mirror of
https://gogs.blitter.com/RLabs/xs
synced 2024-08-14 10:26:42 +00:00
Updated golangci-lint config; xsd.sysvrc init script updates
This commit is contained in:
parent
9a0dd8270a
commit
5c826f7a5f
4 changed files with 153 additions and 325 deletions
399
.golangci.yml
399
.golangci.yml
|
@ -1,327 +1,154 @@
|
|||
# This file contains all available configuration options
|
||||
# with their default values.
|
||||
|
||||
# options for analysis running
|
||||
run:
|
||||
# default concurrency is a available CPU number
|
||||
concurrency: 4
|
||||
|
||||
# timeout for analysis, e.g. 30s, 5m, default is 1m
|
||||
timeout: 1m
|
||||
|
||||
# exit code when at least one issue was found, default is 1
|
||||
issues-exit-code: 1
|
||||
|
||||
# include test files or not, default is true
|
||||
tests: true
|
||||
|
||||
# list of build tags, all linters use it. Default is empty list.
|
||||
build-tags:
|
||||
- mytag
|
||||
|
||||
# which dirs to skip: issues from them won't be reported;
|
||||
# can use regexp here: generated.*, regexp is applied on full path;
|
||||
# default value is empty list, but default dirs are skipped independently
|
||||
# from this option's value (see skip-dirs-use-default).
|
||||
skip-dirs:
|
||||
- src/external_libs
|
||||
- autogenerated_by_my_lib
|
||||
|
||||
# default is true. Enables skipping of directories:
|
||||
# vendor$, third_party$, testdata$, examples$, Godeps$, builtin$
|
||||
skip-dirs-use-default: true
|
||||
|
||||
# which files to skip: they will be analyzed, but issues from them
|
||||
# won't be reported. Default value is empty list, but there is
|
||||
# no need to include all autogenerated files, we confidently recognize
|
||||
# autogenerated files. If it's not please let us know.
|
||||
skip-files:
|
||||
- ".*\\.my\\.go$"
|
||||
- lib/bad.go
|
||||
|
||||
# by default isn't set. If set we pass it to "go list -mod={option}". From "go help modules":
|
||||
# If invoked with -mod=readonly, the go command is disallowed from the implicit
|
||||
# automatic updating of go.mod described above. Instead, it fails when any changes
|
||||
# to go.mod are needed. This setting is most useful to check that go.mod does
|
||||
# not need updates, such as in a continuous integration and testing system.
|
||||
# If invoked with -mod=vendor, the go command assumes that the vendor
|
||||
# directory holds the correct copies of dependencies and ignores
|
||||
# the dependency descriptions in go.mod.
|
||||
#! modules-download-mode: readonly|release|vendor
|
||||
|
||||
|
||||
# output configuration options
|
||||
output:
|
||||
# colored-line-number|line-number|json|tab|checkstyle|code-climate, default is "colored-line-number"
|
||||
format: colored-line-number
|
||||
|
||||
# print lines of code with issue, default is true
|
||||
print-issued-lines: true
|
||||
|
||||
# print linter name in the end of issue text, default is true
|
||||
print-linter-name: true
|
||||
|
||||
# make issues output unique by line, default is true
|
||||
uniq-by-line: true
|
||||
|
||||
|
||||
# all available settings of specific linters
|
||||
linters-settings:
|
||||
dogsled:
|
||||
# checks assignments with too many blank identifiers; default is 2
|
||||
max-blank-identifiers: 2
|
||||
depguard:
|
||||
list-type: blacklist
|
||||
packages:
|
||||
# logging is allowed only by logutils.Log, logrus
|
||||
# is allowed to use only in logutils package
|
||||
- github.com/sirupsen/logrus
|
||||
packages-with-error-message:
|
||||
- github.com/sirupsen/logrus: "logging is allowed only by logutils.Log"
|
||||
dupl:
|
||||
# tokens count to trigger issue, 150 by default
|
||||
threshold: 100
|
||||
errcheck:
|
||||
# report about not checking of errors in type assetions: `a := b.(MyStruct)`;
|
||||
# default is false: such cases aren't reported by default.
|
||||
check-type-assertions: false
|
||||
|
||||
# report about assignment of errors to blank identifier: `num, _ := strconv.Atoi(numStr)`;
|
||||
# default is false: such cases aren't reported by default.
|
||||
check-blank: false
|
||||
|
||||
# [deprecated] comma-separated list of pairs of the form pkg:regex
|
||||
# the regex is used to ignore names within pkg. (default "fmt:.*").
|
||||
# see https://github.com/kisielk/errcheck#the-deprecated-method for details
|
||||
ignore: fmt:.*,io/ioutil:^Read.*
|
||||
|
||||
# path to a file containing a list of functions to exclude from checking
|
||||
# see https://github.com/kisielk/errcheck#excluding-functions for details
|
||||
#!exclude: /path/to/file.txt
|
||||
funlen:
|
||||
lines: 60
|
||||
statements: 40
|
||||
gocognit:
|
||||
# minimal code complexity to report, 30 by default (but we recommend 10-20)
|
||||
min-complexity: 10
|
||||
lines: 125
|
||||
statements: 50
|
||||
gci:
|
||||
local-prefixes: github.com/golangci/golangci-lint
|
||||
goconst:
|
||||
# minimal length of string constant, 3 by default
|
||||
min-len: 3
|
||||
# minimal occurrences count to trigger, 3 by default
|
||||
min-occurrences: 3
|
||||
min-len: 2
|
||||
min-occurrences: 2
|
||||
gocritic:
|
||||
# Which checks should be enabled; can't be combined with 'disabled-checks';
|
||||
# See https://go-critic.github.io/overview#checks-overview
|
||||
# To check which checks are enabled run `GL_DEBUG=gocritic golangci-lint run`
|
||||
# By default list of stable checks is used.
|
||||
enabled-checks:
|
||||
#!- rangeValCopy
|
||||
|
||||
# Which checks should be disabled; can't be combined with 'enabled-checks'; default is empty
|
||||
disabled-checks:
|
||||
- regexpMust
|
||||
|
||||
# Enable multiple checks by tags, run `GL_DEBUG=gocritic golangci-lint run` to see all tags and checks.
|
||||
# Empty list by default. See https://github.com/go-critic/go-critic#usage -> section "Tags".
|
||||
enabled-tags:
|
||||
- diagnostic
|
||||
- experimental
|
||||
- opinionated
|
||||
- performance
|
||||
|
||||
settings: # settings passed to gocritic
|
||||
captLocal: # must be valid enabled check name
|
||||
paramsOnly: true
|
||||
rangeValCopy:
|
||||
sizeThreshold: 32
|
||||
- style
|
||||
disabled-checks:
|
||||
- commentFormatting
|
||||
- dupImport # https://github.com/go-critic/go-critic/issues/845
|
||||
- ifElseChain
|
||||
- octalLiteral
|
||||
- whyNoLint
|
||||
- wrapperFunc
|
||||
gocyclo:
|
||||
# minimal code complexity to report, 30 by default (but we recommend 10-20)
|
||||
min-complexity: 10
|
||||
godox:
|
||||
# report any comments starting with keywords, this is useful for TODO or FIXME comments that
|
||||
# might be left in the code accidentally and should be resolved before merging
|
||||
keywords: # default keywords are TODO, BUG, and FIXME, these can be overwritten by this setting
|
||||
- NOTE
|
||||
- OPTIMIZE # marks code that should be optimized before merging
|
||||
- HACK # marks hack-arounds that should be removed before merging
|
||||
gofmt:
|
||||
# simplify code: gofmt with `-s` option, true by default
|
||||
simplify: true
|
||||
min-complexity: 15
|
||||
goimports:
|
||||
# put imports beginning with prefix after 3rd-party packages;
|
||||
# it's a comma-separated list of prefixes
|
||||
local-prefixes: github.com/org/project
|
||||
golint:
|
||||
# minimal confidence for issues, default is 0.8
|
||||
min-confidence: 0.8
|
||||
local-prefixes: github.com/golangci/golangci-lint
|
||||
#golint:
|
||||
# min-confidence: 0
|
||||
gomnd:
|
||||
settings:
|
||||
mnd:
|
||||
# the list of enabled checks, see https://github.com/tommy-muehle/go-mnd/#checks for description.
|
||||
checks: argument,case,condition,operation,return,assign
|
||||
# don't include the "operation" and "assign"
|
||||
checks: argument,case,condition,return
|
||||
govet:
|
||||
# report about shadowed variables
|
||||
check-shadowing: true
|
||||
|
||||
# settings per analyzer
|
||||
settings:
|
||||
printf: # analyzer name, run `go tool vet help` to see all analyzers
|
||||
funcs: # run `go tool vet help printf` to see available settings for `printf` analyzer
|
||||
printf:
|
||||
funcs:
|
||||
- (github.com/golangci/golangci-lint/pkg/logutils.Log).Infof
|
||||
- (github.com/golangci/golangci-lint/pkg/logutils.Log).Warnf
|
||||
- (github.com/golangci/golangci-lint/pkg/logutils.Log).Errorf
|
||||
- (github.com/golangci/golangci-lint/pkg/logutils.Log).Fatalf
|
||||
|
||||
# enable or disable analyzers by name
|
||||
enable:
|
||||
- atomicalign
|
||||
enable-all: false
|
||||
disable:
|
||||
- shadow
|
||||
disable-all: false
|
||||
depguard:
|
||||
list-type: blacklist
|
||||
include-go-root: false
|
||||
packages:
|
||||
- github.com/sirupsen/logrus
|
||||
packages-with-error-message:
|
||||
# specify an error message to output when a blacklisted package is used
|
||||
- github.com/sirupsen/logrus: "logging is allowed only by logutils.Log"
|
||||
lll:
|
||||
# max line length, lines longer will be reported. Default is 120.
|
||||
# '\t' is counted as 1 character by default, and can be changed with the tab-width option
|
||||
line-length: 120
|
||||
# tab width in spaces. Default to 1.
|
||||
tab-width: 1
|
||||
line-length: 140
|
||||
maligned:
|
||||
# print struct with more effective memory layout or not, false by default
|
||||
suggest-new: true
|
||||
misspell:
|
||||
# Correct spellings using locale preferences for US or UK.
|
||||
# Default is to use a neutral variety of English.
|
||||
# Setting locale to US will correct the British spelling of 'colour' to 'color'.
|
||||
locale: US
|
||||
ignore-words:
|
||||
- someword
|
||||
nakedret:
|
||||
# make an issue if func has more lines of code than this setting and it has naked returns; default is 30
|
||||
max-func-lines: 30
|
||||
prealloc:
|
||||
# XXX: we don't recommend using this linter before doing performance profiling.
|
||||
# For most programs usage of prealloc will be a premature optimization.
|
||||
|
||||
# Report preallocation suggestions only on simple loops that have no returns/breaks/continues/gotos in them.
|
||||
# True by default.
|
||||
simple: true
|
||||
range-loops: true # Report preallocation suggestions on range loops, true by default
|
||||
for-loops: false # Report preallocation suggestions on for loops, false by default
|
||||
rowserrcheck:
|
||||
packages:
|
||||
- github.com/jmoiron/sqlx
|
||||
unparam:
|
||||
# Inspect exported functions, default is false. Set to true if no external program/library imports your code.
|
||||
# XXX: if you enable this setting, unparam will report a lot of false-positives in text editors:
|
||||
# if it's called for subdir of a project it can't find external interfaces. All text editor integrations
|
||||
# with golangci-lint call it on a directory with the changed file.
|
||||
check-exported: false
|
||||
unused:
|
||||
# treat code as a program (not a library) and report unused exported identifiers; default is false.
|
||||
# XXX: if you enable this setting, unused will report a lot of false-positives in text editors:
|
||||
# if it's called for subdir of a project it can't find funcs usages. All text editor integrations
|
||||
# with golangci-lint call it on a directory with the changed file.
|
||||
check-exported: false
|
||||
whitespace:
|
||||
multi-if: false # Enforces newlines (or comments) after every multi-line if statement
|
||||
multi-func: false # Enforces newlines (or comments) after every multi-line function signature
|
||||
wsl:
|
||||
# If true append is only allowed to be cuddled if appending value is
|
||||
# matching variables, fields or types on line above. Default is true.
|
||||
strict-append: true
|
||||
# Allow calls and assignments to be cuddled as long as the lines have any
|
||||
# matching variables, fields or types. Default is true.
|
||||
allow-assign-and-call: true
|
||||
# Allow multiline assignments to be cuddled. Default is true.
|
||||
allow-multiline-assign: true
|
||||
# Allow declarations (var) to be cuddled.
|
||||
allow-cuddle-declarations: false
|
||||
# Allow trailing comments in ending of blocks
|
||||
allow-trailing-comment: false
|
||||
# Force newlines in end of case at this limit (0 = never).
|
||||
force-case-trailing-whitespace: 0
|
||||
|
||||
# The custom section can be used to define linter plugins to be loaded at runtime. See README doc
|
||||
# for more info.
|
||||
custom:
|
||||
# Each custom linter should have a unique name.
|
||||
#! example:
|
||||
#! # The path to the plugin *.so. Can be absolute or local. Required for each custom linter
|
||||
#! path: /path/to/example.so
|
||||
#! # The description of the linter. Optional, just for documentation purposes.
|
||||
#! description: This is an example usage of a plugin linter.
|
||||
#! # Intended to point to the repo location of the linter. Optional, just for documentation purposes.
