1 files changed, 42 insertions, 27 deletions

diff --git a/bin-src/pem-diff.go b/bin-src/pem-diff.go
index e140553..f4bacee 100644
--- a/bin-src/pem-diff.go
+++ b/bin-src/pem-diff.go
@@ -7,7 +7,6 @@ import (
 	"encoding/pem"
 	"fmt"
 	"io"
-	"io/ioutil"
 	"net/url"
 	"os"
 	"sort"
@@ -16,14 +15,6 @@ import (
 	"git.lukeshu.com/dashboard/bin-src/util"
 )
 
-func handleErr(err error, str string, a ...interface{}) {
-	a = append([]interface{}{err}, a...)
-	if err != nil {
-		fmt.Fprintf(os.Stderr, str, a...)
-		os.Exit(1)
-	}
-}
-
 type Cert struct {
 	Url  string
 	X509 *x509.Certificate
@@ -42,11 +33,12 @@ func (cert Cert) WriteTo(w io.Writer, action string) error {
 }
 
 func readTLS(filename string) (map[string]Cert, error) {
+	//nolint:gosec // that's the point
 	file, err := os.Open(filename)
 	if err != nil {
 		return nil, err
 	}
-	data, err := ioutil.ReadAll(file)
+	data, err := io.ReadAll(file)
 	if err != nil {
 		return nil, err
 	}
@@ -57,12 +49,11 @@ func readTLS(filename string) (map[string]Cert, error) {
 		certPem, data = pem.Decode(data)
 		certX509, err := x509.ParseCertificate(certPem.Bytes)
 		if err != nil {
-			url, err2 := url.Parse(certPem.Headers["X-Socket"])
+			u, err2 := url.Parse(certPem.Headers["X-Socket"])
 			if err2 != nil {
-				fmt.Fprintf(os.Stderr, "Could not get cert or even parse URL:\ncert: %v\nurl: %v\n", err, err2)
-				os.Exit(1)
+				return nil, fmt.Errorf("could not get cert or even parse URL:\ncert: %w\nurl: %w", err, err2)
 			}
-			ret[strings.Split(url.Host, ":")[0]] = Cert{
+			ret[strings.Split(u.Host, ":")[0]] = Cert{
 				X509: new(x509.Certificate),
 			}
 		} else {
@@ -76,11 +67,12 @@ func readTLS(filename string) (map[string]Cert, error) {
 }
 
 func readCrtSh(filename string, hosts []string) (map[string]Cert, error) {
+	//nolint:gosec // that's the point
 	file, err := os.Open(filename)
 	if err != nil {
 		return nil, err
 	}
-	data, err := ioutil.ReadAll(file)
+	data, err := io.ReadAll(file)
 	if err != nil {
 		return nil, err
 	}
@@ -123,25 +115,48 @@ func keys(m map[string]Cert) []string {
 
 func main() {
 	if len(os.Args) != 3 {
-		fmt.Fprintf(os.Stderr, "Usage: %s TLS-file crt.sh-file\n", os.Args[0])
+		_, _ = fmt.Fprintf(os.Stderr, "Usage: %s TLS-file crt.sh-file\n", os.Args[0])
+		os.Exit(2)
+	}
+	if err := mainWithError(os.Args[1], os.Args[2]); err != nil {
+		_, _ = fmt.Fprintf(os.Stderr, "%s: error: %v", os.Args[0], err)
+		os.Exit(1)
+	}
+}
+
+func mainWithError(filenameTLS string, filenameCrtSh string) error {
+	certsTLS, err := readTLS(filenameTLS)
+	if err != nil {
+		return fmt.Errorf("could load TLS file: %w", err)
 	}
-	certsTLS, err := readTLS(os.Args[1])
-	handleErr(err, "Could load TLS file: %v\n")
 	hostsTLS := keys(certsTLS)
-	certsCrtSh, err := readCrtSh(os.Args[2], hostsTLS)
-	handleErr(err, "Could load crt.sh file: %v\n")
+	certsCrtSh, err := readCrtSh(filenameCrtSh, hostsTLS)
+	if err != nil {
+		return fmt.Errorf("could load crt.sh file: %w", err)
+	}
 
 	for _, host := range hostsTLS {
 		certTLS := certsTLS[host]
 		certCrtSh, haveCrtSh := certsCrtSh[host]
 
-		if !haveCrtSh {
-			handleErr(certTLS.WriteTo(os.Stdout, "del"), "Could not encode PEM: %v\n")
-		} else if !certTLS.X509.Equal(certCrtSh.X509) {
-			handleErr(certTLS.WriteTo(os.Stdout, "del"), "Could not encode PEM: %v\n")
-			handleErr(certCrtSh.WriteTo(os.Stdout, "add"), "Could not encode PEM: %v\n")
-		} else {
-			handleErr(certCrtSh.WriteTo(os.Stdout, "ctx"), "Could not encode PEM: %v\n")
+		switch {
+		case !haveCrtSh:
+			if err := certTLS.WriteTo(os.Stdout, "del"); err != nil {
+				return fmt.Errorf("could not encode PEM: %w", err)
+			}
+		case !certTLS.X509.Equal(certCrtSh.X509):
+			if err := certTLS.WriteTo(os.Stdout, "del"); err != nil {
+				return fmt.Errorf("could not encode PEM: %w", err)
+			}
+			if err := certCrtSh.WriteTo(os.Stdout, "add"); err != nil {
+				return fmt.Errorf("could not encode PEM: %w", err)
+			}
+		default:
+			if err := certCrtSh.WriteTo(os.Stdout, "ctx"); err != nil {
+				return fmt.Errorf("could not encode PEM: %w", err)
+			}
 		}
 	}
+
+	return nil
 }