make gosec linter pass (#3294)

* not related to linter: remove obsolete constants: - `Insecure` and `Secure` and type `Security` are not used anywhere * not related to linter: update example - NewInsecure was deleted; change example to NewRemoteDB * address: Binds to all network interfaces (gosec): - bind to localhost instead of 0.0.0.0 - regenerate test key and cert for this purpose (was valid for ::) and otherwise we would see: transport: authentication handshake failed: x509: certificate is valid for ::, not 127.0.0.1\" (used https://github.com/google/keytransparency/blob/master/scripts/gen_server_keys.sh to regenerate certs) * use sha256 in tests instead of md5; time difference is negligible * nolint usage of math/rand in test and add comment on its import - crypto/rand is slower and we do not need sth more secure in tests * enable linter in circle-ci * another nolint math/rand in test * replace another occurrence of md5 * consistent comment about importing math/rand
2025-06-12 21:01:21 +00:00 · 2019-02-12 05:54:12 +01:00
parent 7fd51e6ade
commit b089587b42
11 changed files with 64 additions and 72 deletions
--- a/mempool/mempool_test.go
+++ b/mempool/mempool_test.go
@ -1,8 +1,8 @@
 package mempool

 import (
-	"crypto/md5"
 	"crypto/rand"
+	"crypto/sha256"
 	"encoding/binary"
 	"fmt"
 	"io/ioutil"
@ -451,7 +451,7 @@ func TestMempoolMaxMsgSize(t *testing.T) {
 }

 func checksumIt(data []byte) string {
-	h := md5.New()
+	h := sha256.New()
 	h.Write(data)
 	return fmt.Sprintf("%x", h.Sum(nil))
 }