save the result of is_response(msg) so it can be treated as a invariant by clang

lib/dns/tsig.c

@@ -16,7 +16,7 @@
  */
 
 /*
- * $Id: tsig.c,v 1.148 2011/03/21 19:54:03 each Exp $
+ * $Id: tsig.c,v 1.149 2011/08/25 06:20:07 marka Exp $
  */
 /*! \file */
 #include <config.h>
@@ -889,6 +889,7 @@ dns_tsig_sign(dns_message_t *msg) {
 	isc_result_t ret;
 	unsigned char badtimedata[BADTIMELEN];
 	unsigned int sigsize = 0;
+	isc_boolean_t response = is_response(msg);
 
 	REQUIRE(msg != NULL);
 	REQUIRE(VALID_TSIG_KEY(dns_message_gettsigkey(msg)));
@@ -896,7 +897,7 @@ dns_tsig_sign(dns_message_t *msg) {
 	/*
 	 * If this is a response, there should be a query tsig.
 	 */
-	if (is_response(msg) && msg->querytsig == NULL)
+	if (response && msg->querytsig == NULL)
 		return (DNS_R_EXPECTEDTSIG);
 
 	dynbuf = NULL;
@@ -919,7 +920,7 @@ dns_tsig_sign(dns_message_t *msg) {
 
 	isc_buffer_init(&databuf, data, sizeof(data));
 
-	if (is_response(msg))
+	if (response)
 		tsig.error = msg->querytsigstatus;
 	else
 		tsig.error = dns_rcode_noerror;
@@ -948,7 +949,7 @@ dns_tsig_sign(dns_message_t *msg) {
 		/*
 		 * If this is a response, digest the query signature.
 		 */
-		if (is_response(msg)) {
+		if (response) {
 			dns_rdata_t querytsigrdata = DNS_RDATA_INIT;
 
 			ret = dns_rdataset_first(msg->querytsig);
@@ -1068,7 +1069,7 @@ dns_tsig_sign(dns_message_t *msg) {
 		digestbits = dst_key_getbits(key->key);
 		if (digestbits != 0) {
 			unsigned int bytes = (digestbits + 1) / 8;
-			if (is_response(msg) && bytes < querytsig.siglen)
+			if (response && bytes < querytsig.siglen)
 				bytes = querytsig.siglen;
 			if (bytes > isc_buffer_usedlength(&sigbuf))
 				bytes = isc_buffer_usedlength(&sigbuf);
@@ -1170,10 +1171,12 @@ dns_tsig_verify(isc_buffer_t *source, dns_message_t *msg,
 	isc_uint16_t addcount, id;
 	unsigned int siglen;
 	unsigned int alg;
+	isc_boolean_t response;
 
 	REQUIRE(source != NULL);
 	REQUIRE(DNS_MESSAGE_VALID(msg));
 	tsigkey = dns_message_gettsigkey(msg);
+	response = is_response(msg);
 
 	REQUIRE(tsigkey == NULL || VALID_TSIG_KEY(tsigkey));
 
@@ -1195,8 +1198,7 @@ dns_tsig_verify(isc_buffer_t *source, dns_message_t *msg,
 	 * If this is a response and there's no key or query TSIG, there
 	 * shouldn't be one on the response.
 	 */
-	if (is_response(msg) &&
-	    (tsigkey == NULL || msg->querytsig == NULL))
+	if (response && (tsigkey == NULL || msg->querytsig == NULL))
 		return (DNS_R_UNEXPECTEDTSIG);
 
 	mctx = msg->mctx;
@@ -1215,7 +1217,7 @@ dns_tsig_verify(isc_buffer_t *source, dns_message_t *msg,
 	if (ret != ISC_R_SUCCESS)
 		return (ret);
 	dns_rdata_reset(&rdata);
-	if (is_response(msg)) {
+	if (response) {
 		ret = dns_rdataset_first(msg->querytsig);
 		if (ret != ISC_R_SUCCESS)
 			return (ret);
@@ -1228,7 +1230,7 @@ dns_tsig_verify(isc_buffer_t *source, dns_message_t *msg,
 	/*
 	 * Do the key name and algorithm match that of the query?
 	 */
-	if (is_response(msg) &&
+	if (response &&
 	    (!dns_name_equal(keyname, &tsigkey->name) ||
 	     !dns_name_equal(&tsig.algorithm, &querytsig.algorithm))) {
 		msg->tsigstatus = dns_tsigerror_badkey;
@@ -1326,7 +1328,7 @@ dns_tsig_verify(isc_buffer_t *source, dns_message_t *msg,
 		if (ret != ISC_R_SUCCESS)
 			return (ret);
 
-		if (is_response(msg)) {
+		if (response) {
 			isc_buffer_init(&databuf, data, sizeof(data));
 			isc_buffer_putuint16(&databuf, querytsig.siglen);
 			isc_buffer_usedregion(&databuf, &r);