Skip to content

Commit 21e27a2

Browse files
committed
Fix lint errors
1 parent 588c8ba commit 21e27a2

38 files changed

Lines changed: 284 additions & 333 deletions

common/certificate/store.go

Lines changed: 2 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -30,7 +30,8 @@ type Store struct {
3030
certificatePaths []string
3131
certificateDirectoryPaths []string
3232
watcher *fswatch.Watcher
33-
platform storePlatform
33+
//nolint:unused // populated only on darwin && cgo via the storePlatform embed.
34+
platform storePlatform
3435
}
3536

3637
func NewStore(ctx context.Context, logger logger.Logger, options option.CertificateOptions) (*Store, error) {

common/certificate/store_other.go

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -2,6 +2,7 @@
22

33
package certificate
44

5+
//nolint:unused // referenced by Store.platform; populated only in store_darwin.go.
56
type storePlatform struct{}
67

78
func (s *Store) updatePlatformLocked(_ []byte) error {

common/httpclient/apple_transport_darwin_test.go

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -532,7 +532,7 @@ func TestAppleTransportRoundTripHTTPS(t *testing.T) {
532532
}
533533
var normalizedValues []string
534534
for _, value := range observed.values {
535-
for _, part := range strings.Split(value, ",") {
535+
for part := range strings.SplitSeq(value, ",") {
536536
normalizedValues = append(normalizedValues, strings.TrimSpace(part))
537537
}
538538
}
@@ -687,7 +687,7 @@ func TestAppleTransportCancellationRecovery(t *testing.T) {
687687
},
688688
})
689689

690-
for index := 0; index < appleHTTPRecoveryLoops; index++ {
690+
for index := range appleHTTPRecoveryLoops {
691691
ctx, cancel := context.WithTimeout(context.Background(), 100*time.Millisecond)
692692
request := newAppleHTTPRequestWithContext(t, ctx, http.MethodGet, server.URL("/block"), nil)
693693
response, err := transport.RoundTrip(request)

common/networkquality/networkquality.go

Lines changed: 4 additions & 9 deletions
Original file line numberDiff line numberDiff line change
@@ -10,6 +10,7 @@ import (
1010
"net/http"
1111
"net/http/httptrace"
1212
"net/url"
13+
"slices"
1314
"sort"
1415
"strings"
1516
"sync"
@@ -513,10 +514,7 @@ func (r *directionRunner) swapIntervalProbeValues() []float64 {
513514
}
514515

515516
func (r *directionRunner) setResponsivenessWindow(currentInterval int) {
516-
lower := currentInterval - settings.movingAvgDistance + 1
517-
if lower < 0 {
518-
lower = 0
519-
}
517+
lower := max(currentInterval-settings.movingAvgDistance+1, 0)
520518
r.probeMu.Lock()
521519
r.responsivenessWindow = &intervalWindow{lower: lower, upper: currentInterval}
522520
r.probeMu.Unlock()
@@ -529,10 +527,7 @@ func (r *directionRunner) recordThroughput(interval int, bps float64) {
529527
}
530528

531529
func (r *directionRunner) setThroughputWindow(currentInterval int) {
532-
lower := currentInterval - settings.movingAvgDistance + 1
533-
if lower < 0 {
534-
lower = 0
535-
}
530+
lower := max(currentInterval-settings.movingAvgDistance+1, 0)
536531
r.probeMu.Lock()
537532
r.throughputWindow = &intervalWindow{lower: lower, upper: currentInterval}
538533
r.probeMu.Unlock()
@@ -956,7 +951,7 @@ func measureIdleLatency(ctx context.Context, factory MeasurementClientFactory, c
956951
maxProbeBytes = measurement.bytes
957952
}
958953
}
959-
sort.Slice(latencies, func(i, j int) bool { return latencies[i] < latencies[j] })
954+
slices.Sort(latencies)
960955
return int32(latencies[len(latencies)/2]), maxProbeBytes, nil
961956
}
962957

common/schannel/types_windows.go

Lines changed: 5 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -109,12 +109,12 @@ type schCredentials struct {
109109
}
110110

