Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

all: use error wrap when possible #253

Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
all: use error wrap when possible
sapk committed Mar 1, 2023
commit 7527590b58dea491c161aa68953fce34aa75ca76
8 changes: 4 additions & 4 deletions acme/acme.go
Original file line number Diff line number Diff line change
@@ -373,7 +373,7 @@ func (c *Client) authorize(ctx context.Context, typ, val string) (*Authorization

var v wireAuthz
if err := json.NewDecoder(res.Body).Decode(&v); err != nil {
return nil, fmt.Errorf("acme: invalid response: %v", err)
return nil, fmt.Errorf("acme: invalid response: %w", err)
}
if v.Status != StatusPending && v.Status != StatusValid {
return nil, fmt.Errorf("acme: unexpected status: %s", v.Status)
@@ -397,7 +397,7 @@ func (c *Client) GetAuthorization(ctx context.Context, url string) (*Authorizati
defer res.Body.Close()
var v wireAuthz
if err := json.NewDecoder(res.Body).Decode(&v); err != nil {
return nil, fmt.Errorf("acme: invalid response: %v", err)
return nil, fmt.Errorf("acme: invalid response: %w", err)
}
return v.authorization(url), nil
}
@@ -500,7 +500,7 @@ func (c *Client) GetChallenge(ctx context.Context, url string) (*Challenge, erro
defer res.Body.Close()
v := wireChallenge{URI: url}
if err := json.NewDecoder(res.Body).Decode(&v); err != nil {
return nil, fmt.Errorf("acme: invalid response: %v", err)
return nil, fmt.Errorf("acme: invalid response: %w", err)
}
return v.challenge(), nil
}
@@ -525,7 +525,7 @@ func (c *Client) Accept(ctx context.Context, chal *Challenge) (*Challenge, error

var v wireChallenge
if err := json.NewDecoder(res.Body).Decode(&v); err != nil {
return nil, fmt.Errorf("acme: invalid response: %v", err)
return nil, fmt.Errorf("acme: invalid response: %w", err)
}
return v.challenge(), nil
}
6 changes: 3 additions & 3 deletions acme/autocert/internal/acmetest/ca.go
Original file line number Diff line number Diff line change
@@ -467,7 +467,7 @@ func (ca *CAServer) handle(w http.ResponseWriter, r *http.Request) {
func (ca *CAServer) storedOrder(i string) (*order, error) {
idx, err := strconv.Atoi(i)
if err != nil {
return nil, fmt.Errorf("storedOrder: %v", err)
return nil, fmt.Errorf("storedOrder: %w", err)
}
if idx < 0 {
return nil, fmt.Errorf("storedOrder: invalid order index %d", idx)
@@ -485,7 +485,7 @@ func (ca *CAServer) storedOrder(i string) (*order, error) {
func (ca *CAServer) storedAuthz(i string) (*authorization, error) {
idx, err := strconv.Atoi(i)
if err != nil {
return nil, fmt.Errorf("storedAuthz: %v", err)
return nil, fmt.Errorf("storedAuthz: %w", err)
}
if idx < 0 {
return nil, fmt.Errorf("storedAuthz: invalid authz index %d", idx)
@@ -700,7 +700,7 @@ func (ca *CAServer) verifyALPNChallenge(a *authorization) error {
}

if err := crt.VerifyHostname(a.domain); err != nil {
return fmt.Errorf("verifyALPNChallenge: VerifyHostname: %v", err)
return fmt.Errorf("verifyALPNChallenge: VerifyHostname: %w", err)
}
// See RFC 8737, Section 6.1.
oid := asn1.ObjectIdentifier{1, 3, 6, 1, 5, 5, 7, 1, 31}
16 changes: 8 additions & 8 deletions acme/internal/acmeprobe/prober.go
Original file line number Diff line number Diff line change
@@ -301,7 +301,7 @@ func (p *prober) fulfill(ctx context.Context, z *acme.Authorization) error {
func (p *prober) runTLSALPN01(ctx context.Context, z *acme.Authorization, chal *acme.Challenge) error {
tokenCert, err := p.client.TLSALPN01ChallengeCert(chal.Token, z.Identifier.Value)
if err != nil {
return fmt.Errorf("TLSALPN01ChallengeCert: %v", err)
return fmt.Errorf("TLSALPN01ChallengeCert: %w", err)
}
s := &http.Server{
Addr: p.localAddr,
@@ -321,7 +321,7 @@ func (p *prober) runTLSALPN01(ctx context.Context, z *acme.Authorization, chal *
defer s.Close()

if _, err := p.client.Accept(ctx, chal); err != nil {
return fmt.Errorf("Accept(%q): %v", chal.URI, err)
return fmt.Errorf("Accept(%q): %w", chal.URI, err)
}
_, zerr := p.client.WaitAuthorization(ctx, z.URI)
return zerr
@@ -330,7 +330,7 @@ func (p *prober) runTLSALPN01(ctx context.Context, z *acme.Authorization, chal *
func (p *prober) runHTTP01(ctx context.Context, z *acme.Authorization, chal *acme.Challenge) error {
body, err := p.client.HTTP01ChallengeResponse(chal.Token)
if err != nil {
return fmt.Errorf("HTTP01ChallengeResponse: %v", err)
return fmt.Errorf("HTTP01ChallengeResponse: %w", err)
}
s := &http.Server{
Addr: p.localAddr,
@@ -347,7 +347,7 @@ func (p *prober) runHTTP01(ctx context.Context, z *acme.Authorization, chal *acm
defer s.Close()

if _, err := p.client.Accept(ctx, chal); err != nil {
return fmt.Errorf("Accept(%q): %v", chal.URI, err)
return fmt.Errorf("Accept(%q): %w", chal.URI, err)
}
_, zerr := p.client.WaitAuthorization(ctx, z.URI)
return zerr
@@ -356,7 +356,7 @@ func (p *prober) runHTTP01(ctx context.Context, z *acme.Authorization, chal *acm
func (p *prober) runDNS01(ctx context.Context, z *acme.Authorization, chal *acme.Challenge) error {
token, err := p.client.DNS01ChallengeRecord(chal.Token)
if err != nil {
return fmt.Errorf("DNS01ChallengeRecord: %v", err)
return fmt.Errorf("DNS01ChallengeRecord: %w", err)
}

name := fmt.Sprintf("_acme-challenge.%s", z.Identifier.Value)
@@ -365,11 +365,11 @@ func (p *prober) runDNS01(ctx context.Context, z *acme.Authorization, chal *acme
cmd.Stdout = os.Stdout
cmd.Stderr = os.Stderr
if err := cmd.Run(); err != nil {
return fmt.Errorf("%s: %v", p.dnsScript, err)
return fmt.Errorf("%s: %w", p.dnsScript, err)
}

