refactor: fix many linter warnings
This commit is contained in:
parent
43e4f2a6f0
commit
68b88bc766
SSH key fingerprint:
SHA256:l7PFUUF5TCDsvYeQC9OnTNz08dFY7Fvf4Hv3neIqYpg
7 changed files with 191 additions and 163 deletions
|
|
@ -4,19 +4,19 @@ import (
|
|||
"bufio"
|
||||
"crypto/tls"
|
||||
"crypto/x509"
|
||||
"errors"
|
||||
"fmt"
|
||||
"net"
|
||||
"net/textproto"
|
||||
"os"
|
||||
"strconv"
|
||||
"strings"
|
||||
"time"
|
||||
|
||||
"github.com/karrick/golf"
|
||||
|
||||
"nocternity.net/gomonop/pkg/perfdata"
|
||||
"nocternity.net/gomonop/pkg/plugin"
|
||||
"nocternity.net/gomonop/pkg/program"
|
||||
|
||||
"github.com/karrick/golf"
|
||||
)
|
||||
|
||||
//--------------------------------------------------------------------------------------------------------
|
||||
|
|
@ -26,7 +26,7 @@ type certGetter interface {
|
|||
getCertificate(tlsConfig *tls.Config, address string) (*x509.Certificate, error)
|
||||
}
|
||||
|
||||
// Full TLS certificate fetcher
|
||||
// Full TLS certificate fetcher.
|
||||
type fullTLSGetter struct{}
|
||||
|
||||
func (f fullTLSGetter) getCertificate(tlsConfig *tls.Config, address string) (*x509.Certificate, error) {
|
||||
|
|
@ -41,17 +41,18 @@ func (f fullTLSGetter) getCertificate(tlsConfig *tls.Config, address string) (*x
|
|||
return conn.ConnectionState().PeerCertificates[0], nil
|
||||
}
|
||||
|
||||
// SMTP+STARTTLS certificate getter
|
||||
// SMTP+STARTTLS certificate getter.
|
||||
type smtpGetter struct{}
|
||||
|
||||
func (f smtpGetter) cmd(tcon *textproto.Conn, expectCode int, text string) (int, string, error) {
|
||||
func (f smtpGetter) cmd(tcon *textproto.Conn, expectCode int, text string) error {
|
||||
id, err := tcon.Cmd("%s", text)
|
||||
if err != nil {
|
||||
return 0, "", err
|
||||
return err
|
||||
}
|
||||
tcon.StartResponse(id)
|
||||
defer tcon.EndResponse(id)
|
||||
return tcon.ReadResponse(expectCode)
|
||||
_, _, err = tcon.ReadResponse(expectCode)
|
||||
return err
|
||||
}
|
||||
|
||||
func (f smtpGetter) getCertificate(tlsConfig *tls.Config, address string) (*x509.Certificate, error) {
|
||||
|
|
@ -64,10 +65,10 @@ func (f smtpGetter) getCertificate(tlsConfig *tls.Config, address string) (*x509
|
|||
if _, _, err := text.ReadResponse(220); err != nil {
|
||||
return nil, err
|
||||
}
|
||||
if _, _, err := f.cmd(text, 250, "HELO localhost"); err != nil {
|
||||
if err := f.cmd(text, 250, "HELO localhost"); err != nil {
|
||||
return nil, err
|
||||
}
|
||||
if _, _, err := f.cmd(text, 220, "STARTTLS"); err != nil {
|
||||
if err := f.cmd(text, 220, "STARTTLS"); err != nil {
|
||||
return nil, err
|
||||
}
|
||||
t := tls.Client(conn, tlsConfig)
|
||||
|
|
@ -77,9 +78,17 @@ func (f smtpGetter) getCertificate(tlsConfig *tls.Config, address string) (*x509
|
|||
return t.ConnectionState().PeerCertificates[0], nil
|
||||
}
|
||||
|
||||
// ManageSieve STARTTLS certificate getter
|
||||
// ManageSieve STARTTLS certificate getter.
|
||||
type sieveGetter struct{}
|
||||
|
||||
type sieveError struct {
|
||||
msg string
|
||||
}
|
||||
|
||||
func (e sieveError) Error() string {
|
||||
return "Sieve error: " + e.msg
|
||||
}
|
||||
|
||||
func (f sieveGetter) waitOK(conn net.Conn) error {
|
||||
scanner := bufio.NewScanner(conn)
|
||||
for scanner.Scan() {
|
||||
|
|
@ -88,10 +97,10 @@ func (f sieveGetter) waitOK(conn net.Conn) error {
|
|||
return nil
|
||||
}
|
||||
if strings.HasPrefix(line, "NO ") {
|
||||
return errors.New(line[3:])
|
||||
return sieveError{msg: line[3:]}
|
||||
}
|
||||
if strings.HasPrefix(line, "BYE ") {
|
||||
return errors.New(line[4:])
|
||||
return sieveError{msg: line[4:]}
|
||||
}
|
||||
}
|
||||
return scanner.Err()
|
||||
|
|
@ -123,23 +132,23 @@ func (f sieveGetter) getCertificate(tlsConfig *tls.Config, address string) (*x50
|
|||
return t.ConnectionState().PeerCertificates[0], nil
|
||||
}
|
||||
|
||||
// Supported StartTLS protocols
|
||||
var certGetters map[string]certGetter = map[string]certGetter{
|
||||
// Supported StartTLS protocols.
|
||||
var certGetters = map[string]certGetter{
|
||||
"": fullTLSGetter{},
|
||||
"smtp": &smtpGetter{},
|
||||
"sieve": &sieveGetter{},
|
||||
}
|
||||
|
||||
// Get a string that represents supported StartTLS protocols
|
||||
// Get a string that represents supported StartTLS protocols.
|
||||
func listSupportedGetters() string {
|
||||
sb := strings.Builder{}
|
||||
strBuilder := strings.Builder{}
|
||||
for key := range certGetters {
|
||||
if sb.Len() != 0 {
|
||||
sb.WriteString(", ")
|
||||
if strBuilder.Len() != 0 {
|
||||
strBuilder.WriteString(", ")
|
||||
}
|
||||
sb.WriteString(key)
|
||||
strBuilder.WriteString(key)
|
||||
}
|
||||
return sb.String()
|
||||
return strBuilder.String()
|
||||
}
|
||||
|
||||
//--------------------------------------------------------------------------------------------------------
|
||||
|
|
@ -227,7 +236,7 @@ func (program *checkProgram) CheckArguments() bool {
|
|||
return false
|
||||
}
|
||||
if _, ok := certGetters[program.startTLS]; !ok {
|
||||
errstr := fmt.Sprintf("unsupported StartTLS protocol %s", program.startTLS)
|
||||
errstr := "unsupported StartTLS protocol " + program.startTLS
|
||||
program.plugin.SetState(plugin.UNKNOWN, errstr)
|
||||
return false
|
||||
}
|
||||
|
|
@ -239,6 +248,7 @@ func (program *checkProgram) CheckArguments() bool {
|
|||
// if connecting or performing the TLS handshake fail.
|
||||
func (program *checkProgram) getCertificate() error {
|
||||
tlsConfig := &tls.Config{
|
||||
//nolint:gosec // The whole point is to read the certificate.