111111
type tlsParameters struct {
112-
cAlpnIds uint32
113-
rgstrAlpnIds uintptr
112+
_ uint32 // cAlpnIds
113+
_ uintptr // rgstrAlpnIds
114114
grbitDisabledProtocols uint32
115-
cDisabledCrypto uint32
116-
pDisabledCrypto uintptr
117-
dwFlags uint32
115+
_ uint32 // cDisabledCrypto
116+
_ uintptr // pDisabledCrypto
117+
_ uint32 // dwFlags
118118
}
119119

120120
type secPkgContextStreamSizes struct {

common/tls/acme.go

Lines changed: 3 additions & 7 deletions
Original file line numberDiff line numberDiff line change
@@ -5,6 +5,7 @@ package tls
55
import (
66
"context"
77
"crypto/tls"
8+
"slices"
89
"strings"
910

1011
"github.com/sagernet/sing-box/adapter"
@@ -70,13 +71,8 @@ func startACME(ctx context.Context, logger logger.Logger, options option.Inbound
7071
Logger: zapLogger,
7172
}
7273
profile := options.Profile
73-
if profile == "" && acmeServer == certmagic.LetsEncryptProductionCA {
74-
for _, domain := range options.Domain {
75-
if certmagic.SubjectIsIP(domain) {
76-
profile = "shortlived"
77-
break
78-
}
79-
}
74+
if profile == "" && acmeServer == certmagic.LetsEncryptProductionCA && slices.ContainsFunc(options.Domain, certmagic.SubjectIsIP) {
75+
profile = "shortlived"
8076
}
8177

8278
acmeConfig := certmagic.ACMEIssuer{

common/tls/apple_client_platform_test.go

Lines changed: 3 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -39,7 +39,7 @@ var (
3939

4040
func TestAppleClientHandshakeAppliesALPNAndVersion(t *testing.T) {
4141
serverCertificate, serverCertificatePEM := newAppleTestCertificate(t, "localhost")
42-
for index := 0; index < appleTLSSuccessHandshakeLoops; index++ {
42+
for index := range appleTLSSuccessHandshakeLoops {
4343
serverResult, serverAddress := startAppleTLSTestServer(t, &stdtls.Config{
4444
Certificates: []stdtls.Certificate{serverCertificate},
4545
MinVersion: stdtls.VersionTLS12,
@@ -201,7 +201,7 @@ func TestAppleClientHandshakeRecoversAfterFailure(t *testing.T) {
201201

202202
for _, testCase := range testCases {
203203
t.Run(testCase.name, func(t *testing.T) {
204-
for index := 0; index < appleTLSFailureRecoveryLoops; index++ {
204+
for index := range appleTLSFailureRecoveryLoops {
205205
failedResult, failedAddress := startAppleTLSTestServer(t, testCase.serverConfig)
206206
failedConn, err := newAppleTestClientConn(t, failedAddress, testCase.clientOptions)
207207
if err == nil {
@@ -271,7 +271,7 @@ func TestAppleClientConfigCloneWithInlineCertificate(t *testing.T) {
271271
t.Fatalf("Clone shares ALPN slice with original: %v", nextProtos)
272272
}
273273

274-
for index := 0; index < appleTLSFailureRecoveryLoops; index++ {
274+
for index := range appleTLSFailureRecoveryLoops {
275275
serverResult, serverAddress := startAppleTLSTestServer(t, &stdtls.Config{
276276
Certificates: []stdtls.Certificate{serverCertificate},
277277
MinVersion: stdtls.VersionTLS12,

common/tls/system_client.go

Lines changed: 0 additions & 95 deletions
Original file line numberDiff line numberDiff line change
@@ -3,79 +3,16 @@ package tls
33
import (
44
"context"
55
"crypto/x509"
6-
"net"
76
"os"
87
"strings"
98
"time"
109

1110
"github.com/sagernet/sing-box/adapter"
12-
C "github.com/sagernet/sing-box/constant"
1311
"github.com/sagernet/sing-box/option"
1412
E "github.com/sagernet/sing/common/exceptions"
15-
"github.com/sagernet/sing/common/ntp"
1613
"github.com/sagernet/sing/service"
1714
)
1815

19-
type systemTLSConfig struct {
20-
serverName string
21-
nextProtos []string
22-
handshakeTimeout time.Duration
23-
minVersion uint16
24-
maxVersion uint16
25-
insecure bool
26-
anchorOnly bool
27-
certificatePublicKeySHA256 [][]byte
28-
timeFunc func() time.Time
29-
store adapter.CertificateStore
30-
}
31-
32-
func (c *systemTLSConfig) ServerName() string {
33-
return c.serverName
34-
}
35-
36-
func (c *systemTLSConfig) SetServerName(serverName string) {
37-
c.serverName = serverName
38-
}
39-
40-
func (c *systemTLSConfig) NextProtos() []string {
41-
return c.nextProtos
42-
}
43-
44-
func (c *systemTLSConfig) SetNextProtos(nextProto []string) {
45-
c.nextProtos = append([]string(nil), nextProto...)
46-
}
47-
48-
func (c *systemTLSConfig) HandshakeTimeout() time.Duration {
49-
return c.handshakeTimeout
50-
}
51-
52-
func (c *systemTLSConfig) SetHandshakeTimeout(timeout time.Duration) {
53-
c.handshakeTimeout = timeout
54-
}
55-
56-
func (c *systemTLSConfig) STDConfig() (*STDConfig, error) {
57-
return nil, E.New("STDConfig is unsupported for the system TLS engine")
58-
}
59-
60-
func (c *systemTLSConfig) Client(conn net.Conn) (Conn, error) {
61-
return nil, os.ErrInvalid
62-
}
63-
64-
func (c *systemTLSConfig) clone() systemTLSConfig {
65-
return systemTLSConfig{
66-
serverName: c.serverName,
67-
nextProtos: append([]string(nil), c.nextProtos...),
68-
handshakeTimeout: c.handshakeTimeout,
69-
minVersion: c.minVersion,
70-
maxVersion: c.maxVersion,
71-
insecure: c.insecure,
72-
anchorOnly: c.anchorOnly,
73-
certificatePublicKeySHA256: append([][]byte(nil), c.certificatePublicKeySHA256...),
74-
timeFunc: c.timeFunc,
75-
store: c.store,
76-
}
77-
}
78-
7916
type SystemTLSValidated struct {
8017
MinVersion uint16
8118
MaxVersion uint16
@@ -165,38 +102,6 @@ func resolveSystemAnchors(ctx context.Context, options option.OutboundTLSOptions
165102
return nil, store.ExclusiveAnchors(), store, nil
166103
}
167104

168-
func newSystemTLSConfig(ctx context.Context, serverAddress string, options option.OutboundTLSOptions, allowEmptyServerName bool, engineName string) (systemTLSConfig, SystemTLSValidated, error) {
169-
validated, err := ValidateSystemTLSOptions(ctx, options, engineName)
170-
if err != nil {
171-
return systemTLSConfig{}, SystemTLSValidated{}, err
172-
}
173-
var serverName string
174-
if options.ServerName != "" {
175-
serverName = options.ServerName
176-
} else if serverAddress != "" {
177-
serverName = serverAddress
178-
}
179-
if serverName == "" && !options.Insecure && !allowEmptyServerName {
180-
return systemTLSConfig{}, SystemTLSValidated{}, errMissingServerName
181-
}
182-
handshakeTimeout := C.TCPTimeout
183-
if options.HandshakeTimeout > 0 {
184-
handshakeTimeout = options.HandshakeTimeout.Build()
185-
}
186-
return systemTLSConfig{
187-
serverName: serverName,
188-
nextProtos: append([]string(nil), options.ALPN...),
189-
handshakeTimeout: handshakeTimeout,
190-
minVersion: validated.MinVersion,
191-
maxVersion: validated.MaxVersion,
192-
insecure: options.Insecure || len(options.CertificatePublicKeySHA256) > 0,
193-
anchorOnly: validated.Exclusive,
194-
certificatePublicKeySHA256: append([][]byte(nil), options.CertificatePublicKeySHA256...),
195-
timeFunc: ntp.TimeFuncFromContext(ctx),
196-
store: validated.Store,
197-
}, validated, nil
198-
}
199-
200105
func verifySystemTLSPeer(roots *x509.CertPool, serverName string, timeFunc func() time.Time, peerCertificates []*x509.Certificate) error {
201106
if len(peerCertificates) == 0 {
202107
return E.New("no peer certificates")

