PenaltyExcessCharacter: 100
Standard: Cpp11
ContinuationIndentWidth: 8
-ForEachMacros: [ 'cds_lfs_for_each', 'cds_lfs_for_each_safe', 'cds_list_for_each_entry_safe', 'ISC_LIST_FOREACH', 'ISC_LIST_FOREACH_SAFE', 'ISC_LIST_FOREACH_REV', 'ISC_LIST_FOREACH_REV_SAFE', 'MSG_SECTION_FOREACH' ]
+ForEachMacros: [ 'cds_lfs_for_each', 'cds_lfs_for_each_safe', 'cds_list_for_each_entry_safe', 'ISC_LIST_FOREACH', 'ISC_LIST_FOREACH_SAFE', 'ISC_LIST_FOREACH_REV', 'ISC_LIST_FOREACH_REV_SAFE', 'MSG_SECTION_FOREACH', 'DNS_RDATASET_FOREACH' ]
RemoveParentheses: ReturnStatement
RemoveSemicolon: true
checkns(dns_zone_t *zone, const dns_name_t *name, const dns_name_t *owner,
dns_rdataset_t *a, dns_rdataset_t *aaaa) {
dns_rdataset_t *rdataset;
- dns_rdata_t rdata = DNS_RDATA_INIT;
- isc_result_t result;
struct addrinfo hints = {
.ai_flags = AI_CANONNAME,
.ai_family = PF_UNSPEC,
if (!dns_rdataset_isassociated(a)) {
goto checkaaaa;
}
- result = dns_rdataset_first(a);
- while (result == ISC_R_SUCCESS) {
+
+ DNS_RDATASET_FOREACH (a) {
+ dns_rdata_t rdata = DNS_RDATA_INIT;
dns_rdataset_current(a, &rdata);
match = false;
for (cur = ai; cur != NULL; cur = cur->ai_next) {
/* XXX950 make fatal for 9.5.0 */
/* answer = false; */
}
- dns_rdata_reset(&rdata);
- result = dns_rdataset_next(a);
}
checkaaaa:
if (!dns_rdataset_isassociated(aaaa)) {
goto checkmissing;
}
- result = dns_rdataset_first(aaaa);
- while (result == ISC_R_SUCCESS) {
+ DNS_RDATASET_FOREACH (aaaa) {
+ dns_rdata_t rdata = DNS_RDATA_INIT;
dns_rdataset_current(aaaa, &rdata);
match = false;
for (cur = ai; cur != NULL; cur = cur->ai_next) {
/* XXX950 make fatal for 9.5.0. */
/* answer = false; */
}
- dns_rdata_reset(&rdata);
- result = dns_rdataset_next(aaaa);
}
checkmissing:
}
match = false;
if (dns_rdataset_isassociated(rdataset)) {
- result = dns_rdataset_first(rdataset);
- } else {
- result = ISC_R_FAILURE;
- }
- while (result == ISC_R_SUCCESS && !match) {
- dns_rdataset_current(rdataset, &rdata);
- if (memcmp(ptr, rdata.data, rdata.length) == 0)
- {
- match = true;
+ DNS_RDATASET_FOREACH (rdataset) {
+ dns_rdata_t rdata = DNS_RDATA_INIT;
+ dns_rdataset_current(rdataset, &rdata);
+ if (memcmp(ptr, rdata.data,
+ rdata.length) == 0)
+ {
+ match = true;
+ break;
+ }
}
- dns_rdata_reset(&rdata);
- result = dns_rdataset_next(rdataset);
}
+
if (!match) {
dns_zone_log(zone, ISC_LOG_ERROR,
"%s/NS '%s' "
isc_buffer_init(&target, t, len);
if (short_form) {
- dns_rdata_t rdata = DNS_RDATA_INIT;
- for (result = dns_rdataset_first(rdataset);
- result == ISC_R_SUCCESS;
- result = dns_rdataset_next(rdataset))
- {
+ DNS_RDATASET_FOREACH (rdataset) {
+ dns_rdata_t rdata = DNS_RDATA_INIT;
+
if ((rdataset->attributes &
DNS_RDATASETATTR_NEGATIVE) != 0)
{
}
isc_buffer_putstr(&target, "\n");
-
- dns_rdata_reset(&rdata);
}
} else {
dns_indent_t indent = { " ", 2 };
static isc_result_t
short_answer(dns_message_t *msg, dns_messagetextflag_t flags, isc_buffer_t *buf,
dig_query_t *query) {
- isc_result_t result, loopresult;
dns_name_t empty_name;
- dns_rdata_t rdata = DNS_RDATA_INIT;
UNUSED(flags);
dns_name_init(&empty_name);
MSG_SECTION_FOREACH (msg, DNS_SECTION_ANSWER, name) {
ISC_LIST_FOREACH (name->list, rdataset, link) {
- loopresult = dns_rdataset_first(rdataset);
- while (loopresult == ISC_R_SUCCESS) {
+ DNS_RDATASET_FOREACH (rdataset) {
+ dns_rdata_t rdata = DNS_RDATA_INIT;
dns_rdataset_current(rdataset, &rdata);
- result = say_message(&rdata, query, buf);
+
+ isc_result_t result = say_message(&rdata, query,
+ buf);
if (result == ISC_R_NOSPACE) {
return result;
}
check_result(result, "say_message");
- loopresult = dns_rdataset_next(rdataset);
- dns_rdata_reset(&rdata);
}
}
}
printgreeting(argc, argv, *lookup);
*firstarg = false;
}
- ISC_LIST_APPEND(lookup_list, (*lookup), link);
+ ISC_LIST_APPEND(lookup_list, *lookup, link);
debug("looking up %s", (*lookup)->textname);
}
return value_from_next;
dig_lookup_t *lookup = NULL;
dig_server_t *srv = NULL;
dns_rdataset_t *rdataset = NULL;
- dns_rdata_t rdata = DNS_RDATA_INIT;
isc_result_t result = ISC_R_NOMORE;
bool success = false;
int numLookups = 0;
}
}
- for (result = dns_rdataset_first(rdataset);
- result == ISC_R_SUCCESS;
- result = dns_rdataset_next(rdataset))
- {
+ DNS_RDATASET_FOREACH (rdataset) {
+ dns_rdata_t rdata = DNS_RDATA_INIT;
char namestr[DNS_NAME_FORMATSIZE];
dns_rdata_ns_t ns;
}
}
numLookups += num;
- dns_rdata_reset(&rdata);
}
}
if (numLookups == 0 && addresses_result != ISC_R_SUCCESS) {
static bool
check_for_more_data(dig_lookup_t *lookup, dig_query_t *query,
dns_message_t *msg, isc_sockaddr_t *peer, int len) {
- dns_rdata_t rdata = DNS_RDATA_INIT;
dns_rdata_soa_t soa;
uint32_t ixfr_serial = lookup->ixfr_serial, serial;
isc_result_t result;
}
MSG_SECTION_FOREACH (msg, DNS_SECTION_ANSWER, name) {
ISC_LIST_FOREACH (name->list, rdataset, link) {
- result = dns_rdataset_first(rdataset);
- if (result != ISC_R_SUCCESS) {
- continue;
- }
- do {
- query->rr_count++;
- dns_rdata_reset(&rdata);
+ DNS_RDATASET_FOREACH (rdataset) {
+ dns_rdata_t rdata = DNS_RDATA_INIT;
dns_rdataset_current(rdataset, &rdata);
+
+ query->rr_count++;
/*
* If this is the first rr, make sure
* it's an SOA
query->second_rr_serial = 0;
debug("got the second rr as nonsoa");
axfr = query->ixfr_axfr = true;
- goto next_rdata;
+ continue;
}
/*
* now, just continue on...
*/
if (rdata.type != dns_rdatatype_soa) {
- goto next_rdata;
+ continue;
}
/* Now we have an SOA. Work with it. */
"response");
goto doexit;
}
- goto next_rdata;
+ continue;
}
if (axfr) {
debug("doing axfr, got second SOA");
serial);
query->second_rr_rcvd = true;
query->second_rr_serial = serial;
- goto next_rdata;
+ continue;
}
/*
* If we get to this point, we're doing an
debug("got a match for ixfr");
if (!query->first_repeat_rcvd) {
query->first_repeat_rcvd = true;
- goto next_rdata;
+ continue;
}
debug("done with ixfr");
goto doexit;
}
debug("meaningless soa %u", serial);
- next_rdata:
- result = dns_rdataset_next(rdataset);
- } while (result == ISC_R_SUCCESS);
+ }
}
}
printsection(dns_message_t *msg, dns_section_t sectionid,
const char *section_name, bool headers, dig_query_t *query) {
dns_name_t *print_name;
- dns_rdata_t rdata = DNS_RDATA_INIT;
isc_buffer_t target;
- isc_result_t result, loopresult;
+ isc_result_t result;
isc_region_t r;
dns_name_t empty_name;
char tbuf[4096] = { 0 };
UNUSED(first); /* Shut up compiler. */
#endif /* ifdef USEINITALWS */
} else {
- loopresult = dns_rdataset_first(rdataset);
- while (loopresult == ISC_R_SUCCESS) {
+ DNS_RDATASET_FOREACH (rdataset) {
+ dns_rdata_t rdata = DNS_RDATA_INIT;
struct rtype *t;
const char *rtt;
char typebuf[DNS_RDATATYPE_FORMATSIZE];
found:
say_message(print_name, rtt, &rdata,
query);
- dns_rdata_reset(&rdata);
- loopresult =
- dns_rdataset_next(rdataset);
}
}
}
static isc_result_t
printsection(dig_query_t *query, dns_message_t *msg, bool headers,
dns_section_t section) {
- dns_rdata_t rdata = DNS_RDATA_INIT;
char namebuf[DNS_NAME_FORMATSIZE];
UNUSED(query);
MSG_SECTION_FOREACH (msg, section, name) {
ISC_LIST_FOREACH (name->list, rdataset, link) {
- isc_result_t loopresult = dns_rdataset_first(rdataset);
- while (loopresult == ISC_R_SUCCESS) {
+ DNS_RDATASET_FOREACH (rdataset) {
+ dns_rdata_t rdata = DNS_RDATA_INIT;
dns_rdataset_current(rdataset, &rdata);
switch (rdata.type) {
case dns_rdatatype_a:
printrdata(&rdata);
break;
}
- dns_rdata_reset(&rdata);
- loopresult = dns_rdataset_next(rdataset);
}
}
}
static isc_result_t
detailsection(dig_query_t *query, dns_message_t *msg, bool headers,
dns_section_t section) {
- dns_rdata_t rdata = DNS_RDATA_INIT;
char namebuf[DNS_NAME_FORMATSIZE];
UNUSED(query);
namebuf, sizeof(namebuf));
printf("class = %s\n", namebuf);
}
- isc_result_t loopresult = dns_rdataset_first(rdataset);
- while (loopresult == ISC_R_SUCCESS) {
+ DNS_RDATASET_FOREACH (rdataset) {
+ dns_rdata_t rdata = DNS_RDATA_INIT;
dns_rdataset_current(rdataset, &rdata);
dns_name_format(name, namebuf, sizeof(namebuf));
printf("\t");
printrdata(&rdata);
}
- dns_rdata_reset(&rdata);
printf("\tttl = %u\n", rdataset->ttl);
- loopresult = dns_rdataset_next(rdataset);
}
}
}
isc_result_t result;
unsigned char dsbuf[DNS_DS_BUFFERSIZE];
- for (result = dns_rdataset_first(dsset); result == ISC_R_SUCCESS;
- result = dns_rdataset_next(dsset))
- {
+ DNS_RDATASET_FOREACH (dsset) {
dns_rdata_ds_t ds;
dns_rdata_t dsrdata = DNS_RDATA_INIT;
dns_rdata_t newdsrdata = DNS_RDATA_INIT;
match_keyset_dsset(dns_rdataset_t *keyset, dns_rdataset_t *dsset,
strictness_t strictness) {
isc_result_t result;
- keyinfo_t *keytable, *ki;
- int i;
+ keyinfo_t *keytable = NULL, *ki = NULL;
+ int i = 0;
nkey = dns_rdataset_count(keyset);
keytable = isc_mem_cget(mctx, nkey, sizeof(keytable[0]));
+ ki = keytable;
- for (result = dns_rdataset_first(keyset), i = 0, ki = keytable;
- result == ISC_R_SUCCESS;
- result = dns_rdataset_next(keyset), i++, ki++)
- {
+ DNS_RDATASET_FOREACH (keyset) {
dns_rdata_dnskey_t dnskey;
- dns_rdata_t *keyrdata;
+ dns_rdata_t *keyrdata = NULL;
isc_region_t r;
- INSIST(i < nkey);
+ INSIST(i++ < nkey);
keyrdata = &ki->rdata;
dns_rdata_init(keyrdata);
ki->dst = NULL;
if (!match_key_dsset(ki, dsset, strictness)) {
+ ki++;
continue;
}
"keytag=%d, algo=%d): %s\n",
ki->tag, ki->algo, isc_result_totext(result));
}
+ ki++;
}
return keytable;
matching_sigs(keyinfo_t *keytbl, dns_rdataset_t *rdataset,
dns_rdataset_t *sigset) {
isc_result_t result;
- dns_secalg_t *algo;
+ dns_secalg_t *algo = NULL;
int i;
REQUIRE(keytbl != NULL);
algo = isc_mem_cget(mctx, nkey, sizeof(algo[0]));
- for (result = dns_rdataset_first(sigset); result == ISC_R_SUCCESS;
- result = dns_rdataset_next(sigset))
- {
+ DNS_RDATASET_FOREACH (sigset) {
dns_rdata_t sigrdata = DNS_RDATA_INIT;
dns_rdata_rrsig_t sig;
isc_result_t result;
bool all_ok = true;
- for (result = dns_rdataset_first(dsset); result == ISC_R_SUCCESS;
- result = dns_rdataset_next(dsset))
- {
+ DNS_RDATASET_FOREACH (dsset) {
dns_rdata_t dsrdata = DNS_RDATA_INIT;
dns_rdata_ds_t ds;
bool ds_ok;
dns_rdataset_t *crdset) {
isc_result_t result;
- for (result = dns_rdataset_first(crdset); result == ISC_R_SUCCESS;
- result = dns_rdataset_next(crdset))
- {
+ DNS_RDATASET_FOREACH (crdset) {
dns_rdata_t crdata = DNS_RDATA_INIT;
dns_rdata_t *ds = NULL;
static bool
consistent_digests(dns_rdataset_t *dsset) {
isc_result_t result;
- dns_rdata_t *arrdata;
- dns_rdata_ds_t *ds;
+ dns_rdata_t *arrdata = NULL;
+ dns_rdata_ds_t *ds = NULL;
dns_keytag_t key_tag;
dns_secalg_t algorithm;
bool match;
- int i, j, n, d;
+ int i = 0, j, n, d;
/*
* First sort the dsset. DS rdata fields are tag, algorithm,
arrdata = isc_mem_cget(mctx, n, sizeof(dns_rdata_t));
- for (result = dns_rdataset_first(dsset), i = 0; result == ISC_R_SUCCESS;
- result = dns_rdataset_next(dsset), i++)
- {
+ DNS_RDATASET_FOREACH (dsset) {
dns_rdata_init(&arrdata[i]);
dns_rdataset_current(dsset, &arrdata[i]);
+ i++;
}
qsort(arrdata, n, sizeof(dns_rdata_t), rdata_cmp);
bool showall = false;
isc_result_t result;
dns_rdataset_t rdataset;
- dns_rdata_t rdata;
-
- dns_rdata_init(&rdata);
if (argc == 1) {
usage();
isc_result_totext(result));
}
- for (result = dns_rdataset_first(&rdataset);
- result == ISC_R_SUCCESS;
- result = dns_rdataset_next(&rdataset))
- {
- dns_rdata_init(&rdata);
+ DNS_RDATASET_FOREACH (&rdataset) {
+ dns_rdata_t rdata = DNS_RDATA_INIT;
dns_rdataset_current(&rdataset, &rdata);
if (verbose > 2) {
}
} else {
unsigned char key_buf[DST_KEY_MAXSIZE];
+ dns_rdata_t rdata = DNS_RDATA_INIT;
loadkey(arg1, key_buf, DST_KEY_MAXSIZE, &rdata);
main(int argc, char **argv) {
char *classname = NULL;
char *filename = NULL, *dir = NULL, *namestr;
- char *endp;
+ char *endp = NULL;
int ch;
isc_result_t result;
dns_rdataset_t rdataset;
- dns_rdata_t rdata;
isc_stdtime_t now = isc_stdtime_now();
- dns_rdata_init(&rdata);
-
if (argc == 1) {
usage();
}
isc_result_totext(result));
}
- for (result = dns_rdataset_first(&rdataset);
- result == ISC_R_SUCCESS;
- result = dns_rdataset_next(&rdataset))
- {
- dns_rdata_init(&rdata);
+ DNS_RDATASET_FOREACH (&rdataset) {
+ dns_rdata_t rdata = DNS_RDATA_INIT;
dns_rdataset_current(&rdataset, &rdata);
emit(dir, &rdata);
}
} else {
unsigned char key_buf[DST_KEY_MAXSIZE];
+ dns_rdata_t rdata = DNS_RDATA_INIT;
loadkey(argv[isc_commandline_index], key_buf, DST_KEY_MAXSIZE,
&rdata);
signset(dns_diff_t *del, dns_diff_t *add, dns_dbnode_t *node, dns_name_t *name,
dns_rdataset_t *set) {
dns_rdataset_t sigset;
- dns_rdata_t sigrdata = DNS_RDATA_INIT;
dns_rdata_rrsig_t rrsig;
isc_result_t result;
bool nosigs = false;
wassignedby[i] = nowsignedby[i] = false;
}
- if (nosigs) {
- result = ISC_R_NOMORE;
- } else {
- result = dns_rdataset_first(&sigset);
- }
+ if (!nosigs) {
+ DNS_RDATASET_FOREACH (&sigset) {
+ dns_rdata_t sigrdata = DNS_RDATA_INIT;
+ dns_dnsseckey_t *key = NULL;
+ bool expired, refresh, future, offline;
+ bool keep = false, resign = false;
- while (result == ISC_R_SUCCESS) {
- dns_dnsseckey_t *key = NULL;
- bool expired, refresh, future, offline;
- bool keep = false, resign = false;
+ dns_rdataset_current(&sigset, &sigrdata);
- dns_rdataset_current(&sigset, &sigrdata);
+ result = dns_rdata_tostruct(&sigrdata, &rrsig, NULL);
+ check_result(result, "dns_rdata_tostruct");
- result = dns_rdata_tostruct(&sigrdata, &rrsig, NULL);
- check_result(result, "dns_rdata_tostruct");
+ future = isc_serial_lt(now, rrsig.timesigned);
- future = isc_serial_lt(now, rrsig.timesigned);
-
- key = keythatsigned(&rrsig);
- offline = (key != NULL) ? key->pubkey : false;
- sig_format(&rrsig, sigstr, sizeof(sigstr));
- expired = isc_serial_gt(now, rrsig.timeexpire);
- refresh = isc_serial_gt(now + cycle, rrsig.timeexpire);
-
- if (isc_serial_gt(rrsig.timesigned, rrsig.timeexpire)) {
- /* rrsig is dropped and not replaced */
- vbprintf(2,
- "\trrsig by %s dropped - "
- "invalid validity period\n",
- sigstr);
- } else if (key == NULL && !future &&
- expecttofindkey(&rrsig.signer))
- {
- /* rrsig is dropped and not replaced */
- vbprintf(2,
- "\trrsig by %s dropped - "
- "private dnskey not found\n",
- sigstr);
- } else if (key == NULL || future) {
- keep = (!expired && !remove_orphansigs);
- vbprintf(2, "\trrsig by %s %s - dnskey not found\n",
- keep ? "retained" : "dropped", sigstr);
- } else if (!dns_dnssec_keyactive(key->key, now) &&
- remove_inactkeysigs)
- {
- keep = false;
- vbprintf(2, "\trrsig by %s dropped - key inactive\n",
- sigstr);
- } else if (issigningkey(key)) {
- wassignedby[key->index] = true;
-
- if (!refresh && rrsig.originalttl == set->ttl &&
- setverifies(name, set, key->key, &sigrdata))
+ key = keythatsigned(&rrsig);
+ offline = (key != NULL) ? key->pubkey : false;
+ sig_format(&rrsig, sigstr, sizeof(sigstr));
+ expired = isc_serial_gt(now, rrsig.timeexpire);
+ refresh = isc_serial_gt(now + cycle, rrsig.timeexpire);
+
+ if (isc_serial_gt(rrsig.timesigned, rrsig.timeexpire)) {
+ /* rrsig is dropped and not replaced */
+ vbprintf(2,
+ "\trrsig by %s dropped - "
+ "invalid validity period\n",
+ sigstr);
+ } else if (key == NULL && !future &&
+ expecttofindkey(&rrsig.signer))
{
- vbprintf(2, "\trrsig by %s retained\n", sigstr);
- keep = true;
- } else if (offline) {
+ /* rrsig is dropped and not replaced */
vbprintf(2,
- "\trrsig by %s retained - private key "
- "missing\n",
+ "\trrsig by %s dropped - "
+ "private dnskey not found\n",
sigstr);
- keep = true;
- } else {
- vbprintf(2, "\trrsig by %s dropped - %s\n",
- sigstr,
- refresh ? "refresh"
- : rrsig.originalttl != set->ttl
- ? "ttl change"
- : "failed to "
- "verify");
- resign = true;
- }
- } else if (!ispublishedkey(key) && remove_orphansigs) {
- vbprintf(2, "\trrsig by %s dropped - dnskey removed\n",
- sigstr);
- } else if (iszonekey(key)) {
- wassignedby[key->index] = true;
-
- if (!refresh && rrsig.originalttl == set->ttl &&
- setverifies(name, set, key->key, &sigrdata))
+ } else if (key == NULL || future) {
+ keep = (!expired && !remove_orphansigs);
+ vbprintf(
+ 2,
+ "\trrsig by %s %s - dnskey not found\n",
+ keep ? "retained" : "dropped", sigstr);
+ } else if (!dns_dnssec_keyactive(key->key, now) &&
+ remove_inactkeysigs)
{
- vbprintf(2, "\trrsig by %s retained\n", sigstr);
- keep = true;
- } else if (offline) {
+ keep = false;
vbprintf(2,
- "\trrsig by %s retained - private key "
- "missing\n",
+ "\trrsig by %s dropped - key "
+ "inactive\n",
sigstr);
+ } else if (issigningkey(key)) {
+ wassignedby[key->index] = true;
+
+ if (!refresh && rrsig.originalttl == set->ttl &&
+ setverifies(name, set, key->key, &sigrdata))
+ {
+ vbprintf(2, "\trrsig by %s retained\n",
+ sigstr);
+ keep = true;
+ } else if (offline) {
+ vbprintf(2,
+ "\trrsig by %s retained - "
+ "private key "
+ "missing\n",
+ sigstr);
+ keep = true;
+ } else {
+ vbprintf(2,
+ "\trrsig by %s dropped - %s\n",
+ sigstr,
+ refresh ? "refresh"
+ : rrsig.originalttl != set->ttl
+ ? "ttl change"
+ : "failed to "
+ "verify");
+ resign = true;
+ }
+ } else if (!ispublishedkey(key) && remove_orphansigs) {
+ vbprintf(2,
+ "\trrsig by %s dropped - dnskey "
+ "removed\n",
+ sigstr);
+ } else if (iszonekey(key)) {
+ wassignedby[key->index] = true;
+
+ if (!refresh && rrsig.originalttl == set->ttl &&
+ setverifies(name, set, key->key, &sigrdata))
+ {
+ vbprintf(2, "\trrsig by %s retained\n",
+ sigstr);
+ keep = true;
+ } else if (offline) {
+ vbprintf(2,
+ "\trrsig by %s retained - "
+ "private key "
+ "missing\n",
+ sigstr);
+ keep = true;
+ } else {
+ vbprintf(2,
+ "\trrsig by %s dropped - %s\n",
+ sigstr,
+ refresh ? "refresh"
+ : rrsig.originalttl != set->ttl
+ ? "ttl change"
+ : "failed to "
+ "verify");
+ }
+ } else if (!refresh) {
+ vbprintf(2, "\trrsig by %s retained\n", sigstr);
keep = true;
} else {
- vbprintf(2, "\trrsig by %s dropped - %s\n",
- sigstr,
- refresh ? "refresh"
- : rrsig.originalttl != set->ttl
- ? "ttl change"
- : "failed to "
- "verify");
+ vbprintf(2, "\trrsig by %s %s\n", sigstr,
+ expired ? "expired" : "needs refresh");
}
- } else if (!refresh) {
- vbprintf(2, "\trrsig by %s retained\n", sigstr);
- keep = true;
- } else {
- vbprintf(2, "\trrsig by %s %s\n", sigstr,
- expired ? "expired" : "needs refresh");
- }
- if (keep) {
- if (key != NULL) {
- nowsignedby[key->index] = true;
- }
- INCSTAT(nretained);
- if (sigset.ttl != ttl) {
- vbprintf(2, "\tfixing ttl %s\n", sigstr);
+ if (keep) {
+ if (key != NULL) {
+ nowsignedby[key->index] = true;
+ }
+ INCSTAT(nretained);
+ if (sigset.ttl != ttl) {
+ vbprintf(2, "\tfixing ttl %s\n",
+ sigstr);
+ tuple = NULL;
+ dns_difftuple_create(
+ mctx, DNS_DIFFOP_DELRESIGN,
+ name, sigset.ttl, &sigrdata,
+ &tuple);
+ dns_diff_append(del, &tuple);
+ dns_difftuple_create(
+ mctx, DNS_DIFFOP_ADDRESIGN,
+ name, ttl, &sigrdata, &tuple);
+ dns_diff_append(add, &tuple);
+ }
+ } else {
tuple = NULL;
+ vbprintf(2, "\tremoving signature by %s\n",
+ sigstr);
dns_difftuple_create(mctx, DNS_DIFFOP_DELRESIGN,
name, sigset.ttl,
&sigrdata, &tuple);
dns_diff_append(del, &tuple);
- dns_difftuple_create(mctx, DNS_DIFFOP_ADDRESIGN,
- name, ttl, &sigrdata,
- &tuple);
- dns_diff_append(add, &tuple);
+ INCSTAT(ndropped);
}
- } else {
- tuple = NULL;
- vbprintf(2, "\tremoving signature by %s\n", sigstr);
- dns_difftuple_create(mctx, DNS_DIFFOP_DELRESIGN, name,
- sigset.ttl, &sigrdata, &tuple);
- dns_diff_append(del, &tuple);
- INCSTAT(ndropped);
- }
- if (resign) {
- INSIST(!keep);
+ if (resign) {
+ INSIST(!keep);
- signwithkey(name, set, key->key, ttl, add,
- "resigning with dnskey");
- nowsignedby[key->index] = true;
- }
+ signwithkey(name, set, key->key, ttl, add,
+ "resigning with dnskey");
+ nowsignedby[key->index] = true;
+ }
- dns_rdata_reset(&sigrdata);
- dns_rdata_freestruct(&rrsig);
- result = dns_rdataset_next(&sigset);
- }
- if (result == ISC_R_NOMORE) {
- result = ISC_R_SUCCESS;
+ dns_rdata_reset(&sigrdata);
+ dns_rdata_freestruct(&rrsig);
+ }
}
check_result(result, "dns_rdataset_first/next");
dns_dbnode_t *node = NULL;
isc_result_t result;
dns_rdataset_t keyset;
- dns_rdata_t key, ds;
unsigned char dsbuf[DNS_DS_BUFFERSIZE];
dns_diff_t diff;
dns_difftuple_t *tuple = NULL;
check_result(result, "dns_db_newversion");
dns_diff_init(mctx, &diff);
- for (result = dns_rdataset_first(&keyset); result == ISC_R_SUCCESS;
- result = dns_rdataset_next(&keyset))
- {
- dns_rdata_init(&key);
- dns_rdata_init(&ds);
+ DNS_RDATASET_FOREACH (&keyset) {
+ dns_rdata_t key = DNS_RDATA_INIT;
+ dns_rdata_t ds = DNS_RDATA_INIT;
dns_rdataset_current(&keyset, &key);
result = dns_ds_buildrdata(name, &key, DNS_DSDIGEST_SHA256,
dsbuf, &ds);
hashlist_t *hashlist) {
dns_label_t label;
dns_rdata_nsec3_t nsec3;
- dns_rdata_t rdata, delrdata;
dns_rdatalist_t rdatalist;
dns_rdataset_t rdataset, delrdataset;
bool delete_rrsigs = false;
* Delete any NSEC3 records which are not part of the current
* NSEC3 chain.
*/
- for (result = dns_rdataset_first(&rdataset); result == ISC_R_SUCCESS;
- result = dns_rdataset_next(&rdataset))
- {
- dns_rdata_init(&rdata);
+ DNS_RDATASET_FOREACH (&rdataset) {
+ dns_rdata_t rdata = DNS_RDATA_INIT;
+ dns_rdata_t delrdata = DNS_RDATA_INIT;
+
dns_rdataset_current(&rdataset, &rdata);
result = dns_rdata_tostruct(&rdata, &nsec3, NULL);
check_result(result, "dns_rdata_tostruct");
if (set_maxttl) {
rdatalist.ttl = ISC_MIN(rdataset.ttl, maxttl);
}
- dns_rdata_init(&delrdata);
+
dns_rdata_clone(&rdata, &delrdata);
ISC_LIST_APPEND(rdatalist.rdata, &delrdata, link);
dns_rdatalist_tordataset(&rdatalist, &delrdataset);
delete_rrsigs = true;
}
dns_rdataset_disassociate(&rdataset);
- if (result != ISC_R_NOMORE) {
- check_result(result, "dns_rdataset_first/next");
- }
if (!delete_rrsigs) {
return;
static void
rrset_cleanup(dns_name_t *name, dns_rdataset_t *rdataset, dns_diff_t *add,
dns_diff_t *del) {
- isc_result_t result;
unsigned int count1 = 0;
dns_rdataset_t tmprdataset;
char namestr[DNS_NAME_FORMATSIZE];
dns_rdatatype_format(rdataset->type, typestr, sizeof(typestr));
dns_rdataset_init(&tmprdataset);
- for (result = dns_rdataset_first(rdataset); result == ISC_R_SUCCESS;
- result = dns_rdataset_next(rdataset))
- {
+ DNS_RDATASET_FOREACH (rdataset) {
dns_rdata_t rdata1 = DNS_RDATA_INIT;
unsigned int count2 = 0;
count1++;
dns_rdataset_current(rdataset, &rdata1);
dns_rdataset_clone(rdataset, &tmprdataset);
- for (result = dns_rdataset_first(&tmprdataset);
- result == ISC_R_SUCCESS;
- result = dns_rdataset_next(&tmprdataset))
- {
+ DNS_RDATASET_FOREACH (&tmprdataset) {
dns_rdata_t rdata2 = DNS_RDATA_INIT;
dns_difftuple_t *tuple = NULL;
count2++;
dns_dbversion_t *currentversion = NULL;
dns_dbnode_t *node = NULL;
dns_rdataset_t rdataset;
- dns_rdata_t rdata = DNS_RDATA_INIT;
isc_result_t result;
dns_rdata_dnskey_t dnskey;
bool have_non_ksk = false;
fatal("failed to find keys at the zone apex: %s",
isc_result_totext(result));
}
+
result = dns_rdataset_first(&rdataset);
check_result(result, "dns_rdataset_first");
- while (result == ISC_R_SUCCESS) {
- dns_rdata_reset(&rdata);
+
+ DNS_RDATASET_FOREACH (&rdataset) {
+ dns_rdata_t rdata = DNS_RDATA_INIT;
dns_rdataset_current(&rdataset, &rdata);
+
result = dns_rdata_tostruct(&rdata, &dnskey, NULL);
check_result(result, "dns_rdata_tostruct");
if ((dnskey.flags & DNS_KEYFLAG_KSK) == 0) {
have_non_ksk = true;
- result = ISC_R_NOMORE;
- } else {
- result = dns_rdataset_next(&rdataset);
+ break;
}
dns_rdata_freestruct(&dnskey);
}
if (dns_keynode_dsset(keynode, &dsset)) {
isc_result_t result;
- for (result = dns_rdataset_first(&dsset);
- result == ISC_R_SUCCESS;
- result = dns_rdataset_next(&dsset))
- {
+ DNS_RDATASET_FOREACH (&dsset) {
dns_rdata_t rdata = DNS_RDATA_INIT;
dns_rdata_ds_t ds;
goto cleanup;
}
- for (result = dns_rdataset_first(&privset);
- result == ISC_R_SUCCESS;
- result = dns_rdataset_next(&privset))
- {
+ DNS_RDATASET_FOREACH (&privset) {
dns_rdata_t priv = DNS_RDATA_INIT;
/*
* In theory, the output buffer could hold a full RDATA
if (!first) {
CHECK(putnull(text));
}
-
- if (result == ISC_R_NOMORE) {
- result = ISC_R_SUCCESS;
- }
} else if (kasp) {
(void)putstr(text, "zone uses dnssec-policy, use rndc dnssec "
"command instead");
char buf[DNS_NAME_FORMATSIZE + 500];
dns_name_t *name = NULL;
dns_rdataset_t *kdset = NULL;
- dns_rdata_t rdata = DNS_RDATA_INIT;
dns_rdata_keydata_t kd;
uint32_t ttl;
CHECK(putstr(text, buf));
}
- for (result = dns_rdataset_first(kdset);
- result == ISC_R_SUCCESS; result = dns_rdataset_next(kdset))
- {
+ DNS_RDATASET_FOREACH (kdset) {
char alg[DNS_SECALG_FORMATSIZE];
char tbuf[ISC_FORMATHTTPTIMESTAMP_SIZE];
+ dns_rdata_t rdata = DNS_RDATA_INIT;
dns_keytag_t keyid;
isc_region_t r;
isc_time_t t;
isc_result_t
syncptrs(sample_instance_t *inst, dns_name_t *name, dns_rdataset_t *rdataset,
dns_diffop_t op) {
- isc_result_t result;
- dns_rdata_t rdata = DNS_RDATA_INIT;
-
- for (result = dns_rdataset_first(rdataset); result == ISC_R_SUCCESS;
- result = dns_rdataset_next(rdataset))
- {
+ isc_result_t result = ISC_R_SUCCESS;
+ DNS_RDATASET_FOREACH (rdataset) {
+ dns_rdata_t rdata = DNS_RDATA_INIT;
dns_rdataset_current(rdataset, &rdata);
result = syncptr(inst, name, &rdata, rdataset->ttl, op);
if (result != ISC_R_SUCCESS && result != ISC_R_NOTFOUND) {
- goto cleanup;
+ break;
}
}
- if (result == ISC_R_NOMORE) {
- result = ISC_R_SUCCESS;
- }
-cleanup:
return result;
}
}
CHECK("dns_message_sectiontotext", result);
} else if (display_answer) {
- isc_result_t loopresult;
dns_name_t empty_name;
- dns_rdata_t rdata = DNS_RDATA_INIT;
unsigned int answerstyleflags = 0;
if (!display_crypto) {
MSG_SECTION_FOREACH (response, DNS_SECTION_ANSWER, name) {
ISC_LIST_FOREACH (name->list, rdataset, link) {
- loopresult = dns_rdataset_first(rdataset);
- while (loopresult == ISC_R_SUCCESS) {
+ DNS_RDATASET_FOREACH (rdataset) {
+ dns_rdata_t rdata = DNS_RDATA_INIT;
dns_rdataset_current(rdataset, &rdata);
result = dns_rdata_tofmttext(
&rdata, NULL, answerstyleflags,
if (result == ISC_R_NOSPACE) {
goto buftoosmall;
}
+
CHECK("dns_rdata_tofmttext", result);
- loopresult =
- dns_rdataset_next(rdataset);
- dns_rdata_reset(&rdata);
if (strlen("\n") >=
isc_buffer_availablelength(buf))
{
REQUIRE(dns_rdatatype_isaddr(rdtype));
- for (isc_result_t result = dns_rdataset_first(rdataset);
- result == ISC_R_SUCCESS; result = dns_rdataset_next(rdataset))
- {
+ DNS_RDATASET_FOREACH (rdataset) {
/* FIXME: Move to a separate function */
dns_adbnamehooklist_t *hookhead = NULL;
dns_adbentry_t *entry = NULL;
catz_process_primaries(dns_catz_zone_t *catz, dns_ipkeylist_t *ipkl,
dns_rdataset_t *value, dns_name_t *name) {
isc_result_t result;
- dns_rdata_t rdata;
dns_rdata_in_a_t rdata_a;
dns_rdata_in_aaaa_t rdata_aaaa;
dns_rdata_txt_t rdata_txt;
* - label and IN TXT - TSIG key name
*/
if (name->length != 0) {
+ dns_rdata_t rdata = DNS_RDATA_INIT;
isc_sockaddr_t sockaddr;
size_t i;
*/
result = dns_rdataset_first(value);
RUNTIME_CHECK(result == ISC_R_SUCCESS);
- dns_rdata_init(&rdata);
dns_rdataset_current(value, &rdata);
switch (value->type) {
case dns_rdatatype_a:
dns_ipkeylist_resize(mctx, ipkl, rcount);
- for (result = dns_rdataset_first(value); result == ISC_R_SUCCESS;
- result = dns_rdataset_next(value))
- {
- dns_rdata_init(&rdata);
+ DNS_RDATASET_FOREACH (value) {
+ dns_rdata_t rdata = DNS_RDATA_INIT;
dns_rdataset_current(value, &rdata);
/*
* port 0 == take the default
i = 0;
ok = 0;
- for (result = dns_rdataset_first(rdataset);
- result == ISC_R_SUCCESS;
- result = dns_rdataset_next(rdataset))
- {
+ DNS_RDATASET_FOREACH (rdataset) {
dns_rdata_t rdata = DNS_RDATA_INIT;
if (aaaaok == NULL || !aaaaok[i]) {
dns_rdataset_current(rdataset, &rdata);
unsigned int oplen, iplen;
size_t count = 0;
struct in6_addr ina6;
- isc_result_t result;
REQUIRE(prefix != NULL && len != NULL && *len != 0U);
REQUIRE(rdataset != NULL && rdataset->type == dns_rdatatype_aaaa);
dns_rdataset_clone(rdataset, &outer);
dns_rdataset_clone(rdataset, &inner);
- for (result = dns_rdataset_first(&outer); result == ISC_R_SUCCESS;
- result = dns_rdataset_next(&outer))
- {
+ DNS_RDATASET_FOREACH (&outer) {
dns_rdata_t rd1 = DNS_RDATA_INIT;
dns_rdataset_current(&outer, &rd1);
oplen = 0;
}
/* Look for the 192.0.0.171 match. */
- for (result = dns_rdataset_first(&inner);
- result == ISC_R_SUCCESS;
- result = dns_rdataset_next(&inner))
- {
+ bool matched = false;
+ DNS_RDATASET_FOREACH (&inner) {
dns_rdata_t rd2 = DNS_RDATA_INIT;
dns_rdataset_current(&inner, &rd2);
iplen = search(&rd2, &rd1, oplen);
- if (iplen == 0) {
- continue;
- }
- INSIST(iplen == oplen);
- if (count >= *len) {
+ if (iplen != 0) {
+ matched = true;
+ INSIST(iplen == oplen);
+ if (count >= *len) {
+ count++;
+ break;
+ }
+
+ /* We have a prefix. */
+ memset(ina6.s6_addr, 0, sizeof(ina6.s6_addr));
+ memmove(ina6.s6_addr, rd1.data, oplen / 8);
+ isc_netaddr_fromin6(&prefix[count].addr, &ina6);
+ prefix[count].prefixlen = oplen;
count++;
- break;
}
-
- /* We have a prefix. */
- memset(ina6.s6_addr, 0, sizeof(ina6.s6_addr));
- memmove(ina6.s6_addr, rd1.data, oplen / 8);
- isc_netaddr_fromin6(&prefix[count].addr, &ina6);
- prefix[count].prefixlen = oplen;
- count++;
- break;
}
/* Didn't find a match look for a different prefix length. */
- if (result == ISC_R_NOMORE) {
+ if (!matched) {
goto resume;
}
}
aaaalist->rdclass = dns_rdataclass_in;
aaaalist->type = dns_rdatatype_aaaa;
- for (result = dns_rdataset_first(a); result == ISC_R_SUCCESS;
- result = dns_rdataset_next(a))
- {
+ DNS_RDATASET_FOREACH (a) {
+ dns_rdata_t rdata = DNS_RDATA_INIT;
+ dns_rdataset_current(a, &rdata);
+
ISC_LIST_FOREACH (dns64s, dns64, link) {
- dns_rdata_t rdata = DNS_RDATA_INIT;
dns_rdata_t *dns64_rdata = NULL;
isc_region_t r;
- dns_rdataset_current(a, &rdata);
isc_buffer_availableregion(buffer, &r);
INSIST(r.length >= 16);
result = dns_dns64_aaaafroma(dns64, &netaddr, reqsigner,
dns_keytag_t keytag;
dns_rdata_dnskey_t key;
dns_rdata_rrsig_t sig;
- dns_rdata_t sigrdata = DNS_RDATA_INIT;
isc_result_t result;
INSIST(sigrdataset->type == dns_rdatatype_rrsig);
RUNTIME_CHECK(result == ISC_R_SUCCESS);
keytag = dst_key_id(dstkey);
- for (result = dns_rdataset_first(sigrdataset); result == ISC_R_SUCCESS;
- result = dns_rdataset_next(sigrdataset))
- {
- dns_rdata_reset(&sigrdata);
+ DNS_RDATASET_FOREACH (sigrdataset) {
+ dns_rdata_t sigrdata = DNS_RDATA_INIT;
dns_rdataset_current(sigrdataset, &sigrdata);
result = dns_rdata_tostruct(&sigrdata, &sig, NULL);
RUNTIME_CHECK(result == ISC_R_SUCCESS);
bool
dns_dnssec_haszonekey(dns_rdataset_t *keyset) {
- isc_result_t result;
-
REQUIRE(keyset != NULL);
if (keyset->type != dns_rdatatype_dnskey) {
return false;
}
- for (result = dns_rdataset_first(keyset); result == ISC_R_SUCCESS;
- result = dns_rdataset_next(keyset))
- {
+ DNS_RDATASET_FOREACH (keyset) {
dns_rdata_t rdata = DNS_RDATA_INIT;
dns_rdata_dnskey_t key;
keyid = dst_key_id(key->key);
keyalg = dst_key_alg(key->key);
- for (result = dns_rdataset_first(&sigs);
- result == ISC_R_SUCCESS; result = dns_rdataset_next(&sigs))
- {
+ DNS_RDATASET_FOREACH (&sigs) {
dns_rdata_rrsig_t sig;
dns_rdata_reset(&rdata);
}
}
- if (result == ISC_R_NOMORE) {
- result = ISC_R_SUCCESS;
- }
-
if (dns_rdataset_isassociated(&sigs)) {
dns_rdataset_disassociate(&sigs);
}
dns_rdataset_t *soasigs, bool savekeys,
bool publickey, dns_dnsseckeylist_t *keylist) {
dns_rdataset_t keys;
- dns_rdata_t rdata = DNS_RDATA_INIT;
dst_key_t *dnskey = NULL, *pubkey = NULL, *privkey = NULL;
isc_result_t result;
dns_rdataset_init(&keys);
dns_rdataset_clone(keyset, &keys);
- for (result = dns_rdataset_first(&keys); result == ISC_R_SUCCESS;
- result = dns_rdataset_next(&keys))
- {
- dns_rdata_reset(&rdata);
+ DNS_RDATASET_FOREACH (&keys) {
+ dns_rdata_t rdata = DNS_RDATA_INIT;
dns_rdataset_current(&keys, &rdata);
REQUIRE(rdata.type == dns_rdatatype_key ||
}
}
- if (result != ISC_R_NOMORE) {
- RETERR(result);
- }
-
if (keysigs != NULL && dns_rdataset_isassociated(keysigs)) {
RETERR(mark_active_keys(keylist, keysigs));
}
static bool
exists(dns_rdataset_t *rdataset, dns_rdata_t *rdata) {
- isc_result_t result;
- dns_rdataset_t trdataset;
-
- dns_rdataset_init(&trdataset);
+ dns_rdataset_t trdataset = DNS_RDATASET_INIT;
dns_rdataset_clone(rdataset, &trdataset);
- for (result = dns_rdataset_first(&trdataset); result == ISC_R_SUCCESS;
- result = dns_rdataset_next(&trdataset))
- {
+
+ DNS_RDATASET_FOREACH (&trdataset) {
dns_rdata_t current = DNS_RDATA_INIT;
dns_rdataset_current(&trdataset, ¤t);
result = dns_rdata_tostruct(dsrdata, &ds, NULL);
RUNTIME_CHECK(result == ISC_R_SUCCESS);
- for (result = dns_rdataset_first(keyset); result == ISC_R_SUCCESS;
- result = dns_rdataset_next(keyset))
- {
+ DNS_RDATASET_FOREACH (keyset) {
dns_rdata_t newdsrdata = DNS_RDATA_INIT;
dns_rdata_reset(keyrdata);
}
if (dns_rdata_compare(dsrdata, &newdsrdata) == 0) {
- break;
+ return ISC_R_SUCCESS;
}
}
- if (result == ISC_R_NOMORE) {
- result = ISC_R_NOTFOUND;
- }
- return result;
+ return ISC_R_NOTFOUND;
}
.link = ISC_LINK_INITIALIZER, \
.count = DNS_RDATASET_COUNT_UNDEFINED }
+/* clang-format off */
+/*
+ * This is a hack to build a unique variable name to
+ * replace 'res' below. (Two layers of macro indirection are
+ * needed to make the line number be part of the variable
+ * name; otherwise it would just be "x__LINE__".)
+ */
+#define DNS__RDATASET_CONNECT(x,y) x##y
+#define DNS__RDATASET_CONCAT(x,y) DNS__RDATASET_CONNECT(x,y)
+#define DNS_RDATASET_FOREACH_RES(rds, res) \
+ for (isc_result_t res = dns_rdataset_first((rds)); \
+ res == ISC_R_SUCCESS; res = dns_rdataset_next((rds)))
+#define DNS_RDATASET_FOREACH(rds) \
+ DNS_RDATASET_FOREACH_RES(rds, DNS__RDATASET_CONCAT(x, __LINE__))
+/* clang-format on */
+
/*!
* \def DNS_RDATASETATTR_RENDERED
* Used by message.c to indicate that the rdataset was rendered.
* Returns:
*\li #ISC_R_SUCCESS
*\li #ISC_R_NOMORE There are no rdata in the set.
+ *
+ * Ensures:
+ *\li No other value is returned.
*/
isc_result_t
* Returns:
*\li #ISC_R_SUCCESS
*\li #ISC_R_NOMORE There are no more rdata in the set.
+ *
+ * Ensures:
+ *\li No other value is returned.
*/
void
for (result = dns_rdatasetiter_first(rdsiter); result == ISC_R_SUCCESS;
result = dns_rdatasetiter_next(rdsiter))
{
- dns_rdataset_t rdataset;
+ dns_rdataset_t rdataset = DNS_RDATASET_INIT;
- dns_rdataset_init(&rdataset);
dns_rdatasetiter_current(rdsiter, &rdataset);
- for (result = dns_rdataset_first(&rdataset);
- result == ISC_R_SUCCESS;
- result = dns_rdataset_next(&rdataset))
- {
+ DNS_RDATASET_FOREACH (&rdataset) {
dns_rdata_t rdata = DNS_RDATA_INIT;
dns_rdataset_current(&rdataset, &rdata);
dns_difftuple_create(diff->mctx, op, name, rdataset.ttl,
dns_diff_append(diff, &tuple);
}
dns_rdataset_disassociate(&rdataset);
- if (result != ISC_R_NOMORE) {
- goto cleanup_iterator;
- }
}
if (result != ISC_R_NOMORE) {
goto cleanup_iterator;
dns_name_format(&keynode->name, namebuf, sizeof(namebuf));
- for (result = dns_rdataset_first(&dsset); result == ISC_R_SUCCESS;
- result = dns_rdataset_next(&dsset))
- {
+ DNS_RDATASET_FOREACH (&dsset) {
char algbuf[DNS_SECALG_FORMATSIZE];
dns_rdata_t rdata = DNS_RDATA_INIT;
dns_rdata_ds_t ds;
ncache_summary(dns_rdataset_t *rdataset, bool omit_final_dot,
dns_totext_ctx_t *ctx, isc_buffer_t *target) {
isc_result_t result = ISC_R_SUCCESS;
- dns_rdataset_t rds;
+ dns_rdataset_t rds = DNS_RDATASET_INIT;
dns_name_t name;
char *start = NULL;
- dns_rdataset_init(&rds);
dns_name_init(&name);
do {
dns_ncache_current(rdataset, &name, &rds);
- for (result = dns_rdataset_first(&rds); result == ISC_R_SUCCESS;
- result = dns_rdataset_next(&rds))
- {
+ DNS_RDATASET_FOREACH (&rds) {
if ((ctx->style.flags & DNS_STYLEFLAG_INDENT) != 0 ||
(ctx->style.flags & DNS_STYLEFLAG_YAML) != 0)
{
REQUIRE(DNS_RDATASET_VALID(rdataset));
- result = dns_rdataset_first(rdataset);
-
current_ttl = ctx->current_ttl;
current_ttl_valid = ctx->current_ttl_valid;
dns_rdataset_getownercase(rdataset, name);
}
- while (result == ISC_R_SUCCESS) {
+ DNS_RDATASET_FOREACH (rdataset) {
column = 0;
/*
}
first = false;
- result = dns_rdataset_next(rdataset);
- }
-
- if (result != ISC_R_NOMORE) {
- return result;
}
/*
isc_buffer_copyregion(buffer, &r);
totallen += sizeof(dlen) + r.length;
- do {
+ DNS_RDATASET_FOREACH (rdataset) {
dns_rdata_t rdata = DNS_RDATA_INIT;
dns_rdataset_current(rdataset, &rdata);
isc_buffer_putuint16(buffer, dlen);
isc_buffer_copyregion(buffer, &r);
totallen += sizeof(dlen) + r.length;
-
- result = dns_rdataset_next(rdataset);
- } while (result == ISC_R_SUCCESS);
-
- if (result != ISC_R_NOMORE) {
- return result;
- }
+ };
/*
* Fill in the total length field.
static isc_result_t
rdataset_soa_min(dns_rdataset_t *rds, dns_ttl_t *ttlp) {
- isc_result_t result;
/* loop over the rdatas */
- for (result = dns_rdataset_first(rds); result == ISC_R_SUCCESS;
- result = dns_rdataset_next(rds))
- {
+ DNS_RDATASET_FOREACH (rds) {
dns_name_t tmp;
isc_region_t r = { 0 };
dns_rdata_t rdata = DNS_RDATA_INIT;
static isc_result_t
copy_rdataset(dns_rdataset_t *rdataset, isc_buffer_t *buffer) {
- isc_result_t result;
unsigned int count;
isc_region_t ar, r;
- dns_rdata_t rdata = DNS_RDATA_INIT;
/*
* Copy the rdataset count to the buffer.
INSIST(count <= 65535);
isc_buffer_putuint16(buffer, (uint16_t)count);
- result = dns_rdataset_first(rdataset);
- while (result == ISC_R_SUCCESS) {
+ DNS_RDATASET_FOREACH (rdataset) {
+ isc_result_t result;
+ dns_rdata_t rdata = DNS_RDATA_INIT;
dns_rdataset_current(rdataset, &rdata);
+
dns_rdata_toregion(&rdata, &r);
INSIST(r.length <= 65535);
isc_buffer_availableregion(buffer, &ar);
if (result != ISC_R_SUCCESS) {
return result;
}
- dns_rdata_reset(&rdata);
- result = dns_rdataset_next(rdataset);
- }
- if (result != ISC_R_NOMORE) {
- return result;
}
return ISC_R_SUCCESS;
dns_ncache_towire(dns_rdataset_t *rdataset, dns_compress_t *cctx,
isc_buffer_t *target, unsigned int options,
unsigned int *countp) {
- dns_rdata_t rdata = DNS_RDATA_INIT;
isc_result_t result;
isc_region_t remaining, tavailable;
isc_buffer_t source, savedbuffer, rdlen;
savedbuffer = *target;
count = 0;
- result = dns_rdataset_first(rdataset);
- while (result == ISC_R_SUCCESS) {
+ DNS_RDATASET_FOREACH (rdataset) {
+ dns_rdata_t rdata = DNS_RDATA_INIT;
dns_rdataset_current(rdataset, &rdata);
+
isc_buffer_init(&source, rdata.data, rdata.length);
isc_buffer_add(&source, rdata.length);
dns_name_init(&name);
count++;
}
INSIST(isc_buffer_remaininglength(&source) == 0);
- result = dns_rdataset_next(rdataset);
- dns_rdata_reset(&rdata);
- }
- if (result != ISC_R_NOMORE) {
- goto rollback;
}
*countp = count;
isc_result_t
dns_ncache_getrdataset(dns_rdataset_t *ncacherdataset, dns_name_t *name,
dns_rdatatype_t type, dns_rdataset_t *rdataset) {
- isc_result_t result;
- dns_rdata_t rdata = DNS_RDATA_INIT;
+ isc_result_t result = ISC_R_NOTFOUND;
isc_region_t remaining;
isc_buffer_t source;
dns_name_t tname;
dns_rdataset_init(&rclone);
dns_rdataset_clone(ncacherdataset, &rclone);
- result = dns_rdataset_first(&rclone);
- while (result == ISC_R_SUCCESS) {
+ DNS_RDATASET_FOREACH (&rclone) {
+ dns_rdata_t rdata = DNS_RDATA_INIT;
dns_rdataset_current(&rclone, &rdata);
+
isc_buffer_init(&source, rdata.data, rdata.length);
isc_buffer_add(&source, rdata.length);
dns_name_init(&tname);
trust = atomic_getuint8(&source);
INSIST(trust <= dns_trust_ultimate);
isc_buffer_remainingregion(&source, &remaining);
+ result = ISC_R_SUCCESS;
break;
}
- result = dns_rdataset_next(&rclone);
- dns_rdata_reset(&rdata);
}
dns_rdataset_disassociate(&rclone);
- if (result == ISC_R_NOMORE) {
- return ISC_R_NOTFOUND;
- }
- if (result != ISC_R_SUCCESS) {
- return result;
- }
- INSIST(remaining.length != 0);
+ if (result == ISC_R_SUCCESS) {
+ INSIST(remaining.length != 0);
- rdataset->methods = &rdataset_methods;
- rdataset->rdclass = ncacherdataset->rdclass;
- rdataset->type = type;
- rdataset->covers = 0;
- rdataset->ttl = ncacherdataset->ttl;
- rdataset->trust = trust;
- rdataset->ncache.raw = remaining.base;
- rdataset->ncache.iter_pos = NULL;
- rdataset->ncache.iter_count = 0;
+ rdataset->methods = &rdataset_methods;
+ rdataset->rdclass = ncacherdataset->rdclass;
+ rdataset->type = type;
+ rdataset->covers = 0;
+ rdataset->ttl = ncacherdataset->ttl;
+ rdataset->trust = trust;
+ rdataset->ncache.raw = remaining.base;
+ rdataset->ncache.iter_pos = NULL;
+ rdataset->ncache.iter_count = 0;
+ }
- return ISC_R_SUCCESS;
+ return result;
}
isc_result_t
dns_ncache_getsigrdataset(dns_rdataset_t *ncacherdataset, dns_name_t *name,
dns_rdatatype_t covers, dns_rdataset_t *rdataset) {
+ isc_result_t result = ISC_R_NOTFOUND;
dns_name_t tname;
dns_rdata_rrsig_t rrsig;
- dns_rdata_t rdata = DNS_RDATA_INIT;
dns_rdataset_t rclone;
dns_rdatatype_t type;
dns_trust_t trust = dns_trust_none;
isc_buffer_t source;
isc_region_t remaining, sigregion;
- isc_result_t result;
- unsigned char *raw;
+ unsigned char *raw = NULL;
unsigned int count;
REQUIRE(ncacherdataset != NULL);
dns_rdataset_init(&rclone);
dns_rdataset_clone(ncacherdataset, &rclone);
- result = dns_rdataset_first(&rclone);
- while (result == ISC_R_SUCCESS) {
+ DNS_RDATASET_FOREACH (&rclone) {
+ dns_rdata_t rdata = DNS_RDATA_INIT;
dns_rdataset_current(&rclone, &rdata);
+
isc_buffer_init(&source, rdata.data, rdata.length);
isc_buffer_add(&source, rdata.length);
dns_name_init(&tname);
if (type != dns_rdatatype_rrsig ||
!dns_name_equal(&tname, name))
{
- result = dns_rdataset_next(&rclone);
- dns_rdata_reset(&rdata);
continue;
}
(void)dns_rdata_tostruct(&rdata, &rrsig, NULL);
if (rrsig.covered == covers) {
isc_buffer_remainingregion(&source, &remaining);
+ result = ISC_R_SUCCESS;
break;
}
-
- result = dns_rdataset_next(&rclone);
- dns_rdata_reset(&rdata);
}
dns_rdataset_disassociate(&rclone);
- if (result == ISC_R_NOMORE) {
- return ISC_R_NOTFOUND;
- }
- if (result != ISC_R_SUCCESS) {
- return result;
- }
- INSIST(remaining.length != 0);
+ if (result == ISC_R_SUCCESS) {
+ INSIST(remaining.length != 0);
- rdataset->methods = &rdataset_methods;
- rdataset->rdclass = ncacherdataset->rdclass;
- rdataset->type = dns_rdatatype_rrsig;
- rdataset->covers = covers;
- rdataset->ttl = ncacherdataset->ttl;
- rdataset->trust = trust;
- rdataset->ncache.raw = remaining.base;
- rdataset->ncache.iter_pos = NULL;
- rdataset->ncache.iter_count = 0;
+ rdataset->methods = &rdataset_methods;
+ rdataset->rdclass = ncacherdataset->rdclass;
+ rdataset->type = dns_rdatatype_rrsig;
+ rdataset->covers = covers;
+ rdataset->ttl = ncacherdataset->ttl;
+ rdataset->trust = trust;
+ rdataset->ncache.raw = remaining.base;
+ rdataset->ncache.iter_pos = NULL;
+ rdataset->ncache.iter_count = 0;
+ }
- return ISC_R_SUCCESS;
+ return result;
}
void
if (result != ISC_R_SUCCESS) {
return result;
}
- for (result = dns_rdataset_first(&rdataset); result == ISC_R_SUCCESS;
- result = dns_rdataset_next(&rdataset))
- {
+ bool matched = false;
+ DNS_RDATASET_FOREACH (&rdataset) {
dns_rdata_t rdata = DNS_RDATA_INIT;
dns_rdataset_current(&rdataset, &rdata);
}
if (!deleted) {
+ matched = true;
break;
}
}
}
dns_rdataset_disassociate(&rdataset);
- if (result == ISC_R_SUCCESS) {
- *answer = true;
- }
- if (result == ISC_R_NOMORE) {
- *answer = false;
- result = ISC_R_SUCCESS;
- }
- return result;
+ *answer = matched;
+ return ISC_R_SUCCESS;
}
/*%
bool
dns_nsec_requiredtypespresent(dns_rdataset_t *nsecset) {
- dns_rdataset_t rdataset;
- isc_result_t result;
+ dns_rdataset_t rdataset = DNS_RDATASET_INIT;
bool found = false;
REQUIRE(DNS_RDATASET_VALID(nsecset));
REQUIRE(nsecset->type == dns_rdatatype_nsec);
- dns_rdataset_init(&rdataset);
dns_rdataset_clone(nsecset, &rdataset);
- for (result = dns_rdataset_first(&rdataset); result == ISC_R_SUCCESS;
- result = dns_rdataset_next(&rdataset))
- {
+ DNS_RDATASET_FOREACH (&rdataset) {
dns_rdata_t rdata = DNS_RDATA_INIT;
dns_rdataset_current(&rdataset, &rdata);
if (!dns_nsec_typepresent(&rdata, dns_rdatatype_nsec) ||
goto cleanup_node;
}
- for (result = dns_rdataset_first(&rdataset); result == ISC_R_SUCCESS;
- result = dns_rdataset_next(&rdataset))
- {
+ DNS_RDATASET_FOREACH (&rdataset) {
dns_rdata_t rdata = DNS_RDATA_INIT;
dns_rdataset_current(&rdataset, &rdata);
CHECK(dns_rdata_tostruct(&rdata, &nsec3, NULL));
goto failure;
}
}
- if (result != ISC_R_NOMORE) {
- goto failure;
- }
+
result = ISC_R_SUCCESS;
failure:
static bool
better_param(dns_rdataset_t *nsec3paramset, dns_rdata_t *param) {
- dns_rdataset_t rdataset;
- isc_result_t result;
+ dns_rdataset_t rdataset = DNS_RDATASET_INIT;
if (REMOVE(param->data[1])) {
return true;
}
- dns_rdataset_init(&rdataset);
dns_rdataset_clone(nsec3paramset, &rdataset);
- for (result = dns_rdataset_first(&rdataset); result == ISC_R_SUCCESS;
- result = dns_rdataset_next(&rdataset))
- {
+ DNS_RDATASET_FOREACH (&rdataset) {
dns_rdata_t rdata = DNS_RDATA_INIT;
unsigned char buf[DNS_NSEC3PARAM_BUFFERSIZE];
static isc_result_t
find_nsec3(dns_rdata_nsec3_t *nsec3, dns_rdataset_t *rdataset,
const dns_rdata_nsec3param_t *nsec3param) {
- isc_result_t result;
- for (result = dns_rdataset_first(rdataset); result == ISC_R_SUCCESS;
- result = dns_rdataset_next(rdataset))
- {
+ DNS_RDATASET_FOREACH (rdataset) {
dns_rdata_t rdata = DNS_RDATA_INIT;
-
dns_rdataset_current(rdataset, &rdata);
- CHECK(dns_rdata_tostruct(&rdata, nsec3, NULL));
- dns_rdata_reset(&rdata);
+ dns_rdata_tostruct(&rdata, nsec3, NULL);
+
if (match_nsec3param(nsec3, nsec3param)) {
- break;
+ return ISC_R_SUCCESS;
}
}
-failure:
- return result;
+
+ return ISC_R_NOTFOUND;
}
isc_result_t
}
} else {
dns_rdataset_disassociate(&rdataset);
- if (result != ISC_R_NOMORE) {
- goto failure;
- }
}
}
}
result = find_nsec3(&nsec3, &rdataset, nsec3param);
- if (result == ISC_R_NOMORE) {
+ if (result == ISC_R_NOTFOUND) {
dns_rdataset_disassociate(&rdataset);
continue;
}
- if (result != ISC_R_SUCCESS) {
- goto failure;
- }
if (maybe_remove_unsecure) {
dns_rdataset_disassociate(&rdataset);
dns_db_detachnode(db, &newnode);
break;
}
- if (result != ISC_R_NOMORE) {
- goto failure;
- }
} else if (result == ISC_R_NOTFOUND) {
/*
* If we didn't find an NSEC3 in the node,
continue;
}
result = find_nsec3(&nsec3, &rdataset, nsec3param);
- if (result == ISC_R_NOMORE) {
+ if (result == ISC_R_NOTFOUND) {
dns_rdataset_disassociate(&rdataset);
continue;
}
- if (result != ISC_R_SUCCESS) {
- goto failure;
- }
old_next = nsec3.next;
old_length = nsec3.next_length;
/*
* Update each active NSEC3 chain.
*/
- for (result = dns_rdataset_first(&rdataset); result == ISC_R_SUCCESS;
- result = dns_rdataset_next(&rdataset))
- {
+ DNS_RDATASET_FOREACH (&rdataset) {
dns_rdata_t rdata = DNS_RDATA_INIT;
dns_rdataset_current(&rdataset, &rdata);
CHECK(dns_nsec3_addnsec3(db, version, name, &nsec3param,
nsecttl, unsecure, diff));
}
- if (result == ISC_R_NOMORE) {
- result = ISC_R_SUCCESS;
- }
failure:
if (dns_rdataset_isassociated(&rdataset)) {
goto failure;
}
- for (result = dns_rdataset_first(&rdataset); result == ISC_R_SUCCESS;
- result = dns_rdataset_next(&rdataset))
- {
+ bool matched = false;
+ DNS_RDATASET_FOREACH (&rdataset) {
dns_rdata_t myrdata = DNS_RDATA_INIT;
dns_rdataset_current(&rdataset, &myrdata);
- if (!dns_rdata_casecompare(&myrdata, rdata)) {
+ if (dns_rdata_casecompare(&myrdata, rdata) == 0) {
+ matched = true;
break;
}
}
dns_rdataset_disassociate(&rdataset);
- if (result == ISC_R_SUCCESS) {
- *flag = true;
- } else if (result == ISC_R_NOMORE) {
- *flag = false;
- result = ISC_R_SUCCESS;
- }
+ *flag = matched;
failure:
if (node != NULL) {
dns_dbnode_t *node = NULL;
dns_difftuple_t *tuple = NULL;
dns_name_t next;
- dns_rdata_t rdata = DNS_RDATA_INIT;
dns_rdataset_t rdataset;
bool flag;
isc_result_t result = ISC_R_SUCCESS;
goto failure;
}
- for (result = dns_rdataset_first(&rdataset); result == ISC_R_SUCCESS;
- result = dns_rdataset_next(&rdataset))
- {
+ DNS_RDATASET_FOREACH (&rdataset) {
+ dns_rdata_t rdata = DNS_RDATA_INIT;
dns_rdata_t private = DNS_RDATA_INIT;
dns_rdataset_current(&rdataset, &rdata);
CHECK(do_one_tuple(&tuple, db, ver, diff));
INSIST(tuple == NULL);
}
- dns_rdata_reset(&rdata);
- }
- if (result != ISC_R_NOMORE) {
- goto failure;
}
dns_rdataset_disassociate(&rdataset);
goto failure;
}
- for (result = dns_rdataset_first(&rdataset); result == ISC_R_SUCCESS;
- result = dns_rdataset_next(&rdataset))
- {
- dns_rdata_reset(&rdata);
+ DNS_RDATASET_FOREACH (&rdataset) {
+ dns_rdata_t rdata = DNS_RDATA_INIT;
dns_rdataset_current(&rdataset, &rdata);
INSIST(rdata.length <= sizeof(buf));
memmove(buf, rdata.data, rdata.length);
INSIST(tuple == NULL);
}
}
- if (result != ISC_R_NOMORE) {
- goto failure;
- }
+
success:
result = ISC_R_SUCCESS;
/*
* Update each active NSEC3 chain.
*/
- for (result = dns_rdataset_first(&rdataset); result == ISC_R_SUCCESS;
- result = dns_rdataset_next(&rdataset))
- {
+ DNS_RDATASET_FOREACH (&rdataset) {
dns_rdata_t rdata = DNS_RDATA_INIT;
dns_rdataset_current(&rdataset, &rdata);
CHECK(dns_nsec3_addnsec3(db, version, name, &nsec3param,
nsecttl, unsecure, diff));
}
- if (result != ISC_R_NOMORE) {
- goto failure;
- }
dns_rdataset_disassociate(&rdataset);
/*
* Update each active NSEC3 chain.
*/
- for (result = dns_rdataset_first(&prdataset); result == ISC_R_SUCCESS;
- result = dns_rdataset_next(&prdataset))
- {
+ DNS_RDATASET_FOREACH (&prdataset) {
dns_rdata_t rdata1 = DNS_RDATA_INIT;
dns_rdata_t rdata2 = DNS_RDATA_INIT;
unsigned char buf[DNS_NSEC3PARAM_BUFFERSIZE];
CHECK(dns_nsec3_addnsec3(db, version, name, &nsec3param,
nsecttl, unsecure, diff));
}
- if (result == ISC_R_NOMORE) {
- success:
- result = ISC_R_SUCCESS;
- }
+
+success:
+ result = ISC_R_SUCCESS;
failure:
if (dns_rdataset_isassociated(&rdataset)) {
dns_rdataset_disassociate(&rdataset);
memmove(nexthash, nsec3.next, next_length);
}
dns_rdataset_disassociate(&rdataset);
- if (result == ISC_R_NOMORE) {
+ if (result == ISC_R_NOTFOUND) {
goto success;
}
- if (result != ISC_R_SUCCESS) {
- goto failure;
- }
/*
* Find the previous NSEC3 and update it.
continue;
}
result = find_nsec3(&nsec3, &rdataset, nsec3param);
- if (result == ISC_R_NOMORE) {
+ if (result == ISC_R_NOTFOUND) {
dns_rdataset_disassociate(&rdataset);
continue;
}
- if (result != ISC_R_SUCCESS) {
- goto failure;
- }
/*
* Delete the old previous NSEC3.
memmove(nexthash, nsec3.next, next_length);
}
dns_rdataset_disassociate(&rdataset);
- if (result == ISC_R_NOMORE) {
+ if (result == ISC_R_NOTFOUND) {
goto success;
}
- if (result != ISC_R_SUCCESS) {
- goto failure;
- }
pass = 0;
do {
continue;
}
result = find_nsec3(&nsec3, &rdataset, nsec3param);
- if (result == ISC_R_NOMORE) {
+ if (result == ISC_R_NOTFOUND) {
dns_rdataset_disassociate(&rdataset);
continue;
}
- if (result != ISC_R_SUCCESS) {
- goto failure;
- }
/*
* Delete the old previous NSEC3.
/*
* Update each active NSEC3 chain.
*/
- for (result = dns_rdataset_first(&rdataset); result == ISC_R_SUCCESS;
- result = dns_rdataset_next(&rdataset))
- {
+ DNS_RDATASET_FOREACH (&rdataset) {
dns_rdata_t rdata = DNS_RDATA_INIT;
dns_rdataset_current(&rdataset, &rdata);
/*
* Update each NSEC3 chain being built.
*/
- for (result = dns_rdataset_first(&rdataset); result == ISC_R_SUCCESS;
- result = dns_rdataset_next(&rdataset))
- {
+ DNS_RDATASET_FOREACH (&rdataset) {
dns_rdata_t rdata1 = DNS_RDATA_INIT;
dns_rdata_t rdata2 = DNS_RDATA_INIT;
unsigned char buf[DNS_NSEC3PARAM_BUFFERSIZE];
*/
CHECK(dns_nsec3_delnsec3(db, version, name, &nsec3param, diff));
}
- if (result == ISC_R_NOMORE) {
- success:
- result = ISC_R_SUCCESS;
- }
+success:
+ result = ISC_R_SUCCESS;
failure:
if (dns_rdataset_isassociated(&rdataset)) {
dns_rdataset_disassociate(&rdataset);
dns_db_detachnode(db, &node);
return result;
}
- for (result = dns_rdataset_first(&rdataset); result == ISC_R_SUCCESS;
- result = dns_rdataset_next(&rdataset))
- {
- dns_rdata_t rdata = DNS_RDATA_INIT;
+ bool found = false;
+ DNS_RDATASET_FOREACH (&rdataset) {
+ dns_rdata_t rdata = DNS_RDATA_INIT;
dns_rdataset_current(&rdataset, &rdata);
- result = dns_rdata_tostruct(&rdata, &nsec3param, NULL);
- RUNTIME_CHECK(result == ISC_R_SUCCESS);
+ dns_rdata_tostruct(&rdata, &nsec3param, NULL);
if (nsec3param.flags == 0) {
+ found = true;
break;
}
}
dns_rdataset_disassociate(&rdataset);
- if (result == ISC_R_SUCCESS) {
- dns_db_detachnode(db, &node);
- *answer = true;
- return ISC_R_SUCCESS;
- }
- if (result == ISC_R_NOMORE) {
- *answer = false;
- }
+ *answer = found;
try_private:
if (privatetype == 0 || complete) {
return result;
}
- for (result = dns_rdataset_first(&rdataset); result == ISC_R_SUCCESS;
- result = dns_rdataset_next(&rdataset))
- {
+ found = false;
+ DNS_RDATASET_FOREACH (&rdataset) {
dns_rdata_t rdata1 = DNS_RDATA_INIT;
dns_rdata_t rdata2 = DNS_RDATA_INIT;
unsigned char buf[DNS_NSEC3PARAM_BUFFERSIZE];
{
continue;
}
- result = dns_rdata_tostruct(&rdata2, &nsec3param, NULL);
- RUNTIME_CHECK(result == ISC_R_SUCCESS);
+ dns_rdata_tostruct(&rdata2, &nsec3param, NULL);
if (!complete && CREATE(nsec3param.flags)) {
+ found = true;
break;
}
}
dns_rdataset_disassociate(&rdataset);
- if (result == ISC_R_SUCCESS) {
- *answer = true;
- result = ISC_R_SUCCESS;
- }
- if (result == ISC_R_NOMORE) {
- *answer = false;
- result = ISC_R_SUCCESS;
- }
+ *answer = found;
return result;
}
static bool
ignore(dns_rdata_t *param, dns_rdataset_t *privateset) {
- isc_result_t result;
-
- for (result = dns_rdataset_first(privateset); result == ISC_R_SUCCESS;
- result = dns_rdataset_next(privateset))
- {
+ DNS_RDATASET_FOREACH (privateset) {
unsigned char buf[DNS_NSEC3PARAM_BUFFERSIZE];
dns_rdata_t private = DNS_RDATA_INIT;
dns_rdata_t rdata = DNS_RDATA_INIT;
if (!dns_rdataset_isassociated(&privateset)) {
goto success;
}
- for (result = dns_rdataset_first(&privateset);
- result == ISC_R_SUCCESS;
- result = dns_rdataset_next(&privateset))
- {
+ DNS_RDATASET_FOREACH (&privateset) {
dns_rdata_t private = DNS_RDATA_INIT;
dns_rdata_t rdata = DNS_RDATA_INIT;
* If we are in the process of building a new NSEC3 chain
* then we don't need to build a NSEC chain.
*/
- for (result = dns_rdataset_first(&privateset);
- result == ISC_R_SUCCESS;
- result = dns_rdataset_next(&privateset))
- {
+ DNS_RDATASET_FOREACH (&privateset) {
dns_rdata_t private = DNS_RDATA_INIT;
dns_rdata_t rdata = DNS_RDATA_INIT;
* the changes queued complete.
*/
count = 0;
- for (result = dns_rdataset_first(&nsec3paramset);
- result == ISC_R_SUCCESS;
- result = dns_rdataset_next(&nsec3paramset))
- {
+ DNS_RDATASET_FOREACH (&nsec3paramset) {
dns_rdata_t rdata = DNS_RDATA_INIT;
/*
signing = false;
nsec3chain = false;
- for (result = dns_rdataset_first(&privateset); result == ISC_R_SUCCESS;
- result = dns_rdataset_next(&privateset))
- {
+ DNS_RDATASET_FOREACH (&privateset) {
dns_rdata_t rdata = DNS_RDATA_INIT;
dns_rdata_t private = DNS_RDATA_INIT;
isc_result_t
dns_rdataset_first(dns_rdataset_t *rdataset) {
- /*
- * Move the rdata cursor to the first rdata in the rdataset (if any).
- */
-
REQUIRE(DNS_RDATASET_VALID(rdataset));
REQUIRE(rdataset->methods != NULL);
REQUIRE(rdataset->methods->first != NULL);
- return (rdataset->methods->first)(rdataset);
+ isc_result_t result = rdataset->methods->first(rdataset);
+ ENSURE(result == ISC_R_SUCCESS || result == ISC_R_NOMORE);
+ return result;
}
isc_result_t
dns_rdataset_next(dns_rdataset_t *rdataset) {
- /*
- * Move the rdata cursor to the next rdata in the rdataset (if any).
- */
-
REQUIRE(DNS_RDATASET_VALID(rdataset));
REQUIRE(rdataset->methods != NULL);
REQUIRE(rdataset->methods->next != NULL);
- return (rdataset->methods->next)(rdataset);
+ isc_result_t result = rdataset->methods->next(rdataset);
+ ENSURE(result == ISC_R_SUCCESS || result == ISC_R_NOMORE);
+ return result;
}
void
const dns_name_t *owner_name,
dns_additionaldatafunc_t add, void *arg,
size_t limit) {
- dns_rdata_t rdata = DNS_RDATA_INIT;
- isc_result_t result;
-
/*
* For each rdata in rdataset, call 'add' for each name and type in the
* rdata which is subject to additional section processing.
return DNS_R_TOOMANYRECORDS;
}
- result = dns_rdataset_first(rdataset);
- if (result != ISC_R_SUCCESS) {
- return result;
- }
-
- do {
+ DNS_RDATASET_FOREACH (rdataset) {
+ isc_result_t result;
+ dns_rdata_t rdata = DNS_RDATA_INIT;
dns_rdataset_current(rdataset, &rdata);
result = dns_rdata_additionaldata(&rdata, owner_name, add, arg);
- if (result == ISC_R_SUCCESS) {
- result = dns_rdataset_next(rdataset);
+ if (result != ISC_R_SUCCESS) {
+ return result;
}
- dns_rdata_reset(&rdata);
- } while (result == ISC_R_SUCCESS);
-
- if (result != ISC_R_NOMORE) {
- return result;
}
return ISC_R_SUCCESS;
static isc_result_t
fctx_getaddresses(fetchctx_t *fctx) {
- dns_rdata_t rdata = DNS_RDATA_INIT;
isc_result_t result;
dns_resolver_t *res;
isc_stdtime_t now;
INSIST(ISC_LIST_EMPTY(fctx->finds));
INSIST(ISC_LIST_EMPTY(fctx->altfinds));
- for (result = dns_rdataset_first(&fctx->nameservers);
- result == ISC_R_SUCCESS;
- result = dns_rdataset_next(&fctx->nameservers))
- {
+ DNS_RDATASET_FOREACH (&fctx->nameservers) {
+ dns_rdata_t rdata = DNS_RDATA_INIT;
bool overquota = false;
unsigned int static_stub = 0;
dns_rdata_freestruct(&ns);
if (++ns_processed >= NS_PROCESSING_LIMIT) {
- result = ISC_R_NOMORE;
break;
}
}
- if (result != ISC_R_NOMORE) {
- return result;
- }
/*
* Do we need to use 6 to 4?
static bool
is_minimal_nsec(dns_rdataset_t *nsecset) {
- dns_rdataset_t rdataset;
- isc_result_t result;
+ dns_rdataset_t rdataset = DNS_RDATASET_INIT;
- dns_rdataset_init(&rdataset);
dns_rdataset_clone(nsecset, &rdataset);
- for (result = dns_rdataset_first(&rdataset); result == ISC_R_SUCCESS;
- result = dns_rdataset_next(&rdataset))
- {
+ DNS_RDATASET_FOREACH (&rdataset) {
+ isc_result_t result;
dns_rdata_t rdata = DNS_RDATA_INIT;
dns_rdata_nsec_t nsec;
+
dns_rdataset_current(&rdataset, &rdata);
result = dns_rdata_tostruct(&rdata, &nsec, NULL);
RUNTIME_CHECK(result == ISC_R_SUCCESS);
+
if (nsec.len == sizeof(minimal_typemap) &&
memcmp(nsec.typebits, minimal_typemap, nsec.len) == 0)
{
*/
static bool
check_soa_and_dnskey(dns_rdataset_t *nsecset) {
- dns_rdataset_t rdataset;
- isc_result_t result;
+ dns_rdataset_t rdataset = DNS_RDATASET_INIT;
- dns_rdataset_init(&rdataset);
dns_rdataset_clone(nsecset, &rdataset);
- for (result = dns_rdataset_first(&rdataset); result == ISC_R_SUCCESS;
- result = dns_rdataset_next(&rdataset))
- {
+ DNS_RDATASET_FOREACH (&rdataset) {
dns_rdata_t rdata = DNS_RDATA_INIT;
dns_rdataset_current(&rdataset, &rdata);
if (dns_nsec_typepresent(&rdata, dns_rdatatype_soa) &&
*/
static bool
has_000_label(dns_rdataset_t *nsecset) {
- dns_rdataset_t rdataset;
- isc_result_t result;
+ dns_rdataset_t rdataset = DNS_RDATASET_INIT;
- dns_rdataset_init(&rdataset);
dns_rdataset_clone(nsecset, &rdataset);
- for (result = dns_rdataset_first(&rdataset); result == ISC_R_SUCCESS;
- result = dns_rdataset_next(&rdataset))
- {
+ DNS_RDATASET_FOREACH (&rdataset) {
dns_rdata_t rdata = DNS_RDATA_INIT;
dns_rdataset_current(&rdataset, &rdata);
if (rdata.length > 1 && rdata.data[0] == 1 &&
dns_rdata_rrsig_t rrsig;
isc_result_t result;
unsigned int labels;
- dns_name_t *zonename;
+ dns_name_t *zonename = NULL;
dns_fixedname_t fzonename;
- dns_name_t *closest;
+ dns_name_t *closest = NULL;
dns_fixedname_t fclosest;
- dns_name_t *nearest;
+ dns_name_t *nearest = NULL;
dns_fixedname_t fnearest;
dns_rdatatype_t found = dns_rdatatype_none;
dns_name_t *noqname = NULL;
labels = dns_name_countlabels(name);
- for (result = dns_rdataset_first(sigrdataset); result == ISC_R_SUCCESS;
- result = dns_rdataset_next(sigrdataset))
- {
+ result = ISC_R_NOTFOUND;
+ DNS_RDATASET_FOREACH (sigrdataset) {
dns_rdata_t rdata = DNS_RDATA_INIT;
dns_rdataset_current(sigrdataset, &rdata);
result = dns_rdata_tostruct(&rdata, &rrsig, NULL);
if (rrsig.labels + 1U >= labels) {
continue;
}
+ result = ISC_R_SUCCESS;
break;
}
- if (result == ISC_R_NOMORE) {
- return ISC_R_NOTFOUND;
- }
if (result != ISC_R_SUCCESS) {
return result;
}
* address record. If a match is found, the address should be
* filtered, so should the entire answer.
*/
- for (result = dns_rdataset_first(rdataset); result == ISC_R_SUCCESS;
- result = dns_rdataset_next(rdataset))
- {
+ DNS_RDATASET_FOREACH (rdataset) {
dns_rdata_reset(&rdata);
dns_rdataset_current(rdataset, &rdata);
if (rdataset->type == dns_rdatatype_a) {
checknamessection(dns_message_t *message, dns_section_t section) {
MSG_SECTION_FOREACH (message, section, name) {
ISC_LIST_FOREACH (name->list, rdataset, link) {
- for (isc_result_t result = dns_rdataset_first(rdataset);
- result == ISC_R_SUCCESS;
- result = dns_rdataset_next(rdataset))
- {
+ DNS_RDATASET_FOREACH (rdataset) {
dns_rdata_t rdata = DNS_RDATA_INIT;
dns_rdataset_current(rdataset, &rdata);
if (!dns_rdata_checkowner(name, rdata.rdclass,
static isc_result_t
in_rootns(dns_rdataset_t *rootns, dns_name_t *name) {
isc_result_t result;
- dns_rdata_t rdata = DNS_RDATA_INIT;
dns_rdata_ns_t ns;
if (!dns_rdataset_isassociated(rootns)) {
return ISC_R_NOTFOUND;
}
- result = dns_rdataset_first(rootns);
- while (result == ISC_R_SUCCESS) {
+ DNS_RDATASET_FOREACH (rootns) {
+ dns_rdata_t rdata = DNS_RDATA_INIT;
dns_rdataset_current(rootns, &rdata);
result = dns_rdata_tostruct(&rdata, &ns, NULL);
if (result != ISC_R_SUCCESS) {
if (dns_name_compare(name, &ns.name) == 0) {
return ISC_R_SUCCESS;
}
- result = dns_rdataset_next(rootns);
- dns_rdata_reset(&rdata);
- }
- if (result == ISC_R_NOMORE) {
- result = ISC_R_NOTFOUND;
}
- return result;
+ return ISC_R_NOTFOUND;
}
static isc_result_t
static bool
inrrset(dns_rdataset_t *rrset, dns_rdata_t *rdata) {
- isc_result_t result;
- dns_rdata_t current = DNS_RDATA_INIT;
-
- result = dns_rdataset_first(rrset);
- while (result == ISC_R_SUCCESS) {
+ DNS_RDATASET_FOREACH (rrset) {
+ dns_rdata_t current = DNS_RDATA_INIT;
dns_rdataset_current(rrset, ¤t);
if (dns_rdata_compare(rdata, ¤t) == 0) {
return true;
}
- dns_rdata_reset(¤t);
- result = dns_rdataset_next(rrset);
}
return false;
}
static void
check_address_records(dns_view_t *view, dns_db_t *hints, dns_db_t *db,
dns_name_t *name, isc_stdtime_t now) {
- isc_result_t hresult, rresult, result;
+ isc_result_t hresult, rresult;
dns_rdataset_t hintrrset, rootrrset;
- dns_rdata_t rdata = DNS_RDATA_INIT;
dns_name_t *foundname;
dns_fixedname_t fixed;
if (hresult == ISC_R_SUCCESS &&
(rresult == ISC_R_SUCCESS || rresult == DNS_R_GLUE))
{
- result = dns_rdataset_first(&rootrrset);
- while (result == ISC_R_SUCCESS) {
- dns_rdata_reset(&rdata);
+ DNS_RDATASET_FOREACH (&rootrrset) {
+ dns_rdata_t rdata = DNS_RDATA_INIT;
dns_rdataset_current(&rootrrset, &rdata);
if (!inrrset(&hintrrset, &rdata) &&
!changing(name, dns_rdatatype_a, now))
{
report(view, name, true, &rdata);
}
- result = dns_rdataset_next(&rootrrset);
}
- result = dns_rdataset_first(&hintrrset);
- while (result == ISC_R_SUCCESS) {
- dns_rdata_reset(&rdata);
+ DNS_RDATASET_FOREACH (&hintrrset) {
+ dns_rdata_t rdata = DNS_RDATA_INIT;
dns_rdataset_current(&hintrrset, &rdata);
if (!inrrset(&rootrrset, &rdata) &&
!changing(name, dns_rdatatype_a, now))
{
report(view, name, false, &rdata);
}
- result = dns_rdataset_next(&hintrrset);
}
}
if (hresult == ISC_R_NOTFOUND &&
(rresult == ISC_R_SUCCESS || rresult == DNS_R_GLUE))
{
- result = dns_rdataset_first(&rootrrset);
- while (result == ISC_R_SUCCESS) {
- dns_rdata_reset(&rdata);
+ DNS_RDATASET_FOREACH (&rootrrset) {
+ dns_rdata_t rdata = DNS_RDATA_INIT;
dns_rdataset_current(&rootrrset, &rdata);
report(view, name, true, &rdata);
- result = dns_rdataset_next(&rootrrset);
}
}
if (dns_rdataset_isassociated(&rootrrset)) {
if (hresult == ISC_R_SUCCESS &&
(rresult == ISC_R_SUCCESS || rresult == DNS_R_GLUE))
{
- result = dns_rdataset_first(&rootrrset);
- while (result == ISC_R_SUCCESS) {
- dns_rdata_reset(&rdata);
+ DNS_RDATASET_FOREACH (&rootrrset) {
+ dns_rdata_t rdata = DNS_RDATA_INIT;
dns_rdataset_current(&rootrrset, &rdata);
if (!inrrset(&hintrrset, &rdata) &&
!changing(name, dns_rdatatype_aaaa, now))
{
report(view, name, true, &rdata);
}
- dns_rdata_reset(&rdata);
- result = dns_rdataset_next(&rootrrset);
}
- result = dns_rdataset_first(&hintrrset);
- while (result == ISC_R_SUCCESS) {
- dns_rdata_reset(&rdata);
+ DNS_RDATASET_FOREACH (&hintrrset) {
+ dns_rdata_t rdata = DNS_RDATA_INIT;
dns_rdataset_current(&hintrrset, &rdata);
if (!inrrset(&rootrrset, &rdata) &&
!changing(name, dns_rdatatype_aaaa, now))
{
report(view, name, false, &rdata);
}
- dns_rdata_reset(&rdata);
- result = dns_rdataset_next(&hintrrset);
}
}
if (hresult == ISC_R_NOTFOUND &&
(rresult == ISC_R_SUCCESS || rresult == DNS_R_GLUE))
{
- result = dns_rdataset_first(&rootrrset);
- while (result == ISC_R_SUCCESS) {
- dns_rdata_reset(&rdata);
+ DNS_RDATASET_FOREACH (&rootrrset) {
+ dns_rdata_t rdata = DNS_RDATA_INIT;
dns_rdataset_current(&rootrrset, &rdata);
report(view, name, true, &rdata);
- dns_rdata_reset(&rdata);
- result = dns_rdataset_next(&rootrrset);
}
}
if (dns_rdataset_isassociated(&rootrrset)) {
void
dns_root_checkhints(dns_view_t *view, dns_db_t *hints, dns_db_t *db) {
isc_result_t result;
- dns_rdata_t rdata = DNS_RDATA_INIT;
dns_rdata_ns_t ns;
dns_rdataset_t hintns, rootns;
const char *viewname = "", *sep = "";
/*
* Look for missing root NS names.
*/
- result = dns_rdataset_first(&rootns);
- while (result == ISC_R_SUCCESS) {
+ DNS_RDATASET_FOREACH (&rootns) {
+ dns_rdata_t rdata = DNS_RDATA_INIT;
dns_rdataset_current(&rootns, &rdata);
result = dns_rdata_tostruct(&rdata, &ns, NULL);
RUNTIME_CHECK(result == ISC_R_SUCCESS);
} else {
check_address_records(view, hints, db, &ns.name, now);
}
- dns_rdata_reset(&rdata);
- result = dns_rdataset_next(&rootns);
- }
- if (result != ISC_R_NOMORE) {
- goto cleanup;
}
/*
* Look for extra root NS names.
*/
- result = dns_rdataset_first(&hintns);
- while (result == ISC_R_SUCCESS) {
+ DNS_RDATASET_FOREACH (&hintns) {
+ dns_rdata_t rdata = DNS_RDATA_INIT;
dns_rdataset_current(&hintns, &rdata);
result = dns_rdata_tostruct(&rdata, &ns, NULL);
RUNTIME_CHECK(result == ISC_R_SUCCESS);
"checkhints%s%s: extra NS '%s' in hints",
sep, viewname, namebuf);
}
- dns_rdata_reset(&rdata);
- result = dns_rdataset_next(&hintns);
- }
- if (result != ISC_R_NOMORE) {
- goto cleanup;
}
cleanup:
foreach_node_rr_action(void *data, dns_rdataset_t *rdataset) {
isc_result_t result;
foreach_node_rr_ctx_t *ctx = data;
- for (result = dns_rdataset_first(rdataset); result == ISC_R_SUCCESS;
- result = dns_rdataset_next(rdataset))
- {
+ DNS_RDATASET_FOREACH (rdataset) {
rr_t rr = { 0, DNS_RDATA_INIT };
dns_rdataset_current(rdataset, &rr.rdata);
return result;
}
}
- if (result != ISC_R_NOMORE) {
- return result;
- }
+
return ISC_R_SUCCESS;
}
goto cleanup_node;
}
- for (result = dns_rdataset_first(&rdataset); result == ISC_R_SUCCESS;
- result = dns_rdataset_next(&rdataset))
- {
+ DNS_RDATASET_FOREACH (&rdataset) {
rr_t rr = { 0, DNS_RDATA_INIT };
dns_rdataset_current(&rdataset, &rr.rdata);
rr.ttl = rdataset.ttl;
goto cleanup_rdataset;
}
}
- if (result != ISC_R_NOMORE) {
- goto cleanup_rdataset;
- }
+
result = ISC_R_SUCCESS;
cleanup_rdataset:
isc_result_t result;
dns_dbnode_t *node = NULL;
dns_rdataset_t rdataset;
- dns_rdata_t rdata = DNS_RDATA_INIT;
unsigned int i;
dns_rdata_rrsig_t rrsig;
bool found;
goto failure;
}
- for (result = dns_rdataset_first(&rdataset); result == ISC_R_SUCCESS;
- result = dns_rdataset_next(&rdataset))
- {
+ DNS_RDATASET_FOREACH (&rdataset) {
+ dns_rdata_t rdata = DNS_RDATA_INIT;
dns_rdataset_current(&rdataset, &rdata);
result = dns_rdata_tostruct(&rdata, &rrsig, NULL);
RUNTIME_CHECK(result == ISC_R_SUCCESS);
}
}
dns_rdataset_disassociate(&rdataset);
- if (result == ISC_R_NOMORE) {
- result = ISC_R_SUCCESS;
- }
+
failure:
if (node != NULL) {
dns_db_detachnode(db, &node);
dns_label_t hashlabel;
dns_name_t nsec3name;
dns_rdata_nsec3_t nsec3;
- dns_rdata_t rdata = DNS_RDATA_INIT;
dns_rdataset_t set;
int order;
int scope;
found = false;
result = dns_rdataset_first(&set);
if (result == ISC_R_SUCCESS) {
+ dns_rdata_t rdata = DNS_RDATA_INIT;
dns_rdataset_current(&set, &rdata);
found = dns_nsec_typepresent(&rdata, dns_rdatatype_ns);
- dns_rdata_reset(&rdata);
}
dns_rdataset_disassociate(&set);
return found;
dns_fixedname_init(&fixed);
dns_name_downcase(name, dns_fixedname_name(&fixed));
name = dns_fixedname_name(&fixed);
- for (result = dns_rdataset_first(rdataset); result == ISC_R_SUCCESS;
- result = dns_rdataset_next(rdataset))
- {
+ DNS_RDATASET_FOREACH (rdataset) {
dns_ncache_current(rdataset, &nsec3name, &set);
if (set.type != dns_rdatatype_nsec3) {
dns_rdataset_disassociate(&set);
dns_rdataset_disassociate(&set);
continue;
}
- for (result = dns_rdataset_first(&set); result == ISC_R_SUCCESS;
- result = dns_rdataset_next(&set))
- {
- dns_rdata_reset(&rdata);
+ DNS_RDATASET_FOREACH (&set) {
+ dns_rdata_t rdata = DNS_RDATA_INIT;
dns_rdataset_current(&set, &rdata);
(void)dns_rdata_tostruct(&rdata, &nsec3, NULL);
if (nsec3.hash != 1) {
return DNS_R_NOKEYMATCH;
}
- for (result = dns_rdataset_first(rdataset); result == ISC_R_SUCCESS;
- result = dns_rdataset_next(rdataset))
- {
+ DNS_RDATASET_FOREACH (rdataset) {
dns_rdata_t keyrdata = DNS_RDATA_INIT;
- dns_rdata_t sigrdata = DNS_RDATA_INIT;
dns_rdata_dnskey_t key;
dns_rdata_rrsig_t sig;
dns_keytag_t keytag;
- dns_rdata_reset(&keyrdata);
dns_rdataset_current(rdataset, &keyrdata);
result = dns_rdata_tostruct(&keyrdata, &key, NULL);
RUNTIME_CHECK(result == ISC_R_SUCCESS);
keytag = compute_keytag(&keyrdata);
- for (result = dns_rdataset_first(sigrdataset);
- result == ISC_R_SUCCESS;
- result = dns_rdataset_next(sigrdataset))
- {
+ DNS_RDATASET_FOREACH (sigrdataset) {
+ dns_rdata_t sigrdata = DNS_RDATA_INIT;
dst_key_t *dstkey = NULL;
- dns_rdata_reset(&sigrdata);
dns_rdataset_current(sigrdataset, &sigrdata);
result = dns_rdata_tostruct(&sigrdata, &sig, NULL);
RUNTIME_CHECK(result == ISC_R_SUCCESS);
dns_secalg_t algorithm) {
dns_rdata_rrsig_t sig;
dst_key_t *dstkey = NULL;
- isc_result_t result;
+ isc_result_t result = ISC_R_NOMORE;
- for (result = dns_rdataset_first(val->sigrdataset);
- result == ISC_R_SUCCESS;
- result = dns_rdataset_next(val->sigrdataset))
- {
+ DNS_RDATASET_FOREACH (val->sigrdataset) {
dns_rdata_t rdata = DNS_RDATA_INIT;
dns_rdataset_current(val->sigrdataset, &rdata);
* DNS_DSDIGEST_SHA256 or DNS_DSDIGEST_SHA384 is present.
*/
val->digest_sha1 = true;
- dns_rdata_t dsrdata = DNS_RDATA_INIT;
- for (result = dns_rdataset_first(val->dsset); result == ISC_R_SUCCESS;
- result = dns_rdataset_next(val->dsset))
- {
- dns_rdata_reset(&dsrdata);
+ DNS_RDATASET_FOREACH (val->dsset) {
+ dns_rdata_t dsrdata = DNS_RDATA_INIT;
dns_rdataset_current(val->dsset, &dsrdata);
result = dns_rdata_tostruct(&dsrdata, &ds, NULL);
RUNTIME_CHECK(result == ISC_R_SUCCESS);
static bool
check_ds_algs(dns_validator_t *val, dns_name_t *name,
dns_rdataset_t *rdataset) {
- dns_rdata_t dsrdata = DNS_RDATA_INIT;
dns_rdata_ds_t ds;
- isc_result_t result;
- for (result = dns_rdataset_first(rdataset); result == ISC_R_SUCCESS;
- result = dns_rdataset_next(rdataset))
- {
+ DNS_RDATASET_FOREACH (rdataset) {
+ isc_result_t result;
+ dns_rdata_t dsrdata = DNS_RDATA_INIT;
dns_rdataset_current(rdataset, &dsrdata);
+
result = dns_rdata_tostruct(&dsrdata, &ds, NULL);
RUNTIME_CHECK(result == ISC_R_SUCCESS);
dns_resolver_algorithm_supported(val->view->resolver, name,
ds.algorithm))
{
- dns_rdata_reset(&dsrdata);
return true;
}
- dns_rdata_reset(&dsrdata);
}
/*
goto finish;
}
- result = dns_rdataset_first(&dsset);
- while (result == ISC_R_SUCCESS) {
+ DNS_RDATASET_FOREACH (&dsset) {
dns_rdata_t this = DNS_RDATA_INIT;
dns_rdataset_current(&dsset, &this);
if (dns_rdata_compare(&rdata, &this) == 0) {
answer = true;
break;
}
- result = dns_rdataset_next(&dsset);
}
}
}
LIBDNS_XFRIN_RECV_ANSWER(xfr, xfr->info, msg);
ISC_LIST_FOREACH (name->list, rds, link) {
- for (isc_result_t iter = dns_rdataset_first(rds);
- iter == ISC_R_SUCCESS;
- iter = dns_rdataset_next(rds))
- {
+ DNS_RDATASET_FOREACH (rds) {
dns_rdata_t rdata = DNS_RDATA_INIT;
dns_rdataset_current(rds, &rdata);
CHECK(xfr_rr(xfr, name, rds->ttl, &rdata));
}
}
}
- CHECK(result);
if (dns_message_gettsig(msg, &tsigowner) != NULL) {
/*
zone_rrset_check_dup(dns_zone_t *zone, dns_name_t *owner,
dns_rdataset_t *rdataset) {
dns_rdataset_t tmprdataset;
- isc_result_t result;
bool answer = true;
bool format = true;
int level = ISC_LOG_WARNING;
}
dns_rdataset_init(&tmprdataset);
- for (result = dns_rdataset_first(rdataset); result == ISC_R_SUCCESS;
- result = dns_rdataset_next(rdataset))
- {
+ DNS_RDATASET_FOREACH (rdataset) {
dns_rdata_t rdata1 = DNS_RDATA_INIT;
unsigned int count2 = 0;
count1++;
dns_rdataset_current(rdataset, &rdata1);
dns_rdataset_clone(rdataset, &tmprdataset);
- for (result = dns_rdataset_first(&tmprdataset);
- result == ISC_R_SUCCESS;
- result = dns_rdataset_next(&tmprdataset))
- {
+ DNS_RDATASET_FOREACH (&tmprdataset) {
dns_rdata_t rdata2 = DNS_RDATA_INIT;
count2++;
if (count1 >= count2) {
dns_rdata_mx_t mx;
dns_rdata_ns_t ns;
dns_rdata_in_srv_t srv;
- dns_rdata_t rdata;
dns_name_t *name;
dns_name_t *bottom;
isc_result_t result;
name = dns_fixedname_initname(&fixed);
bottom = dns_fixedname_initname(&fixedbottom);
dns_rdataset_init(&rdataset);
- dns_rdata_init(&rdata);
result = dns_db_createiterator(db, 0, &dbiterator);
if (result != ISC_R_SUCCESS) {
*/
dns_name_copy(name, bottom);
- result = dns_rdataset_first(&rdataset);
- while (result == ISC_R_SUCCESS) {
+ DNS_RDATASET_FOREACH (&rdataset) {
+ dns_rdata_t rdata = DNS_RDATA_INIT;
dns_rdataset_current(&rdataset, &rdata);
+
result = dns_rdata_tostruct(&rdata, &ns, NULL);
RUNTIME_CHECK(result == ISC_R_SUCCESS);
if (!zone_check_glue(zone, db, &has_a, &has_aaaa,
{
ok = false;
}
- dns_rdata_reset(&rdata);
- result = dns_rdataset_next(&rdataset);
}
dns_rdataset_disassociate(&rdataset);
goto next;
if (result != ISC_R_SUCCESS) {
goto checksrv;
}
- result = dns_rdataset_first(&rdataset);
- while (result == ISC_R_SUCCESS) {
+ DNS_RDATASET_FOREACH (&rdataset) {
+ dns_rdata_t rdata = DNS_RDATA_INIT;
dns_rdataset_current(&rdataset, &rdata);
+
result = dns_rdata_tostruct(&rdata, &mx, NULL);
RUNTIME_CHECK(result == ISC_R_SUCCESS);
if (!zone_check_mx(zone, db, &mx.mx, name)) {
ok = false;
}
- dns_rdata_reset(&rdata);
- result = dns_rdataset_next(&rdataset);
}
dns_rdataset_disassociate(&rdataset);
if (result != ISC_R_SUCCESS) {
goto checkforaaaa;
}
- result = dns_rdataset_first(&rdataset);
- while (result == ISC_R_SUCCESS) {
+ DNS_RDATASET_FOREACH (&rdataset) {
+ dns_rdata_t rdata = DNS_RDATA_INIT;
dns_rdataset_current(&rdataset, &rdata);
+
result = dns_rdata_tostruct(&rdata, &srv, NULL);
RUNTIME_CHECK(result == ISC_R_SUCCESS);
if (!zone_check_srv(zone, db, &srv.target, name)) {
ok = false;
}
- dns_rdata_reset(&rdata);
- result = dns_rdataset_next(&rdataset);
}
dns_rdataset_disassociate(&rdataset);
if (result != ISC_R_SUCCESS) {
goto notxt;
}
- result = dns_rdataset_first(&rdataset);
- while (result == ISC_R_SUCCESS) {
+ DNS_RDATASET_FOREACH (&rdataset) {
+ dns_rdata_t rdata = DNS_RDATA_INIT;
dns_rdataset_current(&rdataset, &rdata);
+
have_txt = isspf(&rdata);
- dns_rdata_reset(&rdata);
if (have_txt) {
break;
}
- result = dns_rdataset_next(&rdataset);
}
dns_rdataset_disassociate(&rdataset);
}
goto cleanup;
}
- result = dns_rdataset_first(&rdataset);
- while (result == ISC_R_SUCCESS) {
+
+ DNS_RDATASET_FOREACH (&rdataset) {
+ dns_rdata_t rdata = DNS_RDATA_INIT;
dns_rdataset_current(&rdataset, &rdata);
+
result = dns_rdata_tostruct(&rdata, &ns, NULL);
RUNTIME_CHECK(result == ISC_R_SUCCESS);
- dns_rdata_reset(&rdata);
if (zone_is_served_by(zone, db, dns_rdatatype_a,
&ns.name))
{
has_a = true;
break;
}
- result = dns_rdataset_next(&rdataset);
}
dns_rdataset_disassociate(&rdataset);
if (!has_a) {
}
goto cleanup;
}
- result = dns_rdataset_first(&rdataset);
- while (result == ISC_R_SUCCESS) {
+
+ DNS_RDATASET_FOREACH (&rdataset) {
+ dns_rdata_t rdata = DNS_RDATA_INIT;
dns_rdataset_current(&rdataset, &rdata);
+
result = dns_rdata_tostruct(&rdata, &ns, NULL);
RUNTIME_CHECK(result == ISC_R_SUCCESS);
- dns_rdata_reset(&rdata);
if (zone_is_served_by(zone, db, dns_rdatatype_aaaa,
&ns.name))
{
has_aaaa = true;
break;
}
- result = dns_rdataset_next(&rdataset);
}
dns_rdataset_disassociate(&rdataset);
if (!has_aaaa) {
dns_dbnode_t *node = NULL;
dns_dbversion_t *version = NULL;
dns_rdata_dnskey_t dnskey;
- dns_rdata_t rdata = DNS_RDATA_INIT;
dns_rdataset_t rdataset;
isc_result_t result;
goto cleanup;
}
- for (result = dns_rdataset_first(&rdataset); result == ISC_R_SUCCESS;
- result = dns_rdataset_next(&rdataset))
- {
+ DNS_RDATASET_FOREACH (&rdataset) {
+ dns_rdata_t rdata = DNS_RDATA_INIT;
dns_rdataset_current(&rdataset, &rdata);
result = dns_rdata_tostruct(&rdata, &dnskey, NULL);
INSIST(result == ISC_R_SUCCESS);
algorithm, dnskey.algorithm,
dst_region_computeid(&r));
}
- dns_rdata_reset(&rdata);
}
dns_rdataset_disassociate(&rdataset);
resume_signingwithkey(dns_zone_t *zone) {
dns_dbnode_t *node = NULL;
dns_dbversion_t *version = NULL;
- dns_rdata_t rdata = DNS_RDATA_INIT;
dns_rdataset_t rdataset;
isc_result_t result;
dns_db_t *db = NULL;
goto cleanup;
}
- for (result = dns_rdataset_first(&rdataset); result == ISC_R_SUCCESS;
- result = dns_rdataset_next(&rdataset))
- {
+ DNS_RDATASET_FOREACH (&rdataset) {
+ dns_rdata_t rdata = DNS_RDATA_INIT;
dns_rdataset_current(&rdataset, &rdata);
if (rdata.length != 5 || rdata.data[0] == 0 ||
rdata.data[4] != 0)
{
- dns_rdata_reset(&rdata);
continue;
}
"zone_signwithkey failed: %s",
isc_result_totext(result));
}
- dns_rdata_reset(&rdata);
}
dns_rdataset_disassociate(&rdataset);
goto cleanup;
}
- for (result = dns_rdataset_first(&rdataset); result == ISC_R_SUCCESS;
- result = dns_rdataset_next(&rdataset))
- {
+ DNS_RDATASET_FOREACH (&rdataset) {
unsigned char buf[DNS_NSEC3PARAM_BUFFERSIZE];
dns_rdata_t rdata = DNS_RDATA_INIT;
dns_rdata_t private = DNS_RDATA_INIT;
goto cleanup;
}
- for (result = dns_rdataset_first(&rdataset); result == ISC_R_SUCCESS;
- result = dns_rdataset_next(&rdataset))
- {
+ DNS_RDATASET_FOREACH (&rdataset) {
dns_rdata_t rdata = DNS_RDATA_INIT;
dns_rdataset_current(&rdataset, &rdata);
dns_nsec3_maxiterations());
}
}
- if (result == ISC_R_NOMORE) {
- result = ISC_R_SUCCESS;
- }
if (!ok) {
result = DNS_R_BADZONE;
static isc_result_t
delete_keydata(dns_db_t *db, dns_dbversion_t *ver, dns_diff_t *diff,
dns_name_t *name, dns_rdataset_t *rdataset) {
- dns_rdata_t rdata = DNS_RDATA_INIT;
- isc_result_t result, uresult;
+ isc_result_t uresult;
- for (result = dns_rdataset_first(rdataset); result == ISC_R_SUCCESS;
- result = dns_rdataset_next(rdataset))
- {
- dns_rdata_reset(&rdata);
+ DNS_RDATASET_FOREACH (rdataset) {
+ dns_rdata_t rdata = DNS_RDATA_INIT;
dns_rdataset_current(rdataset, &rdata);
uresult = update_one_rr(db, ver, diff, DNS_DIFFOP_DEL, name, 0,
&rdata);
return uresult;
}
}
- if (result == ISC_R_NOMORE) {
- result = ISC_R_SUCCESS;
- }
- return result;
+
+ return ISC_R_SUCCESS;
}
/*
static void
load_secroots(dns_zone_t *zone, dns_name_t *name, dns_rdataset_t *rdataset) {
isc_result_t result;
- dns_rdata_t rdata = DNS_RDATA_INIT;
dns_rdata_keydata_t keydata;
dns_rdata_dnskey_t dnskey;
int trusted = 0, revoked = 0, pending = 0;
}
/* Now insert all the accepted trust anchors from this keydata set. */
- for (result = dns_rdataset_first(rdataset); result == ISC_R_SUCCESS;
- result = dns_rdataset_next(rdataset))
- {
- dns_rdata_reset(&rdata);
+ DNS_RDATASET_FOREACH (rdataset) {
+ dns_rdata_t rdata = DNS_RDATA_INIT;
dns_rdataset_current(rdataset, &rdata);
/* Convert rdata to keydata. */
result = dns_rriterator_nextrrset(&rrit))
{
dns_rdataset_t *rdataset = NULL;
- dns_rdata_t rdata = DNS_RDATA_INIT;
dns_rdata_keydata_t keydata;
isc_stdtime_t now = isc_stdtime_now();
bool load = true;
* legitimate data, in which case we will not use it, and we
* will try to refresh it.
