Merge pull request #14 from libp2p/fix-lint-issues-pre-ci

Address `staticcheck` issues

bio.go

@@ -112,14 +112,14 @@ func writeBioPending(b *C.BIO) C.long {
 	return C.long(len(ptr.buf))
 }
 
-func (b *writeBio) WriteTo(w io.Writer) (rv int64, err error) {
-	b.op_mtx.Lock()
-	defer b.op_mtx.Unlock()
+func (wb *writeBio) WriteTo(w io.Writer) (rv int64, err error) {
+	wb.op_mtx.Lock()
+	defer wb.op_mtx.Unlock()
 
 	// write whatever data we currently have
-	b.data_mtx.Lock()
-	data := b.buf
-	b.data_mtx.Unlock()
+	wb.data_mtx.Lock()
+	data := wb.buf
+	wb.data_mtx.Unlock()
 
 	if len(data) == 0 {
 		return 0, nil
@@ -127,26 +127,26 @@ func (b *writeBio) WriteTo(w io.Writer) (rv int64, err error) {
 	n, err := w.Write(data)
 
 	// subtract however much data we wrote from the buffer
-	b.data_mtx.Lock()
-	b.buf = b.buf[:copy(b.buf, b.buf[n:])]
-	if b.release_buffers && len(b.buf) == 0 {
-		b.buf = nil
+	wb.data_mtx.Lock()
+	wb.buf = wb.buf[:copy(wb.buf, wb.buf[n:])]
+	if wb.release_buffers && len(wb.buf) == 0 {
+		wb.buf = nil
 	}
-	b.data_mtx.Unlock()
+	wb.data_mtx.Unlock()
 
 	return int64(n), err
 }
 
-func (self *writeBio) Disconnect(b *C.BIO) {
-	if loadWritePtr(b) == self {
+func (wb *writeBio) Disconnect(b *C.BIO) {
+	if loadWritePtr(b) == wb {
 		writeBioMapping.Del(token(C.X_BIO_get_data(b)))
 		C.X_BIO_set_data(b, nil)
 	}
 }
 
-func (b *writeBio) MakeCBIO() *C.BIO {
+func (wb *writeBio) MakeCBIO() *C.BIO {
 	rv := C.X_BIO_new_write_bio()
-	token := writeBioMapping.Add(unsafe.Pointer(b))
+	token := writeBioMapping.Add(unsafe.Pointer(wb))
 	C.X_BIO_set_data(rv, unsafe.Pointer(token))
 	return rv
 }
@@ -228,53 +228,53 @@ func readBioPending(b *C.BIO) C.long {
 	return C.long(len(ptr.buf))
 }
 
-func (b *readBio) ReadFromOnce(r io.Reader) (n int, err error) {
-	b.op_mtx.Lock()
-	defer b.op_mtx.Unlock()
+func (rb *readBio) ReadFromOnce(r io.Reader) (n int, err error) {
+	rb.op_mtx.Lock()
+	defer rb.op_mtx.Unlock()
 
 	// make sure we have a destination that fits at least one SSL record
-	b.data_mtx.Lock()
-	if cap(b.buf) < len(b.buf)+SSLRecordSize {
-		new_buf := make([]byte, len(b.buf), len(b.buf)+SSLRecordSize)
-		copy(new_buf, b.buf)
-		b.buf = new_buf
+	rb.data_mtx.Lock()
+	if cap(rb.buf) < len(rb.buf)+SSLRecordSize {
+		new_buf := make([]byte, len(rb.buf), len(rb.buf)+SSLRecordSize)
+		copy(new_buf, rb.buf)
+		rb.buf = new_buf
 	}
-	dst := b.buf[len(b.buf):cap(b.buf)]
-	dst_slice := b.buf
-	b.data_mtx.Unlock()
+	dst := rb.buf[len(rb.buf):cap(rb.buf)]
+	dst_slice := rb.buf
+	rb.data_mtx.Unlock()
 
 	n, err = r.Read(dst)
-	b.data_mtx.Lock()
-	defer b.data_mtx.Unlock()
+	rb.data_mtx.Lock()
+	defer rb.data_mtx.Unlock()
 	if n > 0 {
-		if len(dst_slice) != len(b.buf) {
+		if len(dst_slice) != len(rb.buf) {
 			// someone shrunk the buffer, so we read in too far ahead and we
 			// need to slide backwards
-			copy(b.buf[len(b.buf):len(b.buf)+n], dst)
+			copy(rb.buf[len(rb.buf):len(rb.buf)+n], dst)
 		}
-		b.buf = b.buf[:len(b.buf)+n]
+		rb.buf = rb.buf[:len(rb.buf)+n]
 	}
 	return n, err
 }
 
-func (b *readBio) MakeCBIO() *C.BIO {
+func (rb *readBio) MakeCBIO() *C.BIO {
 	rv := C.X_BIO_new_read_bio()
-	token := readBioMapping.Add(unsafe.Pointer(b))
+	token := readBioMapping.Add(unsafe.Pointer(rb))
 	C.X_BIO_set_data(rv, unsafe.Pointer(token))
 	return rv
 }
 
-func (self *readBio) Disconnect(b *C.BIO) {
-	if loadReadPtr(b) == self {
+func (rb *readBio) Disconnect(b *C.BIO) {
+	if loadReadPtr(b) == rb {
 		readBioMapping.Del(token(C.X_BIO_get_data(b)))
 		C.X_BIO_set_data(b, nil)
 	}
 }
 
