Pull request: home: rm var shadowing, vol. 4

Closes #2803. Squashed commit of the following: commit cb36cc8811160bb39a32fb8eddf962d0ebe9035a Author: Ainar Garipov <A.Garipov@AdGuard.COM> Date: Fri Mar 12 14:21:46 2021 +0300 home: imp more commit 9ea7ccec8bb293881cf724d7ad57e6744243d8b9 Author: Ainar Garipov <A.Garipov@AdGuard.COM> Date: Fri Mar 12 13:58:10 2021 +0300 all: imp naming, refactor http srv shutdown commit f29221007c16fd3e7230bf2c1ac37b365f3e29aa Merge: 2247c05b bfbf73f3 Author: Ainar Garipov <A.Garipov@AdGuard.COM> Date: Fri Mar 12 13:35:17 2021 +0300 Merge branch 'master' into 2803-shadow-4 commit 2247c05b5521346aaf362d81ccdd64fee31f1e6d Author: Ainar Garipov <A.Garipov@AdGuard.COM> Date: Fri Jan 29 20:53:21 2021 +0300 home: rm var shadowing, vol. 4
2024-08-16 22:20:30 +03:00 · 2021-03-12 14:32:08 +03:00 · 2021-03-12 14:32:08 +03:00 · 7e64205d44
commit 7e64205d44
parent bfbf73f3cd
17 changed files with 195 additions and 169 deletions
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@ -37,7 +37,7 @@ and this project adheres to
 - Wrong DNS-over-TLS ALPN configuration ([#2681]).
 - Inconsistent responses for messages with EDNS0 and AD when DNS caching is
  enabled ([#2600]).
- Incomplete OpenWRT detection ([#2757]).
+- Incomplete OpenWrt detection ([#2757]).
 - DHCP lease's `expired` field incorrect time format ([#2692]).
 - Incomplete DNS upstreams validation ([#2674]).
 - Wrong parsing of DHCP options of the `ip` type ([#2688]).
--- a/internal/home/authglinet.go
+++ b/internal/home/authglinet.go
@ -66,6 +66,8 @@ func glCheckToken(sess string) bool {
 	return now <= (tokenDate + glTokenTimeoutSeconds)
 }

+// TODO(a.garipov): Replace with a smaller version of
+// https://github.com/josharian/native.
 func archIsLittleEndian() bool {
 	var i int32 = 0x01020304
 	u := unsafe.Pointer(&i)
@ -102,18 +104,17 @@ func glGetTokenDate(file string) uint32 {
 	}
 	buf := bytes.NewBuffer(bs)

+	var order binary.ByteOrder = binary.BigEndian
 	if archIsLittleEndian() {
-		err := binary.Read(buf, binary.LittleEndian, &dateToken)
-		if err != nil {
-			log.Error("binary.Read: %s", err)
-			return 0
-		}
-	} else {
-		err := binary.Read(buf, binary.BigEndian, &dateToken)
-		if err != nil {
-			log.Error("binary.Read: %s", err)
-			return 0
-		}
+		order = binary.LittleEndian
 	}
+
+	err = binary.Read(buf, order, &dateToken)
+	if err != nil {
+		log.Error("binary.Read: %s", err)
+
+		return 0
+	}
+
 	return dateToken
 }
--- a/internal/home/clients.go
+++ b/internal/home/clients.go
@ -517,7 +517,7 @@ func (clients *clientsContainer) Update(name string, c *Client) (err error) {
 		return agherr.Error("client not found")
 	}

-	// check Name index
+	// First, check the name index.
 	if prev.Name != c.Name {
 		_, ok = clients.list[c.Name]
 		if ok {
@ -525,12 +525,12 @@ func (clients *clientsContainer) Update(name string, c *Client) (err error) {
 		}
 	}

