func (t *InsecureConfigTLS) processTlsCipherSuites(n ast.Node, c *gas.Context) *gas.Issue {
a := reflect.TypeOf(&ast.KeyValueExpr{})
b := reflect.TypeOf(&ast.CompositeLit{})
if node, ok := gas.SimpleSelect(n, a, b).(*ast.CompositeLit); ok {
for _, elt := range node.Elts {
if ident, ok := elt.(*ast.SelectorExpr); ok {
if !stringInSlice(ident.Sel.Name, t.goodCiphers) {
str := fmt.Sprintf("TLS Bad Cipher Suite: %s", ident.Sel.Name)
return gas.NewIssue(c, n, str, gas.High, gas.High)
}
}
}
}
return nil
}
func (r *NoErrorCheck) Match(n ast.Node, c *gas.Context) (gi *gas.Issue, err error) {
if node, ok := n.(*ast.AssignStmt); ok {
sel := reflect.TypeOf(&ast.CallExpr{})
if call, ok := gas.SimpleSelect(node.Rhs[0], sel).(*ast.CallExpr); ok {
if t := c.Info.Types[call].Type; t != nil {
if typeVal, typeErr := t.(*types.Tuple); typeErr {
for i := 0; i < typeVal.Len(); i++ {
if typeVal.At(i).Type().String() == "error" { // TODO(tkelsey): is there a better way?
if id, ok := node.Lhs[i].(*ast.Ident); ok && id.Name == "_" {
return gas.NewIssue(c, n, r.What, r.Severity, r.Confidence), nil
}
}
}
} else if t.String() == "error" { // TODO(tkelsey): is there a better way?
if id, ok := node.Lhs[0].(*ast.Ident); ok && id.Name == "_" {
return gas.NewIssue(c, n, r.What, r.Severity, r.Confidence), nil
}
}
}
}
}
return nil, nil
}