-func (b *readBio) MarkEOF() {
-	b.data_mtx.Lock()
-	defer b.data_mtx.Unlock()
-	b.eof = true
+func (rb *readBio) MarkEOF() {
+	rb.data_mtx.Lock()
+	defer rb.data_mtx.Unlock()
+	rb.eof = true
 }
 
 type anyBio C.BIO

cert.go

@@ -267,8 +267,8 @@ func (c *Certificate) Sign(privKey PrivateKey, digest EVP_MD) error {
 	case EVP_SHA384:
 	case EVP_SHA512:
 	default:
-		return errors.New("Unsupported digest" +
-			"You're probably looking for 'EVP_SHA256' or 'EVP_SHA512'.")
+		return errors.New("unsupported digest; " +
+			"you're probably looking for 'EVP_SHA256' or 'EVP_SHA512'")
 	}
 	return c.insecureSign(privKey, digest)
 }
@@ -336,7 +336,7 @@ func (c *Certificate) AddCustomExtension(nid NID, value []byte) error {
 	val := (*C.char)(C.CBytes(value))
 	defer C.free(unsafe.Pointer(val))
 	if int(C.add_custom_ext(c.x, C.int(nid), val, C.int(len(value)))) == 0 {
-		return errors.New("Unable to add extension")
+		return errors.New("unable to add extension")
 	}
 	return nil
 }

ciphers.go

@@ -125,7 +125,7 @@ func (ctx *cipherCtx) applyKeyAndIV(key, iv []byte) error {
 		} else {
 			res = C.EVP_DecryptInit_ex(ctx.ctx, nil, nil, kptr, iptr)
 		}
-		if 1 != res {
+		if res != 1 {
 			return errors.New("failed to apply key/IV")
 		}
 	}
@@ -243,7 +243,7 @@ func newEncryptionCipherCtx(c *Cipher, e *Engine, key, iv []byte) (
 	if e != nil {
 		eptr = e.e
 	}
-	if 1 != C.EVP_EncryptInit_ex(ctx.ctx, c.ptr, eptr, nil, nil) {
+	if C.EVP_EncryptInit_ex(ctx.ctx, c.ptr, eptr, nil, nil) != 1 {
 		return nil, errors.New("failed to initialize cipher context")
 	}
 	err = ctx.applyKeyAndIV(key, iv)
@@ -266,7 +266,7 @@ func newDecryptionCipherCtx(c *Cipher, e *Engine, key, iv []byte) (
 	if e != nil {
 		eptr = e.e
 	}
-	if 1 != C.EVP_DecryptInit_ex(ctx.ctx, c.ptr, eptr, nil, nil) {
+	if C.EVP_DecryptInit_ex(ctx.ctx, c.ptr, eptr, nil, nil) != 1 {
 		return nil, errors.New("failed to initialize cipher context")
 	}
 	err = ctx.applyKeyAndIV(key, iv)
@@ -317,7 +317,7 @@ func (ctx *decryptionCipherCtx) DecryptUpdate(input []byte) ([]byte, error) {
 func (ctx *encryptionCipherCtx) EncryptFinal() ([]byte, error) {
 	outbuf := make([]byte, ctx.BlockSize())
 	var outlen C.int
-	if 1 != C.EVP_EncryptFinal_ex(ctx.ctx, (*C.uchar)(&outbuf[0]), &outlen) {
+	if C.EVP_EncryptFinal_ex(ctx.ctx, (*C.uchar)(&outbuf[0]), &outlen) != 1 {
 		return nil, errors.New("encryption failed")
 	}
 	return outbuf[:outlen], nil
@@ -326,7 +326,7 @@ func (ctx *encryptionCipherCtx) EncryptFinal() ([]byte, error) {
 func (ctx *decryptionCipherCtx) DecryptFinal() ([]byte, error) {
 	outbuf := make([]byte, ctx.BlockSize())
 	var outlen C.int
-	if 1 != C.EVP_DecryptFinal_ex(ctx.ctx, (*C.uchar)(&outbuf[0]), &outlen) {
+	if C.EVP_DecryptFinal_ex(ctx.ctx, (*C.uchar)(&outbuf[0]), &outlen) != 1 {
 		// this may mean the tag failed to verify- all previous plaintext
 		// returned must be considered faked and invalid
 		return nil, errors.New("decryption failed")

ciphers_gcm.go

@@ -86,8 +86,8 @@ func NewGCMEncryptionCipherCtx(blocksize int, e *Engine, key, iv []byte) (
 			return nil, fmt.Errorf("could not set IV len to %d: %s",
 				len(iv), err)
 		}
-		if 1 != C.EVP_EncryptInit_ex(ctx.ctx, nil, nil, nil,
-			(*C.uchar)(&iv[0])) {
+		if C.EVP_EncryptInit_ex(ctx.ctx, nil, nil, nil,
+			(*C.uchar)(&iv[0])) != 1 {
 			return nil, errors.New("failed to apply IV")
 		}
 	}
@@ -110,8 +110,8 @@ func NewGCMDecryptionCipherCtx(blocksize int, e *Engine, key, iv []byte) (
 			return nil, fmt.Errorf("could not set IV len to %d: %s",
 				len(iv), err)
 		}
-		if 1 != C.EVP_DecryptInit_ex(ctx.ctx, nil, nil, nil,
-			(*C.uchar)(&iv[0])) {
+		if C.EVP_DecryptInit_ex(ctx.ctx, nil, nil, nil,
+			(*C.uchar)(&iv[0])) != 1 {
 			return nil, errors.New("failed to apply IV")
 		}
 	}
@@ -123,8 +123,8 @@ func (ctx *authEncryptionCipherCtx) ExtraData(aad []byte) error {
 		return nil
 	}
 	var outlen C.int
-	if 1 != C.EVP_EncryptUpdate(ctx.ctx, nil, &outlen, (*C.uchar)(&aad[0]),
-		C.int(len(aad))) {
+	if C.EVP_EncryptUpdate(ctx.ctx, nil, &outlen, (*C.uchar)(&aad[0]),
+		C.int(len(aad))) != 1 {
 		return errors.New("failed to add additional authenticated data")
 	}
 	return nil
@@ -135,8 +135,8 @@ func (ctx *authDecryptionCipherCtx) ExtraData(aad []byte) error {
 		return nil
 	}
 	var outlen C.int
-	if 1 != C.EVP_DecryptUpdate(ctx.ctx, nil, &outlen, (*C.uchar)(&aad[0]),
-		C.int(len(aad))) {
+	if C.EVP_DecryptUpdate(ctx.ctx, nil, &outlen, (*C.uchar)(&aad[0]),
+		C.int(len(aad))) != 1 {
 		return errors.New("failed to add additional authenticated data")
 	}
 	return nil

ciphers_test.go

@@ -185,17 +185,16 @@ func TestBadTag(t *testing.T) {
 	}
 	// flip the last bit
 	tag[len(tag)-1] ^= 1
-	plaintext_out, err := doDecryption(key, iv, nil, ciphertext, tag, 128, 129)
-	if err == nil {
+	if _, err := doDecryption(key, iv, nil, ciphertext, tag, 128, 129); err == nil {
 		t.Fatal("Expected error for bad tag, but got none")
 	}
 	// flip it back, try again just to make sure
 	tag[len(tag)-1] ^= 1
-	plaintext_out, err = doDecryption(key, iv, nil, ciphertext, tag, 128, 129)
+	plaintextOut, err := doDecryption(key, iv, nil, ciphertext, tag, 128, 129)
 	if err != nil {
 		t.Fatal("Decryption failure:", err)
 	}
-	checkEqual(t, plaintext_out, plaintext)
+	checkEqual(t, plaintextOut, plaintext)
 }
 
 func TestBadCiphertext(t *testing.T) {
@@ -211,17 +210,16 @@ func TestBadCiphertext(t *testing.T) {
 	}
 	// flip the last bit
 	ciphertext[len(ciphertext)-1] ^= 1
-	plaintext_out, err := doDecryption(key, iv, aad, ciphertext, tag, 192, 192)
-	if err == nil {
+	if _, err := doDecryption(key, iv, aad, ciphertext, tag, 192, 192); err == nil {
 		t.Fatal("Expected error for bad ciphertext, but got none")
 	}
 	// flip it back, try again just to make sure
 	ciphertext[len(ciphertext)-1] ^= 1
-	plaintext_out, err = doDecryption(key, iv, aad, ciphertext, tag, 192, 192)
+	plaintextOut, err := doDecryption(key, iv, aad, ciphertext, tag, 192, 192)
 	if err != nil {
 		t.Fatal("Decryption failure:", err)
 	}
-	checkEqual(t, plaintext_out, plaintext)
+	checkEqual(t, plaintextOut, plaintext)
 }
 
 func TestBadAAD(t *testing.T) {
@@ -237,17 +235,16 @@ func TestBadAAD(t *testing.T) {
 	}
 	// flip the last bit
 	aad[len(aad)-1] ^= 1
-	plaintext_out, err := doDecryption(key, iv, aad, ciphertext, tag, 256, 256)
-	if err == nil {
+	if _, err := doDecryption(key, iv, aad, ciphertext, tag, 256, 256); err == nil {
 		t.Fatal("Expected error for bad AAD, but got none")
 	}
 	// flip it back, try again just to make sure
 	aad[len(aad)-1] ^= 1
-	plaintext_out, err = doDecryption(key, iv, aad, ciphertext, tag, 256, 256)
+	plaintextOut, err := doDecryption(key, iv, aad, ciphertext, tag, 256, 256)
 	if err != nil {
 		t.Fatal("Decryption failure:", err)
 	}
-	checkEqual(t, plaintext_out, plaintext)
+	checkEqual(t, plaintextOut, plaintext)
 }
 
 func TestNonAuthenticatedEncryption(t *testing.T) {

conn.go

@@ -31,10 +31,10 @@ import (
 )
 
 var (
-	zeroReturn = errors.New("zero return")
-	wantRead   = errors.New("want read")
-	wantWrite  = errors.New("want write")
-	tryAgain   = errors.New("try again")
+	errZeroReturn = errors.New("zero return")
+	errWantRead   = errors.New("want read")
+	errWantWrite  = errors.New("want write")
+	errTryAgain   = errors.New("try again")
 )
 
 type Conn struct {
@@ -192,7 +192,7 @@ func (c *Conn) GetCtx() *Ctx { return c.ctx }
 func (c *Conn) CurrentCipher() (string, error) {
 	p := C.X_SSL_get_cipher_name(c.ssl)
 	if p == nil {
-		return "", errors.New("Session not established")
+		return "", errors.New("session not established")
 	}
 
 	return C.GoString(p), nil
@@ -247,7 +247,7 @@ func (c *Conn) getErrorHandler(rv C.int, errno error) func() error {
 			if err != nil {
 				return err
 			}
-			return tryAgain
+			return errTryAgain
 		}
 	case C.SSL_ERROR_WANT_WRITE:
 		return func() error {
@@ -255,7 +255,7 @@ func (c *Conn) getErrorHandler(rv C.int, errno error) func() error {
 			if err != nil {
 				return err
 			}
-			return tryAgain
+			return errTryAgain
 		}
 	case C.SSL_ERROR_SYSCALL:
 		var err error
@@ -303,8 +303,8 @@ func (c *Conn) handshake() func() error {
 // Handshake performs an SSL handshake. If a handshake is not manually
 // triggered, it will run before the first I/O on the encrypted stream.
 func (c *Conn) Handshake() error {
-	err := tryAgain
-	for err == tryAgain {
+	err := errTryAgain
+	for err == errTryAgain {
 		err = c.handleError(c.handshake())
 	}
 	go c.flushOutputBuffer()
@@ -404,15 +404,15 @@ func (c *Conn) shutdown() func() error {
 }
 
