From 52bba5cc343cb105232bb1631b97a8577b751fee Mon Sep 17 00:00:00 2001 From: Evan Hunt Date: Wed, 21 May 2025 13:22:58 -0700 Subject: [PATCH 1/8] standardize CHECK and RETERR macros previously, there were over 40 separate definitions of CHECK macros, of which most used "goto cleanup", and the rest "goto failure" or "goto out". there were another 10 definitions of RETERR, of which most were identical to CHECK, but some simply returned a result code instead of jumping to a cleanup label. this has now been standardized throughout the code base: RETERR is for returning an error code in the case of an error, and CHECK is for jumping to a cleanup tag, which is now always called "cleanup". both macros are defined in isc/util.h. --- bin/check/check-tool.c | 7 - bin/check/named-checkconf.c | 7 - bin/delv/delv.c | 7 - bin/dnssec/dnssec-ksr.c | 176 +++---- bin/named/controlconf.c | 8 - bin/named/logconf.c | 7 - bin/named/server.c | 7 - bin/named/statschannel.c | 8 - bin/named/tkeyconf.c | 4 +- bin/named/transportconf.c | 5 - bin/named/zoneconf.c | 16 +- bin/plugins/filter-a.c | 8 - bin/plugins/filter-aaaa.c | 8 - bin/plugins/synthrecord.c | 8 - bin/tests/system/dlzexternal/driver/driver.c | 15 +- bin/tests/system/dyndb/driver/util.h | 13 - bin/tests/system/dyndb/driver/zone.c | 11 +- bin/tests/system/hooks/driver/test-async.c | 8 - .../system/hooks/driver/test-syncplugin.c | 15 +- bin/tests/system/pipelined/pipequeries.c | 14 +- bin/tests/system/rsabigexponent/bigkey.c | 24 +- bin/tools/mdig.c | 85 ++- fuzz/dns_qpkey_name.c | 2 + fuzz/dns_rdata_fromwire_text.c | 1 + fuzz/fuzz.h | 5 - fuzz/isc_lex_getmastertoken.c | 1 + fuzz/isc_lex_gettoken.c | 1 + lib/dns/client.c | 7 - lib/dns/diff.c | 11 +- lib/dns/dnssec.c | 145 +++--- lib/dns/dnstap.c | 7 - lib/dns/dst_api.c | 203 +++----- lib/dns/dst_parse.c | 99 ++-- lib/dns/dyndb.c | 7 - lib/dns/gssapictx.c | 25 +- lib/dns/journal.c | 88 ++-- lib/dns/keymgr.c | 196 ++++--- lib/dns/masterdump.c | 13 - lib/dns/nsec3.c | 108 ++-- lib/dns/openssl_link.c | 16 +- lib/dns/opensslecdsa_link.c | 187 +++---- lib/dns/openssleddsa_link.c | 104 ++-- lib/dns/opensslrsa_link.c | 143 +++-- lib/dns/private.c | 23 +- lib/dns/qpcache.c | 21 +- lib/dns/qpzone.c | 8 - lib/dns/rcode.c | 7 - lib/dns/rdata.c | 14 - lib/dns/rdataset.c | 24 +- lib/dns/resconf.c | 7 - lib/dns/resolver.c | 14 +- lib/dns/skr.c | 52 +- lib/dns/tkey.c | 84 ++- lib/dns/ttl.c | 7 - lib/dns/update.c | 142 +---- lib/dns/view.c | 7 - lib/dns/xfrin.c | 129 ++--- lib/dns/zone.c | 488 ++++++++---------- lib/isc/base32.c | 7 - lib/isc/base64.c | 7 - lib/isc/hex.c | 7 - lib/isc/httpd.c | 8 - lib/isc/include/isc/util.h | 34 ++ lib/isccfg/namedconf.c | 9 - lib/isccfg/parser.c | 14 +- lib/ns/hooks.c | 15 +- lib/ns/update.c | 125 ++--- lib/ns/xfrout.c | 28 +- tests/bench/load-names.c | 18 +- tests/dns/qpdb_test.c | 2 - tests/dns/qpzone_test.c | 2 - tests/dns/tsig_test.c | 8 - tests/dns/update_test.c | 2 - 73 files changed, 1151 insertions(+), 1992 deletions(-) diff --git a/bin/check/check-tool.c b/bin/check/check-tool.c index b7ca8a8936..0fd104c437 100644 --- a/bin/check/check-tool.c +++ b/bin/check/check-tool.c @@ -52,13 +52,6 @@ #define CHECK_LOCAL 1 #endif /* ifndef CHECK_LOCAL */ -#define CHECK(r) \ - do { \ - result = (r); \ - if (result != ISC_R_SUCCESS) \ - goto cleanup; \ - } while (0) - #define ERR_IS_CNAME 1 #define ERR_NO_ADDRESSES 2 #define ERR_LOOKUP_FAILURE 3 diff --git a/bin/check/named-checkconf.c b/bin/check/named-checkconf.c index 6355079f40..caac86ee25 100644 --- a/bin/check/named-checkconf.c +++ b/bin/check/named-checkconf.c @@ -44,13 +44,6 @@ #include "check-tool.h" -#define CHECK(r) \ - do { \ - result = (r); \ - if (result != ISC_R_SUCCESS) \ - goto cleanup; \ - } while (0) - /*% usage */ ISC_NORETURN static void usage(void); diff --git a/bin/delv/delv.c b/bin/delv/delv.c index f805e7dd88..80f52231f3 100644 --- a/bin/delv/delv.c +++ b/bin/delv/delv.c @@ -84,13 +84,6 @@ #include -#define CHECK(r) \ - do { \ - result = (r); \ - if (result != ISC_R_SUCCESS) \ - goto cleanup; \ - } while (0) - #define MAXNAME (DNS_NAME_MAXTEXT + 1) #define MAX_QUERIES 50 diff --git a/bin/dnssec/dnssec-ksr.c b/bin/dnssec/dnssec-ksr.c index a4ef81b82e..7240da4278 100644 --- a/bin/dnssec/dnssec-ksr.c +++ b/bin/dnssec/dnssec-ksr.c @@ -91,24 +91,9 @@ static int min_dh = 128; #define READLINE(lex, opt, token) -#define NEXTTOKEN(lex, opt, token) \ - { \ - ret = isc_lex_gettoken(lex, opt, token); \ - if (ret != ISC_R_SUCCESS) \ - goto cleanup; \ - } +#define NEXTTOKEN(lex, opt, token) CHECK(isc_lex_gettoken(lex, opt, token)) -#define BADTOKEN() \ - { \ - ret = ISC_R_UNEXPECTEDTOKEN; \ - goto cleanup; \ - } - -#define CHECK(r) \ - ret = (r); \ - if (ret != ISC_R_SUCCESS) { \ - goto fail; \ - } +#define BADTOKEN() CHECK(ISC_R_UNEXPECTEDTOKEN) isc_bufferlist_t cleanup_list = ISC_LIST_INITIALIZER; @@ -209,16 +194,16 @@ get_dnskeys(ksr_ctx_t *ksr, dns_dnsseckeylist_t *keys) { dns_dnsseckeylist_t keys_read; dns_dnsseckey_t **keys_sorted; int i = 0, n = 0; - isc_result_t ret; + isc_result_t result; ISC_LIST_INIT(*keys); ISC_LIST_INIT(keys_read); - ret = dns_dnssec_findmatchingkeys(name, NULL, ksr->keydir, NULL, - ksr->now, false, isc_g_mctx, - &keys_read); - if (ret != ISC_R_SUCCESS && ret != ISC_R_NOTFOUND) { + result = dns_dnssec_findmatchingkeys(name, NULL, ksr->keydir, NULL, + ksr->now, false, isc_g_mctx, + &keys_read); + if (result != ISC_R_SUCCESS && result != ISC_R_NOTFOUND) { fatal("failed to load existing keys from %s: %s", ksr->keydir, - isc_result_totext(ret)); + isc_result_totext(result)); } /* Sort on keytag. */ ISC_LIST_FOREACH(keys_read, dk, link) { @@ -323,7 +308,7 @@ create_key(ksr_ctx_t *ksr, dns_kasp_t *kasp, dns_kasp_key_t *kaspkey, dst_key_t *key = NULL; int options = (DST_TYPE_PRIVATE | DST_TYPE_PUBLIC | DST_TYPE_STATE); isc_buffer_t buf; - isc_result_t ret; + isc_result_t result; isc_stdtime_t prepub; uint16_t flags = DNS_KEYOWNER_ZONE; @@ -421,26 +406,26 @@ create_key(ksr_ctx_t *ksr, dns_kasp_t *kasp, dns_kasp_key_t *kaspkey, "Generating key pair for bundle %s: ", timestr); } if (ksr->keystore != NULL && ksr->policy != NULL) { - ret = dns_keystore_keygen( + result = dns_keystore_keygen( ksr->keystore, name, ksr->policy, dns_rdataclass_in, isc_g_mctx, ksr->alg, ksr->size, flags, &key); } else if (show_progress) { - ret = dst_key_generate(name, ksr->alg, ksr->size, 0, - flags, DNS_KEYPROTO_DNSSEC, - dns_rdataclass_in, NULL, - isc_g_mctx, &key, &progress); + result = dst_key_generate(name, ksr->alg, ksr->size, 0, + flags, DNS_KEYPROTO_DNSSEC, + dns_rdataclass_in, NULL, + isc_g_mctx, &key, &progress); fflush(stderr); } else { - ret = dst_key_generate(name, ksr->alg, ksr->size, 0, - flags, DNS_KEYPROTO_DNSSEC, - dns_rdataclass_in, NULL, - isc_g_mctx, &key, NULL); + result = dst_key_generate(name, ksr->alg, ksr->size, 0, + flags, DNS_KEYPROTO_DNSSEC, + dns_rdataclass_in, NULL, + isc_g_mctx, &key, NULL); } - if (ret != ISC_R_SUCCESS) { + if (result != ISC_R_SUCCESS) { fatal("failed to generate key %s/%s: %s\n", namestr, - algstr, isc_result_totext(ret)); + algstr, isc_result_totext(result)); } /* Do not overwrite an existing key. */ @@ -451,9 +436,9 @@ create_key(ksr_ctx_t *ksr, dns_kasp_t *kasp, dns_kasp_key_t *kaspkey, conflict = true; if (verbose > 0) { isc_buffer_clear(&buf); - ret = dst_key_buildfilename(key, 0, ksr->keydir, - &buf); - if (ret == ISC_R_SUCCESS) { + result = dst_key_buildfilename( + key, 0, ksr->keydir, &buf); + if (result == ISC_R_SUCCESS) { fprintf(stderr, "%s: %s already exists, or " "might collide with another " @@ -502,20 +487,20 @@ create_key(ksr_ctx_t *ksr, dns_kasp_t *kasp, dns_kasp_key_t *kaspkey, *expiration = 0; } - ret = dst_key_tofile(key, options, ksr->keydir); - if (ret != ISC_R_SUCCESS) { + result = dst_key_tofile(key, options, ksr->keydir); + if (result != ISC_R_SUCCESS) { char keystr[DST_KEY_FORMATSIZE]; dst_key_format(key, keystr, sizeof(keystr)); fatal("failed to write key %s: %s\n", keystr, - isc_result_totext(ret)); + isc_result_totext(result)); } output: isc_buffer_clear(&buf); - ret = dst_key_buildfilename(key, 0, NULL, &buf); - if (ret != ISC_R_SUCCESS) { + result = dst_key_buildfilename(key, 0, NULL, &buf); + if (result != ISC_R_SUCCESS) { fatal("dst_key_buildfilename returned: %s\n", - isc_result_totext(ret)); + isc_result_totext(result)); } printf("%s\n", filename); fflush(stdout); @@ -528,12 +513,12 @@ static void print_rdata(dns_rdataset_t *rrset) { isc_buffer_t target; isc_region_t r; - isc_result_t ret; + isc_result_t result; char buf[4096]; isc_buffer_init(&target, buf, sizeof(buf)); - ret = dns_rdataset_totext(rrset, name, false, false, &target); - if (ret != ISC_R_SUCCESS) { + result = dns_rdataset_totext(rrset, name, false, false, &target); + if (result != ISC_R_SUCCESS) { fatal("failed to print rdata"); } isc_buffer_usedregion(&target, &r); @@ -547,7 +532,7 @@ print_dnskeys(dns_kasp_key_t *kaspkey, dns_ttl_t ttl, dns_dnsseckeylist_t *keys, char timestr[26]; /* Minimal buf as per ctime_r() spec. */ dns_rdatalist_t *rdatalist = NULL; dns_rdataset_t rdataset = DNS_RDATASET_INIT; - isc_result_t ret = ISC_R_SUCCESS; + isc_result_t result = ISC_R_SUCCESS; isc_stdtime_t next_bundle = next_inception; isc_stdtime_tostring(inception, timestr, sizeof(timestr)); @@ -614,11 +599,11 @@ print_dnskeys(dns_kasp_key_t *kaspkey, dns_ttl_t ttl, dns_dnsseckeylist_t *keys, dns_rdatalist_tordataset(rdatalist, &rdataset); print_rdata(&rdataset); -fail: +cleanup: /* Cleanup */ freerrset(&rdataset); - if (ret != ISC_R_SUCCESS) { + if (result != ISC_R_SUCCESS) { fatal("failed to print %s/%s zsk key pair found for bundle %s", namestr, algstr, timestr); } @@ -631,7 +616,7 @@ sign_rrset(ksr_ctx_t *ksr, isc_stdtime_t inception, isc_stdtime_t expiration, dns_rdataset_t *rrset, dns_dnsseckeylist_t *keys) { dns_rdatalist_t *rrsiglist = NULL; dns_rdataset_t rrsigset = DNS_RDATASET_INIT; - isc_result_t ret; + isc_result_t result; isc_stdtime_t next_bundle = expiration; UNUSED(ksr); @@ -646,10 +631,10 @@ sign_rrset(ksr_ctx_t *ksr, isc_stdtime_t inception, isc_stdtime_t expiration, isc_buffer_init(&timebuf, timestr, sizeof(timestr)); isc_stdtime_tostring(inception, timestr, sizeof(timestr)); isc_buffer_init(&b, utc, sizeof(utc)); - ret = dns_time32_totext(inception, &b); - if (ret != ISC_R_SUCCESS) { + result = dns_time32_totext(inception, &b); + if (result != ISC_R_SUCCESS) { fatal("failed to convert bundle time32 to text: %s", - isc_result_totext(ret)); + isc_result_totext(result)); } isc_buffer_usedregion(&b, &r); fprintf(stdout, ";; SignedKeyResponse 1.0 %.*s (%s)\n", @@ -696,9 +681,9 @@ sign_rrset(ksr_ctx_t *ksr, isc_stdtime_t inception, isc_stdtime_t expiration, rrsig = isc_mem_get(isc_g_mctx, sizeof(*rrsig)); dns_rdata_init(rrsig); isc_buffer_init(&buf, rdatabuf, sizeof(rdatabuf)); - ret = dns_dnssec_sign(name, rrset, dk->key, &clockskew, - &expiration, isc_g_mctx, &buf, &rdata); - if (ret != ISC_R_SUCCESS) { + result = dns_dnssec_sign(name, rrset, dk->key, &clockskew, + &expiration, isc_g_mctx, &buf, &rdata); + if (result != ISC_R_SUCCESS) { fatal("failed to sign KSR"); } isc_buffer_usedregion(&buf, &rs); @@ -733,7 +718,7 @@ get_keymaterial(ksr_ctx_t *ksr, dns_kasp_t *kasp, isc_stdtime_t inception, dns_rdatalist_t *cdnskeylist = isc_mem_get(isc_g_mctx, sizeof(*cdnskeylist)); dns_rdatalist_t *cdslist = isc_mem_get(isc_g_mctx, sizeof(*cdslist)); - isc_result_t ret = ISC_R_SUCCESS; + isc_result_t result = ISC_R_SUCCESS; isc_stdtime_t next_bundle = next_inception; dns_rdatalist_init(dnskeylist); @@ -873,7 +858,7 @@ get_keymaterial(ksr_ctx_t *ksr, dns_kasp_t *kasp, isc_stdtime_t inception, return next_bundle; -fail: +cleanup: fatal("failed to create KSK/CDS/CDNSKEY"); return 0; } @@ -968,7 +953,7 @@ parse_dnskey(isc_lex_t *lex, char *owner, isc_buffer_t *buf, dns_ttl_t *ttl) { dns_name_t *dname = NULL; dns_rdataclass_t rdclass = dns_rdataclass_in; isc_buffer_t b; - isc_result_t ret; + isc_result_t result; isc_token_t token; unsigned int opt = ISC_LEXOPT_EOL; @@ -982,12 +967,12 @@ parse_dnskey(isc_lex_t *lex, char *owner, isc_buffer_t *buf, dns_ttl_t *ttl) { dname = dns_fixedname_initname(&dfname); isc_buffer_init(&b, owner, strlen(owner)); isc_buffer_add(&b, strlen(owner)); - ret = dns_name_fromtext(dname, &b, dns_rootname, 0); - if (ret != ISC_R_SUCCESS) { + result = dns_name_fromtext(dname, &b, dns_rootname, 0); + if (result != ISC_R_SUCCESS) { goto cleanup; } if (dns_name_compare(dname, name) != 0) { - ret = DNS_R_BADOWNERNAME; + result = DNS_R_BADOWNERNAME; goto cleanup; } isc_buffer_clear(&b); @@ -999,8 +984,8 @@ parse_dnskey(isc_lex_t *lex, char *owner, isc_buffer_t *buf, dns_ttl_t *ttl) { } /* If it's a TTL, read the next one */ - ret = dns_ttl_fromtext(&token.value.as_textregion, ttl); - if (ret == ISC_R_SUCCESS) { + result = dns_ttl_fromtext(&token.value.as_textregion, ttl); + if (result == ISC_R_SUCCESS) { NEXTTOKEN(lex, opt, &token); } if (token.type != isc_tokentype_string) { @@ -1008,8 +993,8 @@ parse_dnskey(isc_lex_t *lex, char *owner, isc_buffer_t *buf, dns_ttl_t *ttl) { } /* If it's a class, read the next one */ - ret = dns_rdataclass_fromtext(&rdclass, &token.value.as_textregion); - if (ret == ISC_R_SUCCESS) { + result = dns_rdataclass_fromtext(&rdclass, &token.value.as_textregion); + if (result == ISC_R_SUCCESS) { NEXTTOKEN(lex, opt, &token); } if (token.type != isc_tokentype_string) { @@ -1021,12 +1006,12 @@ parse_dnskey(isc_lex_t *lex, char *owner, isc_buffer_t *buf, dns_ttl_t *ttl) { BADTOKEN(); } - ret = dns_rdata_fromtext(NULL, rdclass, dns_rdatatype_dnskey, lex, name, - 0, isc_g_mctx, buf, NULL); + result = dns_rdata_fromtext(NULL, rdclass, dns_rdatatype_dnskey, lex, + name, 0, isc_g_mctx, buf, NULL); cleanup: isc_lex_setcomments(lex, 0); - return ret; + return result; } static void @@ -1097,14 +1082,14 @@ request(ksr_ctx_t *ksr) { char utc[sizeof("YYYYMMDDHHSSMM")]; isc_buffer_t b; isc_region_t r; - isc_result_t ret; + isc_result_t result; isc_stdtime_tostring(inception, timestr, sizeof(timestr)); isc_buffer_init(&b, utc, sizeof(utc)); - ret = dns_time32_totext(inception, &b); - if (ret != ISC_R_SUCCESS) { + result = dns_time32_totext(inception, &b); + if (result != ISC_R_SUCCESS) { fatal("failed to convert bundle time32 to text: %s", - isc_result_totext(ret)); + isc_result_totext(result)); } isc_buffer_usedregion(&b, &r); fprintf(stdout, ";; KeySigningRequest 1.0 %.*s (%s)\n", @@ -1146,7 +1131,7 @@ sign(ksr_ctx_t *ksr) { dns_dnsseckeylist_t keys; dns_kasp_t *kasp = NULL; dns_rdatalist_t *rdatalist = NULL; - isc_result_t ret; + isc_result_t result; isc_stdtime_t inception; isc_lex_t *lex = NULL; isc_lexspecials_t specials; @@ -1172,14 +1157,15 @@ sign(ksr_ctx_t *ksr) { specials[')'] = 1; specials['"'] = 1; isc_lex_setspecials(lex, specials); - ret = isc_lex_openfile(lex, ksr->file); - if (ret != ISC_R_SUCCESS) { + result = isc_lex_openfile(lex, ksr->file); + if (result != ISC_R_SUCCESS) { fatal("unable to open KSR file %s: %s", ksr->file, - isc_result_totext(ret)); + isc_result_totext(result)); } - for (ret = isc_lex_gettoken(lex, opt, &token); ret == ISC_R_SUCCESS; - ret = isc_lex_gettoken(lex, opt, &token)) + for (result = isc_lex_gettoken(lex, opt, &token); + result == ISC_R_SUCCESS; + result = isc_lex_gettoken(lex, opt, &token)) { if (token.type != isc_tokentype_string) { fatal("bad KSR file %s(%lu): syntax error", ksr->file, @@ -1245,13 +1231,13 @@ sign(ksr_ctx_t *ksr) { readline: /* Read remainder of header line */ do { - ret = isc_lex_gettoken(lex, opt, &token); - if (ret != ISC_R_SUCCESS) { + result = isc_lex_gettoken(lex, opt, &token); + if (result != ISC_R_SUCCESS) { fatal("bad KSR file %s(%lu): bad " "header (%s)", ksr->file, isc_lex_getsourceline(lex), - isc_result_totext(ret)); + isc_result_totext(result)); } } while (token.type != isc_tokentype_eol); } else { @@ -1268,11 +1254,11 @@ sign(ksr_ctx_t *ksr) { rdata = isc_mem_get(isc_g_mctx, sizeof(*rdata)); dns_rdata_init(rdata); isc_buffer_init(&buf, rdatabuf, sizeof(rdatabuf)); - ret = parse_dnskey(lex, STR(token), &buf, &ttl); - if (ret != ISC_R_SUCCESS) { + result = parse_dnskey(lex, STR(token), &buf, &ttl); + if (result != ISC_R_SUCCESS) { fatal("bad KSR file %s(%lu): bad DNSKEY (%s)", ksr->file, isc_lex_getsourceline(lex), - isc_result_totext(ret)); + isc_result_totext(result)); } isc_buffer_usedregion(&buf, &r); isc_buffer_allocate(isc_g_mctx, &newbuf, r.length); @@ -1290,7 +1276,7 @@ sign(ksr_ctx_t *ksr) { } } - if (ret != ISC_R_EOF) { + if (result != ISC_R_EOF) { fatal("bad KSR file %s(%lu): trailing garbage data", ksr->file, isc_lex_getsourceline(lex)); } @@ -1308,14 +1294,14 @@ sign(ksr_ctx_t *ksr) { fprintf(stdout, ";; SignedKeyResponse 1.0 generated at %s by %s\n", timestr, PACKAGE_VERSION); -fail: +cleanup: isc_lex_destroy(&lex); cleanup(&keys, kasp); } int main(int argc, char *argv[]) { - isc_result_t ret; + isc_result_t result; isc_buffer_t buf; int ch; char *endp; @@ -1354,10 +1340,10 @@ main(int argc, char *argv[]) { break; case 'K': ksr.keydir = isc_commandline_argument; - ret = try_dir(ksr.keydir); - if (ret != ISC_R_SUCCESS) { + result = try_dir(ksr.keydir); + if (result != ISC_R_SUCCESS) { fatal("cannot open directory %s: %s", - ksr.keydir, isc_result_totext(ret)); + ksr.keydir, isc_result_totext(result)); } break; case 'k': @@ -1405,10 +1391,10 @@ main(int argc, char *argv[]) { name = dns_fixedname_initname(&fname); isc_buffer_init(&buf, argv[1], strlen(argv[1])); isc_buffer_add(&buf, strlen(argv[1])); - ret = dns_name_fromtext(name, &buf, dns_rootname, 0); - if (ret != ISC_R_SUCCESS) { + result = dns_name_fromtext(name, &buf, dns_rootname, 0); + if (result != ISC_R_SUCCESS) { fatal("invalid zone name %s: %s", argv[1], - isc_result_totext(ret)); + isc_result_totext(result)); } /* command */ diff --git a/bin/named/controlconf.c b/bin/named/controlconf.c index e1d1a46d7e..a4aba2ea25 100644 --- a/bin/named/controlconf.c +++ b/bin/named/controlconf.c @@ -149,14 +149,6 @@ ISC_REFCOUNT_DECL(controlconnection); #define CLOCKSKEW 300 -#define CHECK(x) \ - { \ - result = (x); \ - if (result != ISC_R_SUCCESS) { \ - goto cleanup; \ - } \ - } - static void free_controlkey(controlkey_t *key, isc_mem_t *mctx) { if (key->keyname != NULL) { diff --git a/bin/named/logconf.c b/bin/named/logconf.c index 1b0412009d..b1e8cdc7f9 100644 --- a/bin/named/logconf.c +++ b/bin/named/logconf.c @@ -28,13 +28,6 @@ #include #include -#define CHECK(op) \ - do { \ - result = (op); \ - if (result != ISC_R_SUCCESS) \ - goto cleanup; \ - } while (0) - /*% * Set up a logging category according to the named.conf data * in 'ccat' and add it to 'logconfig'. diff --git a/bin/named/server.c b/bin/named/server.c index a6f262b3c0..f99e897dd7 100644 --- a/bin/named/server.c +++ b/bin/named/server.c @@ -180,13 +180,6 @@ * Check an operation for failure. Assumes that the function * using it has a 'result' variable and a 'cleanup' label. */ -#define CHECK(op) \ - do { \ - result = (op); \ - if (result != ISC_R_SUCCESS) \ - goto cleanup; \ - } while (0) - #define TCHECK(op) \ do { \ tresult = (op); \ diff --git a/bin/named/statschannel.c b/bin/named/statschannel.c index eacb2d25ea..a56f0cc58f 100644 --- a/bin/named/statschannel.c +++ b/bin/named/statschannel.c @@ -64,14 +64,6 @@ #define STATS_JSON_VERSION_MINOR "8" #define STATS_JSON_VERSION STATS_JSON_VERSION_MAJOR "." STATS_JSON_VERSION_MINOR -#define CHECK(m) \ - do { \ - result = (m); \ - if (result != ISC_R_SUCCESS) { \ - goto cleanup; \ - } \ - } while (0) - struct named_statschannel { /* Unlocked */ isc_httpdmgr_t *httpdmgr; diff --git a/bin/named/tkeyconf.c b/bin/named/tkeyconf.c index 768e0fac05..633d19c61e 100644 --- a/bin/named/tkeyconf.c +++ b/bin/named/tkeyconf.c @@ -21,6 +21,7 @@ #include +#include #include void @@ -28,11 +29,10 @@ named_tkeyctx_fromconfig(const cfg_obj_t *options, isc_mem_t *mctx, dns_tkeyctx_t **tctxp) { isc_result_t result; dns_tkeyctx_t *tctx = NULL; - const cfg_obj_t *obj; + const cfg_obj_t *obj = NULL; dns_tkeyctx_create(mctx, &tctx); - obj = NULL; result = cfg_map_get(options, "tkey-gssapi-keytab", &obj); if (result == ISC_R_SUCCESS) { const char *s = cfg_obj_asstring(obj); diff --git a/bin/named/transportconf.c b/bin/named/transportconf.c index bedb3d5243..de02ab7bb2 100644 --- a/bin/named/transportconf.c +++ b/bin/named/transportconf.c @@ -183,11 +183,6 @@ failure: return result; } -#define CHECK(f) \ - if ((result = f) != ISC_R_SUCCESS) { \ - goto failure; \ - } - static isc_result_t transport_list_fromconfig(const cfg_obj_t *config, dns_transport_list_t *list) { const cfg_obj_t *obj = NULL; diff --git a/bin/named/zoneconf.c b/bin/named/zoneconf.c index 15a1a8c71a..9ad15e0547 100644 --- a/bin/named/zoneconf.c +++ b/bin/named/zoneconf.c @@ -62,13 +62,6 @@ typedef enum { allow_update_forwarding } acl_type_t; -#define CHECK(x) \ - do { \ - result = (x); \ - if (result != ISC_R_SUCCESS) \ - goto cleanup; \ - } while (0) - /*% * Convenience function for configuring a single zone ACL. */ @@ -2141,12 +2134,9 @@ named_zone_loadplugins(dns_zone_t *zone, const cfg_obj_t *config, ns_plugins_create(zmctx, &hookdata.plugins); dns_zone_setplugins(zone, hookdata.plugins, ns_plugins_free); - result = cfg_pluginlist_foreach(config, tpluginlist, aclctx, - named_register_one_plugin, - &hookdata); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(cfg_pluginlist_foreach(config, tpluginlist, aclctx, + named_register_one_plugin, + &hookdata)); result = cfg_pluginlist_foreach(config, zpluginlist, aclctx, named_register_one_plugin, diff --git a/bin/plugins/filter-a.c b/bin/plugins/filter-a.c index fff9cc9745..d5a9d0b268 100644 --- a/bin/plugins/filter-a.c +++ b/bin/plugins/filter-a.c @@ -46,14 +46,6 @@ #include #include -#define CHECK(op) \ - do { \ - result = (op); \ - if (result != ISC_R_SUCCESS) { \ - goto cleanup; \ - } \ - } while (0) - /* * Possible values for the settings of filter-a-on-v6 and * filter-a-on-v4: "no" is NONE, "yes" is FILTER, "break-dnssec" diff --git a/bin/plugins/filter-aaaa.c b/bin/plugins/filter-aaaa.c index 986267c5a6..007d952e7e 100644 --- a/bin/plugins/filter-aaaa.c +++ b/bin/plugins/filter-aaaa.c @@ -46,14 +46,6 @@ #include #include -#define CHECK(op) \ - do { \ - result = (op); \ - if (result != ISC_R_SUCCESS) { \ - goto cleanup; \ - } \ - } while (0) - /* * Possible values for the settings of filter-aaaa-on-v4 and * filter-aaaa-on-v6: "no" is NONE, "yes" is FILTER, "break-dnssec" diff --git a/bin/plugins/synthrecord.c b/bin/plugins/synthrecord.c index e348d55a64..3fdd7633f6 100644 --- a/bin/plugins/synthrecord.c +++ b/bin/plugins/synthrecord.c @@ -21,14 +21,6 @@ #include -#define CHECK(op) \ - do { \ - result = (op); \ - if (result != ISC_R_SUCCESS) { \ - goto cleanup; \ - } \ - } while (0) - #define DEFAULT_TTL 300 typedef enum { UNDEFINED, FORWARD, REVERSE } synthrecord_mode_t; diff --git a/bin/tests/system/dlzexternal/driver/driver.c b/bin/tests/system/dlzexternal/driver/driver.c index 9750fdc96a..47ab393e73 100644 --- a/bin/tests/system/dlzexternal/driver/driver.c +++ b/bin/tests/system/dlzexternal/driver/driver.c @@ -49,13 +49,6 @@ dlz_dlopen_addrdataset_t dlz_addrdataset; dlz_dlopen_subrdataset_t dlz_subrdataset; dlz_dlopen_delrdataset_t dlz_delrdataset; -#define CHECK(x) \ - do { \ - result = (x); \ - if (result != ISC_R_SUCCESS) \ - goto failure; \ - } while (0) - #define loginfo(...) \ ({ \ if ((state != NULL) && (state->log != NULL)) \ @@ -258,7 +251,6 @@ dlz_create(const char *dlzname, unsigned int argc, char *argv[], void **dbdata, const char *helper_name; va_list ap; char soa_data[sizeof("@ hostmaster.root 123 900 600 86400 3600")]; - isc_result_t result; size_t n; UNUSED(dlzname); @@ -306,7 +298,8 @@ dlz_create(const char *dlzname, unsigned int argc, char *argv[], void **dbdata, } if (n >= sizeof(soa_data)) { - CHECK(ISC_R_NOSPACE); + free(state); + return ISC_R_NOSPACE; } add_name(state, &state->current[0], state->zone_name, "soa", 3600, @@ -320,10 +313,6 @@ dlz_create(const char *dlzname, unsigned int argc, char *argv[], void **dbdata, *dbdata = state; return ISC_R_SUCCESS; - -failure: - free(state); - return result; } /* diff --git a/bin/tests/system/dyndb/driver/util.h b/bin/tests/system/dyndb/driver/util.h index e3ccedfe7e..b870b781f7 100644 --- a/bin/tests/system/dyndb/driver/util.h +++ b/bin/tests/system/dyndb/driver/util.h @@ -38,16 +38,3 @@ #include #include "log.h" - -#define CLEANUP_WITH(result_code) \ - do { \ - result = (result_code); \ - goto cleanup; \ - } while (0) - -#define CHECK(op) \ - do { \ - result = (op); \ - if (result != ISC_R_SUCCESS) \ - goto cleanup; \ - } while (0) diff --git a/bin/tests/system/dyndb/driver/zone.c b/bin/tests/system/dyndb/driver/zone.c index 9a02d4357c..0264216fec 100644 --- a/bin/tests/system/dyndb/driver/zone.c +++ b/bin/tests/system/dyndb/driver/zone.c @@ -130,8 +130,8 @@ publish_zone(sample_instance_t *inst, dns_zone_t *zone) { /* Return success if the zone is already in the view as expected. */ result = dns_view_findzone(inst->view, dns_zone_getorigin(zone), DNS_ZTFIND_EXACT, &zone_in_view); - if (result != ISC_R_SUCCESS && result != ISC_R_NOTFOUND) { - goto cleanup; + if (result != ISC_R_NOTFOUND) { + CHECK(result); } view_in_zone = dns_zone_getview(zone); @@ -139,7 +139,8 @@ publish_zone(sample_instance_t *inst, dns_zone_t *zone) { /* Zone has a view set -> view should contain the same zone. */ if (zone_in_view == zone) { /* Zone is already published in the right view. */ - CLEANUP_WITH(ISC_R_SUCCESS); + result = ISC_R_SUCCESS; + goto cleanup; } else if (view_in_zone != inst->view) { /* * Un-published inactive zone will have @@ -149,7 +150,7 @@ publish_zone(sample_instance_t *inst, dns_zone_t *zone) { dns_zone_log(zone, ISC_LOG_ERROR, "zone->view doesn't " "match data in the view"); - CLEANUP_WITH(ISC_R_UNEXPECTED); + CHECK(ISC_R_UNEXPECTED); } } @@ -157,7 +158,7 @@ publish_zone(sample_instance_t *inst, dns_zone_t *zone) { dns_zone_log(zone, ISC_LOG_ERROR, "cannot publish zone: view already " "contains another zone with this name"); - CLEANUP_WITH(ISC_R_UNEXPECTED); + CHECK(ISC_R_UNEXPECTED); } if (inst->view->frozen) { diff --git a/bin/tests/system/hooks/driver/test-async.c b/bin/tests/system/hooks/driver/test-async.c index 376529e15e..af140e39ba 100644 --- a/bin/tests/system/hooks/driver/test-async.c +++ b/bin/tests/system/hooks/driver/test-async.c @@ -35,14 +35,6 @@ #include #include -#define CHECK(op) \ - do { \ - result = (op); \ - if (result != ISC_R_SUCCESS) { \ - goto cleanup; \ - } \ - } while (0) - /* * Persistent data for use by this module. This will be associated * with client object address in the hash table, and will remain diff --git a/bin/tests/system/hooks/driver/test-syncplugin.c b/bin/tests/system/hooks/driver/test-syncplugin.c index a38379a916..36409bbda9 100644 --- a/bin/tests/system/hooks/driver/test-syncplugin.c +++ b/bin/tests/system/hooks/driver/test-syncplugin.c @@ -28,14 +28,6 @@ typedef struct { char *firstlbl; } syncplugin_t; -#define CHECK(op) \ - do { \ - result = (op); \ - if (result != ISC_R_SUCCESS) { \ - goto cleanup; \ - } \ - } while (0) - static ns_hookresult_t syncplugin__hook(void *arg, void *cbdata, isc_result_t *resp) { query_ctx_t *qctx = (query_ctx_t *)arg; @@ -82,14 +74,11 @@ static cfg_type_t syncplugin__cfgparams = { static isc_result_t syncplugin__parse_rcode(const cfg_obj_t *syncplugincfg, uint8_t *rcode) { - isc_result_t result; + isc_result_t result = ISC_R_SUCCESS; const cfg_obj_t *obj = NULL; const char *rcodestr = NULL; - result = cfg_map_get(syncplugincfg, "rcode", &obj); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(cfg_map_get(syncplugincfg, "rcode", &obj)); rcodestr = obj->value.string.base; diff --git a/bin/tests/system/pipelined/pipequeries.c b/bin/tests/system/pipelined/pipequeries.c index 1e3340e06f..3d6c26211b 100644 --- a/bin/tests/system/pipelined/pipequeries.c +++ b/bin/tests/system/pipelined/pipequeries.c @@ -43,7 +43,7 @@ #include #include -#define CHECK(str, x) \ +#define CHECKM(str, x) \ { \ if ((x) != ISC_R_SUCCESS) { \ fprintf(stderr, "I:%s: %s\n", (str), \ @@ -84,7 +84,7 @@ recvresponse(void *arg) { result = dns_request_getresponse(request, response, DNS_MESSAGEPARSE_PRESERVEORDER); - CHECK("dns_request_getresponse", result); + CHECKM("dns_request_getresponse", result); if (response->rcode != dns_rcode_noerror) { result = dns_result_fromrcode(response->rcode); @@ -101,7 +101,7 @@ recvresponse(void *arg) { result = dns_message_sectiontotext( response, DNS_SECTION_ANSWER, &dns_master_style_simple, DNS_MESSAGETEXTFLAG_NOCOMMENTS, &outbuf); - CHECK("dns_message_sectiontotext", result); + CHECKM("dns_message_sectiontotext", result); printf("%.*s", (int)isc_buffer_usedlength(&outbuf), (char *)isc_buffer_base(&outbuf)); fflush(stdout); @@ -140,7 +140,7 @@ sendquery(void) { isc_buffer_add(&buf, strlen(host)); result = dns_name_fromtext(dns_fixedname_name(&queryname), &buf, dns_rootname, 0); - CHECK("dns_name_fromtext", result); + CHECKM("dns_name_fromtext", result); dns_message_create(isc_g_mctx, NULL, NULL, DNS_MESSAGE_INTENTRENDER, &message); @@ -164,7 +164,7 @@ sendquery(void) { requestmgr, message, have_src ? &srcaddr : NULL, &dstaddr, NULL, NULL, DNS_REQUESTOPT_TCP, NULL, TIMEOUT, TIMEOUT, 0, 0, isc_loop_main(), recvresponse, message, &request); - CHECK("dns_request_create", result); + CHECKM("dns_request_create", result); return ISC_R_SUCCESS; } @@ -258,13 +258,13 @@ main(int argc, char *argv[]) { result = ISC_R_FAILURE; if (inet_pton(AF_INET, "10.53.0.7", &inaddr) != 1) { - CHECK("inet_pton", result); + CHECKM("inet_pton", result); } isc_sockaddr_fromin(&srcaddr, &inaddr, 0); result = ISC_R_FAILURE; if (inet_pton(AF_INET, "10.53.0.4", &inaddr) != 1) { - CHECK("inet_pton", result); + CHECKM("inet_pton", result); } isc_sockaddr_fromin(&dstaddr, &inaddr, port); diff --git a/bin/tests/system/rsabigexponent/bigkey.c b/bin/tests/system/rsabigexponent/bigkey.c index af09f42b77..9e6e57ef0c 100644 --- a/bin/tests/system/rsabigexponent/bigkey.c +++ b/bin/tests/system/rsabigexponent/bigkey.c @@ -57,7 +57,7 @@ RSA *rsa; BIGNUM *e; EVP_PKEY *pkey; -#define CHECK(op, msg) \ +#define CHECKM(op, msg) \ do { \ result = (op); \ if (result != ISC_R_SUCCESS) { \ @@ -116,22 +116,20 @@ main(int argc, char **argv) { name = dns_fixedname_initname(&fname); isc_buffer_constinit(&buf, "example.", strlen("example.")); isc_buffer_add(&buf, strlen("example.")); - CHECK(dns_name_fromtext(name, &buf, dns_rootname, 0, NULL), "dns_name_" - "fromtext(" - "\"example." - "\")"); + CHECKM(dns_name_fromtext(name, &buf, dns_rootname, 0, NULL), + "dns_name_fromtext(\"example.\")"); - CHECK(dst_key_buildinternal(name, DNS_KEYALG_RSASHA256, bits, - DNS_KEYOWNER_ZONE, DNS_KEYPROTO_DNSSEC, - dns_rdataclass_in, pkey, isc_g_mctx, &key), - "dst_key_buildinternal(...)"); + CHECKM(dst_key_buildinternal(name, DNS_KEYALG_RSASHA256, bits, + DNS_KEYOWNER_ZONE, DNS_KEYPROTO_DNSSEC, + dns_rdataclass_in, pkey, isc_g_mctx, &key), + "dst_key_buildinternal(...)"); - CHECK(dst_key_tofile(key, DST_TYPE_PRIVATE | DST_TYPE_PUBLIC, NULL), - "dst_key_tofile()"); + CHECKM(dst_key_tofile(key, DST_TYPE_PRIVATE | DST_TYPE_PUBLIC, NULL), + "dst_key_tofile()"); isc_buffer_init(&buf, filename, sizeof(filename) - 1); isc_buffer_clear(&buf); - CHECK(dst_key_buildfilename(key, 0, NULL, &buf), "dst_key_" - "buildfilename()"); + CHECKM(dst_key_buildfilename(key, 0, NULL, &buf), + "dst_key_buildfilename()"); printf("%s\n", filename); dst_key_free(&key); diff --git a/bin/tools/mdig.c b/bin/tools/mdig.c index 4aa31d9c29..4a25eeecf8 100644 --- a/bin/tools/mdig.c +++ b/bin/tools/mdig.c @@ -53,7 +53,7 @@ #include #include -#define CHECK(str, x) \ +#define CHECKM(str, x) \ { \ if ((x) != ISC_R_SUCCESS) { \ fprintf(stderr, "mdig: %s failed with %s\n", (str), \ @@ -221,7 +221,7 @@ recvresponse(void *arg) { msgbuf = dns_request_getanswer(request); result = dns_request_getresponse(request, response, parseflags); - CHECK("dns_request_getresponse", result); + CHECKM("dns_request_getresponse", result); styleflags |= DNS_STYLEFLAG_REL_OWNER; if (yaml) { @@ -277,7 +277,7 @@ recvresponse(void *arg) { 48, 80, 8, display_splitwidth, isc_g_mctx); } - CHECK("dns_master_stylecreate2", result); + CHECKM("dns_master_stylecreate2", result); flags = 0; if (!display_headers) { @@ -341,7 +341,7 @@ recvresponse(void *arg) { printf(" %s:\n", "response_message_data"); result = dns_message_headertotext(response, style, flags, buf); - CHECK("dns_message_headertotext", result); + CHECKM("dns_message_headertotext", result); } else if (display_comments && !display_short_form) { printf(";; Got answer:\n"); @@ -404,7 +404,7 @@ repopulate_buffer: isc_buffer_allocate(isc_g_mctx, &buf, len); goto repopulate_buffer; } - CHECK("dns_message_pseudosectiontotext", result); + CHECKM("dns_message_pseudosectiontotext", result); } if (display_question && display_headers && !display_short_form) { @@ -413,7 +413,7 @@ repopulate_buffer: if (result == ISC_R_NOSPACE) { goto buftoosmall; } - CHECK("dns_message_sectiontotext", result); + CHECKM("dns_message_sectiontotext", result); } if (display_answer && !display_short_form) { @@ -422,7 +422,7 @@ repopulate_buffer: if (result == ISC_R_NOSPACE) { goto buftoosmall; } - CHECK("dns_message_sectiontotext", result); + CHECKM("dns_message_sectiontotext", result); } else if (display_answer) { dns_name_t empty_name; unsigned int answerstyleflags = 0; @@ -447,8 +447,7 @@ repopulate_buffer: if (result == ISC_R_NOSPACE) { goto buftoosmall; } - - CHECK("dns_rdata_tofmttext", result); + CHECKM("dns_rdata_tofmttext", result); if (strlen("\n") >= isc_buffer_availablelength(buf)) { @@ -466,7 +465,7 @@ repopulate_buffer: if (result == ISC_R_NOSPACE) { goto buftoosmall; } - CHECK("dns_message_sectiontotext", result); + CHECKM("dns_message_sectiontotext", result); } if (display_additional && !display_short_form) { @@ -475,7 +474,7 @@ repopulate_buffer: if (result == ISC_R_NOSPACE) { goto buftoosmall; } - CHECK("dns_message_sectiontotext", result); + CHECKM("dns_message_sectiontotext", result); } if (display_additional && !display_short_form && display_headers) { @@ -487,13 +486,13 @@ repopulate_buffer: if (result == ISC_R_NOSPACE) { goto buftoosmall; } - CHECK("dns_message_pseudosectiontotext", result); + CHECKM("dns_message_pseudosectiontotext", result); result = dns_message_pseudosectiontotext( response, DNS_PSEUDOSECTION_SIG0, style, flags, buf); if (result == ISC_R_NOSPACE) { goto buftoosmall; } - CHECK("dns_message_pseudosectiontotext", result); + CHECKM("dns_message_pseudosectiontotext", result); } if (display_headers && display_comments && !display_short_form && !yaml) @@ -549,7 +548,7 @@ sendquery(struct query *query) { isc_buffer_add(&buf, strlen(query->textname)); result = dns_name_fromtext(dns_fixedname_name(&queryname), &buf, dns_rootname, 0); - CHECK("dns_name_fromtext", result); + CHECKM("dns_name_fromtext", result); dns_message_create(isc_g_mctx, NULL, NULL, DNS_MESSAGE_INTENTRENDER, &message); @@ -608,7 +607,7 @@ sendquery(struct query *query) { if (query->nsid) { dns_ednsopt_t option = { .code = DNS_OPT_NSID }; result = dns_message_ednsaddopt(message, &option); - CHECK("dns_message_ednsaddopt", result); + CHECKM("dns_message_ednsaddopt", result); } if (query->ecs_addr != NULL) { @@ -663,7 +662,7 @@ sendquery(struct query *query) { .length = (uint16_t)addrl + 4 }; result = dns_message_ednsaddopt(message, &option); - CHECK("dns_message_ednsaddopt", result); + CHECKM("dns_message_ednsaddopt", result); } if (query->send_cookie) { @@ -674,7 +673,7 @@ sendquery(struct query *query) { isc_buffer_init(&b, cookie, sizeof(cookie)); result = isc_hex_decodestring(query->cookie, &b); - CHECK("isc_hex_decodestring", result); + CHECKM("isc_hex_decodestring", result); option.value = isc_buffer_base(&b); option.length = isc_buffer_usedlength(&b); } else { @@ -684,25 +683,25 @@ sendquery(struct query *query) { } result = dns_message_ednsaddopt(message, &option); - CHECK("dns_message_ednsaddopt", result); + CHECKM("dns_message_ednsaddopt", result); } if (query->expire) { dns_ednsopt_t option = { .code = DNS_OPT_EXPIRE }; result = dns_message_ednsaddopt(message, &option); - CHECK("dns_message_ednsaddopt", result); + CHECKM("dns_message_ednsaddopt", result); } if (query->ednsoptscnt != 0) { for (size_t i = 0; i < query->ednsoptscnt; i++) { result = dns_message_ednsaddopt( message, &query->ednsopts[i]); - CHECK("dns_message_ednsaddopt", result); + CHECKM("dns_message_ednsaddopt", result); } } result = dns_message_setopt(message); - CHECK("dns_message_setopt", result); + CHECKM("dns_message_setopt", result); } if (tcp_mode) { @@ -714,7 +713,7 @@ sendquery(struct query *query) { NULL, options, NULL, query->timeout, query->timeout, query->udptimeout, query->udpretries, isc_loop_main(), recvresponse, message, &request); - CHECK("dns_request_create", result); + CHECKM("dns_request_create", result); return ISC_R_SUCCESS; } @@ -928,7 +927,7 @@ save_opt(struct query *query, char *code, char *value) { buf = isc_mem_allocate(isc_g_mctx, strlen(value) / 2 + 1); isc_buffer_init(&b, buf, strlen(value) / 2 + 1); result = isc_hex_decodestring(value, &b); - CHECK("isc_hex_decodestring", result); + CHECKM("isc_hex_decodestring", result); query->ednsopts[query->ednsoptscnt].value = isc_buffer_base(&b); query->ednsopts[query->ednsoptscnt].length = isc_buffer_usedlength(&b); @@ -1025,9 +1024,9 @@ reverse_octets(const char *in, char **p, char *end) { if (dot != NULL) { isc_result_t result; result = reverse_octets(dot + 1, p, end); - CHECK("reverse_octets", result); + CHECKM("reverse_octets", result); result = append(".", 1, p, end); - CHECK("append", result); + CHECKM("append", result); len = (int)(dot - in); } else { len = strlen(in); @@ -1050,7 +1049,7 @@ get_reverse(char *reverse, size_t len, const char *value) { name = dns_fixedname_initname(&fname); result = dns_byaddr_createptrname(&addr, name); - CHECK("dns_byaddr_createptrname", result); + CHECKM("dns_byaddr_createptrname", result); dns_name_format(name, reverse, (unsigned int)len); return; } else { @@ -1064,10 +1063,10 @@ get_reverse(char *reverse, size_t len, const char *value) { char *p = reverse; char *end = reverse + len; result = reverse_octets(value, &p, end); - CHECK("reverse_octets", result); + CHECKM("reverse_octets", result); /* Append .in-addr.arpa. and a terminating NUL. */ result = append(".in-addr.arpa.", 15, &p, end); - CHECK("append", result); + CHECKM("append", result); return; } } @@ -1184,7 +1183,7 @@ plus_option(char *option, struct query *query, bool global) { } result = parse_uint(&num, value, COMMSIZE, "buffer size"); - CHECK("parse_uint(buffer size)", result); + CHECKM("parse_uint(buffer size)", result); query->udpsize = num; break; case 'r': /* burst */ @@ -1294,8 +1293,8 @@ plus_option(char *option, struct query *query, bool global) { result = parse_uint(&num, value, 255, "edns"); - CHECK("parse_uint(edns)", - result); + CHECKM("parse_uint(edns)", + result); query->edns = num; break; case 'f': @@ -1311,8 +1310,8 @@ plus_option(char *option, struct query *query, bool global) { result = parse_xint( &num, value, 0xffff, "ednsflags"); - CHECK("parse_xint(ednsflags)", - result); + CHECKM("parse_xint(ednsflags)", + result); if (query->edns == -1) { query->edns = 1; } @@ -1394,7 +1393,7 @@ plus_option(char *option, struct query *query, bool global) { } result = parse_uint(&query->udpretries, value, MAXTRIES - 1, "udpretries"); - CHECK("parse_uint(udpretries)", result); + CHECKM("parse_uint(udpretries)", result); break; default: goto invalid_option; @@ -1458,7 +1457,7 @@ plus_option(char *option, struct query *query, bool global) { if (display_splitwidth) { display_splitwidth += 3; } - CHECK("parse_uint(split)", result); + CHECKM("parse_uint(split)", result); break; case 'u': /* subnet */ FULLCHECK("subnet"); @@ -1476,7 +1475,7 @@ plus_option(char *option, struct query *query, bool global) { query->edns = 0; } result = parse_netprefix(&query->ecs_addr, value); - CHECK("parse_netprefix", result); + CHECKM("parse_netprefix", result); break; default: goto invalid_option; @@ -1499,7 +1498,7 @@ plus_option(char *option, struct query *query, bool global) { } result = parse_uint(&query->timeout, value, MAXTIMEOUT, "timeout"); - CHECK("parse_uint(timeout)", result); + CHECKM("parse_uint(timeout)", result); if (query->timeout == 0) { query->timeout = 1; } @@ -1514,7 +1513,7 @@ plus_option(char *option, struct query *query, bool global) { } result = parse_uint(&query->udpretries, value, MAXTRIES, "udpretries"); - CHECK("parse_uint(udpretries)", result); + CHECKM("parse_uint(udpretries)", result); if (query->udpretries > 0) { query->udpretries -= 1; } @@ -1559,7 +1558,7 @@ plus_option(char *option, struct query *query, bool global) { } result = parse_uint(&query->udptimeout, value, MAXTIMEOUT, "udptimeout"); - CHECK("parse_uint(udptimeout)", result); + CHECKM("parse_uint(udptimeout)", result); break; case 'n': FULLCHECK("unknownformat"); @@ -1689,7 +1688,7 @@ dash_option(const char *option, char *next, struct query *query, bool global, if (hash != NULL) { result = parse_uint(&num, hash + 1, MAXPORT, "port number"); - CHECK("parse_uint(srcport)", result); + CHECKM("parse_uint(srcport)", result); srcport = num; *hash = '\0'; } else { @@ -1717,7 +1716,7 @@ dash_option(const char *option, char *next, struct query *query, bool global, tr.length = strlen(value); result = dns_rdataclass_fromtext(&rdclass, (isc_textregion_t *)&tr); - CHECK("dns_rdataclass_fromtext", result); + CHECKM("dns_rdataclass_fromtext", result); query->rdclass = rdclass; return value_from_next; case 'f': @@ -1726,7 +1725,7 @@ dash_option(const char *option, char *next, struct query *query, bool global, case 'p': GLOBAL(); result = parse_uint(&num, value, MAXPORT, "port number"); - CHECK("parse_uint(port)", result); + CHECKM("parse_uint(port)", result); port = num; return value_from_next; case 't': @@ -1734,7 +1733,7 @@ dash_option(const char *option, char *next, struct query *query, bool global, tr.length = strlen(value); result = dns_rdatatype_fromtext(&rdtype, (isc_textregion_t *)&tr); - CHECK("dns_rdatatype_fromtext", result); + CHECKM("dns_rdatatype_fromtext", result); query->rdtype = rdtype; return value_from_next; case 'x': diff --git a/fuzz/dns_qpkey_name.c b/fuzz/dns_qpkey_name.c index c66eba8ea8..ca7bb5ae2a 100644 --- a/fuzz/dns_qpkey_name.c +++ b/fuzz/dns_qpkey_name.c @@ -44,6 +44,7 @@ LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) { isc_buffer_t buf; dns_qpkey_t key, cmp; dns_namespace_t space; + isc_result_t result; namein = dns_fixedname_initname(&fixedin); nameout = dns_fixedname_initname(&fixedout); @@ -77,5 +78,6 @@ LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) { assert((namerel > 0) == (keyrel > 0)); assert(space == DNS_DBNAMESPACE_NORMAL); +cleanup: return 0; } diff --git a/fuzz/dns_rdata_fromwire_text.c b/fuzz/dns_rdata_fromwire_text.c index cea16f5595..0e0f244766 100644 --- a/fuzz/dns_rdata_fromwire_text.c +++ b/fuzz/dns_rdata_fromwire_text.c @@ -210,5 +210,6 @@ LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) { assert(target.used == size); assert(!memcmp(target.base, data, size)); +cleanup: return 0; } diff --git a/fuzz/fuzz.h b/fuzz/fuzz.h index 7f8a2f1feb..95532e3855 100644 --- a/fuzz/fuzz.h +++ b/fuzz/fuzz.h @@ -32,8 +32,3 @@ LLVMFuzzerInitialize(int *argc ISC_ATTR_UNUSED, char ***argv ISC_ATTR_UNUSED); int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size); - -#define CHECK(x) \ - if ((x) != ISC_R_SUCCESS) { \ - return (0); \ - } diff --git a/fuzz/isc_lex_getmastertoken.c b/fuzz/isc_lex_getmastertoken.c index 2a65705054..1fa5803d66 100644 --- a/fuzz/isc_lex_getmastertoken.c +++ b/fuzz/isc_lex_getmastertoken.c @@ -71,5 +71,6 @@ LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) { result = isc_lex_getmastertoken(lex, &token, expect, eol); } while (result == ISC_R_SUCCESS && token.type != isc_tokentype_eof); +cleanup: return 0; } diff --git a/fuzz/isc_lex_gettoken.c b/fuzz/isc_lex_gettoken.c index 3acbe2ddba..a574368df2 100644 --- a/fuzz/isc_lex_gettoken.c +++ b/fuzz/isc_lex_gettoken.c @@ -50,5 +50,6 @@ LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) { result = isc_lex_gettoken(lex, 0, &token); } while (result == ISC_R_SUCCESS); +cleanup: return 0; } diff --git a/lib/dns/client.c b/lib/dns/client.c index c4f32e7595..bca416c480 100644 --- a/lib/dns/client.c +++ b/lib/dns/client.c @@ -59,13 +59,6 @@ #define UCTX_MAGIC ISC_MAGIC('U', 'c', 't', 'x') #define UCTX_VALID(c) ISC_MAGIC_VALID(c, UCTX_MAGIC) -#define CHECK(r) \ - do { \ - result = (r); \ - if (result != ISC_R_SUCCESS) \ - goto cleanup; \ - } while (0) - /*% * DNS client object */ diff --git a/lib/dns/diff.c b/lib/dns/diff.c index 82452968ad..d873c4365b 100644 --- a/lib/dns/diff.c +++ b/lib/dns/diff.c @@ -36,13 +36,6 @@ #include #include -#define CHECK(op) \ - do { \ - result = (op); \ - if (result != ISC_R_SUCCESS) \ - goto failure; \ - } while (0) - static dns_rdatatype_t rdata_covers(dns_rdata_t *rdata) { return rdata->type == dns_rdatatype_rrsig ? dns_rdata_covers(rdata) : 0; @@ -494,7 +487,7 @@ diff_apply(const dns_diff_t *diff, dns_db_t *db, dns_dbversion_t *ver, } return ISC_R_SUCCESS; -failure: +cleanup: if (node != NULL) { dns_db_detachnode(&node); } @@ -584,7 +577,7 @@ dns_diff_load(const dns_diff_t *diff, dns_rdatacallbacks_t *callbacks) { } result = ISC_R_SUCCESS; -failure: +cleanup: if (callbacks->commit != NULL) { callbacks->commit(callbacks->add_private); } diff --git a/lib/dns/dnssec.c b/lib/dns/dnssec.c index 1432a10f92..703366511d 100644 --- a/lib/dns/dnssec.c +++ b/lib/dns/dnssec.c @@ -43,13 +43,6 @@ isc_stats_t *dns_dnssec_stats; #define is_response(msg) ((msg->flags & DNS_MESSAGEFLAG_QR) != 0) -#define RETERR(x) \ - do { \ - result = (x); \ - if (result != ISC_R_SUCCESS) \ - goto failure; \ - } while (0) - #define TYPE_SIGN 0 #define TYPE_VERIFY 1 @@ -782,25 +775,25 @@ dns_dnssec_signmessage(dns_message_t *msg, dst_key_t *key) { isc_buffer_init(&databuf, data, sizeof(data)); - RETERR(dst_context_create(key, mctx, DNS_LOGCATEGORY_DNSSEC, true, - &ctx)); + CHECK(dst_context_create(key, mctx, DNS_LOGCATEGORY_DNSSEC, true, + &ctx)); /* * Digest the fields of the SIG - we can cheat and use * dns_rdata_fromstruct. Since siglen is 0, the digested data * is identical to dns format. */ - RETERR(dns_rdata_fromstruct(NULL, dns_rdataclass_any, - dns_rdatatype_sig /* SIG(0) */, &sig, - &databuf)); + CHECK(dns_rdata_fromstruct(NULL, dns_rdataclass_any, + dns_rdatatype_sig /* SIG(0) */, &sig, + &databuf)); isc_buffer_usedregion(&databuf, &r); - RETERR(dst_context_adddata(ctx, &r)); + CHECK(dst_context_adddata(ctx, &r)); /* * If this is a response, digest the query. */ if (is_response(msg)) { - RETERR(dst_context_adddata(ctx, &msg->query)); + CHECK(dst_context_adddata(ctx, &msg->query)); } /* @@ -809,29 +802,29 @@ dns_dnssec_signmessage(dns_message_t *msg, dst_key_t *key) { isc_buffer_init(&headerbuf, header, sizeof(header)); dns_message_renderheader(msg, &headerbuf); isc_buffer_usedregion(&headerbuf, &r); - RETERR(dst_context_adddata(ctx, &r)); + CHECK(dst_context_adddata(ctx, &r)); /* * Digest the remainder of the message. */ isc_buffer_usedregion(msg->buffer, &r); isc_region_consume(&r, DNS_MESSAGE_HEADERLEN); - RETERR(dst_context_adddata(ctx, &r)); + CHECK(dst_context_adddata(ctx, &r)); - RETERR(dst_key_sigsize(key, &sigsize)); + CHECK(dst_key_sigsize(key, &sigsize)); sig.siglen = sigsize; sig.signature = isc_mem_get(mctx, sig.siglen); isc_buffer_init(&sigbuf, sig.signature, sig.siglen); - RETERR(dst_context_sign(ctx, &sigbuf)); + CHECK(dst_context_sign(ctx, &sigbuf)); dst_context_destroy(&ctx); rdata = NULL; dns_message_gettemprdata(msg, &rdata); isc_buffer_allocate(msg->mctx, &dynbuf, 1024); - RETERR(dns_rdata_fromstruct(rdata, dns_rdataclass_any, - dns_rdatatype_sig /* SIG(0) */, &sig, - dynbuf)); + CHECK(dns_rdata_fromstruct(rdata, dns_rdataclass_any, + dns_rdatatype_sig /* SIG(0) */, &sig, + dynbuf)); isc_mem_put(mctx, sig.signature, sig.siglen); @@ -849,7 +842,7 @@ dns_dnssec_signmessage(dns_message_t *msg, dst_key_t *key) { return ISC_R_SUCCESS; -failure: +cleanup: if (dynbuf != NULL) { isc_buffer_free(&dynbuf); } @@ -895,21 +888,19 @@ dns_dnssec_verifymessage(isc_buffer_t *source, dns_message_t *msg, isc_buffer_usedregion(source, &source_r); - RETERR(dns_rdataset_first(msg->sig0)); + CHECK(dns_rdataset_first(msg->sig0)); dns_rdataset_current(msg->sig0, &rdata); - RETERR(dns_rdata_tostruct(&rdata, &sig, NULL)); + CHECK(dns_rdata_tostruct(&rdata, &sig, NULL)); signeedsfree = true; if (sig.labels != 0) { - result = DNS_R_SIGINVALID; - goto failure; + CHECK(DNS_R_SIGINVALID); } if (isc_serial_lt(sig.timeexpire, sig.timesigned)) { - result = DNS_R_SIGINVALID; msg->sig0status = dns_tsigerror_badtime; - goto failure; + CHECK(DNS_R_SIGINVALID); } if (msg->fuzzing) { @@ -919,36 +910,33 @@ dns_dnssec_verifymessage(isc_buffer_t *source, dns_message_t *msg, } if (isc_serial_lt((uint32_t)now, sig.timesigned)) { - result = DNS_R_SIGFUTURE; msg->sig0status = dns_tsigerror_badtime; - goto failure; + CHECK(DNS_R_SIGFUTURE); } else if (isc_serial_lt(sig.timeexpire, (uint32_t)now)) { - result = DNS_R_SIGEXPIRED; msg->sig0status = dns_tsigerror_badtime; - goto failure; + CHECK(DNS_R_SIGEXPIRED); } if (!dns_name_equal(dst_key_name(key), &sig.signer)) { - result = DNS_R_SIGINVALID; msg->sig0status = dns_tsigerror_badkey; - goto failure; + CHECK(DNS_R_SIGINVALID); } - RETERR(dst_context_create(key, mctx, DNS_LOGCATEGORY_DNSSEC, false, - &ctx)); + CHECK(dst_context_create(key, mctx, DNS_LOGCATEGORY_DNSSEC, false, + &ctx)); /* * Digest the SIG(0) record, except for the signature. */ dns_rdata_toregion(&rdata, &r); r.length -= sig.siglen; - RETERR(dst_context_adddata(ctx, &r)); + CHECK(dst_context_adddata(ctx, &r)); /* * If this is a response, digest the query. */ if (is_response(msg)) { - RETERR(dst_context_adddata(ctx, &msg->query)); + CHECK(dst_context_adddata(ctx, &msg->query)); } /* @@ -969,21 +957,21 @@ dns_dnssec_verifymessage(isc_buffer_t *source, dns_message_t *msg, */ header_r.base = (unsigned char *)header; header_r.length = DNS_MESSAGE_HEADERLEN; - RETERR(dst_context_adddata(ctx, &header_r)); + CHECK(dst_context_adddata(ctx, &header_r)); /* * Digest all non-SIG(0) records. */ r.base = source_r.base + DNS_MESSAGE_HEADERLEN; r.length = msg->sigstart - DNS_MESSAGE_HEADERLEN; - RETERR(dst_context_adddata(ctx, &r)); + CHECK(dst_context_adddata(ctx, &r)); sig_r.base = sig.signature; sig_r.length = sig.siglen; result = dst_context_verify(ctx, &sig_r); if (result != ISC_R_SUCCESS) { msg->sig0status = dns_tsigerror_badsig; - goto failure; + goto cleanup; } msg->verified_sig = 1; @@ -994,7 +982,7 @@ dns_dnssec_verifymessage(isc_buffer_t *source, dns_message_t *msg, return ISC_R_SUCCESS; -failure: +cleanup: if (signeedsfree) { dns_rdata_freestruct(&sig); } @@ -1236,7 +1224,7 @@ findmatchingkeys(const char *directory, bool rrtypekey, char *namebuf, directory = "."; } - RETERR(isc_dir_open(&dir, directory)); + CHECK(isc_dir_open(&dir, directory)); dir_open = true; while (isc_dir_read(&dir) == ISC_R_SUCCESS) { @@ -1315,7 +1303,7 @@ findmatchingkeys(const char *directory, bool rrtypekey, char *namebuf, } result = match ? ISC_R_SUCCESS : ISC_R_NOTFOUND; -failure: +cleanup: if (dir_open) { isc_dir_close(&dir); } @@ -1344,15 +1332,15 @@ dns_dnssec_findmatchingkeys(const dns_name_t *origin, dns_kasp_t *kasp, ISC_LIST_INIT(list); isc_buffer_init(&b, namebuf, sizeof(namebuf) - 1); - RETERR(dns_name_tofilenametext(origin, false, &b)); + CHECK(dns_name_tofilenametext(origin, false, &b)); len = isc_buffer_usedlength(&b); namebuf[len] = '\0'; if (kasp == NULL || (strcmp(dns_kasp_getname(kasp), "none") == 0) || (strcmp(dns_kasp_getname(kasp), "insecure") == 0)) { - RETERR(findmatchingkeys(keydir, rrtypekey, namebuf, len, mctx, - now, &list)); + CHECK(findmatchingkeys(keydir, rrtypekey, namebuf, len, mctx, + now, &list)); } else if (keystores != NULL) { ISC_LIST_FOREACH(*keystores, keystore, link) { ISC_LIST_FOREACH(dns_kasp_keys(kasp), kkey, link) { @@ -1360,7 +1348,7 @@ dns_dnssec_findmatchingkeys(const dns_name_t *origin, dns_kasp_t *kasp, const char *directory = dns_keystore_directory(keystore, keydir); - RETERR(findmatchingkeys( + CHECK(findmatchingkeys( directory, rrtypekey, namebuf, len, mctx, now, &list)); break; @@ -1376,7 +1364,7 @@ dns_dnssec_findmatchingkeys(const dns_name_t *origin, dns_kasp_t *kasp, result = ISC_R_NOTFOUND; } -failure: +cleanup: ISC_LIST_FOREACH(list, key, link) { ISC_LIST_UNLINK(list, key, link); INSIST(key->key != NULL); @@ -1556,7 +1544,7 @@ dns_dnssec_keylistfromrdataset(const dns_name_t *origin, dns_kasp_t *kasp, goto skip; } - RETERR(dns_dnssec_keyfromrdata(origin, &rdata, mctx, &dnskey)); + CHECK(dns_dnssec_keyfromrdata(origin, &rdata, mctx, &dnskey)); dst_key_setttl(dnskey, keys.ttl); if (!is_zone_key(dnskey)) { @@ -1580,7 +1568,7 @@ dns_dnssec_keylistfromrdataset(const dns_name_t *origin, dns_kasp_t *kasp, if (result == ISC_R_FILENOTFOUND || result == ISC_R_NOPERM) { result = ISC_R_SUCCESS; } - RETERR(result); + CHECK(result); if (kasp != NULL && dns_kasp_offlineksk(kasp) && (dst_key_flags(dnskey) & DNS_KEYFLAG_KSK) != 0) @@ -1663,7 +1651,7 @@ dns_dnssec_keylistfromrdataset(const dns_name_t *origin, dns_kasp_t *kasp, } goto skip; } - RETERR(result); + CHECK(result); /* * Whatever the key's default TTL may have @@ -1685,16 +1673,16 @@ dns_dnssec_keylistfromrdataset(const dns_name_t *origin, dns_kasp_t *kasp, } if (keysigs != NULL && dns_rdataset_isassociated(keysigs)) { - RETERR(mark_active_keys(keylist, keysigs)); + CHECK(mark_active_keys(keylist, keysigs)); } if (soasigs != NULL && dns_rdataset_isassociated(soasigs)) { - RETERR(mark_active_keys(keylist, soasigs)); + CHECK(mark_active_keys(keylist, soasigs)); } result = ISC_R_SUCCESS; -failure: +cleanup: if (dns_rdataset_isassociated(&keys)) { dns_rdataset_disassociate(&keys); } @@ -1758,7 +1746,7 @@ publish_key(dns_diff_t *diff, dns_dnsseckey_t *key, const dns_name_t *origin, dns_rdata_t dnskey = DNS_RDATA_INIT; dns_rdata_reset(&dnskey); - RETERR(dns_dnssec_make_dnskey(key->key, buf, sizeof(buf), &dnskey)); + CHECK(dns_dnssec_make_dnskey(key->key, buf, sizeof(buf), &dnskey)); dst_key_format(key->key, keystr, sizeof(keystr)); report("Fetching %s (%s) from key %s.", keystr, @@ -1779,7 +1767,7 @@ publish_key(dns_diff_t *diff, dns_dnsseckey_t *key, const dns_name_t *origin, /* publish key */ addrdata(&dnskey, diff, origin, ttl, mctx); -failure: +cleanup: return result; } @@ -1798,10 +1786,10 @@ remove_key(dns_diff_t *diff, dns_dnsseckey_t *key, const dns_name_t *origin, report("Removing %s key %s/%d/%s from DNSKEY RRset.", reason, namebuf, dst_key_id(key->key), alg); - RETERR(dns_dnssec_make_dnskey(key->key, buf, sizeof(buf), &dnskey)); + CHECK(dns_dnssec_make_dnskey(key->key, buf, sizeof(buf), &dnskey)); delrdata(&dnskey, diff, origin, ttl, mctx); -failure: +cleanup: return result; } @@ -1915,8 +1903,8 @@ dns_dnssec_syncupdate(dns_dnsseckeylist_t *keys, dns_dnsseckeylist_t *rmkeys, dns_rdata_t cdnskeyrdata = DNS_RDATA_INIT; dns_name_t *origin = dst_key_name(key->key); - RETERR(dns_dnssec_make_dnskey(key->key, keybuf, sizeof(keybuf), - &cdnskeyrdata)); + CHECK(dns_dnssec_make_dnskey(key->key, keybuf, sizeof(keybuf), + &cdnskeyrdata)); cdnskeyrdata.type = dns_rdatatype_cdnskey; if (syncpublish(key->key, now)) { @@ -1924,10 +1912,9 @@ dns_dnssec_syncupdate(dns_dnsseckeylist_t *keys, dns_dnsseckeylist_t *rmkeys, dst_key_format(key->key, keystr, sizeof(keystr)); ISC_LIST_FOREACH(*digests, alg, link) { - RETERR(add_cds(key, &cdnskeyrdata, - (const char *)keystr, cds, - alg->digest, cdsttl, diff, - mctx)); + CHECK(add_cds(key, &cdnskeyrdata, + (const char *)keystr, cds, + alg->digest, cdsttl, diff, mctx)); } if (gencdnskey && @@ -1992,8 +1979,8 @@ dns_dnssec_syncupdate(dns_dnsseckeylist_t *keys, dns_dnsseckeylist_t *rmkeys, char keystr[DST_KEY_FORMATSIZE]; dst_key_format(key->key, keystr, sizeof(keystr)); - RETERR(dns_dnssec_make_dnskey(key->key, keybuf, sizeof(keybuf), - &cdnskeyrdata)); + CHECK(dns_dnssec_make_dnskey(key->key, keybuf, sizeof(keybuf), + &cdnskeyrdata)); if (dns_rdataset_isassociated(cds)) { delete_cds(key, &cdnskeyrdata, (const char *)keystr, @@ -2019,7 +2006,7 @@ dns_dnssec_syncupdate(dns_dnsseckeylist_t *keys, dns_dnsseckeylist_t *rmkeys, result = ISC_R_SUCCESS; -failure: +cleanup: return result; } @@ -2125,8 +2112,8 @@ dns_dnssec_updatekeys(dns_dnsseckeylist_t *keys, dns_dnsseckeylist_t *newkeys, if (key->source == dns_keysource_user && (key->hint_publish || key->force_publish)) { - RETERR(publish_key(diff, key, origin, ttl, mctx, - report)); + CHECK(publish_key(diff, key, origin, ttl, mctx, + report)); } if (key->source == dns_keysource_zoneapex) { ttl = dst_key_getttl(key->key); @@ -2195,8 +2182,8 @@ dns_dnssec_updatekeys(dns_dnsseckeylist_t *keys, dns_dnsseckeylist_t *newkeys, if (key1->source != dns_keysource_zoneapex && (key1->hint_publish || key1->force_publish)) { - RETERR(publish_key(diff, key1, origin, ttl, - mctx, report)); + CHECK(publish_key(diff, key1, origin, ttl, mctx, + report)); isc_log_write( DNS_LOGCATEGORY_DNSSEC, DNS_LOGMODULE_DNSSEC, ISC_LOG_INFO, @@ -2230,8 +2217,8 @@ dns_dnssec_updatekeys(dns_dnsseckeylist_t *keys, dns_dnsseckeylist_t *newkeys, /* Match found: remove or update it as needed */ if (key1->hint_remove) { - RETERR(remove_key(diff, key2, origin, ttl, mctx, - "expired", report)); + CHECK(remove_key(diff, key2, origin, ttl, mctx, + "expired", report)); ISC_LIST_UNLINK(*keys, key2, link); if (removed != NULL) { @@ -2254,8 +2241,8 @@ dns_dnssec_updatekeys(dns_dnsseckeylist_t *keys, dns_dnsseckeylist_t *newkeys, * We need to remove the old version and pull * in the new one. */ - RETERR(remove_key(diff, key2, origin, ttl, mctx, - "revoked", report)); + CHECK(remove_key(diff, key2, origin, ttl, mctx, + "revoked", report)); ISC_LIST_UNLINK(*keys, key2, link); if (removed != NULL) { ISC_LIST_APPEND(*removed, key2, link); @@ -2272,8 +2259,8 @@ dns_dnssec_updatekeys(dns_dnsseckeylist_t *keys, dns_dnsseckeylist_t *newkeys, dns_dnsseckey_destroy(mctx, &key2); } - RETERR(publish_key(diff, key1, origin, ttl, mctx, - report)); + CHECK(publish_key(diff, key1, origin, ttl, mctx, + report)); ISC_LIST_UNLINK(*newkeys, key1, link); ISC_LIST_APPEND(*keys, key1, link); @@ -2323,7 +2310,7 @@ dns_dnssec_updatekeys(dns_dnsseckeylist_t *keys, dns_dnsseckeylist_t *newkeys, result = ISC_R_SUCCESS; -failure: +cleanup: return result; } diff --git a/lib/dns/dnstap.c b/lib/dns/dnstap.c index 40750b5936..ab9b994b6d 100644 --- a/lib/dns/dnstap.c +++ b/lib/dns/dnstap.c @@ -120,13 +120,6 @@ struct dns_dtenv { isc_stats_t *stats; }; -#define CHECK(x) \ - do { \ - result = (x); \ - if (result != ISC_R_SUCCESS) \ - goto cleanup; \ - } while (0) - typedef struct ioq { unsigned int generation; struct fstrm_iothr_queue *ioq; diff --git a/lib/dns/dst_api.c b/lib/dns/dst_api.c index 2d6f739c03..3f9743e3b2 100644 --- a/lib/dns/dst_api.c +++ b/lib/dns/dst_api.c @@ -68,36 +68,27 @@ #define DST_AS_STR(t) ((t).value.as_textregion.base) -#define NEXTTOKEN(lex, opt, token) \ - { \ - ret = isc_lex_gettoken(lex, opt, token); \ - if (ret != ISC_R_SUCCESS) \ - goto cleanup; \ - } +#define NEXTTOKEN(lex, opt, token) CHECK(isc_lex_gettoken(lex, opt, token)) -#define NEXTTOKEN_OR_EOF(lex, opt, token) \ - do { \ - ret = isc_lex_gettoken(lex, opt, token); \ - if (ret == ISC_R_EOF) \ - break; \ - if (ret != ISC_R_SUCCESS) \ - goto cleanup; \ +#define NEXTTOKEN_OR_EOF(lex, opt, token) \ + do { \ + result = isc_lex_gettoken(lex, opt, token); \ + if (result == ISC_R_EOF) { \ + break; \ + } \ + CHECK(result); \ } while ((*token).type == isc_tokentype_eol); -#define READLINE(lex, opt, token) \ - do { \ - ret = isc_lex_gettoken(lex, opt, token); \ - if (ret == ISC_R_EOF) \ - break; \ - if (ret != ISC_R_SUCCESS) \ - goto cleanup; \ +#define READLINE(lex, opt, token) \ + do { \ + result = isc_lex_gettoken(lex, opt, token); \ + if (result == ISC_R_EOF) { \ + break; \ + } \ + CHECK(result); \ } while ((*token).type != isc_tokentype_eol) -#define BADTOKEN() \ - { \ - ret = ISC_R_UNEXPECTEDTOKEN; \ - goto cleanup; \ - } +#define BADTOKEN() CHECK(ISC_R_UNEXPECTEDTOKEN) static const char *numerictags[DST_MAX_NUMERIC] = { [DST_NUM_PREDECESSOR] = "Predecessor:", @@ -193,13 +184,6 @@ static isc_result_t addsuffix(char *filename, int len, const char *dirname, const char *ofilename, const char *suffix); -#define RETERR(x) \ - do { \ - result = (x); \ - if (result != ISC_R_SUCCESS) \ - goto out; \ - } while (0) - #define CHECKALG(alg) \ do { \ isc_result_t _r; \ @@ -383,8 +367,6 @@ dst_context_verify(dst_context_t *dctx, isc_region_t *sig) { isc_result_t dst_key_tofile(const dst_key_t *key, int type, const char *directory) { - isc_result_t ret = ISC_R_SUCCESS; - REQUIRE(VALID_KEY(key)); REQUIRE((type & (DST_TYPE_PRIVATE | DST_TYPE_PUBLIC | DST_TYPE_STATE)) != 0); @@ -396,17 +378,11 @@ dst_key_tofile(const dst_key_t *key, int type, const char *directory) { } if ((type & DST_TYPE_PUBLIC) != 0) { - ret = write_public_key(key, type, directory); - if (ret != ISC_R_SUCCESS) { - return ret; - } + RETERR(write_public_key(key, type, directory)); } if ((type & DST_TYPE_STATE) != 0) { - ret = write_key_state(key, type, directory); - if (ret != ISC_R_SUCCESS) { - return ret; - } + RETERR(write_key_state(key, type, directory)); } if (((type & DST_TYPE_PRIVATE) != 0) && @@ -497,32 +473,20 @@ dst_key_fromfile(dns_name_t *name, dns_keytag_t id, unsigned int alg, int type, key = NULL; isc_buffer_init(&buf, filename, NAME_MAX); - result = dst_key_getfilename(name, id, alg, type, NULL, mctx, &buf); - if (result != ISC_R_SUCCESS) { - goto out; - } - - result = dst_key_fromnamedfile(filename, directory, type, mctx, &key); - if (result != ISC_R_SUCCESS) { - goto out; - } - - result = computeid(key); - if (result != ISC_R_SUCCESS) { - goto out; - } + CHECK(dst_key_getfilename(name, id, alg, type, NULL, mctx, &buf)); + CHECK(dst_key_fromnamedfile(filename, directory, type, mctx, &key)); + CHECK(computeid(key)); if (!dns_name_equal(name, key->key_name) || id != key->key_id || alg != key->key_alg) { - result = DST_R_INVALIDPRIVATEKEY; - goto out; + CHECK(DST_R_INVALIDPRIVATEKEY); } *keyp = key; result = ISC_R_SUCCESS; -out: +cleanup: if ((key != NULL) && (result != ISC_R_SUCCESS)) { dst_key_free(&key); } @@ -558,7 +522,7 @@ dst_key_fromnamedfile(const char *filename, const char *dirname, int type, ".key"); INSIST(result == ISC_R_SUCCESS); - RETERR(dst_key_read_public(newfilename, type, mctx, &pubkey)); + CHECK(dst_key_read_public(newfilename, type, mctx, &pubkey)); isc_mem_put(mctx, newfilename, newfilenamelen); /* @@ -584,20 +548,20 @@ dst_key_fromnamedfile(const char *filename, const char *dirname, int type, /* Having no state is valid. */ result = ISC_R_SUCCESS; } - RETERR(result); + CHECK(result); } if ((type & (DST_TYPE_PRIVATE | DST_TYPE_PUBLIC)) == DST_TYPE_PUBLIC || (pubkey->key_flags & DNS_KEYFLAG_TYPEMASK) == DNS_KEYTYPE_NOKEY) { - RETERR(computeid(pubkey)); + CHECK(computeid(pubkey)); pubkey->modified = false; *keyp = pubkey; pubkey = NULL; - goto out; + goto cleanup; } - RETERR(algorithm_status(pubkey->key_alg)); + CHECK(algorithm_status(pubkey->key_alg)); key = get_key_struct(pubkey->key_name, pubkey->key_alg, pubkey->key_flags, pubkey->key_proto, @@ -605,7 +569,7 @@ dst_key_fromnamedfile(const char *filename, const char *dirname, int type, pubkey->key_ttl, mctx); if (key->func->parse == NULL) { - RETERR(DST_R_UNSUPPORTEDALG); + CHECK(DST_R_UNSUPPORTEDALG); } newfilenamelen = strlen(filename) + 9; @@ -618,10 +582,10 @@ dst_key_fromnamedfile(const char *filename, const char *dirname, int type, INSIST(result == ISC_R_SUCCESS); isc_lex_create(mctx, 1500, &lex); - RETERR(isc_lex_openfile(lex, newfilename)); + CHECK(isc_lex_openfile(lex, newfilename)); isc_mem_put(mctx, newfilename, newfilenamelen); - RETERR(key->func->parse(key, lex, pubkey)); + CHECK(key->func->parse(key, lex, pubkey)); isc_lex_destroy(&lex); key->kasp = false; @@ -633,13 +597,13 @@ dst_key_fromnamedfile(const char *filename, const char *dirname, int type, /* Having no state is valid. */ result = ISC_R_SUCCESS; } - RETERR(result); + CHECK(result); } - RETERR(computeid(key)); + CHECK(computeid(key)); if (pubkey->key_id != key->key_id) { - RETERR(DST_R_INVALIDPRIVATEKEY); + CHECK(DST_R_INVALIDPRIVATEKEY); } key->modified = false; @@ -650,7 +614,7 @@ dst_key_fromnamedfile(const char *filename, const char *dirname, int type, *keyp = key; key = NULL; -out: +cleanup: if (pubkey != NULL) { dst_key_free(&pubkey); } @@ -808,13 +772,13 @@ dst_key_fromgssapi(const dns_name_t *name, dns_gss_ctx_id_t gssctx, */ isc_buffer_allocate(key->mctx, &key->key_tkeytoken, intoken->length); - RETERR(isc_buffer_copyregion(key->key_tkeytoken, intoken)); + CHECK(isc_buffer_copyregion(key->key_tkeytoken, intoken)); } key->keydata.gssctx = gssctx; *keyp = key; result = ISC_R_SUCCESS; -out: +cleanup: if (result != ISC_R_SUCCESS) { dst_key_free(&key); } @@ -955,7 +919,7 @@ dst_key_generate(const dns_name_t *name, unsigned int alg, unsigned int bits, dns_rdataclass_t rdclass, const char *label, isc_mem_t *mctx, dst_key_t **keyp, void (*callback)(int)) { dst_key_t *key; - isc_result_t ret; + isc_result_t result; REQUIRE(dns_name_isabsolute(name)); REQUIRE(mctx != NULL); @@ -981,16 +945,16 @@ dst_key_generate(const dns_name_t *name, unsigned int alg, unsigned int bits, return DST_R_UNSUPPORTEDALG; } - ret = key->func->generate(key, param, callback); - if (ret != ISC_R_SUCCESS) { + result = key->func->generate(key, param, callback); + if (result != ISC_R_SUCCESS) { dst_key_free(&key); - return ret; + return result; } - ret = computeid(key); - if (ret != ISC_R_SUCCESS) { + result = computeid(key); + if (result != ISC_R_SUCCESS) { dst_key_free(&key); - return ret; + return result; } *keyp = key; @@ -1514,13 +1478,12 @@ dst_key_read_public(const char *filename, int type, isc_mem_t *mctx, dns_fixedname_t name; isc_lex_t *lex = NULL; isc_token_t token; - isc_result_t ret; + isc_result_t result; dns_rdata_t rdata = DNS_RDATA_INIT; unsigned int opt = ISC_LEXOPT_DNSMULTILINE | ISC_LEXOPT_ESCAPE; dns_rdataclass_t rdclass = dns_rdataclass_in; isc_lexspecials_t specials; uint32_t ttl = 0; - isc_result_t result; dns_rdatatype_t keytype; /* @@ -1540,10 +1503,7 @@ dst_key_read_public(const char *filename, int type, isc_mem_t *mctx, isc_lex_setspecials(lex, specials); isc_lex_setcomments(lex, ISC_LEXCOMMENT_DNSMASTERFILE); - ret = isc_lex_openfile(lex, filename); - if (ret != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(isc_lex_openfile(lex, filename)); /* Read the domain name */ NEXTTOKEN(lex, opt, &token); @@ -1561,10 +1521,8 @@ dst_key_read_public(const char *filename, int type, isc_mem_t *mctx, dns_fixedname_init(&name); isc_buffer_init(&b, DST_AS_STR(token), strlen(DST_AS_STR(token))); isc_buffer_add(&b, strlen(DST_AS_STR(token))); - ret = dns_name_fromtext(dns_fixedname_name(&name), &b, dns_rootname, 0); - if (ret != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(dns_name_fromtext(dns_fixedname_name(&name), &b, dns_rootname, + 0)); /* Read the next word: either TTL, class, or 'KEY' */ NEXTTOKEN(lex, opt, &token); @@ -1583,8 +1541,8 @@ dst_key_read_public(const char *filename, int type, isc_mem_t *mctx, BADTOKEN(); } - ret = dns_rdataclass_fromtext(&rdclass, &token.value.as_textregion); - if (ret == ISC_R_SUCCESS) { + result = dns_rdataclass_fromtext(&rdclass, &token.value.as_textregion); + if (result == ISC_R_SUCCESS) { NEXTTOKEN(lex, opt, &token); } @@ -1603,22 +1561,16 @@ dst_key_read_public(const char *filename, int type, isc_mem_t *mctx, if (((type & DST_TYPE_KEY) != 0 && keytype != dns_rdatatype_key) || ((type & DST_TYPE_KEY) == 0 && keytype != dns_rdatatype_dnskey)) { - ret = DST_R_BADKEYTYPE; + result = DST_R_BADKEYTYPE; goto cleanup; } isc_buffer_init(&b, rdatabuf, sizeof(rdatabuf)); - ret = dns_rdata_fromtext(&rdata, rdclass, keytype, lex, NULL, false, - mctx, &b, NULL); - if (ret != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(dns_rdata_fromtext(&rdata, rdclass, keytype, lex, NULL, false, + mctx, &b, NULL)); - ret = dst_key_fromdns(dns_fixedname_name(&name), rdclass, &b, mctx, - keyp); - if (ret != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(dst_key_fromdns(dns_fixedname_name(&name), rdclass, &b, mctx, + keyp)); dst_key_setttl(*keyp, ttl); @@ -1626,7 +1578,7 @@ cleanup: if (lex != NULL) { isc_lex_destroy(&lex); } - return ret; + return result; } static int @@ -1677,16 +1629,13 @@ isc_result_t dst_key_read_state(const char *filename, isc_mem_t *mctx, dst_key_t **keyp) { isc_lex_t *lex = NULL; isc_token_t token; - isc_result_t ret; + isc_result_t result; unsigned int opt = ISC_LEXOPT_EOL; isc_lex_create(mctx, 1500, &lex); isc_lex_setcomments(lex, ISC_LEXCOMMENT_DNSMASTERFILE); - ret = isc_lex_openfile(lex, filename); - if (ret != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(isc_lex_openfile(lex, filename)); /* * Read the comment line. @@ -1738,7 +1687,7 @@ dst_key_read_state(const char *filename, isc_mem_t *mctx, dst_key_t **keyp) { int tag; NEXTTOKEN_OR_EOF(lex, opt, &token); - if (ret == ISC_R_EOF) { + if (result == ISC_R_EOF) { break; } if (token.type != isc_tokentype_string) { @@ -1791,10 +1740,7 @@ dst_key_read_state(const char *filename, isc_mem_t *mctx, dst_key_t **keyp) { BADTOKEN(); } - ret = dns_time32_fromtext(DST_AS_STR(token), &when); - if (ret != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(dns_time32_fromtext(DST_AS_STR(token), &when)); dst_key_settime(*keyp, tag, when); goto next; @@ -1812,10 +1758,7 @@ dst_key_read_state(const char *filename, isc_mem_t *mctx, dst_key_t **keyp) { BADTOKEN(); } - ret = keystate_fromtext(DST_AS_STR(token), &state); - if (ret != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(keystate_fromtext(DST_AS_STR(token), &state)); dst_key_setstate(*keyp, tag, state); goto next; @@ -1826,13 +1769,13 @@ dst_key_read_state(const char *filename, isc_mem_t *mctx, dst_key_t **keyp) { } /* Done, successfully parsed the whole file. */ - ret = ISC_R_SUCCESS; + result = ISC_R_SUCCESS; cleanup: if (lex != NULL) { isc_lex_destroy(&lex); } - return ret; + return result; } static bool @@ -2197,13 +2140,9 @@ computeid(dst_key_t *key) { isc_buffer_t dnsbuf; unsigned char dns_array[DST_KEY_MAXSIZE]; isc_region_t r; - isc_result_t ret; isc_buffer_init(&dnsbuf, dns_array, sizeof(dns_array)); - ret = dst_key_todns(key, &dnsbuf); - if (ret != ISC_R_SUCCESS) { - return ret; - } + RETERR(dst_key_todns(key, &dnsbuf)); isc_buffer_usedregion(&dnsbuf, &r); key->key_id = dst_region_computeid(&r); @@ -2216,7 +2155,7 @@ frombuffer(const dns_name_t *name, unsigned int alg, unsigned int flags, unsigned int protocol, dns_rdataclass_t rdclass, isc_buffer_t *source, isc_mem_t *mctx, dst_key_t **keyp) { dst_key_t *key; - isc_result_t ret; + isc_result_t result; REQUIRE(dns_name_isabsolute(name)); REQUIRE(source != NULL); @@ -2242,20 +2181,20 @@ frombuffer(const dns_name_t *name, unsigned int alg, unsigned int flags, key = get_key_struct(name, alg, flags, protocol, 0, rdclass, 0, mctx); if (isc_buffer_remaininglength(source) > 0) { - ret = algorithm_status(alg); - if (ret != ISC_R_SUCCESS) { + result = algorithm_status(alg); + if (result != ISC_R_SUCCESS) { dst_key_free(&key); - return ret; + return result; } if (key->func->fromdns == NULL) { dst_key_free(&key); return DST_R_UNSUPPORTEDALG; } - ret = key->func->fromdns(key, source); - if (ret != ISC_R_SUCCESS) { + result = key->func->fromdns(key, source); + if (result != ISC_R_SUCCESS) { dst_key_free(&key); - return ret; + return result; } } diff --git a/lib/dns/dst_parse.c b/lib/dns/dst_parse.c index 9dc4f9cedd..0310f3be79 100644 --- a/lib/dns/dst_parse.c +++ b/lib/dns/dst_parse.c @@ -400,7 +400,7 @@ dst__privstruct_parse(dst_key_t *key, unsigned int alg, isc_lex_t *lex, unsigned char *data = NULL; unsigned int opt = ISC_LEXOPT_EOL; isc_stdtime_t when; - isc_result_t ret; + isc_result_t result; bool external = false; REQUIRE(priv != NULL); @@ -408,20 +408,19 @@ dst__privstruct_parse(dst_key_t *key, unsigned int alg, isc_lex_t *lex, priv->nelements = 0; memset(priv->elements, 0, sizeof(priv->elements)); -#define NEXTTOKEN(lex, opt, token) \ - do { \ - ret = isc_lex_gettoken(lex, opt, token); \ - if (ret != ISC_R_SUCCESS) \ - goto fail; \ +#define NEXTTOKEN(lex, opt, token) \ + do { \ + CHECK(isc_lex_gettoken(lex, opt, token)); \ } while (0) -#define READLINE(lex, opt, token) \ - do { \ - ret = isc_lex_gettoken(lex, opt, token); \ - if (ret == ISC_R_EOF) \ - break; \ - else if (ret != ISC_R_SUCCESS) \ - goto fail; \ +#define READLINE(lex, opt, token) \ + do { \ + result = isc_lex_gettoken(lex, opt, token); \ + if (result == ISC_R_EOF) { \ + break; \ + } else if (result != ISC_R_SUCCESS) { \ + goto cleanup; \ + } \ } while ((*token).type != isc_tokentype_eol) /* @@ -431,24 +430,24 @@ dst__privstruct_parse(dst_key_t *key, unsigned int alg, isc_lex_t *lex, if (token.type != isc_tokentype_string || strcmp(DST_AS_STR(token), PRIVATE_KEY_STR) != 0) { - ret = DST_R_INVALIDPRIVATEKEY; - goto fail; + result = DST_R_INVALIDPRIVATEKEY; + goto cleanup; } NEXTTOKEN(lex, opt, &token); if (token.type != isc_tokentype_string || (DST_AS_STR(token))[0] != 'v') { - ret = DST_R_INVALIDPRIVATEKEY; - goto fail; + result = DST_R_INVALIDPRIVATEKEY; + goto cleanup; } if (sscanf(DST_AS_STR(token), "v%d.%d", &major, &minor) != 2) { - ret = DST_R_INVALIDPRIVATEKEY; - goto fail; + result = DST_R_INVALIDPRIVATEKEY; + goto cleanup; } if (major > DST_MAJOR_VERSION) { - ret = DST_R_INVALIDPRIVATEKEY; - goto fail; + result = DST_R_INVALIDPRIVATEKEY; + goto cleanup; } /* @@ -465,16 +464,16 @@ dst__privstruct_parse(dst_key_t *key, unsigned int alg, isc_lex_t *lex, if (token.type != isc_tokentype_string || strcmp(DST_AS_STR(token), ALGORITHM_STR) != 0) { - ret = DST_R_INVALIDPRIVATEKEY; - goto fail; + result = DST_R_INVALIDPRIVATEKEY; + goto cleanup; } NEXTTOKEN(lex, opt | ISC_LEXOPT_NUMBER, &token); if (token.type != isc_tokentype_number || token.value.as_ulong != (unsigned long)dst_key_alg(key)) { - ret = DST_R_INVALIDPRIVATEKEY; - goto fail; + result = DST_R_INVALIDPRIVATEKEY; + goto cleanup; } READLINE(lex, opt, &token); @@ -486,18 +485,18 @@ dst__privstruct_parse(dst_key_t *key, unsigned int alg, isc_lex_t *lex, int tag; isc_region_t r; do { - ret = isc_lex_gettoken(lex, opt, &token); - if (ret == ISC_R_EOF) { + result = isc_lex_gettoken(lex, opt, &token); + if (result == ISC_R_EOF) { goto done; } - if (ret != ISC_R_SUCCESS) { - goto fail; + if (result != ISC_R_SUCCESS) { + goto cleanup; } } while (token.type == isc_tokentype_eol); if (token.type != isc_tokentype_string) { - ret = DST_R_INVALIDPRIVATEKEY; - goto fail; + result = DST_R_INVALIDPRIVATEKEY; + goto cleanup; } if (strcmp(DST_AS_STR(token), "External:") == 0) { @@ -512,8 +511,8 @@ dst__privstruct_parse(dst_key_t *key, unsigned int alg, isc_lex_t *lex, NEXTTOKEN(lex, opt | ISC_LEXOPT_NUMBER, &token); if (token.type != isc_tokentype_number) { - ret = DST_R_INVALIDPRIVATEKEY; - goto fail; + result = DST_R_INVALIDPRIVATEKEY; + goto cleanup; } dst_key_setnum(key, tag, token.value.as_ulong); @@ -527,14 +526,11 @@ dst__privstruct_parse(dst_key_t *key, unsigned int alg, isc_lex_t *lex, NEXTTOKEN(lex, opt, &token); if (token.type != isc_tokentype_string) { - ret = DST_R_INVALIDPRIVATEKEY; - goto fail; + result = DST_R_INVALIDPRIVATEKEY; + goto cleanup; } - ret = dns_time32_fromtext(DST_AS_STR(token), &when); - if (ret != ISC_R_SUCCESS) { - goto fail; - } + CHECK(dns_time32_fromtext(DST_AS_STR(token), &when)); dst_key_settime(key, tag, when); @@ -546,8 +542,8 @@ dst__privstruct_parse(dst_key_t *key, unsigned int alg, isc_lex_t *lex, if (tag < 0 && minor > DST_MINOR_VERSION) { goto next; } else if (tag < 0) { - ret = DST_R_INVALIDPRIVATEKEY; - goto fail; + result = DST_R_INVALIDPRIVATEKEY; + goto cleanup; } priv->elements[n].tag = tag; @@ -555,10 +551,7 @@ dst__privstruct_parse(dst_key_t *key, unsigned int alg, isc_lex_t *lex, data = isc_mem_get(mctx, MAXFIELDSIZE); isc_buffer_init(&b, data, MAXFIELDSIZE); - ret = isc_base64_tobuffer(lex, &b, -1); - if (ret != ISC_R_SUCCESS) { - goto fail; - } + CHECK(isc_base64_tobuffer(lex, &b, -1)); isc_buffer_usedregion(&b, &r); priv->elements[n].length = r.length; @@ -572,30 +565,30 @@ dst__privstruct_parse(dst_key_t *key, unsigned int alg, isc_lex_t *lex, done: if (external && priv->nelements != 0) { - ret = DST_R_INVALIDPRIVATEKEY; - goto fail; + result = DST_R_INVALIDPRIVATEKEY; + goto cleanup; } check = check_data(priv, alg, true, external); if (check < 0) { - ret = DST_R_INVALIDPRIVATEKEY; - goto fail; + result = DST_R_INVALIDPRIVATEKEY; + goto cleanup; } else if (check != ISC_R_SUCCESS) { - ret = check; - goto fail; + result = check; + goto cleanup; } key->external = external; return ISC_R_SUCCESS; -fail: +cleanup: dst__privstruct_free(priv, mctx); if (data != NULL) { isc_mem_put(mctx, data, MAXFIELDSIZE); } - return ret; + return result; } isc_result_t diff --git a/lib/dns/dyndb.c b/lib/dns/dyndb.c index 646d179cf8..889a230ce7 100644 --- a/lib/dns/dyndb.c +++ b/lib/dns/dyndb.c @@ -28,13 +28,6 @@ #include "dyndb_p.h" -#define CHECK(op) \ - do { \ - result = (op); \ - if (result != ISC_R_SUCCESS) \ - goto cleanup; \ - } while (0) - typedef struct dyndb_implementation dyndb_implementation_t; struct dyndb_implementation { isc_mem_t *mctx; diff --git a/lib/dns/gssapictx.c b/lib/dns/gssapictx.c index ea39bb5d98..67cdc0cfca 100644 --- a/lib/dns/gssapictx.c +++ b/lib/dns/gssapictx.c @@ -82,13 +82,6 @@ static gss_OID_desc __gss_spnego_mechanism_oid_desc = { (r).base = (gb).value; \ } while (0) -#define RETERR(x) \ - do { \ - result = (x); \ - if (result != ISC_R_SUCCESS) \ - goto out; \ - } while (0) - static void name_to_gbuffer(const dns_name_t *name, isc_buffer_t *buffer, gss_buffer_desc *gbuffer) { @@ -321,8 +314,7 @@ dst_gssapi_initctx(const dns_name_t *name, isc_buffer_t *intoken, gret = gss_import_name(&minor, &gnamebuf, GSS_C_NO_OID, &gname); if (gret != GSS_S_COMPLETE) { gss_err_message(mctx, gret, minor, err_message); - result = ISC_R_FAILURE; - goto out; + CHECK(ISC_R_FAILURE); } if (intoken != NULL) { @@ -353,8 +345,7 @@ dst_gssapi_initctx(const dns_name_t *name, isc_buffer_t *intoken, gss_log(3, "Failure initiating security context"); } - result = ISC_R_FAILURE; - goto out; + CHECK(ISC_R_FAILURE); } /* @@ -367,7 +358,7 @@ dst_gssapi_initctx(const dns_name_t *name, isc_buffer_t *intoken, */ if (gouttoken.length != 0U) { GBUFFER_TO_REGION(gouttoken, r); - RETERR(isc_buffer_copyregion(outtoken, &r)); + CHECK(isc_buffer_copyregion(outtoken, &r)); } if (gret == GSS_S_COMPLETE) { @@ -376,7 +367,7 @@ dst_gssapi_initctx(const dns_name_t *name, isc_buffer_t *intoken, result = DNS_R_CONTINUE; } -out: +cleanup: if (gouttoken.length != 0U) { (void)gss_release_buffer(&minor, &gouttoken); } @@ -479,7 +470,7 @@ dst_gssapi_acceptctx(const char *gssapi_keytab, isc_region_t *intoken, isc_buffer_allocate(mctx, outtoken, (unsigned int)gouttoken.length); GBUFFER_TO_REGION(gouttoken, r); - RETERR(isc_buffer_copyregion(*outtoken, &r)); + CHECK(isc_buffer_copyregion(*outtoken, &r)); (void)gss_release_buffer(&minor, &gouttoken); } @@ -489,7 +480,7 @@ dst_gssapi_acceptctx(const char *gssapi_keytab, isc_region_t *intoken, gss_log(3, "failed gss_display_name: %s", gss_error_tostring(gret, minor, buf, sizeof(buf))); - RETERR(ISC_R_FAILURE); + CHECK(ISC_R_FAILURE); } /* @@ -511,7 +502,7 @@ dst_gssapi_acceptctx(const char *gssapi_keytab, isc_region_t *intoken, isc_buffer_init(&namebuf, r.base, r.length); isc_buffer_add(&namebuf, r.length); - RETERR(dns_name_fromtext(principal, &namebuf, dns_rootname, 0)); + CHECK(dns_name_fromtext(principal, &namebuf, dns_rootname, 0)); if (gnamebuf.length != 0U) { gret = gss_release_buffer(&minor, &gnamebuf); @@ -527,7 +518,7 @@ dst_gssapi_acceptctx(const char *gssapi_keytab, isc_region_t *intoken, *ctxout = context; -out: +cleanup: if (gname != NULL) { gret = gss_release_name(&minor, &gname); if (gret != GSS_S_COMPLETE) { diff --git a/lib/dns/journal.c b/lib/dns/journal.c index 894fbea9f3..9c969a4a0a 100644 --- a/lib/dns/journal.c +++ b/lib/dns/journal.c @@ -80,25 +80,6 @@ * Miscellaneous utilities. */ -/*% - * It would be non-sensical (or at least obtuse) to use FAIL() with an - * ISC_R_SUCCESS code, but the test is there to keep the Solaris compiler - * from complaining about "end-of-loop code not reached". - */ -#define FAIL(code) \ - do { \ - result = (code); \ - if (result != ISC_R_SUCCESS) \ - goto failure; \ - } while (0) - -#define CHECK(op) \ - do { \ - result = (op); \ - if (result != ISC_R_SUCCESS) \ - goto failure; \ - } while (0) - #define JOURNAL_SERIALSET 0x01U static isc_result_t @@ -641,14 +622,14 @@ journal_open(isc_mem_t *mctx, const char *filename, bool writable, bool create, */ result = isc_stdio_open(j->filename, "rb+", &fp); } else { - FAIL(ISC_R_NOTFOUND); + CHECK(ISC_R_NOTFOUND); } } if (result != ISC_R_SUCCESS) { isc_log_write(DNS_LOGCATEGORY_GENERAL, DNS_LOGMODULE_JOURNAL, ISC_LOG_ERROR, "%s: open: %s", j->filename, isc_result_totext(result)); - FAIL(ISC_R_UNEXPECTED); + CHECK(ISC_R_UNEXPECTED); } j->fp = fp; @@ -687,7 +668,7 @@ journal_open(isc_mem_t *mctx, const char *filename, bool writable, bool create, isc_log_write(DNS_LOGCATEGORY_GENERAL, DNS_LOGMODULE_JOURNAL, ISC_LOG_ERROR, "%s: journal format not recognized", j->filename); - FAIL(ISC_R_UNEXPECTED); + CHECK(ISC_R_UNEXPECTED); } journal_header_decode(&rawheader, &j->header); @@ -740,7 +721,7 @@ journal_open(isc_mem_t *mctx, const char *filename, bool writable, bool create, *journalp = j; return ISC_R_SUCCESS; -failure: +cleanup: j->magic = 0; if (j->rawindex != NULL) { isc_mem_cput(j->mctx, j->rawindex, j->header.index_size, @@ -920,7 +901,7 @@ maybe_fixup_xhdr(dns_journal_t *j, journal_xhdr_t *xhdr, uint32_t serial, j->recovered = true; } -failure: +cleanup: return result; } @@ -1002,7 +983,7 @@ journal_next(dns_journal_t *j, journal_pos_t *pos) { pos->serial = xhdr.serial1; return ISC_R_SUCCESS; -failure: +cleanup: return result; } @@ -1183,7 +1164,7 @@ dns_journal_begin_transaction(dns_journal_t *j) { j->state = JOURNAL_STATE_TRANSACTION; result = ISC_R_SUCCESS; -failure: +cleanup: return result; } @@ -1270,7 +1251,7 @@ dns_journal_writediff(dns_journal_t *j, dns_diff_t *diff) { result = ISC_R_SUCCESS; -failure: +cleanup: if (mem != NULL) { isc_mem_put(j->mctx, mem, size); } @@ -1417,7 +1398,7 @@ dns_journal_commit(dns_journal_t *j) { result = ISC_R_SUCCESS; -failure: +cleanup: return result; } @@ -1430,7 +1411,7 @@ dns_journal_write_transaction(dns_journal_t *j, dns_diff_t *diff) { CHECK(dns_journal_writediff(j, diff)); CHECK(dns_journal_commit(j)); result = ISC_R_SUCCESS; -failure: +cleanup: return result; } @@ -1568,7 +1549,7 @@ dns_journal_rollforward(dns_journal_t *j, dns_db_t *db, unsigned int options) { "%s: journal file corrupt: missing " "initial SOA", j->filename); - FAIL(ISC_R_UNEXPECTED); + CHECK(ISC_R_UNEXPECTED); } if ((options & DNS_JOURNALOPT_RESIGN) != 0) { op = (n_soa == 1) ? DNS_DIFFOP_DELRESIGN @@ -1606,7 +1587,7 @@ dns_journal_rollforward(dns_journal_t *j, dns_db_t *db, unsigned int options) { dns_diff_clear(&diff); } -failure: +cleanup: if (ver != NULL) { dns_db_closeversion(db, &ver, result == ISC_R_SUCCESS ? true : false); @@ -1714,7 +1695,7 @@ dns_journal_print(isc_mem_t *mctx, uint32_t flags, const char *filename, "%s: journal file corrupt: missing " "initial SOA", j->filename); - FAIL(ISC_R_UNEXPECTED); + CHECK(ISC_R_UNEXPECTED); } if (print) { @@ -1756,14 +1737,14 @@ dns_journal_print(isc_mem_t *mctx, uint32_t flags, const char *filename, result = dns_diff_print(&diff, file); dns_diff_clear(&diff); } - goto cleanup; + goto done; -failure: +cleanup: isc_log_write(DNS_LOGCATEGORY_GENERAL, DNS_LOGMODULE_JOURNAL, ISC_LOG_ERROR, "%s: cannot print: journal file corrupt", j->filename); -cleanup: +done: if (source.base != NULL) { isc_mem_put(j->mctx, source.base, source.length); } @@ -1924,7 +1905,7 @@ dns_journal_iter_init(dns_journal_t *j, uint32_t begin_serial, } result = ISC_R_SUCCESS; -failure: +cleanup: j->it.result = result; return j->it.result; } @@ -1945,7 +1926,7 @@ dns_journal_first_rr(dns_journal_t *j) { return read_one_rr(j); -failure: +cleanup: return result; } @@ -1981,7 +1962,7 @@ read_one_rr(dns_journal_t *j) { DNS_LOGMODULE_JOURNAL, ISC_LOG_ERROR, "%s: journal corrupt: empty transaction", j->filename); - FAIL(ISC_R_UNEXPECTED); + CHECK(ISC_R_UNEXPECTED); } if (j->header_ver1) { @@ -1998,7 +1979,7 @@ read_one_rr(dns_journal_t *j) { "expected serial %u, got %u", j->filename, j->it.current_serial, xhdr.serial0); - FAIL(ISC_R_UNEXPECTED); + CHECK(ISC_R_UNEXPECTED); } j->it.xsize = xhdr.size; @@ -2021,7 +2002,7 @@ read_one_rr(dns_journal_t *j) { "%s: journal corrupt: impossible RR size " "(%d bytes)", j->filename, rrhdr.size); - FAIL(ISC_R_UNEXPECTED); + CHECK(ISC_R_UNEXPECTED); } size_buffer(j->mctx, &j->it.source, rrhdr.size); @@ -2050,7 +2031,7 @@ read_one_rr(dns_journal_t *j) { * Check that the RR header is there, and parse it. */ if (isc_buffer_remaininglength(&j->it.source) < 10) { - FAIL(DNS_R_FORMERR); + CHECK(DNS_R_FORMERR); } rdtype = isc_buffer_getuint16(&j->it.source); @@ -2064,14 +2045,14 @@ read_one_rr(dns_journal_t *j) { "%s: journal corrupt: impossible rdlen " "(%u bytes)", j->filename, rdlen); - FAIL(ISC_R_FAILURE); + CHECK(ISC_R_FAILURE); } /* * Parse the rdata. */ if (isc_buffer_remaininglength(&j->it.source) != rdlen) { - FAIL(DNS_R_FORMERR); + CHECK(DNS_R_FORMERR); } isc_buffer_setactive(&j->it.source, rdlen); dns_rdata_reset(&j->it.rdata); @@ -2087,7 +2068,7 @@ read_one_rr(dns_journal_t *j) { result = ISC_R_SUCCESS; -failure: +cleanup: j->it.result = result; return result; } @@ -2243,7 +2224,7 @@ dns_diff_subtract(dns_diff_t diff[2], dns_diff_t *r) { ISC_LIST_APPENDLIST(r->tuples, del, link); ISC_LIST_APPENDLIST(r->tuples, add, link); result = ISC_R_SUCCESS; -failure: +cleanup: return result; } @@ -2335,16 +2316,16 @@ diff_namespace(dns_db_t *dba, dns_dbversion_t *dbvera, dns_db_t *dbb, next:; } if (itresult[0] != ISC_R_NOMORE) { - FAIL(itresult[0]); + CHECK(itresult[0]); } if (itresult[1] != ISC_R_NOMORE) { - FAIL(itresult[1]); + CHECK(itresult[1]); } INSIST(ISC_LIST_EMPTY(diff[0].tuples)); INSIST(ISC_LIST_EMPTY(diff[1].tuples)); -failure: +cleanup: dns_dbiterator_destroy(&dbit[1]); cleanup_iterator: @@ -2402,7 +2383,7 @@ dns_db_diffx(dns_diff_t *diff, dns_db_t *dba, dns_dbversion_t *dbvera, } } -failure: +cleanup: if (journal != NULL) { dns_journal_destroy(&journal); } @@ -2789,7 +2770,7 @@ dns_journal_compact(isc_mem_t *mctx, char *filename, uint32_t serial, if (result != ISC_R_SUCCESS && result != ISC_R_FILENOTFOUND) { - goto failure; + CHECK(result); } if (rename(filename, backup) == -1) { goto maperrno; @@ -2800,14 +2781,13 @@ dns_journal_compact(isc_mem_t *mctx, char *filename, uint32_t serial, (void)isc_file_remove(backup); } else { maperrno: - result = ISC_R_FAILURE; - goto failure; + CHECK(ISC_R_FAILURE); } } result = ISC_R_SUCCESS; -failure: +cleanup: (void)isc_file_remove(newname); if (buf != NULL) { isc_mem_put(mctx, buf, size); @@ -2845,6 +2825,6 @@ index_to_disk(dns_journal_t *j) { CHECK(journal_seek(j, sizeof(journal_rawheader_t))); CHECK(journal_write(j, j->rawindex, rawbytes)); } -failure: +cleanup: return result; } diff --git a/lib/dns/keymgr.c b/lib/dns/keymgr.c index 6ccb4ef877..acb31bd322 100644 --- a/lib/dns/keymgr.c +++ b/lib/dns/keymgr.c @@ -34,13 +34,6 @@ #include -#define RETERR(x) \ - do { \ - result = (x); \ - if (result != ISC_R_SUCCESS) \ - goto failure; \ - } while (0) - /* * Set key state to `target` state and change last changed * to `time`, only if key state has not been set before. @@ -520,16 +513,16 @@ keymgr_createkey(dns_kasp_key_t *kkey, const dns_name_t *origin, result = dns_dnssec_findmatchingkeys(origin, NULL, keydir, NULL, now, true, mctx, &keykeys); if (result != ISC_R_SUCCESS && result != ISC_R_NOTFOUND) { - goto failure; + goto cleanup; } do { if (keystore == NULL) { - RETERR(dst_key_generate(origin, alg, size, 0, flags, - DNS_KEYPROTO_DNSSEC, rdclass, - NULL, mctx, &newkey, NULL)); + CHECK(dst_key_generate(origin, alg, size, 0, flags, + DNS_KEYPROTO_DNSSEC, rdclass, + NULL, mctx, &newkey, NULL)); } else { - RETERR(dns_keystore_keygen( + CHECK(dns_keystore_keygen( keystore, origin, dns_kasp_getname(kasp), rdclass, mctx, alg, size, flags, &newkey)); } @@ -567,7 +560,7 @@ keymgr_createkey(dns_kasp_key_t *kkey, const dns_name_t *origin, *dst_key = newkey; result = ISC_R_SUCCESS; -failure: +cleanup: while (!ISC_LIST_EMPTY(keykeys)) { dns_dnsseckey_t *key = ISC_LIST_HEAD(keykeys); ISC_LIST_UNLINK(keykeys, key, link); @@ -2346,9 +2339,9 @@ dns_keymgr_run(const dns_name_t *origin, dns_rdataclass_t rdclass, } /* See if this key requires a rollover. */ - RETERR(keymgr_key_rollover( - kkey, active_key, keyring, &newkeys, origin, rdclass, - kasp, keydir, lifetime, opts, now, nexttime, mctx)); + CHECK(keymgr_key_rollover(kkey, active_key, keyring, &newkeys, + origin, rdclass, kasp, keydir, + lifetime, opts, now, nexttime, mctx)); opts &= ~DNS_KEYMGRATTR_NOROLL; } @@ -2389,7 +2382,7 @@ dns_keymgr_run(const dns_name_t *origin, dns_rdataclass_t rdclass, } dns_dnssec_get_hints(dkey, now); - RETERR(dst_key_tofile(dkey->key, options, directory)); + CHECK(dst_key_tofile(dkey->key, options, directory)); dst_key_setmodified(dkey->key, false); if (!isc_log_wouldlog(ISC_LOG_DEBUG(3))) { @@ -2407,8 +2400,9 @@ dns_keymgr_run(const dns_name_t *origin, dns_rdataclass_t rdclass, } result = retval; -failure: - if (result != ISC_R_SUCCESS && result != DNS_R_UNCHANGED) { + +cleanup: + if (result != ISC_R_SUCCESS) { ISC_LIST_FOREACH(newkeys, newkey, link) { ISC_LIST_UNLINK(newkeys, newkey, link); INSIST(newkey->key != NULL); @@ -2532,22 +2526,22 @@ keytime_status(dst_key_t *key, isc_stdtime_t now, isc_buffer_t *buf, isc_stdtime_t when = 0; dst_key_state_t state = NA; - RETERR(isc_buffer_printf(buf, "%s", pre)); + CHECK(isc_buffer_printf(buf, "%s", pre)); (void)dst_key_getstate(key, ks, &state); isc_result_t r = dst_key_gettime(key, kt, &when); if (state == RUMOURED || state == OMNIPRESENT) { - RETERR(isc_buffer_printf(buf, "yes - since ")); + CHECK(isc_buffer_printf(buf, "yes - since ")); } else if (now < when) { - RETERR(isc_buffer_printf(buf, "no - scheduled ")); + CHECK(isc_buffer_printf(buf, "no - scheduled ")); } else { return isc_buffer_printf(buf, "no\n"); } if (r == ISC_R_SUCCESS) { isc_stdtime_tostring(when, timestr, sizeof(timestr)); - RETERR(isc_buffer_printf(buf, "%s\n", timestr)); + CHECK(isc_buffer_printf(buf, "%s\n", timestr)); } -failure: +cleanup: return result; } @@ -2559,16 +2553,16 @@ keystate_status(dst_key_t *key, isc_buffer_t *buf, const char *pre, int ks) { (void)dst_key_getstate(key, ks, &state); switch (state) { case HIDDEN: - RETERR(isc_buffer_printf(buf, " - %shidden\n", pre)); + CHECK(isc_buffer_printf(buf, " - %shidden\n", pre)); break; case RUMOURED: - RETERR(isc_buffer_printf(buf, " - %srumoured\n", pre)); + CHECK(isc_buffer_printf(buf, " - %srumoured\n", pre)); break; case OMNIPRESENT: - RETERR(isc_buffer_printf(buf, " - %somnipresent\n", pre)); + CHECK(isc_buffer_printf(buf, " - %somnipresent\n", pre)); break; case UNRETENTIVE: - RETERR(isc_buffer_printf(buf, " - %sunretentive\n", pre)); + CHECK(isc_buffer_printf(buf, " - %sunretentive\n", pre)); break; case NA: default: @@ -2576,7 +2570,7 @@ keystate_status(dst_key_t *key, isc_buffer_t *buf, const char *pre, int ks) { break; } -failure: +cleanup: return result; } @@ -2602,47 +2596,47 @@ rollover_status(dns_dnsseckey_t *dkey, dns_kasp_t *kasp, (void)dst_key_getstate(key, DST_KEY_DS, &ds); // publish status - RETERR(keytime_status(key, now, buf, " Published: ", DST_KEY_DNSKEY, - DST_TIME_PUBLISH)); + CHECK(keytime_status(key, now, buf, " Published: ", DST_KEY_DNSKEY, + DST_TIME_PUBLISH)); // signing status result = dst_key_getbool(key, DST_BOOL_KSK, &ksk); if (result == ISC_R_SUCCESS && ksk) { - RETERR(keytime_status(key, now, buf, " Key signing: ", - DST_KEY_KRRSIG, DST_TIME_PUBLISH)); + CHECK(keytime_status(key, now, buf, " Key signing: ", + DST_KEY_KRRSIG, DST_TIME_PUBLISH)); } result = dst_key_getbool(key, DST_BOOL_ZSK, &zsk); if (result == ISC_R_SUCCESS && zsk) { - RETERR(keytime_status(key, now, buf, " Zone signing: ", - DST_KEY_ZRRSIG, DST_TIME_ACTIVATE)); + CHECK(keytime_status(key, now, buf, " Zone signing: ", + DST_KEY_ZRRSIG, DST_TIME_ACTIVATE)); } if (zsk) { if (goal == OMNIPRESENT) { if (dnskey == HIDDEN && zrrsig == HIDDEN) { - RETERR(isc_buffer_printf( + CHECK(isc_buffer_printf( buf, " Key is created but not " "published yet.