Merge branch 'main' into csaf_searcher

2025-12-22 05:40:11 +01:00 · 2023-10-18 10:24:34 +02:00 · 2023-10-18 10:24:34 +02:00 · 226dc961f3
commit 226dc961f3
parent 5f2596665a c05a4023ff
68 changed files with 1726 additions and 246 deletions
--- a/docs/csaf_downloader.md
+++ b/docs/csaf_downloader.md
@ -14,10 +14,8 @@ Application Options:
      --client-key=KEY-FILE                      TLS client private key file (PEM encoded data)
      --client-passphrase=PASSPHRASE             Optional passphrase for the client cert (limited, experimental, see doc)
      --version                                  Display version of the binary
-  -v, --verbose                                  Verbose output
  -n, --nostore                                  Do not store files
-  -r, --rate=                                    The average upper limit of https operations per second (defaults to
-                                                 unlimited)
+  -r, --rate=                                    The average upper limit of https operations per second (defaults to unlimited)
  -w, --worker=NUM                               NUMber of concurrent downloads (default: 2)
  -t, --timerange=RANGE                          RANGE of time from which advisories to download
  -f, --folder=FOLDER                            Download into a given subFOLDER
@ -65,7 +63,6 @@ insecure            = false
 # client_key        # not set by default
 # client_passphrase # not set by default
 ignoresigcheck      = false
-verbose             = false
 # rate              # set to unlimited
 worker              = 2
 # timerange         # not set by default
@ -126,6 +123,14 @@ In the config file this has to be noted as:
 ignorepattern = [".*white.*", ".*red.*"]
 ```

+#### Forwarding
+The downloader is able to forward downloaded advisories and their checksums,
+OpenPGP signatures and validation results to an HTTP endpoint.  
+The details of the implemented API are described [here](https://github.com/mfd2007/csaf_upload_interface).  
+**Attention** This is a work in progress. There is
+no production ready server which implements this protocol.
+The server in the linked repository is currently for development and testing only.
+
 #### beware of client cert passphrase

 The `client-passphrase` option implements a legacy private
--- a/docs/scripts/testDownloader.sh
+++ b/docs/scripts/testDownloader.sh
@ -18,7 +18,7 @@ echo '==== run downloader (1)'
 mkdir ~/downloaded1

 ./bin-linux-amd64/csaf_downloader --directory ../downloaded1 \
-  --rate 4.1 --verbose --insecure localhost
+  --rate 4.1 --insecure localhost

 echo
 echo '==== this was downloaded (1)'
@ -32,7 +32,7 @@ echo '==== run downloader (2)'
 mkdir ~/downloaded2

 ./bin-linux-amd64/csaf_downloader --directory ../downloaded2 \
-  --verbose --insecure https://localhost:9443/.well-known/csaf-aggregator/local-dev-provider2/provider-metadata.json
+  --insecure https://localhost:9443/.well-known/csaf-aggregator/local-dev-provider2/provider-metadata.json

 echo
 echo '==== this was downloaded (2)'