[master] clean up gcc -Wshadow warnings

4039. [cleanup] Cleaned up warnings from gcc -Wshadow. [RT #37381]

[master] clean up gcc -Wshadow warnings
4039. [cleanup] Cleaned up warnings from gcc -Wshadow. [RT #37381]
11463c0a · Evan Hunt · cc0a48a3 · 11463c0a · 11463c0a · 11463c0a
Commit 11463c0a authored Jan 20, 2015 by Evan Hunt
53 changed files
--- a/CHANGES
+++ b/CHANGES
+4039.	[cleanup]	Cleaned up warnings from gcc -Wshadow. [RT #37381]
+
 4038.	[bug]		Add 'rpz' flag to node and use it to determine whether
 			to call dns_rpz_delete.  This should prevent unbalanced
 			add / delete calls. [RT #36888]

--- a/bin/delv/delv.c
+++ b/bin/delv/delv.c
@@ -447,8 +447,6 @@ printdata(dns_rdataset_t *rdataset, dns_name_t *owner,
 			     result == ISC_R_SUCCESS;
 			     result = dns_rdataset_next(rdataset))
 			{
-				isc_region_t r;
-
 				if ((rdataset->attributes &
 				     DNS_RDATASETATTR_NEGATIVE) != 0)
 					continue;
@@ -462,14 +460,12 @@ printdata(dns_rdataset_t *rdataset, dns_name_t *owner,
 				if (result != ISC_R_SUCCESS)
 					break;

-				isc_buffer_availableregion(&target, &r);
-				if (r.length < 1) {
+				if (isc_buffer_availablelength(&target) < 1) {
 					result = ISC_R_NOSPACE;
 					break;
 				}

-				r.base[0] = '\n';
-				isc_buffer_add(&target, 1);
+				isc_buffer_putstr(&target, "\n");

 				dns_rdata_reset(&rdata);
 			}

--- a/bin/dig/dighost.c
+++ b/bin/dig/dighost.c
@@ -1180,10 +1180,9 @@ parse_hmac(const char *hmac) {
 */
 static isc_result_t
 read_confkey(void) {
-	isc_log_t *lctx = NULL;
 	cfg_parser_t *pctx = NULL;
 	cfg_obj_t *file = NULL;
-	const cfg_obj_t *key = NULL;
+	const cfg_obj_t *keyobj = NULL;
 	const cfg_obj_t *secretobj = NULL;
 	const cfg_obj_t *algorithmobj = NULL;
 	const char *keyname;
@@ -1194,7 +1193,7 @@ read_confkey(void) {
 	if (! isc_file_exists(keyfile))
 		return (ISC_R_FILENOTFOUND);

-	result = cfg_parser_create(mctx, lctx, &pctx);
+	result = cfg_parser_create(mctx, NULL, &pctx);
 	if (result != ISC_R_SUCCESS)
 		goto cleanup;

@@ -1203,16 +1202,16 @@ read_confkey(void) {
 	if (result != ISC_R_SUCCESS)
 		goto cleanup;

-	result = cfg_map_get(file, "key", &key);
+	result = cfg_map_get(file, "key", &keyobj);
 	if (result != ISC_R_SUCCESS)
 		goto cleanup;

-	(void) cfg_map_get(key, "secret", &secretobj);
-	(void) cfg_map_get(key, "algorithm", &algorithmobj);
+	(void) cfg_map_get(keyobj, "secret", &secretobj);
+	(void) cfg_map_get(keyobj, "algorithm", &algorithmobj);
 	if (secretobj == NULL || algorithmobj == NULL)
 		fatal("key must have algorithm and secret");

-	keyname = cfg_obj_asstring(cfg_map_getname(key));
+	keyname = cfg_obj_asstring(cfg_map_getname(keyobj));
 	secretstr = cfg_obj_asstring(secretobj);
 	algorithm = cfg_obj_asstring(algorithmobj);

@@ -1570,14 +1569,14 @@ save_opt(dig_lookup_t *lookup, char *code, char *value) {
 */
 static void
 add_opt(dns_message_t *msg, isc_uint16_t udpsize, isc_uint16_t edns,
-	unsigned int flags, dns_ednsopt_t *ednsopts, size_t count)
+	unsigned int flags, dns_ednsopt_t *opts, size_t count)
 {
 	dns_rdataset_t *rdataset = NULL;
 	isc_result_t result;

 	debug("add_opt()");
 	result = dns_message_buildopt(msg, &rdataset, edns, udpsize, flags,
-				      ednsopts, count);
+				      opts, count);
 	check_result(result, "dns_message_buildopt");
 	result = dns_message_setopt(msg, rdataset);
 	check_result(result, "dns_message_setopt");
@@ -2172,10 +2171,10 @@ insert_soa(dig_lookup_t *lookup) {

 #ifdef ISC_PLATFORM_USESIT
 static void
-compute_cookie(unsigned char *cookie, size_t len) {
+compute_cookie(unsigned char *clientcookie, size_t len) {
 	/* XXXMPA need to fix, should be per server. */
 	INSIST(len >= 8U);
-	memmove(cookie, cookie_secret, 8);
+	memmove(clientcookie, cookie_secret, 8);
 }
 #endif

@@ -2372,7 +2371,6 @@ setup_lookup(dig_lookup_t *lookup) {
 		if (result != ISC_R_SUCCESS) {
 			dns_message_puttempname(lookup->sendmsg,
 						&lookup->name);
-			isc_buffer_init(&b, store, MXNAME);
 			fatal("'%s' is not a legal name "
 			      "(%s)", lookup->textname,
 			      isc_result_totext(result));
@@ -2497,7 +2495,6 @@ setup_lookup(dig_lookup_t *lookup) {
 			struct sockaddr_in *sin;
 			struct sockaddr_in6 *sin6;
 			size_t addrl;
-			isc_buffer_t b;

 			sa = &lookup->ecs_addr->type.sa;
 			prefixlen = lookup->ecs_addr->length;
@@ -2537,8 +2534,6 @@ setup_lookup(dig_lookup_t *lookup) {
 			INSIST(i < DNS_EDNSOPTIONS);
 			opts[i].code = DNS_OPT_SIT;
 			if (lookup->sitvalue != NULL) {
-				isc_buffer_t b;
-
 				isc_buffer_init(&b, sitbuf, sizeof(sitbuf));
 				result = isc_hex_decodestring(lookup->sitvalue,
 							      &b);
@@ -3888,7 +3883,7 @@ recv_done(isc_task_t *task, isc_event_t *event) {
 #endif
 				printmessage(query, msg, ISC_TRUE);
 		} else if (l->trace) {
-			int n = 0;
+			int nl = 0;
 			int count = msg->counts[DNS_SECTION_ANSWER];

 			debug("in TRACE code");
@@ -3899,13 +3894,13 @@ recv_done(isc_task_t *task, isc_event_t *event) {
 			if (l->trace_root || (l->ns_search_only && count > 0)) {
 				if (!l->trace_root)
 					l->rdtype = dns_rdatatype_soa;
-				n = followup_lookup(msg, query,
-						    DNS_SECTION_ANSWER);
+				nl = followup_lookup(msg, query,
+						     DNS_SECTION_ANSWER);
 				l->trace_root = ISC_FALSE;
 			} else if (count == 0)
-				n = followup_lookup(msg, query,
-						    DNS_SECTION_AUTHORITY);
-			if (n == 0)
+				nl = followup_lookup(msg, query,
+						     DNS_SECTION_AUTHORITY);
+			if (nl == 0)
 				docancel = ISC_TRUE;
 		} else {
 			debug("in NSSEARCH code");
@@ -3914,12 +3909,12 @@ recv_done(isc_task_t *task, isc_event_t *event) {
 				/*
 				 * This is the initial NS query.
 				 */
-				int n;
+				int nl;

 				l->rdtype = dns_rdatatype_soa;
-				n = followup_lookup(msg, query,
-						    DNS_SECTION_ANSWER);
-				if (n == 0)
+				nl = followup_lookup(msg, query,
+						     DNS_SECTION_ANSWER);
+				if (nl == 0)
 					docancel = ISC_TRUE;
 				l->trace_root = ISC_FALSE;
 				usesearch = ISC_FALSE;
@@ -4049,12 +4044,12 @@ recv_done(isc_task_t *task, isc_event_t *event) {
 * routines, since they may be using a non-DNS system for these lookups.
 */
 isc_result_t
-get_address(char *host, in_port_t port, isc_sockaddr_t *sockaddr) {
+get_address(char *host, in_port_t myport, isc_sockaddr_t *sockaddr) {
 	int count;
 	isc_result_t result;

 	isc_app_block();
-	result = bind9_getaddresses(host, port, sockaddr, 1, &count);
+	result = bind9_getaddresses(host, myport, sockaddr, 1, &count);
 	isc_app_unblock();
 	if (result != ISC_R_SUCCESS)
 		return (result);

--- a/bin/dig/host.c
+++ b/bin/dig/host.c
@@ -255,7 +255,7 @@ printsection(dns_message_t *msg, dns_section_t sectionid,
 	isc_result_t result, loopresult;
 	isc_region_t r;
 	dns_name_t empty_name;
-	char t[4096];
+	char tbuf[4096];
 	isc_boolean_t first;
 	isc_boolean_t no_rdata;

@@ -279,7 +279,7 @@ printsection(dns_message_t *msg, dns_section_t sectionid,
 		name = NULL;
 		dns_message_currentname(msg, sectionid, &name);

-		isc_buffer_init(&target, t, sizeof(t));
+		isc_buffer_init(&target, tbuf, sizeof(tbuf));
 		first = ISC_TRUE;
 		print_name = name;

@@ -370,13 +370,13 @@ printrdata(dns_message_t *msg, dns_rdataset_t *rdataset, dns_name_t *owner,
 	isc_buffer_t target;
 	isc_result_t result;
 	isc_region_t r;
-	char t[4096];
+	char tbuf[4096];

 	UNUSED(msg);
 	if (headers)
 		printf(";; %s SECTION:\n", set_name);

-	isc_buffer_init(&target, t, sizeof(t));
+	isc_buffer_init(&target, tbuf, sizeof(tbuf));

 	result = dns_rdataset_totext(rdataset, owner, ISC_FALSE, ISC_FALSE,
 				     &target);

--- a/bin/dig/include/dig/dig.h
+++ b/bin/dig/include/dig/dig.h
@@ -15,8 +15,6 @@
 * PERFORMANCE OF THIS SOFTWARE.
 */

-/* $Id: dig.h,v 1.114 2011/12/07 17:23:28 each Exp $ */
-
 #ifndef DIG_H
 #define DIG_H

@@ -274,7 +272,6 @@ extern isc_boolean_t check_ra, have_ipv4, have_ipv6, specified_source,
 extern in_port_t port;
 extern unsigned int timeout;
 extern isc_mem_t *mctx;
-extern dns_messageid_t id;
 extern int sendcount;
 extern int ndots;
 extern int lookup_counter;

--- a/bin/dig/nslookup.c
+++ b/bin/dig/nslookup.c
@@ -425,13 +425,12 @@ printmessage(dig_query_t *query, dns_message_t *msg, isc_boolean_t headers) {
 	puts("");

 	if (!short_form) {
-		isc_boolean_t headers = ISC_TRUE;
 		puts("------------");
 		/*		detailheader(query, msg);*/
-		detailsection(query, msg, headers, DNS_SECTION_QUESTION);
-		detailsection(query, msg, headers, DNS_SECTION_ANSWER);
-		detailsection(query, msg, headers, DNS_SECTION_AUTHORITY);
-		detailsection(query, msg, headers, DNS_SECTION_ADDITIONAL);
+		detailsection(query, msg, ISC_TRUE, DNS_SECTION_QUESTION);
+		detailsection(query, msg, ISC_TRUE, DNS_SECTION_ANSWER);
+		detailsection(query, msg, ISC_TRUE, DNS_SECTION_AUTHORITY);
+		detailsection(query, msg, ISC_TRUE, DNS_SECTION_ADDITIONAL);
 		puts("------------");
 	}


--- a/bin/dnssec/dnssec-dsfromkey.c
+++ b/bin/dnssec/dnssec-dsfromkey.c
@@ -496,7 +496,7 @@ main(int argc, char **argv) {
 		      isc_result_totext(result));
 	isc_entropy_stopcallbacksources(ectx);

-	setup_logging(verbose, mctx, &log);
+	setup_logging(mctx, &log);

 	dns_rdataset_init(&rdataset);


--- a/bin/dnssec/dnssec-importkey.c
+++ b/bin/dnssec/dnssec-importkey.c
@@ -387,7 +387,7 @@ main(int argc, char **argv) {
 		      isc_result_totext(result));
 	isc_entropy_stopcallbacksources(ectx);

