]> git.ipfire.org Git - thirdparty/bind9.git/commitdiff
projects / thirdparty / bind9.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 8c2285f)
dnssec-verify now returns failure on bad arguments
authorMark Andrews <marka@isc.org>
Thu, 16 Oct 2025 05:52:57 +0000 (16:52 +1100)
committerMark Andrews <marka@isc.org>
Wed, 22 Oct 2025 01:45:03 +0000 (12:45 +1100)
12 files changed:
bin/check/named-checkzone.c patch | blob | blame | history
bin/delv/delv.c patch | blob | blame | history
bin/dnssec/dnssec-dsfromkey.c patch | blob | blame | history
bin/dnssec/dnssec-importkey.c patch | blob | blame | history
bin/dnssec/dnssec-keyfromlabel.c patch | blob | blame | history
bin/dnssec/dnssec-keygen.c patch | blob | blame | history
bin/dnssec/dnssec-revoke.c patch | blob | blame | history
bin/dnssec/dnssec-settime.c patch | blob | blame | history
bin/dnssec/dnssec-signzone.c patch | blob | blame | history
bin/dnssec/dnssec-verify.c patch | blob | blame | history
bin/dnssec/dnssectool.c patch | blob | blame | history
bin/dnssec/dnssectool.h patch | blob | blame | history

diff --git a/bin/check/named-checkzone.c b/bin/check/named-checkzone.c
index 98a18ad78be7cfea2c9b31abd1522ed8521202db..9a15eec34e9913d20e4b259a5267f3ea0828ca47 100644 (file)
--- a/bin/check/named-checkzone.c
+++ b/bin/check/named-checkzone.c
@@ -61,10 +61,10 @@ static enum { progmode_check, progmode_compile } progmode;
        } while (0)
 
 ISC_NORETURN static void
-usage(void);
+usage(int ret);
 
 static void
-usage(void) {
+usage(int ret) {
        fprintf(stderr,
                "usage: %s [-djqvD] [-c class] "
                "[-f inputformat] [-F outputformat] [-J filename] "
@@ -77,7 +77,7 @@ usage(void) {
                "%s zonename [ (filename|-) ]\n",
                isc_commandline_progname,
                progmode == progmode_check ? "[-o filename]" : "-o filename");
-       exit(EXIT_FAILURE);
+       exit(ret);
 }
 
 static void
@@ -420,9 +420,10 @@ main(int argc, char **argv) {
                                        isc_commandline_progname,
                                        isc_commandline_option);
                        }
-                       FALLTHROUGH;
+                       usage(EXIT_FAILURE);
+
                case 'h':
-                       usage();
+                       usage(EXIT_SUCCESS);
 
                default:
                        fprintf(stderr, "%s: unhandled option -%c\n",
@@ -486,7 +487,7 @@ main(int argc, char **argv) {
                if (output_filename == NULL) {
                        fprintf(stderr, "output file required, but not "
                                        "specified\n");
-                       usage();
+                       usage(EXIT_FAILURE);
                }
        }
 
@@ -510,7 +511,7 @@ main(int argc, char **argv) {
        if (argc - isc_commandline_index < 1 ||
            argc - isc_commandline_index > 2)
        {
-               usage();
+               usage(EXIT_FAILURE);
        }
 
        if (!quiet) {
diff --git a/bin/delv/delv.c b/bin/delv/delv.c
index 6654697977cdc45b44620453a366c62f6998c93b..cfcc67fe5c03e777f5c655ff4fb15abc09e9b89e 100644 (file)
--- a/bin/delv/delv.c
+++ b/bin/delv/delv.c
@@ -170,8 +170,11 @@ get_reverse(char *reverse, size_t len, char *value, bool strict);
 static isc_result_t
 parse_uint(uint32_t *uip, const char *value, uint32_t max, const char *desc);
 
+ISC_NORETURN static void
+usage(int ret);
+
 static void
-usage(void) {
+usage(int ret) {
        fprintf(stderr,
                "Usage:  delv [@server] {q-opt} {d-opt} [domain] [q-type] "
                "[q-class]\n"
@@ -254,7 +257,7 @@ usage(void) {
                "process)\n"
                "                 +[no]yaml           (Present the results as "
                "YAML)\n");
-       exit(EXIT_FAILURE);
+       exit(ret);
 }
 
 ISC_NORETURN static void
@@ -1360,7 +1363,7 @@ plus_option(char *option) {
        invalid_option:
        need_value:
                fprintf(stderr, "Invalid option: +%s\n", option);
-               usage();
+               usage(EXIT_FAILURE);
        }
        return;
 }
@@ -1416,8 +1419,8 @@ dash_option(char *option, char *next, bool *open_type_class) {
                        /* handled in preparse_args() */
                        break;
                case 'h':
-                       usage();
-                       exit(EXIT_SUCCESS);
+                       usage(EXIT_SUCCESS);
+
                case 'i':
                        no_sigs = true;
                        root_validation = false;
@@ -1570,7 +1573,7 @@ dash_option(char *option, char *next, bool *open_type_class) {
        invalid_option:
        default:
                fprintf(stderr, "Invalid option: -%s\n", option);
-               usage();
+               usage(EXIT_FAILURE);
        }
        UNREACHABLE();
        return false;
diff --git a/bin/dnssec/dnssec-dsfromkey.c b/bin/dnssec/dnssec-dsfromkey.c
index 4d29500180d9f43f77948a1b775682159bfe73eb..76e2a80b7ce36f7a019d4a88e1ce1e2fc4dd44e1 100644 (file)
--- a/bin/dnssec/dnssec-dsfromkey.c
+++ b/bin/dnssec/dnssec-dsfromkey.c
@@ -329,10 +329,10 @@ emits(bool showall, bool cds, dns_rdata_t *rdata) {
 }
 
 ISC_NORETURN static void
-usage(void);
+usage(int ret);
 
 static void
-usage(void) {
+usage(int ret) {
        fprintf(stderr, "Usage:\n");
        fprintf(stderr, "    %s [options] keyfile\n\n",
                isc_commandline_progname);
@@ -362,7 +362,7 @@ usage(void) {
                        "    -V: print version information\n");
        fprintf(stderr, "Output: DS or CDS RRs\n");
 
-       exit(EXIT_FAILURE);
+       exit(ret);
 }
 
 int
@@ -378,7 +378,7 @@ main(int argc, char **argv) {
        dns_rdataset_t rdataset;
 
        if (argc == 1) {
-               usage();
+               usage(EXIT_FAILURE);
        }
 
        isc_commandline_init(argc, argv);
@@ -446,10 +446,12 @@ main(int argc, char **argv) {
                                        isc_commandline_progname,
                                        isc_commandline_option);
                        }
-                       FALLTHROUGH;
+                       /* Does not return. */
+                       usage(EXIT_FAILURE);
+
                case 'h':
                        /* Does not return. */
-                       usage();
+                       usage(EXIT_SUCCESS);
 
                case 'V':
                        /* Does not return. */
diff --git a/bin/dnssec/dnssec-importkey.c b/bin/dnssec/dnssec-importkey.c
index f4dae207bfde305e76e0ad263a494a90cd102090..23361ef7130ace111d885e287a36e03abd4eea27 100644 (file)
--- a/bin/dnssec/dnssec-importkey.c
+++ b/bin/dnssec/dnssec-importkey.c
@@ -262,10 +262,10 @@ emit(const char *dir, dns_rdata_t *rdata) {
 }
 
 ISC_NORETURN static void
-usage(void);
+usage(int ret);
 
 static void
-usage(void) {
+usage(int ret) {
        fprintf(stderr, "Usage:\n");
        fprintf(stderr, "    %s options [-K dir] keyfile\n\n",
                isc_commandline_progname);
@@ -290,7 +290,7 @@ usage(void) {
        fprintf(stderr, "    -D sync date/[+-]offset/none: set/unset "
                        "CDS and CDNSKEY deletion date\n");
 
-       exit(EXIT_FAILURE);
+       exit(ret);
 }
 
 int
@@ -304,7 +304,7 @@ main(int argc, char **argv) {
        isc_stdtime_t now = isc_stdtime_now();
 
        if (argc == 1) {
-               usage();
+               usage(EXIT_FAILURE);
        }
 
        isc_commandline_init(argc, argv);
@@ -381,10 +381,11 @@ main(int argc, char **argv) {
                                        isc_commandline_progname,
                                        isc_commandline_option);
                        }
-                       FALLTHROUGH;
+                       usage(EXIT_FAILURE);
+
                case 'h':
                        /* Does not return. */
-                       usage();
+                       usage(EXIT_SUCCESS);
 
                case 'V':
                        /* Does not return. */
diff --git a/bin/dnssec/dnssec-keyfromlabel.c b/bin/dnssec/dnssec-keyfromlabel.c
index 31a61b5bab3fd05ecf3640b57324a6893ee0b3d9..9245fb7ceff4d3dfb8c6543bb58a9ad1a45e9b84 100644 (file)
--- a/bin/dnssec/dnssec-keyfromlabel.c
+++ b/bin/dnssec/dnssec-keyfromlabel.c
@@ -46,10 +46,10 @@
 static uint16_t tag_min = 0, tag_max = 0xffff;
 
 ISC_NORETURN static void
-usage(void);
+usage(int ret);
 
 static void
-usage(void) {
+usage(int ret) {
        fprintf(stderr, "Usage:\n");
        fprintf(stderr, "    %s -l label [options] name\n\n",
                isc_commandline_progname);
@@ -98,7 +98,7 @@ usage(void) {
        fprintf(stderr, "     K<name>+<alg>+<id>.key, "
                        "K<name>+<alg>+<id>.private\n");
 
-       exit(EXIT_FAILURE);
+       exit(ret);
 }
 
 int
@@ -144,7 +144,7 @@ main(int argc, char **argv) {
        isc_stdtime_t now = isc_stdtime_now();
 
        if (argc == 1) {
-               usage();
+               usage(EXIT_FAILURE);
        }
 
        isc_commandline_init(argc, argv);
@@ -322,10 +322,12 @@ main(int argc, char **argv) {
                                        isc_commandline_progname,
                                        isc_commandline_option);
                        }
-                       FALLTHROUGH;
+                       /* Does not return. */
+                       usage(EXIT_FAILURE);
+
                case 'h':
                        /* Does not return. */
-                       usage();
+                       usage(EXIT_SUCCESS);
 
                case 'V':
                        /* Does not return. */
diff --git a/bin/dnssec/dnssec-keygen.c b/bin/dnssec/dnssec-keygen.c
index cb40b138ab8449c1784187bf74660e630a27f6e0..c7b4abe98abfb7f49d65442a4de1c57a5e61bc31 100644 (file)
--- a/bin/dnssec/dnssec-keygen.c
+++ b/bin/dnssec/dnssec-keygen.c
@@ -68,7 +68,7 @@ static int min_rsa = 1024;
 static int min_dh = 128;
 
 ISC_NORETURN static void
-usage(void);
+usage(int ret);
 
 static void
 progress(int p);
@@ -128,7 +128,7 @@ struct keygen_ctx {
 typedef struct keygen_ctx keygen_ctx_t;
 
 static void
-usage(void) {
+usage(int ret) {
        fprintf(stderr, "Usage:\n");
        fprintf(stderr, "    %s [options] name\n\n", isc_commandline_progname);
        fprintf(stderr, "Version: %s\n", PACKAGE_VERSION);
@@ -203,7 +203,7 @@ usage(void) {
        fprintf(stderr, "     K<name>+<alg>+<id>.key, "
                        "K<name>+<alg>+<id>.private\n");
 
-       exit(EXIT_FAILURE);
+       exit(ret);
 }
 
 static void
@@ -802,7 +802,7 @@ main(int argc, char **argv) {
        };
 
        if (argc == 1) {
-               usage();
+               usage(EXIT_FAILURE);
        }
 
        isc_commandline_init(argc, argv);
@@ -1042,10 +1042,12 @@ main(int argc, char **argv) {
                                        isc_commandline_progname,
                                        isc_commandline_option);
                        }
-                       FALLTHROUGH;
+                       /* Does not return. */
+                       usage(EXIT_FAILURE);
+
                case 'h':
                        /* Does not return. */
-                       usage();
+                       usage(EXIT_SUCCESS);
 
                case 'V':
                        /* Does not return. */
diff --git a/bin/dnssec/dnssec-revoke.c b/bin/dnssec/dnssec-revoke.c
index a105f88684254fdcfff69120d010e9be277ffc03..2a016114838cbc94fa34d662862049a7f1b81e01 100644 (file)
--- a/bin/dnssec/dnssec-revoke.c
+++ b/bin/dnssec/dnssec-revoke.c
@@ -37,10 +37,10 @@
 #include "dnssectool.h"
 
 ISC_NORETURN static void
-usage(void);
+usage(int ret);
 
 static void
-usage(void) {
+usage(int ret) {
        fprintf(stderr, "Usage:\n");
        fprintf(stderr, "    %s [options] keyfile\n\n",
                isc_commandline_progname);
@@ -56,7 +56,7 @@ usage(void) {
        fprintf(stderr, "     K<name>+<alg>+<new id>.key, "
                        "K<name>+<alg>+<new id>.private\n");
 
-       exit(EXIT_FAILURE);
+       exit(ret);
 }
 
 int
@@ -78,7 +78,7 @@ main(int argc, char **argv) {
        isc_commandline_init(argc, argv);
 
        if (argc == 1) {
-               usage();
+               usage(EXIT_FAILURE);
        }
 
        isc_commandline_errprint = false;
@@ -117,10 +117,12 @@ main(int argc, char **argv) {
                                        isc_commandline_progname,
                                        isc_commandline_option);
                        }
-                       FALLTHROUGH;
+                       /* Does not return. */
+                       usage(EXIT_FAILURE);
+
                case 'h':
                        /* Does not return. */
-                       usage();
+                       usage(EXIT_SUCCESS);
 
                case 'V':
                        /* Does not return. */
diff --git a/bin/dnssec/dnssec-settime.c b/bin/dnssec/dnssec-settime.c
index 312706e3142eeb722ea912705a3cde66ab3b483c..b648bf51b3fa6a3c303ab0d26462f64d96ef9cc0 100644 (file)
--- a/bin/dnssec/dnssec-settime.c
+++ b/bin/dnssec/dnssec-settime.c
@@ -41,10 +41,10 @@
 #include "dnssectool.h"
 
 ISC_NORETURN static void
-usage(void);
+usage(int ret);
 
 static void
-usage(void) {
+usage(int ret) {
        fprintf(stderr, "Usage:\n");
        fprintf(stderr, "    %s [options] keyfile\n\n",
                isc_commandline_progname);
@@ -99,7 +99,7 @@ usage(void) {
        fprintf(stderr, "     K<name>+<alg>+<new id>.key, "
                        "K<name>+<alg>+<new id>.private\n");
 
-       exit(EXIT_FAILURE);
+       exit(ret);
 }
 
 static void
@@ -240,7 +240,7 @@ main(int argc, char **argv) {
        options = DST_TYPE_PUBLIC | DST_TYPE_PRIVATE | DST_TYPE_STATE;
 
        if (argc == 1) {
-               usage();
+               usage(EXIT_FAILURE);
        }
 
        setup_logging();
@@ -336,10 +336,13 @@ main(int argc, char **argv) {
                                        isc_commandline_progname,
                                        isc_commandline_option);
                        }
-                       FALLTHROUGH;
+                       /* Does not return. */
+                       usage(EXIT_FAILURE);
+
                case 'h':
                        /* Does not return. */
-                       usage();
+                       usage(EXIT_SUCCESS);
+
                case 'I':
                        if (setinact || unsetinact) {
                                fatal("-I specified more than once");
@@ -473,7 +476,7 @@ main(int argc, char **argv) {
                                case ' ':
                                        break;
                                default:
-                                       usage();
+                                       usage(EXIT_FAILURE);
                                        break;
                                }
                        } while (*p != '\0');
diff --git a/bin/dnssec/dnssec-signzone.c b/bin/dnssec/dnssec-signzone.c
index d7fcc1ceafa94d427fb06d8ee1b864802b1ec826..7057ed8a2e400d743ce8406ca50768a086d9fc6b 100644 (file)
--- a/bin/dnssec/dnssec-signzone.c
+++ b/bin/dnssec/dnssec-signzone.c
@@ -3115,10 +3115,10 @@ print_version(FILE *fp) {
 }
 
 ISC_NORETURN static void
-usage(void);
+usage(int ret);
 
 static void
-usage(void) {
+usage(int ret) {
        fprintf(stderr, "Usage:\n");
        fprintf(stderr, "\t%s [options] zonefile [keys]\n",
                isc_commandline_progname);
@@ -3205,7 +3205,7 @@ usage(void) {
        fprintf(stderr, "(default: all zone keys that have private keys)\n");
        fprintf(stderr, "\tkeyfile (Kname+alg+tag)\n");
 
