Skip to content

Commit

Permalink
Merge pull request #420 from NikitaSkrynnik/tls12
Browse files Browse the repository at this point in the history 
Set minumum TLS version to 1.2
  • Loading branch information
@denis-tingaikin
denis-tingaikin authored May 29, 2022
2 parents fa14d2d + b181c18 commit 5aeb966
Show file tree
Hide file tree
Showing 3 changed files with 12 additions and 3 deletions.
4 changes: 3 additions & 1 deletion internal/imports/gen.go
View file
Original file line number Diff line number Diff line change
@@ -1,5 +1,7 @@
// Copyright (c) 2021 Doc.ai and/or its affiliates.
//
// Copyright (c) 2022 Cisco and/or its affiliates.
//
// SPDX-License-Identifier: Apache-2.0
//
// Licensed under the Apache License, Version 2.0 (the "License");
Expand All @@ -18,5 +20,5 @@
package imports

//go:generate bash -c "rm -rf imports*.go"
//go:generate bash -c "cd $(mktemp -d) && GO111MODULE=on go get github.com/edwarnicke/imports-gen@v1.1.2"
//go:generate bash -c "cd $(mktemp -d) && GO111MODULE=on go install github.com/edwarnicke/imports-gen@v1.1.2"
//go:generate bash -c "GOOS=linux ${GOPATH}/bin/imports-gen"
1 change: 1 addition & 0 deletions internal/imports/imports_linux.go
View file

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

10 changes: 8 additions & 2 deletions main.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -21,6 +21,7 @@ package main

import (
"context"
"crypto/tls"
"io/ioutil"
"net"
"net/url"
Expand Down Expand Up @@ -164,6 +165,11 @@ func main() {
}
log.FromContext(ctx).Infof("SVID: %q", svid.ID)

tlsClientConfig := tlsconfig.MTLSClientConfig(source, source, tlsconfig.AuthorizeAny())
tlsClientConfig.MinVersion = tls.VersionTLS12
tlsServerConfig := tlsconfig.MTLSServerConfig(source, source, tlsconfig.AuthorizeAny())
tlsServerConfig.MinVersion = tls.VersionTLS12

// ********************************************************************************
log.FromContext(ctx).Infof("executing phase 3: creating icmp server ipam")
// ********************************************************************************
Expand Down Expand Up @@ -203,7 +209,7 @@ func main() {
grpc.Creds(
grpcfd.TransportCredentials(
credentials.NewTLS(
tlsconfig.MTLSServerConfig(source, source, tlsconfig.AuthorizeAny()),
tlsServerConfig,
),
),
),
Expand Down Expand Up @@ -232,7 +238,7 @@ func main() {
grpc.WithTransportCredentials(
grpcfd.TransportCredentials(
credentials.NewTLS(
tlsconfig.MTLSClientConfig(source, source, tlsconfig.AuthorizeAny()),
tlsClientConfig,
),
),
),
Expand Down

0 comments on commit 5aeb966

Please sign in to comment.