-	setup_logging(verbose, mctx, &log);
+	setup_logging(mctx, &log);

 	dns_rdataset_init(&rdataset);


--- a/bin/dnssec/dnssec-keyfromlabel.c
+++ b/bin/dnssec/dnssec-keyfromlabel.c
@@ -331,7 +331,7 @@ main(int argc, char **argv) {
 		fatal("could not initialize dst: %s",
 		      isc_result_totext(ret));

-	setup_logging(verbose, mctx, &log);
+	setup_logging(mctx, &log);

 	if (predecessor == NULL) {
 		if (label == NULL)

--- a/bin/dnssec/dnssec-keygen.c
+++ b/bin/dnssec/dnssec-keygen.c
@@ -487,7 +487,7 @@ main(int argc, char **argv) {
 		fatal("could not initialize dst: %s",
 		      isc_result_totext(ret));

-	setup_logging(verbose, mctx, &log);
+	setup_logging(mctx, &log);

 	if (predecessor == NULL) {
 		if (prepub == -1)

--- a/bin/dnssec/dnssec-settime.c
+++ b/bin/dnssec/dnssec-settime.c
@@ -169,7 +169,7 @@ main(int argc, char **argv) {
 	if (result != ISC_R_SUCCESS)
 		fatal("Out of memory");

-	setup_logging(verbose, mctx, &log);
+	setup_logging(mctx, &log);

 #ifdef PKCS11CRYPTO
 	pk11_result_register();
@@ -343,7 +343,6 @@ main(int argc, char **argv) {
 	isc_entropy_stopcallbacksources(ectx);

 	if (predecessor != NULL) {
-		char keystr[DST_KEY_FORMATSIZE];
 		int major, minor;

 		if (prepub == -1)

--- a/bin/dnssec/dnssec-signzone.c
+++ b/bin/dnssec/dnssec-signzone.c
@@ -138,7 +138,7 @@ static isc_mem_t *mctx = NULL;
 static isc_entropy_t *ectx = NULL;
 static dns_ttl_t zone_soa_min_ttl;
 static dns_ttl_t soa_ttl;
-static FILE *fp = NULL;
+static FILE *outfp = NULL;
 static char *tempfile = NULL;
 static const dns_master_style_t *masterstyle;
 static dns_masterformat_t inputformat = dns_masterformat_text;
@@ -158,7 +158,7 @@ static dns_name_t *gorigin;		/* The database origin */
 static int nsec3flags = 0;
 static dns_iterations_t nsec3iter = 10U;
 static unsigned char saltbuf[255];
-static unsigned char *salt = saltbuf;
+static unsigned char *gsalt = saltbuf;
 static size_t salt_length = 0;
 static isc_task_t *master = NULL;
 static unsigned int ntasks = 0;
@@ -210,7 +210,7 @@ dumpnode(dns_name_t *name, dns_dbnode_t *node) {

 	if (!output_dnssec_only) {
 		result = dns_master_dumpnodetostream(mctx, gdb, gversion, node,
-						     name, masterstyle, fp);
+						     name, masterstyle, outfp);
 		check_result(result, "dns_master_dumpnodetostream");
 		return;
 	}
@@ -252,7 +252,7 @@ dumpnode(dns_name_t *name, dns_dbnode_t *node) {
 		check_result(result, "dns_master_rdatasettotext");

 		isc_buffer_usedregion(buffer, &r);
-		result = isc_stdio_write(r.base, 1, r.length, fp, NULL);
+		result = isc_stdio_write(r.base, 1, r.length, outfp, NULL);
 		check_result(result, "isc_stdio_write");
 		isc_buffer_clear(buffer);

@@ -293,8 +293,6 @@ signwithkey(dns_name_t *name, dns_rdataset_t *rdataset, dst_key_t *key,
 				 mctx, &b, &trdata);
 	isc_entropy_stopcallbacksources(ectx);
 	if (result != ISC_R_SUCCESS) {
-		char keystr[DST_KEY_FORMATSIZE];
-		dst_key_format(key, keystr, sizeof(keystr));
 		fatal("dnskey '%s' failed to sign data: %s",
 		      keystr, isc_result_totext(result));
 	}
@@ -744,7 +742,7 @@ hashlist_add(hashlist_t *l, const unsigned char *hash, size_t len)
 static void
 hashlist_add_dns_name(hashlist_t *l, /*const*/ dns_name_t *name,
 		      unsigned int hashalg, unsigned int iterations,
-		      const unsigned char *salt, size_t salt_length,
+		      const unsigned char *salt, size_t salt_len,
 		      isc_boolean_t speculative)
 {
 	char nametext[DNS_NAME_FORMATSIZE];
@@ -753,7 +751,7 @@ hashlist_add_dns_name(hashlist_t *l, /*const*/ dns_name_t *name,
 	size_t i;

 	len = isc_iterated_hash(hash, hashalg, iterations,
-				salt, (int)salt_length,
+				salt, (int)salt_len,
 				name->ndata, name->length);
 	if (verbose) {
 		dns_name_format(name, nametext, sizeof nametext);
@@ -835,7 +833,7 @@ hashlist_exists(const hashlist_t *l,
 static void
 addnowildcardhash(hashlist_t *l, /*const*/ dns_name_t *name,
 		  unsigned int hashalg, unsigned int iterations,
-		  const unsigned char *salt, size_t salt_length)
+		  const unsigned char *salt, size_t salt_len)
 {
 	dns_fixedname_t fixed;
 	dns_name_t *wild;
@@ -862,7 +860,7 @@ addnowildcardhash(hashlist_t *l, /*const*/ dns_name_t *name,
 		fprintf(stderr, "adding no-wildcardhash for %s\n", namestr);
 	}

-	hashlist_add_dns_name(l, wild, hashalg, iterations, salt, salt_length,
+	hashlist_add_dns_name(l, wild, hashalg, iterations, salt, salt_len,
 			      ISC_TRUE);
 }

@@ -1840,7 +1838,7 @@ nsecify(void) {
 }

 static void
-addnsec3param(const unsigned char *salt, size_t salt_length,
+addnsec3param(const unsigned char *salt, size_t salt_len,
 	      dns_iterations_t iterations)
 {
 	dns_dbnode_t *node = NULL;
@@ -1861,7 +1859,7 @@ addnsec3param(const unsigned char *salt, size_t salt_length,
 	nsec3param.flags = 0;
 	nsec3param.hash = unknownalg ? DNS_NSEC3_UNKNOWNALG : dns_hash_sha1;
 	nsec3param.iterations = iterations;
-	nsec3param.salt_length = (unsigned char)salt_length;
+	nsec3param.salt_length = (unsigned char)salt_len;
 	DE_CONST(salt, nsec3param.salt);

 	isc_buffer_init(&b, nsec3parambuf, sizeof(nsec3parambuf));
@@ -1900,7 +1898,7 @@ addnsec3param(const unsigned char *salt, size_t salt_length,

 static void
 addnsec3(dns_name_t *name, dns_dbnode_t *node,
-	 const unsigned char *salt, size_t salt_length,
+	 const unsigned char *salt, size_t salt_len,
 	 unsigned int iterations, hashlist_t *hashlist,
 	 dns_ttl_t ttl)
 {
@@ -1914,7 +1912,7 @@ addnsec3(dns_name_t *name, dns_dbnode_t *node,
 	isc_result_t result;
 	dns_dbnode_t *nsec3node = NULL;
 	char namebuf[DNS_NAME_FORMATSIZE];
-	size_t hash_length;
+	size_t hash_len;

 	dns_name_format(name, namebuf, sizeof(namebuf));

@@ -1922,16 +1920,16 @@ addnsec3(dns_name_t *name, dns_dbnode_t *node,
 	dns_rdataset_init(&rdataset);

