From f10f5572ac7e0520eed4516be52df625ad56c860 Mon Sep 17 00:00:00 2001 From: Evan Hunt Date: Fri, 21 Mar 2025 23:32:27 -0700 Subject: [PATCH] add DNS_RDATASET_FOREACH macro replace the pattern `for (result = dns_rdataset_first(x); result == ISC_R_SUCCES; result = dns_rdataset_next(x)` with a new `DNS_RDATASET_FOREACH` macro throughout BIND. --- .clang-format | 2 +- bin/check/check-tool.c | 36 +- bin/delv/delv.c | 10 +- bin/dig/dig.c | 14 +- bin/dig/dighost.c | 34 +- bin/dig/host.c | 10 +- bin/dig/nslookup.c | 14 +- bin/dnssec/dnssec-cds.c | 45 +- bin/dnssec/dnssec-dsfromkey.c | 11 +- bin/dnssec/dnssec-importkey.c | 13 +- bin/dnssec/dnssec-signzone.c | 309 +++++++------ bin/named/server.c | 20 +- bin/tests/system/dyndb/driver/syncptr.c | 15 +- bin/tools/mdig.c | 10 +- lib/dns/adb.c | 4 +- lib/dns/catz.c | 9 +- lib/dns/dns64.c | 56 +-- lib/dns/dnssec.c | 53 +-- lib/dns/include/dns/rdataset.h | 22 + lib/dns/journal.c | 11 +- lib/dns/keytable.c | 4 +- lib/dns/masterdump.c | 26 +- lib/dns/message.c | 5 +- lib/dns/ncache.c | 115 ++--- lib/dns/nsec.c | 24 +- lib/dns/nsec3.c | 180 ++------ lib/dns/private.c | 25 +- lib/dns/rdataset.c | 37 +- lib/dns/resolver.c | 62 +-- lib/dns/rootns.c | 82 +--- lib/dns/update.c | 26 +- lib/dns/validator.c | 51 +-- lib/dns/view.c | 4 +- lib/dns/xfrin.c | 6 +- lib/dns/zone.c | 551 +++++++----------------- lib/dns/zoneverify.c | 49 +-- lib/ns/query.c | 80 ++-- lib/ns/update.c | 60 +-- 38 files changed, 695 insertions(+), 1390 deletions(-) diff --git a/.clang-format b/.clang-format index 2e7ab89d69..bfa81bee45 100644 --- a/.clang-format +++ b/.clang-format @@ -78,6 +78,6 @@ PenaltyBreakString: 80 PenaltyExcessCharacter: 100 Standard: Cpp11 ContinuationIndentWidth: 8 -ForEachMacros: [ 'cds_lfs_for_each', 'cds_lfs_for_each_safe', 'cds_list_for_each_entry_safe', 'ISC_LIST_FOREACH', 'ISC_LIST_FOREACH_SAFE', 'ISC_LIST_FOREACH_REV', 'ISC_LIST_FOREACH_REV_SAFE', 'MSG_SECTION_FOREACH' ] +ForEachMacros: [ 'cds_lfs_for_each', 'cds_lfs_for_each_safe', 'cds_list_for_each_entry_safe', 'ISC_LIST_FOREACH', 'ISC_LIST_FOREACH_SAFE', 'ISC_LIST_FOREACH_REV', 'ISC_LIST_FOREACH_REV_SAFE', 'MSG_SECTION_FOREACH', 'DNS_RDATASET_FOREACH' ] RemoveParentheses: ReturnStatement RemoveSemicolon: true diff --git a/bin/check/check-tool.c b/bin/check/check-tool.c index bd2733b69a..1cca74d861 100644 --- a/bin/check/check-tool.c +++ b/bin/check/check-tool.c @@ -222,8 +222,6 @@ static bool checkns(dns_zone_t *zone, const dns_name_t *name, const dns_name_t *owner, dns_rdataset_t *a, dns_rdataset_t *aaaa) { dns_rdataset_t *rdataset; - dns_rdata_t rdata = DNS_RDATA_INIT; - isc_result_t result; struct addrinfo hints = { .ai_flags = AI_CANONNAME, .ai_family = PF_UNSPEC, @@ -315,8 +313,9 @@ checkns(dns_zone_t *zone, const dns_name_t *name, const dns_name_t *owner, if (!dns_rdataset_isassociated(a)) { goto checkaaaa; } - result = dns_rdataset_first(a); - while (result == ISC_R_SUCCESS) { + + DNS_RDATASET_FOREACH (a) { + dns_rdata_t rdata = DNS_RDATA_INIT; dns_rdataset_current(a, &rdata); match = false; for (cur = ai; cur != NULL; cur = cur->ai_next) { @@ -340,16 +339,14 @@ checkns(dns_zone_t *zone, const dns_name_t *name, const dns_name_t *owner, /* XXX950 make fatal for 9.5.0 */ /* answer = false; */ } - dns_rdata_reset(&rdata); - result = dns_rdataset_next(a); } checkaaaa: if (!dns_rdataset_isassociated(aaaa)) { goto checkmissing; } - result = dns_rdataset_first(aaaa); - while (result == ISC_R_SUCCESS) { + DNS_RDATASET_FOREACH (aaaa) { + dns_rdata_t rdata = DNS_RDATA_INIT; dns_rdataset_current(aaaa, &rdata); match = false; for (cur = ai; cur != NULL; cur = cur->ai_next) { @@ -374,8 +371,6 @@ checkaaaa: /* XXX950 make fatal for 9.5.0. */ /* answer = false; */ } - dns_rdata_reset(&rdata); - result = dns_rdataset_next(aaaa); } checkmissing: @@ -403,19 +398,18 @@ checkmissing: } match = false; if (dns_rdataset_isassociated(rdataset)) { - result = dns_rdataset_first(rdataset); - } else { - result = ISC_R_FAILURE; - } - while (result == ISC_R_SUCCESS && !match) { - dns_rdataset_current(rdataset, &rdata); - if (memcmp(ptr, rdata.data, rdata.length) == 0) - { - match = true; + DNS_RDATASET_FOREACH (rdataset) { + dns_rdata_t rdata = DNS_RDATA_INIT; + dns_rdataset_current(rdataset, &rdata); + if (memcmp(ptr, rdata.data, + rdata.length) == 0) + { + match = true; + break; + } } - dns_rdata_reset(&rdata); - result = dns_rdataset_next(rdataset); } + if (!match) { dns_zone_log(zone, ISC_LOG_ERROR, "%s/NS '%s' " diff --git a/bin/delv/delv.c b/bin/delv/delv.c index 6de84e2354..9b9de40346 100644 --- a/bin/delv/delv.c +++ b/bin/delv/delv.c @@ -470,11 +470,9 @@ printdata(dns_rdataset_t *rdataset, dns_name_t *owner) { isc_buffer_init(&target, t, len); if (short_form) { - dns_rdata_t rdata = DNS_RDATA_INIT; - for (result = dns_rdataset_first(rdataset); - result == ISC_R_SUCCESS; - result = dns_rdataset_next(rdataset)) - { + DNS_RDATASET_FOREACH (rdataset) { + dns_rdata_t rdata = DNS_RDATA_INIT; + if ((rdataset->attributes & DNS_RDATASETATTR_NEGATIVE) != 0) { @@ -495,8 +493,6 @@ printdata(dns_rdataset_t *rdataset, dns_name_t *owner) { } isc_buffer_putstr(&target, "\n"); - - dns_rdata_reset(&rdata); } } else { dns_indent_t indent = { " ", 2 }; diff --git a/bin/dig/dig.c b/bin/dig/dig.c index b8b6468c69..8ede6acdb5 100644 --- a/bin/dig/dig.c +++ b/bin/dig/dig.c @@ -579,25 +579,23 @@ dns64prefix_answer(dns_message_t *msg, isc_buffer_t *buf) { static isc_result_t short_answer(dns_message_t *msg, dns_messagetextflag_t flags, isc_buffer_t *buf, dig_query_t *query) { - isc_result_t result, loopresult; dns_name_t empty_name; - dns_rdata_t rdata = DNS_RDATA_INIT; UNUSED(flags); dns_name_init(&empty_name); MSG_SECTION_FOREACH (msg, DNS_SECTION_ANSWER, name) { ISC_LIST_FOREACH (name->list, rdataset, link) { - loopresult = dns_rdataset_first(rdataset); - while (loopresult == ISC_R_SUCCESS) { + DNS_RDATASET_FOREACH (rdataset) { + dns_rdata_t rdata = DNS_RDATA_INIT; dns_rdataset_current(rdataset, &rdata); - result = say_message(&rdata, query, buf); + + isc_result_t result = say_message(&rdata, query, + buf); if (result == ISC_R_NOSPACE) { return result; } check_result(result, "say_message"); - loopresult = dns_rdataset_next(rdataset); - dns_rdata_reset(&rdata); } } } @@ -2770,7 +2768,7 @@ dash_option(char *option, char *next, dig_lookup_t **lookup, printgreeting(argc, argv, *lookup); *firstarg = false; } - ISC_LIST_APPEND(lookup_list, (*lookup), link); + ISC_LIST_APPEND(lookup_list, *lookup, link); debug("looking up %s", (*lookup)->textname); } return value_from_next; diff --git a/bin/dig/dighost.c b/bin/dig/dighost.c index 14f5238974..0cafbcdf68 100644 --- a/bin/dig/dighost.c +++ b/bin/dig/dighost.c @@ -1800,7 +1800,6 @@ followup_lookup(dns_message_t *msg, dig_query_t *query, dns_section_t section) { dig_lookup_t *lookup = NULL; dig_server_t *srv = NULL; dns_rdataset_t *rdataset = NULL; - dns_rdata_t rdata = DNS_RDATA_INIT; isc_result_t result = ISC_R_NOMORE; bool success = false; int numLookups = 0; @@ -1858,10 +1857,8 @@ followup_lookup(dns_message_t *msg, dig_query_t *query, dns_section_t section) { } } - for (result = dns_rdataset_first(rdataset); - result == ISC_R_SUCCESS; - result = dns_rdataset_next(rdataset)) - { + DNS_RDATASET_FOREACH (rdataset) { + dns_rdata_t rdata = DNS_RDATA_INIT; char namestr[DNS_NAME_FORMATSIZE]; dns_rdata_ns_t ns; @@ -1916,7 +1913,6 @@ followup_lookup(dns_message_t *msg, dig_query_t *query, dns_section_t section) { } } numLookups += num; - dns_rdata_reset(&rdata); } } if (numLookups == 0 && addresses_result != ISC_R_SUCCESS) { @@ -3654,7 +3650,6 @@ tcp_connected(isc_nmhandle_t *handle, isc_result_t eresult, void *arg) { static bool check_for_more_data(dig_lookup_t *lookup, dig_query_t *query, dns_message_t *msg, isc_sockaddr_t *peer, int len) { - dns_rdata_t rdata = DNS_RDATA_INIT; dns_rdata_soa_t soa; uint32_t ixfr_serial = lookup->ixfr_serial, serial; isc_result_t result; @@ -3685,14 +3680,11 @@ check_for_more_data(dig_lookup_t *lookup, dig_query_t *query, } MSG_SECTION_FOREACH (msg, DNS_SECTION_ANSWER, name) { ISC_LIST_FOREACH (name->list, rdataset, link) { - result = dns_rdataset_first(rdataset); - if (result != ISC_R_SUCCESS) { - continue; - } - do { - query->rr_count++; - dns_rdata_reset(&rdata); + DNS_RDATASET_FOREACH (rdataset) { + dns_rdata_t rdata = DNS_RDATA_INIT; dns_rdataset_current(rdataset, &rdata); + + query->rr_count++; /* * If this is the first rr, make sure * it's an SOA @@ -3711,7 +3703,7 @@ check_for_more_data(dig_lookup_t *lookup, dig_query_t *query, query->second_rr_serial = 0; debug("got the second rr as nonsoa"); axfr = query->ixfr_axfr = true; - goto next_rdata; + continue; } /* @@ -3719,7 +3711,7 @@ check_for_more_data(dig_lookup_t *lookup, dig_query_t *query, * now, just continue on... */ if (rdata.type != dns_rdatatype_soa) { - goto next_rdata; + continue; } /* Now we have an SOA. Work with it. */ @@ -3740,7 +3732,7 @@ check_for_more_data(dig_lookup_t *lookup, dig_query_t *query, "response"); goto doexit; } - goto next_rdata; + continue; } if (axfr) { debug("doing axfr, got second SOA"); @@ -3756,7 +3748,7 @@ check_for_more_data(dig_lookup_t *lookup, dig_query_t *query, serial); query->second_rr_rcvd = true; query->second_rr_serial = serial; - goto next_rdata; + continue; } /* * If we get to this point, we're doing an @@ -3767,15 +3759,13 @@ check_for_more_data(dig_lookup_t *lookup, dig_query_t *query, debug("got a match for ixfr"); if (!query->first_repeat_rcvd) { query->first_repeat_rcvd = true; - goto next_rdata; + continue; } debug("done with ixfr"); goto doexit; } debug("meaningless soa %u", serial); - next_rdata: - result = dns_rdataset_next(rdataset); - } while (result == ISC_R_SUCCESS); + } } } diff --git a/bin/dig/host.c b/bin/dig/host.c index b89fca0817..b2cdf878d2 100644 --- a/bin/dig/host.c +++ b/bin/dig/host.c @@ -207,9 +207,8 @@ static isc_result_t printsection(dns_message_t *msg, dns_section_t sectionid, const char *section_name, bool headers, dig_query_t *query) { dns_name_t *print_name; - dns_rdata_t rdata = DNS_RDATA_INIT; isc_buffer_t target; - isc_result_t result, loopresult; + isc_result_t result; isc_region_t r; dns_name_t empty_name; char tbuf[4096] = { 0 }; @@ -262,8 +261,8 @@ printsection(dns_message_t *msg, dns_section_t sectionid, UNUSED(first); /* Shut up compiler. */ #endif /* ifdef USEINITALWS */ } else { - loopresult = dns_rdataset_first(rdataset); - while (loopresult == ISC_R_SUCCESS) { + DNS_RDATASET_FOREACH (rdataset) { + dns_rdata_t rdata = DNS_RDATA_INIT; struct rtype *t; const char *rtt; char typebuf[DNS_RDATATYPE_FORMATSIZE]; @@ -287,9 +286,6 @@ printsection(dns_message_t *msg, dns_section_t sectionid, found: say_message(print_name, rtt, &rdata, query); - dns_rdata_reset(&rdata); - loopresult = - dns_rdataset_next(rdataset); } } } diff --git a/bin/dig/nslookup.c b/bin/dig/nslookup.c index 66e238089c..8f6b57f554 100644 --- a/bin/dig/nslookup.c +++ b/bin/dig/nslookup.c @@ -198,7 +198,6 @@ printrdata(dns_rdata_t *rdata) { static isc_result_t printsection(dig_query_t *query, dns_message_t *msg, bool headers, dns_section_t section) { - dns_rdata_t rdata = DNS_RDATA_INIT; char namebuf[DNS_NAME_FORMATSIZE]; UNUSED(query); @@ -208,8 +207,8 @@ printsection(dig_query_t *query, dns_message_t *msg, bool headers, MSG_SECTION_FOREACH (msg, section, name) { ISC_LIST_FOREACH (name->list, rdataset, link) { - isc_result_t loopresult = dns_rdataset_first(rdataset); - while (loopresult == ISC_R_SUCCESS) { + DNS_RDATASET_FOREACH (rdataset) { + dns_rdata_t rdata = DNS_RDATA_INIT; dns_rdataset_current(rdataset, &rdata); switch (rdata.type) { case dns_rdatatype_a: @@ -236,8 +235,6 @@ printsection(dig_query_t *query, dns_message_t *msg, bool headers, printrdata(&rdata); break; } - dns_rdata_reset(&rdata); - loopresult = dns_rdataset_next(rdataset); } } } @@ -247,7 +244,6 @@ printsection(dig_query_t *query, dns_message_t *msg, bool headers, static isc_result_t detailsection(dig_query_t *query, dns_message_t *msg, bool headers, dns_section_t section) { - dns_rdata_t rdata = DNS_RDATA_INIT; char namebuf[DNS_NAME_FORMATSIZE]; UNUSED(query); @@ -283,8 +279,8 @@ detailsection(dig_query_t *query, dns_message_t *msg, bool headers, namebuf, sizeof(namebuf)); printf("class = %s\n", namebuf); } - isc_result_t loopresult = dns_rdataset_first(rdataset); - while (loopresult == ISC_R_SUCCESS) { + DNS_RDATASET_FOREACH (rdataset) { + dns_rdata_t rdata = DNS_RDATA_INIT; dns_rdataset_current(rdataset, &rdata); dns_name_format(name, namebuf, sizeof(namebuf)); @@ -298,9 +294,7 @@ detailsection(dig_query_t *query, dns_message_t *msg, bool headers, printf("\t"); printrdata(&rdata); } - dns_rdata_reset(&rdata); printf("\tttl = %u\n", rdataset->ttl); - loopresult = dns_rdataset_next(rdataset); } } } diff --git a/bin/dnssec/dnssec-cds.c b/bin/dnssec/dnssec-cds.c index 9b43a19a1e..ecab56dd67 100644 --- a/bin/dnssec/dnssec-cds.c +++ b/bin/dnssec/dnssec-cds.c @@ -469,9 +469,7 @@ match_key_dsset(keyinfo_t *ki, dns_rdataset_t *dsset, strictness_t strictness) { isc_result_t result; unsigned char dsbuf[DNS_DS_BUFFERSIZE]; - for (result = dns_rdataset_first(dsset); result == ISC_R_SUCCESS; - result = dns_rdataset_next(dsset)) - { + DNS_RDATASET_FOREACH (dsset) { dns_rdata_ds_t ds; dns_rdata_t dsrdata = DNS_RDATA_INIT; dns_rdata_t newdsrdata = DNS_RDATA_INIT; @@ -529,22 +527,20 @@ static keyinfo_t * match_keyset_dsset(dns_rdataset_t *keyset, dns_rdataset_t *dsset, strictness_t strictness) { isc_result_t result; - keyinfo_t *keytable, *ki; - int i; + keyinfo_t *keytable = NULL, *ki = NULL; + int i = 0; nkey = dns_rdataset_count(keyset); keytable = isc_mem_cget(mctx, nkey, sizeof(keytable[0])); + ki = keytable; - for (result = dns_rdataset_first(keyset), i = 0, ki = keytable; - result == ISC_R_SUCCESS; - result = dns_rdataset_next(keyset), i++, ki++) - { + DNS_RDATASET_FOREACH (keyset) { dns_rdata_dnskey_t dnskey; - dns_rdata_t *keyrdata; + dns_rdata_t *keyrdata = NULL; isc_region_t r; - INSIST(i < nkey); + INSIST(i++ < nkey); keyrdata = &ki->rdata; dns_rdata_init(keyrdata); @@ -559,6 +555,7 @@ match_keyset_dsset(dns_rdataset_t *keyset, dns_rdataset_t *dsset, ki->dst = NULL; if (!match_key_dsset(ki, dsset, strictness)) { + ki++; continue; } @@ -570,6 +567,7 @@ match_keyset_dsset(dns_rdataset_t *keyset, dns_rdataset_t *dsset, "keytag=%d, algo=%d): %s\n", ki->tag, ki->algo, isc_result_totext(result)); } + ki++; } return keytable; @@ -606,16 +604,14 @@ static dns_secalg_t * matching_sigs(keyinfo_t *keytbl, dns_rdataset_t *rdataset, dns_rdataset_t *sigset) { isc_result_t result; - dns_secalg_t *algo; + dns_secalg_t *algo = NULL; int i; REQUIRE(keytbl != NULL); algo = isc_mem_cget(mctx, nkey, sizeof(algo[0])); - for (result = dns_rdataset_first(sigset); result == ISC_R_SUCCESS; - result = dns_rdataset_next(sigset)) - { + DNS_RDATASET_FOREACH (sigset) { dns_rdata_t sigrdata = DNS_RDATA_INIT; dns_rdata_rrsig_t sig; @@ -709,9 +705,7 @@ signed_strict(dns_rdataset_t *dsset, dns_secalg_t *algo) { isc_result_t result; bool all_ok = true; - for (result = dns_rdataset_first(dsset); result == ISC_R_SUCCESS; - result = dns_rdataset_next(dsset)) - { + DNS_RDATASET_FOREACH (dsset) { dns_rdata_t dsrdata = DNS_RDATA_INIT; dns_rdata_ds_t ds; bool ds_ok; @@ -791,9 +785,7 @@ append_new_ds_set(ds_maker_func_t *ds_from_rdata, isc_buffer_t *buf, dns_rdataset_t *crdset) { isc_result_t result; - for (result = dns_rdataset_first(crdset); result == ISC_R_SUCCESS; - result = dns_rdataset_next(crdset)) - { + DNS_RDATASET_FOREACH (crdset) { dns_rdata_t crdata = DNS_RDATA_INIT; dns_rdata_t *ds = NULL; @@ -876,12 +868,12 @@ rdata_cmp(const void *rdata1, const void *rdata2) { static bool consistent_digests(dns_rdataset_t *dsset) { isc_result_t result; - dns_rdata_t *arrdata; - dns_rdata_ds_t *ds; + dns_rdata_t *arrdata = NULL; + dns_rdata_ds_t *ds = NULL; dns_keytag_t key_tag; dns_secalg_t algorithm; bool match; - int i, j, n, d; + int i = 0, j, n, d; /* * First sort the dsset. DS rdata fields are tag, algorithm, @@ -893,11 +885,10 @@ consistent_digests(dns_rdataset_t *dsset) { arrdata = isc_mem_cget(mctx, n, sizeof(dns_rdata_t)); - for (result = dns_rdataset_first(dsset), i = 0; result == ISC_R_SUCCESS; - result = dns_rdataset_next(dsset), i++) - { + DNS_RDATASET_FOREACH (dsset) { dns_rdata_init(&arrdata[i]); dns_rdataset_current(dsset, &arrdata[i]); + i++; } qsort(arrdata, n, sizeof(dns_rdata_t), rdata_cmp); diff --git a/bin/dnssec/dnssec-dsfromkey.c b/bin/dnssec/dnssec-dsfromkey.c index c5c5c4d417..81050bd1fd 100644 --- a/bin/dnssec/dnssec-dsfromkey.c +++ b/bin/dnssec/dnssec-dsfromkey.c @@ -371,9 +371,6 @@ main(int argc, char **argv) { bool showall = false; isc_result_t result; dns_rdataset_t rdataset; - dns_rdata_t rdata; - - dns_rdata_init(&rdata); if (argc == 1) { usage(); @@ -516,11 +513,8 @@ main(int argc, char **argv) { isc_result_totext(result)); } - for (result = dns_rdataset_first(&rdataset); - result == ISC_R_SUCCESS; - result = dns_rdataset_next(&rdataset)) - { - dns_rdata_init(&rdata); + DNS_RDATASET_FOREACH (&rdataset) { + dns_rdata_t rdata = DNS_RDATA_INIT; dns_rdataset_current(&rdataset, &rdata); if (verbose > 2) { @@ -531,6 +525,7 @@ main(int argc, char **argv) { } } else { unsigned char key_buf[DST_KEY_MAXSIZE]; + dns_rdata_t rdata = DNS_RDATA_INIT; loadkey(arg1, key_buf, DST_KEY_MAXSIZE, &rdata); diff --git a/bin/dnssec/dnssec-importkey.c b/bin/dnssec/dnssec-importkey.c index 7ad8a14428..fa6cb4fe92 100644 --- a/bin/dnssec/dnssec-importkey.c +++ b/bin/dnssec/dnssec-importkey.c @@ -298,15 +298,12 @@ int main(int argc, char **argv) { char *classname = NULL; char *filename = NULL, *dir = NULL, *namestr; - char *endp; + char *endp = NULL; int ch; isc_result_t result; dns_rdataset_t rdataset; - dns_rdata_t rdata; isc_stdtime_t now = isc_stdtime_now(); - dns_rdata_init(&rdata); - if (argc == 1) { usage(); } @@ -433,16 +430,14 @@ main(int argc, char **argv) { isc_result_totext(result)); } - for (result = dns_rdataset_first(&rdataset); - result == ISC_R_SUCCESS; - result = dns_rdataset_next(&rdataset)) - { - dns_rdata_init(&rdata); + DNS_RDATASET_FOREACH (&rdataset) { + dns_rdata_t rdata = DNS_RDATA_INIT; dns_rdataset_current(&rdataset, &rdata); emit(dir, &rdata); } } else { unsigned char key_buf[DST_KEY_MAXSIZE]; + dns_rdata_t rdata = DNS_RDATA_INIT; loadkey(argv[isc_commandline_index], key_buf, DST_KEY_MAXSIZE, &rdata); diff --git a/bin/dnssec/dnssec-signzone.c b/bin/dnssec/dnssec-signzone.c index 4de69f56f0..c9ea79dfea 100644 --- a/bin/dnssec/dnssec-signzone.c +++ b/bin/dnssec/dnssec-signzone.c @@ -479,7 +479,6 @@ static void signset(dns_diff_t *del, dns_diff_t *add, dns_dbnode_t *node, dns_name_t *name, dns_rdataset_t *set) { dns_rdataset_t sigset; - dns_rdata_t sigrdata = DNS_RDATA_INIT; dns_rdata_rrsig_t rrsig; isc_result_t result; bool nosigs = false; @@ -524,152 +523,161 @@ signset(dns_diff_t *del, dns_diff_t *add, dns_dbnode_t *node, dns_name_t *name, wassignedby[i] = nowsignedby[i] = false; } - if (nosigs) { - result = ISC_R_NOMORE; - } else { - result = dns_rdataset_first(&sigset); - } + if (!nosigs) { + DNS_RDATASET_FOREACH (&sigset) { + dns_rdata_t sigrdata = DNS_RDATA_INIT; + dns_dnsseckey_t *key = NULL; + bool expired, refresh, future, offline; + bool keep = false, resign = false; - while (result == ISC_R_SUCCESS) { - dns_dnsseckey_t *key = NULL; - bool expired, refresh, future, offline; - bool keep = false, resign = false; + dns_rdataset_current(&sigset, &sigrdata); - dns_rdataset_current(&sigset, &sigrdata); + result = dns_rdata_tostruct(&sigrdata, &rrsig, NULL); + check_result(result, "dns_rdata_tostruct"); - result = dns_rdata_tostruct(&sigrdata, &rrsig, NULL); - check_result(result, "dns_rdata_tostruct"); + future = isc_serial_lt(now, rrsig.timesigned); - future = isc_serial_lt(now, rrsig.timesigned); + key = keythatsigned(&rrsig); + offline = (key != NULL) ? key->pubkey : false; + sig_format(&rrsig, sigstr, sizeof(sigstr)); + expired = isc_serial_gt(now, rrsig.timeexpire); + refresh = isc_serial_gt(now + cycle, rrsig.timeexpire); - key = keythatsigned(&rrsig); - offline = (key != NULL) ? key->pubkey : false; - sig_format(&rrsig, sigstr, sizeof(sigstr)); - expired = isc_serial_gt(now, rrsig.timeexpire); - refresh = isc_serial_gt(now + cycle, rrsig.timeexpire); - - if (isc_serial_gt(rrsig.timesigned, rrsig.timeexpire)) { - /* rrsig is dropped and not replaced */ - vbprintf(2, - "\trrsig by %s dropped - " - "invalid validity period\n", - sigstr); - } else if (key == NULL && !future && - expecttofindkey(&rrsig.signer)) - { - /* rrsig is dropped and not replaced */ - vbprintf(2, - "\trrsig by %s dropped - " - "private dnskey not found\n", - sigstr); - } else if (key == NULL || future) { - keep = (!expired && !remove_orphansigs); - vbprintf(2, "\trrsig by %s %s - dnskey not found\n", - keep ? "retained" : "dropped", sigstr); - } else if (!dns_dnssec_keyactive(key->key, now) && - remove_inactkeysigs) - { - keep = false; - vbprintf(2, "\trrsig by %s dropped - key inactive\n", - sigstr); - } else if (issigningkey(key)) { - wassignedby[key->index] = true; - - if (!refresh && rrsig.originalttl == set->ttl && - setverifies(name, set, key->key, &sigrdata)) + if (isc_serial_gt(rrsig.timesigned, rrsig.timeexpire)) { + /* rrsig is dropped and not replaced */ + vbprintf(2, + "\trrsig by %s dropped - " + "invalid validity period\n", + sigstr); + } else if (key == NULL && !future && + expecttofindkey(&rrsig.signer)) { + /* rrsig is dropped and not replaced */ + vbprintf(2, + "\trrsig by %s dropped - " + "private dnskey not found\n", + sigstr); + } else if (key == NULL || future) { + keep = (!expired && !remove_orphansigs); + vbprintf( + 2, + "\trrsig by %s %s - dnskey not found\n", + keep ? "retained" : "dropped", sigstr); + } else if (!dns_dnssec_keyactive(key->key, now) && + remove_inactkeysigs) + { + keep = false; + vbprintf(2, + "\trrsig by %s dropped - key " + "inactive\n", + sigstr); + } else if (issigningkey(key)) { + wassignedby[key->index] = true; + + if (!refresh && rrsig.originalttl == set->ttl && + setverifies(name, set, key->key, &sigrdata)) + { + vbprintf(2, "\trrsig by %s retained\n", + sigstr); + keep = true; + } else if (offline) { + vbprintf(2, + "\trrsig by %s retained - " + "private key " + "missing\n", + sigstr); + keep = true; + } else { + vbprintf(2, + "\trrsig by %s dropped - %s\n", + sigstr, + refresh ? "refresh" + : rrsig.originalttl != set->ttl + ? "ttl change" + : "failed to " + "verify"); + resign = true; + } + } else if (!ispublishedkey(key) && remove_orphansigs) { + vbprintf(2, + "\trrsig by %s dropped - dnskey " + "removed\n", + sigstr); + } else if (iszonekey(key)) { + wassignedby[key->index] = true; + + if (!refresh && rrsig.originalttl == set->ttl && + setverifies(name, set, key->key, &sigrdata)) + { + vbprintf(2, "\trrsig by %s retained\n", + sigstr); + keep = true; + } else if (offline) { + vbprintf(2, + "\trrsig by %s retained - " + "private key " + "missing\n", + sigstr); + keep = true; + } else { + vbprintf(2, + "\trrsig by %s dropped - %s\n", + sigstr, + refresh ? "refresh" + : rrsig.originalttl != set->ttl + ? "ttl change" + : "failed to " + "verify"); + } + } else if (!refresh) { vbprintf(2, "\trrsig by %s retained\n", sigstr); keep = true; - } else if (offline) { - vbprintf(2, - "\trrsig by %s retained - private key " - "missing\n", - sigstr); - keep = true; } else { - vbprintf(2, "\trrsig by %s dropped - %s\n", - sigstr, - refresh ? "refresh" - : rrsig.originalttl != set->ttl - ? "ttl change" - : "failed to " - "verify"); - resign = true; + vbprintf(2, "\trrsig by %s %s\n", sigstr, + expired ? "expired" : "needs refresh"); } - } else if (!ispublishedkey(key) && remove_orphansigs) { - vbprintf(2, "\trrsig by %s dropped - dnskey removed\n", - sigstr); - } else if (iszonekey(key)) { - wassignedby[key->index] = true; - if (!refresh && rrsig.originalttl == set->ttl && - setverifies(name, set, key->key, &sigrdata)) - { - vbprintf(2, "\trrsig by %s retained\n", sigstr); - keep = true; - } else if (offline) { - vbprintf(2, - "\trrsig by %s retained - private key " - "missing\n", - sigstr); - keep = true; + if (keep) { + if (key != NULL) { + nowsignedby[key->index] = true; + } + INCSTAT(nretained); + if (sigset.ttl != ttl) { + vbprintf(2, "\tfixing ttl %s\n", + sigstr); + tuple = NULL; + dns_difftuple_create( + mctx, DNS_DIFFOP_DELRESIGN, + name, sigset.ttl, &sigrdata, + &tuple); + dns_diff_append(del, &tuple); + dns_difftuple_create( + mctx, DNS_DIFFOP_ADDRESIGN, + name, ttl, &sigrdata, &tuple); + dns_diff_append(add, &tuple); + } } else { - vbprintf(2, "\trrsig by %s dropped - %s\n", - sigstr, - refresh ? "refresh" - : rrsig.originalttl != set->ttl - ? "ttl change" - : "failed to " - "verify"); - } - } else if (!refresh) { - vbprintf(2, "\trrsig by %s retained\n", sigstr); - keep = true; - } else { - vbprintf(2, "\trrsig by %s %s\n", sigstr, - expired ? "expired" : "needs refresh"); - } - - if (keep) { - if (key != NULL) { - nowsignedby[key->index] = true; - } - INCSTAT(nretained); - if (sigset.ttl != ttl) { - vbprintf(2, "\tfixing ttl %s\n", sigstr); tuple = NULL; + vbprintf(2, "\tremoving signature by %s\n", + sigstr); dns_difftuple_create(mctx, DNS_DIFFOP_DELRESIGN, name, sigset.ttl, &sigrdata, &tuple); dns_diff_append(del, &tuple); - dns_difftuple_create(mctx, DNS_DIFFOP_ADDRESIGN, - name, ttl, &sigrdata, - &tuple); - dns_diff_append(add, &tuple); + INCSTAT(ndropped); } - } else { - tuple = NULL; - vbprintf(2, "\tremoving signature by %s\n", sigstr); - dns_difftuple_create(mctx, DNS_DIFFOP_DELRESIGN, name, - sigset.ttl, &sigrdata, &tuple); - dns_diff_append(del, &tuple); - INCSTAT(ndropped); + + if (resign) { + INSIST(!keep); + + signwithkey(name, set, key->key, ttl, add, + "resigning with dnskey"); + nowsignedby[key->index] = true; + } + + dns_rdata_reset(&sigrdata); + dns_rdata_freestruct(&rrsig); } - - if (resign) { - INSIST(!keep); - - signwithkey(name, set, key->key, ttl, add, - "resigning with dnskey"); - nowsignedby[key->index] = true; - } - - dns_rdata_reset(&sigrdata); - dns_rdata_freestruct(&rrsig); - result = dns_rdataset_next(&sigset); - } - if (result == ISC_R_NOMORE) { - result = ISC_R_SUCCESS; } check_result(result, "dns_rdataset_first/next"); @@ -1014,7 +1022,6 @@ loadds(dns_name_t *name, uint32_t ttl, dns_rdataset_t *dsset) { dns_dbnode_t *node = NULL; isc_result_t result; dns_rdataset_t keyset; - dns_rdata_t key, ds; unsigned char dsbuf[DNS_DS_BUFFERSIZE]; dns_diff_t diff; dns_difftuple_t *tuple = NULL; @@ -1064,11 +1071,9 @@ loadds(dns_name_t *name, uint32_t ttl, dns_rdataset_t *dsset) { check_result(result, "dns_db_newversion"); dns_diff_init(mctx, &diff); - for (result = dns_rdataset_first(&keyset); result == ISC_R_SUCCESS; - result = dns_rdataset_next(&keyset)) - { - dns_rdata_init(&key); - dns_rdata_init(&ds); + DNS_RDATASET_FOREACH (&keyset) { + dns_rdata_t key = DNS_RDATA_INIT; + dns_rdata_t ds = DNS_RDATA_INIT; dns_rdataset_current(&keyset, &key); result = dns_ds_buildrdata(name, &key, DNS_DSDIGEST_SHA256, dsbuf, &ds); @@ -2060,7 +2065,6 @@ nsec3clean(dns_name_t *name, dns_dbnode_t *node, unsigned int hashalg, hashlist_t *hashlist) { dns_label_t label; dns_rdata_nsec3_t nsec3; - dns_rdata_t rdata, delrdata; dns_rdatalist_t rdatalist; dns_rdataset_t rdataset, delrdataset; bool delete_rrsigs = false; @@ -2109,10 +2113,10 @@ nsec3clean(dns_name_t *name, dns_dbnode_t *node, unsigned int hashalg, * Delete any NSEC3 records which are not part of the current * NSEC3 chain. */ - for (result = dns_rdataset_first(&rdataset); result == ISC_R_SUCCESS; - result = dns_rdataset_next(&rdataset)) - { - dns_rdata_init(&rdata); + DNS_RDATASET_FOREACH (&rdataset) { + dns_rdata_t rdata = DNS_RDATA_INIT; + dns_rdata_t delrdata = DNS_RDATA_INIT; + dns_rdataset_current(&rdataset, &rdata); result = dns_rdata_tostruct(&rdata, &nsec3, NULL); check_result(result, "dns_rdata_tostruct"); @@ -2129,7 +2133,7 @@ nsec3clean(dns_name_t *name, dns_dbnode_t *node, unsigned int hashalg, if (set_maxttl) { rdatalist.ttl = ISC_MIN(rdataset.ttl, maxttl); } - dns_rdata_init(&delrdata); + dns_rdata_clone(&rdata, &delrdata); ISC_LIST_APPEND(rdatalist.rdata, &delrdata, link); dns_rdatalist_tordataset(&rdatalist, &delrdataset); @@ -2142,9 +2146,6 @@ nsec3clean(dns_name_t *name, dns_dbnode_t *node, unsigned int hashalg, delete_rrsigs = true; } dns_rdataset_disassociate(&rdataset); - if (result != ISC_R_NOMORE) { - check_result(result, "dns_rdataset_first/next"); - } if (!delete_rrsigs) { return; @@ -2162,7 +2163,6 @@ nsec3clean(dns_name_t *name, dns_dbnode_t *node, unsigned int hashalg, static void rrset_cleanup(dns_name_t *name, dns_rdataset_t *rdataset, dns_diff_t *add, dns_diff_t *del) { - isc_result_t result; unsigned int count1 = 0; dns_rdataset_t tmprdataset; char namestr[DNS_NAME_FORMATSIZE]; @@ -2172,19 +2172,14 @@ rrset_cleanup(dns_name_t *name, dns_rdataset_t *rdataset, dns_diff_t *add, dns_rdatatype_format(rdataset->type, typestr, sizeof(typestr)); dns_rdataset_init(&tmprdataset); - for (result = dns_rdataset_first(rdataset); result == ISC_R_SUCCESS; - result = dns_rdataset_next(rdataset)) - { + DNS_RDATASET_FOREACH (rdataset) { dns_rdata_t rdata1 = DNS_RDATA_INIT; unsigned int count2 = 0; count1++; dns_rdataset_current(rdataset, &rdata1); dns_rdataset_clone(rdataset, &tmprdataset); - for (result = dns_rdataset_first(&tmprdataset); - result == ISC_R_SUCCESS; - result = dns_rdataset_next(&tmprdataset)) - { + DNS_RDATASET_FOREACH (&tmprdataset) { dns_rdata_t rdata2 = DNS_RDATA_INIT; dns_difftuple_t *tuple = NULL; count2++; @@ -2895,7 +2890,6 @@ warnifallksk(dns_db_t *db) { dns_dbversion_t *currentversion = NULL; dns_dbnode_t *node = NULL; dns_rdataset_t rdataset; - dns_rdata_t rdata = DNS_RDATA_INIT; isc_result_t result; dns_rdata_dnskey_t dnskey; bool have_non_ksk = false; @@ -2916,18 +2910,19 @@ warnifallksk(dns_db_t *db) { fatal("failed to find keys at the zone apex: %s", isc_result_totext(result)); } + result = dns_rdataset_first(&rdataset); check_result(result, "dns_rdataset_first"); - while (result == ISC_R_SUCCESS) { - dns_rdata_reset(&rdata); + + DNS_RDATASET_FOREACH (&rdataset) { + dns_rdata_t rdata = DNS_RDATA_INIT; dns_rdataset_current(&rdataset, &rdata); + result = dns_rdata_tostruct(&rdata, &dnskey, NULL); check_result(result, "dns_rdata_tostruct"); if ((dnskey.flags & DNS_KEYFLAG_KSK) == 0) { have_non_ksk = true; - result = ISC_R_NOMORE; - } else { - result = dns_rdataset_next(&rdataset); + break; } dns_rdata_freestruct(&dnskey); } diff --git a/bin/named/server.c b/bin/named/server.c index a943a69a2a..6533bff6e8 100644 --- a/bin/named/server.c +++ b/bin/named/server.c @@ -6852,10 +6852,7 @@ get_tat_qname(dns_name_t *target, dns_name_t *keyname, dns_keynode_t *keynode) { if (dns_keynode_dsset(keynode, &dsset)) { isc_result_t result; - for (result = dns_rdataset_first(&dsset); - result == ISC_R_SUCCESS; - result = dns_rdataset_next(&dsset)) - { + DNS_RDATASET_FOREACH (&dsset) { dns_rdata_t rdata = DNS_RDATA_INIT; dns_rdata_ds_t ds; @@ -14329,10 +14326,7 @@ named_server_signing(named_server_t *server, isc_lex_t *lex, goto cleanup; } - for (result = dns_rdataset_first(&privset); - result == ISC_R_SUCCESS; - result = dns_rdataset_next(&privset)) - { + DNS_RDATASET_FOREACH (&privset) { dns_rdata_t priv = DNS_RDATA_INIT; /* * In theory, the output buffer could hold a full RDATA @@ -14355,10 +14349,6 @@ named_server_signing(named_server_t *server, isc_lex_t *lex, if (!first) { CHECK(putnull(text)); } - - if (result == ISC_R_NOMORE) { - result = ISC_R_SUCCESS; - } } else if (kasp) { (void)putstr(text, "zone uses dnssec-policy, use rndc dnssec " "command instead"); @@ -15438,7 +15428,6 @@ mkey_dumpzone(dns_view_t *view, isc_buffer_t **text) { char buf[DNS_NAME_FORMATSIZE + 500]; dns_name_t *name = NULL; dns_rdataset_t *kdset = NULL; - dns_rdata_t rdata = DNS_RDATA_INIT; dns_rdata_keydata_t kd; uint32_t ttl; @@ -15456,11 +15445,10 @@ mkey_dumpzone(dns_view_t *view, isc_buffer_t **text) { CHECK(putstr(text, buf)); } - for (result = dns_rdataset_first(kdset); - result == ISC_R_SUCCESS; result = dns_rdataset_next(kdset)) - { + DNS_RDATASET_FOREACH (kdset) { char alg[DNS_SECALG_FORMATSIZE]; char tbuf[ISC_FORMATHTTPTIMESTAMP_SIZE]; + dns_rdata_t rdata = DNS_RDATA_INIT; dns_keytag_t keyid; isc_region_t r; isc_time_t t; diff --git a/bin/tests/system/dyndb/driver/syncptr.c b/bin/tests/system/dyndb/driver/syncptr.c index b84abc968d..0ff33e158b 100644 --- a/bin/tests/system/dyndb/driver/syncptr.c +++ b/bin/tests/system/dyndb/driver/syncptr.c @@ -295,22 +295,15 @@ cleanup: isc_result_t syncptrs(sample_instance_t *inst, dns_name_t *name, dns_rdataset_t *rdataset, dns_diffop_t op) { - isc_result_t result; - dns_rdata_t rdata = DNS_RDATA_INIT; - - for (result = dns_rdataset_first(rdataset); result == ISC_R_SUCCESS; - result = dns_rdataset_next(rdataset)) - { + isc_result_t result = ISC_R_SUCCESS; + DNS_RDATASET_FOREACH (rdataset) { + dns_rdata_t rdata = DNS_RDATA_INIT; dns_rdataset_current(rdataset, &rdata); result = syncptr(inst, name, &rdata, rdataset->ttl, op); if (result != ISC_R_SUCCESS && result != ISC_R_NOTFOUND) { - goto cleanup; + break; } } - if (result == ISC_R_NOMORE) { - result = ISC_R_SUCCESS; - } -cleanup: return result; } diff --git a/bin/tools/mdig.c b/bin/tools/mdig.c index b776f9857a..a9d0975efd 100644 --- a/bin/tools/mdig.c +++ b/bin/tools/mdig.c @@ -427,9 +427,7 @@ repopulate_buffer: } CHECK("dns_message_sectiontotext", result); } else if (display_answer) { - isc_result_t loopresult; dns_name_t empty_name; - dns_rdata_t rdata = DNS_RDATA_INIT; unsigned int answerstyleflags = 0; if (!display_crypto) { @@ -443,8 +441,8 @@ repopulate_buffer: MSG_SECTION_FOREACH (response, DNS_SECTION_ANSWER, name) { ISC_LIST_FOREACH (name->list, rdataset, link) { - loopresult = dns_rdataset_first(rdataset); - while (loopresult == ISC_R_SUCCESS) { + DNS_RDATASET_FOREACH (rdataset) { + dns_rdata_t rdata = DNS_RDATA_INIT; dns_rdataset_current(rdataset, &rdata); result = dns_rdata_tofmttext( &rdata, NULL, answerstyleflags, @@ -452,10 +450,8 @@ repopulate_buffer: if (result == ISC_R_NOSPACE) { goto buftoosmall; } + CHECK("dns_rdata_tofmttext", result); - loopresult = - dns_rdataset_next(rdataset); - dns_rdata_reset(&rdata); if (strlen("\n") >= isc_buffer_availablelength(buf)) { diff --git a/lib/dns/adb.c b/lib/dns/adb.c index f2c7925f6b..d95ae44bd1 100644 --- a/lib/dns/adb.c +++ b/lib/dns/adb.c @@ -568,9 +568,7 @@ import_rdataset(dns_adbname_t *adbname, dns_rdataset_t *rdataset, REQUIRE(dns_rdatatype_isaddr(rdtype)); - for (isc_result_t result = dns_rdataset_first(rdataset); - result == ISC_R_SUCCESS; result = dns_rdataset_next(rdataset)) - { + DNS_RDATASET_FOREACH (rdataset) { /* FIXME: Move to a separate function */ dns_adbnamehooklist_t *hookhead = NULL; dns_adbentry_t *entry = NULL; diff --git a/lib/dns/catz.c b/lib/dns/catz.c index 2a6fd1af4e..f6c6bc51ce 100644 --- a/lib/dns/catz.c +++ b/lib/dns/catz.c @@ -1381,7 +1381,6 @@ static isc_result_t catz_process_primaries(dns_catz_zone_t *catz, dns_ipkeylist_t *ipkl, dns_rdataset_t *value, dns_name_t *name) { isc_result_t result; - dns_rdata_t rdata; dns_rdata_in_a_t rdata_a; dns_rdata_in_aaaa_t rdata_aaaa; dns_rdata_txt_t rdata_txt; @@ -1411,6 +1410,7 @@ catz_process_primaries(dns_catz_zone_t *catz, dns_ipkeylist_t *ipkl, * - label and IN TXT - TSIG key name */ if (name->length != 0) { + dns_rdata_t rdata = DNS_RDATA_INIT; isc_sockaddr_t sockaddr; size_t i; @@ -1420,7 +1420,6 @@ catz_process_primaries(dns_catz_zone_t *catz, dns_ipkeylist_t *ipkl, */ result = dns_rdataset_first(value); RUNTIME_CHECK(result == ISC_R_SUCCESS); - dns_rdata_init(&rdata); dns_rdataset_current(value, &rdata); switch (value->type) { case dns_rdatatype_a: @@ -1524,10 +1523,8 @@ catz_process_primaries(dns_catz_zone_t *catz, dns_ipkeylist_t *ipkl, dns_ipkeylist_resize(mctx, ipkl, rcount); - for (result = dns_rdataset_first(value); result == ISC_R_SUCCESS; - result = dns_rdataset_next(value)) - { - dns_rdata_init(&rdata); + DNS_RDATASET_FOREACH (value) { + dns_rdata_t rdata = DNS_RDATA_INIT; dns_rdataset_current(value, &rdata); /* * port 0 == take the default diff --git a/lib/dns/dns64.c b/lib/dns/dns64.c index c72c99727c..9d82849de3 100644 --- a/lib/dns/dns64.c +++ b/lib/dns/dns64.c @@ -270,10 +270,7 @@ dns_dns64_aaaaok(const dns_dns64_t *dns64, const isc_netaddr_t *reqaddr, i = 0; ok = 0; - for (result = dns_rdataset_first(rdataset); - result == ISC_R_SUCCESS; - result = dns_rdataset_next(rdataset)) - { + DNS_RDATASET_FOREACH (rdataset) { dns_rdata_t rdata = DNS_RDATA_INIT; if (aaaaok == NULL || !aaaaok[i]) { dns_rdataset_current(rdataset, &rdata); @@ -407,7 +404,6 @@ dns_dns64_findprefix(dns_rdataset_t *rdataset, isc_netprefix_t *prefix, unsigned int oplen, iplen; size_t count = 0; struct in6_addr ina6; - isc_result_t result; REQUIRE(prefix != NULL && len != NULL && *len != 0U); REQUIRE(rdataset != NULL && rdataset->type == dns_rdatatype_aaaa); @@ -417,9 +413,7 @@ dns_dns64_findprefix(dns_rdataset_t *rdataset, isc_netprefix_t *prefix, dns_rdataset_clone(rdataset, &outer); dns_rdataset_clone(rdataset, &inner); - for (result = dns_rdataset_first(&outer); result == ISC_R_SUCCESS; - result = dns_rdataset_next(&outer)) - { + DNS_RDATASET_FOREACH (&outer) { dns_rdata_t rd1 = DNS_RDATA_INIT; dns_rdataset_current(&outer, &rd1); oplen = 0; @@ -431,33 +425,30 @@ dns_dns64_findprefix(dns_rdataset_t *rdataset, isc_netprefix_t *prefix, } /* Look for the 192.0.0.171 match. */ - for (result = dns_rdataset_first(&inner); - result == ISC_R_SUCCESS; - result = dns_rdataset_next(&inner)) - { + bool matched = false; + DNS_RDATASET_FOREACH (&inner) { dns_rdata_t rd2 = DNS_RDATA_INIT; dns_rdataset_current(&inner, &rd2); iplen = search(&rd2, &rd1, oplen); - if (iplen == 0) { - continue; - } - INSIST(iplen == oplen); - if (count >= *len) { - count++; - break; - } + if (iplen != 0) { + matched = true; + INSIST(iplen == oplen); + if (count >= *len) { + count++; + break; + } - /* We have a prefix. */ - memset(ina6.s6_addr, 0, sizeof(ina6.s6_addr)); - memmove(ina6.s6_addr, rd1.data, oplen / 8); - isc_netaddr_fromin6(&prefix[count].addr, &ina6); - prefix[count].prefixlen = oplen; - count++; - break; + /* We have a prefix. */ + memset(ina6.s6_addr, 0, sizeof(ina6.s6_addr)); + memmove(ina6.s6_addr, rd1.data, oplen / 8); + isc_netaddr_fromin6(&prefix[count].addr, &ina6); + prefix[count].prefixlen = oplen; + count++; + } } /* Didn't find a match look for a different prefix length. */ - if (result == ISC_R_NOMORE) { + if (!matched) { goto resume; } } @@ -493,15 +484,14 @@ dns_dns64_apply(isc_mem_t *mctx, dns_dns64list_t dns64s, unsigned int count, aaaalist->rdclass = dns_rdataclass_in; aaaalist->type = dns_rdatatype_aaaa; - for (result = dns_rdataset_first(a); result == ISC_R_SUCCESS; - result = dns_rdataset_next(a)) - { + DNS_RDATASET_FOREACH (a) { + dns_rdata_t rdata = DNS_RDATA_INIT; + dns_rdataset_current(a, &rdata); + ISC_LIST_FOREACH (dns64s, dns64, link) { - dns_rdata_t rdata = DNS_RDATA_INIT; dns_rdata_t *dns64_rdata = NULL; isc_region_t r; - dns_rdataset_current(a, &rdata); isc_buffer_availableregion(buffer, &r); INSIST(r.length >= 16); result = dns_dns64_aaaafroma(dns64, &netaddr, reqsigner, diff --git a/lib/dns/dnssec.c b/lib/dns/dnssec.c index 277230bca6..3632f86178 100644 --- a/lib/dns/dnssec.c +++ b/lib/dns/dnssec.c @@ -1036,7 +1036,6 @@ dns_dnssec_signs(dns_rdata_t *rdata, const dns_name_t *name, dns_keytag_t keytag; dns_rdata_dnskey_t key; dns_rdata_rrsig_t sig; - dns_rdata_t sigrdata = DNS_RDATA_INIT; isc_result_t result; INSIST(sigrdataset->type == dns_rdatatype_rrsig); @@ -1052,10 +1051,8 @@ dns_dnssec_signs(dns_rdata_t *rdata, const dns_name_t *name, RUNTIME_CHECK(result == ISC_R_SUCCESS); keytag = dst_key_id(dstkey); - for (result = dns_rdataset_first(sigrdataset); result == ISC_R_SUCCESS; - result = dns_rdataset_next(sigrdataset)) - { - dns_rdata_reset(&sigrdata); + DNS_RDATASET_FOREACH (sigrdataset) { + dns_rdata_t sigrdata = DNS_RDATA_INIT; dns_rdataset_current(sigrdataset, &sigrdata); result = dns_rdata_tostruct(&sigrdata, &sig, NULL); RUNTIME_CHECK(result == ISC_R_SUCCESS); @@ -1083,17 +1080,13 @@ dns_dnssec_iszonekey(dns_rdata_dnskey_t *key) { bool dns_dnssec_haszonekey(dns_rdataset_t *keyset) { - isc_result_t result; - REQUIRE(keyset != NULL); if (keyset->type != dns_rdatatype_dnskey) { return false; } - for (result = dns_rdataset_first(keyset); result == ISC_R_SUCCESS; - result = dns_rdataset_next(keyset)) - { + DNS_RDATASET_FOREACH (keyset) { dns_rdata_t rdata = DNS_RDATA_INIT; dns_rdata_dnskey_t key; @@ -1480,9 +1473,7 @@ mark_active_keys(dns_dnsseckeylist_t *keylist, dns_rdataset_t *rrsigs) { keyid = dst_key_id(key->key); keyalg = dst_key_alg(key->key); - for (result = dns_rdataset_first(&sigs); - result == ISC_R_SUCCESS; result = dns_rdataset_next(&sigs)) - { + DNS_RDATASET_FOREACH (&sigs) { dns_rdata_rrsig_t sig; dns_rdata_reset(&rdata); @@ -1498,10 +1489,6 @@ mark_active_keys(dns_dnsseckeylist_t *keylist, dns_rdataset_t *rrsigs) { } } - if (result == ISC_R_NOMORE) { - result = ISC_R_SUCCESS; - } - if (dns_rdataset_isassociated(&sigs)) { dns_rdataset_disassociate(&sigs); } @@ -1547,7 +1534,6 @@ dns_dnssec_keylistfromrdataset(const dns_name_t *origin, dns_kasp_t *kasp, dns_rdataset_t *soasigs, bool savekeys, bool publickey, dns_dnsseckeylist_t *keylist) { dns_rdataset_t keys; - dns_rdata_t rdata = DNS_RDATA_INIT; dst_key_t *dnskey = NULL, *pubkey = NULL, *privkey = NULL; isc_result_t result; @@ -1556,10 +1542,8 @@ dns_dnssec_keylistfromrdataset(const dns_name_t *origin, dns_kasp_t *kasp, dns_rdataset_init(&keys); dns_rdataset_clone(keyset, &keys); - for (result = dns_rdataset_first(&keys); result == ISC_R_SUCCESS; - result = dns_rdataset_next(&keys)) - { - dns_rdata_reset(&rdata); + DNS_RDATASET_FOREACH (&keys) { + dns_rdata_t rdata = DNS_RDATA_INIT; dns_rdataset_current(&keys, &rdata); REQUIRE(rdata.type == dns_rdatatype_key || @@ -1699,10 +1683,6 @@ dns_dnssec_keylistfromrdataset(const dns_name_t *origin, dns_kasp_t *kasp, } } - if (result != ISC_R_NOMORE) { - RETERR(result); - } - if (keysigs != NULL && dns_rdataset_isassociated(keysigs)) { RETERR(mark_active_keys(keylist, keysigs)); } @@ -1826,14 +1806,10 @@ failure: static bool exists(dns_rdataset_t *rdataset, dns_rdata_t *rdata) { - isc_result_t result; - dns_rdataset_t trdataset; - - dns_rdataset_init(&trdataset); + dns_rdataset_t trdataset = DNS_RDATASET_INIT; dns_rdataset_clone(rdataset, &trdataset); - for (result = dns_rdataset_first(&trdataset); result == ISC_R_SUCCESS; - result = dns_rdataset_next(&trdataset)) - { + + DNS_RDATASET_FOREACH (&trdataset) { dns_rdata_t current = DNS_RDATA_INIT; dns_rdataset_current(&trdataset, ¤t); @@ -2361,9 +2337,7 @@ dns_dnssec_matchdskey(dns_name_t *name, dns_rdata_t *dsrdata, result = dns_rdata_tostruct(dsrdata, &ds, NULL); RUNTIME_CHECK(result == ISC_R_SUCCESS); - for (result = dns_rdataset_first(keyset); result == ISC_R_SUCCESS; - result = dns_rdataset_next(keyset)) - { + DNS_RDATASET_FOREACH (keyset) { dns_rdata_t newdsrdata = DNS_RDATA_INIT; dns_rdata_reset(keyrdata); @@ -2386,12 +2360,9 @@ dns_dnssec_matchdskey(dns_name_t *name, dns_rdata_t *dsrdata, } if (dns_rdata_compare(dsrdata, &newdsrdata) == 0) { - break; + return ISC_R_SUCCESS; } } - if (result == ISC_R_NOMORE) { - result = ISC_R_NOTFOUND; - } - return result; + return ISC_R_NOTFOUND; } diff --git a/lib/dns/include/dns/rdataset.h b/lib/dns/include/dns/rdataset.h index 1a0efbf10a..c3c96ce72e 100644 --- a/lib/dns/include/dns/rdataset.h +++ b/lib/dns/include/dns/rdataset.h @@ -221,6 +221,22 @@ struct dns_rdataset { .link = ISC_LINK_INITIALIZER, \ .count = DNS_RDATASET_COUNT_UNDEFINED } +/* clang-format off */ +/* + * This is a hack to build a unique variable name to + * replace 'res' below. (Two layers of macro indirection are + * needed to make the line number be part of the variable + * name; otherwise it would just be "x__LINE__".) + */ +#define DNS__RDATASET_CONNECT(x,y) x##y +#define DNS__RDATASET_CONCAT(x,y) DNS__RDATASET_CONNECT(x,y) +#define DNS_RDATASET_FOREACH_RES(rds, res) \ + for (isc_result_t res = dns_rdataset_first((rds)); \ + res == ISC_R_SUCCESS; res = dns_rdataset_next((rds))) +#define DNS_RDATASET_FOREACH(rds) \ + DNS_RDATASET_FOREACH_RES(rds, DNS__RDATASET_CONCAT(x, __LINE__)) +/* clang-format on */ + /*! * \def DNS_RDATASETATTR_RENDERED * Used by message.c to indicate that the rdataset was rendered. @@ -390,6 +406,9 @@ dns_rdataset_first(dns_rdataset_t *rdataset); * Returns: *\li #ISC_R_SUCCESS *\li #ISC_R_NOMORE There are no rdata in the set. + * + * Ensures: + *\li No other value is returned. */ isc_result_t @@ -403,6 +422,9 @@ dns_rdataset_next(dns_rdataset_t *rdataset); * Returns: *\li #ISC_R_SUCCESS *\li #ISC_R_NOMORE There are no more rdata in the set. + * + * Ensures: + *\li No other value is returned. */ void diff --git a/lib/dns/journal.c b/lib/dns/journal.c index 3e593e6022..e7724ad74c 100644 --- a/lib/dns/journal.c +++ b/lib/dns/journal.c @@ -2143,15 +2143,11 @@ get_name_diff(dns_db_t *db, dns_dbversion_t *ver, isc_stdtime_t now, for (result = dns_rdatasetiter_first(rdsiter); result == ISC_R_SUCCESS; result = dns_rdatasetiter_next(rdsiter)) { - dns_rdataset_t rdataset; + dns_rdataset_t rdataset = DNS_RDATASET_INIT; - dns_rdataset_init(&rdataset); dns_rdatasetiter_current(rdsiter, &rdataset); - for (result = dns_rdataset_first(&rdataset); - result == ISC_R_SUCCESS; - result = dns_rdataset_next(&rdataset)) - { + DNS_RDATASET_FOREACH (&rdataset) { dns_rdata_t rdata = DNS_RDATA_INIT; dns_rdataset_current(&rdataset, &rdata); dns_difftuple_create(diff->mctx, op, name, rdataset.ttl, @@ -2159,9 +2155,6 @@ get_name_diff(dns_db_t *db, dns_dbversion_t *ver, isc_stdtime_t now, dns_diff_append(diff, &tuple); } dns_rdataset_disassociate(&rdataset); - if (result != ISC_R_NOMORE) { - goto cleanup_iterator; - } } if (result != ISC_R_NOMORE) { goto cleanup_iterator; diff --git a/lib/dns/keytable.c b/lib/dns/keytable.c index 48c54fb8ef..15c204f08a 100644 --- a/lib/dns/keytable.c +++ b/lib/dns/keytable.c @@ -609,9 +609,7 @@ keynode_dslist_totext(dns_keynode_t *keynode, isc_buffer_t **text) { dns_name_format(&keynode->name, namebuf, sizeof(namebuf)); - for (result = dns_rdataset_first(&dsset); result == ISC_R_SUCCESS; - result = dns_rdataset_next(&dsset)) - { + DNS_RDATASET_FOREACH (&dsset) { char algbuf[DNS_SECALG_FORMATSIZE]; dns_rdata_t rdata = DNS_RDATA_INIT; dns_rdata_ds_t ds; diff --git a/lib/dns/masterdump.c b/lib/dns/masterdump.c index 0adafb7a1a..2787114f9f 100644 --- a/lib/dns/masterdump.c +++ b/lib/dns/masterdump.c @@ -506,18 +506,15 @@ static isc_result_t ncache_summary(dns_rdataset_t *rdataset, bool omit_final_dot, dns_totext_ctx_t *ctx, isc_buffer_t *target) { isc_result_t result = ISC_R_SUCCESS; - dns_rdataset_t rds; + dns_rdataset_t rds = DNS_RDATASET_INIT; dns_name_t name; char *start = NULL; - dns_rdataset_init(&rds); dns_name_init(&name); do { dns_ncache_current(rdataset, &name, &rds); - for (result = dns_rdataset_first(&rds); result == ISC_R_SUCCESS; - result = dns_rdataset_next(&rds)) - { + DNS_RDATASET_FOREACH (&rds) { if ((ctx->style.flags & DNS_STYLEFLAG_INDENT) != 0 || (ctx->style.flags & DNS_STYLEFLAG_YAML) != 0) { @@ -599,8 +596,6 @@ rdataset_totext(dns_rdataset_t *rdataset, const dns_name_t *owner_name, REQUIRE(DNS_RDATASET_VALID(rdataset)); - result = dns_rdataset_first(rdataset); - current_ttl = ctx->current_ttl; current_ttl_valid = ctx->current_ttl_valid; @@ -610,7 +605,7 @@ rdataset_totext(dns_rdataset_t *rdataset, const dns_name_t *owner_name, dns_rdataset_getownercase(rdataset, name); } - while (result == ISC_R_SUCCESS) { + DNS_RDATASET_FOREACH (rdataset) { column = 0; /* @@ -805,11 +800,6 @@ rdataset_totext(dns_rdataset_t *rdataset, const dns_name_t *owner_name, } first = false; - result = dns_rdataset_next(rdataset); - } - - if (result != ISC_R_NOMORE) { - return result; } /* @@ -1262,7 +1252,7 @@ restart: isc_buffer_copyregion(buffer, &r); totallen += sizeof(dlen) + r.length; - do { + DNS_RDATASET_FOREACH (rdataset) { dns_rdata_t rdata = DNS_RDATA_INIT; dns_rdataset_current(rdataset, &rdata); @@ -1291,13 +1281,7 @@ restart: isc_buffer_putuint16(buffer, dlen); isc_buffer_copyregion(buffer, &r); totallen += sizeof(dlen) + r.length; - - result = dns_rdataset_next(rdataset); - } while (result == ISC_R_SUCCESS); - - if (result != ISC_R_NOMORE) { - return result; - } + }; /* * Fill in the total length field. diff --git a/lib/dns/message.c b/lib/dns/message.c index 4db72ddc28..b387dc11f2 100644 --- a/lib/dns/message.c +++ b/lib/dns/message.c @@ -4967,11 +4967,8 @@ dns_message_clonebuffer(dns_message_t *msg) { static isc_result_t rdataset_soa_min(dns_rdataset_t *rds, dns_ttl_t *ttlp) { - isc_result_t result; /* loop over the rdatas */ - for (result = dns_rdataset_first(rds); result == ISC_R_SUCCESS; - result = dns_rdataset_next(rds)) - { + DNS_RDATASET_FOREACH (rds) { dns_name_t tmp; isc_region_t r = { 0 }; dns_rdata_t rdata = DNS_RDATA_INIT; diff --git a/lib/dns/ncache.c b/lib/dns/ncache.c index 9b319d7d05..f0a82505bc 100644 --- a/lib/dns/ncache.c +++ b/lib/dns/ncache.c @@ -58,10 +58,8 @@ addoptout(dns_message_t *message, dns_db_t *cache, dns_dbnode_t *node, static isc_result_t copy_rdataset(dns_rdataset_t *rdataset, isc_buffer_t *buffer) { - isc_result_t result; unsigned int count; isc_region_t ar, r; - dns_rdata_t rdata = DNS_RDATA_INIT; /* * Copy the rdataset count to the buffer. @@ -74,9 +72,11 @@ copy_rdataset(dns_rdataset_t *rdataset, isc_buffer_t *buffer) { INSIST(count <= 65535); isc_buffer_putuint16(buffer, (uint16_t)count); - result = dns_rdataset_first(rdataset); - while (result == ISC_R_SUCCESS) { + DNS_RDATASET_FOREACH (rdataset) { + isc_result_t result; + dns_rdata_t rdata = DNS_RDATA_INIT; dns_rdataset_current(rdataset, &rdata); + dns_rdata_toregion(&rdata, &r); INSIST(r.length <= 65535); isc_buffer_availableregion(buffer, &ar); @@ -94,11 +94,6 @@ copy_rdataset(dns_rdataset_t *rdataset, isc_buffer_t *buffer) { if (result != ISC_R_SUCCESS) { return result; } - dns_rdata_reset(&rdata); - result = dns_rdataset_next(rdataset); - } - if (result != ISC_R_NOMORE) { - return result; } return ISC_R_SUCCESS; @@ -282,7 +277,6 @@ isc_result_t dns_ncache_towire(dns_rdataset_t *rdataset, dns_compress_t *cctx, isc_buffer_t *target, unsigned int options, unsigned int *countp) { - dns_rdata_t rdata = DNS_RDATA_INIT; isc_result_t result; isc_region_t remaining, tavailable; isc_buffer_t source, savedbuffer, rdlen; @@ -303,9 +297,10 @@ dns_ncache_towire(dns_rdataset_t *rdataset, dns_compress_t *cctx, savedbuffer = *target; count = 0; - result = dns_rdataset_first(rdataset); - while (result == ISC_R_SUCCESS) { + DNS_RDATASET_FOREACH (rdataset) { + dns_rdata_t rdata = DNS_RDATA_INIT; dns_rdataset_current(rdataset, &rdata); + isc_buffer_init(&source, rdata.data, rdata.length); isc_buffer_add(&source, rdata.length); dns_name_init(&name); @@ -391,11 +386,6 @@ dns_ncache_towire(dns_rdataset_t *rdataset, dns_compress_t *cctx, count++; } INSIST(isc_buffer_remaininglength(&source) == 0); - result = dns_rdataset_next(rdataset); - dns_rdata_reset(&rdata); - } - if (result != ISC_R_NOMORE) { - goto rollback; } *countp = count; @@ -507,8 +497,7 @@ static dns_rdatasetmethods_t rdataset_methods = { isc_result_t dns_ncache_getrdataset(dns_rdataset_t *ncacherdataset, dns_name_t *name, dns_rdatatype_t type, dns_rdataset_t *rdataset) { - isc_result_t result; - dns_rdata_t rdata = DNS_RDATA_INIT; + isc_result_t result = ISC_R_NOTFOUND; isc_region_t remaining; isc_buffer_t source; dns_name_t tname; @@ -526,9 +515,10 @@ dns_ncache_getrdataset(dns_rdataset_t *ncacherdataset, dns_name_t *name, dns_rdataset_init(&rclone); dns_rdataset_clone(ncacherdataset, &rclone); - result = dns_rdataset_first(&rclone); - while (result == ISC_R_SUCCESS) { + DNS_RDATASET_FOREACH (&rclone) { + dns_rdata_t rdata = DNS_RDATA_INIT; dns_rdataset_current(&rclone, &rdata); + isc_buffer_init(&source, rdata.data, rdata.length); isc_buffer_add(&source, rdata.length); dns_name_init(&tname); @@ -545,47 +535,41 @@ dns_ncache_getrdataset(dns_rdataset_t *ncacherdataset, dns_name_t *name, trust = atomic_getuint8(&source); INSIST(trust <= dns_trust_ultimate); isc_buffer_remainingregion(&source, &remaining); + result = ISC_R_SUCCESS; break; } - result = dns_rdataset_next(&rclone); - dns_rdata_reset(&rdata); } dns_rdataset_disassociate(&rclone); - if (result == ISC_R_NOMORE) { - return ISC_R_NOTFOUND; - } - if (result != ISC_R_SUCCESS) { - return result; + + if (result == ISC_R_SUCCESS) { + INSIST(remaining.length != 0); + + rdataset->methods = &rdataset_methods; + rdataset->rdclass = ncacherdataset->rdclass; + rdataset->type = type; + rdataset->covers = 0; + rdataset->ttl = ncacherdataset->ttl; + rdataset->trust = trust; + rdataset->ncache.raw = remaining.base; + rdataset->ncache.iter_pos = NULL; + rdataset->ncache.iter_count = 0; } - INSIST(remaining.length != 0); - - rdataset->methods = &rdataset_methods; - rdataset->rdclass = ncacherdataset->rdclass; - rdataset->type = type; - rdataset->covers = 0; - rdataset->ttl = ncacherdataset->ttl; - rdataset->trust = trust; - rdataset->ncache.raw = remaining.base; - rdataset->ncache.iter_pos = NULL; - rdataset->ncache.iter_count = 0; - - return ISC_R_SUCCESS; + return result; } isc_result_t dns_ncache_getsigrdataset(dns_rdataset_t *ncacherdataset, dns_name_t *name, dns_rdatatype_t covers, dns_rdataset_t *rdataset) { + isc_result_t result = ISC_R_NOTFOUND; dns_name_t tname; dns_rdata_rrsig_t rrsig; - dns_rdata_t rdata = DNS_RDATA_INIT; dns_rdataset_t rclone; dns_rdatatype_t type; dns_trust_t trust = dns_trust_none; isc_buffer_t source; isc_region_t remaining, sigregion; - isc_result_t result; - unsigned char *raw; + unsigned char *raw = NULL; unsigned int count; REQUIRE(ncacherdataset != NULL); @@ -596,9 +580,10 @@ dns_ncache_getsigrdataset(dns_rdataset_t *ncacherdataset, dns_name_t *name, dns_rdataset_init(&rclone); dns_rdataset_clone(ncacherdataset, &rclone); - result = dns_rdataset_first(&rclone); - while (result == ISC_R_SUCCESS) { + DNS_RDATASET_FOREACH (&rclone) { + dns_rdata_t rdata = DNS_RDATA_INIT; dns_rdataset_current(&rclone, &rdata); + isc_buffer_init(&source, rdata.data, rdata.length); isc_buffer_add(&source, rdata.length); dns_name_init(&tname); @@ -615,8 +600,6 @@ dns_ncache_getsigrdataset(dns_rdataset_t *ncacherdataset, dns_name_t *name, if (type != dns_rdatatype_rrsig || !dns_name_equal(&tname, name)) { - result = dns_rdataset_next(&rclone); - dns_rdata_reset(&rdata); continue; } @@ -638,33 +621,27 @@ dns_ncache_getsigrdataset(dns_rdataset_t *ncacherdataset, dns_name_t *name, (void)dns_rdata_tostruct(&rdata, &rrsig, NULL); if (rrsig.covered == covers) { isc_buffer_remainingregion(&source, &remaining); + result = ISC_R_SUCCESS; break; } - - result = dns_rdataset_next(&rclone); - dns_rdata_reset(&rdata); } dns_rdataset_disassociate(&rclone); - if (result == ISC_R_NOMORE) { - return ISC_R_NOTFOUND; - } - if (result != ISC_R_SUCCESS) { - return result; + + if (result == ISC_R_SUCCESS) { + INSIST(remaining.length != 0); + + rdataset->methods = &rdataset_methods; + rdataset->rdclass = ncacherdataset->rdclass; + rdataset->type = dns_rdatatype_rrsig; + rdataset->covers = covers; + rdataset->ttl = ncacherdataset->ttl; + rdataset->trust = trust; + rdataset->ncache.raw = remaining.base; + rdataset->ncache.iter_pos = NULL; + rdataset->ncache.iter_count = 0; } - INSIST(remaining.length != 0); - - rdataset->methods = &rdataset_methods; - rdataset->rdclass = ncacherdataset->rdclass; - rdataset->type = dns_rdatatype_rrsig; - rdataset->covers = covers; - rdataset->ttl = ncacherdataset->ttl; - rdataset->trust = trust; - rdataset->ncache.raw = remaining.base; - rdataset->ncache.iter_pos = NULL; - rdataset->ncache.iter_count = 0; - - return ISC_R_SUCCESS; + return result; } void diff --git a/lib/dns/nsec.c b/lib/dns/nsec.c index 5d6215061a..12d85c42dd 100644 --- a/lib/dns/nsec.c +++ b/lib/dns/nsec.c @@ -270,9 +270,8 @@ dns_nsec_nseconly(dns_db_t *db, dns_dbversion_t *version, dns_diff_t *diff, if (result != ISC_R_SUCCESS) { return result; } - for (result = dns_rdataset_first(&rdataset); result == ISC_R_SUCCESS; - result = dns_rdataset_next(&rdataset)) - { + bool matched = false; + DNS_RDATASET_FOREACH (&rdataset) { dns_rdata_t rdata = DNS_RDATA_INIT; dns_rdataset_current(&rdataset, &rdata); @@ -303,19 +302,14 @@ dns_nsec_nseconly(dns_db_t *db, dns_dbversion_t *version, dns_diff_t *diff, } if (!deleted) { + matched = true; break; } } } dns_rdataset_disassociate(&rdataset); - if (result == ISC_R_SUCCESS) { - *answer = true; - } - if (result == ISC_R_NOMORE) { - *answer = false; - result = ISC_R_SUCCESS; - } - return result; + *answer = matched; + return ISC_R_SUCCESS; } /*% @@ -495,19 +489,15 @@ dns_nsec_noexistnodata(dns_rdatatype_t type, const dns_name_t *name, bool dns_nsec_requiredtypespresent(dns_rdataset_t *nsecset) { - dns_rdataset_t rdataset; - isc_result_t result; + dns_rdataset_t rdataset = DNS_RDATASET_INIT; bool found = false; REQUIRE(DNS_RDATASET_VALID(nsecset)); REQUIRE(nsecset->type == dns_rdatatype_nsec); - dns_rdataset_init(&rdataset); dns_rdataset_clone(nsecset, &rdataset); - for (result = dns_rdataset_first(&rdataset); result == ISC_R_SUCCESS; - result = dns_rdataset_next(&rdataset)) - { + DNS_RDATASET_FOREACH (&rdataset) { dns_rdata_t rdata = DNS_RDATA_INIT; dns_rdataset_current(&rdataset, &rdata); if (!dns_nsec_typepresent(&rdata, dns_rdatatype_nsec) || diff --git a/lib/dns/nsec3.c b/lib/dns/nsec3.c index 8791c41605..662c689ef2 100644 --- a/lib/dns/nsec3.c +++ b/lib/dns/nsec3.c @@ -431,9 +431,7 @@ delnsec3(dns_db_t *db, dns_dbversion_t *version, const dns_name_t *name, goto cleanup_node; } - for (result = dns_rdataset_first(&rdataset); result == ISC_R_SUCCESS; - result = dns_rdataset_next(&rdataset)) - { + DNS_RDATASET_FOREACH (&rdataset) { dns_rdata_t rdata = DNS_RDATA_INIT; dns_rdataset_current(&rdataset, &rdata); CHECK(dns_rdata_tostruct(&rdata, &nsec3, NULL)); @@ -449,9 +447,7 @@ delnsec3(dns_db_t *db, dns_dbversion_t *version, const dns_name_t *name, goto failure; } } - if (result != ISC_R_NOMORE) { - goto failure; - } + result = ISC_R_SUCCESS; failure: @@ -464,18 +460,14 @@ cleanup_node: static bool better_param(dns_rdataset_t *nsec3paramset, dns_rdata_t *param) { - dns_rdataset_t rdataset; - isc_result_t result; + dns_rdataset_t rdataset = DNS_RDATASET_INIT; if (REMOVE(param->data[1])) { return true; } - dns_rdataset_init(&rdataset); dns_rdataset_clone(nsec3paramset, &rdataset); - for (result = dns_rdataset_first(&rdataset); result == ISC_R_SUCCESS; - result = dns_rdataset_next(&rdataset)) - { + DNS_RDATASET_FOREACH (&rdataset) { dns_rdata_t rdata = DNS_RDATA_INIT; unsigned char buf[DNS_NSEC3PARAM_BUFFERSIZE]; @@ -514,21 +506,17 @@ better_param(dns_rdataset_t *nsec3paramset, dns_rdata_t *param) { static isc_result_t find_nsec3(dns_rdata_nsec3_t *nsec3, dns_rdataset_t *rdataset, const dns_rdata_nsec3param_t *nsec3param) { - isc_result_t result; - for (result = dns_rdataset_first(rdataset); result == ISC_R_SUCCESS; - result = dns_rdataset_next(rdataset)) - { + DNS_RDATASET_FOREACH (rdataset) { dns_rdata_t rdata = DNS_RDATA_INIT; - dns_rdataset_current(rdataset, &rdata); - CHECK(dns_rdata_tostruct(&rdata, nsec3, NULL)); - dns_rdata_reset(&rdata); + dns_rdata_tostruct(&rdata, nsec3, NULL); + if (match_nsec3param(nsec3, nsec3param)) { - break; + return ISC_R_SUCCESS; } } -failure: - return result; + + return ISC_R_NOTFOUND; } isc_result_t @@ -641,9 +629,6 @@ dns_nsec3_addnsec3(dns_db_t *db, dns_dbversion_t *version, } } else { dns_rdataset_disassociate(&rdataset); - if (result != ISC_R_NOMORE) { - goto failure; - } } } @@ -668,13 +653,10 @@ dns_nsec3_addnsec3(dns_db_t *db, dns_dbversion_t *version, } result = find_nsec3(&nsec3, &rdataset, nsec3param); - if (result == ISC_R_NOMORE) { + if (result == ISC_R_NOTFOUND) { dns_rdataset_disassociate(&rdataset); continue; } - if (result != ISC_R_SUCCESS) { - goto failure; - } if (maybe_remove_unsecure) { dns_rdataset_disassociate(&rdataset); @@ -789,9 +771,6 @@ addnsec3: dns_db_detachnode(db, &newnode); break; } - if (result != ISC_R_NOMORE) { - goto failure; - } } else if (result == ISC_R_NOTFOUND) { /* * If we didn't find an NSEC3 in the node, @@ -826,13 +805,10 @@ addnsec3: continue; } result = find_nsec3(&nsec3, &rdataset, nsec3param); - if (result == ISC_R_NOMORE) { + if (result == ISC_R_NOTFOUND) { dns_rdataset_disassociate(&rdataset); continue; } - if (result != ISC_R_SUCCESS) { - goto failure; - } old_next = nsec3.next; old_length = nsec3.next_length; @@ -944,9 +920,7 @@ dns_nsec3_addnsec3s(dns_db_t *db, dns_dbversion_t *version, /* * Update each active NSEC3 chain. */ - for (result = dns_rdataset_first(&rdataset); result == ISC_R_SUCCESS; - result = dns_rdataset_next(&rdataset)) - { + DNS_RDATASET_FOREACH (&rdataset) { dns_rdata_t rdata = DNS_RDATA_INIT; dns_rdataset_current(&rdataset, &rdata); @@ -961,9 +935,6 @@ dns_nsec3_addnsec3s(dns_db_t *db, dns_dbversion_t *version, CHECK(dns_nsec3_addnsec3(db, version, name, &nsec3param, nsecttl, unsecure, diff)); } - if (result == ISC_R_NOMORE) { - result = ISC_R_SUCCESS; - } failure: if (dns_rdataset_isassociated(&rdataset)) { @@ -1041,22 +1012,17 @@ rr_exists(dns_db_t *db, dns_dbversion_t *ver, const dns_name_t *name, goto failure; } - for (result = dns_rdataset_first(&rdataset); result == ISC_R_SUCCESS; - result = dns_rdataset_next(&rdataset)) - { + bool matched = false; + DNS_RDATASET_FOREACH (&rdataset) { dns_rdata_t myrdata = DNS_RDATA_INIT; dns_rdataset_current(&rdataset, &myrdata); - if (!dns_rdata_casecompare(&myrdata, rdata)) { + if (dns_rdata_casecompare(&myrdata, rdata) == 0) { + matched = true; break; } } dns_rdataset_disassociate(&rdataset); - if (result == ISC_R_SUCCESS) { - *flag = true; - } else if (result == ISC_R_NOMORE) { - *flag = false; - result = ISC_R_SUCCESS; - } + *flag = matched; failure: if (node != NULL) { @@ -1106,7 +1072,6 @@ dns_nsec3param_deletechains(dns_db_t *db, dns_dbversion_t *ver, dns_dbnode_t *node = NULL; dns_difftuple_t *tuple = NULL; dns_name_t next; - dns_rdata_t rdata = DNS_RDATA_INIT; dns_rdataset_t rdataset; bool flag; isc_result_t result = ISC_R_SUCCESS; @@ -1134,9 +1099,8 @@ dns_nsec3param_deletechains(dns_db_t *db, dns_dbversion_t *ver, goto failure; } - for (result = dns_rdataset_first(&rdataset); result == ISC_R_SUCCESS; - result = dns_rdataset_next(&rdataset)) - { + DNS_RDATASET_FOREACH (&rdataset) { + dns_rdata_t rdata = DNS_RDATA_INIT; dns_rdata_t private = DNS_RDATA_INIT; dns_rdataset_current(&rdataset, &rdata); @@ -1155,10 +1119,6 @@ dns_nsec3param_deletechains(dns_db_t *db, dns_dbversion_t *ver, CHECK(do_one_tuple(&tuple, db, ver, diff)); INSIST(tuple == NULL); } - dns_rdata_reset(&rdata); - } - if (result != ISC_R_NOMORE) { - goto failure; } dns_rdataset_disassociate(&rdataset); @@ -1176,10 +1136,8 @@ try_private: goto failure; } - for (result = dns_rdataset_first(&rdataset); result == ISC_R_SUCCESS; - result = dns_rdataset_next(&rdataset)) - { - dns_rdata_reset(&rdata); + DNS_RDATASET_FOREACH (&rdataset) { + dns_rdata_t rdata = DNS_RDATA_INIT; dns_rdataset_current(&rdataset, &rdata); INSIST(rdata.length <= sizeof(buf)); memmove(buf, rdata.data, rdata.length); @@ -1215,9 +1173,7 @@ try_private: INSIST(tuple == NULL); } } - if (result != ISC_R_NOMORE) { - goto failure; - } + success: result = ISC_R_SUCCESS; @@ -1269,9 +1225,7 @@ dns_nsec3_addnsec3sx(dns_db_t *db, dns_dbversion_t *version, /* * Update each active NSEC3 chain. */ - for (result = dns_rdataset_first(&rdataset); result == ISC_R_SUCCESS; - result = dns_rdataset_next(&rdataset)) - { + DNS_RDATASET_FOREACH (&rdataset) { dns_rdata_t rdata = DNS_RDATA_INIT; dns_rdataset_current(&rdataset, &rdata); @@ -1287,9 +1241,6 @@ dns_nsec3_addnsec3sx(dns_db_t *db, dns_dbversion_t *version, CHECK(dns_nsec3_addnsec3(db, version, name, &nsec3param, nsecttl, unsecure, diff)); } - if (result != ISC_R_NOMORE) { - goto failure; - } dns_rdataset_disassociate(&rdataset); @@ -1300,9 +1251,7 @@ try_private: /* * Update each active NSEC3 chain. */ - for (result = dns_rdataset_first(&prdataset); result == ISC_R_SUCCESS; - result = dns_rdataset_next(&prdataset)) - { + DNS_RDATASET_FOREACH (&prdataset) { dns_rdata_t rdata1 = DNS_RDATA_INIT; dns_rdata_t rdata2 = DNS_RDATA_INIT; unsigned char buf[DNS_NSEC3PARAM_BUFFERSIZE]; @@ -1328,10 +1277,9 @@ try_private: CHECK(dns_nsec3_addnsec3(db, version, name, &nsec3param, nsecttl, unsecure, diff)); } - if (result == ISC_R_NOMORE) { - success: - result = ISC_R_SUCCESS; - } + +success: + result = ISC_R_SUCCESS; failure: if (dns_rdataset_isassociated(&rdataset)) { dns_rdataset_disassociate(&rdataset); @@ -1467,12 +1415,9 @@ dns_nsec3_delnsec3(dns_db_t *db, dns_dbversion_t *version, memmove(nexthash, nsec3.next, next_length); } dns_rdataset_disassociate(&rdataset); - if (result == ISC_R_NOMORE) { + if (result == ISC_R_NOTFOUND) { goto success; } - if (result != ISC_R_SUCCESS) { - goto failure; - } /* * Find the previous NSEC3 and update it. @@ -1494,13 +1439,10 @@ dns_nsec3_delnsec3(dns_db_t *db, dns_dbversion_t *version, continue; } result = find_nsec3(&nsec3, &rdataset, nsec3param); - if (result == ISC_R_NOMORE) { + if (result == ISC_R_NOTFOUND) { dns_rdataset_disassociate(&rdataset); continue; } - if (result != ISC_R_SUCCESS) { - goto failure; - } /* * Delete the old previous NSEC3. @@ -1580,12 +1522,9 @@ cleanup_orphaned_ents: memmove(nexthash, nsec3.next, next_length); } dns_rdataset_disassociate(&rdataset); - if (result == ISC_R_NOMORE) { + if (result == ISC_R_NOTFOUND) { goto success; } - if (result != ISC_R_SUCCESS) { - goto failure; - } pass = 0; do { @@ -1604,13 +1543,10 @@ cleanup_orphaned_ents: continue; } result = find_nsec3(&nsec3, &rdataset, nsec3param); - if (result == ISC_R_NOMORE) { + if (result == ISC_R_NOTFOUND) { dns_rdataset_disassociate(&rdataset); continue; } - if (result != ISC_R_SUCCESS) { - goto failure; - } /* * Delete the old previous NSEC3. @@ -1696,9 +1632,7 @@ dns_nsec3_delnsec3sx(dns_db_t *db, dns_dbversion_t *version, /* * Update each active NSEC3 chain. */ - for (result = dns_rdataset_first(&rdataset); result == ISC_R_SUCCESS; - result = dns_rdataset_next(&rdataset)) - { + DNS_RDATASET_FOREACH (&rdataset) { dns_rdata_t rdata = DNS_RDATA_INIT; dns_rdataset_current(&rdataset, &rdata); @@ -1730,9 +1664,7 @@ try_private: /* * Update each NSEC3 chain being built. */ - for (result = dns_rdataset_first(&rdataset); result == ISC_R_SUCCESS; - result = dns_rdataset_next(&rdataset)) - { + DNS_RDATASET_FOREACH (&rdataset) { dns_rdata_t rdata1 = DNS_RDATA_INIT; dns_rdata_t rdata2 = DNS_RDATA_INIT; unsigned char buf[DNS_NSEC3PARAM_BUFFERSIZE]; @@ -1757,11 +1689,9 @@ try_private: */ CHECK(dns_nsec3_delnsec3(db, version, name, &nsec3param, diff)); } - if (result == ISC_R_NOMORE) { - success: - result = ISC_R_SUCCESS; - } +success: + result = ISC_R_SUCCESS; failure: if (dns_rdataset_isassociated(&rdataset)) { dns_rdataset_disassociate(&rdataset); @@ -1808,28 +1738,20 @@ dns_nsec3_activex(dns_db_t *db, dns_dbversion_t *version, bool complete, dns_db_detachnode(db, &node); return result; } - for (result = dns_rdataset_first(&rdataset); result == ISC_R_SUCCESS; - result = dns_rdataset_next(&rdataset)) - { - dns_rdata_t rdata = DNS_RDATA_INIT; + bool found = false; + DNS_RDATASET_FOREACH (&rdataset) { + dns_rdata_t rdata = DNS_RDATA_INIT; dns_rdataset_current(&rdataset, &rdata); - result = dns_rdata_tostruct(&rdata, &nsec3param, NULL); - RUNTIME_CHECK(result == ISC_R_SUCCESS); + dns_rdata_tostruct(&rdata, &nsec3param, NULL); if (nsec3param.flags == 0) { + found = true; break; } } dns_rdataset_disassociate(&rdataset); - if (result == ISC_R_SUCCESS) { - dns_db_detachnode(db, &node); - *answer = true; - return ISC_R_SUCCESS; - } - if (result == ISC_R_NOMORE) { - *answer = false; - } + *answer = found; try_private: if (privatetype == 0 || complete) { @@ -1849,9 +1771,8 @@ try_private: return result; } - for (result = dns_rdataset_first(&rdataset); result == ISC_R_SUCCESS; - result = dns_rdataset_next(&rdataset)) - { + found = false; + DNS_RDATASET_FOREACH (&rdataset) { dns_rdata_t rdata1 = DNS_RDATA_INIT; dns_rdata_t rdata2 = DNS_RDATA_INIT; unsigned char buf[DNS_NSEC3PARAM_BUFFERSIZE]; @@ -1862,22 +1783,15 @@ try_private: { continue; } - result = dns_rdata_tostruct(&rdata2, &nsec3param, NULL); - RUNTIME_CHECK(result == ISC_R_SUCCESS); + dns_rdata_tostruct(&rdata2, &nsec3param, NULL); if (!complete && CREATE(nsec3param.flags)) { + found = true; break; } } dns_rdataset_disassociate(&rdataset); - if (result == ISC_R_SUCCESS) { - *answer = true; - result = ISC_R_SUCCESS; - } - if (result == ISC_R_NOMORE) { - *answer = false; - result = ISC_R_SUCCESS; - } + *answer = found; return result; } diff --git a/lib/dns/private.c b/lib/dns/private.c index b5606f6b85..57f724c82e 100644 --- a/lib/dns/private.c +++ b/lib/dns/private.c @@ -60,11 +60,7 @@ static bool ignore(dns_rdata_t *param, dns_rdataset_t *privateset) { - isc_result_t result; - - for (result = dns_rdataset_first(privateset); result == ISC_R_SUCCESS; - result = dns_rdataset_next(privateset)) - { + DNS_RDATASET_FOREACH (privateset) { unsigned char buf[DNS_NSEC3PARAM_BUFFERSIZE]; dns_rdata_t private = DNS_RDATA_INIT; dns_rdata_t rdata = DNS_RDATA_INIT; @@ -161,10 +157,7 @@ dns_private_chains(dns_db_t *db, dns_dbversion_t *ver, if (!dns_rdataset_isassociated(&privateset)) { goto success; } - for (result = dns_rdataset_first(&privateset); - result == ISC_R_SUCCESS; - result = dns_rdataset_next(&privateset)) - { + DNS_RDATASET_FOREACH (&privateset) { dns_rdata_t private = DNS_RDATA_INIT; dns_rdata_t rdata = DNS_RDATA_INIT; @@ -195,10 +188,7 @@ dns_private_chains(dns_db_t *db, dns_dbversion_t *ver, * If we are in the process of building a new NSEC3 chain * then we don't need to build a NSEC chain. */ - for (result = dns_rdataset_first(&privateset); - result == ISC_R_SUCCESS; - result = dns_rdataset_next(&privateset)) - { + DNS_RDATASET_FOREACH (&privateset) { dns_rdata_t private = DNS_RDATA_INIT; dns_rdata_t rdata = DNS_RDATA_INIT; @@ -218,10 +208,7 @@ dns_private_chains(dns_db_t *db, dns_dbversion_t *ver, * the changes queued complete. */ count = 0; - for (result = dns_rdataset_first(&nsec3paramset); - result == ISC_R_SUCCESS; - result = dns_rdataset_next(&nsec3paramset)) - { + DNS_RDATASET_FOREACH (&nsec3paramset) { dns_rdata_t rdata = DNS_RDATA_INIT; /* @@ -261,9 +248,7 @@ dns_private_chains(dns_db_t *db, dns_dbversion_t *ver, signing = false; nsec3chain = false; - for (result = dns_rdataset_first(&privateset); result == ISC_R_SUCCESS; - result = dns_rdataset_next(&privateset)) - { + DNS_RDATASET_FOREACH (&privateset) { dns_rdata_t rdata = DNS_RDATA_INIT; dns_rdata_t private = DNS_RDATA_INIT; diff --git a/lib/dns/rdataset.c b/lib/dns/rdataset.c index c87acf280e..4eed85c4af 100644 --- a/lib/dns/rdataset.c +++ b/lib/dns/rdataset.c @@ -174,28 +174,24 @@ dns__rdataset_clone(dns_rdataset_t *source, isc_result_t dns_rdataset_first(dns_rdataset_t *rdataset) { - /* - * Move the rdata cursor to the first rdata in the rdataset (if any). - */ - REQUIRE(DNS_RDATASET_VALID(rdataset)); REQUIRE(rdataset->methods != NULL); REQUIRE(rdataset->methods->first != NULL); - return (rdataset->methods->first)(rdataset); + isc_result_t result = rdataset->methods->first(rdataset); + ENSURE(result == ISC_R_SUCCESS || result == ISC_R_NOMORE); + return result; } isc_result_t dns_rdataset_next(dns_rdataset_t *rdataset) { - /* - * Move the rdata cursor to the next rdata in the rdataset (if any). - */ - REQUIRE(DNS_RDATASET_VALID(rdataset)); REQUIRE(rdataset->methods != NULL); REQUIRE(rdataset->methods->next != NULL); - return (rdataset->methods->next)(rdataset); + isc_result_t result = rdataset->methods->next(rdataset); + ENSURE(result == ISC_R_SUCCESS || result == ISC_R_NOMORE); + return result; } void @@ -479,9 +475,6 @@ dns_rdataset_additionaldata(dns_rdataset_t *rdataset, const dns_name_t *owner_name, dns_additionaldatafunc_t add, void *arg, size_t limit) { - dns_rdata_t rdata = DNS_RDATA_INIT; - isc_result_t result; - /* * For each rdata in rdataset, call 'add' for each name and type in the * rdata which is subject to additional section processing. @@ -494,22 +487,14 @@ dns_rdataset_additionaldata(dns_rdataset_t *rdataset, return DNS_R_TOOMANYRECORDS; } - result = dns_rdataset_first(rdataset); - if (result != ISC_R_SUCCESS) { - return result; - } - - do { + DNS_RDATASET_FOREACH (rdataset) { + isc_result_t result; + dns_rdata_t rdata = DNS_RDATA_INIT; dns_rdataset_current(rdataset, &rdata); result = dns_rdata_additionaldata(&rdata, owner_name, add, arg); - if (result == ISC_R_SUCCESS) { - result = dns_rdataset_next(rdataset); + if (result != ISC_R_SUCCESS) { + return result; } - dns_rdata_reset(&rdata); - } while (result == ISC_R_SUCCESS); - - if (result != ISC_R_NOMORE) { - return result; } return ISC_R_SUCCESS; diff --git a/lib/dns/resolver.c b/lib/dns/resolver.c index d580804d08..08f0533fe2 100644 --- a/lib/dns/resolver.c +++ b/lib/dns/resolver.c @@ -3342,7 +3342,6 @@ isstrictsubdomain(const dns_name_t *name1, const dns_name_t *name2) { static isc_result_t fctx_getaddresses(fetchctx_t *fctx) { - dns_rdata_t rdata = DNS_RDATA_INIT; isc_result_t result; dns_resolver_t *res; isc_stdtime_t now; @@ -3526,10 +3525,8 @@ normal_nses: INSIST(ISC_LIST_EMPTY(fctx->finds)); INSIST(ISC_LIST_EMPTY(fctx->altfinds)); - for (result = dns_rdataset_first(&fctx->nameservers); - result == ISC_R_SUCCESS; - result = dns_rdataset_next(&fctx->nameservers)) - { + DNS_RDATASET_FOREACH (&fctx->nameservers) { + dns_rdata_t rdata = DNS_RDATA_INIT; bool overquota = false; unsigned int static_stub = 0; @@ -3564,13 +3561,9 @@ normal_nses: dns_rdata_freestruct(&ns); if (++ns_processed >= NS_PROCESSING_LIMIT) { - result = ISC_R_NOMORE; break; } } - if (result != ISC_R_NOMORE) { - return result; - } /* * Do we need to use 6 to 4? @@ -5087,20 +5080,19 @@ static const unsigned char minimal_typemap[] = { 0, 6, 0, 0, 0, 0, 0, 0x03 }; static bool is_minimal_nsec(dns_rdataset_t *nsecset) { - dns_rdataset_t rdataset; - isc_result_t result; + dns_rdataset_t rdataset = DNS_RDATASET_INIT; - dns_rdataset_init(&rdataset); dns_rdataset_clone(nsecset, &rdataset); - for (result = dns_rdataset_first(&rdataset); result == ISC_R_SUCCESS; - result = dns_rdataset_next(&rdataset)) - { + DNS_RDATASET_FOREACH (&rdataset) { + isc_result_t result; dns_rdata_t rdata = DNS_RDATA_INIT; dns_rdata_nsec_t nsec; + dns_rdataset_current(&rdataset, &rdata); result = dns_rdata_tostruct(&rdata, &nsec, NULL); RUNTIME_CHECK(result == ISC_R_SUCCESS); + if (nsec.len == sizeof(minimal_typemap) && memcmp(nsec.typebits, minimal_typemap, nsec.len) == 0) { @@ -5117,15 +5109,11 @@ is_minimal_nsec(dns_rdataset_t *nsecset) { */ static bool check_soa_and_dnskey(dns_rdataset_t *nsecset) { - dns_rdataset_t rdataset; - isc_result_t result; + dns_rdataset_t rdataset = DNS_RDATASET_INIT; - dns_rdataset_init(&rdataset); dns_rdataset_clone(nsecset, &rdataset); - for (result = dns_rdataset_first(&rdataset); result == ISC_R_SUCCESS; - result = dns_rdataset_next(&rdataset)) - { + DNS_RDATASET_FOREACH (&rdataset) { dns_rdata_t rdata = DNS_RDATA_INIT; dns_rdataset_current(&rdataset, &rdata); if (dns_nsec_typepresent(&rdata, dns_rdatatype_soa) && @@ -5145,15 +5133,11 @@ check_soa_and_dnskey(dns_rdataset_t *nsecset) { */ static bool has_000_label(dns_rdataset_t *nsecset) { - dns_rdataset_t rdataset; - isc_result_t result; + dns_rdataset_t rdataset = DNS_RDATASET_INIT; - dns_rdataset_init(&rdataset); dns_rdataset_clone(nsecset, &rdataset); - for (result = dns_rdataset_first(&rdataset); result == ISC_R_SUCCESS; - result = dns_rdataset_next(&rdataset)) - { + DNS_RDATASET_FOREACH (&rdataset) { dns_rdata_t rdata = DNS_RDATA_INIT; dns_rdataset_current(&rdataset, &rdata); if (rdata.length > 1 && rdata.data[0] == 1 && @@ -5708,11 +5692,11 @@ findnoqname(fetchctx_t *fctx, dns_message_t *message, dns_name_t *name, dns_rdata_rrsig_t rrsig; isc_result_t result; unsigned int labels; - dns_name_t *zonename; + dns_name_t *zonename = NULL; dns_fixedname_t fzonename; - dns_name_t *closest; + dns_name_t *closest = NULL; dns_fixedname_t fclosest; - dns_name_t *nearest; + dns_name_t *nearest = NULL; dns_fixedname_t fnearest; dns_rdatatype_t found = dns_rdatatype_none; dns_name_t *noqname = NULL; @@ -5737,9 +5721,8 @@ findnoqname(fetchctx_t *fctx, dns_message_t *message, dns_name_t *name, labels = dns_name_countlabels(name); - for (result = dns_rdataset_first(sigrdataset); result == ISC_R_SUCCESS; - result = dns_rdataset_next(sigrdataset)) - { + result = ISC_R_NOTFOUND; + DNS_RDATASET_FOREACH (sigrdataset) { dns_rdata_t rdata = DNS_RDATA_INIT; dns_rdataset_current(sigrdataset, &rdata); result = dns_rdata_tostruct(&rdata, &rrsig, NULL); @@ -5748,12 +5731,10 @@ findnoqname(fetchctx_t *fctx, dns_message_t *message, dns_name_t *name, if (rrsig.labels + 1U >= labels) { continue; } + result = ISC_R_SUCCESS; break; } - if (result == ISC_R_NOMORE) { - return ISC_R_NOTFOUND; - } if (result != ISC_R_SUCCESS) { return result; } @@ -6802,9 +6783,7 @@ is_answeraddress_allowed(dns_view_t *view, dns_name_t *name, * address record. If a match is found, the address should be * filtered, so should the entire answer. */ - for (result = dns_rdataset_first(rdataset); result == ISC_R_SUCCESS; - result = dns_rdataset_next(rdataset)) - { + DNS_RDATASET_FOREACH (rdataset) { dns_rdata_reset(&rdata); dns_rdataset_current(rdataset, &rdata); if (rdataset->type == dns_rdatatype_a) { @@ -7150,10 +7129,7 @@ static void checknamessection(dns_message_t *message, dns_section_t section) { MSG_SECTION_FOREACH (message, section, name) { ISC_LIST_FOREACH (name->list, rdataset, link) { - for (isc_result_t result = dns_rdataset_first(rdataset); - result == ISC_R_SUCCESS; - result = dns_rdataset_next(rdataset)) - { + DNS_RDATASET_FOREACH (rdataset) { dns_rdata_t rdata = DNS_RDATA_INIT; dns_rdataset_current(rdataset, &rdata); if (!dns_rdata_checkowner(name, rdata.rdclass, diff --git a/lib/dns/rootns.c b/lib/dns/rootns.c index 84c47fa0fb..d78a000588 100644 --- a/lib/dns/rootns.c +++ b/lib/dns/rootns.c @@ -102,15 +102,14 @@ static struct upcoming { static isc_result_t in_rootns(dns_rdataset_t *rootns, dns_name_t *name) { isc_result_t result; - dns_rdata_t rdata = DNS_RDATA_INIT; dns_rdata_ns_t ns; if (!dns_rdataset_isassociated(rootns)) { return ISC_R_NOTFOUND; } - result = dns_rdataset_first(rootns); - while (result == ISC_R_SUCCESS) { + DNS_RDATASET_FOREACH (rootns) { + dns_rdata_t rdata = DNS_RDATA_INIT; dns_rdataset_current(rootns, &rdata); result = dns_rdata_tostruct(&rdata, &ns, NULL); if (result != ISC_R_SUCCESS) { @@ -119,13 +118,8 @@ in_rootns(dns_rdataset_t *rootns, dns_name_t *name) { if (dns_name_compare(name, &ns.name) == 0) { return ISC_R_SUCCESS; } - result = dns_rdataset_next(rootns); - dns_rdata_reset(&rdata); } - if (result == ISC_R_NOMORE) { - result = ISC_R_NOTFOUND; - } - return result; + return ISC_R_NOTFOUND; } static isc_result_t @@ -339,17 +333,12 @@ report(dns_view_t *view, dns_name_t *name, bool missing, dns_rdata_t *rdata) { static bool inrrset(dns_rdataset_t *rrset, dns_rdata_t *rdata) { - isc_result_t result; - dns_rdata_t current = DNS_RDATA_INIT; - - result = dns_rdataset_first(rrset); - while (result == ISC_R_SUCCESS) { + DNS_RDATASET_FOREACH (rrset) { + dns_rdata_t current = DNS_RDATA_INIT; dns_rdataset_current(rrset, ¤t); if (dns_rdata_compare(rdata, ¤t) == 0) { return true; } - dns_rdata_reset(¤t); - result = dns_rdataset_next(rrset); } return false; } @@ -375,9 +364,8 @@ changing(const dns_name_t *name, dns_rdatatype_t type, isc_stdtime_t now) { static void check_address_records(dns_view_t *view, dns_db_t *hints, dns_db_t *db, dns_name_t *name, isc_stdtime_t now) { - isc_result_t hresult, rresult, result; + isc_result_t hresult, rresult; dns_rdataset_t hintrrset, rootrrset; - dns_rdata_t rdata = DNS_RDATA_INIT; dns_name_t *foundname; dns_fixedname_t fixed; @@ -393,38 +381,32 @@ check_address_records(dns_view_t *view, dns_db_t *hints, dns_db_t *db, if (hresult == ISC_R_SUCCESS && (rresult == ISC_R_SUCCESS || rresult == DNS_R_GLUE)) { - result = dns_rdataset_first(&rootrrset); - while (result == ISC_R_SUCCESS) { - dns_rdata_reset(&rdata); + DNS_RDATASET_FOREACH (&rootrrset) { + dns_rdata_t rdata = DNS_RDATA_INIT; dns_rdataset_current(&rootrrset, &rdata); if (!inrrset(&hintrrset, &rdata) && !changing(name, dns_rdatatype_a, now)) { report(view, name, true, &rdata); } - result = dns_rdataset_next(&rootrrset); } - result = dns_rdataset_first(&hintrrset); - while (result == ISC_R_SUCCESS) { - dns_rdata_reset(&rdata); + DNS_RDATASET_FOREACH (&hintrrset) { + dns_rdata_t rdata = DNS_RDATA_INIT; dns_rdataset_current(&hintrrset, &rdata); if (!inrrset(&rootrrset, &rdata) && !changing(name, dns_rdatatype_a, now)) { report(view, name, false, &rdata); } - result = dns_rdataset_next(&hintrrset); } } if (hresult == ISC_R_NOTFOUND && (rresult == ISC_R_SUCCESS || rresult == DNS_R_GLUE)) { - result = dns_rdataset_first(&rootrrset); - while (result == ISC_R_SUCCESS) { - dns_rdata_reset(&rdata); + DNS_RDATASET_FOREACH (&rootrrset) { + dns_rdata_t rdata = DNS_RDATA_INIT; dns_rdataset_current(&rootrrset, &rdata); report(view, name, true, &rdata); - result = dns_rdataset_next(&rootrrset); } } if (dns_rdataset_isassociated(&rootrrset)) { @@ -445,41 +427,32 @@ check_address_records(dns_view_t *view, dns_db_t *hints, dns_db_t *db, if (hresult == ISC_R_SUCCESS && (rresult == ISC_R_SUCCESS || rresult == DNS_R_GLUE)) { - result = dns_rdataset_first(&rootrrset); - while (result == ISC_R_SUCCESS) { - dns_rdata_reset(&rdata); + DNS_RDATASET_FOREACH (&rootrrset) { + dns_rdata_t rdata = DNS_RDATA_INIT; dns_rdataset_current(&rootrrset, &rdata); if (!inrrset(&hintrrset, &rdata) && !changing(name, dns_rdatatype_aaaa, now)) { report(view, name, true, &rdata); } - dns_rdata_reset(&rdata); - result = dns_rdataset_next(&rootrrset); } - result = dns_rdataset_first(&hintrrset); - while (result == ISC_R_SUCCESS) { - dns_rdata_reset(&rdata); + DNS_RDATASET_FOREACH (&hintrrset) { + dns_rdata_t rdata = DNS_RDATA_INIT; dns_rdataset_current(&hintrrset, &rdata); if (!inrrset(&rootrrset, &rdata) && !changing(name, dns_rdatatype_aaaa, now)) { report(view, name, false, &rdata); } - dns_rdata_reset(&rdata); - result = dns_rdataset_next(&hintrrset); } } if (hresult == ISC_R_NOTFOUND && (rresult == ISC_R_SUCCESS || rresult == DNS_R_GLUE)) { - result = dns_rdataset_first(&rootrrset); - while (result == ISC_R_SUCCESS) { - dns_rdata_reset(&rdata); + DNS_RDATASET_FOREACH (&rootrrset) { + dns_rdata_t rdata = DNS_RDATA_INIT; dns_rdataset_current(&rootrrset, &rdata); report(view, name, true, &rdata); - dns_rdata_reset(&rdata); - result = dns_rdataset_next(&rootrrset); } } if (dns_rdataset_isassociated(&rootrrset)) { @@ -493,7 +466,6 @@ check_address_records(dns_view_t *view, dns_db_t *hints, dns_db_t *db, void dns_root_checkhints(dns_view_t *view, dns_db_t *hints, dns_db_t *db) { isc_result_t result; - dns_rdata_t rdata = DNS_RDATA_INIT; dns_rdata_ns_t ns; dns_rdataset_t hintns, rootns; const char *viewname = "", *sep = ""; @@ -541,8 +513,8 @@ dns_root_checkhints(dns_view_t *view, dns_db_t *hints, dns_db_t *db) { /* * Look for missing root NS names. */ - result = dns_rdataset_first(&rootns); - while (result == ISC_R_SUCCESS) { + DNS_RDATASET_FOREACH (&rootns) { + dns_rdata_t rdata = DNS_RDATA_INIT; dns_rdataset_current(&rootns, &rdata); result = dns_rdata_tostruct(&rdata, &ns, NULL); RUNTIME_CHECK(result == ISC_R_SUCCESS); @@ -559,18 +531,13 @@ dns_root_checkhints(dns_view_t *view, dns_db_t *hints, dns_db_t *db) { } else { check_address_records(view, hints, db, &ns.name, now); } - dns_rdata_reset(&rdata); - result = dns_rdataset_next(&rootns); - } - if (result != ISC_R_NOMORE) { - goto cleanup; } /* * Look for extra root NS names. */ - result = dns_rdataset_first(&hintns); - while (result == ISC_R_SUCCESS) { + DNS_RDATASET_FOREACH (&hintns) { + dns_rdata_t rdata = DNS_RDATA_INIT; dns_rdataset_current(&hintns, &rdata); result = dns_rdata_tostruct(&rdata, &ns, NULL); RUNTIME_CHECK(result == ISC_R_SUCCESS); @@ -584,11 +551,6 @@ dns_root_checkhints(dns_view_t *view, dns_db_t *hints, dns_db_t *db) { "checkhints%s%s: extra NS '%s' in hints", sep, viewname, namebuf); } - dns_rdata_reset(&rdata); - result = dns_rdataset_next(&hintns); - } - if (result != ISC_R_NOMORE) { - goto cleanup; } cleanup: diff --git a/lib/dns/update.c b/lib/dns/update.c index f538c4ed13..fa27e222f9 100644 --- a/lib/dns/update.c +++ b/lib/dns/update.c @@ -316,9 +316,7 @@ static isc_result_t foreach_node_rr_action(void *data, dns_rdataset_t *rdataset) { isc_result_t result; foreach_node_rr_ctx_t *ctx = data; - for (result = dns_rdataset_first(rdataset); result == ISC_R_SUCCESS; - result = dns_rdataset_next(rdataset)) - { + DNS_RDATASET_FOREACH (rdataset) { rr_t rr = { 0, DNS_RDATA_INIT }; dns_rdataset_current(rdataset, &rr.rdata); @@ -328,9 +326,7 @@ foreach_node_rr_action(void *data, dns_rdataset_t *rdataset) { return result; } } - if (result != ISC_R_NOMORE) { - return result; - } + return ISC_R_SUCCESS; } @@ -456,9 +452,7 @@ foreach_rr(dns_db_t *db, dns_dbversion_t *ver, dns_name_t *name, goto cleanup_node; } - for (result = dns_rdataset_first(&rdataset); result == ISC_R_SUCCESS; - result = dns_rdataset_next(&rdataset)) - { + DNS_RDATASET_FOREACH (&rdataset) { rr_t rr = { 0, DNS_RDATA_INIT }; dns_rdataset_current(&rdataset, &rr.rdata); rr.ttl = rdataset.ttl; @@ -467,9 +461,7 @@ foreach_rr(dns_db_t *db, dns_dbversion_t *ver, dns_name_t *name, goto cleanup_rdataset; } } - if (result != ISC_R_NOMORE) { - goto cleanup_rdataset; - } + result = ISC_R_SUCCESS; cleanup_rdataset: @@ -1291,7 +1283,6 @@ del_keysigs(dns_db_t *db, dns_dbversion_t *ver, dns_name_t *name, isc_result_t result; dns_dbnode_t *node = NULL; dns_rdataset_t rdataset; - dns_rdata_t rdata = DNS_RDATA_INIT; unsigned int i; dns_rdata_rrsig_t rrsig; bool found; @@ -1317,9 +1308,8 @@ del_keysigs(dns_db_t *db, dns_dbversion_t *ver, dns_name_t *name, goto failure; } - for (result = dns_rdataset_first(&rdataset); result == ISC_R_SUCCESS; - result = dns_rdataset_next(&rdataset)) - { + DNS_RDATASET_FOREACH (&rdataset) { + dns_rdata_t rdata = DNS_RDATA_INIT; dns_rdataset_current(&rdataset, &rdata); result = dns_rdata_tostruct(&rdata, &rrsig, NULL); RUNTIME_CHECK(result == ISC_R_SUCCESS); @@ -1356,9 +1346,7 @@ del_keysigs(dns_db_t *db, dns_dbversion_t *ver, dns_name_t *name, } } dns_rdataset_disassociate(&rdataset); - if (result == ISC_R_NOMORE) { - result = ISC_R_SUCCESS; - } + failure: if (node != NULL) { dns_db_detachnode(db, &node); diff --git a/lib/dns/validator.c b/lib/dns/validator.c index db29f30b76..f2c8fb11be 100644 --- a/lib/dns/validator.c +++ b/lib/dns/validator.c @@ -259,7 +259,6 @@ isdelegation(dns_name_t *name, dns_rdataset_t *rdataset, dns_label_t hashlabel; dns_name_t nsec3name; dns_rdata_nsec3_t nsec3; - dns_rdata_t rdata = DNS_RDATA_INIT; dns_rdataset_t set; int order; int scope; @@ -291,9 +290,9 @@ isdelegation(dns_name_t *name, dns_rdataset_t *rdataset, found = false; result = dns_rdataset_first(&set); if (result == ISC_R_SUCCESS) { + dns_rdata_t rdata = DNS_RDATA_INIT; dns_rdataset_current(&set, &rdata); found = dns_nsec_typepresent(&rdata, dns_rdatatype_ns); - dns_rdata_reset(&rdata); } dns_rdataset_disassociate(&set); return found; @@ -307,9 +306,7 @@ trynsec3: dns_fixedname_init(&fixed); dns_name_downcase(name, dns_fixedname_name(&fixed)); name = dns_fixedname_name(&fixed); - for (result = dns_rdataset_first(rdataset); result == ISC_R_SUCCESS; - result = dns_rdataset_next(rdataset)) - { + DNS_RDATASET_FOREACH (rdataset) { dns_ncache_current(rdataset, &nsec3name, &set); if (set.type != dns_rdatatype_nsec3) { dns_rdataset_disassociate(&set); @@ -323,10 +320,8 @@ trynsec3: dns_rdataset_disassociate(&set); continue; } - for (result = dns_rdataset_first(&set); result == ISC_R_SUCCESS; - result = dns_rdataset_next(&set)) - { - dns_rdata_reset(&rdata); + DNS_RDATASET_FOREACH (&set) { + dns_rdata_t rdata = DNS_RDATA_INIT; dns_rdataset_current(&set, &rdata); (void)dns_rdata_tostruct(&rdata, &nsec3, NULL); if (nsec3.hash != 1) { @@ -1290,28 +1285,21 @@ selfsigned_dnskey(dns_validator_t *val) { return DNS_R_NOKEYMATCH; } - for (result = dns_rdataset_first(rdataset); result == ISC_R_SUCCESS; - result = dns_rdataset_next(rdataset)) - { + DNS_RDATASET_FOREACH (rdataset) { dns_rdata_t keyrdata = DNS_RDATA_INIT; - dns_rdata_t sigrdata = DNS_RDATA_INIT; dns_rdata_dnskey_t key; dns_rdata_rrsig_t sig; dns_keytag_t keytag; - dns_rdata_reset(&keyrdata); dns_rdataset_current(rdataset, &keyrdata); result = dns_rdata_tostruct(&keyrdata, &key, NULL); RUNTIME_CHECK(result == ISC_R_SUCCESS); keytag = compute_keytag(&keyrdata); - for (result = dns_rdataset_first(sigrdataset); - result == ISC_R_SUCCESS; - result = dns_rdataset_next(sigrdataset)) - { + DNS_RDATASET_FOREACH (sigrdataset) { + dns_rdata_t sigrdata = DNS_RDATA_INIT; dst_key_t *dstkey = NULL; - dns_rdata_reset(&sigrdata); dns_rdataset_current(sigrdataset, &sigrdata); result = dns_rdata_tostruct(&sigrdata, &sig, NULL); RUNTIME_CHECK(result == ISC_R_SUCCESS); @@ -1848,12 +1836,9 @@ check_signer(dns_validator_t *val, dns_rdata_t *keyrdata, uint16_t keyid, dns_secalg_t algorithm) { dns_rdata_rrsig_t sig; dst_key_t *dstkey = NULL; - isc_result_t result; + isc_result_t result = ISC_R_NOMORE; - for (result = dns_rdataset_first(val->sigrdataset); - result == ISC_R_SUCCESS; - result = dns_rdataset_next(val->sigrdataset)) - { + DNS_RDATASET_FOREACH (val->sigrdataset) { dns_rdata_t rdata = DNS_RDATA_INIT; dns_rdataset_current(val->sigrdataset, &rdata); @@ -2215,11 +2200,8 @@ validate_dnskey(void *arg) { * DNS_DSDIGEST_SHA256 or DNS_DSDIGEST_SHA384 is present. */ val->digest_sha1 = true; - dns_rdata_t dsrdata = DNS_RDATA_INIT; - for (result = dns_rdataset_first(val->dsset); result == ISC_R_SUCCESS; - result = dns_rdataset_next(val->dsset)) - { - dns_rdata_reset(&dsrdata); + DNS_RDATASET_FOREACH (val->dsset) { + dns_rdata_t dsrdata = DNS_RDATA_INIT; dns_rdataset_current(val->dsset, &dsrdata); result = dns_rdata_tostruct(&dsrdata, &ds, NULL); RUNTIME_CHECK(result == ISC_R_SUCCESS); @@ -2922,14 +2904,13 @@ validate_nx(dns_validator_t *val, bool resume) { static bool check_ds_algs(dns_validator_t *val, dns_name_t *name, dns_rdataset_t *rdataset) { - dns_rdata_t dsrdata = DNS_RDATA_INIT; dns_rdata_ds_t ds; - isc_result_t result; - for (result = dns_rdataset_first(rdataset); result == ISC_R_SUCCESS; - result = dns_rdataset_next(rdataset)) - { + DNS_RDATASET_FOREACH (rdataset) { + isc_result_t result; + dns_rdata_t dsrdata = DNS_RDATA_INIT; dns_rdataset_current(rdataset, &dsrdata); + result = dns_rdata_tostruct(&dsrdata, &ds, NULL); RUNTIME_CHECK(result == ISC_R_SUCCESS); @@ -2938,10 +2919,8 @@ check_ds_algs(dns_validator_t *val, dns_name_t *name, dns_resolver_algorithm_supported(val->view->resolver, name, ds.algorithm)) { - dns_rdata_reset(&dsrdata); return true; } - dns_rdata_reset(&dsrdata); } /* diff --git a/lib/dns/view.c b/lib/dns/view.c index 718edab631..80542d6c46 100644 --- a/lib/dns/view.c +++ b/lib/dns/view.c @@ -1649,15 +1649,13 @@ dns_view_istrusted(dns_view_t *view, const dns_name_t *keyname, goto finish; } - result = dns_rdataset_first(&dsset); - while (result == ISC_R_SUCCESS) { + DNS_RDATASET_FOREACH (&dsset) { dns_rdata_t this = DNS_RDATA_INIT; dns_rdataset_current(&dsset, &this); if (dns_rdata_compare(&rdata, &this) == 0) { answer = true; break; } - result = dns_rdataset_next(&dsset); } } } diff --git a/lib/dns/xfrin.c b/lib/dns/xfrin.c index ca0f3d23ce..15e4be753b 100644 --- a/lib/dns/xfrin.c +++ b/lib/dns/xfrin.c @@ -1974,10 +1974,7 @@ xfrin_recv_done(isc_result_t result, isc_region_t *region, void *arg) { LIBDNS_XFRIN_RECV_ANSWER(xfr, xfr->info, msg); ISC_LIST_FOREACH (name->list, rds, link) { - for (isc_result_t iter = dns_rdataset_first(rds); - iter == ISC_R_SUCCESS; - iter = dns_rdataset_next(rds)) - { + DNS_RDATASET_FOREACH (rds) { dns_rdata_t rdata = DNS_RDATA_INIT; dns_rdataset_current(rds, &rdata); CHECK(xfr_rr(xfr, name, rds->ttl, &rdata)); @@ -1997,7 +1994,6 @@ xfrin_recv_done(isc_result_t result, isc_region_t *region, void *arg) { } } } - CHECK(result); if (dns_message_gettsig(msg, &tsigowner) != NULL) { /* diff --git a/lib/dns/zone.c b/lib/dns/zone.c index 99d71b70a4..f8f533843e 100644 --- a/lib/dns/zone.c +++ b/lib/dns/zone.c @@ -3085,7 +3085,6 @@ static bool zone_rrset_check_dup(dns_zone_t *zone, dns_name_t *owner, dns_rdataset_t *rdataset) { dns_rdataset_t tmprdataset; - isc_result_t result; bool answer = true; bool format = true; int level = ISC_LOG_WARNING; @@ -3098,19 +3097,14 @@ zone_rrset_check_dup(dns_zone_t *zone, dns_name_t *owner, } dns_rdataset_init(&tmprdataset); - for (result = dns_rdataset_first(rdataset); result == ISC_R_SUCCESS; - result = dns_rdataset_next(rdataset)) - { + DNS_RDATASET_FOREACH (rdataset) { dns_rdata_t rdata1 = DNS_RDATA_INIT; unsigned int count2 = 0; count1++; dns_rdataset_current(rdataset, &rdata1); dns_rdataset_clone(rdataset, &tmprdataset); - for (result = dns_rdataset_first(&tmprdataset); - result == ISC_R_SUCCESS; - result = dns_rdataset_next(&tmprdataset)) - { + DNS_RDATASET_FOREACH (&tmprdataset) { dns_rdata_t rdata2 = DNS_RDATA_INIT; count2++; if (count1 >= count2) { @@ -3279,7 +3273,6 @@ integrity_checks(dns_zone_t *zone, dns_db_t *db) { dns_rdata_mx_t mx; dns_rdata_ns_t ns; dns_rdata_in_srv_t srv; - dns_rdata_t rdata; dns_name_t *name; dns_name_t *bottom; isc_result_t result; @@ -3292,7 +3285,6 @@ integrity_checks(dns_zone_t *zone, dns_db_t *db) { name = dns_fixedname_initname(&fixed); bottom = dns_fixedname_initname(&fixedbottom); dns_rdataset_init(&rdataset); - dns_rdata_init(&rdata); result = dns_db_createiterator(db, 0, &dbiterator); if (result != ISC_R_SUCCESS) { @@ -3335,9 +3327,10 @@ integrity_checks(dns_zone_t *zone, dns_db_t *db) { */ dns_name_copy(name, bottom); - result = dns_rdataset_first(&rdataset); - while (result == ISC_R_SUCCESS) { + DNS_RDATASET_FOREACH (&rdataset) { + dns_rdata_t rdata = DNS_RDATA_INIT; dns_rdataset_current(&rdataset, &rdata); + result = dns_rdata_tostruct(&rdata, &ns, NULL); RUNTIME_CHECK(result == ISC_R_SUCCESS); if (!zone_check_glue(zone, db, &has_a, &has_aaaa, @@ -3345,8 +3338,6 @@ integrity_checks(dns_zone_t *zone, dns_db_t *db) { { ok = false; } - dns_rdata_reset(&rdata); - result = dns_rdataset_next(&rdataset); } dns_rdataset_disassociate(&rdataset); goto next; @@ -3386,16 +3377,15 @@ integrity_checks(dns_zone_t *zone, dns_db_t *db) { if (result != ISC_R_SUCCESS) { goto checksrv; } - result = dns_rdataset_first(&rdataset); - while (result == ISC_R_SUCCESS) { + DNS_RDATASET_FOREACH (&rdataset) { + dns_rdata_t rdata = DNS_RDATA_INIT; dns_rdataset_current(&rdataset, &rdata); + result = dns_rdata_tostruct(&rdata, &mx, NULL); RUNTIME_CHECK(result == ISC_R_SUCCESS); if (!zone_check_mx(zone, db, &mx.mx, name)) { ok = false; } - dns_rdata_reset(&rdata); - result = dns_rdataset_next(&rdataset); } dns_rdataset_disassociate(&rdataset); @@ -3408,16 +3398,15 @@ integrity_checks(dns_zone_t *zone, dns_db_t *db) { if (result != ISC_R_SUCCESS) { goto checkforaaaa; } - result = dns_rdataset_first(&rdataset); - while (result == ISC_R_SUCCESS) { + DNS_RDATASET_FOREACH (&rdataset) { + dns_rdata_t rdata = DNS_RDATA_INIT; dns_rdataset_current(&rdataset, &rdata); + result = dns_rdata_tostruct(&rdata, &srv, NULL); RUNTIME_CHECK(result == ISC_R_SUCCESS); if (!zone_check_srv(zone, db, &srv.target, name)) { ok = false; } - dns_rdata_reset(&rdata); - result = dns_rdataset_next(&rdataset); } dns_rdataset_disassociate(&rdataset); @@ -3466,15 +3455,14 @@ integrity_checks(dns_zone_t *zone, dns_db_t *db) { if (result != ISC_R_SUCCESS) { goto notxt; } - result = dns_rdataset_first(&rdataset); - while (result == ISC_R_SUCCESS) { + DNS_RDATASET_FOREACH (&rdataset) { + dns_rdata_t rdata = DNS_RDATA_INIT; dns_rdataset_current(&rdataset, &rdata); + have_txt = isspf(&rdata); - dns_rdata_reset(&rdata); if (have_txt) { break; } - result = dns_rdataset_next(&rdataset); } dns_rdataset_disassociate(&rdataset); @@ -3503,19 +3491,19 @@ integrity_checks(dns_zone_t *zone, dns_db_t *db) { } goto cleanup; } - result = dns_rdataset_first(&rdataset); - while (result == ISC_R_SUCCESS) { + + DNS_RDATASET_FOREACH (&rdataset) { + dns_rdata_t rdata = DNS_RDATA_INIT; dns_rdataset_current(&rdataset, &rdata); + result = dns_rdata_tostruct(&rdata, &ns, NULL); RUNTIME_CHECK(result == ISC_R_SUCCESS); - dns_rdata_reset(&rdata); if (zone_is_served_by(zone, db, dns_rdatatype_a, &ns.name)) { has_a = true; break; } - result = dns_rdataset_next(&rdataset); } dns_rdataset_disassociate(&rdataset); if (!has_a) { @@ -3535,19 +3523,19 @@ integrity_checks(dns_zone_t *zone, dns_db_t *db) { } goto cleanup; } - result = dns_rdataset_first(&rdataset); - while (result == ISC_R_SUCCESS) { + + DNS_RDATASET_FOREACH (&rdataset) { + dns_rdata_t rdata = DNS_RDATA_INIT; dns_rdataset_current(&rdataset, &rdata); + result = dns_rdata_tostruct(&rdata, &ns, NULL); RUNTIME_CHECK(result == ISC_R_SUCCESS); - dns_rdata_reset(&rdata); if (zone_is_served_by(zone, db, dns_rdatatype_aaaa, &ns.name)) { has_aaaa = true; break; } - result = dns_rdataset_next(&rdataset); } dns_rdataset_disassociate(&rdataset); if (!has_aaaa) { @@ -3576,7 +3564,6 @@ zone_check_dnskeys(dns_zone_t *zone, dns_db_t *db) { dns_dbnode_t *node = NULL; dns_dbversion_t *version = NULL; dns_rdata_dnskey_t dnskey; - dns_rdata_t rdata = DNS_RDATA_INIT; dns_rdataset_t rdataset; isc_result_t result; @@ -3593,9 +3580,8 @@ zone_check_dnskeys(dns_zone_t *zone, dns_db_t *db) { goto cleanup; } - for (result = dns_rdataset_first(&rdataset); result == ISC_R_SUCCESS; - result = dns_rdataset_next(&rdataset)) - { + DNS_RDATASET_FOREACH (&rdataset) { + dns_rdata_t rdata = DNS_RDATA_INIT; dns_rdataset_current(&rdataset, &rdata); result = dns_rdata_tostruct(&rdata, &dnskey, NULL); INSIST(result == ISC_R_SUCCESS); @@ -3637,7 +3623,6 @@ zone_check_dnskeys(dns_zone_t *zone, dns_db_t *db) { algorithm, dnskey.algorithm, dst_region_computeid(&r)); } - dns_rdata_reset(&rdata); } dns_rdataset_disassociate(&rdataset); @@ -3654,7 +3639,6 @@ static void resume_signingwithkey(dns_zone_t *zone) { dns_dbnode_t *node = NULL; dns_dbversion_t *version = NULL; - dns_rdata_t rdata = DNS_RDATA_INIT; dns_rdataset_t rdataset; isc_result_t result; dns_db_t *db = NULL; @@ -3682,14 +3666,12 @@ resume_signingwithkey(dns_zone_t *zone) { goto cleanup; } - for (result = dns_rdataset_first(&rdataset); result == ISC_R_SUCCESS; - result = dns_rdataset_next(&rdataset)) - { + DNS_RDATASET_FOREACH (&rdataset) { + dns_rdata_t rdata = DNS_RDATA_INIT; dns_rdataset_current(&rdataset, &rdata); if (rdata.length != 5 || rdata.data[0] == 0 || rdata.data[4] != 0) { - dns_rdata_reset(&rdata); continue; } @@ -3701,7 +3683,6 @@ resume_signingwithkey(dns_zone_t *zone) { "zone_signwithkey failed: %s", isc_result_totext(result)); } - dns_rdata_reset(&rdata); } dns_rdataset_disassociate(&rdataset); @@ -3956,9 +3937,7 @@ resume_addnsec3chain(dns_zone_t *zone) { goto cleanup; } - for (result = dns_rdataset_first(&rdataset); result == ISC_R_SUCCESS; - result = dns_rdataset_next(&rdataset)) - { + DNS_RDATASET_FOREACH (&rdataset) { unsigned char buf[DNS_NSEC3PARAM_BUFFERSIZE]; dns_rdata_t rdata = DNS_RDATA_INIT; dns_rdata_t private = DNS_RDATA_INIT; @@ -4092,9 +4071,7 @@ check_nsec3param(dns_zone_t *zone, dns_db_t *db) { goto cleanup; } - for (result = dns_rdataset_first(&rdataset); result == ISC_R_SUCCESS; - result = dns_rdataset_next(&rdataset)) - { + DNS_RDATASET_FOREACH (&rdataset) { dns_rdata_t rdata = DNS_RDATA_INIT; dns_rdataset_current(&rdataset, &rdata); @@ -4145,9 +4122,6 @@ check_nsec3param(dns_zone_t *zone, dns_db_t *db) { dns_nsec3_maxiterations()); } } - if (result == ISC_R_NOMORE) { - result = ISC_R_SUCCESS; - } if (!ok) { result = DNS_R_BADZONE; @@ -4263,13 +4237,10 @@ failure: static isc_result_t delete_keydata(dns_db_t *db, dns_dbversion_t *ver, dns_diff_t *diff, dns_name_t *name, dns_rdataset_t *rdataset) { - dns_rdata_t rdata = DNS_RDATA_INIT; - isc_result_t result, uresult; + isc_result_t uresult; - for (result = dns_rdataset_first(rdataset); result == ISC_R_SUCCESS; - result = dns_rdataset_next(rdataset)) - { - dns_rdata_reset(&rdata); + DNS_RDATASET_FOREACH (rdataset) { + dns_rdata_t rdata = DNS_RDATA_INIT; dns_rdataset_current(rdataset, &rdata); uresult = update_one_rr(db, ver, diff, DNS_DIFFOP_DEL, name, 0, &rdata); @@ -4277,10 +4248,8 @@ delete_keydata(dns_db_t *db, dns_dbversion_t *ver, dns_diff_t *diff, return uresult; } } - if (result == ISC_R_NOMORE) { - result = ISC_R_SUCCESS; - } - return result; + + return ISC_R_SUCCESS; } /* @@ -4384,7 +4353,6 @@ fail_secure(dns_zone_t *zone, dns_name_t *keyname) { static void load_secroots(dns_zone_t *zone, dns_name_t *name, dns_rdataset_t *rdataset) { isc_result_t result; - dns_rdata_t rdata = DNS_RDATA_INIT; dns_rdata_keydata_t keydata; dns_rdata_dnskey_t dnskey; int trusted = 0, revoked = 0, pending = 0; @@ -4398,10 +4366,8 @@ load_secroots(dns_zone_t *zone, dns_name_t *name, dns_rdataset_t *rdataset) { } /* Now insert all the accepted trust anchors from this keydata set. */ - for (result = dns_rdataset_first(rdataset); result == ISC_R_SUCCESS; - result = dns_rdataset_next(rdataset)) - { - dns_rdata_reset(&rdata); + DNS_RDATASET_FOREACH (rdataset) { + dns_rdata_t rdata = DNS_RDATA_INIT; dns_rdataset_current(rdataset, &rdata); /* Convert rdata to keydata. */ @@ -4725,7 +4691,6 @@ sync_keyzone(dns_zone_t *zone, dns_db_t *db) { result = dns_rriterator_nextrrset(&rrit)) { dns_rdataset_t *rdataset = NULL; - dns_rdata_t rdata = DNS_RDATA_INIT; dns_rdata_keydata_t keydata; isc_stdtime_t now = isc_stdtime_now(); bool load = true; @@ -4747,13 +4712,10 @@ sync_keyzone(dns_zone_t *zone, dns_db_t *db) { * legitimate data, in which case we will not use it, and we * will try to refresh it. */ - for (result = dns_rdataset_first(rdataset); - result == ISC_R_SUCCESS; - result = dns_rdataset_next(rdataset)) - { + DNS_RDATASET_FOREACH (rdataset) { isc_result_t iresult; + dns_rdata_t rdata = DNS_RDATA_INIT; - dns_rdata_reset(&rdata); dns_rdataset_current(rdataset, &rdata); iresult = dns_rdata_tostruct(&rdata, &keydata, NULL); @@ -5653,7 +5615,6 @@ zone_count_ns_rr(dns_zone_t *zone, dns_db_t *db, dns_dbnode_t *node, unsigned int count = 0; unsigned int ecount = 0; dns_rdataset_t rdataset; - dns_rdata_t rdata; dns_rdata_ns_t ns; dns_rdataset_init(&rdataset); @@ -5668,15 +5629,15 @@ zone_count_ns_rr(dns_zone_t *zone, dns_db_t *db, dns_dbnode_t *node, goto invalidate_rdataset; } - result = dns_rdataset_first(&rdataset); - while (result == ISC_R_SUCCESS) { + DNS_RDATASET_FOREACH (&rdataset) { if (errors != NULL && zone->rdclass == dns_rdataclass_in && (zone->type == dns_zone_primary || zone->type == dns_zone_secondary || zone->type == dns_zone_mirror)) { - dns_rdata_init(&rdata); + dns_rdata_t rdata = DNS_RDATA_INIT; dns_rdataset_current(&rdataset, &rdata); + result = dns_rdata_tostruct(&rdata, &ns, NULL); RUNTIME_CHECK(result == ISC_R_SUCCESS); if (dns_name_issubdomain(&ns.name, &zone->origin) && @@ -5686,7 +5647,6 @@ zone_count_ns_rr(dns_zone_t *zone, dns_db_t *db, dns_dbnode_t *node, } } count++; - result = dns_rdataset_next(&rdataset); } dns_rdataset_disassociate(&rdataset); @@ -5726,7 +5686,6 @@ zone_load_soa_rr(dns_db_t *db, dns_dbnode_t *node, dns_dbversion_t *version, isc_result_t result; unsigned int count = 0; dns_rdataset_t rdataset; - dns_rdata_t rdata = DNS_RDATA_INIT; dns_rdataset_init(&rdataset); result = dns_db_findrdataset(db, node, version, dns_rdatatype_soa, @@ -5741,10 +5700,10 @@ zone_load_soa_rr(dns_db_t *db, dns_dbnode_t *node, dns_dbversion_t *version, goto invalidate_rdataset; } - result = dns_rdataset_first(&rdataset); - while (result == ISC_R_SUCCESS) { - dns_rdata_init(&rdata); + DNS_RDATASET_FOREACH (&rdataset) { + dns_rdata_t rdata = DNS_RDATA_INIT; dns_rdataset_current(&rdataset, &rdata); + count++; if (count == 1) { dns_rdata_soa_t soa; @@ -5753,9 +5712,6 @@ zone_load_soa_rr(dns_db_t *db, dns_dbnode_t *node, dns_dbversion_t *version, soa.retry, soa.expire, soa.minimum); RUNTIME_CHECK(result == ISC_R_SUCCESS); } - - result = dns_rdataset_next(&rdataset); - dns_rdata_reset(&rdata); } dns_rdataset_disassociate(&rdataset); @@ -6869,9 +6825,7 @@ del_sigs(dns_zone_t *zone, dns_db_t *db, dns_dbversion_t *ver, dns_name_t *name, goto failure; } - for (result = dns_rdataset_first(&rdataset); result == ISC_R_SUCCESS; - result = dns_rdataset_next(&rdataset)) - { + DNS_RDATASET_FOREACH (&rdataset) { dns_rdata_t rdata = DNS_RDATA_INIT; dns_rdataset_current(&rdataset, &rdata); @@ -7005,9 +6959,6 @@ del_sigs(dns_zone_t *zone, dns_db_t *db, dns_dbversion_t *ver, dns_name_t *name, } dns_rdataset_disassociate(&rdataset); - if (result == ISC_R_NOMORE) { - result = ISC_R_SUCCESS; - } if (timewarn > 0) { isc_stdtime_t stdwarn = (isc_stdtime_t)timewarn; if (timewarn == stdwarn) { @@ -7542,7 +7493,6 @@ signed_with_good_key(dns_zone_t *zone, dns_db_t *db, dns_dbnode_t *node, dst_key_t *key) { isc_result_t result; dns_rdataset_t rdataset; - dns_rdata_t rdata = DNS_RDATA_INIT; dns_rdata_rrsig_t rrsig; int count = 0; dns_kasp_t *kasp = zone->kasp; @@ -7554,9 +7504,8 @@ signed_with_good_key(dns_zone_t *zone, dns_db_t *db, dns_dbnode_t *node, INSIST(!dns_rdataset_isassociated(&rdataset)); return false; } - for (result = dns_rdataset_first(&rdataset); result == ISC_R_SUCCESS; - result = dns_rdataset_next(&rdataset)) - { + DNS_RDATASET_FOREACH (&rdataset) { + dns_rdata_t rdata = DNS_RDATA_INIT; dns_rdataset_current(&rdataset, &rdata); result = dns_rdata_tostruct(&rdata, &rrsig, NULL); INSIST(result == ISC_R_SUCCESS); @@ -7569,7 +7518,6 @@ signed_with_good_key(dns_zone_t *zone, dns_db_t *db, dns_dbnode_t *node, if (rrsig.algorithm == dst_key_alg(key)) { count++; } - dns_rdata_reset(&rdata); } if (zone->kasp != NULL) { @@ -7894,8 +7842,6 @@ updatesignwithkey(dns_zone_t *zone, dns_signing_t *signing, isc_result_t result; dns_dbnode_t *node = NULL; dns_rdataset_t rdataset; - dns_rdata_t rdata = DNS_RDATA_INIT; - unsigned char data[5]; bool seen_done = false; bool have_rr = false; @@ -7917,9 +7863,8 @@ updatesignwithkey(dns_zone_t *zone, dns_signing_t *signing, INSIST(!dns_rdataset_isassociated(&rdataset)); goto failure; } - for (result = dns_rdataset_first(&rdataset); result == ISC_R_SUCCESS; - result = dns_rdataset_next(&rdataset)) - { + DNS_RDATASET_FOREACH (&rdataset) { + dns_rdata_t rdata = DNS_RDATA_INIT; dns_rdataset_current(&rdataset, &rdata); /* * If we don't match the algorithm or keyid skip the record. @@ -7951,26 +7896,28 @@ updatesignwithkey(dns_zone_t *zone, dns_signing_t *signing, DNS_DIFFOP_DEL, &zone->origin, rdataset.ttl, &rdata)); } - dns_rdata_reset(&rdata); - } - if (result == ISC_R_NOMORE) { - result = ISC_R_SUCCESS; } + if (!signing->deleteit && !seen_done) { /* * If we were signing then we need to indicate that we have * finished signing the zone with this key. If it is already * there we don't need to add it a second time. */ - data[0] = signing->algorithm; - data[1] = (signing->keyid >> 8) & 0xff; - data[2] = signing->keyid & 0xff; - data[3] = 0; - data[4] = 1; - rdata.length = sizeof(data); - rdata.data = data; - rdata.type = zone->privatetype; - rdata.rdclass = dns_db_class(signing->db); + unsigned char data[5] = { + signing->algorithm, + (signing->keyid >> 8) & 0xff, + signing->keyid & 0xff, + 0, + 1, + }; + dns_rdata_t rdata = (dns_rdata_t){ + .length = sizeof(data), + .data = data, + .type = zone->privatetype, + .rdclass = dns_db_class(signing->db), + .link = ISC_LINK_INITIALIZER, + }; CHECK(update_one_rr(signing->db, version, diff, DNS_DIFFOP_ADD, &zone->origin, rdataset.ttl, &rdata)); } else if (!have_rr) { @@ -8067,9 +8014,7 @@ fixup_nsec3param(dns_db_t *db, dns_dbversion_t *ver, dns_nsec3chain_t *chain, /* * Delete all NSEC3PARAM records which match that in nsec3chain. */ - for (result = dns_rdataset_first(&rdataset); result == ISC_R_SUCCESS; - result = dns_rdataset_next(&rdataset)) - { + DNS_RDATASET_FOREACH (&rdataset) { dns_rdataset_current(&rdataset, &rdata); CHECK(dns_rdata_tostruct(&rdata, &nsec3param, NULL)); @@ -8098,18 +8043,12 @@ fixup_nsec3param(dns_db_t *db, dns_dbversion_t *ver, dns_nsec3chain_t *chain, rdataset.ttl, &rdata)); dns_rdata_reset(&rdata); } - if (result != ISC_R_NOMORE) { - goto failure; - } /* * Restore any NSEC3PARAM records that we deleted to change the TTL. */ if (rdataset.ttl != ttl) { - for (result = dns_rdataset_first(&rdataset); - result == ISC_R_SUCCESS; - result = dns_rdataset_next(&rdataset)) - { + DNS_RDATASET_FOREACH (&rdataset) { dns_rdataset_current(&rdataset, &rdata); CHECK(dns_rdata_tostruct(&rdata, &nsec3param, NULL)); @@ -8153,9 +8092,7 @@ try_private: goto failure; } - for (result = dns_rdataset_first(&rdataset); result == ISC_R_SUCCESS; - result = dns_rdataset_next(&rdataset)) - { + DNS_RDATASET_FOREACH (&rdataset) { dns_rdata_t private = DNS_RDATA_INIT; unsigned char buf[DNS_NSEC3PARAM_BUFFERSIZE]; @@ -8166,6 +8103,7 @@ try_private: continue; } CHECK(dns_rdata_tostruct(&rdata, &nsec3param, NULL)); + dns_rdata_reset(&rdata); if ((!nsec3ok && (nsec3param.flags & DNS_NSEC3FLAG_INITIAL) != 0) || @@ -8175,16 +8113,11 @@ try_private: memcmp(nsec3param.salt, chain->nsec3param.salt, nsec3param.salt_length)) { - dns_rdata_reset(&rdata); continue; } CHECK(update_one_rr(db, ver, diff, DNS_DIFFOP_DEL, name, rdataset.ttl, &private)); - dns_rdata_reset(&rdata); - } - if (result != ISC_R_NOMORE) { - goto failure; } add: @@ -8231,18 +8164,15 @@ delete_nsec(dns_db_t *db, dns_dbversion_t *ver, dns_dbnode_t *node, if (result != ISC_R_SUCCESS) { return result; } - for (result = dns_rdataset_first(&rdataset); result == ISC_R_SUCCESS; - result = dns_rdataset_next(&rdataset)) - { + + DNS_RDATASET_FOREACH (&rdataset) { dns_rdata_t rdata = DNS_RDATA_INIT; dns_rdataset_current(&rdataset, &rdata); CHECK(update_one_rr(db, ver, diff, DNS_DIFFOP_DEL, name, rdataset.ttl, &rdata)); } - if (result == ISC_R_NOMORE) { - result = ISC_R_SUCCESS; - } + failure: dns_rdataset_disassociate(&rdataset); return result; @@ -8266,9 +8196,7 @@ deletematchingnsec3(dns_db_t *db, dns_dbversion_t *ver, dns_dbnode_t *node, return result; } - for (result = dns_rdataset_first(&rdataset); result == ISC_R_SUCCESS; - result = dns_rdataset_next(&rdataset)) - { + DNS_RDATASET_FOREACH (&rdataset) { dns_rdata_t rdata = DNS_RDATA_INIT; dns_rdataset_current(&rdataset, &rdata); @@ -8283,9 +8211,7 @@ deletematchingnsec3(dns_db_t *db, dns_dbversion_t *ver, dns_dbnode_t *node, CHECK(update_one_rr(db, ver, diff, DNS_DIFFOP_DEL, name, rdataset.ttl, &rdata)); } - if (result == ISC_R_NOMORE) { - result = ISC_R_SUCCESS; - } + failure: dns_rdataset_disassociate(&rdataset); return result; @@ -8295,7 +8221,6 @@ static isc_result_t need_nsec_chain(dns_db_t *db, dns_dbversion_t *ver, const dns_rdata_nsec3param_t *param, bool *answer) { dns_dbnode_t *node = NULL; - dns_rdata_t rdata = DNS_RDATA_INIT; dns_rdata_nsec3param_t myparam; dns_rdataset_t rdataset; isc_result_t result; @@ -8331,12 +8256,12 @@ need_nsec_chain(dns_db_t *db, dns_dbversion_t *ver, return result; } - for (result = dns_rdataset_first(&rdataset); result == ISC_R_SUCCESS; - result = dns_rdataset_next(&rdataset)) - { + bool active = false; + DNS_RDATASET_FOREACH (&rdataset) { + dns_rdata_t rdata = DNS_RDATA_INIT; dns_rdataset_current(&rdataset, &rdata); CHECK(dns_rdata_tostruct(&rdata, &myparam, NULL)); - dns_rdata_reset(&rdata); + /* * Ignore any NSEC3PARAM removals. */ @@ -8353,15 +8278,15 @@ need_nsec_chain(dns_db_t *db, dns_dbversion_t *ver, { continue; } + /* * Found an active NSEC3 chain. */ + active = true; break; } - if (result == ISC_R_NOMORE) { - *answer = true; - result = ISC_R_SUCCESS; - } + + *answer = !active; failure: if (dns_rdataset_isassociated(&rdataset)) { @@ -9356,19 +9281,13 @@ del_sig(dns_db_t *db, dns_dbversion_t *version, dns_name_t *name, bool has_alg = false; dns_rdatasetiter_current(iterator, &rdataset); if (nkeys == 0 && rdataset.type == dns_rdatatype_nsec) { - for (result = dns_rdataset_first(&rdataset); - result == ISC_R_SUCCESS; - result = dns_rdataset_next(&rdataset)) - { + DNS_RDATASET_FOREACH (&rdataset) { dns_rdata_t rdata = DNS_RDATA_INIT; dns_rdataset_current(&rdataset, &rdata); CHECK(update_one_rr(db, version, diff, DNS_DIFFOP_DEL, name, rdataset.ttl, &rdata)); } - if (result != ISC_R_NOMORE) { - goto failure; - } dns_rdataset_disassociate(&rdataset); continue; } @@ -9376,10 +9295,7 @@ del_sig(dns_db_t *db, dns_dbversion_t *version, dns_name_t *name, dns_rdataset_disassociate(&rdataset); continue; } - for (result = dns_rdataset_first(&rdataset); - result == ISC_R_SUCCESS; - result = dns_rdataset_next(&rdataset)) - { + DNS_RDATASET_FOREACH (&rdataset) { dns_rdata_t rdata = DNS_RDATA_INIT; dns_rdataset_current(&rdataset, &rdata); CHECK(dns_rdata_tostruct(&rdata, &rrsig, NULL)); @@ -9396,9 +9312,6 @@ del_sig(dns_db_t *db, dns_dbversion_t *version, dns_name_t *name, rdataset.ttl, &rdata)); } dns_rdataset_disassociate(&rdataset); - if (result != ISC_R_NOMORE) { - break; - } /* * After deleting, if there's still a signature for @@ -10126,23 +10039,20 @@ normalize_key(dns_rdata_t *rr, dns_rdata_t *target, unsigned char *data, static bool matchkey(dns_rdataset_t *rdset, dns_rdata_t *rr) { - unsigned char data1[4096], data2[4096]; - dns_rdata_t rdata, rdata1, rdata2; + unsigned char data1[4096]; + dns_rdata_t rdata1 = DNS_RDATA_INIT; isc_result_t result; - dns_rdata_init(&rdata); - dns_rdata_init(&rdata1); - dns_rdata_init(&rdata2); - result = normalize_key(rr, &rdata1, data1, sizeof(data1)); if (result != ISC_R_SUCCESS) { return false; } - for (result = dns_rdataset_first(rdset); result == ISC_R_SUCCESS; - result = dns_rdataset_next(rdset)) - { - dns_rdata_reset(&rdata); + DNS_RDATASET_FOREACH (rdset) { + unsigned char data2[4096]; + dns_rdata_t rdata = DNS_RDATA_INIT; + dns_rdata_t rdata2 = DNS_RDATA_INIT; + dns_rdataset_current(rdset, &rdata); result = normalize_key(&rdata, &rdata2, data2, sizeof(data2)); if (result != ISC_R_SUCCESS) { @@ -10240,7 +10150,6 @@ minimal_update(dns_keyfetch_t *kfetch, dns_dbversion_t *ver, dns_diff_t *diff) { isc_result_t result; isc_buffer_t keyb; unsigned char key_buf[4096]; - dns_rdata_t rdata = DNS_RDATA_INIT; dns_rdata_keydata_t