SystemSh0cker/gocsaf
1
0
Fork 0
mirror of https://github.com/gocsaf/csaf.git synced 2025-12-22 11:55:40 +01:00
Code Issues Releases Activity Actions

Issuer documentation

Browse source 
* Documentation for the "issuer" option of the provider.
* More info of the format of the accepted file
* Print out the value of `SSL_CLIENT_I_DN` also when it is not match the issuer.
This commit is contained in:
Fadi Abbud 2022-03-24 16:46:47 +01:00
parent 1a2af34df0
commit 782d653e59
3 changed files with 3 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

2
cmd/csaf_provider/controller.go
View file

@ -82,11 +82,11 @@ func (c *controller) auth(
verify := os.Getenv("SSL_CLIENT_VERIFY")
log.Printf("SSL_CLIENT_VERIFY: %s\n", verify)
log.Printf("ca: %s\n", os.Getenv("SSL_CLIENT_I_DN"))
switch {
case verify == "SUCCESS" && (c.cfg.Issuer == nil || *c.cfg.Issuer == os.Getenv("SSL_CLIENT_I_DN")):
log.Printf("user: %s\n", os.Getenv("SSL_CLIENT_S_DN"))
log.Printf("ca: %s\n", os.Getenv("SSL_CLIENT_I_DN"))
case c.cfg.Password == nil:
log.Println("No password set, declining access.")
http.Error(rw, http.StatusText(http.StatusForbidden), http.StatusForbidden)