if _, err := p.client.Accept(ctx, chal); err != nil {
return fmt.Errorf("Accept(%q): %v", chal.URI, err)
return fmt.Errorf("Accept(%q): %w", chal.URI, err)
}
_, zerr := p.client.WaitAuthorization(ctx, z.URI)
return zerr
@@ -389,7 +389,7 @@ func checkCert(derChain [][]byte, id []acme.AuthzID) error {
for i, b := range derChain {
crt, err := x509.ParseCertificate(b)
if err != nil {
return fmt.Errorf("%d: ParseCertificate: %v", i, err)
return fmt.Errorf("%d: ParseCertificate: %w", i, err)
}
log.Printf("%d: serial: 0x%s", i, crt.SerialNumber)
log.Printf("%d: subject: %s", i, crt.Subject)
10 changes: 5 additions & 5 deletions acme/rfc8555.go
Original file line number Diff line number Diff line change
@@ -60,7 +60,7 @@ func (c *Client) registerRFC(ctx context.Context, acct *Account, prompt func(tos
if acct.ExternalAccountBinding != nil {
eabJWS, err := c.encodeExternalAccountBinding(acct.ExternalAccountBinding)
if err != nil {
return nil, fmt.Errorf("acme: failed to encode external account binding: %v", err)
return nil, fmt.Errorf("acme: failed to encode external account binding: %w", err)
}
req.ExternalAccountBinding = eabJWS
}
@@ -140,7 +140,7 @@ func responseAccount(res *http.Response) (*Account, error) {
Orders string
}
if err := json.NewDecoder(res.Body).Decode(&v); err != nil {
return nil, fmt.Errorf("acme: invalid account response: %v", err)
return nil, fmt.Errorf("acme: invalid account response: %w", err)
}
return &Account{
URI: res.Header.Get("Location"),
@@ -307,7 +307,7 @@ func responseOrder(res *http.Response) (*Order, error) {
Certificate string
}
if err := json.NewDecoder(res.Body).Decode(&v); err != nil {
return nil, fmt.Errorf("acme: error reading order: %v", err)
return nil, fmt.Errorf("acme: error reading order: %w", err)
}
o := &Order{
URI: res.Header.Get("Location"),
@@ -391,7 +391,7 @@ func (c *Client) fetchCertRFC(ctx context.Context, url string, bundle bool) ([][
const max = maxCertChainSize + maxCertChainSize/33
b, err := io.ReadAll(io.LimitReader(res.Body, max+1))
if err != nil {
return nil, fmt.Errorf("acme: fetch cert response stream: %v", err)
return nil, fmt.Errorf("acme: fetch cert response stream: %w", err)
}
if len(b) > max {
return nil, errors.New("acme: certificate chain is too big")
@@ -469,7 +469,7 @@ func (c *Client) ListCertAlternates(ctx context.Context, url string) ([]string,
// We don't need the body but we need to discard it so we don't end up
// preventing keep-alive
if _, err := io.Copy(io.Discard, res.Body); err != nil {
return nil, fmt.Errorf("acme: cert alternates response stream: %v", err)
return nil, fmt.Errorf("acme: cert alternates response stream: %w", err)
}
alts := linkHeader(res.Header, "alternate")
return alts, nil
4 changes: 2 additions & 2 deletions ssh/agent/client.go
Original file line number Diff line number Diff line change
@@ -240,7 +240,7 @@ type Key struct {
}

func clientErr(err error) error {
return fmt.Errorf("agent: client error: %v", err)
return fmt.Errorf("agent: client error: %w", err)
}

// String returns the storage form of an agent key with the format, base64
@@ -269,7 +269,7 @@ func (k *Key) Marshal() []byte {
func (k *Key) Verify(data []byte, sig *ssh.Signature) error {
pubKey, err := ssh.ParsePublicKey(k.Blob)
if err != nil {
return fmt.Errorf("agent: bad public key: %v", err)
return fmt.Errorf("agent: bad public key: %w", err)
}
return pubKey.Verify(data, sig)
}
4 changes: 2 additions & 2 deletions ssh/agent/server.go
Original file line number Diff line number Diff line change
@@ -387,7 +387,7 @@ func parseRSACert(req []byte) (*AddedKey, error) {
N *big.Int
}
if err := ssh.Unmarshal(cert.Key.Marshal(), &rsaPub); err != nil {
return nil, fmt.Errorf("agent: Unmarshal failed to parse public key: %v", err)
return nil, fmt.Errorf("agent: Unmarshal failed to parse public key: %w", err)
}

if rsaPub.E.BitLen() > 30 {
@@ -431,7 +431,7 @@ func parseDSACert(req []byte) (*AddedKey, error) {
P, Q, G, Y *big.Int
}
if err := ssh.Unmarshal(cert.Key.Marshal(), &w); err != nil {
return nil, fmt.Errorf("agent: Unmarshal failed to parse public key: %v", err)
return nil, fmt.Errorf("agent: Unmarshal failed to parse public key: %w", err)
}

priv := &dsa.PrivateKey{
2 changes: 1 addition & 1 deletion ssh/client.go
Original file line number Diff line number Diff line change
@@ -82,7 +82,7 @@ func NewClientConn(c net.Conn, addr string, config *ClientConfig) (Conn, <-chan

if err := conn.clientHandshake(addr, &fullConf); err != nil {
c.Close()
return nil, nil, nil, fmt.Errorf("ssh: handshake failed: %v", err)
return nil, nil, nil, fmt.Errorf("ssh: handshake failed: %w", err)
}
conn.mux = newMux(conn.transport)
return conn, conn.mux.incomingChannels, conn.mux.incomingRequests, nil
4 changes: 2 additions & 2 deletions ssh/keys.go
Original file line number Diff line number Diff line change
@@ -1139,7 +1139,7 @@ func ParseRawPrivateKeyWithPassphrase(pemBytes, passphrase []byte) (interface{},
if err == x509.IncorrectPasswordError {
return nil, err
}
return nil, fmt.Errorf("ssh: cannot decode encrypted private keys: %v", err)
return nil, fmt.Errorf("ssh: cannot decode encrypted private keys: %w", err)
}

switch block.Type {
@@ -1277,7 +1277,7 @@ func parseOpenSSHPrivateKey(key []byte, decrypt openSSHDecryptFunc) (crypto.Priv
if err, ok := err.(*PassphraseMissingError); ok {
pub, errPub := ParsePublicKey(w.PubKey)
if errPub != nil {
return nil, fmt.Errorf("ssh: failed to parse embedded public key: %v", errPub)
return nil, fmt.Errorf("ssh: failed to parse embedded public key: %w", errPub)
}
err.PublicKey = pub
}
6 changes: 3 additions & 3 deletions ssh/knownhosts/knownhosts.go
Original file line number Diff line number Diff line change
@@ -333,15 +333,15 @@ func (db *hostKeyDB) check(address string, remote net.Addr, remoteKey ssh.Public

host, port, err := net.SplitHostPort(remote.String())
if err != nil {
return fmt.Errorf("knownhosts: SplitHostPort(%s): %v", remote, err)
return fmt.Errorf("knownhosts: SplitHostPort(%s): %w", remote, err)
}

hostToCheck := addr{host, port}
if address != "" {
// Give preference to the hostname if available.
host, port, err := net.SplitHostPort(address)
if err != nil {
return fmt.Errorf("knownhosts: SplitHostPort(%s): %v", address, err)
return fmt.Errorf("knownhosts: SplitHostPort(%s): %w", address, err)
}

hostToCheck = addr{host, port}
@@ -402,7 +402,7 @@ func (db *hostKeyDB) Read(r io.Reader, filename string) error {
}

if err := db.parseLine(line, filename, lineNum); err != nil {
return fmt.Errorf("knownhosts: %s:%d: %v", filename, lineNum, err)
return fmt.Errorf("knownhosts: %s:%d: %w", filename, lineNum, err)
}
}
return scanner.Err()
2 changes: 1 addition & 1 deletion ssh/server.go
Original file line number Diff line number Diff line change
@@ -309,7 +309,7 @@ func checkSourceAddress(addr net.Addr, sourceAddrs string) error {
} else {
_, ipNet, err := net.ParseCIDR(sourceAddr)
if err != nil {
return fmt.Errorf("ssh: error parsing source-address restriction %q: %v", sourceAddr, err)
return fmt.Errorf("ssh: error parsing source-address restriction %q: %w", sourceAddr, err)
}

if ipNet.Contains(tcpAddr.IP) {
2 changes: 1 addition & 1 deletion ssh/tcpip.go
Original file line number Diff line number Diff line change
@@ -81,7 +81,7 @@ func (c *Client) autoPortListenWorkaround(laddr *net.TCPAddr) (net.Listener, err
return sshListener, err
}
}
return nil, fmt.Errorf("ssh: listen on random port failed after %d tries: %v", tries, err)
return nil, fmt.Errorf("ssh: listen on random port failed after %d tries: %w", tries, err)
}

// RFC 4254 7.1