Keep lines short

$ golines -w -m 120 --shorten-comments .

Author: jedisct1

dnscrypt-proxy/coldstart.go

@@ -116,7 +116,12 @@ func handleColdStartClient(clientPc *net.UDPConn, cancelChannel chan struct{}, i
 	return false
 }
 
-func addColdStartListener(proxy *Proxy, ipsMap *CaptivePortalMap, listenAddrStr string, cancelChannel chan struct{}) error {
+func addColdStartListener(
+	proxy *Proxy,
+	ipsMap *CaptivePortalMap,
+	listenAddrStr string,
+	cancelChannel chan struct{},
+) error {
 	listenUDPAddr, err := net.ResolveUDPAddr("udp", listenAddrStr)
 	if err != nil {
 		return err

dnscrypt-proxy/config.go

@@ -314,7 +314,10 @@ func findConfigFile(configFile *string) (string, error) {
 func ConfigLoad(proxy *Proxy, flags *ConfigFlags) error {
 	foundConfigFile, err := findConfigFile(flags.ConfigFile)
 	if err != nil {
-		return fmt.Errorf("Unable to load the configuration file [%s] -- Maybe use the -config command-line switch?", *flags.ConfigFile)
+		return fmt.Errorf(
+			"Unable to load the configuration file [%s] -- Maybe use the -config command-line switch?",
+			*flags.ConfigFile,
+		)
 	}
 	config := newConfig()
 	md, err := toml.DecodeFile(foundConfigFile, &config)
@@ -638,7 +641,9 @@ func ConfigLoad(proxy *Proxy, flags *ConfigFlags) error {
 	}
 
 	// Backwards compatibility
-	config.BrokenImplementations.FragmentsBlocked = append(config.BrokenImplementations.FragmentsBlocked, config.BrokenImplementations.BrokenQueryPadding...)
+	config.BrokenImplementations.FragmentsBlocked = append(
+		config.BrokenImplementations.FragmentsBlocked,
+		config.BrokenImplementations.BrokenQueryPadding...)
 
 	proxy.serversBlockingFragments = config.BrokenImplementations.FragmentsBlocked
 
@@ -707,7 +712,9 @@ func ConfigLoad(proxy *Proxy, flags *ConfigFlags) error {
 	// if 'userName' is set and we are the parent process drop privilege and exit
 	if len(proxy.userName) > 0 && !proxy.child {
 		proxy.dropPrivilege(proxy.userName, FileDescriptors)
-		return errors.New("Dropping privileges is not supporting on this operating system. Unset `user_name` in the configuration file")
+		return errors.New(
+			"Dropping privileges is not supporting on this operating system. Unset `user_name` in the configuration file",
+		)
 	}
 	if !config.OfflineMode {
 		if err := config.loadSources(proxy); err != nil {
@@ -727,8 +734,12 @@ func ConfigLoad(proxy *Proxy, flags *ConfigFlags) error {
 		hasSpecificRoutes := false
 		for _, server := range proxy.registeredServers {
 			if via, ok := (*proxy.routes)[server.name]; ok {
-				if server.stamp.Proto != stamps.StampProtoTypeDNSCrypt && server.stamp.Proto != stamps.StampProtoTypeODoHTarget {
-					dlog.Errorf("DNS anonymization is only supported with the DNSCrypt and ODoH protocols - Connections to [%v] cannot be anonymized", server.name)
+				if server.stamp.Proto != stamps.StampProtoTypeDNSCrypt &&
+					server.stamp.Proto != stamps.StampProtoTypeODoHTarget {
+					dlog.Errorf(
+						"DNS anonymization is only supported with the DNSCrypt and ODoH protocols - Connections to [%v] cannot be anonymized",
+						server.name,
+					)
 				} else {
 					dlog.Noticef("Anonymized DNS: routing [%v] via %v", server.name, via)
 				}
@@ -757,7 +768,8 @@ func (config *Config) printRegisteredServers(proxy *Proxy, jsonOutput bool) erro
 		var hostAddr string
 		hostAddr, port = ExtractHostAndPort(addrStr, port)
 		addrs := make([]string, 0)
-		if (registeredServer.stamp.Proto == stamps.StampProtoTypeDoH || registeredServer.stamp.Proto == stamps.StampProtoTypeODoHTarget) && len(registeredServer.stamp.ProviderName) > 0 {
+		if (registeredServer.stamp.Proto == stamps.StampProtoTypeDoH || registeredServer.stamp.Proto == stamps.StampProtoTypeODoHTarget) &&
+			len(registeredServer.stamp.ProviderName) > 0 {
 			providerName := registeredServer.stamp.ProviderName
 			var host string
 			host, port = ExtractHostAndPort(providerName, port)
@@ -866,7 +878,16 @@ func (config *Config) loadSource(proxy *Proxy, cfgSourceName string, cfgSource *
 	} else if cfgSource.RefreshDelay > 168 {
 		cfgSource.RefreshDelay = 168
 	}
-	source, err := NewSource(cfgSourceName, proxy.xTransport, cfgSource.URLs, cfgSource.MinisignKeyStr, cfgSource.CacheFile, cfgSource.FormatStr, time.Duration(cfgSource.RefreshDelay)*time.Hour, cfgSource.Prefix)
+	source, err := NewSource(
+		cfgSourceName,
+		proxy.xTransport,
+		cfgSource.URLs,
+		cfgSource.MinisignKeyStr,
+		cfgSource.CacheFile,
+		cfgSource.FormatStr,
+		time.Duration(cfgSource.RefreshDelay)*time.Hour,
+		cfgSource.Prefix,
+	)
 	if err != nil {
 		if len(source.in) <= 0 {
 			dlog.Criticalf("Unable to retrieve source [%s]: [%s]", cfgSourceName, err)
@@ -894,7 +915,10 @@ func cdFileDir(fileName string) error {
 func cdLocal() {
 	exeFileName, err := os.Executable()
 	if err != nil {
-		dlog.Warnf("Unable to determine the executable directory: [%s] -- You will need to specify absolute paths in the configuration file", err)
+		dlog.Warnf(
+			"Unable to determine the executable directory: [%s] -- You will need to specify absolute paths in the configuration file",
+			err,
+		)
 	} else if err := os.Chdir(filepath.Dir(exeFileName)); err != nil {
 		dlog.Warnf("Unable to change working directory to [%s]: %s", exeFileName, err)
 	}

dnscrypt-proxy/crypto.go

@@ -45,7 +45,12 @@ func unpad(packet []byte) ([]byte, error) {
 	}
 }
 
-func ComputeSharedKey(cryptoConstruction CryptoConstruction, secretKey *[32]byte, serverPk *[32]byte, providerName *string) (sharedKey [32]byte) {
+func ComputeSharedKey(
+	cryptoConstruction CryptoConstruction,
+	secretKey *[32]byte,
+	serverPk *[32]byte,
+	providerName *string,
+) (sharedKey [32]byte) {
 	if cryptoConstruction == XChacha20Poly1305 {
 		var err error
 		sharedKey, err = xsecretbox.SharedKey(*secretKey, *serverPk)
@@ -68,7 +73,11 @@ func ComputeSharedKey(cryptoConstruction CryptoConstruction, secretKey *[32]byte
 	return
 }
 
-func (proxy *Proxy) Encrypt(serverInfo *ServerInfo, packet []byte, proto string) (sharedKey *[32]byte, encrypted []byte, clientNonce []byte, err error) {
+func (proxy *Proxy) Encrypt(
+	serverInfo *ServerInfo,
+	packet []byte,
+	proto string,
+) (sharedKey *[32]byte, encrypted []byte, clientNonce []byte, err error) {
 	nonce, clientNonce := make([]byte, NonceSize), make([]byte, HalfNonceSize)
 	crypto_rand.Read(clientNonce)
 	copy(nonce, clientNonce)
@@ -120,7 +129,12 @@ func (proxy *Proxy) Encrypt(serverInfo *ServerInfo, packet []byte, proto string)
 	return
 }
 
-func (proxy *Proxy) Decrypt(serverInfo *ServerInfo, sharedKey *[32]byte, encrypted []byte, nonce []byte) ([]byte, error) {
+func (proxy *Proxy) Decrypt(
+	serverInfo *ServerInfo,
+	sharedKey *[32]byte,
+	encrypted []byte,
+	nonce []byte,
+) ([]byte, error) {
 	serverMagicLen := len(ServerMagic)
 	responseHeaderLen := serverMagicLen + NonceSize
 	if len(encrypted) < responseHeaderLen+TagSize+int(MinDNSPacketSize) ||

dnscrypt-proxy/dnscrypt_certs.go

@@ -20,7 +20,17 @@ type CertInfo struct {
 	ForwardSecurity    bool
 }
 
-func FetchCurrentDNSCryptCert(proxy *Proxy, serverName *string, proto string, pk ed25519.PublicKey, serverAddress string, providerName string, isNew bool, relay *DNSCryptRelay, knownBugs ServerBugs) (CertInfo, int, bool, error) {
+func FetchCurrentDNSCryptCert(
+	proxy *Proxy,
+	serverName *string,
+	proto string,
+	pk ed25519.PublicKey,
+	serverAddress string,
+	providerName string,
+	isNew bool,
+	relay *DNSCryptRelay,
+	knownBugs ServerBugs,
+) (CertInfo, int, bool, error) {
 	if len(pk) != ed25519.PublicKeySize {
 		return CertInfo{}, 0, false, errors.New("Invalid public key length")
 	}
@@ -34,7 +44,11 @@ func FetchCurrentDNSCryptCert(proxy *Proxy, serverName *string, proto string, pk
 	query.SetQuestion(providerName, dns.TypeTXT)
 	if !strings.HasPrefix(providerName, "2.dnscrypt-cert.") {
 		if relay != nil && !proxy.anonDirectCertFallback {
-			dlog.Warnf("[%v] uses a non-standard provider name, enable direct cert fallback to use with a relay ('%v' doesn't start with '2.dnscrypt-cert.')", *serverName, providerName)
+			dlog.Warnf(
+				"[%v] uses a non-standard provider name, enable direct cert fallback to use with a relay ('%v' doesn't start with '2.dnscrypt-cert.')",
+				*serverName,
+				providerName,
+			)
 		} else {
 			dlog.Warnf("[%v] uses a non-standard provider name ('%v' doesn't start with '2.dnscrypt-cert.')", *serverName, providerName)
 			relay = nil
@@ -44,7 +58,15 @@ func FetchCurrentDNSCryptCert(proxy *Proxy, serverName *string, proto string, pk
 	if knownBugs.fragmentsBlocked {
 		tryFragmentsSupport = false
 	}
-	in, rtt, fragmentsBlocked, err := DNSExchange(proxy, proto, &query, serverAddress, relay, serverName, tryFragmentsSupport)
+	in, rtt, fragmentsBlocked, err := DNSExchange(
+		proxy,
+		proto,
+		&query,
+		serverAddress,
+		relay,
+		serverName,
+		tryFragmentsSupport,
+	)
 	if err != nil {
 		dlog.Noticef("[%s] TIMEOUT", *serverName)
 		return CertInfo{}, 0, fragmentsBlocked, err
@@ -95,10 +117,17 @@ func FetchCurrentDNSCryptCert(proxy *Proxy, serverName *string, proto string, pk
 		}
 		ttl := tsEnd - tsBegin
 		if ttl > 86400*7 {
-			dlog.Infof("[%v] the key validity period for this server is excessively long (%d days), significantly reducing reliability and forward security.", *serverName, ttl/86400)
+			dlog.Infof(
+				"[%v] the key validity period for this server is excessively long (%d days), significantly reducing reliability and forward security.",
+				*serverName,
+				ttl/86400,
+			)
 			daysLeft := (tsEnd - now) / 86400
 			if daysLeft < 1 {
-				dlog.Criticalf("[%v] certificate will expire today -- Switch to a different resolver as soon as possible", *serverName)
+				dlog.Criticalf(
+					"[%v] certificate will expire today -- Switch to a different resolver as soon as possible",
+					*serverName,
+				)
 			} else if daysLeft <= 7 {
 				dlog.Warnf("[%v] certificate is about to expire -- if you don't manage this server, tell the server operator about it", *serverName)
 			} else if daysLeft <= 30 {
@@ -112,7 +141,13 @@ func FetchCurrentDNSCryptCert(proxy *Proxy, serverName *string, proto string, pk
 		}
 		if !proxy.certIgnoreTimestamp {
 			if now > tsEnd || now < tsBegin {
-				dlog.Debugf("[%v] Certificate not valid at the current date (now: %v is not in [%v..%v])", *serverName, now, tsBegin, tsEnd)
+				dlog.Debugf(
+					"[%v] Certificate not valid at the current date (now: %v is not in [%v..%v])",
+					*serverName,
+					now,
+					tsBegin,
+					tsEnd,
+				)
 				continue
 			}
 		}

dnscrypt-proxy/dnsutils.go

@@ -135,7 +135,8 @@ func NormalizeQName(str string) (string, error) {
 }
 
 func getMinTTL(msg *dns.Msg, minTTL uint32, maxTTL uint32, cacheNegMinTTL uint32, cacheNegMaxTTL uint32) time.Duration {
-	if (msg.Rcode != dns.RcodeSuccess && msg.Rcode != dns.RcodeNameError) || (len(msg.Answer) <= 0 && len(msg.Ns) <= 0) {
+	if (msg.Rcode != dns.RcodeSuccess && msg.Rcode != dns.RcodeNameError) ||
+		(len(msg.Answer) <= 0 && len(msg.Ns) <= 0) {
 		return time.Duration(cacheNegMinTTL) * time.Second
 	}
 	var ttl uint32
@@ -304,7 +305,15 @@ type DNSExchangeResponse struct {
 	err              error
 }
 
-func DNSExchange(proxy *Proxy, proto string, query *dns.Msg, serverAddress string, relay *DNSCryptRelay, serverName *string, tryFragmentsSupport bool) (*dns.Msg, time.Duration, bool, error) {
+func DNSExchange(
+	proxy *Proxy,
+	proto string,
+	query *dns.Msg,
+	serverAddress string,
+	relay *DNSCryptRelay,
+	serverName *string,
+	tryFragmentsSupport bool,
+) (*dns.Msg, time.Duration, bool, error) {
 	for {
 		cancelChannel := make(chan struct{})
 		channel := make(chan DNSExchangeResponse)
@@ -375,12 +384,23 @@ func DNSExchange(proxy *Proxy, proto string, query *dns.Msg, serverAddress strin
 			}
 			return nil, 0, false, err
 		}
-		dlog.Infof("Unable to get the public key for [%v] via relay [%v], retrying over a direct connection", *serverName, relay.RelayUDPAddr.IP)
+		dlog.Infof(
+			"Unable to get the public key for [%v] via relay [%v], retrying over a direct connection",
+			*serverName,
+			relay.RelayUDPAddr.IP,
+		)
 		relay = nil
 	}
 }
 
-func _dnsExchange(proxy *Proxy, proto string, query *dns.Msg, serverAddress string, relay *DNSCryptRelay, paddedLen int) DNSExchangeResponse {
+func _dnsExchange(
+	proxy *Proxy,
+	proto string,
+	query *dns.Msg,
+	serverAddress string,
+	relay *DNSCryptRelay,
+	paddedLen int,
+) DNSExchangeResponse {
 	var packet []byte
 	var rtt time.Duration
 

dnscrypt-proxy/estimators.go

@@ -17,7 +17,10 @@ type QuestionSizeEstimator struct {
 }
 
 func NewQuestionSizeEstimator() QuestionSizeEstimator {
-	return QuestionSizeEstimator{minQuestionSize: InitialMinQuestionSize, ewma: ewma.NewMovingAverage(SizeEstimatorEwmaDecay)}
+	return QuestionSizeEstimator{
+		minQuestionSize: InitialMinQuestionSize,
+		ewma:            ewma.NewMovingAverage(SizeEstimatorEwmaDecay),
+	}
 }
 
 func (questionSizeEstimator *QuestionSizeEstimator) MinQuestionSize() int {

dnscrypt-proxy/fuzzing_test.go

@@ -23,8 +23,12 @@ func FuzzParseODoHTargetConfigs(f *testing.F) {
 func FuzzParseStampParser(f *testing.F) {
 	f.Add("sdns://AgcAAAAAAAAACzEwNC4yMS42Ljc4AA1kb2guY3J5cHRvLnN4Ci9kbnMtcXVlcnk")
 	f.Add("sdns://AgcAAAAAAAAAGlsyNjA2OjQ3MDA6MzAzNzo6NjgxNTo2NGVdABJkb2gtaXB2Ni5jcnlwdG8uc3gKL2Rucy1xdWVyeQ")
-	f.Add("sdns://AQcAAAAAAAAADTUxLjE1LjEyMi4yNTAg6Q3ZfapcbHgiHKLF7QFoli0Ty1Vsz3RXs1RUbxUrwZAcMi5kbnNjcnlwdC1jZXJ0LnNjYWxld2F5LWFtcw")
-	f.Add("sdns://AQcAAAAAAAAAFlsyMDAxOmJjODoxODIwOjUwZDo6MV0g6Q3ZfapcbHgiHKLF7QFoli0Ty1Vsz3RXs1RUbxUrwZAcMi5kbnNjcnlwdC1jZXJ0LnNjYWxld2F5LWFtcw")
+	f.Add(
+		"sdns://AQcAAAAAAAAADTUxLjE1LjEyMi4yNTAg6Q3ZfapcbHgiHKLF7QFoli0Ty1Vsz3RXs1RUbxUrwZAcMi5kbnNjcnlwdC1jZXJ0LnNjYWxld2F5LWFtcw",
+	)
+	f.Add(
+		"sdns://AQcAAAAAAAAAFlsyMDAxOmJjODoxODIwOjUwZDo6MV0g6Q3ZfapcbHgiHKLF7QFoli0Ty1Vsz3RXs1RUbxUrwZAcMi5kbnNjcnlwdC1jZXJ0LnNjYWxld2F5LWFtcw",
+	)
 	f.Add("sdns://gQ8xNjMuMTcyLjE4MC4xMjU")
 	f.Add("sdns://BQcAAAAAAAAADm9kb2guY3J5cHRvLnN4Ci9kbnMtcXVlcnk")
 	f.Add("sdns://hQcAAAAAAAAAACCi3jNJDEdtNW4tvHN8J3lpIklSa2Wrj7qaNCgEgci9_BpvZG9oLXJlbGF5LmVkZ2Vjb21wdXRlLmFwcAEv")

dnscrypt-proxy/local-doh.go

@@ -114,7 +114,25 @@ func (proxy *Proxy) localDoHListener(acceptPc *net.TCPListener) {
 }
 
 func dohPaddedLen(unpaddedLen int) int {
-	boundaries := [...]int{64, 128, 192, 256, 320, 384, 512, 704, 768, 896, 960, 1024, 1088, 1152, 2688, 4080, MaxDNSPacketSize}
+	boundaries := [...]int{
+		64,
+		128,
+		192,
+		256,
+		320,
+		384,
+		512,
+		704,
+		768,
+		896,
+		960,
+		1024,
+		1088,
+		1152,
+		2688,
+		4080,
+		MaxDNSPacketSize,
+	}
 	for _, boundary := range boundaries {
 		if boundary >= unpaddedLen {
 			return boundary

dnscrypt-proxy/logger.go

@@ -22,7 +22,14 @@ func Logger(logMaxSize int, logMaxAge int, logMaxBackups int, fileName string) i
 		}
 		return fp
 	}
-	logger := &lumberjack.Logger{LocalTime: true, MaxSize: logMaxSize, MaxAge: logMaxAge, MaxBackups: logMaxBackups, Filename: fileName, Compress: true}
+	logger := &lumberjack.Logger{
+		LocalTime:  true,
+		MaxSize:    logMaxSize,
+		MaxAge:     logMaxAge,
+		MaxBackups: logMaxBackups,
+		Filename:   fileName,
+		Compress:   true,
+	}
 
 	return logger
 }

dnscrypt-proxy/netprobe_windows.go

@@ -32,8 +32,9 @@ func NetProbe(proxy *Proxy, address string, timeout int) error {
 		pc, err := net.DialUDP("udp", nil, remoteUDPAddr)
 		if err == nil {
 			// Write at least 1 byte. This ensures that sockets are ready to use for writing.
-			// Windows specific: during the system startup, sockets can be created but the underlying buffers may not be setup yet. If this is the case
-			// Write fails with WSAENOBUFS: "An operation on a socket could not be performed because the system lacked sufficient buffer space or because a queue was full"
+			// Windows specific: during the system startup, sockets can be created but the underlying buffers may not be
+			// setup yet. If this is the case Write fails with WSAENOBUFS: "An operation on a socket could not be
+			// performed because the system lacked sufficient buffer space or because a queue was full"
 			_, err = pc.Write([]byte{0})
 		}
 		if err != nil {