mirror of
https://github.com/gocsaf/csaf.git
synced 2025-12-22 05:40:11 +01:00
Differentiate if fingerprint is empty or not given
This commit is contained in:
koplas
koplas
parent
9037574d96
commit
4e09dbf41f
4 changed files with 26 additions and 20 deletions
|
|
@ -199,7 +199,7 @@ func (w *worker) mirrorPGPKeys(pm *csaf.ProviderMetadata) error {
|
|||
w.log.Warn("Ignoring PGP key without URL", "fingerprint", pgpKey.Fingerprint)
|
||||
continue
|
||||
}
|
||||
if _, err := hex.DecodeString(string(pgpKey.Fingerprint)); err != nil {
|
||||
if _, err := hex.DecodeString(string(*pgpKey.Fingerprint)); err != nil {
|
||||
w.log.Warn("Ignoring PGP key with invalid fingerprint", "url", *pgpKey.URL)
|
||||
continue
|
||||
}
|
||||
|
|
@ -217,7 +217,7 @@ func (w *worker) mirrorPGPKeys(pm *csaf.ProviderMetadata) error {
|
|||
*pgpKey.URL, res.Status, res.StatusCode)
|
||||
}
|
||||
|
||||
fingerprint := strings.ToUpper(string(pgpKey.Fingerprint))
|
||||
fingerprint := strings.ToUpper(string(*pgpKey.Fingerprint))
|
||||
|
||||
localFile := filepath.Join(openPGPFolder, fingerprint+".asc")
|
||||
|
||||
|
|
@ -588,12 +588,12 @@ func (w *worker) mirrorFiles(tlpLabel csaf.TLPLabel, files []csaf.AdvisoryFile)
|
|||
if err := os.MkdirAll(yearDir, 0755); err != nil {
|
||||
return err
|
||||
}
|
||||
//log.Printf("created %s\n", yearDir)
|
||||
// log.Printf("created %s\n", yearDir)
|
||||
yearDirs[year] = yearDir
|
||||
}
|
||||
|
||||
fname := filepath.Join(yearDir, filename)
|
||||
//log.Printf("write: %s\n", fname)
|
||||
// log.Printf("write: %s\n", fname)
|
||||
data := content.Bytes()
|
||||
if err := writeFileHashes(
|
||||
fname, filename,
|
||||
|
|
|
|||
|
|
@ -83,10 +83,8 @@ type reporter interface {
|
|||
report(*processor, *Domain)
|
||||
}
|
||||
|
||||
var (
|
||||
// errContinue indicates that the current check should continue.
|
||||
errContinue = errors.New("continue")
|
||||
)
|
||||
// errContinue indicates that the current check should continue.
|
||||
var errContinue = errors.New("continue")
|
||||
|
||||
type whereType byte
|
||||
|
||||
|
|
@ -970,8 +968,7 @@ func (p *processor) checkChanges(base string, mask whereType) error {
|
|||
continue
|
||||
}
|
||||
path := r[pathColumn]
|
||||
times, files =
|
||||
append(times, t),
|
||||
times, files = append(times, t),
|
||||
append(files, csaf.PlainAdvisoryFile(path))
|
||||
}
|
||||
return times, files, nil
|
||||
|
|
@ -1227,7 +1224,6 @@ func (p *processor) checkWhitePermissions(string) error {
|
|||
// According to the result, the respective error messages added to
|
||||
// badProviderMetadata.
|
||||
func (p *processor) checkProviderMetadata(domain string) bool {
|
||||
|
||||
p.badProviderMetadata.use()
|
||||
|
||||
client := p.httpClient()
|
||||
|
|
@ -1518,13 +1514,17 @@ func (p *processor) checkPGPKeys(_ string) error {
|
|||
continue
|
||||
}
|
||||
|
||||
if key.Fingerprint == "" {
|
||||
if key.Fingerprint == nil {
|
||||
p.badPGPs.warn("No fingerprint for public OpenPGP key found.")
|
||||
continue
|
||||
}
|
||||
|
||||
if !strings.EqualFold(ckey.GetFingerprint(), string(key.Fingerprint)) {
|
||||
p.badPGPs.error("Given Fingerprint (%q) of public OpenPGP key %q does not match remotely loaded (%q).", string(key.Fingerprint), u, ckey.GetFingerprint())
|
||||
if *key.Fingerprint == "" {
|
||||
p.badPGPs.warn("Empty fingerprint for public OpenPGP key found.")
|
||||
}
|
||||
|
||||
if !strings.EqualFold(ckey.GetFingerprint(), string(*key.Fingerprint)) {
|
||||
p.badPGPs.error("Given Fingerprint (%q) of public OpenPGP key %q does not match remotely loaded (%q).", string(*key.Fingerprint), u, ckey.GetFingerprint())
|
||||
continue
|
||||
}
|
||||
if p.keys == nil {
|
||||
|
|
|
|||
|
|
@ -366,12 +366,17 @@ func (d *downloader) loadOpenPGPKeys(
|
|||
continue
|
||||
}
|
||||
|
||||
if key.Fingerprint == "" {
|
||||
if key.Fingerprint == nil {
|
||||
slog.Warn("No fingerprint for public OpenPGP key found.")
|
||||
continue
|
||||
}
|
||||
|
||||
if !strings.EqualFold(ckey.GetFingerprint(), string(key.Fingerprint)) {
|
||||
if *key.Fingerprint == "" {
|
||||
slog.Warn("Empty fingerprint for public OpenPGP key found.")
|
||||
continue
|
||||
}
|
||||
|
||||
if !strings.EqualFold(ckey.GetFingerprint(), string(*key.Fingerprint)) {
|
||||
slog.Warn(
|
||||
"Fingerprint of public OpenPGP key does not match remotely loaded",
|
||||
"url", u, "fingerprint", key.Fingerprint, "remote-fingerprint", ckey.GetFingerprint())
|
||||
|
|
|
|||
|
|
@ -81,7 +81,7 @@ var fingerprintPattern = patternUnmarshal(`^[0-9a-fA-F]{40,}$`)
|
|||
// PGPKey is location and the fingerprint of the key
|
||||
// used to sign the CSAF documents.
|
||||
type PGPKey struct {
|
||||
Fingerprint Fingerprint `json:"fingerprint,omitempty"`
|
||||
Fingerprint *Fingerprint `json:"fingerprint,omitempty"`
|
||||
URL *string `json:"url"` // required
|
||||
}
|
||||
|
||||
|
|
@ -616,13 +616,14 @@ func (pmd *ProviderMetadata) SetLastUpdated(t time.Time) {
|
|||
// If there is no such key it is append to the list of keys.
|
||||
func (pmd *ProviderMetadata) SetPGP(fingerprint, url string) {
|
||||
for i := range pmd.PGPKeys {
|
||||
if strings.EqualFold(string(pmd.PGPKeys[i].Fingerprint), fingerprint) {
|
||||
if strings.EqualFold(string(*pmd.PGPKeys[i].Fingerprint), fingerprint) {
|
||||
pmd.PGPKeys[i].URL = &url
|
||||
return
|
||||
}
|
||||
}
|
||||
f := Fingerprint(fingerprint)
|
||||
pmd.PGPKeys = append(pmd.PGPKeys, PGPKey{
|
||||
Fingerprint: Fingerprint(fingerprint),
|
||||
Fingerprint: &f,
|
||||
URL: &url,
|
||||
})
|
||||
}
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue