lint fixes

superstes · Oct 9, 2023 · 043ac59 · 043ac59
1 parent 2092a4b
commit 043ac59
Show file tree

Hide file tree

Showing 15 changed files with 140 additions and 124 deletions.
diff --git a/.github/workflows/lint.yml b/.github/workflows/lint.yml
@@ -51,5 +51,5 @@ jobs:
       - name: golangci-lint
         uses: golangci/golangci-lint-action@v3
         with:
-          args: '--config=../.golangci.yml'
+          args: '--config=../.golangci.yml --out-format=colored-line-number'
           working-directory: 'lib'
diff --git a/.golangci.yml b/.golangci.yml
@@ -9,5 +9,5 @@ run:
 
 issues:
   exclude:
-    - 'structtag'  # yaml-config defaults
+    - 'S1000'
   exclude-rules: []
diff --git a/lib/cnf/cnf_file/rules_parse.go b/lib/cnf/cnf_file/rules_parse.go
@@ -197,7 +197,7 @@ func ParseRules(rawRules []cnf.RuleRaw) (rules []cnf.Rule) {
 			rule.Match.Domains = []string{}
 		}
 		for _, value := range ruleRaw.Match.Domains {
-			vf, vn, v = usedVar(value)
+			vf, _, v = usedVar(value)
 			if vf {
 				for i3 := range v.Value {
 					rule.Match.Domains = append(rule.Match.Domains, matchDomain(v.Value[i3]))

diff --git a/lib/cnf/cnf_file/validate.go b/lib/cnf/cnf_file/validate.go
@@ -20,10 +20,7 @@ func validateConfig(newCnf cnf.Config, fail bool) bool {
 			return false
 		}
 	}
-	if !validateCerts(newCnf.Service.Certs, fail) {
-		return false
-	}
-	return true
+	return validateCerts(newCnf.Service.Certs, fail)
 }
 
 func validateListener(lncnf cnf.ServiceListener, fail bool) bool {

diff --git a/lib/cnf/unmarshal.go b/lib/cnf/unmarshal.go
@@ -26,7 +26,9 @@ func (a *YamlStringArray) UnmarshalYAML(value *yaml.Node) error {
 
 // apply defaults from tags on unmarshal
 func (s *Config) UnmarshalYAML(unmarshal func(interface{}) error) error {
-	defaults.Set(s)
+	if err := defaults.Set(s); err != nil {
+		return err
+	}
 
 	type plain Config
 	if err := unmarshal((*plain)(s)); err != nil {
@@ -37,7 +39,9 @@ func (s *Config) UnmarshalYAML(unmarshal func(interface{}) error) error {
 }
 
 func (s *ServiceConfig) UnmarshalYAML(unmarshal func(interface{}) error) error {
-	defaults.Set(s)
+	if err := defaults.Set(s); err != nil {
+		return err
+	}
 
 	type plain ServiceConfig
 	if err := unmarshal((*plain)(s)); err != nil {
@@ -48,7 +52,9 @@ func (s *ServiceConfig) UnmarshalYAML(unmarshal func(interface{}) error) error {
 }
 
 func (s *ServiceListener) UnmarshalYAML(unmarshal func(interface{}) error) error {
-	defaults.Set(s)
+	if err := defaults.Set(s); err != nil {
+		return err
+	}
 
 	type plain ServiceListener
 	if err := unmarshal((*plain)(s)); err != nil {
@@ -59,7 +65,9 @@ func (s *ServiceListener) UnmarshalYAML(unmarshal func(interface{}) error) error
 }
 
 func (s *ServiceTimeout) UnmarshalYAML(unmarshal func(interface{}) error) error {
-	defaults.Set(s)
+	if err := defaults.Set(s); err != nil {
+		return err
+	}
 
 	type plain ServiceTimeout
 	if err := unmarshal((*plain)(s)); err != nil {
@@ -70,7 +78,9 @@ func (s *ServiceTimeout) UnmarshalYAML(unmarshal func(interface{}) error) error
 }
 
 func (s *ServiceOutput) UnmarshalYAML(unmarshal func(interface{}) error) error {
-	defaults.Set(s)
+	if err := defaults.Set(s); err != nil {
+		return err
+	}
 
 	type plain ServiceOutput
 	if err := unmarshal((*plain)(s)); err != nil {
@@ -81,7 +91,9 @@ func (s *ServiceOutput) UnmarshalYAML(unmarshal func(interface{}) error) error {
 }
 
 func (s *ServiceMetrics) UnmarshalYAML(unmarshal func(interface{}) error) error {
-	defaults.Set(s)
+	if err := defaults.Set(s); err != nil {
+		return err
+	}
 
 	type plain ServiceMetrics
 	if err := unmarshal((*plain)(s)); err != nil {

diff --git a/lib/main/metrics.go b/lib/main/metrics.go
@@ -34,14 +34,23 @@ func startPrometheusExporter() {
 		log.Info("service", "Starting prometheus metrics-exporter")
 
 		for _, mf := range metricFuncs {
-			prometheus.Register(mf)
+			err := prometheus.Register(mf)
+			if err != nil {
+				log.ErrorS("service", fmt.Sprintf("Error registering prometheus metric: %v", err))
+			}
 		}
 
 		metricsSrv := http.NewServeMux()
 		metricsSrv.Handle("/metrics", promhttp.Handler())
 		metricsSrv.HandleFunc("/", denyAll)
-		http.ListenAndServe(fmt.Sprintf("127.0.0.1:%v", cnf.C.Service.Metrics.Port), metricsSrv)
-		http.ListenAndServe(fmt.Sprintf("[::1]:%v", cnf.C.Service.Metrics.Port), metricsSrv)
+		err := http.ListenAndServe(fmt.Sprintf("127.0.0.1:%v", cnf.C.Service.Metrics.Port), metricsSrv)
+		if err != nil {
+			log.ErrorS("service", fmt.Sprintf("Error starting IPv4 prometheus exporter: %v", err))
+		}
+		err = http.ListenAndServe(fmt.Sprintf("[::1]:%v", cnf.C.Service.Metrics.Port), metricsSrv)
+		if err != nil {
+			log.Warn("service", fmt.Sprintf("Error starting IPv6 prometheus exporter: %v", err))
+		}
 
 		for _, mf := range metricFuncs {
 			prometheus.MustRegister(mf)

diff --git a/lib/main/service.go b/lib/main/service.go
@@ -61,7 +61,7 @@ func (svc *service) shutdown(cancel context.CancelFunc) {
 	os.Exit(0)
 }
 
-func (svc *service) serve(srv rcv.Server) (err error) {
+func (svc *service) serve(srv rcv.Server) {
 	for {
 		conn, err := srv.Listener.Accept()
 		if err != nil {
@@ -72,7 +72,7 @@ func (svc *service) serve(srv rcv.Server) (err error) {
 					continue
 				}
 			}
-			return err
+			return
 		}
 		log.Debug("service", fmt.Sprintf("Accept: %s://%s", srv.Listener.Addr().Network(), srv.Listener.Addr().String()))
 

diff --git a/lib/proc/filter/main.go b/lib/proc/filter/main.go
@@ -71,10 +71,7 @@ func ruleDebug(pkt parse.ParsedPacket, rule_id int, msg string) {
 }
 
 func applyAction(action meta.Action) bool {
-	if action == meta.ActionAccept {
-		return true
-	}
-	return false
+	return action == meta.ActionAccept
 }
 
 func alwaysDeny(pkt parse.ParsedPacket) meta.Match {

diff --git a/lib/proc/fwd/http.go b/lib/proc/fwd/http.go
@@ -65,15 +65,23 @@ func forwardPlain(
 	dest := resolveTargetHostname(pkt)
 	if dest == nil {
 		proxyResp := responseFailed()
-		proxyResp.Write(conn)
+		err := proxyResp.Write(conn)
+		if err != nil {
+			parse.LogConnError("forward", pkt, "Failed to write proxy response")
+			return
+		}
 		return
 	}
 	pkt.L3.DestIP = dest
 	parse.LogConnDebug("forward", pkt, "Updated destination IP")
 
 	if !filterConn(pkt, conn, connIo) {
 		proxyResp := responseReject()
-		proxyResp.Write(conn)
+		err := proxyResp.Write(conn)
+		if err != nil {
+			parse.LogConnError("forward", pkt, "Failed to write proxy response")
+			return
+		}
 		return
 	}
 	send.ForwardHttp(pkt, conn, connIo, req)
@@ -114,7 +122,11 @@ func forwardConnect(
 	dest := resolveTargetHostname(pkt)
 	if dest == nil {
 		proxyResp = responseFailed()
-		proxyResp.Write(conn)
+		err = proxyResp.Write(conn)
+		if err != nil {
+			parse.LogConnError("forward", pkt, "Failed to write proxy response")
+			return
+		}
 		return
 	}
 	pkt.L3.DestIP = dest
@@ -127,7 +139,11 @@ func forwardConnect(
 
