From 84256448868499077c71382b76bea9f6e77f3855 Mon Sep 17 00:00:00 2001
From: "Sascha L. Teichmann" <sascha.teichmann@intevation.de>
Date: Wed, 1 Feb 2023 16:00:31 +0100
Subject: [PATCH] Add new requirement sections 1 and 2 to report

---
 cmd/csaf_checker/main.go      |  2 ++
 cmd/csaf_checker/processor.go | 20 ++++++++++++++++----
 cmd/csaf_checker/report.go    |  5 +++++
 cmd/csaf_checker/reporters.go | 27 ++++++++++++++++++++++++++-
 4 files changed, 49 insertions(+), 5 deletions(-)

diff --git a/cmd/csaf_checker/main.go b/cmd/csaf_checker/main.go
index 74de519..7e860b8 100644
--- a/cmd/csaf_checker/main.go
+++ b/cmd/csaf_checker/main.go
@@ -144,6 +144,8 @@ func writeReport(report *Report, opts *options) error {
 // It returns an array of the reporter interface type.
 func buildReporters() []reporter {
 	return []reporter{
+		&validReporter{baseReporter{num: 1, description: "Valid CSAF documents"}},
+		&filenameReporter{baseReporter{num: 2, description: "Filename"}},
 		&tlsReporter{baseReporter{num: 3, description: "TLS"}},
 		&redirectsReporter{baseReporter{num: 6, description: "Redirects"}},
 		&providerMetadataReport{baseReporter{num: 7, description: "provider-metadata.json"}},
diff --git a/cmd/csaf_checker/processor.go b/cmd/csaf_checker/processor.go
index c1c8609..b66a38b 100644
--- a/cmd/csaf_checker/processor.go
+++ b/cmd/csaf_checker/processor.go
@@ -53,6 +53,8 @@ type processor struct {
 	pmd            any
 	keys           []*crypto.KeyRing
 
+	invalidAdvisories    topicMessages
+	badFilenames         topicMessages
 	badIntegrities       topicMessages
 	badPGPs              topicMessages
 	badSignatures        topicMessages
@@ -203,6 +205,8 @@ func (p *processor) clean() {
 	p.pmd = nil
 	p.keys = nil
 
+	p.invalidAdvisories.reset()
+	p.badFilenames.reset()
 	p.badIntegrities.reset()
 	p.badPGPs.reset()
 	p.badSignatures.reset()
@@ -441,6 +445,12 @@ func (p *processor) integrity(
 		}
 		p.checkTLS(u)
 
+		// Check if the filename is confirming.
+		p.badFilenames.use()
+		if !util.ConfirmingFileName(filepath.Base(u)) {
+			p.badFilenames.error("%s has not a confirming filename.", u)
+		}
+
 		var folderYear *int
 
 		if m := yearFromURL.FindStringSubmatch(u); m != nil {
@@ -490,22 +500,24 @@ func (p *processor) integrity(
 			continue
 		}
 
+		p.invalidAdvisories.use()
+
 		// Validate against JSON schema.
 		errors, err := csaf.ValidateCSAF(doc)
 		if err != nil {
-			lg(ErrorType, "Failed to validate %s: %v", u, err)
+			p.invalidAdvisories.error("Failed to validate %s: %v", u, err)
 			continue
 		}
 		if len(errors) > 0 {
-			lg(ErrorType, "CSAF file %s has %d validation errors.", u, len(errors))
+			p.invalidAdvisories.error("CSAF file %s has %d validation errors.", u, len(errors))
 		}
 
 		// Validate against remote validator.
 		if p.validator != nil {
 			if ok, err := p.validator.Validate(doc); err != nil {
-				lg(ErrorType, "Calling remote validator on %s failed: %v", u, err)
+				p.invalidAdvisories.error("Calling remote validator on %s failed: %v", u, err)
 			} else if !ok {
-				lg(ErrorType, "Remote validation of %s failed.", u)
+				p.invalidAdvisories.error("Remote validation of %s failed.", u)
 			}
 		}
 
diff --git a/cmd/csaf_checker/report.go b/cmd/csaf_checker/report.go
index 3dbeb0d..458434f 100644
--- a/cmd/csaf_checker/report.go
+++ b/cmd/csaf_checker/report.go
@@ -73,6 +73,11 @@ func (r *Requirement) HasErrors() bool {
 	return false
 }
 
+// Append appends messages to requirement.
+func (r *Requirement) Append(msgs []Message) {
+	r.Messages = append(r.Messages, msgs...)
+}
+
 // HasErrors tells if this domain has errors.
 func (d *Domain) HasErrors() bool {
 	for _, r := range d.Requirements {
diff --git a/cmd/csaf_checker/reporters.go b/cmd/csaf_checker/reporters.go
index 0121ba1..8b6882a 100644
--- a/cmd/csaf_checker/reporters.go
+++ b/cmd/csaf_checker/reporters.go
@@ -19,6 +19,8 @@ type (
 		num         int
 		description string
 	}
+	validReporter             struct{ baseReporter }
+	filenameReporter          struct{ baseReporter }
 	tlsReporter               struct{ baseReporter }
 	redirectsReporter         struct{ baseReporter }
 	providerMetadataReport    struct{ baseReporter }
@@ -43,6 +45,29 @@ func (bc *baseReporter) requirement(domain *Domain) *Requirement {
 	return req
 }
 
+// report reports if there where any invalid filenames,
+func (r *validReporter) report(p *processor, domain *Domain) {
+	req := r.requirement(domain)
+	if p.validator == nil {
+		req.message(InfoType, "No remote validator configured")
+	}
+	if !p.invalidAdvisories.used() {
+		req.message(InfoType, "No validations performed")
+	} else {
+		req.Append(p.invalidAdvisories)
+	}
+}
+
+// report reposrts if there where any bad filename.
+func (r *filenameReporter) report(p *processor, domain *Domain) {
+	req := r.requirement(domain)
+	if !p.badFilenames.used() {
+		req.message(InfoType, "No filenames checked for conformance")
+	} else {
+		req.Append(p.badFilenames)
+	}
+}
+
 // report tests if the URLs are HTTPS and sets the "message" field value
 // of the "Requirement" struct as a result of that.
 // A list of non HTTPS URLs is included in the value of the "message" field.
@@ -142,7 +167,7 @@ func (r *securityReporter) report(p *processor, domain *Domain) {
 	req.Messages = p.badSecurity
 }
 
-//report tests the availability of the "provider-metadata.json" under /.well-known/csaf/ directoy.
+// report tests the availability of the "provider-metadata.json" under /.well-known/csaf/ directoy.
 func (r *wellknownMetadataReporter) report(p *processor, domain *Domain) {
 	req := r.requirement(domain)
 	if !p.badWellknownMetadata.used() {