From 692c879e3cc06294fbc51997e669eebf38d40486 Mon Sep 17 00:00:00 2001 From: Evan Hunt Date: Sun, 15 Sep 2019 16:36:16 -0700 Subject: [PATCH] remove unneeded members from dns_validator - val->keynode and val->seensig were set but never used. - val->nearest, val->soaset, val->soaname, val->nsecset and val->nsec3set were never used at all. --- lib/dns/include/dns/validator.h | 7 ---- lib/dns/keytable.c | 4 +- lib/dns/nta.c | 3 +- lib/dns/validator.c | 71 +++++++++------------------------ 4 files changed, 22 insertions(+), 63 deletions(-) diff --git a/lib/dns/include/dns/validator.h b/lib/dns/include/dns/validator.h index 51c62239d1..0057e1d5b5 100644 --- a/lib/dns/include/dns/validator.h +++ b/lib/dns/include/dns/validator.h @@ -128,7 +128,6 @@ struct dns_validator { dns_validator_t * subvalidator; dns_validator_t * parent; dns_keytable_t * keytable; - dns_keynode_t * keynode; dst_key_t * key; dns_rdata_rrsig_t * siginfo; isc_task_t * task; @@ -136,18 +135,12 @@ struct dns_validator { void * arg; unsigned int labels; dns_rdataset_t * currentset; - bool seensig; dns_rdataset_t * keyset; dns_rdataset_t * dsset; - dns_rdataset_t * soaset; - dns_rdataset_t * nsecset; - dns_rdataset_t * nsec3set; - dns_name_t * soaname; dns_rdataset_t frdataset; dns_rdataset_t fsigrdataset; dns_fixedname_t fname; dns_fixedname_t wild; - dns_fixedname_t nearest; dns_fixedname_t closest; ISC_LINK(dns_validator_t) link; bool mustbesecure; diff --git a/lib/dns/keytable.c b/lib/dns/keytable.c index 73e6cec89b..a154699d45 100644 --- a/lib/dns/keytable.c +++ b/lib/dns/keytable.c @@ -47,8 +47,8 @@ struct dns_keynode { unsigned int magic; isc_refcount_t refcount; dst_key_t * key; - bool managed; - bool initial; + bool managed; + bool initial; struct dns_keynode * next; }; diff --git a/lib/dns/nta.c b/lib/dns/nta.c index 8ea495cde5..3058ffcaa8 100644 --- a/lib/dns/nta.c +++ b/lib/dns/nta.c @@ -320,8 +320,7 @@ nta_create(dns_ntatable_t *ntatable, const dns_name_t *name, isc_result_t dns_ntatable_add(dns_ntatable_t *ntatable, const dns_name_t *name, - bool force, isc_stdtime_t now, - uint32_t lifetime) + bool force, isc_stdtime_t now, uint32_t lifetime) { isc_result_t result; dns_nta_t *nta = NULL; diff --git a/lib/dns/validator.c b/lib/dns/validator.c index 4aae7bc753..11bafb567e 100644 --- a/lib/dns/validator.c +++ b/lib/dns/validator.c @@ -866,10 +866,6 @@ validator_callback_nsec(isc_task_t *task, isc_event_t *event) { dns_name_t **proofs = val->event->proofs; dns_name_t *wild = dns_fixedname_name(&val->wild); - if (rdataset->trust == dns_trust_secure) { - val->seensig = true; - } - if (rdataset->type == dns_rdatatype_nsec && rdataset->trust == dns_trust_secure && (NEEDNODATA(val) || NEEDNOQNAME(val)) && @@ -1104,16 +1100,16 @@ create_validator(dns_validator_t *val, dns_name_t *name, dns_rdatatype_t type, } /*% - * Try to find a key that could have signed 'siginfo' among those - * in 'rdataset'. If found, build a dst_key_t for it and point - * val->key at it. + * Try to find a key that could have signed val->siginfo among those in + * 'rdataset'. If found, build a dst_key_t for it and point val->key at + * it. * - * If val->key is already non-NULL, locate it in the rdataset and - * then search past it for the *next* key that could have signed - * 'siginfo', then set val->key to that. + * If val->key is already non-NULL, locate it in the rdataset and then + * search past it for the *next* key that could have signed 'siginfo', then + * set val->key to that. * - * Returns ISC_R_SUCCESS if a possible matching key has been - * found, ISC_R_NOTFOUND if not. Any other value indicates error. + * Returns ISC_R_SUCCESS if a possible matching key has been found, + * ISC_R_NOTFOUND if not. Any other value indicates error. */ static isc_result_t select_signing_key(dns_validator_t *val, dns_rdataset_t *rdataset) { @@ -1577,35 +1573,16 @@ validate_answer(dns_validator_t *val, bool resume) { } do { + isc_result_t tresult; vresult = verify(val, val->key, &rdata, val->siginfo->keyid); if (vresult == ISC_R_SUCCESS) { break; } - if (val->keynode != NULL) { - dns_keynode_t *nextnode = NULL; - result = dns_keytable_findnextkeynode( - val->keytable, - val->keynode, - &nextnode); - dns_keytable_detachkeynode(val->keytable, - &val->keynode); - val->keynode = nextnode; - if (result != ISC_R_SUCCESS) { - val->key = NULL; - break; - } - val->key = dns_keynode_key(val->keynode); - if (val->key == NULL) { - break; - } - } else { - isc_result_t tresult; - tresult = select_signing_key(val, val->keyset); - if (tresult != ISC_R_SUCCESS) { - break; - } + tresult = select_signing_key(val, val->keyset); + if (tresult != ISC_R_SUCCESS) { + break; } } while (1); if (vresult != ISC_R_SUCCESS) { @@ -1618,17 +1595,12 @@ validate_answer(dns_validator_t *val, bool resume) { val->view->acceptexpired); } - if (val->keynode != NULL) { - dns_keytable_detachkeynode(val->keytable, - &val->keynode); - } else { - if (val->key != NULL) { - dst_key_free(&val->key); - } - if (val->keyset != NULL) { - dns_rdataset_disassociate(val->keyset); - val->keyset = NULL; - } + if (val->key != NULL) { + dst_key_free(&val->key); + } + if (val->keyset != NULL) { + dns_rdataset_disassociate(val->keyset); + val->keyset = NULL; } val->key = NULL; if (NEEDNOQNAME(val)) { @@ -3321,7 +3293,6 @@ dns_validator_create(dns_view_t *view, dns_name_t *name, dns_rdatatype_t type, if (result != ISC_R_SUCCESS) { goto cleanup; } - val->keynode = NULL; val->key = NULL; val->siginfo = NULL; val->task = task; @@ -3331,7 +3302,6 @@ dns_validator_create(dns_view_t *view, dns_name_t *name, dns_rdatatype_t type, val->currentset = NULL; val->keyset = NULL; val->dsset = NULL; - val->seensig = false; val->depth = 0; val->authcount = 0; val->authfail = 0; @@ -3339,7 +3309,6 @@ dns_validator_create(dns_view_t *view, dns_name_t *name, dns_rdatatype_t type, dns_rdataset_init(&val->frdataset); dns_rdataset_init(&val->fsigrdataset); dns_fixedname_init(&val->wild); - dns_fixedname_init(&val->nearest); dns_fixedname_init(&val->closest); isc_stdtime_get(&val->start); ISC_LINK_INIT(val, link); @@ -3422,9 +3391,7 @@ destroy(dns_validator_t *val) { REQUIRE(val->event == NULL); REQUIRE(val->fetch == NULL); - if (val->keynode != NULL) { - dns_keytable_detachkeynode(val->keytable, &val->keynode); - } else if (val->key != NULL) { + if (val->key != NULL) { dst_key_free(&val->key); } if (val->keytable != NULL) {