From: Otto Moerbeek Date: Wed, 27 Sep 2023 15:01:14 +0000 (+0200) Subject: delint X-Git-Tag: rec-5.0.0-alpha2~24^2~1 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=24d8f14e8b0b480c714300cdcda7926777ab7d12;p=thirdparty%2Fpdns.git delint --- diff --git a/pdns/recursordist/rec-zonetocache.cc b/pdns/recursordist/rec-zonetocache.cc index 8774635003..10936401c0 100644 --- a/pdns/recursordist/rec-zonetocache.cc +++ b/pdns/recursordist/rec-zonetocache.cc @@ -40,7 +40,7 @@ struct ZoneData { - ZoneData(Logr::log_t log, const std::string& zone) : + ZoneData(const std::shared_ptr& log, const std::string& zone) : d_log(log), d_zone(zone), d_now(time(nullptr)) {} @@ -53,16 +53,16 @@ struct ZoneData // Maybe use a SuffixMatchTree? std::set d_delegations; - Logr::log_t d_log; + std::shared_ptr d_log; DNSName d_zone; time_t d_now; - bool isRRSetAuth(const DNSName& qname, QType qtype) const; - void parseDRForCache(DNSRecord& dr); - pdns::ZoneMD::Result getByAXFR(const RecZoneToCache::Config&, pdns::ZoneMD&); - pdns::ZoneMD::Result processLines(const std::vector& lines, const RecZoneToCache::Config& config, pdns::ZoneMD&); + [[nodiscard]] bool isRRSetAuth(const DNSName& qname, QType qtype) const; + void parseDRForCache(DNSRecord& resourceRecord); + pdns::ZoneMD::Result getByAXFR(const RecZoneToCache::Config& config, pdns::ZoneMD& zonemd); + pdns::ZoneMD::Result processLines(const std::vector& lines, const RecZoneToCache::Config& config, pdns::ZoneMD& zonemd); void ZoneToCache(const RecZoneToCache::Config& config); - vState dnssecValidate(pdns::ZoneMD&, size_t& zonemdCount) const; + vState dnssecValidate(pdns::ZoneMD& zonemd, size_t& zonemdCount) const; }; bool ZoneData::isRRSetAuth(const DNSName& qname, QType qtype) const @@ -78,42 +78,43 @@ bool ZoneData::isRRSetAuth(const DNSName& qname, QType qtype) const break; } delegatedZone.chopOff(); - if (delegatedZone == g_rootdnsname || delegatedZone == d_zone) + if (delegatedZone == g_rootdnsname || delegatedZone == d_zone) { break; + } } return !isDelegated; } -void ZoneData::parseDRForCache(DNSRecord& dr) +void ZoneData::parseDRForCache(DNSRecord& dnsRecord) { - if (dr.d_class != QClass::IN) { + if (dnsRecord.d_class != QClass::IN) { return; } - const auto key = pair(dr.d_name, dr.d_type); + const auto key = pair(dnsRecord.d_name, dnsRecord.d_type); - dr.d_ttl += d_now; + dnsRecord.d_ttl += d_now; - switch (dr.d_type) { + switch (dnsRecord.d_type) { case QType::NSEC: case QType::NSEC3: break; case QType::RRSIG: { - const auto& rr = getRR(dr); - const auto sigkey = pair(key.first, rr->d_type); + const auto rrsig = getRR(dnsRecord); + const auto sigkey = pair(key.first, rrsig->d_type); auto found = d_sigs.find(sigkey); if (found != d_sigs.end()) { - found->second.push_back(rr); + found->second.push_back(rrsig); } else { vector> sigsrr; - sigsrr.push_back(rr); + sigsrr.push_back(rrsig); d_sigs.insert({sigkey, sigsrr}); } break; } case QType::NS: - if (dr.d_name != d_zone) { - d_delegations.insert(dr.d_name); + if (dnsRecord.d_name != d_zone) { + d_delegations.insert(dnsRecord.d_name); } break; default: @@ -122,12 +123,12 @@ void ZoneData::parseDRForCache(DNSRecord& dr) auto found = d_all.find(key); if (found != d_all.end()) { - found->second.push_back(dr); + found->second.push_back(dnsRecord); } else { - vector v; - v.push_back(dr); - d_all.insert({key, v}); + vector dnsRecords; + dnsRecords.push_back(dnsRecord); + d_all.insert({key, dnsRecords}); } } @@ -136,24 +137,24 @@ pdns::ZoneMD::Result ZoneData::getByAXFR(const RecZoneToCache::Config& config, p ComboAddress primary = ComboAddress(config.d_sources.at(0), 53); uint16_t axfrTimeout = config.d_timeout; size_t maxReceivedBytes = config.d_maxReceivedBytes; - const