gopkg.in/alecthomas/gometalinter.v3@v3.0.0/_linters/src/github.com/securego/gosec/rules/ssh.go (about) 1 package rules 2 3 import ( 4 "go/ast" 5 6 "github.com/securego/gosec" 7 ) 8 9 type sshHostKey struct { 10 gosec.MetaData 11 pkg string 12 calls []string 13 } 14 15 func (r *sshHostKey) ID() string { 16 return r.MetaData.ID 17 } 18 19 func (r *sshHostKey) Match(n ast.Node, c *gosec.Context) (gi *gosec.Issue, err error) { 20 if _, matches := gosec.MatchCallByPackage(n, c, r.pkg, r.calls...); matches { 21 return gosec.NewIssue(c, n, r.ID(), r.What, r.Severity, r.Confidence), nil 22 } 23 return nil, nil 24 } 25 26 // NewSSHHostKey rule detects the use of insecure ssh HostKeyCallback. 27 func NewSSHHostKey(id string, conf gosec.Config) (gosec.Rule, []ast.Node) { 28 return &sshHostKey{ 29 pkg: "golang.org/x/crypto/ssh", 30 calls: []string{"InsecureIgnoreHostKey"}, 31 MetaData: gosec.MetaData{ 32 ID: id, 33 What: "Use of ssh InsecureIgnoreHostKey should be audited", 34 Severity: gosec.Medium, 35 Confidence: gosec.High, 36 }, 37 }, []ast.Node{(*ast.CallExpr)(nil)} 38 }