devproje/headscale
1
0
Fork 0
mirror of https://github.com/juanfont/headscale.git synced 2024-11-26 08:53:05 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 1

Add and fix gosec

Browse source
This commit is contained in:
Kristoffer Dalby 2021-11-15 18:31:52 +00:00
parent 715542ac1c
commit c4d4c9c4e4
No known key found for this signature in database
GPG key ID: 09F62DC067465735
5 changed files with 10 additions and 9 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

1
.golangci.yaml
View file

@ -32,7 +32,6 @@ linters:
- wrapcheck - wrapcheck
- goerr113 - goerr113
- forcetypeassert - forcetypeassert
- gosec
- forbidigo - forbidigo
- dupl - dupl
- makezero - makezero

10
app.go
View file

@ -638,10 +638,12 @@ func (h *Headscale) getTLSSettings() (*tls.Config, error) {
if !strings.HasPrefix(h.cfg.ServerURL, "https://") { if !strings.HasPrefix(h.cfg.ServerURL, "https://") {
log.Warn().Msg("Listening with TLS but ServerURL does not start with https://") log.Warn().Msg("Listening with TLS but ServerURL does not start with https://")
} }
tlsConfig := &tls.Config{} tlsConfig := &tls.Config{
tlsConfig.ClientAuth = tls.RequireAnyClientCert ClientAuth: tls.RequireAnyClientCert,
tlsConfig.NextProtos = []string{"http/1.1"} NextProtos: []string{"http/1.1"},
tlsConfig.Certificates = make([]tls.Certificate, 1) Certificates: make([]tls.Certificate, 1),
MinVersion: tls.VersionTLS12,
}
tlsConfig.Certificates[0], err = tls.LoadX509KeyPair(h.cfg.TLSCertPath, h.cfg.TLSKeyPath) tlsConfig.Certificates[0], err = tls.LoadX509KeyPair(h.cfg.TLSCertPath, h.cfg.TLSKeyPath)
return tlsConfig, err return tlsConfig, err

2
cmd/headscale/headscale_test.go
View file

@ -100,7 +100,7 @@ func (*Suite) TestDNSConfigLoading(c *check.C) {
func writeConfig(c *check.C, tmpDir string, configYaml []byte) { func writeConfig(c *check.C, tmpDir string, configYaml []byte) {
// Populate a custom config file // Populate a custom config file
configFile := filepath.Join(tmpDir, "config.yaml") configFile := filepath.Join(tmpDir, "config.yaml")
err := ioutil.WriteFile(configFile, configYaml, 0o644) err := ioutil.WriteFile(configFile, configYaml, 0o600)
if err != nil { if err != nil {
c.Fatalf("Couldn't write file %s", configFile) c.Fatalf("Couldn't write file %s", configFile)
} }

2
namespaces.go
View file

@ -70,7 +70,7 @@ func (h *Headscale) DestroyNamespace(name string) error {
return err return err
} }
for _, key := range keys { for _, key := range keys {
err = h.DestroyPreAuthKey(&key) err = h.DestroyPreAuthKey(key)
if err != nil { if err != nil {
return err return err
} }

4
preauth_keys.go
View file

@ -95,8 +95,8 @@ func (h *Headscale) GetPreAuthKey(namespace string, key string) (*PreAuthKey, er
// DestroyPreAuthKey destroys a preauthkey. Returns error if the PreAuthKey // DestroyPreAuthKey destroys a preauthkey. Returns error if the PreAuthKey
// does not exist. // does not exist.
func (h *Headscale) DestroyPreAuthKey(pak *PreAuthKey) error { func (h *Headscale) DestroyPreAuthKey(pak PreAuthKey) error {
if result := h.db.Unscoped().Delete(&pak); result.Error != nil { if result := h.db.Unscoped().Delete(pak); result.Error != nil {
return result.Error return result.Error
} }