TSIGTriplet tt = config.d_tt; + const TSIGTriplet tsigTriplet = config.d_tt; ComboAddress local = config.d_local; if (local == ComboAddress()) { local = pdns::getQueryLocalAddress(primary.sin4.sin_family, 0); } - AXFRRetriever axfr(primary, d_zone, tt, &local, maxReceivedBytes, axfrTimeout); + AXFRRetriever axfr(primary, d_zone, tsigTriplet, &local, maxReceivedBytes, axfrTimeout); Resolver::res_t nop; vector chunk; time_t axfrStart = time(nullptr); time_t axfrNow = time(nullptr); - while (axfr.getChunk(nop, &chunk, (axfrStart + axfrTimeout - axfrNow))) { - for (auto& dr : chunk) { + while (axfr.getChunk(nop, &chunk, (axfrStart + axfrTimeout - axfrNow)) != 0) { + for (auto& dnsRecord : chunk) { if (config.d_zonemd != pdns::ZoneMD::Config::Ignore) { - zonemd.readRecord(dr); + zonemd.readRecord(dnsRecord); } - parseDRForCache(dr); + parseDRForCache(dnsRecord); } axfrNow = time(nullptr); if (axfrNow < axfrStart || axfrNow - axfrStart > axfrTimeout) { @@ -161,7 +162,8 @@ pdns::ZoneMD::Result ZoneData::getByAXFR(const RecZoneToCache::Config& config, p } } if (config.d_zonemd != pdns::ZoneMD::Config::Ignore) { - bool validationDone, validationSuccess; + bool validationDone = false; + bool validationSuccess = false; zonemd.verify(validationDone, validationSuccess); d_log->info(Logr::Info, "ZONEMD digest validation", "validationDone", Logging::Loggable(validationDone), "validationSuccess", Logging::Loggable(validationSuccess)); @@ -194,9 +196,9 @@ static std::vector getURL(const RecZoneToCache::Config& config) { std::vector lines; #ifdef HAVE_LIBCURL - MiniCurl mc; + MiniCurl miniCurl; ComboAddress local = config.d_local; - std::string reply = mc.getURL(config.d_sources.at(0), nullptr, local == ComboAddress() ? nullptr : &local, config.d_timeout, false, true); + std::string reply = miniCurl.getURL(config.d_sources.at(0), nullptr, local == ComboAddress() ? nullptr : &local, static_cast(config.d_timeout), false, true); if (config.d_maxReceivedBytes > 0 && reply.size() > config.d_maxReceivedBytes) { // We should actually detect this *during* the GET throw std::runtime_error("Retrieved data exceeds maxReceivedBytes"); @@ -220,14 +222,15 @@ pdns::ZoneMD::Result ZoneData::processLines(const vector& lines, const R zpt.setMaxIncludes(0); while (zpt.get(drr)) { - DNSRecord dr(drr); + DNSRecord dnsRecord(drr); if (config.d_zonemd != pdns::ZoneMD::Config::Ignore) { - zonemd.readRecord(dr); + zonemd.readRecord(dnsRecord); } - parseDRForCache(dr); + parseDRForCache(dnsRecord); } if (config.d_zonemd != pdns::ZoneMD::Config::Ignore) { - bool validationDone, validationSuccess; + bool validationDone = false; + bool validationSuccess = false; zonemd.verify(validationDone, validationSuccess); d_log->info(Logr::Info, "ZONEMD digest validation", "validationDone", Logging::Loggable(validationDone), "validationSuccess", Logging::Loggable(validationSuccess)); @@ -245,19 +248,19 @@ vState ZoneData::dnssecValidate(pdns::ZoneMD& zonemd, size_t& zonemdCount) const { zonemdCount = 0; - SyncRes sr({d_now, 0}); - sr.setDoDNSSEC(true); - sr.setDNSSECValidationRequested(true); + SyncRes resolver({d_now, 0}); + resolver.setDoDNSSEC(true); + resolver.setDNSSECValidationRequested(true); dsmap_t dsmap; // Actually a set - vState dsState = sr.getDSRecords(d_zone, dsmap, false, 0, ""); + vState dsState = resolver.getDSRecords(d_zone, dsmap, false, 0, ""); if (dsState != vState::Secure) { return dsState; } skeyset_t dnsKeys; sortedRecords_t records; - if (zonemd.getDNSKEYs().size() == 0) { + if (zonemd.getDNSKEYs().empty()) { return vState::BogusUnableToGetDNSKEYs; } for (const auto& key : zonemd.getDNSKEYs()) { @@ -271,7 +274,7 @@ vState ZoneData::dnssecValidate(pdns::ZoneMD& zonemd, size_t& zonemdCount) const return dnsKeyState; } - if (validKeys.size() == 0) { + if (validKeys.empty()) { return vState::BogusNoValidDNSKEY; } @@ -284,14 +287,14 @@ vState ZoneData::dnssecValidate(pdns::ZoneMD& zonemd, size_t& zonemdCount) const const auto& nsec3s = zonemd.getNSEC3s(); cspmap_t csp; - vState nsecValidationStatus; + vState nsecValidationStatus = vState::Indeterminate; - if (nsecs.records.size() > 0 && nsecs.signatures.size() > 0) { + if (!nsecs.records.empty() && !nsecs.signatures.empty()) { // Valdidate the NSEC nsecValidationStatus = validateWithKeySet(d_now, d_zone, nsecs.records, nsecs.signatures, validKeys, std::nullopt); csp.emplace(std::pair(d_zone, QType::NSEC), nsecs); } - else if (nsec3s.records.size() > 0 && nsec3s.signatures.size() > 0) { + else if (!nsec3s.records.empty() && !nsec3s.signatures.empty()) { // Validate NSEC3PARAMS records.clear(); for (const auto& rec : zonemd.getNSEC3Params()) { @@ -336,7 +339,7 @@ vState ZoneData::dnssecValidate(pdns::ZoneMD& zonemd, size_t& zonemdCount) const void ZoneData::ZoneToCache(const RecZoneToCache::Config& config) { if (config.d_sources.size() > 1) { - d_log->info(Logr::Notice, "Multiple sources not yet supported, using first"); + d_log->info(Logr::Warning, "Multiple sources not yet supported, using first"); } if (config.d_dnssec == pdns::ZoneMD::Config::Require && (g_dnssecmode == DNSSECMode::Off || g_dnssecmode == DNSSECMode::ProcessNoValidate)) { @@ -368,7 +371,7 @@ void ZoneData::ZoneToCache(const RecZoneToCache::Config& config) // Validate DNSKEYs and ZONEMD, rest of records are validated on-demand by SyncRes if (config.d_dnssec == pdns::ZoneMD::Config::Require || (g_dnssecmode != DNSSECMode::Off && g_dnssecmode != DNSSECMode::ProcessNoValidate && config.d_dnssec != pdns::ZoneMD::Config::Ignore)) { - size_t zonemdCount; + size_t zonemdCount = 0; auto validationStatus = dnssecValidate(zonemd, zonemdCount); d_log->info(Logr::Info, "ZONEMD record related DNSSEC validation", "validationStatus", Logging::Loggable(validationStatus), "zonemdCount", Logging::Loggable(zonemdCount)); @@ -397,14 +400,13 @@ void ZoneData::ZoneToCache(const RecZoneToCache::Config& config) switch (qtype) { case QType::NSEC: case QType::NSEC3: - break; case QType::RRSIG: break; default: { vector> sigsrr; - auto it = d_sigs.find(key); - if (it != d_sigs.end()) { - sigsrr = it->second; + auto iter = d_sigs.find(key); + if (iter != d_sigs.end()) { + sigsrr = iter->second; } bool auth = isRRSetAuth(qname, qtype); // Same decision as updateCacheFromRecords() (we do not test for NSEC since we skip those completely) @@ -471,5 +473,4 @@ void RecZoneToCache::ZoneToCache(const RecZoneToCache::Config& config, RecZoneTo log->info(Logr::Error, "Unable to load zone into cache, will retry", "refresh", Logging::Loggable(state.d_waittime)); } state.d_lastrun = time(nullptr); - return; } diff --git a/pdns/recursordist/rec-zonetocache.hh b/pdns/recursordist/rec-zonetocache.hh index 317af52fac..8d946cfd82 100644 --- a/pdns/recursordist/rec-zonetocache.hh +++ b/pdns/recursordist/rec-zonetocache.hh @@ -39,7 +39,7 @@ public: TSIGTriplet d_tt; // Authentication data size_t d_maxReceivedBytes{0}; // Maximum size time_t d_retryOnError{60}; // Retry on error - time_t d_refreshPeriod{24 * 3600}; // Time between refetch + time_t d_refreshPeriod{static_cast(24 *3600)}; // Time between refetch uint32_t d_timeout{20}; // timeout in seconds pdns::ZoneMD::Config d_zonemd{pdns::ZoneMD::Config::Validate}; pdns::ZoneMD::Config d_dnssec{pdns::ZoneMD::Config::Validate}; @@ -49,7 +49,7 @@ public: { time_t d_lastrun{0}; time_t d_waittime{0}; - uint64_t d_generation; + uint64_t d_generation{0}; }; static void maintainStates(const map&, map&, uint64_t mygeneration);