Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add a tool to generate the TLS configuration form Mozilla's ciphers recommendation #178

Merged
merged 5 commits into from
Feb 21, 2018
Merged

Add a tool to generate the TLS configuration form Mozilla's ciphers recommendation #178

merged 5 commits into from
Feb 21, 2018

Conversation

ccojocar
Copy link
Member

This tool can generate the TLS configuration from Mozilla's ciphers recommendation and it can be invoked with go generate.

The configuration of TLS rule was generated using the tool. I updated also the README file with some instructions how to do this.

Fix #15

cc @gcmurphy

houndci-bot
houndci-bot reviewed Feb 19, 2018
View reviewed changes
rules/tls_config.go Outdated
}, []ast.Node{(*ast.CompositeLit)(nil)}
}

// DO NOT EDIT - Generated by tlsconfig
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

comment on exported function NewOldTLSCheck should be of the form "NewOldTLSCheck ..."

rules/tls_config.go Outdated
}, []ast.Node{(*ast.CompositeLit)(nil)}
}

// DO NOT EDIT - Generated by tlsconfig
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

comment on exported function NewIntermediateTLSCheck should be of the form "NewIntermediateTLSCheck ..."

rules/tls_config.go Outdated
"github.com/GoASTScanner/gas"
)

// DO NOT EDIT - Generated by tlsconfig
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

comment on exported function NewModernTLSCheck should be of the form "NewModernTLSCheck ..."

@gcmurphy
Copy link
Member

Awesome work!

@gcmurphy gcmurphy merged commit edb362f into securego:master Feb 21, 2018
gcmurphy pushed a commit that referenced this pull request Mar 8, 2018
@wileystar @gcmurphy
New Rule Tainted file (#183)
e76b258 
* Add a tool to generate the TLS configuration form Mozilla's ciphers recommendation (#178)

* Add a tool which generates the TLS rule configuration from Mozilla server side
TLS configuration

* Update README

* Remove trailing space in README

* Update dependencies

* Fix the commends of the generated functions

* Add nil pointer check to rule. (#181)

TypeOf returns the type of expression e, or nil if not found. We are
calling .String() on a value that may be nil in this clause.

Relates to #174

* Add support for YAML output format (#177)

* Add YAML output format

* Update README

* added rule to check for tainted file path

* added #nosec to main/issue.go

* updated test case import
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@houndci-bot houndci-bot houndci-bot left review comments

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@ccojocar @gcmurphy @houndci-bot