Commit bfda7a9b authored by Manuel Kieweg's avatar Manuel Kieweg 🤷
Browse files

Merge branch '104-investigate-vulnerability-tls-minversion-too-low' into 'master'

Investigate Security Issues

Closes #110, #109, #108, #107, #106, #105, and #104

See merge request cocsn/gosdn!143
parents 47fbe6ef edc2f92a
......@@ -117,7 +117,9 @@ func DialContext(ctx context.Context, cfg *Config) (pb.GNMIClient, error) {
}
if cfg.TLS || cfg.CAFile != "" || cfg.CertFile != "" || cfg.Token != "" {
tlsConfig := &tls.Config{}
tlsConfig := &tls.Config{
MinVersion: tls.VersionTLS12,
}
if cfg.CAFile != "" {
b, err := ioutil.ReadFile(cfg.CAFile)
if err != nil {
......
......@@ -17,7 +17,7 @@ func Write(message proto.Message, filename string) error {
return fmt.Errorf("cannot marshal proto message to binary: %w", err)
}
err = ioutil.WriteFile(filename, data, 0644)
err = ioutil.WriteFile(filename, data, 0600)
if err != nil {
return fmt.Errorf("cannot write binary data to file: %w", err)
}
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment