komuw · komuw · Oct 4, 2022 · Oct 4, 2022 · Oct 4, 2022 · Oct 4, 2022
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -3,6 +3,9 @@
 Most recent version is listed first.  
 
 
+## v0.0.12
+- Prefix errors produced by ong with a constant string: https://github.com/komuw/ong/pull/147
+
 ## v0.0.11
 - Add secure/encrypted cookies: https://github.com/komuw/ong/pull/143
 

diff --git a/client/client.go b/client/client.go
@@ -191,7 +191,7 @@ func (c *Client) log(ctx context.Context, url, method string) func(resp *http.Re
 	}
 }
 
-const errPrefix = "ong"
+const errPrefix = "ong/client:"
 
 func ssrfSocketControl(ssrfSafe bool) func(network, address string, conn syscall.RawConn) error {
 	if !ssrfSafe {
@@ -200,7 +200,7 @@ func ssrfSocketControl(ssrfSafe bool) func(network, address string, conn syscall
 
 	return func(network, address string, conn syscall.RawConn) error {
 		if !(network == "tcp4" || network == "tcp6") {
-			return fmt.Errorf("%s: %s is not a safe network type", errPrefix, network)
+			return fmt.Errorf("%s %s is not a safe network type", errPrefix, network)
 		}
 
 		if err := isSafeAddress(address); err != nil {
@@ -223,13 +223,13 @@ func isSafeAddress(address string) error {
 	}
 
 	if addr.IsLoopback() {
-		return fmt.Errorf("%s: address %s IsLoopback", errPrefix, addr)
+		return fmt.Errorf("%s address %s IsLoopback", errPrefix, addr)
 	}
 	if addr.IsLinkLocalUnicast() {
-		return fmt.Errorf("%s: address %s IsLinkLocalUnicast", errPrefix, addr)
+		return fmt.Errorf("%s address %s IsLinkLocalUnicast", errPrefix, addr)
 	}
 	if addr.IsPrivate() {
-		return fmt.Errorf("%s: address %s IsPrivate", errPrefix, addr)
+		return fmt.Errorf("%s address %s IsPrivate", errPrefix, addr)
 	}
 
 	return nil

diff --git a/cry/enc.go b/cry/enc.go
@@ -65,7 +65,7 @@ func New(key string) Enc {
 	//
 
 	if len(key) < 4 {
-		panic(errors.New("short key"))
+		panic(errors.New("ong/cry: short key"))
 	}
 
 	// derive a key.
@@ -126,7 +126,7 @@ func (e Enc) Encrypt(plainTextMsg string) (encryptedMsg []byte) {
 // Decrypt authenticates and un-encrypts the encryptedMsg using XChaCha20-Poly1305 and returns decrypted bytes.
 func (e Enc) Decrypt(encryptedMsg []byte) (decryptedMsg []byte, err error) {
 	if len(encryptedMsg) < e.aead.NonceSize() {
-		return nil, errors.New("ciphertext too short")
+		return nil, errors.New("ong/cry: ciphertext too short")
 	}
 
 	// get salt

diff --git a/cry/hash.go b/cry/hash.go
@@ -56,15 +56,15 @@ func Eql(password, hash string) error {
 	params := strings.Split(hash, "$")
 
 	if len(params) != 3 {
-		return errors.New("unable to parse")
+		return errors.New("ong/cry: unable to parse")
 	}
 
 	pVer, err := strconv.Atoi(params[0])
 	if err != nil {
 		return err
 	}
 	if pVer != version {
-		return errors.New("version mismatch")
+		return errors.New("ong/cry: version mismatch")
 	}
 
 	pSalt, err := hex.DecodeString(params[1])
@@ -86,5 +86,5 @@ func Eql(password, hash string) error {
 		return nil
 	}
 
-	return errors.New("password mismatch")
+	return errors.New("ong/cry: password mismatch")
 }
diff --git a/middleware/csrf.go b/middleware/csrf.go
@@ -19,7 +19,7 @@ import (
 
 // errCsrfTokenNotFound is returned when a request using a non-safe http method
 // either does not supply a csrf token, or the supplied token is not recognized by the server.
-var errCsrfTokenNotFound = errors.New("csrf token not found")
+var errCsrfTokenNotFound = errors.New("ong/middleware: csrf token not found")
 
 type csrfContextKey string
 

diff --git a/middleware/gzip.go b/middleware/gzip.go
@@ -214,7 +214,7 @@ func (grw *gzipRW) Hijack() (net.Conn, *bufio.ReadWriter, error) {
 	if hj, ok := grw.ResponseWriter.(http.Hijacker); ok {
 		return hj.Hijack()
 	}
-	return nil, nil, fmt.Errorf("http.Hijacker interface is not supported")
+	return nil, nil, fmt.Errorf("ong/middleware: http.Hijacker interface is not supported")
 }
 
 // ReadFrom implements io.ReaderFrom
@@ -232,7 +232,7 @@ func (grw *gzipRW) Push(target string, opts *http.PushOptions) error {
 	if p, ok := grw.ResponseWriter.(http.Pusher); ok {
 		return p.Push(target, opts)
 	}
-	return fmt.Errorf("http.Pusher interface is not supported")
+	return fmt.Errorf("ong/middleware: http.Pusher interface is not supported")
 }
 
 // shouldGzipReq checks whether the request is eligible to be gzipped.

diff --git a/middleware/loadshed.go b/middleware/loadshed.go
@@ -74,7 +74,7 @@ func LoadShedder(wrappedHandler http.HandlerFunc) http.HandlerFunc {
 		p99 := lq.getP99(minSampleSize)
 		if p99 > breachLatency && !sendProbe {
 			// drop request
-			err := fmt.Errorf("server is overloaded, retry after %s", retryAfter)
+			err := fmt.Errorf("ong/middleware: server is overloaded, retry after %s", retryAfter)
 			w.Header().Set(ongMiddlewareErrorHeader, fmt.Sprintf("%s. p99latency: %s. breachLatency: %s", err.Error(), p99, breachLatency))
 			w.Header().Set(retryAfterHeader, fmt.Sprintf("%d", int(retryAfter.Seconds()))) // header should be in seconds(decimal-integer).
 			http.Error(

diff --git a/middleware/log.go b/middleware/log.go
@@ -146,7 +146,7 @@ func (lrw *logRW) Hijack() (net.Conn, *bufio.ReadWriter, error) {
 	if hj, ok := lrw.ResponseWriter.(http.Hijacker); ok {
 		return hj.Hijack()
 	}
-	return nil, nil, fmt.Errorf("http.Hijacker interface is not supported")
+	return nil, nil, fmt.Errorf("ong/middleware: http.Hijacker interface is not supported")
 }
 
 // ReadFrom implements io.ReaderFrom
@@ -164,7 +164,7 @@ func (lrw *logRW) Push(target string, opts *http.PushOptions) error {
 	if p, ok := lrw.ResponseWriter.(http.Pusher); ok {
 		return p.Push(target, opts)
 	}
-	return fmt.Errorf("http.Pusher interface is not supported")
+	return fmt.Errorf("ong/middleware: http.Pusher interface is not supported")
 }
 
 // getLogId returns a logID from the request or autogenerated if not available from the request.

diff --git a/middleware/ratelimiter.go b/middleware/ratelimiter.go
@@ -43,7 +43,7 @@ func RateLimiter(wrappedHandler http.HandlerFunc) http.HandlerFunc {
 		tb := rl.get(host, rateLimiterSendRate)
 
 		if !tb.allow() {
-			err := fmt.Errorf("rate limited, retry after %s", retryAfter)
+			err := fmt.Errorf("ong/middleware: rate limited, retry after %s", retryAfter)
 			w.Header().Set(ongMiddlewareErrorHeader, err.Error())
 			w.Header().Set(retryAfterHeader, fmt.Sprintf("%d", int(retryAfter.Seconds()))) // header should be in seconds(decimal-integer).
 			http.Error(

diff --git a/server/pprof.go b/server/pprof.go
@@ -8,7 +8,6 @@ import (
 	"net/http/pprof"
 	"time"
 
-	ongErrors "github.com/komuw/ong/errors"
 	"github.com/komuw/ong/log"
 )
 
@@ -50,7 +49,6 @@ func startPprofServer(logger log.Logger) {
 		cfg := listenerConfig()
 		l, err := cfg.Listen(ctx, "tcp", pprofSrv.Addr)
 		if err != nil {
-			err = ongErrors.Wrap(err)
 			logger.Error(err, log.F{"msg": "pprof server, unable to create listener"})
 			return
 		}
@@ -60,7 +58,6 @@ func startPprofServer(logger log.Logger) {
 		})
 		errPprofSrv := pprofSrv.Serve(l)
 		if errPprofSrv != nil {
-			errPprofSrv = ongErrors.Wrap(errPprofSrv)
 			logger.Error(errPprofSrv, log.F{"msg": "unable to start pprof server"})
 		}
 	}()

diff --git a/server/server.go b/server/server.go
@@ -14,7 +14,6 @@ import (
 	"time"
 
 	"github.com/komuw/ong/automax"
-	ongErrors "github.com/komuw/ong/errors"
 	"github.com/komuw/ong/log"
 
 	"golang.org/x/sys/unix" // syscall package is deprecated
@@ -268,7 +267,6 @@ func serve(ctx context.Context, srv *http.Server, o opts, logger log.Logger) err
 			redirectSrvCfg := listenerConfig()
 			redirectSrvListener, errL := redirectSrvCfg.Listen(ctx, "tcp", redirectSrv.Addr)
 			if errL != nil {
-				errL = ongErrors.Wrap(errL)
 				logger.Error(errL, log.F{"msg": "redirect server, unable to create listener"})
 				return
 			}
@@ -278,7 +276,6 @@ func serve(ctx context.Context, srv *http.Server, o opts, logger log.Logger) err
 			})
 			errRedirectSrv := redirectSrv.Serve(redirectSrvListener)
 			if errRedirectSrv != nil {
-				errRedirectSrv = ongErrors.Wrap(errRedirectSrv)
 				logger.Error(errRedirectSrv, log.F{"msg": "unable to start redirect server"})
 			}
 		}()
@@ -289,7 +286,7 @@ func serve(ctx context.Context, srv *http.Server, o opts, logger log.Logger) err
 		cfg := listenerConfig()
 		l, err := cfg.Listen(ctx, o.network, o.serverAddress)
 		if err != nil {
-			return ongErrors.Wrap(err)
+			return err
 		}
 		logger.Info(log.F{
 			"msg": fmt.Sprintf("https server listening at %s", o.serverAddress),
@@ -300,7 +297,7 @@ func serve(ctx context.Context, srv *http.Server, o opts, logger log.Logger) err
 			"",
 			"",
 		); errS != nil {
-			return ongErrors.Wrap(errS)
+			return errS
 		}
 	}
 

diff --git a/server/tls_conf.go b/server/tls_conf.go
@@ -3,13 +3,13 @@ package server
 import (
 	"context"
 	"crypto/tls"
+	"errors"
 	"fmt"
 	"os"
 	"strings"
 
 	"golang.org/x/net/idna"
 
-	ongErrors "github.com/komuw/ong/errors"
 	"golang.org/x/crypto/acme"
 	"golang.org/x/crypto/acme/autocert"
 )
@@ -63,11 +63,10 @@ func getTlsConfig(o opts) (*tls.Config, error) {
 		// 2. get from disk.
 		//
 		if len(o.tls.keyFile) < 1 {
-			return nil, ongErrors.New("keyFile cannot be empty if certFile is also specified")
+			return nil, errors.New("ong/server: keyFile cannot be empty if certFile is also specified")
 		}
 		c, err := tls.LoadX509KeyPair(o.tls.certFile, o.tls.keyFile)
 		if err != nil {
-			err = ongErrors.Wrap(err)
 			return nil, err
 		}
 
@@ -88,27 +87,27 @@ func getTlsConfig(o opts) (*tls.Config, error) {
 	}
 
 	// 3. non-tls traffic.
-	return nil, ongErrors.New("ong only serves https")
+	return nil, errors.New("ong/server: ong only serves https")
 }
 
 func validateDomain(domain string) error {
 	if len(domain) < 1 {
-		return ongErrors.New("domain cannot be empty")
+		return errors.New("ong/server: domain cannot be empty")
 	}
 	if strings.Count(domain, "*") > 1 {
-		return ongErrors.New("domain can only contain one wildcard character")
+		return errors.New("ong/server: domain can only contain one wildcard character")
 	}
 	if strings.Contains(domain, "*") && !strings.HasPrefix(domain, "*") {
-		return ongErrors.New("wildcard character should be a prefix")
+		return errors.New("ong/server: wildcard character should be a prefix")
 	}
 	if strings.Contains(domain, "*") && domain[1] != '.' {
-		return ongErrors.New("wildcard character should be followed by a `.` character")
+		return errors.New("ong/server: wildcard character should be followed by a `.` character")
 	}
 
 	if !strings.Contains(domain, "*") {
 		// not wildcard
 		if _, err := idna.Lookup.ToASCII(domain); err != nil {
-			return ongErrors.Wrap(err)
+			return err
 		}
 	}
 
@@ -167,7 +166,7 @@ func customHostWhitelist(domain string) autocert.HostPolicy {
 			}
 		}
 
-		return ongErrors.New(fmt.Sprintf("ong/acme: host %q not configured in HostWhitelist", host))
+		return fmt.Errorf("ong/server: host %q not configured in HostWhitelist", host)
 	}
 }