}
if (dns_rdataclass_ismeta(viewclass)) {
- CHECK(ISC_R_FAILURE);
+ CLEANUP(ISC_R_FAILURE);
}
dns_rdataclass_format(viewclass, buf, sizeof(buf));
fprintf(stderr, "%s: unhandled option -%c\n",
isc_commandline_progname,
isc_commandline_option);
- CHECK(ISC_R_FAILURE);
+ CLEANUP(ISC_R_FAILURE);
}
}
if (((flags & CFG_PRINTER_XKEY) != 0) && !print) {
fprintf(stderr, "%s: -x cannot be used without -p\n",
isc_commandline_progname);
- CHECK(ISC_R_FAILURE);
+ CLEANUP(ISC_R_FAILURE);
}
if (print && list_zones) {
fprintf(stderr, "%s: -l cannot be used with -p\n",
isc_commandline_progname);
- CHECK(ISC_R_FAILURE);
+ CLEANUP(ISC_R_FAILURE);
}
if (isc_commandline_index + 1 < argc) {
delv_log(ISC_LOG_ERROR,
"key '%s': invalid initialization method '%s'",
keynamestr, atstr);
- CHECK(ISC_R_FAILURE);
+ CLEANUP(ISC_R_FAILURE);
}
}
isc_buffer_init(&rrdatabuf, rrdata, sizeof(rrdata));
if (rdata1 > 0xffff) {
- CHECK(ISC_R_RANGE);
+ CLEANUP(ISC_R_RANGE);
}
if (rdata2 > 0xff) {
- CHECK(ISC_R_RANGE);
+ CLEANUP(ISC_R_RANGE);
}
if (rdata3 > 0xff) {
- CHECK(ISC_R_RANGE);
+ CLEANUP(ISC_R_RANGE);
}
switch (anchortype) {
switch (ds.digest_type) {
case DNS_DSDIGEST_SHA1:
if (r.length != ISC_SHA1_DIGESTLENGTH) {
- CHECK(ISC_R_UNEXPECTEDEND);
+ CLEANUP(ISC_R_UNEXPECTEDEND);
}
break;
case DNS_DSDIGEST_SHA256:
if (r.length != ISC_SHA256_DIGESTLENGTH) {
- CHECK(ISC_R_UNEXPECTEDEND);
+ CLEANUP(ISC_R_UNEXPECTEDEND);
}
break;
case DNS_DSDIGEST_SHA384:
if (r.length != ISC_SHA384_DIGESTLENGTH) {
- CHECK(ISC_R_UNEXPECTEDEND);
+ CLEANUP(ISC_R_UNEXPECTEDEND);
}
break;
}
secretsize = isc_buffer_usedlength(&secretbuf);
if (hmac_alg == DST_ALG_UNKNOWN) {
- CHECK(DST_R_UNSUPPORTEDALG);
+ CLEANUP(DST_R_UNSUPPORTEDALG);
}
CHECK(dns_name_fromtext(keyname, namebuf, dns_rootname, 0));
#define NEXTTOKEN(lex, opt, token) CHECK(isc_lex_gettoken(lex, opt, token))
-#define BADTOKEN() CHECK(ISC_R_UNEXPECTEDTOKEN)
+#define BADTOKEN() CLEANUP(ISC_R_UNEXPECTEDTOKEN)
isc_bufferlist_t cleanup_list = ISC_LIST_INITIALIZER;
if (needargs) {
if (argc != 3) {
- CHECK(DNS_R_SYNTAX);
+ CLEANUP(DNS_R_SYNTAX);
}
bdb->server = isc_mem_strdup(isc_g_mctx, argv[1]);
bdb->contact = isc_mem_strdup(isc_g_mctx, argv[2]);
} else if (argc != 1) {
- CHECK(DNS_R_SYNTAX);
+ CLEANUP(DNS_R_SYNTAX);
}
bdb->common.magic = DNS_DB_MAGIC;
"rejecting restricted control channel "
"command '%s'",
cmdline);
- CHECK(ISC_R_FAILURE);
+ CLEANUP(ISC_R_FAILURE);
}
isc_log_write(NAMED_LOGCATEGORY_GENERAL, NAMED_LOGMODULE_CONTROL,
}
if (!match) {
- CHECK(ISCCC_R_BADAUTH);
+ CLEANUP(ISCCC_R_BADAUTH);
}
/* We shouldn't be getting a reply. */
if (isccc_cc_isreply(conn->request)) {
- CHECK(ISC_R_FAILURE);
+ CLEANUP(ISC_R_FAILURE);
}
conn->now = isc_stdtime_now();
*/
conn->ctrl = isccc_alist_lookup(conn->request, "_ctrl");
if (!isccc_alist_alistp(conn->ctrl)) {
- CHECK(ISC_R_FAILURE);
+ CLEANUP(ISC_R_FAILURE);
}
if (isccc_cc_lookupuint32(conn->ctrl, "_tim", &sent) == ISC_R_SUCCESS) {
if ((sent + CLOCKSKEW) < conn->now ||
(sent - CLOCKSKEW) > conn->now)
{
- CHECK(DNS_R_CLOCKSKEW);
+ CLEANUP(DNS_R_CLOCKSKEW);
}
} else {
- CHECK(ISC_R_FAILURE);
+ CLEANUP(ISC_R_FAILURE);
}
/*
if (isccc_cc_lookupuint32(conn->ctrl, "_exp", &exp) == ISC_R_SUCCESS &&
conn->now > exp)
{
- CHECK(DNS_R_EXPIRED);
+ CLEANUP(DNS_R_EXPIRED);
}
/*
ISC_R_SUCCESS ||
conn->nonce != nonce))
{
- CHECK(ISCCC_R_BADAUTH);
+ CLEANUP(ISCCC_R_BADAUTH);
}
isc_buffer_allocate(listener->mctx, &conn->text, 2 * 2048);
if ((pf == AF_INET && isc_net_probeipv4() != ISC_R_SUCCESS) ||
(pf == AF_INET6 && isc_net_probeipv6() != ISC_R_SUCCESS))
{
- CHECK(ISC_R_FAMILYNOSUPPORT);
+ CLEANUP(ISC_R_FAMILYNOSUPPORT);
}
CHECK(isc_nm_listentcp(ISC_NM_LISTEN_ONE, &listener->address,
"key '%s': "
"invalid initialization method '%s'",
namestr, atstr);
- CHECK(ISC_R_FAILURE);
+ CLEANUP(ISC_R_FAILURE);
}
}
keystruct.algorithm, keystruct.data, keystruct.datalen);
if (!dst_algorithm_supported(algorithm)) {
- CHECK(DST_R_UNSUPPORTEDALG);
+ CLEANUP(DST_R_UNSUPPORTEDALG);
}
CHECK(dns_rdata_fromstruct(&rdata, keystruct.common.rdclass,
switch (ds->digest_type) {
case DNS_DSDIGEST_SHA1:
if (r.length != ISC_SHA1_DIGESTLENGTH) {
- CHECK(ISC_R_UNEXPECTEDEND);
+ CLEANUP(ISC_R_UNEXPECTEDEND);
}
break;
case DNS_DSDIGEST_SHA256:
if (r.length != ISC_SHA256_DIGESTLENGTH) {
- CHECK(ISC_R_UNEXPECTEDEND);
+ CLEANUP(ISC_R_UNEXPECTEDEND);
}
break;
case DNS_DSDIGEST_SHA384:
if (r.length != ISC_SHA384_DIGESTLENGTH) {
- CHECK(ISC_R_UNEXPECTEDEND);
+ CLEANUP(ISC_R_UNEXPECTEDEND);
}
break;
#if defined(DNS_DSDIGEST_SHA256PRIVATE)
case DNS_DSDIGEST_SHA256PRIVATE:
if (r.length < ISC_SHA256_DIGESTLENGTH) {
- CHECK(ISC_R_UNEXPECTEDEND);
+ CLEANUP(ISC_R_UNEXPECTEDEND);
}
break;
#endif
#if defined(DNS_DSDIGEST_SHA384PRIVATE)
case DNS_DSDIGEST_SHA384PRIVATE:
if (r.length < ISC_SHA384_DIGESTLENGTH) {
- CHECK(ISC_R_UNEXPECTEDEND);
+ CLEANUP(ISC_R_UNEXPECTEDEND);
}
break;
#endif
"key '%s': "
"unknown ds digest type %u",
namestr, ds->digest_type);
- CHECK(ISC_R_FAILURE);
+ CLEANUP(ISC_R_FAILURE);
break;
}
if (r.length > digest_len) {
- CHECK(ISC_R_NOSPACE);
+ CLEANUP(ISC_R_NOSPACE);
}
ds->length = r.length;
ds->digest = digest;
}
#endif
if (!dst_algorithm_supported(algorithm)) {
- CHECK(DST_R_UNSUPPORTEDALG);
+ CLEANUP(DST_R_UNSUPPORTEDALG);
}
break;
isc_log_write(DNS_LOGCATEGORY_SECURITY,
NAMED_LOGMODULE_SERVER, ISC_LOG_ERROR,
"root key not loaded");
- CHECK(ISC_R_FAILURE);
+ CLEANUP(ISC_R_FAILURE);
}
}
"managed-keys-directory '%s' "
"is not writable",
directory);
- CHECK(ISC_R_NOPERM);
+ CLEANUP(ISC_R_NOPERM);
}
}
*/
for (i = 0; i < dbtypec; i++) {
if (argv[i] == NULL || strcmp(argv[i], dbargv[i]) != 0) {
- CHECK(ISC_R_FAILURE);
+ CLEANUP(ISC_R_FAILURE);
}
}
}
CHECK(cfg_map_get(zoneconf, "zone", &zlist));
if (!cfg_obj_islist(zlist)) {
- CHECK(ISC_R_FAILURE);
+ CLEANUP(ISC_R_FAILURE);
}
/* For now we only support adding one zone at a time */
CHECK(cfg_map_get(zoneconf, "zone", &zlist));
if (!cfg_obj_islist(zlist)) {
- CHECK(ISC_R_FAILURE);
+ CLEANUP(ISC_R_FAILURE);
}
zoneobj = cfg_listelt_value(cfg_list_first(zlist));
"rpz '%s' is not a primary or a "
"secondary zone",
namebuf);
- CHECK(ISC_R_NOTFOUND);
+ CLEANUP(ISC_R_NOTFOUND);
}
}
}
if (dispatch4 == NULL && dispatch6 == NULL) {
UNEXPECTED_ERROR("unable to obtain either an IPv4 or"
" an IPv6 dispatch");
- CHECK(ISC_R_UNEXPECTED);
+ CLEANUP(ISC_R_UNEXPECTED);
}
CHECK(dns_view_createresolver(view, resopts, tlsctx_client_cache,
NAMED_LOGMODULE_SERVER, ISC_LOG_ERROR,
"view '%s': class must not be meta",
viewname);
- CHECK(ISC_R_FAILURE);
+ CLEANUP(ISC_R_FAILURE);
}
} else {
viewname = "_default";
ISC_LOG_ERROR,
"zone '%s': wrong class for view '%s'", zname,
vname);
- CHECK(ISC_R_FAILURE);
+ CLEANUP(ISC_R_FAILURE);
}
(void)cfg_map_get(zoptions, "in-view", &viewobj);
cfg_obj_log(zconfig, ISC_LOG_ERROR,
"'in-view' option is not permitted in "
"dynamically added zones");
- CHECK(ISC_R_FAILURE);
+ CLEANUP(ISC_R_FAILURE);
}
result = dns_viewlist_find(viewlist, inview, view->rdclass,
if (result != ISC_R_SUCCESS) {
cfg_obj_log(zconfig, ISC_LOG_ERROR,
"view '%s' is not yet defined.", inview);
- CHECK(ISC_R_FAILURE);
+ CLEANUP(ISC_R_FAILURE);
}
result = dns_view_findzone(otherview, origin, DNS_ZTFIND_EXACT,
cfg_obj_log(zconfig, ISC_LOG_ERROR,
"zone '%s' not defined in view '%s'", zname,
inview);
- CHECK(ISC_R_FAILURE);
+ CLEANUP(ISC_R_FAILURE);
}
CHECK(dns_view_addzone(view, zone));
if (typeobj == NULL) {
cfg_obj_log(zconfig, ISC_LOG_ERROR,
"zone '%s' 'type' not specified", zname);
- CHECK(ISC_R_FAILURE);
+ CLEANUP(ISC_R_FAILURE);
}
ztypestr = cfg_obj_asstring(typeobj);
isc_log_write(NAMED_LOGCATEGORY_GENERAL,
NAMED_LOGMODULE_SERVER, ISC_LOG_ERROR,
"zone '%s': 'file' not specified", zname);
- CHECK(ISC_R_FAILURE);
+ CLEANUP(ISC_R_FAILURE);
}
if (dns_name_equal(origin, dns_rootname)) {
const char *hintsfile = cfg_obj_asstring(fileobj);
if (view->redirect != NULL) {
cfg_obj_log(zconfig, ISC_LOG_ERROR,
"redirect zone already exists");
- CHECK(ISC_R_EXISTS);
+ CLEANUP(ISC_R_EXISTS);
}
result = dns_viewlist_find(viewlist, view->name, view->rdclass,
&pview);
cfg_obj_log(zconfig, ISC_LOG_ERROR,
"zone '%s' already exists", zname);
dns_zone_detach(&dupzone);
- CHECK(ISC_R_EXISTS);
+ CLEANUP(ISC_R_EXISTS);
}
INSIST(dupzone == NULL);
}
if (fp == NULL) {
isc_log_write(NAMED_LOGCATEGORY_GENERAL, NAMED_LOGMODULE_SERVER,
ISC_LOG_ERROR, "could not create %s", filename);
- CHECK(ISC_R_NOPERM);
+ CLEANUP(ISC_R_NOPERM);
}
fprintf(fp,
cfg_map_get(config, "zone", &zl);
if (!cfg_obj_islist(zl)) {
- CHECK(ISC_R_FAILURE);
+ CLEANUP(ISC_R_FAILURE);
}
list = UNCONST(&zl->value.list);
"Error deleting zone %s "
"from NZD database: %s",
namebuf, mdb_strerror(status));
- CHECK(ISC_R_FAILURE);
+ CLEANUP(ISC_R_FAILURE);
} else if (status != MDB_NOTFOUND) {
commit = true;
}
NAMED_LOGMODULE_SERVER, ISC_LOG_ERROR,
"Unable to get options from config in "
"nzd_save()");
- CHECK(ISC_R_FAILURE);
+ CLEANUP(ISC_R_FAILURE);
}
dzarg.magic = DZARG_MAGIC;
"Error inserting zone in "
"NZD database: %s",
mdb_strerror(status));
- CHECK(ISC_R_FAILURE);
+ CLEANUP(ISC_R_FAILURE);
}
commit = true;
isc_log_write(DNS_LOGCATEGORY_GENERAL, ISC_LOGMODULE_OTHER,
ISC_LOG_ERROR, "mdb_env_create failed: %s",
mdb_strerror(status));
- CHECK(ISC_R_FAILURE);
+ CLEANUP(ISC_R_FAILURE);
}
if (view->newzone.mapsize != 0ULL) {
ISC_LOGMODULE_OTHER, ISC_LOG_ERROR,
"mdb_env_set_mapsize failed: %s",
mdb_strerror(status));
- CHECK(ISC_R_FAILURE);
+ CLEANUP(ISC_R_FAILURE);
}
}
isc_log_write(DNS_LOGCATEGORY_GENERAL, ISC_LOGMODULE_OTHER,
ISC_LOG_ERROR, "mdb_env_open of '%s' failed: %s",
view->newzone.db, mdb_strerror(status));
- CHECK(ISC_R_FAILURE);
+ CLEANUP(ISC_R_FAILURE);
}
view->newzone.dbenv = env;
zonelist = NULL;
CHECK(cfg_map_get(nzf_config, "zone", &zonelist));
if (!cfg_obj_islist(zonelist)) {
- CHECK(ISC_R_FAILURE);
+ CLEANUP(ISC_R_FAILURE);
}
CHECK(nzd_open(view, 0, &txn, &dbi));
origin = cfg_obj_asstring(cfg_tuple_get(zconfig, "name"));
if (origin == NULL) {
- CHECK(ISC_R_FAILURE);
+ CLEANUP(ISC_R_FAILURE);
}
/* Normalize zone name */
zoptions = cfg_tuple_get(zconfig, "options");
if (zoptions == NULL) {
- CHECK(ISC_R_FAILURE);
+ CLEANUP(ISC_R_FAILURE);
}
isc_buffer_clear(text);
"Error inserting zone in "
"NZD database: %s",
mdb_strerror(status));
- CHECK(ISC_R_FAILURE);
+ CLEANUP(ISC_R_FAILURE);
}
commit = true;
CHECK(cfg_map_get(zoneconf, "zone", &zlist));
if (!cfg_obj_islist(zlist)) {
- CHECK(ISC_R_FAILURE);
+ CLEANUP(ISC_R_FAILURE);
}
/* For now we only support adding one zone at a time */
if (obj != NULL) {
(void)putstr(text, "'in-view' zones not supported by ");
(void)putstr(text, bn);
- CHECK(ISC_R_FAILURE);
+ CLEANUP(ISC_R_FAILURE);
}
(void)cfg_map_get(zoptions, "template", &obj);
if (obj == NULL) {
(void)putstr(text, "no zone type or "
"template specified");
- CHECK(ISC_R_FAILURE);
+ CLEANUP(ISC_R_FAILURE);
}
}
(void)putstr(text, cfg_obj_asstring(obj));
(void)putstr(text, "' zones not supported by ");
(void)putstr(text, bn);
- CHECK(ISC_R_FAILURE);
+ CLEANUP(ISC_R_FAILURE);
}
if (strcasecmp(cfg_obj_asstring(obj), "redirect") == 0) {
cfg_map_get(config, "zone", &zl);
if (!cfg_obj_islist(zl)) {
- CHECK(ISC_R_FAILURE);
+ CLEANUP(ISC_R_FAILURE);
}
cfg_list_t *list = UNCONST(&zl->value.list);
TCHECK(putstr(text, "unable to open NZD database for '"));
TCHECK(putstr(text, view->newzone.db));
TCHECK(putstr(text, "'"));
- CHECK(ISC_R_FAILURE);
+ CLEANUP(ISC_R_FAILURE);
}
#endif /* HAVE_LMDB */
/* Is it there yet? */
if (redirect) {
if (view->redirect == NULL) {
- CHECK(ISC_R_NOTFOUND);
+ CLEANUP(ISC_R_NOTFOUND);
}
dns_zone_attach(view->redirect, &zone);
} else {
/* Is it there yet? */
if (redirect) {
if (view->redirect == NULL) {
- CHECK(ISC_R_NOTFOUND);
+ CLEANUP(ISC_R_NOTFOUND);
}
dns_zone_attach(view->redirect, &zone);
} else {
(void)putstr(text, "Not allowing new zones in view '");
(void)putstr(text, view->name);
(void)putstr(text, "'");
- CHECK(ISC_R_NOPERM);
+ CLEANUP(ISC_R_NOPERM);
}
zonename = cfg_obj_asstring(cfg_tuple_get(zoneobj, "name"));
if (!dns_name_equal(dnsname, dns_rootname)) {
(void)putstr(text, "redirect zones must be called "
"\".\"");
- CHECK(ISC_R_FAILURE);
+ CLEANUP(ISC_R_FAILURE);
}
}
CHECK(zone_from_args(server, lex, ptr, &zone, zonename, text, false));
if (zone == NULL) {
- CHECK(ISC_R_UNEXPECTEDEND);
+ CLEANUP(ISC_R_UNEXPECTEDEND);
}
INSIST(zonename != NULL);
TCHECK(putstr(text, zonename));
TCHECK(putstr(text,
"' cannot be deleted: response-policy zone."));
- CHECK(ISC_R_FAILURE);
+ CLEANUP(ISC_R_FAILURE);
}
view = dns_zone_getview(zone);
/* Parse parameters */
CHECK(zone_from_args(server, lex, NULL, &zone, zonename, text, true));
if (zone == NULL) {
- CHECK(ISC_R_UNEXPECTEDEND);
+ CLEANUP(ISC_R_UNEXPECTEDEND);
}
zconfig = dns_zone_getcfg(zone);
dns_zone_detach(&zone);
if (zconfig == NULL) {
- CHECK(ISC_R_NOTFOUND);
+ CLEANUP(ISC_R_NOTFOUND);
}
CHECK(putstr(text, "zone "));
CHECK(isc_parse_uint32(&serial, ptr, 10));
setserial = true;
} else {
- CHECK(DNS_R_SYNTAX);
+ CLEANUP(DNS_R_SYNTAX);
}
CHECK(zone_from_args(server, lex, NULL, &zone, NULL, text, false));
if (zone == NULL) {
- CHECK(ISC_R_UNEXPECTEDEND);
+ CLEANUP(ISC_R_UNEXPECTEDEND);
}
if (dns_zone_getkasp(zone) != NULL) {
} else if (strcasecmp(ptr, "-step") == 0) {
forcestep = true;
} else {
- CHECK(DNS_R_SYNTAX);
+ CLEANUP(DNS_R_SYNTAX);
}
if (status) {
ptr = next_token(lex, text);
if (ptr == NULL) {
msg = "Bad format";
- CHECK(ISC_R_UNEXPECTEDEND);
+ CLEANUP(ISC_R_UNEXPECTEDEND);
} else if (argcheck(ptr, "alg")) {
isc_consttextregion_t alg;
ptr = next_token(lex, text);
if (ptr == NULL) {
msg = "No key algorithm specified";
- CHECK(ISC_R_UNEXPECTEDEND);
+ CLEANUP(ISC_R_UNEXPECTEDEND);
}
alg.base = ptr;
alg.length = strlen(alg.base);
&algorithm, (isc_textregion_t *)&alg);
if (result != ISC_R_SUCCESS) {
msg = "Bad algorithm";
- CHECK(DNS_R_SYNTAX);
+ CLEANUP(DNS_R_SYNTAX);
}
continue;
} else if (argcheck(ptr, "key")) {
ptr = next_token(lex, text);
if (ptr == NULL) {
msg = "No key identifier specified";
- CHECK(ISC_R_UNEXPECTEDEND);
+ CLEANUP(ISC_R_UNEXPECTEDEND);
}
CHECK(isc_parse_uint16(&id, ptr, 10));
keyid = (dns_keytag_t)id;
ptr = next_token(lex, text);
if (ptr == NULL) {
msg = "No time specified";
- CHECK(ISC_R_UNEXPECTEDEND);
+ CLEANUP(ISC_R_UNEXPECTEDEND);
}
CHECK(dns_time32_fromtext(ptr, &tw));
when = (isc_stdtime_t)tw;
continue;
} else if (ptr[0] == '-') {
msg = "Unknown option";
- CHECK(DNS_R_SYNTAX);
+ CLEANUP(DNS_R_SYNTAX);
} else if (checkds) {
/*
* No arguments provided, so we must be
if (strcasecmp(ptr, "published") == 0) {
dspublish = true;
} else if (strcasecmp(ptr, "withdrawn") != 0) {
- CHECK(DNS_R_SYNTAX);
+ CLEANUP(DNS_R_SYNTAX);
}
} else if (rollover) {
/*
if (rollover && !use_keyid) {
msg = "Key id is required when scheduling rollover";
- CHECK(DNS_R_SYNTAX);
+ CLEANUP(DNS_R_SYNTAX);
}
if (algorithm > 0 && !use_keyid) {
msg = "Key id is required when setting algorithm";
- CHECK(DNS_R_SYNTAX);
+ CLEANUP(DNS_R_SYNTAX);
}
}
CHECK(zone_from_args(server, lex, zonetext, &zone, NULL, text, false));
if (zone == NULL) {
msg = "Zone not found";
- CHECK(ISC_R_UNEXPECTEDEND);
+ CLEANUP(ISC_R_UNEXPECTEDEND);
}
/* Trailing garbage? */
ptr = next_token(lex, text);
if (ptr != NULL) {
msg = "Too many arguments";
- CHECK(DNS_R_SYNTAX);
+ CLEANUP(DNS_R_SYNTAX);
}
/* Get dnssec-policy. */
CHECK(zone_from_args(server, lex, NULL, &zone, zonename, text, true));
if (zone == NULL) {
- CHECK(ISC_R_UNEXPECTEDEND);
+ CLEANUP(ISC_R_UNEXPECTEDEND);
}
/* Inline signing? */
ptr = next_token(lex, text);
if (ptr == NULL) {
msg = "No lifetime specified";
- CHECK(ISC_R_UNEXPECTEDEND);
+ CLEANUP(ISC_R_UNEXPECTEDEND);
}
tr.base = ptr;
if (ntattl > 604800) {
msg = "NTA lifetime cannot exceed one week";
- CHECK(ISC_R_RANGE);
+ CLEANUP(ISC_R_RANGE);
}
ttlset = true;
ptr = next_token(lex, text);
if (ptr == NULL) {
msg = "No class specified";
- CHECK(ISC_R_UNEXPECTEDEND);
+ CLEANUP(ISC_R_UNEXPECTEDEND);
}
tr.base = ptr;
continue;
} else if (ptr[0] == '-') {
msg = "Unknown option";
- CHECK(DNS_R_SYNTAX);
+ CLEANUP(DNS_R_SYNTAX);
} else {
nametext = ptr;
}
NAMED_LOGMODULE_CONTROL, ISC_LOG_INFO,
"rejecting restricted control channel "
"NTA command");
- CHECK(ISC_R_FAILURE);
+ CLEANUP(ISC_R_FAILURE);
}
/* Get the NTA name if not found above. */
}
if (next_token(lex, text) != NULL) {
- CHECK(DNS_R_SYNTAX);
+ CLEANUP(DNS_R_SYNTAX);
}
now = isc_stdtime_now();
bool removed_a_file = false;
if (view->managed_keys == NULL) {
- CHECK(ISC_R_NOTFOUND);
+ CLEANUP(ISC_R_NOTFOUND);
}
snprintf(msg, sizeof(msg), "destroying managed-keys database for '%s'",
if (!removed_a_file) {
CHECK(putstr(text, "error: no files could be removed"));
- CHECK(ISC_R_FAILURE);
+ CLEANUP(ISC_R_FAILURE);
}
dns_zone_detach(&mkzone);
} else {
snprintf(msg, sizeof(msg), "unknown command '%s'", cmd);
(void)putstr(text, msg);
- CHECK(ISC_R_UNEXPECTED);
+ CLEANUP(ISC_R_UNEXPECTED);
}
/* Look for the optional class name. */
CHECK(isc_parse_uint32(&initial, ptr, 10));
initial *= 100;
if (initial > MAX_INITIAL_TIMEOUT) {
- CHECK(ISC_R_RANGE);
+ CLEANUP(ISC_R_RANGE);
}
if (initial < MIN_INITIAL_TIMEOUT) {
- CHECK(ISC_R_RANGE);
+ CLEANUP(ISC_R_RANGE);
}
ptr = next_token(lex, text);
CHECK(isc_parse_uint32(&idle, ptr, 10));
idle *= 100;
if (idle > MAX_IDLE_TIMEOUT) {
- CHECK(ISC_R_RANGE);
+ CLEANUP(ISC_R_RANGE);
}
if (idle < MIN_IDLE_TIMEOUT) {
- CHECK(ISC_R_RANGE);
+ CLEANUP(ISC_R_RANGE);
}
ptr = next_token(lex, text);
CHECK(isc_parse_uint32(&keepalive, ptr, 10));
keepalive *= 100;
if (keepalive > MAX_KEEPALIVE_TIMEOUT) {
- CHECK(ISC_R_RANGE);
+ CLEANUP(ISC_R_RANGE);
}
if (keepalive < MIN_KEEPALIVE_TIMEOUT) {
- CHECK(ISC_R_RANGE);
+ CLEANUP(ISC_R_RANGE);
}
ptr = next_token(lex, text);
CHECK(isc_parse_uint32(&advertised, ptr, 10));
advertised *= 100;
if (advertised > MAX_ADVERTISED_TIMEOUT) {
- CHECK(ISC_R_RANGE);
+ CLEANUP(ISC_R_RANGE);
}
ptr = next_token(lex, text);
CHECK(isc_parse_uint32(&primaries, ptr, 10));
primaries *= 100;
if (primaries > MAX_PRIMARIES_TIMEOUT) {
- CHECK(ISC_R_RANGE);
+ CLEANUP(ISC_R_RANGE);
}
if (primaries < MIN_PRIMARIES_TIMEOUT) {
- CHECK(ISC_R_RANGE);
+ CLEANUP(ISC_R_RANGE);
}
isc_nm_setinitialtimeout(initial);
s = snprintf(tbuf, sizeof(tbuf),
" (fetches-per-server %u):", val);
if (s < 0 || (unsigned int)s > sizeof(tbuf)) {
- CHECK(ISC_R_NOSPACE);
+ CLEANUP(ISC_R_NOSPACE);
}
first = false;
CHECK(putstr(text, tbuf));
s = snprintf(tbuf, sizeof(tbuf),
" (fetches-per-zone %u):", val);
if (s < 0 || (unsigned int)s > sizeof(tbuf)) {
- CHECK(ISC_R_NOSPACE);
+ CLEANUP(ISC_R_NOSPACE);
}
CHECK(putstr(text, tbuf));
used = isc_buffer_usedlength(text);
}
if (strcasecmp(ptr, "-import") != 0) {
- CHECK(DNS_R_SYNTAX);
+ CLEANUP(DNS_R_SYNTAX);
}
ptr = next_token(lex, NULL);
CHECK(zone_from_args(server, lex, NULL, &zone, NULL, text, false));
if (zone == NULL) {
- CHECK(ISC_R_UNEXPECTEDEND);
+ CLEANUP(ISC_R_UNEXPECTEDEND);
}
kasp = dns_zone_getkasp(zone);
if (kasp == NULL) {
if (zonestats != NULL) {
json_object *counters = json_object_new_object();
if (counters == NULL) {
- CHECK(ISC_R_NOMEMORY);
+ CLEANUP(ISC_R_NOMEMORY);
}
result = dump_stats(zonestats, isc_statsformat_json,
if (gluecachestats != NULL) {
json_object *counters = json_object_new_object();
if (counters == NULL) {
- CHECK(ISC_R_NOMEMORY);
+ CLEANUP(ISC_R_NOMEMORY);
}
result = dump_stats(
}
if (xfrinobj == NULL) {
- CHECK(ISC_R_NOMEMORY);
+ CLEANUP(ISC_R_NOMEMORY);
}
result = dns_zone_getxfr(zone, &xfr, &is_firstrefresh, &is_running,
if ((pf == AF_INET && isc_net_probeipv4() != ISC_R_SUCCESS) ||
(pf == AF_INET6 && isc_net_probeipv6() != ISC_R_SUCCESS))
{
- CHECK(ISC_R_FAMILYNOSUPPORT);
+ CLEANUP(ISC_R_FAMILYNOSUPPORT);
}
CHECK(isc_httpdmgr_create(server->mctx, addr, client_ok,
tlsid = cfg_obj_asstring(cfg_map_getname(tls));
if (!strcmp(tlsid, "ephemeral")) {
- CHECK(ISC_R_UNEXPECTEDTOKEN);
+ CLEANUP(ISC_R_UNEXPECTEDTOKEN);
}
create_name(tlsid, tlsname);
"key '%s': has a "
"unsupported algorithm '%s'",
keyid, algstr);
- CHECK(DNS_R_BADALG);
+ CLEANUP(DNS_R_BADALG);
}
secretstr = cfg_obj_asstring(secretobj);
"failed to enable auto DDNS policy "
"for zone %s: session key not found",
zname);
- CHECK(ISC_R_NOTFOUND);
+ CLEANUP(ISC_R_NOTFOUND);
}
dns_ssutable_addrule(
"No NS record is configured for a "
"static-stub zone '%s'",
zname);
- CHECK(ISC_R_FAILURE);
+ CLEANUP(ISC_R_FAILURE);
}
/*
if (argc != 2) {
log_error("exactly two parameters "
"(absolute zone names) are required");
- CHECK(ISC_R_FAILURE);
+ CLEANUP(ISC_R_FAILURE);
}
result = dns_name_fromstring(z1, argv[0], dns_rootname, 0, mctx);
if (result != ISC_R_SUCCESS) {
/* Zone has a view set -> view should contain the same zone. */
if (zone_in_view == zone) {
/* Zone is already published in the right view. */
- result = ISC_R_SUCCESS;
- goto cleanup;
+ CLEANUP(ISC_R_SUCCESS);
} else if (view_in_zone != inst->view) {
/*
* Un-published inactive zone will have
dns_zone_log(zone, ISC_LOG_ERROR,
"zone->view doesn't "
"match data in the view");
- CHECK(ISC_R_UNEXPECTED);
+ CLEANUP(ISC_R_UNEXPECTED);
}
}
dns_zone_log(zone, ISC_LOG_ERROR,
"cannot publish zone: view already "
"contains another zone with this name");
- CHECK(ISC_R_UNEXPECTED);
+ CLEANUP(ISC_R_UNEXPECTED);
}
if (inst->view->frozen) {
RETERR(dns_rdata_tostruct(&rdata, &ptr, NULL));
if (dns_name_countlabels(&ptr.ptr) == 0) {
- CHECK(ISC_R_FAILURE);
+ CLEANUP(ISC_R_FAILURE);
}
CHECK(isc_ht_find(catz->entries, mhash->base, mhash->length,
(void **)&entry));
if (dns_name_countlabels(&entry->name) == 0) {
- CHECK(ISC_R_FAILURE);
+ CLEANUP(ISC_R_FAILURE);
}
catz_coo_add(catz, entry, &ptr.ptr);
result = dns_rdata_txt_next(&rdatatxt);
if (result != ISC_R_NOMORE) {
- CHECK(ISC_R_FAILURE);
+ CLEANUP(ISC_R_FAILURE);
}
if (rdatastr.length > 15) {
- CHECK(ISC_R_BADNUMBER);
+ CLEANUP(ISC_R_BADNUMBER);
}
memmove(t, rdatastr.data, rdatastr.length);
t[rdatastr.length] = 0;
"catz: zone '%s' uses an invalid primary "
"(no IP address assigned)",
zname);
- CHECK(ISC_R_FAILURE);
+ CLEANUP(ISC_R_FAILURE);
}
isc_netaddr_fromsockaddr(&netaddr,
&entry->opts.masters.addrs[i]);
LOCK(&catzs->lock);
if (catzs->zones == NULL) {
- CHECK(ISC_R_SHUTTINGDOWN);
+ CLEANUP(ISC_R_SHUTTINGDOWN);
}
CHECK(isc_ht_find(catzs->zones, r.base, r.length, (void **)&catz));
result = dns_view_findzone(view, origin, DNS_ZTFIND_EXACT, &dupzone);
if (result == ISC_R_SUCCESS) {
dns_zone_detach(&dupzone);
- CHECK(ISC_R_EXISTS);
+ CLEANUP(ISC_R_EXISTS);
}
INSIST(dupzone == NULL);
signeedsfree = true;
if (sig.labels != 0) {
- CHECK(DNS_R_SIGINVALID);
+ CLEANUP(DNS_R_SIGINVALID);
}
if (isc_serial_lt(sig.timeexpire, sig.timesigned)) {
msg->sig0status = dns_tsigerror_badtime;
- CHECK(DNS_R_SIGINVALID);
+ CLEANUP(DNS_R_SIGINVALID);
}
if (msg->fuzzing) {
if (isc_serial_lt((uint32_t)now, sig.timesigned)) {
msg->sig0status = dns_tsigerror_badtime;
- CHECK(DNS_R_SIGFUTURE);
+ CLEANUP(DNS_R_SIGFUTURE);
} else if (isc_serial_lt(sig.timeexpire, (uint32_t)now)) {
msg->sig0status = dns_tsigerror_badtime;
- CHECK(DNS_R_SIGEXPIRED);
+ CLEANUP(DNS_R_SIGEXPIRED);
}
if (!dns_name_equal(dst_key_name(key), &sig.signer)) {
msg->sig0status = dns_tsigerror_badkey;
- CHECK(DNS_R_SIGINVALID);
+ CLEANUP(DNS_R_SIGINVALID);
}
CHECK(dst_context_create(key, mctx, DNS_LOGCATEGORY_DNSSEC, false,
fwopt = fstrm_writer_options_init();
if (fwopt == NULL) {
- CHECK(ISC_R_NOMEMORY);
+ CLEANUP(ISC_R_NOMEMORY);
}
res = fstrm_writer_options_add_content_type(
fwopt, DNSTAP_CONTENT_TYPE, sizeof(DNSTAP_CONTENT_TYPE) - 1);
if (res != fstrm_res_success) {
- CHECK(ISC_R_FAILURE);
+ CLEANUP(ISC_R_FAILURE);
}
if (mode == dns_dtmode_file) {
fw = fstrm_unix_writer_init(fuwopt, fwopt);
}
} else {
- CHECK(ISC_R_FAILURE);
+ CLEANUP(ISC_R_FAILURE);
}
if (fw == NULL) {
- CHECK(ISC_R_FAILURE);
+ CLEANUP(ISC_R_FAILURE);
}
env->iothr = fstrm_iothr_init(*foptp, &fw);
ISC_LOG_WARNING,
"unable to initialize dnstap I/O thread");
fstrm_writer_destroy(&fw);
- CHECK(ISC_R_FAILURE);
+ CLEANUP(ISC_R_FAILURE);
}
env->mode = mode;
env->max_size = 0;
*/
fwopt = fstrm_writer_options_init();
if (fwopt == NULL) {
- CHECK(ISC_R_NOMEMORY);
+ CLEANUP(ISC_R_NOMEMORY);
}
res = fstrm_writer_options_add_content_type(
fwopt, DNSTAP_CONTENT_TYPE, sizeof(DNSTAP_CONTENT_TYPE) - 1);
if (res != fstrm_res_success) {
- CHECK(ISC_R_FAILURE);
+ CLEANUP(ISC_R_FAILURE);
}
if (env->mode == dns_dtmode_file) {
fw = fstrm_unix_writer_init(fuwopt, fwopt);
}
} else {
- CHECK(ISC_R_NOTIMPLEMENTED);
+ CLEANUP(ISC_R_NOTIMPLEMENTED);
}
if (fw == NULL) {
- CHECK(ISC_R_FAILURE);
+ CLEANUP(ISC_R_FAILURE);
}
/*
isc_log_write(DNS_LOGCATEGORY_DNSTAP, DNS_LOGMODULE_DNSTAP,
ISC_LOG_WARNING,
"unable to initialize dnstap I/O thread");
- CHECK(ISC_R_FAILURE);
+ CLEANUP(ISC_R_FAILURE);
}
cleanup:
case dns_dtmode_file:
fopt = fstrm_file_options_init();
if (fopt == NULL) {
- CHECK(ISC_R_NOMEMORY);
+ CLEANUP(ISC_R_NOMEMORY);
}
fstrm_file_options_set_file_path(fopt, filename);
handle->reader = fstrm_file_reader_init(fopt, NULL);
if (handle->reader == NULL) {
- CHECK(ISC_R_NOMEMORY);
+ CLEANUP(ISC_R_NOMEMORY);
}
res = fstrm_reader_open(handle->reader);
if (res != fstrm_res_success) {
- CHECK(ISC_R_FAILURE);
+ CLEANUP(ISC_R_FAILURE);
}
if (!dnstap_file(handle->reader)) {
- CHECK(DNS_R_BADDNSTAP);
+ CLEANUP(DNS_R_BADDNSTAP);
}
break;
case dns_dtmode_unix:
d->frame = dnstap__dnstap__unpack(NULL, src->length, src->base);
if (d->frame == NULL) {
- CHECK(ISC_R_NOMEMORY);
+ CLEANUP(ISC_R_NOMEMORY);
}
frame = (Dnstap__Dnstap *)d->frame;
if (frame->type != DNSTAP__DNSTAP__TYPE__MESSAGE) {
- CHECK(DNS_R_BADDNSTAP);
+ CLEANUP(DNS_R_BADDNSTAP);
}
m = frame->message;
d->type = DNS_DTTYPE_UR;
break;
default:
- CHECK(DNS_R_BADDNSTAP);
+ CLEANUP(DNS_R_BADDNSTAP);
}
/* Query? */
CHECK(result); \
} while ((*token).type != isc_tokentype_eol)
-#define BADTOKEN() CHECK(ISC_R_UNEXPECTEDTOKEN)
+#define BADTOKEN() CLEANUP(ISC_R_UNEXPECTEDTOKEN)
static const char *numerictags[DST_MAX_NUMERIC] = {
[DST_NUM_PREDECESSOR] = "Predecessor:",
if (!dns_name_equal(name, key->key_name) || id != key->key_id ||
alg != key->key_alg)
{
- CHECK(DST_R_INVALIDPRIVATEKEY);
+ CLEANUP(DST_R_INVALIDPRIVATEKEY);
}
*keyp = key;
pubkey->key_ttl, mctx);
if (key->func->parse == NULL) {
- CHECK(DST_R_UNSUPPORTEDALG);
+ CLEANUP(DST_R_UNSUPPORTEDALG);
}
newfilenamelen = strlen(filename) + 9;
CHECK(computeid(key));
if (pubkey->key_id != key->key_id) {
- CHECK(DST_R_INVALIDPRIVATEKEY);
+ CLEANUP(DST_R_INVALIDPRIVATEKEY);
}
key->modified = false;
"failed to dlopen() DynDB instance '%s' driver "
"'%s': %s",
instname, filename, errmsg);
- CHECK(ISC_R_FAILURE);
+ CLEANUP(ISC_R_FAILURE);
}
CHECK(load_symbol(&imp->handle, filename, "dyndb_version",
ISC_LOG_ERROR,
"driver API version mismatch: %d/%d", version,
DNS_DYNDB_VERSION);
- CHECK(ISC_R_FAILURE);
+ CLEANUP(ISC_R_FAILURE);
}
CHECK(load_symbol(&imp->handle, filename, "dyndb_init",
/* duplicate instance names are not allowed */
if (impfind(name) != NULL) {
- CHECK(ISC_R_EXISTS);
+ CLEANUP(ISC_R_EXISTS);
}
CHECK(load_library(mctx, libname, name, &implementation));
gret = gss_import_name(&minor, &gnamebuf, GSS_C_NO_OID, &gname);
if (gret != GSS_S_COMPLETE) {
gss_err_message(mctx, gret, minor, err_message);
- CHECK(ISC_R_FAILURE);
+ CLEANUP(ISC_R_FAILURE);
}
if (intoken != NULL) {
gss_log(3, "Failure initiating security context");
}
- CHECK(ISC_R_FAILURE);
+ CLEANUP(ISC_R_FAILURE);
}
/*
gss_log(3, "failed gss_display_name: %s",
gss_error_tostring(gret, minor, buf,
sizeof(buf)));
- CHECK(ISC_R_FAILURE);
+ CLEANUP(ISC_R_FAILURE);
}
/*
*/
result = isc_stdio_open(j->filename, "rb+", &fp);
} else {
- CHECK(ISC_R_NOTFOUND);
+ CLEANUP(ISC_R_NOTFOUND);
}
}
if (result != ISC_R_SUCCESS) {
isc_log_write(DNS_LOGCATEGORY_GENERAL, DNS_LOGMODULE_JOURNAL,
ISC_LOG_ERROR, "%s: open: %s", j->filename,
isc_result_totext(result));
- CHECK(ISC_R_UNEXPECTED);
+ CLEANUP(ISC_R_UNEXPECTED);
}
j->fp = fp;
isc_log_write(DNS_LOGCATEGORY_GENERAL, DNS_LOGMODULE_JOURNAL,
ISC_LOG_ERROR,
"%s: journal format not recognized", j->filename);
- CHECK(ISC_R_UNEXPECTED);
+ CLEANUP(ISC_R_UNEXPECTED);
}
journal_header_decode(&rawheader, &j->header);
}
if (db_serial == end_serial) {
- CHECK(DNS_R_UPTODATE);
+ CLEANUP(DNS_R_UPTODATE);
}
CHECK(dns_journal_iter_init(j, db_serial, end_serial, NULL));
"%s: journal file corrupt: missing "
"initial SOA",
j->filename);
- CHECK(ISC_R_UNEXPECTED);
+ CLEANUP(ISC_R_UNEXPECTED);
}
if ((options & DNS_JOURNALOPT_RESIGN) != 0) {
op = (n_soa == 1) ? DNS_DIFFOP_DELRESIGN
"%s: journal file corrupt: missing "
"initial SOA",
j->filename);
- CHECK(ISC_R_UNEXPECTED);
+ CLEANUP(ISC_R_UNEXPECTED);
}
if (print) {
if (xhdr.serial0 != pos.serial ||
isc_serial_le(xhdr.serial1, xhdr.serial0))
{
- CHECK(ISC_R_UNEXPECTED);
+ CLEANUP(ISC_R_UNEXPECTED);
}
size += xhdr.size;
DNS_LOGMODULE_JOURNAL, ISC_LOG_ERROR,
"%s: journal corrupt: empty transaction",
j->filename);
- CHECK(ISC_R_UNEXPECTED);
+ CLEANUP(ISC_R_UNEXPECTED);
}
if (j->header_ver1) {
"expected serial %u, got %u",
j->filename, j->it.current_serial,
xhdr.serial0);
- CHECK(ISC_R_UNEXPECTED);
+ CLEANUP(ISC_R_UNEXPECTED);
}
j->it.xsize = xhdr.size;
"%s: journal corrupt: impossible RR size "
"(%d bytes)",
j->filename, rrhdr.size);
- CHECK(ISC_R_UNEXPECTED);
+ CLEANUP(ISC_R_UNEXPECTED);
}
size_buffer(j->mctx, &j->it.source, rrhdr.size);
* Check that the RR header is there, and parse it.
*/
if (isc_buffer_remaininglength(&j->it.source) < 10) {
- CHECK(DNS_R_FORMERR);
+ CLEANUP(DNS_R_FORMERR);
}
rdtype = isc_buffer_getuint16(&j->it.source);
"%s: journal corrupt: impossible rdlen "
"(%u bytes)",
j->filename, rdlen);
- CHECK(ISC_R_FAILURE);
+ CLEANUP(ISC_R_FAILURE);
}
/*
* Parse the rdata.
*/
if (isc_buffer_remaininglength(&j->it.source) != rdlen) {
- CHECK(DNS_R_FORMERR);
+ CLEANUP(DNS_R_FORMERR);
}
isc_buffer_setactive(&j->it.source, rdlen);
dns_rdata_reset(&j->it.rdata);
"%s: journal file corrupt, "
"transaction too large",
j1->filename);
- CHECK(ISC_R_FAILURE);
+ CLEANUP(ISC_R_FAILURE);
}
buf = isc_mem_get(mctx, size);
result = journal_read(j1, buf, size);
"%s: journal file corrupt, "
"transaction too large",
j1->filename);
- CHECK(ISC_R_FAILURE);
+ CLEANUP(ISC_R_FAILURE);
}
buf = isc_mem_get(mctx, size);
CHECK(journal_read(j1, buf, size));
if (!check_delta(buf, size)) {
- CHECK(ISC_R_UNEXPECTED);
+ CLEANUP(ISC_R_UNEXPECTED);
}
} else {
CHECK(result);
if (xhdr.serial0 != serial ||
isc_serial_le(xhdr.serial1, xhdr.serial0))
{
- CHECK(ISC_R_UNEXPECTED);
+ CLEANUP(ISC_R_UNEXPECTED);
}
/*
(void)isc_file_remove(backup);
} else {
maperrno:
- CHECK(ISC_R_FAILURE);
+ CLEANUP(ISC_R_FAILURE);
}
}
sizeof(uint16_t) + sizeof(uint16_t) +
sizeof(uint32_t) + sizeof(uint32_t);
if (totallen < minlen) {
- CHECK(ISC_R_RANGE);
+ CLEANUP(ISC_R_RANGE);
}
totallen -= sizeof(totallen);
dns_rdatalist_init(&rdatalist);
rdatalist.rdclass = isc_buffer_getuint16(&target);
if (lctx->zclass != rdatalist.rdclass) {
- CHECK(DNS_R_BADCLASS);
+ CLEANUP(DNS_R_BADCLASS);
}
rdatalist.type = isc_buffer_getuint16(&target);
rdatalist.covers = isc_buffer_getuint16(&target);
rdatalist.ttl = isc_buffer_getuint32(&target);
rdcount = isc_buffer_getuint32(&target);
if (rdcount == 0 || rdcount > 0xffff) {
- CHECK(ISC_R_RANGE);
+ CLEANUP(ISC_R_RANGE);
}
INSIST(isc_buffer_consumedlength(&target) <= readlen);
lctx->f, &totallen));
namelen = isc_buffer_getuint16(&target);
if (namelen > sizeof(namebuf)) {
- CHECK(ISC_R_RANGE);
+ CLEANUP(ISC_R_RANGE);
}
CHECK(read_and_check(sequential_read, &target, namelen, lctx->f,
"TTL %d exceeds configured "
"max-zone-ttl %d",
rdatalist.ttl, lctx->maxttl);
- CHECK(ISC_R_RANGE);
+ CLEANUP(ISC_R_RANGE);
}
/* Rdata contents. */
* or malformed data.
*/
if (isc_buffer_remaininglength(&target) != 0 || totallen != 0) {
- CHECK(ISC_R_RANGE);
+ CLEANUP(ISC_R_RANGE);
}
ISC_LIST_APPEND(head, &rdatalist, link);
*/
isc_buffer_remainingregion(source, &r);
if (r.length < 4) {
- CHECK(ISC_R_UNEXPECTEDEND);
+ CLEANUP(ISC_R_UNEXPECTEDEND);
}
rdtype = isc_buffer_getuint16(source);
rdclass = isc_buffer_getuint16(source);
*/
isc_buffer_remainingregion(source, &r);
if (r.length < 2 + 2 + 4 + 2) {
- CHECK(ISC_R_UNEXPECTEDEND);
+ CLEANUP(ISC_R_UNEXPECTEDEND);
}
rdtype = isc_buffer_getuint16(source);
rdclass = isc_buffer_getuint16(source);
rdatalen = isc_buffer_getuint16(source);
r.length -= (2 + 2 + 4 + 2);
if (r.length < rdatalen) {
- CHECK(ISC_R_UNEXPECTEDEND);
+ CLEANUP(ISC_R_UNEXPECTEDEND);
}
/*
update(sectionid, rdclass))
{
if (rdatalen != 0) {
- CHECK(DNS_R_FORMERR);
+ CLEANUP(DNS_R_FORMERR);
}
/*
* When the rdata is empty, the data pointer is
if (rdtype == dns_rdatatype_nsec3 &&
!dns_rdata_checkowner(name, msg->rdclass, rdtype, false))
{
- CHECK(DNS_R_BADOWNERNAME);
+ CLEANUP(DNS_R_BADOWNERNAME);
}
/*
if (isc_buffer_availablelength(target) <
1)
{
- CHECK(ISC_R_NOSPACE);
+ CLEANUP(ISC_R_NOSPACE);
}
isc_buffer_putmem(target, &data[i], 1);
} else {
}
if (len > 0xffffU) {
- CHECK(ISC_R_NOSPACE);
+ CLEANUP(ISC_R_NOSPACE);
}
isc_buffer_allocate(message->mctx, &buf, len);
#include "openssl_shim.h"
-#define DST_RET(a) \
- { \
- result = a; \
- goto cleanup; \
- }
-
static isc_result_t
dst__openssl_fromlabel_provider(int key_base_id, const char *label,
const char *pin, EVP_PKEY **ppub,
ctx = OSSL_STORE_open(label, NULL, NULL, NULL, NULL);
if (!ctx) {
- DST_RET(dst__openssl_toresult(DST_R_OPENSSLFAILURE));
+ CLEANUP(dst__openssl_toresult(DST_R_OPENSSLFAILURE));
}
while (!OSSL_STORE_eof(ctx)) {
case OSSL_STORE_INFO_PKEY:
if (*ppriv != NULL) {
OSSL_STORE_INFO_free(info);
- DST_RET(DST_R_INVALIDPRIVATEKEY);
+ CLEANUP(DST_R_INVALIDPRIVATEKEY);
}
*ppriv = OSSL_STORE_INFO_get1_PKEY(info);
if (EVP_PKEY_get_base_id(*ppriv) != key_base_id) {
OSSL_STORE_INFO_free(info);
- DST_RET(DST_R_BADKEYTYPE);
+ CLEANUP(DST_R_BADKEYTYPE);
}
break;
case OSSL_STORE_INFO_PUBKEY:
if (*ppub != NULL) {
OSSL_STORE_INFO_free(info);
- DST_RET(DST_R_INVALIDPUBLICKEY);
+ CLEANUP(DST_R_INVALIDPUBLICKEY);
}
*ppub = OSSL_STORE_INFO_get1_PUBKEY(info);
if (EVP_PKEY_get_base_id(*ppub) != key_base_id) {
OSSL_STORE_INFO_free(info);
- DST_RET(DST_R_BADKEYTYPE);
+ CLEANUP(DST_R_BADKEYTYPE);
}
break;
}
#define MAX_PRIVKEY_SIZE (MAX_PUBKEY_SIZE / 2)
-#define DST_RET(a) \
- { \
- result = a; \
- goto cleanup; \
- }
-
#if OPENSSL_VERSION_NUMBER >= 0x30200000L
static isc_result_t
opensslecdsa_set_deterministic(EVP_PKEY_CTX *pctx, unsigned int key_alg) {
bld = OSSL_PARAM_BLD_new();
if (bld == NULL) {
- DST_RET(dst__openssl_toresult2("OSSL_PARAM_BLD_new",
+ CLEANUP(dst__openssl_toresult2("OSSL_PARAM_BLD_new",
DST_R_OPENSSLFAILURE));
}
status = OSSL_PARAM_BLD_push_utf8_string(
bld, OSSL_PKEY_PARAM_GROUP_NAME, groupname, 0);
if (status != 1) {
- DST_RET(dst__openssl_toresult2("OSSL_PARAM_BLD_push_"
+ CLEANUP(dst__openssl_toresult2("OSSL_PARAM_BLD_push_"
"utf8_string",
DST_R_OPENSSLFAILURE));
}
if (private) {
group = EC_GROUP_new_by_curve_name(group_nid);
if (group == NULL) {
- DST_RET(dst__openssl_toresult2("EC_GROUP_new_by_"
+ CLEANUP(dst__openssl_toresult2("EC_GROUP_new_by_"
"curve_name",
DST_R_OPENSSLFAILURE));
}
priv = BN_bin2bn(key, key_len, NULL);
if (priv == NULL) {
- DST_RET(dst__openssl_toresult2("BN_bin2bn",
+ CLEANUP(dst__openssl_toresult2("BN_bin2bn",
DST_R_OPENSSLFAILURE));
}
status = OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_PRIV_KEY,
priv);
if (status != 1) {
- DST_RET(dst__openssl_toresult2("OSSL_PARAM_BLD_push_BN",
+ CLEANUP(dst__openssl_toresult2("OSSL_PARAM_BLD_push_BN",
DST_R_OPENSSLFAILURE));
}
pubkey = opensslecdsa_generate_public_key(group, priv);
if (pubkey == NULL) {
- DST_RET(dst__openssl_toresult(DST_R_OPENSSLFAILURE));
+ CLEANUP(dst__openssl_toresult(DST_R_OPENSSLFAILURE));
}
key = buf;
POINT_CONVERSION_UNCOMPRESSED, buf,
sizeof(buf), NULL);
if (key_len == 0) {
- DST_RET(dst__openssl_toresult2("EC_POINT_point2oct",
+ CLEANUP(dst__openssl_toresult2("EC_POINT_point2oct",
DST_R_OPENSSLFAILURE));
}
} else {
status = OSSL_PARAM_BLD_push_octet_string(bld, OSSL_PKEY_PARAM_PUB_KEY,
key, key_len);
if (status != 1) {
- DST_RET(dst__openssl_toresult2("OSSL_PARAM_BLD_push_"
+ CLEANUP(dst__openssl_toresult2("OSSL_PARAM_BLD_push_"
"octet_string",
DST_R_OPENSSLFAILURE));
}
params = OSSL_PARAM_BLD_to_param(bld);
if (params == NULL) {
- DST_RET(dst__openssl_toresult2("OSSL_PARAM_BLD_to_param",
+ CLEANUP(dst__openssl_toresult2("OSSL_PARAM_BLD_to_param",
DST_R_OPENSSLFAILURE));
}
ctx = EVP_PKEY_CTX_new_from_name(NULL, "EC", NULL);
if (ctx == NULL) {
- DST_RET(dst__openssl_toresult2("EVP_PKEY_CTX_new_from_name",
+ CLEANUP(dst__openssl_toresult2("EVP_PKEY_CTX_new_from_name",
DST_R_OPENSSLFAILURE));
}
status = EVP_PKEY_fromdata_init(ctx);
if (status != 1) {
/* This will fail if the default provider is an engine.
* Return ISC_R_FAILURE to retry using the legacy API. */
- DST_RET(dst__openssl_toresult(ISC_R_FAILURE));
+ CLEANUP(dst__openssl_toresult(ISC_R_FAILURE));
}
status = EVP_PKEY_fromdata(
ctx, pkey, private ? EVP_PKEY_KEYPAIR : EVP_PKEY_PUBLIC_KEY,
params);
if (status != 1 || *pkey == NULL) {
- DST_RET(dst__openssl_toresult2("EVP_PKEY_fromdata",
+ CLEANUP(dst__openssl_toresult2("EVP_PKEY_fromdata",
DST_R_OPENSSLFAILURE));
}
eckey = EC_KEY_new_by_curve_name(group_nid);
if (eckey == NULL) {
- DST_RET(dst__openssl_toresult(DST_R_OPENSSLFAILURE));
+ CLEANUP(dst__openssl_toresult(DST_R_OPENSSLFAILURE));
}
if (private) {
privkey = BN_bin2bn(key, key_len, NULL);
if (privkey == NULL) {
- DST_RET(dst__openssl_toresult(DST_R_OPENSSLFAILURE));
+ CLEANUP(dst__openssl_toresult(DST_R_OPENSSLFAILURE));
}
if (!EC_KEY_set_private_key(eckey, privkey)) {
- DST_RET(dst__openssl_toresult(DST_R_INVALIDPRIVATEKEY));
+ CLEANUP(dst__openssl_toresult(DST_R_INVALIDPRIVATEKEY));
}
pubkey = opensslecdsa_generate_public_key(group, privkey);
if (pubkey == NULL) {
- DST_RET(dst__openssl_toresult(DST_R_OPENSSLFAILURE));
+ CLEANUP(dst__openssl_toresult(DST_R_OPENSSLFAILURE));
}
if (EC_KEY_set_public_key(eckey, pubkey) != 1) {
- DST_RET(dst__openssl_toresult(DST_R_OPENSSLFAILURE));
+ CLEANUP(dst__openssl_toresult(DST_R_OPENSSLFAILURE));
}
} else {
const unsigned char *cp = buf;
buf[0] = POINT_CONVERSION_UNCOMPRESSED;
memmove(buf + 1, key, key_len);
if (o2i_ECPublicKey(&eckey, &cp, key_len + 1) == NULL) {
- DST_RET(dst__openssl_toresult(DST_R_INVALIDPUBLICKEY));
+ CLEANUP(dst__openssl_toresult(DST_R_INVALIDPUBLICKEY));
}
if (EC_KEY_check_key(eckey) != 1) {
- DST_RET(dst__openssl_toresult(DST_R_INVALIDPUBLICKEY));
+ CLEANUP(dst__openssl_toresult(DST_R_INVALIDPUBLICKEY));
}
}
pkey = EVP_PKEY_new();
if (pkey == NULL) {
- DST_RET(dst__openssl_toresult(ISC_R_NOMEMORY));
+ CLEANUP(dst__openssl_toresult(ISC_R_NOMEMORY));
}
if (!EVP_PKEY_set1_EC_KEY(pkey, eckey)) {
- DST_RET(dst__openssl_toresult(ISC_R_FAILURE));
+ CLEANUP(dst__openssl_toresult(ISC_R_FAILURE));
}
*retkey = pkey;
ctx = EVP_PKEY_CTX_new_from_name(NULL, "EC", "provider=pkcs11");
if (ctx == NULL) {
- DST_RET(dst__openssl_toresult2("EVP_PKEY_CTX_new_from_name",
+ CLEANUP(dst__openssl_toresult2("EVP_PKEY_CTX_new_from_name",
DST_R_OPENSSLFAILURE));
}
status = EVP_PKEY_keygen_init(ctx);
if (status != 1) {
- DST_RET(dst__openssl_toresult2("EVP_PKEY_keygen_init",
+ CLEANUP(dst__openssl_toresult2("EVP_PKEY_keygen_init",
DST_R_OPENSSLFAILURE));
}
status = EVP_PKEY_CTX_set_params(ctx, params);
if (status != 1) {
- DST_RET(dst__openssl_toresult2("EVP_PKEY_CTX_set_params",
+ CLEANUP(dst__openssl_toresult2("EVP_PKEY_CTX_set_params",
DST_R_OPENSSLFAILURE));
}
/*
*/
status = EVP_PKEY_CTX_set_ec_paramgen_curve_nid(ctx, group_nid);
if (status != 1) {
- DST_RET(dst__openssl_toresult2("EVP_PKEY_CTX_set_ec_paramgen_"
+ CLEANUP(dst__openssl_toresult2("EVP_PKEY_CTX_set_ec_paramgen_"
"curve_nid",
DST_R_OPENSSLFAILURE));
}
/* Generate the key. */
status = EVP_PKEY_generate(ctx, retkey);
if (status != 1) {
- DST_RET(dst__openssl_toresult2("EVP_PKEY_generate",
+ CLEANUP(dst__openssl_toresult2("EVP_PKEY_generate",
DST_R_OPENSSLFAILURE));
}
/* Generate the key's parameters. */
ctx = EVP_PKEY_CTX_new_from_name(NULL, "EC", NULL);
if (ctx == NULL) {
- DST_RET(dst__openssl_toresult2("EVP_PKEY_CTX_new_from_name",
+ CLEANUP(dst__openssl_toresult2("EVP_PKEY_CTX_new_from_name",
DST_R_OPENSSLFAILURE));
}
status = EVP_PKEY_paramgen_init(ctx);
if (status != 1) {
- DST_RET(dst__openssl_toresult2("EVP_PKEY_paramgen_init",
+ CLEANUP(dst__openssl_toresult2("EVP_PKEY_paramgen_init",
DST_R_OPENSSLFAILURE));
}
status = EVP_PKEY_CTX_set_ec_paramgen_curve_nid(ctx, group_nid);
if (status != 1) {
- DST_RET(dst__openssl_toresult2("EVP_PKEY_CTX_set_ec_paramgen_"
+ CLEANUP(dst__openssl_toresult2("EVP_PKEY_CTX_set_ec_paramgen_"
"curve_nid",
DST_R_OPENSSLFAILURE));
}
status = EVP_PKEY_paramgen(ctx, ¶ms_pkey);
if (status != 1 || params_pkey == NULL) {
- DST_RET(dst__openssl_toresult2("EVP_PKEY_paramgen",
+ CLEANUP(dst__openssl_toresult2("EVP_PKEY_paramgen",
DST_R_OPENSSLFAILURE));
}
EVP_PKEY_CTX_free(ctx);
/* Generate the key. */
ctx = EVP_PKEY_CTX_new(params_pkey, NULL);
if (ctx == NULL) {
- DST_RET(dst__openssl_toresult2("EVP_PKEY_CTX_new",
+ CLEANUP(dst__openssl_toresult2("EVP_PKEY_CTX_new",
DST_R_OPENSSLFAILURE));
}
status = EVP_PKEY_keygen_init(ctx);
if (status != 1) {
- DST_RET(dst__openssl_toresult2("EVP_PKEY_keygen_init",
+ CLEANUP(dst__openssl_toresult2("EVP_PKEY_keygen_init",
DST_R_OPENSSLFAILURE));
}
status = EVP_PKEY_keygen(ctx, retkey);
if (status != 1) {
- DST_RET(dst__openssl_toresult2("EVP_PKEY_keygen",
+ CLEANUP(dst__openssl_toresult2("EVP_PKEY_keygen",
DST_R_OPENSSLFAILURE));
}
result = ISC_R_SUCCESS;
eckey = EC_KEY_new_by_curve_name(group_nid);
if (eckey == NULL) {
- DST_RET(dst__openssl_toresult2("EC_KEY_new_by_curve_name",
+ CLEANUP(dst__openssl_toresult2("EC_KEY_new_by_curve_name",
DST_R_OPENSSLFAILURE));
}
if (EC_KEY_generate_key(eckey) != 1) {
- DST_RET(dst__openssl_toresult2("EC_KEY_generate_key",
+ CLEANUP(dst__openssl_toresult2("EC_KEY_generate_key",
DST_R_OPENSSLFAILURE));
}
pkey = EVP_PKEY_new();
if (pkey == NULL) {
- DST_RET(dst__openssl_toresult(ISC_R_NOMEMORY));
+ CLEANUP(dst__openssl_toresult(ISC_R_NOMEMORY));
}
if (EVP_PKEY_set1_EC_KEY(pkey, eckey) != 1) {
- DST_RET(dst__openssl_toresult2("EVP_PKEY_set1_EC_KEY",
+ CLEANUP(dst__openssl_toresult2("EVP_PKEY_set1_EC_KEY",
DST_R_OPENSSLFAILURE));
}
*retkey = pkey;
evp_md_ctx = EVP_MD_CTX_create();
if (evp_md_ctx == NULL) {
- DST_RET(dst__openssl_toresult(ISC_R_NOMEMORY));
+ CLEANUP(dst__openssl_toresult(ISC_R_NOMEMORY));
}
if (dctx->key->key_alg == DST_ALG_ECDSA256) {
type = isc__crypto_sha256;
dctx->key->keydata.pkeypair.priv) != 1)
{
EVP_MD_CTX_destroy(evp_md_ctx);
- DST_RET(dst__openssl_toresult3(dctx->category,
+ CLEANUP(dst__openssl_toresult3(dctx->category,
"EVP_DigestSignInit",
ISC_R_FAILURE));
}
dctx->key->keydata.pkeypair.pub) != 1)
{
EVP_MD_CTX_destroy(evp_md_ctx);
- DST_RET(dst__openssl_toresult3(dctx->category,
+ CLEANUP(dst__openssl_toresult3(dctx->category,
"EVP_DigestVerifyInit",
ISC_R_FAILURE));
}
if (EVP_DigestSignUpdate(evp_md_ctx, data->base,
data->length) != 1)
{
- DST_RET(dst__openssl_toresult3(dctx->category,
+ CLEANUP(dst__openssl_toresult3(dctx->category,
"EVP_DigestSignUpdate",
ISC_R_FAILURE));
}
if (EVP_DigestVerifyUpdate(evp_md_ctx, data->base,
data->length) != 1)
{
- DST_RET(dst__openssl_toresult3(dctx->category,
+ CLEANUP(dst__openssl_toresult3(dctx->category,
"EVP_DigestVerifyUpdate",
ISC_R_FAILURE));
}
isc_buffer_availableregion(sig, ®ion);
if (region.length < siglen) {
- DST_RET(ISC_R_NOSPACE);
+ CLEANUP(ISC_R_NOSPACE);
}
if (EVP_DigestSignFinal(evp_md_ctx, NULL, &sigder_len) != 1) {
- DST_RET(dst__openssl_toresult3(
+ CLEANUP(dst__openssl_toresult3(
dctx->category, "EVP_DigestSignFinal", ISC_R_FAILURE));
}
if (sigder_len == 0) {
- DST_RET(ISC_R_FAILURE);
+ CLEANUP(ISC_R_FAILURE);
}
sigder = isc_mem_get(dctx->mctx, sigder_len);
sigder_alloced = sigder_len;
if (EVP_DigestSignFinal(evp_md_ctx, sigder, &sigder_len) != 1) {
- DST_RET(dst__openssl_toresult3(
+ CLEANUP(dst__openssl_toresult3(
dctx->category, "EVP_DigestSignFinal", ISC_R_FAILURE));
}
sigder_copy = sigder;
if (d2i_ECDSA_SIG(&ecdsasig, &sigder_copy, sigder_len) == NULL) {
- DST_RET(dst__openssl_toresult3(dctx->category, "d2i_ECDSA_SIG",
+ CLEANUP(dst__openssl_toresult3(dctx->category, "d2i_ECDSA_SIG",
ISC_R_FAILURE));
}
}
if (sig->length != siglen) {
- DST_RET(DST_R_VERIFYFAILURE);
+ CLEANUP(DST_R_VERIFYFAILURE);
}
ecdsasig = ECDSA_SIG_new();
if (ecdsasig == NULL) {
- DST_RET(dst__openssl_toresult(ISC_R_NOMEMORY));
+ CLEANUP(dst__openssl_toresult(ISC_R_NOMEMORY));
}
r = BN_bin2bn(cp, siglen / 2, NULL);
cp += siglen / 2;
status = i2d_ECDSA_SIG(ecdsasig, NULL);
if (status < 0) {
- DST_RET(dst__openssl_toresult3(dctx->category, "i2d_ECDSA_SIG",
+ CLEANUP(dst__openssl_toresult3(dctx->category, "i2d_ECDSA_SIG",
DST_R_VERIFYFAILURE));
}
sigder_copy = sigder;
status = i2d_ECDSA_SIG(ecdsasig, &sigder_copy);
if (status < 0) {
- DST_RET(dst__openssl_toresult3(dctx->category, "i2d_ECDSA_SIG",
+ CLEANUP(dst__openssl_toresult3(dctx->category, "i2d_ECDSA_SIG",
DST_R_VERIFYFAILURE));
}
keysize = opensslecdsa_key_alg_to_publickey_size(key->key_alg);
isc_buffer_availableregion(data, &r);
if (r.length < keysize) {
- DST_RET(ISC_R_NOSPACE);
+ CLEANUP(ISC_R_NOSPACE);
}
if (!opensslecdsa_extract_public_key(key, r.base, keysize)) {
- DST_RET(dst__openssl_toresult(DST_R_OPENSSLFAILURE));
+ CLEANUP(dst__openssl_toresult(DST_R_OPENSSLFAILURE));
}
isc_buffer_add(data, keysize);
isc_buffer_remainingregion(data, &r);
if (r.length == 0) {
- DST_RET(ISC_R_SUCCESS);
+ CLEANUP(ISC_R_SUCCESS);
}
if (r.length != len) {
- DST_RET(DST_R_INVALIDPUBLICKEY);
+ CLEANUP(DST_R_INVALIDPUBLICKEY);
}
CHECK(opensslecdsa_create_pkey(key->key_alg, false, r.base, len,
unsigned short i;
if (key->keydata.pkeypair.pub == NULL) {
- DST_RET(DST_R_NULLKEY);
+ CLEANUP(DST_R_NULLKEY);
}
if (key->external) {
priv.nelements = 0;
- DST_RET(dst__privstruct_writefile(key, &priv, directory));
+ CLEANUP(dst__privstruct_writefile(key, &priv, directory));
}
if (key->keydata.pkeypair.priv == NULL) {
- DST_RET(DST_R_NULLKEY);
+ CLEANUP(DST_R_NULLKEY);
}
keylen = opensslecdsa_key_alg_to_publickey_size(key->key_alg) / 2;
if (key->external) {
if (priv.nelements != 0 || pub == NULL) {
- DST_RET(dst__openssl_toresult(DST_R_INVALIDPRIVATEKEY));
+ CLEANUP(dst__openssl_toresult(DST_R_INVALIDPRIVATEKEY));
}
key->keydata.pkeypair.priv = pub->keydata.pkeypair.priv;
key->keydata.pkeypair.pub = pub->keydata.pkeypair.pub;
pub->keydata.pkeypair.priv = NULL;
pub->keydata.pkeypair.pub = NULL;
- DST_RET(ISC_R_SUCCESS);
+ CLEANUP(ISC_R_SUCCESS);
}
for (i = 0; i < priv.nelements; i++) {
if (pub != NULL && EVP_PKEY_eq(key->keydata.pkeypair.pub,
pub->keydata.pkeypair.pub) != 1)
{
- DST_RET(DST_R_INVALIDPRIVATEKEY);
+ CLEANUP(DST_R_INVALIDPRIVATEKEY);
}
- DST_RET(ISC_R_SUCCESS);
+ CLEANUP(ISC_R_SUCCESS);
}
if (privkey_index < 0) {
- DST_RET(dst__openssl_toresult(DST_R_INVALIDPRIVATEKEY));
+ CLEANUP(dst__openssl_toresult(DST_R_INVALIDPRIVATEKEY));
}
CHECK(opensslecdsa_create_pkey(
/* Check that the public component matches if given */
if (pub != NULL && EVP_PKEY_eq(pkey, pub->keydata.pkeypair.pub) != 1) {
- DST_RET(DST_R_INVALIDPRIVATEKEY);
+ CLEANUP(DST_R_INVALIDPRIVATEKEY);
}
key->key_size = EVP_PKEY_bits(pkey);
#include "dst_parse.h"
#include "openssl_shim.h"
-#define DST_RET(a) \
- { \
- result = a; \
- goto cleanup; \
- }
-
#ifndef NID_ED25519
#error "Ed25519 group is not known (NID_ED25519)"
#endif /* ifndef NID_ED25519 */
siglen = alginfo->sig_size;
isc_buffer_availableregion(sig, &sigreg);
if (sigreg.length < (unsigned int)siglen) {
- DST_RET(ISC_R_NOSPACE);
+ CLEANUP(ISC_R_NOSPACE);
}
isc_buffer_usedregion(buf, &tbsreg);
if (EVP_DigestSignInit(ctx, NULL, NULL, NULL, pkey) != 1) {
- DST_RET(dst__openssl_toresult3(
+ CLEANUP(dst__openssl_toresult3(
dctx->category, "EVP_DigestSignInit", ISC_R_FAILURE));
}
if (EVP_DigestSign(ctx, sigreg.base, &siglen, tbsreg.base,
tbsreg.length) != 1)
{
- DST_RET(dst__openssl_toresult3(dctx->category, "EVP_DigestSign",
+ CLEANUP(dst__openssl_toresult3(dctx->category, "EVP_DigestSign",
DST_R_SIGNFAILURE));
}
isc_buffer_add(sig, (unsigned int)siglen);
}
if (sig->length != alginfo->sig_size) {
- DST_RET(DST_R_VERIFYFAILURE);
+ CLEANUP(DST_R_VERIFYFAILURE);
}
isc_buffer_usedregion(buf, &tbsreg);
if (EVP_DigestVerifyInit(ctx, NULL, NULL, NULL, pkey) != 1) {
- DST_RET(dst__openssl_toresult3(
+ CLEANUP(dst__openssl_toresult3(
dctx->category, "EVP_DigestVerifyInit", ISC_R_FAILURE));
}
status = EVP_PKEY_keygen_init(ctx);
if (status != 1) {
- DST_RET(dst__openssl_toresult2("EVP_PKEY_keygen_init",
+ CLEANUP(dst__openssl_toresult2("EVP_PKEY_keygen_init",
DST_R_OPENSSLFAILURE));
}
status = EVP_PKEY_keygen(ctx, &pkey);
if (status != 1) {
- DST_RET(dst__openssl_toresult2("EVP_PKEY_keygen",
+ CLEANUP(dst__openssl_toresult2("EVP_PKEY_keygen",
DST_R_OPENSSLFAILURE));
}
if (EVP_PKEY_get_raw_private_key(key->keydata.pkeypair.priv,
buf, &len) != 1)
{
- DST_RET(dst__openssl_toresult(ISC_R_FAILURE));
+ CLEANUP(dst__openssl_toresult(ISC_R_FAILURE));
}
priv.elements[i].tag = TAG_EDDSA_PRIVATEKEY;
priv.elements[i].length = len;
if (key->external) {
if (priv.nelements != 0) {
- DST_RET(DST_R_INVALIDPRIVATEKEY);
+ CLEANUP(DST_R_INVALIDPRIVATEKEY);
}
if (pub == NULL) {
- DST_RET(DST_R_INVALIDPRIVATEKEY);
+ CLEANUP(DST_R_INVALIDPRIVATEKEY);
}
key->keydata.pkeypair.priv = pub->keydata.pkeypair.priv;
key->keydata.pkeypair.pub = pub->keydata.pkeypair.pub;
pub->keydata.pkeypair.priv = NULL;
pub->keydata.pkeypair.pub = NULL;
- DST_RET(ISC_R_SUCCESS);
+ CLEANUP(ISC_R_SUCCESS);
}
for (i = 0; i < priv.nelements; i++) {
if (pub != NULL && EVP_PKEY_eq(key->keydata.pkeypair.pub,
pub->keydata.pkeypair.pub) != 1)
{
- DST_RET(DST_R_INVALIDPRIVATEKEY);
+ CLEANUP(DST_R_INVALIDPRIVATEKEY);
}
- DST_RET(ISC_R_SUCCESS);
+ CLEANUP(ISC_R_SUCCESS);
}
if (privkey_index < 0) {
- DST_RET(DST_R_INVALIDPRIVATEKEY);
+ CLEANUP(DST_R_INVALIDPRIVATEKEY);
}
len = priv.elements[privkey_index].length;
&len, &pkey));
/* Check that the public component matches if given */
if (pub != NULL && EVP_PKEY_eq(pkey, pub->keydata.pkeypair.pub) != 1) {
- DST_RET(DST_R_INVALIDPRIVATEKEY);
+ CLEANUP(DST_R_INVALIDPRIVATEKEY);
}
key->keydata.pkeypair.priv = pkey;
size_t key_len, sig_len;
if (evp_md_ctx == NULL) {
- DST_RET(ISC_R_NOMEMORY);
+ CLEANUP(ISC_R_NOMEMORY);
}
switch (algorithm) {
alginfo = openssleddsa_alg_info(algorithm);
break;
default:
- DST_RET(ISC_R_NOTIMPLEMENTED);
+ CLEANUP(ISC_R_NOTIMPLEMENTED);
}
INSIST(alginfo != NULL);
EVP_DigestVerify(evp_md_ctx, sig, sig_len, test,
sizeof(test) - 1) != 1)
{
- DST_RET(ISC_R_NOTIMPLEMENTED);
+ CLEANUP(ISC_R_NOTIMPLEMENTED);
}
cleanup:
#include "dst_parse.h"
#include "openssl_shim.h"
-#define DST_RET(a) \
- { \
- result = a; \
- goto cleanup; \
- }
-
#define OPENSSLRSA_MAX_MODULUS_BITS 4096
typedef struct rsa_components {
rsa = RSA_new();
pkey = EVP_PKEY_new();
if (rsa == NULL || pkey == NULL) {
- DST_RET(dst__openssl_toresult(DST_R_OPENSSLFAILURE));
+ CLEANUP(dst__openssl_toresult(DST_R_OPENSSLFAILURE));
}
if (EVP_PKEY_set1_RSA(pkey, rsa) != 1) {
- DST_RET(dst__openssl_toresult(DST_R_OPENSSLFAILURE));
+ CLEANUP(dst__openssl_toresult(DST_R_OPENSSLFAILURE));
}
if (callback != NULL) {
cb = BN_GENCB_new();
if (cb == NULL) {
- DST_RET(dst__openssl_toresult(ISC_R_NOMEMORY));
+ CLEANUP(dst__openssl_toresult(ISC_R_NOMEMORY));
}
BN_GENCB_set(cb, progress_cb, (void *)callback);
}
if (RSA_generate_key_ex(rsa, key_size, e, cb) != 1) {
- DST_RET(dst__openssl_toresult2("RSA_generate_key_ex",
+ CLEANUP(dst__openssl_toresult2("RSA_generate_key_ex",
DST_R_OPENSSLFAILURE));
}
*retkey = pkey;
if (c->n == NULL || c->e == NULL) {
if (private) {
- DST_RET(DST_R_INVALIDPRIVATEKEY);
+ CLEANUP(DST_R_INVALIDPRIVATEKEY);
}
- DST_RET(DST_R_INVALIDPUBLICKEY);
+ CLEANUP(DST_R_INVALIDPUBLICKEY);
}
if (rsa == NULL) {
- DST_RET(dst__openssl_toresult2("RSA_new",
+ CLEANUP(dst__openssl_toresult2("RSA_new",
DST_R_OPENSSLFAILURE));
}
if (RSA_set0_key(rsa, (BIGNUM *)c->n, (BIGNUM *)c->e, (BIGNUM *)c->d) !=
1)
{
- DST_RET(dst__openssl_toresult2("RSA_set0_key",
+ CLEANUP(dst__openssl_toresult2("RSA_set0_key",
DST_R_OPENSSLFAILURE));
}
c->n = NULL;
if (c->p != NULL || c->q != NULL) {
if (RSA_set0_factors(rsa, (BIGNUM *)c->p, (BIGNUM *)c->q) != 1)
{
- DST_RET(dst__openssl_toresult2("RSA_set0_factors",
+ CLEANUP(dst__openssl_toresult2("RSA_set0_factors",
DST_R_OPENSSLFAILURE));
}
c->p = NULL;
(BIGNUM *)c->dmq1,
(BIGNUM *)c->iqmp) == 0)
{
- DST_RET(dst__openssl_toresult2("RSA_set0_crt_params",
+ CLEANUP(dst__openssl_toresult2("RSA_set0_crt_params",
DST_R_OPENSSLFAILURE));
}
c->dmp1 = NULL;
pkey = EVP_PKEY_new();
if (pkey == NULL) {
- DST_RET(dst__openssl_toresult2("EVP_PKEY_new",
+ CLEANUP(dst__openssl_toresult2("EVP_PKEY_new",
DST_R_OPENSSLFAILURE));
}
status = EVP_PKEY_set1_RSA(pkey, rsa);
if (status != 1) {
- DST_RET(dst__openssl_toresult2("EVP_PKEY_set1_RSA",
+ CLEANUP(dst__openssl_toresult2("EVP_PKEY_set1_RSA",
DST_R_OPENSSLFAILURE));
}
ctx = EVP_PKEY_CTX_new_from_name(NULL, "RSA", "provider=pkcs11");
if (ctx == NULL) {
- DST_RET(dst__openssl_toresult2("EVP_PKEY_CTX_new_from_name",
+ CLEANUP(dst__openssl_toresult2("EVP_PKEY_CTX_new_from_name",
DST_R_OPENSSLFAILURE));
}
status = EVP_PKEY_keygen_init(ctx);
if (status != 1) {
- DST_RET(dst__openssl_toresult2("EVP_PKEY_keygen_init",
+ CLEANUP(dst__openssl_toresult2("EVP_PKEY_keygen_init",
DST_R_OPENSSLFAILURE));
}
status = EVP_PKEY_CTX_set_params(ctx, params);
if (status != 1) {
- DST_RET(dst__openssl_toresult2("EVP_PKEY_CTX_set_params",
+ CLEANUP(dst__openssl_toresult2("EVP_PKEY_CTX_set_params",
DST_R_OPENSSLFAILURE));
}
status = EVP_PKEY_generate(ctx, retkey);
if (status != 1) {
- DST_RET(dst__openssl_toresult2("EVP_PKEY_generate",
+ CLEANUP(dst__openssl_toresult2("EVP_PKEY_generate",
DST_R_OPENSSLFAILURE));
}
ctx = EVP_PKEY_CTX_new_from_name(NULL, "RSA", NULL);
if (ctx == NULL) {
- DST_RET(dst__openssl_toresult(DST_R_OPENSSLFAILURE));
+ CLEANUP(dst__openssl_toresult(DST_R_OPENSSLFAILURE));
}
if (EVP_PKEY_keygen_init(ctx) != 1) {
- DST_RET(dst__openssl_toresult(DST_R_OPENSSLFAILURE));
+ CLEANUP(dst__openssl_toresult(DST_R_OPENSSLFAILURE));
}
if (EVP_PKEY_CTX_set_rsa_keygen_bits(ctx, (int)key_size) != 1) {
- DST_RET(dst__openssl_toresult(DST_R_OPENSSLFAILURE));
+ CLEANUP(dst__openssl_toresult(DST_R_OPENSSLFAILURE));
}
if (EVP_PKEY_CTX_set1_rsa_keygen_pubexp(ctx, e) != 1) {
- DST_RET(dst__openssl_toresult(DST_R_OPENSSLFAILURE));
+ CLEANUP(dst__openssl_toresult(DST_R_OPENSSLFAILURE));
}
if (callback != NULL) {
}
if (EVP_PKEY_keygen(ctx, retkey) != 1) {
- DST_RET(dst__openssl_toresult2("EVP_PKEY_keygen",
+ CLEANUP(dst__openssl_toresult2("EVP_PKEY_keygen",
DST_R_OPENSSLFAILURE));
}
result = ISC_R_SUCCESS;
bld = OSSL_PARAM_BLD_new();
if (bld == NULL) {
- DST_RET(dst__openssl_toresult2("OSSL_PARAM_BLD_new",
+ CLEANUP(dst__openssl_toresult2("OSSL_PARAM_BLD_new",
DST_R_OPENSSLFAILURE));
}
if (OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_RSA_N, c->n) != 1 ||
OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_RSA_E, c->e) != 1)
{
- DST_RET(dst__openssl_toresult2("OSSL_PARAM_BLD_push_BN",
+ CLEANUP(dst__openssl_toresult2("OSSL_PARAM_BLD_push_BN",
DST_R_OPENSSLFAILURE));
}
if (c->d != NULL &&
OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_RSA_D, c->d) != 1)
{
- DST_RET(dst__openssl_toresult2("OSSL_PARAM_BLD_push_BN",
+ CLEANUP(dst__openssl_toresult2("OSSL_PARAM_BLD_push_BN",
DST_R_OPENSSLFAILURE));
}
if (c->p != NULL &&
OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_RSA_FACTOR1, c->p) != 1)
{
- DST_RET(dst__openssl_toresult2("OSSL_PARAM_BLD_push_BN",
+ CLEANUP(dst__openssl_toresult2("OSSL_PARAM_BLD_push_BN",
DST_R_OPENSSLFAILURE));
}
if (c->q != NULL &&
OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_RSA_FACTOR2, c->q) != 1)
{
- DST_RET(dst__openssl_toresult2("OSSL_PARAM_BLD_push_BN",
+ CLEANUP(dst__openssl_toresult2("OSSL_PARAM_BLD_push_BN",
DST_R_OPENSSLFAILURE));
}
if (c->dmp1 != NULL &&
OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_RSA_EXPONENT1,
c->dmp1) != 1)
{
- DST_RET(dst__openssl_toresult2("OSSL_PARAM_BLD_push_BN",
+ CLEANUP(dst__openssl_toresult2("OSSL_PARAM_BLD_push_BN",
DST_R_OPENSSLFAILURE));
}
if (c->dmq1 != NULL &&
OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_RSA_EXPONENT2,
c->dmq1) != 1)
{
- DST_RET(dst__openssl_toresult2("OSSL_PARAM_BLD_push_BN",
+ CLEANUP(dst__openssl_toresult2("OSSL_PARAM_BLD_push_BN",
DST_R_OPENSSLFAILURE));
}
if (c->iqmp != NULL &&
OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_RSA_COEFFICIENT1,
c->iqmp) != 1)
{
- DST_RET(dst__openssl_toresult2("OSSL_PARAM_BLD_push_BN",
+ CLEANUP(dst__openssl_toresult2("OSSL_PARAM_BLD_push_BN",
DST_R_OPENSSLFAILURE));
}
params = OSSL_PARAM_BLD_to_param(bld);
if (params == NULL) {
- DST_RET(dst__openssl_toresult2("OSSL_PARAM_BLD_to_param",
+ CLEANUP(dst__openssl_toresult2("OSSL_PARAM_BLD_to_param",
DST_R_OPENSSLFAILURE));
}
ctx = EVP_PKEY_CTX_new_from_name(NULL, "RSA", NULL);
if (ctx == NULL) {
- DST_RET(dst__openssl_toresult2("EVP_PKEY_CTX_new_from_name",
+ CLEANUP(dst__openssl_toresult2("EVP_PKEY_CTX_new_from_name",
DST_R_OPENSSLFAILURE));
}
status = EVP_PKEY_fromdata_init(ctx);
if (status != 1) {
- DST_RET(dst__openssl_toresult2("EVP_PKEY_fromdata_init",
+ CLEANUP(dst__openssl_toresult2("EVP_PKEY_fromdata_init",
DST_R_OPENSSLFAILURE));
}
ctx, retpkey, private ? EVP_PKEY_KEYPAIR : EVP_PKEY_PUBLIC_KEY,
params);
if (status != 1) {
- DST_RET(dst__openssl_toresult2("EVP_PKEY_fromdata",
+ CLEANUP(dst__openssl_toresult2("EVP_PKEY_fromdata",
DST_R_OPENSSLFAILURE));
}
result = ISC_R_SUCCESS;
UNUSED(unused);
if (e == NULL) {
- DST_RET(dst__openssl_toresult(DST_R_OPENSSLFAILURE));
+ CLEANUP(dst__openssl_toresult(DST_R_OPENSSLFAILURE));
}
/*
case DST_ALG_NSEC3RSASHA1:
/* From RFC 3110 */
if (key->key_size > 4096) {
- DST_RET(DST_R_INVALIDPARAM);
+ CLEANUP(DST_R_INVALIDPARAM);
}
break;
case DST_ALG_RSASHA256:
case DST_ALG_RSASHA256PRIVATEOID:
/* From RFC 5702 */
if (key->key_size < 512 || key->key_size > 4096) {
- DST_RET(DST_R_INVALIDPARAM);
+ CLEANUP(DST_R_INVALIDPARAM);
}
break;
case DST_ALG_RSASHA512:
case DST_ALG_RSASHA512PRIVATEOID:
/* From RFC 5702 */
if (key->key_size < 1024 || key->key_size > 4096) {
- DST_RET(DST_R_INVALIDPARAM);
+ CLEANUP(DST_R_INVALIDPARAM);
}
break;
default:
switch (key->key_alg) {
case DST_ALG_RSASHA256PRIVATEOID:
if (r.length < sizeof(oid_rsasha256)) {
- DST_RET(ISC_R_NOSPACE);
+ CLEANUP(ISC_R_NOSPACE);
}
isc_buffer_putmem(data, oid_rsasha256, sizeof(oid_rsasha256));
isc_region_consume(&r, sizeof(oid_rsasha256));
break;
case DST_ALG_RSASHA512PRIVATEOID:
if (r.length < sizeof(oid_rsasha512)) {
- DST_RET(ISC_R_NOSPACE);
+ CLEANUP(ISC_R_NOSPACE);
}
isc_buffer_putmem(data, oid_rsasha512, sizeof(oid_rsasha512));
isc_region_consume(&r, sizeof(oid_rsasha512));
if (e_bytes < 256) { /*%< key exponent is <= 2040 bits */
if (r.length < 1) {
- DST_RET(ISC_R_NOSPACE);
+ CLEANUP(ISC_R_NOSPACE);
}
isc_buffer_putuint8(data, (uint8_t)e_bytes);
isc_region_consume(&r, 1);
} else {
if (r.length < 3) {
- DST_RET(ISC_R_NOSPACE);
+ CLEANUP(ISC_R_NOSPACE);
}
isc_buffer_putuint8(data, 0);
isc_buffer_putuint16(data, (uint16_t)e_bytes);
}
if (r.length < e_bytes + mod_bytes) {
- DST_RET(ISC_R_NOSPACE);
+ CLEANUP(ISC_R_NOSPACE);
}
BN_bn2bin(c.e, r.base);
isc_buffer_remainingregion(data, &r);
if (r.length == 0) {
- DST_RET(ISC_R_SUCCESS);
+ CLEANUP(ISC_R_SUCCESS);
}
/*
if (r.length < sizeof(oid_rsasha256) ||
memcmp(r.base, oid_rsasha256, sizeof(oid_rsasha256)) != 0)
{
- DST_RET(DST_R_INVALIDPUBLICKEY);
+ CLEANUP(DST_R_INVALIDPUBLICKEY);
}
isc_region_consume(&r, sizeof(oid_rsasha256));
isc_buffer_forward(data, sizeof(oid_rsasha256));
if (r.length < sizeof(oid_rsasha512) ||
memcmp(r.base, oid_rsasha512, sizeof(oid_rsasha512)) != 0)
{
- DST_RET(DST_R_INVALIDPUBLICKEY);
+ CLEANUP(DST_R_INVALIDPUBLICKEY);
}
isc_region_consume(&r, sizeof(oid_rsasha512));
isc_buffer_forward(data, sizeof(oid_rsasha512));
length = r.length;
if (r.length < 1) {
- DST_RET(DST_R_INVALIDPUBLICKEY);
+ CLEANUP(DST_R_INVALIDPUBLICKEY);
}
e_bytes = *r.base;
if (e_bytes == 0) {
if (r.length < 2) {
- DST_RET(DST_R_INVALIDPUBLICKEY);
+ CLEANUP(DST_R_INVALIDPUBLICKEY);
}
e_bytes = (*r.base) << 8;
isc_region_consume(&r, 1);
}
if (r.length < e_bytes) {
- DST_RET(DST_R_INVALIDPUBLICKEY);
+ CLEANUP(DST_R_INVALIDPUBLICKEY);
}
c.e = BN_bin2bn(r.base, e_bytes, NULL);
isc_region_consume(&r, e_bytes);
c.n = BN_bin2bn(r.base, r.length, NULL);
if (c.e == NULL || c.n == NULL) {
- DST_RET(ISC_R_NOMEMORY);
+ CLEANUP(ISC_R_NOMEMORY);
}
isc_buffer_forward(data, length);
if (key->external) {
if (priv.nelements != 0 || pub == NULL) {
- DST_RET(DST_R_INVALIDPRIVATEKEY);
+ CLEANUP(DST_R_INVALIDPRIVATEKEY);
}
key->keydata.pkeypair.pub = pub->keydata.pkeypair.pub;
key->keydata.pkeypair.priv = pub->keydata.pkeypair.priv;
pub->keydata.pkeypair.pub = NULL;
pub->keydata.pkeypair.priv = NULL;
key->key_size = pub->key_size;
- DST_RET(ISC_R_SUCCESS);
+ CLEANUP(ISC_R_SUCCESS);
}
for (i = 0; i < priv.nelements; i++) {
if (pub != NULL && EVP_PKEY_eq(key->keydata.pkeypair.pub,
pub->keydata.pkeypair.pub) != 1)
{
- DST_RET(DST_R_INVALIDPRIVATEKEY);
+ CLEANUP(DST_R_INVALIDPRIVATEKEY);
}
- DST_RET(ISC_R_SUCCESS);
+ CLEANUP(ISC_R_SUCCESS);
}
for (i = 0; i < priv.nelements; i++) {
bn = BN_bin2bn(priv.elements[i].data,
priv.elements[i].length, NULL);
if (bn == NULL) {
- DST_RET(ISC_R_NOMEMORY);
+ CLEANUP(ISC_R_NOMEMORY);
}
switch (priv.elements[i].tag) {
case TAG_RSA_MODULUS:
/* Basic sanity check for public key portion */
if (c.n == NULL || c.e == NULL) {
- DST_RET(DST_R_INVALIDPRIVATEKEY);
+ CLEANUP(DST_R_INVALIDPRIVATEKEY);
}
if (BN_num_bits(c.e) > RSA_MAX_PUBEXP_BITS) {
- DST_RET(ISC_R_RANGE);
+ CLEANUP(ISC_R_RANGE);
}
key->key_size = BN_num_bits(c.n);
/* Check that the public component matches if given */
if (pub != NULL && EVP_PKEY_eq(pkey, pub->keydata.pkeypair.pub) != 1) {
- DST_RET(DST_R_INVALIDPRIVATEKEY);
+ CLEANUP(DST_R_INVALIDPRIVATEKEY);
}
key->keydata.pkeypair.pub = pkey;
&privpkey));
if (!opensslrsa_check_exponent_bits(pubpkey, RSA_MAX_PUBEXP_BITS)) {
- DST_RET(ISC_R_RANGE);
+ CLEANUP(ISC_R_RANGE);
}
key->label = isc_mem_strdup(key->mctx, label);
len = sizeof(sha512_sig) - 1;
break;
default:
- DST_RET(ISC_R_NOTIMPLEMENTED);
+ CLEANUP(ISC_R_NOTIMPLEMENTED);
}
/*
EVP_DigestUpdate(evp_md_ctx, "test", 4) != 1 ||
EVP_VerifyFinal(evp_md_ctx, sig, len, pkey) != 1)
{
- DST_RET(ISC_R_NOTIMPLEMENTED);
+ CLEANUP(ISC_R_NOTIMPLEMENTED);
}
cleanup:
if (!dns_nsec3param_fromprivate(private, &rdata, nsec3buf,
sizeof(nsec3buf)))
{
- CHECK(ISC_R_FAILURE);
+ CLEANUP(ISC_R_FAILURE);
}
CHECK(dns_rdata_tostruct(&rdata, &nsec3param, NULL));
CHECK(isc_hex_tobuffer(lexer, buf,
(unsigned int)token.value.as_ulong));
if (isc_buffer_usedlength(buf) != token.value.as_ulong) {
- CHECK(ISC_R_UNEXPECTEDEND);
+ CLEANUP(ISC_R_UNEXPECTEDEND);
}
}
* than ncount, then we found such a duplicate.
*/
if (((flags & DNS_RDATASLAB_EXACT) != 0) && (tcount < ncount)) {
- CHECK(DNS_R_NOTEXACT);
+ CLEANUP(DNS_R_NOTEXACT);
}
/*
* FORCE flag isn't set, we're done.
*/
if (tcount == 0 && (flags & DNS_RDATASLAB_FORCE) == 0) {
- CHECK(DNS_R_UNCHANGED);
+ CLEANUP(DNS_R_UNCHANGED);
}
/* Add to tcount the total number of items from the old slab. */
/* Single types can't have more than one RR. */
if (tcount > 1 && dns_rdatatype_issingleton(type)) {
- CHECK(DNS_R_SINGLETON);
+ CLEANUP(DNS_R_SINGLETON);
}
if (tcount > 0xffff) {
- CHECK(ISC_R_NOSPACE);
+ CLEANUP(ISC_R_NOSPACE);
}
/* Allocate the target buffer and copy the new slab's header */
* duplicates.)
*/
if ((flags & DNS_RDATASLAB_EXACT) != 0 && rcount != scount) {
- CHECK(DNS_R_NOTEXACT);
+ CLEANUP(DNS_R_NOTEXACT);
}
/*
* create a new buffer, just return.
*/
if (tcount == 0) {
- CHECK(DNS_R_NXRRSET);
+ CLEANUP(DNS_R_NXRRSET);
}
/*
* If nothing is going to change, stop.
*/
if (rcount == 0) {
- CHECK(DNS_R_UNCHANGED);
+ CLEANUP(DNS_R_UNCHANGED);
}
/*
*/
isc_buffer_usedregion(buf1, &r);
if ((options & DNS_REQUESTOPT_TCP) == 0 && r.length > 512) {
- CHECK(DNS_R_USETCP);
+ CLEANUP(DNS_R_USETCP);
}
isc_buffer_allocate(mctx, &buf2, r.length);
CHECK(isc_buffer_copyregion(buf2, &r));
address = isc_mem_get(mctx, sizeof(*address));
if (res->ai_addrlen > sizeof(address->type)) {
isc_mem_put(mctx, address, sizeof(*address));
- CHECK(ISC_R_RANGE);
+ CLEANUP(ISC_R_RANGE);
}
if (res->ai_family == AF_INET) {
isc_mem_put(mctx, address, sizeof(*address));
UNEXPECTED_ERROR("ai_family (%d) not INET nor INET6",
res->ai_family);
- CHECK(ISC_R_UNEXPECTED);
+ CLEANUP(ISC_R_UNEXPECTED);
}
address->length = (unsigned int)res->ai_addrlen;
* made. Interrupt the DS chasing process, returning SERVFAIL.
*/
if (dns_name_equal(fctx->nsname, fetch->private->domain)) {
- CHECK(DNS_R_SERVFAIL);
+ CLEANUP(DNS_R_SERVFAIL);
}
/* Get nameservers from fetch before we destroy it. */
buffer));
if (isc_buffer_usedlength(buffer) < 1) {
- CHECK(ISC_R_BADADDRESSFORM);
+ CLEANUP(ISC_R_BADADDRESSFORM);
}
rdatastr = isc_buffer_base(buffer);
} while (result == ISC_R_NOSPACE);
if (result != ISC_R_SUCCESS) {
- CHECK(DNS_R_SERVFAIL);
+ CLEANUP(DNS_R_SERVFAIL);
}
ISC_LIST_APPEND(rdatalist->rdata, rdata, link);
#define NEXTTOKEN(lex, opt, token) CHECK(isc_lex_gettoken(lex, opt, token))
-#define BADTOKEN() CHECK(ISC_R_UNEXPECTEDTOKEN)
+#define BADTOKEN() CLEANUP(ISC_R_UNEXPECTEDTOKEN)
#define TOKENSIZ (8 * 1024)
#define STR(t) ((t).value.as_textregion.base)
isc_buffer_add(&b, strlen(owner));
CHECK(dns_name_fromtext(dname, &b, dns_rootname, 0));
if (dns_name_compare(dname, origin) != 0) {
- CHECK(DNS_R_BADOWNERNAME);
+ CLEANUP(DNS_R_BADOWNERNAME);
}
isc_buffer_clear(&b);
}
if (token.type != isc_tokentype_string) {
- CHECK(DNS_R_SYNTAX);
+ CLEANUP(DNS_R_SYNTAX);
}
if (strcmp(STR(token), ";;") == 0) {
if (token.type != isc_tokentype_string ||
strcmp(STR(token), "SignedKeyResponse") != 0)
{
- CHECK(DNS_R_SYNTAX);
+ CLEANUP(DNS_R_SYNTAX);
}
/* Version */
if (token.type != isc_tokentype_string ||
strcmp(STR(token), "1.0") != 0)
{
- CHECK(DNS_R_SYNTAX);
+ CLEANUP(DNS_R_SYNTAX);
}
/* Date and time of bundle */
CHECK(isc_lex_gettoken(lex, opt, &token));
if (token.type != isc_tokentype_string) {
- CHECK(DNS_R_SYNTAX);
+ CLEANUP(DNS_R_SYNTAX);
}
if (strcmp(STR(token), "generated") == 0) {
/* Final bundle */
goto readline;
}
if (token.type != isc_tokentype_string) {
- CHECK(DNS_R_SYNTAX);
+ CLEANUP(DNS_R_SYNTAX);
}
/* Add previous bundle */
}
if (result != ISC_R_EOF) {
- CHECK(DNS_R_SYNTAX);
+ CLEANUP(DNS_R_SYNTAX);
}
result = ISC_R_SUCCESS;
if (result != ISC_R_SUCCESS) {
tkey_log("dns_tkey_processquery: couldn't find a TKEY "
"matching the question");
- CHECK(DNS_R_FORMERR);
+ CLEANUP(DNS_R_FORMERR);
}
result = dns_rdataset_first(tkeyset);
if (result != ISC_R_SUCCESS) {
- CHECK(DNS_R_FORMERR);
+ CLEANUP(DNS_R_FORMERR);
}
dns_rdataset_current(tkeyset, &rdata);
CHECK(dns_rdata_tostruct(&rdata, &tkeyin, NULL));
if (tkeyin.error != dns_rcode_noerror) {
- CHECK(DNS_R_FORMERR);
+ CLEANUP(DNS_R_FORMERR);
}
/*
{
tkey_log("dns_tkey_processquery: query was not "
"properly signed - rejecting");
- CHECK(DNS_R_FORMERR);
+ CLEANUP(DNS_R_FORMERR);
}
tkeyout = (dns_rdata_tkey_t){
{
tkey_log("dns_tkey_gssnegotiate: tkey mode invalid "
"or error set(4)");
- CHECK(DNS_R_INVALIDTKEY);
+ CLEANUP(DNS_R_INVALIDTKEY);
}
isc_buffer_init(&intoken, rtkey.key, rtkey.keylen);
if (wraps == 2) {
update_log(log, zone, ISC_LOG_ERROR,
"secure zone with no NSECs");
- CHECK(DNS_R_BADZONE);
+ CLEANUP(DNS_R_BADZONE);
}
}
CHECK(dns_dbiterator_current(dbit, &node, newname));
/* Look up the signature in the SKR bundle */
dns_skrbundle_t *bundle = dns_zone_getskrbundle(zone);
if (bundle == NULL) {
- CHECK(DNS_R_NOSKRBUNDLE);
+ CLEANUP(DNS_R_NOSKRBUNDLE);
}
CHECK(dns_skrbundle_getsig(bundle, keys[i], type,
&sig_rdata));
dns_resolver_destroyfetch(&val->fetch);
if (CANCELED(val) || CANCELING(val)) {
- CHECK(ISC_R_CANCELED);
+ CLEANUP(ISC_R_CANCELED);
}
if (trustchain) {
dns_resolver_destroyfetch(&val->fetch);
if (CANCELED(val) || CANCELING(val)) {
- CHECK(ISC_R_CANCELED);
+ CLEANUP(ISC_R_CANCELED);
}
if (trustchain) {
val->subvalidator = NULL;
if (CANCELED(val) || CANCELING(val)) {
- CHECK(ISC_R_CANCELED);
+ CLEANUP(ISC_R_CANCELED);
}
validator_log(val, ISC_LOG_DEBUG(3), "in validator_callback_dnskey");
val->subvalidator = NULL;
if (CANCELED(val) || CANCELING(val)) {
- CHECK(ISC_R_CANCELED);
+ CLEANUP(ISC_R_CANCELED);
}
validator_log(val, ISC_LOG_DEBUG(3), "in validator_callback_ds");
val->subvalidator = NULL;
if (CANCELED(val) || CANCELING(val)) {
- CHECK(ISC_R_CANCELED);
+ CLEANUP(ISC_R_CANCELED);
}
validator_log(val, ISC_LOG_DEBUG(3), "in validator_callback_cname");
val->subvalidator = NULL;
if (CANCELED(val) || CANCELING(val)) {
- CHECK(ISC_R_CANCELED);
+ CLEANUP(ISC_R_CANCELED);
}
validator_log(val, ISC_LOG_DEBUG(3), "in validator_callback_nsec");
val->attributes &= ~VALATTR_OFFLOADED;
if (CANCELING(val)) {
validator_cancel_finish(val);
- CHECK(ISC_R_CANCELED);
+ CLEANUP(ISC_R_CANCELED);
}
if (val->resume) {
val->attributes &= ~VALATTR_OFFLOADED;
if (CANCELING(val)) {
validator_cancel_finish(val);
- CHECK(ISC_R_CANCELED);
+ CLEANUP(ISC_R_CANCELED);
}
val->resume = false;
val->attributes &= ~VALATTR_OFFLOADED;
if (CANCELING(val)) {
validator_cancel_finish(val);
- CHECK(ISC_R_CANCELED);
+ CLEANUP(ISC_R_CANCELED);
}
dns_rdata_reset(&val->rdata);
dns_rdata_ds_t ds;
if (CANCELED(val) || CANCELING(val)) {
- CHECK(ISC_R_CANCELED);
+ CLEANUP(ISC_R_CANCELED);
}
/*
validator_log(val, ISC_LOG_DEBUG(3),
"no trusted root key");
}
- CHECK(DNS_R_NOVALIDSIG);
+ CLEANUP(DNS_R_NOVALIDSIG);
}
/*
isc_result_t result = ISC_R_FAILURE;
if (CANCELED(val) || CANCELING(val)) {
- CHECK(ISC_R_CANCELED);
+ CLEANUP(ISC_R_CANCELED);
}
validator_log(val, ISC_LOG_DEBUG(3), "starting");
try_hints = true;
goto finish;
} else {
- CHECK(DNS_R_NXDOMAIN);
+ CLEANUP(DNS_R_NXDOMAIN);
}
} else if (result != ISC_R_SUCCESS) {
/*
if (token.type == isc_tokentype_eof) {
break;
} else if (token.type != isc_tokentype_string) {
- CHECK(ISC_R_UNEXPECTEDTOKEN);
+ CLEANUP(ISC_R_UNEXPECTEDTOKEN);
}
name = TSTR(token);
len = TLEN(token);
CHECK(isc_lex_gettoken(lex, options, &token));
if (token.type != isc_tokentype_string) {
- CHECK(ISC_R_UNEXPECTEDTOKEN);
+ CLEANUP(ISC_R_UNEXPECTEDTOKEN);
}
type = TSTR(token);
} else if (strcmp(type, "forced") == 0) {
forced = true;
} else {
- CHECK(ISC_R_UNEXPECTEDTOKEN);
+ CLEANUP(ISC_R_UNEXPECTEDTOKEN);
}
CHECK(isc_lex_gettoken(lex, options, &token));
if (token.type != isc_tokentype_string) {
- CHECK(ISC_R_UNEXPECTEDTOKEN);
+ CLEANUP(ISC_R_UNEXPECTEDTOKEN);
}
timestamp = TSTR(token);
CHECK(dns_time32_fromtext(timestamp, &t));
if (token.type != isc_tokentype_eol &&
token.type != isc_tokentype_eof)
{
- CHECK(ISC_R_UNEXPECTEDTOKEN);
+ CLEANUP(ISC_R_UNEXPECTEDTOKEN);
}
if (now <= t) {
REQUIRE(view->rdclass == dns_rdataclass_in);
if (rdtype != dns_rdatatype_dnskey && rdtype != dns_rdatatype_ds) {
- CHECK(ISC_R_NOTIMPLEMENTED);
+ CLEANUP(ISC_R_NOTIMPLEMENTED);
}
isc_buffer_init(&b, rdatabuf, sizeof(rdatabuf));
uint64_t records;
if (atomic_load(&xfr->shuttingdown)) {
- CHECK(ISC_R_SHUTTINGDOWN);
+ CLEANUP(ISC_R_SHUTTINGDOWN);
}
CHECK(dns_diff_load(&xfr->diff, &xfr->axfr));
if (xfr->maxrecords != 0U) {
result = dns_db_getsize(xfr->db, xfr->ver, &records, NULL);
if (result == ISC_R_SUCCESS && records > xfr->maxrecords) {
- CHECK(DNS_R_TOOMANYRECORDS);
+ CLEANUP(DNS_R_TOOMANYRECORDS);
}
}
if (xfr->maxrecords != 0U) {
result = dns_db_getsize(xfr->db, xfr->ver, &records, NULL);
if (result == ISC_R_SUCCESS && records > xfr->maxrecords) {
- CHECK(DNS_R_TOOMANYRECORDS);
+ CLEANUP(DNS_R_TOOMANYRECORDS);
}
}
if (xfr->ixfr.journal != NULL) {
dns_rdatatype_format(rdata->type, buf, sizeof(buf));
xfrin_log(xfr, ISC_LOG_NOTICE,
"Unexpected %s record in zone transfer", buf);
- CHECK(DNS_R_FORMERR);
+ CLEANUP(DNS_R_FORMERR);
}
/*
dns_name_format(name, namebuf, sizeof(namebuf));
xfrin_log(xfr, ISC_LOG_DEBUG(3), "SOA name mismatch: '%s'",
namebuf);
- CHECK(DNS_R_NOTZONETOP);
+ CLEANUP(DNS_R_NOTZONETOP);
}
redo:
if (rdata->type != dns_rdatatype_soa) {
xfrin_log(xfr, ISC_LOG_NOTICE,
"non-SOA response to SOA query");
- CHECK(DNS_R_FORMERR);
+ CLEANUP(DNS_R_FORMERR);
}
end_serial = dns_soa_getserial(rdata);
atomic_store_relaxed(&xfr->end_serial, end_serial);
"requested serial %u, "
"primary has %" PRIuFAST32 ", not updating",
xfr->ixfr.request_serial, end_serial);
- CHECK(DNS_R_UPTODATE);
+ CLEANUP(DNS_R_UPTODATE);
}
atomic_store(&xfr->state, XFRST_GOTSOA);
break;
if (rdata->type != dns_rdatatype_soa) {
xfrin_log(xfr, ISC_LOG_NOTICE,
"first RR in zone transfer must be SOA");
- CHECK(DNS_R_FORMERR);
+ CLEANUP(DNS_R_FORMERR);
}
/*
* Remember the serial number in the initial SOA.
"requested serial %u, "
"primary has %" PRIuFAST32 ", not updating",
xfr->ixfr.request_serial, end_serial);
- CHECK(DNS_R_UPTODATE);
+ CLEANUP(DNS_R_UPTODATE);
}
xfr->firstsoa = *rdata;
if (xfr->firstsoa_data != NULL) {
"IXFR out of sync: "
"expected serial %u, got %u",
xfr->ixfr.current_serial, soa_serial);
- CHECK(DNS_R_FORMERR);
+ CLEANUP(DNS_R_FORMERR);
} else {
CHECK(ixfr_commit(xfr));
atomic_store(&xfr->state, XFRST_IXFR_DELSOA);
if (rdata->type == dns_rdatatype_ns &&
dns_name_iswildcard(name))
{
- CHECK(DNS_R_INVALIDNS);
+ CLEANUP(DNS_R_INVALIDNS);
}
CHECK(ixfr_putdata(xfr, DNS_DIFFOP_ADD, name, ttl, rdata));
break;
xfrin_log(xfr, ISC_LOG_NOTICE,
"start and ending SOA records "
"mismatch");
- CHECK(DNS_R_FORMERR);
+ CLEANUP(DNS_R_FORMERR);
}
axfr_commit(xfr);
atomic_store(&xfr->state, XFRST_AXFR_END);
break;
case XFRST_AXFR_END:
case XFRST_IXFR_END:
- CHECK(DNS_R_EXTRADATA);
+ CLEANUP(DNS_R_EXTRADATA);
break;
default:
UNREACHABLE();
dns_dispatchmgr_t *dispmgr = dns_view_getdispatchmgr(xfr->view);
if (dispmgr == NULL) {
- CHECK(ISC_R_SHUTTINGDOWN);
+ CLEANUP(ISC_R_SHUTTINGDOWN);
}
primaries_timeout = isc_nm_getprimariestimeout();
if (msg->counts[DNS_SECTION_QUESTION] > 1) {
xfrin_log(xfr, ISC_LOG_NOTICE, "too many questions (%u)",
msg->counts[DNS_SECTION_QUESTION]);
- CHECK(DNS_R_FORMERR);
+ CLEANUP(DNS_R_FORMERR);
}
if ((atomic_load(&xfr->state) == XFRST_SOAQUERY ||
msg->counts[DNS_SECTION_QUESTION] != 1)
{
xfrin_log(xfr, ISC_LOG_NOTICE, "missing question section");
- CHECK(DNS_R_FORMERR);
+ CLEANUP(DNS_R_FORMERR);
}
MSG_SECTION_FOREACH(msg, DNS_SECTION_QUESTION, name) {
if (!dns_name_equal(name, &xfr->name)) {
xfrin_log(xfr, ISC_LOG_NOTICE,
"question name mismatch");
- CHECK(DNS_R_FORMERR);
+ CLEANUP(DNS_R_FORMERR);
}
rds = ISC_LIST_HEAD(name->list);
INSIST(rds != NULL);
if (rds->type != xfr->reqtype) {
xfrin_log(xfr, ISC_LOG_NOTICE,
"question type mismatch");
- CHECK(DNS_R_FORMERR);
+ CLEANUP(DNS_R_FORMERR);
}
if (rds->rdclass != xfr->rdclass) {
xfrin_log(xfr, ISC_LOG_NOTICE,
"question class mismatch");
- CHECK(DNS_R_FORMERR);
+ CLEANUP(DNS_R_FORMERR);
}
}
if (xfr->reqtype == dns_rdatatype_soa &&
(msg->flags & DNS_MESSAGEFLAG_AA) == 0)
{
- CHECK(DNS_R_NOTAUTHORITATIVE);
+ CLEANUP(DNS_R_NOTAUTHORITATIVE);
}
result = dns_message_checksig(msg, xfr->view);
atomic_load(&xfr->state) == XFRST_AXFR_END ||
atomic_load(&xfr->state) == XFRST_IXFR_END)
{
- CHECK(DNS_R_EXPECTEDTSIG);
+ CLEANUP(DNS_R_EXPECTEDTSIG);
}
}
if ((flags & DNS_ZONELOADFLAG_THAW) != 0) {
DNS_ZONE_SETFLAG(zone, DNS_ZONEFLG_THAW);
}
- CHECK(ISC_R_LOADING);
+ CLEANUP(ISC_R_LOADING);
}
INSIST(zone->db_argc >= 1);
ISC_LOG_DEBUG(1),
"skipping load: master file "
"older than last load");
- CHECK(DNS_R_UPTODATE);
+ CLEANUP(DNS_R_UPTODATE);
}
/*
"DLZ %s does not exist or is set "
"to 'search yes;'",
zone->db_argv[1]);
- CHECK(ISC_R_NOTFOUND);
+ CLEANUP(ISC_R_NOTFOUND);
}
ZONEDB_LOCK(&zone->dblock, isc_rwlocktype_write);
goto cleanup;
}
if (zone->type == dns_zone_primary && errors != 0) {
- CHECK(DNS_R_BADZONE);
+ CLEANUP(DNS_R_BADZONE);
}
if (zone->type != dns_zone_stub &&
zone->type != dns_zone_redirect)
DNS_ZONE_OPTION(zone, DNS_ZONEOPT_CHECKINTEGRITY) &&
!integrity_checks(zone, db))
{
- CHECK(DNS_R_BADZONE);
+ CLEANUP(DNS_R_BADZONE);
}
if (zone->type == dns_zone_primary &&
DNS_ZONE_OPTION(zone, DNS_ZONEOPT_CHECKDUPRR) &&
!zone_check_dup(zone, db))
{
- CHECK(DNS_R_BADZONE);
+ CLEANUP(DNS_R_BADZONE);
}
if (zone->type == dns_zone_primary) {
dns_zone_log(zone, ISC_LOG_ERROR,
"'log-report-channel' is set, but no "
"'*._er/TXT' wildcard found");
- CHECK(DNS_R_BADZONE);
+ CLEANUP(DNS_R_BADZONE);
}
CHECK(dns_zone_verifydb(zone, db, NULL));
"new serial (%u) out of range "
"[%u - %u]",
serial, serialmin, serialmax);
- CHECK(DNS_R_BADZONE);
+ CLEANUP(DNS_R_BADZONE);
} else if (!isc_serial_ge(serial, oldserial)) {
dns_zone_logc(zone, DNS_LOGCATEGORY_ZONELOAD,
ISC_LOG_ERROR,
default:
UNEXPECTED_ERROR("unexpected zone type %d", zone->type);
- CHECK(ISC_R_UNEXPECTED);
+ CLEANUP(ISC_R_UNEXPECTED);
}
/*
/* Look up the signature in the SKR bundle */
dns_skrbundle_t *bundle = dns_zone_getskrbundle(zone);
if (bundle == NULL) {
- CHECK(DNS_R_NOSKRBUNDLE);
+ CLEANUP(DNS_R_NOSKRBUNDLE);
}
CHECK(dns_skrbundle_getsig(bundle, keys[i], type,
&sig_rdata));
* Zone is frozen. Pause for 5 minutes.
*/
if (zone->update_disabled) {
- CHECK(ISC_R_FAILURE);
+ CLEANUP(ISC_R_FAILURE);
}
ZONEDB_LOCK(&zone->dblock, isc_rwlocktype_read);
}
ZONEDB_UNLOCK(&zone->dblock, isc_rwlocktype_read);
if (db == NULL) {
- CHECK(ISC_R_FAILURE);
+ CLEANUP(ISC_R_FAILURE);
}
result = dns_db_newversion(db, &version);
/* Look up the signature in the SKR bundle */
dns_skrbundle_t *bundle = dns_zone_getskrbundle(zone);
if (bundle == NULL) {
- CHECK(DNS_R_NOSKRBUNDLE);
+ CLEANUP(DNS_R_NOSKRBUNDLE);
}
CHECK(dns_skrbundle_getsig(bundle, key, rdataset.type,
&rdata));
* Updates are disabled. Pause for 5 minutes.
*/
if (zone->update_disabled) {
- CHECK(ISC_R_FAILURE);
+ CLEANUP(ISC_R_FAILURE);
}
ZONEDB_LOCK(&zone->dblock, isc_rwlocktype_read);
}
break;
default:
- CHECK(ISC_R_NOTIMPLEMENTED);
+ CLEANUP(ISC_R_NOTIMPLEMENTED);
}
/*
LOCK_ZONE(zone);
if (DNS_ZONE_FLAG(zone, DNS_ZONEFLG_EXITING) || !inline_secure(zone)) {
- CHECK(ISC_R_SHUTTINGDOWN);
+ CLEANUP(ISC_R_SHUTTINGDOWN);
}
loadtime = isc_time_now();
mr = dns_message_getrawmessage(msg);
if (mr == NULL) {
- CHECK(ISC_R_UNEXPECTEDEND);
+ CLEANUP(ISC_R_UNEXPECTEDEND);
}
isc_buffer_allocate(zone->mctx, &forward->msgbuf, mr->length);
ZONEDB_UNLOCK(&zone->dblock, isc_rwlocktype_read);
if (db == NULL) {
- CHECK(ISC_R_NOTFOUND);
+ CLEANUP(ISC_R_NOTFOUND);
}
dns_db_attach(db, &signing->db);
checkds->zone->view->requestmgr == NULL ||
checkds->zone->db == NULL)
{
- CHECK(ISC_R_CANCELED);
+ CLEANUP(ISC_R_CANCELED);
}
/*
dns_zone_log(checkds->zone, ISC_LOG_DEBUG(3),
"checkds: ignoring IPv6 mapped IPV4 address: %s",
addrbuf);
- CHECK(ISC_R_CANCELED);
+ CLEANUP(ISC_R_CANCELED);
}
checkds_createmessage(checkds->zone, &message);
dnssec_log(zone, ISC_LOG_DEBUG(1),
"zone_rekey:dns_skr_lookup failed: "
"no SKR available");
- CHECK(DNS_R_NOSKRFILE);
+ CLEANUP(DNS_R_NOSKRFILE);
}
bundle = dns_skr_lookup(zone->skr, now, sigval);
zone->skrbundle = bundle;
"no available SKR bundle for time "
"%.*s (%s)",
(int)r.length, r.base, nowstr);
- CHECK(DNS_R_NOSKRBUNDLE);
+ CLEANUP(DNS_R_NOSKRBUNDLE);
}
zone_apply_skrbundle(zone, bundle, &keyset, &cdsset,
}
if (empty) {
- CHECK(DNS_R_BADCDS);
+ CLEANUP(DNS_R_BADCDS);
}
CHECK(dns_rdata_tostruct(&crdata, &structcds, NULL));
&crdata, &dnskey,
&rdata);
if (result != ISC_R_SUCCESS) {
- CHECK(DNS_R_BADCDS);
+ CLEANUP(DNS_R_BADCDS);
}
CHECK(dns_rdata_tostruct(&rdata, &structdnskey,
NULL));
for (i = 0; i < sizeof(algorithms); i++) {
if (delete) {
if (algorithms[i] != notexpected) {
- CHECK(DNS_R_BADCDS);
+ CLEANUP(DNS_R_BADCDS);
}
} else if (algorithms[i] == expected) {
- CHECK(DNS_R_BADCDS);
+ CLEANUP(DNS_R_BADCDS);
}
}
}
}
if (empty) {
- CHECK(DNS_R_BADCDNSKEY);
+ CLEANUP(DNS_R_BADCDNSKEY);
}
CHECK(dns_rdata_tostruct(&crdata, &structcdnskey,
for (i = 0; i < sizeof(algorithms); i++) {
if (delete) {
if (algorithms[i] != notexpected) {
- CHECK(DNS_R_BADCDNSKEY);
+ CLEANUP(DNS_R_BADCDNSKEY);
}
} else if (algorithms[i] == expected) {
- CHECK(DNS_R_BADCDNSKEY);
+ CLEANUP(DNS_R_BADCDNSKEY);
}
}
}
n = sscanf(keystr, "%hu/", &keyid);
if (n == 0U) {
- CHECK(ISC_R_FAILURE);
+ CLEANUP(ISC_R_FAILURE);
}
algstr = strchr(keystr, '/');
if (algstr != NULL) {
algstr++;
} else {
- CHECK(ISC_R_FAILURE);
+ CLEANUP(ISC_R_FAILURE);
}
n = sscanf(algstr, "%u", &alg);
if (!inline_secure(zone)) {
if (!dns_zone_isdynamic(zone, true)) {
- CHECK(DNS_R_NOTDYNAMIC);
+ CLEANUP(DNS_R_NOTDYNAMIC);
}
}
if (zone->update_disabled) {
- CHECK(DNS_R_FROZEN);
+ CLEANUP(DNS_R_FROZEN);
}
sse = isc_mem_get(zone->mctx, sizeof(*sse));
strerror_r(errno, strbuf, sizeof(strbuf));
UNEXPECTED_ERROR("getting interface addresses: getifaddrs: %s",
strbuf);
- CHECK(ISC_R_UNEXPECTED);
+ CLEANUP(ISC_R_UNEXPECTED);
}
/*
}
if (isc__nmsocket_closing(sock)) {
- CHECK(ISC_R_CANCELED);
+ CLEANUP(ISC_R_CANCELED);
}
if (!sock->reading_throttled) {
* isc__nm_tcp_close() can't handle uninitalized TCP nmsocket.
*/
if (isc__nmsocket_closing(csock)) {
- CHECK(ISC_R_CANCELED);
+ CLEANUP(ISC_R_CANCELED);
}
r = uv_accept(&csock->server->uv_handle.stream,
* it has expired. We cannot do anything better than
* drop it on the floor at this point.
*/
- CHECK(ISC_R_TIMEDOUT);
+ CLEANUP(ISC_R_TIMEDOUT);
} else {
/* Adjust the initial read timeout accordingly */
csock->read_timeout -= time_elapsed_ms;
transports = isc_nm_httpsocket;
encrypted = false;
} else {
- CHECK(ISC_R_FAILURE);
+ CLEANUP(ISC_R_FAILURE);
}
}
cfg_obj_log(ce, ISC_LOG_WARNING,
"address match list contains "
"unsupported element type");
- CHECK(ISC_R_FAILURE);
+ CLEANUP(ISC_R_FAILURE);
}
/*
* We can't interpret the trust anchor, so
* we skip all other checks.
*/
- CHECK(ISC_R_FAILURE);
+ CLEANUP(ISC_R_FAILURE);
UNREACHABLE();
}
"allowed when offline-ksk "
"is enabled");
}
- CHECK(ISC_R_FAILURE);
+ CLEANUP(ISC_R_FAILURE);
}
key->role |= DNS_KASP_KEY_ROLE_KSK;
key->role |= DNS_KASP_KEY_ROLE_ZSK;
"not exist",
keydir);
}
- CHECK(ISC_R_FAILURE);
+ CLEANUP(ISC_R_FAILURE);
} else if (result != ISC_R_SUCCESS) {
if (log_errors) {
cfg_obj_log(obj, ISC_LOG_ERROR,
"dnssec-policy: bad keystore %s",
keydir);
}
- CHECK(ISC_R_FAILURE);
+ CLEANUP(ISC_R_FAILURE);
}
INSIST(key->keystore != NULL);
"takes to "
"do a rollover");
}
- CHECK(ISC_R_FAILURE);
+ CLEANUP(ISC_R_FAILURE);
}
}
"dnssec-policy: bad algorithm %s",
alg.base);
}
- CHECK(DNS_R_BADALG);
+ CLEANUP(DNS_R_BADALG);
}
if (check_algorithms && isc_crypto_fips_mode() &&
(key->algorithm == DST_ALG_RSASHA1 ||
"in FIPS mode",
alg.base);
}
- CHECK(DNS_R_BADALG);
+ CLEANUP(DNS_R_BADALG);
}
if (check_algorithms &&
"supported",
alg.base);
}
- CHECK(DNS_R_BADALG);
+ CLEANUP(DNS_R_BADALG);
}
switch (key->algorithm) {
"key length %u",
alg.base, size);
}
- CHECK(ISC_R_RANGE);
+ CLEANUP(ISC_R_RANGE);
}
break;
case DST_ALG_ECDSA256:
"dnssec-policy: tag-min "
"too big");
}
- CHECK(ISC_R_RANGE);
+ CLEANUP(ISC_R_RANGE);
}
obj = cfg_tuple_get(tagrange, "tag-max");
tag_max = cfg_obj_asuint32(obj);
"dnssec-policy: tag-max "
"too big");
}
- CHECK(ISC_R_RANGE);
+ CLEANUP(ISC_R_RANGE);
}
if (tag_min >= tag_max) {
if (log_errors) {
"dnssec-policy: tag-min >= "
"tag_max");
}
- CHECK(ISC_R_RANGE);
+ CLEANUP(ISC_R_RANGE);
}
key->tag_min = tag_min;
key->tag_max = tag_max;
} else {
cfg_parser_error(pctx, CFG_LOG_NEAR,
"unexpected token");
- CHECK(ISC_R_UNEXPECTEDTOKEN);
+ CLEANUP(ISC_R_UNEXPECTEDTOKEN);
}
} else {
break;
if (f->name == NULL) {
cfg_parser_error(pctx, 0, "unexpected '%s'",
TOKEN_STRING(pctx));
- CHECK(ISC_R_UNEXPECTEDTOKEN);
+ CLEANUP(ISC_R_UNEXPECTEDTOKEN);
}
if (obj->value.tuple[fn] == NULL &&
strcasecmp(f->name, TOKEN_STRING(pctx)) == 0)
CHECK(cfg_gettoken(pctx, 0));
if (pctx->token.type != isc_tokentype_string) {
- CHECK(ISC_R_UNEXPECTEDTOKEN);
+ CLEANUP(ISC_R_UNEXPECTEDTOKEN);
}
CHECK(parse_unitstring(TOKEN_STRING(pctx), &val));
CHECK(cfg_gettoken(pctx, 0));
if (pctx->token.type != isc_tokentype_string) {
- CHECK(ISC_R_UNEXPECTEDTOKEN);
+ CLEANUP(ISC_R_UNEXPECTEDTOKEN);
}
percent = strtoull(TOKEN_STRING(pctx), &endp, 10);
} else {
cfg_parser_error(pctx, CFG_LOG_NEAR, "expected '%s'",
kw->name);
- CHECK(ISC_R_UNEXPECTEDTOKEN);
+ CLEANUP(ISC_R_UNEXPECTEDTOKEN);
}
}
CHECK(cfg_gettoken(pctx, 0));
if (pctx->token.type != isc_tokentype_string) {
- CHECK(ISC_R_UNEXPECTEDTOKEN);
+ CLEANUP(ISC_R_UNEXPECTEDTOKEN);
}
return parse_duration(pctx, ret);
CHECK(cfg_gettoken(pctx, 0));
if (pctx->token.type != isc_tokentype_string) {
- CHECK(ISC_R_UNEXPECTEDTOKEN);
+ CLEANUP(ISC_R_UNEXPECTEDTOKEN);
}
if (strcmp(TOKEN_STRING(pctx), "unlimited") == 0) {
CHECK(parse_semicolon(pctx));
if (includename->value.string.length == 0) {
- CHECK(ISC_R_FILENOTFOUND);
+ CLEANUP(ISC_R_FILENOTFOUND);
}
/*
case 0:
break;
case GLOB_NOMATCH:
- CHECK(ISC_R_FILENOTFOUND);
+ CLEANUP(ISC_R_FILENOTFOUND);
break;
case GLOB_NOSPACE:
- CHECK(ISC_R_NOMEMORY);
+ CLEANUP(ISC_R_NOMEMORY);
break;
default:
if (errno == 0) {
- CHECK(ISC_R_IOERROR);
+ CLEANUP(ISC_R_IOERROR);
}
CHECK(isc_errno_toresult(errno));
}
cfg_parser_error(pctx, 0,
"option '%s' no longer exists",
clause->name);
- CHECK(ISC_R_FAILURE);
+ CLEANUP(ISC_R_FAILURE);
}
if ((pctx->flags & CFG_PCTX_ALLCONFIGS) == 0 &&
(clause->flags & CFG_CLAUSEFLAG_NOTCONFIGURED) != 0)
"option '%s' was not "
"enabled at compile time",
clause->name);
- CHECK(ISC_R_FAILURE);
+ CLEANUP(ISC_R_FAILURE);
}
if ((pctx->flags & CFG_PCTX_BUILTIN) == 0 &&
(clause->flags & CFG_CLAUSEFLAG_BUILTINONLY) != 0)
CHECK(cfg_gettoken(pctx, CFG_LEXOPT_QSTRING));
if (pctx->token.type == isc_tokentype_eof) {
cfg_ungettoken(pctx);
- CHECK(ISC_R_EOF);
+ CLEANUP(ISC_R_EOF);
}
isc_lex_getlasttokentext(pctx->lexer, &pctx->token, &r);
if (pctx->token.type == isc_tokentype_eof || braces < 0) {
cfg_parser_error(pctx, CFG_LOG_NEAR,
"unexpected token");
- CHECK(ISC_R_UNEXPECTEDTOKEN);
+ CLEANUP(ISC_R_UNEXPECTEDTOKEN);
}
CHECK(cfg_parse_listelt(pctx, listobj, &cfg_type_token, &elt));
if (have_address != 1) {
cfg_parser_error(pctx, 0, "expected exactly one address");
- CHECK(ISC_R_UNEXPECTEDTOKEN);
+ CLEANUP(ISC_R_UNEXPECTEDTOKEN);
}
if (!is_port_ok && have_port > 0) {
cfg_parser_error(pctx, 0, "subconfig 'port' no longer exists");
- CHECK(ISC_R_UNEXPECTEDTOKEN);
+ CLEANUP(ISC_R_UNEXPECTEDTOKEN);
}
if (have_port > 1) {
cfg_parser_error(pctx, 0, "expected at most one port");
- CHECK(ISC_R_UNEXPECTEDTOKEN);
+ CLEANUP(ISC_R_UNEXPECTEDTOKEN);
}
if (have_tls > 1) {
cfg_parser_error(pctx, 0, "expected at most one tls");
- CHECK(ISC_R_UNEXPECTEDTOKEN);
+ CLEANUP(ISC_R_UNEXPECTEDTOKEN);
}
cfg_obj_create(pctx->mctx, cfg_parser_currentfile(pctx), pctx->line,
ISC_LOG_ERROR,
"failed to dlopen() plugin '%s': %s", modpath,
errmsg);
- CHECK(ISC_R_FAILURE);
+ CLEANUP(ISC_R_FAILURE);
}
CHECK(load_symbol(&plugin->handle, modpath, "plugin_version",
ISC_LOG_ERROR,
"plugin API version mismatch: %d/%d", version,
NS_PLUGIN_VERSION);
- CHECK(ISC_R_FAILURE);
+ CLEANUP(ISC_R_FAILURE);
}
CHECK(load_symbol(&plugin->handle, modpath, "plugin_check",
}
result = dns_zone_checknames(zone, name, &rdata);
if (result != ISC_R_SUCCESS) {
- CHECK(DNS_R_REFUSED);
+ CLEANUP(DNS_R_REFUSED);
}
if ((options & DNS_ZONEOPT_CHECKSVCB) != 0 &&
rdata.type == dns_rdatatype_svcb)
update_log(client, zone, ISC_LOG_WARNING,
"update RR has incorrect class %d",
update_class);
- CHECK(DNS_R_FORMERR);
+ CLEANUP(DNS_R_FORMERR);
}
/*
isc_result_totext(result));
ns_stats_increment(client->manager->sctx->nsstats,
ns_statscounter_updatequota);
- CHECK(DNS_R_DROP);
+ CLEANUP(DNS_R_DROP);
}
uev = isc_mem_get(client->manager->mctx, sizeof(*uev));
if (!dns_zone_check_dnskey_nsec3(zone, db, ver, diff, NULL, 0)) {
update_log(client, zone, ISC_LOG_ERROR,
"NSEC only DNSKEYs and NSEC3 chains not allowed");
- CHECK(DNS_R_REFUSED);
+ CLEANUP(DNS_R_REFUSED);
}
/* Verify NSEC3 params */
if (iterations > dns_nsec3_maxiterations()) {
update_log(client, zone, ISC_LOG_ERROR,
"too many NSEC3 iterations (%u)", iterations);
- CHECK(DNS_R_REFUSED);
+ CLEANUP(DNS_R_REFUSED);
}
cleanup:
update_log(client, zone, LOGLEVEL_PROTOCOL,
"update rejected: post update name server "
"sanity check failed");
- CHECK(DNS_R_REFUSED);
+ CLEANUP(DNS_R_REFUSED);
}
}
if (!ISC_LIST_EMPTY(diff.tuples) && is_signing) {
update_log(client, zone, LOGLEVEL_PROTOCOL,
"update rejected: bad %s RRset",
result == DNS_R_BADCDS ? "CDS" : "CDNSKEY");
- CHECK(DNS_R_REFUSED);
+ CLEANUP(DNS_R_REFUSED);
}
CHECK(result);
}
"records in zone (%" PRIu64
") exceeds max-records (%u)",
records, maxrecords);
- CHECK(DNS_R_TOOMANYRECORDS);
+ CLEANUP(DNS_R_TOOMANYRECORDS);
}
}
"(%d bytes)",
size);
/* XXX DNS_R_RRTOOLARGE? */
- CHECK(ISC_R_NOSPACE);
+ CLEANUP(ISC_R_NOSPACE);
}
break;
}
projects / thirdparty / bind9.git / commitdiff
