diff --git a/cmd/ooniprobe/internal/nettests/run.go b/cmd/ooniprobe/internal/nettests/run.go index e4ec2fc254..1ad9ae2bab 100644 --- a/cmd/ooniprobe/internal/nettests/run.go +++ b/cmd/ooniprobe/internal/nettests/run.go @@ -131,7 +131,7 @@ func RunGroup(config RunGroupConfig) error { defer dir.Close() _, err = dir.Readdirnames(1) if err != nil { - os.Remove(result.MeasurementDir) + _ = os.Remove(result.MeasurementDir) } if err = db.Finished(result); err != nil { return err diff --git a/internal/cmd/gardener/internal/dnsfix/dnsfix.go b/internal/cmd/gardener/internal/dnsfix/dnsfix.go index 89c1ffde33..9db44582d9 100644 --- a/internal/cmd/gardener/internal/dnsfix/dnsfix.go +++ b/internal/cmd/gardener/internal/dnsfix/dnsfix.go @@ -46,7 +46,7 @@ func (s *Subcommand) Main() { // walk through each entry for _, entry := range entries { - bar.Add(1) + _ = bar.Add(1) s.processEntry(entry) } } diff --git a/internal/cmd/gardener/internal/dnsreport/dnsreport.go b/internal/cmd/gardener/internal/dnsreport/dnsreport.go index d5edc649c8..d8b3036fe6 100644 --- a/internal/cmd/gardener/internal/dnsreport/dnsreport.go +++ b/internal/cmd/gardener/internal/dnsreport/dnsreport.go @@ -220,7 +220,7 @@ func (s *Subcommand) measureEntries(ctx context.Context, db *sql.DB, entries []* // walk through each entry until we're interrupted by the context for idx := 0; idx < len(entries) && ctx.Err() == nil; idx++ { - bar.Add(1) + _ = bar.Add(1) s.measureSingleEntry(db, entries[idx]) } } diff --git a/internal/cmd/gardener/internal/testlists/testlists.go b/internal/cmd/gardener/internal/testlists/testlists.go index 49207ffa92..2e61f59895 100644 --- a/internal/cmd/gardener/internal/testlists/testlists.go +++ b/internal/cmd/gardener/internal/testlists/testlists.go @@ -146,7 +146,7 @@ func emit(filepath string, all []*Entry, och chan<- *Entry) { progressbar.OptionSetWriter(os.Stdout), ) for _, entry := range all { - bar.Add(1) + _ = bar.Add(1) och <- entry } } diff --git a/internal/cmd/ghgen/utils.go b/internal/cmd/ghgen/utils.go index 8b7cc05db5..39f203b1c7 100644 --- a/internal/cmd/ghgen/utils.go +++ b/internal/cmd/ghgen/utils.go @@ -171,7 +171,7 @@ func generateWorkflowFile(name string, jobs []Job) { mustFprintf(fp, "\n") mustFprintf(fp, "jobs:\n") for _, job := range jobs { - job.Action(fp, &job) + job.Action(fp, &job) // #nosec G601 -- job.Action is synchronous and does not retain job } mustFprintf(fp, "# End of autogenerated file\n") } diff --git a/internal/cmd/miniooni/main.go b/internal/cmd/miniooni/main.go index 37d29e4e10..4bab5d7340 100644 --- a/internal/cmd/miniooni/main.go +++ b/internal/cmd/miniooni/main.go @@ -372,7 +372,7 @@ func mainSingleIteration(logger model.Logger, experimentName string, currentOpti sess := newSessionOrPanic(ctx, currentOptions, miniooniDir, logger) defer func() { - sess.Close() + _ = sess.Close() log.Infof("whole session: recv %s, sent %s", humanize.SI(sess.KibiBytesReceived()*1024, "byte"), humanize.SI(sess.KibiBytesSent()*1024, "byte"), diff --git a/internal/cmd/oohelperd/main.go b/internal/cmd/oohelperd/main.go index c62e15aa72..ae7f7e1c39 100644 --- a/internal/cmd/oohelperd/main.go +++ b/internal/cmd/oohelperd/main.go @@ -60,7 +60,7 @@ func shutdown(srv *http.Server, wg *sync.WaitGroup) { defer wg.Done() ctx, cancel := context.WithTimeout(context.Background(), 45*time.Second) defer cancel() - srv.Shutdown(ctx) + _ = srv.Shutdown(ctx) } func main() { diff --git a/internal/cmd/ooporthelper/main.go b/internal/cmd/ooporthelper/main.go index 55b77f0e64..19a8b803e9 100644 --- a/internal/cmd/ooporthelper/main.go +++ b/internal/cmd/ooporthelper/main.go @@ -27,7 +27,7 @@ func init() { func shutdown(ctx context.Context, l net.Listener) { <-ctx.Done() - l.Close() + _ = l.Close() } // TODO(DecFox): Add the ability of an echo service to generate some traffic diff --git a/internal/cmd/tinyjafar/main.go b/internal/cmd/tinyjafar/main.go index b962d2c890..e5b85cf902 100644 --- a/internal/cmd/tinyjafar/main.go +++ b/internal/cmd/tinyjafar/main.go @@ -153,7 +153,7 @@ func mainWithArgs(writer io.Writer, sigChan <-chan os.Signal, args ...string) { fset := flag.NewFlagSet("tinyjafar", flag.ExitOnError) cfg.initFlags(fset) - fset.Parse(args) + runtimex.Try0(fset.Parse(args)) cs := newCmdSet() cs.handleDropIP(cfg) diff --git a/internal/engine/session.go b/internal/engine/session.go index 855191f95a..3539c1c5e5 100644 --- a/internal/engine/session.go +++ b/internal/engine/session.go @@ -338,7 +338,7 @@ func (s *Session) Close() error { // doClose implements Close. This function is called just once. func (s *Session) doClose() { // make sure we close open connections and persist stats to the key-value store - s.network.Close() + _ = s.network.Close() s.resolver.CloseIdleConnections() if s.tunnel != nil { diff --git a/internal/enginelocate/iplookup.go b/internal/enginelocate/iplookup.go index f9654cbd4d..0a3c4e743b 100644 --- a/internal/enginelocate/iplookup.go +++ b/internal/enginelocate/iplookup.go @@ -68,7 +68,7 @@ type ipLookupClient struct { } func makeSlice() []method { - r := rand.New(rand.NewSource(time.Now().UnixNano())) + r := rand.New(rand.NewSource(time.Now().UnixNano())) // #nosec G404 -- not really important ret := make([]method, len(methods)) perm := r.Perm(len(methods)) for idx, randIdx := range perm { diff --git a/internal/enginelocate/stun.go b/internal/enginelocate/stun.go index d659c9de84..dbbbef9945 100644 --- a/internal/enginelocate/stun.go +++ b/internal/enginelocate/stun.go @@ -45,7 +45,7 @@ func stunIPLookup(ctx context.Context, config stunConfig) (string, error) { } clnt, err := newClient(conn) if err != nil { - conn.Close() + _ = conn.Close() return model.DefaultProbeIP, err } defer clnt.Close() diff --git a/internal/enginenetx/bridgespolicy.go b/internal/enginenetx/bridgespolicy.go index 0bbc1e9fca..1b15aafea4 100644 --- a/internal/enginenetx/bridgespolicy.go +++ b/internal/enginenetx/bridgespolicy.go @@ -60,7 +60,7 @@ func bridgesTacticsForDomain(domain, port string) <-chan *httpsDialerTactic { func bridgesDomainsInRandomOrder() (out []string) { out = bridgesDomains() - r := rand.New(rand.NewSource(time.Now().UnixNano())) + r := rand.New(rand.NewSource(time.Now().UnixNano())) // #nosec G404 -- not really important r.Shuffle(len(out), func(i, j int) { out[i], out[j] = out[j], out[i] }) diff --git a/internal/enginenetx/httpsdialer.go b/internal/enginenetx/httpsdialer.go index f59ceb938a..2881bdebcd 100644 --- a/internal/enginenetx/httpsdialer.go +++ b/internal/enginenetx/httpsdialer.go @@ -306,7 +306,7 @@ func httpsDialerReduceResult(connv []model.TLSConn, errorv []error) (model.TLSCo switch { case len(connv) >= 1: for _, c := range connv[1:] { - c.Close() + _ = c.Close() } return connv[0], nil @@ -400,7 +400,7 @@ func (hd *httpsDialer) dialTLS( // handle handshake error if err != nil { hd.stats.OnTLSHandshakeError(ctx, tactic, err) - tcpConn.Close() + _ = tcpConn.Close() return nil, err } @@ -412,7 +412,7 @@ func (hd *httpsDialer) dialTLS( // handle verification error if err != nil { hd.stats.OnTLSVerifyError(tactic, err) - tlsConn.Close() + _ = tlsConn.Close() return nil, err } diff --git a/internal/engineresolver/resolver.go b/internal/engineresolver/resolver.go index c54bf8f45e..d203cd702a 100644 --- a/internal/engineresolver/resolver.go +++ b/internal/engineresolver/resolver.go @@ -168,7 +168,7 @@ func (r *Resolver) lookupHost(ctx context.Context, ri *resolverinfo, hostname st // // The return value is only meaningful for testing. func (r *Resolver) maybeConfusion(state []*resolverinfo, seed int64) int { - rng := rand.New(rand.NewSource(seed)) + rng := rand.New(rand.NewSource(seed)) // #nosec G404 -- not really important const confusion = 0.3 if rng.Float64() >= confusion { return -1 diff --git a/internal/engineresolver/resolvermaker.go b/internal/engineresolver/resolvermaker.go index 4ae1e63d0c..38520dbe9e 100644 --- a/internal/engineresolver/resolvermaker.go +++ b/internal/engineresolver/resolvermaker.go @@ -58,7 +58,7 @@ var allbyurl = resolverMakeInitialState() // see https://github.com/ooni/probe/issues/2544. func resolverMakeInitialState() map[string]*resolvermaker { output := make(map[string]*resolvermaker) - rng := rand.New(rand.NewSource(time.Now().UnixNano())) + rng := rand.New(rand.NewSource(time.Now().UnixNano())) // #nosec G404 -- not really important for _, e := range allmakers { output[e.url] = e if e.url != systemResolverURL { diff --git a/internal/experiment/echcheck/handshake.go b/internal/experiment/echcheck/handshake.go index 4597d89fe9..011966b81b 100644 --- a/internal/experiment/echcheck/handshake.go +++ b/internal/experiment/echcheck/handshake.go @@ -68,7 +68,7 @@ var certpool = netxlite.NewMozillaCertPool() // genTLSConfig generates tls.Config from a given SNI func genTLSConfig(sni string) *tls.Config { - return &tls.Config{ + return &tls.Config{ // #nosec G402 - we need to use a large TLS versions range for measuring RootCAs: certpool, ServerName: sni, NextProtos: []string{"h2", "http/1.1"}, diff --git a/internal/experiment/fbmessenger/fbmessenger.go b/internal/experiment/fbmessenger/fbmessenger.go index e039cfd000..5b18073bac 100644 --- a/internal/experiment/fbmessenger/fbmessenger.go +++ b/internal/experiment/fbmessenger/fbmessenger.go @@ -179,7 +179,7 @@ func (m Measurer) Run(ctx context.Context, args *model.ExperimentArgs) error { for _, service := range Services { inputs = append(inputs, urlgetter.MultiInput{Target: service}) } - rnd := rand.New(rand.NewSource(time.Now().UnixNano())) + rnd := rand.New(rand.NewSource(time.Now().UnixNano())) // #nosec G404 -- not really important rnd.Shuffle(len(inputs), func(i, j int) { inputs[i], inputs[j] = inputs[j], inputs[i] }) diff --git a/internal/experiment/portfiltering/tcpconnect.go b/internal/experiment/portfiltering/tcpconnect.go index 95ef97cf0c..aa3b73a9f4 100644 --- a/internal/experiment/portfiltering/tcpconnect.go +++ b/internal/experiment/portfiltering/tcpconnect.go @@ -44,6 +44,6 @@ func (m *Measurer) tcpConnect(ctx context.Context, index int64, dialer := trace.NewDialerWithoutResolver(logger) conn, err := dialer.DialContext(ctx, "tcp", address) ol.Stop(err) - measurexlite.MaybeClose(conn) + _ = measurexlite.MaybeClose(conn) return trace.FirstTCPConnectOrNil() } diff --git a/internal/experiment/quicping/quicping.go b/internal/experiment/quicping/quicping.go index 893f86e30d..09fa99a4a8 100644 --- a/internal/experiment/quicping/quicping.go +++ b/internal/experiment/quicping/quicping.go @@ -259,7 +259,7 @@ func (m *Measurer) Run(ctx context.Context, args *model.ExperimentArgs) error { // set context and read timeouts deadline := time.Duration(rep*2) * time.Second - pconn.SetDeadline(time.Now().Add(deadline)) + _ = pconn.SetDeadline(time.Now().Add(deadline)) ctx, cancel := context.WithTimeout(ctx, deadline) defer cancel() diff --git a/internal/experiment/simplequicping/simplequicping.go b/internal/experiment/simplequicping/simplequicping.go index 095d0c2c85..82e12ce2d8 100644 --- a/internal/experiment/simplequicping/simplequicping.go +++ b/internal/experiment/simplequicping/simplequicping.go @@ -178,7 +178,7 @@ func (m *Measurer) quicHandshake(ctx context.Context, index int64, // See https://github.com/ooni/probe/issues/2413 to understand // why we're using nil to force netxlite to use the cached // default Mozilla cert pool. - tlsConfig := &tls.Config{ + tlsConfig := &tls.Config{ // #nosec G402 - we need to use a large TLS versions range for measuring NextProtos: alpn, RootCAs: nil, ServerName: sni, diff --git a/internal/experiment/sniblocking/sniblocking.go b/internal/experiment/sniblocking/sniblocking.go index 1ba6ac28ee..920147d8ae 100644 --- a/internal/experiment/sniblocking/sniblocking.go +++ b/internal/experiment/sniblocking/sniblocking.go @@ -112,7 +112,7 @@ func (m *Measurer) measureone( thaddr string, ) Subresult { // slightly delay the measurement - gen := rand.New(rand.NewSource(time.Now().UnixNano())) + gen := rand.New(rand.NewSource(time.Now().UnixNano())) // #nosec G404 -- not really important sleeptime := time.Duration(gen.Intn(250)) * time.Millisecond select { case <-time.After(sleeptime): diff --git a/internal/experiment/tcpping/tcpping.go b/internal/experiment/tcpping/tcpping.go index 2fd6d362de..468bd88088 100644 --- a/internal/experiment/tcpping/tcpping.go +++ b/internal/experiment/tcpping/tcpping.go @@ -138,7 +138,7 @@ func (m *Measurer) tcpConnect(ctx context.Context, index int64, ol := logx.NewOperationLogger(logger, "TCPPing #%d %s", index, address) conn, err := dialer.DialContext(ctx, "tcp", address) ol.Stop(err) - measurexlite.MaybeClose(conn) + _ = measurexlite.MaybeClose(conn) sp := &SinglePing{ TCPConnect: trace.FirstTCPConnectOrNil(), // record the first connect from the buffer } diff --git a/internal/experiment/tlsmiddlebox/connect.go b/internal/experiment/tlsmiddlebox/connect.go index 8ef061de3a..008d47f804 100644 --- a/internal/experiment/tlsmiddlebox/connect.go +++ b/internal/experiment/tlsmiddlebox/connect.go @@ -21,7 +21,7 @@ func (m *Measurer) TCPConnect(ctx context.Context, index int64, zeroTime time.Ti ol := logx.NewOperationLogger(logger, "TCPConnect #%d %s", index, address) conn, err := dialer.DialContext(ctx, "tcp", address) ol.Stop(err) - measurexlite.MaybeClose(conn) + _ = measurexlite.MaybeClose(conn) tcpEvents := trace.TCPConnects() tk.addTCPConnect(tcpEvents) return err diff --git a/internal/experiment/tlsmiddlebox/tracing.go b/internal/experiment/tlsmiddlebox/tracing.go index d904744a9c..110c39f586 100644 --- a/internal/experiment/tlsmiddlebox/tracing.go +++ b/internal/experiment/tlsmiddlebox/tracing.go @@ -124,7 +124,7 @@ func genTLSConfig(sni string) *tls.Config { // See https://github.com/ooni/probe/issues/2413 to understand // why we're using nil to force netxlite to use the cached // default Mozilla cert pool. - return &tls.Config{ + return &tls.Config{ // #nosec G402 - we need to use a large TLS versions range for measuring RootCAs: nil, ServerName: sni, NextProtos: []string{"h2", "http/1.1"}, diff --git a/internal/experiment/tlsping/tlsping.go b/internal/experiment/tlsping/tlsping.go index d52c2b8653..ff20c0a9f6 100644 --- a/internal/experiment/tlsping/tlsping.go +++ b/internal/experiment/tlsping/tlsping.go @@ -184,7 +184,7 @@ func (m *Measurer) tlsConnectAndHandshake(ctx context.Context, index int64, // See https://github.com/ooni/probe/issues/2413 to understand // why we're using nil to force netxlite to use the cached // default Mozilla cert pool. - config := &tls.Config{ + config := &tls.Config{ // #nosec G402 - we need to use a large TLS versions range for measuring NextProtos: alpn, RootCAs: nil, ServerName: sni, diff --git a/internal/experiment/tlstool/internal/splitter.go b/internal/experiment/tlstool/internal/splitter.go index 0aecfb8175..88c7f773eb 100644 --- a/internal/experiment/tlstool/internal/splitter.go +++ b/internal/experiment/tlstool/internal/splitter.go @@ -58,7 +58,7 @@ func Splitter3264rand(input []byte) (output [][]byte) { output = append(output, input) return } - rnd := rand.New(rand.NewSource(time.Now().UnixNano())) + rnd := rand.New(rand.NewSource(time.Now().UnixNano())) // #nosec G404 -- not really important offset := rnd.Intn(32) + 32 output = append(output, input[:offset]) output = append(output, input[offset:]) diff --git a/internal/experiment/tlstool/tlstool.go b/internal/experiment/tlstool/tlstool.go index b523ec06d1..a6825b7305 100644 --- a/internal/experiment/tlstool/tlstool.go +++ b/internal/experiment/tlstool/tlstool.go @@ -136,13 +136,13 @@ func (m Measurer) run(ctx context.Context, config runConfig) error { if err != nil { return err } - conn.Close() + _ = conn.Close() return nil } func (m Measurer) tlsConfig() *tls.Config { if m.config.SNI != "" { - return &tls.Config{ServerName: m.config.SNI} + return &tls.Config{ServerName: m.config.SNI} // #nosec G402 - we need to use a large TLS versions range for measuring } return nil } diff --git a/internal/experiment/urlgetter/configurer.go b/internal/experiment/urlgetter/configurer.go index ee1d510f5a..b00970964c 100644 --- a/internal/experiment/urlgetter/configurer.go +++ b/internal/experiment/urlgetter/configurer.go @@ -80,7 +80,7 @@ func (c Configurer) NewConfiguration() (Configuration, error) { configuration.DNSClient = dnsclient configuration.HTTPConfig.BaseResolver = dnsclient // configure TLS - configuration.HTTPConfig.TLSConfig = &tls.Config{ + configuration.HTTPConfig.TLSConfig = &tls.Config{ // #nosec G402 - we need to use a large TLS versions range for measuring NextProtos: []string{"h2", "http/1.1"}, } if c.Config.TLSServerName != "" { diff --git a/internal/experiment/urlgetter/runner.go b/internal/experiment/urlgetter/runner.go index 825160754d..4fd8f293e6 100644 --- a/internal/experiment/urlgetter/runner.go +++ b/internal/experiment/urlgetter/runner.go @@ -113,7 +113,7 @@ func (r Runner) tlsHandshake(ctx context.Context, address string) error { tlsDialer := netx.NewTLSDialer(r.HTTPConfig) conn, err := tlsDialer.DialTLSContext(ctx, "tcp", address) if conn != nil { - conn.Close() + _ = conn.Close() } return err } @@ -122,7 +122,7 @@ func (r Runner) tcpConnect(ctx context.Context, address string) error { dialer := netx.NewDialer(r.HTTPConfig) conn, err := dialer.DialContext(ctx, "tcp", address) if conn != nil { - conn.Close() + _ = conn.Close() } return err } diff --git a/internal/experiment/webconnectivitylte/cleartextflow.go b/internal/experiment/webconnectivitylte/cleartextflow.go index 6b482c42c4..84533cf5ad 100644 --- a/internal/experiment/webconnectivitylte/cleartextflow.go +++ b/internal/experiment/webconnectivitylte/cleartextflow.go @@ -96,7 +96,7 @@ func (t *CleartextFlow) Start(ctx context.Context) { index := t.IDGenerator.NewIDForEndpointCleartext() go func() { defer t.WaitGroup.Done() // synchronize with the parent - t.Run(ctx, index) + _ = t.Run(ctx, index) }() } @@ -114,7 +114,7 @@ func (t *CleartextFlow) Run(parentCtx context.Context, index int64) error { sampler := throttling.NewSampler(trace) defer func() { t.TestKeys.AppendNetworkEvents(sampler.ExtractSamples()...) - sampler.Close() + _ = sampler.Close() }() // start the operation logger diff --git a/internal/experiment/webconnectivitylte/secureflow.go b/internal/experiment/webconnectivitylte/secureflow.go index ba22846220..1bd388eda1 100644 --- a/internal/experiment/webconnectivitylte/secureflow.go +++ b/internal/experiment/webconnectivitylte/secureflow.go @@ -104,7 +104,7 @@ func (t *SecureFlow) Start(ctx context.Context) { index := t.IDGenerator.NewIDForEndpointSecure() go func() { defer t.WaitGroup.Done() // synchronize with the parent - t.Run(ctx, index) + _ = t.Run(ctx, index) }() } @@ -122,7 +122,7 @@ func (t *SecureFlow) Run(parentCtx context.Context, index int64) error { sampler := throttling.NewSampler(trace) defer func() { t.TestKeys.AppendNetworkEvents(sampler.ExtractSamples()...) - sampler.Close() + _ = sampler.Close() }() // start the operation logger @@ -162,7 +162,7 @@ func (t *SecureFlow) Run(parentCtx context.Context, index int64) error { // See https://github.com/ooni/probe/issues/2413 to understand // why we're using nil to force netxlite to use the cached // default Mozilla cert pool. - tlsConfig := &tls.Config{ + tlsConfig := &tls.Config{ // #nosec G402 - we need to use a large TLS versions range for measuring NextProtos: t.alpn(), RootCAs: nil, ServerName: tlsSNI, diff --git a/internal/experiment/whatsapp/whatsapp.go b/internal/experiment/whatsapp/whatsapp.go index a96b48d305..93d0438002 100644 --- a/internal/experiment/whatsapp/whatsapp.go +++ b/internal/experiment/whatsapp/whatsapp.go @@ -162,7 +162,7 @@ func (m Measurer) Run(ctx context.Context, args *model.ExperimentArgs) error { // don't care about the HTTP response code. Target: WebHTTPSURL, }) - rnd := rand.New(rand.NewSource(time.Now().UnixNano())) + rnd := rand.New(rand.NewSource(time.Now().UnixNano())) // #nosec G404 -- not really important rnd.Shuffle(len(inputs), func(i, j int) { inputs[i], inputs[j] = inputs[j], inputs[i] }) diff --git a/internal/fsx/fsx.go b/internal/fsx/fsx.go index 6ee374dfab..34304ea7fc 100644 --- a/internal/fsx/fsx.go +++ b/internal/fsx/fsx.go @@ -29,11 +29,11 @@ func openWithFS(fs fs.FS, pathname string) (fs.File, error) { } info, err := file.Stat() if err != nil { - file.Close() + _ = file.Close() return nil, err } if !IsRegular(info) { - file.Close() + _ = file.Close() return nil, fmt.Errorf("%w: %s", ErrNotRegularFile, pathname) } return file, nil diff --git a/internal/legacy/measurex/easy.go b/internal/legacy/measurex/easy.go index f02a4ddb2b..6acb5f3890 100644 --- a/internal/legacy/measurex/easy.go +++ b/internal/legacy/measurex/easy.go @@ -49,7 +49,7 @@ func (mx *Measurer) EasyHTTPRoundTripGET(ctx context.Context, timeout time.Durat failure := err.Error() return NewArchivalMeasurement(db.AsMeasurement()), &failure } - resp.Body.Close() + _ = resp.Body.Close() return NewArchivalMeasurement(db.AsMeasurement()), nil } @@ -61,7 +61,7 @@ type EasyTLSConfig struct { // NewEasyTLSConfig creates a new EasyTLSConfig instance. func NewEasyTLSConfig() *EasyTLSConfig { return &EasyTLSConfig{ - config: &tls.Config{ + config: &tls.Config{ // #nosec G402 - we need to use a large TLS versions range for measuring // Because here we use nil, this causes netxlite to use // a cached copy of Mozilla's CA pool. We don't create a // new pool every time for performance reasons. See @@ -98,7 +98,7 @@ func (easy *EasyTLSConfig) RootCAs(v *x509.CertPool) *EasyTLSConfig { // asTLSConfig converts an *EasyTLSConfig to a *tls.Config. func (easy *EasyTLSConfig) asTLSConfig() *tls.Config { if easy == nil || easy.config == nil { - return &tls.Config{} + return &tls.Config{} // #nosec G402 - we need to use a large TLS versions range for measuring } return easy.config } @@ -135,7 +135,7 @@ func (mx *Measurer) EasyTLSConnectAndHandshake(ctx context.Context, endpoint str failure := err.Error() return NewArchivalMeasurement(db.AsMeasurement()), &failure } - conn.Close() + _ = conn.Close() return NewArchivalMeasurement(db.AsMeasurement()), nil } @@ -168,7 +168,7 @@ func (mx *Measurer) EasyTCPConnect(ctx context.Context, failure := err.Error() return NewArchivalMeasurement(db.AsMeasurement()), &failure } - conn.Close() + _ = conn.Close() return NewArchivalMeasurement(db.AsMeasurement()), nil } @@ -272,6 +272,6 @@ func (mx *Measurer) EasyOBFS4ConnectAndHandshake(ctx context.Context, failure := err.Error() return NewArchivalMeasurement(db.AsMeasurement()), &failure } - o4conn.Close() + _ = o4conn.Close() return NewArchivalMeasurement(db.AsMeasurement()), nil } diff --git a/internal/legacy/measurex/http.go b/internal/legacy/measurex/http.go index a2853129af..53c9949665 100644 --- a/internal/legacy/measurex/http.go +++ b/internal/legacy/measurex/http.go @@ -97,7 +97,9 @@ func (mx *Measurer) NewHTTPTransportWithTLSConn( func (mx *Measurer) NewHTTPTransportWithQUICConn( logger model.Logger, db WritableDB, qconn quic.EarlyConnection) *HTTPTransportDB { return mx.WrapHTTPTransport(db, netxlite.NewHTTP3Transport( - logger, netxlite.NewSingleUseQUICDialer(qconn), &tls.Config{})) + logger, netxlite.NewSingleUseQUICDialer(qconn), + &tls.Config{}, // #nosec G402 - we need to use a large TLS versions range for measuring + )) } // HTTPTransportDB is an implementation of HTTPTransport that diff --git a/internal/legacy/measurex/measurer.go b/internal/legacy/measurex/measurer.go index 8f371c5afb..8820f35fb4 100644 --- a/internal/legacy/measurex/measurer.go +++ b/internal/legacy/measurex/measurer.go @@ -251,7 +251,7 @@ func (mx *Measurer) TCPConnect(ctx context.Context, address string) *EndpointMea conn, _ := mx.TCPConnectWithDB(ctx, db, address) measurement := db.AsMeasurement() if conn != nil { - conn.Close() + _ = conn.Close() } return &EndpointMeasurement{ Network: NetworkTCP, @@ -322,7 +322,7 @@ func (mx *Measurer) TLSConnectAndHandshake(ctx context.Context, conn, _ := mx.TLSConnectAndHandshakeWithDB(ctx, db, address, config) measurement := db.AsMeasurement() if conn != nil { - conn.Close() + _ = conn.Close() } return &EndpointMeasurement{ Network: NetworkTCP, @@ -393,7 +393,7 @@ func (mx *Measurer) QUICHandshake(ctx context.Context, address string, measurement := db.AsMeasurement() if qconn != nil { // TODO(bassosimone): close connection with correct message - qconn.CloseWithError(0, "") + _ = qconn.CloseWithError(0, "") } return &EndpointMeasurement{ Network: NetworkUDP, @@ -449,7 +449,7 @@ func (mx *Measurer) HTTPEndpointGet( ctx context.Context, epnt *HTTPEndpoint, jar http.CookieJar) *HTTPEndpointMeasurement { resp, m, _ := mx.httpEndpointGet(ctx, epnt, jar) if resp != nil { - resp.Body.Close() + _ = resp.Body.Close() } return m } @@ -561,11 +561,12 @@ func (mx *Measurer) httpEndpointGetHTTPS(ctx context.Context, db WritableDB, epnt *HTTPEndpoint, jar http.CookieJar) (*http.Response, error) { // Using a nil cert pool here forces netxlite to use a cached copy of Mozilla's // CA bundle. See https://github.com/ooni/probe/issues/2413 for context. - conn, err := mx.TLSConnectAndHandshakeWithDB(ctx, db, epnt.Address, &tls.Config{ - ServerName: epnt.SNI, - NextProtos: epnt.ALPN, - RootCAs: nil, - }) + conn, err := mx.TLSConnectAndHandshakeWithDB(ctx, db, epnt.Address, + &tls.Config{ // #nosec G402 - we need to use a large TLS versions range for measuring + ServerName: epnt.SNI, + NextProtos: epnt.ALPN, + RootCAs: nil, + }) if err != nil { return nil, err } @@ -581,11 +582,12 @@ func (mx *Measurer) httpEndpointGetQUIC(ctx context.Context, db WritableDB, epnt *HTTPEndpoint, jar http.CookieJar) (*http.Response, error) { // Using a nil cert pool here forces netxlite to use a cached copy of Mozilla's // CA bundle. See https://github.com/ooni/probe/issues/2413 for context. - qconn, err := mx.QUICHandshakeWithDB(ctx, db, epnt.Address, &tls.Config{ - ServerName: epnt.SNI, - NextProtos: epnt.ALPN, - RootCAs: nil, - }) + qconn, err := mx.QUICHandshakeWithDB(ctx, db, epnt.Address, + &tls.Config{ // // #nosec G402 - we need to use a large TLS versions range for measuring + ServerName: epnt.SNI, + NextProtos: epnt.ALPN, + RootCAs: nil, + }) if err != nil { return nil, err } diff --git a/internal/netemx/cloudflare.go b/internal/netemx/cloudflare.go index f8a6c516bd..45c4a318aa 100644 --- a/internal/netemx/cloudflare.go +++ b/internal/netemx/cloudflare.go @@ -192,7 +192,7 @@ func CloudflareCAPTCHAHandler() http.Handler { if address == DefaultClientAddress { log.Printf("CLOUDFLARE_CACHE: request from %s => 503", address) w.WriteHeader(http.StatusServiceUnavailable) - w.Write(cloudflareCAPTCHAWebPage) + _, _ = w.Write(cloudflareCAPTCHAWebPage) return } @@ -200,6 +200,6 @@ func CloudflareCAPTCHAHandler() http.Handler { // otherwise => 200 log.Printf("CLOUDFLARE_CACHE: request from %s => 200", address) w.WriteHeader(http.StatusOK) - w.Write([]byte(ExampleWebPage)) + _, _ = w.Write([]byte(ExampleWebPage)) }) } diff --git a/internal/netemx/largefile.go b/internal/netemx/largefile.go index b899622ef2..4a069bf5dc 100644 --- a/internal/netemx/largefile.go +++ b/internal/netemx/largefile.go @@ -24,6 +24,6 @@ func LargeFileHandler(reader func(b []byte) (n int, err error)) http.Handler { w.WriteHeader(http.StatusInternalServerError) return } - w.Write(data) + _, _ = w.Write(data) }) } diff --git a/internal/netemx/ooapi.go b/internal/netemx/ooapi.go index c5653a25ed..c6a15044c7 100644 --- a/internal/netemx/ooapi.go +++ b/internal/netemx/ooapi.go @@ -57,5 +57,5 @@ func (p *OOAPIHandler) getApiV1TestHelpers(w http.ResponseWriter, _ *http.Reques }, } w.Header().Add("Content-Type", "application/json") - w.Write(runtimex.Try1(json.Marshal(resp))) + _, _ = w.Write(runtimex.Try1(json.Marshal(resp))) } diff --git a/internal/netemx/qaenv.go b/internal/netemx/qaenv.go index 958889e61b..c0b0eaeb77 100644 --- a/internal/netemx/qaenv.go +++ b/internal/netemx/qaenv.go @@ -238,8 +238,8 @@ func (env *QAEnv) mustNewNetStacks(config *qaEnvConfig) (closables []io.Closer) // AddRecordToAllResolvers adds the given DNS record to all DNS resolvers. You can safely // add new DNS records from concurrent goroutines at any time. func (env *QAEnv) AddRecordToAllResolvers(domain string, cname string, addrs ...string) { - env.ISPResolverConfig().AddRecord(domain, cname, addrs...) - env.OtherResolversConfig().AddRecord(domain, cname, addrs...) + runtimex.Try0(env.ISPResolverConfig().AddRecord(domain, cname, addrs...)) + runtimex.Try0(env.OtherResolversConfig().AddRecord(domain, cname, addrs...)) } // ISPResolverConfig returns the [*netem.DNSConfig] of the ISP resolver. Note that can safely @@ -288,11 +288,11 @@ func (env *QAEnv) Close() error { env.once.Do(func() { // first close all the possible closables we track for _, c := range env.closables { - c.Close() + _ = c.Close() } // finally close the whole network topology - env.topology.Close() + _ = env.topology.Close() }) return nil } diff --git a/internal/netemx/web.go b/internal/netemx/web.go index 14f826c8b7..69258e19d3 100644 --- a/internal/netemx/web.go +++ b/internal/netemx/web.go @@ -74,7 +74,7 @@ func ExampleWebPageHandler() http.Handler { switch host { case "www.example.com", "www.example.org": - w.Write([]byte(ExampleWebPage)) + _, _ = w.Write([]byte(ExampleWebPage)) case "example.com": w.Header().Add("Location", "https://www.example.com/") @@ -118,7 +118,7 @@ func BlockpageHandlerFactory() HTTPHandlerFactory { return HTTPHandlerFactoryFunc(func(env NetStackServerFactoryEnv, stack *netem.UNetStack) http.Handler { return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { w.Header().Add("Date", "Thu, 24 Aug 2023 14:35:29 GMT") - w.Write([]byte(Blockpage)) + _, _ = w.Write([]byte(Blockpage)) }) }) } diff --git a/internal/netemx/yandex.go b/internal/netemx/yandex.go index 72e74fa81a..e3bdac8f63 100644 --- a/internal/netemx/yandex.go +++ b/internal/netemx/yandex.go @@ -32,7 +32,7 @@ func YandexHandler() http.Handler { switch host { case "ya.ru": - w.Write([]byte(ExampleWebPage)) + _, _ = w.Write([]byte(ExampleWebPage)) case "yandex.com": w.Header().Add("Location", "https://ya.ru/") diff --git a/internal/netxlite/dnsovertcp.go b/internal/netxlite/dnsovertcp.go index b3cde88b27..aa6b946a2c 100644 --- a/internal/netxlite/dnsovertcp.go +++ b/internal/netxlite/dnsovertcp.go @@ -88,7 +88,7 @@ func (t *DNSOverTCPTransport) RoundTrip( } defer conn.Close() const iotimeout = 10 * time.Second - conn.SetDeadline(time.Now().Add(iotimeout)) + _ = conn.SetDeadline(time.Now().Add(iotimeout)) // Write request buf := []byte{byte(len(rawQuery) >> 8)} buf = append(buf, byte(len(rawQuery))) diff --git a/internal/netxlite/dnsoverudp.go b/internal/netxlite/dnsoverudp.go index 0440e826d5..d3b93aad89 100644 --- a/internal/netxlite/dnsoverudp.go +++ b/internal/netxlite/dnsoverudp.go @@ -95,16 +95,16 @@ func (t *DNSOverUDPTransport) RoundTrip( if err != nil { return nil, err } - conn.SetDeadline(deadline) // time to dial (usually ~zero) already factored in + _ = conn.SetDeadline(deadline) // time to dial (usually ~zero) already factored in joinedch := make(chan bool) myaddr := conn.LocalAddr().String() if _, err := conn.Write(rawQuery); err != nil { - conn.Close() // we still own the conn + _ = conn.Close() // we still own the conn return nil, err } resp, err := t.recv(query, conn) if err != nil { - conn.Close() // we still own the conn + _ = conn.Close() // we still own the conn return nil, err } // start a goroutine to listen for any delayed DNS response and diff --git a/internal/netxlite/http3.go b/internal/netxlite/http3.go index 8603d3b9aa..6ca80772b2 100644 --- a/internal/netxlite/http3.go +++ b/internal/netxlite/http3.go @@ -39,7 +39,7 @@ func (txp *http3Transport) RoundTrip(req *http.Request) (*http.Response, error) // CloseIdleConnections implements HTTPTransport.CloseIdleConnections. func (txp *http3Transport) CloseIdleConnections() { - txp.child.Close() + _ = txp.child.Close() txp.dialer.CloseIdleConnections() } diff --git a/internal/netxlite/httptimeout.go b/internal/netxlite/httptimeout.go index 9ae9f01dfb..7cedf82f2e 100644 --- a/internal/netxlite/httptimeout.go +++ b/internal/netxlite/httptimeout.go @@ -62,7 +62,7 @@ func (d *httpTLSDialerWithReadTimeout) DialTLSContext( } tconn, okay := conn.(TLSConn) // part of the contract but let's be graceful if !okay { - conn.Close() // we own the conn here + _ = conn.Close() // we own the conn here return nil, ErrNotTLSConn } return &httpTLSConnWithReadTimeout{tconn}, nil @@ -95,7 +95,7 @@ const httpConnReadTimeout = 300 * time.Second // Read implements Conn.Read. func (c *httpConnWithReadTimeout) Read(b []byte) (int, error) { - c.Conn.SetReadDeadline(time.Now().Add(httpConnReadTimeout)) + _ = c.Conn.SetReadDeadline(time.Now().Add(httpConnReadTimeout)) defer c.Conn.SetReadDeadline(time.Time{}) return c.Conn.Read(b) } @@ -108,7 +108,7 @@ type httpTLSConnWithReadTimeout struct { // Read implements Conn.Read. func (c *httpTLSConnWithReadTimeout) Read(b []byte) (int, error) { - c.TLSConn.SetReadDeadline(time.Now().Add(httpConnReadTimeout)) + _ = c.TLSConn.SetReadDeadline(time.Now().Add(httpConnReadTimeout)) defer c.TLSConn.SetReadDeadline(time.Time{}) return c.TLSConn.Read(b) } diff --git a/internal/netxlite/quic.go b/internal/netxlite/quic.go index 8f2334b64b..d970cffdbc 100644 --- a/internal/netxlite/quic.go +++ b/internal/netxlite/quic.go @@ -139,7 +139,7 @@ func (d *quicDialerQUICGo) DialContext(ctx context.Context, err = MaybeNewErrWrapper(ClassifyQUICHandshakeError, QUICHandshakeOperation, err) trace.OnQUICHandshakeDone(started, address, qconn, tlsConfig, err, finished) if err != nil { - pconn.Close() // we own it on failure + _ = pconn.Close() // we own it on failure return nil, err } return newQUICConnectionOwnsConn(qconn, pconn), nil @@ -200,7 +200,7 @@ func (d *quicDialerHandshakeCompleter) DialContext( case <-conn.HandshakeComplete(): return conn, nil case <-ctx.Done(): - conn.CloseWithError(0, "") // we own the conn + _ = conn.CloseWithError(0, "") // we own the conn return nil, ctx.Err() } } @@ -227,7 +227,7 @@ func newQUICConnectionOwnsConn(qconn quic.EarlyConnection, pconn model.UDPLikeCo func (qconn *quicConnectionOwnsConn) CloseWithError( code quic.ApplicationErrorCode, reason string) error { err := qconn.EarlyConnection.CloseWithError(code, reason) - qconn.conn.Close() + _ = qconn.conn.Close() return err } diff --git a/internal/netxlite/tls.go b/internal/netxlite/tls.go index bd573fd143..3ad5308a27 100644 --- a/internal/netxlite/tls.go +++ b/internal/netxlite/tls.go @@ -211,7 +211,7 @@ func (h *tlsHandshakerConfigurable) Handshake( timeout = 10 * time.Second } defer conn.SetDeadline(time.Time{}) - conn.SetDeadline(time.Now().Add(timeout)) + _ = conn.SetDeadline(time.Now().Add(timeout)) if config.RootCAs == nil { config = config.Clone() // See https://github.com/ooni/probe/issues/2413 for context @@ -318,7 +318,7 @@ func (d *tlsDialer) DialTLSContext(ctx context.Context, network, address string) config := d.config(host, port) tlsconn, err := d.TLSHandshaker.Handshake(ctx, conn, config) if err != nil { - conn.Close() + _ = conn.Close() return nil, err } return tlsconn, nil diff --git a/internal/oohelperd/handler.go b/internal/oohelperd/handler.go index 94dd6038e7..aba5948d43 100644 --- a/internal/oohelperd/handler.go +++ b/internal/oohelperd/handler.go @@ -165,7 +165,7 @@ func (h *Handler) ServeHTTP(w http.ResponseWriter, req *http.Request) { data, err := json.Marshal(resp) runtimex.PanicOnError(err, "json.Marshal failed") w.Header().Add("Content-Type", "application/json") - w.Write(data) + _, _ = w.Write(data) return } @@ -223,7 +223,7 @@ func (h *Handler) ServeHTTP(w http.ResponseWriter, req *http.Request) { data, err = json.Marshal(cresp) runtimex.PanicOnError(err, "json.Marshal failed") w.Header().Add("Content-Type", "application/json") - w.Write(data) + _, _ = w.Write(data) } // newResolver creates a new [model.Resolver] suitable for serving diff --git a/internal/oohelperd/quic.go b/internal/oohelperd/quic.go index 88939baccf..cab6a276bc 100644 --- a/internal/oohelperd/quic.go +++ b/internal/oohelperd/quic.go @@ -81,7 +81,7 @@ func quicDo(ctx context.Context, config *quicConfig) { // See https://github.com/ooni/probe/issues/2413 to understand // why we're using nil to force netxlite to use the cached // default Mozilla cert pool. - tlsConfig := &tls.Config{ + tlsConfig := &tls.Config{ // #nosec G402 - we need to use a large TLS versions range for measuring NextProtos: []string{"h3"}, RootCAs: nil, ServerName: config.URLHostname, diff --git a/internal/oohelperd/tcptls.go b/internal/oohelperd/tcptls.go index d39dc73be3..d3eca7ee42 100644 --- a/internal/oohelperd/tcptls.go +++ b/internal/oohelperd/tcptls.go @@ -127,7 +127,7 @@ func tcpTLSDo(ctx context.Context, config *tcpTLSConfig) { // See https://github.com/ooni/probe/issues/2413 to understand // why we're using nil to force netxlite to use the cached // default Mozilla cert pool. - tlsConfig := &tls.Config{ + tlsConfig := &tls.Config{ // #nosec G402 - we need to use a large TLS versions range for measuring NextProtos: []string{"h2", "http/1.1"}, RootCAs: nil, ServerName: config.URLHostname, @@ -140,7 +140,7 @@ func tcpTLSDo(ctx context.Context, config *tcpTLSConfig) { // perform the handshake tlsConn, err := thx.Handshake(ctx, conn, tlsConfig) - measurexlite.MaybeClose(tlsConn) + _ = measurexlite.MaybeClose(tlsConn) // publish time required to handshake tlsElapsed := time.Since(tlsT0) diff --git a/internal/oonirun/experiment.go b/internal/oonirun/experiment.go index f597cbb53e..3b4fd9afc5 100644 --- a/internal/oonirun/experiment.go +++ b/internal/oonirun/experiment.go @@ -92,7 +92,7 @@ func (ed *Experiment) Run(ctx context.Context) error { // 3. randomize input, if needed if ed.Random { - rnd := rand.New(rand.NewSource(time.Now().UnixNano())) + rnd := rand.New(rand.NewSource(time.Now().UnixNano())) // #nosec G404 -- not really important rnd.Shuffle(len(inputList), func(i, j int) { inputList[i], inputList[j] = inputList[j], inputList[i] }) diff --git a/internal/ptx/obfs4.go b/internal/ptx/obfs4.go index 4e192c21ea..de0ffb7a65 100644 --- a/internal/ptx/obfs4.go +++ b/internal/ptx/obfs4.go @@ -138,7 +138,7 @@ func (d *obfs4CancellableDialer) dial( select { case connch <- conn: default: - conn.Close() // context won the race + _ = conn.Close() // context won the race } }() select { diff --git a/internal/ptx/ptx.go b/internal/ptx/ptx.go index 87dc9e38d8..c5bb2f38f4 100644 --- a/internal/ptx/ptx.go +++ b/internal/ptx/ptx.go @@ -122,11 +122,11 @@ func (lst *Listener) forward(ctx context.Context, left, right net.Conn, done cha wg.Add(2) go func() { defer wg.Done() - netxlite.CopyContext(ctx, left, right) + _, _ = netxlite.CopyContext(ctx, left, right) }() go func() { defer wg.Done() - netxlite.CopyContext(ctx, right, left) + _, _ = netxlite.CopyContext(ctx, right, left) }() wg.Wait() } @@ -157,7 +157,7 @@ func (lst *Listener) handleSocksConn(ctx context.Context, socksConn SocksConn) e } ptConn, err := lst.PTDialer.DialContext(ctx) if err != nil { - socksConn.Close() // we own it + _ = socksConn.Close() // we own it lst.logger().Warnf("ptx: ContextDialer.DialContext error: %s", err) return err // used for testing } @@ -296,7 +296,7 @@ func (lst *Listener) Stop() { lst.cancel() // cancel is idempotent } if lst.listener != nil { - lst.listener.Close() // should be idempotent + _ = lst.listener.Close() // should be idempotent } } diff --git a/internal/ptx/snowflake.go b/internal/ptx/snowflake.go index a48883f583..00beb642e2 100644 --- a/internal/ptx/snowflake.go +++ b/internal/ptx/snowflake.go @@ -163,7 +163,7 @@ func (d *SnowflakeDialer) dialContext( select { case connch <- conn: default: - conn.Close() // context won the race + _ = conn.Close() // context won the race } }() select { diff --git a/internal/shellx/shellx.go b/internal/shellx/shellx.go index d9a26cd4fb..08ad3a24eb 100644 --- a/internal/shellx/shellx.go +++ b/internal/shellx/shellx.go @@ -314,7 +314,7 @@ func CopyFile(source, dest string, perms fs.FileMode) error { return err } if _, err := ioCopy(destfp, sourcefp); err != nil { - destfp.Close() + _ = destfp.Close() return err } return destfp.Close() diff --git a/internal/testingproxy/hosthttps.go b/internal/testingproxy/hosthttps.go index 7066b2dc50..e1cab76453 100644 --- a/internal/testingproxy/hosthttps.go +++ b/internal/testingproxy/hosthttps.go @@ -60,7 +60,7 @@ func (tc *hostNetworkTestCaseWithHTTPWithTLS) Run(t *testing.T) { // extend the default cert pool with the proxy's own CA pool := netxlite.NewMozillaCertPool() pool.AddCert(proxyServer.CACert) - tlsConfig := &tls.Config{RootCAs: pool} + tlsConfig := &tls.Config{RootCAs: pool} // #nosec G402 - code used for testing // create an HTTP client configured to use the given proxy // diff --git a/internal/testingproxy/netemhttp.go b/internal/testingproxy/netemhttp.go index d868c21289..f80356aff7 100644 --- a/internal/testingproxy/netemhttp.go +++ b/internal/testingproxy/netemhttp.go @@ -67,7 +67,7 @@ func (tc *netemTestCaseWithHTTP) Run(t *testing.T) { // configure the wwwStack as the DNS resolver with proper configuration dnsConfig := netem.NewDNSConfig() - dnsConfig.AddRecord("www.example.com.", "", wwwIPAddr) + runtimex.Try0(dnsConfig.AddRecord("www.example.com.", "", wwwIPAddr)) dnsServer := runtimex.Try1(netem.NewDNSServer(log.Log, wwwStack, wwwIPAddr, dnsConfig)) defer dnsServer.Close() @@ -76,7 +76,7 @@ func (tc *netemTestCaseWithHTTP) Run(t *testing.T) { &net.TCPAddr{IP: net.ParseIP(wwwIPAddr), Port: 80}, wwwStack, http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { - w.Write([]byte("Bonsoir, Elliot!\r\n")) + _, _ = w.Write([]byte("Bonsoir, Elliot!\r\n")) }), ) defer wwwServer80.Close() @@ -86,7 +86,7 @@ func (tc *netemTestCaseWithHTTP) Run(t *testing.T) { &net.TCPAddr{IP: net.ParseIP(wwwIPAddr), Port: 443}, wwwStack, http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { - w.Write([]byte("Bonsoir, Elliot!\r\n")) + _, _ = w.Write([]byte("Bonsoir, Elliot!\r\n")) }), wwwStack, "www.example.com", @@ -118,7 +118,7 @@ func (tc *netemTestCaseWithHTTP) Run(t *testing.T) { netxlite.HTTPTransportOptionProxyURL(runtimex.Try1(url.Parse(proxyServer.URL))), // TODO(https://github.com/ooni/probe/issues/2536) - netxlite.HTTPTransportOptionTLSClientConfig(&tls.Config{ + netxlite.HTTPTransportOptionTLSClientConfig(&tls.Config{ // #nosec G402 - code used for testing RootCAs: clientStack.DefaultCertPool(), }), ) diff --git a/internal/testingproxy/netemhttps.go b/internal/testingproxy/netemhttps.go index 4635442294..0e0cf17bb5 100644 --- a/internal/testingproxy/netemhttps.go +++ b/internal/testingproxy/netemhttps.go @@ -67,7 +67,7 @@ func (tc *netemTestCaseWithHTTPWithTLS) Run(t *testing.T) { // configure the wwwStack as the DNS resolver with proper configuration dnsConfig := netem.NewDNSConfig() - dnsConfig.AddRecord("www.example.com.", "", wwwIPAddr) + runtimex.Try0(dnsConfig.AddRecord("www.example.com.", "", wwwIPAddr)) dnsServer := runtimex.Try1(netem.NewDNSServer(log.Log, wwwStack, wwwIPAddr, dnsConfig)) defer dnsServer.Close() @@ -76,7 +76,7 @@ func (tc *netemTestCaseWithHTTPWithTLS) Run(t *testing.T) { &net.TCPAddr{IP: net.ParseIP(wwwIPAddr), Port: 80}, wwwStack, http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { - w.Write([]byte("Bonsoir, Elliot!\r\n")) + _, _ = w.Write([]byte("Bonsoir, Elliot!\r\n")) }), ) defer wwwServer80.Close() @@ -86,7 +86,7 @@ func (tc *netemTestCaseWithHTTPWithTLS) Run(t *testing.T) { &net.TCPAddr{IP: net.ParseIP(wwwIPAddr), Port: 443}, wwwStack, http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { - w.Write([]byte("Bonsoir, Elliot!\r\n")) + _, _ = w.Write([]byte("Bonsoir, Elliot!\r\n")) }), wwwStack, "www.example.com", @@ -120,7 +120,7 @@ func (tc *netemTestCaseWithHTTPWithTLS) Run(t *testing.T) { netxlite.HTTPTransportOptionProxyURL(runtimex.Try1(url.Parse(proxyServer.URL))), // TODO(https://github.com/ooni/probe/issues/2536) - netxlite.HTTPTransportOptionTLSClientConfig(&tls.Config{ + netxlite.HTTPTransportOptionTLSClientConfig(&tls.Config{ // #nosec G402 - code used for testing RootCAs: clientStack.DefaultCertPool(), }), ) diff --git a/internal/testingproxy/socksnetem.go b/internal/testingproxy/socksnetem.go index 296a7682ba..4726c17e88 100644 --- a/internal/testingproxy/socksnetem.go +++ b/internal/testingproxy/socksnetem.go @@ -67,7 +67,7 @@ func (tc *netemTestCaseWithSOCKS) Run(t *testing.T) { // configure the wwwStack as the DNS resolver with proper configuration dnsConfig := netem.NewDNSConfig() - dnsConfig.AddRecord("www.example.com.", "", wwwIPAddr) + runtimex.Try0(dnsConfig.AddRecord("www.example.com.", "", wwwIPAddr)) dnsServer := runtimex.Try1(netem.NewDNSServer(log.Log, wwwStack, wwwIPAddr, dnsConfig)) defer dnsServer.Close() @@ -76,7 +76,7 @@ func (tc *netemTestCaseWithSOCKS) Run(t *testing.T) { &net.TCPAddr{IP: net.ParseIP(wwwIPAddr), Port: 80}, wwwStack, http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { - w.Write([]byte("Bonsoir, Elliot!\r\n")) + _, _ = w.Write([]byte("Bonsoir, Elliot!\r\n")) }), ) defer wwwServer80.Close() @@ -86,7 +86,7 @@ func (tc *netemTestCaseWithSOCKS) Run(t *testing.T) { &net.TCPAddr{IP: net.ParseIP(wwwIPAddr), Port: 443}, wwwStack, http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { - w.Write([]byte("Bonsoir, Elliot!\r\n")) + _, _ = w.Write([]byte("Bonsoir, Elliot!\r\n")) }), wwwStack, "www.example.com", @@ -118,7 +118,7 @@ func (tc *netemTestCaseWithSOCKS) Run(t *testing.T) { netxlite.HTTPTransportOptionProxyURL(proxyServer.URL()), // TODO(https://github.com/ooni/probe/issues/2536) - netxlite.HTTPTransportOptionTLSClientConfig(&tls.Config{ + netxlite.HTTPTransportOptionTLSClientConfig(&tls.Config{ // #nosec G402 - code used for testing RootCAs: clientStack.DefaultCertPool(), }), ) diff --git a/internal/testingsocks5/auth.go b/internal/testingsocks5/auth.go index 63f8200bbf..cf0eaf9f64 100644 --- a/internal/testingsocks5/auth.go +++ b/internal/testingsocks5/auth.go @@ -65,7 +65,7 @@ func (s *Server) authenticate(cconn net.Conn) (*authContext, error) { // noAcceptableAuth is used to handle when we have no eligible authentication mechanism func noAcceptableAuth(conn net.Conn) error { - conn.Write([]byte{socks5Version, noAcceptable}) + _, _ = conn.Write([]byte{socks5Version, noAcceptable}) return errNoSupportedAuth } diff --git a/internal/testingx/dnsoverhttps.go b/internal/testingx/dnsoverhttps.go index 7f334343d2..9e14cf8ecf 100644 --- a/internal/testingx/dnsoverhttps.go +++ b/internal/testingx/dnsoverhttps.go @@ -21,7 +21,7 @@ func (p *DNSOverHTTPSHandler) ServeHTTP(w http.ResponseWriter, r *http.Request) rawQuery := runtimex.Try1(io.ReadAll(r.Body)) rawResponse := runtimex.Try1(p.RoundTripper.RoundTrip(r.Context(), rawQuery)) w.Header().Add("content-type", "application/dns-message") - w.Write(rawResponse) + _, _ = w.Write(rawResponse) } func (p *DNSOverHTTPSHandler) handlePanic(w http.ResponseWriter) { diff --git a/internal/testingx/fakefill.go b/internal/testingx/fakefill.go index 1adea3e98d..fdd7261d01 100644 --- a/internal/testingx/fakefill.go +++ b/internal/testingx/fakefill.go @@ -42,7 +42,7 @@ func (ff *FakeFiller) getRandLocked() *rand.Rand { if ff.Now != nil { now = ff.Now } - ff.rnd = rand.New(rand.NewSource(now().UnixNano())) + ff.rnd = rand.New(rand.NewSource(now().UnixNano())) // #nosec G404 -- used for testing } return ff.rnd } diff --git a/internal/testingx/geoip.go b/internal/testingx/geoip.go index 0a084dff5e..d1bcdeee64 100644 --- a/internal/testingx/geoip.go +++ b/internal/testingx/geoip.go @@ -20,5 +20,5 @@ func (p *GeoIPHandlerUbuntu) ServeHTTP(w http.ResponseWriter, r *http.Request) { p.ProbeIP, ) w.Header().Add("Content-Type", "text/xml") - w.Write([]byte(resp)) + _, _ = w.Write([]byte(resp)) } diff --git a/internal/testingx/httptestx.go b/internal/testingx/httptestx.go index 5a8ce91290..cd19dc56c6 100644 --- a/internal/testingx/httptestx.go +++ b/internal/testingx/httptestx.go @@ -145,7 +145,7 @@ var HTTPBlockpage451 = []byte(`
