SystemSh0cker/gocsaf
1
0
Fork 0
mirror of https://github.com/gocsaf/csaf.git synced 2025-12-22 11:55:40 +01:00
Code Issues Releases Activity Actions

Add one config option (provider)

Browse source 
* "Issuer" config option for setting the CA issuer, these is used to
determine the valid TLS client certificates that allowed to access the
web-interface of the provider.
This commit is contained in:
Fadi Abbud 2022-02-22 08:37:51 +01:00
parent a5d64a4038
commit 9e422d5ad2
2 changed files with 2 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

1
cmd/csaf_provider/config.go
View file

@ -44,6 +44,7 @@ type config struct {
DynamicProviderMetaData bool `toml:"dynamic_provider_metadata"` DynamicProviderMetaData bool `toml:"dynamic_provider_metadata"`
Publisher *csaf.Publisher `toml:"publisher"` Publisher *csaf.Publisher `toml:"publisher"`
UploadLimit *int64 `toml:"upload_limit"` UploadLimit *int64 `toml:"upload_limit"`
Issuer string `toml:"issuer"`
} }
type tlp string type tlp string

2
cmd/csaf_provider/controller.go
View file

@ -76,7 +76,7 @@ func (c *controller) auth(
log.Printf("SSL_CLIENT_VERIFY: %s\n", verify) log.Printf("SSL_CLIENT_VERIFY: %s\n", verify)
switch { switch {
case verify == "SUCCESS": case verify == "SUCCESS" && os.Getenv("SSL_CLIENT_I_DN") == c.cfg.Issuer:
log.Printf("user: %s\n", os.Getenv("SSL_CLIENT_S_DN")) log.Printf("user: %s\n", os.Getenv("SSL_CLIENT_S_DN"))
log.Printf("ca: %s\n", os.Getenv("SSL_CLIENT_I_DN")) log.Printf("ca: %s\n", os.Getenv("SSL_CLIENT_I_DN"))
case c.cfg.Password == nil: case c.cfg.Password == nil: