Commit 0489e21c authored by Marek Vavruša's avatar Marek Vavruša

fixed obvious linter problems

there are two modules that couldn't work before:

* graphite
* ketcd
parent 3162da83
Pipeline #25947 passed with stages
in 2 minutes and 11 seconds
......@@ -105,7 +105,7 @@ local function parse_query(g)
if type(action) == 'function' then
action = action(g)
end
return actid, action, filter
return actid, action, filter
end
-- Compile a rule described by query language
......@@ -157,7 +157,7 @@ function M.add(rule)
return filter(req, qry) and action
end
else
p = function (req, qry)
p = function ()
return action
end
end
......@@ -174,7 +174,7 @@ end
-- @function Remove a rule
function M.del(id)
for i, r in ipairs(M.rules) do
for _, r in ipairs(M.rules) do
if r.rule.id == id then
policy.del(id)
table.remove(M.rules, id)
......@@ -185,7 +185,7 @@ end
-- @function Find a rule
function M.get(id)
for i, r in ipairs(M.rules) do
for _, r in ipairs(M.rules) do
if r.rule.id == id then
return r
end
......@@ -194,7 +194,7 @@ end
-- @function Enable/disable a rule
function M.toggle(id, val)
for i, r in ipairs(M.rules) do
for _, r in ipairs(M.rules) do
if r.rule.id == id then
r.rule.suspended = not val
return true
......@@ -203,10 +203,10 @@ function M.toggle(id, val)
end
-- @function Enable/disable a rule
function M.disable(id, val)
function M.disable(id)
return M.toggle(id, false)
end
function M.enable(id, val)
function M.enable(id)
return M.toggle(id, true)
end
......@@ -295,7 +295,7 @@ local function getmatches()
end
-- @function Publish DAF statistics
local function publish(h, ws)
local function publish(_, ws)
local cqueues = require('cqueues')
local ok, last = true, nil
while ok do
......@@ -323,7 +323,7 @@ local function publish(h, ws)
end
-- @function Configure module
function M.config(conf)
function M.config()
if not http or not http.endpoints then return end
-- Export API and data publisher
http.endpoints['/daf.js'] = http.page('daf.js', 'daf')
......
-- Module interface
local ffi = require('ffi')
local bit = require('bit')
local mod = {}
local addr_buf = ffi.new('char[16]')
-- Config
......@@ -15,7 +14,7 @@ mod.layer = {
if state == kres.FAIL then return state end
pkt = kres.pkt_t(pkt)
req = kres.request_t(req)
qry = req:current()
local qry = req:current()
-- Observe only authoritative answers
if mod.proxy == nil or not qry.flags.RESOLVED then
return state
......@@ -57,7 +56,7 @@ mod.layer = {
extraFlags.DNSSEC_WANT = qry.flags.DNSSEC_WANT
extraFlags.AWAIT_CUT = true
extraFlags.DNS64_MARK = true
local next = req:push(pkt:qname(), kres.type.A, kres.class.IN, extraFlags, qry)
req:push(pkt:qname(), kres.type.A, kres.class.IN, extraFlags, qry)
end
end
return state
......
......@@ -76,7 +76,7 @@ local function publish_table(metrics, prefix, now)
end
end
function M.init(module)
function M.init()
M.ev = nil
M.cli = {}
M.info = {}
......@@ -85,7 +85,7 @@ function M.init(module)
return 0
end
function M.deinit(module)
function M.deinit()
if M.ev then event.cancel(M.ev) end
return 0
end
......@@ -103,8 +103,13 @@ function M.publish()
end
-- @function Make connection to Graphite server.
function M.add_server(graphite, host, port, tcp)
local s, err = tcp and make_tcp(host, port) or make_udp(host, port)
function M.add_server(_, host, port, tcp)
local s, err
if tcp then
s, err = make_tcp(host, port)
else
s, err = make_udp(host, port)
end
if not s then
error(err)
end
......@@ -121,11 +126,11 @@ function M.config(conf)
if conf.prefix then M.prefix = conf.prefix end
-- connect to host(s)
if type(conf.host) == 'table' then
for key, val in pairs(conf.host) do
graphite:add_server(val, conf.port, conf.tcp)
for _, val in pairs(conf.host) do
M:add_server(val, conf.port, conf.tcp)
end
else
graphite:add_server(conf.host, conf.port, conf.tcp)
M:add_server(conf.host, conf.port, conf.tcp)
end
-- start publishing stats
if M.ev then event.cancel(M.ev) end
......
......@@ -71,9 +71,9 @@ local pages = {
local function serve_root()
local data = pgload('main.tpl')[2]
data = data
:gsub('{{ title }}', title or ('kresd @ ' .. hostname()))
:gsub('{{ title }}', M.title or ('kresd @ ' .. hostname()))
:gsub('{{ host }}', hostname())
return function (h, stream)
return function (_, stream)
-- Render snippets
local rsnippets = {}
for _,v in pairs(M.snippets) do
......@@ -289,7 +289,7 @@ function M.interface(host, port, endpoints, crtfile, keyfile)
end
-- Check loaded certificate
if not crt or not key then
panic('failed to load certificate "%s" - %s', crtfile, err or 'error')
panic('failed to load certificate "%s"', crtfile)
end
end
-- Compose server handler
......@@ -311,7 +311,7 @@ function M.interface(host, port, endpoints, crtfile, keyfile)
if crt and ephemeral then
local _, expiry = crt:getLifetime()
expiry = math.max(0, expiry - (os.time() - 3 * 24 * 3600))
event.after(expiry, function (ev)
event.after(expiry, function ()
log('[http] refreshed ephemeral certificate')
crt, key = updatecert(crtfile, keyfile)
s.ctx = tlscontext(crt, key)
......
......@@ -26,13 +26,13 @@ local function getstats()
return t
end
local function snapshot_end(h, ws)
local function snapshot_end()
snapshots_count = false
end
-- Function to sort frequency list
local function snapshot_start(h, ws)
local ok, prev = true, getstats()
local function snapshot_start()
local prev = getstats()
while snapshots_count do
local is_empty = true
-- Get current snapshot
......@@ -66,7 +66,13 @@ local function snapshot_start(h, ws)
local wdata = {}
for _, info in pairs(map 'worker.info()') do
if type(info) == 'table' then
wdata[tostring(info.pid)] = {rss=info.rss, usertime=info.usertime, systime=info.systime, pagefaults=info.pagefaults, queries=info.queries}
wdata[tostring(info.pid)] = {
rss = info.rss,
usertime = info.usertime,
systime = info.systime,
pagefaults = info.pagefaults,
queries = info.queries
}
end
end
-- Publish stats updates periodically
......@@ -82,7 +88,7 @@ local function snapshot_start(h, ws)
end
-- Function to sort frequency list
local function stream_stats(h, ws)
local function stream_stats(_, ws)
-- Initially, stream history
local ok, last = true, nil
local batch = {}
......
......@@ -4,7 +4,7 @@ local ketcd = {}
-- @function update subtree configuration
local function update_subtree(tree)
if not tree then return end
for i,k in pairs(tree) do
for _, k in pairs(tree) do
if k.dir then
update_subtree(k.nodes)
else
......@@ -18,20 +18,19 @@ end
-- @function reload whole configuration
function ketcd.reload()
local ketcd = _G['ketcd']
local res, err = ketcd.cli:readdir('/', true)
if err then
error(err)
end
update_subtree(res.body.node.nodes)
update_subtree(res.body.node.nodes)
end
function ketcd.init(module)
function ketcd.init()
ketcd.Etcd = require('etcd.luasocket')
ketcd.defaults = { prefix = '/kresd' }
end
function ketcd.deinit(module)
function ketcd.deinit()
if ketcd.ev then event.cancel(ketcd.ev) end
end
......@@ -43,7 +42,7 @@ function ketcd.config(conf)
-- create connection
local cli, err = ketcd.Etcd.new(options)
if err then
error(err)
error(err)
end
ketcd.cli = cli
-- schedule recurrent polling
......
local kres = require('kres')
local bit = require('bit')
local ffi = require('ffi')
local todname = kres.str2dname -- not available during module load otherwise
......@@ -43,7 +42,7 @@ end
-- String address@port -> sockaddr.
local function addr2sock(target)
local addr, port = addr_split_port(target)
sock = ffi.gc(ffi.C.kr_straddr_socket(addr, port), ffi.C.free);
local sock = ffi.gc(ffi.C.kr_straddr_socket(addr, port), ffi.C.free);
if sock == nil then
error("target '"..target..'" is not a valid IP address')
end
......@@ -135,7 +134,7 @@ end
-- Set and clear some query flags
local function flags(opts_set, opts_clear)
return function(state, req)
return function(_, req)
local qry = req:current()
ffi.C.kr_qflags_set (qry.flags, kres.mk_qflags(opts_set or {}))
ffi.C.kr_qflags_clear(qry.flags, kres.mk_qflags(opts_clear or {}))
......@@ -154,7 +153,7 @@ end
local dname_localhost = todname('localhost.')
-- Rule for localhost. zone; see RFC6303, sec. 3
local function localhost(state, req)
local function localhost(_, req)
local qry = req:current()
local answer = req.answer
ffi.C.kr_pkt_make_auth_header(answer)
......@@ -186,7 +185,7 @@ local dname_rev4_localhost_apex = todname('127.in-addr.arpa');
-- Answer with locally served minimal 127.in-addr.arpa domain, only having
-- a PTR record in 1.0.0.127.in-addr.arpa, and with 1.0...0.ip6.arpa. zone.
-- TODO: much of this would better be left to the hints module (or coordinated).
local function localhost_reversed(state, req)
local function localhost_reversed(_, req)
local qry = req:current()
local answer = req.answer
......@@ -244,14 +243,14 @@ local policy = {
-- All requests
function policy.all(action)
return function(req, query) return action end
return function(_, _) return action end
end
-- Requests which QNAME matches given zone list (i.e. suffix match)
function policy.suffix(action, zone_list)
local AC = require('ahocorasick')
local tree = AC.create(zone_list)
return function(req, query)
return function(_, query)
local match = AC.match(tree, query:name(), false)
if match ~= nil then
return action
......@@ -264,7 +263,7 @@ end
function policy.suffix_common(action, suffix_list, common_suffix)
local common_len = string.len(common_suffix)
local suffix_count = #suffix_list
return function(req, query)
return function(_, query)
-- Preliminary check
local qname = query:name()
if not string.find(qname, common_suffix, -common_len, true) then
......@@ -283,7 +282,7 @@ end
-- Filter QNAME pattern
function policy.pattern(action, pattern)
return function(req, query)
return function(_, query)
if string.find(query:name(), pattern) then
return action
end
......@@ -306,10 +305,10 @@ local function rpz_parse(action, path)
if not parser:open(path) then error(string.format('failed to parse "%s"', path)) end
while parser:parse() do
local name = ffi.string(parser.r_owner, parser.r_owner_length)
local action = ffi.string(parser.r_data, parser.r_data_length)
rules[name] = action_map[action]
local name_action = ffi.string(parser.r_data, parser.r_data_length)
rules[name] = action_map[name_action]
-- Warn when NYI
if #name > 1 and not action_map[action] then
if #name > 1 and not action_map[name_action] then
print(string.format('[ rpz ] %s:%d: unsupported policy action', path, tonumber(parser.line_counter)))
end
end
......@@ -320,14 +319,14 @@ end
local function rpz_zonefile(action, path)
local rules = rpz_parse(action, path)
collectgarbage()
return function(req, query)
return function(_, query)
local label = query:name()
local action = rules[label]
while action == nil and string.len(label) > 0 do
local rule = rules[label]
while rule == nil and string.len(label) > 0 do
label = string.sub(label, string.byte(label) + 2)
action = rules['\1*'..label]
rule = rules['\1*'..label]
end
return action
return rule
end
end
......@@ -391,10 +390,10 @@ end
policy.layer = {
begin = function(state, req)
req = kres.request_t(req)
return policy.evaluate(policy.rules, req, req:current(), state) or
return policy.evaluate(policy.rules, req, req:current(), state) or
policy.evaluate(policy.special_names, req, req:current(), state) or
state
end,
end,
finish = function(state, req)
req = kres.request_t(req)
return policy.evaluate(policy.postrules, req, req:current(), state) or state
......@@ -578,7 +577,6 @@ policy.special_names = {
todname('arpa.')),
count=0
},
}
return policy
-- Module interface
local policy = require('policy')
local ffi = require('ffi')
local bit = require('bit')
local prefixes = {}
-- Create subnet prefix rule
......@@ -54,22 +52,20 @@ local function renumber_record(tbl, rr)
local rdlen = #rr.rdata
if rdlen < chunks then return rr end -- Address length mismatch
ffi.copy(addr_buf, rr.rdata, rdlen)
ffi.copy(addr_buf, prefix[3], chunks)
-- @todo: CIDR not supported
to_copy = to_copy - chunks * 8
ffi.copy(addr_buf, prefix[3], chunks) -- Rewrite prefix
rr.rdata = ffi.string(addr_buf, rdlen)
return rr
end
end
end
return nil
end
-- Renumber addresses based on config
local function rule(prefixes)
local function rule()
return function (state, req)
if state == kres.FAIL then return state end
req = kres.request_t(req)
pkt = kres.pkt_t(req.answer)
local pkt = kres.pkt_t(req.answer)
-- Only successful answers
local records = pkt:section(kres.section.ANSWER)
local ancount = #records
......@@ -123,7 +119,7 @@ end
-- Layers
M.layer = {
finish = rule(prefixes),
finish = rule(),
}
return M
......@@ -2,8 +2,8 @@
-- Signaling Trust Anchor Knowledge in DNS using Key Tag Query
local kres = require('kres')
local mod = {}
mod.layer = {}
local M = {}
M.layer = {}
-- transform trust anchor keyset structure for one domain name (in wire format)
-- to signalling query name like _ta-keytag1-keytag2.example.com.
......@@ -13,7 +13,7 @@ mod.layer = {}
local function prepare_query_name(keyset, name)
if not keyset then return nil end
local keytags = {}
for i, key in ipairs(keyset) do
for _, key in ipairs(keyset) do
if key.state == "Valid" then
table.insert(keytags, key.key_tag)
end
......@@ -22,7 +22,7 @@ local function prepare_query_name(keyset, name)
table.sort(keytags)
local query = "_ta"
for i, tag in pairs(keytags) do
for _, tag in pairs(keytags) do
query = string.format("%s-%04x", query, tag)
end
if name == "\0" then
......@@ -43,15 +43,15 @@ local function send_ta_query(domain)
end
-- asynchronous query
-- we do not care about result or from where it was obtained
event.after(0, function (ev)
event.after(0, function ()
resolve(qname, kres.type.NULL, kres.class.IN, "NONAUTH")
end)
end
end
-- act on DNSKEY queries which were not answered from cache
function mod.layer.consume(state, req, pkt)
local req = kres.request_t(req)
function M.layer.consume(state, req, _)
req = kres.request_t(req)
local qry = req:current()
if qry.stype == kres.type.DNSKEY and not qry.flags.CACHED then
send_ta_query(qry:name())
......@@ -59,4 +59,4 @@ function mod.layer.consume(state, req, pkt)
return state -- do not interfere with normal query processing
end
return mod
return M
local M = {}
local function getLastWord(str)
local space = 1
for i=#str, 1, -1 do
if str:sub(i,i) == " " then
space = i
break
end
end
return str:sub(space+1, #str)
end
--Converts string of HEX digits to string
local function hex2string(hex)
local str = ""
for i=1, #hex, 2 do
local ascii = tonumber(hex:sub(i,i+1), 16)
str = str .. string.char(ascii)
end
return str
end
local function parseCVE(str)
local first
local last
first, last = str:find("CVE")
local _, last = str:find("CVE")
local position = last+2
return str:sub(position,-1)
end
local function parseVersion(str)
local branch = "stable"
local first
local last
first, last = str:find(branch)
local _, last = str:find(branch)
local position = last+3
local delimiter = #str
if str:find("|",position) then
......@@ -77,7 +52,7 @@ local function callhome()
end
function M.config(period)
if period == nil then
if period == nil then
print("Expected number of miliseconds. Using default version.config(1*day)")
return
end
......@@ -85,17 +60,14 @@ function M.config(period)
print("Expected number of miliseconds. Using default version.config(1*day)")
return
end
version.period = period
print(period)
M.period = period
if M.ev then event.cancel(M.ev) end
M.ev = event.recurrent(M.period, callhome)
end
function M.init()
if period == nil then
M.period = 1*day
end
M.period = M.period or 1 * day
M.ev = event.recurrent(M.period, callhome)
end
......
