From 26b8a7195a3fa09ea1e6a8187e5785dd6d5245cd Mon Sep 17 00:00:00 2001
From: "Joe Richey joerichey@google.com" <joerichey@google.com>
Date: Mon, 17 Jul 2017 23:04:47 -0700
Subject: pam: Added missing documentation (fix "make lint")

---
 pam/pam.go | 21 +++++++++++++++++----
 1 file changed, 17 insertions(+), 4 deletions(-)

(limited to 'pam/pam.go')

diff --git a/pam/pam.go b/pam/pam.go
index 010d4d2..43bfd2e 100644
--- a/pam/pam.go
+++ b/pam/pam.go
@@ -65,22 +65,32 @@ func (h *Handle) getData(name string) (unsafe.Pointer, error) {
 	return data, h.err()
 }
 
+// ClearData remotes the PAM data with the specified name.
+func (h *Handle) ClearData(name string) error {
+	return h.setData(name, unsafe.Pointer(C.CString("")), C.CleanupFunc(C.freeData))
+}
+
+// SetSecret sets a copy of the C string secret into the PAM data with the
+// specified name. This copy will be held in locked memory until this PAM data
+// is cleared.
 func (h *Handle) SetSecret(name string, secret unsafe.Pointer) error {
 	return h.setData(name, C.copyIntoSecret(secret), C.CleanupFunc(C.freeSecret))
 }
 
+// GetSecret returns a pointer to the C string PAM data with the specified name.
+// This a pointer directory to the data, so it shouldn't be modified. It should
+// have been previously set with SetSecret().
 func (h *Handle) GetSecret(name string) (unsafe.Pointer, error) {
 	return h.getData(name)
 }
 
-func (h *Handle) ClearSecret(name string) error {
-	return h.setData(name, unsafe.Pointer(C.CString("")), C.CleanupFunc(C.freeData))
-}
-
+// SetString sets a string value for the PAM data with the specified name.
 func (h *Handle) SetString(name string, s string) error {
 	return h.setData(name, unsafe.Pointer(C.CString(s)), C.CleanupFunc(C.freeData))
 }
 
+// GetString gets a string value for the PAM data with the specified name. It
+// should have been previously set with SetString().
 func (h *Handle) GetString(name string) (string, error) {
 	data, err := h.getData(name)
 	if err != nil {
@@ -89,6 +99,7 @@ func (h *Handle) GetString(name string) (string, error) {
 	return C.GoString((*C.char)(data)), nil
 }
 
+// SetSlice sets a []string value for the PAM data with the specified name.
 func (h *Handle) SetSlice(name string, slice []string) error {
 	sliceLength := uintptr(len(slice))
 	memorySize := (sliceLength + 1) * unsafe.Sizeof(uintptr(0))
@@ -103,6 +114,8 @@ func (h *Handle) SetSlice(name string, slice []string) error {
 	return h.setData(name, data, C.CleanupFunc(C.freeArray))
 }
 
+// GetSlice gets a []string value for the PAM data with the specified name. It
+// should have been previously set with SetSlice().
 func (h *Handle) GetSlice(name string) ([]string, error) {
 	data, err := h.getData(name)
 	if err != nil {
-- 
cgit v1.3


From 744dbff34969ef612b219cde5b8f116f3ae3d26f Mon Sep 17 00:00:00 2001
From: "Joe Richey joerichey@google.com" <joerichey@google.com>
Date: Mon, 17 Jul 2017 23:16:00 -0700
Subject: Small fixes so "make lint" doesn't complain.

---
 actions/policy.go             |  1 -
 crypto/crypto_test.go         | 17 +++++++++--------
 filesystem/mountpoint_test.go | 22 ----------------------
 pam/pam.c                     |  3 ++-
 pam/pam.go                    |  6 +++++-
 pam/pam.h                     |  2 +-
 6 files changed, 17 insertions(+), 34 deletions(-)

(limited to 'pam/pam.go')

diff --git a/actions/policy.go b/actions/policy.go
index 1291e6b..946bdd4 100644
--- a/actions/policy.go
+++ b/actions/policy.go
@@ -61,7 +61,6 @@ func PurgeAllPolicies(ctx *Context) error {
 		switch errors.Cause(err) {
 		case nil, crypto.ErrKeyringSearch:
 			// We don't care if the key has already been removed
-			break
 		default:
 			return err
 		}
diff --git a/crypto/crypto_test.go b/crypto/crypto_test.go
index 5655fef..a154fbf 100644
--- a/crypto/crypto_test.go
+++ b/crypto/crypto_test.go
@@ -48,14 +48,15 @@ func makeKey(b byte, n int) (*Key, error) {
 	return NewFixedLengthKeyFromReader(ConstReader(b), n)
 }
 
-var fakeValidDescriptor = "0123456789abcdef"
-var fakeInvalidDescriptor = "123456789abcdef"
-var fakeSalt = bytes.Repeat([]byte{'a'}, metadata.SaltLen)
-var fakePassword = []byte("password")
-
-var fakeValidPolicyKey, _ = makeKey(42, metadata.PolicyKeyLen)
-var fakeInvalidPolicyKey, _ = makeKey(42, metadata.PolicyKeyLen-1)
-var fakeWrappingKey, _ = makeKey(17, metadata.InternalKeyLen)
+var (
+	fakeValidDescriptor = "0123456789abcdef"
+	fakeSalt            = bytes.Repeat([]byte{'a'}, metadata.SaltLen)
+	fakePassword        = []byte("password")
+
+	fakeValidPolicyKey, _   = makeKey(42, metadata.PolicyKeyLen)
+	fakeInvalidPolicyKey, _ = makeKey(42, metadata.PolicyKeyLen-1)
+	fakeWrappingKey, _      = makeKey(17, metadata.InternalKeyLen)
+)
 
 // As the passpharase hashing function clears the passphrase, we need to make
 // a new passphrase key for each test
diff --git a/filesystem/mountpoint_test.go b/filesystem/mountpoint_test.go
index 5d53dc1..73904a2 100644
--- a/filesystem/mountpoint_test.go
+++ b/filesystem/mountpoint_test.go
@@ -20,37 +20,15 @@
 package filesystem
 
 import (
-	"fmt"
 	"testing"
 )
 
-func printMountInfo() {
-	fmt.Println("\nBy Mountpoint:")
-	for _, mnt := range mountsByPath {
-		fmt.Println(mnt)
-	}
-
-	fmt.Println("\nBy Device:")
-	for device, mnts := range mountsByDevice {
-		fmt.Println("\t" + device)
-		for _, mnt := range mnts {
-			fmt.Println("\t\tPath: " + mnt.Path)
-		}
-	}
-}
-
 func TestLoadMountInfo(t *testing.T) {
 	if err := UpdateMountInfo(); err != nil {
 		t.Error(err)
 	}
 }
 
-func TestPrintMountInfo(t *testing.T) {
-	// Uncomment to see the mount info in the tests
-	// printMountInfo()
-	// t.Fail()
-}
-
 // Benchmarks how long it takes to update the mountpoint data
 func BenchmarkLoadFirst(b *testing.B) {
 	for n := 0; n < b.N; n++ {
diff --git a/pam/pam.c b/pam/pam.c
index aee6671..4769705 100644
--- a/pam/pam.c
+++ b/pam/pam.c
@@ -79,7 +79,8 @@ static int conversation(int num_msg, const struct pam_message** msg,
   return PAM_SUCCESS;
 }
 
-const struct pam_conv conv = {conversation, NULL};
+static const struct pam_conv conv = {conversation, NULL};
+const struct pam_conv* goConv = &conv;
 
 void freeData(pam_handle_t* pamh, void* data, int error_status) { free(data); }
 
diff --git a/pam/pam.go b/pam/pam.go
index 43bfd2e..e928883 100644
--- a/pam/pam.go
+++ b/pam/pam.go
@@ -179,7 +179,11 @@ func Start(service, username string) (*Transaction, error) {
 		handle: nil,
 		status: C.PAM_SUCCESS,
 	}
-	t.status = C.pam_start(cService, cUsername, &C.conv, &t.handle)
+	t.status = C.pam_start(
+		cService,
+		cUsername,
+		C.goConv,
+		&t.handle)
 	return t, (*Handle)(t).err()
 }
 
diff --git a/pam/pam.h b/pam/pam.h
index 9f3cdb2..09afb2e 100644
--- a/pam/pam.h
+++ b/pam/pam.h
@@ -23,7 +23,7 @@
 #include <security/pam_appl.h>
 
 // Conversation that will call back into Go code when appropriate.
-const struct pam_conv conv;
+const struct pam_conv *goConv;
 
 // CleaupFuncs are used to cleanup specific PAM data.
 typedef void (*CleanupFunc)(pam_handle_t *pamh, void *data, int error_status);
-- 
cgit v1.3