mirror of
https://github.com/qdm12/gluetun.git
synced 2026-05-07 04:20:12 +02:00
chore: do not use sentinel errors when unneeded
- main reason being it's a burden to always define sentinel errors at global scope, wrap them with `%w` instead of using a string directly - only use sentinel errors when it has to be checked using `errors.Is` - replace all usage of these sentinel errors in `fmt.Errorf` with direct strings that were in the sentinel error - exclude the sentinel error definition requirement from .golangci.yml - update unit tests to use ContainersError instead of ErrorIs so it stays as a "not a change detector test" without requiring a sentinel error
This commit is contained in:
Quentin McGaw
@@ -1,17 +1,11 @@
|
||||
package extract
|
||||
|
||||
import (
|
||||
"errors"
|
||||
"fmt"
|
||||
|
||||
"github.com/qdm12/gluetun/internal/models"
|
||||
)
|
||||
|
||||
var (
|
||||
ErrRead = errors.New("cannot read file")
|
||||
ErrExtractConnection = errors.New("cannot extract connection from file")
|
||||
)
|
||||
|
||||
// Data extracts the lines and connection from the OpenVPN configuration file.
|
||||
func (e *Extractor) Data(filepath string) (lines []string,
|
||||
connection models.Connection, err error,
|
||||
|
||||
@@ -11,8 +11,6 @@ import (
|
||||
"github.com/qdm12/gluetun/internal/models"
|
||||
)
|
||||
|
||||
var errRemoteLineNotFound = errors.New("remote line not found")
|
||||
|
||||
func extractDataFromLines(lines []string) (
|
||||
connection models.Connection, err error,
|
||||
) {
|
||||
@@ -35,7 +33,7 @@ func extractDataFromLines(lines []string) (
|
||||
}
|
||||
|
||||
if !connection.IP.IsValid() {
|
||||
return connection, errRemoteLineNotFound
|
||||
return connection, errors.New("remote line not found")
|
||||
}
|
||||
|
||||
if connection.Protocol == "" {
|
||||
@@ -81,19 +79,15 @@ func extractDataFromLine(line string) (
|
||||
return ip, 0, "", nil
|
||||
}
|
||||
|
||||
var errProtoLineFieldsCount = errors.New("proto line has not 2 fields as expected")
|
||||
|
||||
func extractProto(line string) (protocol string, err error) {
|
||||
fields := strings.Fields(line)
|
||||
if len(fields) != 2 { //nolint:mnd
|
||||
return "", fmt.Errorf("%w: %s", errProtoLineFieldsCount, line)
|
||||
return "", fmt.Errorf("proto line has not 2 fields as expected: %s", line)
|
||||
}
|
||||
|
||||
return parseProto(fields[1])
|
||||
}
|
||||
|
||||
var errProtocolNotSupported = errors.New("network protocol not supported")
|
||||
|
||||
func parseProto(field string) (protocol string, err error) {
|
||||
switch field {
|
||||
case "tcp", "tcp4", "tcp6", "tcp-client":
|
||||
@@ -106,16 +100,10 @@ func parseProto(field string) (protocol string, err error) {
|
||||
// determined by the remote IP address version.
|
||||
return constants.UDP, nil
|
||||
default:
|
||||
return "", fmt.Errorf("%w: %s", errProtocolNotSupported, field)
|
||||
return "", fmt.Errorf("network protocol not supported: %s", field)
|
||||
}
|
||||
}
|
||||
|
||||
var (
|
||||
errRemoteLineFieldsCount = errors.New("remote line has not 2 fields as expected")
|
||||
errHostNotIP = errors.New("host is not an IP address")
|
||||
errPortNotValid = errors.New("port is not valid")
|
||||
)
|
||||
|
||||
func extractRemote(line string) (ip netip.Addr, port uint16,
|
||||
protocol string, err error,
|
||||
) {
|
||||
@@ -123,13 +111,13 @@ func extractRemote(line string) (ip netip.Addr, port uint16,
|
||||
n := len(fields)
|
||||
|
||||
if n < 2 || n > 4 {
|
||||
return netip.Addr{}, 0, "", fmt.Errorf("%w: %s", errRemoteLineFieldsCount, line)
|
||||
return netip.Addr{}, 0, "", fmt.Errorf("remote line has not 2 fields as expected: %s", line)
|
||||
}
|
||||
|
||||
host := fields[1]
|
||||
ip, err = netip.ParseAddr(host)
|
||||
if err != nil {
|
||||
return netip.Addr{}, 0, "", fmt.Errorf("%w: %s", errHostNotIP, host)
|
||||
return netip.Addr{}, 0, "", fmt.Errorf("host is not an IP address: %s", host)
|
||||
// TODO resolve hostname once there is an option to allow it through
|
||||
// the firewall before the VPN is up.
|
||||
}
|
||||
@@ -137,9 +125,9 @@ func extractRemote(line string) (ip netip.Addr, port uint16,
|
||||
if n > 2 { //nolint:mnd
|
||||
portInt, err := strconv.Atoi(fields[2])
|
||||
if err != nil {
|
||||
return netip.Addr{}, 0, "", fmt.Errorf("%w: %s", errPortNotValid, line)
|
||||
return netip.Addr{}, 0, "", fmt.Errorf("port is not valid: %s", line)
|
||||
} else if portInt < 1 || portInt > 65535 {
|
||||
return netip.Addr{}, 0, "", fmt.Errorf("%w: %d must be between 1 and 65535", errPortNotValid, portInt)
|
||||
return netip.Addr{}, 0, "", fmt.Errorf("port is not valid: %d must be between 1 and 65535", portInt)
|
||||
}
|
||||
port = uint16(portInt)
|
||||
}
|
||||
@@ -154,20 +142,18 @@ func extractRemote(line string) (ip netip.Addr, port uint16,
|
||||
return ip, port, protocol, nil
|
||||
}
|
||||
|
||||
var errPostLineFieldsCount = errors.New("post line has not 2 fields as expected")
|
||||
|
||||
func extractPort(line string) (port uint16, err error) {
|
||||
fields := strings.Fields(line)
|
||||
const expectedFieldsCount = 2
|
||||
if len(fields) != expectedFieldsCount {
|
||||
return 0, fmt.Errorf("%w: %s", errPostLineFieldsCount, line)
|
||||
return 0, fmt.Errorf("post line has not 2 fields as expected: %s", line)
|
||||
}
|
||||
|
||||
portInt, err := strconv.Atoi(fields[1])
|
||||
if err != nil {
|
||||
return 0, fmt.Errorf("%w: %s", errPortNotValid, line)
|
||||
return 0, fmt.Errorf("port is not valid: %s", line)
|
||||
} else if portInt < 1 || portInt > 65535 {
|
||||
return 0, fmt.Errorf("%w: %d must be between 1 and 65535", errPortNotValid, portInt)
|
||||
return 0, fmt.Errorf("port is not valid: %d must be between 1 and 65535", portInt)
|
||||
}
|
||||
port = uint16(portInt)
|
||||
|
||||
|
||||
@@ -17,7 +17,7 @@ func Test_extractDataFromLines(t *testing.T) {
|
||||
testCases := map[string]struct {
|
||||
lines []string
|
||||
connection models.Connection
|
||||
err error
|
||||
errMessage string
|
||||
}{
|
||||
"success": {
|
||||
lines: []string{"bla", "proto tcp", "remote 1.2.3.4 1194 tcp", "dev tun6"},
|
||||
@@ -28,8 +28,8 @@ func Test_extractDataFromLines(t *testing.T) {
|
||||
},
|
||||
},
|
||||
"extraction error": {
|
||||
lines: []string{"bla", "proto bad", "remote 1.2.3.4 1194 tcp"},
|
||||
err: errors.New("on line 2: extracting protocol from proto line: network protocol not supported: bad"),
|
||||
lines: []string{"bla", "proto bad", "remote 1.2.3.4 1194 tcp"},
|
||||
errMessage: "on line 2: extracting protocol from proto line: network protocol not supported: bad",
|
||||
},
|
||||
"only use first values found": {
|
||||
lines: []string{"proto udp", "proto tcp", "remote 1.2.3.4 443 tcp", "remote 5.2.3.4 1194 udp"},
|
||||
@@ -44,7 +44,7 @@ func Test_extractDataFromLines(t *testing.T) {
|
||||
connection: models.Connection{
|
||||
Protocol: constants.TCP,
|
||||
},
|
||||
err: errRemoteLineNotFound,
|
||||
errMessage: "remote line not found",
|
||||
},
|
||||
"default TCP port": {
|
||||
lines: []string{"remote 1.2.3.4", "proto tcp"},
|
||||
@@ -70,9 +70,8 @@ func Test_extractDataFromLines(t *testing.T) {
|
||||
|
||||
connection, err := extractDataFromLines(testCase.lines)
|
||||
|
||||
if testCase.err != nil {
|
||||
require.Error(t, err)
|
||||
assert.Equal(t, testCase.err.Error(), err.Error())
|
||||
if testCase.errMessage != "" {
|
||||
assert.EqualError(t, err, testCase.errMessage)
