mirror of
https://github.com/securego/gosec.git
synced 2024-12-25 12:05:52 +00:00
Update to config struct to unmarshal the mozilla server-side TLS conf version 5
Signed-off-by: Cosmin Cojocar <cosmin.cojocar@gmx.ch>
This commit is contained in:
parent
e050355b4b
commit
76ce9f0147
1 changed files with 5 additions and 2 deletions
|
@ -36,7 +36,7 @@ type ServerSideTLSJson struct {
|
||||||
// see https://wiki.mozilla.org/Security/Server_Side_TLS
|
// see https://wiki.mozilla.org/Security/Server_Side_TLS
|
||||||
type Configuration struct {
|
type Configuration struct {
|
||||||
OpenSSLCiphersuites []string `json:"openssl_ciphersuites"`
|
OpenSSLCiphersuites []string `json:"openssl_ciphersuites"`
|
||||||
Ciphersuites []string `json:"ciphersuites"`
|
OpenSSLCiphers []string `json:"openssl_ciphers"`
|
||||||
TLSVersions []string `json:"tls_versions"`
|
TLSVersions []string `json:"tls_versions"`
|
||||||
TLSCurves []string `json:"tls_curves"`
|
TLSCurves []string `json:"tls_curves"`
|
||||||
CertificateTypes []string `json:"certificate_types"`
|
CertificateTypes []string `json:"certificate_types"`
|
||||||
|
@ -87,7 +87,10 @@ func getGoCipherConfig(name string, sstls ServerSideTLSJson) (goCipherConfigurat
|
||||||
return cipherConf, fmt.Errorf("TLS configuration '%s' not found", name)
|
return cipherConf, fmt.Errorf("TLS configuration '%s' not found", name)
|
||||||
}
|
}
|
||||||
|
|
||||||
for _, cipherName := range conf.Ciphersuites {
|
// These ciphers are already defined in IANA format
|
||||||
|
cipherConf.Ciphers = append(cipherConf.Ciphers, conf.OpenSSLCiphersuites...)
|
||||||
|
|
||||||
|
for _, cipherName := range conf.OpenSSLCiphers {
|
||||||
cipherSuite, ok := constants.CipherSuites[cipherName]
|
cipherSuite, ok := constants.CipherSuites[cipherName]
|
||||||
if !ok {
|
if !ok {
|
||||||
log.Printf("'%s' cipher is not available in crypto/tls package\n", cipherName)
|
log.Printf("'%s' cipher is not available in crypto/tls package\n", cipherName)
|
||||||
|
|
Loading…
Reference in a new issue