Unobfuscate the code-flow logic in got_transfer_quota()

This refactors the code flow in got_transfer_quota() to not use the
CHECK() macro as it really obfuscates the code flow logic here.

lib/dns/zone.c

@@ -17618,7 +17618,8 @@ got_transfer_quota(void *arg) {
 	isc_tlsctx_cache_t *zmgr_tlsctx_cache = NULL;
 
 	if (DNS_ZONE_FLAG(zone, DNS_ZONEFLG_EXITING)) {
-		CHECK(ISC_R_CANCELED);
+		zone_xfrdone(zone, NULL, ISC_R_CANCELED);
+		return;
 	}
 
 	now = isc_time_now();
@@ -17633,7 +17634,8 @@ got_transfer_quota(void *arg) {
 			      "got_transfer_quota: skipping zone transfer as "
 			      "primary %s (source %s) is unreachable (cached)",
 			      primary, source);
-		CHECK(ISC_R_CANCELED);
+		zone_xfrdone(zone, NULL, ISC_R_CANCELED);
+		return;
 	}
 
 	isc_netaddr_fromsockaddr(&primaryip, &primaryaddr);
@@ -17711,11 +17713,11 @@ got_transfer_quota(void *arg) {
 		dns_name_t *keyname = dns_remote_keyname(&zone->primaries);
 		result = dns_view_gettsig(view, keyname, &zone->tsigkey);
 	}
-	if (zone->tsigkey == NULL) {
+	if (result != ISC_R_SUCCESS) {
+		INSIST(zone->tsigkey == NULL);
 		result = dns_view_getpeertsig(zone->view, &primaryip,
 					      &zone->tsigkey);
 	}
-
 	if (result != ISC_R_SUCCESS && result != ISC_R_NOTFOUND) {
 		dns_zone_logc(zone, DNS_LOGCATEGORY_XFER_IN, ISC_LOG_ERROR,
 			      "could not get TSIG key for zone transfer: %s",
@@ -17723,26 +17725,20 @@ got_transfer_quota(void *arg) {
 	}
 
 	/*
-	 * Get the TLS transport for the primary, if configured
+	 * Get the TLS transport for the primary, if configured.
 	 */
-	result = ISC_R_NOTFOUND;
-
 	if (dns_remote_tlsname(&zone->primaries) != NULL) {
 		dns_view_t *view = dns_zone_getview(zone);
 		dns_name_t *tlsname = dns_remote_tlsname(&zone->primaries);
 		result = dns_view_gettransport(view, DNS_TRANSPORT_TLS, tlsname,
 					       &zone->transport);
-
+		if (result != ISC_R_SUCCESS && result != ISC_R_NOTFOUND) {
-		dns_zone_logc(zone, DNS_LOGCATEGORY_XFER_IN, ISC_LOG_INFO,
+			dns_zone_logc(zone, DNS_LOGCATEGORY_XFER_IN,
-			      "got TLS configuration for zone transfer: %s",
+				      ISC_LOG_ERROR,
-			      isc_result_totext(result));
+				      "could not get TLS configuration for "
-	}
+				      "zone transfer: %s",
-
+				      isc_result_totext(result));
-	if (result != ISC_R_SUCCESS && result != ISC_R_NOTFOUND) {
+		}
-		dns_zone_logc(
-			zone, DNS_LOGCATEGORY_XFER_IN, ISC_LOG_ERROR,
-			"could not get TLS configuration for zone transfer: %s",
-			isc_result_totext(result));
 	}
 
 	LOCK_ZONE(zone);
@@ -17756,13 +17752,23 @@ got_transfer_quota(void *arg) {
 
 	zmgr_tlsctx_attach(zone->zmgr, &zmgr_tlsctx_cache);
 
-	CHECK(dns_xfrin_create(zone, xfrtype, &primaryaddr, &sourceaddr,
+	result = dns_xfrin_create(zone, xfrtype, &primaryaddr, &sourceaddr,
-			       zone->tsigkey, zone->transport,
+				  zone->tsigkey, zone->transport,
-			       zmgr_tlsctx_cache, zone->mctx, zone_xfrdone,
+				  zmgr_tlsctx_cache, zone->mctx, zone_xfrdone,
-			       &zone->xfr));
+				  &zone->xfr);
 
 	isc_tlsctx_cache_detach(&zmgr_tlsctx_cache);
 
+	/*
+	 * Any failure in this function is handled like a failed
+	 * zone transfer.  This ensures that we get removed from
+	 * zmgr->xfrin_in_progress.
+	 */
+	if (result != ISC_R_SUCCESS) {
+		zone_xfrdone(zone, NULL, result);
+		return;
+	}
+
 	LOCK_ZONE(zone);
 	if (xfrtype == dns_rdatatype_axfr) {
 		if (isc_sockaddr_pf(&primaryaddr) == PF_INET) {
@@ -17778,20 +17784,6 @@ got_transfer_quota(void *arg) {
 		}
 	}
 	UNLOCK_ZONE(zone);
-
-failure:
-	/*
-	 * Any failure in this function is handled like a failed
-	 * zone transfer.  This ensures that we get removed from
-	 * zmgr->xfrin_in_progress.
-	 */
-	if (result != ISC_R_SUCCESS) {
-		zone_xfrdone(zone, NULL, result);
-	}
-
-	if (zmgr_tlsctx_cache != NULL) {
-		isc_tlsctx_cache_detach(&zmgr_tlsctx_cache);
-	}
 }
 
 /*