Set minimum version of TLS to 1.2 (#364)

* Set minimum version of TLS to 1.2 When creating an HTTP client set the minimum version of TLS to 1.2 and prefer server ciphers. * add Go 1.12 to CI and remove master * fix test bug uncovered by `go vet` in Go 1.12 * remove preferServerCipherSuites
Azure · Mar 5, 2019 · 134ac34 · 134ac34
1 parent f4369d4
commit 134ac34
Show file tree

Hide file tree

Showing 5 changed files with 17 additions and 9 deletions.
diff --git a/.travis.yml b/.travis.yml
@@ -3,13 +3,9 @@ sudo: false
 language: go
 
 go:
-  - master
-  - 1.11.x
   - 1.10.x
-
-matrix:
-  allow_failures:
-    - go: master
+  - 1.11.x
+  - 1.12.x
 
 env:
   - DEP_VERSION="0.5.0"

diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -1,5 +1,11 @@
 # CHANGELOG
 
+## v11.5.1
+
+### Bug Fixes
+
+- In `Client.sender()` set the minimum TLS version on HTTP clients to 1.2.
+
 ## v11.5.0
 
 ### New Features

diff --git a/autorest/adal/persist_test.go b/autorest/adal/persist_test.go
@@ -133,13 +133,13 @@ func TestSaveToken(t *testing.T) {
 	var actualToken Token
 	var expectedToken Token
 
-	json.Unmarshal([]byte(MockTokenJSON), expectedToken)
+	json.Unmarshal([]byte(MockTokenJSON), &expectedToken)
 
 	contents, err := ioutil.ReadFile(f.Name())
 	if err != nil {
 		t.Fatal("!!")
 	}
-	json.Unmarshal(contents, actualToken)
+	json.Unmarshal(contents, &actualToken)
 
 	if !reflect.DeepEqual(actualToken, expectedToken) {
 		t.Fatal("azure: token was not serialized correctly")

diff --git a/autorest/client.go b/autorest/client.go
@@ -16,6 +16,7 @@ package autorest
 
 import (
 	"bytes"
+	"crypto/tls"
 	"fmt"
 	"io"
 	"io/ioutil"
@@ -230,6 +231,11 @@ func (c Client) Do(r *http.Request) (*http.Response, error) {
 func (c Client) sender() Sender {
 	if c.Sender == nil {
 		j, _ := cookiejar.New(nil)
+		tracing.Transport.Base = &http.Transport{
+			TLSClientConfig: &tls.Config{
+				MinVersion: tls.VersionTLS12,
+			},
+		}
 		client := &http.Client{Jar: j, Transport: tracing.Transport}
 		return client
 	}

diff --git a/autorest/version.go b/autorest/version.go
@@ -19,7 +19,7 @@ import (
 	"runtime"
 )
 
-const number = "v11.5.0"
+const number = "v11.5.1"
 
 var (
 	userAgent = fmt.Sprintf("Go/%s (%s-%s) go-autorest/%s",