Browse Source

golint cleanup

Russ Magee 2 months ago
parent
commit
bd0b48d98f
1 changed files with 85 additions and 83 deletions
  1. 85 83
      xsd/xsd.go

+ 85 - 83
xsd/xsd.go

@@ -16,7 +16,6 @@ import (
 	"flag"
 	"fmt"
 	"io"
-	"io/ioutil"
 	"log"
 	"os"
 	"os/exec"
@@ -47,6 +46,11 @@ var (
 	Log *logger.Writer
 )
 
+const (
+	AuthTokenLen     = 64
+	LoginTimeoutSecs = 30
+)
+
 func ioctl(fd, request, argp uintptr) error {
 	if _, _, e := syscall.Syscall6(syscall.SYS_IOCTL, fd, request, argp, 0, 0, 0); e != 0 {
 		return e
@@ -66,10 +70,10 @@ func ptsName(fd uintptr) (string, error) {
 /* -------------------------------------------------------------- */
 // Perform a client->server copy
 func runClientToServerCopyAs(who, ttype string, conn *xsnet.Conn, fpath string, chaffing bool) (exitStatus uint32, err error) {
-	u, _ := user.Lookup(who) // nolint: gosec
+	u, _ := user.Lookup(who)
 	var uid, gid uint32
-	fmt.Sscanf(u.Uid, "%d", &uid) // nolint: gosec,errcheck
-	fmt.Sscanf(u.Gid, "%d", &gid) // nolint: gosec,errcheck
+	fmt.Sscanf(u.Uid, "%d", &uid)
+	fmt.Sscanf(u.Gid, "%d", &gid)
 	log.Println("uid:", uid, "gid:", gid)
 
 	// Need to clear server's env and set key vars of the
@@ -80,9 +84,9 @@ func runClientToServerCopyAs(who, ttype string, conn *xsnet.Conn, fpath string,
 	// of client shell window used to run client.
 	// Investigate -- rlm 2018-01-26)
 	os.Clearenv()
-	os.Setenv("HOME", u.HomeDir) // nolint: gosec,errcheck
-	os.Setenv("TERM", ttype)     // nolint: gosec,errcheck
-	os.Setenv("XS_SESSION", "1") // nolint: gosec,errcheck
+	os.Setenv("HOME", u.HomeDir)
+	os.Setenv("TERM", ttype)
+	os.Setenv("XS_SESSION", "1")
 
 	var c *exec.Cmd
 	cmdName := xs.GetTool("tar")
@@ -101,7 +105,7 @@ func runClientToServerCopyAs(who, ttype string, conn *xsnet.Conn, fpath string,
 	// (as this isn't input from a shell) (right? -rlm 20180823)
 	//cmdArgs := []string{"-x", "-C", destDir, `--xform=s#.*/\(.*\)#\1#`}
 	fmt.Println(cmdName, cmdArgs)
-	c = exec.Command(cmdName, cmdArgs...) // nolint: gosec
+	c = exec.Command(cmdName, cmdArgs...)
 
 	c.Dir = destDir
 
@@ -173,8 +177,8 @@ func runServerToClientCopyAs(who, ttype string, conn *xsnet.Conn, srcPath string
 		return
 	}
 	var uid, gid uint32
-	_, _ = fmt.Sscanf(u.Uid, "%d", &uid) // nolint: gosec
-	_, _ = fmt.Sscanf(u.Gid, "%d", &gid) // nolint: gosec
+	_, _ = fmt.Sscanf(u.Uid, "%d", &uid)
+	_, _ = fmt.Sscanf(u.Gid, "%d", &gid)
 	log.Println("uid:", uid, "gid:", gid)
 