 	dns_name_downcase(name, name, NULL);
-	result = dns_nsec3_hashname(&hashname, hash, &hash_length,
+	result = dns_nsec3_hashname(&hashname, hash, &hash_len,
 				    name, gorigin, dns_hash_sha1, iterations,
-				    salt, salt_length);
+				    salt, salt_len);
 	check_result(result, "addnsec3: dns_nsec3_hashname()");
 	nexthash = hashlist_findnext(hashlist, hash);
 	result = dns_nsec3_buildrdata(gdb, gversion, node,
 				      unknownalg ?
 					  DNS_NSEC3_UNKNOWNALG : dns_hash_sha1,
 				      nsec3flags, iterations,
-				      salt, salt_length,
+				      salt, salt_len,
 				      nexthash, ISC_SHA1_DIGESTLENGTH,
 				      nsec3buffer, &rdata);
 	check_result(result, "addnsec3: dns_nsec3_buildrdata()");
@@ -1967,7 +1965,7 @@ addnsec3(dns_name_t *name, dns_dbnode_t *node,
 static void
 nsec3clean(dns_name_t *name, dns_dbnode_t *node,
 	   unsigned int hashalg, unsigned int iterations,
-	   const unsigned char *salt, size_t salt_length, hashlist_t *hashlist)
+	   const unsigned char *salt, size_t salt_len, hashlist_t *hashlist)
 {
 	dns_label_t label;
 	dns_rdata_nsec3_t nsec3;
@@ -2027,8 +2025,8 @@ nsec3clean(dns_name_t *name, dns_dbnode_t *node,
 		check_result(result, "dns_rdata_tostruct");
 		if (exists && nsec3.hash == hashalg &&
 		    nsec3.iterations == iterations &&
-		    nsec3.salt_length == salt_length &&
-		    !memcmp(nsec3.salt, salt, salt_length))
+		    nsec3.salt_length == salt_len &&
+		    !memcmp(nsec3.salt, salt, salt_len))
 			continue;
 		rdatalist.rdclass = rdata.rdclass;
 		rdatalist.type = rdata.type;
@@ -2188,7 +2186,7 @@ cleanup_zone(void) {
 */
 static void
 nsec3ify(unsigned int hashalg, dns_iterations_t iterations,
-	 const unsigned char *salt, size_t salt_length, hashlist_t *hashlist)
+	 const unsigned char *salt, size_t salt_len, hashlist_t *hashlist)
 {
 	dns_dbiterator_t *dbiter = NULL;
 	dns_dbnode_t *node = NULL, *nextnode = NULL;
@@ -2284,7 +2282,7 @@ nsec3ify(unsigned int hashalg, dns_iterations_t iterations,
 			      isc_result_totext(result));
 		dns_name_downcase(name, name, NULL);
 		hashlist_add_dns_name(hashlist, name, hashalg, iterations,
-				      salt, salt_length, ISC_FALSE);
+				      salt, salt_len, ISC_FALSE);
 		dns_db_detachnode(gdb, &node);
 		/*
 		 * Add hashs for empty nodes.  Use closest encloser logic.
@@ -2295,16 +2293,16 @@ nsec3ify(unsigned int hashalg, dns_iterations_t iterations,
 		dns_name_downcase(nextname, nextname, NULL);
 		dns_name_fullcompare(name, nextname, &order, &nlabels);
 		addnowildcardhash(hashlist, name, hashalg, iterations,
-				  salt, salt_length);
+				  salt, salt_len);
 		count = dns_name_countlabels(nextname);
 		while (count > nlabels + 1) {
 			count--;
 			dns_name_split(nextname, count, NULL, nextname);
 			hashlist_add_dns_name(hashlist, nextname, hashalg,
-					      iterations, salt, salt_length,
+					      iterations, salt, salt_len,
 					      ISC_FALSE);
 			addnowildcardhash(hashlist, nextname, hashalg,
-					  iterations, salt, salt_length);
+					  iterations, salt, salt_len);
 		}
 	}
 	dns_dbiterator_destroy(&dbiter);
@@ -2327,7 +2325,7 @@ nsec3ify(unsigned int hashalg, dns_iterations_t iterations,
 	zonecut = NULL;
 	done = ISC_FALSE;

-	addnsec3param(salt, salt_length, iterations);
+	addnsec3param(salt, salt_len, iterations);

 	/*
 	 * Clean out NSEC3 records which don't match this chain.
@@ -2340,7 +2338,7 @@ nsec3ify(unsigned int hashalg, dns_iterations_t iterations,
 	     result = dns_dbiterator_next(dbiter)) {
 		result = dns_dbiterator_current(dbiter, &node, name);
 		check_dns_dbiterator_current(result);
-		nsec3clean(name, node, hashalg, iterations, salt, salt_length,
+		nsec3clean(name, node, hashalg, iterations, salt, salt_len,
 			   hashlist);
 		dns_db_detachnode(gdb, &node);
 	}
@@ -2414,7 +2412,7 @@ nsec3ify(unsigned int hashalg, dns_iterations_t iterations,
 		 * We need to pause here to release the lock on the database.
 		 */
 		dns_dbiterator_pause(dbiter);
-		addnsec3(name, node, salt, salt_length, iterations,
+		addnsec3(name, node, salt, salt_len, iterations,
 			 hashlist, zone_soa_min_ttl);
 		dns_db_detachnode(gdb, &node);
 		/*
@@ -2425,7 +2423,7 @@ nsec3ify(unsigned int hashalg, dns_iterations_t iterations,
 		while (count > nlabels + 1) {
 			count--;
 			dns_name_split(nextname, count, NULL, nextname);
-			addnsec3(nextname, NULL, salt, salt_length,
+			addnsec3(nextname, NULL, salt, salt_len,
 				 iterations, hashlist, zone_soa_min_ttl);
 		}
 	}
@@ -2687,7 +2685,7 @@ warnifallksk(dns_db_t *db) {
 }

 static void
-set_nsec3params(isc_boolean_t update_chain, isc_boolean_t set_salt,
+set_nsec3params(isc_boolean_t update, isc_boolean_t set_salt,
 		isc_boolean_t set_optout, isc_boolean_t set_iter)
 {
 	isc_result_t result;
@@ -2715,7 +2713,7 @@ set_nsec3params(isc_boolean_t update_chain, isc_boolean_t set_salt,

 	nsec_datatype = dns_rdatatype_nsec3;

-	if (!update_chain && set_salt) {
+	if (!update && set_salt) {
 		if (salt_length != orig_saltlen ||
 		    memcmp(saltbuf, orig_salt, salt_length) != 0)
 			fatal("An NSEC3 chain exists with a different salt. "
@@ -2723,10 +2721,10 @@ set_nsec3params(isc_boolean_t update_chain, isc_boolean_t set_salt,
 	} else if (!set_salt) {
 		salt_length = orig_saltlen;
 		memmove(saltbuf, orig_salt, orig_saltlen);
-		salt = saltbuf;
+		gsalt = saltbuf;
 	}

-	if (!update_chain && set_iter) {
+	if (!update && set_iter) {
 		if (nsec3iter != orig_iter)
 			fatal("An NSEC3 chain exists with different "
 			      "iterations. Use -u to update it.");
@@ -2760,7 +2758,7 @@ set_nsec3params(isc_boolean_t update_chain, isc_boolean_t set_salt,
 	result = dns_rdata_tostruct(&rdata, &nsec3, NULL);
 	check_result(result, "dns_rdata_tostruct");

-	if (!update_chain && set_optout) {
+	if (!update && set_optout) {
 		if (nsec3flags != nsec3.flags)
 			fatal("An NSEC3 chain exists with%s OPTOUT. "
 			      "Use -u -%s to %s it.",
@@ -3470,7 +3468,7 @@ main(int argc, char *argv[]) {
 	if (directory == NULL)
 		directory = ".";

-	setup_logging(verbose, mctx, &log);
+	setup_logging(mctx, &log);

 	argc -= isc_commandline_index;
 	argv += isc_commandline_index;
@@ -3691,7 +3689,7 @@ main(int argc, char *argv[]) {

 	if (!nonsecify) {
 		if (IS_NSEC3)
-			nsec3ify(dns_hash_sha1, nsec3iter, salt, salt_length,
+			nsec3ify(dns_hash_sha1, nsec3iter, gsalt, salt_length,
 				 &hashlist);
 		else
 			nsecify();
@@ -3707,7 +3705,7 @@ main(int argc, char *argv[]) {
 	}

 	if (output_stdout) {
-		fp = stdout;
+		outfp = stdout;
 		if (outputformatstr == NULL)
 			masterstyle = &dns_master_style_full;
 	} else {
@@ -3720,9 +3718,9 @@ main(int argc, char *argv[]) {
 		check_result(result, "isc_file_mktemplate");

 		if (outputformat == dns_masterformat_text)
-			result = isc_file_openunique(tempfile, &fp);
+			result = isc_file_openunique(tempfile, &outfp);
 		else
-			result = isc_file_bopenunique(tempfile, &fp);
+			result = isc_file_bopenunique(tempfile, &outfp);
 		if (result != ISC_R_SUCCESS)