From 44d0d48430353b493f0ef8c6a40b2858a4d120d1 Mon Sep 17 00:00:00 2001
From: Breno Jesus <breno@inspr.com>
Date: Thu, 11 Nov 2021 22:29:48 -0300
Subject: [PATCH 1/2] fix(authsvc): update key length to 2048 bits

---
 cmd/authsvc/authsec/main.go | 4 +---
 1 file changed, 1 insertion(+), 3 deletions(-)

diff --git a/cmd/authsvc/authsec/main.go b/cmd/authsvc/authsec/main.go
index 2498b185f..7ec9d4f94 100644
--- a/cmd/authsvc/authsec/main.go
+++ b/cmd/authsvc/authsec/main.go
@@ -23,8 +23,6 @@ import (
 var clientSet kubernetes.Interface
 var logger *zap.Logger
 
-const bitSize = 512 // min size for encoding your payload
-
 func generatePassword() string {
 	chars := []rune("ABCDEFGHIJKLMNOPQRSTUVWXYZ" +
 		"abcdefghijklmnopqrstuvwxyz" +
@@ -57,7 +55,7 @@ func initKube() error {
 
 func generatePrivateKey() (*rsa.PrivateKey, error) {
 	// Private Key generation
-	privateKey, err := rsa.GenerateKey(rand.Reader, bitSize)
+	privateKey, err := rsa.GenerateKey(rand.Reader, 2048)
 	if err != nil {
 		return nil, err
 	}

From 31f31031c5b0fb1a6ec3d890aaa65bb5535daece Mon Sep 17 00:00:00 2001
From: Breno Jesus <breno@inspr.com>
Date: Thu, 11 Nov 2021 22:44:43 -0300
Subject: [PATCH 2/2] fix(insprd): check if sidecar port is valid

TCP / UDP ports are Uint16
and 0 is reserved
Other ports are reserved too, but checking for this range is the minimum
---
 cmd/insprd/operators/nodes/converter.go | 9 ++++++++-
 1 file changed, 8 insertions(+), 1 deletion(-)

diff --git a/cmd/insprd/operators/nodes/converter.go b/cmd/insprd/operators/nodes/converter.go
index a1853bfcb..5590cd5e6 100644
--- a/cmd/insprd/operators/nodes/converter.go
+++ b/cmd/insprd/operators/nodes/converter.go
@@ -2,6 +2,7 @@ package nodes
 
 import (
 	"fmt"
+	"math"
 	"os"
 	"strconv"
 	"strings"
@@ -26,7 +27,13 @@ func (no *NodeOperator) dappToService(app *meta.App) *kubeService {
 	logger.Info("creating kubernetes service")
 
 	temp, _ := strconv.Atoi(os.Getenv("INSPR_LBSIDECAR_READ_PORT"))
-	lbsidecarPort = int32(temp)
+	if temp > 0 && temp < math.MaxUint16 {
+		lbsidecarPort = int32(temp)
+	} else {
+		// ref http://www.faqs.org/rfcs/rfc793.html
+		panic("invalid port number. the highest valid TCP / UDP port number is 65535 and the lowest is 1")
+	}
+
 	appID := toAppID(app)
 	appDeployName := toDeploymentName(app)
 	appLabels := map[string]string{"inspr-app": appID}