 	// Need to clear server's env and set key vars of the
@@ -185,9 +189,9 @@ func runServerToClientCopyAs(who, ttype string, conn *xsnet.Conn, srcPath string
 	// of client shell window used to run client.
 	// Investigate -- rlm 2018-01-26)
 	os.Clearenv()
-	_ = os.Setenv("HOME", u.HomeDir) // nolint: gosec
-	_ = os.Setenv("TERM", ttype)     // nolint: gosec
-	_ = os.Setenv("XS_SESSION", "1") // nolint: gosec
+	_ = os.Setenv("HOME", u.HomeDir)
+	_ = os.Setenv("TERM", ttype)
+	_ = os.Setenv("XS_SESSION", "1")
 
 	var c *exec.Cmd
 	cmdName := xs.GetTool("tar")
@@ -198,7 +202,7 @@ func runServerToClientCopyAs(who, ttype string, conn *xsnet.Conn, srcPath string
 	srcDir, srcBase := path.Split(srcPath)
 	cmdArgs := []string{"-cz", "-C", srcDir, "-f", "-", srcBase}
 
-	c = exec.Command(cmdName, cmdArgs...) // nolint: gosec
+	c = exec.Command(cmdName, cmdArgs...)
 
 	//If os.Clearenv() isn't called by server above these will be seen in the
 	//client's session env.
@@ -252,11 +256,10 @@ func runServerToClientCopyAs(who, ttype string, conn *xsnet.Conn, srcPath string
 	return
 }
 
-// Run a command (via default shell) as a specific user
-//
-// Uses ptys to support commands which expect a terminal.
-// nolint: gocyclo
-func runShellAs(who, hname, ttype, cmd string, interactive bool, conn *xsnet.Conn, chaffing bool) (exitStatus uint32, err error) {
+// Run a command (via default shell) as a specific user. Uses
+// ptys to support commands which expect a terminal. //nolint:gofmt
+func runShellAs(who, hname, ttype, cmd string, interactive bool, //nolint:funlen
+	conn *xsnet.Conn, chaffing bool) (exitStatus uint32, err error) {
 	var wg sync.WaitGroup
 	u, err := user.Lookup(who)
 	if err != nil {
@@ -264,8 +267,8 @@ func runShellAs(who, hname, ttype, cmd string, interactive bool, conn *xsnet.Con
 		return
 	}
 	var uid, gid uint32
-	_, _ = fmt.Sscanf(u.Uid, "%d", &uid) // nolint: gosec
-	_, _ = fmt.Sscanf(u.Gid, "%d", &gid) // nolint: gosec
+	_, _ = fmt.Sscanf(u.Uid, "%d", &uid)
+	_, _ = fmt.Sscanf(u.Gid, "%d", &gid)
 	log.Println("uid:", uid, "gid:", gid)
 
 	// Need to clear server's env and set key vars of the
@@ -276,9 +279,9 @@ func runShellAs(who, hname, ttype, cmd string, interactive bool, conn *xsnet.Con
 	// of client shell window used to run client.
 	// Investigate -- rlm 2018-01-26)
 	os.Clearenv()
-	_ = os.Setenv("HOME", u.HomeDir) // nolint: gosec
-	_ = os.Setenv("TERM", ttype)     // nolint: gosec
-	_ = os.Setenv("XS_SESSION", "1") // nolint: gosec
+	_ = os.Setenv("HOME", u.HomeDir)
+	_ = os.Setenv("TERM", ttype)
+	_ = os.Setenv("XS_SESSION", "1")
 
 	var c *exec.Cmd
 
@@ -294,18 +297,18 @@ func runShellAs(who, hname, ttype, cmd string, interactive bool, conn *xsnet.Con
 			// automagically, at the cost of another external tool
 			// dependency.
 			//
-			c = exec.Command(xs.GetTool("login"), "-f", "-p", who) // nolint: gosec
+			c = exec.Command(xs.GetTool("login"), "-f", "-p", who) //nolint:gosec
 		} else {
 			// Using our separate login via local passwd file
 			//
 			// Note we must drop privs ourselves for the user shell
 			//
-			c = exec.Command(xs.GetTool("bash"), "-i", "-l") // nolint: gosec
+			c = exec.Command(xs.GetTool("bash"), "-i", "-l") //nolint:gosec
 			c.SysProcAttr = &syscall.SysProcAttr{}
 			c.SysProcAttr.Credential = &syscall.Credential{Uid: uid, Gid: gid}
 		}
 	} else {
-		c = exec.Command(xs.GetTool("bash"), "-c", cmd) // nolint: gosec
+		c = exec.Command(xs.GetTool("bash"), "-c", cmd) //nolint:gosec
 		c.SysProcAttr = &syscall.SysProcAttr{}
 		c.SysProcAttr.Credential = &syscall.Credential{Uid: uid, Gid: gid}
 	}
@@ -325,7 +328,7 @@ func runShellAs(who, hname, ttype, cmd string, interactive bool, conn *xsnet.Con
 	defer func() {
 		//logger.LogDebug(fmt.Sprintf("[Exited process was %d]", c.Process.Pid))
 		_ = ptmx.Close()
-	}() // nolint: gosec
+	}()
 
 	// get pty info for system accounting (who, lastlog)
 	pts, pe := ptsName(ptmx.Fd())
@@ -345,7 +348,7 @@ func runShellAs(who, hname, ttype, cmd string, interactive bool, conn *xsnet.Con
 		go func() {
 			for sz := range conn.WinCh {
 				log.Printf("[Setting term size to: %v %v]\n", sz.Rows, sz.Cols)
-				pty.Setsize(ptmx, &pty.Winsize{Rows: sz.Rows, Cols: sz.Cols}) // nolint: gosec,errcheck
+				pty.Setsize(ptmx, &pty.Winsize{Rows: sz.Rows, Cols: sz.Cols}) //nolint:errcheck
 			}
 			log.Println("*** WinCh goroutine done ***")
 		}()
@@ -406,7 +409,7 @@ func runShellAs(who, hname, ttype, cmd string, interactive bool, conn *xsnet.Con
 			}
 			conn.SetStatus(xsnet.CSOType(exitStatus))
 		} else {
-			logger.LogDebug("*** Main proc has exited. ***")
+			logger.LogDebug("*** Main proc has exited. ***") //nolint:errcheck
 			// Background jobs still may be running; close the
 			// pty anyway, so the client can return before
 			// wg.Wait() below completes (Issue #18)
@@ -428,8 +431,8 @@ func GenAuthToken(who string, connhost string) string {
 	//}
 	hname := connhost
 
-	token := make([]byte, 64)
-	_, _ = rand.Read(token) // nolint: gosec
+	token := make([]byte, AuthTokenLen)
+	_, _ = rand.Read(token)
 	return fmt.Sprintf("%s:%s:%s", hname, who, hex.EncodeToString(token))
 }
 
@@ -505,7 +508,7 @@ func (a *allowedHMACAlgs) Set(value string) error {
 // daemon dies, all clients will be rudely disconnected.
 // Consider this when planning to restart or upgrade in-place an installation.
 // TODO: reduce gocyclo
-func main() {
+func main() { //nolint:funlen,gocyclo
 	var vopt bool
 	var chaffEnabled bool
 	var chaffFreqMin uint
@@ -518,16 +521,15 @@ func main() {
 
 	flag.BoolVar(&vopt, "v", false, "show version")
 	flag.StringVar(&laddr, "l", ":2000", "interface[:port] to listen")
-	flag.StringVar(&kcpMode, "K", "unused", `set to one of ["KCP_NONE","KCP_AES", "KCP_BLOWFISH", "KCP_CAST5", "KCP_SM4", "KCP_SALSA20", "KCP_SIMPLEXOR", "KCP_TEA", "KCP_3DES", "KCP_TWOFISH", "KCP_XTEA"] to use KCP (github.com/xtaci/kcp-go) reliable UDP instead of TCP`)
+	flag.StringVar(&kcpMode, "K", "unused", `set to one of ["KCP_NONE","KCP_AES", "KCP_BLOWFISH", "KCP_CAST5", "KCP_SM4", "KCP_SALSA20", "KCP_SIMPLEXOR", "KCP_TEA", "KCP_3DES", "KCP_TWOFISH", "KCP_XTEA"] to use KCP (github.com/xtaci/kcp-go) reliable UDP instead of TCP`) //nolint:lll
 	flag.BoolVar(&useSysLogin, "L", false, "use system login")
 	flag.BoolVar(&chaffEnabled, "e", true, "enable chaff pkts")
-	flag.UintVar(&chaffFreqMin, "f", 100, "chaff pkt freq min (msecs)")
-	flag.UintVar(&chaffFreqMax, "F", 5000, "chaff pkt freq max (msecs)")
-	flag.UintVar(&chaffBytesMax, "B", 64, "chaff pkt size max (bytes)")
+	flag.UintVar(&chaffFreqMin, "f", 100, "chaff pkt freq min (msecs)")  //nolint:gomnd
+	flag.UintVar(&chaffFreqMax, "F", 5000, "chaff pkt freq max (msecs)") //nolint:gomnd
+	flag.UintVar(&chaffBytesMax, "B", 64, "chaff pkt size max (bytes)")  //nolint:gomnd
 	flag.BoolVar(&useSystemPasswd, "s", true, "use system shadow passwds")
 	flag.BoolVar(&dbg, "d", false, "debug logging")
-
-	flag.Var(&aKEXAlgs, "aK", "Allowed KEX `alg`s (eg. '-aK KEXAlgA -aK KEXAlgB ...')" + `
+	flag.Var(&aKEXAlgs, "aK", "Allowed KEX `alg`s (eg. '-aK KEXAlgA -aK KEXAlgB ...')"+`
       KEX_all
       KEX_HERRADURA256
       KEX_HERRADURA512
@@ -542,7 +544,7 @@ func main() {
       KEX_FRODOKEM_1344SHAKE
       KEX_FRODOKEM_976AES
       KEX_FRODOKEM_976SHAKE`)
-	flag.Var(&aCipherAlgs, "aC", "Allowed `cipher`s (eg. '-aC CAlgA -aC CAlgB ...')" + `
+	flag.Var(&aCipherAlgs, "aC", "Allowed `cipher`s (eg. '-aC CAlgA -aC CAlgB ...')"+`
       C_all
       C_AES_256
       C_TWOFISH_128
@@ -550,7 +552,7 @@ func main() {
       C_CRYPTMT1
       C_HOPSCOTCH
       C_CHACHA20_12`)
-	flag.Var(&aHMACAlgs, "aH", "Allowed `HMAC`s (eg. '-aH HMACAlgA -aH HMACAlgB ...')" + `
+	flag.Var(&aHMACAlgs, "aH", "Allowed `HMAC`s (eg. '-aH HMACAlgA -aH HMACAlgB ...')"+`
       H_all
       H_SHA256
       H_SHA512`)
@@ -570,7 +572,7 @@ func main() {
 	}
 
 	// Enforce some sane min/max vals on chaff flags
-	if chaffFreqMin < 2 {
+	if chaffFreqMin < 2 { //nolint:gomnd
 		chaffFreqMin = 2
 	}
 	if chaffFreqMax == 0 {
@@ -580,49 +582,49 @@ func main() {
 		chaffBytesMax = 64
 	}
 
-	Log, _ = logger.New(logger.LOG_DAEMON|logger.LOG_DEBUG|logger.LOG_NOTICE|logger.LOG_ERR, "xsd") // nolint: gosec
+	Log, _ = logger.New(logger.LOG_DAEMON|logger.LOG_DEBUG|logger.LOG_NOTICE|logger.LOG_ERR, "xsd")
 	xsnet.Init(dbg, "xsd", logger.LOG_DAEMON|logger.LOG_DEBUG|logger.LOG_NOTICE|logger.LOG_ERR)
 	if dbg {
 		log.SetOutput(Log)
 	} else {
-		log.SetOutput(ioutil.Discard)
+		log.SetOutput(io.Discard)
 	}
 
 	// Set up allowed algs, if specified (default allow all)
 	if len(aKEXAlgs) == 0 {
 		aKEXAlgs = []string{"none"}
 	}
-	logger.LogNotice(fmt.Sprintf("Allowed KEXAlgs: %v\n", aKEXAlgs)) // nolint: gosec,errcheck
+	logger.LogNotice(fmt.Sprintf("Allowed KEXAlgs: %v\n", aKEXAlgs)) //nolint:errcheck
 
 	if len(aCipherAlgs) == 0 {
 		aCipherAlgs = []string{"none"}
 	}
-	logger.LogNotice(fmt.Sprintf("Allowed CipherAlgs: %v\n", aCipherAlgs)) // nolint: gosec,errcheck
+	logger.LogNotice(fmt.Sprintf("Allowed CipherAlgs: %v\n", aCipherAlgs)) //nolint:errcheck
 
 	if len(aHMACAlgs) == 0 {
 		aHMACAlgs = []string{"none"}
 	}
-	logger.LogNotice(fmt.Sprintf("Allowed HMACAlgs: %v\n", aHMACAlgs)) // nolint: gosec,errcheck
+	logger.LogNotice(fmt.Sprintf("Allowed HMACAlgs: %v\n", aHMACAlgs)) //nolint:errcheck
 
 	// Set up handler for daemon signalling
 	exitCh := make(chan os.Signal, 1)
-	signal.Notify(exitCh, os.Signal(syscall.SIGTERM), os.Signal(syscall.SIGINT), os.Signal(syscall.SIGHUP), os.Signal(syscall.SIGUSR1), os.Signal(syscall.SIGUSR2))
+	signal.Notify(exitCh, os.Signal(syscall.SIGTERM), os.Signal(syscall.SIGINT), os.Signal(syscall.SIGHUP), os.Signal(syscall.SIGUSR1), os.Signal(syscall.SIGUSR2)) //nolint:lll
 	go func() {
 		for {
 			sig := <-exitCh
 			switch sig.String() {
 			case "terminated":
-				logger.LogNotice(fmt.Sprintf("[Got signal: %s]", sig)) // nolint: gosec,errcheck
+				logger.LogNotice(fmt.Sprintf("[Got signal: %s]", sig)) //nolint:errcheck
 				signal.Reset()
-				syscall.Kill(0, syscall.SIGTERM) // nolint: gosec,errcheck
+				syscall.Kill(0, syscall.SIGTERM) //nolint:errcheck
 			case "interrupt":
-				logger.LogNotice(fmt.Sprintf("[Got signal: %s]", sig)) // nolint: gosec,errcheck
+				logger.LogNotice(fmt.Sprintf("[Got signal: %s]", sig)) //nolint:errcheck
 				signal.Reset()
-				syscall.Kill(0, syscall.SIGINT) // nolint: gosec,errcheck
+				syscall.Kill(0, syscall.SIGINT) //nolint:errcheck
 			case "hangup":
-				logger.LogNotice(fmt.Sprintf("[Got signal: %s - nop]", sig)) // nolint:gosec,errcheck
+				logger.LogNotice(fmt.Sprintf("[Got signal: %s - nop]", sig)) //nolint:errcheck
 			default:
-				logger.LogNotice(fmt.Sprintf("[Got signal: %s - ignored]", sig)) // nolint: gosec,errcheck
+				logger.LogNotice(fmt.Sprintf("[Got signal: %s - ignored]", sig)) //nolint:errcheck
 			}
 		}
 	}()
@@ -635,7 +637,7 @@ func main() {
 	if err != nil {
 		log.Fatal(err)
 	}
-	defer l.Close() // nolint: errcheck
+	defer l.Close()
 
 	log.Println("Serving on", laddr)
 	for {
@@ -669,12 +671,12 @@ func main() {
 				// The loop then returns to accepting, so that
 				// multiple connections may be served concurrently.
 				go func(hc *xsnet.Conn) (e error) {
-					defer hc.Close() // nolint: errcheck
+					defer hc.Close()
 
 					// Start login timeout here and disconnect if user/pass phase stalls
-					loginTimeout := time.AfterFunc(30*time.Second, func() {
-						logger.LogNotice(fmt.Sprintln("Login timed out")) // nolint: errcheck,gosec
-						hc.Write([]byte{0})                               // nolint: gosec,errcheck
+					loginTimeout := time.AfterFunc(LoginTimeoutSecs*time.Second, func() {
+						logger.LogNotice(fmt.Sprintln("Login timed out")) //nolint:errcheck
+						hc.Write([]byte{0})                               //nolint:errcheck
 						hc.Close()
 					})
 
@@ -763,10 +765,10 @@ func main() {
 
 					// Tell client if auth was valid
 					if valid {
-						hc.Write([]byte{1}) // nolint: gosec,errcheck
+						hc.Write([]byte{1}) //nolint:errcheck
 					} else {
-						logger.LogNotice(fmt.Sprintln("Invalid user", string(rec.Who()))) // nolint: errcheck,gosec
-						hc.Write([]byte{0})                                               // nolint: gosec,errcheck
+						logger.LogNotice(fmt.Sprintln("Invalid user", string(rec.Who()))) //nolint:errcheck
+						hc.Write([]byte{0})                                               //nolint:errcheck
 						return
 					}
 
@@ -776,15 +778,15 @@ func main() {
 						// Generate automated login token
 						addr := hc.RemoteAddr()
 						hname := goutmp.GetHost(addr.String())
-						logger.LogNotice(fmt.Sprintf("[Generating autologin token for [%s@%s]]\n", rec.Who(), hname)) // nolint: gosec,errcheck
+						logger.LogNotice(fmt.Sprintf("[Generating autologin token for [%s@%s]]\n", rec.Who(), hname)) //nolint:errcheck
 						token := GenAuthToken(string(rec.Who()), string(rec.ConnHost()))
-						tokenCmd := fmt.Sprintf("echo \"%s\" | tee -a ~/.xs_id", token)
+						tokenCmd := fmt.Sprintf("echo %q | tee -a ~/.xs_id", token)
 						cmdStatus, runErr := runShellAs(string(rec.Who()), hname, string(rec.TermType()), tokenCmd, false, hc, chaffEnabled)
 						// Returned hopefully via an EOF or exit/logout;
 						// Clear current op so user can enter next, or EOF
 						rec.SetOp([]byte{0})
 						if runErr != nil {
-							logger.LogErr(fmt.Sprintf("[Error generating autologin token for %s@%s]\n", rec.Who(), hname)) // nolint: gosec,errcheck
+							logger.LogErr(fmt.Sprintf("[Error generating autologin token for %s@%s]\n", rec.Who(), hname)) //nolint:errcheck
 						} else {
 							log.Printf("[Autologin token generation completed for %s@%s, status %d]\n", rec.Who(), hname, cmdStatus)
 							hc.SetStatus(xsnet.CSOType(cmdStatus))
@@ -793,31 +795,31 @@ func main() {
 						// Non-interactive command
 						addr := hc.RemoteAddr()
 						hname := goutmp.GetHost(addr.String())
-						logger.LogNotice(fmt.Sprintf("[Running command for [%s@%s]]\n", rec.Who(), hname)) // nolint: gosec,errcheck
+						logger.LogNotice(fmt.Sprintf("[Running command for [%s@%s]]\n", rec.Who(), hname)) //nolint:errcheck
 						cmdStatus, runErr := runShellAs(string(rec.Who()), hname, string(rec.TermType()), string(rec.Cmd()), false, hc, chaffEnabled)
 						// Returned hopefully via an EOF or exit/logout;
 						// Clear current op so user can enter next, or EOF
 						rec.SetOp([]byte{0})
 						if runErr != nil {
-							logger.LogErr(fmt.Sprintf("[Error spawning cmd for %s@%s]\n", rec.Who(), hname)) // nolint: gosec,errcheck
+							logger.LogErr(fmt.Sprintf("[Error spawning cmd for %s@%s]\n", rec.Who(), hname)) //nolint:errcheck
 						} else {
-							logger.LogNotice(fmt.Sprintf("[Command completed for %s@%s, status %d]\n", rec.Who(), hname, cmdStatus)) // nolint: gosec,errcheck
+							logger.LogNotice(fmt.Sprintf("[Command completed for %s@%s, status %d]\n", rec.Who(), hname, cmdStatus)) //nolint:errcheck
 							hc.SetStatus(xsnet.CSOType(cmdStatus))
 						}
 					} else if rec.Op()[0] == 's' {
 						// Interactive session
 						addr := hc.RemoteAddr()
 						hname := goutmp.GetHost(addr.String())
-						logger.LogNotice(fmt.Sprintf("[Running shell for [%s@%s]]\n", rec.Who(), hname)) // nolint: gosec,errcheck
+						logger.LogNotice(fmt.Sprintf("[Running shell for [%s@%s]]\n", rec.Who(), hname)) //nolint:errcheck
 
 						cmdStatus, runErr := runShellAs(string(rec.Who()), hname, string(rec.TermType()), string(rec.Cmd()), true, hc, chaffEnabled)
 						// Returned hopefully via an EOF or exit/logout;
 						// Clear current op so user can enter next, or EOF
 						rec.SetOp([]byte{0})
 						if runErr != nil {
-							Log.Err(fmt.Sprintf("[Error spawning shell for %s@%s]\n", rec.Who(), hname)) // nolint: gosec,errcheck
+							Log.Err(fmt.Sprintf("[Error spawning shell for %s@%s]\n", rec.Who(), hname)) //nolint:errcheck
 						} else {
-							logger.LogNotice(fmt.Sprintf("[Shell completed for %s@%s, status %d]\n", rec.Who(), hname, cmdStatus)) // nolint: gosec,errcheck
+							logger.LogNotice(fmt.Sprintf("[Shell completed for %s@%s, status %d]\n", rec.Who(), hname, cmdStatus)) //nolint:errcheck
 							hc.SetStatus(xsnet.CSOType(cmdStatus))
 						}
 					} else if rec.Op()[0] == 'D' {
@@ -825,41 +827,41 @@ func main() {
 						log.Printf("[Client->Server copy]\n")
 						addr := hc.RemoteAddr()
 						hname := goutmp.GetHost(addr.String())
-						logger.LogNotice(fmt.Sprintf("[c->s copy for %s@%s]\n", rec.Who(), hname)) // nolint: gosec,errcheck
+						logger.LogNotice(fmt.Sprintf("[c->s copy for %s@%s]\n", rec.Who(), hname)) //nolint:errcheck
 						cmdStatus, runErr := runClientToServerCopyAs(string(rec.Who()), string(rec.TermType()), hc, string(rec.Cmd()), chaffEnabled)
 						// Returned hopefully via an EOF or exit/logout;
 						// Clear current op so user can enter next, or EOF
 						rec.SetOp([]byte{0})
 						if runErr != nil {
-							logger.LogErr(fmt.Sprintf("[c->s copy error for %s@%s]\n", rec.Who(), hname)) // nolint: gosec,errcheck
+							logger.LogErr(fmt.Sprintf("[c->s copy error for %s@%s]\n", rec.Who(), hname)) //nolint:errcheck
 						} else {
-							logger.LogNotice(fmt.Sprintf("[c->s copy completed for %s@%s, status %d]\n", rec.Who(), hname, cmdStatus)) // nolint: gosec,errcheck
+							logger.LogNotice(fmt.Sprintf("[c->s copy completed for %s@%s, status %d]\n", rec.Who(), hname, cmdStatus)) //nolint:errcheck
 						}
 						// TODO: Test this with huge files.. see Bug #22 - do we need to
 						//   sync w/sender (client) that we've gotten all data?
 						hc.SetStatus(xsnet.CSOType(cmdStatus))
 
 						// Send CSOExitStatus *before* client closes channel
-						s := make([]byte, 4)
+						s := make([]byte, 4) //nolint:gomnd
 						binary.BigEndian.PutUint32(s, cmdStatus)
 						log.Printf("** cp writing closeStat %d at Close()\n", cmdStatus)
-						hc.WritePacket(s, xsnet.CSOExitStatus) // nolint: gosec,errcheck
+						hc.WritePacket(s, xsnet.CSOExitStatus) //nolint:errcheck
 					} else if rec.Op()[0] == 'S' {
 						// File copy (src) operation - server copy to client
 						log.Printf("[Server->Client copy]\n")
 						addr := hc.RemoteAddr()
 						hname := goutmp.GetHost(addr.String())
-						logger.LogNotice(fmt.Sprintf("[s->c copy for %s@%s]\n", rec.Who(), hname)) // nolint: gosec,errcheck
+						logger.LogNotice(fmt.Sprintf("[s->c copy for %s@%s]\n", rec.Who(), hname)) //nolint:errcheck
 						cmdStatus, runErr := runServerToClientCopyAs(string(rec.Who()), string(rec.TermType()), hc, string(rec.Cmd()), chaffEnabled)
 						if runErr != nil {
-							logger.LogErr(fmt.Sprintf("[s->c copy error for %s@%s]\n", rec.Who(), hname)) // nolint: gosec,errcheck
+							logger.LogErr(fmt.Sprintf("[s->c copy error for %s@%s]\n", rec.Who(), hname)) //nolint:errcheck
 						} else {
 							// Returned hopefully via an EOF or exit/logout;
-							logger.LogNotice(fmt.Sprintf("[s->c copy completed for %s@%s, status %d]\n", rec.Who(), hname, cmdStatus)) // nolint: gosec,errcheck
+							logger.LogNotice(fmt.Sprintf("[s->c copy completed for %s@%s, status %d]\n", rec.Who(), hname, cmdStatus)) //nolint:errcheck
 						}
 						// HACK: Bug #22: (xc) Need to wait for rcvr to get final data
 						// TODO: Await specific msg from client to inform they have gotten all data from the tarpipe
-						time.Sleep(time.Duration(900 * time.Millisecond)) // Let rcvr set this on setup?
+						time.Sleep(900 * time.Millisecond) //nolint:gomnd // Let rcvr set this on setup?
 
 						// Clear current op so user can enter next, or EOF
 						rec.SetOp([]byte{0})
@@ -868,12 +870,12 @@ func main() {
 						//_, _ = hc.Read(nil /*ackByte*/)
 						//fmt.Println("Got remote end ack.")
 					} else {
-						logger.LogErr(fmt.Sprintln("[Bad xs.Session]")) // nolint: gosec,errcheck
+						logger.LogErr(fmt.Sprintln("[Bad xs.Session]")) //nolint:errcheck
 					}
 					return
-				}(&conn) // nolint: errcheck
+				}(&conn) //nolint:errcheck
 			} // algs valid and not blacklisted
 		} // Accept() success
 	} //endfor
-	//logger.LogNotice(fmt.Sprintln("[Exiting]")) // nolint: gosec,errcheck
+	//logger.LogNotice(fmt.Sprintln("[Exiting]")) //nolint:errcheck
 }