|
||||
} else {
|
||||
assert.NoError(t, err)
|
||||
}
|
||||
@@ -86,18 +85,18 @@ func Test_extractDataFromLine(t *testing.T) {
|
||||
t.Parallel()
|
||||
|
||||
testCases := map[string]struct {
|
||||
line string
|
||||
ip netip.Addr
|
||||
port uint16
|
||||
protocol string
|
||||
isErr error
|
||||
line string
|
||||
ip netip.Addr
|
||||
port uint16
|
||||
protocol string
|
||||
errMessage string
|
||||
}{
|
||||
"irrelevant line": {
|
||||
line: "bla",
|
||||
},
|
||||
"extract proto error": {
|
||||
line: "proto bad",
|
||||
isErr: errProtocolNotSupported,
|
||||
line: "proto bad",
|
||||
errMessage: "network protocol not supported",
|
||||
},
|
||||
"extract proto success": {
|
||||
line: "proto tcp",
|
||||
@@ -108,8 +107,8 @@ func Test_extractDataFromLine(t *testing.T) {
|
||||
protocol: constants.TCP,
|
||||
},
|
||||
"extract remote error": {
|
||||
line: "remote bad",
|
||||
isErr: errHostNotIP,
|
||||
line: "remote bad",
|
||||
errMessage: "host is not an IP address",
|
||||
},
|
||||
"extract remote success": {
|
||||
line: "remote 1.2.3.4 1194 udp",
|
||||
@@ -118,8 +117,8 @@ func Test_extractDataFromLine(t *testing.T) {
|
||||
protocol: constants.UDP,
|
||||
},
|
||||
"extract_port_fail": {
|
||||
line: "port a",
|
||||
isErr: errPortNotValid,
|
||||
line: "port a",
|
||||
errMessage: "port is not valid",
|
||||
},
|
||||
"extract_port_success": {
|
||||
line: "port 1194",
|
||||
@@ -133,8 +132,8 @@ func Test_extractDataFromLine(t *testing.T) {
|
||||
|
||||
ip, port, protocol, err := extractDataFromLine(testCase.line)
|
||||
|
||||
if testCase.isErr != nil {
|
||||
assert.ErrorIs(t, err, testCase.isErr)
|
||||
if testCase.errMessage != "" {
|
||||
assert.ErrorContains(t, err, testCase.errMessage)
|
||||
} else {
|
||||
assert.NoError(t, err)
|
||||
}
|
||||
|
||||
@@ -4,15 +4,12 @@ import (
|
||||
"encoding/base64"
|
||||
"encoding/pem"
|
||||
"errors"
|
||||
"fmt"
|
||||
)
|
||||
|
||||
var errPEMDecode = errors.New("cannot decode PEM encoded block")
|
||||
|
||||
func PEM(b []byte) (encodedData string, err error) {
|
||||
pemBlock, _ := pem.Decode(b)
|
||||
if pemBlock == nil {
|
||||
return "", fmt.Errorf("%w", errPEMDecode)
|
||||
return "", errors.New("cannot decode PEM encoded block")
|
||||
}
|
||||
|
||||
der := pemBlock.Bytes
|
||||
|
||||
@@ -13,16 +13,13 @@ func Test_PEM(t *testing.T) {
|
||||
testCases := map[string]struct {
|
||||
b []byte
|
||||
encodedData string
|
||||
errWrapped error
|
||||
errMessage string
|
||||
}{
|
||||
"no input": {
|
||||
errWrapped: errPEMDecode,
|
||||
errMessage: "cannot decode PEM encoded block",
|
||||
},
|
||||
"bad input": {
|
||||
b: []byte{1, 2, 3},
|
||||
errWrapped: errPEMDecode,
|
||||
errMessage: "cannot decode PEM encoded block",
|
||||
},
|
||||
"valid data with extras": {
|
||||
@@ -46,9 +43,10 @@ func Test_PEM(t *testing.T) {
|
||||
encodedData, err := PEM(testCase.b)
|
||||
|
||||
assert.Equal(t, testCase.encodedData, encodedData)
|
||||
assert.ErrorIs(t, err, testCase.errWrapped)
|
||||
if testCase.errWrapped != nil {
|
||||
if testCase.errMessage != "" {
|
||||
assert.EqualError(t, err, testCase.errMessage)
|
||||
} else {
|
||||
assert.NoError(t, err)
|
||||
}
|
||||
})
|
||||
}
|
||||
|
||||
@@ -3,7 +3,6 @@ package pkcs8
|
||||
import (
|
||||
"crypto/x509/pkix"
|
||||
"encoding/asn1"
|
||||
"errors"
|
||||
"fmt"
|
||||
)
|
