From 0f1c8e10081ee09c442941bd8d4cfe49841aee4f Mon Sep 17 00:00:00 2001 From: Nikita Skrynnik Date: Wed, 18 May 2022 22:24:47 +0700 Subject: [PATCH 1/4] add tls 1.2 Signed-off-by: Nikita Skrynnik --- main.go | 10 ++++++++-- 1 file changed, 8 insertions(+), 2 deletions(-) diff --git a/main.go b/main.go index 7fe6b26..c1e5b32 100644 --- a/main.go +++ b/main.go @@ -22,6 +22,7 @@ package main import ( "context" + "crypto/tls" "net" "net/url" "os" @@ -145,6 +146,11 @@ func main() { } logger.Infof("sVID: %q", svid.ID) + tlsClientConfig := tlsconfig.MTLSClientConfig(source, source, tlsconfig.AuthorizeAny()) + tlsClientConfig.MinVersion = tls.VersionTLS12 + tlsServerConfig := tlsconfig.MTLSServerConfig(source, source, tlsconfig.AuthorizeAny()) + tlsServerConfig.MinVersion = tls.VersionTLS12 + // ******************************************************************************** log.FromContext(ctx).Infof("executing phase 3: parsing network prefixes for ipam") // ******************************************************************************** @@ -174,7 +180,7 @@ func main() { serverCreds := grpc.Creds( grpcfd.TransportCredentials( credentials.NewTLS( - tlsconfig.MTLSServerConfig(source, source, tlsconfig.AuthorizeAny()), + tlsServerConfig, ), ), ) @@ -202,7 +208,7 @@ func main() { grpc.WithTransportCredentials( grpcfd.TransportCredentials( credentials.NewTLS( - tlsconfig.MTLSClientConfig(source, source, tlsconfig.AuthorizeAny()), + tlsClientConfig, ), ), ), From 6a44a476c7e88f698030a629812b03e3ba1287ac Mon Sep 17 00:00:00 2001 From: Nikita Skrynnik Date: Mon, 23 May 2022 23:51:06 +0700 Subject: [PATCH 2/4] fix ci Signed-off-by: Nikita Skrynnik --- internal/pkg/imports/gen.go | 2 +- internal/pkg/imports/imports_linux.go | 2 ++ 2 files changed, 3 insertions(+), 1 deletion(-) diff --git a/internal/pkg/imports/gen.go b/internal/pkg/imports/gen.go index 8119a54..7d0cbc6 100644 --- a/internal/pkg/imports/gen.go +++ b/internal/pkg/imports/gen.go @@ -18,5 +18,5 @@ package imports //go:generate bash -c "rm -rf imports*.go" -//go:generate bash -c "cd $(mktemp -d) && GO111MODULE=on go get github.com/edwarnicke/imports-gen@v1.1.0" +//go:generate bash -c "cd $(mktemp -d) && GO111MODULE=on go install github.com/edwarnicke/imports-gen@v1.1.0" //go:generate bash -c "GOOS=linux ${GOPATH}/bin/imports-gen" diff --git a/internal/pkg/imports/imports_linux.go b/internal/pkg/imports/imports_linux.go index 9c54d65..f50ec56 100644 --- a/internal/pkg/imports/imports_linux.go +++ b/internal/pkg/imports/imports_linux.go @@ -3,6 +3,8 @@ package imports import ( _ "context" + _ "crypto/tls" + _ "fmt" _ "github.com/antonfisher/nested-logrus-formatter" _ "github.com/edwarnicke/grpcfd" _ "github.com/golang/protobuf/ptypes/empty" From 0222962e0643aebbd36a17a0100427d284f003cd Mon Sep 17 00:00:00 2001 From: Nikita Skrynnik Date: Mon, 23 May 2022 23:54:46 +0700 Subject: [PATCH 3/4] go generate Signed-off-by: Nikita Skrynnik --- internal/pkg/imports/imports_linux.go | 1 - 1 file changed, 1 deletion(-) diff --git a/internal/pkg/imports/imports_linux.go b/internal/pkg/imports/imports_linux.go index f50ec56..27e02e6 100644 --- a/internal/pkg/imports/imports_linux.go +++ b/internal/pkg/imports/imports_linux.go @@ -4,7 +4,6 @@ package imports import ( _ "context" _ "crypto/tls" - _ "fmt" _ "github.com/antonfisher/nested-logrus-formatter" _ "github.com/edwarnicke/grpcfd" _ "github.com/golang/protobuf/ptypes/empty" From 173ff4c8fb6978e879434a70450e4043718a2b58 Mon Sep 17 00:00:00 2001 From: Nikita Skrynnik Date: Mon, 23 May 2022 23:56:43 +0700 Subject: [PATCH 4/4] fix header Signed-off-by: Nikita Skrynnik --- internal/pkg/imports/gen.go | 2 ++ 1 file changed, 2 insertions(+) diff --git a/internal/pkg/imports/gen.go b/internal/pkg/imports/gen.go index 7d0cbc6..4036f0e 100644 --- a/internal/pkg/imports/gen.go +++ b/internal/pkg/imports/gen.go @@ -1,5 +1,7 @@ // Copyright (c) 2020-2021 Doc.ai and/or its affiliates. // +// Copyright (c) 2022 Cisco and/or its affiliates. +// // SPDX-License-Identifier: Apache-2.0 // // Licensed under the Apache License, Version 2.0 (the "License");