diff --git a/.clang-format b/.clang-format index 2e7ab89d69..ee6e784bbc 100644 --- a/.clang-format +++ b/.clang-format @@ -78,6 +78,6 @@ PenaltyBreakString: 80 PenaltyExcessCharacter: 100 Standard: Cpp11 ContinuationIndentWidth: 8 -ForEachMacros: [ 'cds_lfs_for_each', 'cds_lfs_for_each_safe', 'cds_list_for_each_entry_safe', 'ISC_LIST_FOREACH', 'ISC_LIST_FOREACH_SAFE', 'ISC_LIST_FOREACH_REV', 'ISC_LIST_FOREACH_REV_SAFE', 'MSG_SECTION_FOREACH' ] +ForEachMacros: [ 'cds_lfs_for_each', 'cds_lfs_for_each_safe', 'cds_list_for_each_entry_safe', 'ISC_LIST_FOREACH', 'ISC_LIST_FOREACH_SAFE', 'ISC_LIST_FOREACH_REV', 'ISC_LIST_FOREACH_REV_SAFE', 'MSG_SECTION_FOREACH', 'DNS_DBITERATOR_FOREACH', 'DNS_RDATASET_FOREACH', 'DNS_RDATASETITER_FOREACH', 'CFG_LIST_FOREACH' ] RemoveParentheses: ReturnStatement RemoveSemicolon: true diff --git a/bin/check/check-tool.c b/bin/check/check-tool.c index bd2733b69a..1cca74d861 100644 --- a/bin/check/check-tool.c +++ b/bin/check/check-tool.c @@ -222,8 +222,6 @@ static bool checkns(dns_zone_t *zone, const dns_name_t *name, const dns_name_t *owner, dns_rdataset_t *a, dns_rdataset_t *aaaa) { dns_rdataset_t *rdataset; - dns_rdata_t rdata = DNS_RDATA_INIT; - isc_result_t result; struct addrinfo hints = { .ai_flags = AI_CANONNAME, .ai_family = PF_UNSPEC, @@ -315,8 +313,9 @@ checkns(dns_zone_t *zone, const dns_name_t *name, const dns_name_t *owner, if (!dns_rdataset_isassociated(a)) { goto checkaaaa; } - result = dns_rdataset_first(a); - while (result == ISC_R_SUCCESS) { + + DNS_RDATASET_FOREACH (a) { + dns_rdata_t rdata = DNS_RDATA_INIT; dns_rdataset_current(a, &rdata); match = false; for (cur = ai; cur != NULL; cur = cur->ai_next) { @@ -340,16 +339,14 @@ checkns(dns_zone_t *zone, const dns_name_t *name, const dns_name_t *owner, /* XXX950 make fatal for 9.5.0 */ /* answer = false; */ } - dns_rdata_reset(&rdata); - result = dns_rdataset_next(a); } checkaaaa: if (!dns_rdataset_isassociated(aaaa)) { goto checkmissing; } - result = dns_rdataset_first(aaaa); - while (result == ISC_R_SUCCESS) { + DNS_RDATASET_FOREACH (aaaa) { + dns_rdata_t rdata = DNS_RDATA_INIT; dns_rdataset_current(aaaa, &rdata); match = false; for (cur = ai; cur != NULL; cur = cur->ai_next) { @@ -374,8 +371,6 @@ checkaaaa: /* XXX950 make fatal for 9.5.0. */ /* answer = false; */ } - dns_rdata_reset(&rdata); - result = dns_rdataset_next(aaaa); } checkmissing: @@ -403,19 +398,18 @@ checkmissing: } match = false; if (dns_rdataset_isassociated(rdataset)) { - result = dns_rdataset_first(rdataset); - } else { - result = ISC_R_FAILURE; - } - while (result == ISC_R_SUCCESS && !match) { - dns_rdataset_current(rdataset, &rdata); - if (memcmp(ptr, rdata.data, rdata.length) == 0) - { - match = true; + DNS_RDATASET_FOREACH (rdataset) { + dns_rdata_t rdata = DNS_RDATA_INIT; + dns_rdataset_current(rdataset, &rdata); + if (memcmp(ptr, rdata.data, + rdata.length) == 0) + { + match = true; + break; + } } - dns_rdata_reset(&rdata); - result = dns_rdataset_next(rdataset); } + if (!match) { dns_zone_log(zone, ISC_LOG_ERROR, "%s/NS '%s' " diff --git a/bin/check/named-checkconf.c b/bin/check/named-checkconf.c index abdd78e8e4..5f5f635ecd 100644 --- a/bin/check/named-checkconf.c +++ b/bin/check/named-checkconf.c @@ -106,10 +106,9 @@ get_maps(const cfg_obj_t **maps, const char *name, const cfg_obj_t **obj) { static bool get_checknames(const cfg_obj_t **maps, const cfg_obj_t **obj) { - const cfg_listelt_t *element; - const cfg_obj_t *checknames; - const cfg_obj_t *type; - const cfg_obj_t *value; + const cfg_obj_t *checknames = NULL; + const cfg_obj_t *type = NULL; + const cfg_obj_t *value = NULL; isc_result_t result; int i; @@ -126,9 +125,7 @@ get_checknames(const cfg_obj_t **maps, const cfg_obj_t **obj) { *obj = checknames; return true; } - for (element = cfg_list_first(checknames); element != NULL; - element = cfg_list_next(element)) - { + CFG_LIST_FOREACH (checknames, element) { value = cfg_listelt_value(element); type = cfg_tuple_get(value, "type"); if ((strcasecmp(cfg_obj_asstring(type), "primary") != @@ -471,9 +468,8 @@ configure_zone(const char *vclass, const char *view, const cfg_obj_t *zconfig, static isc_result_t configure_view(const char *vclass, const char *view, const cfg_obj_t *config, const cfg_obj_t *vconfig, isc_mem_t *mctx, bool list) { - const cfg_listelt_t *element; - const cfg_obj_t *voptions; - const cfg_obj_t *zonelist; + const cfg_obj_t *voptions = NULL; + const cfg_obj_t *zonelist = NULL; isc_result_t result = ISC_R_SUCCESS; isc_result_t tresult; @@ -489,9 +485,7 @@ configure_view(const char *vclass, const char *view, const cfg_obj_t *config, (void)cfg_map_get(config, "zone", &zonelist); } - for (element = cfg_list_first(zonelist); element != NULL; - element = cfg_list_next(element)) - { + CFG_LIST_FOREACH (zonelist, element) { const cfg_obj_t *zconfig = cfg_listelt_value(element); tresult = configure_zone(vclass, view, zconfig, vconfig, config, mctx, list); @@ -520,18 +514,15 @@ config_getclass(const cfg_obj_t *classobj, dns_rdataclass_t defclass, static isc_result_t load_zones_fromconfig(const cfg_obj_t *config, isc_mem_t *mctx, bool list_zones) { - const cfg_listelt_t *element; - const cfg_obj_t *views; - const cfg_obj_t *vconfig; + const cfg_obj_t *views = NULL; + const cfg_obj_t *vconfig = NULL; isc_result_t result = ISC_R_SUCCESS; isc_result_t tresult; views = NULL; (void)cfg_map_get(config, "view", &views); - for (element = cfg_list_first(views); element != NULL; - element = cfg_list_next(element)) - { + CFG_LIST_FOREACH (views, element) { const cfg_obj_t *classobj; dns_rdataclass_t viewclass; const char *vname; diff --git a/bin/delv/delv.c b/bin/delv/delv.c index 6de84e2354..2a4bc30f3d 100644 --- a/bin/delv/delv.c +++ b/bin/delv/delv.c @@ -470,11 +470,9 @@ printdata(dns_rdataset_t *rdataset, dns_name_t *owner) { isc_buffer_init(&target, t, len); if (short_form) { - dns_rdata_t rdata = DNS_RDATA_INIT; - for (result = dns_rdataset_first(rdataset); - result == ISC_R_SUCCESS; - result = dns_rdataset_next(rdataset)) - { + DNS_RDATASET_FOREACH (rdataset) { + dns_rdata_t rdata = DNS_RDATA_INIT; + if ((rdataset->attributes & DNS_RDATASETATTR_NEGATIVE) != 0) { @@ -495,8 +493,6 @@ printdata(dns_rdataset_t *rdataset, dns_name_t *owner) { } isc_buffer_putstr(&target, "\n"); - - dns_rdata_reset(&rdata); } } else { dns_indent_t indent = { " ", 2 }; @@ -798,17 +794,12 @@ cleanup: static isc_result_t load_keys(const cfg_obj_t *keys, dns_client_t *client, dns_view_t *toview) { - const cfg_listelt_t *elt, *elt2; - const cfg_obj_t *key, *keylist; + const cfg_obj_t *key = NULL, *keylist = NULL; isc_result_t result = ISC_R_SUCCESS; - for (elt = cfg_list_first(keys); elt != NULL; elt = cfg_list_next(elt)) - { + CFG_LIST_FOREACH (keys, elt) { keylist = cfg_listelt_value(elt); - - for (elt2 = cfg_list_first(keylist); elt2 != NULL; - elt2 = cfg_list_next(elt2)) - { + CFG_LIST_FOREACH (keylist, elt2) { key = cfg_listelt_value(elt2); CHECK(key_fromconfig(key, client, toview)); } diff --git a/bin/dig/dig.c b/bin/dig/dig.c index b8b6468c69..8ede6acdb5 100644 --- a/bin/dig/dig.c +++ b/bin/dig/dig.c @@ -579,25 +579,23 @@ dns64prefix_answer(dns_message_t *msg, isc_buffer_t *buf) { static isc_result_t short_answer(dns_message_t *msg, dns_messagetextflag_t flags, isc_buffer_t *buf, dig_query_t *query) { - isc_result_t result, loopresult; dns_name_t empty_name; - dns_rdata_t rdata = DNS_RDATA_INIT; UNUSED(flags); dns_name_init(&empty_name); MSG_SECTION_FOREACH (msg, DNS_SECTION_ANSWER, name) { ISC_LIST_FOREACH (name->list, rdataset, link) { - loopresult = dns_rdataset_first(rdataset); - while (loopresult == ISC_R_SUCCESS) { + DNS_RDATASET_FOREACH (rdataset) { + dns_rdata_t rdata = DNS_RDATA_INIT; dns_rdataset_current(rdataset, &rdata); - result = say_message(&rdata, query, buf); + + isc_result_t result = say_message(&rdata, query, + buf); if (result == ISC_R_NOSPACE) { return result; } check_result(result, "say_message"); - loopresult = dns_rdataset_next(rdataset); - dns_rdata_reset(&rdata); } } } @@ -2770,7 +2768,7 @@ dash_option(char *option, char *next, dig_lookup_t **lookup, printgreeting(argc, argv, *lookup); *firstarg = false; } - ISC_LIST_APPEND(lookup_list, (*lookup), link); + ISC_LIST_APPEND(lookup_list, *lookup, link); debug("looking up %s", (*lookup)->textname); } return value_from_next; diff --git a/bin/dig/dighost.c b/bin/dig/dighost.c index 14f5238974..0cafbcdf68 100644 --- a/bin/dig/dighost.c +++ b/bin/dig/dighost.c @@ -1800,7 +1800,6 @@ followup_lookup(dns_message_t *msg, dig_query_t *query, dns_section_t section) { dig_lookup_t *lookup = NULL; dig_server_t *srv = NULL; dns_rdataset_t *rdataset = NULL; - dns_rdata_t rdata = DNS_RDATA_INIT; isc_result_t result = ISC_R_NOMORE; bool success = false; int numLookups = 0; @@ -1858,10 +1857,8 @@ followup_lookup(dns_message_t *msg, dig_query_t *query, dns_section_t section) { } } - for (result = dns_rdataset_first(rdataset); - result == ISC_R_SUCCESS; - result = dns_rdataset_next(rdataset)) - { + DNS_RDATASET_FOREACH (rdataset) { + dns_rdata_t rdata = DNS_RDATA_INIT; char namestr[DNS_NAME_FORMATSIZE]; dns_rdata_ns_t ns; @@ -1916,7 +1913,6 @@ followup_lookup(dns_message_t *msg, dig_query_t *query, dns_section_t section) { } } numLookups += num; - dns_rdata_reset(&rdata); } } if (numLookups == 0 && addresses_result != ISC_R_SUCCESS) { @@ -3654,7 +3650,6 @@ tcp_connected(isc_nmhandle_t *handle, isc_result_t eresult, void *arg) { static bool check_for_more_data(dig_lookup_t *lookup, dig_query_t *query, dns_message_t *msg, isc_sockaddr_t *peer, int len) { - dns_rdata_t rdata = DNS_RDATA_INIT; dns_rdata_soa_t soa; uint32_t ixfr_serial = lookup->ixfr_serial, serial; isc_result_t result; @@ -3685,14 +3680,11 @@ check_for_more_data(dig_lookup_t *lookup, dig_query_t *query, } MSG_SECTION_FOREACH (msg, DNS_SECTION_ANSWER, name) { ISC_LIST_FOREACH (name->list, rdataset, link) { - result = dns_rdataset_first(rdataset); - if (result != ISC_R_SUCCESS) { - continue; - } - do { - query->rr_count++; - dns_rdata_reset(&rdata); + DNS_RDATASET_FOREACH (rdataset) { + dns_rdata_t rdata = DNS_RDATA_INIT; dns_rdataset_current(rdataset, &rdata); + + query->rr_count++; /* * If this is the first rr, make sure * it's an SOA @@ -3711,7 +3703,7 @@ check_for_more_data(dig_lookup_t *lookup, dig_query_t *query, query->second_rr_serial = 0; debug("got the second rr as nonsoa"); axfr = query->ixfr_axfr = true; - goto next_rdata; + continue; } /* @@ -3719,7 +3711,7 @@ check_for_more_data(dig_lookup_t *lookup, dig_query_t *query, * now, just continue on... */ if (rdata.type != dns_rdatatype_soa) { - goto next_rdata; + continue; } /* Now we have an SOA. Work with it. */ @@ -3740,7 +3732,7 @@ check_for_more_data(dig_lookup_t *lookup, dig_query_t *query, "response"); goto doexit; } - goto next_rdata; + continue; } if (axfr) { debug("doing axfr, got second SOA"); @@ -3756,7 +3748,7 @@ check_for_more_data(dig_lookup_t *lookup, dig_query_t *query, serial); query->second_rr_rcvd = true; query->second_rr_serial = serial; - goto next_rdata; + continue; } /* * If we get to this point, we're doing an @@ -3767,15 +3759,13 @@ check_for_more_data(dig_lookup_t *lookup, dig_query_t *query, debug("got a match for ixfr"); if (!query->first_repeat_rcvd) { query->first_repeat_rcvd = true; - goto next_rdata; + continue; } debug("done with ixfr"); goto doexit; } debug("meaningless soa %u", serial); - next_rdata: - result = dns_rdataset_next(rdataset); - } while (result == ISC_R_SUCCESS); + } } } diff --git a/bin/dig/host.c b/bin/dig/host.c index b89fca0817..b2cdf878d2 100644 --- a/bin/dig/host.c +++ b/bin/dig/host.c @@ -207,9 +207,8 @@ static isc_result_t printsection(dns_message_t *msg, dns_section_t sectionid, const char *section_name, bool headers, dig_query_t *query) { dns_name_t *print_name; - dns_rdata_t rdata = DNS_RDATA_INIT; isc_buffer_t target; - isc_result_t result, loopresult; + isc_result_t result; isc_region_t r; dns_name_t empty_name; char tbuf[4096] = { 0 }; @@ -262,8 +261,8 @@ printsection(dns_message_t *msg, dns_section_t sectionid, UNUSED(first); /* Shut up compiler. */ #endif /* ifdef USEINITALWS */ } else { - loopresult = dns_rdataset_first(rdataset); - while (loopresult == ISC_R_SUCCESS) { + DNS_RDATASET_FOREACH (rdataset) { + dns_rdata_t rdata = DNS_RDATA_INIT; struct rtype *t; const char *rtt; char typebuf[DNS_RDATATYPE_FORMATSIZE]; @@ -287,9 +286,6 @@ printsection(dns_message_t *msg, dns_section_t sectionid, found: say_message(print_name, rtt, &rdata, query); - dns_rdata_reset(&rdata); - loopresult = - dns_rdataset_next(rdataset); } } } diff --git a/bin/dig/nslookup.c b/bin/dig/nslookup.c index 66e238089c..8f6b57f554 100644 --- a/bin/dig/nslookup.c +++ b/bin/dig/nslookup.c @@ -198,7 +198,6 @@ printrdata(dns_rdata_t *rdata) { static isc_result_t printsection(dig_query_t *query, dns_message_t *msg, bool headers, dns_section_t section) { - dns_rdata_t rdata = DNS_RDATA_INIT; char namebuf[DNS_NAME_FORMATSIZE]; UNUSED(query); @@ -208,8 +207,8 @@ printsection(dig_query_t *query, dns_message_t *msg, bool headers, MSG_SECTION_FOREACH (msg, section, name) { ISC_LIST_FOREACH (name->list, rdataset, link) { - isc_result_t loopresult = dns_rdataset_first(rdataset); - while (loopresult == ISC_R_SUCCESS) { + DNS_RDATASET_FOREACH (rdataset) { + dns_rdata_t rdata = DNS_RDATA_INIT; dns_rdataset_current(rdataset, &rdata); switch (rdata.type) { case dns_rdatatype_a: @@ -236,8 +235,6 @@ printsection(dig_query_t *query, dns_message_t *msg, bool headers, printrdata(&rdata); break; } - dns_rdata_reset(&rdata); - loopresult = dns_rdataset_next(rdataset); } } } @@ -247,7 +244,6 @@ printsection(dig_query_t *query, dns_message_t *msg, bool headers, static isc_result_t detailsection(dig_query_t *query, dns_message_t *msg, bool headers, dns_section_t section) { - dns_rdata_t rdata = DNS_RDATA_INIT; char namebuf[DNS_NAME_FORMATSIZE]; UNUSED(query); @@ -283,8 +279,8 @@ detailsection(dig_query_t *query, dns_message_t *msg, bool headers, namebuf, sizeof(namebuf)); printf("class = %s\n", namebuf); } - isc_result_t loopresult = dns_rdataset_first(rdataset); - while (loopresult == ISC_R_SUCCESS) { + DNS_RDATASET_FOREACH (rdataset) { + dns_rdata_t rdata = DNS_RDATA_INIT; dns_rdataset_current(rdataset, &rdata); dns_name_format(name, namebuf, sizeof(namebuf)); @@ -298,9 +294,7 @@ detailsection(dig_query_t *query, dns_message_t *msg, bool headers, printf("\t"); printrdata(&rdata); } - dns_rdata_reset(&rdata); printf("\tttl = %u\n", rdataset->ttl); - loopresult = dns_rdataset_next(rdataset); } } } diff --git a/bin/dnssec/dnssec-cds.c b/bin/dnssec/dnssec-cds.c index 9b43a19a1e..ecab56dd67 100644 --- a/bin/dnssec/dnssec-cds.c +++ b/bin/dnssec/dnssec-cds.c @@ -469,9 +469,7 @@ match_key_dsset(keyinfo_t *ki, dns_rdataset_t *dsset, strictness_t strictness) { isc_result_t result; unsigned char dsbuf[DNS_DS_BUFFERSIZE]; - for (result = dns_rdataset_first(dsset); result == ISC_R_SUCCESS; - result = dns_rdataset_next(dsset)) - { + DNS_RDATASET_FOREACH (dsset) { dns_rdata_ds_t ds; dns_rdata_t dsrdata = DNS_RDATA_INIT; dns_rdata_t newdsrdata = DNS_RDATA_INIT; @@ -529,22 +527,20 @@ static keyinfo_t * match_keyset_dsset(dns_rdataset_t *keyset, dns_rdataset_t *dsset, strictness_t strictness) { isc_result_t result; - keyinfo_t *keytable, *ki; - int i; + keyinfo_t *keytable = NULL, *ki = NULL; + int i = 0; nkey = dns_rdataset_count(keyset); keytable = isc_mem_cget(mctx, nkey, sizeof(keytable[0])); + ki = keytable; - for (result = dns_rdataset_first(keyset), i = 0, ki = keytable; - result == ISC_R_SUCCESS; - result = dns_rdataset_next(keyset), i++, ki++) - { + DNS_RDATASET_FOREACH (keyset) { dns_rdata_dnskey_t dnskey; - dns_rdata_t *keyrdata; + dns_rdata_t *keyrdata = NULL; isc_region_t r; - INSIST(i < nkey); + INSIST(i++ < nkey); keyrdata = &ki->rdata; dns_rdata_init(keyrdata); @@ -559,6 +555,7 @@ match_keyset_dsset(dns_rdataset_t *keyset, dns_rdataset_t *dsset, ki->dst = NULL; if (!match_key_dsset(ki, dsset, strictness)) { + ki++; continue; } @@ -570,6 +567,7 @@ match_keyset_dsset(dns_rdataset_t *keyset, dns_rdataset_t *dsset, "keytag=%d, algo=%d): %s\n", ki->tag, ki->algo, isc_result_totext(result)); } + ki++; } return keytable; @@ -606,16 +604,14 @@ static dns_secalg_t * matching_sigs(keyinfo_t *keytbl, dns_rdataset_t *rdataset, dns_rdataset_t *sigset) { isc_result_t result; - dns_secalg_t *algo; + dns_secalg_t *algo = NULL; int i; REQUIRE(keytbl != NULL); algo = isc_mem_cget(mctx, nkey, sizeof(algo[0])); - for (result = dns_rdataset_first(sigset); result == ISC_R_SUCCESS; - result = dns_rdataset_next(sigset)) - { + DNS_RDATASET_FOREACH (sigset) { dns_rdata_t sigrdata = DNS_RDATA_INIT; dns_rdata_rrsig_t sig; @@ -709,9 +705,7 @@ signed_strict(dns_rdataset_t *dsset, dns_secalg_t *algo) { isc_result_t result; bool all_ok = true; - for (result = dns_rdataset_first(dsset); result == ISC_R_SUCCESS; - result = dns_rdataset_next(dsset)) - { + DNS_RDATASET_FOREACH (dsset) { dns_rdata_t dsrdata = DNS_RDATA_INIT; dns_rdata_ds_t ds; bool ds_ok; @@ -791,9 +785,7 @@ append_new_ds_set(ds_maker_func_t *ds_from_rdata, isc_buffer_t *buf, dns_rdataset_t *crdset) { isc_result_t result; - for (result = dns_rdataset_first(crdset); result == ISC_R_SUCCESS; - result = dns_rdataset_next(crdset)) - { + DNS_RDATASET_FOREACH (crdset) { dns_rdata_t crdata = DNS_RDATA_INIT; dns_rdata_t *ds = NULL; @@ -876,12 +868,12 @@ rdata_cmp(const void *rdata1, const void *rdata2) { static bool consistent_digests(dns_rdataset_t *dsset) { isc_result_t result; - dns_rdata_t *arrdata; - dns_rdata_ds_t *ds; + dns_rdata_t *arrdata = NULL; + dns_rdata_ds_t *ds = NULL; dns_keytag_t key_tag; dns_secalg_t algorithm; bool match; - int i, j, n, d; + int i = 0, j, n, d; /* * First sort the dsset. DS rdata fields are tag, algorithm, @@ -893,11 +885,10 @@ consistent_digests(dns_rdataset_t *dsset) { arrdata = isc_mem_cget(mctx, n, sizeof(dns_rdata_t)); - for (result = dns_rdataset_first(dsset), i = 0; result == ISC_R_SUCCESS; - result = dns_rdataset_next(dsset), i++) - { + DNS_RDATASET_FOREACH (dsset) { dns_rdata_init(&arrdata[i]); dns_rdataset_current(dsset, &arrdata[i]); + i++; } qsort(arrdata, n, sizeof(dns_rdata_t), rdata_cmp); diff --git a/bin/dnssec/dnssec-dsfromkey.c b/bin/dnssec/dnssec-dsfromkey.c index c5c5c4d417..81050bd1fd 100644 --- a/bin/dnssec/dnssec-dsfromkey.c +++ b/bin/dnssec/dnssec-dsfromkey.c @@ -371,9 +371,6 @@ main(int argc, char **argv) { bool showall = false; isc_result_t result; dns_rdataset_t rdataset; - dns_rdata_t rdata; - - dns_rdata_init(&rdata); if (argc == 1) { usage(); @@ -516,11 +513,8 @@ main(int argc, char **argv) { isc_result_totext(result)); } - for (result = dns_rdataset_first(&rdataset); - result == ISC_R_SUCCESS; - result = dns_rdataset_next(&rdataset)) - { - dns_rdata_init(&rdata); + DNS_RDATASET_FOREACH (&rdataset) { + dns_rdata_t rdata = DNS_RDATA_INIT; dns_rdataset_current(&rdataset, &rdata); if (verbose > 2) { @@ -531,6 +525,7 @@ main(int argc, char **argv) { } } else { unsigned char key_buf[DST_KEY_MAXSIZE]; + dns_rdata_t rdata = DNS_RDATA_INIT; loadkey(arg1, key_buf, DST_KEY_MAXSIZE, &rdata); diff --git a/bin/dnssec/dnssec-importkey.c b/bin/dnssec/dnssec-importkey.c index 7ad8a14428..fa6cb4fe92 100644 --- a/bin/dnssec/dnssec-importkey.c +++ b/bin/dnssec/dnssec-importkey.c @@ -298,15 +298,12 @@ int main(int argc, char **argv) { char *classname = NULL; char *filename = NULL, *dir = NULL, *namestr; - char *endp; + char *endp = NULL; int ch; isc_result_t result; dns_rdataset_t rdataset; - dns_rdata_t rdata; isc_stdtime_t now = isc_stdtime_now(); - dns_rdata_init(&rdata); - if (argc == 1) { usage(); } @@ -433,16 +430,14 @@ main(int argc, char **argv) { isc_result_totext(result)); } - for (result = dns_rdataset_first(&rdataset); - result == ISC_R_SUCCESS; - result = dns_rdataset_next(&rdataset)) - { - dns_rdata_init(&rdata); + DNS_RDATASET_FOREACH (&rdataset) { + dns_rdata_t rdata = DNS_RDATA_INIT; dns_rdataset_current(&rdataset, &rdata); emit(dir, &rdata); } } else { unsigned char key_buf[DST_KEY_MAXSIZE]; + dns_rdata_t rdata = DNS_RDATA_INIT; loadkey(argv[isc_commandline_index], key_buf, DST_KEY_MAXSIZE, &rdata); diff --git a/bin/dnssec/dnssec-signzone.c b/bin/dnssec/dnssec-signzone.c index 4de69f56f0..c4b95dace9 100644 --- a/bin/dnssec/dnssec-signzone.c +++ b/bin/dnssec/dnssec-signzone.c @@ -199,7 +199,6 @@ savezonecut(dns_fixedname_t *fzonecut, dns_name_t *name) { static void dumpnode(dns_name_t *name, dns_dbnode_t *node) { - dns_rdataset_t rds; dns_rdatasetiter_t *iter = NULL; isc_buffer_t *buffer = NULL; isc_region_t r; @@ -213,13 +212,10 @@ dumpnode(dns_name_t *name, dns_dbnode_t *node) { result = dns_db_allrdatasets(gdb, node, gversion, 0, 0, &iter); check_result(result, "dns_db_allrdatasets"); - dns_rdataset_init(&rds); - isc_buffer_allocate(mctx, &buffer, bufsize); - for (result = dns_rdatasetiter_first(iter); result == ISC_R_SUCCESS; - result = dns_rdatasetiter_next(iter)) - { + DNS_RDATASETITER_FOREACH (iter) { + dns_rdataset_t rds = DNS_RDATASET_INIT; dns_rdatasetiter_current(iter, &rds); if (rds.type != dns_rdatatype_rrsig && @@ -479,7 +475,6 @@ static void signset(dns_diff_t *del, dns_diff_t *add, dns_dbnode_t *node, dns_name_t *name, dns_rdataset_t *set) { dns_rdataset_t sigset; - dns_rdata_t sigrdata = DNS_RDATA_INIT; dns_rdata_rrsig_t rrsig; isc_result_t result; bool nosigs = false; @@ -524,152 +519,161 @@ signset(dns_diff_t *del, dns_diff_t *add, dns_dbnode_t *node, dns_name_t *name, wassignedby[i] = nowsignedby[i] = false; } - if (nosigs) { - result = ISC_R_NOMORE; - } else { - result = dns_rdataset_first(&sigset); - } + if (!nosigs) { + DNS_RDATASET_FOREACH (&sigset) { + dns_rdata_t sigrdata = DNS_RDATA_INIT; + dns_dnsseckey_t *key = NULL; + bool expired, refresh, future, offline; + bool keep = false, resign = false; - while (result == ISC_R_SUCCESS) { - dns_dnsseckey_t *key = NULL; - bool expired, refresh, future, offline; - bool keep = false, resign = false; + dns_rdataset_current(&sigset, &sigrdata); - dns_rdataset_current(&sigset, &sigrdata); + result = dns_rdata_tostruct(&sigrdata, &rrsig, NULL); + check_result(result, "dns_rdata_tostruct"); - result = dns_rdata_tostruct(&sigrdata, &rrsig, NULL); - check_result(result, "dns_rdata_tostruct"); + future = isc_serial_lt(now, rrsig.timesigned); - future = isc_serial_lt(now, rrsig.timesigned); + key = keythatsigned(&rrsig); + offline = (key != NULL) ? key->pubkey : false; + sig_format(&rrsig, sigstr, sizeof(sigstr)); + expired = isc_serial_gt(now, rrsig.timeexpire); + refresh = isc_serial_gt(now + cycle, rrsig.timeexpire); - key = keythatsigned(&rrsig); - offline = (key != NULL) ? key->pubkey : false; - sig_format(&rrsig, sigstr, sizeof(sigstr)); - expired = isc_serial_gt(now, rrsig.timeexpire); - refresh = isc_serial_gt(now + cycle, rrsig.timeexpire); - - if (isc_serial_gt(rrsig.timesigned, rrsig.timeexpire)) { - /* rrsig is dropped and not replaced */ - vbprintf(2, - "\trrsig by %s dropped - " - "invalid validity period\n", - sigstr); - } else if (key == NULL && !future && - expecttofindkey(&rrsig.signer)) - { - /* rrsig is dropped and not replaced */ - vbprintf(2, - "\trrsig by %s dropped - " - "private dnskey not found\n", - sigstr); - } else if (key == NULL || future) { - keep = (!expired && !remove_orphansigs); - vbprintf(2, "\trrsig by %s %s - dnskey not found\n", - keep ? "retained" : "dropped", sigstr); - } else if (!dns_dnssec_keyactive(key->key, now) && - remove_inactkeysigs) - { - keep = false; - vbprintf(2, "\trrsig by %s dropped - key inactive\n", - sigstr); - } else if (issigningkey(key)) { - wassignedby[key->index] = true; - - if (!refresh && rrsig.originalttl == set->ttl && - setverifies(name, set, key->key, &sigrdata)) + if (isc_serial_gt(rrsig.timesigned, rrsig.timeexpire)) { + /* rrsig is dropped and not replaced */ + vbprintf(2, + "\trrsig by %s dropped - " + "invalid validity period\n", + sigstr); + } else if (key == NULL && !future && + expecttofindkey(&rrsig.signer)) { + /* rrsig is dropped and not replaced */ + vbprintf(2, + "\trrsig by %s dropped - " + "private dnskey not found\n", + sigstr); + } else if (key == NULL || future) { + keep = (!expired && !remove_orphansigs); + vbprintf( + 2, + "\trrsig by %s %s - dnskey not found\n", + keep ? "retained" : "dropped", sigstr); + } else if (!dns_dnssec_keyactive(key->key, now) && + remove_inactkeysigs) + { + keep = false; + vbprintf(2, + "\trrsig by %s dropped - key " + "inactive\n", + sigstr); + } else if (issigningkey(key)) { + wassignedby[key->index] = true; + + if (!refresh && rrsig.originalttl == set->ttl && + setverifies(name, set, key->key, &sigrdata)) + { + vbprintf(2, "\trrsig by %s retained\n", + sigstr); + keep = true; + } else if (offline) { + vbprintf(2, + "\trrsig by %s retained - " + "private key " + "missing\n", + sigstr); + keep = true; + } else { + vbprintf(2, + "\trrsig by %s dropped - %s\n", + sigstr, + refresh ? "refresh" + : rrsig.originalttl != set->ttl + ? "ttl change" + : "failed to " + "verify"); + resign = true; + } + } else if (!ispublishedkey(key) && remove_orphansigs) { + vbprintf(2, + "\trrsig by %s dropped - dnskey " + "removed\n", + sigstr); + } else if (iszonekey(key)) { + wassignedby[key->index] = true; + + if (!refresh && rrsig.originalttl == set->ttl && + setverifies(name, set, key->key, &sigrdata)) + { + vbprintf(2, "\trrsig by %s retained\n", + sigstr); + keep = true; + } else if (offline) { + vbprintf(2, + "\trrsig by %s retained - " + "private key " + "missing\n", + sigstr); + keep = true; + } else { + vbprintf(2, + "\trrsig by %s dropped - %s\n", + sigstr, + refresh ? "refresh" + : rrsig.originalttl != set->ttl + ? "ttl change" + : "failed to " + "verify"); + } + } else if (!refresh) { vbprintf(2, "\trrsig by %s retained\n", sigstr); keep = true; - } else if (offline) { - vbprintf(2, - "\trrsig by %s retained - private key " - "missing\n", - sigstr); - keep = true; } else { - vbprintf(2, "\trrsig by %s dropped - %s\n", - sigstr, - refresh ? "refresh" - : rrsig.originalttl != set->ttl - ? "ttl change" - : "failed to " - "verify"); - resign = true; + vbprintf(2, "\trrsig by %s %s\n", sigstr, + expired ? "expired" : "needs refresh"); } - } else if (!ispublishedkey(key) && remove_orphansigs) { - vbprintf(2, "\trrsig by %s dropped - dnskey removed\n", - sigstr); - } else if (iszonekey(key)) { - wassignedby[key->index] = true; - if (!refresh && rrsig.originalttl == set->ttl && - setverifies(name, set, key->key, &sigrdata)) - { - vbprintf(2, "\trrsig by %s retained\n", sigstr); - keep = true; - } else if (offline) { - vbprintf(2, - "\trrsig by %s retained - private key " - "missing\n", - sigstr); - keep = true; + if (keep) { + if (key != NULL) { + nowsignedby[key->index] = true; + } + INCSTAT(nretained); + if (sigset.ttl != ttl) { + vbprintf(2, "\tfixing ttl %s\n", + sigstr); + tuple = NULL; + dns_difftuple_create( + mctx, DNS_DIFFOP_DELRESIGN, + name, sigset.ttl, &sigrdata, + &tuple); + dns_diff_append(del, &tuple); + dns_difftuple_create( + mctx, DNS_DIFFOP_ADDRESIGN, + name, ttl, &sigrdata, &tuple); + dns_diff_append(add, &tuple); + } } else { - vbprintf(2, "\trrsig by %s dropped - %s\n", - sigstr, - refresh ? "refresh" - : rrsig.originalttl != set->ttl - ? "ttl change" - : "failed to " - "verify"); - } - } else if (!refresh) { - vbprintf(2, "\trrsig by %s retained\n", sigstr); - keep = true; - } else { - vbprintf(2, "\trrsig by %s %s\n", sigstr, - expired ? "expired" : "needs refresh"); - } - - if (keep) { - if (key != NULL) { - nowsignedby[key->index] = true; - } - INCSTAT(nretained); - if (sigset.ttl != ttl) { - vbprintf(2, "\tfixing ttl %s\n", sigstr); tuple = NULL; + vbprintf(2, "\tremoving signature by %s\n", + sigstr); dns_difftuple_create(mctx, DNS_DIFFOP_DELRESIGN, name, sigset.ttl, &sigrdata, &tuple); dns_diff_append(del, &tuple); - dns_difftuple_create(mctx, DNS_DIFFOP_ADDRESIGN, - name, ttl, &sigrdata, - &tuple); - dns_diff_append(add, &tuple); + INCSTAT(ndropped); } - } else { - tuple = NULL; - vbprintf(2, "\tremoving signature by %s\n", sigstr); - dns_difftuple_create(mctx, DNS_DIFFOP_DELRESIGN, name, - sigset.ttl, &sigrdata, &tuple); - dns_diff_append(del, &tuple); - INCSTAT(ndropped); + + if (resign) { + INSIST(!keep); + + signwithkey(name, set, key->key, ttl, add, + "resigning with dnskey"); + nowsignedby[key->index] = true; + } + + dns_rdata_reset(&sigrdata); + dns_rdata_freestruct(&rrsig); } - - if (resign) { - INSIST(!keep); - - signwithkey(name, set, key->key, ttl, add, - "resigning with dnskey"); - nowsignedby[key->index] = true; - } - - dns_rdata_reset(&sigrdata); - dns_rdata_freestruct(&rrsig); - result = dns_rdataset_next(&sigset); - } - if (result == ISC_R_NOMORE) { - result = ISC_R_SUCCESS; } check_result(result, "dns_rdataset_first/next"); @@ -1014,7 +1018,6 @@ loadds(dns_name_t *name, uint32_t ttl, dns_rdataset_t *dsset) { dns_dbnode_t *node = NULL; isc_result_t result; dns_rdataset_t keyset; - dns_rdata_t key, ds; unsigned char dsbuf[DNS_DS_BUFFERSIZE]; dns_diff_t diff; dns_difftuple_t *tuple = NULL; @@ -1064,11 +1067,9 @@ loadds(dns_name_t *name, uint32_t ttl, dns_rdataset_t *dsset) { check_result(result, "dns_db_newversion"); dns_diff_init(mctx, &diff); - for (result = dns_rdataset_first(&keyset); result == ISC_R_SUCCESS; - result = dns_rdataset_next(&keyset)) - { - dns_rdata_init(&key); - dns_rdata_init(&ds); + DNS_RDATASET_FOREACH (&keyset) { + dns_rdata_t key = DNS_RDATA_INIT; + dns_rdata_t ds = DNS_RDATA_INIT; dns_rdataset_current(&keyset, &key); result = dns_ds_buildrdata(name, &key, DNS_DSDIGEST_SHA256, dsbuf, &ds); @@ -1186,8 +1187,7 @@ signname(dns_dbnode_t *node, bool apex, dns_name_t *name) { rdsiter = NULL; result = dns_db_allrdatasets(gdb, node, gversion, 0, 0, &rdsiter); check_result(result, "dns_db_allrdatasets()"); - result = dns_rdatasetiter_first(rdsiter); - while (result == ISC_R_SUCCESS) { + DNS_RDATASETITER_FOREACH (rdsiter) { dns_rdatasetiter_current(rdsiter, &rdataset); /* If this is a RRSIG set, skip it. */ @@ -1221,11 +1221,6 @@ signname(dns_dbnode_t *node, bool apex, dns_name_t *name) { skip: dns_rdataset_disassociate(&rdataset); - result = dns_rdatasetiter_next(rdsiter); - } - if (result != ISC_R_NOMORE) { - fatal("rdataset iteration for name '%s' failed: %s", namestr, - isc_result_totext(result)); } dns_rdatasetiter_destroy(&rdsiter); @@ -1256,43 +1251,31 @@ active_node(dns_dbnode_t *node) { dns_rdatasetiter_t *rdsiter2 = NULL; bool active = false; isc_result_t result; - dns_rdataset_t rdataset; + dns_rdataset_t rdataset = DNS_RDATASET_INIT; dns_rdatatype_t type; dns_rdatatype_t covers; bool found; - dns_rdataset_init(&rdataset); result = dns_db_allrdatasets(gdb, node, gversion, 0, 0, &rdsiter); check_result(result, "dns_db_allrdatasets()"); - result = dns_rdatasetiter_first(rdsiter); - while (result == ISC_R_SUCCESS) { + DNS_RDATASETITER_FOREACH (rdsiter) { dns_rdatasetiter_current(rdsiter, &rdataset); - if (rdataset.type != dns_rdatatype_nsec && - rdataset.type != dns_rdatatype_nsec3 && - rdataset.type != dns_rdatatype_rrsig) + dns_rdatatype_t t = rdataset.type; + dns_rdataset_disassociate(&rdataset); + + if (t != dns_rdatatype_nsec && t != dns_rdatatype_nsec3 && + t != dns_rdatatype_rrsig) { active = true; + break; } - dns_rdataset_disassociate(&rdataset); - if (!active) { - result = dns_rdatasetiter_next(rdsiter); - } else { - result = ISC_R_NOMORE; - } - } - if (result != ISC_R_NOMORE) { - fatal("rdataset iteration failed: %s", - isc_result_totext(result)); } if (!active && nsec_datatype == dns_rdatatype_nsec) { /*% * The node is empty of everything but NSEC / RRSIG records. */ - for (result = dns_rdatasetiter_first(rdsiter); - result == ISC_R_SUCCESS; - result = dns_rdatasetiter_next(rdsiter)) - { + DNS_RDATASETITER_FOREACH (rdsiter) { dns_rdatasetiter_current(rdsiter, &rdataset); result = dns_db_deleterdataset(gdb, node, gversion, rdataset.type, @@ -1300,10 +1283,6 @@ active_node(dns_dbnode_t *node) { check_result(result, "dns_db_deleterdataset()"); dns_rdataset_disassociate(&rdataset); } - if (result != ISC_R_NOMORE) { - fatal("rdataset iteration failed: %s", - isc_result_totext(result)); - } } else { /* * Delete RRSIGs for types that no longer exist. @@ -1311,10 +1290,7 @@ active_node(dns_dbnode_t *node) { result = dns_db_allrdatasets(gdb, node, gversion, 0, 0, &rdsiter2); check_result(result, "dns_db_allrdatasets()"); - for (result = dns_rdatasetiter_first(rdsiter); - result == ISC_R_SUCCESS; - result = dns_rdatasetiter_next(rdsiter)) - { + DNS_RDATASETITER_FOREACH (rdsiter) { dns_rdatasetiter_current(rdsiter, &rdataset); type = rdataset.type; covers = rdataset.covers; @@ -1337,10 +1313,7 @@ active_node(dns_dbnode_t *node) { continue; } found = false; - for (result = dns_rdatasetiter_first(rdsiter2); - !found && result == ISC_R_SUCCESS; - result = dns_rdatasetiter_next(rdsiter2)) - { + DNS_RDATASETITER_FOREACH (rdsiter2) { dns_rdatasetiter_current(rdsiter2, &rdataset); if (rdataset.type == covers) { found = true; @@ -1348,25 +1321,15 @@ active_node(dns_dbnode_t *node) { dns_rdataset_disassociate(&rdataset); } if (!found) { - if (result != ISC_R_NOMORE) { - fatal("rdataset iteration failed: %s", - isc_result_totext(result)); - } result = dns_db_deleterdataset( gdb, node, gversion, type, covers); check_result(result, "dns_db_deleterdataset(" "rrsig)"); - } else if (result != ISC_R_NOMORE && - result != ISC_R_SUCCESS) - { + } else if (result != ISC_R_SUCCESS) { fatal("rdataset iteration failed: %s", isc_result_totext(result)); } } - if (result != ISC_R_NOMORE) { - fatal("rdataset iteration failed: %s", - isc_result_totext(result)); - } dns_rdatasetiter_destroy(&rdsiter2); } dns_rdatasetiter_destroy(&rdsiter); @@ -1720,18 +1683,14 @@ remove_records(dns_dbnode_t *node, dns_rdatatype_t which, bool checknsec) { isc_result_t result; dns_rdatatype_t type, covers; dns_rdatasetiter_t *rdsiter = NULL; - dns_rdataset_t rdataset; - - dns_rdataset_init(&rdataset); /* * Delete any records of the given type at the apex. */ result = dns_db_allrdatasets(gdb, node, gversion, 0, 0, &rdsiter); check_result(result, "dns_db_allrdatasets()"); - for (result = dns_rdatasetiter_first(rdsiter); result == ISC_R_SUCCESS; - result = dns_rdatasetiter_next(rdsiter)) - { + DNS_RDATASETITER_FOREACH (rdsiter) { + dns_rdataset_t rdataset = DNS_RDATASET_INIT; dns_rdatasetiter_current(rdsiter, &rdataset); type = rdataset.type; covers = rdataset.covers; @@ -1767,14 +1726,11 @@ remove_sigs(dns_dbnode_t *node, bool delegation, dns_rdatatype_t which) { isc_result_t result; dns_rdatatype_t type, covers; dns_rdatasetiter_t *rdsiter = NULL; - dns_rdataset_t rdataset; - dns_rdataset_init(&rdataset); result = dns_db_allrdatasets(gdb, node, gversion, 0, 0, &rdsiter); check_result(result, "dns_db_allrdatasets()"); - for (result = dns_rdatasetiter_first(rdsiter); result == ISC_R_SUCCESS; - result = dns_rdatasetiter_next(rdsiter)) - { + DNS_RDATASETITER_FOREACH (rdsiter) { + dns_rdataset_t rdataset = DNS_RDATASET_INIT; dns_rdatasetiter_current(rdsiter, &rdataset); type = rdataset.type; covers = rdataset.covers; @@ -1811,36 +1767,28 @@ nsecify(void) { dns_dbiterator_t *dbiter = NULL; dns_dbnode_t *node = NULL, *nextnode = NULL; dns_fixedname_t fname, fnextname, fzonecut; - dns_name_t *name, *nextname, *zonecut; - dns_rdataset_t rdataset; + dns_name_t *name = dns_fixedname_initname(&fname); + dns_name_t *nextname = dns_fixedname_initname(&fnextname); + dns_name_t *zonecut = NULL; dns_rdatasetiter_t *rdsiter = NULL; dns_rdatatype_t type, covers; bool done = false; isc_result_t result; uint32_t nsttl = 0; - dns_rdataset_init(&rdataset); - name = dns_fixedname_initname(&fname); - nextname = dns_fixedname_initname(&fnextname); - zonecut = NULL; - /* * Remove any NSEC3 chains. */ result = dns_db_createiterator(gdb, DNS_DB_NSEC3ONLY, &dbiter); check_result(result, "dns_db_createiterator()"); - for (result = dns_dbiterator_first(dbiter); result == ISC_R_SUCCESS; - result = dns_dbiterator_next(dbiter)) - { + DNS_DBITERATOR_FOREACH (dbiter) { + dns_rdataset_t rdataset = DNS_RDATASET_INIT; result = dns_dbiterator_current(dbiter, &node, name); check_dns_dbiterator_current(result); result = dns_db_allrdatasets(gdb, node, gversion, 0, 0, &rdsiter); check_result(result, "dns_db_allrdatasets()"); - for (result = dns_rdatasetiter_first(rdsiter); - result == ISC_R_SUCCESS; - result = dns_rdatasetiter_next(rdsiter)) - { + DNS_RDATASETITER_FOREACH (rdsiter) { dns_rdatasetiter_current(rdsiter, &rdataset); type = rdataset.type; covers = rdataset.covers; @@ -2060,7 +2008,6 @@ nsec3clean(dns_name_t *name, dns_dbnode_t *node, unsigned int hashalg, hashlist_t *hashlist) { dns_label_t label; dns_rdata_nsec3_t nsec3; - dns_rdata_t rdata, delrdata; dns_rdatalist_t rdatalist; dns_rdataset_t rdataset, delrdataset; bool delete_rrsigs = false; @@ -2109,10 +2056,10 @@ nsec3clean(dns_name_t *name, dns_dbnode_t *node, unsigned int hashalg, * Delete any NSEC3 records which are not part of the current * NSEC3 chain. */ - for (result = dns_rdataset_first(&rdataset); result == ISC_R_SUCCESS; - result = dns_rdataset_next(&rdataset)) - { - dns_rdata_init(&rdata); + DNS_RDATASET_FOREACH (&rdataset) { + dns_rdata_t rdata = DNS_RDATA_INIT; + dns_rdata_t delrdata = DNS_RDATA_INIT; + dns_rdataset_current(&rdataset, &rdata); result = dns_rdata_tostruct(&rdata, &nsec3, NULL); check_result(result, "dns_rdata_tostruct"); @@ -2129,7 +2076,7 @@ nsec3clean(dns_name_t *name, dns_dbnode_t *node, unsigned int hashalg, if (set_maxttl) { rdatalist.ttl = ISC_MIN(rdataset.ttl, maxttl); } - dns_rdata_init(&delrdata); + dns_rdata_clone(&rdata, &delrdata); ISC_LIST_APPEND(rdatalist.rdata, &delrdata, link); dns_rdatalist_tordataset(&rdatalist, &delrdataset); @@ -2142,9 +2089,6 @@ nsec3clean(dns_name_t *name, dns_dbnode_t *node, unsigned int hashalg, delete_rrsigs = true; } dns_rdataset_disassociate(&rdataset); - if (result != ISC_R_NOMORE) { - check_result(result, "dns_rdataset_first/next"); - } if (!delete_rrsigs) { return; @@ -2162,7 +2106,6 @@ nsec3clean(dns_name_t *name, dns_dbnode_t *node, unsigned int hashalg, static void rrset_cleanup(dns_name_t *name, dns_rdataset_t *rdataset, dns_diff_t *add, dns_diff_t *del) { - isc_result_t result; unsigned int count1 = 0; dns_rdataset_t tmprdataset; char namestr[DNS_NAME_FORMATSIZE]; @@ -2172,19 +2115,14 @@ rrset_cleanup(dns_name_t *name, dns_rdataset_t *rdataset, dns_diff_t *add, dns_rdatatype_format(rdataset->type, typestr, sizeof(typestr)); dns_rdataset_init(&tmprdataset); - for (result = dns_rdataset_first(rdataset); result == ISC_R_SUCCESS; - result = dns_rdataset_next(rdataset)) - { + DNS_RDATASET_FOREACH (rdataset) { dns_rdata_t rdata1 = DNS_RDATA_INIT; unsigned int count2 = 0; count1++; dns_rdataset_current(rdataset, &rdata1); dns_rdataset_clone(rdataset, &tmprdataset); - for (result = dns_rdataset_first(&tmprdataset); - result == ISC_R_SUCCESS; - result = dns_rdataset_next(&tmprdataset)) - { + DNS_RDATASET_FOREACH (&tmprdataset) { dns_rdata_t rdata2 = DNS_RDATA_INIT; dns_difftuple_t *tuple = NULL; count2++; @@ -2226,43 +2164,30 @@ cleanup_zone(void) { dns_rdatasetiter_t *rdsiter = NULL; dns_diff_t add, del; dns_dbnode_t *node = NULL; - dns_rdataset_t rdataset; dns_fixedname_t fname; - dns_name_t *name; + dns_name_t *name = dns_fixedname_initname(&fname); dns_diff_init(mctx, &add); dns_diff_init(mctx, &del); - name = dns_fixedname_initname(&fname); - dns_rdataset_init(&rdataset); result = dns_db_createiterator(gdb, 0, &dbiter); check_result(result, "dns_db_createiterator()"); - for (result = dns_dbiterator_first(dbiter); result == ISC_R_SUCCESS; - result = dns_dbiterator_next(dbiter)) - { + DNS_DBITERATOR_FOREACH (dbiter) { + dns_rdataset_t rdataset = DNS_RDATASET_INIT; result = dns_dbiterator_current(dbiter, &node, name); check_dns_dbiterator_current(result); result = dns_db_allrdatasets(gdb, node, gversion, 0, 0, &rdsiter); check_result(result, "dns_db_allrdatasets()"); - for (result = dns_rdatasetiter_first(rdsiter); - result == ISC_R_SUCCESS; - result = dns_rdatasetiter_next(rdsiter)) - { + DNS_RDATASETITER_FOREACH (rdsiter) { dns_rdatasetiter_current(rdsiter, &rdataset); rrset_cleanup(name, &rdataset, &add, &del); dns_rdataset_disassociate(&rdataset); } - if (result != ISC_R_NOMORE) { - fatal("rdatasets iteration failed."); - } dns_rdatasetiter_destroy(&rdsiter); dns_db_detachnode(gdb, &node); } - if (result != ISC_R_NOMORE) { - fatal("zone iteration failed."); - } result = dns_diff_applysilently(&del, gdb, gversion); check_result(result, "dns_diff_applysilently"); @@ -2437,9 +2362,7 @@ nsec3ify(unsigned int hashalg, dns_iterations_t iterations, result = dns_db_createiterator(gdb, DNS_DB_NSEC3ONLY, &dbiter); check_result(result, "dns_db_createiterator()"); - for (result = dns_dbiterator_first(dbiter); result == ISC_R_SUCCESS; - result = dns_dbiterator_next(dbiter)) - { + DNS_DBITERATOR_FOREACH (dbiter) { result = dns_dbiterator_current(dbiter, &node, name); check_dns_dbiterator_current(result); nsec3clean(name, node, hashalg, iterations, salt, salt_len, @@ -2895,7 +2818,6 @@ warnifallksk(dns_db_t *db) { dns_dbversion_t *currentversion = NULL; dns_dbnode_t *node = NULL; dns_rdataset_t rdataset; - dns_rdata_t rdata = DNS_RDATA_INIT; isc_result_t result; dns_rdata_dnskey_t dnskey; bool have_non_ksk = false; @@ -2916,18 +2838,19 @@ warnifallksk(dns_db_t *db) { fatal("failed to find keys at the zone apex: %s", isc_result_totext(result)); } + result = dns_rdataset_first(&rdataset); check_result(result, "dns_rdataset_first"); - while (result == ISC_R_SUCCESS) { - dns_rdata_reset(&rdata); + + DNS_RDATASET_FOREACH (&rdataset) { + dns_rdata_t rdata = DNS_RDATA_INIT; dns_rdataset_current(&rdataset, &rdata); + result = dns_rdata_tostruct(&rdata, &dnskey, NULL); check_result(result, "dns_rdata_tostruct"); if ((dnskey.flags & DNS_KEYFLAG_KSK) == 0) { have_non_ksk = true; - result = ISC_R_NOMORE; - } else { - result = dns_rdataset_next(&rdataset); + break; } dns_rdata_freestruct(&dnskey); } diff --git a/bin/dnssec/dnssectool.c b/bin/dnssec/dnssectool.c index 7864fc05db..e766aae0e7 100644 --- a/bin/dnssec/dnssectool.c +++ b/bin/dnssec/dnssectool.c @@ -591,7 +591,6 @@ void kasp_from_conf(cfg_obj_t *config, isc_mem_t *mctx, const char *name, const char *keydir, dns_kasp_t **kaspp) { isc_result_t result = ISC_R_NOTFOUND; - const cfg_listelt_t *element = NULL; const cfg_obj_t *kasps = NULL; dns_kasplist_t kasplist; const cfg_obj_t *keystores = NULL; @@ -602,9 +601,7 @@ kasp_from_conf(cfg_obj_t *config, isc_mem_t *mctx, const char *name, ISC_LIST_INIT(kslist); (void)cfg_map_get(config, "key-store", &keystores); - for (element = cfg_list_first(keystores); element != NULL; - element = cfg_list_next(element)) - { + CFG_LIST_FOREACH (keystores, element) { cfg_obj_t *kconfig = cfg_listelt_value(element); result = cfg_keystore_fromconfig(kconfig, mctx, &kslist, NULL); if (result != ISC_R_SUCCESS) { @@ -623,9 +620,7 @@ kasp_from_conf(cfg_obj_t *config, isc_mem_t *mctx, const char *name, dns_keystore_detach(&keystore); (void)cfg_map_get(config, "dnssec-policy", &kasps); - for (element = cfg_list_first(kasps); element != NULL; - element = cfg_list_next(element)) - { + CFG_LIST_FOREACH (kasps, element) { dns_kasp_t *kasp = NULL; cfg_obj_t *kconfig = cfg_listelt_value(element); diff --git a/bin/named/config.c b/bin/named/config.c index 7bbf429456..e23f95111f 100644 --- a/bin/named/config.c +++ b/bin/named/config.c @@ -390,10 +390,9 @@ named_config_get(cfg_obj_t const *const *maps, const char *name, isc_result_t named_checknames_get(const cfg_obj_t **maps, const char *const names[], const cfg_obj_t **obj) { - const cfg_listelt_t *element; - const cfg_obj_t *checknames; - const cfg_obj_t *type; - const cfg_obj_t *value; + const cfg_obj_t *checknames = NULL; + const cfg_obj_t *type = NULL; + const cfg_obj_t *value = NULL; int i; REQUIRE(maps != NULL); @@ -412,9 +411,7 @@ named_checknames_get(const cfg_obj_t **maps, const char *const names[], *obj = checknames; return ISC_R_SUCCESS; } - for (element = cfg_list_first(checknames); - element != NULL; element = cfg_list_next(element)) - { + CFG_LIST_FOREACH (checknames, element) { value = cfg_listelt_value(element); type = cfg_tuple_get(value, "type"); @@ -435,10 +432,9 @@ named_checknames_get(const cfg_obj_t **maps, const char *const names[], int named_config_listcount(const cfg_obj_t *list) { - const cfg_listelt_t *e; int i = 0; - for (e = cfg_list_first(list); e != NULL; e = cfg_list_next(e)) { + CFG_LIST_FOREACH (list, e) { i++; } @@ -516,7 +512,6 @@ named_config_getremotesdef(const cfg_obj_t *cctx, const char *list, const char *name, const cfg_obj_t **ret) { isc_result_t result; const cfg_obj_t *obj = NULL; - const cfg_listelt_t *elt; REQUIRE(cctx != NULL); REQUIRE(name != NULL); @@ -526,8 +521,7 @@ named_config_getremotesdef(const cfg_obj_t *cctx, const char *list, if (result != ISC_R_SUCCESS) { return result; } - elt = cfg_list_first(obj); - while (elt != NULL) { + CFG_LIST_FOREACH (obj, elt) { obj = cfg_listelt_value(elt); if (strcasecmp(cfg_obj_asstring(cfg_tuple_get(obj, "name")), name) == 0) @@ -535,8 +529,8 @@ named_config_getremotesdef(const cfg_obj_t *cctx, const char *list, *ret = obj; return ISC_R_SUCCESS; } - elt = cfg_list_next(elt); } + return ISC_R_NOTFOUND; } diff --git a/bin/named/controlconf.c b/bin/named/controlconf.c index e1460b1a26..7fae6c8f51 100644 --- a/bin/named/controlconf.c +++ b/bin/named/controlconf.c @@ -676,39 +676,30 @@ named_controls_shutdown(named_controls_t *controls) { static isc_result_t cfgkeylist_find(const cfg_obj_t *keylist, const char *keyname, const cfg_obj_t **objp) { - const cfg_listelt_t *element = NULL; const char *str = NULL; const cfg_obj_t *obj = NULL; - for (element = cfg_list_first(keylist); element != NULL; - element = cfg_list_next(element)) - { + CFG_LIST_FOREACH (keylist, element) { obj = cfg_listelt_value(element); str = cfg_obj_asstring(cfg_map_getname(obj)); if (strcasecmp(str, keyname) == 0) { - break; + *objp = obj; + return ISC_R_SUCCESS; } } - if (element == NULL) { - return ISC_R_NOTFOUND; - } - obj = cfg_listelt_value(element); - *objp = obj; - return ISC_R_SUCCESS; + + return ISC_R_NOTFOUND; } static void controlkeylist_fromcfg(const cfg_obj_t *keylist, isc_mem_t *mctx, controlkeylist_t *keyids) { - const cfg_listelt_t *element = NULL; char *newstr = NULL; const char *str = NULL; const cfg_obj_t *obj = NULL; controlkey_t *key = NULL; - for (element = cfg_list_first(keylist); element != NULL; - element = cfg_list_next(element)) - { + CFG_LIST_FOREACH (keylist, element) { obj = cfg_listelt_value(element); str = cfg_obj_asstring(obj); newstr = isc_mem_strdup(mctx, str); @@ -1147,7 +1138,6 @@ named_controls_configure(named_controls_t *cp, const cfg_obj_t *config, controllistener_t *listener = NULL; controllistenerlist_t new_listeners; const cfg_obj_t *controlslist = NULL; - const cfg_listelt_t *element, *element2; char socktext[ISC_SOCKADDR_FORMATSIZE]; ISC_LIST_INIT(new_listeners); @@ -1166,9 +1156,7 @@ named_controls_configure(named_controls_t *cp, const cfg_obj_t *config, * address-in-use error. */ if (controlslist != NULL) { - for (element = cfg_list_first(controlslist); element != NULL; - element = cfg_list_next(element)) - { + CFG_LIST_FOREACH (controlslist, element) { const cfg_obj_t *controls = NULL; const cfg_obj_t *inetcontrols = NULL; const cfg_obj_t *unixcontrols = NULL; @@ -1188,10 +1176,7 @@ named_controls_configure(named_controls_t *cp, const cfg_obj_t *config, continue; } - for (element2 = cfg_list_first(inetcontrols); - element2 != NULL; - element2 = cfg_list_next(element2)) - { + CFG_LIST_FOREACH (inetcontrols, element2) { const cfg_obj_t *control = NULL; const cfg_obj_t *obj = NULL; isc_sockaddr_t addr; diff --git a/bin/named/logconf.c b/bin/named/logconf.c index 64d0d0eba8..f9311c7cef 100644 --- a/bin/named/logconf.c +++ b/bin/named/logconf.c @@ -45,7 +45,6 @@ category_fromconf(const cfg_obj_t *ccat, isc_logconfig_t *logconfig) { const char *catname; isc_logcategory_t category; const cfg_obj_t *destinations = NULL; - const cfg_listelt_t *element = NULL; catname = cfg_obj_asstring(cfg_tuple_get(ccat, "name")); category = isc_log_categorybyname(catname); @@ -63,9 +62,7 @@ category_fromconf(const cfg_obj_t *ccat, isc_logconfig_t *logconfig) { } destinations = cfg_tuple_get(ccat, "destinations"); - for (element = cfg_list_first(destinations); element != NULL; - element = cfg_list_next(element)) - { + CFG_LIST_FOREACH (destinations, element) { const cfg_obj_t *channel = cfg_listelt_value(element); const char *channelname = cfg_obj_asstring(channel); @@ -316,10 +313,9 @@ named_logconfig(isc_logconfig_t *logconfig, const cfg_obj_t *logstmt) { isc_result_t result; const cfg_obj_t *channels = NULL; const cfg_obj_t *categories = NULL; - const cfg_listelt_t *element; bool default_set = false; bool unmatched_set = false; - const cfg_obj_t *catname; + const cfg_obj_t *catname = NULL; if (logconfig != NULL) { named_log_setdefaultchannels(logconfig); @@ -327,17 +323,13 @@ named_logconfig(isc_logconfig_t *logconfig, const cfg_obj_t *logstmt) { } (void)cfg_map_get(logstmt, "channel", &channels); - for (element = cfg_list_first(channels); element != NULL; - element = cfg_list_next(element)) - { + CFG_LIST_FOREACH (channels, element) { const cfg_obj_t *channel = cfg_listelt_value(element); CHECK(channel_fromconf(channel, logconfig)); } (void)cfg_map_get(logstmt, "category", &categories); - for (element = cfg_list_first(categories); element != NULL; - element = cfg_list_next(element)) - { + CFG_LIST_FOREACH (categories, element) { const cfg_obj_t *category = cfg_listelt_value(element); CHECK(category_fromconf(category, logconfig)); if (!default_set) { diff --git a/bin/named/server.c b/bin/named/server.c index a943a69a2a..756ea9a0c6 100644 --- a/bin/named/server.c +++ b/bin/named/server.c @@ -613,7 +613,6 @@ configure_view_nametable(const cfg_obj_t *vconfig, const cfg_obj_t *config, isc_result_t result = ISC_R_SUCCESS; const cfg_obj_t *maps[3]; const cfg_obj_t *obj = NULL; - const cfg_listelt_t *element = NULL; int i = 0; dns_fixedname_t fixed; dns_name_t *name = NULL; @@ -654,9 +653,7 @@ configure_view_nametable(const cfg_obj_t *vconfig, const cfg_obj_t *config, } name = dns_fixedname_initname(&fixed); - for (element = cfg_list_first(obj); element != NULL; - element = cfg_list_next(element)) - { + CFG_LIST_FOREACH (obj, element) { nameobj = cfg_listelt_value(element); str = cfg_obj_asstring(nameobj); isc_buffer_constinit(&b, str, strlen(str)); @@ -984,20 +981,16 @@ done: static isc_result_t load_view_keys(const cfg_obj_t *keys, dns_view_t *view, bool managed, const dns_name_t *keyname) { - const cfg_listelt_t *elt, *elt2; - const cfg_obj_t *keylist; isc_result_t result; + const cfg_obj_t *keylist = NULL; dns_keytable_t *secroots = NULL; CHECK(dns_view_getsecroots(view, &secroots)); - for (elt = cfg_list_first(keys); elt != NULL; elt = cfg_list_next(elt)) - { + CFG_LIST_FOREACH (keys, elt) { keylist = cfg_listelt_value(elt); - for (elt2 = cfg_list_first(keylist); elt2 != NULL; - elt2 = cfg_list_next(elt2)) - { + CFG_LIST_FOREACH (keylist, elt2) { CHECK(process_key(cfg_listelt_value(elt2), secroots, keyname, view, managed)); } @@ -1584,11 +1577,10 @@ configure_dyndb(const cfg_obj_t *dyndb, isc_mem_t *mctx, static isc_result_t disable_algorithms(const cfg_obj_t *disabled, dns_resolver_t *resolver) { isc_result_t result; - const cfg_obj_t *algorithms; - const cfg_listelt_t *element; - const char *str; + const cfg_obj_t *algorithms = NULL; + const char *str = NULL; dns_fixedname_t fixed; - dns_name_t *name; + dns_name_t *name = NULL; isc_buffer_t b; name = dns_fixedname_initname(&fixed); @@ -1598,9 +1590,7 @@ disable_algorithms(const cfg_obj_t *disabled, dns_resolver_t *resolver) { CHECK(dns_name_fromtext(name, &b, dns_rootname, 0)); algorithms = cfg_tuple_get(disabled, "algorithms"); - for (element = cfg_list_first(algorithms); element != NULL; - element = cfg_list_next(element)) - { + CFG_LIST_FOREACH (algorithms, element) { isc_textregion_t r; dns_secalg_t alg; @@ -1627,11 +1617,10 @@ cleanup: static isc_result_t disable_ds_digests(const cfg_obj_t *disabled, dns_resolver_t *resolver) { isc_result_t result; - const cfg_obj_t *digests; - const cfg_listelt_t *element; - const char *str; + const cfg_obj_t *digests = NULL; + const char *str = NULL; dns_fixedname_t fixed; - dns_name_t *name; + dns_name_t *name = NULL; isc_buffer_t b; name = dns_fixedname_initname(&fixed); @@ -1641,9 +1630,7 @@ disable_ds_digests(const cfg_obj_t *disabled, dns_resolver_t *resolver) { CHECK(dns_name_fromtext(name, &b, dns_rootname, 0)); digests = cfg_tuple_get(disabled, "digests"); - for (element = cfg_list_first(digests); element != NULL; - element = cfg_list_next(element)) - { + CFG_LIST_FOREACH (digests, element) { isc_textregion_t r; dns_dsdigest_t digest; @@ -1665,19 +1652,16 @@ cleanup: static bool on_disable_list(const cfg_obj_t *disablelist, dns_name_t *zonename) { - const cfg_listelt_t *element; dns_fixedname_t fixed; - dns_name_t *name; + dns_name_t *name = NULL; isc_result_t result; - const cfg_obj_t *value; - const char *str; + const cfg_obj_t *value = NULL; + const char *str = NULL; isc_buffer_t b; name = dns_fixedname_initname(&fixed); - for (element = cfg_list_first(disablelist); element != NULL; - element = cfg_list_next(element)) - { + CFG_LIST_FOREACH (disablelist, element) { value = cfg_listelt_value(element); str = cfg_obj_asstring(value); isc_buffer_constinit(&b, str, strlen(str)); @@ -2105,24 +2089,23 @@ configure_rpz_zone(dns_view_t *view, const cfg_listelt_t *element, static isc_result_t configure_rpz(dns_view_t *view, dns_view_t *pview, const cfg_obj_t *rpz_obj, bool *old_rpz_okp) { - const cfg_listelt_t *zone_element; - const cfg_obj_t *sub_obj; + const cfg_obj_t *zonelist = NULL; + const cfg_obj_t *sub_obj = NULL; bool recursive_only_default, add_soa_default; bool nsip_enabled, nsdname_enabled; dns_rpz_zbits_t nsip_on, nsdname_on; dns_ttl_t ttl_default; uint32_t minupdateinterval_default; - dns_rpz_zones_t *zones; - const dns_rpz_zones_t *old; + dns_rpz_zones_t *zones = NULL; + const dns_rpz_zones_t *old = NULL; bool pview_must_detach = false; - const dns_rpz_zone_t *old_zone; + const dns_rpz_zone_t *old_zone = NULL; isc_result_t result; - int i; *old_rpz_okp = false; - zone_element = cfg_list_first(cfg_tuple_get(rpz_obj, "zone list")); - if (zone_element == NULL) { + zonelist = cfg_tuple_get(rpz_obj, "zone list"); + if (cfg_list_length(zonelist, false) == 0) { return ISC_R_SUCCESS; } @@ -2232,9 +2215,8 @@ configure_rpz(dns_view_t *view, dns_view_t *pview, const cfg_obj_t *rpz_obj, *old_rpz_okp = true; } - for (i = 0; zone_element != NULL; - ++i, zone_element = cfg_list_next(zone_element)) - { + int i = 0; + CFG_LIST_FOREACH (zonelist, zone_element) { INSIST(!*old_rpz_okp || old != NULL); if (*old_rpz_okp && i < old->p.num_zones) { old_zone = old->zones[i]; @@ -2242,6 +2224,7 @@ configure_rpz(dns_view_t *view, dns_view_t *pview, const cfg_obj_t *rpz_obj, *old_rpz_okp = false; old_zone = NULL; } + i++; result = configure_rpz_zone( view, zone_element, recursive_only_default, add_soa_default, ttl_default, minupdateinterval_default, @@ -2833,7 +2816,7 @@ static dns_catz_zonemodmethods_t ns_catz_zonemodmethods = { static isc_result_t configure_catz(dns_view_t *view, dns_view_t *pview, const cfg_obj_t *config, const cfg_obj_t *catz_obj) { - const cfg_listelt_t *zone_element = NULL; + const cfg_obj_t *zones = NULL; const dns_catz_zones_t *old = NULL; bool pview_must_detach = false; isc_result_t result; @@ -2841,8 +2824,8 @@ configure_catz(dns_view_t *view, dns_view_t *pview, const cfg_obj_t *config, /* xxxwpk TODO do it cleaner, once, somewhere */ ns_catz_cbdata.server = named_g_server; - zone_element = cfg_list_first(cfg_tuple_get(catz_obj, "zone list")); - if (zone_element == NULL) { + zones = cfg_tuple_get(catz_obj, "zone list"); + if (cfg_list_length(zones, false) == 0) { return ISC_R_SUCCESS; } @@ -2866,9 +2849,8 @@ configure_catz(dns_view_t *view, dns_view_t *pview, const cfg_obj_t *config, &ns_catz_zonemodmethods); } - while (zone_element != NULL) { + CFG_LIST_FOREACH (zones, zone_element) { CHECK(configure_catz_zone(view, pview, config, zone_element)); - zone_element = cfg_list_next(zone_element); } if (old != NULL) { @@ -3118,22 +3100,21 @@ create_empty_zone(dns_zone_t *pzone, dns_name_t *name, dns_view_t *view, const cfg_obj_t *zonelist, const char **empty_dbtype, int empty_dbtypec, dns_zonestat_level_t statlevel) { char namebuf[DNS_NAME_FORMATSIZE]; - const cfg_listelt_t *element; - const cfg_obj_t *obj; - const cfg_obj_t *zconfig; - const cfg_obj_t *zoptions; + const cfg_obj_t *obj = NULL; + const cfg_obj_t *zconfig = NULL; + const cfg_obj_t *zoptions = NULL; const char *default_dbtype[4] = { ZONEDB_DEFAULT }; const char *sep = ": view "; - const char *str; + const char *str = NULL; const char *viewname = view->name; dns_db_t *db = NULL; dns_dbversion_t *version = NULL; dns_fixedname_t cfixed; dns_fixedname_t fixed; dns_fixedname_t nsfixed; - dns_name_t *contact; - dns_name_t *ns; - dns_name_t *zname; + dns_name_t *contact = NULL; + dns_name_t *ns = NULL; + dns_name_t *zname = NULL; dns_zone_t *zone = NULL; int default_dbtypec = 1; isc_result_t result; @@ -3149,9 +3130,7 @@ create_empty_zone(dns_zone_t *pzone, dns_name_t *name, dns_view_t *view, * Look for forward "zones" beneath this empty zone and if so * create a custom db for the empty zone. */ - for (element = cfg_list_first(zonelist); element != NULL; - element = cfg_list_next(element)) - { + CFG_LIST_FOREACH (zonelist, element) { zconfig = cfg_listelt_value(element); str = cfg_obj_asstring(cfg_tuple_get(zconfig, "name")); CHECK(dns_name_fromstring(zname, str, dns_rootname, 0, NULL)); @@ -3385,9 +3364,8 @@ cleanup: static isc_result_t configure_dnstap(const cfg_obj_t **maps, dns_view_t *view) { isc_result_t result; - const cfg_obj_t *obj, *obj2; - const cfg_listelt_t *element; - const char *dpath; + const cfg_obj_t *obj = NULL, *obj2 = NULL; + const char *dpath = NULL; const cfg_obj_t *dlist = NULL; dns_dtmsgtype_t dttypes = 0; unsigned int i; @@ -3398,10 +3376,8 @@ configure_dnstap(const cfg_obj_t **maps, dns_view_t *view) { return ISC_R_SUCCESS; } - for (element = cfg_list_first(dlist); element != NULL; - element = cfg_list_next(element)) - { - const char *str; + CFG_LIST_FOREACH (dlist, element) { + const char *str = NULL; dns_dtmsgtype_t dt = 0; obj = cfg_listelt_value(element); @@ -3726,20 +3702,19 @@ configure_view(dns_view_t *view, dns_viewlist_t *viewlist, cfg_obj_t *config, const cfg_obj_t *optionmaps[3]; const cfg_obj_t *options = NULL; const cfg_obj_t *voptions = NULL; - const cfg_obj_t *forwardtype; - const cfg_obj_t *forwarders; - const cfg_obj_t *alternates; - const cfg_obj_t *zonelist; - const cfg_obj_t *dlzlist; - const cfg_obj_t *dlz; - const cfg_obj_t *prefetch_trigger; - const cfg_obj_t *prefetch_eligible; + const cfg_obj_t *forwardtype = NULL; + const cfg_obj_t *forwarders = NULL; + const cfg_obj_t *alternates = NULL; + const cfg_obj_t *zonelist = NULL; + const cfg_obj_t *dlzlist = NULL; + const cfg_obj_t *dlz = NULL; + const cfg_obj_t *prefetch_trigger = NULL; + const cfg_obj_t *prefetch_eligible = NULL; unsigned int dlzargc; - char **dlzargv; - const cfg_obj_t *dyndb_list, *plugin_list; - const cfg_obj_t *disabled; - const cfg_obj_t *obj, *obj2; - const cfg_listelt_t *element = NULL; + char **dlzargv = NULL; + const cfg_obj_t *dyndb_list = NULL, *plugin_list = NULL; + const cfg_obj_t *disabled = NULL; + const cfg_obj_t *obj = NULL, *obj2 = NULL; const cfg_listelt_t *zone_element_latest = NULL; in_port_t port; dns_cache_t *cache = NULL; @@ -3759,7 +3734,7 @@ configure_view(dns_view_t *view, dns_viewlist_t *viewlist, cfg_obj_t *config, bool catz_configured = false; bool shared_cache = false; int i = 0, j = 0, k = 0; - const char *str; + const char *str = NULL; const char *cachename = NULL; dns_order_t *order = NULL; uint32_t udpsize; @@ -3860,9 +3835,7 @@ configure_view(dns_view_t *view, dns_viewlist_t *viewlist, cfg_obj_t *config, /* * Load zone configuration */ - for (element = cfg_list_first(zonelist); element != NULL; - element = cfg_list_next(element)) - { + CFG_LIST_FOREACH (zonelist, element) { const cfg_obj_t *zconfig = cfg_listelt_value(element); CHECK(configure_zone(config, zconfig, vconfig, view, viewlist, kasplist, keystores, actx, false, @@ -3913,9 +3886,7 @@ configure_view(dns_view_t *view, dns_viewlist_t *viewlist, cfg_obj_t *config, (void)cfg_map_get(config, "dlz", &dlzlist); } - for (element = cfg_list_first(dlzlist); element != NULL; - element = cfg_list_next(element)) - { + CFG_LIST_FOREACH (dlzlist, element) { dlz = cfg_listelt_value(element); obj = NULL; @@ -4085,9 +4056,7 @@ configure_view(dns_view_t *view, dns_viewlist_t *viewlist, cfg_obj_t *config, contact = NULL; } - for (element = cfg_list_first(obj); element != NULL; - element = cfg_list_next(element)) - { + CFG_LIST_FOREACH (obj, element) { const cfg_obj_t *map = cfg_listelt_value(element); dns_dns64_t *dns64 = NULL; unsigned int dns64options = 0; @@ -4608,9 +4577,7 @@ configure_view(dns_view_t *view, dns_viewlist_t *viewlist, cfg_obj_t *config, disabled = NULL; (void)named_config_get(maps, "disable-algorithms", &disabled); if (disabled != NULL) { - for (element = cfg_list_first(disabled); element != NULL; - element = cfg_list_next(element)) - { + CFG_LIST_FOREACH (disabled, element) { CHECK(disable_algorithms(cfg_listelt_value(element), view->resolver)); } @@ -4622,9 +4589,7 @@ configure_view(dns_view_t *view, dns_viewlist_t *viewlist, cfg_obj_t *config, disabled = NULL; (void)named_config_get(maps, "disable-ds-digests", &disabled); if (disabled != NULL) { - for (element = cfg_list_first(disabled); element != NULL; - element = cfg_list_next(element)) - { + CFG_LIST_FOREACH (disabled, element) { CHECK(disable_ds_digests(cfg_listelt_value(element), view->resolver)); } @@ -4751,9 +4716,7 @@ configure_view(dns_view_t *view, dns_viewlist_t *viewlist, cfg_obj_t *config, (void)named_config_get(cfgmaps, "server", &peers); dns_peerlist_new(mctx, &newpeers); - for (element = cfg_list_first(peers); element != NULL; - element = cfg_list_next(element)) - { + CFG_LIST_FOREACH (peers, element) { const cfg_obj_t *cpeer = cfg_listelt_value(element); dns_peer_t *peer; @@ -4773,9 +4736,7 @@ configure_view(dns_view_t *view, dns_viewlist_t *viewlist, cfg_obj_t *config, (void)named_config_get(maps, "rrset-order", &rrsetorder); dns_order_create(mctx, &order); - for (element = cfg_list_first(rrsetorder); element != NULL; - element = cfg_list_next(element)) - { + CFG_LIST_FOREACH (rrsetorder, element) { const cfg_obj_t *ent = cfg_listelt_value(element); CHECK(configure_order(order, ent)); @@ -5327,9 +5288,7 @@ configure_view(dns_view_t *view, dns_viewlist_t *viewlist, cfg_obj_t *config, (void)cfg_map_get(config, "dyndb", &dyndb_list); } - for (element = cfg_list_first(dyndb_list); element != NULL; - element = cfg_list_next(element)) - { + CFG_LIST_FOREACH (dyndb_list, element) { const cfg_obj_t *dyndb = cfg_listelt_value(element); if (dctx == NULL) { @@ -5658,9 +5617,7 @@ configure_view(dns_view_t *view, dns_viewlist_t *viewlist, cfg_obj_t *config, result = dns_view_getntatable(view, &ntatable); } if (result == ISC_R_SUCCESS) { - for (element = cfg_list_first(obj); element != NULL; - element = cfg_list_next(element)) - { + CFG_LIST_FOREACH (obj, element) { dns_fixedname_t fntaname; dns_name_t *ntaname; @@ -5754,9 +5711,7 @@ cleanup: } if (zone_element_latest != NULL) { - for (element = cfg_list_first(zonelist); - element != NULL; element = cfg_list_next(element)) - { + CFG_LIST_FOREACH (zonelist, element) { const cfg_obj_t *zconfig = cfg_listelt_value(element); configure_zone_setviewcommit(result, zconfig, @@ -5833,10 +5788,9 @@ configure_hints(dns_view_t *view, const char *filename) { static isc_result_t configure_alternates(const cfg_obj_t *config, dns_view_t *view, const cfg_obj_t *alternates) { - const cfg_obj_t *portobj; - const cfg_obj_t *addresses; - const cfg_listelt_t *element; isc_result_t result = ISC_R_SUCCESS; + const cfg_obj_t *portobj = NULL; + const cfg_obj_t *addresses = NULL; in_port_t port; /* @@ -5862,9 +5816,7 @@ configure_alternates(const cfg_obj_t *config, dns_view_t *view, addresses = cfg_tuple_get(alternates, "addresses"); } - for (element = cfg_list_first(addresses); element != NULL; - element = cfg_list_next(element)) - { + CFG_LIST_FOREACH (addresses, element) { const cfg_obj_t *alternate = cfg_listelt_value(element); isc_sockaddr_t sa; @@ -5949,7 +5901,6 @@ configure_forward(const cfg_obj_t *config, dns_view_t *view, const cfg_obj_t *portobj = NULL; const cfg_obj_t *tlspobj = NULL; const cfg_obj_t *faddresses = NULL; - const cfg_listelt_t *element = NULL; dns_fwdpolicy_t fwdpolicy = dns_fwdpolicy_none; dns_forwarderlist_t fwdlist; isc_result_t result; @@ -6000,9 +5951,7 @@ configure_forward(const cfg_obj_t *config, dns_view_t *view, faddresses = cfg_tuple_get(forwarders, "addresses"); } - for (element = cfg_list_first(faddresses); element != NULL; - element = cfg_list_next(element)) - { + CFG_LIST_FOREACH (faddresses, element) { const cfg_obj_t *forwarder = cfg_listelt_value(element); const char *cur_tls = NULL; @@ -6852,10 +6801,7 @@ get_tat_qname(dns_name_t *target, dns_name_t *keyname, dns_keynode_t *keynode) { if (dns_keynode_dsset(keynode, &dsset)) { isc_result_t result; - for (result = dns_rdataset_first(&dsset); - result == ISC_R_SUCCESS; - result = dns_rdataset_next(&dsset)) - { + DNS_RDATASET_FOREACH (&dsset) { dns_rdata_t rdata = DNS_RDATA_INIT; dns_rdata_ds_t ds; @@ -7494,9 +7440,8 @@ static isc_result_t configure_newzones(dns_view_t *view, cfg_obj_t *config, cfg_obj_t *vconfig, cfg_aclconfctx_t *actx) { isc_result_t result; - ns_cfgctx_t *nzctx; - const cfg_obj_t *zonelist; - const cfg_listelt_t *element; + ns_cfgctx_t *nzctx = NULL; + const cfg_obj_t *zonelist = NULL; nzctx = view->new_zone_config; if (nzctx == NULL || nzctx->nzf_config == NULL) { @@ -7510,9 +7455,7 @@ configure_newzones(dns_view_t *view, cfg_obj_t *config, cfg_obj_t *vconfig, zonelist = NULL; cfg_map_get(nzctx->nzf_config, "zone", &zonelist); - for (element = cfg_list_first(zonelist); element != NULL; - element = cfg_list_next(element)) - { + CFG_LIST_FOREACH (zonelist, element) { const cfg_obj_t *zconfig = cfg_listelt_value(element); CHECK(configure_zone(config, zconfig, vconfig, view, &named_g_server->viewlist, @@ -7524,9 +7467,7 @@ configure_newzones(dns_view_t *view, cfg_obj_t *config, cfg_obj_t *vconfig, result = ISC_R_SUCCESS; cleanup: - for (element = cfg_list_first(zonelist); element != NULL; - element = cfg_list_next(element)) - { + CFG_LIST_FOREACH (zonelist, element) { const cfg_obj_t *zconfig = cfg_listelt_value(element); configure_zone_setviewcommit(result, zconfig, view); } @@ -7839,7 +7780,6 @@ load_configuration(const char *filename, named_server_t *server, bool first_time) { cfg_obj_t *config = NULL, *bindkeys = NULL; cfg_parser_t *conf_parser = NULL, *bindkeys_parser = NULL; - const cfg_listelt_t *element = NULL; const cfg_obj_t *builtin_views = NULL; const cfg_obj_t *maps[3]; const cfg_obj_t *obj = NULL; @@ -8585,9 +8525,7 @@ load_configuration(const char *filename, named_server_t *server, */ keystores = NULL; (void)cfg_map_get(config, "key-store", &keystores); - for (element = cfg_list_first(keystores); element != NULL; - element = cfg_list_next(element)) - { + CFG_LIST_FOREACH (keystores, element) { cfg_obj_t *kconfig = cfg_listelt_value(element); result = cfg_keystore_fromconfig(kconfig, named_g_mctx, @@ -8602,9 +8540,7 @@ load_configuration(const char *filename, named_server_t *server, */ kasps = NULL; (void)cfg_map_get(named_g_config, "dnssec-policy", &kasps); - for (element = cfg_list_first(kasps); element != NULL; - element = cfg_list_next(element)) - { + CFG_LIST_FOREACH (kasps, element) { cfg_obj_t *kconfig = cfg_listelt_value(element); dns_kasp_t *kasp = NULL; @@ -8632,9 +8568,7 @@ load_configuration(const char *filename, named_server_t *server, */ kasps = NULL; (void)cfg_map_get(config, "dnssec-policy", &kasps); - for (element = cfg_list_first(kasps); element != NULL; - element = cfg_list_next(element)) - { + CFG_LIST_FOREACH (kasps, element) { cfg_obj_t *kconfig = cfg_listelt_value(element); dns_kasp_t *kasp = NULL; @@ -8670,9 +8604,7 @@ load_configuration(const char *filename, named_server_t *server, /* * Create the views. */ - for (element = cfg_list_first(views); element != NULL; - element = cfg_list_next(element)) - { + CFG_LIST_FOREACH (views, element) { cfg_obj_t *vconfig = cfg_listelt_value(element); dns_view_t *view = NULL; @@ -8718,9 +8650,7 @@ load_configuration(const char *filename, named_server_t *server, * views that have zones were already created at parsing * time, but views with no zones must be created here. */ - for (element = cfg_list_first(views); element != NULL; - element = cfg_list_next(element)) - { + CFG_LIST_FOREACH (views, element) { cfg_obj_t *vconfig = cfg_listelt_value(element); dns_view_t *view = NULL; @@ -8772,9 +8702,7 @@ load_configuration(const char *filename, named_server_t *server, builtin_views = NULL; RUNTIME_CHECK(cfg_map_get(named_g_config, "view", &builtin_views) == ISC_R_SUCCESS); - for (element = cfg_list_first(builtin_views); element != NULL; - element = cfg_list_next(element)) - { + CFG_LIST_FOREACH (builtin_views, element) { cfg_obj_t *vconfig = cfg_listelt_value(element); dns_view_t *view = NULL; @@ -8987,10 +8915,7 @@ load_configuration(const char *filename, named_server_t *server, &categories); } if (categories != NULL) { - for (element = cfg_list_first(categories); - element != NULL; - element = cfg_list_next(element)) - { + CFG_LIST_FOREACH (categories, element) { const cfg_obj_t *catobj; const char *str; @@ -9120,9 +9045,7 @@ load_configuration(const char *filename, named_server_t *server, unsigned int usedlength; unsigned int expectedlength; - for (element = cfg_list_first(obj); element != NULL; - element = cfg_list_next(element)) - { + CFG_LIST_FOREACH (obj, element) { obj = cfg_listelt_value(element); str = cfg_obj_asstring(obj); @@ -10632,7 +10555,6 @@ listenlist_fromconfig(const cfg_obj_t *listenlist, const cfg_obj_t *config, isc_tlsctx_cache_t *tlsctx_cache, ns_listenlist_t **target) { isc_result_t result; - const cfg_listelt_t *element; ns_listenlist_t *dlist = NULL; REQUIRE(target != NULL && *target == NULL); @@ -10642,9 +10564,7 @@ listenlist_fromconfig(const cfg_obj_t *listenlist, const cfg_obj_t *config, return result; } - for (element = cfg_list_first(listenlist); element != NULL; - element = cfg_list_next(element)) - { + CFG_LIST_FOREACH (listenlist, element) { ns_listenelt_t *delt = NULL; const cfg_obj_t *listener = cfg_listelt_value(element); result = listenelt_fromconfig(listener, config, actx, mctx, @@ -10666,7 +10586,6 @@ static const cfg_obj_t * find_maplist(const cfg_obj_t *config, const char *listname, const char *name) { isc_result_t result; const cfg_obj_t *maplist = NULL; - const cfg_listelt_t *elt = NULL; REQUIRE(config != NULL); REQUIRE(name != NULL); @@ -10676,9 +10595,7 @@ find_maplist(const cfg_obj_t *config, const char *listname, const char *name) { return NULL; } - for (elt = cfg_list_first(maplist); elt != NULL; - elt = cfg_list_next(elt)) - { + CFG_LIST_FOREACH (maplist, elt) { const cfg_obj_t *map = cfg_listelt_value(elt); if (strcasecmp(cfg_obj_asstring(cfg_map_getname(map)), name) == 0) @@ -10766,11 +10683,8 @@ listenelt_fromconfig(const cfg_obj_t *listener, const cfg_obj_t *config, if (cfg_map_get(tlsmap, "protocols", &tls_proto_list) == ISC_R_SUCCESS) { - const cfg_listelt_t *proto = NULL; INSIST(tls_proto_list != NULL); - for (proto = cfg_list_first(tls_proto_list); - proto != 0; proto = cfg_list_next(proto)) - { + CFG_LIST_FOREACH (tls_proto_list, proto) { const cfg_obj_t *tls_proto_obj = cfg_listelt_value(proto); const char *tls_sver = @@ -10959,7 +10873,6 @@ listenelt_http(const cfg_obj_t *http, const uint16_t family, bool tls, ns_listenelt_t *delt = NULL; char **endpoints = NULL; const cfg_obj_t *eplist = NULL; - const cfg_listelt_t *elt = NULL; size_t len = 1, i = 0; uint32_t max_clients = named_g_http_listener_clients; uint32_t max_streams = named_g_http_streams_per_conn; @@ -11006,9 +10919,7 @@ listenelt_http(const cfg_obj_t *http, const uint16_t family, bool tls, endpoints = isc_mem_allocate(mctx, sizeof(endpoints[0]) * len); if (http != NULL && eplist != NULL) { - for (elt = cfg_list_first(eplist); elt != NULL; - elt = cfg_list_next(elt)) - { + CFG_LIST_FOREACH (eplist, elt) { const cfg_obj_t *ep = cfg_listelt_value(elt); const char *path = cfg_obj_asstring(ep); endpoints[i++] = isc_mem_strdup(mctx, path); @@ -12826,8 +12737,7 @@ load_nzf(dns_view_t *view, ns_cfgctx_t *nzcfg) { int status; isc_buffer_t *text = NULL; bool commit = false; - const cfg_obj_t *zonelist; - const cfg_listelt_t *element; + const cfg_obj_t *zonelist = NULL; char tempname[PATH_MAX]; MDB_txn *txn = NULL; MDB_dbi dbi; @@ -12876,9 +12786,7 @@ load_nzf(dns_view_t *view, ns_cfgctx_t *nzcfg) { isc_buffer_allocate(view->mctx, &text, 256); - for (element = cfg_list_first(zonelist); element != NULL; - element = cfg_list_next(element)) - { + CFG_LIST_FOREACH (zonelist, element) { const cfg_obj_t *zconfig; const cfg_obj_t *zoptions; char zname[DNS_NAME_FORMATSIZE]; @@ -13960,7 +13868,6 @@ find_name_in_list_from_map(const cfg_obj_t *config, const char *map_key_for_list, const char *name, bool redirect) { const cfg_obj_t *list = NULL; - const cfg_listelt_t *element; const cfg_obj_t *obj = NULL; dns_fixedname_t fixed1, fixed2; dns_name_t *name1 = NULL, *name2 = NULL; @@ -13975,10 +13882,8 @@ find_name_in_list_from_map(const cfg_obj_t *config, } cfg_map_get(config, map_key_for_list, &list); - for (element = cfg_list_first(list); element != NULL; - element = cfg_list_next(element)) - { - const char *vname; + CFG_LIST_FOREACH (list, element) { + const char *vname = NULL; obj = cfg_listelt_value(element); INSIST(obj != NULL); @@ -14329,10 +14234,7 @@ named_server_signing(named_server_t *server, isc_lex_t *lex, goto cleanup; } - for (result = dns_rdataset_first(&privset); - result == ISC_R_SUCCESS; - result = dns_rdataset_next(&privset)) - { + DNS_RDATASET_FOREACH (&privset) { dns_rdata_t priv = DNS_RDATA_INIT; /* * In theory, the output buffer could hold a full RDATA @@ -14355,10 +14257,6 @@ named_server_signing(named_server_t *server, isc_lex_t *lex, if (!first) { CHECK(putnull(text)); } - - if (result == ISC_R_NOMORE) { - result = ISC_R_SUCCESS; - } } else if (kasp) { (void)putstr(text, "zone uses dnssec-policy, use rndc dnssec " "command instead"); @@ -15438,7 +15336,6 @@ mkey_dumpzone(dns_view_t *view, isc_buffer_t **text) { char buf[DNS_NAME_FORMATSIZE + 500]; dns_name_t *name = NULL; dns_rdataset_t *kdset = NULL; - dns_rdata_t rdata = DNS_RDATA_INIT; dns_rdata_keydata_t kd; uint32_t ttl; @@ -15456,11 +15353,10 @@ mkey_dumpzone(dns_view_t *view, isc_buffer_t **text) { CHECK(putstr(text, buf)); } - for (result = dns_rdataset_first(kdset); - result == ISC_R_SUCCESS; result = dns_rdataset_next(kdset)) - { + DNS_RDATASET_FOREACH (kdset) { char alg[DNS_SECALG_FORMATSIZE]; char tbuf[ISC_FORMATHTTPTIMESTAMP_SIZE]; + dns_rdata_t rdata = DNS_RDATA_INIT; dns_keytag_t keyid; isc_region_t r; isc_time_t t; diff --git a/bin/named/statschannel.c b/bin/named/statschannel.c index 901f5a77c6..6edfcc6f56 100644 --- a/bin/named/statschannel.c +++ b/bin/named/statschannel.c @@ -3804,7 +3804,6 @@ named_statschannels_configure(named_server_t *server, const cfg_obj_t *config, cfg_aclconfctx_t *aclconfctx) { named_statschannellist_t new_listeners; const cfg_obj_t *statschannellist = NULL; - const cfg_listelt_t *element, *element2; char socktext[ISC_SOCKADDR_FORMATSIZE]; isc_once_do(&once, init_desc); @@ -3845,10 +3844,8 @@ named_statschannels_configure(named_server_t *server, const cfg_obj_t *config, #endif /* !HAVE_JSON_C */ #endif /* EXTENDED_STATS */ - for (element = cfg_list_first(statschannellist); - element != NULL; element = cfg_list_next(element)) - { - const cfg_obj_t *statschannel; + CFG_LIST_FOREACH (statschannellist, element) { + const cfg_obj_t *statschannel = NULL; const cfg_obj_t *listenercfg = NULL; statschannel = cfg_listelt_value(element); @@ -3857,10 +3854,7 @@ named_statschannels_configure(named_server_t *server, const cfg_obj_t *config, continue; } - for (element2 = cfg_list_first(listenercfg); - element2 != NULL; - element2 = cfg_list_next(element2)) - { + CFG_LIST_FOREACH (listenercfg, element2) { named_statschannel_t *listener = NULL; const cfg_obj_t *listen_params = NULL; const cfg_obj_t *obj = NULL; diff --git a/bin/named/transportconf.c b/bin/named/transportconf.c index 5b904761ec..81a8f4994b 100644 --- a/bin/named/transportconf.c +++ b/bin/named/transportconf.c @@ -55,11 +55,8 @@ if (obj != NULL) { \ { \ uint32_t tls_protos = 0; \ - const cfg_listelt_t *proto = NULL; \ INSIST(obj != NULL); \ - for (proto = cfg_list_first(obj); proto != 0; \ - proto = cfg_list_next(proto)) \ - { \ + CFG_LIST_FOREACH (obj, proto) { \ const cfg_obj_t *tls_proto_obj = \ cfg_listelt_value(proto); \ const char *tls_sver = \ @@ -96,9 +93,7 @@ add_doh_transports(const cfg_obj_t *transportlist, dns_transport_list_t *list) { const char *dohid = NULL; isc_result_t result; - for (const cfg_listelt_t *element = cfg_list_first(transportlist); - element != NULL; element = cfg_list_next(element)) - { + CFG_LIST_FOREACH (transportlist, element) { dns_name_t *dohname = NULL; dns_transport_t *transport = NULL; @@ -144,9 +139,7 @@ add_tls_transports(const cfg_obj_t *transportlist, dns_transport_list_t *list) { const char *tlsid = NULL; isc_result_t result; - for (const cfg_listelt_t *element = cfg_list_first(transportlist); - element != NULL; element = cfg_list_next(element)) - { + CFG_LIST_FOREACH (transportlist, element) { dns_name_t *tlsname = NULL; dns_transport_t *transport = NULL; diff --git a/bin/named/tsigconf.c b/bin/named/tsigconf.c index aa8be9dbae..564e1ca087 100644 --- a/bin/named/tsigconf.c +++ b/bin/named/tsigconf.c @@ -34,16 +34,13 @@ static isc_result_t add_initial_keys(const cfg_obj_t *list, dns_tsigkeyring_t *ring, isc_mem_t *mctx) { dns_tsigkey_t *tsigkey = NULL; - const cfg_listelt_t *element; const cfg_obj_t *key = NULL; const char *keyid = NULL; unsigned char *secret = NULL; int secretalloc = 0; isc_result_t ret; - for (element = cfg_list_first(list); element != NULL; - element = cfg_list_next(element)) - { + CFG_LIST_FOREACH (list, element) { const cfg_obj_t *algobj = NULL; const cfg_obj_t *secretobj = NULL; dns_fixedname_t fkey; diff --git a/bin/named/zoneconf.c b/bin/named/zoneconf.c index ca32fe1811..1b1c184259 100644 --- a/bin/named/zoneconf.c +++ b/bin/named/zoneconf.c @@ -191,7 +191,6 @@ static isc_result_t configure_zone_ssutable(const cfg_obj_t *zconfig, dns_zone_t *zone, const char *zname) { const cfg_obj_t *updatepolicy = NULL; - const cfg_listelt_t *element, *element2; dns_ssutable_t *table = NULL; isc_mem_t *mctx = dns_zone_getmctx(zone); bool autoddns = false; @@ -218,9 +217,7 @@ configure_zone_ssutable(const cfg_obj_t *zconfig, dns_zone_t *zone, dns_ssutable_create(mctx, &table); - for (element = cfg_list_first(updatepolicy); element != NULL; - element = cfg_list_next(element)) - { + CFG_LIST_FOREACH (updatepolicy, element) { const cfg_obj_t *stmt = cfg_listelt_value(element); const cfg_obj_t *mode = cfg_tuple_get(stmt, "mode"); const cfg_obj_t *identity = cfg_tuple_get(stmt, "identity"); @@ -303,9 +300,7 @@ configure_zone_ssutable(const cfg_obj_t *zconfig, dns_zone_t *zone, } i = 0; - for (element2 = cfg_list_first(typelist); element2 != NULL; - element2 = cfg_list_next(element2)) - { + CFG_LIST_FOREACH (typelist, element2) { const cfg_obj_t *typeobj; const char *bracket; isc_textregion_t r; @@ -411,15 +406,12 @@ configure_staticstub_serveraddrs(const cfg_obj_t *zconfig, dns_zone_t *zone, dns_rdatalist_t *rdatalist_ns, dns_rdatalist_t *rdatalist_a, dns_rdatalist_t *rdatalist_aaaa) { - const cfg_listelt_t *element; isc_mem_t *mctx = dns_zone_getmctx(zone); isc_region_t region, sregion; - dns_rdata_t *rdata; + dns_rdata_t *rdata = NULL; isc_result_t result = ISC_R_SUCCESS; - for (element = cfg_list_first(zconfig); element != NULL; - element = cfg_list_next(element)) - { + CFG_LIST_FOREACH (zconfig, element) { const isc_sockaddr_t *sa; isc_netaddr_t na; const cfg_obj_t *address = cfg_listelt_value(element); @@ -496,19 +488,16 @@ static isc_result_t configure_staticstub_servernames(const cfg_obj_t *zconfig, dns_zone_t *zone, dns_rdatalist_t *rdatalist, const char *zname) { - const cfg_listelt_t *element; isc_mem_t *mctx = dns_zone_getmctx(zone); - dns_rdata_t *rdata; + dns_rdata_t *rdata = NULL; isc_region_t sregion, region; isc_result_t result = ISC_R_SUCCESS; - for (element = cfg_list_first(zconfig); element != NULL; - element = cfg_list_next(element)) - { - const cfg_obj_t *obj; - const char *str; + CFG_LIST_FOREACH (zconfig, element) { + const cfg_obj_t *obj = NULL; + const char *str = NULL; dns_fixedname_t fixed_name; - dns_name_t *nsname; + dns_name_t *nsname = NULL; isc_buffer_t b; obj = cfg_listelt_value(element); diff --git a/bin/rndc/rndc.c b/bin/rndc/rndc.c index e7a04a24a5..03c4848ccb 100644 --- a/bin/rndc/rndc.c +++ b/bin/rndc/rndc.c @@ -558,13 +558,11 @@ parse_config(isc_mem_t *mctx, const char *keyname, cfg_parser_t **pctxp, const cfg_obj_t *algorithmobj = NULL; cfg_obj_t *config = NULL; const cfg_obj_t *address = NULL; - const cfg_listelt_t *elt; const char *secretstr; const char *algorithmstr; static char secretarray[1024]; const cfg_type_t *conftype = &cfg_type_rndcconf; bool key_only = false; - const cfg_listelt_t *element; if (!isc_file_exists(conffile)) { conffile = admin_keyfile; @@ -617,9 +615,7 @@ parse_config(isc_mem_t *mctx, const char *keyname, cfg_parser_t **pctxp, if (!key_only) { (void)cfg_map_get(config, "server", &servers); if (servers != NULL) { - for (elt = cfg_list_first(servers); elt != NULL; - elt = cfg_list_next(elt)) - { + CFG_LIST_FOREACH (servers, elt) { const char *name = NULL; server = cfg_listelt_value(elt); name = cfg_obj_asstring( @@ -655,18 +651,18 @@ parse_config(isc_mem_t *mctx, const char *keyname, cfg_parser_t **pctxp, DO("get key", cfg_map_get(config, "key", &key)); } else { DO("get config key list", cfg_map_get(config, "key", &keys)); - for (elt = cfg_list_first(keys); elt != NULL; - elt = cfg_list_next(elt)) - { + bool match = false; + CFG_LIST_FOREACH (keys, elt) { const char *name = NULL; key = cfg_listelt_value(elt); name = cfg_obj_asstring(cfg_map_getname(key)); if (strcasecmp(name, keyname) == 0) { + match = true; break; } } - if (elt == NULL) { + if (!match) { fatal("no key definition for name %s", keyname); } } @@ -729,9 +725,7 @@ parse_config(isc_mem_t *mctx, const char *keyname, cfg_parser_t **pctxp, result = ISC_R_NOTFOUND; } if (result == ISC_R_SUCCESS) { - for (element = cfg_list_first(addresses); element != NULL; - element = cfg_list_next(element)) - { + CFG_LIST_FOREACH (addresses, element) { isc_sockaddr_t sa; address = cfg_listelt_value(element); diff --git a/bin/tests/system/dyndb/driver/syncptr.c b/bin/tests/system/dyndb/driver/syncptr.c index b84abc968d..0ff33e158b 100644 --- a/bin/tests/system/dyndb/driver/syncptr.c +++ b/bin/tests/system/dyndb/driver/syncptr.c @@ -295,22 +295,15 @@ cleanup: isc_result_t syncptrs(sample_instance_t *inst, dns_name_t *name, dns_rdataset_t *rdataset, dns_diffop_t op) { - isc_result_t result; - dns_rdata_t rdata = DNS_RDATA_INIT; - - for (result = dns_rdataset_first(rdataset); result == ISC_R_SUCCESS; - result = dns_rdataset_next(rdataset)) - { + isc_result_t result = ISC_R_SUCCESS; + DNS_RDATASET_FOREACH (rdataset) { + dns_rdata_t rdata = DNS_RDATA_INIT; dns_rdataset_current(rdataset, &rdata); result = syncptr(inst, name, &rdata, rdataset->ttl, op); if (result != ISC_R_SUCCESS && result != ISC_R_NOTFOUND) { - goto cleanup; + break; } } - if (result == ISC_R_NOMORE) { - result = ISC_R_SUCCESS; - } -cleanup: return result; } diff --git a/bin/tools/mdig.c b/bin/tools/mdig.c index b776f9857a..a9d0975efd 100644 --- a/bin/tools/mdig.c +++ b/bin/tools/mdig.c @@ -427,9 +427,7 @@ repopulate_buffer: } CHECK("dns_message_sectiontotext", result); } else if (display_answer) { - isc_result_t loopresult; dns_name_t empty_name; - dns_rdata_t rdata = DNS_RDATA_INIT; unsigned int answerstyleflags = 0; if (!display_crypto) { @@ -443,8 +441,8 @@ repopulate_buffer: MSG_SECTION_FOREACH (response, DNS_SECTION_ANSWER, name) { ISC_LIST_FOREACH (name->list, rdataset, link) { - loopresult = dns_rdataset_first(rdataset); - while (loopresult == ISC_R_SUCCESS) { + DNS_RDATASET_FOREACH (rdataset) { + dns_rdata_t rdata = DNS_RDATA_INIT; dns_rdataset_current(rdataset, &rdata); result = dns_rdata_tofmttext( &rdata, NULL, answerstyleflags, @@ -452,10 +450,8 @@ repopulate_buffer: if (result == ISC_R_NOSPACE) { goto buftoosmall; } + CHECK("dns_rdata_tofmttext", result); - loopresult = - dns_rdataset_next(rdataset); - dns_rdata_reset(&rdata); if (strlen("\n") >= isc_buffer_availablelength(buf)) { diff --git a/lib/dns/adb.c b/lib/dns/adb.c index bef3694d64..d95ae44bd1 100644 --- a/lib/dns/adb.c +++ b/lib/dns/adb.c @@ -538,10 +538,9 @@ ttlclamp(dns_ttl_t ttl) { * * This code handles A and AAAA rdatasets only. */ -static isc_result_t +static void import_rdataset(dns_adbname_t *adbname, dns_rdataset_t *rdataset, isc_stdtime_t now) { - isc_result_t result; dns_adb_t *adb = NULL; dns_rdatatype_t rdtype; @@ -569,9 +568,7 @@ import_rdataset(dns_adbname_t *adbname, dns_rdataset_t *rdataset, REQUIRE(dns_rdatatype_isaddr(rdtype)); - for (result = dns_rdataset_first(rdataset); result == ISC_R_SUCCESS; - result = dns_rdataset_next(rdataset)) - { + DNS_RDATASET_FOREACH (rdataset) { /* FIXME: Move to a separate function */ dns_adbnamehooklist_t *hookhead = NULL; dns_adbentry_t *entry = NULL; @@ -616,10 +613,6 @@ import_rdataset(dns_adbname_t *adbname, dns_rdataset_t *rdataset, UNLOCK(&entry->lock); dns_adbentry_detach(&entry); } - if (result == ISC_R_NOMORE) { - result = ISC_R_SUCCESS; - } - INSIST(result == ISC_R_SUCCESS); switch (rdtype) { case dns_rdatatype_a: @@ -637,8 +630,6 @@ import_rdataset(dns_adbname_t *adbname, dns_rdataset_t *rdataset, default: UNREACHABLE(); } - - return ISC_R_SUCCESS; } static bool @@ -2532,6 +2523,8 @@ dbfind_name(dns_adbname_t *adbname, isc_stdtime_t now, dns_rdatatype_t rdtype) { switch (result) { case DNS_R_GLUE: case DNS_R_HINT: + result = ISC_R_SUCCESS; + FALLTHROUGH; case ISC_R_SUCCESS: /* * Found in the database. Even if we can't copy out @@ -2543,7 +2536,7 @@ dbfind_name(dns_adbname_t *adbname, isc_stdtime_t now, dns_rdatatype_t rdtype) { } else { adbname->fetch6_err = FIND_ERR_SUCCESS; } - result = import_rdataset(adbname, &rdataset, now); + import_rdataset(adbname, &rdataset, now); break; case DNS_R_NXDOMAIN: case DNS_R_NXRRSET: @@ -2645,7 +2638,6 @@ fetch_callback(void *arg) { dns_adbfetch_t *fetch = NULL; dns_adbstatus_t astat = DNS_ADB_NOMOREADDRESSES; isc_stdtime_t now; - isc_result_t result; unsigned int address_type; REQUIRE(DNS_ADBNAME_VALID(name)); @@ -2734,11 +2726,10 @@ fetch_callback(void *arg) { */ if (resp->result == DNS_R_CNAME || resp->result == DNS_R_DNAME) { resp->rdataset->ttl = ttlclamp(resp->rdataset->ttl); - result = ISC_R_SUCCESS; name->flags |= NAME_IS_ALIAS; name->expire_v4 = name->expire_v6 = ADJUSTED_EXPIRE(INT_MAX, now, resp->rdataset->ttl); - goto check_result; + goto moreaddrs; } /* @@ -2775,16 +2766,14 @@ fetch_callback(void *arg) { /* * We got something potentially useful. */ - result = import_rdataset(name, &fetch->rdataset, now); + import_rdataset(name, &fetch->rdataset, now); -check_result: - if (result == ISC_R_SUCCESS) { - astat = DNS_ADB_MOREADDRESSES; - if (address_type == DNS_ADBFIND_INET) { - name->fetch_err = FIND_ERR_SUCCESS; - } else { - name->fetch6_err = FIND_ERR_SUCCESS; - } +moreaddrs: + astat = DNS_ADB_MOREADDRESSES; + if (address_type == DNS_ADBFIND_INET) { + name->fetch_err = FIND_ERR_SUCCESS; + } else { + name->fetch6_err = FIND_ERR_SUCCESS; } out: diff --git a/lib/dns/cache.c b/lib/dns/cache.c index f0f204e650..d43865e98f 100644 --- a/lib/dns/cache.c +++ b/lib/dns/cache.c @@ -377,11 +377,8 @@ clearnode(dns_db_t *db, dns_dbnode_t *node) { return result; } - for (result = dns_rdatasetiter_first(iter); result == ISC_R_SUCCESS; - result = dns_rdatasetiter_next(iter)) - { - dns_rdataset_t rdataset; - dns_rdataset_init(&rdataset); + DNS_RDATASETITER_FOREACH (iter) { + dns_rdataset_t rdataset = DNS_RDATASET_INIT; dns_rdatasetiter_current(iter, &rdataset); result = dns_db_deleterdataset(db, node, NULL, rdataset.type, @@ -392,10 +389,6 @@ clearnode(dns_db_t *db, dns_dbnode_t *node) { } } - if (result == ISC_R_NOMORE) { - result = ISC_R_SUCCESS; - } - dns_rdatasetiter_destroy(&iter); return result; } diff --git a/lib/dns/catz.c b/lib/dns/catz.c index 2a6fd1af4e..6a83146f26 100644 --- a/lib/dns/catz.c +++ b/lib/dns/catz.c @@ -1381,7 +1381,6 @@ static isc_result_t catz_process_primaries(dns_catz_zone_t *catz, dns_ipkeylist_t *ipkl, dns_rdataset_t *value, dns_name_t *name) { isc_result_t result; - dns_rdata_t rdata; dns_rdata_in_a_t rdata_a; dns_rdata_in_aaaa_t rdata_aaaa; dns_rdata_txt_t rdata_txt; @@ -1411,6 +1410,7 @@ catz_process_primaries(dns_catz_zone_t *catz, dns_ipkeylist_t *ipkl, * - label and IN TXT - TSIG key name */ if (name->length != 0) { + dns_rdata_t rdata = DNS_RDATA_INIT; isc_sockaddr_t sockaddr; size_t i; @@ -1420,7 +1420,6 @@ catz_process_primaries(dns_catz_zone_t *catz, dns_ipkeylist_t *ipkl, */ result = dns_rdataset_first(value); RUNTIME_CHECK(result == ISC_R_SUCCESS); - dns_rdata_init(&rdata); dns_rdataset_current(value, &rdata); switch (value->type) { case dns_rdatatype_a: @@ -1524,10 +1523,8 @@ catz_process_primaries(dns_catz_zone_t *catz, dns_ipkeylist_t *ipkl, dns_ipkeylist_resize(mctx, ipkl, rcount); - for (result = dns_rdataset_first(value); result == ISC_R_SUCCESS; - result = dns_rdataset_next(value)) - { - dns_rdata_init(&rdata); + DNS_RDATASET_FOREACH (value) { + dns_rdata_t rdata = DNS_RDATA_INIT; dns_rdataset_current(value, &rdata); /* * port 0 == take the default @@ -2387,8 +2384,7 @@ dns__catz_update_cb(void *data) { } dns_rdataset_init(&rdataset); - result = dns_rdatasetiter_first(rdsiter); - while (result == ISC_R_SUCCESS) { + DNS_RDATASETITER_FOREACH (rdsiter) { dns_rdatasetiter_current(rdsiter, &rdataset); /* @@ -2398,7 +2394,8 @@ dns__catz_update_cb(void *data) { * and produce an unnecessary warning message. */ if (!catz_rdatatype_is_processable(rdataset.type)) { - goto next; + dns_rdataset_disassociate(&rdataset); + continue; } /* @@ -2430,9 +2427,8 @@ dns__catz_update_cb(void *data) { cname, classbuf, typebuf, isc_result_totext(result)); } - next: + dns_rdataset_disassociate(&rdataset); - result = dns_rdatasetiter_next(rdsiter); } dns_rdatasetiter_destroy(&rdsiter); diff --git a/lib/dns/dbiterator.c b/lib/dns/dbiterator.c index 8f202871a6..626e4c4543 100644 --- a/lib/dns/dbiterator.c +++ b/lib/dns/dbiterator.c @@ -22,10 +22,6 @@ void dns__dbiterator_destroy(dns_dbiterator_t **iteratorp DNS__DB_FLARG) { - /* - * Destroy '*iteratorp'. - */ - REQUIRE(iteratorp != NULL); REQUIRE(DNS_DBITERATOR_VALID(*iteratorp)); @@ -36,33 +32,27 @@ dns__dbiterator_destroy(dns_dbiterator_t **iteratorp DNS__DB_FLARG) { isc_result_t dns__dbiterator_first(dns_dbiterator_t *iterator DNS__DB_FLARG) { - /* - * Move the node cursor to the first node in the database (if any). - */ - REQUIRE(DNS_DBITERATOR_VALID(iterator)); - return iterator->methods->first(iterator DNS__DB_FLARG_PASS); + isc_result_t result = + iterator->methods->first(iterator DNS__DB_FLARG_PASS); + ENSURE(result == ISC_R_SUCCESS || result == ISC_R_NOMORE); + return result; } isc_result_t dns__dbiterator_last(dns_dbiterator_t *iterator DNS__DB_FLARG) { - /* - * Move the node cursor to the first node in the database (if any). - */ - REQUIRE(DNS_DBITERATOR_VALID(iterator)); - return iterator->methods->last(iterator DNS__DB_FLARG_PASS); + isc_result_t result = + iterator->methods->last(iterator DNS__DB_FLARG_PASS); + ENSURE(result == ISC_R_SUCCESS || result == ISC_R_NOMORE); + return result; } isc_result_t dns__dbiterator_seek(dns_dbiterator_t *iterator, const dns_name_t *name DNS__DB_FLARG) { - /* - * Move the node cursor to the node with name 'name'. - */ - REQUIRE(DNS_DBITERATOR_VALID(iterator)); return iterator->methods->seek(iterator, name DNS__DB_FLARG_PASS); @@ -70,33 +60,27 @@ dns__dbiterator_seek(dns_dbiterator_t *iterator, isc_result_t dns__dbiterator_prev(dns_dbiterator_t *iterator DNS__DB_FLARG) { - /* - * Move the node cursor to the previous node in the database (if any). - */ - REQUIRE(DNS_DBITERATOR_VALID(iterator)); - return iterator->methods->prev(iterator DNS__DB_FLARG_PASS); + isc_result_t result = + iterator->methods->prev(iterator DNS__DB_FLARG_PASS); + ENSURE(result == ISC_R_SUCCESS || result == ISC_R_NOMORE); + return result; } isc_result_t dns__dbiterator_next(dns_dbiterator_t *iterator DNS__DB_FLARG) { - /* - * Move the node cursor to the next node in the database (if any). - */ - REQUIRE(DNS_DBITERATOR_VALID(iterator)); - return iterator->methods->next(iterator DNS__DB_FLARG_PASS); + isc_result_t result = + iterator->methods->next(iterator DNS__DB_FLARG_PASS); + ENSURE(result == ISC_R_SUCCESS || result == ISC_R_NOMORE); + return result; } isc_result_t dns__dbiterator_current(dns_dbiterator_t *iterator, dns_dbnode_t **nodep, dns_name_t *name DNS__DB_FLARG) { - /* - * Return the current node. - */ - REQUIRE(DNS_DBITERATOR_VALID(iterator)); REQUIRE(nodep != NULL && *nodep == NULL); REQUIRE(name == NULL || dns_name_hasbuffer(name)); @@ -107,10 +91,6 @@ dns__dbiterator_current(dns_dbiterator_t *iterator, dns_dbnode_t **nodep, isc_result_t dns_dbiterator_pause(dns_dbiterator_t *iterator) { - /* - * Pause iteration. - */ - REQUIRE(DNS_DBITERATOR_VALID(iterator)); return iterator->methods->pause(iterator); @@ -118,10 +98,6 @@ dns_dbiterator_pause(dns_dbiterator_t *iterator) { isc_result_t dns_dbiterator_origin(dns_dbiterator_t *iterator, dns_name_t *name) { - /* - * Return the origin to which returned node names are relative. - */ - REQUIRE(DNS_DBITERATOR_VALID(iterator)); REQUIRE(iterator->relative_names); REQUIRE(dns_name_hasbuffer(name)); diff --git a/lib/dns/dns64.c b/lib/dns/dns64.c index c72c99727c..9d82849de3 100644 --- a/lib/dns/dns64.c +++ b/lib/dns/dns64.c @@ -270,10 +270,7 @@ dns_dns64_aaaaok(const dns_dns64_t *dns64, const isc_netaddr_t *reqaddr, i = 0; ok = 0; - for (result = dns_rdataset_first(rdataset); - result == ISC_R_SUCCESS; - result = dns_rdataset_next(rdataset)) - { + DNS_RDATASET_FOREACH (rdataset) { dns_rdata_t rdata = DNS_RDATA_INIT; if (aaaaok == NULL || !aaaaok[i]) { dns_rdataset_current(rdataset, &rdata); @@ -407,7 +404,6 @@ dns_dns64_findprefix(dns_rdataset_t *rdataset, isc_netprefix_t *prefix, unsigned int oplen, iplen; size_t count = 0; struct in6_addr ina6; - isc_result_t result; REQUIRE(prefix != NULL && len != NULL && *len != 0U); REQUIRE(rdataset != NULL && rdataset->type == dns_rdatatype_aaaa); @@ -417,9 +413,7 @@ dns_dns64_findprefix(dns_rdataset_t *rdataset, isc_netprefix_t *prefix, dns_rdataset_clone(rdataset, &outer); dns_rdataset_clone(rdataset, &inner); - for (result = dns_rdataset_first(&outer); result == ISC_R_SUCCESS; - result = dns_rdataset_next(&outer)) - { + DNS_RDATASET_FOREACH (&outer) { dns_rdata_t rd1 = DNS_RDATA_INIT; dns_rdataset_current(&outer, &rd1); oplen = 0; @@ -431,33 +425,30 @@ dns_dns64_findprefix(dns_rdataset_t *rdataset, isc_netprefix_t *prefix, } /* Look for the 192.0.0.171 match. */ - for (result = dns_rdataset_first(&inner); - result == ISC_R_SUCCESS; - result = dns_rdataset_next(&inner)) - { + bool matched = false; + DNS_RDATASET_FOREACH (&inner) { dns_rdata_t rd2 = DNS_RDATA_INIT; dns_rdataset_current(&inner, &rd2); iplen = search(&rd2, &rd1, oplen); - if (iplen == 0) { - continue; - } - INSIST(iplen == oplen); - if (count >= *len) { - count++; - break; - } + if (iplen != 0) { + matched = true; + INSIST(iplen == oplen); + if (count >= *len) { + count++; + break; + } - /* We have a prefix. */ - memset(ina6.s6_addr, 0, sizeof(ina6.s6_addr)); - memmove(ina6.s6_addr, rd1.data, oplen / 8); - isc_netaddr_fromin6(&prefix[count].addr, &ina6); - prefix[count].prefixlen = oplen; - count++; - break; + /* We have a prefix. */ + memset(ina6.s6_addr, 0, sizeof(ina6.s6_addr)); + memmove(ina6.s6_addr, rd1.data, oplen / 8); + isc_netaddr_fromin6(&prefix[count].addr, &ina6); + prefix[count].prefixlen = oplen; + count++; + } } /* Didn't find a match look for a different prefix length. */ - if (result == ISC_R_NOMORE) { + if (!matched) { goto resume; } } @@ -493,15 +484,14 @@ dns_dns64_apply(isc_mem_t *mctx, dns_dns64list_t dns64s, unsigned int count, aaaalist->rdclass = dns_rdataclass_in; aaaalist->type = dns_rdatatype_aaaa; - for (result = dns_rdataset_first(a); result == ISC_R_SUCCESS; - result = dns_rdataset_next(a)) - { + DNS_RDATASET_FOREACH (a) { + dns_rdata_t rdata = DNS_RDATA_INIT; + dns_rdataset_current(a, &rdata); + ISC_LIST_FOREACH (dns64s, dns64, link) { - dns_rdata_t rdata = DNS_RDATA_INIT; dns_rdata_t *dns64_rdata = NULL; isc_region_t r; - dns_rdataset_current(a, &rdata); isc_buffer_availableregion(buffer, &r); INSIST(r.length >= 16); result = dns_dns64_aaaafroma(dns64, &netaddr, reqsigner, diff --git a/lib/dns/dnssec.c b/lib/dns/dnssec.c index 277230bca6..3632f86178 100644 --- a/lib/dns/dnssec.c +++ b/lib/dns/dnssec.c @@ -1036,7 +1036,6 @@ dns_dnssec_signs(dns_rdata_t *rdata, const dns_name_t *name, dns_keytag_t keytag; dns_rdata_dnskey_t key; dns_rdata_rrsig_t sig; - dns_rdata_t sigrdata = DNS_RDATA_INIT; isc_result_t result; INSIST(sigrdataset->type == dns_rdatatype_rrsig); @@ -1052,10 +1051,8 @@ dns_dnssec_signs(dns_rdata_t *rdata, const dns_name_t *name, RUNTIME_CHECK(result == ISC_R_SUCCESS); keytag = dst_key_id(dstkey); - for (result = dns_rdataset_first(sigrdataset); result == ISC_R_SUCCESS; - result = dns_rdataset_next(sigrdataset)) - { - dns_rdata_reset(&sigrdata); + DNS_RDATASET_FOREACH (sigrdataset) { + dns_rdata_t sigrdata = DNS_RDATA_INIT; dns_rdataset_current(sigrdataset, &sigrdata); result = dns_rdata_tostruct(&sigrdata, &sig, NULL); RUNTIME_CHECK(result == ISC_R_SUCCESS); @@ -1083,17 +1080,13 @@ dns_dnssec_iszonekey(dns_rdata_dnskey_t *key) { bool dns_dnssec_haszonekey(dns_rdataset_t *keyset) { - isc_result_t result; - REQUIRE(keyset != NULL); if (keyset->type != dns_rdatatype_dnskey) { return false; } - for (result = dns_rdataset_first(keyset); result == ISC_R_SUCCESS; - result = dns_rdataset_next(keyset)) - { + DNS_RDATASET_FOREACH (keyset) { dns_rdata_t rdata = DNS_RDATA_INIT; dns_rdata_dnskey_t key; @@ -1480,9 +1473,7 @@ mark_active_keys(dns_dnsseckeylist_t *keylist, dns_rdataset_t *rrsigs) { keyid = dst_key_id(key->key); keyalg = dst_key_alg(key->key); - for (result = dns_rdataset_first(&sigs); - result == ISC_R_SUCCESS; result = dns_rdataset_next(&sigs)) - { + DNS_RDATASET_FOREACH (&sigs) { dns_rdata_rrsig_t sig; dns_rdata_reset(&rdata); @@ -1498,10 +1489,6 @@ mark_active_keys(dns_dnsseckeylist_t *keylist, dns_rdataset_t *rrsigs) { } } - if (result == ISC_R_NOMORE) { - result = ISC_R_SUCCESS; - } - if (dns_rdataset_isassociated(&sigs)) { dns_rdataset_disassociate(&sigs); } @@ -1547,7 +1534,6 @@ dns_dnssec_keylistfromrdataset(const dns_name_t *origin, dns_kasp_t *kasp, dns_rdataset_t *soasigs, bool savekeys, bool publickey, dns_dnsseckeylist_t *keylist) { dns_rdataset_t keys; - dns_rdata_t rdata = DNS_RDATA_INIT; dst_key_t *dnskey = NULL, *pubkey = NULL, *privkey = NULL; isc_result_t result; @@ -1556,10 +1542,8 @@ dns_dnssec_keylistfromrdataset(const dns_name_t *origin, dns_kasp_t *kasp, dns_rdataset_init(&keys); dns_rdataset_clone(keyset, &keys); - for (result = dns_rdataset_first(&keys); result == ISC_R_SUCCESS; - result = dns_rdataset_next(&keys)) - { - dns_rdata_reset(&rdata); + DNS_RDATASET_FOREACH (&keys) { + dns_rdata_t rdata = DNS_RDATA_INIT; dns_rdataset_current(&keys, &rdata); REQUIRE(rdata.type == dns_rdatatype_key || @@ -1699,10 +1683,6 @@ dns_dnssec_keylistfromrdataset(const dns_name_t *origin, dns_kasp_t *kasp, } } - if (result != ISC_R_NOMORE) { - RETERR(result); - } - if (keysigs != NULL && dns_rdataset_isassociated(keysigs)) { RETERR(mark_active_keys(keylist, keysigs)); } @@ -1826,14 +1806,10 @@ failure: static bool exists(dns_rdataset_t *rdataset, dns_rdata_t *rdata) { - isc_result_t result; - dns_rdataset_t trdataset; - - dns_rdataset_init(&trdataset); + dns_rdataset_t trdataset = DNS_RDATASET_INIT; dns_rdataset_clone(rdataset, &trdataset); - for (result = dns_rdataset_first(&trdataset); result == ISC_R_SUCCESS; - result = dns_rdataset_next(&trdataset)) - { + + DNS_RDATASET_FOREACH (&trdataset) { dns_rdata_t current = DNS_RDATA_INIT; dns_rdataset_current(&trdataset, ¤t); @@ -2361,9 +2337,7 @@ dns_dnssec_matchdskey(dns_name_t *name, dns_rdata_t *dsrdata, result = dns_rdata_tostruct(dsrdata, &ds, NULL); RUNTIME_CHECK(result == ISC_R_SUCCESS); - for (result = dns_rdataset_first(keyset); result == ISC_R_SUCCESS; - result = dns_rdataset_next(keyset)) - { + DNS_RDATASET_FOREACH (keyset) { dns_rdata_t newdsrdata = DNS_RDATA_INIT; dns_rdata_reset(keyrdata); @@ -2386,12 +2360,9 @@ dns_dnssec_matchdskey(dns_name_t *name, dns_rdata_t *dsrdata, } if (dns_rdata_compare(dsrdata, &newdsrdata) == 0) { - break; + return ISC_R_SUCCESS; } } - if (result == ISC_R_NOMORE) { - result = ISC_R_NOTFOUND; - } - return result; + return ISC_R_NOTFOUND; } diff --git a/lib/dns/include/dns/dbiterator.h b/lib/dns/include/dns/dbiterator.h index e97e9add0b..0371401cb2 100644 --- a/lib/dns/include/dns/dbiterator.h +++ b/lib/dns/include/dns/dbiterator.h @@ -99,6 +99,22 @@ struct dns_dbiterator { bool relative_names; }; +/* clang-format off */ +/* + * This is a hack to build a unique variable name to + * replace 'res' below. (Two layers of macro indirection are + * needed to make the line number be part of the variable + * name; otherwise it would just be "x__LINE__".) + */ +#define DNS__DBITERATOR_CONNECT(x,y) x##y +#define DNS__DBITERATOR_CONCAT(x,y) DNS__DBITERATOR_CONNECT(x,y) +#define DNS_DBITERATOR_FOREACH_RES(rds, res) \ + for (isc_result_t res = dns_dbiterator_first((rds)); \ + res == ISC_R_SUCCESS; res = dns_dbiterator_next((rds))) +#define DNS_DBITERATOR_FOREACH(rds) \ + DNS_DBITERATOR_FOREACH_RES(rds, DNS__DBITERATOR_CONCAT(x, __LINE__)) +/* clang-format on */ + #define dns_dbiterator_destroy(iteratorp) \ dns__dbiterator_destroy(iteratorp DNS__DB_FILELINE) void diff --git a/lib/dns/include/dns/rdataset.h b/lib/dns/include/dns/rdataset.h index 1a0efbf10a..c3c96ce72e 100644 --- a/lib/dns/include/dns/rdataset.h +++ b/lib/dns/include/dns/rdataset.h @@ -221,6 +221,22 @@ struct dns_rdataset { .link = ISC_LINK_INITIALIZER, \ .count = DNS_RDATASET_COUNT_UNDEFINED } +/* clang-format off */ +/* + * This is a hack to build a unique variable name to + * replace 'res' below. (Two layers of macro indirection are + * needed to make the line number be part of the variable + * name; otherwise it would just be "x__LINE__".) + */ +#define DNS__RDATASET_CONNECT(x,y) x##y +#define DNS__RDATASET_CONCAT(x,y) DNS__RDATASET_CONNECT(x,y) +#define DNS_RDATASET_FOREACH_RES(rds, res) \ + for (isc_result_t res = dns_rdataset_first((rds)); \ + res == ISC_R_SUCCESS; res = dns_rdataset_next((rds))) +#define DNS_RDATASET_FOREACH(rds) \ + DNS_RDATASET_FOREACH_RES(rds, DNS__RDATASET_CONCAT(x, __LINE__)) +/* clang-format on */ + /*! * \def DNS_RDATASETATTR_RENDERED * Used by message.c to indicate that the rdataset was rendered. @@ -390,6 +406,9 @@ dns_rdataset_first(dns_rdataset_t *rdataset); * Returns: *\li #ISC_R_SUCCESS *\li #ISC_R_NOMORE There are no rdata in the set. + * + * Ensures: + *\li No other value is returned. */ isc_result_t @@ -403,6 +422,9 @@ dns_rdataset_next(dns_rdataset_t *rdataset); * Returns: *\li #ISC_R_SUCCESS *\li #ISC_R_NOMORE There are no more rdata in the set. + * + * Ensures: + *\li No other value is returned. */ void diff --git a/lib/dns/include/dns/rdatasetiter.h b/lib/dns/include/dns/rdatasetiter.h index a91c1ec416..e53f44dbf6 100644 --- a/lib/dns/include/dns/rdatasetiter.h +++ b/lib/dns/include/dns/rdatasetiter.h @@ -94,6 +94,22 @@ struct dns_rdatasetiter { unsigned int options; }; +/* clang-format off */ +/* + * This is a hack to build a unique variable name to + * replace 'res' below. (Two layers of macro indirection are + * needed to make the line number be part of the variable + * name; otherwise it would just be "x__LINE__".) + */ +#define DNS__RDATASETITER_CONNECT(x,y) x##y +#define DNS__RDATASETITER_CONCAT(x,y) DNS__RDATASETITER_CONNECT(x,y) +#define DNS_RDATASETITER_FOREACH_RES(rds, res) \ + for (isc_result_t res = dns_rdatasetiter_first((rds)); \ + res == ISC_R_SUCCESS; res = dns_rdatasetiter_next((rds))) +#define DNS_RDATASETITER_FOREACH(rds) \ + DNS_RDATASETITER_FOREACH_RES(rds, DNS__RDATASETITER_CONCAT(x, __LINE__)) +/* clang-format on */ + #define dns_rdatasetiter_destroy(iteratorp) \ dns__rdatasetiter_destroy(iteratorp DNS__DB_FILELINE) void diff --git a/lib/dns/journal.c b/lib/dns/journal.c index 3e593e6022..e68fc1f4dd 