Merge pull request #234 from csaf-poc/quick-ckeck

Quick ckeck

cmd/csaf_checker/main.go

@@ -34,6 +34,7 @@ type options struct {
 	Version    bool     `long:"version" description:"Display version of the binary"`
 	Verbose    bool     `long:"verbose" short:"v" description:"Verbose output"`
 	Rate       *float64 `long:"rate" short:"r" description:"The average upper limit of https operations per second"`
+	Years      *uint    `long:"years" short:"y" description:"Number of years to look back from now" value-name:"YEARS"`
 }
 
 func errCheck(err error) {

cmd/csaf_checker/processor.go

@@ -42,6 +42,7 @@ type topicMessages []Message
 type processor struct {
 	opts      *options
 	client    util.Client
+	ageAccept func(time.Time) bool
 
 	redirects      map[string][]string
 	noneTLS        map[string]struct{}
@@ -159,6 +160,17 @@ func newProcessor(opts *options) *processor {
 		opts:           opts,
 		alreadyChecked: map[string]whereType{},
 		expr:           util.NewPathEval(),
+		ageAccept:      ageAccept(opts),
+	}
+}
+
+func ageAccept(opts *options) func(time.Time) bool {
+	if opts.Years == nil {
+		return nil
+	}
+	good := time.Now().AddDate(-int(*opts.Years), 0, 0)
+	return func(t time.Time) bool {
+		return !t.Before(good)
 	}
 }
 
@@ -377,6 +389,22 @@ func (p *processor) integrity(
 			continue
 		}
 		p.checkTLS(u)
+
+		var folderYear *int
+
+		if m := yearFromURL.FindStringSubmatch(u); m != nil {
+			year, _ := strconv.Atoi(m[1])
+			// Check if we are in checking time interval.
+			if p.ageAccept != nil && !p.ageAccept(
+				time.Date(
+					year, 12, 31, // Assume last day og year.
+					23, 59, 59, 0, // 23:59:59
+					time.UTC)) {
+				continue
+			}
+			folderYear = &year
+		}
+
 		res, err := client.Get(u)
 		if err != nil {
 			lg(ErrorType, "Fetching %s failed: %v.", u, err)
@@ -425,9 +453,9 @@ func (p *processor) integrity(
 		} else if d, err := time.Parse(time.RFC3339, text); err != nil {
 			p.badFolders.error(
 				"Parsing 'initial_release_date' as RFC3339 failed in %s: %v", u, err)
-		} else if m := yearFromURL.FindStringSubmatch(u); m == nil {
+		} else if folderYear == nil {
 			p.badFolders.error("No year folder found in %s", u)
-		} else if year, _ := strconv.Atoi(m[1]); d.UTC().Year() != year {
+		} else if d.UTC().Year() != *folderYear {
 			p.badFolders.error("%s should be in folder %d", u, d.UTC().Year())
 		}
 
@@ -589,6 +617,13 @@ func (p *processor) processROLIEFeed(feed string) error {
 
 	rfeed.Entries(func(entry *csaf.Entry) {
 
+		// Filter if we have date checking.
+		if p.ageAccept != nil {
+			if pub := time.Time(entry.Published); !pub.IsZero() && !p.ageAccept(pub) {
+				return
+			}
+		}
+
 		var url, sha256, sha512, sign string
 
 		for i := range entry.Link {
@@ -760,6 +795,10 @@ func (p *processor) checkChanges(base string, mask whereType) error {
 			if err != nil {
 				return nil, nil, err
 			}
+			// Apply date range filtering.
+			if p.ageAccept != nil && !p.ageAccept(t) {
+				continue
+			}
 			times, files =
 				append(times, t),
 				append(files, csaf.PlainAdvisoryFile(r[pathColumn]))

docs/csaf_checker.md

@@ -13,8 +13,8 @@ Application Options:
       --client-key=KEY-FILE      TLS client private key file (PEM encoded data)
       --version                  Display version of the binary
   -v, --verbose                  Verbose output
-  -r, --rate=                    The average upper limit of https operations
-                                 per second
+  -r, --rate=                    The average upper limit of https operations per second
+  -y, --years=YEARS              Number of years to look back from now
 
 Help Options:
   -h, --help                     Show this help message