Merge branch '104-investigate-vulnerability-tls-minversion-too-low' into 'master'

Investigate Security Issues

Closes #110, #109, #108, #107, #106, #105, and #104

See merge request cocsn/gosdn!143

forks/goarista/gnmi/client.go

@@ -117,7 +117,9 @@ func DialContext(ctx context.Context, cfg *Config) (pb.GNMIClient, error) {
 	}
 
 	if cfg.TLS || cfg.CAFile != "" || cfg.CertFile != "" || cfg.Token != "" {
-		tlsConfig := &tls.Config{}
+		tlsConfig := &tls.Config{
+			MinVersion:                  tls.VersionTLS12,
+		}
 		if cfg.CAFile != "" {
 			b, err := ioutil.ReadFile(cfg.CAFile)
 			if err != nil {

nucleus/util/proto/message.go

@@ -17,7 +17,7 @@ func Write(message proto.Message, filename string) error {
 		return fmt.Errorf("cannot marshal proto message to binary: %w", err)
 	}
 
-	err = ioutil.WriteFile(filename, data, 0644)
+	err = ioutil.WriteFile(filename, data, 0600)
 	if err != nil {
 		return fmt.Errorf("cannot write binary data to file: %w", err)
 	}