keydata; dns_name_t *name; dns_zone_t *zone = kfetch->zone; @@ -10248,11 +10157,8 @@ minimal_update(dns_keyfetch_t *kfetch, dns_dbversion_t *ver, dns_diff_t *diff) { name = dns_fixedname_name(&kfetch->name); - for (result = dns_rdataset_first(&kfetch->keydataset); - result == ISC_R_SUCCESS; - result = dns_rdataset_next(&kfetch->keydataset)) - { - dns_rdata_reset(&rdata); + DNS_RDATASET_FOREACH (&kfetch->keydataset) { + dns_rdata_t rdata = DNS_RDATA_INIT; dns_rdataset_current(&kfetch->keydataset, &rdata); /* Delete old version */ @@ -10293,7 +10199,6 @@ revocable(dns_keyfetch_t *kfetch, dns_rdata_keydata_t *keydata) { isc_result_t result; dns_name_t *keyname; isc_mem_t *mctx; - dns_rdata_t sigrr = DNS_RDATA_INIT; dns_rdata_t rr = DNS_RDATA_INIT; dns_rdata_rrsig_t sig; dns_rdata_dnskey_t dnskey; @@ -10319,14 +10224,11 @@ revocable(dns_keyfetch_t *kfetch, dns_rdata_keydata_t *keydata) { } /* See if that key generated any of the signatures */ - for (result = dns_rdataset_first(&kfetch->dnskeysigset); - result == ISC_R_SUCCESS; - result = dns_rdataset_next(&kfetch->dnskeysigset)) - { + DNS_RDATASET_FOREACH (&kfetch->dnskeysigset) { + dns_rdata_t sigrr = DNS_RDATA_INIT; dns_fixedname_t fixed; dns_fixedname_init(&fixed); - dns_rdata_reset(&sigrr); dns_rdataset_current(&kfetch->dnskeysigset, &sigrr); result = dns_rdata_tostruct(&sigrr, &sig, NULL); RUNTIME_CHECK(result == ISC_R_SUCCESS); @@ -10371,8 +10273,6 @@ keyfetch_done(void *arg) { bool alldone = false; bool commit = false; dns_name_t *keyname = NULL; - dns_rdata_t sigrr = DNS_RDATA_INIT; - dns_rdata_t dnskeyrr = DNS_RDATA_INIT; dns_rdata_t keydatarr = DNS_RDATA_INIT; dns_rdata_rrsig_t sig; dns_rdata_dnskey_t dnskey; @@ -10476,30 +10376,21 @@ keyfetch_done(void *arg) { */ dns_rdataset_init(&dsset); if (dns_keynode_dsset(keynode, &dsset)) { - for (result = dns_rdataset_first(dnskeysigs); - result == ISC_R_SUCCESS; - result = dns_rdataset_next(dnskeysigs)) - { - isc_result_t tresult; + DNS_RDATASET_FOREACH (dnskeysigs) { + isc_result_t tresult = ISC_R_NOTFOUND; dns_rdata_t keyrdata = DNS_RDATA_INIT; + dns_rdata_t sigrr = DNS_RDATA_INIT; - dns_rdata_reset(&sigrr); dns_rdataset_current(dnskeysigs, &sigrr); - result = dns_rdata_tostruct(&sigrr, &sig, NULL); - RUNTIME_CHECK(result == ISC_R_SUCCESS); + dns_rdata_tostruct(&sigrr, &sig, NULL); - for (tresult = dns_rdataset_first(&dsset); - tresult == ISC_R_SUCCESS; - tresult = dns_rdataset_next(&dsset)) - { + DNS_RDATASET_FOREACH (&dsset) { dns_rdata_t dsrdata = DNS_RDATA_INIT; dns_rdata_ds_t ds; dns_rdata_reset(&dsrdata); dns_rdataset_current(&dsset, &dsrdata); - tresult = dns_rdata_tostruct(&dsrdata, &ds, - NULL); - RUNTIME_CHECK(tresult == ISC_R_SUCCESS); + dns_rdata_tostruct(&dsrdata, &ds, NULL); if (ds.key_tag != sig.keyid || ds.algorithm != sig.algorithm) @@ -10507,14 +10398,14 @@ keyfetch_done(void *arg) { continue; } - result = dns_dnssec_matchdskey( + tresult = dns_dnssec_matchdskey( keyname, &dsrdata, dnskeys, &keyrdata); - if (result == ISC_R_SUCCESS) { + if (tresult == ISC_R_SUCCESS) { break; } } - if (tresult == ISC_R_NOMORE) { + if (tresult == ISC_R_NOTFOUND) { continue; } @@ -10576,9 +10467,7 @@ anchors_done: * updated */ initializing = true; - for (result = dns_rdataset_first(keydataset); result == ISC_R_SUCCESS; - result = dns_rdataset_next(keydataset)) - { + DNS_RDATASET_FOREACH (keydataset) { dns_keytag_t keytag; dns_rdata_reset(&keydatarr); @@ -10694,9 +10583,8 @@ anchors_done: * - All keys not being removed have their refresh * timers updated */ - for (result = dns_rdataset_first(dnskeys); result == ISC_R_SUCCESS; - result = dns_rdataset_next(dnskeys)) - { + DNS_RDATASET_FOREACH (dnskeys) { + dns_rdata_t dnskeyrr = DNS_RDATA_INIT; bool revoked = false; bool newkey = false; bool updatekey = false; @@ -10704,7 +10592,6 @@ anchors_done: bool trustkey = false; dns_keytag_t keytag; - dns_rdata_reset(&dnskeyrr); dns_rdataset_current(dnskeys, &dnskeyrr); result = dns_rdata_tostruct(&dnskeyrr, &dnskey, NULL); RUNTIME_CHECK(result == ISC_R_SUCCESS); @@ -11117,7 +11004,6 @@ zone_refreshkeys(dns_zone_t *zone) { dns_db_t *db = NULL; dns_dbversion_t *ver = NULL; dns_diff_t diff; - dns_rdata_t rdata = DNS_RDATA_INIT; dns_rdata_keydata_t kd; isc_stdtime_t now = isc_stdtime_now(); bool commit = false; @@ -11164,10 +11050,8 @@ zone_refreshkeys(dns_zone_t *zone) { * Scan the stored keys looking for ones that need * removal or refreshing */ - for (result = dns_rdataset_first(kdset); - result == ISC_R_SUCCESS; result = dns_rdataset_next(kdset)) - { - dns_rdata_reset(&rdata); + DNS_RDATASET_FOREACH (kdset) { + dns_rdata_t rdata = DNS_RDATA_INIT; dns_rdataset_current(kdset, &rdata); result = dns_rdata_tostruct(&rdata, &kd, NULL); RUNTIME_CHECK(result == ISC_R_SUCCESS); @@ -12906,8 +12790,8 @@ zone_notify(dns_zone_t *zone, isc_time_t *now) { dns_name_t primary; dns_rdata_ns_t ns; dns_rdata_soa_t soa; + dns_rdata_t soardata = DNS_RDATA_INIT; uint32_t serial; - dns_rdata_t rdata = DNS_RDATA_INIT; dns_rdataset_t nsrdset; dns_rdataset_t soardset; isc_result_t result; @@ -12988,10 +12872,9 @@ zone_notify(dns_zone_t *zone, isc_time_t *now) { if (result != ISC_R_SUCCESS) { goto cleanup3; } - dns_rdataset_current(&soardset, &rdata); - result = dns_rdata_tostruct(&rdata, &soa, NULL); + dns_rdataset_current(&soardset, &soardata); + result = dns_rdata_tostruct(&soardata, &soa, NULL); RUNTIME_CHECK(result == ISC_R_SUCCESS); - dns_rdata_reset(&rdata); dns_name_dup(&soa.origin, zone->mctx, &primary); serial = soa.serial; dns_rdataset_disassociate(&soardset); @@ -13113,14 +12996,15 @@ zone_notify(dns_zone_t *zone, isc_time_t *now) { goto cleanup3; } - result = dns_rdataset_first(&nsrdset); - while (result == ISC_R_SUCCESS) { + DNS_RDATASET_FOREACH (&nsrdset) { + dns_rdata_t rdata = DNS_RDATA_INIT; + dns_rdataset_current(&nsrdset, &rdata); + dns_notify_t *notify = NULL; - dns_rdataset_current(&nsrdset, &rdata); result = dns_rdata_tostruct(&rdata, &ns, NULL); RUNTIME_CHECK(result == ISC_R_SUCCESS); - dns_rdata_reset(&rdata); + /* * Don't notify the primary server unless explicitly * configured to do so. @@ -13128,7 +13012,6 @@ zone_notify(dns_zone_t *zone, isc_time_t *now) { if (!DNS_ZONE_OPTION(zone, DNS_ZONEOPT_NOTIFYTOSOA) && dns_name_compare(&primary, &ns.name) == 0) { - result = dns_rdataset_next(&nsrdset); continue; } @@ -13143,7 +13026,6 @@ zone_notify(dns_zone_t *zone, isc_time_t *now) { NULL); UNLOCK_ZONE(zone); if (isqueued) { - result = dns_rdataset_next(&nsrdset); continue; } result = notify_create(zone->mctx, flags, ¬ify); @@ -13156,7 +13038,6 @@ zone_notify(dns_zone_t *zone, isc_time_t *now) { ISC_LIST_APPEND(zone->notifies, notify, link); UNLOCK_ZONE(zone); notify_find_address(notify); - result = dns_rdataset_next(&nsrdset); } dns_rdataset_disassociate(&nsrdset); @@ -13570,7 +13451,6 @@ save_nsrrset(dns_message_t *message, dns_name_t *name, dns_dbnode_t *node = NULL; dns_rdata_ns_t ns; isc_result_t result; - dns_rdata_t rdata = DNS_RDATA_INIT; bool has_glue = false; /* @@ -13605,13 +13485,11 @@ save_nsrrset(dns_message_t *message, dns_name_t *name, /* * Add glue rdatasets. */ - for (result = dns_rdataset_first(nsrdataset); result == ISC_R_SUCCESS; - result = dns_rdataset_next(nsrdataset)) - { + DNS_RDATASET_FOREACH (nsrdataset) { + dns_rdata_t rdata = DNS_RDATA_INIT; dns_rdataset_current(nsrdataset, &rdata); result = dns_rdata_tostruct(&rdata, &ns, NULL); RUNTIME_CHECK(result == ISC_R_SUCCESS); - dns_rdata_reset(&rdata); if (!dns_name_issubdomain(&ns.name, name)) { continue; @@ -13669,10 +13547,6 @@ save_nsrrset(dns_message_t *message, dns_name_t *name, } } - if (result != ISC_R_NOMORE) { - goto done; - } - /* * If no glue records were found, we attempt to resolve A/AAAA * for each NS entry found in the answer. @@ -17293,9 +17167,7 @@ save_nsec3param(dns_zone_t *zone, nsec3paramlist_t *nsec3list) { * is why we use an nsec3list, even though we will usually only * have one). */ - for (result = dns_rdataset_first(&rdataset); result == ISC_R_SUCCESS; - result = dns_rdataset_next(&rdataset)) - { + DNS_RDATASET_FOREACH (&rdataset) { dns_rdata_t rdata = DNS_RDATA_INIT; dns_rdata_t private = DNS_RDATA_INIT; @@ -17329,9 +17201,7 @@ getprivate: * using dns_nsec3param_fromprivate(), do the right thing based on * CREATE and REMOVE flags */ - for (result = dns_rdataset_first(&prdataset); result == ISC_R_SUCCESS; - result = dns_rdataset_next(&prdataset)) - { + DNS_RDATASET_FOREACH (&prdataset) { dns_rdata_t rdata = DNS_RDATA_INIT; dns_rdata_t private = DNS_RDATA_INIT; @@ -17387,7 +17257,7 @@ getprivate: } done: - if (result == ISC_R_NOMORE || result == ISC_R_NOTFOUND) { + if (result == ISC_R_NOTFOUND) { result = ISC_R_SUCCESS; } @@ -20459,22 +20329,17 @@ rr_exists(dns_db_t *db, dns_dbversion_t *ver, dns_name_t *name, goto failure; } - for (result = dns_rdataset_first(&rdataset); result == ISC_R_SUCCESS; - result = dns_rdataset_next(&rdataset)) - { + bool matched = false; + DNS_RDATASET_FOREACH (&rdataset) { dns_rdata_t myrdata = DNS_RDATA_INIT; dns_rdataset_current(&rdataset, &myrdata); - if (!dns_rdata_compare(&myrdata, rdata)) { + if (dns_rdata_compare(&myrdata, rdata) == 0) { + matched = true; break; } } dns_rdataset_disassociate(&rdataset); - if (result == ISC_R_SUCCESS) { - *flag = true; - } else if (result == ISC_R_NOMORE) { - *flag = false; - result = ISC_R_SUCCESS; - } + *flag = matched; failure: if (node != NULL) { @@ -20771,22 +20636,17 @@ failure: */ static bool signed_with_alg(dns_rdataset_t *rdataset, dns_secalg_t alg) { - dns_rdata_t rdata = DNS_RDATA_INIT; - dns_rdata_rrsig_t rrsig; - isc_result_t result; - REQUIRE(rdataset == NULL || rdataset->type == dns_rdatatype_rrsig); if (rdataset == NULL || !dns_rdataset_isassociated(rdataset)) { return false; } - for (result = dns_rdataset_first(rdataset); result == ISC_R_SUCCESS; - result = dns_rdataset_next(rdataset)) - { + DNS_RDATASET_FOREACH (rdataset) { + dns_rdata_t rdata = DNS_RDATA_INIT; + dns_rdata_rrsig_t rrsig; + dns_rdataset_current(rdataset, &rdata); - result = dns_rdata_tostruct(&rdata, &rrsig, NULL); - RUNTIME_CHECK(result == ISC_R_SUCCESS); - dns_rdata_reset(&rdata); + dns_rdata_tostruct(&rdata, &rrsig, NULL); if (rrsig.algorithm == alg) { return true; } @@ -21087,7 +20947,6 @@ checkds_done(void *arg) { bool checkdspub = false, checkdsdel = false, ksk = false; dst_key_state_t ds_state = DST_KEY_STATE_NA; isc_stdtime_t published = 0, withdrawn = 0; - isc_result_t ret = ISC_R_SUCCESS; /* Is this key have the KSK role? */ (void)dst_key_role(key->key, &ksk, NULL); @@ -21116,8 +20975,7 @@ checkds_done(void *arg) { } /* Find the appropriate DS record. */ - ret = dns_rdataset_first(ds_rrset); - while (ret == ISC_R_SUCCESS) { + DNS_RDATASET_FOREACH (ds_rrset) { dns_rdata_ds_t ds; dns_rdata_t dnskey = DNS_RDATA_INIT; dns_rdata_t dsrdata = DNS_RDATA_INIT; @@ -21129,21 +20987,21 @@ checkds_done(void *arg) { dns_rdataset_current(ds_rrset, &rdata); r = dns_rdata_tostruct(&rdata, &ds, NULL); if (r != ISC_R_SUCCESS) { - goto nextds; + continue; } /* Check key tag and algorithm. */ if (dst_key_id(key->key) != ds.key_tag) { - goto nextds; + continue; } if (dst_key_alg(key->key) != ds.algorithm) { - goto nextds; + continue; } /* Derive DS from DNSKEY, see if the rdata is equal. */ make_dnskey(key->key, keybuf, sizeof(keybuf), &dnskey); r = dns_ds_buildrdata(&zone->origin, &dnskey, ds.digest_type, dsbuf, &dsrdata); if (r != ISC_R_SUCCESS) { - goto nextds; + continue; } if (dns_rdata_compare(&rdata, &dsrdata) == 0) { found = true; @@ -21156,9 +21014,6 @@ checkds_done(void *arg) { } } } - - nextds: - ret = dns_rdataset_next(ds_rrset); } dswithdrawn: @@ -21696,7 +21551,7 @@ checkds_send(dns_zone_t *zone) { static void nsfetch_done(void *arg) { dns_fetchresponse_t *resp = (dns_fetchresponse_t *)arg; - isc_result_t result, eresult; + isc_result_t result = ISC_R_NOMORE, eresult; dns_nsfetch_t *nsfetch = NULL; dns_zone_t *zone = NULL; isc_mem_t *mctx = NULL; @@ -21787,9 +21642,7 @@ nsfetch_done(void *arg) { UNLOCK_ZONE(zone); /* Look up the addresses for the found parental name servers. */ - for (result = dns_rdataset_first(nsrrset); result == ISC_R_SUCCESS; - result = dns_rdataset_next(nsrrset)) - { + DNS_RDATASET_FOREACH (nsrrset) { dns_checkds_t *checkds = NULL; dns_rdata_t rdata = DNS_RDATA_INIT; dns_rdata_ns_t ns; @@ -21831,9 +21684,6 @@ nsfetch_done(void *arg) { checkds_find_address(checkds); } - if (result == ISC_R_NOMORE) { - result = ISC_R_SUCCESS; - } LOCK_ZONE(zone); @@ -22057,17 +21907,13 @@ zone_checkds(dns_zone_t *zone) { #endif /* ifdef ENABLE_AFL */ } -static isc_result_t +static void update_ttl(dns_rdataset_t *rdataset, dns_name_t *name, dns_ttl_t ttl, dns_diff_t *diff) { - isc_result_t result; - /* * Delete everything using the existing TTL. */ - for (result = dns_rdataset_first(rdataset); result == ISC_R_SUCCESS; - result = dns_rdataset_next(rdataset)) - { + DNS_RDATASET_FOREACH (rdataset) { dns_difftuple_t *tuple = NULL; dns_rdata_t rdata = DNS_RDATA_INIT; @@ -22076,16 +21922,11 @@ update_ttl(dns_rdataset_t *rdataset, dns_name_t *name, dns_ttl_t ttl, rdataset->ttl, &rdata, &tuple); dns_diff_appendminimal(diff, &tuple); } - if (result != ISC_R_NOMORE) { - return result; - } /* * Add everything using the new TTL. */ - for (result = dns_rdataset_first(rdataset); result == ISC_R_SUCCESS; - result = dns_rdataset_next(rdataset)) - { + DNS_RDATASET_FOREACH (rdataset) { dns_difftuple_t *tuple = NULL; dns_rdata_t rdata = DNS_RDATA_INIT; @@ -22094,10 +21935,6 @@ update_ttl(dns_rdataset_t *rdataset, dns_name_t *name, dns_ttl_t ttl, &rdata, &tuple); dns_diff_appendminimal(diff, &tuple); } - if (result != ISC_R_NOMORE) { - return result; - } - return ISC_R_SUCCESS; } static isc_result_t @@ -22142,9 +21979,7 @@ remove_rdataset(dns_zone_t *zone, dns_diff_t *diff, dns_rdataset_t *rdataset) { return; } - for (isc_result_t result = dns_rdataset_first(rdataset); - result == ISC_R_SUCCESS; result = dns_rdataset_next(rdataset)) - { + DNS_RDATASET_FOREACH (rdataset) { dns_rdata_t rdata = DNS_RDATA_INIT; dns_difftuple_t *tuple = NULL; @@ -22275,15 +22110,7 @@ zone_rekey(dns_zone_t *zone) { if (kasp == NULL) { ttl = keyset.ttl; } else if (ttl != keyset.ttl && !offlineksk) { - result = update_ttl(&keyset, &zone->origin, ttl, &diff); - if (result != ISC_R_SUCCESS) { - dnssec_log(zone, ISC_LOG_ERROR, - "Updating DNSKEY TTL from %u to %u " - "failed: %s", - keyset.ttl, ttl, - isc_result_totext(result)); - goto failure; - } + update_ttl(&keyset, &zone->origin, ttl, &diff); dnssec_log(zone, ISC_LOG_INFO, "Updating DNSKEY TTL from %u to %u", keyset.ttl, ttl); @@ -22313,13 +22140,7 @@ zone_rekey(dns_zone_t *zone) { } else if (result == ISC_R_SUCCESS && kasp != NULL && ttl != cdsset.ttl && !offlineksk) { - result = update_ttl(&cdsset, &zone->origin, ttl, &diff); - if (result != ISC_R_SUCCESS) { - dnssec_log(zone, ISC_LOG_ERROR, - "Updating CDS TTL from %u to %u failed: %s", - cdsset.ttl, ttl, isc_result_totext(result)); - goto failure; - } + update_ttl(&cdsset, &zone->origin, ttl, &diff); dnssec_log(zone, ISC_LOG_INFO, "Updating CDS TTL from %u to %u", cdsset.ttl, ttl); cdsset.ttl = ttl; @@ -22333,14 +22154,7 @@ zone_rekey(dns_zone_t *zone) { } else if (result == ISC_R_SUCCESS && kasp != NULL && ttl != cdnskeyset.ttl && !offlineksk) { - result = update_ttl(&cdnskeyset, &zone->origin, ttl, &diff); - if (result != ISC_R_SUCCESS) { - dnssec_log( - zone, ISC_LOG_ERROR, - "Updating CDNSKEY TTL from %u to %u failed: %s", - cdnskeyset.ttl, ttl, isc_result_totext(result)); - goto failure; - } + update_ttl(&cdnskeyset, &zone->origin, ttl, &diff); dnssec_log(zone, ISC_LOG_INFO, "Updating CDNSKEY TTL from %u to %u", cdnskeyset.ttl, ttl); @@ -22536,10 +22350,7 @@ zone_rekey(dns_zone_t *zone) { } else { /* Check if there is a CDS DELETE record. */ if (dns_rdataset_isassociated(&cdsset)) { - for (result = dns_rdataset_first(&cdsset); - result == ISC_R_SUCCESS; - result = dns_rdataset_next(&cdsset)) - { + DNS_RDATASET_FOREACH (&cdsset) { dns_rdata_t crdata = DNS_RDATA_INIT; dns_rdataset_current(&cdsset, &crdata); /* @@ -22560,10 +22371,7 @@ zone_rekey(dns_zone_t *zone) { /* Check if there is a CDNSKEY DELETE record. */ if (dns_rdataset_isassociated(&cdnskeyset)) { - for (result = dns_rdataset_first(&cdnskeyset); - result == ISC_R_SUCCESS; - result = dns_rdataset_next(&cdnskeyset)) - { + DNS_RDATASET_FOREACH (&cdnskeyset) { dns_rdata_t crdata = DNS_RDATA_INIT; dns_rdataset_current(&cdnskeyset, &crdata); @@ -23076,9 +22884,7 @@ dns_zone_cdscheck(dns_zone_t *zone, dns_db_t *db, dns_dbversion_t *version) { if (dns_rdataset_isassociated(&cds)) { bool delete = false; memset(algorithms, notexpected, sizeof(algorithms)); - for (result = dns_rdataset_first(&cds); result == ISC_R_SUCCESS; - result = dns_rdataset_next(&cds)) - { + DNS_RDATASET_FOREACH (&cds) { dns_rdata_t crdata = DNS_RDATA_INIT; dns_rdata_cds_t structcds; @@ -23104,16 +22910,12 @@ dns_zone_cdscheck(dns_zone_t *zone, dns_db_t *db, dns_dbversion_t *version) { if (algorithms[structcds.algorithm] == 0) { algorithms[structcds.algorithm] = expected; } - for (result = dns_rdataset_first(&dnskey); - result == ISC_R_SUCCESS; - result = dns_rdataset_next(&dnskey)) - { + DNS_RDATASET_FOREACH (&dnskey) { dns_rdata_t rdata = DNS_RDATA_INIT; dns_rdata_dnskey_t structdnskey; dns_rdataset_current(&dnskey, &rdata); - CHECK(dns_rdata_tostruct(&rdata, &structdnskey, - NULL)); + dns_rdata_tostruct(&rdata, &structdnskey, NULL); if (structdnskey.algorithm == structcds.algorithm) @@ -23121,9 +22923,6 @@ dns_zone_cdscheck(dns_zone_t *zone, dns_db_t *db, dns_dbversion_t *version) { algorithms[structcds.algorithm] = found; } } - if (result != ISC_R_NOMORE) { - goto failure; - } } for (i = 0; i < sizeof(algorithms); i++) { if (delete) { @@ -23146,10 +22945,7 @@ dns_zone_cdscheck(dns_zone_t *zone, dns_db_t *db, dns_dbversion_t *version) { if (dns_rdataset_isassociated(&cdnskey)) { bool delete = false; memset(algorithms, notexpected, sizeof(algorithms)); - for (result = dns_rdataset_first(&cdnskey); - result == ISC_R_SUCCESS; - result = dns_rdataset_next(&cdnskey)) - { + DNS_RDATASET_FOREACH (&cdnskey) { dns_rdata_t crdata = DNS_RDATA_INIT; dns_rdata_cdnskey_t structcdnskey; @@ -23177,10 +22973,7 @@ dns_zone_cdscheck(dns_zone_t *zone, dns_db_t *db, dns_dbversion_t *version) { if (algorithms[structcdnskey.algorithm] == 0) { algorithms[structcdnskey.algorithm] = expected; } - for (result = dns_rdataset_first(&dnskey); - result == ISC_R_SUCCESS; - result = dns_rdataset_next(&dnskey)) - { + DNS_RDATASET_FOREACH (&dnskey) { dns_rdata_t rdata = DNS_RDATA_INIT; dns_rdata_dnskey_t structdnskey; @@ -23195,9 +22988,6 @@ dns_zone_cdscheck(dns_zone_t *zone, dns_db_t *db, dns_dbversion_t *version) { found; } } - if (result != ISC_R_NOMORE) { - goto failure; - } } for (i = 0; i < sizeof(algorithms); i++) { if (delete) { @@ -23459,7 +23249,6 @@ static void keydone(void *arg) { bool commit = false; isc_result_t result; - dns_rdata_t rdata = DNS_RDATA_INIT; dns_dbversion_t *oldver = NULL, *newver = NULL; dns_db_t *db = NULL; dns_dbnode_t *node = NULL; @@ -23511,9 +23300,8 @@ keydone(void *arg) { goto failure; } - for (result = dns_rdataset_first(&rdataset); result == ISC_R_SUCCESS; - result = dns_rdataset_next(&rdataset)) - { + DNS_RDATASET_FOREACH (&rdataset) { + dns_rdata_t rdata = DNS_RDATA_INIT; bool found = false; dns_rdataset_current(&rdataset, &rdata); @@ -23540,7 +23328,6 @@ keydone(void *arg) { &zone->origin, rdataset.ttl, &rdata)); } - dns_rdata_reset(&rdata); } if (!ISC_LIST_EMPTY(diff.tuples)) { @@ -23735,7 +23522,6 @@ rss_post(void *arg) { dns_rdataset_t prdataset, nrdataset; dns_diff_t diff; dns_update_log_t log = { update_log_cb, NULL }; - dns_rdata_t rdata; bool nseconly; bool exists = false; @@ -23818,11 +23604,8 @@ rss_post(void *arg) { result = dns_db_findrdataset(db, node, newver, zone->privatetype, dns_rdatatype_none, 0, &prdataset, NULL); if (result == ISC_R_SUCCESS) { - for (result = dns_rdataset_first(&prdataset); - result == ISC_R_SUCCESS; - result = dns_rdataset_next(&prdataset)) - { - dns_rdata_init(&rdata); + DNS_RDATASET_FOREACH (&prdataset) { + dns_rdata_t rdata = DNS_RDATA_INIT; dns_rdataset_current(&prdataset, &rdata); if (np->length == rdata.length && @@ -23843,11 +23626,8 @@ rss_post(void *arg) { result = dns_db_findrdataset(db, node, newver, dns_rdatatype_nsec3param, dns_rdatatype_none, 0, &nrdataset, NULL); if (result == ISC_R_SUCCESS) { - for (result = dns_rdataset_first(&nrdataset); - result == ISC_R_SUCCESS; - result = dns_rdataset_next(&nrdataset)) - { - dns_rdata_init(&rdata); + DNS_RDATASET_FOREACH (&nrdataset) { + dns_rdata_t rdata = DNS_RDATA_INIT; dns_rdataset_current(&nrdataset, &rdata); if (np->length == ((unsigned int)rdata.length + 1) && @@ -23884,7 +23664,7 @@ rss_post(void *arg) { * algorithm), add the INITIAL flag, so these parameters can be * used later when NSEC3 becomes available. */ - dns_rdata_init(&rdata); + dns_rdata_t rdata = DNS_RDATA_INIT; np->data[2] |= DNS_NSEC3FLAG_CREATE; result = dns_nsec_nseconly(db, newver, NULL, &nseconly); @@ -23974,7 +23754,6 @@ dns__zone_lookup_nsec3param(dns_zone_t *zone, dns_rdata_nsec3param_t *lookup, dns_dbversion_t *version = NULL; dns_rdataset_t rdataset; dns_rdata_nsec3param_t nsec3param; - dns_rdata_t rdata = DNS_RDATA_INIT; REQUIRE(DNS_ZONE_VALID(zone)); @@ -24015,13 +23794,11 @@ dns__zone_lookup_nsec3param(dns_zone_t *zone, dns_rdata_nsec3param_t *lookup, goto setparam; } - for (result = dns_rdataset_first(&rdataset); result == ISC_R_SUCCESS; - result = dns_rdataset_next(&rdataset)) - { + result = ISC_R_NOTFOUND; + DNS_RDATASET_FOREACH (&rdataset) { + dns_rdata_t rdata = DNS_RDATA_INIT; dns_rdataset_current(&rdataset, &rdata); - result = dns_rdata_tostruct(&rdata, &nsec3param, NULL); - INSIST(result == ISC_R_SUCCESS); - dns_rdata_reset(&rdata); + dns_rdata_tostruct(&rdata, &nsec3param, NULL); /* Check parameters. */ if (nsec3param.hash != lookup->hash) { @@ -24050,10 +23827,6 @@ dns__zone_lookup_nsec3param(dns_zone_t *zone, dns_rdata_nsec3param_t *lookup, break; } - if (result == ISC_R_NOMORE) { - result = ISC_R_NOTFOUND; - } - setparam: if (result != ISC_R_SUCCESS) { /* Found no match. */ diff --git a/lib/dns/zoneverify.c b/lib/dns/zoneverify.c index ab186634ec..5a6b891ae7 100644 --- a/lib/dns/zoneverify.c +++ b/lib/dns/zoneverify.c @@ -427,18 +427,13 @@ static isc_result_t find_nsec3_match(const dns_rdata_nsec3param_t *nsec3param, dns_rdataset_t *rdataset, size_t rhsize, dns_rdata_nsec3_t *nsec3_match) { - isc_result_t result; - /* * Find matching NSEC3 record. */ - for (result = dns_rdataset_first(rdataset); result == ISC_R_SUCCESS; - result = dns_rdataset_next(rdataset)) - { + DNS_RDATASET_FOREACH (rdataset) { dns_rdata_t rdata = DNS_RDATA_INIT; dns_rdataset_current(rdataset, &rdata); - result = dns_rdata_tostruct(&rdata, nsec3_match, NULL); - RUNTIME_CHECK(result == ISC_R_SUCCESS); + dns_rdata_tostruct(&rdata, nsec3_match, NULL); if (nsec3_match->hash == nsec3param->hash && nsec3_match->next_length == rhsize && nsec3_match->iterations == nsec3param->iterations && @@ -450,7 +445,7 @@ find_nsec3_match(const dns_rdata_nsec3param_t *nsec3param, } } - return result; + return ISC_R_NOTFOUND; } static isc_result_t @@ -533,9 +528,7 @@ innsec3params(const dns_rdata_nsec3_t *nsec3, dns_rdataset_t *nsec3paramset) { dns_rdata_nsec3param_t nsec3param; isc_result_t result; - for (result = dns_rdataset_first(nsec3paramset); - result == ISC_R_SUCCESS; result = dns_rdataset_next(nsec3paramset)) - { + DNS_RDATASET_FOREACH (nsec3paramset) { dns_rdata_t rdata = DNS_RDATA_INIT; dns_rdataset_current(nsec3paramset, &rdata); @@ -585,9 +578,7 @@ record_found(const vctx_t *vctx, const dns_name_t *name, dns_dbnode_t *node, goto cleanup; } - for (result = dns_rdataset_first(&rdataset); result == ISC_R_SUCCESS; - result = dns_rdataset_next(&rdataset)) - { + DNS_RDATASET_FOREACH (&rdataset) { dns_rdata_t rdata = DNS_RDATA_INIT; dns_rdataset_current(&rdataset, &rdata); result = dns_rdata_tostruct(&rdata, &nsec3, NULL); @@ -781,11 +772,9 @@ verifynsec3s(const vctx_t *vctx, const dns_name_t *name, dns_rdataset_t *nsec3paramset, bool delegation, bool empty, const unsigned char types[8192], unsigned int maxtype, isc_result_t *vresult) { - isc_result_t result; + isc_result_t result = ISC_R_NOMORE; - for (result = dns_rdataset_first(nsec3paramset); - result == ISC_R_SUCCESS; result = dns_rdataset_next(nsec3paramset)) - { + DNS_RDATASET_FOREACH (nsec3paramset) { dns_rdata_t rdata = DNS_RDATA_INIT; dns_rdataset_current(nsec3paramset, &rdata); @@ -798,9 +787,7 @@ verifynsec3s(const vctx_t *vctx, const dns_name_t *name, break; } } - if (result == ISC_R_NOMORE) { - result = ISC_R_SUCCESS; - } + return result; } @@ -847,9 +834,7 @@ verifyset(vctx_t *vctx, dns_rdataset_t *rdataset, const dns_name_t *name, goto done; } - for (result = dns_rdataset_first(&sigrdataset); result == ISC_R_SUCCESS; - result = dns_rdataset_next(&sigrdataset)) - { + DNS_RDATASET_FOREACH (&sigrdataset) { dns_rdata_t rdata = DNS_RDATA_INIT; dns_rdata_rrsig_t sig; @@ -1515,10 +1500,7 @@ check_dnskey_sigs(vctx_t *vctx, const dns_rdata_dnskey_t *dnskey, */ dns_rdataset_init(&dsset); if (dns_keynode_dsset(keynode, &dsset)) { - for (result = dns_rdataset_first(&dsset); - result == ISC_R_SUCCESS; - result = dns_rdataset_next(&dsset)) - { + DNS_RDATASET_FOREACH (&dsset) { dns_rdata_t dsrdata = DNS_RDATA_INIT; dns_rdata_t newdsrdata = DNS_RDATA_INIT; unsigned char buf[DNS_DS_BUFFERSIZE]; @@ -1571,14 +1553,12 @@ cleanup: */ static isc_result_t check_dnskey(vctx_t *vctx) { - dns_rdata_t rdata = DNS_RDATA_INIT; dns_rdata_dnskey_t dnskey; isc_result_t result; bool is_ksk; - for (result = dns_rdataset_first(&vctx->keyset); - result == ISC_R_SUCCESS; result = dns_rdataset_next(&vctx->keyset)) - { + DNS_RDATASET_FOREACH (&vctx->keyset) { + dns_rdata_t rdata = DNS_RDATA_INIT; dns_rdataset_current(&vctx->keyset, &rdata); result = dns_rdata_tostruct(&rdata, &dnskey, NULL); RUNTIME_CHECK(result == ISC_R_SUCCESS); @@ -1630,7 +1610,6 @@ check_dnskey(vctx_t *vctx) { check_dnskey_sigs(vctx, &dnskey, &rdata, is_ksk); } dns_rdata_freestruct(&dnskey); - dns_rdata_reset(&rdata); } return ISC_R_SUCCESS; @@ -1713,9 +1692,7 @@ verify_nodes(vctx_t *vctx, isc_result_t *vresult) { count = dns_rdataset_count(&vctx->keyset); dstkeys = isc_mem_cget(vctx->mctx, count, sizeof(*dstkeys)); - for (result = dns_rdataset_first(&vctx->keyset); - result == ISC_R_SUCCESS; result = dns_rdataset_next(&vctx->keyset)) - { + DNS_RDATASET_FOREACH (&vctx->keyset) { dns_rdata_t rdata = DNS_RDATA_INIT; dns_rdataset_current(&vctx->keyset, &rdata); dstkeys[nkeys] = NULL; diff --git a/lib/ns/query.c b/lib/ns/query.c index 547126a90b..805f4a00d7 100644 --- a/lib/ns/query.c +++ b/lib/ns/query.c @@ -2465,7 +2465,6 @@ static bool validate(ns_client_t *client, dns_db_t *db, dns_name_t *name, dns_rdataset_t *rdataset, dns_rdataset_t *sigrdataset) { isc_result_t result; - dns_rdata_t rdata = DNS_RDATA_INIT; dns_rdata_rrsig_t rrsig; dst_key_t *key = NULL; dns_rdataset_t keyrdataset; @@ -2474,10 +2473,8 @@ validate(ns_client_t *client, dns_db_t *db, dns_name_t *name, return false; } - for (result = dns_rdataset_first(sigrdataset); result == ISC_R_SUCCESS; - result = dns_rdataset_next(sigrdataset)) - { - dns_rdata_reset(&rdata); + DNS_RDATASET_FOREACH (sigrdataset) { + dns_rdata_t rdata = DNS_RDATA_INIT; dns_rdataset_current(sigrdataset, &rdata); result = dns_rdata_tostruct(&rdata, &rrsig, NULL); RUNTIME_CHECK(result == ISC_R_SUCCESS); @@ -3625,10 +3622,7 @@ rpz_rewrite_ip_rrset(ns_client_t *client, dns_name_t *name, /* * Check all of the IP addresses in the rdataset. */ - for (result = dns_rdataset_first(*ip_rdatasetp); - result == ISC_R_SUCCESS; - result = dns_rdataset_next(*ip_rdatasetp)) - { + DNS_RDATASET_FOREACH (*ip_rdatasetp) { dns_rdata_t rdata = DNS_RDATA_INIT; dns_rdataset_current(*ip_rdatasetp, &rdata); switch (rdata.type) { @@ -4329,10 +4323,9 @@ static bool rpz_ck_dnssec(ns_client_t *client, isc_result_t qresult, dns_rdataset_t *rdataset, dns_rdataset_t *sigrdataset) { dns_fixedname_t fixed; - dns_name_t *found; - dns_rdataset_t trdataset; + dns_name_t *found = NULL; + dns_rdataset_t trdataset = DNS_RDATASET_INIT; dns_rdatatype_t type; - isc_result_t result; CTRACE(ISC_LOG_DEBUG(3), "rpz_ck_dnssec"); @@ -4379,9 +4372,7 @@ rpz_ck_dnssec(ns_client_t *client, isc_result_t qresult, } found = dns_fixedname_initname(&fixed); dns_rdataset_init(&trdataset); - for (result = dns_rdataset_first(rdataset); result == ISC_R_SUCCESS; - result = dns_rdataset_next(rdataset)) - { + DNS_RDATASET_FOREACH (rdataset) { dns_ncache_current(rdataset, found, &trdataset); type = trdataset.type; dns_rdataset_disassociate(&trdataset); @@ -4691,13 +4682,13 @@ redirect(ns_client_t *client, dns_name_t *name, dns_rdataset_t *rdataset, dns_db_t *db = NULL; dns_dbnode_t *node = NULL; dns_fixedname_t fixed; - dns_name_t *found; - dns_rdataset_t trdataset; + dns_name_t *found = NULL; + dns_rdataset_t trdataset = DNS_RDATASET_INIT; isc_result_t result; dns_rdatatype_t type; dns_clientinfomethods_t cm; dns_clientinfo_t ci; - ns_dbversion_t *dbversion; + ns_dbversion_t *dbversion = NULL; CTRACE(ISC_LOG_DEBUG(3), "redirect"); @@ -4706,7 +4697,6 @@ redirect(ns_client_t *client, dns_name_t *name, dns_rdataset_t *rdataset, } found = dns_fixedname_initname(&fixed); - dns_rdataset_init(&trdataset); dns_clientinfomethods_init(&cm, ns_client_sourceip); dns_clientinfo_init(&ci, client, NULL); @@ -4728,10 +4718,7 @@ redirect(ns_client_t *client, dns_name_t *name, dns_rdataset_t *rdataset, return ISC_R_NOTFOUND; } if ((rdataset->attributes & DNS_RDATASETATTR_NEGATIVE) != 0) { - for (result = dns_rdataset_first(rdataset); - result == ISC_R_SUCCESS; - result = dns_rdataset_next(rdataset)) - { + DNS_RDATASET_FOREACH (rdataset) { dns_ncache_current(rdataset, found, &trdataset); type = trdataset.type; dns_rdataset_disassociate(&trdataset); @@ -4822,8 +4809,8 @@ redirect2(ns_client_t *client, dns_name_t *name, dns_rdataset_t *rdataset, dns_dbnode_t *node = NULL; dns_fixedname_t fixed; dns_fixedname_t fixedredirect; - dns_name_t *found, *redirectname; - dns_rdataset_t trdataset; + dns_name_t *found = NULL, *redirectname = NULL; + dns_rdataset_t trdataset = DNS_RDATASET_INIT; isc_result_t result; dns_rdatatype_t type; dns_clientinfomethods_t cm; @@ -4844,7 +4831,6 @@ redirect2(ns_client_t *client, dns_name_t *name, dns_rdataset_t *rdataset, } found = dns_fixedname_initname(&fixed); - dns_rdataset_init(&trdataset); dns_clientinfomethods_init(&cm, ns_client_sourceip); dns_clientinfo_init(&ci, client, NULL); @@ -4866,10 +4852,7 @@ redirect2(ns_client_t *client, dns_name_t *name, dns_rdataset_t *rdataset, return ISC_R_NOTFOUND; } if ((rdataset->attributes & DNS_RDATASETATTR_NEGATIVE) != 0) { - for (result = dns_rdataset_first(rdataset); - result == ISC_R_SUCCESS; - result = dns_rdataset_next(rdataset)) - { + DNS_RDATASET_FOREACH (rdataset) { dns_ncache_current(rdataset, found, &trdataset); type = trdataset.type; dns_rdataset_disassociate(&trdataset); @@ -6891,12 +6874,10 @@ query_checkrrl(query_ctx_t *qctx, isc_result_t result) { (qctx->client->query.rpz_st->state & DNS_RPZ_REWRITTEN) == 0) && (qctx->client->query.attributes & NS_QUERYATTR_RRL_CHECKED) == 0) { - dns_rdataset_t nc_rdataset; bool wouldlog; - dns_fixedname_t fixed; const dns_name_t *constname; char log_buf[DNS_RRL_LOG_BUF_LEN]; - isc_result_t nc_result, resp_result; + isc_result_t resp_result; dns_rrl_result_t rrl_result; qctx->client->query.attributes |= NS_QUERYATTR_RRL_CHECKED; @@ -6920,18 +6901,15 @@ query_checkrrl(query_ctx_t *qctx, isc_result_t result) { /* * Try to use owner name in the negative cache SOA. */ - dns_fixedname_init(&fixed); - dns_rdataset_init(&nc_rdataset); - for (nc_result = dns_rdataset_first(qctx->rdataset); - nc_result == ISC_R_SUCCESS; - nc_result = dns_rdataset_next(qctx->rdataset)) - { - dns_ncache_current(qctx->rdataset, - dns_fixedname_name(&fixed), + dns_rdataset_t nc_rdataset = DNS_RDATASET_INIT; + dns_fixedname_t fixed; + dns_name_t *n = dns_fixedname_initname(&fixed); + DNS_RDATASET_FOREACH (qctx->rdataset) { + dns_ncache_current(qctx->rdataset, n, &nc_rdataset); if (nc_rdataset.type == dns_rdatatype_soa) { dns_rdataset_disassociate(&nc_rdataset); - constname = dns_fixedname_name(&fixed); + constname = n; break; } dns_rdataset_disassociate(&nc_rdataset); @@ -7319,10 +7297,7 @@ has_ta(query_ctx_t *qctx) { dns_rdataset_init(&dsset); if (dns_keynode_dsset(keynode, &dsset)) { - for (result = dns_rdataset_first(&dsset); - result == ISC_R_SUCCESS; - result = dns_rdataset_next(&dsset)) - { + DNS_RDATASET_FOREACH (&dsset) { dns_rdata_t rdata = DNS_RDATA_INIT; dns_rdata_ds_t ds; @@ -8326,10 +8301,7 @@ query_filter64(query_ctx_t *qctx) { myrdatalist->ttl = qctx->rdataset->ttl; i = 0; - for (result = dns_rdataset_first(qctx->rdataset); - result == ISC_R_SUCCESS; - result = dns_rdataset_next(qctx->rdataset)) - { + DNS_RDATASET_FOREACH (qctx->rdataset) { dns_rdata_t rdata = DNS_RDATA_INIT; dns_rdata_t *myrdata = NULL; isc_region_t r; @@ -9702,17 +9674,15 @@ query_synthnxdomainnodata(query_ctx_t *qctx, bool nodata, dns_name_t *nowild, */ static isc_result_t checksignames(dns_name_t *signer, dns_rdataset_t *sigrdataset) { - isc_result_t result; - - for (result = dns_rdataset_first(sigrdataset); result == ISC_R_SUCCESS; - result = dns_rdataset_next(sigrdataset)) - { + DNS_RDATASET_FOREACH (sigrdataset) { + isc_result_t result; dns_rdata_t rdata = DNS_RDATA_INIT; dns_rdata_rrsig_t rrsig; dns_rdataset_current(sigrdataset, &rdata); result = dns_rdata_tostruct(&rdata, &rrsig, NULL); RUNTIME_CHECK(result == ISC_R_SUCCESS); + if (dns_name_countlabels(signer) == 0) { dns_name_copy(&rrsig.signer, signer); } else if (!dns_name_equal(signer, &rrsig.signer)) { diff --git a/lib/ns/update.c b/lib/ns/update.c index 12a49a25a3..6d04f62c87 100644 --- a/lib/ns/update.c +++ b/lib/ns/update.c @@ -552,9 +552,7 @@ static isc_result_t foreach_node_rr_action(void *data, dns_rdataset_t *rdataset) { isc_result_t result; foreach_node_rr_ctx_t *ctx = data; - for (result = dns_rdataset_first(rdataset); result == ISC_R_SUCCESS; - result = dns_rdataset_next(rdataset)) - { + DNS_RDATASET_FOREACH (rdataset) { rr_t rr = { 0, DNS_RDATA_INIT }; dns_rdataset_current(rdataset, &rr.rdata); @@ -564,9 +562,6 @@ foreach_node_rr_action(void *data, dns_rdataset_t *rdataset) { return result; } } - if (result != ISC_R_NOMORE) { - return result; - } return ISC_R_SUCCESS; } @@ -727,9 +722,7 @@ foreach_rr(dns_db_t *db, dns_dbversion_t *ver, dns_name_t *name, dns_rdataset_getownercase(&rdataset, ctx->oldname); } - for (result = dns_rdataset_first(&rdataset); result == ISC_R_SUCCESS; - result = dns_rdataset_next(&rdataset)) - { + DNS_RDATASET_FOREACH (&rdataset) { rr_t rr = { 0, DNS_RDATA_INIT }; dns_rdataset_current(&rdataset, &rr.rdata); rr.ttl = rdataset.ttl; @@ -738,9 +731,6 @@ foreach_rr(dns_db_t *db, dns_dbversion_t *ver, dns_name_t *name, goto cleanup_rdataset; } } - if (result != ISC_R_NOMORE) { - goto cleanup_rdataset; - } result = ISC_R_SUCCESS; cleanup_rdataset: @@ -951,10 +941,7 @@ ssu_checkrule(void *data, dns_rdataset_t *rrset) { dns_rdataset_init(&rdataset); dns_rdataset_clone(rrset, &rdataset); - for (result = dns_rdataset_first(&rdataset); - result == ISC_R_SUCCESS; - result = dns_rdataset_next(&rdataset)) - { + DNS_RDATASET_FOREACH (&rdataset) { dns_rdata_t rdata = DNS_RDATA_INIT; dns_rdataset_current(&rdataset, &rdata); if (rrset->type == dns_rdatatype_ptr) { @@ -975,9 +962,6 @@ ssu_checkrule(void *data, dns_rdataset_t *rrset) { break; } } - if (result != ISC_R_NOMORE) { - rule_ok = false; - } dns_rdataset_disassociate(&rdataset); } else { rule_ok = dns_ssutable_checkrules( @@ -1191,17 +1175,12 @@ temp_check(isc_mem_t *mctx, dns_diff_t *temp, dns_db_t *db, dns_diff_init(mctx, &d_rrs); dns_diff_init(mctx, &u_rrs); - for (result = dns_rdataset_first(&rdataset); - result == ISC_R_SUCCESS; - result = dns_rdataset_next(&rdataset)) - { + DNS_RDATASET_FOREACH (&rdataset) { dns_rdata_t rdata = DNS_RDATA_INIT; dns_rdataset_current(&rdataset, &rdata); temp_append(&d_rrs, name, &rdata); } - if (result != ISC_R_NOMORE) { - goto failure; - } + result = dns_diff_sort(&d_rrs, temp_order); if (result != ISC_R_SUCCESS) { goto failure; @@ -2201,22 +2180,17 @@ rr_exists(dns_db_t *db, dns_dbversion_t *ver, dns_name_t *name, goto failure; } - for (result = dns_rdataset_first(&rdataset); result == ISC_R_SUCCESS; - result = dns_rdataset_next(&rdataset)) - { + bool matched = false; + DNS_RDATASET_FOREACH (&rdataset) { dns_rdata_t myrdata = DNS_RDATA_INIT; dns_rdataset_current(&rdataset, &myrdata); - if (!dns_rdata_casecompare(&myrdata, rdata)) { + if (dns_rdata_casecompare(&myrdata, rdata) == 0) { + matched = true; break; } } dns_rdataset_disassociate(&rdataset); - if (result == ISC_R_SUCCESS) { - *flag = true; - } else if (result == ISC_R_NOMORE) { - *flag = false; - result = ISC_R_SUCCESS; - } + *flag = matched; failure: if (node != NULL) { @@ -2249,9 +2223,7 @@ get_iterations(dns_db_t *db, dns_dbversion_t *ver, dns_rdatatype_t privatetype, goto failure; } - for (result = dns_rdataset_first(&rdataset); result == ISC_R_SUCCESS; - result = dns_rdataset_next(&rdataset)) - { + DNS_RDATASET_FOREACH (&rdataset) { dns_rdata_t rdata = DNS_RDATA_INIT; dns_rdataset_current(&rdataset, &rdata); CHECK(dns_rdata_tostruct(&rdata, &nsec3param, NULL)); @@ -2262,9 +2234,6 @@ get_iterations(dns_db_t *db, dns_dbversion_t *ver, dns_rdatatype_t privatetype, iterations = nsec3param.iterations; } } - if (result != ISC_R_NOMORE) { - goto failure; - } dns_rdataset_disassociate(&rdataset); @@ -2282,9 +2251,7 @@ try_private: goto failure; } - for (result = dns_rdataset_first(&rdataset); result == ISC_R_SUCCESS; - result = dns_rdataset_next(&rdataset)) - { + DNS_RDATASET_FOREACH (&rdataset) { unsigned char buf[DNS_NSEC3PARAM_BUFFERSIZE]; dns_rdata_t private = DNS_RDATA_INIT; dns_rdata_t rdata = DNS_RDATA_INIT; @@ -2303,9 +2270,6 @@ try_private: iterations = nsec3param.iterations; } } - if (result != ISC_R_NOMORE) { - goto failure; - } success: *iterationsp = iterations;