\n")); } else if (dnskey == RUMOURED && zrrsig == HIDDEN) { - RETERR(isc_buffer_printf( + CHECK(isc_buffer_printf( buf, " Key is pre-published.\n")); } else if (dnskey == RUMOURED && zrrsig == RUMOURED) { - RETERR(isc_buffer_printf(buf, " Introducing " - "new key.\n")); + CHECK(isc_buffer_printf(buf, " Introducing " + "new key.\n")); } else if (dnskey == OMNIPRESENT && zrrsig == HIDDEN) { - RETERR(isc_buffer_printf( + CHECK(isc_buffer_printf( buf, " Key is published, but not yet " "signing.\n")); } else if (dnskey == OMNIPRESENT && zrrsig == RUMOURED) { if (keymgr_dep(key, keyring, NULL)) { - RETERR(isc_buffer_printf( + CHECK(isc_buffer_printf( buf, " Key is published, waiting " "for the zone to be completely " "signed with this key.\n")); } else { - RETERR(isc_buffer_printf( + CHECK(isc_buffer_printf( buf, " Key is published, " "introducing signatures.\n")); @@ -2654,7 +2648,7 @@ rollover_status(dns_dnsseckey_t *dkey, dns_kasp_t *kasp, log_next_rollover = true; } } else { - RETERR(isc_buffer_printf( + CHECK(isc_buffer_printf( buf, " Key is in unexpected state, " "performing auto-healing.\n")); *verbose = true; @@ -2662,7 +2656,7 @@ rollover_status(dns_dnsseckey_t *dkey, dns_kasp_t *kasp, } else if (goal == HIDDEN) { if (dnskey == OMNIPRESENT && zrrsig == OMNIPRESENT) { if (!ksk) { - RETERR(isc_buffer_printf( + CHECK(isc_buffer_printf( buf, " Key will be retired " "after successor key " "becomes active.\n")); @@ -2670,24 +2664,24 @@ rollover_status(dns_dnsseckey_t *dkey, dns_kasp_t *kasp, } else if (dnskey == OMNIPRESENT && zrrsig == UNRETENTIVE) { - RETERR(isc_buffer_printf( + CHECK(isc_buffer_printf( buf, " Key is retired, waiting until all " "signatures generated with this key " "are replaced with successor.\n")); } else if (dnskey == OMNIPRESENT && zrrsig == HIDDEN) { - RETERR(isc_buffer_printf( + CHECK(isc_buffer_printf( buf, " Key is retired, no longer " "signing the zone.\n")); } else if (dnskey == UNRETENTIVE && zrrsig == HIDDEN) { - RETERR(isc_buffer_printf( - buf, " Key is removed from zone.\n")); + CHECK(isc_buffer_printf(buf, " Key is removed " + "from zone.\n")); } else if (dnskey == HIDDEN && zrrsig == HIDDEN) { - RETERR(isc_buffer_printf( + CHECK(isc_buffer_printf( buf, " Key is completely hidden " "(waiting to be purged).\n")); } else { - RETERR(isc_buffer_printf( + CHECK(isc_buffer_printf( buf, " WARNING: Key is in unexpected " "state, " "performing auto-healing.\n")); @@ -2698,24 +2692,24 @@ rollover_status(dns_dnsseckey_t *dkey, dns_kasp_t *kasp, if (goal == OMNIPRESENT) { if (dnskey == HIDDEN && ds == HIDDEN) { if (!zsk) { - RETERR(isc_buffer_printf( + CHECK(isc_buffer_printf( buf, " Key is created but not " "published yet.\n")); } } else if (dnskey == RUMOURED && ds == HIDDEN) { if (!zsk) { - RETERR(isc_buffer_printf( + CHECK(isc_buffer_printf( buf, " Key is pre-published.\n")); } } else if (dnskey == OMNIPRESENT && ds == HIDDEN) { if (keymgr_dep(key, keyring, NULL)) { - RETERR(isc_buffer_printf( + CHECK(isc_buffer_printf( buf, " Waiting for the DS to be " "submitted to the parent.\n")); } else { - RETERR(isc_buffer_printf( + CHECK(isc_buffer_printf( buf, " Wait for zone to be fully " "signed before submitting the " @@ -2726,19 +2720,19 @@ rollover_status(dns_dnsseckey_t *dkey, dns_kasp_t *kasp, isc_result_t ret = dst_key_gettime( key, DST_TIME_DSPUBLISH, &dstime); if (ret != ISC_R_SUCCESS || dstime > now) { - RETERR(isc_buffer_printf( + CHECK(isc_buffer_printf( buf, " Waiting for the DS to be " "published to the parent.\n")); if (checkds) { - RETERR(isc_buffer_printf( + CHECK(isc_buffer_printf( buf, " checkds is enabled, " "BIND will check the " "DS RRset " "periodically.\n")); } else { - RETERR(isc_buffer_printf( + CHECK(isc_buffer_printf( buf, " ! Once the DS is in " "the parent, run 'rndc " @@ -2748,7 +2742,7 @@ rollover_status(dns_dnsseckey_t *dkey, dns_kasp_t *kasp, dst_key_id(key))); } } else { - RETERR(isc_buffer_printf( + CHECK(isc_buffer_printf( buf, " Waiting TTL period for " "validators to pick up " "the new DS RRset.\n")); @@ -2758,7 +2752,7 @@ rollover_status(dns_dnsseckey_t *dkey, dns_kasp_t *kasp, active_state = DST_TIME_PUBLISH; retire_state = DST_TIME_DELETE; } else { - RETERR(isc_buffer_printf( + CHECK(isc_buffer_printf( buf, " WARNING: Key is in unexpected " "state, " "performing auto-healing.\n")); @@ -2766,7 +2760,7 @@ rollover_status(dns_dnsseckey_t *dkey, dns_kasp_t *kasp, } } else if (goal == HIDDEN) { if (dnskey == OMNIPRESENT && ds == OMNIPRESENT) { - RETERR(isc_buffer_printf( + CHECK(isc_buffer_printf( buf, " Key will be retired after the DS is " "withdrawn from the parent.\n")); @@ -2775,19 +2769,19 @@ rollover_status(dns_dnsseckey_t *dkey, dns_kasp_t *kasp, isc_result_t ret = dst_key_gettime( key, DST_TIME_DSDELETE, &dstime); if (ret != ISC_R_SUCCESS || dstime > now) { - RETERR(isc_buffer_printf( + CHECK(isc_buffer_printf( buf, " Waiting for the DS to be " "removed from the parent.\n")); if (checkds) { - RETERR(isc_buffer_printf( + CHECK(isc_buffer_printf( buf, " checkds is enabled, " "BIND will check the " "DS RRset " "periodically.\n")); } else { - RETERR(isc_buffer_printf( + CHECK(isc_buffer_printf( buf, " ! Once the DS is " "removed from the " @@ -2798,30 +2792,30 @@ rollover_status(dns_dnsseckey_t *dkey, dns_kasp_t *kasp, dst_key_id(key))); } } else { - RETERR(isc_buffer_printf( + CHECK(isc_buffer_printf( buf, " Waiting TTL period for " "validators to pick up " "the new DS RRset.\n")); } } else if (dnskey == OMNIPRESENT && ds == HIDDEN) { - RETERR(isc_buffer_printf( - buf, " Key is removed from chain of " - "trust.\n")); + CHECK(isc_buffer_printf(buf, " Key is removed " + "from chain of " + "trust.\n")); } else if (dnskey == UNRETENTIVE && ds == HIDDEN) { if (!zsk) { - RETERR(isc_buffer_printf( + CHECK(isc_buffer_printf( buf, " Key is removed from " "zone.\n")); } } else if (dnskey == HIDDEN && ds == HIDDEN) { if (!zsk) { - RETERR(isc_buffer_printf( + CHECK(isc_buffer_printf( buf, " Key is completely hidden " "(waiting to be purged).\n")); } } else { - RETERR(isc_buffer_printf( + CHECK(isc_buffer_printf( buf, " WARNING: Key is in unexpected " "state, " "performing auto-healing.\n")); @@ -2840,25 +2834,25 @@ rollover_status(dns_dnsseckey_t *dkey, dns_kasp_t *kasp, char timestr[26]; /* Minimal buf as per ctime_r() spec. */ if (now < retire_time) { - RETERR(isc_buffer_printf(buf, " Next rollover " - "scheduled on ")); + CHECK(isc_buffer_printf(buf, " Next rollover " + "scheduled on ")); retire_time = keymgr_prepublication_time( dkey, kasp, retire_time - active_time, now); } else { - RETERR(isc_buffer_printf(buf, " Rollover is " - "due since ")); + CHECK(isc_buffer_printf(buf, " Rollover is " + "due since ")); } isc_stdtime_tostring(retire_time, timestr, sizeof(timestr)); - RETERR(isc_buffer_printf(buf, "%s\n", timestr)); + CHECK(isc_buffer_printf(buf, "%s\n", timestr)); } else { - RETERR(isc_buffer_printf(buf, - " No rollover scheduled.\n")); + CHECK(isc_buffer_printf(buf, + " No rollover scheduled.\n")); } } -failure: +cleanup: return result; } @@ -2886,36 +2880,36 @@ dns_keymgr_status(dns_kasp_t *kasp, dns_dnsseckeylist_t *keyring, // key data dns_secalg_format((dns_secalg_t)dst_key_alg(dkey->key), algstr, sizeof(algstr)); - RETERR(isc_buffer_printf(buf, "\n%s %d (%s):\n", - keymgr_keyrole(dkey->key), - dst_key_id(dkey->key), algstr)); + CHECK(isc_buffer_printf(buf, "\n%s %d (%s):\n", + keymgr_keyrole(dkey->key), + dst_key_id(dkey->key), algstr)); // rollover status - RETERR(rollover_status(dkey, kasp, keyring, now, buf, &verbose, - checkds)); + CHECK(rollover_status(dkey, kasp, keyring, now, buf, &verbose, + checkds)); if (verbose) { // key states - RETERR(isc_buffer_printf(buf, " Key states:\n")); + CHECK(isc_buffer_printf(buf, " Key states:\n")); - RETERR(keystate_status( + CHECK(keystate_status( dkey->key, buf, "goal: ", DST_KEY_GOAL)); - RETERR(keystate_status( + CHECK(keystate_status( dkey->key, buf, "dnskey: ", DST_KEY_DNSKEY)); - RETERR(keystate_status(dkey->key, buf, - "ds: ", DST_KEY_DS)); - RETERR(keystate_status( + CHECK(keystate_status(dkey->key, buf, + "ds: ", DST_KEY_DS)); + CHECK(keystate_status( dkey->key, buf, "zone rrsig: ", DST_KEY_ZRRSIG)); - RETERR(keystate_status( + CHECK(keystate_status( dkey->key, buf, "key rrsig: ", DST_KEY_KRRSIG)); } } -failure: +cleanup: return result; } @@ -3024,15 +3018,13 @@ dns_keymgr_offline(const dns_name_t *origin, dns_dnsseckeylist_t *keyring, dns_keymgr_key_init(dkey, kasp, now, false); /* Get current metadata */ - RETERR(dst_key_getstate(dkey->key, DST_KEY_DNSKEY, - ¤t_dnskey)); - RETERR(dst_key_getstate(dkey->key, DST_KEY_ZRRSIG, - ¤t_zrrsig)); - RETERR(dst_key_getstate(dkey->key, DST_KEY_GOAL, - ¤t_goal)); - RETERR(dst_key_gettime(dkey->key, DST_TIME_PUBLISH, - &published)); - RETERR(dst_key_gettime(dkey->key, DST_TIME_ACTIVATE, &active)); + CHECK(dst_key_getstate(dkey->key, DST_KEY_DNSKEY, + ¤t_dnskey)); + CHECK(dst_key_getstate(dkey->key, DST_KEY_ZRRSIG, + ¤t_zrrsig)); + CHECK(dst_key_getstate(dkey->key, DST_KEY_GOAL, ¤t_goal)); + CHECK(dst_key_gettime(dkey->key, DST_TIME_PUBLISH, &published)); + CHECK(dst_key_gettime(dkey->key, DST_TIME_ACTIVATE, &active)); (void)dst_key_gettime(dkey->key, DST_TIME_INACTIVE, &inactive); (void)dst_key_gettime(dkey->key, DST_TIME_DELETE, &remove); @@ -3136,7 +3128,7 @@ dns_keymgr_offline(const dns_name_t *origin, dns_dnsseckeylist_t *keyring, dns_dnssec_get_hints(dkey, now); - RETERR(dst_key_tofile(dkey->key, options, directory)); + CHECK(dst_key_tofile(dkey->key, options, directory)); dst_key_setmodified(dkey->key, false); if (!isc_log_wouldlog(ISC_LOG_DEBUG(3))) { @@ -3155,7 +3147,7 @@ dns_keymgr_offline(const dns_name_t *origin, dns_dnsseckeylist_t *keyring, result = ISC_R_SUCCESS; -failure: +cleanup: if (isc_log_wouldlog(ISC_LOG_DEBUG(3))) { char namebuf[DNS_NAME_FORMATSIZE]; dns_name_format(origin, namebuf, sizeof(namebuf)); diff --git a/lib/dns/masterdump.c b/lib/dns/masterdump.c index 0ce0a8b936..e86f76396d 100644 --- a/lib/dns/masterdump.c +++ b/lib/dns/masterdump.c @@ -50,19 +50,6 @@ #define DNS_DCTX_MAGIC ISC_MAGIC('D', 'c', 't', 'x') #define DNS_DCTX_VALID(d) ISC_MAGIC_VALID(d, DNS_DCTX_MAGIC) -#define RETERR(x) \ - do { \ - isc_result_t _r = (x); \ - if (_r != ISC_R_SUCCESS) \ - return ((_r)); \ - } while (0) - -#define CHECK(x) \ - do { \ - if ((x) != ISC_R_SUCCESS) \ - goto cleanup; \ - } while (0) - struct dns_master_style { dns_masterstyle_flags_t flags; /* DNS_STYLEFLAG_* */ unsigned int ttl_column; diff --git a/lib/dns/nsec3.c b/lib/dns/nsec3.c index 48a3aede03..164b5f6900 100644 --- a/lib/dns/nsec3.c +++ b/lib/dns/nsec3.c @@ -41,13 +41,6 @@ #include -#define CHECK(x) \ - do { \ - result = (x); \ - if (result != ISC_R_SUCCESS) \ - goto failure; \ - } while (0) - #define OPTOUT(x) (((x) & DNS_NSEC3FLAG_OPTOUT) != 0) #define CREATE(x) (((x) & DNS_NSEC3FLAG_CREATE) != 0) #define INITIAL(x) (((x) & DNS_NSEC3FLAG_INITIAL) != 0) @@ -434,15 +427,12 @@ delnsec3(dns_db_t *db, dns_dbversion_t *version, const dns_name_t *name, dns_difftuple_create(diff->mctx, DNS_DIFFOP_DEL, name, rdataset.ttl, &rdata, &tuple); - result = do_one_tuple(&tuple, db, version, diff); - if (result != ISC_R_SUCCESS) { - goto failure; - } + CHECK(do_one_tuple(&tuple, db, version, diff)); } result = ISC_R_SUCCESS; -failure: +cleanup: dns_rdataset_disassociate(&rdataset); cleanup_node: dns_db_detachnode(&node); @@ -615,7 +605,7 @@ dns_nsec3_addnsec3(dns_db_t *db, dns_dbversion_t *version, } else if (CREATE(nsec3param->flags) && OPTOUT(flags)) { result = dns_nsec3_delnsec3(db, version, name, nsec3param, diff); - goto failure; + goto cleanup; } else { maybe_remove_unsecure = true; } @@ -660,7 +650,7 @@ dns_nsec3_addnsec3(dns_db_t *db, dns_dbversion_t *version, if (OPTOUT(nsec3.flags)) { result = dns_nsec3_delnsec3(db, version, name, nsec3param, diff); - goto failure; + goto cleanup; } goto addnsec3; } else { @@ -670,7 +660,7 @@ dns_nsec3_addnsec3(dns_db_t *db, dns_dbversion_t *version, */ if (OPTOUT(nsec3.flags) && unsecure) { dns_rdataset_disassociate(&rdataset); - goto failure; + goto cleanup; } } @@ -859,7 +849,7 @@ addnsec3: /* result cannot be ISC_R_NOMORE here */ INSIST(result != ISC_R_NOMORE); -failure: +cleanup: if (dbit != NULL) { dns_dbiterator_destroy(&dbit); } @@ -928,7 +918,7 @@ dns_nsec3_addnsec3s(dns_db_t *db, dns_dbversion_t *version, nsecttl, unsecure, diff)); } -failure: +cleanup: if (dns_rdataset_isassociated(&rdataset)) { dns_rdataset_disassociate(&rdataset); } @@ -1001,7 +991,7 @@ rr_exists(dns_db_t *db, dns_dbversion_t *ver, const dns_name_t *name, if (result == ISC_R_NOTFOUND) { *flag = false; result = ISC_R_SUCCESS; - goto failure; + goto cleanup; } bool matched = false; @@ -1016,7 +1006,7 @@ rr_exists(dns_db_t *db, dns_dbversion_t *ver, const dns_name_t *name, dns_rdataset_disassociate(&rdataset); *flag = matched; -failure: +cleanup: if (node != NULL) { dns_db_detachnode(&node); } @@ -1087,9 +1077,7 @@ dns_nsec3param_deletechains(dns_db_t *db, dns_dbversion_t *ver, if (result == ISC_R_NOTFOUND) { goto try_private; } - if (result != ISC_R_SUCCESS) { - goto failure; - } + CHECK(result); DNS_RDATASET_FOREACH(&rdataset) { dns_rdata_t rdata = DNS_RDATA_INIT; @@ -1117,16 +1105,16 @@ dns_nsec3param_deletechains(dns_db_t *db, dns_dbversion_t *ver, try_private: if (privatetype == 0) { - goto success; + result = ISC_R_SUCCESS; + goto cleanup; } result = dns_db_findrdataset(db, node, ver, privatetype, 0, (isc_stdtime_t)0, &rdataset, NULL); if (result == ISC_R_NOTFOUND) { - goto success; - } - if (result != ISC_R_SUCCESS) { - goto failure; + result = ISC_R_SUCCESS; + goto cleanup; } + CHECK(result); DNS_RDATASET_FOREACH(&rdataset) { dns_rdata_t rdata = DNS_RDATA_INIT; @@ -1166,10 +1154,9 @@ try_private: } } -success: result = ISC_R_SUCCESS; -failure: +cleanup: if (dns_rdataset_isassociated(&rdataset)) { dns_rdataset_disassociate(&rdataset); } @@ -1201,7 +1188,7 @@ dns_nsec3_addnsec3sx(dns_db_t *db, dns_dbversion_t *version, result = dns_db_findrdataset(db, node, version, type, 0, 0, &prdataset, NULL); if (result != ISC_R_SUCCESS && result != ISC_R_NOTFOUND) { - goto failure; + CHECK(result); } result = dns_db_findrdataset(db, node, version, @@ -1210,9 +1197,7 @@ dns_nsec3_addnsec3sx(dns_db_t *db, dns_dbversion_t *version, if (result == ISC_R_NOTFOUND) { goto try_private; } - if (result != ISC_R_SUCCESS) { - goto failure; - } + CHECK(result); /* * Update each active NSEC3 chain. @@ -1238,8 +1223,10 @@ dns_nsec3_addnsec3sx(dns_db_t *db, dns_dbversion_t *version, try_private: if (!dns_rdataset_isassociated(&prdataset)) { - goto success; + result = ISC_R_SUCCESS; + goto cleanup; } + /* * Update each active NSEC3 chain. */ @@ -1270,9 +1257,9 @@ try_private: nsecttl, unsecure, diff)); } -success: result = ISC_R_SUCCESS; -failure: + +cleanup: if (dns_rdataset_isassociated(&rdataset)) { dns_rdataset_disassociate(&rdataset); } @@ -1380,9 +1367,7 @@ dns_nsec3_delnsec3(dns_db_t *db, dns_dbversion_t *version, if (result == ISC_R_NOTFOUND || result == DNS_R_PARTIALMATCH) { goto cleanup_orphaned_ents; } - if (result != ISC_R_SUCCESS) { - goto failure; - } + CHECK(result); CHECK(dns_dbiterator_current(dbit, &node, NULL)); CHECK(dns_dbiterator_pause(dbit)); @@ -1392,9 +1377,7 @@ dns_nsec3_delnsec3(dns_db_t *db, dns_dbversion_t *version, if (result == ISC_R_NOTFOUND) { goto cleanup_orphaned_ents; } - if (result != ISC_R_SUCCESS) { - goto failure; - } + CHECK(result); /* * If we find a existing NSEC3 for this chain then save the @@ -1408,7 +1391,8 @@ dns_nsec3_delnsec3(dns_db_t *db, dns_dbversion_t *version, } dns_rdataset_disassociate(&rdataset); if (result == ISC_R_NOTFOUND) { - goto success; + result = ISC_R_SUCCESS; + goto cleanup; } /* @@ -1488,11 +1472,10 @@ cleanup_orphaned_ents: salt_length)); result = dns_dbiterator_seek(dbit, hashname); if (result == ISC_R_NOTFOUND || result == DNS_R_PARTIALMATCH) { - goto success; - } - if (result != ISC_R_SUCCESS) { - goto failure; + result = ISC_R_SUCCESS; + goto cleanup; } + CHECK(result); CHECK(dns_dbiterator_current(dbit, &node, NULL)); CHECK(dns_dbiterator_pause(dbit)); @@ -1501,11 +1484,10 @@ cleanup_orphaned_ents: (isc_stdtime_t)0, &rdataset, NULL); dns_db_detachnode(&node); if (result == ISC_R_NOTFOUND) { - goto success; - } - if (result != ISC_R_SUCCESS) { - goto failure; + result = ISC_R_SUCCESS; + goto cleanup; } + CHECK(result); result = find_nsec3(&nsec3, &rdataset, nsec3param); if (result == ISC_R_SUCCESS) { @@ -1515,7 +1497,8 @@ cleanup_orphaned_ents: } dns_rdataset_disassociate(&rdataset); if (result == ISC_R_NOTFOUND) { - goto success; + result = ISC_R_SUCCESS; + goto cleanup; } pass = 0; @@ -1570,10 +1553,9 @@ cleanup_orphaned_ents: CHECK(delnsec3(db, version, hashname, nsec3param, diff)); } while (1); -success: result = ISC_R_SUCCESS; -failure: +cleanup: if (dbit != NULL) { dns_dbiterator_destroy(&dbit); } @@ -1617,9 +1599,7 @@ dns_nsec3_delnsec3sx(dns_db_t *db, dns_dbversion_t *version, if (result == ISC_R_NOTFOUND) { goto try_private; } - if (result != ISC_R_SUCCESS) { - goto failure; - } + CHECK(result); /* * Update each active NSEC3 chain. @@ -1642,16 +1622,16 @@ dns_nsec3_delnsec3sx(dns_db_t *db, dns_dbversion_t *version, try_private: if (privatetype == 0) { - goto success; + result = ISC_R_SUCCESS; + goto cleanup; } result = dns_db_findrdataset(db, node, version, privatetype, 0, 0, &rdataset, NULL); if (result == ISC_R_NOTFOUND) { - goto success; - } - if (result != ISC_R_SUCCESS) { - goto failure; + result = ISC_R_SUCCESS; + goto cleanup; } + CHECK(result); /* * Update each NSEC3 chain being built. @@ -1682,9 +1662,9 @@ try_private: CHECK(dns_nsec3_delnsec3(db, version, name, &nsec3param, diff)); } -success: result = ISC_R_SUCCESS; -failure: + +cleanup: if (dns_rdataset_isassociated(&rdataset)) { dns_rdataset_disassociate(&rdataset); } diff --git a/lib/dns/openssl_link.c b/lib/dns/openssl_link.c index 9f06b54553..28ef55df60 100644 --- a/lib/dns/openssl_link.c +++ b/lib/dns/openssl_link.c @@ -46,10 +46,10 @@ #include "openssl_shim.h" -#define DST_RET(a) \ - { \ - ret = a; \ - goto err; \ +#define DST_RET(a) \ + { \ + result = a; \ + goto cleanup; \ } static isc_result_t @@ -57,7 +57,7 @@ dst__openssl_fromlabel_provider(int key_base_id, const char *label, const char *pin, EVP_PKEY **ppub, EVP_PKEY **ppriv) { #if OPENSSL_VERSION_NUMBER >= 0x30000000L - isc_result_t ret = DST_R_OPENSSLFAILURE; + isc_result_t result = DST_R_OPENSSLFAILURE; OSSL_STORE_CTX *ctx = NULL; UNUSED(pin); @@ -99,11 +99,11 @@ dst__openssl_fromlabel_provider(int key_base_id, const char *label, OSSL_STORE_INFO_free(info); } if (*ppriv != NULL && *ppub != NULL) { - ret = ISC_R_SUCCESS; + result = ISC_R_SUCCESS; } -err: +cleanup: OSSL_STORE_close(ctx); - return ret; + return result; #else UNUSED(key_base_id); UNUSED(label); diff --git a/lib/dns/opensslecdsa_link.c b/lib/dns/opensslecdsa_link.c index c95050020b..b2f2f2ea7c 100644 --- a/lib/dns/opensslecdsa_link.c +++ b/lib/dns/opensslecdsa_link.c @@ -50,10 +50,10 @@ #define MAX_PRIVKEY_SIZE (MAX_PUBKEY_SIZE / 2) -#define DST_RET(a) \ - { \ - ret = a; \ - goto err; \ +#define DST_RET(a) \ + { \ + result = a; \ + goto cleanup; \ } #if OPENSSL_VERSION_NUMBER >= 0x30200000L @@ -170,7 +170,7 @@ static isc_result_t opensslecdsa_create_pkey_params(unsigned int key_alg, bool private, const unsigned char *key, size_t key_len, EVP_PKEY **pkey) { - isc_result_t ret; + isc_result_t result; int status; int group_nid = opensslecdsa_key_alg_to_group_nid(key_alg); const char *groupname = opensslecdsa_key_alg_to_group_name(key_alg); @@ -269,9 +269,9 @@ opensslecdsa_create_pkey_params(unsigned int key_alg, bool private, DST_R_OPENSSLFAILURE)); } - ret = ISC_R_SUCCESS; + result = ISC_R_SUCCESS; -err: +cleanup: OSSL_PARAM_free(params); OSSL_PARAM_BLD_free(bld); EVP_PKEY_CTX_free(ctx); @@ -279,7 +279,7 @@ err: EC_POINT_free(pubkey); EC_GROUP_free(group); - return ret; + return result; } static bool @@ -310,7 +310,7 @@ static isc_result_t opensslecdsa_create_pkey_legacy(unsigned int key_alg, bool private, const unsigned char *key, size_t key_len, EVP_PKEY **retkey) { - isc_result_t ret = ISC_R_SUCCESS; + isc_result_t result = ISC_R_SUCCESS; EC_KEY *eckey = NULL; EVP_PKEY *pkey = NULL; BIGNUM *privkey = NULL; @@ -365,12 +365,12 @@ opensslecdsa_create_pkey_legacy(unsigned int key_alg, bool private, *retkey = pkey; pkey = NULL; -err: +cleanup: BN_clear_free(privkey); EC_POINT_free(pubkey); EC_KEY_free(eckey); EVP_PKEY_free(pkey); - return ret; + return result; } static bool @@ -419,18 +419,18 @@ static isc_result_t opensslecdsa_create_pkey(unsigned int key_alg, bool private, const unsigned char *key, size_t key_len, EVP_PKEY **retkey) { - isc_result_t ret; + isc_result_t result; #if OPENSSL_VERSION_NUMBER >= 0x30000000L - ret = opensslecdsa_create_pkey_params(key_alg, private, key, key_len, - retkey); - if (ret != ISC_R_FAILURE) { - return ret; + result = opensslecdsa_create_pkey_params(key_alg, private, key, key_len, + retkey); + if (result != ISC_R_FAILURE) { + return result; } #else - ret = opensslecdsa_create_pkey_legacy(key_alg, private, key, key_len, - retkey); - if (ret == ISC_R_SUCCESS) { - return ret; + result = opensslecdsa_create_pkey_legacy(key_alg, private, key, key_len, + retkey); + if (result == ISC_R_SUCCESS) { + return result; } #endif return DST_R_OPENSSLFAILURE; @@ -442,7 +442,7 @@ static isc_result_t opensslecdsa_generate_pkey_with_uri(int group_nid, const char *label, EVP_PKEY **retkey) { int status; - isc_result_t ret; + isc_result_t result; char *uri = UNCONST(label); EVP_PKEY_CTX *ctx = NULL; OSSL_PARAM params[3]; @@ -490,17 +490,17 @@ opensslecdsa_generate_pkey_with_uri(int group_nid, const char *label, DST_R_OPENSSLFAILURE)); } - ret = ISC_R_SUCCESS; + result = ISC_R_SUCCESS; -err: +cleanup: EVP_PKEY_CTX_free(ctx); - return ret; + return result; } static isc_result_t opensslecdsa_generate_pkey(unsigned int key_alg, const char *label, EVP_PKEY **retkey) { - isc_result_t ret; + isc_result_t result; EVP_PKEY_CTX *ctx = NULL; EVP_PKEY *params_pkey = NULL; int group_nid = opensslecdsa_key_alg_to_group_nid(key_alg); @@ -552,12 +552,12 @@ opensslecdsa_generate_pkey(unsigned int key_alg, const char *label, DST_RET(dst__openssl_toresult2("EVP_PKEY_keygen", DST_R_OPENSSLFAILURE)); } - ret = ISC_R_SUCCESS; + result = ISC_R_SUCCESS; -err: +cleanup: EVP_PKEY_free(params_pkey); EVP_PKEY_CTX_free(ctx); - return ret; + return result; } static isc_result_t @@ -594,7 +594,7 @@ opensslecdsa_extract_private_key(const dst_key_t *key, unsigned char *buf, static isc_result_t opensslecdsa_generate_pkey(unsigned int key_alg, const char *label, EVP_PKEY **retkey) { - isc_result_t ret; + isc_result_t result; EC_KEY *eckey = NULL; EVP_PKEY *pkey = NULL; int group_nid; @@ -624,12 +624,12 @@ opensslecdsa_generate_pkey(unsigned int key_alg, const char *label, } *retkey = pkey; pkey = NULL; - ret = ISC_R_SUCCESS; + result = ISC_R_SUCCESS; -err: +cleanup: EC_KEY_free(eckey); EVP_PKEY_free(pkey); - return ret; + return result; } static isc_result_t @@ -676,7 +676,7 @@ opensslecdsa_extract_private_key(const dst_key_t *key, unsigned char *buf, static isc_result_t opensslecdsa_createctx(dst_key_t *key, dst_context_t *dctx) { - isc_result_t ret = ISC_R_SUCCESS; + isc_result_t result = ISC_R_SUCCESS; EVP_MD_CTX *evp_md_ctx; EVP_PKEY_CTX *pctx = NULL; const EVP_MD *type = NULL; @@ -707,11 +707,8 @@ opensslecdsa_createctx(dst_key_t *key, dst_context_t *dctx) { #if OPENSSL_VERSION_NUMBER >= 0x30200000L if (!isc_crypto_fips_mode()) { - ret = opensslecdsa_set_deterministic( - pctx, dctx->key->key_alg); - if (ret != ISC_R_SUCCESS) { - goto err; - } + CHECK(opensslecdsa_set_deterministic( + pctx, dctx->key->key_alg)); } #endif /* OPENSSL_VERSION_NUMBER >= 0x30200000L */ @@ -728,8 +725,8 @@ opensslecdsa_createctx(dst_key_t *key, dst_context_t *dctx) { dctx->ctxdata.evp_md_ctx = evp_md_ctx; -err: - return ret; +cleanup: + return result; } static void @@ -747,7 +744,7 @@ opensslecdsa_destroyctx(dst_context_t *dctx) { static isc_result_t opensslecdsa_adddata(dst_context_t *dctx, const isc_region_t *data) { - isc_result_t ret = ISC_R_SUCCESS; + isc_result_t result = ISC_R_SUCCESS; EVP_MD_CTX *evp_md_ctx = dctx->ctxdata.evp_md_ctx; REQUIRE(opensslecdsa_valid_key_alg(dctx->key->key_alg)); @@ -771,13 +768,13 @@ opensslecdsa_adddata(dst_context_t *dctx, const isc_region_t *data) { } } -err: - return ret; +cleanup: + return result; } static isc_result_t opensslecdsa_sign(dst_context_t *dctx, isc_buffer_t *sig) { - isc_result_t ret; + isc_result_t result; dst_key_t *key = dctx->key; isc_region_t region; EVP_MD_CTX *evp_md_ctx = dctx->ctxdata.evp_md_ctx; @@ -827,19 +824,19 @@ opensslecdsa_sign(dst_context_t *dctx, isc_buffer_t *sig) { isc_region_consume(®ion, siglen / 2); ECDSA_SIG_free(ecdsasig); isc_buffer_add(sig, siglen); - ret = ISC_R_SUCCESS; + result = ISC_R_SUCCESS; -err: +cleanup: if (sigder != NULL && sigder_alloced != 0) { isc_mem_put(dctx->mctx, sigder, sigder_alloced); } - return ret; + return result; } static isc_result_t opensslecdsa_verify(dst_context_t *dctx, const isc_region_t *sig) { - isc_result_t ret; + isc_result_t result; dst_key_t *key = dctx->key; int status; unsigned char *cp = sig->base; @@ -894,19 +891,19 @@ opensslecdsa_verify(dst_context_t *dctx, const isc_region_t *sig) { switch (status) { case 1: - ret = ISC_R_SUCCESS; + result = ISC_R_SUCCESS; break; case 0: - ret = dst__openssl_toresult(DST_R_VERIFYFAILURE); + result = dst__openssl_toresult(DST_R_VERIFYFAILURE); break; default: - ret = dst__openssl_toresult3(dctx->category, - "EVP_DigestVerifyFinal", - DST_R_VERIFYFAILURE); + result = dst__openssl_toresult3(dctx->category, + "EVP_DigestVerifyFinal", + DST_R_VERIFYFAILURE); break; } -err: +cleanup: if (ecdsasig != NULL) { ECDSA_SIG_free(ecdsasig); } @@ -914,7 +911,7 @@ err: isc_mem_put(dctx->mctx, sigder, sigder_alloced); } - return ret; + return result; } static isc_result_t @@ -939,7 +936,7 @@ opensslecdsa_generate(dst_key_t *key, int unused, void (*callback)(int)) { static isc_result_t opensslecdsa_todns(const dst_key_t *key, isc_buffer_t *data) { - isc_result_t ret; + isc_result_t result; isc_region_t r; size_t keysize; @@ -956,15 +953,15 @@ opensslecdsa_todns(const dst_key_t *key, isc_buffer_t *data) { } isc_buffer_add(data, keysize); - ret = ISC_R_SUCCESS; + result = ISC_R_SUCCESS; -err: - return ret; +cleanup: + return result; } static isc_result_t opensslecdsa_fromdns(dst_key_t *key, isc_buffer_t *data) { - isc_result_t ret; + isc_result_t result; EVP_PKEY *pkey = NULL; isc_region_t r; size_t len; @@ -980,23 +977,21 @@ opensslecdsa_fromdns(dst_key_t *key, isc_buffer_t *data) { DST_RET(DST_R_INVALIDPUBLICKEY); } - ret = opensslecdsa_create_pkey(key->key_alg, false, r.base, len, &pkey); - if (ret != ISC_R_SUCCESS) { - DST_RET(ret); - } + CHECK(opensslecdsa_create_pkey(key->key_alg, false, r.base, len, + &pkey)); isc_buffer_forward(data, len); key->key_size = EVP_PKEY_bits(pkey); key->keydata.pkeypair.pub = pkey; - ret = ISC_R_SUCCESS; + result = ISC_R_SUCCESS; -err: - return ret; +cleanup: + return result; } static isc_result_t opensslecdsa_tofile(const dst_key_t *key, const char *directory) { - isc_result_t ret; + isc_result_t result; dst_private_t priv; unsigned char buf[MAX_PRIVKEY_SIZE]; size_t keylen = 0; @@ -1035,11 +1030,11 @@ opensslecdsa_tofile(const dst_key_t *key, const char *directory) { } priv.nelements = i; - ret = dst__privstruct_writefile(key, &priv, directory); + result = dst__privstruct_writefile(key, &priv, directory); -err: +cleanup: isc_safe_memwipe(buf, keylen); - return ret; + return result; } static isc_result_t @@ -1048,7 +1043,7 @@ opensslecdsa_fromlabel(dst_key_t *key, const char *label, const char *pin); static isc_result_t opensslecdsa_parse(dst_key_t *key, isc_lex_t *lexer, dst_key_t *pub) { dst_private_t priv; - isc_result_t ret; + isc_result_t result; EVP_PKEY *pkey = NULL; const char *label = NULL; int i, privkey_index = -1; @@ -1056,11 +1051,8 @@ opensslecdsa_parse(dst_key_t *key, isc_lex_t *lexer, dst_key_t *pub) { REQUIRE(opensslecdsa_valid_key_alg(key->key_alg)); /* read private key file */ - ret = dst__privstruct_parse(key, DST_ALG_ECDSA256, lexer, key->mctx, - &priv); - if (ret != ISC_R_SUCCESS) { - goto err; - } + CHECK(dst__privstruct_parse(key, DST_ALG_ECDSA256, lexer, key->mctx, + &priv)); if (key->external) { if (priv.nelements != 0 || pub == NULL) { @@ -1090,10 +1082,7 @@ opensslecdsa_parse(dst_key_t *key, isc_lex_t *lexer, dst_key_t *pub) { } if (label != NULL) { - ret = opensslecdsa_fromlabel(key, label, NULL); - if (ret != ISC_R_SUCCESS) { - goto err; - } + CHECK(opensslecdsa_fromlabel(key, label, NULL)); /* Check that the public component matches if given */ if (pub != NULL && EVP_PKEY_eq(key->keydata.pkeypair.pub, pub->keydata.pkeypair.pub) != 1) @@ -1107,12 +1096,9 @@ opensslecdsa_parse(dst_key_t *key, isc_lex_t *lexer, dst_key_t *pub) { DST_RET(dst__openssl_toresult(DST_R_INVALIDPRIVATEKEY)); } - ret = opensslecdsa_create_pkey( + CHECK(opensslecdsa_create_pkey( key->key_alg, true, priv.elements[privkey_index].data, - priv.elements[privkey_index].length, &pkey); - if (ret != ISC_R_SUCCESS) { - goto err; - } + priv.elements[privkey_index].length, &pkey)); /* Check that the public component matches if given */ if (pub != NULL && EVP_PKEY_eq(pkey, pub->keydata.pkeypair.pub) != 1) { @@ -1124,39 +1110,30 @@ opensslecdsa_parse(dst_key_t *key, isc_lex_t *lexer, dst_key_t *pub) { key->keydata.pkeypair.pub = pkey; pkey = NULL; -err: +cleanup: EVP_PKEY_free(pkey); - if (ret != ISC_R_SUCCESS) { + if (result != ISC_R_SUCCESS) { key->keydata.generic = NULL; } dst__privstruct_free(&priv, key->mctx); isc_safe_memwipe(&priv, sizeof(priv)); - return ret; + return result; } static isc_result_t opensslecdsa_fromlabel(dst_key_t *key, const char *label, const char *pin) { EVP_PKEY *privpkey = NULL, *pubpkey = NULL; - isc_result_t ret; + isc_result_t result; REQUIRE(opensslecdsa_valid_key_alg(key->key_alg)); UNUSED(pin); - ret = dst__openssl_fromlabel(EVP_PKEY_EC, label, pin, &pubpkey, - &privpkey); - if (ret != ISC_R_SUCCESS) { - goto err; - } + CHECK(dst__openssl_fromlabel(EVP_PKEY_EC, label, pin, &pubpkey, + &privpkey)); - ret = opensslecdsa_validate_pkey_group(key->key_alg, privpkey); - if (ret != ISC_R_SUCCESS) { - goto err; - } - ret = opensslecdsa_validate_pkey_group(key->key_alg, pubpkey); - if (ret != ISC_R_SUCCESS) { - goto err; - } + CHECK(opensslecdsa_validate_pkey_group(key->key_alg, privpkey)); + CHECK(opensslecdsa_validate_pkey_group(key->key_alg, pubpkey)); key->label = isc_mem_strdup(key->mctx, label); key->key_size = EVP_PKEY_bits(privpkey); @@ -1165,10 +1142,10 @@ opensslecdsa_fromlabel(dst_key_t *key, const char *label, const char *pin) { privpkey = NULL; pubpkey = NULL; -err: +cleanup: EVP_PKEY_free(privpkey); EVP_PKEY_free(pubpkey); - return ret; + return result; } static dst_func_t opensslecdsa_functions = { diff --git a/lib/dns/openssleddsa_link.c b/lib/dns/openssleddsa_link.c index fd383f688b..ea164be6f9 100644 --- a/lib/dns/openssleddsa_link.c +++ b/lib/dns/openssleddsa_link.c @@ -33,10 +33,10 @@ #include "dst_parse.h" #include "openssl_shim.h" -#define DST_RET(a) \ - { \ - ret = a; \ - goto err; \ +#define DST_RET(a) \ + { \ + result = a; \ + goto cleanup; \ } #ifndef NID_ED25519 @@ -82,13 +82,13 @@ openssleddsa_alg_info(unsigned int key_alg) { static isc_result_t raw_key_to_ossl(const eddsa_alginfo_t *alginfo, int private, const unsigned char *key, size_t *key_len, EVP_PKEY **pkey) { - isc_result_t ret; + isc_result_t result; int pkey_type = alginfo->pkey_type; size_t len = alginfo->key_size; - ret = (private ? DST_R_INVALIDPRIVATEKEY : DST_R_INVALIDPUBLICKEY); + result = (private ? DST_R_INVALIDPRIVATEKEY : DST_R_INVALIDPUBLICKEY); if (*key_len < len) { - return ret; + return result; } if (private) { @@ -97,7 +97,7 @@ raw_key_to_ossl(const eddsa_alginfo_t *alginfo, int private, *pkey = EVP_PKEY_new_raw_public_key(pkey_type, NULL, key, len); } if (*pkey == NULL) { - return dst__openssl_toresult(ret); + return dst__openssl_toresult(result); } *key_len = len; @@ -165,7 +165,7 @@ openssleddsa_adddata(dst_context_t *dctx, const isc_region_t *data) { static isc_result_t openssleddsa_sign(dst_context_t *dctx, isc_buffer_t *sig) { - isc_result_t ret; + isc_result_t result; dst_key_t *key = dctx->key; isc_region_t tbsreg; isc_region_t sigreg; @@ -200,19 +200,19 @@ openssleddsa_sign(dst_context_t *dctx, isc_buffer_t *sig) { DST_R_SIGNFAILURE)); } isc_buffer_add(sig, (unsigned int)siglen); - ret = ISC_R_SUCCESS; + result = ISC_R_SUCCESS; -err: +cleanup: EVP_MD_CTX_free(ctx); isc_buffer_free(&buf); dctx->ctxdata.generic = NULL; - return ret; + return result; } static isc_result_t openssleddsa_verify(dst_context_t *dctx, const isc_region_t *sig) { - isc_result_t ret; + isc_result_t result; dst_key_t *key = dctx->key; int status; isc_region_t tbsreg; @@ -243,28 +243,29 @@ openssleddsa_verify(dst_context_t *dctx, const isc_region_t *sig) { switch (status) { case 1: - ret = ISC_R_SUCCESS; + result = ISC_R_SUCCESS; break; case 0: - ret = dst__openssl_toresult(DST_R_VERIFYFAILURE); + result = dst__openssl_toresult(DST_R_VERIFYFAILURE); break; default: - ret = dst__openssl_toresult3(dctx->category, "EVP_DigestVerify", - DST_R_VERIFYFAILURE); + result = dst__openssl_toresult3(dctx->category, + "EVP_DigestVerify", + DST_R_VERIFYFAILURE); break; } -err: +cleanup: EVP_MD_CTX_free(ctx); isc_buffer_free(&buf); dctx->ctxdata.generic = NULL; - return ret; + return result; } static isc_result_t openssleddsa_generate(dst_key_t *key, int unused, void (*callback)(int)) { - isc_result_t ret; + isc_result_t result; EVP_PKEY *pkey = NULL; EVP_PKEY_CTX *ctx = NULL; const eddsa_alginfo_t *alginfo = openssleddsa_alg_info(key->key_alg); @@ -295,11 +296,11 @@ openssleddsa_generate(dst_key_t *key, int unused, void (*callback)(int)) { key->key_size = alginfo->key_size * 8; key->keydata.pkeypair.priv = pkey; key->keydata.pkeypair.pub = pkey; - ret = ISC_R_SUCCESS; + result = ISC_R_SUCCESS; -err: +cleanup: EVP_PKEY_CTX_free(ctx); - return ret; + return result; } static isc_result_t @@ -356,7 +357,7 @@ openssleddsa_fromdns(dst_key_t *key, isc_buffer_t *data) { static isc_result_t openssleddsa_tofile(const dst_key_t *key, const char *directory) { const eddsa_alginfo_t *alginfo = openssleddsa_alg_info(key->key_alg); - isc_result_t ret; + isc_result_t result; dst_private_t priv; unsigned char *buf = NULL; size_t len; @@ -397,20 +398,20 @@ openssleddsa_tofile(const dst_key_t *key, const char *directory) { } priv.nelements = i; - ret = dst__privstruct_writefile(key, &priv, directory); + result = dst__privstruct_writefile(key, &priv, directory); -err: +cleanup: if (buf != NULL) { isc_mem_put(key->mctx, buf, len); } - return ret; + return result; } static isc_result_t openssleddsa_parse(dst_key_t *key, isc_lex_t *lexer, dst_key_t *pub) { const eddsa_alginfo_t *alginfo = openssleddsa_alg_info(key->key_alg); dst_private_t priv; - isc_result_t ret; + isc_result_t result; int i, privkey_index = -1; const char *label = NULL; EVP_PKEY *pkey = NULL; @@ -420,10 +421,7 @@ openssleddsa_parse(dst_key_t *key, isc_lex_t *lexer, dst_key_t *pub) { REQUIRE(alginfo != NULL); /* read private key file */ - ret = dst__privstruct_parse(key, DST_ALG_ED25519, lexer, mctx, &priv); - if (ret != ISC_R_SUCCESS) { - goto err; - } + CHECK(dst__privstruct_parse(key, DST_ALG_ED25519, lexer, mctx, &priv)); if (key->external) { if (priv.nelements != 0) { @@ -456,10 +454,7 @@ openssleddsa_parse(dst_key_t *key, isc_lex_t *lexer, dst_key_t *pub) { } if (label != NULL) { - ret = openssleddsa_fromlabel(key, label, NULL); - if (ret != ISC_R_SUCCESS) { - goto err; - } + CHECK(openssleddsa_fromlabel(key, label, NULL)); /* Check that the public component matches if given */ if (pub != NULL && EVP_PKEY_eq(key->keydata.pkeypair.pub, pub->keydata.pkeypair.pub) != 1) @@ -474,11 +469,8 @@ openssleddsa_parse(dst_key_t *key, isc_lex_t *lexer, dst_key_t *pub) { } len = priv.elements[privkey_index].length; - ret = raw_key_to_ossl(alginfo, 1, priv.elements[privkey_index].data, - &len, &pkey); - if (ret != ISC_R_SUCCESS) { - goto err; - } + CHECK(raw_key_to_ossl(alginfo, 1, priv.elements[privkey_index].data, + &len, &pkey)); /* Check that the public component matches if given */ if (pub != NULL && EVP_PKEY_eq(pkey, pub->keydata.pkeypair.pub) != 1) { DST_RET(DST_R_INVALIDPRIVATEKEY); @@ -488,29 +480,26 @@ openssleddsa_parse(dst_key_t *key, isc_lex_t *lexer, dst_key_t *pub) { key->keydata.pkeypair.pub = pkey; key->key_size = len * 8; pkey = NULL; - ret = ISC_R_SUCCESS; + result = ISC_R_SUCCESS; -err: +cleanup: EVP_PKEY_free(pkey); dst__privstruct_free(&priv, mctx); isc_safe_memwipe(&priv, sizeof(priv)); - return ret; + return result; } static isc_result_t openssleddsa_fromlabel(dst_key_t *key, const char *label, const char *pin) { const eddsa_alginfo_t *alginfo = openssleddsa_alg_info(key->key_alg); EVP_PKEY *privpkey = NULL, *pubpkey = NULL; - isc_result_t ret; + isc_result_t result; REQUIRE(alginfo != NULL); UNUSED(pin); - ret = dst__openssl_fromlabel(alginfo->pkey_type, label, pin, &pubpkey, - &privpkey); - if (ret != ISC_R_SUCCESS) { - goto err; - } + CHECK(dst__openssl_fromlabel(alginfo->pkey_type, label, pin, &pubpkey, + &privpkey)); key->label = isc_mem_strdup(key->mctx, label); key->key_size = EVP_PKEY_bits(privpkey); @@ -519,10 +508,10 @@ openssleddsa_fromlabel(dst_key_t *key, const char *label, const char *pin) { privpkey = NULL; pubpkey = NULL; -err: +cleanup: EVP_PKEY_free(privpkey); EVP_PKEY_free(pubpkey); - return ret; + return result; } static dst_func_t openssleddsa_functions = { @@ -578,7 +567,7 @@ check_algorithm(unsigned char algorithm) { const unsigned char *key = NULL; const unsigned char *sig = NULL; const unsigned char test[] = "test"; - isc_result_t ret = ISC_R_SUCCESS; + isc_result_t result = ISC_R_SUCCESS; size_t key_len, sig_len; if (evp_md_ctx == NULL) { @@ -607,10 +596,7 @@ check_algorithm(unsigned char algorithm) { } INSIST(alginfo != NULL); - ret = raw_key_to_ossl(alginfo, 0, key, &key_len, &pkey); - if (ret != ISC_R_SUCCESS) { - goto err; - } + CHECK(raw_key_to_ossl(alginfo, 0, key, &key_len, &pkey)); /* * Check that we can verify the signature. @@ -622,7 +608,7 @@ check_algorithm(unsigned char algorithm) { DST_RET(ISC_R_NOTIMPLEMENTED); } -err: +cleanup: if (pkey != NULL) { EVP_PKEY_free(pkey); } @@ -630,7 +616,7 @@ err: EVP_MD_CTX_destroy(evp_md_ctx); } ERR_clear_error(); - return ret; + return result; } void diff --git a/lib/dns/opensslrsa_link.c b/lib/dns/opensslrsa_link.c index e31ba6b15d..57c82baa1e 100644 --- a/lib/dns/opensslrsa_link.c +++ b/lib/dns/opensslrsa_link.c @@ -37,10 +37,10 @@ #include "dst_parse.h" #include "openssl_shim.h" -#define DST_RET(a) \ - { \ - ret = a; \ - goto err; \ +#define DST_RET(a) \ + { \ + result = a; \ + goto cleanup; \ } #define OPENSSLRSA_MAX_MODULUS_BITS 4096 @@ -428,7 +428,7 @@ opensslrsa_generate_pkey(unsigned int key_size, const char *label, BIGNUM *e, RSA *rsa = NULL; EVP_PKEY *pkey = NULL; BN_GENCB *cb = NULL; - isc_result_t ret; + isc_result_t result; UNUSED(label); @@ -456,18 +456,18 @@ opensslrsa_generate_pkey(unsigned int key_size, const char *label, BIGNUM *e, } *retkey = pkey; pkey = NULL; - ret = ISC_R_SUCCESS; + result = ISC_R_SUCCESS; -err: +cleanup: EVP_PKEY_free(pkey); RSA_free(rsa); BN_GENCB_free(cb); - return ret; + return result; } static isc_result_t opensslrsa_build_pkey(bool private, rsa_components_t *c, EVP_PKEY **retpkey) { - isc_result_t ret; + isc_result_t result; EVP_PKEY *pkey = NULL; RSA *rsa = RSA_new(); int status; @@ -532,13 +532,13 @@ opensslrsa_build_pkey(bool private, rsa_components_t *c, EVP_PKEY **retpkey) { *retpkey = pkey; pkey = NULL; - ret = ISC_R_SUCCESS; + result = ISC_R_SUCCESS; -err: +cleanup: EVP_PKEY_free(pkey); RSA_free(rsa); opensslrsa_components_free(c); - return ret; + return result; } #else static int @@ -559,7 +559,7 @@ opensslrsa_generate_pkey_with_uri(size_t key_size, const char *label, EVP_PKEY_CTX *ctx = NULL; OSSL_PARAM params[4]; char *uri = UNCONST(label); - isc_result_t ret; + isc_result_t result; int status; params[0] = OSSL_PARAM_construct_utf8_string("pkcs11_uri", uri, 0); @@ -592,17 +592,17 @@ opensslrsa_generate_pkey_with_uri(size_t key_size, const char *label, DST_R_OPENSSLFAILURE)); } - ret = ISC_R_SUCCESS; -err: + result = ISC_R_SUCCESS; +cleanup: EVP_PKEY_CTX_free(ctx); - return ret; + return result; } static isc_result_t opensslrsa_generate_pkey(unsigned int key_size, const char *label, BIGNUM *e, void (*callback)(int), EVP_PKEY **retkey) { EVP_PKEY_CTX *ctx; - isc_result_t ret; + isc_result_t result; if (label != NULL) { return opensslrsa_generate_pkey_with_uri(key_size, label, @@ -635,15 +635,15 @@ opensslrsa_generate_pkey(unsigned int key_size, const char *label, BIGNUM *e, DST_RET(dst__openssl_toresult2("EVP_PKEY_keygen", DST_R_OPENSSLFAILURE)); } - ret = ISC_R_SUCCESS; -err: + result = ISC_R_SUCCESS; +cleanup: EVP_PKEY_CTX_free(ctx); - return ret; + return result; } static isc_result_t opensslrsa_build_pkey(bool private, rsa_components_t *c, EVP_PKEY **retpkey) { - isc_result_t ret; + isc_result_t result; int status; OSSL_PARAM_BLD *bld = NULL; OSSL_PARAM *params = NULL; @@ -724,19 +724,19 @@ opensslrsa_build_pkey(bool private, rsa_components_t *c, EVP_PKEY **retpkey) { DST_RET(dst__openssl_toresult2("EVP_PKEY_fromdata", DST_R_OPENSSLFAILURE)); } - ret = ISC_R_SUCCESS; + result = ISC_R_SUCCESS; -err: +cleanup: EVP_PKEY_CTX_free(ctx); OSSL_PARAM_free(params); OSSL_PARAM_BLD_free(bld); - return ret; + return result; } #endif /* OPENSSL_VERSION_NUMBER < 0x30000000L */ static isc_result_t opensslrsa_generate(dst_key_t *key, int unused, void (*callback)(int)) { - isc_result_t ret; + isc_result_t result; BIGNUM *e = BN_new(); EVP_PKEY *pkey = NULL; @@ -779,21 +779,18 @@ opensslrsa_generate(dst_key_t *key, int unused, void (*callback)(int)) { BN_set_bit(e, 0); BN_set_bit(e, 16); - ret = opensslrsa_generate_pkey(key->key_size, key->label, e, callback, - &pkey); - if (ret != ISC_R_SUCCESS) { - goto err; - } + CHECK(opensslrsa_generate_pkey(key->key_size, key->label, e, callback, + &pkey)); key->keydata.pkeypair.pub = pkey; key->keydata.pkeypair.priv = pkey; pkey = NULL; - ret = ISC_R_SUCCESS; + result = ISC_R_SUCCESS; -err: +cleanup: EVP_PKEY_free(pkey); BN_free(e); - return ret; + return result; } static isc_result_t @@ -801,7 +798,7 @@ opensslrsa_todns(const dst_key_t *key, isc_buffer_t *data) { isc_region_t r; unsigned int e_bytes; unsigned int mod_bytes; - isc_result_t ret; + isc_result_t result; rsa_components_t c = { 0 }; REQUIRE(key->keydata.pkeypair.pub != NULL); @@ -828,10 +825,7 @@ opensslrsa_todns(const dst_key_t *key, isc_buffer_t *data) { break; } - ret = opensslrsa_components_get(key, &c, false); - if (ret != ISC_R_SUCCESS) { - goto err; - } + CHECK(opensslrsa_components_get(key, &c, false)); mod_bytes = BN_num_bytes(c.n); e_bytes = BN_num_bytes(c.e); @@ -862,15 +856,15 @@ opensslrsa_todns(const dst_key_t *key, isc_buffer_t *data) { isc_buffer_add(data, e_bytes + mod_bytes); - ret = ISC_R_SUCCESS; -err: + result = ISC_R_SUCCESS; +cleanup: opensslrsa_components_free(&c); - return ret; + return result; } static isc_result_t opensslrsa_fromdns(dst_key_t *key, isc_buffer_t *data) { - isc_result_t ret; + isc_result_t result; isc_region_t r; unsigned int e_bytes; unsigned int length; @@ -937,16 +931,16 @@ opensslrsa_fromdns(dst_key_t *key, isc_buffer_t *data) { isc_buffer_forward(data, length); key->key_size = BN_num_bits(c.n); - ret = opensslrsa_build_pkey(false, &c, &key->keydata.pkeypair.pub); + result = opensslrsa_build_pkey(false, &c, &key->keydata.pkeypair.pub); -err: +cleanup: opensslrsa_components_free(&c); - return ret; + return result; } static isc_result_t opensslrsa_tofile(const dst_key_t *key, const char *directory) { - isc_result_t ret; + isc_result_t result; dst_private_t priv = { 0 }; unsigned char *bufs[8] = { NULL }; unsigned short i = 0; @@ -956,10 +950,7 @@ opensslrsa_tofile(const dst_key_t *key, const char *directory) { return dst__privstruct_writefile(key, &priv, directory); } - ret = opensslrsa_components_get(key, &c, true); - if (ret != ISC_R_SUCCESS) { - goto err; - } + CHECK(opensslrsa_components_get(key, &c, true)); priv.elements[i].tag = TAG_RSA_MODULUS; priv.elements[i].length = BN_num_bytes(c.n); @@ -1044,9 +1035,9 @@ opensslrsa_tofile(const dst_key_t *key, const char *directory) { } priv.nelements = i; - ret = dst__privstruct_writefile(key, &priv, directory); + result = dst__privstruct_writefile(key, &priv, directory); -err: +cleanup: for (i = 0; i < ARRAY_SIZE(bufs); i++) { if (bufs[i] != NULL) { isc_mem_put(key->mctx, bufs[i], @@ -1055,7 +1046,7 @@ err: } opensslrsa_components_free(&c); - return ret; + return result; } static isc_result_t @@ -1064,7 +1055,7 @@ opensslrsa_fromlabel(dst_key_t *key, const char *label, const char *pin); static isc_result_t opensslrsa_parse(dst_key_t *key, isc_lex_t *lexer, dst_key_t *pub) { dst_private_t priv; - isc_result_t ret; + isc_result_t result; int i; isc_mem_t *mctx = NULL; const char *label = NULL; @@ -1077,10 +1068,7 @@ opensslrsa_parse(dst_key_t *key, isc_lex_t *lexer, dst_key_t *pub) { mctx = key->mctx; /* read private key file */ - ret = dst__privstruct_parse(key, DST_ALG_RSA, lexer, mctx, &priv); - if (ret != ISC_R_SUCCESS) { - goto err; - } + CHECK(dst__privstruct_parse(key, DST_ALG_RSA, lexer, mctx, &priv)); if (key->external) { if (priv.nelements != 0 || pub == NULL) { @@ -1112,10 +1100,7 @@ opensslrsa_parse(dst_key_t *key, isc_lex_t *lexer, dst_key_t *pub) { * See if we can fetch it. */ if (label != NULL) { - ret = opensslrsa_fromlabel(key, label, NULL); - if (ret != ISC_R_SUCCESS) { - DST_RET(ret); - } + CHECK(opensslrsa_fromlabel(key, label, NULL)); /* Check that the public component matches if given */ if (pub != NULL && EVP_PKEY_eq(key->keydata.pkeypair.pub, pub->keydata.pkeypair.pub) != 1) @@ -1178,10 +1163,7 @@ opensslrsa_parse(dst_key_t *key, isc_lex_t *lexer, dst_key_t *pub) { } key->key_size = BN_num_bits(c.n); - ret = opensslrsa_build_pkey(true, &c, &pkey); - if (ret != ISC_R_SUCCESS) { - goto err; - } + CHECK(opensslrsa_build_pkey(true, &c, &pkey)); /* Check that the public component matches if given */ if (pub != NULL && EVP_PKEY_eq(pkey, pub->keydata.pkeypair.pub) != 1) { @@ -1192,29 +1174,26 @@ opensslrsa_parse(dst_key_t *key, isc_lex_t *lexer, dst_key_t *pub) { key->keydata.pkeypair.priv = pkey; pkey = NULL; -err: +cleanup: opensslrsa_components_free(&c); EVP_PKEY_free(pkey); - if (ret != ISC_R_SUCCESS) { + if (result != ISC_R_SUCCESS) { key->keydata.generic = NULL; } dst__privstruct_free(&priv, mctx); isc_safe_memwipe(&priv, sizeof(priv)); - return ret; + return result; } static isc_result_t opensslrsa_fromlabel(dst_key_t *key, const char *label, const char *pin) { EVP_PKEY *privpkey = NULL, *pubpkey = NULL; - isc_result_t ret; + isc_result_t result; - ret = dst__openssl_fromlabel(EVP_PKEY_RSA, label, pin, &pubpkey, - &privpkey); - if (ret != ISC_R_SUCCESS) { - goto err; - } + CHECK(dst__openssl_fromlabel(EVP_PKEY_RSA, label, pin, &pubpkey, + &privpkey)); if (!opensslrsa_check_exponent_bits(pubpkey, RSA_MAX_PUBEXP_BITS)) { DST_RET(ISC_R_RANGE); @@ -1227,10 +1206,10 @@ opensslrsa_fromlabel(dst_key_t *key, const char *label, const char *pin) { privpkey = NULL; pubpkey = NULL; -err: +cleanup: EVP_PKEY_free(privpkey); EVP_PKEY_free(pubpkey); - return ret; + return result; } static dst_func_t opensslrsa_functions = { @@ -1333,7 +1312,7 @@ check_algorithm(unsigned short algorithm) { EVP_PKEY *pkey = NULL; const EVP_MD *type = NULL; const unsigned char *sig = NULL; - isc_result_t ret = ISC_R_SUCCESS; + isc_result_t result = ISC_R_SUCCESS; size_t len; switch (algorithm) { @@ -1365,8 +1344,8 @@ check_algorithm(unsigned short algorithm) { c.e = BN_bin2bn(e_bytes, sizeof(e_bytes) - 1, NULL); c.n = BN_bin2bn(n_bytes, sizeof(n_bytes) - 1, NULL); - ret = opensslrsa_build_pkey(false, &c, &pkey); - INSIST(ret == ISC_R_SUCCESS); + result = opensslrsa_build_pkey(false, &c, &pkey); + INSIST(result == ISC_R_SUCCESS); /* * Check that we can verify the signature. @@ -1378,12 +1357,12 @@ check_algorithm(unsigned short algorithm) { DST_RET(ISC_R_NOTIMPLEMENTED); } -err: +cleanup: opensslrsa_components_free(&c); EVP_PKEY_free(pkey); EVP_MD_CTX_destroy(evp_md_ctx); ERR_clear_error(); - return ret; + return result; } void diff --git a/lib/dns/private.c b/lib/dns/private.c index 41b854f3d8..60ed1041f8 100644 --- a/lib/dns/private.c +++ b/lib/dns/private.c @@ -43,13 +43,6 @@ #define INITIAL(x) (((x) & DNS_NSEC3FLAG_INITIAL) != 0) #define NONSEC(x) (((x) & DNS_NSEC3FLAG_NONSEC) != 0) -#define CHECK(x) \ - do { \ - result = (x); \ - if (result != ISC_R_SUCCESS) \ - goto failure; \ - } while (0) - /* * Work out if 'param' should be ignored or not (i.e. it is in the process * of being removed). @@ -121,14 +114,14 @@ dns_private_chains(dns_db_t *db, dns_dbversion_t *ver, result = dns_db_findrdataset(db, node, ver, dns_rdatatype_nsec, 0, (isc_stdtime_t)0, &nsecset, NULL); - if (result != ISC_R_SUCCESS && result != ISC_R_NOTFOUND) { - goto failure; + if (result != ISC_R_NOTFOUND) { + CHECK(result); } result = dns_db_findrdataset(db, node, ver, dns_rdatatype_nsec3param, 0, (isc_stdtime_t)0, &nsec3paramset, NULL); - if (result != ISC_R_SUCCESS && result != ISC_R_NOTFOUND) { - goto failure; + if (result != ISC_R_NOTFOUND) { + CHECK(result); } if (dns_rdataset_isassociated(&nsecset) && @@ -143,8 +136,8 @@ dns_private_chains(dns_db_t *db, dns_dbversion_t *ver, result = dns_db_findrdataset(db, node, ver, privatetype, 0, (isc_stdtime_t)0, &privateset, NULL); - if (result != ISC_R_SUCCESS && result != ISC_R_NOTFOUND) { - goto failure; + if (result != ISC_R_NOTFOUND) { + CHECK(result); } } @@ -278,7 +271,7 @@ dns_private_chains(dns_db_t *db, dns_dbversion_t *ver, success: result = ISC_R_SUCCESS; -failure: +cleanup: if (dns_rdataset_isassociated(&nsecset)) { dns_rdataset_disassociate(&nsecset); } @@ -400,6 +393,6 @@ dns_private_totext(dns_rdata_t *private, isc_buffer_t *buf) { isc_buffer_putuint8(buf, 0); result = ISC_R_SUCCESS; -failure: +cleanup: return result; } diff --git a/lib/dns/qpcache.c b/lib/dns/qpcache.c index 7f2ab9640a..b344e8e698 100644 --- a/lib/dns/qpcache.c +++ b/lib/dns/qpcache.c @@ -66,13 +66,6 @@ #define DNS_QPCACHE_LOG_STATS_LEVEL 3 #endif -#define CHECK(op) \ - do { \ - result = (op); \ - if (result != ISC_R_SUCCESS) \ - goto failure; \ - } while (0) - #define STALE_TTL(header, qpdb) \ (NXDOMAIN(header) ? 0 : qpdb->common.serve_stale_ttl) @@ -3120,18 +3113,12 @@ qpcache_addrdataset(dns_db_t *db, dns_dbnode_t *node, dns_dbversion_t *version, DNS_SLABHEADER_SETATTR(newheader, DNS_SLABHEADERATTR_OPTOUT); } if (rdataset->attributes.noqname) { - result = addnoqname(qpnode->mctx, newheader, qpdb->maxrrperset, - rdataset); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(addnoqname(qpnode->mctx, newheader, qpdb->maxrrperset, + rdataset)); } if (rdataset->attributes.closest) { - result = addclosest(qpnode->mctx, newheader, qpdb->maxrrperset, - rdataset); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(addclosest(qpnode->mctx, newheader, qpdb->maxrrperset, + rdataset)); } nlock = &qpdb->buckets[qpnode->locknum].lock; diff --git a/lib/dns/qpzone.c b/lib/dns/qpzone.c index 834af41b97..be5e050007 100644 --- a/lib/dns/qpzone.c +++ b/lib/dns/qpzone.c @@ -64,14 +64,6 @@ #include "qpzone_p.h" #include "rdataslab_p.h" -#define CHECK(op) \ - { \ - result = (op); \ - if (result != ISC_R_SUCCESS) { \ - goto failure; \ - } \ - } - #define HEADERNODE(h) ((qpznode_t *)((h)->node)) #define QPDB_ATTR_LOADED 0x01 diff --git a/lib/dns/rcode.c b/lib/dns/rcode.c index c749959a49..a1ad5abeae 100644 --- a/lib/dns/rcode.c +++ b/lib/dns/rcode.c @@ -39,13 +39,6 @@ #include -#define RETERR(x) \ - do { \ - isc_result_t _r = (x); \ - if (_r != ISC_R_SUCCESS) \ - return ((_r)); \ - } while (0) - #define NUMBERSIZE sizeof("037777777777") /* 2^32-1 octal + NUL */ #define TOTEXTONLY 0x01 diff --git a/lib/dns/rdata.c b/lib/dns/rdata.c index 5fd872fe3f..2c83eaf380 100644 --- a/lib/dns/rdata.c +++ b/lib/dns/rdata.c @@ -52,13 +52,6 @@ #include #include -#define RETERR(x) \ - do { \ - isc_result_t _r = (x); \ - if (_r != ISC_R_SUCCESS) \ - return ((_r)); \ - } while (0) - #define RETTOK(x) \ do { \ isc_result_t _r = (x); \ @@ -68,13 +61,6 @@ } \ } while (0) -#define CHECK(op) \ - do { \ - result = (op); \ - if (result != ISC_R_SUCCESS) \ - goto cleanup; \ - } while (0) - #define CHECKTOK(op) \ do { \ result = (op); \ diff --git a/lib/dns/rdataset.c b/lib/dns/rdataset.c index 83a08ff469..593b09771e 100644 --- a/lib/dns/rdataset.c +++ b/lib/dns/rdataset.c @@ -324,18 +324,12 @@ towire_answer(dns_rdataset_t *rdataset, const dns_name_t *name, for (size_t i = start; i < count; i++) { dns_rdata_t rdata = DNS_RDATA_INIT; - result = towire_addtypeclass(rdataset, name, cctx, target, - rrbuffer, sizeof(dns_ttl_t) + 2); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(towire_addtypeclass(rdataset, name, cctx, target, + rrbuffer, sizeof(dns_ttl_t) + 2)); towire_addttl(rdataset, target, &rdlen); dns_rdataset_current(rdataset, &rdata); - result = towire_addrdata(&rdata, cctx, target, &rdlen); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(towire_addrdata(&rdata, cctx, target, &rdlen)); added++; result = dns_rdataset_next(rdataset); @@ -348,17 +342,11 @@ towire_answer(dns_rdataset_t *rdataset, const dns_name_t *name, } for (size_t i = 0; i < start; i++) { - result = towire_addtypeclass(rdataset, name, cctx, target, - rrbuffer, sizeof(dns_ttl_t) + 2); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(towire_addtypeclass(rdataset, name, cctx, target, + rrbuffer, sizeof(dns_ttl_t) + 2)); towire_addttl(rdataset, target, &rdlen); - result = towire_addrdata(&rdatas[i], cctx, target, &rdlen); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(towire_addrdata(&rdatas[i], cctx, target, &rdlen)); added++; } diff --git a/lib/dns/resconf.c b/lib/dns/resconf.c index fda0fcddf9..3b919170e1 100644 --- a/lib/dns/resconf.c +++ b/lib/dns/resconf.c @@ -75,13 +75,6 @@ #define RESCONFMAXLINELEN 256U /*%< max size of a line */ #define RESCONFMAXSORTLIST 10U /*%< max 10 */ -#define CHECK(op) \ - do { \ - result = (op); \ - if (result != ISC_R_SUCCESS) \ - goto cleanup; \ - } while (0) - /*! * configuration data structure */ diff --git a/lib/dns/resolver.c b/lib/dns/resolver.c index 9e0e578cfb..f79eb122ec 100644 --- a/lib/dns/resolver.c +++ b/lib/dns/resolver.c @@ -6045,7 +6045,6 @@ static isc_result_t rctx_cache_secure(respctx_t *rctx, dns_message_t *message, dns_name_t *name, dns_dbnode_t *node, dns_rdataset_t *rdataset, dns_rdataset_t *sigrdataset, bool need_validation) { - isc_result_t result; fetchctx_t *fctx = rctx->fctx; resquery_t *query = rctx->query; dns_rdataset_t *ardataset = NULL, *asigset = NULL; @@ -6129,12 +6128,8 @@ rctx_cache_secure(respctx_t *rctx, dns_message_t *message, dns_name_t *name, * in-between. */ - result = cache_rrset(fctx, rctx->now, name, rdataset, - sigrdataset, &node, ardataset, asigset, - need_validation); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(cache_rrset(fctx, rctx->now, name, rdataset, sigrdataset, + &node, ardataset, asigset, need_validation)); } return ISC_R_SUCCESS; @@ -6386,10 +6381,7 @@ negcache(dns_message_t *message, fetchctx_t *fctx, const dns_name_t *name, /* * Cache the negative entry. */ - result = dns_db_findnode(fctx->cache, name, true, &node); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(dns_db_findnode(fctx->cache, name, true, &node)); result = dns_ncache_add(message, cache, node, covers, now, minttl, maxttl, optout, secure, added); diff --git a/lib/dns/skr.c b/lib/dns/skr.c index 537683d363..34a259963d 100644 --- a/lib/dns/skr.c +++ b/lib/dns/skr.c @@ -25,27 +25,11 @@ #include #include -#define CHECK(op) \ - do { \ - result = (op); \ - if (result != ISC_R_SUCCESS) \ - goto failure; \ - } while (0) - #define READLINE(lex, opt, token) -#define NEXTTOKEN(lex, opt, token) \ - { \ - ret = isc_lex_gettoken(lex, opt, token); \ - if (ret != ISC_R_SUCCESS) \ - goto cleanup; \ - } +#define NEXTTOKEN(lex, opt, token) CHECK(isc_lex_gettoken(lex, opt, token)) -#define BADTOKEN() \ - { \ - ret = ISC_R_UNEXPECTEDTOKEN; \ - goto cleanup; \ - } +#define BADTOKEN() CHECK(ISC_R_UNEXPECTEDTOKEN) #define TOKENSIZ (8 * 1024) #define STR(t) ((t).value.as_textregion.base) @@ -61,7 +45,7 @@ parse_rr(isc_lex_t *lex, isc_mem_t *mctx, char *owner, dns_name_t *origin, isc_buffer_t b; isc_token_t token; unsigned int opt = ISC_LEXOPT_EOL; - isc_result_t ret = ISC_R_SUCCESS; + isc_result_t result = ISC_R_SUCCESS; isc_lex_setcomments(lex, ISC_LEXCOMMENT_DNSMASTERFILE); @@ -72,13 +56,9 @@ parse_rr(isc_lex_t *lex, isc_mem_t *mctx, char *owner, dns_name_t *origin, dname = dns_fixedname_initname(&dfname); isc_buffer_init(&b, owner, strlen(owner)); isc_buffer_add(&b, strlen(owner)); - ret = dns_name_fromtext(dname, &b, dns_rootname, 0); - if (ret != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(dns_name_fromtext(dname, &b, dns_rootname, 0)); if (dns_name_compare(dname, origin) != 0) { - ret = DNS_R_BADOWNERNAME; - goto cleanup; + CHECK(DNS_R_BADOWNERNAME); } isc_buffer_clear(&b); @@ -89,8 +69,8 @@ parse_rr(isc_lex_t *lex, isc_mem_t *mctx, char *owner, dns_name_t *origin, } /* If it's a TTL, read the next one */ - ret = dns_ttl_fromtext(&token.value.as_textregion, ttl); - if (ret == ISC_R_SUCCESS) { + result = dns_ttl_fromtext(&token.value.as_textregion, ttl); + if (result == ISC_R_SUCCESS) { NEXTTOKEN(lex, opt, &token); } if (token.type != isc_tokentype_string) { @@ -98,8 +78,8 @@ parse_rr(isc_lex_t *lex, isc_mem_t *mctx, char *owner, dns_name_t *origin, } /* If it's a class, read the next one */ - ret = dns_rdataclass_fromtext(&clas, &token.value.as_textregion); - if (ret == ISC_R_SUCCESS) { + result = dns_rdataclass_fromtext(&clas, &token.value.as_textregion); + if (result == ISC_R_SUCCESS) { if (clas != rdclass) { BADTOKEN(); } @@ -110,8 +90,8 @@ parse_rr(isc_lex_t *lex, isc_mem_t *mctx, char *owner, dns_name_t *origin, } /* Must be the record type */ - ret = dns_rdatatype_fromtext(rdtype, &token.value.as_textregion); - if (ret != ISC_R_SUCCESS) { + result = dns_rdatatype_fromtext(rdtype, &token.value.as_textregion); + if (result != ISC_R_SUCCESS) { BADTOKEN(); } switch (*rdtype) { @@ -126,11 +106,11 @@ parse_rr(isc_lex_t *lex, isc_mem_t *mctx, char *owner, dns_name_t *origin, } dns_rdatacallbacks_init(&callbacks); - ret = dns_rdata_fromtext(*rdata, rdclass, *rdtype, lex, dname, 0, mctx, - buf, &callbacks); + result = dns_rdata_fromtext(*rdata, rdclass, *rdtype, lex, dname, 0, + mctx, buf, &callbacks); cleanup: isc_lex_setcomments(lex, 0); - return ret; + return result; } static void @@ -345,7 +325,7 @@ dns_skr_read(isc_mem_t *mctx, const char *filename, dns_name_t *origin, filename, isc_lex_getsourceline(lex), isc_result_totext(result)); isc_mem_put(mctx, rdata, sizeof(*rdata)); - goto failure; + goto cleanup; } /* Create new diff tuple */ @@ -374,7 +354,7 @@ dns_skr_read(isc_mem_t *mctx, const char *filename, dns_name_t *origin, addbundle(*skrp, &bundle); } -failure: +cleanup: if (result != ISC_R_SUCCESS) { isc_log_write(DNS_LOGCATEGORY_GENERAL, DNS_LOGMODULE_ZONE, ISC_LOG_DEBUG(1), diff --git a/lib/dns/tkey.c b/lib/dns/tkey.c index 79ca4da3e0..4618f5ff58 100644 --- a/lib/dns/tkey.c +++ b/lib/dns/tkey.c @@ -55,13 +55,6 @@ #define TEMP_BUFFER_SZ 8192 #define TKEY_RANDOM_AMOUNT 16 -#define RETERR(x) \ - do { \ - result = (x); \ - if (result != ISC_R_SUCCESS) \ - goto failure; \ - } while (0) - static void tkey_log(const char *fmt, ...) ISC_FORMAT_PRINTF(1, 2); @@ -208,7 +201,7 @@ process_gsstkey(dns_message_t *msg, dns_name_t *name, dns_rdata_tkey_t *tkeyin, return ISC_R_SUCCESS; } if (result != DNS_R_CONTINUE && result != ISC_R_SUCCESS) { - goto failure; + CHECK(result); } /* @@ -224,8 +217,8 @@ process_gsstkey(dns_message_t *msg, dns_name_t *name, dns_rdata_tkey_t *tkeyin, #endif /* HAVE_GSSAPI */ uint32_t expire; - RETERR(dst_key_fromgssapi(name, gss_ctx, ring->mctx, &dstkey, - &intoken)); + CHECK(dst_key_fromgssapi(name, gss_ctx, ring->mctx, &dstkey, + &intoken)); /* * Limit keys to 1 hour or the context's lifetime whichever * is smaller. @@ -237,11 +230,11 @@ process_gsstkey(dns_message_t *msg, dns_name_t *name, dns_rdata_tkey_t *tkeyin, expire = now + lifetime; } #endif /* HAVE_GSSAPI */ - RETERR(dns_tsigkey_createfromkey( + CHECK(dns_tsigkey_createfromkey( name, dns__tsig_algfromname(&tkeyin->algorithm), dstkey, true, false, principal, now, expire, ring->mctx, &tsigkey)); - RETERR(dns_tsigkeyring_add(ring, tsigkey)); + CHECK(dns_tsigkeyring_add(ring, tsigkey)); dst_key_free(&dstkey); tkeyout->inception = now; tkeyout->expire = expire; @@ -277,7 +270,7 @@ process_gsstkey(dns_message_t *msg, dns_name_t *name, dns_rdata_tkey_t *tkeyin, return ISC_R_SUCCESS; -failure: +cleanup: if (tsigkey != NULL) { dns_tsigkey_detach(&tsigkey); } @@ -363,24 +356,21 @@ dns_tkey_processquery(dns_message_t *msg, dns_tkeyctx_t *tctx, result = dns_message_findname(msg, DNS_SECTION_ADDITIONAL, qname, dns_rdatatype_tkey, 0, NULL, &tkeyset); if (result != ISC_R_SUCCESS) { - result = DNS_R_FORMERR; tkey_log("dns_tkey_processquery: couldn't find a TKEY " "matching the question"); - goto failure; + CHECK(DNS_R_FORMERR); } result = dns_rdataset_first(tkeyset); if (result != ISC_R_SUCCESS) { - result = DNS_R_FORMERR; - goto failure; + CHECK(DNS_R_FORMERR); } dns_rdataset_current(tkeyset, &rdata); - RETERR(dns_rdata_tostruct(&rdata, &tkeyin, NULL)); + CHECK(dns_rdata_tostruct(&rdata, &tkeyin, NULL)); if (tkeyin.error != dns_rcode_noerror) { - result = DNS_R_FORMERR; - goto failure; + CHECK(DNS_R_FORMERR); } /* @@ -396,8 +386,7 @@ dns_tkey_processquery(dns_message_t *msg, dns_tkeyctx_t *tctx, { tkey_log("dns_tkey_processquery: query was not " "properly signed - rejecting"); - result = DNS_R_FORMERR; - goto failure; + CHECK(DNS_R_FORMERR); } tkeyout = (dns_rdata_tkey_t){ @@ -414,8 +403,8 @@ dns_tkey_processquery(dns_message_t *msg, dns_tkeyctx_t *tctx, /* * A delete operation uses the fully specified qname. */ - RETERR(process_deletetkey(signer, qname, &tkeyin, &tkeyout, - ring)); + CHECK(process_deletetkey(signer, qname, &tkeyin, &tkeyout, + ring)); break; case DNS_TKEYMODE_GSSAPI: keyname = dns_fixedname_initname(&fkeyname); @@ -435,10 +424,10 @@ dns_tkey_processquery(dns_message_t *msg, dns_tkeyctx_t *tctx, isc_nonce_buf(randomdata, sizeof(randomdata)); isc_buffer_init(&b, randomtext, sizeof(randomtext)); - RETERR(isc_hex_totext(&r, 2, "", &b)); - RETERR(dns_name_fromtext(keyname, &b, NULL, 0)); + CHECK(isc_hex_totext(&r, 2, "", &b)); + CHECK(dns_name_fromtext(keyname, &b, NULL, 0)); } - RETERR(dns_name_concatenate(keyname, dns_rootname, keyname)); + CHECK(dns_name_concatenate(keyname, dns_rootname, keyname)); result = dns_tsigkey_find(&tsigkey, keyname, NULL, ring); if (result == ISC_R_SUCCESS) { @@ -446,15 +435,15 @@ dns_tkey_processquery(dns_message_t *msg, dns_tkeyctx_t *tctx, dns_tsigkey_detach(&tsigkey); break; } else if (result == ISC_R_NOTFOUND) { - RETERR(process_gsstkey(msg, keyname, &tkeyin, tctx, - &tkeyout, ring)); + CHECK(process_gsstkey(msg, keyname, &tkeyin, tctx, + &tkeyout, ring)); break; } - goto failure; + goto cleanup; case DNS_TKEYMODE_SERVERASSIGNED: case DNS_TKEYMODE_RESOLVERASSIGNED: result = DNS_R_NOTIMP; - goto failure; + goto cleanup; default: tkeyout.error = dns_tsigerror_badmode; } @@ -467,9 +456,9 @@ dns_tkey_processquery(dns_message_t *msg, dns_tkeyctx_t *tctx, if (tkeyout.key != NULL) { isc_mem_put(tkeyout.mctx, tkeyout.key, tkeyout.keylen); } - RETERR(result); + CHECK(result); - RETERR(dns_message_reply(msg, true)); + CHECK(dns_message_reply(msg, true)); add_rdata_to_list(msg, keyname, &rdata, 0, &namelist); ISC_LIST_FOREACH(namelist, name, link) { @@ -478,7 +467,7 @@ dns_tkey_processquery(dns_message_t *msg, dns_tkeyctx_t *tctx, } return ISC_R_SUCCESS; -failure: +cleanup: free_namelist(msg, &namelist); return result; } @@ -622,11 +611,11 @@ dns_tkey_gssnegotiate(dns_message_t *qmsg, dns_message_t *rmsg, return dns_result_fromrcode(rmsg->rcode); } - RETERR(find_tkey(rmsg, &tkeyname, &rtkeyrdata, DNS_SECTION_ANSWER)); - RETERR(dns_rdata_tostruct(&rtkeyrdata, &rtkey, NULL)); + CHECK(find_tkey(rmsg, &tkeyname, &rtkeyrdata, DNS_SECTION_ANSWER)); + CHECK(dns_rdata_tostruct(&rtkeyrdata, &rtkey, NULL)); - RETERR(find_tkey(qmsg, &tkeyname, &qtkeyrdata, DNS_SECTION_ADDITIONAL)); - RETERR(dns_rdata_tostruct(&qtkeyrdata, &qtkey, NULL)); + CHECK(find_tkey(qmsg, &tkeyname, &qtkeyrdata, DNS_SECTION_ADDITIONAL)); + CHECK(dns_rdata_tostruct(&qtkeyrdata, &qtkey, NULL)); if (rtkey.error != dns_rcode_noerror || rtkey.mode != DNS_TKEYMODE_GSSAPI || @@ -634,8 +623,7 @@ dns_tkey_gssnegotiate(dns_message_t *qmsg, dns_message_t *rmsg, { tkey_log("dns_tkey_gssnegotiate: tkey mode invalid " "or error set(4)"); - result = DNS_R_INVALIDTKEY; - goto failure; + CHECK(DNS_R_INVALIDTKEY); } isc_buffer_init(&intoken, rtkey.key, rtkey.keylen); @@ -662,22 +650,22 @@ dns_tkey_gssnegotiate(dns_message_t *qmsg, dns_message_t *rmsg, dns_name_clone(DNS_TSIG_GSSAPI_NAME, &tkey.algorithm); dns_message_reset(qmsg, DNS_MESSAGE_INTENTRENDER); - RETERR(buildquery(qmsg, tkeyname, &tkey)); + CHECK(buildquery(qmsg, tkeyname, &tkey)); return DNS_R_CONTINUE; } - RETERR(dst_key_fromgssapi(dns_rootname, *context, rmsg->mctx, &dstkey, - NULL)); + CHECK(dst_key_fromgssapi(dns_rootname, *context, rmsg->mctx, &dstkey, + NULL)); /* * XXXSRA This seems confused. If we got CONTINUE from initctx, * the GSS negotiation hasn't completed yet, so we can't sign * anything yet. */ - RETERR(dns_tsigkey_createfromkey(tkeyname, DST_ALG_GSSAPI, dstkey, true, - false, NULL, rtkey.inception, - rtkey.expire, ring->mctx, &tsigkey)); - RETERR(dns_tsigkeyring_add(ring, tsigkey)); + CHECK(dns_tsigkey_createfromkey(tkeyname, DST_ALG_GSSAPI, dstkey, true, + false, NULL, rtkey.inception, + rtkey.expire, ring->mctx, &tsigkey)); + CHECK(dns_tsigkeyring_add(ring, tsigkey)); if (outkey == NULL) { dns_tsigkey_detach(&tsigkey); } else { @@ -687,7 +675,7 @@ dns_tkey_gssnegotiate(dns_message_t *qmsg, dns_message_t *rmsg, dst_key_free(&dstkey); return result; -failure: +cleanup: if (tsigkey != NULL) { dns_tsigkey_detach(&tsigkey); } diff --git a/lib/dns/ttl.c b/lib/dns/ttl.c index 4605abb068..9c0a02d1e3 100644 --- a/lib/dns/ttl.c +++ b/lib/dns/ttl.c @@ -30,13 +30,6 @@ #include -#define RETERR(x) \ - do { \ - isc_result_t _r = (x); \ - if (_r != ISC_R_SUCCESS) \ - return ((_r)); \ - } while (0) - static isc_result_t bind_ttl(isc_textregion_t *source, uint32_t *ttl); diff --git a/lib/dns/update.c b/lib/dns/update.c index ff4ae03c61..b741a75c90 100644 --- a/lib/dns/update.c +++ b/lib/dns/update.c @@ -70,116 +70,6 @@ */ #define LOGLEVEL_DEBUG ISC_LOG_DEBUG(8) -/*% - * Check an operation for failure. These macros all assume that - * the function using them has a 'result' variable and a 'failure' - * label. - */ -#define CHECK(op) \ - do { \ - result = (op); \ - if (result != ISC_R_SUCCESS) \ - goto failure; \ - } while (0) - -/*% - * Fail unconditionally with result 'code', which must not - * be ISC_R_SUCCESS. The reason for failure presumably has - * been logged already. - * - * The test against ISC_R_SUCCESS is there to keep the Solaris compiler - * from complaining about "end-of-loop code not reached". - */ - -#define FAIL(code) \ - do { \ - result = (code); \ - if (result != ISC_R_SUCCESS) \ - goto failure; \ - } while (0) - -/*% - * Fail unconditionally and log as a client error. - * The test against ISC_R_SUCCESS is there to keep the Solaris compiler - * from complaining about "end-of-loop code not reached". - */ -#define FAILC(code, msg) \ - do { \ - const char *_what = "failed"; \ - result = (code); \ - switch (result) { \ - case DNS_R_NXDOMAIN: \ - case DNS_R_YXDOMAIN: \ - case DNS_R_YXRRSET: \ - case DNS_R_NXRRSET: \ - _what = "unsuccessful"; \ - } \ - update_log(log, zone, LOGLEVEL_PROTOCOL, "update %s: %s (%s)", \ - _what, msg, isc_result_totext(result)); \ - if (result != ISC_R_SUCCESS) \ - goto failure; \ - } while (0) - -#define FAILN(code, name, msg) \ - do { \ - const char *_what = "failed"; \ - result = (code); \ - switch (result) { \ - case DNS_R_NXDOMAIN: \ - case DNS_R_YXDOMAIN: \ - case DNS_R_YXRRSET: \ - case DNS_R_NXRRSET: \ - _what = "unsuccessful"; \ - } \ - if (isc_log_wouldlog(LOGLEVEL_PROTOCOL)) { \ - char _nbuf[DNS_NAME_FORMATSIZE]; \ - dns_name_format(name, _nbuf, sizeof(_nbuf)); \ - update_log(log, zone, LOGLEVEL_PROTOCOL, \ - "update %s: %s: %s (%s)", _what, _nbuf, \ - msg, isc_result_totext(result)); \ - } \ - if (result != ISC_R_SUCCESS) \ - goto failure; \ - } while (0) - -#define FAILNT(code, name, type, msg) \ - do { \ - const char *_what = "failed"; \ - result = (code); \ - switch (result) { \ - case DNS_R_NXDOMAIN: \ - case DNS_R_YXDOMAIN: \ - case DNS_R_YXRRSET: \ - case DNS_R_NXRRSET: \ - _what = "unsuccessful"; \ - } \ - if (isc_log_wouldlog(LOGLEVEL_PROTOCOL)) { \ - char _nbuf[DNS_NAME_FORMATSIZE]; \ - char _tbuf[DNS_RDATATYPE_FORMATSIZE]; \ - dns_name_format(name, _nbuf, sizeof(_nbuf)); \ - dns_rdatatype_format(type, _tbuf, sizeof(_tbuf)); \ - update_log(log, zone, LOGLEVEL_PROTOCOL, \ - "update %s: %s/%s: %s (%s)", _what, _nbuf, \ - _tbuf, msg, isc_result_totext(result)); \ - } \ - if (result != ISC_R_SUCCESS) \ - goto failure; \ - } while (0) - -/*% - * Fail unconditionally and log as a server error. - * The test against ISC_R_SUCCESS is there to keep the Solaris compiler - * from complaining about "end-of-loop code not reached". - */ -#define FAILS(code, msg) \ - do { \ - result = (code); \ - update_log(log, zone, LOGLEVEL_PROTOCOL, "error: %s: %s", msg, \ - isc_result_totext(result)); \ - if (result != ISC_R_SUCCESS) \ - goto failure; \ - } while (0) - /**************************************************************************/ typedef struct rr rr_t; @@ -737,7 +627,7 @@ namelist_append_subdomain(dns_db_t *db, dns_name_t *name, if (result == ISC_R_NOMORE) { result = ISC_R_SUCCESS; } -failure: +cleanup: if (dbit != NULL) { dns_dbiterator_destroy(&dbit); } @@ -802,7 +692,7 @@ uniqify_name_list(dns_diff_t *list) { dns_difftuple_free(&p); } } -failure: +cleanup: return result; } @@ -898,8 +788,7 @@ next_active(dns_update_log_t *log, dns_zone_t *zone, dns_db_t *db, if (wraps == 2) { update_log(log, zone, ISC_LOG_ERROR, "secure zone with no NSECs"); - result = DNS_R_BADZONE; - goto failure; + CHECK(DNS_R_BADZONE); } } CHECK(dns_dbiterator_current(dbit, &node, newname)); @@ -935,7 +824,7 @@ next_active(dns_update_log_t *log, dns_zone_t *zone, dns_db_t *db, } } } while (!has_nsec); -failure: +cleanup: if (dbit != NULL) { dns_dbiterator_destroy(&dbit); } @@ -987,7 +876,7 @@ add_nsec(dns_update_log_t *log, dns_zone_t *zone, dns_db_t *db, CHECK(do_one_tuple(&tuple, db, ver, diff)); INSIST(tuple == NULL); -failure: +cleanup: if (node != NULL) { dns_db_detachnode(&node); } @@ -1012,7 +901,7 @@ add_placeholder_nsec(dns_db_t *db, dns_dbversion_t *ver, dns_name_t *name, dns_difftuple_create(diff->mctx, DNS_DIFFOP_ADD, name, 0, &rdata, &tuple); CHECK(do_one_tuple(&tuple, db, ver, diff)); -failure: +cleanup: return result; } @@ -1251,7 +1140,7 @@ add_sigs(dns_update_log_t *log, dns_zone_t *zone, dns_db_t *db, result = ISC_R_NOTFOUND; } -failure: +cleanup: if (dns_rdataset_isassociated(&rdataset)) { dns_rdataset_disassociate(&rdataset); } @@ -1281,9 +1170,8 @@ del_keysigs(dns_db_t *db, dns_dbversion_t *ver, dns_name_t *name, if (result == ISC_R_NOTFOUND) { return ISC_R_SUCCESS; } - if (result != ISC_R_SUCCESS) { - goto failure; - } + CHECK(result); + result = dns_db_findrdataset(db, node, ver, dns_rdatatype_rrsig, dns_rdatatype_dnskey, (isc_stdtime_t)0, &rdataset, NULL); @@ -1292,9 +1180,7 @@ del_keysigs(dns_db_t *db, dns_dbversion_t *ver, dns_name_t *name, if (result == ISC_R_NOTFOUND) { return ISC_R_SUCCESS; } - if (result != ISC_R_SUCCESS) { - goto failure; - } + CHECK(result); DNS_RDATASET_FOREACH(&rdataset) { dns_rdata_t rdata = DNS_RDATA_INIT; @@ -1335,7 +1221,7 @@ del_keysigs(dns_db_t *db, dns_dbversion_t *ver, dns_name_t *name, } dns_rdataset_disassociate(&rdataset); -failure: +cleanup: if (node != NULL) { dns_db_detachnode(&node); } @@ -1525,7 +1411,7 @@ dns_update_signaturesinc(dns_update_log_t *log, dns_zone_t *zone, dns_db_t *db, update_log(log, zone, ISC_LOG_ERROR, "could not get zone keys for secure " "dynamic update"); - goto failure; + goto cleanup; } state->now = isc_stdtime_now(); @@ -1947,7 +1833,7 @@ next_state: if (!state->build_nsec3) { update_log(log, zone, ISC_LOG_DEBUG(3), "no NSEC3 chains to rebuild"); - goto failure; + goto cleanup; } update_log(log, zone, ISC_LOG_DEBUG(3), @@ -2119,7 +2005,7 @@ next_state: UNREACHABLE(); } -failure: +cleanup: if (node != NULL) { dns_db_detachnode(&node); } diff --git a/lib/dns/view.c b/lib/dns/view.c index 7efc9234a2..47c4fed0dd 100644 --- a/lib/dns/view.c +++ b/lib/dns/view.c @@ -66,13 +66,6 @@ #include #include -#define CHECK(op) \ - do { \ - result = (op); \ - if (result != ISC_R_SUCCESS) \ - goto cleanup; \ - } while (0) - #define DNS_VIEW_DELONLYHASH 111 /*% diff --git a/lib/dns/xfrin.c b/lib/dns/xfrin.c index f68f63b515..27f20e8891 100644 --- a/lib/dns/xfrin.c +++ b/lib/dns/xfrin.c @@ -55,14 +55,6 @@ * Incoming AXFR and IXFR. */ -#define CHECK(op) \ - { \ - result = (op); \ - if (result != ISC_R_SUCCESS) { \ - goto failure; \ - } \ - } - /*% * The states of the *XFR state machine. We handle both IXFR and AXFR * with a single integrated state machine because they cannot be @@ -306,7 +298,7 @@ axfr_init(dns_xfrin_t *xfr) { dns_rdatacallbacks_init(&xfr->axfr); CHECK(dns_db_beginload(xfr->db, &xfr->axfr)); result = ISC_R_SUCCESS; -failure: +cleanup: return result; } @@ -341,7 +333,7 @@ axfr_putdata(dns_xfrin_t *xfr, dns_diffop_t op, dns_name_t *name, dns_ttl_t ttl, dns_diff_append(&xfr->diff, &tuple); result = ISC_R_SUCCESS; -failure: +cleanup: return result; } @@ -360,20 +352,18 @@ axfr_apply(void *arg) { uint64_t records; if (atomic_load(&xfr->shuttingdown)) { - result = ISC_R_SHUTTINGDOWN; - goto failure; + CHECK(ISC_R_SHUTTINGDOWN); } CHECK(dns_diff_load(&xfr->diff, &xfr->axfr)); if (xfr->maxrecords != 0U) { result = dns_db_getsize(xfr->db, xfr->ver, &records, NULL); if (result == ISC_R_SUCCESS && records > xfr->maxrecords) { - result = DNS_R_TOOMANYRECORDS; - goto failure; + CHECK(DNS_R_TOOMANYRECORDS); } } -failure: +cleanup: dns_diff_clear(&xfr->diff); work->result = result; } @@ -399,7 +389,7 @@ axfr_apply_done(void *arg) { (void)dns_db_endload(xfr->db, &xfr->axfr); } -failure: +cleanup: xfr->diff_running = false; isc_mem_put(xfr->mctx, work, sizeof(*work)); @@ -471,7 +461,7 @@ ixfr_init(dns_xfrin_t *xfr) { } result = ISC_R_SUCCESS; -failure: +cleanup: return result; } @@ -493,7 +483,7 @@ ixfr_putdata(dns_xfrin_t *xfr, dns_diffop_t op, dns_name_t *name, dns_ttl_t ttl, dns_diff_append(&xfr->diff, &tuple); xfr->ixfr.diffs++; -failure: +cleanup: return result; } @@ -504,7 +494,7 @@ ixfr_begin_transaction(dns_xfrin_t *xfr) { if (xfr->ixfr.journal != NULL) { CHECK(dns_journal_begin_transaction(xfr->ixfr.journal)); } -failure: +cleanup: return result; } @@ -517,7 +507,7 @@ ixfr_end_transaction(dns_xfrin_t *xfr) { if (xfr->ixfr.journal != NULL) { CHECK(dns_journal_commit(xfr->ixfr.journal)); } -failure: +cleanup: return result; } @@ -532,8 +522,7 @@ ixfr_apply_one(dns_xfrin_t *xfr, ixfr_apply_data_t *data) { if (xfr->maxrecords != 0U) { result = dns_db_getsize(xfr->db, xfr->ver, &records, NULL); if (result == ISC_R_SUCCESS && records > xfr->maxrecords) { - result = DNS_R_TOOMANYRECORDS; - goto failure; + CHECK(DNS_R_TOOMANYRECORDS); } } if (xfr->ixfr.journal != NULL) { @@ -543,7 +532,7 @@ ixfr_apply_one(dns_xfrin_t *xfr, ixfr_apply_data_t *data) { result = ixfr_end_transaction(xfr); return result; -failure: +cleanup: /* We need to end the transaction, but keep the previous error */ (void)ixfr_end_transaction(xfr); @@ -606,9 +595,7 @@ ixfr_apply_done(void *arg) { result = ISC_R_SHUTTINGDOWN; } - if (result != ISC_R_SUCCESS) { - goto failure; - } + CHECK(result); /* Reschedule */ if (!cds_wfcq_empty(&xfr->diff_head, &xfr->diff_tail)) { @@ -616,7 +603,7 @@ ixfr_apply_done(void *arg) { return; } -failure: +cleanup: xfr->diff_running = false; isc_mem_put(xfr->mctx, work, sizeof(*work)); @@ -670,7 +657,7 @@ ixfr_commit(dns_xfrin_t *xfr) { isc_work_enqueue(xfr->loop, ixfr_apply, ixfr_apply_done, work); } -failure: +cleanup: return result; } @@ -697,8 +684,7 @@ xfr_rr(dns_xfrin_t *xfr, dns_name_t *name, uint32_t ttl, dns_rdata_t *rdata) { dns_rdatatype_format(rdata->type, buf, sizeof(buf)); xfrin_log(xfr, ISC_LOG_NOTICE, "Unexpected %s record in zone transfer", buf); - result = DNS_R_FORMERR; - goto failure; + CHECK(DNS_R_FORMERR); } /* @@ -713,8 +699,7 @@ xfr_rr(dns_xfrin_t *xfr, dns_name_t *name, uint32_t ttl, dns_rdata_t *rdata) { dns_name_format(name, namebuf, sizeof(namebuf)); xfrin_log(xfr, ISC_LOG_DEBUG(3), "SOA name mismatch: '%s'", namebuf); - result = DNS_R_NOTZONETOP; - goto failure; + CHECK(DNS_R_NOTZONETOP); } redo: @@ -723,8 +708,7 @@ redo: if (rdata->type != dns_rdatatype_soa) { xfrin_log(xfr, ISC_LOG_NOTICE, "non-SOA response to SOA query"); - result = DNS_R_FORMERR; - goto failure; + CHECK(DNS_R_FORMERR); } end_serial = dns_soa_getserial(rdata); atomic_store_relaxed(&xfr->end_serial, end_serial); @@ -735,8 +719,7 @@ redo: "requested serial %u, " "primary has %" PRIuFAST32 ", not updating", xfr->ixfr.request_serial, end_serial); - result = DNS_R_UPTODATE; - goto failure; + CHECK(DNS_R_UPTODATE); } atomic_store(&xfr->state, XFRST_GOTSOA); break; @@ -751,8 +734,7 @@ redo: if (rdata->type != dns_rdatatype_soa) { xfrin_log(xfr, ISC_LOG_NOTICE, "first RR in zone transfer must be SOA"); - result = DNS_R_FORMERR; - goto failure; + CHECK(DNS_R_FORMERR); } /* * Remember the serial number in the initial SOA. @@ -773,8 +755,7 @@ redo: "requested serial %u, " "primary has %" PRIuFAST32 ", not updating", xfr->ixfr.request_serial, end_serial); - result = DNS_R_UPTODATE; - goto failure; + CHECK(DNS_R_UPTODATE); } xfr->firstsoa = *rdata; if (xfr->firstsoa_data != NULL) { @@ -842,8 +823,7 @@ redo: "IXFR out of sync: " "expected serial %u, got %u", xfr->ixfr.current_serial, soa_serial); - result = DNS_R_FORMERR; - goto failure; + CHECK(DNS_R_FORMERR); } else { CHECK(ixfr_commit(xfr)); atomic_store(&xfr->state, XFRST_IXFR_DELSOA); @@ -853,8 +833,7 @@ redo: if (rdata->type == dns_rdatatype_ns && dns_name_iswildcard(name)) { - result = DNS_R_INVALIDNS; - goto failure; + CHECK(DNS_R_INVALIDNS); } CHECK(ixfr_putdata(xfr, DNS_DIFFOP_ADD, name, ttl, rdata)); break; @@ -879,8 +858,7 @@ redo: xfrin_log(xfr, ISC_LOG_NOTICE, "start and ending SOA records " "mismatch"); - result = DNS_R_FORMERR; - goto failure; + CHECK(DNS_R_FORMERR); } axfr_commit(xfr); atomic_store(&xfr->state, XFRST_AXFR_END); @@ -889,13 +867,13 @@ redo: break; case XFRST_AXFR_END: case XFRST_IXFR_END: - result = DNS_R_EXTRADATA; - goto failure; + CHECK(DNS_R_EXTRADATA); + break; default: UNREACHABLE(); } result = ISC_R_SUCCESS; -failure: +cleanup: return result; } @@ -1310,8 +1288,7 @@ xfrin_start(dns_xfrin_t *xfr) { dns_dispatchmgr_t *dispmgr = dns_view_getdispatchmgr(xfr->view); if (dispmgr == NULL) { - result = ISC_R_SHUTTINGDOWN; - goto failure; + CHECK(ISC_R_SHUTTINGDOWN); } primaries_timeout = isc_nm_getprimariestimeout(); @@ -1319,9 +1296,7 @@ xfrin_start(dns_xfrin_t *xfr) { &xfr->primaryaddr, xfr->transport, DNS_DISPATCHOPT_UNSHARED, &xfr->disp); dns_dispatchmgr_detach(&dispmgr); - if (result != ISC_R_SUCCESS) { - goto failure; - } + CHECK(result); LIBDNS_XFRIN_START(xfr, xfr->info); @@ -1388,7 +1363,7 @@ xfrin_start(dns_xfrin_t *xfr) { return ISC_R_SUCCESS; -failure: +cleanup: xfrin_cancelio(xfr); dns_xfrin_detach(&xfr); @@ -1410,7 +1385,7 @@ render(dns_message_t *msg, isc_mem_t *mctx, isc_buffer_t *buf) { CHECK(dns_message_rendersection(msg, DNS_SECTION_ADDITIONAL, 0)); CHECK(dns_message_renderend(msg)); result = ISC_R_SUCCESS; -failure: +cleanup: dns_compress_invalidate(&cctx); return result; } @@ -1437,13 +1412,13 @@ xfrin_connect_done(isc_result_t result, isc_region_t *region ISC_ATTR_UNUSED, if (result != ISC_R_SUCCESS) { xfrin_fail(xfr, result, "failed to connect"); - goto failure; + goto cleanup; } result = dns_dispatch_checkperm(xfr->disp); if (result != ISC_R_SUCCESS) { xfrin_fail(xfr, result, "connected but unable to transfer"); - goto failure; + goto cleanup; } zmgr = dns_zone_getmgr(xfr->zone); @@ -1472,7 +1447,7 @@ xfrin_connect_done(isc_result_t result, isc_region_t *region ISC_ATTR_UNUSED, return; -failure: +cleanup: switch (result) { case ISC_R_NETDOWN: case ISC_R_HOSTDOWN: @@ -1682,7 +1657,7 @@ xfrin_send_request(dns_xfrin_t *xfr) { xfrin_log(xfr, ISC_LOG_DEBUG(3), "sending %s request, QID %d", request_type(xfr), xfr->id); -failure: +cleanup: dns_message_detach(&msg); if (soatuple != NULL) { dns_difftuple_free(&soatuple); @@ -1712,7 +1687,7 @@ xfrin_send_done(isc_result_t result, isc_region_t *region, void *arg) { xfrin_log(xfr, ISC_LOG_DEBUG(3), "sent request data"); -failure: +cleanup: if (result != ISC_R_SUCCESS) { xfrin_fail(xfr, result, "failed sending request data"); } @@ -1866,7 +1841,7 @@ xfrin_recv_done(isc_result_t result, isc_region_t *region, void *arg) { if (xfr->reqtype == dns_rdatatype_axfr || xfr->reqtype == dns_rdatatype_soa) { - goto failure; + goto cleanup; } xfrin_log(xfr, ISC_LOG_DEBUG(3), "got %s, retrying with AXFR", @@ -1896,8 +1871,7 @@ xfrin_recv_done(isc_result_t result, isc_region_t *region, void *arg) { if (msg->counts[DNS_SECTION_QUESTION] > 1) { xfrin_log(xfr, ISC_LOG_NOTICE, "too many questions (%u)", msg->counts[DNS_SECTION_QUESTION]); - result = DNS_R_FORMERR; - goto failure; + CHECK(DNS_R_FORMERR); } if ((atomic_load(&xfr->state) == XFRST_SOAQUERY || @@ -1905,8 +1879,7 @@ xfrin_recv_done(isc_result_t result, isc_region_t *region, void *arg) { msg->counts[DNS_SECTION_QUESTION] != 1) { xfrin_log(xfr, ISC_LOG_NOTICE, "missing question section"); - result = DNS_R_FORMERR; - goto failure; + CHECK(DNS_R_FORMERR); } MSG_SECTION_FOREACH(msg, DNS_SECTION_QUESTION, name) { @@ -1917,22 +1890,19 @@ xfrin_recv_done(isc_result_t result, isc_region_t *region, void *arg) { if (!dns_name_equal(name, &xfr->name)) { xfrin_log(xfr, ISC_LOG_NOTICE, "question name mismatch"); - result = DNS_R_FORMERR; - goto failure; + CHECK(DNS_R_FORMERR); } rds = ISC_LIST_HEAD(name->list); INSIST(rds != NULL); if (rds->type != xfr->reqtype) { xfrin_log(xfr, ISC_LOG_NOTICE, "question type mismatch"); - result = DNS_R_FORMERR; - goto failure; + CHECK(DNS_R_FORMERR); } if (rds->rdclass != xfr->rdclass) { xfrin_log(xfr, ISC_LOG_NOTICE, "question class mismatch"); - result = DNS_R_FORMERR; - goto failure; + CHECK(DNS_R_FORMERR); } } @@ -1954,15 +1924,14 @@ xfrin_recv_done(isc_result_t result, isc_region_t *region, void *arg) { if (xfr->reqtype == dns_rdatatype_soa && (msg->flags & DNS_MESSAGEFLAG_AA) == 0) { - result = DNS_R_NOTAUTHORITATIVE; - goto failure; + CHECK(DNS_R_NOTAUTHORITATIVE); } result = dns_message_checksig(msg, xfr->view); if (result != ISC_R_SUCCESS) { xfrin_log(xfr, ISC_LOG_DEBUG(3), "TSIG check failed: %s", isc_result_totext(result)); - goto failure; + goto cleanup; } MSG_SECTION_FOREACH(msg, DNS_SECTION_ANSWER, name) { @@ -2014,8 +1983,7 @@ xfrin_recv_done(isc_result_t result, isc_region_t *region, void *arg) { atomic_load(&xfr->state) == XFRST_AXFR_END || atomic_load(&xfr->state) == XFRST_IXFR_END) { - result = DNS_R_EXPECTEDTSIG; - goto failure; + CHECK(DNS_R_EXPECTEDTSIG); } } @@ -2055,10 +2023,7 @@ xfrin_recv_done(isc_result_t result, isc_region_t *region, void *arg) { * Read the next message. */ dns_message_detach(&msg); - result = dns_dispatch_getnext(xfr->dispentry); - if (result != ISC_R_SUCCESS) { - goto failure; - } + CHECK(dns_dispatch_getnext(xfr->dispentry)); isc_interval_t interval; isc_interval_set(&interval, dns_zone_getidlein(xfr->zone), 0); @@ -2069,7 +2034,7 @@ xfrin_recv_done(isc_result_t result, isc_region_t *region, void *arg) { return; } -failure: +cleanup: if (result != ISC_R_SUCCESS) { xfrin_fail(xfr, result, "failed while receiving responses"); } diff --git a/lib/dns/zone.c b/lib/dns/zone.c index cfe76c9706..562d8d132b 100644 --- a/lib/dns/zone.c +++ b/lib/dns/zone.c @@ -219,13 +219,6 @@ typedef struct dns_include dns_include_t; #define ZONEDB_LOCK(l, t) RWLOCK((l), (t)) #define ZONEDB_UNLOCK(l, t) RWUNLOCK((l), (t)) -#define RETERR(x) \ - do { \ - result = (x); \ - if (result != ISC_R_SUCCESS) \ - goto failure; \ - } while (0) - #ifdef ENABLE_AFL extern bool dns_fuzzing_resolver; #endif /* ifdef ENABLE_AFL */ @@ -604,13 +597,6 @@ typedef enum { * load. */ } dns_zoneloadflag_t; -#define CHECK(op) \ - do { \ - result = (op); \ - if (result != ISC_R_SUCCESS) \ - goto failure; \ - } while (0) - struct dns_zonemgr { unsigned int magic; isc_mem_t *mctx; @@ -1935,7 +1921,7 @@ setfilename(dns_zone_t *zone, char **field, const char *value) { const char *end = value + strlen(value); putmem(&b, p, end - p); -failure: +cleanup: isc_buffer_putuint8(&b, 0); setstring(zone, field, filename); } @@ -2270,14 +2256,14 @@ copy_initfile(dns_zone_t *zone) { size_t rval; result = isc_stdio_read(buf, 1, sizeof(buf), input, &rval); - if (result != ISC_R_SUCCESS && result != ISC_R_EOF) { - goto failure; + if (result != ISC_R_EOF) { + CHECK(result); } CHECK(isc_stdio_write(buf, rval, 1, output, NULL)); len -= rval; } while (len > 0); -failure: +cleanup: if (input != NULL) { isc_stdio_close(input); } @@ -4568,7 +4554,7 @@ create_keydata(dns_zone_t *zone, dns_db_t *db, dns_dbversion_t *ver, set_refreshkeytimer(zone, &kd, now, true); return ISC_R_SUCCESS; -failure: +cleanup: return result; } @@ -4664,7 +4650,7 @@ trust_key(dns_zone_t *zone, dns_name_t *keyname, dns_rdata_dnskey_t *dnskey, dns_keytable_detach(&sr); -failure: +cleanup: if (sr != NULL) { dns_keytable_detach(&sr); } @@ -4829,7 +4815,7 @@ update_soa_serial(dns_zone_t *zone, dns_db_t *db, dns_dbversion_t *ver, CHECK(do_one_tuple(&addtuple, db, ver, diff)); result = ISC_R_SUCCESS; -failure: +cleanup: if (addtuple != NULL) { dns_difftuple_free(&addtuple); } @@ -4897,7 +4883,7 @@ add_soa(dns_zone_t *zone, dns_db_t *db) { dns_zone_log(zone, ISC_LOG_ERROR, "add_soa:dns_db_newversion -> %s", isc_result_totext(result)); - goto failure; + goto cleanup; } /* Build SOA record */ @@ -4907,13 +4893,13 @@ add_soa(dns_zone_t *zone, dns_db_t *db) { dns_zone_log(zone, ISC_LOG_ERROR, "add_soa:dns_soa_buildrdata -> %s", isc_result_totext(result)); - goto failure; + goto cleanup; } result = update_one_rr(db, ver, &diff, DNS_DIFFOP_ADD, &zone->origin, 0, &rdata); -failure: +cleanup: dns_diff_clear(&diff); if (ver != NULL) { dns_db_closeversion(db, &ver, result == ISC_R_SUCCESS); @@ -5017,7 +5003,7 @@ sync_keyzone(dns_zone_t *zone, dns_db_t *db) { dnssec_log(zone, ISC_LOG_ERROR, "sync_keyzone:dns_db_newversion -> %s", isc_result_totext(result)); - goto failure; + goto cleanup; } /* @@ -5041,7 +5027,7 @@ sync_keyzone(dns_zone_t *zone, dns_db_t *db) { dns_rriterator_current(&rrit, &rrname, &ttl, &rdataset, NULL); if (!dns_rdataset_isassociated(rdataset)) { dns_rriterator_destroy(&rrit); - goto failure; + goto cleanup; } if (rdataset->type != dns_rdatatype_keydata) { @@ -5113,7 +5099,7 @@ sync_keyzone(dns_zone_t *zone, dns_db_t *db) { commit = true; } -failure: +cleanup: if (result != ISC_R_SUCCESS) { dnssec_log(zone, ISC_LOG_ERROR, "unable to synchronize managed keys: %s", @@ -5151,7 +5137,7 @@ dns_zone_synckeyzone(dns_zone_t *zone) { result = sync_keyzone(zone, db); UNLOCK_ZONE(zone); -failure: +cleanup: if (db != NULL) { dns_db_detach(&db); } @@ -5250,7 +5236,7 @@ check_reportchannel(dns_zone_t *zone, dns_db_t *db) { dns_rdataset_disassociate(&rdataset); } -failure: +cleanup: return result; } @@ -6717,13 +6703,13 @@ findzonekeys(dns_zone_t *zone, dns_db_t *db, dns_dbversion_t *ver, *nkeys = 0; memset(keys, 0, sizeof(*keys) * maxkeys); dns_rdataset_init(&rdataset); - RETERR(dns_db_findrdataset(db, node, ver, dns_rdatatype_dnskey, 0, 0, - &rdataset, NULL)); - RETERR(dns_rdataset_first(&rdataset)); + CHECK(dns_db_findrdataset(db, node, ver, dns_rdatatype_dnskey, 0, 0, + &rdataset, NULL)); + CHECK(dns_rdataset_first(&rdataset)); while (result == ISC_R_SUCCESS && count < maxkeys) { pubkey = NULL; dns_rdataset_current(&rdataset, &rdata); - RETERR(dns_dnssec_keyfromrdata(name, &rdata, mctx, &pubkey)); + CHECK(dns_dnssec_keyfromrdata(name, &rdata, mctx, &pubkey)); dst_key_setttl(pubkey, rdataset.ttl); if (!is_zone_key(pubkey)) { @@ -6799,9 +6785,7 @@ findzonekeys(dns_zone_t *zone, dns_db_t *db, dns_dbversion_t *ver, goto next; } - if (result != ISC_R_SUCCESS) { - goto failure; - } + CHECK(result); /* * If a key is marked inactive, skip it @@ -6829,7 +6813,7 @@ findzonekeys(dns_zone_t *zone, dns_db_t *db, dns_dbversion_t *ver, result = dns_rdataset_next(&rdataset); } if (result != ISC_R_NOMORE) { - goto failure; + CHECK(result); } if (count == 0) { result = ISC_R_NOTFOUND; @@ -6837,7 +6821,7 @@ findzonekeys(dns_zone_t *zone, dns_db_t *db, dns_dbversion_t *ver, result = ISC_R_SUCCESS; } -failure: +cleanup: if (dns_rdataset_isassociated(&rdataset)) { dns_rdataset_disassociate(&rdataset); } @@ -6884,7 +6868,7 @@ dns_zone_findkeys(dns_zone_t *zone, dns_db_t *db, dns_dbversion_t *ver, result = ISC_R_SUCCESS; } -failure: +cleanup: if (node != NULL) { dns_db_detachnode(&node); @@ -6932,8 +6916,8 @@ dns_zone_getdnsseckeys(dns_zone_t *zone, dns_db_t *db, dns_dbversion_t *ver, dns_zone_getmctx(zone), keys); dns_zone_unlock_keyfiles(zone); - if (result != ISC_R_SUCCESS && result != ISC_R_NOTFOUND) { - goto failure; + if (result != ISC_R_NOTFOUND) { + CHECK(result); } /* Get public keys (dnskeys). */ @@ -6966,7 +6950,7 @@ dns_zone_getdnsseckeys(dns_zone_t *zone, dns_db_t *db, dns_dbversion_t *ver, } } -failure: +cleanup: if (dns_rdataset_isassociated(&keyset)) { dns_rdataset_disassociate(&keyset); } @@ -7160,9 +7144,8 @@ del_sigs(dns_zone_t *zone, dns_db_t *db, dns_dbversion_t *ver, dns_name_t *name, if (result == ISC_R_NOTFOUND) { return ISC_R_SUCCESS; } - if (result != ISC_R_SUCCESS) { - goto failure; - } + CHECK(result); + result = dns_db_findrdataset(db, node, ver, dns_rdatatype_rrsig, type, (isc_stdtime_t)0, &rdataset, NULL); dns_db_detachnode(&node); @@ -7173,7 +7156,7 @@ del_sigs(dns_zone_t *zone, dns_db_t *db, dns_dbversion_t *ver, dns_name_t *name, } if (result != ISC_R_SUCCESS) { INSIST(!dns_rdataset_isassociated(&rdataset)); - goto failure; + goto cleanup; } DNS_RDATASET_FOREACH(&rdataset) { @@ -7321,7 +7304,7 @@ del_sigs(dns_zone_t *zone, dns_db_t *db, dns_dbversion_t *ver, dns_name_t *name, "key expiry warning time out of range"); } } -failure: +cleanup: if (node != NULL) { dns_db_detachnode(&node); } @@ -7360,9 +7343,8 @@ add_sigs(dns_db_t *db, dns_dbversion_t *ver, dns_name_t *name, dns_zone_t *zone, if (result == ISC_R_NOTFOUND) { return ISC_R_SUCCESS; } - if (result != ISC_R_SUCCESS) { - goto failure; - } + CHECK(result); + result = dns_db_findrdataset(db, node, ver, type, 0, (isc_stdtime_t)0, &rdataset, NULL); dns_db_detachnode(&node); @@ -7372,7 +7354,7 @@ add_sigs(dns_db_t *db, dns_dbversion_t *ver, dns_name_t *name, dns_zone_t *zone, } if (result != ISC_R_SUCCESS) { INSIST(!dns_rdataset_isassociated(&rdataset)); - goto failure; + goto cleanup; } for (i = 0; i < nkeys; i++) { @@ -7525,7 +7507,7 @@ add_sigs(dns_db_t *db, dns_dbversion_t *ver, dns_name_t *name, dns_zone_t *zone, } } -failure: +cleanup: if (dns_rdataset_isassociated(&rdataset)) { dns_rdataset_disassociate(&rdataset); } @@ -7607,8 +7589,7 @@ zone_resigninc(dns_zone_t *zone) { * Zone is frozen. Pause for 5 minutes. */ if (zone->update_disabled) { - result = ISC_R_FAILURE; - goto failure; + CHECK(ISC_R_FAILURE); } ZONEDB_LOCK(&zone->dblock, isc_rwlocktype_read); @@ -7617,8 +7598,7 @@ zone_resigninc(dns_zone_t *zone) { } ZONEDB_UNLOCK(&zone->dblock, isc_rwlocktype_read); if (db == NULL) { - result = ISC_R_FAILURE; - goto failure; + CHECK(ISC_R_FAILURE); } result = dns_db_newversion(db, &version); @@ -7626,7 +7606,7 @@ zone_resigninc(dns_zone_t *zone) { dns_zone_log(zone, ISC_LOG_ERROR, "zone_resigninc:dns_db_newversion -> %s", isc_result_totext(result)); - goto failure; + goto cleanup; } now = isc_stdtime_now(); @@ -7637,7 +7617,7 @@ zone_resigninc(dns_zone_t *zone) { dns_zone_log(zone, ISC_LOG_ERROR, "zone_resigninc:dns_zone_findkeys -> %s", isc_result_totext(result)); - goto failure; + goto cleanup; } calculate_rrsig_validity(zone, now, &inception, &soaexpire, &expire, @@ -7710,8 +7690,8 @@ zone_resigninc(dns_zone_t *zone) { } } - if (result != ISC_R_NOMORE && result != ISC_R_SUCCESS) { - goto failure; + if (result != ISC_R_NOMORE) { + CHECK(result); } result = del_sigs(zone, db, version, &zone->origin, dns_rdatatype_soa, @@ -7720,7 +7700,7 @@ zone_resigninc(dns_zone_t *zone) { dns_zone_log(zone, ISC_LOG_ERROR, "zone_resigninc:del_sigs -> %s", isc_result_totext(result)); - goto failure; + goto cleanup; } /* @@ -7733,7 +7713,7 @@ zone_resigninc(dns_zone_t *zone) { if (zonediff.offline) { dns_db_closeversion(db, &version, true); } - goto failure; + goto cleanup; } /* Increment SOA serial if we have made changes */ @@ -7743,7 +7723,7 @@ zone_resigninc(dns_zone_t *zone) { dns_zone_log(zone, ISC_LOG_ERROR, "zone_resigninc:update_soa_serial -> %s", isc_result_totext(result)); - goto failure; + goto cleanup; } /* @@ -7757,7 +7737,7 @@ zone_resigninc(dns_zone_t *zone) { dns_zone_log(zone, ISC_LOG_ERROR, "zone_resigninc:add_sigs -> %s", isc_result_totext(result)); - goto failure; + goto cleanup; } /* Write changes to journal file. */ @@ -7766,7 +7746,7 @@ zone_resigninc(dns_zone_t *zone) { /* Everything has succeeded. Commit the changes. */ dns_db_closeversion(db, &version, true); -failure: +cleanup: dns_diff_clear(&_sig_diff); for (i = 0; i < nkeys; i++) { dst_key_free(&zone_keys[i]); @@ -7829,7 +7809,7 @@ next_active(dns_db_t *db, dns_dbversion_t *version, dns_name_t *oldname, break; } } while (1); -failure: +cleanup: if (node != NULL) { dns_db_detachnode(&node); } @@ -7925,7 +7905,7 @@ add_nsec(dns_db_t *db, dns_dbversion_t *version, dns_name_t *name, CHECK(dns_nsec_buildrdata(db, version, node, next, nsecbuffer, &rdata)); CHECK(update_one_rr(db, version, diff, DNS_DIFFOP_ADD, name, ttl, &rdata)); -failure: +cleanup: return result; } @@ -8130,7 +8110,7 @@ sign_a_node(dns_db_t *db, dns_zone_t *zone, dns_name_t *name, (*signatures)--; } -failure: +cleanup: if (dns_rdataset_isassociated(&rdataset)) { dns_rdataset_disassociate(&rdataset); } @@ -8162,15 +8142,13 @@ updatesecure(dns_db_t *db, dns_dbversion_t *version, dns_name_t *name, if (result == ISC_R_NOTFOUND) { goto success; } - if (result != ISC_R_SUCCESS) { - goto failure; - } + CHECK(result); } CHECK(delete_nsec(db, version, node, name, diff)); CHECK(add_nsec(db, version, name, node, nsecttl, false, diff)); success: result = ISC_R_SUCCESS; -failure: +cleanup: if (node != NULL) { dns_db_detachnode(&node); } @@ -8188,10 +8166,7 @@ updatesignwithkey(dns_zone_t *zone, dns_signing_t *signing, bool have_rr = false; dns_rdataset_init(&rdataset); - result = dns_db_getoriginnode(signing->db, &node); - if (result != ISC_R_SUCCESS) { - goto failure; - } + CHECK(dns_db_getoriginnode(signing->db, &node)); result = dns_db_findrdataset(signing->db, node, version, zone->privatetype, dns_rdatatype_none, 0, @@ -8199,11 +8174,11 @@ updatesignwithkey(dns_zone_t *zone, dns_signing_t *signing, if (result == ISC_R_NOTFOUND) { INSIST(!dns_rdataset_isassociated(&rdataset)); result = ISC_R_SUCCESS; - goto failure; + goto cleanup; } if (result != ISC_R_SUCCESS) { INSIST(!dns_rdataset_isassociated(&rdataset)); - goto failure; + goto cleanup; } DNS_RDATASET_FOREACH(&rdataset) { @@ -8295,7 +8270,7 @@ updatesignwithkey(dns_zone_t *zone, dns_signing_t *signing, diff)); } -failure: +cleanup: if (dns_rdataset_isassociated(&rdataset)) { dns_rdataset_disassociate(&rdataset); } @@ -8369,7 +8344,7 @@ fixup_nsec3param(dns_db_t *db, dns_dbversion_t *ver, dns_nsec3chain_t *chain, goto try_private; } if (result != ISC_R_SUCCESS) { - goto failure; + goto cleanup; } /* @@ -8449,9 +8424,7 @@ try_private: if (result == ISC_R_NOTFOUND) { goto add; } - if (result != ISC_R_SUCCESS) { - goto failure; - } + CHECK(result); DNS_RDATASET_FOREACH(&rdataset) { dns_rdata_t private = DNS_RDATA_INIT; @@ -8484,7 +8457,7 @@ try_private: add: if ((chain->nsec3param.flags & DNS_NSEC3FLAG_REMOVE) != 0) { result = ISC_R_SUCCESS; - goto failure; + goto cleanup; } /* @@ -8501,7 +8474,7 @@ add: rdata.data[1] = 0; /* Clear flag bits. */ CHECK(update_one_rr(db, ver, diff, DNS_DIFFOP_ADD, name, ttl, &rdata)); -failure: +cleanup: dns_db_detachnode(&node); if (dns_rdataset_isassociated(&rdataset)) { dns_rdataset_disassociate(&rdataset); @@ -8534,7 +8507,7 @@ delete_nsec(dns_db_t *db, dns_dbversion_t *ver, dns_dbnode_t *node, rdataset.ttl, &rdata)); } -failure: +cleanup: dns_rdataset_disassociate(&rdataset); return result; } @@ -8573,7 +8546,7 @@ deletematchingnsec3(dns_db_t *db, dns_dbversion_t *ver, dns_dbnode_t *node, rdataset.ttl, &rdata)); } -failure: +cleanup: dns_rdataset_disassociate(&rdataset); return result; } @@ -8649,7 +8622,7 @@ need_nsec_chain(dns_db_t *db, dns_dbversion_t *ver, *answer = !active; -failure: +cleanup: if (dns_rdataset_isassociated(&rdataset)) { dns_rdataset_disassociate(&rdataset); } @@ -8796,8 +8769,7 @@ zone_nsec3chain(dns_zone_t *zone) { * Updates are disabled. Pause for 5 minutes. */ if (zone->update_disabled) { - result = ISC_R_FAILURE; - goto failure; + CHECK(ISC_R_FAILURE); } ZONEDB_LOCK(&zone->dblock, isc_rwlocktype_read); @@ -8823,7 +8795,7 @@ zone_nsec3chain(dns_zone_t *zone) { dnssec_log(zone, ISC_LOG_ERROR, "zone_nsec3chain:dns_db_newversion -> %s", isc_result_totext(result)); - goto failure; + goto cleanup; } now = isc_stdtime_now(); @@ -8834,7 +8806,7 @@ zone_nsec3chain(dns_zone_t *zone) { dnssec_log(zone, ISC_LOG_ERROR, "zone_nsec3chain:dns_zone_findkeys -> %s", isc_result_totext(result)); - goto failure; + goto cleanup; } calculate_rrsig_validity(zone, now, &inception, &soaexpire, NULL, @@ -8950,9 +8922,7 @@ zone_nsec3chain(dns_zone_t *zone) { /* Empty node? */ goto next_addnode; } - if (result != ISC_R_SUCCESS) { - goto failure; - } + CHECK(result); seen_soa = seen_ns = seen_dname = seen_ds = seen_nsec = false; DNS_RDATASETITER_FOREACH(iterator) { @@ -8998,7 +8968,7 @@ zone_nsec3chain(dns_zone_t *zone) { "zone_nsec3chain:" "dns_nsec3_addnsec3 -> %s", isc_result_totext(result)); - goto failure; + goto cleanup; } /* @@ -9055,7 +9025,7 @@ zone_nsec3chain(dns_zone_t *zone) { "zone_nsec3chain:" "dns_dbiterator_next -> %s", isc_result_totext(result)); - goto failure; + goto cleanup; } else if (delegation) { dns_dbiterator_current(nsec3chain->dbiterator, &node, nextname); @@ -9136,7 +9106,7 @@ zone_nsec3chain(dns_zone_t *zone) { "zone_nsec3chain:" "need_nsec_chain -> %s", isc_result_totext(result)); - goto failure; + goto cleanup; } } @@ -9163,7 +9133,7 @@ zone_nsec3chain(dns_zone_t *zone) { "zone_nsec3chain:" "fixup_nsec3param -> %s", isc_result_totext(result)); - goto failure; + goto cleanup; } } @@ -9178,7 +9148,7 @@ zone_nsec3chain(dns_zone_t *zone) { "zone_nsec3chain:" "deletematchingnsec3 -> %s", isc_result_totext(result)); - goto failure; + goto cleanup; } goto next_removenode; } @@ -9213,9 +9183,7 @@ zone_nsec3chain(dns_zone_t *zone) { /* Empty node? */ goto next_removenode; } - if (result != ISC_R_SUCCESS) { - goto failure; - } + CHECK(result); seen_soa = seen_ns = seen_dname = seen_nsec3 = seen_nsec = seen_rr = false; @@ -9285,7 +9253,7 @@ zone_nsec3chain(dns_zone_t *zone) { "zone_nsec3chain:" "fixup_nsec3param -> %s", isc_result_totext(result)); - goto failure; + goto cleanup; } goto next_removechain; } else if (result != ISC_R_SUCCESS) { @@ -9293,7 +9261,7 @@ zone_nsec3chain(dns_zone_t *zone) { "zone_nsec3chain:" "dns_dbiterator_next -> %s", isc_result_totext(result)); - goto failure; + goto cleanup; } else if (delegation) { dns_dbiterator_current(nsec3chain->dbiterator, &node, nextname); @@ -9333,7 +9301,7 @@ skip_removals: dnssec_log(zone, ISC_LOG_ERROR, "zone_nsec3chain:dns_db_allrdatasets -> %s", isc_result_totext(result)); - goto failure; + goto cleanup; } DNS_RDATASETITER_FOREACH(iterator) { dns_rdataset_t rdataset = DNS_RDATASET_INIT; @@ -9360,7 +9328,7 @@ skip_removals: dnssec_log(zone, ISC_LOG_ERROR, "zone_nsec3chain:updatesecure -> %s", isc_result_totext(result)); - goto failure; + goto cleanup; } } @@ -9377,7 +9345,7 @@ skip_removals: "zone_nsec3chain:" "dns_nsec3_addnsec3s -> %s", isc_result_totext(result)); - goto failure; + goto cleanup; } } } @@ -9395,7 +9363,7 @@ skip_removals: dnssec_log(zone, ISC_LOG_ERROR, "zone_nsec3chain:dns__zone_updatesigs -> %s", isc_result_totext(result)); - goto failure; + goto cleanup; } /* @@ -9409,7 +9377,7 @@ skip_removals: dnssec_log(zone, ISC_LOG_ERROR, "zone_nsec3chain:dns__zone_updatesigs -> %s", isc_result_totext(result)); - goto failure; + goto cleanup; } if (updatensec) { @@ -9419,7 +9387,7 @@ skip_removals: dnssec_log(zone, ISC_LOG_ERROR, "zone_nsec3chain:updatesecure -> %s", isc_result_totext(result)); - goto failure; + goto cleanup; } } @@ -9430,7 +9398,7 @@ skip_removals: dnssec_log(zone, ISC_LOG_ERROR, "zone_nsec3chain:dns__zone_updatesigs -> %s", isc_result_totext(result)); - goto failure; + goto cleanup; } /* @@ -9442,7 +9410,7 @@ skip_removals: * No need to call dns_db_closeversion() here as it is * called with commit = true below. */ - goto done; + goto closeversion; } result = del_sigs(zone, db, version, &zone->origin, dns_rdatatype_soa, @@ -9451,7 +9419,7 @@ skip_removals: dnssec_log(zone, ISC_LOG_ERROR, "zone_nsec3chain:del_sigs -> %s", isc_result_totext(result)); - goto failure; + goto cleanup; } result = update_soa_serial(zone, db, version, zonediff.diff, zone->mctx, @@ -9460,7 +9428,7 @@ skip_removals: dnssec_log(zone, ISC_LOG_ERROR, "zone_nsec3chain:update_soa_serial -> %s", isc_result_totext(result)); - goto failure; + goto cleanup; } result = add_sigs(db, version, &zone->origin, zone, dns_rdatatype_soa, @@ -9470,7 +9438,7 @@ skip_removals: dnssec_log(zone, ISC_LOG_ERROR, "zone_nsec3chain:add_sigs -> %s", isc_result_totext(result)); - goto failure; + goto cleanup; } /* Write changes to journal file. */ @@ -9481,7 +9449,7 @@ skip_removals: DNS_ZONE_SETFLAG(zone, DNS_ZONEFLG_NEEDNOTIFY); UNLOCK_ZONE(zone); -done: +closeversion: /* * Pause all iterators so that dns_db_closeversion() can succeed. */ @@ -9511,7 +9479,7 @@ done: set_resigntime(zone); UNLOCK_ZONE(zone); -failure: +cleanup: if (result != ISC_R_SUCCESS) { dnssec_log(zone, ISC_LOG_ERROR, "zone_nsec3chain: %s", isc_result_totext(result)); @@ -9685,7 +9653,7 @@ del_sig(dns_db_t *db, dns_dbversion_t *version, dns_name_t *name, * i.e., found in at least one, and not missing from any. */ *has_algp = (alg_found && !alg_missed); -failure: +cleanup: if (dns_rdataset_isassociated(&rdataset)) { dns_rdataset_disassociate(&rdataset); } @@ -9780,12 +9748,12 @@ dns_zone_check_dnskey_nsec3(dns_zone_t *zone, dns_db_t *db, /* Refuse to allow NSEC3 with NSEC-only keys */ if (nseconly && nsec3) { - goto failure; + goto cleanup; } return true; -failure: +cleanup: return false; } @@ -9839,7 +9807,7 @@ zone_sign(dns_zone_t *zone) { */ if (zone->update_disabled) { result = ISC_R_FAILURE; - goto cleanup; + goto done; } ZONEDB_LOCK(&zone->dblock, isc_rwlocktype_read); @@ -9849,7 +9817,7 @@ zone_sign(dns_zone_t *zone) { ZONEDB_UNLOCK(&zone->dblock, isc_rwlocktype_read); if (db == NULL) { result = ISC_R_FAILURE; - goto cleanup; + goto done; } result = dns_db_newversion(db, &version); @@ -9857,7 +9825,7 @@ zone_sign(dns_zone_t *zone) { dnssec_log(zone, ISC_LOG_ERROR, "zone_sign:dns_db_newversion -> %s", isc_result_totext(result)); - goto cleanup; + goto done; } now = isc_stdtime_now(); @@ -9868,7 +9836,7 @@ zone_sign(dns_zone_t *zone) { dnssec_log(zone, ISC_LOG_ERROR, "zone_sign:dns_zone_findkeys -> %s", isc_result_totext(result)); - goto cleanup; + goto done; } kasp = zone->kasp; @@ -10151,7 +10119,7 @@ zone_sign(dns_zone_t *zone) { "updatesecure -> %s", isc_result_totext( result)); - goto cleanup; + goto done; } } result = updatesignwithkey( @@ -10161,7 +10129,7 @@ zone_sign(dns_zone_t *zone) { dnssec_log(zone, ISC_LOG_ERROR, "updatesignwithkey -> %s", isc_result_totext(result)); - goto cleanup; + goto done; } build_nsec = false; goto next_signing; @@ -10170,7 +10138,7 @@ zone_sign(dns_zone_t *zone) { "zone_sign:" "dns_dbiterator_next -> %s", isc_result_totext(result)); - goto cleanup; + goto done; } else if (is_bottom_of_zone) { dns_dbiterator_current(signing->dbiterator, &node, nextname); @@ -10198,7 +10166,7 @@ zone_sign(dns_zone_t *zone) { dnssec_log(zone, ISC_LOG_ERROR, "zone_sign:dns__zone_updatesigs -> %s", isc_result_totext(result)); - goto cleanup; + goto done; } } @@ -10220,7 +10188,7 @@ zone_sign(dns_zone_t *zone) { if (result != ISC_R_SUCCESS) { dnssec_log(zone, ISC_LOG_ERROR, "zone_sign:del_sigs -> %s", isc_result_totext(result)); - goto cleanup; + goto done; } result = update_soa_serial(zone, db, version, zonediff.diff, zone->mctx, @@ -10229,7 +10197,7 @@ zone_sign(dns_zone_t *zone) { dnssec_log(zone, ISC_LOG_ERROR, "zone_sign:update_soa_serial -> %s", isc_result_totext(result)); - goto cleanup; + goto done; } /* @@ -10242,7 +10210,7 @@ zone_sign(dns_zone_t *zone) { if (result != ISC_R_SUCCESS) { dnssec_log(zone, ISC_LOG_ERROR, "zone_sign:add_sigs -> %s", isc_result_totext(result)); - goto cleanup; + goto done; } /* @@ -10285,13 +10253,13 @@ pauseall: } UNLOCK_ZONE(zone); -failure: +cleanup: if (result != ISC_R_SUCCESS) { dnssec_log(zone, ISC_LOG_ERROR, "zone_sign: failed: %s", isc_result_totext(result)); } -cleanup: +done: /* * Pause all dbiterators. */ @@ -10533,9 +10501,8 @@ minimal_update(dns_zonefetch_t *fetch, dns_dbversion_t *ver, dns_diff_t *diff) { if (result == ISC_R_UNEXPECTEDEND) { continue; } - if (result != ISC_R_SUCCESS) { - goto failure; - } + CHECK(result); + keydata.refresh = refresh_time(fetch, true); set_refreshkeytimer(zone, &keydata, now, false); @@ -10550,7 +10517,7 @@ minimal_update(dns_zonefetch_t *fetch, dns_dbversion_t *ver, dns_diff_t *diff) { 0, &rdata)); } result = ISC_R_SUCCESS; -failure: +cleanup: return result; } @@ -11266,7 +11233,7 @@ done: result = ISC_R_SUCCESS; } -failure: +cleanup: if (result != ISC_R_SUCCESS) { dnssec_log(zone, ISC_LOG_ERROR, "error during trust anchor processing (%s): " @@ -11440,7 +11407,7 @@ zone_refreshkeys(dns_zone_t *zone) { zone_needdump(zone, 30); } -failure: +cleanup: if (!timerset) { isc_time_settoepoch(&zone->refreshkeytime); } @@ -11798,7 +11765,7 @@ zone_expire(dns_zone_t *zone) { "policies unloaded"); } -failure: +cleanup: if (db != NULL) { dns_db_detach(&db); } @@ -16156,7 +16123,7 @@ sync_secure_journal(dns_zone_t *zone, dns_zone_t *raw, dns_journal_t *journal, result = ISC_R_SUCCESS; } -failure: +cleanup: return result; } @@ -16525,8 +16492,8 @@ receive_secure_serial(void *arg) { result = dns_journal_open(zone->mctx, zone->journal, DNS_JOURNAL_READ, &sjournal); - if (result != ISC_R_SUCCESS && result != ISC_R_NOTFOUND) { - goto failure; + if (result != ISC_R_NOTFOUND) { + CHECK(result); } if (!dns_journal_get_sourceserial(rjournal, &start)) { @@ -16560,7 +16527,7 @@ receive_secure_serial(void *arg) { start, end, &soatuple, &zone->rss_diff); if (result == DNS_R_UNCHANGED) { - goto failure; + goto cleanup; } else if (result != ISC_R_SUCCESS) { CHECK(sync_secure_db(zone, zone->rss_raw, zone->rss_db, zone->rss_oldver, &soatuple, @@ -16617,7 +16584,7 @@ receive_secure_serial(void *arg) { * that contents of the raw zone and the secure zone are kept in sync. */ if (result != ISC_R_SUCCESS && dns_db_issecure(zone->rss_db)) { - goto failure; + goto cleanup; } if (rjournal == NULL) { @@ -16655,7 +16622,7 @@ receive_secure_serial(void *arg) { newserial, desired); } -failure: +cleanup: isc_mem_put(zone->mctx, rss, sizeof(*rss)); zone->rss = NULL; @@ -16904,7 +16871,7 @@ done: result = ISC_R_SUCCESS; } -failure: +cleanup: if (node != NULL) { dns_db_detachnode(&node); } @@ -17046,8 +17013,7 @@ receive_secure_db(void *arg) { LOCK_ZONE(zone); if (DNS_ZONE_FLAG(zone, DNS_ZONEFLG_EXITING) || !inline_secure(zone)) { - result = ISC_R_SHUTTINGDOWN; - goto failure; + CHECK(ISC_R_SHUTTINGDOWN); } loadtime = isc_time_now(); @@ -17065,39 +17031,26 @@ receive_secure_db(void *arg) { result = save_nsec3param(zone, &nsec3list); if (result != ISC_R_SUCCESS) { ZONEDB_UNLOCK(&zone->dblock, isc_rwlocktype_read); - goto failure; + goto cleanup; } } ZONEDB_UNLOCK(&zone->dblock, isc_rwlocktype_read); - result = dns_db_create(zone->mctx, zone->db_argv[0], &zone->origin, - dns_dbtype_zone, zone->rdclass, - zone->db_argc - 1, zone->db_argv + 1, &db); - if (result != ISC_R_SUCCESS) { - goto failure; - } + CHECK(dns_db_create(zone->mctx, zone->db_argv[0], &zone->origin, + dns_dbtype_zone, zone->rdclass, zone->db_argc - 1, + zone->db_argv + 1, &db)); result = dns_db_setgluecachestats(db, zone->gluecachestats); - if (result != ISC_R_SUCCESS && result != ISC_R_NOTIMPLEMENTED) { - goto failure; + if (result != ISC_R_NOTIMPLEMENTED) { + CHECK(result); } - result = dns_db_newversion(db, &version); - if (result != ISC_R_SUCCESS) { - goto failure; - } - - result = dns_db_createiterator(rawdb, DNS_DB_NONSEC3, &dbiterator); - if (result != ISC_R_SUCCESS) { - goto failure; - } + CHECK(dns_db_newversion(db, &version)); + CHECK(dns_db_createiterator(rawdb, DNS_DB_NONSEC3, &dbiterator)); DNS_DBITERATOR_FOREACH(dbiterator) { - result = copy_non_dnssec_records(db, version, rawdb, dbiterator, - oldserialp); - if (result != ISC_R_SUCCESS) { - goto failure; - } + CHECK(copy_non_dnssec_records(db, version, rawdb, dbiterator, + oldserialp)); } dns_dbiterator_destroy(&dbiterator); @@ -17106,10 +17059,7 @@ receive_secure_db(void *arg) { * the old nsec3 parameters and insert them into db */ if (!ISC_LIST_EMPTY(nsec3list)) { - result = restore_nsec3param(zone, db, version, &nsec3list); - if (result != ISC_R_SUCCESS) { - goto failure; - } + CHECK(restore_nsec3param(zone, db, version, &nsec3list)); } dns_db_closeversion(db, &version, true); @@ -17129,7 +17079,7 @@ receive_secure_db(void *arg) { */ process_zone_setnsec3param(zone); -failure: +cleanup: UNLOCK_ZONE(zone); if (dbiterator != NULL) { dns_dbiterator_destroy(&dbiterator); @@ -19834,7 +19784,7 @@ rr_exists(dns_db_t *db, dns_dbversion_t *ver, dns_name_t *name, if (result == ISC_R_NOTFOUND) { *flag = false; result = ISC_R_SUCCESS; - goto failure; + goto cleanup; } bool matched = false; @@ -19849,7 +19799,7 @@ rr_exists(dns_db_t *db, dns_dbversion_t *ver, dns_name_t *name, dns_rdataset_disassociate(&rdataset); *flag = matched; -failure: +cleanup: if (node != NULL) { dns_db_detachnode(&node); } @@ -19990,7 +19940,7 @@ add_signing_records(dns_db_t *db, dns_rdatatype_t privatetype, } } -failure: +cleanup: /* * Put the DNSKEY changes we cared about back on diff->tuples. */ @@ -20079,37 +20029,26 @@ sign_apex(dns_zone_t *zone, dns_db_t *db, dns_dbversion_t *ver, * signature and if not cause them to sign so that newly activated * keys are used. */ - result = tickle_apex_rrset(dns_rdatatype_dnskey, zone, db, ver, now, - diff, zonediff, zone_keys, nkeys, inception, - keyexpire); - if (result != ISC_R_SUCCESS) { - goto failure; - } - result = tickle_apex_rrset(dns_rdatatype_cds, zone, db, ver, now, diff, - zonediff, zone_keys, nkeys, inception, - keyexpire); - if (result != ISC_R_SUCCESS) { - goto failure; - } - result = tickle_apex_rrset(dns_rdatatype_cdnskey, zone, db, ver, now, - diff, zonediff, zone_keys, nkeys, inception, - keyexpire); - if (result != ISC_R_SUCCESS) { - goto failure; - } + CHECK(tickle_apex_rrset(dns_rdatatype_dnskey, zone, db, ver, now, diff, + zonediff, zone_keys, nkeys, inception, + keyexpire)); + CHECK(tickle_apex_rrset(dns_rdatatype_cds, zone, db, ver, now, diff, + zonediff, zone_keys, nkeys, inception, + keyexpire)); + CHECK(tickle_apex_rrset(dns_rdatatype_cdnskey, zone, db, ver, now, diff, + zonediff, zone_keys, nkeys, inception, + keyexpire)); result = dns__zone_updatesigs(diff, db, ver, zone_keys, nkeys, zone, inception, soaexpire, keyexpire, now, zonediff); - if (result != ISC_R_SUCCESS) { dnssec_log(zone, ISC_LOG_ERROR, "sign_apex:dns__zone_updatesigs -> %s", isc_result_totext(result)); - goto failure; } -failure: +cleanup: for (i = 0; i < nkeys; i++) { dst_key_free(&zone_keys[i]); } @@ -20132,12 +20071,12 @@ clean_nsec3param(dns_zone_t *zone, dns_db_t *db, dns_dbversion_t *ver, dns_rdataset_disassociate(&rdataset); } if (result != ISC_R_NOTFOUND) { - goto failure; + goto cleanup; } result = dns_nsec3param_deletechains(db, ver, zone, true, diff); -failure: +cleanup: if (node != NULL) { dns_db_detachnode(&node); } @@ -20189,7 +20128,7 @@ add_chains(dns_zone_t *zone, dns_db_t *db, dns_dbversion_t *ver, } CHECK(updatesecure(db, ver, origin, zone_nsecttl(zone), true, diff)); -failure: +cleanup: return result; } @@ -20409,7 +20348,7 @@ checkds_done(void *arg) { dns_zone_log(zone, ISC_LOG_NOTICE, "checkds: bad DS response from %s: %.*s", addrbuf, (int)buf.used, rcode); - goto failure; + goto cleanup; } /* Make sure that either AA or RA bit is set. */ @@ -20420,7 +20359,7 @@ checkds_done(void *arg) { "checkds: bad DS response from %s: expected AA or " "RA bit set", addrbuf); - goto failure; + goto cleanup; } /* Lookup DS RRset. */ @@ -20554,7 +20493,7 @@ checkds_done(void *arg) { dns_zone_rekey(zone, false, false); } -failure: +cleanup: if (result != ISC_R_SUCCESS) { dns_zone_log(zone, ISC_LOG_DEBUG(3), "checkds: DS request failed: %s", @@ -21552,11 +21491,9 @@ zone_rekey(dns_zone_t *zone) { dns_zone_unlock_keyfiles(zone); - if (result != ISC_R_SUCCESS) { - goto failure; - } + CHECK(result); } else if (result != ISC_R_NOTFOUND) { - goto failure; + goto cleanup; } /* Get the current CDS rdataset */ @@ -21613,8 +21550,7 @@ zone_rekey(dns_zone_t *zone) { dnssec_log(zone, ISC_LOG_DEBUG(1), "zone_rekey:dns_skr_lookup failed: " "no SKR available"); - result = DNS_R_NOSKRFILE; - goto failure; + CHECK(DNS_R_NOSKRFILE); } bundle = dns_skr_lookup(zone->skr, now, sigval); zone->skrbundle = bundle; @@ -21635,8 +21571,7 @@ zone_rekey(dns_zone_t *zone) { "no available SKR bundle for time " "%.*s (%s)", (int)r.length, r.base, nowstr); - result = DNS_R_NOSKRBUNDLE; - goto failure; + CHECK(DNS_R_NOSKRBUNDLE); } zone_apply_skrbundle(zone, bundle, &keyset, &cdsset, @@ -21681,7 +21616,7 @@ zone_rekey(dns_zone_t *zone) { "zone_rekey:zone_verifykeys failed: " "some key files are missing"); KASP_UNLOCK(kasp); - goto failure; + goto cleanup; } /* @@ -21724,7 +21659,7 @@ zone_rekey(dns_zone_t *zone) { "failed: %s", isc_result_totext(result)); KASP_UNLOCK(kasp); - goto failure; + goto cleanup; } } } else if (offlineksk) { @@ -21772,7 +21707,7 @@ zone_rekey(dns_zone_t *zone) { dnssec_log(zone, ISC_LOG_ERROR, "zone_rekey:couldn't update zone keys: %s", isc_result_totext(result)); - goto failure; + goto cleanup; } if (offlineksk) { @@ -21849,7 +21784,7 @@ zone_rekey(dns_zone_t *zone) { dnssec_log(zone, ISC_LOG_ERROR, "zone_rekey:couldn't update CDS/CDNSKEY: %s", isc_result_totext(result)); - goto failure; + goto cleanup; } if (cdsdel || cdnskeydel) { @@ -21886,7 +21821,7 @@ zone_rekey(dns_zone_t *zone) { "zone_rekey:couldn't update CDS/CDNSKEY " "DELETE records: %s", isc_result_totext(result)); - goto failure; + goto cleanup; } post_sync: @@ -22198,7 +22133,7 @@ zone_rekey(dns_zone_t *zone) { result = ISC_R_SUCCESS; -failure: +cleanup: LOCK_ZONE(zone); if (result != ISC_R_SUCCESS) { /* @@ -22288,7 +22223,6 @@ dns_zone_dnssecstatus(dns_zone_t *zone, dns_kasp_t *kasp, dns_dnsseckeylist_t *keys, isc_stdtime_t now, bool verbose, char *out, size_t out_len) { isc_buffer_t buf; - isc_result_t result = ISC_R_SUCCESS; isc_time_t refreshkeytime; isc_stdtime_t refresh; char timestr[26]; @@ -22312,11 +22246,10 @@ dns_zone_dnssecstatus(dns_zone_t *zone, dns_kasp_t *kasp, bool checkds = zone->checkdstype != dns_checkdstype_no; LOCK(&kasp->lock); - result = dns_keymgr_status(kasp, keys, &buf, now, verbose, checkds); + RETERR(dns_keymgr_status(kasp, keys, &buf, now, verbose, checkds)); UNLOCK(&kasp->lock); -failure: - return result; + return ISC_R_SUCCESS; } isc_result_t @@ -22361,29 +22294,29 @@ dns_zone_cdscheck(dns_zone_t *zone, dns_db_t *db, dns_dbversion_t *version) { result = dns_db_findrdataset(db, node, version, dns_rdatatype_cds, dns_rdatatype_none, 0, &cds, NULL); - if (result != ISC_R_SUCCESS && result != ISC_R_NOTFOUND) { - goto failure; + if (result != ISC_R_NOTFOUND) { + CHECK(result); } result = dns_db_findrdataset(db, node, version, dns_rdatatype_cdnskey, dns_rdatatype_none, 0, &cdnskey, NULL); - if (result != ISC_R_SUCCESS && result != ISC_R_NOTFOUND) { - goto failure; + if (result != ISC_R_NOTFOUND) { + CHECK(result); } if (!dns_rdataset_isassociated(&cds) && !dns_rdataset_isassociated(&cdnskey)) { result = ISC_R_SUCCESS; - goto failure; + goto cleanup; } result = dns_db_findrdataset(db, node, version, dns_rdatatype_dnskey, dns_rdatatype_none, 0, &dnskey, NULL); if (result == ISC_R_NOTFOUND) { empty = true; - } else if (result != ISC_R_SUCCESS) { - goto failure; + } else { + CHECK(result); } /* @@ -22413,8 +22346,7 @@ dns_zone_cdscheck(dns_zone_t *zone, dns_db_t *db, dns_dbversion_t *version) { } if (empty) { - result = DNS_R_BADCDS; - goto failure; + CHECK(DNS_R_BADCDS); } CHECK(dns_rdata_tostruct(&crdata, &structcds, NULL)); @@ -22476,7 +22408,7 @@ dns_zone_cdscheck(dns_zone_t *zone, dns_db_t *db, dns_dbversion_t *version) { &rdata); if (result != ISC_R_SUCCESS) { result = DNS_R_BADCDS; - goto failure; + goto cleanup; } CHECK(dns_rdata_tostruct(&rdata, &structdnskey, NULL)); @@ -22490,12 +22422,10 @@ dns_zone_cdscheck(dns_zone_t *zone, dns_db_t *db, dns_dbversion_t *version) { for (i = 0; i < sizeof(algorithms); i++) { if (delete) { if (algorithms[i] != notexpected) { - result = DNS_R_BADCDS; - goto failure; + CHECK(DNS_R_BADCDS); } } else if (algorithms[i] == expected) { - result = DNS_R_BADCDS; - goto failure; + CHECK(DNS_R_BADCDS); } } } @@ -22528,8 +22458,7 @@ dns_zone_cdscheck(dns_zone_t *zone, dns_db_t *db, dns_dbversion_t *version) { } if (empty) { - result = DNS_R_BADCDNSKEY; - goto failure; + CHECK(DNS_R_BADCDNSKEY); } CHECK(dns_rdata_tostruct(&crdata, &structcdnskey, @@ -22561,18 +22490,16 @@ dns_zone_cdscheck(dns_zone_t *zone, dns_db_t *db, dns_dbversion_t *version) { for (i = 0; i < sizeof(algorithms); i++) { if (delete) { if (algorithms[i] != notexpected) { - result = DNS_R_BADCDNSKEY; - goto failure; + CHECK(DNS_R_BADCDNSKEY); } } else if (algorithms[i] == expected) { - result = DNS_R_BADCDNSKEY; - goto failure; + CHECK(DNS_R_BADCDNSKEY); } } } result = ISC_R_SUCCESS; -failure: +cleanup: if (dns_rdataset_isassociated(&cds)) { dns_rdataset_disassociate(&cds); } @@ -22841,7 +22768,7 @@ keydone(void *arg) { } ZONEDB_UNLOCK(&zone->dblock, isc_rwlocktype_read); if (db == NULL) { - goto failure; + goto cleanup; } dns_db_currentversion(db, &oldver); @@ -22850,23 +22777,16 @@ keydone(void *arg) { dnssec_log(zone, ISC_LOG_ERROR, "keydone:dns_db_newversion -> %s", isc_result_totext(result)); - goto failure; + goto cleanup; } - result = dns_db_getoriginnode(db, &node); - if (result != ISC_R_SUCCESS) { - goto failure; - } + CHECK(dns_db_getoriginnode(db, &node)); result = dns_db_findrdataset(db, node, newver, zone->privatetype, dns_rdatatype_none, 0, &rdataset, NULL); - if (result == ISC_R_NOTFOUND) { - INSIST(!dns_rdataset_isassociated(&rdataset)); - goto failure; - } if (result != ISC_R_SUCCESS) { INSIST(!dns_rdataset_isassociated(&rdataset)); - goto failure; + goto cleanup; } DNS_RDATASET_FOREACH(&rdataset) { @@ -22930,7 +22850,7 @@ keydone(void *arg) { UNLOCK_ZONE(zone); } -failure: +cleanup: if (dns_rdataset_isassociated(&rdataset)) { dns_rdataset_disassociate(&rdataset); } @@ -23008,7 +22928,7 @@ dns_zone_keydone(dns_zone_t *zone, const char *keystr) { isc_async_run(zone->loop, keydone, kd); kd = NULL; -failure: +cleanup: if (kd != NULL) { isc_mem_put(zone->mctx, kd, sizeof(*kd)); } @@ -23115,7 +23035,7 @@ rss_post(void *arg) { } ZONEDB_UNLOCK(&zone->dblock, isc_rwlocktype_read); if (db == NULL) { - goto failure; + goto cleanup; } dns_db_currentversion(db, &oldver); @@ -23124,7 +23044,7 @@ rss_post(void *arg) { dnssec_log(zone, ISC_LOG_ERROR, "setnsec3param:dns_db_newversion -> %s", isc_result_totext(result)); - goto failure; + goto cleanup; } CHECK(dns_db_getoriginnode(db, &node)); @@ -23146,15 +23066,15 @@ rss_post(void *arg) { if (result == ISC_R_SUCCESS) { /* * Success because the NSEC3PARAM already exists, but - * function returns void, so goto failure to clean up. + * function returns void, so goto cleanup. */ - goto failure; + goto cleanup; } if (result != DNS_R_NSEC3RESALT && result != ISC_R_NOTFOUND) { dnssec_log(zone, ISC_LOG_DEBUG(3), "setnsec3param:lookup nsec3param -> %s", isc_result_totext(result)); - goto failure; + goto cleanup; } INSIST(param.salt != NULL); @@ -23195,7 +23115,7 @@ rss_post(void *arg) { } } else if (result != ISC_R_NOTFOUND) { INSIST(!dns_rdataset_isassociated(&prdataset)); - goto failure; + goto cleanup; } /* @@ -23218,7 +23138,7 @@ rss_post(void *arg) { } } else if (result != ISC_R_NOTFOUND) { INSIST(!dns_rdataset_isassociated(&nrdataset)); - goto failure; + goto cleanup; } /* @@ -23282,7 +23202,7 @@ rss_post(void *arg) { UNLOCK_ZONE(zone); } -failure: +cleanup: if (dns_rdataset_isassociated(&prdataset)) { dns_rdataset_disassociate(&prdataset); } @@ -23415,8 +23335,8 @@ setparam: param->salt = lookup->salt; } - if (result != ISC_R_NOTFOUND && result != ISC_R_SUCCESS) { - goto failure; + if (result != ISC_R_NOTFOUND) { + CHECK(result); } if (param->salt_length == 0) { @@ -23451,7 +23371,7 @@ setparam: INSIST(result != ISC_R_SUCCESS); } -failure: +cleanup: if (dns_rdataset_isassociated(&rdataset)) { dns_rdataset_disassociate(&rdataset); } @@ -23602,7 +23522,7 @@ dns_zone_setnsec3param(dns_zone_t *zone, uint8_t hash, uint8_t flags, result = ISC_R_SUCCESS; -failure: +cleanup: UNLOCK_ZONE(zone); return result; } @@ -23722,7 +23642,7 @@ setserial(void *arg) { } ZONEDB_UNLOCK(&zone->dblock, isc_rwlocktype_read); if (db == NULL) { - goto failure; + goto cleanup; } dns_db_currentversion(db, &oldver); @@ -23731,7 +23651,7 @@ setserial(void *arg) { dns_zone_log(zone, ISC_LOG_ERROR, "setserial:dns_db_newversion -> %s", isc_result_totext(result)); - goto failure; + goto cleanup; } CHECK(dns_db_createsoatuple(db, oldver, diff.mctx, DNS_DIFFOP_DEL, @@ -23751,7 +23671,7 @@ setserial(void *arg) { desired, oldserial + 1, oldserial + 0x7fffffff); } - goto failure; + goto cleanup; } dns_soa_setserial(desired, &newtuple->rdata); @@ -23771,7 +23691,7 @@ setserial(void *arg) { zone_needdump(zone, 30); UNLOCK_ZONE(zone); -failure: +cleanup: if (oldtuple != NULL) { dns_difftuple_free(&oldtuple); } @@ -23808,14 +23728,12 @@ dns_zone_setserial(dns_zone_t *zone, uint32_t serial) { if (!inline_secure(zone)) { if (!dns_zone_isdynamic(zone, true)) { - result = DNS_R_NOTDYNAMIC; - goto failure; + CHECK(DNS_R_NOTDYNAMIC); } } if (zone->update_disabled) { - result = DNS_R_FROZEN; - goto failure; + CHECK(DNS_R_FROZEN); } sse = isc_mem_get(zone->mctx, sizeof(*sse)); @@ -23823,7 +23741,7 @@ dns_zone_setserial(dns_zone_t *zone, uint32_t serial) { zone_iattach(zone, &sse->zone); isc_async_run(zone->loop, setserial, sse); -failure: +cleanup: UNLOCK_ZONE(zone); return result; } @@ -23866,16 +23784,14 @@ dns_zone_verifydb(dns_zone_t *zone, dns_db_t *db, dns_dbversion_t *ver) { if (zone->view != NULL) { result = dns_view_getsecroots(zone->view, &secroots); - if (result != ISC_R_SUCCESS) { - goto done; - } + CHECK(result); } origin = dns_db_origin(db); result = dns_zoneverify_dnssec(zone, db, version, origin, secroots, zone->mctx, true, false, dnssec_report); -done: +cleanup: if (secroots != NULL) { dns_keytable_detach(&secroots); } @@ -24004,7 +23920,7 @@ dns_zone_import_skr(dns_zone_t *zone, const char *file) { dns_zone_setskr(zone, skr); dnssec_log(zone, ISC_LOG_DEBUG(1), "imported skr file %s", file); -failure: +cleanup: dns_skr_detach(&skr); return result; diff --git a/lib/isc/base32.c b/lib/isc/base32.c index 74e74839f2..7ba1b33b43 100644 --- a/lib/isc/base32.c +++ b/lib/isc/base32.c @@ -22,13 +22,6 @@ #include #include -#define RETERR(x) \ - do { \ - isc_result_t _r = (x); \ - if (_r != ISC_R_SUCCESS) \ - return ((_r)); \ - } while (0) - /*@{*/ /*! * These static functions are also present in lib/dns/rdata.c. I'm not diff --git a/lib/isc/base64.c b/lib/isc/base64.c index a51aa0d163..ba4ee7148f 100644 --- a/lib/isc/base64.c +++ b/lib/isc/base64.c @@ -21,13 +21,6 @@ #include #include -#define RETERR(x) \ - do { \ - isc_result_t _r = (x); \ - if (_r != ISC_R_SUCCESS) \ - return ((_r)); \ - } while (0) - /*@{*/ /*! * These static functions are also present in lib/dns/rdata.c. I'm not diff --git a/lib/isc/hex.c b/lib/isc/hex.c index cf174daa98..7f63df7aa6 100644 --- a/lib/isc/hex.c +++ b/lib/isc/hex.c @@ -38,13 +38,6 @@ const uint8_t isc__hex_char[256] = { #undef U #undef L -#define RETERR(x) \ - do { \ - isc_result_t _r = (x); \ - if (_r != ISC_R_SUCCESS) \ - return ((_r)); \ - } while (0) - /* * BEW: These static functions are copied from lib/dns/rdata.c. */ diff --git a/lib/isc/httpd.c b/lib/isc/httpd.c index 06c61e316b..7cf51567e5 100644 --- a/lib/isc/httpd.c +++ b/lib/isc/httpd.c @@ -37,14 +37,6 @@ #include #endif /* ifdef HAVE_ZLIB */ -#define CHECK(m) \ - do { \ - result = (m); \ - if (result != ISC_R_SUCCESS) { \ - goto cleanup; \ - } \ - } while (0) - /* * Size the recv buffer to hold at maximum two full buffers from isc_nm_read(), * so we don't have to handle the truncation. diff --git a/lib/isc/include/isc/util.h b/lib/isc/include/isc/util.h index 95d93fd332..5564bb7199 100644 --- a/lib/isc/include/isc/util.h +++ b/lib/isc/include/isc/util.h @@ -241,6 +241,40 @@ mock_assert(const int result, const char *const expression, #endif /* UNIT_TESTING */ +/* + * Check for ISC_R_SUCCESS. On any other result, jump to a cleanup + * label. (This macro requires the function to define `result` + * and `cleanup:`.) + */ +#define CHECK(r) \ + { \ + result = (r); \ + if (result != ISC_R_SUCCESS) { \ + goto cleanup; \ + } \ + } + +/* + * Unconditionally jump to the cleanup tag with 'result' set to 'r'. + */ +#define CLEANUP(r) \ + { \ + result = (r); \ + goto cleanup; \ + } + +/* + * Check for ISC_R_SUCCESS and continue if found. For any other + * result, return the result. + */ +#define RETERR(x) \ + { \ + isc_result_t _r = (x); \ + if (_r != ISC_R_SUCCESS) { \ + return ((_r)); \ + } \ + } + /*% * Runtime check which logs the error value returned by a POSIX Threads * function and the error string that corresponds to it diff --git a/lib/isccfg/namedconf.c b/lib/isccfg/namedconf.c index 65d1d53dd3..0d12b7d624 100644 --- a/lib/isccfg/namedconf.c +++ b/lib/isccfg/namedconf.c @@ -33,15 +33,6 @@ #define TOKEN_STRING(pctx) (pctx->token.value.as_textregion.base) -/*% Check a return value. */ -#define CHECK(op) \ - { \ - result = (op); \ - if (result != ISC_R_SUCCESS) { \ - goto cleanup; \ - } \ - } - /*% Clean up a configuration object if non-NULL. */ #define CLEANUP_OBJ(obj) \ { \ diff --git a/lib/isccfg/parser.c b/lib/isccfg/parser.c index 199e9aa9fb..0c6a6f5694 100644 --- a/lib/isccfg/parser.c +++ b/lib/isccfg/parser.c @@ -80,14 +80,6 @@ #define TOKEN_STRING(pctx) (pctx->token.value.as_textregion.base) #define TOKEN_REGION(pctx) (pctx->token.value.as_textregion) -/* Check a return value. */ -#define CHECK(op) \ - do { \ - result = (op); \ - if (result != ISC_R_SUCCESS) \ - goto cleanup; \ - } while (0) - /* cfg_obj_t magic number */ #define CFGOBJ_MAGIC ISC_MAGIC('c', 'f', 'g', 'o') #define VALID_CFGOBJ(obj) ISC_MAGIC_VALID(obj, CFGOBJ_MAGIC) @@ -2121,7 +2113,6 @@ free_list(cfg_obj_t *obj) { isc_result_t cfg_parse_listelt(cfg_parser_t *pctx, cfg_obj_t *list, const cfg_type_t *elttype, cfg_listelt_t **ret) { - isc_result_t result; cfg_listelt_t *elt = NULL; cfg_obj_t *value = NULL; @@ -2130,10 +2121,7 @@ cfg_parse_listelt(cfg_parser_t *pctx, cfg_obj_t *list, REQUIRE(elttype != NULL); REQUIRE(ret != NULL && *ret == NULL); - result = cfg_parse_obj(pctx, elttype, &value); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(cfg_parse_obj(pctx, elttype, &value)); create_listelt(list, &elt); elt->obj = value; diff --git a/lib/ns/hooks.c b/lib/ns/hooks.c index a851a23fb0..89891574a6 100644 --- a/lib/ns/hooks.c +++ b/lib/ns/hooks.c @@ -33,14 +33,6 @@ #include #include -#define CHECK(op) \ - do { \ - result = (op); \ - if (result != ISC_R_SUCCESS) { \ - goto cleanup; \ - } \ - } while (0) - struct ns_plugin { isc_mem_t *mctx; uv_lib_t handle; @@ -87,12 +79,9 @@ plugin_expandpath(const char *src, char *dst, size_t dstsize, bool appendext) { isc_result_t ns_plugin_expandpath(const char *src, char *dst, size_t dstsize) { - isc_result_t result; + isc_result_t result = ISC_R_SUCCESS; - result = plugin_expandpath(src, dst, dstsize, false); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(plugin_expandpath(src, dst, dstsize, false)); if (isc_file_exists(dst) == false) { result = plugin_expandpath(src, dst, dstsize, true); diff --git a/lib/ns/update.c b/lib/ns/update.c index 664607a508..a88e1c245b 100644 --- a/lib/ns/update.c +++ b/lib/ns/update.c @@ -75,34 +75,6 @@ */ #define LOGLEVEL_DEBUG ISC_LOG_DEBUG(8) -/*% - * Check an operation for failure. These macros all assume that - * the function using them has a 'result' variable and a 'failure' - * label. - */ -#define CHECK(op) \ - do { \ - result = (op); \ - if (result != ISC_R_SUCCESS) \ - goto failure; \ - } while (0) - -/*% - * Fail unconditionally with result 'code', which must not - * be ISC_R_SUCCESS. The reason for failure presumably has - * been logged already. - * - * The test against ISC_R_SUCCESS is there to keep the Solaris compiler - * from complaining about "end-of-loop code not reached". - */ - -#define FAIL(code) \ - do { \ - result = (code); \ - if (result != ISC_R_SUCCESS) \ - goto failure; \ - } while (0) - /*% * Fail unconditionally and log as a client error. * The test against ISC_R_SUCCESS is there to keep the Solaris compiler @@ -125,7 +97,7 @@ "update %s: %s (%s)", _what, msg, \ isc_result_totext(result)); \ if (result != ISC_R_SUCCESS) \ - goto failure; \ + goto cleanup; \ } while (0) #define PREREQFAILC(code, msg) \ do { \ @@ -154,7 +126,7 @@ msg, isc_result_totext(result)); \ } \ if (result != ISC_R_SUCCESS) \ - goto failure; \ + goto cleanup; \ } while (0) #define PREREQFAILN(code, name, msg) \ do { \ @@ -185,7 +157,7 @@ _tbuf, msg, isc_result_totext(result)); \ } \ if (result != ISC_R_SUCCESS) \ - goto failure; \ + goto cleanup; \ } while (0) #define PREREQFAILNT(code, name, type, msg) \ do { \ @@ -204,7 +176,7 @@ update_log(client, zone, LOGLEVEL_PROTOCOL, "error: %s: %s", \ msg, isc_result_totext(result)); \ if (result != ISC_R_SUCCESS) \ - goto failure; \ + goto cleanup; \ } while (0) /* @@ -491,7 +463,7 @@ do_diff(dns_diff_t *updates, dns_db_t *db, dns_dbversion_t *ver, } return ISC_R_SUCCESS; -failure: +cleanup: dns_diff_clear(diff); return result; } @@ -1173,10 +1145,7 @@ temp_check(isc_mem_t *mctx, dns_diff_t *temp, dns_db_t *db, temp_append(&d_rrs, name, &rdata); } - result = dns_diff_sort(&d_rrs, temp_order); - if (result != ISC_R_SUCCESS) { - goto failure; - } + CHECK(dns_diff_sort(&d_rrs, temp_order)); /* * Collect all update RRs for this name and type @@ -1193,11 +1162,8 @@ temp_check(isc_mem_t *mctx, dns_diff_t *temp, dns_db_t *db, } /* Compare the two sorted lists. */ - result = temp_check_rrset(ISC_LIST_HEAD(u_rrs.tuples), - ISC_LIST_HEAD(d_rrs.tuples)); - if (result != ISC_R_SUCCESS) { - goto failure; - } + CHECK(temp_check_rrset(ISC_LIST_HEAD(u_rrs.tuples), + ISC_LIST_HEAD(d_rrs.tuples))); /* * We are done with the tuples, but we can't free @@ -1210,7 +1176,7 @@ temp_check(isc_mem_t *mctx, dns_diff_t *temp, dns_db_t *db, continue; - failure: + cleanup: dns_diff_clear(&d_rrs); dns_diff_clear(&u_rrs); dns_diff_clear(&trash); @@ -1536,7 +1502,7 @@ update_soa_serial(dns_db_t *db, dns_dbversion_t *ver, dns_diff_t *diff, CHECK(do_one_tuple(&addtuple, db, ver, diff)); result = ISC_R_SUCCESS; -failure: +cleanup: if (addtuple != NULL) { dns_difftuple_free(&addtuple); } @@ -1680,7 +1646,7 @@ send_update(ns_client_t *client, dns_zone_t *zone) { } result = dns_zone_checknames(zone, name, &rdata); if (result != ISC_R_SUCCESS) { - FAIL(DNS_R_REFUSED); + CHECK(DNS_R_REFUSED); } if ((options & DNS_ZONEOPT_CHECKSVCB) != 0 && rdata.type == dns_rdatatype_svcb) @@ -1708,7 +1674,7 @@ send_update(ns_client_t *client, dns_zone_t *zone) { update_log(client, zone, ISC_LOG_WARNING, "update RR has incorrect class %d", update_class); - FAIL(DNS_R_FORMERR); + CHECK(DNS_R_FORMERR); } /* @@ -1853,7 +1819,7 @@ send_update(ns_client_t *client, dns_zone_t *zone) { isc_async_run(dns_zone_getloop(zone), update_action, uev); maxbytype = NULL; -failure: +cleanup: if (db != NULL) { dns_db_closeversion(db, &ver, false); dns_db_detach(&db); @@ -1958,9 +1924,7 @@ ns_update_start(ns_client_t *client, isc_nmhandle_t *handle, * We can now fail due to a bad signature as we now know * that we are the primary. */ - if (sigresult != ISC_R_SUCCESS) { - FAIL(sigresult); - } + CHECK(sigresult); dns_message_clonebuffer(client->message); CHECK(send_update(client, zone)); break; @@ -1974,7 +1938,7 @@ ns_update_start(ns_client_t *client, isc_nmhandle_t *handle, } return; -failure: +cleanup: if (result == DNS_R_REFUSED) { inc_stats(client, zone, ns_statscounter_updaterej); } @@ -2031,7 +1995,7 @@ remove_orphaned_ds(dns_db_t *db, dns_dbversion_t *newver, dns_diff_t *diff) { } result = ISC_R_SUCCESS; -failure: +cleanup: ISC_LIST_FOREACH(temp_diff.tuples, tuple, link) { ISC_LIST_UNLINK(temp_diff.tuples, tuple, link); dns_diff_appendminimal(diff, &tuple); @@ -2164,7 +2128,7 @@ rr_exists(dns_db_t *db, dns_dbversion_t *ver, dns_name_t *name, if (result == ISC_R_NOTFOUND) { *flag = false; result = ISC_R_SUCCESS; - goto failure; + goto cleanup; } else { CHECK(result); } @@ -2173,7 +2137,7 @@ rr_exists(dns_db_t *db, dns_dbversion_t *ver, dns_name_t *name, if (result == ISC_R_NOTFOUND) { *flag = false; result = ISC_R_SUCCESS; - goto failure; + goto cleanup; } bool matched = false; @@ -2188,7 +2152,7 @@ rr_exists(dns_db_t *db, dns_dbversion_t *ver, dns_name_t *name, dns_rdataset_disassociate(&rdataset); *flag = matched; -failure: +cleanup: if (node != NULL) { dns_db_detachnode(&node); } @@ -2215,9 +2179,7 @@ get_iterations(dns_db_t *db, dns_dbversion_t *ver, dns_rdatatype_t privatetype, if (result == ISC_R_NOTFOUND) { goto try_private; } - if (result != ISC_R_SUCCESS) { - goto failure; - } + CHECK(result); DNS_RDATASET_FOREACH(&rdataset) { dns_rdata_t rdata = DNS_RDATA_INIT; @@ -2243,9 +2205,7 @@ try_private: if (result == ISC_R_NOTFOUND) { goto success; } - if (result != ISC_R_SUCCESS) { - goto failure; - } + CHECK(result); DNS_RDATASET_FOREACH(&rdataset) { unsigned char buf[DNS_NSEC3PARAM_BUFFERSIZE]; @@ -2271,7 +2231,7 @@ success: *iterationsp = iterations; result = ISC_R_SUCCESS; -failure: +cleanup: if (node != NULL) { dns_db_detachnode(&node); } @@ -2296,8 +2256,7 @@ check_dnssec(ns_client_t *client, dns_zone_t *zone, dns_db_t *db, if (!dns_zone_check_dnskey_nsec3(zone, db, ver, diff, NULL, 0)) { update_log(client, zone, ISC_LOG_ERROR, "NSEC only DNSKEYs and NSEC3 chains not allowed"); - result = DNS_R_REFUSED; - goto failure; + CHECK(DNS_R_REFUSED); } /* Verify NSEC3 params */ @@ -2305,11 +2264,10 @@ check_dnssec(ns_client_t *client, dns_zone_t *zone, dns_db_t *db, if (iterations > dns_nsec3_maxiterations()) { update_log(client, zone, ISC_LOG_ERROR, "too many NSEC3 iterations (%u)", iterations); - result = DNS_R_REFUSED; - goto failure; + CHECK(DNS_R_REFUSED); } -failure: +cleanup: return result; } @@ -2581,7 +2539,7 @@ add_nsec3param_records(ns_client_t *client, dns_zone_t *zone, dns_db_t *db, } result = ISC_R_SUCCESS; -failure: +cleanup: dns_diff_clear(&temp_diff); return result; } @@ -2638,7 +2596,7 @@ rollback_private(dns_db_t *db, dns_rdatatype_t privatetype, } result = ISC_R_SUCCESS; -failure: +cleanup: dns_diff_clear(&temp_diff); return result; } @@ -3050,7 +3008,7 @@ update_action(void *arg) { if (result != ISC_R_SUCCESS) { dns_diff_clear(&ctx.del_diff); dns_diff_clear(&ctx.add_diff); - goto failure; + goto cleanup; } result = update_one_rr( db, ver, &diff, DNS_DIFFOP_ADD, @@ -3062,7 +3020,7 @@ update_action(void *arg) { "failed: %s", isc_result_totext( result)); - goto failure; + goto cleanup; } } } @@ -3151,13 +3109,9 @@ update_action(void *arg) { * that are in use (under our control). */ if (dns_rdatatype_iskeymaterial(rdata.type)) { - isc_result_t r; bool inuse = false; - r = dns_zone_dnskey_inuse(zone, &rdata, - &inuse); - if (r != ISC_R_SUCCESS) { - FAIL(r); - } + CHECK(dns_zone_dnskey_inuse( + zone, &rdata, &inuse)); if (inuse) { char typebuf [DNS_RDATATYPE_FORMATSIZE]; @@ -3202,8 +3156,7 @@ update_action(void *arg) { update_log(client, zone, LOGLEVEL_PROTOCOL, "update rejected: post update name server " "sanity check failed"); - result = DNS_R_REFUSED; - goto failure; + CHECK(DNS_R_REFUSED); } } if (!ISC_LIST_EMPTY(diff.tuples) && is_signing) { @@ -3212,12 +3165,9 @@ update_action(void *arg) { update_log(client, zone, LOGLEVEL_PROTOCOL, "update rejected: bad %s RRset", result == DNS_R_BADCDS ? "CDS" : "CDNSKEY"); - result = DNS_R_REFUSED; - goto failure; - } - if (result != ISC_R_SUCCESS) { - goto failure; + CHECK(DNS_R_REFUSED); } + CHECK(result); } /* @@ -3277,7 +3227,7 @@ update_action(void *arg) { update_log(client, zone, ISC_LOG_ERROR, "RRSIG/NSEC/NSEC3 update failed: %s", isc_result_totext(result)); - goto failure; + goto cleanup; } } @@ -3289,8 +3239,7 @@ update_action(void *arg) { "records in zone (%" PRIu64 ") exceeds max-records (%u)", records, maxrecords); - result = DNS_R_TOOMANYRECORDS; - goto failure; + CHECK(DNS_R_TOOMANYRECORDS); } } @@ -3341,7 +3290,7 @@ update_action(void *arg) { result = ISC_R_SUCCESS; goto common; -failure: +cleanup: /* * The reason for failure should have been logged at this point. */ diff --git a/lib/ns/xfrout.c b/lib/ns/xfrout.c index af9273f7b4..3ca1c1f702 100644 --- a/lib/ns/xfrout.c +++ b/lib/ns/xfrout.c @@ -81,7 +81,7 @@ "bad zone transfer request: %s (%s)", msg, \ isc_result_totext(code)); \ if (result != ISC_R_SUCCESS) \ - goto failure; \ + goto cleanup; \ } while (0) #define FAILQ(code, msg, question, rdclass) \ @@ -96,14 +96,7 @@ "bad zone transfer request: '%s/%s': %s (%s)", \ _buf1, _buf2, msg, isc_result_totext(code)); \ if (result != ISC_R_SUCCESS) \ - goto failure; \ - } while (0) - -#define CHECK(op) \ - do { \ - result = (op); \ - if (result != ISC_R_SUCCESS) \ - goto failure; \ + goto cleanup; \ } while (0) /**************************************************************************/ @@ -248,7 +241,7 @@ ixfr_rrstream_create(isc_mem_t *mctx, const char *journal_filename, *sp = (rrstream_t *)s; return ISC_R_SUCCESS; -failure: +cleanup: ixfr_rrstream_destroy((rrstream_t **)(void *)&s); return result; } @@ -329,7 +322,7 @@ axfr_rrstream_create(isc_mem_t *mctx, dns_db_t *db, dns_dbversion_t *ver, *sp = (rrstream_t *)s; return ISC_R_SUCCESS; -failure: +cleanup: axfr_rrstream_destroy((rrstream_t **)(void *)&s); return result; } @@ -449,7 +442,7 @@ soa_rrstream_create(isc_mem_t *mctx, dns_db_t *db, dns_dbversion_t *ver, *sp = (rrstream_t *)s; return ISC_R_SUCCESS; -failure: +cleanup: soa_rrstream_destroy((rrstream_t **)(void *)&s); return result; } @@ -826,7 +819,7 @@ ns_xfr_start(ns_client_t *client, dns_rdatatype_t reqtype) { ISC_LOG_ERROR, "zone transfer '%s/%s' denied", _buf1, _buf2); - goto failure; + goto cleanup; } if (result != ISC_R_SUCCESS) { FAILQ(DNS_R_NOTAUTH, "non-authoritative zone", @@ -1161,7 +1154,7 @@ have_stream: result = ISC_R_SUCCESS; -failure: +cleanup: if (result == DNS_R_REFUSED) { inc_stats(client, zone, ns_statscounter_xfrrej); } @@ -1271,7 +1264,7 @@ xfrout_ctx_create(isc_mem_t *mctx, ns_client_t *client, unsigned int id, xfr->txmemlen = len; /* - * These MUST be after the last "goto failure;" / CHECK to + * These MUST be after the last "goto cleanup;" / CHECK to * prevent a double free by the caller. */ xfr->stream = stream; @@ -1512,8 +1505,7 @@ sendstream(xfrout_ctx_t *xfr) { "(%d bytes)", size); /* XXX DNS_R_RRTOOLARGE? */ - result = ISC_R_NOSPACE; - goto failure; + CHECK(ISC_R_NOSPACE); } break; } @@ -1608,7 +1600,7 @@ sendstream(xfrout_ctx_t *xfr) { /* Advance lasttsig to be the last TSIG generated */ CHECK(dns_message_getquerytsig(msg, xfr->mctx, &xfr->lasttsig)); -failure: +cleanup: if (tcpmsg != NULL) { dns_message_detach(&tcpmsg); } diff --git a/tests/bench/load-names.c b/tests/bench/load-names.c index 210f13ec95..8c437df575 100644 --- a/tests/bench/load-names.c +++ b/tests/bench/load-names.c @@ -83,7 +83,7 @@ const dns_qpmethods_t qpmethods = { testname, }; -#define CHECK(count, result) \ +#define CHECKN(count, result) \ do { \ if (result != ISC_R_SUCCESS) { \ dns_name_t *name = &item[count].fixed.name; \ @@ -161,14 +161,14 @@ thread_lfht(void *arg0) { isc_time_t t0 = isc_time_now_hires(); for (size_t n = arg->start; n < arg->end; n++) { isc_result_t result = add_lfht(arg->map, n); - CHECK(n, result); + CHECKN(n, result); } isc_time_t t1 = isc_time_now_hires(); for (size_t n = arg->start; n < arg->end; n++) { void *pval = NULL; isc_result_t result = get_lfht(arg->map, n, &pval); - CHECK(n, result); + CHECKN(n, result); assert(pval == &item[n]); } @@ -224,7 +224,7 @@ thread_hashmap(void *arg0) { WRLOCK(&rwl); for (size_t n = arg->start; n < arg->end; n++) { isc_result_t result = add_hashmap(arg->map, n); - CHECK(n, result); + CHECKN(n, result); } WRUNLOCK(&rwl); @@ -233,7 +233,7 @@ thread_hashmap(void *arg0) { for (size_t n = arg->start; n < arg->end; n++) { void *pval = NULL; isc_result_t result = get_hashmap(arg->map, n, &pval); - CHECK(n, result); + CHECKN(n, result); assert(pval == &item[n]); } RDUNLOCK(&rwl); @@ -281,7 +281,7 @@ thread_ht(void *arg0) { WRLOCK(&rwl); for (size_t n = arg->start; n < arg->end; n++) { isc_result_t result = add_ht(arg->map, n); - CHECK(n, result); + CHECKN(n, result); } WRUNLOCK(&rwl); @@ -290,7 +290,7 @@ thread_ht(void *arg0) { for (size_t n = arg->start; n < arg->end; n++) { void *pval = NULL; isc_result_t result = get_ht(arg->map, n, &pval); - CHECK(n, result); + CHECKN(n, result); assert(pval == &item[n]); } RDUNLOCK(&rwl); @@ -342,7 +342,7 @@ _thread_qp(void *arg0, bool sqz, bool brr) { isc_time_t t0 = isc_time_now_hires(); for (size_t n = arg->start; n < arg->end; n++) { isc_result_t result = add_qp(qp, n); - CHECK(n, result); + CHECKN(n, result); } if (sqz) { sqz_qp(qp); @@ -360,7 +360,7 @@ _thread_qp(void *arg0, bool sqz, bool brr) { for (size_t n = arg->start; n < arg->end; n++) { void *pval = NULL; isc_result_t result = get_qp(&qpr, n, &pval); - CHECK(n, result); + CHECKN(n, result); assert(pval == &item[n]); } diff --git a/tests/dns/qpdb_test.c b/tests/dns/qpdb_test.c index e7e16042c2..287e80de0c 100644 --- a/tests/dns/qpdb_test.c +++ b/tests/dns/qpdb_test.c @@ -36,11 +36,9 @@ #pragma GCC diagnostic push #pragma GCC diagnostic ignored "-Wshadow" -#undef CHECK #include "qpcache.c" #pragma GCC diagnostic pop -#undef CHECK #include /* Set to true (or use -v option) for verbose output */ diff --git a/tests/dns/qpzone_test.c b/tests/dns/qpzone_test.c index ba2591bf17..7f80a238ab 100644 --- a/tests/dns/qpzone_test.c +++ b/tests/dns/qpzone_test.c @@ -41,11 +41,9 @@ #pragma GCC diagnostic push #pragma GCC diagnostic ignored "-Wshadow" -#undef CHECK #include "qpzone.c" #pragma GCC diagnostic pop -#undef CHECK #include const char *ownercase_vectors[12][2] = { diff --git a/tests/dns/tsig_test.c b/tests/dns/tsig_test.c index 0102603d49..b07dcd27ab 100644 --- a/tests/dns/tsig_test.c +++ b/tests/dns/tsig_test.c @@ -40,14 +40,6 @@ #define TEST_ORIGIN "test" -#define CHECK(r) \ - { \ - result = (r); \ - if (result != ISC_R_SUCCESS) { \ - goto cleanup; \ - } \ - } - static isc_result_t add_mac(dst_context_t *tsigctx, isc_buffer_t *buf) { dns_rdata_any_tsig_t tsig; diff --git a/tests/dns/update_test.c b/tests/dns/update_test.c index 37cad32890..3cbd7daee6 100644 --- a/tests/dns/update_test.c +++ b/tests/dns/update_test.c @@ -40,11 +40,9 @@ */ #pragma GCC diagnostic push #pragma GCC diagnostic ignored "-Wshadow" -#undef CHECK #include "update.c" #pragma GCC diagnostic pop -#undef CHECK #include static int From 38e94cc7daab565e6ffbe997f121d81610c2d02e Mon Sep 17 00:00:00 2001 From: Evan Hunt Date: Wed, 21 May 2025 17:13:44 -0700 Subject: [PATCH 2/8] switch to CHECK where it wasn't being used replace all instances of the pattern: result = if (result != ISC_R_SUCCESS) { goto cleanup; } with: CHECK(); --- bin/delv/delv.c | 3 +- bin/dig/dighost.c | 60 +++----- bin/dnssec/dnssec-signzone.c | 45 ++---- bin/named/builtin.c | 6 +- bin/named/config.c | 30 +--- bin/named/control.c | 13 +- bin/named/controlconf.c | 28 ++-- bin/named/log.c | 13 +- bin/named/server.c | 178 +++++++---------------- bin/named/statschannel.c | 12 +- bin/named/transportconf.c | 18 +-- bin/named/tsigconf.c | 42 ++---- bin/named/zoneconf.c | 6 +- bin/nsupdate/nsupdate.c | 12 +- bin/tests/system/dyndb/driver/instance.c | 3 +- bin/tools/named-makejournal.c | 5 +- fuzz/dns_message_parse.c | 20 +-- fuzz/dns_rdata_fromtext.c | 24 +-- lib/dns/cache.c | 11 +- lib/dns/catz.c | 94 +++--------- lib/dns/client.c | 20 +-- lib/dns/dlz.c | 24 +-- lib/dns/master.c | 82 +++-------- lib/dns/masterdump.c | 17 +-- lib/dns/message.c | 96 ++++-------- lib/dns/notify.c | 10 +- lib/dns/nsec.c | 7 +- lib/dns/nta.c | 5 +- lib/dns/qpcache.c | 20 +-- lib/dns/rdata.c | 16 +- lib/dns/rdataslab.c | 21 +-- lib/dns/request.c | 80 +++------- lib/dns/resconf.c | 6 +- lib/dns/resolver.c | 23 +-- lib/dns/rootns.c | 38 ++--- lib/dns/rpz.c | 15 +- lib/dns/sdlz.c | 27 +--- lib/dns/transport.c | 29 +--- lib/dns/validator.c | 42 ++---- lib/dns/view.c | 6 +- lib/dns/zone.c | 154 ++++++-------------- lib/dns/zoneverify.c | 6 +- lib/isc/interfaceiter.c | 5 +- lib/isc/netmgr/tcp.c | 37 ++--- lib/isccfg/aclconf.c | 53 ++----- lib/isccfg/check.c | 9 +- lib/isccfg/kaspconf.c | 63 +++----- lib/isccfg/namedconf.c | 15 +- lib/isccfg/parser.c | 24 +-- lib/ns/client.c | 15 +- lib/ns/query.c | 108 +++++--------- tests/libtest/ns.c | 13 +- 52 files changed, 481 insertions(+), 1228 deletions(-) diff --git a/bin/delv/delv.c b/bin/delv/delv.c index 80f52231f3..eba04e85b1 100644 --- a/bin/delv/delv.c +++ b/bin/delv/delv.c @@ -676,8 +676,7 @@ key_fromconfig(const cfg_obj_t *key, dns_client_t *client, dns_view_t *toview) { delv_log(ISC_LOG_ERROR, "key '%s': invalid initialization method '%s'", keynamestr, atstr); - result = ISC_R_FAILURE; - goto cleanup; + CHECK(ISC_R_FAILURE); } } diff --git a/bin/dig/dighost.c b/bin/dig/dighost.c index 30895c8103..81d1cc552b 100644 --- a/bin/dig/dighost.c +++ b/bin/dig/dighost.c @@ -862,26 +862,19 @@ setup_text_key(void) { secretsize = (unsigned int)strlen(keysecret) * 3 / 4; secretstore = isc_mem_allocate(isc_g_mctx, secretsize); isc_buffer_init(&secretbuf, secretstore, secretsize); - result = isc_base64_decodestring(keysecret, &secretbuf); - if (result != ISC_R_SUCCESS) { - goto failure; - } + CHECK(isc_base64_decodestring(keysecret, &secretbuf)); secretsize = isc_buffer_usedlength(&secretbuf); if (hmac_alg == DST_ALG_UNKNOWN) { - result = DST_R_UNSUPPORTEDALG; - goto failure; + CHECK(DST_R_UNSUPPORTEDALG); } - result = dns_name_fromtext(keyname, namebuf, dns_rootname, 0); - if (result != ISC_R_SUCCESS) { - goto failure; - } + CHECK(dns_name_fromtext(keyname, namebuf, dns_rootname, 0)); result = dns_tsigkey_create(keyname, hmac_alg, secretstore, (int)secretsize, isc_g_mctx, &tsigkey); -failure: +cleanup: if (result != ISC_R_SUCCESS) { printf(";; Couldn't create key %s: %s\n", keynametext, isc_result_totext(result)); @@ -1086,16 +1079,10 @@ read_confkey(void) { return ISC_R_FILENOTFOUND; } - result = cfg_parse_file(isc_g_mctx, keyfile, &cfg_type_sessionkey, 0, - &file); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(cfg_parse_file(isc_g_mctx, keyfile, &cfg_type_sessionkey, 0, + &file)); - result = cfg_map_get(file, "key", &keyobj); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(cfg_map_get(file, "key", &keyobj)); (void)cfg_map_get(keyobj, "secret", &secretobj); (void)cfg_map_get(keyobj, "algorithm", &algorithmobj); @@ -1147,7 +1134,7 @@ setup_file_key(void) { if (result != ISC_R_SUCCESS) { fprintf(stderr, "Couldn't read key from %s: %s\n", keyfile, isc_result_totext(result)); - goto failure; + goto cleanup; } switch (dst_key_alg(dstkey)) { @@ -1175,7 +1162,7 @@ setup_file_key(void) { } } -failure: +cleanup: if (dstkey != NULL) { dst_key_free(&dstkey); } @@ -2764,21 +2751,14 @@ get_create_tls_context(dig_query_t *query, const bool is_https, if (result != ISC_R_SUCCESS) { if (query->lookup->tls_ca_set) { if (found_store == NULL) { - result = isc_tls_cert_store_create( - query->lookup->tls_ca_file, &store); - - if (result != ISC_R_SUCCESS) { - goto failure; - } + CHECK(isc_tls_cert_store_create( + query->lookup->tls_ca_file, &store)); } else { store = found_store; } } - result = isc_tlsctx_createclient(&ctx); - if (result != ISC_R_SUCCESS) { - goto failure; - } + CHECK(isc_tlsctx_createclient(&ctx)); if (store != NULL) { const char *hostname = get_tls_sni_hostname(query); @@ -2788,23 +2768,17 @@ get_create_tls_context(dig_query_t *query, const bool is_https, * SubjectAltName must be checked. That is NOT the case * for HTTPS. */ - result = isc_tlsctx_enable_peer_verification( + CHECK(isc_tlsctx_enable_peer_verification( ctx, false, store, hostname, - hostname_ignore_subject); - if (result != ISC_R_SUCCESS) { - goto failure; - } + hostname_ignore_subject)); } if (query->lookup->tls_key_file_set && query->lookup->tls_cert_file_set) { - result = isc_tlsctx_load_certificate( + CHECK(isc_tlsctx_load_certificate( ctx, query->lookup->tls_key_file, - query->lookup->tls_cert_file); - if (result != ISC_R_SUCCESS) { - goto failure; - } + query->lookup->tls_cert_file)); } if (!is_https) { @@ -2840,7 +2814,7 @@ get_create_tls_context(dig_query_t *query, const bool is_https, INSIST(!query->lookup->tls_ca_set || found_store != NULL); return found_ctx; -failure: +cleanup: if (ctx != NULL) { isc_tlsctx_free(&ctx); } diff --git a/bin/dnssec/dnssec-signzone.c b/bin/dnssec/dnssec-signzone.c index 7057ed8a2e..43a295ca2a 100644 --- a/bin/dnssec/dnssec-signzone.c +++ b/bin/dnssec/dnssec-signzone.c @@ -1384,11 +1384,8 @@ setsoaserial(uint32_t serial, dns_updatemethod_t method) { dns_rdataset_init(&rdataset); - result = dns_db_findrdataset(gdb, node, gversion, dns_rdatatype_soa, 0, - 0, &rdataset, NULL); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(dns_db_findrdataset(gdb, node, gversion, dns_rdatatype_soa, 0, 0, + &rdataset, NULL)); result = dns_rdataset_first(&rdataset); RUNTIME_CHECK(result == ISC_R_SUCCESS); @@ -2520,22 +2517,14 @@ loadzonekeys(bool preserve_keys, bool load_public) { dns_rdataset_init(&keysigs); /* Make note of the keys which signed the SOA, if any */ - result = dns_db_findrdataset(gdb, node, currentversion, - dns_rdatatype_soa, 0, 0, &rdataset, - &soasigs); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(dns_db_findrdataset(gdb, node, currentversion, dns_rdatatype_soa, + 0, 0, &rdataset, &soasigs)); /* Preserve the TTL of the DNSKEY RRset, if any */ dns_rdataset_disassociate(&rdataset); - result = dns_db_findrdataset(gdb, node, currentversion, - dns_rdatatype_dnskey, 0, 0, &rdataset, - &keysigs); - - if (result != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(dns_db_findrdataset(gdb, node, currentversion, + dns_rdatatype_dnskey, 0, 0, &rdataset, + &keysigs)); if (set_keyttl && keyttl != rdataset.ttl) { fprintf(stderr, @@ -2886,12 +2875,8 @@ set_nsec3params(bool update, bool set_salt, bool set_optout, bool set_iter) { dns_rdataset_init(&rdataset); orig_saltlen = sizeof(orig_salt); - result = dns_db_getnsec3parameters(gdb, ver, &orig_hash, NULL, - &orig_iter, orig_salt, - &orig_saltlen); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(dns_db_getnsec3parameters(gdb, ver, &orig_hash, NULL, &orig_iter, + orig_salt, &orig_saltlen)); nsec_datatype = dns_rdatatype_nsec3; @@ -2928,16 +2913,10 @@ set_nsec3params(bool update, bool set_salt, bool set_optout, bool set_iter) { orig_saltlen); check_result(result, "dns_nsec3_hashname"); - result = dns_db_findnsec3node(gdb, hashname, false, &node); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(dns_db_findnsec3node(gdb, hashname, false, &node)); - result = dns_db_findrdataset(gdb, node, ver, dns_rdatatype_nsec3, 0, 0, - &rdataset, NULL); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(dns_db_findrdataset(gdb, node, ver, dns_rdatatype_nsec3, 0, 0, + &rdataset, NULL)); result = dns_rdataset_first(&rdataset); check_result(result, "dns_rdataset_first"); diff --git a/bin/named/builtin.c b/bin/named/builtin.c index c24fbe164e..814ad911bd 100644 --- a/bin/named/builtin.c +++ b/bin/named/builtin.c @@ -1173,15 +1173,13 @@ create(isc_mem_t *mctx, const dns_name_t *origin, dns_dbtype_t type, if (needargs) { if (argc != 3) { - result = DNS_R_SYNTAX; - goto cleanup; + CHECK(DNS_R_SYNTAX); } bdb->server = isc_mem_strdup(isc_g_mctx, argv[1]); bdb->contact = isc_mem_strdup(isc_g_mctx, argv[2]); } else if (argc != 1) { - result = DNS_R_SYNTAX; - goto cleanup; + CHECK(DNS_R_SYNTAX); } bdb->common.magic = DNS_DB_MAGIC; diff --git a/bin/named/config.c b/bin/named/config.c index 81eb498925..31683d005c 100644 --- a/bin/named/config.c +++ b/bin/named/config.c @@ -72,11 +72,8 @@ named_config_parsefile(cfg_obj_t **conf) { ISC_LOG_INFO, "parsing user configuration from '%s'", named_g_conffile); - result = cfg_parse_file(isc_g_mctx, named_g_conffile, - &cfg_type_namedconf, 0, conf); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(cfg_parse_file(isc_g_mctx, named_g_conffile, &cfg_type_namedconf, + 0, conf)); /* * Check the validity of the configuration. @@ -85,11 +82,7 @@ named_config_parsefile(cfg_obj_t **conf) { * checked later when the modules are actually loaded and * registered.) */ - result = isccfg_check_namedconf(*conf, BIND_CHECK_ALGORITHMS, - isc_g_mctx); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(isccfg_check_namedconf(*conf, BIND_CHECK_ALGORITHMS, isc_g_mctx)); goto out; @@ -568,24 +561,15 @@ named_config_getipandkeylist(const cfg_obj_t *config, const cfg_obj_t *list, /* * Get system defaults. */ - result = named_config_getport(config, "port", &def_port); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(named_config_getport(config, "port", &def_port)); - result = named_config_getport(config, "tls-port", &def_tlsport); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(named_config_getport(config, "tls-port", &def_tlsport)); /* * Process the (nested) list(s). */ - result = getipandkeylist(def_port, def_tlsport, config, list, - (in_port_t)0, NULL, NULL, mctx, &s); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(getipandkeylist(def_port, def_tlsport, config, list, (in_port_t)0, + NULL, NULL, mctx, &s)); shrink_array(mctx, s.addrs, s.count, s.addrsallocated); shrink_array(mctx, s.keys, s.count, s.keysallocated); diff --git a/bin/named/control.c b/bin/named/control.c index 8857f5eb90..8f20933f02 100644 --- a/bin/named/control.c +++ b/bin/named/control.c @@ -101,15 +101,9 @@ named_control_docommand(isccc_sexpr_t *message, bool readonly, isc_buffer_init(&src, cmdline, strlen(cmdline)); isc_buffer_add(&src, strlen(cmdline)); - result = isc_lex_openbuffer(lex, &src); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(isc_lex_openbuffer(lex, &src)); - result = getcommand(lex, &command); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(getcommand(lex, &command)); /* * Compare the 'command' parameter against all known control commands. @@ -140,8 +134,7 @@ named_control_docommand(isccc_sexpr_t *message, bool readonly, "rejecting restricted control channel " "command '%s'", cmdline); - result = ISC_R_FAILURE; - goto cleanup; + CHECK(ISC_R_FAILURE); } isc_log_write(NAMED_LOGCATEGORY_GENERAL, NAMED_LOGMODULE_CONTROL, diff --git a/bin/named/controlconf.c b/bin/named/controlconf.c index a4aba2ea25..d014a831e4 100644 --- a/bin/named/controlconf.c +++ b/bin/named/controlconf.c @@ -305,11 +305,8 @@ control_respond(controlconnection_t *conn) { isc_region_t r; isc_result_t result; - result = isccc_cc_createresponse(conn->request, conn->now, - conn->now + 60, &conn->response); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(isccc_cc_createresponse(conn->request, conn->now, conn->now + 60, + &conn->response)); if (conn->result == ISC_R_SHUTTINGDOWN) { result = ISC_R_SUCCESS; @@ -445,14 +442,12 @@ control_recvmessage(isc_nmhandle_t *handle ISC_ATTR_UNUSED, isc_result_t result, } if (!match) { - result = ISCCC_R_BADAUTH; - goto cleanup; + CHECK(ISCCC_R_BADAUTH); } /* We shouldn't be getting a reply. */ if (isccc_cc_isreply(conn->request)) { - result = ISC_R_FAILURE; - goto cleanup; + CHECK(ISC_R_FAILURE); } conn->now = isc_stdtime_now(); @@ -462,20 +457,17 @@ control_recvmessage(isc_nmhandle_t *handle ISC_ATTR_UNUSED, isc_result_t result, */ conn->ctrl = isccc_alist_lookup(conn->request, "_ctrl"); if (!isccc_alist_alistp(conn->ctrl)) { - result = ISC_R_FAILURE; - goto cleanup; + CHECK(ISC_R_FAILURE); } if (isccc_cc_lookupuint32(conn->ctrl, "_tim", &sent) == ISC_R_SUCCESS) { if ((sent + CLOCKSKEW) < conn->now || (sent - CLOCKSKEW) > conn->now) { - result = DNS_R_CLOCKSKEW; - goto cleanup; + CHECK(DNS_R_CLOCKSKEW); } } else { - result = ISC_R_FAILURE; - goto cleanup; + CHECK(ISC_R_FAILURE); } /* @@ -484,8 +476,7 @@ control_recvmessage(isc_nmhandle_t *handle ISC_ATTR_UNUSED, isc_result_t result, if (isccc_cc_lookupuint32(conn->ctrl, "_exp", &exp) == ISC_R_SUCCESS && conn->now > exp) { - result = DNS_R_EXPIRED; - goto cleanup; + CHECK(DNS_R_EXPIRED); } /* @@ -508,8 +499,7 @@ control_recvmessage(isc_nmhandle_t *handle ISC_ATTR_UNUSED, isc_result_t result, ISC_R_SUCCESS || conn->nonce != nonce)) { - result = ISCCC_R_BADAUTH; - goto cleanup; + CHECK(ISCCC_R_BADAUTH); } isc_buffer_allocate(listener->mctx, &conn->text, 2 * 2048); diff --git a/bin/named/log.c b/bin/named/log.c index e4867ffbc5..c2a2acc855 100644 --- a/bin/named/log.c +++ b/bin/named/log.c @@ -44,10 +44,7 @@ named_log_init(bool safe) { named_log_setdefaultchannels(lcfg); } - result = named_log_setdefaultcategory(lcfg); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(named_log_setdefaultcategory(lcfg)); named_log_setdefaultsslkeylogfile(lcfg); rcu_read_unlock(); @@ -199,12 +196,8 @@ isc_result_t named_log_setdefaultcategory(isc_logconfig_t *lcfg) { isc_result_t result = ISC_R_SUCCESS; - result = isc_log_usechannel(lcfg, "default_debug", - ISC_LOGCATEGORY_DEFAULT, - ISC_LOGMODULE_DEFAULT); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(isc_log_usechannel(lcfg, "default_debug", ISC_LOGCATEGORY_DEFAULT, + ISC_LOGMODULE_DEFAULT)); if (!named_g_logstderr) { if (named_g_logfile != NULL) { diff --git a/bin/named/server.c b/bin/named/server.c index f99e897dd7..7aeeec2b87 100644 --- a/bin/named/server.c +++ b/bin/named/server.c @@ -670,7 +670,7 @@ ta_fromconfig(const cfg_obj_t *key, bool *initialp, const char **namestrp, INIT_DS, STATIC_DS, TRUSTED - } anchortype; + } anchortype = TRUSTED; dst_algorithm_t algorithm; REQUIRE(namestrp != NULL && *namestrp == NULL); @@ -711,11 +711,8 @@ ta_fromconfig(const cfg_obj_t *key, bool *initialp, const char **namestrp, "key '%s': " "invalid initialization method '%s'", namestr, atstr); - result = ISC_R_FAILURE; - goto cleanup; + CHECK(ISC_R_FAILURE); } - } else { - anchortype = TRUSTED; } isc_buffer_init(&databuf, data, sizeof(data)); @@ -831,8 +828,7 @@ ta_fromconfig(const cfg_obj_t *key, bool *initialp, const char **namestrp, "key '%s': " "unknown ds digest type %u", namestr, ds->digest_type); - result = ISC_R_FAILURE; - goto cleanup; + CHECK(ISC_R_FAILURE); break; } @@ -1152,8 +1148,7 @@ configure_view_dnsseckeys(dns_view_t *view, const cfg_obj_t *vconfig, isc_log_write(DNS_LOGCATEGORY_SECURITY, NAMED_LOGMODULE_SERVER, ISC_LOG_ERROR, "root key not loaded"); - result = ISC_R_FAILURE; - goto cleanup; + CHECK(ISC_R_FAILURE); } } @@ -1184,8 +1179,7 @@ configure_view_dnsseckeys(dns_view_t *view, const cfg_obj_t *vconfig, "managed-keys-directory '%s' " "is not writable", directory); - result = ISC_R_NOPERM; - goto cleanup; + CHECK(ISC_R_NOPERM); } } @@ -1520,10 +1514,7 @@ configure_peer(const cfg_obj_t *cpeer, isc_mem_t *mctx, dns_peer_t **peerp) { obj = NULL; (void)cfg_map_get(cpeer, "keys", &obj); if (obj != NULL) { - result = dns_peer_setkeybycharp(peer, cfg_obj_asstring(obj)); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(dns_peer_setkeybycharp(peer, cfg_obj_asstring(obj))); } obj = NULL; @@ -1533,11 +1524,8 @@ configure_peer(const cfg_obj_t *cpeer, isc_mem_t *mctx, dns_peer_t **peerp) { (void)cfg_map_get(cpeer, "transfer-source-v6", &obj); } if (obj != NULL) { - result = dns_peer_settransfersource(peer, - cfg_obj_assockaddr(obj)); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(dns_peer_settransfersource(peer, + cfg_obj_assockaddr(obj))); } obj = NULL; @@ -1547,11 +1535,7 @@ configure_peer(const cfg_obj_t *cpeer, isc_mem_t *mctx, dns_peer_t **peerp) { (void)cfg_map_get(cpeer, "notify-source-v6", &obj); } if (obj != NULL) { - result = dns_peer_setnotifysource(peer, - cfg_obj_assockaddr(obj)); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(dns_peer_setnotifysource(peer, cfg_obj_assockaddr(obj))); } obj = NULL; @@ -1562,10 +1546,7 @@ configure_peer(const cfg_obj_t *cpeer, isc_mem_t *mctx, dns_peer_t **peerp) { } if (obj != NULL) { INSIST(cfg_obj_issockaddr(obj)); - result = dns_peer_setquerysource(peer, cfg_obj_assockaddr(obj)); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(dns_peer_setquerysource(peer, cfg_obj_assockaddr(obj))); } *peerp = peer; @@ -3861,8 +3842,7 @@ configure_view(dns_view_t *view, dns_viewlist_t *viewlist, cfg_obj_t *config, "rpz '%s' is not a primary or a " "secondary zone", namebuf); - result = ISC_R_NOTFOUND; - goto cleanup; + CHECK(ISC_R_NOTFOUND); } } } @@ -3920,11 +3900,8 @@ configure_view(dns_view_t *view, dns_viewlist_t *viewlist, cfg_obj_t *config, (void)cfg_map_get(dlz, "search", &search); if (search == NULL || cfg_obj_asboolean(search)) { dlzdb->search = true; - result = dns_dlzconfigure( - view, dlzdb, dlzconfigure_callback); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(dns_dlzconfigure(view, dlzdb, + dlzconfigure_callback)); ISC_LIST_APPEND(view->dlz_searched, dlzdb, link); } else { @@ -4094,35 +4071,23 @@ configure_view(dns_view_t *view, dns_viewlist_t *viewlist, cfg_obj_t *config, obj = NULL; (void)cfg_map_get(map, "clients", &obj); if (obj != NULL) { - result = cfg_acl_fromconfig(obj, config, aclctx, - mctx, 0, &clients); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(cfg_acl_fromconfig(obj, config, aclctx, + mctx, 0, &clients)); } obj = NULL; (void)cfg_map_get(map, "mapped", &obj); if (obj != NULL) { - result = cfg_acl_fromconfig(obj, config, aclctx, - mctx, 0, &mapped); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(cfg_acl_fromconfig(obj, config, aclctx, + mctx, 0, &mapped)); } obj = NULL; (void)cfg_map_get(map, "exclude", &obj); if (obj != NULL) { - result = cfg_acl_fromconfig(obj, config, aclctx, - mctx, 0, &excluded); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(cfg_acl_fromconfig(obj, config, aclctx, + mctx, 0, &excluded)); } else { if (named_g_mapped == NULL) { - result = create_mapped_acl(); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(create_mapped_acl()); } dns_acl_attach(named_g_mapped, &excluded); } @@ -4144,11 +4109,8 @@ configure_view(dns_view_t *view, dns_viewlist_t *viewlist, cfg_obj_t *config, &dns64); dns_dns64_append(&view->dns64, dns64); view->dns64cnt++; - result = dns64_reverse(view, mctx, &na, prefixlen, - server, contact); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(dns64_reverse(view, mctx, &na, prefixlen, server, + contact)); if (clients != NULL) { dns_acl_detach(&clients); } @@ -4409,8 +4371,7 @@ configure_view(dns_view_t *view, dns_viewlist_t *viewlist, cfg_obj_t *config, if (dispatch4 == NULL && dispatch6 == NULL) { UNEXPECTED_ERROR("unable to obtain either an IPv4 or" " an IPv6 dispatch"); - result = ISC_R_UNEXPECTED; - goto cleanup; + CHECK(ISC_R_UNEXPECTED); } CHECK(dns_view_createresolver(view, resopts, tlsctx_client_cache, @@ -5420,10 +5381,7 @@ configure_view(dns_view_t *view, dns_viewlist_t *viewlist, cfg_obj_t *config, obj = NULL; result = named_config_get(maps, "rate-limit", &obj); if (result == ISC_R_SUCCESS) { - result = configure_rrl(view, config, obj, aclctx); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(configure_rrl(view, config, obj, aclctx)); } /* @@ -6082,8 +6040,7 @@ configure_zone(const cfg_obj_t *config, const cfg_obj_t *zconfig, ISC_LOG_ERROR, "zone '%s': wrong class for view '%s'", zname, vname); - result = ISC_R_FAILURE; - goto cleanup; + CHECK(ISC_R_FAILURE); } (void)cfg_map_get(zoptions, "in-view", &viewobj); @@ -6095,8 +6052,7 @@ configure_zone(const cfg_obj_t *config, const cfg_obj_t *zconfig, cfg_obj_log(zconfig, ISC_LOG_ERROR, "'in-view' option is not permitted in " "dynamically added zones"); - result = ISC_R_FAILURE; - goto cleanup; + CHECK(ISC_R_FAILURE); } result = dns_viewlist_find(viewlist, inview, view->rdclass, @@ -6104,8 +6060,7 @@ configure_zone(const cfg_obj_t *config, const cfg_obj_t *zconfig, if (result != ISC_R_SUCCESS) { cfg_obj_log(zconfig, ISC_LOG_ERROR, "view '%s' is not yet defined.", inview); - result = ISC_R_FAILURE; - goto cleanup; + CHECK(ISC_R_FAILURE); } result = dns_view_findzone(otherview, origin, DNS_ZTFIND_EXACT, @@ -6115,8 +6070,7 @@ configure_zone(const cfg_obj_t *config, const cfg_obj_t *zconfig, cfg_obj_log(zconfig, ISC_LOG_ERROR, "zone '%s' not defined in view '%s'", zname, inview); - result = ISC_R_FAILURE; - goto cleanup; + CHECK(ISC_R_FAILURE); } CHECK(dns_view_addzone(view, zone)); @@ -6143,8 +6097,7 @@ configure_zone(const cfg_obj_t *config, const cfg_obj_t *zconfig, if (typeobj == NULL) { cfg_obj_log(zconfig, ISC_LOG_ERROR, "zone '%s' 'type' not specified", zname); - result = ISC_R_FAILURE; - goto cleanup; + CHECK(ISC_R_FAILURE); } ztypestr = cfg_obj_asstring(typeobj); @@ -6160,8 +6113,7 @@ configure_zone(const cfg_obj_t *config, const cfg_obj_t *zconfig, isc_log_write(NAMED_LOGCATEGORY_GENERAL, NAMED_LOGMODULE_SERVER, ISC_LOG_ERROR, "zone '%s': 'file' not specified", zname); - result = ISC_R_FAILURE; - goto cleanup; + CHECK(ISC_R_FAILURE); } if (dns_name_equal(origin, dns_rootname)) { const char *hintsfile = cfg_obj_asstring(fileobj); @@ -6202,8 +6154,7 @@ configure_zone(const cfg_obj_t *config, const cfg_obj_t *zconfig, if (view->redirect != NULL) { cfg_obj_log(zconfig, ISC_LOG_ERROR, "redirect zone already exists"); - result = ISC_R_EXISTS; - goto cleanup; + CHECK(ISC_R_EXISTS); } result = dns_viewlist_find(viewlist, view->name, view->rdclass, &pview); @@ -6242,8 +6193,7 @@ configure_zone(const cfg_obj_t *config, const cfg_obj_t *zconfig, cfg_obj_log(zconfig, ISC_LOG_ERROR, "zone '%s' already exists", zname); dns_zone_detach(&dupzone); - result = ISC_R_EXISTS; - goto cleanup; + CHECK(ISC_R_EXISTS); } INSIST(dupzone == NULL); } @@ -6957,8 +6907,7 @@ generate_session_key(const char *filename, const char *keynamestr, if (fp == NULL) { isc_log_write(NAMED_LOGCATEGORY_GENERAL, NAMED_LOGMODULE_SERVER, ISC_LOG_ERROR, "could not create %s", filename); - result = ISC_R_NOPERM; - goto cleanup; + CHECK(ISC_R_NOPERM); } fprintf(fp, @@ -6970,10 +6919,7 @@ generate_session_key(const char *filename, const char *keynamestr, (char *)isc_buffer_base(&key_txtbuffer)); CHECK(isc_stdio_flush(fp)); - result = isc_stdio_close(fp); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(isc_stdio_close(fp)); *keyp = key; return ISC_R_SUCCESS; @@ -7419,11 +7365,8 @@ data_to_cfg(dns_view_t *view, MDB_val *key, MDB_val *data, isc_buffer_t *text, INSIST(zone_config != NULL && zone_config_len > 0); /* zone zonename { config; }; */ - result = isc_buffer_reserve(text, 6 + zone_name_len + 2 + - zone_config_len + 2); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(isc_buffer_reserve(text, + 6 + zone_name_len + 2 + zone_config_len + 2)); CHECK(putstr(text, "zone \"")); CHECK(putmem(text, (const void *)zone_name, zone_name_len)); @@ -10501,11 +10444,8 @@ listenlist_fromconfig(const cfg_obj_t *listenlist, const cfg_obj_t *config, CFG_LIST_FOREACH(listenlist, element) { ns_listenelt_t *delt = NULL; const cfg_obj_t *listener = cfg_listelt_value(element); - result = listenelt_fromconfig(listener, config, aclctx, mctx, - family, tlsctx_cache, &delt); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(listenelt_fromconfig(listener, config, aclctx, mctx, + family, tlsctx_cache, &delt)); ISC_LIST_APPEND(dlist->elts, delt, link); } *target = dlist; @@ -12386,8 +12326,7 @@ nzd_save(MDB_txn **txnp, MDB_dbi dbi, dns_zone_t *zone, "Error deleting zone %s " "from NZD database: %s", namebuf, mdb_strerror(status)); - result = ISC_R_FAILURE; - goto cleanup; + CHECK(ISC_R_FAILURE); } else if (status != MDB_NOTFOUND) { commit = true; } @@ -12401,8 +12340,7 @@ nzd_save(MDB_txn **txnp, MDB_dbi dbi, dns_zone_t *zone, NAMED_LOGMODULE_SERVER, ISC_LOG_ERROR, "Unable to get options from config in " "nzd_save()"); - result = ISC_R_FAILURE; - goto cleanup; + CHECK(ISC_R_FAILURE); } dzarg.magic = DZARG_MAGIC; @@ -12415,8 +12353,7 @@ nzd_save(MDB_txn **txnp, MDB_dbi dbi, dns_zone_t *zone, "Error writing zone config to " "buffer in nzd_save(): %s", isc_result_totext(dzarg.result)); - result = dzarg.result; - goto cleanup; + CHECK(dzarg.result); } data.mv_data = isc_buffer_base(text); @@ -12429,8 +12366,7 @@ nzd_save(MDB_txn **txnp, MDB_dbi dbi, dns_zone_t *zone, "Error inserting zone in " "NZD database: %s", mdb_strerror(status)); - result = ISC_R_FAILURE; - goto cleanup; + CHECK(ISC_R_FAILURE); } commit = true; @@ -12724,8 +12660,7 @@ load_nzf(dns_view_t *view) { origin = cfg_obj_asstring(cfg_tuple_get(zconfig, "name")); if (origin == NULL) { - result = ISC_R_FAILURE; - goto cleanup; + CHECK(ISC_R_FAILURE); } /* Normalize zone name */ @@ -12741,8 +12676,7 @@ load_nzf(dns_view_t *view) { zoptions = cfg_tuple_get(zconfig, "options"); if (zoptions == NULL) { - result = ISC_R_FAILURE; - goto cleanup; + CHECK(ISC_R_FAILURE); } isc_buffer_clear(text); @@ -12756,8 +12690,7 @@ load_nzf(dns_view_t *view) { "Error writing zone config to " "buffer in load_nzf(): %s", isc_result_totext(result)); - result = dzarg.result; - goto cleanup; + CHECK(dzarg.result); } data.mv_data = isc_buffer_base(text); @@ -12770,8 +12703,7 @@ load_nzf(dns_view_t *view) { "Error inserting zone in " "NZD database: %s", mdb_strerror(status)); - result = ISC_R_FAILURE; - goto cleanup; + CHECK(ISC_R_FAILURE); } commit = true; @@ -13050,8 +12982,7 @@ do_addzone(named_server_t *server, dns_view_t *view, dns_name_t *name, TCHECK(putstr(text, "unable to open NZD database for '")); TCHECK(putstr(text, view->newzone.db)); TCHECK(putstr(text, "'")); - result = ISC_R_FAILURE; - goto cleanup; + CHECK(ISC_R_FAILURE); } #endif /* HAVE_LMDB */ @@ -13712,8 +13643,7 @@ named_server_delzone(named_server_t *server, isc_lex_t *lex, CHECK(zone_from_args(server, lex, ptr, &zone, zonename, text, false)); if (zone == NULL) { - result = ISC_R_UNEXPECTEDEND; - goto cleanup; + CHECK(ISC_R_UNEXPECTEDEND); } INSIST(zonename != NULL); @@ -13724,8 +13654,7 @@ named_server_delzone(named_server_t *server, isc_lex_t *lex, TCHECK(putstr(text, zonename)); TCHECK(putstr(text, "' cannot be deleted: response-policy zone.")); - result = ISC_R_FAILURE; - goto cleanup; + CHECK(ISC_R_FAILURE); } view = dns_zone_getview(zone); @@ -13832,8 +13761,7 @@ named_server_showzone(named_server_t *server, isc_lex_t *lex, /* Parse parameters */ CHECK(zone_from_args(server, lex, NULL, &zone, zonename, text, true)); if (zone == NULL) { - result = ISC_R_UNEXPECTEDEND; - goto cleanup; + CHECK(ISC_R_UNEXPECTEDEND); } zconfig = dns_zone_getcfg(zone); @@ -14544,8 +14472,7 @@ named_server_zonestatus(named_server_t *server, isc_lex_t *lex, CHECK(zone_from_args(server, lex, NULL, &zone, zonename, text, true)); if (zone == NULL) { - result = ISC_R_UNEXPECTEDEND; - goto cleanup; + CHECK(ISC_R_UNEXPECTEDEND); } /* Inline signing? */ @@ -15354,8 +15281,7 @@ named_server_mkeys(named_server_t *server, isc_lex_t *lex, isc_buffer_t *text) { } else { snprintf(msg, sizeof(msg), "unknown command '%s'", cmd); (void)putstr(text, msg); - result = ISC_R_UNEXPECTED; - goto cleanup; + CHECK(ISC_R_UNEXPECTED); } /* Look for the optional class name. */ diff --git a/bin/named/statschannel.c b/bin/named/statschannel.c index a56f0cc58f..a74af44cee 100644 --- a/bin/named/statschannel.c +++ b/bin/named/statschannel.c @@ -2405,8 +2405,7 @@ zone_jsonrender(dns_zone_t *zone, void *arg) { if (zonestats != NULL) { json_object *counters = json_object_new_object(); if (counters == NULL) { - result = ISC_R_NOMEMORY; - goto cleanup; + CHECK(ISC_R_NOMEMORY); } result = dump_stats(zonestats, isc_statsformat_json, @@ -2430,8 +2429,7 @@ zone_jsonrender(dns_zone_t *zone, void *arg) { if (gluecachestats != NULL) { json_object *counters = json_object_new_object(); if (counters == NULL) { - result = ISC_R_NOMEMORY; - goto cleanup; + CHECK(ISC_R_NOMEMORY); } result = dump_stats( @@ -2584,8 +2582,7 @@ xfrin_jsonrender(dns_zone_t *zone, void *arg) { } if (xfrinobj == NULL) { - result = ISC_R_NOMEMORY; - goto cleanup; + CHECK(ISC_R_NOMEMORY); } result = dns_zone_getxfr(zone, &xfr, &is_firstrefresh, &is_running, @@ -3167,8 +3164,7 @@ generatejson(named_server_t *server, size_t *msglen, const char **msg, 0); if (result != ISC_R_SUCCESS) { json_object_put(counters); - result = dumparg.result; - goto cleanup; + CHECK(dumparg.result); } json_object_object_add(res, "adb", diff --git a/bin/named/transportconf.c b/bin/named/transportconf.c index de02ab7bb2..7030c70426 100644 --- a/bin/named/transportconf.c +++ b/bin/named/transportconf.c @@ -36,7 +36,7 @@ result = (dns_name_fromtext(name, &namesrc, dns_rootname, \ DNS_NAME_DOWNCASE)); \ if (result != ISC_R_SUCCESS) { \ - goto failure; \ + goto cleanup; \ } #define parse_transport_option(map, transport, name, setter) \ @@ -126,7 +126,7 @@ add_doh_transports(const cfg_obj_t *transportlist, dns_transport_list_t *list) { } return ISC_R_SUCCESS; -failure: +cleanup: cfg_obj_log(doh, ISC_LOG_ERROR, "configuring DoH '%s': %s", dohid, isc_result_totext(result)); @@ -147,8 +147,7 @@ add_tls_transports(const cfg_obj_t *transportlist, dns_transport_list_t *list) { tlsid = cfg_obj_asstring(cfg_map_getname(tls)); if (!strcmp(tlsid, "ephemeral")) { - result = ISC_R_UNEXPECTEDTOKEN; - goto failure; + CHECK(ISC_R_UNEXPECTEDTOKEN); } create_name(tlsid, tlsname); @@ -176,7 +175,7 @@ add_tls_transports(const cfg_obj_t *transportlist, dns_transport_list_t *list) { } return ISC_R_SUCCESS; -failure: +cleanup: cfg_obj_log(tls, ISC_LOG_ERROR, "configuring tls '%s': %s", tlsid, isc_result_totext(result)); @@ -217,7 +216,7 @@ transport_list_add_ephemeral(dns_transport_list_t *list) { dns_transport_set_tlsname(transport, "ephemeral"); return; -failure: +cleanup: RUNTIME_CHECK(result == ISC_R_SUCCESS); } @@ -232,10 +231,7 @@ named_transports_fromconfig(const cfg_obj_t *config, const cfg_obj_t *vconfig, transport_list_add_ephemeral(list); if (config != NULL) { - result = transport_list_fromconfig(config, list); - if (result != ISC_R_SUCCESS) { - goto failure; - } + CHECK(transport_list_fromconfig(config, list)); } if (vconfig != NULL) { @@ -245,7 +241,7 @@ named_transports_fromconfig(const cfg_obj_t *config, const cfg_obj_t *vconfig, *listp = list; return ISC_R_SUCCESS; -failure: +cleanup: dns_transport_list_detach(&list); return result; } diff --git a/bin/named/tsigconf.c b/bin/named/tsigconf.c index 9133bc750e..1b758cb323 100644 --- a/bin/named/tsigconf.c +++ b/bin/named/tsigconf.c @@ -38,7 +38,7 @@ add_initial_keys(const cfg_obj_t *list, dns_tsigkeyring_t *ring, const char *keyid = NULL; unsigned char *secret = NULL; int secretalloc = 0; - isc_result_t ret; + isc_result_t result; CFG_LIST_FOREACH(list, element) { const cfg_obj_t *algobj = NULL; @@ -67,11 +67,8 @@ add_initial_keys(const cfg_obj_t *list, dns_tsigkeyring_t *ring, */ isc_buffer_constinit(&keynamesrc, keyid, strlen(keyid)); isc_buffer_add(&keynamesrc, strlen(keyid)); - ret = dns_name_fromtext(keyname, &keynamesrc, dns_rootname, - DNS_NAME_DOWNCASE); - if (ret != ISC_R_SUCCESS) { - goto failure; - } + CHECK(dns_name_fromtext(keyname, &keynamesrc, dns_rootname, + DNS_NAME_DOWNCASE)); /* * Create the algorithm. @@ -84,31 +81,27 @@ add_initial_keys(const cfg_obj_t *list, dns_tsigkeyring_t *ring, "key '%s': has a " "unsupported algorithm '%s'", keyid, algstr); - ret = DNS_R_BADALG; - goto failure; + CHECK(DNS_R_BADALG); } secretstr = cfg_obj_asstring(secretobj); secretalloc = secretlen = strlen(secretstr) * 3 / 4; secret = isc_mem_get(mctx, secretlen); isc_buffer_init(&secretbuf, secret, secretlen); - ret = isc_base64_decodestring(secretstr, &secretbuf); - if (ret != ISC_R_SUCCESS) { - goto failure; - } + CHECK(isc_base64_decodestring(secretstr, &secretbuf)); secretlen = isc_buffer_usedlength(&secretbuf); - ret = dns_tsigkey_create(keyname, alg, secret, secretlen, mctx, - &tsigkey); + result = dns_tsigkey_create(keyname, alg, secret, secretlen, + mctx, &tsigkey); isc_mem_put(mctx, secret, secretalloc); - if (ret == ISC_R_SUCCESS) { - ret = dns_tsigkeyring_add(ring, tsigkey); + if (result == ISC_R_SUCCESS) { + result = dns_tsigkeyring_add(ring, tsigkey); } - if (ret != ISC_R_SUCCESS) { + if (result != ISC_R_SUCCESS) { if (tsigkey != NULL) { dns_tsigkey_detach(&tsigkey); } - goto failure; + goto cleanup; } /* * Set digest bits. @@ -119,13 +112,13 @@ add_initial_keys(const cfg_obj_t *list, dns_tsigkeyring_t *ring, return ISC_R_SUCCESS; -failure: +cleanup: if (secret != NULL) { isc_mem_put(mctx, secret, secretalloc); } cfg_obj_log(key, ISC_LOG_ERROR, "configuring key '%s': %s", keyid, - isc_result_totext(ret)); - return ret; + isc_result_totext(result)); + return result; } isc_result_t @@ -159,16 +152,13 @@ named_tsigkeyring_fromconfig(const cfg_obj_t *config, const cfg_obj_t *vconfig, if (result != ISC_R_SUCCESS) { continue; } - result = add_initial_keys(keylist, ring, mctx); - if (result != ISC_R_SUCCESS) { - goto failure; - } + CHECK(add_initial_keys(keylist, ring, mctx)); } *ringp = ring; return ISC_R_SUCCESS; -failure: +cleanup: dns_tsigkeyring_detach(&ring); return result; } diff --git a/bin/named/zoneconf.c b/bin/named/zoneconf.c index 9ad15e0547..f557ec7514 100644 --- a/bin/named/zoneconf.c +++ b/bin/named/zoneconf.c @@ -369,8 +369,7 @@ configure_zone_ssutable(const cfg_obj_t *zconfig, const cfg_obj_t *tconfig, "failed to enable auto DDNS policy " "for zone %s: session key not found", zname); - result = ISC_R_NOTFOUND; - goto cleanup; + CHECK(ISC_R_NOTFOUND); } dns_ssutable_addrule( @@ -609,8 +608,7 @@ configure_staticstub(const cfg_obj_t *zconfig, const cfg_obj_t *tconfig, "No NS record is configured for a " "static-stub zone '%s'", zname); - result = ISC_R_FAILURE; - goto cleanup; + CHECK(ISC_R_FAILURE); } /* diff --git a/bin/nsupdate/nsupdate.c b/bin/nsupdate/nsupdate.c index 318c8dd96a..cc8e5b4cd6 100644 --- a/bin/nsupdate/nsupdate.c +++ b/bin/nsupdate/nsupdate.c @@ -569,16 +569,10 @@ read_sessionkey(isc_mem_t *mctx) { return ISC_R_FILENOTFOUND; } - result = cfg_parse_file(mctx, keyfile, &cfg_type_sessionkey, 0, - &sessionkey); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(cfg_parse_file(mctx, keyfile, &cfg_type_sessionkey, 0, + &sessionkey)); - result = cfg_map_get(sessionkey, "key", &key); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(cfg_map_get(sessionkey, "key", &key)); (void)cfg_map_get(key, "secret", &secretobj); (void)cfg_map_get(key, "algorithm", &algorithmobj); diff --git a/bin/tests/system/dyndb/driver/instance.c b/bin/tests/system/dyndb/driver/instance.c index db087895be..e4ab5a54c9 100644 --- a/bin/tests/system/dyndb/driver/instance.c +++ b/bin/tests/system/dyndb/driver/instance.c @@ -78,8 +78,7 @@ parse_params(isc_mem_t *mctx, int argc, char **argv, dns_name_t *z1, if (argc != 2) { log_error("exactly two parameters " "(absolute zone names) are required"); - result = ISC_R_FAILURE; - goto cleanup; + CHECK(ISC_R_FAILURE); } result = dns_name_fromstring(z1, argv[0], dns_rootname, 0, mctx); if (result != ISC_R_SUCCESS) { diff --git a/bin/tools/named-makejournal.c b/bin/tools/named-makejournal.c index c18da012e2..3cdbd34df6 100644 --- a/bin/tools/named-makejournal.c +++ b/bin/tools/named-makejournal.c @@ -177,10 +177,7 @@ main(int argc, char **argv) { goto cleanup; } - result = loadjournal(olddb, journal); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(loadjournal(olddb, journal)); result = dns_db_getsoaserial(olddb, NULL, &s2); RUNTIME_CHECK(result == ISC_R_SUCCESS); diff --git a/fuzz/dns_message_parse.c b/fuzz/dns_message_parse.c index 5f6069266e..236c789514 100644 --- a/fuzz/dns_message_parse.c +++ b/fuzz/dns_message_parse.c @@ -156,25 +156,13 @@ LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) { isc_buffer_add(&buffer, size); isc_buffer_setactive(&buffer, size); - result = parse_message(&buffer, &message); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(parse_message(&buffer, &message)); - result = print_message(message); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(print_message(message)); - result = render_message(&message); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(render_message(&message)); - result = print_message(message); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(print_message(message)); cleanup: if (message != NULL) { diff --git a/fuzz/dns_rdata_fromtext.c b/fuzz/dns_rdata_fromtext.c index 8f2988e2c1..a8ee8949b1 100644 --- a/fuzz/dns_rdata_fromtext.c +++ b/fuzz/dns_rdata_fromtext.c @@ -79,10 +79,7 @@ LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) { RUNTIME_CHECK(isc_lex_openbuffer(lex, &inbuf) == ISC_R_SUCCESS); - result = isc_lex_gettoken(lex, options | ISC_LEXOPT_NUMBER, &token); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(isc_lex_gettoken(lex, options | ISC_LEXOPT_NUMBER, &token)); if (token.type == isc_tokentype_eof) { goto cleanup; } @@ -98,18 +95,12 @@ LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) { } rdclass = (dns_rdataclass_t)token.value.as_ulong; } else if (token.type == isc_tokentype_string) { - result = dns_rdataclass_fromtext(&rdclass, - &token.value.as_textregion); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(dns_rdataclass_fromtext(&rdclass, + &token.value.as_textregion)); } else { goto cleanup; } - result = isc_lex_gettoken(lex, options | ISC_LEXOPT_NUMBER, &token); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(isc_lex_gettoken(lex, options | ISC_LEXOPT_NUMBER, &token)); if (token.type == isc_tokentype_eol) { goto cleanup; } @@ -126,11 +117,8 @@ LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) { } rdtype = (dns_rdatatype_t)token.value.as_ulong; } else if (token.type == isc_tokentype_string) { - result = dns_rdatatype_fromtext(&rdtype, - &token.value.as_textregion); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(dns_rdatatype_fromtext(&rdtype, + &token.value.as_textregion)); } else { goto cleanup; } diff --git a/lib/dns/cache.c b/lib/dns/cache.c index 0fbce6c372..f93f725510 100644 --- a/lib/dns/cache.c +++ b/lib/dns/cache.c @@ -184,11 +184,7 @@ dns_cache_create(dns_rdataclass_t rdclass, const char *cachename, /* * Create the database */ - result = cache_create_db(cache, &cache->db, &cache->tmctx, - &cache->hmctx); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(cache_create_db(cache, &cache->db, &cache->tmctx, &cache->hmctx)); *cachep = cache; return ISC_R_SUCCESS; @@ -398,10 +394,7 @@ cleartree(dns_db_t *db, const dns_name_t *name) { nodename = dns_fixedname_initname(&fnodename); - result = dns_db_createiterator(db, 0, &iter); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(dns_db_createiterator(db, 0, &iter)); result = dns_dbiterator_seek(iter, name); if (result == DNS_R_PARTIALMATCH) { diff --git a/lib/dns/catz.c b/lib/dns/catz.c index fa0724db42..fb7b284dcb 100644 --- a/lib/dns/catz.c +++ b/lib/dns/catz.c @@ -1214,20 +1214,14 @@ catz_process_coo(dns_catz_zone_t *catz, dns_label_t *mhash, } if (dns_name_countlabels(&ptr.ptr) == 0) { - result = ISC_R_FAILURE; - goto cleanup; + CHECK(ISC_R_FAILURE); } - result = isc_ht_find(catz->entries, mhash->base, mhash->length, - (void **)&entry); - if (result != ISC_R_SUCCESS) { - /* The entry was not found .*/ - goto cleanup; - } + CHECK(isc_ht_find(catz->entries, mhash->base, mhash->length, + (void **)&entry)); if (dns_name_countlabels(&entry->name) == 0) { - result = ISC_R_FAILURE; - goto cleanup; + CHECK(ISC_R_FAILURE); } catz_coo_add(catz, entry, &ptr.ptr); @@ -1333,31 +1327,20 @@ catz_process_version(dns_catz_zone_t *catz, dns_rdataset_t *value) { return result; } - result = dns_rdata_txt_first(&rdatatxt); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(dns_rdata_txt_first(&rdatatxt)); - result = dns_rdata_txt_current(&rdatatxt, &rdatastr); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(dns_rdata_txt_current(&rdatatxt, &rdatastr)); result = dns_rdata_txt_next(&rdatatxt); if (result != ISC_R_NOMORE) { - result = ISC_R_FAILURE; - goto cleanup; + CHECK(ISC_R_FAILURE); } if (rdatastr.length > 15) { - result = ISC_R_BADNUMBER; - goto cleanup; + CHECK(ISC_R_BADNUMBER); } memmove(t, rdatastr.data, rdatastr.length); t[rdatastr.length] = 0; - result = isc_parse_uint32(&tversion, t, 10); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(isc_parse_uint32(&tversion, t, 10)); catz->version = tversion; result = ISC_R_SUCCESS; @@ -1883,16 +1866,10 @@ dns_catz_generate_masterfilename(dns_catz_zone_t *catz, dns_catz_entry_t *entry, isc_buffer_putstr(tbuf, catz->catzs->view->name); isc_buffer_putstr(tbuf, "_"); - result = dns_name_totext(&catz->name, DNS_NAME_OMITFINALDOT, tbuf); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(dns_name_totext(&catz->name, DNS_NAME_OMITFINALDOT, tbuf)); isc_buffer_putstr(tbuf, "_"); - result = dns_name_totext(&entry->name, DNS_NAME_OMITFINALDOT, tbuf); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(dns_name_totext(&entry->name, DNS_NAME_OMITFINALDOT, tbuf)); /* * Search for slash and other special characters in the view and @@ -1913,10 +1890,7 @@ dns_catz_generate_masterfilename(dns_catz_zone_t *catz, dns_catz_entry_t *entry, rlen += strlen(entry->opts.zonedir) + 1; } - result = isc_buffer_reserve(*buffer, (unsigned int)rlen); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(isc_buffer_reserve(*buffer, (unsigned int)rlen)); if (entry->opts.zonedir != NULL) { isc_buffer_putstr(*buffer, entry->opts.zonedir); @@ -1930,16 +1904,10 @@ dns_catz_generate_masterfilename(dns_catz_zone_t *catz, dns_catz_entry_t *entry, unsigned int digestlen; /* we can do that because digest string < 2 * DNS_NAME */ - result = isc_md(ISC_MD_SHA256, r.base, r.length, digest, - &digestlen); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } - result = digest2hex(digest, digestlen, (char *)r.base, - ISC_SHA256_DIGESTLENGTH * 2 + 1); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(isc_md(ISC_MD_SHA256, r.base, r.length, digest, + &digestlen)); + CHECK(digest2hex(digest, digestlen, (char *)r.base, + ISC_SHA256_DIGESTLENGTH * 2 + 1)); isc_buffer_putstr(*buffer, (char *)r.base); } else { isc_buffer_copyregion(*buffer, &r); @@ -2002,8 +1970,7 @@ dns_catz_generate_zonecfg(dns_catz_zone_t *catz, dns_catz_entry_t *entry, "catz: zone '%s' uses an invalid primary " "(no IP address assigned)", zname); - result = ISC_R_FAILURE; - goto cleanup; + CHECK(ISC_R_FAILURE); } isc_netaddr_fromsockaddr(&netaddr, &entry->opts.masters.addrs[i]); @@ -2018,30 +1985,21 @@ dns_catz_generate_zonecfg(dns_catz_zone_t *catz, dns_catz_entry_t *entry, if (entry->opts.masters.keys[i] != NULL) { isc_buffer_putstr(buffer, " key "); - result = dns_name_totext(entry->opts.masters.keys[i], - DNS_NAME_OMITFINALDOT, buffer); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(dns_name_totext(entry->opts.masters.keys[i], + DNS_NAME_OMITFINALDOT, buffer)); } if (entry->opts.masters.tlss[i] != NULL) { isc_buffer_putstr(buffer, " tls "); - result = dns_name_totext(entry->opts.masters.tlss[i], - DNS_NAME_OMITFINALDOT, buffer); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(dns_name_totext(entry->opts.masters.tlss[i], + DNS_NAME_OMITFINALDOT, buffer)); } isc_buffer_putstr(buffer, "; "); } isc_buffer_putstr(buffer, "}; "); if (!entry->opts.in_memory) { isc_buffer_putstr(buffer, "file \""); - result = dns_catz_generate_masterfilename(catz, entry, &buffer); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(dns_catz_generate_masterfilename(catz, entry, &buffer)); isc_buffer_putstr(buffer, "\"; "); } if (entry->opts.allow_query != NULL) { @@ -2140,13 +2098,9 @@ dns_catz_dbupdate_callback(dns_db_t *db, void *fn_arg) { LOCK(&catzs->lock); if (catzs->zones == NULL) { - result = ISC_R_SHUTTINGDOWN; - goto cleanup; - } - result = isc_ht_find(catzs->zones, r.base, r.length, (void **)&catz); - if (result != ISC_R_SUCCESS) { - goto cleanup; + CHECK(ISC_R_SHUTTINGDOWN); } + CHECK(isc_ht_find(catzs->zones, r.base, r.length, (void **)&catz)); /* New zone came as AXFR */ if (catz->db != NULL && catz->db != db) { diff --git a/lib/dns/client.c b/lib/dns/client.c index bca416c480..abfa407857 100644 --- a/lib/dns/client.c +++ b/lib/dns/client.c @@ -142,17 +142,11 @@ setsourceports(isc_mem_t *mctx, dns_dispatchmgr_t *manager) { isc_result_t result; isc_portset_create(mctx, &v4portset); - result = isc_net_getudpportrange(AF_INET, &udpport_low, &udpport_high); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(isc_net_getudpportrange(AF_INET, &udpport_low, &udpport_high)); isc_portset_addrange(v4portset, udpport_low, udpport_high); isc_portset_create(mctx, &v6portset); - result = isc_net_getudpportrange(AF_INET6, &udpport_low, &udpport_high); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(isc_net_getudpportrange(AF_INET6, &udpport_low, &udpport_high)); isc_portset_addrange(v6portset, udpport_low, udpport_high); result = dns_dispatchmgr_setavailports(manager, v4portset, v6portset); @@ -900,17 +894,11 @@ startresolve(dns_client_t *client, const dns_name_t *name, .link = ISC_LINK_INITIALIZER, }; - result = getrdataset(mctx, &rdataset); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(getrdataset(mctx, &rdataset)); rctx->rdataset = rdataset; if (want_dnssec) { - result = getrdataset(mctx, &sigrdataset); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(getrdataset(mctx, &sigrdataset)); } rctx->sigrdataset = sigrdataset; diff --git a/lib/dns/dlz.c b/lib/dns/dlz.c index 452a6ee90f..48f563f6c7 100644 --- a/lib/dns/dlz.c +++ b/lib/dns/dlz.c @@ -203,20 +203,17 @@ dns_dlzcreate(isc_mem_t *mctx, const char *dlzname, const char *drivername, /* Create a new database using implementation 'drivername'. */ result = ((impinfo->methods->create)(mctx, dlzname, argc, argv, impinfo->driverarg, &db->dbdata)); - RWUNLOCK(&dlz_implock, isc_rwlocktype_read); - /* mark the DLZ driver as valid */ - if (result != ISC_R_SUCCESS) { - goto failure; - } + CHECK(result); + /* Mark the DLZ driver as valid */ db->magic = DNS_DLZ_MAGIC; isc_mem_attach(mctx, &db->mctx); isc_log_write(DNS_LOGCATEGORY_DATABASE, DNS_LOGMODULE_DLZ, ISC_LOG_DEBUG(2), "DLZ driver loaded successfully."); *dbp = db; return ISC_R_SUCCESS; -failure: +cleanup: isc_log_write(DNS_LOGCATEGORY_DATABASE, DNS_LOGMODULE_DLZ, ISC_LOG_ERROR, "DLZ driver failed to load."); @@ -402,11 +399,8 @@ dns_dlz_writeablezone(dns_view_t *view, dns_dlzdb_t *dlzdb, isc_buffer_constinit(&buffer, zone_name, strlen(zone_name)); isc_buffer_add(&buffer, strlen(zone_name)); dns_fixedname_init(&fixorigin); - result = dns_name_fromtext(dns_fixedname_name(&fixorigin), &buffer, - dns_rootname, 0); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(dns_name_fromtext(dns_fixedname_name(&fixorigin), &buffer, + dns_rootname, 0)); origin = dns_fixedname_name(&fixorigin); if (!dlzdb->search) { @@ -423,8 +417,7 @@ dns_dlz_writeablezone(dns_view_t *view, dns_dlzdb_t *dlzdb, result = dns_view_findzone(view, origin, DNS_ZTFIND_EXACT, &dupzone); if (result == ISC_R_SUCCESS) { dns_zone_detach(&dupzone); - result = ISC_R_EXISTS; - goto cleanup; + CHECK(ISC_R_EXISTS); } INSIST(dupzone == NULL); @@ -440,10 +433,7 @@ dns_dlz_writeablezone(dns_view_t *view, dns_dlzdb_t *dlzdb, } dns_zone_setssutable(zone, dlzdb->ssutable); - result = dlzdb->configure_callback(view, dlzdb, zone); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(dlzdb->configure_callback(view, dlzdb, zone)); result = dns_view_addzone(view, zone); diff --git a/lib/dns/master.c b/lib/dns/master.c index 35a935e5ac..f42c0c1ec1 100644 --- a/lib/dns/master.c +++ b/lib/dns/master.c @@ -2183,10 +2183,7 @@ pushfile(const char *master_file, dns_name_t *origin, dns_loadctx_t *lctx) { newctx->drop = ictx->drop; } - result = (lctx->openfile)(lctx, master_file); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK((lctx->openfile)(lctx, master_file)); newctx->parent = ictx; lctx->inc = newctx; @@ -2400,8 +2397,7 @@ load_raw(dns_loadctx_t *lctx) { sizeof(uint16_t) + sizeof(uint16_t) + sizeof(uint32_t) + sizeof(uint32_t); if (totallen < minlen) { - result = ISC_R_RANGE; - goto cleanup; + CHECK(ISC_R_RANGE); } totallen -= sizeof(totallen); @@ -2428,10 +2424,7 @@ load_raw(dns_loadctx_t *lctx) { */ readlen = totallen; } - result = isc_stdio_read(target.base, 1, readlen, lctx->f, NULL); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(isc_stdio_read(target.base, 1, readlen, lctx->f, NULL)); isc_buffer_add(&target, (unsigned int)readlen); totallen -= (uint32_t)readlen; @@ -2439,42 +2432,30 @@ load_raw(dns_loadctx_t *lctx) { dns_rdatalist_init(&rdatalist); rdatalist.rdclass = isc_buffer_getuint16(&target); if (lctx->zclass != rdatalist.rdclass) { - result = DNS_R_BADCLASS; - goto cleanup; + CHECK(DNS_R_BADCLASS); } rdatalist.type = isc_buffer_getuint16(&target); rdatalist.covers = isc_buffer_getuint16(&target); rdatalist.ttl = isc_buffer_getuint32(&target); rdcount = isc_buffer_getuint32(&target); if (rdcount == 0 || rdcount > 0xffff) { - result = ISC_R_RANGE; - goto cleanup; + CHECK(ISC_R_RANGE); } INSIST(isc_buffer_consumedlength(&target) <= readlen); /* Owner name: length followed by name */ - result = read_and_check(sequential_read, &target, - sizeof(namelen), lctx->f, &totallen); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(read_and_check(sequential_read, &target, sizeof(namelen), + lctx->f, &totallen)); namelen = isc_buffer_getuint16(&target); if (namelen > sizeof(namebuf)) { - result = ISC_R_RANGE; - goto cleanup; + CHECK(ISC_R_RANGE); } - result = read_and_check(sequential_read, &target, namelen, - lctx->f, &totallen); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(read_and_check(sequential_read, &target, namelen, lctx->f, + &totallen)); isc_buffer_setactive(&target, (unsigned int)namelen); - result = dns_name_fromwire(name, &target, dctx, NULL); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(dns_name_fromwire(name, &target, dctx, NULL)); if ((lctx->options & DNS_MASTER_CHECKTTL) != 0 && rdatalist.ttl > lctx->maxttl) @@ -2484,8 +2465,7 @@ load_raw(dns_loadctx_t *lctx) { "TTL %d exceeds configured " "max-zone-ttl %d", rdatalist.ttl, lctx->maxttl); - result = ISC_R_RANGE; - goto cleanup; + CHECK(ISC_R_RANGE); } /* Rdata contents. */ @@ -2533,20 +2513,14 @@ load_raw(dns_loadctx_t *lctx) { } /* rdata length */ - result = read_and_check(sequential_read, &target, - sizeof(rdlen), lctx->f, - &totallen); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(read_and_check(sequential_read, &target, + sizeof(rdlen), lctx->f, + &totallen)); rdlen = isc_buffer_getuint16(&target); /* rdata */ - result = read_and_check(sequential_read, &target, rdlen, - lctx->f, &totallen); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(read_and_check(sequential_read, &target, rdlen, + lctx->f, &totallen)); isc_buffer_setactive(&target, (unsigned int)rdlen); /* * It is safe to have the source active region and @@ -2556,12 +2530,9 @@ load_raw(dns_loadctx_t *lctx) { */ isc_buffer_init(&buf, isc_buffer_current(&target), (unsigned int)rdlen); - result = dns_rdata_fromwire( - &rdata[i], rdatalist.rdclass, rdatalist.type, - &target, dctx, &buf); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(dns_rdata_fromwire(&rdata[i], rdatalist.rdclass, + rdatalist.type, &target, dctx, + &buf)); ISC_LIST_APPEND(rdatalist.rdata, &rdata[i], link); } @@ -2571,8 +2542,7 @@ load_raw(dns_loadctx_t *lctx) { * or malformed data. */ if (isc_buffer_remaininglength(&target) != 0 || totallen != 0) { - result = ISC_R_RANGE; - goto cleanup; + CHECK(ISC_R_RANGE); } ISC_LIST_APPEND(head, &rdatalist, link); @@ -2635,10 +2605,7 @@ dns_master_loadfile(const char *master_file, dns_name_t *top, lctx->maxttl = maxttl; - result = (lctx->openfile)(lctx, master_file); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK((lctx->openfile)(lctx, master_file)); result = (lctx->load)(lctx); INSIST(result != DNS_R_CONTINUE); @@ -2729,10 +2696,7 @@ dns_master_loadbuffer(isc_buffer_t *buffer, dns_name_t *top, dns_name_t *origin, loadctx_create(dns_masterformat_text, mctx, options, 0, top, zclass, origin, callbacks, NULL, NULL, NULL, NULL, NULL, &lctx); - result = isc_lex_openbuffer(lctx->lex, buffer); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(isc_lex_openbuffer(lctx->lex, buffer)); result = (lctx->load)(lctx); INSIST(result != DNS_R_CONTINUE); diff --git a/lib/dns/masterdump.c b/lib/dns/masterdump.c index e86f76396d..ca5704204b 100644 --- a/lib/dns/masterdump.c +++ b/lib/dns/masterdump.c @@ -1571,10 +1571,7 @@ dumpctx_create(isc_mem_t *mctx, dns_db_t *db, dns_dbversion_t *version, } else { options = 0; } - result = dns_db_createiterator(dctx->db, options, &dctx->dbiter); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(dns_db_createiterator(dctx->db, options, &dctx->dbiter)); isc_mutex_init(&dctx->lock); isc_mem_attach(mctx, &dctx->mctx); @@ -1795,10 +1792,7 @@ opentmp(isc_mem_t *mctx, const char *file, char **tempp, FILE **fp) { tempnamelen = strlen(file) + 20; tempname = isc_mem_allocate(mctx, tempnamelen); - result = isc_file_mktemplate(file, tempname, tempnamelen); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(isc_file_mktemplate(file, tempname, tempnamelen)); result = isc_file_openunique(tempname, &f); if (result != ISC_R_SUCCESS) { @@ -1882,11 +1876,8 @@ dns_master_dump(isc_mem_t *mctx, dns_db_t *db, dns_dbversion_t *version, return result; } - result = dumpctx_create(mctx, db, version, style, f, &dctx, format, - header); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(dumpctx_create(mctx, db, version, style, f, &dctx, format, + header)); result = dumptostream(dctx); INSIST(result != DNS_R_CONTINUE); diff --git a/lib/dns/message.c b/lib/dns/message.c index 4b094b04cb..bd68f18a6f 100644 --- a/lib/dns/message.c +++ b/lib/dns/message.c @@ -965,10 +965,7 @@ getquestions(isc_buffer_t *source, dns_message_t *msg, dns_decompress_t dctx, */ isc_buffer_remainingregion(source, &r); isc_buffer_setactive(source, r.length); - result = getname(name, source, msg, dctx); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(getname(name, source, msg, dctx)); ISC_LIST_APPEND(*section, name, link); @@ -979,8 +976,7 @@ getquestions(isc_buffer_t *source, dns_message_t *msg, dns_decompress_t dctx, */ isc_buffer_remainingregion(source, &r); if (r.length < 4) { - result = ISC_R_UNEXPECTEDEND; - goto cleanup; + CHECK(ISC_R_UNEXPECTEDEND); } rdtype = isc_buffer_getuint16(source); rdclass = isc_buffer_getuint16(source); @@ -1104,10 +1100,7 @@ getsection(isc_buffer_t *source, dns_message_t *msg, dns_decompress_t dctx, */ isc_buffer_remainingregion(source, &r); isc_buffer_setactive(source, r.length); - result = getname(name, source, msg, dctx); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(getname(name, source, msg, dctx)); /* * Get type, class, ttl, and rdatalen. Verify that at least @@ -1116,8 +1109,7 @@ getsection(isc_buffer_t *source, dns_message_t *msg, dns_decompress_t dctx, */ isc_buffer_remainingregion(source, &r); if (r.length < 2 + 2 + 4 + 2) { - result = ISC_R_UNEXPECTEDEND; - goto cleanup; + CHECK(ISC_R_UNEXPECTEDEND); } rdtype = isc_buffer_getuint16(source); rdclass = isc_buffer_getuint16(source); @@ -1226,8 +1218,7 @@ getsection(isc_buffer_t *source, dns_message_t *msg, dns_decompress_t dctx, rdatalen = isc_buffer_getuint16(source); r.length -= (2 + 2 + 4 + 2); if (r.length < rdatalen) { - result = ISC_R_UNEXPECTEDEND; - goto cleanup; + CHECK(ISC_R_UNEXPECTEDEND); } /* @@ -1241,8 +1232,7 @@ getsection(isc_buffer_t *source, dns_message_t *msg, dns_decompress_t dctx, update(sectionid, rdclass)) { if (rdatalen != 0) { - result = DNS_R_FORMERR; - goto cleanup; + CHECK(DNS_R_FORMERR); } /* * When the rdata is empty, the data pointer is @@ -1309,8 +1299,7 @@ getsection(isc_buffer_t *source, dns_message_t *msg, dns_decompress_t dctx, if (rdtype == dns_rdatatype_nsec3 && !dns_rdata_checkowner(name, msg->rdclass, rdtype, false)) { - result = DNS_R_BADOWNERNAME; - goto cleanup; + CHECK(DNS_R_BADOWNERNAME); } /* @@ -2666,10 +2655,7 @@ dns_message_setopt(dns_message_t *msg) { msgresetopt(msg); - result = dns_rdataset_first(opt); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(dns_rdataset_first(opt)); dns_rdataset_current(opt, &rdata); msg->opt_reserved = 11 + rdata.length; result = dns_message_renderreserve(msg, msg->opt_reserved); @@ -3628,8 +3614,7 @@ render_zoneversion(dns_message_t *msg, isc_buffer_t *optbuf, if (isc_buffer_availablelength(target) < 1) { - result = ISC_R_NOSPACE; - goto cleanup; + CHECK(ISC_R_NOSPACE); } isc_buffer_putmem(target, &data[i], 1); } else { @@ -3755,11 +3740,8 @@ dns_message_pseudosectiontoyaml(dns_message_t *msg, dns_pseudosection_t section, switch (optcode) { case DNS_OPT_LLQ: if (optlen == 18U) { - result = render_llq(&optbuf, msg, style, - target); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(render_llq(&optbuf, msg, style, + target)); ADD_STRING(target, "\n"); continue; } @@ -3777,11 +3759,8 @@ dns_message_pseudosectiontoyaml(dns_message_t *msg, dns_pseudosection_t section, ADD_STRING(target, buf); ADD_STRING(target, " # "); - result = dns_ttl_totext(secs, true, - true, target); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(dns_ttl_totext(secs, true, true, + target)); ADD_STRING(target, "\n"); if (optlen == 8U) { @@ -3795,12 +3774,9 @@ dns_message_pseudosectiontoyaml(dns_message_t *msg, dns_pseudosection_t section, ADD_STRING(target, buf); ADD_STRING(target, " # "); - result = dns_ttl_totext( - key, true, true, - target); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(dns_ttl_totext(key, true, + true, + target)); ADD_STRING(target, "\n"); } continue; @@ -3829,11 +3805,8 @@ dns_message_pseudosectiontoyaml(dns_message_t *msg, dns_pseudosection_t section, snprintf(buf, sizeof(buf), " %u", secs); ADD_STRING(target, buf); ADD_STRING(target, " # "); - result = dns_ttl_totext(secs, true, - true, target); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(dns_ttl_totext(secs, true, true, + target)); ADD_STRING(target, "\n"); continue; } @@ -3920,11 +3893,8 @@ dns_message_pseudosectiontoyaml(dns_message_t *msg, dns_pseudosection_t section, if (optlen >= 2U) { isc_buffer_t zonebuf = optbuf; isc_buffer_setactive(&zonebuf, optlen); - result = render_zoneversion( - msg, &zonebuf, style, target); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(render_zoneversion( + msg, &zonebuf, style, target)); isc_buffer_forward(&optbuf, optlen); ADD_STRING(target, "\n"); continue; @@ -4221,19 +4191,13 @@ dns_message_pseudosectiontotext(dns_message_t *msg, dns_pseudosection_t section, ADD_STRING(target, buf); } ADD_STRING(target, " ("); - result = dns_ttl_totext(secs, true, - true, target); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(dns_ttl_totext(secs, true, true, + target)); if (optlen == 8U) { ADD_STRING(target, "/"); - result = dns_ttl_totext( - key, true, true, - target); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(dns_ttl_totext(key, true, + true, + target)); } ADD_STRING(target, ")\n"); continue; @@ -4365,11 +4329,8 @@ dns_message_pseudosectiontotext(dns_message_t *msg, dns_pseudosection_t section, if (optlen >= 2U) { isc_buffer_t zonebuf = optbuf; isc_buffer_setactive(&zonebuf, optlen); - result = render_zoneversion( - msg, &zonebuf, style, target); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(render_zoneversion( + msg, &zonebuf, style, target)); ADD_STRING(target, "\n"); isc_buffer_forward(&optbuf, optlen); continue; @@ -4940,8 +4901,7 @@ buildopt(dns_message_t *message, dns_rdataset_t **rdatasetp) { } if (len > 0xffffU) { - result = ISC_R_NOSPACE; - goto cleanup; + CHECK(ISC_R_NOSPACE); } isc_buffer_allocate(message->mctx, &buf, len); diff --git a/lib/dns/notify.c b/lib/dns/notify.c index ed47a92447..da06276393 100644 --- a/lib/dns/notify.c +++ b/lib/dns/notify.c @@ -347,10 +347,7 @@ notify_send_toaddr(void *arg) { goto cleanup; } - result = notify_createmessage(notify, &message); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(notify_createmessage(notify, &message)); if (notify->key != NULL) { /* Transfer ownership of key */ @@ -654,10 +651,7 @@ notify_send(dns_notify_t *notify) { isc_sockaddr_any6(&newnotify->src); } startup = ((notify->flags & DNS_NOTIFY_STARTUP) != 0); - result = dns_notify_queue(newnotify, startup); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(dns_notify_queue(newnotify, startup)); newnotify = NULL; } diff --git a/lib/dns/nsec.c b/lib/dns/nsec.c index 20e1c34fe3..1ebc6e8995 100644 --- a/lib/dns/nsec.c +++ b/lib/dns/nsec.c @@ -173,10 +173,7 @@ dns_nsec_build(dns_db_t *db, dns_dbversion_t *version, dns_dbnode_t *node, dns_rdataset_init(&rdataset); dns_rdata_init(&rdata); - result = dns_nsec_buildrdata(db, version, node, target, data, &rdata); - if (result != ISC_R_SUCCESS) { - goto failure; - } + CHECK(dns_nsec_buildrdata(db, version, node, target, data, &rdata)); dns_rdatalist_init(&rdatalist); rdatalist.rdclass = dns_db_class(db); @@ -189,7 +186,7 @@ dns_nsec_build(dns_db_t *db, dns_dbversion_t *version, dns_dbnode_t *node, result = ISC_R_SUCCESS; } -failure: +cleanup: if (dns_rdataset_isassociated(&rdataset)) { dns_rdataset_disassociate(&rdataset); } diff --git a/lib/dns/nta.c b/lib/dns/nta.c index b95d1067a9..a026c752f1 100644 --- a/lib/dns/nta.c +++ b/lib/dns/nta.c @@ -509,10 +509,7 @@ dns_ntatable_totext(dns_ntatable_t *ntatable, const char *view, } first = false; - result = putstr(buf, obuf); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(putstr(buf, obuf)); } cleanup: diff --git a/lib/dns/qpcache.c b/lib/dns/qpcache.c index b344e8e698..5ef3d1be63 100644 --- a/lib/dns/qpcache.c +++ b/lib/dns/qpcache.c @@ -2981,15 +2981,9 @@ addnoqname(isc_mem_t *mctx, dns_slabheader_t *newheader, uint32_t maxrrperset, result = dns_rdataset_getnoqname(rdataset, &name, &neg, &negsig); RUNTIME_CHECK(result == ISC_R_SUCCESS); - result = dns_rdataslab_fromrdataset(&neg, mctx, &r1, maxrrperset); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(dns_rdataslab_fromrdataset(&neg, mctx, &r1, maxrrperset)); - result = dns_rdataslab_fromrdataset(&negsig, mctx, &r2, maxrrperset); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(dns_rdataslab_fromrdataset(&negsig, mctx, &r2, maxrrperset)); noqname = isc_mem_get(mctx, sizeof(*noqname)); *noqname = (dns_slabheader_proof_t){ @@ -3020,15 +3014,9 @@ addclosest(isc_mem_t *mctx, dns_slabheader_t *newheader, uint32_t maxrrperset, result = dns_rdataset_getclosest(rdataset, &name, &neg, &negsig); RUNTIME_CHECK(result == ISC_R_SUCCESS); - result = dns_rdataslab_fromrdataset(&neg, mctx, &r1, maxrrperset); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(dns_rdataslab_fromrdataset(&neg, mctx, &r1, maxrrperset)); - result = dns_rdataslab_fromrdataset(&negsig, mctx, &r2, maxrrperset); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(dns_rdataslab_fromrdataset(&negsig, mctx, &r2, maxrrperset)); closest = isc_mem_get(mctx, sizeof(*closest)); *closest = (dns_slabheader_proof_t){ diff --git a/lib/dns/rdata.c b/lib/dns/rdata.c index 2c83eaf380..ed7d0ad146 100644 --- a/lib/dns/rdata.c +++ b/lib/dns/rdata.c @@ -1090,14 +1090,10 @@ unknown_fromtext(dns_rdataclass_t rdclass, dns_rdatatype_t type, isc_buffer_allocate(mctx, &buf, token.value.as_ulong); if (token.value.as_ulong != 0U) { - result = isc_hex_tobuffer(lexer, buf, - (unsigned int)token.value.as_ulong); - if (result != ISC_R_SUCCESS) { - goto failure; - } + CHECK(isc_hex_tobuffer(lexer, buf, + (unsigned int)token.value.as_ulong)); if (isc_buffer_usedlength(buf) != token.value.as_ulong) { - result = ISC_R_UNEXPECTEDEND; - goto failure; + CHECK(ISC_R_UNEXPECTEDEND); } } @@ -1108,14 +1104,12 @@ unknown_fromtext(dns_rdataclass_t rdclass, dns_rdatatype_t type, isc_buffer_usedregion(buf, &r); result = isc_buffer_copyregion(target, &r); } - if (result != ISC_R_SUCCESS) { - goto failure; - } + CHECK(result); isc_buffer_free(&buf); return ISC_R_SUCCESS; -failure: +cleanup: isc_buffer_free(&buf); return result; } diff --git a/lib/dns/rdataslab.c b/lib/dns/rdataslab.c index 703c2f6b1e..5910d1b6d2 100644 --- a/lib/dns/rdataslab.c +++ b/lib/dns/rdataslab.c @@ -514,8 +514,7 @@ dns_rdataslab_merge(dns_slabheader_t *oheader, dns_slabheader_t *nheader, * than ncount, then we found such a duplicate. */ if (((flags & DNS_RDATASLAB_EXACT) != 0) && (tcount < ncount)) { - result = DNS_R_NOTEXACT; - goto cleanup; + CHECK(DNS_R_NOTEXACT); } /* @@ -523,8 +522,7 @@ dns_rdataslab_merge(dns_slabheader_t *oheader, dns_slabheader_t *nheader, * FORCE flag isn't set, we're done. */ if (tcount == 0 && (flags & DNS_RDATASLAB_FORCE) == 0) { - result = DNS_R_UNCHANGED; - goto cleanup; + CHECK(DNS_R_UNCHANGED); } /* Add to tcount the total number of items from the old slab. */ @@ -535,13 +533,11 @@ dns_rdataslab_merge(dns_slabheader_t *oheader, dns_slabheader_t *nheader, /* Single types can't have more than one RR. */ if (tcount > 1 && dns_rdatatype_issingleton(type)) { - result = DNS_R_SINGLETON; - goto cleanup; + CHECK(DNS_R_SINGLETON); } if (tcount > 0xffff) { - result = ISC_R_NOSPACE; - goto cleanup; + CHECK(ISC_R_NOSPACE); } /* Allocate the target buffer and copy the new slab's header */ @@ -677,8 +673,7 @@ dns_rdataslab_subtract(dns_slabheader_t *oheader, dns_slabheader_t *sheader, * duplicates.) */ if ((flags & DNS_RDATASLAB_EXACT) != 0 && rcount != scount) { - result = DNS_R_NOTEXACT; - goto cleanup; + CHECK(DNS_R_NOTEXACT); } /* @@ -686,16 +681,14 @@ dns_rdataslab_subtract(dns_slabheader_t *oheader, dns_slabheader_t *sheader, * create a new buffer, just return. */ if (tcount == 0) { - result = DNS_R_NXRRSET; - goto cleanup; + CHECK(DNS_R_NXRRSET); } /* * If nothing is going to change, stop. */ if (rcount == 0) { - result = DNS_R_UNCHANGED; - goto cleanup; + CHECK(DNS_R_UNCHANGED); } /* diff --git a/lib/dns/request.c b/lib/dns/request.c index 2d9d445624..00556da402 100644 --- a/lib/dns/request.c +++ b/lib/dns/request.c @@ -463,17 +463,11 @@ dns_request_createraw(dns_requestmgr_t *requestmgr, isc_buffer_t *msgbuf, timeout, udptimeout, udpretries); isc_buffer_allocate(mctx, &request->query, r.length + (tcp ? 2 : 0)); - result = isc_buffer_copyregion(request->query, &r); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(isc_buffer_copyregion(request->query, &r)); again: - result = get_dispatch(tcp, newtcp, requestmgr, srcaddr, destaddr, - transport, &request->dispatch); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(get_dispatch(tcp, newtcp, requestmgr, srcaddr, destaddr, + transport, &request->dispatch)); if ((options & DNS_REQUESTOPT_FIXEDID) != 0) { id = (r.base[0] << 8) | r.base[1]; @@ -589,26 +583,17 @@ dns_request_create(dns_requestmgr_t *requestmgr, dns_message_t *message, dns_tsigkey_attach(key, &request->tsigkey); } - result = dns_message_settsigkey(message, request->tsigkey); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(dns_message_settsigkey(message, request->tsigkey)); again: - result = get_dispatch(tcp, false, requestmgr, srcaddr, destaddr, - transport, &request->dispatch); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(get_dispatch(tcp, false, requestmgr, srcaddr, destaddr, transport, + &request->dispatch)); - result = dns_dispatch_add(request->dispatch, loop, 0, - request->connect_timeout, request->timeout, - destaddr, transport, tlsctx_cache, - req_connected, req_senddone, req_response, - request, &id, &request->dispentry); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(dns_dispatch_add(request->dispatch, loop, 0, + request->connect_timeout, request->timeout, + destaddr, transport, tlsctx_cache, req_connected, + req_senddone, req_response, request, &id, + &request->dispentry)); message->id = id; result = req_render(message, &request->query, options, mctx); @@ -624,10 +609,7 @@ again: goto cleanup; } - result = dns_message_getquerytsig(message, mctx, &request->tsig); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(dns_message_getquerytsig(message, mctx, &request->tsig)); request->destaddr = *destaddr; request->flags |= DNS_REQUEST_F_CONNECTING; @@ -692,44 +674,22 @@ req_render(dns_message_t *message, isc_buffer_t **bufferp, unsigned int options, /* * Render message. */ - result = dns_message_renderbegin(message, &cctx, buf1); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } - result = dns_message_rendersection(message, DNS_SECTION_QUESTION, 0); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } - result = dns_message_rendersection(message, DNS_SECTION_ANSWER, 0); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } - result = dns_message_rendersection(message, DNS_SECTION_AUTHORITY, 0); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } - result = dns_message_rendersection(message, DNS_SECTION_ADDITIONAL, 0); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } - result = dns_message_renderend(message); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(dns_message_renderbegin(message, &cctx, buf1)); + CHECK(dns_message_rendersection(message, DNS_SECTION_QUESTION, 0)); + CHECK(dns_message_rendersection(message, DNS_SECTION_ANSWER, 0)); + CHECK(dns_message_rendersection(message, DNS_SECTION_AUTHORITY, 0)); + CHECK(dns_message_rendersection(message, DNS_SECTION_ADDITIONAL, 0)); + CHECK(dns_message_renderend(message)); /* * Copy rendered message to exact sized buffer. */ isc_buffer_usedregion(buf1, &r); if ((options & DNS_REQUESTOPT_TCP) == 0 && r.length > 512) { - result = DNS_R_USETCP; - goto cleanup; + CHECK(DNS_R_USETCP); } isc_buffer_allocate(mctx, &buf2, r.length); - result = isc_buffer_copyregion(buf2, &r); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(isc_buffer_copyregion(buf2, &r)); /* * Cleanup and return. diff --git a/lib/dns/resconf.c b/lib/dns/resconf.c index 3b919170e1..9a31ddeb28 100644 --- a/lib/dns/resconf.c +++ b/lib/dns/resconf.c @@ -217,8 +217,7 @@ add_server(isc_mem_t *mctx, const char *address_str, address = isc_mem_get(mctx, sizeof(*address)); if (res->ai_addrlen > sizeof(address->type)) { isc_mem_put(mctx, address, sizeof(*address)); - result = ISC_R_RANGE; - goto cleanup; + CHECK(ISC_R_RANGE); } if (res->ai_family == AF_INET) { @@ -238,8 +237,7 @@ add_server(isc_mem_t *mctx, const char *address_str, isc_mem_put(mctx, address, sizeof(*address)); UNEXPECTED_ERROR("ai_family (%d) not INET nor INET6", res->ai_family); - result = ISC_R_UNEXPECTED; - goto cleanup; + CHECK(ISC_R_UNEXPECTED); } address->length = (unsigned int)res->ai_addrlen; diff --git a/lib/dns/resolver.c b/lib/dns/resolver.c index f79eb122ec..2d17165054 100644 --- a/lib/dns/resolver.c +++ b/lib/dns/resolver.c @@ -4524,10 +4524,7 @@ resume_qmin(void *arg) { fcount_decr(fctx); dns_name_copy(fname, fctx->domain); - result = fcount_incr(fctx, false); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(fcount_incr(fctx, false)); dns_name_copy(dcname, fctx->qmindcname); fctx->ns_ttl = fctx->nameservers.ttl; @@ -6314,10 +6311,7 @@ rctx_cachemessage(respctx_t *rctx) { { MSG_SECTION_FOREACH(message, section, name) { if (name->attributes.cache) { - result = rctx_cachename(rctx, message, name); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(rctx_cachename(rctx, message, name)); } } } @@ -6968,10 +6962,7 @@ resume_dslookup(void *arg) { fcount_decr(fctx); dns_name_copy(fctx->nsname, fctx->domain); - result = fcount_incr(fctx, false); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(fcount_incr(fctx, false)); /* Try again. */ fctx_try(fctx, true); @@ -7001,8 +6992,7 @@ resume_dslookup(void *arg) { * made. Interrupt the DS chasing process, returning SERVFAIL. */ if (dns_name_equal(fctx->nsname, fetch->private->domain)) { - result = DNS_R_SERVFAIL; - goto cleanup; + CHECK(DNS_R_SERVFAIL); } /* Get nameservers from fetch before we destroy it. */ @@ -10855,10 +10845,7 @@ dns_resolver_dumpquota(dns_resolver_t *res, isc_buffer_t *buf) { " spilled %" PRIuFAST32 ")", nb, count, allowed, dropped); - result = isc_buffer_reserve(buf, strlen(text)); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(isc_buffer_reserve(buf, strlen(text))); isc_buffer_putstr(buf, text); } if (result == ISC_R_NOMORE) { diff --git a/lib/dns/rootns.c b/lib/dns/rootns.c index 48bd1e1673..f672ea5d54 100644 --- a/lib/dns/rootns.c +++ b/lib/dns/rootns.c @@ -164,23 +164,11 @@ check_hints(dns_db_t *db) { dns_rdataset_init(&rootns); (void)dns_db_find(db, dns_rootname, NULL, dns_rdatatype_ns, 0, now, NULL, name, &rootns, NULL); - result = dns_db_createiterator(db, 0, &dbiter); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(dns_db_createiterator(db, 0, &dbiter)); DNS_DBITERATOR_FOREACH(dbiter) { - result = dns_dbiterator_current(dbiter, &node, name); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } - result = dns_db_allrdatasets(db, node, NULL, 0, now, &rdsiter); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } - result = check_node(&rootns, name, rdsiter); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(dns_dbiterator_current(dbiter, &node, name)); + CHECK(dns_db_allrdatasets(db, node, NULL, 0, now, &rdsiter)); + CHECK(check_node(&rootns, name, rdsiter)); dns_rdatasetiter_destroy(&rdsiter); dns_db_detachnode(&node); } @@ -212,21 +200,15 @@ dns_rootns_create(isc_mem_t *mctx, dns_rdataclass_t rdclass, REQUIRE(target != NULL && *target == NULL); - result = dns_db_create(mctx, ZONEDB_DEFAULT, dns_rootname, - dns_dbtype_zone, rdclass, 0, NULL, &db); - if (result != ISC_R_SUCCESS) { - goto failure; - } + CHECK(dns_db_create(mctx, ZONEDB_DEFAULT, dns_rootname, dns_dbtype_zone, + rdclass, 0, NULL, &db)); len = strlen(root_ns); isc_buffer_init(&source, root_ns, len); isc_buffer_add(&source, len); dns_rdatacallbacks_init(&callbacks); - result = dns_db_beginload(db, &callbacks); - if (result != ISC_R_SUCCESS) { - goto failure; - } + CHECK(dns_db_beginload(db, &callbacks)); if (filename != NULL) { /* * Load the hints from the specified filename. @@ -249,8 +231,8 @@ dns_rootns_create(isc_mem_t *mctx, dns_rdataclass_t rdclass, if (result == ISC_R_SUCCESS || result == DNS_R_SEENINCLUDE) { result = eresult; } - if (result != ISC_R_SUCCESS && result != DNS_R_SEENINCLUDE) { - goto failure; + if (result != DNS_R_SEENINCLUDE) { + CHECK(result); } if (check_hints(db) != ISC_R_SUCCESS) { isc_log_write(DNS_LOGCATEGORY_GENERAL, DNS_LOGMODULE_HINTS, @@ -260,7 +242,7 @@ dns_rootns_create(isc_mem_t *mctx, dns_rdataclass_t rdclass, *target = db; return ISC_R_SUCCESS; -failure: +cleanup: isc_log_write(DNS_LOGCATEGORY_GENERAL, DNS_LOGMODULE_HINTS, ISC_LOG_ERROR, "could not configure root hints from " diff --git a/lib/dns/rpz.c b/lib/dns/rpz.c index a1b7fe13d2..6004190b94 100644 --- a/lib/dns/rpz.c +++ b/lib/dns/rpz.c @@ -1738,10 +1738,7 @@ update_nodes(dns_rpz_zone_t *rpz, isc_ht_t *newnodes) { dns_rdatasetiter_t *rdsiter = NULL; dns_dbnode_t *node = NULL; - result = dns__rpz_shuttingdown(rpz->rpzs); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(dns__rpz_shuttingdown(rpz->rpzs)); result = dns_dbiterator_current(updbit, &node, name); if (result != ISC_R_SUCCESS) { @@ -1921,15 +1918,9 @@ update_rpz_cb(void *data) { isc_ht_init(&newnodes, rpz->rpzs->mctx, 1, ISC_HT_CASE_SENSITIVE); - result = update_nodes(rpz, newnodes); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(update_nodes(rpz, newnodes)); - result = cleanup_nodes(rpz); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(cleanup_nodes(rpz)); /* Finalize the update */ ISC_SWAP(rpz->nodes, newnodes); diff --git a/lib/dns/sdlz.c b/lib/dns/sdlz.c index 3852b06b1e..1393bc909a 100644 --- a/lib/dns/sdlz.c +++ b/lib/dns/sdlz.c @@ -990,21 +990,14 @@ modrdataset(dns_db_t *db, dns_dbnode_t *node, dns_dbversion_t *version, isc_buffer_allocate(mctx, &buffer, 1024); - result = dns_master_stylecreate(&style, 0, 0, 0, 0, 0, 0, 1, 0xffffffff, - mctx); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(dns_master_stylecreate(&style, 0, 0, 0, 0, 0, 0, 1, 0xffffffff, + mctx)); - result = dns_master_rdatasettotext(&sdlznode->name, rdataset, style, - NULL, buffer); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(dns_master_rdatasettotext(&sdlznode->name, rdataset, style, NULL, + buffer)); if (isc_buffer_usedlength(buffer) < 1) { - result = ISC_R_BADADDRESSFORM; - goto cleanup; + CHECK(ISC_R_BADADDRESSFORM); } rdatastr = isc_buffer_base(buffer); @@ -1654,10 +1647,7 @@ dns_sdlz_putrr(dns_sdlzlookup_t *lookup, const char *type, dns_ttl_t ttl, isc_buffer_constinit(&b, data, strlen(data)); isc_buffer_add(&b, strlen(data)); - result = isc_lex_openbuffer(lex, &b); - if (result != ISC_R_SUCCESS) { - goto failure; - } + CHECK(isc_lex_openbuffer(lex, &b)); rdatabuf = NULL; isc_buffer_allocate(mctx, &rdatabuf, size); @@ -1678,8 +1668,7 @@ dns_sdlz_putrr(dns_sdlzlookup_t *lookup, const char *type, dns_ttl_t ttl, } while (result == ISC_R_NOSPACE); if (result != ISC_R_SUCCESS) { - result = DNS_R_SERVFAIL; - goto failure; + CHECK(DNS_R_SERVFAIL); } ISC_LIST_APPEND(rdatalist->rdata, rdata, link); @@ -1691,7 +1680,7 @@ dns_sdlz_putrr(dns_sdlzlookup_t *lookup, const char *type, dns_ttl_t ttl, return ISC_R_SUCCESS; -failure: +cleanup: if (rdatabuf != NULL) { isc_buffer_free(&rdatabuf); } diff --git a/lib/dns/transport.c b/lib/dns/transport.c index 558473890a..a6acbf15dd 100644 --- a/lib/dns/transport.c +++ b/lib/dns/transport.c @@ -436,10 +436,7 @@ dns_transport_get_tlsctx(dns_transport_t *transport, const isc_sockaddr_t *peer, * parameters from the configuration file and try to * store it for further reuse. */ - result = isc_tlsctx_createclient(&tlsctx); - if (result != ISC_R_SUCCESS) { - goto failure; - } + CHECK(isc_tlsctx_createclient(&tlsctx)); tls_versions = dns_transport_get_tls_versions(transport); if (tls_versions != 0) { isc_tlsctx_set_protocols(tlsctx, tls_versions); @@ -475,12 +472,8 @@ dns_transport_get_tlsctx(dns_transport_t *transport, const isc_sockaddr_t *peer, * which case the store with system-wide * CA certificates will be created. */ - result = isc_tls_cert_store_create(ca_file, - &store); - - if (result != ISC_R_SUCCESS) { - goto failure; - } + CHECK(isc_tls_cert_store_create(ca_file, + &store)); } else { store = found_store; } @@ -503,12 +496,9 @@ dns_transport_get_tlsctx(dns_transport_t *transport, const isc_sockaddr_t *peer, * Only SubjectAltName must be checked. */ hostname_ignore_subject = true; - result = isc_tlsctx_enable_peer_verification( + CHECK(isc_tlsctx_enable_peer_verification( tlsctx, false, store, hostname, - hostname_ignore_subject); - if (result != ISC_R_SUCCESS) { - goto failure; - } + hostname_ignore_subject)); /* * Let's load client certificate and enable @@ -519,11 +509,8 @@ dns_transport_get_tlsctx(dns_transport_t *transport, const isc_sockaddr_t *peer, if (cert_file != NULL) { INSIST(key_file != NULL); - result = isc_tlsctx_load_certificate( - tlsctx, key_file, cert_file); - if (result != ISC_R_SUCCESS) { - goto failure; - } + CHECK(isc_tlsctx_load_certificate( + tlsctx, key_file, cert_file)); } } @@ -597,7 +584,7 @@ dns_transport_get_tlsctx(dns_transport_t *transport, const isc_sockaddr_t *peer, return ISC_R_SUCCESS; -failure: +cleanup: if (tlsctx != NULL) { isc_tlsctx_free(&tlsctx); } diff --git a/lib/dns/validator.c b/lib/dns/validator.c index ba62d9a344..555e65d6a9 100644 --- a/lib/dns/validator.c +++ b/lib/dns/validator.c @@ -445,8 +445,7 @@ fetch_callback_dnskey(void *arg) { dns_resolver_destroyfetch(&val->fetch); if (CANCELED(val) || CANCELING(val)) { - result = ISC_R_CANCELED; - goto cleanup; + CHECK(ISC_R_CANCELED); } if (trustchain) { @@ -541,8 +540,7 @@ fetch_callback_ds(void *arg) { dns_resolver_destroyfetch(&val->fetch); if (CANCELED(val) || CANCELING(val)) { - result = ISC_R_CANCELED; - goto cleanup; + CHECK(ISC_R_CANCELED); } if (trustchain) { @@ -650,8 +648,7 @@ validator_callback_dnskey(void *arg) { val->subvalidator = NULL; if (CANCELED(val) || CANCELING(val)) { - result = ISC_R_CANCELED; - goto cleanup; + CHECK(ISC_R_CANCELED); } validator_log(val, ISC_LOG_DEBUG(3), "in validator_callback_dnskey"); @@ -704,8 +701,7 @@ validator_callback_ds(void *arg) { val->subvalidator = NULL; if (CANCELED(val) || CANCELING(val)) { - result = ISC_R_CANCELED; - goto cleanup; + CHECK(ISC_R_CANCELED); } validator_log(val, ISC_LOG_DEBUG(3), "in validator_callback_ds"); @@ -769,8 +765,7 @@ validator_callback_cname(void *arg) { val->subvalidator = NULL; if (CANCELED(val) || CANCELING(val)) { - result = ISC_R_CANCELED; - goto cleanup; + CHECK(ISC_R_CANCELED); } validator_log(val, ISC_LOG_DEBUG(3), "in validator_callback_cname"); @@ -814,8 +809,7 @@ validator_callback_nsec(void *arg) { val->subvalidator = NULL; if (CANCELED(val) || CANCELING(val)) { - result = ISC_R_CANCELED; - goto cleanup; + CHECK(ISC_R_CANCELED); } validator_log(val, ISC_LOG_DEBUG(3), "in validator_callback_nsec"); @@ -1575,8 +1569,7 @@ validate_answer_iter_start(dns_validator_t *val) { val->attributes &= ~VALATTR_OFFLOADED; if (CANCELING(val)) { validator_cancel_finish(val); - result = ISC_R_CANCELED; - goto cleanup; + CHECK(ISC_R_CANCELED); } if (val->resume) { @@ -1607,8 +1600,7 @@ validate_answer_iter_next(void *arg) { val->attributes &= ~VALATTR_OFFLOADED; if (CANCELING(val)) { validator_cancel_finish(val); - result = ISC_R_CANCELED; - goto cleanup; + CHECK(ISC_R_CANCELED); } val->resume = false; @@ -1698,8 +1690,7 @@ validate_answer_process(void *arg) { val->attributes &= ~VALATTR_OFFLOADED; if (CANCELING(val)) { validator_cancel_finish(val); - result = ISC_R_CANCELED; - goto cleanup; + CHECK(ISC_R_CANCELED); } dns_rdata_reset(&val->rdata); @@ -1709,10 +1700,7 @@ validate_answer_process(void *arg) { val->siginfo = isc_mem_get(val->view->mctx, sizeof(*val->siginfo)); } - result = dns_rdata_tostruct(&val->rdata, val->siginfo, NULL); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(dns_rdata_tostruct(&val->rdata, val->siginfo, NULL)); /* * At this point we could check that the signature algorithm @@ -1760,7 +1748,6 @@ validate_answer_process(void *arg) { next_key: result = validate_async_run(val, validate_answer_iter_next); - goto cleanup; cleanup: validate_async_done(val, result); @@ -2256,8 +2243,7 @@ validate_dnskey(void *arg) { dns_rdata_ds_t ds; if (CANCELED(val) || CANCELING(val)) { - result = ISC_R_CANCELED; - goto cleanup; + CHECK(ISC_R_CANCELED); } /* @@ -2292,8 +2278,7 @@ validate_dnskey(void *arg) { validator_log(val, ISC_LOG_DEBUG(3), "no trusted root key"); } - result = DNS_R_NOVALIDSIG; - goto cleanup; + CHECK(DNS_R_NOVALIDSIG); } /* @@ -3587,8 +3572,7 @@ validator_start(void *arg) { isc_result_t result = ISC_R_FAILURE; if (CANCELED(val) || CANCELING(val)) { - result = ISC_R_CANCELED; - goto cleanup; + CHECK(ISC_R_CANCELED); } validator_log(val, ISC_LOG_DEBUG(3), "starting"); diff --git a/lib/dns/view.c b/lib/dns/view.c index 47c4fed0dd..bca4c3a7ab 100644 --- a/lib/dns/view.c +++ b/lib/dns/view.c @@ -1075,8 +1075,7 @@ dns_view_findzonecut(dns_view_t *view, const dns_name_t *name, try_hints = true; goto finish; } else { - result = DNS_R_NXDOMAIN; - goto cleanup; + CHECK(DNS_R_NXDOMAIN); } } else if (result != ISC_R_SUCCESS) { /* @@ -2125,8 +2124,7 @@ dns_view_addtrustedkey(dns_view_t *view, dns_rdatatype_t rdtype, REQUIRE(view->rdclass == dns_rdataclass_in); if (rdtype != dns_rdatatype_dnskey && rdtype != dns_rdatatype_ds) { - result = ISC_R_NOTIMPLEMENTED; - goto cleanup; + CHECK(ISC_R_NOTIMPLEMENTED); } isc_buffer_init(&b, rdatabuf, sizeof(rdatabuf)); diff --git a/lib/dns/zone.c b/lib/dns/zone.c index 562d8d132b..26e0894501 100644 --- a/lib/dns/zone.c +++ b/lib/dns/zone.c @@ -2339,8 +2339,7 @@ zone_load(dns_zone_t *zone, unsigned int flags, bool locked) { if ((flags & DNS_ZONELOADFLAG_THAW) != 0) { DNS_ZONE_SETFLAG(zone, DNS_ZONEFLG_THAW); } - result = ISC_R_LOADING; - goto cleanup; + CHECK(ISC_R_LOADING); } INSIST(zone->db_argc >= 1); @@ -2404,8 +2403,7 @@ zone_load(dns_zone_t *zone, unsigned int flags, bool locked) { ISC_LOG_DEBUG(1), "skipping load: master file " "older than last load"); - result = DNS_R_UPTODATE; - goto cleanup; + CHECK(DNS_R_UPTODATE); } /* @@ -2455,8 +2453,7 @@ zone_load(dns_zone_t *zone, unsigned int flags, bool locked) { "DLZ %s does not exist or is set " "to 'search yes;'", zone->db_argv[1]); - result = ISC_R_NOTFOUND; - goto cleanup; + CHECK(ISC_R_NOTFOUND); } ZONEDB_LOCK(&zone->dblock, isc_rwlocktype_write); @@ -2847,21 +2844,15 @@ zone_startload(dns_db_t *db, dns_zone_t *zone, isc_time_t loadtime) { load->callbacks.rawdata = zone_setrawdata; zone_iattach(zone, &load->callbacks.zone); - result = dns_db_beginload(db, &load->callbacks); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(dns_db_beginload(db, &load->callbacks)); if (zone->zmgr != NULL && zone->db != NULL) { - result = dns_master_loadfileasync( + CHECK(dns_master_loadfileasync( zone->masterfile, dns_db_origin(db), dns_db_origin(db), zone->rdclass, options, 0, &load->callbacks, zone->loop, zone_loaddone, load, &zone->loadctx, zone_registerinclude, zone, zone->mctx, - zone->masterformat, zone->maxttl); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } + zone->masterformat, zone->maxttl)); return DNS_R_CONTINUE; } else if (zone->stream != NULL) { @@ -3470,10 +3461,7 @@ integrity_checks(dns_zone_t *zone, dns_db_t *db) { } DNS_DBITERATOR_FOREACH(dbiterator) { - result = dns_dbiterator_current(dbiterator, &node, name); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(dns_dbiterator_current(dbiterator, &node, name)); /* * Is this name visible in the zone? @@ -3857,18 +3845,12 @@ zone_check_dnskeys(dns_zone_t *zone, dns_db_t *db) { bool logged_algorithm[DST_MAX_ALGS] = { 0 }; bool alldeprecated = true; - result = dns_db_findnode(db, &zone->origin, false, &node); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(dns_db_findnode(db, &zone->origin, false, &node)); dns_db_currentversion(db, &version); dns_rdataset_init(&rdataset); - result = dns_db_findrdataset(db, node, version, dns_rdatatype_dnskey, - dns_rdatatype_none, 0, &rdataset, NULL); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(dns_db_findrdataset(db, node, version, dns_rdatatype_dnskey, + dns_rdatatype_none, 0, &rdataset, NULL)); DNS_RDATASET_FOREACH(&rdataset) { char algbuf[DNS_SECALG_FORMATSIZE]; @@ -3972,10 +3954,7 @@ resume_signingwithkey(dns_zone_t *zone) { goto cleanup; } - result = dns_db_findnode(db, &zone->origin, false, &node); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(dns_db_findnode(db, &zone->origin, false, &node)); dns_db_currentversion(db, &version); dns_rdataset_init(&rdataset); @@ -4240,10 +4219,7 @@ resume_addnsec3chain(dns_zone_t *zone) { goto cleanup; } - result = dns_db_findnode(db, &zone->origin, false, &node); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(dns_db_findnode(db, &zone->origin, false, &node)); dns_db_currentversion(db, &version); @@ -5332,10 +5308,7 @@ zone_postload(dns_zone_t *zone, dns_db_t *db, isc_time_t loadtime, * a sane starting point.) */ if (noprimary && zone->type == dns_zone_key) { - result = add_soa(zone, db); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(add_soa(zone, db)); } /* @@ -5345,11 +5318,8 @@ zone_postload(dns_zone_t *zone, dns_db_t *db, isc_time_t loadtime, !DNS_ZONE_OPTION(zone, DNS_ZONEOPT_NOMERGE) && !DNS_ZONE_FLAG(zone, DNS_ZONEFLG_LOADED)) { - result = zone_journal_rollforward(zone, db, &needdump, - &fixjournal); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(zone_journal_rollforward(zone, db, &needdump, + &fixjournal)); } /* @@ -5447,30 +5417,24 @@ zone_postload(dns_zone_t *zone, dns_db_t *db, isc_time_t loadtime, goto cleanup; } if (zone->type == dns_zone_primary && errors != 0) { - result = DNS_R_BADZONE; - goto cleanup; + CHECK(DNS_R_BADZONE); } if (zone->type != dns_zone_stub && zone->type != dns_zone_redirect) { - result = check_nsec3param(zone, db); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(check_nsec3param(zone, db)); } if (zone->type == dns_zone_primary && DNS_ZONE_OPTION(zone, DNS_ZONEOPT_CHECKINTEGRITY) && !integrity_checks(zone, db)) { - result = DNS_R_BADZONE; - goto cleanup; + CHECK(DNS_R_BADZONE); } if (zone->type == dns_zone_primary && DNS_ZONE_OPTION(zone, DNS_ZONEOPT_CHECKDUPRR) && !zone_check_dup(zone, db)) { - result = DNS_R_BADZONE; - goto cleanup; + CHECK(DNS_R_BADZONE); } if (zone->type == dns_zone_primary) { @@ -5488,14 +5452,10 @@ zone_postload(dns_zone_t *zone, dns_db_t *db, isc_time_t loadtime, dns_zone_log(zone, ISC_LOG_ERROR, "'log-report-channel' is set, but no " "'*._er/TXT' wildcard found"); - result = DNS_R_BADZONE; - goto cleanup; + CHECK(DNS_R_BADZONE); } - result = dns_zone_verifydb(zone, db, NULL); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(dns_zone_verifydb(zone, db, NULL)); if (zone->db != NULL) { unsigned int oldsoacount; @@ -5538,8 +5498,7 @@ zone_postload(dns_zone_t *zone, dns_db_t *db, isc_time_t loadtime, "new serial (%u) out of range " "[%u - %u]", serial, serialmin, serialmax); - result = DNS_R_BADZONE; - goto cleanup; + CHECK(DNS_R_BADZONE); } else if (!isc_serial_ge(serial, oldserial)) { dns_zone_logc(zone, DNS_LOGCATEGORY_ZONELOAD, ISC_LOG_ERROR, @@ -5624,8 +5583,7 @@ zone_postload(dns_zone_t *zone, dns_db_t *db, isc_time_t loadtime, default: UNEXPECTED_ERROR("unexpected zone type %d", zone->type); - result = ISC_R_UNEXPECTED; - goto cleanup; + CHECK(ISC_R_UNEXPECTED); } /* @@ -14282,8 +14240,7 @@ again: } break; default: - result = ISC_R_NOTIMPLEMENTED; - goto cleanup; + CHECK(ISC_R_NOTIMPLEMENTED); } /* @@ -16944,15 +16901,9 @@ copy_non_dnssec_records(dns_db_t *db, dns_dbversion_t *version, dns_db_t *rawdb, dns_dbiterator_pause(dbiterator); - result = dns_db_findnode(db, name, true, &node); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(dns_db_findnode(db, name, true, &node)); - result = dns_db_allrdatasets(rawdb, rawnode, NULL, 0, 0, &rdsit); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(dns_db_allrdatasets(rawdb, rawnode, NULL, 0, 0, &rdsit)); DNS_RDATASETITER_FOREACH(rdsit) { dns_rdataset_t rdataset = DNS_RDATASET_INIT; @@ -18442,15 +18393,11 @@ dns_zone_forwardupdate(dns_zone_t *zone, dns_message_t *msg, mr = dns_message_getrawmessage(msg); if (mr == NULL) { - result = ISC_R_UNEXPECTEDEND; - goto cleanup; + CHECK(ISC_R_UNEXPECTEDEND); } isc_buffer_allocate(zone->mctx, &forward->msgbuf, mr->length); - result = isc_buffer_copyregion(forward->msgbuf, mr); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(isc_buffer_copyregion(forward->msgbuf, mr)); isc_mem_attach(zone->mctx, &forward->mctx); dns_zone_iattach(zone, &forward->zone); @@ -19028,15 +18975,9 @@ zone_saveunique(dns_zone_t *zone, const char *path, const char *templat) { buf = isc_mem_get(zone->mctx, buflen); - result = isc_file_template(path, templat, buf, buflen); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(isc_file_template(path, templat, buf, buflen)); - result = isc_file_renameunique(path, buf); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(isc_file_renameunique(path, buf)); dns_zone_log(zone, ISC_LOG_WARNING, "unable to load from '%s'; " @@ -19688,8 +19629,7 @@ zone_signwithkey(dns_zone_t *zone, dst_algorithm_t algorithm, uint16_t keyid, ZONEDB_UNLOCK(&zone->dblock, isc_rwlocktype_read); if (db == NULL) { - result = ISC_R_NOTFOUND; - goto cleanup; + CHECK(ISC_R_NOTFOUND); } dns_db_attach(db, &signing->db); @@ -20692,8 +20632,7 @@ checkds_send_toaddr(void *arg) { checkds->zone->view->requestmgr == NULL || checkds->zone->db == NULL) { - result = ISC_R_CANCELED; - goto cleanup; + CHECK(ISC_R_CANCELED); } /* @@ -20707,8 +20646,7 @@ checkds_send_toaddr(void *arg) { dns_zone_log(checkds->zone, ISC_LOG_DEBUG(3), "checkds: ignoring IPv6 mapped IPV4 address: %s", addrbuf); - result = ISC_R_CANCELED; - goto cleanup; + CHECK(ISC_R_CANCELED); } checkds_createmessage(checkds->zone, &message); @@ -20843,10 +20781,7 @@ checkds_send_tons(dns_checkds_t *checkds) { } newcheckds = NULL; - result = checkds_create(checkds->mctx, 0, &newcheckds); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(checkds_create(checkds->mctx, 0, &newcheckds)); zone_iattach(zone, &newcheckds->zone); ISC_LIST_APPEND(newcheckds->zone->checkds_requests, newcheckds, link); @@ -20868,13 +20803,10 @@ checkds_send_tons(dns_checkds_t *checkds) { * publicly available on the default transport protocol. */ - result = isc_ratelimiter_enqueue( - newcheckds->zone->zmgr->checkdsrl, - newcheckds->zone->loop, checkds_send_toaddr, newcheckds, - &newcheckds->rlevent); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(isc_ratelimiter_enqueue(newcheckds->zone->zmgr->checkdsrl, + newcheckds->zone->loop, + checkds_send_toaddr, newcheckds, + &newcheckds->rlevent)); newcheckds = NULL; } @@ -21107,10 +21039,7 @@ nsfetch_done(dns_zonefetch_t *fetch, isc_result_t eresult) { return DNS_R_CONTINUE; } - result = dns_zonefetch_verify(fetch, eresult, dns_trust_secure); - if (result != ISC_R_SUCCESS) { - goto done; - } + CHECK(dns_zonefetch_verify(fetch, eresult, dns_trust_secure)); /* Record the number of NS records we found. */ zone->parent_nscount = dns_rdataset_count(nsrrset); @@ -21163,7 +21092,7 @@ nsfetch_done(dns_zonefetch_t *fetch, isc_result_t eresult) { LOCK_ZONE(zone); -done: +cleanup: if (result != ISC_R_SUCCESS) { dnssec_log( zone, ISC_LOG_ERROR, @@ -22407,8 +22336,7 @@ dns_zone_cdscheck(dns_zone_t *zone, dns_db_t *db, dns_dbversion_t *version) { &crdata, &dnskey, &rdata); if (result != ISC_R_SUCCESS) { - result = DNS_R_BADCDS; - goto cleanup; + CHECK(DNS_R_BADCDS); } CHECK(dns_rdata_tostruct(&rdata, &structdnskey, NULL)); diff --git a/lib/dns/zoneverify.c b/lib/dns/zoneverify.c index 2451c2bcdf..95695c01eb 100644 --- a/lib/dns/zoneverify.c +++ b/lib/dns/zoneverify.c @@ -1486,11 +1486,7 @@ check_dnskey_sigs(vctx_t *vctx, const dns_rdata_dnskey_t *dnskey, * is NULL, then we have neither a DNSKEY nor a DS format * trust anchor, and can give up. */ - result = dns_keytable_find(vctx->secroots, vctx->origin, &keynode); - if (result != ISC_R_SUCCESS) { - /* No such trust anchor */ - goto cleanup; - } + CHECK(dns_keytable_find(vctx->secroots, vctx->origin, &keynode)); /* * If the keynode has any DS format trust anchors, that means diff --git a/lib/isc/interfaceiter.c b/lib/isc/interfaceiter.c index cd03dbf91c..babe1ec21b 100644 --- a/lib/isc/interfaceiter.c +++ b/lib/isc/interfaceiter.c @@ -170,8 +170,7 @@ isc_interfaceiter_create(isc_mem_t *mctx, isc_interfaceiter_t **iterp) { strerror_r(errno, strbuf, sizeof(strbuf)); UNEXPECTED_ERROR("getting interface addresses: getifaddrs: %s", strbuf); - result = ISC_R_UNEXPECTED; - goto failure; + CHECK(ISC_R_UNEXPECTED); } /* @@ -185,7 +184,7 @@ isc_interfaceiter_create(isc_mem_t *mctx, isc_interfaceiter_t **iterp) { *iterp = iter; return ISC_R_SUCCESS; -failure: +cleanup: if (iter->ifaddrs != NULL) { /* just in case */ freeifaddrs(iter->ifaddrs); } diff --git a/lib/isc/netmgr/tcp.c b/lib/isc/netmgr/tcp.c index 694286aebd..d67171b188 100644 --- a/lib/isc/netmgr/tcp.c +++ b/lib/isc/netmgr/tcp.c @@ -720,15 +720,11 @@ isc__nm_tcp_read(isc_nmhandle_t *handle, isc_nm_recv_cb_t cb, void *cbarg) { } if (isc__nmsocket_closing(sock)) { - result = ISC_R_CANCELED; - goto failure; + CHECK(ISC_R_CANCELED); } if (!sock->reading_throttled) { - result = isc__nm_start_reading(sock); - if (result != ISC_R_SUCCESS) { - goto failure; - } + CHECK(isc__nm_start_reading(sock)); } sock->reading = true; @@ -738,7 +734,7 @@ isc__nm_tcp_read(isc_nmhandle_t *handle, isc_nm_recv_cb_t cb, void *cbarg) { } return; -failure: +cleanup: isc__nm_tcp_failed_read_cb(sock, result, true); } @@ -916,15 +912,14 @@ accept_connection(isc_nmsocket_t *csock) { * isc__nm_tcp_close() can't handle uninitalized TCP nmsocket. */ if (isc__nmsocket_closing(csock)) { - result = ISC_R_CANCELED; - goto failure; + CHECK(ISC_R_CANCELED); } r = uv_accept(&csock->server->uv_handle.stream, &csock->uv_handle.stream); if (r != 0) { result = isc_uverr2result(r); - goto failure; + goto cleanup; } /* Check if the connection is not expired */ @@ -941,8 +936,7 @@ accept_connection(isc_nmsocket_t *csock) { * it has expired. We cannot do anything better than * drop it on the floor at this point. */ - result = ISC_R_TIMEDOUT; - goto failure; + CHECK(ISC_R_TIMEDOUT); } else { /* Adjust the initial read timeout accordingly */ csock->read_timeout -= time_elapsed_ms; @@ -953,33 +947,26 @@ accept_connection(isc_nmsocket_t *csock) { &(int){ sizeof(ss) }); if (r != 0) { result = isc_uverr2result(r); - goto failure; + goto cleanup; } - result = isc_sockaddr_fromsockaddr(&csock->peer, - (struct sockaddr *)&ss); - if (result != ISC_R_SUCCESS) { - goto failure; - } + CHECK(isc_sockaddr_fromsockaddr(&csock->peer, (struct sockaddr *)&ss)); r = uv_tcp_getsockname(&csock->uv_handle.tcp, (struct sockaddr *)&ss, &(int){ sizeof(ss) }); if (r != 0) { result = isc_uverr2result(r); - goto failure; + goto cleanup; } - result = isc_sockaddr_fromsockaddr(&local, (struct sockaddr *)&ss); - if (result != ISC_R_SUCCESS) { - goto failure; - } + CHECK(isc_sockaddr_fromsockaddr(&local, (struct sockaddr *)&ss)); handle = isc__nmhandle_get(csock, NULL, &local); result = csock->accept_cb(handle, ISC_R_SUCCESS, csock->accept_cbarg); if (result != ISC_R_SUCCESS) { isc_nmhandle_detach(&handle); - goto failure; + goto cleanup; } csock->accepting = false; @@ -1001,7 +988,7 @@ accept_connection(isc_nmsocket_t *csock) { return ISC_R_SUCCESS; -failure: +cleanup: csock->active = false; csock->accepting = false; diff --git a/lib/isccfg/aclconf.c b/lib/isccfg/aclconf.c index 8076c82971..8dfb769606 100644 --- a/lib/isccfg/aclconf.c +++ b/lib/isccfg/aclconf.c @@ -699,8 +699,7 @@ cfg_acl_fromconfig(const cfg_obj_t *acl_data, const cfg_obj_t *cctx, transports = isc_nm_httpsocket; encrypted = false; } else { - result = ISC_R_FAILURE; - goto cleanup; + CHECK(ISC_R_FAILURE); } } @@ -762,11 +761,8 @@ cfg_acl_fromconfig(const cfg_obj_t *acl_data, const cfg_obj_t *cctx, * the nestedacl element, not the iptable entry. */ setpos = (nest_level != 0 || !neg); - result = dns_iptable_addprefix(iptab, &addr, bitlen, - setpos); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(dns_iptable_addprefix(iptab, &addr, bitlen, + setpos)); if (nest_level > 0) { INSIST(dacl->length < dacl->alloc); @@ -785,11 +781,8 @@ cfg_acl_fromconfig(const cfg_obj_t *acl_data, const cfg_obj_t *cctx, if (inneracl != NULL) { dns_acl_detach(&inneracl); } - result = cfg_acl_fromconfig(ce, cctx, ctx, mctx, - new_nest_level, &inneracl); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(cfg_acl_fromconfig(ce, cctx, ctx, mctx, + new_nest_level, &inneracl)); nested_acl: if (nest_level > 0 || inneracl->has_negatives) { INSIST(dacl->length < dacl->alloc); @@ -822,19 +815,13 @@ cfg_acl_fromconfig(const cfg_obj_t *acl_data, const cfg_obj_t *cctx, de->type = dns_aclelementtype_keyname; de->negative = neg; dns_name_init(&de->keyname); - result = convert_keyname(ce, mctx, &de->keyname); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(convert_keyname(ce, mctx, &de->keyname)); #if defined(HAVE_GEOIP2) } else if (cfg_obj_istuple(ce) && cfg_obj_isvoid(cfg_tuple_get(ce, "negated"))) { INSIST(dacl->length < dacl->alloc); - result = parse_geoip_element(ce, ctx, de); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(parse_geoip_element(ce, ctx, de)); de->type = dns_aclelementtype_geoip; de->negative = neg; #endif /* HAVE_GEOIP2 */ @@ -844,11 +831,8 @@ cfg_acl_fromconfig(const cfg_obj_t *acl_data, const cfg_obj_t *cctx, if (strcasecmp(name, "any") == 0) { /* Iptable entry with zero bit length. */ setpos = (nest_level != 0 || !neg); - result = dns_iptable_addprefix(iptab, NULL, 0, - setpos); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(dns_iptable_addprefix(iptab, NULL, 0, + setpos)); if (nest_level != 0) { INSIST(dacl->length < dacl->alloc); @@ -866,11 +850,8 @@ cfg_acl_fromconfig(const cfg_obj_t *acl_data, const cfg_obj_t *cctx, * "!none;". */ setpos = (nest_level != 0 || neg); - result = dns_iptable_addprefix(iptab, NULL, 0, - setpos); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(dns_iptable_addprefix(iptab, NULL, 0, + setpos)); if (!neg) { dacl->has_negatives = !neg; @@ -899,12 +880,9 @@ cfg_acl_fromconfig(const cfg_obj_t *acl_data, const cfg_obj_t *cctx, * This call should just find the cached * of the named acl. */ - result = convert_named_acl(ce, cctx, ctx, mctx, - new_nest_level, - &inneracl); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(convert_named_acl(ce, cctx, ctx, mctx, + new_nest_level, + &inneracl)); goto nested_acl; } @@ -912,8 +890,7 @@ cfg_acl_fromconfig(const cfg_obj_t *acl_data, const cfg_obj_t *cctx, cfg_obj_log(ce, ISC_LOG_WARNING, "address match list contains " "unsupported element type"); - result = ISC_R_FAILURE; - goto cleanup; + CHECK(ISC_R_FAILURE); } /* diff --git a/lib/isccfg/check.c b/lib/isccfg/check.c index 59d73b3030..8a64bbf242 100644 --- a/lib/isccfg/check.c +++ b/lib/isccfg/check.c @@ -2892,10 +2892,7 @@ check_recursion(const cfg_obj_t *config, const cfg_obj_t *voptions, result = cfg_map_get(goptions, "allow-recursion", &obj); } if (result == ISC_R_SUCCESS) { - result = cfg_acl_fromconfig(obj, config, aclctx, mctx, 0, &acl); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(cfg_acl_fromconfig(obj, config, aclctx, mctx, 0, &acl)); retval = !dns_acl_isnone(acl); } @@ -4913,12 +4910,12 @@ check_trust_anchor(const cfg_obj_t *key, unsigned int *flagsp) { "key '%s': " "invalid initialization method '%s'", namestr, atstr); - result = ISC_R_FAILURE; /* * We can't interpret the trust anchor, so * we skip all other checks. */ - goto cleanup; + CHECK(ISC_R_FAILURE); + UNREACHABLE(); } switch (anchortype) { diff --git a/lib/isccfg/kaspconf.c b/lib/isccfg/kaspconf.c index 3c22689977..3a42da1997 100644 --- a/lib/isccfg/kaspconf.c +++ b/lib/isccfg/kaspconf.c @@ -131,12 +131,9 @@ cfg_kaspkey_fromconfig(const cfg_obj_t *config, dns_kasp_t *kasp, key->lifetime = 0; /* unlimited */ key->algorithm = DST_ALG_ECDSA256; key->length = -1; - result = dns_keystorelist_find(keystorelist, - DNS_KEYSTORE_KEYDIRECTORY, - &key->keystore); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(dns_keystorelist_find(keystorelist, + DNS_KEYSTORE_KEYDIRECTORY, + &key->keystore)); } else { const char *rolestr = NULL; const char *keydir = NULL; @@ -158,8 +155,7 @@ cfg_kaspkey_fromconfig(const cfg_obj_t *config, dns_kasp_t *kasp, "allowed when offline-ksk " "is enabled"); } - result = ISC_R_FAILURE; - goto cleanup; + CHECK(ISC_R_FAILURE); } key->role |= DNS_KASP_KEY_ROLE_KSK; key->role |= DNS_KASP_KEY_ROLE_ZSK; @@ -181,16 +177,14 @@ cfg_kaspkey_fromconfig(const cfg_obj_t *config, dns_kasp_t *kasp, "not exist", keydir); } - result = ISC_R_FAILURE; - goto cleanup; + CHECK(ISC_R_FAILURE); } else if (result != ISC_R_SUCCESS) { if (log_errors) { cfg_obj_log(obj, ISC_LOG_ERROR, "dnssec-policy: bad keystore %s", keydir); } - result = ISC_R_FAILURE; - goto cleanup; + CHECK(ISC_R_FAILURE); } INSIST(key->keystore != NULL); @@ -227,8 +221,7 @@ cfg_kaspkey_fromconfig(const cfg_obj_t *config, dns_kasp_t *kasp, "takes to " "do a rollover"); } - result = ISC_R_FAILURE; - goto cleanup; + CHECK(ISC_R_FAILURE); } } @@ -243,8 +236,7 @@ cfg_kaspkey_fromconfig(const cfg_obj_t *config, dns_kasp_t *kasp, "dnssec-policy: bad algorithm %s", alg.base); } - result = DNS_R_BADALG; - goto cleanup; + CHECK(DNS_R_BADALG); } if (check_algorithms && isc_crypto_fips_mode() && (key->algorithm == DST_ALG_RSASHA1 || @@ -257,8 +249,7 @@ cfg_kaspkey_fromconfig(const cfg_obj_t *config, dns_kasp_t *kasp, "in FIPS mode", alg.base); } - result = DNS_R_BADALG; - goto cleanup; + CHECK(DNS_R_BADALG); } if (check_algorithms && @@ -270,8 +261,7 @@ cfg_kaspkey_fromconfig(const cfg_obj_t *config, dns_kasp_t *kasp, "supported", alg.base); } - result = DNS_R_BADALG; - goto cleanup; + CHECK(DNS_R_BADALG); } switch (key->algorithm) { @@ -316,8 +306,7 @@ cfg_kaspkey_fromconfig(const cfg_obj_t *config, dns_kasp_t *kasp, "key length %u", alg.base, size); } - result = ISC_R_RANGE; - goto cleanup; + CHECK(ISC_R_RANGE); } break; case DST_ALG_ECDSA256: @@ -351,8 +340,7 @@ cfg_kaspkey_fromconfig(const cfg_obj_t *config, dns_kasp_t *kasp, "dnssec-policy: tag-min " "too big"); } - result = ISC_R_RANGE; - goto cleanup; + CHECK(ISC_R_RANGE); } obj = cfg_tuple_get(tagrange, "tag-max"); tag_max = cfg_obj_asuint32(obj); @@ -362,8 +350,7 @@ cfg_kaspkey_fromconfig(const cfg_obj_t *config, dns_kasp_t *kasp, "dnssec-policy: tag-max " "too big"); } - result = ISC_R_RANGE; - goto cleanup; + CHECK(ISC_R_RANGE); } if (tag_min >= tag_max) { if (log_errors) { @@ -371,8 +358,7 @@ cfg_kaspkey_fromconfig(const cfg_obj_t *config, dns_kasp_t *kasp, "dnssec-policy: tag-min >= " "tag_max"); } - result = ISC_R_RANGE; - goto cleanup; + CHECK(ISC_R_RANGE); } key->tag_min = tag_min; key->tag_max = tag_max; @@ -688,11 +674,8 @@ cfg_kasp_fromconfig(const cfg_obj_t *config, dns_kasp_t *default_kasp, (void)confget(maps, "cds-digest-types", &cds); if (cds != NULL) { CFG_LIST_FOREACH(cds, element) { - result = add_digest(kasp, cfg_listelt_value(element), - log_errors); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(add_digest(kasp, cfg_listelt_value(element), + log_errors)); } } else { dns_kasp_adddigest(kasp, DNS_DSDIGEST_SHA256); @@ -852,10 +835,7 @@ cfg_kasp_fromconfig(const cfg_obj_t *config, dns_kasp_t *default_kasp, } } else { dns_kasp_setnsec3(kasp, true); - result = cfg_nsec3param_fromconfig(nsec3, kasp, log_errors); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(cfg_nsec3param_fromconfig(nsec3, kasp, log_errors)); } /* Append it to the list for future lookups. */ @@ -941,12 +921,9 @@ cfg_kasp_builtinconfig(isc_mem_t *mctx, const char *name, new_key->lifetime = 0; new_key->algorithm = DST_ALG_ECDSA256; new_key->length = 256; - result = dns_keystorelist_find(keystorelist, - DNS_KEYSTORE_KEYDIRECTORY, - &new_key->keystore); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(dns_keystorelist_find(keystorelist, + DNS_KEYSTORE_KEYDIRECTORY, + &new_key->keystore)); dns_kasp_addkey(kasp, new_key); } diff --git a/lib/isccfg/namedconf.c b/lib/isccfg/namedconf.c index 0d12b7d624..bbc4d4f100 100644 --- a/lib/isccfg/namedconf.c +++ b/lib/isccfg/namedconf.c @@ -1802,8 +1802,7 @@ parse_dtout(cfg_parser_t *pctx, const cfg_type_t *type, cfg_obj_t **ret) { } else { cfg_parser_error(pctx, CFG_LOG_NEAR, "unexpected token"); - result = ISC_R_UNEXPECTEDTOKEN; - goto cleanup; + CHECK(ISC_R_UNEXPECTEDTOKEN); } } else { break; @@ -1975,8 +1974,7 @@ cfg_parse_kv_tuple(cfg_parser_t *pctx, const cfg_type_t *type, if (f->name == NULL) { cfg_parser_error(pctx, 0, "unexpected '%s'", TOKEN_STRING(pctx)); - result = ISC_R_UNEXPECTEDTOKEN; - goto cleanup; + CHECK(ISC_R_UNEXPECTEDTOKEN); } if (obj->value.tuple[fn] == NULL && strcasecmp(f->name, TOKEN_STRING(pctx)) == 0) @@ -3164,8 +3162,7 @@ parse_sizeval(cfg_parser_t *pctx, const cfg_type_t *type, cfg_obj_t **ret) { CHECK(cfg_gettoken(pctx, 0)); if (pctx->token.type != isc_tokentype_string) { - result = ISC_R_UNEXPECTEDTOKEN; - goto cleanup; + CHECK(ISC_R_UNEXPECTEDTOKEN); } CHECK(parse_unitstring(TOKEN_STRING(pctx), &val)); @@ -3194,8 +3191,7 @@ parse_sizeval_percent(cfg_parser_t *pctx, const cfg_type_t *type, CHECK(cfg_gettoken(pctx, 0)); if (pctx->token.type != isc_tokentype_string) { - result = ISC_R_UNEXPECTEDTOKEN; - goto cleanup; + CHECK(ISC_R_UNEXPECTEDTOKEN); } percent = strtoull(TOKEN_STRING(pctx), &endp, 10); @@ -3348,8 +3344,7 @@ parse_maybe_optional_keyvalue(cfg_parser_t *pctx, const cfg_type_t *type, } else { cfg_parser_error(pctx, CFG_LOG_NEAR, "expected '%s'", kw->name); - result = ISC_R_UNEXPECTEDTOKEN; - goto cleanup; + CHECK(ISC_R_UNEXPECTEDTOKEN); } } diff --git a/lib/isccfg/parser.c b/lib/isccfg/parser.c index 0c6a6f5694..8385767c6d 100644 --- a/lib/isccfg/parser.c +++ b/lib/isccfg/parser.c @@ -1335,8 +1335,7 @@ cfg_parse_duration(cfg_parser_t *pctx, const cfg_type_t *type ISC_ATTR_UNUSED, CHECK(cfg_gettoken(pctx, 0)); if (pctx->token.type != isc_tokentype_string) { - result = ISC_R_UNEXPECTEDTOKEN; - goto cleanup; + CHECK(ISC_R_UNEXPECTEDTOKEN); } return parse_duration(pctx, ret); @@ -1357,8 +1356,7 @@ cfg_parse_duration_or_unlimited(cfg_parser_t *pctx, CHECK(cfg_gettoken(pctx, 0)); if (pctx->token.type != isc_tokentype_string) { - result = ISC_R_UNEXPECTEDTOKEN; - goto cleanup; + CHECK(ISC_R_UNEXPECTEDTOKEN); } if (strcmp(TOKEN_STRING(pctx), "unlimited") == 0) { @@ -3008,8 +3006,7 @@ parse_token(cfg_parser_t *pctx, const cfg_type_t *type ISC_ATTR_UNUSED, CHECK(cfg_gettoken(pctx, CFG_LEXOPT_QSTRING)); if (pctx->token.type == isc_tokentype_eof) { cfg_ungettoken(pctx); - result = ISC_R_EOF; - goto cleanup; + CHECK(ISC_R_EOF); } isc_lex_getlasttokentext(pctx->lexer, &pctx->token, &r); @@ -3064,8 +3061,7 @@ parse_unsupported(cfg_parser_t *pctx, const cfg_type_t *type, cfg_obj_t **ret) { if (pctx->token.type == isc_tokentype_eof || braces < 0) { cfg_parser_error(pctx, CFG_LOG_NEAR, "unexpected token"); - result = ISC_R_UNEXPECTEDTOKEN; - goto cleanup; + CHECK(ISC_R_UNEXPECTEDTOKEN); } CHECK(cfg_parse_listelt(pctx, listobj, &cfg_type_token, &elt)); @@ -3514,25 +3510,21 @@ parse_sockaddrsub(cfg_parser_t *pctx, const cfg_type_t *type, int flags, if (have_address != 1) { cfg_parser_error(pctx, 0, "expected exactly one address"); - result = ISC_R_UNEXPECTEDTOKEN; - goto cleanup; + CHECK(ISC_R_UNEXPECTEDTOKEN); } if (!is_port_ok && have_port > 0) { cfg_parser_error(pctx, 0, "subconfig 'port' no longer exists"); - result = ISC_R_UNEXPECTEDTOKEN; - goto cleanup; + CHECK(ISC_R_UNEXPECTEDTOKEN); } if (have_port > 1) { cfg_parser_error(pctx, 0, "expected at most one port"); - result = ISC_R_UNEXPECTEDTOKEN; - goto cleanup; + CHECK(ISC_R_UNEXPECTEDTOKEN); } if (have_tls > 1) { cfg_parser_error(pctx, 0, "expected at most one tls"); - result = ISC_R_UNEXPECTEDTOKEN; - goto cleanup; + CHECK(ISC_R_UNEXPECTEDTOKEN); } cfg_obj_create(pctx->mctx, cfg_parser_currentfile(pctx), pctx->line, diff --git a/lib/ns/client.c b/lib/ns/client.c index dcb974b4cf..a99857bed4 100644 --- a/lib/ns/client.c +++ b/lib/ns/client.c @@ -610,10 +610,7 @@ ns_client_send(ns_client_t *client) { * Create an OPT for our reply. */ if ((client->inner.attributes & NS_CLIENTATTR_WANTOPT) != 0) { - result = ns_client_addopt(client, client->message); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(ns_client_addopt(client, client->message)); opt_included = true; } @@ -642,10 +639,7 @@ ns_client_send(ns_client_t *client) { dns_compress_init(&cctx, client->manager->mctx, compflags); cleanup_cctx = true; - result = dns_message_renderbegin(client->message, &cctx, &buffer); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(dns_message_renderbegin(client->message, &cctx, &buffer)); result = dns_message_rendersection(client->message, DNS_SECTION_QUESTION, 0); @@ -689,10 +683,7 @@ ns_client_send(ns_client_t *client) { goto cleanup; } renderend: - result = dns_message_renderend(client->message); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(dns_message_renderend(client->message)); #ifdef HAVE_DNSTAP memset(&zr, 0, sizeof(zr)); diff --git a/lib/ns/query.c b/lib/ns/query.c index 22a3a9caa5..a5ee19f354 100644 --- a/lib/ns/query.c +++ b/lib/ns/query.c @@ -2745,10 +2745,7 @@ stale_refresh_aftermath(ns_client_t *client, isc_result_t result) { dns_clientinfo_setecs(&ci, &qctx.client->inner.ecs); } - result = qctx_prepare_buffers(&qctx, &buffer); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(qctx_prepare_buffers(&qctx, &buffer)); dboptions = qctx.client->query.dboptions; dboptions |= DNS_DBFIND_STALEOK; @@ -4161,12 +4158,9 @@ rpz_rewrite(ns_client_t *client, dns_rdatatype_t qtype, isc_result_t qresult, if (zbits != 0) { isc_netaddr_fromsockaddr( &netaddr, &client->inner.peeraddr); - result = rpz_rewrite_ip(client, &netaddr, qtype, - DNS_RPZ_TYPE_CLIENT_IP, - zbits, &rdataset); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(rpz_rewrite_ip(client, &netaddr, qtype, + DNS_RPZ_TYPE_CLIENT_IP, + zbits, &rdataset)); } } @@ -4176,12 +4170,9 @@ rpz_rewrite(ns_client_t *client, dns_rdatatype_t qtype, isc_result_t qresult, * There is a first time for each name in a CNAME chain */ if ((st->state & DNS_RPZ_DONE_QNAME) == 0) { - result = rpz_rewrite_name(client, client->query.qname, - qtype, DNS_RPZ_TYPE_QNAME, - allowed, &rdataset); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(rpz_rewrite_name(client, client->query.qname, + qtype, DNS_RPZ_TYPE_QNAME, + allowed, &rdataset)); /* * Check IPv4 addresses in A RRs next. @@ -4226,12 +4217,9 @@ rpz_rewrite(ns_client_t *client, dns_rdatatype_t qtype, isc_result_t qresult, qresult_type == qresult_type_done && rpz_get_zbits(client, qtype, DNS_RPZ_TYPE_IP) != 0) { - result = rpz_rewrite_ip_rrsets(client, client->query.qname, - qtype, DNS_RPZ_TYPE_IP, - &rdataset, resuming); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(rpz_rewrite_ip_rrsets(client, client->query.qname, qtype, + DNS_RPZ_TYPE_IP, &rdataset, + resuming)); /* * We are finished checking the IP addresses for the qname. * Start with IPv4 if we will check NS IP addresses. @@ -4286,10 +4274,7 @@ rpz_rewrite(ns_client_t *client, dns_rdatatype_t qtype, isc_result_t qresult, was_glue = true; FALLTHROUGH; case ISC_R_SUCCESS: - result = dns_rdataset_first(st->r.ns_rdataset); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(dns_rdataset_first(st->r.ns_rdataset)); st->state &= ~(DNS_RPZ_DONE_NSDNAME | DNS_RPZ_DONE_IPv4); break; @@ -4698,20 +4683,11 @@ dns64_ttl(dns_db_t *db, dns_dbversion_t *version) { dns_rdataset_init(&rdataset); - result = dns_db_getoriginnode(db, &node); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(dns_db_getoriginnode(db, &node)); - result = dns_db_findrdataset(db, node, version, dns_rdatatype_soa, 0, 0, - &rdataset, NULL); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } - result = dns_rdataset_first(&rdataset); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(dns_db_findrdataset(db, node, version, dns_rdatatype_soa, 0, 0, + &rdataset, NULL)); + CHECK(dns_rdataset_first(&rdataset)); dns_rdataset_current(&rdataset, &rdata); result = dns_rdata_tostruct(&rdata, &soa, NULL); @@ -6757,10 +6733,7 @@ ns_query_hookasync(query_ctx_t *qctx, ns_query_starthookasync_t runasync, REQUIRE(client->query.hookasyncctx == NULL); REQUIRE(FETCH_RECTYPE_NORMAL(client) == NULL); - result = acquire_recursionquota(client); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(acquire_recursionquota(client)); qctx_save(qctx, &saved_qctx); result = runasync(saved_qctx, client->manager->mctx, arg, @@ -8269,14 +8242,11 @@ query_dns64(query_ctx_t *qctx) { flags |= DNS_DNS64_RECURSIVE; } - result = dns_dns64_apply(client->manager->mctx, view->dns64, - view->dns64cnt, client->message, - client->manager->aclenv, - &client->inner.peeraddr, client->inner.signer, - flags, qctx->rdataset, &dns64_rdataset); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(dns_dns64_apply(client->manager->mctx, view->dns64, + view->dns64cnt, client->message, + client->manager->aclenv, &client->inner.peeraddr, + client->inner.signer, flags, qctx->rdataset, + &dns64_rdataset)); dns_rdataset_setownercase(dns64_rdataset, mname); client->query.attributes |= NS_QUERYATTR_NOADDITIONAL; @@ -9882,14 +9852,11 @@ query_coveringnsec(query_ctx_t *qctx) { * Look for SOA record to construct NODATA response. */ dns_db_attach(qctx->db, &db); - result = dns_db_findext(db, signer, qctx->version, - dns_rdatatype_soa, dboptions, - qctx->client->inner.now, &node, fname, - &cm, &ci, soardataset, sigsoardataset); + CHECK(dns_db_findext(db, signer, qctx->version, + dns_rdatatype_soa, dboptions, + qctx->client->inner.now, &node, fname, &cm, + &ci, soardataset, sigsoardataset)); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } (void)query_synthnodata(qctx, signer, &soardataset, &sigsoardataset); done = true; @@ -10005,13 +9972,10 @@ query_coveringnsec(query_ctx_t *qctx) { /* * Look for SOA record to construct NXDOMAIN response. */ - result = dns_db_findext(db, signer, qctx->version, dns_rdatatype_soa, - dboptions, qctx->client->inner.now, &node, - fname, &cm, &ci, soardataset, sigsoardataset); + CHECK(dns_db_findext(db, signer, qctx->version, dns_rdatatype_soa, + dboptions, qctx->client->inner.now, &node, fname, + &cm, &ci, soardataset, sigsoardataset)); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } (void)query_synthnxdomainnodata(qctx, exists, nowild, &rdataset, &sigrdataset, signer, &soardataset, &sigsoardataset); @@ -10738,12 +10702,11 @@ query_addbestns(query_ctx_t *qctx) { * Find the right database. */ do { - result = query_getdb(client, &qname, dns_rdatatype_ns, - (dns_getdb_options_t){ 0 }, &zone, &db, - &version, &is_zone); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(query_getdb(client, &qname, dns_rdatatype_ns, + (dns_getdb_options_t){ + 0, + }, + &zone, &db, &version, &is_zone)); /* * If this is a static stub zone look for a parent zone. @@ -11152,10 +11115,7 @@ again: /* * Add the no wildcard proof. */ - result = dns_name_concatenate(dns_wildcardname, cname, wname); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(dns_name_concatenate(dns_wildcardname, cname, wname)); query_findclosestnsec3(wname, qctx->db, qctx->version, client, rdataset, sigrdataset, fname, nodata, diff --git a/tests/libtest/ns.c b/tests/libtest/ns.c index 55117d1408..359077e58a 100644 --- a/tests/libtest/ns.c +++ b/tests/libtest/ns.c @@ -93,16 +93,9 @@ setup_server(void **state) { ns_server_create(isc_g_mctx, matchview, &sctx); - result = dns_dispatchmgr_create(isc_g_mctx, &dispatchmgr); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } - - result = ns_interfacemgr_create(isc_g_mctx, sctx, dispatchmgr, NULL, - &interfacemgr); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(dns_dispatchmgr_create(isc_g_mctx, &dispatchmgr)); + CHECK(ns_interfacemgr_create(isc_g_mctx, sctx, dispatchmgr, NULL, + &interfacemgr)); isc_loop_setup(isc_loop_main(), scan_interfaces, NULL); From 6b33b7fc77d906f5e3ddd0933111a8a1ab9a9380 Mon Sep 17 00:00:00 2001 From: Evan Hunt Date: Thu, 12 Jun 2025 22:17:33 -0700 Subject: [PATCH 3/8] switch to RETERR where it wasn't being used replace all instances of the pattern: result = if (result != ISC_R_SUCCESS) { return result; } with: RETERR(); --- bin/check/named-checkconf.c | 12 +- bin/delv/delv.c | 27 +- bin/dig/dig.c | 15 +- bin/dig/dighost.c | 27 +- bin/dig/host.c | 51 +-- bin/dnssec/dnssec-ksr.c | 5 +- bin/dnssec/dnssec-signzone.c | 5 +- bin/named/builtin.c | 34 +- bin/named/config.c | 12 +- bin/named/control.c | 14 +- bin/named/server.c | 318 ++++++------------- bin/named/zoneconf.c | 28 +- bin/plugins/synthrecord.c | 20 +- bin/tests/system/dlzexternal/driver/driver.c | 31 +- bin/tools/named-makejournal.c | 17 +- lib/dns/acl.c | 6 +- lib/dns/adb.c | 7 +- lib/dns/cache.c | 23 +- lib/dns/catz.c | 40 +-- lib/dns/db.c | 10 +- lib/dns/dispatch.c | 17 +- lib/dns/dns64.c | 15 +- lib/dns/dnssec.c | 30 +- lib/dns/ds.c | 5 +- lib/dns/dst_api.c | 48 +-- lib/dns/dst_parse.c | 12 +- lib/dns/hmac_link.c | 9 +- lib/dns/iptable.c | 7 +- lib/dns/journal.c | 51 +-- lib/dns/keystore.c | 16 +- lib/dns/keytable.c | 7 +- lib/dns/master.c | 14 +- lib/dns/masterdump.c | 27 +- lib/dns/message.c | 135 ++------ lib/dns/name.c | 21 +- lib/dns/ncache.c | 22 +- lib/dns/nsec.c | 16 +- lib/dns/nsec3.c | 47 +-- lib/dns/nta.c | 7 +- lib/dns/opensslecdsa_link.c | 8 +- lib/dns/openssleddsa_link.c | 6 +- lib/dns/peer.c | 7 +- lib/dns/qpcache.c | 7 +- lib/dns/rdata.c | 20 +- lib/dns/rdata/generic/lp_107.c | 6 +- lib/dns/rdata/generic/minfo_14.c | 6 +- lib/dns/rdata/generic/mx_15.c | 5 +- lib/dns/rdata/generic/naptr_35.c | 6 +- lib/dns/rdata/generic/nxt_30.c | 6 +- lib/dns/rdata/generic/rt_21.c | 17 +- lib/dns/rdata/generic/txt_16.c | 7 +- lib/dns/rdata/in_1/a6_38.c | 6 +- lib/dns/rdata/in_1/px_26.c | 11 +- lib/dns/rdata/in_1/srv_33.c | 5 +- lib/dns/rdataset.c | 6 +- lib/dns/request.c | 16 +- lib/dns/resconf.c | 12 +- lib/dns/resolver.c | 11 +- lib/dns/rootns.c | 6 +- lib/dns/rpz.c | 6 +- lib/dns/rriterator.c | 6 +- lib/dns/sdlz.c | 60 +--- lib/dns/skr.c | 7 +- lib/dns/time.c | 7 +- lib/dns/tkey.c | 5 +- lib/dns/tsig.c | 87 ++--- lib/dns/update.c | 6 +- lib/dns/validator.c | 57 +--- lib/dns/view.c | 24 +- lib/dns/xfrin.c | 12 +- lib/dns/zone.c | 49 +-- lib/dns/zoneverify.c | 39 +-- lib/isc/commandline.c | 8 +- lib/isc/file.c | 21 +- lib/isc/getaddresses.c | 10 +- lib/isc/httpd.c | 6 +- lib/isc/include/isc/buffer.h | 17 +- lib/isc/lex.c | 6 +- lib/isc/log.c | 23 +- lib/isc/netmgr/udp.c | 13 +- lib/isc/parseint.c | 14 +- lib/isc/proxy2.c | 25 +- lib/isc/radix.c | 6 +- lib/isc/sockaddr.c | 6 +- lib/isc/url.c | 7 +- lib/isccc/base64.c | 12 +- lib/isccc/cc.c | 65 +--- lib/isccfg/aclconf.c | 20 +- lib/isccfg/check.c | 22 +- lib/isccfg/parser.c | 35 +- lib/ns/client.c | 40 +-- lib/ns/interfacemgr.c | 19 +- lib/ns/query.c | 24 +- lib/ns/update.c | 26 +- lib/ns/xfrout.c | 16 +- tests/dns/dispatch_test.c | 5 +- tests/dns/master_test.c | 18 +- tests/libtest/dns.c | 24 +- tests/libtest/ns.c | 22 +- 99 files changed, 520 insertions(+), 1737 deletions(-) diff --git a/bin/check/named-checkconf.c b/bin/check/named-checkconf.c index caac86ee25..ee304a9b20 100644 --- a/bin/check/named-checkconf.c +++ b/bin/check/named-checkconf.c @@ -108,7 +108,6 @@ get_checknames(const cfg_obj_t **maps, const cfg_obj_t **obj) { static isc_result_t configure_hint(const char *zfile, const char *zclass) { - isc_result_t result; dns_db_t *db = NULL; dns_rdataclass_t rdclass; isc_textregion_t r; @@ -119,15 +118,8 @@ configure_hint(const char *zfile, const char *zclass) { r.base = UNCONST(zclass); r.length = strlen(zclass); - result = dns_rdataclass_fromtext(&rdclass, &r); - if (result != ISC_R_SUCCESS) { - return result; - } - - result = dns_rootns_create(isc_g_mctx, rdclass, zfile, &db); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(dns_rdataclass_fromtext(&rdclass, &r)); + RETERR(dns_rootns_create(isc_g_mctx, rdclass, zfile, &db)); dns_db_detach(&db); return ISC_R_SUCCESS; diff --git a/bin/delv/delv.c b/bin/delv/delv.c index eba04e85b1..7915c4f808 100644 --- a/bin/delv/delv.c +++ b/bin/delv/delv.c @@ -1757,15 +1757,8 @@ reverse_octets(const char *in, char **p, char *end) { char *dot = strchr(in, '.'); int len; if (dot != NULL) { - isc_result_t result; - result = reverse_octets(dot + 1, p, end); - if (result != ISC_R_SUCCESS) { - return result; - } - result = append_str(".", 1, p, end); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(reverse_octets(dot + 1, p, end)); + RETERR(append_str(".", 1, p, end)); len = (int)(dot - in); } else { len = strlen(in); @@ -1776,7 +1769,6 @@ reverse_octets(const char *in, char **p, char *end) { static isc_result_t get_reverse(char *reverse, size_t len, char *value, bool strict) { int r; - isc_result_t result; isc_netaddr_t addr; addr.family = AF_INET6; @@ -1787,10 +1779,7 @@ get_reverse(char *reverse, size_t len, char *value, bool strict) { dns_name_t *name; name = dns_fixedname_initname(&fname); - result = dns_byaddr_createptrname(&addr, name); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(dns_byaddr_createptrname(&addr, name)); dns_name_format(name, reverse, (unsigned int)len); return ISC_R_SUCCESS; } else { @@ -1807,14 +1796,8 @@ get_reverse(char *reverse, size_t len, char *value, bool strict) { if (strict && inet_pton(AF_INET, value, &addr.type.in) != 1) { return DNS_R_BADDOTTEDQUAD; } - result = reverse_octets(value, &p, end); - if (result != ISC_R_SUCCESS) { - return result; - } - result = append_str(".in-addr.arpa.", 15, &p, end); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(reverse_octets(value, &p, end)); + RETERR(append_str(".in-addr.arpa.", 15, &p, end)); return ISC_R_SUCCESS; } } diff --git a/bin/dig/dig.c b/bin/dig/dig.c index b1d12ec2b6..ecb722b78e 100644 --- a/bin/dig/dig.c +++ b/bin/dig/dig.c @@ -503,10 +503,7 @@ say_message(dns_rdata_t *rdata, dig_query_t *query, isc_buffer_t *buf) { unsigned int styleflags = 0; if (query->lookup->trace || query->lookup->ns_search_only) { - result = dns_rdatatype_totext(rdata->type, buf); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(dns_rdatatype_totext(rdata->type, buf)); ADD_STRING(buf, " "); } @@ -583,14 +580,8 @@ dns64prefix_answer(dns_message_t *msg, isc_buffer_t *buf) { count = 10; } for (i = 0; i < count; i++) { - result = isc_netaddr_totext(&prefix[i].addr, buf); - if (result != ISC_R_SUCCESS) { - return result; - } - result = isc_buffer_printf(buf, "/%u\n", prefix[i].prefixlen); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(isc_netaddr_totext(&prefix[i].addr, buf)); + RETERR(isc_buffer_printf(buf, "/%u\n", prefix[i].prefixlen)); } return ISC_R_SUCCESS; diff --git a/bin/dig/dighost.c b/bin/dig/dighost.c index 81d1cc552b..1eeb11e432 100644 --- a/bin/dig/dighost.c +++ b/bin/dig/dighost.c @@ -291,15 +291,8 @@ reverse_octets(const char *in, char **p, char *end) { const char *dot = strchr(in, '.'); size_t len; if (dot != NULL) { - isc_result_t result; - result = reverse_octets(dot + 1, p, end); - if (result != ISC_R_SUCCESS) { - return result; - } - result = append(".", 1, p, end); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(reverse_octets(dot + 1, p, end)); + RETERR(append(".", 1, p, end)); len = (int)(dot - in); } else { len = (int)strlen(in); @@ -310,7 +303,6 @@ reverse_octets(const char *in, char **p, char *end) { isc_result_t get_reverse(char *reverse, size_t len, char *value, bool strict) { int r; - isc_result_t result; isc_netaddr_t addr; addr.family = AF_INET6; @@ -321,10 +313,7 @@ get_reverse(char *reverse, size_t len, char *value, bool strict) { dns_name_t *name; name = dns_fixedname_initname(&fname); - result = dns_byaddr_createptrname(&addr, name); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(dns_byaddr_createptrname(&addr, name)); dns_name_format(name, reverse, (unsigned int)len); return ISC_R_SUCCESS; } else { @@ -341,15 +330,9 @@ get_reverse(char *reverse, size_t len, char *value, bool strict) { if (strict && inet_pton(AF_INET, value, &addr.type.in) != 1) { return DNS_R_BADDOTTEDQUAD; } - result = reverse_octets(value, &p, end); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(reverse_octets(value, &p, end)); /* Append .in-addr.arpa. and a terminating NUL. */ - result = append(".in-addr.arpa.", 15, &p, end); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(append(".in-addr.arpa.", 15, &p, end)); return ISC_R_SUCCESS; } } diff --git a/bin/dig/host.c b/bin/dig/host.c index df38b0f24a..4156aec9a8 100644 --- a/bin/dig/host.c +++ b/bin/dig/host.c @@ -208,7 +208,6 @@ printsection(dns_message_t *msg, dns_section_t sectionid, const char *section_name, bool headers, dig_query_t *query) { dns_name_t *print_name; isc_buffer_t target; - isc_result_t result; isc_region_t r; dns_name_t empty_name; char tbuf[4096] = { 0 }; @@ -245,12 +244,9 @@ printsection(dns_message_t *msg, dns_section_t sectionid, continue; } if (!short_form) { - result = dns_rdataset_totext(rdataset, - print_name, false, - no_rdata, &target); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(dns_rdataset_totext(rdataset, print_name, + false, no_rdata, + &target)); #ifdef USEINITALWS if (first) { print_name = &empty_name; @@ -305,7 +301,6 @@ static isc_result_t printrdata(dns_message_t *msg, dns_rdataset_t *rdataset, const dns_name_t *owner, const char *set_name, bool headers) { isc_buffer_t target; - isc_result_t result; isc_region_t r; char tbuf[4096]; @@ -316,10 +311,7 @@ printrdata(dns_message_t *msg, dns_rdataset_t *rdataset, isc_buffer_init(&target, tbuf, sizeof(tbuf)); - result = dns_rdataset_totext(rdataset, owner, false, false, &target); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(dns_rdataset_totext(rdataset, owner, false, false, &target)); isc_buffer_usedregion(&target, &r); printf("%.