func HTTPHandlerBlockpage451() http.Handler { return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { w.WriteHeader(http.StatusUnavailableForLegalReasons) - w.Write(HTTPBlockpage451) + _, _ = w.Write(HTTPBlockpage451) }) } @@ -198,14 +198,14 @@ func HTTPHandlerResetWhileReadingBody() http.Handler { defer conn.Close() // write the HTTP response headers - conn.Write([]byte("HTTP/1.1 200 Ok\r\n")) - conn.Write([]byte("Content-Type: text/html\r\n")) - conn.Write([]byte("Content-Length: 65535\r\n")) - conn.Write([]byte("\r\n")) + _, _ = conn.Write([]byte("HTTP/1.1 200 Ok\r\n")) + _, _ = conn.Write([]byte("Content-Type: text/html\r\n")) + _, _ = conn.Write([]byte("Content-Length: 65535\r\n")) + _, _ = conn.Write([]byte("\r\n")) // start writing the response content := randx.Letters(32768) - conn.Write([]byte(content)) + _, _ = conn.Write([]byte(content)) // sleep for half a second simulating something wrong time.Sleep(500 * time.Millisecond) diff --git a/internal/testingx/oonibackendwithlogin.go b/internal/testingx/oonibackendwithlogin.go index 5c8779c9ac..9bcf3e0690 100644 --- a/internal/testingx/oonibackendwithlogin.go +++ b/internal/testingx/oonibackendwithlogin.go @@ -131,7 +131,7 @@ func (h *OONIBackendWithLoginFlow) handleRegister() http.Handler { } // send response - w.Write(must.MarshalJSON(response)) + _, _ = w.Write(must.MarshalJSON(response)) }) } @@ -207,7 +207,7 @@ func (h *OONIBackendWithLoginFlow) handleLogin() http.Handler { } // send response - w.Write(must.MarshalJSON(response)) + _, _ = w.Write(must.MarshalJSON(response)) }) } @@ -221,7 +221,7 @@ func (h *OONIBackendWithLoginFlow) handlePsiphonConfig() http.Handler { // we must lock because of SetPsiphonConfig h.mu.Lock() - w.Write(h.psiphonConfig) + _, _ = w.Write(h.psiphonConfig) h.mu.Unlock() }) } @@ -243,7 +243,7 @@ func (h *OONIBackendWithLoginFlow) handleTorTargets() http.Handler { // we must lock because of SetTorTargets h.mu.Lock() - w.Write(h.torTargets) + _, _ = w.Write(h.torTargets) h.mu.Unlock() }) diff --git a/internal/testingx/oonicollector.go b/internal/testingx/oonicollector.go index 62c6b2cc31..fc5bc7cd55 100644 --- a/internal/testingx/oonicollector.go +++ b/internal/testingx/oonicollector.go @@ -154,7 +154,7 @@ func (oc *OONICollector) openReport(w http.ResponseWriter, body []byte) { w.Header().Set("Content-Type", "application/json") // serialize and send - w.Write(must.MarshalJSON(response)) + _, _ = w.Write(must.MarshalJSON(response)) } // updateReport handles updating an existing OONI report. @@ -241,5 +241,5 @@ func (oc *OONICollector) updateReport(w http.ResponseWriter, urlpath string, bod w.Header().Set("Content-Type", "application/json") // serialize and send - w.Write(must.MarshalJSON(response)) + _, _ = w.Write(must.MarshalJSON(response)) } diff --git a/internal/testingx/tcpx.go b/internal/testingx/tcpx.go index ad22d0a393..0e0fcb2919 100644 --- a/internal/testingx/tcpx.go +++ b/internal/testingx/tcpx.go @@ -36,11 +36,11 @@ func tcpMaybeResetNetConn(conn net.Conn) { SetLinger(sec int) error } if setter, good := conn.(connLingerSetter); good { - setter.SetLinger(0) + _ = setter.SetLinger(0) } // close the conn to trigger the reset (we MUST call Close here where // we're using the underlying conn and it doesn't suffice to call it // inside the http.Handler, where wrapping would not cause a RST) - conn.Close() + _ = conn.Close() } diff --git a/internal/testingx/tlssniproxy.go b/internal/testingx/tlssniproxy.go index 42572854af..d89f4ff969 100644 --- a/internal/testingx/tlssniproxy.go +++ b/internal/testingx/tlssniproxy.go @@ -126,5 +126,5 @@ func (tp *TLSSNIProxy) handle(clientConn net.Conn) { func (tp *TLSSNIProxy) forward(wg *sync.WaitGroup, left, right net.Conn) { defer wg.Done() - io.Copy(right, left) + _, _ = io.Copy(right, left) } diff --git a/internal/testingx/tlsx.go b/internal/testingx/tlsx.go index bb2d6b9d39..f381c78098 100644 --- a/internal/testingx/tlsx.go +++ b/internal/testingx/tlsx.go @@ -124,7 +124,7 @@ func (p *TLSServer) handle(ctx context.Context, tcpConn net.Conn) { defer tcpConn.Close() // create TLS configuration where the handler is responsible for continuing the handshake - tlsConfig := &tls.Config{ + tlsConfig := &tls.Config{ // #nosec G402 - code used for testing GetCertificate: func(chi *tls.ClientHelloInfo) (*tls.Certificate, error) { return p.handler.GetCertificate(ctx, tcpConn, chi) }, @@ -214,7 +214,7 @@ type tlsHandlerEOF struct{} // GetCertificate implements TLSHandler. func (*tlsHandlerEOF) GetCertificate(ctx context.Context, tcpConn net.Conn, chi *tls.ClientHelloInfo) (*tls.Certificate, error) { - tcpConn.Close() // close the TCP connection to force EOF during the handshake + _ = tcpConn.Close() // close the TCP connection to force EOF during the handshake return nil, errors.New("internal error") } diff --git a/internal/tunnel/fake.go b/internal/tunnel/fake.go index 327a13230a..6afa49cd8c 100644 --- a/internal/tunnel/fake.go +++ b/internal/tunnel/fake.go @@ -27,7 +27,7 @@ func (t *fakeTunnel) BootstrapTime() time.Duration { func (t *fakeTunnel) Stop() { // Implementation note: closing the listener causes // the socks5 server.Serve to return an error - t.once.Do(func() { t.listener.Close() }) + t.once.Do(func() { _ = t.listener.Close() }) } // SOCKS5ProxyURL returns the SOCKS5 proxy URL. diff --git a/internal/tunnel/tor.go b/internal/tunnel/tor.go index 390eedbeeb..8f88cdd4f5 100644 --- a/internal/tunnel/tor.go +++ b/internal/tunnel/tor.go @@ -46,7 +46,7 @@ func (tt *torTunnel) SOCKS5ProxyURL() *url.URL { // Stop stops the Tor tunnel func (tt *torTunnel) Stop() { - tt.instance.Close() + _ = tt.instance.Close() } // ErrTorUnableToGetSOCKSProxyAddress indicates that we could not @@ -99,23 +99,23 @@ func torStart(ctx context.Context, config *Config) (Tunnel, DebugInfo, error) { instance.StopProcessOnClose = true start := time.Now() if err := config.torEnableNetwork(ctx, instance, true); err != nil { - instance.Close() + _ = instance.Close() return nil, debugInfo, err } stop := time.Now() // Adapted from