From 5d1b9f1062d38c301c0995ec6da980bdf5e48332 Mon Sep 17 00:00:00 2001 From: Paul Buetow Date: Thu, 5 Mar 2026 08:50:33 +0200 Subject: Improve lint/vet reliability and refactor client runtime/bootstrap --- internal/ssh/client/knownhostscallback.go | 10 +++++++--- internal/ssh/server/authkeystore.go | 4 ++-- 2 files changed, 9 insertions(+), 5 deletions(-) (limited to 'internal/ssh') diff --git a/internal/ssh/client/knownhostscallback.go b/internal/ssh/client/knownhostscallback.go index 9c73864..26ab245 100644 --- a/internal/ssh/client/knownhostscallback.go +++ b/internal/ssh/client/knownhostscallback.go @@ -243,8 +243,7 @@ func (c *KnownHostsCallback) trustHosts(hosts []unknownHost) { } // Read old known hosts file, to see which are old and new entries - os.OpenFile(c.knownHostsPath, os.O_RDONLY|os.O_CREATE, 0666) - oldFd, err := os.Open(c.knownHostsPath) + oldFd, err := os.OpenFile(c.knownHostsPath, os.O_RDONLY|os.O_CREATE, 0600) if err != nil { panic(err) } @@ -257,9 +256,14 @@ func (c *KnownHostsCallback) trustHosts(hosts []unknownHost) { address := strings.SplitN(line, " ", 2)[0] if _, ok := addresses[address]; !ok { - newFd.WriteString(fmt.Sprintf("%s\n", line)) + if _, err := newFd.WriteString(fmt.Sprintf("%s\n", line)); err != nil { + panic(err) + } } } + if err := scanner.Err(); err != nil { + panic(err) + } // Now, replace old known hosts file if err := os.Rename(tmpKnownHostsPath, c.knownHostsPath); err != nil { diff --git a/internal/ssh/server/authkeystore.go b/internal/ssh/server/authkeystore.go index c4b89fe..c96b207 100644 --- a/internal/ssh/server/authkeystore.go +++ b/internal/ssh/server/authkeystore.go @@ -28,8 +28,8 @@ type AuthKeyStore struct { now func() time.Time } -// ServerAuthKeyStore returns the process-wide auth key cache used by the SSH server. -func ServerAuthKeyStore() *AuthKeyStore { +// AuthKeys returns the process-wide auth key cache used by the SSH server. +func AuthKeys() *AuthKeyStore { return authKeyStore } -- cgit v1.2.3