From 2825d768aaaef27e854631354415484406b1bc92 Mon Sep 17 00:00:00 2001 From: Dominic Evans Date: Mon, 23 Aug 2021 23:58:55 +0100 Subject: fix(test): update travis and e2e selfSignedCert fn - add go.mod/go.sum - update .travis.yml to test against supported Go versions - drop golint from CI checks To satisfy modern Go crypto in the tlsrouter e2e_test.go: - bump RSA keysize to minimum 2048 bits - set NotBefore to valid recent timestamp - include CommonName in SANs Signed-off-by: Dominic Evans --- .gitignore | 2 -- .travis.yml | 11 +++-------- cmd/tlsrouter/e2e_test.go | 8 ++++---- go.mod | 5 +++++ go.sum | 2 ++ 5 files changed, 14 insertions(+), 14 deletions(-) delete mode 100644 .gitignore create mode 100644 go.mod create mode 100644 go.sum diff --git a/.gitignore b/.gitignore deleted file mode 100644 index ab78466..0000000 --- a/.gitignore +++ /dev/null @@ -1,2 +0,0 @@ -tlsrouter -tlsrouter.test diff --git a/.travis.yml b/.travis.yml index 56aafcb..a8d3a50 100644 --- a/.travis.yml +++ b/.travis.yml @@ -1,24 +1,19 @@ language: go go: -- "1.12" -- "1.13" +- "1.16.x" +- "1.17.x" - tip os: - linux -install: -- go get github.com/golang/lint/golint -before_script: script: -- go get -t ./... - go build ./... - go test ./... - go vet ./... -- golint -set_exit_status . jobs: include: - stage: deploy - go: "1.13" + go: "1.16" install: - gem install fpm script: diff --git a/cmd/tlsrouter/e2e_test.go b/cmd/tlsrouter/e2e_test.go index c53e8c5..92551e2 100644 --- a/cmd/tlsrouter/e2e_test.go +++ b/cmd/tlsrouter/e2e_test.go @@ -182,7 +182,7 @@ func serveTLS(t *testing.T, value string, understandProxy bool, domains ...strin } func selfSignedCert(domains []string) (tls.Certificate, *x509.CertPool, error) { - pkey, err := rsa.GenerateKey(rand.Reader, 512) + pkey, err := rsa.GenerateKey(rand.Reader, 2048) if err != nil { return tls.Certificate{}, nil, err } @@ -192,16 +192,16 @@ func selfSignedCert(domains []string) (tls.Certificate, *x509.CertPool, error) { Organization: []string{"Test Co"}, CommonName: domains[0], }, - NotBefore: time.Time{}, + NotBefore: time.Now().Add(-5 * time.Minute), NotAfter: time.Now().Add(60 * time.Minute), IsCA: true, KeyUsage: x509.KeyUsageKeyEncipherment | x509.KeyUsageDigitalSignature | x509.KeyUsageCertSign, ExtKeyUsage: []x509.ExtKeyUsage{x509.ExtKeyUsageServerAuth}, BasicConstraintsValid: true, - DNSNames: domains[1:], + DNSNames: domains[:], } - derBytes, err := x509.CreateCertificate(rand.Reader, template, template, &pkey.PublicKey, pkey) + derBytes, err := x509.CreateCertificate(rand.Reader, template, template, pkey.Public(), pkey) if err != nil { return tls.Certificate{}, nil, err } diff --git a/go.mod b/go.mod new file mode 100644 index 0000000..9c8ce9f --- /dev/null +++ b/go.mod @@ -0,0 +1,5 @@ +module inet.af/tcpproxy + +go 1.16 + +require github.com/armon/go-proxyproto v0.0.0-20210323213023-7e956b284f0a diff --git a/go.sum b/go.sum new file mode 100644 index 0000000..de51fb1 --- /dev/null +++ b/go.sum @@ -0,0 +1,2 @@ +github.com/armon/go-proxyproto v0.0.0-20210323213023-7e956b284f0a h1:AP/vsCIvJZ129pdm9Ek7bH7yutN3hByqsMoNrWAxRQc= +github.com/armon/go-proxyproto v0.0.0-20210323213023-7e956b284f0a/go.mod h1:QmP9hvJ91BbJmGVGSbutW19IC0Q9phDCLGaomwTJbgU= -- cgit v1.2.3