From f4fcd0c67c727f3e60d0d96b7a045b2ce0a0597a Mon Sep 17 00:00:00 2001
From: Daniel <dhaavi@users.noreply.github.com>
Date: Fri, 10 Jul 2020 11:46:59 +0200
Subject: [PATCH 1/4] Add Path to Token Cookie

From PR Review https://github.com/safing/portbase/pull/55
---
 api/authentication.go | 1 +
 1 file changed, 1 insertion(+)

diff --git a/api/authentication.go b/api/authentication.go
index 8e48d71..97c86c8 100644
--- a/api/authentication.go
+++ b/api/authentication.go
@@ -114,6 +114,7 @@ func authMiddleware(next http.Handler) http.Handler {
 		http.SetCookie(w, &http.Cookie{
 			Name:     cookieName,
 			Value:    tokenString,
+			Path:     "/",
 			HttpOnly: true,
 			SameSite: http.SameSiteStrictMode,
 			MaxAge:   int(cookieTTL.Seconds()),

From 5f2c861e2d0b32ae271f26d6fe6d830bc198c318 Mon Sep 17 00:00:00 2001
From: Daniel <dhaavi@users.noreply.github.com>
Date: Fri, 10 Jul 2020 11:48:50 +0200
Subject: [PATCH 2/4] Move forceCnt into the goroutine

From PR Review https://github.com/safing/portbase/pull/56
---
 run/main.go | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/run/main.go b/run/main.go
index a319e08..f7c92be 100644
--- a/run/main.go
+++ b/run/main.go
@@ -74,9 +74,9 @@ signalLoop:
 			fmt.Println(" <INTERRUPT>")
 			log.Warning("main: program was interrupted, shutting down.")
 
-			forceCnt := 5
 			// catch signals during shutdown
 			go func() {
+				forceCnt := 5
 				for {
 					<-signalCh
 					forceCnt--

From eb0cbf58a8ce49370f238aa42672154583d2ee8a Mon Sep 17 00:00:00 2001
From: Daniel <dhaavi@users.noreply.github.com>
Date: Fri, 10 Jul 2020 12:02:55 +0200
Subject: [PATCH 3/4] Rename Cnt() to Size() and split up tests

From PR Review https://github.com/safing/portbase/pull/57
---
 utils/stablepool.go      | 4 ++--
 utils/stablepool_test.go | 9 ++++++---
 2 files changed, 8 insertions(+), 5 deletions(-)

diff --git a/utils/stablepool.go b/utils/stablepool.go
index 68fb605..d253d65 100644
--- a/utils/stablepool.go
+++ b/utils/stablepool.go
@@ -104,8 +104,8 @@ func (p *StablePool) Get() interface{} {
 	return nil
 }
 
-// Cnt returns the amount of items the pool currently holds.
-func (p *StablePool) Cnt() int {
+// Size returns the amount of items the pool currently holds.
+func (p *StablePool) Size() int {
 	p.lock.Lock()
 	defer p.lock.Unlock()
 
diff --git a/utils/stablepool_test.go b/utils/stablepool_test.go
index c3ffb7e..32d69d1 100644
--- a/utils/stablepool_test.go
+++ b/utils/stablepool_test.go
@@ -9,8 +9,7 @@ import (
 	"github.com/stretchr/testify/assert"
 )
 
-func TestStablePool(t *testing.T) {
-
+func TestStablePoolRealWorld(t *testing.T) {
 	// "real world" simulation
 
 	cnt := 0
@@ -55,7 +54,7 @@ func TestStablePool(t *testing.T) {
 		// wait for round to finish
 		testWorkerWg.Wait()
 	}
-	t.Logf("real world simulation: cnt=%d p.cnt=%d p.max=%d\n", cnt, testPool.Cnt(), testPool.Max())
+	t.Logf("real world simulation: cnt=%d p.cnt=%d p.max=%d\n", cnt, testPool.Size(), testPool.Max())
 	assert.GreaterOrEqual(t, 200, cnt, "should not use more than 200 values")
 	assert.GreaterOrEqual(t, 100, testPool.Max(), "pool should have at most this max size")
 
@@ -71,7 +70,9 @@ func TestStablePool(t *testing.T) {
 		}
 	}
 	assert.Equal(t, 100, optPool.Max(), "pool should have exactly this max size")
+}
 
+func TestStablePoolFuzzing(t *testing.T) {
 	// fuzzing test
 
 	fuzzPool := &StablePool{}
@@ -97,7 +98,9 @@ func TestStablePool(t *testing.T) {
 	fuzzWg.Done()
 	// wait for all to finish
 	fuzzWorkerWg.Wait()
+}
 
+func TestStablePoolBreaking(t *testing.T) {
 	// try to break it
 
 	breakPool := &StablePool{}

From 2fa29789de3b54c523f2c8238cf4ce8de90dd5e2 Mon Sep 17 00:00:00 2001
From: Daniel <dhaavi@users.noreply.github.com>
Date: Fri, 10 Jul 2020 13:21:10 +0200
Subject: [PATCH 4/4] Improve authenticator error handling

From PR Review https://github.com/safing/portbase/pull/59
---
 api/authentication.go | 2 +-
 api/main.go           | 3 ++-
 2 files changed, 3 insertions(+), 2 deletions(-)

diff --git a/api/authentication.go b/api/authentication.go
index 97c86c8..a7c2232 100644
--- a/api/authentication.go
+++ b/api/authentication.go
@@ -38,7 +38,7 @@ type Authenticator func(ctx context.Context, s *http.Server, r *http.Request) (e
 // SetAuthenticator sets an authenticator function for the API endpoint. If none is set, all requests will be permitted.
 func SetAuthenticator(fn Authenticator) error {
 	if module.Online() {
-		return ErrAuthenticationAlreadySet
+		return ErrAuthenticationImmutable
 	}
 
 	authFnLock.Lock()
diff --git a/api/main.go b/api/main.go
index e022f89..9b7fdc3 100644
--- a/api/main.go
+++ b/api/main.go
@@ -14,7 +14,8 @@ var (
 
 // API Errors
 var (
-	ErrAuthenticationAlreadySet = errors.New("the authentication function has already been set (or must be set earlier)")
+	ErrAuthenticationAlreadySet = errors.New("the authentication function has already been set")
+	ErrAuthenticationImmutable  = errors.New("the authentication function can only be set before the api has started")
 )
 
 func init() {