Use clang-format-20 to update formatting

(cherry picked from commit 422b9118e878d3106c84b2eac44371f7143f320b)
2025-08-28 04:58:04 +00:00 · 2025-06-18 12:39:17 +10:00 · 2025-06-18 12:39:17 +10:00 · a6dba44b65
commit a6dba44b65
parent 6fa4f95254
39 changed files with 127 additions and 132 deletions
--- a/bin/delv/delv.c
+++ b/bin/delv/delv.c
@ -358,7 +358,7 @@ print_status(dns_rdataset_t *rdataset) {
 	if ((rdataset->attributes & DNS_RDATASETATTR_NEGATIVE) != 0) {
 		strlcat(buf, "negative response", sizeof(buf));
-		strlcat(buf, (yaml ? "_" : ", "), sizeof(buf));
+		strlcat(buf, yaml ? "_" : ", ", sizeof(buf));
 	}
 	switch (rdataset->trust) {
--- a/bin/dig/dig.c
+++ b/bin/dig/dig.c
@ -2418,7 +2418,7 @@ dash_option(char *option, char *next, dig_lookup_t **lookup,
 				printgreeting(argc, argv, *lookup);
 				*firstarg = false;
 			}
-			ISC_LIST_APPEND(lookup_list, (*lookup), link);
+			ISC_LIST_APPEND(lookup_list, *lookup, link);
 			debug("looking up %s", (*lookup)->textname);
 		}
 		return value_from_next;
--- a/bin/dnssec/dnssec-keygen.c
+++ b/bin/dnssec/dnssec-keygen.c
@ -453,10 +453,10 @@ keygen(keygen_ctx_t *ctx, isc_mem_t *mctx, int argc, char **argv) {
 			fatal("-S and -G cannot be used together");
 		}
-		ret = dst_key_fromnamedfile(
+		ret = dst_key_fromnamedfile(ctx->predecessor, ctx->directory,
-			ctx->predecessor, ctx->directory,
+					    DST_TYPE_PUBLIC | DST_TYPE_PRIVATE |
-			(DST_TYPE_PUBLIC | DST_TYPE_PRIVATE | DST_TYPE_STATE),
+						    DST_TYPE_STATE,
-			mctx, &prevkey);
+					    mctx, &prevkey);
 		if (ret != ISC_R_SUCCESS) {
 			fatal("Invalid keyfile %s: %s", ctx->predecessor,
 			      isc_result_totext(ret));
--- a/bin/named/dlz_dlopen_driver.c
+++ b/bin/named/dlz_dlopen_driver.c
@ -270,13 +270,13 @@ dlopen_dlz_create(const char *dlzname, unsigned int argc, char *argv[],
 	cd->dlz_allowzonexfr = (dlz_dlopen_allowzonexfr_t *)dl_load_symbol(
 		cd, "dlz_allowzonexfr", false);
 	cd->dlz_allnodes = (dlz_dlopen_allnodes_t *)dl_load_symbol(
-		cd, "dlz_allnodes", (cd->dlz_allowzonexfr != NULL));
+		cd, "dlz_allnodes", cd->dlz_allowzonexfr != NULL);
 	cd->dlz_authority = (dlz_dlopen_authority_t *)dl_load_symbol(
 		cd, "dlz_authority", false);
 	cd->dlz_newversion = (dlz_dlopen_newversion_t *)dl_load_symbol(
 		cd, "dlz_newversion", false);
 	cd->dlz_closeversion = (dlz_dlopen_closeversion_t *)dl_load_symbol(
-		cd, "dlz_closeversion", (cd->dlz_newversion != NULL));
+		cd, "dlz_closeversion", cd->dlz_newversion != NULL);
 	cd->dlz_configure = (dlz_dlopen_configure_t *)dl_load_symbol(
 		cd, "dlz_configure", false);
 	cd->dlz_ssumatch = (dlz_dlopen_ssumatch_t *)dl_load_symbol(
--- a/bin/named/server.c
+++ b/bin/named/server.c
@ -4953,12 +4953,10 @@ configure_view(dns_view_t *view, dns_viewlist_t *viewlist, cfg_obj_t *config,
 	/*
 	 * Resolver.
 	 */
-	CHECK(get_view_querysource_dispatch(
+	CHECK(get_view_querysource_dispatch(maps, AF_INET, &dispatch4,
-		maps, AF_INET, &dispatch4,
+					    ISC_LIST_PREV(view, link) == NULL));
-		(ISC_LIST_PREV(view, link) == NULL)));
+	CHECK(get_view_querysource_dispatch(maps, AF_INET6, &dispatch6,
-	CHECK(get_view_querysource_dispatch(
+					    ISC_LIST_PREV(view, link) == NULL));
 		maps, AF_INET6, &dispatch6,
 		(ISC_LIST_PREV(view, link) == NULL)));
 	if (dispatch4 == NULL && dispatch6 == NULL) {
 		UNEXPECTED_ERROR("unable to obtain either an IPv4 or"
 				 " an IPv6 dispatch");
@ -10937,7 +10935,7 @@ zone_from_args(named_server_t *server, isc_lex_t *lex, const char *zonetxt,
 			}
 		} else {
 			result = dns_viewlist_findzone(&server->viewlist, name,
-						       (classtxt == NULL),
+						       classtxt == NULL,
 						       rdclass, zonep);
 			if (result == ISC_R_NOTFOUND) {
 				snprintf(problem, sizeof(problem),
@ -12641,9 +12639,8 @@ named_server_status(named_server_t *server, isc_buffer_t **text) {
 	reload_status = atomic_load(&server->reload_status);
 	if (reload_status != NAMED_RELOAD_DONE) {
 		snprintf(line, sizeof(line), "reload/reconfig %s\n",
-			 (reload_status == NAMED_RELOAD_FAILED
+			 reload_status == NAMED_RELOAD_FAILED ? "failed"
-				  ? "failed"
+							      : "in progress");
 				  : "in progress"));
 		CHECK(putstr(text, line));
 	}
--- a/lib/dns/adb.c
+++ b/lib/dns/adb.c
@ -3743,12 +3743,11 @@ dbfind_name(dns_adbname_t *adbname, isc_stdtime_t now, dns_rdatatype_t rdtype) {
 	 * any matching static-stub zone without looking into the cache to honor
 	 * the configuration on which server we should send queries to.
 	 */
-	result =
+	result = dns_view_find(adb->view, &adbname->name, rdtype, now,
-		dns_view_find(adb->view, &adbname->name, rdtype, now,
+			       NAME_GLUEOK(adbname) ? DNS_DBFIND_GLUEOK : 0,
-			      NAME_GLUEOK(adbname) ? DNS_DBFIND_GLUEOK : 0,
+			       NAME_HINTOK(adbname),
-			      NAME_HINTOK(adbname),
+			       (adbname->flags & DNS_ADBFIND_STARTATZONE) != 0,
-			      ((adbname->flags & DNS_ADBFIND_STARTATZONE) != 0),
+			       NULL, NULL, fname, &rdataset, NULL);
 			      NULL, NULL, fname, &rdataset, NULL);
 	/* XXXVIX this switch statement is too sparse to gen a jump table. */
 	switch (result) {
--- a/lib/dns/byaddr.c
+++ b/lib/dns/byaddr.c
@ -63,10 +63,10 @@ dns_byaddr_createptrname(const isc_netaddr_t *address, unsigned int options,
 	if (address->family == AF_INET) {
 		(void)snprintf(textname, sizeof(textname),
 			       "%u.%u.%u.%u.in-addr.arpa.",
-			       ((unsigned int)bytes[3] & 0xffU),
+			       (unsigned int)bytes[3] & 0xffU,
-			       ((unsigned int)bytes[2] & 0xffU),
+			       (unsigned int)bytes[2] & 0xffU,
-			       ((unsigned int)bytes[1] & 0xffU),
+			       (unsigned int)bytes[1] & 0xffU,
-			       ((unsigned int)bytes[0] & 0xffU));
+			       (unsigned int)bytes[0] & 0xffU);
 	} else if (address->family == AF_INET6) {
 		size_t remaining;
--- a/lib/dns/dispatch.c
+++ b/lib/dns/dispatch.c
@ -582,7 +582,7 @@ udp_recv(isc_nmhandle_t *handle, isc_result_t eresult, isc_region_t *region,
 	dispentry_log(resp, LVL(92),
 		      "got valid DNS message header, /QR %c, id %u",
-		      (((flags & DNS_MESSAGEFLAG_QR) != 0) ? '1' : '0'), id);
+		      ((flags & DNS_MESSAGEFLAG_QR) != 0) ? '1' : '0', id);
 	/*
 	 * Look at the message flags.  If it's a query, ignore it.
@ -681,7 +681,7 @@ tcp_recv_success(dns_dispatch_t *disp, isc_region_t *region, dns_qid_t *qid,
 	dispatch_log(disp, LVL(92),
 		     "got valid DNS message header, /QR %c, id %u",
-		     (((flags & DNS_MESSAGEFLAG_QR) != 0) ? '1' : '0'), id);
+		     ((flags & DNS_MESSAGEFLAG_QR) != 0) ? '1' : '0', id);
 	/*
 	 * Look at the message flags.  If it's a query, ignore it and keep
--- a/lib/dns/dnssec.c
+++ b/lib/dns/dnssec.c
@ -815,8 +815,8 @@ dns_dnssec_findzonekeys(dns_db_t *db, dns_dbversion_t *ver, dns_dbnode_t *node,
 			result2 = dst_key_getfilename(
 				dst_key_name(pubkey), dst_key_id(pubkey),
 				dst_key_alg(pubkey),
-				(DST_TYPE_PUBLIC | DST_TYPE_PRIVATE |
+				DST_TYPE_PUBLIC | DST_TYPE_PRIVATE |
-				 DST_TYPE_STATE),
+					DST_TYPE_STATE,
 				directory, mctx, &buf);
 			if (result2 != ISC_R_SUCCESS) {
 				char namebuf[DNS_NAME_FORMATSIZE];
@ -1678,7 +1678,7 @@ dns_dnssec_keylistfromrdataset(const dns_name_t *origin, const char *directory,
 		/* Try to read the public key. */
 		result = dst_key_fromfile(
 			dst_key_name(dnskey), dst_key_id(dnskey),
-			dst_key_alg(dnskey), (DST_TYPE_PUBLIC | DST_TYPE_STATE),
+			dst_key_alg(dnskey), DST_TYPE_PUBLIC | DST_TYPE_STATE,
 			directory, mctx, &pubkey);
 		if (result == ISC_R_FILENOTFOUND || result == ISC_R_NOPERM) {
 			result = ISC_R_SUCCESS;
@ -1689,7 +1689,7 @@ dns_dnssec_keylistfromrdataset(const dns_name_t *origin, const char *directory,
 		result = dst_key_fromfile(
 			dst_key_name(dnskey), dst_key_id(dnskey),
 			dst_key_alg(dnskey),
-			(DST_TYPE_PUBLIC | DST_TYPE_PRIVATE | DST_TYPE_STATE),
+			DST_TYPE_PUBLIC | DST_TYPE_PRIVATE | DST_TYPE_STATE,
 			directory, mctx, &privkey);
 		/*
@ -1706,8 +1706,8 @@ dns_dnssec_keylistfromrdataset(const dns_name_t *origin, const char *directory,
 				result = dst_key_fromfile(
 					dst_key_name(dnskey),
 					dst_key_id(dnskey), dst_key_alg(dnskey),
-					(DST_TYPE_PUBLIC | DST_TYPE_PRIVATE |
+					DST_TYPE_PUBLIC | DST_TYPE_PRIVATE |
-					 DST_TYPE_STATE),
+						DST_TYPE_STATE,
 					directory, mctx, &privkey);
 				if (result == ISC_R_SUCCESS &&
 				    dst_key_pubcompare(dnskey, privkey, false))
@ -1729,8 +1729,8 @@ dns_dnssec_keylistfromrdataset(const dns_name_t *origin, const char *directory,
 			result2 = dst_key_getfilename(
 				dst_key_name(dnskey), dst_key_id(dnskey),
 				dst_key_alg(dnskey),
-				(DST_TYPE_PUBLIC | DST_TYPE_PRIVATE |
+				DST_TYPE_PUBLIC | DST_TYPE_PRIVATE |
-				 DST_TYPE_STATE),
+					DST_TYPE_STATE,
 				directory, mctx, &buf);
 			if (result2 != ISC_R_SUCCESS) {
 				char namebuf[DNS_NAME_FORMATSIZE];
--- a/lib/dns/include/dns/librpz.h
+++ b/lib/dns/include/dns/librpz.h
@ -366,7 +366,7 @@ typedef struct librpz_client librpz_client_t;
 * @param mutex: pointer to the lock for the client handle
 * @param log_ctx: NULL or resolver's context log messages
 */
-typedef librpz_clist_t *(librpz_clist_create_t)(librpz_emsg_t  *emsg,
+typedef librpz_clist_t *(librpz_clist_create_t)(librpz_emsg_t * emsg,
 						librpz_mutex_t *lock,
 						librpz_mutex_t *unlock,
 						librpz_mutex_t *mutex_destroy,
@ -387,7 +387,7 @@ LIBDEF_F(clist_detach)
 * @param use_expired: true to not ignore expired zones
 * @return client handle or NULL if the handle could not be created
 */
-typedef librpz_client_t *(librpz_client_create_t)(librpz_emsg_t	 *emsg,
+typedef librpz_client_t *(librpz_client_create_t)(librpz_emsg_t * emsg,
 						  librpz_clist_t *clist,
 						  const char	 *cstr,
 						  bool		  use_expired);
@ -648,8 +648,8 @@ LIBDEF_F(zone_refresh)
 * @param client context
 * @return malloc'ed string or NULL after error
 */
-typedef char *(librpz_db_info_t)(librpz_emsg_t *emsg, bool license, bool cfiles,
+typedef char *(librpz_db_info_t)(librpz_emsg_t * emsg, bool license,
-				 bool listens, librpz_rsp_t *rsp);
+				 bool cfiles, bool listens, librpz_rsp_t *rsp);
 LIBDEF_F(db_info)
 /**
@ -669,7 +669,7 @@ LIBDEF_F(itr_start)
 * @param rsp state from librpz_itr_start()
 * @return malloc'ed string or NULL after error
 */
-typedef char *(librpz_mf_stats_t)(librpz_emsg_t *emsg, librpz_rsp_t *rsp);
+typedef char *(librpz_mf_stats_t)(librpz_emsg_t * emsg, librpz_rsp_t *rsp);
 LIBDEF_F(mf_stats)
 /**
@ -678,7 +678,7 @@ LIBDEF_F(mf_stats)
 * @param[in,out] rsp: state from librpz_itr_start()
 * @return malloc'ed string or NULL after error
 */
-typedef char *(librpz_vers_stats_t)(librpz_emsg_t *emsg, librpz_rsp_t *rsp);
+typedef char *(librpz_vers_stats_t)(librpz_emsg_t * emsg, librpz_rsp_t *rsp);
 LIBDEF_F(vers_stats)
 /**
@ -688,7 +688,7 @@ LIBDEF_F(vers_stats)
 * @param[in,out] rsp state from librpz_rsp_start()
 * @return malloc'ed string or NULL after error
 */
-typedef char *(librpz_itr_zone_t)(librpz_emsg_t *emsg, bool all_zones,
+typedef char *(librpz_itr_zone_t)(librpz_emsg_t * emsg, bool all_zones,
 				  librpz_rsp_t *rsp);
 LIBDEF_F(itr_zone)
@ -755,11 +755,12 @@ typedef int(librpz_domain_pton2_t)(const char *src, u_char *dst, size_t dstsiz,
 LIBDEF_F(domain_pton2)
 typedef union socku socku_t;
-typedef socku_t *(librpz_mk_inet_su_t)(socku_t *su, const struct in_addr *addrp,
+typedef socku_t *(librpz_mk_inet_su_t)(socku_t * su,
-				       in_port_t port);
+				       const struct in_addr *addrp,
 				       in_port_t	     port);
 LIBDEF_F(mk_inet_su)
-typedef socku_t *(librpz_mk_inet6_su_t)(socku_t		      *su,
+typedef socku_t *(librpz_mk_inet6_su_t)(socku_t * su,
 					const struct in6_addr *addrp,
 					uint32_t scope_id, in_port_t port);
 LIBDEF_F(mk_inet6_su)
--- a/lib/dns/keymgr.c
+++ b/lib/dns/keymgr.c
@ -439,7 +439,7 @@ keymgr_key_update_lifetime(dns_dnsseckey_t *key, dns_kasp_t *kasp,
 			uint32_t a = now;
 			(void)dst_key_gettime(key->key, DST_TIME_ACTIVATE, &a);
 			dst_key_settime(key->key, DST_TIME_INACTIVE,
-					(a + lifetime));
+					a + lifetime);
 			keymgr_settime_remove(key, kasp);
 		} else {
 			dst_key_unsettime(key->key, DST_TIME_INACTIVE);
@ -1626,12 +1626,12 @@ keymgr_key_init(dns_dnsseckey_t *key, dns_kasp_t *kasp, isc_stdtime_t now,
 	ret = dst_key_getbool(key->key, DST_BOOL_KSK, &ksk);
 	if (ret != ISC_R_SUCCESS) {
 		ksk = ((dst_key_flags(key->key) & DNS_KEYFLAG_KSK) != 0);
-		dst_key_setbool(key->key, DST_BOOL_KSK, (ksk || csk));
+		dst_key_setbool(key->key, DST_BOOL_KSK, ksk || csk);
 	}
 	ret = dst_key_getbool(key->key, DST_BOOL_ZSK, &zsk);
 	if (ret != ISC_R_SUCCESS) {
 		zsk = ((dst_key_flags(key->key) & DNS_KEYFLAG_KSK) == 0);
-		dst_key_setbool(key->key, DST_BOOL_ZSK, (zsk || csk));
+		dst_key_setbool(key->key, DST_BOOL_ZSK, zsk || csk);
 	}
 	/* Get time metadata. */
@ -1758,7 +1758,7 @@ keymgr_key_rollover(dns_kasp_key_t *kaspkey, dns_dnsseckey_t *active_key,
 					"DNSKEY %s (%s) (policy %s) in %u "
 					"seconds",
 					keystr, keymgr_keyrole(active_key->key),
-					dns_kasp_getname(kasp), (prepub - now));
+					dns_kasp_getname(kasp), prepub - now);
 			}
 		}
 		if (prepub == 0 || prepub > now) {
@ -1911,7 +1911,7 @@ keymgr_key_rollover(dns_kasp_key_t *kaspkey, dns_dnsseckey_t *active_key,
 	/* Do we need to set retire time? */
 	if (lifetime > 0) {
 		dst_key_settime(new_key->key, DST_TIME_INACTIVE,
-				(active + lifetime));
+				active + lifetime);
 		keymgr_settime_remove(new_key, kasp);
 	}
@ -2101,7 +2101,7 @@ dns_keymgr_run(const dns_name_t *origin, dns_rdataclass_t rdclass,
 	{
 		bool found_match = false;
-		keymgr_key_init(dkey, kasp, now, (numkeys == 1));
+		keymgr_key_init(dkey, kasp, now, numkeys == 1);
 		for (kkey = ISC_LIST_HEAD(dns_kasp_keys(kasp)); kkey != NULL;
 		     kkey = ISC_LIST_NEXT(kkey, link))
@ -2493,8 +2493,7 @@ rollover_status(dns_dnsseckey_t *dkey, dns_kasp_t *kasp, isc_stdtime_t now,
 							  "scheduled on ");
 					retire_time = keymgr_prepublication_time(
 						dkey, kasp,
-						(retire_time - active_time),
+						retire_time - active_time, now);
 						now);
 				} else {
 					isc_buffer_printf(
 						buf, "  Key will retire on ");
--- a/lib/dns/message.c
+++ b/lib/dns/message.c
@ -64,7 +64,7 @@ hexdump(const char *msg, const char *msg2, void *base, size_t len) {
 		} else if (cnt % 8 == 0) {
 			printf(" |");
 		}
-		printf(" %02x %c", *p, (isprint(*p) ? *p : ' '));
+		printf(" %02x %c", *p, isprint(*p) ? *p : ' ');
 		p++;
 		cnt++;
--- a/lib/dns/nsec3.c
+++ b/lib/dns/nsec3.c
@ -2172,9 +2172,9 @@ dns_nsec3_noexistnodata(dns_rdatatype_t type, const dns_name_t *name,
 				*optout = ((nsec3.flags &
 					    DNS_NSEC3FLAG_OPTOUT) != 0);
 				(*logit)(arg, ISC_LOG_DEBUG(3),
-					 (*optout ? "NSEC3 indicates optout"
+					 *optout ? "NSEC3 indicates optout"
-						  : "NSEC3 indicates secure "
+						 : "NSEC3 indicates secure "
-						    "range"));
+						   "range");
 			}
 			answer = ISC_R_SUCCESS;
 		}
--- a/lib/dns/rbtdb.c
+++ b/lib/dns/rbtdb.c
@ -1460,7 +1460,7 @@ init_rdataset(dns_rbtdb_t *rbtdb, rdatasetheader_t *h) {
 	atomic_init(&h->attributes, 0);
 	atomic_init(&h->last_refresh_fail_ts, 0);
-	STATIC_ASSERT((sizeof(h->attributes) == 2),
+	STATIC_ASSERT(sizeof(h->attributes) == 2,
 		      "The .attributes field of rdatasetheader_t needs to be "
 		      "16-bit int type exactly.");
@ -1478,7 +1478,7 @@ update_newheader(rdatasetheader_t *newh, rdatasetheader_t *old) {
 	if (CASESET(old)) {
 		uint_least16_t attr = RDATASET_ATTR_GET(
 			old,
-			(RDATASET_ATTR_CASESET | RDATASET_ATTR_CASEFULLYLOWER));
+			RDATASET_ATTR_CASESET | RDATASET_ATTR_CASEFULLYLOWER);
 		RDATASET_ATTR_SET(newh, attr);
 		memmove(newh->upper, old->upper, sizeof(old->upper));
 	}
@ -10444,9 +10444,9 @@ rdataset_equals(const dns_rdataset_t *rdataset1,
 */
 static bool
 need_headerupdate(rdatasetheader_t *header, isc_stdtime_t now) {
-	if (RDATASET_ATTR_GET(header, (RDATASET_ATTR_NONEXISTENT |
+	if (RDATASET_ATTR_GET(header, RDATASET_ATTR_NONEXISTENT |
-				       RDATASET_ATTR_ANCIENT |
+					      RDATASET_ATTR_ANCIENT |
-				       RDATASET_ATTR_ZEROTTL)) != 0)
+					      RDATASET_ATTR_ZEROTTL) != 0)
 	{
 		return false;
 	}
--- a/lib/dns/rdata.c
+++ b/lib/dns/rdata.c
@ -369,9 +369,9 @@ locator_pton(const char *src, unsigned char *dst) {
 	while ((ch = *src++) != '\0') {
 		const char *pch;
-		pch = strchr((xdigits = xdigits_l), ch);
+		pch = strchr(xdigits = xdigits_l, ch);
 		if (pch == NULL) {
-			pch = strchr((xdigits = xdigits_u), ch);
+			pch = strchr(xdigits = xdigits_u, ch);
 		}
 		if (pch != NULL) {
 			val <<= 4;
--- a/lib/dns/rdata/generic/opt_41.c
+++ b/lib/dns/rdata/generic/opt_41.c
@ -44,7 +44,7 @@ fromtext_opt(ARGS_FROMTEXT) {
 static isc_result_t
 totext_opt(ARGS_TOTEXT) {
 	isc_region_t r;
-	isc_region_t or ;
+	isc_region_t or;
 	uint16_t option;
 	uint16_t length;
 	char buf[sizeof("64000 64000")];
--- a/lib/dns/rdataset.c
+++ b/lib/dns/rdataset.c
@ -726,7 +726,7 @@ dns_rdataset_trimttl(dns_rdataset_t *rdataset, dns_rdataset_t *sigrdataset,
 	 * If we accept expired RRsets keep them for no more than 120 seconds.
 	 */
 	if (acceptexpired &&
-	    (isc_serial_le(rrsig->timeexpire, ((now + 120) & 0xffffffff)) ||
+	    (isc_serial_le(rrsig->timeexpire, (now + 120) & 0xffffffff) ||
 	     isc_serial_le(rrsig->timeexpire, now)))
 	{
 		ttl = 120;
--- a/lib/dns/resolver.c
+++ b/lib/dns/resolver.c
@ -2194,7 +2194,7 @@ resquery_timeout(resquery_t *query) {
 	 */
 	timeleft = isc_time_microdiff(&fctx->next_timeout, &now);
 	if (timeleft >= US_PER_MS) {
-		dns_dispatch_resume(query->dispentry, (timeleft / US_PER_MS));
+		dns_dispatch_resume(query->dispentry, timeleft / US_PER_MS);
 		return ISC_R_COMPLETE;
 	}
@ -8197,7 +8197,7 @@ resquery_response(isc_result_t eresult, isc_region_t *region, void *arg) {
 	/*
 	 * Clear cache bits.
 	 */
-	FCTX_ATTR_CLR(fctx, (FCTX_ATTR_WANTNCACHE | FCTX_ATTR_WANTCACHE));
+	FCTX_ATTR_CLR(fctx, FCTX_ATTR_WANTNCACHE | FCTX_ATTR_WANTCACHE);
 	/*
 	 * Did we get any answers?
@ -10203,7 +10203,7 @@ rctx_logpacket(respctx_t *rctx) {
 	dns_dt_send(fctx->res->view, dtmsgtype, la,
 		    &rctx->query->addrinfo->sockaddr,
-		    ((rctx->query->options & DNS_FETCHOPT_TCP) != 0), &zr,
+		    (rctx->query->options & DNS_FETCHOPT_TCP) != 0, &zr,
 		    &rctx->query->start, NULL, &rctx->buffer);
 #endif /* HAVE_DNSTAP */
 }
--- a/lib/dns/stats.c
+++ b/lib/dns/stats.c
@ -212,7 +212,7 @@ dns_rdatatypestats_create(isc_mem_t *mctx, dns_stats_t **statsp) {
 	 * plus one additional for other RRtypes.
 	 */
 	return create_stats(mctx, dns_statstype_rdtype,
-			    (RDTYPECOUNTER_MAXTYPE + 1), statsp);
+			    RDTYPECOUNTER_MAXTYPE + 1, statsp);
 }
 isc_result_t
@ -220,7 +220,7 @@ dns_rdatasetstats_create(isc_mem_t *mctx, dns_stats_t **statsp) {
 	REQUIRE(statsp != NULL && *statsp == NULL);
 	return create_stats(mctx, dns_statstype_rdataset,
-			    (RDTYPECOUNTER_MAXVAL + 1), statsp);
+			    RDTYPECOUNTER_MAXVAL + 1, statsp);
 }
 isc_result_t
@ -382,7 +382,7 @@ dns_dnssecsignstats_increment(dns_stats_t *stats, dns_keytag_t id, uint8_t alg,
 		uint32_t counter = isc_stats_get_counter(stats->counters, idx);
 		if (counter == kval) {
 			/* Match */
-			isc_stats_increment(stats->counters, (idx + operation));
+			isc_stats_increment(stats->counters, idx + operation);
 			return;
 		}
 	}
@ -393,23 +393,23 @@ dns_dnssecsignstats_increment(dns_stats_t *stats, dns_keytag_t id, uint8_t alg,
 		uint32_t counter = isc_stats_get_counter(stats->counters, idx);
 		if (counter == 0) {
 			isc_stats_set(stats->counters, kval, idx);
-			isc_stats_increment(stats->counters, (idx + operation));
+			isc_stats_increment(stats->counters, idx + operation);
 			return;
 		}
 	}
 	/* No room, grow stats storage. */
 	isc_stats_resize(&stats->counters,
-			 (num_keys * dnssecsign_block_size * 2));
+			 num_keys * dnssecsign_block_size * 2);
 	/* Reset counters for new key (new index, nidx). */
 	int nidx = num_keys * dnssecsign_block_size;
 	isc_stats_set(stats->counters, kval, nidx);
-	isc_stats_set(stats->counters, 0, (nidx + dns_dnssecsignstats_sign));
+	isc_stats_set(stats->counters, 0, nidx + dns_dnssecsignstats_sign);
-	isc_stats_set(stats->counters, 0, (nidx + dns_dnssecsignstats_refresh));
+	isc_stats_set(stats->counters, 0, nidx + dns_dnssecsignstats_refresh);
 	/* And increment the counter for the given operation. */
-	isc_stats_increment(stats->counters, (nidx + operation));
+	isc_stats_increment(stats->counters, nidx + operation);
 }
 void
@ -432,9 +432,9 @@ dns_dnssecsignstats_clear(dns_stats_t *stats, dns_keytag_t id, uint8_t alg) {
 			/* Match */
 			isc_stats_set(stats->counters, 0, idx);
 			isc_stats_set(stats->counters, 0,
-				      (idx + dns_dnssecsignstats_sign));
+				      idx + dns_dnssecsignstats_sign);
 			isc_stats_set(stats->counters, 0,
-				      (idx + dns_dnssecsignstats_refresh));
+				      idx + dns_dnssecsignstats_refresh);
 			return;
 		}
 	}
@ -562,7 +562,7 @@ dnssec_statsdump(isc_stats_t *stats, dnssecsignstats_type_t operation,
 			continue;
 		}
-		val = isc_stats_get_counter(stats, (idx + operation));
+		val = isc_stats_get_counter(stats, idx + operation);
 		if ((options & ISC_STATSDUMP_VERBOSE) == 0 && val == 0) {
 			continue;
 		}
--- a/lib/dns/tkey.c
+++ b/lib/dns/tkey.c
@ -1583,10 +1583,9 @@ dns_tkey_gssnegotiate(dns_message_t *qmsg, dns_message_t *rmsg,
 	 */
 	RETERR(dns_tsigkey_createfromkey(
-		tkeyname,
+		tkeyname, win2k ? DNS_TSIG_GSSAPIMS_NAME : DNS_TSIG_GSSAPI_NAME,
-		(win2k ? DNS_TSIG_GSSAPIMS_NAME : DNS_TSIG_GSSAPI_NAME), dstkey,
+		dstkey, true, NULL, rtkey.inception, rtkey.expire, ring->mctx,
-		true, NULL, rtkey.inception, rtkey.expire, ring->mctx, ring,
+		ring, outkey));
 		outkey));
 	dst_key_free(&dstkey);
 	dns_rdata_freestruct(&rtkey);
 	return result;
--- a/lib/dns/ttl.c
+++ b/lib/dns/ttl.c
@ -89,23 +89,23 @@ dns_ttl_totext(uint32_t src, bool verbose, bool upcase, isc_buffer_t *target) {
 	x = 0;
 	if (weeks != 0) {
-		RETERR(ttlfmt(weeks, "week", verbose, (x > 0), target));
+		RETERR(ttlfmt(weeks, "week", verbose, x > 0, target));
 		x++;
 	}
 	if (days != 0) {
-		RETERR(ttlfmt(days, "day", verbose, (x > 0), target));
+		RETERR(ttlfmt(days, "day", verbose, x > 0, target));
 		x++;
 	}
 	if (hours != 0) {
-		RETERR(ttlfmt(hours, "hour", verbose, (x > 0), target));
+		RETERR(ttlfmt(hours, "hour", verbose, x > 0, target));
 		x++;
 	}
 	if (mins != 0) {
-		RETERR(ttlfmt(mins, "minute", verbose, (x > 0), target));
+		RETERR(ttlfmt(mins, "minute", verbose, x > 0, target));
 		x++;
 	}
 	if (secs != 0 || (weeks == 0 && days == 0 && hours == 0 && mins == 0)) {
-		RETERR(ttlfmt(secs, "second", verbose, (x > 0), target));
+		RETERR(ttlfmt(secs, "second", verbose, x > 0, target));
 		x++;
 	}
 	INSIST(x > 0);
--- a/lib/dns/validator.c
+++ b/lib/dns/validator.c
@ -559,7 +559,7 @@ fetch_callback_ds(isc_task_t *task, isc_event_t *event) {
 			 * so keep looking for the break in the chain
 			 * of trust.
 			 */
-			result = proveunsecure(val, (eresult == ISC_R_SUCCESS),
+			result = proveunsecure(val, eresult == ISC_R_SUCCESS,
 					       true);
 			if (result != DNS_R_WAIT) {
 				validator_done(val, result);
--- a/lib/dns/view.c
+++ b/lib/dns/view.c
@ -159,9 +159,9 @@ dns_view_create(isc_mem_t *mctx, dns_rdataclass_t rdclass, const char *name,
 	view->task = NULL;
 	isc_refcount_init(&view->references, 1);
 	isc_refcount_init(&view->weakrefs, 1);
-	atomic_init(&view->attributes,
+	atomic_init(&view->attributes, DNS_VIEWATTR_RESSHUTDOWN |
-		    (DNS_VIEWATTR_RESSHUTDOWN | DNS_VIEWATTR_ADBSHUTDOWN |
+					       DNS_VIEWATTR_ADBSHUTDOWN |
-		     DNS_VIEWATTR_REQSHUTDOWN));
+					       DNS_VIEWATTR_REQSHUTDOWN);
 	view->transports = NULL;
 	view->statickeys = NULL;
 	view->dynamickeys = NULL;
--- a/lib/dns/zone.c
+++ b/lib/dns/zone.c
@ -4383,7 +4383,7 @@ load_secroots(dns_zone_t *zone, dns_name_t *name, dns_rdataset_t *rdataset) {
 		/* Add to keytables. */
 		trusted++;
-		trust_key(zone, name, &dnskey, (keydata.addhd == 0));
+		trust_key(zone, name, &dnskey, keydata.addhd == 0);
 	}
 	if (trusted == 0 && pending != 0) {
@ -4562,7 +4562,7 @@ add_soa(dns_zone_t *zone, dns_db_t *db) {
 failure:
 	dns_diff_clear(&diff);
 	if (ver != NULL) {
-		dns_db_closeversion(db, &ver, (result == ISC_R_SUCCESS));
+		dns_db_closeversion(db, &ver, result == ISC_R_SUCCESS);
 	}
 	INSIST(ver == NULL);
@ -9840,7 +9840,7 @@ zone_sign(dns_zone_t *zone) {
 				db, zone, name, node, version, build_nsec3,
 				build_nsec, zone_keys[i], now, inception,
 				expire, zone_nsecttl(zone), is_ksk, is_zsk,
-				(both && keyset_kskonly), is_bottom_of_zone,
+				both && keyset_kskonly, is_bottom_of_zone,
 				zonediff.diff, &signatures, zone->mctx));
 			/*
 			 * If we are adding we are done.  Look for other keys
@ -16116,8 +16116,8 @@ dns_zone_logv(dns_zone_t *zone, isc_logcategory_t *category, int level,
 	}
 	isc_log_write(dns_lctx, category, DNS_LOGMODULE_ZONE, level,
-		      "%s%s%s%s: %s", (prefix != NULL ? prefix : ""),
+		      "%s%s%s%s: %s", prefix != NULL ? prefix : "",
-		      (prefix != NULL ? ": " : ""), zstr, zone->strnamerd,
+		      prefix != NULL ? ": " : "", zstr, zone->strnamerd,
 		      message);
 }
@ -20346,9 +20346,9 @@ dns_zone_setdialup(dns_zone_t *zone, dns_dialuptype_t dialup) {
 	case dns_dialuptype_no:
 		break;
 	case dns_dialuptype_yes:
-		DNS_ZONE_SETFLAG(zone, (DNS_ZONEFLG_DIALNOTIFY |
+		DNS_ZONE_SETFLAG(zone, DNS_ZONEFLG_DIALNOTIFY |
-					DNS_ZONEFLG_DIALREFRESH |
+					       DNS_ZONEFLG_DIALREFRESH |
-					DNS_ZONEFLG_NOREFRESH));
+					       DNS_ZONEFLG_NOREFRESH);
 		break;
 	case dns_dialuptype_notify:
 		DNS_ZONE_SETFLAG(zone, DNS_ZONEFLG_DIALNOTIFY);
@ -22472,7 +22472,7 @@ zone_rekey(dns_zone_t *zone) {
 			CHECK(dns_diff_apply(&diff, db, ver));
 			CHECK(clean_nsec3param(zone, db, ver, &diff));
 			CHECK(add_signing_records(db, zone->privatetype, ver,
-						  &diff, (newalg || fullsign)));
+						  &diff, newalg || fullsign));
 			CHECK(update_soa_serial(zone, db, ver, &diff, mctx,
 						zone->updatemethod));
 			CHECK(add_chains(zone, db, ver, &diff));
@ -23427,7 +23427,7 @@ dns_zone_keydone(dns_zone_t *zone, const char *keystr) {
 		isc_buffer_init(&b, kd->data, sizeof(kd->data));
 		isc_buffer_putuint8(&b, alg);
 		isc_buffer_putuint8(&b, (keyid & 0xff00) >> 8);
-		isc_buffer_putuint8(&b, (keyid & 0xff));
+		isc_buffer_putuint8(&b, keyid & 0xff);
 		isc_buffer_putuint8(&b, 0);
 		isc_buffer_putuint8(&b, 1);
 	}
@ -24206,7 +24206,7 @@ setserial(isc_task_t *task, isc_event_t *event) {
 				     "setserial: desired serial (%u) "
 				     "out of range (%u-%u)",
 				     desired, oldserial + 1,
-				     (oldserial + 0x7fffffff));
+				     oldserial + 0x7fffffff);
 		}
 		goto failure;
 	}
--- a/lib/isc/mem.c
+++ b/lib/isc/mem.c
@ -547,7 +547,7 @@ mem_create(isc_mem_t **ctxp, unsigned int flags, unsigned int jemalloc_flags) {
 		unsigned int i;
 		ctx->debuglist =
-			mallocx((DEBUG_TABLE_COUNT * sizeof(debuglist_t)),
+			mallocx(DEBUG_TABLE_COUNT * sizeof(debuglist_t),
 				ctx->jemalloc_flags);
 		INSIST(ctx->debuglist != NULL);
@ -606,7 +606,7 @@ destroy(isc_mem_t *ctx) {
 		}
 		sdallocx(ctx->debuglist,
-			 (DEBUG_TABLE_COUNT * sizeof(debuglist_t)),
+			 DEBUG_TABLE_COUNT * sizeof(debuglist_t),
 			 ctx->jemalloc_flags);
 		decrement_malloced(ctx,
 				   DEBUG_TABLE_COUNT * sizeof(debuglist_t));
--- a/lib/isc/radix.c
+++ b/lib/isc/radix.c
@ -398,7 +398,7 @@ isc_radix_insert(isc_radix_tree_t *radix, isc_radix_node_t **target,
 		}
 		/* I know the better way, but for now. */
 		for (j = 0; j < 8; j++) {
-			if (BIT_TEST(r, (0x80 >> j))) {
+			if (BIT_TEST(r, 0x80 >> j)) {
 				break;
 			}
 		}
--- a/lib/isc/result.c
+++ b/lib/isc/result.c
@ -521,13 +521,13 @@ static const char *identifier[ISC_R_NRESULTS] = {
 	[ISCCC_R_MAXDEPTH] = "ISCCC_R_MAXDEPTH",
 };
-STATIC_ASSERT((DNS_R_SERVFAIL - DNS_R_NOERROR == 2),
+STATIC_ASSERT(DNS_R_SERVFAIL - DNS_R_NOERROR == 2,
 	      "DNS_R_NOERROR has wrong value");
-STATIC_ASSERT((DNS_R_BADVERS - DNS_R_NOERROR == 16),
+STATIC_ASSERT(DNS_R_BADVERS - DNS_R_NOERROR == 16,
 	      "DNS_R_BADVERS has wrong value");
-STATIC_ASSERT((ISC_R_NRESULTS < INT32_MAX), "result.h enum too big");
+STATIC_ASSERT(ISC_R_NRESULTS < INT32_MAX, "result.h enum too big");
 const char *
 isc_result_totext(isc_result_t result) {
--- a/lib/isc/rwlock.c
+++ b/lib/isc/rwlock.c
@ -182,7 +182,7 @@ print_lock(const char *operation, isc_rwlock_t *rwl, isc_rwlocktype_t type) {
 		"cnt_and_flag=0x%x, readers_waiting=%u, "
 		"write_granted=%u, write_quota=%u\n",
 		rwl, isc_thread_self(), operation,
-		(type == isc_rwlocktype_read ? "read" : "write"),
+		type == isc_rwlocktype_read ? "read" : "write",
 		atomic_load_acquire(&rwl->write_requests),
 		atomic_load_acquire(&rwl->write_completions),
 		atomic_load_acquire(&rwl->cnt_and_flag), rwl->readers_waiting,
--- a/lib/isccfg/kaspconf.c
+++ b/lib/isccfg/kaspconf.c
@ -567,7 +567,7 @@ cfg_kasp_fromconfig(const cfg_obj_t *config, dns_kasp_t *default_kasp,
 		if (default_kasp != NULL && dns_kasp_nsec3(default_kasp)) {
 			dns_kasp_setnsec3param(
 				kasp, dns_kasp_nsec3iter(default_kasp),
-				(dns_kasp_nsec3flags(default_kasp) == 0x01),
+				dns_kasp_nsec3flags(default_kasp) == 0x01,
 				dns_kasp_nsec3saltlen(default_kasp));
 		} else {
 			dns_kasp_setnsec3(kasp, false);
--- a/lib/isccfg/parser.c
+++ b/lib/isccfg/parser.c
@ -533,9 +533,9 @@ cfg_parser_create(isc_mem_t *mctx, isc_log_t *lctx, cfg_parser_t **ret) {
 	CHECK(isc_lex_create(pctx->mctx, 1024, &pctx->lexer));
 	isc_lex_setspecials(pctx->lexer, specials);
-	isc_lex_setcomments(pctx->lexer,
+	isc_lex_setcomments(pctx->lexer, ISC_LEXCOMMENT_C |
-			    (ISC_LEXCOMMENT_C | ISC_LEXCOMMENT_CPLUSPLUS |
+						 ISC_LEXCOMMENT_CPLUSPLUS |
-			     ISC_LEXCOMMENT_SHELL));
+						 ISC_LEXCOMMENT_SHELL);
 	CHECK(cfg_create_list(pctx, &cfg_type_filelist, &pctx->open_files));
 	CHECK(cfg_create_list(pctx, &cfg_type_filelist, &pctx->closed_files));
--- a/lib/ns/client.c
+++ b/lib/ns/client.c
@ -1381,8 +1381,8 @@ process_cookie(ns_client_t *client, isc_buffer_t *buf, size_t optlen) {
 	if (alwaysvalid) {
 		now = when;
 	}
-	if (isc_serial_gt(when, (now + 300)) /* In the future. */ ||
+	if (isc_serial_gt(when, now + 300) /* In the future. */ ||
-	    isc_serial_lt(when, (now - 3600)) /* In the past. */)
+	    isc_serial_lt(when, now - 3600) /* In the past. */)
 	{
 		ns_stats_increment(client->sctx->nsstats,
 				   ns_statscounter_cookiebadtime);
--- a/lib/ns/query.c
+++ b/lib/ns/query.c
@ -4462,7 +4462,7 @@ cleanup:
 #ifdef USE_DNSRPS
 	if (st->popt.dnsrps_enabled && st->m.policy != DNS_RPZ_POLICY_ERROR &&
 	    !dnsrps_set_p(&emsg, client, st, qtype, &rdataset,
-			  (qresult_type != qresult_type_recurse)))
+			  qresult_type != qresult_type_recurse))
 	{
 		rpz_log_fail(client, DNS_RPZ_ERROR_LEVEL, NULL,
 			     DNS_RPZ_TYPE_BAD, emsg.c, DNS_R_SERVFAIL);
--- a/lib/ns/update.c
+++ b/lib/ns/update.c
@ -3621,9 +3621,9 @@ update_action(isc_task_t *task, isc_event_t *event) {
 			algorithm = dnskey.algorithm;
 			keyid = dst_region_computeid(&r);
-			result = dns_zone_signwithkey(
+			result = dns_zone_signwithkey(zone, algorithm, keyid,
-				zone, algorithm, keyid,
+						      tuple->op ==
-				(tuple->op == DNS_DIFFOP_DEL));
+							      DNS_DIFFOP_DEL);
 			if (result != ISC_R_SUCCESS) {
 				update_log(client, zone, ISC_LOG_ERROR,
 					   "dns_zone_signwithkey failed: %s",
--- a/tests/dns/dst_test.c
+++ b/tests/dns/dst_test.c
@ -77,7 +77,7 @@ sig_fromfile(const char *path, isc_buffer_t *buf) {
 	result = isc_file_getsizefd(fileno(fp), &size);
 	assert_int_equal(result, ISC_R_SUCCESS);
-	data = isc_mem_get(mctx, (size + 1));
+	data = isc_mem_get(mctx, size + 1);
 	assert_non_null(data);
 	len = (size_t)size;
@ -158,7 +158,7 @@ check_sig(const char *datapath, const char *sigpath, const char *keyname,
 	result = isc_file_getsizefd(fileno(fp), &size);
 	assert_int_equal(result, ISC_R_SUCCESS);
-	data = isc_mem_get(mctx, (size + 1));
+	data = isc_mem_get(mctx, size + 1);
 	assert_non_null(data);
 	p = data;
--- a/tests/dns/name_test.c
+++ b/tests/dns/name_test.c
@ -508,7 +508,7 @@ ISC_RUN_TEST_IMPL(hash) {
 				      testcases[i].name2, h2);
 		}
-		assert_int_equal((h1 == h2), testcases[i].expect);
+		assert_int_equal(h1 == h2, testcases[i].expect);
 		/* Now case-sensitive */
 		h1 = dns_name_hash(n1, false);
@ -521,7 +521,7 @@ ISC_RUN_TEST_IMPL(hash) {
 				      testcases[i].name2, h2);
 		}
-		assert_int_equal((h1 == h2), testcases[i].expect);
+		assert_int_equal(h1 == h2, testcases[i].expect);
 	}
 }
--- a/tests/isc/crc64_test.c
+++ b/tests/isc/crc64_test.c
@ -56,7 +56,7 @@ _crc64(const char *buf, size_t buflen, const char *result, const int repeats) {
 	char hex[16 + 1];
 	snprintf(hex, sizeof(hex), "%016" PRIX64, crc);
-	assert_memory_equal(hex, result, (result ? strlen(result) : 0));
+	assert_memory_equal(hex, result, result ? strlen(result) : 0);
 }
 /* 64-bit cyclic redundancy check */
--- a/tests/isc/hmac_test.c
+++ b/tests/isc/hmac_test.c
@ -121,7 +121,7 @@ isc_hmac_test(isc_hmac_t *hmac_st, const void *key, size_t keylen,
 	assert_return_code(res, ISC_R_SUCCESS);
-	assert_memory_equal(hexdigest, result, (result ? strlen(result) : 0));
+	assert_memory_equal(hexdigest, result, result ? strlen(result) : 0);
 	assert_int_equal(isc_hmac_reset(hmac_st), ISC_R_SUCCESS);
 }
--- a/tests/isc/md_test.c
+++ b/tests/isc/md_test.c
@ -106,7 +106,7 @@ isc_md_test(isc_md_t *md, const isc_md_type_t *type, const char *buf,
 	assert_return_code(res, ISC_R_SUCCESS);
-	assert_memory_equal(hexdigest, result, (result ? strlen(result) : 0));
+	assert_memory_equal(hexdigest, result, result ? strlen(result) : 0);
 	assert_int_equal(isc_md_reset(md), ISC_R_SUCCESS);
 }
--- a/tests/isc/task_test.c
+++ b/tests/isc/task_test.c
@ -1436,7 +1436,7 @@ try_purgeevent(bool purgeable) {
 	isc_task_detach(&task);
-	assert_int_equal(eventcnt, (purgeable ? 0 : 1));
+	assert_int_equal(eventcnt, purgeable ? 0 : 1);
 }
 /*