From 134ac34d5a96fc72758c0f157f38f87cbdb3f532 Mon Sep 17 00:00:00 2001
From: Joel Hendrix <jhendrix@microsoft.com>
Date: Tue, 5 Mar 2019 15:58:57 -0800
Subject: [PATCH] Set minimum version of TLS to 1.2 (#364)

* Set minimum version of TLS to 1.2

When creating an HTTP client set the minimum version of TLS to 1.2 and
prefer server ciphers.

* add Go 1.12 to CI and remove master

* fix test bug uncovered by `go vet` in Go 1.12

* remove preferServerCipherSuites
---
 .travis.yml                   | 8 ++------
 CHANGELOG.md                  | 6 ++++++
 autorest/adal/persist_test.go | 4 ++--
 autorest/client.go            | 6 ++++++
 autorest/version.go           | 2 +-
 5 files changed, 17 insertions(+), 9 deletions(-)

diff --git a/.travis.yml b/.travis.yml
index e125eb3c9..7bbf33814 100644
--- a/.travis.yml
+++ b/.travis.yml
@@ -3,13 +3,9 @@ sudo: false
 language: go
 
 go:
-  - master
-  - 1.11.x
   - 1.10.x
-
-matrix:
-  allow_failures:
-    - go: master
+  - 1.11.x
+  - 1.12.x
 
 env:
   - DEP_VERSION="0.5.0"
diff --git a/CHANGELOG.md b/CHANGELOG.md
index 9016e0f9c..3a51714e4 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -1,5 +1,11 @@
 # CHANGELOG
 
+## v11.5.1
+
+### Bug Fixes
+
+- In `Client.sender()` set the minimum TLS version on HTTP clients to 1.2.
+
 ## v11.5.0
 
 ### New Features
diff --git a/autorest/adal/persist_test.go b/autorest/adal/persist_test.go
index a9c287c6d..baa6f00bf 100644
--- a/autorest/adal/persist_test.go
+++ b/autorest/adal/persist_test.go
@@ -133,13 +133,13 @@ func TestSaveToken(t *testing.T) {
 	var actualToken Token
 	var expectedToken Token
 
-	json.Unmarshal([]byte(MockTokenJSON), expectedToken)
+	json.Unmarshal([]byte(MockTokenJSON), &expectedToken)
 
 	contents, err := ioutil.ReadFile(f.Name())
 	if err != nil {
 		t.Fatal("!!")
 	}
-	json.Unmarshal(contents, actualToken)
+	json.Unmarshal(contents, &actualToken)
 
 	if !reflect.DeepEqual(actualToken, expectedToken) {
 		t.Fatal("azure: token was not serialized correctly")
diff --git a/autorest/client.go b/autorest/client.go
index 4874e6e82..3496415b2 100644
--- a/autorest/client.go
+++ b/autorest/client.go
@@ -16,6 +16,7 @@ package autorest
 
 import (
 	"bytes"
+	"crypto/tls"
 	"fmt"
 	"io"
 	"io/ioutil"
@@ -230,6 +231,11 @@ func (c Client) Do(r *http.Request) (*http.Response, error) {
 func (c Client) sender() Sender {
 	if c.Sender == nil {
 		j, _ := cookiejar.New(nil)
+		tracing.Transport.Base = &http.Transport{
+			TLSClientConfig: &tls.Config{
+				MinVersion: tls.VersionTLS12,
+			},
+		}
 		client := &http.Client{Jar: j, Transport: tracing.Transport}
 		return client
 	}
diff --git a/autorest/version.go b/autorest/version.go
index 6230b7396..9e2165cc1 100644
--- a/autorest/version.go
+++ b/autorest/version.go
@@ -19,7 +19,7 @@ import (
 	"runtime"
 )
 
-const number = "v11.5.0"
+const number = "v11.5.1"
 
 var (
 	userAgent = fmt.Sprintf("Go/%s (%s-%s) go-autorest/%s",