summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorMohammed Al Sahaf <msaa1990@gmail.com>2019-10-16 00:37:46 +0300
committerMatt Holt <mholt@users.noreply.github.com>2019-10-15 15:37:46 -0600
commite3726588b416682db28ea9173bf2c36e4554ce05 (patch)
tree134ff2406bb89000b20555c84cf1b68154835a56
parentabf5ab340ed76792214ae80c62df7abe0ad1b8a8 (diff)
v2: Project-and-CI-wide linter config (#2812)
* v2: split golangci-lint configuration into its own file to allow code editors to take advantage of it * v2: simplify code * v2: set the correct lint output formatting * v2: invert the logic of linter's configuration of output formatting to allow the editor convenience over CI-specific customization. Customize the output format in CI by passing the flag. * v2: remove irrelevant golangci-lint config
-rw-r--r--.golangci.yml49
-rw-r--r--azure-pipelines.yml3
-rwxr-xr-xcaddyconfig/caddyfile/lexer.go1
-rw-r--r--cmd/main.go1
-rw-r--r--modules/caddyhttp/server.go2
5 files changed, 52 insertions, 4 deletions
diff --git a/.golangci.yml b/.golangci.yml
new file mode 100644
index 0000000..5429e1a
--- /dev/null
+++ b/.golangci.yml
@@ -0,0 +1,49 @@
+linters-settings:
+ errcheck:
+ ignore: fmt:.*,io/ioutil:^Read.*,github.com/caddyserver/caddy/v2/caddyconfig:RegisterAdapter,github.com/caddyserver/caddy/v2:RegisterModule
+ ignoretests: true
+ misspell:
+ locale: US
+
+linters:
+ enable:
+ - bodyclose
+ - errcheck
+ - gofmt
+ - goimports
+ - gosec
+ - ineffassign
+ - misspell
+
+run:
+ # default concurrency is a available CPU number.
+ # concurrency: 4 # explicitly omit this value to fully utilize available resources.
+ deadline: 5m
+ issues-exit-code: 1
+ tests: false
+
+# output configuration options
+output:
+ format: 'colored-line-number'
+ print-issued-lines: true
+ print-linter-name: true
+
+issues:
+ exclude-rules:
+ # we aren't calling unknown URL
+ - text: "G107" # G107: Url provided to HTTP request as taint input
+ linters:
+ - gosec
+ # as a web server that's expected to handle any template, this is totally in the hands of the user.
+ - text: "G203" # G203: Use of unescaped data in HTML templates
+ linters:
+ - gosec
+ # we're shelling out to known commands, not relying on user-defined input.
+ - text: "G204" # G204: Audit use of command execution
+ linters:
+ - gosec
+ # the choice of weakrand is deliberate, hence the named import "weakrand"
+ - path: modules/caddyhttp/reverseproxy/selectionpolicies.go
+ text: "G404" # G404: Insecure random number source (rand)
+ linters:
+ - gosec
diff --git a/azure-pipelines.yml b/azure-pipelines.yml
index fbee6fb..8c86cd8 100644
--- a/azure-pipelines.yml
+++ b/azure-pipelines.yml
@@ -89,7 +89,8 @@ steps:
displayName: Get dependencies
- script: |
- (golangci-lint run --out-format junit-xml -E gofmt -E goimports -E misspell) > test-results/lint-result.xml
+ # its behavior is governed by .golangci.yml
+ (golangci-lint run --out-format junit-xml) > test-results/lint-result.xml
exit 0
workingDirectory: '$(modulePath)'
continueOnError: true
diff --git a/caddyconfig/caddyfile/lexer.go b/caddyconfig/caddyfile/lexer.go
index c0b6e1d..0ddad0e 100755
--- a/caddyconfig/caddyfile/lexer.go
+++ b/caddyconfig/caddyfile/lexer.go
@@ -107,7 +107,6 @@ func (l *lexer) next() bool {
escaped = false
} else {
if ch == '"' {
- quoted = false
return makeToken()
}
}
diff --git a/cmd/main.go b/cmd/main.go
index aea020f..6447e73 100644
--- a/cmd/main.go
+++ b/cmd/main.go
@@ -118,7 +118,6 @@ func loadConfig(configFile, adapterName string) ([]byte, error) {
if os.IsNotExist(err) {
// okay, no default Caddyfile; pretend like this never happened
cfgAdapter = nil
- err = nil
} else if err != nil {
// default Caddyfile exists, but error reading it
return nil, fmt.Errorf("reading default Caddyfile: %v", err)
diff --git a/modules/caddyhttp/server.go b/modules/caddyhttp/server.go
index c4c306e..366a307 100644
--- a/modules/caddyhttp/server.go
+++ b/modules/caddyhttp/server.go
@@ -169,7 +169,7 @@ func (s *Server) enforcementHandler(w http.ResponseWriter, r *http.Request, next
if err != nil {
hostname = r.Host // OK; probably lacked port
}
- if strings.ToLower(r.TLS.ServerName) != strings.ToLower(hostname) {
+ if !strings.EqualFold(r.TLS.ServerName, hostname) {
err := fmt.Errorf("strict host matching: TLS ServerName (%s) and HTTP Host (%s) values differ",
r.TLS.ServerName, hostname)
r.Close = true