 func (c *Conn) shutdownLoop() error {
-	err := tryAgain
+	err := errTryAgain
 	shutdown_tries := 0
-	for err == tryAgain {
+	for err == errTryAgain {
 		shutdown_tries = shutdown_tries + 1
 		err = c.handleError(c.shutdown())
 		if err == nil {
 			return c.flushOutputBuffer()
 		}
-		if err == tryAgain && shutdown_tries >= 2 {
+		if err == errTryAgain && shutdown_tries >= 2 {
 			return errors.New("shutdown requested a third time?")
 		}
 	}
@@ -463,8 +463,8 @@ func (c *Conn) Read(b []byte) (n int, err error) {
 	if len(b) == 0 {
 		return 0, nil
 	}
-	err = tryAgain
-	for err == tryAgain {
+	err = errTryAgain
+	for err == errTryAgain {
 		n, errcb := c.read(b)
 		err = c.handleError(errcb)
 		if err == nil {
@@ -504,8 +504,8 @@ func (c *Conn) Write(b []byte) (written int, err error) {
 	if len(b) == 0 {
 		return 0, nil
 	}
-	err = tryAgain
-	for err == tryAgain {
+	err = errTryAgain
+	for err == errTryAgain {
 		n, errcb := c.write(b)
 		err = c.handleError(errcb)
 		if err == nil {

ctx.go

@@ -127,7 +127,7 @@ func NewCtxFromFiles(cert_file string, key_file string) (*Ctx, error) {
 
 	certs := SplitPEM(cert_bytes)
 	if len(certs) == 0 {
-		return nil, fmt.Errorf("No PEM certificate found in '%s'", cert_file)
+		return nil, fmt.Errorf("no PEM certificate found in '%s'", cert_file)
 	}
 	first, certs := certs[0], certs[1:]
 	cert, err := LoadCertificateFromPEM(first)
@@ -190,7 +190,7 @@ func (c *Ctx) SetEllipticCurve(curve EllipticCurve) error {
 
 	k := C.EC_KEY_new_by_curve_name(C.int(curve))
 	if k == nil {
-		return errors.New("Unknown curve")
+		return errors.New("unknown curve")
 	}
 	defer C.EC_KEY_free(k)
 
@@ -302,12 +302,12 @@ type CertificateStoreCtx struct {
 	ssl_ctx *Ctx
 }
 
-func (self *CertificateStoreCtx) VerifyResult() VerifyResult {
-	return VerifyResult(C.X509_STORE_CTX_get_error(self.ctx))
+func (csc *CertificateStoreCtx) VerifyResult() VerifyResult {
+	return VerifyResult(C.X509_STORE_CTX_get_error(csc.ctx))
 }
 
-func (self *CertificateStoreCtx) Err() error {
-	code := C.X509_STORE_CTX_get_error(self.ctx)
+func (csc *CertificateStoreCtx) Err() error {
+	code := C.X509_STORE_CTX_get_error(csc.ctx)
 	if code == C.X509_V_OK {
 		return nil
 	}
@@ -315,19 +315,19 @@ func (self *CertificateStoreCtx) Err() error {
 		C.GoString(C.X509_verify_cert_error_string(C.long(code))))
 }
 
-func (self *CertificateStoreCtx) Depth() int {
-	return int(C.X509_STORE_CTX_get_error_depth(self.ctx))
+func (csc *CertificateStoreCtx) Depth() int {
+	return int(C.X509_STORE_CTX_get_error_depth(csc.ctx))
 }
 
-// the certicate returned is only valid for the lifetime of the underlying
+// the certificate returned is only valid for the lifetime of the underlying
 // X509_STORE_CTX
-func (self *CertificateStoreCtx) GetCurrentCert() *Certificate {
-	x509 := C.X509_STORE_CTX_get_current_cert(self.ctx)
+func (csc *CertificateStoreCtx) GetCurrentCert() *Certificate {
+	x509 := C.X509_STORE_CTX_get_current_cert(csc.ctx)
 	if x509 == nil {
 		return nil
 	}
 	// add a ref
-	if 1 != C.X_X509_add_ref(x509) {
+	if C.X_X509_add_ref(x509) != 1 {
 		return nil
 	}
 	cert := &Certificate{
@@ -531,7 +531,7 @@ func (c *Ctx) SetNextProtos(protos []string) error {
 	for _, proto := range protos {
 		if len(proto) > 255 {
 			return fmt.Errorf(
-				"Proto length can't be more than 255. But got a proto %s with length %d",
+				"proto length can't be more than 255. But got a proto %s with length %d",
 				proto, len(proto))
 		}
 		vector = append(vector, byte(uint8(len(proto))))
@@ -540,7 +540,7 @@ func (c *Ctx) SetNextProtos(protos []string) error {
 	ret := int(C.SSL_CTX_set_alpn_protos(c.ctx, (*C.uchar)(unsafe.Pointer(&vector[0])),
 		C.uint(len(vector))))
 	if ret != 0 {
-		return errors.New("Error while setting protos to ctx")
+		return errors.New("error while setting protos to ctx")
 	}
 	return nil
 }

dh_test.go

@@ -40,7 +40,7 @@ func TestECDH(t *testing.T) {
 		t.Fatal(err)
 	}
 
-	if bytes.Compare(mySecret, theirSecret) != 0 {
+	if !bytes.Equal(mySecret, theirSecret) {
 		t.Fatal("shared secrets are different")
 	}
 }

hmac.go

@@ -74,7 +74,7 @@ func (h *HMAC) Write(data []byte) (n int, err error) {
 }
 
 func (h *HMAC) Reset() error {
-	if 1 != C.X_HMAC_Init_ex(h.ctx, nil, 0, nil, nil) {
+	if C.X_HMAC_Init_ex(h.ctx, nil, 0, nil, nil) != 1 {
 		return errors.New("failed to reset HMAC_CTX")
 	}
 	return nil

hostname.go

@@ -40,7 +40,7 @@ import (
 )
 
 var (
-	ValidationError = errors.New("Host validation error")
+	ValidationError = errors.New("host validation error") //lint:ignore ST1012 rename may cause breaking changes; research before renaming.
 )
 
 type CheckFlags int

init.go

@@ -88,14 +88,13 @@ package openssl
 import "C"
 
 import (
-	"errors"
 	"fmt"
 	"strings"
 )
 
 func init() {
 	if rc := C.X_shim_init(); rc != 0 {
-		panic(fmt.Errorf("X_shim_init failed with %d", rc))
+		panic(fmt.Errorf("x_shim_init failed with %d", rc))
 	}
 }
 
@@ -113,5 +112,5 @@ func errorFromErrorQueue() error {
 			C.GoString(C.ERR_func_error_string(err)),
 			C.GoString(C.ERR_reason_error_string(err))))
 	}
-	return errors.New(fmt.Sprintf("SSL errors: %s", strings.Join(errs, "\n")))
+	return fmt.Errorf("SSL errors: %s", strings.Join(errs, "\n"))
 }

key.go

@@ -143,36 +143,36 @@ func (key *pKey) SignPKCS1v15(method Method, data []byte) ([]byte, error) {
 			return nil, errors.New("signpkcs1v15: 0-length data or non-null digest")
 		}
 
-		if 1 != C.X_EVP_DigestSignInit(ctx, nil, nil, nil, key.key) {
+		if C.X_EVP_DigestSignInit(ctx, nil, nil, nil, key.key) != 1 {
 			return nil, errors.New("signpkcs1v15: failed to init signature")
 		}
 
 		// evp signatures are 64 bytes
-		sig := make([]byte, 64, 64)
+		sig := make([]byte, 64)
 		var sigblen C.size_t = 64
-		if 1 != C.X_EVP_DigestSign(ctx,
-			((*C.uchar)(unsafe.Pointer(&sig[0]))),
+		if C.X_EVP_DigestSign(ctx,
+			(*C.uchar)(unsafe.Pointer(&sig[0])),
 			&sigblen,
 			(*C.uchar)(unsafe.Pointer(&data[0])),
-			C.size_t(len(data))) {
+			C.size_t(len(data))) != 1 {
 			return nil, errors.New("signpkcs1v15: failed to do one-shot signature")
 		}
 
 		return sig[:sigblen], nil
 	} else {
-		if 1 != C.X_EVP_SignInit(ctx, method) {
+		if C.X_EVP_SignInit(ctx, method) != 1 {
 			return nil, errors.New("signpkcs1v15: failed to init signature")
 		}
 		if len(data) > 0 {
-			if 1 != C.X_EVP_SignUpdate(
-				ctx, unsafe.Pointer(&data[0]), C.uint(len(data))) {
+			if C.X_EVP_SignUpdate(
+				ctx, unsafe.Pointer(&data[0]), C.uint(len(data))) != 1 {
 				return nil, errors.New("signpkcs1v15: failed to update signature")
 			}
 		}
 		sig := make([]byte, C.X_EVP_PKEY_size(key.key))
 		var sigblen C.uint
-		if 1 != C.X_EVP_SignFinal(ctx,
-			((*C.uchar)(unsafe.Pointer(&sig[0]))), &sigblen, key.key) {
+		if C.X_EVP_SignFinal(ctx,
+			(*C.uchar)(unsafe.Pointer(&sig[0])), &sigblen, key.key) != 1 {
 			return nil, errors.New("signpkcs1v15: failed to finalize signature")
 		}
 		return sig[:sigblen], nil
@@ -194,32 +194,32 @@ func (key *pKey) VerifyPKCS1v15(method Method, data, sig []byte) error {
 			return errors.New("verifypkcs1v15: 0-length data or non-null digest")
 		}
 
-		if 1 != C.X_EVP_DigestVerifyInit(ctx, nil, nil, nil, key.key) {
+		if C.X_EVP_DigestVerifyInit(ctx, nil, nil, nil, key.key) != 1 {
 			return errors.New("verifypkcs1v15: failed to init verify")
 		}
 
-		if 1 != C.X_EVP_DigestVerify(ctx,
-			((*C.uchar)(unsafe.Pointer(&sig[0]))),
+		if C.X_EVP_DigestVerify(ctx,
+			(*C.uchar)(unsafe.Pointer(&sig[0])),
 			C.size_t(len(sig)),
 			(*C.uchar)(unsafe.Pointer(&data[0])),
-			C.size_t(len(data))) {
+			C.size_t(len(data))) != 1 {
 			return errors.New("verifypkcs1v15: failed to do one-shot verify")
 		}
 
 		return nil
 
 	} else {
-		if 1 != C.X_EVP_VerifyInit(ctx, method) {
+		if C.X_EVP_VerifyInit(ctx, method) != 1 {
 			return errors.New("verifypkcs1v15: failed to init verify")
 		}
 		if len(data) > 0 {
-			if 1 != C.X_EVP_VerifyUpdate(
-				ctx, unsafe.Pointer(&data[0]), C.uint(len(data))) {
+			if C.X_EVP_VerifyUpdate(
+				ctx, unsafe.Pointer(&data[0]), C.uint(len(data))) != 1 {
 				return errors.New("verifypkcs1v15: failed to update verify")
 			}
 		}
-		if 1 != C.X_EVP_VerifyFinal(ctx,
-			((*C.uchar)(unsafe.Pointer(&sig[0]))), C.uint(len(sig)), key.key) {
+		if C.X_EVP_VerifyFinal(ctx,
+			(*C.uchar)(unsafe.Pointer(&sig[0])), C.uint(len(sig)), key.key) != 1 {
 			return errors.New("verifypkcs1v15: failed to finalize verify")
 		}
 		return nil

key_test.go

@@ -187,12 +187,10 @@ func TestGenerateEd25519(t *testing.T) {
 	if err != nil {
 		t.Fatal(err)
 	}
-	_, err = key.MarshalPKIXPublicKeyPEM()
-	if err != nil {
+	if _, err = key.MarshalPKIXPublicKeyPEM(); err != nil {
 		t.Fatal(err)
 	}
-	_, err = key.MarshalPKCS1PrivateKeyPEM()
-	if err != nil {
+	if _, err = key.MarshalPKCS1PrivateKeyPEM(); err != nil {
 		t.Fatal(err)
 	}
 }
@@ -289,8 +287,7 @@ func TestSignED25519(t *testing.T) {
 }
 
 func TestMarshalEC(t *testing.T) {
-	key, err := LoadPrivateKeyFromPEM(prime256v1KeyBytes)
-	if err != nil {
+	if _, err := LoadPrivateKeyFromPEM(prime256v1KeyBytes); err != nil {
 		t.Fatal(err)
 	}
 	cert, err := LoadCertificateFromPEM(prime256v1CertBytes)
@@ -299,7 +296,7 @@ func TestMarshalEC(t *testing.T) {
 	}
 
 	privateBlock, _ := pem_pkg.Decode(prime256v1KeyBytes)
-	key, err = LoadPrivateKeyFromDER(privateBlock.Bytes)
+	key, err := LoadPrivateKeyFromDER(privateBlock.Bytes)
 	if err != nil {
 		t.Fatal(err)
 	}
@@ -410,8 +407,7 @@ func TestMarshalEd25519(t *testing.T) {
 		t.SkipNow()
 	}
 
-	key, err := LoadPrivateKeyFromPEM(ed25519KeyBytes)
-	if err != nil {
+	if _, err := LoadPrivateKeyFromPEM(ed25519KeyBytes); err != nil {
 		t.Fatal(err)
 	}
 	cert, err := LoadCertificateFromPEM(ed25519CertBytes)
@@ -420,7 +416,7 @@ func TestMarshalEd25519(t *testing.T) {
 	}
 
 	privateBlock, _ := pem_pkg.Decode(ed25519KeyBytes)
-	key, err = LoadPrivateKeyFromDER(privateBlock.Bytes)
+	key, err := LoadPrivateKeyFromDER(privateBlock.Bytes)
 	if err != nil {
 		t.Fatal(err)
 	}
@@ -435,17 +431,15 @@ func TestMarshalEd25519(t *testing.T) {
 		t.Fatal("invalid cert pem bytes")
 	}
 
-	pem, err = key.MarshalPKCS1PrivateKeyPEM()
-	if err != nil {
+	if _, err = key.MarshalPKCS1PrivateKeyPEM(); err != nil {
 		t.Fatal(err)
 	}
 
-	der, err := key.MarshalPKCS1PrivateKeyDER()
-	if err != nil {
+	if _, err := key.MarshalPKCS1PrivateKeyDER(); err != nil {
 		t.Fatal(err)
 	}
 
-	der, err = key.MarshalPKIXPublicKeyDER()
+	der, err := key.MarshalPKIXPublicKeyDER()
 	if err != nil {
 		t.Fatal(err)
 	}
@@ -455,22 +449,22 @@ func TestMarshalEd25519(t *testing.T) {
 		t.Fatal(err)
 	}
 
-	loaded_pubkey_from_pem, err := LoadPublicKeyFromPEM(pem)
+	loadedPubkeyFromPem, err := LoadPublicKeyFromPEM(pem)
 	if err != nil {
 		t.Fatal(err)
 	}
 
-	loaded_pubkey_from_der, err := LoadPublicKeyFromDER(der)
+	loadedPubkeyFromDer, err := LoadPublicKeyFromDER(der)
 	if err != nil {
 		t.Fatal(err)
 	}
 
-	_, err = loaded_pubkey_from_pem.MarshalPKIXPublicKeyDER()
+	_, err = loadedPubkeyFromPem.MarshalPKIXPublicKeyDER()
 	if err != nil {
 		t.Fatal(err)
 	}
 
-	_, err = loaded_pubkey_from_der.MarshalPKIXPublicKeyDER()
+	_, err = loadedPubkeyFromDer.MarshalPKIXPublicKeyDER()
 	if err != nil {
 		t.Fatal(err)
 	}

md4.go

@@ -51,7 +51,7 @@ func (s *MD4Hash) Close() {
 }
 
 func (s *MD4Hash) Reset() error {
-	if 1 != C.X_EVP_DigestInit_ex(s.ctx, C.X_EVP_md4(), engineRef(s.engine)) {
+	if C.X_EVP_DigestInit_ex(s.ctx, C.X_EVP_md4(), engineRef(s.engine)) != 1 {
 		return errors.New("openssl: md4: cannot init digest ctx")
 	}
 	return nil
@@ -61,16 +61,16 @@ func (s *MD4Hash) Write(p []byte) (n int, err error) {
 	if len(p) == 0 {
 		return 0, nil
 	}
-	if 1 != C.X_EVP_DigestUpdate(s.ctx, unsafe.Pointer(&p[0]),
-		C.size_t(len(p))) {
+	if C.X_EVP_DigestUpdate(s.ctx, unsafe.Pointer(&p[0]),
+		C.size_t(len(p))) != 1 {
 		return 0, errors.New("openssl: md4: cannot update digest")
 	}
 	return len(p), nil
 }
 
 func (s *MD4Hash) Sum() (result [16]byte, err error) {
-	if 1 != C.X_EVP_DigestFinal_ex(s.ctx,
-		(*C.uchar)(unsafe.Pointer(&result[0])), nil) {
+	if C.X_EVP_DigestFinal_ex(s.ctx,
+		(*C.uchar)(unsafe.Pointer(&result[0])), nil) != 1 {
 		return result, errors.New("openssl: md4: cannot finalize ctx")
 	}
 	return result, s.Reset()

md5.go

@@ -51,7 +51,7 @@ func (s *MD5Hash) Close() {
 }
 
 func (s *MD5Hash) Reset() error {
-	if 1 != C.X_EVP_DigestInit_ex(s.ctx, C.X_EVP_md5(), engineRef(s.engine)) {
+	if C.X_EVP_DigestInit_ex(s.ctx, C.X_EVP_md5(), engineRef(s.engine)) != 1 {
 		return errors.New("openssl: md5: cannot init digest ctx")
 	}
 	return nil
@@ -61,16 +61,16 @@ func (s *MD5Hash) Write(p []byte) (n int, err error) {
 	if len(p) == 0 {
 		return 0, nil
 	}
-	if 1 != C.X_EVP_DigestUpdate(s.ctx, unsafe.Pointer(&p[0]),
-		C.size_t(len(p))) {
+	if C.X_EVP_DigestUpdate(s.ctx, unsafe.Pointer(&p[0]),
+		C.size_t(len(p))) != 1 {
 		return 0, errors.New("openssl: md5: cannot update digest")
 	}
 	return len(p), nil
 }
 
 func (s *MD5Hash) Sum() (result [16]byte, err error) {
-	if 1 != C.X_EVP_DigestFinal_ex(s.ctx,
-		(*C.uchar)(unsafe.Pointer(&result[0])), nil) {
+	if C.X_EVP_DigestFinal_ex(s.ctx,
+		(*C.uchar)(unsafe.Pointer(&result[0])), nil) != 1 {
 		return result, errors.New("openssl: md5: cannot finalize ctx")
 	}
 	return result, s.Reset()

pem.go

@@ -16,18 +16,13 @@ package openssl
 
 import (
 	"regexp"
-
 )
 
 var pemSplit *regexp.Regexp = regexp.MustCompile(`(?sm)` +
 	`(^-----[\s-]*?BEGIN.*?-----[\s-]*?$` +
 	`.*?` +
 	`^-----[\s-]*?END.*?-----[\s-]*?$)`)
-	
+
 func SplitPEM(data []byte) [][]byte {
-	var results [][]byte
-	for _, block := range pemSplit.FindAll(data, -1) {
-		results = append(results, block)
-	}
-	return results
+	return pemSplit.FindAll(data, -1)
 }

sha1.go

@@ -58,7 +58,7 @@ func engineRef(e *Engine) *C.ENGINE {
 }
 
 func (s *SHA1Hash) Reset() error {
-	if 1 != C.X_EVP_DigestInit_ex(s.ctx, C.X_EVP_sha1(), engineRef(s.engine)) {
+	if C.X_EVP_DigestInit_ex(s.ctx, C.X_EVP_sha1(), engineRef(s.engine)) != 1 {
 		return errors.New("openssl: sha1: cannot init digest ctx")
 	}
 	return nil
@@ -68,16 +68,16 @@ func (s *SHA1Hash) Write(p []byte) (n int, err error) {
 	if len(p) == 0 {
 		return 0, nil
 	}
-	if 1 != C.X_EVP_DigestUpdate(s.ctx, unsafe.Pointer(&p[0]),
-		C.size_t(len(p))) {
+	if C.X_EVP_DigestUpdate(s.ctx, unsafe.Pointer(&p[0]),
+		C.size_t(len(p))) != 1 {
 		return 0, errors.New("openssl: sha1: cannot update digest")
 	}
 	return len(p), nil
 }
 
 func (s *SHA1Hash) Sum() (result [20]byte, err error) {
-	if 1 != C.X_EVP_DigestFinal_ex(s.ctx,
-		(*C.uchar)(unsafe.Pointer(&result[0])), nil) {
+	if C.X_EVP_DigestFinal_ex(s.ctx,
+		(*C.uchar)(unsafe.Pointer(&result[0])), nil) != 1 {
 		return result, errors.New("openssl: sha1: cannot finalize ctx")
 	}
 	return result, s.Reset()

sha256.go

@@ -51,7 +51,7 @@ func (s *SHA256Hash) Close() {
 }
 
 func (s *SHA256Hash) Reset() error {
-	if 1 != C.X_EVP_DigestInit_ex(s.ctx, C.X_EVP_sha256(), engineRef(s.engine)) {
+	if C.X_EVP_DigestInit_ex(s.ctx, C.X_EVP_sha256(), engineRef(s.engine)) != 1 {
 		return errors.New("openssl: sha256: cannot init digest ctx")
 	}
 	return nil
@@ -61,16 +61,16 @@ func (s *SHA256Hash) Write(p []byte) (n int, err error) {
 	if len(p) == 0 {
 		return 0, nil
 	}
-	if 1 != C.X_EVP_DigestUpdate(s.ctx, unsafe.Pointer(&p[0]),
-		C.size_t(len(p))) {
+	if C.X_EVP_DigestUpdate(s.ctx, unsafe.Pointer(&p[0]),
+		C.size_t(len(p))) != 1 {
 		return 0, errors.New("openssl: sha256: cannot update digest")
 	}
 	return len(p), nil
 }
 
 func (s *SHA256Hash) Sum() (result [32]byte, err error) {
-	if 1 != C.X_EVP_DigestFinal_ex(s.ctx,
-		(*C.uchar)(unsafe.Pointer(&result[0])), nil) {
+	if C.X_EVP_DigestFinal_ex(s.ctx,
+		(*C.uchar)(unsafe.Pointer(&result[0])), nil) != 1 {
 		return result, errors.New("openssl: sha256: cannot finalize ctx")
 	}
 	return result, s.Reset()

ssl_test.go

@@ -197,7 +197,7 @@ func SimpleConnTest(t testing.TB, constructor func(
 		if err != nil {
 			t.Fatal(err)
 		}
-		if string(buf.Bytes()) != data {
+		if buf.String() != data {
 			t.Fatal("mismatched data")
 		}
 
