appease linter

cmd/trtlsim/main.go

@@ -2,6 +2,7 @@ package main
 
 import (
 	"context"
+	crand "crypto/rand"
 	"crypto/tls"
 	"crypto/x509"
 	"errors"
@@ -28,10 +29,6 @@ import (
 	"google.golang.org/grpc/status"
 )
 
-func init() {
-	rand.Seed(time.Now().UTC().UnixNano())
-}
-
 const (
 	interval  = 10 * time.Second                                       // the ticker interval, default to 5 seconds
 	sigma     = 200 * time.Millisecond                                 // the amount of jitter, default to 100 ms
@@ -173,7 +170,7 @@ func (s *Simulator) connect() (_ pb.TrtlClient, err error) {
 
 	// Connect the replica client
 	var cc *grpc.ClientConn
-	if cc, err = grpc.Dial(s.Endpoint, opts...); err != nil {
+	if cc, err = grpc.NewClient(s.Endpoint, opts...); err != nil {
 		return nil, err
 	}
 	log.Printf("connected to trtl server at %s\n", s.Endpoint)
@@ -637,6 +634,7 @@ func (t *TRISAModel) reissuer(wg *sync.WaitGroup) {
 // User updater randomly updates users' profiles
 // This writer may generate stomps, but it's unlikely
 func (t *TRISAModel) userProfiles(wg *sync.WaitGroup) {
+	defer wg.Done()
 	ticker := jitter.New(reissueInterval, reissueSigma)
 	for {
 		<-ticker.C
@@ -735,7 +733,7 @@ func (t *TRISAModel) Iter(namespace string) (err error) {
 func (t *TRISAModel) Put(key, namespace string, nbytes int) (err error) {
 	// Create a random value of the specified length
 	value := make([]byte, nbytes)
-	if _, err = rand.Read(value); err != nil {
+	if _, err = crand.Read(value); err != nil {
 		return fmt.Errorf("could not create random value: %v", err)
 	}
 

pkg/bff/auth/csrf.go

@@ -1,9 +1,9 @@
 package auth
 
 import (
+	"crypto/rand"
 	"crypto/sha256"
 	"encoding/base64"
-	"math/rand"
 	"net/http"
 	"net/url"
 	"sync"

pkg/bff/config/config.go

@@ -255,7 +255,7 @@ func (c MTLSConfig) Validate() error {
 }
 
 // DialOption returns a configured dial option which can be directly used in a
-// grpc.Dial or grpc.DialContext call to connect using mTLS.
+// grpc.NewClient call to connect using mTLS.
 func (c MTLSConfig) DialOption(endpoint string) (opt grpc.DialOption, err error) {
 	var (
 		sz    *trust.Serializer

pkg/bff/mock/gds.go

@@ -16,7 +16,6 @@ import (
 )
 
 const (
-	bufSize          = 1024 * 1024
 	RegisterRPC      = "Register"
 	LookupRPC        = "Lookup"
 	SearchRPC        = "Search"
@@ -28,7 +27,7 @@ const (
 func NewGDS(conf config.DirectoryConfig) (g *GDS, err error) {
 	g = &GDS{
 		srv:   grpc.NewServer(),
-		sock:  bufconn.New(bufSize, ""),
+		sock:  bufconn.New(""),
 		Calls: make(map[string]int),
 	}
 

pkg/bff/mock/members.go

@@ -24,7 +24,7 @@ const (
 func NewMembers(conf config.MembersConfig) (m *Members, err error) {
 	m = &Members{
 		srv:   grpc.NewServer(),
-		sock:  bufconn.New(bufSize, ""),
+		sock:  bufconn.New(""),
 		Calls: make(map[string]int),
 	}
 

pkg/bff/mock/trtl.go

@@ -30,7 +30,7 @@ func NewTrtl() (t *Trtl, err error) {
 	if t.srv, err = trtl.New(conf); err != nil {
 		return nil, err
 	}
-	t.sock = bufconn.New(1024*1024, "")
+	t.sock = bufconn.New("")
 	go t.srv.Run(t.sock.Listener)
 	return t, nil
 }

pkg/gds/client/profile.go

@@ -151,7 +151,7 @@ func (p *DirectoryProfile) Connect() (_ api.TRISADirectoryClient, err error) {
 
 	// Connect the directory client
 	var cc *grpc.ClientConn
-	if cc, err = grpc.Dial(p.Endpoint, opts...); err != nil {
+	if cc, err = grpc.NewClient(p.Endpoint, opts...); err != nil {
 		return nil, err
 	}
 	return api.NewTRISADirectoryClient(cc), nil
@@ -208,7 +208,7 @@ func (p *TrtlProfile) Connect() (conn *grpc.ClientConn, err error) {
 	}
 
 	// Connect the replica client
-	if conn, err = grpc.Dial(p.Endpoint, opts...); err != nil {
+	if conn, err = grpc.NewClient(p.Endpoint, opts...); err != nil {
 		return nil, err
 	}
 	return conn, nil
@@ -271,7 +271,7 @@ func (p *MembersProfile) Connect() (_ members.TRISAMembersClient, err error) {
 
 	// Connect the directory client
 	var cc *grpc.ClientConn
-	if cc, err = grpc.Dial(p.Endpoint, opts...); err != nil {
+	if cc, err = grpc.NewClient(p.Endpoint, opts...); err != nil {
 		return nil, err
 	}
 	return members.NewTRISAMembersClient(cc), nil

pkg/gds/fixtures/fixtures.go

@@ -28,10 +28,6 @@ import (
 	"google.golang.org/protobuf/types/known/anypb"
 )
 
-const (
-	bufSize = 1024 * 1024
-)
-
 type StoreType uint8
 
 const (
@@ -232,7 +228,7 @@ func (lib *Library) SetupTrtl() (err error) {
 	}
 
 	// Using a bufconn listener allows us to avoid network requests
-	lib.trtlListener = bufconn.New(bufSize, "")
+	lib.trtlListener = bufconn.New("")
 	go lib.trtl.Run(lib.trtlListener.Listener)
 
 	// Connect to the running Trtl server

pkg/gds/service_test.go

@@ -18,10 +18,6 @@ import (
 	pb "github.com/trisacrypto/trisa/pkg/trisa/gds/models/v1beta1"
 )
 
-const (
-	bufSize = 1024 * 1024
-)
-
 var (
 	fixturesPath = filepath.Join("testdata", "fakes.tgz")
 	dbPath       = filepath.Join("testdata", "db")
@@ -72,7 +68,7 @@ func (s *gdsTestSuite) SetupSuite() {
 func (s *gdsTestSuite) SetupGDS() {
 
 	// Using a bufconn listener allows us to avoid network requests
-	s.grpc = bufconn.New(bufSize, "")
+	s.grpc = bufconn.New("")
 	go s.svc.GetGDS().Run(s.grpc.Listener)
 }
 
@@ -81,7 +77,7 @@ func (s *gdsTestSuite) SetupGDS() {
 func (s *gdsTestSuite) SetupMembers() {
 
 	// Using a bufconn listener allows us to avoid network requests
-	s.grpc = bufconn.New(bufSize, "")
+	s.grpc = bufconn.New("")
 	go s.svc.GetMembers().Run(s.grpc.Listener)
 }
 

pkg/store/trtl/connect.go

@@ -58,7 +58,7 @@ func Connect(conf config.StoreConfig) (conn *grpc.ClientConn, err error) {
 	}
 
 	// Connect the replica client
-	if conn, err = grpc.Dial(dsn.Host, opts...); err != nil {
+	if conn, err = grpc.NewClient(dsn.Host, opts...); err != nil {
 		return nil, err
 	}
 	return conn, nil

pkg/store/trtl/trtl_test.go

@@ -29,7 +29,6 @@ const (
 	metaRegion = "tauceti"
 	metaOwner  = "taurian"
 	metaPID    = 8
-	bufSize    = 1024 * 1024
 )
 
 type trtlStoreTestSuite struct {
@@ -78,7 +77,7 @@ func (s *trtlStoreTestSuite) SetupSuite() {
 	s.trtl, err = trtl.New(*s.conf)
 	require.NoError(err)
 
-	s.grpc = bufconn.New(bufSize, "")
+	s.grpc = bufconn.New("")
 	go s.trtl.Run(s.grpc.Listener)
 }
 

pkg/trtl/bench_test.go

@@ -80,7 +80,7 @@ func setupTrtl(t testing.TB) (bench *trtlBench, err error) {
 	}
 
 	// Create a bufconn listener(s) so that there are no actual network requests
-	bench.grpc = bufconn.New(benchbuf, "")
+	bench.grpc = bufconn.New("")
 
 	// Run the test server without signals, background routines or maintenance mode checks
 	go bench.trtl.Run(bench.grpc.Listener)

pkg/trtl/mock/remote.go

@@ -17,7 +17,6 @@ import (
 )
 
 const (
-	bufSize     = 1024 * 1024
 	GetRPC      = "trtl.v1.Trtl/Get"
 	PutRPC      = "trtl.v1.Trtl/Put"
 	DeleteRPC   = "trtl.v1.Trtl/Delete"
@@ -37,7 +36,7 @@ const (
 // ServerOptions with configured TLS.
 func New(bufnet *bufconn.GRPCListener, opts ...grpc.ServerOption) *RemoteTrtl {
 	if bufnet == nil {
-		bufnet = bufconn.New(bufSize, "")
+		bufnet = bufconn.New("")
 	}
 
 	if len(opts) == 0 {

pkg/trtl/replica/prob.go

@@ -1,15 +1,31 @@
 package replica
 
 import (
+	crand "crypto/rand"
+	"encoding/binary"
 	"math"
 	"math/rand"
+	"sync"
 	"time"
 )
 
 const (
 	lambda = -0.004
 )
 
+var (
+	random *rand.Rand
+	mu     sync.Mutex
+)
+
+func init() {
+	var b [8]byte
+	if _, err := crand.Read(b[:]); err != nil {
+		panic("cannot seed math/rand package with cryptographically secure random number")
+	}
+	random = rand.New(rand.NewSource(int64(binary.LittleEndian.Uint64(b[:]))))
+}
+
 // TimeProbability returns an exponentially decaying probability between 0 and 1 that
 // smoothly decreases to zero over the course of a day (24 hours). E.g. the longer the
 // time since the timestamp, the lower the probability that is returned.
@@ -21,5 +37,12 @@ func TimeProbability(ts time.Time) float64 {
 // ReplicateObjectRoulette performs a roulette roll to see if the object should be
 // replicated basesd on its TimeProbability.
 func ReplicateObjectRoulette(ts time.Time) bool {
-	return rand.Float64() < TimeProbability(ts)
+	mu.Lock()
+	defer mu.Unlock()
+	return random.Float64() < TimeProbability(ts)
+}
+
+// Seed the random number generator for testing purposes
+func TestSeed(seed int64) {
+	random = rand.New(rand.NewSource(seed))
 }

pkg/trtl/replica/prob_test.go

@@ -1,7 +1,6 @@
 package replica_test
 
 import (
-	"math/rand"
 	"testing"
 	"time"
 
@@ -50,7 +49,8 @@ func TestReplicateObjectRoulette(t *testing.T) {
 	for i, tc := range cases {
 		count := 0
 		ts := time.Now().Add(tc.before)
-		rand.Seed(24)
+		replica.TestSeed(24)
+
 		for i := 0; i < tc.rolls; i++ {
 			if replica.ReplicateObjectRoulette(ts) {
 				count++

pkg/trtl/replica/sync.go

@@ -188,7 +188,7 @@ func (r *Service) AntiEntropySync(peer *peers.Peer, logctx *sentry.Logger) (err
 
 	// Dial the remote peer and establish a connection
 	var cc *grpc.ClientConn
-	if cc, err = r.connect(ctx, peer); err != nil {
+	if cc, err = r.connect(peer); err != nil {
 		return err
 	}
 	defer cc.Close()
@@ -251,10 +251,9 @@ func (r *Service) AntiEntropySync(peer *peers.Peer, logctx *sentry.Logger) (err
 // Connect to a remote peer using mTLS credentials or in insecure mode as necessary.
 // This method blocks until the connection has been established to prevent any
 // anti-entropy work from happening until we know the remote peer is live.
-func (r *Service) connect(ctx context.Context, peer *peers.Peer) (cc *grpc.ClientConn, err error) {
+func (r *Service) connect(peer *peers.Peer) (cc *grpc.ClientConn, err error) {
 	// Create the base dial options - ensure blocking
 	opts := make([]grpc.DialOption, 0, 2)
-	opts = append(opts, grpc.WithBlock())
 
 	// Add mTLS credentials if required
 	if r.mtls.Insecure {
@@ -284,7 +283,7 @@ func (r *Service) connect(ctx context.Context, peer *peers.Peer) (cc *grpc.Clien
 	}
 
 	// Dial the remote peer and establish a connection
-	return grpc.DialContext(ctx, peer.Addr, opts...)
+	return grpc.NewClient(peer.Addr, opts...)
 }
 
 // initiatorPhase1 is the go routine that starts the anti-entropy synchronization

pkg/trtl/server_test.go

@@ -32,7 +32,6 @@ import (
 )
 
 const (
-	bufSize      = 1024 * 1024
 	clientCerts  = "testdata/client.pem"
 	serverCerts  = "testdata/server.pem"
 	clientTarget = "client.trisa.dev"
@@ -223,7 +222,7 @@ func (s *trtlTestSuite) setupServers() (err error) {
 	}
 
 	// Create a bufconn listener(s) so that there are no actual network requests
-	s.grpc = bufconn.New(bufSize, "")
+	s.grpc = bufconn.New("")
 
 	// Run the test server without signals, background routines or maintenance mode checks
 	// TODO: do we need to check if there was an error when starting run?
@@ -254,7 +253,7 @@ func (s *trtlTestSuite) setupRemoteTrtl() (err error) {
 	opts = append(opts, grpc.Creds(credentials.NewTLS(tls)))
 
 	// Create the remote peer
-	s.remote = mock.New(bufconn.New(bufSize, serverTarget), opts...)
+	s.remote = mock.New(bufconn.New(serverTarget), opts...)
 	return nil
 }
 

pkg/utils/bufconn/listener.go

@@ -9,6 +9,10 @@ import (
 	"google.golang.org/grpc/test/bufconn"
 )
 
+const Endpoint = "passthrough://bufnet"
+
+const bufsize = 1024 * 1024
+
 // GRPCListener handles gRPC connections using a bufconn listener. This is useful for
 // testing when it's unnecessary to have a live gRPC server running. The normal
 // workflow is to call New() to start the listener, Connect() to start a gRPC
@@ -20,13 +24,13 @@ type GRPCListener struct {
 	Conn     *grpc.ClientConn
 }
 
-func New(bufSize int, target string) *GRPCListener {
+func New(target string) *GRPCListener {
 	if target == "" {
-		target = "bufnet"
+		target = Endpoint
 	}
 
 	return &GRPCListener{
-		Listener: bufconn.Listen(bufSize),
+		Listener: bufconn.Listen(bufsize),
 		Target:   target,
 	}
 }
@@ -37,7 +41,7 @@ func (g *GRPCListener) Connect(ctx context.Context, opts ...grpc.DialOption) (er
 	}
 
 	opts = append([]grpc.DialOption{grpc.WithContextDialer(g.Dialer)}, opts...)
-	if g.Conn, err = grpc.DialContext(ctx, g.Target, opts...); err != nil {
+	if g.Conn, err = grpc.NewClient(g.Target, opts...); err != nil {
 		return err
 	}
 	return err