mirror of
https://github.com/juanfont/headscale.git
synced 2025-10-24 21:51:22 +02:00
Start work on making gocritic pass
This commit is contained in:
parent
ba084b9987
commit
53ed749f45
@ -25,6 +25,9 @@ linters:
|
||||
- godox
|
||||
- ireturn
|
||||
|
||||
# In progress
|
||||
- gocritic
|
||||
|
||||
# We should strive to enable these:
|
||||
- testpackage
|
||||
- stylecheck
|
||||
@ -34,7 +37,6 @@ linters:
|
||||
- forcetypeassert
|
||||
- errname
|
||||
- gosec
|
||||
- gocritic
|
||||
- forbidigo
|
||||
- dupl
|
||||
- varnamelen
|
||||
|
9
acls.go
9
acls.go
@ -264,7 +264,8 @@ func (h *Headscale) expandPorts(s string) (*[]tailcfg.PortRange, error) {
|
||||
ports := []tailcfg.PortRange{}
|
||||
for _, p := range strings.Split(s, ",") {
|
||||
rang := strings.Split(p, "-")
|
||||
if len(rang) == 1 {
|
||||
switch len(rang) {
|
||||
case 1:
|
||||
pi, err := strconv.ParseUint(rang[0], BASE_10, BIT_SIZE_16)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
@ -273,7 +274,8 @@ func (h *Headscale) expandPorts(s string) (*[]tailcfg.PortRange, error) {
|
||||
First: uint16(pi),
|
||||
Last: uint16(pi),
|
||||
})
|
||||
} else if len(rang) == EXPECTED_TOKEN_ITEMS {
|
||||
|
||||
case EXPECTED_TOKEN_ITEMS:
|
||||
start, err := strconv.ParseUint(rang[0], BASE_10, BIT_SIZE_16)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
@ -286,7 +288,8 @@ func (h *Headscale) expandPorts(s string) (*[]tailcfg.PortRange, error) {
|
||||
First: uint16(start),
|
||||
Last: uint16(last),
|
||||
})
|
||||
} else {
|
||||
|
||||
default:
|
||||
return nil, errorInvalidPortFormat
|
||||
}
|
||||
}
|
||||
|
@ -56,7 +56,7 @@ func (h *Hosts) UnmarshalJSON(data []byte) error {
|
||||
}
|
||||
for k, v := range hs {
|
||||
if !strings.Contains(v, "/") {
|
||||
v = v + "/32"
|
||||
v += "/32"
|
||||
}
|
||||
prefix, err := netaddr.ParseIPPrefix(v)
|
||||
if err != nil {
|
||||
|
13
app.go
13
app.go
@ -345,10 +345,10 @@ func (h *Headscale) grpcAuthenticationInterceptor(ctx context.Context,
|
||||
"Authentication is not implemented yet",
|
||||
)
|
||||
|
||||
//if strings.TrimPrefix(token, AUTH_PREFIX) != a.Token {
|
||||
// if strings.TrimPrefix(token, AUTH_PREFIX) != a.Token {
|
||||
// log.Error().Caller().Str("client_address", p.Addr.String()).Msg("invalid token")
|
||||
// return ctx, status.Error(codes.Unauthenticated, "invalid token")
|
||||
//}
|
||||
// }
|
||||
|
||||
// return handler(ctx, req)
|
||||
}
|
||||
@ -604,12 +604,14 @@ func (h *Headscale) getTLSSettings() (*tls.Config, error) {
|
||||
Email: h.cfg.ACMEEmail,
|
||||
}
|
||||
|
||||
if h.cfg.TLSLetsEncryptChallengeType == "TLS-ALPN-01" {
|
||||
switch h.cfg.TLSLetsEncryptChallengeType {
|
||||
case "TLS-ALPN-01":
|
||||
// Configuration via autocert with TLS-ALPN-01 (https://tools.ietf.org/html/rfc8737)
|
||||
// The RFC requires that the validation is done on port 443; in other words, headscale
|
||||
// must be reachable on port 443.
|
||||
return m.TLSConfig(), nil
|
||||
} else if h.cfg.TLSLetsEncryptChallengeType == "HTTP-01" {
|
||||
|
||||
case "HTTP-01":
|
||||
// Configuration via autocert with HTTP-01. This requires listening on
|
||||
// port 80 for the certificate validation in addition to the headscale
|
||||
// service, which can be configured to run on any other port.
|
||||
@ -620,7 +622,8 @@ func (h *Headscale) getTLSSettings() (*tls.Config, error) {
|
||||
}()
|
||||
|
||||
return m.TLSConfig(), nil
|
||||
} else {
|
||||
|
||||
default:
|
||||
return nil, errors.New("unknown value for TLSLetsEncryptChallengeType")
|
||||
}
|
||||
} else if h.cfg.TLSCertPath == "" {
|
||||
|
6
oidc.go
6
oidc.go
@ -136,11 +136,11 @@ func (h *Headscale) OIDCCallback(c *gin.Context) {
|
||||
}
|
||||
|
||||
// TODO: we can use userinfo at some point to grab additional information about the user (groups membership, etc)
|
||||
//userInfo, err := oidcProvider.UserInfo(context.Background(), oauth2.StaticTokenSource(oauth2Token))
|
||||
//if err != nil {
|
||||
// userInfo, err := oidcProvider.UserInfo(context.Background(), oauth2.StaticTokenSource(oauth2Token))
|
||||
// if err != nil {
|
||||
// c.String(http.StatusBadRequest, fmt.Sprintf("Failed to retrieve userinfo: %s", err))
|
||||
// return
|
||||
//}
|
||||
// }
|
||||
|
||||
// Extract custom claims
|
||||
var claims IDTokenClaims
|
||||
|
@ -6,7 +6,7 @@ import (
|
||||
|
||||
func CreateNodeNamespace(
|
||||
c *check.C,
|
||||
namespace, node, key, IP string,
|
||||
namespace, node, key, ip string,
|
||||
) (*Namespace, *Machine) {
|
||||
n1, err := h.CreateNamespace(namespace)
|
||||
c.Assert(err, check.IsNil)
|
||||
@ -26,7 +26,7 @@ func CreateNodeNamespace(
|
||||
NamespaceID: n1.ID,
|
||||
Registered: true,
|
||||
RegisterMethod: "authKey",
|
||||
IPAddress: IP,
|
||||
IPAddress: ip,
|
||||
AuthKeyID: uint(pak1.ID),
|
||||
}
|
||||
h.db.Save(m1)
|
||||
|
Loading…
x
Reference in New Issue
Block a user