@@ -304,21 +304,21 @@ func ThroughputBenchmark(b *testing.B, constructor func(
 	wg.Add(2)
 	go func() {
 		defer wg.Done()
-		_, err = io.Copy(client, bytes.NewReader([]byte(data)))
-		if err != nil {
-			b.Fatal(err)
+		if _, err = io.Copy(client, bytes.NewReader(data)); err != nil {
+			b.Error(err)
+			return
 		}
 	}()
 	go func() {
 		defer wg.Done()
 
 		buf := &bytes.Buffer{}
-		_, err = io.CopyN(buf, server, int64(len(data)))
-		if err != nil {
-			b.Fatal(err)
+		if _, err = io.CopyN(buf, server, int64(len(data))); err != nil {
+			b.Error(err)
+			return
 		}
 		if !bytes.Equal(buf.Bytes(), data) {
-			b.Fatal("mismatched data")
+			b.Error("mismatched data")
 		}
 	}()
 	wg.Wait()
@@ -551,27 +551,27 @@ func LotsOfConns(t *testing.T, payload_size int64, loops, clients int,
 		for {
 			conn, err := ssl_listener.Accept()
 			if err != nil {
-				t.Fatalf("failed accept: %s", err)
+				t.Errorf("failed accept: %s", err)
 				continue
 			}
 			go func() {
 				defer func() {
 					err = conn.Close()
 					if err != nil {
-						t.Fatalf("failed closing: %s", err)
+						t.Errorf("failed closing: %s", err)
 					}
 				}()
 				for i := 0; i < loops; i++ {
 					_, err := io.Copy(ioutil.Discard,
 						io.LimitReader(conn, payload_size))
 					if err != nil {
-						t.Fatalf("failed reading: %s", err)
+						t.Errorf("failed reading: %s", err)
 						return
 					}
 					_, err = io.Copy(conn, io.LimitReader(rand.Reader,
 						payload_size))
 					if err != nil {
-						t.Fatalf("failed writing: %s", err)
+						t.Errorf("failed writing: %s", err)
 						return
 					}
 				}
@@ -581,35 +581,37 @@ func LotsOfConns(t *testing.T, payload_size int64, loops, clients int,
 	}()
 	var wg sync.WaitGroup
 	for i := 0; i < clients; i++ {
-		tcp_client, err := net.Dial(tcp_listener.Addr().Network(),
+		tcpClient, err := net.Dial(tcp_listener.Addr().Network(),
 			tcp_listener.Addr().String())
 		if err != nil {
-			t.Fatal(err)
+			t.Error(err)
+			return
 		}
-		ssl_client, err := newClient(tcp_client)
+		ssl_client, err := newClient(tcpClient)
 		if err != nil {
-			t.Fatal(err)
+			t.Error(err)
+			return
 		}
 		wg.Add(1)
 		go func(i int) {
+			defer wg.Done()
 			defer func() {
 				err = ssl_client.Close()
 				if err != nil {
-					t.Fatalf("failed closing: %s", err)
+					t.Errorf("failed closing: %s", err)
 				}
-				wg.Done()
 			}()
 			for i := 0; i < loops; i++ {
 				_, err := io.Copy(ssl_client, io.LimitReader(rand.Reader,
 					payload_size))
 				if err != nil {
-					t.Fatalf("failed writing: %s", err)
+					t.Errorf("failed writing: %s", err)
 					return
 				}
 				_, err = io.Copy(ioutil.Discard,
 					io.LimitReader(ssl_client, payload_size))
 				if err != nil {
-					t.Fatalf("failed reading: %s", err)
+					t.Errorf("failed reading: %s", err)
 					return
 				}
 			}
@@ -645,20 +647,17 @@ func TestOpenSSLLotsOfConns(t *testing.T) {
 	if err != nil {
 		t.Fatal(err)
 	}
-	err = ctx.UsePrivateKey(key)
-	if err != nil {
+	if err = ctx.UsePrivateKey(key); err != nil {
 		t.Fatal(err)
 	}
 	cert, err := LoadCertificateFromPEM(certBytes)
 	if err != nil {
 		t.Fatal(err)
 	}
-	err = ctx.UseCertificate(cert)
-	if err != nil {
+	if err = ctx.UseCertificate(cert); err != nil {
 		t.Fatal(err)
 	}
-	err = ctx.SetCipherList("AES128-SHA")
-	if err != nil {
+	if err = ctx.SetCipherList("AES128-SHA"); err != nil {
 		t.Fatal(err)
 	}
 	LotsOfConns(t, 1024*64, 10, 100, 0*time.Second,

utils/future.go

@@ -45,35 +45,35 @@ func NewFuture() *Future {
 }
 
 // Get blocks until the Future has a value set.
-func (self *Future) Get() (interface{}, error) {
-	self.mutex.Lock()
-	defer self.mutex.Unlock()
+func (f *Future) Get() (interface{}, error) {
+	f.mutex.Lock()
+	defer f.mutex.Unlock()
 	for {
-		if self.received {
-			return self.val, self.err
+		if f.received {
+			return f.val, f.err
 		}
-		self.cond.Wait()
+		f.cond.Wait()
 	}
 }
 
 // Fired returns whether or not a value has been set. If Fired is true, Get
 // won't block.
-func (self *Future) Fired() bool {
-	self.mutex.Lock()
-	defer self.mutex.Unlock()
-	return self.received
+func (f *Future) Fired() bool {
+	f.mutex.Lock()
+	defer f.mutex.Unlock()
+	return f.received
 }
 
 // Set provides the value to present and future Get calls. If Set has already
 // been called, this is a no-op.
-func (self *Future) Set(val interface{}, err error) {
-	self.mutex.Lock()
-	defer self.mutex.Unlock()
-	if self.received {
+func (f *Future) Set(val interface{}, err error) {
+	f.mutex.Lock()
+	defer f.mutex.Unlock()
+	if f.received {
 		return
 	}
-	self.received = true
-	self.val = val
-	self.err = err
-	self.cond.Broadcast()
+	f.received = true
+	f.val = val
+	f.err = err
+	f.cond.Broadcast()
 }