100644 --- a/lib/dns/journal.c +++ b/lib/dns/journal.c @@ -2140,18 +2140,11 @@ get_name_diff(dns_db_t *db, dns_dbversion_t *ver, isc_stdtime_t now, goto cleanup_node; } - for (result = dns_rdatasetiter_first(rdsiter); result == ISC_R_SUCCESS; - result = dns_rdatasetiter_next(rdsiter)) - { - dns_rdataset_t rdataset; - - dns_rdataset_init(&rdataset); + DNS_RDATASETITER_FOREACH (rdsiter) { + dns_rdataset_t rdataset = DNS_RDATASET_INIT; dns_rdatasetiter_current(rdsiter, &rdataset); - for (result = dns_rdataset_first(&rdataset); - result == ISC_R_SUCCESS; - result = dns_rdataset_next(&rdataset)) - { + DNS_RDATASET_FOREACH (&rdataset) { dns_rdata_t rdata = DNS_RDATA_INIT; dns_rdataset_current(&rdataset, &rdata); dns_difftuple_create(diff->mctx, op, name, rdataset.ttl, @@ -2159,19 +2152,11 @@ get_name_diff(dns_db_t *db, dns_dbversion_t *ver, isc_stdtime_t now, dns_diff_append(diff, &tuple); } dns_rdataset_disassociate(&rdataset); - if (result != ISC_R_NOMORE) { - goto cleanup_iterator; - } - } - if (result != ISC_R_NOMORE) { - goto cleanup_iterator; } + dns_rdatasetiter_destroy(&rdsiter); result = ISC_R_SUCCESS; -cleanup_iterator: - dns_rdatasetiter_destroy(&rdsiter); - cleanup_node: dns_db_detachnode(db, &node); diff --git a/lib/dns/keytable.c b/lib/dns/keytable.c index 48c54fb8ef..15c204f08a 100644 --- a/lib/dns/keytable.c +++ b/lib/dns/keytable.c @@ -609,9 +609,7 @@ keynode_dslist_totext(dns_keynode_t *keynode, isc_buffer_t **text) { dns_name_format(&keynode->name, namebuf, sizeof(namebuf)); - for (result = dns_rdataset_first(&dsset); result == ISC_R_SUCCESS; - result = dns_rdataset_next(&dsset)) - { + DNS_RDATASET_FOREACH (&dsset) { char algbuf[DNS_SECALG_FORMATSIZE]; dns_rdata_t rdata = DNS_RDATA_INIT; dns_rdata_ds_t ds; diff --git a/lib/dns/masterdump.c b/lib/dns/masterdump.c index 0adafb7a1a..0f0d680976 100644 --- a/lib/dns/masterdump.c +++ b/lib/dns/masterdump.c @@ -506,18 +506,15 @@ static isc_result_t ncache_summary(dns_rdataset_t *rdataset, bool omit_final_dot, dns_totext_ctx_t *ctx, isc_buffer_t *target) { isc_result_t result = ISC_R_SUCCESS; - dns_rdataset_t rds; + dns_rdataset_t rds = DNS_RDATASET_INIT; dns_name_t name; char *start = NULL; - dns_rdataset_init(&rds); dns_name_init(&name); do { dns_ncache_current(rdataset, &name, &rds); - for (result = dns_rdataset_first(&rds); result == ISC_R_SUCCESS; - result = dns_rdataset_next(&rds)) - { + DNS_RDATASET_FOREACH (&rds) { if ((ctx->style.flags & DNS_STYLEFLAG_INDENT) != 0 || (ctx->style.flags & DNS_STYLEFLAG_YAML) != 0) { @@ -599,8 +596,6 @@ rdataset_totext(dns_rdataset_t *rdataset, const dns_name_t *owner_name, REQUIRE(DNS_RDATASET_VALID(rdataset)); - result = dns_rdataset_first(rdataset); - current_ttl = ctx->current_ttl; current_ttl_valid = ctx->current_ttl_valid; @@ -610,7 +605,7 @@ rdataset_totext(dns_rdataset_t *rdataset, const dns_name_t *owner_name, dns_rdataset_getownercase(rdataset, name); } - while (result == ISC_R_SUCCESS) { + DNS_RDATASET_FOREACH (rdataset) { column = 0; /* @@ -805,11 +800,6 @@ rdataset_totext(dns_rdataset_t *rdataset, const dns_name_t *owner_name, } first = false; - result = dns_rdataset_next(rdataset); - } - - if (result != ISC_R_NOMORE) { - return result; } /* @@ -1262,7 +1252,7 @@ restart: isc_buffer_copyregion(buffer, &r); totallen += sizeof(dlen) + r.length; - do { + DNS_RDATASET_FOREACH (rdataset) { dns_rdata_t rdata = DNS_RDATA_INIT; dns_rdataset_current(rdataset, &rdata); @@ -1291,13 +1281,7 @@ restart: isc_buffer_putuint16(buffer, dlen); isc_buffer_copyregion(buffer, &r); totallen += sizeof(dlen) + r.length; - - result = dns_rdataset_next(rdataset); - } while (result == ISC_R_SUCCESS); - - if (result != ISC_R_NOMORE) { - return result; - } + }; /* * Fill in the total length field. @@ -1328,17 +1312,13 @@ static isc_result_t dump_rdatasets_raw(isc_mem_t *mctx, const dns_name_t *owner_name, dns_rdatasetiter_t *rdsiter, dns_totext_ctx_t *ctx, isc_buffer_t *buffer, FILE *f) { - isc_result_t result; - dns_rdataset_t rdataset; + isc_result_t result = ISC_R_SUCCESS; dns_fixedname_t fixed; - dns_name_t *name; + dns_name_t *name = dns_fixedname_initname(&fixed); - name = dns_fixedname_initname(&fixed); dns_name_copy(owner_name, name); - for (result = dns_rdatasetiter_first(rdsiter); result == ISC_R_SUCCESS; - result = dns_rdatasetiter_next(rdsiter)) - { - dns_rdataset_init(&rdataset); + DNS_RDATASETITER_FOREACH (rdsiter) { + dns_rdataset_t rdataset = DNS_RDATASET_INIT; dns_rdatasetiter_current(rdsiter, &rdataset); dns_rdataset_getownercase(&rdataset, name); @@ -1357,10 +1337,6 @@ dump_rdatasets_raw(isc_mem_t *mctx, const dns_name_t *owner_name, } } - if (result == ISC_R_NOMORE) { - result = ISC_R_SUCCESS; - } - return result; } @@ -1732,12 +1708,7 @@ dumptostream(dns_dumpctx_t *dctx) { CHECK(writeheader(dctx)); - result = dns_dbiterator_first(dctx->dbiter); - if (result != ISC_R_SUCCESS && result != ISC_R_NOMORE) { - goto cleanup; - } - - while (result == ISC_R_SUCCESS) { + DNS_DBITERATOR_FOREACH (dctx->dbiter) { dns_rdatasetiter_t *rdsiter = NULL; dns_dbnode_t *node = NULL; @@ -1775,7 +1746,6 @@ dumptostream(dns_dumpctx_t *dctx) { goto cleanup; } dns_db_detachnode(dctx->db, &node); - result = dns_dbiterator_next(dctx->dbiter); } if (result == ISC_R_NOMORE) { diff --git a/lib/dns/message.c b/lib/dns/message.c index 4db72ddc28..b387dc11f2 100644 --- a/lib/dns/message.c +++ b/lib/dns/message.c @@ -4967,11 +4967,8 @@ dns_message_clonebuffer(dns_message_t *msg) { static isc_result_t rdataset_soa_min(dns_rdataset_t *rds, dns_ttl_t *ttlp) { - isc_result_t result; /* loop over the rdatas */ - for (result = dns_rdataset_first(rds); result == ISC_R_SUCCESS; - result = dns_rdataset_next(rds)) - { + DNS_RDATASET_FOREACH (rds) { dns_name_t tmp; isc_region_t r = { 0 }; dns_rdata_t rdata = DNS_RDATA_INIT; diff --git a/lib/dns/ncache.c b/lib/dns/ncache.c index 9b319d7d05..f0a82505bc 100644 --- a/lib/dns/ncache.c +++ b/lib/dns/ncache.c @@ -58,10 +58,8 @@ addoptout(dns_message_t *message, dns_db_t *cache, dns_dbnode_t *node, static isc_result_t copy_rdataset(dns_rdataset_t *rdataset, isc_buffer_t *buffer) { - isc_result_t result; unsigned int count; isc_region_t ar, r; - dns_rdata_t rdata = DNS_RDATA_INIT; /* * Copy the rdataset count to the buffer. @@ -74,9 +72,11 @@ copy_rdataset(dns_rdataset_t *rdataset, isc_buffer_t *buffer) { INSIST(count <= 65535); isc_buffer_putuint16(buffer, (uint16_t)count); - result = dns_rdataset_first(rdataset); - while (result == ISC_R_SUCCESS) { + DNS_RDATASET_FOREACH (rdataset) { + isc_result_t result; + dns_rdata_t rdata = DNS_RDATA_INIT; dns_rdataset_current(rdataset, &rdata); + dns_rdata_toregion(&rdata, &r); INSIST(r.length <= 65535); isc_buffer_availableregion(buffer, &ar); @@ -94,11 +94,6 @@ copy_rdataset(dns_rdataset_t *rdataset, isc_buffer_t *buffer) { if (result != ISC_R_SUCCESS) { return result; } - dns_rdata_reset(&rdata); - result = dns_rdataset_next(rdataset); - } - if (result != ISC_R_NOMORE) { - return result; } return ISC_R_SUCCESS; @@ -282,7 +277,6 @@ isc_result_t dns_ncache_towire(dns_rdataset_t *rdataset, dns_compress_t *cctx, isc_buffer_t *target, unsigned int options, unsigned int *countp) { - dns_rdata_t rdata = DNS_RDATA_INIT; isc_result_t result; isc_region_t remaining, tavailable; isc_buffer_t source, savedbuffer, rdlen; @@ -303,9 +297,10 @@ dns_ncache_towire(dns_rdataset_t *rdataset, dns_compress_t *cctx, savedbuffer = *target; count = 0; - result = dns_rdataset_first(rdataset); - while (result == ISC_R_SUCCESS) { + DNS_RDATASET_FOREACH (rdataset) { + dns_rdata_t rdata = DNS_RDATA_INIT; dns_rdataset_current(rdataset, &rdata); + isc_buffer_init(&source, rdata.data, rdata.length); isc_buffer_add(&source, rdata.length); dns_name_init(&name); @@ -391,11 +386,6 @@ dns_ncache_towire(dns_rdataset_t *rdataset, dns_compress_t *cctx, count++; } INSIST(isc_buffer_remaininglength(&source) == 0); - result = dns_rdataset_next(rdataset); - dns_rdata_reset(&rdata); - } - if (result != ISC_R_NOMORE) { - goto rollback; } *countp = count; @@ -507,8 +497,7 @@ static dns_rdatasetmethods_t rdataset_methods = { isc_result_t dns_ncache_getrdataset(dns_rdataset_t *ncacherdataset, dns_name_t *name, dns_rdatatype_t type, dns_rdataset_t *rdataset) { - isc_result_t result; - dns_rdata_t rdata = DNS_RDATA_INIT; + isc_result_t result = ISC_R_NOTFOUND; isc_region_t remaining; isc_buffer_t source; dns_name_t tname; @@ -526,9 +515,10 @@ dns_ncache_getrdataset(dns_rdataset_t *ncacherdataset, dns_name_t *name, dns_rdataset_init(&rclone); dns_rdataset_clone(ncacherdataset, &rclone); - result = dns_rdataset_first(&rclone); - while (result == ISC_R_SUCCESS) { + DNS_RDATASET_FOREACH (&rclone) { + dns_rdata_t rdata = DNS_RDATA_INIT; dns_rdataset_current(&rclone, &rdata); + isc_buffer_init(&source, rdata.data, rdata.length); isc_buffer_add(&source, rdata.length); dns_name_init(&tname); @@ -545,47 +535,41 @@ dns_ncache_getrdataset(dns_rdataset_t *ncacherdataset, dns_name_t *name, trust = atomic_getuint8(&source); INSIST(trust <= dns_trust_ultimate); isc_buffer_remainingregion(&source, &remaining); + result = ISC_R_SUCCESS; break; } - result = dns_rdataset_next(&rclone); - dns_rdata_reset(&rdata); } dns_rdataset_disassociate(&rclone); - if (result == ISC_R_NOMORE) { - return ISC_R_NOTFOUND; - } - if (result != ISC_R_SUCCESS) { - return result; + + if (result == ISC_R_SUCCESS) { + INSIST(remaining.length != 0); + + rdataset->methods = &rdataset_methods; + rdataset->rdclass = ncacherdataset->rdclass; + rdataset->type = type; + rdataset->covers = 0; + rdataset->ttl = ncacherdataset->ttl; + rdataset->trust = trust; + rdataset->ncache.raw = remaining.base; + rdataset->ncache.iter_pos = NULL; + rdataset->ncache.iter_count = 0; } - INSIST(remaining.length != 0); - - rdataset->methods = &rdataset_methods; - rdataset->rdclass = ncacherdataset->rdclass; - rdataset->type = type; - rdataset->covers = 0; - rdataset->ttl = ncacherdataset->ttl; - rdataset->trust = trust; - rdataset->ncache.raw = remaining.base; - rdataset->ncache.iter_pos = NULL; - rdataset->ncache.iter_count = 0; - - return ISC_R_SUCCESS; + return result; } isc_result_t dns_ncache_getsigrdataset(dns_rdataset_t *ncacherdataset, dns_name_t *name, dns_rdatatype_t covers, dns_rdataset_t *rdataset) { + isc_result_t result = ISC_R_NOTFOUND; dns_name_t tname; dns_rdata_rrsig_t rrsig; - dns_rdata_t rdata = DNS_RDATA_INIT; dns_rdataset_t rclone; dns_rdatatype_t type; dns_trust_t trust = dns_trust_none; isc_buffer_t source; isc_region_t remaining, sigregion; - isc_result_t result; - unsigned char *raw; + unsigned char *raw = NULL; unsigned int count; REQUIRE(ncacherdataset != NULL); @@ -596,9 +580,10 @@ dns_ncache_getsigrdataset(dns_rdataset_t *ncacherdataset, dns_name_t *name, dns_rdataset_init(&rclone); dns_rdataset_clone(ncacherdataset, &rclone); - result = dns_rdataset_first(&rclone); - while (result == ISC_R_SUCCESS) { + DNS_RDATASET_FOREACH (&rclone) { + dns_rdata_t rdata = DNS_RDATA_INIT; dns_rdataset_current(&rclone, &rdata); + isc_buffer_init(&source, rdata.data, rdata.length); isc_buffer_add(&source, rdata.length); dns_name_init(&tname); @@ -615,8 +600,6 @@ dns_ncache_getsigrdataset(dns_rdataset_t *ncacherdataset, dns_name_t *name, if (type != dns_rdatatype_rrsig || !dns_name_equal(&tname, name)) { - result = dns_rdataset_next(&rclone); - dns_rdata_reset(&rdata); continue; } @@ -638,33 +621,27 @@ dns_ncache_getsigrdataset(dns_rdataset_t *ncacherdataset, dns_name_t *name, (void)dns_rdata_tostruct(&rdata, &rrsig, NULL); if (rrsig.covered == covers) { isc_buffer_remainingregion(&source, &remaining); + result = ISC_R_SUCCESS; break; } - - result = dns_rdataset_next(&rclone); - dns_rdata_reset(&rdata); } dns_rdataset_disassociate(&rclone); - if (result == ISC_R_NOMORE) { - return ISC_R_NOTFOUND; - } - if (result != ISC_R_SUCCESS) { - return result; + + if (result == ISC_R_SUCCESS) { + INSIST(remaining.length != 0); + + rdataset->methods = &rdataset_methods; + rdataset->rdclass = ncacherdataset->rdclass; + rdataset->type = dns_rdatatype_rrsig; + rdataset->covers = covers; + rdataset->ttl = ncacherdataset->ttl; + rdataset->trust = trust; + rdataset->ncache.raw = remaining.base; + rdataset->ncache.iter_pos = NULL; + rdataset->ncache.iter_count = 0; } - INSIST(remaining.length != 0); - - rdataset->methods = &rdataset_methods; - rdataset->rdclass = ncacherdataset->rdclass; - rdataset->type = dns_rdatatype_rrsig; - rdataset->covers = covers; - rdataset->ttl = ncacherdataset->ttl; - rdataset->trust = trust; - rdataset->ncache.raw = remaining.base; - rdataset->ncache.iter_pos = NULL; - rdataset->ncache.iter_count = 0; - - return ISC_R_SUCCESS; + return result; } void diff --git a/lib/dns/nsec.c b/lib/dns/nsec.c index 5d6215061a..8aeb1ed90e 100644 --- a/lib/dns/nsec.c +++ b/lib/dns/nsec.c @@ -96,10 +96,8 @@ dns_nsec_buildrdata(dns_db_t *db, dns_dbversion_t *version, dns_dbnode_t *node, const dns_name_t *target, unsigned char *buffer, dns_rdata_t *rdata) { isc_result_t result; - dns_rdataset_t rdataset; isc_region_t r; unsigned int i; - unsigned char *nsec_bits, *bm; unsigned int max_type; dns_rdatasetiter_t *rdsiter; @@ -119,15 +117,13 @@ dns_nsec_buildrdata(dns_db_t *db, dns_dbversion_t *version, dns_dbnode_t *node, dns_nsec_setbit(bm, dns_rdatatype_rrsig, 1); dns_nsec_setbit(bm, dns_rdatatype_nsec, 1); max_type = dns_rdatatype_nsec; - dns_rdataset_init(&rdataset); rdsiter = NULL; result = dns_db_allrdatasets(db, node, version, 0, 0, &rdsiter); if (result != ISC_R_SUCCESS) { return result; } - for (result = dns_rdatasetiter_first(rdsiter); result == ISC_R_SUCCESS; - result = dns_rdatasetiter_next(rdsiter)) - { + DNS_RDATASETITER_FOREACH (rdsiter) { + dns_rdataset_t rdataset = DNS_RDATASET_INIT; dns_rdatasetiter_current(rdsiter, &rdataset); if (rdataset.type != dns_rdatatype_nsec && rdataset.type != dns_rdatatype_nsec3 && @@ -140,6 +136,7 @@ dns_nsec_buildrdata(dns_db_t *db, dns_dbversion_t *version, dns_dbnode_t *node, } dns_rdataset_disassociate(&rdataset); } + dns_rdatasetiter_destroy(&rdsiter); /* * At zone cuts, deny the existence of glue in the parent zone. @@ -156,11 +153,6 @@ dns_nsec_buildrdata(dns_db_t *db, dns_dbversion_t *version, dns_dbnode_t *node, } } - dns_rdatasetiter_destroy(&rdsiter); - if (result != ISC_R_NOMORE) { - return result; - } - nsec_bits += dns_nsec_compressbitmap(nsec_bits, bm, max_type); r.length = (unsigned int)(nsec_bits - r.base); @@ -270,9 +262,8 @@ dns_nsec_nseconly(dns_db_t *db, dns_dbversion_t *version, dns_diff_t *diff, if (result != ISC_R_SUCCESS) { return result; } - for (result = dns_rdataset_first(&rdataset); result == ISC_R_SUCCESS; - result = dns_rdataset_next(&rdataset)) - { + bool matched = false; + DNS_RDATASET_FOREACH (&rdataset) { dns_rdata_t rdata = DNS_RDATA_INIT; dns_rdataset_current(&rdataset, &rdata); @@ -303,19 +294,14 @@ dns_nsec_nseconly(dns_db_t *db, dns_dbversion_t *version, dns_diff_t *diff, } if (!deleted) { + matched = true; break; } } } dns_rdataset_disassociate(&rdataset); - if (result == ISC_R_SUCCESS) { - *answer = true; - } - if (result == ISC_R_NOMORE) { - *answer = false; - result = ISC_R_SUCCESS; - } - return result; + *answer = matched; + return ISC_R_SUCCESS; } /*% @@ -495,19 +481,15 @@ dns_nsec_noexistnodata(dns_rdatatype_t type, const dns_name_t *name, bool dns_nsec_requiredtypespresent(dns_rdataset_t *nsecset) { - dns_rdataset_t rdataset; - isc_result_t result; + dns_rdataset_t rdataset = DNS_RDATASET_INIT; bool found = false; REQUIRE(DNS_RDATASET_VALID(nsecset)); REQUIRE(nsecset->type == dns_rdatatype_nsec); - dns_rdataset_init(&rdataset); dns_rdataset_clone(nsecset, &rdataset); - for (result = dns_rdataset_first(&rdataset); result == ISC_R_SUCCESS; - result = dns_rdataset_next(&rdataset)) - { + DNS_RDATASET_FOREACH (&rdataset) { dns_rdata_t rdata = DNS_RDATA_INIT; dns_rdataset_current(&rdataset, &rdata); if (!dns_nsec_typepresent(&rdata, dns_rdatatype_nsec) || diff --git a/lib/dns/nsec3.c b/lib/dns/nsec3.c index 8791c41605..e0fa980410 100644 --- a/lib/dns/nsec3.c +++ b/lib/dns/nsec3.c @@ -61,13 +61,11 @@ dns_nsec3_buildrdata(dns_db_t *db, dns_dbversion_t *version, dns_dbnode_t *node, size_t hash_length, unsigned char *buffer, dns_rdata_t *rdata) { isc_result_t result; - dns_rdataset_t rdataset; isc_region_t r; unsigned int i; bool found; bool found_ns; bool need_rrsig; - unsigned char *nsec_bits, *bm; unsigned int max_type; dns_rdatasetiter_t *rdsiter; @@ -116,16 +114,14 @@ dns_nsec3_buildrdata(dns_db_t *db, dns_dbversion_t *version, dns_dbnode_t *node, if (node == NULL) { goto collapse_bitmap; } - dns_rdataset_init(&rdataset); rdsiter = NULL; result = dns_db_allrdatasets(db, node, version, 0, 0, &rdsiter); if (result != ISC_R_SUCCESS) { return result; } found = found_ns = need_rrsig = false; - for (result = dns_rdatasetiter_first(rdsiter); result == ISC_R_SUCCESS; - result = dns_rdatasetiter_next(rdsiter)) - { + DNS_RDATASETITER_FOREACH (rdsiter) { + dns_rdataset_t rdataset = DNS_RDATASET_INIT; dns_rdatasetiter_current(rdsiter, &rdataset); if (rdataset.type != dns_rdatatype_nsec && rdataset.type != dns_rdatatype_nsec3 && @@ -156,6 +152,8 @@ dns_nsec3_buildrdata(dns_db_t *db, dns_dbversion_t *version, dns_dbnode_t *node, } dns_rdataset_disassociate(&rdataset); } + dns_rdatasetiter_destroy(&rdsiter); + if ((found && !found_ns) || need_rrsig) { if (dns_rdatatype_rrsig > max_type) { max_type = dns_rdatatype_rrsig; @@ -178,11 +176,6 @@ dns_nsec3_buildrdata(dns_db_t *db, dns_dbversion_t *version, dns_dbnode_t *node, } } - dns_rdatasetiter_destroy(&rdsiter); - if (result != ISC_R_NOMORE) { - return result; - } - collapse_bitmap: nsec_bits += dns_nsec_compressbitmap(nsec_bits, bm, max_type); r.length = (unsigned int)(nsec_bits - r.base); @@ -431,9 +424,7 @@ delnsec3(dns_db_t *db, dns_dbversion_t *version, const dns_name_t *name, goto cleanup_node; } - for (result = dns_rdataset_first(&rdataset); result == ISC_R_SUCCESS; - result = dns_rdataset_next(&rdataset)) - { + DNS_RDATASET_FOREACH (&rdataset) { dns_rdata_t rdata = DNS_RDATA_INIT; dns_rdataset_current(&rdataset, &rdata); CHECK(dns_rdata_tostruct(&rdata, &nsec3, NULL)); @@ -449,9 +440,7 @@ delnsec3(dns_db_t *db, dns_dbversion_t *version, const dns_name_t *name, goto failure; } } - if (result != ISC_R_NOMORE) { - goto failure; - } + result = ISC_R_SUCCESS; failure: @@ -464,18 +453,14 @@ cleanup_node: static bool better_param(dns_rdataset_t *nsec3paramset, dns_rdata_t *param) { - dns_rdataset_t rdataset; - isc_result_t result; + dns_rdataset_t rdataset = DNS_RDATASET_INIT; if (REMOVE(param->data[1])) { return true; } - dns_rdataset_init(&rdataset); dns_rdataset_clone(nsec3paramset, &rdataset); - for (result = dns_rdataset_first(&rdataset); result == ISC_R_SUCCESS; - result = dns_rdataset_next(&rdataset)) - { + DNS_RDATASET_FOREACH (&rdataset) { dns_rdata_t rdata = DNS_RDATA_INIT; unsigned char buf[DNS_NSEC3PARAM_BUFFERSIZE]; @@ -514,21 +499,17 @@ better_param(dns_rdataset_t *nsec3paramset, dns_rdata_t *param) { static isc_result_t find_nsec3(dns_rdata_nsec3_t *nsec3, dns_rdataset_t *rdataset, const dns_rdata_nsec3param_t *nsec3param) { - isc_result_t result; - for (result = dns_rdataset_first(rdataset); result == ISC_R_SUCCESS; - result = dns_rdataset_next(rdataset)) - { + DNS_RDATASET_FOREACH (rdataset) { dns_rdata_t rdata = DNS_RDATA_INIT; - dns_rdataset_current(rdataset, &rdata); - CHECK(dns_rdata_tostruct(&rdata, nsec3, NULL)); - dns_rdata_reset(&rdata); + dns_rdata_tostruct(&rdata, nsec3, NULL); + if (match_nsec3param(nsec3, nsec3param)) { - break; + return ISC_R_SUCCESS; } } -failure: - return result; + + return ISC_R_NOTFOUND; } isc_result_t @@ -641,9 +622,6 @@ dns_nsec3_addnsec3(dns_db_t *db, dns_dbversion_t *version, } } else { dns_rdataset_disassociate(&rdataset); - if (result != ISC_R_NOMORE) { - goto failure; - } } } @@ -668,13 +646,10 @@ dns_nsec3_addnsec3(dns_db_t *db, dns_dbversion_t *version, } result = find_nsec3(&nsec3, &rdataset, nsec3param); - if (result == ISC_R_NOMORE) { + if (result == ISC_R_NOTFOUND) { dns_rdataset_disassociate(&rdataset); continue; } - if (result != ISC_R_SUCCESS) { - goto failure; - } if (maybe_remove_unsecure) { dns_rdataset_disassociate(&rdataset); @@ -789,9 +764,6 @@ addnsec3: dns_db_detachnode(db, &newnode); break; } - if (result != ISC_R_NOMORE) { - goto failure; - } } else if (result == ISC_R_NOTFOUND) { /* * If we didn't find an NSEC3 in the node, @@ -826,13 +798,10 @@ addnsec3: continue; } result = find_nsec3(&nsec3, &rdataset, nsec3param); - if (result == ISC_R_NOMORE) { + if (result == ISC_R_NOTFOUND) { dns_rdataset_disassociate(&rdataset); continue; } - if (result != ISC_R_SUCCESS) { - goto failure; - } old_next = nsec3.next; old_length = nsec3.next_length; @@ -944,9 +913,7 @@ dns_nsec3_addnsec3s(dns_db_t *db, dns_dbversion_t *version, /* * Update each active NSEC3 chain. */ - for (result = dns_rdataset_first(&rdataset); result == ISC_R_SUCCESS; - result = dns_rdataset_next(&rdataset)) - { + DNS_RDATASET_FOREACH (&rdataset) { dns_rdata_t rdata = DNS_RDATA_INIT; dns_rdataset_current(&rdataset, &rdata); @@ -961,9 +928,6 @@ dns_nsec3_addnsec3s(dns_db_t *db, dns_dbversion_t *version, CHECK(dns_nsec3_addnsec3(db, version, name, &nsec3param, nsecttl, unsecure, diff)); } - if (result == ISC_R_NOMORE) { - result = ISC_R_SUCCESS; - } failure: if (dns_rdataset_isassociated(&rdataset)) { @@ -1041,22 +1005,17 @@ rr_exists(dns_db_t *db, dns_dbversion_t *ver, const dns_name_t *name, goto failure; } - for (result = dns_rdataset_first(&rdataset); result == ISC_R_SUCCESS; - result = dns_rdataset_next(&rdataset)) - { + bool matched = false; + DNS_RDATASET_FOREACH (&rdataset) { dns_rdata_t myrdata = DNS_RDATA_INIT; dns_rdataset_current(&rdataset, &myrdata); - if (!dns_rdata_casecompare(&myrdata, rdata)) { + if (dns_rdata_casecompare(&myrdata, rdata) == 0) { + matched = true; break; } } dns_rdataset_disassociate(&rdataset); - if (result == ISC_R_SUCCESS) { - *flag = true; - } else if (result == ISC_R_NOMORE) { - *flag = false; - result = ISC_R_SUCCESS; - } + *flag = matched; failure: if (node != NULL) { @@ -1106,7 +1065,6 @@ dns_nsec3param_deletechains(dns_db_t *db, dns_dbversion_t *ver, dns_dbnode_t *node = NULL; dns_difftuple_t *tuple = NULL; dns_name_t next; - dns_rdata_t rdata = DNS_RDATA_INIT; dns_rdataset_t rdataset; bool flag; isc_result_t result = ISC_R_SUCCESS; @@ -1134,9 +1092,8 @@ dns_nsec3param_deletechains(dns_db_t *db, dns_dbversion_t *ver, goto failure; } - for (result = dns_rdataset_first(&rdataset); result == ISC_R_SUCCESS; - result = dns_rdataset_next(&rdataset)) - { + DNS_RDATASET_FOREACH (&rdataset) { + dns_rdata_t rdata = DNS_RDATA_INIT; dns_rdata_t private = DNS_RDATA_INIT; dns_rdataset_current(&rdataset, &rdata); @@ -1155,10 +1112,6 @@ dns_nsec3param_deletechains(dns_db_t *db, dns_dbversion_t *ver, CHECK(do_one_tuple(&tuple, db, ver, diff)); INSIST(tuple == NULL); } - dns_rdata_reset(&rdata); - } - if (result != ISC_R_NOMORE) { - goto failure; } dns_rdataset_disassociate(&rdataset); @@ -1176,10 +1129,8 @@ try_private: goto failure; } - for (result = dns_rdataset_first(&rdataset); result == ISC_R_SUCCESS; - result = dns_rdataset_next(&rdataset)) - { - dns_rdata_reset(&rdata); + DNS_RDATASET_FOREACH (&rdataset) { + dns_rdata_t rdata = DNS_RDATA_INIT; dns_rdataset_current(&rdataset, &rdata); INSIST(rdata.length <= sizeof(buf)); memmove(buf, rdata.data, rdata.length); @@ -1215,9 +1166,7 @@ try_private: INSIST(tuple == NULL); } } - if (result != ISC_R_NOMORE) { - goto failure; - } + success: result = ISC_R_SUCCESS; @@ -1269,9 +1218,7 @@ dns_nsec3_addnsec3sx(dns_db_t *db, dns_dbversion_t *version, /* * Update each active NSEC3 chain. */ - for (result = dns_rdataset_first(&rdataset); result == ISC_R_SUCCESS; - result = dns_rdataset_next(&rdataset)) - { + DNS_RDATASET_FOREACH (&rdataset) { dns_rdata_t rdata = DNS_RDATA_INIT; dns_rdataset_current(&rdataset, &rdata); @@ -1287,9 +1234,6 @@ dns_nsec3_addnsec3sx(dns_db_t *db, dns_dbversion_t *version, CHECK(dns_nsec3_addnsec3(db, version, name, &nsec3param, nsecttl, unsecure, diff)); } - if (result != ISC_R_NOMORE) { - goto failure; - } dns_rdataset_disassociate(&rdataset); @@ -1300,9 +1244,7 @@ try_private: /* * Update each active NSEC3 chain. */ - for (result = dns_rdataset_first(&prdataset); result == ISC_R_SUCCESS; - result = dns_rdataset_next(&prdataset)) - { + DNS_RDATASET_FOREACH (&prdataset) { dns_rdata_t rdata1 = DNS_RDATA_INIT; dns_rdata_t rdata2 = DNS_RDATA_INIT; unsigned char buf[DNS_NSEC3PARAM_BUFFERSIZE]; @@ -1328,10 +1270,9 @@ try_private: CHECK(dns_nsec3_addnsec3(db, version, name, &nsec3param, nsecttl, unsecure, diff)); } - if (result == ISC_R_NOMORE) { - success: - result = ISC_R_SUCCESS; - } + +success: + result = ISC_R_SUCCESS; failure: if (dns_rdataset_isassociated(&rdataset)) { dns_rdataset_disassociate(&rdataset); @@ -1467,12 +1408,9 @@ dns_nsec3_delnsec3(dns_db_t *db, dns_dbversion_t *version, memmove(nexthash, nsec3.next, next_length); } dns_rdataset_disassociate(&rdataset); - if (result == ISC_R_NOMORE) { + if (result == ISC_R_NOTFOUND) { goto success; } - if (result != ISC_R_SUCCESS) { - goto failure; - } /* * Find the previous NSEC3 and update it. @@ -1494,13 +1432,10 @@ dns_nsec3_delnsec3(dns_db_t *db, dns_dbversion_t *version, continue; } result = find_nsec3(&nsec3, &rdataset, nsec3param); - if (result == ISC_R_NOMORE) { + if (result == ISC_R_NOTFOUND) { dns_rdataset_disassociate(&rdataset); continue; } - if (result != ISC_R_SUCCESS) { - goto failure; - } /* * Delete the old previous NSEC3. @@ -1580,12 +1515,9 @@ cleanup_orphaned_ents: memmove(nexthash, nsec3.next, next_length); } dns_rdataset_disassociate(&rdataset); - if (result == ISC_R_NOMORE) { + if (result == ISC_R_NOTFOUND) { goto success; } - if (result != ISC_R_SUCCESS) { - goto failure; - } pass = 0; do { @@ -1604,13 +1536,10 @@ cleanup_orphaned_ents: continue; } result = find_nsec3(&nsec3, &rdataset, nsec3param); - if (result == ISC_R_NOMORE) { + if (result == ISC_R_NOTFOUND) { dns_rdataset_disassociate(&rdataset); continue; } - if (result != ISC_R_SUCCESS) { - goto failure; - } /* * Delete the old previous NSEC3. @@ -1696,9 +1625,7 @@ dns_nsec3_delnsec3sx(dns_db_t *db, dns_dbversion_t *version, /* * Update each active NSEC3 chain. */ - for (result = dns_rdataset_first(&rdataset); result == ISC_R_SUCCESS; - result = dns_rdataset_next(&rdataset)) - { + DNS_RDATASET_FOREACH (&rdataset) { dns_rdata_t rdata = DNS_RDATA_INIT; dns_rdataset_current(&rdataset, &rdata); @@ -1730,9 +1657,7 @@ try_private: /* * Update each NSEC3 chain being built. */ - for (result = dns_rdataset_first(&rdataset); result == ISC_R_SUCCESS; - result = dns_rdataset_next(&rdataset)) - { + DNS_RDATASET_FOREACH (&rdataset) { dns_rdata_t rdata1 = DNS_RDATA_INIT; dns_rdata_t rdata2 = DNS_RDATA_INIT; unsigned char buf[DNS_NSEC3PARAM_BUFFERSIZE]; @@ -1757,11 +1682,9 @@ try_private: */ CHECK(dns_nsec3_delnsec3(db, version, name, &nsec3param, diff)); } - if (result == ISC_R_NOMORE) { - success: - result = ISC_R_SUCCESS; - } +success: + result = ISC_R_SUCCESS; failure: if (dns_rdataset_isassociated(&rdataset)) { dns_rdataset_disassociate(&rdataset); @@ -1808,28 +1731,20 @@ dns_nsec3_activex(dns_db_t *db, dns_dbversion_t *version, bool complete, dns_db_detachnode(db, &node); return result; } - for (result = dns_rdataset_first(&rdataset); result == ISC_R_SUCCESS; - result = dns_rdataset_next(&rdataset)) - { - dns_rdata_t rdata = DNS_RDATA_INIT; + bool found = false; + DNS_RDATASET_FOREACH (&rdataset) { + dns_rdata_t rdata = DNS_RDATA_INIT; dns_rdataset_current(&rdataset, &rdata); - result = dns_rdata_tostruct(&rdata, &nsec3param, NULL); - RUNTIME_CHECK(result == ISC_R_SUCCESS); + dns_rdata_tostruct(&rdata, &nsec3param, NULL); if (nsec3param.flags == 0) { + found = true; break; } } dns_rdataset_disassociate(&rdataset); - if (result == ISC_R_SUCCESS) { - dns_db_detachnode(db, &node); - *answer = true; - return ISC_R_SUCCESS; - } - if (result == ISC_R_NOMORE) { - *answer = false; - } + *answer = found; try_private: if (privatetype == 0 || complete) { @@ -1849,9 +1764,8 @@ try_private: return result; } - for (result = dns_rdataset_first(&rdataset); result == ISC_R_SUCCESS; - result = dns_rdataset_next(&rdataset)) - { + found = false; + DNS_RDATASET_FOREACH (&rdataset) { dns_rdata_t rdata1 = DNS_RDATA_INIT; dns_rdata_t rdata2 = DNS_RDATA_INIT; unsigned char buf[DNS_NSEC3PARAM_BUFFERSIZE]; @@ -1862,22 +1776,15 @@ try_private: { continue; } - result = dns_rdata_tostruct(&rdata2, &nsec3param, NULL); - RUNTIME_CHECK(result == ISC_R_SUCCESS); + dns_rdata_tostruct(&rdata2, &nsec3param, NULL); if (!complete && CREATE(nsec3param.flags)) { + found = true; break; } } dns_rdataset_disassociate(&rdataset); - if (result == ISC_R_SUCCESS) { - *answer = true; - result = ISC_R_SUCCESS; - } - if (result == ISC_R_NOMORE) { - *answer = false; - result = ISC_R_SUCCESS; - } + *answer = found; return result; } diff --git a/lib/dns/private.c b/lib/dns/private.c index b5606f6b85..57f724c82e 100644 --- a/lib/dns/private.c +++ b/lib/dns/private.c @@ -60,11 +60,7 @@ static bool ignore(dns_rdata_t *param, dns_rdataset_t *privateset) { - isc_result_t result; - - for (result = dns_rdataset_first(privateset); result == ISC_R_SUCCESS; - result = dns_rdataset_next(privateset)) - { + DNS_RDATASET_FOREACH (privateset) { unsigned char buf[DNS_NSEC3PARAM_BUFFERSIZE]; dns_rdata_t private = DNS_RDATA_INIT; dns_rdata_t rdata = DNS_RDATA_INIT; @@ -161,10 +157,7 @@ dns_private_chains(dns_db_t *db, dns_dbversion_t *ver, if (!dns_rdataset_isassociated(&privateset)) { goto success; } - for (result = dns_rdataset_first(&privateset); - result == ISC_R_SUCCESS; - result = dns_rdataset_next(&privateset)) - { + DNS_RDATASET_FOREACH (&privateset) { dns_rdata_t private = DNS_RDATA_INIT; dns_rdata_t rdata = DNS_RDATA_INIT; @@ -195,10 +188,7 @@ dns_private_chains(dns_db_t *db, dns_dbversion_t *ver, * If we are in the process of building a new NSEC3 chain * then we don't need to build a NSEC chain. */ - for (result = dns_rdataset_first(&privateset); - result == ISC_R_SUCCESS; - result = dns_rdataset_next(&privateset)) - { + DNS_RDATASET_FOREACH (&privateset) { dns_rdata_t private = DNS_RDATA_INIT; dns_rdata_t rdata = DNS_RDATA_INIT; @@ -218,10 +208,7 @@ dns_private_chains(dns_db_t *db, dns_dbversion_t *ver, * the changes queued complete. */ count = 0; - for (result = dns_rdataset_first(&nsec3paramset); - result == ISC_R_SUCCESS; - result = dns_rdataset_next(&nsec3paramset)) - { + DNS_RDATASET_FOREACH (&nsec3paramset) { dns_rdata_t rdata = DNS_RDATA_INIT; /* @@ -261,9 +248,7 @@ dns_private_chains(dns_db_t *db, dns_dbversion_t *ver, signing = false; nsec3chain = false; - for (result = dns_rdataset_first(&privateset); result == ISC_R_SUCCESS; - result = dns_rdataset_next(&privateset)) - { + DNS_RDATASET_FOREACH (&privateset) { dns_rdata_t rdata = DNS_RDATA_INIT; dns_rdata_t private = DNS_RDATA_INIT; diff --git a/lib/dns/rdataset.c b/lib/dns/rdataset.c index c87acf280e..4eed85c4af 100644 --- a/lib/dns/rdataset.c +++ b/lib/dns/rdataset.c @@ -174,28 +174,24 @@ dns__rdataset_clone(dns_rdataset_t *source, isc_result_t dns_rdataset_first(dns_rdataset_t *rdataset) { - /* - * Move the rdata cursor to the first rdata in the rdataset (if any). - */ - REQUIRE(DNS_RDATASET_VALID(rdataset)); REQUIRE(rdataset->methods != NULL); REQUIRE(rdataset->methods->first != NULL); - return (rdataset->methods->first)(rdataset); + isc_result_t result = rdataset->methods->first(rdataset); + ENSURE(result == ISC_R_SUCCESS || result == ISC_R_NOMORE); + return result; } isc_result_t dns_rdataset_next(dns_rdataset_t *rdataset) { - /* - * Move the rdata cursor to the next rdata in the rdataset (if any). - */ - REQUIRE(DNS_RDATASET_VALID(rdataset)); REQUIRE(rdataset->methods != NULL); REQUIRE(rdataset->methods->next != NULL); - return (rdataset->methods->next)(rdataset); + isc_result_t result = rdataset->methods->next(rdataset); + ENSURE(result == ISC_R_SUCCESS || result == ISC_R_NOMORE); + return result; } void @@ -479,9 +475,6 @@ dns_rdataset_additionaldata(dns_rdataset_t *rdataset, const dns_name_t *owner_name, dns_additionaldatafunc_t add, void *arg, size_t limit) { - dns_rdata_t rdata = DNS_RDATA_INIT; - isc_result_t result; - /* * For each rdata in rdataset, call 'add' for each name and type in the * rdata which is subject to additional section processing. @@ -494,22 +487,14 @@ dns_rdataset_additionaldata(dns_rdataset_t *rdataset, return DNS_R_TOOMANYRECORDS; } - result = dns_rdataset_first(rdataset); - if (result != ISC_R_SUCCESS) { - return result; - } - - do { + DNS_RDATASET_FOREACH (rdataset) { + isc_result_t result; + dns_rdata_t rdata = DNS_RDATA_INIT; dns_rdataset_current(rdataset, &rdata); result = dns_rdata_additionaldata(&rdata, owner_name, add, arg); - if (result == ISC_R_SUCCESS) { - result = dns_rdataset_next(rdataset); + if (result != ISC_R_SUCCESS) { + return result; } - dns_rdata_reset(&rdata); - } while (result == ISC_R_SUCCESS); - - if (result != ISC_R_NOMORE) { - return result; } return ISC_R_SUCCESS; diff --git a/lib/dns/rdatasetiter.c b/lib/dns/rdatasetiter.c index 197de0ca26..fdf039d147 100644 --- a/lib/dns/rdatasetiter.c +++ b/lib/dns/rdatasetiter.c @@ -22,10 +22,6 @@ void dns__rdatasetiter_destroy(dns_rdatasetiter_t **iteratorp DNS__DB_FLARG) { - /* - * Destroy '*iteratorp'. - */ - REQUIRE(iteratorp != NULL); REQUIRE(DNS_RDATASETITER_VALID(*iteratorp)); @@ -36,33 +32,27 @@ dns__rdatasetiter_destroy(dns_rdatasetiter_t **iteratorp DNS__DB_FLARG) { isc_result_t dns__rdatasetiter_first(dns_rdatasetiter_t *iterator DNS__DB_FLARG) { - /* - * Move the rdataset cursor to the first rdataset at the node (if any). - */ - REQUIRE(DNS_RDATASETITER_VALID(iterator)); - return iterator->methods->first(iterator DNS__DB_FLARG_PASS); + isc_result_t result = + iterator->methods->first(iterator DNS__DB_FLARG_PASS); + ENSURE(result == ISC_R_SUCCESS || result == ISC_R_NOMORE); + return result; } isc_result_t dns__rdatasetiter_next(dns_rdatasetiter_t *iterator DNS__DB_FLARG) { - /* - * Move the rdataset cursor to the next rdataset at the node (if any). - */ - REQUIRE(DNS_RDATASETITER_VALID(iterator)); - return iterator->methods->next(iterator DNS__DB_FLARG_PASS); + isc_result_t result = + iterator->methods->next(iterator DNS__DB_FLARG_PASS); + ENSURE(result == ISC_R_SUCCESS || result == ISC_R_NOMORE); + return result; } void dns__rdatasetiter_current(dns_rdatasetiter_t *iterator, dns_rdataset_t *rdataset DNS__DB_FLARG) { - /* - * Return the current rdataset. - */ - REQUIRE(DNS_RDATASETITER_VALID(iterator)); REQUIRE(DNS_RDATASET_VALID(rdataset)); REQUIRE(!dns_rdataset_isassociated(rdataset)); diff --git a/lib/dns/resolver.c b/lib/dns/resolver.c index d580804d08..08f0533fe2 100644 --- a/lib/dns/resolver.c +++ b/lib/dns/resolver.c @@ -3342,7 +3342,6 @@ isstrictsubdomain(const dns_name_t *name1, const dns_name_t *name2) { static isc_result_t fctx_getaddresses(fetchctx_t *fctx) { - dns_rdata_t rdata = DNS_RDATA_INIT; isc_result_t result; dns_resolver_t *res; isc_stdtime_t now; @@ -3526,10 +3525,8 @@ normal_nses: INSIST(ISC_LIST_EMPTY(fctx->finds)); INSIST(ISC_LIST_EMPTY(fctx->altfinds)); - for (result = dns_rdataset_first(&fctx->nameservers); - result == ISC_R_SUCCESS; - result = dns_rdataset_next(&fctx->nameservers)) - { + DNS_RDATASET_FOREACH (&fctx->nameservers) { + dns_rdata_t rdata = DNS_RDATA_INIT; bool overquota = false; unsigned int static_stub = 0; @@ -3564,13 +3561,9 @@ normal_nses: dns_rdata_freestruct(&ns); if (++ns_processed >= NS_PROCESSING_LIMIT) { - result = ISC_R_NOMORE; break; } } - if (result != ISC_R_NOMORE) { - return result; - } /* * Do we need to use 6 to 4? @@ -5087,20 +5080,19 @@ static const unsigned char minimal_typemap[] = { 0, 6, 0, 0, 0, 0, 0, 0x03 }; static bool is_minimal_nsec(dns_rdataset_t *nsecset) { - dns_rdataset_t rdataset; - isc_result_t result; + dns_rdataset_t rdataset = DNS_RDATASET_INIT; - dns_rdataset_init(&rdataset); dns_rdataset_clone(nsecset, &rdataset); - for (result = dns_rdataset_first(&rdataset); result == ISC_R_SUCCESS; - result = dns_rdataset_next(&rdataset)) - { + DNS_RDATASET_FOREACH (&rdataset) { + isc_result_t result; dns_rdata_t rdata = DNS_RDATA_INIT; dns_rdata_nsec_t nsec; + dns_rdataset_current(&rdataset, &rdata); result = dns_rdata_tostruct(&rdata, &nsec, NULL); RUNTIME_CHECK(result == ISC_R_SUCCESS); + if (nsec.len == sizeof(minimal_typemap) && memcmp(nsec.typebits, minimal_typemap, nsec.len) == 0) { @@ -5117,15 +5109,11 @@ is_minimal_nsec(dns_rdataset_t *nsecset) { */ static bool check_soa_and_dnskey(dns_rdataset_t *nsecset) { - dns_rdataset_t rdataset; - isc_result_t result; + dns_rdataset_t rdataset = DNS_RDATASET_INIT; - dns_rdataset_init(&rdataset); dns_rdataset_clone(nsecset, &rdataset); - for (result = dns_rdataset_first(&rdataset); result == ISC_R_SUCCESS; - result = dns_rdataset_next(&rdataset)) - { + DNS_RDATASET_FOREACH (&rdataset) { dns_rdata_t rdata = DNS_RDATA_INIT; dns_rdataset_current(&rdataset, &rdata); if (dns_nsec_typepresent(&rdata, dns_rdatatype_soa) && @@ -5145,15 +5133,11 @@ check_soa_and_dnskey(dns_rdataset_t *nsecset) { */ static bool has_000_label(dns_rdataset_t *nsecset) { - dns_rdataset_t rdataset; - isc_result_t result; + dns_rdataset_t rdataset = DNS_RDATASET_INIT; - dns_rdataset_init(&rdataset); dns_rdataset_clone(nsecset, &rdataset); - for (result = dns_rdataset_first(&rdataset); result == ISC_R_SUCCESS; - result = dns_rdataset_next(&rdataset)) - { + DNS_RDATASET_FOREACH (&rdataset) { dns_rdata_t rdata = DNS_RDATA_INIT; dns_rdataset_current(&rdataset, &rdata); if (rdata.length > 1 && rdata.data[0] == 1 && @@ -5708,11 +5692,11 @@ findnoqname(fetchctx_t *fctx, dns_message_t *message, dns_name_t *name, dns_rdata_rrsig_t rrsig; isc_result_t result; unsigned int labels; - dns_name_t *zonename; + dns_name_t *zonename = NULL; dns_fixedname_t fzonename; - dns_name_t *closest; + dns_name_t *closest = NULL; dns_fixedname_t fclosest; - dns_name_t *nearest; + dns_name_t *nearest = NULL; dns_fixedname_t fnearest; dns_rdatatype_t found = dns_rdatatype_none; dns_name_t *noqname = NULL; @@ -5737,9 +5721,8 @@ findnoqname(fetchctx_t *fctx, dns_message_t *message, dns_name_t *name, labels = dns_name_countlabels(name); - for (result = dns_rdataset_first(sigrdataset); result == ISC_R_SUCCESS; - result = dns_rdataset_next(sigrdataset)) - { + result = ISC_R_NOTFOUND; + DNS_RDATASET_FOREACH (sigrdataset) { dns_rdata_t rdata = DNS_RDATA_INIT; dns_rdataset_current(sigrdataset, &rdata); result = dns_rdata_tostruct(&rdata, &rrsig, NULL); @@ -5748,12 +5731,10 @@ findnoqname(fetchctx_t *fctx, dns_message_t *message, dns_name_t *name, if (rrsig.labels + 1U >= labels) { continue; } + result = ISC_R_SUCCESS; break; } - if (result == ISC_R_NOMORE) { - return ISC_R_NOTFOUND; - } if (result != ISC_R_SUCCESS) { return result; } @@ -6802,9 +6783,7 @@ is_answeraddress_allowed(dns_view_t *view, dns_name_t *name, * address record. If a match is found, the address should be * filtered, so should the entire answer. */ - for (result = dns_rdataset_first(rdataset); result == ISC_R_SUCCESS; - result = dns_rdataset_next(rdataset)) - { + DNS_RDATASET_FOREACH (rdataset) { dns_rdata_reset(&rdata); dns_rdataset_current(rdataset, &rdata); if (rdataset->type == dns_rdatatype_a) { @@ -7150,10 +7129,7 @@ static void checknamessection(dns_message_t *message, dns_section_t section) { MSG_SECTION_FOREACH (message, section, name) { ISC_LIST_FOREACH (name->list, rdataset, link) { - for (isc_result_t result = dns_rdataset_first(rdataset); - result == ISC_R_SUCCESS; - result = dns_rdataset_next(rdataset)) - { + DNS_RDATASET_FOREACH (rdataset) { dns_rdata_t rdata = DNS_RDATA_INIT; dns_rdataset_current(rdataset, &rdata); if (!dns_rdata_checkowner(name, rdata.rdclass, diff --git a/lib/dns/rootns.c b/lib/dns/rootns.c index 84c47fa0fb..295f30cd80 100644 --- a/lib/dns/rootns.c +++ b/lib/dns/rootns.c @@ -102,15 +102,14 @@ static struct upcoming { static isc_result_t in_rootns(dns_rdataset_t *rootns, dns_name_t *name) { isc_result_t result; - dns_rdata_t rdata = DNS_RDATA_INIT; dns_rdata_ns_t ns; if (!dns_rdataset_isassociated(rootns)) { return ISC_R_NOTFOUND; } - result = dns_rdataset_first(rootns); - while (result == ISC_R_SUCCESS) { + DNS_RDATASET_FOREACH (rootns) { + dns_rdata_t rdata = DNS_RDATA_INIT; dns_rdataset_current(rootns, &rdata); result = dns_rdata_tostruct(&rdata, &ns, NULL); if (result != ISC_R_SUCCESS) { @@ -119,53 +118,34 @@ in_rootns(dns_rdataset_t *rootns, dns_name_t *name) { if (dns_name_compare(name, &ns.name) == 0) { return ISC_R_SUCCESS; } - result = dns_rdataset_next(rootns); - dns_rdata_reset(&rdata); } - if (result == ISC_R_NOMORE) { - result = ISC_R_NOTFOUND; - } - return result; + return ISC_R_NOTFOUND; } static isc_result_t check_node(dns_rdataset_t *rootns, dns_name_t *name, dns_rdatasetiter_t *rdsiter) { - isc_result_t result; - dns_rdataset_t rdataset; - - dns_rdataset_init(&rdataset); - result = dns_rdatasetiter_first(rdsiter); - while (result == ISC_R_SUCCESS) { + DNS_RDATASETITER_FOREACH (rdsiter) { + dns_rdataset_t rdataset = DNS_RDATASET_INIT; dns_rdatasetiter_current(rdsiter, &rdataset); - switch (rdataset.type) { + dns_rdatatype_t type = rdataset.type; + dns_rdataset_disassociate(&rdataset); + + switch (type) { case dns_rdatatype_a: case dns_rdatatype_aaaa: - result = in_rootns(rootns, name); - if (result != ISC_R_SUCCESS) { - goto cleanup; - } - break; + return in_rootns(rootns, name); case dns_rdatatype_ns: if (dns_name_compare(name, dns_rootname) == 0) { - break; + return ISC_R_SUCCESS; } FALLTHROUGH; default: - result = ISC_R_FAILURE; - goto cleanup; + return ISC_R_FAILURE; } - dns_rdataset_disassociate(&rdataset); - result = dns_rdatasetiter_next(rdsiter); } - if (result == ISC_R_NOMORE) { - result = ISC_R_SUCCESS; - } -cleanup: - if (dns_rdataset_isassociated(&rdataset)) { - dns_rdataset_disassociate(&rdataset); - } - return result; + + return ISC_R_SUCCESS; } static isc_result_t @@ -188,8 +168,7 @@ check_hints(dns_db_t *db) { if (result != ISC_R_SUCCESS) { goto cleanup; } - result = dns_dbiterator_first(dbiter); - while (result == ISC_R_SUCCESS) { + DNS_DBITERATOR_FOREACH (dbiter) { result = dns_dbiterator_current(dbiter, &node, name); if (result != ISC_R_SUCCESS) { goto cleanup; @@ -204,10 +183,6 @@ check_hints(dns_db_t *db) { } dns_rdatasetiter_destroy(&rdsiter); dns_db_detachnode(db, &node); - result = dns_dbiterator_next(dbiter); - } - if (result == ISC_R_NOMORE) { - result = ISC_R_SUCCESS; } cleanup: @@ -339,17 +314,12 @@ report(dns_view_t *view, dns_name_t *name, bool missing, dns_rdata_t *rdata) { static bool inrrset(dns_rdataset_t *rrset, dns_rdata_t *rdata) { - isc_result_t result; - dns_rdata_t current = DNS_RDATA_INIT; - - result = dns_rdataset_first(rrset); - while (result == ISC_R_SUCCESS) { + DNS_RDATASET_FOREACH (rrset) { + dns_rdata_t current = DNS_RDATA_INIT; dns_rdataset_current(rrset, ¤t); if (dns_rdata_compare(rdata, ¤t) == 0) { return true; } - dns_rdata_reset(¤t); - result = dns_rdataset_next(rrset); } return false; } @@ -375,9 +345,8 @@ changing(const dns_name_t *name, dns_rdatatype_t type, isc_stdtime_t now) { static void check_address_records(dns_view_t *view, dns_db_t *hints, dns_db_t *db, dns_name_t *name, isc_stdtime_t now) { - isc_result_t hresult, rresult, result; + isc_result_t hresult, rresult; dns_rdataset_t hintrrset, rootrrset; - dns_rdata_t rdata = DNS_RDATA_INIT; dns_name_t *foundname; dns_fixedname_t fixed; @@ -393,38 +362,32 @@ check_address_records(dns_view_t *view, dns_db_t *hints, dns_db_t *db, if (hresult == ISC_R_SUCCESS && (rresult == ISC_R_SUCCESS || rresult == DNS_R_GLUE)) { - result = dns_rdataset_first(&rootrrset); - while (result == ISC_R_SUCCESS) { - dns_rdata_reset(&rdata); + DNS_RDATASET_FOREACH (&rootrrset) { + dns_rdata_t rdata = DNS_RDATA_INIT; dns_rdataset_current(&rootrrset, &rdata); if (!inrrset(&hintrrset, &rdata) && !changing(name, dns_rdatatype_a, now)) { report(view, name, true, &rdata); } - result = dns_rdataset_next(&rootrrset); } - result = dns_rdataset_first(&hintrrset); - while (result == ISC_R_SUCCESS) { - dns_rdata_reset(&rdata); + DNS_RDATASET_FOREACH (&hintrrset) { + dns_rdata_t rdata = DNS_RDATA_INIT; dns_rdataset_current(&hintrrset, &rdata); if (!inrrset(&rootrrset, &rdata) && !changing(name, dns_rdatatype_a, now)) { report(view, name, false, &rdata); } - result = dns_rdataset_next(&hintrrset); } } if (hresult == ISC_R_NOTFOUND && (rresult == ISC_R_SUCCESS || rresult == DNS_R_GLUE)) { - result = dns_rdataset_first(&rootrrset); - while (result == ISC_R_SUCCESS) { - dns_rdata_reset(&rdata); + DNS_RDATASET_FOREACH (&rootrrset) { + dns_rdata_t rdata = DNS_RDATA_INIT; dns_rdataset_current(&rootrrset, &rdata); report(view, name, true, &rdata); - result = dns_rdataset_next(&rootrrset); } } if (dns_rdataset_isassociated(&rootrrset)) { @@ -445,41 +408,32 @@ check_address_records(dns_view_t *view, dns_db_t *hints, dns_db_t *db, if (hresult == ISC_R_SUCCESS && (rresult == ISC_R_SUCCESS || rresult == DNS_R_GLUE)) { - result = dns_rdataset_first(&rootrrset); - while (result == ISC_R_SUCCESS) { - dns_rdata_reset(&rdata); + DNS_RDATASET_FOREACH (&rootrrset) { + dns_rdata_t rdata = DNS_RDATA_INIT; dns_rdataset_current(&rootrrset, &rdata); if (!inrrset(&hintrrset, &rdata) && !changing(name, dns_rdatatype_aaaa, now)) { report(view, name, true, &rdata); } - dns_rdata_reset(&rdata); - result = dns_rdataset_next(&rootrrset); } - result = dns_rdataset_first(&hintrrset); - while (result == ISC_R_SUCCESS) { - dns_rdata_reset(&rdata); + DNS_RDATASET_FOREACH (&hintrrset) { + dns_rdata_t rdata = DNS_RDATA_INIT; dns_rdataset_current(&hintrrset, &rdata); if (!inrrset(&rootrrset, &rdata) && !changing(name, dns_rdatatype_aaaa, now)) { report(view, name, false, &rdata); } - dns_rdata_reset(&rdata); - result = dns_rdataset_next(&hintrrset); } } if (hresult == ISC_R_NOTFOUND && (rresult == ISC_R_SUCCESS || rresult == DNS_R_GLUE)) { - result = dns_rdataset_first(&rootrrset); - while (result == ISC_R_SUCCESS) { - dns_rdata_reset(&rdata); + DNS_RDATASET_FOREACH (&rootrrset) { + dns_rdata_t rdata = DNS_RDATA_INIT; dns_rdataset_current(&rootrrset, &rdata); report(view, name, true, &rdata); - dns_rdata_reset(&rdata); - result = dns_rdataset_next(&rootrrset); } } if (dns_rdataset_isassociated(&rootrrset)) { @@ -493,7 +447,6 @@ check_address_records(dns_view_t *view, dns_db_t *hints, dns_db_t *db, void dns_root_checkhints(dns_view_t *view, dns_db_t *hints, dns_db_t *db) { isc_result_t result; - dns_rdata_t rdata = DNS_RDATA_INIT; dns_rdata_ns_t ns; dns_rdataset_t hintns, rootns; const char *viewname = "", *sep = ""; @@ -541,8 +494,8 @@ dns_root_checkhints(dns_view_t *view, dns_db_t *hints, dns_db_t *db) { /* * Look for missing root NS names. */ - result = dns_rdataset_first(&rootns); - while (result == ISC_R_SUCCESS) { + DNS_RDATASET_FOREACH (&rootns) { + dns_rdata_t rdata = DNS_RDATA_INIT; dns_rdataset_current(&rootns, &rdata); result = dns_rdata_tostruct(&rdata, &ns, NULL); RUNTIME_CHECK(result == ISC_R_SUCCESS); @@ -559,18 +512,13 @@ dns_root_checkhints(dns_view_t *view, dns_db_t *hints, dns_db_t *db) { } else { check_address_records(view, hints, db, &ns.name, now); } - dns_rdata_reset(&rdata); - result = dns_rdataset_next(&rootns); - } - if (result != ISC_R_NOMORE) { - goto cleanup; } /* * Look for extra root NS names. */ - result = dns_rdataset_first(&hintns); - while (result == ISC_R_SUCCESS) { + DNS_RDATASET_FOREACH (&hintns) { + dns_rdata_t rdata = DNS_RDATA_INIT; dns_rdataset_current(&hintns, &rdata); result = dns_rdata_tostruct(&rdata, &ns, NULL); RUNTIME_CHECK(result == ISC_R_SUCCESS); @@ -584,11 +532,6 @@ dns_root_checkhints(dns_view_t *view, dns_db_t *hints, dns_db_t *db) { "checkhints%s%s: extra NS '%s' in hints", sep, viewname, namebuf); } - dns_rdata_reset(&rdata); - result = dns_rdataset_next(&hintns); - } - if (result != ISC_R_NOMORE) { - goto cleanup; } cleanup: diff --git a/lib/dns/update.c b/lib/dns/update.c index f538c4ed13..0cd35bd6dd 100644 --- a/lib/dns/update.c +++ b/lib/dns/update.c @@ -316,9 +316,7 @@ static isc_result_t foreach_node_rr_action(void *data, dns_rdataset_t *rdataset) { isc_result_t result; foreach_node_rr_ctx_t *ctx = data; - for (result = dns_rdataset_first(rdataset); result == ISC_R_SUCCESS; - result = dns_rdataset_next(rdataset)) - { + DNS_RDATASET_FOREACH (rdataset) { rr_t rr = { 0, DNS_RDATA_INIT }; dns_rdataset_current(rdataset, &rr.rdata); @@ -328,9 +326,7 @@ foreach_node_rr_action(void *data, dns_rdataset_t *rdataset) { return result; } } - if (result != ISC_R_NOMORE) { - return result; - } + return ISC_R_SUCCESS; } @@ -345,10 +341,9 @@ static isc_result_t foreach_rrset(dns_db_t *db, dns_dbversion_t *ver, dns_name_t *name, rrset_func *action, void *action_data) { isc_result_t result; - dns_dbnode_t *node; - dns_rdatasetiter_t *iter; + dns_dbnode_t *node = NULL; + dns_rdatasetiter_t *iter = NULL; - node = NULL; result = dns_db_findnode(db, name, false, &node); if (result == ISC_R_NOTFOUND) { return ISC_R_SUCCESS; @@ -357,32 +352,23 @@ foreach_rrset(dns_db_t *db, dns_dbversion_t *ver, dns_name_t *name, return result; } - iter = NULL; result = dns_db_allrdatasets(db, node, ver, 0, (isc_stdtime_t)0, &iter); if (result != ISC_R_SUCCESS) { goto cleanup_node; } - for (result = dns_rdatasetiter_first(iter); result == ISC_R_SUCCESS; - result = dns_rdatasetiter_next(iter)) - { - dns_rdataset_t rdataset; + DNS_RDATASETITER_FOREACH (iter) { + dns_rdataset_t rdataset = DNS_RDATASET_INIT; - dns_rdataset_init(&rdataset); dns_rdatasetiter_current(iter, &rdataset); result = (*action)(action_data, &rdataset); dns_rdataset_disassociate(&rdataset); if (result != ISC_R_SUCCESS) { - goto cleanup_iterator; + break; } } - if (result == ISC_R_NOMORE) { - result = ISC_R_SUCCESS; - } - -cleanup_iterator: dns_rdatasetiter_destroy(&iter); cleanup_node: @@ -456,9 +442,7 @@ foreach_rr(dns_db_t *db, dns_dbversion_t *ver, dns_name_t *name, goto cleanup_node; } - for (result = dns_rdataset_first(&rdataset); result == ISC_R_SUCCESS; - result = dns_rdataset_next(&rdataset)) - { + DNS_RDATASET_FOREACH (&rdataset) { rr_t rr = { 0, DNS_RDATA_INIT }; dns_rdataset_current(&rdataset, &rr.rdata); rr.ttl = rdataset.ttl; @@ -467,9 +451,7 @@ foreach_rr(dns_db_t *db, dns_dbversion_t *ver, dns_name_t *name, goto cleanup_rdataset; } } - if (result != ISC_R_NOMORE) { - goto cleanup_rdataset; - } + result = ISC_R_SUCCESS; cleanup_rdataset: @@ -1291,7 +1273,6 @@ del_keysigs(dns_db_t *db, dns_dbversion_t *ver, dns_name_t *name, isc_result_t result; dns_dbnode_t *node = NULL; dns_rdataset_t rdataset; - dns_rdata_t rdata = DNS_RDATA_INIT; unsigned int i; dns_rdata_rrsig_t rrsig; bool found; @@ -1317,9 +1298,8 @@ del_keysigs(dns_db_t *db, dns_dbversion_t *ver, dns_name_t *name, goto failure; } - for (result = dns_rdataset_first(&rdataset); result == ISC_R_SUCCESS; - result = dns_rdataset_next(&rdataset)) - { + DNS_RDATASET_FOREACH (&rdataset) { + dns_rdata_t rdata = DNS_RDATA_INIT; dns_rdataset_current(&rdataset, &rdata); result = dns_rdata_tostruct(&rdata, &rrsig, NULL); RUNTIME_CHECK(result == ISC_R_SUCCESS); @@ -1356,9 +1336,7 @@ del_keysigs(dns_db_t *db, dns_dbversion_t *ver, dns_name_t *name, } } dns_rdataset_disassociate(&rdataset); - if (result == ISC_R_NOMORE) { - result = ISC_R_SUCCESS; - } + failure: if (node != NULL) { dns_db_detachnode(db, &node); @@ -1391,14 +1369,11 @@ add_exposed_sigs(dns_update_log_t *log, dns_zone_t *zone, dns_db_t *db, goto cleanup_node; } - for (result = dns_rdatasetiter_first(iter); result == ISC_R_SUCCESS; - result = dns_rdatasetiter_next(iter)) - { - dns_rdataset_t rdataset; + DNS_RDATASETITER_FOREACH (iter) { + dns_rdataset_t rdataset = DNS_RDATASET_INIT; dns_rdatatype_t type; bool flag; - dns_rdataset_init(&rdataset); dns_rdatasetiter_current(iter, &rdataset); type = rdataset.type; dns_rdataset_disassociate(&rdataset); @@ -1415,7 +1390,7 @@ add_exposed_sigs(dns_update_log_t *log, dns_zone_t *zone, dns_db_t *db, result = rrset_exists(db, ver, name, dns_rdatatype_rrsig, type, &flag); if (result != ISC_R_SUCCESS) { - goto cleanup_iterator; + break; } if (flag) { continue; @@ -1423,15 +1398,10 @@ add_exposed_sigs(dns_update_log_t *log, dns_zone_t *zone, dns_db_t *db, result = add_sigs(log, zone, db, ver, name, type, diff, keys, nkeys, now, inception, expire); if (result != ISC_R_SUCCESS) { - goto cleanup_iterator; + break; } (*sigs)++; } - if (result == ISC_R_NOMORE) { - result = ISC_R_SUCCESS; - } - -cleanup_iterator: dns_rdatasetiter_destroy(&iter); cleanup_node: diff --git a/lib/dns/validator.c b/lib/dns/validator.c index db29f30b76..f2c8fb11be 100644 --- a/lib/dns/validator.c +++ b/lib/dns/validator.c @@ -259,7 +259,6 @@ isdelegation(dns_name_t *name, dns_rdataset_t *rdataset, dns_label_t hashlabel; dns_name_t nsec3name; dns_rdata_nsec3_t nsec3; - dns_rdata_t rdata = DNS_RDATA_INIT; dns_rdataset_t set; int order; int scope; @@ -291,9 +290,9 @@ isdelegation(dns_name_t *name, dns_rdataset_t *rdataset, found = false; result = dns_rdataset_first(&set); if (result == ISC_R_SUCCESS) { + dns_rdata_t rdata = DNS_RDATA_INIT; dns_rdataset_current(&set, &rdata); found = dns_nsec_typepresent(&rdata, dns_rdatatype_ns); - dns_rdata_reset(&rdata); } dns_rdataset_disassociate(&set); return found; @@ -307,9 +306,7 @@ trynsec3: dns_fixedname_init(&fixed); dns_name_downcase(name, dns_fixedname_name(&fixed)); name = dns_fixedname_name(&fixed); - for (result = dns_rdataset_first(rdataset); result == ISC_R_SUCCESS; - result = dns_rdataset_next(rdataset)) - { + DNS_RDATASET_FOREACH (rdataset) { dns_ncache_current(rdataset, &nsec3name, &set); if (set.type != dns_rdatatype_nsec3) { dns_rdataset_disassociate(&set); @@ -323,10 +320,8 @@ trynsec3: dns_rdataset_disassociate(&set); continue; } - for (result = dns_rdataset_first(&set); result == ISC_R_SUCCESS; - result = dns_rdataset_next(&set)) - { - dns_rdata_reset(&rdata); + DNS_RDATASET_FOREACH (&set) { + dns_rdata_t rdata = DNS_RDATA_INIT; dns_rdataset_current(&set, &rdata); (void)dns_rdata_tostruct(&rdata, &nsec3, NULL); if (nsec3.hash != 1) { @@ -1290,28 +1285,21 @@ selfsigned_dnskey(dns_validator_t *val) { return DNS_R_NOKEYMATCH; } - for (result = dns_rdataset_first(rdataset); result == ISC_R_SUCCESS; - result = dns_rdataset_next(rdataset)) - { + DNS_RDATASET_FOREACH (rdataset) { dns_rdata_t keyrdata = DNS_RDATA_INIT; - dns_rdata_t sigrdata = DNS_RDATA_INIT; dns_rdata_dnskey_t key; dns_rdata_rrsig_t sig; dns_keytag_t keytag; - dns_rdata_reset(&keyrdata); dns_rdataset_current(rdataset, &keyrdata); result = dns_rdata_tostruct(&keyrdata, &key, NULL); RUNTIME_CHECK(result == ISC_R_SUCCESS); keytag = compute_keytag(&keyrdata); - for (result = dns_rdataset_first(sigrdataset); - result == ISC_R_SUCCESS; - result = dns_rdataset_next(sigrdataset)) - { + DNS_RDATASET_FOREACH (sigrdataset) { + dns_rdata_t sigrdata = DNS_RDATA_INIT; dst_key_t *dstkey = NULL; - dns_rdata_reset(&sigrdata); dns_rdataset_current(sigrdataset, &sigrdata); result = dns_rdata_tostruct(&sigrdata, &sig, NULL); RUNTIME_CHECK(result == ISC_R_SUCCESS); @@ -1848,12 +1836,9 @@ check_signer(dns_validator_t *val, dns_rdata_t *keyrdata, uint16_t keyid, dns_secalg_t algorithm) { dns_rdata_rrsig_t sig; dst_key_t *dstkey = NULL; - isc_result_t result; + isc_result_t result = ISC_R_NOMORE; - for (result = dns_rdataset_first(val->sigrdataset); - result == ISC_R_SUCCESS; - result = dns_rdataset_next(val->sigrdataset)) - { + DNS_RDATASET_FOREACH (val->sigrdataset) { dns_rdata_t rdata = DNS_RDATA_INIT; dns_rdataset_current(val->sigrdataset, &rdata); @@ -2215,11 +2200,8 @@ validate_dnskey(void *arg) { * DNS_DSDIGEST_SHA256 or DNS_DSDIGEST_SHA384 is present. */ val->digest_sha1 = true; - dns_rdata_t dsrdata = DNS_RDATA_INIT; - for (result = dns_rdataset_first(val->dsset); result == ISC_R_SUCCESS; - result = dns_rdataset_next(val->dsset)) - { - dns_rdata_reset(&dsrdata); + DNS_RDATASET_FOREACH (val->dsset) { + dns_rdata_t dsrdata = DNS_RDATA_INIT; dns_rdataset_current(val->dsset, &dsrdata); result = dns_rdata_tostruct(&dsrdata, &ds, NULL); RUNTIME_CHECK(result == ISC_R_SUCCESS); @@ -2922,14 +2904,13 @@ validate_nx(dns_validator_t *val, bool resume) { static bool check_ds_algs(dns_validator_t *val, dns_name_t *name, dns_rdataset_t *rdataset) { - dns_rdata_t dsrdata = DNS_RDATA_INIT; dns_rdata_ds_t ds; - isc_result_t result; - for (result = dns_rdataset_first(rdataset); result == ISC_R_SUCCESS; - result = dns_rdataset_next(rdataset)) - { + DNS_RDATASET_FOREACH (rdataset) { + isc_result_t result; + dns_rdata_t dsrdata = DNS_RDATA_INIT; dns_rdataset_current(rdataset, &dsrdata); + result = dns_rdata_tostruct(&dsrdata, &ds, NULL); RUNTIME_CHECK(result == ISC_R_SUCCESS); @@ -2938,10 +2919,8 @@ check_ds_algs(dns_validator_t *val, dns_name_t *name, dns_resolver_algorithm_supported(val->view->resolver, name, ds.algorithm)) { - dns_rdata_reset(&dsrdata); return true; } - dns_rdata_reset(&dsrdata); } /* diff --git a/lib/dns/view.c b/lib/dns/view.c index 718edab631..80542d6c46 100644 --- a/lib/dns/view.c +++ b/lib/dns/view.c @@ -1649,15 +1649,13 @@ dns_view_istrusted(dns_view_t *view, const dns_name_t *keyname, goto finish; } - result = dns_rdataset_first(&dsset); - while (result == ISC_R_SUCCESS) { + DNS_RDATASET_FOREACH (&dsset) { dns_rdata_t this = DNS_RDATA_INIT; dns_rdataset_current(&dsset, &this); if (dns_rdata_compare(&rdata, &this) == 0) { answer = true; break; } - result = dns_rdataset_next(&dsset); } } } diff --git a/lib/dns/xfrin.c b/lib/dns/xfrin.c index ca0f3d23ce..15e4be753b 100644 --- a/lib/dns/xfrin.c +++ b/lib/dns/xfrin.c @@ -1974,10 +1974,7 @@ xfrin_recv_done(isc_result_t result, isc_region_t *region, void *arg) { LIBDNS_XFRIN_RECV_ANSWER(xfr, xfr->info, msg); ISC_LIST_FOREACH (name->list, rds, link) { - for (isc_result_t iter = dns_rdataset_first(rds); - iter == ISC_R_SUCCESS; - iter = dns_rdataset_next(rds)) - { + DNS_RDATASET_FOREACH (rds) { dns_rdata_t rdata = DNS_RDATA_INIT; dns_rdataset_current(rds, &rdata); CHECK(xfr_rr(xfr, name, rds->ttl, &rdata)); @@ -1997,7 +1994,6 @@ xfrin_recv_done(isc_result_t result, isc_region_t *region, void *arg) { } } } - CHECK(result); if (dns_message_gettsig(msg, &tsigowner) != NULL) { /* diff --git a/lib/dns/zone.c b/lib/dns/zone.c index 99d71b70a4..79738fe595 100644 --- a/lib/dns/zone.c +++ b/lib/dns/zone.c @@ -3085,7 +3085,6 @@ static bool zone_rrset_check_dup(dns_zone_t *zone, dns_name_t *owner, dns_rdataset_t *rdataset) { dns_rdataset_t tmprdataset; - isc_result_t result; bool answer = true; bool format = true; int level = ISC_LOG_WARNING; @@ -3098,19 +3097,14 @@ zone_rrset_check_dup(dns_zone_t *zone, dns_name_t *owner, } dns_rdataset_init(&tmprdataset); - for (result = dns_rdataset_first(rdataset); result == ISC_R_SUCCESS; - result = dns_rdataset_next(rdataset)) - { + DNS_RDATASET_FOREACH (rdataset) { dns_rdata_t rdata1 = DNS_RDATA_INIT; unsigned int count2 = 0; count1++; dns_rdataset_current(rdataset, &rdata1); dns_rdataset_clone(rdataset, &tmprdataset); - for (result = dns_rdataset_first(&tmprdataset); - result == ISC_R_SUCCESS; - result = dns_rdataset_next(&tmprdataset)) - { + DNS_RDATASET_FOREACH (&tmprdataset) { dns_rdata_t rdata2 = DNS_RDATA_INIT; count2++; if (count1 >= count2) { @@ -3149,23 +3143,17 @@ zone_check_dup(dns_zone_t *zone, dns_db_t *db) { dns_dbiterator_t *dbiterator = NULL; dns_dbnode_t *node = NULL; dns_fixedname_t fixed; - dns_name_t *name; - dns_rdataset_t rdataset; + dns_name_t *name = dns_fixedname_initname(&fixed); dns_rdatasetiter_t *rdsit = NULL; bool ok = true; isc_result_t result; - name = dns_fixedname_initname(&fixed); - dns_rdataset_init(&rdataset); - result = dns_db_createiterator(db, 0, &dbiterator); if (result != ISC_R_SUCCESS) { return true; } - for (result = dns_dbiterator_first(dbiterator); result == ISC_R_SUCCESS; - result = dns_dbiterator_next(dbiterator)) - { + DNS_DBITERATOR_FOREACH (dbiterator) { result = dns_dbiterator_current(dbiterator, &node, name); if (result != ISC_R_SUCCESS) { continue; @@ -3176,10 +3164,8 @@ zone_check_dup(dns_zone_t *zone, dns_db_t *db) { continue; } - for (result = dns_rdatasetiter_first(rdsit); - result == ISC_R_SUCCESS; - result = dns_rdatasetiter_next(rdsit)) - { + DNS_RDATASETITER_FOREACH (rdsit) { + dns_rdataset_t rdataset = DNS_RDATASET_INIT; dns_rdatasetiter_current(rdsit, &rdataset); if (!zone_rrset_check_dup(zone, name, &rdataset)) { ok = false; @@ -3279,7 +3265,6 @@ integrity_checks(dns_zone_t *zone, dns_db_t *db) { dns_rdata_mx_t mx; dns_rdata_ns_t ns; dns_rdata_in_srv_t srv; - dns_rdata_t rdata; dns_name_t *name; dns_name_t *bottom; isc_result_t result; @@ -3292,15 +3277,13 @@ integrity_checks(dns_zone_t *zone, dns_db_t *db) { name = dns_fixedname_initname(&fixed); bottom = dns_fixedname_initname(&fixedbottom); dns_rdataset_init(&rdataset); - dns_rdata_init(&rdata); result = dns_db_createiterator(db, 0, &dbiterator); if (result != ISC_R_SUCCESS) { return true; } - result = dns_dbiterator_first(dbiterator); - while (result == ISC_R_SUCCESS) { + DNS_DBITERATOR_FOREACH (dbiterator) { result = dns_dbiterator_current(dbiterator, &node, name); if (result != ISC_R_SUCCESS) { goto cleanup; @@ -3335,9 +3318,10 @@ integrity_checks(dns_zone_t *zone, dns_db_t *db) { */ dns_name_copy(name, bottom); - result = dns_rdataset_first(&rdataset); - while (result == ISC_R_SUCCESS) { + DNS_RDATASET_FOREACH (&rdataset) { + dns_rdata_t rdata = DNS_RDATA_INIT; dns_rdataset_current(&rdataset, &rdata); + result = dns_rdata_tostruct(&rdata, &ns, NULL); RUNTIME_CHECK(result == ISC_R_SUCCESS); if (!zone_check_glue(zone, db, &has_a, &has_aaaa, @@ -3345,8 +3329,6 @@ integrity_checks(dns_zone_t *zone, dns_db_t *db) { { ok = false; } - dns_rdata_reset(&rdata); - result = dns_rdataset_next(&rdataset); } dns_rdataset_disassociate(&rdataset); goto next; @@ -3386,16 +3368,15 @@ integrity_checks(dns_zone_t *zone, dns_db_t *db) { if (result != ISC_R_SUCCESS) { goto checksrv; } - result = dns_rdataset_first(&rdataset); - while (result == ISC_R_SUCCESS) { + DNS_RDATASET_FOREACH (&rdataset) { + dns_rdata_t rdata = DNS_RDATA_INIT; dns_rdataset_current(&rdataset, &rdata); + result = dns_rdata_tostruct(&rdata, &mx, NULL); RUNTIME_CHECK(result == ISC_R_SUCCESS); if (!zone_check_mx(zone, db, &mx.mx, name)) { ok = false; } - dns_rdata_reset(&rdata); - result = dns_rdataset_next(&rdataset); } dns_rdataset_disassociate(&rdataset); @@ -3408,16 +3389,15 @@ integrity_checks(dns_zone_t *zone, dns_db_t *db) { if (result != ISC_R_SUCCESS) { goto checkforaaaa; } - result = dns_rdataset_first(&rdataset); - while (result == ISC_R_SUCCESS) { + DNS_RDATASET_FOREACH (&rdataset) { + dns_rdata_t rdata = DNS_RDATA_INIT; dns_rdataset_current(&rdataset, &rdata); + result = dns_rdata_tostruct(&rdata, &srv, NULL); RUNTIME_CHECK(result == ISC_R_SUCCESS); if (!zone_check_srv(zone, db, &srv.target, name)) { ok = false; } - dns_rdata_reset(&rdata); - result = dns_rdataset_next(&rdataset); } dns_rdataset_disassociate(&rdataset); @@ -3466,15 +3446,14 @@ integrity_checks(dns_zone_t *zone, dns_db_t *db) { if (result != ISC_R_SUCCESS) { goto notxt; } - result = dns_rdataset_first(&rdataset); - while (result == ISC_R_SUCCESS) { + DNS_RDATASET_FOREACH (&rdataset) { + dns_rdata_t rdata = DNS_RDATA_INIT; dns_rdataset_current(&rdataset, &rdata); + have_txt = isspf(&rdata); - dns_rdata_reset(&rdata); if (have_txt) { break; } - result = dns_rdataset_next(&rdataset); } dns_rdataset_disassociate(&rdataset); @@ -3490,7 +3469,6 @@ integrity_checks(dns_zone_t *zone, dns_db_t *db) { next: dns_db_detachnode(db, &node); - result = dns_dbiterator_next(dbiterator); } if (has_a) { @@ -3503,19 +3481,19 @@ integrity_checks(dns_zone_t *zone, dns_db_t *db) { } goto cleanup; } - result = dns_rdataset_first(&rdataset); - while (result == ISC_R_SUCCESS) { + + DNS_RDATASET_FOREACH (&rdataset) { + dns_rdata_t rdata = DNS_RDATA_INIT; dns_rdataset_current(&rdataset, &rdata); + result = dns_rdata_tostruct(&rdata, &ns, NULL); RUNTIME_CHECK(result == ISC_R_SUCCESS); - dns_rdata_reset(&rdata); if (zone_is_served_by(zone, db, dns_rdatatype_a, &ns.name)) { has_a = true; break; } - result = dns_rdataset_next(&rdataset); } dns_rdataset_disassociate(&rdataset); if (!has_a) { @@ -3535,19 +3513,19 @@ integrity_checks(dns_zone_t *zone, dns_db_t *db) { } goto cleanup; } - result = dns_rdataset_first(&rdataset); - while (result == ISC_R_SUCCESS) { + + DNS_RDATASET_FOREACH (&rdataset) { + dns_rdata_t rdata = DNS_RDATA_INIT; dns_rdataset_current(&rdataset, &rdata); + result = dns_rdata_tostruct(&rdata, &ns, NULL); RUNTIME_CHECK(result == ISC_R_SUCCESS); - dns_rdata_reset(&rdata); if (zone_is_served_by(zone, db, dns_rdatatype_aaaa, &ns.name)) { has_aaaa = true; break; } - result = dns_rdataset_next(&rdataset); } dns_rdataset_disassociate(&rdataset); if (!has_aaaa) { @@ -3576,7 +3554,6 @@ zone_check_dnskeys(dns_zone_t *zone, dns_db_t *db) { dns_dbnode_t *node = NULL; dns_dbversion_t *version = NULL; dns_rdata_dnskey_t dnskey; - dns_rdata_t rdata = DNS_RDATA_INIT; dns_rdataset_t rdataset; isc_result_t result; @@ -3593,9 +3570,8 @@ zone_check_dnskeys(dns_zone_t *zone, dns_db_t *db) { goto cleanup; } - for (result = dns_rdataset_first(&rdataset); result == ISC_R_SUCCESS; - result = dns_rdataset_next(&rdataset)) - { + DNS_RDATASET_FOREACH (&rdataset) { + dns_rdata_t rdata = DNS_RDATA_INIT; dns_rdataset_current(&rdataset, &rdata); result = dns_rdata_tostruct(&rdata, &dnskey, NULL); INSIST(result == ISC_R_SUCCESS); @@ -3637,7 +3613,6 @@ zone_check_dnskeys(dns_zone_t *zone, dns_db_t *db) { algorithm, dnskey.algorithm, dst_region_computeid(&r)); } - dns_rdata_reset(&rdata); } dns_rdataset_disassociate(&rdataset); @@ -3654,7 +3629,6 @@ static void resume_signingwithkey(dns_zone_t *zone) { dns_dbnode_t *node = NULL; dns_dbversion_t *version = NULL; - dns_rdata_t rdata = DNS_RDATA_INIT; dns_rdataset_t rdataset; isc_result_t result; dns_db_t *db = NULL; @@ -3682,14 +3656,12 @@ resume_signingwithkey(dns_zone_t *zone) { goto cleanup; } - for (result = dns_rdataset_first(&rdataset); result == ISC_R_SUCCESS; - result = dns_rdataset_next(&rdataset)) - { + DNS_RDATASET_FOREACH (&rdataset) { + dns_rdata_t rdata = DNS_RDATA_INIT; dns_rdataset_current(&rdataset, &rdata); if (rdata.length != 5 || rdata.data[0] == 0 || rdata.data[4] != 0) { - dns_rdata_reset(&rdata); continue; } @@ -3701,7 +3673,6 @@ resume_signingwithkey(dns_zone_t *zone) { "zone_signwithkey failed: %s", isc_result_totext(result)); } - dns_rdata_reset(&rdata); } dns_rdataset_disassociate(&rdataset); @@ -3956,9 +3927,7 @@ resume_addnsec3chain(dns_zone_t *zone) { goto cleanup; } - for (result = dns_rdataset_first(&rdataset); result == ISC_R_SUCCESS; - result = dns_rdataset_next(&rdataset)) - { + DNS_RDATASET_FOREACH (&rdataset) { unsigned char buf[DNS_NSEC3PARAM_BUFFERSIZE]; dns_rdata_t rdata = DNS_RDATA_INIT; dns_rdata_t private = DNS_RDATA_INIT; @@ -4092,9 +4061,7 @@ check_nsec3param(dns_zone_t *zone, dns_db_t *db) { goto cleanup; } - for (result = dns_rdataset_first(&rdataset); result == ISC_R_SUCCESS; - result = dns_rdataset_next(&rdataset)) - { + DNS_RDATASET_FOREACH (&rdataset) { dns_rdata_t rdata = DNS_RDATA_INIT; dns_rdataset_current(&rdataset, &rdata); @@ -4145,9 +4112,6 @@ check_nsec3param(dns_zone_t *zone, dns_db_t *db) { dns_nsec3_maxiterations()); } } - if (result == ISC_R_NOMORE) { - result = ISC_R_SUCCESS; - } if (!ok) { result = DNS_R_BADZONE; @@ -4263,13 +4227,10 @@ failure: static isc_result_t delete_keydata(dns_db_t *db, dns_dbversion_t *ver, dns_diff_t *diff, dns_name_t *name, dns_rdataset_t *rdataset) { - dns_rdata_t rdata = DNS_RDATA_INIT; - isc_result_t result, uresult; + isc_result_t uresult; - for (result = dns_rdataset_first(rdataset); result == ISC_R_SUCCESS; - result = dns_rdataset_next(rdataset)) - { - dns_rdata_reset(&rdata); + DNS_RDATASET_FOREACH (rdataset) { + dns_rdata_t rdata = DNS_RDATA_INIT; dns_rdataset_current(rdataset, &rdata); uresult = update_one_rr(db, ver, diff, DNS_DIFFOP_DEL, name, 0, &rdata); @@ -4277,10 +4238,8 @@ delete_keydata(dns_db_t *db, dns_dbversion_t *ver, dns_diff_t *diff, return uresult; } } - if (result == ISC_R_NOMORE) { - result = ISC_R_SUCCESS; - } - return result; + + return ISC_R_SUCCESS; } /* @@ -4384,7 +4343,6 @@ fail_secure(dns_zone_t *zone, dns_name_t *keyname) { static void load_secroots(dns_zone_t *zone, dns_name_t *name, dns_rdataset_t *rdataset) { isc_result_t result; - dns_rdata_t rdata = DNS_RDATA_INIT; dns_rdata_keydata_t keydata; dns_rdata_dnskey_t dnskey; int trusted = 0, revoked = 0, pending = 0; @@ -4398,10 +4356,8 @@ load_secroots(dns_zone_t *zone, dns_name_t *name, dns_rdataset_t *rdataset) { } /* Now insert all the accepted trust anchors from this keydata set. */ - for (result = dns_rdataset_first(rdataset); result == ISC_R_SUCCESS; - result = dns_rdataset_next(rdataset)) - { - dns_rdata_reset(&rdata); + DNS_RDATASET_FOREACH (rdataset) { + dns_rdata_t rdata = DNS_RDATA_INIT; dns_rdataset_current(rdataset, &rdata); /* Convert rdata to keydata. */ @@ -4725,7 +4681,6 @@ sync_keyzone(dns_zone_t *zone, dns_db_t *db) { result = dns_rriterator_nextrrset(&rrit)) { dns_rdataset_t *rdataset = NULL; - dns_rdata_t rdata = DNS_RDATA_INIT; dns_rdata_keydata_t keydata; isc_stdtime_t now = isc_stdtime_now(); bool load = true; @@ -4747,13 +4702,10 @@ sync_keyzone(dns_zone_t *zone, dns_db_t *db) { * legitimate data, in which case we will not use it, and we * will try to refresh it. */ - for (result = dns_rdataset_first(rdataset); - result == ISC_R_SUCCESS; - result = dns_rdataset_next(rdataset)) - { + DNS_RDATASET_FOREACH (rdataset) { isc_result_t iresult; + dns_rdata_t rdata = DNS_RDATA_INIT; - dns_rdata_reset(&rdata); dns_rdataset_current(rdataset, &rdata); iresult = dns_rdata_tostruct(&rdata, &keydata, NULL); @@ -5653,7 +5605,6 @@ zone_count_ns_rr(dns_zone_t *zone, dns_db_t *db, dns_dbnode_t *node, unsigned int count = 0; unsigned int ecount = 0; dns_rdataset_t rdataset; - dns_rdata_t rdata; dns_rdata_ns_t ns; dns_rdataset_init(&rdataset); @@ -5668,15 +5619,15 @@ zone_count_ns_rr(dns_zone_t *zone, dns_db_t *db, dns_dbnode_t *node, goto invalidate_rdataset; } - result = dns_rdataset_first(&rdataset); - while (result == ISC_R_SUCCESS) { + DNS_RDATASET_FOREACH (&rdataset) { if (errors != NULL && zone->rdclass == dns_rdataclass_in && (zone->type == dns_zone_primary || zone->type == dns_zone_secondary || zone->type == dns_zone_mirror)) { - dns_rdata_init(&rdata); + dns_rdata_t rdata = DNS_RDATA_INIT; dns_rdataset_current(&rdataset, &rdata); + result = dns_rdata_tostruct(&rdata, &ns, NULL); RUNTIME_CHECK(result == ISC_R_SUCCESS); if (dns_name_issubdomain(&ns.name, &zone->origin) && @@ -5686,7 +5637,6 @@ zone_count_ns_rr(dns_zone_t *zone, dns_db_t *db, dns_dbnode_t *node, } } count++; - result = dns_rdataset_next(&rdataset); } dns_rdataset_disassociate(&rdataset); @@ -5726,7 +5676,6 @@ zone_load_soa_rr(dns_db_t *db, dns_dbnode_t *node, dns_dbversion_t *version, isc_result_t result; unsigned int count = 0; dns_rdataset_t rdataset; - dns_rdata_t rdata = DNS_RDATA_INIT; dns_rdataset_init(&rdataset); result = dns_db_findrdataset(db, node, version, dns_rdatatype_soa, @@ -5741,10 +5690,10 @@ zone_load_soa_rr(dns_db_t *db, dns_dbnode_t *node, dns_dbversion_t *version, goto invalidate_rdataset; } - result = dns_rdataset_first(&rdataset); - while (result == ISC_R_SUCCESS) { - dns_rdata_init(&rdata); + DNS_RDATASET_FOREACH (&rdataset) { + dns_rdata_t rdata = DNS_RDATA_INIT; dns_rdataset_current(&rdataset, &rdata); + count++; if (count == 1) { dns_rdata_soa_t soa; @@ -5753,9 +5702,6 @@ zone_load_soa_rr(dns_db_t *db, dns_dbnode_t *node, dns_dbversion_t *version, soa.retry, soa.expire, soa.minimum); RUNTIME_CHECK(result == ISC_R_SUCCESS); } - - result = dns_rdataset_next(&rdataset); - dns_rdata_reset(&rdata); } dns_rdataset_disassociate(&rdataset); @@ -6869,9 +6815,7 @@ del_sigs(dns_zone_t *zone, dns_db_t *db, dns_dbversion_t *ver, dns_name_t *name, goto failure; } - for (result = dns_rdataset_first(&rdataset); result == ISC_R_SUCCESS; - result = dns_rdataset_next(&rdataset)) - { + DNS_RDATASET_FOREACH (&rdataset) { dns_rdata_t rdata = DNS_RDATA_INIT; dns_rdataset_current(&rdataset, &rdata); @@ -7005,9 +6949,6 @@ del_sigs(dns_zone_t *zone, dns_db_t *db, dns_dbversion_t *ver, dns_name_t *name, } dns_rdataset_disassociate(&rdataset); - if (result == ISC_R_NOMORE) { - result = ISC_R_SUCCESS; - } if (timewarn > 0) { isc_stdtime_t stdwarn = (isc_stdtime_t)timewarn; if (timewarn == stdwarn) { @@ -7542,7 +7483,6 @@ signed_with_good_key(dns_zone_t *zone, dns_db_t *db, dns_dbnode_t *node, dst_key_t *key) { isc_result_t result; dns_rdataset_t rdataset; - dns_rdata_t rdata = DNS_RDATA_INIT; dns_rdata_rrsig_t rrsig; int count = 0; dns_kasp_t *kasp = zone->kasp; @@ -7554,9 +7494,8 @@ signed_with_good_key(dns_zone_t *zone, dns_db_t *db, dns_dbnode_t *node, INSIST(!dns_rdataset_isassociated(&rdataset)); return false; } - for (result = dns_rdataset_first(&rdataset); result == ISC_R_SUCCESS; - result = dns_rdataset_next(&rdataset)) - { + DNS_RDATASET_FOREACH (&rdataset) { + dns_rdata_t rdata = DNS_RDATA_INIT; dns_rdataset_current(&rdataset, &rdata); result = dns_rdata_tostruct(&rdata, &rrsig, NULL); INSIST(result == ISC_R_SUCCESS); @@ -7569,7 +7508,6 @@ signed_with_good_key(dns_zone_t *zone, dns_db_t *db, dns_dbnode_t *node, if (rrsig.algorithm == dst_key_alg(key)) { count++; } - dns_rdata_reset(&rdata); } if (zone->kasp != NULL) { @@ -7631,7 +7569,6 @@ check_if_bottom_of_zone(dns_db_t *db, dns_dbnode_t *node, dns_dbversion_t *version, bool *is_bottom_of_zone) { isc_result_t result; dns_rdatasetiter_t *iterator = NULL; - dns_rdataset_t rdataset; bool seen_soa = false, seen_ns = false, seen_dname = false; REQUIRE(is_bottom_of_zone != NULL); @@ -7644,10 +7581,8 @@ check_if_bottom_of_zone(dns_db_t *db, dns_dbnode_t *node, return result; } - dns_rdataset_init(&rdataset); - for (result = dns_rdatasetiter_first(iterator); result == ISC_R_SUCCESS; - result = dns_rdatasetiter_next(iterator)) - { + DNS_RDATASETITER_FOREACH (iterator) { + dns_rdataset_t rdataset = DNS_RDATASET_INIT; dns_rdatasetiter_current(iterator, &rdataset); switch (rdataset.type) { case dns_rdatatype_soa: @@ -7662,18 +7597,13 @@ check_if_bottom_of_zone(dns_db_t *db, dns_dbnode_t *node, } dns_rdataset_disassociate(&rdataset); } - if (result != ISC_R_NOMORE) { - goto failure; - } + if ((seen_ns && !seen_soa) || seen_dname) { *is_bottom_of_zone = true; } - result = ISC_R_SUCCESS; -failure: dns_rdatasetiter_destroy(&iterator); - - return result; + return ISC_R_SUCCESS; } static isc_result_t @@ -7685,7 +7615,7 @@ sign_a_node(dns_db_t *db, dns_zone_t *zone, dns_name_t *name, dns_diff_t *diff, int32_t *signatures, isc_mem_t *mctx) { isc_result_t result; dns_rdatasetiter_t *iterator = NULL; - dns_rdataset_t rdataset; + dns_rdataset_t rdataset = DNS_RDATASET_INIT; dns_rdata_t rdata = DNS_RDATA_INIT; dns_stats_t *dnssecsignstats; bool offlineksk = false; @@ -7705,12 +7635,9 @@ sign_a_node(dns_db_t *db, dns_zone_t *zone, dns_name_t *name, return result; } - dns_rdataset_init(&rdataset); isc_buffer_init(&buffer, data, sizeof(data)); seen_rr = seen_soa = seen_ns = seen_nsec = seen_nsec3 = seen_ds = false; - for (result = dns_rdatasetiter_first(iterator); result == ISC_R_SUCCESS; - result = dns_rdatasetiter_next(iterator)) - { + DNS_RDATASETITER_FOREACH (iterator) { dns_rdatasetiter_current(iterator, &rdataset); if (rdataset.type == dns_rdatatype_soa) { seen_soa = true; @@ -7728,9 +7655,7 @@ sign_a_node(dns_db_t *db, dns_zone_t *zone, dns_name_t *name, } dns_rdataset_disassociate(&rdataset); } - if (result != ISC_R_NOMORE) { - goto failure; - } + /* * Going from insecure to NSEC3. * Don't generate NSEC3 records for NSEC3 records. @@ -7756,15 +7681,19 @@ sign_a_node(dns_db_t *db, dns_zone_t *zone, dns_name_t *name, (*signatures)--; } } - result = dns_rdatasetiter_first(iterator); - while (result == ISC_R_SUCCESS) { + + DNS_RDATASETITER_FOREACH (iterator) { isc_stdtime_t when; + if (dns_rdataset_isassociated(&rdataset)) { + dns_rdataset_disassociate(&rdataset); + } + dns_rdatasetiter_current(iterator, &rdataset); if (rdataset.type == dns_rdatatype_soa || rdataset.type == dns_rdatatype_rrsig) { - goto next_rdataset; + continue; } if (dns_rdatatype_iskeymaterial(rdataset.type)) { /* @@ -7774,28 +7703,28 @@ sign_a_node(dns_db_t *db, dns_zone_t *zone, dns_name_t *name, * which would only include KSK's.) */ if (!is_ksk && both) { - goto next_rdataset; + continue; } } else if (!is_zsk && both) { - goto next_rdataset; + continue; } else if (is_zsk && !dst_key_is_signing(key, DST_BOOL_ZSK, now, &when)) { /* Only applies to dnssec-policy. */ if (zone->kasp != NULL) { - goto next_rdataset; + continue; } } if (seen_ns && !seen_soa && rdataset.type != dns_rdatatype_ds && rdataset.type != dns_rdatatype_nsec) { - goto next_rdataset; + continue; } if (signed_with_good_key(zone, db, node, version, rdataset.type, key)) { - goto next_rdataset; + continue; } /* Calculate the signature, creating a RRSIG RDATA. */ @@ -7833,13 +7762,8 @@ sign_a_node(dns_db_t *db, dns_zone_t *zone, dns_name_t *name, } (*signatures)--; - next_rdataset: - dns_rdataset_disassociate(&rdataset); - result = dns_rdatasetiter_next(iterator); - } - if (result == ISC_R_NOMORE) { - result = ISC_R_SUCCESS; } + failure: if (dns_rdataset_isassociated(&rdataset)) { dns_rdataset_disassociate(&rdataset); @@ -7894,8 +7818,6 @@ updatesignwithkey(dns_zone_t *zone, dns_signing_t *signing, isc_result_t result; dns_dbnode_t *node = NULL; dns_rdataset_t rdataset; - dns_rdata_t rdata = DNS_RDATA_INIT; - unsigned char data[5]; bool seen_done = false; bool have_rr = false; @@ -7917,9 +7839,8 @@ updatesignwithkey(dns_zone_t *zone, dns_signing_t *signing, INSIST(!dns_rdataset_isassociated(&rdataset)); goto failure; } - for (result = dns_rdataset_first(&rdataset); result == ISC_R_SUCCESS; - result = dns_rdataset_next(&rdataset)) - { + DNS_RDATASET_FOREACH (&rdataset) { + dns_rdata_t rdata = DNS_RDATA_INIT; dns_rdataset_current(&rdataset, &rdata); /* * If we don't match the algorithm or keyid skip the record. @@ -7951,26 +7872,28 @@ updatesignwithkey(dns_zone_t *zone, dns_signing_t *signing, DNS_DIFFOP_DEL, &zone->origin, rdataset.ttl, &rdata)); } - dns_rdata_reset(&rdata); - } - if (result == ISC_R_NOMORE) { - result = ISC_R_SUCCESS; } + if (!signing->deleteit && !seen_done) { /* * If we were signing then we need to indicate that we have * finished signing the zone with this key. If it is already * there we don't need to add it a second time. */ - data[0] = signing->algorithm; - data[1] = (signing->keyid >> 8) & 0xff; - data[2] = signing->keyid & 0xff; - data[3] = 0; - data[4] = 1; - rdata.length = sizeof(data); - rdata.data = data; - rdata.type = zone->privatetype; - rdata.rdclass = dns_db_class(signing->db); + unsigned char data[5] = { + signing->algorithm, + (signing->keyid >> 8) & 0xff, + signing->keyid & 0xff, + 0, + 1, + }; + dns_rdata_t rdata = (dns_rdata_t){ + .length = sizeof(data), + .data = data, + .type = zone->privatetype, + .rdclass = dns_db_class(signing->db), + .link = ISC_LINK_INITIALIZER, + }; CHECK(update_one_rr(signing->db, version, diff, DNS_DIFFOP_ADD, &zone->origin, rdataset.ttl, &rdata)); } else if (!have_rr) { @@ -8067,9 +7990,7 @@ fixup_nsec3param(dns_db_t *db, dns_dbversion_t *ver, dns_nsec3chain_t *chain, /* * Delete all NSEC3PARAM records which match that in nsec3chain. */ - for (result = dns_rdataset_first(&rdataset); result == ISC_R_SUCCESS; - result = dns_rdataset_next(&rdataset)) - { + DNS_RDATASET_FOREACH (&rdataset) { dns_rdataset_current(&rdataset, &rdata); CHECK(dns_rdata_tostruct(&rdata, &nsec3param, NULL)); @@ -8098,18 +8019,12 @@ fixup_nsec3param(dns_db_t *db, dns_dbversion_t *ver, dns_nsec3chain_t *chain, rdataset.ttl, &rdata)); dns_rdata_reset(&rdata); } - if (result != ISC_R_NOMORE) { - goto failure; - } /* * Restore any NSEC3PARAM records that we deleted to change the TTL. */ if (rdataset.ttl != ttl) { - for (result = dns_rdataset_first(&rdataset); - result == ISC_R_SUCCESS; - result = dns_rdataset_next(&rdataset)) - { + DNS_RDATASET_FOREACH (&rdataset) { dns_rdataset_current(&rdataset, &rdata); CHECK(dns_rdata_tostruct(&rdata, &nsec3param, NULL)); @@ -8153,9 +8068,7 @@ try_private: goto failure; } - for (result = dns_rdataset_first(&rdataset); result == ISC_R_SUCCESS; - result = dns_rdataset_next(&rdataset)) - { + DNS_RDATASET_FOREACH (&rdataset) { dns_rdata_t private = DNS_RDATA_INIT; unsigned char buf[DNS_NSEC3PARAM_BUFFERSIZE]; @@ -8166,6 +8079,7 @@ try_private: continue; } CHECK(dns_rdata_tostruct(&rdata, &nsec3param, NULL)); + dns_rdata_reset(&rdata); if ((!nsec3ok && (nsec3param.flags & DNS_NSEC3FLAG_INITIAL) != 0) || @@ -8175,16 +8089,11 @@ try_private: memcmp(nsec3param.salt, chain->nsec3param.salt, nsec3param.salt_length)) { - dns_rdata_reset(&rdata); continue; } CHECK(update_one_rr(db, ver, diff, DNS_DIFFOP_DEL, name, rdataset.ttl, &private)); - dns_rdata_reset(&rdata); - } - if (result != ISC_R_NOMORE) { - goto failure; } add: @@ -8231,18 +8140,15 @@ delete_nsec(dns_db_t *db, dns_dbversion_t *ver, dns_dbnode_t *node, if (result != ISC_R_SUCCESS) { return result; } - for (result = dns_rdataset_first(&rdataset); result == ISC_R_SUCCESS; - result = dns_rdataset_next(&rdataset)) - { + + DNS_RDATASET_FOREACH (&rdataset) { dns_rdata_t rdata = DNS_RDATA_INIT; dns_rdataset_current(&rdataset, &rdata); CHECK(update_one_rr(db, ver, diff, DNS_DIFFOP_DEL, name, rdataset.ttl, &rdata)); } - if (result == ISC_R_NOMORE) { - result = ISC_R_SUCCESS; - } + failure: dns_rdataset_disassociate(&rdataset); return result; @@ -8266,9 +8172,7 @@ deletematchingnsec3(dns_db_t *db, dns_dbversion_t *ver, dns_dbnode_t *node, return result; } - for (result = dns_rdataset_first(&rdataset); result == ISC_R_SUCCESS; - result = dns_rdataset_next(&rdataset)) - { + DNS_RDATASET_FOREACH (&rdataset) { dns_rdata_t rdata = DNS_RDATA_INIT; dns_rdataset_current(&rdataset, &rdata); @@ -8283,9 +8187,7 @@ deletematchingnsec3(dns_db_t *db, dns_dbversion_t *ver, dns_dbnode_t *node, CHECK(update_one_rr(db, ver, diff, DNS_DIFFOP_DEL, name, rdataset.ttl, &rdata)); } - if (result == ISC_R_NOMORE) { - result = ISC_R_SUCCESS; - } + failure: dns_rdataset_disassociate(&rdataset); return result; @@ -8295,7 +8197,6 @@ static isc_result_t need_nsec_chain(dns_db_t *db, dns_dbversion_t *ver, const dns_rdata_nsec3param_t *param, bool *answer) { dns_dbnode_t *node = NULL; - dns_rdata_t rdata = DNS_RDATA_INIT; dns_rdata_nsec3param_t myparam; dns_rdataset_t rdataset; isc_result_t result; @@ -8331,12 +8232,12 @@ need_nsec_chain(dns_db_t *db, dns_dbversion_t *ver, return result; } - for (result = dns_rdataset_first(&rdataset); result == ISC_R_SUCCESS; - result = dns_rdataset_next(&rdataset)) - { + bool active = false; + DNS_RDATASET_FOREACH (&rdataset) { + dns_rdata_t rdata = DNS_RDATA_INIT; dns_rdataset_current(&rdataset, &rdata); CHECK(dns_rdata_tostruct(&rdata, &myparam, NULL)); - dns_rdata_reset(&rdata); + /* * Ignore any NSEC3PARAM removals. */ @@ -8353,15 +8254,15 @@ need_nsec_chain(dns_db_t *db, dns_dbversion_t *ver, { continue; } + /* * Found an active NSEC3 chain. */ + active = true; break; } - if (result == ISC_R_NOMORE) { - *answer = true; - result = ISC_R_SUCCESS; - } + + *answer = !active; failure: if (dns_rdataset_isassociated(&rdataset)) { @@ -8476,7 +8377,6 @@ zone_nsec3chain(dns_zone_t *zone) { dns_fixedname_t fixed; dns_fixedname_t nextfixed; dns_name_t *name = NULL, *nextname = NULL; - dns_rdataset_t rdataset; dns_nsec3chain_t *nsec3chain = NULL; dns_nsec3chainlist_t cleanup; dst_key_t *zone_keys[DNS_MAXZONEKEYS]; @@ -8498,7 +8398,6 @@ zone_nsec3chain(dns_zone_t *zone) { ENTER; - dns_rdataset_init(&rdataset); name = dns_fixedname_initname(&fixed); nextname = dns_fixedname_initname(&nextfixed); dns_diff_init(zone->mctx, ¶m_diff); @@ -8671,10 +8570,8 @@ zone_nsec3chain(dns_zone_t *zone) { } seen_soa = seen_ns = seen_dname = seen_ds = seen_nsec = false; - for (result = dns_rdatasetiter_first(iterator); - result == ISC_R_SUCCESS; - result = dns_rdatasetiter_next(iterator)) - { + DNS_RDATASETITER_FOREACH (iterator) { + dns_rdataset_t rdataset = DNS_RDATASET_INIT; dns_rdatasetiter_current(iterator, &rdataset); INSIST(rdataset.type != dns_rdatatype_nsec3); if (rdataset.type == dns_rdatatype_soa) { @@ -8937,10 +8834,8 @@ zone_nsec3chain(dns_zone_t *zone) { seen_soa = seen_ns = seen_dname = seen_nsec3 = seen_nsec = seen_rr = false; - for (result = dns_rdatasetiter_first(iterator); - result == ISC_R_SUCCESS; - result = dns_rdatasetiter_next(iterator)) - { + DNS_RDATASETITER_FOREACH (iterator) { + dns_rdataset_t rdataset = DNS_RDATASET_INIT; dns_rdatasetiter_current(iterator, &rdataset); if (rdataset.type == dns_rdatatype_soa) { seen_soa = true; @@ -9055,10 +8950,8 @@ skip_removals: isc_result_totext(result)); goto failure; } - for (result = dns_rdatasetiter_first(iterator); - result == ISC_R_SUCCESS; - result = dns_rdatasetiter_next(iterator)) - { + DNS_RDATASETITER_FOREACH (iterator) { + dns_rdataset_t rdataset = DNS_RDATASET_INIT; dns_rdatasetiter_current(iterator, &rdataset); if (rdataset.type == dns_rdatatype_nsec) { rebuild_nsec = true; @@ -9350,25 +9243,17 @@ del_sig(dns_db_t *db, dns_dbversion_t *version, dns_name_t *name, } dns_rdataset_init(&rdataset); - for (result = dns_rdatasetiter_first(iterator); result == ISC_R_SUCCESS; - result = dns_rdatasetiter_next(iterator)) - { + DNS_RDATASETITER_FOREACH (iterator) { bool has_alg = false; dns_rdatasetiter_current(iterator, &rdataset); if (nkeys == 0 && rdataset.type == dns_rdatatype_nsec) { - for (result = dns_rdataset_first(&rdataset); - result == ISC_R_SUCCESS; - result = dns_rdataset_next(&rdataset)) - { + DNS_RDATASET_FOREACH (&rdataset) { dns_rdata_t rdata = DNS_RDATA_INIT; dns_rdataset_current(&rdataset, &rdata); CHECK(update_one_rr(db, version, diff, DNS_DIFFOP_DEL, name, rdataset.ttl, &rdata)); } - if (result != ISC_R_NOMORE) { - goto failure; - } dns_rdataset_disassociate(&rdataset); continue; } @@ -9376,10 +9261,7 @@ del_sig(dns_db_t *db, dns_dbversion_t *version, dns_name_t *name, dns_rdataset_disassociate(&rdataset); continue; } - for (result = dns_rdataset_first(&rdataset); - result == ISC_R_SUCCESS; - result = dns_rdataset_next(&rdataset)) - { + DNS_RDATASET_FOREACH (&rdataset) { dns_rdata_t rdata = DNS_RDATA_INIT; dns_rdataset_current(&rdataset, &rdata); CHECK(dns_rdata_tostruct(&rdata, &rrsig, NULL)); @@ -9396,9 +9278,6 @@ del_sig(dns_db_t *db, dns_dbversion_t *version, dns_name_t *name, rdataset.ttl, &rdata)); } dns_rdataset_disassociate(&rdataset); - if (result != ISC_R_NOMORE) { - break; - } /* * After deleting, if there's still a signature for @@ -9410,9 +9289,6 @@ del_sig(dns_db_t *db, dns_dbversion_t *version, dns_name_t *name, alg_missed = true; } } - if (result == ISC_R_NOMORE) { - result = ISC_R_SUCCESS; - } /* * Set `has_algp` if the algorithm was found in every RRset: @@ -10126,23 +10002,20 @@ normalize_key(dns_rdata_t *rr, dns_rdata_t *target, unsigned char *data, static bool matchkey(dns_rdataset_t *rdset, dns_rdata_t *rr) { - unsigned char data1[4096], data2[4096]; - dns_rdata_t rdata, rdata1, rdata2; + unsigned char data1[4096]; + dns_rdata_t rdata1 = DNS_RDATA_INIT; isc_result_t result; - dns_rdata_init(&rdata); - dns_rdata_init(&rdata1); - dns_rdata_init(&rdata2); - result = normalize_key(rr, &rdata1, data1, sizeof(data1)); if (result != ISC_R_SUCCESS) { return false; } - for (result = dns_rdataset_first(rdset); result == ISC_R_SUCCESS; - result = dns_rdataset_next(rdset)) - { - dns_rdata_reset(&rdata); + DNS_RDATASET_FOREACH (rdset) { + unsigned char data2[4096]; + dns_rdata_t rdata = DNS_RDATA_INIT; + dns_rdata_t rdata2 = DNS_RDATA_INIT; + dns_rdataset_current(rdset, &rdata); result = normalize_key(&rdata, &rdata2, data2, sizeof(data2)); if (result != ISC_R_SUCCESS) { @@ -10240,7 +10113,6 @@ minimal_update(dns_keyfetch_t *kfetch, dns_dbversion_t *ver, dns_diff_t *diff) { isc_result_t result; isc_buffer_t keyb; unsigned char key_buf[4096]; - dns_rdata_t rdata = DNS_RDATA_INIT; dns_rdata_keydata_t keydata; dns_name_t *name; dns_zone_t *zone = kfetch->zone; @@ -10248,11 +10120,8 @@ minimal_update(dns_keyfetch_t *kfetch, dns_dbversion_t *ver, dns_diff_t *diff) { name = dns_fixedname_name(&kfetch->name); - for (result = dns_rdataset_first(&kfetch->keydataset); - result == ISC_R_SUCCESS; - result = dns_rdataset_next(&kfetch->keydataset)) - { - dns_rdata_reset(&rdata); + DNS_RDATASET_FOREACH (&kfetch->keydataset) { + dns_rdata_t rdata = DNS_RDATA_INIT; dns_rdataset_current(&kfetch->keydataset, &rdata); /* Delete old version */ @@ -10293,7 +10162,6 @@ revocable(dns_keyfetch_t *kfetch, dns_rdata_keydata_t *keydata) { isc_result_t result; dns_name_t *keyname; isc_mem_t *mctx; - dns_rdata_t sigrr = DNS_RDATA_INIT; dns_rdata_t rr = DNS_RDATA_INIT; dns_rdata_rrsig_t sig; dns_rdata_dnskey_t dnskey; @@ -10319,14 +10187,11 @@ revocable(dns_keyfetch_t *kfetch, dns_rdata_keydata_t *keydata) { } /* See if that key generated any of the signatures */ - for (result = dns_rdataset_first(&kfetch->dnskeysigset); - result == ISC_R_SUCCESS; - result = dns_rdataset_next(&kfetch->dnskeysigset)) - { + DNS_RDATASET_FOREACH (&kfetch->dnskeysigset) { + dns_rdata_t sigrr = DNS_RDATA_INIT; dns_fixedname_t fixed; dns_fixedname_init(&fixed); - dns_rdata_reset(&sigrr); dns_rdataset_current(&kfetch->dnskeysigset, &sigrr); result = dns_rdata_tostruct(&sigrr, &sig, NULL); RUNTIME_CHECK(result == ISC_R_SUCCESS); @@ -10371,8 +10236,6 @@ keyfetch_done(void *arg) { bool alldone = false; bool commit = false; dns_name_t *keyname = NULL; - dns_rdata_t sigrr = DNS_RDATA_INIT; - dns_rdata_t dnskeyrr = DNS_RDATA_INIT; dns_rdata_t keydatarr = DNS_RDATA_INIT; dns_rdata_rrsig_t sig; dns_rdata_dnskey_t dnskey; @@ -10476,30 +10339,21 @@ keyfetch_done(void *arg) { */ dns_rdataset_init(&dsset); if (dns_keynode_dsset(keynode, &dsset)) { - for (result = dns_rdataset_first(dnskeysigs); - result == ISC_R_SUCCESS; - result = dns_rdataset_next(dnskeysigs)) - { - isc_result_t tresult; + DNS_RDATASET_FOREACH (dnskeysigs) { + isc_result_t tresult = ISC_R_NOTFOUND; dns_rdata_t keyrdata = DNS_RDATA_INIT; + dns_rdata_t sigrr = DNS_RDATA_INIT; - dns_rdata_reset(&sigrr); dns_rdataset_current(dnskeysigs, &sigrr); - result = dns_rdata_tostruct(&sigrr, &sig, NULL); - RUNTIME_CHECK(result == ISC_R_SUCCESS); + dns_rdata_tostruct(&sigrr, &sig, NULL); - for (tresult = dns_rdataset_first(&dsset); - tresult == ISC_R_SUCCESS; - tresult = dns_rdataset_next(&dsset)) - { + DNS_RDATASET_FOREACH (&dsset) { dns_rdata_t dsrdata = DNS_RDATA_INIT; dns_rdata_ds_t ds; dns_rdata_reset(&dsrdata); dns_rdataset_current(&dsset, &dsrdata); - tresult = dns_rdata_tostruct(&dsrdata, &ds, - NULL); - RUNTIME_CHECK(tresult == ISC_R_SUCCESS); + dns_rdata_tostruct(&dsrdata, &ds, NULL); if (ds.key_tag != sig.keyid || ds.algorithm != sig.algorithm) @@ -10507,14 +10361,14 @@ keyfetch_done(void *arg) { continue; } - result = dns_dnssec_matchdskey( + tresult = dns_dnssec_matchdskey( keyname, &dsrdata, dnskeys, &keyrdata); - if (result == ISC_R_SUCCESS) { + if (tresult == ISC_R_SUCCESS) { break; } } - if (tresult == ISC_R_NOMORE) { + if (tresult == ISC_R_NOTFOUND) { continue; } @@ -10576,9 +10430,7 @@ anchors_done: * updated */ initializing = true; - for (result = dns_rdataset_first(keydataset); result == ISC_R_SUCCESS; - result = dns_rdataset_next(keydataset)) - { + DNS_RDATASET_FOREACH (keydataset) { dns_keytag_t keytag; dns_rdata_reset(&keydatarr); @@ -10694,9 +10546,8 @@ anchors_done: * - All keys not being removed have their refresh * timers updated */ - for (result = dns_rdataset_first(dnskeys); result == ISC_R_SUCCESS; - result = dns_rdataset_next(dnskeys)) - { + DNS_RDATASET_FOREACH (dnskeys) { + dns_rdata_t dnskeyrr = DNS_RDATA_INIT; bool revoked = false; bool newkey = false; bool updatekey = false; @@ -10704,7 +10555,6 @@ anchors_done: bool trustkey = false; dns_keytag_t keytag; - dns_rdata_reset(&dnskeyrr); dns_rdataset_current(dnskeys, &dnskeyrr); result = dns_rdata_tostruct(&dnskeyrr, &dnskey, NULL); RUNTIME_CHECK(result == ISC_R_SUCCESS); @@ -11117,7 +10967,6 @@ zone_refreshkeys(dns_zone_t *zone) { dns_db_t *db = NULL; dns_dbversion_t *ver = NULL; dns_diff_t diff; - dns_rdata_t rdata = DNS_RDATA_INIT; dns_rdata_keydata_t kd; isc_stdtime_t now = isc_stdtime_now(); bool commit = false; @@ -11164,10 +11013,8 @@ zone_refreshkeys(dns_zone_t *zone) { * Scan the stored keys looking for ones that need * removal or refreshing */ - for (result = dns_rdataset_first(kdset); - result == ISC_R_SUCCESS; result = dns_rdataset_next(kdset)) - { - dns_rdata_reset(&rdata); + DNS_RDATASET_FOREACH (kdset) { + dns_rdata_t rdata = DNS_RDATA_INIT; dns_rdataset_current(kdset, &rdata); result = dns_rdata_tostruct(&rdata, &kd, NULL); RUNTIME_CHECK(result == ISC_R_SUCCESS); @@ -12906,8 +12753,8 @@ zone_notify(dns_zone_t *zone, isc_time_t *now) { dns_name_t primary; dns_rdata_ns_t ns; dns_rdata_soa_t soa; + dns_rdata_t soardata = DNS_RDATA_INIT; uint32_t serial; - dns_rdata_t rdata = DNS_RDATA_INIT; dns_rdataset_t nsrdset; dns_rdataset_t soardset; isc_result_t result; @@ -12988,10 +12835,9 @@ zone_notify(dns_zone_t *zone, isc_time_t *now) { if (result != ISC_R_SUCCESS) { goto cleanup3; } - dns_rdataset_current(&soardset, &rdata); - result = dns_rdata_tostruct(&rdata, &soa, NULL); + dns_rdataset_current(&soardset, &soardata); + result = dns_rdata_tostruct(&soardata, &soa, NULL); RUNTIME_CHECK(result == ISC_R_SUCCESS); - dns_rdata_reset(&rdata); dns_name_dup(&soa.origin, zone->mctx, &primary); serial = soa.serial; dns_rdataset_disassociate(&soardset); @@ -13113,14 +12959,15 @@ zone_notify(dns_zone_t *zone, isc_time_t *now) { goto cleanup3; } - result = dns_rdataset_first(&nsrdset); - while (result == ISC_R_SUCCESS) { + DNS_RDATASET_FOREACH (&nsrdset) { + dns_rdata_t rdata = DNS_RDATA_INIT; + dns_rdataset_current(&nsrdset, &rdata); + dns_notify_t *notify = NULL; - dns_rdataset_current(&nsrdset, &rdata); result = dns_rdata_tostruct(&rdata, &ns, NULL); RUNTIME_CHECK(result == ISC_R_SUCCESS); - dns_rdata_reset(&rdata); + /* * Don't notify the primary server unless explicitly * configured to do so. @@ -13128,7 +12975,6 @@ zone_notify(dns_zone_t *zone, isc_time_t *now) { if (!DNS_ZONE_OPTION(zone, DNS_ZONEOPT_NOTIFYTOSOA) && dns_name_compare(&primary, &ns.name) == 0) { - result = dns_rdataset_next(&nsrdset); continue; } @@ -13143,7 +12989,6 @@ zone_notify(dns_zone_t *zone, isc_time_t *now) { NULL); UNLOCK_ZONE(zone); if (isqueued) { - result = dns_rdataset_next(&nsrdset); continue; } result = notify_create(zone->mctx, flags, ¬ify); @@ -13156,7 +13001,6 @@ zone_notify(dns_zone_t *zone, isc_time_t *now) { ISC_LIST_APPEND(zone->notifies, notify, link); UNLOCK_ZONE(zone); notify_find_address(notify); - result = dns_rdataset_next(&nsrdset); } dns_rdataset_disassociate(&nsrdset); @@ -13570,7 +13414,6 @@ save_nsrrset(dns_message_t *message, dns_name_t *name, dns_dbnode_t *node = NULL; dns_rdata_ns_t ns; isc_result_t result; - dns_rdata_t rdata = DNS_RDATA_INIT; bool has_glue = false; /* @@ -13605,13 +13448,11 @@ save_nsrrset(dns_message_t *message, dns_name_t *name, /* * Add glue rdatasets. */ - for (result = dns_rdataset_first(nsrdataset); result == ISC_R_SUCCESS; - result = dns_rdataset_next(nsrdataset)) - { + DNS_RDATASET_FOREACH (nsrdataset) { + dns_rdata_t rdata = DNS_RDATA_INIT; dns_rdataset_current(nsrdataset, &rdata); result = dns_rdata_tostruct(&rdata, &ns, NULL); RUNTIME_CHECK(result == ISC_R_SUCCESS); - dns_rdata_reset(&rdata); if (!dns_name_issubdomain(&ns.name, name)) { continue; @@ -13669,10 +13510,6 @@ save_nsrrset(dns_message_t *message, dns_name_t *name, } } - if (result != ISC_R_NOMORE) { - goto done; - } - /* * If no glue records were found, we attempt to resolve A/AAAA * for each NS entry found in the answer. @@ -17293,9 +17130,7 @@ save_nsec3param(dns_zone_t *zone, nsec3paramlist_t *nsec3list) { * is why we use an nsec3list, even though we will usually only * have one). */ - for (result = dns_rdataset_first(&rdataset); result == ISC_R_SUCCESS; - result = dns_rdataset_next(&rdataset)) - { + DNS_RDATASET_FOREACH (&rdataset) { dns_rdata_t rdata = DNS_RDATA_INIT; dns_rdata_t private = DNS_RDATA_INIT; @@ -17329,9 +17164,7 @@ getprivate: * using dns_nsec3param_fromprivate(), do the right thing based on * CREATE and REMOVE flags */ - for (result = dns_rdataset_first(&prdataset); result == ISC_R_SUCCESS; - result = dns_rdataset_next(&prdataset)) - { + DNS_RDATASET_FOREACH (&prdataset) { dns_rdata_t rdata = DNS_RDATA_INIT; dns_rdata_t private = DNS_RDATA_INIT; @@ -17387,7 +17220,7 @@ getprivate: } done: - if (result == ISC_R_NOMORE || result == ISC_R_NOTFOUND) { + if (result == ISC_R_NOTFOUND) { result = ISC_R_SUCCESS; } @@ -17454,7 +17287,6 @@ copy_non_dnssec_records(dns_db_t *db, dns_dbversion_t *version, dns_db_t *rawdb, dns_dbnode_t *rawnode = NULL, *node = NULL; dns_fixedname_t fixed; dns_name_t *name = dns_fixedname_initname(&fixed); - dns_rdataset_t rdataset; dns_rdatasetiter_t *rdsit = NULL; isc_result_t result; @@ -17475,11 +17307,8 @@ copy_non_dnssec_records(dns_db_t *db, dns_dbversion_t *version, dns_db_t *rawdb, goto cleanup; } - dns_rdataset_init(&rdataset); - - for (result = dns_rdatasetiter_first(rdsit); result == ISC_R_SUCCESS; - result = dns_rdatasetiter_next(rdsit)) - { + DNS_RDATASETITER_FOREACH (rdsit) { + dns_rdataset_t rdataset = DNS_RDATASET_INIT; dns_rdatasetiter_current(rdsit, &rdataset); if (rdataset.type == dns_rdatatype_nsec || rdataset.type == dns_rdatatype_rrsig || @@ -17504,12 +17333,9 @@ copy_non_dnssec_records(dns_db_t *db, dns_dbversion_t *version, dns_db_t *rawdb, } dns_rdataset_disassociate(&rdataset); if (result != ISC_R_SUCCESS) { - goto cleanup; + break; } } - if (result == ISC_R_NOMORE) { - result = ISC_R_SUCCESS; - } cleanup: if (rdsit != NULL) { @@ -17586,9 +17412,7 @@ receive_secure_db(void *arg) { goto failure; } - for (result = dns_dbiterator_first(dbiterator); result == ISC_R_SUCCESS; - result = dns_dbiterator_next(dbiterator)) - { + DNS_DBITERATOR_FOREACH (dbiterator) { result = copy_non_dnssec_records(db, version, rawdb, dbiterator, oldserialp); if (result != ISC_R_SUCCESS) { @@ -17596,9 +17420,6 @@ receive_secure_db(void *arg) { } } dns_dbiterator_destroy(&dbiterator); - if (result != ISC_R_NOMORE) { - goto failure; - } /* * Call restore_nsec3param() to create private-type records from @@ -20459,22 +20280,17 @@ rr_exists(dns_db_t *db, dns_dbversion_t *ver, dns_name_t *name, goto failure; } - for (result = dns_rdataset_first(&rdataset); result == ISC_R_SUCCESS; - result = dns_rdataset_next(&rdataset)) - { + bool matched = false; + DNS_RDATASET_FOREACH (&rdataset) { dns_rdata_t myrdata = DNS_RDATA_INIT; dns_rdataset_current(&rdataset, &myrdata); - if (!dns_rdata_compare(&myrdata, rdata)) { + if (dns_rdata_compare(&myrdata, rdata) == 0) { + matched = true; break; } } dns_rdataset_disassociate(&rdataset); - if (result == ISC_R_SUCCESS) { - *flag = true; - } else if (result == ISC_R_NOMORE) { - *flag = false; - result = ISC_R_SUCCESS; - } + *flag = matched; failure: if (node != NULL) { @@ -20771,22 +20587,17 @@ failure: */ static bool signed_with_alg(dns_rdataset_t *rdataset, dns_secalg_t alg) { - dns_rdata_t rdata = DNS_RDATA_INIT; - dns_rdata_rrsig_t rrsig; - isc_result_t result; - REQUIRE(rdataset == NULL || rdataset->type == dns_rdatatype_rrsig); if (rdataset == NULL || !dns_rdataset_isassociated(rdataset)) { return false; } - for (result = dns_rdataset_first(rdataset); result == ISC_R_SUCCESS; - result = dns_rdataset_next(rdataset)) - { + DNS_RDATASET_FOREACH (rdataset) { + dns_rdata_t rdata = DNS_RDATA_INIT; + dns_rdata_rrsig_t rrsig; + dns_rdataset_current(rdataset, &rdata); - result = dns_rdata_tostruct(&rdata, &rrsig, NULL); - RUNTIME_CHECK(result == ISC_R_SUCCESS); - dns_rdata_reset(&rdata); + dns_rdata_tostruct(&rdata, &rrsig, NULL); if (rrsig.algorithm == alg) { return true; } @@ -21087,7 +20898,6 @@ checkds_done(void *arg) { bool checkdspub = false, checkdsdel = false, ksk = false; dst_key_state_t ds_state = DST_KEY_STATE_NA; isc_stdtime_t published = 0, withdrawn = 0; - isc_result_t ret = ISC_R_SUCCESS; /* Is this key have the KSK role? */ (void)dst_key_role(key->key, &ksk, NULL); @@ -21116,8 +20926,7 @@ checkds_done(void *arg) { } /* Find the appropriate DS record. */ - ret = dns_rdataset_first(ds_rrset); - while (ret == ISC_R_SUCCESS) { + DNS_RDATASET_FOREACH (ds_rrset) { dns_rdata_ds_t ds; dns_rdata_t dnskey = DNS_RDATA_INIT; dns_rdata_t dsrdata = DNS_RDATA_INIT; @@ -21129,21 +20938,21 @@ checkds_done(void *arg) { dns_rdataset_current(ds_rrset, &rdata); r = dns_rdata_tostruct(&rdata, &ds, NULL); if (r != ISC_R_SUCCESS) { - goto nextds; + continue; } /* Check key tag and algorithm. */ if (dst_key_id(key->key) != ds.key_tag) { - goto nextds; + continue; } if (dst_key_alg(key->key) != ds.algorithm) { - goto nextds; + continue; } /* Derive DS from DNSKEY, see if the rdata is equal. */ make_dnskey(key->key, keybuf, sizeof(keybuf), &dnskey); r = dns_ds_buildrdata(&zone->origin, &dnskey, ds.digest_type, dsbuf, &dsrdata); if (r != ISC_R_SUCCESS) { - goto nextds; + continue; } if (dns_rdata_compare(&rdata, &dsrdata) == 0) { found = true; @@ -21156,9 +20965,6 @@ checkds_done(void *arg) { } } } - - nextds: - ret = dns_rdataset_next(ds_rrset); } dswithdrawn: @@ -21696,7 +21502,7 @@ checkds_send(dns_zone_t *zone) { static void nsfetch_done(void *arg) { dns_fetchresponse_t *resp = (dns_fetchresponse_t *)arg; - isc_result_t result, eresult; + isc_result_t result = ISC_R_NOMORE, eresult; dns_nsfetch_t *nsfetch = NULL; dns_zone_t *zone = NULL; isc_mem_t *mctx = NULL; @@ -21787,9 +21593,7 @@ nsfetch_done(void *arg) { UNLOCK_ZONE(zone); /* Look up the addresses for the found parental name servers. */ - for (result = dns_rdataset_first(nsrrset); result == ISC_R_SUCCESS; - result = dns_rdataset_next(nsrrset)) - { + DNS_RDATASET_FOREACH (nsrrset) { dns_checkds_t *checkds = NULL; dns_rdata_t rdata = DNS_RDATA_INIT; dns_rdata_ns_t ns; @@ -21831,9 +21635,6 @@ nsfetch_done(void *arg) { checkds_find_address(checkds); } - if (result == ISC_R_NOMORE) { - result = ISC_R_SUCCESS; - } LOCK_ZONE(zone); @@ -22057,17 +21858,13 @@ zone_checkds(dns_zone_t *zone) { #endif /* ifdef ENABLE_AFL */ } -static isc_result_t +static void update_ttl(dns_rdataset_t *rdataset, dns_name_t *name, dns_ttl_t ttl, dns_diff_t *diff) { - isc_result_t result; - /* * Delete everything using the existing TTL. */ - for (result = dns_rdataset_first(rdataset); result == ISC_R_SUCCESS; - result = dns_rdataset_next(rdataset)) - { + DNS_RDATASET_FOREACH (rdataset) { dns_difftuple_t *tuple = NULL; dns_rdata_t rdata = DNS_RDATA_INIT; @@ -22076,16 +21873,11 @@ update_ttl(dns_rdataset_t *rdataset, dns_name_t *name, dns_ttl_t ttl, rdataset->ttl, &rdata, &tuple); dns_diff_appendminimal(diff, &tuple); } - if (result != ISC_R_NOMORE) { - return result; - } /* * Add everything using the new TTL. */ - for (result = dns_rdataset_first(rdataset); result == ISC_R_SUCCESS; - result = dns_rdataset_next(rdataset)) - { + DNS_RDATASET_FOREACH (rdataset) { dns_difftuple_t *tuple = NULL; dns_rdata_t rdata = DNS_RDATA_INIT; @@ -22094,10 +21886,6 @@ update_ttl(dns_rdataset_t *rdataset, dns_name_t *name, dns_ttl_t ttl, &rdata, &tuple); dns_diff_appendminimal(diff, &tuple); } - if (result != ISC_R_NOMORE) { - return result; - } - return ISC_R_SUCCESS; } static isc_result_t @@ -22142,9 +21930,7 @@ remove_rdataset(dns_zone_t *zone, dns_diff_t *diff, dns_rdataset_t *rdataset) { return; } - for (isc_result_t result = dns_rdataset_first(rdataset); - result == ISC_R_SUCCESS; result = dns_rdataset_next(rdataset)) - { + DNS_RDATASET_FOREACH (rdataset) { dns_rdata_t rdata = DNS_RDATA_INIT; dns_difftuple_t *tuple = NULL; @@ -22275,15 +22061,7 @@ zone_rekey(dns_zone_t *zone) { if (kasp == NULL) { ttl = keyset.ttl; } else if (ttl != keyset.ttl && !offlineksk) { - result = update_ttl(&keyset, &zone->origin, ttl, &diff); - if (result != ISC_R_SUCCESS) { - dnssec_log(zone, ISC_LOG_ERROR, - "Updating DNSKEY TTL from %u to %u " - "failed: %s", - keyset.ttl, ttl, - isc_result_totext(result)); - goto failure; - } + update_ttl(&keyset, &zone->origin, ttl, &diff); dnssec_log(zone, ISC_LOG_INFO, "Updating DNSKEY TTL from %u to %u", keyset.ttl, ttl); @@ -22313,13 +22091,7 @@ zone_rekey(dns_zone_t *zone) { } else if (result == ISC_R_SUCCESS && kasp != NULL && ttl != cdsset.ttl && !offlineksk) { - result = update_ttl(&cdsset, &zone->origin, ttl, &diff); - if (result != ISC_R_SUCCESS) { - dnssec_log(zone, ISC_LOG_ERROR, - "Updating CDS TTL from %u to %u failed: %s", - cdsset.ttl, ttl, isc_result_totext(result)); - goto failure; - } + update_ttl(&cdsset, &zone->origin, ttl, &diff); dnssec_log(zone, ISC_LOG_INFO, "Updating CDS TTL from %u to %u", cdsset.ttl, ttl); cdsset.ttl = ttl; @@ -22333,14 +22105,7 @@ zone_rekey(dns_zone_t *zone) { } else if (result == ISC_R_SUCCESS && kasp != NULL && ttl != cdnskeyset.ttl && !offlineksk) { - result = update_ttl(&cdnskeyset, &zone->origin, ttl, &diff); - if (result != ISC_R_SUCCESS) { - dnssec_log( - zone, ISC_LOG_ERROR, - "Updating CDNSKEY TTL from %u to %u failed: %s", - cdnskeyset.ttl, ttl, isc_result_totext(result)); - goto