|
||||
#! original-url: github.com/golangci/example-linter
|
||||
locale: en_CA
|
||||
nolintlint:
|
||||
allow-leading-space: true # don't require machine-readable nolint directives (i.e. with no leading space)
|
||||
allow-unused: false # report any unused nolint directives
|
||||
require-explanation: false # don't require an explanation for nolint directives
|
||||
require-specific: false # don't require nolint directives to be specific about which linter is being skipped
|
||||
|
||||
linters:
|
||||
# please, do not use `enable-all`: it's deprecated and will be removed soon.
|
||||
# inverted configuration with `enable-all` and `disable` is not scalable during updates of golangci-lint
|
||||
disable-all: true
|
||||
enable:
|
||||
- megacheck
|
||||
- bodyclose
|
||||
#- deadcode
|
||||
- depguard
|
||||
- dogsled
|
||||
- dupl
|
||||
- errcheck
|
||||
- exhaustive
|
||||
- funlen
|
||||
- gochecknoinits
|
||||
- goconst
|
||||
- gocritic
|
||||
- gocyclo
|
||||
- gofmt
|
||||
- goimports
|
||||
#- golint
|
||||
- gomnd
|
||||
- goprintffuncname
|
||||
- gosec
|
||||
- gosimple
|
||||
- govet
|
||||
disable:
|
||||
- maligned
|
||||
- prealloc
|
||||
disable-all: false
|
||||
presets:
|
||||
- bugs
|
||||
- ineffassign
|
||||
#- interfacer
|
||||
- lll
|
||||
- misspell
|
||||
#- nakedret
|
||||
- noctx
|
||||
- nolintlint
|
||||
- rowserrcheck
|
||||
#- scopelint
|
||||
- staticcheck
|
||||
#- structcheck
|
||||
- stylecheck
|
||||
- typecheck
|
||||
- unconvert
|
||||
- unparam
|
||||
- unused
|
||||
fast: false
|
||||
#- varcheck
|
||||
- whitespace
|
||||
|
||||
# don't enable:
|
||||
# - asciicheck
|
||||
# - gochecknoglobals
|
||||
# - gocognit
|
||||
# - godot
|
||||
# - godox
|
||||
# - goerr113
|
||||
# - maligned
|
||||
# - nestif
|
||||
# - prealloc
|
||||
# - testpackage
|
||||
# - wsl
|
||||
|
||||
issues:
|
||||
# List of regexps of issue texts to exclude, empty list by default.
|
||||
# But independently from this option we use default exclude patterns,
|
||||
# it can be disabled by `exclude-use-default: false`. To list all
|
||||
# excluded by default patterns execute `golangci-lint run --help`
|
||||
exclude:
|
||||
- abcdef
|
||||
|
||||
# Excluding configuration per-path, per-linter, per-text and per-source
|
||||
exclude-rules:
|
||||
# Exclude some linters from running on tests files.
|
||||
- path: _test\.go
|
||||
linters:
|
||||
- gocyclo
|
||||
- errcheck
|
||||
- dupl
|
||||
- gosec
|
||||
- gomnd
|
||||
|
||||
# Exclude known linters from partially hard-vendored code,
|
||||
# which is impossible to exclude via "nolint" comments.
|
||||
- path: internal/hmac/
|
||||
text: "weak cryptographic primitive"
|
||||
linters:
|
||||
- gosec
|
||||
|
||||
# Exclude some staticcheck messages
|
||||
# https://github.com/go-critic/go-critic/issues/926
|
||||
- linters:
|
||||
- staticcheck
|
||||
text: "SA9003:"
|
||||
- gocritic
|
||||
text: "unnecessaryDefer:"
|
||||
|
||||
# Exclude lll issues for long lines with go:generate
|
||||
- linters:
|
||||
- lll
|
||||
source: "^//go:generate "
|
||||
# TODO temporary rule, must be removed
|
||||
# seems related to v0.34.1, but I was not able to reproduce locally,
|
||||
# I was also not able to reproduce in the CI of a fork,
|
||||
# only the golangci-lint CI seems to be affected by this invalid analysis.
|
||||
- path: pkg/golinters/scopelint.go
|
||||
text: 'directive `//nolint:interfacer` is unused for linter interfacer'
