mirror of
https://github.com/juanfont/headscale.git
synced 2024-11-26 08:53:05 +00:00
Start work on making gocritic pass
This commit is contained in:
parent
ba084b9987
commit
53ed749f45
6 changed files with 27 additions and 19 deletions
|
@ -25,6 +25,9 @@ linters:
|
||||||
- godox
|
- godox
|
||||||
- ireturn
|
- ireturn
|
||||||
|
|
||||||
|
# In progress
|
||||||
|
- gocritic
|
||||||
|
|
||||||
# We should strive to enable these:
|
# We should strive to enable these:
|
||||||
- testpackage
|
- testpackage
|
||||||
- stylecheck
|
- stylecheck
|
||||||
|
@ -34,7 +37,6 @@ linters:
|
||||||
- forcetypeassert
|
- forcetypeassert
|
||||||
- errname
|
- errname
|
||||||
- gosec
|
- gosec
|
||||||
- gocritic
|
|
||||||
- forbidigo
|
- forbidigo
|
||||||
- dupl
|
- dupl
|
||||||
- varnamelen
|
- varnamelen
|
||||||
|
|
9
acls.go
9
acls.go
|
@ -264,7 +264,8 @@ func (h *Headscale) expandPorts(s string) (*[]tailcfg.PortRange, error) {
|
||||||
ports := []tailcfg.PortRange{}
|
ports := []tailcfg.PortRange{}
|
||||||
for _, p := range strings.Split(s, ",") {
|
for _, p := range strings.Split(s, ",") {
|
||||||
rang := strings.Split(p, "-")
|
rang := strings.Split(p, "-")
|
||||||
if len(rang) == 1 {
|
switch len(rang) {
|
||||||
|
case 1:
|
||||||
pi, err := strconv.ParseUint(rang[0], BASE_10, BIT_SIZE_16)
|
pi, err := strconv.ParseUint(rang[0], BASE_10, BIT_SIZE_16)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return nil, err
|
return nil, err
|
||||||
|
@ -273,7 +274,8 @@ func (h *Headscale) expandPorts(s string) (*[]tailcfg.PortRange, error) {
|
||||||
First: uint16(pi),
|
First: uint16(pi),
|
||||||
Last: uint16(pi),
|
Last: uint16(pi),
|
||||||
})
|
})
|
||||||
} else if len(rang) == EXPECTED_TOKEN_ITEMS {
|
|
||||||
|
case EXPECTED_TOKEN_ITEMS:
|
||||||
start, err := strconv.ParseUint(rang[0], BASE_10, BIT_SIZE_16)
|
start, err := strconv.ParseUint(rang[0], BASE_10, BIT_SIZE_16)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return nil, err
|
return nil, err
|
||||||
|
@ -286,7 +288,8 @@ func (h *Headscale) expandPorts(s string) (*[]tailcfg.PortRange, error) {
|
||||||
First: uint16(start),
|
First: uint16(start),
|
||||||
Last: uint16(last),
|
Last: uint16(last),
|
||||||
})
|
})
|
||||||
} else {
|
|
||||||
|
default:
|
||||||
return nil, errorInvalidPortFormat
|
return nil, errorInvalidPortFormat
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
@ -56,7 +56,7 @@ func (h *Hosts) UnmarshalJSON(data []byte) error {
|
||||||
}
|
}
|
||||||
for k, v := range hs {
|
for k, v := range hs {
|
||||||
if !strings.Contains(v, "/") {
|
if !strings.Contains(v, "/") {
|
||||||
v = v + "/32"
|
v += "/32"
|
||||||
}
|
}
|
||||||
prefix, err := netaddr.ParseIPPrefix(v)
|
prefix, err := netaddr.ParseIPPrefix(v)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
|
|
17
app.go
17
app.go
|
@ -345,10 +345,10 @@ func (h *Headscale) grpcAuthenticationInterceptor(ctx context.Context,
|
||||||
"Authentication is not implemented yet",
|
"Authentication is not implemented yet",
|
||||||
)
|
)
|
||||||
|
|
||||||
//if strings.TrimPrefix(token, AUTH_PREFIX) != a.Token {
|
// if strings.TrimPrefix(token, AUTH_PREFIX) != a.Token {
|
||||||
// log.Error().Caller().Str("client_address", p.Addr.String()).Msg("invalid token")
|
// log.Error().Caller().Str("client_address", p.Addr.String()).Msg("invalid token")
|
||||||
// return ctx, status.Error(codes.Unauthenticated, "invalid token")
|
// return ctx, status.Error(codes.Unauthenticated, "invalid token")
|
||||||
//}
|
// }
|
||||||
|
|
||||||
// return handler(ctx, req)
|
// return handler(ctx, req)
|
||||||
}
|
}
|
||||||
|
@ -604,12 +604,14 @@ func (h *Headscale) getTLSSettings() (*tls.Config, error) {
|
||||||
Email: h.cfg.ACMEEmail,
|
Email: h.cfg.ACMEEmail,
|
||||||
}
|
}
|
||||||
|
|
||||||
if h.cfg.TLSLetsEncryptChallengeType == "TLS-ALPN-01" {
|
switch h.cfg.TLSLetsEncryptChallengeType {
|
||||||
|
case "TLS-ALPN-01":
|
||||||
// Configuration via autocert with TLS-ALPN-01 (https://tools.ietf.org/html/rfc8737)
|
// Configuration via autocert with TLS-ALPN-01 (https://tools.ietf.org/html/rfc8737)
|
||||||
// The RFC requires that the validation is done on port 443; in other words, headscale
|
// The RFC requires that the validation is done on port 443; in other words, headscale
|
||||||
// must be reachable on port 443.
|
// must be reachable on port 443.
|
||||||
return m.TLSConfig(), nil
|
return m.TLSConfig(), nil
|
||||||
} else if h.cfg.TLSLetsEncryptChallengeType == "HTTP-01" {
|
|
||||||
|
case "HTTP-01":
|
||||||
// Configuration via autocert with HTTP-01. This requires listening on
|
// Configuration via autocert with HTTP-01. This requires listening on
|
||||||
// port 80 for the certificate validation in addition to the headscale
|
// port 80 for the certificate validation in addition to the headscale
|
||||||
// service, which can be configured to run on any other port.
|
// service, which can be configured to run on any other port.
|
||||||
|
@ -620,7 +622,8 @@ func (h *Headscale) getTLSSettings() (*tls.Config, error) {
|
||||||
}()
|
}()
|
||||||
|
|
||||||
return m.TLSConfig(), nil
|
return m.TLSConfig(), nil
|
||||||
} else {
|
|
||||||
|
default:
|
||||||
return nil, errors.New("unknown value for TLSLetsEncryptChallengeType")
|
return nil, errors.New("unknown value for TLSLetsEncryptChallengeType")
|
||||||
}
|
}
|
||||||
} else if h.cfg.TLSCertPath == "" {
|
} else if h.cfg.TLSCertPath == "" {
|
||||||
|
|
10
oidc.go
10
oidc.go
|
@ -136,11 +136,11 @@ func (h *Headscale) OIDCCallback(c *gin.Context) {
|
||||||
}
|
}
|
||||||
|
|
||||||
// TODO: we can use userinfo at some point to grab additional information about the user (groups membership, etc)
|
// TODO: we can use userinfo at some point to grab additional information about the user (groups membership, etc)
|
||||||
//userInfo, err := oidcProvider.UserInfo(context.Background(), oauth2.StaticTokenSource(oauth2Token))
|
// userInfo, err := oidcProvider.UserInfo(context.Background(), oauth2.StaticTokenSource(oauth2Token))
|
||||||
//if err != nil {
|
// if err != nil {
|
||||||
// c.String(http.StatusBadRequest, fmt.Sprintf("Failed to retrieve userinfo: %s", err))
|
// c.String(http.StatusBadRequest, fmt.Sprintf("Failed to retrieve userinfo: %s", err))
|
||||||
// return
|
// return
|
||||||
//}
|
// }
|
||||||
|
|
||||||
// Extract custom claims
|
// Extract custom claims
|
||||||
var claims IDTokenClaims
|
var claims IDTokenClaims
|
||||||
|
|
|
@ -6,7 +6,7 @@ import (
|
||||||
|
|
||||||
func CreateNodeNamespace(
|
func CreateNodeNamespace(
|
||||||
c *check.C,
|
c *check.C,
|
||||||
namespace, node, key, IP string,
|
namespace, node, key, ip string,
|
||||||
) (*Namespace, *Machine) {
|
) (*Namespace, *Machine) {
|
||||||
n1, err := h.CreateNamespace(namespace)
|
n1, err := h.CreateNamespace(namespace)
|
||||||
c.Assert(err, check.IsNil)
|
c.Assert(err, check.IsNil)
|
||||||
|
@ -26,7 +26,7 @@ func CreateNodeNamespace(
|
||||||
NamespaceID: n1.ID,
|
NamespaceID: n1.ID,
|
||||||
Registered: true,
|
Registered: true,
|
||||||
RegisterMethod: "authKey",
|
RegisterMethod: "authKey",
|
||||||
IPAddress: IP,
|
IPAddress: ip,
|
||||||
AuthKeyID: uint(pak1.ID),
|
AuthKeyID: uint(pak1.ID),
|
||||||
}
|
}
|
||||||
h.db.Save(m1)
|
h.db.Save(m1)
|
||||||
|
|
Loading…
Reference in a new issue