Revert the removal of buildah dependency

We currently need it to drag in recent versions of other dependencies, per https://github.com/containers/skopeo/issues/796 . I'll work to update the relevant dependencies in c/image, but that will only propagate to skopeo in the next c/image release; in the meantime, this at least undoes the downgrades. Signed-off-by: Miloslav Trmač <mitr@redhat.com>
2025-09-05 16:50:45 +00:00 · 2020-03-30 16:04:24 +02:00
parent 018a0108b1
commit 27b330f6f1
201 changed files with 29298 additions and 1811 deletions
--- a/vendor/github.com/docker/go-connections/tlsconfig/config.go
+++ b/vendor/github.com/docker/go-connections/tlsconfig/config.go
@@ -46,8 +46,6 @@ var acceptedCBCCiphers = []uint16{
 	tls.TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,
 	tls.TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA,
 	tls.TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,
-	tls.TLS_RSA_WITH_AES_256_CBC_SHA,
-	tls.TLS_RSA_WITH_AES_128_CBC_SHA,
 }

 // DefaultServerAcceptedCiphers should be uses by code which already has a crypto/tls
@@ -67,8 +65,8 @@ var allTLSVersions = map[uint16]struct{}{
 // ServerDefault returns a secure-enough TLS configuration for the server TLS configuration.
 func ServerDefault(ops ...func(*tls.Config)) *tls.Config {
 	tlsconfig := &tls.Config{
-		// Avoid fallback by default to SSL protocols < TLS1.0
-		MinVersion:               tls.VersionTLS10,
+		// Avoid fallback by default to SSL protocols < TLS1.2
+		MinVersion:               tls.VersionTLS12,
 		PreferServerCipherSuites: true,
 		CipherSuites:             DefaultServerAcceptedCiphers,
 	}