From c7d7f10bdff703e4a3c0414e8a33d4e45c91eb35 Mon Sep 17 00:00:00 2001
From: Dmitry Vyukov <dvyukov@google.com>
Date: Sat, 4 Jul 2020 11:12:55 +0200
Subject: go.mod: vendor golangci-lint

---
 vendor/github.com/securego/gosec/v2/rules/ssh.go | 38 ++++++++++++++++++++++++
 1 file changed, 38 insertions(+)
 create mode 100644 vendor/github.com/securego/gosec/v2/rules/ssh.go

(limited to 'vendor/github.com/securego/gosec/v2/rules/ssh.go')

diff --git a/vendor/github.com/securego/gosec/v2/rules/ssh.go b/vendor/github.com/securego/gosec/v2/rules/ssh.go
new file mode 100644
index 000000000..01f37da51
--- /dev/null
+++ b/vendor/github.com/securego/gosec/v2/rules/ssh.go
@@ -0,0 +1,38 @@
+package rules
+
+import (
+	"go/ast"
+
+	"github.com/securego/gosec/v2"
+)
+
+type sshHostKey struct {
+	gosec.MetaData
+	pkg   string
+	calls []string
+}
+
+func (r *sshHostKey) ID() string {
+	return r.MetaData.ID
+}
+
+func (r *sshHostKey) Match(n ast.Node, c *gosec.Context) (gi *gosec.Issue, err error) {
+	if _, matches := gosec.MatchCallByPackage(n, c, r.pkg, r.calls...); matches {
+		return gosec.NewIssue(c, n, r.ID(), r.What, r.Severity, r.Confidence), nil
+	}
+	return nil, nil
+}
+
+// NewSSHHostKey rule detects the use of insecure ssh HostKeyCallback.
+func NewSSHHostKey(id string, conf gosec.Config) (gosec.Rule, []ast.Node) {
+	return &sshHostKey{
+		pkg:   "golang.org/x/crypto/ssh",
+		calls: []string{"InsecureIgnoreHostKey"},
+		MetaData: gosec.MetaData{
+			ID:         id,
+			What:       "Use of ssh InsecureIgnoreHostKey should be audited",
+			Severity:   gosec.Medium,
+			Confidence: gosec.High,
+		},
+	}, []ast.Node{(*ast.CallExpr)(nil)}
+}
-- 
cgit mrf-deployment