From: Evan Hunt Date: Wed, 21 May 2025 20:22:58 +0000 (-0700) Subject: standardize CHECK and RETERR macros X-Git-Tag: v9.21.16~3^2~7 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=52bba5cc343cb105232bb1631b97a8577b751fee;p=thirdparty%2Fbind9.git standardize CHECK and RETERR macros previously, there were over 40 separate definitions of CHECK macros, of which most used "goto cleanup", and the rest "goto failure" or "goto out". there were another 10 definitions of RETERR, of which most were identical to CHECK, but some simply returned a result code instead of jumping to a cleanup label. this has now been standardized throughout the code base: RETERR is for returning an error code in the case of an error, and CHECK is for jumping to a cleanup tag, which is now always called "cleanup". both macros are defined in isc/util.h. --- diff --git a/bin/check/check-tool.c b/bin/check/check-tool.c index b7ca8a8936c..0fd104c4372 100644 --- a/bin/check/check-tool.c +++ b/bin/check/check-tool.c @@ -52,13 +52,6 @@ #define CHECK_LOCAL 1 #endif /* ifndef CHECK_LOCAL */ -#define CHECK(r) \ - do { \ - result = (r); \ - if (result != ISC_R_SUCCESS) \ - goto cleanup; \ - } while (0) - #define ERR_IS_CNAME 1 #define ERR_NO_ADDRESSES 2 #define ERR_LOOKUP_FAILURE 3 diff --git a/bin/check/named-checkconf.c b/bin/check/named-checkconf.c index 6355079f40c..caac86ee256 100644 --- a/bin/check/named-checkconf.c +++ b/bin/check/named-checkconf.c @@ -44,13 +44,6 @@ #include "check-tool.h" -#define CHECK(r) \ - do { \ - result = (r); \ - if (result != ISC_R_SUCCESS) \ - goto cleanup; \ - } while (0) - /*% usage */ ISC_NORETURN static void usage(void); diff --git a/bin/delv/delv.c b/bin/delv/delv.c index f805e7dd888..80f52231f35 100644 --- a/bin/delv/delv.c +++ b/bin/delv/delv.c @@ -84,13 +84,6 @@ #include -#define CHECK(r) \ - do { \ - result = (r); \ - if (result != ISC_R_SUCCESS) \ - goto cleanup; \ - } while (0) - #define MAXNAME (DNS_NAME_MAXTEXT + 1) #define MAX_QUERIES 50 diff --git a/bin/dnssec/dnssec-ksr.c b/bin/dnssec/dnssec-ksr.c index a4ef81b82ec..7240da42786 100644 --- a/bin/dnssec/dnssec-ksr.c +++ b/bin/dnssec/dnssec-ksr.c @@ -91,24 +91,9 @@ static int min_dh = 128; #define READLINE(lex, opt, token) -#define NEXTTOKEN(lex, opt, token) \ - { \ - ret = isc_lex_gettoken(lex, opt, token); \ - if (ret != ISC_R_SUCCESS) \ - goto cleanup; \ - } - -#define BADTOKEN() \ - { \ - ret = ISC_R_UNEXPECTEDTOKEN; \ - goto cleanup; \ - } +#define NEXTTOKEN(lex, opt, token) CHECK(isc_lex_gettoken(lex, opt, token)) -#define CHECK(r) \ - ret = (r); \ - if (ret != ISC_R_SUCCESS) { \ - goto fail; \ - } +#define BADTOKEN() CHECK(ISC_R_UNEXPECTEDTOKEN) isc_bufferlist_t cleanup_list = ISC_LIST_INITIALIZER; @@ -209,16 +194,16 @@ get_dnskeys(ksr_ctx_t *ksr, dns_dnsseckeylist_t *keys) { dns_dnsseckeylist_t keys_read; dns_dnsseckey_t **keys_sorted; int i = 0, n = 0; - isc_result_t ret; + isc_result_t result; ISC_LIST_INIT(*keys); ISC_LIST_INIT(keys_read); - ret = dns_dnssec_findmatchingkeys(name, NULL, ksr->keydir, NULL, - ksr->now, false, isc_g_mctx, - &keys_read); - if (ret != ISC_R_SUCCESS && ret != ISC_R_NOTFOUND) { + result = dns_dnssec_findmatchingkeys(name, NULL, ksr->keydir, NULL, + ksr->now, false, isc_g_mctx, + &keys_read); + if (result != ISC_R_SUCCESS && result != ISC_R_NOTFOUND) { fatal("failed to load existing keys from %s: %s", ksr->keydir, - isc_result_totext(ret)); + isc_result_totext(result)); } /* Sort on keytag. */ ISC_LIST_FOREACH(keys_read, dk, link) { @@ -323,7 +308,7 @@ create_key(ksr_ctx_t *ksr, dns_kasp_t *kasp, dns_kasp_key_t *kaspkey, dst_key_t *key = NULL; int options = (DST_TYPE_PRIVATE | DST_TYPE_PUBLIC | DST_TYPE_STATE); isc_buffer_t buf; - isc_result_t ret; + isc_result_t result; isc_stdtime_t prepub; uint16_t flags = DNS_KEYOWNER_ZONE; @@ -421,26 +406,26 @@ create_key(ksr_ctx_t *ksr, dns_kasp_t *kasp, dns_kasp_key_t *kaspkey, "Generating key pair for bundle %s: ", timestr); } if (ksr->keystore != NULL && ksr->policy != NULL) { - ret = dns_keystore_keygen( + result = dns_keystore_keygen( ksr->keystore, name, ksr->policy, dns_rdataclass_in, isc_g_mctx, ksr->alg, ksr->size, flags, &key); } else if (show_progress) { - ret = dst_key_generate(name, ksr->alg, ksr->size, 0, - flags, DNS_KEYPROTO_DNSSEC, - dns_rdataclass_in, NULL, - isc_g_mctx, &key, &progress); + result = dst_key_generate(name, ksr->alg, ksr->size, 0, + flags, DNS_KEYPROTO_DNSSEC, + dns_rdataclass_in, NULL, + isc_g_mctx, &key, &progress); fflush(stderr); } else { - ret = dst_key_generate(name, ksr->alg, ksr->size, 0, - flags, DNS_KEYPROTO_DNSSEC, - dns_rdataclass_in, NULL, - isc_g_mctx, &key, NULL); + result = dst_key_generate(name, ksr->alg, ksr->size, 0, + flags, DNS_KEYPROTO_DNSSEC, + dns_rdataclass_in, NULL, + isc_g_mctx, &key, NULL); } - if (ret != ISC_R_SUCCESS) { + if (result != ISC_R_SUCCESS) { fatal("failed to generate key %s/%s: %s\n", namestr, - algstr, isc_result_totext(ret)); + algstr, isc_result_totext(result)); } /* Do not overwrite an existing key. */ @@ -451,9 +436,9 @@ create_key(ksr_ctx_t *ksr, dns_kasp_t *kasp, dns_kasp_key_t *kaspkey, conflict = true; if (verbose > 0) { isc_buffer_clear(&buf); - ret = dst_key_buildfilename(key, 0, ksr->keydir, - &buf); - if (ret == ISC_R_SUCCESS) { + result = dst_key_buildfilename( + key, 0, ksr->keydir, &buf); + if (result == ISC_R_SUCCESS) { fprintf(stderr, "%s: %s already exists, or " "might collide with another " @@ -502,20 +487,20 @@ create_key(ksr_ctx_t *ksr, dns_kasp_t *kasp, dns_kasp_key_t *kaspkey, *expiration = 0; } - ret = dst_key_tofile(key, options, ksr->keydir); - if (ret != ISC_R_SUCCESS) { + result = dst_key_tofile(key, options, ksr->keydir); + if (result != ISC_R_SUCCESS) { char keystr[DST_KEY_FORMATSIZE]; dst_key_format(key, keystr, sizeof(keystr)); fatal("failed to write key %s: %s\n", keystr, - isc_result_totext(ret)); + isc_result_totext(result)); } output: isc_buffer_clear(&buf); - ret = dst_key_buildfilename(key, 0, NULL, &buf); - if (ret != ISC_R_SUCCESS) { + result = dst_key_buildfilename(key, 0, NULL, &buf); + if (result != ISC_R_SUCCESS) { fatal("dst_key_buildfilename returned: %s\n", - isc_result_totext(ret)); + isc_result_totext(result)); } printf("%s\n", filename); fflush(stdout); @@ -528,12 +513,12 @@ static void print_rdata(dns_rdataset_t *rrset) { isc_buffer_t target; isc_region_t r; - isc_result_t ret; + isc_result_t result; char buf[4096]; isc_buffer_init(&target, buf, sizeof(buf)); - ret = dns_rdataset_totext(rrset, name, false, false, &target); - if (ret != ISC_R_SUCCESS) { + result = dns_rdataset_totext(rrset, name, false, false, &target); + if (result != ISC_R_SUCCESS) { fatal("failed to print rdata"); } isc_buffer_usedregion(&target, &r); @@ -547,7 +532,7 @@ print_dnskeys(dns_kasp_key_t *kaspkey, dns_ttl_t ttl, dns_dnsseckeylist_t *keys, char timestr[26]; /* Minimal buf as per ctime_r() spec. */ dns_rdatalist_t *rdatalist = NULL; dns_rdataset_t rdataset = DNS_RDATASET_INIT; - isc_result_t ret = ISC_R_SUCCESS; + isc_result_t result = ISC_R_SUCCESS; isc_stdtime_t next_bundle = next_inception; isc_stdtime_tostring(inception, timestr, sizeof(timestr)); @@ -614,11 +599,11 @@ print_dnskeys(dns_kasp_key_t *kaspkey, dns_ttl_t ttl, dns_dnsseckeylist_t *keys, dns_rdatalist_tordataset(rdatalist, &rdataset); print_rdata(&rdataset); -fail: +cleanup: /* Cleanup */ freerrset(&rdataset); - if (ret != ISC_R_SUCCESS) { + if (result != ISC_R_SUCCESS) { fatal("failed to print %s/%s zsk key pair found for bundle %s", namestr, algstr, timestr); } @@ -631,7 +616,7 @@ sign_rrset(ksr_ctx_t *ksr, isc_stdtime_t inception, isc_stdtime_t expiration, dns_rdataset_t *rrset, dns_dnsseckeylist_t *keys) { dns_rdatalist_t *rrsiglist = NULL; dns_rdataset_t rrsigset = DNS_RDATASET_INIT; - isc_result_t ret; + isc_result_t result; isc_stdtime_t next_bundle = expiration; UNUSED(ksr); @@ -646,10 +631,10 @@ sign_rrset(ksr_ctx_t *ksr, isc_stdtime_t inception, isc_stdtime_t expiration, isc_buffer_init(&timebuf, timestr, sizeof(timestr)); isc_stdtime_tostring(inception, timestr, sizeof(timestr)); isc_buffer_init(&b, utc, sizeof(utc)); - ret = dns_time32_totext(inception, &b); - if (ret != ISC_R_SUCCESS) { + result = dns_time32_totext(inception, &b); + if (result != ISC_R_SUCCESS) { fatal("failed to convert bundle time32 to text: %s", - isc_result_totext(ret)); + isc_result_totext(result)); } isc_buffer_usedregion(&b, &r); fprintf(stdout, ";; SignedKeyResponse 1.0 %.*s (%s)\n", @@ -696,9 +681,9 @@ sign_rrset(ksr_ctx_t *ksr, isc_stdtime_t inception, isc_stdtime_t expiration, rrsig = isc_mem_get(isc_g_mctx, sizeof(*rrsig)); dns_rdata_init(rrsig); isc_buffer_init(&buf, rdatabuf, sizeof(rdatabuf)); - ret = dns_dnssec_sign(name, rrset, dk->key, &clockskew, - &expiration, isc_g_mctx, &buf, &rdata); - if (ret != ISC_R_SUCCESS) { + result = dns_dnssec_sign(name, rrset, dk->key, &clockskew, + &expiration, isc_g_mctx, &buf, &rdata); + if (result != ISC_R_SUCCESS) { fatal("failed to sign KSR"); } isc_buffer_usedregion(&buf, &rs); @@ -733,7 +718,7 @@ get_keymaterial(ksr_ctx_t *ksr, dns_kasp_t *kasp, isc_stdtime_t inception, dns_rdatalist_t *cdnskeylist = isc_mem_get(isc_g_mctx, sizeof(*cdnskeylist)); dns_rdatalist_t *cdslist = isc_mem_get(isc_g_mctx, sizeof(*cdslist)); - isc_result_t ret = ISC_R_SUCCESS; + isc_result_t result = ISC_R_SUCCESS; isc_stdtime_t next_bundle = next_inception; dns_rdatalist_init(dnskeylist); @@ -873,7 +858,7 @@ get_keymaterial(ksr_ctx_t *ksr, dns_kasp_t *kasp, isc_stdtime_t inception, return next_bundle; -fail: +cleanup: fatal("failed to create KSK/CDS/CDNSKEY"); return 0; } @@ -968,7 +953,7 @@ parse_dnskey(isc_lex_t *lex, char *owner, isc_buffer_t *buf, dns_ttl_t *ttl) { dns_name_t *dname = NULL; dns_rdataclass_t rdclass = dns_rdataclass_in; isc_buffer_t b; - isc_result_t ret; + isc_result_t result; isc_token_t token; unsigned int opt = ISC_LEXOPT_EOL; @@ -982,12 +967,12 @@ parse_dnskey(isc_lex_t *lex, char *owner, isc_buffer_t *buf, dns_ttl_t *ttl) { dname = dns_fixedname_initname(&dfname); isc_buffer_init(&b, owner, strlen(owner)); isc_buffer_add(&b, strlen(owner)); - ret = dns_name_fromtext(dname, &b, dns_rootname, 0); - if (ret != ISC_R_SUCCESS) { + result = dns_name_fromtext(dname, &b, dns_rootname, 0); + if (result != ISC_R_SUCCESS) { goto cleanup; } if (dns_name_compare(dname, name) != 0) { - ret = DNS_R_BADOWNERNAME; + result = DNS_R_BADOWNERNAME; goto cleanup; } isc_buffer_clear(&b); @@ -999,8 +984,8 @@ parse_dnskey(isc_lex_t *lex, char *owner, isc_buffer_t *buf, dns_ttl_t *ttl) { } /* If it's a TTL, read the next one */ - ret = dns_ttl_fromtext(&token.value.as_textregion, ttl); - if (ret == ISC_R_SUCCESS) { + result = dns_ttl_fromtext(&token.value.as_textregion, ttl); + if (result == ISC_R_SUCCESS) { NEXTTOKEN(lex, opt, &token); } if (token.type != isc_tokentype_string) { @@ -1008,8 +993,8 @@ parse_dnskey(isc_lex_t *lex, char *owner, isc_buffer_t *buf, dns_ttl_t *ttl) { } /* If it's a class, read the next one */ - ret = dns_rdataclass_fromtext(&rdclass, &token.value.as_textregion); - if (ret == ISC_R_SUCCESS) { + result = dns_rdataclass_fromtext(&rdclass, &token.value.as_textregion); + if (result == ISC_R_SUCCESS) { NEXTTOKEN(lex, opt, &token); } if (token.type != isc_tokentype_string) { @@ -1021,12 +1006,12 @@ parse_dnskey(isc_lex_t *lex, char *owner, isc_buffer_t *buf, dns_ttl_t *ttl) { BADTOKEN(); } - ret = dns_rdata_fromtext(NULL, rdclass, dns_rdatatype_dnskey, lex, name, - 0, isc_g_mctx, buf, NULL); + result = dns_rdata_fromtext(NULL, rdclass, dns_rdatatype_dnskey, lex, + name, 0, isc_g_mctx, buf, NULL); cleanup: isc_lex_setcomments(lex, 0); - return ret; + return result; } static void @@ -1097,14 +1082,14 @@ request(ksr_ctx_t *ksr) { char utc[sizeof("YYYYMMDDHHSSMM")]; isc_buffer_t b; isc_region_t r; - isc_result_t ret; + isc_result_t result; isc_stdtime_tostring(inception, timestr, sizeof(timestr)); isc_buffer_init(&b, utc, sizeof(utc)); - ret = dns_time32_totext(inception, &b); - if (ret != ISC_R_SUCCESS) { + result = dns_time32_totext(inception, &b); + if (result != ISC_R_SUCCESS) { fatal("failed to convert bundle time32 to text: %s", - isc_result_totext(ret)); + isc_result_totext(result)); } isc_buffer_usedregion(&b, &r); fprintf(stdout, ";; KeySigningRequest 1.0 %.*s (%s)\n", @@ -1146,7 +1131,7 @@ sign(ksr_ctx_t *ksr) { dns_dnsseckeylist_t keys; dns_kasp_t *kasp = NULL; dns_rdatalist_t *rdatalist = NULL; - isc_result_t ret; + isc_result_t result; isc_stdtime_t inception; isc_lex_t *lex = NULL; isc_lexspecials_t specials; @@ -1172,14 +1157,15 @@ sign(ksr_ctx_t *ksr) { specials[')'] = 1; specials['"'] = 1; isc_lex_setspecials(lex, specials); - ret = isc_lex_openfile(lex, ksr->file); - if (ret != ISC_R_SUCCESS) { + result = isc_lex_openfile(lex, ksr->file); + if (result != ISC_R_SUCCESS) { fatal("unable to open KSR file %s: %s", ksr->file, - isc_result_totext(ret)); + isc_result_totext(result)); } - for (ret = isc_lex_gettoken(lex, opt, &token); ret == ISC_R_SUCCESS; - ret = isc_lex_gettoken(lex, opt, &token)) + for (result = isc_lex_gettoken(lex, opt, &token); + result == ISC_R_SUCCESS; + result = isc_lex_gettoken(lex, opt, &token)) { if (token.type != isc_tokentype_string) { fatal("bad KSR file %s(%lu): syntax error", ksr->file, @@ -1245,13 +1231,13 @@ sign(ksr_ctx_t *ksr) { readline: /* Read remainder of header line */ do { - ret = isc_lex_gettoken(lex, opt, &token); - if (ret != ISC_R_SUCCESS) { + result = isc_lex_gettoken(lex, opt, &token); + if (result != ISC_R_SUCCESS) { fatal("bad KSR file %s(%lu): bad " "header (%s)", ksr->file, isc_lex_getsourceline(lex), - isc_result_totext(ret)); + isc_result_totext(result)); } } while (token.type != isc_tokentype_eol); } else { @@ -1268,11 +1254,11 @@ sign(ksr_ctx_t *ksr) { rdata = isc_mem_get(isc_g_mctx, sizeof(*rdata)); dns_rdata_init(rdata); isc_buffer_init(&buf, rdatabuf, sizeof(rdatabuf)); - ret = parse_dnskey(lex, STR(token), &buf, &ttl); - if (ret != ISC_R_SUCCESS) { + result = parse_dnskey(lex, STR(token), &buf, &ttl); + if (result != ISC_R_SUCCESS) { fatal("bad KSR file %s(%lu): bad DNSKEY (%s)", ksr->file, isc_lex_getsourceline(lex), - isc_result_totext(ret)); + isc_result_totext(result)); } isc_buffer_usedregion(&buf, &r); isc_buffer_allocate(isc_g_mctx, &newbuf, r.length); @@ -1290,7 +1276,7 @@ sign(ksr_ctx_t *ksr) { } } - if (ret != ISC_R_EOF) { + if (result != ISC_R_EOF) { fatal("bad KSR file %s(%lu): trailing garbage data", ksr->file, isc_lex_getsourceline(lex)); } @@ -1308,14 +1294,14 @@ sign(ksr_ctx_t *ksr) { fprintf(stdout, ";; SignedKeyResponse 1.0 generated at %s by %s\n", timestr, PACKAGE_VERSION); -fail: +cleanup: isc_lex_destroy(&lex); cleanup(&keys, kasp); } int main(int argc, char *argv[]) { - isc_result_t ret; + isc_result_t result; isc_buffer_t buf; int ch; char *endp; @@ -1354,10 +1340,10 @@ main(int argc, char *argv[]) { break; case 'K': ksr.keydir = isc_commandline_argument; - ret = try_dir(ksr.keydir); - if (ret != ISC_R_SUCCESS) { + result = try_dir(ksr.keydir); + if (result != ISC_R_SUCCESS) { fatal("cannot open directory %s: %s", - ksr.keydir, isc_result_totext(ret)); + ksr.keydir, isc_result_totext(result)); } break; case 'k': @@ -1405,10 +1391,10 @@ main(int argc, char *argv[]) { name = dns_fixedname_initname(&fname); isc_buffer_init(&buf, argv[1], strlen(argv[1])); isc_buffer_add(&buf, strlen(argv[1])); - ret = dns_name_fromtext(name, &buf, dns_rootname, 0); - if (ret != ISC_R_SUCCESS) { + result = dns_name_fromtext(name, &buf, dns_rootname, 0); + if (result != ISC_R_SUCCESS) { fatal("invalid zone name %s: %s", argv[1], - isc_result_totext(ret)); + isc_result_totext(result)); } /* command */ diff --git a/bin/named/controlconf.c b/bin/named/controlconf.c index e1d1a46d7e8..a4aba2ea252 100644 --- a/bin/named/controlconf.c +++ b/bin/named/controlconf.c @@ -149,14 +149,6 @@ ISC_REFCOUNT_DECL(controlconnection); #define CLOCKSKEW 300 -#define CHECK(x) \ - { \ - result = (x); \ - if (result != ISC_R_SUCCESS) { \ - goto cleanup; \ - } \ - } - static void free_controlkey(controlkey_t *key, isc_mem_t *mctx) { if (key->keyname != NULL) { diff --git a/bin/named/logconf.c b/bin/named/logconf.c index 1b0412009df..b1e8cdc7f97 100644 --- a/bin/named/logconf.c +++ b/bin/named/logconf.c @@ -28,13 +28,6 @@ #include #include -#define CHECK(op) \ - do { \ - result = (op); \ - if (result != ISC_R_SUCCESS) \ - goto cleanup; \ - } while (0) - /*% * Set up a logging category according to the named.conf data * in 'ccat' and add it to 'logconfig'. diff --git a/bin/named/server.c b/bin/named/server.c index a6f262b3c0d..f99e897dd77 100644 --- a/bin/named/server.c +++ b/bin/named/server.c @@ -180,13 +180,6 @@ * Check an operation for failure. Assumes that the function * using it has a 'result' variable and a 'cleanup' label. */ -#define CHECK(op) \ - do { \ - result = (op); \ - if (result != ISC_R_SUCCESS) \ - goto cleanup; \ - } while (0) - #define TCHECK(op) \ do { \ tresult = (op); \ diff --git a/bin/named/statschannel.c b/bin/named/statschannel.c index eacb2d25eaa..a56f0cc58f0 100644 --- a/bin/named/statschannel.c +++ b/bin/named/statschannel.c @@ -64,14 +64,6 @@ #define STATS_JSON_VERSION_MINOR "8" #define STATS_JSON_VERSION STATS_JSON_VERSION_MAJOR "." STATS_JSON_VERSION_MINOR -#define CHECK(m) \ - do { \ - result = (m); \ - if (result != ISC_R_SUCCESS) { \ - goto cleanup; \ - } \ - } while (0) - struct named_statschannel { /* Unlocked */ isc_httpdmgr_t *httpdmgr; diff --git a/bin/named/tkeyconf.c b/bin/named/tkeyconf.c index 768e0fac058..633d19c61e4 100644 --- a/bin/named/tkeyconf.c +++ b/bin/named/tkeyconf.c @@ -21,6 +21,7 @@ #include +#include #include void @@ -28,11 +29,10 @@ named_tkeyctx_fromconfig(const cfg_obj_t *options, isc_mem_t *mctx, dns_tkeyctx_t **tctxp) { isc_result_t result; dns_tkeyctx_t *tctx = NULL; - const cfg_obj_t *obj; + const cfg_obj_t *obj = NULL; dns_tkeyctx_create(mctx, &tctx); - obj = NULL; result = cfg_map_get(options, "tkey-gssapi-keytab", &obj); if (result == ISC_R_SUCCESS) { const char *s = cfg_obj_asstring(obj); diff --git a/bin/named/transportconf.c b/bin/named/transportconf.c index bedb3d52433..de02ab7bb26 100644 --- a/bin/named/transportconf.c +++ b/bin/named/transportconf.c @@ -183,11 +183,6 @@ failure: return result; } -#define CHECK(f) \ - if ((result = f) != ISC_R_SUCCESS) { \ - goto failure; \ - } - static isc_result_t transport_list_fromconfig(const cfg_obj_t *config, dns_transport_list_t *list) { const cfg_obj_t *obj = NULL; diff --git a/bin/named/zoneconf.c b/bin/named/zoneconf.c index 15a1a8c71a3..9ad15e05479 100644 --- a/bin/named/zoneconf.c +++ b/bin/named/zoneconf.c @@ -62,13 +62,6 @@ typedef enum { allow_update_forwarding } acl_type_t; -#define CHECK(x) \ - do { \ - result = (x); \ - if (result != ISC_R_SUCCESS) \ - goto cleanup; \ - } while (0) - /*% * Convenience function for configuring a single zone ACL. */ @@ -2141,12 +2134,9 @@ named_zone_loadplugins(dns_zone_t *zone, const cfg_obj_t *config, ns_plugins_create(zmctx, &hookdata.plugins); dns_zone_setplugins(zone, hookdata.plugins, ns_plugins_free); - result = cfg_pluginlist_foreach(config, tpluginlist, aclctx, - named_register_one_plugin, - &hookdata); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(cfg_pluginlist_foreach(config, tpluginlist, aclctx, + named_register_one_plugin, + &hookdata)); result = cfg_pluginlist_foreach(config, zpluginlist, aclctx, named_register_one_plugin, diff --git a/bin/plugins/filter-a.c b/bin/plugins/filter-a.c index fff9cc97451..d5a9d0b2688 100644 --- a/bin/plugins/filter-a.c +++ b/bin/plugins/filter-a.c @@ -46,14 +46,6 @@ #include #include -#define CHECK(op) \ - do { \ - result = (op); \ - if (result != ISC_R_SUCCESS) { \ - goto cleanup; \ - } \ - } while (0) - /* * Possible values for the settings of filter-a-on-v6 and * filter-a-on-v4: "no" is NONE, "yes" is FILTER, "break-dnssec" diff --git a/bin/plugins/filter-aaaa.c b/bin/plugins/filter-aaaa.c index 986267c5a68..007d952e7e1 100644 --- a/bin/plugins/filter-aaaa.c +++ b/bin/plugins/filter-aaaa.c @@ -46,14 +46,6 @@ #include #include -#define CHECK(op) \ - do { \ - result = (op); \ - if (result != ISC_R_SUCCESS) { \ - goto cleanup; \ - } \ - } while (0) - /* * Possible values for the settings of filter-aaaa-on-v4 and * filter-aaaa-on-v6: "no" is NONE, "yes" is FILTER, "break-dnssec" diff --git a/bin/plugins/synthrecord.c b/bin/plugins/synthrecord.c index e348d55a642..3fdd7633f60 100644 --- a/bin/plugins/synthrecord.c +++ b/bin/plugins/synthrecord.c @@ -21,14 +21,6 @@ #include -#define CHECK(op) \ - do { \ - result = (op); \ - if (result != ISC_R_SUCCESS) { \ - goto cleanup; \ - } \ - } while (0) - #define DEFAULT_TTL 300 typedef enum { UNDEFINED, FORWARD, REVERSE } synthrecord_mode_t; diff --git a/bin/tests/system/dlzexternal/driver/driver.c b/bin/tests/system/dlzexternal/driver/driver.c index 9750fdc96ad..47ab393e736 100644 --- a/bin/tests/system/dlzexternal/driver/driver.c +++ b/bin/tests/system/dlzexternal/driver/driver.c @@ -49,13 +49,6 @@ dlz_dlopen_addrdataset_t dlz_addrdataset; dlz_dlopen_subrdataset_t dlz_subrdataset; dlz_dlopen_delrdataset_t dlz_delrdataset; -#define CHECK(x) \ - do { \ - result = (x); \ - if (result != ISC_R_SUCCESS) \ - goto failure; \ - } while (0) - #define loginfo(...) \ ({ \ if ((state != NULL) && (state->log != NULL)) \ @@ -258,7 +251,6 @@ dlz_create(const char *dlzname, unsigned int argc, char *argv[], void **dbdata, const char *helper_name; va_list ap; char soa_data[sizeof("@ hostmaster.root 123 900 600 86400 3600")]; - isc_result_t result; size_t n; UNUSED(dlzname); @@ -306,7 +298,8 @@ dlz_create(const char *dlzname, unsigned int argc, char *argv[], void **dbdata, } if (n >= sizeof(soa_data)) { - CHECK(ISC_R_NOSPACE); + free(state); + return ISC_R_NOSPACE; } add_name(state, &state->current[0], state->zone_name, "soa", 3600, @@ -320,10 +313,6 @@ dlz_create(const char *dlzname, unsigned int argc, char *argv[], void **dbdata, *dbdata = state; return ISC_R_SUCCESS; - -failure: - free(state); - return result; } /* diff --git a/bin/tests/system/dyndb/driver/util.h b/bin/tests/system/dyndb/driver/util.h index e3ccedfe7e8..b870b781f70 100644 --- a/bin/tests/system/dyndb/driver/util.h +++ b/bin/tests/system/dyndb/driver/util.h @@ -38,16 +38,3 @@ #include #include "log.h" - -#define CLEANUP_WITH(result_code) \ - do { \ - result = (result_code); \ - goto cleanup; \ - } while (0) - -#define CHECK(op) \ - do { \ - result = (op); \ - if (result != ISC_R_SUCCESS) \ - goto cleanup; \ - } while (0) diff --git a/bin/tests/system/dyndb/driver/zone.c b/bin/tests/system/dyndb/driver/zone.c index 9a02d4357c8..0264216fec2 100644 --- a/bin/tests/system/dyndb/driver/zone.c +++ b/bin/tests/system/dyndb/driver/zone.c @@ -130,8 +130,8 @@ publish_zone(sample_instance_t *inst, dns_zone_t *zone) { /* Return success if the zone is already in the view as expected. */ result = dns_view_findzone(inst->view, dns_zone_getorigin(zone), DNS_ZTFIND_EXACT, &zone_in_view); - if (result != ISC_R_SUCCESS && result != ISC_R_NOTFOUND) { - goto cleanup; + if (result != ISC_R_NOTFOUND) { + CHECK(result); } view_in_zone = dns_zone_getview(zone); @@ -139,7 +139,8 @@ publish_zone(sample_instance_t *inst, dns_zone_t *zone) { /* Zone has a view set -> view should contain the same zone. */ if (zone_in_view == zone) { /* Zone is already published in the right view. */ - CLEANUP_WITH(ISC_R_SUCCESS); + result = ISC_R_SUCCESS; + goto cleanup; } else if (view_in_zone != inst->view) { /* * Un-published inactive zone will have @@ -149,7 +150,7 @@ publish_zone(sample_instance_t *inst, dns_zone_t *zone) { dns_zone_log(zone, ISC_LOG_ERROR, "zone->view doesn't " "match data in the view"); - CLEANUP_WITH(ISC_R_UNEXPECTED); + CHECK(ISC_R_UNEXPECTED); } } @@ -157,7 +158,7 @@ publish_zone(sample_instance_t *inst, dns_zone_t *zone) { dns_zone_log(zone, ISC_LOG_ERROR, "cannot publish zone: view already " "contains another zone with this name"); - CLEANUP_WITH(ISC_R_UNEXPECTED); + CHECK(ISC_R_UNEXPECTED); } if (inst->view->frozen) { diff --git a/bin/tests/system/hooks/driver/test-async.c b/bin/tests/system/hooks/driver/test-async.c index 376529e15e9..af140e39ba0 100644 --- a/bin/tests/system/hooks/driver/test-async.c +++ b/bin/tests/system/hooks/driver/test-async.c @@ -35,14 +35,6 @@ #include #include -#define CHECK(op) \ - do { \ - result = (op); \ - if (result != ISC_R_SUCCESS) { \ - goto cleanup; \ - } \ - } while (0) - /* * Persistent data for use by this module. This will be associated * with client object address in the hash table, and will remain diff --git a/bin/tests/system/hooks/driver/test-syncplugin.c b/bin/tests/system/hooks/driver/test-syncplugin.c index a38379a916e..36409bbda96 100644 --- a/bin/tests/system/hooks/driver/test-syncplugin.c +++ b/bin/tests/system/hooks/driver/test-syncplugin.c @@ -28,14 +28,6 @@ typedef struct { char *firstlbl; } syncplugin_t; -#define CHECK(op) \ - do { \ - result = (op); \ - if (result != ISC_R_SUCCESS) { \ - goto cleanup; \ - } \ - } while (0) - static ns_hookresult_t syncplugin__hook(void *arg, void *cbdata, isc_result_t *resp) { query_ctx_t *qctx = (query_ctx_t *)arg; @@ -82,14 +74,11 @@ static cfg_type_t syncplugin__cfgparams = { static isc_result_t syncplugin__parse_rcode(const cfg_obj_t *syncplugincfg, uint8_t *rcode) { - isc_result_t result; + isc_result_t result = ISC_R_SUCCESS; const cfg_obj_t *obj = NULL; const char *rcodestr = NULL; - result = cfg_map_get(syncplugincfg, "rcode", &obj); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(cfg_map_get(syncplugincfg, "rcode", &obj)); rcodestr = obj->value.string.base; diff --git a/bin/tests/system/pipelined/pipequeries.c b/bin/tests/system/pipelined/pipequeries.c index 1e3340e06f9..3d6c26211b0 100644 --- a/bin/tests/system/pipelined/pipequeries.c +++ b/bin/tests/system/pipelined/pipequeries.c @@ -43,7 +43,7 @@ #include #include -#define CHECK(str, x) \ +#define CHECKM(str, x) \ { \ if ((x) != ISC_R_SUCCESS) { \ fprintf(stderr, "I:%s: %s\n", (str), \ @@ -84,7 +84,7 @@ recvresponse(void *arg) { result = dns_request_getresponse(request, response, DNS_MESSAGEPARSE_PRESERVEORDER); - CHECK("dns_request_getresponse", result); + CHECKM("dns_request_getresponse", result); if (response->rcode != dns_rcode_noerror) { result = dns_result_fromrcode(response->rcode); @@ -101,7 +101,7 @@ recvresponse(void *arg) { result = dns_message_sectiontotext( response, DNS_SECTION_ANSWER, &dns_master_style_simple, DNS_MESSAGETEXTFLAG_NOCOMMENTS, &outbuf); - CHECK("dns_message_sectiontotext", result); + CHECKM("dns_message_sectiontotext", result); printf("%.*s", (int)isc_buffer_usedlength(&outbuf), (char *)isc_buffer_base(&outbuf)); fflush(stdout); @@ -140,7 +140,7 @@ sendquery(void) { isc_buffer_add(&buf, strlen(host)); result = dns_name_fromtext(dns_fixedname_name(&queryname), &buf, dns_rootname, 0); - CHECK("dns_name_fromtext", result); + CHECKM("dns_name_fromtext", result); dns_message_create(isc_g_mctx, NULL, NULL, DNS_MESSAGE_INTENTRENDER, &message); @@ -164,7 +164,7 @@ sendquery(void) { requestmgr, message, have_src ? &srcaddr : NULL, &dstaddr, NULL, NULL, DNS_REQUESTOPT_TCP, NULL, TIMEOUT, TIMEOUT, 0, 0, isc_loop_main(), recvresponse, message, &request); - CHECK("dns_request_create", result); + CHECKM("dns_request_create", result); return ISC_R_SUCCESS; } @@ -258,13 +258,13 @@ main(int argc, char *argv[]) { result = ISC_R_FAILURE; if (inet_pton(AF_INET, "10.53.0.7", &inaddr) != 1) { - CHECK("inet_pton", result); + CHECKM("inet_pton", result); } isc_sockaddr_fromin(&srcaddr, &inaddr, 0); result = ISC_R_FAILURE; if (inet_pton(AF_INET, "10.53.0.4", &inaddr) != 1) { - CHECK("inet_pton", result); + CHECKM("inet_pton", result); } isc_sockaddr_fromin(&dstaddr, &inaddr, port); diff --git a/bin/tests/system/rsabigexponent/bigkey.c b/bin/tests/system/rsabigexponent/bigkey.c index af09f42b770..9e6e57ef0c2 100644 --- a/bin/tests/system/rsabigexponent/bigkey.c +++ b/bin/tests/system/rsabigexponent/bigkey.c @@ -57,7 +57,7 @@ RSA *rsa; BIGNUM *e; EVP_PKEY *pkey; -#define CHECK(op, msg) \ +#define CHECKM(op, msg) \ do { \ result = (op); \ if (result != ISC_R_SUCCESS) { \ @@ -116,22 +116,20 @@ main(int argc, char **argv) { name = dns_fixedname_initname(&fname); isc_buffer_constinit(&buf, "example.", strlen("example.")); isc_buffer_add(&buf, strlen("example.")); - CHECK(dns_name_fromtext(name, &buf, dns_rootname, 0, NULL), "dns_name_" - "fromtext(" - "\"example." - "\")"); - - CHECK(dst_key_buildinternal(name, DNS_KEYALG_RSASHA256, bits, - DNS_KEYOWNER_ZONE, DNS_KEYPROTO_DNSSEC, - dns_rdataclass_in, pkey, isc_g_mctx, &key), - "dst_key_buildinternal(...)"); - - CHECK(dst_key_tofile(key, DST_TYPE_PRIVATE | DST_TYPE_PUBLIC, NULL), - "dst_key_tofile()"); + CHECKM(dns_name_fromtext(name, &buf, dns_rootname, 0, NULL), + "dns_name_fromtext(\"example.\")"); + + CHECKM(dst_key_buildinternal(name, DNS_KEYALG_RSASHA256, bits, + DNS_KEYOWNER_ZONE, DNS_KEYPROTO_DNSSEC, + dns_rdataclass_in, pkey, isc_g_mctx, &key), + "dst_key_buildinternal(...)"); + + CHECKM(dst_key_tofile(key, DST_TYPE_PRIVATE | DST_TYPE_PUBLIC, NULL), + "dst_key_tofile()"); isc_buffer_init(&buf, filename, sizeof(filename) - 1); isc_buffer_clear(&buf); - CHECK(dst_key_buildfilename(key, 0, NULL, &buf), "dst_key_" - "buildfilename()"); + CHECKM(dst_key_buildfilename(key, 0, NULL, &buf), + "dst_key_buildfilename()"); printf("%s\n", filename); dst_key_free(&key); diff --git a/bin/tools/mdig.c b/bin/tools/mdig.c index 4aa31d9c294..4a25eeecf8c 100644 --- a/bin/tools/mdig.c +++ b/bin/tools/mdig.c @@ -53,7 +53,7 @@ #include #include -#define CHECK(str, x) \ +#define CHECKM(str, x) \ { \ if ((x) != ISC_R_SUCCESS) { \ fprintf(stderr, "mdig: %s failed with %s\n", (str), \ @@ -221,7 +221,7 @@ recvresponse(void *arg) { msgbuf = dns_request_getanswer(request); result = dns_request_getresponse(request, response, parseflags); - CHECK("dns_request_getresponse", result); + CHECKM("dns_request_getresponse", result); styleflags |= DNS_STYLEFLAG_REL_OWNER; if (yaml) { @@ -277,7 +277,7 @@ recvresponse(void *arg) { 48, 80, 8, display_splitwidth, isc_g_mctx); } - CHECK("dns_master_stylecreate2", result); + CHECKM("dns_master_stylecreate2", result); flags = 0; if (!display_headers) { @@ -341,7 +341,7 @@ recvresponse(void *arg) { printf(" %s:\n", "response_message_data"); result = dns_message_headertotext(response, style, flags, buf); - CHECK("dns_message_headertotext", result); + CHECKM("dns_message_headertotext", result); } else if (display_comments && !display_short_form) { printf(";; Got answer:\n"); @@ -404,7 +404,7 @@ repopulate_buffer: isc_buffer_allocate(isc_g_mctx, &buf, len); goto repopulate_buffer; } - CHECK("dns_message_pseudosectiontotext", result); + CHECKM("dns_message_pseudosectiontotext", result); } if (display_question && display_headers && !display_short_form) { @@ -413,7 +413,7 @@ repopulate_buffer: if (result == ISC_R_NOSPACE) { goto buftoosmall; } - CHECK("dns_message_sectiontotext", result); + CHECKM("dns_message_sectiontotext", result); } if (display_answer && !display_short_form) { @@ -422,7 +422,7 @@ repopulate_buffer: if (result == ISC_R_NOSPACE) { goto buftoosmall; } - CHECK("dns_message_sectiontotext", result); + CHECKM("dns_message_sectiontotext", result); } else if (display_answer) { dns_name_t empty_name; unsigned int answerstyleflags = 0; @@ -447,8 +447,7 @@ repopulate_buffer: if (result == ISC_R_NOSPACE) { goto buftoosmall; } - - CHECK("dns_rdata_tofmttext", result); + CHECKM("dns_rdata_tofmttext", result); if (strlen("\n") >= isc_buffer_availablelength(buf)) { @@ -466,7 +465,7 @@ repopulate_buffer: if (result == ISC_R_NOSPACE) { goto buftoosmall; } - CHECK("dns_message_sectiontotext", result); + CHECKM("dns_message_sectiontotext", result); } if (display_additional && !display_short_form) { @@ -475,7 +474,7 @@ repopulate_buffer: if (result == ISC_R_NOSPACE) { goto buftoosmall; } - CHECK("dns_message_sectiontotext", result); + CHECKM("dns_message_sectiontotext", result); } if (display_additional && !display_short_form && display_headers) { @@ -487,13 +486,13 @@ repopulate_buffer: if (result == ISC_R_NOSPACE) { goto buftoosmall; } - CHECK("dns_message_pseudosectiontotext", result); + CHECKM("dns_message_pseudosectiontotext", result); result = dns_message_pseudosectiontotext( response, DNS_PSEUDOSECTION_SIG0, style, flags, buf); if (result == ISC_R_NOSPACE) { goto buftoosmall; } - CHECK("dns_message_pseudosectiontotext", result); + CHECKM("dns_message_pseudosectiontotext", result); } if (display_headers && display_comments && !display_short_form && !yaml) @@ -549,7 +548,7 @@ sendquery(struct query *query) { isc_buffer_add(&buf, strlen(query->textname)); result = dns_name_fromtext(dns_fixedname_name(&queryname), &buf, dns_rootname, 0); - CHECK("dns_name_fromtext", result); + CHECKM("dns_name_fromtext", result); dns_message_create(isc_g_mctx, NULL, NULL, DNS_MESSAGE_INTENTRENDER, &message); @@ -608,7 +607,7 @@ sendquery(struct query *query) { if (query->nsid) { dns_ednsopt_t option = { .code = DNS_OPT_NSID }; result = dns_message_ednsaddopt(message, &option); - CHECK("dns_message_ednsaddopt", result); + CHECKM("dns_message_ednsaddopt", result); } if (query->ecs_addr != NULL) { @@ -663,7 +662,7 @@ sendquery(struct query *query) { .length = (uint16_t)addrl + 4 }; result = dns_message_ednsaddopt(message, &option); - CHECK("dns_message_ednsaddopt", result); + CHECKM("dns_message_ednsaddopt", result); } if (query->send_cookie) { @@ -674,7 +673,7 @@ sendquery(struct query *query) { isc_buffer_init(&b, cookie, sizeof(cookie)); result = isc_hex_decodestring(query->cookie, &b); - CHECK("isc_hex_decodestring", result); + CHECKM("isc_hex_decodestring", result); option.value = isc_buffer_base(&b); option.length = isc_buffer_usedlength(&b); } else { @@ -684,25 +683,25 @@ sendquery(struct query *query) { } result = dns_message_ednsaddopt(message, &option); - CHECK("dns_message_ednsaddopt", result); + CHECKM("dns_message_ednsaddopt", result); } if (query->expire) { dns_ednsopt_t option = { .code = DNS_OPT_EXPIRE }; result = dns_message_ednsaddopt(message, &option); - CHECK("dns_message_ednsaddopt", result); + CHECKM("dns_message_ednsaddopt", result); } if (query->ednsoptscnt != 0) { for (size_t i = 0; i < query->ednsoptscnt; i++) { result = dns_message_ednsaddopt( message, &query->ednsopts[i]); - CHECK("dns_message_ednsaddopt", result); + CHECKM("dns_message_ednsaddopt", result); } } result = dns_message_setopt(message); - CHECK("dns_message_setopt", result); + CHECKM("dns_message_setopt", result); } if (tcp_mode) { @@ -714,7 +713,7 @@ sendquery(struct query *query) { NULL, options, NULL, query->timeout, query->timeout, query->udptimeout, query->udpretries, isc_loop_main(), recvresponse, message, &request); - CHECK("dns_request_create", result); + CHECKM("dns_request_create", result); return ISC_R_SUCCESS; } @@ -928,7 +927,7 @@ save_opt(struct query *query, char *code, char *value) { buf = isc_mem_allocate(isc_g_mctx, strlen(value) / 2 + 1); isc_buffer_init(&b, buf, strlen(value) / 2 + 1); result = isc_hex_decodestring(value, &b); - CHECK("isc_hex_decodestring", result); + CHECKM("isc_hex_decodestring", result); query->ednsopts[query->ednsoptscnt].value = isc_buffer_base(&b); query->ednsopts[query->ednsoptscnt].length = isc_buffer_usedlength(&b); @@ -1025,9 +1024,9 @@ reverse_octets(const char *in, char **p, char *end) { if (dot != NULL) { isc_result_t result; result = reverse_octets(dot + 1, p, end); - CHECK("reverse_octets", result); + CHECKM("reverse_octets", result); result = append(".", 1, p, end); - CHECK("append", result); + CHECKM("append", result); len = (int)(dot - in); } else { len = strlen(in); @@ -1050,7 +1049,7 @@ get_reverse(char *reverse, size_t len, const char *value) { name = dns_fixedname_initname(&fname); result = dns_byaddr_createptrname(&addr, name); - CHECK("dns_byaddr_createptrname", result); + CHECKM("dns_byaddr_createptrname", result); dns_name_format(name, reverse, (unsigned int)len); return; } else { @@ -1064,10 +1063,10 @@ get_reverse(char *reverse, size_t len, const char *value) { char *p = reverse; char *end = reverse + len; result = reverse_octets(value, &p, end); - CHECK("reverse_octets", result); + CHECKM("reverse_octets", result); /* Append .in-addr.arpa. and a terminating NUL. */ result = append(".in-addr.arpa.", 15, &p, end); - CHECK("append", result); + CHECKM("append", result); return; } } @@ -1184,7 +1183,7 @@ plus_option(char *option, struct query *query, bool global) { } result = parse_uint(&num, value, COMMSIZE, "buffer size"); - CHECK("parse_uint(buffer size)", result); + CHECKM("parse_uint(buffer size)", result); query->udpsize = num; break; case 'r': /* burst */ @@ -1294,8 +1293,8 @@ plus_option(char *option, struct query *query, bool global) { result = parse_uint(&num, value, 255, "edns"); - CHECK("parse_uint(edns)", - result); + CHECKM("parse_uint(edns)", + result); query->edns = num; break; case 'f': @@ -1311,8 +1310,8 @@ plus_option(char *option, struct query *query, bool global) { result = parse_xint( &num, value, 0xffff, "ednsflags"); - CHECK("parse_xint(ednsflags)", - result); + CHECKM("parse_xint(ednsflags)", + result); if (query->edns == -1) { query->edns = 1; } @@ -1394,7 +1393,7 @@ plus_option(char *option, struct query *query, bool global) { } result = parse_uint(&query->udpretries, value, MAXTRIES - 1, "udpretries"); - CHECK("parse_uint(udpretries)", result); + CHECKM("parse_uint(udpretries)", result); break; default: goto invalid_option; @@ -1458,7 +1457,7 @@ plus_option(char *option, struct query *query, bool global) { if (display_splitwidth) { display_splitwidth += 3; } - CHECK("parse_uint(split)", result); + CHECKM("parse_uint(split)", result); break; case 'u': /* subnet */ FULLCHECK("subnet"); @@ -1476,7 +1475,7 @@ plus_option(char *option, struct query *query, bool global) { query->edns = 0; } result = parse_netprefix(&query->ecs_addr, value); - CHECK("parse_netprefix", result); + CHECKM("parse_netprefix", result); break; default: goto invalid_option; @@ -1499,7 +1498,7 @@ plus_option(char *option, struct query *query, bool global) { } result = parse_uint(&query->timeout, value, MAXTIMEOUT, "timeout"); - CHECK("parse_uint(timeout)", result); + CHECKM("parse_uint(timeout)", result); if (query->timeout == 0) { query->timeout = 1; } @@ -1514,7 +1513,7 @@ plus_option(char *option, struct query *query, bool global) { } result = parse_uint(&query->udpretries, value, MAXTRIES, "udpretries"); - CHECK("parse_uint(udpretries)", result); + CHECKM("parse_uint(udpretries)", result); if (query->udpretries > 0) { query->udpretries -= 1; } @@ -1559,7 +1558,7 @@ plus_option(char *option, struct query *query, bool global) { } result = parse_uint(&query->udptimeout, value, MAXTIMEOUT, "udptimeout"); - CHECK("parse_uint(udptimeout)", result); + CHECKM("parse_uint(udptimeout)", result); break; case 'n': FULLCHECK("unknownformat"); @@ -1689,7 +1688,7 @@ dash_option(const char *option, char *next, struct query *query, bool global, if (hash != NULL) { result = parse_uint(&num, hash + 1, MAXPORT, "port number"); - CHECK("parse_uint(srcport)", result); + CHECKM("parse_uint(srcport)", result); srcport = num; *hash = '\0'; } else { @@ -1717,7 +1716,7 @@ dash_option(const char *option, char *next, struct query *query, bool global, tr.length = strlen(value); result = dns_rdataclass_fromtext(&rdclass, (isc_textregion_t *)&tr); - CHECK("dns_rdataclass_fromtext", result); + CHECKM("dns_rdataclass_fromtext", result); query->rdclass = rdclass; return value_from_next; case 'f': @@ -1726,7 +1725,7 @@ dash_option(const char *option, char *next, struct query *query, bool global, case 'p': GLOBAL(); result = parse_uint(&num, value, MAXPORT, "port number"); - CHECK("parse_uint(port)", result); + CHECKM("parse_uint(port)", result); port = num; return value_from_next; case 't': @@ -1734,7 +1733,7 @@ dash_option(const char *option, char *next, struct query *query, bool global, tr.length = strlen(value); result = dns_rdatatype_fromtext(&rdtype, (isc_textregion_t *)&tr); - CHECK("dns_rdatatype_fromtext", result); + CHECKM("dns_rdatatype_fromtext", result); query->rdtype = rdtype; return value_from_next; case 'x': diff --git a/fuzz/dns_qpkey_name.c b/fuzz/dns_qpkey_name.c index c66eba8ea8b..ca7bb5ae2a7 100644 --- a/fuzz/dns_qpkey_name.c +++ b/fuzz/dns_qpkey_name.c @@ -44,6 +44,7 @@ LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) { isc_buffer_t buf; dns_qpkey_t key, cmp; dns_namespace_t space; + isc_result_t result; namein = dns_fixedname_initname(&fixedin); nameout = dns_fixedname_initname(&fixedout); @@ -77,5 +78,6 @@ LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) { assert((namerel > 0) == (keyrel > 0)); assert(space == DNS_DBNAMESPACE_NORMAL); +cleanup: return 0; } diff --git a/fuzz/dns_rdata_fromwire_text.c b/fuzz/dns_rdata_fromwire_text.c index cea16f55954..0e0f2447664 100644 --- a/fuzz/dns_rdata_fromwire_text.c +++ b/fuzz/dns_rdata_fromwire_text.c @@ -210,5 +210,6 @@ LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) { assert(target.used == size); assert(!memcmp(target.base, data, size)); +cleanup: return 0; } diff --git a/fuzz/fuzz.h b/fuzz/fuzz.h index 7f8a2f1feb4..95532e38551 100644 --- a/fuzz/fuzz.h +++ b/fuzz/fuzz.h @@ -32,8 +32,3 @@ LLVMFuzzerInitialize(int *argc ISC_ATTR_UNUSED, char ***argv ISC_ATTR_UNUSED); int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size); - -#define CHECK(x) \ - if ((x) != ISC_R_SUCCESS) { \ - return (0); \ - } diff --git a/fuzz/isc_lex_getmastertoken.c b/fuzz/isc_lex_getmastertoken.c index 2a657050541..1fa5803d665 100644 --- a/fuzz/isc_lex_getmastertoken.c +++ b/fuzz/isc_lex_getmastertoken.c @@ -71,5 +71,6 @@ LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) { result = isc_lex_getmastertoken(lex, &token, expect, eol); } while (result == ISC_R_SUCCESS && token.type != isc_tokentype_eof); +cleanup: return 0; } diff --git a/fuzz/isc_lex_gettoken.c b/fuzz/isc_lex_gettoken.c index 3acbe2ddbaa..a574368df27 100644 --- a/fuzz/isc_lex_gettoken.c +++ b/fuzz/isc_lex_gettoken.c @@ -50,5 +50,6 @@ LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) { result = isc_lex_gettoken(lex, 0, &token); } while (result == ISC_R_SUCCESS); +cleanup: return 0; } diff --git a/lib/dns/client.c b/lib/dns/client.c index c4f32e7595f..bca416c480a 100644 --- a/lib/dns/client.c +++ b/lib/dns/client.c @@ -59,13 +59,6 @@ #define UCTX_MAGIC ISC_MAGIC('U', 'c', 't', 'x') #define UCTX_VALID(c) ISC_MAGIC_VALID(c, UCTX_MAGIC) -#define CHECK(r) \ - do { \ - result = (r); \ - if (result != ISC_R_SUCCESS) \ - goto cleanup; \ - } while (0) - /*% * DNS client object */ diff --git a/lib/dns/diff.c b/lib/dns/diff.c index 82452968ada..d873c4365b7 100644 --- a/lib/dns/diff.c +++ b/lib/dns/diff.c @@ -36,13 +36,6 @@ #include #include -#define CHECK(op) \ - do { \ - result = (op); \ - if (result != ISC_R_SUCCESS) \ - goto failure; \ - } while (0) - static dns_rdatatype_t rdata_covers(dns_rdata_t *rdata) { return rdata->type == dns_rdatatype_rrsig ? dns_rdata_covers(rdata) : 0; @@ -494,7 +487,7 @@ diff_apply(const dns_diff_t *diff, dns_db_t *db, dns_dbversion_t *ver, } return ISC_R_SUCCESS; -failure: +cleanup: if (node != NULL) { dns_db_detachnode(&node); } @@ -584,7 +577,7 @@ dns_diff_load(const dns_diff_t *diff, dns_rdatacallbacks_t *callbacks) { } result = ISC_R_SUCCESS; -failure: +cleanup: if (callbacks->commit != NULL) { callbacks->commit(callbacks->add_private); } diff --git a/lib/dns/dnssec.c b/lib/dns/dnssec.c index 1432a10f92d..703366511de 100644 --- a/lib/dns/dnssec.c +++ b/lib/dns/dnssec.c @@ -43,13 +43,6 @@ isc_stats_t *dns_dnssec_stats; #define is_response(msg) ((msg->flags & DNS_MESSAGEFLAG_QR) != 0) -#define RETERR(x) \ - do { \ - result = (x); \ - if (result != ISC_R_SUCCESS) \ - goto failure; \ - } while (0) - #define TYPE_SIGN 0 #define TYPE_VERIFY 1 @@ -782,25 +775,25 @@ dns_dnssec_signmessage(dns_message_t *msg, dst_key_t *key) { isc_buffer_init(&databuf, data, sizeof(data)); - RETERR(dst_context_create(key, mctx, DNS_LOGCATEGORY_DNSSEC, true, - &ctx)); + CHECK(dst_context_create(key, mctx, DNS_LOGCATEGORY_DNSSEC, true, + &ctx)); /* * Digest the fields of the SIG - we can cheat and use * dns_rdata_fromstruct. Since siglen is 0, the digested data * is identical to dns format. */ - RETERR(dns_rdata_fromstruct(NULL, dns_rdataclass_any, - dns_rdatatype_sig /* SIG(0) */, &sig, - &databuf)); + CHECK(dns_rdata_fromstruct(NULL, dns_rdataclass_any, + dns_rdatatype_sig /* SIG(0) */, &sig, + &databuf)); isc_buffer_usedregion(&databuf, &r); - RETERR(dst_context_adddata(ctx, &r)); + CHECK(dst_context_adddata(ctx, &r)); /* * If this is a response, digest the query. */ if (is_response(msg)) { - RETERR(dst_context_adddata(ctx, &msg->query)); + CHECK(dst_context_adddata(ctx, &msg->query)); } /* @@ -809,29 +802,29 @@ dns_dnssec_signmessage(dns_message_t *msg, dst_key_t *key) { isc_buffer_init(&headerbuf, header, sizeof(header)); dns_message_renderheader(msg, &headerbuf); isc_buffer_usedregion(&headerbuf, &r); - RETERR(dst_context_adddata(ctx, &r)); + CHECK(dst_context_adddata(ctx, &r)); /* * Digest the remainder of the message. */ isc_buffer_usedregion(msg->buffer, &r); isc_region_consume(&r, DNS_MESSAGE_HEADERLEN); - RETERR(dst_context_adddata(ctx, &r)); + CHECK(dst_context_adddata(ctx, &r)); - RETERR(dst_key_sigsize(key, &sigsize)); + CHECK(dst_key_sigsize(key, &sigsize)); sig.siglen = sigsize; sig.signature = isc_mem_get(mctx, sig.siglen); isc_buffer_init(&sigbuf, sig.signature, sig.siglen); - RETERR(dst_context_sign(ctx, &sigbuf)); + CHECK(dst_context_sign(ctx, &sigbuf)); dst_context_destroy(&ctx); rdata = NULL; dns_message_gettemprdata(msg, &rdata); isc_buffer_allocate(msg->mctx, &dynbuf, 1024); - RETERR(dns_rdata_fromstruct(rdata, dns_rdataclass_any, - dns_rdatatype_sig /* SIG(0) */, &sig, - dynbuf)); + CHECK(dns_rdata_fromstruct(rdata, dns_rdataclass_any, + dns_rdatatype_sig /* SIG(0) */, &sig, + dynbuf)); isc_mem_put(mctx, sig.signature, sig.siglen); @@ -849,7 +842,7 @@ dns_dnssec_signmessage(dns_message_t *msg, dst_key_t *key) { return ISC_R_SUCCESS; -failure: +cleanup: if (dynbuf != NULL) { isc_buffer_free(&dynbuf); } @@ -895,21 +888,19 @@ dns_dnssec_verifymessage(isc_buffer_t *source, dns_message_t *msg, isc_buffer_usedregion(source, &source_r); - RETERR(dns_rdataset_first(msg->sig0)); + CHECK(dns_rdataset_first(msg->sig0)); dns_rdataset_current(msg->sig0, &rdata); - RETERR(dns_rdata_tostruct(&rdata, &sig, NULL)); + CHECK(dns_rdata_tostruct(&rdata, &sig, NULL)); signeedsfree = true; if (sig.labels != 0) { - result = DNS_R_SIGINVALID; - goto failure; + CHECK(DNS_R_SIGINVALID); } if (isc_serial_lt(sig.timeexpire, sig.timesigned)) { - result = DNS_R_SIGINVALID; msg->sig0status = dns_tsigerror_badtime; - goto failure; + CHECK(DNS_R_SIGINVALID); } if (msg->fuzzing) { @@ -919,36 +910,33 @@ dns_dnssec_verifymessage(isc_buffer_t *source, dns_message_t *msg, } if (isc_serial_lt((uint32_t)now, sig.timesigned)) { - result = DNS_R_SIGFUTURE; msg->sig0status = dns_tsigerror_badtime; - goto failure; + CHECK(DNS_R_SIGFUTURE); } else if (isc_serial_lt(sig.timeexpire, (uint32_t)now)) { - result = DNS_R_SIGEXPIRED; msg->sig0status = dns_tsigerror_badtime; - goto failure; + CHECK(DNS_R_SIGEXPIRED); } if (!dns_name_equal(dst_key_name(key), &sig.signer)) { - result = DNS_R_SIGINVALID; msg->sig0status = dns_tsigerror_badkey; - goto failure; + CHECK(DNS_R_SIGINVALID); } - RETERR(dst_context_create(key, mctx, DNS_LOGCATEGORY_DNSSEC, false, - &ctx)); + CHECK(dst_context_create(key, mctx, DNS_LOGCATEGORY_DNSSEC, false, + &ctx)); /* * Digest the SIG(0) record, except for the signature. */ dns_rdata_toregion(&rdata, &r); r.length -= sig.siglen; - RETERR(dst_context_adddata(ctx, &r)); + CHECK(dst_context_adddata(ctx, &r)); /* * If this is a response, digest the query. */ if (is_response(msg)) { - RETERR(dst_context_adddata(ctx, &msg->query)); + CHECK(dst_context_adddata(ctx, &msg->query)); } /* @@ -969,21 +957,21 @@ dns_dnssec_verifymessage(isc_buffer_t *source, dns_message_t *msg, */ header_r.base = (unsigned char *)header; header_r.length = DNS_MESSAGE_HEADERLEN; - RETERR(dst_context_adddata(ctx, &header_r)); + CHECK(dst_context_adddata(ctx, &header_r)); /* * Digest all non-SIG(0) records. */ r.base = source_r.base + DNS_MESSAGE_HEADERLEN; r.length = msg->sigstart - DNS_MESSAGE_HEADERLEN; - RETERR(dst_context_adddata(ctx, &r)); + CHECK(dst_context_adddata(ctx, &r)); sig_r.base = sig.signature; sig_r.length = sig.siglen; result = dst_context_verify(ctx, &sig_r); if (result != ISC_R_SUCCESS) { msg->sig0status = dns_tsigerror_badsig; - goto failure; + goto cleanup; } msg->verified_sig = 1; @@ -994,7 +982,7 @@ dns_dnssec_verifymessage(isc_buffer_t *source, dns_message_t *msg, return ISC_R_SUCCESS; -failure: +cleanup: if (signeedsfree) { dns_rdata_freestruct(&sig); } @@ -1236,7 +1224,7 @@ findmatchingkeys(const char *directory, bool rrtypekey, char *namebuf, directory = "."; } - RETERR(isc_dir_open(&dir, directory)); + CHECK(isc_dir_open(&dir, directory)); dir_open = true; while (isc_dir_read(&dir) == ISC_R_SUCCESS) { @@ -1315,7 +1303,7 @@ findmatchingkeys(const char *directory, bool rrtypekey, char *namebuf, } result = match ? ISC_R_SUCCESS : ISC_R_NOTFOUND; -failure: +cleanup: if (dir_open) { isc_dir_close(&dir); } @@ -1344,15 +1332,15 @@ dns_dnssec_findmatchingkeys(const dns_name_t *origin, dns_kasp_t *kasp, ISC_LIST_INIT(list); isc_buffer_init(&b, namebuf, sizeof(namebuf) - 1); - RETERR(dns_name_tofilenametext(origin, false, &b)); + CHECK(dns_name_tofilenametext(origin, false, &b)); len = isc_buffer_usedlength(&b); namebuf[len] = '\0'; if (kasp == NULL || (strcmp(dns_kasp_getname(kasp), "none") == 0) || (strcmp(dns_kasp_getname(kasp), "insecure") == 0)) { - RETERR(findmatchingkeys(keydir, rrtypekey, namebuf, len, mctx, - now, &list)); + CHECK(findmatchingkeys(keydir, rrtypekey, namebuf, len, mctx, + now, &list)); } else if (keystores != NULL) { ISC_LIST_FOREACH(*keystores, keystore, link) { ISC_LIST_FOREACH(dns_kasp_keys(kasp), kkey, link) { @@ -1360,7 +1348,7 @@ dns_dnssec_findmatchingkeys(const dns_name_t *origin, dns_kasp_t *kasp, const char *directory = dns_keystore_directory(keystore, keydir); - RETERR(findmatchingkeys( + CHECK(findmatchingkeys( directory, rrtypekey, namebuf, len, mctx, now, &list)); break; @@ -1376,7 +1364,7 @@ dns_dnssec_findmatchingkeys(const dns_name_t *origin, dns_kasp_t *kasp, result = ISC_R_NOTFOUND; } -failure: +cleanup: ISC_LIST_FOREACH(list, key, link) { ISC_LIST_UNLINK(list, key, link); INSIST(key->key != NULL); @@ -1556,7 +1544,7 @@ dns_dnssec_keylistfromrdataset(const dns_name_t *origin, dns_kasp_t *kasp, goto skip; } - RETERR(dns_dnssec_keyfromrdata(origin, &rdata, mctx, &dnskey)); + CHECK(dns_dnssec_keyfromrdata(origin, &rdata, mctx, &dnskey)); dst_key_setttl(dnskey, keys.ttl); if (!is_zone_key(dnskey)) { @@ -1580,7 +1568,7 @@ dns_dnssec_keylistfromrdataset(const dns_name_t *origin, dns_kasp_t *kasp, if (result == ISC_R_FILENOTFOUND || result == ISC_R_NOPERM) { result = ISC_R_SUCCESS; } - RETERR(result); + CHECK(result); if (kasp != NULL && dns_kasp_offlineksk(kasp) && (dst_key_flags(dnskey) & DNS_KEYFLAG_KSK) != 0) @@ -1663,7 +1651,7 @@ dns_dnssec_keylistfromrdataset(const dns_name_t *origin, dns_kasp_t *kasp, } goto skip; } - RETERR(result); + CHECK(result); /* * Whatever the key's default TTL may have @@ -1685,16 +1673,16 @@ dns_dnssec_keylistfromrdataset(const dns_name_t *origin, dns_kasp_t *kasp, } if (keysigs != NULL && dns_rdataset_isassociated(keysigs)) { - RETERR(mark_active_keys(keylist, keysigs)); + CHECK(mark_active_keys(keylist, keysigs)); } if (soasigs != NULL && dns_rdataset_isassociated(soasigs)) { - RETERR(mark_active_keys(keylist, soasigs)); + CHECK(mark_active_keys(keylist, soasigs)); } result = ISC_R_SUCCESS; -failure: +cleanup: if (dns_rdataset_isassociated(&keys)) { dns_rdataset_disassociate(&keys); } @@ -1758,7 +1746,7 @@ publish_key(dns_diff_t *diff, dns_dnsseckey_t *key, const dns_name_t *origin, dns_rdata_t dnskey = DNS_RDATA_INIT; dns_rdata_reset(&dnskey); - RETERR(dns_dnssec_make_dnskey(key->key, buf, sizeof(buf), &dnskey)); + CHECK(dns_dnssec_make_dnskey(key->key, buf, sizeof(buf), &dnskey)); dst_key_format(key->key, keystr, sizeof(keystr)); report("Fetching %s (%s) from key %s.", keystr, @@ -1779,7 +1767,7 @@ publish_key(dns_diff_t *diff, dns_dnsseckey_t *key, const dns_name_t *origin, /* publish key */ addrdata(&dnskey, diff, origin, ttl, mctx); -failure: +cleanup: return result; } @@ -1798,10 +1786,10 @@ remove_key(dns_diff_t *diff, dns_dnsseckey_t *key, const dns_name_t *origin, report("Removing %s key %s/%d/%s from DNSKEY RRset.", reason, namebuf, dst_key_id(key->key), alg); - RETERR(dns_dnssec_make_dnskey(key->key, buf, sizeof(buf), &dnskey)); + CHECK(dns_dnssec_make_dnskey(key->key, buf, sizeof(buf), &dnskey)); delrdata(&dnskey, diff, origin, ttl, mctx); -failure: +cleanup: return result; } @@ -1915,8 +1903,8 @@ dns_dnssec_syncupdate(dns_dnsseckeylist_t *keys, dns_dnsseckeylist_t *rmkeys, dns_rdata_t cdnskeyrdata = DNS_RDATA_INIT; dns_name_t *origin = dst_key_name(key->key); - RETERR(dns_dnssec_make_dnskey(key->key, keybuf, sizeof(keybuf), - &cdnskeyrdata)); + CHECK(dns_dnssec_make_dnskey(key->key, keybuf, sizeof(keybuf), + &cdnskeyrdata)); cdnskeyrdata.type = dns_rdatatype_cdnskey; if (syncpublish(key->key, now)) { @@ -1924,10 +1912,9 @@ dns_dnssec_syncupdate(dns_dnsseckeylist_t *keys, dns_dnsseckeylist_t *rmkeys, dst_key_format(key->key, keystr, sizeof(keystr)); ISC_LIST_FOREACH(*digests, alg, link) { - RETERR(add_cds(key, &cdnskeyrdata, - (const char *)keystr, cds, - alg->digest, cdsttl, diff, - mctx)); + CHECK(add_cds(key, &cdnskeyrdata, + (const char *)keystr, cds, + alg->digest, cdsttl, diff, mctx)); } if (gencdnskey && @@ -1992,8 +1979,8 @@ dns_dnssec_syncupdate(dns_dnsseckeylist_t *keys, dns_dnsseckeylist_t *rmkeys, char keystr[DST_KEY_FORMATSIZE]; dst_key_format(key->key, keystr, sizeof(keystr)); - RETERR(dns_dnssec_make_dnskey(key->key, keybuf, sizeof(keybuf), - &cdnskeyrdata)); + CHECK(dns_dnssec_make_dnskey(key->key, keybuf, sizeof(keybuf), + &cdnskeyrdata)); if (dns_rdataset_isassociated(cds)) { delete_cds(key, &cdnskeyrdata, (const char *)keystr, @@ -2019,7 +2006,7 @@ dns_dnssec_syncupdate(dns_dnsseckeylist_t *keys, dns_dnsseckeylist_t *rmkeys, result = ISC_R_SUCCESS; -failure: +cleanup: return result; } @@ -2125,8 +2112,8 @@ dns_dnssec_updatekeys(dns_dnsseckeylist_t *keys, dns_dnsseckeylist_t *newkeys, if (key->source == dns_keysource_user && (key->hint_publish || key->force_publish)) { - RETERR(publish_key(diff, key, origin, ttl, mctx, - report)); + CHECK(publish_key(diff, key, origin, ttl, mctx, + report)); } if (key->source == dns_keysource_zoneapex) { ttl = dst_key_getttl(key->key); @@ -2195,8 +2182,8 @@ dns_dnssec_updatekeys(dns_dnsseckeylist_t *keys, dns_dnsseckeylist_t *newkeys, if (key1->source != dns_keysource_zoneapex && (key1->hint_publish || key1->force_publish)) { - RETERR(publish_key(diff, key1, origin, ttl, - mctx, report)); + CHECK(publish_key(diff, key1, origin, ttl, mctx, + report)); isc_log_write( DNS_LOGCATEGORY_DNSSEC, DNS_LOGMODULE_DNSSEC, ISC_LOG_INFO, @@ -2230,8 +2217,8 @@ dns_dnssec_updatekeys(dns_dnsseckeylist_t *keys, dns_dnsseckeylist_t *newkeys, /* Match found: remove or update it as needed */ if (key1->hint_remove) { - RETERR(remove_key(diff, key2, origin, ttl, mctx, - "expired", report)); + CHECK(remove_key(diff, key2, origin, ttl, mctx, + "expired", report)); ISC_LIST_UNLINK(*keys, key2, link); if (removed != NULL) { @@ -2254,8 +2241,8 @@ dns_dnssec_updatekeys(dns_dnsseckeylist_t *keys, dns_dnsseckeylist_t *newkeys, * We need to remove the old version and pull * in the new one. */ - RETERR(remove_key(diff, key2, origin, ttl, mctx, - "revoked", report)); + CHECK(remove_key(diff, key2, origin, ttl, mctx, + "revoked", report)); ISC_LIST_UNLINK(*keys, key2, link); if (removed != NULL) { ISC_LIST_APPEND(*removed, key2, link); @@ -2272,8 +2259,8 @@ dns_dnssec_updatekeys(dns_dnsseckeylist_t *keys, dns_dnsseckeylist_t *newkeys, dns_dnsseckey_destroy(mctx, &key2); } - RETERR(publish_key(diff, key1, origin, ttl, mctx, - report)); + CHECK(publish_key(diff, key1, origin, ttl, mctx, + report)); ISC_LIST_UNLINK(*newkeys, key1, link); ISC_LIST_APPEND(*keys, key1, link); @@ -2323,7 +2310,7 @@ dns_dnssec_updatekeys(dns_dnsseckeylist_t *keys, dns_dnsseckeylist_t *newkeys, result = ISC_R_SUCCESS; -failure: +cleanup: return result; } diff --git a/lib/dns/dnstap.c b/lib/dns/dnstap.c index 40750b5936e..ab9b994b6d0 100644 --- a/lib/dns/dnstap.c +++ b/lib/dns/dnstap.c @@ -120,13 +120,6 @@ struct dns_dtenv { isc_stats_t *stats; }; -#define CHECK(x) \ - do { \ - result = (x); \ - if (result != ISC_R_SUCCESS) \ - goto cleanup; \ - } while (0) - typedef struct ioq { unsigned int generation; struct fstrm_iothr_queue *ioq; diff --git a/lib/dns/dst_api.c b/lib/dns/dst_api.c index 2d6f739c030..3f9743e3b2d 100644 --- a/lib/dns/dst_api.c +++ b/lib/dns/dst_api.c @@ -68,36 +68,27 @@ #define DST_AS_STR(t) ((t).value.as_textregion.base) -#define NEXTTOKEN(lex, opt, token) \ - { \ - ret = isc_lex_gettoken(lex, opt, token); \ - if (ret != ISC_R_SUCCESS) \ - goto cleanup; \ - } - -#define NEXTTOKEN_OR_EOF(lex, opt, token) \ - do { \ - ret = isc_lex_gettoken(lex, opt, token); \ - if (ret == ISC_R_EOF) \ - break; \ - if (ret != ISC_R_SUCCESS) \ - goto cleanup; \ +#define NEXTTOKEN(lex, opt, token) CHECK(isc_lex_gettoken(lex, opt, token)) + +#define NEXTTOKEN_OR_EOF(lex, opt, token) \ + do { \ + result = isc_lex_gettoken(lex, opt, token); \ + if (result == ISC_R_EOF) { \ + break; \ + } \ + CHECK(result); \ } while ((*token).type == isc_tokentype_eol); -#define READLINE(lex, opt, token) \ - do { \ - ret = isc_lex_gettoken(lex, opt, token); \ - if (ret == ISC_R_EOF) \ - break; \ - if (ret != ISC_R_SUCCESS) \ - goto cleanup; \ +#define READLINE(lex, opt, token) \ + do { \ + result = isc_lex_gettoken(lex, opt, token); \ + if (result == ISC_R_EOF) { \ + break; \ + } \ + CHECK(result); \ } while ((*token).type != isc_tokentype_eol) -#define BADTOKEN() \ - { \ - ret = ISC_R_UNEXPECTEDTOKEN; \ - goto cleanup; \ - } +#define BADTOKEN() CHECK(ISC_R_UNEXPECTEDTOKEN) static const char *numerictags[DST_MAX_NUMERIC] = { [DST_NUM_PREDECESSOR] = "Predecessor:", @@ -193,13 +184,6 @@ static isc_result_t addsuffix(char *filename, int len, const char *dirname, const char *ofilename, const char *suffix); -#define RETERR(x) \ - do { \ - result = (x); \ - if (result != ISC_R_SUCCESS) \ - goto out; \ - } while (0) - #define CHECKALG(alg) \ do { \ isc_result_t _r; \ @@ -383,8 +367,6 @@ dst_context_verify(dst_context_t *dctx, isc_region_t *sig) { isc_result_t dst_key_tofile(const dst_key_t *key, int type, const char *directory) { - isc_result_t ret = ISC_R_SUCCESS; - REQUIRE(VALID_KEY(key)); REQUIRE((type & (DST_TYPE_PRIVATE | DST_TYPE_PUBLIC | DST_TYPE_STATE)) != 0); @@ -396,17 +378,11 @@ dst_key_tofile(const dst_key_t *key, int type, const char *directory) { } if ((type & DST_TYPE_PUBLIC) != 0) { - ret = write_public_key(key, type, directory); - if (ret != ISC_R_SUCCESS) { - return ret; - } + RETERR(write_public_key(key, type, directory)); } if ((type & DST_TYPE_STATE) != 0) { - ret = write_key_state(key, type, directory); - if (ret != ISC_R_SUCCESS) { - return ret; - } + RETERR(write_key_state(key, type, directory)); } if (((type & DST_TYPE_PRIVATE) != 0) && @@ -497,32 +473,20 @@ dst_key_fromfile(dns_name_t *name, dns_keytag_t id, unsigned int alg, int type, key = NULL; isc_buffer_init(&buf, filename, NAME_MAX); - result = dst_key_getfilename(name, id, alg, type, NULL, mctx, &buf); - if (result != ISC_R_SUCCESS) { - goto out; - } - - result = dst_key_fromnamedfile(filename, directory, type, mctx, &key); - if (result != ISC_R_SUCCESS) { - goto out; - } - - result = computeid(key); - if (result != ISC_R_SUCCESS) { - goto out; - } + CHECK(dst_key_getfilename(name, id, alg, type, NULL, mctx, &buf)); + CHECK(dst_key_fromnamedfile(filename, directory, type, mctx, &key)); + CHECK(computeid(key)); if (!dns_name_equal(name, key->key_name) || id != key->key_id || alg != key->key_alg) { - result = DST_R_INVALIDPRIVATEKEY; - goto out; + CHECK(DST_R_INVALIDPRIVATEKEY); } *keyp = key; result = ISC_R_SUCCESS; -out: +cleanup: if ((key != NULL) && (result != ISC_R_SUCCESS)) { dst_key_free(&key); } @@ -558,7 +522,7 @@ dst_key_fromnamedfile(const char *filename, const char *dirname, int type, ".key"); INSIST(result == ISC_R_SUCCESS); - RETERR(dst_key_read_public(newfilename, type, mctx, &pubkey)); + CHECK(dst_key_read_public(newfilename, type, mctx, &pubkey)); isc_mem_put(mctx, newfilename, newfilenamelen); /* @@ -584,20 +548,20 @@ dst_key_fromnamedfile(const char *filename, const char *dirname, int type, /* Having no state is valid. */ result = ISC_R_SUCCESS; } - RETERR(result); + CHECK(result); } if ((type & (DST_TYPE_PRIVATE | DST_TYPE_PUBLIC)) == DST_TYPE_PUBLIC || (pubkey->key_flags & DNS_KEYFLAG_TYPEMASK) == DNS_KEYTYPE_NOKEY) { - RETERR(computeid(pubkey)); + CHECK(computeid(pubkey)); pubkey->modified = false; *keyp = pubkey; pubkey = NULL; - goto out; + goto cleanup; } - RETERR(algorithm_status(pubkey->key_alg)); + CHECK(algorithm_status(pubkey->key_alg)); key = get_key_struct(pubkey->key_name, pubkey->key_alg, pubkey->key_flags, pubkey->key_proto, @@ -605,7 +569,7 @@ dst_key_fromnamedfile(const char *filename, const char *dirname, int type, pubkey->key_ttl, mctx); if (key->func->parse == NULL) { - RETERR(DST_R_UNSUPPORTEDALG); + CHECK(DST_R_UNSUPPORTEDALG); } newfilenamelen = strlen(filename) + 9; @@ -618,10 +582,10 @@ dst_key_fromnamedfile(const char *filename, const char *dirname, int type, INSIST(result == ISC_R_SUCCESS); isc_lex_create(mctx, 1500, &lex); - RETERR(isc_lex_openfile(lex, newfilename)); + CHECK(isc_lex_openfile(lex, newfilename)); isc_mem_put(mctx, newfilename, newfilenamelen); - RETERR(key->func->parse(key, lex, pubkey)); + CHECK(key->func->parse(key, lex, pubkey)); isc_lex_destroy(&lex); key->kasp = false; @@ -633,13 +597,13 @@ dst_key_fromnamedfile(const char *filename, const char *dirname, int type, /* Having no state is valid. */ result = ISC_R_SUCCESS; } - RETERR(result); + CHECK(result); } - RETERR(computeid(key)); + CHECK(computeid(key)); if (pubkey->key_id != key->key_id) { - RETERR(DST_R_INVALIDPRIVATEKEY); + CHECK(DST_R_INVALIDPRIVATEKEY); } key->modified = false; @@ -650,7 +614,7 @@ dst_key_fromnamedfile(const char *filename, const char *dirname, int type, *keyp = key; key = NULL; -out: +cleanup: if (pubkey != NULL) { dst_key_free(&pubkey); } @@ -808,13 +772,13 @@ dst_key_fromgssapi(const dns_name_t *name, dns_gss_ctx_id_t gssctx, */ isc_buffer_allocate(key->mctx, &key->key_tkeytoken, intoken->length); - RETERR(isc_buffer_copyregion(key->key_tkeytoken, intoken)); + CHECK(isc_buffer_copyregion(key->key_tkeytoken, intoken)); } key->keydata.gssctx = gssctx; *keyp = key; result = ISC_R_SUCCESS; -out: +cleanup: if (result != ISC_R_SUCCESS) { dst_key_free(&key); } @@ -955,7 +919,7 @@ dst_key_generate(const dns_name_t *name, unsigned int alg, unsigned int bits, dns_rdataclass_t rdclass, const char *label, isc_mem_t *mctx, dst_key_t **keyp, void (*callback)(int)) { dst_key_t *key; - isc_result_t ret; + isc_result_t result; REQUIRE(dns_name_isabsolute(name)); REQUIRE(mctx != NULL); @@ -981,16 +945,16 @@ dst_key_generate(const dns_name_t *name, unsigned int alg, unsigned int bits, return DST_R_UNSUPPORTEDALG; } - ret = key->func->generate(key, param, callback); - if (ret != ISC_R_SUCCESS) { + result = key->func->generate(key, param, callback); + if (result != ISC_R_SUCCESS) { dst_key_free(&key); - return ret; + return result; } - ret = computeid(key); - if (ret != ISC_R_SUCCESS) { + result = computeid(key); + if (result != ISC_R_SUCCESS) { dst_key_free(&key); - return ret; + return result; } *keyp = key; @@ -1514,13 +1478,12 @@ dst_key_read_public(const char *filename, int type, isc_mem_t *mctx, dns_fixedname_t name; isc_lex_t *lex = NULL; isc_token_t token; - isc_result_t ret; + isc_result_t result; dns_rdata_t rdata = DNS_RDATA_INIT; unsigned int opt = ISC_LEXOPT_DNSMULTILINE | ISC_LEXOPT_ESCAPE; dns_rdataclass_t rdclass = dns_rdataclass_in; isc_lexspecials_t specials; uint32_t ttl = 0; - isc_result_t result; dns_rdatatype_t keytype; /* @@ -1540,10 +1503,7 @@ dst_key_read_public(const char *filename, int type, isc_mem_t *mctx, isc_lex_setspecials(lex, specials); isc_lex_setcomments(lex, ISC_LEXCOMMENT_DNSMASTERFILE); - ret = isc_lex_openfile(lex, filename); - if (ret != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(isc_lex_openfile(lex, filename)); /* Read the domain name */ NEXTTOKEN(lex, opt, &token); @@ -1561,10 +1521,8 @@ dst_key_read_public(const char *filename, int type, isc_mem_t *mctx, dns_fixedname_init(&name); isc_buffer_init(&b, DST_AS_STR(token), strlen(DST_AS_STR(token))); isc_buffer_add(&b, strlen(DST_AS_STR(token))); - ret = dns_name_fromtext(dns_fixedname_name(&name), &b, dns_rootname, 0); - if (ret != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(dns_name_fromtext(dns_fixedname_name(&name), &b, dns_rootname, + 0)); /* Read the next word: either TTL, class, or 'KEY' */ NEXTTOKEN(lex, opt, &token); @@ -1583,8 +1541,8 @@ dst_key_read_public(const char *filename, int type, isc_mem_t *mctx, BADTOKEN(); } - ret = dns_rdataclass_fromtext(&rdclass, &token.value.as_textregion); - if (ret == ISC_R_SUCCESS) { + result = dns_rdataclass_fromtext(&rdclass, &token.value.as_textregion); + if (result == ISC_R_SUCCESS) { NEXTTOKEN(lex, opt, &token); } @@ -1603,22 +1561,16 @@ dst_key_read_public(const char *filename, int type, isc_mem_t *mctx, if (((type & DST_TYPE_KEY) != 0 && keytype != dns_rdatatype_key) || ((type & DST_TYPE_KEY) == 0 && keytype != dns_rdatatype_dnskey)) { - ret = DST_R_BADKEYTYPE; + result = DST_R_BADKEYTYPE; goto cleanup; } isc_buffer_init(&b, rdatabuf, sizeof(rdatabuf)); - ret = dns_rdata_fromtext(&rdata, rdclass, keytype, lex, NULL, false, - mctx, &b, NULL); - if (ret != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(dns_rdata_fromtext(&rdata, rdclass, keytype, lex, NULL, false, + mctx, &b, NULL)); - ret = dst_key_fromdns(dns_fixedname_name(&name), rdclass, &b, mctx, - keyp); - if (ret != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(dst_key_fromdns(dns_fixedname_name(&name), rdclass, &b, mctx, + keyp)); dst_key_setttl(*keyp, ttl); @@ -1626,7 +1578,7 @@ cleanup: if (lex != NULL) { isc_lex_destroy(&lex); } - return ret; + return result; } static int @@ -1677,16 +1629,13 @@ isc_result_t dst_key_read_state(const char *filename, isc_mem_t *mctx, dst_key_t **keyp) { isc_lex_t *lex = NULL; isc_token_t token; - isc_result_t ret; + isc_result_t result; unsigned int opt = ISC_LEXOPT_EOL; isc_lex_create(mctx, 1500, &lex); isc_lex_setcomments(lex, ISC_LEXCOMMENT_DNSMASTERFILE); - ret = isc_lex_openfile(lex, filename); - if (ret != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(isc_lex_openfile(lex, filename)); /* * Read the comment line. @@ -1738,7 +1687,7 @@ dst_key_read_state(const char *filename, isc_mem_t *mctx, dst_key_t **keyp) { int tag; NEXTTOKEN_OR_EOF(lex, opt, &token); - if (ret == ISC_R_EOF) { + if (result == ISC_R_EOF) { break; } if (token.type != isc_tokentype_string) { @@ -1791,10 +1740,7 @@ dst_key_read_state(const char *filename, isc_mem_t *mctx, dst_key_t **keyp) { BADTOKEN(); } - ret = dns_time32_fromtext(DST_AS_STR(token), &when); - if (ret != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(dns_time32_fromtext(DST_AS_STR(token), &when)); dst_key_settime(*keyp, tag, when); goto next; @@ -1812,10 +1758,7 @@ dst_key_read_state(const char *filename, isc_mem_t *mctx, dst_key_t **keyp) { BADTOKEN(); } - ret = keystate_fromtext(DST_AS_STR(token), &state); - if (ret != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(keystate_fromtext(DST_AS_STR(token), &state)); dst_key_setstate(*keyp, tag, state); goto next; @@ -1826,13 +1769,13 @@ dst_key_read_state(const char *filename, isc_mem_t *mctx, dst_key_t **keyp) { } /* Done, successfully parsed the whole file. */ - ret = ISC_R_SUCCESS; + result = ISC_R_SUCCESS; cleanup: if (lex != NULL) { isc_lex_destroy(&lex); } - return ret; + return result; } static bool @@ -2197,13 +2140,9 @@ computeid(dst_key_t *key) { isc_buffer_t dnsbuf; unsigned char dns_array[DST_KEY_MAXSIZE]; isc_region_t r; - isc_result_t ret; isc_buffer_init(&dnsbuf, dns_array, sizeof(dns_array)); - ret = dst_key_todns(key, &dnsbuf); - if (ret != ISC_R_SUCCESS) { - return ret; - } + RETERR(dst_key_todns(key, &dnsbuf)); isc_buffer_usedregion(&dnsbuf, &r); key->key_id = dst_region_computeid(&r); @@ -2216,7 +2155,7 @@ frombuffer(const dns_name_t *name, unsigned int alg, unsigned int flags, unsigned int protocol, dns_rdataclass_t rdclass, isc_buffer_t *source, isc_mem_t *mctx, dst_key_t **keyp) { dst_key_t *key; - isc_result_t ret; + isc_result_t result; REQUIRE(dns_name_isabsolute(name)); REQUIRE(source != NULL); @@ -2242,20 +2181,20 @@ frombuffer(const dns_name_t *name, unsigned int alg, unsigned int flags, key = get_key_struct(name, alg, flags, protocol, 0, rdclass, 0, mctx); if (isc_buffer_remaininglength(source) > 0) { - ret = algorithm_status(alg); - if (ret != ISC_R_SUCCESS) { + result = algorithm_status(alg); + if (result != ISC_R_SUCCESS) { dst_key_free(&key); - return ret; + return result; } if (key->func->fromdns == NULL) { dst_key_free(&key); return DST_R_UNSUPPORTEDALG; } - ret = key->func->fromdns(key, source); - if (ret != ISC_R_SUCCESS) { + result = key->func->fromdns(key, source); + if (result != ISC_R_SUCCESS) { dst_key_free(&key); - return ret; + return result; } } diff --git a/lib/dns/dst_parse.c b/lib/dns/dst_parse.c index 9dc4f9cedd6..0310f3be797 100644 --- a/lib/dns/dst_parse.c +++ b/lib/dns/dst_parse.c @@ -400,7 +400,7 @@ dst__privstruct_parse(dst_key_t *key, unsigned int alg, isc_lex_t *lex, unsigned char *data = NULL; unsigned int opt = ISC_LEXOPT_EOL; isc_stdtime_t when; - isc_result_t ret; + isc_result_t result; bool external = false; REQUIRE(priv != NULL); @@ -408,20 +408,19 @@ dst__privstruct_parse(dst_key_t *key, unsigned int alg, isc_lex_t *lex, priv->nelements = 0; memset(priv->elements, 0, sizeof(priv->elements)); -#define NEXTTOKEN(lex, opt, token) \ - do { \ - ret = isc_lex_gettoken(lex, opt, token); \ - if (ret != ISC_R_SUCCESS) \ - goto fail; \ +#define NEXTTOKEN(lex, opt, token) \ + do { \ + CHECK(isc_lex_gettoken(lex, opt, token)); \ } while (0) -#define READLINE(lex, opt, token) \ - do { \ - ret = isc_lex_gettoken(lex, opt, token); \ - if (ret == ISC_R_EOF) \ - break; \ - else if (ret != ISC_R_SUCCESS) \ - goto fail; \ +#define READLINE(lex, opt, token) \ + do { \ + result = isc_lex_gettoken(lex, opt, token); \ + if (result == ISC_R_EOF) { \ + break; \ + } else if (result != ISC_R_SUCCESS) { \ + goto cleanup; \ + } \ } while ((*token).type != isc_tokentype_eol) /* @@ -431,24 +430,24 @@ dst__privstruct_parse(dst_key_t *key, unsigned int alg, isc_lex_t *lex, if (token.type != isc_tokentype_string || strcmp(DST_AS_STR(token), PRIVATE_KEY_STR) != 0) { - ret = DST_R_INVALIDPRIVATEKEY; - goto fail; + result = DST_R_INVALIDPRIVATEKEY; + goto cleanup; } NEXTTOKEN(lex, opt, &token); if (token.type != isc_tokentype_string || (DST_AS_STR(token))[0] != 'v') { - ret = DST_R_INVALIDPRIVATEKEY; - goto fail; + result = DST_R_INVALIDPRIVATEKEY; + goto cleanup; } if (sscanf(DST_AS_STR(token), "v%d.%d", &major, &minor) != 2) { - ret = DST_R_INVALIDPRIVATEKEY; - goto fail; + result = DST_R_INVALIDPRIVATEKEY; + goto cleanup; } if (major > DST_MAJOR_VERSION) { - ret = DST_R_INVALIDPRIVATEKEY; - goto fail; + result = DST_R_INVALIDPRIVATEKEY; + goto cleanup; } /* @@ -465,16 +464,16 @@ dst__privstruct_parse(dst_key_t *key, unsigned int alg, isc_lex_t *lex, if (token.type != isc_tokentype_string || strcmp(DST_AS_STR(token), ALGORITHM_STR) != 0) { - ret = DST_R_INVALIDPRIVATEKEY; - goto fail; + result = DST_R_INVALIDPRIVATEKEY; + goto cleanup; } NEXTTOKEN(lex, opt | ISC_LEXOPT_NUMBER, &token); if (token.type != isc_tokentype_number || token.value.as_ulong != (unsigned long)dst_key_alg(key)) { - ret = DST_R_INVALIDPRIVATEKEY; - goto fail; + result = DST_R_INVALIDPRIVATEKEY; + goto cleanup; } READLINE(lex, opt, &token); @@ -486,18 +485,18 @@ dst__privstruct_parse(dst_key_t *key, unsigned int alg, isc_lex_t *lex, int tag; isc_region_t r; do { - ret = isc_lex_gettoken(lex, opt, &token); - if (ret == ISC_R_EOF) { + result = isc_lex_gettoken(lex, opt, &token); + if (result == ISC_R_EOF) { goto done; } - if (ret != ISC_R_SUCCESS) { - goto fail; + if (result != ISC_R_SUCCESS) { + goto cleanup; } } while (token.type == isc_tokentype_eol); if (token.type != isc_tokentype_string) { - ret = DST_R_INVALIDPRIVATEKEY; - goto fail; + result = DST_R_INVALIDPRIVATEKEY; + goto cleanup; } if (strcmp(DST_AS_STR(token), "External:") == 0) { @@ -512,8 +511,8 @@ dst__privstruct_parse(dst_key_t *key, unsigned int alg, isc_lex_t *lex, NEXTTOKEN(lex, opt | ISC_LEXOPT_NUMBER, &token); if (token.type != isc_tokentype_number) { - ret = DST_R_INVALIDPRIVATEKEY; - goto fail; + result = DST_R_INVALIDPRIVATEKEY; + goto cleanup; } dst_key_setnum(key, tag, token.value.as_ulong); @@ -527,14 +526,11 @@ dst__privstruct_parse(dst_key_t *key, unsigned int alg, isc_lex_t *lex, NEXTTOKEN(lex, opt, &token); if (token.type != isc_tokentype_string) { - ret = DST_R_INVALIDPRIVATEKEY; - goto fail; + result = DST_R_INVALIDPRIVATEKEY; + goto cleanup; } - ret = dns_time32_fromtext(DST_AS_STR(token), &when); - if (ret != ISC_R_SUCCESS) { - goto fail; - } + CHECK(dns_time32_fromtext(DST_AS_STR(token), &when)); dst_key_settime(key, tag, when); @@ -546,8 +542,8 @@ dst__privstruct_parse(dst_key_t *key, unsigned int alg, isc_lex_t *lex, if (tag < 0 && minor > DST_MINOR_VERSION) { goto next; } else if (tag < 0) { - ret = DST_R_INVALIDPRIVATEKEY; - goto fail; + result = DST_R_INVALIDPRIVATEKEY; + goto cleanup; } priv->elements[n].tag = tag; @@ -555,10 +551,7 @@ dst__privstruct_parse(dst_key_t *key, unsigned int alg, isc_lex_t *lex, data = isc_mem_get(mctx, MAXFIELDSIZE); isc_buffer_init(&b, data, MAXFIELDSIZE); - ret = isc_base64_tobuffer(lex, &b, -1); - if (ret != ISC_R_SUCCESS) { - goto fail; - } + CHECK(isc_base64_tobuffer(lex, &b, -1)); isc_buffer_usedregion(&b, &r); priv->elements[n].length = r.length; @@ -572,30 +565,30 @@ dst__privstruct_parse(dst_key_t *key, unsigned int alg, isc_lex_t *lex, done: if (external && priv->nelements != 0) { - ret = DST_R_INVALIDPRIVATEKEY; - goto fail; + result = DST_R_INVALIDPRIVATEKEY; + goto cleanup; } check = check_data(priv, alg, true, external); if (check < 0) { - ret = DST_R_INVALIDPRIVATEKEY; - goto fail; + result = DST_R_INVALIDPRIVATEKEY; + goto cleanup; } else if (check != ISC_R_SUCCESS) { - ret = check; - goto fail; + result = check; + goto cleanup; } key->external = external; return ISC_R_SUCCESS; -fail: +cleanup: dst__privstruct_free(priv, mctx); if (data != NULL) { isc_mem_put(mctx, data, MAXFIELDSIZE); } - return ret; + return result; } isc_result_t diff --git a/lib/dns/dyndb.c b/lib/dns/dyndb.c index 646d179cf8e..889a230ce73 100644 --- a/lib/dns/dyndb.c +++ b/lib/dns/dyndb.c @@ -28,13 +28,6 @@ #include "dyndb_p.h" -#define CHECK(op) \ - do { \ - result = (op); \ - if (result != ISC_R_SUCCESS) \ - goto cleanup; \ - } while (0) - typedef struct dyndb_implementation dyndb_implementation_t; struct dyndb_implementation { isc_mem_t *mctx; diff --git a/lib/dns/gssapictx.c b/lib/dns/gssapictx.c index ea39bb5d98b..67cdc0cfca2 100644 --- a/lib/dns/gssapictx.c +++ b/lib/dns/gssapictx.c @@ -82,13 +82,6 @@ static gss_OID_desc __gss_spnego_mechanism_oid_desc = { (r).base = (gb).value; \ } while (0) -#define RETERR(x) \ - do { \ - result = (x); \ - if (result != ISC_R_SUCCESS) \ - goto out; \ - } while (0) - static void name_to_gbuffer(const dns_name_t *name, isc_buffer_t *buffer, gss_buffer_desc *gbuffer) { @@ -321,8 +314,7 @@ dst_gssapi_initctx(const dns_name_t *name, isc_buffer_t *intoken, gret = gss_import_name(&minor, &gnamebuf, GSS_C_NO_OID, &gname); if (gret != GSS_S_COMPLETE) { gss_err_message(mctx, gret, minor, err_message); - result = ISC_R_FAILURE; - goto out; + CHECK(ISC_R_FAILURE); } if (intoken != NULL) { @@ -353,8 +345,7 @@ dst_gssapi_initctx(const dns_name_t *name, isc_buffer_t *intoken, gss_log(3, "Failure initiating security context"); } - result = ISC_R_FAILURE; - goto out; + CHECK(ISC_R_FAILURE); } /* @@ -367,7 +358,7 @@ dst_gssapi_initctx(const dns_name_t *name, isc_buffer_t *intoken, */ if (gouttoken.length != 0U) { GBUFFER_TO_REGION(gouttoken, r); - RETERR(isc_buffer_copyregion(outtoken, &r)); + CHECK(isc_buffer_copyregion(outtoken, &r)); } if (gret == GSS_S_COMPLETE) { @@ -376,7 +367,7 @@ dst_gssapi_initctx(const dns_name_t *name, isc_buffer_t *intoken, result = DNS_R_CONTINUE; } -out: +cleanup: if (gouttoken.length != 0U) { (void)gss_release_buffer(&minor, &gouttoken); } @@ -479,7 +470,7 @@ dst_gssapi_acceptctx(const char *gssapi_keytab, isc_region_t *intoken, isc_buffer_allocate(mctx, outtoken, (unsigned int)gouttoken.length); GBUFFER_TO_REGION(gouttoken, r); - RETERR(isc_buffer_copyregion(*outtoken, &r)); + CHECK(isc_buffer_copyregion(*outtoken, &r)); (void)gss_release_buffer(&minor, &gouttoken); } @@ -489,7 +480,7 @@ dst_gssapi_acceptctx(const char *gssapi_keytab, isc_region_t *intoken, gss_log(3, "failed gss_display_name: %s", gss_error_tostring(gret, minor, buf, sizeof(buf))); - RETERR(ISC_R_FAILURE); + CHECK(ISC_R_FAILURE); } /* @@ -511,7 +502,7 @@ dst_gssapi_acceptctx(const char *gssapi_keytab, isc_region_t *intoken, isc_buffer_init(&namebuf, r.base, r.length); isc_buffer_add(&namebuf, r.length); - RETERR(dns_name_fromtext(principal, &namebuf, dns_rootname, 0)); + CHECK(dns_name_fromtext(principal, &namebuf, dns_rootname, 0)); if (gnamebuf.length != 0U) { gret = gss_release_buffer(&minor, &gnamebuf); @@ -527,7 +518,7 @@ dst_gssapi_acceptctx(const char *gssapi_keytab, isc_region_t *intoken, *ctxout = context; -out: +cleanup: if (gname != NULL) { gret = gss_release_name(&minor, &gname); if (gret != GSS_S_COMPLETE) { diff --git a/lib/dns/journal.c b/lib/dns/journal.c index 894fbea9f30..9c969a4a0af 100644 --- a/lib/dns/journal.c +++ b/lib/dns/journal.c @@ -80,25 +80,6 @@ * Miscellaneous utilities. */ -/*% - * It would be non-sensical (or at least obtuse) to use FAIL() with an - * ISC_R_SUCCESS code, but the test is there to keep the Solaris compiler - * from complaining about "end-of-loop code not reached". - */ -#define FAIL(code) \ - do { \ - result = (code); \ - if (result != ISC_R_SUCCESS) \ - goto failure; \ - } while (0) - -#define CHECK(op) \ - do { \ - result = (op); \ - if (result != ISC_R_SUCCESS) \ - goto failure; \ - } while (0) - #define JOURNAL_SERIALSET 0x01U static isc_result_t @@ -641,14 +622,14 @@ journal_open(isc_mem_t *mctx, const char *filename, bool writable, bool create, */ result = isc_stdio_open(j->filename, "rb+", &fp); } else { - FAIL(ISC_R_NOTFOUND); + CHECK(ISC_R_NOTFOUND); } } if (result != ISC_R_SUCCESS) { isc_log_write(DNS_LOGCATEGORY_GENERAL, DNS_LOGMODULE_JOURNAL, ISC_LOG_ERROR, "%s: open: %s", j->filename, isc_result_totext(result)); - FAIL(ISC_R_UNEXPECTED); + CHECK(ISC_R_UNEXPECTED); } j->fp = fp; @@ -687,7 +668,7 @@ journal_open(isc_mem_t *mctx, const char *filename, bool writable, bool create, isc_log_write(DNS_LOGCATEGORY_GENERAL, DNS_LOGMODULE_JOURNAL, ISC_LOG_ERROR, "%s: journal format not recognized", j->filename); - FAIL(ISC_R_UNEXPECTED); + CHECK(ISC_R_UNEXPECTED); } journal_header_decode(&rawheader, &j->header); @@ -740,7 +721,7 @@ journal_open(isc_mem_t *mctx, const char *filename, bool writable, bool create, *journalp = j; return ISC_R_SUCCESS; -failure: +cleanup: j->magic = 0; if (j->rawindex != NULL) { isc_mem_cput(j->mctx, j->rawindex, j->header.index_size, @@ -920,7 +901,7 @@ maybe_fixup_xhdr(dns_journal_t *j, journal_xhdr_t *xhdr, uint32_t serial, j->recovered = true; } -failure: +cleanup: return result; } @@ -1002,7 +983,7 @@ journal_next(dns_journal_t *j, journal_pos_t *pos) { pos->serial = xhdr.serial1; return ISC_R_SUCCESS; -failure: +cleanup: return result; } @@ -1183,7 +1164,7 @@ dns_journal_begin_transaction(dns_journal_t *j) { j->state = JOURNAL_STATE_TRANSACTION; result = ISC_R_SUCCESS; -failure: +cleanup: return result; } @@ -1270,7 +1251,7 @@ dns_journal_writediff(dns_journal_t *j, dns_diff_t *diff) { result = ISC_R_SUCCESS; -failure: +cleanup: if (mem != NULL) { isc_mem_put(j->mctx, mem, size); } @@ -1417,7 +1398,7 @@ dns_journal_commit(dns_journal_t *j) { result = ISC_R_SUCCESS; -failure: +cleanup: return result; } @@ -1430,7 +1411,7 @@ dns_journal_write_transaction(dns_journal_t *j, dns_diff_t *diff) { CHECK(dns_journal_writediff(j, diff)); CHECK(dns_journal_commit(j)); result = ISC_R_SUCCESS; -failure: +cleanup: return result; } @@ -1568,7 +1549,7 @@ dns_journal_rollforward(dns_journal_t *j, dns_db_t *db, unsigned int options) { "%s: journal file corrupt: missing " "initial SOA", j->filename); - FAIL(ISC_R_UNEXPECTED); + CHECK(ISC_R_UNEXPECTED); } if ((options & DNS_JOURNALOPT_RESIGN) != 0) { op = (n_soa == 1) ? DNS_DIFFOP_DELRESIGN @@ -1606,7 +1587,7 @@ dns_journal_rollforward(dns_journal_t *j, dns_db_t *db, unsigned int options) { dns_diff_clear(&diff); } -failure: +cleanup: if (ver != NULL) { dns_db_closeversion(db, &ver, result == ISC_R_SUCCESS ? true : false); @@ -1714,7 +1695,7 @@ dns_journal_print(isc_mem_t *mctx, uint32_t flags, const char *filename, "%s: journal file corrupt: missing " "initial SOA", j->filename); - FAIL(ISC_R_UNEXPECTED); + CHECK(ISC_R_UNEXPECTED); } if (print) { @@ -1756,14 +1737,14 @@ dns_journal_print(isc_mem_t *mctx, uint32_t flags, const char *filename, result = dns_diff_print(&diff, file); dns_diff_clear(&diff); } - goto cleanup; + goto done; -failure: +cleanup: isc_log_write(DNS_LOGCATEGORY_GENERAL, DNS_LOGMODULE_JOURNAL, ISC_LOG_ERROR, "%s: cannot print: journal file corrupt", j->filename); -cleanup: +done: if (source.base != NULL) { isc_mem_put(j->mctx, source.base, source.length); } @@ -1924,7 +1905,7 @@ dns_journal_iter_init(dns_journal_t *j, uint32_t begin_serial, } result = ISC_R_SUCCESS; -failure: +cleanup: j->it.result = result; return j->it.result; } @@ -1945,7 +1926,7 @@ dns_journal_first_rr(dns_journal_t *j) { return read_one_rr(j); -failure: +cleanup: return result; } @@ -1981,7 +1962,7 @@ read_one_rr(dns_journal_t *j) { DNS_LOGMODULE_JOURNAL, ISC_LOG_ERROR, "%s: journal corrupt: empty transaction", j->filename); - FAIL(ISC_R_UNEXPECTED); + CHECK(ISC_R_UNEXPECTED); } if (j->header_ver1) { @@ -1998,7 +1979,7 @@ read_one_rr(dns_journal_t *j) { "expected serial %u, got %u", j->filename, j->it.current_serial, xhdr.serial0); - FAIL(ISC_R_UNEXPECTED); + CHECK(ISC_R_UNEXPECTED); } j->it.xsize = xhdr.size; @@ -2021,7 +2002,7 @@ read_one_rr(dns_journal_t *j) { "%s: journal corrupt: impossible RR size " "(%d bytes)", j->filename, rrhdr.size); - FAIL(ISC_R_UNEXPECTED); + CHECK(ISC_R_UNEXPECTED); } size_buffer(j->mctx, &j->it.source, rrhdr.size); @@ -2050,7 +2031,7 @@ read_one_rr(dns_journal_t *j) { * Check that the RR header is there, and parse it. */ if (isc_buffer_remaininglength(&j->it.source) < 10) { - FAIL(DNS_R_FORMERR); + CHECK(DNS_R_FORMERR); } rdtype = isc_buffer_getuint16(&j->it.source); @@ -2064,14 +2045,14 @@ read_one_rr(dns_journal_t *j) { "%s: journal corrupt: impossible rdlen " "(%u bytes)", j->filename, rdlen); - FAIL(ISC_R_FAILURE); + CHECK(ISC_R_FAILURE); } /* * Parse the rdata. */ if (isc_buffer_remaininglength(&j->it.source) != rdlen) { - FAIL(DNS_R_FORMERR); + CHECK(DNS_R_FORMERR); } isc_buffer_setactive(&j->it.source, rdlen); dns_rdata_reset(&j->it.rdata); @@ -2087,7 +2068,7 @@ read_one_rr(dns_journal_t *j) { result = ISC_R_SUCCESS; -failure: +cleanup: j->it.result = result; return result; } @@ -2243,7 +2224,7 @@ dns_diff_subtract(dns_diff_t diff[2], dns_diff_t *r) { ISC_LIST_APPENDLIST(r->tuples, del, link); ISC_LIST_APPENDLIST(r->tuples, add, link); result = ISC_R_SUCCESS; -failure: +cleanup: return result; } @@ -2335,16 +2316,16 @@ diff_namespace(dns_db_t *dba, dns_dbversion_t *dbvera, dns_db_t *dbb, next:; } if (itresult[0] != ISC_R_NOMORE) { - FAIL(itresult[0]); + CHECK(itresult[0]); } if (itresult[1] != ISC_R_NOMORE) { - FAIL(itresult[1]); + CHECK(itresult[1]); } INSIST(ISC_LIST_EMPTY(diff[0].tuples)); INSIST(ISC_LIST_EMPTY(diff[1].tuples)); -failure: +cleanup: dns_dbiterator_destroy(&dbit[1]); cleanup_iterator: @@ -2402,7 +2383,7 @@ dns_db_diffx(dns_diff_t *diff, dns_db_t *dba, dns_dbversion_t *dbvera, } } -failure: +cleanup: if (journal != NULL) { dns_journal_destroy(&journal); } @@ -2789,7 +2770,7 @@ dns_journal_compact(isc_mem_t *mctx, char *filename, uint32_t serial, if (result != ISC_R_SUCCESS && result != ISC_R_FILENOTFOUND) { - goto failure; + CHECK(result); } if (rename(filename, backup) == -1) { goto maperrno; @@ -2800,14 +2781,13 @@ dns_journal_compact(isc_mem_t *mctx, char *filename, uint32_t serial, (void)isc_file_remove(backup); } else { maperrno: - result = ISC_R_FAILURE; - goto failure; + CHECK(ISC_R_FAILURE); } } result = ISC_R_SUCCESS; -failure: +cleanup: (void)isc_file_remove(newname); if (buf != NULL) { isc_mem_put(mctx, buf, size); @@ -2845,6 +2825,6 @@ index_to_disk(dns_journal_t *j) { CHECK(journal_seek(j, sizeof(journal_rawheader_t))); CHECK(journal_write(j, j->rawindex, rawbytes)); } -failure: +cleanup: return result; } diff --git a/lib/dns/keymgr.c b/lib/dns/keymgr.c index 6ccb4ef8774..acb31bd322a 100644 --- a/lib/dns/keymgr.c +++ b/lib/dns/keymgr.c @@ -34,13 +34,6 @@ #include -#define RETERR(x) \ - do { \ - result = (x); \ - if (result != ISC_R_SUCCESS) \ - goto failure; \ - } while (0) - /* * Set key state to `target` state and change last changed * to `time`, only if key state has not been set before. @@ -520,16 +513,16 @@ keymgr_createkey(dns_kasp_key_t *kkey, const dns_name_t *origin, result = dns_dnssec_findmatchingkeys(origin, NULL, keydir, NULL, now, true, mctx, &keykeys); if (result != ISC_R_SUCCESS && result != ISC_R_NOTFOUND) { - goto failure; + goto cleanup; } do { if (keystore == NULL) { - RETERR(dst_key_generate(origin, alg, size, 0, flags, - DNS_KEYPROTO_DNSSEC, rdclass, - NULL, mctx, &newkey, NULL)); + CHECK(dst_key_generate(origin, alg, size, 0, flags, + DNS_KEYPROTO_DNSSEC, rdclass, + NULL, mctx, &newkey, NULL)); } else { - RETERR(dns_keystore_keygen( + CHECK(dns_keystore_keygen( keystore, origin, dns_kasp_getname(kasp), rdclass, mctx, alg, size, flags, &newkey)); } @@ -567,7 +560,7 @@ keymgr_createkey(dns_kasp_key_t *kkey, const dns_name_t *origin, *dst_key = newkey; result = ISC_R_SUCCESS; -failure: +cleanup: while (!ISC_LIST_EMPTY(keykeys)) { dns_dnsseckey_t *key = ISC_LIST_HEAD(keykeys); ISC_LIST_UNLINK(keykeys, key, link); @@ -2346,9 +2339,9 @@ dns_keymgr_run(const dns_name_t *origin, dns_rdataclass_t rdclass, } /* See if this key requires a rollover. */ - RETERR(keymgr_key_rollover( - kkey, active_key, keyring, &newkeys, origin, rdclass, - kasp, keydir, lifetime, opts, now, nexttime, mctx)); + CHECK(keymgr_key_rollover(kkey, active_key, keyring, &newkeys, + origin, rdclass, kasp, keydir, + lifetime, opts, now, nexttime, mctx)); opts &= ~DNS_KEYMGRATTR_NOROLL; } @@ -2389,7 +2382,7 @@ dns_keymgr_run(const dns_name_t *origin, dns_rdataclass_t rdclass, } dns_dnssec_get_hints(dkey, now); - RETERR(dst_key_tofile(dkey->key, options, directory)); + CHECK(dst_key_tofile(dkey->key, options, directory)); dst_key_setmodified(dkey->key, false); if (!isc_log_wouldlog(ISC_LOG_DEBUG(3))) { @@ -2407,8 +2400,9 @@ dns_keymgr_run(const dns_name_t *origin, dns_rdataclass_t rdclass, } result = retval; -failure: - if (result != ISC_R_SUCCESS && result != DNS_R_UNCHANGED) { + +cleanup: + if (result != ISC_R_SUCCESS) { ISC_LIST_FOREACH(newkeys, newkey, link) { ISC_LIST_UNLINK(newkeys, newkey, link); INSIST(newkey->key != NULL); @@ -2532,22 +2526,22 @@ keytime_status(dst_key_t *key, isc_stdtime_t now, isc_buffer_t *buf, isc_stdtime_t when = 0; dst_key_state_t state = NA; - RETERR(isc_buffer_printf(buf, "%s", pre)); + CHECK(isc_buffer_printf(buf, "%s", pre)); (void)dst_key_getstate(key, ks, &state); isc_result_t r = dst_key_gettime(key, kt, &when); if (state == RUMOURED || state == OMNIPRESENT) { - RETERR(isc_buffer_printf(buf, "yes - since ")); + CHECK(isc_buffer_printf(buf, "yes - since ")); } else if (now < when) { - RETERR(isc_buffer_printf(buf, "no - scheduled ")); + CHECK(isc_buffer_printf(buf, "no - scheduled ")); } else { return isc_buffer_printf(buf, "no\n"); } if (r == ISC_R_SUCCESS) { isc_stdtime_tostring(when, timestr, sizeof(timestr)); - RETERR(isc_buffer_printf(buf, "%s\n", timestr)); + CHECK(isc_buffer_printf(buf, "%s\n", timestr)); } -failure: +cleanup: return result; } @@ -2559,16 +2553,16 @@ keystate_status(dst_key_t *key, isc_buffer_t *buf, const char *pre, int ks) { (void)dst_key_getstate(key, ks, &state); switch (state) { case HIDDEN: - RETERR(isc_buffer_printf(buf, " - %shidden\n", pre)); + CHECK(isc_buffer_printf(buf, " - %shidden\n", pre)); break; case RUMOURED: - RETERR(isc_buffer_printf(buf, " - %srumoured\n", pre)); + CHECK(isc_buffer_printf(buf, " - %srumoured\n", pre)); break; case OMNIPRESENT: - RETERR(isc_buffer_printf(buf, " - %somnipresent\n", pre)); + CHECK(isc_buffer_printf(buf, " - %somnipresent\n", pre)); break; case UNRETENTIVE: - RETERR(isc_buffer_printf(buf, " - %sunretentive\n", pre)); + CHECK(isc_buffer_printf(buf, " - %sunretentive\n", pre)); break; case NA: default: @@ -2576,7 +2570,7 @@ keystate_status(dst_key_t *key, isc_buffer_t *buf, const char *pre, int ks) { break; } -failure: +cleanup: return result; } @@ -2602,47 +2596,47 @@ rollover_status(dns_dnsseckey_t *dkey, dns_kasp_t *kasp, (void)dst_key_getstate(key, DST_KEY_DS, &ds); // publish status - RETERR(keytime_status(key, now, buf, " Published: ", DST_KEY_DNSKEY, - DST_TIME_PUBLISH)); + CHECK(keytime_status(key, now, buf, " Published: ", DST_KEY_DNSKEY, + DST_TIME_PUBLISH)); // signing status result = dst_key_getbool(key, DST_BOOL_KSK, &ksk); if (result == ISC_R_SUCCESS && ksk) { - RETERR(keytime_status(key, now, buf, " Key signing: ", - DST_KEY_KRRSIG, DST_TIME_PUBLISH)); + CHECK(keytime_status(key, now, buf, " Key signing: ", + DST_KEY_KRRSIG, DST_TIME_PUBLISH)); } result = dst_key_getbool(key, DST_BOOL_ZSK, &zsk); if (result == ISC_R_SUCCESS && zsk) { - RETERR(keytime_status(key, now, buf, " Zone signing: ", - DST_KEY_ZRRSIG, DST_TIME_ACTIVATE)); + CHECK(keytime_status(key, now, buf, " Zone signing: ", + DST_KEY_ZRRSIG, DST_TIME_ACTIVATE)); } if (zsk) { if (goal == OMNIPRESENT) { if (dnskey == HIDDEN && zrrsig == HIDDEN) { - RETERR(isc_buffer_printf( + CHECK(isc_buffer_printf( buf, " Key is created but not " "published yet.