forked from mystiq/dex
Remove copypasta dependency
This commit is contained in:
Mark Sagi-Kazar
parent
e1a45ba33e
commit
af9dfd4a29
1
go.mod
1
go.mod
|
|
@ -19,7 +19,6 @@ require (
|
|||
github.com/gorilla/mux v1.7.3
|
||||
github.com/gorilla/websocket v1.4.0 // indirect
|
||||
github.com/grpc-ecosystem/go-grpc-prometheus v1.2.0
|
||||
github.com/gtank/cryptopasta v0.0.0-20170601214702-1f550f6f2f69
|
||||
github.com/konsorten/go-windows-terminal-sequences v1.0.2 // indirect
|
||||
github.com/kylelemons/godebug v1.1.0
|
||||
github.com/lib/pq v1.3.0
|
||||
|
|
|
|||
2
go.sum
2
go.sum
|
|
@ -149,8 +149,6 @@ github.com/grpc-ecosystem/go-grpc-prometheus v1.2.0 h1:Ovs26xHkKqVztRpIrF/92Bcuy
|
|||
github.com/grpc-ecosystem/go-grpc-prometheus v1.2.0/go.mod h1:8NvIoxWQoOIhqOTXgfV/d3M/q6VIi02HzZEHgUlZvzk=
|
||||
github.com/grpc-ecosystem/grpc-gateway v1.9.5 h1:UImYN5qQ8tuGpGE16ZmjvcTtTw24zw1QAp/SlnNrZhI=
|
||||
github.com/grpc-ecosystem/grpc-gateway v1.9.5/go.mod h1:vNeuVxBJEsws4ogUvrchl83t/GYV9WGTSLVdBhOQFDY=
|
||||
github.com/gtank/cryptopasta v0.0.0-20170601214702-1f550f6f2f69 h1:7xsUJsB2NrdcttQPa7JLEaGzvdbk7KvfrjgHZXOQRo0=
|
||||
github.com/gtank/cryptopasta v0.0.0-20170601214702-1f550f6f2f69/go.mod h1:YLEMZOtU+AZ7dhN9T/IpGhXVGly2bvkJQ+zxj3WeVQo=
|
||||
github.com/hashicorp/errwrap v0.0.0-20141028054710-7554cd9344ce/go.mod h1:YH+1FKiLXxHSkmPseP+kNlulaMuP3n2brvKWEqk/Jc4=
|
||||
github.com/hashicorp/go-multierror v0.0.0-20161216184304-ed905158d874/go.mod h1:JMRHfdO9jKNzS/+BTlxCjKNQHg/jZAft8U7LloJvN7I=
|
||||
github.com/hashicorp/golang-lru v0.5.0/go.mod h1:/m3WP610KZHVQ1SGc6re/UDhFvYD7pJ4Ao+sR/qLZy8=
|
||||
|
|
|
|||
|
|
@ -23,7 +23,6 @@ import (
|
|||
"time"
|
||||
|
||||
"github.com/ghodss/yaml"
|
||||
"github.com/gtank/cryptopasta"
|
||||
"golang.org/x/net/http2"
|
||||
|
||||
"github.com/dexidp/dex/pkg/log"
|
||||
|
|
@ -253,8 +252,23 @@ func (cli *client) put(resource, name string, v interface{}) error {
|
|||
return checkHTTPErr(resp, http.StatusOK)
|
||||
}
|
||||
|
||||
// Copied from https://github.com/gtank/cryptopasta
|
||||
func defaultTLSConfig() *tls.Config {
|
||||
return &tls.Config{
|
||||
// Avoids most of the memorably-named TLS attacks
|
||||
MinVersion: tls.VersionTLS12,
|
||||
// Causes servers to use Go's default ciphersuite preferences,
|
||||
// which are tuned to avoid attacks. Does nothing on clients.
|
||||
PreferServerCipherSuites: true,
|
||||
// Only use curves which have constant-time implementations
|
||||
CurvePreferences: []tls.CurveID{
|
||||
tls.CurveP256,
|
||||
},
|
||||
}
|
||||
}
|
||||
|
||||
func newClient(cluster k8sapi.Cluster, user k8sapi.AuthInfo, namespace string, logger log.Logger) (*client, error) {
|
||||
tlsConfig := cryptopasta.DefaultTLSConfig()
|
||||
tlsConfig := defaultTLSConfig()
|
||||
data := func(b string, file string) ([]byte, error) {
|
||||
if b != "" {
|
||||
return base64.StdEncoding.DecodeString(b)
|
||||
|
|
|
|||
Loading…
Reference in New Issue