-       exit(EXIT_FAILURE);
+       exit(ret);
 }
 
 static void
@@ -3576,10 +3576,12 @@ main(int argc, char *argv[]) {
                                        isc_commandline_progname,
                                        isc_commandline_option);
                        }
-                       FALLTHROUGH;
+                       /* Does not return. */
+                       usage(EXIT_FAILURE);
+
                case 'h':
                        /* Does not return. */
-                       usage();
+                       usage(EXIT_SUCCESS);
 
                case 'V':
                        /* Does not return. */
@@ -3646,7 +3648,7 @@ main(int argc, char *argv[]) {
        argv += isc_commandline_index;
 
        if (argc < 1) {
-               usage();
+               usage(EXIT_FAILURE);
        }
 
        file = argv[0];
diff --git a/bin/dnssec/dnssec-verify.c b/bin/dnssec/dnssec-verify.c
index f0586f710e4dc203882c535043c0d0008fa0ec8f..c4950da38911ae7772443ac97e37a4cbdc474696 100644 (file)
--- a/bin/dnssec/dnssec-verify.c
+++ b/bin/dnssec/dnssec-verify.c
@@ -135,10 +135,10 @@ loadzone(char *file, char *origin, dns_rdataclass_t rdclass, dns_db_t **db) {
 }
 
 ISC_NORETURN static void
-usage(void);
+usage(int ret);
 
 static void
-usage(void) {
+usage(int ret) {
        fprintf(stderr, "Usage:\n");
        fprintf(stderr, "\t%s [options] zonefile [keys]\n",
                isc_commandline_progname);
@@ -159,7 +159,7 @@ usage(void) {
        fprintf(stderr, "\t-x:\tDNSKEY record signed with KSKs only, "
                        "not ZSKs\n");
        fprintf(stderr, "\t-z:\tAll records signed with KSKs\n");
-       exit(EXIT_SUCCESS);
+       exit(ret);
 }
 
 int
@@ -254,11 +254,12 @@ main(int argc, char *argv[]) {
                                        isc_commandline_progname,
                                        isc_commandline_option);
                        }
-                       FALLTHROUGH;
+                       /* Does not return. */
+                       usage(EXIT_FAILURE);
 
                case 'h':
                        /* Does not return. */
-                       usage();
+                       usage(EXIT_SUCCESS);
 
                case 'V':
                        /* Does not return. */
@@ -282,7 +283,7 @@ main(int argc, char *argv[]) {
        argv += isc_commandline_index;
 
        if (argc < 1) {
-               usage();
+               usage(EXIT_FAILURE);
        }
 
        file = argv[0];
diff --git a/bin/dnssec/dnssectool.c b/bin/dnssec/dnssectool.c
index 150411ee4ce494ae19fa7dcf7ecd1c4c5f01c8e3..31cfe8ec079dd858d3766a884df6ac2b45968682 100644 (file)
--- a/bin/dnssec/dnssectool.c
+++ b/bin/dnssec/dnssectool.c
@@ -547,14 +547,14 @@ try_key:
 }
 
 bool
-isoptarg(const char *arg, char **argv, void (*usage)(void)) {
+isoptarg(const char *arg, char **argv, void (*usage)(int ret)) {
        if (!strcasecmp(isc_commandline_argument, arg)) {
                if (argv[isc_commandline_index] == NULL) {
                        fprintf(stderr, "%s: missing argument -%c %s\n",
                                isc_commandline_progname,
                                isc_commandline_option,
                                isc_commandline_argument);
-                       usage();
+                       usage(EXIT_FAILURE);
                }
                isc_commandline_argument = argv[isc_commandline_index];
                /* skip to next argument */
diff --git a/bin/dnssec/dnssectool.h b/bin/dnssec/dnssectool.h
index 0b981b6aad2018f4c32171abfeda9f8d85f14b9f..06dc82d61110680980af5565ecfdf42728274058 100644 (file)
--- a/bin/dnssec/dnssectool.h
+++ b/bin/dnssec/dnssectool.h
@@ -106,7 +106,7 @@ key_collision(dst_key_t *dstkey, dns_name_t *name, const char *dir,
              isc_mem_t *mctx, uint16_t min, uint16_t max, bool *exact);
 
 bool
-isoptarg(const char *arg, char **argv, void (*usage)(void));
+isoptarg(const char *arg, char **argv, void (*usage)(int ret));
 
 void
 loadjournal(isc_mem_t *mctx, dns_db_t *db, const char *journal);
Mirror of https://gitlab.isc.org/isc-projects/bind9.git