\n")); } else if (dnskey == RUMOURED && zrrsig == HIDDEN) { - RETERR(isc_buffer_printf( + CHECK(isc_buffer_printf( buf, " Key is pre-published.\n")); } else if (dnskey == RUMOURED && zrrsig == RUMOURED) { - RETERR(isc_buffer_printf(buf, " Introducing " - "new key.\n")); + CHECK(isc_buffer_printf(buf, " Introducing " + "new key.\n")); } else if (dnskey == OMNIPRESENT && zrrsig == HIDDEN) { - RETERR(isc_buffer_printf( + CHECK(isc_buffer_printf( buf, " Key is published, but not yet " "signing.\n")); } else if (dnskey == OMNIPRESENT && zrrsig == RUMOURED) { if (keymgr_dep(key, keyring, NULL)) { - RETERR(isc_buffer_printf( + CHECK(isc_buffer_printf( buf, " Key is published, waiting " "for the zone to be completely " "signed with this key.\n")); } else { - RETERR(isc_buffer_printf( + CHECK(isc_buffer_printf( buf, " Key is published, " "introducing signatures.\n")); @@ -2654,7 +2648,7 @@ rollover_status(dns_dnsseckey_t *dkey, dns_kasp_t *kasp, log_next_rollover = true; } } else { - RETERR(isc_buffer_printf( + CHECK(isc_buffer_printf( buf, " Key is in unexpected state, " "performing auto-healing.\n")); *verbose = true; @@ -2662,7 +2656,7 @@ rollover_status(dns_dnsseckey_t *dkey, dns_kasp_t *kasp, } else if (goal == HIDDEN) { if (dnskey == OMNIPRESENT && zrrsig == OMNIPRESENT) { if (!ksk) { - RETERR(isc_buffer_printf( + CHECK(isc_buffer_printf( buf, " Key will be retired " "after successor key " "becomes active.\n")); @@ -2670,24 +2664,24 @@ rollover_status(dns_dnsseckey_t *dkey, dns_kasp_t *kasp, } else if (dnskey == OMNIPRESENT && zrrsig == UNRETENTIVE) { - RETERR(isc_buffer_printf( + CHECK(isc_buffer_printf( buf, " Key is retired, waiting until all " "signatures generated with this key " "are replaced with successor.\n")); } else if (dnskey == OMNIPRESENT && zrrsig == HIDDEN) { - RETERR(isc_buffer_printf( + CHECK(isc_buffer_printf( buf, " Key is retired, no longer " "signing the zone.\n")); } else if (dnskey == UNRETENTIVE && zrrsig == HIDDEN) { - RETERR(isc_buffer_printf( - buf, " Key is removed from zone.\n")); + CHECK(isc_buffer_printf(buf, " Key is removed " + "from zone.\n")); } else if (dnskey == HIDDEN && zrrsig == HIDDEN) { - RETERR(isc_buffer_printf( + CHECK(isc_buffer_printf( buf, " Key is completely hidden " "(waiting to be purged).\n")); } else { - RETERR(isc_buffer_printf( + CHECK(isc_buffer_printf( buf, " WARNING: Key is in unexpected " "state, " "performing auto-healing.\n")); @@ -2698,24 +2692,24 @@ rollover_status(dns_dnsseckey_t *dkey, dns_kasp_t *kasp, if (goal == OMNIPRESENT) { if (dnskey == HIDDEN && ds == HIDDEN) { if (!zsk) { - RETERR(isc_buffer_printf( + CHECK(isc_buffer_printf( buf, " Key is created but not " "published yet.\n")); } } else if (dnskey == RUMOURED && ds == HIDDEN) { if (!zsk) { - RETERR(isc_buffer_printf( + CHECK(isc_buffer_printf( buf, " Key is pre-published.\n")); } } else if (dnskey == OMNIPRESENT && ds == HIDDEN) { if (keymgr_dep(key, keyring, NULL)) { - RETERR(isc_buffer_printf( + CHECK(isc_buffer_printf( buf, " Waiting for the DS to be " "submitted to the parent.\n")); } else { - RETERR(isc_buffer_printf( + CHECK(isc_buffer_printf( buf, " Wait for zone to be fully " "signed before submitting the " @@ -2726,19 +2720,19 @@ rollover_status(dns_dnsseckey_t *dkey, dns_kasp_t *kasp, isc_result_t ret = dst_key_gettime( key, DST_TIME_DSPUBLISH, &dstime); if (ret != ISC_R_SUCCESS || dstime > now) { - RETERR(isc_buffer_printf( + CHECK(isc_buffer_printf( buf, " Waiting for the DS to be " "published to the parent.\n")); if (checkds) { - RETERR(isc_buffer_printf( + CHECK(isc_buffer_printf( buf, " checkds is enabled, " "BIND will check the " "DS RRset " "periodically.\n")); } else { - RETERR(isc_buffer_printf( + CHECK(isc_buffer_printf( buf, " ! Once the DS is in " "the parent, run 'rndc " @@ -2748,7 +2742,7 @@ rollover_status(dns_dnsseckey_t *dkey, dns_kasp_t *kasp, dst_key_id(key))); } } else { - RETERR(isc_buffer_printf( + CHECK(isc_buffer_printf( buf, " Waiting TTL period for " "validators to pick up " "the new DS RRset.\n")); @@ -2758,7 +2752,7 @@ rollover_status(dns_dnsseckey_t *dkey, dns_kasp_t *kasp, active_state = DST_TIME_PUBLISH; retire_state = DST_TIME_DELETE; } else { - RETERR(isc_buffer_printf( + CHECK(isc_buffer_printf( buf, " WARNING: Key is in unexpected " "state, " "performing auto-healing.\n")); @@ -2766,7 +2760,7 @@ rollover_status(dns_dnsseckey_t *dkey, dns_kasp_t *kasp, } } else if (goal == HIDDEN) { if (dnskey == OMNIPRESENT && ds == OMNIPRESENT) { - RETERR(isc_buffer_printf( + CHECK(isc_buffer_printf( buf, " Key will be retired after the DS is " "withdrawn from the parent.\n")); @@ -2775,19 +2769,19 @@ rollover_status(dns_dnsseckey_t *dkey, dns_kasp_t *kasp, isc_result_t ret = dst_key_gettime( key, DST_TIME_DSDELETE, &dstime); if (ret != ISC_R_SUCCESS || dstime > now) { - RETERR(isc_buffer_printf( + CHECK(isc_buffer_printf( buf, " Waiting for the DS to be " "removed from the parent.\n")); if (checkds) { - RETERR(isc_buffer_printf( + CHECK(isc_buffer_printf( buf, " checkds is enabled, " "BIND will check the " "DS RRset " "periodically.\n")); } else { - RETERR(isc_buffer_printf( + CHECK(isc_buffer_printf( buf, " ! Once the DS is " "removed from the " @@ -2798,30 +2792,30 @@ rollover_status(dns_dnsseckey_t *dkey, dns_kasp_t *kasp, dst_key_id(key))); } } else { - RETERR(isc_buffer_printf( + CHECK(isc_buffer_printf( buf, " Waiting TTL period for " "validators to pick up " "the new DS RRset.\n")); } } else if (dnskey == OMNIPRESENT && ds == HIDDEN) { - RETERR(isc_buffer_printf( - buf, " Key is removed from chain of " - "trust.\n")); + CHECK(isc_buffer_printf(buf, " Key is removed " + "from chain of " + "trust.\n")); } else if (dnskey == UNRETENTIVE && ds == HIDDEN) { if (!zsk) { - RETERR(isc_buffer_printf( + CHECK(isc_buffer_printf( buf, " Key is removed from " "zone.\n")); } } else if (dnskey == HIDDEN && ds == HIDDEN) { if (!zsk) { - RETERR(isc_buffer_printf( + CHECK(isc_buffer_printf( buf, " Key is completely hidden " "(waiting to be purged).\n")); } } else { - RETERR(isc_buffer_printf( + CHECK(isc_buffer_printf( buf, " WARNING: Key is in unexpected " "state, " "performing auto-healing.\n")); @@ -2840,25 +2834,25 @@ rollover_status(dns_dnsseckey_t *dkey, dns_kasp_t *kasp, char timestr[26]; /* Minimal buf as per ctime_r() spec. */ if (now < retire_time) { - RETERR(isc_buffer_printf(buf, " Next rollover " - "scheduled on ")); + CHECK(isc_buffer_printf(buf, " Next rollover " + "scheduled on ")); retire_time = keymgr_prepublication_time( dkey, kasp, retire_time - active_time, now); } else { - RETERR(isc_buffer_printf(buf, " Rollover is " - "due since ")); + CHECK(isc_buffer_printf(buf, " Rollover is " + "due since ")); } isc_stdtime_tostring(retire_time, timestr, sizeof(timestr)); - RETERR(isc_buffer_printf(buf, "%s\n", timestr)); + CHECK(isc_buffer_printf(buf, "%s\n", timestr)); } else { - RETERR(isc_buffer_printf(buf, - " No rollover scheduled.\n")); + CHECK(isc_buffer_printf(buf, + " No rollover scheduled.\n")); } } -failure: +cleanup: return result; } @@ -2886,36 +2880,36 @@ dns_keymgr_status(dns_kasp_t *kasp, dns_dnsseckeylist_t *keyring, // key data dns_secalg_format((dns_secalg_t)dst_key_alg(dkey->key), algstr, sizeof(algstr)); - RETERR(isc_buffer_printf(buf, "\n%s %d (%s):\n", - keymgr_keyrole(dkey->key), - dst_key_id(dkey->key), algstr)); + CHECK(isc_buffer_printf(buf, "\n%s %d (%s):\n", + keymgr_keyrole(dkey->key), + dst_key_id(dkey->key), algstr)); // rollover status - RETERR(rollover_status(dkey, kasp, keyring, now, buf, &verbose, - checkds)); + CHECK(rollover_status(dkey, kasp, keyring, now, buf, &verbose, + checkds)); if (verbose) { // key states - RETERR(isc_buffer_printf(buf, " Key states:\n")); + CHECK(isc_buffer_printf(buf, " Key states:\n")); - RETERR(keystate_status( + CHECK(keystate_status( dkey->key, buf, "goal: ", DST_KEY_GOAL)); - RETERR(keystate_status( + CHECK(keystate_status( dkey->key, buf, "dnskey: ", DST_KEY_DNSKEY)); - RETERR(keystate_status(dkey->key, buf, - "ds: ", DST_KEY_DS)); - RETERR(keystate_status( + CHECK(keystate_status(dkey->key, buf, + "ds: ", DST_KEY_DS)); + CHECK(keystate_status( dkey->key, buf, "zone rrsig: ", DST_KEY_ZRRSIG)); - RETERR(keystate_status( + CHECK(keystate_status( dkey->key, buf, "key rrsig: ", DST_KEY_KRRSIG)); } } -failure: +cleanup: return result; } @@ -3024,15 +3018,13 @@ dns_keymgr_offline(const dns_name_t *origin, dns_dnsseckeylist_t *keyring, dns_keymgr_key_init(dkey, kasp, now, false); /* Get current metadata */ - RETERR(dst_key_getstate(dkey->key, DST_KEY_DNSKEY, - ¤t_dnskey)); - RETERR(dst_key_getstate(dkey->key, DST_KEY_ZRRSIG, - ¤t_zrrsig)); - RETERR(dst_key_getstate(dkey->key, DST_KEY_GOAL, - ¤t_goal)); - RETERR(dst_key_gettime(dkey->key, DST_TIME_PUBLISH, - &published)); - RETERR(dst_key_gettime(dkey->key, DST_TIME_ACTIVATE, &active)); + CHECK(dst_key_getstate(dkey->key, DST_KEY_DNSKEY, + ¤t_dnskey)); + CHECK(dst_key_getstate(dkey->key, DST_KEY_ZRRSIG, + ¤t_zrrsig)); + CHECK(dst_key_getstate(dkey->key, DST_KEY_GOAL, ¤t_goal)); + CHECK(dst_key_gettime(dkey->key, DST_TIME_PUBLISH, &published)); + CHECK(dst_key_gettime(dkey->key, DST_TIME_ACTIVATE, &active)); (void)dst_key_gettime(dkey->key, DST_TIME_INACTIVE, &inactive); (void)dst_key_gettime(dkey->key, DST_TIME_DELETE, &remove); @@ -3136,7 +3128,7 @@ dns_keymgr_offline(const dns_name_t *origin, dns_dnsseckeylist_t *keyring, dns_dnssec_get_hints(dkey, now); - RETERR(dst_key_tofile(dkey->key, options, directory)); + CHECK(dst_key_tofile(dkey->key, options, directory)); dst_key_setmodified(dkey->key, false); if (!isc_log_wouldlog(ISC_LOG_DEBUG(3))) { @@ -3155,7 +3147,7 @@ dns_keymgr_offline(const dns_name_t *origin, dns_dnsseckeylist_t *keyring, result = ISC_R_SUCCESS; -failure: +cleanup: if (isc_log_wouldlog(ISC_LOG_DEBUG(3))) { char namebuf[DNS_NAME_FORMATSIZE]; dns_name_format(origin, namebuf, sizeof(namebuf)); diff --git a/lib/dns/masterdump.c b/lib/dns/masterdump.c index 0ce0a8b936e..e86f76396d2 100644 --- a/lib/dns/masterdump.c +++ b/lib/dns/masterdump.c @@ -50,19 +50,6 @@ #define DNS_DCTX_MAGIC ISC_MAGIC('D', 'c', 't', 'x') #define DNS_DCTX_VALID(d) ISC_MAGIC_VALID(d, DNS_DCTX_MAGIC) -#define RETERR(x) \ - do { \ - isc_result_t _r = (x); \ - if (_r != ISC_R_SUCCESS) \ - return ((_r)); \ - } while (0) - -#define CHECK(x) \ - do { \ - if ((x) != ISC_R_SUCCESS) \ - goto cleanup; \ - } while (0) - struct dns_master_style { dns_masterstyle_flags_t flags; /* DNS_STYLEFLAG_* */ unsigned int ttl_column; diff --git a/lib/dns/nsec3.c b/lib/dns/nsec3.c index 48a3aede03d..164b5f69005 100644 --- a/lib/dns/nsec3.c +++ b/lib/dns/nsec3.c @@ -41,13 +41,6 @@ #include -#define CHECK(x) \ - do { \ - result = (x); \ - if (result != ISC_R_SUCCESS) \ - goto failure; \ - } while (0) - #define OPTOUT(x) (((x) & DNS_NSEC3FLAG_OPTOUT) != 0) #define CREATE(x) (((x) & DNS_NSEC3FLAG_CREATE) != 0) #define INITIAL(x) (((x) & DNS_NSEC3FLAG_INITIAL) != 0) @@ -434,15 +427,12 @@ delnsec3(dns_db_t *db, dns_dbversion_t *version, const dns_name_t *name, dns_difftuple_create(diff->mctx, DNS_DIFFOP_DEL, name, rdataset.ttl, &rdata, &tuple); - result = do_one_tuple(&tuple, db, version, diff); - if (result != ISC_R_SUCCESS) { - goto failure; - } + CHECK(do_one_tuple(&tuple, db, version, diff)); } result = ISC_R_SUCCESS; -failure: +cleanup: dns_rdataset_disassociate(&rdataset); cleanup_node: dns_db_detachnode(&node); @@ -615,7 +605,7 @@ dns_nsec3_addnsec3(dns_db_t *db, dns_dbversion_t *version, } else if (CREATE(nsec3param->flags) && OPTOUT(flags)) { result = dns_nsec3_delnsec3(db, version, name, nsec3param, diff); - goto failure; + goto cleanup; } else { maybe_remove_unsecure = true; } @@ -660,7 +650,7 @@ dns_nsec3_addnsec3(dns_db_t *db, dns_dbversion_t *version, if (OPTOUT(nsec3.flags)) { result = dns_nsec3_delnsec3(db, version, name, nsec3param, diff); - goto failure; + goto cleanup; } goto addnsec3; } else { @@ -670,7 +660,7 @@ dns_nsec3_addnsec3(dns_db_t *db, dns_dbversion_t *version, */ if (OPTOUT(nsec3.flags) && unsecure) { dns_rdataset_disassociate(&rdataset); - goto failure; + goto cleanup; } } @@ -859,7 +849,7 @@ addnsec3: /* result cannot be ISC_R_NOMORE here */ INSIST(result != ISC_R_NOMORE); -failure: +cleanup: if (dbit != NULL) { dns_dbiterator_destroy(&dbit); } @@ -928,7 +918,7 @@ dns_nsec3_addnsec3s(dns_db_t *db, dns_dbversion_t *version, nsecttl, unsecure, diff)); } -failure: +cleanup: if (dns_rdataset_isassociated(&rdataset)) { dns_rdataset_disassociate(&rdataset); } @@ -1001,7 +991,7 @@ rr_exists(dns_db_t *db, dns_dbversion_t *ver, const dns_name_t *name, if (result == ISC_R_NOTFOUND) { *flag = false; result = ISC_R_SUCCESS; - goto failure; + goto cleanup; } bool matched = false; @@ -1016,7 +1006,7 @@ rr_exists(dns_db_t *db, dns_dbversion_t *ver, const dns_name_t *name, dns_rdataset_disassociate(&rdataset); *flag = matched; -failure: +cleanup: if (node != NULL) { dns_db_detachnode(&node); } @@ -1087,9 +1077,7 @@ dns_nsec3param_deletechains(dns_db_t *db, dns_dbversion_t *ver, if (result == ISC_R_NOTFOUND) { goto try_private; } - if (result != ISC_R_SUCCESS) { - goto failure; - } + CHECK(result); DNS_RDATASET_FOREACH(&rdataset) { dns_rdata_t rdata = DNS_RDATA_INIT; @@ -1117,16 +1105,16 @@ dns_nsec3param_deletechains(dns_db_t *db, dns_dbversion_t *ver, try_private: if (privatetype == 0) { - goto success; + result = ISC_R_SUCCESS; + goto cleanup; } result = dns_db_findrdataset(db, node, ver, privatetype, 0, (isc_stdtime_t)0, &rdataset, NULL); if (result == ISC_R_NOTFOUND) { - goto success; - } - if (result != ISC_R_SUCCESS) { - goto failure; + result = ISC_R_SUCCESS; + goto cleanup; } + CHECK(result); DNS_RDATASET_FOREACH(&rdataset) { dns_rdata_t rdata = DNS_RDATA_INIT; @@ -1166,10 +1154,9 @@ try_private: } } -success: result = ISC_R_SUCCESS; -failure: +cleanup: if (dns_rdataset_isassociated(&rdataset)) { dns_rdataset_disassociate(&rdataset); } @@ -1201,7 +1188,7 @@ dns_nsec3_addnsec3sx(dns_db_t *db, dns_dbversion_t *version, result = dns_db_findrdataset(db, node, version, type, 0, 0, &prdataset, NULL); if (result != ISC_R_SUCCESS && result != ISC_R_NOTFOUND) { - goto failure; + CHECK(result); } result = dns_db_findrdataset(db, node, version, @@ -1210,9 +1197,7 @@ dns_nsec3_addnsec3sx(dns_db_t *db, dns_dbversion_t *version, if (result == ISC_R_NOTFOUND) { goto try_private; } - if (result != ISC_R_SUCCESS) { - goto failure; - } + CHECK(result); /* * Update each active NSEC3 chain. @@ -1238,8 +1223,10 @@ dns_nsec3_addnsec3sx(dns_db_t *db, dns_dbversion_t *version, try_private: if (!dns_rdataset_isassociated(&prdataset)) { - goto success; + result = ISC_R_SUCCESS; + goto cleanup; } + /* * Update each active NSEC3 chain. */ @@ -1270,9 +1257,9 @@ try_private: nsecttl, unsecure, diff)); } -success: result = ISC_R_SUCCESS; -failure: + +cleanup: if (dns_rdataset_isassociated(&rdataset)) { dns_rdataset_disassociate(&rdataset); } @@ -1380,9 +1367,7 @@ dns_nsec3_delnsec3(dns_db_t *db, dns_dbversion_t *version, if (result == ISC_R_NOTFOUND || result == DNS_R_PARTIALMATCH) { goto cleanup_orphaned_ents; } - if (result != ISC_R_SUCCESS) { - goto failure; - } + CHECK(result); CHECK(dns_dbiterator_current(dbit, &node, NULL)); CHECK(dns_dbiterator_pause(dbit)); @@ -1392,9 +1377,7 @@ dns_nsec3_delnsec3(dns_db_t *db, dns_dbversion_t *version, if (result == ISC_R_NOTFOUND) { goto cleanup_orphaned_ents; } - if (result != ISC_R_SUCCESS) { - goto failure; - } + CHECK(result); /* * If we find a existing NSEC3 for this chain then save the @@ -1408,7 +1391,8 @@ dns_nsec3_delnsec3(dns_db_t *db, dns_dbversion_t *version, } dns_rdataset_disassociate(&rdataset); if (result == ISC_R_NOTFOUND) { - goto success; + result = ISC_R_SUCCESS; + goto cleanup; } /* @@ -1488,11 +1472,10 @@ cleanup_orphaned_ents: salt_length)); result = dns_dbiterator_seek(dbit, hashname); if (result == ISC_R_NOTFOUND || result == DNS_R_PARTIALMATCH) { - goto success; - } - if (result != ISC_R_SUCCESS) { - goto failure; + result = ISC_R_SUCCESS; + goto cleanup; } + CHECK(result); CHECK(dns_dbiterator_current(dbit, &node, NULL)); CHECK(dns_dbiterator_pause(dbit)); @@ -1501,11 +1484,10 @@ cleanup_orphaned_ents: (isc_stdtime_t)0, &rdataset, NULL); dns_db_detachnode(&node); if (result == ISC_R_NOTFOUND) { - goto success; - } - if (result != ISC_R_SUCCESS) { - goto failure; + result = ISC_R_SUCCESS; + goto cleanup; } + CHECK(result); result = find_nsec3(&nsec3, &rdataset, nsec3param); if (result == ISC_R_SUCCESS) { @@ -1515,7 +1497,8 @@ cleanup_orphaned_ents: } dns_rdataset_disassociate(&rdataset); if (result == ISC_R_NOTFOUND) { - goto success; + result = ISC_R_SUCCESS; + goto cleanup; } pass = 0; @@ -1570,10 +1553,9 @@ cleanup_orphaned_ents: CHECK(delnsec3(db, version, hashname, nsec3param, diff)); } while (1); -success: result = ISC_R_SUCCESS; -failure: +cleanup: if (dbit != NULL) { dns_dbiterator_destroy(&dbit); } @@ -1617,9 +1599,7 @@ dns_nsec3_delnsec3sx(dns_db_t *db, dns_dbversion_t *version, if (result == ISC_R_NOTFOUND) { goto try_private; } - if (result != ISC_R_SUCCESS) { - goto failure; - } + CHECK(result); /* * Update each active NSEC3 chain. @@ -1642,16 +1622,16 @@ dns_nsec3_delnsec3sx(dns_db_t *db, dns_dbversion_t *version, try_private: if (privatetype == 0) { - goto success; + result = ISC_R_SUCCESS; + goto cleanup; } result = dns_db_findrdataset(db, node, version, privatetype, 0, 0, &rdataset, NULL); if (result == ISC_R_NOTFOUND) { - goto success; - } - if (result != ISC_R_SUCCESS) { - goto failure; + result = ISC_R_SUCCESS; + goto cleanup; } + CHECK(result); /* * Update each NSEC3 chain being built. @@ -1682,9 +1662,9 @@ try_private: CHECK(dns_nsec3_delnsec3(db, version, name, &nsec3param, diff)); } -success: result = ISC_R_SUCCESS; -failure: + +cleanup: if (dns_rdataset_isassociated(&rdataset)) { dns_rdataset_disassociate(&rdataset); } diff --git a/lib/dns/openssl_link.c b/lib/dns/openssl_link.c index 9f06b54553c..28ef55df604 100644 --- a/lib/dns/openssl_link.c +++ b/lib/dns/openssl_link.c @@ -46,10 +46,10 @@ #include "openssl_shim.h" -#define DST_RET(a) \ - { \ - ret = a; \ - goto err; \ +#define DST_RET(a) \ + { \ + result = a; \ + goto cleanup; \ } static isc_result_t @@ -57,7 +57,7 @@ dst__openssl_fromlabel_provider(int key_base_id, const char *label, const char *pin, EVP_PKEY **ppub, EVP_PKEY **ppriv) { #if OPENSSL_VERSION_NUMBER >= 0x30000000L - isc_result_t ret = DST_R_OPENSSLFAILURE; + isc_result_t result = DST_R_OPENSSLFAILURE; OSSL_STORE_CTX *ctx = NULL; UNUSED(pin); @@ -99,11 +99,11 @@ dst__openssl_fromlabel_provider(int key_base_id, const char *label, OSSL_STORE_INFO_free(info); } if (*ppriv != NULL && *ppub != NULL) { - ret = ISC_R_SUCCESS; + result = ISC_R_SUCCESS; } -err: +cleanup: OSSL_STORE_close(ctx); - return ret; + return result; #else UNUSED(key_base_id); UNUSED(label); diff --git a/lib/dns/opensslecdsa_link.c b/lib/dns/opensslecdsa_link.c index c95050020b8..b2f2f2ea7cc 100644 --- a/lib/dns/opensslecdsa_link.c +++ b/lib/dns/opensslecdsa_link.c @@ -50,10 +50,10 @@ #define MAX_PRIVKEY_SIZE (MAX_PUBKEY_SIZE / 2) -#define DST_RET(a) \ - { \ - ret = a; \ - goto err; \ +#define DST_RET(a) \ + { \ + result = a; \ + goto cleanup; \ } #if OPENSSL_VERSION_NUMBER >= 0x30200000L @@ -170,7 +170,7 @@ static isc_result_t opensslecdsa_create_pkey_params(unsigned int key_alg, bool private, const unsigned char *key, size_t key_len, EVP_PKEY **pkey) { - isc_result_t ret; + isc_result_t result; int status; int group_nid = opensslecdsa_key_alg_to_group_nid(key_alg); const char *groupname = opensslecdsa_key_alg_to_group_name(key_alg); @@ -269,9 +269,9 @@ opensslecdsa_create_pkey_params(unsigned int key_alg, bool private, DST_R_OPENSSLFAILURE)); } - ret = ISC_R_SUCCESS; + result = ISC_R_SUCCESS; -err: +cleanup: OSSL_PARAM_free(params); OSSL_PARAM_BLD_free(bld); EVP_PKEY_CTX_free(ctx); @@ -279,7 +279,7 @@ err: EC_POINT_free(pubkey); EC_GROUP_free(group); - return ret; + return result; } static bool @@ -310,7 +310,7 @@ static isc_result_t opensslecdsa_create_pkey_legacy(unsigned int key_alg, bool private, const unsigned char *key, size_t key_len, EVP_PKEY **retkey) { - isc_result_t ret = ISC_R_SUCCESS; + isc_result_t result = ISC_R_SUCCESS; EC_KEY *eckey = NULL; EVP_PKEY *pkey = NULL; BIGNUM *privkey = NULL; @@ -365,12 +365,12 @@ opensslecdsa_create_pkey_legacy(unsigned int key_alg, bool private, *retkey = pkey; pkey = NULL; -err: +cleanup: BN_clear_free(privkey); EC_POINT_free(pubkey); EC_KEY_free(eckey); EVP_PKEY_free(pkey); - return ret; + return result; } static bool @@ -419,18 +419,18 @@ static isc_result_t opensslecdsa_create_pkey(unsigned int key_alg, bool private, const unsigned char *key, size_t key_len, EVP_PKEY **retkey) { - isc_result_t ret; + isc_result_t result; #if OPENSSL_VERSION_NUMBER >= 0x30000000L - ret = opensslecdsa_create_pkey_params(key_alg, private, key, key_len, - retkey); - if (ret != ISC_R_FAILURE) { - return ret; + result = opensslecdsa_create_pkey_params(key_alg, private, key, key_len, + retkey); + if (result != ISC_R_FAILURE) { + return result; } #else - ret = opensslecdsa_create_pkey_legacy(key_alg, private, key, key_len, - retkey); - if (ret == ISC_R_SUCCESS) { - return ret; + result = opensslecdsa_create_pkey_legacy(key_alg, private, key, key_len, + retkey); + if (result == ISC_R_SUCCESS) { + return result; } #endif return DST_R_OPENSSLFAILURE; @@ -442,7 +442,7 @@ static isc_result_t opensslecdsa_generate_pkey_with_uri(int group_nid, const char *label, EVP_PKEY **retkey) { int status; - isc_result_t ret; + isc_result_t result; char *uri = UNCONST(label); EVP_PKEY_CTX *ctx = NULL; OSSL_PARAM params[3]; @@ -490,17 +490,17 @@ opensslecdsa_generate_pkey_with_uri(int group_nid, const char *label, DST_R_OPENSSLFAILURE)); } - ret = ISC_R_SUCCESS; + result = ISC_R_SUCCESS; -err: +cleanup: EVP_PKEY_CTX_free(ctx); - return ret; + return result; } static isc_result_t opensslecdsa_generate_pkey(unsigned int key_alg, const char *label, EVP_PKEY **retkey) { - isc_result_t ret; + isc_result_t result; EVP_PKEY_CTX *ctx = NULL; EVP_PKEY *params_pkey = NULL; int group_nid = opensslecdsa_key_alg_to_group_nid(key_alg); @@ -552,12 +552,12 @@ opensslecdsa_generate_pkey(unsigned int key_alg, const char *label, DST_RET(dst__openssl_toresult2("EVP_PKEY_keygen", DST_R_OPENSSLFAILURE)); } - ret = ISC_R_SUCCESS; + result = ISC_R_SUCCESS; -err: +cleanup: EVP_PKEY_free(params_pkey); EVP_PKEY_CTX_free(ctx); - return ret; + return result; } static isc_result_t @@ -594,7 +594,7 @@ opensslecdsa_extract_private_key(const dst_key_t *key, unsigned char *buf, static isc_result_t opensslecdsa_generate_pkey(unsigned int key_alg, const char *label, EVP_PKEY **retkey) { - isc_result_t ret; + isc_result_t result; EC_KEY *eckey = NULL; EVP_PKEY *pkey = NULL; int group_nid; @@ -624,12 +624,12 @@ opensslecdsa_generate_pkey(unsigned int key_alg, const char *label, } *retkey = pkey; pkey = NULL; - ret = ISC_R_SUCCESS; + result = ISC_R_SUCCESS; -err: +cleanup: EC_KEY_free(eckey); EVP_PKEY_free(pkey); - return ret; + return result; } static isc_result_t @@ -676,7 +676,7 @@ opensslecdsa_extract_private_key(const dst_key_t *key, unsigned char *buf, static isc_result_t opensslecdsa_createctx(dst_key_t *key, dst_context_t *dctx) { - isc_result_t ret = ISC_R_SUCCESS; + isc_result_t result = ISC_R_SUCCESS; EVP_MD_CTX *evp_md_ctx; EVP_PKEY_CTX *pctx = NULL; const EVP_MD *type = NULL; @@ -707,11 +707,8 @@ opensslecdsa_createctx(dst_key_t *key, dst_context_t *dctx) { #if OPENSSL_VERSION_NUMBER >= 0x30200000L if (!isc_crypto_fips_mode()) { - ret = opensslecdsa_set_deterministic( - pctx, dctx->key->key_alg); - if (ret != ISC_R_SUCCESS) { - goto err; - } + CHECK(opensslecdsa_set_deterministic( + pctx, dctx->key->key_alg)); } #endif /* OPENSSL_VERSION_NUMBER >= 0x30200000L */ @@ -728,8 +725,8 @@ opensslecdsa_createctx(dst_key_t *key, dst_context_t *dctx) { dctx->ctxdata.evp_md_ctx = evp_md_ctx; -err: - return ret; +cleanup: + return result; } static void @@ -747,7 +744,7 @@ opensslecdsa_destroyctx(dst_context_t *dctx) { static isc_result_t opensslecdsa_adddata(dst_context_t *dctx, const isc_region_t *data) { - isc_result_t ret = ISC_R_SUCCESS; + isc_result_t result = ISC_R_SUCCESS; EVP_MD_CTX *evp_md_ctx = dctx->ctxdata.evp_md_ctx; REQUIRE(opensslecdsa_valid_key_alg(dctx->key->key_alg)); @@ -771,13 +768,13 @@ opensslecdsa_adddata(dst_context_t *dctx, const isc_region_t *data) { } } -err: - return ret; +cleanup: + return result; } static isc_result_t opensslecdsa_sign(dst_context_t *dctx, isc_buffer_t *sig) { - isc_result_t ret; + isc_result_t result; dst_key_t *key = dctx->key; isc_region_t region; EVP_MD_CTX *evp_md_ctx = dctx->ctxdata.evp_md_ctx; @@ -827,19 +824,19 @@ opensslecdsa_sign(dst_context_t *dctx, isc_buffer_t *sig) { isc_region_consume(®ion, siglen / 2); ECDSA_SIG_free(ecdsasig); isc_buffer_add(sig, siglen); - ret = ISC_R_SUCCESS; + result = ISC_R_SUCCESS; -err: +cleanup: if (sigder != NULL && sigder_alloced != 0) { isc_mem_put(dctx->mctx, sigder, sigder_alloced); } - return ret; + return result; } static isc_result_t opensslecdsa_verify(dst_context_t *dctx, const isc_region_t *sig) { - isc_result_t ret; + isc_result_t result; dst_key_t *key = dctx->key; int status; unsigned char *cp = sig->base; @@ -894,19 +891,19 @@ opensslecdsa_verify(dst_context_t *dctx, const isc_region_t *sig) { switch (status) { case 1: - ret = ISC_R_SUCCESS; + result = ISC_R_SUCCESS; break; case 0: - ret = dst__openssl_toresult(DST_R_VERIFYFAILURE); + result = dst__openssl_toresult(DST_R_VERIFYFAILURE); break; default: - ret = dst__openssl_toresult3(dctx->category, - "EVP_DigestVerifyFinal", - DST_R_VERIFYFAILURE); + result = dst__openssl_toresult3(dctx->category, + "EVP_DigestVerifyFinal", + DST_R_VERIFYFAILURE); break; } -err: +cleanup: if (ecdsasig != NULL) { ECDSA_SIG_free(ecdsasig); } @@ -914,7 +911,7 @@ err: isc_mem_put(dctx->mctx, sigder, sigder_alloced); } - return ret; + return result; } static isc_result_t @@ -939,7 +936,7 @@ opensslecdsa_generate(dst_key_t *key, int unused, void (*callback)(int)) { static isc_result_t opensslecdsa_todns(const dst_key_t *key, isc_buffer_t *data) { - isc_result_t ret; + isc_result_t result; isc_region_t r; size_t keysize; @@ -956,15 +953,15 @@ opensslecdsa_todns(const dst_key_t *key, isc_buffer_t *data) { } isc_buffer_add(data, keysize); - ret = ISC_R_SUCCESS; + result = ISC_R_SUCCESS; -err: - return ret; +cleanup: + return result; } static isc_result_t opensslecdsa_fromdns(dst_key_t *key, isc_buffer_t *data) { - isc_result_t ret; + isc_result_t result; EVP_PKEY *pkey = NULL; isc_region_t r; size_t len; @@ -980,23 +977,21 @@ opensslecdsa_fromdns(dst_key_t *key, isc_buffer_t *data) { DST_RET(DST_R_INVALIDPUBLICKEY); } - ret = opensslecdsa_create_pkey(key->key_alg, false, r.base, len, &pkey); - if (ret != ISC_R_SUCCESS) { - DST_RET(ret); - } + CHECK(opensslecdsa_create_pkey(key->key_alg, false, r.base, len, + &pkey)); isc_buffer_forward(data, len); key->key_size = EVP_PKEY_bits(pkey); key->keydata.pkeypair.pub = pkey; - ret = ISC_R_SUCCESS; + result = ISC_R_SUCCESS; -err: - return ret; +cleanup: + return result; } static isc_result_t opensslecdsa_tofile(const dst_key_t *key, const char *directory) { - isc_result_t ret; + isc_result_t result; dst_private_t priv; unsigned char buf[MAX_PRIVKEY_SIZE]; size_t keylen = 0; @@ -1035,11 +1030,11 @@ opensslecdsa_tofile(const dst_key_t *key, const char *directory) { } priv.nelements = i; - ret = dst__privstruct_writefile(key, &priv, directory); + result = dst__privstruct_writefile(key, &priv, directory); -err: +cleanup: isc_safe_memwipe(buf, keylen); - return ret; + return result; } static isc_result_t @@ -1048,7 +1043,7 @@ opensslecdsa_fromlabel(dst_key_t *key, const char *label, const char *pin); static isc_result_t opensslecdsa_parse(dst_key_t *key, isc_lex_t *lexer, dst_key_t *pub) { dst_private_t priv; - isc_result_t ret; + isc_result_t result; EVP_PKEY *pkey = NULL; const char *label = NULL; int i, privkey_index = -1; @@ -1056,11 +1051,8 @@ opensslecdsa_parse(dst_key_t *key, isc_lex_t *lexer, dst_key_t *pub) { REQUIRE(opensslecdsa_valid_key_alg(key->key_alg)); /* read private key file */ - ret = dst__privstruct_parse(key, DST_ALG_ECDSA256, lexer, key->mctx, - &priv); - if (ret != ISC_R_SUCCESS) { - goto err; - } + CHECK(dst__privstruct_parse(key, DST_ALG_ECDSA256, lexer, key->mctx, + &priv)); if (key->external) { if (priv.nelements != 0 || pub == NULL) { @@ -1090,10 +1082,7 @@ opensslecdsa_parse(dst_key_t *key, isc_lex_t *lexer, dst_key_t *pub) { } if (label != NULL) { - ret = opensslecdsa_fromlabel(key, label, NULL); - if (ret != ISC_R_SUCCESS) { - goto err; - } + CHECK(opensslecdsa_fromlabel(key, label, NULL)); /* Check that the public component matches if given */ if (pub != NULL && EVP_PKEY_eq(key->keydata.pkeypair.pub, pub->keydata.pkeypair.pub) != 1) @@ -1107,12 +1096,9 @@ opensslecdsa_parse(dst_key_t *key, isc_lex_t *lexer, dst_key_t *pub) { DST_RET(dst__openssl_toresult(DST_R_INVALIDPRIVATEKEY)); } - ret = opensslecdsa_create_pkey( + CHECK(opensslecdsa_create_pkey( key->key_alg, true, priv.elements[privkey_index].data, - priv.elements[privkey_index].length, &pkey); - if (ret != ISC_R_SUCCESS) { - goto err; - } + priv.elements[privkey_index].length, &pkey)); /* Check that the public component matches if given */ if (pub != NULL && EVP_PKEY_eq(pkey, pub->keydata.pkeypair.pub) != 1) { @@ -1124,39 +1110,30 @@ opensslecdsa_parse(dst_key_t *key, isc_lex_t *lexer, dst_key_t *pub) { key->keydata.pkeypair.pub = pkey; pkey = NULL; -err: +cleanup: EVP_PKEY_free(pkey); - if (ret != ISC_R_SUCCESS) { + if (result != ISC_R_SUCCESS) { key->keydata.generic = NULL; } dst__privstruct_free(&priv, key->mctx); isc_safe_memwipe(&priv, sizeof(priv)); - return ret; + return result; } static isc_result_t opensslecdsa_fromlabel(dst_key_t *key, const char *label, const char *pin) { EVP_PKEY *privpkey = NULL, *pubpkey = NULL; - isc_result_t ret; + isc_result_t result; REQUIRE(opensslecdsa_valid_key_alg(key->key_alg)); UNUSED(pin); - ret = dst__openssl_fromlabel(EVP_PKEY_EC, label, pin, &pubpkey, - &privpkey); - if (ret != ISC_R_SUCCESS) { - goto err; - } + CHECK(dst__openssl_fromlabel(EVP_PKEY_EC, label, pin, &pubpkey, + &privpkey)); - ret = opensslecdsa_validate_pkey_group(key->key_alg, privpkey); - if (ret != ISC_R_SUCCESS) { - goto err; - } - ret = opensslecdsa_validate_pkey_group(key->key_alg, pubpkey); - if (ret != ISC_R_SUCCESS) { - goto err; - } + CHECK(opensslecdsa_validate_pkey_group(key->key_alg, privpkey)); + CHECK(opensslecdsa_validate_pkey_group(key->key_alg, pubpkey)); key->label = isc_mem_strdup(key->mctx, label); key->key_size = EVP_PKEY_bits(privpkey); @@ -1165,10 +1142,10 @@ opensslecdsa_fromlabel(dst_key_t *key, const char *label, const char *pin) { privpkey = NULL; pubpkey = NULL; -err: +cleanup: EVP_PKEY_free(privpkey); EVP_PKEY_free(pubpkey); - return ret; + return result; } static dst_func_t opensslecdsa_functions = { diff --git a/lib/dns/openssleddsa_link.c b/lib/dns/openssleddsa_link.c index fd383f688b6..ea164be6f96 100644 --- a/lib/dns/openssleddsa_link.c +++ b/lib/dns/openssleddsa_link.c @@ -33,10 +33,10 @@ #include "dst_parse.h" #include "openssl_shim.h" -#define DST_RET(a) \ - { \ - ret = a; \ - goto err; \ +#define DST_RET(a) \ + { \ + result = a; \ + goto cleanup; \ } #ifndef NID_ED25519 @@ -82,13 +82,13 @@ openssleddsa_alg_info(unsigned int key_alg) { static isc_result_t raw_key_to_ossl(const eddsa_alginfo_t *alginfo, int private, const unsigned char *key, size_t *key_len, EVP_PKEY **pkey) { - isc_result_t ret; + isc_result_t result; int pkey_type = alginfo->pkey_type; size_t len = alginfo->key_size; - ret = (private ? DST_R_INVALIDPRIVATEKEY : DST_R_INVALIDPUBLICKEY); + result = (private ? DST_R_INVALIDPRIVATEKEY : DST_R_INVALIDPUBLICKEY); if (*key_len < len) { - return ret; + return result; } if (private) { @@ -97,7 +97,7 @@ raw_key_to_ossl(const eddsa_alginfo_t *alginfo, int private, *pkey = EVP_PKEY_new_raw_public_key(pkey_type, NULL, key, len); } if (*pkey == NULL) { - return dst__openssl_toresult(ret); + return dst__openssl_toresult(result); } *key_len = len; @@ -165,7 +165,7 @@ openssleddsa_adddata(dst_context_t *dctx, const isc_region_t *data) { static isc_result_t openssleddsa_sign(dst_context_t *dctx, isc_buffer_t *sig) { - isc_result_t ret; + isc_result_t result; dst_key_t *key = dctx->key; isc_region_t tbsreg; isc_region_t sigreg; @@ -200,19 +200,19 @@ openssleddsa_sign(dst_context_t *dctx, isc_buffer_t *sig) { DST_R_SIGNFAILURE)); } isc_buffer_add(sig, (unsigned int)siglen); - ret = ISC_R_SUCCESS; + result = ISC_R_SUCCESS; -err: +cleanup: EVP_MD_CTX_free(ctx); isc_buffer_free(&buf); dctx->ctxdata.generic = NULL; - return ret; + return result; } static isc_result_t openssleddsa_verify(dst_context_t *dctx, const isc_region_t *sig) { - isc_result_t ret; + isc_result_t result; dst_key_t *key = dctx->key; int status; isc_region_t tbsreg; @@ -243,28 +243,29 @@ openssleddsa_verify(dst_context_t *dctx, const isc_region_t *sig) { switch (status) { case 1: - ret = ISC_R_SUCCESS; + result = ISC_R_SUCCESS; break; case 0: - ret = dst__openssl_toresult(DST_R_VERIFYFAILURE); + result = dst__openssl_toresult(DST_R_VERIFYFAILURE); break; default: - ret = dst__openssl_toresult3(dctx->category, "EVP_DigestVerify", - DST_R_VERIFYFAILURE); + result = dst__openssl_toresult3(dctx->category, + "EVP_DigestVerify", + DST_R_VERIFYFAILURE); break; } -err: +cleanup: EVP_MD_CTX_free(ctx); isc_buffer_free(&buf); dctx->ctxdata.generic = NULL; - return ret; + return result; } static isc_result_t openssleddsa_generate(dst_key_t *key, int unused, void (*callback)(int)) { - isc_result_t ret; + isc_result_t result; EVP_PKEY *pkey = NULL; EVP_PKEY_CTX *ctx = NULL; const eddsa_alginfo_t *alginfo = openssleddsa_alg_info(key->key_alg); @@ -295,11 +296,11 @@ openssleddsa_generate(dst_key_t *key, int unused, void (*callback)(int)) { key->key_size = alginfo->key_size * 8; key->keydata.pkeypair.priv = pkey; key->keydata.pkeypair.pub = pkey; - ret = ISC_R_SUCCESS; + result = ISC_R_SUCCESS; -err: +cleanup: EVP_PKEY_CTX_free(ctx); - return ret; + return result; } static isc_result_t @@ -356,7 +357,7 @@ openssleddsa_fromdns(dst_key_t *key, isc_buffer_t *data) { static isc_result_t openssleddsa_tofile(const dst_key_t *key, const char *directory) { const eddsa_alginfo_t *alginfo = openssleddsa_alg_info(key->key_alg); - isc_result_t ret; + isc_result_t result; dst_private_t priv; unsigned char *buf = NULL; size_t len; @@ -397,20 +398,20 @@ openssleddsa_tofile(const dst_key_t *key, const char *directory) { } priv.nelements = i; - ret = dst__privstruct_writefile(key, &priv, directory); + result = dst__privstruct_writefile(key, &priv, directory); -err: +cleanup: if (buf != NULL) { isc_mem_put(key->mctx, buf, len); } - return ret; + return result; } static isc_result_t openssleddsa_parse(dst_key_t *key, isc_lex_t *lexer, dst_key_t *pub) { const eddsa_alginfo_t *alginfo = openssleddsa_alg_info(key->key_alg); dst_private_t priv; - isc_result_t ret; + isc_result_t result; int i, privkey_index = -1; const char *label = NULL; EVP_PKEY *pkey = NULL; @@ -420,10 +421,7 @@ openssleddsa_parse(dst_key_t *key, isc_lex_t *lexer, dst_key_t *pub) { REQUIRE(alginfo != NULL); /* read private key file */ - ret = dst__privstruct_parse(key, DST_ALG_ED25519, lexer, mctx, &priv); - if (ret != ISC_R_SUCCESS) { - goto err; - } + CHECK(dst__privstruct_parse(key, DST_ALG_ED25519, lexer, mctx, &priv)); if (key->external) { if (priv.nelements != 0) { @@ -456,10 +454,7 @@ openssleddsa_parse(dst_key_t *key, isc_lex_t *lexer, dst_key_t *pub) { } if (label != NULL) { - ret = openssleddsa_fromlabel(key, label, NULL); - if (ret != ISC_R_SUCCESS) { - goto err; - } + CHECK(openssleddsa_fromlabel(key, label, NULL)); /* Check that the public component matches if given */ if (pub != NULL && EVP_PKEY_eq(key->keydata.pkeypair.pub, pub->keydata.pkeypair.pub) != 1) @@ -474,11 +469,8 @@ openssleddsa_parse(dst_key_t *key, isc_lex_t *lexer, dst_key_t *pub) { } len = priv.elements[privkey_index].length; - ret = raw_key_to_ossl(alginfo, 1, priv.elements[privkey_index].data, - &len, &pkey); - if (ret != ISC_R_SUCCESS) { - goto err; - } + CHECK(raw_key_to_ossl(alginfo, 1, priv.elements[privkey_index].data, + &len, &pkey)); /* Check that the public component matches if given */ if (pub != NULL && EVP_PKEY_eq(pkey, pub->keydata.pkeypair.pub) != 1) { DST_RET(DST_R_INVALIDPRIVATEKEY); @@ -488,29 +480,26 @@ openssleddsa_parse(dst_key_t *key, isc_lex_t *lexer, dst_key_t *pub) { key->keydata.pkeypair.pub = pkey; key->key_size = len * 8; pkey = NULL; - ret = ISC_R_SUCCESS; + result = ISC_R_SUCCESS; -err: +cleanup: EVP_PKEY_free(pkey); dst__privstruct_free(&priv, mctx); isc_safe_memwipe(&priv, sizeof(priv)); - return ret; + return result; } static isc_result_t openssleddsa_fromlabel(dst_key_t *key, const char *label, const char *pin) { const eddsa_alginfo_t *alginfo = openssleddsa_alg_info(key->key_alg); EVP_PKEY *privpkey = NULL, *pubpkey = NULL; - isc_result_t ret; + isc_result_t result; REQUIRE(alginfo != NULL); UNUSED(pin); - ret = dst__openssl_fromlabel(alginfo->pkey_type, label, pin, &pubpkey, - &privpkey); - if (ret != ISC_R_SUCCESS) { - goto err; - } + CHECK(dst__openssl_fromlabel(alginfo->pkey_type, label, pin, &pubpkey, + &privpkey)); key->label = isc_mem_strdup(key->mctx, label); key->key_size = EVP_PKEY_bits(privpkey); @@ -519,10 +508,10 @@ openssleddsa_fromlabel(dst_key_t *key, const char *label, const char *pin) { privpkey = NULL; pubpkey = NULL; -err: +cleanup: EVP_PKEY_free(privpkey); EVP_PKEY_free(pubpkey); - return ret; + return result; } static dst_func_t openssleddsa_functions = { @@ -578,7 +567,7 @@ check_algorithm(unsigned char algorithm) { const unsigned char *key = NULL; const unsigned char *sig = NULL; const unsigned char test[] = "test"; - isc_result_t ret = ISC_R_SUCCESS; + isc_result_t result = ISC_R_SUCCESS; size_t key_len, sig_len; if (evp_md_ctx == NULL) { @@ -607,10 +596,7 @@ check_algorithm(unsigned char algorithm) { } INSIST(alginfo != NULL); - ret = raw_key_to_ossl(alginfo, 0, key, &key_len, &pkey); - if (ret != ISC_R_SUCCESS) { - goto err; - } + CHECK(raw_key_to_ossl(alginfo, 0, key, &key_len, &pkey)); /* * Check that we can verify the signature. @@ -622,7 +608,7 @@ check_algorithm(unsigned char algorithm) { DST_RET(ISC_R_NOTIMPLEMENTED); } -err: +cleanup: if (pkey != NULL) { EVP_PKEY_free(pkey); } @@ -630,7 +616,7 @@ err: EVP_MD_CTX_destroy(evp_md_ctx); } ERR_clear_error(); - return ret; + return result; } void diff --git a/lib/dns/opensslrsa_link.c b/lib/dns/opensslrsa_link.c index e31ba6b15d9..57c82baa1ef 100644 --- a/lib/dns/opensslrsa_link.c +++ b/lib/dns/opensslrsa_link.c @@ -37,10 +37,10 @@ #include "dst_parse.h" #include "openssl_shim.h" -#define DST_RET(a) \ - { \ - ret = a; \ - goto err; \ +#define DST_RET(a) \ + { \ + result = a; \ + goto cleanup; \ } #define OPENSSLRSA_MAX_MODULUS_BITS 4096 @@ -428,7 +428,7 @@ opensslrsa_generate_pkey(unsigned int key_size, const char *label, BIGNUM *e, RSA *rsa = NULL; EVP_PKEY *pkey = NULL; BN_GENCB *cb = NULL; - isc_result_t ret; + isc_result_t result; UNUSED(label); @@ -456,18 +456,18 @@ opensslrsa_generate_pkey(unsigned int key_size, const char *label, BIGNUM *e, } *retkey = pkey; pkey = NULL; - ret = ISC_R_SUCCESS; + result = ISC_R_SUCCESS; -err: +cleanup: EVP_PKEY_free(pkey); RSA_free(rsa); BN_GENCB_free(cb); - return ret; + return result; } static isc_result_t opensslrsa_build_pkey(bool private, rsa_components_t *c, EVP_PKEY **retpkey) { - isc_result_t ret; + isc_result_t result; EVP_PKEY *pkey = NULL; RSA *rsa = RSA_new(); int status; @@ -532,13 +532,13 @@ opensslrsa_build_pkey(bool private, rsa_components_t *c, EVP_PKEY **retpkey) { *retpkey = pkey; pkey = NULL; - ret = ISC_R_SUCCESS; + result = ISC_R_SUCCESS; -err: +cleanup: EVP_PKEY_free(pkey); RSA_free(rsa); opensslrsa_components_free(c); - return ret; + return result; } #else static int @@ -559,7 +559,7 @@ opensslrsa_generate_pkey_with_uri(size_t key_size, const char *label, EVP_PKEY_CTX *ctx = NULL; OSSL_PARAM params[4]; char *uri = UNCONST(label); - isc_result_t ret; + isc_result_t result; int status; params[0] = OSSL_PARAM_construct_utf8_string("pkcs11_uri", uri, 0); @@ -592,17 +592,17 @@ opensslrsa_generate_pkey_with_uri(size_t key_size, const char *label, DST_R_OPENSSLFAILURE)); } - ret = ISC_R_SUCCESS; -err: + result = ISC_R_SUCCESS; +cleanup: EVP_PKEY_CTX_free(ctx); - return ret; + return result; } static isc_result_t opensslrsa_generate_pkey(unsigned int key_size, const char *label, BIGNUM *e, void (*callback)(int), EVP_PKEY **retkey) { EVP_PKEY_CTX *ctx; - isc_result_t ret; + isc_result_t result; if (label != NULL) { return opensslrsa_generate_pkey_with_uri(key_size, label, @@ -635,15 +635,15 @@ opensslrsa_generate_pkey(unsigned int key_size, const char *label, BIGNUM *e, DST_RET(dst__openssl_toresult2("EVP_PKEY_keygen", DST_R_OPENSSLFAILURE)); } - ret = ISC_R_SUCCESS; -err: + result = ISC_R_SUCCESS; +cleanup: EVP_PKEY_CTX_free(ctx); - return ret; + return result; } static isc_result_t opensslrsa_build_pkey(bool private, rsa_components_t *c, EVP_PKEY **retpkey) { - isc_result_t ret; + isc_result_t result; int status; OSSL_PARAM_BLD *bld = NULL; OSSL_PARAM *params = NULL; @@ -724,19 +724,19 @@ opensslrsa_build_pkey(bool private, rsa_components_t *c, EVP_PKEY **retpkey) { DST_RET(dst__openssl_toresult2("EVP_PKEY_fromdata", DST_R_OPENSSLFAILURE)); } - ret = ISC_R_SUCCESS; + result = ISC_R_SUCCESS; -err: +cleanup: EVP_PKEY_CTX_free(ctx); OSSL_PARAM_free(params); OSSL_PARAM_BLD_free(bld); - return ret; + return result; } #endif /* OPENSSL_VERSION_NUMBER < 0x30000000L */ static isc_result_t opensslrsa_generate(dst_key_t *key, int unused, void (*callback)(int)) { - isc_result_t ret; + isc_result_t result; BIGNUM *e = BN_new(); EVP_PKEY *pkey = NULL; @@ -779,21 +779,18 @@ opensslrsa_generate(dst_key_t *key, int unused, void (*callback)(int)) { BN_set_bit(e, 0); BN_set_bit(e, 16); - ret = opensslrsa_generate_pkey(key->key_size, key->label, e, callback, - &pkey); - if (ret != ISC_R_SUCCESS) { - goto err; - } + CHECK(opensslrsa_generate_pkey(key->key_size, key->label, e, callback, + &pkey)); key->keydata.pkeypair.pub = pkey; key->keydata.pkeypair.priv = pkey; pkey = NULL; - ret = ISC_R_SUCCESS; + result = ISC_R_SUCCESS; -err: +cleanup: EVP_PKEY_free(pkey); BN_free(e); - return ret; + return result; } static isc_result_t @@ -801,7 +798,7 @@ opensslrsa_todns(const dst_key_t *key, isc_buffer_t *data) { isc_region_t r; unsigned int e_bytes; unsigned int mod_bytes; - isc_result_t ret; + isc_result_t result; rsa_components_t c = { 0 }; REQUIRE(key->keydata.pkeypair.pub != NULL); @@ -828,10 +825,7 @@ opensslrsa_todns(const dst_key_t *key, isc_buffer_t *data) { break; } - ret = opensslrsa_components_get(key, &c, false); - if (ret != ISC_R_SUCCESS) { - goto err; - } + CHECK(opensslrsa_components_get(key, &c, false)); mod_bytes = BN_num_bytes(c.n); e_bytes = BN_num_bytes(c.e); @@ -862,15 +856,15 @@ opensslrsa_todns(const dst_key_t *key, isc_buffer_t *data) { isc_buffer_add(data, e_bytes + mod_bytes); - ret = ISC_R_SUCCESS; -err: + result = ISC_R_SUCCESS; +cleanup: opensslrsa_components_free(&c); - return ret; + return result; } static isc_result_t opensslrsa_fromdns(dst_key_t *key, isc_buffer_t *data) { - isc_result_t ret; + isc_result_t result; isc_region_t r; unsigned int e_bytes; unsigned int length; @@ -937,16 +931,16 @@ opensslrsa_fromdns(dst_key_t *key, isc_buffer_t *data) { isc_buffer_forward(data, length); key->key_size = BN_num_bits(c.n); - ret = opensslrsa_build_pkey(false, &c, &key->keydata.pkeypair.pub); + result = opensslrsa_build_pkey(false, &c, &key->keydata.pkeypair.pub); -err: +cleanup: opensslrsa_components_free(&c); - return ret; + return result; } static isc_result_t opensslrsa_tofile(const dst_key_t *key, const char *directory) { - isc_result_t ret; + isc_result_t result; dst_private_t priv = { 0 }; unsigned char *bufs[8] = { NULL }; unsigned short i = 0; @@ -956,10 +950,7 @@ opensslrsa_tofile(const dst_key_t *key, const char *directory) { return dst__privstruct_writefile(key, &priv, directory); } - ret = opensslrsa_components_get(key, &c, true); - if (ret != ISC_R_SUCCESS) { - goto err; - } + CHECK(opensslrsa_components_get(key, &c, true)); priv.elements[i].tag = TAG_RSA_MODULUS; priv.elements[i].length = BN_num_bytes(c.n); @@ -1044,9 +1035,9 @@ opensslrsa_tofile(const dst_key_t *key, const char *directory) { } priv.nelements = i; - ret = dst__privstruct_writefile(key, &priv, directory); + result = dst__privstruct_writefile(key, &priv, directory); -err: +cleanup: for (i = 0; i < ARRAY_SIZE(bufs); i++) { if (bufs[i] != NULL) { isc_mem_put(key->mctx, bufs[i], @@ -1055,7 +1046,7 @@ err: } opensslrsa_components_free(&c); - return ret; + return result; } static isc_result_t @@ -1064,7 +1055,7 @@ opensslrsa_fromlabel(dst_key_t *key, const char *label, const char *pin); static isc_result_t opensslrsa_parse(dst_key_t *key, isc_lex_t *lexer, dst_key_t *pub) { dst_private_t priv; - isc_result_t ret; + isc_result_t result; int i; isc_mem_t *mctx = NULL; const char *label = NULL; @@ -1077,10 +1068,7 @@ opensslrsa_parse(dst_key_t *key, isc_lex_t *lexer, dst_key_t *pub) { mctx = key->mctx; /* read private key file */ - ret = dst__privstruct_parse(key, DST_ALG_RSA, lexer, mctx, &priv); - if (ret != ISC_R_SUCCESS) { - goto err; - } + CHECK(dst__privstruct_parse(key, DST_ALG_RSA, lexer, mctx, &priv)); if (key->external) { if (priv.nelements != 0 || pub == NULL) { @@ -1112,10 +1100,7 @@ opensslrsa_parse(dst_key_t *key, isc_lex_t *lexer, dst_key_t *pub) { * See if we can fetch it. */ if (label != NULL) { - ret = opensslrsa_fromlabel(key, label, NULL); - if (ret != ISC_R_SUCCESS) { - DST_RET(ret); - } + CHECK(opensslrsa_fromlabel(key, label, NULL)); /* Check that the public component matches if given */ if (pub != NULL && EVP_PKEY_eq(key->keydata.pkeypair.pub, pub->keydata.pkeypair.pub) != 1) @@ -1178,10 +1163,7 @@ opensslrsa_parse(dst_key_t *key, isc_lex_t *lexer, dst_key_t *pub) { } key->key_size = BN_num_bits(c.n); - ret = opensslrsa_build_pkey(true, &c, &pkey); - if (ret != ISC_R_SUCCESS) { - goto err; - } + CHECK(opensslrsa_build_pkey(true, &c, &pkey)); /* Check that the public component matches if given */ if (pub != NULL && EVP_PKEY_eq(pkey, pub->keydata.pkeypair.pub) != 1) { @@ -1192,29 +1174,26 @@ opensslrsa_parse(dst_key_t *key, isc_lex_t *lexer, dst_key_t *pub) { key->keydata.pkeypair.priv = pkey; pkey = NULL; -err: +cleanup: opensslrsa_components_free(&c); EVP_PKEY_free(pkey); - if (ret != ISC_R_SUCCESS) { + if (result != ISC_R_SUCCESS) { key->keydata.generic = NULL; } dst__privstruct_free(&priv, mctx); isc_safe_memwipe(&priv, sizeof(priv)); - return ret; + return result; } static isc_result_t opensslrsa_fromlabel(dst_key_t *key, const char *label, const char *pin) { EVP_PKEY *privpkey = NULL, *pubpkey = NULL; - isc_result_t ret; + isc_result_t result; - ret = dst__openssl_fromlabel(EVP_PKEY_RSA, label, pin, &pubpkey, - &privpkey); - if (ret != ISC_R_SUCCESS) { - goto err; - } + CHECK(dst__openssl_fromlabel(EVP_PKEY_RSA, label, pin, &pubpkey, + &privpkey)); if (!opensslrsa_check_exponent_bits(pubpkey, RSA_MAX_PUBEXP_BITS)) { DST_RET(ISC_R_RANGE); @@ -1227,10 +1206,10 @@ opensslrsa_fromlabel(dst_key_t *key, const char *label, const char *pin) { privpkey = NULL; pubpkey = NULL; -err: +cleanup: EVP_PKEY_free(privpkey); EVP_PKEY_free(pubpkey); - return ret; + return result; } static dst_func_t opensslrsa_functions = { @@ -1333,7 +1312,7 @@ check_algorithm(unsigned short algorithm) { EVP_PKEY *pkey = NULL; const EVP_MD *type = NULL; const unsigned char *sig = NULL; - isc_result_t ret = ISC_R_SUCCESS; + isc_result_t result = ISC_R_SUCCESS; size_t len; switch (algorithm) { @@ -1365,8 +1344,8 @@ check_algorithm(unsigned short algorithm) { c.e = BN_bin2bn(e_bytes, sizeof(e_bytes) - 1, NULL); c.n = BN_bin2bn(n_bytes, sizeof(n_bytes) - 1, NULL); - ret = opensslrsa_build_pkey(false, &c, &pkey); - INSIST(ret == ISC_R_SUCCESS); + result = opensslrsa_build_pkey(false, &c, &pkey); + INSIST(result == ISC_R_SUCCESS); /* * Check that we can verify the signature. @@ -1378,12 +1357,12 @@ check_algorithm(unsigned short algorithm) { DST_RET(ISC_R_NOTIMPLEMENTED); } -err: +cleanup: opensslrsa_components_free(&c); EVP_PKEY_free(pkey); EVP_MD_CTX_destroy(evp_md_ctx); ERR_clear_error(); - return ret; + return result; } void diff --git a/lib/dns/private.c b/lib/dns/private.c index 41b854f3d84..60ed1041f87 100644 --- a/lib/dns/private.c +++ b/lib/dns/private.c @@ -43,13 +43,6 @@ #define INITIAL(x) (((x) & DNS_NSEC3FLAG_INITIAL) != 0) #define NONSEC(x) (((x) & DNS_NSEC3FLAG_NONSEC) != 0) -#define CHECK(x) \ - do { \ - result = (x); \ - if (result != ISC_R_SUCCESS) \ - goto failure; \ - } while (0) - /* * Work out if 'param' should be ignored or not (i.e. it is in the process * of being removed). @@ -121,14 +114,14 @@ dns_private_chains(dns_db_t *db, dns_dbversion_t *ver, result = dns_db_findrdataset(db, node, ver, dns_rdatatype_nsec, 0, (isc_stdtime_t)0, &nsecset, NULL); - if (result != ISC_R_SUCCESS && result != ISC_R_NOTFOUND) { - goto failure; + if (result != ISC_R_NOTFOUND) { + CHECK(result); } result = dns_db_findrdataset(db, node, ver, dns_rdatatype_nsec3param, 0, (isc_stdtime_t)0, &nsec3paramset, NULL); - if (result != ISC_R_SUCCESS && result != ISC_R_NOTFOUND) { - goto failure; + if (result != ISC_R_NOTFOUND) { + CHECK(result); } if (dns_rdataset_isassociated(&nsecset) && @@ -143,8 +136,8 @@ dns_private_chains(dns_db_t *db, dns_dbversion_t *ver, result = dns_db_findrdataset(db, node, ver, privatetype, 0, (isc_stdtime_t)0, &privateset, NULL); - if (result != ISC_R_SUCCESS && result != ISC_R_NOTFOUND) { - goto failure; + if (result != ISC_R_NOTFOUND) { + CHECK(result); } } @@ -278,7 +271,7 @@ dns_private_chains(dns_db_t *db, dns_dbversion_t *ver, success: result = ISC_R_SUCCESS; -failure: +cleanup: if (dns_rdataset_isassociated(&nsecset)) { dns_rdataset_disassociate(&nsecset); } @@ -400,6 +393,6 @@ dns_private_totext(dns_rdata_t *private, isc_buffer_t *buf) { isc_buffer_putuint8(buf, 0); result = ISC_R_SUCCESS; -failure: +cleanup: return result; } diff --git a/lib/dns/qpcache.c b/lib/dns/qpcache.c index 7f2ab9640a6..b344e8e698e 100644 --- a/lib/dns/qpcache.c +++ b/lib/dns/qpcache.c @@ -66,13 +66,6 @@ #define DNS_QPCACHE_LOG_STATS_LEVEL 3 #endif -#define CHECK(op) \ - do { \ - result = (op); \ - if (result != ISC_R_SUCCESS) \ - goto failure; \ - } while (0) - #define STALE_TTL(header, qpdb) \ (NXDOMAIN(header) ? 0 : qpdb->common.serve_stale_ttl) @@ -3120,18 +3113,12 @@ qpcache_addrdataset(dns_db_t *db, dns_dbnode_t *node, dns_dbversion_t *version, DNS_SLABHEADER_SETATTR(newheader, DNS_SLABHEADERATTR_OPTOUT); } if (rdataset->attributes.noqname) { - result = addnoqname(qpnode->mctx, newheader, qpdb->maxrrperset, - rdataset); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(addnoqname(qpnode->mctx, newheader, qpdb->maxrrperset, + rdataset)); } if (rdataset->attributes.closest) { - result = addclosest(qpnode->mctx, newheader, qpdb->maxrrperset, - rdataset); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(addclosest(qpnode->mctx, newheader, qpdb->maxrrperset, + rdataset)); } nlock = &qpdb->buckets[qpnode->locknum].lock; diff --git a/lib/dns/qpzone.c b/lib/dns/qpzone.c index 834af41b973..be5e0500070 100644 --- a/lib/dns/qpzone.c +++ b/lib/dns/qpzone.c @@ -64,14 +64,6 @@ #include "qpzone_p.h" #include "rdataslab_p.h" -#define CHECK(op) \ - { \ - result = (op); \ - if (result != ISC_R_SUCCESS) { \ - goto failure; \ - } \ - } - #define HEADERNODE(h) ((qpznode_t *)((h)->node)) #define QPDB_ATTR_LOADED 0x01 diff --git a/lib/dns/rcode.c b/lib/dns/rcode.c index c749959a492..a1ad5abeaed 100644 --- a/lib/dns/rcode.c +++ b/lib/dns/rcode.c @@ -39,13 +39,6 @@ #include -#define RETERR(x) \ - do { \ - isc_result_t _r = (x); \ - if (_r != ISC_R_SUCCESS) \ - return ((_r)); \ - } while (0) - #define NUMBERSIZE sizeof("037777777777") /* 2^32-1 octal + NUL */ #define TOTEXTONLY 0x01 diff --git a/lib/dns/rdata.c b/lib/dns/rdata.c index 5fd872fe3f8..2c83eaf380e 100644 --- a/lib/dns/rdata.c +++ b/lib/dns/rdata.c @@ -52,13 +52,6 @@ #include #include -#define RETERR(x) \ - do { \ - isc_result_t _r = (x); \ - if (_r != ISC_R_SUCCESS) \ - return ((_r)); \ - } while (0) - #define RETTOK(x) \ do { \ isc_result_t _r = (x); \ @@ -68,13 +61,6 @@ } \ } while (0) -#define CHECK(op) \ - do { \ - result = (op); \ - if (result != ISC_R_SUCCESS) \ - goto cleanup; \ - } while (0) - #define CHECKTOK(op) \ do { \ result = (op); \ diff --git a/lib/dns/rdataset.c b/lib/dns/rdataset.c index 83a08ff4690..593b09771e5 100644 --- a/lib/dns/rdataset.c +++ b/lib/dns/rdataset.c @@ -324,18 +324,12 @@ towire_answer(dns_rdataset_t *rdataset, const dns_name_t *name, for (size_t i = start; i < count; i++) { dns_rdata_t rdata = DNS_RDATA_INIT; - result = towire_addtypeclass(rdataset, name, cctx, target, - rrbuffer, sizeof(dns_ttl_t) + 2); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(towire_addtypeclass(rdataset, name, cctx, target, + rrbuffer, sizeof(dns_ttl_t) + 2)); towire_addttl(rdataset, target, &rdlen); dns_rdataset_current(rdataset, &rdata); - result = towire_addrdata(&rdata, cctx, target, &rdlen); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(towire_addrdata(&rdata, cctx, target, &rdlen)); added++; result = dns_rdataset_next(rdataset); @@ -348,17 +342,11 @@ towire_answer(dns_rdataset_t *rdataset, const dns_name_t *name, } for (size_t i = 0; i < start; i++) { - result = towire_addtypeclass(rdataset, name, cctx, target, - rrbuffer, sizeof(dns_ttl_t) + 2); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(towire_addtypeclass(rdataset, name, cctx, target, + rrbuffer, sizeof(dns_ttl_t) + 2)); towire_addttl(rdataset, target, &rdlen); - result = towire_addrdata(&rdatas[i], cctx, target, &rdlen); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(towire_addrdata(&rdatas[i], cctx, target, &rdlen)); added++; } diff --git a/lib/dns/resconf.c b/lib/dns/resconf.c index fda0fcddf97..3b919170e1a 100644 --- a/lib/dns/resconf.c +++ b/lib/dns/resconf.c @@ -75,13 +75,6 @@ #define RESCONFMAXLINELEN 256U /*%< max size of a line */ #define RESCONFMAXSORTLIST 10U /*%< max 10 */ -#define CHECK(op) \ - do { \ - result = (op); \ - if (result != ISC_R_SUCCESS) \ - goto cleanup; \ - } while (0) - /*! * configuration data structure */ diff --git a/lib/dns/resolver.c b/lib/dns/resolver.c index 9e0e578cfb2..f79eb122ec3 100644 --- a/lib/dns/resolver.c +++ b/lib/dns/resolver.c @@ -6045,7 +6045,6 @@ static isc_result_t rctx_cache_secure(respctx_t *rctx, dns_message_t *message, dns_name_t *name, dns_dbnode_t *node, dns_rdataset_t *rdataset, dns_rdataset_t *sigrdataset, bool need_validation) { - isc_result_t result; fetchctx_t *fctx = rctx->fctx; resquery_t *query = rctx->query; dns_rdataset_t *ardataset = NULL, *asigset = NULL; @@ -6129,12 +6128,8 @@ rctx_cache_secure(respctx_t *rctx, dns_message_t *message, dns_name_t *name, * in-between. */ - result = cache_rrset(fctx, rctx->now, name, rdataset, - sigrdataset, &node, ardataset, asigset, - need_validation); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(cache_rrset(fctx, rctx->now, name, rdataset, sigrdataset, + &node, ardataset, asigset, need_validation)); } return ISC_R_SUCCESS; @@ -6386,10 +6381,7 @@ negcache(dns_message_t *message, fetchctx_t *fctx, const dns_name_t *name, /* * Cache the negative entry. */ - result = dns_db_findnode(fctx->cache, name, true, &node); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(dns_db_findnode(fctx->cache, name, true, &node)); result = dns_ncache_add(message, cache, node, covers, now, minttl, maxttl, optout, secure, added); diff --git a/lib/dns/skr.c b/lib/dns/skr.c index 537683d363e..34a259963d0 100644 --- a/lib/dns/skr.c +++ b/lib/dns/skr.c @@ -25,27 +25,11 @@ #include #include -#define CHECK(op) \ - do { \ - result = (op); \ - if (result != ISC_R_SUCCESS) \ - goto failure; \ - } while (0) - #define READLINE(lex, opt, token) -#define NEXTTOKEN(lex, opt, token) \ - { \ - ret = isc_lex_gettoken(lex, opt, token); \ - if (ret != ISC_R_SUCCESS) \ - goto cleanup; \ - } +#define NEXTTOKEN(lex, opt, token) CHECK(isc_lex_gettoken(lex, opt, token)) -#define BADTOKEN() \ - { \ - ret = ISC_R_UNEXPECTEDTOKEN; \ - goto cleanup; \ - } +#define BADTOKEN() CHECK(ISC_R_UNEXPECTEDTOKEN) #define TOKENSIZ (8 * 1024) #define STR(t) ((t).value.as_textregion.base) @@ -61,7 +45,7 @@ parse_rr(isc_lex_t *lex, isc_mem_t *mctx, char *owner, dns_name_t *origin, isc_buffer_t b; isc_token_t token; unsigned int opt = ISC_LEXOPT_EOL; - isc_result_t ret = ISC_R_SUCCESS; + isc_result_t result = ISC_R_SUCCESS; isc_lex_setcomments(lex, ISC_LEXCOMMENT_DNSMASTERFILE); @@ -72,13 +56,9 @@ parse_rr(isc_lex_t *lex, isc_mem_t *mctx, char *owner, dns_name_t *origin, dname = dns_fixedname_initname(&dfname); isc_buffer_init(&b, owner, strlen(owner)); isc_buffer_add(&b, strlen(owner)); - ret = dns_name_fromtext(dname, &b, dns_rootname, 0); - if (ret != ISC_R_SUCCESS) { - goto cleanup; - } + CHECK(dns_name_fromtext(dname, &b, dns_rootname, 0)); if (dns_name_compare(dname, origin) != 0) { - ret = DNS_R_BADOWNERNAME; - goto cleanup; + CHECK(DNS_R_BADOWNERNAME); } isc_buffer_clear(&b); @@ -89,8 +69,8 @@ parse_rr(isc_lex_t *lex, isc_mem_t *mctx, char *owner, dns_name_t *origin, } /* If it's a TTL, read the next one */ - ret = dns_ttl_fromtext(&token.value.as_textregion, ttl); - if (ret == ISC_R_SUCCESS) { + result = dns_ttl_fromtext(&token.value.as_textregion, ttl); + if (result == ISC_R_SUCCESS) { NEXTTOKEN(lex, opt, &token); } if (token.type != isc_tokentype_string) { @@ -98,8 +78,8 @@ parse_rr(isc_lex_t *lex, isc_mem_t *mctx, char *owner, dns_name_t *origin, } /* If it's a class, read the next one */ - ret = dns_rdataclass_fromtext(&clas, &token.value.as_textregion); - if (ret == ISC_R_SUCCESS) { + result = dns_rdataclass_fromtext(&clas, &token.value.as_textregion); + if (result == ISC_R_SUCCESS) { if (clas != rdclass) { BADTOKEN(); } @@ -110,8 +90,8 @@ parse_rr(isc_lex_t *lex, isc_mem_t *mctx, char *owner, dns_name_t *origin, } /* Must be the record type */ - ret = dns_rdatatype_fromtext(rdtype, &token.value.as_textregion); - if (ret != ISC_R_SUCCESS) { + result = dns_rdatatype_fromtext(rdtype, &token.value.as_textregion); + if (result != ISC_R_SUCCESS) { BADTOKEN(); } switch (*rdtype) { @@ -126,11 +106,11 @@ parse_rr(isc_lex_t *lex, isc_mem_t *mctx, char *owner, dns_name_t *origin, } dns_rdatacallbacks_init(&callbacks); - ret = dns_rdata_fromtext(*rdata, rdclass, *rdtype, lex, dname, 0, mctx, - buf, &callbacks); + result = dns_rdata_fromtext(*rdata, rdclass, *rdtype, lex, dname, 0, + mctx, buf, &callbacks); cleanup: isc_lex_setcomments(lex, 0); - return ret; + return result; } static void @@ -345,7 +325,7 @@ dns_skr_read(isc_mem_t *mctx, const char *filename, dns_name_t *origin, filename, isc_lex_getsourceline(lex), isc_result_totext(result)); isc_mem_put(mctx, rdata, sizeof(*rdata)); - goto failure; + goto cleanup; } /* Create new diff tuple */ @@ -374,7 +354,7 @@ dns_skr_read(isc_mem_t *mctx, const char *filename, dns_name_t *origin, addbundle(*skrp, &bundle); } -failure: +cleanup: if (result != ISC_R_SUCCESS) { isc_log_write(DNS_LOGCATEGORY_GENERAL, DNS_LOGMODULE_ZONE, ISC_LOG_DEBUG(1), diff --git a/lib/dns/tkey.c b/lib/dns/tkey.c index 79ca4da3e0a..4618f5ff585 100644 --- a/lib/dns/tkey.c +++ b/lib/dns/tkey.c @@ -55,13 +55,6 @@ #define TEMP_BUFFER_SZ 8192 #define TKEY_RANDOM_AMOUNT 16 -#define RETERR(x) \ - do { \ - result = (x); \ - if (result != ISC_R_SUCCESS) \ - goto failure; \ - } while (0) - static void tkey_log(const char *fmt, ...) ISC_FORMAT_PRINTF(1, 2); @@ -208,7 +201,7 @@ process_gsstkey(dns_message_t *msg, dns_name_t *name, dns_rdata_tkey_t *tkeyin, return ISC_R_SUCCESS; } if (result != DNS_R_CONTINUE && result != ISC_R_SUCCESS) { - goto failure; + CHECK(result); } /* @@ -224,8 +217,8 @@ process_gsstkey(dns_message_t *msg, dns_name_t *name, dns_rdata_tkey_t *tkeyin, #endif /* HAVE_GSSAPI */ uint32_t expire; - RETERR(dst_key_fromgssapi(name, gss_ctx, ring->mctx, &dstkey, - &intoken)); + CHECK(dst_key_fromgssapi(name, gss_ctx, ring->mctx, &dstkey, + &intoken)); /* * Limit keys to 1 hour or the context's lifetime whichever * is smaller. @@ -237,11 +230,11 @@ process_gsstkey(dns_message_t *msg, dns_name_t *name, dns_rdata_tkey_t *tkeyin, expire = now + lifetime; } #endif /* HAVE_GSSAPI */ - RETERR(dns_tsigkey_createfromkey( + CHECK(dns_tsigkey_createfromkey( name, dns__tsig_algfromname(&tkeyin->algorithm), dstkey, true, false, principal, now, expire, ring->mctx, &tsigkey)); - RETERR(dns_tsigkeyring_add(ring, tsigkey)); + CHECK(dns_tsigkeyring_add(ring, tsigkey)); dst_key_free(&dstkey); tkeyout->inception = now; tkeyout->expire = expire; @@ -277,7 +270,7 @@ process_gsstkey(dns_message_t *msg, dns_name_t *name, dns_rdata_tkey_t *tkeyin, return ISC_R_SUCCESS; -failure: +cleanup: if (tsigkey != NULL) { dns_tsigkey_detach(&tsigkey); } @@ -363,24 +356,21 @@ dns_tkey_processquery(dns_message_t *msg, dns_tkeyctx_t *tctx, result = dns_message_findname(msg, DNS_SECTION_ADDITIONAL, qname, dns_rdatatype_tkey, 0, NULL, &tkeyset); if (result != ISC_R_SUCCESS) { - result = DNS_R_FORMERR; tkey_log("dns_tkey_processquery: couldn't find a TKEY " "matching the question"); - goto failure; + CHECK(DNS_R_FORMERR); } result = dns_rdataset_first(tkeyset); if (result != ISC_R_SUCCESS) { - result = DNS_R_FORMERR; - goto failure; + CHECK(DNS_R_FORMERR); } dns_rdataset_current(tkeyset, &rdata); - RETERR(dns_rdata_tostruct(&rdata, &tkeyin, NULL)); + CHECK(dns_rdata_tostruct(&rdata, &tkeyin, NULL)); if (tkeyin.error != dns_rcode_noerror) { - result = DNS_R_FORMERR; - goto failure; + CHECK(DNS_R_FORMERR); } /* @@ -396,8 +386,7 @@ dns_tkey_processquery(dns_message_t *msg, dns_tkeyctx_t *tctx, { tkey_log("dns_tkey_processquery: query was not " "properly signed - rejecting"); - result = DNS_R_FORMERR; - goto failure; + CHECK(DNS_R_FORMERR); } tkeyout = (dns_rdata_tkey_t){ @@ -414,8 +403,8 @@ dns_tkey_processquery(dns_message_t *msg, dns_tkeyctx_t *tctx, /* * A delete operation uses the fully specified qname. */ - RETERR(process_deletetkey(signer, qname, &tkeyin, &tkeyout, - ring)); + CHECK(process_deletetkey(signer, qname, &tkeyin, &tkeyout, + ring)); break; case DNS_TKEYMODE_GSSAPI: keyname = dns_fixedname_initname(&fkeyname); @@ -435,10 +424,10 @@ dns_tkey_processquery(dns_message_t *msg, dns_tkeyctx_t *tctx, isc_nonce_buf(randomdata, sizeof(randomdata)); isc_buffer_init(&b, randomtext, sizeof(randomtext)); - RETERR(isc_hex_totext(&r, 2, "", &b)); - RETERR(dns_name_fromtext(keyname, &b, NULL, 0)); + CHECK(isc_hex_totext(&r, 2, "", &b)); + CHECK(dns_name_fromtext(keyname, &b, NULL, 0)); } - RETERR(dns_name_concatenate(keyname, dns_rootname, keyname)); + CHECK(dns_name_concatenate(keyname, dns_rootname, keyname)); result = dns_tsigkey_find(&tsigkey, keyname, NULL, ring); if (result == ISC_R_SUCCESS) { @@ -446,15 +435,15 @@ dns_tkey_processquery(dns_message_t *msg, dns_tkeyctx_t *tctx, dns_tsigkey_detach(&tsigkey); break; } else if (result == ISC_R_NOTFOUND) { - RETERR(process_gsstkey(msg, keyname, &tkeyin, tctx, - &tkeyout, ring)); + CHECK(process_gsstkey(msg, keyname, &tkeyin, tctx, + &tkeyout, ring)); break; } - goto failure; + goto cleanup; case DNS_TKEYMODE_SERVERASSIGNED: case DNS_TKEYMODE_RESOLVERASSIGNED: result = DNS_R_NOTIMP; - goto failure; + goto cleanup; default: tkeyout.error = dns_tsigerror_badmode; } @@ -467,9 +456,9 @@ dns_tkey_processquery(dns_message_t *msg, dns_tkeyctx_t *tctx, if (tkeyout.key != NULL) { isc_mem_put(tkeyout.mctx, tkeyout.key, tkeyout.keylen); } - RETERR(result); + CHECK(result); - RETERR(dns_message_reply(msg, true)); + CHECK(dns_message_reply(msg, true)); add_rdata_to_list(msg, keyname, &rdata, 0, &namelist); ISC_LIST_FOREACH(namelist, name, link) { @@ -478,7 +467,7 @@ dns_tkey_processquery(dns_message_t *msg, dns_tkeyctx_t *tctx, } return ISC_R_SUCCESS; -failure: +cleanup: free_namelist(msg, &namelist); return result; } @@ -622,11 +611,11 @@ dns_tkey_gssnegotiate(dns_message_t *qmsg, dns_message_t *rmsg, return dns_result_fromrcode(rmsg->rcode); } - RETERR(find_tkey(rmsg, &tkeyname, &rtkeyrdata, DNS_SECTION_ANSWER)); - RETERR(dns_rdata_tostruct(&rtkeyrdata, &rtkey, NULL)); + CHECK(find_tkey(rmsg, &tkeyname, &rtkeyrdata, DNS_SECTION_ANSWER)); + CHECK(dns_rdata_tostruct(&rtkeyrdata, &rtkey, NULL)); - RETERR(find_tkey(qmsg, &tkeyname, &qtkeyrdata, DNS_SECTION_ADDITIONAL)); - RETERR(dns_rdata_tostruct(&qtkeyrdata, &qtkey, NULL)); + CHECK(find_tkey(qmsg, &tkeyname, &qtkeyrdata, DNS_SECTION_ADDITIONAL)); + CHECK(dns_rdata_tostruct(&qtkeyrdata, &qtkey, NULL)); if (rtkey.error != dns_rcode_noerror || rtkey.mode != DNS_TKEYMODE_GSSAPI || @@ -634,8 +623,7 @@ dns_tkey_gssnegotiate(dns_message_t *qmsg, dns_message_t *rmsg, { tkey_log("dns_tkey_gssnegotiate: tkey mode invalid " "or error set(4)"); - result = DNS_R_INVALIDTKEY; - goto failure; + CHECK(DNS_R_INVALIDTKEY); } isc_buffer_init(&intoken, rtkey.key, rtkey.keylen); @@ -662,22 +650,22 @@ dns_tkey_gssnegotiate(dns_message_t *qmsg, dns_message_t *rmsg, dns_name_clone(DNS_TSIG_GSSAPI_NAME, &tkey.algorithm); dns_message_reset(qmsg, DNS_MESSAGE_INTENTRENDER); - RETERR(buildquery(qmsg, tkeyname, &tkey)); + CHECK(buildquery(qmsg, tkeyname, &tkey)); return DNS_R_CONTINUE; } - RETERR(dst_key_fromgssapi(dns_rootname, *context, rmsg->mctx, &dstkey, - NULL)); + CHECK(dst_key_fromgssapi(dns_rootname, *context, rmsg->mctx, &dstkey, + NULL)); /* * XXXSRA This seems confused. If we got CONTINUE from initctx, * the GSS negotiation hasn't completed yet, so we can't sign * anything yet. */ - RETERR(dns_tsigkey_createfromkey(tkeyname, DST_ALG_GSSAPI, dstkey, true, - false, NULL, rtkey.inception, - rtkey.expire, ring->mctx, &tsigkey)); - RETERR(dns_tsigkeyring_add(ring, tsigkey)); + CHECK(dns_tsigkey_createfromkey(tkeyname, DST_ALG_GSSAPI, dstkey, true, + false, NULL, rtkey.inception, + rtkey.expire, ring->mctx, &tsigkey)); + CHECK(dns_tsigkeyring_add(ring, tsigkey)); if (outkey == NULL) { dns_tsigkey_detach(&tsigkey); } else { @@ -687,7 +675,7 @@ dns_tkey_gssnegotiate(dns_message_t *qmsg, dns_message_t *rmsg, dst_key_free(&dstkey); return result; -failure: +cleanup: if (tsigkey != NULL) { dns_tsigkey_detach(&tsigkey); } diff --git a/lib/dns/ttl.c b/lib/dns/ttl.c index 4605abb0683..9c0a02d1e3d 100644 --- a/lib/dns/ttl.c +++ b/lib/dns/ttl.c @@ -30,13 +30,6 @@ #include -#define RETERR(x) \ - do { \ - isc_result_t _r = (x); \ - if (_r != ISC_R_SUCCESS) \ - return ((_r)); \ - } while (0) - static isc_result_t bind_ttl(isc_textregion_t *source, uint32_t *ttl); diff --git a/lib/dns/update.c b/lib/dns/update.c index ff4ae03c61e..b741a75c905 100644 --- a/lib/dns/update.c +++ b/lib/dns/update.c @@ -70,116 +70,6 @@ */ #define LOGLEVEL_DEBUG ISC_LOG_DEBUG(8) -/*% - * Check an operation for failure. These macros all assume that - * the function using them has a 'result' variable and a 'failure' - * label. - */ -#define CHECK(op) \ - do { \ - result = (op); \ - if (result != ISC_R_SUCCESS) \ - goto failure; \ - } while (0) - -/*% - * Fail unconditionally with result 'code', which must not - * be ISC_R_SUCCESS. The reason for failure presumably has - * been logged already. - * - * The test against ISC_R_SUCCESS is there to keep the Solaris compiler - * from complaining about "end-of-loop code not reached". - */ - -#define FAIL(code) \ - do { \ - result = (code); \ - if (result != ISC_R_SUCCESS) \ - goto failure; \ - } while (0) - -/*% - * Fail unconditionally and log as a client error. - * The test against ISC_R_SUCCESS is there to keep the Solaris compiler - * from complaining about "end-of-loop code not reached". - */ -#define FAILC(code, msg) \ - do { \ - const char *_what = "failed"; \ - result = (code); \ - switch (result) { \ - case DNS_R_NXDOMAIN: \ - case DNS_R_YXDOMAIN: \ - case DNS_R_YXRRSET: \ - case DNS_R_NXRRSET: \ - _what = "unsuccessful"; \ - } \ - update_log(log, zone, LOGLEVEL_PROTOCOL, "update %s: %s (%s)", \ - _what, msg, isc_result_totext(result)); \ - if (result != ISC_R_SUCCESS) \ - goto failure; \ - } while (0) - -#define FAILN(code, name, msg) \ - do { \ - const char *_what = "failed"; \ - result = (code); \ - switch (result) { \ - case DNS_R_NXDOMAIN: \ - case DNS_R_YXDOMAIN: \ - case DNS_R_YXRRSET: \ - case DNS_R_NXRRSET: \ - _what = "unsuccessful"; \ - } \ - if (isc_log_wouldlog(LOGLEVEL_PROTOCOL)) { \ - char _nbuf[DNS_NAME_FORMATSIZE]; \ - dns_name_format(name, _nbuf, sizeof(_nbuf)); \ - update_log(log, zone, LOGLEVEL_PROTOCOL, \ - "update %s: %s: %s (%s)", _what, _nbuf, \ - msg, isc_result_totext(result)); \ - } \ - if (result != ISC_R_SUCCESS) \ - goto failure; \ - } while (0) - -#define FAILNT(code, name, type, msg) \ - do { \ - const char *_what = "failed"; \ - result = (code); \ - switch (result) { \ - case DNS_R_NXDOMAIN: \ - case DNS_R_YXDOMAIN: \ - case DNS_R_YXRRSET: \ - case DNS_R_NXRRSET: \ - _what = "unsuccessful"; \ - } \ - if (isc_log_wouldlog(LOGLEVEL_PROTOCOL)) { \ - char _nbuf[DNS_NAME_FORMATSIZE]; \ - char _tbuf[DNS_RDATATYPE_FORMATSIZE]; \ - dns_name_format(name, _nbuf, sizeof(_nbuf)); \ - dns_rdatatype_format(type, _tbuf, sizeof(_tbuf)); \ - update_log(log, zone, LOGLEVEL_PROTOCOL, \ - "update %s: %s/%s: %s (%s)", _what, _nbuf, \ - _tbuf, msg, isc_result_totext(result)); \ - } \ - if (result != ISC_R_SUCCESS) \ - goto failure; \ - } while (0) - -/*% - * Fail unconditionally and log as a server error. - * The test against ISC_R_SUCCESS is there to keep the Solaris compiler - * from complaining about "end-of-loop code not reached". - */ -#define FAILS(code, msg) \ - do { \ - result = (code); \ - update_log(log, zone, LOGLEVEL_PROTOCOL, "error: %s: %s", msg, \ - isc_result_totext(result)); \ - if (result != ISC_R_SUCCESS) \ - goto failure; \ - } while (0) - /**************************************************************************/ typedef struct rr rr_t; @@ -737,7 +627,7 @@ namelist_append_subdomain(dns_db_t *db, dns_name_t *name, if (result == ISC_R_NOMORE) { result = ISC_R_SUCCESS; } -failure: +cleanup: if (dbit != NULL) { dns_dbiterator_destroy(&dbit); } @@ -802,7 +692,7 @@ uniqify_name_list(dns_diff_t *list) { dns_difftuple_free(&p); } } -failure: +cleanup: return result; } @@ -898,8 +788,7 @@ next_active(dns_update_log_t *log, dns_zone_t *zone, dns_db_t *db, if (wraps == 2) { update_log(log, zone, ISC_LOG_ERROR, "secure zone with no NSECs"); - result = DNS_R_BADZONE; - goto failure; + CHECK(DNS_R_BADZONE); } } CHECK(dns_dbiterator_current(dbit, &node, newname)); @@ -935,7 +824,7 @@ next_active(dns_update_log_t *log, dns_zone_t *zone, dns_db_t *db, } } } while (!has_nsec); -failure: +cleanup: if (dbit != NULL) { dns_dbiterator_destroy(&dbit); } @@ -987,7 +876,7 @@ add_nsec(dns_update_log_t *log, dns_zone_t *zone, dns_db_t *db, CHECK(do_one_tuple(&tuple, db, ver, diff)); INSIST(tuple == NULL); -failure: +cleanup: if (node != NULL) { dns_db_detachnode(&node); } @@ -1012,7 +901,7 @@ add_placeholder_nsec(dns_db_t *db, dns_dbversion_t *ver, dns_name_t *name, dns_difftuple_create(diff->mctx, DNS_DIFFOP_ADD, name, 0, &rdata, &tuple); CHECK(do_one_tuple(&tuple, db, ver, diff)); -failure: +cleanup: return result; } @@ -1251,7 +1140,7 @@ add_sigs(dns_update_log_t *log, dns_zone_t *zone, dns_db_t *db, result = ISC_R_NOTFOUND; } -failure: +cleanup: if (dns_rdataset_isassociated(&rdataset)) { dns_rdataset_disassociate(&rdataset); } @@ -1281,9 +1170,8 @@ del_keysigs(dns_db_t *db, dns_dbversion_t *ver, dns_name_t *name, if (result == ISC_R_NOTFOUND) { return ISC_R_SUCCESS; } - if (result != ISC_R_SUCCESS) { - goto failure; - } + CHECK(result); + result = dns_db_findrdataset(db, node, ver, dns_rdatatype_rrsig, dns_rdatatype_dnskey, (isc_stdtime_t)0, &rdataset, NULL); @@ -1292,9 +1180,7 @@ del_keysigs(dns_db_t *db, dns_dbversion_t *ver, dns_name_t *name, if (result == ISC_R_NOTFOUND) { return ISC_R_SUCCESS; } - if (result != ISC_R_SUCCESS) { - goto failure; - } + CHECK(result); DNS_RDATASET_FOREACH(&rdataset) { dns_rdata_t rdata = DNS_RDATA_INIT; @@ -1335,7 +1221,7 @@ del_keysigs(dns_db_t *db, dns_dbversion_t *ver, dns_name_t *name, } dns_rdataset_disassociate(&rdataset); -failure: +cleanup: if (node != NULL) { dns_db_detachnode(&node); } @@ -1525,7 +1411,7 @@ dns_update_signaturesinc(dns_update_log_t *log, dns_zone_t *zone, dns_db_t *db, update_log(log, zone, ISC_LOG_ERROR, "could not get zone keys for secure " "dynamic update"); - goto failure; + goto cleanup; } state->now = isc_stdtime_now(); @@ -1947,7 +1833,7 @@ next_state: if (!state->build_nsec3) { update_log(log, zone, ISC_LOG_DEBUG(3), "no NSEC3 chains to rebuild"); - goto failure; + goto cleanup; } update_log(log, zone, ISC_LOG_DEBUG(3), @@ -2119,7 +2005,7 @@ next_state: UNREACHABLE(); } -failure: +cleanup: if (node != NULL) { dns_db_detachnode(&node); } diff --git a/lib/dns/view.c b/lib/dns/view.c index 7efc9234a2a..47c4fed0dd8 100644 --- a/lib/dns/view.c +++ b/lib/dns/view.c @@ -66,13 +66,6 @@ #include #include -#define CHECK(op) \ - do { \ - result = (op); \ - if (result != ISC_R_SUCCESS) \ - goto cleanup; \ - } while (0) - #define DNS_VIEW_DELONLYHASH 111 /*% diff --git a/lib/dns/xfrin.c b/lib/dns/xfrin.c index f68f63b5154..27f20e88918 100644 --- a/lib/dns/xfrin.c +++ b/lib/dns/xfrin.c @@ -55,14 +55,6 @@ * Incoming AXFR and IXFR. */ -#define CHECK(op) \ - { \ - result = (op); \ - if (result != ISC_R_SUCCESS) { \ - goto failure; \ - } \ - } - /*% * The states of the *XFR state machine. We handle both IXFR and AXFR * with a single integrated state machine because they cannot be @@ -306,7 +298,7 @@ axfr_init(dns_xfrin_t *xfr) { dns_rdatacallbacks_init(&xfr->axfr); CHECK(dns_db_beginload(xfr->db, &xfr->axfr)); result = ISC_R_SUCCESS; -failure: +cleanup: return result; } @@ -341,7 +333,7 @@ axfr_putdata(dns_xfrin_t *xfr, dns_diffop_t op, dns_name_t *name, dns_ttl_t ttl, dns_diff_append(&xfr->diff, &tuple); result = ISC_R_SUCCESS; -failure: +cleanup: return result; } @@ -360,20 +352,18 @@ axfr_apply(void *arg) { uint64_t records; if (atomic_load(&xfr->shuttingdown)) { - result = ISC_R_SHUTTINGDOWN; - goto failure; + CHECK(ISC_R_SHUTTINGDOWN); } CHECK(dns_diff_load(&xfr->diff, &xfr->axfr)); if (xfr->maxrecords != 0U) { result = dns_db_getsize(xfr->db, xfr->ver, &records, NULL); if (result == ISC_R_SUCCESS && records > xfr->maxrecords) { - result = DNS_R_TOOMANYRECORDS; - goto failure; + CHECK(DNS_R_TOOMANYRECORDS); } } -failure: +cleanup: dns_diff_clear(&xfr->diff); work->result = result; } @@ -399,7 +389,7 @@ axfr_apply_done(void *arg) { (void)dns_db_endload(xfr->db, &xfr->axfr); } -failure: +cleanup: xfr->diff_running = false; isc_mem_put(xfr->mctx, work, sizeof(*work)); @@ -471,7 +461,7 @@ ixfr_init(dns_xfrin_t *xfr) { } result = ISC_R_SUCCESS; -failure: +cleanup: return result; } @@ -493,7 +483,7 @@ ixfr_putdata(dns_xfrin_t *xfr, dns_diffop_t op, dns_name_t *name, dns_ttl_t ttl, dns_diff_append(&xfr->diff, &tuple); xfr->ixfr.diffs++; -failure: +cleanup: return result; } @@ -504,7 +494,7 @@ ixfr_begin_transaction(dns_xfrin_t *xfr) { if (xfr->ixfr.journal != NULL) { CHECK(dns_journal_begin_transaction(xfr->ixfr.journal)); } -failure: +cleanup: return result; } @@ -517,7 +507,7 @@ ixfr_end_transaction(dns_xfrin_t *xfr) { if (xfr->ixfr.journal != NULL) { CHECK(dns_journal_commit(xfr->ixfr.journal)); } -failure: +cleanup: return result; } @@ -532,8 +522,7 @@ ixfr_apply_one(dns_xfrin_t *xfr, ixfr_apply_data_t *data) { if (xfr->maxrecords != 0U) { result = dns_db_getsize(xfr->db, xfr->ver, &records, NULL); if (result == ISC_R_SUCCESS && records > xfr->maxrecords) { - result = DNS_R_TOOMANYRECORDS; - goto failure; + CHECK(DNS_R_TOOMANYRECORDS); } } if (xfr->ixfr.journal != NULL) { @@ -543,7 +532,7 @@ ixfr_apply_one(dns_xfrin_t *xfr, ixfr_apply_data_t *data) { result = ixfr_end_transaction(xfr); return result; -failure: +cleanup: /* We need to end the transaction, but keep the previous error */ (void)ixfr_end_transaction(xfr); @@ -606,9 +595,7 @@ ixfr_apply_done(void *arg) { result = ISC_R_SHUTTINGDOWN; } - if (result != ISC_R_SUCCESS) { - goto failure; - } + CHECK(result); /* Reschedule */ if (!cds_wfcq_empty(&xfr->diff_head, &xfr->diff_tail)) { @@ -616,7 +603,7 @@ ixfr_apply_done(void *arg) { return; } -failure: +cleanup: xfr->diff_running = false; isc_mem_put(xfr->mctx, work, sizeof(*work)); @@ -670,7 +657,7 @@ ixfr_commit(dns_xfrin_t *xfr) { isc_work_enqueue(xfr->loop, ixfr_apply, ixfr_apply_done, work); } -failure: +cleanup: return result; } @@ -697,8 +684,7 @@ xfr_rr(dns_xfrin_t *xfr, dns_name_t *name, uint32_t ttl, dns_rdata_t *rdata) { dns_rdatatype_format(rdata->type, buf, sizeof(buf)); xfrin_log(xfr, ISC_LOG_NOTICE, "Unexpected %s record in zone transfer", buf); - result = DNS_R_FORMERR; - goto failure; + CHECK(DNS_R_FORMERR); } /* @@ -713,8 +699,7 @@ xfr_rr(dns_xfrin_t *xfr, dns_name_t *name, uint32_t ttl, dns_rdata_t *rdata) { dns_name_format(name, namebuf, sizeof(namebuf)); xfrin_log(xfr, ISC_LOG_DEBUG(3), "SOA name mismatch: '%s'", namebuf); - result = DNS_R_NOTZONETOP; - goto failure; + CHECK(DNS_R_NOTZONETOP); } redo: @@ -723,8 +708,7 @@ redo: if (rdata->type != dns_rdatatype_soa) { xfrin_log(xfr, ISC_LOG_NOTICE, "non-SOA response to SOA query"); - result = DNS_R_FORMERR; - goto failure; + CHECK(DNS_R_FORMERR); } end_serial = dns_soa_getserial(rdata); atomic_store_relaxed(&xfr->end_serial, end_serial); @@ -735,8 +719,7 @@ redo: "requested serial %u, " "primary has %" PRIuFAST32 ", not updating", xfr->ixfr.request_serial, end_serial); - result = DNS_R_UPTODATE; - goto failure; + CHECK(DNS_R_UPTODATE); } atomic_store(&xfr->state, XFRST_GOTSOA); break; @@ -751,8 +734,7 @@ redo: if (rdata->type != dns_rdatatype_soa) { xfrin_log(xfr, ISC_LOG_NOTICE, "first RR in zone transfer must be SOA"); - result = DNS_R_FORMERR; - goto failure; + CHECK(DNS_R_FORMERR); } /* * Remember the serial number in the initial SOA. @@ -773,8 +755,7 @@ redo: "requested serial %u, " "primary has %" PRIuFAST32 ", not updating", xfr->ixfr.request_serial, end_serial); - result = DNS_R_UPTODATE; - goto failure; + CHECK(DNS_R_UPTODATE); } xfr->firstsoa = *rdata; if (xfr->firstsoa_data != NULL) { @@ -842,8 +823,7 @@ redo: "IXFR out of sync: " "expected serial %u, got %u", xfr->ixfr.current_serial, soa_serial); - result = DNS_R_FORMERR; - goto failure; + CHECK(DNS_R_FORMERR); } else { CHECK(ixfr_commit(xfr)); atomic_store(&xfr->state, XFRST_IXFR_DELSOA); @@ -853,8 +833,7 @@ redo: if (rdata->type == dns_rdatatype_ns && dns_name_iswildcard(name)) { - result = DNS_R_INVALIDNS; - goto failure; + CHECK(DNS_R_INVALIDNS); } CHECK(ixfr_putdata(xfr, DNS_DIFFOP_ADD, name, ttl, rdata)); break; @@ -879,8 +858,7 @@ redo: xfrin_log(xfr, ISC_LOG_NOTICE, "start and ending SOA records " "mismatch"); - result = DNS_R_FORMERR; - goto failure; + CHECK(DNS_R_FORMERR); } axfr_commit(xfr); atomic_store(&xfr->state, XFRST_AXFR_END); @@ -889,13 +867,13 @@ redo: break; case XFRST_AXFR_END: case XFRST_IXFR_END: - result = DNS_R_EXTRADATA; - goto failure; + CHECK(DNS_R_EXTRADATA); + break; default: UNREACHABLE(); } result = ISC_R_SUCCESS; -failure: +cleanup: return result; } @@ -1310,8 +1288,7 @@ xfrin_start(dns_xfrin_t *xfr) { dns_dispatchmgr_t *dispmgr = dns_view_getdispatchmgr(xfr->view); if (dispmgr == NULL) { - result = ISC_R_SHUTTINGDOWN; - goto failure; + CHECK(ISC_R_SHUTTINGDOWN); } primaries_timeout = isc_nm_getprimariestimeout(); @@ -1319,9 +1296,7 @@ xfrin_start(dns_xfrin_t *xfr) { &xfr->primaryaddr, xfr->transport, DNS_DISPATCHOPT_UNSHARED, &xfr->disp); dns_dispatchmgr_detach(&dispmgr); - if (result != ISC_R_SUCCESS) { - goto failure; - } + CHECK(result); LIBDNS_XFRIN_START(xfr, xfr->info); @@ -1388,7 +1363,7 @@ xfrin_start(dns_xfrin_t *xfr) { return ISC_R_SUCCESS; -failure: +cleanup: xfrin_cancelio(xfr); dns_xfrin_detach(&xfr); @@ -1410,7 +1385,7 @@ render(dns_message_t *msg, isc_mem_t *mctx, isc_buffer_t *buf) { CHECK(dns_message_rendersection(msg, DNS_SECTION_ADDITIONAL, 0)); CHECK(dns_message_renderend(msg)); result = ISC_R_SUCCESS; -failure: +cleanup: dns_compress_invalidate(&cctx); return result; } @@ -1437,13 +1412,13 @@ xfrin_connect_done(isc_result_t result, isc_region_t *region ISC_ATTR_UNUSED, if (result != ISC_R_SUCCESS) { xfrin_fail(xfr, result, "failed to connect"); - goto failure; + goto cleanup; } result = dns_dispatch_checkperm(xfr->disp); if (result != ISC_R_SUCCESS) { xfrin_fail(xfr, result, "connected but unable to transfer"); - goto failure; + goto cleanup; } zmgr = dns_zone_getmgr(xfr->zone); @@ -1472,7 +1447,7 @@ xfrin_connect_done(isc_result_t result, isc_region_t *region ISC_ATTR_UNUSED, return; -failure: +cleanup: switch (result) { case ISC_R_NETDOWN: case ISC_R_HOSTDOWN: @@ -1682,7 +1657,7 @@ xfrin_send_request(dns_xfrin_t *xfr) { xfrin_log(xfr, ISC_LOG_DEBUG(3), "sending %s request, QID %d", request_type(xfr), xfr->id); -failure: +cleanup: dns_message_detach(&msg); if (soatuple != NULL) { dns_difftuple_free(&soatuple); @@ -1712,7 +1687,7 @@ xfrin_send_done(isc_result_t result, isc_region_t *region, void *arg) { xfrin_log(xfr, ISC_LOG_DEBUG(3), "sent request data"); -failure: +cleanup: if (result != ISC_R_SUCCESS) { xfrin_fail(xfr, result, "failed sending request data"); } @@ -1866,7 +1841,7 @@ xfrin_recv_done(isc_result_t result, isc_region_t *region, void *arg) { if (xfr->reqtype == dns_rdatatype_axfr || xfr->reqtype == dns_rdatatype_soa) { - goto failure; + goto cleanup; } xfrin_log(xfr, ISC_LOG_DEBUG(3), "got %s, retrying with AXFR", @@ -1896,8 +1871,7 @@ xfrin_recv_done(isc_result_t result, isc_region_t *region, void *arg) { if (msg->counts[DNS_SECTION_QUESTION] > 1) { xfrin_log(xfr, ISC_LOG_NOTICE, "too many questions (%u)", msg->counts[DNS_SECTION_QUESTION]); - result = DNS_R_FORMERR; - goto failure; + CHECK(DNS_R_FORMERR); } if ((atomic_load(&xfr->state) == XFRST_SOAQUERY || @@ -1905,8 +1879,7 @@ xfrin_recv_done(isc_result_t result, isc_region_t *region, void *arg) { msg->counts[DNS_SECTION_QUESTION] != 1) { xfrin_log(xfr, ISC_LOG_NOTICE, "missing question section"); - result = DNS_R_FORMERR; - goto failure; + CHECK(DNS_R_FORMERR); } MSG_SECTION_FOREACH(msg, DNS_SECTION_QUESTION, name) { @@ -1917,22 +1890,19 @@ xfrin_recv_done(isc_result_t result, isc_region_t *region, void *arg) { if (!dns_name_equal(name, &xfr->name)) { xfrin_log(xfr, ISC_LOG_NOTICE, "question name mismatch"); - result = DNS_R_FORMERR; - goto failure; + CHECK(DNS_R_FORMERR); } rds = ISC_LIST_HEAD(name->list); INSIST(rds != NULL); if (rds->type != xfr->reqtype) { xfrin_log(xfr, ISC_LOG_NOTICE, "question type mismatch"); - result = DNS_R_FORMERR; - goto failure; + CHECK(DNS_R_FORMERR); } if (rds->rdclass != xfr->rdclass) { xfrin_log(xfr, ISC_LOG_NOTICE, "question class mismatch"); - result = DNS_R_FORMERR; - goto failure; + CHECK(DNS_R_FORMERR); } } @@ -1954,15 +1924,14 @@ xfrin_recv_done(isc_result_t result, isc_region_t *region, void *arg) { if (xfr->reqtype == dns_rdatatype_soa && (msg->flags & DNS_MESSAGEFLAG_AA) == 0) { - result = DNS_R_NOTAUTHORITATIVE; - goto failure; + CHECK(DNS_R_NOTAUTHORITATIVE); } result = dns_message_checksig(msg, xfr->view); if (result != ISC_R_SUCCESS) { xfrin_log(xfr, ISC_LOG_DEBUG(3), "TSIG check failed: %s", isc_result_totext(result)); - goto failure; + goto cleanup; } MSG_SECTION_FOREACH(msg, DNS_SECTION_ANSWER, name) { @@ -2014,8 +1983,7 @@ xfrin_recv_done(isc_result_t result, isc_region_t *region, void *arg) { atomic_load(&xfr->state) == XFRST_AXFR_END || atomic_load(&xfr->state) == XFRST_IXFR_END) { - result = DNS_R_EXPECTEDTSIG; - goto failure; + CHECK(DNS_R_EXPECTEDTSIG); } } @@ -2055,10 +2023,7 @@ xfrin_recv_done(isc_result_t result, isc_region_t *region, void *arg) { * Read the next message. */ dns_message_detach(&msg); - result = dns_dispatch_getnext(xfr->dispentry); - if (result != ISC_R_SUCCESS) { - goto failure; - } + CHECK(dns_dispatch_getnext(xfr->dispentry)); isc_interval_t interval; isc_interval_set(&interval, dns_zone_getidlein(xfr->zone), 0); @@ -2069,7 +2034,7 @@ xfrin_recv_done(isc_result_t result, isc_region_t *region, void *arg) { return; } -failure: +cleanup: if (result != ISC_R_SUCCESS) { xfrin_fail(xfr, result, "failed while receiving responses"); } diff --git a/lib/dns/zone.c b/lib/dns/zone.c index cfe76c97068..562d8d132ba 100644 --- a/lib/dns/zone.c +++ b/lib/dns/zone.c @@ -219,13 +219,6 @@ typedef struct dns_include dns_include_t; #define ZONEDB_LOCK(l, t) RWLOCK((l), (t)) #define ZONEDB_UNLOCK(l, t) RWUNLOCK((l), (t)) -#define RETERR(x) \ - do { \ - result = (x); \ - if (result != ISC_R_SUCCESS) \ - goto failure; \ - } while (0) - #ifdef ENABLE_AFL extern bool dns_fuzzing_resolver; #endif /* ifdef ENABLE_AFL */ @@ -604,13 +597,6 @@ typedef enum { * load. */ } dns_zoneloadflag_t; -#define CHECK(op) \ - do { \ - result = (op); \ - if (result != ISC_R_SUCCESS) \ - goto failure; \ - } while (0) - struct dns_zonemgr { unsigned int magic; isc_mem_t *mctx; @@ -1935,7 +1921,7 @@ setfilename(dns_zone_t *zone, char **field, const char *value) { const char *end = value + strlen(value); putmem(&b, p, end - p); -failure: +cleanup: isc_buffer_putuint8(&b, 0); setstring(zone, field, filename); } @@ -2270,14 +2256,14 @@ copy_initfile(dns_zone_t *zone) { size_t rval; result = isc_stdio_read(buf, 1, sizeof(buf), input, &rval); - if (result != ISC_R_SUCCESS && result != ISC_R_EOF) { - goto failure; + if (result != ISC_R_EOF) { + CHECK(result); } CHECK(isc_stdio_write(buf, rval, 1, output, NULL)); len -= rval; } while (len > 0); -failure: +cleanup: if (input != NULL) { isc_stdio_close(input); } @@ -4568,7 +4554,7 @@ create_keydata(dns_zone_t *zone, dns_db_t *db, dns_dbversion_t *ver, set_refreshkeytimer(zone, &kd, now, true); return ISC_R_SUCCESS; -failure: +cleanup: return result; } @@ -4664,7 +4650,7 @@ trust_key(dns_zone_t *zone, dns_name_t *keyname, dns_rdata_dnskey_t *dnskey, dns_keytable_detach(&sr); -failure: +cleanup: if (sr != NULL) { dns_keytable_detach(&sr); } @@ -4829,7 +4815,7 @@ update_soa_serial(dns_zone_t *zone, dns_db_t *db, dns_dbversion_t *ver, CHECK(do_one_tuple(&addtuple, db, ver, diff)); result = ISC_R_SUCCESS; -failure: +cleanup: if (addtuple != NULL) { dns_difftuple_free(&addtuple); } @@ -4897,7 +4883,7 @@ add_soa(dns_zone_t *zone, dns_db_t *db) { dns_zone_log(zone, ISC_LOG_ERROR, "add_soa:dns_db_newversion -> %s", isc_result_totext(result)); - goto failure; + goto cleanup; } /* Build SOA record */ @@ -4907,13 +4893,13 @@ add_soa(dns_zone_t *zone, dns_db_t *db) { dns_zone_log(zone, ISC_LOG_ERROR, "add_soa:dns_soa_buildrdata -> %s", isc_result_totext(result)); - goto failure; + goto cleanup; } result = update_one_rr(db, ver, &diff, DNS_DIFFOP_ADD, &zone->origin, 0, &rdata); -failure: +cleanup: dns_diff_clear(&diff); if (ver != NULL) { dns_db_closeversion(db, &ver, result == ISC_R_SUCCESS); @@ -5017,7 +5003,7 @@ sync_keyzone(dns_zone_t *zone, dns_db_t *db) { dnssec_log(zone, ISC_LOG_ERROR, "sync_keyzone:dns_db_newversion -> %s", isc_result_totext(result)); - goto failure; + goto cleanup; } /* @@ -5041,7 +5027,7 @@ sync_keyzone(dns_zone_t *zone, dns_db_t *db) { dns_rriterator_current(&rrit, &rrname, &ttl, &rdataset, NULL); if (!dns_rdataset_isassociated(rdataset)) { dns_rriterator_destroy(&rrit); - goto failure; + goto cleanup; } if (rdataset->type != dns_rdatatype_keydata) { @@ -5113,7 +5099,7 @@ sync_keyzone(dns_zone_t *zone, dns_db_t *db) { commit = true; } -failure: +cleanup: if (result != ISC_R_SUCCESS) { dnssec_log(zone, ISC_LOG_ERROR, "unable to synchronize managed keys: %s", @@ -5151,7 +5137,7 @@ dns_zone_synckeyzone(dns_zone_t *zone) { result = sync_keyzone(zone, db); UNLOCK_ZONE(zone); -failure: +cleanup: if (db != NULL) { dns_db_detach(&db); } @@ -5250,7 +5236,7 @@ check_reportchannel(dns_zone_t *zone, dns_db_t *db) { dns_rdataset_disassociate(&rdataset); } -failure: +cleanup: return result; } @@ -6717,13 +6703,13 @@ findzonekeys(dns_zone_t *zone, dns_db_t *db, dns_dbversion_t *ver, *nkeys = 0; memset(keys, 0, sizeof(*keys) * maxkeys); dns_rdataset_init(&rdataset); - RETERR(dns_db_findrdataset(db, node, ver, dns_rdatatype_dnskey, 0, 0, - &rdataset, NULL)); - RETERR(dns_rdataset_first(&rdataset)); + CHECK(dns_db_findrdataset(db, node, ver, dns_rdatatype_dnskey, 0, 0, + &rdataset, NULL)); + CHECK(dns_rdataset_first(&rdataset)); while (result == ISC_R_SUCCESS && count < maxkeys) { pubkey = NULL; dns_rdataset_current(&rdataset, &rdata); - RETERR(dns_dnssec_keyfromrdata(name, &rdata, mctx, &pubkey)); + CHECK(dns_dnssec_keyfromrdata(name, &rdata, mctx, &pubkey)); dst_key_setttl(pubkey, rdataset.ttl); if (!is_zone_key(pubkey)) { @@ -6799,9 +6785,7 @@ findzonekeys(dns_zone_t *zone, dns_db_t *db, dns_dbversion_t *ver, goto next; } - if (result != ISC_R_SUCCESS) { - goto failure; - } + CHECK(result); /* * If a key is marked inactive, skip it @@ -6829,7 +6813,7 @@ findzonekeys(dns_zone_t *zone, dns_db_t *db, dns_dbversion_t *ver, result = dns_rdataset_next(&rdataset); } if (result != ISC_R_NOMORE) { - goto failure; + CHECK(result); } if (count == 0) { result = ISC_R_NOTFOUND; @@ -6837,7 +6821,7 @@ findzonekeys(dns_zone_t *zone, dns_db_t *db, dns_dbversion_t *ver, result = ISC_R_SUCCESS; } -failure: +cleanup: if (dns_rdataset_isassociated(&rdataset)) { dns_rdataset_disassociate(&rdataset); } @@ -6884,7 +6868,7 @@ dns_zone_findkeys(dns_zone_t *zone, dns_db_t *db, dns_dbversion_t *ver, result = ISC_R_SUCCESS; } -failure: +cleanup: if (node != NULL) { dns_db_detachnode(&node); @@ -6932,8 +6916,8 @@ dns_zone_getdnsseckeys(dns_zone_t *zone, dns_db_t *db, dns_dbversion_t *ver, dns_zone_getmctx(zone), keys); dns_zone_unlock_keyfiles(zone); - if (result != ISC_R_SUCCESS && result != ISC_R_NOTFOUND) { - goto failure; + if (result != ISC_R_NOTFOUND) { + CHECK(result); } /* Get public keys (dnskeys). */ @@ -6966,7 +6950,7 @@ dns_zone_getdnsseckeys(dns_zone_t *zone, dns_db_t *db, dns_dbversion_t *ver, } } -failure: +cleanup: if (dns_rdataset_isassociated(&keyset)) { dns_rdataset_disassociate(&keyset); } @@ -7160,9 +7144,8 @@ del_sigs(dns_zone_t *zone, dns_db_t *db, dns_dbversion_t *ver, dns_name_t *name, if (result == ISC_R_NOTFOUND) { return ISC_R_SUCCESS; } - if (result != ISC_R_SUCCESS) { - goto failure; - } + CHECK(result); + result = dns_db_findrdataset(db, node, ver, dns_rdatatype_rrsig, type, (isc_stdtime_t)0, &rdataset, NULL); dns_db_detachnode(&node); @@ -7173,7 +7156,7 @@ del_sigs(dns_zone_t *zone, dns_db_t *db, dns_dbversion_t *ver, dns_name_t *name, } if (result != ISC_R_SUCCESS) { INSIST(!dns_rdataset_isassociated(&rdataset)); - goto failure; + goto cleanup; } DNS_RDATASET_FOREACH(&rdataset) { @@ -7321,7 +7304,7 @@ del_sigs(dns_zone_t *zone, dns_db_t *db, dns_dbversion_t *ver, dns_name_t *name, "key expiry warning time out of range"); } } -failure: +cleanup: if (node != NULL) { dns_db_detachnode(&node); } @@ -7360,9 +7343,8 @@ add_sigs(dns_db_t *db, dns_dbversion_t *ver, dns_name_t *name, dns_zone_t *zone, if (result == ISC_R_NOTFOUND) { return ISC_R_SUCCESS; } - if (result != ISC_R_SUCCESS) { - goto failure; - } + CHECK(result); + result = dns_db_findrdataset(db, node, ver, type, 0, (isc_stdtime_t)0, &rdataset, NULL); dns_db_detachnode(&node); @@ -7372,7 +7354,7 @@ add_sigs(dns_db_t *db, dns_dbversion_t *ver, dns_name_t *name, dns_zone_t *zone, } if (result != ISC_R_SUCCESS) { INSIST(!dns_rdataset_isassociated(&rdataset)); - goto failure; + goto cleanup; } for (i = 0; i < nkeys; i++) { @@ -7525,7 +7507,7 @@ add_sigs(dns_db_t *db, dns_dbversion_t *ver, dns_name_t *name, dns_zone_t *zone, } } -failure: +cleanup: if (dns_rdataset_isassociated(&rdataset)) { dns_rdataset_disassociate(&rdataset); } @@ -7607,8 +7589,7 @@ zone_resigninc(dns_zone_t *zone) { * Zone is frozen. Pause for 5 minutes. */ if (zone->update_disabled) { - result = ISC_R_FAILURE; - goto failure; + CHECK(ISC_R_FAILURE); } ZONEDB_LOCK(&zone->dblock, isc_rwlocktype_read); @@ -7617,8 +7598,7 @@ zone_resigninc(dns_zone_t *zone) { } ZONEDB_UNLOCK(&zone->dblock, isc_rwlocktype_read); if (db == NULL) { - result = ISC_R_FAILURE; - goto failure; + CHECK(ISC_R_FAILURE); } result = dns_db_newversion(db, &version); @@ -7626,7 +7606,7 @@ zone_resigninc(dns_zone_t *zone) { dns_zone_log(zone, ISC_LOG_ERROR, "zone_resigninc:dns_db_newversion -> %s", isc_result_totext(result)); - goto failure; + goto cleanup; } now = isc_stdtime_now(); @@ -7637,7 +7617,7 @@ zone_resigninc(dns_zone_t *zone) { dns_zone_log(zone, ISC_LOG_ERROR, "zone_resigninc:dns_zone_findkeys -> %s", isc_result_totext(result)); - goto failure; + goto cleanup; } calculate_rrsig_validity(zone, now, &inception, &soaexpire, &expire, @@ -7710,8 +7690,8 @@ zone_resigninc(dns_zone_t *zone) { } } - if (result != ISC_R_NOMORE && result != ISC_R_SUCCESS) { - goto failure; + if (result != ISC_R_NOMORE) { + CHECK(result); } result = del_sigs(zone, db, version, &zone->origin, dns_rdatatype_soa, @@ -7720,7 +7700,7 @@ zone_resigninc(dns_zone_t *zone) { dns_zone_log(zone, ISC_LOG_ERROR, "zone_resigninc:del_sigs -> %s", isc_result_totext(result)); - goto failure; + goto cleanup; } /* @@ -7733,7 +7713,7 @@ zone_resigninc(dns_zone_t *zone) { if (zonediff.offline) { dns_db_closeversion(db, &version, true); } - goto failure; + goto cleanup; } /* Increment SOA serial if we have made changes */ @@ -7743,7 +7723,7 @@ zone_resigninc(dns_zone_t *zone) { dns_zone_log(zone, ISC_LOG_ERROR, "zone_resigninc:update_soa_serial -> %s", isc_result_totext(result)); - goto failure; + goto cleanup; } /* @@ -7757,7 +7737,7 @@ zone_resigninc(dns_zone_t *zone) { dns_zone_log(zone, ISC_LOG_ERROR, "zone_resigninc:add_sigs -> %s", isc_result_totext(result)); - goto failure; + goto cleanup; } /* Write changes to journal file. */ @@ -7766,7 +7746,7 @@ zone_resigninc(dns_zone_t *zone) { /* Everything has succeeded. Commit the changes. */ dns_db_closeversion(db, &version, true); -failure: +cleanup: dns_diff_clear(&_sig_diff); for (i = 0; i < nkeys; i++) { dst_key_free(&zone_keys[i]); @@ -7829,7 +7809,7 @@ next_active(dns_db_t *db, dns_dbversion_t *version, dns_name_t *oldname, break; } } while (1); -failure: +cleanup: if (node != NULL) { dns_db_detachnode(&node); } @@ -7925,7 +7905,7 @@ add_nsec(dns_db_t *db, dns_dbversion_t *version, dns_name_t *name, CHECK(dns_nsec_buildrdata(db, version, node, next, nsecbuffer, &rdata)); CHECK(update_one_rr(db, version, diff, DNS_DIFFOP_ADD, name, ttl, &rdata)); -failure: +cleanup: return result; } @@ -8130,7 +8110,7 @@ sign_a_node(dns_db_t *db, dns_zone_t *zone, dns_name_t *name, (*signatures)--; } -failure: +cleanup: if (dns_rdataset_isassociated(&rdataset)) { dns_rdataset_disassociate(&rdataset); } @@ -8162,15 +8142,13 @@ updatesecure(dns_db_t *db, dns_dbversion_t *version, dns_name_t *name, if (result == ISC_R_NOTFOUND) { goto success; } - if (result != ISC_R_SUCCESS) { - goto failure; - } + CHECK(result); } CHECK(delete_nsec(db, version, node, name, diff)); CHECK(add_nsec(db, version, name, node, nsecttl, false, diff)); success: result = ISC_R_SUCCESS; -failure: +cleanup: if (node != NULL) { dns_db_detachnode(&node); } @@ -8188,10 +8166,7 @@ updatesignwithkey(dns_zone_t *zone, dns_signing_t *signing, bool have_rr = false; dns_rdataset_init(&rdataset); - result = dns_db_getoriginnode(signing->db, &node); - if (result != ISC_R_SUCCESS) { - goto failure; - } + CHECK(dns_db_getoriginnode(signing->db, &node)); result = dns_db_findrdataset(signing->db, node, version, zone->privatetype, dns_rdatatype_none, 0, @@ -8199,11 +8174,11 @@ updatesignwithkey(dns_zone_t *zone, dns_signing_t *signing, if (result == ISC_R_NOTFOUND) { INSIST(!dns_rdataset_isassociated(&rdataset)); result = ISC_R_SUCCESS; - goto failure; + goto cleanup; } if (result != ISC_R_SUCCESS) { INSIST(!dns_rdataset_isassociated(&rdataset)); - goto failure; + goto cleanup; } DNS_RDATASET_FOREACH(&rdataset) { @@ -8295,7 +8270,7 @@ updatesignwithkey(dns_zone_t *zone, dns_signing_t *signing, diff)); } -failure: +cleanup: if (dns_rdataset_isassociated(&rdataset)) { dns_rdataset_disassociate(&rdataset); } @@ -8369,7 +8344,7 @@ fixup_nsec3param(dns_db_t *db, dns_dbversion_t *ver, dns_nsec3chain_t *chain, goto try_private; } if (result != ISC_R_SUCCESS) { - goto failure; + goto cleanup; } /* @@ -8449,9 +8424,7 @@ try_private: if (result == ISC_R_NOTFOUND) { goto add; } - if (result != ISC_R_SUCCESS) { - goto failure; - } + CHECK(result); DNS_RDATASET_FOREACH(&rdataset) { dns_rdata_t private = DNS_RDATA_INIT; @@ -8484,7 +8457,7 @@ try_private: add: if ((chain->nsec3param.flags & DNS_NSEC3FLAG_REMOVE) != 0) { result = ISC_R_SUCCESS; - goto failure; + goto cleanup; } /* @@ -8501,7 +8474,7 @@ add: rdata.data[1] = 0; /* Clear flag bits. */ CHECK(update_one_rr(db, ver, diff, DNS_DIFFOP_ADD, name, ttl, &rdata)); -failure: +cleanup: dns_db_detachnode(&node); if (dns_rdataset_isassociated(&rdataset)) { dns_rdataset_disassociate(&rdataset); @@ -8534,7 +8507,7 @@ delete_nsec(dns_db_t *db, dns_dbversion_t *ver, dns_dbnode_t *node, rdataset.ttl, &rdata)); } -failure: +cleanup: dns_rdataset_disassociate(&rdataset); return result; } @@ -8573,7 +8546,7 @@ deletematchingnsec3(dns_db_t *db, dns_dbversion_t *ver, dns_dbnode_t *node, rdataset.ttl, &rdata)); } -failure: +cleanup: dns_rdataset_disassociate(&rdataset); return result; } @@ -8649,7 +8622,7 @@ need_nsec_chain(dns_db_t *db, dns_dbversion_t *ver, *answer = !active; -failure: +cleanup: if (dns_rdataset_isassociated(&rdataset)) { dns_rdataset_disassociate(&rdataset); } @@ -8796,8 +8769,7 @@ zone_nsec3chain(dns_zone_t *zone) { * Updates are disabled. Pause for 5 minutes. */ if (zone->update_disabled) { - result = ISC_R_FAILURE; - goto failure; + CHECK(ISC_R_FAILURE); } ZONEDB_LOCK(&zone->dblock, isc_rwlocktype_read); @@ -8823,7 +8795,7 @@ zone_nsec3chain(dns_zone_t *zone) { dnssec_log(zone, ISC_LOG_ERROR, "zone_nsec3chain:dns_db_newversion -> %s", isc_result_totext(result)); - goto failure; + goto cleanup; } now = isc_stdtime_now(); @@ -8834,7 +8806,7 @@ zone_nsec3chain(dns_zone_t *zone) { dnssec_log(zone, ISC_LOG_ERROR, "zone_nsec3chain:dns_zone_findkeys -> %s", isc_result_totext(result)); - goto failure; + goto cleanup; } calculate_rrsig_validity(zone, now, &inception, &soaexpire, NULL, @@ -8950,9 +8922,7 @@ zone_nsec3chain(dns_zone_t *zone) { /* Empty node? */ goto next_addnode; } - if (result != ISC_R_SUCCESS) { - goto failure; - } + CHECK(result); seen_soa = seen_ns = seen_dname = seen_ds = seen_nsec = false; DNS_RDATASETITER_FOREACH(iterator) { @@ -8998,7 +8968,7 @@ zone_nsec3chain(dns_zone_t *zone) { "zone_nsec3chain:" "dns_nsec3_addnsec3 -> %s", isc_result_totext(result)); - goto failure; + goto cleanup; } /* @@ -9055,7 +9025,7 @@ zone_nsec3chain(dns_zone_t *zone) { "zone_nsec3chain:" "dns_dbiterator_next -> %s", isc_result_totext(result)); - goto failure; + goto cleanup; } else if (delegation) { dns_dbiterator_current(nsec3chain->dbiterator, &node, nextname); @@ -9136,7 +9106,7 @@ zone_nsec3chain(dns_zone_t *zone) { "zone_nsec3chain:" "need_nsec_chain -> %s", isc_result_totext(result)); - goto failure; + goto cleanup; } } @@ -9163,7 +9133,7 @@ zone_nsec3chain(dns_zone_t *zone) { "zone_nsec3chain:" "fixup_nsec3param -> %s", isc_result_totext(result)); - goto failure; + goto cleanup; } } @@ -9178,7 +9148,7 @@ zone_nsec3chain(dns_zone_t *zone) { "zone_nsec3chain:" "deletematchingnsec3 -> %s", isc_result_totext(result)); - goto failure; + goto cleanup; } goto next_removenode; } @@ -9213,9 +9183,7 @@ zone_nsec3chain(dns_zone_t *zone) { /* Empty node? */ goto next_removenode; } - if (result != ISC_R_SUCCESS) { - goto failure; - } + CHECK(result); seen_soa = seen_ns = seen_dname = seen_nsec3 = seen_nsec = seen_rr = false; @@ -9285,7 +9253,7 @@ zone_nsec3chain(dns_zone_t *zone) { "zone_nsec3chain:" "fixup_nsec3param -> %s", isc_result_totext(result)); - goto failure; + goto cleanup; } goto next_removechain; } else if (result != ISC_R_SUCCESS) { @@ -9293,7 +9261,7 @@ zone_nsec3chain(dns_zone_t *zone) { "zone_nsec3chain:" "dns_dbiterator_next -> %s", isc_result_totext(result)); - goto failure; + goto cleanup; } else if (delegation) { dns_dbiterator_current(nsec3chain->dbiterator, &node, nextname); @@ -9333,7 +9301,7 @@ skip_removals: dnssec_log(zone, ISC_LOG_ERROR, "zone_nsec3chain:dns_db_allrdatasets -> %s", isc_result_totext(result)); - goto failure; + goto cleanup; } DNS_RDATASETITER_FOREACH(iterator) { dns_rdataset_t rdataset = DNS_RDATASET_INIT; @@ -9360,7 +9328,7 @@ skip_removals: dnssec_log(zone, ISC_LOG_ERROR, "zone_nsec3chain:updatesecure -> %s", isc_result_totext(result)); - goto failure; + goto cleanup; } } @@ -9377,7 +9345,7 @@ skip_removals: "zone_nsec3chain:" "dns_nsec3_addnsec3s -> %s", isc_result_totext(result)); - goto failure; + goto cleanup; } } } @@ -9395,7 +9363,7 @@ skip_removals: dnssec_log(zone, ISC_LOG_ERROR, "zone_nsec3chain:dns__zone_updatesigs -> %s", isc_result_totext(result)); - goto failure; + goto cleanup; } /* @@ -9409,7 +9377,7 @@ skip_removals: dnssec_log(zone, ISC_LOG_ERROR, "zone_nsec3chain:dns__zone_updatesigs -> %s", isc_result_totext(result)); - goto failure; + goto cleanup; } if (updatensec) { @@ -9419,7 +9387,7 @@ skip_removals: dnssec_log(zone, ISC_LOG_ERROR, "zone_nsec3chain:updatesecure -> %s", isc_result_totext(result)); - goto failure; + goto cleanup; } } @@ -9430,7 +9398,7 @@ skip_removals: dnssec_log(zone, ISC_LOG_ERROR, "zone_nsec3chain:dns__zone_updatesigs -> %s", isc_result_totext(result)); - goto failure; + goto cleanup; } /* @@ -9442,7 +9410,7 @@ skip_removals: * No need to call dns_db_closeversion() here as it is * called with commit = true below. */ - goto done; + goto closeversion; } result = del_sigs(zone, db, version, &zone->origin, dns_rdatatype_soa, @@ -9451,7 +9419,7 @@ skip_removals: dnssec_log(zone, ISC_LOG_ERROR, "zone_nsec3chain:del_sigs -> %s", isc_result_totext(result)); - goto failure; + goto cleanup; } result = update_soa_serial(zone, db, version, zonediff.diff, zone->mctx, @@ -9460,7 +9428,7 @@ skip_removals: dnssec_log(zone, ISC_LOG_ERROR, "zone_nsec3chain:update_soa_serial -> %s", isc_result_totext(result)); - goto failure; + goto cleanup; } result = add_sigs(db, version, &zone->origin, zone, dns_rdatatype_soa, @@ -9470,7 +9438,7 @@ skip_removals: dnssec_log(zone, ISC_LOG_ERROR, "zone_nsec3chain:add_sigs -> %s", isc_result_totext(result)); - goto failure; + goto cleanup; } /* Write changes to journal file. */ @@ -9481,7 +9449,7 @@ skip_removals: DNS_ZONE_SETFLAG(zone, DNS_ZONEFLG_NEEDNOTIFY); UNLOCK_ZONE(zone); -done: +closeversion: /* * Pause all iterators so that dns_db_closeversion() can succeed. */ @@ -9511,7 +9479,7 @@ done: set_resigntime(zone); UNLOCK_ZONE(zone); -failure: +cleanup: if (result != ISC_R_SUCCESS) { dnssec_log(zone, ISC_LOG_ERROR, "zone_nsec3chain: %s", isc_result_totext(result)); @@ -9685,7 +9653,7 @@ del_sig(dns_db_t *db, dns_dbversion_t *version, dns_name_t *name, * i.e., found in at least one, and not missing from any. */ *has_algp = (alg_found && !alg_missed); -failure: +cleanup: if (dns_rdataset_isassociated(&rdataset)) { dns_rdataset_disassociate(&rdataset); } @@ -9780,12 +9748,12 @@ dns_zone_check_dnskey_nsec3(dns_zone_t *zone, dns_db_t *db, /* Refuse to allow NSEC3 with NSEC-only keys */ if (nseconly && nsec3) { - goto failure; + goto cleanup; } return true; -failure: +cleanup: return false; } @@ -9839,7 +9807,7 @@ zone_sign(dns_zone_t *zone) { */ if (zone->update_disabled) { result = ISC_R_FAILURE; - goto cleanup; + goto done; } ZONEDB_LOCK(&zone->dblock, isc_rwlocktype_read); @@ -9849,7 +9817,7 @@ zone_sign(dns_zone_t *zone) { ZONEDB_UNLOCK(&zone->dblock, isc_rwlocktype_read); if (db == NULL) { result = ISC_R_FAILURE; - goto cleanup; + goto done; } result = dns_db_newversion(db, &version); @@ -9857,7 +9825,7 @@ zone_sign(dns_zone_t *zone) { dnssec_log(zone, ISC_LOG_ERROR, "zone_sign:dns_db_newversion -> %s", isc_result_totext(result)); - goto cleanup; + goto done; } now = isc_stdtime_now(); @@ -9868,7 +9836,7 @@ zone_sign(dns_zone_t *zone) { dnssec_log(zone, ISC_LOG_ERROR, "zone_sign:dns_zone_findkeys -> %s", isc_result_totext(result)); - goto cleanup; + goto done; } kasp = zone->kasp; @@ -10151,7 +10119,7 @@ zone_sign(dns_zone_t *zone) { "updatesecure -> %s", isc_result_totext( result)); - goto cleanup; + goto done; } } result = updatesignwithkey( @@ -10161,7 +10129,7 @@ zone_sign(dns_zone_t *zone) { dnssec_log(zone, ISC_LOG_ERROR, "updatesignwithkey -> %s", isc_result_totext(result)); - goto cleanup; + goto done; } build_nsec = false; goto next_signing; @@ -10170,7 +10138,7 @@ zone_sign(dns_zone_t *zone) { "zone_sign:" "dns_dbiterator_next -> %s", isc_result_totext(result)); - goto cleanup; + goto done; } else if (is_bottom_of_zone) { dns_dbiterator_current(signing->dbiterator, &node, nextname); @@ -10198,7 +10166,7 @@ zone_sign(dns_zone_t *zone) { dnssec_log(zone, ISC_LOG_ERROR, "zone_sign:dns__zone_updatesigs -> %s", isc_result_totext(result)); - goto cleanup; + goto done; } } @@ -10220,7 +10188,7 @@ zone_sign(dns_zone_t *zone) { if (result != ISC_R_SUCCESS) { dnssec_log(zone, ISC_LOG_ERROR, "zone_sign:del_sigs -> %s", isc_result_totext(result)); - goto cleanup; + goto done; } result = update_soa_serial(zone, db, version, zonediff.diff, zone->mctx, @@ -10229,7 +10197,7 @@ zone_sign(dns_zone_t *zone) { dnssec_log(zone, ISC_LOG_ERROR, "zone_sign:update_soa_serial -> %s", isc_result_totext(result)); - goto cleanup; + goto done; } /* @@ -10242,7 +10210,7 @@ zone_sign(dns_zone_t *zone) { if (result != ISC_R_SUCCESS) { dnssec_log(zone, ISC_LOG_ERROR, "zone_sign:add_sigs -> %s", isc_result_totext(result)); - goto cleanup; + goto done; } /* @@ -10285,13 +10253,13 @@ pauseall: } UNLOCK_ZONE(zone); -failure: +cleanup: if (result != ISC_R_SUCCESS) { dnssec_log(zone, ISC_LOG_ERROR, "zone_sign: failed: %s", isc_result_totext(result)); } -cleanup: +done: /* * Pause all dbiterators. */ @@ -10533,9 +10501,8 @@ minimal_update(dns_zonefetch_t *fetch, dns_dbversion_t *ver, dns_diff_t *diff) { if (result == ISC_R_UNEXPECTEDEND) { continue; } - if (result != ISC_R_SUCCESS) { - goto failure; - } + CHECK(result); + keydata.refresh = refresh_time(fetch, true); set_refreshkeytimer(zone, &keydata, now, false); @@ -10550,7 +10517,7 @@ minimal_update(dns_zonefetch_t *fetch, dns_dbversion_t *ver, dns_diff_t *diff) { 0, &rdata)); } result = ISC_R_SUCCESS; -failure: +cleanup: return result; } @@ -11266,7 +11233,7 @@ done: result = ISC_R_SUCCESS; } -failure: +cleanup: if (result != ISC_R_SUCCESS) { dnssec_log(zone, ISC_LOG_ERROR, "error during trust anchor processing (%s): " @@ -11440,7 +11407,7 @@ zone_refreshkeys(dns_zone_t *zone) { zone_needdump(zone, 30); } -failure: +cleanup: if (!timerset) { isc_time_settoepoch(&zone->refreshkeytime); } @@ -11798,7 +11765,7 @@ zone_expire(dns_zone_t *zone) { "policies unloaded"); } -failure: +cleanup: if (db != NULL) { dns_db_detach(&db); } @@ -16156,7 +16123,7 @@ sync_secure_journal(dns_zone_t *zone, dns_zone_t *raw, dns_journal_t *journal, result = ISC_R_SUCCESS; } -failure: +cleanup: return result; } @@ -16525,8 +16492,8 @@ receive_secure_serial(void *arg) { result = dns_journal_open(zone->mctx, zone->journal, DNS_JOURNAL_READ, &sjournal); - if (result != ISC_R_SUCCESS && result != ISC_R_NOTFOUND) { - goto failure; + if (result != ISC_R_NOTFOUND) { + CHECK(result); } if (!dns_journal_get_sourceserial(rjournal, &start)) { @@ -16560,7 +16527,7 @@ receive_secure_serial(void *arg) { start, end, &soatuple, &zone->rss_diff); if (result == DNS_R_UNCHANGED) { - goto failure; + goto cleanup; } else if (result != ISC_R_SUCCESS) { CHECK(sync_secure_db(zone, zone->rss_raw, zone->rss_db, zone->rss_oldver, &soatuple, @@ -16617,7 +16584,7 @@ receive_secure_serial(void *arg) { * that contents of the raw zone and the secure zone are kept in sync. */ if (result != ISC_R_SUCCESS && dns_db_issecure(zone->rss_db)) { - goto failure; + goto cleanup; } if (rjournal == NULL) { @@ -16655,7 +16622,7 @@ receive_secure_serial(void *arg) { newserial, desired); } -failure: +cleanup: isc_mem_put(zone->mctx, rss, sizeof(*rss)); zone->rss = NULL; @@ -16904,7 +16871,7 @@ done: result = ISC_R_SUCCESS; } -failure: +cleanup: if (node != NULL) { dns_db_detachnode(&node); } @@ -17046,8 +17013,7 @@ receive_secure_db(void *arg) { LOCK_ZONE(zone); if (DNS_ZONE_FLAG(zone, DNS_ZONEFLG_EXITING) || !inline_secure(zone)) { - result = ISC_R_SHUTTINGDOWN; - goto failure; + CHECK(ISC_R_SHUTTINGDOWN); } loadtime = isc_time_now(); @@ -17065,39 +17031,26 @@ receive_secure_db(void *arg) { result = save_nsec3param(zone, &nsec3list); if (result != ISC_R_SUCCESS) { ZONEDB_UNLOCK(&zone->dblock, isc_rwlocktype_read); - goto failure; + goto cleanup; } } ZONEDB_UNLOCK(&zone->dblock, isc_rwlocktype_read); - result = dns_db_create(zone->mctx, zone->db_argv[0], &zone->origin, - dns_dbtype_zone, zone->rdclass, - zone->db_argc - 1, zone->db_argv + 1, &db); - if (result != ISC_R_SUCCESS) { - goto failure; - } + CHECK(dns_db_create(zone->mctx, zone->db_argv[0], &zone->origin, + dns_dbtype_zone, zone->rdclass, zone->db_argc - 1, + zone->db_argv + 1, &db)); result = dns_db_setgluecachestats(db, zone->gluecachestats); - if (result != ISC_R_SUCCESS && result != ISC_R_NOTIMPLEMENTED) { - goto failure; - } - - result = dns_db_newversion(db, &version); - if (result != ISC_R_SUCCESS) { - goto failure; + if (result != ISC_R_NOTIMPLEMENTED) { + CHECK(result); } - result = dns_db_createiterator(rawdb, DNS_DB_NONSEC3, &dbiterator); - if (result != ISC_R_SUCCESS) { - goto failure; - } + CHECK(dns_db_newversion(db, &version)); + CHECK(dns_db_createiterator(rawdb, DNS_DB_NONSEC3, &dbiterator)); DNS_DBITERATOR_FOREACH(dbiterator) { - result = copy_non_dnssec_records(db, version, rawdb, dbiterator, - oldserialp); - if (result != ISC_R_SUCCESS) { - goto failure; - } + CHECK(copy_non_dnssec_records(db, version, rawdb, dbiterator, + oldserialp)); } dns_dbiterator_destroy(&dbiterator); @@ -17106,10 +17059,7 @@ receive_secure_db(void *arg) { * the old nsec3 parameters and insert them into db */ if (!ISC_LIST_EMPTY(nsec3list)) { - result = restore_nsec3param(zone, db, version, &nsec3list); - if (result != ISC_R_SUCCESS) { - goto failure; - } + CHECK(restore_nsec3param(zone, db, version, &nsec3list)); } dns_db_closeversion(db, &version, true); @@ -17129,7 +17079,7 @@ receive_secure_db(void *arg) { */ process_zone_setnsec3param(zone); -failure: +cleanup: UNLOCK_ZONE(zone); if (dbiterator != NULL) { dns_dbiterator_destroy(&dbiterator); @@ -19834,7 +19784,7 @@ rr_exists(dns_db_t *db, dns_dbversion_t *ver, dns_name_t *name, if (result == ISC_R_NOTFOUND) { *flag = false; result = ISC_R_SUCCESS; - goto failure; + goto cleanup; } bool matched = false; @@ -19849,7 +19799,7 @@ rr_exists(dns_db_t *db, dns_dbversion_t *ver, dns_name_t *name, dns_rdataset_disassociate(&rdataset); *flag = matched; -failure: +cleanup: if (node != NULL) { dns_db_detachnode(&node); } @@ -19990,7 +19940,7 @@ add_signing_records(dns_db_t *db, dns_rdatatype_t privatetype, } } -failure: +cleanup: /* * Put the DNSKEY changes we cared about back on diff->tuples. */ @@ -20079,37 +20029,26 @@ sign_apex(dns_zone_t *zone, dns_db_t *db, dns_dbversion_t *ver, * signature and if not cause them to sign so that newly activated * keys are used. */ - result = tickle_apex_rrset(dns_rdatatype_dnskey, zone, db, ver, now, - diff, zonediff, zone_keys, nkeys, inception, - keyexpire); - if (result != ISC_R_SUCCESS) { - goto failure; - } - result = tickle_apex_rrset(dns_rdatatype_cds, zone, db, ver, now, diff, - zonediff, zone_keys, nkeys, inception, - keyexpire); - if (result != ISC_R_SUCCESS) { - goto failure; - } - result = tickle_apex_rrset(dns_rdatatype_cdnskey, zone, db, ver, now, - diff, zonediff, zone_keys, nkeys, inception, - keyexpire); - if (result != ISC_R_SUCCESS) { - goto failure; - } + CHECK(tickle_apex_rrset(dns_rdatatype_dnskey, zone, db, ver, now, diff, + zonediff, zone_keys, nkeys, inception, + keyexpire)); + CHECK(tickle_apex_rrset(dns_rdatatype_cds, zone, db, ver, now, diff, + zonediff, zone_keys, nkeys, inception, + keyexpire)); + CHECK(tickle_apex_rrset(dns_rdatatype_cdnskey, zone, db, ver, now, diff, + zonediff, zone_keys, nkeys, inception, + keyexpire)); result = dns__zone_updatesigs(diff, db, ver, zone_keys, nkeys, zone, inception, soaexpire, keyexpire, now, zonediff); - if (result != ISC_R_SUCCESS) { dnssec_log(zone, ISC_LOG_ERROR, "sign_apex:dns__zone_updatesigs -> %s", isc_result_totext(result)); - goto failure; } -failure: +cleanup: for (i = 0; i < nkeys; i++) { dst_key_free(&zone_keys[i]); } @@ -20132,12 +20071,12 @@ clean_nsec3param(dns_zone_t *zone, dns_db_t *db, dns_dbversion_t *ver, dns_rdataset_disassociate(&rdataset); } if (result != ISC_R_NOTFOUND) { - goto failure; + goto cleanup; } result = dns_nsec3param_deletechains(db, ver, zone, true, diff); -failure: +cleanup: if (node != NULL) { dns_db_detachnode(&node); } @@ -20189,7 +20128,7 @@ add_chains(dns_zone_t *zone, dns_db_t *db, dns_dbversion_t *ver, } CHECK(updatesecure(db, ver, origin, zone_nsecttl(zone), true, diff)); -failure: +cleanup: return result; } @@ -20409,7 +20348,7 @@ checkds_done(void *arg) { dns_zone_log(zone, ISC_LOG_NOTICE, "checkds: bad DS response from %s: %.*s", addrbuf, (int)buf.used, rcode); - goto failure; + goto cleanup; } /* Make sure that either AA or RA bit is set. */ @@ -20420,7 +20359,7 @@ checkds_done(void *arg) { "checkds: bad DS response from %s: expected AA or " "RA bit set", addrbuf); - goto failure; + goto cleanup; } /* Lookup DS RRset. */ @@ -20554,7 +20493,7 @@ checkds_done(void *arg) { dns_zone_rekey(zone, false, false); } -failure: +cleanup: if (result != ISC_R_SUCCESS) { dns_zone_log(zone, ISC_LOG_DEBUG(3), "checkds: DS request failed: %s", @@ -21552,11 +21491,9 @@ zone_rekey(dns_zone_t *zone) { dns_zone_unlock_keyfiles(zone); - if (result != ISC_R_SUCCESS) { - goto failure; - } + CHECK(result); } else if (result != ISC_R_NOTFOUND) { - goto failure; + goto cleanup; } /* Get the current CDS rdataset */ @@ -21613,8 +21550,7 @@ zone_rekey(dns_zone_t *zone) { dnssec_log(zone, ISC_LOG_DEBUG(1), "zone_rekey:dns_skr_lookup failed: " "no SKR available"); - result = DNS_R_NOSKRFILE; - goto failure; + CHECK(DNS_R_NOSKRFILE); } bundle = dns_skr_lookup(zone->skr, now, sigval); zone->skrbundle = bundle; @@ -21635,8 +21571,7 @@ zone_rekey(dns_zone_t *zone) { "no available SKR bundle for time " "%.*s (%s)", (int)r.length, r.base, nowstr); - result = DNS_R_NOSKRBUNDLE; - goto failure; + CHECK(DNS_R_NOSKRBUNDLE); } zone_apply_skrbundle(zone, bundle, &keyset, &cdsset, @@ -21681,7 +21616,7 @@ zone_rekey(dns_zone_t *zone) { "zone_rekey:zone_verifykeys failed: " "some key files are missing"); KASP_UNLOCK(kasp); - goto failure; + goto cleanup; } /* @@ -21724,7 +21659,7 @@ zone_rekey(dns_zone_t *zone) { "failed: %s", isc_result_totext(result)); KASP_UNLOCK(kasp); - goto failure; + goto cleanup; } } } else if (offlineksk) { @@ -21772,7 +21707,7 @@ zone_rekey(dns_zone_t *zone) { dnssec_log(zone, ISC_LOG_ERROR, "zone_rekey:couldn't update zone keys: %s", isc_result_totext(result)); - goto failure; + goto cleanup; } if (offlineksk) { @@ -21849,7 +21784,7 @@ zone_rekey(dns_zone_t *zone) { dnssec_log(zone, ISC_LOG_ERROR, "zone_rekey:couldn't update CDS/CDNSKEY: %s", isc_result_totext(result)); - goto failure; + goto cleanup; } if (cdsdel || cdnskeydel) { @@ -21886,7 +21821,7 @@ zone_rekey(dns_zone_t *zone) { "zone_rekey:couldn't update CDS/CDNSKEY " "DELETE records: %s", isc_result_totext(result)); - goto failure; + goto cleanup; } post_sync: @@ -22198,7 +22133,7 @@ zone_rekey(dns_zone_t *zone) { result = ISC_R_SUCCESS; -failure: +cleanup: LOCK_ZONE(zone); if (result != ISC_R_SUCCESS) { /* @@ -22288,7 +22223,6 @@ dns_zone_dnssecstatus(dns_zone_t *zone, dns_kasp_t *kasp, dns_dnsseckeylist_t *keys, isc_stdtime_t now, bool verbose, char *out, size_t out_len) { isc_buffer_t buf; - isc_result_t result = ISC_R_SUCCESS; isc_time_t refreshkeytime; isc_stdtime_t refresh; char timestr[26]; @@ -22312,11 +22246,10 @@ dns_zone_dnssecstatus(dns_zone_t *zone, dns_kasp_t *kasp, bool checkds = zone->checkdstype != dns_checkdstype_no; LOCK(&kasp->lock); - result = dns_keymgr_status(kasp, keys, &buf, now, verbose, checkds); + RETERR(dns_keymgr_status(kasp, keys, &buf, now, verbose, checkds)); UNLOCK(&kasp->lock); -failure: - return result; + return ISC_R_SUCCESS; } isc_result_t @@ -22361,29 +22294,29 @@ dns_zone_cdscheck(dns_zone_t *zone, dns_db_t *db, dns_dbversion_t *version) { result = dns_db_findrdataset(db, node, version, dns_rdatatype_cds, dns_rdatatype_none, 0, &cds, NULL); - if (result != ISC_R_SUCCESS && result != ISC_R_NOTFOUND) { - goto failure; + if (result != ISC_R_NOTFOUND) { + CHECK(result); } result = dns_db_findrdataset(db, node, version, dns_rdatatype_cdnskey, dns_rdatatype_none, 0, &cdnskey, NULL); - if (result != ISC_R_SUCCESS && result != ISC_R_NOTFOUND) { - goto failure; + if (result != ISC_R_NOTFOUND) { + CHECK(result); } if (!dns_rdataset_isassociated(&cds) && !dns_rdataset_isassociated(&cdnskey)) { result = ISC_R_SUCCESS; - goto failure; + goto cleanup; } result = dns_db_findrdataset(db, node, version, dns_rdatatype_dnskey, dns_rdatatype_none, 0, &dnskey, NULL); if (result == ISC_R_NOTFOUND) { empty = true; - } else if (result != ISC_R_SUCCESS) { - goto failure; + } else { + CHECK(result); } /* @@ -22413,8 +22346,7 @@ dns_zone_cdscheck(dns_zone_t *zone, dns_db_t *db, dns_dbversion_t *version) { } if (empty) { - result = DNS_R_BADCDS; - goto failure; + CHECK(DNS_R_BADCDS); } CHECK(dns_rdata_tostruct(&crdata, &structcds, NULL)); @@ -22476,7 +22408,7 @@ dns_zone_cdscheck(dns_zone_t *zone, dns_db_t *db, dns_dbversion_t *version) { &rdata); if (result != ISC_R_SUCCESS) { result = DNS_R_BADCDS; - goto failure; + goto cleanup; } CHECK(dns_rdata_tostruct(&rdata, &structdnskey, NULL)); @@ -22490,12 +22422,10 @@ dns_zone_cdscheck(dns_zone_t *zone, dns_db_t *db, dns_dbversion_t *version) { for (i = 0; i < sizeof(algorithms); i++) { if (delete) { if (algorithms[i] != notexpected) { - result = DNS_R_BADCDS; - goto failure; + CHECK(DNS_R_BADCDS); } } else if (algorithms[i] == expected) { - result = DNS_R_BADCDS; - goto failure; + CHECK(DNS_R_BADCDS); } } } @@ -22528,8 +22458,7 @@ dns_zone_cdscheck(dns_zone_t *zone, dns_db_t *db, dns_dbversion_t *version) { } if (empty) { - result = DNS_R_BADCDNSKEY; - goto failure; + CHECK(DNS_R_BADCDNSKEY); } CHECK(dns_rdata_tostruct(&crdata, &structcdnskey, @@ -22561,18 +22490,16 @@ dns_zone_cdscheck(dns_zone_t *zone, dns_db_t *db, dns_dbversion_t *version) { for (i = 0; i < sizeof(algorithms); i++) { if (delete) { if (algorithms[i] != notexpected) { - result = DNS_R_BADCDNSKEY; - goto failure; + CHECK(DNS_R_BADCDNSKEY); } } else if (algorithms[i] == expected) { - result = DNS_R_BADCDNSKEY; - goto failure; + CHECK(DNS_R_BADCDNSKEY); } } } result = ISC_R_SUCCESS; -failure: +cleanup: if (dns_rdataset_isassociated(&cds)) { dns_rdataset_disassociate(&cds); } @@ -22841,7 +22768,7 @@ keydone(void *arg) { } ZONEDB_UNLOCK(&zone->dblock, isc_rwlocktype_read); if (db == NULL) { - goto failure; + goto cleanup; } dns_db_currentversion(db, &oldver); @@ -22850,23 +22777,16 @@ keydone(void *arg) { dnssec_log(zone, ISC_LOG_ERROR, "keydone:dns_db_newversion -> %s", isc_result_totext(result)); - goto failure; + goto cleanup; } - result = dns_db_getoriginnode(db, &node); - if (result != ISC_R_SUCCESS) { - goto failure; - } + CHECK(dns_db_getoriginnode(db, &node)); result = dns_db_findrdataset(db, node, newver, zone->privatetype, dns_rdatatype_none, 0, &rdataset, NULL); - if (result == ISC_R_NOTFOUND) { - INSIST(!dns_rdataset_isassociated(&rdataset)); - goto failure; - } if (result != ISC_R_SUCCESS) { INSIST(!dns_rdataset_isassociated(&rdataset)); - goto failure; + goto cleanup; } DNS_RDATASET_FOREACH(&rdataset) { @@ -22930,7 +22850,7 @@ keydone(void *arg) { UNLOCK_ZONE(zone); } -failure: +cleanup: if (dns_rdataset_isassociated(&rdataset)) { dns_rdataset_disassociate(&rdataset); } @@ -23008,7 +22928,7 @@ dns_zone_keydone(dns_zone_t *zone, const char *keystr) { isc_async_run(zone->loop, keydone, kd); kd = NULL; -failure: +cleanup: if (kd != NULL) { isc_mem_put(zone->mctx, kd, sizeof(*kd)); } @@ -23115,7 +23035,7 @@ rss_post(void *arg) { } ZONEDB_UNLOCK(&zone->dblock, isc_rwlocktype_read); if (db == NULL) { - goto failure; + goto cleanup; } dns_db_currentversion(db, &oldver); @@ -23124,7 +23044,7 @@ rss_post(void *arg) { dnssec_log(zone, ISC_LOG_ERROR, "setnsec3param:dns_db_newversion -> %s", isc_result_totext(result)); - goto failure; + goto cleanup; } CHECK(dns_db_getoriginnode(db, &node)); @@ -23146,15 +23066,15 @@ rss_post(void *arg) { if (result == ISC_R_SUCCESS) { /* * Success because the NSEC3PARAM already exists, but - * function returns void, so goto failure to clean up. + * function returns void, so goto cleanup. */ - goto failure; + goto cleanup; } if (result != DNS_R_NSEC3RESALT && result != ISC_R_NOTFOUND) { dnssec_log(zone, ISC_LOG_DEBUG(3), "setnsec3param:lookup nsec3param -> %s", isc_result_totext(result)); - goto failure; + goto cleanup; } INSIST(param.salt != NULL); @@ -23195,7 +23115,7 @@ rss_post(void *arg) { } } else if (result != ISC_R_NOTFOUND) { INSIST(!dns_rdataset_isassociated(&prdataset)); - goto failure; + goto cleanup; } /* @@ -23218,7 +23138,7 @@ rss_post(void *arg) { } } else if (result != ISC_R_NOTFOUND) { INSIST(!dns_rdataset_isassociated(&nrdataset)); - goto failure; + goto cleanup; } /* @@ -23282,7 +23202,7 @@ rss_post(void *arg) { UNLOCK_ZONE(zone); } -failure: +cleanup: if (dns_rdataset_isassociated(&prdataset)) { dns_rdataset_disassociate(&prdataset); } @@ -23415,8 +23335,8 @@ setparam: param->salt = lookup->salt; } - if (result != ISC_R_NOTFOUND && result != ISC_R_SUCCESS) { - goto failure; + if (result != ISC_R_NOTFOUND) { + CHECK(result); } if (param->salt_length == 0) { @@ -23451,7 +23371,7 @@ setparam: INSIST(result != ISC_R_SUCCESS); } -failure: +cleanup: if (dns_rdataset_isassociated(&rdataset)) { dns_rdataset_disassociate(&rdataset); } @@ -23602,7 +23522,7 @@ dns_zone_setnsec3param(dns_zone_t *zone, uint8_t hash, uint8_t flags, result = ISC_R_SUCCESS; -failure: +cleanup: UNLOCK_ZONE(zone); return result; } @@ -23722,7 +23642,7 @@ setserial(void *arg) { } ZONEDB_UNLOCK(&zone->dblock, isc_rwlocktype_read); if (db == NULL) { - goto failure; + goto cleanup; } dns_db_currentversion(db, &oldver); @@ -23731,7 +23651,7 @@ setserial(void *arg) { dns_zone_log(zone, ISC_LOG_ERROR, "setserial:dns_db_newversion -> %s", isc_result_totext(result)); - goto failure; + goto cleanup; } CHECK(dns_db_createsoatuple(db, oldver, diff.mctx, DNS_DIFFOP_DEL, @@ -23751,7 +23671,7 @@ setserial(void *arg) { desired, oldserial + 1, oldserial + 0x7fffffff); } - goto failure; + goto cleanup; } dns_soa_setserial(desired, &newtuple->rdata); @@ -23771,7 +23691,7 @@ setserial(void *arg) { zone_needdump(zone, 30); UNLOCK_ZONE(zone); -failure: +cleanup: if (oldtuple != NULL) { dns_difftuple_free(&oldtuple); } @@ -23808,14 +23728,12 @@ dns_zone_setserial(dns_zone_t *zone, uint32_t serial) { if (!inline_secure(zone)) { if (!dns_zone_isdynamic(zone, true)) { - result = DNS_R_NOTDYNAMIC; - goto failure; + CHECK(DNS_R_NOTDYNAMIC); } } if (zone->update_disabled) { - result = DNS_R_FROZEN; - goto failure; + CHECK(DNS_R_FROZEN); } sse = isc_mem_get(zone->mctx, sizeof(*sse)); @@ -23823,7 +23741,7 @@ dns_zone_setserial(dns_zone_t *zone, uint32_t serial) { zone_iattach(zone, &sse->zone); isc_async_run(zone->loop, setserial, sse); -failure: +cleanup: UNLOCK_ZONE(zone); return result; } @@ -23866,16 +23784,14 @@ dns_zone_verifydb(dns_zone_t *zone, dns_db_t *db, dns_dbversion_t *ver) { if (zone->view != NULL) { result = dns_view_getsecroots(zone->view, &secroots); - if (result != ISC_R_SUCCESS) { - goto done; - } + CHECK(result); } origin = dns_db_origin(db); result = dns_zoneverify_dnssec(zone, db, version, origin, secroots, zone->mctx, true, false, dnssec_report); -done: +cleanup: if (secroots != NULL) { dns_keytable_detach(&secroots); } @@ -24004,7 +23920,7 @@ dns_zone_import_skr(dns_zone_t *zone, const char *file) { dns_zone_setskr(zone, skr); dnssec_log(zone, ISC_LOG_DEBUG(1), "imported skr file %s", file); -failure: +cleanup: dns_skr_detach(&skr); return result; diff --git a/lib/isc/base32.c b/lib/isc/base32.c index 74e74839f2d..7ba1b33b43b 100644 --- a/lib/isc/base32.c +++ b/lib/isc/base32.c @@ -22,13 +22,6 @@ #include #include -#define RETERR(x) \ - do { \ - isc_result_t _r = (x); \ - if (_r != ISC_R_SUCCESS) \ - return ((_r)); \ - } while (0) - /*@{*/ /*! * These static functions are also present in lib/dns/rdata.c. I'm not diff --git a/lib/isc/base64.c b/lib/isc/base64.c index a51aa0d1634..ba4ee7148fd 100644 --- a/lib/isc/base64.c +++ b/lib/isc/base64.c @@ -21,13 +21,6 @@ #include #include -#define RETERR(x) \ - do { \ - isc_result_t _r = (x); \ - if (_r != ISC_R_SUCCESS) \ - return ((_r)); \ - } while (0) - /*@{*/ /*! * These static functions are also present in lib/dns/rdata.c. I'm not diff --git a/lib/isc/hex.c b/lib/isc/hex.c index cf174daa983..7f63df7aa64 100644 --- a/lib/isc/hex.c +++ b/lib/isc/hex.c @@ -38,13 +38,6 @@ const uint8_t isc__hex_char[256] = { #undef U #undef L -#define RETERR(x) \ - do { \ - isc_result_t _r = (x); \ - if (_r != ISC_R_SUCCESS) \ - return ((_r)); \ - } while (0) - /* * BEW: These static functions are copied from lib/dns/rdata.c. */ diff --git a/lib/isc/httpd.c b/lib/isc/httpd.c index 06c61e316b2..7cf51567e50 100644 --- a/lib/isc/httpd.c +++ b/lib/isc/httpd.c @@ -37,14 +37,6 @@ #include #endif /* ifdef HAVE_ZLIB */ -#define CHECK(m) \ - do { \ - result = (m); \ - if (result != ISC_R_SUCCESS) { \ - goto cleanup; \ - } \ - } while (0) - /* * Size the recv buffer to hold at maximum two full buffers from isc_nm_read(), * so we don't have to handle the truncation. diff --git a/lib/isc/include/isc/util.h b/lib/isc/include/isc/util.h index 95d93fd3324..5564bb71995 100644 --- a/lib/isc/include/isc/util.h +++ b/lib/isc/include/isc/util.h @@ -241,6 +241,40 @@ mock_assert(const int result, const char *const expression, #endif /* UNIT_TESTING */ +/* + * Check for ISC_R_SUCCESS. On any other result, jump to a cleanup + * label. (This macro requires the function to define `result` + * and `cleanup:`.) + */ +#define CHECK(r) \ + { \ + result = (r); \ + if (result != ISC_R_SUCCESS) { \ + goto cleanup; \ + } \ + } + +/* + * Unconditionally jump to the cleanup tag with 'result' set to 'r'. + */ +#define CLEANUP(r) \ + { \ + result = (r); \ + goto cleanup; \ + } + +/* + * Check for ISC_R_SUCCESS and continue if found. For any other + * result, return the result. + */ +#define RETERR(x) \ + { \ + isc_result_t _r = (x); \ + if (_r != ISC_R_SUCCESS) { \ + return ((_r)); \ + } \ + } + /*% * Runtime check which logs the error value returned by a POSIX Threads * function and the error string that corresponds to it diff --git a/lib/isccfg/namedconf.c b/lib/isccfg/namedconf.c index 65d1d53dd31..0d12b7d6243 100644 --- a/lib/isccfg/namedconf.c +++ b/lib/isccfg/namedconf.c @@ -33,15 +33,6 @@ #define TOKEN_STRING(pctx) (pctx->token.value.as_textregion.base) -/*% Check a return value. */ -#define CHECK(op) \ - { \ - result = (op); \ - if (result != ISC_R_SUCCESS) { \ - goto cleanup; \ - } \ - } - /*% Clean up a configuration object if non-NULL. */ #define CLEANUP_OBJ(obj) \ { \ diff --git a/lib/isccfg/parser.c b/lib/isccfg/parser.c index 199e9aa9fb2..0c6a6f5694d 100644 --- a/lib/isccfg/parser.c +++ b/lib/isccfg/parser.c @@ -80,14 +80,6 @@ #define TOKEN_STRING(pctx) (pctx->token.value.as_textregion.base) #define TOKEN_REGION(pctx) (pctx->token.value.as_textregion) -/* Check a return value. */ -#define CHECK(op) \ - do { \ - result = (op); \ - if (result != ISC_R_SUCCESS) \ - goto cleanup; \ - } while (0) - /* cfg_obj_t magic number */ #define CFGOBJ_MAGIC ISC_MAGIC('c', 'f', 'g', 'o') #define VALID_CFGOBJ(obj) ISC_MAGIC_VALID(obj, CFGOBJ_MAGIC) @@ -2121,7 +2113,6 @@ free_list(cfg_obj_t *obj) { isc_result_t cfg_parse_listelt(cfg_parser_t *pctx, cfg_obj_t *list, const cfg_type_t *elttype, cfg_listelt_t **ret) { - isc_result_t result; cfg_listelt_t *elt = NULL; cfg_obj_t *value = NULL; @@ -2130,10 +2121,7 @@ cfg_parse_listelt(cfg_parser_t *pctx, cfg_obj_t *list, REQUIRE(elttype != NULL); REQUIRE(ret != NULL && *ret == NULL); - result = cfg_parse_obj(pctx, elttype, &value); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(cfg_parse_obj(pctx, elttype, &value)); create_listelt(list, &elt); elt->obj = value; diff --git a/lib/ns/hooks.c b/lib/ns/hooks.c index a851a23fb03..89891574a67 100644 --- a/lib/ns/hooks.c +++ b/lib/ns/hooks.c @@ -33,14 +33,6 @@ #include #include -#define CHECK(op) \ - do { \ - result = (op); \ - if (result != ISC_R_SUCCESS) { \ - goto cleanup; \ - } \ - } while (0) - struct ns_plugin { isc_mem_t *mctx; uv_lib_t handle; @@ -87,12 +79,9 @@ plugin_expandpath(const char *src, char *dst, size_t dstsize, bool appendext) { isc_result_t ns_plugin_expandpath(const char *src, char *dst, size_t dstsize) { - isc_result_t result; + isc_result_t result = ISC_R_SUCCESS; - result = plugin_expandpath(src, dst, dstsize, false); - if (result != ISC_R_SUCCESS) { - return result; - } + RETERR(plugin_expandpath(src, dst, dstsize, false)); if (isc_file_exists(dst) == false) { result = plugin_expandpath(src, dst, dstsize, true); diff --git a/lib/ns/update.c b/lib/ns/update.c index 664607a5083..a88e1c245b3 100644 --- a/lib/ns/update.c +++ b/lib/ns/update.c @@ -75,34 +75,6 @@ */ #define LOGLEVEL_DEBUG ISC_LOG_DEBUG(8) -/*% - * Check an operation for failure. These macros all assume that - * the function using them has a 'result' variable and a 'failure' - * label. - */ -#define CHECK(op) \ - do { \ - result = (op); \ - if (result != ISC_R_SUCCESS) \ - goto failure; \ - } while (0) - -/*% - * Fail unconditionally with result 'code', which must not - * be ISC_R_SUCCESS. The reason for failure presumably has - * been logged already. - * - * The test against ISC_R_SUCCESS is there to keep the Solaris compiler - * from complaining about "end-of-loop code not reached". - */ - -#define FAIL(code) \ - do { \ - result = (code); \ - if (result != ISC_R_SUCCESS) \ - goto failure; \ - } while (0) - /*% * Fail unconditionally and log as a client error. * The test against ISC_R_SUCCESS is there to keep the Solaris compiler @@ -125,7 +97,7 @@ "update %s: %s (%s)", _what, msg, \ isc_result_totext(result)); \ if (result != ISC_R_SUCCESS) \ - goto failure; \ + goto cleanup; \ } while (0) #define PREREQFAILC(code, msg) \ do { \ @@ -154,7 +126,7 @@ msg, isc_result_totext(result)); \ } \ if (result != ISC_R_SUCCESS) \ - goto failure; \ + goto cleanup; \ } while (0) #define PREREQFAILN(code, name, msg) \ do { \ @@ -185,7 +157,7 @@ _tbuf, msg, isc_result_totext(result)); \ } \ if (result != ISC_R_SUCCESS) \ - goto failure; \ + goto cleanup; \ } while (0) #define PREREQFAILNT(code, name, type, msg) \ do { \ @@ -204,7 +176,7 @@ update_log(client, zone, LOGLEVEL_PROTOCOL, "error: %s: %s", \ msg, isc_result_totext(result)); \ if (result != ISC_R_SUCCESS) \ - goto failure; \ + goto cleanup; \ } while (0) /* @@ -491,7 +463,7 @@ do_diff(dns_diff_t *updates, dns_db_t *db, dns_dbversion_t *ver, } return ISC_R_SUCCESS; -failure: +cleanup: dns_diff_clear(diff); return result; } @@ -1173,10 +1145,7 @@ temp_check(isc_mem_t *mctx, dns_diff_t *temp, dns_db_t *db, temp_append(&d_rrs, name, &rdata); } - result = dns_diff_sort(&d_rrs, temp_order); - if (result != ISC_R_SUCCESS) { - goto failure; - } + CHECK(dns_diff_sort(&d_rrs, temp_order)); /* * Collect all update RRs for this name and type @@ -1193,11 +1162,8 @@ temp_check(isc_mem_t *mctx, dns_diff_t *temp, dns_db_t *db, } /* Compare the two sorted lists. */ - result = temp_check_rrset(ISC_LIST_HEAD(u_rrs.tuples), - ISC_LIST_HEAD(d_rrs.tuples)); - if (result != ISC_R_SUCCESS) { - goto failure; - } + CHECK(temp_check_rrset(ISC_LIST_HEAD(u_rrs.tuples), + ISC_LIST_HEAD(d_rrs.tuples))); /* * We are done with the tuples, but we can't free @@ -1210,7 +1176,7 @@ temp_check(isc_mem_t *mctx, dns_diff_t *temp, dns_db_t *db, continue; - failure: + cleanup: dns_diff_clear(&d_rrs); dns_diff_clear(&u_rrs); dns_diff_clear(&trash); @@ -1536,7 +1502,7 @@ update_soa_serial(dns_db_t *db, dns_dbversion_t *ver, dns_diff_t *diff, CHECK(do_one_tuple(&addtuple, db, ver, diff)); result = ISC_R_SUCCESS; -failure: +cleanup: if (addtuple != NULL) { dns_difftuple_free(&addtuple); } @@ -1680,7 +1646,7 @@ send_update(ns_client_t *client, dns_zone_t *zone) { } result = dns_zone_checknames(zone, name, &rdata); if (result != ISC_R_SUCCESS) { - FAIL(DNS_R_REFUSED); + CHECK(DNS_R_REFUSED); } if ((options & DNS_ZONEOPT_CHECKSVCB) != 0 && rdata.type == dns_rdatatype_svcb) @@ -1708,7 +1674,7 @@ send_update(ns_client_t *client, dns_zone_t *zone) { update_log(client, zone, ISC_LOG_WARNING, "update RR has incorrect class %d", update_class); - FAIL(DNS_R_FORMERR); + CHECK(DNS_R_FORMERR); } /* @@ -1853,7 +1819,7 @@ send_update(ns_client_t *client, dns_zone_t *zone) { isc_async_run(dns_zone_getloop(zone), update_action, uev); maxbytype = NULL; -failure: +cleanup: if (db != NULL) { dns_db_closeversion(db, &ver, false); dns_db_detach(&db); @@ -1958,9 +1924,7 @@ ns_update_start(ns_client_t *client, isc_nmhandle_t *handle, * We can now fail due to a bad signature as we now know * that we are the primary. */ - if (sigresult != ISC_R_SUCCESS) { - FAIL(sigresult); - } + CHECK(sigresult); dns_message_clonebuffer(client->message); CHECK(send_update(client, zone)); break; @@ -1974,7 +1938,7 @@ ns_update_start(ns_client_t *client, isc_nmhandle_t *handle, } return; -failure: +cleanup: if (result == DNS_R_REFUSED) { inc_stats(client, zone, ns_statscounter_updaterej); } @@ -2031,7 +1995,7 @@ remove_orphaned_ds(dns_db_t *db, dns_dbversion_t *newver, dns_diff_t *diff) { } result = ISC_R_SUCCESS; -failure: +cleanup: ISC_LIST_FOREACH(temp_diff.tuples, tuple, link) { ISC_LIST_UNLINK(temp_diff.tuples, tuple, link); dns_diff_appendminimal(diff, &tuple); @@ -2164,7 +2128,7 @@ rr_exists(dns_db_t *db, dns_dbversion_t *ver, dns_name_t *name, if (result == ISC_R_NOTFOUND) { *flag = false; result = ISC_R_SUCCESS; - goto failure; + goto cleanup; } else { CHECK(result); } @@ -2173,7 +2137,7 @@ rr_exists(dns_db_t *db, dns_dbversion_t *ver, dns_name_t *name, if (result == ISC_R_NOTFOUND) { *flag = false; result = ISC_R_SUCCESS; - goto failure; + goto cleanup; } bool matched = false; @@ -2188,7 +2152,7 @@ rr_exists(dns_db_t *db, dns_dbversion_t *ver, dns_name_t *name, dns_rdataset_disassociate(&rdataset); *flag = matched; -failure: +cleanup: if (node != NULL) { dns_db_detachnode(&node); } @@ -2215,9 +2179,7 @@ get_iterations(dns_db_t *db, dns_dbversion_t *ver, dns_rdatatype_t privatetype, if (result == ISC_R_NOTFOUND) { goto try_private; } - if (result != ISC_R_SUCCESS) { - goto failure; - } + CHECK(result); DNS_RDATASET_FOREACH(&rdataset) { dns_rdata_t rdata = DNS_RDATA_INIT; @@ -2243,9 +2205,7 @@ try_private: if (result == ISC_R_NOTFOUND) { goto success; } - if (result != ISC_R_SUCCESS) { - goto failure; - } + CHECK(result); DNS_RDATASET_FOREACH(&rdataset) { unsigned char buf[DNS_NSEC3PARAM_BUFFERSIZE]; @@ -2271,7 +2231,7 @@ success: *iterationsp = iterations; result = ISC_R_SUCCESS; -failure: +cleanup: if (node != NULL) { dns_db_detachnode(&node); } @@ -2296,8 +2256,7 @@ check_dnssec(ns_client_t *client, dns_zone_t *zone, dns_db_t *db, if (!dns_zone_check_dnskey_nsec3(zone, db, ver, diff, NULL, 0)) { update_log(client, zone, ISC_LOG_ERROR, "NSEC only DNSKEYs and NSEC3 chains not allowed"); - result = DNS_R_REFUSED; - goto failure; + CHECK(DNS_R_REFUSED); } /* Verify NSEC3 params */ @@ -2305,11 +2264,10 @@ check_dnssec(ns_client_t *client, dns_zone_t *zone, dns_db_t *db, if (iterations > dns_nsec3_maxiterations()) { update_log(client, zone, ISC_LOG_ERROR, "too many NSEC3 iterations (%u)", iterations); - result = DNS_R_REFUSED; - goto failure; + CHECK(DNS_R_REFUSED); } -failure: +cleanup: return result; } @@ -2581,7 +2539,7 @@ add_nsec3param_records(ns_client_t *client, dns_zone_t *zone, dns_db_t *db, } result = ISC_R_SUCCESS; -failure: +cleanup: dns_diff_clear(&temp_diff); return result; } @@ -2638,7 +2596,7 @@ rollback_private(dns_db_t *db, dns_rdatatype_t privatetype, } result = ISC_R_SUCCESS; -failure: +cleanup: dns_diff_clear(&temp_diff); return result; } @@ -3050,7 +3008,7 @@ update_action(void *arg) { if (result != ISC_R_SUCCESS) { dns_diff_clear(&ctx.del_diff); dns_diff_clear(&ctx.add_diff); - goto failure; + goto cleanup; } result = update_one_rr( db, ver, &diff, DNS_DIFFOP_ADD, @@ -3062,7 +3020,7 @@ update_action(void *arg) { "failed: %s", isc_result_totext( result)); - goto failure; + goto cleanup; } } } @@ -3151,13 +3109,9 @@ update_action(void *arg) { * that are in use (under our control). */ if (dns_rdatatype_iskeymaterial(rdata.type)) { - isc_result_t r; bool inuse = false; - r = dns_zone_dnskey_inuse(zone, &rdata, - &inuse); - if (r != ISC_R_SUCCESS) { - FAIL(r); - } + CHECK(dns_zone_dnskey_inuse( + zone, &rdata, &inuse)); if (inuse) { char typebuf [DNS_RDATATYPE_FORMATSIZE]; @@ -3202,8 +3156,7 @@ update_action(void *arg) { update_log(client, zone, LOGLEVEL_PROTOCOL, "update rejected: post update name server " "sanity check failed"); - result = DNS_R_REFUSED; - goto failure; + CHECK(DNS_R_REFUSED); } } if (!ISC_LIST_EMPTY(diff.tuples) && is_signing) { @@ -3212,12 +3165,9 @@ update_action(void *arg) { update_log(client, zone, LOGLEVEL_PROTOCOL, "update rejected: bad %s RRset", result == DNS_R_BADCDS ? "CDS" : "CDNSKEY"); - result = DNS_R_REFUSED; - goto failure; - } - if (result != ISC_R_SUCCESS) { - goto failure; + CHECK(DNS_R_REFUSED); } + CHECK(result); } /* @@ -3277,7 +3227,7 @@ update_action(void *arg) { update_log(client, zone, ISC_LOG_ERROR, "RRSIG/NSEC/NSEC3 update failed: %s", isc_result_totext(result)); - goto failure; + goto cleanup; } } @@ -3289,8 +3239,7 @@ update_action(void *arg) { "records in zone (%" PRIu64 ") exceeds max-records (%u)", records, maxrecords); - result = DNS_R_TOOMANYRECORDS; - goto failure; + CHECK(DNS_R_TOOMANYRECORDS); } } @@ -3341,7 +3290,7 @@ update_action(void *arg) { result = ISC_R_SUCCESS; goto common; -failure: +cleanup: /* * The reason for failure should have been logged at this point. */ diff --git a/lib/ns/xfrout.c b/lib/ns/xfrout.c index af9273f7b4b..3ca1c1f7026 100644 --- a/lib/ns/xfrout.c +++ b/lib/ns/xfrout.c @@ -81,7 +81,7 @@ "bad zone transfer request: %s (%s)", msg, \ isc_result_totext(code)); \ if (result != ISC_R_SUCCESS) \ - goto failure; \ + goto cleanup; \ } while (0) #define FAILQ(code, msg, question, rdclass) \ @@ -96,14 +96,7 @@ "bad zone transfer request: '%s/%s': %s (%s)", \ _buf1, _buf2, msg, isc_result_totext(code)); \ if (result != ISC_R_SUCCESS) \ - goto failure; \ - } while (0) - -#define CHECK(op) \ - do { \ - result = (op); \ - if (result != ISC_R_SUCCESS) \ - goto failure; \ + goto cleanup; \ } while (0) /**************************************************************************/ @@ -248,7 +241,7 @@ ixfr_rrstream_create(isc_mem_t *mctx, const char *journal_filename, *sp = (rrstream_t *)s; return ISC_R_SUCCESS; -failure: +cleanup: ixfr_rrstream_destroy((rrstream_t **)(void *)&s); return result; } @@ -329,7 +322,7 @@ axfr_rrstream_create(isc_mem_t *mctx, dns_db_t *db, dns_dbversion_t *ver, *sp = (rrstream_t *)s; return ISC_R_SUCCESS; -failure: +cleanup: axfr_rrstream_destroy((rrstream_t **)(void *)&s); return result; } @@ -449,7 +442,7 @@ soa_rrstream_create(isc_mem_t *mctx, dns_db_t *db, dns_dbversion_t *ver, *sp = (rrstream_t *)s; return ISC_R_SUCCESS; -failure: +cleanup: soa_rrstream_destroy((rrstream_t **)(void *)&s); return result; } @@ -826,7 +819,7 @@ ns_xfr_start(ns_client_t *client, dns_rdatatype_t reqtype) { ISC_LOG_ERROR, "zone transfer '%s/%s' denied", _buf1, _buf2); - goto failure; + goto cleanup; } if (result != ISC_R_SUCCESS) { FAILQ(DNS_R_NOTAUTH, "non-authoritative zone", @@ -1161,7 +1154,7 @@ have_stream: result = ISC_R_SUCCESS; -failure: +cleanup: if (result == DNS_R_REFUSED) { inc_stats(client, zone, ns_statscounter_xfrrej); } @@ -1271,7 +1264,7 @@ xfrout_ctx_create(isc_mem_t *mctx, ns_client_t *client, unsigned int id, xfr->txmemlen = len; /* - * These MUST be after the last "goto failure;" / CHECK to + * These MUST be after the last "goto cleanup;" / CHECK to * prevent a double free by the caller. */ xfr->stream = stream; @@ -1512,8 +1505,7 @@ sendstream(xfrout_ctx_t *xfr) { "(%d bytes)", size); /* XXX DNS_R_RRTOOLARGE? */ - result = ISC_R_NOSPACE; - goto failure; + CHECK(ISC_R_NOSPACE); } break; } @@ -1608,7 +1600,7 @@ sendstream(xfrout_ctx_t *xfr) { /* Advance lasttsig to be the last TSIG generated */ CHECK(dns_message_getquerytsig(msg, xfr->mctx, &xfr->lasttsig)); -failure: +cleanup: if (tcpmsg != NULL) { dns_message_detach(&tcpmsg); } diff --git a/tests/bench/load-names.c b/tests/bench/load-names.c index 210f13ec956..8c437df575b 100644 --- a/tests/bench/load-names.c +++ b/tests/bench/load-names.c @@ -83,7 +83,7 @@ const dns_qpmethods_t qpmethods = { testname, }; -#define CHECK(count, result) \ +#define CHECKN(count, result) \ do { \ if (result != ISC_R_SUCCESS) { \ dns_name_t *name = &item[count].fixed.name; \ @@ -161,14 +161,14 @@ thread_lfht(void *arg0) { isc_time_t t0 = isc_time_now_hires(); for (size_t n = arg->start; n < arg->end; n++) { isc_result_t result = add_lfht(arg->map, n); - CHECK(n, result); + CHECKN(n, result); } isc_time_t t1 = isc_time_now_hires(); for (size_t n = arg->start; n < arg->end; n++) { void *pval = NULL; isc_result_t result = get_lfht(arg->map, n, &pval); - CHECK(n, result); + CHECKN(n, result); assert(pval == &item[n]); } @@ -224,7 +224,7 @@ thread_hashmap(void *arg0) { WRLOCK(&rwl); for (size_t n = arg->start; n < arg->end; n++) { isc_result_t result = add_hashmap(arg->map, n); - CHECK(n, result); + CHECKN(n, result); } WRUNLOCK(&rwl); @@ -233,7 +233,7 @@ thread_hashmap(void *arg0) { for (size_t n = arg->start; n < arg->end; n++) { void *pval = NULL; isc_result_t result = get_hashmap(arg->map, n, &pval); - CHECK(n, result); + CHECKN(n, result); assert(pval == &item[n]); } RDUNLOCK(&rwl); @@ -281,7 +281,7 @@ thread_ht(void *arg0) { WRLOCK(&rwl); for (size_t n = arg->start; n < arg->end; n++) { isc_result_t result = add_ht(arg->map, n); - CHECK(n, result); + CHECKN(n, result); } WRUNLOCK(&rwl); @@ -290,7 +290,7 @@ thread_ht(void *arg0) { for (size_t n = arg->start; n < arg->end; n++) { void *pval = NULL; isc_result_t result = get_ht(arg->map, n, &pval); - CHECK(n, result); + CHECKN(n, result); assert(pval == &item[n]); } RDUNLOCK(&rwl); @@ -342,7 +342,7 @@ _thread_qp(void *arg0, bool sqz, bool brr) { isc_time_t t0 = isc_time_now_hires(); for (size_t n = arg->start; n < arg->end; n++) { isc_result_t result = add_qp(qp, n); - CHECK(n, result); + CHECKN(n, result); } if (sqz) { sqz_qp(qp); @@ -360,7 +360,7 @@ _thread_qp(void *arg0, bool sqz, bool brr) { for (size_t n = arg->start; n < arg->end; n++) { void *pval = NULL; isc_result_t result = get_qp(&qpr, n, &pval); - CHECK(n, result); + CHECKN(n, result); assert(pval == &item[n]); } diff --git a/tests/dns/qpdb_test.c b/tests/dns/qpdb_test.c index e7e16042c2a..287e80de0c5 100644 --- a/tests/dns/qpdb_test.c +++ b/tests/dns/qpdb_test.c @@ -36,11 +36,9 @@ #pragma GCC diagnostic push #pragma GCC diagnostic ignored "-Wshadow" -#undef CHECK #include "qpcache.c" #pragma GCC diagnostic pop -#undef CHECK #include /* Set to true (or use -v option) for verbose output */ diff --git a/tests/dns/qpzone_test.c b/tests/dns/qpzone_test.c index ba2591bf176..7f80a238aba 100644 --- a/tests/dns/qpzone_test.c +++ b/tests/dns/qpzone_test.c @@ -41,11 +41,9 @@ #pragma GCC diagnostic push #pragma GCC diagnostic ignored "-Wshadow" -#undef CHECK #include "qpzone.c" #pragma GCC diagnostic pop -#undef CHECK #include const char *ownercase_vectors[12][2] = { diff --git a/tests/dns/tsig_test.c b/tests/dns/tsig_test.c index 0102603d490..b07dcd27abe 100644 --- a/tests/dns/tsig_test.c +++ b/tests/dns/tsig_test.c @@ -40,14 +40,6 @@ #define TEST_ORIGIN "test" -#define CHECK(r) \ - { \ - result = (r); \ - if (result != ISC_R_SUCCESS) { \ - goto cleanup; \ - } \ - } - static isc_result_t add_mac(dst_context_t *tsigctx, isc_buffer_t *buf) { dns_rdata_any_tsig_t tsig; diff --git a/tests/dns/update_test.c b/tests/dns/update_test.c index 37cad328901..3cbd7daee69 100644 --- a/tests/dns/update_test.c +++ b/tests/dns/update_test.c @@ -40,11 +40,9 @@ */ #pragma GCC diagnostic push #pragma GCC diagnostic ignored "-Wshadow" -#undef CHECK #include "update.c" #pragma GCC diagnostic pop -#undef CHECK #include static int