fix lint & update ysshra package (#275)

* fix lint & update ysshra

* update go version

---------

Co-authored-by: Po-Yao Chen <[email protected]>

.github/workflows/tests.yml

@@ -21,7 +21,7 @@ jobs:
     strategy:
       matrix:
         os: [ ubuntu-latest, macos-latest ]
-        go: [ '1.20.x', '1.21.x' ]
+        go: [ '1.21.x', '1.22.0' ]
     steps:
       - name: Harden Runner
         uses: step-security/harden-runner@0d381219ddf674d61a7572ddd19d7941e271515c # v2.9.0
@@ -74,4 +74,3 @@ jobs:
 
       - name: Run Go tests with `-race`
         run: go test -v -race ./...
-

cmd/sudo-filter-regular/main.go

@@ -4,7 +4,7 @@
 package main
 
 import (
-	"io/ioutil"
+	"io"
 	"log"
 	"os"
 
@@ -13,7 +13,7 @@ import (
 
 func main() {
 	f := &filter.SudoFilterRegular{}
-	in, err := ioutil.ReadAll(os.Stdin)
+	in, err := io.ReadAll(os.Stdin)
 	if err != nil {
 		log.Fatalf("failed to read from stdin, %v", err)
 	}

conf/conf.go

@@ -6,7 +6,7 @@ package conf
 import (
 	"bytes"
 	"fmt"
-	"io/ioutil"
+	"os"
 	"regexp"
 	"strings"
 
@@ -82,7 +82,7 @@ func (c *Config) AuthorizedPrincipals(username string) (principals map[string]bo
 	}
 
 	for _, authorizedPrincipalsFile := range c.authorizedPrincipalFiles {
-		data, err := ioutil.ReadFile(authorizedPrincipalsFile)
+		data, err := os.ReadFile(authorizedPrincipalsFile)
 		if err != nil {
 			return principals, err
 		}

conf/parser.go

@@ -4,7 +4,6 @@
 package conf
 
 import (
-	"io/ioutil"
 	"os"
 	"path"
 	"strings"
@@ -30,7 +29,7 @@ func NewParser(userName, userHome string) *Parser {
 
 // ParseConfigFile reads the content in a file and parse the directives in it.
 func (p *Parser) ParseConfigFile(path string) Config {
-	data, err := ioutil.ReadFile(path)
+	data, err := os.ReadFile(path)
 	if err != nil {
 		msg.Printlf(msg.WARN, "Cannot access config file %s: %v", path, err)
 		return defaultConfig()

decoder/config_test.go

@@ -4,14 +4,14 @@
 package decoder
 
 import (
-	"io/ioutil"
+	"os"
 	"reflect"
 	"strings"
 	"testing"
 )
 
 func loadFile(t *testing.T, filename string) []byte {
-	data, err := ioutil.ReadFile(filename)
+	data, err := os.ReadFile(filename)
 	if err != nil {
 		t.Fatal(err)
 	}

decoder/parser.go

@@ -68,7 +68,7 @@ func (p *parser) parseStart() StateFn {
 	case tokenEOF:
 		return nil
 	default:
-		p.raiseErrorf(tok, fmt.Sprintf("unexpected token %q\n", tok))
+		p.raiseErrorf(tok, "unexpected token %q\n", tok)
 	}
 	return nil
 }

example/april-fools-filter/main.go

@@ -5,7 +5,7 @@ package main
 
 import (
 	"bytes"
-	"io/ioutil"
+	"io"
 	"log"
 	"os"
 	"strings"
@@ -65,7 +65,7 @@ func (a *aprilFoolFilter) Filter(input []byte) []byte {
 
 func main() {
 	filter := NewAprilFoolFilter(time.Now)
-	in, err := ioutil.ReadAll(os.Stdin)
+	in, err := io.ReadAll(os.Stdin)
 	if err != nil {
 		log.Fatalf("failed to read from stdin, %v", err)
 	}

filter/command_test.go

@@ -4,7 +4,7 @@
 package filter
 
 import (
-	"io/ioutil"
+	"io"
 	"os"
 	"os/exec"
 	"strings"
@@ -13,7 +13,7 @@ import (
 
 func TestCommandFilter_Filter(t *testing.T) {
 	if os.Getenv("RUN_CMD") == "1" {
-		b, err := ioutil.ReadAll(os.Stdin)
+		b, err := io.ReadAll(os.Stdin)
 		if err != nil {
 			os.Exit(1)
 		}

go.mod

@@ -1,9 +1,11 @@
 module github.com/theparanoids/pam-ysshca
 
-go 1.17
+go 1.22
+
+toolchain go1.23.1
 
 require (
-	github.com/theparanoids/ysshra v0.0.14
+	github.com/theparanoids/ysshra v0.0.18
 	golang.org/x/crypto v0.31.0
 	golang.org/x/sys v0.28.0
 )

msg/printf.go

@@ -56,6 +56,15 @@ func (m *msg) printf(str string, objs ...interface{}) {
 	fmt.Fprintf(m.out, "%v", output)
 }
 
+// Print prints the given string on the terminals to user.
+func Print(str string) {
+	m.print(str)
+}
+
+func (m *msg) print(str string) {
+	fmt.Fprint(m.out, str)
+}
+
 // Printlf prints formatted strings with a message level prefix on the terminals to user.
 func Printlf(level Level, str string, objs ...interface{}) {
 	m.printlf(level, str, objs...)

pam/auth.go

@@ -57,7 +57,7 @@ func (a *authenticator) authCertificate(ag agent.Agent, identities []ssh.PublicK
 				continue
 			}
 			challenge = func(ag agent.Agent, key ssh.PublicKey) error {
-				msg.Printf(prompt.Message)
+				msg.Print(prompt.Message)
 				defer msg.Printf("\n")
 				return sshagent.ChallengeSSHAgent(ag, key)
 			}

pam/auth_test.go

@@ -6,7 +6,7 @@ package pam
 import (
 	"crypto/rand"
 	"crypto/rsa"
-	"io/ioutil"
+	"os"
 	"reflect"
 	"testing"
 	"time"
@@ -37,7 +37,7 @@ func Test_authenticator_authStaticKey(t *testing.T) {
 				}
 
 				// Customize config file for tests.
-				staticKeysFile, err := ioutil.TempFile(t.TempDir(), "statickeys")
+				staticKeysFile, err := os.CreateTemp(t.TempDir(), "statickeys")
 				if err != nil {
 					t.Fatal(err)
 				}
@@ -47,7 +47,7 @@ func Test_authenticator_authStaticKey(t *testing.T) {
 				if err != nil {
 					t.Fatal(err)
 				}
-				if err := ioutil.WriteFile(staticKeysFile.Name(), ssh.MarshalAuthorizedKey(p), 0644); err != nil {
+				if err := os.WriteFile(staticKeysFile.Name(), ssh.MarshalAuthorizedKey(p), 0644); err != nil {
 					t.Fatal(err)
 				}
 				return p, sshAgent, conf.Config{
@@ -70,12 +70,12 @@ func Test_authenticator_authStaticKey(t *testing.T) {
 				}
 
 				// Customize config file for tests.
-				staticKeysFile, err := ioutil.TempFile(t.TempDir(), "statickeys")
+				staticKeysFile, err := os.CreateTemp(t.TempDir(), "statickeys")
 				if err != nil {
 					t.Fatal(err)
 				}
 
-				if err := ioutil.WriteFile(staticKeysFile.Name(), []byte("no valid keys in static keys file"), 0644); err != nil {
+				if err := os.WriteFile(staticKeysFile.Name(), []byte("no valid keys in static keys file"), 0644); err != nil {
 					t.Fatal(err)
 				}
 				return nil, sshAgent, conf.Config{
@@ -150,7 +150,7 @@ func Test_authenticator_authCertificate(t *testing.T) {
 					t.Fatal(err)
 				}
 
-				caKeyFile, err := ioutil.TempFile(t.TempDir(), "test-ca-keys-file")
+				caKeyFile, err := os.CreateTemp(t.TempDir(), "test-ca-keys-file")
 				if err != nil {
 					t.Fatal(err)
 				}
@@ -198,7 +198,7 @@ func Test_authenticator_authCertificate(t *testing.T) {
 					t.Fatal(err)
 				}
 
-				caKeyFile, err := ioutil.TempFile(t.TempDir(), "test-ca-keys-file")
+				caKeyFile, err := os.CreateTemp(t.TempDir(), "test-ca-keys-file")
 				if err != nil {
 					t.Fatal(err)
 				}

pam/crypto_test.go

@@ -8,7 +8,7 @@ import (
 	"crypto/rand"
 	"crypto/rsa"
 	"fmt"
-	"io/ioutil"
+	"os"
 	"strconv"
 	"testing"
 	"time"
@@ -102,7 +102,7 @@ func TestGetIdentitiesFromSSHAgent(t *testing.T) {
 func TestGetValidStaticKeys(t *testing.T) {
 	t.Parallel()
 	// Customize config file for tests.
-	tmp, err := ioutil.TempFile(t.TempDir(), "statickeys")
+	tmp, err := os.CreateTemp(t.TempDir(), "statickeys")
 	if err != nil {
 		t.Fatal(err)
 	}
@@ -125,7 +125,7 @@ func TestGetValidStaticKeys(t *testing.T) {
 		out += fmt.Sprint(string(ssh.MarshalAuthorizedKey(p)))
 	}
 	// Write keys to the static key file.
-	if err := ioutil.WriteFile(tmp.Name(), []byte(out), 0644); err != nil {
+	if err := os.WriteFile(tmp.Name(), []byte(out), 0644); err != nil {
 		t.Fatal(err)
 	}
 	// Get all identities from the current ssh-agent.
@@ -149,7 +149,7 @@ func TestGetValidStaticKeys(t *testing.T) {
 	for _, id := range pubkeys {
 		gotKeys += fmt.Sprintln(id)
 	}
-	wantKeys, err := ioutil.ReadFile(tmp.Name())
+	wantKeys, err := os.ReadFile(tmp.Name())
 	if err != nil {
 		t.Fatal(err)
 	}
@@ -203,7 +203,7 @@ func TestGetValidCertificates(t *testing.T) {
 	addedCerts := testCerts(t)
 	addKeys(t, sshagent, addedCerts)
 
-	tmp, err := ioutil.TempFile(t.TempDir(), "pam-sshca-unit-test")
+	tmp, err := os.CreateTemp(t.TempDir(), "pam-sshca-unit-test")
 	if err != nil {
 		t.Fatal(err)
 	}