linting

pkg/acquisition/modules/waap/waap.go

@@ -305,7 +305,7 @@ func (w *WaapSource) IsAuth(apiKey string) bool {
 		Timeout: 200 * time.Millisecond,
 	}
 
-	req, err := http.NewRequest("HEAD", w.lapiURL, nil)
+	req, err := http.NewRequest(http.MethodHead, w.lapiURL, nil)
 	if err != nil {
 		log.Errorf("Error creating request: %s", err)
 		return false

pkg/hubtest/hubtest_item.go

@@ -581,14 +581,17 @@ func (t *HubTestItem) RunWithNucleiTemplate() error {
 
 	//wait for the waap port to be available
 	if _, err := IsAlive(DefaultWaapHost); err != nil {
-		return fmt.Errorf("Waap is down: %s", err)
+		return fmt.Errorf("waap is down: %s", err)
 	}
 
 	// check if the target is available
 	nucleiTargetParsedURL, err := url.Parse(DefaultNucleiTarget)
+	if err != nil {
+		return fmt.Errorf("unable to parse target '%s': %s", DefaultNucleiTarget, err)
+	}
 	nucleiTargetHost := nucleiTargetParsedURL.Host
 	if _, err := IsAlive(nucleiTargetHost); err != nil {
-		return fmt.Errorf("Target is down: %s", err)
+		return fmt.Errorf("target is down: %s", err)
 	}
 
 	nucleiConfig := NucleiConfig{

pkg/types/waap_event.go

@@ -8,7 +8,7 @@ import (
 
 /*
  1. If user triggered a rule that is for a CVE, that has high confidence and that is blocking, ban
- 2. If user triggered 3 distinct rules with medium confidence accross 3 different requests, ban
+ 2. If user triggered 3 distinct rules with medium confidence across 3 different requests, ban
 
 
 any(evt.Waf.ByTag("CVE"), {.confidence == "high" && .action == "block"})

pkg/waf/coraza_logger.go

@@ -112,10 +112,7 @@ func (e *crzLogEvent) Stringer(key string, val fmt.Stringer) dbg.Event {
 }
 
 func (e crzLogEvent) IsEnabled() bool {
-	if e.muted {
-		return false
-	}
-	return true
+	return !e.muted
 }
 
 type crzLogger struct {

pkg/waf/request.go

@@ -281,22 +281,22 @@ func NewParsedRequestFromRequest(r *http.Request) (ParsedRequest, error) {
 	// the real source of the request is set in 'x-client-ip'
 	clientIP := r.Header.Get(IPHeaderName)
 	if clientIP == "" {
-		return ParsedRequest{}, fmt.Errorf("Missing '%s' header", IPHeaderName)
+		return ParsedRequest{}, fmt.Errorf("missing '%s' header", IPHeaderName)
 	}
 	// the real target Host of the request is set in 'x-client-host'
 	clientHost := r.Header.Get(HostHeaderName)
 	if clientHost == "" {
-		return ParsedRequest{}, fmt.Errorf("Missing '%s' header", HostHeaderName)
+		return ParsedRequest{}, fmt.Errorf("missing '%s' header", HostHeaderName)
 	}
 	// the real URI of the request is set in 'x-client-uri'
 	clientURI := r.Header.Get(URIHeaderName)
 	if clientURI == "" {
-		return ParsedRequest{}, fmt.Errorf("Missing '%s' header", URIHeaderName)
+		return ParsedRequest{}, fmt.Errorf("missing '%s' header", URIHeaderName)
 	}
 	// the real VERB of the request is set in 'x-client-uri'
 	clientMethod := r.Header.Get(VerbHeaderName)
 	if clientMethod == "" {
-		return ParsedRequest{}, fmt.Errorf("Missing '%s' header", VerbHeaderName)
+		return ParsedRequest{}, fmt.Errorf("missing '%s' header", VerbHeaderName)
 	}
 
 	// delete those headers before coraza process the request
@@ -310,18 +310,19 @@ func NewParsedRequestFromRequest(r *http.Request) (ParsedRequest, error) {
 		return ParsedRequest{}, fmt.Errorf("unable to parse url '%s': %s", clientURI, err)
 	}
 
-	RemoteAddrNormalized := ""
+	remoteAddrNormalized := ""
 	host, _, err := net.SplitHostPort(r.RemoteAddr)
 	if err != nil {
 		log.Errorf("Invalid waap remote IP source %v: %s", r.RemoteAddr, err.Error())
-		RemoteAddrNormalized = r.RemoteAddr
+		remoteAddrNormalized = r.RemoteAddr
 	} else {
 		ip := net.ParseIP(host)
 		if ip == nil {
 			log.Errorf("Invalid waap remote IP address source %v: %s", r.RemoteAddr, err.Error())
-			RemoteAddrNormalized = r.RemoteAddr
+			remoteAddrNormalized = r.RemoteAddr
+		} else {
+			remoteAddrNormalized = ip.String()
 		}
-		RemoteAddrNormalized = ip.String()
 	}
 
 	return ParsedRequest{
@@ -339,6 +340,6 @@ func NewParsedRequestFromRequest(r *http.Request) (ParsedRequest, error) {
 		Args:                 parsedURL.Query(), //TODO: Check if there's not potential bypass as it excludes malformed args
 		TransferEncoding:     r.TransferEncoding,
 		ResponseChannel:      make(chan WaapTempResponse),
-		RemoteAddrNormalized: RemoteAddrNormalized,
+		RemoteAddrNormalized: remoteAddrNormalized,
 	}, nil
 }

pkg/waf/waf_expr_lib.go

@@ -8,44 +8,4 @@ type exprCustomFunc struct {
 	signature []interface{}
 }
 
-/*
-func GetOnLoadEnv(w *WaapRuntimeConfig) map[string]interface{} {
-	return map[string]interface{}{
-		"DisableInBandRuleByID":   w.DisableInBandRuleByID,
-		"DisableOutBandRuleByID":  w.DisableOutBandRuleByID,
-		"DisableInBandRuleByTag":  w.DisableInBandRuleByTag,
-		"DisableOutBandRuleByTag": w.DisableOutBandRuleByTag,
-	}
-}
-*/
-
-/*var onLoadExprFuncs = []exprCustomFunc{
-	{
-		name:     "DisableInBandRuleByID",
-		function: w.DisableInBandRuleByID,
-		signature: []interface{}{
-			new(func(int) error),
-		},
-	},
-}*/
-
-var preEvalExprFuncs = []exprCustomFunc{}
-
-var onMatchExprFuncs = []exprCustomFunc{}
-
-var exprFuncs = []exprCustomFunc{
-	/*{
-		name:     "SetRulesToInband",
-		function: SetRulesToInband,
-		signature: []interface{}{
-			new(func() error),
-		},
-	},
-	{
-		name:     "SetRulesToOutOfBand",
-		function: SetRulesToOutOfBand,
-		signature: []interface{}{
-			new(func() error),
-		},
-	},*/
-}
+var exprFuncs = []exprCustomFunc{}

pkg/waf/waf_helpers.go

@@ -6,19 +6,6 @@ import (
 	"github.com/crowdsecurity/crowdsec/pkg/types"
 )
 
-var exprFunctionOptions []expr.Option
-
-func initWafHelpers() {
-	exprFunctionOptions = []expr.Option{}
-	for _, function := range exprFuncs {
-		exprFunctionOptions = append(exprFunctionOptions,
-			expr.Function(function.name,
-				function.function,
-				function.signature...,
-			))
-	}
-}
-
 func GetExprWAFOptions(ctx map[string]interface{}) []expr.Option {
 	baseHelpers := exprhelpers.GetExprOptions(ctx)