diff options
| author | Jakob Unterwurzacher | 2018-02-18 12:55:20 +0100 |
|---|---|---|
| committer | Jakob Unterwurzacher | 2018-02-18 12:55:20 +0100 |
| commit | 14c063428dcded6a1060395bb45bf7bd5d185738 (patch) | |
| tree | 60a18562c1a827dc33da9ba75fe5580a5c2bffe9 | |
| parent | 5b5c7a0a5d73859f74d2151061593ba2f9f9cac7 (diff) | |
main: doMount: use a deferred function for wipeKeys
Also drop the unused int return.
| -rw-r--r-- | main.go | 8 | ||||
| -rw-r--r-- | mount.go | 9 |
2 files changed, 6 insertions, 11 deletions
@@ -267,10 +267,6 @@ func main() { tlog.Fatal.Printf("Usage: %s [OPTIONS] CIPHERDIR MOUNTPOINT [-o COMMA-SEPARATED-OPTIONS]", tlog.ProgramName) os.Exit(exitcodes.Usage) } - ret := doMount(&args) - if ret != 0 { - os.Exit(ret) - } - // Don't call os.Exit on success to give deferred functions a chance to - // run + doMount(&args) + // Don't call os.Exit to give deferred functions a chance to run } @@ -35,7 +35,7 @@ import ( // doMount mounts an encrypted directory. // Called from main. -func doMount(args *argContainer) int { +func doMount(args *argContainer) { // Check mountpoint var err error args.mountpoint, err = filepath.Abs(flagSet.Arg(1)) @@ -95,7 +95,6 @@ func doMount(args *argContainer) int { } var confFile *configfile.ConfFile var srv *fuse.Server - var wipeKeys func() { // Get master key (may prompt for the password) var masterkey []byte @@ -126,7 +125,10 @@ func doMount(args *argContainer) int { // We cannot use JSON for pretty-printing as the fields are unexported tlog.Debug.Printf("cli args: %#v", args) // Initialize FUSE server + var wipeKeys func() srv, wipeKeys = initFuseFrontend(masterkey, args, confFile) + // Try to wipe secrect keys from memory after unmount + defer wipeKeys() // fusefrontend / fusefrontend_reverse have initialized their crypto, // we can purge the master key from memory. for i := range masterkey { @@ -172,9 +174,6 @@ func doMount(args *argContainer) int { debug.FreeOSMemory() // Jump into server loop. Returns when it gets an umount request from the kernel. srv.Serve() - // Try to wipe secrect keys from memory - wipeKeys() - return 0 } // setOpenFileLimit tries to increase the open file limit to 4096 (the default hard |