-	// check IP index
+	// Second, check the IP index.
 	if !equalStringSlices(prev.IDs, c.IDs) {
 		for _, id := range c.IDs {
-			c2, ok := clients.idIndex[id]
-			if ok && c2 != prev {
-				return fmt.Errorf("another client uses the same ID (%q): %q", id, c2.Name)
+			c2, ok2 := clients.idIndex[id]
+			if ok2 && c2 != prev {
+				return fmt.Errorf("another client uses the same id (%q): %q", id, c2.Name)
 			}
 		}

--- a/internal/home/controlinstall.go
+++ b/internal/home/controlinstall.go
@ -272,6 +272,27 @@ func copyInstallSettings(dst, src *configuration) {
 // shutdownTimeout is the timeout for shutting HTTP server down operation.
 const shutdownTimeout = 5 * time.Second

+func logPanic() {
+	if v := recover(); v != nil {
+		log.Error("recovered from panic: %v", v)
+	}
+}
+
+func shutdownSrv(ctx context.Context, cancel context.CancelFunc, srv *http.Server) {
+	defer logPanic()
+
+	if srv == nil {
+		return
+	}
+
+	defer cancel()
+
+	err := srv.Shutdown(ctx)
+	if err != nil {
+		log.Error("error while shutting down http server %q: %s", srv.Addr, err)
+	}
+}
+
 // Apply new configuration, start DNS server, restart Web server
 func (web *Web) handleInstallConfigure(w http.ResponseWriter, r *http.Request) {
 	newSettings := applyConfigReq{}
@ -359,23 +380,13 @@ func (web *Web) handleInstallConfigure(w http.ResponseWriter, r *http.Request) {
 		f.Flush()
 	}

-	// The Shutdown() method of (*http.Server) needs to be called in a
-	// separate goroutine, because it waits until all requests are handled
-	// and will be blocked by it's own caller.
+	// Method http.(*Server).Shutdown needs to be called in a separate
+	// goroutine and with its own context, because it waits until all
+	// requests are handled and will be blocked by it's own caller.
 	if restartHTTP {
 		ctx, cancel := context.WithTimeout(context.Background(), shutdownTimeout)
-
-		shut := func(srv *http.Server) {
-			defer cancel()
-			err := srv.Shutdown(ctx)
-			if err != nil {
-				log.Debug("error while shutting down HTTP server: %s", err)
-			}
-		}
-		go shut(web.httpServer)
-		if web.httpServerBeta != nil {
-			go shut(web.httpServerBeta)
-		}
+		go shutdownSrv(ctx, cancel, web.httpServer)
+		go shutdownSrv(ctx, cancel, web.httpServerBeta)
 	}
 }

--- a/internal/home/dns.go
+++ b/internal/home/dns.go
@ -268,15 +268,15 @@ func getDNSAddresses() []string {
 		addDNSAddress(&dnsAddresses, config.DNS.BindHost)
 	}

-	dnsEncryption := getDNSEncryption()
-	if dnsEncryption.https != "" {
-		dnsAddresses = append(dnsAddresses, dnsEncryption.https)
+	de := getDNSEncryption()
+	if de.https != "" {
+		dnsAddresses = append(dnsAddresses, de.https)
 	}
-	if dnsEncryption.tls != "" {
-		dnsAddresses = append(dnsAddresses, dnsEncryption.tls)
+	if de.tls != "" {
+		dnsAddresses = append(dnsAddresses, de.tls)
 	}
-	if dnsEncryption.quic != "" {
-		dnsAddresses = append(dnsAddresses, dnsEncryption.quic)
+	if de.quic != "" {
+		dnsAddresses = append(dnsAddresses, de.quic)
 	}

 	return dnsAddresses
--- a/internal/home/filter.go
+++ b/internal/home/filter.go
@ -556,35 +556,37 @@ func (f *Filtering) updateIntl(filter *filter) (updated bool, err error) {
 		return updated, err
 	}
 	defer func() {
+		var derr error
 		if tmpFile != nil {
-			if err := tmpFile.Close(); err != nil {
-				log.Printf("Couldn't close temporary file: %s", err)
-			}
-			tmpFileName := tmpFile.Name()
-			if err := os.Remove(tmpFileName); err != nil {
-				log.Printf("Couldn't delete temporary file %s: %s", tmpFileName, err)
+			if derr = tmpFile.Close(); derr != nil {
+				log.Printf("Couldn't close temporary file: %s", derr)
 			}

+			tmpFileName := tmpFile.Name()
+			if derr = os.Remove(tmpFileName); derr != nil {
+				log.Printf("Couldn't delete temporary file %s: %s", tmpFileName, derr)
+			}
 		}
 	}()

 	var reader io.Reader
 	if filepath.IsAbs(filter.URL) {
-		f, err := os.Open(filter.URL)
+		var f io.ReadCloser
+		f, err = os.Open(filter.URL)
 		if err != nil {
 			return updated, fmt.Errorf("open file: %w", err)
 		}
+
 		defer f.Close()
 		reader = f
 	} else {
-		resp, err := Context.client.Get(filter.URL)
-		if resp != nil && resp.Body != nil {
-			defer resp.Body.Close()
-		}
+		var resp *http.Response
+		resp, err = Context.client.Get(filter.URL)
 		if err != nil {
 			log.Printf("Couldn't request filter from URL %s, skipping: %s", filter.URL, err)
 			return updated, err
 		}
+		defer resp.Body.Close()

 		if resp.StatusCode != http.StatusOK {
 			log.Printf("Got status code %d from URL %s, skipping", resp.StatusCode, filter.URL)
@ -703,7 +705,8 @@ func enableFilters(async bool) {
 			if !filter.Enabled {
 				continue
 			}
-			f := dnsfilter.Filter{
+
+			f = dnsfilter.Filter{
 				ID:       filter.ID,
 				FilePath: filter.Path(),
 			}
@ -713,7 +716,8 @@ func enableFilters(async bool) {
 			if !filter.Enabled {
 				continue
 			}
-			f := dnsfilter.Filter{
+
+			f = dnsfilter.Filter{
 				ID:       filter.ID,
 				FilePath: filter.Path(),
 			}
--- a/internal/home/home.go
+++ b/internal/home/home.go
@ -265,8 +265,8 @@ func run(args options) {
 			mux.HandleFunc("/debug/pprof/trace", pprof.Trace)
 			go func() {
 				log.Info("pprof: listening on localhost:6060")
-				err := http.ListenAndServe("localhost:6060", mux)
-				log.Error("Error while running the pprof server: %s", err)
+				lerr := http.ListenAndServe("localhost:6060", mux)
+				log.Error("Error while running the pprof server: %s", lerr)
 			}()
 		}
 	}
@ -310,18 +310,19 @@ func run(args options) {
 	}

 	if !Context.firstRun {
-		err := initDNSServer()
+		err = initDNSServer()
 		if err != nil {
 			log.Fatalf("%s", err)
 		}
+
 		Context.tls.Start()
 		Context.autoHosts.Start()

 		go func() {
-			err := startDNSServer()
-			if err != nil {
+			serr := startDNSServer()
+			if serr != nil {
 				closeDNSServer()
-				log.Fatal(err)
+				log.Fatal(serr)
 			}
 		}()

@ -376,10 +377,8 @@ func checkPermissions() {
 		return
 	}

-	if opErr, ok := err.(*net.OpError); ok {
-		if sysErr, ok := opErr.Err.(*os.SyscallError); ok {
-			if errno, ok := sysErr.Err.(syscall.Errno); ok && errno == syscall.EACCES {
-				msg := `Permission check failed.
+	if errors.Is(err, os.ErrPermission) {
+		msg := `Permission check failed.

 AdGuard Home is not allowed to bind to privileged ports (for instance, port 53).
 Please note, that this is crucial for a server to be able to use privileged ports.
@ -389,9 +388,7 @@ You have two options:
 2. On Linux you can grant the CAP_NET_BIND_SERVICE capability:
 https://github.com/AdguardTeam/AdGuardHome/internal/wiki/Getting-Started#running-without-superuser`

-				log.Fatal(msg)
-			}
-		}
+		log.Fatal(msg)
 	}

 	msg := fmt.Sprintf(`AdGuard failed to bind to port 53 due to %v
@ -437,9 +434,12 @@ func initWorkingDir(args options) {
 		Context.workDir = filepath.Dir(execPath)
 	}

-	if workDir, err := filepath.EvalSymlinks(Context.workDir); err == nil {
-		Context.workDir = workDir
+	workDir, err := filepath.EvalSymlinks(Context.workDir)
+	if err != nil {
+		panic(err)
 	}
+
+	Context.workDir = workDir
 }

 // configureLogger configures logger level and output
@ -634,7 +634,7 @@ func detectFirstRun() bool {
 }

 // Connect to a remote server resolving hostname using our own DNS server
-func customDialContext(ctx context.Context, network, addr string) (net.Conn, error) {
+func customDialContext(ctx context.Context, network, addr string) (conn net.Conn, err error) {
 	log.Tracef("network:%v  addr:%v", network, addr)

 	host, port, err := net.SplitHostPort(addr)
@ -647,14 +647,13 @@ func customDialContext(ctx context.Context, network, addr string) (net.Conn, err
 	}

 	if net.ParseIP(host) != nil || config.DNS.Port == 0 {
-		con, err := dialer.DialContext(ctx, network, addr)
-		return con, err
+		return dialer.DialContext(ctx, network, addr)
 	}

-	addrs, e := Context.dnsServer.Resolve(host)
+	addrs, err := Context.dnsServer.Resolve(host)
 	log.Debug("dnsServer.Resolve: %s: %v", host, addrs)
-	if e != nil {
-		return nil, e
+	if err != nil {
+		return nil, err
 	}

 	if len(addrs) == 0 {
@ -664,13 +663,16 @@ func customDialContext(ctx context.Context, network, addr string) (net.Conn, err
 	var dialErrs []error
 	for _, a := range addrs {
 		addr = net.JoinHostPort(a.String(), port)
-		con, err := dialer.DialContext(ctx, network, addr)
+		conn, err = dialer.DialContext(ctx, network, addr)
 		if err != nil {
 			dialErrs = append(dialErrs, err)
+
 			continue
 		}
-		return con, err
+
+		return conn, err
 	}
+
 	return nil, agherr.Many(fmt.Sprintf("couldn't dial to %s", addr), dialErrs...)
 }

--- a/internal/home/home_test.go
+++ b/internal/home/home_test.go
@ -174,8 +174,9 @@ func TestHome(t *testing.T) {
 	assert.True(t, haveIP)

 	for i := 1; ; i++ {
-		st, err := os.Stat(filepath.Join(dir, "data", "filters", "1.txt"))
-		if err == nil && st.Size() != 0 {
+		var fi os.FileInfo
+		fi, err = os.Stat(filepath.Join(dir, "data", "filters", "1.txt"))
+		if err == nil && fi.Size() != 0 {
 			break
 		}
 		if i == 5 {
--- a/internal/home/ipdetector.go
+++ b/internal/home/ipdetector.go
@ -47,7 +47,8 @@ func newIPDetector() (ipd *ipDetector, err error) {
 		nets: make([]*net.IPNet, len(specialNetworks)),
 	}
 	for i, ipnetStr := range specialNetworks {
-		_, ipnet, err := net.ParseCIDR(ipnetStr)
+		var ipnet *net.IPNet
+		_, ipnet, err = net.ParseCIDR(ipnetStr)
 		if err != nil {
 			return nil, err
 		}
--- a/internal/home/options.go
+++ b/internal/home/options.go
@ -296,15 +296,14 @@ func parse(exec string, ss []string) (o options, f effect, err error) {
 					}
 					if eff != nil {
 						prevf := f
-						f = func() error {
-							var err error
+						f = func() (ferr error) {
 							if prevf != nil {
-								err = prevf()
+								ferr = prevf()
 							}
-							if err == nil {
-								err = eff()
+							if ferr == nil {
+								ferr = eff()
 							}
-							return err
+							return ferr
 						}
 					}
 				}
--- a/internal/home/service.go
+++ b/internal/home/service.go
@ -50,32 +50,38 @@ func (p *program) Stop(s service.Service) error {
 	return nil
 }

-// Check the service's status
-// Note: on OpenWrt 'service' utility may not exist - we use our service script directly in this case.
-func svcStatus(s service.Service) (service.Status, error) {
-	status, err := s.Status()
+// svcStatus check the service's status.
+//
+// On OpenWrt, the service utility may not exist.  We use our service script
+// directly in this case.
+func svcStatus(s service.Service) (status service.Status, err error) {
+	status, err = s.Status()
 	if err != nil && service.Platform() == "unix-systemv" {
-		code, err := runInitdCommand("status")
-		if err != nil {
-			return service.StatusStopped, nil
-		}
-		if code != 0 {
+		var code int
+		code, err = runInitdCommand("status")
+		if err != nil || code != 0 {
 			return service.StatusStopped, nil
 		}
+
 		return service.StatusRunning, nil
 	}
+
 	return status, err
 }

-// Perform an action on the service
-// Note: on OpenWrt 'service' utility may not exist - we use our service script directly in this case.
-func svcAction(s service.Service, action string) error {
-	err := service.Control(s, action)
+// svcAction performs the action on the service.
+//
+// On OpenWrt, the service utility may not exist.  We use our service script
+// directly in this case.
+func svcAction(s service.Service, action string) (err error) {
+	err = service.Control(s, action)
 	if err != nil && service.Platform() == "unix-systemv" &&
 		(action == "start" || action == "stop" || action == "restart") {
-		_, err := runInitdCommand(action)
+		_, err = runInitdCommand(action)
+
 		return err
 	}
+
 	return err
 }

@ -90,7 +96,9 @@ func sendSigReload() {
 	pidfile := fmt.Sprintf("/var/run/%s.pid", serviceName)
 	data, err := ioutil.ReadFile(pidfile)
 	if os.IsNotExist(err) {
-		code, psdata, err := util.RunCommand("ps", "-C", serviceName, "-o", "pid=")
+		var code int
+		var psdata string
+		code, psdata, err = util.RunCommand("ps", "-C", serviceName, "-o", "pid=")
 		if err != nil || code != 0 {
 			log.Error("Can't find AdGuardHome process: %s  code:%d", err, code)
 			return
@ -207,10 +215,10 @@ func handleServiceInstallCommand(s service.Service) {
 		log.Fatal(err)
 	}

-	if util.IsOpenWRT() {
+	if util.IsOpenWrt() {
 		// On OpenWrt it is important to run enable after the service installation
 		// Otherwise, the service won't start on the system startup
-		_, err := runInitdCommand("enable")
+		_, err = runInitdCommand("enable")
 		if err != nil {
 			log.Fatal(err)
 		}
@ -234,7 +242,7 @@ Click on the link below and follow the Installation Wizard steps to finish setup

 // handleServiceStatusCommand handles service "uninstall" command
 func handleServiceUninstallCommand(s service.Service) {
-	if util.IsOpenWRT() {
+	if util.IsOpenWrt() {
 		// On OpenWrt it is important to run disable command first
 		// as it will remove the symlink
 		_, err := runInitdCommand("disable")
@ -249,14 +257,15 @@ func handleServiceUninstallCommand(s service.Service) {
 	}

 	if runtime.GOOS == "darwin" {
-		// Removing log files on cleanup and ignore errors
-		err := os.Remove(launchdStdoutPath)
+		// Remove log files on cleanup and log errors.
+		err = os.Remove(launchdStdoutPath)
 		if err != nil && !os.IsNotExist(err) {
-			log.Printf("cannot remove %s", launchdStdoutPath)
+			log.Printf("removing stdout file: %s", err)
 		}
+
 		err = os.Remove(launchdStderrPath)
 		if err != nil && !os.IsNotExist(err) {
-			log.Printf("cannot remove %s", launchdStderrPath)
+			log.Printf("removing stderr file: %s", err)
 		}
 	}
 }
@ -281,7 +290,7 @@ func configureService(c *service.Config) {
 	c.Option["SysvScript"] = sysvScript

