Skip to content

Commit

Permalink
Secure DefaultServerTLSConfig
Browse files Browse the repository at this point in the history 
Followup of onflow#944: DefaultServerTLSConfig is unused, but will be in a further PR (onflow#989)
Fix an insecurity, allowing for a TLS [MinVersion == 1.0](https://github.com/golang/go/blob/e3176bbc3ec7ab3889f02432f6fd088c90fc12dd/src/crypto/tls/common.go#L685) (CWE 295)
Use gosec (through golang-ci) to prohibit that error.
  • Loading branch information
@huitseeker
huitseeker committed Jul 27, 2021
1 parent 7763000 commit 5ab2a15
Showing 1 changed file with 7 additions and 0 deletions.
7 changes: 7 additions & 0 deletions .golangci.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -9,6 +9,13 @@ linters-settings:
# it's a comma-separated list of prefixes
local-prefixes: github.com/onflow/flow-go

gosec:
# To select a subset of rules to run.
# Available rules: https://github.com/securego/gosec#available-rules
includes:
- G402

linters:
enable:
- goimports
- gosec

0 comments on commit 5ab2a15

Please sign in to comment.