SystemSh0cker/gocsaf
1
0
Fork 0
mirror of https://github.com/gocsaf/csaf.git synced 2025-12-22 05:40:11 +01:00
Code Issues Releases Activity Actions

Add user-agent documentation

Browse source
This commit is contained in:
koplas 2024-07-31 11:00:40 +02:00
parent 0ab851a874
commit 3a67fb5210
No known key found for this signature in database
2 changed files with 20 additions and 6 deletions
Download patch file Download diff file Expand all files Collapse all files

13
docs/csaf_checker.md
View file

@ -30,9 +30,12 @@ Help Options:
Will check all given _domains_, by trying each as a CSAF provider.
If no user agent is specified with `--header=user-agent:custom-agent/1.0` then the default agent in the form of `csaf-distribution/version` is sent.
If a _domain_ starts with `https://` it is instead considered a direct URL to the `provider-metadata.json` and checking proceeds from there.
If no config file is explictly given the follwing places are searched for a config file:
```
~/.config/csaf/checker.toml
~/.csaf_checker.toml
@ -41,6 +44,7 @@ csaf_checker.toml
with `~` expanding to `$HOME` on unixoid systems and `%HOMEPATH` on Windows systems.
Supported options in config files:
```
output = ""
format = "json"
@ -58,9 +62,10 @@ validator_preset = ["mandatory"]
```
Usage example:
` ./csaf_checker example.com -f html --rate=5.3 -H apikey:SECRET -o check-results.html`
`./csaf_checker example.com -f html --rate=5.3 -H apikey:SECRET -o check-results.html`
Each performed check has a return type of either 0,1 or 2:
```
type 0: success
type 1: warning
@ -70,16 +75,16 @@ type 2: error
The checker result is a success if no checks resulted in type 2, and a failure otherwise.
The option `timerange` allows to only check advisories from a given time
interval. It can only be given once. See the
interval. It can only be given once. See the
[downloader documentation](csaf_downloader.md#timerange-option) for details.
You can ignore certain advisories while checking by specifying a list
of regular expressions[^1] to match their URLs by using the `ignorepattern`
option.
E.g. `-i='.*white.*' -i='*.red.*'` will ignore files which URLs contain
the sub strings **white** or **red**.
In the config file this has to be noted as:
```
ignorepattern = [".*white.*", ".*red.*"]
```
@ -88,7 +93,7 @@ ignorepattern = [".*white.*", ".*red.*"]
The `role` given in the `provider-metadata.json` is not
yet considered to change the overall result,
see https://github.com/csaf-poc/csaf_distribution/issues/221 .
see <https://github.com/csaf-poc/csaf_distribution/issues/221> .
If a provider hosts one or more advisories with a TLP level of AMBER or RED, then these advisories must be access protected.
To check these advisories, authorization can be given via custom headers or certificates.