|
||||
|
||||
# Independently from option `exclude` we use default exclude patterns,
|
||||
# it can be disabled by this option. To list all
|
||||
# excluded by default patterns execute `golangci-lint run --help`.
|
||||
# Default value for this option is true.
|
||||
exclude-use-default: false
|
||||
run:
|
||||
skip-dirs:
|
||||
- test/testdata_etc
|
||||
- internal/cache
|
||||
- internal/renameio
|
||||
- internal/robustio
|
||||
|
||||
# Maximum issues count per one linter. Set to 0 to disable. Default is 50.
|
||||
max-issues-per-linter: 0
|
||||
|
||||
# Maximum count of issues with the same text. Set to 0 to disable. Default is 3.
|
||||
max-same-issues: 0
|
||||
|
||||
# Show only new issues: if there are unstaged changes or untracked files,
|
||||
# only those changes are analyzed, else only changes in HEAD~ are analyzed.
|
||||
# It's a super-useful option for integration of golangci-lint into existing
|
||||
# large codebase. It's not practical to fix all existing issues at the moment
|
||||
# of integration: much better don't allow issues in new code.
|
||||
# Default is false.
|
||||
new: false
|
||||
|
||||
# Show only new issues created after git revision `REV`
|
||||
#!new-from-rev: REV
|
||||
#new-from-rev: HEAD^
|
||||
|
||||
# Show only new issues created in git patch with set file path.
|
||||
#!new-from-patch: path/to/patch/file
|
||||
# golangci.com configuration
|
||||
# https://github.com/golangci/golangci/wiki/Configuration
|
||||
service:
|
||||
golangci-lint-version: 1.23.x # use the fixed version to not introduce new linters unexpectedly
|
||||
prepare:
|
||||
- echo "here I can run custom commands, but no preparation needed for this repo"
|
||||
|
|
|
@ -1,3 +1,4 @@
|
|||
//go:build linux || freebsd
|
||||
// +build linux freebsd
|
||||
|
||||
package main
|
||||
|
@ -30,7 +31,7 @@ func handleTermResizes(conn *xsnet.Conn) {
|
|||
log.Println(err)
|
||||
}
|
||||
termSzPacket := fmt.Sprintf("%d %d", rows, cols)
|
||||
conn.WritePacket([]byte(termSzPacket), xsnet.CSOTermSize) // nolint: errcheck,gosec
|
||||
conn.WritePacket([]byte(termSzPacket), xsnet.CSOTermSize)
|
||||
}
|
||||
}()
|
||||
ch <- syscall.SIGWINCH // Initial resize.
|
||||
|
|
72
xs/xs.go
72
xs/xs.go
|
@ -1,5 +1,4 @@
|
|||
// xs client
|
||||
|
||||
//
|
||||
// Copyright (c) 2017-2020 Russell Magee
|
||||
// Licensed under the terms of the MIT license (see LICENSE.mit in this
|
||||
|
@ -18,7 +17,6 @@ import (
|
|||
"io/ioutil"
|
||||
"log"
|
||||
"math/rand"
|
||||
"net"
|
||||
"os"
|
||||
"os/exec"
|
||||
"os/user"
|
||||
|
@ -32,7 +30,7 @@ import (
|
|||
"time"
|
||||
|
||||
"net/http"
|
||||
_ "net/http/pprof"
|
||||
_ "net/http/pprof" //nolint:gosec
|
||||
|
||||
xs "blitter.com/go/xs"
|
||||
"blitter.com/go/xs/logger"
|
||||
|
@ -241,7 +239,7 @@ func GetSize() (cols, rows int, err error) {
|
|||
return
|
||||
}
|
||||
|
||||
func buildCmdRemoteToLocal(copyQuiet bool, copyLimitBPS uint, destPath, files string) (captureStderr bool, cmd string, args []string) {
|
||||
func buildCmdRemoteToLocal(copyQuiet bool, copyLimitBPS uint, destPath string) (captureStderr bool, cmd string, args []string) {
|
||||
// Detect if we have 'pv'
|
||||
// pipeview http://www.ivarch.com/programs/pv.shtml
|
||||
// and use it for nice client progress display.
|
||||
|
@ -441,10 +439,9 @@ func doCopyMode(conn *xsnet.Conn, remoteDest bool, files string, copyQuiet bool,
|
|||
log.Println("remote filepath:", string(rec.Cmd()), "local files:", files)
|
||||
destPath := files
|
||||
|
||||
_, cmdName, cmdArgs := buildCmdRemoteToLocal(copyQuiet, copyLimitBPS, destPath, strings.TrimSpace(files))
|
||||
_, cmdName, cmdArgs := buildCmdRemoteToLocal(copyQuiet, copyLimitBPS, destPath)
|
||||
|
||||
var c *exec.Cmd
|
||||
c = exec.Command(cmdName, cmdArgs...) // #nosec
|
||||
c := exec.Command(cmdName, cmdArgs...) // #nosec
|
||||
c.Stdin = conn
|
||||
c.Stdout = os.Stdout
|
||||
c.Stderr = os.Stderr
|
||||
|
@ -557,15 +554,15 @@ func doShellMode(isInteractive bool, conn *xsnet.Conn, oldState *xs.State, rec *
|
|||
}
|
||||
|
||||
func usageShell() {
|
||||
fmt.Fprintf(os.Stderr, "Usage of %s:\n", os.Args[0]) // nolint: errcheck
|
||||
fmt.Fprintf(os.Stderr, "%s [opts] [user]@server\n", os.Args[0]) // nolint: errcheck
|
||||
fmt.Fprintf(os.Stderr, "Usage of %s:\n", os.Args[0])
|
||||
fmt.Fprintf(os.Stderr, "%s [opts] [user]@server\n", os.Args[0])
|
||||
flag.PrintDefaults()
|
||||
}
|
||||
|
||||
func usageCp() {
|
||||
fmt.Fprintf(os.Stderr, "Usage of %s:\n", os.Args[0]) // nolint: errcheck
|
||||
fmt.Fprintf(os.Stderr, "%s [opts] srcFileOrDir [...] [user]@server[:dstpath]\n", os.Args[0]) // nolint: errcheck
|
||||
fmt.Fprintf(os.Stderr, "%s [opts] [user]@server[:srcFileOrDir] dstPath\n", os.Args[0]) // nolint: errcheck
|
||||
fmt.Fprintf(os.Stderr, "Usage of %s:\n", os.Args[0])
|
||||
fmt.Fprintf(os.Stderr, "%s [opts] srcFileOrDir [...] [user]@server[:dstpath]\n", os.Args[0])
|
||||
fmt.Fprintf(os.Stderr, "%s [opts] [user]@server[:srcFileOrDir] dstPath\n", os.Args[0])
|
||||
flag.PrintDefaults()
|
||||
}
|
||||
|
||||
|
@ -581,18 +578,18 @@ func rejectUserMsg() string {
|
|||
//
|
||||
// Server responds with [CSOTunAck:rport] or [CSOTunRefused:rport]
|
||||
// (handled in xsnet.Read())
|
||||
func reqTunnel(hc *xsnet.Conn, lp uint16, p string /*net.Addr*/, rp uint16) {
|
||||
func reqTunnel(hc *xsnet.Conn, lp uint16 /*, p string*/ /*net.Addr*/, rp uint16) {
|
||||
// Write request to server so it can attempt to set up its end
|
||||
var bTmp bytes.Buffer
|
||||
if e := binary.Write(&bTmp, binary.BigEndian, lp); e != nil {
|
||||
fmt.Fprintln(os.Stderr, "reqTunnel:", e) // nolint: errcheck
|
||||
fmt.Fprintln(os.Stderr, "reqTunnel:", e)
|
||||
}
|
||||
if e := binary.Write(&bTmp, binary.BigEndian, rp); e != nil {
|
||||
fmt.Fprintln(os.Stderr, "reqTunnel:", e) // nolint: errcheck
|
||||
fmt.Fprintln(os.Stderr, "reqTunnel:", e)
|
||||
}
|
||||
_ = logger.LogDebug(fmt.Sprintln("[Client sending CSOTunSetup]")) // nolint: gosec
|
||||
_ = logger.LogDebug(fmt.Sprintln("[Client sending CSOTunSetup]"))
|
||||
if n, e := hc.WritePacket(bTmp.Bytes(), xsnet.CSOTunSetup); e != nil || n != len(bTmp.Bytes()) {
|
||||
fmt.Fprintln(os.Stderr, "reqTunnel:", e) // nolint: errcheck
|
||||
fmt.Fprintln(os.Stderr, "reqTunnel:", e)
|
||||
}
|
||||
}
|
||||
|
||||
|
@ -632,7 +629,7 @@ func parseNonSwitchArgs(a []string) (user, host, path string, isDest bool, other
|
|||
}
|
||||
|
||||
func launchTuns(conn *xsnet.Conn, remoteHost string, tuns string) {
|
||||
remAddrs, _ := net.LookupHost(remoteHost) // nolint: gosec
|
||||
/*remAddrs, _ := net.LookupHost(remoteHost)*/
|
||||
|
||||
if tuns == "" {
|
||||
return
|
||||
|
@ -641,8 +638,8 @@ func launchTuns(conn *xsnet.Conn, remoteHost string, tuns string) {
|
|||
tunSpecs := strings.Split(tuns, ",")
|
||||
for _, tunItem := range tunSpecs {
|
||||
var lPort, rPort uint16
|
||||
_, _ = fmt.Sscanf(tunItem, "%d:%d", &lPort, &rPort) // nolint: gosec
|
||||
reqTunnel(conn, lPort, remAddrs[0], rPort)
|
||||
_, _ = fmt.Sscanf(tunItem, "%d:%d", &lPort, &rPort)
|
||||
reqTunnel(conn, lPort /*remAddrs[0],*/, rPort)
|
||||
}
|
||||
}
|
||||
|
||||
|
@ -677,7 +674,7 @@ func sendSessionParams(conn io.Writer /* *xsnet.Conn*/, rec *xs.Session) (e erro
|
|||
}
|
||||
|
||||
// TODO: reduce gocyclo
|
||||
func main() {
|
||||
func main() { //nolint: funlen, gocyclo
|
||||
var (
|
||||
isInteractive bool
|
||||
vopt bool
|
||||
|
@ -799,7 +796,7 @@ func main() {
|
|||
// Set defaults if user doesn't specify user, path or port
|
||||
var uname string
|
||||
if remoteUser == "" {
|
||||
u, _ := user.Current() // nolint: gosec
|
||||
u, _ := user.Current()
|
||||
uname = localUserName(u)
|
||||
} else {
|
||||
uname = remoteUser
|
||||
|
@ -861,7 +858,7 @@ func main() {
|
|||
// either the shell session or copy operation.
|
||||
_ = shellMode
|
||||
|
||||
Log, _ = logger.New(logger.LOG_USER|logger.LOG_DEBUG|logger.LOG_NOTICE|logger.LOG_ERR, "xs") // nolint: errcheck,gosec
|
||||
Log, _ = logger.New(logger.LOG_USER|logger.LOG_DEBUG|logger.LOG_NOTICE|logger.LOG_ERR, "xs")
|
||||
xsnet.Init(dbg, "xs", logger.LOG_USER|logger.LOG_DEBUG|logger.LOG_NOTICE|logger.LOG_ERR)
|
||||
if dbg {
|
||||
log.SetOutput(Log)
|
||||
|
@ -873,15 +870,15 @@ func main() {
|
|||
|
||||
if !gopt {
|
||||
// See if we can log in via an auth token
|
||||
u, _ := user.Current() // nolint: gosec
|
||||
u, _ := user.Current()
|
||||
ab, aerr := ioutil.ReadFile(fmt.Sprintf("%s/.xs_id", u.HomeDir))
|
||||
if aerr == nil {
|
||||
for _, line := range strings.Split(string(ab), "\n") {
|
||||
line = line + "\n"
|
||||
idx := strings.Index(string(line), remoteHost+":"+uname)
|
||||
idx := strings.Index(line, remoteHost+":"+uname)
|
||||
if idx >= 0 {
|
||||
line = line[idx:]
|
||||
entries := strings.SplitN(string(line), "\n", -1)
|
||||
entries := strings.SplitN(line, "\n", -1)
|
||||
authCookie = strings.TrimSpace(entries[0])
|
||||
// Security scrub
|
||||
line = ""
|
||||
|
@ -891,7 +888,6 @@ func main() {
|
|||
if authCookie == "" {
|
||||
_, _ = fmt.Fprintln(os.Stderr, "[no authtoken, use -g to request one from server]")
|
||||
}
|
||||
|
||||
} else {
|
||||
log.Printf("[cannot read %s/.xs_id]\n", u.HomeDir)
|
||||
}
|
||||
|
@ -915,7 +911,7 @@ func main() {
|
|||
// We must make the decision about interactivity before Dial()
|
||||
// as it affects chaffing behaviour. 20180805
|
||||
if gopt {
|
||||
fmt.Fprintln(os.Stderr, "[requesting authtoken from server]") // nolint: errcheck
|
||||
fmt.Fprintln(os.Stderr, "[requesting authtoken from server]")
|
||||
op = []byte{'A'}
|
||||
chaffFreqMin = 2
|
||||
chaffFreqMax = 10
|
||||
|
@ -969,7 +965,7 @@ func main() {
|
|||
// TODO: send flag to server side indicating this
|
||||
// affects shell command used
|
||||
var oldState *xs.State
|
||||
defer conn.Close() // nolint: errcheck
|
||||
defer conn.Close()
|
||||
|
||||
//=== From this point on, conn is a secure encrypted channel
|
||||
|
||||
|
@ -1023,13 +1019,13 @@ func main() {
|
|||
if sendErr != nil {
|
||||
restoreTermState(oldState)
|
||||
rec.SetStatus(254)
|
||||
fmt.Fprintln(os.Stderr, "Error: server rejected secure proposal params or login timed out") // nolint: errcheck
|
||||
fmt.Fprintln(os.Stderr, "Error: server rejected secure proposal params or login timed out")
|
||||
exitWithStatus(int(rec.Status()))
|
||||
//log.Fatal(sendErr)
|
||||
}
|
||||
|
||||
//Security scrub
|
||||
authCookie = "" // nolint: ineffassign
|
||||
authCookie = "" //nolint: ineffassign
|
||||
runtime.GC()
|
||||
|
||||
//=== Login Auth
|
||||
|
@ -1039,11 +1035,11 @@ func main() {
|
|||
_, err = conn.Read(authReply)
|
||||
if err != nil {
|
||||
//=== Exit if auth reply not received
|
||||
fmt.Fprintln(os.Stderr, "Error reading auth reply") // nolint: errcheck
|
||||
fmt.Fprintln(os.Stderr, "Error reading auth reply")
|
||||
rec.SetStatus(255)
|
||||
} else if authReply[0] == 0 {
|
||||
//=== .. or if auth failed
|
||||
fmt.Fprintln(os.Stderr, rejectUserMsg()) // nolint: errcheck
|
||||
fmt.Fprintln(os.Stderr, rejectUserMsg())
|
||||
rec.SetStatus(255)
|
||||
} else {
|
||||
//=== Set up chaffing to server
|
||||
|
@ -1065,11 +1061,11 @@ func main() {
|
|||
keepAliveWorker := func() {
|
||||
for {
|
||||
// Add a bit of jitter to keepAlive so it doesn't stand out quite as much
|
||||
time.Sleep(time.Duration(2000-rand.Intn(200)) * time.Millisecond)
|
||||
time.Sleep(time.Duration(2000-rand.Intn(200)) * time.Millisecond) //nolint:gosec
|
||||
// FIXME: keepAlives should probably have small random packet len/data as well
|
||||
// to further obscure them vs. interactive or tunnel data
|
||||
// keepAlives must be >=2 bytes, due to processing elsewhere
|
||||
conn.WritePacket([]byte{0, 0}, xsnet.CSOTunKeepAlive) // nolint: errcheck,gosec
|
||||
conn.WritePacket([]byte{0, 0}, xsnet.CSOTunKeepAlive) //nolint: errcheck
|
||||
}
|
||||
}
|
||||
go keepAliveWorker()
|
||||
|
@ -1082,13 +1078,13 @@ func main() {
|
|||
doShellMode(isInteractive, &conn, oldState, rec)
|
||||
} else {
|
||||
//=== (.. or file copy)
|
||||
s, _ := doCopyMode(&conn, pathIsDest, fileArgs, copyQuiet, copyLimitBPS, rec) // nolint: errcheck,gosec
|
||||
s, _ := doCopyMode(&conn, pathIsDest, fileArgs, copyQuiet, copyLimitBPS, rec)
|
||||
rec.SetStatus(s)
|
||||
}
|
||||
|
||||
if rec.Status() != 0 {
|
||||
restoreTermState(oldState)
|
||||
fmt.Fprintln(os.Stderr, "Session exited with status:", rec.Status()) // nolint: errcheck
|
||||
fmt.Fprintln(os.Stderr, "Session exited with status:", rec.Status())
|
||||
}
|
||||
}
|
||||
|
||||
|
@ -1115,7 +1111,7 @@ func localUserName(u *user.User) string {
|
|||
}
|
||||
|
||||
func restoreTermState(oldState *xs.State) {
|
||||
_ = xs.Restore(os.Stdin.Fd(), oldState) // nolint: errcheck,gosec
|
||||
_ = xs.Restore(os.Stdin.Fd(), oldState)
|
||||
}
|
||||
|
||||
// exitWithStatus wraps os.Exit() plus does any required pprof housekeeping
|
||||
|
|
|
@ -11,6 +11,10 @@
|
|||
|
||||
set -e
|
||||
|
||||
echo "SET XSD_OPTS in this script to define allow KEX, cipher and hmac algs"
|
||||
#XSD_OPTS="-L -aK KEX_all -aC C_all -aH H_all"
|
||||
exit 1
|
||||
|
||||
# /etc/init.d/xsd: start and stop the eXperimental "secure" Shell Daemon
|
||||
|
||||
test -x /usr/local/sbin/xsd || exit 0
|
||||
|
|
Loading…
Reference in a new issue