failure; - } + update_ttl(&cdnskeyset, &zone->origin, ttl, &diff); dnssec_log(zone, ISC_LOG_INFO, "Updating CDNSKEY TTL from %u to %u", cdnskeyset.ttl, ttl); @@ -22536,10 +22301,7 @@ zone_rekey(dns_zone_t *zone) { } else { /* Check if there is a CDS DELETE record. */ if (dns_rdataset_isassociated(&cdsset)) { - for (result = dns_rdataset_first(&cdsset); - result == ISC_R_SUCCESS; - result = dns_rdataset_next(&cdsset)) - { + DNS_RDATASET_FOREACH (&cdsset) { dns_rdata_t crdata = DNS_RDATA_INIT; dns_rdataset_current(&cdsset, &crdata); /* @@ -22560,10 +22322,7 @@ zone_rekey(dns_zone_t *zone) { /* Check if there is a CDNSKEY DELETE record. */ if (dns_rdataset_isassociated(&cdnskeyset)) { - for (result = dns_rdataset_first(&cdnskeyset); - result == ISC_R_SUCCESS; - result = dns_rdataset_next(&cdnskeyset)) - { + DNS_RDATASET_FOREACH (&cdnskeyset) { dns_rdata_t crdata = DNS_RDATA_INIT; dns_rdataset_current(&cdnskeyset, &crdata); @@ -23076,9 +22835,7 @@ dns_zone_cdscheck(dns_zone_t *zone, dns_db_t *db, dns_dbversion_t *version) { if (dns_rdataset_isassociated(&cds)) { bool delete = false; memset(algorithms, notexpected, sizeof(algorithms)); - for (result = dns_rdataset_first(&cds); result == ISC_R_SUCCESS; - result = dns_rdataset_next(&cds)) - { + DNS_RDATASET_FOREACH (&cds) { dns_rdata_t crdata = DNS_RDATA_INIT; dns_rdata_cds_t structcds; @@ -23104,16 +22861,12 @@ dns_zone_cdscheck(dns_zone_t *zone, dns_db_t *db, dns_dbversion_t *version) { if (algorithms[structcds.algorithm] == 0) { algorithms[structcds.algorithm] = expected; } - for (result = dns_rdataset_first(&dnskey); - result == ISC_R_SUCCESS; - result = dns_rdataset_next(&dnskey)) - { + DNS_RDATASET_FOREACH (&dnskey) { dns_rdata_t rdata = DNS_RDATA_INIT; dns_rdata_dnskey_t structdnskey; dns_rdataset_current(&dnskey, &rdata); - CHECK(dns_rdata_tostruct(&rdata, &structdnskey, - NULL)); + dns_rdata_tostruct(&rdata, &structdnskey, NULL); if (structdnskey.algorithm == structcds.algorithm) @@ -23121,9 +22874,6 @@ dns_zone_cdscheck(dns_zone_t *zone, dns_db_t *db, dns_dbversion_t *version) { algorithms[structcds.algorithm] = found; } } - if (result != ISC_R_NOMORE) { - goto failure; - } } for (i = 0; i < sizeof(algorithms); i++) { if (delete) { @@ -23146,10 +22896,7 @@ dns_zone_cdscheck(dns_zone_t *zone, dns_db_t *db, dns_dbversion_t *version) { if (dns_rdataset_isassociated(&cdnskey)) { bool delete = false; memset(algorithms, notexpected, sizeof(algorithms)); - for (result = dns_rdataset_first(&cdnskey); - result == ISC_R_SUCCESS; - result = dns_rdataset_next(&cdnskey)) - { + DNS_RDATASET_FOREACH (&cdnskey) { dns_rdata_t crdata = DNS_RDATA_INIT; dns_rdata_cdnskey_t structcdnskey; @@ -23177,10 +22924,7 @@ dns_zone_cdscheck(dns_zone_t *zone, dns_db_t *db, dns_dbversion_t *version) { if (algorithms[structcdnskey.algorithm] == 0) { algorithms[structcdnskey.algorithm] = expected; } - for (result = dns_rdataset_first(&dnskey); - result == ISC_R_SUCCESS; - result = dns_rdataset_next(&dnskey)) - { + DNS_RDATASET_FOREACH (&dnskey) { dns_rdata_t rdata = DNS_RDATA_INIT; dns_rdata_dnskey_t structdnskey; @@ -23195,9 +22939,6 @@ dns_zone_cdscheck(dns_zone_t *zone, dns_db_t *db, dns_dbversion_t *version) { found; } } - if (result != ISC_R_NOMORE) { - goto failure; - } } for (i = 0; i < sizeof(algorithms); i++) { if (delete) { @@ -23459,7 +23200,6 @@ static void keydone(void *arg) { bool commit = false; isc_result_t result; - dns_rdata_t rdata = DNS_RDATA_INIT; dns_dbversion_t *oldver = NULL, *newver = NULL; dns_db_t *db = NULL; dns_dbnode_t *node = NULL; @@ -23511,9 +23251,8 @@ keydone(void *arg) { goto failure; } - for (result = dns_rdataset_first(&rdataset); result == ISC_R_SUCCESS; - result = dns_rdataset_next(&rdataset)) - { + DNS_RDATASET_FOREACH (&rdataset) { + dns_rdata_t rdata = DNS_RDATA_INIT; bool found = false; dns_rdataset_current(&rdataset, &rdata); @@ -23540,7 +23279,6 @@ keydone(void *arg) { &zone->origin, rdataset.ttl, &rdata)); } - dns_rdata_reset(&rdata); } if (!ISC_LIST_EMPTY(diff.tuples)) { @@ -23735,7 +23473,6 @@ rss_post(void *arg) { dns_rdataset_t prdataset, nrdataset; dns_diff_t diff; dns_update_log_t log = { update_log_cb, NULL }; - dns_rdata_t rdata; bool nseconly; bool exists = false; @@ -23818,11 +23555,8 @@ rss_post(void *arg) { result = dns_db_findrdataset(db, node, newver, zone->privatetype, dns_rdatatype_none, 0, &prdataset, NULL); if (result == ISC_R_SUCCESS) { - for (result = dns_rdataset_first(&prdataset); - result == ISC_R_SUCCESS; - result = dns_rdataset_next(&prdataset)) - { - dns_rdata_init(&rdata); + DNS_RDATASET_FOREACH (&prdataset) { + dns_rdata_t rdata = DNS_RDATA_INIT; dns_rdataset_current(&prdataset, &rdata); if (np->length == rdata.length && @@ -23843,11 +23577,8 @@ rss_post(void *arg) { result = dns_db_findrdataset(db, node, newver, dns_rdatatype_nsec3param, dns_rdatatype_none, 0, &nrdataset, NULL); if (result == ISC_R_SUCCESS) { - for (result = dns_rdataset_first(&nrdataset); - result == ISC_R_SUCCESS; - result = dns_rdataset_next(&nrdataset)) - { - dns_rdata_init(&rdata); + DNS_RDATASET_FOREACH (&nrdataset) { + dns_rdata_t rdata = DNS_RDATA_INIT; dns_rdataset_current(&nrdataset, &rdata); if (np->length == ((unsigned int)rdata.length + 1) && @@ -23884,7 +23615,7 @@ rss_post(void *arg) { * algorithm), add the INITIAL flag, so these parameters can be * used later when NSEC3 becomes available. */ - dns_rdata_init(&rdata); + dns_rdata_t rdata = DNS_RDATA_INIT; np->data[2] |= DNS_NSEC3FLAG_CREATE; result = dns_nsec_nseconly(db, newver, NULL, &nseconly); @@ -23974,7 +23705,6 @@ dns__zone_lookup_nsec3param(dns_zone_t *zone, dns_rdata_nsec3param_t *lookup, dns_dbversion_t *version = NULL; dns_rdataset_t rdataset; dns_rdata_nsec3param_t nsec3param; - dns_rdata_t rdata = DNS_RDATA_INIT; REQUIRE(DNS_ZONE_VALID(zone)); @@ -24015,13 +23745,11 @@ dns__zone_lookup_nsec3param(dns_zone_t *zone, dns_rdata_nsec3param_t *lookup, goto setparam; } - for (result = dns_rdataset_first(&rdataset); result == ISC_R_SUCCESS; - result = dns_rdataset_next(&rdataset)) - { + result = ISC_R_NOTFOUND; + DNS_RDATASET_FOREACH (&rdataset) { + dns_rdata_t rdata = DNS_RDATA_INIT; dns_rdataset_current(&rdataset, &rdata); - result = dns_rdata_tostruct(&rdata, &nsec3param, NULL); - INSIST(result == ISC_R_SUCCESS); - dns_rdata_reset(&rdata); + dns_rdata_tostruct(&rdata, &nsec3param, NULL); /* Check parameters. */ if (nsec3param.hash != lookup->hash) { @@ -24050,10 +23778,6 @@ dns__zone_lookup_nsec3param(dns_zone_t *zone, dns_rdata_nsec3param_t *lookup, break; } - if (result == ISC_R_NOMORE) { - result = ISC_R_NOTFOUND; - } - setparam: if (result != ISC_R_SUCCESS) { /* Found no match. */ diff --git a/lib/dns/zoneverify.c b/lib/dns/zoneverify.c index ab186634ec..aeb010746a 100644 --- a/lib/dns/zoneverify.c +++ b/lib/dns/zoneverify.c @@ -301,7 +301,7 @@ check_no_rrsig(const vctx_t *vctx, const dns_rdataset_t *rdataset, const dns_name_t *name, dns_dbnode_t *node) { char namebuf[DNS_NAME_FORMATSIZE]; char typebuf[DNS_RDATATYPE_FORMATSIZE]; - dns_rdataset_t sigrdataset; + dns_rdataset_t sigrdataset = DNS_RDATASET_INIT; dns_rdatasetiter_t *rdsiter = NULL; isc_result_t result; @@ -312,9 +312,7 @@ check_no_rrsig(const vctx_t *vctx, const dns_rdataset_t *rdataset, isc_result_totext(result)); return result; } - for (result = dns_rdatasetiter_first(rdsiter); result == ISC_R_SUCCESS; - result = dns_rdatasetiter_next(rdsiter)) - { + DNS_RDATASETITER_FOREACH (rdsiter) { dns_rdatasetiter_current(rdsiter, &sigrdataset); if (sigrdataset.type == dns_rdatatype_rrsig && sigrdataset.covers == rdataset->type) @@ -427,18 +425,13 @@ static isc_result_t find_nsec3_match(const dns_rdata_nsec3param_t *nsec3param, dns_rdataset_t *rdataset, size_t rhsize, dns_rdata_nsec3_t *nsec3_match) { - isc_result_t result; - /* * Find matching NSEC3 record. */ - for (result = dns_rdataset_first(rdataset); result == ISC_R_SUCCESS; - result = dns_rdataset_next(rdataset)) - { + DNS_RDATASET_FOREACH (rdataset) { dns_rdata_t rdata = DNS_RDATA_INIT; dns_rdataset_current(rdataset, &rdata); - result = dns_rdata_tostruct(&rdata, nsec3_match, NULL); - RUNTIME_CHECK(result == ISC_R_SUCCESS); + dns_rdata_tostruct(&rdata, nsec3_match, NULL); if (nsec3_match->hash == nsec3param->hash && nsec3_match->next_length == rhsize && nsec3_match->iterations == nsec3param->iterations && @@ -450,7 +443,7 @@ find_nsec3_match(const dns_rdata_nsec3param_t *nsec3param, } } - return result; + return ISC_R_NOTFOUND; } static isc_result_t @@ -533,9 +526,7 @@ innsec3params(const dns_rdata_nsec3_t *nsec3, dns_rdataset_t *nsec3paramset) { dns_rdata_nsec3param_t nsec3param; isc_result_t result; - for (result = dns_rdataset_first(nsec3paramset); - result == ISC_R_SUCCESS; result = dns_rdataset_next(nsec3paramset)) - { + DNS_RDATASET_FOREACH (nsec3paramset) { dns_rdata_t rdata = DNS_RDATA_INIT; dns_rdataset_current(nsec3paramset, &rdata); @@ -585,9 +576,7 @@ record_found(const vctx_t *vctx, const dns_name_t *name, dns_dbnode_t *node, goto cleanup; } - for (result = dns_rdataset_first(&rdataset); result == ISC_R_SUCCESS; - result = dns_rdataset_next(&rdataset)) - { + DNS_RDATASET_FOREACH (&rdataset) { dns_rdata_t rdata = DNS_RDATA_INIT; dns_rdataset_current(&rdataset, &rdata); result = dns_rdata_tostruct(&rdata, &nsec3, NULL); @@ -781,11 +770,9 @@ verifynsec3s(const vctx_t *vctx, const dns_name_t *name, dns_rdataset_t *nsec3paramset, bool delegation, bool empty, const unsigned char types[8192], unsigned int maxtype, isc_result_t *vresult) { - isc_result_t result; + isc_result_t result = ISC_R_NOMORE; - for (result = dns_rdataset_first(nsec3paramset); - result == ISC_R_SUCCESS; result = dns_rdataset_next(nsec3paramset)) - { + DNS_RDATASET_FOREACH (nsec3paramset) { dns_rdata_t rdata = DNS_RDATA_INIT; dns_rdataset_current(nsec3paramset, &rdata); @@ -798,9 +785,7 @@ verifynsec3s(const vctx_t *vctx, const dns_name_t *name, break; } } - if (result == ISC_R_NOMORE) { - result = ISC_R_SUCCESS; - } + return result; } @@ -811,29 +796,29 @@ verifyset(vctx_t *vctx, dns_rdataset_t *rdataset, const dns_name_t *name, char namebuf[DNS_NAME_FORMATSIZE]; char algbuf[DNS_SECALG_FORMATSIZE]; char typebuf[DNS_RDATATYPE_FORMATSIZE]; - dns_rdataset_t sigrdataset; + dns_rdataset_t sigrdataset = DNS_RDATASET_INIT; dns_rdatasetiter_t *rdsiter = NULL; + bool match = false; isc_result_t result; - dns_rdataset_init(&sigrdataset); result = dns_db_allrdatasets(vctx->db, node, vctx->ver, 0, 0, &rdsiter); if (result != ISC_R_SUCCESS) { zoneverify_log_error(vctx, "dns_db_allrdatasets(): %s", isc_result_totext(result)); return result; } - for (result = dns_rdatasetiter_first(rdsiter); result == ISC_R_SUCCESS; - result = dns_rdatasetiter_next(rdsiter)) - { + DNS_RDATASETITER_FOREACH (rdsiter) { dns_rdatasetiter_current(rdsiter, &sigrdataset); if (sigrdataset.type == dns_rdatatype_rrsig && sigrdataset.covers == rdataset->type) { + match = true; break; } dns_rdataset_disassociate(&sigrdataset); } - if (result != ISC_R_SUCCESS) { + + if (!match) { dns_name_format(name, namebuf, sizeof(namebuf)); dns_rdatatype_format(rdataset->type, typebuf, sizeof(typebuf)); zoneverify_log_error(vctx, "No signatures for %s/%s", namebuf, @@ -847,9 +832,7 @@ verifyset(vctx_t *vctx, dns_rdataset_t *rdataset, const dns_name_t *name, goto done; } - for (result = dns_rdataset_first(&sigrdataset); result == ISC_R_SUCCESS; - result = dns_rdataset_next(&sigrdataset)) - { + DNS_RDATASET_FOREACH (&sigrdataset) { dns_rdata_t rdata = DNS_RDATA_INIT; dns_rdata_rrsig_t sig; @@ -914,7 +897,6 @@ verifynode(vctx_t *vctx, const dns_name_t *name, dns_dbnode_t *node, const dns_name_t *nextname, isc_result_t *vresult) { unsigned char types[8192] = { 0 }; unsigned int maxtype = 0; - dns_rdataset_t rdataset; dns_rdatasetiter_t *rdsiter = NULL; isc_result_t result, tvresult = ISC_R_UNSET; @@ -927,10 +909,10 @@ verifynode(vctx_t *vctx, const dns_name_t *name, dns_dbnode_t *node, return result; } - result = dns_rdatasetiter_first(rdsiter); - dns_rdataset_init(&rdataset); - while (result == ISC_R_SUCCESS) { + DNS_RDATASETITER_FOREACH (rdsiter) { + dns_rdataset_t rdataset = DNS_RDATASET_INIT; dns_rdatasetiter_current(rdsiter, &rdataset); + /* * If we are not at a delegation then everything should be * signed. If we are at a delegation then only the DS set @@ -973,14 +955,8 @@ verifynode(vctx_t *vctx, const dns_name_t *name, dns_dbnode_t *node, } } dns_rdataset_disassociate(&rdataset); - result = dns_rdatasetiter_next(rdsiter); } dns_rdatasetiter_destroy(&rdsiter); - if (result != ISC_R_NOMORE) { - zoneverify_log_error(vctx, "rdataset iteration failed: %s", - isc_result_totext(result)); - return result; - } if (vresult == NULL) { return ISC_R_SUCCESS; @@ -1515,10 +1491,7 @@ check_dnskey_sigs(vctx_t *vctx, const dns_rdata_dnskey_t *dnskey, */ dns_rdataset_init(&dsset); if (dns_keynode_dsset(keynode, &dsset)) { - for (result = dns_rdataset_first(&dsset); - result == ISC_R_SUCCESS; - result = dns_rdataset_next(&dsset)) - { + DNS_RDATASET_FOREACH (&dsset) { dns_rdata_t dsrdata = DNS_RDATA_INIT; dns_rdata_t newdsrdata = DNS_RDATA_INIT; unsigned char buf[DNS_DS_BUFFERSIZE]; @@ -1571,14 +1544,12 @@ cleanup: */ static isc_result_t check_dnskey(vctx_t *vctx) { - dns_rdata_t rdata = DNS_RDATA_INIT; dns_rdata_dnskey_t dnskey; isc_result_t result; bool is_ksk; - for (result = dns_rdataset_first(&vctx->keyset); - result == ISC_R_SUCCESS; result = dns_rdataset_next(&vctx->keyset)) - { + DNS_RDATASET_FOREACH (&vctx->keyset) { + dns_rdata_t rdata = DNS_RDATA_INIT; dns_rdataset_current(&vctx->keyset, &rdata); result = dns_rdata_tostruct(&rdata, &dnskey, NULL); RUNTIME_CHECK(result == ISC_R_SUCCESS); @@ -1630,7 +1601,6 @@ check_dnskey(vctx_t *vctx) { check_dnskey_sigs(vctx, &dnskey, &rdata, is_ksk); } dns_rdata_freestruct(&dnskey); - dns_rdata_reset(&rdata); } return ISC_R_SUCCESS; @@ -1713,9 +1683,7 @@ verify_nodes(vctx_t *vctx, isc_result_t *vresult) { count = dns_rdataset_count(&vctx->keyset); dstkeys = isc_mem_cget(vctx->mctx, count, sizeof(*dstkeys)); - for (result = dns_rdataset_first(&vctx->keyset); - result == ISC_R_SUCCESS; result = dns_rdataset_next(&vctx->keyset)) - { + DNS_RDATASET_FOREACH (&vctx->keyset) { dns_rdata_t rdata = DNS_RDATA_INIT; dns_rdataset_current(&vctx->keyset, &rdata); dstkeys[nkeys] = NULL; @@ -1871,9 +1839,7 @@ verify_nodes(vctx_t *vctx, isc_result_t *vresult) { return result; } - for (result = dns_dbiterator_first(dbiter); result == ISC_R_SUCCESS; - result = dns_dbiterator_next(dbiter)) - { + DNS_DBITERATOR_FOREACH (dbiter) { result = dns_dbiterator_current(dbiter, &node, name); if (result != ISC_R_SUCCESS && result != DNS_R_NEWORIGIN) { zoneverify_log_error(vctx, diff --git a/lib/isccfg/aclconf.c b/lib/isccfg/aclconf.c index be3190d6b6..cebe9430bb 100644 --- a/lib/isccfg/aclconf.c +++ b/lib/isccfg/aclconf.c @@ -92,14 +92,12 @@ static isc_result_t get_acl_def(const cfg_obj_t *cctx, const char *name, const cfg_obj_t **ret) { isc_result_t result; const cfg_obj_t *acls = NULL; - const cfg_listelt_t *elt; result = cfg_map_get(cctx, "acl", &acls); if (result != ISC_R_SUCCESS) { return result; } - for (elt = cfg_list_first(acls); elt != NULL; elt = cfg_list_next(elt)) - { + CFG_LIST_FOREACH (acls, elt) { const cfg_obj_t *acl = cfg_listelt_value(elt); const char *aclname = cfg_obj_asstring(cfg_tuple_get(acl, "name")); @@ -197,7 +195,6 @@ static isc_result_t count_acl_elements(const cfg_obj_t *caml, const cfg_obj_t *cctx, cfg_aclconfctx_t *ctx, isc_mem_t *mctx, uint32_t *count, bool *has_negative) { - const cfg_listelt_t *elt; isc_result_t result; uint32_t n = 0; @@ -205,8 +202,7 @@ count_acl_elements(const cfg_obj_t *caml, const cfg_obj_t *cctx, SET_IF_NOT_NULL(has_negative, false); - for (elt = cfg_list_first(caml); elt != NULL; elt = cfg_list_next(elt)) - { + CFG_LIST_FOREACH (caml, elt) { const cfg_obj_t *ce = cfg_listelt_value(elt); /* might be a negated element, in which case get the value. */ @@ -615,9 +611,8 @@ cfg_acl_fromconfig(const cfg_obj_t *acl_data, const cfg_obj_t *cctx, unsigned int nest_level, dns_acl_t **target) { isc_result_t result; dns_acl_t *dacl = NULL, *inneracl = NULL; - dns_aclelement_t *de; - const cfg_listelt_t *elt; - dns_iptable_t *iptab; + dns_aclelement_t *de = NULL; + dns_iptable_t *iptab = NULL; int new_nest_level = 0; bool setpos; const cfg_obj_t *caml = NULL; @@ -735,8 +730,7 @@ cfg_acl_fromconfig(const cfg_obj_t *acl_data, const cfg_obj_t *cctx, } de = dacl->elements; - for (elt = cfg_list_first(caml); elt != NULL; elt = cfg_list_next(elt)) - { + CFG_LIST_FOREACH (caml, elt) { const cfg_obj_t *ce = cfg_listelt_value(elt); bool neg = false; diff --git a/lib/isccfg/check.c b/lib/isccfg/check.c index 79134cbf5f..61625bdc0b 100644 --- a/lib/isccfg/check.c +++ b/lib/isccfg/check.c @@ -182,16 +182,13 @@ static isc_result_t check_order(const cfg_obj_t *options) { isc_result_t result = ISC_R_SUCCESS; isc_result_t tresult; - const cfg_listelt_t *element; const cfg_obj_t *obj = NULL; if (cfg_map_get(options, "rrset-order", &obj) != ISC_R_SUCCESS) { return result; } - for (element = cfg_list_first(obj); element != NULL; - element = cfg_list_next(element)) - { + CFG_LIST_FOREACH (obj, element) { tresult = check_orderent(cfg_listelt_value(element)); if (result == ISC_R_SUCCESS && tresult != ISC_R_SUCCESS) { result = tresult; @@ -202,11 +199,10 @@ check_order(const cfg_obj_t *options) { static isc_result_t check_dual_stack(const cfg_obj_t *options) { - const cfg_listelt_t *element; const cfg_obj_t *alternates = NULL; - const cfg_obj_t *value; - const cfg_obj_t *obj; - const char *str; + const cfg_obj_t *value = NULL; + const cfg_obj_t *obj = NULL; + const char *str = NULL; dns_fixedname_t fixed; dns_name_t *name; isc_buffer_t buffer; @@ -231,9 +227,7 @@ check_dual_stack(const cfg_obj_t *options) { } } obj = cfg_tuple_get(alternates, "addresses"); - for (element = cfg_list_first(obj); element != NULL; - element = cfg_list_next(element)) - { + CFG_LIST_FOREACH (obj, element) { value = cfg_listelt_value(element); if (cfg_obj_issockaddr(value)) { continue; @@ -297,7 +291,6 @@ check_forward(const cfg_obj_t *config, const cfg_obj_t *options, const cfg_obj_t *forward = NULL; const cfg_obj_t *forwarders = NULL; const cfg_obj_t *faddresses = NULL; - const cfg_listelt_t *element; (void)cfg_map_get(options, "forward", &forward); (void)cfg_map_get(options, "forwarders", &forwarders); @@ -331,9 +324,7 @@ check_forward(const cfg_obj_t *config, const cfg_obj_t *options, } faddresses = cfg_tuple_get(forwarders, "addresses"); - for (element = cfg_list_first(faddresses); element != NULL; - element = cfg_list_next(element)) - { + CFG_LIST_FOREACH (faddresses, element) { const cfg_obj_t *forwarder = cfg_listelt_value(element); const char *tls = cfg_obj_getsockaddrtls(forwarder); if (tls != NULL) { @@ -352,12 +343,11 @@ static isc_result_t disabled_algorithms(const cfg_obj_t *disabled) { isc_result_t result = ISC_R_SUCCESS; isc_result_t tresult; - const cfg_listelt_t *element; - const char *str; + const char *str = NULL; isc_buffer_t b; dns_fixedname_t fixed; - dns_name_t *name; - const cfg_obj_t *obj; + dns_name_t *name = NULL; + const cfg_obj_t *obj = NULL; name = dns_fixedname_initname(&fixed); obj = cfg_tuple_get(disabled, "name"); @@ -372,9 +362,7 @@ disabled_algorithms(const cfg_obj_t *disabled) { obj = cfg_tuple_get(disabled, "algorithms"); - for (element = cfg_list_first(obj); element != NULL; - element = cfg_list_next(element)) - { + CFG_LIST_FOREACH (obj, element) { isc_textregion_t r; dns_secalg_t alg; @@ -395,12 +383,11 @@ static isc_result_t disabled_ds_digests(const cfg_obj_t *disabled) { isc_result_t result = ISC_R_SUCCESS; isc_result_t tresult; - const cfg_listelt_t *element; - const char *str; + const char *str = NULL; isc_buffer_t b; dns_fixedname_t fixed; - dns_name_t *name; - const cfg_obj_t *obj; + dns_name_t *name = NULL; + const cfg_obj_t *obj = NULL; name = dns_fixedname_initname(&fixed); obj = cfg_tuple_get(disabled, "name"); @@ -415,9 +402,7 @@ disabled_ds_digests(const cfg_obj_t *disabled) { obj = cfg_tuple_get(disabled, "digests"); - for (element = cfg_list_first(obj); element != NULL; - element = cfg_list_next(element)) - { + CFG_LIST_FOREACH (obj, element) { isc_textregion_t r; dns_dsdigest_t digest; @@ -578,8 +563,7 @@ check_dns64(cfg_aclconfctx_t *actx, const cfg_obj_t *voptions, isc_result_t result = ISC_R_SUCCESS; const cfg_obj_t *dns64 = NULL; const cfg_obj_t *options; - const cfg_listelt_t *element; - const cfg_obj_t *map, *obj; + const cfg_obj_t *map = NULL, *obj = NULL; isc_netaddr_t na, sa; unsigned int prefixlen; int nbytes; @@ -601,9 +585,7 @@ check_dns64(cfg_aclconfctx_t *actx, const cfg_obj_t *voptions, return ISC_R_SUCCESS; } - for (element = cfg_list_first(dns64); element != NULL; - element = cfg_list_next(element)) - { + CFG_LIST_FOREACH (dns64, element) { map = cfg_listelt_value(element); obj = cfg_map_getname(map); @@ -1003,7 +985,6 @@ static const cfg_obj_t * find_maplist(const cfg_obj_t *config, const char *listname, const char *name) { isc_result_t result = ISC_R_SUCCESS; const cfg_obj_t *maplist = NULL; - const cfg_listelt_t *elt = NULL; REQUIRE(config != NULL); REQUIRE(name != NULL); @@ -1013,9 +994,7 @@ find_maplist(const cfg_obj_t *config, const char *listname, const char *name) { return NULL; } - for (elt = cfg_list_first(maplist); elt != NULL; - elt = cfg_list_next(elt)) - { + CFG_LIST_FOREACH (maplist, elt) { const cfg_obj_t *map = cfg_listelt_value(elt); if (strcasecmp(cfg_obj_asstring(cfg_map_getname(map)), name) == 0) @@ -1147,10 +1126,8 @@ static isc_result_t check_listeners(const cfg_obj_t *list, const cfg_obj_t *config, cfg_aclconfctx_t *actx, isc_mem_t *mctx) { isc_result_t tresult, result = ISC_R_SUCCESS; - const cfg_listelt_t *elt = NULL; - for (elt = cfg_list_first(list); elt != NULL; elt = cfg_list_next(elt)) - { + CFG_LIST_FOREACH (list, elt) { const cfg_obj_t *obj = cfg_listelt_value(elt); tresult = check_listener(obj, config, actx, mctx); if (result == ISC_R_SUCCESS) { @@ -1188,8 +1165,7 @@ check_options(const cfg_obj_t *options, const cfg_obj_t *config, isc_result_t tresult; unsigned int i; const cfg_obj_t *obj = NULL; - const cfg_listelt_t *element; - const char *str; + const char *str = NULL; isc_buffer_t b; uint32_t lifetime = 3600; dns_keystorelist_t kslist; @@ -1332,13 +1308,11 @@ check_options(const cfg_obj_t *options, const cfg_obj_t *config, result = ISC_R_FAILURE; } } else if (cfg_obj_islist(obj)) { - for (element = cfg_list_first(obj); element != NULL; - element = cfg_list_next(element)) - { + CFG_LIST_FOREACH (obj, element) { isc_result_t ret; - const char *val; + const char *val = NULL; cfg_obj_t *kconfig = cfg_listelt_value(element); - const cfg_obj_t *kopt; + const cfg_obj_t *kopt = NULL; const cfg_obj_t *kobj = NULL; if (!cfg_obj_istuple(kconfig)) { continue; @@ -1432,10 +1406,7 @@ check_options(const cfg_obj_t *options, const cfg_obj_t *config, ISC_LIST_INIT(list); if (cfg_obj_islist(obj)) { - for (element = cfg_list_first(obj); - element != NULL; - element = cfg_list_next(element)) - { + CFG_LIST_FOREACH (obj, element) { isc_result_t ret; cfg_obj_t *kconfig = cfg_listelt_value(element); @@ -1534,9 +1505,7 @@ check_options(const cfg_obj_t *options, const cfg_obj_t *config, obj = NULL; (void)cfg_map_get(options, "disable-algorithms", &obj); if (obj != NULL) { - for (element = cfg_list_first(obj); element != NULL; - element = cfg_list_next(element)) - { + CFG_LIST_FOREACH (obj, element) { obj = cfg_listelt_value(element); tresult = disabled_algorithms(obj); if (tresult != ISC_R_SUCCESS) { @@ -1551,9 +1520,7 @@ check_options(const cfg_obj_t *options, const cfg_obj_t *config, obj = NULL; (void)cfg_map_get(options, "disable-ds-digests", &obj); if (obj != NULL) { - for (element = cfg_list_first(obj); element != NULL; - element = cfg_list_next(element)) - { + CFG_LIST_FOREACH (obj, element) { obj = cfg_listelt_value(element); tresult = disabled_ds_digests(obj); if (tresult != ISC_R_SUCCESS) { @@ -1606,9 +1573,7 @@ check_options(const cfg_obj_t *options, const cfg_obj_t *config, */ obj = NULL; (void)cfg_map_get(options, "disable-empty-zone", &obj); - for (element = cfg_list_first(obj); element != NULL; - element = cfg_list_next(element)) - { + CFG_LIST_FOREACH (obj, element) { obj = cfg_listelt_value(element); str = cfg_obj_asstring(obj); if (check_name(str) != ISC_R_SUCCESS) { @@ -1696,9 +1661,7 @@ check_options(const cfg_obj_t *options, const cfg_obj_t *config, if (obj != NULL) { unsigned char secret[32]; - for (element = cfg_list_first(obj); element != NULL; - element = cfg_list_next(element)) - { + CFG_LIST_FOREACH (obj, element) { unsigned int usedlength; obj = cfg_listelt_value(element); @@ -1899,9 +1862,7 @@ check_options(const cfg_obj_t *options, const cfg_obj_t *config, if (obj != NULL) { /* Note: SEC is defined in on some platforms. */ enum { MAS = 1, PRI = 2, SLA = 4, SCN = 8 } values = 0; - for (const cfg_listelt_t *el = cfg_list_first(obj); el != NULL; - el = cfg_list_next(el)) - { + CFG_LIST_FOREACH (obj, el) { const cfg_obj_t *tuple = cfg_listelt_value(el); const cfg_obj_t *type = cfg_tuple_get(tuple, "type"); const char *keyword = cfg_obj_asstring(type); @@ -2044,17 +2005,15 @@ check_remoteserverlist(const cfg_obj_t *cctx, const char *list, isc_symvalue_t symvalue; isc_result_t result = ISC_R_SUCCESS, tresult; const cfg_obj_t *obj = NULL; - const cfg_listelt_t *elt; result = cfg_map_get(cctx, list, &obj); if (result != ISC_R_SUCCESS) { return ISC_R_SUCCESS; } - elt = cfg_list_first(obj); - while (elt != NULL) { - char *tmp; - const char *name; + CFG_LIST_FOREACH (obj, elt) { + char *tmp = NULL; + const char *name = NULL; obj = cfg_listelt_value(elt); name = cfg_obj_asstring(cfg_tuple_get(obj, "name")); @@ -2084,8 +2043,6 @@ check_remoteserverlist(const cfg_obj_t *cctx, const char *list, result = tresult; break; } - - elt = cfg_list_next(elt); } return result; } @@ -2127,7 +2084,6 @@ check_httpserver(const cfg_obj_t *http, isc_symtab_t *symtab) { isc_result_t result = ISC_R_SUCCESS, tresult; const char *name = cfg_obj_asstring(cfg_map_getname(http)); const cfg_obj_t *eps = NULL; - const cfg_listelt_t *elt = NULL; isc_symvalue_t symvalue; if (strcasecmp(name, "default") == 0) { @@ -2164,9 +2120,7 @@ check_httpserver(const cfg_obj_t *http, isc_symtab_t *symtab) { /* Check endpoints are valid */ tresult = cfg_map_get(http, "endpoints", &eps); if (tresult == ISC_R_SUCCESS) { - for (elt = cfg_list_first(eps); elt != NULL; - elt = cfg_list_next(elt)) - { + CFG_LIST_FOREACH (eps, elt) { const cfg_obj_t *ep = cfg_listelt_value(elt); const char *path = cfg_obj_asstring(ep); if (!isc_nm_http_path_isvalid(path)) { @@ -2188,7 +2142,6 @@ static isc_result_t check_httpservers(const cfg_obj_t *config, isc_mem_t *mctx) { isc_result_t result = ISC_R_SUCCESS, tresult; const cfg_obj_t *obj = NULL; - const cfg_listelt_t *elt = NULL; isc_symtab_t *symtab = NULL; isc_symtab_create(mctx, NULL, NULL, false, &symtab); @@ -2199,7 +2152,7 @@ check_httpservers(const cfg_obj_t *config, isc_mem_t *mctx) { goto done; } - for (elt = cfg_list_first(obj); elt != NULL; elt = cfg_list_next(elt)) { + CFG_LIST_FOREACH (obj, elt) { obj = cfg_listelt_value(elt); tresult = check_httpserver(obj, symtab); if (result == ISC_R_SUCCESS) { @@ -2269,11 +2222,8 @@ check_tls_defintion(const cfg_obj_t *tlsobj, const char *name, /* Check protocols are valid */ tresult = cfg_map_get(tlsobj, "protocols", &tls_proto_list); if (tresult == ISC_R_SUCCESS) { - const cfg_listelt_t *proto = NULL; INSIST(tls_proto_list != NULL); - for (proto = cfg_list_first(tls_proto_list); proto != 0; - proto = cfg_list_next(proto)) - { + CFG_LIST_FOREACH (tls_proto_list, proto) { const cfg_obj_t *tls_proto_obj = cfg_listelt_value(proto); const char *tls_sver = cfg_obj_asstring(tls_proto_obj); @@ -2352,7 +2302,6 @@ static isc_result_t check_tls_definitions(const cfg_obj_t *config, isc_mem_t *mctx) { isc_result_t result = ISC_R_SUCCESS, tresult; const cfg_obj_t *obj = NULL; - const cfg_listelt_t *elt = NULL; isc_symtab_t *symtab = NULL; result = cfg_map_get(config, "tls", &obj); @@ -2363,7 +2312,7 @@ check_tls_definitions(const cfg_obj_t *config, isc_mem_t *mctx) { isc_symtab_create(mctx, NULL, NULL, false, &symtab); - for (elt = cfg_list_first(obj); elt != NULL; elt = cfg_list_next(elt)) { + CFG_LIST_FOREACH (obj, elt) { const char *name; obj = cfg_listelt_value(elt); name = cfg_obj_asstring(cfg_map_getname(obj)); @@ -2383,16 +2332,14 @@ get_remotes(const cfg_obj_t *cctx, const char *list, const char *name, const cfg_obj_t **ret) { isc_result_t result = ISC_R_SUCCESS; const cfg_obj_t *obj = NULL; - const cfg_listelt_t *elt = NULL; result = cfg_map_get(cctx, list, &obj); if (result != ISC_R_SUCCESS) { return result; } - elt = cfg_list_first(obj); - while (elt != NULL) { - const char *listname; + CFG_LIST_FOREACH (obj, elt) { + const char *listname = NULL; obj = cfg_listelt_value(elt); listname = cfg_obj_asstring(cfg_tuple_get(obj, "name")); @@ -2401,8 +2348,6 @@ get_remotes(const cfg_obj_t *cctx, const char *list, const char *name, *ret = obj; return ISC_R_SUCCESS; } - - elt = cfg_list_next(elt); } return ISC_R_NOTFOUND; @@ -2436,7 +2381,7 @@ validate_remotes(const cfg_obj_t *obj, const cfg_obj_t *config, uint32_t count = 0; isc_symtab_t *symtab = NULL; isc_symvalue_t symvalue; - const cfg_listelt_t *element; + const cfg_listelt_t *element = NULL; cfg_listelt_t **stack = NULL; uint32_t stackcount = 0, pushed = 0; const cfg_obj_t *listobj; @@ -2565,11 +2510,9 @@ static isc_result_t check_update_policy(const cfg_obj_t *policy) { isc_result_t result = ISC_R_SUCCESS; isc_result_t tresult; - const cfg_listelt_t *element; - const cfg_listelt_t *element2; dns_fixedname_t fixed_id, fixed_name; - dns_name_t *id, *name; - const char *str; + dns_name_t *id = NULL, *name = NULL; + const char *str = NULL; isc_textregion_t r; dns_rdatatype_t type; @@ -2581,9 +2524,7 @@ check_update_policy(const cfg_obj_t *policy) { } /* Now check the grant policy */ - for (element = cfg_list_first(policy); element != NULL; - element = cfg_list_next(element)) - { + CFG_LIST_FOREACH (policy, element) { const cfg_obj_t *stmt = cfg_listelt_value(element); const cfg_obj_t *identity = cfg_tuple_get(stmt, "identity"); const cfg_obj_t *matchtype = cfg_tuple_get(stmt, "matchtype"); @@ -2698,9 +2639,7 @@ check_update_policy(const cfg_obj_t *policy) { UNREACHABLE(); } - for (element2 = cfg_list_first(typelist); element2 != NULL; - element2 = cfg_list_next(element2)) - { + CFG_LIST_FOREACH (typelist, element2) { const cfg_obj_t *typeobj; const char *bracket; @@ -2878,7 +2817,6 @@ check_keydir(const cfg_obj_t *config, const cfg_obj_t *zconfig, dns_name_t *zname, const char *name, const char *keydir, isc_symtab_t *keydirs, isc_mem_t *mctx) { const char *dir = keydir; - const cfg_listelt_t *element; isc_result_t ret, result = ISC_R_SUCCESS; bool do_cleanup = false; bool done = false; @@ -2903,9 +2841,7 @@ check_keydir(const cfg_obj_t *config, const cfg_obj_t *zconfig, /* * Build the keystore list. */ - for (element = cfg_list_first(keystores); element != NULL; - element = cfg_list_next(element)) - { + CFG_LIST_FOREACH (keystores, element) { cfg_obj_t *kcfg = cfg_listelt_value(element); (void)cfg_keystore_fromconfig(kcfg, mctx, &kslist, NULL); } @@ -2915,9 +2851,7 @@ check_keydir(const cfg_obj_t *config, const cfg_obj_t *zconfig, * Look for the dnssec-policy by name, which is the dnssec-policy * for the zone in question. */ - for (element = cfg_list_first(kasps); element != NULL; - element = cfg_list_next(element)) - { + CFG_LIST_FOREACH (kasps, element) { cfg_obj_t *kconfig = cfg_listelt_value(element); const cfg_obj_t *kaspobj = NULL; @@ -2935,6 +2869,7 @@ check_keydir(const cfg_obj_t *config, const cfg_obj_t *zconfig, if (ret != ISC_R_SUCCESS) { kasp = NULL; } + break; } if (kasp == NULL) { @@ -2992,7 +2927,7 @@ check_zoneconf(const cfg_obj_t *zconfig, const cfg_obj_t *voptions, isc_symtab_t *files, isc_symtab_t *keydirs, isc_symtab_t *inview, const char *viewname, dns_rdataclass_t defclass, cfg_aclconfctx_t *actx, isc_mem_t *mctx) { - const char *znamestr; + const char *znamestr = NULL; const char *typestr = NULL; const char *target = NULL; int ztype; @@ -3009,7 +2944,6 @@ check_zoneconf(const cfg_obj_t *zconfig, const cfg_obj_t *voptions, bool root = false; bool rfc1918 = false; bool ula = false; - const cfg_listelt_t *element; bool dlz; bool ddns = false; bool has_dnssecpolicy = false; @@ -3254,9 +3188,7 @@ check_zoneconf(const cfg_obj_t *zconfig, const cfg_obj_t *voptions, } else { const cfg_obj_t *kasps = NULL; (void)cfg_map_get(config, "dnssec-policy", &kasps); - for (element = cfg_list_first(kasps); element != NULL; - element = cfg_list_next(element)) - { + CFG_LIST_FOREACH (kasps, element) { const cfg_obj_t *kobj = cfg_tuple_get( cfg_listelt_value(element), "name"); if (strcmp(kaspname, cfg_obj_asstring(kobj)) == @@ -3664,9 +3596,7 @@ check_zoneconf(const cfg_obj_t *zconfig, const cfg_obj_t *voptions, obj = NULL; (void)cfg_map_get(zoptions, "server-addresses", &obj); if (ztype == CFG_ZONE_STATICSTUB && obj != NULL) { - for (element = cfg_list_first(obj); element != NULL; - element = cfg_list_next(element)) - { + CFG_LIST_FOREACH (obj, element) { isc_sockaddr_t sa; isc_netaddr_t na; obj = cfg_listelt_value(element); @@ -3689,13 +3619,11 @@ check_zoneconf(const cfg_obj_t *zconfig, const cfg_obj_t *voptions, obj = NULL; (void)cfg_map_get(zoptions, "server-names", &obj); if (zname != NULL && ztype == CFG_ZONE_STATICSTUB && obj != NULL) { - for (element = cfg_list_first(obj); element != NULL; - element = cfg_list_next(element)) - { - const char *snamestr; + CFG_LIST_FOREACH (obj, element) { + const char *snamestr = NULL; dns_fixedname_t fixed_sname; isc_buffer_t b2; - dns_name_t *sname; + dns_name_t *sname = NULL; obj = cfg_listelt_value(element); snamestr = cfg_obj_asstring(obj); @@ -4121,15 +4049,12 @@ static isc_result_t check_keylist(const cfg_obj_t *keys, isc_symtab_t *symtab, isc_mem_t *mctx) { char namebuf[DNS_NAME_FORMATSIZE]; dns_fixedname_t fname; - dns_name_t *name; + dns_name_t *name = NULL; isc_result_t result = ISC_R_SUCCESS; isc_result_t tresult; - const cfg_listelt_t *element; name = dns_fixedname_initname(&fname); - for (element = cfg_list_first(keys); element != NULL; - element = cfg_list_next(element)) - { + CFG_LIST_FOREACH (keys, element) { const cfg_obj_t *key = cfg_listelt_value(element); const char *keyid = cfg_obj_asstring(cfg_map_getname(key)); isc_symvalue_t symvalue; @@ -4189,19 +4114,13 @@ check_keylist(const cfg_obj_t *keys, isc_symtab_t *symtab, isc_mem_t *mctx) { */ static bool rndckey_exists(const cfg_obj_t *keylist, const char *keyname) { - const cfg_listelt_t *element; - const cfg_obj_t *obj; - const char *str; - if (keylist == NULL) { return false; } - for (element = cfg_list_first(keylist); element != NULL; - element = cfg_list_next(element)) - { - obj = cfg_listelt_value(element); - str = cfg_obj_asstring(cfg_map_getname(obj)); + CFG_LIST_FOREACH (keylist, element) { + const cfg_obj_t *obj = cfg_listelt_value(element); + const char *str = cfg_obj_asstring(cfg_map_getname(obj)); if (!strcasecmp(str, keyname)) { return true; } @@ -4247,20 +4166,16 @@ check_servers(const cfg_obj_t *config, const cfg_obj_t *voptions, dns_fixedname_t fname; isc_result_t result = ISC_R_SUCCESS; isc_result_t tresult; - const cfg_listelt_t *e1, *e2; - const cfg_obj_t *v1, *v2, *keys; - const cfg_obj_t *servers; - isc_netaddr_t n1, n2; - unsigned int p1, p2; - const cfg_obj_t *obj; + const cfg_obj_t *servers = NULL; + const cfg_obj_t *obj = NULL; + const cfg_obj_t *keys = NULL; char buf[ISC_NETADDR_FORMATSIZE]; char namebuf[DNS_NAME_FORMATSIZE]; - const char *xfr; - const char *keyval; + const char *xfr = NULL; + const char *keyval = NULL; isc_buffer_t b; int source; - dns_name_t *keyname; - + dns_name_t *keyname = NULL; servers = NULL; if (voptions != NULL) { (void)cfg_map_get(voptions, "server", &servers); @@ -4272,11 +4187,14 @@ check_servers(const cfg_obj_t *config, const cfg_obj_t *voptions, return ISC_R_SUCCESS; } - for (e1 = cfg_list_first(servers); e1 != NULL; e1 = cfg_list_next(e1)) { + CFG_LIST_FOREACH (servers, e1) { + const cfg_obj_t *v1 = cfg_listelt_value(e1); + isc_netaddr_t n1; + unsigned int p1; dns_peer_t *peer = NULL; - size_t i; - v1 = cfg_listelt_value(e1); + cfg_obj_asnetprefix(cfg_map_getname(v1), &n1, &p1); + /* * Check that unused bits are zero. */ @@ -4348,10 +4266,14 @@ check_servers(const cfg_obj_t *config, const cfg_obj_t *voptions, } } } while (sources[++source].v4 != NULL); - e2 = e1; + + const cfg_listelt_t *e2 = e1; while ((e2 = cfg_list_next(e2)) != NULL) { - v2 = cfg_listelt_value(e2); + unsigned int p2; + isc_netaddr_t n2; + const cfg_obj_t *v2 = cfg_listelt_value(e2); cfg_obj_asnetprefix(cfg_map_getname(v2), &n2, &p2); + if (p1 == p2 && isc_netaddr_equal(&n1, &n2)) { const char *file = cfg_obj_file(v1); unsigned int line = cfg_obj_line(v1); @@ -4368,6 +4290,7 @@ check_servers(const cfg_obj_t *config, const cfg_obj_t *voptions, result = ISC_R_FAILURE; } } + keys = NULL; cfg_map_get(v1, "keys", &keys); if (keys != NULL) { @@ -4395,7 +4318,7 @@ check_servers(const cfg_obj_t *config, const cfg_obj_t *voptions, } } (void)dns_peer_newprefix(mctx, &n1, p1, &peer); - for (i = 0; i < ARRAY_SIZE(bools); i++) { + for (size_t i = 0; i < ARRAY_SIZE(bools); i++) { const cfg_obj_t *opt = NULL; cfg_map_get(v1, bools[i].name, &opt); if (opt != NULL) { @@ -4411,7 +4334,7 @@ check_servers(const cfg_obj_t *config, const cfg_obj_t *voptions, } } } - for (i = 0; i < ARRAY_SIZE(uint32s); i++) { + for (size_t i = 0; i < ARRAY_SIZE(uint32s); i++) { const cfg_obj_t *opt = NULL; cfg_map_get(v1, uint32s[i].name, &opt); if (opt != NULL) { @@ -4714,16 +4637,13 @@ static isc_result_t record_static_keys(isc_symtab_t *symtab, isc_mem_t *mctx, const cfg_obj_t *keylist, bool autovalidation) { isc_result_t result, ret = ISC_R_SUCCESS; - const cfg_listelt_t *elt; dns_fixedname_t fixed; - dns_name_t *name; + dns_name_t *name = NULL; char namebuf[DNS_NAME_FORMATSIZE], *p = NULL; name = dns_fixedname_initname(&fixed); - for (elt = cfg_list_first(keylist); elt != NULL; - elt = cfg_list_next(elt)) - { + CFG_LIST_FOREACH (keylist, elt) { const char *initmethod; const cfg_obj_t *init = NULL; const cfg_obj_t *obj = cfg_listelt_value(elt); @@ -4777,16 +4697,13 @@ record_static_keys(isc_symtab_t *symtab, isc_mem_t *mctx, static isc_result_t check_initializing_keys(isc_symtab_t *symtab, const cfg_obj_t *keylist) { isc_result_t result, ret = ISC_R_SUCCESS; - const cfg_listelt_t *elt; dns_fixedname_t fixed; - dns_name_t *name; + dns_name_t *name = NULL; char namebuf[DNS_NAME_FORMATSIZE]; name = dns_fixedname_initname(&fixed); - for (elt = cfg_list_first(keylist); elt != NULL; - elt = cfg_list_next(elt)) - { + CFG_LIST_FOREACH (keylist, elt) { const cfg_obj_t *obj = cfg_listelt_value(elt); const cfg_obj_t *init = NULL; const char *str; @@ -4834,16 +4751,13 @@ static isc_result_t record_ds_keys(isc_symtab_t *symtab, isc_mem_t *mctx, const cfg_obj_t *keylist) { isc_result_t result, ret = ISC_R_SUCCESS; - const cfg_listelt_t *elt; dns_fixedname_t fixed; - dns_name_t *name; + dns_name_t *name = NULL; char namebuf[DNS_NAME_FORMATSIZE], *p = NULL; name = dns_fixedname_initname(&fixed); - for (elt = cfg_list_first(keylist); elt != NULL; - elt = cfg_list_next(elt)) - { + CFG_LIST_FOREACH (keylist, elt) { const char *initmethod; const cfg_obj_t *init = NULL; const cfg_obj_t *obj = cfg_listelt_value(elt); @@ -4886,7 +4800,6 @@ static isc_result_t check_ta_conflicts(const cfg_obj_t *global_ta, const cfg_obj_t *view_ta, bool autovalidation, isc_mem_t *mctx) { isc_result_t result = ISC_R_SUCCESS, tresult; - const cfg_listelt_t *elt = NULL; const cfg_obj_t *keylist = NULL; isc_symtab_t *statictab = NULL, *dstab = NULL; @@ -4897,9 +4810,7 @@ check_ta_conflicts(const cfg_obj_t *global_ta, const cfg_obj_t *view_ta, * First we record all the static keys (trust-anchors configured with * "static-key"), and all the DS-style trust anchors. */ - for (elt = cfg_list_first(global_ta); elt != NULL; - elt = cfg_list_next(elt)) - { + CFG_LIST_FOREACH (global_ta, elt) { keylist = cfg_listelt_value(elt); tresult = record_static_keys(statictab, mctx, keylist, autovalidation); @@ -4913,9 +4824,7 @@ check_ta_conflicts(const cfg_obj_t *global_ta, const cfg_obj_t *view_ta, } } - for (elt = cfg_list_first(view_ta); elt != NULL; - elt = cfg_list_next(elt)) - { + CFG_LIST_FOREACH (view_ta, elt) { keylist = cfg_listelt_value(elt); tresult = record_static_keys(statictab, mctx, keylist, autovalidation); @@ -4933,9 +4842,7 @@ check_ta_conflicts(const cfg_obj_t *global_ta, const cfg_obj_t *view_ta, * Next, ensure that there's no conflict between the * static keys and the trust-anchors configured with "initial-key". */ - for (elt = cfg_list_first(global_ta); elt != NULL; - elt = cfg_list_next(elt)) - { + CFG_LIST_FOREACH (global_ta, elt) { keylist = cfg_listelt_value(elt); tresult = check_initializing_keys(statictab, keylist); if (result == ISC_R_SUCCESS) { @@ -4943,9 +4850,7 @@ check_ta_conflicts(const cfg_obj_t *global_ta, const cfg_obj_t *view_ta, } } - for (elt = cfg_list_first(view_ta); elt != NULL; - elt = cfg_list_next(elt)) - { + CFG_LIST_FOREACH (view_ta, elt) { keylist = cfg_listelt_value(elt); tresult = check_initializing_keys(statictab, keylist); if (result == ISC_R_SUCCESS) { @@ -4968,14 +4873,13 @@ static isc_result_t check_rpz_catz(const char *rpz_catz, const cfg_obj_t *rpz_obj, const char *viewname, isc_symtab_t *symtab, special_zonetype_t specialzonetype) { - const cfg_listelt_t *element; - const cfg_obj_t *obj, *nameobj, *zoneobj; - const char *zonename, *zonetype; + const cfg_obj_t *obj = NULL, *nameobj = NULL, *zoneobj = NULL; + const char *zonename = NULL, *zonetype = NULL; const char *forview = " for view "; isc_symvalue_t value; isc_result_t result = ISC_R_SUCCESS, tresult; dns_fixedname_t fixed; - dns_name_t *name; + dns_name_t *name = NULL; char namebuf[DNS_NAME_FORMATSIZE]; unsigned int num_zones = 0; @@ -4988,9 +4892,7 @@ check_rpz_catz(const char *rpz_catz, const cfg_obj_t *rpz_obj, name = dns_fixedname_initname(&fixed); obj = cfg_tuple_get(rpz_obj, "zone list"); - for (element = cfg_list_first(obj); element != NULL; - element = cfg_list_next(element)) - { + CFG_LIST_FOREACH (obj, element) { obj = cfg_listelt_value(element); nameobj = cfg_tuple_get(obj, "zone name"); zonename = cfg_obj_asstring(nameobj); @@ -5050,18 +4952,15 @@ check_rpz_catz(const char *rpz_catz, const cfg_obj_t *rpz_obj, static isc_result_t check_rpz(const cfg_obj_t *rpz_obj) { - const cfg_listelt_t *element; - const cfg_obj_t *obj, *nameobj, *edeobj; - const char *zonename; + const cfg_obj_t *obj = NULL, *nameobj = NULL, *edeobj = NULL; + const char *zonename = NULL; isc_result_t result = ISC_R_SUCCESS, tresult; dns_fixedname_t fixed; dns_name_t *name = dns_fixedname_initname(&fixed); obj = cfg_tuple_get(rpz_obj, "zone list"); - for (element = cfg_list_first(obj); element != NULL; - element = cfg_list_next(element)) - { + CFG_LIST_FOREACH (obj, element) { obj = cfg_listelt_value(element); nameobj = cfg_tuple_get(obj, "zone name"); zonename = cfg_obj_asstring(nameobj); @@ -5094,9 +4993,8 @@ check_rpz(const cfg_obj_t *rpz_obj) { static isc_result_t check_catz(const cfg_obj_t *catz_obj, const char *viewname, isc_mem_t *mctx) { - const cfg_listelt_t *element; - const cfg_obj_t *obj, *nameobj, *primariesobj; - const char *zonename; + const cfg_obj_t *obj = NULL, *nameobj = NULL, *primariesobj = NULL; + const char *zonename = NULL; const char *forview = " for view "; isc_result_t result = ISC_R_SUCCESS, tresult; isc_symtab_t *symtab = NULL; @@ -5112,9 +5010,7 @@ check_catz(const cfg_obj_t *catz_obj, const char *viewname, isc_mem_t *mctx) { obj = cfg_tuple_get(catz_obj, "zone list"); - for (element = cfg_list_first(obj); element != NULL; - element = cfg_list_next(element)) - { + CFG_LIST_FOREACH (obj, element) { char namebuf[DNS_NAME_FORMATSIZE]; obj = cfg_listelt_value(element); @@ -5256,12 +5152,11 @@ check_viewconf(const cfg_obj_t *config, const cfg_obj_t *voptions, const cfg_obj_t *view_ta = NULL, *global_ta = NULL; const cfg_obj_t *check_keys[2] = { NULL, NULL }; const cfg_obj_t *keys = NULL; - const cfg_listelt_t *element, *element2; isc_symtab_t *symtab = NULL; isc_result_t result = ISC_R_SUCCESS; isc_result_t tresult = ISC_R_SUCCESS; cfg_aclconfctx_t *actx = NULL; - const cfg_obj_t *obj; + const cfg_obj_t *obj = NULL; const cfg_obj_t *options = NULL; const cfg_obj_t *opts = NULL; const cfg_obj_t *plugin_list = NULL; @@ -5299,9 +5194,7 @@ check_viewconf(const cfg_obj_t *config, const cfg_obj_t *voptions, (void)cfg_map_get(config, "zone", &zones); } - for (element = cfg_list_first(zones); element != NULL; - element = cfg_list_next(element)) - { + CFG_LIST_FOREACH (zones, element) { const cfg_obj_t *zone = cfg_listelt_value(element); tresult = check_zoneconf(zone, voptions, config, symtab, files, @@ -5448,15 +5341,10 @@ check_viewconf(const cfg_obj_t *config, const cfg_obj_t *voptions, if (check_keys[i] != NULL) { unsigned int taflags = 0; - for (element = cfg_list_first(check_keys[i]); - element != NULL; element = cfg_list_next(element)) - { + CFG_LIST_FOREACH (check_keys[i], element) { const cfg_obj_t *keylist = cfg_listelt_value(element); - for (element2 = cfg_list_first(keylist); - element2 != NULL; - element2 = cfg_list_next(element2)) - { + CFG_LIST_FOREACH (keylist, element2) { obj = cfg_listelt_value(element2); tresult = check_trust_anchor(obj, &taflags); @@ -5609,13 +5497,11 @@ static const char *default_channels[] = { "default_syslog", "default_stderr", static isc_result_t check_logging(const cfg_obj_t *config, isc_mem_t *mctx) { const cfg_obj_t *categories = NULL; - const cfg_obj_t *category; + const cfg_obj_t *category = NULL; const cfg_obj_t *channels = NULL; - const cfg_obj_t *channel; - const cfg_listelt_t *element; - const cfg_listelt_t *delement; - const char *channelname; - const char *catname; + const cfg_obj_t *channel = NULL; + const char *channelname = NULL; + const char *catname = NULL; const cfg_obj_t *fileobj = NULL; const cfg_obj_t *syslogobj = NULL; const cfg_obj_t *nullobj = NULL; @@ -5643,9 +5529,7 @@ check_logging(const cfg_obj_t *config, isc_mem_t *mctx) { cfg_map_get(logobj, "channel", &channels); - for (element = cfg_list_first(channels); element != NULL; - element = cfg_list_next(element)) - { + CFG_LIST_FOREACH (channels, element) { channel = cfg_listelt_value(element); channelname = cfg_obj_asstring(cfg_map_getname(channel)); fileobj = syslogobj = nullobj = stderrobj = NULL; @@ -5681,9 +5565,7 @@ check_logging(const cfg_obj_t *config, isc_mem_t *mctx) { cfg_map_get(logobj, "category", &categories); - for (element = cfg_list_first(categories); element != NULL; - element = cfg_list_next(element)) - { + CFG_LIST_FOREACH (categories, element) { category = cfg_listelt_value(element); catname = cfg_obj_asstring(cfg_tuple_get(category, "name")); if (isc_log_categorybyname(catname) == ISC_LOGCATEGORY_INVALID) @@ -5693,9 +5575,7 @@ check_logging(const cfg_obj_t *config, isc_mem_t *mctx) { result = ISC_R_FAILURE; } channels = cfg_tuple_get(category, "destinations"); - for (delement = cfg_list_first(channels); delement != NULL; - delement = cfg_list_next(delement)) - { + CFG_LIST_FOREACH (channels, delement) { channel = cfg_listelt_value(delement); channelname = cfg_obj_asstring(channel); tresult = isc_symtab_lookup(symtab, channelname, 1, @@ -5716,18 +5596,15 @@ static isc_result_t check_controlskeys(const cfg_obj_t *control, const cfg_obj_t *keylist) { isc_result_t result = ISC_R_SUCCESS; const cfg_obj_t *control_keylist; - const cfg_listelt_t *element; - const cfg_obj_t *key; - const char *keyval; + const cfg_obj_t *key = NULL; + const char *keyval = NULL; control_keylist = cfg_tuple_get(control, "keys"); if (cfg_obj_isvoid(control_keylist)) { return ISC_R_SUCCESS; } - for (element = cfg_list_first(control_keylist); element != NULL; - element = cfg_list_next(element)) - { + CFG_LIST_FOREACH (control_keylist, element) { key = cfg_listelt_value(element); keyval = cfg_obj_asstring(key); @@ -5744,16 +5621,15 @@ static isc_result_t check_controls(const cfg_obj_t *config, isc_mem_t *mctx) { isc_result_t result = ISC_R_SUCCESS, tresult; cfg_aclconfctx_t *actx = NULL; - const cfg_listelt_t *element, *element2; - const cfg_obj_t *allow; - const cfg_obj_t *control; - const cfg_obj_t *controls; + const cfg_obj_t *allow = NULL; + const cfg_obj_t *control = NULL; + const cfg_obj_t *controls = NULL; const cfg_obj_t *controlslist = NULL; - const cfg_obj_t *inetcontrols; - const cfg_obj_t *unixcontrols; + const cfg_obj_t *inetcontrols = NULL; + const cfg_obj_t *unixcontrols = NULL; const cfg_obj_t *keylist = NULL; const cfg_obj_t *obj = NULL; - const char *path; + const char *path = NULL; dns_acl_t *acl = NULL; isc_symtab_t *symtab = NULL; @@ -5772,17 +5648,13 @@ check_controls(const cfg_obj_t *config, isc_mem_t *mctx) { * INET: Check allow clause. * UNIX: Not supported. */ - for (element = cfg_list_first(controlslist); element != NULL; - element = cfg_list_next(element)) - { + CFG_LIST_FOREACH (controlslist, element) { controls = cfg_listelt_value(element); unixcontrols = NULL; inetcontrols = NULL; (void)cfg_map_get(controls, "unix", &unixcontrols); (void)cfg_map_get(controls, "inet", &inetcontrols); - for (element2 = cfg_list_first(inetcontrols); element2 != NULL; - element2 = cfg_list_next(element2)) - { + CFG_LIST_FOREACH (inetcontrols, element2) { char socktext[ISC_SOCKADDR_FORMATSIZE]; isc_sockaddr_t addr; @@ -5815,9 +5687,7 @@ check_controls(const cfg_obj_t *config, isc_mem_t *mctx) { result = tresult; } } - for (element2 = cfg_list_first(unixcontrols); element2 != NULL; - element2 = cfg_list_next(element2)) - { + CFG_LIST_FOREACH (unixcontrols, element2) { control = cfg_listelt_value(element2); path = cfg_obj_asstring(cfg_tuple_get(control, "path")); cfg_obj_log(control, ISC_LOG_ERROR, @@ -5839,7 +5709,6 @@ isccfg_check_namedconf(const cfg_obj_t *config, unsigned int flags, const cfg_obj_t *options = NULL; const cfg_obj_t *views = NULL; const cfg_obj_t *acls = NULL; - const cfg_listelt_t *velement; isc_result_t result = ISC_R_SUCCESS; isc_result_t tresult = ISC_R_SUCCESS; isc_symtab_t *symtab = NULL; @@ -5935,9 +5804,7 @@ isccfg_check_namedconf(const cfg_obj_t *config, unsigned int flags, isc_symtab_create(mctx, NULL, NULL, true, &symtab); - for (velement = cfg_list_first(views); velement != NULL; - velement = cfg_list_next(velement)) - { + CFG_LIST_FOREACH (views, velement) { const cfg_obj_t *view = cfg_listelt_value(velement); const cfg_obj_t *vname = cfg_tuple_get(view, "name"); const cfg_obj_t *voptions = cfg_tuple_get(view, "options"); @@ -6005,13 +5872,9 @@ isccfg_check_namedconf(const cfg_obj_t *config, unsigned int flags, cfg_map_get(config, "acl", &acls); if (acls != NULL) { - const cfg_listelt_t *elt; - const cfg_listelt_t *elt2; - const char *aclname; + const char *aclname = NULL; - for (elt = cfg_list_first(acls); elt != NULL; - elt = cfg_list_next(elt)) - { + CFG_LIST_FOREACH (acls, elt) { const cfg_obj_t *acl = cfg_listelt_value(elt); unsigned int line = cfg_obj_line(acl); unsigned int i; @@ -6033,8 +5896,8 @@ isccfg_check_namedconf(const cfg_obj_t *config, unsigned int flags, } } - for (elt2 = cfg_list_next(elt); elt2 != NULL; - elt2 = cfg_list_next(elt2)) + for (const cfg_listelt_t *elt2 = cfg_list_next(elt); + elt2 != NULL; elt2 = cfg_list_next(elt2)) { const cfg_obj_t *acl2 = cfg_listelt_value(elt2); const char *name; diff --git a/lib/isccfg/include/isccfg/cfg.h b/lib/isccfg/include/isccfg/cfg.h index 8489a63e71..260654073b 100644 --- a/lib/isccfg/include/isccfg/cfg.h +++ b/lib/isccfg/include/isccfg/cfg.h @@ -73,6 +73,12 @@ typedef struct cfg_listelt cfg_listelt_t; typedef isc_result_t (*cfg_parsecallback_t)(const char *clausename, const cfg_obj_t *obj, void *arg); +//* clang-format off */ +#define CFG_LIST_FOREACH(listobj, elt) \ + for (const cfg_listelt_t *elt = cfg_list_first(listobj); elt != NULL; \ + elt = cfg_list_next(elt)) +//* clang-format on */ + /*** *** Functions ***/ diff --git a/lib/isccfg/kaspconf.c b/lib/isccfg/kaspconf.c index 4645b50368..8b5bd53f6d 100644 --- a/lib/isccfg/kaspconf.c +++ b/lib/isccfg/kaspconf.c @@ -443,7 +443,6 @@ cfg_kasp_fromconfig(const cfg_obj_t *config, dns_kasp_t *default_kasp, const cfg_obj_t *inlinesigning = NULL; const cfg_obj_t *cds = NULL; const cfg_obj_t *obj = NULL; - const cfg_listelt_t *element = NULL; const char *kaspname = NULL; dns_kasp_t *kasp = NULL; size_t i = 0; @@ -591,9 +590,7 @@ cfg_kasp_fromconfig(const cfg_obj_t *config, dns_kasp_t *default_kasp, (void)confget(maps, "cds-digest-types", &cds); if (cds != NULL) { - for (element = cfg_list_first(cds); element != NULL; - element = cfg_list_next(element)) - { + CFG_LIST_FOREACH (cds, element) { result = add_digest(kasp, cfg_listelt_value(element)); if (result != ISC_R_SUCCESS) { goto cleanup; @@ -630,9 +627,7 @@ cfg_kasp_fromconfig(const cfg_obj_t *config, dns_kasp_t *default_kasp, char role[256] = { 0 }; bool warn[256][2] = { { false } }; - for (element = cfg_list_first(keys); element != NULL; - element = cfg_list_next(element)) - { + CFG_LIST_FOREACH (keys, element) { cfg_obj_t *kobj = cfg_listelt_value(element); result = cfg_kaspkey_fromconfig( kobj, kasp, check_algorithms, offline_ksk, diff --git a/lib/isccfg/parser.c b/lib/isccfg/parser.c index 49058e3b41..c9a358c35f 100644 --- a/lib/isccfg/parser.c +++ b/lib/isccfg/parser.c @@ -3947,14 +3947,11 @@ isc_result_t cfg_pluginlist_foreach(const cfg_obj_t *config, const cfg_obj_t *list, pluginlist_cb_t *callback, void *callback_data) { isc_result_t result = ISC_R_SUCCESS; - const cfg_listelt_t *element; REQUIRE(config != NULL); REQUIRE(callback != NULL); - for (element = cfg_list_first(list); element != NULL; - element = cfg_list_next(element)) - { + CFG_LIST_FOREACH (list, element) { const cfg_obj_t *plugin = cfg_listelt_value(element); const cfg_obj_t *obj; const char *type, *library; diff --git a/lib/ns/query.c b/lib/ns/query.c index 547126a90b..b6f181a7fd 100644 --- a/lib/ns/query.c +++ b/lib/ns/query.c @@ -2465,7 +2465,6 @@ static bool validate(ns_client_t *client, dns_db_t *db, dns_name_t *name, dns_rdataset_t *rdataset, dns_rdataset_t *sigrdataset) { isc_result_t result; - dns_rdata_t rdata = DNS_RDATA_INIT; dns_rdata_rrsig_t rrsig; dst_key_t *key = NULL; dns_rdataset_t keyrdataset; @@ -2474,10 +2473,8 @@ validate(ns_client_t *client, dns_db_t *db, dns_name_t *name, return false; } - for (result = dns_rdataset_first(sigrdataset); result == ISC_R_SUCCESS; - result = dns_rdataset_next(sigrdataset)) - { - dns_rdata_reset(&rdata); + DNS_RDATASET_FOREACH (sigrdataset) { + dns_rdata_t rdata = DNS_RDATA_INIT; dns_rdataset_current(sigrdataset, &rdata); result = dns_rdata_tostruct(&rdata, &rrsig, NULL); RUNTIME_CHECK(result == ISC_R_SUCCESS); @@ -3254,9 +3251,9 @@ rpz_find_p(ns_client_t *client, dns_name_t *self_name, dns_rdatatype_t qtype, * Choose the best rdataset if we found something. */ if (result == ISC_R_SUCCESS) { - dns_rdatasetiter_t *rdsiter; + dns_rdatasetiter_t *rdsiter = NULL; + bool match = false; - rdsiter = NULL; result = dns_db_allrdatasets(*dbp, *nodep, *versionp, 0, 0, &rdsiter); if (result != ISC_R_SUCCESS) { @@ -3269,10 +3266,7 @@ rpz_find_p(ns_client_t *client, dns_name_t *self_name, dns_rdatatype_t qtype, if (qtype == dns_rdatatype_aaaa && !ISC_LIST_EMPTY(client->view->dns64)) { - for (result = dns_rdatasetiter_first(rdsiter); - result == ISC_R_SUCCESS; - result = dns_rdatasetiter_next(rdsiter)) - { + DNS_RDATASETITER_FOREACH (rdsiter) { dns_rdatasetiter_current(rdsiter, *rdatasetp); if ((*rdatasetp)->type == dns_rdatatype_a) { found_a = true; @@ -3280,28 +3274,18 @@ rpz_find_p(ns_client_t *client, dns_name_t *self_name, dns_rdatatype_t qtype, dns_rdataset_disassociate(*rdatasetp); } } - for (result = dns_rdatasetiter_first(rdsiter); - result == ISC_R_SUCCESS; - result = dns_rdatasetiter_next(rdsiter)) - { + DNS_RDATASETITER_FOREACH (rdsiter) { dns_rdatasetiter_current(rdsiter, *rdatasetp); if ((*rdatasetp)->type == dns_rdatatype_cname || (*rdatasetp)->type == qtype) { + match = true; break; } dns_rdataset_disassociate(*rdatasetp); } dns_rdatasetiter_destroy(&rdsiter); - if (result != ISC_R_SUCCESS) { - if (result != ISC_R_NOMORE) { - rpz_log_fail(client, DNS_RPZ_ERROR_LEVEL, - p_name, rpz_type, "rdatasetiter", - result); - CTRACE(ISC_LOG_ERROR, "rpz_find_p: " - "rdatasetiter failed"); - return DNS_R_SERVFAIL; - } + if (!match) { /* * Ask again to get the right DNS_R_DNAME/NXRRSET/... * result if there is neither a CNAME nor target type. @@ -3625,10 +3609,7 @@ rpz_rewrite_ip_rrset(ns_client_t *client, dns_name_t *name, /* * Check all of the IP addresses in the rdataset. */ - for (result = dns_rdataset_first(*ip_rdatasetp); - result == ISC_R_SUCCESS; - result = dns_rdataset_next(*ip_rdatasetp)) - { + DNS_RDATASET_FOREACH (*ip_rdatasetp) { dns_rdata_t rdata = DNS_RDATA_INIT; dns_rdataset_current(*ip_rdatasetp, &rdata); switch (rdata.type) { @@ -4329,10 +4310,9 @@ static bool rpz_ck_dnssec(ns_client_t *client, isc_result_t qresult, dns_rdataset_t *rdataset, dns_rdataset_t *sigrdataset) { dns_fixedname_t fixed; - dns_name_t *found; - dns_rdataset_t trdataset; + dns_name_t *found = NULL; + dns_rdataset_t trdataset = DNS_RDATASET_INIT; dns_rdatatype_t type; - isc_result_t result; CTRACE(ISC_LOG_DEBUG(3), "rpz_ck_dnssec"); @@ -4379,9 +4359,7 @@ rpz_ck_dnssec(ns_client_t *client, isc_result_t qresult, } found = dns_fixedname_initname(&fixed); dns_rdataset_init(&trdataset); - for (result = dns_rdataset_first(rdataset); result == ISC_R_SUCCESS; - result = dns_rdataset_next(rdataset)) - { + DNS_RDATASET_FOREACH (rdataset) { dns_ncache_current(rdataset, found, &trdataset); type = trdataset.type; dns_rdataset_disassociate(&trdataset); @@ -4691,13 +4669,13 @@ redirect(ns_client_t *client, dns_name_t *name, dns_rdataset_t *rdataset, dns_db_t *db = NULL; dns_dbnode_t *node = NULL; dns_fixedname_t fixed; - dns_name_t *found; - dns_rdataset_t trdataset; + dns_name_t *found = NULL; + dns_rdataset_t trdataset = DNS_RDATASET_INIT; isc_result_t result; dns_rdatatype_t type; dns_clientinfomethods_t cm; dns_clientinfo_t ci; - ns_dbversion_t *dbversion; + ns_dbversion_t *dbversion = NULL; CTRACE(ISC_LOG_DEBUG(3), "redirect"); @@ -4706,7 +4684,6 @@ redirect(ns_client_t *client, dns_name_t *name, dns_rdataset_t *rdataset, } found = dns_fixedname_initname(&fixed); - dns_rdataset_init(&trdataset); dns_clientinfomethods_init(&cm, ns_client_sourceip); dns_clientinfo_init(&ci, client, NULL); @@ -4728,10 +4705,7 @@ redirect(ns_client_t *client, dns_name_t *name, dns_rdataset_t *rdataset, return ISC_R_NOTFOUND; } if ((rdataset->attributes & DNS_RDATASETATTR_NEGATIVE) != 0) { - for (result = dns_rdataset_first(rdataset); - result == ISC_R_SUCCESS; - result = dns_rdataset_next(rdataset)) - { + DNS_RDATASET_FOREACH (rdataset) { dns_ncache_current(rdataset, found, &trdataset); type = trdataset.type; dns_rdataset_disassociate(&trdataset); @@ -4822,8 +4796,8 @@ redirect2(ns_client_t *client, dns_name_t *name, dns_rdataset_t *rdataset, dns_dbnode_t *node = NULL; dns_fixedname_t fixed; dns_fixedname_t fixedredirect; - dns_name_t *found, *redirectname; - dns_rdataset_t trdataset; + dns_name_t *found = NULL, *redirectname = NULL; + dns_rdataset_t trdataset = DNS_RDATASET_INIT; isc_result_t result; dns_rdatatype_t type; dns_clientinfomethods_t cm; @@ -4844,7 +4818,6 @@ redirect2(ns_client_t *client, dns_name_t *name, dns_rdataset_t *rdataset, } found = dns_fixedname_initname(&fixed); - dns_rdataset_init(&trdataset); dns_clientinfomethods_init(&cm, ns_client_sourceip); dns_clientinfo_init(&ci, client, NULL); @@ -4866,10 +4839,7 @@ redirect2(ns_client_t *client, dns_name_t *name, dns_rdataset_t *rdataset, return ISC_R_NOTFOUND; } if ((rdataset->attributes & DNS_RDATASETATTR_NEGATIVE) != 0) { - for (result = dns_rdataset_first(rdataset); - result == ISC_R_SUCCESS; - result = dns_rdataset_next(rdataset)) - { + DNS_RDATASET_FOREACH (rdataset) { dns_ncache_current(rdataset, found, &trdataset); type = trdataset.type; dns_rdataset_disassociate(&trdataset); @@ -6891,12 +6861,10 @@ query_checkrrl(query_ctx_t *qctx, isc_result_t result) { (qctx->client->query.rpz_st->state & DNS_RPZ_REWRITTEN) == 0) && (qctx->client->query.attributes & NS_QUERYATTR_RRL_CHECKED) == 0) { - dns_rdataset_t nc_rdataset; bool wouldlog; - dns_fixedname_t fixed; const dns_name_t *constname; char log_buf[DNS_RRL_LOG_BUF_LEN]; - isc_result_t nc_result, resp_result; + isc_result_t resp_result; dns_rrl_result_t rrl_result; qctx->client->query.attributes |= NS_QUERYATTR_RRL_CHECKED; @@ -6920,18 +6888,15 @@ query_checkrrl(query_ctx_t *qctx, isc_result_t result) { /* * Try to use owner name in the negative cache SOA. */ - dns_fixedname_init(&fixed); - dns_rdataset_init(&nc_rdataset); - for (nc_result = dns_rdataset_first(qctx->rdataset); - nc_result == ISC_R_SUCCESS; - nc_result = dns_rdataset_next(qctx->rdataset)) - { - dns_ncache_current(qctx->rdataset, - dns_fixedname_name(&fixed), + dns_rdataset_t nc_rdataset = DNS_RDATASET_INIT; + dns_fixedname_t fixed; + dns_name_t *n = dns_fixedname_initname(&fixed); + DNS_RDATASET_FOREACH (qctx->rdataset) { + dns_ncache_current(qctx->rdataset, n, &nc_rdataset); if (nc_rdataset.type == dns_rdatatype_soa) { dns_rdataset_disassociate(&nc_rdataset); - constname = dns_fixedname_name(&fixed); + constname = n; break; } dns_rdataset_disassociate(&nc_rdataset); @@ -7319,10 +7284,7 @@ has_ta(query_ctx_t *qctx) { dns_rdataset_init(&dsset); if (dns_keynode_dsset(keynode, &dsset)) { - for (result = dns_rdataset_first(&dsset); - result == ISC_R_SUCCESS; - result = dns_rdataset_next(&dsset)) - { + DNS_RDATASET_FOREACH (&dsset) { dns_rdata_t rdata = DNS_RDATA_INIT; dns_rdata_ds_t ds; @@ -7685,8 +7647,7 @@ query_respond_any(query_ctx_t *qctx) { ns_client_keepname(qctx->client, qctx->fname, qctx->dbuf); qctx->tname = qctx->fname; - result = dns_rdatasetiter_first(rdsiter); - while (result == ISC_R_SUCCESS) { + DNS_RDATASETITER_FOREACH (rdsiter) { dns_rdatasetiter_current(rdsiter, qctx->rdataset); /* @@ -7795,19 +7756,10 @@ query_respond_any(query_ctx_t *qctx) { */ dns_rdataset_disassociate(qctx->rdataset); } - - result = dns_rdatasetiter_next(rdsiter); } dns_rdatasetiter_destroy(&rdsiter); - if (result != ISC_R_NOMORE) { - CCTRACE(ISC_LOG_ERROR, "query_respond_any: rdataset iterator " - "failed"); - QUERY_ERROR(qctx, DNS_R_SERVFAIL); - return ns_query_done(qctx); - } - if (found) { /* * Call hook if any answers were found. @@ -8326,10 +8278,7 @@ query_filter64(query_ctx_t *qctx) { myrdatalist->ttl = qctx->rdataset->ttl; i = 0; - for (result = dns_rdataset_first(qctx->rdataset); - result == ISC_R_SUCCESS; - result = dns_rdataset_next(qctx->rdataset)) - { + DNS_RDATASET_FOREACH (qctx->rdataset) { dns_rdata_t rdata = DNS_RDATA_INIT; dns_rdata_t *myrdata = NULL; isc_region_t r; @@ -9702,17 +9651,15 @@ query_synthnxdomainnodata(query_ctx_t *qctx, bool nodata, dns_name_t *nowild, */ static isc_result_t checksignames(dns_name_t *signer, dns_rdataset_t *sigrdataset) { - isc_result_t result; - - for (result = dns_rdataset_first(sigrdataset); result == ISC_R_SUCCESS; - result = dns_rdataset_next(sigrdataset)) - { + DNS_RDATASET_FOREACH (sigrdataset) { + isc_result_t result; dns_rdata_t rdata = DNS_RDATA_INIT; dns_rdata_rrsig_t rrsig; dns_rdataset_current(sigrdataset, &rdata); result = dns_rdata_tostruct(&rdata, &rrsig, NULL); RUNTIME_CHECK(result == ISC_R_SUCCESS); + if (dns_name_countlabels(signer) == 0) { dns_name_copy(&rrsig.signer, signer); } else if (!dns_name_equal(signer, &rrsig.signer)) { diff --git a/lib/ns/update.c b/lib/ns/update.c index 12a49a25a3..f215805e41 100644 --- a/lib/ns/update.c +++ b/lib/ns/update.c @@ -552,9 +552,7 @@ static isc_result_t foreach_node_rr_action(void *data, dns_rdataset_t *rdataset) { isc_result_t result; foreach_node_rr_ctx_t *ctx = data; - for (result = dns_rdataset_first(rdataset); result == ISC_R_SUCCESS; - result = dns_rdataset_next(rdataset)) - { + DNS_RDATASET_FOREACH (rdataset) { rr_t rr = { 0, DNS_RDATA_INIT }; dns_rdataset_current(rdataset, &rr.rdata); @@ -564,9 +562,6 @@ foreach_node_rr_action(void *data, dns_rdataset_t *rdataset) { return result; } } - if (result != ISC_R_NOMORE) { - return result; - } return ISC_R_SUCCESS; } @@ -612,26 +607,17 @@ foreach_rrset(dns_db_t *db, dns_dbversion_t *ver, dns_name_t *name, goto cleanup_node; } - for (result = dns_rdatasetiter_first(iter); result == ISC_R_SUCCESS; - result = dns_rdatasetiter_next(iter)) - { - dns_rdataset_t rdataset; - - dns_rdataset_init(&rdataset); + DNS_RDATASETITER_FOREACH (iter) { + dns_rdataset_t rdataset = DNS_RDATASET_INIT; dns_rdatasetiter_current(iter, &rdataset); result = (*action)(action_data, &rdataset); dns_rdataset_disassociate(&rdataset); if (result != ISC_R_SUCCESS) { - goto cleanup_iterator; + break; } } - if (result == ISC_R_NOMORE) { - result = ISC_R_SUCCESS; - } - -cleanup_iterator: dns_rdatasetiter_destroy(&iter); cleanup_node: @@ -727,9 +713,7 @@ foreach_rr(dns_db_t *db, dns_dbversion_t *ver, dns_name_t *name, dns_rdataset_getownercase(&rdataset, ctx->oldname); } - for (result = dns_rdataset_first(&rdataset); result == ISC_R_SUCCESS; - result = dns_rdataset_next(&rdataset)) - { + DNS_RDATASET_FOREACH (&rdataset) { rr_t rr = { 0, DNS_RDATA_INIT }; dns_rdataset_current(&rdataset, &rr.rdata); rr.ttl = rdataset.ttl; @@ -738,9 +722,6 @@ foreach_rr(dns_db_t *db, dns_dbversion_t *ver, dns_name_t *name, goto cleanup_rdataset; } } - if (result != ISC_R_NOMORE) { - goto cleanup_rdataset; - } result = ISC_R_SUCCESS; cleanup_rdataset: @@ -951,10 +932,7 @@ ssu_checkrule(void *data, dns_rdataset_t *rrset) { dns_rdataset_init(&rdataset); dns_rdataset_clone(rrset, &rdataset); - for (result = dns_rdataset_first(&rdataset); - result == ISC_R_SUCCESS; - result = dns_rdataset_next(&rdataset)) - { + DNS_RDATASET_FOREACH (&rdataset) { dns_rdata_t rdata = DNS_RDATA_INIT; dns_rdataset_current(&rdataset, &rdata); if (rrset->type == dns_rdatatype_ptr) { @@ -975,9 +953,6 @@ ssu_checkrule(void *data, dns_rdataset_t *rrset) { break; } } - if (result != ISC_R_NOMORE) { - rule_ok = false; - } dns_rdataset_disassociate(&rdataset); } else { rule_ok = dns_ssutable_checkrules( @@ -1191,17 +1166,12 @@ temp_check(isc_mem_t *mctx, dns_diff_t *temp, dns_db_t *db, dns_diff_init(mctx, &d_rrs); dns_diff_init(mctx, &u_rrs); - for (result = dns_rdataset_first(&rdataset); - result == ISC_R_SUCCESS; - result = dns_rdataset_next(&rdataset)) - { + DNS_RDATASET_FOREACH (&rdataset) { dns_rdata_t rdata = DNS_RDATA_INIT; dns_rdataset_current(&rdataset, &rdata); temp_append(&d_rrs, name, &rdata); } - if (result != ISC_R_NOMORE) { - goto failure; - } + result = dns_diff_sort(&d_rrs, temp_order); if (result != ISC_R_SUCCESS) { goto failure; @@ -2201,22 +2171,17 @@ rr_exists(dns_db_t *db, dns_dbversion_t *ver, dns_name_t *name, goto failure; } - for (result = dns_rdataset_first(&rdataset); result == ISC_R_SUCCESS; - result = dns_rdataset_next(&rdataset)) - { + bool matched = false; + DNS_RDATASET_FOREACH (&rdataset) { dns_rdata_t myrdata = DNS_RDATA_INIT; dns_rdataset_current(&rdataset, &myrdata); - if (!dns_rdata_casecompare(&myrdata, rdata)) { + if (dns_rdata_casecompare(&myrdata, rdata) == 0) { + matched = true; break; } } dns_rdataset_disassociate(&rdataset); - if (result == ISC_R_SUCCESS) { - *flag = true; - } else if (result == ISC_R_NOMORE) { - *flag = false; - result = ISC_R_SUCCESS; - } + *flag = matched; failure: if (node != NULL) { @@ -2249,9 +2214,7 @@ get_iterations(dns_db_t *db, dns_dbversion_t *ver, dns_rdatatype_t privatetype, goto failure; } - for (result = dns_rdataset_first(&rdataset); result == ISC_R_SUCCESS; - result = dns_rdataset_next(&rdataset)) - { + DNS_RDATASET_FOREACH (&rdataset) { dns_rdata_t rdata = DNS_RDATA_INIT; dns_rdataset_current(&rdataset, &rdata); CHECK(dns_rdata_tostruct(&rdata, &nsec3param, NULL)); @@ -2262,9 +2225,6 @@ get_iterations(dns_db_t *db, dns_dbversion_t *ver, dns_rdatatype_t privatetype, iterations = nsec3param.iterations; } } - if (result != ISC_R_NOMORE) { - goto failure; - } dns_rdataset_disassociate(&rdataset); @@ -2282,9 +2242,7 @@ try_private: goto failure; } - for (result = dns_rdataset_first(&rdataset); result == ISC_R_SUCCESS; - result = dns_rdataset_next(&rdataset)) - { + DNS_RDATASET_FOREACH (&rdataset) { unsigned char buf[DNS_NSEC3PARAM_BUFFERSIZE]; dns_rdata_t private = DNS_RDATA_INIT; dns_rdata_t rdata = DNS_RDATA_INIT; @@ -2303,9 +2261,6 @@ try_private: iterations = nsec3param.iterations; } } - if (result != ISC_R_NOMORE) { - goto failure; - } success: *iterationsp = iterations; diff --git a/tests/dns/dbiterator_test.c b/tests/dns/dbiterator_test.c index a84e4d806c..d5eabfb280 100644 --- a/tests/dns/dbiterator_test.c +++ b/tests/dns/dbiterator_test.c @@ -93,9 +93,7 @@ test_walk(const char *filename, int flags, int nodes) { result = dns_db_createiterator(db, flags, &iter); assert_int_equal(result, ISC_R_SUCCESS); - for (result = dns_dbiterator_first(iter); result == ISC_R_SUCCESS; - result = dns_dbiterator_next(iter)) - { + DNS_DBITERATOR_FOREACH (iter) { result = dns_dbiterator_current(iter, &node, name); assert_int_equal(result, ISC_R_SUCCESS); dns_db_detachnode(db, &node); diff --git a/tests/isccfg/duration_test.c b/tests/isccfg/duration_test.c index 8808b0d085..d0300f2359 100644 --- a/tests/isccfg/duration_test.c +++ b/tests/isccfg/duration_test.c @@ -125,7 +125,6 @@ ISC_RUN_TEST_IMPL(duration) { bool must_fail = false; for (size_t i = 0; i < ARRAY_SIZE(durations); i++) { - const cfg_listelt_t *element; const cfg_obj_t *kasps = NULL; const char cfg_tpl[] = "dnssec-policy \"dp\"\n" @@ -159,9 +158,7 @@ ISC_RUN_TEST_IMPL(duration) { (void)cfg_map_get(c1, "dnssec-policy", &kasps); assert_non_null(kasps); - for (element = cfg_list_first(kasps); element != NULL; - element = cfg_list_next(element)) - { + CFG_LIST_FOREACH (kasps, element) { const cfg_listelt_t *key_element; const cfg_obj_t *lifetime = NULL; const cfg_obj_t *keys = NULL;