*/
- for (result = dns_rdataset_first(rdataset);
- result == ISC_R_SUCCESS;
- result = dns_rdataset_next(rdataset))
- {
+ DNS_RDATASET_FOREACH (rdataset) {
isc_result_t iresult;
+ dns_rdata_t rdata = DNS_RDATA_INIT;
- dns_rdata_reset(&rdata);
dns_rdataset_current(rdataset, &rdata);
iresult = dns_rdata_tostruct(&rdata, &keydata, NULL);
unsigned int count = 0;
unsigned int ecount = 0;
dns_rdataset_t rdataset;
- dns_rdata_t rdata;
dns_rdata_ns_t ns;
dns_rdataset_init(&rdataset);
goto invalidate_rdataset;
}
- result = dns_rdataset_first(&rdataset);
- while (result == ISC_R_SUCCESS) {
+ DNS_RDATASET_FOREACH (&rdataset) {
if (errors != NULL && zone->rdclass == dns_rdataclass_in &&
(zone->type == dns_zone_primary ||
zone->type == dns_zone_secondary ||
zone->type == dns_zone_mirror))
{
- dns_rdata_init(&rdata);
+ dns_rdata_t rdata = DNS_RDATA_INIT;
dns_rdataset_current(&rdataset, &rdata);
+
result = dns_rdata_tostruct(&rdata, &ns, NULL);
RUNTIME_CHECK(result == ISC_R_SUCCESS);
if (dns_name_issubdomain(&ns.name, &zone->origin) &&
}
}
count++;
- result = dns_rdataset_next(&rdataset);
}
dns_rdataset_disassociate(&rdataset);
isc_result_t result;
unsigned int count = 0;
dns_rdataset_t rdataset;
- dns_rdata_t rdata = DNS_RDATA_INIT;
dns_rdataset_init(&rdataset);
result = dns_db_findrdataset(db, node, version, dns_rdatatype_soa,
goto invalidate_rdataset;
}
- result = dns_rdataset_first(&rdataset);
- while (result == ISC_R_SUCCESS) {
- dns_rdata_init(&rdata);
+ DNS_RDATASET_FOREACH (&rdataset) {
+ dns_rdata_t rdata = DNS_RDATA_INIT;
dns_rdataset_current(&rdataset, &rdata);
+
count++;
if (count == 1) {
dns_rdata_soa_t soa;
soa.retry, soa.expire, soa.minimum);
RUNTIME_CHECK(result == ISC_R_SUCCESS);
}
-
- result = dns_rdataset_next(&rdataset);
- dns_rdata_reset(&rdata);
}
dns_rdataset_disassociate(&rdataset);
goto failure;
}
- for (result = dns_rdataset_first(&rdataset); result == ISC_R_SUCCESS;
- result = dns_rdataset_next(&rdataset))
- {
+ DNS_RDATASET_FOREACH (&rdataset) {
dns_rdata_t rdata = DNS_RDATA_INIT;
dns_rdataset_current(&rdataset, &rdata);
}
dns_rdataset_disassociate(&rdataset);
- if (result == ISC_R_NOMORE) {
- result = ISC_R_SUCCESS;
- }
if (timewarn > 0) {
isc_stdtime_t stdwarn = (isc_stdtime_t)timewarn;
if (timewarn == stdwarn) {
dst_key_t *key) {
isc_result_t result;
dns_rdataset_t rdataset;
- dns_rdata_t rdata = DNS_RDATA_INIT;
dns_rdata_rrsig_t rrsig;
int count = 0;
dns_kasp_t *kasp = zone->kasp;
INSIST(!dns_rdataset_isassociated(&rdataset));
return false;
}
- for (result = dns_rdataset_first(&rdataset); result == ISC_R_SUCCESS;
- result = dns_rdataset_next(&rdataset))
- {
+ DNS_RDATASET_FOREACH (&rdataset) {
+ dns_rdata_t rdata = DNS_RDATA_INIT;
dns_rdataset_current(&rdataset, &rdata);
result = dns_rdata_tostruct(&rdata, &rrsig, NULL);
INSIST(result == ISC_R_SUCCESS);
if (rrsig.algorithm == dst_key_alg(key)) {
count++;
}
- dns_rdata_reset(&rdata);
}
if (zone->kasp != NULL) {
isc_result_t result;
dns_dbnode_t *node = NULL;
dns_rdataset_t rdataset;
- dns_rdata_t rdata = DNS_RDATA_INIT;
- unsigned char data[5];
bool seen_done = false;
bool have_rr = false;
INSIST(!dns_rdataset_isassociated(&rdataset));
goto failure;
}
- for (result = dns_rdataset_first(&rdataset); result == ISC_R_SUCCESS;
- result = dns_rdataset_next(&rdataset))
- {
+ DNS_RDATASET_FOREACH (&rdataset) {
+ dns_rdata_t rdata = DNS_RDATA_INIT;
dns_rdataset_current(&rdataset, &rdata);
/*
* If we don't match the algorithm or keyid skip the record.
DNS_DIFFOP_DEL, &zone->origin,
rdataset.ttl, &rdata));
}
- dns_rdata_reset(&rdata);
- }
- if (result == ISC_R_NOMORE) {
- result = ISC_R_SUCCESS;
}
+
if (!signing->deleteit && !seen_done) {
/*
* If we were signing then we need to indicate that we have
* finished signing the zone with this key. If it is already
* there we don't need to add it a second time.
*/
- data[0] = signing->algorithm;
- data[1] = (signing->keyid >> 8) & 0xff;
- data[2] = signing->keyid & 0xff;
- data[3] = 0;
- data[4] = 1;
- rdata.length = sizeof(data);
- rdata.data = data;
- rdata.type = zone->privatetype;
- rdata.rdclass = dns_db_class(signing->db);
+ unsigned char data[5] = {
+ signing->algorithm,
+ (signing->keyid >> 8) & 0xff,
+ signing->keyid & 0xff,
+ 0,
+ 1,
+ };
+ dns_rdata_t rdata = (dns_rdata_t){
+ .length = sizeof(data),
+ .data = data,
+ .type = zone->privatetype,
+ .rdclass = dns_db_class(signing->db),
+ .link = ISC_LINK_INITIALIZER,
+ };
CHECK(update_one_rr(signing->db, version, diff, DNS_DIFFOP_ADD,
&zone->origin, rdataset.ttl, &rdata));
} else if (!have_rr) {
/*
* Delete all NSEC3PARAM records which match that in nsec3chain.
*/
- for (result = dns_rdataset_first(&rdataset); result == ISC_R_SUCCESS;
- result = dns_rdataset_next(&rdataset))
- {
+ DNS_RDATASET_FOREACH (&rdataset) {
dns_rdataset_current(&rdataset, &rdata);
CHECK(dns_rdata_tostruct(&rdata, &nsec3param, NULL));
rdataset.ttl, &rdata));
dns_rdata_reset(&rdata);
}
- if (result != ISC_R_NOMORE) {
- goto failure;
- }
/*
* Restore any NSEC3PARAM records that we deleted to change the TTL.
*/
if (rdataset.ttl != ttl) {
- for (result = dns_rdataset_first(&rdataset);
- result == ISC_R_SUCCESS;
- result = dns_rdataset_next(&rdataset))
- {
+ DNS_RDATASET_FOREACH (&rdataset) {
dns_rdataset_current(&rdataset, &rdata);
CHECK(dns_rdata_tostruct(&rdata, &nsec3param, NULL));
goto failure;
}
- for (result = dns_rdataset_first(&rdataset); result == ISC_R_SUCCESS;
- result = dns_rdataset_next(&rdataset))
- {
+ DNS_RDATASET_FOREACH (&rdataset) {
dns_rdata_t private = DNS_RDATA_INIT;
unsigned char buf[DNS_NSEC3PARAM_BUFFERSIZE];
continue;
}
CHECK(dns_rdata_tostruct(&rdata, &nsec3param, NULL));
+ dns_rdata_reset(&rdata);
if ((!nsec3ok &&
(nsec3param.flags & DNS_NSEC3FLAG_INITIAL) != 0) ||
memcmp(nsec3param.salt, chain->nsec3param.salt,
nsec3param.salt_length))
{
- dns_rdata_reset(&rdata);
continue;
}
CHECK(update_one_rr(db, ver, diff, DNS_DIFFOP_DEL, name,
rdataset.ttl, &private));
- dns_rdata_reset(&rdata);
- }
- if (result != ISC_R_NOMORE) {
- goto failure;
}
add:
if (result != ISC_R_SUCCESS) {
return result;
}
- for (result = dns_rdataset_first(&rdataset); result == ISC_R_SUCCESS;
- result = dns_rdataset_next(&rdataset))
- {
+
+ DNS_RDATASET_FOREACH (&rdataset) {
dns_rdata_t rdata = DNS_RDATA_INIT;
dns_rdataset_current(&rdataset, &rdata);
CHECK(update_one_rr(db, ver, diff, DNS_DIFFOP_DEL, name,
rdataset.ttl, &rdata));
}
- if (result == ISC_R_NOMORE) {
- result = ISC_R_SUCCESS;
- }
+
failure:
dns_rdataset_disassociate(&rdataset);
return result;
return result;
}
- for (result = dns_rdataset_first(&rdataset); result == ISC_R_SUCCESS;
- result = dns_rdataset_next(&rdataset))
- {
+ DNS_RDATASET_FOREACH (&rdataset) {
dns_rdata_t rdata = DNS_RDATA_INIT;
dns_rdataset_current(&rdataset, &rdata);
CHECK(update_one_rr(db, ver, diff, DNS_DIFFOP_DEL, name,
rdataset.ttl, &rdata));
}
- if (result == ISC_R_NOMORE) {
- result = ISC_R_SUCCESS;
- }
+
failure:
dns_rdataset_disassociate(&rdataset);
return result;
need_nsec_chain(dns_db_t *db, dns_dbversion_t *ver,
const dns_rdata_nsec3param_t *param, bool *answer) {
dns_dbnode_t *node = NULL;
- dns_rdata_t rdata = DNS_RDATA_INIT;
dns_rdata_nsec3param_t myparam;
dns_rdataset_t rdataset;
isc_result_t result;
return result;
}
- for (result = dns_rdataset_first(&rdataset); result == ISC_R_SUCCESS;
- result = dns_rdataset_next(&rdataset))
- {
+ bool active = false;
+ DNS_RDATASET_FOREACH (&rdataset) {
+ dns_rdata_t rdata = DNS_RDATA_INIT;
dns_rdataset_current(&rdataset, &rdata);
CHECK(dns_rdata_tostruct(&rdata, &myparam, NULL));
- dns_rdata_reset(&rdata);
+
/*
* Ignore any NSEC3PARAM removals.
*/
{
continue;
}
+
/*
* Found an active NSEC3 chain.