......@@ -11,16 +11,16 @@ local view = {
}
-- @function View based on TSIG key name.
function view.tsig(view, tsig, policy)
view.key[tsig] = policy
function view.tsig(_, tsig, rules)
view.key[tsig] = rules
end
-- @function View based on source IP subnet.
function view.addr(view, subnet, policy, dst)
function view.addr(_, subnet, rules, dst)
local subnet_cd = ffi.new('char[16]')
local family = C.kr_straddr_family(subnet)
local bitlen = C.kr_straddr_subnet(subnet_cd, subnet)
local t = {family, subnet_cd, bitlen, policy}
local t = {family, subnet_cd, bitlen, rules}
table.insert(dst and view.dst or view.src, t)
return t
end
......@@ -31,7 +31,7 @@ local function match_subnet(family, subnet, bitlen, addr)
end
-- @function Find view for given request
local function evaluate(view, req)
local function evaluate(_, req)
local client_key = req.qsource.key
local match_cb = (client_key ~= nil) and view.key[client_key:owner()] or nil
-- Search subnets otherwise
......
......@@ -5,11 +5,11 @@ local M = {} -- the module
function M.config()
policy.add(policy.suffix(policy.FLAGS('NO_0X20'), {
-- https://github.com/DNS-OARC/dns-violations/blob/master/2017/DVE-2017-0003.md
-- https://github.com/DNS-OARC/dns-violations/blob/master/2017/DVE-2017-0003.md
todname('avqs.mcafee.com'), todname('avts.mcafee.com'),
-- https://github.com/DNS-OARC/dns-violations/blob/master/2017/DVE-2017-0006.md
-- Obtained via a reverse search on {ns1,ns3}.panthercdn.com.
-- https://github.com/DNS-OARC/dns-violations/blob/master/2017/DVE-2017-0006.md
-- Obtained via a reverse search on {ns1,ns3}.panthercdn.com.
todname('cdnga.com'), todname('cdngc.com'), todname('cdngd.com'),
todname('cdngl.com'), todname('cdngm.com'),
todname('cdngc.net'), todname('panthercdn.com'),
......@@ -22,7 +22,7 @@ end
-- Just listing the *.in-addr.arpa suffixes would be tedious, as there are many.
M.layer = {
produce = function (state, req)
local req = kres.request_t(req)
req = kres.request_t(req)
local qry = req:current()
if qry.stype ~= kres.type.PTR
or bit.band(state, bit.bor(kres.FAIL, kres.DONE)) ~= 0
......
......@@ -25,8 +25,8 @@ Usage: %s [-vdh46D] [-c class] [-t type]
-h show this usage help.]],
arg[0]))
return rc
end
-- Parse CLI arguments
if #arg < 1 then
return help(1)
......@@ -76,7 +76,7 @@ if #qtypes == 0 then
qtypes = {'A', 'AAAA', 'MX'}
end
-- Assemble config/query
for i, qtype in ipairs(qtypes) do
for _, qtype in ipairs(qtypes) do
query = string.format('-t %s -c %s %s', qtype, qclass, qname)
capture = string.format([[
local qname = "%s"
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment