Merge branch 'main' into feature-session-update-finetune-probe-calls

dell · Aug 9, 2024 · 557af8b · 557af8b
2 parents 476b7e5 + 2cc3b38
commit 557af8b
Show file tree

Hide file tree

Showing 4 changed files with 47 additions and 6 deletions.
diff --git a/.github/workflows/linters.yaml b/.github/workflows/linters.yaml
@@ -19,12 +19,12 @@ jobs:
           go-version: "1.22"
           cache: false
       - name: Checkout the code
-        uses: actions/checkout@v3.2.0
+        uses: actions/checkout@v4
       - name: Vendor packages
         run: |
           go mod vendor
       - name: golangci-lint
-        uses: golangci/golangci-lint-action@v3
+        uses: golangci/golangci-lint-action@v5
         with:
-          version: v1.55
+          version: latest
           skip-cache: true
diff --git a/api/restclient.go b/api/restclient.go
@@ -1,5 +1,5 @@
 /*
- Copyright © 2019 Dell Inc. or its subsidiaries. All Rights Reserved.
+ Copyright © 2019-2024 Dell Inc. or its subsidiaries. All Rights Reserved.
 
  Licensed under the Apache License, Version 2.0 (the "License");
  you may not use this file except in compliance with the License.
@@ -147,6 +147,7 @@ func New(ctx context.Context, host string, opts ClientOptions, debug bool) (Clie
 		c.http.Transport = &http.Transport{
 			TLSClientConfig: &tls.Config{
 				InsecureSkipVerify: true,
+				CipherSuites:       util.GetSecuredCipherSuites(),
 			},
 		}
 	} else {
@@ -158,6 +159,7 @@ func New(ctx context.Context, host string, opts ClientOptions, debug bool) (Clie
 			TLSClientConfig: &tls.Config{
 				RootCAs:            pool,
 				InsecureSkipVerify: false,
+				CipherSuites:       util.GetSecuredCipherSuites(),
 			},
 		}
 	}

diff --git a/util/util.go b/util/util.go
@@ -1,5 +1,5 @@
 /*
- Copyright © 2019 Dell Inc. or its subsidiaries. All Rights Reserved.
+ Copyright © 2019-2024 Dell Inc. or its subsidiaries. All Rights Reserved.
 
  Licensed under the Apache License, Version 2.0 (the "License");
  you may not use this file except in compliance with the License.
@@ -16,6 +16,7 @@ package util
 
 import (
 	"context"
+	"crypto/tls"
 	"errors"
 	"fmt"
 	"os"
@@ -176,3 +177,14 @@ func ValidateDuration(durationStr string) (uint64, error) {
 
 	return 0, nil
 }
+
+// GetSecuredCipherSuites returns a slice of secured cipher suites.
+// It iterates over the tls.CipherSuites() and appends the ID of each cipher suite to the suites slice.
+// The function returns the suites slice.
+func GetSecuredCipherSuites() (suites []uint16) {
+	securedSuite := tls.CipherSuites()
+	for _, v := range securedSuite {
+		suites = append(suites, v.ID)
+	}
+	return suites
+}
diff --git a/util/util_test.go b/util/util_test.go
@@ -1,5 +1,5 @@
 /*
- Copyright © 2019 Dell Inc. or its subsidiaries. All Rights Reserved.
+ Copyright © 2019-2024 Dell Inc. or its subsidiaries. All Rights Reserved.
 
  Licensed under the Apache License, Version 2.0 (the "License");
  you may not use this file except in compliance with the License.
@@ -16,6 +16,7 @@ package util
 
 import (
 	"context"
+	"crypto/tls"
 	"fmt"
 	"testing"
 )
@@ -29,6 +30,7 @@ func TestUtils(t *testing.T) {
 	getLoggetTest(t)
 	validateResourceNameTest(t)
 	validateDurationTest(t)
+	getSecuredCipherSuitesTest(t)
 }
 
 func getRunIDLoggerTest(_ *testing.T) {
@@ -145,3 +147,28 @@ func validateDurationTest(t *testing.T) {
 	fmt.Println("Error: ", err)
 	fmt.Println("Validate Duration Test Successful")
 }
+
+func getSecuredCipherSuitesTest(t *testing.T) {
+	fmt.Println("Begin - Get Secured Cipher Suites Test")
+
+	suites := GetSecuredCipherSuites()
+	if len(suites) == 0 {
+		t.Fatalf("No secured cipher suites found")
+	}
+
+	// Check if all returned suites are valid TLS cipher suites
+	for _, suite := range suites {
+		found := false
+		for _, v := range tls.CipherSuites() {
+			if suite == v.ID {
+				found = true
+				break
+			}
+		}
+		if !found {
+			t.Fatalf("Invalid cipher suite ID found: %d", suite)
+		}
+	}
+
+	fmt.Println("Get Secured Cipher Suites Test Successful")
+}