*/
+ active = true;
break;
}
- if (result == ISC_R_NOMORE) {
- *answer = true;
- result = ISC_R_SUCCESS;
- }
+
+ *answer = !active;
failure:
if (dns_rdataset_isassociated(&rdataset)) {
bool has_alg = false;
dns_rdatasetiter_current(iterator, &rdataset);
if (nkeys == 0 && rdataset.type == dns_rdatatype_nsec) {
- for (result = dns_rdataset_first(&rdataset);
- result == ISC_R_SUCCESS;
- result = dns_rdataset_next(&rdataset))
- {
+ DNS_RDATASET_FOREACH (&rdataset) {
dns_rdata_t rdata = DNS_RDATA_INIT;
dns_rdataset_current(&rdataset, &rdata);
CHECK(update_one_rr(db, version, diff,
DNS_DIFFOP_DEL, name,
rdataset.ttl, &rdata));
}
- if (result != ISC_R_NOMORE) {
- goto failure;
- }
dns_rdataset_disassociate(&rdataset);
continue;
}
dns_rdataset_disassociate(&rdataset);
continue;
}
- for (result = dns_rdataset_first(&rdataset);
- result == ISC_R_SUCCESS;
- result = dns_rdataset_next(&rdataset))
- {
+ DNS_RDATASET_FOREACH (&rdataset) {
dns_rdata_t rdata = DNS_RDATA_INIT;
dns_rdataset_current(&rdataset, &rdata);
CHECK(dns_rdata_tostruct(&rdata, &rrsig, NULL));
rdataset.ttl, &rdata));
}
dns_rdataset_disassociate(&rdataset);
- if (result != ISC_R_NOMORE) {
- break;
- }
/*
* After deleting, if there's still a signature for
static bool
matchkey(dns_rdataset_t *rdset, dns_rdata_t *rr) {
- unsigned char data1[4096], data2[4096];
- dns_rdata_t rdata, rdata1, rdata2;
+ unsigned char data1[4096];
+ dns_rdata_t rdata1 = DNS_RDATA_INIT;
isc_result_t result;
- dns_rdata_init(&rdata);
- dns_rdata_init(&rdata1);
- dns_rdata_init(&rdata2);
-
result = normalize_key(rr, &rdata1, data1, sizeof(data1));
if (result != ISC_R_SUCCESS) {
return false;
}
- for (result = dns_rdataset_first(rdset); result == ISC_R_SUCCESS;
- result = dns_rdataset_next(rdset))
- {
- dns_rdata_reset(&rdata);
+ DNS_RDATASET_FOREACH (rdset) {
+ unsigned char data2[4096];
+ dns_rdata_t rdata = DNS_RDATA_INIT;
+ dns_rdata_t rdata2 = DNS_RDATA_INIT;
+
dns_rdataset_current(rdset, &rdata);
result = normalize_key(&rdata, &rdata2, data2, sizeof(data2));
if (result != ISC_R_SUCCESS) {
isc_result_t result;
isc_buffer_t keyb;
unsigned char key_buf[4096];
- dns_rdata_t rdata = DNS_RDATA_INIT;
dns_rdata_keydata_t keydata;
dns_name_t *name;
dns_zone_t *zone = kfetch->zone;
name = dns_fixedname_name(&kfetch->name);
- for (result = dns_rdataset_first(&kfetch->keydataset);
- result == ISC_R_SUCCESS;
- result = dns_rdataset_next(&kfetch->keydataset))
- {
- dns_rdata_reset(&rdata);
+ DNS_RDATASET_FOREACH (&kfetch->keydataset) {
+ dns_rdata_t rdata = DNS_RDATA_INIT;
dns_rdataset_current(&kfetch->keydataset, &rdata);
/* Delete old version */
isc_result_t result;
dns_name_t *keyname;
isc_mem_t *mctx;
- dns_rdata_t sigrr = DNS_RDATA_INIT;
dns_rdata_t rr = DNS_RDATA_INIT;
dns_rdata_rrsig_t sig;
dns_rdata_dnskey_t dnskey;
}
/* See if that key generated any of the signatures */
- for (result = dns_rdataset_first(&kfetch->dnskeysigset);
- result == ISC_R_SUCCESS;
- result = dns_rdataset_next(&kfetch->dnskeysigset))
- {
+ DNS_RDATASET_FOREACH (&kfetch->dnskeysigset) {
+ dns_rdata_t sigrr = DNS_RDATA_INIT;
dns_fixedname_t fixed;
dns_fixedname_init(&fixed);
- dns_rdata_reset(&sigrr);
dns_rdataset_current(&kfetch->dnskeysigset, &sigrr);
result = dns_rdata_tostruct(&sigrr, &sig, NULL);
RUNTIME_CHECK(result == ISC_R_SUCCESS);
bool alldone = false;
bool commit = false;
dns_name_t *keyname = NULL;
- dns_rdata_t sigrr = DNS_RDATA_INIT;
- dns_rdata_t dnskeyrr = DNS_RDATA_INIT;
dns_rdata_t keydatarr = DNS_RDATA_INIT;
dns_rdata_rrsig_t sig;
dns_rdata_dnskey_t dnskey;
*/
dns_rdataset_init(&dsset);
if (dns_keynode_dsset(keynode, &dsset)) {
- for (result = dns_rdataset_first(dnskeysigs);
- result == ISC_R_SUCCESS;
- result = dns_rdataset_next(dnskeysigs))
- {
- isc_result_t tresult;
+ DNS_RDATASET_FOREACH (dnskeysigs) {
+ isc_result_t tresult = ISC_R_NOTFOUND;
dns_rdata_t keyrdata = DNS_RDATA_INIT;
+ dns_rdata_t sigrr = DNS_RDATA_INIT;
- dns_rdata_reset(&sigrr);
dns_rdataset_current(dnskeysigs, &sigrr);
- result = dns_rdata_tostruct(&sigrr, &sig, NULL);
- RUNTIME_CHECK(result == ISC_R_SUCCESS);
+ dns_rdata_tostruct(&sigrr, &sig, NULL);
- for (tresult = dns_rdataset_first(&dsset);
- tresult == ISC_R_SUCCESS;
- tresult = dns_rdataset_next(&dsset))
- {
+ DNS_RDATASET_FOREACH (&dsset) {
dns_rdata_t dsrdata = DNS_RDATA_INIT;
dns_rdata_ds_t ds;
dns_rdata_reset(&dsrdata);
dns_rdataset_current(&dsset, &dsrdata);
- tresult = dns_rdata_tostruct(&dsrdata, &ds,
- NULL);
- RUNTIME_CHECK(tresult == ISC_R_SUCCESS);
+ dns_rdata_tostruct(&dsrdata, &ds, NULL);
if (ds.key_tag != sig.keyid ||
ds.algorithm != sig.algorithm)
continue;
}
- result = dns_dnssec_matchdskey(
+ tresult = dns_dnssec_matchdskey(
keyname, &dsrdata, dnskeys, &keyrdata);
- if (result == ISC_R_SUCCESS) {
+ if (tresult == ISC_R_SUCCESS) {
break;
}
}
- if (tresult == ISC_R_NOMORE) {
+ if (tresult == ISC_R_NOTFOUND) {
continue;
}
* updated
*/
initializing = true;
- for (result = dns_rdataset_first(keydataset); result == ISC_R_SUCCESS;
- result = dns_rdataset_next(keydataset))
- {
+ DNS_RDATASET_FOREACH (keydataset) {
dns_keytag_t keytag;
dns_rdata_reset(&keydatarr);
* - All keys not being removed have their refresh
* timers updated
*/
- for (result = dns_rdataset_first(dnskeys); result == ISC_R_SUCCESS;
- result = dns_rdataset_next(dnskeys))
- {
+ DNS_RDATASET_FOREACH (dnskeys) {
+ dns_rdata_t dnskeyrr = DNS_RDATA_INIT;
bool revoked = false;
bool newkey = false;
bool updatekey = false;
bool trustkey = false;
dns_keytag_t keytag;
- dns_rdata_reset(&dnskeyrr);
dns_rdataset_current(dnskeys, &dnskeyrr);
result = dns_rdata_tostruct(&dnskeyrr, &dnskey, NULL);
RUNTIME_CHECK(result == ISC_R_SUCCESS);
dns_db_t *db = NULL;
dns_dbversion_t *ver = NULL;
dns_diff_t diff;
- dns_rdata_t rdata = DNS_RDATA_INIT;
dns_rdata_keydata_t kd;
isc_stdtime_t now = isc_stdtime_now();
bool commit = false;
* Scan the stored keys looking for ones that need
* removal or refreshing
*/
- for (result = dns_rdataset_first(kdset);
- result == ISC_R_SUCCESS; result = dns_rdataset_next(kdset))
- {
- dns_rdata_reset(&rdata);
+ DNS_RDATASET_FOREACH (kdset) {
+ dns_rdata_t rdata = DNS_RDATA_INIT;
dns_rdataset_current(kdset, &rdata);
result = dns_rdata_tostruct(&rdata, &kd, NULL);
RUNTIME_CHECK(result == ISC_R_SUCCESS);
dns_name_t primary;
dns_rdata_ns_t ns;
dns_rdata_soa_t soa;
+ dns_rdata_t soardata = DNS_RDATA_INIT;
uint32_t serial;
- dns_rdata_t rdata = DNS_RDATA_INIT;
dns_rdataset_t nsrdset;
dns_rdataset_t soardset;
isc_result_t result;
if (result != ISC_R_SUCCESS) {
goto cleanup3;
}
- dns_rdataset_current(&soardset, &rdata);
- result = dns_rdata_tostruct(&rdata, &soa, NULL);
+ dns_rdataset_current(&soardset, &soardata);
+ result = dns_rdata_tostruct(&soardata, &soa, NULL);
RUNTIME_CHECK(result == ISC_R_SUCCESS);
- dns_rdata_reset(&rdata);
dns_name_dup(&soa.origin, zone->mctx, &primary);
serial = soa.serial;
dns_rdataset_disassociate(&soardset);
goto cleanup3;
}
- result = dns_rdataset_first(&nsrdset);
- while (result == ISC_R_SUCCESS) {
+ DNS_RDATASET_FOREACH (&nsrdset) {
+ dns_rdata_t rdata = DNS_RDATA_INIT;
+ dns_rdataset_current(&nsrdset, &rdata);
+
dns_notify_t *notify = NULL;
- dns_rdataset_current(&nsrdset, &rdata);
result = dns_rdata_tostruct(&rdata, &ns, NULL);
RUNTIME_CHECK(result == ISC_R_SUCCESS);
- dns_rdata_reset(&rdata);
+
/*
* Don't notify the primary server unless explicitly
* configured to do so.
if (!DNS_ZONE_OPTION(zone, DNS_ZONEOPT_NOTIFYTOSOA) &&
dns_name_compare(&primary, &ns.name) == 0)
{
- result = dns_rdataset_next(&nsrdset);
continue;
}
NULL);
UNLOCK_ZONE(zone);
if (isqueued) {
- result = dns_rdataset_next(&nsrdset);
continue;
}
result = notify_create(zone->mctx, flags, ¬ify);
ISC_LIST_APPEND(zone->notifies, notify, link);
UNLOCK_ZONE(zone);
notify_find_address(notify);
- result = dns_rdataset_next(&nsrdset);
}
dns_rdataset_disassociate(&nsrdset);
dns_dbnode_t *node = NULL;
dns_rdata_ns_t ns;
isc_result_t result;
- dns_rdata_t rdata = DNS_RDATA_INIT;
bool has_glue = false;
/*
/*
* Add glue rdatasets.
*/
- for (result = dns_rdataset_first(nsrdataset); result == ISC_R_SUCCESS;
- result = dns_rdataset_next(nsrdataset))
- {
+ DNS_RDATASET_FOREACH (nsrdataset) {
+ dns_rdata_t rdata = DNS_RDATA_INIT;
dns_rdataset_current(nsrdataset, &rdata);
result = dns_rdata_tostruct(&rdata, &ns, NULL);
RUNTIME_CHECK(result == ISC_R_SUCCESS);
- dns_rdata_reset(&rdata);
if (!dns_name_issubdomain(&ns.name, name)) {
continue;
}
}
- if (result != ISC_R_NOMORE) {
- goto done;
- }
-
/*
* If no glue records were found, we attempt to resolve A/AAAA
* for each NS entry found in the answer.
* is why we use an nsec3list, even though we will usually only
* have one).
*/
- for (result = dns_rdataset_first(&rdataset); result == ISC_R_SUCCESS;
- result = dns_rdataset_next(&rdataset))
- {
+ DNS_RDATASET_FOREACH (&rdataset) {
dns_rdata_t rdata = DNS_RDATA_INIT;
dns_rdata_t private = DNS_RDATA_INIT;
* using dns_nsec3param_fromprivate(), do the right thing based on
* CREATE and REMOVE flags
*/
- for (result = dns_rdataset_first(&prdataset); result == ISC_R_SUCCESS;
- result = dns_rdataset_next(&prdataset))
- {
+ DNS_RDATASET_FOREACH (&prdataset) {
dns_rdata_t rdata = DNS_RDATA_INIT;
dns_rdata_t private = DNS_RDATA_INIT;
}
done:
- if (result == ISC_R_NOMORE || result == ISC_R_NOTFOUND) {
+ if (result == ISC_R_NOTFOUND) {
result = ISC_R_SUCCESS;
}
goto failure;
}
- for (result = dns_rdataset_first(&rdataset); result == ISC_R_SUCCESS;
- result = dns_rdataset_next(&rdataset))
- {
+ bool matched = false;
+ DNS_RDATASET_FOREACH (&rdataset) {
dns_rdata_t myrdata = DNS_RDATA_INIT;
dns_rdataset_current(&rdataset, &myrdata);
- if (!dns_rdata_compare(&myrdata, rdata)) {
+ if (dns_rdata_compare(&myrdata, rdata) == 0) {
+ matched = true;
break;
}
}
dns_rdataset_disassociate(&rdataset);
- if (result == ISC_R_SUCCESS) {
- *flag = true;
- } else if (result == ISC_R_NOMORE) {
- *flag = false;
- result = ISC_R_SUCCESS;
- }
+ *flag = matched;
failure:
if (node != NULL) {
*/
static bool
signed_with_alg(dns_rdataset_t *rdataset, dns_secalg_t alg) {
- dns_rdata_t rdata = DNS_RDATA_INIT;
- dns_rdata_rrsig_t rrsig;
- isc_result_t result;
-
REQUIRE(rdataset == NULL || rdataset->type == dns_rdatatype_rrsig);
if (rdataset == NULL || !dns_rdataset_isassociated(rdataset)) {
return false;
}
- for (result = dns_rdataset_first(rdataset); result == ISC_R_SUCCESS;
- result = dns_rdataset_next(rdataset))
- {
+ DNS_RDATASET_FOREACH (rdataset) {
+ dns_rdata_t rdata = DNS_RDATA_INIT;
+ dns_rdata_rrsig_t rrsig;
+
dns_rdataset_current(rdataset, &rdata);
- result = dns_rdata_tostruct(&rdata, &rrsig, NULL);
- RUNTIME_CHECK(result == ISC_R_SUCCESS);
- dns_rdata_reset(&rdata);
+ dns_rdata_tostruct(&rdata, &rrsig, NULL);
if (rrsig.algorithm == alg) {
return true;
}
bool checkdspub = false, checkdsdel = false, ksk = false;
dst_key_state_t ds_state = DST_KEY_STATE_NA;
isc_stdtime_t published = 0, withdrawn = 0;
- isc_result_t ret = ISC_R_SUCCESS;
/* Is this key have the KSK role? */
(void)dst_key_role(key->key, &ksk, NULL);
}
/* Find the appropriate DS record. */
- ret = dns_rdataset_first(ds_rrset);
- while (ret == ISC_R_SUCCESS) {
+ DNS_RDATASET_FOREACH (ds_rrset) {
dns_rdata_ds_t ds;
dns_rdata_t dnskey = DNS_RDATA_INIT;
dns_rdata_t dsrdata = DNS_RDATA_INIT;
dns_rdataset_current(ds_rrset, &rdata);
r = dns_rdata_tostruct(&rdata, &ds, NULL);
if (r != ISC_R_SUCCESS) {
- goto nextds;
+ continue;
}
/* Check key tag and algorithm. */
if (dst_key_id(key->key) != ds.key_tag) {
- goto nextds;
+ continue;
}
if (dst_key_alg(key->key) != ds.algorithm) {
- goto nextds;
+ continue;
}
/* Derive DS from DNSKEY, see if the rdata is equal. */
make_dnskey(key->key, keybuf, sizeof(keybuf), &dnskey);
r = dns_ds_buildrdata(&zone->origin, &dnskey,
ds.digest_type, dsbuf, &dsrdata);
if (r != ISC_R_SUCCESS) {
- goto nextds;
+ continue;
}
if (dns_rdata_compare(&rdata, &dsrdata) == 0) {
found = true;
}
}
}
-
- nextds:
- ret = dns_rdataset_next(ds_rrset);
}
dswithdrawn:
static void
nsfetch_done(void *arg) {
dns_fetchresponse_t *resp = (dns_fetchresponse_t *)arg;
- isc_result_t result, eresult;
+ isc_result_t result = ISC_R_NOMORE, eresult;
dns_nsfetch_t *nsfetch = NULL;
dns_zone_t *zone = NULL;
isc_mem_t *mctx = NULL;
UNLOCK_ZONE(zone);
/* Look up the addresses for the found parental name servers. */
- for (result = dns_rdataset_first(nsrrset); result == ISC_R_SUCCESS;
- result = dns_rdataset_next(nsrrset))
- {
+ DNS_RDATASET_FOREACH (nsrrset) {
dns_checkds_t *checkds = NULL;
dns_rdata_t rdata = DNS_RDATA_INIT;
dns_rdata_ns_t ns;
checkds_find_address(checkds);
}
- if (result == ISC_R_NOMORE) {
- result = ISC_R_SUCCESS;
- }
LOCK_ZONE(zone);
#endif /* ifdef ENABLE_AFL */
}
-static isc_result_t
+static void
update_ttl(dns_rdataset_t *rdataset, dns_name_t *name, dns_ttl_t ttl,
dns_diff_t *diff) {
- isc_result_t result;
-
/*
* Delete everything using the existing TTL.
*/
- for (result = dns_rdataset_first(rdataset); result == ISC_R_SUCCESS;
- result = dns_rdataset_next(rdataset))
- {
+ DNS_RDATASET_FOREACH (rdataset) {
dns_difftuple_t *tuple = NULL;
dns_rdata_t rdata = DNS_RDATA_INIT;
rdataset->ttl, &rdata, &tuple);
dns_diff_appendminimal(diff, &tuple);
}
- if (result != ISC_R_NOMORE) {
- return result;
- }
/*
* Add everything using the new TTL.
*/
- for (result = dns_rdataset_first(rdataset); result == ISC_R_SUCCESS;
- result = dns_rdataset_next(rdataset))
- {
+ DNS_RDATASET_FOREACH (rdataset) {
dns_difftuple_t *tuple = NULL;
dns_rdata_t rdata = DNS_RDATA_INIT;
&rdata, &tuple);
dns_diff_appendminimal(diff, &tuple);
}
- if (result != ISC_R_NOMORE) {
- return result;
- }
- return ISC_R_SUCCESS;
}
static isc_result_t
return;
}
- for (isc_result_t result = dns_rdataset_first(rdataset);
- result == ISC_R_SUCCESS; result = dns_rdataset_next(rdataset))
- {
+ DNS_RDATASET_FOREACH (rdataset) {
dns_rdata_t rdata = DNS_RDATA_INIT;
dns_difftuple_t *tuple = NULL;
if (kasp == NULL) {
ttl = keyset.ttl;
} else if (ttl != keyset.ttl && !offlineksk) {
- result = update_ttl(&keyset, &zone->origin, ttl, &diff);
- if (result != ISC_R_SUCCESS) {
- dnssec_log(zone, ISC_LOG_ERROR,
- "Updating DNSKEY TTL from %u to %u "
- "failed: %s",
- keyset.ttl, ttl,
- isc_result_totext(result));
- goto failure;
- }
+ update_ttl(&keyset, &zone->origin, ttl, &diff);
dnssec_log(zone, ISC_LOG_INFO,
"Updating DNSKEY TTL from %u to %u",
keyset.ttl, ttl);
} else if (result == ISC_R_SUCCESS && kasp != NULL &&
ttl != cdsset.ttl && !offlineksk)
{
- result = update_ttl(&cdsset, &zone->origin, ttl, &diff);
- if (result != ISC_R_SUCCESS) {
- dnssec_log(zone, ISC_LOG_ERROR,
- "Updating CDS TTL from %u to %u failed: %s",
- cdsset.ttl, ttl, isc_result_totext(result));
- goto failure;
- }
+ update_ttl(&cdsset, &zone->origin, ttl, &diff);
dnssec_log(zone, ISC_LOG_INFO, "Updating CDS TTL from %u to %u",
cdsset.ttl, ttl);
cdsset.ttl = ttl;
} else if (result == ISC_R_SUCCESS && kasp != NULL &&
ttl != cdnskeyset.ttl && !offlineksk)
{
- result = update_ttl(&cdnskeyset, &zone->origin, ttl, &diff);
- if (result != ISC_R_SUCCESS) {
- dnssec_log(
- zone, ISC_LOG_ERROR,
- "Updating CDNSKEY TTL from %u to %u failed: %s",
- cdnskeyset.ttl, ttl, isc_result_totext(result));
- goto failure;
- }
+ update_ttl(&cdnskeyset, &zone->origin, ttl, &diff);
dnssec_log(zone, ISC_LOG_INFO,
"Updating CDNSKEY TTL from %u to %u", cdnskeyset.ttl,
ttl);
} else {
/* Check if there is a CDS DELETE record. */
if (dns_rdataset_isassociated(&cdsset)) {
- for (result = dns_rdataset_first(&cdsset);
- result == ISC_R_SUCCESS;
- result = dns_rdataset_next(&cdsset))
- {
+ DNS_RDATASET_FOREACH (&cdsset) {
dns_rdata_t crdata = DNS_RDATA_INIT;
dns_rdataset_current(&cdsset, &crdata);
/*
/* Check if there is a CDNSKEY DELETE record. */
if (dns_rdataset_isassociated(&cdnskeyset)) {
- for (result = dns_rdataset_first(&cdnskeyset);
- result == ISC_R_SUCCESS;
- result = dns_rdataset_next(&cdnskeyset))
- {
+ DNS_RDATASET_FOREACH (&cdnskeyset) {
dns_rdata_t crdata = DNS_RDATA_INIT;
dns_rdataset_current(&cdnskeyset,
&crdata);
if (dns_rdataset_isassociated(&cds)) {
bool delete = false;
memset(algorithms, notexpected, sizeof(algorithms));
- for (result = dns_rdataset_first(&cds); result == ISC_R_SUCCESS;
- result = dns_rdataset_next(&cds))
- {
+ DNS_RDATASET_FOREACH (&cds) {
dns_rdata_t crdata = DNS_RDATA_INIT;
dns_rdata_cds_t structcds;
if (algorithms[structcds.algorithm] == 0) {
algorithms[structcds.algorithm] = expected;
}
- for (result = dns_rdataset_first(&dnskey);
- result == ISC_R_SUCCESS;
- result = dns_rdataset_next(&dnskey))
- {
+ DNS_RDATASET_FOREACH (&dnskey) {
dns_rdata_t rdata = DNS_RDATA_INIT;
dns_rdata_dnskey_t structdnskey;
dns_rdataset_current(&dnskey, &rdata);
- CHECK(dns_rdata_tostruct(&rdata, &structdnskey,
- NULL));
+ dns_rdata_tostruct(&rdata, &structdnskey, NULL);
if (structdnskey.algorithm ==
structcds.algorithm)
algorithms[structcds.algorithm] = found;
}
}
- if (result != ISC_R_NOMORE) {
- goto failure;
- }
}
for (i = 0; i < sizeof(algorithms); i++) {
if (delete) {
if (dns_rdataset_isassociated(&cdnskey)) {
bool delete = false;
memset(algorithms, notexpected, sizeof(algorithms));
- for (result = dns_rdataset_first(&cdnskey);
- result == ISC_R_SUCCESS;
- result = dns_rdataset_next(&cdnskey))
- {
+ DNS_RDATASET_FOREACH (&cdnskey) {
dns_rdata_t crdata = DNS_RDATA_INIT;
dns_rdata_cdnskey_t structcdnskey;
if (algorithms[structcdnskey.algorithm] == 0) {
algorithms[structcdnskey.algorithm] = expected;
}
- for (result = dns_rdataset_first(&dnskey);
- result == ISC_R_SUCCESS;
- result = dns_rdataset_next(&dnskey))
- {
+ DNS_RDATASET_FOREACH (&dnskey) {
dns_rdata_t rdata = DNS_RDATA_INIT;
dns_rdata_dnskey_t structdnskey;
found;
}
}
- if (result != ISC_R_NOMORE) {
- goto failure;
- }
}
for (i = 0; i < sizeof(algorithms); i++) {
if (delete) {
keydone(void *arg) {
bool commit = false;
isc_result_t result;
- dns_rdata_t rdata = DNS_RDATA_INIT;
dns_dbversion_t *oldver = NULL, *newver = NULL;
dns_db_t *db = NULL;
dns_dbnode_t *node = NULL;
goto failure;
}
- for (result = dns_rdataset_first(&rdataset); result == ISC_R_SUCCESS;
- result = dns_rdataset_next(&rdataset))
- {
+ DNS_RDATASET_FOREACH (&rdataset) {
+ dns_rdata_t rdata = DNS_RDATA_INIT;
bool found = false;
dns_rdataset_current(&rdataset, &rdata);
&zone->origin, rdataset.ttl,
&rdata));
}
- dns_rdata_reset(&rdata);
}
if (!ISC_LIST_EMPTY(diff.tuples)) {
dns_rdataset_t prdataset, nrdataset;
dns_diff_t diff;
dns_update_log_t log = { update_log_cb, NULL };
- dns_rdata_t rdata;
bool nseconly;
bool exists = false;
result = dns_db_findrdataset(db, node, newver, zone->privatetype,
dns_rdatatype_none, 0, &prdataset, NULL);
if (result == ISC_R_SUCCESS) {
- for (result = dns_rdataset_first(&prdataset);
- result == ISC_R_SUCCESS;
- result = dns_rdataset_next(&prdataset))
- {
- dns_rdata_init(&rdata);
+ DNS_RDATASET_FOREACH (&prdataset) {
+ dns_rdata_t rdata = DNS_RDATA_INIT;
dns_rdataset_current(&prdataset, &rdata);
if (np->length == rdata.length &&
result = dns_db_findrdataset(db, node, newver, dns_rdatatype_nsec3param,
dns_rdatatype_none, 0, &nrdataset, NULL);
if (result == ISC_R_SUCCESS) {
- for (result = dns_rdataset_first(&nrdataset);
- result == ISC_R_SUCCESS;
- result = dns_rdataset_next(&nrdataset))
- {
- dns_rdata_init(&rdata);
+ DNS_RDATASET_FOREACH (&nrdataset) {
+ dns_rdata_t rdata = DNS_RDATA_INIT;
dns_rdataset_current(&nrdataset, &rdata);
if (np->length == ((unsigned int)rdata.length + 1) &&
* algorithm), add the INITIAL flag, so these parameters can be
* used later when NSEC3 becomes available.
*/
- dns_rdata_init(&rdata);
+ dns_rdata_t rdata = DNS_RDATA_INIT;
np->data[2] |= DNS_NSEC3FLAG_CREATE;
result = dns_nsec_nseconly(db, newver, NULL, &nseconly);
dns_dbversion_t *version = NULL;
dns_rdataset_t rdataset;
dns_rdata_nsec3param_t nsec3param;
- dns_rdata_t rdata = DNS_RDATA_INIT;
REQUIRE(DNS_ZONE_VALID(zone));
goto setparam;
}
- for (result = dns_rdataset_first(&rdataset); result == ISC_R_SUCCESS;
- result = dns_rdataset_next(&rdataset))
- {
+ result = ISC_R_NOTFOUND;
+ DNS_RDATASET_FOREACH (&rdataset) {
+ dns_rdata_t rdata = DNS_RDATA_INIT;
dns_rdataset_current(&rdataset, &rdata);
- result = dns_rdata_tostruct(&rdata, &nsec3param, NULL);
- INSIST(result == ISC_R_SUCCESS);
- dns_rdata_reset(&rdata);
+ dns_rdata_tostruct(&rdata, &nsec3param, NULL);
/* Check parameters. */
if (nsec3param.hash != lookup->hash) {
break;
}
- if (result == ISC_R_NOMORE) {
- result = ISC_R_NOTFOUND;
- }
-
setparam:
if (result != ISC_R_SUCCESS) {
/* Found no match. */
find_nsec3_match(const dns_rdata_nsec3param_t *nsec3param,
dns_rdataset_t *rdataset, size_t rhsize,
dns_rdata_nsec3_t *nsec3_match) {
- isc_result_t result;
-
/*
* Find matching NSEC3 record.
*/
- for (result = dns_rdataset_first(rdataset); result == ISC_R_SUCCESS;
- result = dns_rdataset_next(rdataset))
- {
+ DNS_RDATASET_FOREACH (rdataset) {
dns_rdata_t rdata = DNS_RDATA_INIT;
dns_rdataset_current(rdataset, &rdata);
- result = dns_rdata_tostruct(&rdata, nsec3_match, NULL);
- RUNTIME_CHECK(result == ISC_R_SUCCESS);
+ dns_rdata_tostruct(&rdata, nsec3_match, NULL);
if (nsec3_match->hash == nsec3param->hash &&
nsec3_match->next_length == rhsize &&
nsec3_match->iterations == nsec3param->iterations &&
}
}
- return result;
+ return ISC_R_NOTFOUND;
}
static isc_result_t
dns_rdata_nsec3param_t nsec3param;
isc_result_t result;
- for (result = dns_rdataset_first(nsec3paramset);
- result == ISC_R_SUCCESS; result = dns_rdataset_next(nsec3paramset))
- {
+ DNS_RDATASET_FOREACH (nsec3paramset) {
dns_rdata_t rdata = DNS_RDATA_INIT;
dns_rdataset_current(nsec3paramset, &rdata);
goto cleanup;
}
- for (result = dns_rdataset_first(&rdataset); result == ISC_R_SUCCESS;
- result = dns_rdataset_next(&rdataset))
- {
+ DNS_RDATASET_FOREACH (&rdataset) {
dns_rdata_t rdata = DNS_RDATA_INIT;
dns_rdataset_current(&rdataset, &rdata);
result = dns_rdata_tostruct(&rdata, &nsec3, NULL);
dns_rdataset_t *nsec3paramset, bool delegation, bool empty,
const unsigned char types[8192], unsigned int maxtype,
isc_result_t *vresult) {
- isc_result_t result;
+ isc_result_t result = ISC_R_NOMORE;
- for (result = dns_rdataset_first(nsec3paramset);
- result == ISC_R_SUCCESS; result = dns_rdataset_next(nsec3paramset))
- {
+ DNS_RDATASET_FOREACH (nsec3paramset) {
dns_rdata_t rdata = DNS_RDATA_INIT;
dns_rdataset_current(nsec3paramset, &rdata);
break;
}
}
- if (result == ISC_R_NOMORE) {
- result = ISC_R_SUCCESS;
- }
+
return result;
}
goto done;
}
- for (result = dns_rdataset_first(&sigrdataset); result == ISC_R_SUCCESS;
- result = dns_rdataset_next(&sigrdataset))
- {
+ DNS_RDATASET_FOREACH (&sigrdataset) {
dns_rdata_t rdata = DNS_RDATA_INIT;
dns_rdata_rrsig_t sig;
*/
dns_rdataset_init(&dsset);
if (dns_keynode_dsset(keynode, &dsset)) {
- for (result = dns_rdataset_first(&dsset);
- result == ISC_R_SUCCESS;
- result = dns_rdataset_next(&dsset))
- {
+ DNS_RDATASET_FOREACH (&dsset) {
dns_rdata_t dsrdata = DNS_RDATA_INIT;
dns_rdata_t newdsrdata = DNS_RDATA_INIT;
unsigned char buf[DNS_DS_BUFFERSIZE];
*/
static isc_result_t
check_dnskey(vctx_t *vctx) {
- dns_rdata_t rdata = DNS_RDATA_INIT;
dns_rdata_dnskey_t dnskey;
isc_result_t result;
bool is_ksk;
- for (result = dns_rdataset_first(&vctx->keyset);
- result == ISC_R_SUCCESS; result = dns_rdataset_next(&vctx->keyset))
- {
+ DNS_RDATASET_FOREACH (&vctx->keyset) {
+ dns_rdata_t rdata = DNS_RDATA_INIT;
dns_rdataset_current(&vctx->keyset, &rdata);
result = dns_rdata_tostruct(&rdata, &dnskey, NULL);
RUNTIME_CHECK(result == ISC_R_SUCCESS);
check_dnskey_sigs(vctx, &dnskey, &rdata, is_ksk);
}
dns_rdata_freestruct(&dnskey);
- dns_rdata_reset(&rdata);
}
return ISC_R_SUCCESS;
count = dns_rdataset_count(&vctx->keyset);
dstkeys = isc_mem_cget(vctx->mctx, count, sizeof(*dstkeys));
- for (result = dns_rdataset_first(&vctx->keyset);
- result == ISC_R_SUCCESS; result = dns_rdataset_next(&vctx->keyset))
- {
+ DNS_RDATASET_FOREACH (&vctx->keyset) {
dns_rdata_t rdata = DNS_RDATA_INIT;
dns_rdataset_current(&vctx->keyset, &rdata);
dstkeys[nkeys] = NULL;
validate(ns_client_t *client, dns_db_t *db, dns_name_t *name,
dns_rdataset_t *rdataset, dns_rdataset_t *sigrdataset) {
isc_result_t result;
- dns_rdata_t rdata = DNS_RDATA_INIT;
dns_rdata_rrsig_t rrsig;
dst_key_t *key = NULL;
dns_rdataset_t keyrdataset;
return false;
}
- for (result = dns_rdataset_first(sigrdataset); result == ISC_R_SUCCESS;
- result = dns_rdataset_next(sigrdataset))
- {
- dns_rdata_reset(&rdata);
+ DNS_RDATASET_FOREACH (sigrdataset) {
+ dns_rdata_t rdata = DNS_RDATA_INIT;
dns_rdataset_current(sigrdataset, &rdata);
result = dns_rdata_tostruct(&rdata, &rrsig, NULL);
RUNTIME_CHECK(result == ISC_R_SUCCESS);
/*
* Check all of the IP addresses in the rdataset.
*/
- for (result = dns_rdataset_first(*ip_rdatasetp);
- result == ISC_R_SUCCESS;
- result = dns_rdataset_next(*ip_rdatasetp))
- {
+ DNS_RDATASET_FOREACH (*ip_rdatasetp) {
dns_rdata_t rdata = DNS_RDATA_INIT;
dns_rdataset_current(*ip_rdatasetp, &rdata);
switch (rdata.type) {
rpz_ck_dnssec(ns_client_t *client, isc_result_t qresult,
dns_rdataset_t *rdataset, dns_rdataset_t *sigrdataset) {
dns_fixedname_t fixed;
- dns_name_t *found;
- dns_rdataset_t trdataset;
+ dns_name_t *found = NULL;
+ dns_rdataset_t trdataset = DNS_RDATASET_INIT;
dns_rdatatype_t type;
- isc_result_t result;
CTRACE(ISC_LOG_DEBUG(3), "rpz_ck_dnssec");
}
found = dns_fixedname_initname(&fixed);
dns_rdataset_init(&trdataset);
- for (result = dns_rdataset_first(rdataset); result == ISC_R_SUCCESS;
- result = dns_rdataset_next(rdataset))
- {
+ DNS_RDATASET_FOREACH (rdataset) {
dns_ncache_current(rdataset, found, &trdataset);
type = trdataset.type;
dns_rdataset_disassociate(&trdataset);
dns_db_t *db = NULL;
dns_dbnode_t *node = NULL;
dns_fixedname_t fixed;
- dns_name_t *found;
- dns_rdataset_t trdataset;
+ dns_name_t *found = NULL;
+ dns_rdataset_t trdataset = DNS_RDATASET_INIT;
isc_result_t result;
dns_rdatatype_t type;
dns_clientinfomethods_t cm;
dns_clientinfo_t ci;
- ns_dbversion_t *dbversion;
+ ns_dbversion_t *dbversion = NULL;
CTRACE(ISC_LOG_DEBUG(3), "redirect");
}
found = dns_fixedname_initname(&fixed);
- dns_rdataset_init(&trdataset);
dns_clientinfomethods_init(&cm, ns_client_sourceip);
dns_clientinfo_init(&ci, client, NULL);
return ISC_R_NOTFOUND;
}
if ((rdataset->attributes & DNS_RDATASETATTR_NEGATIVE) != 0) {
- for (result = dns_rdataset_first(rdataset);
- result == ISC_R_SUCCESS;
- result = dns_rdataset_next(rdataset))
- {
+ DNS_RDATASET_FOREACH (rdataset) {
dns_ncache_current(rdataset, found, &trdataset);
type = trdataset.type;
dns_rdataset_disassociate(&trdataset);
dns_dbnode_t *node = NULL;
dns_fixedname_t fixed;
dns_fixedname_t fixedredirect;
- dns_name_t *found, *redirectname;
- dns_rdataset_t trdataset;
+ dns_name_t *found = NULL, *redirectname = NULL;
+ dns_rdataset_t trdataset = DNS_RDATASET_INIT;
isc_result_t result;
dns_rdatatype_t type;
dns_clientinfomethods_t cm;
}
found = dns_fixedname_initname(&fixed);
- dns_rdataset_init(&trdataset);
dns_clientinfomethods_init(&cm, ns_client_sourceip);
dns_clientinfo_init(&ci, client, NULL);
return ISC_R_NOTFOUND;
}
if ((rdataset->attributes & DNS_RDATASETATTR_NEGATIVE) != 0) {
- for (result = dns_rdataset_first(rdataset);
- result == ISC_R_SUCCESS;
- result = dns_rdataset_next(rdataset))
- {
+ DNS_RDATASET_FOREACH (rdataset) {
dns_ncache_current(rdataset, found, &trdataset);
type = trdataset.type;
dns_rdataset_disassociate(&trdataset);
(qctx->client->query.rpz_st->state & DNS_RPZ_REWRITTEN) == 0) &&
(qctx->client->query.attributes & NS_QUERYATTR_RRL_CHECKED) == 0)
{
- dns_rdataset_t nc_rdataset;
bool wouldlog;
- dns_fixedname_t fixed;
const dns_name_t *constname;
char log_buf[DNS_RRL_LOG_BUF_LEN];
- isc_result_t nc_result, resp_result;
+ isc_result_t resp_result;
dns_rrl_result_t rrl_result;
qctx->client->query.attributes |= NS_QUERYATTR_RRL_CHECKED;
/*
* Try to use owner name in the negative cache SOA.
*/
- dns_fixedname_init(&fixed);
- dns_rdataset_init(&nc_rdataset);
- for (nc_result = dns_rdataset_first(qctx->rdataset);
- nc_result == ISC_R_SUCCESS;
- nc_result = dns_rdataset_next(qctx->rdataset))
- {
- dns_ncache_current(qctx->rdataset,
- dns_fixedname_name(&fixed),
+ dns_rdataset_t nc_rdataset = DNS_RDATASET_INIT;
+ dns_fixedname_t fixed;
+ dns_name_t *n = dns_fixedname_initname(&fixed);
+ DNS_RDATASET_FOREACH (qctx->rdataset) {
+ dns_ncache_current(qctx->rdataset, n,
&nc_rdataset);
if (nc_rdataset.type == dns_rdatatype_soa) {
dns_rdataset_disassociate(&nc_rdataset);
- constname = dns_fixedname_name(&fixed);
+ constname = n;
break;
}
dns_rdataset_disassociate(&nc_rdataset);
dns_rdataset_init(&dsset);
if (dns_keynode_dsset(keynode, &dsset)) {
- for (result = dns_rdataset_first(&dsset);
- result == ISC_R_SUCCESS;
- result = dns_rdataset_next(&dsset))
- {
+ DNS_RDATASET_FOREACH (&dsset) {
dns_rdata_t rdata = DNS_RDATA_INIT;
dns_rdata_ds_t ds;
myrdatalist->ttl = qctx->rdataset->ttl;
i = 0;
- for (result = dns_rdataset_first(qctx->rdataset);
- result == ISC_R_SUCCESS;
- result = dns_rdataset_next(qctx->rdataset))
- {
+ DNS_RDATASET_FOREACH (qctx->rdataset) {
dns_rdata_t rdata = DNS_RDATA_INIT;
dns_rdata_t *myrdata = NULL;
isc_region_t r;
*/
static isc_result_t
checksignames(dns_name_t *signer, dns_rdataset_t *sigrdataset) {
- isc_result_t result;
-
- for (result = dns_rdataset_first(sigrdataset); result == ISC_R_SUCCESS;
- result = dns_rdataset_next(sigrdataset))
- {
+ DNS_RDATASET_FOREACH (sigrdataset) {
+ isc_result_t result;
dns_rdata_t rdata = DNS_RDATA_INIT;
dns_rdata_rrsig_t rrsig;
dns_rdataset_current(sigrdataset, &rdata);
result = dns_rdata_tostruct(&rdata, &rrsig, NULL);
RUNTIME_CHECK(result == ISC_R_SUCCESS);
+
if (dns_name_countlabels(signer) == 0) {
dns_name_copy(&rrsig.signer, signer);
} else if (!dns_name_equal(signer, &rrsig.signer)) {
foreach_node_rr_action(void *data, dns_rdataset_t *rdataset) {
isc_result_t result;
foreach_node_rr_ctx_t *ctx = data;
- for (result = dns_rdataset_first(rdataset); result == ISC_R_SUCCESS;
- result = dns_rdataset_next(rdataset))
- {
+ DNS_RDATASET_FOREACH (rdataset) {
rr_t rr = { 0, DNS_RDATA_INIT };
dns_rdataset_current(rdataset, &rr.rdata);
return result;
}
}
- if (result != ISC_R_NOMORE) {
- return result;
- }
return ISC_R_SUCCESS;
}
dns_rdataset_getownercase(&rdataset, ctx->oldname);
}
- for (result = dns_rdataset_first(&rdataset); result == ISC_R_SUCCESS;
- result = dns_rdataset_next(&rdataset))
- {
+ DNS_RDATASET_FOREACH (&rdataset) {
rr_t rr = { 0, DNS_RDATA_INIT };
dns_rdataset_current(&rdataset, &rr.rdata);
rr.ttl = rdataset.ttl;
goto cleanup_rdataset;
}
}
- if (result != ISC_R_NOMORE) {
- goto cleanup_rdataset;
- }
result = ISC_R_SUCCESS;
cleanup_rdataset:
dns_rdataset_init(&rdataset);
dns_rdataset_clone(rrset, &rdataset);
- for (result = dns_rdataset_first(&rdataset);
- result == ISC_R_SUCCESS;
- result = dns_rdataset_next(&rdataset))
- {
+ DNS_RDATASET_FOREACH (&rdataset) {
dns_rdata_t rdata = DNS_RDATA_INIT;
dns_rdataset_current(&rdataset, &rdata);
if (rrset->type == dns_rdatatype_ptr) {
break;
}
}
- if (result != ISC_R_NOMORE) {
- rule_ok = false;
- }
dns_rdataset_disassociate(&rdataset);
} else {
rule_ok = dns_ssutable_checkrules(
dns_diff_init(mctx, &d_rrs);
dns_diff_init(mctx, &u_rrs);
- for (result = dns_rdataset_first(&rdataset);
- result == ISC_R_SUCCESS;
- result = dns_rdataset_next(&rdataset))
- {
+ DNS_RDATASET_FOREACH (&rdataset) {
dns_rdata_t rdata = DNS_RDATA_INIT;
dns_rdataset_current(&rdataset, &rdata);
temp_append(&d_rrs, name, &rdata);
}
- if (result != ISC_R_NOMORE) {
- goto failure;
- }
+
result = dns_diff_sort(&d_rrs, temp_order);
if (result != ISC_R_SUCCESS) {
goto failure;
goto failure;
}
- for (result = dns_rdataset_first(&rdataset); result == ISC_R_SUCCESS;
- result = dns_rdataset_next(&rdataset))
- {
+ bool matched = false;
+ DNS_RDATASET_FOREACH (&rdataset) {
dns_rdata_t myrdata = DNS_RDATA_INIT;
dns_rdataset_current(&rdataset, &myrdata);
- if (!dns_rdata_casecompare(&myrdata, rdata)) {
+ if (dns_rdata_casecompare(&myrdata, rdata) == 0) {
+ matched = true;
break;
}
}
dns_rdataset_disassociate(&rdataset);
- if (result == ISC_R_SUCCESS) {
- *flag = true;
- } else if (result == ISC_R_NOMORE) {
- *flag = false;
- result = ISC_R_SUCCESS;
- }
+ *flag = matched;
failure:
if (node != NULL) {
goto failure;
}
- for (result = dns_rdataset_first(&rdataset); result == ISC_R_SUCCESS;
- result = dns_rdataset_next(&rdataset))
- {
+ DNS_RDATASET_FOREACH (&rdataset) {
dns_rdata_t rdata = DNS_RDATA_INIT;
dns_rdataset_current(&rdataset, &rdata);
CHECK(dns_rdata_tostruct(&rdata, &nsec3param, NULL));
iterations = nsec3param.iterations;
}
}
- if (result != ISC_R_NOMORE) {
- goto failure;
- }
dns_rdataset_disassociate(&rdataset);
goto failure;
}
- for (result = dns_rdataset_first(&rdataset); result == ISC_R_SUCCESS;
- result = dns_rdataset_next(&rdataset))
- {
+ DNS_RDATASET_FOREACH (&rdataset) {
unsigned char buf[DNS_NSEC3PARAM_BUFFERSIZE];
dns_rdata_t private = DNS_RDATA_INIT;
dns_rdata_t rdata = DNS_RDATA_INIT;
iterations = nsec3param.iterations;
}
}
- if (result != ISC_R_NOMORE) {
- goto failure;
- }
success:
*iterationsp = iterations;
projects / thirdparty / bind9.git / commitdiff
