SystemSh0cker/gocsaf
1
0
Fork 0
mirror of https://github.com/gocsaf/csaf.git synced 2025-12-22 05:40:11 +01:00
Code Issues Releases Activity Actions

Adjust checker, too.

Browse source
This commit is contained in:
Sascha L. Teichmann 2023-11-13 09:59:12 +01:00
parent e2ab1903e7
commit 0a2b69bd55
1 changed files with 19 additions and 2 deletions
Download patch file Download diff file Expand all files Collapse all files

21
cmd/csaf_checker/processor.go
View file

@ -1263,9 +1263,26 @@ func (p *processor) checkProviderMetadata(domain string) bool {
// the value of this field. Returns an empty string if no error was encountered, // the value of this field. Returns an empty string if no error was encountered,
// the errormessage otherwise. // the errormessage otherwise.
func (p *processor) checkSecurity(domain string) string { func (p *processor) checkSecurity(domain string) string {
var msgs []string
// Try well-known first and fall back to legacy when it fails.
for _, folder := range []string{
"https://" + domain + "/.well-known/",
"https://" + domain + "/",
} {
msg := p.checkSecurityFolder(folder)
if msg == "" {
break
}
msgs = append(msgs, msg)
}
return strings.Join(msgs, "; ")
}
// checkSecurityFolder checks the security.txt in a given folder.
func (p *processor) checkSecurityFolder(folder string) string {
client := p.httpClient() client := p.httpClient()
path := "https://" + domain + "/.well-known/security.txt" path := folder + "security.txt"
res, err := client.Get(path) res, err := client.Get(path)
if err != nil { if err != nil {
return fmt.Sprintf("Fetching %s failed: %v", path, err) return fmt.Sprintf("Fetching %s failed: %v", path, err)
@ -1298,7 +1315,7 @@ func (p *processor) checkSecurity(domain string) string {
return fmt.Sprintf("CSAF URL '%s' invalid: %v", u, err) return fmt.Sprintf("CSAF URL '%s' invalid: %v", u, err)
} }
base, err := url.Parse("https://" + domain + "/.well-known/") base, err := url.Parse(folder)
if err != nil { if err != nil {
return err.Error() return err.Error()
} }