diff --git a/bin/check/check-tool.c b/bin/check/check-tool.c index b7ca8a8936..0fd104c437 100644 --- a/bin/check/check-tool.c +++ b/bin/check/check-tool.c @@ -52,13 +52,6 @@ #define CHECK_LOCAL 1 #endif /* ifndef CHECK_LOCAL */ -#define CHECK(r) \ - do { \ - result = (r); \ - if (result != ISC_R_SUCCESS) \ - goto cleanup; \ - } while (0) - #define ERR_IS_CNAME 1 #define ERR_NO_ADDRESSES 2 #define ERR_LOOKUP_FAILURE 3 diff --git a/bin/check/named-checkconf.c b/bin/check/named-checkconf.c index 6355079f40..caac86ee25 100644 --- a/bin/check/named-checkconf.c +++ b/bin/check/named-checkconf.c @@ -44,13 +44,6 @@ #include "check-tool.h" -#define CHECK(r) \ - do { \ - result = (r); \ - if (result != ISC_R_SUCCESS) \ - goto cleanup; \ - } while (0) - /*% usage */ ISC_NORETURN static void usage(void); diff --git a/bin/delv/delv.c b/bin/delv/delv.c index f805e7dd88..80f52231f3 100644 --- a/bin/delv/delv.c +++ b/bin/delv/delv.c @@ -84,13 +84,6 @@ #include -#define CHECK(r) \ - do { \ - result = (r); \ - if (result != ISC_R_SUCCESS) \ - goto cleanup; \ - } while (0) - #define MAXNAME (DNS_NAME_MAXTEXT + 1) #define MAX_QUERIES 50 diff --git a/bin/dnssec/dnssec-ksr.c b/bin/dnssec/dnssec-ksr.c index a4ef81b82e..7240da4278 100644 --- a/bin/dnssec/dnssec-ksr.c +++ b/bin/dnssec/dnssec-ksr.c @@ -91,24 +91,9 @@ static int min_dh = 128; #define READLINE(lex, opt, token) -#define NEXTTOKEN(lex, opt, token) \ - { \ - ret = isc_lex_gettoken(lex, opt, token); \ - if (ret != ISC_R_SUCCESS) \ - goto cleanup; \ - } +#define NEXTTOKEN(lex, opt, token) CHECK(isc_lex_gettoken(lex, opt, token)) -#define BADTOKEN() \ - { \ - ret = ISC_R_UNEXPECTEDTOKEN; \ - goto cleanup; \ - } - -#define CHECK(r) \ - ret = (r); \ - if (ret != ISC_R_SUCCESS) { \ - goto fail; \ - } +#define BADTOKEN() CHECK(ISC_R_UNEXPECTEDTOKEN) isc_bufferlist_t cleanup_list = ISC_LIST_INITIALIZER; @@ -209,16 +194,16 @@ get_dnskeys(ksr_ctx_t *ksr, dns_dnsseckeylist_t *keys) { dns_dnsseckeylist_t keys_read; dns_dnsseckey_t **keys_sorted; int i = 0, n = 0; - isc_result_t ret; + isc_result_t result; ISC_LIST_INIT(*keys); ISC_LIST_INIT(keys_read); - ret = dns_dnssec_findmatchingkeys(name, NULL, ksr->keydir, NULL, - ksr->now, false, isc_g_mctx, - &keys_read); - if (ret != ISC_R_SUCCESS && ret != ISC_R_NOTFOUND) { + result = dns_dnssec_findmatchingkeys(name, NULL, ksr->keydir, NULL, + ksr->now, false, isc_g_mctx, + &keys_read); + if (result != ISC_R_SUCCESS && result != ISC_R_NOTFOUND) { fatal("failed to load existing keys from %s: %s", ksr->keydir, - isc_result_totext(ret)); + isc_result_totext(result)); } /* Sort on keytag. */ ISC_LIST_FOREACH(keys_read, dk, link) { @@ -323,7 +308,7 @@ create_key(ksr_ctx_t *ksr, dns_kasp_t *kasp, dns_kasp_key_t *kaspkey, dst_key_t *key = NULL; int options = (DST_TYPE_PRIVATE | DST_TYPE_PUBLIC | DST_TYPE_STATE); isc_buffer_t buf; - isc_result_t ret; + isc_result_t result; isc_stdtime_t prepub; uint16_t flags = DNS_KEYOWNER_ZONE; @@ -421,26 +406,26 @@ create_key(ksr_ctx_t *ksr, dns_kasp_t *kasp, dns_kasp_key_t *kaspkey, "Generating key pair for bundle %s: ", timestr); } if (ksr->keystore != NULL && ksr->policy != NULL) { - ret = dns_keystore_keygen( + result = dns_keystore_keygen( ksr->keystore, name, ksr->policy, dns_rdataclass_in, isc_g_mctx, ksr->alg, ksr->size, flags, &key); } else if (show_progress) { - ret = dst_key_generate(name, ksr->alg, ksr->size, 0, - flags, DNS_KEYPROTO_DNSSEC, - dns_rdataclass_in, NULL, - isc_g_mctx, &key, &progress); + result = dst_key_generate(name, ksr->alg, ksr->size, 0, + flags, DNS_KEYPROTO_DNSSEC, + dns_rdataclass_in, NULL, + isc_g_mctx, &key, &progress); fflush(stderr); } else { - ret = dst_key_generate(name, ksr->alg, ksr->size, 0, - flags, DNS_KEYPROTO_DNSSEC, - dns_rdataclass_in, NULL, - isc_g_mctx, &key, NULL); + result = dst_key_generate(name, ksr->alg, ksr->size, 0, + flags, DNS_KEYPROTO_DNSSEC, + dns_rdataclass_in, NULL, + isc_g_mctx, &key, NULL); } - if (ret != ISC_R_SUCCESS) { + if (result != ISC_R_SUCCESS) { fatal("failed to generate key %s/%s: %s\n", namestr, - algstr, isc_result_totext(ret)); + algstr, isc_result_totext(result)); } /* Do not overwrite an existing key. */ @@ -451,9 +436,9 @@ create_key(ksr_ctx_t *ksr, dns_kasp_t *kasp, dns_kasp_key_t *kaspkey, conflict = true; if (verbose > 0) { isc_buffer_clear(&buf); - ret = dst_key_buildfilename(key, 0, ksr->keydir, - &buf); - if (ret == ISC_R_SUCCESS) { + result = dst_key_buildfilename( + key, 0, ksr->keydir, &buf); + if (result == ISC_R_SUCCESS) { fprintf(stderr, "%s: %s already exists, or " "might collide with another " @@ -502,20 +487,20 @@ create_key(ksr_ctx_t *ksr, dns_kasp_t *kasp, dns_kasp_key_t *kaspkey, *expiration = 0; } - ret = dst_key_tofile(key, options, ksr->keydir); - if (ret != ISC_R_SUCCESS) { + result = dst_key_tofile(key, options, ksr->keydir); + if (result != ISC_R_SUCCESS) { char keystr[DST_KEY_FORMATSIZE]; dst_key_format(key, keystr, sizeof(keystr)); fatal("failed to write key %s: %s\n", keystr, - isc_result_totext(ret)); + isc_result_totext(result)); } output: isc_buffer_clear(&buf); - ret = dst_key_buildfilename(key, 0, NULL, &buf); - if (ret != ISC_R_SUCCESS) { + result = dst_key_buildfilename(key, 0, NULL, &buf); + if (result != ISC_R_SUCCESS) { fatal("dst_key_buildfilename returned: %s\n", - isc_result_totext(ret)); + isc_result_totext(result)); } printf("%s\n", filename); fflush(stdout); @@ -528,12 +513,12 @@ static void print_rdata(dns_rdataset_t *rrset) { isc_buffer_t target; isc_region_t r; - isc_result_t ret; + isc_result_t result; char buf[4096]; isc_buffer_init(&target, buf, sizeof(buf)); - ret = dns_rdataset_totext(rrset, name, false, false, &target); - if (ret != ISC_R_SUCCESS) { + result = dns_rdataset_totext(rrset, name, false, false, &target); + if (result != ISC_R_SUCCESS) { fatal("failed to print rdata"); } isc_buffer_usedregion(&target, &r); @@ -547,7 +532,7 @@ print_dnskeys(dns_kasp_key_t *kaspkey, dns_ttl_t ttl, dns_dnsseckeylist_t *keys, char timestr[26]; /* Minimal buf as per ctime_r() spec. */ dns_rdatalist_t *rdatalist = NULL; dns_rdataset_t rdataset = DNS_RDATASET_INIT; - isc_result_t ret = ISC_R_SUCCESS; + isc_result_t result = ISC_R_SUCCESS; isc_stdtime_t next_bundle = next_inception; isc_stdtime_tostring(inception, timestr, sizeof(timestr)); @@ -614,11 +599,11 @@ print_dnskeys(dns_kasp_key_t *kaspkey, dns_ttl_t ttl, dns_dnsseckeylist_t *keys, dns_rdatalist_tordataset(rdatalist, &rdataset); print_rdata(&rdataset); -fail: +cleanup: /* Cleanup */ freerrset(&rdataset); - if (ret != ISC_R_SUCCESS) { + if (result != ISC_R_SUCCESS) { fatal("failed to print %s/%s zsk key pair found for bundle %s", namestr, algstr, timestr); } @@ -631,7 +616,7 @@ sign_rrset(ksr_ctx_t *ksr, isc_stdtime_t inception, isc_stdtime_t expiration, dns_rdataset_t *rrset, dns_dnsseckeylist_t *keys) { dns_rdatalist_t *rrsiglist = NULL; dns_rdataset_t rrsigset = DNS_RDATASET_INIT; - isc_result_t ret; + isc_result_t result; isc_stdtime_t next_bundle = expiration; UNUSED(ksr); @@ -646,10 +631,10 @@ sign_rrset(ksr_ctx_t *ksr, isc_stdtime_t inception, isc_stdtime_t expiration, isc_buffer_init(&timebuf, timestr, sizeof(timestr)); isc_stdtime_tostring(inception, timestr, sizeof(timestr)); isc_buffer_init(&b, utc, sizeof(utc)); - ret = dns_time32_totext(inception, &b); - if (ret != ISC_R_SUCCESS) { + result = dns_time32_totext(inception, &b); + if (result != ISC_R_SUCCESS) { fatal("failed to convert bundle time32 to text: %s", - isc_result_totext(ret)); + isc_result_totext(result)); } isc_buffer_usedregion(&b, &r); fprintf(stdout, ";; SignedKeyResponse 1.0 %.*s (%s)\n", @@ -696,9 +681,9 @@ sign_rrset(ksr_ctx_t *ksr, isc_stdtime_t inception, isc_stdtime_t expiration, rrsig = isc_mem_get(isc_g_mctx, sizeof(*rrsig)); dns_rdata_init(rrsig); isc_buffer_init(&buf, rdatabuf, sizeof(rdatabuf)); - ret = dns_dnssec_sign(name, rrset, dk->key, &clockskew, - &expiration, isc_g_mctx, &buf, &rdata); - if (ret != ISC_R_SUCCESS) { + result = dns_dnssec_sign(name, rrset, dk->key, &clockskew, + &expiration, isc_g_mctx, &buf, &rdata); + if (result != ISC_R_SUCCESS) { fatal("failed to sign KSR"); } isc_buffer_usedregion(&buf, &rs); @@ -733,7 +718,7 @@ get_keymaterial(ksr_ctx_t *ksr, dns_kasp_t *kasp, isc_stdtime_t inception, dns_rdatalist_t *cdnskeylist = isc_mem_get(isc_g_mctx, sizeof(*cdnskeylist)); dns_rdatalist_t *cdslist = isc_mem_get(isc_g_mctx, sizeof(*cdslist)); - isc_result_t ret = ISC_R_SUCCESS; + isc_result_t result = ISC_R_SUCCESS; isc_stdtime_t next_bundle = next_inception; dns_rdatalist_init(dnskeylist); @@ -873,7 +858,7 @@ get_keymaterial(ksr_ctx_t *ksr, dns_kasp_t *kasp, isc_stdtime_t inception, return next_bundle; -fail: +cleanup: fatal("failed to create KSK/CDS/CDNSKEY"); return 0; } @@ -968,7 +953,7 @@ parse_dnskey(isc_lex_t *lex, char *owner, isc_buffer_t *buf, dns_ttl_t *ttl) { dns_name_t *dname = NULL; dns_rdataclass_t rdclass = dns_rdataclass_in; isc_buffer_t b; - isc_result_t ret; + isc_result_t result; isc_token_t token; unsigned int opt = ISC_LEXOPT_EOL; @@ -982,12 +967,12 @@ parse_dnskey(isc_lex_t *lex, char *owner, isc_buffer_t *buf, dns_ttl_t *ttl) { dname = dns_fixedname_initname(&dfname); isc_buffer_init(&b, owner, strlen(owner)); isc_buffer_add(&b, strlen(owner)); - ret = dns_name_fromtext(dname, &b, dns_rootname, 0); - if (ret != ISC_R_SUCCESS) { + result = dns_name_fromtext(dname, &b, dns_rootname, 0); + if (result != ISC_R_SUCCESS) { goto cleanup; } if (dns_name_compare(dname, name) != 0) { - ret = DNS_R_BADOWNERNAME; + result = DNS_R_BADOWNERNAME; goto cleanup; } isc_buffer_clear(&b); @@ -999,8 +984,8 @@ parse_dnskey(isc_lex_t *lex, char *owner, isc_buffer_t *buf, dns_ttl_t *ttl) { } /* If it's a TTL, read the next one */ - ret = dns_ttl_fromtext(&token.value.as_textregion, ttl); - if (ret == ISC_R_SUCCESS) { + result = dns_ttl_fromtext(&token.value.as_textregion, ttl); + if (result == ISC_R_SUCCESS) { NEXTTOKEN(lex, opt, &token); } if (token.type != isc_tokentype_string) { @@ -1008,8 +993,8 @@ parse_dnskey(isc_lex_t *lex, char *owner, isc_buffer_t *buf, dns_ttl_t *ttl) { } /* If it's a class, read the next one */ - ret = dns_rdataclass_fromtext(&rdclass, &token.value.as_textregion); - if (ret == ISC_R_SUCCESS) { + result = dns_rdataclass_fromtext(&rdclass, &token.value.as_textregion); + if (result == ISC_R_SUCCESS) { NEXTTOKEN(lex, opt, &token); } if (token.type != isc_tokentype_string) { @@ -1021,12 +1006,12 @@ parse_dnskey(isc_lex_t *lex, char *owner, isc_buffer_t *buf, dns_ttl_t *ttl) { BADTOKEN(); } - ret = dns_rdata_fromtext(NULL, rdclass, dns_rdatatype_dnskey, lex, name, - 0, isc_g_mctx, buf, NULL); + result = dns_rdata_fromtext(NULL, rdclass, dns_rdatatype_dnskey, lex, + name, 0, isc_g_mctx, buf, NULL); cleanup: isc_lex_setcomments(lex, 0); - return ret; + return result; } static void @@ -1097,14 +1082,14 @@ request(ksr_ctx_t *ksr) { char utc[sizeof("YYYYMMDDHHSSMM")]; isc_buffer_t b; isc_region_t r; - isc_result_t ret; + isc_result_t result; isc_stdtime_tostring(inception, timestr, sizeof(timestr)); isc_buffer_init(&b, utc, sizeof(utc)); - ret = dns_time32_totext(inception, &b); - if (ret != ISC_R_SUCCESS) { + result = dns_time32_totext(inception, &b); + if (result != ISC_R_SUCCESS) { fatal("failed to convert bundle time32 to text: %s", - isc_result_totext(ret)); + isc_result_totext(result)); } isc_buffer_usedregion(&b, &r); fprintf(stdout, ";; KeySigningRequest 1.0 %.*s (%s)\n", @@ -1146,7 +1131,7 @@ sign(ksr_ctx_t *ksr) { dns_dnsseckeylist_t keys; dns_kasp_t *kasp = NULL; dns_rdatalist_t *rdatalist = NULL; - isc_result_t ret; + isc_result_t result; isc_stdtime_t inception; isc_lex_t *lex = NULL; isc_lexspecials_t specials; @@ -1172,14 +1157,15 @@ sign(ksr_ctx_t *ksr) { specials[')'] = 1; specials['"'] = 1; isc_lex_setspecials(lex, specials); - ret = isc_lex_openfile(lex, ksr->file); - if (ret != ISC_R_SUCCESS) { + result = isc_lex_openfile(lex, ksr->file); + if (result != ISC_R_SUCCESS) { fatal("unable to open KSR file %s: %s", ksr->file, - isc_result_totext(ret)); + isc_result_totext(result)); } - for (ret = isc_lex_gettoken(lex, opt, &token); ret == ISC_R_SUCCESS; - ret = isc_lex_gettoken(lex, opt, &token)) + for (result = isc_lex_gettoken(lex, opt, &token); + result == ISC_R_SUCCESS; + result = isc_lex_gettoken(lex, opt, &token)) { if (token.type != isc_tokentype_string) { fatal("bad KSR file %s(%lu): syntax error", ksr->file, @@ -1245,13 +1231,13 @@ sign(ksr_ctx_t *ksr) { readline: /* Read remainder of header line */ do { - ret = isc_lex_gettoken(lex, opt, &token); - if (ret != ISC_R_SUCCESS) { + result = isc_lex_gettoken(lex, opt, &token); + if (result != ISC_R_SUCCESS) { fatal("bad KSR file %s(%lu): bad " "header (%s)", ksr->file, isc_lex_getsourceline(lex), - isc_result_totext(ret)); + isc_result_totext(result)); } } while (token.type != isc_tokentype_eol); } else { @@ -1268,11 +1254,11 @@ sign(ksr_ctx_t *ksr) { rdata = isc_mem_get(isc_g_mctx, sizeof(*rdata)); dns_rdata_init(rdata); isc_buffer_init(&buf, rdatabuf, sizeof(rdatabuf)); - ret = parse_dnskey(lex, STR(token), &buf, &ttl); - if (ret != ISC_R_SUCCESS) { + result = parse_dnskey(lex, STR(token), &buf, &ttl); + if (result != ISC_R_SUCCESS) { fatal("bad KSR file %s(%lu): bad DNSKEY (%s)", ksr->file, isc_lex_getsourceline(lex), - isc_result_totext(ret)); + isc_result_totext(result)); } isc_buffer_usedregion(&buf, &r); isc_buffer_allocate(isc_g_mctx, &newbuf, r.length); @@ -1290,7 +1276,7 @@ sign(ksr_ctx_t *ksr) { } } - if (ret != ISC_R_EOF) { + if (result != ISC_R_EOF) { fatal("bad KSR file %s(%lu): trailing garbage data", ksr->file, isc_lex_getsourceline(lex)); } @@ -1308,14 +1294,14 @@ sign(ksr_ctx_t *ksr) { fprintf(stdout, ";; SignedKeyResponse 1.0 generated at %s by %s\n", timestr, PACKAGE_VERSION); -fail: +cleanup: isc_lex_destroy(&lex); cleanup(&keys, kasp); } int main(int argc, char *argv[]) { - isc_result_t ret; + isc_result_t result; isc_buffer_t buf; int ch; char *endp; @@ -1354,10 +1340,10 @@ main(int argc, char *argv[]) { break; case 'K': ksr.keydir = isc_commandline_argument; - ret = try_dir(ksr.keydir); - if (ret != ISC_R_SUCCESS) { + result = try_dir(ksr.keydir); + if (result != ISC_R_SUCCESS) { fatal("cannot open directory %s: %s", - ksr.keydir, isc_result_totext(ret)); + ksr.keydir, isc_result_totext(result)); } break; case 'k': @@ -1405,10 +1391,10 @@ main(int argc, char *argv[]) { name = dns_fixedname_initname(&fname); isc_buffer_init(&buf, argv[1], strlen(argv[1])); isc_buffer_add(&buf, strlen(argv[1])); - ret = dns_name_fromtext(name, &buf, dns_rootname, 0); - if (ret != ISC_R_SUCCESS) { + result = dns_name_fromtext(name, &buf, dns_rootname, 0); + if (result != ISC_R_SUCCESS) { fatal("invalid zone name %s: %s", argv[1], - isc_result_totext(ret)); + isc_result_totext(result)); } /* command */ diff --git a/bin/named/controlconf.c b/bin/named/controlconf.c index e1d1a46d7e..a4aba2ea25 100644 --- a/bin/named/controlconf.c +++ b/bin/named/controlconf.c @@ -149,14 +149,6 @@ ISC_REFCOUNT_DECL(controlconnection); #define CLOCKSKEW 300 -#define CHECK(x) \ - { \ - result = (x); \ - if (result != ISC_R_SUCCESS) { \ - goto cleanup; \ - } \ - } - static void free_controlkey(controlkey_t *key, isc_mem_t *mctx) { if (key->keyname != NULL) { diff --git a/bin/named/logconf.c b/bin/named/logconf.c index 1b0412009d..b1e8cdc7f9 100644 --- a/bin/named/logconf.c +++ b/bin/named/logconf.c @@ -28,13 +28,6 @@ #include #include -#define CHECK(op) \ - do { \ - result = (op); \ - if (result != ISC_R_SUCCESS) \ - goto cleanup; \ - } while (0) - /*% * Set up a logging category according to the named.conf data * in 'ccat' and add it to 'logconfig'. diff --git a/bin/named/server.c b/bin/named/server.c index a6f262b3c0..f99e897dd7 100644 --- a/bin/named/server.c +++ b/bin/named/server.c @@ -180,13 +180,6 @@ * Check an operation for failure. Assumes that the function * using it has a 'result' variable and a 'cleanup' label. */ -#define CHECK(op) \ - do { \ - result = (op); \ - if (result != ISC_R_SUCCESS) \ - goto cleanup; \ - } while (0) - #define TCHECK(op) \ do { \ tresult = (op); \ diff --git a/bin/named/statschannel.c b/bin/named/statschannel.c index eacb2d25ea..a56f0cc58f 100644 --- a/bin/named/statschannel.c +++ b/bin/named/statschannel.c @@ -64,14 +64,6 @@ #define STATS_JSON_VERSION_MINOR "8" #define STATS_JSON_VERSION STATS_JSON_VERSION_MAJOR "." STATS_JSON_VERSION_MINOR -#define CHECK(m) \ - do { \ - result = (m); \ - if (result != ISC_R_SUCCESS) { \ - goto cleanup; \ - } \ - } while (0) - struct named_statschannel { /* Unlocked */ isc_httpdmgr_t *httpdmgr; diff --git a/bin/named/tkeyconf.c b/bin/named/tkeyconf.c index 768e0fac05..633d19c61e 100644 --- a/bin/named/tkeyconf.c +++ b/bin/named/tkeyconf.c @@ -21,6 +21,7 @@ #include +#include #include void @@ -28,11 +29,10 @@ named_tkeyctx_fromconfig(const cfg_obj_t *options, isc_mem_t *mctx, dns_tkeyctx_t **tctxp) { isc_result_t result; dns_tkeyctx_t *tctx = NULL; - const cfg_obj_t *obj; + const cfg_obj_t *obj = NULL; dns_tkeyctx_create(mctx, &tctx); - obj = NULL; result = cfg_map_get(options, "tkey-gssapi-keytab", &obj); if (result == ISC_R_SUCCESS) { const char *s = cfg_obj_asstring(obj); diff --git a/bin/named/transportconf.c b/bin/named/transportconf.c index bedb3d5243..de02ab7bb2 100644 --- a/bin/named/transportconf.c +++ b/bin/named/transportconf.c @@ -183,11 +183,6 @@ failure: return result; } -#define CHECK(f) \ - if ((result = f) != ISC_R_SUCCESS) { \ - goto failure; \ - } - static isc_result_t transport_list_fromconfig(const cfg_obj_t *config, dns_transport_list_t *list) { const cfg_obj_t *obj = NULL; diff --git a/bin/named/zoneconf.c b/bin/named/zoneconf.c index 15a1a8c71a..9ad15e0547 100644 --- a/bin/named/zoneconf.c +++ b/bin/named/zoneconf.c @@ -62,13 +62,6 @@ typedef enum { allow_update_forwarding } acl_type_t; -#define CHECK(x) \ - do { \ - result = (x); \ - if (result != ISC_R_SUCCESS) \ - goto cleanup; \ - } while (0) - /*% * Convenience function for configuring a single zone ACL. */ @@ -2141,12 +2134,9 @@ named_zone_loadplugins(dns_zone_t *zone, const cfg_obj_t *config, ns_plugins_create(zmctx, &hookdata.plugins); dns_zone_setplugins(zone, hookdata.plugins, ns_plugins_free); - result = cfg_pluginlist_foreach(config, tpluginlist, aclctx, - named_register_one_plugin, - &hookdata); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(cfg_pluginlist_foreach(config, tpluginlist, aclctx, + named_register_one_plugin, + &hookdata)); result = cfg_pluginlist_foreach(config, zpluginlist, aclctx, named_register_one_plugin, diff --git a/bin/plugins/filter-a.c b/bin/plugins/filter-a.c index fff9cc9745..d5a9d0b268 100644 --- a/bin/plugins/filter-a.c +++ b/bin/plugins/filter-a.c @@ -46,14 +46,6 @@ #include #include -#define CHECK(op) \ - do { \ - result = (op); \ - if (result != ISC_R_SUCCESS) { \ - goto cleanup; \ - } \ - } while (0) - /* * Possible values for the settings of filter-a-on-v6 and * filter-a-on-v4: "no" is NONE, "yes" is FILTER, "break-dnssec" diff --git a/bin/plugins/filter-aaaa.c b/bin/plugins/filter-aaaa.c index 986267c5a6..007d952e7e 100644 --- a/bin/plugins/filter-aaaa.c +++ b/bin/plugins/filter-aaaa.c @@ -46,14 +46,6 @@ #include #include -#define CHECK(op) \ - do { \ - result = (op); \ - if (result != ISC_R_SUCCESS) { \ - goto cleanup; \ - } \ - } while (0) - /* * Possible values for the settings of filter-aaaa-on-v4 and * filter-aaaa-on-v6: "no" is NONE, "yes" is FILTER, "break-dnssec" diff --git a/bin/plugins/synthrecord.c b/bin/plugins/synthrecord.c index e348d55a64..3fdd7633f6 100644 --- a/bin/plugins/synthrecord.c +++ b/bin/plugins/synthrecord.c @@ -21,14 +21,6 @@ #include -#define CHECK(op) \ - do { \ - result = (op); \ - if (result != ISC_R_SUCCESS) { \ - goto cleanup; \ - } \ - } while (0) - #define DEFAULT_TTL 300 typedef enum { UNDEFINED, FORWARD, REVERSE } synthrecord_mode_t; diff --git a/bin/tests/system/dlzexternal/driver/driver.c b/bin/tests/system/dlzexternal/driver/driver.c index 9750fdc96a..47ab393e73 100644 --- a/bin/tests/system/dlzexternal/driver/driver.c +++ b/bin/tests/system/dlzexternal/driver/driver.c @@ -49,13 +49,6 @@ dlz_dlopen_addrdataset_t dlz_addrdataset; dlz_dlopen_subrdataset_t dlz_subrdataset; dlz_dlopen_delrdataset_t dlz_delrdataset; -#define CHECK(x) \ - do { \ - result = (x); \ - if (result != ISC_R_SUCCESS) \ - goto failure; \ - } while (0) - #define loginfo(...) \ ({ \ if ((state != NULL) && (state->log != NULL)) \ @@ -258,7 +251,6 @@ dlz_create(const char *dlzname, unsigned int argc, char *argv[], void **dbdata, const char *helper_name; va_list ap; char soa_data[sizeof("@ hostmaster.root 123 900 600 86400 3600")]; - isc_result_t result; size_t n; UNUSED(dlzname); @@ -306,7 +298,8 @@ dlz_create(const char *dlzname, unsigned int argc, char *argv[], void **dbdata, } if (n >= sizeof(soa_data)) { - CHECK(ISC_R_NOSPACE); + free(state); + return ISC_R_NOSPACE; } add_name(state, &state->current[0], state->zone_name, "soa", 3600, @@ -320,10 +313,6 @@ dlz_create(const char *dlzname, unsigned int argc, char *argv[], void **dbdata, *dbdata = state; return ISC_R_SUCCESS; - -failure: - free(state); - return result; } /* diff --git a/bin/tests/system/dyndb/driver/util.h b/bin/tests/system/dyndb/driver/util.h index e3ccedfe7e..b870b781f7 100644 --- a/bin/tests/system/dyndb/driver/util.h +++ b/bin/tests/system/dyndb/driver/util.h @@ -38,16 +38,3 @@ #include #include "log.h" - -#define CLEANUP_WITH(result_code) \ - do { \ - result = (result_code); \ - goto cleanup; \ - } while (0) - -#define CHECK(op) \ - do { \ - result = (op); \ - if (result != ISC_R_SUCCESS) \ - goto cleanup; \ - } while (0) diff --git a/bin/tests/system/dyndb/driver/zone.c b/bin/tests/system/dyndb/driver/zone.c index 9a02d4357c..0264216fec 100644 --- a/bin/tests/system/dyndb/driver/zone.c +++ b/bin/tests/system/dyndb/driver/zone.c @@ -130,8 +130,8 @@ publish_zone(sample_instance_t *inst, dns_zone_t *zone) { /* Return success if the zone is already in the view as expected. */ result = dns_view_findzone(inst->view, dns_zone_getorigin(zone), DNS_ZTFIND_EXACT, &zone_in_view); - if (result != ISC_R_SUCCESS && result != ISC_R_NOTFOUND) { - goto cleanup; + if (result != ISC_R_NOTFOUND) { + CHECK(result); } view_in_zone = dns_zone_getview(zone); @@ -139,7 +139,8 @@ publish_zone(sample_instance_t *inst, dns_zone_t *zone) { /* Zone has a view set -> view should contain the same zone. */ if (zone_in_view == zone) { /* Zone is already published in the right view. */ - CLEANUP_WITH(ISC_R_SUCCESS); + result = ISC_R_SUCCESS; + goto cleanup; } else if (view_in_zone != inst->view) { /* * Un-published inactive zone will have @@ -149,7 +150,7 @@ publish_zone(sample_instance_t *inst, dns_zone_t *zone) { dns_zone_log(zone, ISC_LOG_ERROR, "zone->view doesn't " "match data in the view"); - CLEANUP_WITH(ISC_R_UNEXPECTED); + CHECK(ISC_R_UNEXPECTED); } } @@ -157,7 +158,7 @@ publish_zone(sample_instance_t *inst, dns_zone_t *zone) { dns_zone_log(zone, ISC_LOG_ERROR, "cannot publish zone: view already " "contains another zone with this name"); - CLEANUP_WITH(ISC_R_UNEXPECTED); + CHECK(ISC_R_UNEXPECTED); } if (inst->view->frozen) { diff --git a/bin/tests/system/hooks/driver/test-async.c b/bin/tests/system/hooks/driver/test-async.c index 376529e15e..af140e39ba 100644 --- a/bin/tests/system/hooks/driver/test-async.c +++ b/bin/tests/system/hooks/driver/test-async.c @@ -35,14 +35,6 @@ #include #include -#define CHECK(op) \ - do { \ - result = (op); \ - if (result != ISC_R_SUCCESS) { \ - goto cleanup; \ - } \ - } while (0) - /* * Persistent data for use by this module. This will be associated * with client object address in the hash table, and will remain diff --git a/bin/tests/system/hooks/driver/test-syncplugin.c b/bin/tests/system/hooks/driver/test-syncplugin.c index a38379a916..36409bbda9 100644 --- a/bin/tests/system/hooks/driver/test-syncplugin.c +++ b/bin/tests/system/hooks/driver/test-syncplugin.c @@ -28,14 +28,6 @@ typedef struct { char *firstlbl; } syncplugin_t; -#define CHECK(op) \ - do { \ - result = (op); \ - if (result != ISC_R_SUCCESS) { \ - goto cleanup; \ - } \ - } while (0) - static ns_hookresult_t syncplugin__hook(void *arg, void *cbdata, isc_result_t *resp) { query_ctx_t *qctx = (query_ctx_t *)arg; @@ -82,14 +74,11 @@ static cfg_type_t syncplugin__cfgparams = { static isc_result_t syncplugin__parse_rcode(const cfg_obj_t *syncplugincfg, uint8_t *rcode) { - isc_result_t result; + isc_result_t result = ISC_R_SUCCESS; const cfg_obj_t *obj = NULL; const char *rcodestr = NULL; - result = cfg_map_get(syncplugincfg, "rcode", &obj); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(cfg_map_get(syncplugincfg, "rcode", &obj)); rcodestr = obj->value.string.base; diff --git a/bin/tests/system/pipelined/pipequeries.c b/bin/tests/system/pipelined/pipequeries.c index 1e3340e06f..3d6c26211b 100644 --- a/bin/tests/system/pipelined/pipequeries.c +++ b/bin/tests/system/pipelined/pipequeries.c @@ -43,7 +43,7 @@ #include #include -#define CHECK(str, x) \ +#define CHECKM(str, x) \ { \ if ((x) != ISC_R_SUCCESS) { \ fprintf(stderr, "I:%s: %s\n", (str), \ @@ -84,7 +84,7 @@ recvresponse(void *arg) { result = dns_request_getresponse(request, response, DNS_MESSAGEPARSE_PRESERVEORDER); - CHECK("dns_request_getresponse", result); + CHECKM("dns_request_getresponse", result); if (response->rcode != dns_rcode_noerror) { result = dns_result_fromrcode(response->rcode); @@ -101,7 +101,7 @@ recvresponse(void *arg) { result = dns_message_sectiontotext( response, DNS_SECTION_ANSWER, &dns_master_style_simple, DNS_MESSAGETEXTFLAG_NOCOMMENTS, &outbuf); - CHECK("dns_message_sectiontotext", result); + CHECKM("dns_message_sectiontotext", result); printf("%.*s", (int)isc_buffer_usedlength(&outbuf), (char *)isc_buffer_base(&outbuf)); fflush(stdout); @@ -140,7 +140,7 @@ sendquery(void) { isc_buffer_add(&buf, strlen(host)); result = dns_name_fromtext(dns_fixedname_name(&queryname), &buf, dns_rootname, 0); - CHECK("dns_name_fromtext", result); + CHECKM("dns_name_fromtext", result); dns_message_create(isc_g_mctx, NULL, NULL, DNS_MESSAGE_INTENTRENDER, &message); @@ -164,7 +164,7 @@ sendquery(void) { requestmgr, message, have_src ? &srcaddr : NULL, &dstaddr, NULL, NULL, DNS_REQUESTOPT_TCP, NULL, TIMEOUT, TIMEOUT, 0, 0, isc_loop_main(), recvresponse, message, &request); - CHECK("dns_request_create", result); + CHECKM("dns_request_create", result); return ISC_R_SUCCESS; } @@ -258,13 +258,13 @@ main(int argc, char *argv[]) { result = ISC_R_FAILURE; if (inet_pton(AF_INET, "10.53.0.7", &inaddr) != 1) { - CHECK("inet_pton", result); + CHECKM("inet_pton", result); } isc_sockaddr_fromin(&srcaddr, &inaddr, 0); result = ISC_R_FAILURE; if (inet_pton(AF_INET, "10.53.0.4", &inaddr) != 1) { - CHECK("inet_pton", result); + CHECKM("inet_pton", result); } isc_sockaddr_fromin(&dstaddr, &inaddr, port); diff --git a/bin/tests/system/rsabigexponent/bigkey.c b/bin/tests/system/rsabigexponent/bigkey.c index af09f42b77..9e6e57ef0c 100644 --- a/bin/tests/system/rsabigexponent/bigkey.c +++ b/bin/tests/system/rsabigexponent/bigkey.c @@ -57,7 +57,7 @@ RSA *rsa; BIGNUM *e; EVP_PKEY *pkey; -#define CHECK(op, msg) \ +#define CHECKM(op, msg) \ do { \ result = (op); \ if (result != ISC_R_SUCCESS) { \ @@ -116,22 +116,20 @@ main(int argc, char **argv) { name = dns_fixedname_initname(&fname); isc_buffer_constinit(&buf, "example.", strlen("example.")); isc_buffer_add(&buf, strlen("example.")); - CHECK(dns_name_fromtext(name, &buf, dns_rootname, 0, NULL), "dns_name_" - "fromtext(" - "\"example." - "\")"); + CHECKM(dns_name_fromtext(name, &buf, dns_rootname, 0, NULL), + "dns_name_fromtext(\"example.\")"); - CHECK(dst_key_buildinternal(name, DNS_KEYALG_RSASHA256, bits, - DNS_KEYOWNER_ZONE, DNS_KEYPROTO_DNSSEC, - dns_rdataclass_in, pkey, isc_g_mctx, &key), - "dst_key_buildinternal(...)"); + CHECKM(dst_key_buildinternal(name, DNS_KEYALG_RSASHA256, bits, + DNS_KEYOWNER_ZONE, DNS_KEYPROTO_DNSSEC, + dns_rdataclass_in, pkey, isc_g_mctx, &key), + "dst_key_buildinternal(...)"); - CHECK(dst_key_tofile(key, DST_TYPE_PRIVATE | DST_TYPE_PUBLIC, NULL), - "dst_key_tofile()"); + CHECKM(dst_key_tofile(key, DST_TYPE_PRIVATE | DST_TYPE_PUBLIC, NULL), + "dst_key_tofile()"); isc_buffer_init(&buf, filename, sizeof(filename) - 1); isc_buffer_clear(&buf); - CHECK(dst_key_buildfilename(key, 0, NULL, &buf), "dst_key_" - "buildfilename()"); + CHECKM(dst_key_buildfilename(key, 0, NULL, &buf), + "dst_key_buildfilename()"); printf("%s\n", filename); dst_key_free(&key); diff --git a/bin/tools/mdig.c b/bin/tools/mdig.c index 4aa31d9c29..4a25eeecf8 100644 --- a/bin/tools/mdig.c +++ b/bin/tools/mdig.c @@ -53,7 +53,7 @@ #include #include -#define CHECK(str, x) \ +#define CHECKM(str, x) \ { \ if ((x) != ISC_R_SUCCESS) { \ fprintf(stderr, "mdig: %s failed with %s\n", (str), \ @@ -221,7 +221,7 @@ recvresponse(void *arg) { msgbuf = dns_request_getanswer(request); result = dns_request_getresponse(request, response, parseflags); - CHECK("dns_request_getresponse", result); + CHECKM("dns_request_getresponse", result); styleflags |= DNS_STYLEFLAG_REL_OWNER; if (yaml) { @@ -277,7 +277,7 @@ recvresponse(void *arg) { 48, 80, 8, display_splitwidth, isc_g_mctx); } - CHECK("dns_master_stylecreate2", result); + CHECKM("dns_master_stylecreate2", result); flags = 0; if (!display_headers) { @@ -341,7 +341,7 @@ recvresponse(void *arg) { printf(" %s:\n", "response_message_data"); result = dns_message_headertotext(response, style, flags, buf); - CHECK("dns_message_headertotext", result); + CHECKM("dns_message_headertotext", result); } else if (display_comments && !display_short_form) { printf(";; Got answer:\n"); @@ -404,7 +404,7 @@ repopulate_buffer: isc_buffer_allocate(isc_g_mctx, &buf, len); goto repopulate_buffer; } - CHECK("dns_message_pseudosectiontotext", result); + CHECKM("dns_message_pseudosectiontotext", result); } if (display_question && display_headers && !display_short_form) { @@ -413,7 +413,7 @@ repopulate_buffer: if (result == ISC_R_NOSPACE) { goto buftoosmall; } - CHECK("dns_message_sectiontotext", result); + CHECKM("dns_message_sectiontotext", result); } if (display_answer && !display_short_form) { @@ -422,7 +422,7 @@ repopulate_buffer: if (result == ISC_R_NOSPACE) { goto buftoosmall; } - CHECK("dns_message_sectiontotext", result); + CHECKM("dns_message_sectiontotext", result); } else if (display_answer) { dns_name_t empty_name; unsigned int answerstyleflags = 0; @@ -447,8 +447,7 @@ repopulate_buffer: if (result == ISC_R_NOSPACE) { goto buftoosmall; } - - CHECK("dns_rdata_tofmttext", result); + CHECKM("dns_rdata_tofmttext", result); if (strlen("\n") >= isc_buffer_availablelength(buf)) { @@ -466,7 +465,7 @@ repopulate_buffer: if (result == ISC_R_NOSPACE) { goto buftoosmall; } - CHECK("dns_message_sectiontotext", result); + CHECKM("dns_message_sectiontotext", result); } if (display_additional && !display_short_form) { @@ -475,7 +474,7 @@ repopulate_buffer: if (result == ISC_R_NOSPACE) { goto buftoosmall; } - CHECK("dns_message_sectiontotext", result); + CHECKM("dns_message_sectiontotext", result); } if (display_additional && !display_short_form && display_headers) { @@ -487,13 +486,13 @@ repopulate_buffer: if (result == ISC_R_NOSPACE) { goto buftoosmall; } - CHECK("dns_message_pseudosectiontotext", result); + CHECKM("dns_message_pseudosectiontotext", result); result = dns_message_pseudosectiontotext( response, DNS_PSEUDOSECTION_SIG0, style, flags, buf); if (result == ISC_R_NOSPACE) { goto buftoosmall; } - CHECK("dns_message_pseudosectiontotext", result); + CHECKM("dns_message_pseudosectiontotext", result); } if (display_headers && display_comments && !display_short_form && !yaml) @@ -549,7 +548,7 @@ sendquery(struct query *query) { isc_buffer_add(&buf, strlen(query->textname)); result = dns_name_fromtext(dns_fixedname_name(&queryname), &buf, dns_rootname, 0); - CHECK("dns_name_fromtext", result); + CHECKM("dns_name_fromtext", result); dns_message_create(isc_g_mctx, NULL, NULL, DNS_MESSAGE_INTENTRENDER, &message); @@ -608,7 +607,7 @@ sendquery(struct query *query) { if (query->nsid) { dns_ednsopt_t option = { .code = DNS_OPT_NSID }; result = dns_message_ednsaddopt(message, &option); - CHECK("dns_message_ednsaddopt", result); + CHECKM("dns_message_ednsaddopt", result); } if (query->ecs_addr != NULL) { @@ -663,7 +662,7 @@ sendquery(struct query *query) { .length = (uint16_t)addrl + 4 }; result = dns_message_ednsaddopt(message, &option); - CHECK("dns_message_ednsaddopt", result); + CHECKM("dns_message_ednsaddopt", result); } if (query->send_cookie) { @@ -674,7 +673,7 @@ sendquery(struct query *query) { isc_buffer_init(&b, cookie, sizeof(cookie)); result = isc_hex_decodestring(query->cookie, &b); - CHECK("isc_hex_decodestring", result); + CHECKM("isc_hex_decodestring", result); option.value = isc_buffer_base(&b); option.length = isc_buffer_usedlength(&b); } else { @@ -684,25 +683,25 @@ sendquery(struct query *query) { } result = dns_message_ednsaddopt(message, &option); - CHECK("dns_message_ednsaddopt", result); + CHECKM("dns_message_ednsaddopt", result); } if (query->expire) { dns_ednsopt_t option = { .code = DNS_OPT_EXPIRE }; result = dns_message_ednsaddopt(message, &option); - CHECK("dns_message_ednsaddopt", result); + CHECKM("dns_message_ednsaddopt", result); } if (query->ednsoptscnt != 0) { for (size_t i = 0; i < query->ednsoptscnt; i++) { result = dns_message_ednsaddopt( message, &query->ednsopts[i]); - CHECK("dns_message_ednsaddopt", result); + CHECKM("dns_message_ednsaddopt", result); } } result = dns_message_setopt(message); - CHECK("dns_message_setopt", result); + CHECKM("dns_message_setopt", result); } if (tcp_mode) { @@ -714,7 +713,7 @@ sendquery(struct query *query) { NULL, options, NULL, query->timeout, query->timeout, query->udptimeout, query->udpretries, isc_loop_main(), recvresponse, message, &request); - CHECK("dns_request_create", result); + CHECKM("dns_request_create", result); return ISC_R_SUCCESS; } @@ -928,7 +927,7 @@ save_opt(struct query *query, char *code, char *value) { buf = isc_mem_allocate(isc_g_mctx, strlen(value) / 2 + 1); isc_buffer_init(&b, buf, strlen(value) / 2 + 1); result = isc_hex_decodestring(value, &b); - CHECK("isc_hex_decodestring", result); + CHECKM("isc_hex_decodestring", result); query->ednsopts[query->ednsoptscnt].value = isc_buffer_base(&b); query->ednsopts[query->ednsoptscnt].length = isc_buffer_usedlength(&b); @@ -1025,9 +1024,9 @@ reverse_octets(const char *in, char **p, char *end) { if (dot != NULL) { isc_result_t result; result = reverse_octets(dot + 1, p, end); - CHECK("reverse_octets", result); + CHECKM("reverse_octets", result); result = append(".", 1, p, end); - CHECK("append", result); + CHECKM("append", result); len = (int)(dot - in); } else { len = strlen(in); @@ -1050,7 +1049,7 @@ get_reverse(char *reverse, size_t len, const char *value) { name = dns_fixedname_initname(&fname); result = dns_byaddr_createptrname(&addr, name); - CHECK("dns_byaddr_createptrname", result); + CHECKM("dns_byaddr_createptrname", result); dns_name_format(name, reverse, (unsigned int)len); return; } else { @@ -1064,10 +1063,10 @@ get_reverse(char *reverse, size_t len, const char *value) { char *p = reverse; char *end = reverse + len; result = reverse_octets(value, &p, end); - CHECK("reverse_octets", result); + CHECKM("reverse_octets", result); /* Append .in-addr.arpa. and a terminating NUL. */ result = append(".in-addr.arpa.", 15, &p, end); - CHECK("append", result); + CHECKM("append", result); return; } } @@ -1184,7 +1183,7 @@ plus_option(char *option, struct query *query, bool global) { } result = parse_uint(&num, value, COMMSIZE, "buffer size"); - CHECK("parse_uint(buffer size)", result); + CHECKM("parse_uint(buffer size)", result); query->udpsize = num; break; case 'r': /* burst */ @@ -1294,8 +1293,8 @@ plus_option(char *option, struct query *query, bool global) { result = parse_uint(&num, value, 255, "edns"); - CHECK("parse_uint(edns)", - result); + CHECKM("parse_uint(edns)", + result); query->edns = num; break; case 'f': @@ -1311,8 +1310,8 @@ plus_option(char *option, struct query *query, bool global) { result = parse_xint( &num, value, 0xffff, "ednsflags"); - CHECK("parse_xint(ednsflags)", - result); + CHECKM("parse_xint(ednsflags)", + result); if (query->edns == -1) { query->edns = 1; } @@ -1394,7 +1393,7 @@ plus_option(char *option, struct query *query, bool global) { } result = parse_uint(&query->udpretries, value, MAXTRIES - 1, "udpretries"); - CHECK("parse_uint(udpretries)", result); + CHECKM("parse_uint(udpretries)", result); break; default: goto invalid_option; @@ -1458,7 +1457,7 @@ plus_option(char *option, struct query *query, bool global) { if (display_splitwidth) { display_splitwidth += 3; } - CHECK("parse_uint(split)", result); + CHECKM("parse_uint(split)", result); break; case 'u': /* subnet */ FULLCHECK("subnet"); @@ -1476,7 +1475,7 @@ plus_option(char *option, struct query *query, bool global) { query->edns = 0; } result = parse_netprefix(&query->ecs_addr, value); - CHECK("parse_netprefix", result); + CHECKM("parse_netprefix", result); break; default: goto invalid_option; @@ -1499,7 +1498,7 @@ plus_option(char *option, struct query *query, bool global) { } result = parse_uint(&query->timeout, value, MAXTIMEOUT, "timeout"); - CHECK("parse_uint(timeout)", result); + CHECKM("parse_uint(timeout)", result); if (query->timeout == 0) { query->timeout = 1; } @@ -1514,7 +1513,7 @@ plus_option(char *option, struct query *query, bool global) { } result = parse_uint(&query->udpretries, value, MAXTRIES, "udpretries"); - CHECK("parse_uint(udpretries)", result); + CHECKM("parse_uint(udpretries)", result); if (query->udpretries > 0) { query->udpretries -= 1; } @@ -1559,7 +1558,7 @@ plus_option(char *option, struct query *query, bool global) { } result = parse_uint(&query->udptimeout, value, MAXTIMEOUT, "udptimeout"); - CHECK("parse_uint(udptimeout)", result); + CHECKM("parse_uint(udptimeout)", result); break; case 'n': FULLCHECK("unknownformat"); @@ -1689,7 +1688,7 @@ dash_option(const char *option, char *next, struct query *query, bool global, if (hash != NULL) { result = parse_uint(&num, hash + 1, MAXPORT, "port number"); - CHECK("parse_uint(srcport)", result); + CHECKM("parse_uint(srcport)", result); srcport = num; *hash = '\0'; } else { @@ -1717,7 +1716,7 @@ dash_option(const char *option, char *next, struct query *query, bool global, tr.length = strlen(value); result = dns_rdataclass_fromtext(&rdclass, (isc_textregion_t *)&tr); - CHECK("dns_rdataclass_fromtext", result); + CHECKM("dns_rdataclass_fromtext", result); query->rdclass = rdclass; return value_from_next; case 'f': @@ -1726,7 +1725,7 @@ dash_option(const char *option, char *next, struct query *query, bool global, case 'p': GLOBAL(); result = parse_uint(&num, value, MAXPORT, "port number"); - CHECK("parse_uint(port)", result); + CHECKM("parse_uint(port)", result); port = num; return value_from_next; case 't': @@ -1734,7 +1733,7 @@ dash_option(const char *option, char *next, struct query *query, bool global, tr.length = strlen(value); result = dns_rdatatype_fromtext(&rdtype, (isc_textregion_t *)&tr); - CHECK("dns_rdatatype_fromtext", result); + CHECKM("dns_rdatatype_fromtext", result); query->rdtype = rdtype; return value_from_next; case 'x': diff --git a/fuzz/dns_qpkey_name.c b/fuzz/dns_qpkey_name.c index c66eba8ea8..ca7bb5ae2a 100644 --- a/fuzz/dns_qpkey_name.c +++ b/fuzz/dns_qpkey_name.c @@ -44,6 +44,7 @@ LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) { isc_buffer_t buf; dns_qpkey_t key, cmp; dns_namespace_t space; + isc_result_t result; namein = dns_fixedname_initname(&fixedin); nameout = dns_fixedname_initname(&fixedout); @@ -77,5 +78,6 @@ LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) { assert((namerel > 0) == (keyrel > 0)); assert(space == DNS_DBNAMESPACE_NORMAL); +cleanup: return 0; } diff --git a/fuzz/dns_rdata_fromwire_text.c b/fuzz/dns_rdata_fromwire_text.c index cea16f5595..0e0f244766 100644 --- a/fuzz/dns_rdata_fromwire_text.c +++ b/fuzz/dns_rdata_fromwire_text.c @@ -210,5 +210,6 @@ LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) { assert(target.used == size); assert(!memcmp(target.base, data, size)); +cleanup: return 0; } diff --git a/fuzz/fuzz.h b/fuzz/fuzz.h index 7f8a2f1feb..95532e3855 100644 --- a/fuzz/fuzz.h +++ b/fuzz/fuzz.h @@ -32,8 +32,3 @@ LLVMFuzzerInitialize(int *argc ISC_ATTR_UNUSED, char ***argv ISC_ATTR_UNUSED); int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size); - -#define CHECK(x) \ - if ((x) != ISC_R_SUCCESS) { \ - return (0); \ - } diff --git a/fuzz/isc_lex_getmastertoken.c b/fuzz/isc_lex_getmastertoken.c index 2a65705054..1fa5803d66 100644 --- a/fuzz/isc_lex_getmastertoken.c +++ b/fuzz/isc_lex_getmastertoken.c @@ -71,5 +71,6 @@ LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) { result = isc_lex_getmastertoken(lex, &token, expect, eol); } while (result == ISC_R_SUCCESS && token.type != isc_tokentype_eof); +cleanup: return 0; } diff --git a/fuzz/isc_lex_gettoken.c b/fuzz/isc_lex_gettoken.c index 3acbe2ddba..a574368df2 100644 --- a/fuzz/isc_lex_gettoken.c +++ b/fuzz/isc_lex_gettoken.c @@ -50,5 +50,6 @@ LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) { result = isc_lex_gettoken(lex, 0, &token); } while (result == ISC_R_SUCCESS); +cleanup: return 0; } diff --git a/lib/dns/client.c b/lib/dns/client.c index c4f32e7595..bca416c480 100644 --- a/lib/dns/client.c +++ b/lib/dns/client.c @@ -59,13 +59,6 @@ #define UCTX_MAGIC ISC_MAGIC('U', 'c', 't', 'x') #define UCTX_VALID(c) ISC_MAGIC_VALID(c, UCTX_MAGIC) -#define CHECK(r) \ - do { \ - result = (r); \ - if (result != ISC_R_SUCCESS) \ - goto cleanup; \ - } while (0) - /*% * DNS client object */ diff --git a/lib/dns/diff.c b/lib/dns/diff.c index 82452968ad..d873c4365b 100644 --- a/lib/dns/diff.c +++ b/lib/dns/diff.c @@ -36,13 +36,6 @@ #include #include -#define CHECK(op) \ - do { \ - result = (op); \ - if (result != ISC_R_SUCCESS) \ - goto failure; \ - } while (0) - static dns_rdatatype_t rdata_covers(dns_rdata_t *rdata) { return rdata->type == dns_rdatatype_rrsig ? dns_rdata_covers(rdata) : 0; @@ -494,7 +487,7 @@ diff_apply(const dns_diff_t *diff, dns_db_t *db, dns_dbversion_t *ver, } return ISC_R_SUCCESS; -failure: +cleanup: if (node != NULL) { dns_db_detachnode(&node); } @@ -584,7 +577,7 @@ dns_diff_load(const dns_diff_t *diff, dns_rdatacallbacks_t *callbacks) { } result = ISC_R_SUCCESS; -failure: +cleanup: if (callbacks->commit != NULL) { callbacks->commit(callbacks->add_private); } diff --git a/lib/dns/dnssec.c b/lib/dns/dnssec.c index 1432a10f92..703366511d 100644 --- a/lib/dns/dnssec.c +++ b/lib/dns/dnssec.c @@ -43,13 +43,6 @@ isc_stats_t *dns_dnssec_stats; #define is_response(msg) ((msg->flags & DNS_MESSAGEFLAG_QR) != 0) -#define RETERR(x) \ - do { \ - result = (x); \ - if (result != ISC_R_SUCCESS) \ - goto failure; \ - } while (0) - #define TYPE_SIGN 0 #define TYPE_VERIFY 1 @@ -782,25 +775,25 @@ dns_dnssec_signmessage(dns_message_t *msg, dst_key_t *key) { isc_buffer_init(&databuf, data, sizeof(data)); - RETERR(dst_context_create(key, mctx, DNS_LOGCATEGORY_DNSSEC, true, - &ctx)); + CHECK(dst_context_create(key, mctx, DNS_LOGCATEGORY_DNSSEC, true, + &ctx)); /* * Digest the fields of the SIG - we can cheat and use * dns_rdata_fromstruct. Since siglen is 0, the digested data * is identical to dns format. */ - RETERR(dns_rdata_fromstruct(NULL, dns_rdataclass_any, - dns_rdatatype_sig /* SIG(0) */, &sig, - &databuf)); + CHECK(dns_rdata_fromstruct(NULL, dns_rdataclass_any, + dns_rdatatype_sig /* SIG(0) */, &sig, + &databuf)); isc_buffer_usedregion(&databuf, &r); - RETERR(dst_context_adddata(ctx, &r)); + CHECK(dst_context_adddata(ctx, &r)); /* * If this is a response, digest the query. */ if (is_response(msg)) { - RETERR(dst_context_adddata(ctx, &msg->query)); + CHECK(dst_context_adddata(ctx, &msg->query)); } /* @@ -809,29 +802,29 @@ dns_dnssec_signmessage(dns_message_t *msg, dst_key_t *key) { isc_buffer_init(&headerbuf, header, sizeof(header)); dns_message_renderheader(msg, &headerbuf); isc_buffer_usedregion(&headerbuf, &r); - RETERR(dst_context_adddata(ctx, &r)); + CHECK(dst_context_adddata(ctx, &r)); /* * Digest the remainder of the message. */ isc_buffer_usedregion(msg->buffer, &r); isc_region_consume(&r, DNS_MESSAGE_HEADERLEN); - RETERR(dst_context_adddata(ctx, &r)); + CHECK(dst_context_adddata(ctx, &r)); - RETERR(dst_key_sigsize(key, &sigsize)); + CHECK(dst_key_sigsize(key, &sigsize)); sig.siglen = sigsize; sig.signature = isc_mem_get(mctx, sig.siglen); isc_buffer_init(&sigbuf, sig.signature, sig.siglen); - RETERR(dst_context_sign(ctx, &sigbuf)); + CHECK(dst_context_sign(ctx, &sigbuf)); dst_context_destroy(&ctx); rdata = NULL; dns_message_gettemprdata(msg, &rdata); isc_buffer_allocate(msg->mctx, &dynbuf, 1024); - RETERR(dns_rdata_fromstruct(rdata, dns_rdataclass_any, - dns_rdatatype_sig /* SIG(0) */, &sig, - dynbuf)); + CHECK(dns_rdata_fromstruct(rdata, dns_rdataclass_any, + dns_rdatatype_sig /* SIG(0) */, &sig, + dynbuf)); isc_mem_put(mctx, sig.signature, sig.siglen); @@ -849,7 +842,7 @@ dns_dnssec_signmessage(dns_message_t *msg, dst_key_t *key) { return ISC_R_SUCCESS; -failure: +cleanup: if (dynbuf != NULL) { isc_buffer_free(&dynbuf); } @@ -895,21 +888,19 @@ dns_dnssec_verifymessage(isc_buffer_t *source, dns_message_t *msg, isc_buffer_usedregion(source, &source_r); - RETERR(dns_rdataset_first(msg->sig0)); + CHECK(dns_rdataset_first(msg->sig0)); dns_rdataset_current(msg->sig0, &rdata); - RETERR(dns_rdata_tostruct(&rdata, &sig, NULL)); + CHECK(dns_rdata_tostruct(&rdata, &sig, NULL)); signeedsfree = true; if (sig.labels != 0) { - result = DNS_R_SIGINVALID; - goto failure; + CHECK(DNS_R_SIGINVALID); } if (isc_serial_lt(sig.timeexpire, sig.timesigned)) { - result = DNS_R_SIGINVALID; msg->sig0status = dns_tsigerror_badtime; - goto failure; + CHECK(DNS_R_SIGINVALID); } if (msg->fuzzing) { @@ -919,36 +910,33 @@ dns_dnssec_verifymessage(isc_buffer_t *source, dns_message_t *msg, } if (isc_serial_lt((uint32_t)now, sig.timesigned)) { - result = DNS_R_SIGFUTURE; msg->sig0status = dns_tsigerror_badtime; - goto failure; + CHECK(DNS_R_SIGFUTURE); } else if (isc_serial_lt(sig.timeexpire, (uint32_t)now)) { - result = DNS_R_SIGEXPIRED; msg->sig0status = dns_tsigerror_badtime; - goto failure; + CHECK(DNS_R_SIGEXPIRED); } if (!dns_name_equal(dst_key_name(key), &sig.signer)) { - result = DNS_R_SIGINVALID; msg->sig0status = dns_tsigerror_badkey; - goto failure; + CHECK(DNS_R_SIGINVALID); } - RETERR(dst_context_create(key, mctx, DNS_LOGCATEGORY_DNSSEC, false, - &ctx)); + CHECK(dst_context_create(key, mctx, DNS_LOGCATEGORY_DNSSEC, false, + &ctx)); /* * Digest the SIG(0) record, except for the signature. */ dns_rdata_toregion(&rdata, &r); r.length -= sig.siglen; - RETERR(dst_context_adddata(ctx, &r)); + CHECK(dst_context_adddata(ctx, &r)); /* * If this is a response, digest the query. */ if (is_response(msg)) { - RETERR(dst_context_adddata(ctx, &msg->query)); + CHECK(dst_context_adddata(ctx, &msg->query)); } /* @@ -969,21 +957,21 @@ dns_dnssec_verifymessage(isc_buffer_t *source, dns_message_t *msg, */ header_r.base = (unsigned char *)header; header_r.length = DNS_MESSAGE_HEADERLEN; - RETERR(dst_context_adddata(ctx, &header_r)); + CHECK(dst_context_adddata(ctx, &header_r)); /* * Digest all non-SIG(0) records. */ r.base = source_r.base + DNS_MESSAGE_HEADERLEN; r.length = msg->sigstart - DNS_MESSAGE_HEADERLEN; - RETERR(dst_context_adddata(ctx, &r)); + CHECK(dst_context_adddata(ctx, &r)); sig_r.base = sig.signature; sig_r.length = sig.siglen; result = dst_context_verify(ctx, &sig_r); if (result != ISC_R_SUCCESS) { msg->sig0status = dns_tsigerror_badsig; - goto failure; + goto cleanup; } msg->verified_sig = 1; @@ -994,7 +982,7 @@ dns_dnssec_verifymessage(isc_buffer_t *source, dns_message_t *msg, return ISC_R_SUCCESS; -failure: +cleanup: if (signeedsfree) { dns_rdata_freestruct(&sig); } @@ -1236,7 +1224,7 @@ findmatchingkeys(const char *directory, bool rrtypekey, char *namebuf, directory = "."; } - RETERR(isc_dir_open(&dir, directory)); + CHECK(isc_dir_open(&dir, directory)); dir_open = true; while (isc_dir_read(&dir) == ISC_R_SUCCESS) { @@ -1315,7 +1303,7 @@ findmatchingkeys(const char *directory, bool rrtypekey, char *namebuf, } result = match ? ISC_R_SUCCESS : ISC_R_NOTFOUND; -failure: +cleanup: if (dir_open) { isc_dir_close(&dir); } @@ -1344,15 +1332,15 @@ dns_dnssec_findmatchingkeys(const dns_name_t *origin, dns_kasp_t *kasp, ISC_LIST_INIT(list); isc_buffer_init(&b, namebuf, sizeof(namebuf) - 1); - RETERR(dns_name_tofilenametext(origin, false, &b)); + CHECK(dns_name_tofilenametext(origin, false, &b)); len = isc_buffer_usedlength(&b); namebuf[len] = '\0'; if (kasp == NULL || (strcmp(dns_kasp_getname(kasp), "none") == 0) || (strcmp(dns_kasp_getname(kasp), "insecure") == 0)) { - RETERR(findmatchingkeys(keydir, rrtypekey, namebuf, len, mctx, - now, &list)); + CHECK(findmatchingkeys(keydir, rrtypekey, namebuf, len, mctx, + now, &list)); } else if (keystores != NULL) { ISC_LIST_FOREACH(*keystores, keystore, link) { ISC_LIST_FOREACH(dns_kasp_keys(kasp), kkey, link) { @@ -1360,7 +1348,7 @@ dns_dnssec_findmatchingkeys(const dns_name_t *origin, dns_kasp_t *kasp, const char *directory = dns_keystore_directory(keystore, keydir); - RETERR(findmatchingkeys( + CHECK(findmatchingkeys( directory, rrtypekey, namebuf, len, mctx, now, &list)); break; @@ -1376,7 +1364,7 @@ dns_dnssec_findmatchingkeys(const dns_name_t *origin, dns_kasp_t *kasp, result = ISC_R_NOTFOUND; } -failure: +cleanup: ISC_LIST_FOREACH(list, key, link) { ISC_LIST_UNLINK(list, key, link); INSIST(key->key != NULL); @@ -1556,7 +1544,7 @@ dns_dnssec_keylistfromrdataset(const dns_name_t *origin, dns_kasp_t *kasp, goto skip; } - RETERR(dns_dnssec_keyfromrdata(origin, &rdata, mctx, &dnskey)); + CHECK(dns_dnssec_keyfromrdata(origin, &rdata, mctx, &dnskey)); dst_key_setttl(dnskey, keys.ttl); if (!is_zone_key(dnskey)) { @@ -1580,7 +1568,7 @@ dns_dnssec_keylistfromrdataset(const dns_name_t *origin, dns_kasp_t *kasp, if (result == ISC_R_FILENOTFOUND || result == ISC_R_NOPERM) { result = ISC_R_SUCCESS; } - RETERR(result); + CHECK(result); if (kasp != NULL && dns_kasp_offlineksk(kasp) && (dst_key_flags(dnskey) & DNS_KEYFLAG_KSK) != 0) @@ -1663,7 +1651,7 @@ dns_dnssec_keylistfromrdataset(const dns_name_t *origin, dns_kasp_t *kasp, } goto skip; } - RETERR(result); + CHECK(result); /* * Whatever the key's default TTL may have @@ -1685,16 +1673,16 @@ dns_dnssec_keylistfromrdataset(const dns_name_t *origin, dns_kasp_t *kasp, } if (keysigs != NULL && dns_rdataset_isassociated(keysigs)) { - RETERR(mark_active_keys(keylist, keysigs)); + CHECK(mark_active_keys(keylist, keysigs)); } if (soasigs != NULL && dns_rdataset_isassociated(soasigs)) { - RETERR(mark_active_keys(keylist, soasigs)); + CHECK(mark_active_keys(keylist, soasigs)); } result = ISC_R_SUCCESS; -failure: +cleanup: if (dns_rdataset_isassociated(&keys)) { dns_rdataset_disassociate(&keys); } @@ -1758,7 +1746,7 @@ publish_key(dns_diff_t *diff, dns_dnsseckey_t *key, const dns_name_t *origin, dns_rdata_t dnskey = DNS_RDATA_INIT; dns_rdata_reset(&dnskey); - RETERR(dns_dnssec_make_dnskey(key->key, buf, sizeof(buf), &dnskey)); + CHECK(dns_dnssec_make_dnskey(key->key, buf, sizeof(buf), &dnskey)); dst_key_format(key->key, keystr, sizeof(keystr)); report("Fetching %s (%s) from key %s.", keystr, @@ -1779,7 +1767,7 @@ publish_key(dns_diff_t *diff, dns_dnsseckey_t *key, const dns_name_t *origin, /* publish key */ addrdata(&dnskey, diff, origin, ttl, mctx); -failure: +cleanup: return result; } @@ -1798,10 +1786,10 @@ remove_key(dns_diff_t *diff, dns_dnsseckey_t *key, const dns_name_t *origin, report("Removing %s key %s/%d/%s from DNSKEY RRset.", reason, namebuf, dst_key_id(key->key), alg); - RETERR(dns_dnssec_make_dnskey(key->key, buf, sizeof(buf), &dnskey)); + CHECK(dns_dnssec_make_dnskey(key->key, buf, sizeof(buf), &dnskey)); delrdata(&dnskey, diff, origin, ttl, mctx); -failure: +cleanup: return result; } @@ -1915,8 +1903,8 @@ dns_dnssec_syncupdate(dns_dnsseckeylist_t *keys, dns_dnsseckeylist_t *rmkeys, dns_rdata_t cdnskeyrdata = DNS_RDATA_INIT; dns_name_t *origin = dst_key_name(key->key); - RETERR(dns_dnssec_make_dnskey(key->key, keybuf, sizeof(keybuf), - &cdnskeyrdata)); + CHECK(dns_dnssec_make_dnskey(key->key, keybuf, sizeof(keybuf), + &cdnskeyrdata)); cdnskeyrdata.type = dns_rdatatype_cdnskey; if (syncpublish(key->key, now)) { @@ -1924,10 +1912,9 @@ dns_dnssec_syncupdate(dns_dnsseckeylist_t *keys, dns_dnsseckeylist_t *rmkeys, dst_key_format(key->key, keystr, sizeof(keystr)); ISC_LIST_FOREACH(*digests, alg, link) { - RETERR(add_cds(key, &cdnskeyrdata, - (const char *)keystr, cds, - alg->digest, cdsttl, diff, - mctx)); + CHECK(add_cds(key, &cdnskeyrdata, + (const char *)keystr, cds, + alg->digest, cdsttl, diff, mctx)); } if (gencdnskey && @@ -1992,8 +1979,8 @@ dns_dnssec_syncupdate(dns_dnsseckeylist_t *keys, dns_dnsseckeylist_t *rmkeys, char keystr[DST_KEY_FORMATSIZE]; dst_key_format(key->key, keystr, sizeof(keystr)); - RETERR(dns_dnssec_make_dnskey(key->key, keybuf, sizeof(keybuf), - &cdnskeyrdata)); + CHECK(dns_dnssec_make_dnskey(key->key, keybuf, sizeof(keybuf), + &cdnskeyrdata)); if (dns_rdataset_isassociated(cds)) { delete_cds(key, &cdnskeyrdata, (const char *)keystr, @@ -2019,7 +2006,7 @@ dns_dnssec_syncupdate(dns_dnsseckeylist_t *keys, dns_dnsseckeylist_t *rmkeys, result = ISC_R_SUCCESS; -failure: +cleanup: return result; } @@ -2125,8 +2112,8 @@ dns_dnssec_updatekeys(dns_dnsseckeylist_t *keys, dns_dnsseckeylist_t *newkeys, if (key->source == dns_keysource_user && (key->hint_publish || key->force_publish)) { - RETERR(publish_key(diff, key, origin, ttl, mctx, - report)); + CHECK(publish_key(diff, key, origin, ttl, mctx, + report)); } if (key->source == dns_keysource_zoneapex) { ttl = dst_key_getttl(key->key); @@ -2195,8 +2182,8 @@ dns_dnssec_updatekeys(dns_dnsseckeylist_t *keys, dns_dnsseckeylist_t *newkeys, if (key1->source != dns_keysource_zoneapex && (key1->hint_publish || key1->force_publish)) { - RETERR(publish_key(diff, key1, origin, ttl, - mctx, report)); + CHECK(publish_key(diff, key1, origin, ttl, mctx, + report)); isc_log_write( DNS_LOGCATEGORY_DNSSEC, DNS_LOGMODULE_DNSSEC, ISC_LOG_INFO, @@ -2230,8 +2217,8 @@ dns_dnssec_updatekeys(dns_dnsseckeylist_t *keys, dns_dnsseckeylist_t *newkeys, /* Match found: remove or update it as needed */ if (key1->hint_remove) { - RETERR(remove_key(diff, key2, origin, ttl, mctx, - "expired", report)); + CHECK(remove_key(diff, key2, origin, ttl, mctx, + "expired", report)); ISC_LIST_UNLINK(*keys, key2, link); if (removed != NULL) { @@ -2254,8 +2241,8 @@ dns_dnssec_updatekeys(dns_dnsseckeylist_t *keys, dns_dnsseckeylist_t *newkeys, * We need to remove the old version and pull * in the new one. */ - RETERR(remove_key(diff, key2, origin, ttl, mctx, - "revoked", report)); + CHECK(remove_key(diff, key2, origin, ttl, mctx, + "revoked", report)); ISC_LIST_UNLINK(*keys, key2, link); if (removed != NULL) { ISC_LIST_APPEND(*removed, key2, link); @@ -2272,8 +2259,8 @@ dns_dnssec_updatekeys(dns_dnsseckeylist_t *keys, dns_dnsseckeylist_t *newkeys, dns_dnsseckey_destroy(mctx, &key2); } - RETERR(publish_key(diff, key1, origin, ttl, mctx, - report)); + CHECK(publish_key(diff, key1, origin, ttl, mctx, + report)); ISC_LIST_UNLINK(*newkeys, key1, link); ISC_LIST_APPEND(*keys, key1, link); @@ -2323,7 +2310,7 @@ dns_dnssec_updatekeys(dns_dnsseckeylist_t *keys, dns_dnsseckeylist_t *newkeys, result = ISC_R_SUCCESS; -failure: +cleanup: return result; } diff --git a/lib/dns/dnstap.c b/lib/dns/dnstap.c index 40750b5936..ab9b994b6d 100644 --- a/lib/dns/dnstap.c +++ b/lib/dns/dnstap.c @@ -120,13 +120,6 @@ struct dns_dtenv { isc_stats_t *stats; }; -#define CHECK(x) \ - do { \ - result = (x); \ - if (result != ISC_R_SUCCESS) \ - goto cleanup; \ - } while (0) - typedef struct ioq { unsigned int generation; struct fstrm_iothr_queue *ioq; diff --git a/lib/dns/dst_api.c b/lib/dns/dst_api.c index 2d6f739c03..3f9743e3b2 100644 --- a/lib/dns/dst_api.c +++ b/lib/dns/dst_api.c @@ -68,36 +68,27 @@ #define DST_AS_STR(t) ((t).value.as_textregion.base) -#define NEXTTOKEN(lex, opt, token) \ - { \ - ret = isc_lex_gettoken(lex, opt, token); \ - if (ret != ISC_R_SUCCESS) \ - goto cleanup; \ - } +#define NEXTTOKEN(lex, opt, token) CHECK(isc_lex_gettoken(lex, opt, token)) -#define NEXTTOKEN_OR_EOF(lex, opt, token) \ - do { \ - ret = isc_lex_gettoken(lex, opt, token); \ - if (ret == ISC_R_EOF) \ - break; \ - if (ret != ISC_R_SUCCESS) \ - goto cleanup; \ +#define NEXTTOKEN_OR_EOF(lex, opt, token) \ + do { \ + result = isc_lex_gettoken(lex, opt, token); \ + if (result == ISC_R_EOF) { \ + break; \ + } \ + CHECK(result); \ } while ((*token).type == isc_tokentype_eol); -#define READLINE(lex, opt, token) \ - do { \ - ret = isc_lex_gettoken(lex, opt, token); \ - if (ret == ISC_R_EOF) \ - break; \ - if (ret != ISC_R_SUCCESS) \ - goto cleanup; \ +#define READLINE(lex, opt, token) \ + do { \ + result = isc_lex_gettoken(lex, opt, token); \ + if (result == ISC_R_EOF) { \ + break; \ + } \ + CHECK(result); \ } while ((*token).type != isc_tokentype_eol) -#define BADTOKEN() \ - { \ - ret = ISC_R_UNEXPECTEDTOKEN; \ - goto cleanup; \ - } +#define BADTOKEN() CHECK(ISC_R_UNEXPECTEDTOKEN) static const char *numerictags[DST_MAX_NUMERIC] = { [DST_NUM_PREDECESSOR] = "Predecessor:", @@ -193,13 +184,6 @@ static isc_result_t addsuffix(char *filename, int len, const char *dirname, const char *ofilename, const char *suffix); -#define RETERR(x) \ - do { \ - result = (x); \ - if (result != ISC_R_SUCCESS) \ - goto out; \ - } while (0) - #define CHECKALG(alg) \ do { \ isc_result_t _r; \ @@ -383,8 +367,6 @@ dst_context_verify(dst_context_t *dctx, isc_region_t *sig) { isc_result_t dst_key_tofile(const dst_key_t *key, int type, const char *directory) { - isc_result_t ret = ISC_R_SUCCESS; - REQUIRE(VALID_KEY(key)); REQUIRE((type & (DST_TYPE_PRIVATE | DST_TYPE_PUBLIC | DST_TYPE_STATE)) != 0); @@ -396,17 +378,11 @@ dst_key_tofile(const dst_key_t *key, int type, const char *directory) { } if ((type & DST_TYPE_PUBLIC) != 0) { - ret = write_public_key(key, type, directory); - if (ret != ISC_R_SUCCESS) { - return ret; - } + RETERR(write_public_key(key, type, directory)); } if ((type & DST_TYPE_STATE) != 0) { - ret = write_key_state(key, type, directory); - if (ret != ISC_R_SUCCESS) { - return ret; - } + RETERR(write_key_state(key, type, directory)); } if (((type & DST_TYPE_PRIVATE) != 0) && @@ -497,32 +473,20 @@ dst_key_fromfile(dns_name_t *name, dns_keytag_t id, unsigned int alg, int type, key = NULL; isc_buffer_init(&buf, filename, NAME_MAX); - result = dst_key_getfilename(name, id, alg, type, NULL, mctx, &buf); - if (result != ISC_R_SUCCESS) { - goto out; - } - - result = dst_key_fromnamedfile(filename, directory, type, mctx, &key); - if (result != ISC_R_SUCCESS) { - goto out; - } - - result = computeid(key); - if (result != ISC_R_SUCCESS) { - goto out; - } + CHECK(dst_key_getfilename(name, id, alg, type, NULL, mctx, &buf)); + CHECK(dst_key_fromnamedfile(filename, directory, type, mctx, &key)); + CHECK(computeid(key)); if (!dns_name_equal(name, key->key_name) || id != key->key_id || alg != key->key_alg) { - result = DST_R_INVALIDPRIVATEKEY; - goto out; + CHECK(DST_R_INVALIDPRIVATEKEY); } *keyp = key; result = ISC_R_SUCCESS; -out: +cleanup: if ((key != NULL) && (result != ISC_R_SUCCESS)) { dst_key_free(&key); } @@ -558,7 +522,7 @@ dst_key_fromnamedfile(const char *filename, const char *dirname, int type, ".key"); INSIST(result == ISC_R_SUCCESS); - RETERR(dst_key_read_public(newfilename, type, mctx, &pubkey)); + CHECK(dst_key_read_public(newfilename, type, mctx, &pubkey)); isc_mem_put(mctx, newfilename, newfilenamelen); /* @@ -584,20 +548,20 @@ dst_key_fromnamedfile(const char *filename, const char *dirname, int type, /* Having no state is valid. */ result = ISC_R_SUCCESS; } - RETERR(result); + CHECK(result); } if ((type & (DST_TYPE_PRIVATE | DST_TYPE_PUBLIC)) == DST_TYPE_PUBLIC || (pubkey->key_flags & DNS_KEYFLAG_TYPEMASK) == DNS_KEYTYPE_NOKEY) { - RETERR(computeid(pubkey)); + CHECK(computeid(pubkey)); pubkey->modified = false; *keyp = pubkey; pubkey = NULL; - goto out; + goto cleanup; } - RETERR(algorithm_status(pubkey->key_alg)); + CHECK(algorithm_status(pubkey->key_alg)); key = get_key_struct(pubkey->key_name, pubkey->key_alg, pubkey->key_flags, pubkey->key_proto, @@ -605,7 +569,7 @@ dst_key_fromnamedfile(const char *filename, const char *dirname, int type, pubkey->key_ttl, mctx); if (key->func->parse == NULL) { - RETERR(DST_R_UNSUPPORTEDALG); + CHECK(DST_R_UNSUPPORTEDALG); } newfilenamelen = strlen(filename) + 9; @@ -618,10 +582,10 @@ dst_key_fromnamedfile(const char *filename, const char *dirname, int type, INSIST(result == ISC_R_SUCCESS); isc_lex_create(mctx, 1500, &lex); - RETERR(isc_lex_openfile(lex, newfilename)); + CHECK(isc_lex_openfile(lex, newfilename)); isc_mem_put(mctx, newfilename, newfilenamelen); - RETERR(key->func->parse(key, lex, pubkey)); + CHECK(key->func->parse(key, lex, pubkey)); isc_lex_destroy(&lex); key->kasp = false; @@ -633,13 +597,13 @@ dst_key_fromnamedfile(const char *filename, const char *dirname, int type, /* Having no state is valid. */ result = ISC_R_SUCCESS; } - RETERR(result); + CHECK(result); } - RETERR(computeid(key)); + CHECK(computeid(key)); if (pubkey->key_id != key->key_id) { - RETERR(DST_R_INVALIDPRIVATEKEY); + CHECK(DST_R_INVALIDPRIVATEKEY); } key->modified = false; @@ -650,7 +614,7 @@ dst_key_fromnamedfile(const char *filename, const char *dirname, int type, *keyp = key; key = NULL; -out: +cleanup: if (pubkey != NULL) { dst_key_free(&pubkey); } @@ -808,13 +772,13 @@ dst_key_fromgssapi(const dns_name_t *name, dns_gss_ctx_id_t gssctx, */ isc_buffer_allocate(key->mctx, &key->key_tkeytoken, intoken->length); - RETERR(isc_buffer_copyregion(key->key_tkeytoken, intoken)); + CHECK(isc_buffer_copyregion(key->key_tkeytoken, intoken)); } key->keydata.gssctx = gssctx; *keyp = key; result = ISC_R_SUCCESS; -out: +cleanup: if (result != ISC_R_SUCCESS) { dst_key_free(&key); } @@ -955,7 +919,7 @@ dst_key_generate(const dns_name_t *name, unsigned int alg, unsigned int bits, dns_rdataclass_t rdclass, const char *label, isc_mem_t *mctx, dst_key_t **keyp, void (*callback)(int)) { dst_key_t *key; - isc_result_t ret; + isc_result_t result; REQUIRE(dns_name_isabsolute(name)); REQUIRE(mctx != NULL); @@ -981,16 +945,16 @@ dst_key_generate(const dns_name_t *name, unsigned int alg, unsigned int bits, return DST_R_UNSUPPORTEDALG; } - ret = key->func->generate(key, param, callback); - if (ret != ISC_R_SUCCESS) { + result = key->func->generate(key, param, callback); + if (result != ISC_R_SUCCESS) { dst_key_free(&key); - return ret; + return result; } - ret = computeid(key); - if (ret != ISC_R_SUCCESS) { + result = computeid(key); + if (result != ISC_R_SUCCESS) { dst_key_free(&key); - return ret; + return result; } *keyp = key; @@ -1514,13 +1478,12 @@ dst_key_read_public(const char *filename, int type, isc_mem_t *mctx, dns_fixedname_t name; isc_lex_t *lex = NULL; isc_token_t token; - isc_result_t ret; + isc_result_t result; dns_rdata_t rdata = DNS_RDATA_INIT; unsigned int opt = ISC_LEXOPT_DNSMULTILINE | ISC_LEXOPT_ESCAPE; dns_rdataclass_t rdclass = dns_rdataclass_in; isc_lexspecials_t specials; uint32_t ttl = 0; - isc_result_t result; dns_rdatatype_t keytype; /* @@ -1540,10 +1503,7 @@ dst_key_read_public(const char *filename, int type, isc_mem_t *mctx, isc_lex_setspecials(lex, specials); isc_lex_setcomments(lex, ISC_LEXCOMMENT_DNSMASTERFILE); - ret = isc_lex_openfile(lex, filename); - if (ret != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(isc_lex_openfile(lex, filename)); /* Read the domain name */ NEXTTOKEN(lex, opt, &token); @@ -1561,10 +1521,8 @@ dst_key_read_public(const char *filename, int type, isc_mem_t *mctx, dns_fixedname_init(&name); isc_buffer_init(&b, DST_AS_STR(token), strlen(DST_AS_STR(token))); isc_buffer_add(&b, strlen(DST_AS_STR(token))); - ret = dns_name_fromtext(dns_fixedname_name(&name), &b, dns_rootname, 0); - if (ret != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(dns_name_fromtext(dns_fixedname_name(&name), &b, dns_rootname, + 0)); /* Read the next word: either TTL, class, or 'KEY' */ NEXTTOKEN(lex, opt, &token); @@ -1583,8 +1541,8 @@ dst_key_read_public(const char *filename, int type, isc_mem_t *mctx, BADTOKEN(); } - ret = dns_rdataclass_fromtext(&rdclass, &token.value.as_textregion); - if (ret == ISC_R_SUCCESS) { + result = dns_rdataclass_fromtext(&rdclass, &token.value.as_textregion); + if (result == ISC_R_SUCCESS) { NEXTTOKEN(lex, opt, &token); } @@ -1603,22 +1561,16 @@ dst_key_read_public(const char *filename, int type, isc_mem_t *mctx, if (((type & DST_TYPE_KEY) != 0 && keytype != dns_rdatatype_key) || ((type & DST_TYPE_KEY) == 0 && keytype != dns_rdatatype_dnskey)) { - ret = DST_R_BADKEYTYPE; + result = DST_R_BADKEYTYPE; goto cleanup; } isc_buffer_init(&b, rdatabuf, sizeof(rdatabuf)); - ret = dns_rdata_fromtext(&rdata, rdclass, keytype, lex, NULL, false, - mctx, &b, NULL); - if (ret != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(dns_rdata_fromtext(&rdata, rdclass, keytype, lex, NULL, false, + mctx, &b, NULL)); - ret = dst_key_fromdns(dns_fixedname_name(&name), rdclass, &b, mctx, - keyp); - if (ret != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(dst_key_fromdns(dns_fixedname_name(&name), rdclass, &b, mctx, + keyp)); dst_key_setttl(*keyp, ttl); @@ -1626,7 +1578,7 @@ cleanup: if (lex != NULL) { isc_lex_destroy(&lex); } - return ret; + return result; } static int @@ -1677,16 +1629,13 @@ isc_result_t dst_key_read_state(const char *filename, isc_mem_t *mctx, dst_key_t **keyp) { isc_lex_t *lex = NULL; isc_token_t token; - isc_result_t ret; + isc_result_t result; unsigned int opt = ISC_LEXOPT_EOL; isc_lex_create(mctx, 1500, &lex); isc_lex_setcomments(lex, ISC_LEXCOMMENT_DNSMASTERFILE); - ret = isc_lex_openfile(lex, filename); - if (ret != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(isc_lex_openfile(lex, filename)); /* * Read the comment line. @@ -1738,7 +1687,7 @@ dst_key_read_state(const char *filename, isc_mem_t *mctx, dst_key_t **keyp) { int tag; NEXTTOKEN_OR_EOF(lex, opt, &token); - if (ret == ISC_R_EOF) { + if (result == ISC_R_EOF) { break; } if (token.type != isc_tokentype_string) { @@ -1791,10 +1740,7 @@ dst_key_read_state(const char *filename, isc_mem_t *mctx, dst_key_t **keyp) { BADTOKEN(); } - ret = dns_time32_fromtext(DST_AS_STR(token), &when); - if (ret != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(dns_time32_fromtext(DST_AS_STR(token), &when)); dst_key_settime(*keyp, tag, when); goto next; @@ -1812,10 +1758,7 @@ dst_key_read_state(const char *filename, isc_mem_t *mctx, dst_key_t **keyp) { BADTOKEN(); } - ret = keystate_fromtext(DST_AS_STR(token), &state); - if (ret != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(keystate_fromtext(DST_AS_STR(token), &state)); dst_key_setstate(*keyp, tag, state); goto next; @@ -1826,13 +1769,13 @@ dst_key_read_state(const char *filename, isc_mem_t *mctx, dst_key_t **keyp) { } /* Done, successfully parsed the whole file. */ - ret = ISC_R_SUCCESS; + result = ISC_R_SUCCESS; cleanup: if (lex != NULL) { isc_lex_destroy(&lex); } - return ret; + return result; } static bool @@ -2197,13 +2140,9 @@ computeid(dst_key_t *key) { isc_buffer_t dnsbuf; unsigned char dns_array[DST_KEY_MAXSIZE]; isc_region_t r; - isc_result_t ret; isc_buffer_init(&dnsbuf, dns_array, sizeof(dns_array)); - ret = dst_key_todns(key, &dnsbuf); - if (ret != ISC_R_SUCCESS) { - return ret; - } + RETERR(dst_key_todns(key, &dnsbuf)); isc_buffer_usedregion(&dnsbuf, &r); key->key_id = dst_region_computeid(&r); @@ -2216,7 +2155,7 @@ frombuffer(const dns_name_t *name, unsigned int alg, unsigned int flags, unsigned int protocol, dns_rdataclass_t rdclass, isc_buffer_t *source, isc_mem_t *mctx, dst_key_t **keyp) { dst_key_t *key; - isc_result_t ret; + isc_result_t result; REQUIRE(dns_name_isabsolute(name)); REQUIRE(source != NULL); @@ -2242,20 +2181,20 @@ frombuffer(const dns_name_t *name, unsigned int alg, unsigned int flags, key = get_key_struct(name, alg, flags, protocol, 0, rdclass, 0, mctx); if (isc_buffer_remaininglength(source) > 0) { - ret = algorithm_status(alg); - if (ret != ISC_R_SUCCESS) { + result = algorithm_status(alg); + if (result != ISC_R_SUCCESS) { dst_key_free(&key); - return ret; + return result; } if (key->func->fromdns == NULL) { dst_key_free(&key); return DST_R_UNSUPPORTEDALG; } - ret = key->func->fromdns(key, source); - if (ret != ISC_R_SUCCESS) { + result = key->func->fromdns(key, source); + if (result != ISC_R_SUCCESS) { dst_key_free(&key); - return ret; + return result; } } diff --git a/lib/dns/dst_parse.c b/lib/dns/dst_parse.c index 9dc4f9cedd..0310f3be79 100644 --- a/lib/dns/dst_parse.c +++ b/lib/dns/dst_parse.c @@ -400,7 +400,7 @@ dst__privstruct_parse(dst_key_t *key, unsigned int alg, isc_lex_t *lex, unsigned char *data = NULL; unsigned int opt = ISC_LEXOPT_EOL; isc_stdtime_t when; - isc_result_t ret; + isc_result_t result; bool external = false; REQUIRE(priv != NULL); @@ -408,20 +408,19 @@ dst__privstruct_parse(dst_key_t *key, unsigned int alg, isc_lex_t *lex, priv->nelements = 0; memset(priv->elements, 0, sizeof(priv->elements)); -#define NEXTTOKEN(lex, opt, token) \ - do { \ - ret = isc_lex_gettoken(lex, opt, token); \ - if (ret != ISC_R_SUCCESS) \ - goto fail; \ +#define NEXTTOKEN(lex, opt, token) \ + do { \ + CHECK(isc_lex_gettoken(lex, opt, token)); \ } while (0) -#define READLINE(lex, opt, token) \ - do { \ - ret = isc_lex_gettoken(lex, opt, token); \ - if (ret == ISC_R_EOF) \ - break; \ - else if (ret != ISC_R_SUCCESS) \ - goto fail; \ +#define READLINE(lex, opt, token) \ + do { \ + result = isc_lex_gettoken(lex, opt, token); \ + if (result == ISC_R_EOF) { \ + break; \ + } else if (result != ISC_R_SUCCESS) { \ + goto cleanup; \ + } \ } while ((*token).type != isc_tokentype_eol) /* @@ -431,24 +430,24 @@ dst__privstruct_parse(dst_key_t *key, unsigned int alg, isc_lex_t *lex, if (token.type != isc_tokentype_string || strcmp(DST_AS_STR(token), PRIVATE_KEY_STR) != 0) { - ret = DST_R_INVALIDPRIVATEKEY; - goto fail; + result = DST_R_INVALIDPRIVATEKEY; + goto cleanup; } NEXTTOKEN(lex, opt, &token); if (token.type != isc_tokentype_string || (DST_AS_STR(token))[0] != 'v') { - ret = DST_R_INVALIDPRIVATEKEY; - goto fail; + result = DST_R_INVALIDPRIVATEKEY; + goto cleanup; } if (sscanf(DST_AS_STR(token), "v%d.%d", &major, &minor) != 2) { - ret = DST_R_INVALIDPRIVATEKEY; - goto fail; + result = DST_R_INVALIDPRIVATEKEY; + goto cleanup; } if (major > DST_MAJOR_VERSION) { - ret = DST_R_INVALIDPRIVATEKEY; - goto fail; + result = DST_R_INVALIDPRIVATEKEY; + goto cleanup; } /* @@ -465,16 +464,16 @@ dst__privstruct_parse(dst_key_t *key, unsigned int alg, isc_lex_t *lex, if (token.type != isc_tokentype_string || strcmp(DST_AS_STR(token), ALGORITHM_STR) != 0) { - ret = DST_R_INVALIDPRIVATEKEY; - goto fail; + result = DST_R_INVALIDPRIVATEKEY; + goto cleanup; } NEXTTOKEN(lex, opt | ISC_LEXOPT_NUMBER, &token); if (token.type != isc_tokentype_number || token.value.as_ulong != (unsigned long)dst_key_alg(key)) { - ret = DST_R_INVALIDPRIVATEKEY; - goto fail; + result = DST_R_INVALIDPRIVATEKEY; + goto cleanup; } READLINE(lex, opt, &token); @@ -486,18 +485,18 @@ dst__privstruct_parse(dst_key_t *key, unsigned int alg, isc_lex_t *lex, int tag; isc_region_t r; do { - ret = isc_lex_gettoken(lex, opt, &token); - if (ret == ISC_R_EOF) { + result = isc_lex_gettoken(lex, opt, &token); + if (result == ISC_R_EOF) { goto done; } - if (ret != ISC_R_SUCCESS) { - goto fail; + if (result != ISC_R_SUCCESS) { + goto cleanup; } } while (token.type == isc_tokentype_eol); if (token.type != isc_tokentype_string) { - ret = DST_R_INVALIDPRIVATEKEY; - goto fail; + result = DST_R_INVALIDPRIVATEKEY; + goto cleanup; } if (strcmp(DST_AS_STR(token), "External:") == 0) { @@ -512,8 +511,8 @@ dst__privstruct_parse(dst_key_t *key, unsigned int alg, isc_lex_t *lex, NEXTTOKEN(lex, opt | ISC_LEXOPT_NUMBER, &token); if (token.type != isc_tokentype_number) { - ret = DST_R_INVALIDPRIVATEKEY; - goto fail; + result = DST_R_INVALIDPRIVATEKEY; + goto cleanup; } dst_key_setnum(key, tag, token.value.as_ulong); @@ -527,14 +526,11 @@ dst__privstruct_parse(dst_key_t *key, unsigned int alg, isc_lex_t *lex, NEXTTOKEN(lex, opt, &token); if (token.type != isc_tokentype_string) { - ret = DST_R_INVALIDPRIVATEKEY; - goto fail; + result = DST_R_INVALIDPRIVATEKEY; + goto cleanup; } - ret = dns_time32_fromtext(DST_AS_STR(token), &when); - if (ret != ISC_R_SUCCESS) { - goto fail; - } + CHECK(dns_time32_fromtext(DST_AS_STR(token), &when)); dst_key_settime(key, tag, when); @@ -546,8 +542,8 @@ dst__privstruct_parse(dst_key_t *key, unsigned int alg, isc_lex_t *lex, if (tag < 0 && minor > DST_MINOR_VERSION) { goto next; } else if (tag < 0) { - ret = DST_R_INVALIDPRIVATEKEY; - goto fail; + result = DST_R_INVALIDPRIVATEKEY; + goto cleanup; } priv->elements[n].tag = tag; @@ -555,10 +551,7 @@ dst__privstruct_parse(dst_key_t *key, unsigned int alg, isc_lex_t *lex, data = isc_mem_get(mctx, MAXFIELDSIZE); isc_buffer_init(&b, data, MAXFIELDSIZE); - ret = isc_base64_tobuffer(lex, &b, -1); - if (ret != ISC_R_SUCCESS) { - goto fail; - } + CHECK(isc_base64_tobuffer(lex, &b, -1)); isc_buffer_usedregion(&b, &r); priv->elements[n].length = r.length; @@ -572,30 +565,30 @@ dst__privstruct_parse(dst_key_t *key, unsigned int alg, isc_lex_t *lex, done: if (external && priv->nelements != 0) { - ret = DST_R_INVALIDPRIVATEKEY; - goto fail; + result = DST_R_INVALIDPRIVATEKEY; + goto cleanup; } check = check_data(priv, alg, true, external); if (check < 0) { - ret = DST_R_INVALIDPRIVATEKEY; - goto fail; + result = DST_R_INVALIDPRIVATEKEY; + goto cleanup; } else if (check != ISC_R_SUCCESS) { - ret = check; - goto fail; + result = check; + goto cleanup; } key->external = external; return ISC_R_SUCCESS; -fail: +cleanup: dst__privstruct_free(priv, mctx); if (data != NULL) { isc_mem_put(mctx, data, MAXFIELDSIZE); } - return ret; + return result; } isc_result_t diff --git a/lib/dns/dyndb.c b/lib/dns/dyndb.c index 646d179cf8..889a230ce7 100644 --- a/lib/dns/dyndb.c +++ b/lib/dns/dyndb.c @@ -28,13 +28,6 @@ #include "dyndb_p.h" -#define CHECK(op) \ - do { \ - result = (op); \ - if (result != ISC_R_SUCCESS) \ - goto cleanup; \ - } while (0) - typedef struct dyndb_implementation dyndb_implementation_t; struct dyndb_implementation { isc_mem_t *mctx; diff --git a/lib/dns/gssapictx.c b/lib/dns/gssapictx.c index ea39bb5d98..67cdc0cfca 100644 --- a/lib/dns/gssapictx.c +++ b/lib/dns/gssapictx.c @@ -82,13 +82,6 @@ static gss_OID_desc __gss_spnego_mechanism_oid_desc = { (r).base = (gb).value; \ } while (0) -#define RETERR(x) \ - do { \ - result = (x); \ - if (result != ISC_R_SUCCESS) \ - goto out; \ - } while (0) - static void name_to_gbuffer(const dns_name_t *name, isc_buffer_t *buffer, gss_buffer_desc *gbuffer) { @@ -321,8 +314,7 @@ dst_gssapi_initctx(const dns_name_t *name, isc_buffer_t *intoken, gret = gss_import_name(&minor, &gnamebuf, GSS_C_NO_OID, &gname); if (gret != GSS_S_COMPLETE) { gss_err_message(mctx, gret, minor, err_message); - result = ISC_R_FAILURE; - goto out; + CHECK(ISC_R_FAILURE); } if (intoken != NULL) { @@ -353,8 +345,7 @@ dst_gssapi_initctx(const dns_name_t *name, isc_buffer_t *intoken, gss_log(3, "Failure initiating security context"); } - result = ISC_R_FAILURE; - goto out; + CHECK(ISC_R_FAILURE); } /* @@ -367,7 +358,7 @@ dst_gssapi_initctx(const dns_name_t *name, isc_buffer_t *intoken, */ if (gouttoken.length != 0U) { GBUFFER_TO_REGION(gouttoken, r); - RETERR(isc_buffer_copyregion(outtoken, &r)); + CHECK(isc_buffer_copyregion(outtoken, &r)); } if (gret == GSS_S_COMPLETE) { @@ -376,7 +367,7 @@ dst_gssapi_initctx(const dns_name_t *name, isc_buffer_t *intoken, result = DNS_R_CONTINUE; } -out: +cleanup: if (gouttoken.length != 0U) { (void)gss_release_buffer(&minor, &gouttoken); } @@ -479,7 +470,7 @@ dst_gssapi_acceptctx(const char *gssapi_keytab, isc_region_t *intoken, isc_buffer_allocate(mctx, outtoken, (unsigned int)gouttoken.length); GBUFFER_TO_REGION(gouttoken, r); - RETERR(isc_buffer_copyregion(*outtoken, &r)); + CHECK(isc_buffer_copyregion(*outtoken, &r)); (void)gss_release_buffer(&minor, &gouttoken); } @@ -489,7 +480,7 @@ dst_gssapi_acceptctx(const char *gssapi_keytab, isc_region_t *intoken, gss_log(3, "failed gss_display_name: %s", gss_error_tostring(gret, minor, buf, sizeof(buf))); - RETERR(ISC_R_FAILURE); + CHECK(ISC_R_FAILURE); } /* @@ -511,7 +502,7 @@ dst_gssapi_acceptctx(const char *gssapi_keytab, isc_region_t *intoken, isc_buffer_init(&namebuf, r.base, r.length); isc_buffer_add(&namebuf, r.length); - RETERR(dns_name_fromtext(principal, &namebuf, dns_rootname, 0)); + CHECK(dns_name_fromtext(principal, &namebuf, dns_rootname, 0)); if (gnamebuf.length != 0U) { gret = gss_release_buffer(&minor, &gnamebuf); @@ -527,7 +518,7 @@ dst_gssapi_acceptctx(const char *gssapi_keytab, isc_region_t *intoken, *ctxout = context; -out: +cleanup: if (gname != NULL) { gret = gss_release_name(&minor, &gname); if (gret != GSS_S_COMPLETE) { diff --git a/lib/dns/journal.c b/lib/dns/journal.c index 894fbea9f3..9c969a4a0a 100644 --- a/lib/dns/journal.c +++ b/lib/dns/journal.c @@ -80,25 +80,6 @@ * Miscellaneous utilities. */ -/*% - * It would be non-sensical (or at least obtuse) to use FAIL() with an - * ISC_R_SUCCESS code, but the test is there to keep the Solaris compiler - * from complaining about "end-of-loop code not reached". - */ -#define FAIL(code) \ - do { \ - result = (code); \ - if (result != ISC_R_SUCCESS) \ - goto failure; \ - } while (0) - -#define CHECK(op) \ - do { \ - result = (op); \ - if (result != ISC_R_SUCCESS) \ - goto failure; \ - } while (0) - #define JOURNAL_SERIALSET 0x01U static isc_result_t @@ -641,14 +622,14 @@ journal_open(isc_mem_t *mctx, const char *filename, bool writable, bool create, */ result = isc_stdio_open(j->filename, "rb+", &fp); } else { - FAIL(ISC_R_NOTFOUND); + CHECK(ISC_R_NOTFOUND); } } if (result != ISC_R_SUCCESS) { isc_log_write(DNS_LOGCATEGORY_GENERAL, DNS_LOGMODULE_JOURNAL, ISC_LOG_ERROR, "%s: open: %s", j->filename, isc_result_totext(result)); - FAIL(ISC_R_UNEXPECTED); + CHECK(ISC_R_UNEXPECTED); } j->fp = fp; @@ -687,7 +668,7 @@ journal_open(isc_mem_t *mctx, const char *filename, bool writable, bool create, isc_log_write(DNS_LOGCATEGORY_GENERAL, DNS_LOGMODULE_JOURNAL, ISC_LOG_ERROR, "%s: journal format not recognized", j->filename); - FAIL(ISC_R_UNEXPECTED); + CHECK(ISC_R_UNEXPECTED); } journal_header_decode(&rawheader, &j->header); @@ -740,7 +721,7 @@ journal_open(isc_mem_t *mctx, const char *filename, bool writable, bool create, *journalp = j; return ISC_R_SUCCESS; -failure: +cleanup: j->magic = 0; if (j->rawindex != NULL) { isc_mem_cput(j->mctx, j->rawindex, j->header.index_size, @@ -920,7 +901,7 @@ maybe_fixup_xhdr(dns_journal_t *j, journal_xhdr_t *xhdr, uint32_t serial, j->recovered = true; } -failure: +cleanup: return result; } @@ -1002,7 +983,7 @@ journal_next(dns_journal_t *j, journal_pos_t *pos) { pos->serial = xhdr.serial1; return ISC_R_SUCCESS; -failure: +cleanup: return result; } @@ -1183,7 +1164,7 @@ dns_journal_begin_transaction(dns_journal_t *j) { j->state = JOURNAL_STATE_TRANSACTION; result = ISC_R_SUCCESS; -failure: +cleanup: return result; } @@ -1270,7 +1251,7 @@ dns_journal_writediff(dns_journal_t *j, dns_diff_t *diff) { result = ISC_R_SUCCESS; -failure: +cleanup: if (mem != NULL) { isc_mem_put(j->mctx, mem, size); } @@ -1417,7 +1398,7 @@ dns_journal_commit(dns_journal_t *j) { result = ISC_R_SUCCESS; -failure: +cleanup: return result; } @@ -1430,7 +1411,7 @@ dns_journal_write_transaction(dns_journal_t *j, dns_diff_t *diff) { CHECK(dns_journal_writediff(j, diff)); CHECK(dns_journal_commit(j)); result = ISC_R_SUCCESS; -failure: +cleanup: return result; } @@ -1568,7 +1549,7 @@ dns_journal_rollforward(dns_journal_t *j, dns_db_t *db, unsigned int options) { "%s: journal file corrupt: missing " "initial SOA", j->filename); - FAIL(ISC_R_UNEXPECTED); + CHECK(ISC_R_UNEXPECTED); } if ((options & DNS_JOURNALOPT_RESIGN) != 0) { op = (n_soa == 1) ? DNS_DIFFOP_DELRESIGN @@ -1606,7 +1587,7 @@ dns_journal_rollforward(dns_journal_t *j, dns_db_t *db, unsigned int options) { dns_diff_clear(&diff); } -failure: +cleanup: if (ver != NULL) { dns_db_closeversion(db, &ver, result == ISC_R_SUCCESS ? true : false); @@ -1714,7 +1695,7 @@ dns_journal_print(isc_mem_t *mctx, uint32_t flags, const char *filename, "%s: journal file corrupt: missing " "initial SOA", j->filename); - FAIL(ISC_R_UNEXPECTED); + CHECK(ISC_R_UNEXPECTED); } if (print) { @@ -1756,14 +1737,14 @@ dns_journal_print(isc_mem_t *mctx, uint32_t flags, const char *filename, result = dns_diff_print(&diff, file); dns_diff_clear(&diff); } - goto cleanup; + goto done; -failure: +cleanup: isc_log_write(DNS_LOGCATEGORY_GENERAL, DNS_LOGMODULE_JOURNAL, ISC_LOG_ERROR, "%s: cannot print: journal file corrupt", j->filename); -cleanup: +done: if (source.base != NULL) { isc_mem_put(j->mctx, source.base, source.length); } @@ -1924,7 +1905,7 @@ dns_journal_iter_init(dns_journal_t *j, uint32_t begin_serial, } result = ISC_R_SUCCESS; -failure: +cleanup: j->it.result = result; return j->it.result; } @@ -1945,7 +1926,7 @@ dns_journal_first_rr(dns_journal_t *j) { return read_one_rr(j); -failure: +cleanup: return result; } @@ -1981,7 +1962,7 @@ read_one_rr(dns_journal_t *j) { DNS_LOGMODULE_JOURNAL, ISC_LOG_ERROR, "%s: journal corrupt: empty transaction", j->filename); - FAIL(ISC_R_UNEXPECTED); + CHECK(ISC_R_UNEXPECTED); } if (j->header_ver1) { @@ -1998,7 +1979,7 @@ read_one_rr(dns_journal_t *j) { "expected serial %u, got %u", j->filename, j->it.current_serial, xhdr.serial0); - FAIL(ISC_R_UNEXPECTED); + CHECK(ISC_R_UNEXPECTED); } j->it.xsize = xhdr.size; @@ -2021,7 +2002,7 @@ read_one_rr(dns_journal_t *j) { "%s: journal corrupt: impossible RR size " "(%d bytes)", j->filename, rrhdr.size); - FAIL(ISC_R_UNEXPECTED); + CHECK(ISC_R_UNEXPECTED); } size_buffer(j->mctx, &j->it.source, rrhdr.size); @@ -2050,7 +2031,7 @@ read_one_rr(dns_journal_t *j) { * Check that the RR header is there, and parse it. */ if (isc_buffer_remaininglength(&j->it.source) < 10) { - FAIL(DNS_R_FORMERR); + CHECK(DNS_R_FORMERR); } rdtype = isc_buffer_getuint16(&j->it.source); @@ -2064,14 +2045,14 @@ read_one_rr(dns_journal_t *j) { "%s: journal corrupt: impossible rdlen " "(%u bytes)", j->filename, rdlen); - FAIL(ISC_R_FAILURE); + CHECK(ISC_R_FAILURE); } /* * Parse the rdata. */ if (isc_buffer_remaininglength(&j->it.source) != rdlen) { - FAIL(DNS_R_FORMERR); + CHECK(DNS_R_FORMERR); } isc_buffer_setactive(&j->it.source, rdlen); dns_rdata_reset(&j->it.rdata); @@ -2087,7 +2068,7 @@ read_one_rr(dns_journal_t *j) { result = ISC_R_SUCCESS; -failure: +cleanup: j->it.result = result; return result; } @@ -2243,7 +2224,7 @@ dns_diff_subtract(dns_diff_t diff[2], dns_diff_t *r) { ISC_LIST_APPENDLIST(r->tuples, del, link); ISC_LIST_APPENDLIST(r->tuples, add, link); result = ISC_R_SUCCESS; -failure: +cleanup: return result; } @@ -2335,16 +2316,16 @@ diff_namespace(dns_db_t *dba, dns_dbversion_t *dbvera, dns_db_t *dbb, next:; } if (itresult[0] != ISC_R_NOMORE) { - FAIL(itresult[0]); + CHECK(itresult[0]); } if (itresult[1] != ISC_R_NOMORE) { - FAIL(itresult[1]); + CHECK(itresult[1]); } INSIST(ISC_LIST_EMPTY(diff[0].tuples)); INSIST(ISC_LIST_EMPTY(diff[1].tuples)); -failure: +cleanup: dns_dbiterator_destroy(&dbit[1]); cleanup_iterator: @@ -2402,7 +2383,7 @@ dns_db_diffx(dns_diff_t *diff, dns_db_t *dba, dns_dbversion_t *dbvera, } } -failure: +cleanup: if (journal != NULL) { dns_journal_destroy(&journal); } @@ -2789,7 +2770,7 @@ dns_journal_compact(isc_mem_t *mctx, char *filename, uint32_t serial, if (result != ISC_R_SUCCESS && result != ISC_R_FILENOTFOUND) { - goto failure; + CHECK(result); } if (rename(filename, backup) == -1) { goto maperrno; @@ -2800,14 +2781,13 @@ dns_journal_compact(isc_mem_t *mctx, char *filename, uint32_t serial, (void)isc_file_remove(backup); } else { maperrno: - result = ISC_R_FAILURE; - goto failure; + CHECK(ISC_R_FAILURE); } } result = ISC_R_SUCCESS; -failure: +cleanup: (void)isc_file_remove(newname); if (buf != NULL) { isc_mem_put(mctx, buf, size); @@ -2845,6 +2825,6 @@ index_to_disk(dns_journal_t *j) { CHECK(journal_seek(j, sizeof(journal_rawheader_t))); CHECK(journal_write(j, j->rawindex, rawbytes)); } -failure: +cleanup: return result; } diff --git a/lib/dns/keymgr.c b/lib/dns/keymgr.c index 6ccb4ef877..acb31bd322 100644 --- a/lib/dns/keymgr.c +++ b/lib/dns/keymgr.c @@ -34,13 +34,6 @@ #include -#define RETERR(x) \ - do { \ - result = (x); \ - if (result != ISC_R_SUCCESS) \ - goto failure; \ - } while (0) - /* * Set key state to `target` state and change last changed * to `time`, only if key state has not been set before. @@ -520,16 +513,16 @@ keymgr_createkey(dns_kasp_key_t *kkey, const dns_name_t *origin, result = dns_dnssec_findmatchingkeys(origin, NULL, keydir, NULL, now, true, mctx, &keykeys); if (result != ISC_R_SUCCESS && result != ISC_R_NOTFOUND) { - goto failure; + goto cleanup; } do { if (keystore == NULL) { - RETERR(dst_key_generate(origin, alg, size, 0, flags, - DNS_KEYPROTO_DNSSEC, rdclass, - NULL, mctx, &newkey, NULL)); + CHECK(dst_key_generate(origin, alg, size, 0, flags, + DNS_KEYPROTO_DNSSEC, rdclass, + NULL, mctx, &newkey, NULL)); } else { - RETERR(dns_keystore_keygen( + CHECK(dns_keystore_keygen( keystore, origin, dns_kasp_getname(kasp), rdclass, mctx, alg, size, flags, &newkey)); } @@ -567,7 +560,7 @@ keymgr_createkey(dns_kasp_key_t *kkey, const dns_name_t *origin, *dst_key = newkey; result = ISC_R_SUCCESS; -failure: +cleanup: while (!ISC_LIST_EMPTY(keykeys)) { dns_dnsseckey_t *key = ISC_LIST_HEAD(keykeys); ISC_LIST_UNLINK(keykeys, key, link); @@ -2346,9 +2339,9 @@ dns_keymgr_run(const dns_name_t *origin, dns_rdataclass_t rdclass, } /* See if this key requires a rollover. */ - RETERR(keymgr_key_rollover( - kkey, active_key, keyring, &newkeys, origin, rdclass, - kasp, keydir, lifetime, opts, now, nexttime, mctx)); + CHECK(keymgr_key_rollover(kkey, active_key, keyring, &newkeys, + origin, rdclass, kasp, keydir, + lifetime, opts, now, nexttime, mctx)); opts &= ~DNS_KEYMGRATTR_NOROLL; } @@ -2389,7 +2382,7 @@ dns_keymgr_run(const dns_name_t *origin, dns_rdataclass_t rdclass, } dns_dnssec_get_hints(dkey, now); - RETERR(dst_key_tofile(dkey->key, options, directory)); + CHECK(dst_key_tofile(dkey->key, options, directory)); dst_key_setmodified(dkey->key, false); if (!isc_log_wouldlog(ISC_LOG_DEBUG(3))) { @@ -2407,8 +2400,9 @@ dns_keymgr_run(const dns_name_t *origin, dns_rdataclass_t rdclass, } result = retval; -failure: - if (result != ISC_R_SUCCESS && result != DNS_R_UNCHANGED) { + +cleanup: + if (result != ISC_R_SUCCESS) { ISC_LIST_FOREACH(newkeys, newkey, link) { ISC_LIST_UNLINK(newkeys, newkey, link); INSIST(newkey->key != NULL); @@ -2532,22 +2526,22 @@ keytime_status(dst_key_t *key, isc_stdtime_t now, isc_buffer_t *buf, isc_stdtime_t when = 0; dst_key_state_t state = NA; - RETERR(isc_buffer_printf(buf, "%s", pre)); + CHECK(isc_buffer_printf(buf, "%s", pre)); (void)dst_key_getstate(key, ks, &state); isc_result_t r = dst_key_gettime(key, kt, &when); if (state == RUMOURED || state == OMNIPRESENT) { - RETERR(isc_buffer_printf(buf, "yes - since ")); + CHECK(isc_buffer_printf(buf, "yes - since ")); } else if (now < when) { - RETERR(isc_buffer_printf(buf, "no - scheduled ")); + CHECK(isc_buffer_printf(buf, "no - scheduled ")); } else { return isc_buffer_printf(buf, "no\n"); } if (r == ISC_R_SUCCESS) { isc_stdtime_tostring(when, timestr, sizeof(timestr)); - RETERR(isc_buffer_printf(buf, "%s\n", timestr)); + CHECK(isc_buffer_printf(buf, "%s\n", timestr)); } -failure: +cleanup: return result; } @@ -2559,16 +2553,16 @@ keystate_status(dst_key_t *key, isc_buffer_t *buf, const char *pre, int ks) { (void)dst_key_getstate(key, ks, &state); switch (state) { case HIDDEN: - RETERR(isc_buffer_printf(buf, " - %shidden\n", pre)); + CHECK(isc_buffer_printf(buf, " - %shidden\n", pre)); break; case RUMOURED: - RETERR(isc_buffer_printf(buf, " - %srumoured\n", pre)); + CHECK(isc_buffer_printf(buf, " - %srumoured\n", pre)); break; case OMNIPRESENT: - RETERR(isc_buffer_printf(buf, " - %somnipresent\n", pre)); + CHECK(isc_buffer_printf(buf, " - %somnipresent\n", pre)); break; case UNRETENTIVE: - RETERR(isc_buffer_printf(buf, " - %sunretentive\n", pre)); + CHECK(isc_buffer_printf(buf, " - %sunretentive\n", pre)); break; case NA: default: @@ -2576,7 +2570,7 @@ keystate_status(dst_key_t *key, isc_buffer_t *buf, const char *pre, int ks) { break; } -failure: +cleanup: return result; } @@ -2602,47 +2596,47 @@ rollover_status(dns_dnsseckey_t *dkey, dns_kasp_t *kasp, (void)dst_key_getstate(key, DST_KEY_DS, &ds); // publish status - RETERR(keytime_status(key, now, buf, " Published: ", DST_KEY_DNSKEY, - DST_TIME_PUBLISH)); + CHECK(keytime_status(key, now, buf, " Published: ", DST_KEY_DNSKEY, + DST_TIME_PUBLISH)); // signing status result = dst_key_getbool(key, DST_BOOL_KSK, &ksk); if (result == ISC_R_SUCCESS && ksk) { - RETERR(keytime_status(key, now, buf, " Key signing: ", - DST_KEY_KRRSIG, DST_TIME_PUBLISH)); + CHECK(keytime_status(key, now, buf, " Key signing: ", + DST_KEY_KRRSIG, DST_TIME_PUBLISH)); } result = dst_key_getbool(key, DST_BOOL_ZSK, &zsk); if (result == ISC_R_SUCCESS && zsk) { - RETERR(keytime_status(key, now, buf, " Zone signing: ", - DST_KEY_ZRRSIG, DST_TIME_ACTIVATE)); + CHECK(keytime_status(key, now, buf, " Zone signing: ", + DST_KEY_ZRRSIG, DST_TIME_ACTIVATE)); } if (zsk) { if (goal == OMNIPRESENT) { if (dnskey == HIDDEN && zrrsig == HIDDEN) { - RETERR(isc_buffer_printf( + CHECK(isc_buffer_printf( buf, " Key is created but not " "published yet.