diff --git a/pkg/acquisition/modules/kinesis/kinesis.go b/pkg/acquisition/modules/kinesis/kinesis.go index 60cdc3751..cc263da4f 100644 --- a/pkg/acquisition/modules/kinesis/kinesis.go +++ b/pkg/acquisition/modules/kinesis/kinesis.go @@ -13,7 +13,6 @@ import ( "github.com/aws/aws-sdk-go/aws/arn" "github.com/aws/aws-sdk-go/aws/session" "github.com/aws/aws-sdk-go/service/kinesis" - "github.com/pkg/errors" "github.com/prometheus/client_golang/prometheus" log "github.com/sirupsen/logrus" "gopkg.in/tomb.v2" @@ -124,7 +123,7 @@ func (k *KinesisSource) UnmarshalConfig(yamlConfig []byte) error { err := yaml.UnmarshalStrict(yamlConfig, &k.Config) if err != nil { - return errors.Wrap(err, "Cannot parse kinesis datasource configuration") + return fmt.Errorf("Cannot parse kinesis datasource configuration: %w", err) } if k.Config.Mode == "" { @@ -218,7 +217,7 @@ func (k *KinesisSource) WaitForConsumerDeregistration(consumerName string, strea return nil default: k.logger.Errorf("Error while waiting for consumer deregistration: %s", err) - return errors.Wrap(err, "Cannot describe stream consumer") + return fmt.Errorf("cannot describe stream consumer: %w", err) } } time.Sleep(time.Millisecond * 200 * time.Duration(i+1)) @@ -236,12 +235,12 @@ func (k *KinesisSource) DeregisterConsumer() error { switch err.(type) { case *kinesis.ResourceNotFoundException: default: - return errors.Wrap(err, "Cannot deregister stream consumer") + return fmt.Errorf("cannot deregister stream consumer: %w", err) } } err = k.WaitForConsumerDeregistration(k.Config.ConsumerName, k.Config.StreamARN) if err != nil { - return errors.Wrap(err, "Cannot wait for consumer deregistration") + return fmt.Errorf("cannot wait for consumer deregistration: %w", err) } return nil } @@ -253,7 +252,7 @@ func (k *KinesisSource) WaitForConsumerRegistration(consumerARN string) error { ConsumerARN: aws.String(consumerARN), }) if err != nil { - return errors.Wrap(err, "Cannot describe stream consumer") + return fmt.Errorf("cannot describe stream consumer: %w", err) } if *describeOutput.ConsumerDescription.ConsumerStatus == "ACTIVE" { k.logger.Debugf("Consumer %s is active", consumerARN) @@ -272,11 +271,11 @@ func (k *KinesisSource) RegisterConsumer() (*kinesis.RegisterStreamConsumerOutpu StreamARN: aws.String(k.Config.StreamARN), }) if err != nil { - return nil, errors.Wrap(err, "Cannot register stream consumer") + return nil, fmt.Errorf("cannot register stream consumer: %w", err) } err = k.WaitForConsumerRegistration(*streamConsumer.Consumer.ConsumerARN) if err != nil { - return nil, errors.Wrap(err, "Timeout while waiting for consumer to be active") + return nil, fmt.Errorf("timeout while waiting for consumer to be active: %w", err) } return streamConsumer, nil } @@ -339,7 +338,7 @@ func (k *KinesisSource) ReadFromSubscription(reader kinesis.SubscribeToShardEven logger.Infof("Subscribed shard reader is dying") err := reader.Close() if err != nil { - return errors.Wrap(err, "Cannot close kinesis subscribed shard reader") + return fmt.Errorf("cannot close kinesis subscribed shard reader: %w", err) } return nil case event, ok := <-reader.Events(): @@ -362,7 +361,7 @@ func (k *KinesisSource) SubscribeToShards(arn arn.ARN, streamConsumer *kinesis.R StreamName: aws.String(arn.Resource[7:]), }) if err != nil { - return errors.Wrap(err, "Cannot list shards for enhanced_read") + return fmt.Errorf("cannot list shards for enhanced_read: %w", err) } for _, shard := range shards.Shards { @@ -373,7 +372,7 @@ func (k *KinesisSource) SubscribeToShards(arn arn.ARN, streamConsumer *kinesis.R ConsumerARN: streamConsumer.Consumer.ConsumerARN, }) if err != nil { - return errors.Wrap(err, "Cannot subscribe to shard") + return fmt.Errorf("cannot subscribe to shard: %w", err) } k.shardReaderTomb.Go(func() error { return k.ReadFromSubscription(r.GetEventStream().Reader, out, shardId, arn.Resource[7:]) @@ -385,7 +384,7 @@ func (k *KinesisSource) SubscribeToShards(arn arn.ARN, streamConsumer *kinesis.R func (k *KinesisSource) EnhancedRead(out chan types.Event, t *tomb.Tomb) error { parsedARN, err := arn.Parse(k.Config.StreamARN) if err != nil { - return errors.Wrap(err, "Cannot parse stream ARN") + return fmt.Errorf("cannot parse stream ARN: %w", err) } if !strings.HasPrefix(parsedARN.Resource, "stream/") { return fmt.Errorf("resource part of stream ARN %s does not start with stream/", k.Config.StreamARN) @@ -395,12 +394,12 @@ func (k *KinesisSource) EnhancedRead(out chan types.Event, t *tomb.Tomb) error { k.logger.Info("starting kinesis acquisition with enhanced fan-out") err = k.DeregisterConsumer() if err != nil { - return errors.Wrap(err, "Cannot deregister consumer") + return fmt.Errorf("cannot deregister consumer: %w", err) } streamConsumer, err := k.RegisterConsumer() if err != nil { - return errors.Wrap(err, "Cannot register consumer") + return fmt.Errorf("cannot register consumer: %w", err) } for { @@ -408,7 +407,7 @@ func (k *KinesisSource) EnhancedRead(out chan types.Event, t *tomb.Tomb) error { err = k.SubscribeToShards(parsedARN, streamConsumer, out) if err != nil { - return errors.Wrap(err, "Cannot subscribe to shards") + return fmt.Errorf("cannot subscribe to shards: %w", err) } select { case <-t.Dying(): @@ -417,7 +416,7 @@ func (k *KinesisSource) EnhancedRead(out chan types.Event, t *tomb.Tomb) error { _ = k.shardReaderTomb.Wait() //we don't care about the error as we kill the tomb ourselves err = k.DeregisterConsumer() if err != nil { - return errors.Wrap(err, "Cannot deregister consumer") + return fmt.Errorf("cannot deregister consumer: %w", err) } return nil case <-k.shardReaderTomb.Dying(): @@ -440,7 +439,7 @@ func (k *KinesisSource) ReadFromShard(out chan types.Event, shardId string) erro ShardIteratorType: aws.String(kinesis.ShardIteratorTypeLatest)}) if err != nil { logger.Errorf("Cannot get shard iterator: %s", err) - return errors.Wrap(err, "Cannot get shard iterator") + return fmt.Errorf("cannot get shard iterator: %w", err) } it := sharIt.ShardIterator //AWS recommends to wait for a second between calls to GetRecords for a given shard @@ -461,7 +460,7 @@ func (k *KinesisSource) ReadFromShard(out chan types.Event, shardId string) erro continue default: logger.Error("Cannot get records") - return errors.Wrap(err, "Cannot get records") + return fmt.Errorf("cannot get records: %w", err) } } k.ParseAndPushRecords(records.Records, out, logger, shardId) @@ -486,7 +485,7 @@ func (k *KinesisSource) ReadFromStream(out chan types.Event, t *tomb.Tomb) error StreamName: aws.String(k.Config.StreamName), }) if err != nil { - return errors.Wrap(err, "Cannot list shards") + return fmt.Errorf("cannot list shards: %w", err) } k.shardReaderTomb = &tomb.Tomb{} for _, shard := range shards.Shards { diff --git a/pkg/acquisition/modules/s3/s3.go b/pkg/acquisition/modules/s3/s3.go index 4ba31f43b..96026f55e 100644 --- a/pkg/acquisition/modules/s3/s3.go +++ b/pkg/acquisition/modules/s3/s3.go @@ -6,6 +6,7 @@ import ( "compress/gzip" "context" "encoding/json" + "errors" "fmt" "io" "net/url" @@ -21,13 +22,13 @@ import ( "github.com/aws/aws-sdk-go/service/s3/s3iface" "github.com/aws/aws-sdk-go/service/sqs" "github.com/aws/aws-sdk-go/service/sqs/sqsiface" - "github.com/crowdsecurity/crowdsec/pkg/acquisition/configuration" - "github.com/crowdsecurity/crowdsec/pkg/types" - "github.com/pkg/errors" "github.com/prometheus/client_golang/prometheus" log "github.com/sirupsen/logrus" "gopkg.in/tomb.v2" "gopkg.in/yaml.v2" + + "github.com/crowdsecurity/crowdsec/pkg/acquisition/configuration" + "github.com/crowdsecurity/crowdsec/pkg/types" ) type S3Configuration struct { @@ -563,7 +564,7 @@ func (s *S3Source) ConfigureByDSN(dsn string, labels map[string]string, logger * if len(args) == 2 && len(args[1]) != 0 { params, err := url.ParseQuery(args[1]) if err != nil { - return errors.Wrap(err, "could not parse s3 args") + return fmt.Errorf("could not parse s3 args: %w", err) } for key, value := range params { switch key { @@ -573,7 +574,7 @@ func (s *S3Source) ConfigureByDSN(dsn string, labels map[string]string, logger * } lvl, err := log.ParseLevel(value[0]) if err != nil { - return errors.Wrapf(err, "unknown level %s", value[0]) + return fmt.Errorf("unknown level %s: %w", value[0], err) } s.logger.Logger.SetLevel(lvl) case "max_buffer_size": @@ -582,7 +583,7 @@ func (s *S3Source) ConfigureByDSN(dsn string, labels map[string]string, logger * } maxBufferSize, err := strconv.Atoi(value[0]) if err != nil { - return errors.Wrapf(err, "invalid value for 'max_buffer_size'") + return fmt.Errorf("invalid value for 'max_buffer_size': %w", err) } s.logger.Debugf("Setting max buffer size to %d", maxBufferSize) s.Config.MaxBufferSize = maxBufferSize diff --git a/pkg/acquisition/modules/syslog/internal/server/syslogserver.go b/pkg/acquisition/modules/syslog/internal/server/syslogserver.go index 088ab0d95..7118c295b 100644 --- a/pkg/acquisition/modules/syslog/internal/server/syslogserver.go +++ b/pkg/acquisition/modules/syslog/internal/server/syslogserver.go @@ -6,7 +6,6 @@ import ( "strings" "time" - "github.com/pkg/errors" log "github.com/sirupsen/logrus" "gopkg.in/tomb.v2" ) @@ -31,18 +30,18 @@ func (s *SyslogServer) Listen(listenAddr string, port int) error { s.port = port udpAddr, err := net.ResolveUDPAddr("udp", fmt.Sprintf("%s:%d", s.listenAddr, s.port)) if err != nil { - return errors.Wrapf(err, "could not resolve addr %s", s.listenAddr) + return fmt.Errorf("could not resolve addr %s: %w", s.listenAddr, err) } udpConn, err := net.ListenUDP("udp", udpAddr) if err != nil { - return errors.Wrapf(err, "could not listen on port %d", s.port) + return fmt.Errorf("could not listen on port %d: %w", s.port, err) } s.Logger.Debugf("listening on %s:%d", s.listenAddr, s.port) s.udpConn = udpConn err = s.udpConn.SetReadDeadline(time.Now().UTC().Add(100 * time.Millisecond)) if err != nil { - return errors.Wrap(err, "could not set read deadline on UDP socket") + return fmt.Errorf("could not set read deadline on UDP socket: %w", err) } return nil } @@ -87,7 +86,7 @@ func (s *SyslogServer) StartServer() *tomb.Tomb { func (s *SyslogServer) KillServer() error { err := s.udpConn.Close() if err != nil { - return errors.Wrap(err, "could not close UDP connection") + return fmt.Errorf("could not close UDP connection: %w", err) } close(s.channel) return nil diff --git a/pkg/acquisition/modules/syslog/syslog.go b/pkg/acquisition/modules/syslog/syslog.go index 948f3d005..840e37200 100644 --- a/pkg/acquisition/modules/syslog/syslog.go +++ b/pkg/acquisition/modules/syslog/syslog.go @@ -6,7 +6,6 @@ import ( "strings" "time" - "github.com/pkg/errors" "github.com/prometheus/client_golang/prometheus" log "github.com/sirupsen/logrus" "gopkg.in/tomb.v2" @@ -100,7 +99,7 @@ func (s *SyslogSource) UnmarshalConfig(yamlConfig []byte) error { err := yaml.UnmarshalStrict(yamlConfig, &s.config) if err != nil { - return errors.Wrap(err, "Cannot parse syslog configuration") + return fmt.Errorf("cannot parse syslog configuration: %w", err) } if s.config.Addr == "" { @@ -140,7 +139,7 @@ func (s *SyslogSource) StreamingAcquisition(out chan types.Event, t *tomb.Tomb) s.server.SetChannel(c) err := s.server.Listen(s.config.Addr, s.config.Port) if err != nil { - return errors.Wrap(err, "could not start syslog server") + return fmt.Errorf("could not start syslog server: %w", err) } s.serverTomb = s.server.StartServer() t.Go(func() error { diff --git a/pkg/apiserver/controllers/v1/controller.go b/pkg/apiserver/controllers/v1/controller.go index 3820bc10f..60da83d7d 100644 --- a/pkg/apiserver/controllers/v1/controller.go +++ b/pkg/apiserver/controllers/v1/controller.go @@ -2,17 +2,15 @@ package v1 import ( "context" + "fmt" "net" - //"github.com/crowdsecurity/crowdsec/pkg/apiserver/controllers" - middlewares "github.com/crowdsecurity/crowdsec/pkg/apiserver/middlewares/v1" "github.com/crowdsecurity/crowdsec/pkg/csconfig" "github.com/crowdsecurity/crowdsec/pkg/csplugin" "github.com/crowdsecurity/crowdsec/pkg/csprofiles" "github.com/crowdsecurity/crowdsec/pkg/database" "github.com/crowdsecurity/crowdsec/pkg/models" - "github.com/pkg/errors" ) type Controller struct { @@ -48,7 +46,7 @@ func New(cfg *ControllerV1Config) (*Controller, error) { profiles, err := csprofiles.NewProfile(cfg.ProfilesCfg) if err != nil { - return &Controller{}, errors.Wrapf(err, "failed to compile profiles") + return &Controller{}, fmt.Errorf("failed to compile profiles: %w", err) } v1 := &Controller{ diff --git a/pkg/apiserver/middlewares/v1/tls_auth.go b/pkg/apiserver/middlewares/v1/tls_auth.go index a0b837a41..87ca896a8 100644 --- a/pkg/apiserver/middlewares/v1/tls_auth.go +++ b/pkg/apiserver/middlewares/v1/tls_auth.go @@ -12,7 +12,6 @@ import ( "time" "github.com/gin-gonic/gin" - "github.com/pkg/errors" log "github.com/sirupsen/logrus" "golang.org/x/crypto/ocsp" ) @@ -176,9 +175,9 @@ func (ta *TLSAuth) isInvalid(cert *x509.Certificate, issuer *x509.Certificate) ( } revoked, err := ta.isRevoked(cert, issuer) if err != nil { - //Fail securely, if we can't check the revokation status, let's consider the cert invalid + //Fail securely, if we can't check the revocation status, let's consider the cert invalid //We may change this in the future based on users feedback, but this seems the most sensible thing to do - return true, errors.Wrap(err, "could not check for client certification revokation status") + return true, fmt.Errorf("could not check for client certification revocation status: %w", err) } return revoked, nil @@ -231,7 +230,7 @@ func (ta *TLSAuth) ValidateCert(c *gin.Context) (bool, string, error) { revoked, err := ta.isInvalid(clientCert, c.Request.TLS.VerifiedChains[0][1]) if err != nil { ta.logger.Errorf("TLSAuth: error checking if client certificate is revoked: %s", err) - return false, "", errors.Wrap(err, "could not check for client certification revokation status") + return false, "", fmt.Errorf("could not check for client certification revokation status: %w", err) } if revoked { return false, "", fmt.Errorf("client certificate is revoked") diff --git a/pkg/csconfig/common.go b/pkg/csconfig/common.go index 6add00c05..9d80cd95a 100644 --- a/pkg/csconfig/common.go +++ b/pkg/csconfig/common.go @@ -4,7 +4,6 @@ import ( "fmt" "path/filepath" - "github.com/pkg/errors" log "github.com/sirupsen/logrus" ) @@ -39,7 +38,7 @@ func (c *Config) LoadCommon() error { } *k, err = filepath.Abs(*k) if err != nil { - return errors.Wrapf(err, "failed to get absolute path of '%s'", *k) + return fmt.Errorf("failed to get absolute path of '%s': %w", *k, err) } } diff --git a/pkg/csconfig/config_paths.go b/pkg/csconfig/config_paths.go index 59be93ae6..24ff454b7 100644 --- a/pkg/csconfig/config_paths.go +++ b/pkg/csconfig/config_paths.go @@ -3,8 +3,6 @@ package csconfig import ( "fmt" "path/filepath" - - "github.com/pkg/errors" ) type ConfigurationPaths struct { @@ -50,7 +48,7 @@ func (c *Config) LoadConfigurationPaths() error { } *k, err = filepath.Abs(*k) if err != nil { - return errors.Wrapf(err, "failed to get absolute path of '%s'", *k) + return fmt.Errorf("failed to get absolute path of '%s': %w", *k, err) } } diff --git a/pkg/csconfig/profiles.go b/pkg/csconfig/profiles.go index 41725bcf2..ec70fb459 100644 --- a/pkg/csconfig/profiles.go +++ b/pkg/csconfig/profiles.go @@ -2,13 +2,13 @@ package csconfig import ( "bytes" + "errors" "fmt" "io" "github.com/crowdsecurity/go-cs-lib/pkg/yamlpatch" "github.com/crowdsecurity/crowdsec/pkg/models" - "github.com/pkg/errors" "gopkg.in/yaml.v2" ) @@ -53,7 +53,7 @@ func (c *LocalApiServerCfg) LoadProfiles() error { if errors.Is(err, io.EOF) { break } - return errors.Wrapf(err, "while decoding %s", c.ProfilesPath) + return fmt.Errorf("while decoding %s: %w", c.ProfilesPath, err) } c.Profiles = append(c.Profiles, &t) } diff --git a/pkg/csplugin/broker.go b/pkg/csplugin/broker.go index 6bc3b1296..b1bd54dfd 100644 --- a/pkg/csplugin/broker.go +++ b/pkg/csplugin/broker.go @@ -2,6 +2,7 @@ package csplugin import ( "context" + "errors" "fmt" "io" "os" @@ -14,7 +15,6 @@ import ( "github.com/Masterminds/sprig/v3" "github.com/google/uuid" plugin "github.com/hashicorp/go-plugin" - "github.com/pkg/errors" log "github.com/sirupsen/logrus" "gopkg.in/tomb.v2" "gopkg.in/yaml.v2" @@ -83,10 +83,10 @@ func (pb *PluginBroker) Init(pluginCfg *csconfig.PluginCfg, profileConfigs []*cs pb.pluginProcConfig = pluginCfg pb.pluginsTypesToDispatch = make(map[string]struct{}) if err := pb.loadConfig(configPaths.NotificationDir); err != nil { - return errors.Wrap(err, "while loading plugin config") + return fmt.Errorf("while loading plugin config: %w", err) } if err := pb.loadPlugins(configPaths.PluginDir); err != nil { - return errors.Wrap(err, "while loading plugin") + return fmt.Errorf("while loading plugin: %w", err) } pb.watcher = PluginWatcher{} pb.watcher.Init(pb.pluginConfigByName, pb.alertsByPluginName) @@ -268,7 +268,7 @@ func (pb *PluginBroker) loadPlugins(path string) error { data = []byte(csstring.StrictExpand(string(data), os.LookupEnv)) _, err = pluginClient.Configure(context.Background(), &protobufs.Config{Config: data}) if err != nil { - return errors.Wrapf(err, "while configuring %s", pc.Name) + return fmt.Errorf("while configuring %s: %w", pc.Name, err) } log.Infof("registered plugin %s", pc.Name) pb.notificationPluginByName[pc.Name] = pluginClient @@ -354,7 +354,7 @@ func ParsePluginConfigFile(path string) ([]PluginConfig, error) { parsedConfigs := make([]PluginConfig, 0) yamlFile, err := os.Open(path) if err != nil { - return parsedConfigs, errors.Wrapf(err, "while opening %s", path) + return nil, fmt.Errorf("while opening %s: %w", path, err) } dec := yaml.NewDecoder(yamlFile) dec.SetStrict(true) @@ -365,7 +365,7 @@ func ParsePluginConfigFile(path string) ([]PluginConfig, error) { if errors.Is(err, io.EOF) { break } - return []PluginConfig{}, fmt.Errorf("while decoding %s got error %s", path, err) + return nil, fmt.Errorf("while decoding %s got error %s", path, err) } // if the yaml document is empty, skip if reflect.DeepEqual(pc, PluginConfig{}) { diff --git a/pkg/csplugin/utils.go b/pkg/csplugin/utils.go index 67707c829..5e19dee38 100644 --- a/pkg/csplugin/utils.go +++ b/pkg/csplugin/utils.go @@ -3,6 +3,7 @@ package csplugin import ( + "errors" "fmt" "io/fs" "math" @@ -13,8 +14,6 @@ import ( "strconv" "strings" "syscall" - - "github.com/pkg/errors" ) func CheckCredential(uid int, gid int) *syscall.SysProcAttr { @@ -35,7 +34,7 @@ func (pb *PluginBroker) CreateCmd(binaryPath string) (*exec.Cmd, error) { } cmd.SysProcAttr, err = getProcessAttr(pb.pluginProcConfig.User, pb.pluginProcConfig.Group) if err != nil { - return nil, errors.Wrap(err, "while getting process attributes") + return nil, fmt.Errorf("while getting process attributes: %w", err) } cmd.SysProcAttr.Credential.NoSetGroups = true } @@ -105,17 +104,17 @@ func pluginIsValid(path string) error { // check if it exists if details, err = os.Stat(path); err != nil { - return errors.Wrap(err, fmt.Sprintf("plugin at %s does not exist", path)) + return fmt.Errorf("plugin at %s does not exist: %w", path, err) } // check if it is owned by current user currentUser, err := user.Current() if err != nil { - return errors.Wrap(err, "while getting current user") + return fmt.Errorf("while getting current user: %w", err) } currentUID, err := getUID(currentUser.Username) if err != nil { - return errors.Wrap(err, "while looking up the current uid") + return fmt.Errorf("while looking up the current uid: %w", err) } stat := details.Sys().(*syscall.Stat_t) if stat.Uid != currentUID { diff --git a/pkg/csplugin/utils_windows.go b/pkg/csplugin/utils_windows.go index 874e30021..dfb11aff5 100644 --- a/pkg/csplugin/utils_windows.go +++ b/pkg/csplugin/utils_windows.go @@ -13,7 +13,6 @@ import ( "syscall" "unsafe" - "github.com/pkg/errors" log "github.com/sirupsen/logrus" "golang.org/x/sys/windows" ) @@ -54,38 +53,38 @@ func CheckPerms(path string) error { systemSid, err := windows.CreateWellKnownSid(windows.WELL_KNOWN_SID_TYPE(windows.WinLocalSystemSid)) if err != nil { - return errors.Wrap(err, "while creating SYSTEM well known sid") + return fmt.Errorf("while creating SYSTEM well known sid: %w", err) } adminSid, err := windows.CreateWellKnownSid(windows.WELL_KNOWN_SID_TYPE(windows.WinBuiltinAdministratorsSid)) if err != nil { - return errors.Wrap(err, "while creating built-in Administrators well known sid") + return fmt.Errorf("while creating built-in Administrators well known sid: %w", err) } currentUser, err := user.Current() if err != nil { - return errors.Wrap(err, "while getting current user") + return fmt.Errorf("while getting current user: %w", err) } currentUserSid, _, _, err := windows.LookupSID("", currentUser.Username) if err != nil { - return errors.Wrap(err, "while looking up current user sid") + return fmt.Errorf("while looking up current user sid: %w", err) } sd, err := windows.GetNamedSecurityInfo(path, windows.SE_FILE_OBJECT, windows.OWNER_SECURITY_INFORMATION|windows.DACL_SECURITY_INFORMATION) if err != nil { - return errors.Wrap(err, "while getting owner security info") + return fmt.Errorf("while getting owner security info: %w", err) } if !sd.IsValid() { - return errors.New("security descriptor is invalid") + return fmt.Errorf("security descriptor is invalid") } owner, _, err := sd.Owner() if err != nil { - return errors.Wrap(err, "while getting owner") + return fmt.Errorf("while getting owner: %w", err) } if !owner.IsValid() { - return errors.New("owner is invalid") + return fmt.Errorf("owner is invalid") } if !owner.Equals(systemSid) && !owner.Equals(currentUserSid) && !owner.Equals(adminSid) { @@ -94,7 +93,7 @@ func CheckPerms(path string) error { dacl, _, err := sd.DACL() if err != nil { - return errors.Wrap(err, "while getting DACL") + return fmt.Errorf("while getting DACL: %w", err) } if dacl == nil { @@ -102,7 +101,7 @@ func CheckPerms(path string) error { } if err != nil { - return errors.Wrap(err, "while looking up current user sid") + return fmt.Errorf("while looking up current user sid: %w", err) } rs := reflect.ValueOf(dacl).Elem() @@ -124,7 +123,7 @@ func CheckPerms(path string) error { ace := &AccessAllowedAce{} ret, _, _ := procGetAce.Call(uintptr(unsafe.Pointer(dacl)), uintptr(i), uintptr(unsafe.Pointer(&ace))) if ret == 0 { - return errors.Wrap(windows.GetLastError(), "while getting ACE") + return fmt.Errorf("while getting ACE: %w", windows.GetLastError()) } log.Debugf("ACE %d: %+v\n", i, ace) @@ -162,14 +161,14 @@ func getProcessAtr() (*syscall.SysProcAttr, error) { err := windows.OpenProcessToken(proc, windows.TOKEN_DUPLICATE|windows.TOKEN_ADJUST_DEFAULT| windows.TOKEN_QUERY|windows.TOKEN_ASSIGN_PRIMARY|windows.TOKEN_ADJUST_GROUPS|windows.TOKEN_ADJUST_PRIVILEGES, &procToken) if err != nil { - return nil, errors.Wrapf(err, "while opening process token") + return nil, fmt.Errorf("while opening process token: %w", err) } defer procToken.Close() err = windows.DuplicateTokenEx(procToken, 0, nil, windows.SecurityImpersonation, windows.TokenPrimary, &token) if err != nil { - return nil, errors.Wrapf(err, "while duplicating token") + return nil, fmt.Errorf("while duplicating token: %w", err) } //Remove all privileges from the token @@ -177,7 +176,7 @@ func getProcessAtr() (*syscall.SysProcAttr, error) { err = windows.AdjustTokenPrivileges(token, true, nil, 0, nil, nil) if err != nil { - return nil, errors.Wrapf(err, "while adjusting token privileges") + return nil, fmt.Errorf("while adjusting token privileges: %w", err) } //Run the plugin as a medium integrity level process @@ -195,7 +194,7 @@ func getProcessAtr() (*syscall.SysProcAttr, error) { (*byte)(unsafe.Pointer(tml)), tml.Size()) if err != nil { token.Close() - return nil, errors.Wrapf(err, "while setting token information") + return nil, fmt.Errorf("while setting token information: %w", err) } return &windows.SysProcAttr{ @@ -209,7 +208,7 @@ func (pb *PluginBroker) CreateCmd(binaryPath string) (*exec.Cmd, error) { cmd := exec.Command(binaryPath) cmd.SysProcAttr, err = getProcessAtr() if err != nil { - return nil, errors.Wrap(err, "while getting process attributes") + return nil, fmt.Errorf("while getting process attributes: %w", err) } return cmd, err } @@ -229,7 +228,7 @@ func pluginIsValid(path string) error { // check if it exists if _, err = os.Stat(path); err != nil { - return errors.Wrap(err, fmt.Sprintf("plugin at %s does not exist", path)) + return fmt.Errorf("plugin at %s does not exist", path) } // check if it is owned by root diff --git a/pkg/cwhub/loader.go b/pkg/cwhub/loader.go index aa63510a8..1b2b8c832 100644 --- a/pkg/cwhub/loader.go +++ b/pkg/cwhub/loader.go @@ -2,16 +2,17 @@ package cwhub import ( "encoding/json" + "errors" "fmt" "os" "path/filepath" "sort" "strings" - "github.com/crowdsecurity/crowdsec/pkg/csconfig" - "github.com/pkg/errors" log "github.com/sirupsen/logrus" "golang.org/x/mod/semver" + + "github.com/crowdsecurity/crowdsec/pkg/csconfig" ) /*the walk/parser_visit function can't receive extra args*/ @@ -102,7 +103,7 @@ func parser_visit(path string, f os.DirEntry, err error) error { when the collection is installed, both files are created */ //non symlinks are local user files or hub files - if f.Type() & os.ModeSymlink == 0 { + if f.Type()&os.ModeSymlink == 0 { local = true log.Tracef("%s isn't a symlink", path) } else { @@ -365,7 +366,7 @@ func GetHubIdx(hub *csconfig.Hub) error { log.Debugf("loading hub idx %s", hub.HubIndexFile) bidx, err := os.ReadFile(hub.HubIndexFile) if err != nil { - return errors.Wrap(err, "unable to read index file") + return fmt.Errorf("unable to read index file: %w", err) } ret, err := LoadPkgIndex(bidx) if err != nil { diff --git a/pkg/leakybucket/overflows.go b/pkg/leakybucket/overflows.go index d6131cd26..45446b8f6 100644 --- a/pkg/leakybucket/overflows.go +++ b/pkg/leakybucket/overflows.go @@ -6,15 +6,14 @@ import ( "sort" "strconv" + "github.com/antonmedv/expr" + "github.com/davecgh/go-spew/spew" + "github.com/go-openapi/strfmt" + log "github.com/sirupsen/logrus" + "github.com/crowdsecurity/crowdsec/pkg/alertcontext" "github.com/crowdsecurity/crowdsec/pkg/models" "github.com/crowdsecurity/crowdsec/pkg/types" - "github.com/davecgh/go-spew/spew" - "github.com/go-openapi/strfmt" - "github.com/pkg/errors" - log "github.com/sirupsen/logrus" - - "github.com/antonmedv/expr" ) // SourceFromEvent extracts and formats a valid models.Source object from an Event @@ -53,7 +52,7 @@ func SourceFromEvent(evt types.Event, leaky *Leaky) (map[string]models.Source, e if leaky.scopeType.RunTimeFilter != nil { retValue, err := expr.Run(leaky.scopeType.RunTimeFilter, map[string]interface{}{"evt": &evt}) if err != nil { - return srcs, errors.Wrapf(err, "while running scope filter") + return srcs, fmt.Errorf("while running scope filter: %w", err) } value, ok := retValue.(string) if !ok { @@ -128,7 +127,7 @@ func SourceFromEvent(evt types.Event, leaky *Leaky) (map[string]models.Source, e if leaky.scopeType.RunTimeFilter != nil { retValue, err := expr.Run(leaky.scopeType.RunTimeFilter, map[string]interface{}{"evt": &evt}) if err != nil { - return srcs, errors.Wrapf(err, "while running scope filter") + return srcs, fmt.Errorf("while running scope filter: %w", err) } value, ok := retValue.(string) @@ -145,7 +144,7 @@ func SourceFromEvent(evt types.Event, leaky *Leaky) (map[string]models.Source, e } retValue, err := expr.Run(leaky.scopeType.RunTimeFilter, map[string]interface{}{"evt": &evt}) if err != nil { - return srcs, errors.Wrapf(err, "while running scope filter") + return srcs, fmt.Errorf("while running scope filter: %w", err) } value, ok := retValue.(string) @@ -217,7 +216,7 @@ func alertFormatSource(leaky *Leaky, queue *Queue) (map[string]models.Source, st for _, evt := range queue.Queue { srcs, err := SourceFromEvent(evt, leaky) if err != nil { - return nil, "", errors.Wrapf(err, "while extracting scope from bucket %s", leaky.Name) + return nil, "", fmt.Errorf("while extracting scope from bucket %s: %w", leaky.Name, err) } for key, src := range srcs { if source_type == types.Undefined { @@ -276,7 +275,7 @@ func NewAlert(leaky *Leaky, queue *Queue) (types.RuntimeAlert, error) { //Get the sources from Leaky/Queue sources, source_scope, err := alertFormatSource(leaky, queue) if err != nil { - return runtimeAlert, errors.Wrap(err, "unable to collect sources from bucket") + return runtimeAlert, fmt.Errorf("unable to collect sources from bucket: %w", err) } runtimeAlert.Sources = sources //Include source info in format string