 	// On OpenWrt we're using a different type of sysvScript.
-	if util.IsOpenWRT() {
+	if util.IsOpenWrt() {
 		c.Option["SysvScript"] = openWrtScript
 	} else if runtime.GOOS == "freebsd" {
 		c.Option["SysvScript"] = freeBSDScript
--- a/internal/home/tls.go
+++ b/internal/home/tls.go
@ -497,23 +497,26 @@ func unmarshalTLS(r *http.Request) (tlsConfigSettings, error) {
 	}

 	if data.CertificateChain != "" {
-		certPEM, err := base64.StdEncoding.DecodeString(data.CertificateChain)
+		var cert []byte
+		cert, err = base64.StdEncoding.DecodeString(data.CertificateChain)
 		if err != nil {
 			return data, fmt.Errorf("failed to base64-decode certificate chain: %w", err)
 		}
-		data.CertificateChain = string(certPEM)
+
+		data.CertificateChain = string(cert)
 		if data.CertificatePath != "" {
 			return data, fmt.Errorf("certificate data and file can't be set together")
 		}
 	}

 	if data.PrivateKey != "" {
-		keyPEM, err := base64.StdEncoding.DecodeString(data.PrivateKey)
+		var key []byte
+		key, err = base64.StdEncoding.DecodeString(data.PrivateKey)
 		if err != nil {
 			return data, fmt.Errorf("failed to base64-decode private key: %w", err)
 		}

-		data.PrivateKey = string(keyPEM)
+		data.PrivateKey = string(key)
 		if data.PrivateKeyPath != "" {
 			return data, fmt.Errorf("private key data and file can't be set together")
 		}
--- a/internal/home/upgrade.go
+++ b/internal/home/upgrade.go
@ -188,14 +188,15 @@ func upgradeSchema2to3(diskConfig *map[string]interface{}) error {
 	}

 	// Replace bootstrap_dns value filed with new array contains old bootstrap_dns inside
-	if bootstrapDNS, ok := (newDNSConfig)["bootstrap_dns"]; ok {
-		newBootstrapConfig := []string{fmt.Sprint(bootstrapDNS)}
-		(newDNSConfig)["bootstrap_dns"] = newBootstrapConfig
-		(*diskConfig)["dns"] = newDNSConfig
-	} else {
+	bootstrapDNS, ok := newDNSConfig["bootstrap_dns"]
+	if !ok {
 		return fmt.Errorf("no bootstrap DNS in DNS config")
 	}

+	newBootstrapConfig := []string{fmt.Sprint(bootstrapDNS)}
+	newDNSConfig["bootstrap_dns"] = newBootstrapConfig
+	(*diskConfig)["dns"] = newDNSConfig
+
 	// Bump schema version
 	(*diskConfig)["schema_version"] = 3

@ -306,17 +307,17 @@ func upgradeSchema5to6(diskConfig *map[string]interface{}) error {

 	switch arr := clients.(type) {
 	case []interface{}:
-
 		for i := range arr {
 			switch c := arr[i].(type) {
-
 			case map[interface{}]interface{}:
-				_ip, ok := c["ip"]
+				var ipVal interface{}
+				ipVal, ok = c["ip"]
 				ids := []string{}
 				if ok {
-					ip, ok := _ip.(string)
+					var ip string
+					ip, ok = ipVal.(string)
 					if !ok {
-						log.Fatalf("client.ip is not a string: %v", _ip)
+						log.Fatalf("client.ip is not a string: %v", ipVal)
 						return nil
 					}
 					if len(ip) != 0 {
@ -324,11 +325,13 @@ func upgradeSchema5to6(diskConfig *map[string]interface{}) error {
 					}
 				}

-				_mac, ok := c["mac"]
+				var macVal interface{}
+				macVal, ok = c["mac"]
 				if ok {
-					mac, ok := _mac.(string)
+					var mac string
+					mac, ok = macVal.(string)
 					if !ok {
-						log.Fatalf("client.mac is not a string: %v", _mac)
+						log.Fatalf("client.mac is not a string: %v", macVal)
 						return nil
 					}
 					if len(mac) != 0 {
@ -337,12 +340,10 @@ func upgradeSchema5to6(diskConfig *map[string]interface{}) error {
 				}

 				c["ids"] = ids
-
 			default:
 				continue
 			}
 		}
-
 	default:
 		return nil
 	}
@ -369,64 +370,67 @@ func upgradeSchema6to7(diskConfig *map[string]interface{}) error {

 	(*diskConfig)["schema_version"] = 7

-	_dhcp, ok := (*diskConfig)["dhcp"]
+	dhcpVal, ok := (*diskConfig)["dhcp"]
 	if !ok {
 		return nil
 	}

-	switch dhcp := _dhcp.(type) {
+	switch dhcp := dhcpVal.(type) {
 	case map[interface{}]interface{}:
-		dhcpv4 := map[string]interface{}{}
-		val, ok := dhcp["gateway_ip"].(string)
+		var str string
+		str, ok = dhcp["gateway_ip"].(string)
 		if !ok {
 			log.Fatalf("expecting dhcp.%s to be a string", "gateway_ip")
 			return nil
 		}
-		dhcpv4["gateway_ip"] = val
+
+		dhcpv4 := map[string]interface{}{
+			"gateway_ip": str,
+		}
 		delete(dhcp, "gateway_ip")

-		val, ok = dhcp["subnet_mask"].(string)
+		str, ok = dhcp["subnet_mask"].(string)
 		if !ok {
 			log.Fatalf("expecting dhcp.%s to be a string", "subnet_mask")
 			return nil
 		}
-		dhcpv4["subnet_mask"] = val
+		dhcpv4["subnet_mask"] = str
 		delete(dhcp, "subnet_mask")

-		val, ok = dhcp["range_start"].(string)
+		str, ok = dhcp["range_start"].(string)
 		if !ok {
 			log.Fatalf("expecting dhcp.%s to be a string", "range_start")
 			return nil
 		}
-		dhcpv4["range_start"] = val
+		dhcpv4["range_start"] = str
 		delete(dhcp, "range_start")

-		val, ok = dhcp["range_end"].(string)
+		str, ok = dhcp["range_end"].(string)
 		if !ok {
 			log.Fatalf("expecting dhcp.%s to be a string", "range_end")
 			return nil
 		}
-		dhcpv4["range_end"] = val
+		dhcpv4["range_end"] = str
 		delete(dhcp, "range_end")

-		intVal, ok := dhcp["lease_duration"].(int)
+		var n int
+		n, ok = dhcp["lease_duration"].(int)
 		if !ok {
 			log.Fatalf("expecting dhcp.%s to be an integer", "lease_duration")
 			return nil
 		}
-		dhcpv4["lease_duration"] = intVal
+		dhcpv4["lease_duration"] = n
 		delete(dhcp, "lease_duration")

-		intVal, ok = dhcp["icmp_timeout_msec"].(int)
+		n, ok = dhcp["icmp_timeout_msec"].(int)
 		if !ok {
 			log.Fatalf("expecting dhcp.%s to be an integer", "icmp_timeout_msec")
 			return nil
 		}
-		dhcpv4["icmp_timeout_msec"] = intVal
+		dhcpv4["icmp_timeout_msec"] = n
 		delete(dhcp, "icmp_timeout_msec")

 		dhcp["dhcpv4"] = dhcpv4
-
 	default:
 		return nil
 	}
--- a/internal/home/web.go
+++ b/internal/home/web.go
@ -141,13 +141,11 @@ func (web *Web) TLSConfigChanged(ctx context.Context, tlsConf tlsConfigSettings)

 	web.httpsServer.cond.L.Lock()
 	if web.httpsServer.server != nil {
-		ctx, cancel := context.WithTimeout(ctx, shutdownTimeout)
-		err = web.httpsServer.server.Shutdown(ctx)
-		cancel()
-		if err != nil {
-			log.Debug("error while shutting down HTTP server: %s", err)
-		}
+		var cancel context.CancelFunc
+		ctx, cancel = context.WithTimeout(ctx, shutdownTimeout)
+		shutdownSrv(ctx, cancel, web.httpsServer.server)
 	}
+
 	web.httpsServer.enabled = enabled
 	web.httpsServer.cert = cert
 	web.httpsServer.cond.Broadcast()
@ -206,27 +204,20 @@ func (web *Web) Start() {

 // Close gracefully shuts down the HTTP servers.
 func (web *Web) Close(ctx context.Context) {
-	log.Info("Stopping HTTP server...")
+	log.Info("stopping http server...")
+
 	web.httpsServer.cond.L.Lock()
 	web.httpsServer.shutdown = true
 	web.httpsServer.cond.L.Unlock()

-	shut := func(srv *http.Server) {
-		if srv == nil {
-			return
-		}
-		ctx, cancel := context.WithTimeout(ctx, shutdownTimeout)
-		defer cancel()
-		if err := srv.Shutdown(ctx); err != nil {
-			log.Debug("error while shutting down HTTP server: %s", err)
-		}
-	}
+	var cancel context.CancelFunc
+	ctx, cancel = context.WithTimeout(ctx, shutdownTimeout)

-	shut(web.httpsServer.server)
-	shut(web.httpServer)
-	shut(web.httpServerBeta)
+	shutdownSrv(ctx, cancel, web.httpsServer.server)
+	shutdownSrv(ctx, cancel, web.httpServer)
+	shutdownSrv(ctx, cancel, web.httpServerBeta)

-	log.Info("Stopped HTTP server")
+	log.Info("stopped http server")
 }

 func (web *Web) tlsServerLoop() {
--- a/internal/util/autohosts.go
+++ b/internal/util/autohosts.go
@ -65,8 +65,9 @@ func (a *AutoHosts) Init(hostsFn string) {
 		a.hostsFn = hostsFn
 	}

-	if IsOpenWRT() {
-		a.hostsDirs = append(a.hostsDirs, "/tmp/hosts") // OpenWRT: "/tmp/hosts/dhcp.cfg01411c"
+	if IsOpenWrt() {
+		// OpenWrt: "/tmp/hosts/dhcp.cfg01411c".
+		a.hostsDirs = append(a.hostsDirs, "/tmp/hosts")
 	}

 	// Load hosts initially
--- a/internal/util/helpers.go
+++ b/internal/util/helpers.go
@ -66,8 +66,8 @@ func SplitNext(str *string, splitBy byte) string {
 	return strings.TrimSpace(s)
 }

-// IsOpenWRT returns true if host OS is OpenWRT.
-func IsOpenWRT() bool {
+// IsOpenWrt returns true if host OS is OpenWrt.
+func IsOpenWrt() bool {
 	if runtime.GOOS != "linux" {
 		return false
 	}
--- a/scripts/make/go-lint.sh
+++ b/scripts/make/go-lint.sh
@ -148,8 +148,7 @@ looppointer ./...

 nilness ./...

-# TODO(a.garipov): Enable shadow after fixing all of the shadowing.
-# shadow --strict ./...
+exit_on_output shadow --strict ./...

 # TODO(a.garipov): Enable errcheck fully after handling all errors,
 # including the deferred and generated ones, properly.  Also, perhaps,