[3919] Reverted last change and added a comment

src/lib/dns/tests/tsig_unittest.cc

@@ -1,4 +1,4 @@
-// Copyright (C) 2011, 2014  Internet Systems Consortium, Inc. ("ISC")
+// Copyright (C) 2011, 2014, 2015  Internet Systems Consortium, Inc. ("ISC")
 //
 // Permission to use, copy, modify, and/or distribute this software for any
 // purpose with or without fee is hereby granted, provided that the above
@@ -51,6 +51,9 @@ using namespace isc::dns::rdata;
 using isc::UnitTestUtil;
 using isc::util::unittests::matchWireData;
 
+// @note: blocks and SCOPED_TRACE can make buggy cppchecks to raise
+// a spurious syntax error...
+
 // See dnssectime.cc
 namespace isc {
 namespace util {
@@ -1085,93 +1088,105 @@ TEST_F(TSIGTest, verifyMulti) {
 
     // First, send query from the verify one to the normal one, so
     // we initialize something like AXFR
-    // SCOPED_TRACE("Query");
-    ConstTSIGRecordPtr tsigQ = createMessageAndSign(1234, test_name,
-						    tsig_verify_ctx.get());
-    commonVerifyChecks(*tsig_ctx, tsigQ.get(),
-		       renderer.getData(), renderer.getLength(),
-		       TSIGError(Rcode::NOERROR()),
-		       TSIGContext::RECEIVED_REQUEST);
-
-    // SCOPED_TRACE("First message");
-    ConstTSIGRecordPtr tsig1 = createMessageAndSign(1234, test_name,
-						    tsig_ctx.get());
-    commonVerifyChecks(*tsig_verify_ctx, tsig1.get(),
-		       renderer.getData(), renderer.getLength(),
-		       TSIGError(Rcode::NOERROR()),
-		       TSIGContext::VERIFIED_RESPONSE);
-    EXPECT_TRUE(tsig_verify_ctx->lastHadSignature());
-
-    // SCOPED_TRACE("Second message");
-    ConstTSIGRecordPtr tsig2 = createMessageAndSign(1234, test_name,
-						    tsig_ctx.get());
-    commonVerifyChecks(*tsig_verify_ctx, tsig2.get(),
-		       renderer.getData(), renderer.getLength(),
-		       TSIGError(Rcode::NOERROR()),
-		       TSIGContext::VERIFIED_RESPONSE);
-    EXPECT_TRUE(tsig_verify_ctx->lastHadSignature());
-
-    // SCOPED_TRACE("Third message. Unsigned.");
-    // Another message does not carry the TSIG on it. But it should
-    // be OK, it's in the middle of stream.
-    message.clear(Message::RENDER);
-    message.setQid(1234);
-    message.setOpcode(Opcode::QUERY());
-    message.setRcode(Rcode::NOERROR());
-    RRsetPtr answer_rrset(new RRset(test_name, test_class, RRType::A(),
-				    test_ttl));
-    answer_rrset->addRdata(createRdata(RRType::A(), test_class,
-				       "192.0.2.1"));
-    message.addRRset(Message::SECTION_ANSWER, answer_rrset);
-    message.toWire(renderer);
-    // Update the internal state. We abuse the knowledge of
-    // internals here a little bit to generate correct test data
-    tsig_ctx->update(renderer.getData(), renderer.getLength());
-
-    commonVerifyChecks(*tsig_verify_ctx, NULL,
-		       renderer.getData(), renderer.getLength(),
-		       TSIGError(Rcode::NOERROR()),
-		       TSIGContext::VERIFIED_RESPONSE);
-
-    EXPECT_FALSE(tsig_verify_ctx->lastHadSignature());
-
-    // SCOPED_TRACE("Fourth message. Signed again.");
-    ConstTSIGRecordPtr tsig4 = createMessageAndSign(1234, test_name,
-						    tsig_ctx.get());
-    commonVerifyChecks(*tsig_verify_ctx, tsig4.get(),
-		       renderer.getData(), renderer.getLength(),
-		       TSIGError(Rcode::NOERROR()),
-		       TSIGContext::VERIFIED_RESPONSE);
-    EXPECT_TRUE(tsig_verify_ctx->lastHadSignature());
-
-    // SCOPED_TRACE("Filling in bunch of unsigned messages");
-    for (size_t i = 0; i < 100; ++i) {
-	// SCOPED_TRACE(i);
-	// Another message does not carry the TSIG on it. But it should
-	// be OK, it's in the middle of stream.
-	message.clear(Message::RENDER);
-	message.setQid(1234);
-	message.setOpcode(Opcode::QUERY());
-	message.setRcode(Rcode::NOERROR());
-	RRsetPtr answer_rrsetl(new RRset(test_name, test_class, RRType::A(),
-					test_ttl));
-	answer_rrsetl->addRdata(createRdata(RRType::A(), test_class,
-					    "192.0.2.1"));
-	message.addRRset(Message::SECTION_ANSWER, answer_rrsetl);
-	message.toWire(renderer);
-	// Update the internal state. We abuse the knowledge of
-	// internals here a little bit to generate correct test data
-	tsig_ctx->update(renderer.getData(), renderer.getLength());
-
-	// 99 unsigned messages is OK. But the 100th must be signed, according
-	// to the RFC2845, section 4.4
-	commonVerifyChecks(*tsig_verify_ctx, NULL,
-			   renderer.getData(), renderer.getLength(),
-			   i == 99 ? TSIGError::FORMERR() :
-			   TSIGError(Rcode::NOERROR()),
-			   TSIGContext::VERIFIED_RESPONSE);
-
-	EXPECT_FALSE(tsig_verify_ctx->lastHadSignature());
+    {
+        SCOPED_TRACE("Query");
+        ConstTSIGRecordPtr tsig = createMessageAndSign(1234, test_name,
+                                                       tsig_verify_ctx.get());
+        commonVerifyChecks(*tsig_ctx, tsig.get(),
+                           renderer.getData(), renderer.getLength(),
+                           TSIGError(Rcode::NOERROR()),
+                           TSIGContext::RECEIVED_REQUEST);
+    }
+
+    {
+        SCOPED_TRACE("First message");
+        ConstTSIGRecordPtr tsig = createMessageAndSign(1234, test_name,
+                                                       tsig_ctx.get());
+        commonVerifyChecks(*tsig_verify_ctx, tsig.get(),
+                           renderer.getData(), renderer.getLength(),
+                           TSIGError(Rcode::NOERROR()),
+                           TSIGContext::VERIFIED_RESPONSE);
+        EXPECT_TRUE(tsig_verify_ctx->lastHadSignature());
+    }
+
+    {
+        SCOPED_TRACE("Second message");
+        ConstTSIGRecordPtr tsig = createMessageAndSign(1234, test_name,
+                                                       tsig_ctx.get());
+        commonVerifyChecks(*tsig_verify_ctx, tsig.get(),
+                           renderer.getData(), renderer.getLength(),
+                           TSIGError(Rcode::NOERROR()),
+                           TSIGContext::VERIFIED_RESPONSE);
+        EXPECT_TRUE(tsig_verify_ctx->lastHadSignature());
+    }
+
+    {
+        SCOPED_TRACE("Third message. Unsigned.");
+        // Another message does not carry the TSIG on it. But it should
+        // be OK, it's in the middle of stream.
+        message.clear(Message::RENDER);
+        message.setQid(1234);
+        message.setOpcode(Opcode::QUERY());
+        message.setRcode(Rcode::NOERROR());
+        RRsetPtr answer_rrset(new RRset(test_name, test_class, RRType::A(),
+                                        test_ttl));
+        answer_rrset->addRdata(createRdata(RRType::A(), test_class,
+                                           "192.0.2.1"));
+        message.addRRset(Message::SECTION_ANSWER, answer_rrset);
+        message.toWire(renderer);
+        // Update the internal state. We abuse the knowledge of
+        // internals here a little bit to generate correct test data
+        tsig_ctx->update(renderer.getData(), renderer.getLength());
+
+        commonVerifyChecks(*tsig_verify_ctx, NULL,
+                           renderer.getData(), renderer.getLength(),
+                           TSIGError(Rcode::NOERROR()),
+                           TSIGContext::VERIFIED_RESPONSE);
+
+        EXPECT_FALSE(tsig_verify_ctx->lastHadSignature());
+    }
+
+    {
+        SCOPED_TRACE("Fourth message. Signed again.");
+        ConstTSIGRecordPtr tsig = createMessageAndSign(1234, test_name,
+                                                       tsig_ctx.get());
+        commonVerifyChecks(*tsig_verify_ctx, tsig.get(),
+                           renderer.getData(), renderer.getLength(),
+                           TSIGError(Rcode::NOERROR()),
+                           TSIGContext::VERIFIED_RESPONSE);
+        EXPECT_TRUE(tsig_verify_ctx->lastHadSignature());
+    }
+
+    {
+        SCOPED_TRACE("Filling in bunch of unsigned messages");
+        for (size_t i = 0; i < 100; ++i) {
+            SCOPED_TRACE(i);
+            // Another message does not carry the TSIG on it. But it should
+            // be OK, it's in the middle of stream.
+            message.clear(Message::RENDER);
+            message.setQid(1234);
+            message.setOpcode(Opcode::QUERY());
+            message.setRcode(Rcode::NOERROR());
+            RRsetPtr answer_rrset(new RRset(test_name, test_class, RRType::A(),
+                                            test_ttl));
+            answer_rrset->addRdata(createRdata(RRType::A(), test_class,
+                                               "192.0.2.1"));
+            message.addRRset(Message::SECTION_ANSWER, answer_rrset);
+            message.toWire(renderer);
+            // Update the internal state. We abuse the knowledge of
+            // internals here a little bit to generate correct test data
+            tsig_ctx->update(renderer.getData(), renderer.getLength());
+
+            // 99 unsigned messages is OK. But the 100th must be signed, according
+            // to the RFC2845, section 4.4
+            commonVerifyChecks(*tsig_verify_ctx, NULL,
+                               renderer.getData(), renderer.getLength(),
+                               i == 99 ? TSIGError::FORMERR() :
+                                   TSIGError(Rcode::NOERROR()),
+                               TSIGContext::VERIFIED_RESPONSE);
+
+            EXPECT_FALSE(tsig_verify_ctx->lastHadSignature());
+        }
     }
 }