 		} else {
 			proxyResp := responseReject()
-			proxyResp.Write(conn)
+			err = proxyResp.Write(conn)
+			if err != nil {
+				parse.LogConnError("forward", pkt, "Failed to write proxy response")
+				return
+			}
 			return
 		}
 	}

diff --git a/lib/proc/parse/main.go b/lib/proc/parse/main.go
@@ -16,7 +16,10 @@ import (
 )
 
 func Parse(srvCnf cnf.ServiceListener, l4Proto meta.Proto, conn net.Conn, connIo io.Reader) (pkt ParsedPacket, err error) {
-	conn.SetReadDeadline(time.Now().Add(u.Timeout(cnf.C.Service.Timeout.Process)))
+	err = conn.SetReadDeadline(time.Now().Add(u.Timeout(cnf.C.Service.Timeout.Process)))
+	if err != nil {
+		log.Warn("parse", fmt.Sprintf("Error setting process-timeout: %v", err))
+	}
 
 	// get packet L5-header
 	var hdr [cnf.BYTES_HDR_L5]byte
@@ -37,7 +40,11 @@ func Parse(srvCnf cnf.ServiceListener, l4Proto meta.Proto, conn net.Conn, connIo
 		pkt = parseTcp(srvCnf, conn, connIo, hdr)
 	}
 
-	conn.SetReadDeadline(time.Time{})
+	err = conn.SetReadDeadline(time.Time{})
+	if err != nil {
+		log.Warn("parse", fmt.Sprintf("Error un-setting process-timeout: %v", err))
+	}
+
 	l5ProtoStr := meta.RevProto(pkt.L5.Proto)
 	tlsVersionStr := meta.RevTlsVersion(pkt.L5.TlsVersion)
 	if cnf.Metrics() {

diff --git a/lib/proc/parse/udp.go b/lib/proc/parse/udp.go
@@ -1,17 +1,6 @@
 package parse
 
-import (
-	"bytes"
-	"encoding/binary"
-	"fmt"
-	"net"
-	"strconv"
-	"unsafe"
-
-	"github.com/superstes/calamary/u"
-	"golang.org/x/sys/unix"
-)
-
+/*
 func getUdpOriginalDstAddr(conn *net.UDPConn, b []byte) (n int, remoteAddr *net.UDPAddr, dstAddr *net.UDPAddr, err error) {
 	oob := u.GetBufferPool(1024)
 	defer u.PutBufferPool(oob)
@@ -64,3 +53,4 @@ func getUdpOriginalDstAddr(conn *net.UDPConn, b []byte) (n int, remoteAddr *net.
 	return n, remoteAddr, dstAddr, nil
 
 }
+*/
diff --git a/lib/rcv/transparent_tcp.go b/lib/rcv/transparent_tcp.go
@@ -20,6 +20,17 @@ type listenerTransparentTcp struct {
 
 func newServerTransparentTcp(addr string, lncnf cnf.ServiceListener) (Server, error) {
 	lc := net.ListenConfig{}
+
+	if lncnf.TProxy {
+		lc.Control = func(network, address string, c syscall.RawConn) error {
+			return c.Control(func(fd uintptr) {
+				if err := unix.SetsockoptInt(int(fd), unix.SOL_IP, unix.IP_TRANSPARENT, 1); err != nil {
+					log.ErrorS("listener-tcp", fmt.Sprintf("SetsockoptInt(SOL_IP, IP_TRANSPARENT, 1): %v", err))
+				}
+			})
+		}
+	}
+
 	ln, err := lc.Listen(
 		context.Background(),
 		"tcp",
@@ -47,13 +58,3 @@ func (l *listenerTransparentTcp) Addr() net.Addr {
 func (l *listenerTransparentTcp) Close() error {
 	return l.ln.Close()
 }
-
-func (l *listenerTransparentTcp) control(network, address string, c syscall.RawConn) error {
-	return c.Control(func(fd uintptr) {
-		if l.Lncnf.TProxy {
-			if err := unix.SetsockoptInt(int(fd), unix.SOL_IP, unix.IP_TRANSPARENT, 1); err != nil {
-				log.ErrorS("listener-tcp", fmt.Sprintf("SetsockoptInt(SOL_IP, IP_TRANSPARENT, 1): %v", err))
-			}
-		}
-	})
-}