|
||||
InsecureSkipVerify: true,
|
||||
MinVersion: tls.VersionTLS10,
|
||||
}
|
||||
|
|
@ -273,7 +283,7 @@ func (program *checkProgram) checkHostName(name string) bool {
|
|||
return true
|
||||
}
|
||||
}
|
||||
program.plugin.AddLine(fmt.Sprintf("missing DNS name %s in certificate", name))
|
||||
program.plugin.AddLine("missing DNS name " + name + " in certificate")
|
||||
return false
|
||||
}
|
||||
|
||||
|
|
@ -283,35 +293,41 @@ func (program *checkProgram) checkNames() bool {
|
|||
if len(program.certificate.DNSNames) == 0 {
|
||||
return program.checkSANlessCertificate()
|
||||
}
|
||||
ok := program.checkHostName(program.hostname)
|
||||
certificateIsOk := program.checkHostName(program.hostname)
|
||||
for _, name := range program.extraNames {
|
||||
ok = program.checkHostName(name) && ok
|
||||
certificateIsOk = program.checkHostName(name) && certificateIsOk
|
||||
}
|
||||
if !ok {
|
||||
if !certificateIsOk {
|
||||
program.plugin.SetState(plugin.CRITICAL, "names missing from SAN domain names")
|
||||
}
|
||||
return ok
|
||||
return certificateIsOk
|
||||
}
|
||||
|
||||
// Check a certificate's time to expiry agains the warning and critical
|
||||
// Check a certificate's time to expiry against the warning and critical
|
||||
// thresholds, returning a status code and description based on these
|
||||
// values.
|
||||
func (program *checkProgram) checkCertificateExpiry(tlDays int) (plugin.Status, string) {
|
||||
if tlDays <= 0 {
|
||||
return plugin.CRITICAL, "certificate expired"
|
||||
}
|
||||
|
||||
var limitStr string
|
||||
var state plugin.Status
|
||||
if program.crit > 0 && tlDays <= program.crit {
|
||||
|
||||
switch {
|
||||
case program.crit > 0 && tlDays <= program.crit:
|
||||
limitStr = fmt.Sprintf(" (<= %d)", program.crit)
|
||||
state = plugin.CRITICAL
|
||||
} else if program.warn > 0 && tlDays <= program.warn {
|
||||
|
||||
case program.warn > 0 && tlDays <= program.warn:
|
||||
limitStr = fmt.Sprintf(" (<= %d)", program.warn)
|
||||
state = plugin.WARNING
|
||||
} else {
|
||||
|
||||
default:
|
||||
limitStr = ""
|
||||
state = plugin.OK
|
||||
}
|
||||
|
||||
statusString := fmt.Sprintf("certificate will expire in %d days%s",
|
||||
tlDays, limitStr)
|
||||
return state, statusString
|
||||
|
|
@ -320,12 +336,12 @@ func (program *checkProgram) checkCertificateExpiry(tlDays int) (plugin.Status,
|
|||
// Set the plugin's performance data based on the time left before the
|
||||
// certificate expires and the thresholds.
|
||||
func (program *checkProgram) setPerfData(tlDays int) {
|
||||
pdat := perfdata.New("validity", perfdata.UOM_NONE, fmt.Sprintf("%d", tlDays))
|
||||
pdat := perfdata.New("validity", perfdata.UomNone, strconv.Itoa(tlDays))
|
||||
if program.crit > 0 {
|
||||
pdat.SetCrit(perfdata.PDRMax(fmt.Sprint(program.crit)))
|
||||
pdat.SetCrit(perfdata.PDRMax(strconv.Itoa(program.crit)))
|
||||
}
|
||||
if program.warn > 0 {
|
||||
pdat.SetWarn(perfdata.PDRMax(fmt.Sprint(program.warn)))
|
||||
pdat.SetWarn(perfdata.PDRMax(strconv.Itoa(program.warn)))
|
||||
}
|
||||
program.plugin.AddPerfData(pdat)
|
||||
}
|
||||
|
|
|
|||
|
|
@ -5,15 +5,16 @@ import (
|
|||
"net"
|
||||
"os"
|
||||
"reflect"
|
||||
"strconv"
|
||||
"strings"
|
||||
"time"
|
||||
|
||||
"github.com/karrick/golf"
|
||||
"github.com/miekg/dns"
|
||||
|
||||
"nocternity.net/gomonop/pkg/perfdata"
|
||||
"nocternity.net/gomonop/pkg/plugin"
|
||||
"nocternity.net/gomonop/pkg/program"
|
||||
|
||||
"github.com/karrick/golf"
|
||||
"github.com/miekg/dns"
|
||||
)
|
||||
|
||||
//-------------------------------------------------------------------------------------------------------
|
||||
|
|
@ -33,7 +34,7 @@ type (
|
|||
// Query a zone's SOA record through a given DNS and return the response using the channel.
|
||||
func queryZoneSOA(dnsq *dns.Msg, hostname string, port int, output responseChannel) {
|
||||
dnsc := new(dns.Client)
|
||||
in, rtt, err := dnsc.Exchange(dnsq, net.JoinHostPort(hostname, fmt.Sprintf("%d", port)))
|
||||
in, rtt, err := dnsc.Exchange(dnsq, net.JoinHostPort(hostname, strconv.Itoa(port)))
|
||||
output <- queryResponse{
|
||||
data: in,
|
||||
rtt: rtt,
|
||||
|
|
@ -88,7 +89,7 @@ func NewProgram() program.Program {
|
|||
func (program *checkProgram) Done() {
|
||||
if r := recover(); r != nil {
|
||||
program.plugin.SetState(plugin.UNKNOWN, "Internal error")
|
||||
program.plugin.AddLine("Error info: %v", r)
|
||||
program.plugin.AddLinef("Error info: %v", r)
|
||||
}
|
||||
program.plugin.Done()
|
||||
}
|
||||
|
|
@ -131,7 +132,7 @@ func (program *checkProgram) queryServers() (queryResponse, queryResponse) {
|
|||
go queryZoneSOA(dnsq, program.hostname, program.port, checkOut)
|
||||
go queryZoneSOA(dnsq, program.rsHostname, program.rsPort, refOut)
|
||||
var checkResponse, refResponse queryResponse
|
||||
for i := 0; i < 2; i++ {
|
||||
for range 2 {
|
||||
select {
|
||||
case m := <-checkOut:
|
||||
checkResponse = m
|
||||
|
|
@ -145,7 +146,7 @@ func (program *checkProgram) queryServers() (queryResponse, queryResponse) {
|
|||
// Add a server's RTT to the performance data.
|
||||
func (program *checkProgram) addRttPerf(name string, value time.Duration) {
|
||||
s := fmt.Sprintf("%f", value.Seconds())
|
||||
pd := perfdata.New(name, perfdata.UOM_SECONDS, s)
|
||||
pd := perfdata.New(name, perfdata.UomSeconds, s)
|
||||
program.plugin.AddPerfData(pd)
|
||||
}
|
||||
|
||||
|
|
@ -155,20 +156,20 @@ func (program *checkProgram) addRttPerf(name string, value time.Duration) {
|
|||
// successful.
|
||||
func (program *checkProgram) getSerial(server string, response queryResponse) (ok bool, serial uint32) {
|
||||
if response.err != nil {
|
||||
program.plugin.AddLine("%s server error : %s", server, response.err)
|
||||
program.plugin.AddLinef("%s server error : %s", server, response.err)
|
||||
return false, 0
|
||||
}
|
||||
program.addRttPerf(fmt.Sprintf("%s_rtt", server), response.rtt)
|
||||
program.addRttPerf(server+"_rtt", response.rtt)
|
||||
if len(response.data.Answer) != 1 {
|
||||
program.plugin.AddLine("%s server did not return exactly one record", server)
|
||||
program.plugin.AddLine(server + " server did not return exactly one record")
|
||||
return false, 0
|
||||
}
|
||||
if soa, ok := response.data.Answer[0].(*dns.SOA); ok {
|
||||
program.plugin.AddLine("serial on %s server: %d", server, soa.Serial)
|
||||
program.plugin.AddLinef("serial on %s server: %d", server, soa.Serial)
|
||||
return true, soa.Serial
|
||||
}
|
||||
t := reflect.TypeOf(response.data.Answer[0])
|
||||
program.plugin.AddLine("%s server did not return SOA record; record type: %v", server, t)
|
||||
program.plugin.AddLinef("%s server did not return SOA record; record type: %v", server, t)
|
||||
return false, 0
|
||||
}
|
||||
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue