+ Add a lock to the keycache.
+ Ensure that all instantiations of keycaches use New, rather
than the old keycache.Cache{make()} construct. This no longer
works with the lock in place.
+ Update travis to run the race detector on a few specific packages
that should help identify this type of problem in the future.
This is a rather large change. It consists of the following changes:
+ Direct access to the keycache has been removed from the core
package. This forces all interaction with the cache to go
through the Cryptor, which is required for persistence. The
Cryptor needs to know when the cache has changed, and the only
way to do this effectively is to make the Cryptor responsible
for managing the keycache.
+ A new persist package has been added. This provides a Store
interface, for which two implementations are provided. The
first is a null persister: this is used when no persistence
is configured. The second is a file-backed persistence store.
+ The Cryptor now persists the cache every time it changes.
Additionally, a number of missing returns in a function in the core
package have been added.
The keycache does not remove active delegations when uses drops to zero;
rather it only removes these when Refresh is called.
So Valid returns true even if the user's delegation has expired,
so fullMatch is not set to false in unwrapKey,
so DecryptKey fails since the keycache refreshes and finds the delegation has expired,
so tmpKeyValue is left empty and decryptErr is set.
Since decryptErr is only used to break out of the inner loop, and
fullMatch wasn't set to false, no error is returned from unwrapKey.
So aesKey in DecryptKey is an empty string, causing an error when
passed to aes.NewCipher.
This commit actively removes a delegation from the keycache when it
is used for the last time, and properly handles errors thrown by
DecryptKey in unwrapKey.
The idea is to create a new type (to avoid ugly string parsing) and
then, instead of iterating through delegations with the username, iterate
through the delegations and look for your username and matching slot. Also
in cases we don't have the slot (everything but delegation), find the slot
when we match a user.