||||
|
||||
@@ -11,8 +10,6 @@ import (
|
||||
// https://www.ibm.com/docs/en/zos/2.3.0?topic=programming-object-identifiers
|
||||
var oidDESCBC = asn1.ObjectIdentifier{1, 3, 14, 3, 2, 7} //nolint:gochecknoglobals
|
||||
|
||||
var ErrEncryptionAlgorithmNotPBES2 = errors.New("encryption algorithm is not PBES2")
|
||||
|
||||
type encryptedPrivateKey struct {
|
||||
EncryptionAlgorithm pkix.AlgorithmIdentifier
|
||||
EncryptedData []byte
|
||||
@@ -35,8 +32,8 @@ func getEncryptionAlgorithmOid(der []byte) (
|
||||
oidPBES2 := asn1.ObjectIdentifier{1, 2, 840, 113549, 1, 5, 13}
|
||||
oidAlgorithm := encryptedPrivateKeyData.EncryptionAlgorithm.Algorithm
|
||||
if !oidAlgorithm.Equal(oidPBES2) {
|
||||
return nil, fmt.Errorf("%w: %s instead of PBES2 %s",
|
||||
ErrEncryptionAlgorithmNotPBES2, oidAlgorithm, oidPBES2)
|
||||
return nil, fmt.Errorf("encryption algorithm is not PBES2: %s instead of PBES2 %s",
|
||||
oidAlgorithm, oidPBES2)
|
||||
}
|
||||
|
||||
var encryptionAlgorithmParams encryptedAlgorithmParams
|
||||
|
||||
@@ -2,14 +2,11 @@ package pkcs8
|
||||
|
||||
import (
|
||||
"encoding/base64"
|
||||
"errors"
|
||||
"fmt"
|
||||
|
||||
pkcs8lib "github.com/youmark/pkcs8"
|
||||
)
|
||||
|
||||
var ErrUnsupportedKeyType = errors.New("unsupported key type")
|
||||
|
||||
// UpgradeEncryptedKey eventually upgrades an encrypted key to a newer encryption
|
||||
// if its encryption is too weak for Openvpn/Openssl.
|
||||
// If the key is encrypted using DES-CBC, it is decrypted and re-encrypted using AES-256-CBC.
|
||||
|
||||
@@ -2,15 +2,12 @@ package openvpn
|
||||
|
||||
import (
|
||||
"context"
|
||||
"errors"
|
||||
"fmt"
|
||||
"os/exec"
|
||||
|
||||
"github.com/qdm12/gluetun/internal/constants/openvpn"
|
||||
)
|
||||
|
||||
var ErrVersionUnknown = errors.New("OpenVPN version is unknown")
|
||||
|
||||
const (
|
||||
binOpenvpn25 = "openvpn2.5"
|
||||
binOpenvpn26 = "openvpn2.6"
|
||||
@@ -26,7 +23,7 @@ func start(ctx context.Context, starter CmdStarter, version string, flags []stri
|
||||
case openvpn.Openvpn26:
|
||||
bin = binOpenvpn26
|
||||
default:
|
||||
return nil, nil, nil, fmt.Errorf("%w: %s", ErrVersionUnknown, version)
|
||||
return nil, nil, nil, fmt.Errorf("OpenVPN version is unknown: %s", version)
|
||||
}
|
||||
|
||||
args := []string{"--config", configPath}
|
||||
|
||||
@@ -2,7 +2,6 @@ package openvpn
|
||||
|
||||
import (
|
||||
"context"
|
||||
"errors"
|
||||
"fmt"
|
||||
"os/exec"
|
||||
"strings"
|
||||
@@ -16,8 +15,6 @@ func (c *Configurator) Version26(ctx context.Context) (version string, err error
|
||||
return c.version(ctx, binOpenvpn26)
|
||||
}
|
||||
|
||||
var ErrVersionTooShort = errors.New("version output is too short")
|
||||
|
||||
func (c *Configurator) version(ctx context.Context, binName string) (version string, err error) {
|
||||
cmd := exec.CommandContext(ctx, binName, "--version")
|
||||
output, err := c.cmder.Run(cmd)
|
||||
@@ -28,7 +25,7 @@ func (c *Configurator) version(ctx context.Context, binName string) (version str
|
||||
words := strings.Fields(firstLine)
|
||||
const minWords = 2
|
||||
if len(words) < minWords {
|
||||
return "", fmt.Errorf("%w: %s", ErrVersionTooShort, firstLine)
|
||||
return "", fmt.Errorf("version output is too short: %s", firstLine)
|
||||
}
|
||||
return words[1], nil
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user