diff options
author | Jakob Unterwurzacher | 2018-02-18 12:55:20 +0100 |
---|---|---|
committer | Jakob Unterwurzacher | 2018-02-18 12:55:20 +0100 |
commit | 14c063428dcded6a1060395bb45bf7bd5d185738 (patch) | |
tree | 60a18562c1a827dc33da9ba75fe5580a5c2bffe9 /mount.go | |
parent | 5b5c7a0a5d73859f74d2151061593ba2f9f9cac7 (diff) |
main: doMount: use a deferred function for wipeKeys
Also drop the unused int return.
Diffstat (limited to 'mount.go')
-rw-r--r-- | mount.go | 9 |
1 files changed, 4 insertions, 5 deletions
@@ -35,7 +35,7 @@ import ( // doMount mounts an encrypted directory. // Called from main. -func doMount(args *argContainer) int { +func doMount(args *argContainer) { // Check mountpoint var err error args.mountpoint, err = filepath.Abs(flagSet.Arg(1)) @@ -95,7 +95,6 @@ func doMount(args *argContainer) int { } var confFile *configfile.ConfFile var srv *fuse.Server - var wipeKeys func() { // Get master key (may prompt for the password) var masterkey []byte @@ -126,7 +125,10 @@ func doMount(args *argContainer) int { // We cannot use JSON for pretty-printing as the fields are unexported tlog.Debug.Printf("cli args: %#v", args) // Initialize FUSE server + var wipeKeys func() srv, wipeKeys = initFuseFrontend(masterkey, args, confFile) + // Try to wipe secrect keys from memory after unmount + defer wipeKeys() // fusefrontend / fusefrontend_reverse have initialized their crypto, // we can purge the master key from memory. for i := range masterkey { @@ -172,9 +174,6 @@ func doMount(args *argContainer) int { debug.FreeOSMemory() // Jump into server loop. Returns when it gets an umount request from the kernel. srv.Serve() - // Try to wipe secrect keys from memory - wipeKeys() - return 0 } // setOpenFileLimit tries to increase the open file limit to 4096 (the default hard |