Add and fix gosec

This commit is contained in:
Kristoffer Dalby 2021-11-15 18:31:52 +00:00
parent 715542ac1c
commit c4d4c9c4e4
No known key found for this signature in database
GPG key ID: 09F62DC067465735
5 changed files with 10 additions and 9 deletions

View file

@ -32,7 +32,6 @@ linters:
- wrapcheck
- goerr113
- forcetypeassert
- gosec
- forbidigo
- dupl
- makezero

10
app.go
View file

@ -638,10 +638,12 @@ func (h *Headscale) getTLSSettings() (*tls.Config, error) {
if !strings.HasPrefix(h.cfg.ServerURL, "https://") {
log.Warn().Msg("Listening with TLS but ServerURL does not start with https://")
}
tlsConfig := &tls.Config{}
tlsConfig.ClientAuth = tls.RequireAnyClientCert
tlsConfig.NextProtos = []string{"http/1.1"}
tlsConfig.Certificates = make([]tls.Certificate, 1)
tlsConfig := &tls.Config{
ClientAuth: tls.RequireAnyClientCert,
NextProtos: []string{"http/1.1"},
Certificates: make([]tls.Certificate, 1),
MinVersion: tls.VersionTLS12,
}
tlsConfig.Certificates[0], err = tls.LoadX509KeyPair(h.cfg.TLSCertPath, h.cfg.TLSKeyPath)
return tlsConfig, err

View file

@ -100,7 +100,7 @@ func (*Suite) TestDNSConfigLoading(c *check.C) {
func writeConfig(c *check.C, tmpDir string, configYaml []byte) {
// Populate a custom config file
configFile := filepath.Join(tmpDir, "config.yaml")
err := ioutil.WriteFile(configFile, configYaml, 0o644)
err := ioutil.WriteFile(configFile, configYaml, 0o600)
if err != nil {
c.Fatalf("Couldn't write file %s", configFile)
}

View file

@ -70,7 +70,7 @@ func (h *Headscale) DestroyNamespace(name string) error {
return err
}
for _, key := range keys {
err = h.DestroyPreAuthKey(&key)
err = h.DestroyPreAuthKey(key)
if err != nil {
return err
}

View file

@ -95,8 +95,8 @@ func (h *Headscale) GetPreAuthKey(namespace string, key string) (*PreAuthKey, er
// DestroyPreAuthKey destroys a preauthkey. Returns error if the PreAuthKey
// does not exist.
func (h *Headscale) DestroyPreAuthKey(pak *PreAuthKey) error {
if result := h.db.Unscoped().Delete(&pak); result.Error != nil {
func (h *Headscale) DestroyPreAuthKey(pak PreAuthKey) error {
if result := h.db.Unscoped().Delete(pak); result.Error != nil {
return result.Error
}