\n")); } else if (dnskey == RUMOURED && zrrsig == HIDDEN) { - RETERR(isc_buffer_printf( + CHECK(isc_buffer_printf( buf, " Key is pre-published.\n")); } else if (dnskey == RUMOURED && zrrsig == RUMOURED) { - RETERR(isc_buffer_printf(buf, " Introducing " - "new key.\n")); + CHECK(isc_buffer_printf(buf, " Introducing " + "new key.\n")); } else if (dnskey == OMNIPRESENT && zrrsig == HIDDEN) { - RETERR(isc_buffer_printf( + CHECK(isc_buffer_printf( buf, " Key is published, but not yet " "signing.\n")); } else if (dnskey == OMNIPRESENT && zrrsig == RUMOURED) { if (keymgr_dep(key, keyring, NULL)) { - RETERR(isc_buffer_printf( + CHECK(isc_buffer_printf( buf, " Key is published, waiting " "for the zone to be completely " "signed with this key.\n")); } else { - RETERR(isc_buffer_printf( + CHECK(isc_buffer_printf( buf, " Key is published, " "introducing signatures.\n")); @@ -2654,7 +2648,7 @@ rollover_status(dns_dnsseckey_t *dkey, dns_kasp_t *kasp, log_next_rollover = true; } } else { - RETERR(isc_buffer_printf( + CHECK(isc_buffer_printf( buf, " Key is in unexpected state, " "performing auto-healing.\n")); *verbose = true; @@ -2662,7 +2656,7 @@ rollover_status(dns_dnsseckey_t *dkey, dns_kasp_t *kasp, } else if (goal == HIDDEN) { if (dnskey == OMNIPRESENT && zrrsig == OMNIPRESENT) { if (!ksk) { - RETERR(isc_buffer_printf( + CHECK(isc_buffer_printf( buf, " Key will be retired " "after successor key " "becomes active.\n")); @@ -2670,24 +2664,24 @@ rollover_status(dns_dnsseckey_t *dkey, dns_kasp_t *kasp, } else if (dnskey == OMNIPRESENT && zrrsig == UNRETENTIVE) { - RETERR(isc_buffer_printf( + CHECK(isc_buffer_printf( buf, " Key is retired, waiting until all " "signatures generated with this key " "are replaced with successor.\n")); } else if (dnskey == OMNIPRESENT && zrrsig == HIDDEN) { - RETERR(isc_buffer_printf( + CHECK(isc_buffer_printf( buf, " Key is retired, no longer " "signing the zone.\n")); } else if (dnskey == UNRETENTIVE && zrrsig == HIDDEN) { - RETERR(isc_buffer_printf( - buf, " Key is removed from zone.\n")); + CHECK(isc_buffer_printf(buf, " Key is removed " + "from zone.\n")); } else if (dnskey == HIDDEN && zrrsig == HIDDEN) { - RETERR(isc_buffer_printf( + CHECK(isc_buffer_printf( buf, " Key is completely hidden " "(waiting to be purged).\n")); } else { - RETERR(isc_buffer_printf( + CHECK(isc_buffer_printf( buf, " WARNING: Key is in unexpected " "state, " "performing auto-healing.\n")); @@ -2698,24 +2692,24 @@ rollover_status(dns_dnsseckey_t *dkey, dns_kasp_t *kasp, if (goal == OMNIPRESENT) { if (dnskey == HIDDEN && ds == HIDDEN) { if (!zsk) { - RETERR(isc_buffer_printf( + CHECK(isc_buffer_printf( buf, " Key is created but not " "published yet.\n")); } } else if (dnskey == RUMOURED && ds == HIDDEN) { if (!zsk) { - RETERR(isc_buffer_printf( + CHECK(isc_buffer_printf( buf, " Key is pre-published.\n")); } } else if (dnskey == OMNIPRESENT && ds == HIDDEN) { if (keymgr_dep(key, keyring, NULL)) { - RETERR(isc_buffer_printf( + CHECK(isc_buffer_printf( buf, " Waiting for the DS to be " "submitted to the parent.\n")); } else { - RETERR(isc_buffer_printf( + CHECK(isc_buffer_printf( buf, " Wait for zone to be fully " "signed before submitting the " @@ -2726,19 +2720,19 @@ rollover_status(dns_dnsseckey_t *dkey, dns_kasp_t *kasp, isc_result_t ret = dst_key_gettime( key, DST_TIME_DSPUBLISH, &dstime); if (ret != ISC_R_SUCCESS || dstime > now) { - RETERR(isc_buffer_printf( + CHECK(isc_buffer_printf( buf, " Waiting for the DS to be " "published to the parent.\n")); if (checkds) { - RETERR(isc_buffer_printf( + CHECK(isc_buffer_printf( buf, " checkds is enabled, " "BIND will check the " "DS RRset " "periodically.\n")); } else { - RETERR(isc_buffer_printf( + CHECK(isc_buffer_printf( buf, " ! Once the DS is in " "the parent, run 'rndc " @@ -2748,7 +2742,7 @@ rollover_status(dns_dnsseckey_t *dkey, dns_kasp_t *kasp, dst_key_id(key))); } } else { - RETERR(isc_buffer_printf( + CHECK(isc_buffer_printf( buf, " Waiting TTL period for " "validators to pick up " "the new DS RRset.\n")); @@ -2758,7 +2752,7 @@ rollover_status(dns_dnsseckey_t *dkey, dns_kasp_t *kasp, active_state = DST_TIME_PUBLISH; retire_state = DST_TIME_DELETE; } else { - RETERR(isc_buffer_printf( + CHECK(isc_buffer_printf( buf, " WARNING: Key is in unexpected " "state, " "performing auto-healing.\n")); @@ -2766,7 +2760,7 @@ rollover_status(dns_dnsseckey_t *dkey, dns_kasp_t *kasp, } } else if (goal == HIDDEN) { if (dnskey == OMNIPRESENT && ds == OMNIPRESENT) { - RETERR(isc_buffer_printf( + CHECK(isc_buffer_printf( buf, " Key will be retired after the DS is " "withdrawn from the parent.\n")); @@ -2775,19 +2769,19 @@ rollover_status(dns_dnsseckey_t *dkey, dns_kasp_t *kasp, isc_result_t ret = dst_key_gettime( key, DST_TIME_DSDELETE, &dstime); if (ret != ISC_R_SUCCESS || dstime > now) { - RETERR(isc_buffer_printf( + CHECK(isc_buffer_printf( buf, " Waiting for the DS to be " "removed from the parent.\n")); if (checkds) { - RETERR(isc_buffer_printf( + CHECK(isc_buffer_printf( buf, " checkds is enabled, " "BIND will check the " "DS RRset " "periodically.\n")); } else { - RETERR(isc_buffer_printf( + CHECK(isc_buffer_printf( buf, " ! Once the DS is " "removed from the " @@ -2798,30 +2792,30 @@ rollover_status(dns_dnsseckey_t *dkey, dns_kasp_t *kasp, dst_key_id(key))); } } else { - RETERR(isc_buffer_printf( + CHECK(isc_buffer_printf( buf, " Waiting TTL period for " "validators to pick up " "the new DS RRset.\n")); } } else if (dnskey == OMNIPRESENT && ds == HIDDEN) { - RETERR(isc_buffer_printf( - buf, " Key is removed from chain of " - "trust.\n")); + CHECK(isc_buffer_printf(buf, " Key is removed " + "from chain of " + "trust.\n")); } else if (dnskey == UNRETENTIVE && ds == HIDDEN) { if (!zsk) { - RETERR(isc_buffer_printf( + CHECK(isc_buffer_printf( buf, " Key is removed from " "zone.\n")); } } else if (dnskey == HIDDEN && ds == HIDDEN) { if (!zsk) { - RETERR(isc_buffer_printf( + CHECK(isc_buffer_printf( buf, " Key is completely hidden " "(waiting to be purged).\n")); } } else { - RETERR(isc_buffer_printf( + CHECK(isc_buffer_printf( buf, " WARNING: Key is in unexpected " "state, " "performing auto-healing.\n")); @@ -2840,25 +2834,25 @@ rollover_status(dns_dnsseckey_t *dkey, dns_kasp_t *kasp, char timestr[26]; /* Minimal buf as per ctime_r() spec. */ if (now < retire_time) { - RETERR(isc_buffer_printf(buf, " Next rollover " - "scheduled on ")); + CHECK(isc_buffer_printf(buf, " Next rollover " + "scheduled on ")); retire_time = keymgr_prepublication_time( dkey, kasp, retire_time - active_time, now); } else { - RETERR(isc_buffer_printf(buf, " Rollover is " - "due since ")); + CHECK(isc_buffer_printf(buf, " Rollover is " + "due since ")); } isc_stdtime_tostring(retire_time, timestr, sizeof(timestr)); - RETERR(isc_buffer_printf(buf, "%s\n", timestr)); + CHECK(isc_buffer_printf(buf, "%s\n", timestr)); } else { - RETERR(isc_buffer_printf(buf, - " No rollover scheduled.\n")); + CHECK(isc_buffer_printf(buf, + " No rollover scheduled.\n")); } } -failure: +cleanup: return result; } @@ -2886,36 +2880,36 @@ dns_keymgr_status(dns_kasp_t *kasp, dns_dnsseckeylist_t *keyring, // key data dns_secalg_format((dns_secalg_t)dst_key_alg(dkey->key), algstr, sizeof(algstr)); - RETERR(isc_buffer_printf(buf, "\n%s %d (%s):\n", - keymgr_keyrole(dkey->key), - dst_key_id(dkey->key), algstr)); + CHECK(isc_buffer_printf(buf, "\n%s %d (%s):\n", + keymgr_keyrole(dkey->key), + dst_key_id(dkey->key), algstr)); // rollover status - RETERR(rollover_status(dkey, kasp, keyring, now, buf, &verbose, - checkds)); + CHECK(rollover_status(dkey, kasp, keyring, now, buf, &verbose, + checkds)); if (verbose) { // key states - RETERR(isc_buffer_printf(buf, " Key states:\n")); + CHECK(isc_buffer_printf(buf, " Key states:\n")); - RETERR(keystate_status( + CHECK(keystate_status( dkey->key, buf, "goal: ", DST_KEY_GOAL)); - RETERR(keystate_status( + CHECK(keystate_status( dkey->key, buf, "dnskey: ", DST_KEY_DNSKEY)); - RETERR(keystate_status(dkey->key, buf, - "ds: ", DST_KEY_DS)); - RETERR(keystate_status( + CHECK(keystate_status(dkey->key, buf, + "ds: ", DST_KEY_DS)); + CHECK(keystate_status( dkey->key, buf, "zone rrsig: ", DST_KEY_ZRRSIG)); - RETERR(keystate_status( + CHECK(keystate_status( dkey->key, buf, "key rrsig: ", DST_KEY_KRRSIG)); } } -failure: +cleanup: return result; } @@ -3024,15 +3018,13 @@ dns_keymgr_offline(const dns_name_t *origin, dns_dnsseckeylist_t *keyring, dns_keymgr_key_init(dkey, kasp, now, false); /* Get current metadata */ - RETERR(dst_key_getstate(dkey->key, DST_KEY_DNSKEY, - ¤t_dnskey)); - RETERR(dst_key_getstate(dkey->key, DST_KEY_ZRRSIG, - ¤t_zrrsig)); - RETERR(dst_key_getstate(dkey->key, DST_KEY_GOAL, - ¤t_goal)); - RETERR(dst_key_gettime(dkey->key, DST_TIME_PUBLISH, - &published)); - RETERR(dst_key_gettime(dkey->key, DST_TIME_ACTIVATE, &active)); + CHECK(dst_key_getstate(dkey->key, DST_KEY_DNSKEY, + ¤t_dnskey)); + CHECK(dst_key_getstate(dkey->key, DST_KEY_ZRRSIG, + ¤t_zrrsig)); + CHECK(dst_key_getstate(dkey->key, DST_KEY_GOAL, ¤t_goal)); + CHECK(dst_key_gettime(dkey->key, DST_TIME_PUBLISH, &published)); + CHECK(dst_key_gettime(dkey->key, DST_TIME_ACTIVATE, &active)); (void)dst_key_gettime(dkey->key, DST_TIME_INACTIVE, &inactive); (void)dst_key_gettime(dkey->key, DST_TIME_DELETE, &remove); @@ -3136,7 +3128,7 @@ dns_keymgr_offline(const dns_name_t *origin, dns_dnsseckeylist_t *keyring, dns_dnssec_get_hints(dkey, now); - RETERR(dst_key_tofile(dkey->key, options, directory)); + CHECK(dst_key_tofile(dkey->key, options, directory)); dst_key_setmodified(dkey->key, false); if (!isc_log_wouldlog(ISC_LOG_DEBUG(3))) { @@ -3155,7 +3147,7 @@ dns_keymgr_offline(const dns_name_t *origin, dns_dnsseckeylist_t *keyring, result = ISC_R_SUCCESS; -failure: +cleanup: if (isc_log_wouldlog(ISC_LOG_DEBUG(3))) { char namebuf[DNS_NAME_FORMATSIZE]; dns_name_format(origin, namebuf, sizeof(namebuf)); diff --git a/lib/dns/masterdump.c b/lib/dns/masterdump.c index 0ce0a8b936..e86f76396d 100644 --- a/lib/dns/masterdump.c +++ b/lib/dns/masterdump.c @@ -50,19 +50,6 @@ #define DNS_DCTX_MAGIC ISC_MAGIC('D', 'c', 't', 'x') #define DNS_DCTX_VALID(d) ISC_MAGIC_VALID(d, DNS_DCTX_MAGIC) -#define RETERR(x) \ - do { \ - isc_result_t _r = (x); \ - if (_r != ISC_R_SUCCESS) \ - return ((_r)); \ - } while (0) - -#define CHECK(x) \ - do { \ - if ((x) != ISC_R_SUCCESS) \ - goto cleanup; \ - } while (0) - struct dns_master_style { dns_masterstyle_flags_t flags; /* DNS_STYLEFLAG_* */ unsigned int ttl_column; diff --git a/lib/dns/nsec3.c b/lib/dns/nsec3.c index 48a3aede03..164b5f6900 100644 --- a/lib/dns/nsec3.c +++ b/lib/dns/nsec3.c @@ -41,13 +41,6 @@ #include -#define CHECK(x) \ - do { \ - result = (x); \ - if (result != ISC_R_SUCCESS) \ - goto failure; \ - } while (0) - #define OPTOUT(x) (((x) & DNS_NSEC3FLAG_OPTOUT) != 0) #define CREATE(x) (((x) & DNS_NSEC3FLAG_CREATE) != 0) #define INITIAL(x) (((x) & DNS_NSEC3FLAG_INITIAL) != 0) @@ -434,15 +427,12 @@ delnsec3(dns_db_t *db, dns_dbversion_t *version, const dns_name_t *name, dns_difftuple_create(diff->mctx, DNS_DIFFOP_DEL, name, rdataset.ttl, &rdata, &tuple); - result = do_one_tuple(&tuple, db, version, diff); - if (result != ISC_R_SUCCESS) { - goto failure; - } + CHECK(do_one_tuple(&tuple, db, version, diff)); } result = ISC_R_SUCCESS; -failure: +cleanup: dns_rdataset_disassociate(&rdataset); cleanup_node: dns_db_detachnode(&node); @@ -615,7 +605,7 @@ dns_nsec3_addnsec3(dns_db_t *db, dns_dbversion_t *version, } else if (CREATE(nsec3param->flags) && OPTOUT(flags)) { result = dns_nsec3_delnsec3(db, version, name, nsec3param, diff); - goto failure; + goto cleanup; } else { maybe_remove_unsecure = true; } @@ -660,7 +650,7 @@ dns_nsec3_addnsec3(dns_db_t *db, dns_dbversion_t *version, if (OPTOUT(nsec3.flags)) { result = dns_nsec3_delnsec3(db, version, name, nsec3param, diff); - goto failure; + goto cleanup; } goto addnsec3; } else { @@ -670,7 +660,7 @@ dns_nsec3_addnsec3(dns_db_t *db, dns_dbversion_t *version, */ if (OPTOUT(nsec3.flags) && unsecure) { dns_rdataset_disassociate(&rdataset); - goto failure; + goto cleanup; } } @@ -859,7 +849,7 @@ addnsec3: /* result cannot be ISC_R_NOMORE here */ INSIST(result != ISC_R_NOMORE); -failure: +cleanup: if (dbit != NULL) { dns_dbiterator_destroy(&dbit); } @@ -928,7 +918,7 @@ dns_nsec3_addnsec3s(dns_db_t *db, dns_dbversion_t *version, nsecttl, unsecure, diff)); } -failure: +cleanup: if (dns_rdataset_isassociated(&rdataset)) { dns_rdataset_disassociate(&rdataset); } @@ -1001,7 +991,7 @@ rr_exists(dns_db_t *db, dns_dbversion_t *ver, const dns_name_t *name, if (result == ISC_R_NOTFOUND) { *flag = false; result = ISC_R_SUCCESS; - goto failure; + goto cleanup; } bool matched = false; @@ -1016,7 +1006,7 @@ rr_exists(dns_db_t *db, dns_dbversion_t *ver, const dns_name_t *name, dns_rdataset_disassociate(&rdataset); *flag = matched; -failure: +cleanup: if (node != NULL) { dns_db_detachnode(&node); } @@ -1087,9 +1077,7 @@ dns_nsec3param_deletechains(dns_db_t *db, dns_dbversion_t *ver, if (result == ISC_R_NOTFOUND) { goto try_private; } - if (result != ISC_R_SUCCESS) { - goto failure; - } + CHECK(result); DNS_RDATASET_FOREACH(&rdataset) { dns_rdata_t rdata = DNS_RDATA_INIT; @@ -1117,16 +1105,16 @@ dns_nsec3param_deletechains(dns_db_t *db, dns_dbversion_t *ver, try_private: if (privatetype == 0) { - goto success; + result = ISC_R_SUCCESS; + goto cleanup; } result = dns_db_findrdataset(db, node, ver, privatetype, 0, (isc_stdtime_t)0, &rdataset, NULL); if (result == ISC_R_NOTFOUND) { - goto success; - } - if (result != ISC_R_SUCCESS) { - goto failure; + result = ISC_R_SUCCESS; + goto cleanup; } + CHECK(result); DNS_RDATASET_FOREACH(&rdataset) { dns_rdata_t rdata = DNS_RDATA_INIT; @@ -1166,10 +1154,9 @@ try_private: } } -success: result = ISC_R_SUCCESS; -failure: +cleanup: if (dns_rdataset_isassociated(&rdataset)) { dns_rdataset_disassociate(&rdataset); } @@ -1201,7 +1188,7 @@ dns_nsec3_addnsec3sx(dns_db_t *db, dns_dbversion_t *version, result = dns_db_findrdataset(db, node, version, type, 0, 0, &prdataset, NULL); if (result != ISC_R_SUCCESS && result != ISC_R_NOTFOUND) { - goto failure; + CHECK(result); } result = dns_db_findrdataset(db, node, version, @@ -1210,9 +1197,7 @@ dns_nsec3_addnsec3sx(dns_db_t *db, dns_dbversion_t *version, if (result == ISC_R_NOTFOUND) { goto try_private; } - if (result != ISC_R_SUCCESS) { - goto failure; - } + CHECK(result); /* * Update each active NSEC3 chain. @@ -1238,8 +1223,10 @@ dns_nsec3_addnsec3sx(dns_db_t *db, dns_dbversion_t *version, try_private: if (!dns_rdataset_isassociated(&prdataset)) { - goto success; + result = ISC_R_SUCCESS; + goto cleanup; } + /* * Update each active NSEC3 chain. */ @@ -1270,9 +1257,9 @@ try_private: nsecttl, unsecure, diff)); } -success: result = ISC_R_SUCCESS; -failure: + +cleanup: if (dns_rdataset_isassociated(&rdataset)) { dns_rdataset_disassociate(&rdataset); } @@ -1380,9 +1367,7 @@ dns_nsec3_delnsec3(dns_db_t *db, dns_dbversion_t *version, if (result == ISC_R_NOTFOUND || result == DNS_R_PARTIALMATCH) { goto cleanup_orphaned_ents; } - if (result != ISC_R_SUCCESS) { - goto failure; - } + CHECK(result); CHECK(dns_dbiterator_current(dbit, &node, NULL)); CHECK(dns_dbiterator_pause(dbit)); @@ -1392,9 +1377,7 @@ dns_nsec3_delnsec3(dns_db_t *db, dns_dbversion_t *version, if (result == ISC_R_NOTFOUND) { goto cleanup_orphaned_ents; } - if (result != ISC_R_SUCCESS) { - goto failure; - } + CHECK(result); /* * If we find a existing NSEC3 for this chain then save the @@ -1408,7 +1391,8 @@ dns_nsec3_delnsec3(dns_db_t *db, dns_dbversion_t *version, } dns_rdataset_disassociate(&rdataset); if (result == ISC_R_NOTFOUND) { - goto success; + result = ISC_R_SUCCESS; + goto cleanup; } /* @@ -1488,11 +1472,10 @@ cleanup_orphaned_ents: salt_length)); result = dns_dbiterator_seek(dbit, hashname); if (result == ISC_R_NOTFOUND || result == DNS_R_PARTIALMATCH) { - goto success; - } - if (result != ISC_R_SUCCESS) { - goto failure; + result = ISC_R_SUCCESS; + goto cleanup; } + CHECK(result); CHECK(dns_dbiterator_current(dbit, &node, NULL)); CHECK(dns_dbiterator_pause(dbit)); @@ -1501,11 +1484,10 @@ cleanup_orphaned_ents: (isc_stdtime_t)0, &rdataset, NULL); dns_db_detachnode(&node); if (result == ISC_R_NOTFOUND) { - goto success; - } - if (result != ISC_R_SUCCESS) { - goto failure; + result = ISC_R_SUCCESS; + goto cleanup; } + CHECK(result); result = find_nsec3(&nsec3, &rdataset, nsec3param); if (result == ISC_R_SUCCESS) { @@ -1515,7 +1497,8 @@ cleanup_orphaned_ents: } dns_rdataset_disassociate(&rdataset); if (result == ISC_R_NOTFOUND) { - goto success; + result = ISC_R_SUCCESS; + goto cleanup; } pass = 0; @@ -1570,10 +1553,9 @@ cleanup_orphaned_ents: CHECK(delnsec3(db, version, hashname, nsec3param, diff)); } while (1); -success: result = ISC_R_SUCCESS; -failure: +cleanup: if (dbit != NULL) { dns_dbiterator_destroy(&dbit); } @@ -1617,9 +1599,7 @@ dns_nsec3_delnsec3sx(dns_db_t *db, dns_dbversion_t *version, if (result == ISC_R_NOTFOUND) { goto try_private; } - if (result != ISC_R_SUCCESS) { - goto failure; - } + CHECK(result); /* * Update each active NSEC3 chain. @@ -1642,16 +1622,16 @@ dns_nsec3_delnsec3sx(dns_db_t *db, dns_dbversion_t *version, try_private: if (privatetype == 0) { - goto success; + result = ISC_R_SUCCESS; + goto cleanup; } result = dns_db_findrdataset(db, node, version, privatetype, 0, 0, &rdataset, NULL); if (result == ISC_R_NOTFOUND) { - goto success; - } - if (result != ISC_R_SUCCESS) { - goto failure; + result = ISC_R_SUCCESS; + goto cleanup; } + CHECK(result); /* * Update each NSEC3 chain being built. @@ -1682,9 +1662,9 @@ try_private: CHECK(dns_nsec3_delnsec3(db, version, name, &nsec3param, diff)); } -success: result = ISC_R_SUCCESS; -failure: + +cleanup: if (dns_rdataset_isassociated(&rdataset)) { dns_rdataset_disassociate(&rdataset); } diff --git a/lib/dns/openssl_link.c b/lib/dns/openssl_link.c index 9f06b54553..28ef55df60 100644 --- a/lib/dns/openssl_link.c +++ b/lib/dns/openssl_link.c @@ -46,10 +46,10 @@ #include "openssl_shim.h" -#define DST_RET(a) \ - { \ - ret = a; \ - goto err; \ +#define DST_RET(a) \ + { \ + result = a; \ + goto cleanup; \ } static isc_result_t @@ -57,7 +57,7 @@ dst__openssl_fromlabel_provider(int key_base_id, const char *label, const char *pin, EVP_PKEY **ppub, EVP_PKEY **ppriv) { #if OPENSSL_VERSION_NUMBER >= 0x30000000L - isc_result_t ret = DST_R_OPENSSLFAILURE; + isc_result_t result = DST_R_OPENSSLFAILURE; OSSL_STORE_CTX *ctx = NULL; UNUSED(pin); @@ -99,11 +99,11 @@ dst__openssl_fromlabel_provider(int key_base_id, const char *label, OSSL_STORE_INFO_free(info); } if (*ppriv != NULL && *ppub != NULL) { - ret = ISC_R_SUCCESS; + result = ISC_R_SUCCESS; } -err: +cleanup: OSSL_STORE_close(ctx); - return ret; + return result; #else UNUSED(key_base_id); UNUSED(label); diff --git a/lib/dns/opensslecdsa_link.c b/lib/dns/opensslecdsa_link.c index c95050020b..b2f2f2ea7c 100644 --- a/lib/dns/opensslecdsa_link.c +++ b/lib/dns/opensslecdsa_link.c @@ -50,10 +50,10 @@ #define MAX_PRIVKEY_SIZE (MAX_PUBKEY_SIZE / 2) -#define DST_RET(a) \ - { \ - ret = a; \ - goto err; \ +#define DST_RET(a) \ + { \ + result = a; \ + goto cleanup; \ } #if OPENSSL_VERSION_NUMBER >= 0x30200000L @@ -170,7 +170,7 @@ static isc_result_t opensslecdsa_create_pkey_params(unsigned int key_alg, bool private, const unsigned char *key, size_t key_len, EVP_PKEY **pkey) { - isc_result_t ret; + isc_result_t result; int status; int group_nid = opensslecdsa_key_alg_to_group_nid(key_alg); const char *groupname = opensslecdsa_key_alg_to_group_name(key_alg); @@ -269,9 +269,9 @@ opensslecdsa_create_pkey_params(unsigned int key_alg, bool private, DST_R_OPENSSLFAILURE)); } - ret = ISC_R_SUCCESS; + result = ISC_R_SUCCESS; -err: +cleanup: OSSL_PARAM_free(params); OSSL_PARAM_BLD_free(bld); EVP_PKEY_CTX_free(ctx); @@ -279,7 +279,7 @@ err: EC_POINT_free(pubkey); EC_GROUP_free(group); - return ret; + return result; } static bool @@ -310,7 +310,7 @@ static isc_result_t opensslecdsa_create_pkey_legacy(unsigned int key_alg, bool private, const unsigned char *key, size_t key_len, EVP_PKEY **retkey) { - isc_result_t ret = ISC_R_SUCCESS; + isc_result_t result = ISC_R_SUCCESS; EC_KEY *eckey = NULL; EVP_PKEY *pkey = NULL; BIGNUM *privkey = NULL; @@ -365,12 +365,12 @@ opensslecdsa_create_pkey_legacy(unsigned int key_alg, bool private, *retkey = pkey; pkey = NULL; -err: +cleanup: BN_clear_free(privkey); EC_POINT_free(pubkey); EC_KEY_free(eckey); EVP_PKEY_free(pkey); - return ret; + return result; } static bool @@ -419,18 +419,18 @@ static isc_result_t opensslecdsa_create_pkey(unsigned int key_alg, bool private, const unsigned char *key, size_t key_len, EVP_PKEY **retkey) { - isc_result_t ret; + isc_result_t result; #if OPENSSL_VERSION_NUMBER >= 0x30000000L - ret = opensslecdsa_create_pkey_params(key_alg, private, key, key_len, - retkey); - if (ret != ISC_R_FAILURE) { - return ret; + result = opensslecdsa_create_pkey_params(key_alg, private, key, key_len, + retkey); + if (result != ISC_R_FAILURE) { + return result; } #else - ret = opensslecdsa_create_pkey_legacy(key_alg, private, key, key_len, - retkey); - if (ret == ISC_R_SUCCESS) { - return ret; + result = opensslecdsa_create_pkey_legacy(key_alg, private, key, key_len, + retkey); + if (result == ISC_R_SUCCESS) { + return result; } #endif return DST_R_OPENSSLFAILURE; @@ -442,7 +442,7 @@ static isc_result_t opensslecdsa_generate_pkey_with_uri(int group_nid, const char *label, EVP_PKEY **retkey) { int status; - isc_result_t ret; + isc_result_t result; char *uri = UNCONST(label); EVP_PKEY_CTX *ctx = NULL; OSSL_PARAM params[3]; @@ -490,17 +490,17 @@ opensslecdsa_generate_pkey_with_uri(int group_nid, const char *label, DST_R_OPENSSLFAILURE)); } - ret = ISC_R_SUCCESS; + result = ISC_R_SUCCESS; -err: +cleanup: EVP_PKEY_CTX_free(ctx); - return ret; + return result; } static isc_result_t opensslecdsa_generate_pkey(unsigned int key_alg, const char *label, EVP_PKEY **retkey) { - isc_result_t ret; + isc_result_t result; EVP_PKEY_CTX *ctx = NULL; EVP_PKEY *params_pkey = NULL; int group_nid = opensslecdsa_key_alg_to_group_nid(key_alg); @@ -552,12 +552,12 @@ opensslecdsa_generate_pkey(unsigned int key_alg, const char *label, DST_RET(dst__openssl_toresult2("EVP_PKEY_keygen", DST_R_OPENSSLFAILURE)); } - ret = ISC_R_SUCCESS; + result = ISC_R_SUCCESS; -err: +cleanup: EVP_PKEY_free(params_pkey); EVP_PKEY_CTX_free(ctx); - return ret; + return result; } static isc_result_t @@ -594,7 +594,7 @@ opensslecdsa_extract_private_key(const dst_key_t *key, unsigned char *buf, static isc_result_t opensslecdsa_generate_pkey(unsigned int key_alg, const char *label, EVP_PKEY **retkey) { - isc_result_t ret; + isc_result_t result; EC_KEY *eckey = NULL; EVP_PKEY *pkey = NULL; int group_nid; @@ -624,12 +624,12 @@ opensslecdsa_generate_pkey(unsigned int key_alg, const char *label, } *retkey = pkey; pkey = NULL; - ret = ISC_R_SUCCESS; + result = ISC_R_SUCCESS; -err: +cleanup: EC_KEY_free(eckey); EVP_PKEY_free(pkey); - return ret; + return result; } static isc_result_t @@ -676,7 +676,7 @@ opensslecdsa_extract_private_key(const dst_key_t *key, unsigned char *buf, static isc_result_t opensslecdsa_createctx(dst_key_t *key, dst_context_t *dctx) { - isc_result_t ret = ISC_R_SUCCESS; + isc_result_t result = ISC_R_SUCCESS; EVP_MD_CTX *evp_md_ctx; EVP_PKEY_CTX *pctx = NULL; const EVP_MD *type = NULL; @@ -707,11 +707,8 @@ opensslecdsa_createctx(dst_key_t *key, dst_context_t *dctx) { #if OPENSSL_VERSION_NUMBER >= 0x30200000L if (!isc_crypto_fips_mode()) { - ret = opensslecdsa_set_deterministic( - pctx, dctx->key->key_alg); - if (ret != ISC_R_SUCCESS) { - goto err; - } + CHECK(opensslecdsa_set_deterministic( + pctx, dctx->key->key_alg)); } #endif /* OPENSSL_VERSION_NUMBER >= 0x30200000L */ @@ -728,8 +725,8 @@ opensslecdsa_createctx(dst_key_t *key, dst_context_t *dctx) { dctx->ctxdata.evp_md_ctx = evp_md_ctx; -err: - return ret; +cleanup: + return result; } static void @@ -747,7 +744,7 @@ opensslecdsa_destroyctx(dst_context_t *dctx) { static isc_result_t opensslecdsa_adddata(dst_context_t *dctx, const isc_region_t *data) { - isc_result_t ret = ISC_R_SUCCESS; + isc_result_t result = ISC_R_SUCCESS; EVP_MD_CTX *evp_md_ctx = dctx->ctxdata.evp_md_ctx; REQUIRE(opensslecdsa_valid_key_alg(dctx->key->key_alg)); @@ -771,13 +768,13 @@ opensslecdsa_adddata(dst_context_t *dctx, const isc_region_t *data) { } } -err: - return ret; +cleanup: + return result; } static isc_result_t opensslecdsa_sign(dst_context_t *dctx, isc_buffer_t *sig) { - isc_result_t ret; + isc_result_t result; dst_key_t *key = dctx->key; isc_region_t region; EVP_MD_CTX *evp_md_ctx = dctx->ctxdata.evp_md_ctx; @@ -827,19 +824,19 @@ opensslecdsa_sign(dst_context_t *dctx, isc_buffer_t *sig) { isc_region_consume(®ion, siglen / 2); ECDSA_SIG_free(ecdsasig); isc_buffer_add(sig, siglen); - ret = ISC_R_SUCCESS; + result = ISC_R_SUCCESS; -err: +cleanup: if (sigder != NULL && sigder_alloced != 0) { isc_mem_put(dctx->mctx, sigder, sigder_alloced); } - return ret; + return result; } static isc_result_t opensslecdsa_verify(dst_context_t *dctx, const isc_region_t *sig) { - isc_result_t ret; + isc_result_t result; dst_key_t *key = dctx->key; int status; unsigned char *cp = sig->base; @@ -894,19 +891,19 @@ opensslecdsa_verify(dst_context_t *dctx, const isc_region_t *sig) { switch (status) { case 1: - ret = ISC_R_SUCCESS; + result = ISC_R_SUCCESS; break; case 0: - ret = dst__openssl_toresult(DST_R_VERIFYFAILURE); + result = dst__openssl_toresult(DST_R_VERIFYFAILURE); break; default: - ret = dst__openssl_toresult3(dctx->category, - "EVP_DigestVerifyFinal", - DST_R_VERIFYFAILURE); + result = dst__openssl_toresult3(dctx->category, + "EVP_DigestVerifyFinal", + DST_R_VERIFYFAILURE); break; } -err: +cleanup: if (ecdsasig != NULL) { ECDSA_SIG_free(ecdsasig); } @@ -914,7 +911,7 @@ err: isc_mem_put(dctx->mctx, sigder, sigder_alloced); } - return ret; + return result; } static isc_result_t @@ -939,7 +936,7 @@ opensslecdsa_generate(dst_key_t *key, int unused, void (*callback)(int)) { static isc_result_t opensslecdsa_todns(const dst_key_t *key, isc_buffer_t *data) { - isc_result_t ret; + isc_result_t result; isc_region_t r; size_t keysize; @@ -956,15 +953,15 @@ opensslecdsa_todns(const dst_key_t *key, isc_buffer_t *data) { } isc_buffer_add(data, keysize); - ret = ISC_R_SUCCESS; + result = ISC_R_SUCCESS; -err: - return ret; +cleanup: + return result; } static isc_result_t opensslecdsa_fromdns(dst_key_t *key, isc_buffer_t *data) { - isc_result_t ret; + isc_result_t result; EVP_PKEY *pkey = NULL; isc_region_t r; size_t len; @@ -980,23 +977,21 @@ opensslecdsa_fromdns(dst_key_t *key, isc_buffer_t *data) { DST_RET(DST_R_INVALIDPUBLICKEY); } - ret = opensslecdsa_create_pkey(key->key_alg, false, r.base, len, &pkey); - if (ret != ISC_R_SUCCESS) { - DST_RET(ret); - } + CHECK(opensslecdsa_create_pkey(key->key_alg, false, r.base, len, + &pkey)); isc_buffer_forward(data, len); key->key_size = EVP_PKEY_bits(pkey); key->keydata.pkeypair.pub = pkey; - ret = ISC_R_SUCCESS; + result = ISC_R_SUCCESS; -err: - return ret; +cleanup: + return result; } static isc_result_t opensslecdsa_tofile(const dst_key_t *key, const char *directory) { - isc_result_t ret; + isc_result_t result; dst_private_t priv; unsigned char buf[MAX_PRIVKEY_SIZE]; size_t keylen = 0; @@ -1035,11 +1030,11 @@ opensslecdsa_tofile(const dst_key_t *key, const char *directory) { } priv.nelements = i; - ret = dst__privstruct_writefile(key, &priv, directory); + result = dst__privstruct_writefile(key, &priv, directory); -err: +cleanup: isc_safe_memwipe(buf, keylen); - return ret; + return result; } static isc_result_t @@ -1048,7 +1043,7 @@ opensslecdsa_fromlabel(dst_key_t *key, const char *label, const char *pin); static isc_result_t opensslecdsa_parse(dst_key_t *key, isc_lex_t *lexer, dst_key_t *pub) { dst_private_t priv; - isc_result_t ret; + isc_result_t result; EVP_PKEY *pkey = NULL; const char *label = NULL; int i, privkey_index = -1; @@ -1056,11 +1051,8 @@ opensslecdsa_parse(dst_key_t *key, isc_lex_t *lexer, dst_key_t *pub) { REQUIRE(opensslecdsa_valid_key_alg(key->key_alg)); /* read private key file */ - ret = dst__privstruct_parse(key, DST_ALG_ECDSA256, lexer, key->mctx, - &priv); - if (ret != ISC_R_SUCCESS) { - goto err; - } + CHECK(dst__privstruct_parse(key, DST_ALG_ECDSA256, lexer, key->mctx, + &priv)); if (key->external) { if (priv.nelements != 0 || pub == NULL) { @@ -1090,10 +1082,7 @@ opensslecdsa_parse(dst_key_t *key, isc_lex_t *lexer, dst_key_t *pub) { } if (label != NULL) { - ret = opensslecdsa_fromlabel(key, label, NULL); - if (ret != ISC_R_SUCCESS) { - goto err; - } + CHECK(opensslecdsa_fromlabel(key, label, NULL)); /* Check that the public component matches if given */ if (pub != NULL && EVP_PKEY_eq(key->keydata.pkeypair.pub, pub->keydata.pkeypair.pub) != 1) @@ -1107,12 +1096,9 @@ opensslecdsa_parse(dst_key_t *key, isc_lex_t *lexer, dst_key_t *pub) { DST_RET(dst__openssl_toresult(DST_R_INVALIDPRIVATEKEY)); } - ret = opensslecdsa_create_pkey( + CHECK(opensslecdsa_create_pkey( key->key_alg, true, priv.elements[privkey_index].data, - priv.elements[privkey_index].length, &pkey); - if (ret != ISC_R_SUCCESS) { - goto err; - } + priv.elements[privkey_index].length, &pkey)); /* Check that the public component matches if given */ if (pub != NULL && EVP_PKEY_eq(pkey, pub->keydata.pkeypair.pub) != 1) { @@ -1124,39 +1110,30 @@ opensslecdsa_parse(dst_key_t *key, isc_lex_t *lexer, dst_key_t *pub) { key->keydata.pkeypair.pub = pkey; pkey = NULL; -err: +cleanup: EVP_PKEY_free(pkey); - if (ret != ISC_R_SUCCESS) { + if (result != ISC_R_SUCCESS) { key->keydata.generic = NULL; } dst__privstruct_free(&priv, key->mctx); isc_safe_memwipe(&priv, sizeof(priv)); - return ret; + return result; } static isc_result_t opensslecdsa_fromlabel(dst_key_t *key, const char *label, const char *pin) { EVP_PKEY *privpkey = NULL, *pubpkey = NULL; - isc_result_t ret; + isc_result_t result; REQUIRE(opensslecdsa_valid_key_alg(key->key_alg)); UNUSED(pin); - ret = dst__openssl_fromlabel(EVP_PKEY_EC, label, pin, &pubpkey, - &privpkey); - if (ret != ISC_R_SUCCESS) { - goto err; - } + CHECK(dst__openssl_fromlabel(EVP_PKEY_EC, label, pin, &pubpkey, + &privpkey)); - ret = opensslecdsa_validate_pkey_group(key->key_alg, privpkey); - if (ret != ISC_R_SUCCESS) { - goto err; - } - ret = opensslecdsa_validate_pkey_group(key->key_alg, pubpkey); - if (ret != ISC_R_SUCCESS) { - goto err; - } + CHECK(opensslecdsa_validate_pkey_group(key->key_alg, privpkey)); + CHECK(opensslecdsa_validate_pkey_group(key->key_alg, pubpkey)); key->label = isc_mem_strdup(key->mctx, label); key->key_size = EVP_PKEY_bits(privpkey); @@ -1165,10 +1142,10 @@ opensslecdsa_fromlabel(dst_key_t *key, const char *label, const char *pin) { privpkey = NULL; pubpkey = NULL; -err: +cleanup: EVP_PKEY_free(privpkey); EVP_PKEY_free(pubpkey); - return ret; + return result; } static dst_func_t opensslecdsa_functions = { diff --git a/lib/dns/openssleddsa_link.c b/lib/dns/openssleddsa_link.c index fd383f688b..ea164be6f9 100644 --- a/lib/dns/openssleddsa_link.c +++ b/lib/dns/openssleddsa_link.c @@ -33,10 +33,10 @@ #include "dst_parse.h" #include "openssl_shim.h" -#define DST_RET(a) \ - { \ - ret = a; \ - goto err; \ +#define DST_RET(a) \ + { \ + result = a; \ + goto cleanup; \ } #ifndef NID_ED25519 @@ -82,13 +82,13 @@ openssleddsa_alg_info(unsigned int key_alg) { static isc_result_t raw_key_to_ossl(const eddsa_alginfo_t *alginfo, int private, const unsigned char *key, size_t *key_len, EVP_PKEY **pkey) { - isc_result_t ret; + isc_result_t result; int pkey_type = alginfo->pkey_type; size_t len = alginfo->key_size; - ret = (private ? DST_R_INVALIDPRIVATEKEY : DST_R_INVALIDPUBLICKEY); + result = (private ? DST_R_INVALIDPRIVATEKEY : DST_R_INVALIDPUBLICKEY); if (*key_len < len) { - return ret; + return result; } if (private) { @@ -97,7 +97,7 @@ raw_key_to_ossl(const eddsa_alginfo_t *alginfo, int private, *pkey = EVP_PKEY_new_raw_public_key(pkey_type, NULL, key, len); } if (*pkey == NULL) { - return dst__openssl_toresult(ret); + return dst__openssl_toresult(result); } *key_len = len; @@ -165,7 +165,7 @@ openssleddsa_adddata(dst_context_t *dctx, const isc_region_t *data) { static isc_result_t openssleddsa_sign(dst_context_t *dctx, isc_buffer_t *sig) { - isc_result_t ret; + isc_result_t result; dst_key_t *key = dctx->key; isc_region_t tbsreg; isc_region_t sigreg; @@ -200,19 +200,19 @@ openssleddsa_sign(dst_context_t *dctx, isc_buffer_t *sig) { DST_R_SIGNFAILURE)); } isc_buffer_add(sig, (unsigned int)siglen); - ret = ISC_R_SUCCESS; + result = ISC_R_SUCCESS; -err: +cleanup: EVP_MD_CTX_free(ctx); isc_buffer_free(&buf); dctx->ctxdata.generic = NULL; - return ret; + return result; } static isc_result_t openssleddsa_verify(dst_context_t *dctx, const isc_region_t *sig) { - isc_result_t ret; + isc_result_t result; dst_key_t *key = dctx->key; int status; isc_region_t tbsreg; @@ -243,28 +243,29 @@ openssleddsa_verify(dst_context_t *dctx, const isc_region_t *sig) { switch (status) { case 1: - ret = ISC_R_SUCCESS; + result = ISC_R_SUCCESS; break; case 0: - ret = dst__openssl_toresult(DST_R_VERIFYFAILURE); + result = dst__openssl_toresult(DST_R_VERIFYFAILURE); break; default: - ret = dst__openssl_toresult3(dctx->category, "EVP_DigestVerify", - DST_R_VERIFYFAILURE); + result = dst__openssl_toresult3(dctx->category, + "EVP_DigestVerify", + DST_R_VERIFYFAILURE); break; } -err: +cleanup: EVP_MD_CTX_free(ctx); isc_buffer_free(&buf); dctx->ctxdata.generic = NULL; - return ret; + return result; } static isc_result_t openssleddsa_generate(dst_key_t *key, int unused, void (*callback)(int)) { - isc_result_t ret; + isc_result_t result; EVP_PKEY *pkey = NULL; EVP_PKEY_CTX *ctx = NULL; const eddsa_alginfo_t *alginfo = openssleddsa_alg_info(key->key_alg); @@ -295,11 +296,11 @@ openssleddsa_generate(dst_key_t *key, int unused, void (*callback)(int)) { key->key_size = alginfo->key_size * 8; key->keydata.pkeypair.priv = pkey; key->keydata.pkeypair.pub = pkey; - ret = ISC_R_SUCCESS; + result = ISC_R_SUCCESS; -err: +cleanup: EVP_PKEY_CTX_free(ctx); - return ret; + return result; } static isc_result_t @@ -356,7 +357,7 @@ openssleddsa_fromdns(dst_key_t *key, isc_buffer_t *data) { static isc_result_t openssleddsa_tofile(const dst_key_t *key, const char *directory) { const eddsa_alginfo_t *alginfo = openssleddsa_alg_info(key->key_alg); - isc_result_t ret; + isc_result_t result; dst_private_t priv; unsigned char *buf = NULL; size_t len; @@ -397,20 +398,20 @@ openssleddsa_tofile(const dst_key_t *key, const char *directory) { } priv.nelements = i; - ret = dst__privstruct_writefile(key, &priv, directory); + result = dst__privstruct_writefile(key, &priv, directory); -err: +cleanup: if (buf != NULL) { isc_mem_put(key->mctx, buf, len); } - return ret; + return result; } static isc_result_t openssleddsa_parse(dst_key_t *key, isc_lex_t *lexer, dst_key_t *pub) { const eddsa_alginfo_t *alginfo = openssleddsa_alg_info(key->key_alg); dst_private_t priv; - isc_result_t ret; + isc_result_t result; int i, privkey_index = -1; const char *label = NULL; EVP_PKEY *pkey = NULL; @@ -420,10 +421,7 @@ openssleddsa_parse(dst_key_t *key, isc_lex_t *lexer, dst_key_t *pub) { REQUIRE(alginfo != NULL); /* read private key file */ - ret = dst__privstruct_parse(key, DST_ALG_ED25519, lexer, mctx, &priv); - if (ret != ISC_R_SUCCESS) { - goto err; - } + CHECK(dst__privstruct_parse(key, DST_ALG_ED25519, lexer, mctx, &priv)); if (key->external) { if (priv.nelements != 0) { @@ -456,10 +454,7 @@ openssleddsa_parse(dst_key_t *key, isc_lex_t *lexer, dst_key_t *pub) { } if (label != NULL) { - ret = openssleddsa_fromlabel(key, label, NULL); - if (ret != ISC_R_SUCCESS) { - goto err; - } + CHECK(openssleddsa_fromlabel(key, label, NULL)); /* Check that the public component matches if given */ if (pub != NULL && EVP_PKEY_eq(key->keydata.pkeypair.pub, pub->keydata.pkeypair.pub) != 1) @@ -474,11 +469,8 @@ openssleddsa_parse(dst_key_t *key, isc_lex_t *lexer, dst_key_t *pub) { } len = priv.elements[privkey_index].length; - ret = raw_key_to_ossl(alginfo, 1, priv.elements[privkey_index].data, - &len, &pkey); - if (ret != ISC_R_SUCCESS) { - goto err; - } + CHECK(raw_key_to_ossl(alginfo, 1, priv.elements[privkey_index].data, + &len, &pkey)); /* Check that the public component matches if given */ if (pub != NULL && EVP_PKEY_eq(pkey, pub->keydata.pkeypair.pub) != 1) { DST_RET(DST_R_INVALIDPRIVATEKEY); @@ -488,29 +480,26 @@ openssleddsa_parse(dst_key_t *key, isc_lex_t *lexer, dst_key_t *pub) { key->keydata.pkeypair.pub = pkey; key->key_size = len * 8; pkey = NULL; - ret = ISC_R_SUCCESS; + result = ISC_R_SUCCESS; -err: +cleanup: EVP_PKEY_free(pkey); dst__privstruct_free(&priv, mctx); isc_safe_memwipe(&priv, sizeof(priv)); - return ret; + return result; } static isc_result_t openssleddsa_fromlabel(dst_key_t *key, const char *label, const char *pin) { const eddsa_alginfo_t *alginfo = openssleddsa_alg_info(key->key_alg); EVP_PKEY *privpkey = NULL, *pubpkey = NULL; - isc_result_t ret; + isc_result_t result; REQUIRE(alginfo != NULL); UNUSED(pin); - ret = dst__openssl_fromlabel(alginfo->pkey_type, label, pin, &pubpkey, - &privpkey); - if (ret != ISC_R_SUCCESS) { - goto err; - } + CHECK(dst__openssl_fromlabel(alginfo->pkey_type, label, pin, &pubpkey, + &privpkey)); key->label = isc_mem_strdup(key->mctx, label); key->key_size = EVP_PKEY_bits(privpkey); @@ -519,10 +508,10 @@ openssleddsa_fromlabel(dst_key_t *key, const char *label, const char *pin) { privpkey = NULL; pubpkey = NULL; -err: +cleanup: EVP_PKEY_free(privpkey); EVP_PKEY_free(pubpkey); - return ret; + return result; } static dst_func_t openssleddsa_functions = { @@ -578,7 +567,7 @@ check_algorithm(unsigned char algorithm) { const unsigned char *key = NULL; const unsigned char *sig = NULL; const unsigned char test[] = "test"; - isc_result_t ret = ISC_R_SUCCESS; + isc_result_t result = ISC_R_SUCCESS; size_t key_len, sig_len; if (evp_md_ctx == NULL) { @@ -607,10 +596,7 @@ check_algorithm(unsigned char algorithm) { } INSIST(alginfo != NULL); - ret = raw_key_to_ossl(alginfo, 0, key, &key_len, &pkey); - if (ret != ISC_R_SUCCESS) { - goto err; - } + CHECK(raw_key_to_ossl(alginfo, 0, key, &key_len, &pkey)); /* * Check that we can verify the signature. @@ -622,7 +608,7 @@ check_algorithm(unsigned char algorithm) { DST_RET(ISC_R_NOTIMPLEMENTED); } -err: +cleanup: if (pkey != NULL) { EVP_PKEY_free(pkey); } @@ -630,7 +616,7 @@ err: EVP_MD_CTX_destroy(evp_md_ctx); } ERR_clear_error(); - return ret; + return result; } void diff --git a/lib/dns/opensslrsa_link.c b/lib/dns/opensslrsa_link.c index e31ba6b15d..57c82baa1e 100644 --- a/lib/dns/opensslrsa_link.c +++ b/lib/dns/opensslrsa_link.c @@ -37,10 +37,10 @@ #include "dst_parse.h" #include "openssl_shim.h" -#define DST_RET(a) \ - { \ - ret = a; \ - goto err; \ +#define DST_RET(a) \ + { \ + result = a; \ + goto cleanup; \ } #define OPENSSLRSA_MAX_MODULUS_BITS 4096 @@ -428,7 +428,7 @@ opensslrsa_generate_pkey(unsigned int key_size, const char *label, BIGNUM *e, RSA *rsa = NULL; EVP_PKEY *pkey = NULL; BN_GENCB *cb = NULL; - isc_result_t ret; + isc_result_t result; UNUSED(label); @@ -456,18 +456,18 @@ opensslrsa_generate_pkey(unsigned int key_size, const char *label, BIGNUM *e, } *retkey = pkey; pkey = NULL; - ret = ISC_R_SUCCESS; + result = ISC_R_SUCCESS; -err: +cleanup: EVP_PKEY_free(pkey); RSA_free(rsa); BN_GENCB_free(cb); - return ret; + return result; } static isc_result_t opensslrsa_build_pkey(bool private, rsa_components_t *c, EVP_PKEY **retpkey) { - isc_result_t ret; + isc_result_t result; EVP_PKEY *pkey = NULL; RSA *rsa = RSA_new(); int status; @@ -532,13 +532,13 @@ opensslrsa_build_pkey(bool private, rsa_components_t *c, EVP_PKEY **retpkey) { *retpkey = pkey; pkey = NULL; - ret = ISC_R_SUCCESS; + result = ISC_R_SUCCESS; -err: +cleanup: EVP_PKEY_free(pkey); RSA_free(rsa); opensslrsa_components_free(c); - return ret; + return result; } #else static int @@ -559,7 +559,7 @@ opensslrsa_generate_pkey_with_uri(size_t key_size, const char *label, EVP_PKEY_CTX *ctx = NULL; OSSL_PARAM params[4]; char *uri = UNCONST(label); - isc_result_t ret; + isc_result_t result; int status; params[0] = OSSL_PARAM_construct_utf8_string("pkcs11_uri", uri, 0); @@ -592,17 +592,17 @@ opensslrsa_generate_pkey_with_uri(size_t key_size, const char *label, DST_R_OPENSSLFAILURE)); } - ret = ISC_R_SUCCESS; -err: + result = ISC_R_SUCCESS; +cleanup: EVP_PKEY_CTX_free(ctx); - return ret; + return result; } static isc_result_t opensslrsa_generate_pkey(unsigned int key_size, const char *label, BIGNUM *e, void (*callback)(int), EVP_PKEY **retkey) { EVP_PKEY_CTX *ctx; - isc_result_t ret; + isc_result_t result; if (label != NULL) { return opensslrsa_generate_pkey_with_uri(key_size, label, @@ -635,15 +635,15 @@ opensslrsa_generate_pkey(unsigned int key_size, const char *label, BIGNUM *e, DST_RET(dst__openssl_toresult2("EVP_PKEY_keygen", DST_R_OPENSSLFAILURE)); } - ret = ISC_R_SUCCESS; -err: + result = ISC_R_SUCCESS; +cleanup: EVP_PKEY_CTX_free(ctx); - return ret; + return result; } static isc_result_t opensslrsa_build_pkey(bool private, rsa_components_t *c, EVP_PKEY **retpkey) { - isc_result_t ret; + isc_result_t result; int status; OSSL_PARAM_BLD *bld = NULL; OSSL_PARAM *params = NULL; @@ -724,19 +724,19 @@ opensslrsa_build_pkey(bool private, rsa_components_t *c, EVP_PKEY **retpkey) { DST_RET(dst__openssl_toresult2("EVP_PKEY_fromdata", DST_R_OPENSSLFAILURE)); } - ret = ISC_R_SUCCESS; + result = ISC_R_SUCCESS; -err: +cleanup: EVP_PKEY_CTX_free(ctx); OSSL_PARAM_free(params); OSSL_PARAM_BLD_free(bld); - return ret; + return result; } #endif /* OPENSSL_VERSION_NUMBER < 0x30000000L */ static isc_result_t opensslrsa_generate(dst_key_t *key, int unused, void (*callback)(int)) { - isc_result_t ret; + isc_result_t result; BIGNUM *e = BN_new(); EVP_PKEY *pkey = NULL; @@ -779,21 +779,18 @@ opensslrsa_generate(dst_key_t *key, int unused, void (*callback)(int)) { BN_set_bit(e, 0); BN_set_bit(e, 16); - ret = opensslrsa_generate_pkey(key->key_size, key->label, e, callback, - &pkey); - if (ret != ISC_R_SUCCESS) { - goto err; - } + CHECK(opensslrsa_generate_pkey(key->key_size, key->label, e, callback, + &pkey)); key->keydata.pkeypair.pub = pkey; key->keydata.pkeypair.priv = pkey; pkey = NULL; - ret = ISC_R_SUCCESS; + result = ISC_R_SUCCESS; -err: +cleanup: EVP_PKEY_free(pkey); BN_free(e); - return ret; + return result; } static isc_result_t @@ -801,7 +798,7 @@ opensslrsa_todns(const dst_key_t *key, isc_buffer_t *data) { isc_region_t r; unsigned int e_bytes; unsigned int mod_bytes; - isc_result_t ret; + isc_result_t result; rsa_components_t c = { 0 }; REQUIRE(key->keydata.pkeypair.pub != NULL); @@ -828,10 +825,7 @@ opensslrsa_todns(const dst_key_t *key, isc_buffer_t *data) { break; } - ret = opensslrsa_components_get(key, &c, false); - if (ret != ISC_R_SUCCESS) { - goto err; - } + CHECK(opensslrsa_components_get(key, &c, false)); mod_bytes = BN_num_bytes(c.n); e_bytes = BN_num_bytes(c.e); @@ -862,15 +856,15 @@ opensslrsa_todns(const dst_key_t *key, isc_buffer_t *data) { isc_buffer_add(data, e_bytes + mod_bytes); - ret = ISC_R_SUCCESS; -err: + result = ISC_R_SUCCESS; +cleanup: opensslrsa_components_free(&c); - return ret; + return result; } static isc_result_t opensslrsa_fromdns(dst_key_t *key, isc_buffer_t *data) { - isc_result_t ret; + isc_result_t result; isc_region_t r; unsigned int e_bytes; unsigned int length; @@ -937,16 +931,16 @@ opensslrsa_fromdns(dst_key_t *key, isc_buffer_t *data) { isc_buffer_forward(data, length); key->key_size = BN_num_bits(c.n); - ret = opensslrsa_build_pkey(false, &c, &key->keydata.pkeypair.pub); + result = opensslrsa_build_pkey(false, &c, &key->keydata.pkeypair.pub); -err: +cleanup: opensslrsa_components_free(&c); - return ret; + return result; } static isc_result_t opensslrsa_tofile(const dst_key_t *key, const char *directory) { - isc_result_t ret; + isc_result_t result; dst_private_t priv = { 0 }; unsigned char *bufs[8] = { NULL }; unsigned short i = 0; @@ -956,10 +950,7 @@ opensslrsa_tofile(const dst_key_t *key, const char *directory) { return dst__privstruct_writefile(key, &priv, directory); } - ret = opensslrsa_components_get(key, &c, true); - if (ret != ISC_R_SUCCESS) { - goto err; - } + CHECK(opensslrsa_components_get(key, &c, true)); priv.elements[i].tag = TAG_RSA_MODULUS; priv.elements[i].length = BN_num_bytes(c.n); @@ -1044,9 +1035,9 @@ opensslrsa_tofile(const dst_key_t *key, const char *directory) { } priv.nelements = i; - ret = dst__privstruct_writefile(key, &priv, directory); + result = dst__privstruct_writefile(key, &priv, directory); -err: +cleanup: for (i = 0; i < ARRAY_SIZE(bufs); i++) { if (bufs[i] != NULL) { isc_mem_put(key->mctx, bufs[i], @@ -1055,7 +1046,7 @@ err: } opensslrsa_components_free(&c); - return ret; + return result; } static isc_result_t @@ -1064,7 +1055,7 @@ opensslrsa_fromlabel(dst_key_t *key, const char *label, const char *pin); static isc_result_t opensslrsa_parse(dst_key_t *key, isc_lex_t *lexer, dst_key_t *pub) { dst_private_t priv; - isc_result_t ret; + isc_result_t result; int i; isc_mem_t *mctx = NULL; const char *label = NULL; @@ -1077,10 +1068,7 @@ opensslrsa_parse(dst_key_t *key, isc_lex_t *lexer, dst_key_t *pub) { mctx = key->mctx; /* read private key file */ - ret = dst__privstruct_parse(key, DST_ALG_RSA, lexer, mctx, &priv); - if (ret != ISC_R_SUCCESS) { - goto err; - } + CHECK(dst__privstruct_parse(key, DST_ALG_RSA, lexer, mctx, &priv)); if (key->external) { if (priv.nelements != 0 || pub == NULL) { @@ -1112,10 +1100,7 @@ opensslrsa_parse(dst_key_t *key, isc_lex_t *lexer, dst_key_t *pub) { * See if we can fetch it. */ if (label != NULL) { - ret = opensslrsa_fromlabel(key, label, NULL); - if (ret != ISC_R_SUCCESS) { - DST_RET(ret); - } + CHECK(opensslrsa_fromlabel(key, label, NULL)); /* Check that the public component matches if given */ if (pub != NULL && EVP_PKEY_eq(key->keydata.pkeypair.pub, pub->keydata.pkeypair.pub) != 1) @@ -1178,10 +1163,7 @@ opensslrsa_parse(dst_key_t *key, isc_lex_t *lexer, dst_key_t *pub) { } key->key_size = BN_num_bits(c.n); - ret = opensslrsa_build_pkey(true, &c, &pkey); - if (ret != ISC_R_SUCCESS) { - goto err; - } + CHECK(opensslrsa_build_pkey(true, &c, &pkey)); /* Check that the public component matches if given */ if (pub != NULL && EVP_PKEY_eq(pkey, pub->keydata.pkeypair.pub) != 1) { @@ -1192,29 +1174,26 @@ opensslrsa_parse(dst_key_t *key, isc_lex_t *lexer, dst_key_t *pub) { key->keydata.pkeypair.priv = pkey; pkey = NULL; -err: +cleanup: opensslrsa_components_free(&c); EVP_PKEY_free(pkey); - if (ret != ISC_R_SUCCESS) { + if (result != ISC_R_SUCCESS) { key->keydata.generic = NULL; } dst__privstruct_free(&priv, mctx); isc_safe_memwipe(&priv, sizeof(priv)); - return ret; + return result; } static isc_result_t opensslrsa_fromlabel(dst_key_t *key, const char *label, const char *pin) { EVP_PKEY *privpkey = NULL, *pubpkey = NULL; - isc_result_t ret; + isc_result_t result; - ret = dst__openssl_fromlabel(EVP_PKEY_RSA, label, pin, &pubpkey, - &privpkey); - if (ret != ISC_R_SUCCESS) { - goto err; - } + CHECK(dst__openssl_fromlabel(EVP_PKEY_RSA, label, pin, &pubpkey, + &privpkey)); if (!opensslrsa_check_exponent_bits(pubpkey, RSA_MAX_PUBEXP_BITS)) { DST_RET(ISC_R_RANGE); @@ -1227,10 +1206,10 @@ opensslrsa_fromlabel(dst_key_t *key, const char *label, const char *pin) { privpkey = NULL; pubpkey = NULL; -err: +cleanup: EVP_PKEY_free(privpkey); EVP_PKEY_free(pubpkey); - return ret; + return result; } static dst_func_t opensslrsa_functions = { @@ -1333,7 +1312,7 @@ check_algorithm(unsigned short algorithm) { EVP_PKEY *pkey = NULL; const EVP_MD *type = NULL; const unsigned char *sig = NULL; - isc_result_t ret = ISC_R_SUCCESS; + isc_result_t result = ISC_R_SUCCESS; size_t len; switch (algorithm) { @@ -1365,8 +1344,8 @@ check_algorithm(unsigned short algorithm) { c.e = BN_bin2bn(e_bytes, sizeof(e_bytes) - 1, NULL); c.n = BN_bin2bn(n_bytes, sizeof(n_bytes) - 1, NULL); - ret = opensslrsa_build_pkey(false, &c, &pkey); - INSIST(ret == ISC_R_SUCCESS); + result = opensslrsa_build_pkey(false, &c, &pkey); + INSIST(result == ISC_R_SUCCESS); /* * Check that we can verify the signature. @@ -1378,12 +1357,12 @@ check_algorithm(unsigned short algorithm) { DST_RET(ISC_R_NOTIMPLEMENTED); } -err: +cleanup: opensslrsa_components_free(&c); EVP_PKEY_free(pkey); EVP_MD_CTX_destroy(evp_md_ctx); ERR_clear_error(); - return ret; + return result; } void diff --git a/lib/dns/private.c b/lib/dns/private.c index 41b854f3d8..60ed1041f8 100644 --- a/lib/dns/private.c +++ b/lib/dns/private.c @@ -43,13 +43,6 @@ #define INITIAL(x) (((x) & DNS_NSEC3FLAG_INITIAL) != 0) #define NONSEC(x) (((x) & DNS_NSEC3FLAG_NONSEC) != 0) -#define CHECK(x) \ - do { \ - result = (x); \ - if (result != ISC_R_SUCCESS) \ - goto failure; \ - } while (0) - /* * Work out if 'param' should be ignored or not (i.e. it is in the process * of being removed). @@ -121,14 +114,14 @@ dns_private_chains(dns_db_t *db, dns_dbversion_t *ver, result = dns_db_findrdataset(db, node, ver, dns_rdatatype_nsec, 0, (isc_stdtime_t)0, &nsecset, NULL); - if (result != ISC_R_SUCCESS && result != ISC_R_NOTFOUND) { - goto failure; + if (result != ISC_R_NOTFOUND) { + CHECK(result); } result = dns_db_findrdataset(db, node, ver, dns_rdatatype_nsec3param, 0, (isc_stdtime_t)0, &nsec3paramset, NULL); - if (result != ISC_R_SUCCESS && result != ISC_R_NOTFOUND) { - goto failure; + if (result != ISC_R_NOTFOUND) { + CHECK(result); } if (dns_rdataset_isassociated(&nsecset) && @@ -143,8 +136,8 @@ dns_private_chains(dns_db_t *db, dns_dbversion_t *ver, result = dns_db_findrdataset(db, node, ver, privatetype, 0, (isc_stdtime_t)0, &privateset, NULL); - if (result != ISC_R_SUCCESS && result != ISC_R_NOTFOUND) { - goto failure; + if (result != ISC_R_NOTFOUND) { + CHECK(result); } } @@ -278,7 +271,7 @@ dns_private_chains(dns_db_t *db, dns_dbversion_t *ver, success: result = ISC_R_SUCCESS; -failure: +cleanup: if (dns_rdataset_isassociated(&nsecset)) { dns_rdataset_disassociate(&nsecset); } @@ -400,6 +393,6 @@ dns_private_totext(dns_rdata_t *private, isc_buffer_t *buf) { isc_buffer_putuint8(buf, 0); result = ISC_R_SUCCESS; -failure: +cleanup: return result; } diff --git a/lib/dns/qpcache.c b/lib/dns/qpcache.c index 7f2ab9640a..b344e8e698 100644 --- a/lib/dns/qpcache.c +++ b/lib/dns/qpcache.c @@ -66,13 +66,6 @@ #define DNS_QPCACHE_LOG_STATS_LEVEL 3 #endif -#define CHECK(op) \ - do { \ - result = (op); \ - if (result != ISC_R_SUCCESS) \ - goto failure; \ - } while (0) - #define STALE_TTL(header, qpdb) \ (NXDOMAIN(header) ? 0 : qpdb->common.serve_stale_ttl) @@ -3120,18 +3113,12 @@ qpcache_addrdataset(dns_db_t *db, dns_dbnode_t *node, dns_dbversion_t *version, DNS_SLABHEADER_SETATTR(newheader, DNS_SLABHEADERATTR_OPTOUT); } if (rdataset->attributes.noqname) { - result = addnoqname(qpnode->mctx, newheader, qpdb->maxrrperset, - rdataset); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(addnoqname(qpnode->mctx, newheader, qpdb->maxrrperset, + rdataset)); } if (rdataset->attributes.closest) { - result = addclosest(qpnode->mctx, newheader, qpdb->maxrrperset, - rdataset); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(addclosest(qpnode->mctx, newheader, qpdb->maxrrperset, + rdataset)); } nlock = &qpdb->buckets[qpnode->locknum].lock; diff --git a/lib/dns/qpzone.c b/lib/dns/qpzone.c index 834af41b97..be5e050007 100644 --- a/lib/dns/qpzone.c +++ b/lib/dns/qpzone.c @@ -64,14 +64,6 @@ #include "qpzone_p.h" #include "rdataslab_p.h" -#define CHECK(op) \ - { \ - result = (op); \ - if (result != ISC_R_SUCCESS) { \ - goto failure; \ - } \ - } - #define HEADERNODE(h) ((qpznode_t *)((h)->node)) #define QPDB_ATTR_LOADED 0x01 diff --git a/lib/dns/rcode.c b/lib/dns/rcode.c index c749959a49..a1ad5abeae 100644 --- a/lib/dns/rcode.c +++ b/lib/dns/rcode.c @@ -39,13 +39,6 @@ #include -#define RETERR(x) \ - do { \ - isc_result_t _r = (x); \ - if (_r != ISC_R_SUCCESS) \ - return ((_r)); \ - } while (0) - #define NUMBERSIZE sizeof("037777777777") /* 2^32-1 octal + NUL */ #define TOTEXTONLY 0x01 diff --git a/lib/dns/rdata.c b/lib/dns/rdata.c index 5fd872fe3f..2c83eaf380 100644 --- a/lib/dns/rdata.c +++ b/lib/dns/rdata.c @@ -52,13 +52,6 @@ #include #include -#define RETERR(x) \ - do { \ - isc_result_t _r = (x); \ - if (_r != ISC_R_SUCCESS) \ - return ((_r)); \ - } while (0) - #define RETTOK(x) \ do { \ isc_result_t _r = (x); \ @@ -68,13 +61,6 @@ } \ } while (0) -#define CHECK(op) \ - do { \ - result = (op); \ - if (result != ISC_R_SUCCESS) \ - goto cleanup; \ - } while (0) - #define CHECKTOK(op) \ do { \ result = (op); \ diff --git a/lib/dns/rdataset.c b/lib/dns/rdataset.c index 83a08ff469..593b09771e 100644 --- a/lib/dns/rdataset.c +++ b/lib/dns/rdataset.c @@ -324,18 +324,12 @@ towire_answer(dns_rdataset_t *rdataset, const dns_name_t *name, for (size_t i = start; i < count; i++) { dns_rdata_t rdata = DNS_RDATA_INIT; - result = towire_addtypeclass(rdataset, name, cctx, target, - rrbuffer, sizeof(dns_ttl_t) + 2); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(towire_addtypeclass(rdataset, name, cctx, target, + rrbuffer, sizeof(dns_ttl_t) + 2)); towire_addttl(rdataset, target, &rdlen); dns_rdataset_current(rdataset, &rdata); - result = towire_addrdata(&rdata, cctx, target, &rdlen); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(towire_addrdata(&rdata, cctx, target, &rdlen)); added++; result = dns_rdataset_next(rdataset); @@ -348,17 +342,11 @@ towire_answer(dns_rdataset_t *rdataset, const dns_name_t *name, } for (size_t i = 0; i < start; i++) { - result = towire_addtypeclass(rdataset, name, cctx, target, - rrbuffer, sizeof(dns_ttl_t) + 2); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(towire_addtypeclass(rdataset, name, cctx, target, + rrbuffer, sizeof(dns_ttl_t) + 2)); towire_addttl(rdataset, target, &rdlen); - result = towire_addrdata(&rdatas[i], cctx, target, &rdlen); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(towire_addrdata(&rdatas[i], cctx, target, &rdlen)); added++; } diff --git a/lib/dns/resconf.c b/lib/dns/resconf.c index fda0fcddf9..3b919170e1 100644 --- a/lib/dns/resconf.c +++ b/lib/dns/resconf.c @@ -75,13 +75,6 @@ #define RESCONFMAXLINELEN 256U /*%< max size of a line */ #define RESCONFMAXSORTLIST 10U /*%< max 10 */ -#define CHECK(op) \ - do { \ - result = (op); \ - if (result != ISC_R_SUCCESS) \ - goto cleanup; \ - } while (0) - /*! * configuration data structure */ diff --git a/lib/dns/resolver.c b/lib/dns/resolver.c index 9e0e578cfb..f79eb122ec 100644 --- a/lib/dns/resolver.c +++ b/lib/dns/resolver.c @@ -6045,7 +6045,6 @@ static isc_result_t rctx_cache_secure(respctx_t *rctx, dns_message_t *message, dns_name_t *name, dns_dbnode_t *node, dns_rdataset_t *rdataset, dns_rdataset_t *sigrdataset, bool need_validation) { - isc_result_t result; fetchctx_t *fctx = rctx->fctx; resquery_t *query = rctx->query; dns_rdataset_t *ardataset = NULL, *asigset = NULL; @@ -6129,12 +6128,8 @@ rctx_cache_secure(respctx_t *rctx, dns_message_t *message, dns_name_t *name, * in-between. */ - result = cache_rrset(fctx, rctx->now, name, rdataset, - sigrdataset, &node, ardataset, asigset, - need_validation); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(cache_rrset(fctx, rctx->now, name, rdataset, sigrdataset, + &node, ardataset, asigset, need_validation)); } return ISC_R_SUCCESS; @@ -6386,10 +6381,7 @@ negcache(dns_message_t *message, fetchctx_t *fctx, const dns_name_t *name, /* * Cache the negative entry. */ - result = dns_db_findnode(fctx->cache, name, true, &node); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(dns_db_findnode(fctx->cache, name, true, &node)); result = dns_ncache_add(message, cache, node, covers, now, minttl, maxttl, optout, secure, added); diff --git a/lib/dns/skr.c b/lib/dns/skr.c index 537683d363..34a259963d 100644 --- a/lib/dns/skr.c +++ b/lib/dns/skr.c @@ -25,27 +25,11 @@ #include #include -#define CHECK(op) \ - do { \ - result = (op); \ - if (result != ISC_R_SUCCESS) \ - goto failure; \ - } while (0) - #define READLINE(lex, opt, token) -#define NEXTTOKEN(lex, opt, token) \ - { \ - ret = isc_lex_gettoken(lex, opt, token); \ - if (ret != ISC_R_SUCCESS) \ - goto cleanup; \ - } +#define NEXTTOKEN(lex, opt, token) CHECK(isc_lex_gettoken(lex, opt, token)) -#define BADTOKEN() \ - { \ - ret = ISC_R_UNEXPECTEDTOKEN; \ - goto cleanup; \ - } +#define BADTOKEN() CHECK(ISC_R_UNEXPECTEDTOKEN) #define TOKENSIZ (8 * 1024) #define STR(t) ((t).value.as_textregion.base) @@ -61,7 +45,7 @@ parse_rr(isc_lex_t *lex, isc_mem_t *mctx, char *owner, dns_name_t *origin, isc_buffer_t b; isc_token_t token; unsigned int opt = ISC_LEXOPT_EOL; - isc_result_t ret = ISC_R_SUCCESS; + isc_result_t result = ISC_R_SUCCESS; isc_lex_setcomments(lex, ISC_LEXCOMMENT_DNSMASTERFILE); @@ -72,13 +56,9 @@ parse_rr(isc_lex_t *lex, isc_mem_t *mctx, char *owner, dns_name_t *origin, dname = dns_fixedname_initname(&dfname); isc_buffer_init(&b, owner, strlen(owner)); isc_buffer_add(&b, strlen(owner)); - ret = dns_name_fromtext(dname, &b, dns_rootname, 0); - if (ret != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(dns_name_fromtext(dname, &b, dns_rootname, 0)); if (dns_name_compare(dname, origin) != 0) { - ret = DNS_R_BADOWNERNAME; - goto cleanup; + CHECK(DNS_R_BADOWNERNAME); } isc_buffer_clear(&b); @@ -89,8 +69,8 @@ parse_rr(isc_lex_t *lex, isc_mem_t *mctx, char *owner, dns_name_t *origin, } /* If it's a TTL, read the next one */ - ret = dns_ttl_fromtext(&token.value.as_textregion, ttl); - if (ret == ISC_R_SUCCESS) { + result = dns_ttl_fromtext(&token.value.as_textregion, ttl); + if (result == ISC_R_SUCCESS) { NEXTTOKEN(lex, opt, &token); } if (token.type != isc_tokentype_string) { @@ -98,8 +78,8 @@ parse_rr(isc_lex_t *lex, isc_mem_t *mctx, char *owner, dns_name_t *origin, } /* If it's a class, read the next one */ - ret = dns_rdataclass_fromtext(&clas, &token.value.as_textregion); - if (ret == ISC_R_SUCCESS) { + result = dns_rdataclass_fromtext(&clas, &token.value.as_textregion); + if (result == ISC_R_SUCCESS) { if (clas != rdclass) { BADTOKEN(); } @@ -110,8 +90,8 @@ parse_rr(isc_lex_t *lex, isc_mem_t *mctx, char *owner, dns_name_t *origin, } /* Must be the record type */ - ret = dns_rdatatype_fromtext(rdtype, &token.value.as_textregion); - if (ret != ISC_R_SUCCESS) { + result = dns_rdatatype_fromtext(rdtype, &token.value.as_textregion); + if (result != ISC_R_SUCCESS) { BADTOKEN(); } switch (*rdtype) { @@ -126,11 +106,11 @@ parse_rr(isc_lex_t *lex, isc_mem_t *mctx, char *owner, dns_name_t *origin, } dns_rdatacallbacks_init(&callbacks); - ret = dns_rdata_fromtext(*rdata, rdclass, *rdtype, lex, dname, 0, mctx, - buf, &callbacks); + result = dns_rdata_fromtext(*rdata, rdclass, *rdtype, lex, dname, 0, + mctx, buf, &callbacks); cleanup: isc_lex_setcomments(lex, 0); - return ret; + return result; } static void @@ -345,7 +325,7 @@ dns_skr_read(isc_mem_t *mctx, const char *filename, dns_name_t *origin, filename, isc_lex_getsourceline(lex), isc_result_totext(result)); isc_mem_put(mctx, rdata, sizeof(*rdata)); - goto failure; + goto cleanup; } /* Create new diff tuple */ @@ -374,7 +354,7 @@ dns_skr_read(isc_mem_t *mctx, const char *filename, dns_name_t *origin, addbundle(*skrp, &bundle); } -failure: +cleanup: if (result != ISC_R_SUCCESS) { isc_log_write(DNS_LOGCATEGORY_GENERAL, DNS_LOGMODULE_ZONE, ISC_LOG_DEBUG(1), diff --git a/lib/dns/tkey.c b/lib/dns/tkey.c index 79ca4da3e0..4618f5ff58 100644 --- a/lib/dns/tkey.c +++ b/lib/dns/tkey.c @@ -55,13 +55,6 @@ #define TEMP_BUFFER_SZ 8192 #define TKEY_RANDOM_AMOUNT 16 -#define RETERR(x) \ - do { \ - result = (x); \ - if (result != ISC_R_SUCCESS) \ - goto failure; \ - } while (0) - static void tkey_log(const char *fmt, ...) ISC_FORMAT_PRINTF(1, 2); @@ -208,7 +201,7 @@ process_gsstkey(dns_message_t *msg, dns_name_t *name, dns_rdata_tkey_t *tkeyin, return ISC_R_SUCCESS; } if (result != DNS_R_CONTINUE && result != ISC_R_SUCCESS) { - goto failure; + CHECK(result); } /* @@ -224,8 +217,8 @@ process_gsstkey(dns_message_t *msg, dns_name_t *name, dns_rdata_tkey_t *tkeyin, #endif /* HAVE_GSSAPI */ uint32_t expire; - RETERR(dst_key_fromgssapi(name, gss_ctx, ring->mctx, &dstkey, - &intoken)); + CHECK(dst_key_fromgssapi(name, gss_ctx, ring->mctx, &dstkey, + &intoken)); /* * Limit keys to 1 hour or the context's lifetime whichever * is smaller. @@ -237,11 +230,11 @@ process_gsstkey(dns_message_t *msg, dns_name_t *name, dns_rdata_tkey_t *tkeyin, expire = now + lifetime; } #endif /* HAVE_GSSAPI */ - RETERR(dns_tsigkey_createfromkey( + CHECK(dns_tsigkey_createfromkey( name, dns__tsig_algfromname(&tkeyin->algorithm), dstkey, true, false, principal, now, expire, ring->mctx, &tsigkey)); - RETERR(dns_tsigkeyring_add(ring, tsigkey)); + CHECK(dns_tsigkeyring_add(ring, tsigkey)); dst_key_free(&dstkey); tkeyout->inception = now; tkeyout->expire = expire; @@ -277,7 +270,7 @@ process_gsstkey(dns_message_t *msg, dns_name_t *name, dns_rdata_tkey_t *tkeyin, return ISC_R_SUCCESS; -failure: +cleanup: if (tsigkey != NULL) { dns_tsigkey_detach(&tsigkey); } @@ -363,24 +356,21 @@ dns_tkey_processquery(dns_message_t *msg, dns_tkeyctx_t *tctx, result = dns_message_findname(msg, DNS_SECTION_ADDITIONAL, qname, dns_rdatatype_tkey, 0, NULL, &tkeyset); if (result != ISC_R_SUCCESS) { - result = DNS_R_FORMERR; tkey_log("dns_tkey_processquery: couldn't find a TKEY " "matching the question"); - goto failure; + CHECK(DNS_R_FORMERR); } result = dns_rdataset_first(tkeyset); if (result != ISC_R_SUCCESS) { - result = DNS_R_FORMERR; - goto failure; + CHECK(DNS_R_FORMERR); } dns_rdataset_current(tkeyset, &rdata); - RETERR(dns_rdata_tostruct(&rdata, &tkeyin, NULL)); + CHECK(dns_rdata_tostruct(&rdata, &tkeyin, NULL)); if (tkeyin.error != dns_rcode_noerror) { - result = DNS_R_FORMERR; - goto failure; + CHECK(DNS_R_FORMERR); } /* @@ -396,8 +386,7 @@ dns_tkey_processquery(dns_message_t *msg, dns_tkeyctx_t *tctx, { tkey_log("dns_tkey_processquery: query was not " "properly signed - rejecting"); - result = DNS_R_FORMERR; - goto failure; + CHECK(DNS_R_FORMERR); } tkeyout = (dns_rdata_tkey_t){ @@ -414,8 +403,8 @@ dns_tkey_processquery(dns_message_t *msg, dns_tkeyctx_t *tctx, /* * A delete operation uses the fully specified qname. */ - RETERR(process_deletetkey(signer, qname, &tkeyin, &tkeyout, - ring)); + CHECK(process_deletetkey(signer, qname, &tkeyin, &tkeyout, + ring)); break; case DNS_TKEYMODE_GSSAPI: keyname = dns_fixedname_initname(&fkeyname); @@ -435,10 +424,10 @@ dns_tkey_processquery(dns_message_t *msg, dns_tkeyctx_t *tctx, isc_nonce_buf(randomdata, sizeof(randomdata)); isc_buffer_init(&b, randomtext, sizeof(randomtext)); - RETERR(isc_hex_totext(&r, 2, "", &b)); - RETERR(dns_name_fromtext(keyname, &b, NULL, 0)); + CHECK(isc_hex_totext(&r, 2, "", &b)); + CHECK(dns_name_fromtext(keyname, &b, NULL, 0)); } - RETERR(dns_name_concatenate(keyname, dns_rootname, keyname)); + CHECK(dns_name_concatenate(keyname, dns_rootname, keyname)); result = dns_tsigkey_find(&tsigkey, keyname, NULL, ring); if (result == ISC_R_SUCCESS) { @@ -446,15 +435,15 @@ dns_tkey_processquery(dns_message_t *msg, dns_tkeyctx_t *tctx, dns_tsigkey_detach(&tsigkey); break; } else if (result == ISC_R_NOTFOUND) { - RETERR(process_gsstkey(msg, keyname, &tkeyin, tctx, - &tkeyout, ring)); + CHECK(process_gsstkey(msg, keyname, &tkeyin, tctx, + &tkeyout, ring)); break; } - goto failure; + goto cleanup; case DNS_TKEYMODE_SERVERASSIGNED: case DNS_TKEYMODE_RESOLVERASSIGNED: result = DNS_R_NOTIMP; - goto failure; + goto cleanup; default: tkeyout.error = dns_tsigerror_badmode; } @@ -467,9 +456,9 @@ dns_tkey_processquery(dns_message_t *msg, dns_tkeyctx_t *tctx, if (tkeyout.key != NULL) { isc_mem_put(tkeyout.mctx, tkeyout.key, tkeyout.keylen); } - RETERR(result); + CHECK(result); - RETERR(dns_message_reply(msg, true)); + CHECK(dns_message_reply(msg, true)); add_rdata_to_list(msg, keyname, &rdata, 0, &namelist); ISC_LIST_FOREACH(namelist, name, link) { @@ -478,7 +467,7 @@ dns_tkey_processquery(dns_message_t *msg, dns_tkeyctx_t *tctx, } return ISC_R_SUCCESS; -failure: +cleanup: free_namelist(msg, &namelist); return result; } @@ -622,11 +611,11 @@ dns_tkey_gssnegotiate(dns_message_t *qmsg, dns_message_t *rmsg, return dns_result_fromrcode(rmsg->rcode); } - RETERR(find_tkey(rmsg, &tkeyname, &rtkeyrdata, DNS_SECTION_ANSWER)); - RETERR(dns_rdata_tostruct(&rtkeyrdata, &rtkey, NULL)); + CHECK(find_tkey(rmsg, &tkeyname, &rtkeyrdata, DNS_SECTION_ANSWER)); + CHECK(dns_rdata_tostruct(&rtkeyrdata, &rtkey, NULL)); - RETERR(find_tkey(qmsg, &tkeyname, &qtkeyrdata, DNS_SECTION_ADDITIONAL)); - RETERR(dns_rdata_tostruct(&qtkeyrdata, &qtkey, NULL)); + CHECK(find_tkey(qmsg, &tkeyname, &qtkeyrdata, DNS_SECTION_ADDITIONAL)); + CHECK(dns_rdata_tostruct(&qtkeyrdata, &qtkey, NULL)); if (rtkey.error != dns_rcode_noerror || rtkey.mode != DNS_TKEYMODE_GSSAPI || @@ -634,8 +623,7 @@ dns_tkey_gssnegotiate(dns_message_t *qmsg, dns_message_t *rmsg, { tkey_log("dns_tkey_gssnegotiate: tkey mode invalid " "or error set(4)"); - result = DNS_R_INVALIDTKEY; - goto failure; + CHECK(DNS_R_INVALIDTKEY); } isc_buffer_init(&intoken, rtkey.key, rtkey.keylen); @@ -662,22 +650,22 @@ dns_tkey_gssnegotiate(dns_message_t *qmsg, dns_message_t *rmsg, dns_name_clone(DNS_TSIG_GSSAPI_NAME, &tkey.algorithm); dns_message_reset(qmsg, DNS_MESSAGE_INTENTRENDER); - RETERR(buildquery(qmsg, tkeyname, &tkey)); + CHECK(buildquery(qmsg, tkeyname, &tkey)); return DNS_R_CONTINUE; } - RETERR(dst_key_fromgssapi(dns_rootname, *context, rmsg->mctx, &dstkey, - NULL)); + CHECK(dst_key_fromgssapi(dns_rootname, *context, rmsg->mctx, &dstkey, + NULL)); /* * XXXSRA This seems confused. If we got CONTINUE from initctx, * the GSS negotiation hasn't completed yet, so we can't sign * anything yet. */ - RETERR(dns_tsigkey_createfromkey(tkeyname, DST_ALG_GSSAPI, dstkey, true, - false, NULL, rtkey.inception, - rtkey.expire, ring->mctx, &tsigkey)); - RETERR(dns_tsigkeyring_add(ring, tsigkey)); + CHECK(dns_tsigkey_createfromkey(tkeyname, DST_ALG_GSSAPI, dstkey, true, + false, NULL, rtkey.inception, + rtkey.expire, ring->mctx, &tsigkey)); + CHECK(dns_tsigkeyring_add(ring, tsigkey)); if (outkey == NULL) { dns_tsigkey_detach(&tsigkey); } else { @@ -687,7 +675,7 @@ dns_tkey_gssnegotiate(dns_message_t *qmsg, dns_message_t *rmsg, dst_key_free(&dstkey); return result; -failure: +cleanup: if (tsigkey != NULL) { dns_tsigkey_detach(&tsigkey); } diff --git a/lib/dns/ttl.c b/lib/dns/ttl.c index 4605abb068..9c0a02d1e3 100644 --- a/lib/dns/ttl.c +++ b/lib/dns/ttl.c @@ -30,13 +30,6 @@ #include -#define RETERR(x) \ - do { \ - isc_result_t _r = (x); \ - if (_r != ISC_R_SUCCESS) \ - return ((_r)); \ - } while (0) - static isc_result_t bind_ttl(isc_textregion_t *source, uint32_t *ttl); diff --git a/lib/dns/update.c b/lib/dns/update.c index ff4ae03c61..b741a75c90 100644 --- a/lib/dns/update.c +++ b/lib/dns/update.c @@ -70,116 +70,6 @@ */ #define LOGLEVEL_DEBUG ISC_LOG_DEBUG(8) -/*% - * Check an operation for failure. These macros all assume that - * the function using them has a 'result' variable and a 'failure' - * label. - */ -#define CHECK(op) \ - do { \ - result = (op); \ - if (result != ISC_R_SUCCESS) \ - goto failure; \ - } while (0) - -/*% - * Fail unconditionally with result 'code', which must not - * be ISC_R_SUCCESS. The reason for failure presumably has - * been logged already. - * - * The test against ISC_R_SUCCESS is there to keep the Solaris compiler - * from complaining about "end-of-loop code not reached". - */ - -#define FAIL(code) \ - do { \ - result = (code); \ - if (result != ISC_R_SUCCESS) \ - goto failure; \ - } while (0) - -/*% - * Fail unconditionally and log as a client error. - * The test against ISC_R_SUCCESS is there to keep the Solaris compiler - * from complaining about "end-of-loop code not reached". - */ -#define FAILC(code, msg) \ - do { \ - const char *_what = "failed"; \ - result = (code); \ - switch (result) { \ - case DNS_R_NXDOMAIN: \ - case DNS_R_YXDOMAIN: \ - case DNS_R_YXRRSET: \ - case DNS_R_NXRRSET: \ - _what = "unsuccessful"; \ - } \ - update_log(log, zone, LOGLEVEL_PROTOCOL, "update %s: %s (%s)", \ - _what, msg, isc_result_totext(result)); \ - if (result != ISC_R_SUCCESS) \ - goto failure; \ - } while (0) - -#define FAILN(code, name, msg) \ - do { \ - const char *_what = "failed"; \ - result = (code); \ - switch (result) { \ - case DNS_R_NXDOMAIN: \ - case DNS_R_YXDOMAIN: \ - case DNS_R_YXRRSET: \ - case DNS_R_NXRRSET: \ - _what = "unsuccessful"; \ - } \ - if (isc_log_wouldlog(LOGLEVEL_PROTOCOL)) { \ - char _nbuf[DNS_NAME_FORMATSIZE]; \ - dns_name_format(name, _nbuf, sizeof(_nbuf)); \ - update_log(log, zone, LOGLEVEL_PROTOCOL, \ - "update %s: %s: %s (%s)", _what, _nbuf, \ - msg, isc_result_totext(result)); \ - } \ - if (result != ISC_R_SUCCESS) \ - goto failure; \ - } while (0) - -#define FAILNT(code, name, type, msg) \ - do { \ - const char *_what = "failed"; \ - result = (code); \ - switch (result) { \ - case DNS_R_NXDOMAIN: \ - case DNS_R_YXDOMAIN: \ - case DNS_R_YXRRSET: \ - case DNS_R_NXRRSET: \ - _what = "unsuccessful"; \ - } \ - if (isc_log_wouldlog(LOGLEVEL_PROTOCOL)) { \ - char _nbuf[DNS_NAME_FORMATSIZE]; \ - char _tbuf[DNS_RDATATYPE_FORMATSIZE]; \ - dns_name_format(name, _nbuf, sizeof(_nbuf)); \ - dns_rdatatype_format(type, _tbuf, sizeof(_tbuf)); \ - update_log(log, zone, LOGLEVEL_PROTOCOL, \ - "update %s: %s/%s: %s (%s)", _what, _nbuf, \ - _tbuf, msg, isc_result_totext(result)); \ - } \ - if (result != ISC_R_SUCCESS) \ - goto failure; \ - } while (0) - -/*% - * Fail unconditionally and log as a server error. - * The test against ISC_R_SUCCESS is there to keep the Solaris compiler - * from complaining about "end-of-loop code not reached". - */ -#define FAILS(code, msg) \ - do { \ - result = (code); \ - update_log(log, zone, LOGLEVEL_PROTOCOL, "error: %s: %s", msg, \ - isc_result_totext(result)); \ - if (result != ISC_R_SUCCESS) \ - goto failure; \ - } while (0) - /**************************************************************************/ typedef struct rr rr_t; @@ -737,7 +627,7 @@ namelist_append_subdomain(dns_db_t *db, dns_name_t *name, if (result == ISC_R_NOMORE) { result = ISC_R_SUCCESS; } -failure: +cleanup: if (dbit != NULL) { dns_dbiterator_destroy(&dbit); } @@ -802,7 +692,7 @@ uniqify_name_list(dns_diff_t *list) { dns_difftuple_free(&p); } } -failure: +cleanup: return result; } @@ -898,8 +788,7 @@ next_active(dns_update_log_t *log, dns_zone_t *zone, dns_db_t *db, if (wraps == 2) { update_log(log, zone, ISC_LOG_ERROR, "secure zone with no NSECs"); - result = DNS_R_BADZONE; - goto failure; + CHECK(DNS_R_BADZONE); } } CHECK(dns_dbiterator_current(dbit, &node, newname)); @@ -935,7 +824,7 @@ next_active(dns_update_log_t *log, dns_zone_t *zone, dns_db_t *db, } } } while (!has_nsec); -failure: +cleanup: if (dbit != NULL) { dns_dbiterator_destroy(&dbit); } @@ -987,7 +876,7 @@ add_nsec(dns_update_log_t *log, dns_zone_t *zone, dns_db_t *db, CHECK(do_one_tuple(&tuple, db, ver, diff)); INSIST(tuple == NULL); -failure: +cleanup: if (node != NULL) { dns_db_detachnode(&node); } @@ -1012,7 +901,7 @@ add_placeholder_nsec(dns_db_t *db, dns_dbversion_t *ver, dns_name_t *name, dns_difftuple_create(diff->mctx, DNS_DIFFOP_ADD, name, 0, &rdata, &tuple); CHECK(do_one_tuple(&tuple, db, ver, diff)); -failure: +cleanup: return result; } @@ -1251,7 +1140,7 @@ add_sigs(dns_update_log_t *log, dns_zone_t *zone, dns_db_t *db, result = ISC_R_NOTFOUND; } -failure: +cleanup: if (dns_rdataset_isassociated(&rdataset)) { dns_rdataset_disassociate(&rdataset); } @@ -1281,9 +1170,8 @@ del_keysigs(dns_db_t *db, dns_dbversion_t *ver, dns_name_t *name, if (result == ISC_R_NOTFOUND) { return ISC_R_SUCCESS; } - if (result != ISC_R_SUCCESS) { - goto failure; - } + CHECK(result); + result = dns_db_findrdataset(db, node, ver, dns_rdatatype_rrsig, dns_rdatatype_dnskey, (isc_stdtime_t)0, &rdataset, NULL); @@ -1292,9 +1180,7 @@ del_keysigs(dns_db_t *db, dns_dbversion_t *ver, dns_name_t *name, if (result == ISC_R_NOTFOUND) { return ISC_R_SUCCESS; } - if (result != ISC_R_SUCCESS) { - goto failure; - } + CHECK(result); DNS_RDATASET_FOREACH(&rdataset) { dns_rdata_t rdata = DNS_RDATA_INIT; @@ -1335,7 +1221,7 @@ del_keysigs(dns_db_t *db, dns_dbversion_t *ver, dns_name_t *name, } dns_rdataset_disassociate(&rdataset); -failure: +cleanup: if (node != NULL) { dns_db_detachnode(&node); } @@ -1525,7 +1411,7 @@ dns_update_signaturesinc(dns_update_log_t *log, dns_zone_t *zone, dns_db_t *db, update_log(log, zone, ISC_LOG_ERROR, "could not get zone keys for secure " "dynamic update"); - goto failure; + goto cleanup; } state->now = isc_stdtime_now(); @@ -1947,7 +1833,7 @@ next_state: if (!state->build_nsec3) { update_log(log, zone, ISC_LOG_DEBUG(3), "no NSEC3 chains to rebuild"); - goto failure; + goto cleanup; } update_log(log, zone, ISC_LOG_DEBUG(3), @@ -2119,7 +2005,7 @@ next_state: UNREACHABLE(); } -failure: +cleanup: if (node != NULL) { dns_db_detachnode(&node); } diff --git a/lib/dns/view.c b/lib/dns/view.c index 7efc9234a2..47c4fed0dd 100644 --- a/lib/dns/view.c +++ b/lib/dns/view.c @@ -66,13 +66,6 @@ #include #include -#define CHECK(op) \ - do { \ - result = (op); \ - if (result != ISC_R_SUCCESS) \ - goto cleanup; \ - } while (0) - #define DNS_VIEW_DELONLYHASH 111 /*% diff --git a/lib/dns/xfrin.c b/lib/dns/xfrin.c index f68f63b515..27f20e8891 100644 --- a/lib/dns/xfrin.c +++ b/lib/dns/xfrin.c @@ -55,14 +55,6 @@ * Incoming AXFR and IXFR. */ -#define CHECK(op) \ - { \ - result = (op); \ - if (result != ISC_R_SUCCESS) { \ - goto failure; \ - } \ - } - /*% * The states of the *XFR state machine. We handle both IXFR and AXFR * with a single integrated state machine because they cannot be @@ -306,7 +298,7 @@ axfr_init(dns_xfrin_t *xfr) { dns_rdatacallbacks_init(&xfr->axfr); CHECK(dns_db_beginload(xfr->db, &xfr->axfr)); result = ISC_R_SUCCESS; -failure: +cleanup: return result; } @@ -341,7 +333,7 @@ axfr_putdata(dns_xfrin_t *xfr, dns_diffop_t op, dns_name_t *name, dns_ttl_t ttl, dns_diff_append(&xfr->diff, &tuple); result = ISC_R_SUCCESS; -failure: +cleanup: return result; } @@ -360,20 +352,18 @@ axfr_apply(void *arg) { uint64_t records; if (atomic_load(&xfr->shuttingdown)) { - result = ISC_R_SHUTTINGDOWN; - goto failure; + CHECK(ISC_R_SHUTTINGDOWN); } CHECK(dns_diff_load(&xfr->diff, &xfr->axfr)); if (xfr->maxrecords != 0U) { result = dns_db_getsize(xfr->db, xfr->ver, &records, NULL); if (result == ISC_R_SUCCESS && records > xfr->maxrecords) { - result = DNS_R_TOOMANYRECORDS; - goto failure; + CHECK(DNS_R_TOOMANYRECORDS); } } -failure: +cleanup: dns_diff_clear(&xfr->diff); work->result = result; } @@ -399,7 +389,7 @@ axfr_apply_done(void *arg) { (void)dns_db_endload(xfr->db, &xfr->axfr); } -failure: +cleanup: xfr->diff_running = false; isc_mem_put(xfr->mctx, work, sizeof(*work)); @@ -471,7 +461,7 @@ ixfr_init(dns_xfrin_t *xfr) { } result = ISC_R_SUCCESS; -failure: +cleanup: return result; } @@ -493,7 +483,7 @@ ixfr_putdata(dns_xfrin_t *xfr, dns_diffop_t op, dns_name_t *name, dns_ttl_t ttl, dns_diff_append(&xfr->diff, &tuple); xfr->ixfr.diffs++; -failure: +cleanup: return result; } @@ -504,7 +494,7 @@ ixfr_begin_transaction(dns_xfrin_t *xfr) { if (xfr->ixfr.journal != NULL) { CHECK(dns_journal_begin_transaction(xfr->ixfr.journal)); } -failure: +cleanup: return result; } @@ -517,7 +507,7 @@ ixfr_end_transaction(dns_xfrin_t *xfr) { if (xfr->ixfr.journal != NULL) { CHECK(dns_journal_commit(xfr->ixfr.journal)); } -failure: +cleanup: return result; } @@ -532,8 +522,7 @@ ixfr_apply_one(dns_xfrin_t *xfr, ixfr_apply_data_t *data) { if (xfr->maxrecords != 0U) { result = dns_db_getsize(xfr->db, xfr->ver, &records, NULL); if (result == ISC_R_SUCCESS && records > xfr->maxrecords) { - result = DNS_R_TOOMANYRECORDS; - goto failure; + CHECK(DNS_R_TOOMANYRECORDS); } } if (xfr->ixfr.journal != NULL) { @@ -543,7 +532,7 @@ ixfr_apply_one(dns_xfrin_t *xfr, ixfr_apply_data_t *data) { result = ixfr_end_transaction(xfr); return result; -failure: +cleanup: /* We need to end the transaction, but keep the previous error */ (void)ixfr_end_transaction(xfr); @@ -606,9 +595,7 @@ ixfr_apply_done(void *arg) { result = ISC_R_SHUTTINGDOWN; } - if (result != ISC_R_SUCCESS) { - goto failure; - } + CHECK(result); /* Reschedule */ if (!cds_wfcq_empty(&xfr->diff_head, &xfr->diff_tail)) { @@ -616,7 +603,7 @@ ixfr_apply_done(void *arg) { return; } -failure: +cleanup: xfr->diff_running = false; isc_mem_put(xfr->mctx, work, sizeof(*work)); @@ -670,7 +657,7 @@ ixfr_commit(dns_xfrin_t *xfr) { isc_work_enqueue(xfr->loop, ixfr_apply, ixfr_apply_done, work); } -failure: +cleanup: return result; } @@ -697,8 +684,7 @@ xfr_rr(dns_xfrin_t *xfr, dns_name_t *name, uint32_t ttl, dns_rdata_t *rdata) { dns_rdatatype_format(rdata->type, buf, sizeof(buf)); xfrin_log(xfr, ISC_LOG_NOTICE, "Unexpected %s record in zone transfer", buf); - result = DNS_R_FORMERR; - goto failure; + CHECK(DNS_R_FORMERR); } /* @@ -713,8 +699,7 @@ xfr_rr(dns_xfrin_t *xfr, dns_name_t *name, uint32_t ttl, dns_rdata_t *rdata) { dns_name_format(name, namebuf, sizeof(namebuf)); xfrin_log(xfr, ISC_LOG_DEBUG(3), "SOA name mismatch: '%s'", namebuf); - result = DNS_R_NOTZONETOP; - goto failure; + CHECK(DNS_R_NOTZONETOP); } redo: @@ -723,8 +708,7 @@ redo: if (rdata->type != dns_rdatatype_soa) { xfrin_log(xfr, ISC_LOG_NOTICE, "non-SOA response to SOA query"); - result = DNS_R_FORMERR; - goto failure; + CHECK(DNS_R_FORMERR); } end_serial = dns_soa_getserial(rdata); atomic_store_relaxed(&xfr->end_serial, end_serial); @@ -735,8 +719,7 @@ redo: "requested serial %u, " "primary has %" PRIuFAST32 ", not updating", xfr->ixfr.request_serial, end_serial); - result = DNS_R_UPTODATE; - goto failure; + CHECK(DNS_R_UPTODATE); } atomic_store(&xfr->state, XFRST_GOTSOA); break; @@ -751,8 +734,7 @@ redo: if (rdata->type != dns_rdatatype_soa) { xfrin_log(xfr, ISC_LOG_NOTICE, "first RR in zone transfer must be SOA"); - result = DNS_R_FORMERR; - goto failure; + CHECK(DNS_R_FORMERR); } /* * Remember the serial number in the initial SOA. @@ -773,8 +755,7 @@ redo: "requested serial %u, " "primary has %" PRIuFAST32 ", not updating", xfr->ixfr.request_serial, end_serial); - result = DNS_R_UPTODATE; - goto failure; + CHECK(DNS_R_UPTODATE); } xfr->firstsoa = *rdata; if (xfr->firstsoa_data != NULL) { @@ -842,8 +823,7 @@ redo: "IXFR out of sync: " "expected serial %u, got %u", xfr->ixfr.current_serial, soa_serial); - result = DNS_R_FORMERR; - goto failure; + CHECK(DNS_R_FORMERR); } else { CHECK(ixfr_commit(xfr)); atomic_store(&xfr->state, XFRST_IXFR_DELSOA); @@ -853,8 +833,7 @@ redo: if (rdata->type == dns_rdatatype_ns && dns_name_iswildcard(name)) { - result = DNS_R_INVALIDNS; - goto failure; + CHECK(DNS_R_INVALIDNS); } CHECK(ixfr_putdata(xfr, DNS_DIFFOP_ADD, name, ttl, rdata)); break; @@ -879,8 +858,7 @@ redo: xfrin_log(xfr, ISC_LOG_NOTICE, "start and ending SOA records " "mismatch"); - result = DNS_R_FORMERR; - goto failure; + CHECK(DNS_R_FORMERR); } axfr_commit(xfr); atomic_store(&xfr->state, XFRST_AXFR_END); @@ -889,13 +867,13 @@ redo: break; case XFRST_AXFR_END: case XFRST_IXFR_END: - result = DNS_R_EXTRADATA; - goto failure; + CHECK(DNS_R_EXTRADATA); + break; default: UNREACHABLE(); } result = ISC_R_SUCCESS; -failure: +cleanup: return result; } @@ -1310,8 +1288,7 @@ xfrin_start(dns_xfrin_t *xfr) { dns_dispatchmgr_t *dispmgr = dns_view_getdispatchmgr(xfr->view); if (dispmgr == NULL) { - result = ISC_R_SHUTTINGDOWN; - goto failure; + CHECK(ISC_R_SHUTTINGDOWN); } primaries_timeout = isc_nm_getprimariestimeout(); @@ -1319,9 +1296,7 @@ xfrin_start(dns_xfrin_t *xfr) { &xfr->primaryaddr, xfr->transport, DNS_DISPATCHOPT_UNSHARED, &xfr->disp); dns_dispatchmgr_detach(&dispmgr); - if (result != ISC_R_SUCCESS) { - goto failure; - } + CHECK(result); LIBDNS_XFRIN_START(xfr, xfr->info); @@ -1388,7 +1363,7 @@ xfrin_start(dns_xfrin_t *xfr) { return ISC_R_SUCCESS; -failure: +cleanup: xfrin_cancelio(xfr); dns_xfrin_detach(&xfr); @@ -1410,7 +1385,7 @@ render(dns_message_t *msg, isc_mem_t *mctx, isc_buffer_t *buf) { CHECK(dns_message_rendersection(msg, DNS_SECTION_ADDITIONAL, 0)); CHECK(dns_message_renderend(msg)); result = ISC_R_SUCCESS; -failure: +cleanup: dns_compress_invalidate(&cctx); return result; } @@ -1437,13 +1412,13 @@ xfrin_connect_done(isc_result_t result, isc_region_t *region ISC_ATTR_UNUSED, if (result != ISC_R_SUCCESS) { xfrin_fail(xfr, result, "failed to connect"); - goto failure; + goto cleanup; } result = dns_dispatch_checkperm(xfr->disp); if (result != ISC_R_SUCCESS) { xfrin_fail(xfr, result, "connected but unable to transfer"); - goto failure; + goto cleanup; } zmgr = dns_zone_getmgr(xfr->zone); @@ -1472,7 +1447,7 @@ xfrin_connect_done(isc_result_t result, isc_region_t *region ISC_ATTR_UNUSED, return; -failure: +cleanup: switch (result) { case ISC_R_NETDOWN: case ISC_R_HOSTDOWN: @@ -1682,7 +1657,7 @@ xfrin_send_request(dns_xfrin_t *xfr) { xfrin_log(xfr, ISC_LOG_DEBUG(3), "sending %s request, QID %d", request_type(xfr), xfr->id); -failure: +cleanup: dns_message_detach(&msg); if (soatuple != NULL) { dns_difftuple_free(&soatuple); @@ -1712,7 +1687,7 @@ xfrin_send_done(isc_result_t result, isc_region_t *region, void *arg) { xfrin_log(xfr, ISC_LOG_DEBUG(3), "sent request data"); -failure: +cleanup: if (result != ISC_R_SUCCESS) { xfrin_fail(xfr, result, "failed sending request data"); } @@ -1866,7 +1841,7 @@ xfrin_recv_done(isc_result_t result, isc_region_t *region, void *arg) { if (xfr->reqtype == dns_rdatatype_axfr || xfr->reqtype == dns_rdatatype_soa) { - goto failure; + goto cleanup; } xfrin_log(xfr, ISC_LOG_DEBUG(3), "got %s, retrying with AXFR", @@ -1896,8 +1871,7 @@ xfrin_recv_done(isc_result_t result, isc_region_t *region, void *arg) { if (msg->counts[DNS_SECTION_QUESTION] > 1) { xfrin_log(xfr, ISC_LOG_NOTICE, "too many questions (%u)", msg->counts[DNS_SECTION_QUESTION]); - result = DNS_R_FORMERR; - goto failure; + CHECK(DNS_R_FORMERR); } if ((atomic_load(&xfr->state) == XFRST_SOAQUERY || @@ -1905,8 +1879,7 @@ xfrin_recv_done(isc_result_t result, isc_region_t *region, void *arg) { msg->counts[DNS_SECTION_QUESTION] != 1) { xfrin_log(xfr, ISC_LOG_NOTICE, "missing question section"); - result = DNS_R_FORMERR; - goto failure; + CHECK(DNS_R_FORMERR); } MSG_SECTION_FOREACH(msg, DNS_SECTION_QUESTION, name) { @@ -1917,22 +1890,19 @@ xfrin_recv_done(isc_result_t result, isc_region_t *region, void *arg) { if (!dns_name_equal(name, &xfr->name)) { xfrin_log(xfr, ISC_LOG_NOTICE, "question name mismatch"); - result = DNS_R_FORMERR; - goto failure; + CHECK(DNS_R_FORMERR); } rds = ISC_LIST_HEAD(name->list); INSIST(rds != NULL); if (rds->type != xfr->reqtype) { xfrin_log(xfr, ISC_LOG_NOTICE, "question type mismatch"); - result = DNS_R_FORMERR; - goto failure; + CHECK(DNS_R_FORMERR); } if (rds->rdclass != xfr->rdclass) { xfrin_log(xfr, ISC_LOG_NOTICE, "question class mismatch"); - result = DNS_R_FORMERR; - goto failure; + CHECK(DNS_R_FORMERR); } } @@ -1954,15 +1924,14 @@ xfrin_recv_done(isc_result_t result, isc_region_t *region, void *arg) { if (xfr->reqtype == dns_rdatatype_soa && (msg->flags & DNS_MESSAGEFLAG_AA) == 0) { - result = DNS_R_NOTAUTHORITATIVE; - goto failure; + CHECK(DNS_R_NOTAUTHORITATIVE); } result = dns_message_checksig(msg, xfr->view); if (result != ISC_R_SUCCESS) { xfrin_log(xfr, ISC_LOG_DEBUG(3), "TSIG check failed: %s", isc_result_totext(result)); - goto failure; + goto cleanup; } MSG_SECTION_FOREACH(msg, DNS_SECTION_ANSWER, name) { @@ -2014,8 +1983,7 @@ xfrin_recv_done(isc_result_t result, isc_region_t *region, void *arg) { atomic_load(&xfr->state) == XFRST_AXFR_END || atomic_load(&xfr->state) == XFRST_IXFR_END) { - result = DNS_R_EXPECTEDTSIG; - goto failure; + CHECK(DNS_R_EXPECTEDTSIG); } } @@ -2055,10 +2023,7 @@ xfrin_recv_done(isc_result_t result, isc_region_t *region, void *arg) { * Read the next message. */ dns_message_detach(&msg); - result = dns_dispatch_getnext(xfr->dispentry); - if (result != ISC_R_SUCCESS) { - goto failure; - } + CHECK(dns_dispatch_getnext(xfr->dispentry)); isc_interval_t interval; isc_interval_set(&interval, dns_zone_getidlein(xfr->zone), 0); @@ -2069,7 +2034,7 @@ xfrin_recv_done(isc_result_t result, isc_region_t *region, void *arg) { return; } -failure: +cleanup: if (result != ISC_R_SUCCESS) { xfrin_fail(xfr, result, "failed while receiving responses"); } diff --git a/lib/dns/zone.c b/lib/dns/zone.c index cfe76c9706..562d8d132b 100644 --- a/lib/dns/zone.c +++ b/lib/dns/zone.c @@ -219,13 +219,6 @@ typedef struct dns_include dns_include_t; #define ZONEDB_LOCK(l, t) RWLOCK((l), (t)) #define ZONEDB_UNLOCK(l, t) RWUNLOCK((l), (t)) -#define RETERR(x) \ - do { \ - result = (x); \ - if (result != ISC_R_SUCCESS) \ - goto failure; \ - } while (0) - #ifdef ENABLE_AFL extern bool dns_fuzzing_resolver; #endif /* ifdef ENABLE_AFL */ @@ -604,13 +597,6 @@ typedef enum { * load. */ } dns_zoneloadflag_t; -#define CHECK(op) \ - do { \ - result = (op); \ - if (result != ISC_R_SUCCESS) \ - goto failure; \ - } while (0) - struct dns_zonemgr { unsigned int magic; isc_mem_t *mctx; @@ -1935,7 +1921,7 @@ setfilename(dns_zone_t *zone, char **field, const char *value) { const char *end = value + strlen(value); putmem(&b, p, end - p); -failure: +cleanup: isc_buffer_putuint8(&b, 0); setstring(zone, field, filename); } @@ -2270,14 +2256,14 @@ copy_initfile(dns_zone_t *zone) { size_t rval; result = isc_stdio_read(buf, 1, sizeof(buf), input, &rval); - if (result != ISC_R_SUCCESS && result != ISC_R_EOF) { - goto failure; + if (result != ISC_R_EOF) { + CHECK(result); } CHECK(isc_stdio_write(buf, rval, 1, output, NULL)); len -= rval; } while (len > 0); -failure: +cleanup: if (input != NULL) { isc_stdio_close(input); } @@ -4568,7 +4554,7 @@ create_keydata(dns_zone_t *zone, dns_db_t *db, dns_dbversion_t *ver, set_refreshkeytimer(zone, &kd, now, true); return ISC_R_SUCCESS; -failure: +cleanup: return result; } @@ -4664,7 +4650,7 @@ trust_key(dns_zone_t *zone, dns_name_t *keyname, dns_rdata_dnskey_t *dnskey, dns_keytable_detach(&sr); -failure: +cleanup: if (sr != NULL) { dns_keytable_detach(&sr); } @@ -4829,7 +4815,7 @@ update_soa_serial(dns_zone_t *zone, dns_db_t *db, dns_dbversion_t *ver, CHECK(do_one_tuple(&addtuple, db, ver, diff)); result = ISC_R_SUCCESS; -failure: +cleanup: if (addtuple != NULL) { dns_difftuple_free(&addtuple); } @@ -4897,7 +4883,7 @@ add_soa(dns_zone_t *zone, dns_db_t *db) { dns_zone_log(zone, ISC_LOG_ERROR, "add_soa:dns_db_newversion -> %s", isc_result_totext(result)); - goto failure; + goto cleanup; } /* Build SOA record */ @@ -4907,13 +4893,13 @@ add_soa(dns_zone_t *zone, dns_db_t *db) { dns_zone_log(zone, ISC_LOG_ERROR, "add_soa:dns_soa_buildrdata -> %s", isc_result_totext(result)); - goto failure; + goto cleanup; } result = update_one_rr(db, ver, &diff, DNS_DIFFOP_ADD, &zone->origin, 0, &rdata); -failure: +cleanup: dns_diff_clear(&diff); if (ver != NULL) { dns_db_closeversion(db, &ver, result == ISC_R_SUCCESS); @@ -5017,7 +5003,7 @@ sync_keyzone(dns_zone_t *zone, dns_db_t *db) { dnssec_log(zone, ISC_LOG_ERROR, "sync_keyzone:dns_db_newversion -> %s", isc_result_totext(result)); - goto failure; + goto cleanup; } /* @@ -5041,7 +5027,7 @@ sync_keyzone(dns_zone_t *zone, dns_db_t *db) { dns_rriterator_current(&rrit, &rrname, &ttl, &rdataset, NULL); if (!dns_rdataset_isassociated(rdataset)) { dns_rriterator_destroy(&rrit); - goto failure; + goto cleanup; } if (rdataset->type != dns_rdatatype_keydata) { @@ -5113,7 +5099,7 @@ sync_keyzone(dns_zone_t *zone, dns_db_t *db) { commit = true; } -failure: +cleanup: if (result != ISC_R_SUCCESS) { dnssec_log(zone, ISC_LOG_ERROR, "unable to synchronize managed keys: %s", @@ -5151,7 +5137,7 @@ dns_zone_synckeyzone(dns_zone_t *zone) { result = sync_keyzone(zone, db); UNLOCK_ZONE(zone); -failure: +cleanup: if (db != NULL) { dns_db_detach(&db); } @@ -5250,7 +5236,7 @@ check_reportchannel(dns_zone_t *zone, dns_db_t *db) { dns_rdataset_disassociate(&rdataset); } -failure: +cleanup: return result; } @@ -6717,13 +6703,13 @@ findzonekeys(dns_zone_t *zone, dns_db_t *db, dns_dbversion_t *ver, *nkeys = 0; memset(keys, 0, sizeof(*keys) * maxkeys); dns_rdataset_init(&rdataset); - RETERR(dns_db_findrdataset(db, node, ver, dns_rdatatype_dnskey, 0, 0, - &rdataset, NULL)); - RETERR(dns_rdataset_first(&rdataset)); + CHECK(dns_db_findrdataset(db, node, ver, dns_rdatatype_dnskey, 0, 0, + &rdataset, NULL)); + CHECK(dns_rdataset_first(&rdataset)); while (result == ISC_R_SUCCESS && count < maxkeys) { pubkey = NULL; dns_rdataset_current(&rdataset, &rdata); - RETERR(dns_dnssec_keyfromrdata(name, &rdata, mctx, &pubkey)); + CHECK(dns_dnssec_keyfromrdata(name, &rdata, mctx, &pubkey)); dst_key_setttl(pubkey, rdataset.ttl); if (!is_zone_key(pubkey)) { @@ -6799,9 +6785,7 @@ findzonekeys(dns_zone_t *zone, dns_db_t *db, dns_dbversion_t *ver, goto next; } - if (result != ISC_R_SUCCESS) { - goto failure; - } + CHECK(result); /* * If a key is marked inactive, skip it @@ -6829,7 +6813,7 @@ findzonekeys(dns_zone_t *zone, dns_db_t *db, dns_dbversion_t *ver, result = dns_rdataset_next(&rdataset); } if (result != ISC_R_NOMORE) { - goto failure; + CHECK(result); } if (count == 0) { result = ISC_R_NOTFOUND; @@ -6837,7 +6821,7 @@ findzonekeys(dns_zone_t *zone, dns_db_t *db, dns_dbversion_t *ver, result = ISC_R_SUCCESS; } -failure: +cleanup: if (dns_rdataset_isassociated(&rdataset)) { dns_rdataset_disassociate(&rdataset); } @@ -6884,7 +6868,7 @@ dns_zone_findkeys(dns_zone_t *zone, dns_db_t *db, dns_dbversion_t *ver, result = ISC_R_SUCCESS; } -failure: +cleanup: if (node != NULL) { dns_db_detachnode(&node); @@ -6932,8 +6916,8 @@ dns_zone_getdnsseckeys(dns_zone_t *zone, dns_db_t *db, dns_dbversion_t *ver, dns_zone_getmctx(zone), keys); dns_zone_unlock_keyfiles(zone); - if (result != ISC_R_SUCCESS && result != ISC_R_NOTFOUND) { - goto failure; + if (result != ISC_R_NOTFOUND) { + CHECK(result); } /* Get public keys (dnskeys). */ @@ -6966,7 +6950,7 @@ dns_zone_getdnsseckeys(dns_zone_t *zone, dns_db_t *db, dns_dbversion_t *ver, } } -failure: +cleanup: if (dns_rdataset_isassociated(&keyset)) { dns_rdataset_disassociate(&keyset); } @@ -7160,9 +7144,8 @@ del_sigs(dns_zone_t *zone, dns_db_t *db, dns_dbversion_t *ver, dns_name_t *name, if (result == ISC_R_NOTFOUND) { return ISC_R_SUCCESS; } - if (result != ISC_R_SUCCESS) { - goto failure; - } + CHECK(result); + result = dns_db_findrdataset(db, node, ver, dns_rdatatype_rrsig, type, (isc_stdtime_t)0, &rdataset, NULL); dns_db_detachnode(&node); @@ -7173,7 +7156,7 @@ del_sigs(dns_zone_t *zone, dns_db_t *db, dns_dbversion_t *ver, dns_name_t *name, } if (result != ISC_R_SUCCESS) { INSIST(!dns_rdataset_isassociated(&rdataset)); - goto failure; + goto cleanup; } DNS_RDATASET_FOREACH(&rdataset) { @@ -7321,7 +7304,7 @@ del_sigs(dns_zone_t *zone, dns_db_t *db, dns_dbversion_t *ver, dns_name_t *name, "key expiry warning time out of range"); } } -failure: +cleanup: if (node != NULL) { dns_db_detachnode(&node); } @@ -7360,9 +7343,8 @@ add_sigs(dns_db_t *db, dns_dbversion_t *ver, dns_name_t *name, dns_zone_t *zone, if (result == ISC_R_NOTFOUND) { return ISC_R_SUCCESS; } - if (result != ISC_R_SUCCESS) { - goto failure; - } + CHECK(result); + result = dns_db_findrdataset(db, node, ver, type, 0, (isc_stdtime_t)0, &rdataset, NULL); dns_db_detachnode(&node); @@ -7372,7 +7354,7 @@ add_sigs(dns_db_t *db, dns_dbversion_t *ver, dns_name_t *name, dns_zone_t *zone, } if (result != ISC_R_SUCCESS) { INSIST(!dns_rdataset_isassociated(&rdataset)); - goto failure; + goto cleanup; } for (i = 0; i < nkeys; i++) { @@ -7525,7 +7507,7 @@ add_sigs(dns_db_t *db, dns_dbversion_t *ver, dns_name_t *name, dns_zone_t *zone, } } -failure: +cleanup: if (dns_rdataset_isassociated(&rdataset)) { dns_rdataset_disassociate(&rdataset); } @@ -7607,8 +7589,7 @@ zone_resigninc(dns_zone_t *zone) { * Zone is frozen. Pause for 5 minutes. */ if (zone->update_disabled) { - result = ISC_R_FAILURE; - goto failure; + CHECK(ISC_R_FAILURE); } ZONEDB_LOCK(&zone->dblock, isc_rwlocktype_read); @@ -7617,8 +7598,7 @@ zone_resigninc(dns_zone_t *zone) { } ZONEDB_UNLOCK(&zone->dblock, isc_rwlocktype_read); if (db == NULL) { - result = ISC_R_FAILURE; - goto failure; + CHECK(ISC_R_FAILURE); } result = dns_db_newversion(db, &version); @@ -7626,7 +7606,7 @@ zone_resigninc(dns_zone_t *zone) { dns_zone_log(zone, ISC_LOG_ERROR, "zone_resigninc:dns_db_newversion -> %s", isc_result_totext(result)); - goto failure; + goto cleanup; } now = isc_stdtime_now(); @@ -7637,7 +7617,7 @@ zone_resigninc(dns_zone_t *zone) { dns_zone_log(zone, ISC_LOG_ERROR, "zone_resigninc:dns_zone_findkeys -> %s", isc_result_totext(result)); - goto failure; + goto cleanup; } calculate_rrsig_validity(zone, now, &inception, &soaexpire, &expire, @@ -7710,8 +7690,8 @@ zone_resigninc(dns_zone_t *zone) { } } - if (result != ISC_R_NOMORE && result != ISC_R_SUCCESS) { - goto failure; + if (result != ISC_R_NOMORE) { + CHECK(result); } result = del_sigs(zone, db, version, &zone->origin, dns_rdatatype_soa, @@ -7720,7 +7700,7 @@ zone_resigninc(dns_zone_t *zone) { dns_zone_log(zone, ISC_LOG_ERROR, "zone_resigninc:del_sigs -> %s", isc_result_totext(result)); - goto failure; + goto cleanup; } /* @@ -7733,7 +7713,7 @@ zone_resigninc(dns_zone_t *zone) { if (zonediff.offline) { dns_db_closeversion(db, &version, true); } - goto failure; + goto cleanup; } /* Increment SOA serial if we have made changes */ @@ -7743,7 +7723,7 @@ zone_resigninc(dns_zone_t *zone) { dns_zone_log(zone, ISC_LOG_ERROR, "zone_resigninc:update_soa_serial -> %s", isc_result_totext(result)); - goto failure; + goto cleanup; } /* @@ -7757,7 +7737,7 @@ zone_resigninc(dns_zone_t *zone) { dns_zone_log(zone, ISC_LOG_ERROR, "zone_resigninc:add_sigs -> %s", isc_result_totext(result)); - goto failure; + goto cleanup; } /* Write changes to journal file. */ @@ -7766,7 +7746,7 @@ zone_resigninc(dns_zone_t *zone) { /* Everything has succeeded. Commit the changes. */ dns_db_closeversion(db, &version, true); -failure: +cleanup: dns_diff_clear(&_sig_diff); for (i = 0; i < nkeys; i++) { dst_key_free(&zone_keys[i]); @@ -7829,7 +7809,7 @@ next_active(dns_db_t *db, dns_dbversion_t *version, dns_name_t *oldname, break; } } while (1); -failure: +cleanup: if (node != NULL) { dns_db_detachnode(&node); } @@ -7925,7 +7905,7 @@ add_nsec(dns_db_t *db, dns_dbversion_t *version, dns_name_t *name, CHECK(dns_nsec_buildrdata(db, version, node, next, nsecbuffer, &rdata)); CHECK(update_one_rr(db, version, diff, DNS_DIFFOP_ADD, name, ttl, &rdata)); -failure: +cleanup: return result; } @@ -8130,7 +8110,7 @@ sign_a_node(dns_db_t *db, dns_zone_t *zone, dns_name_t *name, (*signatures)--; } -failure: +cleanup: if (dns_rdataset_isassociated(&rdataset)) { dns_rdataset_disassociate(&rdataset); } @@ -8162,15 +8142,13 @@ updatesecure(dns_db_t *db, dns_dbversion_t *version, dns_name_t *name, if (result == ISC_R_NOTFOUND) { goto success; } - if (result != ISC_R_SUCCESS) { - goto failure; - } + CHECK(result); } CHECK(delete_nsec(db, version, node, name, diff)); CHECK(add_nsec(db, version, name, node, nsecttl, false, diff)); success: result = ISC_R_SUCCESS; -failure: +cleanup: if (node != NULL) { dns_db_detachnode(&node); } @@ -8188,10 +8166,7 @@ updatesignwithkey(dns_zone_t *zone, dns_signing_t *signing, bool have_rr = false; dns_rdataset_init(&rdataset); - result = dns_db_getoriginnode(signing->db, &node); - if (result != ISC_R_SUCCESS) { - goto failure; - } + CHECK(dns_db_getoriginnode(signing->db, &node)); result = dns_db_findrdataset(signing->db, node, version, zone->privatetype, dns_rdatatype_none, 0, @@ -8199,11 +8174,11 @@ updatesignwithkey(dns_zone_t *zone, dns_signing_t *signing, if (result == ISC_R_NOTFOUND) { INSIST(!dns_rdataset_isassociated(&rdataset)); result = ISC_R_SUCCESS; - goto failure; + goto cleanup; } if (result != ISC_R_SUCCESS) { INSIST(!dns_rdataset_isassociated(&rdataset)); - goto failure; + goto cleanup; } DNS_RDATASET_FOREACH(&rdataset) { @@ -8295,7 +8270,7 @@ updatesignwithkey(dns_zone_t *zone, dns_signing_t *signing, diff)); } -failure: +cleanup: if (dns_rdataset_isassociated(&rdataset)) { dns_rdataset_disassociate(&rdataset); } @@ -8369,7 +8344,7 @@ fixup_nsec3param(dns_db_t *db, dns_dbversion_t *ver, dns_nsec3chain_t *chain, goto try_private; } if (result != ISC_R_SUCCESS) { - goto failure; + goto cleanup; } /* @@ -8449,9 +8424,7 @@ try_private: if (result == ISC_R_NOTFOUND) { goto add; } - if (result != ISC_R_SUCCESS) { - goto failure; - } + CHECK(result); DNS_RDATASET_FOREACH(&rdataset) { dns_rdata_t private = DNS_RDATA_INIT; @@ -8484,7 +8457,7 @@ try_private: add: if ((chain->nsec3param.flags & DNS_NSEC3FLAG_REMOVE) != 0) { result = ISC_R_SUCCESS; - goto failure; + goto cleanup; } /* @@ -8501,7 +8474,7 @@ add: rdata.data[1] = 0; /* Clear flag bits. */ CHECK(update_one_rr(db, ver, diff, DNS_DIFFOP_ADD, name, ttl, &rdata)); -failure: +cleanup: dns_db_detachnode(&node); if (dns_rdataset_isassociated(&rdataset)) { dns_rdataset_disassociate(&rdataset); @@ -8534,7 +8507,7 @@ delete_nsec(dns_db_t *db, dns_dbversion_t *ver, dns_dbnode_t *node, rdataset.ttl, &rdata)); } -failure: +cleanup: dns_rdataset_disassociate(&rdataset); return result; } @@ -8573,7 +8546,7 @@ deletematchingnsec3(dns_db_t *db, dns_dbversion_t *ver, dns_dbnode_t *node, rdataset.ttl, &rdata)); } -failure: +cleanup: dns_rdataset_disassociate(&rdataset); return result; } @@ -8649,7 +8622,7 @@ need_nsec_chain(dns_db_t *db, dns_dbversion_t *ver, *answer = !active; -failure: +cleanup: if (dns_rdataset_isassociated(&rdataset)) { dns_rdataset_disassociate(&rdataset); } @@ -8796,8 +8769,7 @@ zone_nsec3chain(dns_zone_t *zone) { * Updates are disabled. Pause for 5 minutes. */ if (zone->update_disabled) { - result = ISC_R_FAILURE; - goto failure; + CHECK(ISC_R_FAILURE); } ZONEDB_LOCK(&zone->dblock, isc_rwlocktype_read); @@ -8823,7 +8795,7 @@ zone_nsec3chain(dns_zone_t *zone) { dnssec_log(zone, ISC_LOG_ERROR, "zone_nsec3chain:dns_db_newversion -> %s", isc_result_totext(result)); - goto failure; + goto cleanup; } now = isc_stdtime_now(); @@ -8834,7 +8806,7 @@ zone_nsec3chain(dns_zone_t *zone) { dnssec_log(zone, ISC_LOG_ERROR, "zone_nsec3chain:dns_zone_findkeys -> %s", isc_result_totext(result)); - goto failure; + goto cleanup; } calculate_rrsig_validity(zone, now, &inception, &soaexpire, NULL, @@ -8950,9 +8922,7 @@ zone_nsec3chain(dns_zone_t *zone) { /* Empty node? */ goto next_addnode; } - if (result != ISC_R_SUCCESS) { - goto failure; - } + CHECK(result); seen_soa = seen_ns = seen_dname = seen_ds = seen_nsec = false; DNS_RDATASETITER_FOREACH(iterator) { @@ -8998,7 +8968,7 @@ zone_nsec3chain(dns_zone_t *zone) { "zone_nsec3chain:" "dns_nsec3_addnsec3 -> %s", isc_result_totext(result)); - goto failure; + goto cleanup; } /* @@ -9055,7 +9025,7 @@ zone_nsec3chain(dns_zone_t *zone) { "zone_nsec3chain:" "dns_dbiterator_next -> %s", isc_result_totext(result)); - goto failure; + goto cleanup; } else if (delegation) { dns_dbiterator_current(nsec3chain->dbiterator, &node, nextname); @@ -9136,7 +9106,7 @@ zone_nsec3chain(dns_zone_t *zone) { "zone_nsec3chain:" "need_nsec_chain -> %s", isc_result_totext(result)); - goto failure; + goto cleanup; } } @@ -9163,7 +9133,7 @@ zone_nsec3chain(dns_zone_t *zone) { "zone_nsec3chain:" "fixup_nsec3param -> %s", isc_result_totext(result)); - goto failure; + goto cleanup; } } @@ -9178,7 +9148,7 @@ zone_nsec3chain(dns_zone_t *zone) { "zone_nsec3chain:" "deletematchingnsec3 -> %s", isc_result_totext(result)); - goto failure; + goto cleanup; } goto next_removenode; } @@ -9213,9 +9183,7 @@ zone_nsec3chain(dns_zone_t *zone) { /* Empty node? */ goto next_removenode; } - if (result != ISC_R_SUCCESS) { - goto failure; - } + CHECK(result); seen_soa = seen_ns = seen_dname = seen_nsec3 = seen_nsec = seen_rr = false; @@ -9285,7 +9253,7 @@ zone_nsec3chain(dns_zone_t *zone) { "zone_nsec3chain:" "fixup_nsec3param -> %s", isc_result_totext(result)); - goto failure; + goto cleanup; } goto next_removechain; } else if (result != ISC_R_SUCCESS) { @@ -9293,7 +9261,7 @@ zone_nsec3chain(dns_zone_t *zone) { "zone_nsec3chain:" "dns_dbiterator_next -> %s", isc_result_totext(result)); - goto failure; + goto cleanup; } else if (delegation) { dns_dbiterator_current(nsec3chain->dbiterator, &node, nextname); @@ -9333,7 +9301,7 @@ skip_removals: dnssec_log(zone, ISC_LOG_ERROR, "zone_nsec3chain:dns_db_allrdatasets -> %s", isc_result_totext(result)); - goto failure; + goto cleanup; } DNS_RDATASETITER_FOREACH(iterator) { dns_rdataset_t rdataset = DNS_RDATASET_INIT; @@ -9360,7 +9328,7 @@ skip_removals: dnssec_log(zone, ISC_LOG_ERROR, "zone_nsec3chain:updatesecure -> %s", isc_result_totext(result)); - goto failure; + goto cleanup; } } @@ -9377,7 +9345,7 @@ skip_removals: "zone_nsec3chain:" "dns_nsec3_addnsec3s -> %s", isc_result_totext(result)); - goto failure; + goto cleanup; } } } @@ -9395,7 +9363,7 @@ skip_removals: dnssec_log(zone, ISC_LOG_ERROR, "zone_nsec3chain:dns__zone_updatesigs -> %s", isc_result_totext(result)); - goto failure; + goto cleanup; } /* @@ -9409,7 +9377,7 @@ skip_removals: dnssec_log(zone, ISC_LOG_ERROR, "zone_nsec3chain:dns__zone_updatesigs -> %s", isc_result_totext(result)); - goto failure; + goto cleanup; } if (updatensec) { @@ -9419,7 +9387,7 @@ skip_removals: dnssec_log(zone, ISC_LOG_ERROR, "zone_nsec3chain:updatesecure -> %s", isc_result_totext(result)); - goto failure; + goto cleanup; } } @@ -9430,7 +9398,7 @@ skip_removals: dnssec_log(zone, ISC_LOG_ERROR, "zone_nsec3chain:dns__zone_updatesigs -> %s", isc_result_totext(result)); - goto failure; + goto cleanup; } /* @@ -9442,7 +9410,7 @@ skip_removals: * No need to call dns_db_closeversion() here as it is * called with commit = true below. */ - goto done; + goto closeversion; } result = del_sigs(zone, db, version, &zone->origin, dns_rdatatype_soa, @@ -9451,7 +9419,7 @@ skip_removals: dnssec_log(zone, ISC_LOG_ERROR, "zone_nsec3chain:del_sigs -> %s", isc_result_totext(result)); - goto failure; + goto cleanup; } result = update_soa_serial(zone, db, version, zonediff.diff, zone->mctx, @@ -9460,7 +9428,7 @@ skip_removals: dnssec_log(zone, ISC_LOG_ERROR, "zone_nsec3chain:update_soa_serial -> %s", isc_result_totext(result)); - goto failure; + goto cleanup; } result = add_sigs(db, version, &zone->origin, zone, dns_rdatatype_soa, @@ -9470,7 +9438,7 @@ skip_removals: dnssec_log(zone, ISC_LOG_ERROR, "zone_nsec3chain:add_sigs -> %s", isc_result_totext(result)); - goto failure; + goto cleanup; } /* Write changes to journal file. */ @@ -9481,7 +9449,7 @@ skip_removals: DNS_ZONE_SETFLAG(zone, DNS_ZONEFLG_NEEDNOTIFY); UNLOCK_ZONE(zone); -done: +closeversion: /* * Pause all iterators so that dns_db_closeversion() can succeed. */ @@ -9511,7 +9479,7 @@ done: set_resigntime(zone); UNLOCK_ZONE(zone); -failure: +cleanup: if (result != ISC_R_SUCCESS) { dnssec_log(zone, ISC_LOG_ERROR, "zone_nsec3chain: %s", isc_result_totext(result)); @@ -9685,7 +9653,7 @@ del_sig(dns_db_t *db, dns_dbversion_t *version, dns_name_t *name, * i.e., found in at least one, and not missing from any. */ *has_algp = (alg_found && !alg_missed); -failure: +cleanup: if (dns_rdataset_isassociated(&rdataset)) { dns_rdataset_disassociate(&rdataset); } @@ -9780,12 +9748,12 @@ dns_zone_check_dnskey_nsec3(dns_zone_t *zone, dns_db_t *db, /* Refuse to allow NSEC3 with NSEC-only keys */ if (nseconly && nsec3) { - goto failure; + goto cleanup; } return true; -failure: +cleanup: return false; } @@ -9839,7 +9807,7 @@ zone_sign(dns_zone_t *zone) { */ if (zone->update_disabled) { result = ISC_R_FAILURE; - goto cleanup; + goto done; } ZONEDB_LOCK(&zone->dblock, isc_rwlocktype_read); @@ -9849,7 +9817,7 @@ zone_sign(dns_zone_t *zone) { ZONEDB_UNLOCK(&zone->dblock, isc_rwlocktype_read); if (db == NULL) { result = ISC_R_FAILURE; - goto cleanup; + goto done; } result = dns_db_newversion(db, &version); @@ -9857,7 +9825,7 @@ zone_sign(dns_zone_t *zone) { dnssec_log(zone, ISC_LOG_ERROR, "zone_sign:dns_db_newversion -> %s", isc_result_totext(result)); - goto cleanup; + goto done; } now = isc_stdtime_now(); @@ -9868,7 +9836,7 @@ zone_sign(dns_zone_t *zone) { dnssec_log(zone, ISC_LOG_ERROR, "zone_sign:dns_zone_findkeys -> %s", isc_result_totext(result)); - goto cleanup; + goto done; } kasp = zone->kasp; @@ -10151,7 +10119,7 @@ zone_sign(dns_zone_t *zone) { "updatesecure -> %s", isc_result_totext( result)); - goto cleanup; + goto done; } } result = updatesignwithkey( @@ -10161,7 +10129,7 @@ zone_sign(dns_zone_t *zone) { dnssec_log(zone, ISC_LOG_ERROR, "updatesignwithkey -> %s", isc_result_totext(result)); - goto cleanup; + goto done; } build_nsec = false; goto next_signing; @@ -10170,7 +10138,7 @@ zone_sign(dns_zone_t *zone) { "zone_sign:" "dns_dbiterator_next -> %s", isc_result_totext(result)); - goto cleanup; + goto done; } else if (is_bottom_of_zone) { dns_dbiterator_current(signing->dbiterator, &node, nextname); @@ -10198,7 +10166,7 @@ zone_sign(dns_zone_t *zone) { dnssec_log(zone, ISC_LOG_ERROR, "zone_sign:dns__zone_updatesigs -> %s", isc_result_totext(result)); - goto cleanup; + goto done; } } @@ -10220,7 +10188,7 @@ zone_sign(dns_zone_t *zone) { if (result != ISC_R_SUCCESS) { dnssec_log(zone, ISC_LOG_ERROR, "zone_sign:del_sigs -> %s", isc_result_totext(result)); - goto cleanup; + goto done; } result = update_soa_serial(zone, db, version, zonediff.diff, zone->mctx, @@ -10229,7 +10197,7 @@ zone_sign(dns_zone_t *zone) { dnssec_log(zone, ISC_LOG_ERROR, "zone_sign:update_soa_serial -> %s", isc_result_totext(result)); - goto cleanup; + goto done; } /* @@ -10242,7 +10210,7 @@ zone_sign(dns_zone_t *zone) { if (result != ISC_R_SUCCESS) { dnssec_log(zone, ISC_LOG_ERROR, "zone_sign:add_sigs -> %s", isc_result_totext(result)); - goto cleanup; + goto done; } /* @@ -10285,13 +10253,13 @@ pauseall: } UNLOCK_ZONE(zone); -failure: +cleanup: if (result != ISC_R_SUCCESS) { dnssec_log(zone, ISC_LOG_ERROR, "zone_sign: failed: %s", isc_result_totext(result)); } -cleanup: +done: /* * Pause all dbiterators. */ @@ -10533,9 +10501,8 @@ minimal_update(dns_zonefetch_t *fetch, dns_dbversion_t *ver, dns_diff_t *diff) { if (result == ISC_R_UNEXPECTEDEND) { continue; } - if (result != ISC_R_SUCCESS) { - goto failure; - } + CHECK(result); + keydata.refresh = refresh_time(fetch, true); set_refreshkeytimer(zone, &keydata, now, false); @@ -10550,7 +10517,7 @@ minimal_update(dns_zonefetch_t *fetch, dns_dbversion_t *ver, dns_diff_t *diff) { 0, &rdata)); } result = ISC_R_SUCCESS; -failure: +cleanup: return result; } @@ -11266,7 +11233,7 @@ done: result = ISC_R_SUCCESS; } -failure: +cleanup: if (result != ISC_R_SUCCESS) { dnssec_log(zone, ISC_LOG_ERROR, "error during trust anchor processing (%s): " @@ -11440,7 +11407,7 @@ zone_refreshkeys(dns_zone_t *zone) { zone_needdump(zone, 30); } -failure: +cleanup: if (!timerset) { isc_time_settoepoch(&zone->refreshkeytime); } @@ -11798,7 +11765,7 @@ zone_expire(dns_zone_t *zone) { "policies unloaded"); } -failure: +cleanup: if (db != NULL) { dns_db_detach(&db); } @@ -16156,7 +16123,7 @@ sync_secure_journal(dns_zone_t *zone, dns_zone_t *raw, dns_journal_t *journal, result = ISC_R_SUCCESS; } -failure: +cleanup: return result; } @@ -16525,8 +16492,8 @@ receive_secure_serial(void *arg) { result = dns_journal_open(zone->mctx, zone->journal, DNS_JOURNAL_READ, &sjournal); - if (result != ISC_R_SUCCESS && result != ISC_R_NOTFOUND) { - goto failure; + if (result != ISC_R_NOTFOUND) { + CHECK(result); } if (!dns_journal_get_sourceserial(rjournal, &start)) { @@ -16560,7 +16527,7 @@ receive_secure_serial(void *arg) { start, end, &soatuple, &zone->rss_diff); if (result == DNS_R_UNCHANGED) { - goto failure; + goto cleanup; } else if (result != ISC_R_SUCCESS) { CHECK(sync_secure_db(zone, zone->rss_raw, zone->rss_db, zone->rss_oldver, &soatuple, @@ -16617,7 +16584,7 @@ receive_secure_serial(void *arg) { * that contents of the raw zone and the secure zone are kept in sync. */ if (result != ISC_R_SUCCESS && dns_db_issecure(zone->rss_db)) { - goto failure; + goto cleanup; } if (rjournal == NULL) { @@ -16655,7 +16622,7 @@ receive_secure_serial(void *arg) { newserial, desired); } -failure: +cleanup: isc_mem_put(zone->mctx, rss, sizeof(*rss)); zone->rss = NULL; @@ -16904,7 +16871,7 @@ done: result = ISC_R_SUCCESS; } -failure: +cleanup: if (node != NULL) { dns_db_detachnode(&node); } @@ -17046,8 +17013,7 @@ receive_secure_db(void *arg) { LOCK_ZONE(zone); if (DNS_ZONE_FLAG(zone, DNS_ZONEFLG_EXITING) || !inline_secure(zone)) { - result = ISC_R_SHUTTINGDOWN; - goto failure; + CHECK(ISC_R_SHUTTINGDOWN); } loadtime = isc_time_now(); @@ -17065,39 +17031,26 @@ receive_secure_db(void *arg) { result = save_nsec3param(zone, &nsec3list); if (result != ISC_R_SUCCESS) { ZONEDB_UNLOCK(&zone->dblock, isc_rwlocktype_read); - goto failure; + goto cleanup; } } ZONEDB_UNLOCK(&zone->dblock, isc_rwlocktype_read); - result = dns_db_create(zone->mctx, zone->db_argv[0], &zone->origin, - dns_dbtype_zone, zone->rdclass, - zone->db_argc - 1, zone->db_argv + 1, &db); - if (result != ISC_R_SUCCESS) { - goto failure; - } + CHECK(dns_db_create(zone->mctx, zone->db_argv[0], &zone->origin, + dns_dbtype_zone, zone->rdclass, zone->db_argc - 1, + zone->db_argv + 1, &db)); result = dns_db_setgluecachestats(db, zone->gluecachestats); - if (result != ISC_R_SUCCESS && result != ISC_R_NOTIMPLEMENTED) { - goto failure; + if (result != ISC_R_NOTIMPLEMENTED) { + CHECK(result); } - result = dns_db_newversion(db, &version); - if (result != ISC_R_SUCCESS) { - goto failure; - } - - result = dns_db_createiterator(rawdb, DNS_DB_NONSEC3, &dbiterator); - if (result != ISC_R_SUCCESS) { - goto failure; - } + CHECK(dns_db_newversion(db, &version)); + CHECK(dns_db_createiterator(rawdb, DNS_DB_NONSEC3, &dbiterator)); DNS_DBITERATOR_FOREACH(dbiterator) { - result = copy_non_dnssec_records(db, version, rawdb, dbiterator, - oldserialp); - if (result != ISC_R_SUCCESS) { - goto failure; - } + CHECK(copy_non_dnssec_records(db, version, rawdb, dbiterator, + oldserialp)); } dns_dbiterator_destroy(&dbiterator); @@ -17106,10 +17059,7 @@ receive_secure_db(void *arg) { * the old nsec3 parameters and insert them into db */ if (!ISC_LIST_EMPTY(nsec3list)) { - result = restore_nsec3param(zone, db, version, &nsec3list); - if (result != ISC_R_SUCCESS) { - goto failure; - } + CHECK(restore_nsec3param(zone, db, version, &nsec3list)); } dns_db_closeversion(db, &version, true); @@ -17129,7 +17079,7 @@ receive_secure_db(void *arg) { */ process_zone_setnsec3param(zone); -failure: +cleanup: UNLOCK_ZONE(zone); if (dbiterator != NULL) { dns_dbiterator_destroy(&dbiterator); @@ -19834,7 +19784,7 @@ rr_exists(dns_db_t *db, dns_dbversion_t *ver, dns_name_t *name, if (result == ISC_R_NOTFOUND) { *flag = false; result = ISC_R_SUCCESS; - goto failure; + goto cleanup; } bool matched = false; @@ -19849,7 +19799,7 @@ rr_exists(dns_db_t *db, dns_dbversion_t *ver, dns_name_t *name, dns_rdataset_disassociate(&rdataset); *flag = matched; -failure: +cleanup: if (node != NULL) { dns_db_detachnode(&node); } @@ -19990,7 +19940,7 @@ add_signing_records(dns_db_t *db, dns_rdatatype_t privatetype, } } -failure: +cleanup: /* * Put the DNSKEY changes we cared about back on diff->tuples. */ @@ -20079,37 +20029,26 @@ sign_apex(dns_zone_t *zone, dns_db_t *db, dns_dbversion_t *ver, * signature and if not cause them to sign so that newly activated * keys are used. */ - result = tickle_apex_rrset(dns_rdatatype_dnskey, zone, db, ver, now, - diff, zonediff, zone_keys, nkeys, inception, - keyexpire); - if (result != ISC_R_SUCCESS) { - goto failure; - } - result = tickle_apex_rrset(dns_rdatatype_cds, zone, db, ver, now, diff, - zonediff, zone_keys, nkeys, inception, - keyexpire); - if (result != ISC_R_SUCCESS) { - goto failure; - } - result = tickle_apex_rrset(dns_rdatatype_cdnskey, zone, db, ver, now, - diff, zonediff, zone_keys, nkeys, inception, - keyexpire); - if (result != ISC_R_SUCCESS) { - goto failure; - } + CHECK(tickle_apex_rrset(dns_rdatatype_dnskey, zone, db, ver, now, diff, + zonediff, zone_keys, nkeys, inception, + keyexpire)); + CHECK(tickle_apex_rrset(dns_rdatatype_cds, zone, db, ver, now, diff, + zonediff, zone_keys, nkeys, inception, + keyexpire)); + CHECK(tickle_apex_rrset(dns_rdatatype_cdnskey, zone, db, ver, now, diff, + zonediff, zone_keys, nkeys, inception, + keyexpire)); result = dns__zone_updatesigs(diff, db, ver, zone_keys, nkeys, zone, inception, soaexpire, keyexpire, now, zonediff); - if (result != ISC_R_SUCCESS) { dnssec_log(zone, ISC_LOG_ERROR, "sign_apex:dns__zone_updatesigs -> %s", isc_result_totext(result)); - goto failure; } -failure: +cleanup: for (i = 0; i < nkeys; i++) { dst_key_free(&zone_keys[i]); } @@ -20132,12 +20071,12 @@ clean_nsec3param(dns_zone_t *zone, dns_db_t *db, dns_dbversion_t *ver, dns_rdataset_disassociate(&rdataset); } if (result != ISC_R_NOTFOUND) { - goto failure; + goto cleanup; } result = dns_nsec3param_deletechains(db, ver, zone, true, diff); -failure: +cleanup: if (node != NULL) { dns_db_detachnode(&node); } @@ -20189,7 +20128,7 @@ add_chains(dns_zone_t *zone, dns_db_t *db, dns_dbversion_t *ver, } CHECK(updatesecure(db, ver, origin, zone_nsecttl(zone), true, diff)); -failure: +cleanup: return result; } @@ -20409,7 +20348,7 @@ checkds_done(void *arg) { dns_zone_log(zone, ISC_LOG_NOTICE, "checkds: bad DS response from %s: %.*s", addrbuf, (int)buf.used, rcode); - goto failure; + goto cleanup; } /* Make sure that either AA or RA bit is set. */ @@ -20420,7 +20359,7 @@ checkds_done(void *arg) { "checkds: bad DS response from %s: expected AA or " "RA bit set", addrbuf); - goto failure; + goto cleanup; } /* Lookup DS RRset. */ @@ -20554,7 +20493,7 @@ checkds_done(void *arg) { dns_zone_rekey(zone, false, false); } -failure: +cleanup: if (result != ISC_R_SUCCESS) { dns_zone_log(zone, ISC_LOG_DEBUG(3), "checkds: DS request failed: %s", @@ -21552,11 +21491,9 @@ zone_rekey(dns_zone_t *zone) { dns_zone_unlock_keyfiles(zone); - if (result != ISC_R_SUCCESS) { - goto failure; - } + CHECK(result); } else if (result != ISC_R_NOTFOUND) { - goto failure; + goto cleanup; } /* Get the current CDS rdataset */ @@ -21613,8 +21550,7 @@ zone_rekey(dns_zone_t *zone) { dnssec_log(zone, ISC_LOG_DEBUG(1), "zone_rekey:dns_skr_lookup failed: " "no SKR available"); - result = DNS_R_NOSKRFILE; - goto failure; + CHECK(DNS_R_NOSKRFILE); } bundle = dns_skr_lookup(zone->skr, now, sigval); zone->skrbundle = bundle; @@ -21635,8 +21571,7 @@ zone_rekey(dns_zone_t *zone) { "no available SKR bundle for time " "%.*s (%s)", (int)r.length, r.base, nowstr); - result = DNS_R_NOSKRBUNDLE; - goto failure; + CHECK(DNS_R_NOSKRBUNDLE); } zone_apply_skrbundle(zone, bundle, &keyset, &cdsset, @@ -21681,7 +21616,7 @@ zone_rekey(dns_zone_t *zone) { "zone_rekey:zone_verifykeys failed: " "some key files are missing"); KASP_UNLOCK(kasp); - goto failure; + goto cleanup; } /* @@ -21724,7 +21659,7 @@ zone_rekey(dns_zone_t *zone) { "failed: %s", isc_result_totext(result)); KASP_UNLOCK(kasp); - goto failure; + goto cleanup; } } } else if (offlineksk) { @@ -21772,7 +21707,7 @@ zone_rekey(dns_zone_t *zone) { dnssec_log(zone, ISC_LOG_ERROR, "zone_rekey:couldn't update zone keys: %s", isc_result_totext(result)); - goto failure; + goto cleanup; } if (offlineksk) { @@ -21849,7 +21784,7 @@ zone_rekey(dns_zone_t *zone) { dnssec_log(zone, ISC_LOG_ERROR, "zone_rekey:couldn't update CDS/CDNSKEY: %s", isc_result_totext(result)); - goto failure; + goto cleanup; } if (cdsdel || cdnskeydel) { @@ -21886,7 +21821,7 @@ zone_rekey(dns_zone_t *zone) { "zone_rekey:couldn't update CDS/CDNSKEY " "DELETE records: %s", isc_result_totext(result)); - goto failure; + goto cleanup; } post_sync: @@ -22198,7 +22133,7 @@ zone_rekey(dns_zone_t *zone) { result = ISC_R_SUCCESS; -failure: +cleanup: LOCK_ZONE(zone); if (result != ISC_R_SUCCESS) { /* @@ -22288,7 +22223,6 @@ dns_zone_dnssecstatus(dns_zone_t *zone, dns_kasp_t *kasp, dns_dnsseckeylist_t *keys, isc_stdtime_t now, bool verbose, char *out, size_t out_len) { isc_buffer_t buf; - isc_result_t result = ISC_R_SUCCESS; isc_time_t refreshkeytime; isc_stdtime_t refresh; char timestr[26]; @@ -22312,11 +22246,10 @@ dns_zone_dnssecstatus(dns_zone_t *zone, dns_kasp_t *kasp, bool checkds = zone->checkdstype != dns_checkdstype_no; LOCK(&kasp->lock); - result = dns_keymgr_status(kasp, keys, &buf, now, verbose, checkds); + RETERR(dns_keymgr_status(kasp, keys, &buf, now, verbose, checkds)); UNLOCK(&kasp->lock); -failure: - return result; + return ISC_R_SUCCESS; } isc_result_t @@ -22361,29 +22294,29 @@ dns_zone_cdscheck(dns_zone_t *zone, dns_db_t *db, dns_dbversion_t *version) { result = dns_db_findrdataset(db, node, version, dns_rdatatype_cds, dns_rdatatype_none, 0, &cds, NULL); - if (result != ISC_R_SUCCESS && result != ISC_R_NOTFOUND) { - goto failure; + if (result != ISC_R_NOTFOUND) { + CHECK(result); } result = dns_db_findrdataset(db, node, version, dns_rdatatype_cdnskey, dns_rdatatype_none, 0, &cdnskey, NULL); - if (result != ISC_R_SUCCESS && result != ISC_R_NOTFOUND) { - goto failure; + if (result != ISC_R_NOTFOUND) { + CHECK(result); } if (!dns_rdataset_isassociated(&cds) && !dns_rdataset_isassociated(&cdnskey)) { result = ISC_R_SUCCESS; - goto failure; + goto cleanup; } result = dns_db_findrdataset(db, node, version, dns_rdatatype_dnskey, dns_rdatatype_none, 0, &dnskey, NULL); if (result == ISC_R_NOTFOUND) { empty = true; - } else if (result != ISC_R_SUCCESS) { - goto failure; + } else { + CHECK(result); } /* @@ -22413,8 +22346,7 @@ dns_zone_cdscheck(dns_zone_t *zone, dns_db_t *db, dns_dbversion_t *version) { } if (empty) { - result = DNS_R_BADCDS; - goto failure; + CHECK(DNS_R_BADCDS); } CHECK(dns_rdata_tostruct(&crdata, &structcds, NULL)); @@ -22476,7 +22408,7 @@ dns_zone_cdscheck(dns_zone_t *zone, dns_db_t *db, dns_dbversion_t *version) { &rdata); if (result != ISC_R_SUCCESS) { result = DNS_R_BADCDS; - goto failure; + goto cleanup; } CHECK(dns_rdata_tostruct(&rdata, &structdnskey, NULL)); @@ -22490,12 +22422,10 @@ dns_zone_cdscheck(dns_zone_t *zone, dns_db_t *db, dns_dbversion_t *version) { for (i = 0; i < sizeof(algorithms); i++) { if (delete) { if (algorithms[i] != notexpected) { - result = DNS_R_BADCDS; - goto failure; + CHECK(DNS_R_BADCDS); } } else if (algorithms[i] == expected) { - result = DNS_R_BADCDS; - goto failure; + CHECK(DNS_R_BADCDS); } } } @@ -22528,8 +22458,7 @@ dns_zone_cdscheck(dns_zone_t *zone, dns_db_t *db, dns_dbversion_t *version) { } if (empty) { - result = DNS_R_BADCDNSKEY; - goto failure; + CHECK(DNS_R_BADCDNSKEY); } CHECK(dns_rdata_tostruct(&crdata, &structcdnskey, @@ -22561,18 +22490,16 @@ dns_zone_cdscheck(dns_zone_t *zone, dns_db_t *db, dns_dbversion_t *version) { for (i = 0; i < sizeof(algorithms); i++) { if (delete) { if (algorithms[i] != notexpected) { - result = DNS_R_BADCDNSKEY; - goto failure; + CHECK(DNS_R_BADCDNSKEY); } } else if (algorithms[i] == expected) { - result = DNS_R_BADCDNSKEY; - goto failure; + CHECK(DNS_R_BADCDNSKEY); } } } result = ISC_R_SUCCESS; -failure: +cleanup: if (dns_rdataset_isassociated(&cds)) { dns_rdataset_disassociate(&cds); } @@ -22841,7 +22768,7 @@ keydone(void *arg) { } ZONEDB_UNLOCK(&zone->dblock, isc_rwlocktype_read); if (db == NULL) { - goto failure; + goto cleanup; } dns_db_currentversion(db, &oldver); @@ -22850,23 +22777,16 @@ keydone(void *arg) { dnssec_log(zone, ISC_LOG_ERROR, "keydone:dns_db_newversion -> %s", isc_result_totext(result)); - goto failure; + goto cleanup; } - result = dns_db_getoriginnode(db, &node); - if (result != ISC_R_SUCCESS) { - goto failure; - } + CHECK(dns_db_getoriginnode(db, &node)); result = dns_db_findrdataset(db, node, newver, zone->privatetype, dns_rdatatype_none, 0, &rdataset, NULL); - if (result == ISC_R_NOTFOUND) { - INSIST(!dns_rdataset_isassociated(&rdataset)); - goto failure; - } if (result != ISC_R_SUCCESS) { INSIST(!dns_rdataset_isassociated(&rdataset)); - goto failure; + goto cleanup; } DNS_RDATASET_FOREACH(&rdataset) { @@ -22930,7 +22850,7 @@ keydone(void *arg) { UNLOCK_ZONE(zone); } -failure: +cleanup: if (dns_rdataset_isassociated(&rdataset)) { dns_rdataset_disassociate(&rdataset); } @@ -23008,7 +22928,7 @@ dns_zone_keydone(dns_zone_t *zone, const char *keystr) { isc_async_run(zone->loop, keydone, kd); kd = NULL; -failure: +cleanup: if (kd != NULL) { isc_mem_put(zone->mctx, kd, sizeof(*kd)); } @@ -23115,7 +23035,7 @@ rss_post(void *arg) { } ZONEDB_UNLOCK(&zone->dblock, isc_rwlocktype_read); if (db == NULL) { - goto failure; + goto cleanup; } dns_db_currentversion(db, &oldver); @@ -23124,7 +23044,7 @@ rss_post(void *arg) { dnssec_log(zone, ISC_LOG_ERROR, "setnsec3param:dns_db_newversion -> %s", isc_result_totext(result)); - goto failure; + goto cleanup; } CHECK(dns_db_getoriginnode(db, &node)); @@ -23146,15 +23066,15 @@ rss_post(void *arg) { if (result == ISC_R_SUCCESS) { /* * Success because the NSEC3PARAM already exists, but - * function returns void, so goto failure to clean up. + * function returns void, so goto cleanup. */ - goto failure; + goto cleanup; } if (result != DNS_R_NSEC3RESALT && result != ISC_R_NOTFOUND) { dnssec_log(zone, ISC_LOG_DEBUG(3), "setnsec3param:lookup nsec3param -> %s", isc_result_totext(result)); - goto failure; + goto cleanup; } INSIST(param.salt != NULL); @@ -23195,7 +23115,7 @@ rss_post(void *arg) { } } else if (result != ISC_R_NOTFOUND) { INSIST(!dns_rdataset_isassociated(&prdataset)); - goto failure; + goto cleanup; } /* @@ -23218,7 +23138,7 @@ rss_post(void *arg) { } } else if (result != ISC_R_NOTFOUND) { INSIST(!dns_rdataset_isassociated(&nrdataset)); - goto failure; + goto cleanup; } /* @@ -23282,7 +23202,7 @@ rss_post(void *arg) { UNLOCK_ZONE(zone); } -failure: +cleanup: if (dns_rdataset_isassociated(&prdataset)) { dns_rdataset_disassociate(&prdataset); } @@ -23415,8 +23335,8 @@ setparam: param->salt = lookup->salt; } - if (result != ISC_R_NOTFOUND && result != ISC_R_SUCCESS) { - goto failure; + if (result != ISC_R_NOTFOUND) { + CHECK(result); } if (param->salt_length == 0) { @@ -23451,7 +23371,7 @@ setparam: INSIST(result != ISC_R_SUCCESS); } -failure: +cleanup: if (dns_rdataset_isassociated(&rdataset)) { dns_rdataset_disassociate(&rdataset); } @@ -23602,7 +23522,7 @@ dns_zone_setnsec3param(dns_zone_t *zone, uint8_t hash, uint8_t flags, result = ISC_R_SUCCESS; -failure: +cleanup: UNLOCK_ZONE(zone); return result; } @@ -23722,7 +23642,7 @@ setserial(void *arg) { } ZONEDB_UNLOCK(&zone->dblock, isc_rwlocktype_read); if (db == NULL) { - goto failure; + goto cleanup; } dns_db_currentversion(db, &oldver); @@ -23731,7 +23651,7 @@ setserial(void *arg) { dns_zone_log(zone, ISC_LOG_ERROR, "setserial:dns_db_newversion -> %s", isc_result_totext(result)); - goto failure; + goto cleanup; } CHECK(dns_db_createsoatuple(db, oldver, diff.mctx, DNS_DIFFOP_DEL, @@ -23751,7 +23671,7 @@ setserial(void *arg) { desired, oldserial + 1, oldserial + 0x7fffffff); } - goto failure; + goto cleanup; } dns_soa_setserial(desired, &newtuple->rdata); @@ -23771,7 +23691,7 @@ setserial(void *arg) { zone_needdump(zone, 30); UNLOCK_ZONE(zone); -failure: +cleanup: if (oldtuple != NULL) { dns_difftuple_free(&oldtuple); } @@ -23808,14 +23728,12 @@ dns_zone_setserial(dns_zone_t *zone, uint32_t serial) { if (!inline_secure(zone)) { if (!dns_zone_isdynamic(zone, true)) { - result = DNS_R_NOTDYNAMIC; - goto failure; + CHECK(DNS_R_NOTDYNAMIC); } } if (zone->update_disabled) { - result = DNS_R_FROZEN; - goto failure; + CHECK(DNS_R_FROZEN); } sse = isc_mem_get(zone->mctx, sizeof(*sse)); @@ -23823,7 +23741,7 @@ dns_zone_setserial(dns_zone_t *zone, uint32_t serial) { zone_iattach(zone, &sse->zone); isc_async_run(zone->loop, setserial, sse); -failure: +cleanup: UNLOCK_ZONE(zone); return result; } @@ -23866,16 +23784,14 @@ dns_zone_verifydb(dns_zone_t *zone, dns_db_t *db, dns_dbversion_t *ver) { if (zone->view != NULL) { result = dns_view_getsecroots(zone->view, &secroots); - if (result != ISC_R_SUCCESS) { - goto done; - } + CHECK(result); } origin = dns_db_origin(db); result = dns_zoneverify_dnssec(zone, db, version, origin, secroots, zone->mctx, true, false, dnssec_report); -done: +cleanup: if (secroots != NULL) { dns_keytable_detach(&secroots); } @@ -24004,7 +23920,7 @@ dns_zone_import_skr(dns_zone_t *zone, const char *file) { dns_zone_setskr(zone, skr); dnssec_log(zone, ISC_LOG_DEBUG(1), "imported skr file %s", file); -failure: +cleanup: dns_skr_detach(&skr); return result; diff --git a/lib/isc/base32.c b/lib/isc/base32.c index 74e74839f2..7ba1b33b43 100644 --- a/lib/isc/base32.c +++ b/lib/isc/base32.c @@ -22,13 +22,6 @@ #include #include -#define RETERR(x) \ - do { \ - isc_result_t _r = (x); \ - if (_r != ISC_R_SUCCESS) \ - return ((_r)); \ - } while (0) - /*@{*/ /*! * These static functions are also present in lib/dns/rdata.c. I'm not diff --git a/lib/isc/base64.c b/lib/isc/base64.c index a51aa0d163..ba4ee7148f 100644 --- a/lib/isc/base64.c +++ b/lib/isc/base64.c @@ -21,13 +21,6 @@ #include #include -#define RETERR(x) \ - do { \ - isc_result_t _r = (x); \ - if (_r != ISC_R_SUCCESS) \ - return ((_r)); \ - } while (0) - /*@{*/ /*! * These static functions are also present in lib/dns/rdata.c. I'm not diff --git a/lib/isc/hex.c b/lib/isc/hex.c index cf174daa98..7f63df7aa6 100644 --- a/lib/isc/hex.c +++ b/lib/isc/hex.c @@ -38,13 +38,6 @@ const uint8_t isc__hex_char[256] = { #undef U #undef L -#define RETERR(x) \ - do { \ - isc_result_t _r = (x); \ - if (_r != ISC_R_SUCCESS) \ - return ((_r)); \ - } while (0) - /* * BEW: These static functions are copied from lib/dns/rdata.c. */ diff --git a/lib/isc/httpd.c b/lib/isc/httpd.c index 06c61e316b..7cf51567e5 100644 --- a/lib/isc/httpd.c +++ b/lib/isc/httpd.c @@ -37,14 +37,6 @@ #include #endif /* ifdef HAVE_ZLIB */ -#define CHECK(m) \ - do { \ - result = (m); \ - if (result != ISC_R_SUCCESS) { \ - goto cleanup; \ - } \ - } while (0) - /* * Size the recv buffer to hold at maximum two full buffers from isc_nm_read(), * so we don't have to handle the truncation. diff --git a/lib/isc/include/isc/util.h b/lib/isc/include/isc/util.h index 95d93fd332..5564bb7199 100644 --- a/lib/isc/include/isc/util.h +++ b/lib/isc/include/isc/util.h @@ -241,6 +241,40 @@ mock_assert(const int result, const char *const expression, #endif /* UNIT_TESTING */ +/* + * Check for ISC_R_SUCCESS. On any other result, jump to a cleanup + * label. (This macro requires the function to define `result` + * and `cleanup:`.) + */ +#define CHECK(r) \ + { \ + result = (r); \ + if (result != ISC_R_SUCCESS) { \ + goto cleanup; \ + } \ + } + +/* + * Unconditionally jump to the cleanup tag with 'result' set to 'r'. + */ +#define CLEANUP(r) \ + { \ + result = (r); \ + goto cleanup; \ + } + +/* + * Check for ISC_R_SUCCESS and continue if found. For any other + * result, return the result. + */ +#define RETERR(x) \ + { \ + isc_result_t _r = (x); \ + if (_r != ISC_R_SUCCESS) { \ + return ((_r)); \ + } \ + } + /*% * Runtime check which logs the error value returned by a POSIX Threads * function and the error string that corresponds to it diff --git a/lib/isccfg/namedconf.c b/lib/isccfg/namedconf.c index 65d1d53dd3..0d12b7d624 100644 --- a/lib/isccfg/namedconf.c +++ b/lib/isccfg/namedconf.c @@ -33,15 +33,6 @@ #define TOKEN_STRING(pctx) (pctx->token.value.as_textregion.base) -/*% Check a return value. */ -#define CHECK(op) \ - { \ - result = (op); \ - if (result != ISC_R_SUCCESS) { \ - goto cleanup; \ - } \ - } - /*% Clean up a configuration object if non-NULL. */ #define CLEANUP_OBJ(obj) \ { \ diff --git a/lib/isccfg/parser.c b/lib/isccfg/parser.c index 199e9aa9fb..0c6a6f5694 100644 --- a/lib/isccfg/parser.c +++ b/lib/isccfg/parser.c @@ -80,14 +80,6 @@ #define TOKEN_STRING(pctx) (pctx->token.value.as_textregion.base) #define TOKEN_REGION(pctx) (pctx->token.value.as_textregion) -/* Check a return value. */ -#define CHECK(op) \ - do { \ - result = (op); \ - if (result != ISC_R_SUCCESS) \ - goto cleanup; \ - } while (0) - /* cfg_obj_t magic number */ #define CFGOBJ_MAGIC ISC_MAGIC('c', 'f', 'g', 'o') #define VALID_CFGOBJ(obj) ISC_MAGIC_VALID(obj, CFGOBJ_MAGIC) @@ -2121,7 +2113,6 @@ free_list(cfg_obj_t *obj) { isc_result_t cfg_parse_listelt(cfg_parser_t *pctx, cfg_obj_t *list, const cfg_type_t *elttype, cfg_listelt_t **ret) { - isc_result_t result; cfg_listelt_t *elt = NULL; cfg_obj_t *value = NULL; @@ -2130,10 +2121,7 @@ cfg_parse_listelt(cfg_parser_t *pctx, cfg_obj_t *list, REQUIRE(elttype != NULL); REQUIRE(ret != NULL && *ret == NULL); - result = cfg_parse_obj(pctx, elttype, &value); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(cfg_parse_obj(pctx, elttype, &value)); create_listelt(list, &elt); elt->obj = value; diff --git a/lib/ns/hooks.c b/lib/ns/hooks.c index a851a23fb0..89891574a6 100644 --- a/lib/ns/hooks.c +++ b/lib/ns/hooks.c @@ -33,14 +33,6 @@ #include #include -#define CHECK(op) \ - do { \ - result = (op); \ - if (result != ISC_R_SUCCESS) { \ - goto cleanup; \ - } \ - } while (0) - struct ns_plugin { isc_mem_t *mctx; uv_lib_t handle; @@ -87,12 +79,9 @@ plugin_expandpath(const char *src, char *dst, size_t dstsize, bool appendext) { isc_result_t ns_plugin_expandpath(const char *src, char *dst, size_t dstsize) { - isc_result_t result; + isc_result_t result = ISC_R_SUCCESS; - result = plugin_expandpath(src, dst, dstsize, false); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(plugin_expandpath(src, dst, dstsize, false)); if (isc_file_exists(dst) == false) { result = plugin_expandpath(src, dst, dstsize, true); diff --git a/lib/ns/update.c b/lib/ns/update.c index 664607a508..a88e1c245b 100644 --- a/lib/ns/update.c +++ b/lib/ns/update.c @@ -75,34 +75,6 @@ */ #define LOGLEVEL_DEBUG ISC_LOG_DEBUG(8) -/*% - * Check an operation for failure. These macros all assume that - * the function using them has a 'result' variable and a 'failure' - * label. - */ -#define CHECK(op) \ - do { \ - result = (op); \ - if (result != ISC_R_SUCCESS) \ - goto failure; \ - } while (0) - -/*% - * Fail unconditionally with result 'code', which must not - * be ISC_R_SUCCESS. The reason for failure presumably has - * been logged already. - * - * The test against ISC_R_SUCCESS is there to keep the Solaris compiler - * from complaining about "end-of-loop code not reached". - */ - -#define FAIL(code) \ - do { \ - result = (code); \ - if (result != ISC_R_SUCCESS) \ - goto failure; \ - } while (0) - /*% * Fail unconditionally and log as a client error. * The test against ISC_R_SUCCESS is there to keep the Solaris compiler @@ -125,7 +97,7 @@ "update %s: %s (%s)", _what, msg, \ isc_result_totext(result)); \ if (result != ISC_R_SUCCESS) \ - goto failure; \ + goto cleanup; \ } while (0) #define PREREQFAILC(code, msg) \ do { \ @@ -154,7 +126,7 @@ msg, isc_result_totext(result)); \ } \ if (result != ISC_R_SUCCESS) \ - goto failure; \ + goto cleanup; \ } while (0) #define PREREQFAILN(code, name, msg) \ do { \ @@ -185,7 +157,7 @@ _tbuf, msg, isc_result_totext(result)); \ } \ if (result != ISC_R_SUCCESS) \ - goto failure; \ + goto cleanup; \ } while (0) #define PREREQFAILNT(code, name, type, msg) \ do { \ @@ -204,7 +176,7 @@ update_log(client, zone, LOGLEVEL_PROTOCOL, "error: %s: %s", \ msg, isc_result_totext(result)); \ if (result != ISC_R_SUCCESS) \ - goto failure; \ + goto cleanup; \ } while (0) /* @@ -491,7 +463,7 @@ do_diff(dns_diff_t *updates, dns_db_t *db, dns_dbversion_t *ver, } return ISC_R_SUCCESS; -failure: +cleanup: dns_diff_clear(diff); return result; } @@ -1173,10 +1145,7 @@ temp_check(isc_mem_t *mctx, dns_diff_t *temp, dns_db_t *db, temp_append(&d_rrs, name, &rdata); } - result = dns_diff_sort(&d_rrs, temp_order); - if (result != ISC_R_SUCCESS) { - goto failure; - } + CHECK(dns_diff_sort(&d_rrs, temp_order)); /* * Collect all update RRs for this name and type @@ -1193,11 +1162,8 @@ temp_check(isc_mem_t *mctx, dns_diff_t *temp, dns_db_t *db, } /* Compare the two sorted lists. */ - result = temp_check_rrset(ISC_LIST_HEAD(u_rrs.tuples), - ISC_LIST_HEAD(d_rrs.tuples)); - if (result != ISC_R_SUCCESS) { - goto failure; - } + CHECK(temp_check_rrset(ISC_LIST_HEAD(u_rrs.tuples), + ISC_LIST_HEAD(d_rrs.tuples))); /* * We are done with the tuples, but we can't free @@ -1210,7 +1176,7 @@ temp_check(isc_mem_t *mctx, dns_diff_t *temp, dns_db_t *db, continue; - failure: + cleanup: dns_diff_clear(&d_rrs); dns_diff_clear(&u_rrs); dns_diff_clear(&trash); @@ -1536,7 +1502,7 @@ update_soa_serial(dns_db_t *db, dns_dbversion_t *ver, dns_diff_t *diff, CHECK(do_one_tuple(&addtuple, db, ver, diff)); result = ISC_R_SUCCESS; -failure: +cleanup: if (addtuple != NULL) { dns_difftuple_free(&addtuple); } @@ -1680,7 +1646,7 @@ send_update(ns_client_t *client, dns_zone_t *zone) { } result = dns_zone_checknames(zone, name, &rdata); if (result != ISC_R_SUCCESS) { - FAIL(DNS_R_REFUSED); + CHECK(DNS_R_REFUSED); } if ((options & DNS_ZONEOPT_CHECKSVCB) != 0 && rdata.type == dns_rdatatype_svcb) @@ -1708,7 +1674,7 @@ send_update(ns_client_t *client, dns_zone_t *zone) { update_log(client, zone, ISC_LOG_WARNING, "update RR has incorrect class %d", update_class); - FAIL(DNS_R_FORMERR); + CHECK(DNS_R_FORMERR); } /* @@ -1853,7 +1819,7 @@ send_update(ns_client_t *client, dns_zone_t *zone) { isc_async_run(dns_zone_getloop(zone), update_action, uev); maxbytype = NULL; -failure: +cleanup: if (db != NULL) { dns_db_closeversion(db, &ver, false); dns_db_detach(&db); @@ -1958,9 +1924,7 @@ ns_update_start(ns_client_t *client, isc_nmhandle_t *handle, * We can now fail due to a bad signature as we now know * that we are the primary. */ - if (sigresult != ISC_R_SUCCESS) { - FAIL(sigresult); - } + CHECK(sigresult); dns_message_clonebuffer(client->message); CHECK(send_update(client, zone)); break; @@ -1974,7 +1938,7 @@ ns_update_start(ns_client_t *client, isc_nmhandle_t *handle, } return; -failure: +cleanup: if (result == DNS_R_REFUSED) { inc_stats(client, zone, ns_statscounter_updaterej); } @@ -2031,7 +1995,7 @@ remove_orphaned_ds(dns_db_t *db, dns_dbversion_t *newver, dns_diff_t *diff) { } result = ISC_R_SUCCESS; -failure: +cleanup: ISC_LIST_FOREACH(temp_diff.tuples, tuple, link) { ISC_LIST_UNLINK(temp_diff.tuples, tuple, link); dns_diff_appendminimal(diff, &tuple); @@ -2164,7 +2128,7 @@ rr_exists(dns_db_t *db, dns_dbversion_t *ver, dns_name_t *name, if (result == ISC_R_NOTFOUND) { *flag = false; result = ISC_R_SUCCESS; - goto failure; + goto cleanup; } else { CHECK(result); } @@ -2173,7 +2137,7 @@ rr_exists(dns_db_t *db, dns_dbversion_t *ver, dns_name_t *name, if (result == ISC_R_NOTFOUND) { *flag = false; result = ISC_R_SUCCESS; - goto failure; + goto cleanup; } bool matched = false; @@ -2188,7 +2152,7 @@ rr_exists(dns_db_t *db, dns_dbversion_t *ver, dns_name_t *name, dns_rdataset_disassociate(&rdataset); *flag = matched; -failure: +cleanup: if (node != NULL) { dns_db_detachnode(&node); } @@ -2215,9 +2179,7 @@ get_iterations(dns_db_t *db, dns_dbversion_t *ver, dns_rdatatype_t privatetype, if (result == ISC_R_NOTFOUND) { goto try_private; } - if (result != ISC_R_SUCCESS) { - goto failure; - } + CHECK(result); DNS_RDATASET_FOREACH(&rdataset) { dns_rdata_t rdata = DNS_RDATA_INIT; @@ -2243,9 +2205,7 @@ try_private: if (result == ISC_R_NOTFOUND) { goto success; } - if (result != ISC_R_SUCCESS) { - goto failure; - } + CHECK(result); DNS_RDATASET_FOREACH(&rdataset) { unsigned char buf[DNS_NSEC3PARAM_BUFFERSIZE]; @@ -2271,7 +2231,7 @@ success: *iterationsp = iterations; result = ISC_R_SUCCESS; -failure: +cleanup: if (node != NULL) { dns_db_detachnode(&node); } @@ -2296,8 +2256,7 @@ check_dnssec(ns_client_t *client, dns_zone_t *zone, dns_db_t *db, if (!dns_zone_check_dnskey_nsec3(zone, db, ver, diff, NULL, 0)) { update_log(client, zone, ISC_LOG_ERROR, "NSEC only DNSKEYs and NSEC3 chains not allowed"); - result = DNS_R_REFUSED; - goto failure; + CHECK(DNS_R_REFUSED); } /* Verify NSEC3 params */ @@ -2305,11 +2264,10 @@ check_dnssec(ns_client_t *client, dns_zone_t *zone, dns_db_t *db, if (iterations > dns_nsec3_maxiterations()) { update_log(client, zone, ISC_LOG_ERROR, "too many NSEC3 iterations (%u)", iterations); - result = DNS_R_REFUSED; - goto failure; + CHECK(DNS_R_REFUSED); } -failure: +cleanup: return result; } @@ -2581,7 +2539,7 @@ add_nsec3param_records(ns_client_t *client, dns_zone_t *zone, dns_db_t *db, } result = ISC_R_SUCCESS; -failure: +cleanup: dns_diff_clear(&temp_diff); return result; } @@ -2638,7 +2596,7 @@ rollback_private(dns_db_t *db, dns_rdatatype_t privatetype, } result = ISC_R_SUCCESS; -failure: +cleanup: dns_diff_clear(&temp_diff); return result; } @@ -3050,7 +3008,7 @@ update_action(void *arg) { if (result != ISC_R_SUCCESS) { dns_diff_clear(&ctx.del_diff); dns_diff_clear(&ctx.add_diff); - goto failure; + goto cleanup; } result = update_one_rr( db, ver, &diff, DNS_DIFFOP_ADD, @@ -3062,7 +3020,7 @@ update_action(void *arg) { "failed: %s", isc_result_totext( result)); - goto failure; + goto cleanup; } } } @@ -3151,13 +3109,9 @@ update_action(void *arg) { * that are in use (under our control). */ if (dns_rdatatype_iskeymaterial(rdata.type)) { - isc_result_t r; bool inuse = false; - r = dns_zone_dnskey_inuse(zone, &rdata, - &inuse); - if (r != ISC_R_SUCCESS) { - FAIL(r); - } + CHECK(dns_zone_dnskey_inuse( + zone, &rdata, &inuse)); if (inuse) { char typebuf [DNS_RDATATYPE_FORMATSIZE]; @@ -3202,8 +3156,7 @@ update_action(void *arg) { update_log(client, zone, LOGLEVEL_PROTOCOL, "update rejected: post update name server " "sanity check failed"); - result = DNS_R_REFUSED; - goto failure; + CHECK(DNS_R_REFUSED); } } if (!ISC_LIST_EMPTY(diff.tuples) && is_signing) { @@ -3212,12 +3165,9 @@ update_action(void *arg) { update_log(client, zone, LOGLEVEL_PROTOCOL, "update rejected: bad %s RRset", result == DNS_R_BADCDS ? "CDS" : "CDNSKEY"); - result = DNS_R_REFUSED; - goto failure; - } - if (result != ISC_R_SUCCESS) { - goto failure; + CHECK(DNS_R_REFUSED); } + CHECK(result); } /* @@ -3277,7 +3227,7 @@ update_action(void *arg) { update_log(client, zone, ISC_LOG_ERROR, "RRSIG/NSEC/NSEC3 update failed: %s", isc_result_totext(result)); - goto failure; + goto cleanup; } } @@ -3289,8 +3239,7 @@ update_action(void *arg) { "records in zone (%" PRIu64 ") exceeds max-records (%u)", records, maxrecords); - result = DNS_R_TOOMANYRECORDS; - goto failure; + CHECK(DNS_R_TOOMANYRECORDS); } } @@ -3341,7 +3290,7 @@ update_action(void *arg) { result = ISC_R_SUCCESS; goto common; -failure: +cleanup: /* * The reason for failure should have been logged at this point. */ diff --git a/lib/ns/xfrout.c b/lib/ns/xfrout.c index af9273f7b4..3ca1c1f702 100644 --- a/lib/ns/xfrout.c +++ b/lib/ns/xfrout.c @@ -81,7 +81,7 @@ "bad zone transfer request: %s (%s)", msg, \ isc_result_totext(code)); \ if (result != ISC_R_SUCCESS) \ - goto failure; \ + goto cleanup; \ } while (0) #define FAILQ(code, msg, question, rdclass) \ @@ -96,14 +96,7 @@ "bad zone transfer request: '%s/%s': %s (%s)", \ _buf1, _buf2, msg, isc_result_totext(code)); \ if (result != ISC_R_SUCCESS) \ - goto failure; \ - } while (0) - -#define CHECK(op) \ - do { \ - result = (op); \ - if (result != ISC_R_SUCCESS) \ - goto failure; \ + goto cleanup; \ } while (0) /**************************************************************************/ @@ -248,7 +241,7 @@ ixfr_rrstream_create(isc_mem_t *mctx, const char *journal_filename, *sp = (rrstream_t *)s; return ISC_R_SUCCESS; -failure: +cleanup: ixfr_rrstream_destroy((rrstream_t **)(void *)&s); return result; } @@ -329,7 +322,7 @@ axfr_rrstream_create(isc_mem_t *mctx, dns_db_t *db, dns_dbversion_t *ver, *sp = (rrstream_t *)s; return ISC_R_SUCCESS; -failure: +cleanup: axfr_rrstream_destroy((rrstream_t **)(void *)&s); return result; } @@ -449,7 +442,7 @@ soa_rrstream_create(isc_mem_t *mctx, dns_db_t *db, dns_dbversion_t *ver, *sp = (rrstream_t *)s; return ISC_R_SUCCESS; -failure: +cleanup: soa_rrstream_destroy((rrstream_t **)(void *)&s); return result; } @@ -826,7 +819,7 @@ ns_xfr_start(ns_client_t *client, dns_rdatatype_t reqtype) { ISC_LOG_ERROR, "zone transfer '%s/%s' denied", _buf1, _buf2); - goto failure; + goto cleanup; } if (result != ISC_R_SUCCESS) { FAILQ(DNS_R_NOTAUTH, "non-authoritative zone", @@ -1161,7 +1154,7 @@ have_stream: result = ISC_R_SUCCESS; -failure: +cleanup: if (result == DNS_R_REFUSED) { inc_stats(client, zone, ns_statscounter_xfrrej); } @@ -1271,7 +1264,7 @@ xfrout_ctx_create(isc_mem_t *mctx, ns_client_t *client, unsigned int id, xfr->txmemlen = len; /* - * These MUST be after the last "goto failure;" / CHECK to + * These MUST be after the last "goto cleanup;" / CHECK to * prevent a double free by the caller. */ xfr->stream = stream; @@ -1512,8 +1505,7 @@ sendstream(xfrout_ctx_t *xfr) { "(%d bytes)", size); /* XXX DNS_R_RRTOOLARGE? */ - result = ISC_R_NOSPACE; - goto failure; + CHECK(ISC_R_NOSPACE); } break; } @@ -1608,7 +1600,7 @@ sendstream(xfrout_ctx_t *xfr) { /* Advance lasttsig to be the last TSIG generated */ CHECK(dns_message_getquerytsig(msg, xfr->mctx, &xfr->lasttsig)); -failure: +cleanup: if (tcpmsg != NULL) { dns_message_detach(&tcpmsg); } diff --git a/tests/bench/load-names.c b/tests/bench/load-names.c index 210f13ec95..8c437df575 100644 --- a/tests/bench/load-names.c +++ b/tests/bench/load-names.c @@ -83,7 +83,7 @@ const dns_qpmethods_t qpmethods = { testname, }; -#define CHECK(count, result) \ +#define CHECKN(count, result) \ do { \ if (result != ISC_R_SUCCESS) { \ dns_name_t *name = &item[count].fixed.name; \ @@ -161,14 +161,14 @@ thread_lfht(void *arg0) { isc_time_t t0 = isc_time_now_hires(); for (size_t n = arg->start; n < arg->end; n++) { isc_result_t result = add_lfht(arg->map, n); - CHECK(n, result); + CHECKN(n, result); } isc_time_t t1 = isc_time_now_hires(); for (size_t n = arg->start; n < arg->end; n++) { void *pval = NULL; isc_result_t result = get_lfht(arg->map, n, &pval); - CHECK(n, result); + CHECKN(n, result); assert(pval == &item[n]); } @@ -224,7 +224,7 @@ thread_hashmap(void *arg0) { WRLOCK(&rwl); for (size_t n = arg->start; n < arg->end; n++) { isc_result_t result = add_hashmap(arg->map, n); - CHECK(n, result); + CHECKN(n, result); } WRUNLOCK(&rwl); @@ -233,7 +233,7 @@ thread_hashmap(void *arg0) { for (size_t n = arg->start; n < arg->end; n++) { void *pval = NULL; isc_result_t result = get_hashmap(arg->map, n, &pval); - CHECK(n, result); + CHECKN(n, result); assert(pval == &item[n]); } RDUNLOCK(&rwl); @@ -281,7 +281,7 @@ thread_ht(void *arg0) { WRLOCK(&rwl); for (size_t n = arg->start; n < arg->end; n++) { isc_result_t result = add_ht(arg->map, n); - CHECK(n, result); + CHECKN(n, result); } WRUNLOCK(&rwl); @@ -290,7 +290,7 @@ thread_ht(void *arg0) { for (size_t n = arg->start; n < arg->end; n++) { void *pval = NULL; isc_result_t result = get_ht(arg->map, n, &pval); - CHECK(n, result); + CHECKN(n, result); assert(pval == &item[n]); } RDUNLOCK(&rwl); @@ -342,7 +342,7 @@ _thread_qp(void *arg0, bool sqz, bool brr) { isc_time_t t0 = isc_time_now_hires(); for (size_t n = arg->start; n < arg->end; n++) { isc_result_t result = add_qp(qp, n); - CHECK(n, result); + CHECKN(n, result); } if (sqz) { sqz_qp(qp); @@ -360,7 +360,7 @@ _thread_qp(void *arg0, bool sqz, bool brr) { for (size_t n = arg->start; n < arg->end; n++) { void *pval = NULL; isc_result_t result = get_qp(&qpr, n, &pval); - CHECK(n, result); + CHECKN(n, result); assert(pval == &item[n]); } diff --git a/tests/dns/qpdb_test.c b/tests/dns/qpdb_test.c index e7e16042c2..287e80de0c 100644 --- a/tests/dns/qpdb_test.c +++ b/tests/dns/qpdb_test.c @@ -36,11 +36,9 @@ #pragma GCC diagnostic push #pragma GCC diagnostic ignored "-Wshadow" -#undef CHECK #include "qpcache.c" #pragma GCC diagnostic pop -#undef CHECK #include /* Set to true (or use -v option) for verbose output */ diff --git a/tests/dns/qpzone_test.c b/tests/dns/qpzone_test.c index ba2591bf17..7f80a238ab 100644 --- a/tests/dns/qpzone_test.c +++ b/tests/dns/qpzone_test.c @@ -41,11 +41,9 @@ #pragma GCC diagnostic push #pragma GCC diagnostic ignored "-Wshadow" -#undef CHECK #include "qpzone.c" #pragma GCC diagnostic pop -#undef CHECK #include const char *ownercase_vectors[12][2] = { diff --git a/tests/dns/tsig_test.c b/tests/dns/tsig_test.c index 0102603d49..b07dcd27ab 100644 --- a/tests/dns/tsig_test.c +++ b/tests/dns/tsig_test.c @@ -40,14 +40,6 @@ #define TEST_ORIGIN "test" -#define CHECK(r) \ - { \ - result = (r); \ - if (result != ISC_R_SUCCESS) { \ - goto cleanup; \ - } \ - } - static isc_result_t add_mac(dst_context_t *tsigctx, isc_buffer_t *buf) { dns_rdata_any_tsig_t tsig; diff --git a/tests/dns/update_test.c b/tests/dns/update_test.c index 37cad32890..3cbd7daee6 100644 --- a/tests/dns/update_test.c +++ b/tests/dns/update_test.c @@ -40,11 +40,9 @@ */ #pragma GCC diagnostic push #pragma GCC diagnostic ignored "-Wshadow" -#undef CHECK #include "update.c" #pragma GCC diagnostic pop -#undef CHECK #include static int