SystemSh0cker/gocsaf
1
0
Fork 0
mirror of https://github.com/gocsaf/csaf.git synced 2025-12-22 05:40:11 +01:00
Code Issues Releases Activity Actions

Made the issuer optional if using client sides certs for auth.

Browse source
This commit is contained in:
Sascha L. Teichmann 2022-03-07 13:27:22 +01:00
parent 1c59b671d5
commit 737fc89cd5
2 changed files with 2 additions and 2 deletions
Download patch file Download diff file Expand all files Collapse all files

2
cmd/csaf_provider/config.go
View file

@ -44,7 +44,7 @@ type config struct {
DynamicProviderMetaData bool `toml:"dynamic_provider_metadata"`
Publisher *csaf.Publisher `toml:"publisher"`
UploadLimit *int64 `toml:"upload_limit"`
Issuer string `toml:"issuer"`
Issuer *string `toml:"issuer"`
}
type tlp string

2
cmd/csaf_provider/controller.go
View file

@ -76,7 +76,7 @@ func (c *controller) auth(
log.Printf("SSL_CLIENT_VERIFY: %s\n", verify)
switch {
case verify == "SUCCESS" && os.Getenv("SSL_CLIENT_I_DN") == c.cfg.Issuer:
case verify == "SUCCESS" && (c.cfg.Issuer == nil || *c.cfg.Issuer == os.Getenv("SSL_CLIENT_I_DN")):
log.Printf("user: %s\n", os.Getenv("SSL_CLIENT_S_DN"))
log.Printf("ca: %s\n", os.Getenv("SSL_CLIENT_I_DN"))
case c.cfg.Password == nil: