From: Evan Hunt Date: Thu, 16 Oct 2025 22:05:01 +0000 (-0700) Subject: use a standard CLEANUP macro X-Git-Tag: v9.21.16~3^2 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=d4ebea103726c8b1df1fa4bb4d6ac25dc4c5811e;p=thirdparty%2Fbind9.git use a standard CLEANUP macro CLEANUP is a macro similar to CHECK but unconditional, jumping to cleanup even if the result is ISC_R_SUCCESS. It is now used in place of DST_RET, CLEANUP_WITH, and CHECK(). --- diff --git a/bin/check/named-checkconf.c b/bin/check/named-checkconf.c index ee304a9b204..5b2c934e523 100644 --- a/bin/check/named-checkconf.c +++ b/bin/check/named-checkconf.c @@ -497,7 +497,7 @@ load_zones_fromconfig(const cfg_obj_t *config, bool list_zones) { } if (dns_rdataclass_ismeta(viewclass)) { - CHECK(ISC_R_FAILURE); + CLEANUP(ISC_R_FAILURE); } dns_rdataclass_format(viewclass, buf, sizeof(buf)); @@ -683,7 +683,7 @@ main(int argc, char **argv) { fprintf(stderr, "%s: unhandled option -%c\n", isc_commandline_progname, isc_commandline_option); - CHECK(ISC_R_FAILURE); + CLEANUP(ISC_R_FAILURE); } } @@ -695,12 +695,12 @@ main(int argc, char **argv) { if (((flags & CFG_PRINTER_XKEY) != 0) && !print) { fprintf(stderr, "%s: -x cannot be used without -p\n", isc_commandline_progname); - CHECK(ISC_R_FAILURE); + CLEANUP(ISC_R_FAILURE); } if (print && list_zones) { fprintf(stderr, "%s: -l cannot be used with -p\n", isc_commandline_progname); - CHECK(ISC_R_FAILURE); + CLEANUP(ISC_R_FAILURE); } if (isc_commandline_index + 1 < argc) { diff --git a/bin/delv/delv.c b/bin/delv/delv.c index 7915c4f8089..262497da41d 100644 --- a/bin/delv/delv.c +++ b/bin/delv/delv.c @@ -676,7 +676,7 @@ key_fromconfig(const cfg_obj_t *key, dns_client_t *client, dns_view_t *toview) { delv_log(ISC_LOG_ERROR, "key '%s': invalid initialization method '%s'", keynamestr, atstr); - CHECK(ISC_R_FAILURE); + CLEANUP(ISC_R_FAILURE); } } @@ -684,13 +684,13 @@ key_fromconfig(const cfg_obj_t *key, dns_client_t *client, dns_view_t *toview) { isc_buffer_init(&rrdatabuf, rrdata, sizeof(rrdata)); if (rdata1 > 0xffff) { - CHECK(ISC_R_RANGE); + CLEANUP(ISC_R_RANGE); } if (rdata2 > 0xff) { - CHECK(ISC_R_RANGE); + CLEANUP(ISC_R_RANGE); } if (rdata3 > 0xff) { - CHECK(ISC_R_RANGE); + CLEANUP(ISC_R_RANGE); } switch (anchortype) { @@ -741,17 +741,17 @@ key_fromconfig(const cfg_obj_t *key, dns_client_t *client, dns_view_t *toview) { switch (ds.digest_type) { case DNS_DSDIGEST_SHA1: if (r.length != ISC_SHA1_DIGESTLENGTH) { - CHECK(ISC_R_UNEXPECTEDEND); + CLEANUP(ISC_R_UNEXPECTEDEND); } break; case DNS_DSDIGEST_SHA256: if (r.length != ISC_SHA256_DIGESTLENGTH) { - CHECK(ISC_R_UNEXPECTEDEND); + CLEANUP(ISC_R_UNEXPECTEDEND); } break; case DNS_DSDIGEST_SHA384: if (r.length != ISC_SHA384_DIGESTLENGTH) { - CHECK(ISC_R_UNEXPECTEDEND); + CLEANUP(ISC_R_UNEXPECTEDEND); } break; } diff --git a/bin/dig/dighost.c b/bin/dig/dighost.c index 1eeb11e4329..80253b18d6d 100644 --- a/bin/dig/dighost.c +++ b/bin/dig/dighost.c @@ -850,7 +850,7 @@ setup_text_key(void) { secretsize = isc_buffer_usedlength(&secretbuf); if (hmac_alg == DST_ALG_UNKNOWN) { - CHECK(DST_R_UNSUPPORTEDALG); + CLEANUP(DST_R_UNSUPPORTEDALG); } CHECK(dns_name_fromtext(keyname, namebuf, dns_rootname, 0)); diff --git a/bin/dnssec/dnssec-ksr.c b/bin/dnssec/dnssec-ksr.c index efba16f4518..8f0c61c7a1c 100644 --- a/bin/dnssec/dnssec-ksr.c +++ b/bin/dnssec/dnssec-ksr.c @@ -93,7 +93,7 @@ static int min_dh = 128; #define NEXTTOKEN(lex, opt, token) CHECK(isc_lex_gettoken(lex, opt, token)) -#define BADTOKEN() CHECK(ISC_R_UNEXPECTEDTOKEN) +#define BADTOKEN() CLEANUP(ISC_R_UNEXPECTEDTOKEN) isc_bufferlist_t cleanup_list = ISC_LIST_INITIALIZER; diff --git a/bin/named/builtin.c b/bin/named/builtin.c index 80e3c5a7fe5..9ab76d50636 100644 --- a/bin/named/builtin.c +++ b/bin/named/builtin.c @@ -1156,13 +1156,13 @@ create(isc_mem_t *mctx, const dns_name_t *origin, dns_dbtype_t type, if (needargs) { if (argc != 3) { - CHECK(DNS_R_SYNTAX); + CLEANUP(DNS_R_SYNTAX); } bdb->server = isc_mem_strdup(isc_g_mctx, argv[1]); bdb->contact = isc_mem_strdup(isc_g_mctx, argv[2]); } else if (argc != 1) { - CHECK(DNS_R_SYNTAX); + CLEANUP(DNS_R_SYNTAX); } bdb->common.magic = DNS_DB_MAGIC; diff --git a/bin/named/control.c b/bin/named/control.c index 8750f4c7f2e..709d74ea551 100644 --- a/bin/named/control.c +++ b/bin/named/control.c @@ -124,7 +124,7 @@ named_control_docommand(isccc_sexpr_t *message, bool readonly, "rejecting restricted control channel " "command '%s'", cmdline); - CHECK(ISC_R_FAILURE); + CLEANUP(ISC_R_FAILURE); } isc_log_write(NAMED_LOGCATEGORY_GENERAL, NAMED_LOGMODULE_CONTROL, diff --git a/bin/named/controlconf.c b/bin/named/controlconf.c index d014a831e43..4653bcafa74 100644 --- a/bin/named/controlconf.c +++ b/bin/named/controlconf.c @@ -442,12 +442,12 @@ control_recvmessage(isc_nmhandle_t *handle ISC_ATTR_UNUSED, isc_result_t result, } if (!match) { - CHECK(ISCCC_R_BADAUTH); + CLEANUP(ISCCC_R_BADAUTH); } /* We shouldn't be getting a reply. */ if (isccc_cc_isreply(conn->request)) { - CHECK(ISC_R_FAILURE); + CLEANUP(ISC_R_FAILURE); } conn->now = isc_stdtime_now(); @@ -457,17 +457,17 @@ control_recvmessage(isc_nmhandle_t *handle ISC_ATTR_UNUSED, isc_result_t result, */ conn->ctrl = isccc_alist_lookup(conn->request, "_ctrl"); if (!isccc_alist_alistp(conn->ctrl)) { - CHECK(ISC_R_FAILURE); + CLEANUP(ISC_R_FAILURE); } if (isccc_cc_lookupuint32(conn->ctrl, "_tim", &sent) == ISC_R_SUCCESS) { if ((sent + CLOCKSKEW) < conn->now || (sent - CLOCKSKEW) > conn->now) { - CHECK(DNS_R_CLOCKSKEW); + CLEANUP(DNS_R_CLOCKSKEW); } } else { - CHECK(ISC_R_FAILURE); + CLEANUP(ISC_R_FAILURE); } /* @@ -476,7 +476,7 @@ control_recvmessage(isc_nmhandle_t *handle ISC_ATTR_UNUSED, isc_result_t result, if (isccc_cc_lookupuint32(conn->ctrl, "_exp", &exp) == ISC_R_SUCCESS && conn->now > exp) { - CHECK(DNS_R_EXPIRED); + CLEANUP(DNS_R_EXPIRED); } /* @@ -499,7 +499,7 @@ control_recvmessage(isc_nmhandle_t *handle ISC_ATTR_UNUSED, isc_result_t result, ISC_R_SUCCESS || conn->nonce != nonce)) { - CHECK(ISCCC_R_BADAUTH); + CLEANUP(ISCCC_R_BADAUTH); } isc_buffer_allocate(listener->mctx, &conn->text, 2 * 2048); @@ -1076,7 +1076,7 @@ add_listener(named_controls_t *cp, controllistener_t **listenerp, if ((pf == AF_INET && isc_net_probeipv4() != ISC_R_SUCCESS) || (pf == AF_INET6 && isc_net_probeipv6() != ISC_R_SUCCESS)) { - CHECK(ISC_R_FAMILYNOSUPPORT); + CLEANUP(ISC_R_FAMILYNOSUPPORT); } CHECK(isc_nm_listentcp(ISC_NM_LISTEN_ONE, &listener->address, diff --git a/bin/named/server.c b/bin/named/server.c index b6ca56d9a45..4dc7b91afac 100644 --- a/bin/named/server.c +++ b/bin/named/server.c @@ -711,7 +711,7 @@ ta_fromconfig(const cfg_obj_t *key, bool *initialp, const char **namestrp, "key '%s': " "invalid initialization method '%s'", namestr, atstr); - CHECK(ISC_R_FAILURE); + CLEANUP(ISC_R_FAILURE); } } @@ -763,7 +763,7 @@ ta_fromconfig(const cfg_obj_t *key, bool *initialp, const char **namestrp, keystruct.algorithm, keystruct.data, keystruct.datalen); if (!dst_algorithm_supported(algorithm)) { - CHECK(DST_R_UNSUPPORTEDALG); + CLEANUP(DST_R_UNSUPPORTEDALG); } CHECK(dns_rdata_fromstruct(&rdata, keystruct.common.rdclass, @@ -796,30 +796,30 @@ ta_fromconfig(const cfg_obj_t *key, bool *initialp, const char **namestrp, switch (ds->digest_type) { case DNS_DSDIGEST_SHA1: if (r.length != ISC_SHA1_DIGESTLENGTH) { - CHECK(ISC_R_UNEXPECTEDEND); + CLEANUP(ISC_R_UNEXPECTEDEND); } break; case DNS_DSDIGEST_SHA256: if (r.length != ISC_SHA256_DIGESTLENGTH) { - CHECK(ISC_R_UNEXPECTEDEND); + CLEANUP(ISC_R_UNEXPECTEDEND); } break; case DNS_DSDIGEST_SHA384: if (r.length != ISC_SHA384_DIGESTLENGTH) { - CHECK(ISC_R_UNEXPECTEDEND); + CLEANUP(ISC_R_UNEXPECTEDEND); } break; #if defined(DNS_DSDIGEST_SHA256PRIVATE) case DNS_DSDIGEST_SHA256PRIVATE: if (r.length < ISC_SHA256_DIGESTLENGTH) { - CHECK(ISC_R_UNEXPECTEDEND); + CLEANUP(ISC_R_UNEXPECTEDEND); } break; #endif #if defined(DNS_DSDIGEST_SHA384PRIVATE) case DNS_DSDIGEST_SHA384PRIVATE: if (r.length < ISC_SHA384_DIGESTLENGTH) { - CHECK(ISC_R_UNEXPECTEDEND); + CLEANUP(ISC_R_UNEXPECTEDEND); } break; #endif @@ -828,12 +828,12 @@ ta_fromconfig(const cfg_obj_t *key, bool *initialp, const char **namestrp, "key '%s': " "unknown ds digest type %u", namestr, ds->digest_type); - CHECK(ISC_R_FAILURE); + CLEANUP(ISC_R_FAILURE); break; } if (r.length > digest_len) { - CHECK(ISC_R_NOSPACE); + CLEANUP(ISC_R_NOSPACE); } ds->length = r.length; ds->digest = digest; @@ -872,7 +872,7 @@ ta_fromconfig(const cfg_obj_t *key, bool *initialp, const char **namestrp, } #endif if (!dst_algorithm_supported(algorithm)) { - CHECK(DST_R_UNSUPPORTEDALG); + CLEANUP(DST_R_UNSUPPORTEDALG); } break; @@ -1145,7 +1145,7 @@ configure_view_dnsseckeys(dns_view_t *view, const cfg_obj_t *vconfig, isc_log_write(DNS_LOGCATEGORY_SECURITY, NAMED_LOGMODULE_SERVER, ISC_LOG_ERROR, "root key not loaded"); - CHECK(ISC_R_FAILURE); + CLEANUP(ISC_R_FAILURE); } } @@ -1176,7 +1176,7 @@ configure_view_dnsseckeys(dns_view_t *view, const cfg_obj_t *vconfig, "managed-keys-directory '%s' " "is not writable", directory); - CHECK(ISC_R_NOPERM); + CLEANUP(ISC_R_NOPERM); } } @@ -1674,7 +1674,7 @@ check_dbtype(dns_zone_t *zone, unsigned int dbtypec, const char **dbargv, */ for (i = 0; i < dbtypec; i++) { if (argv[i] == NULL || strcmp(argv[i], dbargv[i]) != 0) { - CHECK(ISC_R_FAILURE); + CLEANUP(ISC_R_FAILURE); } } @@ -2368,7 +2368,7 @@ catz_addmodzone_cb(void *arg) { } CHECK(cfg_map_get(zoneconf, "zone", &zlist)); if (!cfg_obj_islist(zlist)) { - CHECK(ISC_R_FAILURE); + CLEANUP(ISC_R_FAILURE); } /* For now we only support adding one zone at a time */ @@ -2637,7 +2637,7 @@ catz_reconfigure(dns_catz_entry_t *entry, void *arg1, void *arg2) { CHECK(cfg_map_get(zoneconf, "zone", &zlist)); if (!cfg_obj_islist(zlist)) { - CHECK(ISC_R_FAILURE); + CLEANUP(ISC_R_FAILURE); } zoneobj = cfg_listelt_value(cfg_list_first(zlist)); @@ -3781,7 +3781,7 @@ configure_view(dns_view_t *view, dns_viewlist_t *viewlist, cfg_obj_t *config, "rpz '%s' is not a primary or a " "secondary zone", namebuf); - CHECK(ISC_R_NOTFOUND); + CLEANUP(ISC_R_NOTFOUND); } } } @@ -4310,7 +4310,7 @@ configure_view(dns_view_t *view, dns_viewlist_t *viewlist, cfg_obj_t *config, if (dispatch4 == NULL && dispatch6 == NULL) { UNEXPECTED_ERROR("unable to obtain either an IPv4 or" " an IPv6 dispatch"); - CHECK(ISC_R_UNEXPECTED); + CLEANUP(ISC_R_UNEXPECTED); } CHECK(dns_view_createresolver(view, resopts, tlsctx_client_cache, @@ -5793,7 +5793,7 @@ get_viewinfo(const cfg_obj_t *vconfig, const char **namep, NAMED_LOGMODULE_SERVER, ISC_LOG_ERROR, "view '%s': class must not be meta", viewname); - CHECK(ISC_R_FAILURE); + CLEANUP(ISC_R_FAILURE); } } else { viewname = "_default"; @@ -5963,7 +5963,7 @@ configure_zone(const cfg_obj_t *config, const cfg_obj_t *zconfig, ISC_LOG_ERROR, "zone '%s': wrong class for view '%s'", zname, vname); - CHECK(ISC_R_FAILURE); + CLEANUP(ISC_R_FAILURE); } (void)cfg_map_get(zoptions, "in-view", &viewobj); @@ -5975,7 +5975,7 @@ configure_zone(const cfg_obj_t *config, const cfg_obj_t *zconfig, cfg_obj_log(zconfig, ISC_LOG_ERROR, "'in-view' option is not permitted in " "dynamically added zones"); - CHECK(ISC_R_FAILURE); + CLEANUP(ISC_R_FAILURE); } result = dns_viewlist_find(viewlist, inview, view->rdclass, @@ -5983,7 +5983,7 @@ configure_zone(const cfg_obj_t *config, const cfg_obj_t *zconfig, if (result != ISC_R_SUCCESS) { cfg_obj_log(zconfig, ISC_LOG_ERROR, "view '%s' is not yet defined.", inview); - CHECK(ISC_R_FAILURE); + CLEANUP(ISC_R_FAILURE); } result = dns_view_findzone(otherview, origin, DNS_ZTFIND_EXACT, @@ -5993,7 +5993,7 @@ configure_zone(const cfg_obj_t *config, const cfg_obj_t *zconfig, cfg_obj_log(zconfig, ISC_LOG_ERROR, "zone '%s' not defined in view '%s'", zname, inview); - CHECK(ISC_R_FAILURE); + CLEANUP(ISC_R_FAILURE); } CHECK(dns_view_addzone(view, zone)); @@ -6020,7 +6020,7 @@ configure_zone(const cfg_obj_t *config, const cfg_obj_t *zconfig, if (typeobj == NULL) { cfg_obj_log(zconfig, ISC_LOG_ERROR, "zone '%s' 'type' not specified", zname); - CHECK(ISC_R_FAILURE); + CLEANUP(ISC_R_FAILURE); } ztypestr = cfg_obj_asstring(typeobj); @@ -6036,7 +6036,7 @@ configure_zone(const cfg_obj_t *config, const cfg_obj_t *zconfig, isc_log_write(NAMED_LOGCATEGORY_GENERAL, NAMED_LOGMODULE_SERVER, ISC_LOG_ERROR, "zone '%s': 'file' not specified", zname); - CHECK(ISC_R_FAILURE); + CLEANUP(ISC_R_FAILURE); } if (dns_name_equal(origin, dns_rootname)) { const char *hintsfile = cfg_obj_asstring(fileobj); @@ -6077,7 +6077,7 @@ configure_zone(const cfg_obj_t *config, const cfg_obj_t *zconfig, if (view->redirect != NULL) { cfg_obj_log(zconfig, ISC_LOG_ERROR, "redirect zone already exists"); - CHECK(ISC_R_EXISTS); + CLEANUP(ISC_R_EXISTS); } result = dns_viewlist_find(viewlist, view->name, view->rdclass, &pview); @@ -6116,7 +6116,7 @@ configure_zone(const cfg_obj_t *config, const cfg_obj_t *zconfig, cfg_obj_log(zconfig, ISC_LOG_ERROR, "zone '%s' already exists", zname); dns_zone_detach(&dupzone); - CHECK(ISC_R_EXISTS); + CLEANUP(ISC_R_EXISTS); } INSIST(dupzone == NULL); } @@ -6827,7 +6827,7 @@ generate_session_key(const char *filename, const char *keynamestr, if (fp == NULL) { isc_log_write(NAMED_LOGCATEGORY_GENERAL, NAMED_LOGMODULE_SERVER, ISC_LOG_ERROR, "could not create %s", filename); - CHECK(ISC_R_NOPERM); + CLEANUP(ISC_R_NOPERM); } fprintf(fp, @@ -12085,7 +12085,7 @@ nzf_writeconf(const cfg_obj_t *config, dns_view_t *view) { cfg_map_get(config, "zone", &zl); if (!cfg_obj_islist(zl)) { - CHECK(ISC_R_FAILURE); + CLEANUP(ISC_R_FAILURE); } list = UNCONST(&zl->value.list); @@ -12192,7 +12192,7 @@ nzd_save(MDB_txn **txnp, MDB_dbi dbi, dns_zone_t *zone, "Error deleting zone %s " "from NZD database: %s", namebuf, mdb_strerror(status)); - CHECK(ISC_R_FAILURE); + CLEANUP(ISC_R_FAILURE); } else if (status != MDB_NOTFOUND) { commit = true; } @@ -12206,7 +12206,7 @@ nzd_save(MDB_txn **txnp, MDB_dbi dbi, dns_zone_t *zone, NAMED_LOGMODULE_SERVER, ISC_LOG_ERROR, "Unable to get options from config in " "nzd_save()"); - CHECK(ISC_R_FAILURE); + CLEANUP(ISC_R_FAILURE); } dzarg.magic = DZARG_MAGIC; @@ -12232,7 +12232,7 @@ nzd_save(MDB_txn **txnp, MDB_dbi dbi, dns_zone_t *zone, "Error inserting zone in " "NZD database: %s", mdb_strerror(status)); - CHECK(ISC_R_FAILURE); + CLEANUP(ISC_R_FAILURE); } commit = true; @@ -12394,7 +12394,7 @@ nzd_env_reopen(dns_view_t *view) { isc_log_write(DNS_LOGCATEGORY_GENERAL, ISC_LOGMODULE_OTHER, ISC_LOG_ERROR, "mdb_env_create failed: %s", mdb_strerror(status)); - CHECK(ISC_R_FAILURE); + CLEANUP(ISC_R_FAILURE); } if (view->newzone.mapsize != 0ULL) { @@ -12404,7 +12404,7 @@ nzd_env_reopen(dns_view_t *view) { ISC_LOGMODULE_OTHER, ISC_LOG_ERROR, "mdb_env_set_mapsize failed: %s", mdb_strerror(status)); - CHECK(ISC_R_FAILURE); + CLEANUP(ISC_R_FAILURE); } } @@ -12413,7 +12413,7 @@ nzd_env_reopen(dns_view_t *view) { isc_log_write(DNS_LOGCATEGORY_GENERAL, ISC_LOGMODULE_OTHER, ISC_LOG_ERROR, "mdb_env_open of '%s' failed: %s", view->newzone.db, mdb_strerror(status)); - CHECK(ISC_R_FAILURE); + CLEANUP(ISC_R_FAILURE); } view->newzone.dbenv = env; @@ -12508,7 +12508,7 @@ load_nzf(dns_view_t *view) { zonelist = NULL; CHECK(cfg_map_get(nzf_config, "zone", &zonelist)); if (!cfg_obj_islist(zonelist)) { - CHECK(ISC_R_FAILURE); + CLEANUP(ISC_R_FAILURE); } CHECK(nzd_open(view, 0, &txn, &dbi)); @@ -12526,7 +12526,7 @@ load_nzf(dns_view_t *view) { origin = cfg_obj_asstring(cfg_tuple_get(zconfig, "name")); if (origin == NULL) { - CHECK(ISC_R_FAILURE); + CLEANUP(ISC_R_FAILURE); } /* Normalize zone name */ @@ -12542,7 +12542,7 @@ load_nzf(dns_view_t *view) { zoptions = cfg_tuple_get(zconfig, "options"); if (zoptions == NULL) { - CHECK(ISC_R_FAILURE); + CLEANUP(ISC_R_FAILURE); } isc_buffer_clear(text); @@ -12569,7 +12569,7 @@ load_nzf(dns_view_t *view) { "Error inserting zone in " "NZD database: %s", mdb_strerror(status)); - CHECK(ISC_R_FAILURE); + CLEANUP(ISC_R_FAILURE); } commit = true; @@ -12652,7 +12652,7 @@ newzone_parse(named_server_t *server, char *command, dns_view_t **viewp, CHECK(cfg_map_get(zoneconf, "zone", &zlist)); if (!cfg_obj_islist(zlist)) { - CHECK(ISC_R_FAILURE); + CLEANUP(ISC_R_FAILURE); } /* For now we only support adding one zone at a time */ @@ -12668,14 +12668,14 @@ newzone_parse(named_server_t *server, char *command, dns_view_t **viewp, if (obj != NULL) { (void)putstr(text, "'in-view' zones not supported by "); (void)putstr(text, bn); - CHECK(ISC_R_FAILURE); + CLEANUP(ISC_R_FAILURE); } (void)cfg_map_get(zoptions, "template", &obj); if (obj == NULL) { (void)putstr(text, "no zone type or " "template specified"); - CHECK(ISC_R_FAILURE); + CLEANUP(ISC_R_FAILURE); } } @@ -12686,7 +12686,7 @@ newzone_parse(named_server_t *server, char *command, dns_view_t **viewp, (void)putstr(text, cfg_obj_asstring(obj)); (void)putstr(text, "' zones not supported by "); (void)putstr(text, bn); - CHECK(ISC_R_FAILURE); + CLEANUP(ISC_R_FAILURE); } if (strcasecmp(cfg_obj_asstring(obj), "redirect") == 0) { @@ -12748,7 +12748,7 @@ delete_zoneconf(dns_view_t *view, const cfg_obj_t *config, cfg_map_get(config, "zone", &zl); if (!cfg_obj_islist(zl)) { - CHECK(ISC_R_FAILURE); + CLEANUP(ISC_R_FAILURE); } cfg_list_t *list = UNCONST(&zl->value.list); @@ -12848,7 +12848,7 @@ do_addzone(named_server_t *server, dns_view_t *view, dns_name_t *name, TCHECK(putstr(text, "unable to open NZD database for '")); TCHECK(putstr(text, view->newzone.db)); TCHECK(putstr(text, "'")); - CHECK(ISC_R_FAILURE); + CLEANUP(ISC_R_FAILURE); } #endif /* HAVE_LMDB */ @@ -12884,7 +12884,7 @@ do_addzone(named_server_t *server, dns_view_t *view, dns_name_t *name, /* Is it there yet? */ if (redirect) { if (view->redirect == NULL) { - CHECK(ISC_R_NOTFOUND); + CLEANUP(ISC_R_NOTFOUND); } dns_zone_attach(view->redirect, &zone); } else { @@ -13080,7 +13080,7 @@ do_modzone(named_server_t *server, dns_view_t *view, dns_name_t *name, /* Is it there yet? */ if (redirect) { if (view->redirect == NULL) { - CHECK(ISC_R_NOTFOUND); + CLEANUP(ISC_R_NOTFOUND); } dns_zone_attach(view->redirect, &zone); } else { @@ -13246,7 +13246,7 @@ named_server_changezone(named_server_t *server, char *command, (void)putstr(text, "Not allowing new zones in view '"); (void)putstr(text, view->name); (void)putstr(text, "'"); - CHECK(ISC_R_NOPERM); + CLEANUP(ISC_R_NOPERM); } zonename = cfg_obj_asstring(cfg_tuple_get(zoneobj, "name")); @@ -13260,7 +13260,7 @@ named_server_changezone(named_server_t *server, char *command, if (!dns_name_equal(dnsname, dns_rootname)) { (void)putstr(text, "redirect zones must be called " "\".\""); - CHECK(ISC_R_FAILURE); + CLEANUP(ISC_R_FAILURE); } } @@ -13509,7 +13509,7 @@ named_server_delzone(named_server_t *server, isc_lex_t *lex, CHECK(zone_from_args(server, lex, ptr, &zone, zonename, text, false)); if (zone == NULL) { - CHECK(ISC_R_UNEXPECTEDEND); + CLEANUP(ISC_R_UNEXPECTEDEND); } INSIST(zonename != NULL); @@ -13520,7 +13520,7 @@ named_server_delzone(named_server_t *server, isc_lex_t *lex, TCHECK(putstr(text, zonename)); TCHECK(putstr(text, "' cannot be deleted: response-policy zone.")); - CHECK(ISC_R_FAILURE); + CLEANUP(ISC_R_FAILURE); } view = dns_zone_getview(zone); @@ -13627,14 +13627,14 @@ named_server_showzone(named_server_t *server, isc_lex_t *lex, /* Parse parameters */ CHECK(zone_from_args(server, lex, NULL, &zone, zonename, text, true)); if (zone == NULL) { - CHECK(ISC_R_UNEXPECTEDEND); + CLEANUP(ISC_R_UNEXPECTEDEND); } zconfig = dns_zone_getcfg(zone); dns_zone_detach(&zone); if (zconfig == NULL) { - CHECK(ISC_R_NOTFOUND); + CLEANUP(ISC_R_NOTFOUND); } CHECK(putstr(text, "zone ")); @@ -13823,12 +13823,12 @@ named_server_signing(named_server_t *server, isc_lex_t *lex, CHECK(isc_parse_uint32(&serial, ptr, 10)); setserial = true; } else { - CHECK(DNS_R_SYNTAX); + CLEANUP(DNS_R_SYNTAX); } CHECK(zone_from_args(server, lex, NULL, &zone, NULL, text, false)); if (zone == NULL) { - CHECK(ISC_R_UNEXPECTEDEND); + CLEANUP(ISC_R_UNEXPECTEDEND); } if (dns_zone_getkasp(zone) != NULL) { @@ -13990,7 +13990,7 @@ named_server_dnssec(named_server_t *server, isc_lex_t *lex, } else if (strcasecmp(ptr, "-step") == 0) { forcestep = true; } else { - CHECK(DNS_R_SYNTAX); + CLEANUP(DNS_R_SYNTAX); } if (status) { @@ -14018,13 +14018,13 @@ named_server_dnssec(named_server_t *server, isc_lex_t *lex, ptr = next_token(lex, text); if (ptr == NULL) { msg = "Bad format"; - CHECK(ISC_R_UNEXPECTEDEND); + CLEANUP(ISC_R_UNEXPECTEDEND); } else if (argcheck(ptr, "alg")) { isc_consttextregion_t alg; ptr = next_token(lex, text); if (ptr == NULL) { msg = "No key algorithm specified"; - CHECK(ISC_R_UNEXPECTEDEND); + CLEANUP(ISC_R_UNEXPECTEDEND); } alg.base = ptr; alg.length = strlen(alg.base); @@ -14032,7 +14032,7 @@ named_server_dnssec(named_server_t *server, isc_lex_t *lex, &algorithm, (isc_textregion_t *)&alg); if (result != ISC_R_SUCCESS) { msg = "Bad algorithm"; - CHECK(DNS_R_SYNTAX); + CLEANUP(DNS_R_SYNTAX); } continue; } else if (argcheck(ptr, "key")) { @@ -14040,7 +14040,7 @@ named_server_dnssec(named_server_t *server, isc_lex_t *lex, ptr = next_token(lex, text); if (ptr == NULL) { msg = "No key identifier specified"; - CHECK(ISC_R_UNEXPECTEDEND); + CLEANUP(ISC_R_UNEXPECTEDEND); } CHECK(isc_parse_uint16(&id, ptr, 10)); keyid = (dns_keytag_t)id; @@ -14051,14 +14051,14 @@ named_server_dnssec(named_server_t *server, isc_lex_t *lex, ptr = next_token(lex, text); if (ptr == NULL) { msg = "No time specified"; - CHECK(ISC_R_UNEXPECTEDEND); + CLEANUP(ISC_R_UNEXPECTEDEND); } CHECK(dns_time32_fromtext(ptr, &tw)); when = (isc_stdtime_t)tw; continue; } else if (ptr[0] == '-') { msg = "Unknown option"; - CHECK(DNS_R_SYNTAX); + CLEANUP(DNS_R_SYNTAX); } else if (checkds) { /* * No arguments provided, so we must be @@ -14067,7 +14067,7 @@ named_server_dnssec(named_server_t *server, isc_lex_t *lex, if (strcasecmp(ptr, "published") == 0) { dspublish = true; } else if (strcasecmp(ptr, "withdrawn") != 0) { - CHECK(DNS_R_SYNTAX); + CLEANUP(DNS_R_SYNTAX); } } else if (rollover) { /* @@ -14081,12 +14081,12 @@ named_server_dnssec(named_server_t *server, isc_lex_t *lex, if (rollover && !use_keyid) { msg = "Key id is required when scheduling rollover"; - CHECK(DNS_R_SYNTAX); + CLEANUP(DNS_R_SYNTAX); } if (algorithm > 0 && !use_keyid) { msg = "Key id is required when setting algorithm"; - CHECK(DNS_R_SYNTAX); + CLEANUP(DNS_R_SYNTAX); } } @@ -14094,14 +14094,14 @@ named_server_dnssec(named_server_t *server, isc_lex_t *lex, CHECK(zone_from_args(server, lex, zonetext, &zone, NULL, text, false)); if (zone == NULL) { msg = "Zone not found"; - CHECK(ISC_R_UNEXPECTEDEND); + CLEANUP(ISC_R_UNEXPECTEDEND); } /* Trailing garbage? */ ptr = next_token(lex, text); if (ptr != NULL) { msg = "Too many arguments"; - CHECK(DNS_R_SYNTAX); + CLEANUP(DNS_R_SYNTAX); } /* Get dnssec-policy. */ @@ -14338,7 +14338,7 @@ named_server_zonestatus(named_server_t *server, isc_lex_t *lex, CHECK(zone_from_args(server, lex, NULL, &zone, zonename, text, true)); if (zone == NULL) { - CHECK(ISC_R_UNEXPECTEDEND); + CLEANUP(ISC_R_UNEXPECTEDEND); } /* Inline signing? */ @@ -14620,7 +14620,7 @@ named_server_nta(named_server_t *server, isc_lex_t *lex, bool readonly, ptr = next_token(lex, text); if (ptr == NULL) { msg = "No lifetime specified"; - CHECK(ISC_R_UNEXPECTEDEND); + CLEANUP(ISC_R_UNEXPECTEDEND); } tr.base = ptr; @@ -14633,7 +14633,7 @@ named_server_nta(named_server_t *server, isc_lex_t *lex, bool readonly, if (ntattl > 604800) { msg = "NTA lifetime cannot exceed one week"; - CHECK(ISC_R_RANGE); + CLEANUP(ISC_R_RANGE); } ttlset = true; @@ -14644,7 +14644,7 @@ named_server_nta(named_server_t *server, isc_lex_t *lex, bool readonly, ptr = next_token(lex, text); if (ptr == NULL) { msg = "No class specified"; - CHECK(ISC_R_UNEXPECTEDEND); + CLEANUP(ISC_R_UNEXPECTEDEND); } tr.base = ptr; @@ -14653,7 +14653,7 @@ named_server_nta(named_server_t *server, isc_lex_t *lex, bool readonly, continue; } else if (ptr[0] == '-') { msg = "Unknown option"; - CHECK(DNS_R_SYNTAX); + CLEANUP(DNS_R_SYNTAX); } else { nametext = ptr; } @@ -14694,7 +14694,7 @@ named_server_nta(named_server_t *server, isc_lex_t *lex, bool readonly, NAMED_LOGMODULE_CONTROL, ISC_LOG_INFO, "rejecting restricted control channel " "NTA command"); - CHECK(ISC_R_FAILURE); + CLEANUP(ISC_R_FAILURE); } /* Get the NTA name if not found above. */ @@ -14726,7 +14726,7 @@ named_server_nta(named_server_t *server, isc_lex_t *lex, bool readonly, } if (next_token(lex, text) != NULL) { - CHECK(DNS_R_SYNTAX); + CLEANUP(DNS_R_SYNTAX); } now = isc_stdtime_now(); @@ -14917,7 +14917,7 @@ mkey_destroy(dns_view_t *view, isc_buffer_t *text) { bool removed_a_file = false; if (view->managed_keys == NULL) { - CHECK(ISC_R_NOTFOUND); + CLEANUP(ISC_R_NOTFOUND); } snprintf(msg, sizeof(msg), "destroying managed-keys database for '%s'", @@ -14960,7 +14960,7 @@ mkey_destroy(dns_view_t *view, isc_buffer_t *text) { if (!removed_a_file) { CHECK(putstr(text, "error: no files could be removed")); - CHECK(ISC_R_FAILURE); + CLEANUP(ISC_R_FAILURE); } dns_zone_detach(&mkzone); @@ -15147,7 +15147,7 @@ named_server_mkeys(named_server_t *server, isc_lex_t *lex, isc_buffer_t *text) { } else { snprintf(msg, sizeof(msg), "unknown command '%s'", cmd); (void)putstr(text, msg); - CHECK(ISC_R_UNEXPECTED); + CLEANUP(ISC_R_UNEXPECTED); } /* Look for the optional class name. */ @@ -15315,10 +15315,10 @@ named_server_tcptimeouts(isc_lex_t *lex, isc_buffer_t *text) { CHECK(isc_parse_uint32(&initial, ptr, 10)); initial *= 100; if (initial > MAX_INITIAL_TIMEOUT) { - CHECK(ISC_R_RANGE); + CLEANUP(ISC_R_RANGE); } if (initial < MIN_INITIAL_TIMEOUT) { - CHECK(ISC_R_RANGE); + CLEANUP(ISC_R_RANGE); } ptr = next_token(lex, text); @@ -15328,10 +15328,10 @@ named_server_tcptimeouts(isc_lex_t *lex, isc_buffer_t *text) { CHECK(isc_parse_uint32(&idle, ptr, 10)); idle *= 100; if (idle > MAX_IDLE_TIMEOUT) { - CHECK(ISC_R_RANGE); + CLEANUP(ISC_R_RANGE); } if (idle < MIN_IDLE_TIMEOUT) { - CHECK(ISC_R_RANGE); + CLEANUP(ISC_R_RANGE); } ptr = next_token(lex, text); @@ -15341,10 +15341,10 @@ named_server_tcptimeouts(isc_lex_t *lex, isc_buffer_t *text) { CHECK(isc_parse_uint32(&keepalive, ptr, 10)); keepalive *= 100; if (keepalive > MAX_KEEPALIVE_TIMEOUT) { - CHECK(ISC_R_RANGE); + CLEANUP(ISC_R_RANGE); } if (keepalive < MIN_KEEPALIVE_TIMEOUT) { - CHECK(ISC_R_RANGE); + CLEANUP(ISC_R_RANGE); } ptr = next_token(lex, text); @@ -15354,7 +15354,7 @@ named_server_tcptimeouts(isc_lex_t *lex, isc_buffer_t *text) { CHECK(isc_parse_uint32(&advertised, ptr, 10)); advertised *= 100; if (advertised > MAX_ADVERTISED_TIMEOUT) { - CHECK(ISC_R_RANGE); + CLEANUP(ISC_R_RANGE); } ptr = next_token(lex, text); @@ -15364,10 +15364,10 @@ named_server_tcptimeouts(isc_lex_t *lex, isc_buffer_t *text) { CHECK(isc_parse_uint32(&primaries, ptr, 10)); primaries *= 100; if (primaries > MAX_PRIMARIES_TIMEOUT) { - CHECK(ISC_R_RANGE); + CLEANUP(ISC_R_RANGE); } if (primaries < MIN_PRIMARIES_TIMEOUT) { - CHECK(ISC_R_RANGE); + CLEANUP(ISC_R_RANGE); } isc_nm_setinitialtimeout(initial); @@ -15608,7 +15608,7 @@ named_server_fetchlimit(named_server_t *server, isc_lex_t *lex, s = snprintf(tbuf, sizeof(tbuf), " (fetches-per-server %u):", val); if (s < 0 || (unsigned int)s > sizeof(tbuf)) { - CHECK(ISC_R_NOSPACE); + CLEANUP(ISC_R_NOSPACE); } first = false; CHECK(putstr(text, tbuf)); @@ -15624,7 +15624,7 @@ named_server_fetchlimit(named_server_t *server, isc_lex_t *lex, s = snprintf(tbuf, sizeof(tbuf), " (fetches-per-zone %u):", val); if (s < 0 || (unsigned int)s > sizeof(tbuf)) { - CHECK(ISC_R_NOSPACE); + CLEANUP(ISC_R_NOSPACE); } CHECK(putstr(text, tbuf)); used = isc_buffer_usedlength(text); @@ -15666,7 +15666,7 @@ named_server_skr(named_server_t *server, isc_lex_t *lex, isc_buffer_t *text) { } if (strcasecmp(ptr, "-import") != 0) { - CHECK(DNS_R_SYNTAX); + CLEANUP(DNS_R_SYNTAX); } ptr = next_token(lex, NULL); @@ -15677,7 +15677,7 @@ named_server_skr(named_server_t *server, isc_lex_t *lex, isc_buffer_t *text) { CHECK(zone_from_args(server, lex, NULL, &zone, NULL, text, false)); if (zone == NULL) { - CHECK(ISC_R_UNEXPECTEDEND); + CLEANUP(ISC_R_UNEXPECTEDEND); } kasp = dns_zone_getkasp(zone); if (kasp == NULL) { diff --git a/bin/named/statschannel.c b/bin/named/statschannel.c index a74af44ceee..51184ffe441 100644 --- a/bin/named/statschannel.c +++ b/bin/named/statschannel.c @@ -2405,7 +2405,7 @@ zone_jsonrender(dns_zone_t *zone, void *arg) { if (zonestats != NULL) { json_object *counters = json_object_new_object(); if (counters == NULL) { - CHECK(ISC_R_NOMEMORY); + CLEANUP(ISC_R_NOMEMORY); } result = dump_stats(zonestats, isc_statsformat_json, @@ -2429,7 +2429,7 @@ zone_jsonrender(dns_zone_t *zone, void *arg) { if (gluecachestats != NULL) { json_object *counters = json_object_new_object(); if (counters == NULL) { - CHECK(ISC_R_NOMEMORY); + CLEANUP(ISC_R_NOMEMORY); } result = dump_stats( @@ -2582,7 +2582,7 @@ xfrin_jsonrender(dns_zone_t *zone, void *arg) { } if (xfrinobj == NULL) { - CHECK(ISC_R_NOMEMORY); + CLEANUP(ISC_R_NOMEMORY); } result = dns_zone_getxfr(zone, &xfr, &is_firstrefresh, &is_running, @@ -3650,7 +3650,7 @@ add_listener(named_server_t *server, named_statschannel_t **listenerp, if ((pf == AF_INET && isc_net_probeipv4() != ISC_R_SUCCESS) || (pf == AF_INET6 && isc_net_probeipv6() != ISC_R_SUCCESS)) { - CHECK(ISC_R_FAMILYNOSUPPORT); + CLEANUP(ISC_R_FAMILYNOSUPPORT); } CHECK(isc_httpdmgr_create(server->mctx, addr, client_ok, diff --git a/bin/named/transportconf.c b/bin/named/transportconf.c index 7030c704261..5f3701b3936 100644 --- a/bin/named/transportconf.c +++ b/bin/named/transportconf.c @@ -147,7 +147,7 @@ add_tls_transports(const cfg_obj_t *transportlist, dns_transport_list_t *list) { tlsid = cfg_obj_asstring(cfg_map_getname(tls)); if (!strcmp(tlsid, "ephemeral")) { - CHECK(ISC_R_UNEXPECTEDTOKEN); + CLEANUP(ISC_R_UNEXPECTEDTOKEN); } create_name(tlsid, tlsname); diff --git a/bin/named/tsigconf.c b/bin/named/tsigconf.c index 1b758cb323b..1a790a6823f 100644 --- a/bin/named/tsigconf.c +++ b/bin/named/tsigconf.c @@ -81,7 +81,7 @@ add_initial_keys(const cfg_obj_t *list, dns_tsigkeyring_t *ring, "key '%s': has a " "unsupported algorithm '%s'", keyid, algstr); - CHECK(DNS_R_BADALG); + CLEANUP(DNS_R_BADALG); } secretstr = cfg_obj_asstring(secretobj); diff --git a/bin/named/zoneconf.c b/bin/named/zoneconf.c index bd29d8fab53..b43223395f3 100644 --- a/bin/named/zoneconf.c +++ b/bin/named/zoneconf.c @@ -364,7 +364,7 @@ configure_zone_ssutable(const cfg_obj_t *zconfig, const cfg_obj_t *tconfig, "failed to enable auto DDNS policy " "for zone %s: session key not found", zname); - CHECK(ISC_R_NOTFOUND); + CLEANUP(ISC_R_NOTFOUND); } dns_ssutable_addrule( @@ -600,7 +600,7 @@ configure_staticstub(const cfg_obj_t *zconfig, const cfg_obj_t *tconfig, "No NS record is configured for a " "static-stub zone '%s'", zname); - CHECK(ISC_R_FAILURE); + CLEANUP(ISC_R_FAILURE); } /* diff --git a/bin/tests/system/dyndb/driver/instance.c b/bin/tests/system/dyndb/driver/instance.c index e4ab5a54c9a..7c3b842cca3 100644 --- a/bin/tests/system/dyndb/driver/instance.c +++ b/bin/tests/system/dyndb/driver/instance.c @@ -78,7 +78,7 @@ parse_params(isc_mem_t *mctx, int argc, char **argv, dns_name_t *z1, if (argc != 2) { log_error("exactly two parameters " "(absolute zone names) are required"); - CHECK(ISC_R_FAILURE); + CLEANUP(ISC_R_FAILURE); } result = dns_name_fromstring(z1, argv[0], dns_rootname, 0, mctx); if (result != ISC_R_SUCCESS) { diff --git a/bin/tests/system/dyndb/driver/zone.c b/bin/tests/system/dyndb/driver/zone.c index 0264216fec2..da6fef47f5b 100644 --- a/bin/tests/system/dyndb/driver/zone.c +++ b/bin/tests/system/dyndb/driver/zone.c @@ -139,8 +139,7 @@ publish_zone(sample_instance_t *inst, dns_zone_t *zone) { /* Zone has a view set -> view should contain the same zone. */ if (zone_in_view == zone) { /* Zone is already published in the right view. */ - result = ISC_R_SUCCESS; - goto cleanup; + CLEANUP(ISC_R_SUCCESS); } else if (view_in_zone != inst->view) { /* * Un-published inactive zone will have @@ -150,7 +149,7 @@ publish_zone(sample_instance_t *inst, dns_zone_t *zone) { dns_zone_log(zone, ISC_LOG_ERROR, "zone->view doesn't " "match data in the view"); - CHECK(ISC_R_UNEXPECTED); + CLEANUP(ISC_R_UNEXPECTED); } } @@ -158,7 +157,7 @@ publish_zone(sample_instance_t *inst, dns_zone_t *zone) { dns_zone_log(zone, ISC_LOG_ERROR, "cannot publish zone: view already " "contains another zone with this name"); - CHECK(ISC_R_UNEXPECTED); + CLEANUP(ISC_R_UNEXPECTED); } if (inst->view->frozen) { diff --git a/lib/dns/catz.c b/lib/dns/catz.c index 44f2757c290..198e68ad6db 100644 --- a/lib/dns/catz.c +++ b/lib/dns/catz.c @@ -1208,14 +1208,14 @@ catz_process_coo(dns_catz_zone_t *catz, dns_label_t *mhash, RETERR(dns_rdata_tostruct(&rdata, &ptr, NULL)); if (dns_name_countlabels(&ptr.ptr) == 0) { - CHECK(ISC_R_FAILURE); + CLEANUP(ISC_R_FAILURE); } CHECK(isc_ht_find(catz->entries, mhash->base, mhash->length, (void **)&entry)); if (dns_name_countlabels(&entry->name) == 0) { - CHECK(ISC_R_FAILURE); + CLEANUP(ISC_R_FAILURE); } catz_coo_add(catz, entry, &ptr.ptr); @@ -1315,10 +1315,10 @@ catz_process_version(dns_catz_zone_t *catz, dns_rdataset_t *value) { result = dns_rdata_txt_next(&rdatatxt); if (result != ISC_R_NOMORE) { - CHECK(ISC_R_FAILURE); + CLEANUP(ISC_R_FAILURE); } if (rdatastr.length > 15) { - CHECK(ISC_R_BADNUMBER); + CLEANUP(ISC_R_BADNUMBER); } memmove(t, rdatastr.data, rdatastr.length); t[rdatastr.length] = 0; @@ -1946,7 +1946,7 @@ dns_catz_generate_zonecfg(dns_catz_zone_t *catz, dns_catz_entry_t *entry, "catz: zone '%s' uses an invalid primary " "(no IP address assigned)", zname); - CHECK(ISC_R_FAILURE); + CLEANUP(ISC_R_FAILURE); } isc_netaddr_fromsockaddr(&netaddr, &entry->opts.masters.addrs[i]); @@ -2074,7 +2074,7 @@ dns_catz_dbupdate_callback(dns_db_t *db, void *fn_arg) { LOCK(&catzs->lock); if (catzs->zones == NULL) { - CHECK(ISC_R_SHUTTINGDOWN); + CLEANUP(ISC_R_SHUTTINGDOWN); } CHECK(isc_ht_find(catzs->zones, r.base, r.length, (void **)&catz)); diff --git a/lib/dns/dlz.c b/lib/dns/dlz.c index 48f563f6c7e..e9481c50d14 100644 --- a/lib/dns/dlz.c +++ b/lib/dns/dlz.c @@ -417,7 +417,7 @@ dns_dlz_writeablezone(dns_view_t *view, dns_dlzdb_t *dlzdb, result = dns_view_findzone(view, origin, DNS_ZTFIND_EXACT, &dupzone); if (result == ISC_R_SUCCESS) { dns_zone_detach(&dupzone); - CHECK(ISC_R_EXISTS); + CLEANUP(ISC_R_EXISTS); } INSIST(dupzone == NULL); diff --git a/lib/dns/dnssec.c b/lib/dns/dnssec.c index 7711fb92b1c..0d5ef95c532 100644 --- a/lib/dns/dnssec.c +++ b/lib/dns/dnssec.c @@ -885,12 +885,12 @@ dns_dnssec_verifymessage(isc_buffer_t *source, dns_message_t *msg, signeedsfree = true; if (sig.labels != 0) { - CHECK(DNS_R_SIGINVALID); + CLEANUP(DNS_R_SIGINVALID); } if (isc_serial_lt(sig.timeexpire, sig.timesigned)) { msg->sig0status = dns_tsigerror_badtime; - CHECK(DNS_R_SIGINVALID); + CLEANUP(DNS_R_SIGINVALID); } if (msg->fuzzing) { @@ -901,15 +901,15 @@ dns_dnssec_verifymessage(isc_buffer_t *source, dns_message_t *msg, if (isc_serial_lt((uint32_t)now, sig.timesigned)) { msg->sig0status = dns_tsigerror_badtime; - CHECK(DNS_R_SIGFUTURE); + CLEANUP(DNS_R_SIGFUTURE); } else if (isc_serial_lt(sig.timeexpire, (uint32_t)now)) { msg->sig0status = dns_tsigerror_badtime; - CHECK(DNS_R_SIGEXPIRED); + CLEANUP(DNS_R_SIGEXPIRED); } if (!dns_name_equal(dst_key_name(key), &sig.signer)) { msg->sig0status = dns_tsigerror_badkey; - CHECK(DNS_R_SIGINVALID); + CLEANUP(DNS_R_SIGINVALID); } CHECK(dst_context_create(key, mctx, DNS_LOGCATEGORY_DNSSEC, false, diff --git a/lib/dns/dnstap.c b/lib/dns/dnstap.c index ab9b994b6d0..087dc5cebb1 100644 --- a/lib/dns/dnstap.c +++ b/lib/dns/dnstap.c @@ -164,13 +164,13 @@ dns_dt_create(isc_mem_t *mctx, dns_dtmode_t mode, const char *path, fwopt = fstrm_writer_options_init(); if (fwopt == NULL) { - CHECK(ISC_R_NOMEMORY); + CLEANUP(ISC_R_NOMEMORY); } res = fstrm_writer_options_add_content_type( fwopt, DNSTAP_CONTENT_TYPE, sizeof(DNSTAP_CONTENT_TYPE) - 1); if (res != fstrm_res_success) { - CHECK(ISC_R_FAILURE); + CLEANUP(ISC_R_FAILURE); } if (mode == dns_dtmode_file) { @@ -187,11 +187,11 @@ dns_dt_create(isc_mem_t *mctx, dns_dtmode_t mode, const char *path, fw = fstrm_unix_writer_init(fuwopt, fwopt); } } else { - CHECK(ISC_R_FAILURE); + CLEANUP(ISC_R_FAILURE); } if (fw == NULL) { - CHECK(ISC_R_FAILURE); + CLEANUP(ISC_R_FAILURE); } env->iothr = fstrm_iothr_init(*foptp, &fw); @@ -200,7 +200,7 @@ dns_dt_create(isc_mem_t *mctx, dns_dtmode_t mode, const char *path, ISC_LOG_WARNING, "unable to initialize dnstap I/O thread"); fstrm_writer_destroy(&fw); - CHECK(ISC_R_FAILURE); + CLEANUP(ISC_R_FAILURE); } env->mode = mode; env->max_size = 0; @@ -281,13 +281,13 @@ dns_dt_reopen(dns_dtenv_t *env, int roll) { */ fwopt = fstrm_writer_options_init(); if (fwopt == NULL) { - CHECK(ISC_R_NOMEMORY); + CLEANUP(ISC_R_NOMEMORY); } res = fstrm_writer_options_add_content_type( fwopt, DNSTAP_CONTENT_TYPE, sizeof(DNSTAP_CONTENT_TYPE) - 1); if (res != fstrm_res_success) { - CHECK(ISC_R_FAILURE); + CLEANUP(ISC_R_FAILURE); } if (env->mode == dns_dtmode_file) { @@ -304,11 +304,11 @@ dns_dt_reopen(dns_dtenv_t *env, int roll) { fw = fstrm_unix_writer_init(fuwopt, fwopt); } } else { - CHECK(ISC_R_NOTIMPLEMENTED); + CLEANUP(ISC_R_NOTIMPLEMENTED); } if (fw == NULL) { - CHECK(ISC_R_FAILURE); + CLEANUP(ISC_R_FAILURE); } /* @@ -350,7 +350,7 @@ dns_dt_reopen(dns_dtenv_t *env, int roll) { isc_log_write(DNS_LOGCATEGORY_DNSTAP, DNS_LOGMODULE_DNSTAP, ISC_LOG_WARNING, "unable to initialize dnstap I/O thread"); - CHECK(ISC_R_FAILURE); + CLEANUP(ISC_R_FAILURE); } cleanup: @@ -938,23 +938,23 @@ dns_dt_open(const char *filename, dns_dtmode_t mode, isc_mem_t *mctx, case dns_dtmode_file: fopt = fstrm_file_options_init(); if (fopt == NULL) { - CHECK(ISC_R_NOMEMORY); + CLEANUP(ISC_R_NOMEMORY); } fstrm_file_options_set_file_path(fopt, filename); handle->reader = fstrm_file_reader_init(fopt, NULL); if (handle->reader == NULL) { - CHECK(ISC_R_NOMEMORY); + CLEANUP(ISC_R_NOMEMORY); } res = fstrm_reader_open(handle->reader); if (res != fstrm_res_success) { - CHECK(ISC_R_FAILURE); + CLEANUP(ISC_R_FAILURE); } if (!dnstap_file(handle->reader)) { - CHECK(DNS_R_BADDNSTAP); + CLEANUP(DNS_R_BADDNSTAP); } break; case dns_dtmode_unix: @@ -1043,13 +1043,13 @@ dns_dt_parse(isc_mem_t *mctx, isc_region_t *src, dns_dtdata_t **destp) { d->frame = dnstap__dnstap__unpack(NULL, src->length, src->base); if (d->frame == NULL) { - CHECK(ISC_R_NOMEMORY); + CLEANUP(ISC_R_NOMEMORY); } frame = (Dnstap__Dnstap *)d->frame; if (frame->type != DNSTAP__DNSTAP__TYPE__MESSAGE) { - CHECK(DNS_R_BADDNSTAP); + CLEANUP(DNS_R_BADDNSTAP); } m = frame->message; @@ -1099,7 +1099,7 @@ dns_dt_parse(isc_mem_t *mctx, isc_region_t *src, dns_dtdata_t **destp) { d->type = DNS_DTTYPE_UR; break; default: - CHECK(DNS_R_BADDNSTAP); + CLEANUP(DNS_R_BADDNSTAP); } /* Query? */ diff --git a/lib/dns/dst_api.c b/lib/dns/dst_api.c index 4b79f487aed..2f4ebf9753a 100644 --- a/lib/dns/dst_api.c +++ b/lib/dns/dst_api.c @@ -88,7 +88,7 @@ CHECK(result); \ } while ((*token).type != isc_tokentype_eol) -#define BADTOKEN() CHECK(ISC_R_UNEXPECTEDTOKEN) +#define BADTOKEN() CLEANUP(ISC_R_UNEXPECTEDTOKEN) static const char *numerictags[DST_MAX_NUMERIC] = { [DST_NUM_PREDECESSOR] = "Predecessor:", @@ -480,7 +480,7 @@ dst_key_fromfile(dns_name_t *name, dns_keytag_t id, unsigned int alg, int type, if (!dns_name_equal(name, key->key_name) || id != key->key_id || alg != key->key_alg) { - CHECK(DST_R_INVALIDPRIVATEKEY); + CLEANUP(DST_R_INVALIDPRIVATEKEY); } *keyp = key; @@ -569,7 +569,7 @@ dst_key_fromnamedfile(const char *filename, const char *dirname, int type, pubkey->key_ttl, mctx); if (key->func->parse == NULL) { - CHECK(DST_R_UNSUPPORTEDALG); + CLEANUP(DST_R_UNSUPPORTEDALG); } newfilenamelen = strlen(filename) + 9; @@ -603,7 +603,7 @@ dst_key_fromnamedfile(const char *filename, const char *dirname, int type, CHECK(computeid(key)); if (pubkey->key_id != key->key_id) { - CHECK(DST_R_INVALIDPRIVATEKEY); + CLEANUP(DST_R_INVALIDPRIVATEKEY); } key->modified = false; diff --git a/lib/dns/dyndb.c b/lib/dns/dyndb.c index 889a230ce73..1b5337f3ec5 100644 --- a/lib/dns/dyndb.c +++ b/lib/dns/dyndb.c @@ -137,7 +137,7 @@ load_library(isc_mem_t *mctx, const char *filename, const char *instname, "failed to dlopen() DynDB instance '%s' driver " "'%s': %s", instname, filename, errmsg); - CHECK(ISC_R_FAILURE); + CLEANUP(ISC_R_FAILURE); } CHECK(load_symbol(&imp->handle, filename, "dyndb_version", @@ -151,7 +151,7 @@ load_library(isc_mem_t *mctx, const char *filename, const char *instname, ISC_LOG_ERROR, "driver API version mismatch: %d/%d", version, DNS_DYNDB_VERSION); - CHECK(ISC_R_FAILURE); + CLEANUP(ISC_R_FAILURE); } CHECK(load_symbol(&imp->handle, filename, "dyndb_init", @@ -207,7 +207,7 @@ dns_dyndb_load(const char *libname, const char *name, const char *parameters, /* duplicate instance names are not allowed */ if (impfind(name) != NULL) { - CHECK(ISC_R_EXISTS); + CLEANUP(ISC_R_EXISTS); } CHECK(load_library(mctx, libname, name, &implementation)); diff --git a/lib/dns/gssapictx.c b/lib/dns/gssapictx.c index 67cdc0cfca2..bebad476775 100644 --- a/lib/dns/gssapictx.c +++ b/lib/dns/gssapictx.c @@ -314,7 +314,7 @@ dst_gssapi_initctx(const dns_name_t *name, isc_buffer_t *intoken, gret = gss_import_name(&minor, &gnamebuf, GSS_C_NO_OID, &gname); if (gret != GSS_S_COMPLETE) { gss_err_message(mctx, gret, minor, err_message); - CHECK(ISC_R_FAILURE); + CLEANUP(ISC_R_FAILURE); } if (intoken != NULL) { @@ -345,7 +345,7 @@ dst_gssapi_initctx(const dns_name_t *name, isc_buffer_t *intoken, gss_log(3, "Failure initiating security context"); } - CHECK(ISC_R_FAILURE); + CLEANUP(ISC_R_FAILURE); } /* @@ -480,7 +480,7 @@ dst_gssapi_acceptctx(const char *gssapi_keytab, isc_region_t *intoken, gss_log(3, "failed gss_display_name: %s", gss_error_tostring(gret, minor, buf, sizeof(buf))); - CHECK(ISC_R_FAILURE); + CLEANUP(ISC_R_FAILURE); } /* diff --git a/lib/dns/journal.c b/lib/dns/journal.c index 46dff831bd7..3af3efa4e6c 100644 --- a/lib/dns/journal.c +++ b/lib/dns/journal.c @@ -610,14 +610,14 @@ journal_open(isc_mem_t *mctx, const char *filename, bool writable, bool create, */ result = isc_stdio_open(j->filename, "rb+", &fp); } else { - CHECK(ISC_R_NOTFOUND); + CLEANUP(ISC_R_NOTFOUND); } } if (result != ISC_R_SUCCESS) { isc_log_write(DNS_LOGCATEGORY_GENERAL, DNS_LOGMODULE_JOURNAL, ISC_LOG_ERROR, "%s: open: %s", j->filename, isc_result_totext(result)); - CHECK(ISC_R_UNEXPECTED); + CLEANUP(ISC_R_UNEXPECTED); } j->fp = fp; @@ -656,7 +656,7 @@ journal_open(isc_mem_t *mctx, const char *filename, bool writable, bool create, isc_log_write(DNS_LOGCATEGORY_GENERAL, DNS_LOGMODULE_JOURNAL, ISC_LOG_ERROR, "%s: journal format not recognized", j->filename); - CHECK(ISC_R_UNEXPECTED); + CLEANUP(ISC_R_UNEXPECTED); } journal_header_decode(&rawheader, &j->header); @@ -1497,7 +1497,7 @@ dns_journal_rollforward(dns_journal_t *j, dns_db_t *db, unsigned int options) { } if (db_serial == end_serial) { - CHECK(DNS_R_UPTODATE); + CLEANUP(DNS_R_UPTODATE); } CHECK(dns_journal_iter_init(j, db_serial, end_serial, NULL)); @@ -1527,7 +1527,7 @@ dns_journal_rollforward(dns_journal_t *j, dns_db_t *db, unsigned int options) { "%s: journal file corrupt: missing " "initial SOA", j->filename); - CHECK(ISC_R_UNEXPECTED); + CLEANUP(ISC_R_UNEXPECTED); } if ((options & DNS_JOURNALOPT_RESIGN) != 0) { op = (n_soa == 1) ? DNS_DIFFOP_DELRESIGN @@ -1673,7 +1673,7 @@ dns_journal_print(isc_mem_t *mctx, uint32_t flags, const char *filename, "%s: journal file corrupt: missing " "initial SOA", j->filename); - CHECK(ISC_R_UNEXPECTED); + CLEANUP(ISC_R_UNEXPECTED); } if (print) { @@ -1859,7 +1859,7 @@ dns_journal_iter_init(dns_journal_t *j, uint32_t begin_serial, if (xhdr.serial0 != pos.serial || isc_serial_le(xhdr.serial1, xhdr.serial0)) { - CHECK(ISC_R_UNEXPECTED); + CLEANUP(ISC_R_UNEXPECTED); } size += xhdr.size; @@ -1940,7 +1940,7 @@ read_one_rr(dns_journal_t *j) { DNS_LOGMODULE_JOURNAL, ISC_LOG_ERROR, "%s: journal corrupt: empty transaction", j->filename); - CHECK(ISC_R_UNEXPECTED); + CLEANUP(ISC_R_UNEXPECTED); } if (j->header_ver1) { @@ -1957,7 +1957,7 @@ read_one_rr(dns_journal_t *j) { "expected serial %u, got %u", j->filename, j->it.current_serial, xhdr.serial0); - CHECK(ISC_R_UNEXPECTED); + CLEANUP(ISC_R_UNEXPECTED); } j->it.xsize = xhdr.size; @@ -1980,7 +1980,7 @@ read_one_rr(dns_journal_t *j) { "%s: journal corrupt: impossible RR size " "(%d bytes)", j->filename, rrhdr.size); - CHECK(ISC_R_UNEXPECTED); + CLEANUP(ISC_R_UNEXPECTED); } size_buffer(j->mctx, &j->it.source, rrhdr.size); @@ -2009,7 +2009,7 @@ read_one_rr(dns_journal_t *j) { * Check that the RR header is there, and parse it. */ if (isc_buffer_remaininglength(&j->it.source) < 10) { - CHECK(DNS_R_FORMERR); + CLEANUP(DNS_R_FORMERR); } rdtype = isc_buffer_getuint16(&j->it.source); @@ -2023,14 +2023,14 @@ read_one_rr(dns_journal_t *j) { "%s: journal corrupt: impossible rdlen " "(%u bytes)", j->filename, rdlen); - CHECK(ISC_R_FAILURE); + CLEANUP(ISC_R_FAILURE); } /* * Parse the rdata. */ if (isc_buffer_remaininglength(&j->it.source) != rdlen) { - CHECK(DNS_R_FORMERR); + CLEANUP(DNS_R_FORMERR); } isc_buffer_setactive(&j->it.source, rdlen); dns_rdata_reset(&j->it.rdata); @@ -2581,7 +2581,7 @@ dns_journal_compact(isc_mem_t *mctx, char *filename, uint32_t serial, "%s: journal file corrupt, " "transaction too large", j1->filename); - CHECK(ISC_R_FAILURE); + CLEANUP(ISC_R_FAILURE); } buf = isc_mem_get(mctx, size); result = journal_read(j1, buf, size); @@ -2616,13 +2616,13 @@ dns_journal_compact(isc_mem_t *mctx, char *filename, uint32_t serial, "%s: journal file corrupt, " "transaction too large", j1->filename); - CHECK(ISC_R_FAILURE); + CLEANUP(ISC_R_FAILURE); } buf = isc_mem_get(mctx, size); CHECK(journal_read(j1, buf, size)); if (!check_delta(buf, size)) { - CHECK(ISC_R_UNEXPECTED); + CLEANUP(ISC_R_UNEXPECTED); } } else { CHECK(result); @@ -2649,7 +2649,7 @@ dns_journal_compact(isc_mem_t *mctx, char *filename, uint32_t serial, if (xhdr.serial0 != serial || isc_serial_le(xhdr.serial1, xhdr.serial0)) { - CHECK(ISC_R_UNEXPECTED); + CLEANUP(ISC_R_UNEXPECTED); } /* @@ -2750,7 +2750,7 @@ dns_journal_compact(isc_mem_t *mctx, char *filename, uint32_t serial, (void)isc_file_remove(backup); } else { maperrno: - CHECK(ISC_R_FAILURE); + CLEANUP(ISC_R_FAILURE); } } diff --git a/lib/dns/master.c b/lib/dns/master.c index d6fe9dfe76b..ca12731a0bd 100644 --- a/lib/dns/master.c +++ b/lib/dns/master.c @@ -2389,7 +2389,7 @@ load_raw(dns_loadctx_t *lctx) { sizeof(uint16_t) + sizeof(uint16_t) + sizeof(uint32_t) + sizeof(uint32_t); if (totallen < minlen) { - CHECK(ISC_R_RANGE); + CLEANUP(ISC_R_RANGE); } totallen -= sizeof(totallen); @@ -2424,14 +2424,14 @@ load_raw(dns_loadctx_t *lctx) { dns_rdatalist_init(&rdatalist); rdatalist.rdclass = isc_buffer_getuint16(&target); if (lctx->zclass != rdatalist.rdclass) { - CHECK(DNS_R_BADCLASS); + CLEANUP(DNS_R_BADCLASS); } rdatalist.type = isc_buffer_getuint16(&target); rdatalist.covers = isc_buffer_getuint16(&target); rdatalist.ttl = isc_buffer_getuint32(&target); rdcount = isc_buffer_getuint32(&target); if (rdcount == 0 || rdcount > 0xffff) { - CHECK(ISC_R_RANGE); + CLEANUP(ISC_R_RANGE); } INSIST(isc_buffer_consumedlength(&target) <= readlen); @@ -2440,7 +2440,7 @@ load_raw(dns_loadctx_t *lctx) { lctx->f, &totallen)); namelen = isc_buffer_getuint16(&target); if (namelen > sizeof(namebuf)) { - CHECK(ISC_R_RANGE); + CLEANUP(ISC_R_RANGE); } CHECK(read_and_check(sequential_read, &target, namelen, lctx->f, @@ -2457,7 +2457,7 @@ load_raw(dns_loadctx_t *lctx) { "TTL %d exceeds configured " "max-zone-ttl %d", rdatalist.ttl, lctx->maxttl); - CHECK(ISC_R_RANGE); + CLEANUP(ISC_R_RANGE); } /* Rdata contents. */ @@ -2534,7 +2534,7 @@ load_raw(dns_loadctx_t *lctx) { * or malformed data. */ if (isc_buffer_remaininglength(&target) != 0 || totallen != 0) { - CHECK(ISC_R_RANGE); + CLEANUP(ISC_R_RANGE); } ISC_LIST_APPEND(head, &rdatalist, link); diff --git a/lib/dns/message.c b/lib/dns/message.c index ade0e2f48d5..2d71e97df48 100644 --- a/lib/dns/message.c +++ b/lib/dns/message.c @@ -967,7 +967,7 @@ getquestions(isc_buffer_t *source, dns_message_t *msg, dns_decompress_t dctx, */ isc_buffer_remainingregion(source, &r); if (r.length < 4) { - CHECK(ISC_R_UNEXPECTEDEND); + CLEANUP(ISC_R_UNEXPECTEDEND); } rdtype = isc_buffer_getuint16(source); rdclass = isc_buffer_getuint16(source); @@ -1100,7 +1100,7 @@ getsection(isc_buffer_t *source, dns_message_t *msg, dns_decompress_t dctx, */ isc_buffer_remainingregion(source, &r); if (r.length < 2 + 2 + 4 + 2) { - CHECK(ISC_R_UNEXPECTEDEND); + CLEANUP(ISC_R_UNEXPECTEDEND); } rdtype = isc_buffer_getuint16(source); rdclass = isc_buffer_getuint16(source); @@ -1209,7 +1209,7 @@ getsection(isc_buffer_t *source, dns_message_t *msg, dns_decompress_t dctx, rdatalen = isc_buffer_getuint16(source); r.length -= (2 + 2 + 4 + 2); if (r.length < rdatalen) { - CHECK(ISC_R_UNEXPECTEDEND); + CLEANUP(ISC_R_UNEXPECTEDEND); } /* @@ -1223,7 +1223,7 @@ getsection(isc_buffer_t *source, dns_message_t *msg, dns_decompress_t dctx, update(sectionid, rdclass)) { if (rdatalen != 0) { - CHECK(DNS_R_FORMERR); + CLEANUP(DNS_R_FORMERR); } /* * When the rdata is empty, the data pointer is @@ -1290,7 +1290,7 @@ getsection(isc_buffer_t *source, dns_message_t *msg, dns_decompress_t dctx, if (rdtype == dns_rdatatype_nsec3 && !dns_rdata_checkowner(name, msg->rdclass, rdtype, false)) { - CHECK(DNS_R_BADOWNERNAME); + CLEANUP(DNS_R_BADOWNERNAME); } /* @@ -3586,7 +3586,7 @@ render_zoneversion(dns_message_t *msg, isc_buffer_t *optbuf, if (isc_buffer_availablelength(target) < 1) { - CHECK(ISC_R_NOSPACE); + CLEANUP(ISC_R_NOSPACE); } isc_buffer_putmem(target, &data[i], 1); } else { @@ -4830,7 +4830,7 @@ buildopt(dns_message_t *message, dns_rdataset_t **rdatasetp) { } if (len > 0xffffU) { - CHECK(ISC_R_NOSPACE); + CLEANUP(ISC_R_NOSPACE); } isc_buffer_allocate(message->mctx, &buf, len); diff --git a/lib/dns/openssl_link.c b/lib/dns/openssl_link.c index 28ef55df604..366e8fcb2db 100644 --- a/lib/dns/openssl_link.c +++ b/lib/dns/openssl_link.c @@ -46,12 +46,6 @@ #include "openssl_shim.h" -#define DST_RET(a) \ - { \ - result = a; \ - goto cleanup; \ - } - static isc_result_t dst__openssl_fromlabel_provider(int key_base_id, const char *label, const char *pin, EVP_PKEY **ppub, @@ -64,7 +58,7 @@ dst__openssl_fromlabel_provider(int key_base_id, const char *label, ctx = OSSL_STORE_open(label, NULL, NULL, NULL, NULL); if (!ctx) { - DST_RET(dst__openssl_toresult(DST_R_OPENSSLFAILURE)); + CLEANUP(dst__openssl_toresult(DST_R_OPENSSLFAILURE)); } while (!OSSL_STORE_eof(ctx)) { @@ -76,23 +70,23 @@ dst__openssl_fromlabel_provider(int key_base_id, const char *label, case OSSL_STORE_INFO_PKEY: if (*ppriv != NULL) { OSSL_STORE_INFO_free(info); - DST_RET(DST_R_INVALIDPRIVATEKEY); + CLEANUP(DST_R_INVALIDPRIVATEKEY); } *ppriv = OSSL_STORE_INFO_get1_PKEY(info); if (EVP_PKEY_get_base_id(*ppriv) != key_base_id) { OSSL_STORE_INFO_free(info); - DST_RET(DST_R_BADKEYTYPE); + CLEANUP(DST_R_BADKEYTYPE); } break; case OSSL_STORE_INFO_PUBKEY: if (*ppub != NULL) { OSSL_STORE_INFO_free(info); - DST_RET(DST_R_INVALIDPUBLICKEY); + CLEANUP(DST_R_INVALIDPUBLICKEY); } *ppub = OSSL_STORE_INFO_get1_PUBKEY(info); if (EVP_PKEY_get_base_id(*ppub) != key_base_id) { OSSL_STORE_INFO_free(info); - DST_RET(DST_R_BADKEYTYPE); + CLEANUP(DST_R_BADKEYTYPE); } break; } diff --git a/lib/dns/opensslecdsa_link.c b/lib/dns/opensslecdsa_link.c index 6fd0cca8420..54213d5cdf3 100644 --- a/lib/dns/opensslecdsa_link.c +++ b/lib/dns/opensslecdsa_link.c @@ -50,12 +50,6 @@ #define MAX_PRIVKEY_SIZE (MAX_PUBKEY_SIZE / 2) -#define DST_RET(a) \ - { \ - result = a; \ - goto cleanup; \ - } - #if OPENSSL_VERSION_NUMBER >= 0x30200000L static isc_result_t opensslecdsa_set_deterministic(EVP_PKEY_CTX *pctx, unsigned int key_alg) { @@ -184,13 +178,13 @@ opensslecdsa_create_pkey_params(unsigned int key_alg, bool private, bld = OSSL_PARAM_BLD_new(); if (bld == NULL) { - DST_RET(dst__openssl_toresult2("OSSL_PARAM_BLD_new", + CLEANUP(dst__openssl_toresult2("OSSL_PARAM_BLD_new", DST_R_OPENSSLFAILURE)); } status = OSSL_PARAM_BLD_push_utf8_string( bld, OSSL_PKEY_PARAM_GROUP_NAME, groupname, 0); if (status != 1) { - DST_RET(dst__openssl_toresult2("OSSL_PARAM_BLD_push_" + CLEANUP(dst__openssl_toresult2("OSSL_PARAM_BLD_push_" "utf8_string", DST_R_OPENSSLFAILURE)); } @@ -198,27 +192,27 @@ opensslecdsa_create_pkey_params(unsigned int key_alg, bool private, if (private) { group = EC_GROUP_new_by_curve_name(group_nid); if (group == NULL) { - DST_RET(dst__openssl_toresult2("EC_GROUP_new_by_" + CLEANUP(dst__openssl_toresult2("EC_GROUP_new_by_" "curve_name", DST_R_OPENSSLFAILURE)); } priv = BN_bin2bn(key, key_len, NULL); if (priv == NULL) { - DST_RET(dst__openssl_toresult2("BN_bin2bn", + CLEANUP(dst__openssl_toresult2("BN_bin2bn", DST_R_OPENSSLFAILURE)); } status = OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_PRIV_KEY, priv); if (status != 1) { - DST_RET(dst__openssl_toresult2("OSSL_PARAM_BLD_push_BN", + CLEANUP(dst__openssl_toresult2("OSSL_PARAM_BLD_push_BN", DST_R_OPENSSLFAILURE)); } pubkey = opensslecdsa_generate_public_key(group, priv); if (pubkey == NULL) { - DST_RET(dst__openssl_toresult(DST_R_OPENSSLFAILURE)); + CLEANUP(dst__openssl_toresult(DST_R_OPENSSLFAILURE)); } key = buf; @@ -226,7 +220,7 @@ opensslecdsa_create_pkey_params(unsigned int key_alg, bool private, POINT_CONVERSION_UNCOMPRESSED, buf, sizeof(buf), NULL); if (key_len == 0) { - DST_RET(dst__openssl_toresult2("EC_POINT_point2oct", + CLEANUP(dst__openssl_toresult2("EC_POINT_point2oct", DST_R_OPENSSLFAILURE)); } } else { @@ -240,32 +234,32 @@ opensslecdsa_create_pkey_params(unsigned int key_alg, bool private, status = OSSL_PARAM_BLD_push_octet_string(bld, OSSL_PKEY_PARAM_PUB_KEY, key, key_len); if (status != 1) { - DST_RET(dst__openssl_toresult2("OSSL_PARAM_BLD_push_" + CLEANUP(dst__openssl_toresult2("OSSL_PARAM_BLD_push_" "octet_string", DST_R_OPENSSLFAILURE)); } params = OSSL_PARAM_BLD_to_param(bld); if (params == NULL) { - DST_RET(dst__openssl_toresult2("OSSL_PARAM_BLD_to_param", + CLEANUP(dst__openssl_toresult2("OSSL_PARAM_BLD_to_param", DST_R_OPENSSLFAILURE)); } ctx = EVP_PKEY_CTX_new_from_name(NULL, "EC", NULL); if (ctx == NULL) { - DST_RET(dst__openssl_toresult2("EVP_PKEY_CTX_new_from_name", + CLEANUP(dst__openssl_toresult2("EVP_PKEY_CTX_new_from_name", DST_R_OPENSSLFAILURE)); } status = EVP_PKEY_fromdata_init(ctx); if (status != 1) { /* This will fail if the default provider is an engine. * Return ISC_R_FAILURE to retry using the legacy API. */ - DST_RET(dst__openssl_toresult(ISC_R_FAILURE)); + CLEANUP(dst__openssl_toresult(ISC_R_FAILURE)); } status = EVP_PKEY_fromdata( ctx, pkey, private ? EVP_PKEY_KEYPAIR : EVP_PKEY_PUBLIC_KEY, params); if (status != 1 || *pkey == NULL) { - DST_RET(dst__openssl_toresult2("EVP_PKEY_fromdata", + CLEANUP(dst__openssl_toresult2("EVP_PKEY_fromdata", DST_R_OPENSSLFAILURE)); } @@ -320,7 +314,7 @@ opensslecdsa_create_pkey_legacy(unsigned int key_alg, bool private, eckey = EC_KEY_new_by_curve_name(group_nid); if (eckey == NULL) { - DST_RET(dst__openssl_toresult(DST_R_OPENSSLFAILURE)); + CLEANUP(dst__openssl_toresult(DST_R_OPENSSLFAILURE)); } if (private) { @@ -328,18 +322,18 @@ opensslecdsa_create_pkey_legacy(unsigned int key_alg, bool private, privkey = BN_bin2bn(key, key_len, NULL); if (privkey == NULL) { - DST_RET(dst__openssl_toresult(DST_R_OPENSSLFAILURE)); + CLEANUP(dst__openssl_toresult(DST_R_OPENSSLFAILURE)); } if (!EC_KEY_set_private_key(eckey, privkey)) { - DST_RET(dst__openssl_toresult(DST_R_INVALIDPRIVATEKEY)); + CLEANUP(dst__openssl_toresult(DST_R_INVALIDPRIVATEKEY)); } pubkey = opensslecdsa_generate_public_key(group, privkey); if (pubkey == NULL) { - DST_RET(dst__openssl_toresult(DST_R_OPENSSLFAILURE)); + CLEANUP(dst__openssl_toresult(DST_R_OPENSSLFAILURE)); } if (EC_KEY_set_public_key(eckey, pubkey) != 1) { - DST_RET(dst__openssl_toresult(DST_R_OPENSSLFAILURE)); + CLEANUP(dst__openssl_toresult(DST_R_OPENSSLFAILURE)); } } else { const unsigned char *cp = buf; @@ -347,19 +341,19 @@ opensslecdsa_create_pkey_legacy(unsigned int key_alg, bool private, buf[0] = POINT_CONVERSION_UNCOMPRESSED; memmove(buf + 1, key, key_len); if (o2i_ECPublicKey(&eckey, &cp, key_len + 1) == NULL) { - DST_RET(dst__openssl_toresult(DST_R_INVALIDPUBLICKEY)); + CLEANUP(dst__openssl_toresult(DST_R_INVALIDPUBLICKEY)); } if (EC_KEY_check_key(eckey) != 1) { - DST_RET(dst__openssl_toresult(DST_R_INVALIDPUBLICKEY)); + CLEANUP(dst__openssl_toresult(DST_R_INVALIDPUBLICKEY)); } } pkey = EVP_PKEY_new(); if (pkey == NULL) { - DST_RET(dst__openssl_toresult(ISC_R_NOMEMORY)); + CLEANUP(dst__openssl_toresult(ISC_R_NOMEMORY)); } if (!EVP_PKEY_set1_EC_KEY(pkey, eckey)) { - DST_RET(dst__openssl_toresult(ISC_R_FAILURE)); + CLEANUP(dst__openssl_toresult(ISC_R_FAILURE)); } *retkey = pkey; @@ -455,19 +449,19 @@ opensslecdsa_generate_pkey_with_uri(int group_nid, const char *label, ctx = EVP_PKEY_CTX_new_from_name(NULL, "EC", "provider=pkcs11"); if (ctx == NULL) { - DST_RET(dst__openssl_toresult2("EVP_PKEY_CTX_new_from_name", + CLEANUP(dst__openssl_toresult2("EVP_PKEY_CTX_new_from_name", DST_R_OPENSSLFAILURE)); } status = EVP_PKEY_keygen_init(ctx); if (status != 1) { - DST_RET(dst__openssl_toresult2("EVP_PKEY_keygen_init", + CLEANUP(dst__openssl_toresult2("EVP_PKEY_keygen_init", DST_R_OPENSSLFAILURE)); } status = EVP_PKEY_CTX_set_params(ctx, params); if (status != 1) { - DST_RET(dst__openssl_toresult2("EVP_PKEY_CTX_set_params", + CLEANUP(dst__openssl_toresult2("EVP_PKEY_CTX_set_params", DST_R_OPENSSLFAILURE)); } /* @@ -478,7 +472,7 @@ opensslecdsa_generate_pkey_with_uri(int group_nid, const char *label, */ status = EVP_PKEY_CTX_set_ec_paramgen_curve_nid(ctx, group_nid); if (status != 1) { - DST_RET(dst__openssl_toresult2("EVP_PKEY_CTX_set_ec_paramgen_" + CLEANUP(dst__openssl_toresult2("EVP_PKEY_CTX_set_ec_paramgen_" "curve_nid", DST_R_OPENSSLFAILURE)); } @@ -486,7 +480,7 @@ opensslecdsa_generate_pkey_with_uri(int group_nid, const char *label, /* Generate the key. */ status = EVP_PKEY_generate(ctx, retkey); if (status != 1) { - DST_RET(dst__openssl_toresult2("EVP_PKEY_generate", + CLEANUP(dst__openssl_toresult2("EVP_PKEY_generate", DST_R_OPENSSLFAILURE)); } @@ -514,23 +508,23 @@ opensslecdsa_generate_pkey(unsigned int key_alg, const char *label, /* Generate the key's parameters. */ ctx = EVP_PKEY_CTX_new_from_name(NULL, "EC", NULL); if (ctx == NULL) { - DST_RET(dst__openssl_toresult2("EVP_PKEY_CTX_new_from_name", + CLEANUP(dst__openssl_toresult2("EVP_PKEY_CTX_new_from_name", DST_R_OPENSSLFAILURE)); } status = EVP_PKEY_paramgen_init(ctx); if (status != 1) { - DST_RET(dst__openssl_toresult2("EVP_PKEY_paramgen_init", + CLEANUP(dst__openssl_toresult2("EVP_PKEY_paramgen_init", DST_R_OPENSSLFAILURE)); } status = EVP_PKEY_CTX_set_ec_paramgen_curve_nid(ctx, group_nid); if (status != 1) { - DST_RET(dst__openssl_toresult2("EVP_PKEY_CTX_set_ec_paramgen_" + CLEANUP(dst__openssl_toresult2("EVP_PKEY_CTX_set_ec_paramgen_" "curve_nid", DST_R_OPENSSLFAILURE)); } status = EVP_PKEY_paramgen(ctx, ¶ms_pkey); if (status != 1 || params_pkey == NULL) { - DST_RET(dst__openssl_toresult2("EVP_PKEY_paramgen", + CLEANUP(dst__openssl_toresult2("EVP_PKEY_paramgen", DST_R_OPENSSLFAILURE)); } EVP_PKEY_CTX_free(ctx); @@ -538,18 +532,18 @@ opensslecdsa_generate_pkey(unsigned int key_alg, const char *label, /* Generate the key. */ ctx = EVP_PKEY_CTX_new(params_pkey, NULL); if (ctx == NULL) { - DST_RET(dst__openssl_toresult2("EVP_PKEY_CTX_new", + CLEANUP(dst__openssl_toresult2("EVP_PKEY_CTX_new", DST_R_OPENSSLFAILURE)); } status = EVP_PKEY_keygen_init(ctx); if (status != 1) { - DST_RET(dst__openssl_toresult2("EVP_PKEY_keygen_init", + CLEANUP(dst__openssl_toresult2("EVP_PKEY_keygen_init", DST_R_OPENSSLFAILURE)); } status = EVP_PKEY_keygen(ctx, retkey); if (status != 1) { - DST_RET(dst__openssl_toresult2("EVP_PKEY_keygen", + CLEANUP(dst__openssl_toresult2("EVP_PKEY_keygen", DST_R_OPENSSLFAILURE)); } result = ISC_R_SUCCESS; @@ -605,21 +599,21 @@ opensslecdsa_generate_pkey(unsigned int key_alg, const char *label, eckey = EC_KEY_new_by_curve_name(group_nid); if (eckey == NULL) { - DST_RET(dst__openssl_toresult2("EC_KEY_new_by_curve_name", + CLEANUP(dst__openssl_toresult2("EC_KEY_new_by_curve_name", DST_R_OPENSSLFAILURE)); } if (EC_KEY_generate_key(eckey) != 1) { - DST_RET(dst__openssl_toresult2("EC_KEY_generate_key", + CLEANUP(dst__openssl_toresult2("EC_KEY_generate_key", DST_R_OPENSSLFAILURE)); } pkey = EVP_PKEY_new(); if (pkey == NULL) { - DST_RET(dst__openssl_toresult(ISC_R_NOMEMORY)); + CLEANUP(dst__openssl_toresult(ISC_R_NOMEMORY)); } if (EVP_PKEY_set1_EC_KEY(pkey, eckey) != 1) { - DST_RET(dst__openssl_toresult2("EVP_PKEY_set1_EC_KEY", + CLEANUP(dst__openssl_toresult2("EVP_PKEY_set1_EC_KEY", DST_R_OPENSSLFAILURE)); } *retkey = pkey; @@ -687,7 +681,7 @@ opensslecdsa_createctx(dst_key_t *key, dst_context_t *dctx) { evp_md_ctx = EVP_MD_CTX_create(); if (evp_md_ctx == NULL) { - DST_RET(dst__openssl_toresult(ISC_R_NOMEMORY)); + CLEANUP(dst__openssl_toresult(ISC_R_NOMEMORY)); } if (dctx->key->key_alg == DST_ALG_ECDSA256) { type = isc__crypto_sha256; @@ -700,7 +694,7 @@ opensslecdsa_createctx(dst_key_t *key, dst_context_t *dctx) { dctx->key->keydata.pkeypair.priv) != 1) { EVP_MD_CTX_destroy(evp_md_ctx); - DST_RET(dst__openssl_toresult3(dctx->category, + CLEANUP(dst__openssl_toresult3(dctx->category, "EVP_DigestSignInit", ISC_R_FAILURE)); } @@ -717,7 +711,7 @@ opensslecdsa_createctx(dst_key_t *key, dst_context_t *dctx) { dctx->key->keydata.pkeypair.pub) != 1) { EVP_MD_CTX_destroy(evp_md_ctx); - DST_RET(dst__openssl_toresult3(dctx->category, + CLEANUP(dst__openssl_toresult3(dctx->category, "EVP_DigestVerifyInit", ISC_R_FAILURE)); } @@ -754,7 +748,7 @@ opensslecdsa_adddata(dst_context_t *dctx, const isc_region_t *data) { if (EVP_DigestSignUpdate(evp_md_ctx, data->base, data->length) != 1) { - DST_RET(dst__openssl_toresult3(dctx->category, + CLEANUP(dst__openssl_toresult3(dctx->category, "EVP_DigestSignUpdate", ISC_R_FAILURE)); } @@ -762,7 +756,7 @@ opensslecdsa_adddata(dst_context_t *dctx, const isc_region_t *data) { if (EVP_DigestVerifyUpdate(evp_md_ctx, data->base, data->length) != 1) { - DST_RET(dst__openssl_toresult3(dctx->category, + CLEANUP(dst__openssl_toresult3(dctx->category, "EVP_DigestVerifyUpdate", ISC_R_FAILURE)); } @@ -795,25 +789,25 @@ opensslecdsa_sign(dst_context_t *dctx, isc_buffer_t *sig) { isc_buffer_availableregion(sig, ®ion); if (region.length < siglen) { - DST_RET(ISC_R_NOSPACE); + CLEANUP(ISC_R_NOSPACE); } if (EVP_DigestSignFinal(evp_md_ctx, NULL, &sigder_len) != 1) { - DST_RET(dst__openssl_toresult3( + CLEANUP(dst__openssl_toresult3( dctx->category, "EVP_DigestSignFinal", ISC_R_FAILURE)); } if (sigder_len == 0) { - DST_RET(ISC_R_FAILURE); + CLEANUP(ISC_R_FAILURE); } sigder = isc_mem_get(dctx->mctx, sigder_len); sigder_alloced = sigder_len; if (EVP_DigestSignFinal(evp_md_ctx, sigder, &sigder_len) != 1) { - DST_RET(dst__openssl_toresult3( + CLEANUP(dst__openssl_toresult3( dctx->category, "EVP_DigestSignFinal", ISC_R_FAILURE)); } sigder_copy = sigder; if (d2i_ECDSA_SIG(&ecdsasig, &sigder_copy, sigder_len) == NULL) { - DST_RET(dst__openssl_toresult3(dctx->category, "d2i_ECDSA_SIG", + CLEANUP(dst__openssl_toresult3(dctx->category, "d2i_ECDSA_SIG", ISC_R_FAILURE)); } @@ -857,12 +851,12 @@ opensslecdsa_verify(dst_context_t *dctx, const isc_region_t *sig) { } if (sig->length != siglen) { - DST_RET(DST_R_VERIFYFAILURE); + CLEANUP(DST_R_VERIFYFAILURE); } ecdsasig = ECDSA_SIG_new(); if (ecdsasig == NULL) { - DST_RET(dst__openssl_toresult(ISC_R_NOMEMORY)); + CLEANUP(dst__openssl_toresult(ISC_R_NOMEMORY)); } r = BN_bin2bn(cp, siglen / 2, NULL); cp += siglen / 2; @@ -872,7 +866,7 @@ opensslecdsa_verify(dst_context_t *dctx, const isc_region_t *sig) { status = i2d_ECDSA_SIG(ecdsasig, NULL); if (status < 0) { - DST_RET(dst__openssl_toresult3(dctx->category, "i2d_ECDSA_SIG", + CLEANUP(dst__openssl_toresult3(dctx->category, "i2d_ECDSA_SIG", DST_R_VERIFYFAILURE)); } @@ -883,7 +877,7 @@ opensslecdsa_verify(dst_context_t *dctx, const isc_region_t *sig) { sigder_copy = sigder; status = i2d_ECDSA_SIG(ecdsasig, &sigder_copy); if (status < 0) { - DST_RET(dst__openssl_toresult3(dctx->category, "i2d_ECDSA_SIG", + CLEANUP(dst__openssl_toresult3(dctx->category, "i2d_ECDSA_SIG", DST_R_VERIFYFAILURE)); } @@ -942,10 +936,10 @@ opensslecdsa_todns(const dst_key_t *key, isc_buffer_t *data) { keysize = opensslecdsa_key_alg_to_publickey_size(key->key_alg); isc_buffer_availableregion(data, &r); if (r.length < keysize) { - DST_RET(ISC_R_NOSPACE); + CLEANUP(ISC_R_NOSPACE); } if (!opensslecdsa_extract_public_key(key, r.base, keysize)) { - DST_RET(dst__openssl_toresult(DST_R_OPENSSLFAILURE)); + CLEANUP(dst__openssl_toresult(DST_R_OPENSSLFAILURE)); } isc_buffer_add(data, keysize); @@ -967,10 +961,10 @@ opensslecdsa_fromdns(dst_key_t *key, isc_buffer_t *data) { isc_buffer_remainingregion(data, &r); if (r.length == 0) { - DST_RET(ISC_R_SUCCESS); + CLEANUP(ISC_R_SUCCESS); } if (r.length != len) { - DST_RET(DST_R_INVALIDPUBLICKEY); + CLEANUP(DST_R_INVALIDPUBLICKEY); } CHECK(opensslecdsa_create_pkey(key->key_alg, false, r.base, len, @@ -994,16 +988,16 @@ opensslecdsa_tofile(const dst_key_t *key, const char *directory) { unsigned short i; if (key->keydata.pkeypair.pub == NULL) { - DST_RET(DST_R_NULLKEY); + CLEANUP(DST_R_NULLKEY); } if (key->external) { priv.nelements = 0; - DST_RET(dst__privstruct_writefile(key, &priv, directory)); + CLEANUP(dst__privstruct_writefile(key, &priv, directory)); } if (key->keydata.pkeypair.priv == NULL) { - DST_RET(DST_R_NULLKEY); + CLEANUP(DST_R_NULLKEY); } keylen = opensslecdsa_key_alg_to_publickey_size(key->key_alg) / 2; @@ -1052,13 +1046,13 @@ opensslecdsa_parse(dst_key_t *key, isc_lex_t *lexer, dst_key_t *pub) { if (key->external) { if (priv.nelements != 0 || pub == NULL) { - DST_RET(dst__openssl_toresult(DST_R_INVALIDPRIVATEKEY)); + CLEANUP(dst__openssl_toresult(DST_R_INVALIDPRIVATEKEY)); } key->keydata.pkeypair.priv = pub->keydata.pkeypair.priv; key->keydata.pkeypair.pub = pub->keydata.pkeypair.pub; pub->keydata.pkeypair.priv = NULL; pub->keydata.pkeypair.pub = NULL; - DST_RET(ISC_R_SUCCESS); + CLEANUP(ISC_R_SUCCESS); } for (i = 0; i < priv.nelements; i++) { @@ -1083,13 +1077,13 @@ opensslecdsa_parse(dst_key_t *key, isc_lex_t *lexer, dst_key_t *pub) { if (pub != NULL && EVP_PKEY_eq(key->keydata.pkeypair.pub, pub->keydata.pkeypair.pub) != 1) { - DST_RET(DST_R_INVALIDPRIVATEKEY); + CLEANUP(DST_R_INVALIDPRIVATEKEY); } - DST_RET(ISC_R_SUCCESS); + CLEANUP(ISC_R_SUCCESS); } if (privkey_index < 0) { - DST_RET(dst__openssl_toresult(DST_R_INVALIDPRIVATEKEY)); + CLEANUP(dst__openssl_toresult(DST_R_INVALIDPRIVATEKEY)); } CHECK(opensslecdsa_create_pkey( @@ -1098,7 +1092,7 @@ opensslecdsa_parse(dst_key_t *key, isc_lex_t *lexer, dst_key_t *pub) { /* Check that the public component matches if given */ if (pub != NULL && EVP_PKEY_eq(pkey, pub->keydata.pkeypair.pub) != 1) { - DST_RET(DST_R_INVALIDPRIVATEKEY); + CLEANUP(DST_R_INVALIDPRIVATEKEY); } key->key_size = EVP_PKEY_bits(pkey); diff --git a/lib/dns/openssleddsa_link.c b/lib/dns/openssleddsa_link.c index b51e40a0581..7ef6e495c55 100644 --- a/lib/dns/openssleddsa_link.c +++ b/lib/dns/openssleddsa_link.c @@ -33,12 +33,6 @@ #include "dst_parse.h" #include "openssl_shim.h" -#define DST_RET(a) \ - { \ - result = a; \ - goto cleanup; \ - } - #ifndef NID_ED25519 #error "Ed25519 group is not known (NID_ED25519)" #endif /* ifndef NID_ED25519 */ @@ -184,19 +178,19 @@ openssleddsa_sign(dst_context_t *dctx, isc_buffer_t *sig) { siglen = alginfo->sig_size; isc_buffer_availableregion(sig, &sigreg); if (sigreg.length < (unsigned int)siglen) { - DST_RET(ISC_R_NOSPACE); + CLEANUP(ISC_R_NOSPACE); } isc_buffer_usedregion(buf, &tbsreg); if (EVP_DigestSignInit(ctx, NULL, NULL, NULL, pkey) != 1) { - DST_RET(dst__openssl_toresult3( + CLEANUP(dst__openssl_toresult3( dctx->category, "EVP_DigestSignInit", ISC_R_FAILURE)); } if (EVP_DigestSign(ctx, sigreg.base, &siglen, tbsreg.base, tbsreg.length) != 1) { - DST_RET(dst__openssl_toresult3(dctx->category, "EVP_DigestSign", + CLEANUP(dst__openssl_toresult3(dctx->category, "EVP_DigestSign", DST_R_SIGNFAILURE)); } isc_buffer_add(sig, (unsigned int)siglen); @@ -228,13 +222,13 @@ openssleddsa_verify(dst_context_t *dctx, const isc_region_t *sig) { } if (sig->length != alginfo->sig_size) { - DST_RET(DST_R_VERIFYFAILURE); + CLEANUP(DST_R_VERIFYFAILURE); } isc_buffer_usedregion(buf, &tbsreg); if (EVP_DigestVerifyInit(ctx, NULL, NULL, NULL, pkey) != 1) { - DST_RET(dst__openssl_toresult3( + CLEANUP(dst__openssl_toresult3( dctx->category, "EVP_DigestVerifyInit", ISC_R_FAILURE)); } @@ -283,13 +277,13 @@ openssleddsa_generate(dst_key_t *key, int unused, void (*callback)(int)) { status = EVP_PKEY_keygen_init(ctx); if (status != 1) { - DST_RET(dst__openssl_toresult2("EVP_PKEY_keygen_init", + CLEANUP(dst__openssl_toresult2("EVP_PKEY_keygen_init", DST_R_OPENSSLFAILURE)); } status = EVP_PKEY_keygen(ctx, &pkey); if (status != 1) { - DST_RET(dst__openssl_toresult2("EVP_PKEY_keygen", + CLEANUP(dst__openssl_toresult2("EVP_PKEY_keygen", DST_R_OPENSSLFAILURE)); } @@ -378,7 +372,7 @@ openssleddsa_tofile(const dst_key_t *key, const char *directory) { if (EVP_PKEY_get_raw_private_key(key->keydata.pkeypair.priv, buf, &len) != 1) { - DST_RET(dst__openssl_toresult(ISC_R_FAILURE)); + CLEANUP(dst__openssl_toresult(ISC_R_FAILURE)); } priv.elements[i].tag = TAG_EDDSA_PRIVATEKEY; priv.elements[i].length = len; @@ -421,16 +415,16 @@ openssleddsa_parse(dst_key_t *key, isc_lex_t *lexer, dst_key_t *pub) { if (key->external) { if (priv.nelements != 0) { - DST_RET(DST_R_INVALIDPRIVATEKEY); + CLEANUP(DST_R_INVALIDPRIVATEKEY); } if (pub == NULL) { - DST_RET(DST_R_INVALIDPRIVATEKEY); + CLEANUP(DST_R_INVALIDPRIVATEKEY); } key->keydata.pkeypair.priv = pub->keydata.pkeypair.priv; key->keydata.pkeypair.pub = pub->keydata.pkeypair.pub; pub->keydata.pkeypair.priv = NULL; pub->keydata.pkeypair.pub = NULL; - DST_RET(ISC_R_SUCCESS); + CLEANUP(ISC_R_SUCCESS); } for (i = 0; i < priv.nelements; i++) { @@ -455,13 +449,13 @@ openssleddsa_parse(dst_key_t *key, isc_lex_t *lexer, dst_key_t *pub) { if (pub != NULL && EVP_PKEY_eq(key->keydata.pkeypair.pub, pub->keydata.pkeypair.pub) != 1) { - DST_RET(DST_R_INVALIDPRIVATEKEY); + CLEANUP(DST_R_INVALIDPRIVATEKEY); } - DST_RET(ISC_R_SUCCESS); + CLEANUP(ISC_R_SUCCESS); } if (privkey_index < 0) { - DST_RET(DST_R_INVALIDPRIVATEKEY); + CLEANUP(DST_R_INVALIDPRIVATEKEY); } len = priv.elements[privkey_index].length; @@ -469,7 +463,7 @@ openssleddsa_parse(dst_key_t *key, isc_lex_t *lexer, dst_key_t *pub) { &len, &pkey)); /* Check that the public component matches if given */ if (pub != NULL && EVP_PKEY_eq(pkey, pub->keydata.pkeypair.pub) != 1) { - DST_RET(DST_R_INVALIDPRIVATEKEY); + CLEANUP(DST_R_INVALIDPRIVATEKEY); } key->keydata.pkeypair.priv = pkey; @@ -567,7 +561,7 @@ check_algorithm(unsigned char algorithm) { size_t key_len, sig_len; if (evp_md_ctx == NULL) { - DST_RET(ISC_R_NOMEMORY); + CLEANUP(ISC_R_NOMEMORY); } switch (algorithm) { @@ -588,7 +582,7 @@ check_algorithm(unsigned char algorithm) { alginfo = openssleddsa_alg_info(algorithm); break; default: - DST_RET(ISC_R_NOTIMPLEMENTED); + CLEANUP(ISC_R_NOTIMPLEMENTED); } INSIST(alginfo != NULL); @@ -601,7 +595,7 @@ check_algorithm(unsigned char algorithm) { EVP_DigestVerify(evp_md_ctx, sig, sig_len, test, sizeof(test) - 1) != 1) { - DST_RET(ISC_R_NOTIMPLEMENTED); + CLEANUP(ISC_R_NOTIMPLEMENTED); } cleanup: diff --git a/lib/dns/opensslrsa_link.c b/lib/dns/opensslrsa_link.c index 57c82baa1ef..465e1f663d3 100644 --- a/lib/dns/opensslrsa_link.c +++ b/lib/dns/opensslrsa_link.c @@ -37,12 +37,6 @@ #include "dst_parse.h" #include "openssl_shim.h" -#define DST_RET(a) \ - { \ - result = a; \ - goto cleanup; \ - } - #define OPENSSLRSA_MAX_MODULUS_BITS 4096 typedef struct rsa_components { @@ -435,23 +429,23 @@ opensslrsa_generate_pkey(unsigned int key_size, const char *label, BIGNUM *e, rsa = RSA_new(); pkey = EVP_PKEY_new(); if (rsa == NULL || pkey == NULL) { - DST_RET(dst__openssl_toresult(DST_R_OPENSSLFAILURE)); + CLEANUP(dst__openssl_toresult(DST_R_OPENSSLFAILURE)); } if (EVP_PKEY_set1_RSA(pkey, rsa) != 1) { - DST_RET(dst__openssl_toresult(DST_R_OPENSSLFAILURE)); + CLEANUP(dst__openssl_toresult(DST_R_OPENSSLFAILURE)); } if (callback != NULL) { cb = BN_GENCB_new(); if (cb == NULL) { - DST_RET(dst__openssl_toresult(ISC_R_NOMEMORY)); + CLEANUP(dst__openssl_toresult(ISC_R_NOMEMORY)); } BN_GENCB_set(cb, progress_cb, (void *)callback); } if (RSA_generate_key_ex(rsa, key_size, e, cb) != 1) { - DST_RET(dst__openssl_toresult2("RSA_generate_key_ex", + CLEANUP(dst__openssl_toresult2("RSA_generate_key_ex", DST_R_OPENSSLFAILURE)); } *retkey = pkey; @@ -476,20 +470,20 @@ opensslrsa_build_pkey(bool private, rsa_components_t *c, EVP_PKEY **retpkey) { if (c->n == NULL || c->e == NULL) { if (private) { - DST_RET(DST_R_INVALIDPRIVATEKEY); + CLEANUP(DST_R_INVALIDPRIVATEKEY); } - DST_RET(DST_R_INVALIDPUBLICKEY); + CLEANUP(DST_R_INVALIDPUBLICKEY); } if (rsa == NULL) { - DST_RET(dst__openssl_toresult2("RSA_new", + CLEANUP(dst__openssl_toresult2("RSA_new", DST_R_OPENSSLFAILURE)); } if (RSA_set0_key(rsa, (BIGNUM *)c->n, (BIGNUM *)c->e, (BIGNUM *)c->d) != 1) { - DST_RET(dst__openssl_toresult2("RSA_set0_key", + CLEANUP(dst__openssl_toresult2("RSA_set0_key", DST_R_OPENSSLFAILURE)); } c->n = NULL; @@ -499,7 +493,7 @@ opensslrsa_build_pkey(bool private, rsa_components_t *c, EVP_PKEY **retpkey) { if (c->p != NULL || c->q != NULL) { if (RSA_set0_factors(rsa, (BIGNUM *)c->p, (BIGNUM *)c->q) != 1) { - DST_RET(dst__openssl_toresult2("RSA_set0_factors", + CLEANUP(dst__openssl_toresult2("RSA_set0_factors", DST_R_OPENSSLFAILURE)); } c->p = NULL; @@ -511,7 +505,7 @@ opensslrsa_build_pkey(bool private, rsa_components_t *c, EVP_PKEY **retpkey) { (BIGNUM *)c->dmq1, (BIGNUM *)c->iqmp) == 0) { - DST_RET(dst__openssl_toresult2("RSA_set0_crt_params", + CLEANUP(dst__openssl_toresult2("RSA_set0_crt_params", DST_R_OPENSSLFAILURE)); } c->dmp1 = NULL; @@ -521,12 +515,12 @@ opensslrsa_build_pkey(bool private, rsa_components_t *c, EVP_PKEY **retpkey) { pkey = EVP_PKEY_new(); if (pkey == NULL) { - DST_RET(dst__openssl_toresult2("EVP_PKEY_new", + CLEANUP(dst__openssl_toresult2("EVP_PKEY_new", DST_R_OPENSSLFAILURE)); } status = EVP_PKEY_set1_RSA(pkey, rsa); if (status != 1) { - DST_RET(dst__openssl_toresult2("EVP_PKEY_set1_RSA", + CLEANUP(dst__openssl_toresult2("EVP_PKEY_set1_RSA", DST_R_OPENSSLFAILURE)); } @@ -570,25 +564,25 @@ opensslrsa_generate_pkey_with_uri(size_t key_size, const char *label, ctx = EVP_PKEY_CTX_new_from_name(NULL, "RSA", "provider=pkcs11"); if (ctx == NULL) { - DST_RET(dst__openssl_toresult2("EVP_PKEY_CTX_new_from_name", + CLEANUP(dst__openssl_toresult2("EVP_PKEY_CTX_new_from_name", DST_R_OPENSSLFAILURE)); } status = EVP_PKEY_keygen_init(ctx); if (status != 1) { - DST_RET(dst__openssl_toresult2("EVP_PKEY_keygen_init", + CLEANUP(dst__openssl_toresult2("EVP_PKEY_keygen_init", DST_R_OPENSSLFAILURE)); } status = EVP_PKEY_CTX_set_params(ctx, params); if (status != 1) { - DST_RET(dst__openssl_toresult2("EVP_PKEY_CTX_set_params", + CLEANUP(dst__openssl_toresult2("EVP_PKEY_CTX_set_params", DST_R_OPENSSLFAILURE)); } status = EVP_PKEY_generate(ctx, retkey); if (status != 1) { - DST_RET(dst__openssl_toresult2("EVP_PKEY_generate", + CLEANUP(dst__openssl_toresult2("EVP_PKEY_generate", DST_R_OPENSSLFAILURE)); } @@ -611,19 +605,19 @@ opensslrsa_generate_pkey(unsigned int key_size, const char *label, BIGNUM *e, ctx = EVP_PKEY_CTX_new_from_name(NULL, "RSA", NULL); if (ctx == NULL) { - DST_RET(dst__openssl_toresult(DST_R_OPENSSLFAILURE)); + CLEANUP(dst__openssl_toresult(DST_R_OPENSSLFAILURE)); } if (EVP_PKEY_keygen_init(ctx) != 1) { - DST_RET(dst__openssl_toresult(DST_R_OPENSSLFAILURE)); + CLEANUP(dst__openssl_toresult(DST_R_OPENSSLFAILURE)); } if (EVP_PKEY_CTX_set_rsa_keygen_bits(ctx, (int)key_size) != 1) { - DST_RET(dst__openssl_toresult(DST_R_OPENSSLFAILURE)); + CLEANUP(dst__openssl_toresult(DST_R_OPENSSLFAILURE)); } if (EVP_PKEY_CTX_set1_rsa_keygen_pubexp(ctx, e) != 1) { - DST_RET(dst__openssl_toresult(DST_R_OPENSSLFAILURE)); + CLEANUP(dst__openssl_toresult(DST_R_OPENSSLFAILURE)); } if (callback != NULL) { @@ -632,7 +626,7 @@ opensslrsa_generate_pkey(unsigned int key_size, const char *label, BIGNUM *e, } if (EVP_PKEY_keygen(ctx, retkey) != 1) { - DST_RET(dst__openssl_toresult2("EVP_PKEY_keygen", + CLEANUP(dst__openssl_toresult2("EVP_PKEY_keygen", DST_R_OPENSSLFAILURE)); } result = ISC_R_SUCCESS; @@ -651,69 +645,69 @@ opensslrsa_build_pkey(bool private, rsa_components_t *c, EVP_PKEY **retpkey) { bld = OSSL_PARAM_BLD_new(); if (bld == NULL) { - DST_RET(dst__openssl_toresult2("OSSL_PARAM_BLD_new", + CLEANUP(dst__openssl_toresult2("OSSL_PARAM_BLD_new", DST_R_OPENSSLFAILURE)); } if (OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_RSA_N, c->n) != 1 || OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_RSA_E, c->e) != 1) { - DST_RET(dst__openssl_toresult2("OSSL_PARAM_BLD_push_BN", + CLEANUP(dst__openssl_toresult2("OSSL_PARAM_BLD_push_BN", DST_R_OPENSSLFAILURE)); } if (c->d != NULL && OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_RSA_D, c->d) != 1) { - DST_RET(dst__openssl_toresult2("OSSL_PARAM_BLD_push_BN", + CLEANUP(dst__openssl_toresult2("OSSL_PARAM_BLD_push_BN", DST_R_OPENSSLFAILURE)); } if (c->p != NULL && OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_RSA_FACTOR1, c->p) != 1) { - DST_RET(dst__openssl_toresult2("OSSL_PARAM_BLD_push_BN", + CLEANUP(dst__openssl_toresult2("OSSL_PARAM_BLD_push_BN", DST_R_OPENSSLFAILURE)); } if (c->q != NULL && OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_RSA_FACTOR2, c->q) != 1) { - DST_RET(dst__openssl_toresult2("OSSL_PARAM_BLD_push_BN", + CLEANUP(dst__openssl_toresult2("OSSL_PARAM_BLD_push_BN", DST_R_OPENSSLFAILURE)); } if (c->dmp1 != NULL && OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_RSA_EXPONENT1, c->dmp1) != 1) { - DST_RET(dst__openssl_toresult2("OSSL_PARAM_BLD_push_BN", + CLEANUP(dst__openssl_toresult2("OSSL_PARAM_BLD_push_BN", DST_R_OPENSSLFAILURE)); } if (c->dmq1 != NULL && OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_RSA_EXPONENT2, c->dmq1) != 1) { - DST_RET(dst__openssl_toresult2("OSSL_PARAM_BLD_push_BN", + CLEANUP(dst__openssl_toresult2("OSSL_PARAM_BLD_push_BN", DST_R_OPENSSLFAILURE)); } if (c->iqmp != NULL && OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_RSA_COEFFICIENT1, c->iqmp) != 1) { - DST_RET(dst__openssl_toresult2("OSSL_PARAM_BLD_push_BN", + CLEANUP(dst__openssl_toresult2("OSSL_PARAM_BLD_push_BN", DST_R_OPENSSLFAILURE)); } params = OSSL_PARAM_BLD_to_param(bld); if (params == NULL) { - DST_RET(dst__openssl_toresult2("OSSL_PARAM_BLD_to_param", + CLEANUP(dst__openssl_toresult2("OSSL_PARAM_BLD_to_param", DST_R_OPENSSLFAILURE)); } ctx = EVP_PKEY_CTX_new_from_name(NULL, "RSA", NULL); if (ctx == NULL) { - DST_RET(dst__openssl_toresult2("EVP_PKEY_CTX_new_from_name", + CLEANUP(dst__openssl_toresult2("EVP_PKEY_CTX_new_from_name", DST_R_OPENSSLFAILURE)); } status = EVP_PKEY_fromdata_init(ctx); if (status != 1) { - DST_RET(dst__openssl_toresult2("EVP_PKEY_fromdata_init", + CLEANUP(dst__openssl_toresult2("EVP_PKEY_fromdata_init", DST_R_OPENSSLFAILURE)); } @@ -721,7 +715,7 @@ opensslrsa_build_pkey(bool private, rsa_components_t *c, EVP_PKEY **retpkey) { ctx, retpkey, private ? EVP_PKEY_KEYPAIR : EVP_PKEY_PUBLIC_KEY, params); if (status != 1) { - DST_RET(dst__openssl_toresult2("EVP_PKEY_fromdata", + CLEANUP(dst__openssl_toresult2("EVP_PKEY_fromdata", DST_R_OPENSSLFAILURE)); } result = ISC_R_SUCCESS; @@ -743,7 +737,7 @@ opensslrsa_generate(dst_key_t *key, int unused, void (*callback)(int)) { UNUSED(unused); if (e == NULL) { - DST_RET(dst__openssl_toresult(DST_R_OPENSSLFAILURE)); + CLEANUP(dst__openssl_toresult(DST_R_OPENSSLFAILURE)); } /* @@ -754,21 +748,21 @@ opensslrsa_generate(dst_key_t *key, int unused, void (*callback)(int)) { case DST_ALG_NSEC3RSASHA1: /* From RFC 3110 */ if (key->key_size > 4096) { - DST_RET(DST_R_INVALIDPARAM); + CLEANUP(DST_R_INVALIDPARAM); } break; case DST_ALG_RSASHA256: case DST_ALG_RSASHA256PRIVATEOID: /* From RFC 5702 */ if (key->key_size < 512 || key->key_size > 4096) { - DST_RET(DST_R_INVALIDPARAM); + CLEANUP(DST_R_INVALIDPARAM); } break; case DST_ALG_RSASHA512: case DST_ALG_RSASHA512PRIVATEOID: /* From RFC 5702 */ if (key->key_size < 1024 || key->key_size > 4096) { - DST_RET(DST_R_INVALIDPARAM); + CLEANUP(DST_R_INVALIDPARAM); } break; default: @@ -811,14 +805,14 @@ opensslrsa_todns(const dst_key_t *key, isc_buffer_t *data) { switch (key->key_alg) { case DST_ALG_RSASHA256PRIVATEOID: if (r.length < sizeof(oid_rsasha256)) { - DST_RET(ISC_R_NOSPACE); + CLEANUP(ISC_R_NOSPACE); } isc_buffer_putmem(data, oid_rsasha256, sizeof(oid_rsasha256)); isc_region_consume(&r, sizeof(oid_rsasha256)); break; case DST_ALG_RSASHA512PRIVATEOID: if (r.length < sizeof(oid_rsasha512)) { - DST_RET(ISC_R_NOSPACE); + CLEANUP(ISC_R_NOSPACE); } isc_buffer_putmem(data, oid_rsasha512, sizeof(oid_rsasha512)); isc_region_consume(&r, sizeof(oid_rsasha512)); @@ -832,13 +826,13 @@ opensslrsa_todns(const dst_key_t *key, isc_buffer_t *data) { if (e_bytes < 256) { /*%< key exponent is <= 2040 bits */ if (r.length < 1) { - DST_RET(ISC_R_NOSPACE); + CLEANUP(ISC_R_NOSPACE); } isc_buffer_putuint8(data, (uint8_t)e_bytes); isc_region_consume(&r, 1); } else { if (r.length < 3) { - DST_RET(ISC_R_NOSPACE); + CLEANUP(ISC_R_NOSPACE); } isc_buffer_putuint8(data, 0); isc_buffer_putuint16(data, (uint16_t)e_bytes); @@ -846,7 +840,7 @@ opensslrsa_todns(const dst_key_t *key, isc_buffer_t *data) { } if (r.length < e_bytes + mod_bytes) { - DST_RET(ISC_R_NOSPACE); + CLEANUP(ISC_R_NOSPACE); } BN_bn2bin(c.e, r.base); @@ -874,7 +868,7 @@ opensslrsa_fromdns(dst_key_t *key, isc_buffer_t *data) { isc_buffer_remainingregion(data, &r); if (r.length == 0) { - DST_RET(ISC_R_SUCCESS); + CLEANUP(ISC_R_SUCCESS); } /* @@ -885,7 +879,7 @@ opensslrsa_fromdns(dst_key_t *key, isc_buffer_t *data) { if (r.length < sizeof(oid_rsasha256) || memcmp(r.base, oid_rsasha256, sizeof(oid_rsasha256)) != 0) { - DST_RET(DST_R_INVALIDPUBLICKEY); + CLEANUP(DST_R_INVALIDPUBLICKEY); } isc_region_consume(&r, sizeof(oid_rsasha256)); isc_buffer_forward(data, sizeof(oid_rsasha256)); @@ -894,7 +888,7 @@ opensslrsa_fromdns(dst_key_t *key, isc_buffer_t *data) { if (r.length < sizeof(oid_rsasha512) || memcmp(r.base, oid_rsasha512, sizeof(oid_rsasha512)) != 0) { - DST_RET(DST_R_INVALIDPUBLICKEY); + CLEANUP(DST_R_INVALIDPUBLICKEY); } isc_region_consume(&r, sizeof(oid_rsasha512)); isc_buffer_forward(data, sizeof(oid_rsasha512)); @@ -903,7 +897,7 @@ opensslrsa_fromdns(dst_key_t *key, isc_buffer_t *data) { length = r.length; if (r.length < 1) { - DST_RET(DST_R_INVALIDPUBLICKEY); + CLEANUP(DST_R_INVALIDPUBLICKEY); } e_bytes = *r.base; @@ -911,7 +905,7 @@ opensslrsa_fromdns(dst_key_t *key, isc_buffer_t *data) { if (e_bytes == 0) { if (r.length < 2) { - DST_RET(DST_R_INVALIDPUBLICKEY); + CLEANUP(DST_R_INVALIDPUBLICKEY); } e_bytes = (*r.base) << 8; isc_region_consume(&r, 1); @@ -920,13 +914,13 @@ opensslrsa_fromdns(dst_key_t *key, isc_buffer_t *data) { } if (r.length < e_bytes) { - DST_RET(DST_R_INVALIDPUBLICKEY); + CLEANUP(DST_R_INVALIDPUBLICKEY); } c.e = BN_bin2bn(r.base, e_bytes, NULL); isc_region_consume(&r, e_bytes); c.n = BN_bin2bn(r.base, r.length, NULL); if (c.e == NULL || c.n == NULL) { - DST_RET(ISC_R_NOMEMORY); + CLEANUP(ISC_R_NOMEMORY); } isc_buffer_forward(data, length); @@ -1072,14 +1066,14 @@ opensslrsa_parse(dst_key_t *key, isc_lex_t *lexer, dst_key_t *pub) { if (key->external) { if (priv.nelements != 0 || pub == NULL) { - DST_RET(DST_R_INVALIDPRIVATEKEY); + CLEANUP(DST_R_INVALIDPRIVATEKEY); } key->keydata.pkeypair.pub = pub->keydata.pkeypair.pub; key->keydata.pkeypair.priv = pub->keydata.pkeypair.priv; pub->keydata.pkeypair.pub = NULL; pub->keydata.pkeypair.priv = NULL; key->key_size = pub->key_size; - DST_RET(ISC_R_SUCCESS); + CLEANUP(ISC_R_SUCCESS); } for (i = 0; i < priv.nelements; i++) { @@ -1105,9 +1099,9 @@ opensslrsa_parse(dst_key_t *key, isc_lex_t *lexer, dst_key_t *pub) { if (pub != NULL && EVP_PKEY_eq(key->keydata.pkeypair.pub, pub->keydata.pkeypair.pub) != 1) { - DST_RET(DST_R_INVALIDPRIVATEKEY); + CLEANUP(DST_R_INVALIDPRIVATEKEY); } - DST_RET(ISC_R_SUCCESS); + CLEANUP(ISC_R_SUCCESS); } for (i = 0; i < priv.nelements; i++) { @@ -1121,7 +1115,7 @@ opensslrsa_parse(dst_key_t *key, isc_lex_t *lexer, dst_key_t *pub) { bn = BN_bin2bn(priv.elements[i].data, priv.elements[i].length, NULL); if (bn == NULL) { - DST_RET(ISC_R_NOMEMORY); + CLEANUP(ISC_R_NOMEMORY); } switch (priv.elements[i].tag) { case TAG_RSA_MODULUS: @@ -1156,10 +1150,10 @@ opensslrsa_parse(dst_key_t *key, isc_lex_t *lexer, dst_key_t *pub) { /* Basic sanity check for public key portion */ if (c.n == NULL || c.e == NULL) { - DST_RET(DST_R_INVALIDPRIVATEKEY); + CLEANUP(DST_R_INVALIDPRIVATEKEY); } if (BN_num_bits(c.e) > RSA_MAX_PUBEXP_BITS) { - DST_RET(ISC_R_RANGE); + CLEANUP(ISC_R_RANGE); } key->key_size = BN_num_bits(c.n); @@ -1167,7 +1161,7 @@ opensslrsa_parse(dst_key_t *key, isc_lex_t *lexer, dst_key_t *pub) { /* Check that the public component matches if given */ if (pub != NULL && EVP_PKEY_eq(pkey, pub->keydata.pkeypair.pub) != 1) { - DST_RET(DST_R_INVALIDPRIVATEKEY); + CLEANUP(DST_R_INVALIDPRIVATEKEY); } key->keydata.pkeypair.pub = pkey; @@ -1196,7 +1190,7 @@ opensslrsa_fromlabel(dst_key_t *key, const char *label, const char *pin) { &privpkey)); if (!opensslrsa_check_exponent_bits(pubpkey, RSA_MAX_PUBEXP_BITS)) { - DST_RET(ISC_R_RANGE); + CLEANUP(ISC_R_RANGE); } key->label = isc_mem_strdup(key->mctx, label); @@ -1335,7 +1329,7 @@ check_algorithm(unsigned short algorithm) { len = sizeof(sha512_sig) - 1; break; default: - DST_RET(ISC_R_NOTIMPLEMENTED); + CLEANUP(ISC_R_NOTIMPLEMENTED); } /* @@ -1354,7 +1348,7 @@ check_algorithm(unsigned short algorithm) { EVP_DigestUpdate(evp_md_ctx, "test", 4) != 1 || EVP_VerifyFinal(evp_md_ctx, sig, len, pkey) != 1) { - DST_RET(ISC_R_NOTIMPLEMENTED); + CLEANUP(ISC_R_NOTIMPLEMENTED); } cleanup: diff --git a/lib/dns/private.c b/lib/dns/private.c index 60ed1041f87..8982b7a73f6 100644 --- a/lib/dns/private.c +++ b/lib/dns/private.c @@ -306,7 +306,7 @@ dns_private_totext(dns_rdata_t *private, isc_buffer_t *buf) { if (!dns_nsec3param_fromprivate(private, &rdata, nsec3buf, sizeof(nsec3buf))) { - CHECK(ISC_R_FAILURE); + CLEANUP(ISC_R_FAILURE); } CHECK(dns_rdata_tostruct(&rdata, &nsec3param, NULL)); diff --git a/lib/dns/rdata.c b/lib/dns/rdata.c index 5ad80cebc95..3330d47d71c 100644 --- a/lib/dns/rdata.c +++ b/lib/dns/rdata.c @@ -1093,7 +1093,7 @@ unknown_fromtext(dns_rdataclass_t rdclass, dns_rdatatype_t type, CHECK(isc_hex_tobuffer(lexer, buf, (unsigned int)token.value.as_ulong)); if (isc_buffer_usedlength(buf) != token.value.as_ulong) { - CHECK(ISC_R_UNEXPECTEDEND); + CLEANUP(ISC_R_UNEXPECTEDEND); } } diff --git a/lib/dns/rdataslab.c b/lib/dns/rdataslab.c index 5910d1b6d22..2fa0f30c1b0 100644 --- a/lib/dns/rdataslab.c +++ b/lib/dns/rdataslab.c @@ -514,7 +514,7 @@ dns_rdataslab_merge(dns_slabheader_t *oheader, dns_slabheader_t *nheader, * than ncount, then we found such a duplicate. */ if (((flags & DNS_RDATASLAB_EXACT) != 0) && (tcount < ncount)) { - CHECK(DNS_R_NOTEXACT); + CLEANUP(DNS_R_NOTEXACT); } /* @@ -522,7 +522,7 @@ dns_rdataslab_merge(dns_slabheader_t *oheader, dns_slabheader_t *nheader, * FORCE flag isn't set, we're done. */ if (tcount == 0 && (flags & DNS_RDATASLAB_FORCE) == 0) { - CHECK(DNS_R_UNCHANGED); + CLEANUP(DNS_R_UNCHANGED); } /* Add to tcount the total number of items from the old slab. */ @@ -533,11 +533,11 @@ dns_rdataslab_merge(dns_slabheader_t *oheader, dns_slabheader_t *nheader, /* Single types can't have more than one RR. */ if (tcount > 1 && dns_rdatatype_issingleton(type)) { - CHECK(DNS_R_SINGLETON); + CLEANUP(DNS_R_SINGLETON); } if (tcount > 0xffff) { - CHECK(ISC_R_NOSPACE); + CLEANUP(ISC_R_NOSPACE); } /* Allocate the target buffer and copy the new slab's header */ @@ -673,7 +673,7 @@ dns_rdataslab_subtract(dns_slabheader_t *oheader, dns_slabheader_t *sheader, * duplicates.) */ if ((flags & DNS_RDATASLAB_EXACT) != 0 && rcount != scount) { - CHECK(DNS_R_NOTEXACT); + CLEANUP(DNS_R_NOTEXACT); } /* @@ -681,14 +681,14 @@ dns_rdataslab_subtract(dns_slabheader_t *oheader, dns_slabheader_t *sheader, * create a new buffer, just return. */ if (tcount == 0) { - CHECK(DNS_R_NXRRSET); + CLEANUP(DNS_R_NXRRSET); } /* * If nothing is going to change, stop. */ if (rcount == 0) { - CHECK(DNS_R_UNCHANGED); + CLEANUP(DNS_R_UNCHANGED); } /* diff --git a/lib/dns/request.c b/lib/dns/request.c index 46148c2bb0e..93c868ecfd9 100644 --- a/lib/dns/request.c +++ b/lib/dns/request.c @@ -686,7 +686,7 @@ req_render(dns_message_t *message, isc_buffer_t **bufferp, unsigned int options, */ isc_buffer_usedregion(buf1, &r); if ((options & DNS_REQUESTOPT_TCP) == 0 && r.length > 512) { - CHECK(DNS_R_USETCP); + CLEANUP(DNS_R_USETCP); } isc_buffer_allocate(mctx, &buf2, r.length); CHECK(isc_buffer_copyregion(buf2, &r)); diff --git a/lib/dns/resconf.c b/lib/dns/resconf.c index e53666c70cb..cc7524ed41d 100644 --- a/lib/dns/resconf.c +++ b/lib/dns/resconf.c @@ -217,7 +217,7 @@ add_server(isc_mem_t *mctx, const char *address_str, address = isc_mem_get(mctx, sizeof(*address)); if (res->ai_addrlen > sizeof(address->type)) { isc_mem_put(mctx, address, sizeof(*address)); - CHECK(ISC_R_RANGE); + CLEANUP(ISC_R_RANGE); } if (res->ai_family == AF_INET) { @@ -237,7 +237,7 @@ add_server(isc_mem_t *mctx, const char *address_str, isc_mem_put(mctx, address, sizeof(*address)); UNEXPECTED_ERROR("ai_family (%d) not INET nor INET6", res->ai_family); - CHECK(ISC_R_UNEXPECTED); + CLEANUP(ISC_R_UNEXPECTED); } address->length = (unsigned int)res->ai_addrlen; diff --git a/lib/dns/resolver.c b/lib/dns/resolver.c index 018d76e739b..404086b898e 100644 --- a/lib/dns/resolver.c +++ b/lib/dns/resolver.c @@ -6987,7 +6987,7 @@ resume_dslookup(void *arg) { * made. Interrupt the DS chasing process, returning SERVFAIL. */ if (dns_name_equal(fctx->nsname, fetch->private->domain)) { - CHECK(DNS_R_SERVFAIL); + CLEANUP(DNS_R_SERVFAIL); } /* Get nameservers from fetch before we destroy it. */ diff --git a/lib/dns/sdlz.c b/lib/dns/sdlz.c index 96adec1e396..22bd0ee2104 100644 --- a/lib/dns/sdlz.c +++ b/lib/dns/sdlz.c @@ -982,7 +982,7 @@ modrdataset(dns_db_t *db, dns_dbnode_t *node, dns_dbversion_t *version, buffer)); if (isc_buffer_usedlength(buffer) < 1) { - CHECK(ISC_R_BADADDRESSFORM); + CLEANUP(ISC_R_BADADDRESSFORM); } rdatastr = isc_buffer_base(buffer); @@ -1641,7 +1641,7 @@ dns_sdlz_putrr(dns_sdlzlookup_t *lookup, const char *type, dns_ttl_t ttl, } while (result == ISC_R_NOSPACE); if (result != ISC_R_SUCCESS) { - CHECK(DNS_R_SERVFAIL); + CLEANUP(DNS_R_SERVFAIL); } ISC_LIST_APPEND(rdatalist->rdata, rdata, link); diff --git a/lib/dns/skr.c b/lib/dns/skr.c index fd57d4bcf3e..7eec1f45314 100644 --- a/lib/dns/skr.c +++ b/lib/dns/skr.c @@ -29,7 +29,7 @@ #define NEXTTOKEN(lex, opt, token) CHECK(isc_lex_gettoken(lex, opt, token)) -#define BADTOKEN() CHECK(ISC_R_UNEXPECTEDTOKEN) +#define BADTOKEN() CLEANUP(ISC_R_UNEXPECTEDTOKEN) #define TOKENSIZ (8 * 1024) #define STR(t) ((t).value.as_textregion.base) @@ -58,7 +58,7 @@ parse_rr(isc_lex_t *lex, isc_mem_t *mctx, char *owner, dns_name_t *origin, isc_buffer_add(&b, strlen(owner)); CHECK(dns_name_fromtext(dname, &b, dns_rootname, 0)); if (dns_name_compare(dname, origin) != 0) { - CHECK(DNS_R_BADOWNERNAME); + CLEANUP(DNS_R_BADOWNERNAME); } isc_buffer_clear(&b); @@ -248,7 +248,7 @@ dns_skr_read(isc_mem_t *mctx, const char *filename, dns_name_t *origin, } if (token.type != isc_tokentype_string) { - CHECK(DNS_R_SYNTAX); + CLEANUP(DNS_R_SYNTAX); } if (strcmp(STR(token), ";;") == 0) { @@ -257,7 +257,7 @@ dns_skr_read(isc_mem_t *mctx, const char *filename, dns_name_t *origin, if (token.type != isc_tokentype_string || strcmp(STR(token), "SignedKeyResponse") != 0) { - CHECK(DNS_R_SYNTAX); + CLEANUP(DNS_R_SYNTAX); } /* Version */ @@ -265,20 +265,20 @@ dns_skr_read(isc_mem_t *mctx, const char *filename, dns_name_t *origin, if (token.type != isc_tokentype_string || strcmp(STR(token), "1.0") != 0) { - CHECK(DNS_R_SYNTAX); + CLEANUP(DNS_R_SYNTAX); } /* Date and time of bundle */ CHECK(isc_lex_gettoken(lex, opt, &token)); if (token.type != isc_tokentype_string) { - CHECK(DNS_R_SYNTAX); + CLEANUP(DNS_R_SYNTAX); } if (strcmp(STR(token), "generated") == 0) { /* Final bundle */ goto readline; } if (token.type != isc_tokentype_string) { - CHECK(DNS_R_SYNTAX); + CLEANUP(DNS_R_SYNTAX); } /* Add previous bundle */ @@ -340,7 +340,7 @@ dns_skr_read(isc_mem_t *mctx, const char *filename, dns_name_t *origin, } if (result != ISC_R_EOF) { - CHECK(DNS_R_SYNTAX); + CLEANUP(DNS_R_SYNTAX); } result = ISC_R_SUCCESS; diff --git a/lib/dns/tkey.c b/lib/dns/tkey.c index c3b1154fdad..028aed74dee 100644 --- a/lib/dns/tkey.c +++ b/lib/dns/tkey.c @@ -358,19 +358,19 @@ dns_tkey_processquery(dns_message_t *msg, dns_tkeyctx_t *tctx, if (result != ISC_R_SUCCESS) { tkey_log("dns_tkey_processquery: couldn't find a TKEY " "matching the question"); - CHECK(DNS_R_FORMERR); + CLEANUP(DNS_R_FORMERR); } result = dns_rdataset_first(tkeyset); if (result != ISC_R_SUCCESS) { - CHECK(DNS_R_FORMERR); + CLEANUP(DNS_R_FORMERR); } dns_rdataset_current(tkeyset, &rdata); CHECK(dns_rdata_tostruct(&rdata, &tkeyin, NULL)); if (tkeyin.error != dns_rcode_noerror) { - CHECK(DNS_R_FORMERR); + CLEANUP(DNS_R_FORMERR); } /* @@ -386,7 +386,7 @@ dns_tkey_processquery(dns_message_t *msg, dns_tkeyctx_t *tctx, { tkey_log("dns_tkey_processquery: query was not " "properly signed - rejecting"); - CHECK(DNS_R_FORMERR); + CLEANUP(DNS_R_FORMERR); } tkeyout = (dns_rdata_tkey_t){ @@ -620,7 +620,7 @@ dns_tkey_gssnegotiate(dns_message_t *qmsg, dns_message_t *rmsg, { tkey_log("dns_tkey_gssnegotiate: tkey mode invalid " "or error set(4)"); - CHECK(DNS_R_INVALIDTKEY); + CLEANUP(DNS_R_INVALIDTKEY); } isc_buffer_init(&intoken, rtkey.key, rtkey.keylen); diff --git a/lib/dns/update.c b/lib/dns/update.c index 1927df5ab57..99f8318d537 100644 --- a/lib/dns/update.c +++ b/lib/dns/update.c @@ -784,7 +784,7 @@ next_active(dns_update_log_t *log, dns_zone_t *zone, dns_db_t *db, if (wraps == 2) { update_log(log, zone, ISC_LOG_ERROR, "secure zone with no NSECs"); - CHECK(DNS_R_BADZONE); + CLEANUP(DNS_R_BADZONE); } } CHECK(dns_dbiterator_current(dbit, &node, newname)); @@ -1104,7 +1104,7 @@ add_sigs(dns_update_log_t *log, dns_zone_t *zone, dns_db_t *db, /* Look up the signature in the SKR bundle */ dns_skrbundle_t *bundle = dns_zone_getskrbundle(zone); if (bundle == NULL) { - CHECK(DNS_R_NOSKRBUNDLE); + CLEANUP(DNS_R_NOSKRBUNDLE); } CHECK(dns_skrbundle_getsig(bundle, keys[i], type, &sig_rdata)); diff --git a/lib/dns/validator.c b/lib/dns/validator.c index 0c7122c7f32..1721f671c7f 100644 --- a/lib/dns/validator.c +++ b/lib/dns/validator.c @@ -445,7 +445,7 @@ fetch_callback_dnskey(void *arg) { dns_resolver_destroyfetch(&val->fetch); if (CANCELED(val) || CANCELING(val)) { - CHECK(ISC_R_CANCELED); + CLEANUP(ISC_R_CANCELED); } if (trustchain) { @@ -540,7 +540,7 @@ fetch_callback_ds(void *arg) { dns_resolver_destroyfetch(&val->fetch); if (CANCELED(val) || CANCELING(val)) { - CHECK(ISC_R_CANCELED); + CLEANUP(ISC_R_CANCELED); } if (trustchain) { @@ -648,7 +648,7 @@ validator_callback_dnskey(void *arg) { val->subvalidator = NULL; if (CANCELED(val) || CANCELING(val)) { - CHECK(ISC_R_CANCELED); + CLEANUP(ISC_R_CANCELED); } validator_log(val, ISC_LOG_DEBUG(3), "in validator_callback_dnskey"); @@ -701,7 +701,7 @@ validator_callback_ds(void *arg) { val->subvalidator = NULL; if (CANCELED(val) || CANCELING(val)) { - CHECK(ISC_R_CANCELED); + CLEANUP(ISC_R_CANCELED); } validator_log(val, ISC_LOG_DEBUG(3), "in validator_callback_ds"); @@ -765,7 +765,7 @@ validator_callback_cname(void *arg) { val->subvalidator = NULL; if (CANCELED(val) || CANCELING(val)) { - CHECK(ISC_R_CANCELED); + CLEANUP(ISC_R_CANCELED); } validator_log(val, ISC_LOG_DEBUG(3), "in validator_callback_cname"); @@ -809,7 +809,7 @@ validator_callback_nsec(void *arg) { val->subvalidator = NULL; if (CANCELED(val) || CANCELING(val)) { - CHECK(ISC_R_CANCELED); + CLEANUP(ISC_R_CANCELED); } validator_log(val, ISC_LOG_DEBUG(3), "in validator_callback_nsec"); @@ -1562,7 +1562,7 @@ validate_answer_iter_start(dns_validator_t *val) { val->attributes &= ~VALATTR_OFFLOADED; if (CANCELING(val)) { validator_cancel_finish(val); - CHECK(ISC_R_CANCELED); + CLEANUP(ISC_R_CANCELED); } if (val->resume) { @@ -1593,7 +1593,7 @@ validate_answer_iter_next(void *arg) { val->attributes &= ~VALATTR_OFFLOADED; if (CANCELING(val)) { validator_cancel_finish(val); - CHECK(ISC_R_CANCELED); + CLEANUP(ISC_R_CANCELED); } val->resume = false; @@ -1683,7 +1683,7 @@ validate_answer_process(void *arg) { val->attributes &= ~VALATTR_OFFLOADED; if (CANCELING(val)) { validator_cancel_finish(val); - CHECK(ISC_R_CANCELED); + CLEANUP(ISC_R_CANCELED); } dns_rdata_reset(&val->rdata); @@ -2233,7 +2233,7 @@ validate_dnskey(void *arg) { dns_rdata_ds_t ds; if (CANCELED(val) || CANCELING(val)) { - CHECK(ISC_R_CANCELED); + CLEANUP(ISC_R_CANCELED); } /* @@ -2268,7 +2268,7 @@ validate_dnskey(void *arg) { validator_log(val, ISC_LOG_DEBUG(3), "no trusted root key"); } - CHECK(DNS_R_NOVALIDSIG); + CLEANUP(DNS_R_NOVALIDSIG); } /* @@ -3549,7 +3549,7 @@ validator_start(void *arg) { isc_result_t result = ISC_R_FAILURE; if (CANCELED(val) || CANCELING(val)) { - CHECK(ISC_R_CANCELED); + CLEANUP(ISC_R_CANCELED); } validator_log(val, ISC_LOG_DEBUG(3), "starting"); diff --git a/lib/dns/view.c b/lib/dns/view.c index a640e875acc..492cab865ae 100644 --- a/lib/dns/view.c +++ b/lib/dns/view.c @@ -1071,7 +1071,7 @@ dns_view_findzonecut(dns_view_t *view, const dns_name_t *name, try_hints = true; goto finish; } else { - CHECK(DNS_R_NXDOMAIN); + CLEANUP(DNS_R_NXDOMAIN); } } else if (result != ISC_R_SUCCESS) { /* @@ -1835,7 +1835,7 @@ dns_view_loadnta(dns_view_t *view) { if (token.type == isc_tokentype_eof) { break; } else if (token.type != isc_tokentype_string) { - CHECK(ISC_R_UNEXPECTEDTOKEN); + CLEANUP(ISC_R_UNEXPECTEDTOKEN); } name = TSTR(token); len = TLEN(token); @@ -1854,7 +1854,7 @@ dns_view_loadnta(dns_view_t *view) { CHECK(isc_lex_gettoken(lex, options, &token)); if (token.type != isc_tokentype_string) { - CHECK(ISC_R_UNEXPECTEDTOKEN); + CLEANUP(ISC_R_UNEXPECTEDTOKEN); } type = TSTR(token); @@ -1863,12 +1863,12 @@ dns_view_loadnta(dns_view_t *view) { } else if (strcmp(type, "forced") == 0) { forced = true; } else { - CHECK(ISC_R_UNEXPECTEDTOKEN); + CLEANUP(ISC_R_UNEXPECTEDTOKEN); } CHECK(isc_lex_gettoken(lex, options, &token)); if (token.type != isc_tokentype_string) { - CHECK(ISC_R_UNEXPECTEDTOKEN); + CLEANUP(ISC_R_UNEXPECTEDTOKEN); } timestamp = TSTR(token); CHECK(dns_time32_fromtext(timestamp, &t)); @@ -1877,7 +1877,7 @@ dns_view_loadnta(dns_view_t *view) { if (token.type != isc_tokentype_eol && token.type != isc_tokentype_eof) { - CHECK(ISC_R_UNEXPECTEDTOKEN); + CLEANUP(ISC_R_UNEXPECTEDTOKEN); } if (now <= t) { @@ -2110,7 +2110,7 @@ dns_view_addtrustedkey(dns_view_t *view, dns_rdatatype_t rdtype, REQUIRE(view->rdclass == dns_rdataclass_in); if (rdtype != dns_rdatatype_dnskey && rdtype != dns_rdatatype_ds) { - CHECK(ISC_R_NOTIMPLEMENTED); + CLEANUP(ISC_R_NOTIMPLEMENTED); } isc_buffer_init(&b, rdatabuf, sizeof(rdatabuf)); diff --git a/lib/dns/xfrin.c b/lib/dns/xfrin.c index aab34c0f5ff..60bee118064 100644 --- a/lib/dns/xfrin.c +++ b/lib/dns/xfrin.c @@ -352,14 +352,14 @@ axfr_apply(void *arg) { uint64_t records; if (atomic_load(&xfr->shuttingdown)) { - CHECK(ISC_R_SHUTTINGDOWN); + CLEANUP(ISC_R_SHUTTINGDOWN); } CHECK(dns_diff_load(&xfr->diff, &xfr->axfr)); if (xfr->maxrecords != 0U) { result = dns_db_getsize(xfr->db, xfr->ver, &records, NULL); if (result == ISC_R_SUCCESS && records > xfr->maxrecords) { - CHECK(DNS_R_TOOMANYRECORDS); + CLEANUP(DNS_R_TOOMANYRECORDS); } } @@ -522,7 +522,7 @@ ixfr_apply_one(dns_xfrin_t *xfr, ixfr_apply_data_t *data) { if (xfr->maxrecords != 0U) { result = dns_db_getsize(xfr->db, xfr->ver, &records, NULL); if (result == ISC_R_SUCCESS && records > xfr->maxrecords) { - CHECK(DNS_R_TOOMANYRECORDS); + CLEANUP(DNS_R_TOOMANYRECORDS); } } if (xfr->ixfr.journal != NULL) { @@ -684,7 +684,7 @@ xfr_rr(dns_xfrin_t *xfr, dns_name_t *name, uint32_t ttl, dns_rdata_t *rdata) { dns_rdatatype_format(rdata->type, buf, sizeof(buf)); xfrin_log(xfr, ISC_LOG_NOTICE, "Unexpected %s record in zone transfer", buf); - CHECK(DNS_R_FORMERR); + CLEANUP(DNS_R_FORMERR); } /* @@ -699,7 +699,7 @@ xfr_rr(dns_xfrin_t *xfr, dns_name_t *name, uint32_t ttl, dns_rdata_t *rdata) { dns_name_format(name, namebuf, sizeof(namebuf)); xfrin_log(xfr, ISC_LOG_DEBUG(3), "SOA name mismatch: '%s'", namebuf); - CHECK(DNS_R_NOTZONETOP); + CLEANUP(DNS_R_NOTZONETOP); } redo: @@ -708,7 +708,7 @@ redo: if (rdata->type != dns_rdatatype_soa) { xfrin_log(xfr, ISC_LOG_NOTICE, "non-SOA response to SOA query"); - CHECK(DNS_R_FORMERR); + CLEANUP(DNS_R_FORMERR); } end_serial = dns_soa_getserial(rdata); atomic_store_relaxed(&xfr->end_serial, end_serial); @@ -719,7 +719,7 @@ redo: "requested serial %u, " "primary has %" PRIuFAST32 ", not updating", xfr->ixfr.request_serial, end_serial); - CHECK(DNS_R_UPTODATE); + CLEANUP(DNS_R_UPTODATE); } atomic_store(&xfr->state, XFRST_GOTSOA); break; @@ -734,7 +734,7 @@ redo: if (rdata->type != dns_rdatatype_soa) { xfrin_log(xfr, ISC_LOG_NOTICE, "first RR in zone transfer must be SOA"); - CHECK(DNS_R_FORMERR); + CLEANUP(DNS_R_FORMERR); } /* * Remember the serial number in the initial SOA. @@ -755,7 +755,7 @@ redo: "requested serial %u, " "primary has %" PRIuFAST32 ", not updating", xfr->ixfr.request_serial, end_serial); - CHECK(DNS_R_UPTODATE); + CLEANUP(DNS_R_UPTODATE); } xfr->firstsoa = *rdata; if (xfr->firstsoa_data != NULL) { @@ -823,7 +823,7 @@ redo: "IXFR out of sync: " "expected serial %u, got %u", xfr->ixfr.current_serial, soa_serial); - CHECK(DNS_R_FORMERR); + CLEANUP(DNS_R_FORMERR); } else { CHECK(ixfr_commit(xfr)); atomic_store(&xfr->state, XFRST_IXFR_DELSOA); @@ -833,7 +833,7 @@ redo: if (rdata->type == dns_rdatatype_ns && dns_name_iswildcard(name)) { - CHECK(DNS_R_INVALIDNS); + CLEANUP(DNS_R_INVALIDNS); } CHECK(ixfr_putdata(xfr, DNS_DIFFOP_ADD, name, ttl, rdata)); break; @@ -858,7 +858,7 @@ redo: xfrin_log(xfr, ISC_LOG_NOTICE, "start and ending SOA records " "mismatch"); - CHECK(DNS_R_FORMERR); + CLEANUP(DNS_R_FORMERR); } axfr_commit(xfr); atomic_store(&xfr->state, XFRST_AXFR_END); @@ -867,7 +867,7 @@ redo: break; case XFRST_AXFR_END: case XFRST_IXFR_END: - CHECK(DNS_R_EXTRADATA); + CLEANUP(DNS_R_EXTRADATA); break; default: UNREACHABLE(); @@ -1288,7 +1288,7 @@ xfrin_start(dns_xfrin_t *xfr) { dns_dispatchmgr_t *dispmgr = dns_view_getdispatchmgr(xfr->view); if (dispmgr == NULL) { - CHECK(ISC_R_SHUTTINGDOWN); + CLEANUP(ISC_R_SHUTTINGDOWN); } primaries_timeout = isc_nm_getprimariestimeout(); @@ -1863,7 +1863,7 @@ xfrin_recv_done(isc_result_t result, isc_region_t *region, void *arg) { if (msg->counts[DNS_SECTION_QUESTION] > 1) { xfrin_log(xfr, ISC_LOG_NOTICE, "too many questions (%u)", msg->counts[DNS_SECTION_QUESTION]); - CHECK(DNS_R_FORMERR); + CLEANUP(DNS_R_FORMERR); } if ((atomic_load(&xfr->state) == XFRST_SOAQUERY || @@ -1871,7 +1871,7 @@ xfrin_recv_done(isc_result_t result, isc_region_t *region, void *arg) { msg->counts[DNS_SECTION_QUESTION] != 1) { xfrin_log(xfr, ISC_LOG_NOTICE, "missing question section"); - CHECK(DNS_R_FORMERR); + CLEANUP(DNS_R_FORMERR); } MSG_SECTION_FOREACH(msg, DNS_SECTION_QUESTION, name) { @@ -1882,19 +1882,19 @@ xfrin_recv_done(isc_result_t result, isc_region_t *region, void *arg) { if (!dns_name_equal(name, &xfr->name)) { xfrin_log(xfr, ISC_LOG_NOTICE, "question name mismatch"); - CHECK(DNS_R_FORMERR); + CLEANUP(DNS_R_FORMERR); } rds = ISC_LIST_HEAD(name->list); INSIST(rds != NULL); if (rds->type != xfr->reqtype) { xfrin_log(xfr, ISC_LOG_NOTICE, "question type mismatch"); - CHECK(DNS_R_FORMERR); + CLEANUP(DNS_R_FORMERR); } if (rds->rdclass != xfr->rdclass) { xfrin_log(xfr, ISC_LOG_NOTICE, "question class mismatch"); - CHECK(DNS_R_FORMERR); + CLEANUP(DNS_R_FORMERR); } } @@ -1916,7 +1916,7 @@ xfrin_recv_done(isc_result_t result, isc_region_t *region, void *arg) { if (xfr->reqtype == dns_rdatatype_soa && (msg->flags & DNS_MESSAGEFLAG_AA) == 0) { - CHECK(DNS_R_NOTAUTHORITATIVE); + CLEANUP(DNS_R_NOTAUTHORITATIVE); } result = dns_message_checksig(msg, xfr->view); @@ -1975,7 +1975,7 @@ xfrin_recv_done(isc_result_t result, isc_region_t *region, void *arg) { atomic_load(&xfr->state) == XFRST_AXFR_END || atomic_load(&xfr->state) == XFRST_IXFR_END) { - CHECK(DNS_R_EXPECTEDTSIG); + CLEANUP(DNS_R_EXPECTEDTSIG); } } diff --git a/lib/dns/zone.c b/lib/dns/zone.c index 3b52aaaf2f4..927c57e8093 100644 --- a/lib/dns/zone.c +++ b/lib/dns/zone.c @@ -2339,7 +2339,7 @@ zone_load(dns_zone_t *zone, unsigned int flags, bool locked) { if ((flags & DNS_ZONELOADFLAG_THAW) != 0) { DNS_ZONE_SETFLAG(zone, DNS_ZONEFLG_THAW); } - CHECK(ISC_R_LOADING); + CLEANUP(ISC_R_LOADING); } INSIST(zone->db_argc >= 1); @@ -2403,7 +2403,7 @@ zone_load(dns_zone_t *zone, unsigned int flags, bool locked) { ISC_LOG_DEBUG(1), "skipping load: master file " "older than last load"); - CHECK(DNS_R_UPTODATE); + CLEANUP(DNS_R_UPTODATE); } /* @@ -2453,7 +2453,7 @@ zone_load(dns_zone_t *zone, unsigned int flags, bool locked) { "DLZ %s does not exist or is set " "to 'search yes;'", zone->db_argv[1]); - CHECK(ISC_R_NOTFOUND); + CLEANUP(ISC_R_NOTFOUND); } ZONEDB_LOCK(&zone->dblock, isc_rwlocktype_write); @@ -5412,7 +5412,7 @@ zone_postload(dns_zone_t *zone, dns_db_t *db, isc_time_t loadtime, goto cleanup; } if (zone->type == dns_zone_primary && errors != 0) { - CHECK(DNS_R_BADZONE); + CLEANUP(DNS_R_BADZONE); } if (zone->type != dns_zone_stub && zone->type != dns_zone_redirect) @@ -5423,13 +5423,13 @@ zone_postload(dns_zone_t *zone, dns_db_t *db, isc_time_t loadtime, DNS_ZONE_OPTION(zone, DNS_ZONEOPT_CHECKINTEGRITY) && !integrity_checks(zone, db)) { - CHECK(DNS_R_BADZONE); + CLEANUP(DNS_R_BADZONE); } if (zone->type == dns_zone_primary && DNS_ZONE_OPTION(zone, DNS_ZONEOPT_CHECKDUPRR) && !zone_check_dup(zone, db)) { - CHECK(DNS_R_BADZONE); + CLEANUP(DNS_R_BADZONE); } if (zone->type == dns_zone_primary) { @@ -5447,7 +5447,7 @@ zone_postload(dns_zone_t *zone, dns_db_t *db, isc_time_t loadtime, dns_zone_log(zone, ISC_LOG_ERROR, "'log-report-channel' is set, but no " "'*._er/TXT' wildcard found"); - CHECK(DNS_R_BADZONE); + CLEANUP(DNS_R_BADZONE); } CHECK(dns_zone_verifydb(zone, db, NULL)); @@ -5493,7 +5493,7 @@ zone_postload(dns_zone_t *zone, dns_db_t *db, isc_time_t loadtime, "new serial (%u) out of range " "[%u - %u]", serial, serialmin, serialmax); - CHECK(DNS_R_BADZONE); + CLEANUP(DNS_R_BADZONE); } else if (!isc_serial_ge(serial, oldserial)) { dns_zone_logc(zone, DNS_LOGCATEGORY_ZONELOAD, ISC_LOG_ERROR, @@ -5578,7 +5578,7 @@ zone_postload(dns_zone_t *zone, dns_db_t *db, isc_time_t loadtime, default: UNEXPECTED_ERROR("unexpected zone type %d", zone->type); - CHECK(ISC_R_UNEXPECTED); + CLEANUP(ISC_R_UNEXPECTED); } /* @@ -7424,7 +7424,7 @@ add_sigs(dns_db_t *db, dns_dbversion_t *ver, dns_name_t *name, dns_zone_t *zone, /* Look up the signature in the SKR bundle */ dns_skrbundle_t *bundle = dns_zone_getskrbundle(zone); if (bundle == NULL) { - CHECK(DNS_R_NOSKRBUNDLE); + CLEANUP(DNS_R_NOSKRBUNDLE); } CHECK(dns_skrbundle_getsig(bundle, keys[i], type, &sig_rdata)); @@ -7539,7 +7539,7 @@ zone_resigninc(dns_zone_t *zone) { * Zone is frozen. Pause for 5 minutes. */ if (zone->update_disabled) { - CHECK(ISC_R_FAILURE); + CLEANUP(ISC_R_FAILURE); } ZONEDB_LOCK(&zone->dblock, isc_rwlocktype_read); @@ -7548,7 +7548,7 @@ zone_resigninc(dns_zone_t *zone) { } ZONEDB_UNLOCK(&zone->dblock, isc_rwlocktype_read); if (db == NULL) { - CHECK(ISC_R_FAILURE); + CLEANUP(ISC_R_FAILURE); } result = dns_db_newversion(db, &version); @@ -8029,7 +8029,7 @@ sign_a_node(dns_db_t *db, dns_zone_t *zone, dns_name_t *name, /* Look up the signature in the SKR bundle */ dns_skrbundle_t *bundle = dns_zone_getskrbundle(zone); if (bundle == NULL) { - CHECK(DNS_R_NOSKRBUNDLE); + CLEANUP(DNS_R_NOSKRBUNDLE); } CHECK(dns_skrbundle_getsig(bundle, key, rdataset.type, &rdata)); @@ -8719,7 +8719,7 @@ zone_nsec3chain(dns_zone_t *zone) { * Updates are disabled. Pause for 5 minutes. */ if (zone->update_disabled) { - CHECK(ISC_R_FAILURE); + CLEANUP(ISC_R_FAILURE); } ZONEDB_LOCK(&zone->dblock, isc_rwlocktype_read); @@ -14224,7 +14224,7 @@ again: } break; default: - CHECK(ISC_R_NOTIMPLEMENTED); + CLEANUP(ISC_R_NOTIMPLEMENTED); } /* @@ -16948,7 +16948,7 @@ receive_secure_db(void *arg) { LOCK_ZONE(zone); if (DNS_ZONE_FLAG(zone, DNS_ZONEFLG_EXITING) || !inline_secure(zone)) { - CHECK(ISC_R_SHUTTINGDOWN); + CLEANUP(ISC_R_SHUTTINGDOWN); } loadtime = isc_time_now(); @@ -18374,7 +18374,7 @@ dns_zone_forwardupdate(dns_zone_t *zone, dns_message_t *msg, mr = dns_message_getrawmessage(msg); if (mr == NULL) { - CHECK(ISC_R_UNEXPECTEDEND); + CLEANUP(ISC_R_UNEXPECTEDEND); } isc_buffer_allocate(zone->mctx, &forward->msgbuf, mr->length); @@ -19610,7 +19610,7 @@ zone_signwithkey(dns_zone_t *zone, dst_algorithm_t algorithm, uint16_t keyid, ZONEDB_UNLOCK(&zone->dblock, isc_rwlocktype_read); if (db == NULL) { - CHECK(ISC_R_NOTFOUND); + CLEANUP(ISC_R_NOTFOUND); } dns_db_attach(db, &signing->db); @@ -20609,7 +20609,7 @@ checkds_send_toaddr(void *arg) { checkds->zone->view->requestmgr == NULL || checkds->zone->db == NULL) { - CHECK(ISC_R_CANCELED); + CLEANUP(ISC_R_CANCELED); } /* @@ -20623,7 +20623,7 @@ checkds_send_toaddr(void *arg) { dns_zone_log(checkds->zone, ISC_LOG_DEBUG(3), "checkds: ignoring IPv6 mapped IPV4 address: %s", addrbuf); - CHECK(ISC_R_CANCELED); + CLEANUP(ISC_R_CANCELED); } checkds_createmessage(checkds->zone, &message); @@ -21456,7 +21456,7 @@ zone_rekey(dns_zone_t *zone) { dnssec_log(zone, ISC_LOG_DEBUG(1), "zone_rekey:dns_skr_lookup failed: " "no SKR available"); - CHECK(DNS_R_NOSKRFILE); + CLEANUP(DNS_R_NOSKRFILE); } bundle = dns_skr_lookup(zone->skr, now, sigval); zone->skrbundle = bundle; @@ -21477,7 +21477,7 @@ zone_rekey(dns_zone_t *zone) { "no available SKR bundle for time " "%.*s (%s)", (int)r.length, r.base, nowstr); - CHECK(DNS_R_NOSKRBUNDLE); + CLEANUP(DNS_R_NOSKRBUNDLE); } zone_apply_skrbundle(zone, bundle, &keyset, &cdsset, @@ -22246,7 +22246,7 @@ dns_zone_cdscheck(dns_zone_t *zone, dns_db_t *db, dns_dbversion_t *version) { } if (empty) { - CHECK(DNS_R_BADCDS); + CLEANUP(DNS_R_BADCDS); } CHECK(dns_rdata_tostruct(&crdata, &structcds, NULL)); @@ -22307,7 +22307,7 @@ dns_zone_cdscheck(dns_zone_t *zone, dns_db_t *db, dns_dbversion_t *version) { &crdata, &dnskey, &rdata); if (result != ISC_R_SUCCESS) { - CHECK(DNS_R_BADCDS); + CLEANUP(DNS_R_BADCDS); } CHECK(dns_rdata_tostruct(&rdata, &structdnskey, NULL)); @@ -22321,10 +22321,10 @@ dns_zone_cdscheck(dns_zone_t *zone, dns_db_t *db, dns_dbversion_t *version) { for (i = 0; i < sizeof(algorithms); i++) { if (delete) { if (algorithms[i] != notexpected) { - CHECK(DNS_R_BADCDS); + CLEANUP(DNS_R_BADCDS); } } else if (algorithms[i] == expected) { - CHECK(DNS_R_BADCDS); + CLEANUP(DNS_R_BADCDS); } } } @@ -22357,7 +22357,7 @@ dns_zone_cdscheck(dns_zone_t *zone, dns_db_t *db, dns_dbversion_t *version) { } if (empty) { - CHECK(DNS_R_BADCDNSKEY); + CLEANUP(DNS_R_BADCDNSKEY); } CHECK(dns_rdata_tostruct(&crdata, &structcdnskey, @@ -22389,10 +22389,10 @@ dns_zone_cdscheck(dns_zone_t *zone, dns_db_t *db, dns_dbversion_t *version) { for (i = 0; i < sizeof(algorithms); i++) { if (delete) { if (algorithms[i] != notexpected) { - CHECK(DNS_R_BADCDNSKEY); + CLEANUP(DNS_R_BADCDNSKEY); } } else if (algorithms[i] == expected) { - CHECK(DNS_R_BADCDNSKEY); + CLEANUP(DNS_R_BADCDNSKEY); } } } @@ -22797,14 +22797,14 @@ dns_zone_keydone(dns_zone_t *zone, const char *keystr) { n = sscanf(keystr, "%hu/", &keyid); if (n == 0U) { - CHECK(ISC_R_FAILURE); + CLEANUP(ISC_R_FAILURE); } algstr = strchr(keystr, '/'); if (algstr != NULL) { algstr++; } else { - CHECK(ISC_R_FAILURE); + CLEANUP(ISC_R_FAILURE); } n = sscanf(algstr, "%u", &alg); @@ -23627,12 +23627,12 @@ dns_zone_setserial(dns_zone_t *zone, uint32_t serial) { if (!inline_secure(zone)) { if (!dns_zone_isdynamic(zone, true)) { - CHECK(DNS_R_NOTDYNAMIC); + CLEANUP(DNS_R_NOTDYNAMIC); } } if (zone->update_disabled) { - CHECK(DNS_R_FROZEN); + CLEANUP(DNS_R_FROZEN); } sse = isc_mem_get(zone->mctx, sizeof(*sse)); diff --git a/lib/isc/interfaceiter.c b/lib/isc/interfaceiter.c index babe1ec21b9..4a5518a1418 100644 --- a/lib/isc/interfaceiter.c +++ b/lib/isc/interfaceiter.c @@ -170,7 +170,7 @@ isc_interfaceiter_create(isc_mem_t *mctx, isc_interfaceiter_t **iterp) { strerror_r(errno, strbuf, sizeof(strbuf)); UNEXPECTED_ERROR("getting interface addresses: getifaddrs: %s", strbuf); - CHECK(ISC_R_UNEXPECTED); + CLEANUP(ISC_R_UNEXPECTED); } /* diff --git a/lib/isc/netmgr/tcp.c b/lib/isc/netmgr/tcp.c index d67171b188f..84e57693bbb 100644 --- a/lib/isc/netmgr/tcp.c +++ b/lib/isc/netmgr/tcp.c @@ -720,7 +720,7 @@ isc__nm_tcp_read(isc_nmhandle_t *handle, isc_nm_recv_cb_t cb, void *cbarg) { } if (isc__nmsocket_closing(sock)) { - CHECK(ISC_R_CANCELED); + CLEANUP(ISC_R_CANCELED); } if (!sock->reading_throttled) { @@ -912,7 +912,7 @@ accept_connection(isc_nmsocket_t *csock) { * isc__nm_tcp_close() can't handle uninitalized TCP nmsocket. */ if (isc__nmsocket_closing(csock)) { - CHECK(ISC_R_CANCELED); + CLEANUP(ISC_R_CANCELED); } r = uv_accept(&csock->server->uv_handle.stream, @@ -936,7 +936,7 @@ accept_connection(isc_nmsocket_t *csock) { * it has expired. We cannot do anything better than * drop it on the floor at this point. */ - CHECK(ISC_R_TIMEDOUT); + CLEANUP(ISC_R_TIMEDOUT); } else { /* Adjust the initial read timeout accordingly */ csock->read_timeout -= time_elapsed_ms; diff --git a/lib/isccfg/aclconf.c b/lib/isccfg/aclconf.c index 9324e7a5f72..cea7a84328e 100644 --- a/lib/isccfg/aclconf.c +++ b/lib/isccfg/aclconf.c @@ -689,7 +689,7 @@ cfg_acl_fromconfig(const cfg_obj_t *acl_data, const cfg_obj_t *cctx, transports = isc_nm_httpsocket; encrypted = false; } else { - CHECK(ISC_R_FAILURE); + CLEANUP(ISC_R_FAILURE); } } @@ -880,7 +880,7 @@ cfg_acl_fromconfig(const cfg_obj_t *acl_data, const cfg_obj_t *cctx, cfg_obj_log(ce, ISC_LOG_WARNING, "address match list contains " "unsupported element type"); - CHECK(ISC_R_FAILURE); + CLEANUP(ISC_R_FAILURE); } /* diff --git a/lib/isccfg/check.c b/lib/isccfg/check.c index c4452572012..3851ecaec67 100644 --- a/lib/isccfg/check.c +++ b/lib/isccfg/check.c @@ -4900,7 +4900,7 @@ check_trust_anchor(const cfg_obj_t *key, unsigned int *flagsp) { * We can't interpret the trust anchor, so * we skip all other checks. */ - CHECK(ISC_R_FAILURE); + CLEANUP(ISC_R_FAILURE); UNREACHABLE(); } diff --git a/lib/isccfg/kaspconf.c b/lib/isccfg/kaspconf.c index 3a42da1997b..fbd70aae43f 100644 --- a/lib/isccfg/kaspconf.c +++ b/lib/isccfg/kaspconf.c @@ -155,7 +155,7 @@ cfg_kaspkey_fromconfig(const cfg_obj_t *config, dns_kasp_t *kasp, "allowed when offline-ksk " "is enabled"); } - CHECK(ISC_R_FAILURE); + CLEANUP(ISC_R_FAILURE); } key->role |= DNS_KASP_KEY_ROLE_KSK; key->role |= DNS_KASP_KEY_ROLE_ZSK; @@ -177,14 +177,14 @@ cfg_kaspkey_fromconfig(const cfg_obj_t *config, dns_kasp_t *kasp, "not exist", keydir); } - CHECK(ISC_R_FAILURE); + CLEANUP(ISC_R_FAILURE); } else if (result != ISC_R_SUCCESS) { if (log_errors) { cfg_obj_log(obj, ISC_LOG_ERROR, "dnssec-policy: bad keystore %s", keydir); } - CHECK(ISC_R_FAILURE); + CLEANUP(ISC_R_FAILURE); } INSIST(key->keystore != NULL); @@ -221,7 +221,7 @@ cfg_kaspkey_fromconfig(const cfg_obj_t *config, dns_kasp_t *kasp, "takes to " "do a rollover"); } - CHECK(ISC_R_FAILURE); + CLEANUP(ISC_R_FAILURE); } } @@ -236,7 +236,7 @@ cfg_kaspkey_fromconfig(const cfg_obj_t *config, dns_kasp_t *kasp, "dnssec-policy: bad algorithm %s", alg.base); } - CHECK(DNS_R_BADALG); + CLEANUP(DNS_R_BADALG); } if (check_algorithms && isc_crypto_fips_mode() && (key->algorithm == DST_ALG_RSASHA1 || @@ -249,7 +249,7 @@ cfg_kaspkey_fromconfig(const cfg_obj_t *config, dns_kasp_t *kasp, "in FIPS mode", alg.base); } - CHECK(DNS_R_BADALG); + CLEANUP(DNS_R_BADALG); } if (check_algorithms && @@ -261,7 +261,7 @@ cfg_kaspkey_fromconfig(const cfg_obj_t *config, dns_kasp_t *kasp, "supported", alg.base); } - CHECK(DNS_R_BADALG); + CLEANUP(DNS_R_BADALG); } switch (key->algorithm) { @@ -306,7 +306,7 @@ cfg_kaspkey_fromconfig(const cfg_obj_t *config, dns_kasp_t *kasp, "key length %u", alg.base, size); } - CHECK(ISC_R_RANGE); + CLEANUP(ISC_R_RANGE); } break; case DST_ALG_ECDSA256: @@ -340,7 +340,7 @@ cfg_kaspkey_fromconfig(const cfg_obj_t *config, dns_kasp_t *kasp, "dnssec-policy: tag-min " "too big"); } - CHECK(ISC_R_RANGE); + CLEANUP(ISC_R_RANGE); } obj = cfg_tuple_get(tagrange, "tag-max"); tag_max = cfg_obj_asuint32(obj); @@ -350,7 +350,7 @@ cfg_kaspkey_fromconfig(const cfg_obj_t *config, dns_kasp_t *kasp, "dnssec-policy: tag-max " "too big"); } - CHECK(ISC_R_RANGE); + CLEANUP(ISC_R_RANGE); } if (tag_min >= tag_max) { if (log_errors) { @@ -358,7 +358,7 @@ cfg_kaspkey_fromconfig(const cfg_obj_t *config, dns_kasp_t *kasp, "dnssec-policy: tag-min >= " "tag_max"); } - CHECK(ISC_R_RANGE); + CLEANUP(ISC_R_RANGE); } key->tag_min = tag_min; key->tag_max = tag_max; diff --git a/lib/isccfg/namedconf.c b/lib/isccfg/namedconf.c index bbc4d4f1001..69cff0317fd 100644 --- a/lib/isccfg/namedconf.c +++ b/lib/isccfg/namedconf.c @@ -1802,7 +1802,7 @@ parse_dtout(cfg_parser_t *pctx, const cfg_type_t *type, cfg_obj_t **ret) { } else { cfg_parser_error(pctx, CFG_LOG_NEAR, "unexpected token"); - CHECK(ISC_R_UNEXPECTEDTOKEN); + CLEANUP(ISC_R_UNEXPECTEDTOKEN); } } else { break; @@ -1974,7 +1974,7 @@ cfg_parse_kv_tuple(cfg_parser_t *pctx, const cfg_type_t *type, if (f->name == NULL) { cfg_parser_error(pctx, 0, "unexpected '%s'", TOKEN_STRING(pctx)); - CHECK(ISC_R_UNEXPECTEDTOKEN); + CLEANUP(ISC_R_UNEXPECTEDTOKEN); } if (obj->value.tuple[fn] == NULL && strcasecmp(f->name, TOKEN_STRING(pctx)) == 0) @@ -3162,7 +3162,7 @@ parse_sizeval(cfg_parser_t *pctx, const cfg_type_t *type, cfg_obj_t **ret) { CHECK(cfg_gettoken(pctx, 0)); if (pctx->token.type != isc_tokentype_string) { - CHECK(ISC_R_UNEXPECTEDTOKEN); + CLEANUP(ISC_R_UNEXPECTEDTOKEN); } CHECK(parse_unitstring(TOKEN_STRING(pctx), &val)); @@ -3191,7 +3191,7 @@ parse_sizeval_percent(cfg_parser_t *pctx, const cfg_type_t *type, CHECK(cfg_gettoken(pctx, 0)); if (pctx->token.type != isc_tokentype_string) { - CHECK(ISC_R_UNEXPECTEDTOKEN); + CLEANUP(ISC_R_UNEXPECTEDTOKEN); } percent = strtoull(TOKEN_STRING(pctx), &endp, 10); @@ -3344,7 +3344,7 @@ parse_maybe_optional_keyvalue(cfg_parser_t *pctx, const cfg_type_t *type, } else { cfg_parser_error(pctx, CFG_LOG_NEAR, "expected '%s'", kw->name); - CHECK(ISC_R_UNEXPECTEDTOKEN); + CLEANUP(ISC_R_UNEXPECTEDTOKEN); } } diff --git a/lib/isccfg/parser.c b/lib/isccfg/parser.c index 0d80cc70ee4..ac9a4a24af5 100644 --- a/lib/isccfg/parser.c +++ b/lib/isccfg/parser.c @@ -1330,7 +1330,7 @@ cfg_parse_duration(cfg_parser_t *pctx, const cfg_type_t *type ISC_ATTR_UNUSED, CHECK(cfg_gettoken(pctx, 0)); if (pctx->token.type != isc_tokentype_string) { - CHECK(ISC_R_UNEXPECTEDTOKEN); + CLEANUP(ISC_R_UNEXPECTEDTOKEN); } return parse_duration(pctx, ret); @@ -1351,7 +1351,7 @@ cfg_parse_duration_or_unlimited(cfg_parser_t *pctx, CHECK(cfg_gettoken(pctx, 0)); if (pctx->token.type != isc_tokentype_string) { - CHECK(ISC_R_UNEXPECTEDTOKEN); + CLEANUP(ISC_R_UNEXPECTEDTOKEN); } if (strcmp(TOKEN_STRING(pctx), "unlimited") == 0) { @@ -2391,7 +2391,7 @@ cfg_parse_mapbody(cfg_parser_t *pctx, const cfg_type_t *type, cfg_obj_t **ret) { CHECK(parse_semicolon(pctx)); if (includename->value.string.length == 0) { - CHECK(ISC_R_FILENOTFOUND); + CLEANUP(ISC_R_FILENOTFOUND); } /* @@ -2405,14 +2405,14 @@ cfg_parse_mapbody(cfg_parser_t *pctx, const cfg_type_t *type, cfg_obj_t **ret) { case 0: break; case GLOB_NOMATCH: - CHECK(ISC_R_FILENOTFOUND); + CLEANUP(ISC_R_FILENOTFOUND); break; case GLOB_NOSPACE: - CHECK(ISC_R_NOMEMORY); + CLEANUP(ISC_R_NOMEMORY); break; default: if (errno == 0) { - CHECK(ISC_R_IOERROR); + CLEANUP(ISC_R_IOERROR); } CHECK(isc_errno_toresult(errno)); } @@ -2461,7 +2461,7 @@ cfg_parse_mapbody(cfg_parser_t *pctx, const cfg_type_t *type, cfg_obj_t **ret) { cfg_parser_error(pctx, 0, "option '%s' no longer exists", clause->name); - CHECK(ISC_R_FAILURE); + CLEANUP(ISC_R_FAILURE); } if ((pctx->flags & CFG_PCTX_ALLCONFIGS) == 0 && (clause->flags & CFG_CLAUSEFLAG_NOTCONFIGURED) != 0) @@ -2470,7 +2470,7 @@ cfg_parse_mapbody(cfg_parser_t *pctx, const cfg_type_t *type, cfg_obj_t **ret) { "option '%s' was not " "enabled at compile time", clause->name); - CHECK(ISC_R_FAILURE); + CLEANUP(ISC_R_FAILURE); } if ((pctx->flags & CFG_PCTX_BUILTIN) == 0 && (clause->flags & CFG_CLAUSEFLAG_BUILTINONLY) != 0) @@ -2993,7 +2993,7 @@ parse_token(cfg_parser_t *pctx, const cfg_type_t *type ISC_ATTR_UNUSED, CHECK(cfg_gettoken(pctx, CFG_LEXOPT_QSTRING)); if (pctx->token.type == isc_tokentype_eof) { cfg_ungettoken(pctx); - CHECK(ISC_R_EOF); + CLEANUP(ISC_R_EOF); } isc_lex_getlasttokentext(pctx->lexer, &pctx->token, &r); @@ -3048,7 +3048,7 @@ parse_unsupported(cfg_parser_t *pctx, const cfg_type_t *type, cfg_obj_t **ret) { if (pctx->token.type == isc_tokentype_eof || braces < 0) { cfg_parser_error(pctx, CFG_LOG_NEAR, "unexpected token"); - CHECK(ISC_R_UNEXPECTEDTOKEN); + CLEANUP(ISC_R_UNEXPECTEDTOKEN); } CHECK(cfg_parse_listelt(pctx, listobj, &cfg_type_token, &elt)); @@ -3492,21 +3492,21 @@ parse_sockaddrsub(cfg_parser_t *pctx, const cfg_type_t *type, int flags, if (have_address != 1) { cfg_parser_error(pctx, 0, "expected exactly one address"); - CHECK(ISC_R_UNEXPECTEDTOKEN); + CLEANUP(ISC_R_UNEXPECTEDTOKEN); } if (!is_port_ok && have_port > 0) { cfg_parser_error(pctx, 0, "subconfig 'port' no longer exists"); - CHECK(ISC_R_UNEXPECTEDTOKEN); + CLEANUP(ISC_R_UNEXPECTEDTOKEN); } if (have_port > 1) { cfg_parser_error(pctx, 0, "expected at most one port"); - CHECK(ISC_R_UNEXPECTEDTOKEN); + CLEANUP(ISC_R_UNEXPECTEDTOKEN); } if (have_tls > 1) { cfg_parser_error(pctx, 0, "expected at most one tls"); - CHECK(ISC_R_UNEXPECTEDTOKEN); + CLEANUP(ISC_R_UNEXPECTEDTOKEN); } cfg_obj_create(pctx->mctx, cfg_parser_currentfile(pctx), pctx->line, diff --git a/lib/ns/hooks.c b/lib/ns/hooks.c index 89891574a67..5577a669cc4 100644 --- a/lib/ns/hooks.c +++ b/lib/ns/hooks.c @@ -150,7 +150,7 @@ load_plugin(isc_mem_t *mctx, const char *modpath, ns_plugin_t **pluginp) { ISC_LOG_ERROR, "failed to dlopen() plugin '%s': %s", modpath, errmsg); - CHECK(ISC_R_FAILURE); + CLEANUP(ISC_R_FAILURE); } CHECK(load_symbol(&plugin->handle, modpath, "plugin_version", @@ -164,7 +164,7 @@ load_plugin(isc_mem_t *mctx, const char *modpath, ns_plugin_t **pluginp) { ISC_LOG_ERROR, "plugin API version mismatch: %d/%d", version, NS_PLUGIN_VERSION); - CHECK(ISC_R_FAILURE); + CLEANUP(ISC_R_FAILURE); } CHECK(load_symbol(&plugin->handle, modpath, "plugin_check", diff --git a/lib/ns/update.c b/lib/ns/update.c index 64366b961c1..d01489beaf7 100644 --- a/lib/ns/update.c +++ b/lib/ns/update.c @@ -1638,7 +1638,7 @@ send_update(ns_client_t *client, dns_zone_t *zone) { } result = dns_zone_checknames(zone, name, &rdata); if (result != ISC_R_SUCCESS) { - CHECK(DNS_R_REFUSED); + CLEANUP(DNS_R_REFUSED); } if ((options & DNS_ZONEOPT_CHECKSVCB) != 0 && rdata.type == dns_rdatatype_svcb) @@ -1666,7 +1666,7 @@ send_update(ns_client_t *client, dns_zone_t *zone) { update_log(client, zone, ISC_LOG_WARNING, "update RR has incorrect class %d", update_class); - CHECK(DNS_R_FORMERR); + CLEANUP(DNS_R_FORMERR); } /* @@ -1795,7 +1795,7 @@ send_update(ns_client_t *client, dns_zone_t *zone) { isc_result_totext(result)); ns_stats_increment(client->manager->sctx->nsstats, ns_statscounter_updatequota); - CHECK(DNS_R_DROP); + CLEANUP(DNS_R_DROP); } uev = isc_mem_get(client->manager->mctx, sizeof(*uev)); @@ -2245,7 +2245,7 @@ check_dnssec(ns_client_t *client, dns_zone_t *zone, dns_db_t *db, if (!dns_zone_check_dnskey_nsec3(zone, db, ver, diff, NULL, 0)) { update_log(client, zone, ISC_LOG_ERROR, "NSEC only DNSKEYs and NSEC3 chains not allowed"); - CHECK(DNS_R_REFUSED); + CLEANUP(DNS_R_REFUSED); } /* Verify NSEC3 params */ @@ -2253,7 +2253,7 @@ check_dnssec(ns_client_t *client, dns_zone_t *zone, dns_db_t *db, if (iterations > dns_nsec3_maxiterations()) { update_log(client, zone, ISC_LOG_ERROR, "too many NSEC3 iterations (%u)", iterations); - CHECK(DNS_R_REFUSED); + CLEANUP(DNS_R_REFUSED); } cleanup: @@ -3145,7 +3145,7 @@ update_action(void *arg) { update_log(client, zone, LOGLEVEL_PROTOCOL, "update rejected: post update name server " "sanity check failed"); - CHECK(DNS_R_REFUSED); + CLEANUP(DNS_R_REFUSED); } } if (!ISC_LIST_EMPTY(diff.tuples) && is_signing) { @@ -3154,7 +3154,7 @@ update_action(void *arg) { update_log(client, zone, LOGLEVEL_PROTOCOL, "update rejected: bad %s RRset", result == DNS_R_BADCDS ? "CDS" : "CDNSKEY"); - CHECK(DNS_R_REFUSED); + CLEANUP(DNS_R_REFUSED); } CHECK(result); } @@ -3228,7 +3228,7 @@ update_action(void *arg) { "records in zone (%" PRIu64 ") exceeds max-records (%u)", records, maxrecords); - CHECK(DNS_R_TOOMANYRECORDS); + CLEANUP(DNS_R_TOOMANYRECORDS); } } diff --git a/lib/ns/xfrout.c b/lib/ns/xfrout.c index 7b289cee2af..097971fc505 100644 --- a/lib/ns/xfrout.c +++ b/lib/ns/xfrout.c @@ -1501,7 +1501,7 @@ sendstream(xfrout_ctx_t *xfr) { "(%d bytes)", size); /* XXX DNS_R_RRTOOLARGE? */ - CHECK(ISC_R_NOSPACE); + CLEANUP(ISC_R_NOSPACE); } break; }