*s", (int)r.length, (char *)r.base); @@ -501,50 +493,35 @@ printmessage(dig_query_t *query, const isc_buffer_t *msgbuf, dns_message_t *msg, if (!ISC_LIST_EMPTY(msg->sections[DNS_SECTION_QUESTION]) && !short_form) { printf("\n"); - result = printsection(msg, DNS_SECTION_QUESTION, "QUESTION", - true, query); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(printsection(msg, DNS_SECTION_QUESTION, "QUESTION", true, + query)); } if (!ISC_LIST_EMPTY(msg->sections[DNS_SECTION_ANSWER])) { if (!short_form) { printf("\n"); } - result = printsection(msg, DNS_SECTION_ANSWER, "ANSWER", - !short_form, query); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(printsection(msg, DNS_SECTION_ANSWER, "ANSWER", + !short_form, query)); } if (!ISC_LIST_EMPTY(msg->sections[DNS_SECTION_AUTHORITY]) && !short_form) { printf("\n"); - result = printsection(msg, DNS_SECTION_AUTHORITY, "AUTHORITY", - true, query); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(printsection(msg, DNS_SECTION_AUTHORITY, "AUTHORITY", + true, query)); } if (!ISC_LIST_EMPTY(msg->sections[DNS_SECTION_ADDITIONAL]) && !short_form) { printf("\n"); - result = printsection(msg, DNS_SECTION_ADDITIONAL, "ADDITIONAL", - true, query); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(printsection(msg, DNS_SECTION_ADDITIONAL, "ADDITIONAL", + true, query)); } if ((tsig != NULL) && !short_form) { printf("\n"); - result = printrdata(msg, tsig, tsigname, "PSEUDOSECTION TSIG", - true); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(printrdata(msg, tsig, tsigname, "PSEUDOSECTION TSIG", + true)); } if (!short_form) { printf("\n"); diff --git a/bin/dnssec/dnssec-ksr.c b/bin/dnssec/dnssec-ksr.c index 7240da4278..efba16f451 100644 --- a/bin/dnssec/dnssec-ksr.c +++ b/bin/dnssec/dnssec-ksr.c @@ -967,10 +967,7 @@ parse_dnskey(isc_lex_t *lex, char *owner, isc_buffer_t *buf, dns_ttl_t *ttl) { dname = dns_fixedname_initname(&dfname); isc_buffer_init(&b, owner, strlen(owner)); isc_buffer_add(&b, strlen(owner)); - result = dns_name_fromtext(dname, &b, dns_rootname, 0); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(dns_name_fromtext(dname, &b, dns_rootname, 0)); if (dns_name_compare(dname, name) != 0) { result = DNS_R_BADOWNERNAME; goto cleanup; diff --git a/bin/dnssec/dnssec-signzone.c b/bin/dnssec/dnssec-signzone.c index 43a295ca2a..4502d00720 100644 --- a/bin/dnssec/dnssec-signzone.c +++ b/bin/dnssec/dnssec-signzone.c @@ -1377,10 +1377,7 @@ setsoaserial(uint32_t serial, dns_updatemethod_t method) { uint32_t old_serial, new_serial = 0; dns_updatemethod_t used = dns_updatemethod_none; - result = dns_db_getoriginnode(gdb, &node); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(dns_db_getoriginnode(gdb, &node)); dns_rdataset_init(&rdataset); diff --git a/bin/named/builtin.c b/bin/named/builtin.c index 814ad911bd..80e3c5a7fe 100644 --- a/bin/named/builtin.c +++ b/bin/named/builtin.c @@ -166,10 +166,7 @@ putrr(bdbnode_t *node, const char *type, dns_ttl_t ttl, const char *data) { origin = &node->bdb->common.origin; isc_constregion_t r = { .base = type, .length = strlen(type) }; - result = dns_rdatatype_fromtext(&typeval, (isc_textregion_t *)&r); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(dns_rdatatype_fromtext(&typeval, (isc_textregion_t *)&r)); isc_lex_create(mctx, 64, &lex); @@ -177,10 +174,7 @@ putrr(bdbnode_t *node, const char *type, dns_ttl_t ttl, const char *data) { isc_buffer_constinit(&b, data, datalen); isc_buffer_add(&b, datalen); - result = isc_lex_openbuffer(lex, &b); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(isc_lex_openbuffer(lex, &b)); isc_buffer_allocate(mctx, &rb, DNS_RDATA_MAXLENGTH); result = dns_rdata_fromtext(NULL, node->bdb->common.rdclass, typeval, @@ -535,7 +529,6 @@ hostname_lookup(bdbnode_t *node) { static isc_result_t authors_lookup(bdbnode_t *node) { - isc_result_t result; const char **p = NULL; static const char *authors[] = { "Mark Andrews", "Curtis Blackburn", @@ -559,10 +552,7 @@ authors_lookup(bdbnode_t *node) { } for (p = authors; *p != NULL; p++) { - result = puttxt(node, *p); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(puttxt(node, *p)); } return ISC_R_SUCCESS; } @@ -591,14 +581,10 @@ empty_lookup(bdbnode_t *node) { static isc_result_t ipv4only_lookup(bdbnode_t *node) { - isc_result_t result; unsigned char data[2][4] = { { 192, 0, 0, 170 }, { 192, 0, 0, 171 } }; for (int i = 0; i < 2; i++) { - result = putrdata(node, dns_rdatatype_a, 3600, data[i], 4); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(putrdata(node, dns_rdatatype_a, 3600, data[i], 4)); } return ISC_R_SUCCESS; } @@ -846,10 +832,7 @@ findnode(dns_db_t *db, const dns_name_t *name, bool create, dns_name_getlabelsequence(name, 0, labels, &relname); name = &relname; - result = createnode(bdb, &node); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(createnode(bdb, &node)); result = builtin_lookup(bdb, name, node); if (result != ISC_R_SUCCESS && (!isorigin || result != ISC_R_NOTFOUND)) @@ -1212,11 +1195,8 @@ isc_result_t named_builtin_init(void) { isc_result_t result; - result = dns_db_register("_builtin", create, &builtin, isc_g_mctx, - &builtin.dbimp); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(dns_db_register("_builtin", create, &builtin, isc_g_mctx, + &builtin.dbimp)); result = dns_db_register("_dns64", create, &dns64, isc_g_mctx, &dns64.dbimp); diff --git a/bin/named/config.c b/bin/named/config.c index 31683d005c..c953f4c45a 100644 --- a/bin/named/config.c +++ b/bin/named/config.c @@ -248,17 +248,13 @@ named_config_getzonetype(const cfg_obj_t *zonetypeobj) { isc_result_t named_config_getremotesdef(const cfg_obj_t *cctx, const char *list, const char *name, const cfg_obj_t **ret) { - isc_result_t result; const cfg_obj_t *obj = NULL; REQUIRE(cctx != NULL); REQUIRE(name != NULL); REQUIRE(ret != NULL && *ret == NULL); - result = cfg_map_get(cctx, list, &obj); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(cfg_map_get(cctx, list, &obj)); CFG_LIST_FOREACH(obj, elt) { obj = cfg_listelt_value(elt); if (strcasecmp(cfg_obj_asstring(cfg_tuple_get(obj, "name")), @@ -697,7 +693,6 @@ named_config_getkeyalgorithm(const char *str, unsigned int *typep, int i; size_t len = 0; uint16_t bits; - isc_result_t result; for (i = 0; algorithms[i].str != NULL; i++) { len = strlen(algorithms[i].str); @@ -712,10 +707,7 @@ named_config_getkeyalgorithm(const char *str, unsigned int *typep, return ISC_R_NOTFOUND; } if (str[len] == '-') { - result = isc_parse_uint16(&bits, str + len + 1, 10); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(isc_parse_uint16(&bits, str + len + 1, 10)); if (bits > algorithms[i].size) { return ISC_R_RANGE; } diff --git a/bin/named/control.c b/bin/named/control.c index 8f20933f02..8750f4c7f2 100644 --- a/bin/named/control.c +++ b/bin/named/control.c @@ -37,15 +37,11 @@ static isc_result_t getcommand(isc_lex_t *lex, char **cmdp) { - isc_result_t result; isc_token_t token; REQUIRE(cmdp != NULL && *cmdp == NULL); - result = isc_lex_gettoken(lex, ISC_LEXOPT_EOF, &token); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(isc_lex_gettoken(lex, ISC_LEXOPT_EOF, &token)); isc_lex_ungettoken(lex, &token); @@ -89,13 +85,7 @@ named_control_docommand(isccc_sexpr_t *message, bool readonly, return ISC_R_FAILURE; } - result = isccc_cc_lookupstring(data, "type", &cmdline); - if (result != ISC_R_SUCCESS) { - /* - * We have no idea what this is. - */ - return result; - } + RETERR(isccc_cc_lookupstring(data, "type", &cmdline)); isc_lex_create(isc_g_mctx, strlen(cmdline), &lex); diff --git a/bin/named/server.c b/bin/named/server.c index 7aeeec2b87..b6ca56d9a4 100644 --- a/bin/named/server.c +++ b/bin/named/server.c @@ -928,10 +928,7 @@ process_key(const cfg_obj_t *key, dns_keytable_t *secroots, isc_buffer_constinit(&b, namestr, strlen(namestr)); isc_buffer_add(&b, strlen(namestr)); keyname = dns_fixedname_initname(&fkeyname); - result = dns_name_fromtext(keyname, &b, dns_rootname, 0); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(dns_name_fromtext(keyname, &b, dns_rootname, 0)); break; case DST_R_UNSUPPORTEDALG: case DST_R_BADKEYTYPE: @@ -1290,20 +1287,12 @@ configure_order(dns_order_t *order, const cfg_obj_t *ent) { dns_orderopt_t mode = dns_order_none; const char *str; isc_buffer_t b; - isc_result_t result; bool addroot; - result = named_config_getclass(cfg_tuple_get(ent, "class"), - dns_rdataclass_any, &rdclass); - if (result != ISC_R_SUCCESS) { - return result; - } - - result = named_config_gettype(cfg_tuple_get(ent, "type"), - dns_rdatatype_any, &rdtype); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(named_config_getclass(cfg_tuple_get(ent, "class"), + dns_rdataclass_any, &rdclass)); + RETERR(named_config_gettype(cfg_tuple_get(ent, "type"), + dns_rdatatype_any, &rdtype)); obj = cfg_tuple_get(ent, "name"); if (cfg_obj_isstring(obj)) { @@ -1315,11 +1304,8 @@ configure_order(dns_order_t *order, const cfg_obj_t *ent) { isc_buffer_constinit(&b, str, strlen(str)); isc_buffer_add(&b, strlen(str)); dns_fixedname_init(&fixed); - result = dns_name_fromtext(dns_fixedname_name(&fixed), &b, dns_rootname, - 0); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(dns_name_fromtext(dns_fixedname_name(&fixed), &b, dns_rootname, + 0)); obj = cfg_tuple_get(ent, "ordering"); INSIST(cfg_obj_isstring(obj)); @@ -1354,19 +1340,14 @@ configure_order(dns_order_t *order, const cfg_obj_t *ent) { static isc_result_t configure_peer(const cfg_obj_t *cpeer, isc_mem_t *mctx, dns_peer_t **peerp) { isc_netaddr_t na; - dns_peer_t *peer; - const cfg_obj_t *obj; - const char *str; - isc_result_t result; + dns_peer_t *peer = NULL; + const cfg_obj_t *obj = NULL; + isc_result_t result = ISC_R_SUCCESS; unsigned int prefixlen; cfg_obj_asnetprefix(cfg_map_getname(cpeer), &na, &prefixlen); - peer = NULL; - result = dns_peer_newprefix(mctx, &na, prefixlen, &peer); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(dns_peer_newprefix(mctx, &na, prefixlen, &peer)); obj = NULL; (void)cfg_map_get(cpeer, "bogus", &obj); @@ -1500,7 +1481,7 @@ configure_peer(const cfg_obj_t *cpeer, isc_mem_t *mctx, dns_peer_t **peerp) { obj = NULL; (void)cfg_map_get(cpeer, "transfer-format", &obj); if (obj != NULL) { - str = cfg_obj_asstring(obj); + const char *str = cfg_obj_asstring(obj); if (strcasecmp(str, "many-answers") == 0) { CHECK(dns_peer_settransferformat(peer, dns_many_answers)); @@ -1792,12 +1773,9 @@ static isc_result_t dlzconfigure_callback(dns_view_t *view, dns_dlzdb_t *dlzdb, dns_zone_t *zone) { dns_name_t *origin = dns_zone_getorigin(zone); dns_rdataclass_t zclass = view->rdclass; - isc_result_t result; - result = dns_zonemgr_managezone(named_g_server->zonemgr, zone); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(dns_zonemgr_managezone(named_g_server->zonemgr, zone)); + dns_zone_setstats(zone, named_g_server->zonestats); return named_zone_configure_writeable_dlz(dlzdb, zone, zclass, origin); @@ -1978,10 +1956,8 @@ configure_rpz_zone(dns_view_t *view, const cfg_listelt_t *element, } str = cfg_obj_asstring(cfg_tuple_get(rpz_obj, "zone name")); - result = configure_rpz_name(view, rpz_obj, &zone->origin, str, "zone"); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(configure_rpz_name(view, rpz_obj, &zone->origin, str, "zone")); + if (dns_name_equal(&zone->origin, dns_rootname)) { cfg_obj_log(rpz_obj, DNS_RPZ_ERROR_LEVEL, "invalid zone name '%s'", str); @@ -2001,47 +1977,20 @@ configure_rpz_zone(dns_view_t *view, const cfg_listelt_t *element, *old_rpz_okp = false; } - result = configure_rpz_name2(view, rpz_obj, &zone->client_ip, - DNS_RPZ_CLIENT_IP_ZONE, &zone->origin); - if (result != ISC_R_SUCCESS) { - return result; - } - - result = configure_rpz_name2(view, rpz_obj, &zone->ip, DNS_RPZ_IP_ZONE, - &zone->origin); - if (result != ISC_R_SUCCESS) { - return result; - } - - result = configure_rpz_name2(view, rpz_obj, &zone->nsdname, - DNS_RPZ_NSDNAME_ZONE, &zone->origin); - if (result != ISC_R_SUCCESS) { - return result; - } - - result = configure_rpz_name2(view, rpz_obj, &zone->nsip, - DNS_RPZ_NSIP_ZONE, &zone->origin); - if (result != ISC_R_SUCCESS) { - return result; - } - - result = configure_rpz_name(view, rpz_obj, &zone->passthru, - DNS_RPZ_PASSTHRU_NAME, "name"); - if (result != ISC_R_SUCCESS) { - return result; - } - - result = configure_rpz_name(view, rpz_obj, &zone->drop, - DNS_RPZ_DROP_NAME, "name"); - if (result != ISC_R_SUCCESS) { - return result; - } - - result = configure_rpz_name(view, rpz_obj, &zone->tcp_only, - DNS_RPZ_TCP_ONLY_NAME, "name"); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(configure_rpz_name2(view, rpz_obj, &zone->client_ip, + DNS_RPZ_CLIENT_IP_ZONE, &zone->origin)); + RETERR(configure_rpz_name2(view, rpz_obj, &zone->ip, DNS_RPZ_IP_ZONE, + &zone->origin)); + RETERR(configure_rpz_name2(view, rpz_obj, &zone->nsdname, + DNS_RPZ_NSDNAME_ZONE, &zone->origin)); + RETERR(configure_rpz_name2(view, rpz_obj, &zone->nsip, + DNS_RPZ_NSIP_ZONE, &zone->origin)); + RETERR(configure_rpz_name(view, rpz_obj, &zone->passthru, + DNS_RPZ_PASSTHRU_NAME, "name")); + RETERR(configure_rpz_name(view, rpz_obj, &zone->drop, DNS_RPZ_DROP_NAME, + "name")); + RETERR(configure_rpz_name(view, rpz_obj, &zone->tcp_only, + DNS_RPZ_TCP_ONLY_NAME, "name")); obj = cfg_tuple_get(rpz_obj, "policy"); if (cfg_obj_isvoid(obj)) { @@ -2052,11 +2001,8 @@ configure_rpz_zone(dns_view_t *view, const cfg_listelt_t *element, INSIST(zone->policy != DNS_RPZ_POLICY_ERROR); if (zone->policy == DNS_RPZ_POLICY_CNAME) { str = cfg_obj_asstring(cfg_tuple_get(obj, "cname")); - result = configure_rpz_name(view, rpz_obj, &zone->cname, - str, "cname"); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(configure_rpz_name(view, rpz_obj, &zone->cname, + str, "cname")); } } if (*old_rpz_okp && (zone->policy != old->policy || @@ -2104,7 +2050,7 @@ configure_rpz(dns_view_t *view, dns_view_t *pview, const cfg_obj_t *rpz_obj, const dns_rpz_zones_t *old = NULL; bool pview_must_detach = false; const dns_rpz_zone_t *old_zone = NULL; - isc_result_t result; + isc_result_t result = ISC_R_SUCCESS; *old_rpz_okp = false; @@ -2127,10 +2073,7 @@ configure_rpz(dns_view_t *view, dns_view_t *pview, const cfg_obj_t *rpz_obj, } nsdname_on = nsdname_enabled ? DNS_RPZ_ALL_ZBITS : 0; - result = dns_rpz_new_zones(view, &view->rpzs, first_time); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(dns_rpz_new_zones(view, &view->rpzs, first_time)); zones = view->rpzs; @@ -2635,11 +2578,10 @@ static void catz_changeview(dns_catz_entry_t *entry, void *arg1, void *arg2) { dns_view_t *pview = arg1; dns_view_t *view = arg2; - dns_zone_t *zone = NULL; + isc_result_t result = dns_view_findzone( pview, dns_catz_entry_getname(entry), DNS_ZTFIND_EXACT, &zone); - if (result != ISC_R_SUCCESS) { return; } @@ -2940,10 +2882,7 @@ configure_rrl(dns_view_t *view, const cfg_obj_t *config, const cfg_obj_t *map, min_entries = 1; } } - result = dns_rrl_init(&rrl, view, min_entries); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(dns_rrl_init(&rrl, view, min_entries)); i = ISC_MAX(20000, min_entries); obj = NULL; @@ -5706,7 +5645,7 @@ configure_forward(const cfg_obj_t *config, dns_view_t *view, const cfg_obj_t *faddresses = NULL; dns_fwdpolicy_t fwdpolicy = dns_fwdpolicy_none; dns_forwarderlist_t fwdlist; - isc_result_t result; + isc_result_t result = ISC_R_SUCCESS; in_port_t port; in_port_t tls_port; const char *tls = NULL; @@ -5740,11 +5679,8 @@ configure_forward(const cfg_obj_t *config, dns_view_t *view, if (cfg_obj_isstring(tlspobj)) { tls = cfg_obj_asstring(tlspobj); if (tls != NULL) { - result = validate_tls(config, view, tlspobj, - tls, NULL); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(validate_tls(config, view, tlspobj, tls, + NULL)); } } } @@ -5820,8 +5756,6 @@ configure_forward(const cfg_obj_t *config, dns_view_t *view, dns_view_sfd_add(view, origin); } - result = ISC_R_SUCCESS; - cleanup: ISC_LIST_FOREACH(fwdlist, fwd, link) { @@ -5881,20 +5815,12 @@ cleanup: static isc_result_t find_view(const cfg_obj_t *vconfig, dns_viewlist_t *viewlist, dns_view_t **viewp) { - isc_result_t result; const char *viewname = NULL; dns_rdataclass_t viewclass; dns_view_t *view = NULL; - result = get_viewinfo(vconfig, &viewname, &viewclass); - if (result != ISC_R_SUCCESS) { - return result; - } - - result = dns_viewlist_find(viewlist, viewname, viewclass, &view); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(get_viewinfo(vconfig, &viewname, &viewclass)); + RETERR(dns_viewlist_find(viewlist, viewname, viewclass, &view)); *viewp = view; return ISC_R_SUCCESS; @@ -5915,10 +5841,7 @@ create_view(const cfg_obj_t *vconfig, dns_viewlist_t *viewlist, dns_rdataclass_t viewclass; dns_view_t *view = NULL; - result = get_viewinfo(vconfig, &viewname, &viewclass); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(get_viewinfo(vconfig, &viewname, &viewclass)); result = dns_viewlist_find(viewlist, viewname, viewclass, &view); if (result == ISC_R_SUCCESS) { @@ -6886,11 +6809,8 @@ generate_session_key(const char *filename, const char *keynamestr, ISC_LOG_INFO, "generating session key for dynamic DNS"); /* generate key */ - result = dst_key_generate(keyname, alg, bits, 1, 0, DNS_KEYPROTO_ANY, - dns_rdataclass_in, NULL, mctx, &key, NULL); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(dst_key_generate(keyname, alg, bits, 1, 0, DNS_KEYPROTO_ANY, + dns_rdataclass_in, NULL, mctx, &key, NULL)); /* * Dump the key to the buffer for later use. @@ -6974,10 +6894,7 @@ configure_session_key(const cfg_obj_t **maps, named_server_t *server, isc_buffer_constinit(&buffer, keynamestr, strlen(keynamestr)); isc_buffer_add(&buffer, strlen(keynamestr)); keyname = dns_fixedname_initname(&fname); - result = dns_name_fromtext(keyname, &buffer, dns_rootname, 0); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(dns_name_fromtext(keyname, &buffer, dns_rootname, 0)); obj = NULL; result = named_config_get(maps, "session-keyalg", &obj); @@ -7665,10 +7582,7 @@ configure_views(cfg_obj_t *config, const cfg_obj_t *bindkeys, cfg_obj_t *vconfig = cfg_listelt_value(element); dns_view_t *view = NULL; - result = find_view(vconfig, viewlist, &view); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(find_view(vconfig, viewlist, &view)); result = configure_view(view, viewlist, config, vconfig, cachelist, &server->cachelist, kasplist, @@ -7695,10 +7609,7 @@ configure_views(cfg_obj_t *config, const cfg_obj_t *bindkeys, */ if (explicitviews == false) { dns_view_t *view = NULL; - result = find_view(NULL, viewlist, &view); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(find_view(NULL, viewlist, &view)); result = configure_view(view, viewlist, config, NULL, cachelist, &server->cachelist, kasplist, bindkeys, isc_g_mctx, aclctx, tlsctx_client_cache, @@ -7745,10 +7656,7 @@ configure_keystores(const cfg_obj_t *config, dns_keystorelist_t *keystorelist) { /* * Create the built-in key store ("key-directory"). */ - result = cfg_keystore_fromconfig(NULL, isc_g_mctx, keystorelist, NULL); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(cfg_keystore_fromconfig(NULL, isc_g_mctx, keystorelist, NULL)); /* * Create the DNSSEC key stores. @@ -7758,11 +7666,8 @@ configure_keystores(const cfg_obj_t *config, dns_keystorelist_t *keystorelist) { CFG_LIST_FOREACH(keystores, element) { cfg_obj_t *kconfig = cfg_listelt_value(element); - result = cfg_keystore_fromconfig(kconfig, isc_g_mctx, - keystorelist, NULL); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(cfg_keystore_fromconfig(kconfig, isc_g_mctx, + keystorelist, NULL)); } return result; @@ -7788,13 +7693,9 @@ configure_kasplist(const cfg_obj_t *config, dns_kasplist_t *kasplist, cfg_obj_t *kconfig = cfg_listelt_value(element); dns_kasp_t *kasp = NULL; - result = cfg_kasp_fromconfig(kconfig, default_kasp, kaspopts, - isc_g_mctx, keystorelist, kasplist, - &kasp); - if (result != ISC_R_SUCCESS) { - return result; - } - + RETERR(cfg_kasp_fromconfig(kconfig, default_kasp, kaspopts, + isc_g_mctx, keystorelist, kasplist, + &kasp)); INSIST(kasp != NULL); dns_kasp_freeze(kasp); @@ -10091,7 +9992,7 @@ cleanup: isc_result_t named_server_retransfercommand(named_server_t *server, isc_lex_t *lex, isc_buffer_t *text) { - isc_result_t result; + isc_result_t result = ISC_R_SUCCESS; const char *arg = NULL; dns_zone_t *zone = NULL; dns_zone_t *raw = NULL; @@ -10109,10 +10010,8 @@ named_server_retransfercommand(named_server_t *server, isc_lex_t *lex, arg = next_token(lex, text); } - result = zone_from_args(server, lex, arg, &zone, NULL, text, false); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(zone_from_args(server, lex, arg, &zone, NULL, text, false)); + if (zone == NULL) { return ISC_R_UNEXPECTEDEND; } @@ -10154,17 +10053,15 @@ named_server_retransfercommand(named_server_t *server, isc_lex_t *lex, isc_result_t named_server_reloadcommand(named_server_t *server, isc_lex_t *lex, isc_buffer_t *text) { - isc_result_t result; + isc_result_t result = ISC_R_SUCCESS; dns_zone_t *zone = NULL; dns_zonetype_t type; const char *msg = NULL; REQUIRE(text != NULL); - result = zone_from_args(server, lex, NULL, &zone, NULL, text, true); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(zone_from_args(server, lex, NULL, &zone, NULL, text, true)); + if (zone == NULL) { result = reload(server); switch (result) { @@ -10317,16 +10214,13 @@ cleanup: isc_result_t named_server_notifycommand(named_server_t *server, isc_lex_t *lex, isc_buffer_t *text) { - isc_result_t result; dns_zone_t *zone = NULL; const char msg[] = "zone notify queued"; REQUIRE(text != NULL); - result = zone_from_args(server, lex, NULL, &zone, NULL, text, true); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(zone_from_args(server, lex, NULL, &zone, NULL, text, true)); + if (zone == NULL) { return ISC_R_UNEXPECTEDEND; } @@ -10345,7 +10239,6 @@ named_server_notifycommand(named_server_t *server, isc_lex_t *lex, isc_result_t named_server_refreshcommand(named_server_t *server, isc_lex_t *lex, isc_buffer_t *text) { - isc_result_t result; dns_zone_t *zone = NULL, *raw = NULL; const char msg1[] = "zone refresh queued"; const char msg2[] = "not a secondary, mirror, or stub zone"; @@ -10353,10 +10246,8 @@ named_server_refreshcommand(named_server_t *server, isc_lex_t *lex, REQUIRE(text != NULL); - result = zone_from_args(server, lex, NULL, &zone, NULL, text, true); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(zone_from_args(server, lex, NULL, &zone, NULL, text, true)); + if (zone == NULL) { return ISC_R_UNEXPECTEDEND; } @@ -10431,15 +10322,12 @@ listenlist_fromconfig(const cfg_obj_t *listenlist, const cfg_obj_t *config, cfg_aclconfctx_t *aclctx, isc_mem_t *mctx, uint16_t family, isc_tlsctx_cache_t *tlsctx_cache, ns_listenlist_t **target) { - isc_result_t result; + isc_result_t result = ISC_R_SUCCESS; ns_listenlist_t *dlist = NULL; REQUIRE(target != NULL && *target == NULL); - result = ns_listenlist_create(mctx, &dlist); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(ns_listenlist_create(mctx, &dlist)); CFG_LIST_FOREACH(listenlist, element) { ns_listenelt_t *delt = NULL; @@ -10490,7 +10378,7 @@ listenelt_fromconfig(const cfg_obj_t *listener, const cfg_obj_t *config, cfg_aclconfctx_t *aclctx, isc_mem_t *mctx, uint16_t family, isc_tlsctx_cache_t *tlsctx_cache, ns_listenelt_t **target) { - isc_result_t result; + isc_result_t result = ISC_R_SUCCESS; const cfg_obj_t *ltup = NULL; const cfg_obj_t *tlsobj = NULL, *httpobj = NULL; const cfg_obj_t *portobj = NULL; @@ -10653,41 +10541,29 @@ listenelt_fromconfig(const cfg_obj_t *listener, const cfg_obj_t *config, if (named_g_httpsport != 0) { port = named_g_httpsport; } else { - result = named_config_getport( - config, "https-port", &port); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(named_config_getport( + config, "https-port", &port)); } } else if (http && !do_tls) { if (named_g_httpport != 0) { port = named_g_httpport; } else { - result = named_config_getport( - config, "http-port", &port); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(named_config_getport(config, "http-port", + &port)); } } else if (do_tls) { if (named_g_tlsport != 0) { port = named_g_tlsport; } else { - result = named_config_getport( - config, "tls-port", &port); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(named_config_getport(config, "tls-port", + &port)); } } else { if (named_g_port != 0) { port = named_g_port; } else { - result = named_config_getport(config, "port", - &port); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(named_config_getport(config, "port", + &port)); } } } else { @@ -11562,11 +11438,11 @@ named_server_flushcache(named_server_t *server, isc_lex_t *lex) { isc_result_t named_server_flushnode(named_server_t *server, isc_lex_t *lex, bool tree) { - char *ptr, *viewname; + char *ptr = NULL, *viewname = NULL; char target[DNS_NAME_FORMATSIZE]; bool flushed; bool found; - isc_result_t result; + isc_result_t result = ISC_R_SUCCESS; isc_buffer_t b; dns_fixedname_t fixed; dns_name_t *name = NULL; @@ -11587,10 +11463,7 @@ named_server_flushnode(named_server_t *server, isc_lex_t *lex, bool tree) { isc_buffer_constinit(&b, target, strlen(target)); isc_buffer_add(&b, strlen(target)); name = dns_fixedname_initname(&fixed); - result = dns_name_fromtext(name, &b, dns_rootname, 0); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(dns_name_fromtext(name, &b, dns_rootname, 0)); /* Look for the view name. */ viewname = next_token(lex, NULL); @@ -11834,11 +11707,11 @@ cleanup: */ isc_result_t named_server_rekey(named_server_t *server, isc_lex_t *lex, isc_buffer_t *text) { - isc_result_t result; + isc_result_t result = ISC_R_SUCCESS; dns_zone_t *zone = NULL; dns_zonetype_t type; bool fullsign = false; - char *ptr; + char *ptr = NULL; REQUIRE(text != NULL); @@ -11853,10 +11726,8 @@ named_server_rekey(named_server_t *server, isc_lex_t *lex, isc_buffer_t *text) { REQUIRE(text != NULL); - result = zone_from_args(server, lex, NULL, &zone, NULL, text, false); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(zone_from_args(server, lex, NULL, &zone, NULL, text, false)); + if (zone == NULL) { return ISC_R_UNEXPECTEDEND; /* XXX: or do all zones? */ } @@ -11912,7 +11783,7 @@ synczone(dns_zone_t *zone, void *uap) { isc_result_t named_server_sync(named_server_t *server, isc_lex_t *lex, isc_buffer_t *text) { - isc_result_t result, tresult; + isc_result_t result = ISC_R_SUCCESS, tresult; dns_zone_t *zone = NULL; char classstr[DNS_RDATACLASS_FORMATSIZE]; char zonename[DNS_NAME_FORMATSIZE]; @@ -11933,10 +11804,7 @@ named_server_sync(named_server_t *server, isc_lex_t *lex, isc_buffer_t *text) { REQUIRE(text != NULL); - result = zone_from_args(server, lex, arg, &zone, NULL, text, false); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(zone_from_args(server, lex, arg, &zone, NULL, text, false)); if (zone == NULL) { isc_loopmgr_pause(); @@ -11989,7 +11857,7 @@ named_server_sync(named_server_t *server, isc_lex_t *lex, isc_buffer_t *text) { isc_result_t named_server_freeze(named_server_t *server, bool freeze, isc_lex_t *lex, isc_buffer_t *text) { - isc_result_t result, tresult; + isc_result_t result = ISC_R_SUCCESS; dns_zone_t *mayberaw = NULL, *raw = NULL; dns_zonetype_t type; char classstr[DNS_RDATACLASS_FORMATSIZE]; @@ -12000,26 +11868,24 @@ named_server_freeze(named_server_t *server, bool freeze, isc_lex_t *lex, REQUIRE(text != NULL); - result = zone_from_args(server, lex, NULL, &mayberaw, NULL, text, true); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(zone_from_args(server, lex, NULL, &mayberaw, NULL, text, true)); + if (mayberaw == NULL) { + isc_result_t tresult = ISC_R_SUCCESS; isc_loopmgr_pause(); - tresult = ISC_R_SUCCESS; ISC_LIST_FOREACH(server->viewlist, view, link) { - result = dns_view_freezezones(view, freeze); - if (result != ISC_R_SUCCESS && tresult == ISC_R_SUCCESS) + tresult = dns_view_freezezones(view, freeze); + if (tresult != ISC_R_SUCCESS && result == ISC_R_SUCCESS) { - tresult = result; + result = tresult; } } isc_loopmgr_resume(); isc_log_write(NAMED_LOGCATEGORY_GENERAL, NAMED_LOGMODULE_SERVER, ISC_LOG_INFO, "%s all zones: %s", freeze ? "freezing" : "thawing", - isc_result_totext(tresult)); - return tresult; + isc_result_totext(result)); + return result; } dns_zone_getraw(mayberaw, &raw); if (raw != NULL) { diff --git a/bin/named/zoneconf.c b/bin/named/zoneconf.c index f557ec7514..bd29d8fab5 100644 --- a/bin/named/zoneconf.c +++ b/bin/named/zoneconf.c @@ -71,7 +71,6 @@ configure_zone_acl(const cfg_obj_t *zconfig, const cfg_obj_t *vconfig, cfg_aclconfctx_t *aclctx, dns_zone_t *zone, void (*setzacl)(dns_zone_t *, dns_acl_t *), void (*clearzacl)(dns_zone_t *)) { - isc_result_t result; const cfg_obj_t *maps[6] = { 0 }; const cfg_obj_t *aclobj = NULL; int i = 0; @@ -169,11 +168,7 @@ configure_zone_acl(const cfg_obj_t *zconfig, const cfg_obj_t *vconfig, } parse_acl: - result = cfg_acl_fromconfig(aclobj, config, aclctx, isc_g_mctx, 0, - &acl); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(cfg_acl_fromconfig(aclobj, config, aclctx, isc_g_mctx, 0, &acl)); (*setzacl)(zone, acl); /* Set the view default now */ @@ -558,12 +553,9 @@ configure_staticstub(const cfg_obj_t *zconfig, const cfg_obj_t *tconfig, isc_region_t region; /* Create the DB beforehand */ - result = dns_db_create(mctx, dbtype, dns_zone_getorigin(zone), - dns_dbtype_stub, dns_zone_getclass(zone), 0, - NULL, &db); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(dns_db_create(mctx, dbtype, dns_zone_getorigin(zone), + dns_dbtype_stub, dns_zone_getclass(zone), 0, NULL, + &db)); dns_rdataset_init(&rdataset); @@ -694,8 +686,6 @@ zonetype_fromconfig(const cfg_obj_t *zmap, const cfg_obj_t *tmap) { static isc_result_t strtoargvsub(isc_mem_t *mctx, char *s, unsigned int *argcp, char ***argvp, unsigned int n) { - isc_result_t result; - /* Discard leading whitespace. */ while (*s == ' ' || *s == '\t') { s++; @@ -714,10 +704,7 @@ strtoargvsub(isc_mem_t *mctx, char *s, unsigned int *argcp, char ***argvp, *p++ = '\0'; } - result = strtoargvsub(mctx, p, argcp, argvp, n + 1); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(strtoargvsub(mctx, p, argcp, argvp, n + 1)); (*argvp)[n] = s; } return ISC_R_SUCCESS; @@ -1917,10 +1904,7 @@ named_zone_configure_writeable_dlz(dns_dlzdb_t *dlzdatabase, dns_zone_t *zone, isc_result_t result; dns_zone_settype(zone, dns_zone_dlz); - result = dns_sdlz_setdb(dlzdatabase, rdclass, name, &db); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(dns_sdlz_setdb(dlzdatabase, rdclass, name, &db)); result = dns_zone_dlzpostload(zone, db); dns_db_detach(&db); return result; diff --git a/bin/plugins/synthrecord.c b/bin/plugins/synthrecord.c index 3fdd7633f6..8dc3e257b1 100644 --- a/bin/plugins/synthrecord.c +++ b/bin/plugins/synthrecord.c @@ -62,7 +62,6 @@ synthrecord_reverseanswer(synthrecord_t *inst, isc_netaddr_t *na, isc_buffer_t addrb; char addrbdata[DNS_NAME_FORMATSIZE]; isc_region_t addrr; - isc_result_t result; REQUIRE(DNS_NAME_VALID(synthname)); REQUIRE(na->family == AF_INET || na->family == AF_INET6); @@ -71,10 +70,7 @@ synthrecord_reverseanswer(synthrecord_t *inst, isc_netaddr_t *na, isc_buffer_copyregion(&b, &inst->prefix); isc_buffer_init(&addrb, addrbdata, sizeof(addrbdata)); - result = isc_netaddr_totext(na, &addrb); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(isc_netaddr_totext(na, &addrb)); /* * IDN compatibility, as an IPv6 begining or ending with `::` will be @@ -468,11 +464,8 @@ synthrecord_initorigin(synthrecord_t *inst, const cfg_obj_t *synthrecordcfg, dns_name_init(&inst->origin); if (result == ISC_R_SUCCESS) { originstr = cfg_obj_asstring(obj); - result = dns_name_fromstring(&inst->origin, originstr, NULL, 0, - inst->mctx); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(dns_name_fromstring(&inst->origin, originstr, NULL, 0, + inst->mctx)); if (!dns_name_isabsolute(&inst->origin)) { isc_log_write(NS_LOGCATEGORY_GENERAL, @@ -517,11 +510,8 @@ synthrecord_parseallowsynth(synthrecord_t *inst, const cfg_obj_t *cfg, return result; } - result = cfg_acl_fromconfig(obj, cfg, aclctx, inst->mctx, 0, - &inst->allowedsynth); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(cfg_acl_fromconfig(obj, cfg, aclctx, inst->mctx, 0, + &inst->allowedsynth)); for (unsigned int i = 0; i < inst->allowedsynth->length; i++) { switch (inst->allowedsynth->elements[i].type) { diff --git a/bin/tests/system/dlzexternal/driver/driver.c b/bin/tests/system/dlzexternal/driver/driver.c index 47ab393e73..34a64c8c8a 100644 --- a/bin/tests/system/dlzexternal/driver/driver.c +++ b/bin/tests/system/dlzexternal/driver/driver.c @@ -502,10 +502,7 @@ dlz_lookup(const char *zone, const char *name, void *dbdata, loginfo("dlz_example: lookup connection from %s", buf); found = true; - result = state->putrr(lookup, "TXT", 0, buf); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(state->putrr(lookup, "TXT", 0, buf)); } if (strcmp(name, "too-long") == 0 || @@ -516,10 +513,7 @@ dlz_lookup(const char *zone, const char *name, void *dbdata, } buf[i] = '\0'; found = true; - result = state->putrr(lookup, "TXT", 0, buf); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(state->putrr(lookup, "TXT", 0, buf)); } /* Tests for DLZ redirection zones */ @@ -545,12 +539,9 @@ dlz_lookup(const char *zone, const char *name, void *dbdata, for (i = 0; i < MAX_RECORDS; i++) { if (strcasecmp(state->current[i].name, full_name) == 0) { found = true; - result = state->putrr(lookup, state->current[i].type, - state->current[i].ttl, - state->current[i].data); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(state->putrr(lookup, state->current[i].type, + state->current[i].ttl, + state->current[i].data)); } } @@ -616,17 +607,13 @@ dlz_allnodes(const char *zone, void *dbdata, dns_sdlzallnodes_t *allnodes) { } for (i = 0; i < MAX_RECORDS; i++) { - isc_result_t result; if (strlen(state->current[i].name) == 0U) { continue; } - result = state->putnamedrr(allnodes, state->current[i].name, - state->current[i].type, - state->current[i].ttl, - state->current[i].data); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(state->putnamedrr(allnodes, state->current[i].name, + state->current[i].type, + state->current[i].ttl, + state->current[i].data)); } return ISC_R_SUCCESS; diff --git a/bin/tools/named-makejournal.c b/bin/tools/named-makejournal.c index 3cdbd34df6..52cea70517 100644 --- a/bin/tools/named-makejournal.c +++ b/bin/tools/named-makejournal.c @@ -45,20 +45,11 @@ static isc_result_t loadzone(dns_db_t **db, const char *origin, const char *filename) { isc_result_t result; dns_fixedname_t fixed; - dns_name_t *name = NULL; + dns_name_t *name = dns_fixedname_initname(&fixed); - name = dns_fixedname_initname(&fixed); - - result = dns_name_fromstring(name, origin, dns_rootname, 0, NULL); - if (result != ISC_R_SUCCESS) { - return result; - } - - result = dns_db_create(isc_g_mctx, ZONEDB_DEFAULT, name, - dns_dbtype_zone, dns_rdataclass_in, 0, NULL, db); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(dns_name_fromstring(name, origin, dns_rootname, 0, NULL)); + RETERR(dns_db_create(isc_g_mctx, ZONEDB_DEFAULT, name, dns_dbtype_zone, + dns_rdataclass_in, 0, NULL, db)); result = dns_db_load(*db, filename, dns_masterformat_text, 0); if (result == DNS_R_SEENINCLUDE) { diff --git a/lib/dns/acl.c b/lib/dns/acl.c index d0a65a62d1..9c9faa3535 100644 --- a/lib/dns/acl.c +++ b/lib/dns/acl.c @@ -271,7 +271,6 @@ dns_acl_match_port_transport(const isc_netaddr_t *reqaddr, */ isc_result_t dns_acl_merge(dns_acl_t *dest, dns_acl_t *source, bool pos) { - isc_result_t result; unsigned int nelem, i; int max_node = 0, nodes; @@ -345,10 +344,7 @@ dns_acl_merge(dns_acl_t *dest, dns_acl_t *source, bool pos) { * node_count value is set correctly afterward. */ nodes = max_node + dns_acl_node_count(dest); - result = dns_iptable_merge(dest->iptable, source->iptable, pos); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(dns_iptable_merge(dest->iptable, source->iptable, pos)); if (nodes > dns_acl_node_count(dest)) { dns_acl_node_count(dest) = nodes; } diff --git a/lib/dns/adb.c b/lib/dns/adb.c index af36a8f878..467caa2662 100644 --- a/lib/dns/adb.c +++ b/lib/dns/adb.c @@ -2351,12 +2351,7 @@ print_find_list(FILE *f, dns_adbname_t *name) { static isc_result_t putstr(isc_buffer_t *b, const char *str) { - isc_result_t result; - - result = isc_buffer_reserve(b, strlen(str)); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(isc_buffer_reserve(b, strlen(str))); isc_buffer_putstr(b, str); return ISC_R_SUCCESS; diff --git a/lib/dns/cache.c b/lib/dns/cache.c index f93f725510..e9c904eda0 100644 --- a/lib/dns/cache.c +++ b/lib/dns/cache.c @@ -323,15 +323,11 @@ dns_cache_getservestalerefresh(dns_cache_t *cache) { isc_result_t dns_cache_flush(dns_cache_t *cache) { - dns_db_t *db = NULL, *olddb; - isc_mem_t *tmctx = NULL, *oldtmctx; - isc_mem_t *hmctx = NULL, *oldhmctx; - isc_result_t result; + dns_db_t *db = NULL, *olddb = NULL; + isc_mem_t *tmctx = NULL, *oldtmctx = NULL; + isc_mem_t *hmctx = NULL, *oldhmctx = NULL; - result = cache_create_db(cache, &db, &tmctx, &hmctx); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(cache_create_db(cache, &db, &tmctx, &hmctx)); LOCK(&cache->lock); isc_mem_clearwater(cache->tmctx); @@ -353,16 +349,13 @@ dns_cache_flush(dns_cache_t *cache) { static isc_result_t clearnode(dns_db_t *db, dns_dbnode_t *node) { - isc_result_t result; dns_rdatasetiter_t *iter = NULL; - result = dns_db_allrdatasets(db, node, NULL, DNS_DB_STALEOK, - (isc_stdtime_t)0, &iter); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(dns_db_allrdatasets(db, node, NULL, DNS_DB_STALEOK, + (isc_stdtime_t)0, &iter)); DNS_RDATASETITER_FOREACH(iter) { + isc_result_t result; dns_rdataset_t rdataset = DNS_RDATASET_INIT; dns_rdatasetiter_current(iter, &rdataset); @@ -375,7 +368,7 @@ clearnode(dns_db_t *db, dns_dbnode_t *node) { } dns_rdatasetiter_destroy(&iter); - return result; + return ISC_R_SUCCESS; } static isc_result_t diff --git a/lib/dns/catz.c b/lib/dns/catz.c index fb7b284dcb..44f2757c29 100644 --- a/lib/dns/catz.c +++ b/lib/dns/catz.c @@ -1200,18 +1200,12 @@ catz_process_coo(dns_catz_zone_t *catz, dns_label_t *mhash, return ISC_R_FAILURE; } - result = dns_rdataset_first(value); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(dns_rdataset_first(value)); dns_rdata_init(&rdata); dns_rdataset_current(value, &rdata); - result = dns_rdata_tostruct(&rdata, &ptr, NULL); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(dns_rdata_tostruct(&rdata, &ptr, NULL)); if (dns_name_countlabels(&ptr.ptr) == 0) { CHECK(ISC_R_FAILURE); @@ -1253,18 +1247,12 @@ catz_process_zones_entry(dns_catz_zone_t *catz, dns_rdataset_t *value, return ISC_R_FAILURE; } - result = dns_rdataset_first(value); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(dns_rdataset_first(value)); dns_rdata_init(&rdata); dns_rdataset_current(value, &rdata); - result = dns_rdata_tostruct(&rdata, &ptr, NULL); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(dns_rdata_tostruct(&rdata, &ptr, NULL)); result = isc_ht_find(catz->entries, mhash->base, mhash->length, (void **)&entry); @@ -1314,18 +1302,12 @@ catz_process_version(dns_catz_zone_t *catz, dns_rdataset_t *value) { return ISC_R_FAILURE; } - result = dns_rdataset_first(value); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(dns_rdataset_first(value)); dns_rdata_init(&rdata); dns_rdataset_current(value, &rdata); - result = dns_rdata_tostruct(&rdata, &rdatatxt, NULL); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(dns_rdata_tostruct(&rdata, &rdatatxt, NULL)); CHECK(dns_rdata_txt_first(&rdatatxt)); @@ -1559,10 +1541,7 @@ catz_process_apl(dns_catz_zone_t *catz, isc_buffer_t **aclbp, RUNTIME_CHECK(result == ISC_R_SUCCESS); dns_rdata_init(&rdata); dns_rdataset_current(value, &rdata); - result = dns_rdata_tostruct(&rdata, &rdata_apl, catz->catzs->mctx); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(dns_rdata_tostruct(&rdata, &rdata_apl, catz->catzs->mctx)); isc_buffer_allocate(catz->catzs->mctx, &aclb, 16); for (result = dns_rdata_apl_first(&rdata_apl); result == ISC_R_SUCCESS; result = dns_rdata_apl_next(&rdata_apl)) @@ -1802,10 +1781,7 @@ dns__catz_update_process(dns_catz_zone_t *catz, const dns_name_t *src_name, nrres = dns_name_fullcompare(src_name, &catz->name, &order, &nlabels); if (nrres == dns_namereln_equal) { if (rdataset->type == dns_rdatatype_soa) { - result = dns_rdataset_first(rdataset); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(dns_rdataset_first(rdataset)); dns_rdataset_current(rdataset, &rdata); result = dns_rdata_tostruct(&rdata, &soa, NULL); diff --git a/lib/dns/db.c b/lib/dns/db.c index 2ab84644c9..80f505d02b 100644 --- a/lib/dns/db.c +++ b/lib/dns/db.c @@ -317,10 +317,7 @@ dns_db_load(dns_db_t *db, const char *filename, dns_masterformat_t format, } dns_rdatacallbacks_init(&callbacks); - result = dns_db_beginload(db, &callbacks); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(dns_db_beginload(db, &callbacks)); result = dns_master_loadfile(filename, &db->origin, &db->origin, db->rdclass, options, 0, &callbacks, NULL, NULL, db->mctx, format, 0); @@ -697,10 +694,7 @@ dns_db_getsoaserial(dns_db_t *db, dns_dbversion_t *ver, uint32_t *serialp) { REQUIRE(dns_db_iszone(db) || dns_db_isstub(db)); - result = dns_db_findnode(db, dns_db_origin(db), false, &node); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(dns_db_findnode(db, dns_db_origin(db), false, &node)); dns_rdataset_init(&rdataset); result = dns_db_findrdataset(db, node, ver, dns_rdatatype_soa, 0, diff --git a/lib/dns/dispatch.c b/lib/dns/dispatch.c index 3927ef1162..67a27894d5 100644 --- a/lib/dns/dispatch.c +++ b/lib/dns/dispatch.c @@ -1328,10 +1328,7 @@ dispatch_createudp(dns_dispatchmgr_t *mgr, const isc_sockaddr_t *localaddr, */ isc_sockaddr_anyofpf(&sa_any, isc_sockaddr_pf(localaddr)); if (!isc_sockaddr_eqaddr(&sa_any, localaddr)) { - result = isc_nm_checkaddr(localaddr, isc_socktype_udp); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(isc_nm_checkaddr(localaddr, isc_socktype_udp)); } dispatch_allocate(mgr, isc_socktype_udp, tid, &disp); @@ -1978,15 +1975,9 @@ tcp_dispatch_connect(dns_dispatch_t *disp, dns_dispentry_t *resp) { } if (transport_type == DNS_TRANSPORT_TLS) { - isc_result_t result; - - result = dns_transport_get_tlsctx( - resp->transport, &resp->peer, resp->tlsctx_cache, - resp->mctx, &tlsctx, &sess_cache); - - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(dns_transport_get_tlsctx(resp->transport, &resp->peer, + resp->tlsctx_cache, resp->mctx, + &tlsctx, &sess_cache)); INSIST(tlsctx != NULL); } diff --git a/lib/dns/dns64.c b/lib/dns/dns64.c index f13c06ec12..92c4399998 100644 --- a/lib/dns/dns64.c +++ b/lib/dns/dns64.c @@ -131,7 +131,6 @@ dns_dns64_aaaafroma(const dns_dns64_t *dns64, const isc_netaddr_t *reqaddr, const dns_name_t *reqsigner, dns_aclenv_t *env, unsigned int flags, unsigned char *a, unsigned char *aaaa) { unsigned int nbytes, i; - isc_result_t result; int match; if ((dns64->flags & DNS_DNS64_RECURSIVE_ONLY) != 0 && @@ -147,11 +146,8 @@ dns_dns64_aaaafroma(const dns_dns64_t *dns64, const isc_netaddr_t *reqaddr, } if (dns64->clients != NULL && reqaddr != NULL) { - result = dns_acl_match(reqaddr, reqsigner, dns64->clients, env, - &match, NULL); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(dns_acl_match(reqaddr, reqsigner, dns64->clients, env, + &match, NULL)); if (match <= 0) { return DNS_R_DISALLOWED; } @@ -163,11 +159,8 @@ dns_dns64_aaaafroma(const dns_dns64_t *dns64, const isc_netaddr_t *reqaddr, memmove(&ina.s_addr, a, 4); isc_netaddr_fromin(&netaddr, &ina); - result = dns_acl_match(&netaddr, NULL, dns64->mapped, env, - &match, NULL); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(dns_acl_match(&netaddr, NULL, dns64->mapped, env, &match, + NULL)); if (match <= 0) { return DNS_R_DISALLOWED; } diff --git a/lib/dns/dnssec.c b/lib/dns/dnssec.c index 703366511d..f079dcc472 100644 --- a/lib/dns/dnssec.c +++ b/lib/dns/dnssec.c @@ -145,17 +145,13 @@ static isc_result_t digest_sig(dst_context_t *ctx, bool downcase, dns_rdata_t *sigrdata, dns_rdata_rrsig_t *rrsig) { isc_region_t r; - isc_result_t ret; dns_fixedname_t fname; dns_rdata_toregion(sigrdata, &r); INSIST(r.length >= 19); r.length = 18; - ret = dst_context_adddata(ctx, &r); - if (ret != ISC_R_SUCCESS) { - return ret; - } + RETERR(dst_context_adddata(ctx, &r)); if (downcase) { dns_fixedname_init(&fname); @@ -225,10 +221,7 @@ dns_dnssec_sign(const dns_name_t *name, dns_rdataset_t *set, dst_key_t *key, sig.timesigned = *inception; sig.timeexpire = *expire; sig.keyid = dst_key_id(key); - ret = dst_key_sigsize(key, &sigsize); - if (ret != ISC_R_SUCCESS) { - return ret; - } + RETERR(dst_key_sigsize(key, &sigsize)); sig.siglen = sigsize; /* * The actual contents of sig.signature are not important yet, since @@ -368,10 +361,7 @@ dns_dnssec_verify(const dns_name_t *name, dns_rdataset_t *set, dst_key_t *key, REQUIRE(mctx != NULL); REQUIRE(sigrdata != NULL && sigrdata->type == dns_rdatatype_rrsig); - ret = dns_rdata_tostruct(sigrdata, &sig, NULL); - if (ret != ISC_R_SUCCESS) { - return ret; - } + RETERR(dns_rdata_tostruct(sigrdata, &sig, NULL)); if (set->type != sig.covered) { return DNS_R_SIGINVALID; @@ -1701,15 +1691,11 @@ cleanup: isc_result_t dns_dnssec_make_dnskey(dst_key_t *key, unsigned char *buf, int bufsize, dns_rdata_t *target) { - isc_result_t result; isc_buffer_t b; isc_region_t r; isc_buffer_init(&b, buf, bufsize); - result = dst_key_todns(key, &b); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(dst_key_todns(key, &b)); dns_rdata_reset(target); isc_buffer_usedregion(&b, &r); @@ -1851,16 +1837,12 @@ static isc_result_t delete_cds(dns_dnsseckey_t *key, dns_rdata_t *keyrdata, const char *keystr, dns_rdataset_t *cds, unsigned int digesttype, dns_diff_t *diff, isc_mem_t *mctx) { - isc_result_t r; unsigned char dsbuf[DNS_DS_BUFFERSIZE]; dns_rdata_t cdsrdata = DNS_RDATA_INIT; dns_name_t *origin = dst_key_name(key->key); - r = dns_ds_buildrdata(origin, keyrdata, digesttype, dsbuf, - sizeof(dsbuf), &cdsrdata); - if (r != ISC_R_SUCCESS) { - return r; - } + RETERR(dns_ds_buildrdata(origin, keyrdata, digesttype, dsbuf, + sizeof(dsbuf), &cdsrdata)); cdsrdata.type = dns_rdatatype_cds; if (exists(cds, &cdsrdata)) { diff --git a/lib/dns/ds.c b/lib/dns/ds.c index 773a880127..e8c71a80c7 100644 --- a/lib/dns/ds.c +++ b/lib/dns/ds.c @@ -186,10 +186,7 @@ dns_ds_buildrdata(dns_name_t *owner, dns_rdata_t *key, dns_rdata_ds_t ds; isc_buffer_t b; - result = dns_ds_fromkeyrdata(owner, key, digest_type, digest, len, &ds); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(dns_ds_fromkeyrdata(owner, key, digest_type, digest, len, &ds)); memset(buffer, 0, DNS_DS_BUFFERSIZE); isc_buffer_init(&b, buffer, DNS_DS_BUFFERSIZE); diff --git a/lib/dns/dst_api.c b/lib/dns/dst_api.c index 3f9743e3b2..4b79f487ae 100644 --- a/lib/dns/dst_api.c +++ b/lib/dns/dst_api.c @@ -675,7 +675,6 @@ dst_key_fromdns(const dns_name_t *name, dns_rdataclass_t rdclass, dst_key_t *key = NULL; dns_keytag_t id, rid; isc_region_t r; - isc_result_t result; isc_buffer_remainingregion(source, &r); @@ -697,11 +696,8 @@ dst_key_fromdns(const dns_name_t *name, dns_rdataclass_t rdclass, flags |= (extflags << 16); } - result = frombuffer(name, alg, flags, proto, rdclass, source, mctx, - &key); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(frombuffer(name, alg, flags, proto, rdclass, source, mctx, + &key)); key->key_id = id; key->key_rid = rid; @@ -716,11 +712,8 @@ dst_key_frombuffer(const dns_name_t *name, unsigned int alg, unsigned int flags, dst_key_t *key = NULL; isc_result_t result; - result = frombuffer(name, alg, flags, protocol, rdclass, source, mctx, - &key); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(frombuffer(name, alg, flags, protocol, rdclass, source, mctx, + &key)); result = computeid(key); if (result != ISC_R_SUCCESS) { @@ -1900,17 +1893,10 @@ write_key_state(const dst_key_t *key, int type, const char *directory) { * Make the filename. */ isc_buffer_init(&fileb, filename, sizeof(filename)); - result = dst_key_buildfilename(key, DST_TYPE_STATE, directory, &fileb); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(dst_key_buildfilename(key, DST_TYPE_STATE, directory, &fileb)); isc_buffer_init(&tmpb, tmpname, sizeof(tmpname)); - result = dst_key_buildfilename(key, DST_TYPE_TEMPLATE, directory, - &tmpb); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(dst_key_buildfilename(key, DST_TYPE_TEMPLATE, directory, &tmpb)); mode_t mode = issymmetric(key) ? S_IRUSR | S_IWUSR : S_IRUSR | S_IWUSR | S_IRGRP | S_IROTH; @@ -1993,10 +1979,7 @@ write_public_key(const dst_key_t *key, int type, const char *directory) { isc_buffer_init(&textb, text_array, sizeof(text_array)); isc_buffer_init(&classb, class_array, sizeof(class_array)); - result = dst_key_todns(key, &keyb); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(dst_key_todns(key, &keyb)); isc_buffer_usedregion(&keyb, &r); dns_rdata_fromregion(&rdata, key->key_class, dns_rdatatype_dnskey, &r); @@ -2015,17 +1998,10 @@ write_public_key(const dst_key_t *key, int type, const char *directory) { * Make the filename. */ isc_buffer_init(&fileb, filename, sizeof(filename)); - result = dst_key_buildfilename(key, DST_TYPE_PUBLIC, directory, &fileb); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(dst_key_buildfilename(key, DST_TYPE_PUBLIC, directory, &fileb)); isc_buffer_init(&tmpb, tmpname, sizeof(tmpname)); - result = dst_key_buildfilename(key, DST_TYPE_TEMPLATE, directory, - &tmpb); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(dst_key_buildfilename(key, DST_TYPE_TEMPLATE, directory, &tmpb)); /* Create temporary public key file. */ mode_t mode = issymmetric(key) ? S_IRUSR | S_IWUSR @@ -2096,7 +2072,6 @@ static isc_result_t buildfilename(dns_name_t *name, dns_keytag_t id, unsigned int alg, unsigned int type, const char *directory, isc_buffer_t *out) { const char *suffix = ""; - isc_result_t result; REQUIRE(out != NULL); REQUIRE(alg != 0 && alg != DST_ALG_PRIVATEOID && @@ -2127,10 +2102,7 @@ buildfilename(dns_name_t *name, dns_keytag_t id, unsigned int alg, return ISC_R_NOSPACE; } isc_buffer_putstr(out, "K"); - result = dns_name_tofilenametext(name, false, out); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(dns_name_tofilenametext(name, false, out)); return isc_buffer_printf(out, "+%03d+%05d%s", alg, id, suffix); } diff --git a/lib/dns/dst_parse.c b/lib/dns/dst_parse.c index 0310f3be79..8622a3b129 100644 --- a/lib/dns/dst_parse.c +++ b/lib/dns/dst_parse.c @@ -619,11 +619,7 @@ dst__privstruct_writefile(const dst_key_t *key, const dst_private_t *priv, } isc_buffer_init(&fileb, filename, sizeof(filename)); - result = dst_key_buildfilename(key, DST_TYPE_PRIVATE, directory, - &fileb); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(dst_key_buildfilename(key, DST_TYPE_PRIVATE, directory, &fileb)); result = isc_file_mode(filename, &mode); if (result == ISC_R_SUCCESS && mode != (S_IRUSR | S_IWUSR)) { @@ -640,11 +636,7 @@ dst__privstruct_writefile(const dst_key_t *key, const dst_private_t *priv, } isc_buffer_init(&tmpb, tmpname, sizeof(tmpname)); - result = dst_key_buildfilename(key, DST_TYPE_TEMPLATE, directory, - &tmpb); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(dst_key_buildfilename(key, DST_TYPE_TEMPLATE, directory, &tmpb)); fp = dst_key_open(tmpname, S_IRUSR | S_IWUSR); if (fp == NULL) { diff --git a/lib/dns/hmac_link.c b/lib/dns/hmac_link.c index c84ce8efc1..1a9a163191 100644 --- a/lib/dns/hmac_link.c +++ b/lib/dns/hmac_link.c @@ -456,18 +456,15 @@ static isc_result_t hmac_parse(const isc_md_type_t *type, dst_key_t *key, isc_lex_t *lexer, dst_key_t *pub) { dst_private_t priv; - isc_result_t result, tresult; + isc_result_t result = ISC_R_SUCCESS, tresult; isc_buffer_t b; isc_mem_t *mctx = key->mctx; unsigned int i; UNUSED(pub); /* read private key file */ - result = dst__privstruct_parse(key, hmac__to_dst_alg(type), lexer, mctx, - &priv); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(dst__privstruct_parse(key, hmac__to_dst_alg(type), lexer, mctx, + &priv)); if (key->external) { result = DST_R_EXTERNALKEY; diff --git a/lib/dns/iptable.c b/lib/dns/iptable.c index c405ce54cd..3b2884dded 100644 --- a/lib/dns/iptable.c +++ b/lib/dns/iptable.c @@ -90,17 +90,12 @@ dns_iptable_addprefix(dns_iptable_t *tab, const isc_netaddr_t *addr, */ isc_result_t dns_iptable_merge(dns_iptable_t *tab, dns_iptable_t *source, bool pos) { - isc_result_t result; isc_radix_node_t *node, *new_node; int i, max_node = 0; RADIX_WALK(source->radix->head, node) { new_node = NULL; - result = isc_radix_insert(tab->radix, &new_node, node, NULL); - - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(isc_radix_insert(tab->radix, &new_node, node, NULL)); /* * If we're negating a nested ACL, then we should diff --git a/lib/dns/journal.c b/lib/dns/journal.c index 9c969a4a0a..46dff831bd 100644 --- a/lib/dns/journal.c +++ b/lib/dns/journal.c @@ -460,17 +460,12 @@ journal_fsync(dns_journal_t *j) { */ static isc_result_t journal_read_xhdr(dns_journal_t *j, journal_xhdr_t *xhdr) { - isc_result_t result; - j->it.cpos.offset = j->offset; switch (j->xhdr_version) { case XHDR_VERSION1: { journal_rawxhdr_ver1_t raw; - result = journal_read(j, &raw, sizeof(raw)); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(journal_read(j, &raw, sizeof(raw))); xhdr->size = decode_uint32(raw.size); xhdr->count = 0; xhdr->serial0 = decode_uint32(raw.serial0); @@ -481,10 +476,7 @@ journal_read_xhdr(dns_journal_t *j, journal_xhdr_t *xhdr) { case XHDR_VERSION2: { journal_rawxhdr_t raw; - result = journal_read(j, &raw, sizeof(raw)); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(journal_read(j, &raw, sizeof(raw))); xhdr->size = decode_uint32(raw.size); xhdr->count = decode_uint32(raw.count); xhdr->serial0 = decode_uint32(raw.serial0); @@ -524,12 +516,8 @@ journal_write_xhdr(dns_journal_t *j, uint32_t size, uint32_t count, static isc_result_t journal_read_rrhdr(dns_journal_t *j, journal_rrhdr_t *rrhdr) { journal_rawrrhdr_t raw; - isc_result_t result; - result = journal_read(j, &raw, sizeof(raw)); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(journal_read(j, &raw, sizeof(raw))); rrhdr->size = decode_uint32(raw.size); return ISC_R_SUCCESS; } @@ -929,10 +917,7 @@ journal_next(dns_journal_t *j, journal_pos_t *pos) { REQUIRE(DNS_JOURNAL_VALID(j)); - result = journal_seek(j, pos->offset); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(journal_seek(j, pos->offset)); if (pos->serial == j->header.end.serial) { return ISC_R_NOMORE; @@ -942,10 +927,7 @@ journal_next(dns_journal_t *j, journal_pos_t *pos) { * Read the header of the current transaction. * This will return ISC_R_NOMORE if we are at EOF. */ - result = journal_read_xhdr(j, &xhdr); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(journal_read_xhdr(j, &xhdr)); if (j->header_ver1) { CHECK(maybe_fixup_xhdr(j, &xhdr, pos->serial, pos->offset)); @@ -1096,7 +1078,6 @@ index_invalidate(dns_journal_t *j, uint32_t serial) { */ static isc_result_t journal_find(dns_journal_t *j, uint32_t serial, journal_pos_t *pos) { - isc_result_t result; journal_pos_t current_pos; REQUIRE(DNS_JOURNAL_VALID(j)); @@ -1119,10 +1100,7 @@ journal_find(dns_journal_t *j, uint32_t serial, journal_pos_t *pos) { if (DNS_SERIAL_GT(current_pos.serial, serial)) { return ISC_R_NOTFOUND; } - result = journal_next(j, ¤t_pos); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(journal_next(j, ¤t_pos)); } *pos = current_pos; return ISC_R_SUCCESS; @@ -2111,10 +2089,7 @@ get_name_diff(dns_db_t *db, dns_dbversion_t *ver, isc_stdtime_t now, dns_rdatasetiter_t *rdsiter = NULL; dns_difftuple_t *tuple = NULL; - result = dns_dbiterator_current(dbit, &node, name); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(dns_dbiterator_current(dbit, &node, name)); result = dns_db_allrdatasets(db, node, ver, 0, now, &rdsiter); if (result != ISC_R_SUCCESS) { @@ -2250,10 +2225,7 @@ diff_namespace(dns_db_t *dba, dns_dbversion_t *dbvera, dns_db_t *dbb, dns_fixedname_init(&fixname[0]); dns_fixedname_init(&fixname[1]); - result = dns_db_createiterator(db[0], options, &dbit[0]); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(dns_db_createiterator(db[0], options, &dbit[0])); result = dns_db_createiterator(db[1], options, &dbit[1]); if (result != ISC_R_SUCCESS) { goto cleanup_iterator; @@ -2363,11 +2335,8 @@ dns_db_diffx(dns_diff_t *diff, dns_db_t *dba, dns_dbversion_t *dbvera, dns_journal_t *journal = NULL; if (filename != NULL) { - result = dns_journal_open(diff->mctx, filename, - DNS_JOURNAL_CREATE, &journal); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(dns_journal_open(diff->mctx, filename, + DNS_JOURNAL_CREATE, &journal)); } CHECK(diff_namespace(dba, dbvera, dbb, dbverb, DNS_DB_NONSEC3, diff)); diff --git a/lib/dns/keystore.c b/lib/dns/keystore.c index ff05486f16..a08846e37e 100644 --- a/lib/dns/keystore.c +++ b/lib/dns/keystore.c @@ -134,7 +134,6 @@ buildpkcs11label(const char *uri, const dns_name_t *zname, const char *policy, bool ksk = ((flags & DNS_KEYFLAG_KSK) != 0); char timebuf[18]; isc_time_t now = isc_time_now(); - isc_result_t result; dns_fixedname_t fname; dns_name_t *pname = dns_fixedname_initname(&fname); @@ -146,10 +145,7 @@ buildpkcs11label(const char *uri, const dns_name_t *zname, const char *policy, isc_buffer_putstr(buf, uri); isc_buffer_putstr(buf, ";object="); /* zone name */ - result = dns_name_tofilenametext(zname, false, buf); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(dns_name_tofilenametext(zname, false, buf)); /* * policy name * @@ -161,14 +157,8 @@ buildpkcs11label(const char *uri, const dns_name_t *zname, const char *policy, return ISC_R_NOSPACE; } isc_buffer_putstr(buf, "-"); - result = dns_name_fromstring(pname, policy, dns_rootname, 0, NULL); - if (result != ISC_R_SUCCESS) { - return result; - } - result = dns_name_tofilenametext(pname, false, buf); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(dns_name_fromstring(pname, policy, dns_rootname, 0, NULL)); + RETERR(dns_name_tofilenametext(pname, false, buf)); /* key type + current time */ isc_time_formatshorttimestamp(&now, timebuf, sizeof(timebuf)); return isc_buffer_printf(buf, "-%s-%s", ksk ? "ksk" : "zsk", timebuf); diff --git a/lib/dns/keytable.c b/lib/dns/keytable.c index 67523178ea..1c04b95132 100644 --- a/lib/dns/keytable.c +++ b/lib/dns/keytable.c @@ -558,12 +558,7 @@ dns_keytable_issecuredomain(dns_keytable_t *keytable, const dns_name_t *name, static isc_result_t putstr(isc_buffer_t *b, const char *str) { - isc_result_t result; - - result = isc_buffer_reserve(b, strlen(str)); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(isc_buffer_reserve(b, strlen(str))); isc_buffer_putstr(b, str); return ISC_R_SUCCESS; diff --git a/lib/dns/master.c b/lib/dns/master.c index f42c0c1ec1..d6fe9dfe76 100644 --- a/lib/dns/master.c +++ b/lib/dns/master.c @@ -2204,17 +2204,12 @@ cleanup: static isc_result_t read_and_check(bool do_read, isc_buffer_t *buffer, size_t len, FILE *f, uint32_t *totallen) { - isc_result_t result; - REQUIRE(totallen != NULL); if (do_read) { INSIST(isc_buffer_availablelength(buffer) >= len); - result = isc_stdio_read(isc_buffer_used(buffer), 1, len, f, - NULL); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(isc_stdio_read(isc_buffer_used(buffer), 1, len, f, + NULL)); isc_buffer_add(buffer, (unsigned int)len); if (*totallen < len) { return ISC_R_RANGE; @@ -2336,10 +2331,7 @@ load_raw(dns_loadctx_t *lctx) { dctx = DNS_DECOMPRESS_NEVER; if (lctx->first) { - result = load_header(lctx); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(load_header(lctx)); } ISC_LIST_INIT(head); diff --git a/lib/dns/masterdump.c b/lib/dns/masterdump.c index ca5704204b..f80c40232a 100644 --- a/lib/dns/masterdump.c +++ b/lib/dns/masterdump.c @@ -645,11 +645,8 @@ rdataset_totext(dns_rdataset_t *rdataset, const dns_name_t *owner_name, INDENT_TO(ttl_column); if ((ctx->style.flags & DNS_STYLEFLAG_TTL_UNITS) != 0) { length = target->used; - result = dns_ttl_totext(rdataset->ttl, false, - false, target); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(dns_ttl_totext(rdataset->ttl, false, + false, target)); column += target->used - length; } else { length = snprintf(ttlbuf, sizeof(ttlbuf), "%u", @@ -1740,17 +1737,13 @@ dns_master_dumptostreamasync(isc_mem_t *mctx, dns_db_t *db, isc_loop_t *loop, dns_dumpdonefunc_t done, void *done_arg, dns_dumpctx_t **dctxp) { dns_dumpctx_t *dctx = NULL; - isc_result_t result; REQUIRE(loop != NULL); REQUIRE(f != NULL); REQUIRE(done != NULL); - result = dumpctx_create(mctx, db, version, style, f, &dctx, - dns_masterformat_text, NULL); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(dumpctx_create(mctx, db, version, style, f, &dctx, + dns_masterformat_text, NULL)); dctx->done = done; dctx->done_arg = done_arg; @@ -1768,11 +1761,8 @@ dns_master_dumptostream(isc_mem_t *mctx, dns_db_t *db, dns_dbversion_t *version, dns_dumpctx_t *dctx = NULL; isc_result_t result; - result = dumpctx_create(mctx, db, version, style, f, &dctx, format, - header); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(dumpctx_create(mctx, db, version, style, f, &dctx, format, + header)); result = dumptostream(dctx); INSIST(result != DNS_R_CONTINUE); @@ -1871,10 +1861,7 @@ dns_master_dump(isc_mem_t *mctx, dns_db_t *db, dns_dbversion_t *version, char *tempname; dns_dumpctx_t *dctx = NULL; - result = opentmp(mctx, filename, &tempname, &f); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(opentmp(mctx, filename, &tempname, &f)); CHECK(dumpctx_create(mctx, db, version, style, f, &dctx, format, header)); diff --git a/lib/dns/message.c b/lib/dns/message.c index bd68f18a6f..f1701c98c2 100644 --- a/lib/dns/message.c +++ b/lib/dns/message.c @@ -295,15 +295,13 @@ msgblock_free(isc_mem_t *mctx, dns_msgblock_t *block, * "current" buffer. (which is always the last on the list, for our * uses) */ -static isc_result_t +static void newbuffer(dns_message_t *msg, unsigned int size) { - isc_buffer_t *dynbuf; + isc_buffer_t *dynbuf = NULL; - dynbuf = NULL; isc_buffer_allocate(msg->mctx, &dynbuf, size); ISC_LIST_APPEND(msg->scratchpad, dynbuf, link); - return ISC_R_SUCCESS; } static isc_buffer_t * @@ -849,11 +847,7 @@ getname(dns_name_t *name, isc_buffer_t *source, dns_message_t *msg, if (result == ISC_R_NOSPACE) { tries++; - result = newbuffer(msg, SCRATCHPAD_SIZE); - if (result != ISC_R_SUCCESS) { - return result; - } - + newbuffer(msg, SCRATCHPAD_SIZE); scratch = currentbuffer(msg); dns_name_reset(name); } else { @@ -906,10 +900,7 @@ getrdata(isc_buffer_t *source, dns_message_t *msg, dns_decompress_t dctx, trysize *= 2; } tries++; - result = newbuffer(msg, trysize); - if (result != ISC_R_SUCCESS) { - return result; - } + newbuffer(msg, trysize); scratch = currentbuffer(msg); } else { @@ -2217,10 +2208,7 @@ dns_message_renderend(dns_message_t *msg) { if (msg->tsigkey != NULL) { dns_message_renderrelease(msg, msg->sig_reserved); msg->sig_reserved = 0; - result = dns_tsig_sign(msg); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(dns_tsig_sign(msg)); count = 0; result = renderset(msg->tsig, msg->tsigname, msg->id, msg->cctx, msg->buffer, msg->reserved, 0, &count); @@ -2236,10 +2224,7 @@ dns_message_renderend(dns_message_t *msg) { if (msg->sig0key != NULL) { dns_message_renderrelease(msg, msg->sig_reserved); msg->sig_reserved = 0; - result = dns_dnssec_signmessage(msg, msg->sig0key); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(dns_dnssec_signmessage(msg, msg->sig0key)); count = 0; /* * Note: dns_rootname is used here, not msg->sig0name, since @@ -2648,10 +2633,7 @@ dns_message_setopt(dns_message_t *msg) { REQUIRE(msg->from_to_wire == DNS_MESSAGE_INTENTRENDER); REQUIRE(msg->state == DNS_SECTION_ANY); - result = buildopt(msg, &opt); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(buildopt(msg, &opt)); msgresetopt(msg); @@ -2766,7 +2748,6 @@ dns_message_setquerytsig(dns_message_t *msg, isc_buffer_t *querytsig) { isc_result_t dns_message_getquerytsig(dns_message_t *msg, isc_mem_t *mctx, isc_buffer_t **querytsig) { - isc_result_t result; dns_rdata_t rdata = DNS_RDATA_INIT; isc_region_t r; @@ -2778,10 +2759,7 @@ dns_message_getquerytsig(dns_message_t *msg, isc_mem_t *mctx, return ISC_R_SUCCESS; } - result = dns_rdataset_first(msg->tsig); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(dns_rdataset_first(msg->tsig)); dns_rdataset_current(msg->tsig, &rdata); dns_rdata_toregion(&rdata, &r); @@ -2917,10 +2895,7 @@ dns_message_signer(dns_message_t *msg, dns_name_t *signer) { INSIST(result == ISC_R_SUCCESS); dns_rdataset_current(msg->sig0, &rdata); - result = dns_rdata_tostruct(&rdata, &sig, NULL); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(dns_rdata_tostruct(&rdata, &sig, NULL)); if (msg->verified_sig && msg->sig0status == dns_rcode_noerror) { result = ISC_R_SUCCESS; @@ -3111,10 +3086,7 @@ dns_message_checksig(dns_message_t *msg, dns_view_t *view) { return ISC_R_UNEXPECTEDEND; } - result = dns_rdata_tostruct(&sigrdata, &sig, NULL); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(dns_rdata_tostruct(&sigrdata, &sig, NULL)); dns_rdataset_init(&keyset); if (view == NULL) { @@ -4168,11 +4140,8 @@ dns_message_pseudosectiontotext(dns_message_t *msg, dns_pseudosection_t section, switch (optcode) { case DNS_OPT_LLQ: if (optlen == 18U) { - result = render_llq(&optbuf, msg, style, - target); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(render_llq(&optbuf, msg, style, + target)); ADD_STRING(target, "\n"); continue; } @@ -4225,11 +4194,8 @@ dns_message_pseudosectiontotext(dns_message_t *msg, dns_pseudosection_t section, snprintf(buf, sizeof(buf), " %u", secs); ADD_STRING(target, buf); ADD_STRING(target, " ("); - result = dns_ttl_totext(secs, true, - true, target); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(dns_ttl_totext(secs, true, true, + target)); ADD_STRING(target, ")\n"); continue; } @@ -4479,7 +4445,7 @@ isc_result_t dns_message_headertotext(dns_message_t *msg, const dns_master_style_t *style, dns_messagetextflag_t flags, isc_buffer_t *target) { char buf[sizeof("1234567890")]; - isc_result_t result; + isc_result_t result = ISC_R_SUCCESS; REQUIRE(DNS_MESSAGE_VALID(msg)); REQUIRE(target != NULL); @@ -4495,10 +4461,7 @@ dns_message_headertotext(dns_message_t *msg, const dns_master_style_t *style, ADD_STRING(target, "\n"); INDENT(style); ADD_STRING(target, "status: "); - result = dns_rcode_totext(msg->rcode, target); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(dns_rcode_totext(msg->rcode, target)); ADD_STRING(target, "\n"); INDENT(style); ADD_STRING(target, "id: "); @@ -4581,10 +4544,7 @@ dns_message_headertotext(dns_message_t *msg, const dns_master_style_t *style, ADD_STRING(target, ";; ->>HEADER<<- opcode: "); ADD_STRING(target, opcodetext[msg->opcode]); ADD_STRING(target, ", status: "); - result = dns_rcode_totext(msg->rcode, target); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(dns_rcode_totext(msg->rcode, target)); ADD_STRING(target, ", id: "); snprintf(buf, sizeof(buf), "%6u", msg->id); ADD_STRING(target, buf); @@ -4659,55 +4619,24 @@ cleanup: isc_result_t dns_message_totext(dns_message_t *msg, const dns_master_style_t *style, dns_messagetextflag_t flags, isc_buffer_t *target) { - isc_result_t result; - REQUIRE(DNS_MESSAGE_VALID(msg)); REQUIRE(target != NULL); - result = dns_message_headertotext(msg, style, flags, target); - if (result != ISC_R_SUCCESS) { - return result; - } - - result = dns_message_pseudosectiontotext(msg, DNS_PSEUDOSECTION_OPT, - style, flags, target); - if (result != ISC_R_SUCCESS) { - return result; - } - - result = dns_message_sectiontotext(msg, DNS_SECTION_QUESTION, style, - flags, target); - if (result != ISC_R_SUCCESS) { - return result; - } - - result = dns_message_sectiontotext(msg, DNS_SECTION_ANSWER, style, - flags, target); - if (result != ISC_R_SUCCESS) { - return result; - } - - result = dns_message_sectiontotext(msg, DNS_SECTION_AUTHORITY, style, - flags, target); - if (result != ISC_R_SUCCESS) { - return result; - } - - result = dns_message_sectiontotext(msg, DNS_SECTION_ADDITIONAL, style, - flags, target); - if (result != ISC_R_SUCCESS) { - return result; - } - - result = dns_message_pseudosectiontotext(msg, DNS_PSEUDOSECTION_TSIG, - style, flags, target); - if (result != ISC_R_SUCCESS) { - return result; - } - - result = dns_message_pseudosectiontotext(msg, DNS_PSEUDOSECTION_SIG0, - style, flags, target); - return result; + RETERR(dns_message_headertotext(msg, style, flags, target)); + RETERR(dns_message_pseudosectiontotext(msg, DNS_PSEUDOSECTION_OPT, + style, flags, target)); + RETERR(dns_message_sectiontotext(msg, DNS_SECTION_QUESTION, style, + flags, target)); + RETERR(dns_message_sectiontotext(msg, DNS_SECTION_ANSWER, style, flags, + target)); + RETERR(dns_message_sectiontotext(msg, DNS_SECTION_AUTHORITY, style, + flags, target)); + RETERR(dns_message_sectiontotext(msg, DNS_SECTION_ADDITIONAL, style, + flags, target)); + RETERR(dns_message_pseudosectiontotext(msg, DNS_PSEUDOSECTION_TSIG, + style, flags, target)); + return dns_message_pseudosectiontotext(msg, DNS_PSEUDOSECTION_SIG0, + style, flags, target); } isc_region_t * diff --git a/lib/dns/name.c b/lib/dns/name.c index 9613d7e3b4..c9b3709c1e 100644 --- a/lib/dns/name.c +++ b/lib/dns/name.c @@ -1707,7 +1707,6 @@ dns_name_dynamic(const dns_name_t *name) { isc_result_t dns_name_print(const dns_name_t *name, FILE *stream) { - isc_result_t result; isc_buffer_t b; isc_region_t r; char t[1024]; @@ -1719,10 +1718,7 @@ dns_name_print(const dns_name_t *name, FILE *stream) { REQUIRE(DNS_NAME_VALID(name)); isc_buffer_init(&b, t, sizeof(t)); - result = dns_name_totext(name, 0, &b); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(dns_name_totext(name, 0, &b)); isc_buffer_usedregion(&b, &r); fprintf(stream, "%.*s", (int)r.length, (char *)r.base); @@ -1774,7 +1770,6 @@ dns_name_format(const dns_name_t *name, char *cp, unsigned int size) { */ isc_result_t dns_name_tostring(const dns_name_t *name, char **target, isc_mem_t *mctx) { - isc_result_t result; isc_buffer_t buf; isc_region_t reg; char *p, txt[DNS_NAME_FORMATSIZE]; @@ -1783,10 +1778,7 @@ dns_name_tostring(const dns_name_t *name, char **target, isc_mem_t *mctx) { REQUIRE(target != NULL && *target == NULL); isc_buffer_init(&buf, txt, sizeof(txt)); - result = dns_name_totext(name, 0, &buf); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(dns_name_totext(name, 0, &buf)); isc_buffer_usedregion(&buf, ®); p = isc_mem_allocate(mctx, reg.length + 1); @@ -1801,7 +1793,6 @@ isc_result_t dns_name_fromstring(dns_name_t *target, const char *src, const dns_name_t *origin, unsigned int options, isc_mem_t *mctx) { - isc_result_t result; isc_buffer_t buf; dns_fixedname_t fn; dns_name_t *name; @@ -1816,15 +1807,13 @@ dns_name_fromstring(dns_name_t *target, const char *src, name = dns_fixedname_initname(&fn); } - result = dns_name_fromtext(name, &buf, origin, options); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(dns_name_fromtext(name, &buf, origin, options)); if (name != target) { dns_name_dup(name, mctx, target); } - return result; + + return ISC_R_SUCCESS; } void diff --git a/lib/dns/ncache.c b/lib/dns/ncache.c index 3436321105..54e72928fb 100644 --- a/lib/dns/ncache.c +++ b/lib/dns/ncache.c @@ -68,7 +68,6 @@ copy_rdataset(dns_rdataset_t *rdataset, isc_buffer_t *buffer) { isc_buffer_putuint16(buffer, (uint16_t)count); DNS_RDATASET_FOREACH(rdataset) { - isc_result_t result; dns_rdata_t rdata = DNS_RDATA_INIT; dns_rdataset_current(rdataset, &rdata); @@ -85,10 +84,7 @@ copy_rdataset(dns_rdataset_t *rdataset, isc_buffer_t *buffer) { /* * Copy the rdata to the buffer. */ - result = isc_buffer_copyregion(buffer, &r); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(isc_buffer_copyregion(buffer, &r)); } return ISC_R_SUCCESS; @@ -142,8 +138,6 @@ dns_ncache_add(dns_message_t *message, dns_db_t *cache, dns_dbnode_t *node, isc_buffer_init(&buffer, data, sizeof(data)); MSG_SECTION_FOREACH(message, DNS_SECTION_AUTHORITY, name) { - result = ISC_R_SUCCESS; - if (name->attributes.ncache) { ISC_LIST_FOREACH(name->list, rdataset, link) { if (!rdataset->attributes.ncache) { @@ -169,11 +163,8 @@ dns_ncache_add(dns_message_t *message, dns_db_t *cache, dns_dbnode_t *node, * Copy the owner name to the buffer. */ dns_name_toregion(name, &r); - result = isc_buffer_copyregion(&buffer, - &r); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(isc_buffer_copyregion(&buffer, + &r)); /* * Copy the type to the buffer. */ @@ -189,11 +180,8 @@ dns_ncache_add(dns_message_t *message, dns_db_t *cache, dns_dbnode_t *node, /* * Copy the rdataset into the buffer. */ - result = copy_rdataset(rdataset, - &buffer); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(copy_rdataset(rdataset, + &buffer)); if (next >= DNS_NCACHE_RDATA) { return ISC_R_NOSPACE; diff --git a/lib/dns/nsec.c b/lib/dns/nsec.c index 1ebc6e8995..145ada6b17 100644 --- a/lib/dns/nsec.c +++ b/lib/dns/nsec.c @@ -95,7 +95,6 @@ isc_result_t dns_nsec_buildrdata(dns_db_t *db, dns_dbversion_t *version, dns_dbnode_t *node, const dns_name_t *target, unsigned char *buffer, dns_rdata_t *rdata) { - isc_result_t result; isc_region_t r; unsigned int i; unsigned char *nsec_bits, *bm; @@ -118,10 +117,7 @@ dns_nsec_buildrdata(dns_db_t *db, dns_dbversion_t *version, dns_dbnode_t *node, dns_nsec_setbit(bm, dns_rdatatype_nsec, 1); max_type = dns_rdatatype_nsec; rdsiter = NULL; - result = dns_db_allrdatasets(db, node, version, 0, 0, &rdsiter); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(dns_db_allrdatasets(db, node, version, 0, 0, &rdsiter)); DNS_RDATASETITER_FOREACH(rdsiter) { dns_rdataset_t rdataset = DNS_RDATASET_INIT; dns_rdatasetiter_current(rdsiter, &rdataset); @@ -243,10 +239,7 @@ dns_nsec_nseconly(dns_db_t *db, dns_dbversion_t *version, dns_diff_t *diff, dns_rdataset_init(&rdataset); - result = dns_db_getoriginnode(db, &node); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(dns_db_getoriginnode(db, &node)); result = dns_db_findrdataset(db, node, version, dns_rdatatype_dnskey, 0, 0, &rdataset, NULL); @@ -419,10 +412,7 @@ dns_nsec_noexistnodata(dns_rdatatype_t type, const dns_name_t *name, return DNS_R_DNAME; } - result = dns_rdata_tostruct(&rdata, &nsec, NULL); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(dns_rdata_tostruct(&rdata, &nsec, NULL)); relation = dns_name_fullcompare(&nsec.next, name, &order, &nlabels); if (order == 0) { dns_rdata_freestruct(&nsec); diff --git a/lib/dns/nsec3.c b/lib/dns/nsec3.c index 164b5f6900..ff53e90be9 100644 --- a/lib/dns/nsec3.c +++ b/lib/dns/nsec3.c @@ -53,7 +53,6 @@ dns_nsec3_buildrdata(dns_db_t *db, dns_dbversion_t *version, dns_dbnode_t *node, size_t salt_length, const unsigned char *nexthash, size_t hash_length, unsigned char *buffer, dns_rdata_t *rdata) { - isc_result_t result; isc_region_t r; unsigned int i; bool found; @@ -108,10 +107,7 @@ dns_nsec3_buildrdata(dns_db_t *db, dns_dbversion_t *version, dns_dbnode_t *node, goto collapse_bitmap; } rdsiter = NULL; - result = dns_db_allrdatasets(db, node, version, 0, 0, &rdsiter); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(dns_db_allrdatasets(db, node, version, 0, 0, &rdsiter)); found = found_ns = need_rrsig = false; DNS_RDATASETITER_FOREACH(rdsiter) { dns_rdataset_t rdataset = DNS_RDATASET_INIT; @@ -883,10 +879,7 @@ dns_nsec3_addnsec3s(dns_db_t *db, dns_dbversion_t *version, /* * Find the NSEC3 parameters for this zone. */ - result = dns_db_getoriginnode(db, &node); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(dns_db_getoriginnode(db, &node)); result = dns_db_findrdataset(db, node, version, dns_rdatatype_nsec3param, 0, 0, &rdataset, @@ -1016,7 +1009,6 @@ cleanup: isc_result_t dns_nsec3param_salttotext(dns_rdata_nsec3param_t *nsec3param, char *dst, size_t dstlen) { - isc_result_t result; isc_region_t r; isc_buffer_t b; @@ -1035,10 +1027,7 @@ dns_nsec3param_salttotext(dns_rdata_nsec3param_t *nsec3param, char *dst, r.length = nsec3param->salt_length; isc_buffer_init(&b, dst, (unsigned int)dstlen); - result = isc_hex_totext(&r, 2, "", &b); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(isc_hex_totext(&r, 2, "", &b)); if (isc_buffer_availablelength(&b) < 1) { return ISC_R_NOSPACE; @@ -1064,10 +1053,7 @@ dns_nsec3param_deletechains(dns_db_t *db, dns_dbversion_t *ver, dns_name_init(&next); dns_rdataset_init(&rdataset); - result = dns_db_getoriginnode(db, &node); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(dns_db_getoriginnode(db, &node)); /* * Cause all NSEC3 chains to be deleted. @@ -1180,10 +1166,7 @@ dns_nsec3_addnsec3sx(dns_db_t *db, dns_dbversion_t *version, /* * Find the NSEC3 parameters for this zone. */ - result = dns_db_getoriginnode(db, &node); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(dns_db_getoriginnode(db, &node)); result = dns_db_findrdataset(db, node, version, type, 0, 0, &prdataset, NULL); @@ -1588,10 +1571,7 @@ dns_nsec3_delnsec3sx(dns_db_t *db, dns_dbversion_t *version, /* * Find the NSEC3 parameters for this zone. */ - result = dns_db_getoriginnode(db, &node); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(dns_db_getoriginnode(db, &node)); result = dns_db_findrdataset(db, node, version, dns_rdatatype_nsec3param, 0, 0, &rdataset, @@ -1693,10 +1673,7 @@ dns_nsec3_activex(dns_db_t *db, dns_dbversion_t *version, bool complete, dns_rdataset_init(&rdataset); - result = dns_db_getoriginnode(db, &node); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(dns_db_getoriginnode(db, &node)); result = dns_db_findrdataset(db, node, version, dns_rdatatype_nsec3param, 0, 0, &rdataset, @@ -1819,10 +1796,7 @@ dns_nsec3_noexistnodata(dns_rdatatype_t type, const dns_name_t *name, dns_rdataset_current(nsec3set, &rdata); - result = dns_rdata_tostruct(&rdata, &nsec3, NULL); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(dns_rdata_tostruct(&rdata, &nsec3, NULL)); (*logit)(arg, ISC_LOG_DEBUG(3), "looking for relevant NSEC3"); @@ -1884,10 +1858,7 @@ dns_nsec3_noexistnodata(dns_rdatatype_t type, const dns_name_t *name, dns_name_getlabel(nsec3name, 0, &hashlabel); isc_region_consume(&hashlabel, 1); isc_buffer_init(&buffer, owner, sizeof(owner)); - result = isc_base32hex_decoderegion(&hashlabel, &buffer); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(isc_base32hex_decoderegion(&hashlabel, &buffer)); /* * The hash lengths should match. If not ignore the record. diff --git a/lib/dns/nta.c b/lib/dns/nta.c index a026c752f1..e2a20faf8b 100644 --- a/lib/dns/nta.c +++ b/lib/dns/nta.c @@ -453,12 +453,7 @@ done: static isc_result_t putstr(isc_buffer_t *b, const char *str) { - isc_result_t result; - - result = isc_buffer_reserve(b, strlen(str)); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(isc_buffer_reserve(b, strlen(str))); isc_buffer_putstr(b, str); return ISC_R_SUCCESS; diff --git a/lib/dns/opensslecdsa_link.c b/lib/dns/opensslecdsa_link.c index b2f2f2ea7c..6fd0cca842 100644 --- a/lib/dns/opensslecdsa_link.c +++ b/lib/dns/opensslecdsa_link.c @@ -916,22 +916,18 @@ cleanup: static isc_result_t opensslecdsa_generate(dst_key_t *key, int unused, void (*callback)(int)) { - isc_result_t ret; EVP_PKEY *pkey = NULL; REQUIRE(opensslecdsa_valid_key_alg(key->key_alg)); UNUSED(unused); UNUSED(callback); - ret = opensslecdsa_generate_pkey(key->key_alg, key->label, &pkey); - if (ret != ISC_R_SUCCESS) { - return ret; - } + RETERR(opensslecdsa_generate_pkey(key->key_alg, key->label, &pkey)); key->key_size = EVP_PKEY_bits(pkey); key->keydata.pkeypair.priv = pkey; key->keydata.pkeypair.pub = pkey; - return ret; + return ISC_R_SUCCESS; } static isc_result_t diff --git a/lib/dns/openssleddsa_link.c b/lib/dns/openssleddsa_link.c index ea164be6f9..b51e40a058 100644 --- a/lib/dns/openssleddsa_link.c +++ b/lib/dns/openssleddsa_link.c @@ -330,7 +330,6 @@ openssleddsa_todns(const dst_key_t *key, isc_buffer_t *data) { static isc_result_t openssleddsa_fromdns(dst_key_t *key, isc_buffer_t *data) { const eddsa_alginfo_t *alginfo = openssleddsa_alg_info(key->key_alg); - isc_result_t ret; isc_region_t r; size_t len; EVP_PKEY *pkey = NULL; @@ -343,10 +342,7 @@ openssleddsa_fromdns(dst_key_t *key, isc_buffer_t *data) { } len = r.length; - ret = raw_key_to_ossl(alginfo, 0, r.base, &len, &pkey); - if (ret != ISC_R_SUCCESS) { - return ret; - } + RETERR(raw_key_to_ossl(alginfo, 0, r.base, &len, &pkey)); isc_buffer_forward(data, len); key->keydata.pkeypair.pub = pkey; diff --git a/lib/dns/peer.c b/lib/dns/peer.c index 194f55b004..c5771703ec 100644 --- a/lib/dns/peer.c +++ b/lib/dns/peer.c @@ -485,11 +485,8 @@ dns_peer_setkeybycharp(dns_peer_t *peer, const char *keyval) { dns_fixedname_init(&fname); isc_buffer_constinit(&b, keyval, strlen(keyval)); isc_buffer_add(&b, strlen(keyval)); - result = dns_name_fromtext(dns_fixedname_name(&fname), &b, dns_rootname, - 0); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(dns_name_fromtext(dns_fixedname_name(&fname), &b, dns_rootname, + 0)); name = isc_mem_get(peer->mem, sizeof(dns_name_t)); diff --git a/lib/dns/qpcache.c b/lib/dns/qpcache.c index 5ef3d1be63..725d51fe9c 100644 --- a/lib/dns/qpcache.c +++ b/lib/dns/qpcache.c @@ -1508,11 +1508,8 @@ find_coveringnsec(qpc_search_t *search, const dns_name_t *name, * Lookup the predecessor in the normal namespace. */ node = NULL; - result = dns_qp_getname(search->qpdb->tree, predecessor, - DNS_DBNAMESPACE_NORMAL, (void **)&node, NULL); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(dns_qp_getname(search->qpdb->tree, predecessor, + DNS_DBNAMESPACE_NORMAL, (void **)&node, NULL)); dns_name_copy(&node->name, fname); nlock = &search->qpdb->buckets[node->locknum].lock; diff --git a/lib/dns/rdata.c b/lib/dns/rdata.c index ed7d0ad146..5ad80cebc9 100644 --- a/lib/dns/rdata.c +++ b/lib/dns/rdata.c @@ -1252,33 +1252,23 @@ dns_rdata_fromtext(dns_rdata_t *rdata, dns_rdataclass_t rdclass, static isc_result_t unknown_totext(dns_rdata_t *rdata, dns_rdata_textctx_t *tctx, isc_buffer_t *target) { - isc_result_t result; + isc_result_t result = ISC_R_SUCCESS; char buf[sizeof("65535")]; isc_region_t sr; strlcpy(buf, "\\# ", sizeof(buf)); - result = str_totext(buf, target); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(str_totext(buf, target)); dns_rdata_toregion(rdata, &sr); INSIST(sr.length < 65536); snprintf(buf, sizeof(buf), "%u", sr.length); - result = str_totext(buf, target); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(str_totext(buf, target)); if (sr.length != 0U) { if ((tctx->flags & DNS_STYLEFLAG_MULTILINE) != 0) { - result = str_totext(" ( ", target); + RETERR(str_totext(" ( ", target)); } else { - result = str_totext(" ", target); - } - - if (result != ISC_R_SUCCESS) { - return result; + RETERR(str_totext(" ", target)); } if (tctx->width == 0) { /* No splitting */ diff --git a/lib/dns/rdata/generic/lp_107.c b/lib/dns/rdata/generic/lp_107.c index 1351ab420f..f2fe025af8 100644 --- a/lib/dns/rdata/generic/lp_107.c +++ b/lib/dns/rdata/generic/lp_107.c @@ -187,7 +187,6 @@ static isc_result_t additionaldata_lp(ARGS_ADDLDATA) { dns_name_t name; isc_region_t region; - isc_result_t result; REQUIRE(rdata->type == dns_rdatatype_lp); @@ -198,10 +197,7 @@ additionaldata_lp(ARGS_ADDLDATA) { isc_region_consume(®ion, 2); dns_name_fromregion(&name, ®ion); - result = (add)(arg, &name, dns_rdatatype_l32, NULL DNS__DB_FILELINE); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR((add)(arg, &name, dns_rdatatype_l32, NULL DNS__DB_FILELINE)); return (add)(arg, &name, dns_rdatatype_l64, NULL DNS__DB_FILELINE); } diff --git a/lib/dns/rdata/generic/minfo_14.c b/lib/dns/rdata/generic/minfo_14.c index 2eb8036d9f..96b738251e 100644 --- a/lib/dns/rdata/generic/minfo_14.c +++ b/lib/dns/rdata/generic/minfo_14.c @@ -255,17 +255,13 @@ static isc_result_t digest_minfo(ARGS_DIGEST) { isc_region_t r; dns_name_t name; - isc_result_t result; REQUIRE(rdata->type == dns_rdatatype_minfo); dns_rdata_toregion(rdata, &r); dns_name_init(&name); dns_name_fromregion(&name, &r); - result = dns_name_digest(&name, digest, arg); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(dns_name_digest(&name, digest, arg)); isc_region_consume(&r, name_length(&name)); dns_name_init(&name); dns_name_fromregion(&name, &r); diff --git a/lib/dns/rdata/generic/mx_15.c b/lib/dns/rdata/generic/mx_15.c index 25cbfe9224..474fae4409 100644 --- a/lib/dns/rdata/generic/mx_15.c +++ b/lib/dns/rdata/generic/mx_15.c @@ -282,10 +282,7 @@ additionaldata_mx(ARGS_ADDLDATA) { return ISC_R_SUCCESS; } - result = (add)(arg, &name, dns_rdatatype_a, NULL DNS__DB_FILELINE); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR((add)(arg, &name, dns_rdatatype_a, NULL DNS__DB_FILELINE)); dns_fixedname_init(&fixed); result = dns_name_concatenate(&port25, &name, diff --git a/lib/dns/rdata/generic/naptr_35.c b/lib/dns/rdata/generic/naptr_35.c index fcc11a5b84..158dea6f88 100644 --- a/lib/dns/rdata/generic/naptr_35.c +++ b/lib/dns/rdata/generic/naptr_35.c @@ -626,7 +626,6 @@ static isc_result_t digest_naptr(ARGS_DIGEST) { isc_region_t r1, r2; unsigned int length, n; - isc_result_t result; dns_name_t name; REQUIRE(rdata->type == dns_rdatatype_naptr); @@ -666,10 +665,7 @@ digest_naptr(ARGS_DIGEST) { * Digest the RR up to the replacement name. */ r1.length = length; - result = (digest)(arg, &r1); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR((digest)(arg, &r1)); /* * Replacement. diff --git a/lib/dns/rdata/generic/nxt_30.c b/lib/dns/rdata/generic/nxt_30.c index 95bd1e8de8..1eec28ffd8 100644 --- a/lib/dns/rdata/generic/nxt_30.c +++ b/lib/dns/rdata/generic/nxt_30.c @@ -290,17 +290,13 @@ static isc_result_t digest_nxt(ARGS_DIGEST) { isc_region_t r; dns_name_t name; - isc_result_t result; REQUIRE(rdata->type == dns_rdatatype_nxt); dns_rdata_toregion(rdata, &r); dns_name_init(&name); dns_name_fromregion(&name, &r); - result = dns_name_digest(&name, digest, arg); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(dns_name_digest(&name, digest, arg)); isc_region_consume(&r, name_length(&name)); return (digest)(arg, &r); diff --git a/lib/dns/rdata/generic/rt_21.c b/lib/dns/rdata/generic/rt_21.c index 1138fb7525..8323f9233c 100644 --- a/lib/dns/rdata/generic/rt_21.c +++ b/lib/dns/rdata/generic/rt_21.c @@ -239,7 +239,6 @@ static isc_result_t additionaldata_rt(ARGS_ADDLDATA) { dns_name_t name; isc_region_t region; - isc_result_t result; REQUIRE(rdata->type == dns_rdatatype_rt); @@ -250,21 +249,14 @@ additionaldata_rt(ARGS_ADDLDATA) { isc_region_consume(®ion, 2); dns_name_fromregion(&name, ®ion); - result = (add)(arg, &name, dns_rdatatype_x25, NULL DNS__DB_FILELINE); - if (result != ISC_R_SUCCESS) { - return result; - } - result = (add)(arg, &name, dns_rdatatype_isdn, NULL DNS__DB_FILELINE); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR((add)(arg, &name, dns_rdatatype_x25, NULL DNS__DB_FILELINE)); + RETERR((add)(arg, &name, dns_rdatatype_isdn, NULL DNS__DB_FILELINE)); return (add)(arg, &name, dns_rdatatype_a, NULL DNS__DB_FILELINE); } static isc_result_t digest_rt(ARGS_DIGEST) { isc_region_t r1, r2; - isc_result_t result; dns_name_t name; REQUIRE(rdata->type == dns_rdatatype_rt); @@ -273,10 +265,7 @@ digest_rt(ARGS_DIGEST) { r2 = r1; isc_region_consume(&r2, 2); r1.length = 2; - result = (digest)(arg, &r1); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR((digest)(arg, &r1)); dns_name_init(&name); dns_name_fromregion(&name, &r2); return dns_name_digest(&name, digest, arg); diff --git a/lib/dns/rdata/generic/txt_16.c b/lib/dns/rdata/generic/txt_16.c index b61ee8889c..d4e9878aba 100644 --- a/lib/dns/rdata/generic/txt_16.c +++ b/lib/dns/rdata/generic/txt_16.c @@ -71,17 +71,12 @@ generic_totext_txt(ARGS_TOTEXT) { static isc_result_t generic_fromwire_txt(ARGS_FROMWIRE) { - isc_result_t result; - UNUSED(type); UNUSED(dctx); UNUSED(rdclass); do { - result = txt_fromwire(source, target); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(txt_fromwire(source, target)); } while (!buffer_empty(source)); return ISC_R_SUCCESS; } diff --git a/lib/dns/rdata/in_1/a6_38.c b/lib/dns/rdata/in_1/a6_38.c index e6c14ed74b..99f9e3cb9a 100644 --- a/lib/dns/rdata/in_1/a6_38.c +++ b/lib/dns/rdata/in_1/a6_38.c @@ -415,7 +415,6 @@ static isc_result_t digest_in_a6(ARGS_DIGEST) { isc_region_t r1, r2; unsigned char prefixlen, octets; - isc_result_t result; dns_name_t name; REQUIRE(rdata->type == dns_rdatatype_a6); @@ -427,10 +426,7 @@ digest_in_a6(ARGS_DIGEST) { octets = 1 + 16 - prefixlen / 8; r1.length = octets; - result = (digest)(arg, &r1); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR((digest)(arg, &r1)); if (prefixlen == 0) { return ISC_R_SUCCESS; } diff --git a/lib/dns/rdata/in_1/px_26.c b/lib/dns/rdata/in_1/px_26.c index 46e82202d4..cfc24d5d3c 100644 --- a/lib/dns/rdata/in_1/px_26.c +++ b/lib/dns/rdata/in_1/px_26.c @@ -309,7 +309,6 @@ static isc_result_t digest_in_px(ARGS_DIGEST) { isc_region_t r1, r2; dns_name_t name; - isc_result_t result; REQUIRE(rdata->type == dns_rdatatype_px); REQUIRE(rdata->rdclass == dns_rdataclass_in); @@ -318,16 +317,10 @@ digest_in_px(ARGS_DIGEST) { r2 = r1; isc_region_consume(&r2, 2); r1.length = 2; - result = (digest)(arg, &r1); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR((digest)(arg, &r1)); dns_name_init(&name); dns_name_fromregion(&name, &r2); - result = dns_name_digest(&name, digest, arg); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(dns_name_digest(&name, digest, arg)); isc_region_consume(&r2, name_length(&name)); dns_name_init(&name); dns_name_fromregion(&name, &r2); diff --git a/lib/dns/rdata/in_1/srv_33.c b/lib/dns/rdata/in_1/srv_33.c index c0b2cf86e3..755a875180 100644 --- a/lib/dns/rdata/in_1/srv_33.c +++ b/lib/dns/rdata/in_1/srv_33.c @@ -328,10 +328,7 @@ additionaldata_in_srv(ARGS_ADDLDATA) { return ISC_R_SUCCESS; } - result = (add)(arg, &name, dns_rdatatype_a, NULL DNS__DB_FILELINE); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR((add)(arg, &name, dns_rdatatype_a, NULL DNS__DB_FILELINE)); dns_fixedname_init(&fixed); snprintf(buf, sizeof(buf), "_%u._tcp", port); diff --git a/lib/dns/rdataset.c b/lib/dns/rdataset.c index 593b09771e..c418bed890 100644 --- a/lib/dns/rdataset.c +++ b/lib/dns/rdataset.c @@ -447,13 +447,9 @@ dns_rdataset_additionaldata(dns_rdataset_t *rdataset, } DNS_RDATASET_FOREACH(rdataset) { - isc_result_t result; dns_rdata_t rdata = DNS_RDATA_INIT; dns_rdataset_current(rdataset, &rdata); - result = dns_rdata_additionaldata(&rdata, owner_name, add, arg); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(dns_rdata_additionaldata(&rdata, owner_name, add, arg)); } return ISC_R_SUCCESS; diff --git a/lib/dns/request.c b/lib/dns/request.c index 00556da402..46148c2bb0 100644 --- a/lib/dns/request.c +++ b/lib/dns/request.c @@ -748,8 +748,6 @@ dns_request_cancel(dns_request_t *request) { isc_result_t dns_request_getresponse(dns_request_t *request, dns_message_t *message, unsigned int options) { - isc_result_t result; - REQUIRE(VALID_REQUEST(request)); REQUIRE(request->tid == isc_tid()); REQUIRE(request->answer != NULL); @@ -757,18 +755,12 @@ dns_request_getresponse(dns_request_t *request, dns_message_t *message, req_log(ISC_LOG_DEBUG(3), "%s: request %p", __func__, request); dns_message_setquerytsig(message, request->tsig); - result = dns_message_settsigkey(message, request->tsigkey); - if (result != ISC_R_SUCCESS) { - return result; - } - result = dns_message_parse(message, request->answer, options); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(dns_message_settsigkey(message, request->tsigkey)); + RETERR(dns_message_parse(message, request->answer, options)); if (request->tsigkey != NULL) { - result = dns_tsig_verify(request->answer, message, NULL, NULL); + RETERR(dns_tsig_verify(request->answer, message, NULL, NULL)); } - return result; + return ISC_R_SUCCESS; } isc_buffer_t * diff --git a/lib/dns/resconf.c b/lib/dns/resconf.c index 9a31ddeb28..e53666c70c 100644 --- a/lib/dns/resconf.c +++ b/lib/dns/resconf.c @@ -281,7 +281,6 @@ static isc_result_t resconf_parsenameserver(irs_resconf_t *conf, FILE *fp) { char word[RESCONFMAXLINELEN]; int cp; - isc_result_t result; cp = getword(fp, word, sizeof(word)); if (cp == EOF || strlen(word) == 0U) { @@ -298,10 +297,7 @@ resconf_parsenameserver(irs_resconf_t *conf, FILE *fp) { return ISC_R_SUCCESS; } - result = add_server(conf->mctx, word, &conf->nameservers); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(add_server(conf->mctx, word, &conf->nameservers)); conf->numns++; return ISC_R_SUCCESS; @@ -370,7 +366,6 @@ static isc_result_t resconf_parsesearch(irs_resconf_t *conf, FILE *fp) { int delim; char word[RESCONFMAXLINELEN]; - isc_result_t result; if (conf->domainname != NULL) { /* @@ -389,10 +384,7 @@ resconf_parsesearch(irs_resconf_t *conf, FILE *fp) { return ISC_R_UNEXPECTEDEND; /* Nothing else on line. */ } do { - result = add_search(conf, word); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(add_search(conf, word)); if (delim == '\n') { break; diff --git a/lib/dns/resolver.c b/lib/dns/resolver.c index 2d17165054..018d76e739 100644 --- a/lib/dns/resolver.c +++ b/lib/dns/resolver.c @@ -6174,7 +6174,7 @@ rctx_cache_insecure(respctx_t *rctx, dns_message_t *message, dns_name_t *name, static isc_result_t rctx_cachename(respctx_t *rctx, dns_message_t *message, dns_name_t *name) { - isc_result_t result; + isc_result_t result = ISC_R_SUCCESS; fetchctx_t *fctx = rctx->fctx; resquery_t *query = rctx->query; dns_resolver_t *res = fctx->res; @@ -6198,10 +6198,7 @@ rctx_cachename(respctx_t *rctx, dns_message_t *message, dns_name_t *name) { /* * Find or create the cache node. */ - result = dns_db_findnode(fctx->cache, name, true, &node); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(dns_db_findnode(fctx->cache, name, true, &node)); /* * Cache or validate each cacheable rdataset. @@ -6239,9 +6236,7 @@ rctx_cachename(respctx_t *rctx, dns_message_t *message, dns_name_t *name) { result = rctx_cache_insecure(rctx, message, name, node, rdataset, sigrdataset); } - if (result != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(result); } /* diff --git a/lib/dns/rootns.c b/lib/dns/rootns.c index f672ea5d54..f5eadd9839 100644 --- a/lib/dns/rootns.c +++ b/lib/dns/rootns.c @@ -101,7 +101,6 @@ static struct upcoming { static isc_result_t in_rootns(dns_rdataset_t *rootns, dns_name_t *name) { - isc_result_t result; dns_rdata_ns_t ns; if (!dns_rdataset_isassociated(rootns)) { @@ -111,10 +110,7 @@ in_rootns(dns_rdataset_t *rootns, dns_name_t *name) { DNS_RDATASET_FOREACH(rootns) { dns_rdata_t rdata = DNS_RDATA_INIT; dns_rdataset_current(rootns, &rdata); - result = dns_rdata_tostruct(&rdata, &ns, NULL); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(dns_rdata_tostruct(&rdata, &ns, NULL)); if (dns_name_compare(name, &ns.name) == 0) { return ISC_R_SUCCESS; } diff --git a/lib/dns/rpz.c b/lib/dns/rpz.c index 6004190b94..e0e9bbd6d4 100644 --- a/lib/dns/rpz.c +++ b/lib/dns/rpz.c @@ -1480,7 +1480,6 @@ dns_rpz_new_zones(dns_view_t *view, dns_rpz_zones_t **rpzsp, bool first_time) { isc_result_t dns_rpz_new_zone(dns_rpz_zones_t *rpzs, dns_rpz_zone_t **rpzp) { - isc_result_t result; dns_rpz_zone_t *rpz = NULL; REQUIRE(DNS_RPZ_ZONES_VALID(rpzs)); @@ -1490,10 +1489,7 @@ dns_rpz_new_zone(dns_rpz_zones_t *rpzs, dns_rpz_zone_t **rpzp) { return ISC_R_NOSPACE; } - result = dns__rpz_shuttingdown(rpzs); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(dns__rpz_shuttingdown(rpzs)); rpz = isc_mem_get(rpzs->mctx, sizeof(*rpz)); *rpz = (dns_rpz_zone_t){ diff --git a/lib/dns/rriterator.c b/lib/dns/rriterator.c index 2adf531cb3..3e468cbe5f 100644 --- a/lib/dns/rriterator.c +++ b/lib/dns/rriterator.c @@ -37,17 +37,13 @@ isc_result_t dns_rriterator_init(dns_rriterator_t *it, dns_db_t *db, dns_dbversion_t *ver, isc_stdtime_t now) { - isc_result_t result; it->magic = RRITERATOR_MAGIC; it->db = db; it->dbit = NULL; it->ver = ver; it->now = now; it->node = NULL; - result = dns_db_createiterator(it->db, 0, &it->dbit); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(dns_db_createiterator(it->db, 0, &it->dbit)); it->rdatasetit = NULL; dns_rdata_init(&it->rdata); dns_rdataset_init(&it->rdataset); diff --git a/lib/dns/sdlz.c b/lib/dns/sdlz.c index 1393bc909a..96adec1e39 100644 --- a/lib/dns/sdlz.c +++ b/lib/dns/sdlz.c @@ -492,30 +492,18 @@ getnodedata(dns_db_t *db, const dns_name_t *name, bool create, dns_name_countlabels(&sdlz->common.origin); dns_name_init(&relname); dns_name_getlabelsequence(name, 0, labels, &relname); - result = dns_name_totext(&relname, DNS_NAME_OMITFINALDOT, &b); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(dns_name_totext(&relname, DNS_NAME_OMITFINALDOT, &b)); } else { - result = dns_name_totext(name, DNS_NAME_OMITFINALDOT, &b); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(dns_name_totext(name, DNS_NAME_OMITFINALDOT, &b)); } isc_buffer_putuint8(&b, 0); isc_buffer_init(&b2, zonestr, sizeof(zonestr)); - result = dns_name_totext(&sdlz->common.origin, DNS_NAME_OMITFINALDOT, - &b2); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(dns_name_totext(&sdlz->common.origin, DNS_NAME_OMITFINALDOT, + &b2)); isc_buffer_putuint8(&b2, 0); - result = createnode(sdlz, &node); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(createnode(sdlz, &node)); isorigin = dns_name_equal(name, &sdlz->common.origin); @@ -687,11 +675,8 @@ createiterator(dns_db_t *db, unsigned int options, } isc_buffer_init(&b, zonestr, sizeof(zonestr)); - result = dns_name_totext(&sdlz->common.origin, DNS_NAME_OMITFINALDOT, - &b); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(dns_name_totext(&sdlz->common.origin, DNS_NAME_OMITFINALDOT, + &b)); isc_buffer_putuint8(&b, 0); sdlziter = isc_mem_get(sdlz->common.mctx, sizeof(sdlz_dbiterator_t)); @@ -1336,19 +1321,13 @@ dns_sdlzallowzonexfr(void *driverarg, void *dbdata, isc_mem_t *mctx, /* Convert DNS name to ascii text */ isc_buffer_init(&b, namestr, sizeof(namestr)); - result = dns_name_totext(name, DNS_NAME_OMITFINALDOT, &b); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(dns_name_totext(name, DNS_NAME_OMITFINALDOT, &b)); isc_buffer_putuint8(&b, 0); /* convert client address to ascii text */ isc_buffer_init(&b2, clientstr, sizeof(clientstr)); isc_netaddr_fromsockaddr(&netaddr, clientaddr); - result = isc_netaddr_totext(&netaddr, &b2); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(isc_netaddr_totext(&netaddr, &b2)); isc_buffer_putuint8(&b2, 0); /* make sure strings are always lowercase */ @@ -1455,10 +1434,7 @@ dns_sdlzfindzone(void *driverarg, void *dbdata, isc_mem_t *mctx, /* Convert DNS name to ascii text */ isc_buffer_init(&b, namestr, sizeof(namestr)); - result = dns_name_totext(name, DNS_NAME_OMITFINALDOT, &b); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(dns_name_totext(name, DNS_NAME_OMITFINALDOT, &b)); isc_buffer_putuint8(&b, 0); /* make sure strings are always lowercase */ @@ -1599,10 +1575,7 @@ dns_sdlz_putrr(dns_sdlzlookup_t *lookup, const char *type, dns_ttl_t ttl, r.base = type; r.length = strlen(type); - result = dns_rdatatype_fromtext(&typeval, (void *)&r); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(dns_rdatatype_fromtext(&typeval, (void *)&r)); rdatalist = ISC_LIST_HEAD(lookup->lists); while (rdatalist != NULL) { @@ -1702,7 +1675,6 @@ dns_sdlz_putnamedrr(dns_sdlzallnodes_t *allnodes, const char *name, dns_sdlznode_t *sdlznode; isc_mem_t *mctx = sdlz->common.mctx; isc_buffer_t b; - isc_result_t result; newname = dns_fixedname_initname(&fnewname); @@ -1714,10 +1686,7 @@ dns_sdlz_putnamedrr(dns_sdlzallnodes_t *allnodes, const char *name, isc_buffer_constinit(&b, name, strlen(name)); isc_buffer_add(&b, strlen(name)); - result = dns_name_fromtext(newname, &b, origin, 0); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(dns_name_fromtext(newname, &b, origin, 0)); if (allnodes->common.relative_names) { /* All names are relative to the root */ @@ -1728,10 +1697,7 @@ dns_sdlz_putnamedrr(dns_sdlzallnodes_t *allnodes, const char *name, sdlznode = ISC_LIST_HEAD(allnodes->nodelist); if (sdlznode == NULL || !dns_name_equal(&sdlznode->name, newname)) { sdlznode = NULL; - result = createnode(sdlz, &sdlznode); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(createnode(sdlz, &sdlznode)); dns_name_dup(newname, mctx, &sdlznode->name); ISC_LIST_PREPEND(allnodes->nodelist, sdlznode, link); if (allnodes->origin == NULL && diff --git a/lib/dns/skr.c b/lib/dns/skr.c index 34a259963d..fd57d4bcf3 100644 --- a/lib/dns/skr.c +++ b/lib/dns/skr.c @@ -142,8 +142,6 @@ skrbundle_addtuple(dns_skrbundle_t *bundle, dns_difftuple_t **tuple) { isc_result_t dns_skrbundle_getsig(dns_skrbundle_t *bundle, dst_key_t *key, dns_rdatatype_t covering_type, dns_rdata_t *sigrdata) { - isc_result_t result = ISC_R_SUCCESS; - REQUIRE(DNS_SKRBUNDLE_VALID(bundle)); REQUIRE(DNS_DIFF_VALID(&bundle->diff)); @@ -155,10 +153,7 @@ dns_skrbundle_getsig(dns_skrbundle_t *bundle, dst_key_t *key, } INSIST(tuple->rdata.type == dns_rdatatype_rrsig); - result = dns_rdata_tostruct(&tuple->rdata, &rrsig, NULL); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(dns_rdata_tostruct(&tuple->rdata, &rrsig, NULL)); /* * Check if covering type matches, and if the signature is diff --git a/lib/dns/time.c b/lib/dns/time.c index ae23ce0a99..ec49f522e0 100644 --- a/lib/dns/time.c +++ b/lib/dns/time.c @@ -204,11 +204,8 @@ dns_time64_fromtext(const char *source, int64_t *target) { isc_result_t dns_time32_fromtext(const char *source, uint32_t *target) { int64_t value64; - isc_result_t result; - result = dns_time64_fromtext(source, &value64); - if (result != ISC_R_SUCCESS) { - return result; - } + + RETERR(dns_time64_fromtext(source, &value64)); *target = (uint32_t)value64; return ISC_R_SUCCESS; diff --git a/lib/dns/tkey.c b/lib/dns/tkey.c index 4618f5ff58..c3b1154fda 100644 --- a/lib/dns/tkey.c +++ b/lib/dns/tkey.c @@ -574,10 +574,7 @@ find_tkey(dns_message_t *msg, dns_name_t **name, dns_rdata_t *rdata, result = dns_message_findtype(cur, dns_rdatatype_tkey, 0, &tkeyset); if (result == ISC_R_SUCCESS) { - result = dns_rdataset_first(tkeyset); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(dns_rdataset_first(tkeyset)); dns_rdataset_current(tkeyset, rdata); *name = cur; diff --git a/lib/dns/tsig.c b/lib/dns/tsig.c index 88b9d18213..03bcc37a4c 100644 --- a/lib/dns/tsig.c +++ b/lib/dns/tsig.c @@ -350,38 +350,26 @@ restore_key(dns_tsigkeyring_t *ring, isc_stdtime_t now, FILE *fp) { name = dns_fixedname_initname(&fname); isc_buffer_init(&b, namestr, strlen(namestr)); isc_buffer_add(&b, strlen(namestr)); - result = dns_name_fromtext(name, &b, dns_rootname, 0); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(dns_name_fromtext(name, &b, dns_rootname, 0)); creator = dns_fixedname_initname(&fcreator); isc_buffer_init(&b, creatorstr, strlen(creatorstr)); isc_buffer_add(&b, strlen(creatorstr)); - result = dns_name_fromtext(creator, &b, dns_rootname, 0); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(dns_name_fromtext(creator, &b, dns_rootname, 0)); algorithm = dns_fixedname_initname(&falgorithm); isc_buffer_init(&b, algorithmstr, strlen(algorithmstr)); isc_buffer_add(&b, strlen(algorithmstr)); - result = dns_name_fromtext(algorithm, &b, dns_rootname, 0); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(dns_name_fromtext(algorithm, &b, dns_rootname, 0)); dstalg = dns__tsig_algfromname(algorithm); if (dstalg == DST_ALG_UNKNOWN) { return DNS_R_BADALG; } - result = dst_key_restore(name, dstalg, DNS_KEYOWNER_ENTITY, - DNS_KEYPROTO_DNSSEC, dns_rdataclass_in, - ring->mctx, keystr, &dstkey); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(dst_key_restore(name, dstalg, DNS_KEYOWNER_ENTITY, + DNS_KEYPROTO_DNSSEC, dns_rdataclass_in, + ring->mctx, keystr, &dstkey)); result = dns_tsigkey_createfromkey(name, dstalg, dstkey, true, true, creator, inception, expire, @@ -483,13 +471,10 @@ dns_tsigkey_create(const dns_name_t *name, dst_algorithm_t algorithm, isc_buffer_init(&b, secret, length); isc_buffer_add(&b, length); - result = dst_key_frombuffer( + RETERR(dst_key_frombuffer( name, algorithm, DNS_KEYOWNER_ENTITY, DNS_KEYPROTO_DNSSEC, dns_rdataclass_in, &b, - mctx, &dstkey); - if (result != ISC_R_SUCCESS) { - return result; - } + mctx, &dstkey)); } } else if (length > 0) { return DNS_R_BADALG; @@ -609,11 +594,8 @@ dns_tsig_sign(dns_message_t *msg) { * has validated at this point. This is why we include a * MAC length > 0 in the reply. */ - result = dst_context_create(key->key, mctx, - DNS_LOGCATEGORY_DNSSEC, true, &ctx); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(dst_context_create(key->key, mctx, + DNS_LOGCATEGORY_DNSSEC, true, &ctx)); /* * If this is a response, and if there was a TSIG in @@ -880,26 +862,14 @@ dns_tsig_verify(isc_buffer_t *source, dns_message_t *msg, */ keyname = msg->tsigname; - result = dns_rdataset_first(msg->tsig); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(dns_rdataset_first(msg->tsig)); dns_rdataset_current(msg->tsig, &rdata); - result = dns_rdata_tostruct(&rdata, &tsig, NULL); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(dns_rdata_tostruct(&rdata, &tsig, NULL)); dns_rdata_reset(&rdata); if (response) { - result = dns_rdataset_first(msg->querytsig); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(dns_rdataset_first(msg->querytsig)); dns_rdataset_current(msg->querytsig, &rdata); - result = dns_rdata_tostruct(&rdata, &querytsig, NULL); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(dns_rdata_tostruct(&rdata, &querytsig, NULL)); } /* @@ -940,11 +910,8 @@ dns_tsig_verify(isc_buffer_t *source, dns_message_t *msg, if (result != ISC_R_SUCCESS) { msg->tsigstatus = dns_tsigerror_badkey; alg = dns__tsig_algfromname(&tsig.algorithm); - result = dns_tsigkey_create(keyname, alg, NULL, 0, mctx, - &msg->tsigkey); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(dns_tsigkey_create(keyname, alg, NULL, 0, mctx, + &msg->tsigkey)); if (alg == DST_ALG_UNKNOWN) { dns_name_clone(&tsig.algorithm, &msg->tsigkey->algname); @@ -962,10 +929,7 @@ dns_tsig_verify(isc_buffer_t *source, dns_message_t *msg, * Check digest length. */ alg = dst_key_alg(key); - result = dst_key_sigsize(key, &siglen); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(dst_key_sigsize(key, &siglen)); if (dns__tsig_algvalid(alg)) { if (tsig.siglen > siglen) { tsig_log(msg->tsigkey, 2, "signature length too big"); @@ -986,11 +950,8 @@ dns_tsig_verify(isc_buffer_t *source, dns_message_t *msg, sig_r.base = tsig.signature; sig_r.length = tsig.siglen; - result = dst_context_create(key, mctx, DNS_LOGCATEGORY_DNSSEC, - false, &ctx); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(dst_context_create(key, mctx, DNS_LOGCATEGORY_DNSSEC, + false, &ctx)); if (response) { isc_buffer_init(&databuf, data, sizeof(data)); @@ -1220,15 +1181,9 @@ tsig_verify_tcp(isc_buffer_t *source, dns_message_t *msg) { /* * Extract and parse the previous TSIG */ - result = dns_rdataset_first(msg->querytsig); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(dns_rdataset_first(msg->querytsig)); dns_rdataset_current(msg->querytsig, &rdata); - result = dns_rdata_tostruct(&rdata, &querytsig, NULL); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(dns_rdata_tostruct(&rdata, &querytsig, NULL)); dns_rdata_reset(&rdata); /* diff --git a/lib/dns/update.c b/lib/dns/update.c index b741a75c90..1927df5ab5 100644 --- a/lib/dns/update.c +++ b/lib/dns/update.c @@ -204,17 +204,13 @@ typedef struct { */ static isc_result_t foreach_node_rr_action(void *data, dns_rdataset_t *rdataset) { - isc_result_t result; foreach_node_rr_ctx_t *ctx = data; DNS_RDATASET_FOREACH(rdataset) { rr_t rr = { 0, DNS_RDATA_INIT }; dns_rdataset_current(rdataset, &rr.rdata); rr.ttl = rdataset->ttl; - result = (*ctx->rr_action)(ctx->rr_action_data, &rr); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR((*ctx->rr_action)(ctx->rr_action_data, &rr)); } return ISC_R_SUCCESS; diff --git a/lib/dns/validator.c b/lib/dns/validator.c index 555e65d6a9..0c7122c7f3 100644 --- a/lib/dns/validator.c +++ b/lib/dns/validator.c @@ -1180,13 +1180,10 @@ seek_dnskey(dns_validator_t *val) { * we had a key with trust level "answer" and * a DS record for the zone has now been added. */ - result = create_validator( + RETERR(create_validator( val, &siginfo->signer, dns_rdatatype_dnskey, &val->frdataset, &val->fsigrdataset, - validator_callback_dnskey, "seek_dnskey"); - if (result != ISC_R_SUCCESS) { - return result; - } + validator_callback_dnskey, "seek_dnskey")); return DNS_R_WAIT; } else if (val->frdataset.trust < dns_trust_secure) { /* @@ -1223,12 +1220,8 @@ seek_dnskey(dns_validator_t *val) { /* * We don't know anything about this key. */ - result = create_fetch(val, &siginfo->signer, - dns_rdatatype_dnskey, - fetch_callback_dnskey, "seek_dnskey"); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(create_fetch(val, &siginfo->signer, dns_rdatatype_dnskey, + fetch_callback_dnskey, "seek_dnskey")); return DNS_R_WAIT; case DNS_R_NCACHENXDOMAIN: @@ -1908,11 +1901,8 @@ check_signer(dns_validator_t *val, dns_rdata_t *keyrdata, uint16_t keyid, dst_key_t *dstkey = NULL; dns_rdataset_t rdataset = DNS_RDATASET_INIT; - result = dns_dnssec_keyfromrdata(val->name, keyrdata, val->view->mctx, - &dstkey); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(dns_dnssec_keyfromrdata(val->name, keyrdata, val->view->mctx, + &dstkey)); dns_rdataset_clone(val->sigrdataset, &rdataset); DNS_RDATASET_FOREACH(&rdataset) { @@ -2365,7 +2355,7 @@ static isc_result_t val_rdataset_first(dns_validator_t *val, dns_name_t **namep, dns_rdataset_t **rdatasetp) { dns_message_t *message = val->message; - isc_result_t result; + isc_result_t result = ISC_R_SUCCESS; REQUIRE(rdatasetp != NULL); REQUIRE(namep != NULL); @@ -2378,10 +2368,7 @@ val_rdataset_first(dns_validator_t *val, dns_name_t **namep, } if (message != NULL) { - result = dns_message_firstname(message, DNS_SECTION_AUTHORITY); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(dns_message_firstname(message, DNS_SECTION_AUTHORITY)); dns_message_currentname(message, DNS_SECTION_AUTHORITY, namep); *rdatasetp = ISC_LIST_HEAD((*namep)->list); INSIST(*rdatasetp != NULL); @@ -2391,6 +2378,7 @@ val_rdataset_first(dns_validator_t *val, dns_name_t **namep, dns_ncache_current(val->rdataset, *namep, *rdatasetp); } } + return result; } @@ -2745,8 +2733,6 @@ findnsec3proofs(dns_validator_t *val) { static isc_result_t validate_neg_rrset(dns_validator_t *val, dns_name_t *name, dns_rdataset_t *rdataset, dns_rdataset_t *sigrdataset) { - isc_result_t result; - /* * If a signed zone is missing the zone key, bad * things could happen. A query for data in the zone @@ -2763,10 +2749,7 @@ validate_neg_rrset(dns_validator_t *val, dns_name_t *name, { dns_rdata_t nsec = DNS_RDATA_INIT; - result = dns_rdataset_first(rdataset); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(dns_rdataset_first(rdataset)); dns_rdataset_current(rdataset, &nsec); if (dns_nsec_typepresent(&nsec, dns_rdatatype_soa)) { return DNS_R_CONTINUE; @@ -2774,12 +2757,9 @@ validate_neg_rrset(dns_validator_t *val, dns_name_t *name, } val->nxset = rdataset; - result = create_validator(val, name, rdataset->type, rdataset, - sigrdataset, validator_callback_nsec, - "validate_neg_rrset"); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(create_validator(val, name, rdataset->type, rdataset, + sigrdataset, validator_callback_nsec, + "validate_neg_rrset")); val->authcount++; return DNS_R_WAIT; @@ -2984,10 +2964,7 @@ validate_nx(dns_validator_t *val, bool resume) { if (FOUNDNOQNAME(val) && FOUNDCLOSEST(val) && ((NEEDNODATA(val) && !FOUNDNODATA(val)) || NEEDNOWILDCARD(val))) { - result = checkwildcard(val, dns_rdatatype_nsec, NULL); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(checkwildcard(val, dns_rdatatype_nsec, NULL)); } if ((NEEDNODATA(val) && (FOUNDNODATA(val) || FOUNDOPTOUT(val))) || @@ -3664,7 +3641,6 @@ dns_validator_create(dns_view_t *view, dns_name_t *name, dns_rdatatype_t type, isc_counter_t *nvalidations, isc_counter_t *nfails, isc_counter_t *qc, isc_counter_t *gqc, fetchctx_t *parent, dns_edectx_t *edectx, dns_validator_t **validatorp) { - isc_result_t result = ISC_R_FAILURE; dns_validator_t *val = NULL; dns_keytable_t *kt = NULL; @@ -3674,10 +3650,7 @@ dns_validator_create(dns_view_t *view, dns_name_t *name, dns_rdatatype_t type, REQUIRE(validatorp != NULL && *validatorp == NULL); REQUIRE(edectx != NULL); - result = dns_view_getsecroots(view, &kt); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(dns_view_getsecroots(view, &kt)); val = isc_mem_get(view->mctx, sizeof(*val)); *val = (dns_validator_t){ diff --git a/lib/dns/view.c b/lib/dns/view.c index bca4c3a7ab..a640e875ac 100644 --- a/lib/dns/view.c +++ b/lib/dns/view.c @@ -537,12 +537,8 @@ dns_view_createresolver(dns_view_t *view, unsigned int options, REQUIRE(view->resolver == NULL); REQUIRE(view->dispatchmgr != NULL); - result = dns_resolver_create(view, options, tlsctx_cache, dispatchv4, - dispatchv6, &view->resolver); - if (result != ISC_R_SUCCESS) { - return result; - } - + RETERR(dns_resolver_create(view, options, tlsctx_cache, dispatchv4, + dispatchv6, &view->resolver)); isc_mem_create("ADB", &mctx); dns_adb_create(mctx, view, &view->adb); isc_mem_detach(&mctx); @@ -1353,15 +1349,9 @@ dns_view_getpeertsig(dns_view_t *view, const isc_netaddr_t *peeraddr, dns_name_t *keyname = NULL; dns_peer_t *peer = NULL; - result = dns_peerlist_peerbyaddr(view->peers, peeraddr, &peer); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(dns_peerlist_peerbyaddr(view->peers, peeraddr, &peer)); - result = dns_peer_getkey(peer, &keyname); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(dns_peer_getkey(peer, &keyname)); result = dns_view_gettsig(view, keyname, keyp); return (result == ISC_R_NOTFOUND) ? ISC_R_FAILURE : result; @@ -1378,7 +1368,6 @@ dns_view_checksig(dns_view_t *view, isc_buffer_t *source, dns_message_t *msg) { isc_result_t dns_view_flushcache(dns_view_t *view, bool fixuponly) { - isc_result_t result; dns_adb_t *adb = NULL; REQUIRE(DNS_VIEW_VALID(view)); @@ -1387,10 +1376,7 @@ dns_view_flushcache(dns_view_t *view, bool fixuponly) { return ISC_R_SUCCESS; } if (!fixuponly) { - result = dns_cache_flush(view->cache); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(dns_cache_flush(view->cache)); } dns_db_detach(&view->cachedb); dns_cache_attachdb(view->cache, &view->cachedb); diff --git a/lib/dns/xfrin.c b/lib/dns/xfrin.c index 27f20e8891..aab34c0f5f 100644 --- a/lib/dns/xfrin.c +++ b/lib/dns/xfrin.c @@ -1526,24 +1526,16 @@ request_type(dns_xfrin_t *xfr) { static isc_result_t add_opt(dns_message_t *message, uint16_t udpsize, bool reqnsid, bool reqexpire) { - isc_result_t result; - dns_message_ednsinit(message, 0, udpsize, 0, 0); /* Set EDNS options if applicable. */ if (reqnsid) { dns_ednsopt_t option = { .code = DNS_OPT_NSID }; - result = dns_message_ednsaddopt(message, &option); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(dns_message_ednsaddopt(message, &option)); } if (reqexpire) { dns_ednsopt_t option = { .code = DNS_OPT_EXPIRE }; - result = dns_message_ednsaddopt(message, &option); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(dns_message_ednsaddopt(message, &option)); } return dns_message_setopt(message); diff --git a/lib/dns/zone.c b/lib/dns/zone.c index 26e0894501..3b52aaaf2f 100644 --- a/lib/dns/zone.c +++ b/lib/dns/zone.c @@ -4540,16 +4540,11 @@ cleanup: static isc_result_t delete_keydata(dns_db_t *db, dns_dbversion_t *ver, dns_diff_t *diff, dns_name_t *name, dns_rdataset_t *rdataset) { - isc_result_t uresult; - DNS_RDATASET_FOREACH(rdataset) { dns_rdata_t rdata = DNS_RDATA_INIT; dns_rdataset_current(rdataset, &rdata); - uresult = update_one_rr(db, ver, diff, DNS_DIFFOP_DEL, name, 0, - &rdata); - if (uresult != ISC_R_SUCCESS) { - return uresult; - } + RETERR(update_one_rr(db, ver, diff, DNS_DIFFOP_DEL, name, 0, + &rdata)); } return ISC_R_SUCCESS; @@ -6930,11 +6925,8 @@ offline(dns_db_t *db, dns_dbversion_t *ver, dns__zonediff_t *zonediff, if ((rdata->flags & DNS_RDATA_OFFLINE) != 0) { return ISC_R_SUCCESS; } - result = update_one_rr(db, ver, zonediff->diff, DNS_DIFFOP_DELRESIGN, - name, ttl, rdata); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(update_one_rr(db, ver, zonediff->diff, DNS_DIFFOP_DELRESIGN, + name, ttl, rdata)); rdata->flags |= DNS_RDATA_OFFLINE; result = update_one_rr(db, ver, zonediff->diff, DNS_DIFFOP_ADDRESIGN, name, ttl, rdata); @@ -12786,24 +12778,16 @@ create_query(dns_zone_t *zone, dns_rdatatype_t rdtype, dns_name_t *name, static isc_result_t add_opt(dns_message_t *message, uint16_t udpsize, bool reqnsid, bool reqexpire) { - isc_result_t result; - dns_message_ednsinit(message, 0, udpsize, 0, 0); /* Set EDNS options if applicable. */ if (reqnsid) { dns_ednsopt_t option = { .code = DNS_OPT_NSID }; - result = dns_message_ednsaddopt(message, &option); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(dns_message_ednsaddopt(message, &option)); } if (reqexpire) { dns_ednsopt_t option = { .code = DNS_OPT_EXPIRE }; - result = dns_message_ednsaddopt(message, &option); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(dns_message_ednsaddopt(message, &option)); } return dns_message_setopt(message); @@ -17143,10 +17127,7 @@ zone_replacedb(dns_zone_t *zone, dns_db_t *db, bool dump) { return result; } - result = check_nsec3param(zone, db); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(check_nsec3param(zone, db)); ver = NULL; dns_db_currentversion(db, &ver); @@ -20128,15 +20109,11 @@ checkds_destroy(dns_checkds_t *checkds, bool locked) { static isc_result_t make_dnskey(dst_key_t *key, unsigned char *buf, int bufsize, dns_rdata_t *target) { - isc_result_t result; isc_buffer_t b; isc_region_t r; isc_buffer_init(&b, buf, bufsize); - result = dst_key_todns(key, &b); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(dst_key_todns(key, &b)); dns_rdata_reset(target); isc_buffer_usedregion(&b, &r); @@ -22190,10 +22167,7 @@ dns_zone_nscheck(dns_zone_t *zone, dns_db_t *db, dns_dbversion_t *version, REQUIRE(DNS_ZONE_VALID(zone)); REQUIRE(errors != NULL); - result = dns_db_getoriginnode(db, &node); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(dns_db_getoriginnode(db, &node)); result = zone_count_ns_rr(zone, db, node, version, NULL, errors, false); dns_db_detachnode(&node); return result; @@ -22212,10 +22186,7 @@ dns_zone_cdscheck(dns_zone_t *zone, dns_db_t *db, dns_dbversion_t *version) { REQUIRE(DNS_ZONE_VALID(zone)); - result = dns_db_getoriginnode(db, &node); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(dns_db_getoriginnode(db, &node)); dns_rdataset_init(&cds); dns_rdataset_init(&dnskey); diff --git a/lib/dns/zoneverify.c b/lib/dns/zoneverify.c index 95695c01eb..5cde1aa4f0 100644 --- a/lib/dns/zoneverify.c +++ b/lib/dns/zoneverify.c @@ -704,10 +704,7 @@ verifynsec3(const vctx_t *vctx, const dns_name_t *name, return result; } - result = isoptout(vctx, &nsec3param, &optout); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(isoptout(vctx, &nsec3param, &optout)); dns_fixedname_init(&fixed); result = dns_nsec3_hashname( @@ -772,23 +769,18 @@ verifynsec3s(const vctx_t *vctx, const dns_name_t *name, dns_rdataset_t *nsec3paramset, bool delegation, bool empty, const unsigned char types[8192], unsigned int maxtype, isc_result_t *vresult) { - isc_result_t result = ISC_R_NOMORE; - DNS_RDATASET_FOREACH(nsec3paramset) { dns_rdata_t rdata = DNS_RDATA_INIT; dns_rdataset_current(nsec3paramset, &rdata); - result = verifynsec3(vctx, name, &rdata, delegation, empty, - types, maxtype, vresult); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(verifynsec3(vctx, name, &rdata, delegation, empty, types, + maxtype, vresult)); if (*vresult != ISC_R_SUCCESS) { break; } } - return result; + return ISC_R_SUCCESS; } static isc_result_t @@ -970,19 +962,13 @@ verifynode(vctx_t *vctx, const dns_name_t *name, dns_dbnode_t *node, *vresult = ISC_R_SUCCESS; if (nsecset != NULL && dns_rdataset_isassociated(nsecset)) { - result = verifynsec(vctx, name, node, nextname, &tvresult); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(verifynsec(vctx, name, node, nextname, &tvresult)); *vresult = tvresult; } if (nsec3paramset != NULL && dns_rdataset_isassociated(nsec3paramset)) { - result = verifynsec3s(vctx, name, nsec3paramset, delegation, - false, types, maxtype, &tvresult); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(verifynsec3s(vctx, name, nsec3paramset, delegation, + false, types, maxtype, &tvresult)); if (*vresult == ISC_R_SUCCESS) { *vresult = tvresult; } @@ -1217,7 +1203,7 @@ verifyemptynodes(const vctx_t *vctx, const dns_name_t *name, int order; unsigned int labels, nlabels, i; dns_name_t suffix; - isc_result_t result, tvresult = ISC_R_UNSET; + isc_result_t tvresult = ISC_R_UNSET; *vresult = ISC_R_SUCCESS; @@ -1238,12 +1224,9 @@ verifyemptynodes(const vctx_t *vctx, const dns_name_t *name, if (nsec3paramset != NULL && dns_rdataset_isassociated(nsec3paramset)) { - result = verifynsec3s( - vctx, &suffix, nsec3paramset, - isdelegation, true, NULL, 0, &tvresult); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(verifynsec3s(vctx, &suffix, + nsec3paramset, isdelegation, + true, NULL, 0, &tvresult)); if (*vresult == ISC_R_SUCCESS) { *vresult = tvresult; } diff --git a/lib/isc/commandline.c b/lib/isc/commandline.c index fdbcbb46e3..513f85a92d 100644 --- a/lib/isc/commandline.c +++ b/lib/isc/commandline.c @@ -211,8 +211,6 @@ isc_commandline_parse(int argc, char *const *argv, const char *options) { isc_result_t isc_commandline_strtoargv(isc_mem_t *mctx, char *s, unsigned int *argcp, char ***argvp, unsigned int n) { - isc_result_t result; - restart: /* Discard leading whitespace. */ while (*s == ' ' || *s == '\t') { @@ -256,11 +254,7 @@ restart: *p++ = '\0'; } - result = isc_commandline_strtoargv(mctx, p, argcp, argvp, - n + 1); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(isc_commandline_strtoargv(mctx, p, argcp, argvp, n + 1)); (*argvp)[n] = s; } diff --git a/lib/isc/file.c b/lib/isc/file.c index fe027ae24c..fbf0b80fb1 100644 --- a/lib/isc/file.c +++ b/lib/isc/file.c @@ -576,15 +576,13 @@ dir_current(char *dirname, size_t length) { isc_result_t isc_file_absolutepath(const char *filename, char *path, size_t pathlen) { - isc_result_t result; - result = dir_current(path, pathlen); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(dir_current(path, pathlen)); + if (strlen(path) + strlen(filename) + 1 > pathlen) { return ISC_R_NOSPACE; } strlcat(path, filename, pathlen); + return ISC_R_SUCCESS; } @@ -697,7 +695,6 @@ isc_file_sanitize(const char *dir, const char *base, const char *ext, unsigned int digestlen; char hash[ISC_MAX_MD_SIZE * 2 + 1]; size_t l = 0; - isc_result_t err; REQUIRE(base != NULL); REQUIRE(path != NULL); @@ -724,16 +721,10 @@ isc_file_sanitize(const char *dir, const char *base, const char *ext, } /* Check whether the full-length SHA256 hash filename exists */ - err = isc_md(ISC_MD_SHA256, (const unsigned char *)base, strlen(base), - digest, &digestlen); - if (err != ISC_R_SUCCESS) { - return err; - } + RETERR(isc_md(ISC_MD_SHA256, (const unsigned char *)base, strlen(base), + digest, &digestlen)); - err = digest2hex(digest, digestlen, hash, sizeof(hash)); - if (err != ISC_R_SUCCESS) { - return err; - } + RETERR(digest2hex(digest, digestlen, hash, sizeof(hash))); snprintf(buf, sizeof(buf), "%s%s%s%s%s", dir != NULL ? dir : "", dir != NULL ? "/" : "", hash, ext != NULL ? "." : "", diff --git a/lib/isc/getaddresses.c b/lib/isc/getaddresses.c index e77ef7a085..ff9922d066 100644 --- a/lib/isc/getaddresses.c +++ b/lib/isc/getaddresses.c @@ -81,14 +81,8 @@ isc_getaddresses(const char *hostname, in_port_t port, isc_sockaddr_t *addrs, } if (d != NULL) { - isc_result_t iresult; - - iresult = isc_netscope_pton(AF_INET6, d + 1, - &in6, &zone); - - if (iresult != ISC_R_SUCCESS) { - return iresult; - } + RETERR(isc_netscope_pton(AF_INET6, d + 1, &in6, + &zone)); } isc_netaddr_fromin6(&na, &in6); diff --git a/lib/isc/httpd.c b/lib/isc/httpd.c index 7cf51567e5..13b3d55a63 100644 --- a/lib/isc/httpd.c +++ b/lib/isc/httpd.c @@ -361,7 +361,6 @@ process_request(isc_httpd_t *httpd, size_t last_len) { size_t path_len = 0; struct phr_header headers[HTTP_HEADERS_NUM]; size_t num_headers; - isc_result_t result; num_headers = ARRAY_SIZE(headers); @@ -401,10 +400,7 @@ process_request(isc_httpd_t *httpd, size_t last_len) { /* * Parse the URL */ - result = isc_url_parse(path, path_len, 0, &httpd->up); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(isc_url_parse(path, path_len, 0, &httpd->up)); httpd->path = path; /* diff --git a/lib/isc/include/isc/buffer.h b/lib/isc/include/isc/buffer.h index 75754bf08e..3987fef824 100644 --- a/lib/isc/include/isc/buffer.h +++ b/lib/isc/include/isc/buffer.h @@ -1190,16 +1190,11 @@ isc_buffer_dup(isc_mem_t *mctx, isc_buffer_t **restrict dstp, static inline isc_result_t isc_buffer_copyregion(isc_buffer_t *restrict b, const isc_region_t *restrict r) { - isc_result_t result; - REQUIRE(ISC_BUFFER_VALID(b)); REQUIRE(r != NULL); if (b->mctx) { - result = isc_buffer_reserve(b, r->length); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(isc_buffer_reserve(b, r->length)); } if (r->length > isc_buffer_availablelength(b)) { @@ -1216,9 +1211,8 @@ isc_buffer_copyregion(isc_buffer_t *restrict b, static inline isc_result_t isc_buffer_printf(isc_buffer_t *restrict b, const char *restrict format, ...) { - va_list ap; - int n; - isc_result_t result; + va_list ap; + int n; REQUIRE(ISC_BUFFER_VALID(b)); @@ -1231,10 +1225,7 @@ isc_buffer_printf(isc_buffer_t *restrict b, const char *restrict format, ...) { } if (b->mctx) { - result = isc_buffer_reserve(b, n + 1); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(isc_buffer_reserve(b, n + 1)); } if (isc_buffer_availablelength(b) < (unsigned int)n + 1) { diff --git a/lib/isc/lex.c b/lib/isc/lex.c index e38947cbdd..588ffa6bf1 100644 --- a/lib/isc/lex.c +++ b/lib/isc/lex.c @@ -200,7 +200,6 @@ new_source(isc_lex_t *lex, bool is_file, bool need_close, void *input, isc_result_t isc_lex_openfile(isc_lex_t *lex, const char *filename) { - isc_result_t result; FILE *stream = NULL; /* @@ -209,10 +208,7 @@ isc_lex_openfile(isc_lex_t *lex, const char *filename) { REQUIRE(VALID_LEX(lex)); - result = isc_stdio_open(filename, "r", &stream); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(isc_stdio_open(filename, "r", &stream)); new_source(lex, true, true, stream, filename); return ISC_R_SUCCESS; diff --git a/lib/isc/log.c b/lib/isc/log.c index ad984c0068..5893eb4a86 100644 --- a/lib/isc/log.c +++ b/lib/isc/log.c @@ -796,14 +796,7 @@ greatest_version(isc_logfile_t *file, int versions, int *greatestp) { bnamelen = strlen(bname); isc_dir_init(&dir); - result = isc_dir_open(&dir, dirname); - - /* - * Return if the directory open failed. - */ - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(isc_dir_open(&dir, dirname)); while (isc_dir_read(&dir) == ISC_R_SUCCESS) { if (dir.entry.length > bnamelen && @@ -943,14 +936,7 @@ remove_old_tsversions(isc_logfile_t *file, int versions) { bnamelen = strlen(bname); isc_dir_init(&dir); - result = isc_dir_open(&dir, dirname); - - /* - * Return if the directory open failed. - */ - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(isc_dir_open(&dir, dirname)); last = last_to_keep(versions, &dir, bname, bnamelen); @@ -1023,10 +1009,7 @@ roll_increment(isc_logfile_t *file) { * Get the largest existing version and remove any * version greater than the permitted version. */ - result = greatest_version(file, file->versions, &greatest); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(greatest_version(file, file->versions, &greatest)); /* * Increment if greatest is not the actual maximum value. diff --git a/lib/isc/netmgr/udp.c b/lib/isc/netmgr/udp.c index bb3cb67045..7922683bdc 100644 --- a/lib/isc/netmgr/udp.c +++ b/lib/isc/netmgr/udp.c @@ -281,18 +281,14 @@ isc_nm_listenudp(uint32_t workers, isc_sockaddr_t *iface, isc_nm_recv_cb_t cb, #ifdef USE_ROUTE_SOCKET static isc_result_t route_socket(uv_os_sock_t *fdp) { - isc_result_t result; uv_os_sock_t fd = -1; #ifdef USE_NETLINK struct sockaddr_nl sa; int r; #endif - result = isc__nm_socket(ROUTE_SOCKET_PF, SOCK_RAW, - ROUTE_SOCKET_PROTOCOL, &fd); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(isc__nm_socket(ROUTE_SOCKET_PF, SOCK_RAW, ROUTE_SOCKET_PROTOCOL, + &fd)); #ifdef USE_NETLINK sa.nl_family = PF_NETLINK; @@ -361,10 +357,7 @@ isc_nm_routeconnect(isc_nm_cb_t cb, void *cbarg) { return ISC_R_SHUTTINGDOWN; } - result = route_socket(&fd); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(route_socket(&fd)); sock = isc_mempool_get(worker->nmsocket_pool); isc__nmsocket_init(sock, worker, isc_nm_udpsocket, NULL, NULL); diff --git a/lib/isc/parseint.c b/lib/isc/parseint.c index 001fe9d416..d9887aef1d 100644 --- a/lib/isc/parseint.c +++ b/lib/isc/parseint.c @@ -51,11 +51,8 @@ isc_parse_uint32(uint32_t *uip, const char *string, int base) { isc_result_t isc_parse_uint16(uint16_t *uip, const char *string, int base) { uint32_t val; - isc_result_t result; - result = isc_parse_uint32(&val, string, base); - if (result != ISC_R_SUCCESS) { - return result; - } + + RETERR(isc_parse_uint32(&val, string, base)); if (val > 0xFFFF) { return ISC_R_RANGE; } @@ -66,11 +63,8 @@ isc_parse_uint16(uint16_t *uip, const char *string, int base) { isc_result_t isc_parse_uint8(uint8_t *uip, const char *string, int base) { uint32_t val; - isc_result_t result; - result = isc_parse_uint32(&val, string, base); - if (result != ISC_R_SUCCESS) { - return result; - } + + RETERR(isc_parse_uint32(&val, string, base)); if (val > 0xFF) { return ISC_R_RANGE; } diff --git a/lib/isc/proxy2.c b/lib/isc/proxy2.c index 7837b65528..5c9644097a 100644 --- a/lib/isc/proxy2.c +++ b/lib/isc/proxy2.c @@ -673,7 +673,6 @@ isc_proxy2_handler_addresses(const isc_proxy2_handler_t *restrict handler, int *restrict psocktype, isc_sockaddr_t *restrict psrc_addr, isc_sockaddr_t *restrict pdst_addr) { - isc_result_t result; size_t ret; isc_region_t header_region = { 0 }; isc_buffer_t buf = { 0 }; @@ -693,12 +692,8 @@ isc_proxy2_handler_addresses(const isc_proxy2_handler_t *restrict handler, INSIST(handler->expect_data == 0); - result = isc__proxy2_handler_get_addresses( - (isc_proxy2_handler_t *)handler, &buf, psrc_addr, pdst_addr); - - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(isc__proxy2_handler_get_addresses( + (isc_proxy2_handler_t *)handler, &buf, psrc_addr, pdst_addr)); SET_IF_NOT_NULL(psocktype, proxy2_socktype_to_socktype(handler->proxy_socktype)); @@ -840,12 +835,8 @@ isc_proxy2_subtlv_tls_iterate(const isc_region_t *restrict tls_tlv_data, return ISC_R_RANGE; } - result = isc_proxy2_subtlv_tls_header_data(tls_tlv_data, &client_flags, - &client_cert_verified); - - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(isc_proxy2_subtlv_tls_header_data(tls_tlv_data, &client_flags, + &client_cert_verified)); p = tls_tlv_data->base; p += ISC_PROXY2_TLS_SUBHEADER_MIN_SIZE; @@ -1041,14 +1032,10 @@ error_range: isc_result_t isc_proxy2_tlv_data_verify(const isc_region_t *restrict tlv_data) { - isc_result_t result; tlv_verify_cbarg_t cbarg = { .verify_result = ISC_R_SUCCESS }; - result = isc_proxy2_tlv_iterate(tlv_data, isc_proxy2_tlv_verify_cb, - &cbarg); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(isc_proxy2_tlv_iterate(tlv_data, isc_proxy2_tlv_verify_cb, + &cbarg)); return cbarg.verify_result; } diff --git a/lib/isc/radix.c b/lib/isc/radix.c index 31cceed1b0..afa38ea453 100644 --- a/lib/isc/radix.c +++ b/lib/isc/radix.c @@ -450,11 +450,7 @@ isc_radix_insert(isc_radix_tree_t *radix, isc_radix_node_t **target, *target = node; return ISC_R_SUCCESS; } else { - result = _ref_prefix(radix->mctx, &node->prefix, - prefix); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(_ref_prefix(radix->mctx, &node->prefix, prefix)); } INSIST(node->data[RADIX_V4] == NULL && node->node_num[RADIX_V4] == -1 && diff --git a/lib/isc/sockaddr.c b/lib/isc/sockaddr.c index f09d8aacbc..cd1d7eb74f 100644 --- a/lib/isc/sockaddr.c +++ b/lib/isc/sockaddr.c @@ -114,7 +114,6 @@ isc_sockaddr_eqaddrprefix(const isc_sockaddr_t *a, const isc_sockaddr_t *b, isc_result_t isc_sockaddr_totext(const isc_sockaddr_t *sockaddr, isc_buffer_t *target) { - isc_result_t result; isc_netaddr_t netaddr; char pbuf[sizeof("65000")]; unsigned int plen; @@ -144,10 +143,7 @@ isc_sockaddr_totext(const isc_sockaddr_t *sockaddr, isc_buffer_t *target) { INSIST(plen < sizeof(pbuf)); isc_netaddr_fromsockaddr(&netaddr, sockaddr); - result = isc_netaddr_totext(&netaddr, target); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(isc_netaddr_totext(&netaddr, target)); if (1 + plen + 1 > isc_buffer_availablelength(target)) { return ISC_R_NOSPACE; diff --git a/lib/isc/url.c b/lib/isc/url.c index 6ba4cb4991..eaa10129b0 100644 --- a/lib/isc/url.c +++ b/lib/isc/url.c @@ -622,12 +622,7 @@ isc_url_parse(const char *buf, size_t buflen, bool is_connect, } if (up->field_set & (1 << ISC_UF_HOST)) { - isc_result_t result; - - result = http_parse_host(buf, up, found_at); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(http_parse_host(buf, up, found_at)); } /* CONNECT requests can only contain "hostname:port" */ diff --git a/lib/isccc/base64.c b/lib/isccc/base64.c index 3ead3633e7..73f65641f5 100644 --- a/lib/isccc/base64.c +++ b/lib/isccc/base64.c @@ -42,17 +42,13 @@ isccc_base64_encode(isccc_region_t *source, int wordlength, const char *wordbreak, isccc_region_t *target) { isc_region_t sr; isc_buffer_t tb; - isc_result_t result; sr.base = source->rstart; sr.length = (unsigned int)(source->rend - source->rstart); isc_buffer_init(&tb, target->rstart, (unsigned int)(target->rend - target->rstart)); - result = isc_base64_totext(&sr, wordlength, wordbreak, &tb); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(isc_base64_totext(&sr, wordlength, wordbreak, &tb)); source->rstart = source->rend; target->rstart = isc_buffer_used(&tb); return ISC_R_SUCCESS; @@ -61,14 +57,10 @@ isccc_base64_encode(isccc_region_t *source, int wordlength, isc_result_t isccc_base64_decode(const char *cstr, isccc_region_t *target) { isc_buffer_t b; - isc_result_t result; isc_buffer_init(&b, target->rstart, (unsigned int)(target->rend - target->rstart)); - result = isc_base64_decodestring(cstr, &b); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(isc_base64_decodestring(cstr, &b)); target->rstart = isc_buffer_used(&b); return ISC_R_SUCCESS; } diff --git a/lib/isccc/cc.c b/lib/isccc/cc.c index 2df9305f36..a8f1a759af 100644 --- a/lib/isccc/cc.c +++ b/lib/isccc/cc.c @@ -146,10 +146,7 @@ value_towire(isccc_sexpr_t *elt, isc_buffer_t **buffer) { /* * Emit the table. */ - result = table_towire(elt, buffer); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(table_towire(elt, buffer)); len = (*buffer)->used - used; /* @@ -180,10 +177,7 @@ value_towire(isccc_sexpr_t *elt, isc_buffer_t **buffer) { /* * Emit the list. */ - result = list_towire(elt, buffer); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(list_towire(elt, buffer)); len = (*buffer)->used - used; /* @@ -229,10 +223,7 @@ table_towire(isccc_sexpr_t *alist, isc_buffer_t **buffer) { /* * Emit the value. */ - result = value_towire(v, buffer); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(value_towire(v, buffer)); } return ISC_R_SUCCESS; @@ -240,13 +231,8 @@ table_towire(isccc_sexpr_t *alist, isc_buffer_t **buffer) { static isc_result_t list_towire(isccc_sexpr_t *list, isc_buffer_t **buffer) { - isc_result_t result; - while (list != NULL) { - result = value_towire(ISCCC_SEXPR_CAR(list), buffer); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(value_towire(ISCCC_SEXPR_CAR(list), buffer)); list = ISCCC_SEXPR_CDR(list); } @@ -257,7 +243,6 @@ static isc_result_t sign(unsigned char *data, unsigned int length, unsigned char *out, uint32_t algorithm, isccc_region_t *secret) { const isc_md_type_t *md_type; - isc_result_t result; isccc_region_t source, target; unsigned char digest[ISC_MAX_MD_SIZE]; unsigned int digestlen = sizeof(digest); @@ -288,20 +273,14 @@ sign(unsigned char *data, unsigned int length, unsigned char *out, return ISC_R_NOTIMPLEMENTED; } - result = isc_hmac(md_type, secret->rstart, REGION_SIZE(*secret), data, - length, digest, &digestlen); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(isc_hmac(md_type, secret->rstart, REGION_SIZE(*secret), data, + length, digest, &digestlen)); source.rend = digest + digestlen; memset(digestb64, 0, sizeof(digestb64)); target.rstart = digestb64; target.rend = digestb64 + sizeof(digestb64); - result = isccc_base64_encode(&source, 64, "", &target); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(isccc_base64_encode(&source, 64, "", &target)); if (algorithm == ISCCC_ALG_HMACMD5) { PUT_MEM(digestb64, HMD5_LENGTH, out); } else { @@ -361,10 +340,7 @@ isccc_cc_towire(isccc_sexpr_t *alist, isc_buffer_t **buffer, uint32_t algorithm, /* * Emit the message. */ - result = table_towire(alist, buffer); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(table_towire(alist, buffer)); if (secret != NULL) { return sign((unsigned char *)(*buffer)->base + signed_base, (*buffer)->used - signed_base, @@ -380,7 +356,6 @@ verify(isccc_sexpr_t *alist, unsigned char *data, unsigned int length, const isc_md_type_t *md_type; isccc_region_t source; isccc_region_t target; - isc_result_t result; isccc_sexpr_t *_auth, *hmacvalue; unsigned char digest[ISC_MAX_MD_SIZE]; unsigned int digestlen = sizeof(digest); @@ -429,20 +404,14 @@ verify(isccc_sexpr_t *alist, unsigned char *data, unsigned int length, return ISC_R_NOTIMPLEMENTED; } - result = isc_hmac(md_type, secret->rstart, REGION_SIZE(*secret), data, - length, digest, &digestlen); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(isc_hmac(md_type, secret->rstart, REGION_SIZE(*secret), data, + length, digest, &digestlen)); source.rend = digest + digestlen; target.rstart = digestb64; target.rend = digestb64 + sizeof(digestb64); memset(digestb64, 0, sizeof(digestb64)); - result = isccc_base64_encode(&source, 64, "", &target); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(isccc_base64_encode(&source, 64, "", &target)); /* * Verify. @@ -752,10 +721,7 @@ isccc_cc_createack(isccc_sexpr_t *message, bool ok, isccc_sexpr_t **ackp) { * Create the ack. */ ack = NULL; - result = createmessage(1, _to, _frm, serial, t, 0, &ack, false); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(createmessage(1, _to, _frm, serial, t, 0, &ack, false)); _ctrl = isccc_alist_lookup(ack, "_ctrl"); if (_ctrl == NULL) { @@ -834,11 +800,8 @@ isccc_cc_createresponse(isccc_sexpr_t *message, isccc_time_t now, * Create the response. */ alist = NULL; - result = isccc_cc_createmessage(1, _to, _frm, serial, now, expires, - &alist); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(isccc_cc_createmessage(1, _to, _frm, serial, now, expires, + &alist)); _ctrl = isccc_alist_lookup(alist, "_ctrl"); if (_ctrl == NULL) { diff --git a/lib/isccfg/aclconf.c b/lib/isccfg/aclconf.c index 8dfb769606..9324e7a5f7 100644 --- a/lib/isccfg/aclconf.c +++ b/lib/isccfg/aclconf.c @@ -75,13 +75,9 @@ ISC_REFCOUNT_IMPL(cfg_aclconfctx, destroy_aclctx); */ static isc_result_t get_acl_def(const cfg_obj_t *cctx, const char *name, const cfg_obj_t **ret) { - isc_result_t result; const cfg_obj_t *acls = NULL; - result = cfg_map_get(cctx, "acl", &acls); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(cfg_map_get(cctx, "acl", &acls)); CFG_LIST_FOREACH(acls, elt) { const cfg_obj_t *acl = cfg_listelt_value(elt); const char *aclname = @@ -202,11 +198,8 @@ count_acl_elements(const cfg_obj_t *caml, const cfg_obj_t *cctx, } else if (cfg_obj_islist(ce)) { bool negative; uint32_t sub; - result = count_acl_elements(ce, cctx, ctx, mctx, &sub, - &negative); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(count_acl_elements(ce, cctx, ctx, mctx, &sub, + &negative)); n += sub; if (negative) { n++; @@ -642,11 +635,8 @@ cfg_acl_fromconfig(const cfg_obj_t *acl_data, const cfg_obj_t *cctx, uint32_t nelem; if (nest_level == 0) { - result = count_acl_elements(caml, cctx, ctx, mctx, - &nelem, NULL); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(count_acl_elements(caml, cctx, ctx, mctx, &nelem, + NULL)); } else { nelem = cfg_list_length(caml, false); } diff --git a/lib/isccfg/check.c b/lib/isccfg/check.c index 8a64bbf242..654e45a2b3 100644 --- a/lib/isccfg/check.c +++ b/lib/isccfg/check.c @@ -315,16 +315,12 @@ check_forward(const cfg_obj_t *config, const cfg_obj_t *options, return ISC_R_FAILURE; } if (forwarders != NULL) { - isc_result_t result = ISC_R_SUCCESS; const cfg_obj_t *tlspobj = cfg_tuple_get(forwarders, "tls"); if (tlspobj != NULL && cfg_obj_isstring(tlspobj)) { const char *tls = cfg_obj_asstring(tlspobj); if (tls != NULL) { - result = validate_tls(config, tlspobj, tls); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(validate_tls(config, tlspobj, tls)); } } @@ -333,10 +329,7 @@ check_forward(const cfg_obj_t *config, const cfg_obj_t *options, const cfg_obj_t *forwarder = cfg_listelt_value(element); const char *tls = cfg_obj_getsockaddrtls(forwarder); if (tls != NULL) { - result = validate_tls(config, faddresses, tls); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(validate_tls(config, faddresses, tls)); } } } @@ -2380,13 +2373,9 @@ check_tls_definitions(const cfg_obj_t *config, isc_mem_t *mctx) { static isc_result_t get_remotes(const cfg_obj_t *cctx, const char *list, const char *name, const cfg_obj_t **ret) { - isc_result_t result = ISC_R_SUCCESS; const cfg_obj_t *obj = NULL; - result = cfg_map_get(cctx, list, &obj); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(cfg_map_get(cctx, list, &obj)); CFG_LIST_FOREACH(obj, elt) { const char *listname = NULL; @@ -4490,10 +4479,7 @@ check_keylist(const cfg_obj_t *keys, isc_symtab_t *symtab, isc_mem_t *mctx) { result = tresult; continue; } - tresult = isccfg_check_key(key); - if (tresult != ISC_R_SUCCESS) { - return tresult; - } + RETERR(isccfg_check_key(key)); dns_name_format(name, namebuf, sizeof(namebuf)); keyname = isc_mem_strdup(mctx, namebuf); diff --git a/lib/isccfg/parser.c b/lib/isccfg/parser.c index 8385767c6d..0d80cc70ee 100644 --- a/lib/isccfg/parser.c +++ b/lib/isccfg/parser.c @@ -436,16 +436,11 @@ cfg_parser_currentfile(cfg_parser_t *pctx) { isc_result_t cfg_parse_obj(cfg_parser_t *pctx, const cfg_type_t *type, cfg_obj_t **ret) { - isc_result_t result; - REQUIRE(pctx != NULL); REQUIRE(type != NULL); REQUIRE(ret != NULL && *ret == NULL); - result = type->parse(pctx, type, ret); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(type->parse(pctx, type, ret)); ENSURE(*ret != NULL); return ISC_R_SUCCESS; } @@ -2007,17 +2002,13 @@ cfg_obj_asboolean(const cfg_obj_t *obj) { isc_result_t cfg_parse_boolean(cfg_parser_t *pctx, const cfg_type_t *type ISC_ATTR_UNUSED, cfg_obj_t **ret) { - isc_result_t result; bool value; cfg_obj_t *obj = NULL; REQUIRE(pctx != NULL); REQUIRE(ret != NULL && *ret == NULL); - result = cfg_gettoken(pctx, 0); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(cfg_gettoken(pctx, 0)); if (pctx->token.type != isc_tokentype_string) { goto bad_boolean; @@ -2891,7 +2882,6 @@ cfg_obj_ismap(const cfg_obj_t *obj) { isc_result_t cfg_map_get(const cfg_obj_t *mapobj, const char *name, const cfg_obj_t **obj) { - isc_result_t result; isc_symvalue_t val; const cfg_map_t *map; @@ -2901,10 +2891,7 @@ cfg_map_get(const cfg_obj_t *mapobj, const char *name, const cfg_obj_t **obj) { map = &mapobj->value.map; - result = isc_symtab_lookup(map->symtab, name, SYMTAB_DUMMY_TYPE, &val); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(isc_symtab_lookup(map->symtab, name, SYMTAB_DUMMY_TYPE, &val)); *obj = val.as_pointer; return ISC_R_SUCCESS; } @@ -3143,13 +3130,8 @@ token_addr(cfg_parser_t *pctx, unsigned int flags, isc_netaddr_t *na) { if (inet_pton(AF_INET6, buf, &in6a) == 1) { if (d != NULL) { - isc_result_t result; - - result = isc_netscope_pton( - AF_INET6, d + 1, &in6a, &zone); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(isc_netscope_pton( + AF_INET6, d + 1, &in6a, &zone)); } isc_netaddr_fromin6(na, &in6a); @@ -3769,12 +3751,7 @@ cleanup: */ static isc_result_t cfg_getstringtoken(cfg_parser_t *pctx) { - isc_result_t result; - - result = cfg_gettoken(pctx, CFG_LEXOPT_QSTRING); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(cfg_gettoken(pctx, CFG_LEXOPT_QSTRING)); if (pctx->token.type != isc_tokentype_string && pctx->token.type != isc_tokentype_qstring) diff --git a/lib/ns/client.c b/lib/ns/client.c index a99857bed4..d35891d45b 100644 --- a/lib/ns/client.c +++ b/lib/ns/client.c @@ -1074,10 +1074,7 @@ ns_client_addopt(ns_client_t *client, dns_message_t *message) { .value = (unsigned char *)nsidp, .length = (uint16_t)strlen(nsidp), }; - result = dns_message_ednsaddopt(message, &option); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(dns_message_ednsaddopt(message, &option)); } } @@ -1093,10 +1090,7 @@ ns_client_addopt(ns_client_t *client, dns_message_t *message) { dns_ednsopt_t option = { .code = DNS_OPT_COOKIE, .length = COOKIE_SIZE, .value = cookie }; - result = dns_message_ednsaddopt(message, &option); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(dns_message_ednsaddopt(message, &option)); } if ((client->inner.attributes & NS_CLIENTATTR_HAVEEXPIRE) != 0) { @@ -1108,10 +1102,7 @@ ns_client_addopt(ns_client_t *client, dns_message_t *message) { dns_ednsopt_t option = { .code = DNS_OPT_EXPIRE, .value = expire, .length = 4 }; - result = dns_message_ednsaddopt(message, &option); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(dns_message_ednsaddopt(message, &option)); } if (((client->inner.attributes & NS_CLIENTATTR_HAVEECS) != 0) && @@ -1170,10 +1161,7 @@ ns_client_addopt(ns_client_t *client, dns_message_t *message) { dns_ednsopt_t option = { .code = DNS_OPT_CLIENT_SUBNET, .length = addrl + 4, .value = ecs }; - result = dns_message_ednsaddopt(message, &option); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(dns_message_ednsaddopt(message, &option)); } if (TCP_CLIENT(client) && USEKEEPALIVE(client)) { @@ -1187,10 +1175,7 @@ ns_client_addopt(ns_client_t *client, dns_message_t *message) { dns_ednsopt_t option = { .code = DNS_OPT_TCP_KEEPALIVE, .length = 2, .value = advtimo }; - result = dns_message_ednsaddopt(message, &option); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(dns_message_ednsaddopt(message, &option)); } for (size_t i = 0; i < DNS_EDE_MAX_ERRORS; i++) { @@ -1203,10 +1188,7 @@ ns_client_addopt(ns_client_t *client, dns_message_t *message) { dns_ednsopt_t option = { .code = DNS_OPT_EDE, .length = ede->length, .value = ede->value }; - result = dns_message_ednsaddopt(message, &option); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(dns_message_ednsaddopt(message, &option)); } if ((client->inner.attributes & NS_CLIENTATTR_HAVEZONEVERSION) != 0) { dns_ednsopt_t option = { @@ -1214,10 +1196,7 @@ ns_client_addopt(ns_client_t *client, dns_message_t *message) { .length = client->inner.zoneversionlength, .value = client->inner.zoneversion }; - result = dns_message_ednsaddopt(message, &option); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(dns_message_ednsaddopt(message, &option)); } if (WANTRC(client)) { @@ -1231,10 +1210,7 @@ ns_client_addopt(ns_client_t *client, dns_message_t *message) { .length = rad->length, .value = rad->ndata, }; - result = dns_message_ednsaddopt(message, &option); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(dns_message_ednsaddopt(message, &option)); } } diff --git a/lib/ns/interfacemgr.c b/lib/ns/interfacemgr.c index 9cc1a74be8..71ffda0046 100644 --- a/lib/ns/interfacemgr.c +++ b/lib/ns/interfacemgr.c @@ -840,11 +840,8 @@ setup_locals(isc_interface_t *interface, dns_acl_t *localhost, /* First add localhost address */ prefixlen = (netaddr->family == AF_INET) ? 32 : 128; - result = dns_iptable_addprefix(localhost->iptable, netaddr, prefixlen, - true); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(dns_iptable_addprefix(localhost->iptable, netaddr, prefixlen, + true)); /* Then add localnets prefix */ result = isc_netaddr_masktoprefixlen(&interface->netmask, &prefixlen); @@ -873,11 +870,8 @@ setup_locals(isc_interface_t *interface, dns_acl_t *localhost, return ISC_R_SUCCESS; } - result = dns_iptable_addprefix(localnets->iptable, netaddr, prefixlen, - true); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(dns_iptable_addprefix(localnets->iptable, netaddr, prefixlen, + true)); return ISC_R_SUCCESS; } @@ -1083,10 +1077,7 @@ do_scan(ns_interfacemgr_t *mgr, bool verbose, bool config) { isc_netaddr_any(&zero_address); isc_netaddr_any6(&zero_address6); - result = isc_interfaceiter_create(mgr->mctx, &iter); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(isc_interfaceiter_create(mgr->mctx, &iter)); dns_acl_create(mgr->mctx, 0, &localhost); dns_acl_create(mgr->mctx, 0, &localnets); diff --git a/lib/ns/query.c b/lib/ns/query.c index a5ee19f354..b9e7ebec63 100644 --- a/lib/ns/query.c +++ b/lib/ns/query.c @@ -1774,11 +1774,8 @@ query_additionalauth(query_ctx_t *qctx, const dns_name_t *name, version = NULL; dns_db_detach(&db); dns_getdb_options_t options = { .nolog = true }; - result = query_getzonedb(client, name, type, options, &zone, - &db, &version); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(query_getzonedb(client, name, type, options, &zone, &db, + &version)); dns_zone_detach(&zone); CTRACE(ISC_LOG_DEBUG(3), "query_additionalauth: other zone"); @@ -3734,11 +3731,8 @@ rpz_rewrite_ip_rrset(ns_client_t *client, dns_name_t *name, continue; } - result = rpz_rewrite_ip(client, &netaddr, qtype, - rpz_type, zbits, p_rdatasetp); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(rpz_rewrite_ip(client, &netaddr, qtype, rpz_type, + zbits, p_rdatasetp)); } } while (!done && client->query.rpz_st->m.policy == DNS_RPZ_POLICY_MISS); @@ -6344,10 +6338,7 @@ ns_query_recurse(ns_client_t *client, dns_rdatatype_t qtype, dns_name_t *qname, inc_stats(client, ns_statscounter_recursion); } - result = acquire_recursionquota(client); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(acquire_recursionquota(client)); /* * Invoke the resolver. @@ -9558,10 +9549,7 @@ query_synthcnamewildcard(query_ctx_t *qctx, dns_rdataset_t *rdataset, dns_rdata_t rdata = DNS_RDATA_INIT; dns_rdata_cname_t cname; - result = query_synthwildcard(qctx, rdataset, sigrdataset); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(query_synthwildcard(qctx, rdataset, sigrdataset)); qctx->client->query.attributes |= NS_QUERYATTR_PARTIALANSWER; diff --git a/lib/ns/update.c b/lib/ns/update.c index a88e1c245b..64366b961c 100644 --- a/lib/ns/update.c +++ b/lib/ns/update.c @@ -523,17 +523,13 @@ typedef struct { */ static isc_result_t foreach_node_rr_action(void *data, dns_rdataset_t *rdataset) { - isc_result_t result; foreach_node_rr_ctx_t *ctx = data; DNS_RDATASET_FOREACH(rdataset) { rr_t rr = { 0, DNS_RDATA_INIT }; dns_rdataset_current(rdataset, &rr.rdata); rr.ttl = rdataset->ttl; - result = (*ctx->rr_action)(ctx->rr_action_data, &rr); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR((*ctx->rr_action)(ctx->rr_action_data, &rr)); } return ISC_R_SUCCESS; } @@ -1537,14 +1533,10 @@ check_soa_increment(dns_db_t *db, dns_dbversion_t *ver, dns_rdata_t *update_rdata, bool *ok) { uint32_t db_serial; uint32_t update_serial; - isc_result_t result; update_serial = dns_soa_getserial(update_rdata); - result = dns_db_getsoaserial(db, ver, &db_serial); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(dns_db_getsoaserial(db, ver, &db_serial)); if (DNS_SERIAL_GE(db_serial, update_serial)) { *ok = false; @@ -2170,10 +2162,7 @@ get_iterations(dns_db_t *db, dns_dbversion_t *ver, dns_rdatatype_t privatetype, dns_rdataset_init(&rdataset); - result = dns_db_getoriginnode(db, &node); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(dns_db_getoriginnode(db, &node)); result = dns_db_findrdataset(db, node, ver, dns_rdatatype_nsec3param, 0, (isc_stdtime_t)0, &rdataset, NULL); if (result == ISC_R_NOTFOUND) { @@ -3430,12 +3419,9 @@ send_forward(ns_client_t *client, dns_zone_t *zone) { char classbuf[DNS_RDATACLASS_FORMATSIZE]; update_t *uev = NULL; - result = checkupdateacl(client, dns_zone_getforwardacl(zone), - "update forwarding", dns_zone_getorigin(zone), - true, false); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(checkupdateacl(client, dns_zone_getforwardacl(zone), + "update forwarding", dns_zone_getorigin(zone), + true, false)); result = isc_quota_acquire(&client->manager->sctx->updquota); if (result != ISC_R_SUCCESS) { diff --git a/lib/ns/xfrout.c b/lib/ns/xfrout.c index 3ca1c1f702..7b289cee2a 100644 --- a/lib/ns/xfrout.c +++ b/lib/ns/xfrout.c @@ -330,11 +330,9 @@ cleanup: static isc_result_t axfr_rrstream_first(rrstream_t *rs) { axfr_rrstream_t *s = (axfr_rrstream_t *)rs; - isc_result_t result; - result = dns_rriterator_first(&s->it); - if (result != ISC_R_SUCCESS) { - return result; - } + + RETERR(dns_rriterator_first(&s->it)); + /* Skip SOA records. */ for (;;) { dns_name_t *name_dummy = NULL; @@ -345,12 +343,10 @@ axfr_rrstream_first(rrstream_t *rs) { if (rdata->type != dns_rdatatype_soa) { break; } - result = dns_rriterator_next(&s->it); - if (result != ISC_R_SUCCESS) { - break; - } + RETERR(dns_rriterator_next(&s->it)); } - return result; + + return ISC_R_SUCCESS; } static isc_result_t diff --git a/tests/dns/dispatch_test.c b/tests/dns/dispatch_test.c index 663c9ff19c..0165df2742 100644 --- a/tests/dns/dispatch_test.c +++ b/tests/dns/dispatch_test.c @@ -258,10 +258,7 @@ make_dispatchset(dns_dispatchmgr_t *dispatchmgr, unsigned int ndisps, dns_dispatch_t *disp = NULL; isc_sockaddr_any(&any); - result = dns_dispatch_createudp(dispatchmgr, &any, &disp); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(dns_dispatch_createudp(dispatchmgr, &any, &disp)); result = dns_dispatchset_create(isc_g_mctx, disp, dsetp, ndisps); dns_dispatch_detach(&disp); diff --git a/tests/dns/master_test.c b/tests/dns/master_test.c index e5fdd75fa5..1d822fed8d 100644 --- a/tests/dns/master_test.c +++ b/tests/dns/master_test.c @@ -88,7 +88,6 @@ rawdata_callback(dns_zone_t *zone, dns_masterrawheader_t *h) { static isc_result_t setup_master(void (*warn)(struct dns_rdatacallbacks *, const char *, ...), void (*error)(struct dns_rdatacallbacks *, const char *, ...)) { - isc_result_t result; int len; isc_buffer_t source; @@ -100,10 +99,7 @@ setup_master(void (*warn)(struct dns_rdatacallbacks *, const char *, ...), isc_buffer_setactive(&source, len); dns_master_initrawheader(&header); - result = dns_name_fromtext(dns_origin, &source, dns_rootname, 0); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(dns_name_fromtext(dns_origin, &source, dns_rootname, 0)); dns_rdatacallbacks_init_stdio(&callbacks); callbacks.add = add_callback; @@ -116,7 +112,7 @@ setup_master(void (*warn)(struct dns_rdatacallbacks *, const char *, ...), callbacks.error = error; } headerset = false; - return result; + return ISC_R_SUCCESS; } static isc_result_t @@ -126,10 +122,7 @@ test_master(const char *workdir, const char *testfile, void (*error)(struct dns_rdatacallbacks *, const char *, ...)) { isc_result_t result; - result = setup_master(warn, error); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(setup_master(warn, error)); dns_rdatacallbacks_init_stdio(&callbacks); callbacks.add = add_callback; @@ -143,10 +136,7 @@ test_master(const char *workdir, const char *testfile, } if (workdir != NULL) { - result = isc_dir_chdir(workdir); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(isc_dir_chdir(workdir)); } result = dns_master_loadfile(testfile, dns_origin, dns_origin, diff --git a/tests/libtest/dns.c b/tests/libtest/dns.c index 18b8f55052..1abd26c5e3 100644 --- a/tests/libtest/dns.c +++ b/tests/libtest/dns.c @@ -65,10 +65,7 @@ dns_test_makeview(const char *name, bool with_dispatchmgr, bool with_cache, dns_dispatchmgr_t *dispatchmgr = NULL; if (with_dispatchmgr) { - result = dns_dispatchmgr_create(isc_g_mctx, &dispatchmgr); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(dns_dispatchmgr_create(isc_g_mctx, &dispatchmgr)); } dns_view_create(isc_g_mctx, dispatchmgr, dns_rdataclass_in, name, @@ -211,16 +208,10 @@ dns_test_loaddb(dns_db_t **db, dns_dbtype_t dbtype, const char *origin, name = dns_fixedname_initname(&fixed); - result = dns_name_fromstring(name, origin, dns_rootname, 0, NULL); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(dns_name_fromstring(name, origin, dns_rootname, 0, NULL)); - result = dns_db_create(isc_g_mctx, dbimp, name, dbtype, - dns_rdataclass_in, 0, NULL, db); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(dns_db_create(isc_g_mctx, dbimp, name, dbtype, dns_rdataclass_in, + 0, NULL, db)); result = dns_db_load(*db, testfile, dns_masterformat_text, 0); return result; @@ -263,7 +254,7 @@ dns_test_tohex(const unsigned char *data, size_t len, char *buf, isc_result_t dns_test_getdata(const char *file, unsigned char *buf, size_t bufsiz, size_t *sizep) { - isc_result_t result; + isc_result_t result = ISC_R_SUCCESS; unsigned char *bp; char *rp, *wp; char s[BUFSIZ]; @@ -271,10 +262,7 @@ dns_test_getdata(const char *file, unsigned char *buf, size_t bufsiz, FILE *f = NULL; int n; - result = isc_stdio_open(file, "r", &f); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(isc_stdio_open(file, "r", &f)); bp = buf; while (fgets(s, sizeof(s), f) != NULL) { diff --git a/tests/libtest/ns.c b/tests/libtest/ns.c index 359077e58a..d91c849bf3 100644 --- a/tests/libtest/ns.c +++ b/tests/libtest/ns.c @@ -146,10 +146,7 @@ ns_test_serve_zone(const char *zonename, const char *filename, /* * Prepare zone structure for further processing. */ - result = dns_test_makezone(zonename, &served_zone, view, false); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(dns_test_makezone(zonename, &served_zone, view, false)); /* * Start zone manager. @@ -518,16 +515,10 @@ ns_test_loaddb(dns_db_t **db, dns_dbtype_t dbtype, const char *origin, name = dns_fixedname_initname(&fixed); - result = dns_name_fromstring(name, origin, dns_rootname, 0, NULL); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(dns_name_fromstring(name, origin, dns_rootname, 0, NULL)); - result = dns_db_create(isc_g_mctx, dbimp, name, dbtype, - dns_rdataclass_in, 0, NULL, db); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(dns_db_create(isc_g_mctx, dbimp, name, dbtype, dns_rdataclass_in, + 0, NULL, db)); result = dns_db_load(*db, testfile, dns_masterformat_text, 0); return result; @@ -558,10 +549,7 @@ ns_test_getdata(const char *file, unsigned char *buf, size_t bufsiz, FILE *f = NULL; int n; - result = isc_stdio_open(file, "r", &f); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(isc_stdio_open(file, "r", &f)); bp = buf; while (fgets(s, sizeof(s), f) != NULL) { From 0e230c86d2d7b64b7157e50723e93d6c2a59afe5 Mon Sep 17 00:00:00 2001 From: Mark Andrews Date: Thu, 18 Sep 2025 14:33:36 +0200 Subject: [PATCH 4/8] Rename isc_result_t ret; to isc_result_t result; Standardize result variable naming by using 'result' in most places. --- bin/dnssec/dnssec-keyfromlabel.c | 67 +++++----- bin/dnssec/dnssec-keygen.c | 96 +++++++------- bin/dnssec/dnssec-signzone.c | 14 +-- lib/dns/dnssec.c | 110 ++++++++-------- lib/dns/hmac_link.c | 6 +- lib/dns/kasp.c | 10 +- lib/dns/keymgr.c | 210 +++++++++++++++---------------- lib/dns/message.c | 52 ++++---- lib/ns/query.c | 11 +- tests/dns/rsa_test.c | 54 ++++---- tests/dns/skr_test.c | 54 ++++---- 11 files changed, 342 insertions(+), 342 deletions(-) diff --git a/bin/dnssec/dnssec-keyfromlabel.c b/bin/dnssec/dnssec-keyfromlabel.c index 9245fb7cef..288b7fc85d 100644 --- a/bin/dnssec/dnssec-keyfromlabel.c +++ b/bin/dnssec/dnssec-keyfromlabel.c @@ -116,7 +116,7 @@ main(int argc, char **argv) { dst_algorithm_t alg; bool oldstyle = false; int ch; - isc_result_t ret; + isc_result_t result; isc_textregion_t r; char filename[255]; isc_buffer_t buf; @@ -182,10 +182,10 @@ main(int argc, char **argv) { break; case 'K': directory = isc_commandline_argument; - ret = try_dir(directory); - if (ret != ISC_R_SUCCESS) { + result = try_dir(directory); + if (result != ISC_R_SUCCESS) { fatal("cannot open directory %s: %s", directory, - isc_result_totext(ret)); + isc_result_totext(result)); } break; case 'k': @@ -358,11 +358,11 @@ main(int argc, char **argv) { isc_buffer_init(&buf, argv[isc_commandline_index], strlen(argv[isc_commandline_index])); isc_buffer_add(&buf, strlen(argv[isc_commandline_index])); - ret = dns_name_fromtext(name, &buf, dns_rootname, 0); - if (ret != ISC_R_SUCCESS) { + result = dns_name_fromtext(name, &buf, dns_rootname, 0); + if (result != ISC_R_SUCCESS) { fatal("invalid key name %s: %s", argv[isc_commandline_index], - isc_result_totext(ret)); + isc_result_totext(result)); } if (strchr(label, ':') == NULL) { @@ -382,8 +382,8 @@ main(int argc, char **argv) { r.base = algname; r.length = strlen(algname); - ret = dst_algorithm_fromtext(&alg, &r); - if (ret != ISC_R_SUCCESS) { + result = dst_algorithm_fromtext(&alg, &r); + if (result != ISC_R_SUCCESS) { fatal("unknown algorithm %s", algname); } @@ -459,12 +459,13 @@ main(int argc, char **argv) { fatal("-S and -G cannot be used together"); } - ret = dst_key_fromnamedfile(predecessor, directory, - DST_TYPE_PUBLIC | DST_TYPE_PRIVATE, - isc_g_mctx, &prevkey); - if (ret != ISC_R_SUCCESS) { + result = dst_key_fromnamedfile(predecessor, directory, + DST_TYPE_PUBLIC | + DST_TYPE_PRIVATE, + isc_g_mctx, &prevkey); + if (result != ISC_R_SUCCESS) { fatal("Invalid keyfile %s: %s", predecessor, - isc_result_totext(ret)); + isc_result_totext(result)); } if (!dst_key_isprivate(prevkey)) { fatal("%s is not a private key", predecessor); @@ -482,16 +483,16 @@ main(int argc, char **argv) { keystr, major, minor); } - ret = dst_key_gettime(prevkey, DST_TIME_ACTIVATE, &when); - if (ret != ISC_R_SUCCESS) { + result = dst_key_gettime(prevkey, DST_TIME_ACTIVATE, &when); + if (result != ISC_R_SUCCESS) { fatal("Key %s has no activation date.\n\t" "You must use dnssec-settime -A to set one " "before generating a successor.", keystr); } - ret = dst_key_gettime(prevkey, DST_TIME_INACTIVE, &activate); - if (ret != ISC_R_SUCCESS) { + result = dst_key_gettime(prevkey, DST_TIME_INACTIVE, &activate); + if (result != ISC_R_SUCCESS) { fatal("Key %s has no inactivation date.\n\t" "You must use dnssec-settime -I to set one " "before generating a successor.", @@ -510,8 +511,8 @@ main(int argc, char **argv) { keystr); } - ret = dst_key_gettime(prevkey, DST_TIME_DELETE, &when); - if (ret != ISC_R_SUCCESS) { + result = dst_key_gettime(prevkey, DST_TIME_DELETE, &when); + if (result != ISC_R_SUCCESS) { fprintf(stderr, "%s: WARNING: Key %s has no removal " "date;\n\t it will remain in the zone " @@ -556,16 +557,16 @@ main(int argc, char **argv) { isc_buffer_init(&buf, filename, sizeof(filename) - 1); /* associate the key */ - ret = dst_key_fromlabel(name, alg, flags, DNS_KEYPROTO_DNSSEC, rdclass, - label, NULL, isc_g_mctx, &key); + result = dst_key_fromlabel(name, alg, flags, DNS_KEYPROTO_DNSSEC, + rdclass, label, NULL, isc_g_mctx, &key); - if (ret != ISC_R_SUCCESS) { + if (result != ISC_R_SUCCESS) { char namestr[DNS_NAME_FORMATSIZE]; char algstr[DNS_SECALG_FORMATSIZE]; dns_name_format(name, namestr, sizeof(namestr)); dns_secalg_format(alg, algstr, sizeof(algstr)); fatal("failed to get key %s/%s: %s", namestr, algstr, - isc_result_totext(ret)); + isc_result_totext(result)); UNREACHABLE(); exit(EXIT_FAILURE); } @@ -651,10 +652,10 @@ main(int argc, char **argv) { &exact)) { isc_buffer_clear(&buf); - ret = dst_key_buildfilename(key, 0, directory, &buf); - if (ret != ISC_R_SUCCESS) { + result = dst_key_buildfilename(key, 0, directory, &buf); + if (result != ISC_R_SUCCESS) { fatal("dst_key_buildfilename returned: %s\n", - isc_result_totext(ret)); + isc_result_totext(result)); } if (exact) { fatal("%s: %s already exists\n", @@ -675,19 +676,19 @@ main(int argc, char **argv) { isc_commandline_progname, filename); } - ret = dst_key_tofile(key, options, directory); - if (ret != ISC_R_SUCCESS) { + result = dst_key_tofile(key, options, directory); + if (result != ISC_R_SUCCESS) { char keystr[DST_KEY_FORMATSIZE]; dst_key_format(key, keystr, sizeof(keystr)); fatal("failed to write key %s: %s\n", keystr, - isc_result_totext(ret)); + isc_result_totext(result)); } isc_buffer_clear(&buf); - ret = dst_key_buildfilename(key, 0, NULL, &buf); - if (ret != ISC_R_SUCCESS) { + result = dst_key_buildfilename(key, 0, NULL, &buf); + if (result != ISC_R_SUCCESS) { fatal("dst_key_buildfilename returned: %s\n", - isc_result_totext(ret)); + isc_result_totext(result)); } printf("%s\n", filename); dst_key_free(&key); diff --git a/bin/dnssec/dnssec-keygen.c b/bin/dnssec/dnssec-keygen.c index 6c6e82f097..17556b17b9 100644 --- a/bin/dnssec/dnssec-keygen.c +++ b/bin/dnssec/dnssec-keygen.c @@ -241,7 +241,7 @@ keygen(keygen_ctx_t *ctx, int argc, char **argv) { isc_buffer_t buf; dns_name_t *name; dns_fixedname_t fname; - isc_result_t ret; + isc_result_t result; dst_key_t *key = NULL; dst_key_t *prevkey = NULL; @@ -258,11 +258,11 @@ keygen(keygen_ctx_t *ctx, int argc, char **argv) { isc_buffer_init(&buf, argv[isc_commandline_index], strlen(argv[isc_commandline_index])); isc_buffer_add(&buf, strlen(argv[isc_commandline_index])); - ret = dns_name_fromtext(name, &buf, dns_rootname, 0); - if (ret != ISC_R_SUCCESS) { + result = dns_name_fromtext(name, &buf, dns_rootname, 0); + if (result != ISC_R_SUCCESS) { fatal("invalid key name %s: %s", argv[isc_commandline_index], - isc_result_totext(ret)); + isc_result_totext(result)); } if (!dst_algorithm_supported(ctx->alg)) { @@ -391,13 +391,13 @@ keygen(keygen_ctx_t *ctx, int argc, char **argv) { fatal("-S and -G cannot be used together"); } - ret = dst_key_fromnamedfile(ctx->predecessor, ctx->directory, - DST_TYPE_PUBLIC | DST_TYPE_PRIVATE | - DST_TYPE_STATE, - isc_g_mctx, &prevkey); - if (ret != ISC_R_SUCCESS) { + result = dst_key_fromnamedfile( + ctx->predecessor, ctx->directory, + DST_TYPE_PUBLIC | DST_TYPE_PRIVATE | DST_TYPE_STATE, + isc_g_mctx, &prevkey); + if (result != ISC_R_SUCCESS) { fatal("Invalid keyfile %s: %s", ctx->predecessor, - isc_result_totext(ret)); + isc_result_totext(result)); } if (!dst_key_isprivate(prevkey)) { fatal("%s is not a private key", ctx->predecessor); @@ -416,17 +416,17 @@ keygen(keygen_ctx_t *ctx, int argc, char **argv) { keystr, major, minor); } - ret = dst_key_gettime(prevkey, DST_TIME_ACTIVATE, &when); - if (ret != ISC_R_SUCCESS) { + result = dst_key_gettime(prevkey, DST_TIME_ACTIVATE, &when); + if (result != ISC_R_SUCCESS) { fatal("Key %s has no activation date.\n\t" "You must use dnssec-settime -A to set one " "before generating a successor.", keystr); } - ret = dst_key_gettime(prevkey, DST_TIME_INACTIVE, - &ctx->activate); - if (ret != ISC_R_SUCCESS) { + result = dst_key_gettime(prevkey, DST_TIME_INACTIVE, + &ctx->activate); + if (result != ISC_R_SUCCESS) { fatal("Key %s has no inactivation date.\n\t" "You must use dnssec-settime -I to set one " "before generating a successor.", @@ -445,8 +445,8 @@ keygen(keygen_ctx_t *ctx, int argc, char **argv) { keystr); } - ret = dst_key_gettime(prevkey, DST_TIME_DELETE, &when); - if (ret != ISC_R_SUCCESS) { + result = dst_key_gettime(prevkey, DST_TIME_DELETE, &when); + if (result != ISC_R_SUCCESS) { fprintf(stderr, "%s: WARNING: Key %s has no removal " "date;\n\t it will remain in the zone " @@ -558,19 +558,19 @@ keygen(keygen_ctx_t *ctx, int argc, char **argv) { } if (ctx->keystore != NULL && ctx->policy != NULL) { - ret = dns_keystore_keygen( + result = dns_keystore_keygen( ctx->keystore, name, ctx->policy, ctx->rdclass, isc_g_mctx, ctx->alg, ctx->size, flags, &key); } else if (!ctx->quiet && show_progress) { - ret = dst_key_generate(name, ctx->alg, ctx->size, 0, - flags, DNS_KEYPROTO_DNSSEC, - ctx->rdclass, NULL, isc_g_mctx, - &key, &progress); + result = dst_key_generate(name, ctx->alg, ctx->size, 0, + flags, DNS_KEYPROTO_DNSSEC, + ctx->rdclass, NULL, + isc_g_mctx, &key, &progress); } else { - ret = dst_key_generate(name, ctx->alg, ctx->size, 0, - flags, DNS_KEYPROTO_DNSSEC, - ctx->rdclass, NULL, isc_g_mctx, - &key, NULL); + result = dst_key_generate(name, ctx->alg, ctx->size, 0, + flags, DNS_KEYPROTO_DNSSEC, + ctx->rdclass, NULL, + isc_g_mctx, &key, NULL); } if (!ctx->quiet && show_progress) { @@ -578,11 +578,11 @@ keygen(keygen_ctx_t *ctx, int argc, char **argv) { fflush(stderr); } - if (ret != ISC_R_SUCCESS) { + if (result != ISC_R_SUCCESS) { char namestr[DNS_NAME_FORMATSIZE]; dns_name_format(name, namestr, sizeof(namestr)); fatal("failed to generate key %s/%s: %s\n", namestr, - algstr, isc_result_totext(ret)); + algstr, isc_result_totext(result)); } /* @@ -715,9 +715,9 @@ keygen(keygen_ctx_t *ctx, int argc, char **argv) { if (verbose > 0) { isc_buffer_clear(&buf); - ret = dst_key_buildfilename( + result = dst_key_buildfilename( key, 0, ctx->directory, &buf); - if (ret == ISC_R_SUCCESS) { + if (result == ISC_R_SUCCESS) { fprintf(stderr, "%s: %s already exists, or " "might collide with another " @@ -741,28 +741,28 @@ keygen(keygen_ctx_t *ctx, int argc, char **argv) { dst_key_setnum(prevkey, DST_NUM_SUCCESSOR, dst_key_id(key)); dst_key_setnum(key, DST_NUM_PREDECESSOR, dst_key_id(prevkey)); - ret = dst_key_tofile(prevkey, ctx->options, ctx->directory); - if (ret != ISC_R_SUCCESS) { + result = dst_key_tofile(prevkey, ctx->options, ctx->directory); + if (result != ISC_R_SUCCESS) { char keystr[DST_KEY_FORMATSIZE]; dst_key_format(prevkey, keystr, sizeof(keystr)); fatal("failed to update predecessor %s: %s\n", keystr, - isc_result_totext(ret)); + isc_result_totext(result)); } } - ret = dst_key_tofile(key, ctx->options, ctx->directory); - if (ret != ISC_R_SUCCESS) { + result = dst_key_tofile(key, ctx->options, ctx->directory); + if (result != ISC_R_SUCCESS) { char keystr[DST_KEY_FORMATSIZE]; dst_key_format(key, keystr, sizeof(keystr)); fatal("failed to write key %s: %s\n", keystr, - isc_result_totext(ret)); + isc_result_totext(result)); } isc_buffer_clear(&buf); - ret = dst_key_buildfilename(key, 0, NULL, &buf); - if (ret != ISC_R_SUCCESS) { + result = dst_key_buildfilename(key, 0, NULL, &buf); + if (result != ISC_R_SUCCESS) { fatal("dst_key_buildfilename returned: %s\n", - isc_result_totext(ret)); + isc_result_totext(result)); } printf("%s\n", filename); @@ -776,10 +776,10 @@ static void check_keystore_options(keygen_ctx_t *ctx) { ctx->directory = dns_keystore_directory(ctx->keystore, NULL); if (ctx->directory != NULL) { - isc_result_t ret = try_dir(ctx->directory); - if (ret != ISC_R_SUCCESS) { + isc_result_t result = try_dir(ctx->directory); + if (result != ISC_R_SUCCESS) { fatal("cannot open directory %s: %s", ctx->directory, - isc_result_totext(ret)); + isc_result_totext(result)); } } } @@ -789,7 +789,7 @@ main(int argc, char **argv) { char *algname = NULL, *freeit = NULL; char *classname = NULL; char *endp; - isc_result_t ret; + isc_result_t result; isc_textregion_t r; unsigned char c; int ch; @@ -878,10 +878,10 @@ main(int argc, char **argv) { break; case 'K': ctx.directory = isc_commandline_argument; - ret = try_dir(ctx.directory); - if (ret != ISC_R_SUCCESS) { + result = try_dir(ctx.directory); + if (result != ISC_R_SUCCESS) { fatal("cannot open directory %s: %s", - ctx.directory, isc_result_totext(ret)); + ctx.directory, isc_result_totext(result)); } break; case 'k': @@ -1096,8 +1096,8 @@ main(int argc, char **argv) { } r.base = algname; r.length = strlen(algname); - ret = dst_algorithm_fromtext(&ctx.alg, &r); - if (ret != ISC_R_SUCCESS) { + result = dst_algorithm_fromtext(&ctx.alg, &r); + if (result != ISC_R_SUCCESS) { fatal("unknown algorithm %s", algname); } if (!dst_algorithm_supported(ctx.alg)) { diff --git a/bin/dnssec/dnssec-signzone.c b/bin/dnssec/dnssec-signzone.c index 4502d00720..3b139ef91c 100644 --- a/bin/dnssec/dnssec-signzone.c +++ b/bin/dnssec/dnssec-signzone.c @@ -727,9 +727,9 @@ signset(dns_diff_t *del, dns_diff_t *add, dns_dbnode_t *node, dns_name_t *name, */ bool have_pre_sig = false; uint32_t pre; - isc_result_t ret = dst_key_getnum( - key->key, DST_NUM_PREDECESSOR, &pre); - if (ret == ISC_R_SUCCESS) { + result = dst_key_getnum(key->key, DST_NUM_PREDECESSOR, + &pre); + if (result == ISC_R_SUCCESS) { /* * This key has a predecessor, look for the * corresponding key in the keylist. The @@ -749,10 +749,10 @@ signset(dns_diff_t *del, dns_diff_t *add, dns_dbnode_t *node, dns_name_t *name, { continue; } - ret = dst_key_getnum(curr->key, - DST_NUM_SUCCESSOR, - &suc); - if (ret != ISC_R_SUCCESS || + result = dst_key_getnum( + curr->key, DST_NUM_SUCCESSOR, + &suc); + if (result != ISC_R_SUCCESS || dst_key_id(key->key) != suc) { continue; diff --git a/lib/dns/dnssec.c b/lib/dns/dnssec.c index f079dcc472..7711fb92b1 100644 --- a/lib/dns/dnssec.c +++ b/lib/dns/dnssec.c @@ -85,7 +85,7 @@ rdata_compare_wrapper(const void *rdata1, const void *rdata2) { static isc_result_t rdataset_to_sortedarray(dns_rdataset_t *set, isc_mem_t *mctx, dns_rdata_t **rdata, int *nrdata) { - isc_result_t ret; + isc_result_t result; int i = 0, n; dns_rdata_t *data; dns_rdataset_t rdataset; @@ -96,11 +96,11 @@ rdataset_to_sortedarray(dns_rdataset_t *set, isc_mem_t *mctx, dns_rdataset_init(&rdataset); dns_rdataset_clone(set, &rdataset); - ret = dns_rdataset_first(&rdataset); - if (ret != ISC_R_SUCCESS) { + result = dns_rdataset_first(&rdataset); + if (result != ISC_R_SUCCESS) { dns_rdataset_disassociate(&rdataset); isc_mem_cput(mctx, data, n, sizeof(dns_rdata_t)); - return ret; + return result; } /* @@ -177,7 +177,7 @@ dns_dnssec_sign(const dns_name_t *name, dns_rdataset_t *set, dst_key_t *key, isc_buffer_t sigbuf, envbuf; isc_region_t r; dst_context_t *ctx = NULL; - isc_result_t ret; + isc_result_t result; isc_buffer_t *databuf = NULL; char data[256 + 8]; unsigned int sigsize; @@ -232,22 +232,23 @@ dns_dnssec_sign(const dns_name_t *name, dns_rdataset_t *set, dst_key_t *key, isc_buffer_allocate(mctx, &databuf, sigsize + 256 + 18); dns_rdata_init(&tmpsigrdata); - ret = dns_rdata_fromstruct(&tmpsigrdata, sig.common.rdclass, - sig.common.rdtype, &sig, databuf); - if (ret != ISC_R_SUCCESS) { + result = dns_rdata_fromstruct(&tmpsigrdata, sig.common.rdclass, + sig.common.rdtype, &sig, databuf); + if (result != ISC_R_SUCCESS) { goto cleanup_databuf; } - ret = dst_context_create(key, mctx, DNS_LOGCATEGORY_DNSSEC, true, &ctx); - if (ret != ISC_R_SUCCESS) { + result = dst_context_create(key, mctx, DNS_LOGCATEGORY_DNSSEC, true, + &ctx); + if (result != ISC_R_SUCCESS) { goto cleanup_databuf; } /* * Digest the SIG rdata. */ - ret = digest_sig(ctx, false, &tmpsigrdata, &sig); - if (ret != ISC_R_SUCCESS) { + result = digest_sig(ctx, false, &tmpsigrdata, &sig); + if (result != ISC_R_SUCCESS) { goto cleanup_context; } @@ -266,8 +267,8 @@ dns_dnssec_sign(const dns_name_t *name, dns_rdataset_t *set, dst_key_t *key, isc_buffer_putuint16(&envbuf, set->rdclass); isc_buffer_putuint32(&envbuf, set->ttl); - ret = rdataset_to_sortedarray(set, mctx, &rdatas, &nrdatas); - if (ret != ISC_R_SUCCESS) { + result = rdataset_to_sortedarray(set, mctx, &rdatas, &nrdatas); + if (result != ISC_R_SUCCESS) { goto cleanup_context; } isc_buffer_usedregion(&envbuf, &r); @@ -288,8 +289,8 @@ dns_dnssec_sign(const dns_name_t *name, dns_rdataset_t *set, dst_key_t *key, /* * Digest the envelope. */ - ret = dst_context_adddata(ctx, &r); - if (ret != ISC_R_SUCCESS) { + result = dst_context_adddata(ctx, &r); + if (result != ISC_R_SUCCESS) { goto cleanup_array; } @@ -299,33 +300,33 @@ dns_dnssec_sign(const dns_name_t *name, dns_rdataset_t *set, dst_key_t *key, isc_buffer_init(&lenbuf, &len, sizeof(len)); isc_buffer_putuint16(&lenbuf, (uint16_t)rdatas[i].length); isc_buffer_usedregion(&lenbuf, &lenr); - ret = dst_context_adddata(ctx, &lenr); - if (ret != ISC_R_SUCCESS) { + result = dst_context_adddata(ctx, &lenr); + if (result != ISC_R_SUCCESS) { goto cleanup_array; } /* * Digest the rdata. */ - ret = dns_rdata_digest(&rdatas[i], digest_callback, ctx); - if (ret != ISC_R_SUCCESS) { + result = dns_rdata_digest(&rdatas[i], digest_callback, ctx); + if (result != ISC_R_SUCCESS) { goto cleanup_array; } } isc_buffer_init(&sigbuf, sig.signature, sig.siglen); - ret = dst_context_sign(ctx, &sigbuf); - if (ret != ISC_R_SUCCESS) { + result = dst_context_sign(ctx, &sigbuf); + if (result != ISC_R_SUCCESS) { goto cleanup_array; } isc_buffer_usedregion(&sigbuf, &r); if (r.length != sig.siglen) { - ret = ISC_R_NOSPACE; + result = ISC_R_NOSPACE; goto cleanup_array; } - ret = dns_rdata_fromstruct(sigrdata, sig.common.rdclass, - sig.common.rdtype, &sig, buffer); + result = dns_rdata_fromstruct(sigrdata, sig.common.rdclass, + sig.common.rdtype, &sig, buffer); cleanup_array: isc_mem_cput(mctx, rdatas, nrdatas, sizeof(dns_rdata_t)); @@ -335,7 +336,7 @@ cleanup_databuf: isc_buffer_free(&databuf); isc_mem_put(mctx, sig.signature, sig.siglen); - return ret; + return result; } isc_result_t @@ -349,7 +350,7 @@ dns_dnssec_verify(const dns_name_t *name, dns_rdataset_t *set, dst_key_t *key, dns_rdata_t *rdatas; int nrdatas, i; isc_stdtime_t now; - isc_result_t ret; + isc_result_t result; unsigned char data[300]; dst_context_t *ctx = NULL; int labels = 0; @@ -415,17 +416,17 @@ dns_dnssec_verify(const dns_name_t *name, dns_rdataset_t *set, dst_key_t *key, } again: - ret = dst_context_create(key, mctx, DNS_LOGCATEGORY_DNSSEC, false, - &ctx); - if (ret != ISC_R_SUCCESS) { + result = dst_context_create(key, mctx, DNS_LOGCATEGORY_DNSSEC, false, + &ctx); + if (result != ISC_R_SUCCESS) { goto cleanup_struct; } /* * Digest the SIG rdata (not including the signature). */ - ret = digest_sig(ctx, downcase, sigrdata, &sig); - if (ret != ISC_R_SUCCESS) { + result = digest_sig(ctx, downcase, sigrdata, &sig); + if (result != ISC_R_SUCCESS) { goto cleanup_context; } @@ -459,8 +460,8 @@ again: isc_buffer_putuint16(&envbuf, set->rdclass); isc_buffer_putuint32(&envbuf, sig.originalttl); - ret = rdataset_to_sortedarray(set, mctx, &rdatas, &nrdatas); - if (ret != ISC_R_SUCCESS) { + result = rdataset_to_sortedarray(set, mctx, &rdatas, &nrdatas); + if (result != ISC_R_SUCCESS) { goto cleanup_context; } @@ -482,8 +483,8 @@ again: /* * Digest the envelope. */ - ret = dst_context_adddata(ctx, &r); - if (ret != ISC_R_SUCCESS) { + result = dst_context_adddata(ctx, &r); + if (result != ISC_R_SUCCESS) { goto cleanup_array; } @@ -497,20 +498,20 @@ again: /* * Digest the rdata. */ - ret = dst_context_adddata(ctx, &lenr); - if (ret != ISC_R_SUCCESS) { + result = dst_context_adddata(ctx, &lenr); + if (result != ISC_R_SUCCESS) { goto cleanup_array; } - ret = dns_rdata_digest(&rdatas[i], digest_callback, ctx); - if (ret != ISC_R_SUCCESS) { + result = dns_rdata_digest(&rdatas[i], digest_callback, ctx); + if (result != ISC_R_SUCCESS) { goto cleanup_array; } } r.base = sig.signature; r.length = sig.siglen; - ret = dst_context_verify(ctx, &r); - if (ret == ISC_R_SUCCESS && downcase) { + result = dst_context_verify(ctx, &r); + if (result == ISC_R_SUCCESS && downcase) { char namebuf[DNS_NAME_FORMATSIZE]; dns_name_format(&sig.signer, namebuf, sizeof(namebuf)); isc_log_write(DNS_LOGCATEGORY_DNSSEC, DNS_LOGMODULE_DNSSEC, @@ -519,7 +520,7 @@ again: "signer '%s'", namebuf); inc_stat(dns_dnssecstats_downcase); - } else if (ret == ISC_R_SUCCESS) { + } else if (result == ISC_R_SUCCESS) { inc_stat(dns_dnssecstats_asis); } @@ -527,22 +528,22 @@ cleanup_array: isc_mem_cput(mctx, rdatas, nrdatas, sizeof(dns_rdata_t)); cleanup_context: dst_context_destroy(&ctx); - if (ret == DST_R_VERIFYFAILURE && !downcase) { + if (result == DST_R_VERIFYFAILURE && !downcase) { downcase = true; goto again; } cleanup_struct: dns_rdata_freestruct(&sig); - if (ret == DST_R_VERIFYFAILURE) { - ret = DNS_R_SIGINVALID; + if (result == DST_R_VERIFYFAILURE) { + result = DNS_R_SIGINVALID; } - if (ret != ISC_R_SUCCESS) { + if (result != ISC_R_SUCCESS) { inc_stat(dns_dnssecstats_fail); } - if (ret == ISC_R_SUCCESS && labels - sig.labels > 0) { + if (result == ISC_R_SUCCESS && labels - sig.labels > 0) { if (wild != NULL) { RUNTIME_CHECK(dns_name_concatenate( dns_wildcardname, @@ -550,9 +551,9 @@ cleanup_struct: wild) == ISC_R_SUCCESS); } inc_stat(dns_dnssecstats_wildcard); - ret = DNS_R_FROMWILDCARD; + result = DNS_R_FROMWILDCARD; } - return ret; + return result; } bool @@ -562,19 +563,18 @@ dns_dnssec_keyactive(dst_key_t *key, isc_stdtime_t now) { bool hint_publish, hint_zsign, hint_ksign, hint_revoke, hint_remove; int major, minor; bool ksk = false, zsk = false; - isc_result_t ret; /* Is this an old-style key? */ result = dst_key_getprivateformat(key, &major, &minor); RUNTIME_CHECK(result == ISC_R_SUCCESS); /* Is this a KSK? */ - ret = dst_key_getbool(key, DST_BOOL_KSK, &ksk); - if (ret != ISC_R_SUCCESS) { + result = dst_key_getbool(key, DST_BOOL_KSK, &ksk); + if (result != ISC_R_SUCCESS) { ksk = ((dst_key_flags(key) & DNS_KEYFLAG_KSK) != 0); } - ret = dst_key_getbool(key, DST_BOOL_ZSK, &zsk); - if (ret != ISC_R_SUCCESS) { + result = dst_key_getbool(key, DST_BOOL_ZSK, &zsk); + if (result != ISC_R_SUCCESS) { zsk = ((dst_key_flags(key) & DNS_KEYFLAG_KSK) == 0); } diff --git a/lib/dns/hmac_link.c b/lib/dns/hmac_link.c index 1a9a163191..320b8adb85 100644 --- a/lib/dns/hmac_link.c +++ b/lib/dns/hmac_link.c @@ -272,7 +272,7 @@ hmac_compare(const isc_md_type_t *type, const dst_key_t *key1, static isc_result_t hmac_generate(const isc_md_type_t *type, dst_key_t *key) { isc_buffer_t b; - isc_result_t ret; + isc_result_t result; unsigned int bytes, len; unsigned char data[ISC_MAX_MD_SIZE] = { 0 }; @@ -290,11 +290,11 @@ hmac_generate(const isc_md_type_t *type, dst_key_t *key) { isc_buffer_init(&b, data, bytes); isc_buffer_add(&b, bytes); - ret = hmac_fromdns(type, key, &b); + result = hmac_fromdns(type, key, &b); isc_safe_memwipe(data, sizeof(data)); - return ret; + return result; } static bool diff --git a/lib/dns/kasp.c b/lib/dns/kasp.c index 76a59c225d..f3ea00eb96 100644 --- a/lib/dns/kasp.c +++ b/lib/dns/kasp.c @@ -522,7 +522,7 @@ dns_kasp_key_tagmax(dns_kasp_key_t *key) { bool dns_kasp_key_match(dns_kasp_key_t *key, dns_dnsseckey_t *dkey) { - isc_result_t ret; + isc_result_t result; bool role = false; REQUIRE(key != NULL); @@ -537,12 +537,12 @@ dns_kasp_key_match(dns_kasp_key_t *key, dns_dnsseckey_t *dkey) { return false; } /* Matching role? */ - ret = dst_key_getbool(dkey->key, DST_BOOL_KSK, &role); - if (ret != ISC_R_SUCCESS || role != dns_kasp_key_ksk(key)) { + result = dst_key_getbool(dkey->key, DST_BOOL_KSK, &role); + if (result != ISC_R_SUCCESS || role != dns_kasp_key_ksk(key)) { return false; } - ret = dst_key_getbool(dkey->key, DST_BOOL_ZSK, &role); - if (ret != ISC_R_SUCCESS || role != dns_kasp_key_zsk(key)) { + result = dst_key_getbool(dkey->key, DST_BOOL_ZSK, &role); + if (result != ISC_R_SUCCESS || role != dns_kasp_key_zsk(key)) { return false; } /* Valid key tag range? */ diff --git a/lib/dns/keymgr.c b/lib/dns/keymgr.c index acb31bd322..f38936aef8 100644 --- a/lib/dns/keymgr.c +++ b/lib/dns/keymgr.c @@ -96,13 +96,13 @@ log_key_overflow(dst_key_t *key, const char *what) { static const char * keymgr_keyrole(dst_key_t *key) { bool ksk = false, zsk = false; - isc_result_t ret; - ret = dst_key_getbool(key, DST_BOOL_KSK, &ksk); - if (ret != ISC_R_SUCCESS) { + isc_result_t result; + result = dst_key_getbool(key, DST_BOOL_KSK, &ksk); + if (result != ISC_R_SUCCESS) { return "UNKNOWN"; } - ret = dst_key_getbool(key, DST_BOOL_ZSK, &zsk); - if (ret != ISC_R_SUCCESS) { + result = dst_key_getbool(key, DST_BOOL_ZSK, &zsk); + if (result != ISC_R_SUCCESS) { return "UNKNOWN"; } if (ksk && zsk) { @@ -123,26 +123,26 @@ static void keymgr_settime_remove(dns_dnsseckey_t *key, dns_kasp_t *kasp) { isc_stdtime_t retire = 0, remove = 0, ksk_remove = 0, zsk_remove = 0; bool zsk = false, ksk = false; - isc_result_t ret; + isc_result_t result; REQUIRE(key != NULL); REQUIRE(key->key != NULL); - ret = dst_key_gettime(key->key, DST_TIME_INACTIVE, &retire); - if (ret != ISC_R_SUCCESS) { + result = dst_key_gettime(key->key, DST_TIME_INACTIVE, &retire); + if (result != ISC_R_SUCCESS) { return; } - ret = dst_key_getbool(key->key, DST_BOOL_ZSK, &zsk); - if (ret == ISC_R_SUCCESS && zsk) { + result = dst_key_getbool(key->key, DST_BOOL_ZSK, &zsk); + if (result == ISC_R_SUCCESS && zsk) { dns_ttl_t ttlsig = dns_kasp_zonemaxttl(kasp, true); /* ZSK: Iret = Dsgn + Dprp + TTLsig */ zsk_remove = retire + ttlsig + dns_kasp_zonepropagationdelay(kasp) + dns_kasp_retiresafety(kasp) + dns_kasp_signdelay(kasp); } - ret = dst_key_getbool(key->key, DST_BOOL_KSK, &ksk); - if (ret == ISC_R_SUCCESS && ksk) { + result = dst_key_getbool(key->key, DST_BOOL_KSK, &ksk); + if (result == ISC_R_SUCCESS && ksk) { /* KSK: Iret = DprpP + TTLds */ ksk_remove = retire + dns_kasp_dsttl(kasp) + dns_kasp_parentpropagationdelay(kasp) + @@ -161,17 +161,17 @@ void dns_keymgr_settime_syncpublish(dst_key_t *key, dns_kasp_t *kasp, bool first) { isc_stdtime_t published, syncpublish; bool ksk = false; - isc_result_t ret; + isc_result_t result; REQUIRE(key != NULL); - ret = dst_key_gettime(key, DST_TIME_PUBLISH, &published); - if (ret != ISC_R_SUCCESS) { + result = dst_key_gettime(key, DST_TIME_PUBLISH, &published); + if (result != ISC_R_SUCCESS) { return; } - ret = dst_key_getbool(key, DST_BOOL_KSK, &ksk); - if (ret != ISC_R_SUCCESS || !ksk) { + result = dst_key_getbool(key, DST_BOOL_KSK, &ksk); + if (result != ISC_R_SUCCESS || !ksk) { return; } @@ -191,8 +191,8 @@ dns_keymgr_settime_syncpublish(dst_key_t *key, dns_kasp_t *kasp, bool first) { dst_key_settime(key, DST_TIME_SYNCPUBLISH, syncpublish); uint32_t lifetime = 0; - ret = dst_key_getnum(key, DST_NUM_LIFETIME, &lifetime); - if (ret == ISC_R_SUCCESS && lifetime > 0) { + result = dst_key_getnum(key, DST_NUM_LIFETIME, &lifetime); + if (result == ISC_R_SUCCESS && lifetime > 0) { dst_key_settime(key, DST_TIME_SYNCDELETE, syncpublish + lifetime); } @@ -215,7 +215,7 @@ dns_keymgr_settime_syncpublish(dst_key_t *key, dns_kasp_t *kasp, bool first) { static isc_stdtime_t keymgr_prepublication_time(dns_dnsseckey_t *key, dns_kasp_t *kasp, uint32_t lifetime, isc_stdtime_t now) { - isc_result_t ret; + isc_result_t result; isc_stdtime_t active, retire, pub, prepub; bool zsk = false, ksk = false; @@ -230,14 +230,14 @@ keymgr_prepublication_time(dns_dnsseckey_t *key, dns_kasp_t *kasp, * An active key must have publish and activate timing * metadata. */ - ret = dst_key_gettime(key->key, DST_TIME_ACTIVATE, &active); - if (ret != ISC_R_SUCCESS) { + result = dst_key_gettime(key->key, DST_TIME_ACTIVATE, &active); + if (result != ISC_R_SUCCESS) { /* Super weird, but if it happens, set it to now. */ dst_key_settime(key->key, DST_TIME_ACTIVATE, now); active = now; } - ret = dst_key_gettime(key->key, DST_TIME_PUBLISH, &pub); - if (ret != ISC_R_SUCCESS) { + result = dst_key_gettime(key->key, DST_TIME_PUBLISH, &pub); + if (result != ISC_R_SUCCESS) { /* Super weird, but if it happens, set it to now. */ dst_key_settime(key->key, DST_TIME_PUBLISH, now); pub = now; @@ -248,8 +248,8 @@ keymgr_prepublication_time(dns_dnsseckey_t *key, dns_kasp_t *kasp, * the key lifetime is required. */ uint32_t klifetime = 0; - ret = dst_key_getnum(key->key, DST_NUM_LIFETIME, &klifetime); - if (ret != ISC_R_SUCCESS) { + result = dst_key_getnum(key->key, DST_NUM_LIFETIME, &klifetime); + if (result != ISC_R_SUCCESS) { dst_key_setnum(key->key, DST_NUM_LIFETIME, lifetime); klifetime = lifetime; } @@ -259,23 +259,24 @@ keymgr_prepublication_time(dns_dnsseckey_t *key, dns_kasp_t *kasp, */ prepub = dst_key_getttl(key->key) + dns_kasp_publishsafety(kasp) + dns_kasp_zonepropagationdelay(kasp); - ret = dst_key_getbool(key->key, DST_BOOL_KSK, &ksk); - if (ret == ISC_R_SUCCESS && ksk) { + result = dst_key_getbool(key->key, DST_BOOL_KSK, &ksk); + if (result == ISC_R_SUCCESS && ksk) { isc_stdtime_t syncpub; /* * Set PublishCDS if not set. */ - ret = dst_key_gettime(key->key, DST_TIME_SYNCPUBLISH, &syncpub); - if (ret != ISC_R_SUCCESS) { + result = dst_key_gettime(key->key, DST_TIME_SYNCPUBLISH, + &syncpub); + if (result != ISC_R_SUCCESS) { uint32_t tag; isc_stdtime_t syncpub1, syncpub2; syncpub1 = pub + prepub; syncpub2 = 0; - ret = dst_key_getnum(key->key, DST_NUM_PREDECESSOR, - &tag); - if (ret != ISC_R_SUCCESS) { + result = dst_key_getnum(key->key, DST_NUM_PREDECESSOR, + &tag); + if (result != ISC_R_SUCCESS) { /* * No predecessor, wait for zone to be * completely signed. @@ -303,8 +304,8 @@ keymgr_prepublication_time(dns_dnsseckey_t *key, dns_kasp_t *kasp, */ (void)dst_key_getbool(key->key, DST_BOOL_ZSK, &zsk); - ret = dst_key_gettime(key->key, DST_TIME_INACTIVE, &retire); - if (ret != ISC_R_SUCCESS) { + result = dst_key_gettime(key->key, DST_TIME_INACTIVE, &retire); + if (result != ISC_R_SUCCESS) { if (klifetime == 0) { /* * No inactive time and no lifetime, @@ -339,7 +340,7 @@ static void keymgr_key_retire(dns_dnsseckey_t *key, dns_kasp_t *kasp, uint8_t opts, isc_stdtime_t now) { char keystr[DST_KEY_FORMATSIZE]; - isc_result_t ret; + isc_result_t result; isc_stdtime_t retire; dst_key_state_t s; bool ksk = false, zsk = false; @@ -349,8 +350,8 @@ keymgr_key_retire(dns_dnsseckey_t *key, dns_kasp_t *kasp, uint8_t opts, dst_key_format(key->key, keystr, sizeof(keystr)); - ret = dst_key_getstate(key->key, DST_KEY_GOAL, &s); - INSIST(ret == ISC_R_SUCCESS); + result = dst_key_getstate(key->key, DST_KEY_GOAL, &s); + INSIST(result == ISC_R_SUCCESS); if (dns_kasp_manualmode(kasp) && (opts & DNS_KEYMGRATTR_FORCESTEP) == 0 && s != HIDDEN) @@ -374,8 +375,8 @@ keymgr_key_retire(dns_dnsseckey_t *key, dns_kasp_t *kasp, uint8_t opts, * This key may not have key states set yet. Pretend as if they are * in the OMNIPRESENT state. */ - ret = dst_key_gettime(key->key, DST_TIME_INACTIVE, &retire); - if (ret != ISC_R_SUCCESS || (retire > now)) { + result = dst_key_gettime(key->key, DST_TIME_INACTIVE, &retire); + if (result != ISC_R_SUCCESS || (retire > now)) { dst_key_settime(key->key, DST_TIME_INACTIVE, now); } keymgr_settime_remove(key, kasp); @@ -385,8 +386,8 @@ keymgr_key_retire(dns_dnsseckey_t *key, dns_kasp_t *kasp, uint8_t opts, dst_key_settime(key->key, DST_TIME_DNSKEY, now); } - ret = dst_key_getbool(key->key, DST_BOOL_KSK, &ksk); - if (ret == ISC_R_SUCCESS && ksk) { + result = dst_key_getbool(key->key, DST_BOOL_KSK, &ksk); + if (result == ISC_R_SUCCESS && ksk) { if (dst_key_getstate(key->key, DST_KEY_KRRSIG, &s) != ISC_R_SUCCESS) { @@ -399,8 +400,8 @@ keymgr_key_retire(dns_dnsseckey_t *key, dns_kasp_t *kasp, uint8_t opts, dst_key_settime(key->key, DST_TIME_DS, now); } } - ret = dst_key_getbool(key->key, DST_BOOL_ZSK, &zsk); - if (ret == ISC_R_SUCCESS && zsk) { + result = dst_key_getbool(key->key, DST_BOOL_ZSK, &zsk); + if (result == ISC_R_SUCCESS && zsk) { if (dst_key_getstate(key->key, DST_KEY_ZRRSIG, &s) != ISC_R_SUCCESS) { @@ -1309,7 +1310,7 @@ static void keymgr_transition_time(dns_dnsseckey_t *key, int type, dst_key_state_t next_state, dns_kasp_t *kasp, isc_stdtime_t now, isc_stdtime_t *when) { - isc_result_t ret; + isc_result_t result; isc_stdtime_t lastchange, dstime, sigtime, nexttime = now; dns_ttl_t ttlsig = dns_kasp_zonemaxttl(kasp, true); uint32_t dsstate, sigstate, signdelay = 0; @@ -1322,8 +1323,8 @@ keymgr_transition_time(dns_dnsseckey_t *key, int type, return; } - ret = dst_key_gettime(key->key, keystatetimes[type], &lastchange); - if (ret != ISC_R_SUCCESS) { + result = dst_key_gettime(key->key, keystatetimes[type], &lastchange); + if (result != ISC_R_SUCCESS) { /* No last change, for safety purposes let's set it to now. */ dst_key_settime(key->key, keystatetimes[type], now); lastchange = now; @@ -1369,8 +1370,8 @@ keymgr_transition_time(dns_dnsseckey_t *key, int type, /* Was there a full sign? */ sigstate = (next_state == HIDDEN) ? DST_TIME_SIGDELETE : DST_TIME_SIGPUBLISH; - ret = dst_key_gettime(key->key, sigstate, &sigtime); - if (ret == ISC_R_SUCCESS && sigtime <= now) { + result = dst_key_gettime(key->key, sigstate, &sigtime); + if (result == ISC_R_SUCCESS && sigtime <= now) { signdelay = 0; } else { sigtime = lastchange; @@ -1401,13 +1402,13 @@ keymgr_transition_time(dns_dnsseckey_t *key, int type, * there is an actual predecessor or successor key. */ uint32_t tag; - ret = dst_key_getnum(key->key, DST_NUM_PREDECESSOR, - &tag); - if (ret != ISC_R_SUCCESS) { - ret = dst_key_getnum(key->key, - DST_NUM_SUCCESSOR, &tag); + result = dst_key_getnum(key->key, DST_NUM_PREDECESSOR, + &tag); + if (result != ISC_R_SUCCESS) { + result = dst_key_getnum( + key->key, DST_NUM_SUCCESSOR, &tag); } - if (ret == ISC_R_SUCCESS) { + if (result == ISC_R_SUCCESS) { nexttime += signdelay + dns_kasp_retiresafety(kasp); } @@ -1442,8 +1443,8 @@ keymgr_transition_time(dns_dnsseckey_t *key, int type, * parent. */ dsstate = next_state == HIDDEN ? DST_TIME_DSDELETE : DST_TIME_DSPUBLISH; - ret = dst_key_gettime(key->key, dsstate, &dstime); - if (ret != ISC_R_SUCCESS || dstime > now) { + result = dst_key_gettime(key->key, dsstate, &dstime); + if (result != ISC_R_SUCCESS || dstime > now) { /* Not yet, try again in an hour. */ nexttime = now + 3600; } else { @@ -1455,14 +1456,14 @@ keymgr_transition_time(dns_dnsseckey_t *key, int type, * actual predecessor or successor key. */ uint32_t tag; - ret = dst_key_getnum(key->key, - DST_NUM_PREDECESSOR, &tag); - if (ret != ISC_R_SUCCESS) { - ret = dst_key_getnum(key->key, - DST_NUM_SUCCESSOR, - &tag); + result = dst_key_getnum( + key->key, DST_NUM_PREDECESSOR, &tag); + if (result != ISC_R_SUCCESS) { + result = dst_key_getnum( + key->key, DST_NUM_SUCCESSOR, + &tag); } - if (ret == ISC_R_SUCCESS) { + if (result == ISC_R_SUCCESS) { nexttime += dns_kasp_retiresafety(kasp); } } @@ -1508,12 +1509,12 @@ transition: /* For all records related to this key. */ for (int i = 0; i < NUM_KEYSTATES; i++) { - isc_result_t ret; isc_stdtime_t when; dst_key_state_t state, next_state; - ret = dst_key_getstate(dkey->key, i, &state); - if (ret == ISC_R_NOTFOUND) { + if (dst_key_getstate(dkey->key, i, &state) == + ISC_R_NOTFOUND) + { /* * This record type is not applicable for this * key, continue to the next record type. @@ -1664,7 +1665,7 @@ void dns_keymgr_key_init(dns_dnsseckey_t *key, dns_kasp_t *kasp, isc_stdtime_t now, bool csk) { bool ksk, zsk; - isc_result_t ret; + isc_result_t result; isc_stdtime_t active = 0, pub = 0, syncpub = 0, retire = 0, remove = 0; dst_key_state_t dnskey_state = HIDDEN; dst_key_state_t ds_state = HIDDEN; @@ -1675,20 +1676,20 @@ dns_keymgr_key_init(dns_dnsseckey_t *key, dns_kasp_t *kasp, isc_stdtime_t now, REQUIRE(key->key != NULL); /* Initialize role. */ - ret = dst_key_getbool(key->key, DST_BOOL_KSK, &ksk); - if (ret != ISC_R_SUCCESS) { + result = dst_key_getbool(key->key, DST_BOOL_KSK, &ksk); + if (result != ISC_R_SUCCESS) { ksk = ((dst_key_flags(key->key) & DNS_KEYFLAG_KSK) != 0); dst_key_setbool(key->key, DST_BOOL_KSK, ksk || csk); } - ret = dst_key_getbool(key->key, DST_BOOL_ZSK, &zsk); - if (ret != ISC_R_SUCCESS) { + result = dst_key_getbool(key->key, DST_BOOL_ZSK, &zsk); + if (result != ISC_R_SUCCESS) { zsk = ((dst_key_flags(key->key) & DNS_KEYFLAG_KSK) == 0); dst_key_setbool(key->key, DST_BOOL_ZSK, zsk || csk); } /* Get time metadata. */ - ret = dst_key_gettime(key->key, DST_TIME_ACTIVATE, &active); - if (active <= now && ret == ISC_R_SUCCESS) { + result = dst_key_gettime(key->key, DST_TIME_ACTIVATE, &active); + if (active <= now && result == ISC_R_SUCCESS) { dns_ttl_t ttlsig = dns_kasp_zonemaxttl(kasp, true); ttlsig += dns_kasp_zonepropagationdelay(kasp); if ((active + ttlsig) <= now) { @@ -1698,8 +1699,8 @@ dns_keymgr_key_init(dns_dnsseckey_t *key, dns_kasp_t *kasp, isc_stdtime_t now, } goal_state = OMNIPRESENT; } - ret = dst_key_gettime(key->key, DST_TIME_PUBLISH, &pub); - if (pub <= now && ret == ISC_R_SUCCESS) { + result = dst_key_gettime(key->key, DST_TIME_PUBLISH, &pub); + if (pub <= now && result == ISC_R_SUCCESS) { dns_ttl_t key_ttl = dst_key_getttl(key->key); key_ttl += dns_kasp_zonepropagationdelay(kasp); if ((pub + key_ttl) <= now) { @@ -1709,8 +1710,8 @@ dns_keymgr_key_init(dns_dnsseckey_t *key, dns_kasp_t *kasp, isc_stdtime_t now, } goal_state = OMNIPRESENT; } - ret = dst_key_gettime(key->key, DST_TIME_SYNCPUBLISH, &syncpub); - if (syncpub <= now && ret == ISC_R_SUCCESS) { + result = dst_key_gettime(key->key, DST_TIME_SYNCPUBLISH, &syncpub); + if (syncpub <= now && result == ISC_R_SUCCESS) { dns_ttl_t ds_ttl = dns_kasp_dsttl(kasp); ds_ttl += dns_kasp_parentpropagationdelay(kasp); if ((syncpub + ds_ttl) <= now) { @@ -1720,8 +1721,8 @@ dns_keymgr_key_init(dns_dnsseckey_t *key, dns_kasp_t *kasp, isc_stdtime_t now, } goal_state = OMNIPRESENT; } - ret = dst_key_gettime(key->key, DST_TIME_INACTIVE, &retire); - if (retire <= now && ret == ISC_R_SUCCESS) { + result = dst_key_gettime(key->key, DST_TIME_INACTIVE, &result); + if (result <= now && result == ISC_R_SUCCESS) { dns_ttl_t ttlsig = dns_kasp_zonemaxttl(kasp, true); ttlsig += dns_kasp_zonepropagationdelay(kasp); if ((retire + ttlsig) <= now) { @@ -1732,8 +1733,8 @@ dns_keymgr_key_init(dns_dnsseckey_t *key, dns_kasp_t *kasp, isc_stdtime_t now, ds_state = UNRETENTIVE; goal_state = HIDDEN; } - ret = dst_key_gettime(key->key, DST_TIME_DELETE, &remove); - if (remove <= now && ret == ISC_R_SUCCESS) { + result = dst_key_gettime(key->key, DST_TIME_DELETE, &remove); + if (remove <= now && result == ISC_R_SUCCESS) { dns_ttl_t key_ttl = dst_key_getttl(key->key); key_ttl += dns_kasp_zonepropagationdelay(kasp); if ((remove + key_ttl) <= now) { @@ -2087,7 +2088,7 @@ dns_keymgr_key_may_be_purged(const dst_key_t *key, uint32_t after, static void keymgr_purge_keyfile(dst_key_t *key, int type) { - isc_result_t ret; + isc_result_t result; isc_buffer_t fileb; char filename[NAME_MAX]; @@ -2095,8 +2096,9 @@ keymgr_purge_keyfile(dst_key_t *key, int type) { * Make the filename. */ isc_buffer_init(&fileb, filename, sizeof(filename)); - ret = dst_key_buildfilename(key, type, dst_key_directory(key), &fileb); - if (ret != ISC_R_SUCCESS) { + result = dst_key_buildfilename(key, type, dst_key_directory(key), + &fileb); + if (result != ISC_R_SUCCESS) { char keystr[DST_KEY_FORMATSIZE]; dst_key_format(key, keystr, sizeof(keystr)); isc_log_write(DNS_LOGCATEGORY_DNSSEC, DNS_LOGMODULE_DNSSEC, @@ -2104,7 +2106,7 @@ keymgr_purge_keyfile(dst_key_t *key, int type) { "keymgr: failed to purge DNSKEY %s (%s): cannot " "build filename (%s)", keystr, keymgr_keyrole(key), - isc_result_totext(ret)); + isc_result_totext(result)); return; } @@ -2134,24 +2136,23 @@ dst_key_doublematch(dns_dnsseckey_t *key, dns_kasp_t *kasp) { static void keymgr_zrrsig(dns_dnsseckeylist_t *keyring, isc_stdtime_t now) { ISC_LIST_FOREACH(*keyring, dkey, link) { - isc_result_t ret; + isc_result_t result; bool zsk = false; + dst_key_state_t state; - ret = dst_key_getbool(dkey->key, DST_BOOL_ZSK, &zsk); - if (ret == ISC_R_SUCCESS && zsk) { - dst_key_state_t state; - isc_result_t result = dst_key_getstate( - dkey->key, DST_KEY_ZRRSIG, &state); - if (result == ISC_R_SUCCESS) { - if (state == RUMOURED) { - dst_key_settime(dkey->key, - DST_TIME_SIGPUBLISH, - now); - } else if (state == UNRETENTIVE) { - dst_key_settime(dkey->key, - DST_TIME_SIGDELETE, - now); - } + result = dst_key_getbool(dkey->key, DST_BOOL_ZSK, &zsk); + if (result != ISC_R_SUCCESS || !zsk) { + continue; + } + + result = dst_key_getstate(dkey->key, DST_KEY_ZRRSIG, &state); + if (result == ISC_R_SUCCESS) { + if (state == RUMOURED) { + dst_key_settime(dkey->key, DST_TIME_SIGPUBLISH, + now); + } else if (state == UNRETENTIVE) { + dst_key_settime(dkey->key, DST_TIME_SIGDELETE, + now); } } } @@ -2433,11 +2434,10 @@ keymgr_checkds(dns_kasp_t *kasp, dns_dnsseckeylist_t *keyring, REQUIRE(keyring != NULL); ISC_LIST_FOREACH(*keyring, dkey, link) { - isc_result_t ret; bool ksk = false; - ret = dst_key_getbool(dkey->key, DST_BOOL_KSK, &ksk); - if (ret == ISC_R_SUCCESS && ksk) { + result = dst_key_getbool(dkey->key, DST_BOOL_KSK, &ksk); + if (result == ISC_R_SUCCESS && ksk) { if (check_id && dst_key_id(dkey->key) != id) { continue; } diff --git a/lib/dns/message.c b/lib/dns/message.c index f1701c98c2..ade0e2f48d 100644 --- a/lib/dns/message.c +++ b/lib/dns/message.c @@ -1572,7 +1572,7 @@ dns_message_parse(dns_message_t *msg, isc_buffer_t *source, unsigned int options) { isc_region_t r; dns_decompress_t dctx; - isc_result_t ret; + isc_result_t result; uint16_t tmpflags; isc_buffer_t origsource; bool seen_problem; @@ -1627,54 +1627,54 @@ dns_message_parse(dns_message_t *msg, isc_buffer_t *source, return early_check_ret; } - ret = getquestions(source, msg, dctx, options); + result = getquestions(source, msg, dctx, options); - if (ret == ISC_R_UNEXPECTEDEND && ignore_tc) { + if (result == ISC_R_UNEXPECTEDEND && ignore_tc) { goto truncated; } - if (ret == DNS_R_RECOVERABLE) { + if (result == DNS_R_RECOVERABLE) { seen_problem = true; - ret = ISC_R_SUCCESS; + result = ISC_R_SUCCESS; } - if (ret != ISC_R_SUCCESS) { - return ret; + if (result != ISC_R_SUCCESS) { + return result; } msg->question_ok = 1; - ret = getsection(source, msg, dctx, DNS_SECTION_ANSWER, options); - if (ret == ISC_R_UNEXPECTEDEND && ignore_tc) { + result = getsection(source, msg, dctx, DNS_SECTION_ANSWER, options); + if (result == ISC_R_UNEXPECTEDEND && ignore_tc) { goto truncated; } - if (ret == DNS_R_RECOVERABLE) { + if (result == DNS_R_RECOVERABLE) { seen_problem = true; - ret = ISC_R_SUCCESS; + result = ISC_R_SUCCESS; } - if (ret != ISC_R_SUCCESS) { - return ret; + if (result != ISC_R_SUCCESS) { + return result; } - ret = getsection(source, msg, dctx, DNS_SECTION_AUTHORITY, options); - if (ret == ISC_R_UNEXPECTEDEND && ignore_tc) { + result = getsection(source, msg, dctx, DNS_SECTION_AUTHORITY, options); + if (result == ISC_R_UNEXPECTEDEND && ignore_tc) { goto truncated; } - if (ret == DNS_R_RECOVERABLE) { + if (result == DNS_R_RECOVERABLE) { seen_problem = true; - ret = ISC_R_SUCCESS; + result = ISC_R_SUCCESS; } - if (ret != ISC_R_SUCCESS) { - return ret; + if (result != ISC_R_SUCCESS) { + return result; } - ret = getsection(source, msg, dctx, DNS_SECTION_ADDITIONAL, options); - if (ret == ISC_R_UNEXPECTEDEND && ignore_tc) { + result = getsection(source, msg, dctx, DNS_SECTION_ADDITIONAL, options); + if (result == ISC_R_UNEXPECTEDEND && ignore_tc) { goto truncated; } - if (ret == DNS_R_RECOVERABLE) { + if (result == DNS_R_RECOVERABLE) { seen_problem = true; - ret = ISC_R_SUCCESS; + result = ISC_R_SUCCESS; } - if (ret != ISC_R_SUCCESS) { - return ret; + if (result != ISC_R_SUCCESS) { + return result; } isc_buffer_remainingregion(source, &r); @@ -1687,7 +1687,7 @@ dns_message_parse(dns_message_t *msg, isc_buffer_t *source, truncated: - if (ret == ISC_R_UNEXPECTEDEND && ignore_tc) { + if (result == ISC_R_UNEXPECTEDEND && ignore_tc) { return DNS_R_RECOVERABLE; } if (seen_problem) { diff --git a/lib/ns/query.c b/lib/ns/query.c index b9e7ebec63..3f7f0935aa 100644 --- a/lib/ns/query.c +++ b/lib/ns/query.c @@ -7441,12 +7441,11 @@ query_usestale(query_ctx_t *qctx, isc_result_t result) { qctx_freedata(qctx); if (dns_view_staleanswerenabled(qctx->client->inner.view)) { - isc_result_t ret; - ret = query_getdb(qctx->client, qctx->client->query.qname, - qctx->client->query.qtype, qctx->options, - &qctx->zone, &qctx->db, &qctx->version, - &qctx->is_zone); - if (ret != ISC_R_SUCCESS) { + if (query_getdb(qctx->client, qctx->client->query.qname, + qctx->client->query.qtype, qctx->options, + &qctx->zone, &qctx->db, &qctx->version, + &qctx->is_zone) != ISC_R_SUCCESS) + { /* * Failed to get the database, unexpected, but let us * at least abandon serve-stale. diff --git a/tests/dns/rsa_test.c b/tests/dns/rsa_test.c index 52d91ba16a..fde2211356 100644 --- a/tests/dns/rsa_test.c +++ b/tests/dns/rsa_test.c @@ -120,7 +120,7 @@ static unsigned char sigsha512[512] = { /* RSA verify */ ISC_RUN_TEST_IMPL(isc_rsa_verify) { - isc_result_t ret; + isc_result_t result; dns_fixedname_t fname; isc_buffer_t buf; dns_name_t *name; @@ -133,30 +133,30 @@ ISC_RUN_TEST_IMPL(isc_rsa_verify) { name = dns_fixedname_initname(&fname); isc_buffer_constinit(&buf, "rsa.", 4); isc_buffer_add(&buf, 4); - ret = dns_name_fromtext(name, &buf, NULL, 0); - assert_int_equal(ret, ISC_R_SUCCESS); + result = dns_name_fromtext(name, &buf, NULL, 0); + assert_int_equal(result, ISC_R_SUCCESS); - ret = dst_key_fromfile(name, 29238, DST_ALG_RSASHA256, DST_TYPE_PUBLIC, - TESTS_DIR, isc_g_mctx, &key); - assert_int_equal(ret, ISC_R_SUCCESS); + result = dst_key_fromfile(name, 29238, DST_ALG_RSASHA256, + DST_TYPE_PUBLIC, TESTS_DIR, isc_g_mctx, &key); + assert_int_equal(result, ISC_R_SUCCESS); /* RSASHA1 - May not be supported by the OS */ if (dst_algorithm_supported(DST_ALG_RSASHA1)) { key->key_alg = DST_ALG_RSASHA1; - ret = dst_context_create(key, isc_g_mctx, - DNS_LOGCATEGORY_DNSSEC, false, &ctx); - assert_int_equal(ret, ISC_R_SUCCESS); + result = dst_context_create( + key, isc_g_mctx, DNS_LOGCATEGORY_DNSSEC, false, &ctx); + assert_int_equal(result, ISC_R_SUCCESS); r.base = d; r.length = 10; - ret = dst_context_adddata(ctx, &r); - assert_int_equal(ret, ISC_R_SUCCESS); + result = dst_context_adddata(ctx, &r); + assert_int_equal(result, ISC_R_SUCCESS); r.base = sigsha1; r.length = 256; - ret = dst_context_verify(ctx, &r); - assert_int_equal(ret, ISC_R_SUCCESS); + result = dst_context_verify(ctx, &r); + assert_int_equal(result, ISC_R_SUCCESS); dst_context_destroy(&ctx); } @@ -165,19 +165,19 @@ ISC_RUN_TEST_IMPL(isc_rsa_verify) { key->key_alg = DST_ALG_RSASHA256; - ret = dst_context_create(key, isc_g_mctx, DNS_LOGCATEGORY_DNSSEC, false, - &ctx); - assert_int_equal(ret, ISC_R_SUCCESS); + result = dst_context_create(key, isc_g_mctx, DNS_LOGCATEGORY_DNSSEC, + false, &ctx); + assert_int_equal(result, ISC_R_SUCCESS); r.base = d; r.length = 10; - ret = dst_context_adddata(ctx, &r); - assert_int_equal(ret, ISC_R_SUCCESS); + result = dst_context_adddata(ctx, &r); + assert_int_equal(result, ISC_R_SUCCESS); r.base = sigsha256; r.length = 256; - ret = dst_context_verify(ctx, &r); - assert_int_equal(ret, ISC_R_SUCCESS); + result = dst_context_verify(ctx, &r); + assert_int_equal(result, ISC_R_SUCCESS); dst_context_destroy(&ctx); @@ -185,19 +185,19 @@ ISC_RUN_TEST_IMPL(isc_rsa_verify) { key->key_alg = DST_ALG_RSASHA512; - ret = dst_context_create(key, isc_g_mctx, DNS_LOGCATEGORY_DNSSEC, false, - &ctx); - assert_int_equal(ret, ISC_R_SUCCESS); + result = dst_context_create(key, isc_g_mctx, DNS_LOGCATEGORY_DNSSEC, + false, &ctx); + assert_int_equal(result, ISC_R_SUCCESS); r.base = d; r.length = 10; - ret = dst_context_adddata(ctx, &r); - assert_int_equal(ret, ISC_R_SUCCESS); + result = dst_context_adddata(ctx, &r); + assert_int_equal(result, ISC_R_SUCCESS); r.base = sigsha512; r.length = 256; - ret = dst_context_verify(ctx, &r); - assert_int_equal(ret, ISC_R_SUCCESS); + result = dst_context_verify(ctx, &r); + assert_int_equal(result, ISC_R_SUCCESS); dst_context_destroy(&ctx); diff --git a/tests/dns/skr_test.c b/tests/dns/skr_test.c index eb2abd9b74..55b533dc52 100644 --- a/tests/dns/skr_test.c +++ b/tests/dns/skr_test.c @@ -122,12 +122,12 @@ print_rdata(FILE *fp, dns_rdata_t *rdata) { isc_buffer_t target; isc_region_t r; - isc_result_t ret; + isc_result_t result; char buf[4096]; isc_buffer_init(&target, buf, sizeof(buf)); - ret = dns_rdataset_totext(&rrset, dname, false, false, &target); - assert_int_equal(ret, ISC_R_SUCCESS); + result = dns_rdataset_totext(&rrset, dname, false, false, &target); + assert_int_equal(result, ISC_R_SUCCESS); isc_buffer_usedregion(&target, &r); fprintf(fp, "%.*s", (int)r.length, (char *)r.base); @@ -142,13 +142,13 @@ sign_rrset(FILE *fp, isc_stdtime_t inception, isc_stdtime_t expiration, dns_rdataset_t *rrset, char *target_mem, dns_rdata_t *rrsig) { dns_dnsseckey_t *ksk = ISC_LIST_HEAD(keys); isc_stdtime_t clockskew = inception - OFFSET; - isc_result_t ret; + isc_result_t result; isc_buffer_t target; isc_buffer_init(&target, target_mem, 1024); - ret = dns_dnssec_sign(dname, rrset, ksk->key, &clockskew, &expiration, - isc_g_mctx, &target, rrsig); - assert_int_equal(ret, ISC_R_SUCCESS); + result = dns_dnssec_sign(dname, rrset, ksk->key, &clockskew, + &expiration, isc_g_mctx, &target, rrsig); + assert_int_equal(result, ISC_R_SUCCESS); print_rdata(fp, rrsig); } @@ -159,7 +159,7 @@ write_record(FILE *fp, dns_rdatatype_t rdtype, const char *rdatastr, isc_buffer_t source, target; isc_lex_t *lex = NULL; isc_lexspecials_t specials = { 0 }; - isc_result_t ret; + isc_result_t result; /* Set up source to hold the input string. */ isc_buffer_init(&target, target_mem, 1024); @@ -174,12 +174,12 @@ write_record(FILE *fp, dns_rdatatype_t rdtype, const char *rdatastr, specials['"'] = 1; isc_lex_setspecials(lex, specials); isc_lex_setcomments(lex, ISC_LEXCOMMENT_DNSMASTERFILE); - ret = isc_lex_openbuffer(lex, &source); - assert_int_equal(ret, ISC_R_SUCCESS); + result = isc_lex_openbuffer(lex, &source); + assert_int_equal(result, ISC_R_SUCCESS); - ret = dns_rdata_fromtext(rdata, dns_rdataclass_in, rdtype, lex, dname, - 0, isc_g_mctx, &target, NULL); - assert_int_equal(ret, ISC_R_SUCCESS); + result = dns_rdata_fromtext(rdata, dns_rdataclass_in, rdtype, lex, + dname, 0, isc_g_mctx, &target, NULL); + assert_int_equal(result, ISC_R_SUCCESS); print_rdata(fp, rdata); @@ -196,15 +196,15 @@ create_bundle(FILE *fp, isc_stdtime_t btime, int bnum) { dns_rdataset_t *cdsset = NULL; isc_buffer_t b, timebuf; isc_region_t r; - isc_result_t ret; + isc_result_t result; /* Write header to file. */ test_bundles[bnum].btime = btime; isc_buffer_init(&timebuf, timestr, sizeof(timestr)); isc_stdtime_tostring(btime, timestr, sizeof(timestr)); isc_buffer_init(&b, utc, sizeof(utc)); - ret = dns_time32_totext(btime, &b); - assert_int_equal(ret, ISC_R_SUCCESS); + result = dns_time32_totext(btime, &b); + assert_int_equal(result, ISC_R_SUCCESS); isc_buffer_usedregion(&b, &r); fprintf(fp, ";; SignedKeyResponse 1.0 %.*s (%s)\n", (int)r.length, @@ -303,13 +303,13 @@ create_bundle(FILE *fp, isc_stdtime_t btime, int bnum) { static void check_rrsig(dns_skrbundle_t *bundle, skr__testbundle_t *tb, - dns_rdatatype_t rrtype, isc_result_t ret) { + dns_rdatatype_t rrtype, isc_result_t result) { isc_result_t r; dns_dnsseckey_t *key = ISC_LIST_HEAD(keys); dns_rdata_t sigrdata = DNS_RDATA_INIT; r = dns_skrbundle_getsig(bundle, key->key, rrtype, &sigrdata); - assert_int_equal(r, ret); + assert_int_equal(r, result); if (r == ISC_R_SUCCESS) { int cmp = 1; @@ -399,7 +399,7 @@ check_bundle(dns_skrbundle_t *bundle, skr__testbundle_t *tb, int bnum) { static void create_skr_file(void) { - isc_result_t ret; + isc_result_t result; isc_stdtime_t start_time; size_t tempfilelen; char *tempfile = NULL; @@ -408,10 +408,10 @@ create_skr_file(void) { /* Set up output file */ tempfilelen = strlen(TESTS_DIR "/testdata/skr/") + 20; tempfile = isc_mem_get(isc_g_mctx, tempfilelen); - ret = isc_file_mktemplate(testskr, tempfile, tempfilelen); - assert_int_equal(ret, ISC_R_SUCCESS); - ret = isc_file_openunique(tempfile, &outfp); - assert_int_equal(ret, ISC_R_SUCCESS); + result = isc_file_mktemplate(testskr, tempfile, tempfilelen); + assert_int_equal(result, ISC_R_SUCCESS); + result = isc_file_openunique(tempfile, &outfp); + assert_int_equal(result, ISC_R_SUCCESS); start_time = isc_stdtime_now(); for (int i = 0; i < 42; i++) { @@ -421,10 +421,10 @@ create_skr_file(void) { fprintf(outfp, ";; SignedKeyResponse 1.0 generated by test-dev\n"); - ret = isc_stdio_close(outfp); - assert_int_equal(ret, ISC_R_SUCCESS); - ret = isc_file_rename(tempfile, testskr); - assert_int_equal(ret, ISC_R_SUCCESS); + result = isc_stdio_close(outfp); + assert_int_equal(result, ISC_R_SUCCESS); + result = isc_file_rename(tempfile, testskr); + assert_int_equal(result, ISC_R_SUCCESS); isc_file_remove(tempfile); isc_mem_put(isc_g_mctx, tempfile, tempfilelen); From 5bd9f16ec0b0cc7aa936a610f8583c3c53bf1b8b Mon Sep 17 00:00:00 2001 From: Mark Andrews Date: Thu, 18 Sep 2025 17:26:29 +0200 Subject: [PATCH 5/8] Use isc_result_t more consistently Some functions to check private data when parsing keys previously used integer return codes, and have been updated to use isc_result_t. --- lib/dns/dst_parse.c | 52 +++++++++++++++++++++------------------------ 1 file changed, 24 insertions(+), 28 deletions(-) diff --git a/lib/dns/dst_parse.c b/lib/dns/dst_parse.c index 8622a3b129..6a402c79e3 100644 --- a/lib/dns/dst_parse.c +++ b/lib/dns/dst_parse.c @@ -184,7 +184,8 @@ check_rsa(const dst_private_t *priv, bool external) { unsigned int mask; if (external) { - return (priv->nelements == 0) ? 0 : -1; + return (priv->nelements == 0) ? ISC_R_SUCCESS + : DST_R_INVALIDPRIVATEKEY; } for (i = 0; i < RSA_NTAGS; i++) { @@ -198,7 +199,7 @@ check_rsa(const dst_private_t *priv, bool external) { } } if (i == RSA_NTAGS) { - return -1; + return DST_R_INVALIDPRIVATEKEY; } have[i] = true; } @@ -218,7 +219,7 @@ check_rsa(const dst_private_t *priv, bool external) { have[TAG_RSA_EXPONENT2 & mask] && have[TAG_RSA_COEFFICIENT & mask]; } - return ok ? 0 : -1; + return ok ? ISC_R_SUCCESS : DST_R_INVALIDPRIVATEKEY; } static int @@ -229,7 +230,8 @@ check_ecdsa(const dst_private_t *priv, bool external) { unsigned int mask; if (external) { - return (priv->nelements == 0) ? 0 : -1; + return (priv->nelements == 0) ? ISC_R_SUCCESS + : DST_R_INVALIDPRIVATEKEY; } for (i = 0; i < ECDSA_NTAGS; i++) { @@ -242,7 +244,7 @@ check_ecdsa(const dst_private_t *priv, bool external) { } } if (i == ECDSA_NTAGS) { - return -1; + return DST_R_INVALIDPRIVATEKEY; } have[i] = true; } @@ -251,10 +253,10 @@ check_ecdsa(const dst_private_t *priv, bool external) { ok = have[TAG_ECDSA_LABEL & mask] || have[TAG_ECDSA_PRIVATEKEY & mask]; - return ok ? 0 : -1; + return ok ? ISC_R_SUCCESS : DST_R_INVALIDPRIVATEKEY; } -static int +static isc_result_t check_eddsa(const dst_private_t *priv, bool external) { int i, j; bool have[EDDSA_NTAGS]; @@ -262,7 +264,8 @@ check_eddsa(const dst_private_t *priv, bool external) { unsigned int mask; if (external) { - return (priv->nelements == 0) ? 0 : -1; + return (priv->nelements == 0) ? ISC_R_SUCCESS + : DST_R_INVALIDPRIVATEKEY; } for (i = 0; i < EDDSA_NTAGS; i++) { @@ -275,7 +278,7 @@ check_eddsa(const dst_private_t *priv, bool external) { } } if (i == EDDSA_NTAGS) { - return -1; + return DST_R_INVALIDPRIVATEKEY; } have[i] = true; } @@ -284,10 +287,10 @@ check_eddsa(const dst_private_t *priv, bool external) { ok = have[TAG_EDDSA_LABEL & mask] || have[TAG_EDDSA_PRIVATEKEY & mask]; - return ok ? 0 : -1; + return ok ? ISC_R_SUCCESS : DST_R_INVALIDPRIVATEKEY; } -static int +static isc_result_t check_hmac_md5(const dst_private_t *priv, bool old) { int i, j; @@ -299,9 +302,9 @@ check_hmac_md5(const dst_private_t *priv, bool old) { if (old && priv->nelements == OLD_HMACMD5_NTAGS && priv->elements[0].tag == TAG_HMACMD5_KEY) { - return 0; + return ISC_R_SUCCESS; } - return -1; + return DST_R_INVALIDPRIVATEKEY; } /* * We must be new format at this point. @@ -313,18 +316,18 @@ check_hmac_md5(const dst_private_t *priv, bool old) { } } if (j == priv->nelements) { - return -1; + return DST_R_INVALIDPRIVATEKEY; } } return 0; } -static int +static isc_result_t check_hmac_sha(const dst_private_t *priv, unsigned int ntags, unsigned int alg) { unsigned int i, j; if (priv->nelements != ntags) { - return -1; + return DST_R_INVALIDPRIVATEKEY; } for (i = 0; i < ntags; i++) { for (j = 0; j < priv->nelements; j++) { @@ -333,13 +336,13 @@ check_hmac_sha(const dst_private_t *priv, unsigned int ntags, } } if (j == priv->nelements) { - return -1; + return DST_R_INVALIDPRIVATEKEY; } } - return 0; + return ISC_R_SUCCESS; } -static int +static isc_result_t check_data(const dst_private_t *priv, const unsigned int alg, bool old, bool external) { switch (alg) { @@ -394,7 +397,7 @@ dst__privstruct_free(dst_private_t *priv, isc_mem_t *mctx) { isc_result_t dst__privstruct_parse(dst_key_t *key, unsigned int alg, isc_lex_t *lex, isc_mem_t *mctx, dst_private_t *priv) { - int n = 0, major, minor, check; + int n = 0, major, minor; isc_buffer_t b; isc_token_t token; unsigned char *data = NULL; @@ -569,14 +572,7 @@ done: goto cleanup; } - check = check_data(priv, alg, true, external); - if (check < 0) { - result = DST_R_INVALIDPRIVATEKEY; - goto cleanup; - } else if (check != ISC_R_SUCCESS) { - result = check; - goto cleanup; - } + CHECK(check_data(priv, alg, true, external)); key->external = external; From 6c0f1b212eba1c298a91d6188391bfdab3131dad Mon Sep 17 00:00:00 2001 From: Mark Andrews Date: Wed, 8 Oct 2025 11:27:04 +1100 Subject: [PATCH 6/8] Remove unreachable code Remove some code checking for return values that are not possible. --- lib/isccfg/check.c | 38 ++++++++++++++++++++++---------------- 1 file changed, 22 insertions(+), 16 deletions(-) diff --git a/lib/isccfg/check.c b/lib/isccfg/check.c index 654e45a2b3..c445257201 100644 --- a/lib/isccfg/check.c +++ b/lib/isccfg/check.c @@ -5058,6 +5058,10 @@ record_static_keys(isc_symtab_t *symtab, isc_mem_t *mctx, result = dns_name_fromstring(name, str, dns_rootname, 0, NULL); if (result != ISC_R_SUCCESS) { + /* + * No need to record an error or to log it as has + * has already been handled by check_trust_anchor. + */ continue; } @@ -5080,11 +5084,10 @@ record_static_keys(isc_symtab_t *symtab, isc_mem_t *mctx, result = isc_symtab_define(symtab, p, 1, symvalue, isc_symexists_reject); if (result == ISC_R_EXISTS) { + /* + * Multiple trust anchors for the same name are ok. + */ isc_mem_free(mctx, p); - } else if (result != ISC_R_SUCCESS) { - isc_mem_free(mctx, p); - ret = result; - continue; } if (autovalidation && dns_name_equal(name, dns_rootname)) { @@ -5127,6 +5130,10 @@ check_initializing_keys(isc_symtab_t *symtab, const cfg_obj_t *keylist) { str = cfg_obj_asstring(cfg_tuple_get(obj, "name")); result = dns_name_fromstring(name, str, dns_rootname, 0, NULL); if (result != ISC_R_SUCCESS) { + /* + * No need to record an error or to log it as has + * has already been handled by check_trust_anchor. + */ continue; } @@ -5153,10 +5160,10 @@ check_initializing_keys(isc_symtab_t *symtab, const cfg_obj_t *keylist) { return ret; } -static isc_result_t +static void record_ds_keys(isc_symtab_t *symtab, isc_mem_t *mctx, const cfg_obj_t *keylist) { - isc_result_t result, ret = ISC_R_SUCCESS; + isc_result_t result; dns_fixedname_t fixed; dns_name_t *name = NULL; char namebuf[DNS_NAME_FORMATSIZE], *p = NULL; @@ -5172,6 +5179,10 @@ record_ds_keys(isc_symtab_t *symtab, isc_mem_t *mctx, result = dns_name_fromstring(name, str, dns_rootname, 0, NULL); if (result != ISC_R_SUCCESS) { + /* + * No need to record an error or to log it as has + * has already been handled by check_trust_anchor. + */ continue; } @@ -5192,11 +5203,12 @@ record_ds_keys(isc_symtab_t *symtab, isc_mem_t *mctx, result = isc_symtab_define(symtab, p, 1, symvalue, isc_symexists_reject); if (result == ISC_R_EXISTS) { + /* + * Multiple trust anchors for the same name are ok. + */ isc_mem_free(mctx, p); } } - - return ret; } /* @@ -5224,10 +5236,7 @@ check_ta_conflicts(const cfg_obj_t *global_ta, const cfg_obj_t *view_ta, result = tresult; } - tresult = record_ds_keys(dstab, mctx, keylist); - if (result == ISC_R_SUCCESS) { - result = tresult; - } + record_ds_keys(dstab, mctx, keylist); } CFG_LIST_FOREACH(view_ta, elt) { @@ -5238,10 +5247,7 @@ check_ta_conflicts(const cfg_obj_t *global_ta, const cfg_obj_t *view_ta, result = tresult; } - tresult = record_ds_keys(dstab, mctx, keylist); - if (result == ISC_R_SUCCESS) { - result = tresult; - } + record_ds_keys(dstab, mctx, keylist); } /* From 1d83601c58ab1d470ff158de62c8ce51ff9f544d Mon Sep 17 00:00:00 2001 From: Evan Hunt Date: Thu, 12 Jun 2025 22:19:27 -0700 Subject: [PATCH 7/8] add coccinelle script add a semantic patch to prevent (most) future uses of the CHECK and RETERR patterns. --- cocci/check-reterr.spatch | 30 ++++++++++++++++++++++++++++++ 1 file changed, 30 insertions(+) create mode 100644 cocci/check-reterr.spatch diff --git a/cocci/check-reterr.spatch b/cocci/check-reterr.spatch new file mode 100644 index 0000000000..bba9841b50 --- /dev/null +++ b/cocci/check-reterr.spatch @@ -0,0 +1,30 @@ +@@ +expression E1; +@@ + +- result = E1; +- if (result != ISC_R_SUCCESS) { +- goto cleanup; +- } ++ CHECK(E1); + +@@ +expression E1; +isc_result_t result; +@@ + +- result = E1; +- if (result != ISC_R_SUCCESS) { +- return result; +- } ++ RETERR(E1); + +@@ +expression E1; +@@ + +- result = E1; +- if (result != ISC_R_SUCCESS) { +- CHECK(result); +- } ++ CHECK(E1); From d4ebea103726c8b1df1fa4bb4d6ac25dc4c5811e Mon Sep 17 00:00:00 2001 From: Evan Hunt Date: Thu, 16 Oct 2025 15:05:01 -0700 Subject: [PATCH 8/8] use a standard CLEANUP macro CLEANUP is a macro similar to CHECK but unconditional, jumping to cleanup even if the result is ISC_R_SUCCESS. It is now used in place of DST_RET, CLEANUP_WITH, and CHECK(). --- bin/check/named-checkconf.c | 8 +- bin/delv/delv.c | 14 +- bin/dig/dighost.c | 2 +- bin/dnssec/dnssec-ksr.c | 2 +- bin/named/builtin.c | 4 +- bin/named/control.c | 2 +- bin/named/controlconf.c | 16 +- bin/named/server.c | 178 +++++++++++------------ bin/named/statschannel.c | 8 +- bin/named/transportconf.c | 2 +- bin/named/tsigconf.c | 2 +- bin/named/zoneconf.c | 4 +- bin/tests/system/dyndb/driver/instance.c | 2 +- bin/tests/system/dyndb/driver/zone.c | 7 +- lib/dns/catz.c | 12 +- lib/dns/dlz.c | 2 +- lib/dns/dnssec.c | 10 +- lib/dns/dnstap.c | 34 ++--- lib/dns/dst_api.c | 8 +- lib/dns/dyndb.c | 6 +- lib/dns/gssapictx.c | 6 +- lib/dns/journal.c | 36 ++--- lib/dns/master.c | 12 +- lib/dns/message.c | 14 +- lib/dns/openssl_link.c | 16 +- lib/dns/opensslecdsa_link.c | 134 ++++++++--------- lib/dns/openssleddsa_link.c | 42 +++--- lib/dns/opensslrsa_link.c | 126 ++++++++-------- lib/dns/private.c | 2 +- lib/dns/rdata.c | 2 +- lib/dns/rdataslab.c | 14 +- lib/dns/request.c | 2 +- lib/dns/resconf.c | 4 +- lib/dns/resolver.c | 2 +- lib/dns/sdlz.c | 4 +- lib/dns/skr.c | 16 +- lib/dns/tkey.c | 10 +- lib/dns/update.c | 4 +- lib/dns/validator.c | 24 +-- lib/dns/view.c | 14 +- lib/dns/xfrin.c | 42 +++--- lib/dns/zone.c | 66 ++++----- lib/isc/interfaceiter.c | 2 +- lib/isc/netmgr/tcp.c | 6 +- lib/isccfg/aclconf.c | 4 +- lib/isccfg/check.c | 2 +- lib/isccfg/kaspconf.c | 22 +-- lib/isccfg/namedconf.c | 10 +- lib/isccfg/parser.c | 28 ++-- lib/ns/hooks.c | 4 +- lib/ns/update.c | 16 +- lib/ns/xfrout.c | 2 +- 52 files changed, 493 insertions(+), 518 deletions(-) diff --git a/bin/check/named-checkconf.c b/bin/check/named-checkconf.c index ee304a9b20..5b2c934e52 100644 --- a/bin/check/named-checkconf.c +++ b/bin/check/named-checkconf.c @@ -497,7 +497,7 @@ load_zones_fromconfig(const cfg_obj_t *config, bool list_zones) { } if (dns_rdataclass_ismeta(viewclass)) { - CHECK(ISC_R_FAILURE); + CLEANUP(ISC_R_FAILURE); } dns_rdataclass_format(viewclass, buf, sizeof(buf)); @@ -683,7 +683,7 @@ main(int argc, char **argv) { fprintf(stderr, "%s: unhandled option -%c\n", isc_commandline_progname, isc_commandline_option); - CHECK(ISC_R_FAILURE); + CLEANUP(ISC_R_FAILURE); } } @@ -695,12 +695,12 @@ main(int argc, char **argv) { if (((flags & CFG_PRINTER_XKEY) != 0) && !print) { fprintf(stderr, "%s: -x cannot be used without -p\n", isc_commandline_progname); - CHECK(ISC_R_FAILURE); + CLEANUP(ISC_R_FAILURE); } if (print && list_zones) { fprintf(stderr, "%s: -l cannot be used with -p\n", isc_commandline_progname); - CHECK(ISC_R_FAILURE); + CLEANUP(ISC_R_FAILURE); } if (isc_commandline_index + 1 < argc) { diff --git a/bin/delv/delv.c b/bin/delv/delv.c index 7915c4f808..262497da41 100644 --- a/bin/delv/delv.c +++ b/bin/delv/delv.c @@ -676,7 +676,7 @@ key_fromconfig(const cfg_obj_t *key, dns_client_t *client, dns_view_t *toview) { delv_log(ISC_LOG_ERROR, "key '%s': invalid initialization method '%s'", keynamestr, atstr); - CHECK(ISC_R_FAILURE); + CLEANUP(ISC_R_FAILURE); } } @@ -684,13 +684,13 @@ key_fromconfig(const cfg_obj_t *key, dns_client_t *client, dns_view_t *toview) { isc_buffer_init(&rrdatabuf, rrdata, sizeof(rrdata)); if (rdata1 > 0xffff) { - CHECK(ISC_R_RANGE); + CLEANUP(ISC_R_RANGE); } if (rdata2 > 0xff) { - CHECK(ISC_R_RANGE); + CLEANUP(ISC_R_RANGE); } if (rdata3 > 0xff) { - CHECK(ISC_R_RANGE); + CLEANUP(ISC_R_RANGE); } switch (anchortype) { @@ -741,17 +741,17 @@ key_fromconfig(const cfg_obj_t *key, dns_client_t *client, dns_view_t *toview) { switch (ds.digest_type) { case DNS_DSDIGEST_SHA1: if (r.length != ISC_SHA1_DIGESTLENGTH) { - CHECK(ISC_R_UNEXPECTEDEND); + CLEANUP(ISC_R_UNEXPECTEDEND); } break; case DNS_DSDIGEST_SHA256: if (r.length != ISC_SHA256_DIGESTLENGTH) { - CHECK(ISC_R_UNEXPECTEDEND); + CLEANUP(ISC_R_UNEXPECTEDEND); } break; case DNS_DSDIGEST_SHA384: if (r.length != ISC_SHA384_DIGESTLENGTH) { - CHECK(ISC_R_UNEXPECTEDEND); + CLEANUP(ISC_R_UNEXPECTEDEND); } break; } diff --git a/bin/dig/dighost.c b/bin/dig/dighost.c index 1eeb11e432..80253b18d6 100644 --- a/bin/dig/dighost.c +++ b/bin/dig/dighost.c @@ -850,7 +850,7 @@ setup_text_key(void) { secretsize = isc_buffer_usedlength(&secretbuf); if (hmac_alg == DST_ALG_UNKNOWN) { - CHECK(DST_R_UNSUPPORTEDALG); + CLEANUP(DST_R_UNSUPPORTEDALG); } CHECK(dns_name_fromtext(keyname, namebuf, dns_rootname, 0)); diff --git a/bin/dnssec/dnssec-ksr.c b/bin/dnssec/dnssec-ksr.c index efba16f451..8f0c61c7a1 100644 --- a/bin/dnssec/dnssec-ksr.c +++ b/bin/dnssec/dnssec-ksr.c @@ -93,7 +93,7 @@ static int min_dh = 128; #define NEXTTOKEN(lex, opt, token) CHECK(isc_lex_gettoken(lex, opt, token)) -#define BADTOKEN() CHECK(ISC_R_UNEXPECTEDTOKEN) +#define BADTOKEN() CLEANUP(ISC_R_UNEXPECTEDTOKEN) isc_bufferlist_t cleanup_list = ISC_LIST_INITIALIZER; diff --git a/bin/named/builtin.c b/bin/named/builtin.c index 80e3c5a7fe..9ab76d5063 100644 --- a/bin/named/builtin.c +++ b/bin/named/builtin.c @@ -1156,13 +1156,13 @@ create(isc_mem_t *mctx, const dns_name_t *origin, dns_dbtype_t type, if (needargs) { if (argc != 3) { - CHECK(DNS_R_SYNTAX); + CLEANUP(DNS_R_SYNTAX); } bdb->server = isc_mem_strdup(isc_g_mctx, argv[1]); bdb->contact = isc_mem_strdup(isc_g_mctx, argv[2]); } else if (argc != 1) { - CHECK(DNS_R_SYNTAX); + CLEANUP(DNS_R_SYNTAX); } bdb->common.magic = DNS_DB_MAGIC; diff --git a/bin/named/control.c b/bin/named/control.c index 8750f4c7f2..709d74ea55 100644 --- a/bin/named/control.c +++ b/bin/named/control.c @@ -124,7 +124,7 @@ named_control_docommand(isccc_sexpr_t *message, bool readonly, "rejecting restricted control channel " "command '%s'", cmdline); - CHECK(ISC_R_FAILURE); + CLEANUP(ISC_R_FAILURE); } isc_log_write(NAMED_LOGCATEGORY_GENERAL, NAMED_LOGMODULE_CONTROL, diff --git a/bin/named/controlconf.c b/bin/named/controlconf.c index d014a831e4..4653bcafa7 100644 --- a/bin/named/controlconf.c +++ b/bin/named/controlconf.c @@ -442,12 +442,12 @@ control_recvmessage(isc_nmhandle_t *handle ISC_ATTR_UNUSED, isc_result_t result, } if (!match) { - CHECK(ISCCC_R_BADAUTH); + CLEANUP(ISCCC_R_BADAUTH); } /* We shouldn't be getting a reply. */ if (isccc_cc_isreply(conn->request)) { - CHECK(ISC_R_FAILURE); + CLEANUP(ISC_R_FAILURE); } conn->now = isc_stdtime_now(); @@ -457,17 +457,17 @@ control_recvmessage(isc_nmhandle_t *handle ISC_ATTR_UNUSED, isc_result_t result, */ conn->ctrl = isccc_alist_lookup(conn->request, "_ctrl"); if (!isccc_alist_alistp(conn->ctrl)) { - CHECK(ISC_R_FAILURE); + CLEANUP(ISC_R_FAILURE); } if (isccc_cc_lookupuint32(conn->ctrl, "_tim", &sent) == ISC_R_SUCCESS) { if ((sent + CLOCKSKEW) < conn->now || (sent - CLOCKSKEW) > conn->now) { - CHECK(DNS_R_CLOCKSKEW); + CLEANUP(DNS_R_CLOCKSKEW); } } else { - CHECK(ISC_R_FAILURE); + CLEANUP(ISC_R_FAILURE); } /* @@ -476,7 +476,7 @@ control_recvmessage(isc_nmhandle_t *handle ISC_ATTR_UNUSED, isc_result_t result, if (isccc_cc_lookupuint32(conn->ctrl, "_exp", &exp) == ISC_R_SUCCESS && conn->now > exp) { - CHECK(DNS_R_EXPIRED); + CLEANUP(DNS_R_EXPIRED); } /* @@ -499,7 +499,7 @@ control_recvmessage(isc_nmhandle_t *handle ISC_ATTR_UNUSED, isc_result_t result, ISC_R_SUCCESS || conn->nonce != nonce)) { - CHECK(ISCCC_R_BADAUTH); + CLEANUP(ISCCC_R_BADAUTH); } isc_buffer_allocate(listener->mctx, &conn->text, 2 * 2048); @@ -1076,7 +1076,7 @@ add_listener(named_controls_t *cp, controllistener_t **listenerp, if ((pf == AF_INET && isc_net_probeipv4() != ISC_R_SUCCESS) || (pf == AF_INET6 && isc_net_probeipv6() != ISC_R_SUCCESS)) { - CHECK(ISC_R_FAMILYNOSUPPORT); + CLEANUP(ISC_R_FAMILYNOSUPPORT); } CHECK(isc_nm_listentcp(ISC_NM_LISTEN_ONE, &listener->address, diff --git a/bin/named/server.c b/bin/named/server.c index b6ca56d9a4..4dc7b91afa 100644 --- a/bin/named/server.c +++ b/bin/named/server.c @@ -711,7 +711,7 @@ ta_fromconfig(const cfg_obj_t *key, bool *initialp, const char **namestrp, "key '%s': " "invalid initialization method '%s'", namestr, atstr); - CHECK(ISC_R_FAILURE); + CLEANUP(ISC_R_FAILURE); } } @@ -763,7 +763,7 @@ ta_fromconfig(const cfg_obj_t *key, bool *initialp, const char **namestrp, keystruct.algorithm, keystruct.data, keystruct.datalen); if (!dst_algorithm_supported(algorithm)) { - CHECK(DST_R_UNSUPPORTEDALG); + CLEANUP(DST_R_UNSUPPORTEDALG); } CHECK(dns_rdata_fromstruct(&rdata, keystruct.common.rdclass, @@ -796,30 +796,30 @@ ta_fromconfig(const cfg_obj_t *key, bool *initialp, const char **namestrp, switch (ds->digest_type) { case DNS_DSDIGEST_SHA1: if (r.length != ISC_SHA1_DIGESTLENGTH) { - CHECK(ISC_R_UNEXPECTEDEND); + CLEANUP(ISC_R_UNEXPECTEDEND); } break; case DNS_DSDIGEST_SHA256: if (r.length != ISC_SHA256_DIGESTLENGTH) { - CHECK(ISC_R_UNEXPECTEDEND); + CLEANUP(ISC_R_UNEXPECTEDEND); } break; case DNS_DSDIGEST_SHA384: if (r.length != ISC_SHA384_DIGESTLENGTH) { - CHECK(ISC_R_UNEXPECTEDEND); + CLEANUP(ISC_R_UNEXPECTEDEND); } break; #if defined(DNS_DSDIGEST_SHA256PRIVATE) case DNS_DSDIGEST_SHA256PRIVATE: if (r.length < ISC_SHA256_DIGESTLENGTH) { - CHECK(ISC_R_UNEXPECTEDEND); + CLEANUP(ISC_R_UNEXPECTEDEND); } break; #endif #if defined(DNS_DSDIGEST_SHA384PRIVATE) case DNS_DSDIGEST_SHA384PRIVATE: if (r.length < ISC_SHA384_DIGESTLENGTH) { - CHECK(ISC_R_UNEXPECTEDEND); + CLEANUP(ISC_R_UNEXPECTEDEND); } break; #endif @@ -828,12 +828,12 @@ ta_fromconfig(const cfg_obj_t *key, bool *initialp, const char **namestrp, "key '%s': " "unknown ds digest type %u", namestr, ds->digest_type); - CHECK(ISC_R_FAILURE); + CLEANUP(ISC_R_FAILURE); break; } if (r.length > digest_len) { - CHECK(ISC_R_NOSPACE); + CLEANUP(ISC_R_NOSPACE); } ds->length = r.length; ds->digest = digest; @@ -872,7 +872,7 @@ ta_fromconfig(const cfg_obj_t *key, bool *initialp, const char **namestrp, } #endif if (!dst_algorithm_supported(algorithm)) { - CHECK(DST_R_UNSUPPORTEDALG); + CLEANUP(DST_R_UNSUPPORTEDALG); } break; @@ -1145,7 +1145,7 @@ configure_view_dnsseckeys(dns_view_t *view, const cfg_obj_t *vconfig, isc_log_write(DNS_LOGCATEGORY_SECURITY, NAMED_LOGMODULE_SERVER, ISC_LOG_ERROR, "root key not loaded"); - CHECK(ISC_R_FAILURE); + CLEANUP(ISC_R_FAILURE); } } @@ -1176,7 +1176,7 @@ configure_view_dnsseckeys(dns_view_t *view, const cfg_obj_t *vconfig, "managed-keys-directory '%s' " "is not writable", directory); - CHECK(ISC_R_NOPERM); + CLEANUP(ISC_R_NOPERM); } } @@ -1674,7 +1674,7 @@ check_dbtype(dns_zone_t *zone, unsigned int dbtypec, const char **dbargv, */ for (i = 0; i < dbtypec; i++) { if (argv[i] == NULL || strcmp(argv[i], dbargv[i]) != 0) { - CHECK(ISC_R_FAILURE); + CLEANUP(ISC_R_FAILURE); } } @@ -2368,7 +2368,7 @@ catz_addmodzone_cb(void *arg) { } CHECK(cfg_map_get(zoneconf, "zone", &zlist)); if (!cfg_obj_islist(zlist)) { - CHECK(ISC_R_FAILURE); + CLEANUP(ISC_R_FAILURE); } /* For now we only support adding one zone at a time */ @@ -2637,7 +2637,7 @@ catz_reconfigure(dns_catz_entry_t *entry, void *arg1, void *arg2) { CHECK(cfg_map_get(zoneconf, "zone", &zlist)); if (!cfg_obj_islist(zlist)) { - CHECK(ISC_R_FAILURE); + CLEANUP(ISC_R_FAILURE); } zoneobj = cfg_listelt_value(cfg_list_first(zlist)); @@ -3781,7 +3781,7 @@ configure_view(dns_view_t *view, dns_viewlist_t *viewlist, cfg_obj_t *config, "rpz '%s' is not a primary or a " "secondary zone", namebuf); - CHECK(ISC_R_NOTFOUND); + CLEANUP(ISC_R_NOTFOUND); } } } @@ -4310,7 +4310,7 @@ configure_view(dns_view_t *view, dns_viewlist_t *viewlist, cfg_obj_t *config, if (dispatch4 == NULL && dispatch6 == NULL) { UNEXPECTED_ERROR("unable to obtain either an IPv4 or" " an IPv6 dispatch"); - CHECK(ISC_R_UNEXPECTED); + CLEANUP(ISC_R_UNEXPECTED); } CHECK(dns_view_createresolver(view, resopts, tlsctx_client_cache, @@ -5793,7 +5793,7 @@ get_viewinfo(const cfg_obj_t *vconfig, const char **namep, NAMED_LOGMODULE_SERVER, ISC_LOG_ERROR, "view '%s': class must not be meta", viewname); - CHECK(ISC_R_FAILURE); + CLEANUP(ISC_R_FAILURE); } } else { viewname = "_default"; @@ -5963,7 +5963,7 @@ configure_zone(const cfg_obj_t *config, const cfg_obj_t *zconfig, ISC_LOG_ERROR, "zone '%s': wrong class for view '%s'", zname, vname); - CHECK(ISC_R_FAILURE); + CLEANUP(ISC_R_FAILURE); } (void)cfg_map_get(zoptions, "in-view", &viewobj); @@ -5975,7 +5975,7 @@ configure_zone(const cfg_obj_t *config, const cfg_obj_t *zconfig, cfg_obj_log(zconfig, ISC_LOG_ERROR, "'in-view' option is not permitted in " "dynamically added zones"); - CHECK(ISC_R_FAILURE); + CLEANUP(ISC_R_FAILURE); } result = dns_viewlist_find(viewlist, inview, view->rdclass, @@ -5983,7 +5983,7 @@ configure_zone(const cfg_obj_t *config, const cfg_obj_t *zconfig, if (result != ISC_R_SUCCESS) { cfg_obj_log(zconfig, ISC_LOG_ERROR, "view '%s' is not yet defined.", inview); - CHECK(ISC_R_FAILURE); + CLEANUP(ISC_R_FAILURE); } result = dns_view_findzone(otherview, origin, DNS_ZTFIND_EXACT, @@ -5993,7 +5993,7 @@ configure_zone(const cfg_obj_t *config, const cfg_obj_t *zconfig, cfg_obj_log(zconfig, ISC_LOG_ERROR, "zone '%s' not defined in view '%s'", zname, inview); - CHECK(ISC_R_FAILURE); + CLEANUP(ISC_R_FAILURE); } CHECK(dns_view_addzone(view, zone)); @@ -6020,7 +6020,7 @@ configure_zone(const cfg_obj_t *config, const cfg_obj_t *zconfig, if (typeobj == NULL) { cfg_obj_log(zconfig, ISC_LOG_ERROR, "zone '%s' 'type' not specified", zname); - CHECK(ISC_R_FAILURE); + CLEANUP(ISC_R_FAILURE); } ztypestr = cfg_obj_asstring(typeobj); @@ -6036,7 +6036,7 @@ configure_zone(const cfg_obj_t *config, const cfg_obj_t *zconfig, isc_log_write(NAMED_LOGCATEGORY_GENERAL, NAMED_LOGMODULE_SERVER, ISC_LOG_ERROR, "zone '%s': 'file' not specified", zname); - CHECK(ISC_R_FAILURE); + CLEANUP(ISC_R_FAILURE); } if (dns_name_equal(origin, dns_rootname)) { const char *hintsfile = cfg_obj_asstring(fileobj); @@ -6077,7 +6077,7 @@ configure_zone(const cfg_obj_t *config, const cfg_obj_t *zconfig, if (view->redirect != NULL) { cfg_obj_log(zconfig, ISC_LOG_ERROR, "redirect zone already exists"); - CHECK(ISC_R_EXISTS); + CLEANUP(ISC_R_EXISTS); } result = dns_viewlist_find(viewlist, view->name, view->rdclass, &pview); @@ -6116,7 +6116,7 @@ configure_zone(const cfg_obj_t *config, const cfg_obj_t *zconfig, cfg_obj_log(zconfig, ISC_LOG_ERROR, "zone '%s' already exists", zname); dns_zone_detach(&dupzone); - CHECK(ISC_R_EXISTS); + CLEANUP(ISC_R_EXISTS); } INSIST(dupzone == NULL); } @@ -6827,7 +6827,7 @@ generate_session_key(const char *filename, const char *keynamestr, if (fp == NULL) { isc_log_write(NAMED_LOGCATEGORY_GENERAL, NAMED_LOGMODULE_SERVER, ISC_LOG_ERROR, "could not create %s", filename); - CHECK(ISC_R_NOPERM); + CLEANUP(ISC_R_NOPERM); } fprintf(fp, @@ -12085,7 +12085,7 @@ nzf_writeconf(const cfg_obj_t *config, dns_view_t *view) { cfg_map_get(config, "zone", &zl); if (!cfg_obj_islist(zl)) { - CHECK(ISC_R_FAILURE); + CLEANUP(ISC_R_FAILURE); } list = UNCONST(&zl->value.list); @@ -12192,7 +12192,7 @@ nzd_save(MDB_txn **txnp, MDB_dbi dbi, dns_zone_t *zone, "Error deleting zone %s " "from NZD database: %s", namebuf, mdb_strerror(status)); - CHECK(ISC_R_FAILURE); + CLEANUP(ISC_R_FAILURE); } else if (status != MDB_NOTFOUND) { commit = true; } @@ -12206,7 +12206,7 @@ nzd_save(MDB_txn **txnp, MDB_dbi dbi, dns_zone_t *zone, NAMED_LOGMODULE_SERVER, ISC_LOG_ERROR, "Unable to get options from config in " "nzd_save()"); - CHECK(ISC_R_FAILURE); + CLEANUP(ISC_R_FAILURE); } dzarg.magic = DZARG_MAGIC; @@ -12232,7 +12232,7 @@ nzd_save(MDB_txn **txnp, MDB_dbi dbi, dns_zone_t *zone, "Error inserting zone in " "NZD database: %s", mdb_strerror(status)); - CHECK(ISC_R_FAILURE); + CLEANUP(ISC_R_FAILURE); } commit = true; @@ -12394,7 +12394,7 @@ nzd_env_reopen(dns_view_t *view) { isc_log_write(DNS_LOGCATEGORY_GENERAL, ISC_LOGMODULE_OTHER, ISC_LOG_ERROR, "mdb_env_create failed: %s", mdb_strerror(status)); - CHECK(ISC_R_FAILURE); + CLEANUP(ISC_R_FAILURE); } if (view->newzone.mapsize != 0ULL) { @@ -12404,7 +12404,7 @@ nzd_env_reopen(dns_view_t *view) { ISC_LOGMODULE_OTHER, ISC_LOG_ERROR, "mdb_env_set_mapsize failed: %s", mdb_strerror(status)); - CHECK(ISC_R_FAILURE); + CLEANUP(ISC_R_FAILURE); } } @@ -12413,7 +12413,7 @@ nzd_env_reopen(dns_view_t *view) { isc_log_write(DNS_LOGCATEGORY_GENERAL, ISC_LOGMODULE_OTHER, ISC_LOG_ERROR, "mdb_env_open of '%s' failed: %s", view->newzone.db, mdb_strerror(status)); - CHECK(ISC_R_FAILURE); + CLEANUP(ISC_R_FAILURE); } view->newzone.dbenv = env; @@ -12508,7 +12508,7 @@ load_nzf(dns_view_t *view) { zonelist = NULL; CHECK(cfg_map_get(nzf_config, "zone", &zonelist)); if (!cfg_obj_islist(zonelist)) { - CHECK(ISC_R_FAILURE); + CLEANUP(ISC_R_FAILURE); } CHECK(nzd_open(view, 0, &txn, &dbi)); @@ -12526,7 +12526,7 @@ load_nzf(dns_view_t *view) { origin = cfg_obj_asstring(cfg_tuple_get(zconfig, "name")); if (origin == NULL) { - CHECK(ISC_R_FAILURE); + CLEANUP(ISC_R_FAILURE); } /* Normalize zone name */ @@ -12542,7 +12542,7 @@ load_nzf(dns_view_t *view) { zoptions = cfg_tuple_get(zconfig, "options"); if (zoptions == NULL) { - CHECK(ISC_R_FAILURE); + CLEANUP(ISC_R_FAILURE); } isc_buffer_clear(text); @@ -12569,7 +12569,7 @@ load_nzf(dns_view_t *view) { "Error inserting zone in " "NZD database: %s", mdb_strerror(status)); - CHECK(ISC_R_FAILURE); + CLEANUP(ISC_R_FAILURE); } commit = true; @@ -12652,7 +12652,7 @@ newzone_parse(named_server_t *server, char *command, dns_view_t **viewp, CHECK(cfg_map_get(zoneconf, "zone", &zlist)); if (!cfg_obj_islist(zlist)) { - CHECK(ISC_R_FAILURE); + CLEANUP(ISC_R_FAILURE); } /* For now we only support adding one zone at a time */ @@ -12668,14 +12668,14 @@ newzone_parse(named_server_t *server, char *command, dns_view_t **viewp, if (obj != NULL) { (void)putstr(text, "'in-view' zones not supported by "); (void)putstr(text, bn); - CHECK(ISC_R_FAILURE); + CLEANUP(ISC_R_FAILURE); } (void)cfg_map_get(zoptions, "template", &obj); if (obj == NULL) { (void)putstr(text, "no zone type or " "template specified"); - CHECK(ISC_R_FAILURE); + CLEANUP(ISC_R_FAILURE); } } @@ -12686,7 +12686,7 @@ newzone_parse(named_server_t *server, char *command, dns_view_t **viewp, (void)putstr(text, cfg_obj_asstring(obj)); (void)putstr(text, "' zones not supported by "); (void)putstr(text, bn); - CHECK(ISC_R_FAILURE); + CLEANUP(ISC_R_FAILURE); } if (strcasecmp(cfg_obj_asstring(obj), "redirect") == 0) { @@ -12748,7 +12748,7 @@ delete_zoneconf(dns_view_t *view, const cfg_obj_t *config, cfg_map_get(config, "zone", &zl); if (!cfg_obj_islist(zl)) { - CHECK(ISC_R_FAILURE); + CLEANUP(ISC_R_FAILURE); } cfg_list_t *list = UNCONST(&zl->value.list); @@ -12848,7 +12848,7 @@ do_addzone(named_server_t *server, dns_view_t *view, dns_name_t *name, TCHECK(putstr(text, "unable to open NZD database for '")); TCHECK(putstr(text, view->newzone.db)); TCHECK(putstr(text, "'")); - CHECK(ISC_R_FAILURE); + CLEANUP(ISC_R_FAILURE); } #endif /* HAVE_LMDB */ @@ -12884,7 +12884,7 @@ do_addzone(named_server_t *server, dns_view_t *view, dns_name_t *name, /* Is it there yet? */ if (redirect) { if (view->redirect == NULL) { - CHECK(ISC_R_NOTFOUND); + CLEANUP(ISC_R_NOTFOUND); } dns_zone_attach(view->redirect, &zone); } else { @@ -13080,7 +13080,7 @@ do_modzone(named_server_t *server, dns_view_t *view, dns_name_t *name, /* Is it there yet? */ if (redirect) { if (view->redirect == NULL) { - CHECK(ISC_R_NOTFOUND); + CLEANUP(ISC_R_NOTFOUND); } dns_zone_attach(view->redirect, &zone); } else { @@ -13246,7 +13246,7 @@ named_server_changezone(named_server_t *server, char *command, (void)putstr(text, "Not allowing new zones in view '"); (void)putstr(text, view->name); (void)putstr(text, "'"); - CHECK(ISC_R_NOPERM); + CLEANUP(ISC_R_NOPERM); } zonename = cfg_obj_asstring(cfg_tuple_get(zoneobj, "name")); @@ -13260,7 +13260,7 @@ named_server_changezone(named_server_t *server, char *command, if (!dns_name_equal(dnsname, dns_rootname)) { (void)putstr(text, "redirect zones must be called " "\".\""); - CHECK(ISC_R_FAILURE); + CLEANUP(ISC_R_FAILURE); } } @@ -13509,7 +13509,7 @@ named_server_delzone(named_server_t *server, isc_lex_t *lex, CHECK(zone_from_args(server, lex, ptr, &zone, zonename, text, false)); if (zone == NULL) { - CHECK(ISC_R_UNEXPECTEDEND); + CLEANUP(ISC_R_UNEXPECTEDEND); } INSIST(zonename != NULL); @@ -13520,7 +13520,7 @@ named_server_delzone(named_server_t *server, isc_lex_t *lex, TCHECK(putstr(text, zonename)); TCHECK(putstr(text, "' cannot be deleted: response-policy zone.")); - CHECK(ISC_R_FAILURE); + CLEANUP(ISC_R_FAILURE); } view = dns_zone_getview(zone); @@ -13627,14 +13627,14 @@ named_server_showzone(named_server_t *server, isc_lex_t *lex, /* Parse parameters */ CHECK(zone_from_args(server, lex, NULL, &zone, zonename, text, true)); if (zone == NULL) { - CHECK(ISC_R_UNEXPECTEDEND); + CLEANUP(ISC_R_UNEXPECTEDEND); } zconfig = dns_zone_getcfg(zone); dns_zone_detach(&zone); if (zconfig == NULL) { - CHECK(ISC_R_NOTFOUND); + CLEANUP(ISC_R_NOTFOUND); } CHECK(putstr(text, "zone ")); @@ -13823,12 +13823,12 @@ named_server_signing(named_server_t *server, isc_lex_t *lex, CHECK(isc_parse_uint32(&serial, ptr, 10)); setserial = true; } else { - CHECK(DNS_R_SYNTAX); + CLEANUP(DNS_R_SYNTAX); } CHECK(zone_from_args(server, lex, NULL, &zone, NULL, text, false)); if (zone == NULL) { - CHECK(ISC_R_UNEXPECTEDEND); + CLEANUP(ISC_R_UNEXPECTEDEND); } if (dns_zone_getkasp(zone) != NULL) { @@ -13990,7 +13990,7 @@ named_server_dnssec(named_server_t *server, isc_lex_t *lex, } else if (strcasecmp(ptr, "-step") == 0) { forcestep = true; } else { - CHECK(DNS_R_SYNTAX); + CLEANUP(DNS_R_SYNTAX); } if (status) { @@ -14018,13 +14018,13 @@ named_server_dnssec(named_server_t *server, isc_lex_t *lex, ptr = next_token(lex, text); if (ptr == NULL) { msg = "Bad format"; - CHECK(ISC_R_UNEXPECTEDEND); + CLEANUP(ISC_R_UNEXPECTEDEND); } else if (argcheck(ptr, "alg")) { isc_consttextregion_t alg; ptr = next_token(lex, text); if (ptr == NULL) { msg = "No key algorithm specified"; - CHECK(ISC_R_UNEXPECTEDEND); + CLEANUP(ISC_R_UNEXPECTEDEND); } alg.base = ptr; alg.length = strlen(alg.base); @@ -14032,7 +14032,7 @@ named_server_dnssec(named_server_t *server, isc_lex_t *lex, &algorithm, (isc_textregion_t *)&alg); if (result != ISC_R_SUCCESS) { msg = "Bad algorithm"; - CHECK(DNS_R_SYNTAX); + CLEANUP(DNS_R_SYNTAX); } continue; } else if (argcheck(ptr, "key")) { @@ -14040,7 +14040,7 @@ named_server_dnssec(named_server_t *server, isc_lex_t *lex, ptr = next_token(lex, text); if (ptr == NULL) { msg = "No key identifier specified"; - CHECK(ISC_R_UNEXPECTEDEND); + CLEANUP(ISC_R_UNEXPECTEDEND); } CHECK(isc_parse_uint16(&id, ptr, 10)); keyid = (dns_keytag_t)id; @@ -14051,14 +14051,14 @@ named_server_dnssec(named_server_t *server, isc_lex_t *lex, ptr = next_token(lex, text); if (ptr == NULL) { msg = "No time specified"; - CHECK(ISC_R_UNEXPECTEDEND); + CLEANUP(ISC_R_UNEXPECTEDEND); } CHECK(dns_time32_fromtext(ptr, &tw)); when = (isc_stdtime_t)tw; continue; } else if (ptr[0] == '-') { msg = "Unknown option"; - CHECK(DNS_R_SYNTAX); + CLEANUP(DNS_R_SYNTAX); } else if (checkds) { /* * No arguments provided, so we must be @@ -14067,7 +14067,7 @@ named_server_dnssec(named_server_t *server, isc_lex_t *lex, if (strcasecmp(ptr, "published") == 0) { dspublish = true; } else if (strcasecmp(ptr, "withdrawn") != 0) { - CHECK(DNS_R_SYNTAX); + CLEANUP(DNS_R_SYNTAX); } } else if (rollover) { /* @@ -14081,12 +14081,12 @@ named_server_dnssec(named_server_t *server, isc_lex_t *lex, if (rollover && !use_keyid) { msg = "Key id is required when scheduling rollover"; - CHECK(DNS_R_SYNTAX); + CLEANUP(DNS_R_SYNTAX); } if (algorithm > 0 && !use_keyid) { msg = "Key id is required when setting algorithm"; - CHECK(DNS_R_SYNTAX); + CLEANUP(DNS_R_SYNTAX); } } @@ -14094,14 +14094,14 @@ named_server_dnssec(named_server_t *server, isc_lex_t *lex, CHECK(zone_from_args(server, lex, zonetext, &zone, NULL, text, false)); if (zone == NULL) { msg = "Zone not found"; - CHECK(ISC_R_UNEXPECTEDEND); + CLEANUP(ISC_R_UNEXPECTEDEND); } /* Trailing garbage? */ ptr = next_token(lex, text); if (ptr != NULL) { msg = "Too many arguments"; - CHECK(DNS_R_SYNTAX); + CLEANUP(DNS_R_SYNTAX); } /* Get dnssec-policy. */ @@ -14338,7 +14338,7 @@ named_server_zonestatus(named_server_t *server, isc_lex_t *lex, CHECK(zone_from_args(server, lex, NULL, &zone, zonename, text, true)); if (zone == NULL) { - CHECK(ISC_R_UNEXPECTEDEND); + CLEANUP(ISC_R_UNEXPECTEDEND); } /* Inline signing? */ @@ -14620,7 +14620,7 @@ named_server_nta(named_server_t *server, isc_lex_t *lex, bool readonly, ptr = next_token(lex, text); if (ptr == NULL) { msg = "No lifetime specified"; - CHECK(ISC_R_UNEXPECTEDEND); + CLEANUP(ISC_R_UNEXPECTEDEND); } tr.base = ptr; @@ -14633,7 +14633,7 @@ named_server_nta(named_server_t *server, isc_lex_t *lex, bool readonly, if (ntattl > 604800) { msg = "NTA lifetime cannot exceed one week"; - CHECK(ISC_R_RANGE); + CLEANUP(ISC_R_RANGE); } ttlset = true; @@ -14644,7 +14644,7 @@ named_server_nta(named_server_t *server, isc_lex_t *lex, bool readonly, ptr = next_token(lex, text); if (ptr == NULL) { msg = "No class specified"; - CHECK(ISC_R_UNEXPECTEDEND); + CLEANUP(ISC_R_UNEXPECTEDEND); } tr.base = ptr; @@ -14653,7 +14653,7 @@ named_server_nta(named_server_t *server, isc_lex_t *lex, bool readonly, continue; } else if (ptr[0] == '-') { msg = "Unknown option"; - CHECK(DNS_R_SYNTAX); + CLEANUP(DNS_R_SYNTAX); } else { nametext = ptr; } @@ -14694,7 +14694,7 @@ named_server_nta(named_server_t *server, isc_lex_t *lex, bool readonly, NAMED_LOGMODULE_CONTROL, ISC_LOG_INFO, "rejecting restricted control channel " "NTA command"); - CHECK(ISC_R_FAILURE); + CLEANUP(ISC_R_FAILURE); } /* Get the NTA name if not found above. */ @@ -14726,7 +14726,7 @@ named_server_nta(named_server_t *server, isc_lex_t *lex, bool readonly, } if (next_token(lex, text) != NULL) { - CHECK(DNS_R_SYNTAX); + CLEANUP(DNS_R_SYNTAX); } now = isc_stdtime_now(); @@ -14917,7 +14917,7 @@ mkey_destroy(dns_view_t *view, isc_buffer_t *text) { bool removed_a_file = false; if (view->managed_keys == NULL) { - CHECK(ISC_R_NOTFOUND); + CLEANUP(ISC_R_NOTFOUND); } snprintf(msg, sizeof(msg), "destroying managed-keys database for '%s'", @@ -14960,7 +14960,7 @@ mkey_destroy(dns_view_t *view, isc_buffer_t *text) { if (!removed_a_file) { CHECK(putstr(text, "error: no files could be removed")); - CHECK(ISC_R_FAILURE); + CLEANUP(ISC_R_FAILURE); } dns_zone_detach(&mkzone); @@ -15147,7 +15147,7 @@ named_server_mkeys(named_server_t *server, isc_lex_t *lex, isc_buffer_t *text) { } else { snprintf(msg, sizeof(msg), "unknown command '%s'", cmd); (void)putstr(text, msg); - CHECK(ISC_R_UNEXPECTED); + CLEANUP(ISC_R_UNEXPECTED); } /* Look for the optional class name. */ @@ -15315,10 +15315,10 @@ named_server_tcptimeouts(isc_lex_t *lex, isc_buffer_t *text) { CHECK(isc_parse_uint32(&initial, ptr, 10)); initial *= 100; if (initial > MAX_INITIAL_TIMEOUT) { - CHECK(ISC_R_RANGE); + CLEANUP(ISC_R_RANGE); } if (initial < MIN_INITIAL_TIMEOUT) { - CHECK(ISC_R_RANGE); + CLEANUP(ISC_R_RANGE); } ptr = next_token(lex, text); @@ -15328,10 +15328,10 @@ named_server_tcptimeouts(isc_lex_t *lex, isc_buffer_t *text) { CHECK(isc_parse_uint32(&idle, ptr, 10)); idle *= 100; if (idle > MAX_IDLE_TIMEOUT) { - CHECK(ISC_R_RANGE); + CLEANUP(ISC_R_RANGE); } if (idle < MIN_IDLE_TIMEOUT) { - CHECK(ISC_R_RANGE); + CLEANUP(ISC_R_RANGE); } ptr = next_token(lex, text); @@ -15341,10 +15341,10 @@ named_server_tcptimeouts(isc_lex_t *lex, isc_buffer_t *text) { CHECK(isc_parse_uint32(&keepalive, ptr, 10)); keepalive *= 100; if (keepalive > MAX_KEEPALIVE_TIMEOUT) { - CHECK(ISC_R_RANGE); + CLEANUP(ISC_R_RANGE); } if (keepalive < MIN_KEEPALIVE_TIMEOUT) { - CHECK(ISC_R_RANGE); + CLEANUP(ISC_R_RANGE); } ptr = next_token(lex, text); @@ -15354,7 +15354,7 @@ named_server_tcptimeouts(isc_lex_t *lex, isc_buffer_t *text) { CHECK(isc_parse_uint32(&advertised, ptr, 10)); advertised *= 100; if (advertised > MAX_ADVERTISED_TIMEOUT) { - CHECK(ISC_R_RANGE); + CLEANUP(ISC_R_RANGE); } ptr = next_token(lex, text); @@ -15364,10 +15364,10 @@ named_server_tcptimeouts(isc_lex_t *lex, isc_buffer_t *text) { CHECK(isc_parse_uint32(&primaries, ptr, 10)); primaries *= 100; if (primaries > MAX_PRIMARIES_TIMEOUT) { - CHECK(ISC_R_RANGE); + CLEANUP(ISC_R_RANGE); } if (primaries < MIN_PRIMARIES_TIMEOUT) { - CHECK(ISC_R_RANGE); + CLEANUP(ISC_R_RANGE); } isc_nm_setinitialtimeout(initial); @@ -15608,7 +15608,7 @@ named_server_fetchlimit(named_server_t *server, isc_lex_t *lex, s = snprintf(tbuf, sizeof(tbuf), " (fetches-per-server %u):", val); if (s < 0 || (unsigned int)s > sizeof(tbuf)) { - CHECK(ISC_R_NOSPACE); + CLEANUP(ISC_R_NOSPACE); } first = false; CHECK(putstr(text, tbuf)); @@ -15624,7 +15624,7 @@ named_server_fetchlimit(named_server_t *server, isc_lex_t *lex, s = snprintf(tbuf, sizeof(tbuf), " (fetches-per-zone %u):", val); if (s < 0 || (unsigned int)s > sizeof(tbuf)) { - CHECK(ISC_R_NOSPACE); + CLEANUP(ISC_R_NOSPACE); } CHECK(putstr(text, tbuf)); used = isc_buffer_usedlength(text); @@ -15666,7 +15666,7 @@ named_server_skr(named_server_t *server, isc_lex_t *lex, isc_buffer_t *text) { } if (strcasecmp(ptr, "-import") != 0) { - CHECK(DNS_R_SYNTAX); + CLEANUP(DNS_R_SYNTAX); } ptr = next_token(lex, NULL); @@ -15677,7 +15677,7 @@ named_server_skr(named_server_t *server, isc_lex_t *lex, isc_buffer_t *text) { CHECK(zone_from_args(server, lex, NULL, &zone, NULL, text, false)); if (zone == NULL) { - CHECK(ISC_R_UNEXPECTEDEND); + CLEANUP(ISC_R_UNEXPECTEDEND); } kasp = dns_zone_getkasp(zone); if (kasp == NULL) { diff --git a/bin/named/statschannel.c b/bin/named/statschannel.c index a74af44cee..51184ffe44 100644 --- a/bin/named/statschannel.c +++ b/bin/named/statschannel.c @@ -2405,7 +2405,7 @@ zone_jsonrender(dns_zone_t *zone, void *arg) { if (zonestats != NULL) { json_object *counters = json_object_new_object(); if (counters == NULL) { - CHECK(ISC_R_NOMEMORY); + CLEANUP(ISC_R_NOMEMORY); } result = dump_stats(zonestats, isc_statsformat_json, @@ -2429,7 +2429,7 @@ zone_jsonrender(dns_zone_t *zone, void *arg) { if (gluecachestats != NULL) { json_object *counters = json_object_new_object(); if (counters == NULL) { - CHECK(ISC_R_NOMEMORY); + CLEANUP(ISC_R_NOMEMORY); } result = dump_stats( @@ -2582,7 +2582,7 @@ xfrin_jsonrender(dns_zone_t *zone, void *arg) { } if (xfrinobj == NULL) { - CHECK(ISC_R_NOMEMORY); + CLEANUP(ISC_R_NOMEMORY); } result = dns_zone_getxfr(zone, &xfr, &is_firstrefresh, &is_running, @@ -3650,7 +3650,7 @@ add_listener(named_server_t *server, named_statschannel_t **listenerp, if ((pf == AF_INET && isc_net_probeipv4() != ISC_R_SUCCESS) || (pf == AF_INET6 && isc_net_probeipv6() != ISC_R_SUCCESS)) { - CHECK(ISC_R_FAMILYNOSUPPORT); + CLEANUP(ISC_R_FAMILYNOSUPPORT); } CHECK(isc_httpdmgr_create(server->mctx, addr, client_ok, diff --git a/bin/named/transportconf.c b/bin/named/transportconf.c index 7030c70426..5f3701b393 100644 --- a/bin/named/transportconf.c +++ b/bin/named/transportconf.c @@ -147,7 +147,7 @@ add_tls_transports(const cfg_obj_t *transportlist, dns_transport_list_t *list) { tlsid = cfg_obj_asstring(cfg_map_getname(tls)); if (!strcmp(tlsid, "ephemeral")) { - CHECK(ISC_R_UNEXPECTEDTOKEN); + CLEANUP(ISC_R_UNEXPECTEDTOKEN); } create_name(tlsid, tlsname); diff --git a/bin/named/tsigconf.c b/bin/named/tsigconf.c index 1b758cb323..1a790a6823 100644 --- a/bin/named/tsigconf.c +++ b/bin/named/tsigconf.c @@ -81,7 +81,7 @@ add_initial_keys(const cfg_obj_t *list, dns_tsigkeyring_t *ring, "key '%s': has a " "unsupported algorithm '%s'", keyid, algstr); - CHECK(DNS_R_BADALG); + CLEANUP(DNS_R_BADALG); } secretstr = cfg_obj_asstring(secretobj); diff --git a/bin/named/zoneconf.c b/bin/named/zoneconf.c index bd29d8fab5..b43223395f 100644 --- a/bin/named/zoneconf.c +++ b/bin/named/zoneconf.c @@ -364,7 +364,7 @@ configure_zone_ssutable(const cfg_obj_t *zconfig, const cfg_obj_t *tconfig, "failed to enable auto DDNS policy " "for zone %s: session key not found", zname); - CHECK(ISC_R_NOTFOUND); + CLEANUP(ISC_R_NOTFOUND); } dns_ssutable_addrule( @@ -600,7 +600,7 @@ configure_staticstub(const cfg_obj_t *zconfig, const cfg_obj_t *tconfig, "No NS record is configured for a " "static-stub zone '%s'", zname); - CHECK(ISC_R_FAILURE); + CLEANUP(ISC_R_FAILURE); } /* diff --git a/bin/tests/system/dyndb/driver/instance.c b/bin/tests/system/dyndb/driver/instance.c index e4ab5a54c9..7c3b842cca 100644 --- a/bin/tests/system/dyndb/driver/instance.c +++ b/bin/tests/system/dyndb/driver/instance.c @@ -78,7 +78,7 @@ parse_params(isc_mem_t *mctx, int argc, char **argv, dns_name_t *z1, if (argc != 2) { log_error("exactly two parameters " "(absolute zone names) are required"); - CHECK(ISC_R_FAILURE); + CLEANUP(ISC_R_FAILURE); } result = dns_name_fromstring(z1, argv[0], dns_rootname, 0, mctx); if (result != ISC_R_SUCCESS) { diff --git a/bin/tests/system/dyndb/driver/zone.c b/bin/tests/system/dyndb/driver/zone.c index 0264216fec..da6fef47f5 100644 --- a/bin/tests/system/dyndb/driver/zone.c +++ b/bin/tests/system/dyndb/driver/zone.c @@ -139,8 +139,7 @@ publish_zone(sample_instance_t *inst, dns_zone_t *zone) { /* Zone has a view set -> view should contain the same zone. */ if (zone_in_view == zone) { /* Zone is already published in the right view. */ - result = ISC_R_SUCCESS; - goto cleanup; + CLEANUP(ISC_R_SUCCESS); } else if (view_in_zone != inst->view) { /* * Un-published inactive zone will have @@ -150,7 +149,7 @@ publish_zone(sample_instance_t *inst, dns_zone_t *zone) { dns_zone_log(zone, ISC_LOG_ERROR, "zone->view doesn't " "match data in the view"); - CHECK(ISC_R_UNEXPECTED); + CLEANUP(ISC_R_UNEXPECTED); } } @@ -158,7 +157,7 @@ publish_zone(sample_instance_t *inst, dns_zone_t *zone) { dns_zone_log(zone, ISC_LOG_ERROR, "cannot publish zone: view already " "contains another zone with this name"); - CHECK(ISC_R_UNEXPECTED); + CLEANUP(ISC_R_UNEXPECTED); } if (inst->view->frozen) { diff --git a/lib/dns/catz.c b/lib/dns/catz.c index 44f2757c29..198e68ad6d 100644 --- a/lib/dns/catz.c +++ b/lib/dns/catz.c @@ -1208,14 +1208,14 @@ catz_process_coo(dns_catz_zone_t *catz, dns_label_t *mhash, RETERR(dns_rdata_tostruct(&rdata, &ptr, NULL)); if (dns_name_countlabels(&ptr.ptr) == 0) { - CHECK(ISC_R_FAILURE); + CLEANUP(ISC_R_FAILURE); } CHECK(isc_ht_find(catz->entries, mhash->base, mhash->length, (void **)&entry)); if (dns_name_countlabels(&entry->name) == 0) { - CHECK(ISC_R_FAILURE); + CLEANUP(ISC_R_FAILURE); } catz_coo_add(catz, entry, &ptr.ptr); @@ -1315,10 +1315,10 @@ catz_process_version(dns_catz_zone_t *catz, dns_rdataset_t *value) { result = dns_rdata_txt_next(&rdatatxt); if (result != ISC_R_NOMORE) { - CHECK(ISC_R_FAILURE); + CLEANUP(ISC_R_FAILURE); } if (rdatastr.length > 15) { - CHECK(ISC_R_BADNUMBER); + CLEANUP(ISC_R_BADNUMBER); } memmove(t, rdatastr.data, rdatastr.length); t[rdatastr.length] = 0; @@ -1946,7 +1946,7 @@ dns_catz_generate_zonecfg(dns_catz_zone_t *catz, dns_catz_entry_t *entry, "catz: zone '%s' uses an invalid primary " "(no IP address assigned)", zname); - CHECK(ISC_R_FAILURE); + CLEANUP(ISC_R_FAILURE); } isc_netaddr_fromsockaddr(&netaddr, &entry->opts.masters.addrs[i]); @@ -2074,7 +2074,7 @@ dns_catz_dbupdate_callback(dns_db_t *db, void *fn_arg) { LOCK(&catzs->lock); if (catzs->zones == NULL) { - CHECK(ISC_R_SHUTTINGDOWN); + CLEANUP(ISC_R_SHUTTINGDOWN); } CHECK(isc_ht_find(catzs->zones, r.base, r.length, (void **)&catz)); diff --git a/lib/dns/dlz.c b/lib/dns/dlz.c index 48f563f6c7..e9481c50d1 100644 --- a/lib/dns/dlz.c +++ b/lib/dns/dlz.c @@ -417,7 +417,7 @@ dns_dlz_writeablezone(dns_view_t *view, dns_dlzdb_t *dlzdb, result = dns_view_findzone(view, origin, DNS_ZTFIND_EXACT, &dupzone); if (result == ISC_R_SUCCESS) { dns_zone_detach(&dupzone); - CHECK(ISC_R_EXISTS); + CLEANUP(ISC_R_EXISTS); } INSIST(dupzone == NULL); diff --git a/lib/dns/dnssec.c b/lib/dns/dnssec.c index 7711fb92b1..0d5ef95c53 100644 --- a/lib/dns/dnssec.c +++ b/lib/dns/dnssec.c @@ -885,12 +885,12 @@ dns_dnssec_verifymessage(isc_buffer_t *source, dns_message_t *msg, signeedsfree = true; if (sig.labels != 0) { - CHECK(DNS_R_SIGINVALID); + CLEANUP(DNS_R_SIGINVALID); } if (isc_serial_lt(sig.timeexpire, sig.timesigned)) { msg->sig0status = dns_tsigerror_badtime; - CHECK(DNS_R_SIGINVALID); + CLEANUP(DNS_R_SIGINVALID); } if (msg->fuzzing) { @@ -901,15 +901,15 @@ dns_dnssec_verifymessage(isc_buffer_t *source, dns_message_t *msg, if (isc_serial_lt((uint32_t)now, sig.timesigned)) { msg->sig0status = dns_tsigerror_badtime; - CHECK(DNS_R_SIGFUTURE); + CLEANUP(DNS_R_SIGFUTURE); } else if (isc_serial_lt(sig.timeexpire, (uint32_t)now)) { msg->sig0status = dns_tsigerror_badtime; - CHECK(DNS_R_SIGEXPIRED); + CLEANUP(DNS_R_SIGEXPIRED); } if (!dns_name_equal(dst_key_name(key), &sig.signer)) { msg->sig0status = dns_tsigerror_badkey; - CHECK(DNS_R_SIGINVALID); + CLEANUP(DNS_R_SIGINVALID); } CHECK(dst_context_create(key, mctx, DNS_LOGCATEGORY_DNSSEC, false, diff --git a/lib/dns/dnstap.c b/lib/dns/dnstap.c index ab9b994b6d..087dc5cebb 100644 --- a/lib/dns/dnstap.c +++ b/lib/dns/dnstap.c @@ -164,13 +164,13 @@ dns_dt_create(isc_mem_t *mctx, dns_dtmode_t mode, const char *path, fwopt = fstrm_writer_options_init(); if (fwopt == NULL) { - CHECK(ISC_R_NOMEMORY); + CLEANUP(ISC_R_NOMEMORY); } res = fstrm_writer_options_add_content_type( fwopt, DNSTAP_CONTENT_TYPE, sizeof(DNSTAP_CONTENT_TYPE) - 1); if (res != fstrm_res_success) { - CHECK(ISC_R_FAILURE); + CLEANUP(ISC_R_FAILURE); } if (mode == dns_dtmode_file) { @@ -187,11 +187,11 @@ dns_dt_create(isc_mem_t *mctx, dns_dtmode_t mode, const char *path, fw = fstrm_unix_writer_init(fuwopt, fwopt); } } else { - CHECK(ISC_R_FAILURE); + CLEANUP(ISC_R_FAILURE); } if (fw == NULL) { - CHECK(ISC_R_FAILURE); + CLEANUP(ISC_R_FAILURE); } env->iothr = fstrm_iothr_init(*foptp, &fw); @@ -200,7 +200,7 @@ dns_dt_create(isc_mem_t *mctx, dns_dtmode_t mode, const char *path, ISC_LOG_WARNING, "unable to initialize dnstap I/O thread"); fstrm_writer_destroy(&fw); - CHECK(ISC_R_FAILURE); + CLEANUP(ISC_R_FAILURE); } env->mode = mode; env->max_size = 0; @@ -281,13 +281,13 @@ dns_dt_reopen(dns_dtenv_t *env, int roll) { */ fwopt = fstrm_writer_options_init(); if (fwopt == NULL) { - CHECK(ISC_R_NOMEMORY); + CLEANUP(ISC_R_NOMEMORY); } res = fstrm_writer_options_add_content_type( fwopt, DNSTAP_CONTENT_TYPE, sizeof(DNSTAP_CONTENT_TYPE) - 1); if (res != fstrm_res_success) { - CHECK(ISC_R_FAILURE); + CLEANUP(ISC_R_FAILURE); } if (env->mode == dns_dtmode_file) { @@ -304,11 +304,11 @@ dns_dt_reopen(dns_dtenv_t *env, int roll) { fw = fstrm_unix_writer_init(fuwopt, fwopt); } } else { - CHECK(ISC_R_NOTIMPLEMENTED); + CLEANUP(ISC_R_NOTIMPLEMENTED); } if (fw == NULL) { - CHECK(ISC_R_FAILURE); + CLEANUP(ISC_R_FAILURE); } /* @@ -350,7 +350,7 @@ dns_dt_reopen(dns_dtenv_t *env, int roll) { isc_log_write(DNS_LOGCATEGORY_DNSTAP, DNS_LOGMODULE_DNSTAP, ISC_LOG_WARNING, "unable to initialize dnstap I/O thread"); - CHECK(ISC_R_FAILURE); + CLEANUP(ISC_R_FAILURE); } cleanup: @@ -938,23 +938,23 @@ dns_dt_open(const char *filename, dns_dtmode_t mode, isc_mem_t *mctx, case dns_dtmode_file: fopt = fstrm_file_options_init(); if (fopt == NULL) { - CHECK(ISC_R_NOMEMORY); + CLEANUP(ISC_R_NOMEMORY); } fstrm_file_options_set_file_path(fopt, filename); handle->reader = fstrm_file_reader_init(fopt, NULL); if (handle->reader == NULL) { - CHECK(ISC_R_NOMEMORY); + CLEANUP(ISC_R_NOMEMORY); } res = fstrm_reader_open(handle->reader); if (res != fstrm_res_success) { - CHECK(ISC_R_FAILURE); + CLEANUP(ISC_R_FAILURE); } if (!dnstap_file(handle->reader)) { - CHECK(DNS_R_BADDNSTAP); + CLEANUP(DNS_R_BADDNSTAP); } break; case dns_dtmode_unix: @@ -1043,13 +1043,13 @@ dns_dt_parse(isc_mem_t *mctx, isc_region_t *src, dns_dtdata_t **destp) { d->frame = dnstap__dnstap__unpack(NULL, src->length, src->base); if (d->frame == NULL) { - CHECK(ISC_R_NOMEMORY); + CLEANUP(ISC_R_NOMEMORY); } frame = (Dnstap__Dnstap *)d->frame; if (frame->type != DNSTAP__DNSTAP__TYPE__MESSAGE) { - CHECK(DNS_R_BADDNSTAP); + CLEANUP(DNS_R_BADDNSTAP); } m = frame->message; @@ -1099,7 +1099,7 @@ dns_dt_parse(isc_mem_t *mctx, isc_region_t *src, dns_dtdata_t **destp) { d->type = DNS_DTTYPE_UR; break; default: - CHECK(DNS_R_BADDNSTAP); + CLEANUP(DNS_R_BADDNSTAP); } /* Query? */ diff --git a/lib/dns/dst_api.c b/lib/dns/dst_api.c index 4b79f487ae..2f4ebf9753 100644 --- a/lib/dns/dst_api.c +++ b/lib/dns/dst_api.c @@ -88,7 +88,7 @@ CHECK(result); \ } while ((*token).type != isc_tokentype_eol) -#define BADTOKEN() CHECK(ISC_R_UNEXPECTEDTOKEN) +#define BADTOKEN() CLEANUP(ISC_R_UNEXPECTEDTOKEN) static const char *numerictags[DST_MAX_NUMERIC] = { [DST_NUM_PREDECESSOR] = "Predecessor:", @@ -480,7 +480,7 @@ dst_key_fromfile(dns_name_t *name, dns_keytag_t id, unsigned int alg, int type, if (!dns_name_equal(name, key->key_name) || id != key->key_id || alg != key->key_alg) { - CHECK(DST_R_INVALIDPRIVATEKEY); + CLEANUP(DST_R_INVALIDPRIVATEKEY); } *keyp = key; @@ -569,7 +569,7 @@ dst_key_fromnamedfile(const char *filename, const char *dirname, int type, pubkey->key_ttl, mctx); if (key->func->parse == NULL) { - CHECK(DST_R_UNSUPPORTEDALG); + CLEANUP(DST_R_UNSUPPORTEDALG); } newfilenamelen = strlen(filename) + 9; @@ -603,7 +603,7 @@ dst_key_fromnamedfile(const char *filename, const char *dirname, int type, CHECK(computeid(key)); if (pubkey->key_id != key->key_id) { - CHECK(DST_R_INVALIDPRIVATEKEY); + CLEANUP(DST_R_INVALIDPRIVATEKEY); } key->modified = false; diff --git a/lib/dns/dyndb.c b/lib/dns/dyndb.c index 889a230ce7..1b5337f3ec 100644 --- a/lib/dns/dyndb.c +++ b/lib/dns/dyndb.c @@ -137,7 +137,7 @@ load_library(isc_mem_t *mctx, const char *filename, const char *instname, "failed to dlopen() DynDB instance '%s' driver " "'%s': %s", instname, filename, errmsg); - CHECK(ISC_R_FAILURE); + CLEANUP(ISC_R_FAILURE); } CHECK(load_symbol(&imp->handle, filename, "dyndb_version", @@ -151,7 +151,7 @@ load_library(isc_mem_t *mctx, const char *filename, const char *instname, ISC_LOG_ERROR, "driver API version mismatch: %d/%d", version, DNS_DYNDB_VERSION); - CHECK(ISC_R_FAILURE); + CLEANUP(ISC_R_FAILURE); } CHECK(load_symbol(&imp->handle, filename, "dyndb_init", @@ -207,7 +207,7 @@ dns_dyndb_load(const char *libname, const char *name, const char *parameters, /* duplicate instance names are not allowed */ if (impfind(name) != NULL) { - CHECK(ISC_R_EXISTS); + CLEANUP(ISC_R_EXISTS); } CHECK(load_library(mctx, libname, name, &implementation)); diff --git a/lib/dns/gssapictx.c b/lib/dns/gssapictx.c index 67cdc0cfca..bebad47677 100644 --- a/lib/dns/gssapictx.c +++ b/lib/dns/gssapictx.c @@ -314,7 +314,7 @@ dst_gssapi_initctx(const dns_name_t *name, isc_buffer_t *intoken, gret = gss_import_name(&minor, &gnamebuf, GSS_C_NO_OID, &gname); if (gret != GSS_S_COMPLETE) { gss_err_message(mctx, gret, minor, err_message); - CHECK(ISC_R_FAILURE); + CLEANUP(ISC_R_FAILURE); } if (intoken != NULL) { @@ -345,7 +345,7 @@ dst_gssapi_initctx(const dns_name_t *name, isc_buffer_t *intoken, gss_log(3, "Failure initiating security context"); } - CHECK(ISC_R_FAILURE); + CLEANUP(ISC_R_FAILURE); } /* @@ -480,7 +480,7 @@ dst_gssapi_acceptctx(const char *gssapi_keytab, isc_region_t *intoken, gss_log(3, "failed gss_display_name: %s", gss_error_tostring(gret, minor, buf, sizeof(buf))); - CHECK(ISC_R_FAILURE); + CLEANUP(ISC_R_FAILURE); } /* diff --git a/lib/dns/journal.c b/lib/dns/journal.c index 46dff831bd..3af3efa4e6 100644 --- a/lib/dns/journal.c +++ b/lib/dns/journal.c @@ -610,14 +610,14 @@ journal_open(isc_mem_t *mctx, const char *filename, bool writable, bool create, */ result = isc_stdio_open(j->filename, "rb+", &fp); } else { - CHECK(ISC_R_NOTFOUND); + CLEANUP(ISC_R_NOTFOUND); } } if (result != ISC_R_SUCCESS) { isc_log_write(DNS_LOGCATEGORY_GENERAL, DNS_LOGMODULE_JOURNAL, ISC_LOG_ERROR, "%s: open: %s", j->filename, isc_result_totext(result)); - CHECK(ISC_R_UNEXPECTED); + CLEANUP(ISC_R_UNEXPECTED); } j->fp = fp; @@ -656,7 +656,7 @@ journal_open(isc_mem_t *mctx, const char *filename, bool writable, bool create, isc_log_write(DNS_LOGCATEGORY_GENERAL, DNS_LOGMODULE_JOURNAL, ISC_LOG_ERROR, "%s: journal format not recognized", j->filename); - CHECK(ISC_R_UNEXPECTED); + CLEANUP(ISC_R_UNEXPECTED); } journal_header_decode(&rawheader, &j->header); @@ -1497,7 +1497,7 @@ dns_journal_rollforward(dns_journal_t *j, dns_db_t *db, unsigned int options) { } if (db_serial == end_serial) { - CHECK(DNS_R_UPTODATE); + CLEANUP(DNS_R_UPTODATE); } CHECK(dns_journal_iter_init(j, db_serial, end_serial, NULL)); @@ -1527,7 +1527,7 @@ dns_journal_rollforward(dns_journal_t *j, dns_db_t *db, unsigned int options) { "%s: journal file corrupt: missing " "initial SOA", j->filename); - CHECK(ISC_R_UNEXPECTED); + CLEANUP(ISC_R_UNEXPECTED); } if ((options & DNS_JOURNALOPT_RESIGN) != 0) { op = (n_soa == 1) ? DNS_DIFFOP_DELRESIGN @@ -1673,7 +1673,7 @@ dns_journal_print(isc_mem_t *mctx, uint32_t flags, const char *filename, "%s: journal file corrupt: missing " "initial SOA", j->filename); - CHECK(ISC_R_UNEXPECTED); + CLEANUP(ISC_R_UNEXPECTED); } if (print) { @@ -1859,7 +1859,7 @@ dns_journal_iter_init(dns_journal_t *j, uint32_t begin_serial, if (xhdr.serial0 != pos.serial || isc_serial_le(xhdr.serial1, xhdr.serial0)) { - CHECK(ISC_R_UNEXPECTED); + CLEANUP(ISC_R_UNEXPECTED); } size += xhdr.size; @@ -1940,7 +1940,7 @@ read_one_rr(dns_journal_t *j) { DNS_LOGMODULE_JOURNAL, ISC_LOG_ERROR, "%s: journal corrupt: empty transaction", j->filename); - CHECK(ISC_R_UNEXPECTED); + CLEANUP(ISC_R_UNEXPECTED); } if (j->header_ver1) { @@ -1957,7 +1957,7 @@ read_one_rr(dns_journal_t *j) { "expected serial %u, got %u", j->filename, j->it.current_serial, xhdr.serial0); - CHECK(ISC_R_UNEXPECTED); + CLEANUP(ISC_R_UNEXPECTED); } j->it.xsize = xhdr.size; @@ -1980,7 +1980,7 @@ read_one_rr(dns_journal_t *j) { "%s: journal corrupt: impossible RR size " "(%d bytes)", j->filename, rrhdr.size); - CHECK(ISC_R_UNEXPECTED); + CLEANUP(ISC_R_UNEXPECTED); } size_buffer(j->mctx, &j->it.source, rrhdr.size); @@ -2009,7 +2009,7 @@ read_one_rr(dns_journal_t *j) { * Check that the RR header is there, and parse it. */ if (isc_buffer_remaininglength(&j->it.source) < 10) { - CHECK(DNS_R_FORMERR); + CLEANUP(DNS_R_FORMERR); } rdtype = isc_buffer_getuint16(&j->it.source); @@ -2023,14 +2023,14 @@ read_one_rr(dns_journal_t *j) { "%s: journal corrupt: impossible rdlen " "(%u bytes)", j->filename, rdlen); - CHECK(ISC_R_FAILURE); + CLEANUP(ISC_R_FAILURE); } /* * Parse the rdata. */ if (isc_buffer_remaininglength(&j->it.source) != rdlen) { - CHECK(DNS_R_FORMERR); + CLEANUP(DNS_R_FORMERR); } isc_buffer_setactive(&j->it.source, rdlen); dns_rdata_reset(&j->it.rdata); @@ -2581,7 +2581,7 @@ dns_journal_compact(isc_mem_t *mctx, char *filename, uint32_t serial, "%s: journal file corrupt, " "transaction too large", j1->filename); - CHECK(ISC_R_FAILURE); + CLEANUP(ISC_R_FAILURE); } buf = isc_mem_get(mctx, size); result = journal_read(j1, buf, size); @@ -2616,13 +2616,13 @@ dns_journal_compact(isc_mem_t *mctx, char *filename, uint32_t serial, "%s: journal file corrupt, " "transaction too large", j1->filename); - CHECK(ISC_R_FAILURE); + CLEANUP(ISC_R_FAILURE); } buf = isc_mem_get(mctx, size); CHECK(journal_read(j1, buf, size)); if (!check_delta(buf, size)) { - CHECK(ISC_R_UNEXPECTED); + CLEANUP(ISC_R_UNEXPECTED); } } else { CHECK(result); @@ -2649,7 +2649,7 @@ dns_journal_compact(isc_mem_t *mctx, char *filename, uint32_t serial, if (xhdr.serial0 != serial || isc_serial_le(xhdr.serial1, xhdr.serial0)) { - CHECK(ISC_R_UNEXPECTED); + CLEANUP(ISC_R_UNEXPECTED); } /* @@ -2750,7 +2750,7 @@ dns_journal_compact(isc_mem_t *mctx, char *filename, uint32_t serial, (void)isc_file_remove(backup); } else { maperrno: - CHECK(ISC_R_FAILURE); + CLEANUP(ISC_R_FAILURE); } } diff --git a/lib/dns/master.c b/lib/dns/master.c index d6fe9dfe76..ca12731a0b 100644 --- a/lib/dns/master.c +++ b/lib/dns/master.c @@ -2389,7 +2389,7 @@ load_raw(dns_loadctx_t *lctx) { sizeof(uint16_t) + sizeof(uint16_t) + sizeof(uint32_t) + sizeof(uint32_t); if (totallen < minlen) { - CHECK(ISC_R_RANGE); + CLEANUP(ISC_R_RANGE); } totallen -= sizeof(totallen); @@ -2424,14 +2424,14 @@ load_raw(dns_loadctx_t *lctx) { dns_rdatalist_init(&rdatalist); rdatalist.rdclass = isc_buffer_getuint16(&target); if (lctx->zclass != rdatalist.rdclass) { - CHECK(DNS_R_BADCLASS); + CLEANUP(DNS_R_BADCLASS); } rdatalist.type = isc_buffer_getuint16(&target); rdatalist.covers = isc_buffer_getuint16(&target); rdatalist.ttl = isc_buffer_getuint32(&target); rdcount = isc_buffer_getuint32(&target); if (rdcount == 0 || rdcount > 0xffff) { - CHECK(ISC_R_RANGE); + CLEANUP(ISC_R_RANGE); } INSIST(isc_buffer_consumedlength(&target) <= readlen); @@ -2440,7 +2440,7 @@ load_raw(dns_loadctx_t *lctx) { lctx->f, &totallen)); namelen = isc_buffer_getuint16(&target); if (namelen > sizeof(namebuf)) { - CHECK(ISC_R_RANGE); + CLEANUP(ISC_R_RANGE); } CHECK(read_and_check(sequential_read, &target, namelen, lctx->f, @@ -2457,7 +2457,7 @@ load_raw(dns_loadctx_t *lctx) { "TTL %d exceeds configured " "max-zone-ttl %d", rdatalist.ttl, lctx->maxttl); - CHECK(ISC_R_RANGE); + CLEANUP(ISC_R_RANGE); } /* Rdata contents. */ @@ -2534,7 +2534,7 @@ load_raw(dns_loadctx_t *lctx) { * or malformed data. */ if (isc_buffer_remaininglength(&target) != 0 || totallen != 0) { - CHECK(ISC_R_RANGE); + CLEANUP(ISC_R_RANGE); } ISC_LIST_APPEND(head, &rdatalist, link); diff --git a/lib/dns/message.c b/lib/dns/message.c index ade0e2f48d..2d71e97df4 100644 --- a/lib/dns/message.c +++ b/lib/dns/message.c @@ -967,7 +967,7 @@ getquestions(isc_buffer_t *source, dns_message_t *msg, dns_decompress_t dctx, */ isc_buffer_remainingregion(source, &r); if (r.length < 4) { - CHECK(ISC_R_UNEXPECTEDEND); + CLEANUP(ISC_R_UNEXPECTEDEND); } rdtype = isc_buffer_getuint16(source); rdclass = isc_buffer_getuint16(source); @@ -1100,7 +1100,7 @@ getsection(isc_buffer_t *source, dns_message_t *msg, dns_decompress_t dctx, */ isc_buffer_remainingregion(source, &r); if (r.length < 2 + 2 + 4 + 2) { - CHECK(ISC_R_UNEXPECTEDEND); + CLEANUP(ISC_R_UNEXPECTEDEND); } rdtype = isc_buffer_getuint16(source); rdclass = isc_buffer_getuint16(source); @@ -1209,7 +1209,7 @@ getsection(isc_buffer_t *source, dns_message_t *msg, dns_decompress_t dctx, rdatalen = isc_buffer_getuint16(source); r.length -= (2 + 2 + 4 + 2); if (r.length < rdatalen) { - CHECK(ISC_R_UNEXPECTEDEND); + CLEANUP(ISC_R_UNEXPECTEDEND); } /* @@ -1223,7 +1223,7 @@ getsection(isc_buffer_t *source, dns_message_t *msg, dns_decompress_t dctx, update(sectionid, rdclass)) { if (rdatalen != 0) { - CHECK(DNS_R_FORMERR); + CLEANUP(DNS_R_FORMERR); } /* * When the rdata is empty, the data pointer is @@ -1290,7 +1290,7 @@ getsection(isc_buffer_t *source, dns_message_t *msg, dns_decompress_t dctx, if (rdtype == dns_rdatatype_nsec3 && !dns_rdata_checkowner(name, msg->rdclass, rdtype, false)) { - CHECK(DNS_R_BADOWNERNAME); + CLEANUP(DNS_R_BADOWNERNAME); } /* @@ -3586,7 +3586,7 @@ render_zoneversion(dns_message_t *msg, isc_buffer_t *optbuf, if (isc_buffer_availablelength(target) < 1) { - CHECK(ISC_R_NOSPACE); + CLEANUP(ISC_R_NOSPACE); } isc_buffer_putmem(target, &data[i], 1); } else { @@ -4830,7 +4830,7 @@ buildopt(dns_message_t *message, dns_rdataset_t **rdatasetp) { } if (len > 0xffffU) { - CHECK(ISC_R_NOSPACE); + CLEANUP(ISC_R_NOSPACE); } isc_buffer_allocate(message->mctx, &buf, len); diff --git a/lib/dns/openssl_link.c b/lib/dns/openssl_link.c index 28ef55df60..366e8fcb2d 100644 --- a/lib/dns/openssl_link.c +++ b/lib/dns/openssl_link.c @@ -46,12 +46,6 @@ #include "openssl_shim.h" -#define DST_RET(a) \ - { \ - result = a; \ - goto cleanup; \ - } - static isc_result_t dst__openssl_fromlabel_provider(int key_base_id, const char *label, const char *pin, EVP_PKEY **ppub, @@ -64,7 +58,7 @@ dst__openssl_fromlabel_provider(int key_base_id, const char *label, ctx = OSSL_STORE_open(label, NULL, NULL, NULL, NULL); if (!ctx) { - DST_RET(dst__openssl_toresult(DST_R_OPENSSLFAILURE)); + CLEANUP(dst__openssl_toresult(DST_R_OPENSSLFAILURE)); } while (!OSSL_STORE_eof(ctx)) { @@ -76,23 +70,23 @@ dst__openssl_fromlabel_provider(int key_base_id, const char *label, case OSSL_STORE_INFO_PKEY: if (*ppriv != NULL) { OSSL_STORE_INFO_free(info); - DST_RET(DST_R_INVALIDPRIVATEKEY); + CLEANUP(DST_R_INVALIDPRIVATEKEY); } *ppriv = OSSL_STORE_INFO_get1_PKEY(info); if (EVP_PKEY_get_base_id(*ppriv) != key_base_id) { OSSL_STORE_INFO_free(info); - DST_RET(DST_R_BADKEYTYPE); + CLEANUP(DST_R_BADKEYTYPE); } break; case OSSL_STORE_INFO_PUBKEY: if (*ppub != NULL) { OSSL_STORE_INFO_free(info); - DST_RET(DST_R_INVALIDPUBLICKEY); + CLEANUP(DST_R_INVALIDPUBLICKEY); } *ppub = OSSL_STORE_INFO_get1_PUBKEY(info); if (EVP_PKEY_get_base_id(*ppub) != key_base_id) { OSSL_STORE_INFO_free(info); - DST_RET(DST_R_BADKEYTYPE); + CLEANUP(DST_R_BADKEYTYPE); } break; } diff --git a/lib/dns/opensslecdsa_link.c b/lib/dns/opensslecdsa_link.c index 6fd0cca842..54213d5cdf 100644 --- a/lib/dns/opensslecdsa_link.c +++ b/lib/dns/opensslecdsa_link.c @@ -50,12 +50,6 @@ #define MAX_PRIVKEY_SIZE (MAX_PUBKEY_SIZE / 2) -#define DST_RET(a) \ - { \ - result = a; \ - goto cleanup; \ - } - #if OPENSSL_VERSION_NUMBER >= 0x30200000L static isc_result_t opensslecdsa_set_deterministic(EVP_PKEY_CTX *pctx, unsigned int key_alg) { @@ -184,13 +178,13 @@ opensslecdsa_create_pkey_params(unsigned int key_alg, bool private, bld = OSSL_PARAM_BLD_new(); if (bld == NULL) { - DST_RET(dst__openssl_toresult2("OSSL_PARAM_BLD_new", + CLEANUP(dst__openssl_toresult2("OSSL_PARAM_BLD_new", DST_R_OPENSSLFAILURE)); } status = OSSL_PARAM_BLD_push_utf8_string( bld, OSSL_PKEY_PARAM_GROUP_NAME, groupname, 0); if (status != 1) { - DST_RET(dst__openssl_toresult2("OSSL_PARAM_BLD_push_" + CLEANUP(dst__openssl_toresult2("OSSL_PARAM_BLD_push_" "utf8_string", DST_R_OPENSSLFAILURE)); } @@ -198,27 +192,27 @@ opensslecdsa_create_pkey_params(unsigned int key_alg, bool private, if (private) { group = EC_GROUP_new_by_curve_name(group_nid); if (group == NULL) { - DST_RET(dst__openssl_toresult2("EC_GROUP_new_by_" + CLEANUP(dst__openssl_toresult2("EC_GROUP_new_by_" "curve_name", DST_R_OPENSSLFAILURE)); } priv = BN_bin2bn(key, key_len, NULL); if (priv == NULL) { - DST_RET(dst__openssl_toresult2("BN_bin2bn", + CLEANUP(dst__openssl_toresult2("BN_bin2bn", DST_R_OPENSSLFAILURE)); } status = OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_PRIV_KEY, priv); if (status != 1) { - DST_RET(dst__openssl_toresult2("OSSL_PARAM_BLD_push_BN", + CLEANUP(dst__openssl_toresult2("OSSL_PARAM_BLD_push_BN", DST_R_OPENSSLFAILURE)); } pubkey = opensslecdsa_generate_public_key(group, priv); if (pubkey == NULL) { - DST_RET(dst__openssl_toresult(DST_R_OPENSSLFAILURE)); + CLEANUP(dst__openssl_toresult(DST_R_OPENSSLFAILURE)); } key = buf; @@ -226,7 +220,7 @@ opensslecdsa_create_pkey_params(unsigned int key_alg, bool private, POINT_CONVERSION_UNCOMPRESSED, buf, sizeof(buf), NULL); if (key_len == 0) { - DST_RET(dst__openssl_toresult2("EC_POINT_point2oct", + CLEANUP(dst__openssl_toresult2("EC_POINT_point2oct", DST_R_OPENSSLFAILURE)); } } else { @@ -240,32 +234,32 @@ opensslecdsa_create_pkey_params(unsigned int key_alg, bool private, status = OSSL_PARAM_BLD_push_octet_string(bld, OSSL_PKEY_PARAM_PUB_KEY, key, key_len); if (status != 1) { - DST_RET(dst__openssl_toresult2("OSSL_PARAM_BLD_push_" + CLEANUP(dst__openssl_toresult2("OSSL_PARAM_BLD_push_" "octet_string", DST_R_OPENSSLFAILURE)); } params = OSSL_PARAM_BLD_to_param(bld); if (params == NULL) { - DST_RET(dst__openssl_toresult2("OSSL_PARAM_BLD_to_param", + CLEANUP(dst__openssl_toresult2("OSSL_PARAM_BLD_to_param", DST_R_OPENSSLFAILURE)); } ctx = EVP_PKEY_CTX_new_from_name(NULL, "EC", NULL); if (ctx == NULL) { - DST_RET(dst__openssl_toresult2("EVP_PKEY_CTX_new_from_name", + CLEANUP(dst__openssl_toresult2("EVP_PKEY_CTX_new_from_name", DST_R_OPENSSLFAILURE)); } status = EVP_PKEY_fromdata_init(ctx); if (status != 1) { /* This will fail if the default provider is an engine. * Return ISC_R_FAILURE to retry using the legacy API. */ - DST_RET(dst__openssl_toresult(ISC_R_FAILURE)); + CLEANUP(dst__openssl_toresult(ISC_R_FAILURE)); } status = EVP_PKEY_fromdata( ctx, pkey, private ? EVP_PKEY_KEYPAIR : EVP_PKEY_PUBLIC_KEY, params); if (status != 1 || *pkey == NULL) { - DST_RET(dst__openssl_toresult2("EVP_PKEY_fromdata", + CLEANUP(dst__openssl_toresult2("EVP_PKEY_fromdata", DST_R_OPENSSLFAILURE)); } @@ -320,7 +314,7 @@ opensslecdsa_create_pkey_legacy(unsigned int key_alg, bool private, eckey = EC_KEY_new_by_curve_name(group_nid); if (eckey == NULL) { - DST_RET(dst__openssl_toresult(DST_R_OPENSSLFAILURE)); + CLEANUP(dst__openssl_toresult(DST_R_OPENSSLFAILURE)); } if (private) { @@ -328,18 +322,18 @@ opensslecdsa_create_pkey_legacy(unsigned int key_alg, bool private, privkey = BN_bin2bn(key, key_len, NULL); if (privkey == NULL) { - DST_RET(dst__openssl_toresult(DST_R_OPENSSLFAILURE)); + CLEANUP(dst__openssl_toresult(DST_R_OPENSSLFAILURE)); } if (!EC_KEY_set_private_key(eckey, privkey)) { - DST_RET(dst__openssl_toresult(DST_R_INVALIDPRIVATEKEY)); + CLEANUP(dst__openssl_toresult(DST_R_INVALIDPRIVATEKEY)); } pubkey = opensslecdsa_generate_public_key(group, privkey); if (pubkey == NULL) { - DST_RET(dst__openssl_toresult(DST_R_OPENSSLFAILURE)); + CLEANUP(dst__openssl_toresult(DST_R_OPENSSLFAILURE)); } if (EC_KEY_set_public_key(eckey, pubkey) != 1) { - DST_RET(dst__openssl_toresult(DST_R_OPENSSLFAILURE)); + CLEANUP(dst__openssl_toresult(DST_R_OPENSSLFAILURE)); } } else { const unsigned char *cp = buf; @@ -347,19 +341,19 @@ opensslecdsa_create_pkey_legacy(unsigned int key_alg, bool private, buf[0] = POINT_CONVERSION_UNCOMPRESSED; memmove(buf + 1, key, key_len); if (o2i_ECPublicKey(&eckey, &cp, key_len + 1) == NULL) { - DST_RET(dst__openssl_toresult(DST_R_INVALIDPUBLICKEY)); + CLEANUP(dst__openssl_toresult(DST_R_INVALIDPUBLICKEY)); } if (EC_KEY_check_key(eckey) != 1) { - DST_RET(dst__openssl_toresult(DST_R_INVALIDPUBLICKEY)); + CLEANUP(dst__openssl_toresult(DST_R_INVALIDPUBLICKEY)); } } pkey = EVP_PKEY_new(); if (pkey == NULL) { - DST_RET(dst__openssl_toresult(ISC_R_NOMEMORY)); + CLEANUP(dst__openssl_toresult(ISC_R_NOMEMORY)); } if (!EVP_PKEY_set1_EC_KEY(pkey, eckey)) { - DST_RET(dst__openssl_toresult(ISC_R_FAILURE)); + CLEANUP(dst__openssl_toresult(ISC_R_FAILURE)); } *retkey = pkey; @@ -455,19 +449,19 @@ opensslecdsa_generate_pkey_with_uri(int group_nid, const char *label, ctx = EVP_PKEY_CTX_new_from_name(NULL, "EC", "provider=pkcs11"); if (ctx == NULL) { - DST_RET(dst__openssl_toresult2("EVP_PKEY_CTX_new_from_name", + CLEANUP(dst__openssl_toresult2("EVP_PKEY_CTX_new_from_name", DST_R_OPENSSLFAILURE)); } status = EVP_PKEY_keygen_init(ctx); if (status != 1) { - DST_RET(dst__openssl_toresult2("EVP_PKEY_keygen_init", + CLEANUP(dst__openssl_toresult2("EVP_PKEY_keygen_init", DST_R_OPENSSLFAILURE)); } status = EVP_PKEY_CTX_set_params(ctx, params); if (status != 1) { - DST_RET(dst__openssl_toresult2("EVP_PKEY_CTX_set_params", + CLEANUP(dst__openssl_toresult2("EVP_PKEY_CTX_set_params", DST_R_OPENSSLFAILURE)); } /* @@ -478,7 +472,7 @@ opensslecdsa_generate_pkey_with_uri(int group_nid, const char *label, */ status = EVP_PKEY_CTX_set_ec_paramgen_curve_nid(ctx, group_nid); if (status != 1) { - DST_RET(dst__openssl_toresult2("EVP_PKEY_CTX_set_ec_paramgen_" + CLEANUP(dst__openssl_toresult2("EVP_PKEY_CTX_set_ec_paramgen_" "curve_nid", DST_R_OPENSSLFAILURE)); } @@ -486,7 +480,7 @@ opensslecdsa_generate_pkey_with_uri(int group_nid, const char *label, /* Generate the key. */ status = EVP_PKEY_generate(ctx, retkey); if (status != 1) { - DST_RET(dst__openssl_toresult2("EVP_PKEY_generate", + CLEANUP(dst__openssl_toresult2("EVP_PKEY_generate", DST_R_OPENSSLFAILURE)); } @@ -514,23 +508,23 @@ opensslecdsa_generate_pkey(unsigned int key_alg, const char *label, /* Generate the key's parameters. */ ctx = EVP_PKEY_CTX_new_from_name(NULL, "EC", NULL); if (ctx == NULL) { - DST_RET(dst__openssl_toresult2("EVP_PKEY_CTX_new_from_name", + CLEANUP(dst__openssl_toresult2("EVP_PKEY_CTX_new_from_name", DST_R_OPENSSLFAILURE)); } status = EVP_PKEY_paramgen_init(ctx); if (status != 1) { - DST_RET(dst__openssl_toresult2("EVP_PKEY_paramgen_init", + CLEANUP(dst__openssl_toresult2("EVP_PKEY_paramgen_init", DST_R_OPENSSLFAILURE)); } status = EVP_PKEY_CTX_set_ec_paramgen_curve_nid(ctx, group_nid); if (status != 1) { - DST_RET(dst__openssl_toresult2("EVP_PKEY_CTX_set_ec_paramgen_" + CLEANUP(dst__openssl_toresult2("EVP_PKEY_CTX_set_ec_paramgen_" "curve_nid", DST_R_OPENSSLFAILURE)); } status = EVP_PKEY_paramgen(ctx, ¶ms_pkey); if (status != 1 || params_pkey == NULL) { - DST_RET(dst__openssl_toresult2("EVP_PKEY_paramgen", + CLEANUP(dst__openssl_toresult2("EVP_PKEY_paramgen", DST_R_OPENSSLFAILURE)); } EVP_PKEY_CTX_free(ctx); @@ -538,18 +532,18 @@ opensslecdsa_generate_pkey(unsigned int key_alg, const char *label, /* Generate the key. */ ctx = EVP_PKEY_CTX_new(params_pkey, NULL); if (ctx == NULL) { - DST_RET(dst__openssl_toresult2("EVP_PKEY_CTX_new", + CLEANUP(dst__openssl_toresult2("EVP_PKEY_CTX_new", DST_R_OPENSSLFAILURE)); } status = EVP_PKEY_keygen_init(ctx); if (status != 1) { - DST_RET(dst__openssl_toresult2("EVP_PKEY_keygen_init", + CLEANUP(dst__openssl_toresult2("EVP_PKEY_keygen_init", DST_R_OPENSSLFAILURE)); } status = EVP_PKEY_keygen(ctx, retkey); if (status != 1) { - DST_RET(dst__openssl_toresult2("EVP_PKEY_keygen", + CLEANUP(dst__openssl_toresult2("EVP_PKEY_keygen", DST_R_OPENSSLFAILURE)); } result = ISC_R_SUCCESS; @@ -605,21 +599,21 @@ opensslecdsa_generate_pkey(unsigned int key_alg, const char *label, eckey = EC_KEY_new_by_curve_name(group_nid); if (eckey == NULL) { - DST_RET(dst__openssl_toresult2("EC_KEY_new_by_curve_name", + CLEANUP(dst__openssl_toresult2("EC_KEY_new_by_curve_name", DST_R_OPENSSLFAILURE)); } if (EC_KEY_generate_key(eckey) != 1) { - DST_RET(dst__openssl_toresult2("EC_KEY_generate_key", + CLEANUP(dst__openssl_toresult2("EC_KEY_generate_key", DST_R_OPENSSLFAILURE)); } pkey = EVP_PKEY_new(); if (pkey == NULL) { - DST_RET(dst__openssl_toresult(ISC_R_NOMEMORY)); + CLEANUP(dst__openssl_toresult(ISC_R_NOMEMORY)); } if (EVP_PKEY_set1_EC_KEY(pkey, eckey) != 1) { - DST_RET(dst__openssl_toresult2("EVP_PKEY_set1_EC_KEY", + CLEANUP(dst__openssl_toresult2("EVP_PKEY_set1_EC_KEY", DST_R_OPENSSLFAILURE)); } *retkey = pkey; @@ -687,7 +681,7 @@ opensslecdsa_createctx(dst_key_t *key, dst_context_t *dctx) { evp_md_ctx = EVP_MD_CTX_create(); if (evp_md_ctx == NULL) { - DST_RET(dst__openssl_toresult(ISC_R_NOMEMORY)); + CLEANUP(dst__openssl_toresult(ISC_R_NOMEMORY)); } if (dctx->key->key_alg == DST_ALG_ECDSA256) { type = isc__crypto_sha256; @@ -700,7 +694,7 @@ opensslecdsa_createctx(dst_key_t *key, dst_context_t *dctx) { dctx->key->keydata.pkeypair.priv) != 1) { EVP_MD_CTX_destroy(evp_md_ctx); - DST_RET(dst__openssl_toresult3(dctx->category, + CLEANUP(dst__openssl_toresult3(dctx->category, "EVP_DigestSignInit", ISC_R_FAILURE)); } @@ -717,7 +711,7 @@ opensslecdsa_createctx(dst_key_t *key, dst_context_t *dctx) { dctx->key->keydata.pkeypair.pub) != 1) { EVP_MD_CTX_destroy(evp_md_ctx); - DST_RET(dst__openssl_toresult3(dctx->category, + CLEANUP(dst__openssl_toresult3(dctx->category, "EVP_DigestVerifyInit", ISC_R_FAILURE)); } @@ -754,7 +748,7 @@ opensslecdsa_adddata(dst_context_t *dctx, const isc_region_t *data) { if (EVP_DigestSignUpdate(evp_md_ctx, data->base, data->length) != 1) { - DST_RET(dst__openssl_toresult3(dctx->category, + CLEANUP(dst__openssl_toresult3(dctx->category, "EVP_DigestSignUpdate", ISC_R_FAILURE)); } @@ -762,7 +756,7 @@ opensslecdsa_adddata(dst_context_t *dctx, const isc_region_t *data) { if (EVP_DigestVerifyUpdate(evp_md_ctx, data->base, data->length) != 1) { - DST_RET(dst__openssl_toresult3(dctx->category, + CLEANUP(dst__openssl_toresult3(dctx->category, "EVP_DigestVerifyUpdate", ISC_R_FAILURE)); } @@ -795,25 +789,25 @@ opensslecdsa_sign(dst_context_t *dctx, isc_buffer_t *sig) { isc_buffer_availableregion(sig, ®ion); if (region.length < siglen) { - DST_RET(ISC_R_NOSPACE); + CLEANUP(ISC_R_NOSPACE); } if (EVP_DigestSignFinal(evp_md_ctx, NULL, &sigder_len) != 1) { - DST_RET(dst__openssl_toresult3( + CLEANUP(dst__openssl_toresult3( dctx->category, "EVP_DigestSignFinal", ISC_R_FAILURE)); } if (sigder_len == 0) { - DST_RET(ISC_R_FAILURE); + CLEANUP(ISC_R_FAILURE); } sigder = isc_mem_get(dctx->mctx, sigder_len); sigder_alloced = sigder_len; if (EVP_DigestSignFinal(evp_md_ctx, sigder, &sigder_len) != 1) { - DST_RET(dst__openssl_toresult3( + CLEANUP(dst__openssl_toresult3( dctx->category, "EVP_DigestSignFinal", ISC_R_FAILURE)); } sigder_copy = sigder; if (d2i_ECDSA_SIG(&ecdsasig, &sigder_copy, sigder_len) == NULL) { - DST_RET(dst__openssl_toresult3(dctx->category, "d2i_ECDSA_SIG", + CLEANUP(dst__openssl_toresult3(dctx->category, "d2i_ECDSA_SIG", ISC_R_FAILURE)); } @@ -857,12 +851,12 @@ opensslecdsa_verify(dst_context_t *dctx, const isc_region_t *sig) { } if (sig->length != siglen) { - DST_RET(DST_R_VERIFYFAILURE); + CLEANUP(DST_R_VERIFYFAILURE); } ecdsasig = ECDSA_SIG_new(); if (ecdsasig == NULL) { - DST_RET(dst__openssl_toresult(ISC_R_NOMEMORY)); + CLEANUP(dst__openssl_toresult(ISC_R_NOMEMORY)); } r = BN_bin2bn(cp, siglen / 2, NULL); cp += siglen / 2; @@ -872,7 +866,7 @@ opensslecdsa_verify(dst_context_t *dctx, const isc_region_t *sig) { status = i2d_ECDSA_SIG(ecdsasig, NULL); if (status < 0) { - DST_RET(dst__openssl_toresult3(dctx->category, "i2d_ECDSA_SIG", + CLEANUP(dst__openssl_toresult3(dctx->category, "i2d_ECDSA_SIG", DST_R_VERIFYFAILURE)); } @@ -883,7 +877,7 @@ opensslecdsa_verify(dst_context_t *dctx, const isc_region_t *sig) { sigder_copy = sigder; status = i2d_ECDSA_SIG(ecdsasig, &sigder_copy); if (status < 0) { - DST_RET(dst__openssl_toresult3(dctx->category, "i2d_ECDSA_SIG", + CLEANUP(dst__openssl_toresult3(dctx->category, "i2d_ECDSA_SIG", DST_R_VERIFYFAILURE)); } @@ -942,10 +936,10 @@ opensslecdsa_todns(const dst_key_t *key, isc_buffer_t *data) { keysize = opensslecdsa_key_alg_to_publickey_size(key->key_alg); isc_buffer_availableregion(data, &r); if (r.length < keysize) { - DST_RET(ISC_R_NOSPACE); + CLEANUP(ISC_R_NOSPACE); } if (!opensslecdsa_extract_public_key(key, r.base, keysize)) { - DST_RET(dst__openssl_toresult(DST_R_OPENSSLFAILURE)); + CLEANUP(dst__openssl_toresult(DST_R_OPENSSLFAILURE)); } isc_buffer_add(data, keysize); @@ -967,10 +961,10 @@ opensslecdsa_fromdns(dst_key_t *key, isc_buffer_t *data) { isc_buffer_remainingregion(data, &r); if (r.length == 0) { - DST_RET(ISC_R_SUCCESS); + CLEANUP(ISC_R_SUCCESS); } if (r.length != len) { - DST_RET(DST_R_INVALIDPUBLICKEY); + CLEANUP(DST_R_INVALIDPUBLICKEY); } CHECK(opensslecdsa_create_pkey(key->key_alg, false, r.base, len, @@ -994,16 +988,16 @@ opensslecdsa_tofile(const dst_key_t *key, const char *directory) { unsigned short i; if (key->keydata.pkeypair.pub == NULL) { - DST_RET(DST_R_NULLKEY); + CLEANUP(DST_R_NULLKEY); } if (key->external) { priv.nelements = 0; - DST_RET(dst__privstruct_writefile(key, &priv, directory)); + CLEANUP(dst__privstruct_writefile(key, &priv, directory)); } if (key->keydata.pkeypair.priv == NULL) { - DST_RET(DST_R_NULLKEY); + CLEANUP(DST_R_NULLKEY); } keylen = opensslecdsa_key_alg_to_publickey_size(key->key_alg) / 2; @@ -1052,13 +1046,13 @@ opensslecdsa_parse(dst_key_t *key, isc_lex_t *lexer, dst_key_t *pub) { if (key->external) { if (priv.nelements != 0 || pub == NULL) { - DST_RET(dst__openssl_toresult(DST_R_INVALIDPRIVATEKEY)); + CLEANUP(dst__openssl_toresult(DST_R_INVALIDPRIVATEKEY)); } key->keydata.pkeypair.priv = pub->keydata.pkeypair.priv; key->keydata.pkeypair.pub = pub->keydata.pkeypair.pub; pub->keydata.pkeypair.priv = NULL; pub->keydata.pkeypair.pub = NULL; - DST_RET(ISC_R_SUCCESS); + CLEANUP(ISC_R_SUCCESS); } for (i = 0; i < priv.nelements; i++) { @@ -1083,13 +1077,13 @@ opensslecdsa_parse(dst_key_t *key, isc_lex_t *lexer, dst_key_t *pub) { if (pub != NULL && EVP_PKEY_eq(key->keydata.pkeypair.pub, pub->keydata.pkeypair.pub) != 1) { - DST_RET(DST_R_INVALIDPRIVATEKEY); + CLEANUP(DST_R_INVALIDPRIVATEKEY); } - DST_RET(ISC_R_SUCCESS); + CLEANUP(ISC_R_SUCCESS); } if (privkey_index < 0) { - DST_RET(dst__openssl_toresult(DST_R_INVALIDPRIVATEKEY)); + CLEANUP(dst__openssl_toresult(DST_R_INVALIDPRIVATEKEY)); } CHECK(opensslecdsa_create_pkey( @@ -1098,7 +1092,7 @@ opensslecdsa_parse(dst_key_t *key, isc_lex_t *lexer, dst_key_t *pub) { /* Check that the public component matches if given */ if (pub != NULL && EVP_PKEY_eq(pkey, pub->keydata.pkeypair.pub) != 1) { - DST_RET(DST_R_INVALIDPRIVATEKEY); + CLEANUP(DST_R_INVALIDPRIVATEKEY); } key->key_size = EVP_PKEY_bits(pkey); diff --git a/lib/dns/openssleddsa_link.c b/lib/dns/openssleddsa_link.c index b51e40a058..7ef6e495c5 100644 --- a/lib/dns/openssleddsa_link.c +++ b/lib/dns/openssleddsa_link.c @@ -33,12 +33,6 @@ #include "dst_parse.h" #include "openssl_shim.h" -#define DST_RET(a) \ - { \ - result = a; \ - goto cleanup; \ - } - #ifndef NID_ED25519 #error "Ed25519 group is not known (NID_ED25519)" #endif /* ifndef NID_ED25519 */ @@ -184,19 +178,19 @@ openssleddsa_sign(dst_context_t *dctx, isc_buffer_t *sig) { siglen = alginfo->sig_size; isc_buffer_availableregion(sig, &sigreg); if (sigreg.length < (unsigned int)siglen) { - DST_RET(ISC_R_NOSPACE); + CLEANUP(ISC_R_NOSPACE); } isc_buffer_usedregion(buf, &tbsreg); if (EVP_DigestSignInit(ctx, NULL, NULL, NULL, pkey) != 1) { - DST_RET(dst__openssl_toresult3( + CLEANUP(dst__openssl_toresult3( dctx->category, "EVP_DigestSignInit", ISC_R_FAILURE)); } if (EVP_DigestSign(ctx, sigreg.base, &siglen, tbsreg.base, tbsreg.length) != 1) { - DST_RET(dst__openssl_toresult3(dctx->category, "EVP_DigestSign", + CLEANUP(dst__openssl_toresult3(dctx->category, "EVP_DigestSign", DST_R_SIGNFAILURE)); } isc_buffer_add(sig, (unsigned int)siglen); @@ -228,13 +222,13 @@ openssleddsa_verify(dst_context_t *dctx, const isc_region_t *sig) { } if (sig->length != alginfo->sig_size) { - DST_RET(DST_R_VERIFYFAILURE); + CLEANUP(DST_R_VERIFYFAILURE); } isc_buffer_usedregion(buf, &tbsreg); if (EVP_DigestVerifyInit(ctx, NULL, NULL, NULL, pkey) != 1) { - DST_RET(dst__openssl_toresult3( + CLEANUP(dst__openssl_toresult3( dctx->category, "EVP_DigestVerifyInit", ISC_R_FAILURE)); } @@ -283,13 +277,13 @@ openssleddsa_generate(dst_key_t *key, int unused, void (*callback)(int)) { status = EVP_PKEY_keygen_init(ctx); if (status != 1) { - DST_RET(dst__openssl_toresult2("EVP_PKEY_keygen_init", + CLEANUP(dst__openssl_toresult2("EVP_PKEY_keygen_init", DST_R_OPENSSLFAILURE)); } status = EVP_PKEY_keygen(ctx, &pkey); if (status != 1) { - DST_RET(dst__openssl_toresult2("EVP_PKEY_keygen", + CLEANUP(dst__openssl_toresult2("EVP_PKEY_keygen", DST_R_OPENSSLFAILURE)); } @@ -378,7 +372,7 @@ openssleddsa_tofile(const dst_key_t *key, const char *directory) { if (EVP_PKEY_get_raw_private_key(key->keydata.pkeypair.priv, buf, &len) != 1) { - DST_RET(dst__openssl_toresult(ISC_R_FAILURE)); + CLEANUP(dst__openssl_toresult(ISC_R_FAILURE)); } priv.elements[i].tag = TAG_EDDSA_PRIVATEKEY; priv.elements[i].length = len; @@ -421,16 +415,16 @@ openssleddsa_parse(dst_key_t *key, isc_lex_t *lexer, dst_key_t *pub) { if (key->external) { if (priv.nelements != 0) { - DST_RET(DST_R_INVALIDPRIVATEKEY); + CLEANUP(DST_R_INVALIDPRIVATEKEY); } if (pub == NULL) { - DST_RET(DST_R_INVALIDPRIVATEKEY); + CLEANUP(DST_R_INVALIDPRIVATEKEY); } key->keydata.pkeypair.priv = pub->keydata.pkeypair.priv; key->keydata.pkeypair.pub = pub->keydata.pkeypair.pub; pub->keydata.pkeypair.priv = NULL; pub->keydata.pkeypair.pub = NULL; - DST_RET(ISC_R_SUCCESS); + CLEANUP(ISC_R_SUCCESS); } for (i = 0; i < priv.nelements; i++) { @@ -455,13 +449,13 @@ openssleddsa_parse(dst_key_t *key, isc_lex_t *lexer, dst_key_t *pub) { if (pub != NULL && EVP_PKEY_eq(key->keydata.pkeypair.pub, pub->keydata.pkeypair.pub) != 1) { - DST_RET(DST_R_INVALIDPRIVATEKEY); + CLEANUP(DST_R_INVALIDPRIVATEKEY); } - DST_RET(ISC_R_SUCCESS); + CLEANUP(ISC_R_SUCCESS); } if (privkey_index < 0) { - DST_RET(DST_R_INVALIDPRIVATEKEY); + CLEANUP(DST_R_INVALIDPRIVATEKEY); } len = priv.elements[privkey_index].length; @@ -469,7 +463,7 @@ openssleddsa_parse(dst_key_t *key, isc_lex_t *lexer, dst_key_t *pub) { &len, &pkey)); /* Check that the public component matches if given */ if (pub != NULL && EVP_PKEY_eq(pkey, pub->keydata.pkeypair.pub) != 1) { - DST_RET(DST_R_INVALIDPRIVATEKEY); + CLEANUP(DST_R_INVALIDPRIVATEKEY); } key->keydata.pkeypair.priv = pkey; @@ -567,7 +561,7 @@ check_algorithm(unsigned char algorithm) { size_t key_len, sig_len; if (evp_md_ctx == NULL) { - DST_RET(ISC_R_NOMEMORY); + CLEANUP(ISC_R_NOMEMORY); } switch (algorithm) { @@ -588,7 +582,7 @@ check_algorithm(unsigned char algorithm) { alginfo = openssleddsa_alg_info(algorithm); break; default: - DST_RET(ISC_R_NOTIMPLEMENTED); + CLEANUP(ISC_R_NOTIMPLEMENTED); } INSIST(alginfo != NULL); @@ -601,7 +595,7 @@ check_algorithm(unsigned char algorithm) { EVP_DigestVerify(evp_md_ctx, sig, sig_len, test, sizeof(test) - 1) != 1) { - DST_RET(ISC_R_NOTIMPLEMENTED); + CLEANUP(ISC_R_NOTIMPLEMENTED); } cleanup: diff --git a/lib/dns/opensslrsa_link.c b/lib/dns/opensslrsa_link.c index 57c82baa1e..465e1f663d 100644 --- a/lib/dns/opensslrsa_link.c +++ b/lib/dns/opensslrsa_link.c @@ -37,12 +37,6 @@ #include "dst_parse.h" #include "openssl_shim.h" -#define DST_RET(a) \ - { \ - result = a; \ - goto cleanup; \ - } - #define OPENSSLRSA_MAX_MODULUS_BITS 4096 typedef struct rsa_components { @@ -435,23 +429,23 @@ opensslrsa_generate_pkey(unsigned int key_size, const char *label, BIGNUM *e, rsa = RSA_new(); pkey = EVP_PKEY_new(); if (rsa == NULL || pkey == NULL) { - DST_RET(dst__openssl_toresult(DST_R_OPENSSLFAILURE)); + CLEANUP(dst__openssl_toresult(DST_R_OPENSSLFAILURE)); } if (EVP_PKEY_set1_RSA(pkey, rsa) != 1) { - DST_RET(dst__openssl_toresult(DST_R_OPENSSLFAILURE)); + CLEANUP(dst__openssl_toresult(DST_R_OPENSSLFAILURE)); } if (callback != NULL) { cb = BN_GENCB_new(); if (cb == NULL) { - DST_RET(dst__openssl_toresult(ISC_R_NOMEMORY)); + CLEANUP(dst__openssl_toresult(ISC_R_NOMEMORY)); } BN_GENCB_set(cb, progress_cb, (void *)callback); } if (RSA_generate_key_ex(rsa, key_size, e, cb) != 1) { - DST_RET(dst__openssl_toresult2("RSA_generate_key_ex", + CLEANUP(dst__openssl_toresult2("RSA_generate_key_ex", DST_R_OPENSSLFAILURE)); } *retkey = pkey; @@ -476,20 +470,20 @@ opensslrsa_build_pkey(bool private, rsa_components_t *c, EVP_PKEY **retpkey) { if (c->n == NULL || c->e == NULL) { if (private) { - DST_RET(DST_R_INVALIDPRIVATEKEY); + CLEANUP(DST_R_INVALIDPRIVATEKEY); } - DST_RET(DST_R_INVALIDPUBLICKEY); + CLEANUP(DST_R_INVALIDPUBLICKEY); } if (rsa == NULL) { - DST_RET(dst__openssl_toresult2("RSA_new", + CLEANUP(dst__openssl_toresult2("RSA_new", DST_R_OPENSSLFAILURE)); } if (RSA_set0_key(rsa, (BIGNUM *)c->n, (BIGNUM *)c->e, (BIGNUM *)c->d) != 1) { - DST_RET(dst__openssl_toresult2("RSA_set0_key", + CLEANUP(dst__openssl_toresult2("RSA_set0_key", DST_R_OPENSSLFAILURE)); } c->n = NULL; @@ -499,7 +493,7 @@ opensslrsa_build_pkey(bool private, rsa_components_t *c, EVP_PKEY **retpkey) { if (c->p != NULL || c->q != NULL) { if (RSA_set0_factors(rsa, (BIGNUM *)c->p, (BIGNUM *)c->q) != 1) { - DST_RET(dst__openssl_toresult2("RSA_set0_factors", + CLEANUP(dst__openssl_toresult2("RSA_set0_factors", DST_R_OPENSSLFAILURE)); } c->p = NULL; @@ -511,7 +505,7 @@ opensslrsa_build_pkey(bool private, rsa_components_t *c, EVP_PKEY **retpkey) { (BIGNUM *)c->dmq1, (BIGNUM *)c->iqmp) == 0) { - DST_RET(dst__openssl_toresult2("RSA_set0_crt_params", + CLEANUP(dst__openssl_toresult2("RSA_set0_crt_params", DST_R_OPENSSLFAILURE)); } c->dmp1 = NULL; @@ -521,12 +515,12 @@ opensslrsa_build_pkey(bool private, rsa_components_t *c, EVP_PKEY **retpkey) { pkey = EVP_PKEY_new(); if (pkey == NULL) { - DST_RET(dst__openssl_toresult2("EVP_PKEY_new", + CLEANUP(dst__openssl_toresult2("EVP_PKEY_new", DST_R_OPENSSLFAILURE)); } status = EVP_PKEY_set1_RSA(pkey, rsa); if (status != 1) { - DST_RET(dst__openssl_toresult2("EVP_PKEY_set1_RSA", + CLEANUP(dst__openssl_toresult2("EVP_PKEY_set1_RSA", DST_R_OPENSSLFAILURE)); } @@ -570,25 +564,25 @@ opensslrsa_generate_pkey_with_uri(size_t key_size, const char *label, ctx = EVP_PKEY_CTX_new_from_name(NULL, "RSA", "provider=pkcs11"); if (ctx == NULL) { - DST_RET(dst__openssl_toresult2("EVP_PKEY_CTX_new_from_name", + CLEANUP(dst__openssl_toresult2("EVP_PKEY_CTX_new_from_name", DST_R_OPENSSLFAILURE)); } status = EVP_PKEY_keygen_init(ctx); if (status != 1) { - DST_RET(dst__openssl_toresult2("EVP_PKEY_keygen_init", + CLEANUP(dst__openssl_toresult2("EVP_PKEY_keygen_init", DST_R_OPENSSLFAILURE)); } status = EVP_PKEY_CTX_set_params(ctx, params); if (status != 1) { - DST_RET(dst__openssl_toresult2("EVP_PKEY_CTX_set_params", + CLEANUP(dst__openssl_toresult2("EVP_PKEY_CTX_set_params", DST_R_OPENSSLFAILURE)); } status = EVP_PKEY_generate(ctx, retkey); if (status != 1) { - DST_RET(dst__openssl_toresult2("EVP_PKEY_generate", + CLEANUP(dst__openssl_toresult2("EVP_PKEY_generate", DST_R_OPENSSLFAILURE)); } @@ -611,19 +605,19 @@ opensslrsa_generate_pkey(unsigned int key_size, const char *label, BIGNUM *e, ctx = EVP_PKEY_CTX_new_from_name(NULL, "RSA", NULL); if (ctx == NULL) { - DST_RET(dst__openssl_toresult(DST_R_OPENSSLFAILURE)); + CLEANUP(dst__openssl_toresult(DST_R_OPENSSLFAILURE)); } if (EVP_PKEY_keygen_init(ctx) != 1) { - DST_RET(dst__openssl_toresult(DST_R_OPENSSLFAILURE)); + CLEANUP(dst__openssl_toresult(DST_R_OPENSSLFAILURE)); } if (EVP_PKEY_CTX_set_rsa_keygen_bits(ctx, (int)key_size) != 1) { - DST_RET(dst__openssl_toresult(DST_R_OPENSSLFAILURE)); + CLEANUP(dst__openssl_toresult(DST_R_OPENSSLFAILURE)); } if (EVP_PKEY_CTX_set1_rsa_keygen_pubexp(ctx, e) != 1) { - DST_RET(dst__openssl_toresult(DST_R_OPENSSLFAILURE)); + CLEANUP(dst__openssl_toresult(DST_R_OPENSSLFAILURE)); } if (callback != NULL) { @@ -632,7 +626,7 @@ opensslrsa_generate_pkey(unsigned int key_size, const char *label, BIGNUM *e, } if (EVP_PKEY_keygen(ctx, retkey) != 1) { - DST_RET(dst__openssl_toresult2("EVP_PKEY_keygen", + CLEANUP(dst__openssl_toresult2("EVP_PKEY_keygen", DST_R_OPENSSLFAILURE)); } result = ISC_R_SUCCESS; @@ -651,69 +645,69 @@ opensslrsa_build_pkey(bool private, rsa_components_t *c, EVP_PKEY **retpkey) { bld = OSSL_PARAM_BLD_new(); if (bld == NULL) { - DST_RET(dst__openssl_toresult2("OSSL_PARAM_BLD_new", + CLEANUP(dst__openssl_toresult2("OSSL_PARAM_BLD_new", DST_R_OPENSSLFAILURE)); } if (OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_RSA_N, c->n) != 1 || OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_RSA_E, c->e) != 1) { - DST_RET(dst__openssl_toresult2("OSSL_PARAM_BLD_push_BN", + CLEANUP(dst__openssl_toresult2("OSSL_PARAM_BLD_push_BN", DST_R_OPENSSLFAILURE)); } if (c->d != NULL && OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_RSA_D, c->d) != 1) { - DST_RET(dst__openssl_toresult2("OSSL_PARAM_BLD_push_BN", + CLEANUP(dst__openssl_toresult2("OSSL_PARAM_BLD_push_BN", DST_R_OPENSSLFAILURE)); } if (c->p != NULL && OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_RSA_FACTOR1, c->p) != 1) { - DST_RET(dst__openssl_toresult2("OSSL_PARAM_BLD_push_BN", + CLEANUP(dst__openssl_toresult2("OSSL_PARAM_BLD_push_BN", DST_R_OPENSSLFAILURE)); } if (c->q != NULL && OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_RSA_FACTOR2, c->q) != 1) { - DST_RET(dst__openssl_toresult2("OSSL_PARAM_BLD_push_BN", + CLEANUP(dst__openssl_toresult2("OSSL_PARAM_BLD_push_BN", DST_R_OPENSSLFAILURE)); } if (c->dmp1 != NULL && OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_RSA_EXPONENT1, c->dmp1) != 1) { - DST_RET(dst__openssl_toresult2("OSSL_PARAM_BLD_push_BN", + CLEANUP(dst__openssl_toresult2("OSSL_PARAM_BLD_push_BN", DST_R_OPENSSLFAILURE)); } if (c->dmq1 != NULL && OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_RSA_EXPONENT2, c->dmq1) != 1) { - DST_RET(dst__openssl_toresult2("OSSL_PARAM_BLD_push_BN", + CLEANUP(dst__openssl_toresult2("OSSL_PARAM_BLD_push_BN", DST_R_OPENSSLFAILURE)); } if (c->iqmp != NULL && OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_RSA_COEFFICIENT1, c->iqmp) != 1) { - DST_RET(dst__openssl_toresult2("OSSL_PARAM_BLD_push_BN", + CLEANUP(dst__openssl_toresult2("OSSL_PARAM_BLD_push_BN", DST_R_OPENSSLFAILURE)); } params = OSSL_PARAM_BLD_to_param(bld); if (params == NULL) { - DST_RET(dst__openssl_toresult2("OSSL_PARAM_BLD_to_param", + CLEANUP(dst__openssl_toresult2("OSSL_PARAM_BLD_to_param", DST_R_OPENSSLFAILURE)); } ctx = EVP_PKEY_CTX_new_from_name(NULL, "RSA", NULL); if (ctx == NULL) { - DST_RET(dst__openssl_toresult2("EVP_PKEY_CTX_new_from_name", + CLEANUP(dst__openssl_toresult2("EVP_PKEY_CTX_new_from_name", DST_R_OPENSSLFAILURE)); } status = EVP_PKEY_fromdata_init(ctx); if (status != 1) { - DST_RET(dst__openssl_toresult2("EVP_PKEY_fromdata_init", + CLEANUP(dst__openssl_toresult2("EVP_PKEY_fromdata_init", DST_R_OPENSSLFAILURE)); } @@ -721,7 +715,7 @@ opensslrsa_build_pkey(bool private, rsa_components_t *c, EVP_PKEY **retpkey) { ctx, retpkey, private ? EVP_PKEY_KEYPAIR : EVP_PKEY_PUBLIC_KEY, params); if (status != 1) { - DST_RET(dst__openssl_toresult2("EVP_PKEY_fromdata", + CLEANUP(dst__openssl_toresult2("EVP_PKEY_fromdata", DST_R_OPENSSLFAILURE)); } result = ISC_R_SUCCESS; @@ -743,7 +737,7 @@ opensslrsa_generate(dst_key_t *key, int unused, void (*callback)(int)) { UNUSED(unused); if (e == NULL) { - DST_RET(dst__openssl_toresult(DST_R_OPENSSLFAILURE)); + CLEANUP(dst__openssl_toresult(DST_R_OPENSSLFAILURE)); } /* @@ -754,21 +748,21 @@ opensslrsa_generate(dst_key_t *key, int unused, void (*callback)(int)) { case DST_ALG_NSEC3RSASHA1: /* From RFC 3110 */ if (key->key_size > 4096) { - DST_RET(DST_R_INVALIDPARAM); + CLEANUP(DST_R_INVALIDPARAM); } break; case DST_ALG_RSASHA256: case DST_ALG_RSASHA256PRIVATEOID: /* From RFC 5702 */ if (key->key_size < 512 || key->key_size > 4096) { - DST_RET(DST_R_INVALIDPARAM); + CLEANUP(DST_R_INVALIDPARAM); } break; case DST_ALG_RSASHA512: case DST_ALG_RSASHA512PRIVATEOID: /* From RFC 5702 */ if (key->key_size < 1024 || key->key_size > 4096) { - DST_RET(DST_R_INVALIDPARAM); + CLEANUP(DST_R_INVALIDPARAM); } break; default: @@ -811,14 +805,14 @@ opensslrsa_todns(const dst_key_t *key, isc_buffer_t *data) { switch (key->key_alg) { case DST_ALG_RSASHA256PRIVATEOID: if (r.length < sizeof(oid_rsasha256)) { - DST_RET(ISC_R_NOSPACE); + CLEANUP(ISC_R_NOSPACE); } isc_buffer_putmem(data, oid_rsasha256, sizeof(oid_rsasha256)); isc_region_consume(&r, sizeof(oid_rsasha256)); break; case DST_ALG_RSASHA512PRIVATEOID: if (r.length < sizeof(oid_rsasha512)) { - DST_RET(ISC_R_NOSPACE); + CLEANUP(ISC_R_NOSPACE); } isc_buffer_putmem(data, oid_rsasha512, sizeof(oid_rsasha512)); isc_region_consume(&r, sizeof(oid_rsasha512)); @@ -832,13 +826,13 @@ opensslrsa_todns(const dst_key_t *key, isc_buffer_t *data) { if (e_bytes < 256) { /*%< key exponent is <= 2040 bits */ if (r.length < 1) { - DST_RET(ISC_R_NOSPACE); + CLEANUP(ISC_R_NOSPACE); } isc_buffer_putuint8(data, (uint8_t)e_bytes); isc_region_consume(&r, 1); } else { if (r.length < 3) { - DST_RET(ISC_R_NOSPACE); + CLEANUP(ISC_R_NOSPACE); } isc_buffer_putuint8(data, 0); isc_buffer_putuint16(data, (uint16_t)e_bytes); @@ -846,7 +840,7 @@ opensslrsa_todns(const dst_key_t *key, isc_buffer_t *data) { } if (r.length < e_bytes + mod_bytes) { - DST_RET(ISC_R_NOSPACE); + CLEANUP(ISC_R_NOSPACE); } BN_bn2bin(c.e, r.base); @@ -874,7 +868,7 @@ opensslrsa_fromdns(dst_key_t *key, isc_buffer_t *data) { isc_buffer_remainingregion(data, &r); if (r.length == 0) { - DST_RET(ISC_R_SUCCESS); + CLEANUP(ISC_R_SUCCESS); } /* @@ -885,7 +879,7 @@ opensslrsa_fromdns(dst_key_t *key, isc_buffer_t *data) { if (r.length < sizeof(oid_rsasha256) || memcmp(r.base, oid_rsasha256, sizeof(oid_rsasha256)) != 0) { - DST_RET(DST_R_INVALIDPUBLICKEY); + CLEANUP(DST_R_INVALIDPUBLICKEY); } isc_region_consume(&r, sizeof(oid_rsasha256)); isc_buffer_forward(data, sizeof(oid_rsasha256)); @@ -894,7 +888,7 @@ opensslrsa_fromdns(dst_key_t *key, isc_buffer_t *data) { if (r.length < sizeof(oid_rsasha512) || memcmp(r.base, oid_rsasha512, sizeof(oid_rsasha512)) != 0) { - DST_RET(DST_R_INVALIDPUBLICKEY); + CLEANUP(DST_R_INVALIDPUBLICKEY); } isc_region_consume(&r, sizeof(oid_rsasha512)); isc_buffer_forward(data, sizeof(oid_rsasha512)); @@ -903,7 +897,7 @@ opensslrsa_fromdns(dst_key_t *key, isc_buffer_t *data) { length = r.length; if (r.length < 1) { - DST_RET(DST_R_INVALIDPUBLICKEY); + CLEANUP(DST_R_INVALIDPUBLICKEY); } e_bytes = *r.base; @@ -911,7 +905,7 @@ opensslrsa_fromdns(dst_key_t *key, isc_buffer_t *data) { if (e_bytes == 0) { if (r.length < 2) { - DST_RET(DST_R_INVALIDPUBLICKEY); + CLEANUP(DST_R_INVALIDPUBLICKEY); } e_bytes = (*r.base) << 8; isc_region_consume(&r, 1); @@ -920,13 +914,13 @@ opensslrsa_fromdns(dst_key_t *key, isc_buffer_t *data) { } if (r.length < e_bytes) { - DST_RET(DST_R_INVALIDPUBLICKEY); + CLEANUP(DST_R_INVALIDPUBLICKEY); } c.e = BN_bin2bn(r.base, e_bytes, NULL); isc_region_consume(&r, e_bytes); c.n = BN_bin2bn(r.base, r.length, NULL); if (c.e == NULL || c.n == NULL) { - DST_RET(ISC_R_NOMEMORY); + CLEANUP(ISC_R_NOMEMORY); } isc_buffer_forward(data, length); @@ -1072,14 +1066,14 @@ opensslrsa_parse(dst_key_t *key, isc_lex_t *lexer, dst_key_t *pub) { if (key->external) { if (priv.nelements != 0 || pub == NULL) { - DST_RET(DST_R_INVALIDPRIVATEKEY); + CLEANUP(DST_R_INVALIDPRIVATEKEY); } key->keydata.pkeypair.pub = pub->keydata.pkeypair.pub; key->keydata.pkeypair.priv = pub->keydata.pkeypair.priv; pub->keydata.pkeypair.pub = NULL; pub->keydata.pkeypair.priv = NULL; key->key_size = pub->key_size; - DST_RET(ISC_R_SUCCESS); + CLEANUP(ISC_R_SUCCESS); } for (i = 0; i < priv.nelements; i++) { @@ -1105,9 +1099,9 @@ opensslrsa_parse(dst_key_t *key, isc_lex_t *lexer, dst_key_t *pub) { if (pub != NULL && EVP_PKEY_eq(key->keydata.pkeypair.pub, pub->keydata.pkeypair.pub) != 1) { - DST_RET(DST_R_INVALIDPRIVATEKEY); + CLEANUP(DST_R_INVALIDPRIVATEKEY); } - DST_RET(ISC_R_SUCCESS); + CLEANUP(ISC_R_SUCCESS); } for (i = 0; i < priv.nelements; i++) { @@ -1121,7 +1115,7 @@ opensslrsa_parse(dst_key_t *key, isc_lex_t *lexer, dst_key_t *pub) { bn = BN_bin2bn(priv.elements[i].data, priv.elements[i].length, NULL); if (bn == NULL) { - DST_RET(ISC_R_NOMEMORY); + CLEANUP(ISC_R_NOMEMORY); } switch (priv.elements[i].tag) { case TAG_RSA_MODULUS: @@ -1156,10 +1150,10 @@ opensslrsa_parse(dst_key_t *key, isc_lex_t *lexer, dst_key_t *pub) { /* Basic sanity check for public key portion */ if (c.n == NULL || c.e == NULL) { - DST_RET(DST_R_INVALIDPRIVATEKEY); + CLEANUP(DST_R_INVALIDPRIVATEKEY); } if (BN_num_bits(c.e) > RSA_MAX_PUBEXP_BITS) { - DST_RET(ISC_R_RANGE); + CLEANUP(ISC_R_RANGE); } key->key_size = BN_num_bits(c.n); @@ -1167,7 +1161,7 @@ opensslrsa_parse(dst_key_t *key, isc_lex_t *lexer, dst_key_t *pub) { /* Check that the public component matches if given */ if (pub != NULL && EVP_PKEY_eq(pkey, pub->keydata.pkeypair.pub) != 1) { - DST_RET(DST_R_INVALIDPRIVATEKEY); + CLEANUP(DST_R_INVALIDPRIVATEKEY); } key->keydata.pkeypair.pub = pkey; @@ -1196,7 +1190,7 @@ opensslrsa_fromlabel(dst_key_t *key, const char *label, const char *pin) { &privpkey)); if (!opensslrsa_check_exponent_bits(pubpkey, RSA_MAX_PUBEXP_BITS)) { - DST_RET(ISC_R_RANGE); + CLEANUP(ISC_R_RANGE); } key->label = isc_mem_strdup(key->mctx, label); @@ -1335,7 +1329,7 @@ check_algorithm(unsigned short algorithm) { len = sizeof(sha512_sig) - 1; break; default: - DST_RET(ISC_R_NOTIMPLEMENTED); + CLEANUP(ISC_R_NOTIMPLEMENTED); } /* @@ -1354,7 +1348,7 @@ check_algorithm(unsigned short algorithm) { EVP_DigestUpdate(evp_md_ctx, "test", 4) != 1 || EVP_VerifyFinal(evp_md_ctx, sig, len, pkey) != 1) { - DST_RET(ISC_R_NOTIMPLEMENTED); + CLEANUP(ISC_R_NOTIMPLEMENTED); } cleanup: diff --git a/lib/dns/private.c b/lib/dns/private.c index 60ed1041f8..8982b7a73f 100644 --- a/lib/dns/private.c +++ b/lib/dns/private.c @@ -306,7 +306,7 @@ dns_private_totext(dns_rdata_t *private, isc_buffer_t *buf) { if (!dns_nsec3param_fromprivate(private, &rdata, nsec3buf, sizeof(nsec3buf))) { - CHECK(ISC_R_FAILURE); + CLEANUP(ISC_R_FAILURE); } CHECK(dns_rdata_tostruct(&rdata, &nsec3param, NULL)); diff --git a/lib/dns/rdata.c b/lib/dns/rdata.c index 5ad80cebc9..3330d47d71 100644 --- a/lib/dns/rdata.c +++ b/lib/dns/rdata.c @@ -1093,7 +1093,7 @@ unknown_fromtext(dns_rdataclass_t rdclass, dns_rdatatype_t type, CHECK(isc_hex_tobuffer(lexer, buf, (unsigned int)token.value.as_ulong)); if (isc_buffer_usedlength(buf) != token.value.as_ulong) { - CHECK(ISC_R_UNEXPECTEDEND); + CLEANUP(ISC_R_UNEXPECTEDEND); } } diff --git a/lib/dns/rdataslab.c b/lib/dns/rdataslab.c index 5910d1b6d2..2fa0f30c1b 100644 --- a/lib/dns/rdataslab.c +++ b/lib/dns/rdataslab.c @@ -514,7 +514,7 @@ dns_rdataslab_merge(dns_slabheader_t *oheader, dns_slabheader_t *nheader, * than ncount, then we found such a duplicate. */ if (((flags & DNS_RDATASLAB_EXACT) != 0) && (tcount < ncount)) { - CHECK(DNS_R_NOTEXACT); + CLEANUP(DNS_R_NOTEXACT); } /* @@ -522,7 +522,7 @@ dns_rdataslab_merge(dns_slabheader_t *oheader, dns_slabheader_t *nheader, * FORCE flag isn't set, we're done. */ if (tcount == 0 && (flags & DNS_RDATASLAB_FORCE) == 0) { - CHECK(DNS_R_UNCHANGED); + CLEANUP(DNS_R_UNCHANGED); } /* Add to tcount the total number of items from the old slab. */ @@ -533,11 +533,11 @@ dns_rdataslab_merge(dns_slabheader_t *oheader, dns_slabheader_t *nheader, /* Single types can't have more than one RR. */ if (tcount > 1 && dns_rdatatype_issingleton(type)) { - CHECK(DNS_R_SINGLETON); + CLEANUP(DNS_R_SINGLETON); } if (tcount > 0xffff) { - CHECK(ISC_R_NOSPACE); + CLEANUP(ISC_R_NOSPACE); } /* Allocate the target buffer and copy the new slab's header */ @@ -673,7 +673,7 @@ dns_rdataslab_subtract(dns_slabheader_t *oheader, dns_slabheader_t *sheader, * duplicates.) */ if ((flags & DNS_RDATASLAB_EXACT) != 0 && rcount != scount) { - CHECK(DNS_R_NOTEXACT); + CLEANUP(DNS_R_NOTEXACT); } /* @@ -681,14 +681,14 @@ dns_rdataslab_subtract(dns_slabheader_t *oheader, dns_slabheader_t *sheader, * create a new buffer, just return. */ if (tcount == 0) { - CHECK(DNS_R_NXRRSET); + CLEANUP(DNS_R_NXRRSET); } /* * If nothing is going to change, stop. */ if (rcount == 0) { - CHECK(DNS_R_UNCHANGED); + CLEANUP(DNS_R_UNCHANGED); } /* diff --git a/lib/dns/request.c b/lib/dns/request.c index 46148c2bb0..93c868ecfd 100644 --- a/lib/dns/request.c +++ b/lib/dns/request.c @@ -686,7 +686,7 @@ req_render(dns_message_t *message, isc_buffer_t **bufferp, unsigned int options, */ isc_buffer_usedregion(buf1, &r); if ((options & DNS_REQUESTOPT_TCP) == 0 && r.length > 512) { - CHECK(DNS_R_USETCP); + CLEANUP(DNS_R_USETCP); } isc_buffer_allocate(mctx, &buf2, r.length); CHECK(isc_buffer_copyregion(buf2, &r)); diff --git a/lib/dns/resconf.c b/lib/dns/resconf.c index e53666c70c..cc7524ed41 100644 --- a/lib/dns/resconf.c +++ b/lib/dns/resconf.c @@ -217,7 +217,7 @@ add_server(isc_mem_t *mctx, const char *address_str, address = isc_mem_get(mctx, sizeof(*address)); if (res->ai_addrlen > sizeof(address->type)) { isc_mem_put(mctx, address, sizeof(*address)); - CHECK(ISC_R_RANGE); + CLEANUP(ISC_R_RANGE); } if (res->ai_family == AF_INET) { @@ -237,7 +237,7 @@ add_server(isc_mem_t *mctx, const char *address_str, isc_mem_put(mctx, address, sizeof(*address)); UNEXPECTED_ERROR("ai_family (%d) not INET nor INET6", res->ai_family); - CHECK(ISC_R_UNEXPECTED); + CLEANUP(ISC_R_UNEXPECTED); } address->length = (unsigned int)res->ai_addrlen; diff --git a/lib/dns/resolver.c b/lib/dns/resolver.c index 018d76e739..404086b898 100644 --- a/lib/dns/resolver.c +++ b/lib/dns/resolver.c @@ -6987,7 +6987,7 @@ resume_dslookup(void *arg) { * made. Interrupt the DS chasing process, returning SERVFAIL. */ if (dns_name_equal(fctx->nsname, fetch->private->domain)) { - CHECK(DNS_R_SERVFAIL); + CLEANUP(DNS_R_SERVFAIL); } /* Get nameservers from fetch before we destroy it. */ diff --git a/lib/dns/sdlz.c b/lib/dns/sdlz.c index 96adec1e39..22bd0ee210 100644 --- a/lib/dns/sdlz.c +++ b/lib/dns/sdlz.c @@ -982,7 +982,7 @@ modrdataset(dns_db_t *db, dns_dbnode_t *node, dns_dbversion_t *version, buffer)); if (isc_buffer_usedlength(buffer) < 1) { - CHECK(ISC_R_BADADDRESSFORM); + CLEANUP(ISC_R_BADADDRESSFORM); } rdatastr = isc_buffer_base(buffer); @@ -1641,7 +1641,7 @@ dns_sdlz_putrr(dns_sdlzlookup_t *lookup, const char *type, dns_ttl_t ttl, } while (result == ISC_R_NOSPACE); if (result != ISC_R_SUCCESS) { - CHECK(DNS_R_SERVFAIL); + CLEANUP(DNS_R_SERVFAIL); } ISC_LIST_APPEND(rdatalist->rdata, rdata, link); diff --git a/lib/dns/skr.c b/lib/dns/skr.c index fd57d4bcf3..7eec1f4531 100644 --- a/lib/dns/skr.c +++ b/lib/dns/skr.c @@ -29,7 +29,7 @@ #define NEXTTOKEN(lex, opt, token) CHECK(isc_lex_gettoken(lex, opt, token)) -#define BADTOKEN() CHECK(ISC_R_UNEXPECTEDTOKEN) +#define BADTOKEN() CLEANUP(ISC_R_UNEXPECTEDTOKEN) #define TOKENSIZ (8 * 1024) #define STR(t) ((t).value.as_textregion.base) @@ -58,7 +58,7 @@ parse_rr(isc_lex_t *lex, isc_mem_t *mctx, char *owner, dns_name_t *origin, isc_buffer_add(&b, strlen(owner)); CHECK(dns_name_fromtext(dname, &b, dns_rootname, 0)); if (dns_name_compare(dname, origin) != 0) { - CHECK(DNS_R_BADOWNERNAME); + CLEANUP(DNS_R_BADOWNERNAME); } isc_buffer_clear(&b); @@ -248,7 +248,7 @@ dns_skr_read(isc_mem_t *mctx, const char *filename, dns_name_t *origin, } if (token.type != isc_tokentype_string) { - CHECK(DNS_R_SYNTAX); + CLEANUP(DNS_R_SYNTAX); } if (strcmp(STR(token), ";;") == 0) { @@ -257,7 +257,7 @@ dns_skr_read(isc_mem_t *mctx, const char *filename, dns_name_t *origin, if (token.type != isc_tokentype_string || strcmp(STR(token), "SignedKeyResponse") != 0) { - CHECK(DNS_R_SYNTAX); + CLEANUP(DNS_R_SYNTAX); } /* Version */ @@ -265,20 +265,20 @@ dns_skr_read(isc_mem_t *mctx, const char *filename, dns_name_t *origin, if (token.type != isc_tokentype_string || strcmp(STR(token), "1.0") != 0) { - CHECK(DNS_R_SYNTAX); + CLEANUP(DNS_R_SYNTAX); } /* Date and time of bundle */ CHECK(isc_lex_gettoken(lex, opt, &token)); if (token.type != isc_tokentype_string) { - CHECK(DNS_R_SYNTAX); + CLEANUP(DNS_R_SYNTAX); } if (strcmp(STR(token), "generated") == 0) { /* Final bundle */ goto readline; } if (token.type != isc_tokentype_string) { - CHECK(DNS_R_SYNTAX); + CLEANUP(DNS_R_SYNTAX); } /* Add previous bundle */ @@ -340,7 +340,7 @@ dns_skr_read(isc_mem_t *mctx, const char *filename, dns_name_t *origin, } if (result != ISC_R_EOF) { - CHECK(DNS_R_SYNTAX); + CLEANUP(DNS_R_SYNTAX); } result = ISC_R_SUCCESS; diff --git a/lib/dns/tkey.c b/lib/dns/tkey.c index c3b1154fda..028aed74de 100644 --- a/lib/dns/tkey.c +++ b/lib/dns/tkey.c @@ -358,19 +358,19 @@ dns_tkey_processquery(dns_message_t *msg, dns_tkeyctx_t *tctx, if (result != ISC_R_SUCCESS) { tkey_log("dns_tkey_processquery: couldn't find a TKEY " "matching the question"); - CHECK(DNS_R_FORMERR); + CLEANUP(DNS_R_FORMERR); } result = dns_rdataset_first(tkeyset); if (result != ISC_R_SUCCESS) { - CHECK(DNS_R_FORMERR); + CLEANUP(DNS_R_FORMERR); } dns_rdataset_current(tkeyset, &rdata); CHECK(dns_rdata_tostruct(&rdata, &tkeyin, NULL)); if (tkeyin.error != dns_rcode_noerror) { - CHECK(DNS_R_FORMERR); + CLEANUP(DNS_R_FORMERR); } /* @@ -386,7 +386,7 @@ dns_tkey_processquery(dns_message_t *msg, dns_tkeyctx_t *tctx, { tkey_log("dns_tkey_processquery: query was not " "properly signed - rejecting"); - CHECK(DNS_R_FORMERR); + CLEANUP(DNS_R_FORMERR); } tkeyout = (dns_rdata_tkey_t){ @@ -620,7 +620,7 @@ dns_tkey_gssnegotiate(dns_message_t *qmsg, dns_message_t *rmsg, { tkey_log("dns_tkey_gssnegotiate: tkey mode invalid " "or error set(4)"); - CHECK(DNS_R_INVALIDTKEY); + CLEANUP(DNS_R_INVALIDTKEY); } isc_buffer_init(&intoken, rtkey.key, rtkey.keylen); diff --git a/lib/dns/update.c b/lib/dns/update.c index 1927df5ab5..99f8318d53 100644 --- a/lib/dns/update.c +++ b/lib/dns/update.c @@ -784,7 +784,7 @@ next_active(dns_update_log_t *log, dns_zone_t *zone, dns_db_t *db, if (wraps == 2) { update_log(log, zone, ISC_LOG_ERROR, "secure zone with no NSECs"); - CHECK(DNS_R_BADZONE); + CLEANUP(DNS_R_BADZONE); } } CHECK(dns_dbiterator_current(dbit, &node, newname)); @@ -1104,7 +1104,7 @@ add_sigs(dns_update_log_t *log, dns_zone_t *zone, dns_db_t *db, /* Look up the signature in the SKR bundle */ dns_skrbundle_t *bundle = dns_zone_getskrbundle(zone); if (bundle == NULL) { - CHECK(DNS_R_NOSKRBUNDLE); + CLEANUP(DNS_R_NOSKRBUNDLE); } CHECK(dns_skrbundle_getsig(bundle, keys[i], type, &sig_rdata)); diff --git a/lib/dns/validator.c b/lib/dns/validator.c index 0c7122c7f3..1721f671c7 100644 --- a/lib/dns/validator.c +++ b/lib/dns/validator.c @@ -445,7 +445,7 @@ fetch_callback_dnskey(void *arg) { dns_resolver_destroyfetch(&val->fetch); if (CANCELED(val) || CANCELING(val)) { - CHECK(ISC_R_CANCELED); + CLEANUP(ISC_R_CANCELED); } if (trustchain) { @@ -540,7 +540,7 @@ fetch_callback_ds(void *arg) { dns_resolver_destroyfetch(&val->fetch); if (CANCELED(val) || CANCELING(val)) { - CHECK(ISC_R_CANCELED); + CLEANUP(ISC_R_CANCELED); } if (trustchain) { @@ -648,7 +648,7 @@ validator_callback_dnskey(void *arg) { val->subvalidator = NULL; if (CANCELED(val) || CANCELING(val)) { - CHECK(ISC_R_CANCELED); + CLEANUP(ISC_R_CANCELED); } validator_log(val, ISC_LOG_DEBUG(3), "in validator_callback_dnskey"); @@ -701,7 +701,7 @@ validator_callback_ds(void *arg) { val->subvalidator = NULL; if (CANCELED(val) || CANCELING(val)) { - CHECK(ISC_R_CANCELED); + CLEANUP(ISC_R_CANCELED); } validator_log(val, ISC_LOG_DEBUG(3), "in validator_callback_ds"); @@ -765,7 +765,7 @@ validator_callback_cname(void *arg) { val->subvalidator = NULL; if (CANCELED(val) || CANCELING(val)) { - CHECK(ISC_R_CANCELED); + CLEANUP(ISC_R_CANCELED); } validator_log(val, ISC_LOG_DEBUG(3), "in validator_callback_cname"); @@ -809,7 +809,7 @@ validator_callback_nsec(void *arg) { val->subvalidator = NULL; if (CANCELED(val) || CANCELING(val)) { - CHECK(ISC_R_CANCELED); + CLEANUP(ISC_R_CANCELED); } validator_log(val, ISC_LOG_DEBUG(3), "in validator_callback_nsec"); @@ -1562,7 +1562,7 @@ validate_answer_iter_start(dns_validator_t *val) { val->attributes &= ~VALATTR_OFFLOADED; if (CANCELING(val)) { validator_cancel_finish(val); - CHECK(ISC_R_CANCELED); + CLEANUP(ISC_R_CANCELED); } if (val->resume) { @@ -1593,7 +1593,7 @@ validate_answer_iter_next(void *arg) { val->attributes &= ~VALATTR_OFFLOADED; if (CANCELING(val)) { validator_cancel_finish(val); - CHECK(ISC_R_CANCELED); + CLEANUP(ISC_R_CANCELED); } val->resume = false; @@ -1683,7 +1683,7 @@ validate_answer_process(void *arg) { val->attributes &= ~VALATTR_OFFLOADED; if (CANCELING(val)) { validator_cancel_finish(val); - CHECK(ISC_R_CANCELED); + CLEANUP(ISC_R_CANCELED); } dns_rdata_reset(&val->rdata); @@ -2233,7 +2233,7 @@ validate_dnskey(void *arg) { dns_rdata_ds_t ds; if (CANCELED(val) || CANCELING(val)) { - CHECK(ISC_R_CANCELED); + CLEANUP(ISC_R_CANCELED); } /* @@ -2268,7 +2268,7 @@ validate_dnskey(void *arg) { validator_log(val, ISC_LOG_DEBUG(3), "no trusted root key"); } - CHECK(DNS_R_NOVALIDSIG); + CLEANUP(DNS_R_NOVALIDSIG); } /* @@ -3549,7 +3549,7 @@ validator_start(void *arg) { isc_result_t result = ISC_R_FAILURE; if (CANCELED(val) || CANCELING(val)) { - CHECK(ISC_R_CANCELED); + CLEANUP(ISC_R_CANCELED); } validator_log(val, ISC_LOG_DEBUG(3), "starting"); diff --git a/lib/dns/view.c b/lib/dns/view.c index a640e875ac..492cab865a 100644 --- a/lib/dns/view.c +++ b/lib/dns/view.c @@ -1071,7 +1071,7 @@ dns_view_findzonecut(dns_view_t *view, const dns_name_t *name, try_hints = true; goto finish; } else { - CHECK(DNS_R_NXDOMAIN); + CLEANUP(DNS_R_NXDOMAIN); } } else if (result != ISC_R_SUCCESS) { /* @@ -1835,7 +1835,7 @@ dns_view_loadnta(dns_view_t *view) { if (token.type == isc_tokentype_eof) { break; } else if (token.type != isc_tokentype_string) { - CHECK(ISC_R_UNEXPECTEDTOKEN); + CLEANUP(ISC_R_UNEXPECTEDTOKEN); } name = TSTR(token); len = TLEN(token); @@ -1854,7 +1854,7 @@ dns_view_loadnta(dns_view_t *view) { CHECK(isc_lex_gettoken(lex, options, &token)); if (token.type != isc_tokentype_string) { - CHECK(ISC_R_UNEXPECTEDTOKEN); + CLEANUP(ISC_R_UNEXPECTEDTOKEN); } type = TSTR(token); @@ -1863,12 +1863,12 @@ dns_view_loadnta(dns_view_t *view) { } else if (strcmp(type, "forced") == 0) { forced = true; } else { - CHECK(ISC_R_UNEXPECTEDTOKEN); + CLEANUP(ISC_R_UNEXPECTEDTOKEN); } CHECK(isc_lex_gettoken(lex, options, &token)); if (token.type != isc_tokentype_string) { - CHECK(ISC_R_UNEXPECTEDTOKEN); + CLEANUP(ISC_R_UNEXPECTEDTOKEN); } timestamp = TSTR(token); CHECK(dns_time32_fromtext(timestamp, &t)); @@ -1877,7 +1877,7 @@ dns_view_loadnta(dns_view_t *view) { if (token.type != isc_tokentype_eol && token.type != isc_tokentype_eof) { - CHECK(ISC_R_UNEXPECTEDTOKEN); + CLEANUP(ISC_R_UNEXPECTEDTOKEN); } if (now <= t) { @@ -2110,7 +2110,7 @@ dns_view_addtrustedkey(dns_view_t *view, dns_rdatatype_t rdtype, REQUIRE(view->rdclass == dns_rdataclass_in); if (rdtype != dns_rdatatype_dnskey && rdtype != dns_rdatatype_ds) { - CHECK(ISC_R_NOTIMPLEMENTED); + CLEANUP(ISC_R_NOTIMPLEMENTED); } isc_buffer_init(&b, rdatabuf, sizeof(rdatabuf)); diff --git a/lib/dns/xfrin.c b/lib/dns/xfrin.c index aab34c0f5f..60bee11806 100644 --- a/lib/dns/xfrin.c +++ b/lib/dns/xfrin.c @@ -352,14 +352,14 @@ axfr_apply(void *arg) { uint64_t records; if (atomic_load(&xfr->shuttingdown)) { - CHECK(ISC_R_SHUTTINGDOWN); + CLEANUP(ISC_R_SHUTTINGDOWN); } CHECK(dns_diff_load(&xfr->diff, &xfr->axfr)); if (xfr->maxrecords != 0U) { result = dns_db_getsize(xfr->db, xfr->ver, &records, NULL); if (result == ISC_R_SUCCESS && records > xfr->maxrecords) { - CHECK(DNS_R_TOOMANYRECORDS); + CLEANUP(DNS_R_TOOMANYRECORDS); } } @@ -522,7 +522,7 @@ ixfr_apply_one(dns_xfrin_t *xfr, ixfr_apply_data_t *data) { if (xfr->maxrecords != 0U) { result = dns_db_getsize(xfr->db, xfr->ver, &records, NULL); if (result == ISC_R_SUCCESS && records > xfr->maxrecords) { - CHECK(DNS_R_TOOMANYRECORDS); + CLEANUP(DNS_R_TOOMANYRECORDS); } } if (xfr->ixfr.journal != NULL) { @@ -684,7 +684,7 @@ xfr_rr(dns_xfrin_t *xfr, dns_name_t *name, uint32_t ttl, dns_rdata_t *rdata) { dns_rdatatype_format(rdata->type, buf, sizeof(buf)); xfrin_log(xfr, ISC_LOG_NOTICE, "Unexpected %s record in zone transfer", buf); - CHECK(DNS_R_FORMERR); + CLEANUP(DNS_R_FORMERR); } /* @@ -699,7 +699,7 @@ xfr_rr(dns_xfrin_t *xfr, dns_name_t *name, uint32_t ttl, dns_rdata_t *rdata) { dns_name_format(name, namebuf, sizeof(namebuf)); xfrin_log(xfr, ISC_LOG_DEBUG(3), "SOA name mismatch: '%s'", namebuf); - CHECK(DNS_R_NOTZONETOP); + CLEANUP(DNS_R_NOTZONETOP); } redo: @@ -708,7 +708,7 @@ redo: if (rdata->type != dns_rdatatype_soa) { xfrin_log(xfr, ISC_LOG_NOTICE, "non-SOA response to SOA query"); - CHECK(DNS_R_FORMERR); + CLEANUP(DNS_R_FORMERR); } end_serial = dns_soa_getserial(rdata); atomic_store_relaxed(&xfr->end_serial, end_serial); @@ -719,7 +719,7 @@ redo: "requested serial %u, " "primary has %" PRIuFAST32 ", not updating", xfr->ixfr.request_serial, end_serial); - CHECK(DNS_R_UPTODATE); + CLEANUP(DNS_R_UPTODATE); } atomic_store(&xfr->state, XFRST_GOTSOA); break; @@ -734,7 +734,7 @@ redo: if (rdata->type != dns_rdatatype_soa) { xfrin_log(xfr, ISC_LOG_NOTICE, "first RR in zone transfer must be SOA"); - CHECK(DNS_R_FORMERR); + CLEANUP(DNS_R_FORMERR); } /* * Remember the serial number in the initial SOA. @@ -755,7 +755,7 @@ redo: "requested serial %u, " "primary has %" PRIuFAST32 ", not updating", xfr->ixfr.request_serial, end_serial); - CHECK(DNS_R_UPTODATE); + CLEANUP(DNS_R_UPTODATE); } xfr->firstsoa = *rdata; if (xfr->firstsoa_data != NULL) { @@ -823,7 +823,7 @@ redo: "IXFR out of sync: " "expected serial %u, got %u", xfr->ixfr.current_serial, soa_serial); - CHECK(DNS_R_FORMERR); + CLEANUP(DNS_R_FORMERR); } else { CHECK(ixfr_commit(xfr)); atomic_store(&xfr->state, XFRST_IXFR_DELSOA); @@ -833,7 +833,7 @@ redo: if (rdata->type == dns_rdatatype_ns && dns_name_iswildcard(name)) { - CHECK(DNS_R_INVALIDNS); + CLEANUP(DNS_R_INVALIDNS); } CHECK(ixfr_putdata(xfr, DNS_DIFFOP_ADD, name, ttl, rdata)); break; @@ -858,7 +858,7 @@ redo: xfrin_log(xfr, ISC_LOG_NOTICE, "start and ending SOA records " "mismatch"); - CHECK(DNS_R_FORMERR); + CLEANUP(DNS_R_FORMERR); } axfr_commit(xfr); atomic_store(&xfr->state, XFRST_AXFR_END); @@ -867,7 +867,7 @@ redo: break; case XFRST_AXFR_END: case XFRST_IXFR_END: - CHECK(DNS_R_EXTRADATA); + CLEANUP(DNS_R_EXTRADATA); break; default: UNREACHABLE(); @@ -1288,7 +1288,7 @@ xfrin_start(dns_xfrin_t *xfr) { dns_dispatchmgr_t *dispmgr = dns_view_getdispatchmgr(xfr->view); if (dispmgr == NULL) { - CHECK(ISC_R_SHUTTINGDOWN); + CLEANUP(ISC_R_SHUTTINGDOWN); } primaries_timeout = isc_nm_getprimariestimeout(); @@ -1863,7 +1863,7 @@ xfrin_recv_done(isc_result_t result, isc_region_t *region, void *arg) { if (msg->counts[DNS_SECTION_QUESTION] > 1) { xfrin_log(xfr, ISC_LOG_NOTICE, "too many questions (%u)", msg->counts[DNS_SECTION_QUESTION]); - CHECK(DNS_R_FORMERR); + CLEANUP(DNS_R_FORMERR); } if ((atomic_load(&xfr->state) == XFRST_SOAQUERY || @@ -1871,7 +1871,7 @@ xfrin_recv_done(isc_result_t result, isc_region_t *region, void *arg) { msg->counts[DNS_SECTION_QUESTION] != 1) { xfrin_log(xfr, ISC_LOG_NOTICE, "missing question section"); - CHECK(DNS_R_FORMERR); + CLEANUP(DNS_R_FORMERR); } MSG_SECTION_FOREACH(msg, DNS_SECTION_QUESTION, name) { @@ -1882,19 +1882,19 @@ xfrin_recv_done(isc_result_t result, isc_region_t *region, void *arg) { if (!dns_name_equal(name, &xfr->name)) { xfrin_log(xfr, ISC_LOG_NOTICE, "question name mismatch"); - CHECK(DNS_R_FORMERR); + CLEANUP(DNS_R_FORMERR); } rds = ISC_LIST_HEAD(name->list); INSIST(rds != NULL); if (rds->type != xfr->reqtype) { xfrin_log(xfr, ISC_LOG_NOTICE, "question type mismatch"); - CHECK(DNS_R_FORMERR); + CLEANUP(DNS_R_FORMERR); } if (rds->rdclass != xfr->rdclass) { xfrin_log(xfr, ISC_LOG_NOTICE, "question class mismatch"); - CHECK(DNS_R_FORMERR); + CLEANUP(DNS_R_FORMERR); } } @@ -1916,7 +1916,7 @@ xfrin_recv_done(isc_result_t result, isc_region_t *region, void *arg) { if (xfr->reqtype == dns_rdatatype_soa && (msg->flags & DNS_MESSAGEFLAG_AA) == 0) { - CHECK(DNS_R_NOTAUTHORITATIVE); + CLEANUP(DNS_R_NOTAUTHORITATIVE); } result = dns_message_checksig(msg, xfr->view); @@ -1975,7 +1975,7 @@ xfrin_recv_done(isc_result_t result, isc_region_t *region, void *arg) { atomic_load(&xfr->state) == XFRST_AXFR_END || atomic_load(&xfr->state) == XFRST_IXFR_END) { - CHECK(DNS_R_EXPECTEDTSIG); + CLEANUP(DNS_R_EXPECTEDTSIG); } } diff --git a/lib/dns/zone.c b/lib/dns/zone.c index 3b52aaaf2f..927c57e809 100644 --- a/lib/dns/zone.c +++ b/lib/dns/zone.c @@ -2339,7 +2339,7 @@ zone_load(dns_zone_t *zone, unsigned int flags, bool locked) { if ((flags & DNS_ZONELOADFLAG_THAW) != 0) { DNS_ZONE_SETFLAG(zone, DNS_ZONEFLG_THAW); } - CHECK(ISC_R_LOADING); + CLEANUP(ISC_R_LOADING); } INSIST(zone->db_argc >= 1); @@ -2403,7 +2403,7 @@ zone_load(dns_zone_t *zone, unsigned int flags, bool locked) { ISC_LOG_DEBUG(1), "skipping load: master file " "older than last load"); - CHECK(DNS_R_UPTODATE); + CLEANUP(DNS_R_UPTODATE); } /* @@ -2453,7 +2453,7 @@ zone_load(dns_zone_t *zone, unsigned int flags, bool locked) { "DLZ %s does not exist or is set " "to 'search yes;'", zone->db_argv[1]); - CHECK(ISC_R_NOTFOUND); + CLEANUP(ISC_R_NOTFOUND); } ZONEDB_LOCK(&zone->dblock, isc_rwlocktype_write); @@ -5412,7 +5412,7 @@ zone_postload(dns_zone_t *zone, dns_db_t *db, isc_time_t loadtime, goto cleanup; } if (zone->type == dns_zone_primary && errors != 0) { - CHECK(DNS_R_BADZONE); + CLEANUP(DNS_R_BADZONE); } if (zone->type != dns_zone_stub && zone->type != dns_zone_redirect) @@ -5423,13 +5423,13 @@ zone_postload(dns_zone_t *zone, dns_db_t *db, isc_time_t loadtime, DNS_ZONE_OPTION(zone, DNS_ZONEOPT_CHECKINTEGRITY) && !integrity_checks(zone, db)) { - CHECK(DNS_R_BADZONE); + CLEANUP(DNS_R_BADZONE); } if (zone->type == dns_zone_primary && DNS_ZONE_OPTION(zone, DNS_ZONEOPT_CHECKDUPRR) && !zone_check_dup(zone, db)) { - CHECK(DNS_R_BADZONE); + CLEANUP(DNS_R_BADZONE); } if (zone->type == dns_zone_primary) { @@ -5447,7 +5447,7 @@ zone_postload(dns_zone_t *zone, dns_db_t *db, isc_time_t loadtime, dns_zone_log(zone, ISC_LOG_ERROR, "'log-report-channel' is set, but no " "'*._er/TXT' wildcard found"); - CHECK(DNS_R_BADZONE); + CLEANUP(DNS_R_BADZONE); } CHECK(dns_zone_verifydb(zone, db, NULL)); @@ -5493,7 +5493,7 @@ zone_postload(dns_zone_t *zone, dns_db_t *db, isc_time_t loadtime, "new serial (%u) out of range " "[%u - %u]", serial, serialmin, serialmax); - CHECK(DNS_R_BADZONE); + CLEANUP(DNS_R_BADZONE); } else if (!isc_serial_ge(serial, oldserial)) { dns_zone_logc(zone, DNS_LOGCATEGORY_ZONELOAD, ISC_LOG_ERROR, @@ -5578,7 +5578,7 @@ zone_postload(dns_zone_t *zone, dns_db_t *db, isc_time_t loadtime, default: UNEXPECTED_ERROR("unexpected zone type %d", zone->type); - CHECK(ISC_R_UNEXPECTED); + CLEANUP(ISC_R_UNEXPECTED); } /* @@ -7424,7 +7424,7 @@ add_sigs(dns_db_t *db, dns_dbversion_t *ver, dns_name_t *name, dns_zone_t *zone, /* Look up the signature in the SKR bundle */ dns_skrbundle_t *bundle = dns_zone_getskrbundle(zone); if (bundle == NULL) { - CHECK(DNS_R_NOSKRBUNDLE); + CLEANUP(DNS_R_NOSKRBUNDLE); } CHECK(dns_skrbundle_getsig(bundle, keys[i], type, &sig_rdata)); @@ -7539,7 +7539,7 @@ zone_resigninc(dns_zone_t *zone) { * Zone is frozen. Pause for 5 minutes. */ if (zone->update_disabled) { - CHECK(ISC_R_FAILURE); + CLEANUP(ISC_R_FAILURE); } ZONEDB_LOCK(&zone->dblock, isc_rwlocktype_read); @@ -7548,7 +7548,7 @@ zone_resigninc(dns_zone_t *zone) { } ZONEDB_UNLOCK(&zone->dblock, isc_rwlocktype_read); if (db == NULL) { - CHECK(ISC_R_FAILURE); + CLEANUP(ISC_R_FAILURE); } result = dns_db_newversion(db, &version); @@ -8029,7 +8029,7 @@ sign_a_node(dns_db_t *db, dns_zone_t *zone, dns_name_t *name, /* Look up the signature in the SKR bundle */ dns_skrbundle_t *bundle = dns_zone_getskrbundle(zone); if (bundle == NULL) { - CHECK(DNS_R_NOSKRBUNDLE); + CLEANUP(DNS_R_NOSKRBUNDLE); } CHECK(dns_skrbundle_getsig(bundle, key, rdataset.type, &rdata)); @@ -8719,7 +8719,7 @@ zone_nsec3chain(dns_zone_t *zone) { * Updates are disabled. Pause for 5 minutes. */ if (zone->update_disabled) { - CHECK(ISC_R_FAILURE); + CLEANUP(ISC_R_FAILURE); } ZONEDB_LOCK(&zone->dblock, isc_rwlocktype_read); @@ -14224,7 +14224,7 @@ again: } break; default: - CHECK(ISC_R_NOTIMPLEMENTED); + CLEANUP(ISC_R_NOTIMPLEMENTED); } /* @@ -16948,7 +16948,7 @@ receive_secure_db(void *arg) { LOCK_ZONE(zone); if (DNS_ZONE_FLAG(zone, DNS_ZONEFLG_EXITING) || !inline_secure(zone)) { - CHECK(ISC_R_SHUTTINGDOWN); + CLEANUP(ISC_R_SHUTTINGDOWN); } loadtime = isc_time_now(); @@ -18374,7 +18374,7 @@ dns_zone_forwardupdate(dns_zone_t *zone, dns_message_t *msg, mr = dns_message_getrawmessage(msg); if (mr == NULL) { - CHECK(ISC_R_UNEXPECTEDEND); + CLEANUP(ISC_R_UNEXPECTEDEND); } isc_buffer_allocate(zone->mctx, &forward->msgbuf, mr->length); @@ -19610,7 +19610,7 @@ zone_signwithkey(dns_zone_t *zone, dst_algorithm_t algorithm, uint16_t keyid, ZONEDB_UNLOCK(&zone->dblock, isc_rwlocktype_read); if (db == NULL) { - CHECK(ISC_R_NOTFOUND); + CLEANUP(ISC_R_NOTFOUND); } dns_db_attach(db, &signing->db); @@ -20609,7 +20609,7 @@ checkds_send_toaddr(void *arg) { checkds->zone->view->requestmgr == NULL || checkds->zone->db == NULL) { - CHECK(ISC_R_CANCELED); + CLEANUP(ISC_R_CANCELED); } /* @@ -20623,7 +20623,7 @@ checkds_send_toaddr(void *arg) { dns_zone_log(checkds->zone, ISC_LOG_DEBUG(3), "checkds: ignoring IPv6 mapped IPV4 address: %s", addrbuf); - CHECK(ISC_R_CANCELED); + CLEANUP(ISC_R_CANCELED); } checkds_createmessage(checkds->zone, &message); @@ -21456,7 +21456,7 @@ zone_rekey(dns_zone_t *zone) { dnssec_log(zone, ISC_LOG_DEBUG(1), "zone_rekey:dns_skr_lookup failed: " "no SKR available"); - CHECK(DNS_R_NOSKRFILE); + CLEANUP(DNS_R_NOSKRFILE); } bundle = dns_skr_lookup(zone->skr, now, sigval); zone->skrbundle = bundle; @@ -21477,7 +21477,7 @@ zone_rekey(dns_zone_t *zone) { "no available SKR bundle for time " "%.*s (%s)", (int)r.length, r.base, nowstr); - CHECK(DNS_R_NOSKRBUNDLE); + CLEANUP(DNS_R_NOSKRBUNDLE); } zone_apply_skrbundle(zone, bundle, &keyset, &cdsset, @@ -22246,7 +22246,7 @@ dns_zone_cdscheck(dns_zone_t *zone, dns_db_t *db, dns_dbversion_t *version) { } if (empty) { - CHECK(DNS_R_BADCDS); + CLEANUP(DNS_R_BADCDS); } CHECK(dns_rdata_tostruct(&crdata, &structcds, NULL)); @@ -22307,7 +22307,7 @@ dns_zone_cdscheck(dns_zone_t *zone, dns_db_t *db, dns_dbversion_t *version) { &crdata, &dnskey, &rdata); if (result != ISC_R_SUCCESS) { - CHECK(DNS_R_BADCDS); + CLEANUP(DNS_R_BADCDS); } CHECK(dns_rdata_tostruct(&rdata, &structdnskey, NULL)); @@ -22321,10 +22321,10 @@ dns_zone_cdscheck(dns_zone_t *zone, dns_db_t *db, dns_dbversion_t *version) { for (i = 0; i < sizeof(algorithms); i++) { if (delete) { if (algorithms[i] != notexpected) { - CHECK(DNS_R_BADCDS); + CLEANUP(DNS_R_BADCDS); } } else if (algorithms[i] == expected) { - CHECK(DNS_R_BADCDS); + CLEANUP(DNS_R_BADCDS); } } } @@ -22357,7 +22357,7 @@ dns_zone_cdscheck(dns_zone_t *zone, dns_db_t *db, dns_dbversion_t *version) { } if (empty) { - CHECK(DNS_R_BADCDNSKEY); + CLEANUP(DNS_R_BADCDNSKEY); } CHECK(dns_rdata_tostruct(&crdata, &structcdnskey, @@ -22389,10 +22389,10 @@ dns_zone_cdscheck(dns_zone_t *zone, dns_db_t *db, dns_dbversion_t *version) { for (i = 0; i < sizeof(algorithms); i++) { if (delete) { if (algorithms[i] != notexpected) { - CHECK(DNS_R_BADCDNSKEY); + CLEANUP(DNS_R_BADCDNSKEY); } } else if (algorithms[i] == expected) { - CHECK(DNS_R_BADCDNSKEY); + CLEANUP(DNS_R_BADCDNSKEY); } } } @@ -22797,14 +22797,14 @@ dns_zone_keydone(dns_zone_t *zone, const char *keystr) { n = sscanf(keystr, "%hu/", &keyid); if (n == 0U) { - CHECK(ISC_R_FAILURE); + CLEANUP(ISC_R_FAILURE); } algstr = strchr(keystr, '/'); if (algstr != NULL) { algstr++; } else { - CHECK(ISC_R_FAILURE); + CLEANUP(ISC_R_FAILURE); } n = sscanf(algstr, "%u", &alg); @@ -23627,12 +23627,12 @@ dns_zone_setserial(dns_zone_t *zone, uint32_t serial) { if (!inline_secure(zone)) { if (!dns_zone_isdynamic(zone, true)) { - CHECK(DNS_R_NOTDYNAMIC); + CLEANUP(DNS_R_NOTDYNAMIC); } } if (zone->update_disabled) { - CHECK(DNS_R_FROZEN); + CLEANUP(DNS_R_FROZEN); } sse = isc_mem_get(zone->mctx, sizeof(*sse)); diff --git a/lib/isc/interfaceiter.c b/lib/isc/interfaceiter.c index babe1ec21b..4a5518a141 100644 --- a/lib/isc/interfaceiter.c +++ b/lib/isc/interfaceiter.c @@ -170,7 +170,7 @@ isc_interfaceiter_create(isc_mem_t *mctx, isc_interfaceiter_t **iterp) { strerror_r(errno, strbuf, sizeof(strbuf)); UNEXPECTED_ERROR("getting interface addresses: getifaddrs: %s", strbuf); - CHECK(ISC_R_UNEXPECTED); + CLEANUP(ISC_R_UNEXPECTED); } /* diff --git a/lib/isc/netmgr/tcp.c b/lib/isc/netmgr/tcp.c index d67171b188..84e57693bb 100644 --- a/lib/isc/netmgr/tcp.c +++ b/lib/isc/netmgr/tcp.c @@ -720,7 +720,7 @@ isc__nm_tcp_read(isc_nmhandle_t *handle, isc_nm_recv_cb_t cb, void *cbarg) { } if (isc__nmsocket_closing(sock)) { - CHECK(ISC_R_CANCELED); + CLEANUP(ISC_R_CANCELED); } if (!sock->reading_throttled) { @@ -912,7 +912,7 @@ accept_connection(isc_nmsocket_t *csock) { * isc__nm_tcp_close() can't handle uninitalized TCP nmsocket. */ if (isc__nmsocket_closing(csock)) { - CHECK(ISC_R_CANCELED); + CLEANUP(ISC_R_CANCELED); } r = uv_accept(&csock->server->uv_handle.stream, @@ -936,7 +936,7 @@ accept_connection(isc_nmsocket_t *csock) { * it has expired. We cannot do anything better than * drop it on the floor at this point. */ - CHECK(ISC_R_TIMEDOUT); + CLEANUP(ISC_R_TIMEDOUT); } else { /* Adjust the initial read timeout accordingly */ csock->read_timeout -= time_elapsed_ms; diff --git a/lib/isccfg/aclconf.c b/lib/isccfg/aclconf.c index 9324e7a5f7..cea7a84328 100644 --- a/lib/isccfg/aclconf.c +++ b/lib/isccfg/aclconf.c @@ -689,7 +689,7 @@ cfg_acl_fromconfig(const cfg_obj_t *acl_data, const cfg_obj_t *cctx, transports = isc_nm_httpsocket; encrypted = false; } else { - CHECK(ISC_R_FAILURE); + CLEANUP(ISC_R_FAILURE); } } @@ -880,7 +880,7 @@ cfg_acl_fromconfig(const cfg_obj_t *acl_data, const cfg_obj_t *cctx, cfg_obj_log(ce, ISC_LOG_WARNING, "address match list contains " "unsupported element type"); - CHECK(ISC_R_FAILURE); + CLEANUP(ISC_R_FAILURE); } /* diff --git a/lib/isccfg/check.c b/lib/isccfg/check.c index c445257201..3851ecaec6 100644 --- a/lib/isccfg/check.c +++ b/lib/isccfg/check.c @@ -4900,7 +4900,7 @@ check_trust_anchor(const cfg_obj_t *key, unsigned int *flagsp) { * We can't interpret the trust anchor, so * we skip all other checks. */ - CHECK(ISC_R_FAILURE); + CLEANUP(ISC_R_FAILURE); UNREACHABLE(); } diff --git a/lib/isccfg/kaspconf.c b/lib/isccfg/kaspconf.c index 3a42da1997..fbd70aae43 100644 --- a/lib/isccfg/kaspconf.c +++ b/lib/isccfg/kaspconf.c @@ -155,7 +155,7 @@ cfg_kaspkey_fromconfig(const cfg_obj_t *config, dns_kasp_t *kasp, "allowed when offline-ksk " "is enabled"); } - CHECK(ISC_R_FAILURE); + CLEANUP(ISC_R_FAILURE); } key->role |= DNS_KASP_KEY_ROLE_KSK; key->role |= DNS_KASP_KEY_ROLE_ZSK; @@ -177,14 +177,14 @@ cfg_kaspkey_fromconfig(const cfg_obj_t *config, dns_kasp_t *kasp, "not exist", keydir); } - CHECK(ISC_R_FAILURE); + CLEANUP(ISC_R_FAILURE); } else if (result != ISC_R_SUCCESS) { if (log_errors) { cfg_obj_log(obj, ISC_LOG_ERROR, "dnssec-policy: bad keystore %s", keydir); } - CHECK(ISC_R_FAILURE); + CLEANUP(ISC_R_FAILURE); } INSIST(key->keystore != NULL); @@ -221,7 +221,7 @@ cfg_kaspkey_fromconfig(const cfg_obj_t *config, dns_kasp_t *kasp, "takes to " "do a rollover"); } - CHECK(ISC_R_FAILURE); + CLEANUP(ISC_R_FAILURE); } } @@ -236,7 +236,7 @@ cfg_kaspkey_fromconfig(const cfg_obj_t *config, dns_kasp_t *kasp, "dnssec-policy: bad algorithm %s", alg.base); } - CHECK(DNS_R_BADALG); + CLEANUP(DNS_R_BADALG); } if (check_algorithms && isc_crypto_fips_mode() && (key->algorithm == DST_ALG_RSASHA1 || @@ -249,7 +249,7 @@ cfg_kaspkey_fromconfig(const cfg_obj_t *config, dns_kasp_t *kasp, "in FIPS mode", alg.base); } - CHECK(DNS_R_BADALG); + CLEANUP(DNS_R_BADALG); } if (check_algorithms && @@ -261,7 +261,7 @@ cfg_kaspkey_fromconfig(const cfg_obj_t *config, dns_kasp_t *kasp, "supported", alg.base); } - CHECK(DNS_R_BADALG); + CLEANUP(DNS_R_BADALG); } switch (key->algorithm) { @@ -306,7 +306,7 @@ cfg_kaspkey_fromconfig(const cfg_obj_t *config, dns_kasp_t *kasp, "key length %u", alg.base, size); } - CHECK(ISC_R_RANGE); + CLEANUP(ISC_R_RANGE); } break; case DST_ALG_ECDSA256: @@ -340,7 +340,7 @@ cfg_kaspkey_fromconfig(const cfg_obj_t *config, dns_kasp_t *kasp, "dnssec-policy: tag-min " "too big"); } - CHECK(ISC_R_RANGE); + CLEANUP(ISC_R_RANGE); } obj = cfg_tuple_get(tagrange, "tag-max"); tag_max = cfg_obj_asuint32(obj); @@ -350,7 +350,7 @@ cfg_kaspkey_fromconfig(const cfg_obj_t *config, dns_kasp_t *kasp, "dnssec-policy: tag-max " "too big"); } - CHECK(ISC_R_RANGE); + CLEANUP(ISC_R_RANGE); } if (tag_min >= tag_max) { if (log_errors) { @@ -358,7 +358,7 @@ cfg_kaspkey_fromconfig(const cfg_obj_t *config, dns_kasp_t *kasp, "dnssec-policy: tag-min >= " "tag_max"); } - CHECK(ISC_R_RANGE); + CLEANUP(ISC_R_RANGE); } key->tag_min = tag_min; key->tag_max = tag_max; diff --git a/lib/isccfg/namedconf.c b/lib/isccfg/namedconf.c index bbc4d4f100..69cff0317f 100644 --- a/lib/isccfg/namedconf.c +++ b/lib/isccfg/namedconf.c @@ -1802,7 +1802,7 @@ parse_dtout(cfg_parser_t *pctx, const cfg_type_t *type, cfg_obj_t **ret) { } else { cfg_parser_error(pctx, CFG_LOG_NEAR, "unexpected token"); - CHECK(ISC_R_UNEXPECTEDTOKEN); + CLEANUP(ISC_R_UNEXPECTEDTOKEN); } } else { break; @@ -1974,7 +1974,7 @@ cfg_parse_kv_tuple(cfg_parser_t *pctx, const cfg_type_t *type, if (f->name == NULL) { cfg_parser_error(pctx, 0, "unexpected '%s'", TOKEN_STRING(pctx)); - CHECK(ISC_R_UNEXPECTEDTOKEN); + CLEANUP(ISC_R_UNEXPECTEDTOKEN); } if (obj->value.tuple[fn] == NULL && strcasecmp(f->name, TOKEN_STRING(pctx)) == 0) @@ -3162,7 +3162,7 @@ parse_sizeval(cfg_parser_t *pctx, const cfg_type_t *type, cfg_obj_t **ret) { CHECK(cfg_gettoken(pctx, 0)); if (pctx->token.type != isc_tokentype_string) { - CHECK(ISC_R_UNEXPECTEDTOKEN); + CLEANUP(ISC_R_UNEXPECTEDTOKEN); } CHECK(parse_unitstring(TOKEN_STRING(pctx), &val)); @@ -3191,7 +3191,7 @@ parse_sizeval_percent(cfg_parser_t *pctx, const cfg_type_t *type, CHECK(cfg_gettoken(pctx, 0)); if (pctx->token.type != isc_tokentype_string) { - CHECK(ISC_R_UNEXPECTEDTOKEN); + CLEANUP(ISC_R_UNEXPECTEDTOKEN); } percent = strtoull(TOKEN_STRING(pctx), &endp, 10); @@ -3344,7 +3344,7 @@ parse_maybe_optional_keyvalue(cfg_parser_t *pctx, const cfg_type_t *type, } else { cfg_parser_error(pctx, CFG_LOG_NEAR, "expected '%s'", kw->name); - CHECK(ISC_R_UNEXPECTEDTOKEN); + CLEANUP(ISC_R_UNEXPECTEDTOKEN); } } diff --git a/lib/isccfg/parser.c b/lib/isccfg/parser.c index 0d80cc70ee..ac9a4a24af 100644 --- a/lib/isccfg/parser.c +++ b/lib/isccfg/parser.c @@ -1330,7 +1330,7 @@ cfg_parse_duration(cfg_parser_t *pctx, const cfg_type_t *type ISC_ATTR_UNUSED, CHECK(cfg_gettoken(pctx, 0)); if (pctx->token.type != isc_tokentype_string) { - CHECK(ISC_R_UNEXPECTEDTOKEN); + CLEANUP(ISC_R_UNEXPECTEDTOKEN); } return parse_duration(pctx, ret); @@ -1351,7 +1351,7 @@ cfg_parse_duration_or_unlimited(cfg_parser_t *pctx, CHECK(cfg_gettoken(pctx, 0)); if (pctx->token.type != isc_tokentype_string) { - CHECK(ISC_R_UNEXPECTEDTOKEN); + CLEANUP(ISC_R_UNEXPECTEDTOKEN); } if (strcmp(TOKEN_STRING(pctx), "unlimited") == 0) { @@ -2391,7 +2391,7 @@ cfg_parse_mapbody(cfg_parser_t *pctx, const cfg_type_t *type, cfg_obj_t **ret) { CHECK(parse_semicolon(pctx)); if (includename->value.string.length == 0) { - CHECK(ISC_R_FILENOTFOUND); + CLEANUP(ISC_R_FILENOTFOUND); } /* @@ -2405,14 +2405,14 @@ cfg_parse_mapbody(cfg_parser_t *pctx, const cfg_type_t *type, cfg_obj_t **ret) { case 0: break; case GLOB_NOMATCH: - CHECK(ISC_R_FILENOTFOUND); + CLEANUP(ISC_R_FILENOTFOUND); break; case GLOB_NOSPACE: - CHECK(ISC_R_NOMEMORY); + CLEANUP(ISC_R_NOMEMORY); break; default: if (errno == 0) { - CHECK(ISC_R_IOERROR); + CLEANUP(ISC_R_IOERROR); } CHECK(isc_errno_toresult(errno)); } @@ -2461,7 +2461,7 @@ cfg_parse_mapbody(cfg_parser_t *pctx, const cfg_type_t *type, cfg_obj_t **ret) { cfg_parser_error(pctx, 0, "option '%s' no longer exists", clause->name); - CHECK(ISC_R_FAILURE); + CLEANUP(ISC_R_FAILURE); } if ((pctx->flags & CFG_PCTX_ALLCONFIGS) == 0 && (clause->flags & CFG_CLAUSEFLAG_NOTCONFIGURED) != 0) @@ -2470,7 +2470,7 @@ cfg_parse_mapbody(cfg_parser_t *pctx, const cfg_type_t *type, cfg_obj_t **ret) { "option '%s' was not " "enabled at compile time", clause->name); - CHECK(ISC_R_FAILURE); + CLEANUP(ISC_R_FAILURE); } if ((pctx->flags & CFG_PCTX_BUILTIN) == 0 && (clause->flags & CFG_CLAUSEFLAG_BUILTINONLY) != 0) @@ -2993,7 +2993,7 @@ parse_token(cfg_parser_t *pctx, const cfg_type_t *type ISC_ATTR_UNUSED, CHECK(cfg_gettoken(pctx, CFG_LEXOPT_QSTRING)); if (pctx->token.type == isc_tokentype_eof) { cfg_ungettoken(pctx); - CHECK(ISC_R_EOF); + CLEANUP(ISC_R_EOF); } isc_lex_getlasttokentext(pctx->lexer, &pctx->token, &r); @@ -3048,7 +3048,7 @@ parse_unsupported(cfg_parser_t *pctx, const cfg_type_t *type, cfg_obj_t **ret) { if (pctx->token.type == isc_tokentype_eof || braces < 0) { cfg_parser_error(pctx, CFG_LOG_NEAR, "unexpected token"); - CHECK(ISC_R_UNEXPECTEDTOKEN); + CLEANUP(ISC_R_UNEXPECTEDTOKEN); } CHECK(cfg_parse_listelt(pctx, listobj, &cfg_type_token, &elt)); @@ -3492,21 +3492,21 @@ parse_sockaddrsub(cfg_parser_t *pctx, const cfg_type_t *type, int flags, if (have_address != 1) { cfg_parser_error(pctx, 0, "expected exactly one address"); - CHECK(ISC_R_UNEXPECTEDTOKEN); + CLEANUP(ISC_R_UNEXPECTEDTOKEN); } if (!is_port_ok && have_port > 0) { cfg_parser_error(pctx, 0, "subconfig 'port' no longer exists"); - CHECK(ISC_R_UNEXPECTEDTOKEN); + CLEANUP(ISC_R_UNEXPECTEDTOKEN); } if (have_port > 1) { cfg_parser_error(pctx, 0, "expected at most one port"); - CHECK(ISC_R_UNEXPECTEDTOKEN); + CLEANUP(ISC_R_UNEXPECTEDTOKEN); } if (have_tls > 1) { cfg_parser_error(pctx, 0, "expected at most one tls"); - CHECK(ISC_R_UNEXPECTEDTOKEN); + CLEANUP(ISC_R_UNEXPECTEDTOKEN); } cfg_obj_create(pctx->mctx, cfg_parser_currentfile(pctx), pctx->line, diff --git a/lib/ns/hooks.c b/lib/ns/hooks.c index 89891574a6..5577a669cc 100644 --- a/lib/ns/hooks.c +++ b/lib/ns/hooks.c @@ -150,7 +150,7 @@ load_plugin(isc_mem_t *mctx, const char *modpath, ns_plugin_t **pluginp) { ISC_LOG_ERROR, "failed to dlopen() plugin '%s': %s", modpath, errmsg); - CHECK(ISC_R_FAILURE); + CLEANUP(ISC_R_FAILURE); } CHECK(load_symbol(&plugin->handle, modpath, "plugin_version", @@ -164,7 +164,7 @@ load_plugin(isc_mem_t *mctx, const char *modpath, ns_plugin_t **pluginp) { ISC_LOG_ERROR, "plugin API version mismatch: %d/%d", version, NS_PLUGIN_VERSION); - CHECK(ISC_R_FAILURE); + CLEANUP(ISC_R_FAILURE); } CHECK(load_symbol(&plugin->handle, modpath, "plugin_check", diff --git a/lib/ns/update.c b/lib/ns/update.c index 64366b961c..d01489beaf 100644 --- a/lib/ns/update.c +++ b/lib/ns/update.c @@ -1638,7 +1638,7 @@ send_update(ns_client_t *client, dns_zone_t *zone) { } result = dns_zone_checknames(zone, name, &rdata); if (result != ISC_R_SUCCESS) { - CHECK(DNS_R_REFUSED); + CLEANUP(DNS_R_REFUSED); } if ((options & DNS_ZONEOPT_CHECKSVCB) != 0 && rdata.type == dns_rdatatype_svcb) @@ -1666,7 +1666,7 @@ send_update(ns_client_t *client, dns_zone_t *zone) { update_log(client, zone, ISC_LOG_WARNING, "update RR has incorrect class %d", update_class); - CHECK(DNS_R_FORMERR); + CLEANUP(DNS_R_FORMERR); } /* @@ -1795,7 +1795,7 @@ send_update(ns_client_t *client, dns_zone_t *zone) { isc_result_totext(result)); ns_stats_increment(client->manager->sctx->nsstats, ns_statscounter_updatequota); - CHECK(DNS_R_DROP); + CLEANUP(DNS_R_DROP); } uev = isc_mem_get(client->manager->mctx, sizeof(*uev)); @@ -2245,7 +2245,7 @@ check_dnssec(ns_client_t *client, dns_zone_t *zone, dns_db_t *db, if (!dns_zone_check_dnskey_nsec3(zone, db, ver, diff, NULL, 0)) { update_log(client, zone, ISC_LOG_ERROR, "NSEC only DNSKEYs and NSEC3 chains not allowed"); - CHECK(DNS_R_REFUSED); + CLEANUP(DNS_R_REFUSED); } /* Verify NSEC3 params */ @@ -2253,7 +2253,7 @@ check_dnssec(ns_client_t *client, dns_zone_t *zone, dns_db_t *db, if (iterations > dns_nsec3_maxiterations()) { update_log(client, zone, ISC_LOG_ERROR, "too many NSEC3 iterations (%u)", iterations); - CHECK(DNS_R_REFUSED); + CLEANUP(DNS_R_REFUSED); } cleanup: @@ -3145,7 +3145,7 @@ update_action(void *arg) { update_log(client, zone, LOGLEVEL_PROTOCOL, "update rejected: post update name server " "sanity check failed"); - CHECK(DNS_R_REFUSED); + CLEANUP(DNS_R_REFUSED); } } if (!ISC_LIST_EMPTY(diff.tuples) && is_signing) { @@ -3154,7 +3154,7 @@ update_action(void *arg) { update_log(client, zone, LOGLEVEL_PROTOCOL, "update rejected: bad %s RRset", result == DNS_R_BADCDS ? "CDS" : "CDNSKEY"); - CHECK(DNS_R_REFUSED); + CLEANUP(DNS_R_REFUSED); } CHECK(result); } @@ -3228,7 +3228,7 @@ update_action(void *arg) { "records in zone (%" PRIu64 ") exceeds max-records (%u)", records, maxrecords); - CHECK(DNS_R_TOOMANYRECORDS); + CLEANUP(DNS_R_TOOMANYRECORDS); } } diff --git a/lib/ns/xfrout.c b/lib/ns/xfrout.c index 7b289cee2a..097971fc50 100644 --- a/lib/ns/xfrout.c +++ b/lib/ns/xfrout.c @@ -1501,7 +1501,7 @@ sendstream(xfrout_ctx_t *xfr) { "(%d bytes)", size); /* XXX DNS_R_RRTOOLARGE? */ - CHECK(ISC_R_NOSPACE); + CLEANUP(ISC_R_NOSPACE); } break; }