common/tls/system_client_engine.go

Lines changed: 108 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,108 @@
1+
//go:build (darwin && cgo) || windows
2+
3+
package tls
4+
5+
import (
6+
"context"
7+
"net"
8+
"os"
9+
"time"
10+
11+
"github.com/sagernet/sing-box/adapter"
12+
C "github.com/sagernet/sing-box/constant"
13+
"github.com/sagernet/sing-box/option"
14+
E "github.com/sagernet/sing/common/exceptions"
15+
"github.com/sagernet/sing/common/ntp"
16+
)
17+
18+
type systemTLSConfig struct {
19+
serverName string
20+
nextProtos []string
21+
handshakeTimeout time.Duration
22+
minVersion uint16
23+
maxVersion uint16
24+
insecure bool
25+
anchorOnly bool
26+
certificatePublicKeySHA256 [][]byte
27+
timeFunc func() time.Time
28+
store adapter.CertificateStore
29+
}
30+
31+
func (c *systemTLSConfig) ServerName() string {
32+
return c.serverName
33+
}
34+
35+
func (c *systemTLSConfig) SetServerName(serverName string) {
36+
c.serverName = serverName
37+
}
38+
39+
func (c *systemTLSConfig) NextProtos() []string {
40+
return c.nextProtos
41+
}
42+
43+
func (c *systemTLSConfig) SetNextProtos(nextProto []string) {
44+
c.nextProtos = append([]string(nil), nextProto...)
45+
}
46+
47+
func (c *systemTLSConfig) HandshakeTimeout() time.Duration {
48+
return c.handshakeTimeout
49+
}
50+
51+
func (c *systemTLSConfig) SetHandshakeTimeout(timeout time.Duration) {
52+
c.handshakeTimeout = timeout
53+
}
54+
55+
func (c *systemTLSConfig) STDConfig() (*STDConfig, error) {
56+
return nil, E.New("STDConfig is unsupported for the system TLS engine")
57+
}
58+
59+
func (c *systemTLSConfig) Client(conn net.Conn) (Conn, error) {
60+
return nil, os.ErrInvalid
61+
}
62+
63+
func (c *systemTLSConfig) clone() systemTLSConfig {
64+
return systemTLSConfig{
65+
serverName: c.serverName,
66+
nextProtos: append([]string(nil), c.nextProtos...),
67+
handshakeTimeout: c.handshakeTimeout,
68+
minVersion: c.minVersion,
69+
maxVersion: c.maxVersion,
70+
insecure: c.insecure,
71+
anchorOnly: c.anchorOnly,
72+
certificatePublicKeySHA256: append([][]byte(nil), c.certificatePublicKeySHA256...),
73+
timeFunc: c.timeFunc,
74+
store: c.store,
75+
}
76+
}
77+
78+
func newSystemTLSConfig(ctx context.Context, serverAddress string, options option.OutboundTLSOptions, allowEmptyServerName bool, engineName string) (systemTLSConfig, SystemTLSValidated, error) {
79+
validated, err := ValidateSystemTLSOptions(ctx, options, engineName)
80+
if err != nil {
81+
return systemTLSConfig{}, SystemTLSValidated{}, err
82+
}
83+
var serverName string
84+
if options.ServerName != "" {
85+
serverName = options.ServerName
86+
} else if serverAddress != "" {
87+
serverName = serverAddress
88+
}
89+
if serverName == "" && !options.Insecure && !allowEmptyServerName {
90+
return systemTLSConfig{}, SystemTLSValidated{}, errMissingServerName
91+
}
92+
handshakeTimeout := C.TCPTimeout
93+
if options.HandshakeTimeout > 0 {
94+
handshakeTimeout = options.HandshakeTimeout.Build()
95+
}
96+
return systemTLSConfig{
97+
serverName: serverName,
98+
nextProtos: append([]string(nil), options.ALPN...),
99+
handshakeTimeout: handshakeTimeout,
100+
minVersion: validated.MinVersion,
101+
maxVersion: validated.MaxVersion,
102+
insecure: options.Insecure || len(options.CertificatePublicKeySHA256) > 0,
103+
anchorOnly: validated.Exclusive,
104+
certificatePublicKeySHA256: append([][]byte(nil), options.CertificatePublicKeySHA256...),
105+
timeFunc: ntp.TimeFuncFromContext(ctx),
106+
store: validated.Store,
107+
}, validated, nil
108+
}

0 commit comments

Comments
 (0)