NULL); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(count_acl_elements(caml, cctx, ctx, mctx, &nelem, + NULL)); } else { nelem = cfg_list_length(caml, false); } @@ -699,8 +689,7 @@ cfg_acl_fromconfig(const cfg_obj_t *acl_data, const cfg_obj_t *cctx, transports = isc_nm_httpsocket; encrypted = false; } else { - result = ISC_R_FAILURE; - goto cleanup; + CLEANUP(ISC_R_FAILURE); } } @@ -762,11 +751,8 @@ cfg_acl_fromconfig(const cfg_obj_t *acl_data, const cfg_obj_t *cctx, * the nestedacl element, not the iptable entry. */ setpos = (nest_level != 0 || !neg); - result = dns_iptable_addprefix(iptab, &addr, bitlen, - setpos); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(dns_iptable_addprefix(iptab, &addr, bitlen, + setpos)); if (nest_level > 0) { INSIST(dacl->length < dacl->alloc); @@ -785,11 +771,8 @@ cfg_acl_fromconfig(const cfg_obj_t *acl_data, const cfg_obj_t *cctx, if (inneracl != NULL) { dns_acl_detach(&inneracl); } - result = cfg_acl_fromconfig(ce, cctx, ctx, mctx, - new_nest_level, &inneracl); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(cfg_acl_fromconfig(ce, cctx, ctx, mctx, + new_nest_level, &inneracl)); nested_acl: if (nest_level > 0 || inneracl->has_negatives) { INSIST(dacl->length < dacl->alloc); @@ -822,19 +805,13 @@ cfg_acl_fromconfig(const cfg_obj_t *acl_data, const cfg_obj_t *cctx, de->type = dns_aclelementtype_keyname; de->negative = neg; dns_name_init(&de->keyname); - result = convert_keyname(ce, mctx, &de->keyname); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(convert_keyname(ce, mctx, &de->keyname)); #if defined(HAVE_GEOIP2) } else if (cfg_obj_istuple(ce) && cfg_obj_isvoid(cfg_tuple_get(ce, "negated"))) { INSIST(dacl->length < dacl->alloc); - result = parse_geoip_element(ce, ctx, de); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(parse_geoip_element(ce, ctx, de)); de->type = dns_aclelementtype_geoip; de->negative = neg; #endif /* HAVE_GEOIP2 */ @@ -844,11 +821,8 @@ cfg_acl_fromconfig(const cfg_obj_t *acl_data, const cfg_obj_t *cctx, if (strcasecmp(name, "any") == 0) { /* Iptable entry with zero bit length. */ setpos = (nest_level != 0 || !neg); - result = dns_iptable_addprefix(iptab, NULL, 0, - setpos); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(dns_iptable_addprefix(iptab, NULL, 0, + setpos)); if (nest_level != 0) { INSIST(dacl->length < dacl->alloc); @@ -866,11 +840,8 @@ cfg_acl_fromconfig(const cfg_obj_t *acl_data, const cfg_obj_t *cctx, * "!none;". */ setpos = (nest_level != 0 || neg); - result = dns_iptable_addprefix(iptab, NULL, 0, - setpos); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(dns_iptable_addprefix(iptab, NULL, 0, + setpos)); if (!neg) { dacl->has_negatives = !neg; @@ -899,12 +870,9 @@ cfg_acl_fromconfig(const cfg_obj_t *acl_data, const cfg_obj_t *cctx, * This call should just find the cached * of the named acl. */ - result = convert_named_acl(ce, cctx, ctx, mctx, - new_nest_level, - &inneracl); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(convert_named_acl(ce, cctx, ctx, mctx, + new_nest_level, + &inneracl)); goto nested_acl; } @@ -912,8 +880,7 @@ cfg_acl_fromconfig(const cfg_obj_t *acl_data, const cfg_obj_t *cctx, cfg_obj_log(ce, ISC_LOG_WARNING, "address match list contains " "unsupported element type"); - result = ISC_R_FAILURE; - goto cleanup; + CLEANUP(ISC_R_FAILURE); } /* diff --git a/lib/isccfg/check.c b/lib/isccfg/check.c index 59d73b3030..3851ecaec6 100644 --- a/lib/isccfg/check.c +++ b/lib/isccfg/check.c @@ -315,16 +315,12 @@ check_forward(const cfg_obj_t *config, const cfg_obj_t *options, return ISC_R_FAILURE; } if (forwarders != NULL) { - isc_result_t result = ISC_R_SUCCESS; const cfg_obj_t *tlspobj = cfg_tuple_get(forwarders, "tls"); if (tlspobj != NULL && cfg_obj_isstring(tlspobj)) { const char *tls = cfg_obj_asstring(tlspobj); if (tls != NULL) { - result = validate_tls(config, tlspobj, tls); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(validate_tls(config, tlspobj, tls)); } } @@ -333,10 +329,7 @@ check_forward(const cfg_obj_t *config, const cfg_obj_t *options, const cfg_obj_t *forwarder = cfg_listelt_value(element); const char *tls = cfg_obj_getsockaddrtls(forwarder); if (tls != NULL) { - result = validate_tls(config, faddresses, tls); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(validate_tls(config, faddresses, tls)); } } } @@ -2380,13 +2373,9 @@ check_tls_definitions(const cfg_obj_t *config, isc_mem_t *mctx) { static isc_result_t get_remotes(const cfg_obj_t *cctx, const char *list, const char *name, const cfg_obj_t **ret) { - isc_result_t result = ISC_R_SUCCESS; const cfg_obj_t *obj = NULL; - result = cfg_map_get(cctx, list, &obj); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(cfg_map_get(cctx, list, &obj)); CFG_LIST_FOREACH(obj, elt) { const char *listname = NULL; @@ -2892,10 +2881,7 @@ check_recursion(const cfg_obj_t *config, const cfg_obj_t *voptions, result = cfg_map_get(goptions, "allow-recursion", &obj); } if (result == ISC_R_SUCCESS) { - result = cfg_acl_fromconfig(obj, config, aclctx, mctx, 0, &acl); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(cfg_acl_fromconfig(obj, config, aclctx, mctx, 0, &acl)); retval = !dns_acl_isnone(acl); } @@ -4493,10 +4479,7 @@ check_keylist(const cfg_obj_t *keys, isc_symtab_t *symtab, isc_mem_t *mctx) { result = tresult; continue; } - tresult = isccfg_check_key(key); - if (tresult != ISC_R_SUCCESS) { - return tresult; - } + RETERR(isccfg_check_key(key)); dns_name_format(name, namebuf, sizeof(namebuf)); keyname = isc_mem_strdup(mctx, namebuf); @@ -4913,12 +4896,12 @@ check_trust_anchor(const cfg_obj_t *key, unsigned int *flagsp) { "key '%s': " "invalid initialization method '%s'", namestr, atstr); - result = ISC_R_FAILURE; /* * We can't interpret the trust anchor, so * we skip all other checks. */ - goto cleanup; + CLEANUP(ISC_R_FAILURE); + UNREACHABLE(); } switch (anchortype) { @@ -5075,6 +5058,10 @@ record_static_keys(isc_symtab_t *symtab, isc_mem_t *mctx, result = dns_name_fromstring(name, str, dns_rootname, 0, NULL); if (result != ISC_R_SUCCESS) { + /* + * No need to record an error or to log it as has + * has already been handled by check_trust_anchor. + */ continue; } @@ -5097,11 +5084,10 @@ record_static_keys(isc_symtab_t *symtab, isc_mem_t *mctx, result = isc_symtab_define(symtab, p, 1, symvalue, isc_symexists_reject); if (result == ISC_R_EXISTS) { + /* + * Multiple trust anchors for the same name are ok. + */ isc_mem_free(mctx, p); - } else if (result != ISC_R_SUCCESS) { - isc_mem_free(mctx, p); - ret = result; - continue; } if (autovalidation && dns_name_equal(name, dns_rootname)) { @@ -5144,6 +5130,10 @@ check_initializing_keys(isc_symtab_t *symtab, const cfg_obj_t *keylist) { str = cfg_obj_asstring(cfg_tuple_get(obj, "name")); result = dns_name_fromstring(name, str, dns_rootname, 0, NULL); if (result != ISC_R_SUCCESS) { + /* + * No need to record an error or to log it as has + * has already been handled by check_trust_anchor. + */ continue; } @@ -5170,10 +5160,10 @@ check_initializing_keys(isc_symtab_t *symtab, const cfg_obj_t *keylist) { return ret; } -static isc_result_t +static void record_ds_keys(isc_symtab_t *symtab, isc_mem_t *mctx, const cfg_obj_t *keylist) { - isc_result_t result, ret = ISC_R_SUCCESS; + isc_result_t result; dns_fixedname_t fixed; dns_name_t *name = NULL; char namebuf[DNS_NAME_FORMATSIZE], *p = NULL; @@ -5189,6 +5179,10 @@ record_ds_keys(isc_symtab_t *symtab, isc_mem_t *mctx, result = dns_name_fromstring(name, str, dns_rootname, 0, NULL); if (result != ISC_R_SUCCESS) { + /* + * No need to record an error or to log it as has + * has already been handled by check_trust_anchor. + */ continue; } @@ -5209,11 +5203,12 @@ record_ds_keys(isc_symtab_t *symtab, isc_mem_t *mctx, result = isc_symtab_define(symtab, p, 1, symvalue, isc_symexists_reject); if (result == ISC_R_EXISTS) { + /* + * Multiple trust anchors for the same name are ok. + */ isc_mem_free(mctx, p); } } - - return ret; } /* @@ -5241,10 +5236,7 @@ check_ta_conflicts(const cfg_obj_t *global_ta, const cfg_obj_t *view_ta, result = tresult; } - tresult = record_ds_keys(dstab, mctx, keylist); - if (result == ISC_R_SUCCESS) { - result = tresult; - } + record_ds_keys(dstab, mctx, keylist); } CFG_LIST_FOREACH(view_ta, elt) { @@ -5255,10 +5247,7 @@ check_ta_conflicts(const cfg_obj_t *global_ta, const cfg_obj_t *view_ta, result = tresult; } - tresult = record_ds_keys(dstab, mctx, keylist); - if (result == ISC_R_SUCCESS) { - result = tresult; - } + record_ds_keys(dstab, mctx, keylist); } /* diff --git a/lib/isccfg/kaspconf.c b/lib/isccfg/kaspconf.c index 3c22689977..fbd70aae43 100644 --- a/lib/isccfg/kaspconf.c +++ b/lib/isccfg/kaspconf.c @@ -131,12 +131,9 @@ cfg_kaspkey_fromconfig(const cfg_obj_t *config, dns_kasp_t *kasp, key->lifetime = 0; /* unlimited */ key->algorithm = DST_ALG_ECDSA256; key->length = -1; - result = dns_keystorelist_find(keystorelist, - DNS_KEYSTORE_KEYDIRECTORY, - &key->keystore); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(dns_keystorelist_find(keystorelist, + DNS_KEYSTORE_KEYDIRECTORY, + &key->keystore)); } else { const char *rolestr = NULL; const char *keydir = NULL; @@ -158,8 +155,7 @@ cfg_kaspkey_fromconfig(const cfg_obj_t *config, dns_kasp_t *kasp, "allowed when offline-ksk " "is enabled"); } - result = ISC_R_FAILURE; - goto cleanup; + CLEANUP(ISC_R_FAILURE); } key->role |= DNS_KASP_KEY_ROLE_KSK; key->role |= DNS_KASP_KEY_ROLE_ZSK; @@ -181,16 +177,14 @@ cfg_kaspkey_fromconfig(const cfg_obj_t *config, dns_kasp_t *kasp, "not exist", keydir); } - result = ISC_R_FAILURE; - goto cleanup; + CLEANUP(ISC_R_FAILURE); } else if (result != ISC_R_SUCCESS) { if (log_errors) { cfg_obj_log(obj, ISC_LOG_ERROR, "dnssec-policy: bad keystore %s", keydir); } - result = ISC_R_FAILURE; - goto cleanup; + CLEANUP(ISC_R_FAILURE); } INSIST(key->keystore != NULL); @@ -227,8 +221,7 @@ cfg_kaspkey_fromconfig(const cfg_obj_t *config, dns_kasp_t *kasp, "takes to " "do a rollover"); } - result = ISC_R_FAILURE; - goto cleanup; + CLEANUP(ISC_R_FAILURE); } } @@ -243,8 +236,7 @@ cfg_kaspkey_fromconfig(const cfg_obj_t *config, dns_kasp_t *kasp, "dnssec-policy: bad algorithm %s", alg.base); } - result = DNS_R_BADALG; - goto cleanup; + CLEANUP(DNS_R_BADALG); } if (check_algorithms && isc_crypto_fips_mode() && (key->algorithm == DST_ALG_RSASHA1 || @@ -257,8 +249,7 @@ cfg_kaspkey_fromconfig(const cfg_obj_t *config, dns_kasp_t *kasp, "in FIPS mode", alg.base); } - result = DNS_R_BADALG; - goto cleanup; + CLEANUP(DNS_R_BADALG); } if (check_algorithms && @@ -270,8 +261,7 @@ cfg_kaspkey_fromconfig(const cfg_obj_t *config, dns_kasp_t *kasp, "supported", alg.base); } - result = DNS_R_BADALG; - goto cleanup; + CLEANUP(DNS_R_BADALG); } switch (key->algorithm) { @@ -316,8 +306,7 @@ cfg_kaspkey_fromconfig(const cfg_obj_t *config, dns_kasp_t *kasp, "key length %u", alg.base, size); } - result = ISC_R_RANGE; - goto cleanup; + CLEANUP(ISC_R_RANGE); } break; case DST_ALG_ECDSA256: @@ -351,8 +340,7 @@ cfg_kaspkey_fromconfig(const cfg_obj_t *config, dns_kasp_t *kasp, "dnssec-policy: tag-min " "too big"); } - result = ISC_R_RANGE; - goto cleanup; + CLEANUP(ISC_R_RANGE); } obj = cfg_tuple_get(tagrange, "tag-max"); tag_max = cfg_obj_asuint32(obj); @@ -362,8 +350,7 @@ cfg_kaspkey_fromconfig(const cfg_obj_t *config, dns_kasp_t *kasp, "dnssec-policy: tag-max " "too big"); } - result = ISC_R_RANGE; - goto cleanup; + CLEANUP(ISC_R_RANGE); } if (tag_min >= tag_max) { if (log_errors) { @@ -371,8 +358,7 @@ cfg_kaspkey_fromconfig(const cfg_obj_t *config, dns_kasp_t *kasp, "dnssec-policy: tag-min >= " "tag_max"); } - result = ISC_R_RANGE; - goto cleanup; + CLEANUP(ISC_R_RANGE); } key->tag_min = tag_min; key->tag_max = tag_max; @@ -688,11 +674,8 @@ cfg_kasp_fromconfig(const cfg_obj_t *config, dns_kasp_t *default_kasp, (void)confget(maps, "cds-digest-types", &cds); if (cds != NULL) { CFG_LIST_FOREACH(cds, element) { - result = add_digest(kasp, cfg_listelt_value(element), - log_errors); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(add_digest(kasp, cfg_listelt_value(element), + log_errors)); } } else { dns_kasp_adddigest(kasp, DNS_DSDIGEST_SHA256); @@ -852,10 +835,7 @@ cfg_kasp_fromconfig(const cfg_obj_t *config, dns_kasp_t *default_kasp, } } else { dns_kasp_setnsec3(kasp, true); - result = cfg_nsec3param_fromconfig(nsec3, kasp, log_errors); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(cfg_nsec3param_fromconfig(nsec3, kasp, log_errors)); } /* Append it to the list for future lookups. */ @@ -941,12 +921,9 @@ cfg_kasp_builtinconfig(isc_mem_t *mctx, const char *name, new_key->lifetime = 0; new_key->algorithm = DST_ALG_ECDSA256; new_key->length = 256; - result = dns_keystorelist_find(keystorelist, - DNS_KEYSTORE_KEYDIRECTORY, - &new_key->keystore); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(dns_keystorelist_find(keystorelist, + DNS_KEYSTORE_KEYDIRECTORY, + &new_key->keystore)); dns_kasp_addkey(kasp, new_key); } diff --git a/lib/isccfg/namedconf.c b/lib/isccfg/namedconf.c index 65d1d53dd3..69cff0317f 100644 --- a/lib/isccfg/namedconf.c +++ b/lib/isccfg/namedconf.c @@ -33,15 +33,6 @@ #define TOKEN_STRING(pctx) (pctx->token.value.as_textregion.base) -/*% Check a return value. */ -#define CHECK(op) \ - { \ - result = (op); \ - if (result != ISC_R_SUCCESS) { \ - goto cleanup; \ - } \ - } - /*% Clean up a configuration object if non-NULL. */ #define CLEANUP_OBJ(obj) \ { \ @@ -1811,8 +1802,7 @@ parse_dtout(cfg_parser_t *pctx, const cfg_type_t *type, cfg_obj_t **ret) { } else { cfg_parser_error(pctx, CFG_LOG_NEAR, "unexpected token"); - result = ISC_R_UNEXPECTEDTOKEN; - goto cleanup; + CLEANUP(ISC_R_UNEXPECTEDTOKEN); } } else { break; @@ -1984,8 +1974,7 @@ cfg_parse_kv_tuple(cfg_parser_t *pctx, const cfg_type_t *type, if (f->name == NULL) { cfg_parser_error(pctx, 0, "unexpected '%s'", TOKEN_STRING(pctx)); - result = ISC_R_UNEXPECTEDTOKEN; - goto cleanup; + CLEANUP(ISC_R_UNEXPECTEDTOKEN); } if (obj->value.tuple[fn] == NULL && strcasecmp(f->name, TOKEN_STRING(pctx)) == 0) @@ -3173,8 +3162,7 @@ parse_sizeval(cfg_parser_t *pctx, const cfg_type_t *type, cfg_obj_t **ret) { CHECK(cfg_gettoken(pctx, 0)); if (pctx->token.type != isc_tokentype_string) { - result = ISC_R_UNEXPECTEDTOKEN; - goto cleanup; + CLEANUP(ISC_R_UNEXPECTEDTOKEN); } CHECK(parse_unitstring(TOKEN_STRING(pctx), &val)); @@ -3203,8 +3191,7 @@ parse_sizeval_percent(cfg_parser_t *pctx, const cfg_type_t *type, CHECK(cfg_gettoken(pctx, 0)); if (pctx->token.type != isc_tokentype_string) { - result = ISC_R_UNEXPECTEDTOKEN; - goto cleanup; + CLEANUP(ISC_R_UNEXPECTEDTOKEN); } percent = strtoull(TOKEN_STRING(pctx), &endp, 10); @@ -3357,8 +3344,7 @@ parse_maybe_optional_keyvalue(cfg_parser_t *pctx, const cfg_type_t *type, } else { cfg_parser_error(pctx, CFG_LOG_NEAR, "expected '%s'", kw->name); - result = ISC_R_UNEXPECTEDTOKEN; - goto cleanup; + CLEANUP(ISC_R_UNEXPECTEDTOKEN); } } diff --git a/lib/isccfg/parser.c b/lib/isccfg/parser.c index 199e9aa9fb..ac9a4a24af 100644 --- a/lib/isccfg/parser.c +++ b/lib/isccfg/parser.c @@ -80,14 +80,6 @@ #define TOKEN_STRING(pctx) (pctx->token.value.as_textregion.base) #define TOKEN_REGION(pctx) (pctx->token.value.as_textregion) -/* Check a return value. */ -#define CHECK(op) \ - do { \ - result = (op); \ - if (result != ISC_R_SUCCESS) \ - goto cleanup; \ - } while (0) - /* cfg_obj_t magic number */ #define CFGOBJ_MAGIC ISC_MAGIC('c', 'f', 'g', 'o') #define VALID_CFGOBJ(obj) ISC_MAGIC_VALID(obj, CFGOBJ_MAGIC) @@ -444,16 +436,11 @@ cfg_parser_currentfile(cfg_parser_t *pctx) { isc_result_t cfg_parse_obj(cfg_parser_t *pctx, const cfg_type_t *type, cfg_obj_t **ret) { - isc_result_t result; - REQUIRE(pctx != NULL); REQUIRE(type != NULL); REQUIRE(ret != NULL && *ret == NULL); - result = type->parse(pctx, type, ret); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(type->parse(pctx, type, ret)); ENSURE(*ret != NULL); return ISC_R_SUCCESS; } @@ -1343,8 +1330,7 @@ cfg_parse_duration(cfg_parser_t *pctx, const cfg_type_t *type ISC_ATTR_UNUSED, CHECK(cfg_gettoken(pctx, 0)); if (pctx->token.type != isc_tokentype_string) { - result = ISC_R_UNEXPECTEDTOKEN; - goto cleanup; + CLEANUP(ISC_R_UNEXPECTEDTOKEN); } return parse_duration(pctx, ret); @@ -1365,8 +1351,7 @@ cfg_parse_duration_or_unlimited(cfg_parser_t *pctx, CHECK(cfg_gettoken(pctx, 0)); if (pctx->token.type != isc_tokentype_string) { - result = ISC_R_UNEXPECTEDTOKEN; - goto cleanup; + CLEANUP(ISC_R_UNEXPECTEDTOKEN); } if (strcmp(TOKEN_STRING(pctx), "unlimited") == 0) { @@ -2017,17 +2002,13 @@ cfg_obj_asboolean(const cfg_obj_t *obj) { isc_result_t cfg_parse_boolean(cfg_parser_t *pctx, const cfg_type_t *type ISC_ATTR_UNUSED, cfg_obj_t **ret) { - isc_result_t result; bool value; cfg_obj_t *obj = NULL; REQUIRE(pctx != NULL); REQUIRE(ret != NULL && *ret == NULL); - result = cfg_gettoken(pctx, 0); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(cfg_gettoken(pctx, 0)); if (pctx->token.type != isc_tokentype_string) { goto bad_boolean; @@ -2121,7 +2102,6 @@ free_list(cfg_obj_t *obj) { isc_result_t cfg_parse_listelt(cfg_parser_t *pctx, cfg_obj_t *list, const cfg_type_t *elttype, cfg_listelt_t **ret) { - isc_result_t result; cfg_listelt_t *elt = NULL; cfg_obj_t *value = NULL; @@ -2130,10 +2110,7 @@ cfg_parse_listelt(cfg_parser_t *pctx, cfg_obj_t *list, REQUIRE(elttype != NULL); REQUIRE(ret != NULL && *ret == NULL); - result = cfg_parse_obj(pctx, elttype, &value); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(cfg_parse_obj(pctx, elttype, &value)); create_listelt(list, &elt); elt->obj = value; @@ -2414,7 +2391,7 @@ cfg_parse_mapbody(cfg_parser_t *pctx, const cfg_type_t *type, cfg_obj_t **ret) { CHECK(parse_semicolon(pctx)); if (includename->value.string.length == 0) { - CHECK(ISC_R_FILENOTFOUND); + CLEANUP(ISC_R_FILENOTFOUND); } /* @@ -2428,14 +2405,14 @@ cfg_parse_mapbody(cfg_parser_t *pctx, const cfg_type_t *type, cfg_obj_t **ret) { case 0: break; case GLOB_NOMATCH: - CHECK(ISC_R_FILENOTFOUND); + CLEANUP(ISC_R_FILENOTFOUND); break; case GLOB_NOSPACE: - CHECK(ISC_R_NOMEMORY); + CLEANUP(ISC_R_NOMEMORY); break; default: if (errno == 0) { - CHECK(ISC_R_IOERROR); + CLEANUP(ISC_R_IOERROR); } CHECK(isc_errno_toresult(errno)); } @@ -2484,7 +2461,7 @@ cfg_parse_mapbody(cfg_parser_t *pctx, const cfg_type_t *type, cfg_obj_t **ret) { cfg_parser_error(pctx, 0, "option '%s' no longer exists", clause->name); - CHECK(ISC_R_FAILURE); + CLEANUP(ISC_R_FAILURE); } if ((pctx->flags & CFG_PCTX_ALLCONFIGS) == 0 && (clause->flags & CFG_CLAUSEFLAG_NOTCONFIGURED) != 0) @@ -2493,7 +2470,7 @@ cfg_parse_mapbody(cfg_parser_t *pctx, const cfg_type_t *type, cfg_obj_t **ret) { "option '%s' was not " "enabled at compile time", clause->name); - CHECK(ISC_R_FAILURE); + CLEANUP(ISC_R_FAILURE); } if ((pctx->flags & CFG_PCTX_BUILTIN) == 0 && (clause->flags & CFG_CLAUSEFLAG_BUILTINONLY) != 0) @@ -2905,7 +2882,6 @@ cfg_obj_ismap(const cfg_obj_t *obj) { isc_result_t cfg_map_get(const cfg_obj_t *mapobj, const char *name, const cfg_obj_t **obj) { - isc_result_t result; isc_symvalue_t val; const cfg_map_t *map; @@ -2915,10 +2891,7 @@ cfg_map_get(const cfg_obj_t *mapobj, const char *name, const cfg_obj_t **obj) { map = &mapobj->value.map; - result = isc_symtab_lookup(map->symtab, name, SYMTAB_DUMMY_TYPE, &val); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(isc_symtab_lookup(map->symtab, name, SYMTAB_DUMMY_TYPE, &val)); *obj = val.as_pointer; return ISC_R_SUCCESS; } @@ -3020,8 +2993,7 @@ parse_token(cfg_parser_t *pctx, const cfg_type_t *type ISC_ATTR_UNUSED, CHECK(cfg_gettoken(pctx, CFG_LEXOPT_QSTRING)); if (pctx->token.type == isc_tokentype_eof) { cfg_ungettoken(pctx); - result = ISC_R_EOF; - goto cleanup; + CLEANUP(ISC_R_EOF); } isc_lex_getlasttokentext(pctx->lexer, &pctx->token, &r); @@ -3076,8 +3048,7 @@ parse_unsupported(cfg_parser_t *pctx, const cfg_type_t *type, cfg_obj_t **ret) { if (pctx->token.type == isc_tokentype_eof || braces < 0) { cfg_parser_error(pctx, CFG_LOG_NEAR, "unexpected token"); - result = ISC_R_UNEXPECTEDTOKEN; - goto cleanup; + CLEANUP(ISC_R_UNEXPECTEDTOKEN); } CHECK(cfg_parse_listelt(pctx, listobj, &cfg_type_token, &elt)); @@ -3159,13 +3130,8 @@ token_addr(cfg_parser_t *pctx, unsigned int flags, isc_netaddr_t *na) { if (inet_pton(AF_INET6, buf, &in6a) == 1) { if (d != NULL) { - isc_result_t result; - - result = isc_netscope_pton( - AF_INET6, d + 1, &in6a, &zone); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(isc_netscope_pton( + AF_INET6, d + 1, &in6a, &zone)); } isc_netaddr_fromin6(na, &in6a); @@ -3526,25 +3492,21 @@ parse_sockaddrsub(cfg_parser_t *pctx, const cfg_type_t *type, int flags, if (have_address != 1) { cfg_parser_error(pctx, 0, "expected exactly one address"); - result = ISC_R_UNEXPECTEDTOKEN; - goto cleanup; + CLEANUP(ISC_R_UNEXPECTEDTOKEN); } if (!is_port_ok && have_port > 0) { cfg_parser_error(pctx, 0, "subconfig 'port' no longer exists"); - result = ISC_R_UNEXPECTEDTOKEN; - goto cleanup; + CLEANUP(ISC_R_UNEXPECTEDTOKEN); } if (have_port > 1) { cfg_parser_error(pctx, 0, "expected at most one port"); - result = ISC_R_UNEXPECTEDTOKEN; - goto cleanup; + CLEANUP(ISC_R_UNEXPECTEDTOKEN); } if (have_tls > 1) { cfg_parser_error(pctx, 0, "expected at most one tls"); - result = ISC_R_UNEXPECTEDTOKEN; - goto cleanup; + CLEANUP(ISC_R_UNEXPECTEDTOKEN); } cfg_obj_create(pctx->mctx, cfg_parser_currentfile(pctx), pctx->line, @@ -3789,12 +3751,7 @@ cleanup: */ static isc_result_t cfg_getstringtoken(cfg_parser_t *pctx) { - isc_result_t result; - - result = cfg_gettoken(pctx, CFG_LEXOPT_QSTRING); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(cfg_gettoken(pctx, CFG_LEXOPT_QSTRING)); if (pctx->token.type != isc_tokentype_string && pctx->token.type != isc_tokentype_qstring) diff --git a/lib/ns/client.c b/lib/ns/client.c index dcb974b4cf..d35891d45b 100644 --- a/lib/ns/client.c +++ b/lib/ns/client.c @@ -610,10 +610,7 @@ ns_client_send(ns_client_t *client) { * Create an OPT for our reply. */ if ((client->inner.attributes & NS_CLIENTATTR_WANTOPT) != 0) { - result = ns_client_addopt(client, client->message); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(ns_client_addopt(client, client->message)); opt_included = true; } @@ -642,10 +639,7 @@ ns_client_send(ns_client_t *client) { dns_compress_init(&cctx, client->manager->mctx, compflags); cleanup_cctx = true; - result = dns_message_renderbegin(client->message, &cctx, &buffer); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(dns_message_renderbegin(client->message, &cctx, &buffer)); result = dns_message_rendersection(client->message, DNS_SECTION_QUESTION, 0); @@ -689,10 +683,7 @@ ns_client_send(ns_client_t *client) { goto cleanup; } renderend: - result = dns_message_renderend(client->message); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(dns_message_renderend(client->message)); #ifdef HAVE_DNSTAP memset(&zr, 0, sizeof(zr)); @@ -1083,10 +1074,7 @@ ns_client_addopt(ns_client_t *client, dns_message_t *message) { .value = (unsigned char *)nsidp, .length = (uint16_t)strlen(nsidp), }; - result = dns_message_ednsaddopt(message, &option); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(dns_message_ednsaddopt(message, &option)); } } @@ -1102,10 +1090,7 @@ ns_client_addopt(ns_client_t *client, dns_message_t *message) { dns_ednsopt_t option = { .code = DNS_OPT_COOKIE, .length = COOKIE_SIZE, .value = cookie }; - result = dns_message_ednsaddopt(message, &option); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(dns_message_ednsaddopt(message, &option)); } if ((client->inner.attributes & NS_CLIENTATTR_HAVEEXPIRE) != 0) { @@ -1117,10 +1102,7 @@ ns_client_addopt(ns_client_t *client, dns_message_t *message) { dns_ednsopt_t option = { .code = DNS_OPT_EXPIRE, .value = expire, .length = 4 }; - result = dns_message_ednsaddopt(message, &option); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(dns_message_ednsaddopt(message, &option)); } if (((client->inner.attributes & NS_CLIENTATTR_HAVEECS) != 0) && @@ -1179,10 +1161,7 @@ ns_client_addopt(ns_client_t *client, dns_message_t *message) { dns_ednsopt_t option = { .code = DNS_OPT_CLIENT_SUBNET, .length = addrl + 4, .value = ecs }; - result = dns_message_ednsaddopt(message, &option); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(dns_message_ednsaddopt(message, &option)); } if (TCP_CLIENT(client) && USEKEEPALIVE(client)) { @@ -1196,10 +1175,7 @@ ns_client_addopt(ns_client_t *client, dns_message_t *message) { dns_ednsopt_t option = { .code = DNS_OPT_TCP_KEEPALIVE, .length = 2, .value = advtimo }; - result = dns_message_ednsaddopt(message, &option); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(dns_message_ednsaddopt(message, &option)); } for (size_t i = 0; i < DNS_EDE_MAX_ERRORS; i++) { @@ -1212,10 +1188,7 @@ ns_client_addopt(ns_client_t *client, dns_message_t *message) { dns_ednsopt_t option = { .code = DNS_OPT_EDE, .length = ede->length, .value = ede->value }; - result = dns_message_ednsaddopt(message, &option); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(dns_message_ednsaddopt(message, &option)); } if ((client->inner.attributes & NS_CLIENTATTR_HAVEZONEVERSION) != 0) { dns_ednsopt_t option = { @@ -1223,10 +1196,7 @@ ns_client_addopt(ns_client_t *client, dns_message_t *message) { .length = client->inner.zoneversionlength, .value = client->inner.zoneversion }; - result = dns_message_ednsaddopt(message, &option); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(dns_message_ednsaddopt(message, &option)); } if (WANTRC(client)) { @@ -1240,10 +1210,7 @@ ns_client_addopt(ns_client_t *client, dns_message_t *message) { .length = rad->length, .value = rad->ndata, }; - result = dns_message_ednsaddopt(message, &option); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(dns_message_ednsaddopt(message, &option)); } } diff --git a/lib/ns/hooks.c b/lib/ns/hooks.c index a851a23fb0..5577a669cc 100644 --- a/lib/ns/hooks.c +++ b/lib/ns/hooks.c @@ -33,14 +33,6 @@ #include #include -#define CHECK(op) \ - do { \ - result = (op); \ - if (result != ISC_R_SUCCESS) { \ - goto cleanup; \ - } \ - } while (0) - struct ns_plugin { isc_mem_t *mctx; uv_lib_t handle; @@ -87,12 +79,9 @@ plugin_expandpath(const char *src, char *dst, size_t dstsize, bool appendext) { isc_result_t ns_plugin_expandpath(const char *src, char *dst, size_t dstsize) { - isc_result_t result; + isc_result_t result = ISC_R_SUCCESS; - result = plugin_expandpath(src, dst, dstsize, false); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(plugin_expandpath(src, dst, dstsize, false)); if (isc_file_exists(dst) == false) { result = plugin_expandpath(src, dst, dstsize, true); @@ -161,7 +150,7 @@ load_plugin(isc_mem_t *mctx, const char *modpath, ns_plugin_t **pluginp) { ISC_LOG_ERROR, "failed to dlopen() plugin '%s': %s", modpath, errmsg); - CHECK(ISC_R_FAILURE); + CLEANUP(ISC_R_FAILURE); } CHECK(load_symbol(&plugin->handle, modpath, "plugin_version", @@ -175,7 +164,7 @@ load_plugin(isc_mem_t *mctx, const char *modpath, ns_plugin_t **pluginp) { ISC_LOG_ERROR, "plugin API version mismatch: %d/%d", version, NS_PLUGIN_VERSION); - CHECK(ISC_R_FAILURE); + CLEANUP(ISC_R_FAILURE); } CHECK(load_symbol(&plugin->handle, modpath, "plugin_check", diff --git a/lib/ns/interfacemgr.c b/lib/ns/interfacemgr.c index 9cc1a74be8..71ffda0046 100644 --- a/lib/ns/interfacemgr.c +++ b/lib/ns/interfacemgr.c @@ -840,11 +840,8 @@ setup_locals(isc_interface_t *interface, dns_acl_t *localhost, /* First add localhost address */ prefixlen = (netaddr->family == AF_INET) ? 32 : 128; - result = dns_iptable_addprefix(localhost->iptable, netaddr, prefixlen, - true); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(dns_iptable_addprefix(localhost->iptable, netaddr, prefixlen, + true)); /* Then add localnets prefix */ result = isc_netaddr_masktoprefixlen(&interface->netmask, &prefixlen); @@ -873,11 +870,8 @@ setup_locals(isc_interface_t *interface, dns_acl_t *localhost, return ISC_R_SUCCESS; } - result = dns_iptable_addprefix(localnets->iptable, netaddr, prefixlen, - true); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(dns_iptable_addprefix(localnets->iptable, netaddr, prefixlen, + true)); return ISC_R_SUCCESS; } @@ -1083,10 +1077,7 @@ do_scan(ns_interfacemgr_t *mgr, bool verbose, bool config) { isc_netaddr_any(&zero_address); isc_netaddr_any6(&zero_address6); - result = isc_interfaceiter_create(mgr->mctx, &iter); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(isc_interfaceiter_create(mgr->mctx, &iter)); dns_acl_create(mgr->mctx, 0, &localhost); dns_acl_create(mgr->mctx, 0, &localnets); diff --git a/lib/ns/query.c b/lib/ns/query.c index 22a3a9caa5..3f7f0935aa 100644 --- a/lib/ns/query.c +++ b/lib/ns/query.c @@ -1774,11 +1774,8 @@ query_additionalauth(query_ctx_t *qctx, const dns_name_t *name, version = NULL; dns_db_detach(&db); dns_getdb_options_t options = { .nolog = true }; - result = query_getzonedb(client, name, type, options, &zone, - &db, &version); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(query_getzonedb(client, name, type, options, &zone, &db, + &version)); dns_zone_detach(&zone); CTRACE(ISC_LOG_DEBUG(3), "query_additionalauth: other zone"); @@ -2745,10 +2742,7 @@ stale_refresh_aftermath(ns_client_t *client, isc_result_t result) { dns_clientinfo_setecs(&ci, &qctx.client->inner.ecs); } - result = qctx_prepare_buffers(&qctx, &buffer); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(qctx_prepare_buffers(&qctx, &buffer)); dboptions = qctx.client->query.dboptions; dboptions |= DNS_DBFIND_STALEOK; @@ -3737,11 +3731,8 @@ rpz_rewrite_ip_rrset(ns_client_t *client, dns_name_t *name, continue; } - result = rpz_rewrite_ip(client, &netaddr, qtype, - rpz_type, zbits, p_rdatasetp); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(rpz_rewrite_ip(client, &netaddr, qtype, rpz_type, + zbits, p_rdatasetp)); } } while (!done && client->query.rpz_st->m.policy == DNS_RPZ_POLICY_MISS); @@ -4161,12 +4152,9 @@ rpz_rewrite(ns_client_t *client, dns_rdatatype_t qtype, isc_result_t qresult, if (zbits != 0) { isc_netaddr_fromsockaddr( &netaddr, &client->inner.peeraddr); - result = rpz_rewrite_ip(client, &netaddr, qtype, - DNS_RPZ_TYPE_CLIENT_IP, - zbits, &rdataset); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(rpz_rewrite_ip(client, &netaddr, qtype, + DNS_RPZ_TYPE_CLIENT_IP, + zbits, &rdataset)); } } @@ -4176,12 +4164,9 @@ rpz_rewrite(ns_client_t *client, dns_rdatatype_t qtype, isc_result_t qresult, * There is a first time for each name in a CNAME chain */ if ((st->state & DNS_RPZ_DONE_QNAME) == 0) { - result = rpz_rewrite_name(client, client->query.qname, - qtype, DNS_RPZ_TYPE_QNAME, - allowed, &rdataset); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(rpz_rewrite_name(client, client->query.qname, + qtype, DNS_RPZ_TYPE_QNAME, + allowed, &rdataset)); /* * Check IPv4 addresses in A RRs next. @@ -4226,12 +4211,9 @@ rpz_rewrite(ns_client_t *client, dns_rdatatype_t qtype, isc_result_t qresult, qresult_type == qresult_type_done && rpz_get_zbits(client, qtype, DNS_RPZ_TYPE_IP) != 0) { - result = rpz_rewrite_ip_rrsets(client, client->query.qname, - qtype, DNS_RPZ_TYPE_IP, - &rdataset, resuming); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(rpz_rewrite_ip_rrsets(client, client->query.qname, qtype, + DNS_RPZ_TYPE_IP, &rdataset, + resuming)); /* * We are finished checking the IP addresses for the qname. * Start with IPv4 if we will check NS IP addresses. @@ -4286,10 +4268,7 @@ rpz_rewrite(ns_client_t *client, dns_rdatatype_t qtype, isc_result_t qresult, was_glue = true; FALLTHROUGH; case ISC_R_SUCCESS: - result = dns_rdataset_first(st->r.ns_rdataset); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(dns_rdataset_first(st->r.ns_rdataset)); st->state &= ~(DNS_RPZ_DONE_NSDNAME | DNS_RPZ_DONE_IPv4); break; @@ -4698,20 +4677,11 @@ dns64_ttl(dns_db_t *db, dns_dbversion_t *version) { dns_rdataset_init(&rdataset); - result = dns_db_getoriginnode(db, &node); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(dns_db_getoriginnode(db, &node)); - result = dns_db_findrdataset(db, node, version, dns_rdatatype_soa, 0, 0, - &rdataset, NULL); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } - result = dns_rdataset_first(&rdataset); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(dns_db_findrdataset(db, node, version, dns_rdatatype_soa, 0, 0, + &rdataset, NULL)); + CHECK(dns_rdataset_first(&rdataset)); dns_rdataset_current(&rdataset, &rdata); result = dns_rdata_tostruct(&rdata, &soa, NULL); @@ -6368,10 +6338,7 @@ ns_query_recurse(ns_client_t *client, dns_rdatatype_t qtype, dns_name_t *qname, inc_stats(client, ns_statscounter_recursion); } - result = acquire_recursionquota(client); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(acquire_recursionquota(client)); /* * Invoke the resolver. @@ -6757,10 +6724,7 @@ ns_query_hookasync(query_ctx_t *qctx, ns_query_starthookasync_t runasync, REQUIRE(client->query.hookasyncctx == NULL); REQUIRE(FETCH_RECTYPE_NORMAL(client) == NULL); - result = acquire_recursionquota(client); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(acquire_recursionquota(client)); qctx_save(qctx, &saved_qctx); result = runasync(saved_qctx, client->manager->mctx, arg, @@ -7477,12 +7441,11 @@ query_usestale(query_ctx_t *qctx, isc_result_t result) { qctx_freedata(qctx); if (dns_view_staleanswerenabled(qctx->client->inner.view)) { - isc_result_t ret; - ret = query_getdb(qctx->client, qctx->client->query.qname, - qctx->client->query.qtype, qctx->options, - &qctx->zone, &qctx->db, &qctx->version, - &qctx->is_zone); - if (ret != ISC_R_SUCCESS) { + if (query_getdb(qctx->client, qctx->client->query.qname, + qctx->client->query.qtype, qctx->options, + &qctx->zone, &qctx->db, &qctx->version, + &qctx->is_zone) != ISC_R_SUCCESS) + { /* * Failed to get the database, unexpected, but let us * at least abandon serve-stale. @@ -8269,14 +8232,11 @@ query_dns64(query_ctx_t *qctx) { flags |= DNS_DNS64_RECURSIVE; } - result = dns_dns64_apply(client->manager->mctx, view->dns64, - view->dns64cnt, client->message, - client->manager->aclenv, - &client->inner.peeraddr, client->inner.signer, - flags, qctx->rdataset, &dns64_rdataset); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(dns_dns64_apply(client->manager->mctx, view->dns64, + view->dns64cnt, client->message, + client->manager->aclenv, &client->inner.peeraddr, + client->inner.signer, flags, qctx->rdataset, + &dns64_rdataset)); dns_rdataset_setownercase(dns64_rdataset, mname); client->query.attributes |= NS_QUERYATTR_NOADDITIONAL; @@ -9588,10 +9548,7 @@ query_synthcnamewildcard(query_ctx_t *qctx, dns_rdataset_t *rdataset, dns_rdata_t rdata = DNS_RDATA_INIT; dns_rdata_cname_t cname; - result = query_synthwildcard(qctx, rdataset, sigrdataset); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(query_synthwildcard(qctx, rdataset, sigrdataset)); qctx->client->query.attributes |= NS_QUERYATTR_PARTIALANSWER; @@ -9882,14 +9839,11 @@ query_coveringnsec(query_ctx_t *qctx) { * Look for SOA record to construct NODATA response. */ dns_db_attach(qctx->db, &db); - result = dns_db_findext(db, signer, qctx->version, - dns_rdatatype_soa, dboptions, - qctx->client->inner.now, &node, fname, - &cm, &ci, soardataset, sigsoardataset); + CHECK(dns_db_findext(db, signer, qctx->version, + dns_rdatatype_soa, dboptions, + qctx->client->inner.now, &node, fname, &cm, + &ci, soardataset, sigsoardataset)); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } (void)query_synthnodata(qctx, signer, &soardataset, &sigsoardataset); done = true; @@ -10005,13 +9959,10 @@ query_coveringnsec(query_ctx_t *qctx) { /* * Look for SOA record to construct NXDOMAIN response. */ - result = dns_db_findext(db, signer, qctx->version, dns_rdatatype_soa, - dboptions, qctx->client->inner.now, &node, - fname, &cm, &ci, soardataset, sigsoardataset); + CHECK(dns_db_findext(db, signer, qctx->version, dns_rdatatype_soa, + dboptions, qctx->client->inner.now, &node, fname, + &cm, &ci, soardataset, sigsoardataset)); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } (void)query_synthnxdomainnodata(qctx, exists, nowild, &rdataset, &sigrdataset, signer, &soardataset, &sigsoardataset); @@ -10738,12 +10689,11 @@ query_addbestns(query_ctx_t *qctx) { * Find the right database. */ do { - result = query_getdb(client, &qname, dns_rdatatype_ns, - (dns_getdb_options_t){ 0 }, &zone, &db, - &version, &is_zone); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(query_getdb(client, &qname, dns_rdatatype_ns, + (dns_getdb_options_t){ + 0, + }, + &zone, &db, &version, &is_zone)); /* * If this is a static stub zone look for a parent zone. @@ -11152,10 +11102,7 @@ again: /* * Add the no wildcard proof. */ - result = dns_name_concatenate(dns_wildcardname, cname, wname); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(dns_name_concatenate(dns_wildcardname, cname, wname)); query_findclosestnsec3(wname, qctx->db, qctx->version, client, rdataset, sigrdataset, fname, nodata, diff --git a/lib/ns/update.c b/lib/ns/update.c index 664607a508..d01489beaf 100644 --- a/lib/ns/update.c +++ b/lib/ns/update.c @@ -75,34 +75,6 @@ */ #define LOGLEVEL_DEBUG ISC_LOG_DEBUG(8) -/*% - * Check an operation for failure. These macros all assume that - * the function using them has a 'result' variable and a 'failure' - * label. - */ -#define CHECK(op) \ - do { \ - result = (op); \ - if (result != ISC_R_SUCCESS) \ - goto failure; \ - } while (0) - -/*% - * Fail unconditionally with result 'code', which must not - * be ISC_R_SUCCESS. The reason for failure presumably has - * been logged already. - * - * The test against ISC_R_SUCCESS is there to keep the Solaris compiler - * from complaining about "end-of-loop code not reached". - */ - -#define FAIL(code) \ - do { \ - result = (code); \ - if (result != ISC_R_SUCCESS) \ - goto failure; \ - } while (0) - /*% * Fail unconditionally and log as a client error. * The test against ISC_R_SUCCESS is there to keep the Solaris compiler @@ -125,7 +97,7 @@ "update %s: %s (%s)", _what, msg, \ isc_result_totext(result)); \ if (result != ISC_R_SUCCESS) \ - goto failure; \ + goto cleanup; \ } while (0) #define PREREQFAILC(code, msg) \ do { \ @@ -154,7 +126,7 @@ msg, isc_result_totext(result)); \ } \ if (result != ISC_R_SUCCESS) \ - goto failure; \ + goto cleanup; \ } while (0) #define PREREQFAILN(code, name, msg) \ do { \ @@ -185,7 +157,7 @@ _tbuf, msg, isc_result_totext(result)); \ } \ if (result != ISC_R_SUCCESS) \ - goto failure; \ + goto cleanup; \ } while (0) #define PREREQFAILNT(code, name, type, msg) \ do { \ @@ -204,7 +176,7 @@ update_log(client, zone, LOGLEVEL_PROTOCOL, "error: %s: %s", \ msg, isc_result_totext(result)); \ if (result != ISC_R_SUCCESS) \ - goto failure; \ + goto cleanup; \ } while (0) /* @@ -491,7 +463,7 @@ do_diff(dns_diff_t *updates, dns_db_t *db, dns_dbversion_t *ver, } return ISC_R_SUCCESS; -failure: +cleanup: dns_diff_clear(diff); return result; } @@ -551,17 +523,13 @@ typedef struct { */ static isc_result_t foreach_node_rr_action(void *data, dns_rdataset_t *rdataset) { - isc_result_t result; foreach_node_rr_ctx_t *ctx = data; DNS_RDATASET_FOREACH(rdataset) { rr_t rr = { 0, DNS_RDATA_INIT }; dns_rdataset_current(rdataset, &rr.rdata); rr.ttl = rdataset->ttl; - result = (*ctx->rr_action)(ctx->rr_action_data, &rr); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR((*ctx->rr_action)(ctx->rr_action_data, &rr)); } return ISC_R_SUCCESS; } @@ -1173,10 +1141,7 @@ temp_check(isc_mem_t *mctx, dns_diff_t *temp, dns_db_t *db, temp_append(&d_rrs, name, &rdata); } - result = dns_diff_sort(&d_rrs, temp_order); - if (result != ISC_R_SUCCESS) { - goto failure; - } + CHECK(dns_diff_sort(&d_rrs, temp_order)); /* * Collect all update RRs for this name and type @@ -1193,11 +1158,8 @@ temp_check(isc_mem_t *mctx, dns_diff_t *temp, dns_db_t *db, } /* Compare the two sorted lists. */ - result = temp_check_rrset(ISC_LIST_HEAD(u_rrs.tuples), - ISC_LIST_HEAD(d_rrs.tuples)); - if (result != ISC_R_SUCCESS) { - goto failure; - } + CHECK(temp_check_rrset(ISC_LIST_HEAD(u_rrs.tuples), + ISC_LIST_HEAD(d_rrs.tuples))); /* * We are done with the tuples, but we can't free @@ -1210,7 +1172,7 @@ temp_check(isc_mem_t *mctx, dns_diff_t *temp, dns_db_t *db, continue; - failure: + cleanup: dns_diff_clear(&d_rrs); dns_diff_clear(&u_rrs); dns_diff_clear(&trash); @@ -1536,7 +1498,7 @@ update_soa_serial(dns_db_t *db, dns_dbversion_t *ver, dns_diff_t *diff, CHECK(do_one_tuple(&addtuple, db, ver, diff)); result = ISC_R_SUCCESS; -failure: +cleanup: if (addtuple != NULL) { dns_difftuple_free(&addtuple); } @@ -1571,14 +1533,10 @@ check_soa_increment(dns_db_t *db, dns_dbversion_t *ver, dns_rdata_t *update_rdata, bool *ok) { uint32_t db_serial; uint32_t update_serial; - isc_result_t result; update_serial = dns_soa_getserial(update_rdata); - result = dns_db_getsoaserial(db, ver, &db_serial); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(dns_db_getsoaserial(db, ver, &db_serial)); if (DNS_SERIAL_GE(db_serial, update_serial)) { *ok = false; @@ -1680,7 +1638,7 @@ send_update(ns_client_t *client, dns_zone_t *zone) { } result = dns_zone_checknames(zone, name, &rdata); if (result != ISC_R_SUCCESS) { - FAIL(DNS_R_REFUSED); + CLEANUP(DNS_R_REFUSED); } if ((options & DNS_ZONEOPT_CHECKSVCB) != 0 && rdata.type == dns_rdatatype_svcb) @@ -1708,7 +1666,7 @@ send_update(ns_client_t *client, dns_zone_t *zone) { update_log(client, zone, ISC_LOG_WARNING, "update RR has incorrect class %d", update_class); - FAIL(DNS_R_FORMERR); + CLEANUP(DNS_R_FORMERR); } /* @@ -1837,7 +1795,7 @@ send_update(ns_client_t *client, dns_zone_t *zone) { isc_result_totext(result)); ns_stats_increment(client->manager->sctx->nsstats, ns_statscounter_updatequota); - CHECK(DNS_R_DROP); + CLEANUP(DNS_R_DROP); } uev = isc_mem_get(client->manager->mctx, sizeof(*uev)); @@ -1853,7 +1811,7 @@ send_update(ns_client_t *client, dns_zone_t *zone) { isc_async_run(dns_zone_getloop(zone), update_action, uev); maxbytype = NULL; -failure: +cleanup: if (db != NULL) { dns_db_closeversion(db, &ver, false); dns_db_detach(&db); @@ -1958,9 +1916,7 @@ ns_update_start(ns_client_t *client, isc_nmhandle_t *handle, * We can now fail due to a bad signature as we now know * that we are the primary. */ - if (sigresult != ISC_R_SUCCESS) { - FAIL(sigresult); - } + CHECK(sigresult); dns_message_clonebuffer(client->message); CHECK(send_update(client, zone)); break; @@ -1974,7 +1930,7 @@ ns_update_start(ns_client_t *client, isc_nmhandle_t *handle, } return; -failure: +cleanup: if (result == DNS_R_REFUSED) { inc_stats(client, zone, ns_statscounter_updaterej); } @@ -2031,7 +1987,7 @@ remove_orphaned_ds(dns_db_t *db, dns_dbversion_t *newver, dns_diff_t *diff) { } result = ISC_R_SUCCESS; -failure: +cleanup: ISC_LIST_FOREACH(temp_diff.tuples, tuple, link) { ISC_LIST_UNLINK(temp_diff.tuples, tuple, link); dns_diff_appendminimal(diff, &tuple); @@ -2164,7 +2120,7 @@ rr_exists(dns_db_t *db, dns_dbversion_t *ver, dns_name_t *name, if (result == ISC_R_NOTFOUND) { *flag = false; result = ISC_R_SUCCESS; - goto failure; + goto cleanup; } else { CHECK(result); } @@ -2173,7 +2129,7 @@ rr_exists(dns_db_t *db, dns_dbversion_t *ver, dns_name_t *name, if (result == ISC_R_NOTFOUND) { *flag = false; result = ISC_R_SUCCESS; - goto failure; + goto cleanup; } bool matched = false; @@ -2188,7 +2144,7 @@ rr_exists(dns_db_t *db, dns_dbversion_t *ver, dns_name_t *name, dns_rdataset_disassociate(&rdataset); *flag = matched; -failure: +cleanup: if (node != NULL) { dns_db_detachnode(&node); } @@ -2206,18 +2162,13 @@ get_iterations(dns_db_t *db, dns_dbversion_t *ver, dns_rdatatype_t privatetype, dns_rdataset_init(&rdataset); - result = dns_db_getoriginnode(db, &node); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(dns_db_getoriginnode(db, &node)); result = dns_db_findrdataset(db, node, ver, dns_rdatatype_nsec3param, 0, (isc_stdtime_t)0, &rdataset, NULL); if (result == ISC_R_NOTFOUND) { goto try_private; } - if (result != ISC_R_SUCCESS) { - goto failure; - } + CHECK(result); DNS_RDATASET_FOREACH(&rdataset) { dns_rdata_t rdata = DNS_RDATA_INIT; @@ -2243,9 +2194,7 @@ try_private: if (result == ISC_R_NOTFOUND) { goto success; } - if (result != ISC_R_SUCCESS) { - goto failure; - } + CHECK(result); DNS_RDATASET_FOREACH(&rdataset) { unsigned char buf[DNS_NSEC3PARAM_BUFFERSIZE]; @@ -2271,7 +2220,7 @@ success: *iterationsp = iterations; result = ISC_R_SUCCESS; -failure: +cleanup: if (node != NULL) { dns_db_detachnode(&node); } @@ -2296,8 +2245,7 @@ check_dnssec(ns_client_t *client, dns_zone_t *zone, dns_db_t *db, if (!dns_zone_check_dnskey_nsec3(zone, db, ver, diff, NULL, 0)) { update_log(client, zone, ISC_LOG_ERROR, "NSEC only DNSKEYs and NSEC3 chains not allowed"); - result = DNS_R_REFUSED; - goto failure; + CLEANUP(DNS_R_REFUSED); } /* Verify NSEC3 params */ @@ -2305,11 +2253,10 @@ check_dnssec(ns_client_t *client, dns_zone_t *zone, dns_db_t *db, if (iterations > dns_nsec3_maxiterations()) { update_log(client, zone, ISC_LOG_ERROR, "too many NSEC3 iterations (%u)", iterations); - result = DNS_R_REFUSED; - goto failure; + CLEANUP(DNS_R_REFUSED); } -failure: +cleanup: return result; } @@ -2581,7 +2528,7 @@ add_nsec3param_records(ns_client_t *client, dns_zone_t *zone, dns_db_t *db, } result = ISC_R_SUCCESS; -failure: +cleanup: dns_diff_clear(&temp_diff); return result; } @@ -2638,7 +2585,7 @@ rollback_private(dns_db_t *db, dns_rdatatype_t privatetype, } result = ISC_R_SUCCESS; -failure: +cleanup: dns_diff_clear(&temp_diff); return result; } @@ -3050,7 +2997,7 @@ update_action(void *arg) { if (result != ISC_R_SUCCESS) { dns_diff_clear(&ctx.del_diff); dns_diff_clear(&ctx.add_diff); - goto failure; + goto cleanup; } result = update_one_rr( db, ver, &diff, DNS_DIFFOP_ADD, @@ -3062,7 +3009,7 @@ update_action(void *arg) { "failed: %s", isc_result_totext( result)); - goto failure; + goto cleanup; } } } @@ -3151,13 +3098,9 @@ update_action(void *arg) { * that are in use (under our control). */ if (dns_rdatatype_iskeymaterial(rdata.type)) { - isc_result_t r; bool inuse = false; - r = dns_zone_dnskey_inuse(zone, &rdata, - &inuse); - if (r != ISC_R_SUCCESS) { - FAIL(r); - } + CHECK(dns_zone_dnskey_inuse( + zone, &rdata, &inuse)); if (inuse) { char typebuf [DNS_RDATATYPE_FORMATSIZE]; @@ -3202,8 +3145,7 @@ update_action(void *arg) { update_log(client, zone, LOGLEVEL_PROTOCOL, "update rejected: post update name server " "sanity check failed"); - result = DNS_R_REFUSED; - goto failure; + CLEANUP(DNS_R_REFUSED); } } if (!ISC_LIST_EMPTY(diff.tuples) && is_signing) { @@ -3212,12 +3154,9 @@ update_action(void *arg) { update_log(client, zone, LOGLEVEL_PROTOCOL, "update rejected: bad %s RRset", result == DNS_R_BADCDS ? "CDS" : "CDNSKEY"); - result = DNS_R_REFUSED; - goto failure; - } - if (result != ISC_R_SUCCESS) { - goto failure; + CLEANUP(DNS_R_REFUSED); } + CHECK(result); } /* @@ -3277,7 +3216,7 @@ update_action(void *arg) { update_log(client, zone, ISC_LOG_ERROR, "RRSIG/NSEC/NSEC3 update failed: %s", isc_result_totext(result)); - goto failure; + goto cleanup; } } @@ -3289,8 +3228,7 @@ update_action(void *arg) { "records in zone (%" PRIu64 ") exceeds max-records (%u)", records, maxrecords); - result = DNS_R_TOOMANYRECORDS; - goto failure; + CLEANUP(DNS_R_TOOMANYRECORDS); } } @@ -3341,7 +3279,7 @@ update_action(void *arg) { result = ISC_R_SUCCESS; goto common; -failure: +cleanup: /* * The reason for failure should have been logged at this point. */ @@ -3481,12 +3419,9 @@ send_forward(ns_client_t *client, dns_zone_t *zone) { char classbuf[DNS_RDATACLASS_FORMATSIZE]; update_t *uev = NULL; - result = checkupdateacl(client, dns_zone_getforwardacl(zone), - "update forwarding", dns_zone_getorigin(zone), - true, false); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(checkupdateacl(client, dns_zone_getforwardacl(zone), + "update forwarding", dns_zone_getorigin(zone), + true, false)); result = isc_quota_acquire(&client->manager->sctx->updquota); if (result != ISC_R_SUCCESS) { diff --git a/lib/ns/xfrout.c b/lib/ns/xfrout.c index af9273f7b4..097971fc50 100644 --- a/lib/ns/xfrout.c +++ b/lib/ns/xfrout.c @@ -81,7 +81,7 @@ "bad zone transfer request: %s (%s)", msg, \ isc_result_totext(code)); \ if (result != ISC_R_SUCCESS) \ - goto failure; \ + goto cleanup; \ } while (0) #define FAILQ(code, msg, question, rdclass) \ @@ -96,14 +96,7 @@ "bad zone transfer request: '%s/%s': %s (%s)", \ _buf1, _buf2, msg, isc_result_totext(code)); \ if (result != ISC_R_SUCCESS) \ - goto failure; \ - } while (0) - -#define CHECK(op) \ - do { \ - result = (op); \ - if (result != ISC_R_SUCCESS) \ - goto failure; \ + goto cleanup; \ } while (0) /**************************************************************************/ @@ -248,7 +241,7 @@ ixfr_rrstream_create(isc_mem_t *mctx, const char *journal_filename, *sp = (rrstream_t *)s; return ISC_R_SUCCESS; -failure: +cleanup: ixfr_rrstream_destroy((rrstream_t **)(void *)&s); return result; } @@ -329,7 +322,7 @@ axfr_rrstream_create(isc_mem_t *mctx, dns_db_t *db, dns_dbversion_t *ver, *sp = (rrstream_t *)s; return ISC_R_SUCCESS; -failure: +cleanup: axfr_rrstream_destroy((rrstream_t **)(void *)&s); return result; } @@ -337,11 +330,9 @@ failure: static isc_result_t axfr_rrstream_first(rrstream_t *rs) { axfr_rrstream_t *s = (axfr_rrstream_t *)rs; - isc_result_t result; - result = dns_rriterator_first(&s->it); - if (result != ISC_R_SUCCESS) { - return result; - } + + RETERR(dns_rriterator_first(&s->it)); + /* Skip SOA records. */ for (;;) { dns_name_t *name_dummy = NULL; @@ -352,12 +343,10 @@ axfr_rrstream_first(rrstream_t *rs) { if (rdata->type != dns_rdatatype_soa) { break; } - result = dns_rriterator_next(&s->it); - if (result != ISC_R_SUCCESS) { - break; - } + RETERR(dns_rriterator_next(&s->it)); } - return result; + + return ISC_R_SUCCESS; } static isc_result_t @@ -449,7 +438,7 @@ soa_rrstream_create(isc_mem_t *mctx, dns_db_t *db, dns_dbversion_t *ver, *sp = (rrstream_t *)s; return ISC_R_SUCCESS; -failure: +cleanup: soa_rrstream_destroy((rrstream_t **)(void *)&s); return result; } @@ -826,7 +815,7 @@ ns_xfr_start(ns_client_t *client, dns_rdatatype_t reqtype) { ISC_LOG_ERROR, "zone transfer '%s/%s' denied", _buf1, _buf2); - goto failure; + goto cleanup; } if (result != ISC_R_SUCCESS) { FAILQ(DNS_R_NOTAUTH, "non-authoritative zone", @@ -1161,7 +1150,7 @@ have_stream: result = ISC_R_SUCCESS; -failure: +cleanup: if (result == DNS_R_REFUSED) { inc_stats(client, zone, ns_statscounter_xfrrej); } @@ -1271,7 +1260,7 @@ xfrout_ctx_create(isc_mem_t *mctx, ns_client_t *client, unsigned int id, xfr->txmemlen = len; /* - * These MUST be after the last "goto failure;" / CHECK to + * These MUST be after the last "goto cleanup;" / CHECK to * prevent a double free by the caller. */ xfr->stream = stream; @@ -1512,8 +1501,7 @@ sendstream(xfrout_ctx_t *xfr) { "(%d bytes)", size); /* XXX DNS_R_RRTOOLARGE? */ - result = ISC_R_NOSPACE; - goto failure; + CLEANUP(ISC_R_NOSPACE); } break; } @@ -1608,7 +1596,7 @@ sendstream(xfrout_ctx_t *xfr) { /* Advance lasttsig to be the last TSIG generated */ CHECK(dns_message_getquerytsig(msg, xfr->mctx, &xfr->lasttsig)); -failure: +cleanup: if (tcpmsg != NULL) { dns_message_detach(&tcpmsg); } diff --git a/tests/bench/load-names.c b/tests/bench/load-names.c index 210f13ec95..8c437df575 100644 --- a/tests/bench/load-names.c +++ b/tests/bench/load-names.c @@ -83,7 +83,7 @@ const dns_qpmethods_t qpmethods = { testname, }; -#define CHECK(count, result) \ +#define CHECKN(count, result) \ do { \ if (result != ISC_R_SUCCESS) { \ dns_name_t *name = &item[count].fixed.name; \ @@ -161,14 +161,14 @@ thread_lfht(void *arg0) { isc_time_t t0 = isc_time_now_hires(); for (size_t n = arg->start; n < arg->end; n++) { isc_result_t result = add_lfht(arg->map, n); - CHECK(n, result); + CHECKN(n, result); } isc_time_t t1 = isc_time_now_hires(); for (size_t n = arg->start; n < arg->end; n++) { void *pval = NULL; isc_result_t result = get_lfht(arg->map, n, &pval); - CHECK(n, result); + CHECKN(n, result); assert(pval == &item[n]); } @@ -224,7 +224,7 @@ thread_hashmap(void *arg0) { WRLOCK(&rwl); for (size_t n = arg->start; n < arg->end; n++) { isc_result_t result = add_hashmap(arg->map, n); - CHECK(n, result); + CHECKN(n, result); } WRUNLOCK(&rwl); @@ -233,7 +233,7 @@ thread_hashmap(void *arg0) { for (size_t n = arg->start; n < arg->end; n++) { void *pval = NULL; isc_result_t result = get_hashmap(arg->map, n, &pval); - CHECK(n, result); + CHECKN(n, result); assert(pval == &item[n]); } RDUNLOCK(&rwl); @@ -281,7 +281,7 @@ thread_ht(void *arg0) { WRLOCK(&rwl); for (size_t n = arg->start; n < arg->end; n++) { isc_result_t result = add_ht(arg->map, n); - CHECK(n, result); + CHECKN(n, result); } WRUNLOCK(&rwl); @@ -290,7 +290,7 @@ thread_ht(void *arg0) { for (size_t n = arg->start; n < arg->end; n++) { void *pval = NULL; isc_result_t result = get_ht(arg->map, n, &pval); - CHECK(n, result); + CHECKN(n, result); assert(pval == &item[n]); } RDUNLOCK(&rwl); @@ -342,7 +342,7 @@ _thread_qp(void *arg0, bool sqz, bool brr) { isc_time_t t0 = isc_time_now_hires(); for (size_t n = arg->start; n < arg->end; n++) { isc_result_t result = add_qp(qp, n); - CHECK(n, result); + CHECKN(n, result); } if (sqz) { sqz_qp(qp); @@ -360,7 +360,7 @@ _thread_qp(void *arg0, bool sqz, bool brr) { for (size_t n = arg->start; n < arg->end; n++) { void *pval = NULL; isc_result_t result = get_qp(&qpr, n, &pval); - CHECK(n, result); + CHECKN(n, result); assert(pval == &item[n]); } diff --git a/tests/dns/dispatch_test.c b/tests/dns/dispatch_test.c index 663c9ff19c..0165df2742 100644 --- a/tests/dns/dispatch_test.c +++ b/tests/dns/dispatch_test.c @@ -258,10 +258,7 @@ make_dispatchset(dns_dispatchmgr_t *dispatchmgr, unsigned int ndisps, dns_dispatch_t *disp = NULL; isc_sockaddr_any(&any); - result = dns_dispatch_createudp(dispatchmgr, &any, &disp); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(dns_dispatch_createudp(dispatchmgr, &any, &disp)); result = dns_dispatchset_create(isc_g_mctx, disp, dsetp, ndisps); dns_dispatch_detach(&disp); diff --git a/tests/dns/master_test.c b/tests/dns/master_test.c index e5fdd75fa5..1d822fed8d 100644 --- a/tests/dns/master_test.c +++ b/tests/dns/master_test.c @@ -88,7 +88,6 @@ rawdata_callback(dns_zone_t *zone, dns_masterrawheader_t *h) { static isc_result_t setup_master(void (*warn)(struct dns_rdatacallbacks *, const char *, ...), void (*error)(struct dns_rdatacallbacks *, const char *, ...)) { - isc_result_t result; int len; isc_buffer_t source; @@ -100,10 +99,7 @@ setup_master(void (*warn)(struct dns_rdatacallbacks *, const char *, ...), isc_buffer_setactive(&source, len); dns_master_initrawheader(&header); - result = dns_name_fromtext(dns_origin, &source, dns_rootname, 0); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(dns_name_fromtext(dns_origin, &source, dns_rootname, 0)); dns_rdatacallbacks_init_stdio(&callbacks); callbacks.add = add_callback; @@ -116,7 +112,7 @@ setup_master(void (*warn)(struct dns_rdatacallbacks *, const char *, ...), callbacks.error = error; } headerset = false; - return result; + return ISC_R_SUCCESS; } static isc_result_t @@ -126,10 +122,7 @@ test_master(const char *workdir, const char *testfile, void (*error)(struct dns_rdatacallbacks *, const char *, ...)) { isc_result_t result; - result = setup_master(warn, error); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(setup_master(warn, error)); dns_rdatacallbacks_init_stdio(&callbacks); callbacks.add = add_callback; @@ -143,10 +136,7 @@ test_master(const char *workdir, const char *testfile, } if (workdir != NULL) { - result = isc_dir_chdir(workdir); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(isc_dir_chdir(workdir)); } result = dns_master_loadfile(testfile, dns_origin, dns_origin, diff --git a/tests/dns/qpdb_test.c b/tests/dns/qpdb_test.c index e7e16042c2..287e80de0c 100644 --- a/tests/dns/qpdb_test.c +++ b/tests/dns/qpdb_test.c @@ -36,11 +36,9 @@ #pragma GCC diagnostic push #pragma GCC diagnostic ignored "-Wshadow" -#undef CHECK #include "qpcache.c" #pragma GCC diagnostic pop -#undef CHECK #include /* Set to true (or use -v option) for verbose output */ diff --git a/tests/dns/qpzone_test.c b/tests/dns/qpzone_test.c index ba2591bf17..7f80a238ab 100644 --- a/tests/dns/qpzone_test.c +++ b/tests/dns/qpzone_test.c @@ -41,11 +41,9 @@ #pragma GCC diagnostic push #pragma GCC diagnostic ignored "-Wshadow" -#undef CHECK #include "qpzone.c" #pragma GCC diagnostic pop -#undef CHECK #include const char *ownercase_vectors[12][2] = { diff --git a/tests/dns/rsa_test.c b/tests/dns/rsa_test.c index 52d91ba16a..fde2211356 100644 --- a/tests/dns/rsa_test.c +++ b/tests/dns/rsa_test.c @@ -120,7 +120,7 @@ static unsigned char sigsha512[512] = { /* RSA verify */ ISC_RUN_TEST_IMPL(isc_rsa_verify) { - isc_result_t ret; + isc_result_t result; dns_fixedname_t fname; isc_buffer_t buf; dns_name_t *name; @@ -133,30 +133,30 @@ ISC_RUN_TEST_IMPL(isc_rsa_verify) { name = dns_fixedname_initname(&fname); isc_buffer_constinit(&buf, "rsa.", 4); isc_buffer_add(&buf, 4); - ret = dns_name_fromtext(name, &buf, NULL, 0); - assert_int_equal(ret, ISC_R_SUCCESS); + result = dns_name_fromtext(name, &buf, NULL, 0); + assert_int_equal(result, ISC_R_SUCCESS); - ret = dst_key_fromfile(name, 29238, DST_ALG_RSASHA256, DST_TYPE_PUBLIC, - TESTS_DIR, isc_g_mctx, &key); - assert_int_equal(ret, ISC_R_SUCCESS); + result = dst_key_fromfile(name, 29238, DST_ALG_RSASHA256, + DST_TYPE_PUBLIC, TESTS_DIR, isc_g_mctx, &key); + assert_int_equal(result, ISC_R_SUCCESS); /* RSASHA1 - May not be supported by the OS */ if (dst_algorithm_supported(DST_ALG_RSASHA1)) { key->key_alg = DST_ALG_RSASHA1; - ret = dst_context_create(key, isc_g_mctx, - DNS_LOGCATEGORY_DNSSEC, false, &ctx); - assert_int_equal(ret, ISC_R_SUCCESS); + result = dst_context_create( + key, isc_g_mctx, DNS_LOGCATEGORY_DNSSEC, false, &ctx); + assert_int_equal(result, ISC_R_SUCCESS); r.base = d; r.length = 10; - ret = dst_context_adddata(ctx, &r); - assert_int_equal(ret, ISC_R_SUCCESS); + result = dst_context_adddata(ctx, &r); + assert_int_equal(result, ISC_R_SUCCESS); r.base = sigsha1; r.length = 256; - ret = dst_context_verify(ctx, &r); - assert_int_equal(ret, ISC_R_SUCCESS); + result = dst_context_verify(ctx, &r); + assert_int_equal(result, ISC_R_SUCCESS); dst_context_destroy(&ctx); } @@ -165,19 +165,19 @@ ISC_RUN_TEST_IMPL(isc_rsa_verify) { key->key_alg = DST_ALG_RSASHA256; - ret = dst_context_create(key, isc_g_mctx, DNS_LOGCATEGORY_DNSSEC, false, - &ctx); - assert_int_equal(ret, ISC_R_SUCCESS); + result = dst_context_create(key, isc_g_mctx, DNS_LOGCATEGORY_DNSSEC, + false, &ctx); + assert_int_equal(result, ISC_R_SUCCESS); r.base = d; r.length = 10; - ret = dst_context_adddata(ctx, &r); - assert_int_equal(ret, ISC_R_SUCCESS); + result = dst_context_adddata(ctx, &r); + assert_int_equal(result, ISC_R_SUCCESS); r.base = sigsha256; r.length = 256; - ret = dst_context_verify(ctx, &r); - assert_int_equal(ret, ISC_R_SUCCESS); + result = dst_context_verify(ctx, &r); + assert_int_equal(result, ISC_R_SUCCESS); dst_context_destroy(&ctx); @@ -185,19 +185,19 @@ ISC_RUN_TEST_IMPL(isc_rsa_verify) { key->key_alg = DST_ALG_RSASHA512; - ret = dst_context_create(key, isc_g_mctx, DNS_LOGCATEGORY_DNSSEC, false, - &ctx); - assert_int_equal(ret, ISC_R_SUCCESS); + result = dst_context_create(key, isc_g_mctx, DNS_LOGCATEGORY_DNSSEC, + false, &ctx); + assert_int_equal(result, ISC_R_SUCCESS); r.base = d; r.length = 10; - ret = dst_context_adddata(ctx, &r); - assert_int_equal(ret, ISC_R_SUCCESS); + result = dst_context_adddata(ctx, &r); + assert_int_equal(result, ISC_R_SUCCESS); r.base = sigsha512; r.length = 256; - ret = dst_context_verify(ctx, &r); - assert_int_equal(ret, ISC_R_SUCCESS); + result = dst_context_verify(ctx, &r); + assert_int_equal(result, ISC_R_SUCCESS); dst_context_destroy(&ctx); diff --git a/tests/dns/skr_test.c b/tests/dns/skr_test.c index eb2abd9b74..55b533dc52 100644 --- a/tests/dns/skr_test.c +++ b/tests/dns/skr_test.c @@ -122,12 +122,12 @@ print_rdata(FILE *fp, dns_rdata_t *rdata) { isc_buffer_t target; isc_region_t r; - isc_result_t ret; + isc_result_t result; char buf[4096]; isc_buffer_init(&target, buf, sizeof(buf)); - ret = dns_rdataset_totext(&rrset, dname, false, false, &target); - assert_int_equal(ret, ISC_R_SUCCESS); + result = dns_rdataset_totext(&rrset, dname, false, false, &target); + assert_int_equal(result, ISC_R_SUCCESS); isc_buffer_usedregion(&target, &r); fprintf(fp, "%.*s", (int)r.length, (char *)r.base); @@ -142,13 +142,13 @@ sign_rrset(FILE *fp, isc_stdtime_t inception, isc_stdtime_t expiration, dns_rdataset_t *rrset, char *target_mem, dns_rdata_t *rrsig) { dns_dnsseckey_t *ksk = ISC_LIST_HEAD(keys); isc_stdtime_t clockskew = inception - OFFSET; - isc_result_t ret; + isc_result_t result; isc_buffer_t target; isc_buffer_init(&target, target_mem, 1024); - ret = dns_dnssec_sign(dname, rrset, ksk->key, &clockskew, &expiration, - isc_g_mctx, &target, rrsig); - assert_int_equal(ret, ISC_R_SUCCESS); + result = dns_dnssec_sign(dname, rrset, ksk->key, &clockskew, + &expiration, isc_g_mctx, &target, rrsig); + assert_int_equal(result, ISC_R_SUCCESS); print_rdata(fp, rrsig); } @@ -159,7 +159,7 @@ write_record(FILE *fp, dns_rdatatype_t rdtype, const char *rdatastr, isc_buffer_t source, target; isc_lex_t *lex = NULL; isc_lexspecials_t specials = { 0 }; - isc_result_t ret; + isc_result_t result; /* Set up source to hold the input string. */ isc_buffer_init(&target, target_mem, 1024); @@ -174,12 +174,12 @@ write_record(FILE *fp, dns_rdatatype_t rdtype, const char *rdatastr, specials['"'] = 1; isc_lex_setspecials(lex, specials); isc_lex_setcomments(lex, ISC_LEXCOMMENT_DNSMASTERFILE); - ret = isc_lex_openbuffer(lex, &source); - assert_int_equal(ret, ISC_R_SUCCESS); + result = isc_lex_openbuffer(lex, &source); + assert_int_equal(result, ISC_R_SUCCESS); - ret = dns_rdata_fromtext(rdata, dns_rdataclass_in, rdtype, lex, dname, - 0, isc_g_mctx, &target, NULL); - assert_int_equal(ret, ISC_R_SUCCESS); + result = dns_rdata_fromtext(rdata, dns_rdataclass_in, rdtype, lex, + dname, 0, isc_g_mctx, &target, NULL); + assert_int_equal(result, ISC_R_SUCCESS); print_rdata(fp, rdata); @@ -196,15 +196,15 @@ create_bundle(FILE *fp, isc_stdtime_t btime, int bnum) { dns_rdataset_t *cdsset = NULL; isc_buffer_t b, timebuf; isc_region_t r; - isc_result_t ret; + isc_result_t result; /* Write header to file. */ test_bundles[bnum].btime = btime; isc_buffer_init(&timebuf, timestr, sizeof(timestr)); isc_stdtime_tostring(btime, timestr, sizeof(timestr)); isc_buffer_init(&b, utc, sizeof(utc)); - ret = dns_time32_totext(btime, &b); - assert_int_equal(ret, ISC_R_SUCCESS); + result = dns_time32_totext(btime, &b); + assert_int_equal(result, ISC_R_SUCCESS); isc_buffer_usedregion(&b, &r); fprintf(fp, ";; SignedKeyResponse 1.0 %.*s (%s)\n", (int)r.length, @@ -303,13 +303,13 @@ create_bundle(FILE *fp, isc_stdtime_t btime, int bnum) { static void check_rrsig(dns_skrbundle_t *bundle, skr__testbundle_t *tb, - dns_rdatatype_t rrtype, isc_result_t ret) { + dns_rdatatype_t rrtype, isc_result_t result) { isc_result_t r; dns_dnsseckey_t *key = ISC_LIST_HEAD(keys); dns_rdata_t sigrdata = DNS_RDATA_INIT; r = dns_skrbundle_getsig(bundle, key->key, rrtype, &sigrdata); - assert_int_equal(r, ret); + assert_int_equal(r, result); if (r == ISC_R_SUCCESS) { int cmp = 1; @@ -399,7 +399,7 @@ check_bundle(dns_skrbundle_t *bundle, skr__testbundle_t *tb, int bnum) { static void create_skr_file(void) { - isc_result_t ret; + isc_result_t result; isc_stdtime_t start_time; size_t tempfilelen; char *tempfile = NULL; @@ -408,10 +408,10 @@ create_skr_file(void) { /* Set up output file */ tempfilelen = strlen(TESTS_DIR "/testdata/skr/") + 20; tempfile = isc_mem_get(isc_g_mctx, tempfilelen); - ret = isc_file_mktemplate(testskr, tempfile, tempfilelen); - assert_int_equal(ret, ISC_R_SUCCESS); - ret = isc_file_openunique(tempfile, &outfp); - assert_int_equal(ret, ISC_R_SUCCESS); + result = isc_file_mktemplate(testskr, tempfile, tempfilelen); + assert_int_equal(result, ISC_R_SUCCESS); + result = isc_file_openunique(tempfile, &outfp); + assert_int_equal(result, ISC_R_SUCCESS); start_time = isc_stdtime_now(); for (int i = 0; i < 42; i++) { @@ -421,10 +421,10 @@ create_skr_file(void) { fprintf(outfp, ";; SignedKeyResponse 1.0 generated by test-dev\n"); - ret = isc_stdio_close(outfp); - assert_int_equal(ret, ISC_R_SUCCESS); - ret = isc_file_rename(tempfile, testskr); - assert_int_equal(ret, ISC_R_SUCCESS); + result = isc_stdio_close(outfp); + assert_int_equal(result, ISC_R_SUCCESS); + result = isc_file_rename(tempfile, testskr); + assert_int_equal(result, ISC_R_SUCCESS); isc_file_remove(tempfile); isc_mem_put(isc_g_mctx, tempfile, tempfilelen); diff --git a/tests/dns/tsig_test.c b/tests/dns/tsig_test.c index 0102603d49..b07dcd27ab 100644 --- a/tests/dns/tsig_test.c +++ b/tests/dns/tsig_test.c @@ -40,14 +40,6 @@ #define TEST_ORIGIN "test" -#define CHECK(r) \ - { \ - result = (r); \ - if (result != ISC_R_SUCCESS) { \ - goto cleanup; \ - } \ - } - static isc_result_t add_mac(dst_context_t *tsigctx, isc_buffer_t *buf) { dns_rdata_any_tsig_t tsig; diff --git a/tests/dns/update_test.c b/tests/dns/update_test.c index 37cad32890..3cbd7daee6 100644 --- a/tests/dns/update_test.c +++ b/tests/dns/update_test.c @@ -40,11 +40,9 @@ */ #pragma GCC diagnostic push #pragma GCC diagnostic ignored "-Wshadow" -#undef CHECK #include "update.c" #pragma GCC diagnostic pop -#undef CHECK #include static int diff --git a/tests/libtest/dns.c b/tests/libtest/dns.c index 18b8f55052..1abd26c5e3 100644 --- a/tests/libtest/dns.c +++ b/tests/libtest/dns.c @@ -65,10 +65,7 @@ dns_test_makeview(const char *name, bool with_dispatchmgr, bool with_cache, dns_dispatchmgr_t *dispatchmgr = NULL; if (with_dispatchmgr) { - result = dns_dispatchmgr_create(isc_g_mctx, &dispatchmgr); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(dns_dispatchmgr_create(isc_g_mctx, &dispatchmgr)); } dns_view_create(isc_g_mctx, dispatchmgr, dns_rdataclass_in, name, @@ -211,16 +208,10 @@ dns_test_loaddb(dns_db_t **db, dns_dbtype_t dbtype, const char *origin, name = dns_fixedname_initname(&fixed); - result = dns_name_fromstring(name, origin, dns_rootname, 0, NULL); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(dns_name_fromstring(name, origin, dns_rootname, 0, NULL)); - result = dns_db_create(isc_g_mctx, dbimp, name, dbtype, - dns_rdataclass_in, 0, NULL, db); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(dns_db_create(isc_g_mctx, dbimp, name, dbtype, dns_rdataclass_in, + 0, NULL, db)); result = dns_db_load(*db, testfile, dns_masterformat_text, 0); return result; @@ -263,7 +254,7 @@ dns_test_tohex(const unsigned char *data, size_t len, char *buf, isc_result_t dns_test_getdata(const char *file, unsigned char *buf, size_t bufsiz, size_t *sizep) { - isc_result_t result; + isc_result_t result = ISC_R_SUCCESS; unsigned char *bp; char *rp, *wp; char s[BUFSIZ]; @@ -271,10 +262,7 @@ dns_test_getdata(const char *file, unsigned char *buf, size_t bufsiz, FILE *f = NULL; int n; - result = isc_stdio_open(file, "r", &f); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(isc_stdio_open(file, "r", &f)); bp = buf; while (fgets(s, sizeof(s), f) != NULL) { diff --git a/tests/libtest/ns.c b/tests/libtest/ns.c index 55117d1408..d91c849bf3 100644 --- a/tests/libtest/ns.c +++ b/tests/libtest/ns.c @@ -93,16 +93,9 @@ setup_server(void **state) { ns_server_create(isc_g_mctx, matchview, &sctx); - result = dns_dispatchmgr_create(isc_g_mctx, &dispatchmgr); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } - - result = ns_interfacemgr_create(isc_g_mctx, sctx, dispatchmgr, NULL, - &interfacemgr); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(dns_dispatchmgr_create(isc_g_mctx, &dispatchmgr)); + CHECK(ns_interfacemgr_create(isc_g_mctx, sctx, dispatchmgr, NULL, + &interfacemgr)); isc_loop_setup(isc_loop_main(), scan_interfaces, NULL); @@ -153,10 +146,7 @@ ns_test_serve_zone(const char *zonename, const char *filename, /* * Prepare zone structure for further processing. */ - result = dns_test_makezone(zonename, &served_zone, view, false); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(dns_test_makezone(zonename, &served_zone, view, false)); /* * Start zone manager. @@ -525,16 +515,10 @@ ns_test_loaddb(dns_db_t **db, dns_dbtype_t dbtype, const char *origin, name = dns_fixedname_initname(&fixed); - result = dns_name_fromstring(name, origin, dns_rootname, 0, NULL); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(dns_name_fromstring(name, origin, dns_rootname, 0, NULL)); - result = dns_db_create(isc_g_mctx, dbimp, name, dbtype, - dns_rdataclass_in, 0, NULL, db); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(dns_db_create(isc_g_mctx, dbimp, name, dbtype, dns_rdataclass_in, + 0, NULL, db)); result = dns_db_load(*db, testfile, dns_masterformat_text, 0); return result; @@ -565,10 +549,7 @@ ns_test_getdata(const char *file, unsigned char *buf, size_t bufsiz, FILE *f = NULL; int n; - result = isc_stdio_open(file, "r", &f); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(isc_stdio_open(file, "r", &f)); bp = buf; while (fgets(s, sizeof(s), f) != NULL) {