SystemSh0cker/gocsaf
1
0
Fork 0
mirror of https://github.com/gocsaf/csaf.git synced 2025-12-22 11:55:40 +01:00
Code Issues Releases Activity Actions

Add code documentation

Browse source
This commit is contained in:
Fadi Abbud 2022-05-04 15:31:26 +02:00
parent ea9c6b4502
commit a69d35ab3c
2 changed files with 6 additions and 6 deletions
Download patch file Download diff file Expand all files Collapse all files

10
cmd/csaf_checker/processor.go
View file

@ -1010,6 +1010,7 @@ func (p *processor) checkPGPKeys(domain string) error {
// checkWellknownMetadataReporter checks if the provider-metadata.json file is // checkWellknownMetadataReporter checks if the provider-metadata.json file is
// avaialable under the /.well-known/csaf/ directory. // avaialable under the /.well-known/csaf/ directory.
// It returns nil if all checks are passed, otherwise error.
func (p *processor) checkWellknownMetadataReporter(domain string) error { func (p *processor) checkWellknownMetadataReporter(domain string) error {
client := p.httpClient() client := p.httpClient()
@ -1032,6 +1033,9 @@ func (p *processor) checkWellknownMetadataReporter(domain string) error {
return nil return nil
} }
// checkDNSPathReporter checks if the "csaf.data.security.domain.tld" DNS record is available
// and serves the "provider-metadata.json".
// It returns nil if all checks are passed, otherwise error.
func (p *processor) checkDNSPathReporter(domain string) error { func (p *processor) checkDNSPathReporter(domain string) error {
client := p.httpClient() client := p.httpClient()
@ -1051,22 +1055,16 @@ func (p *processor) checkDNSPathReporter(domain string) error {
} }
hash := sha256.New() hash := sha256.New()
defer res.Body.Close() defer res.Body.Close()
//tee := io.TeeReader(res.Body, hash)
content, err := io.ReadAll(res.Body) content, err := io.ReadAll(res.Body)
if err != nil { if err != nil {
p.badDNSPathReporter.add("Error while reading the response form %s", path) p.badDNSPathReporter.add("Error while reading the response form %s", path)
return errContinue return errContinue
} }
hash.Write(content) hash.Write(content)
/* if err := json.NewDecoder(tee).Decode(&p.pmd); err != nil {
p.badDNSPathReporter.add("%s: Decoding JSON failed: %v", path, err)
return errContinue
} */
if !bytes.Equal(hash.Sum(nil), p.pmd256) { if !bytes.Equal(hash.Sum(nil), p.pmd256) {
p.badDNSPathReporter.add("The csaf.data.security.domain.tld DNS record does not serve the provider-metatdata.json") p.badDNSPathReporter.add("The csaf.data.security.domain.tld DNS record does not serve the provider-metatdata.json")
return errContinue return errContinue
} }
return nil return nil
} }

2
cmd/csaf_checker/reporters.go
View file

@ -119,6 +119,7 @@ func (r *securityReporter) report(p *processor, domain *Domain) {
req.Messages = p.badSecurity req.Messages = p.badSecurity
} }
//report tests the availability of the "provider-metadata.json" under /.well-known/csaf/ directoy.
func (r *wellknownMetadataReporter) report(p *processor, domain *Domain) { func (r *wellknownMetadataReporter) report(p *processor, domain *Domain) {
req := r.requirement(domain) req := r.requirement(domain)
if !p.badWellknownMetadataReporter.used() { if !p.badWellknownMetadataReporter.used() {
@ -132,6 +133,7 @@ func (r *wellknownMetadataReporter) report(p *processor, domain *Domain) {
req.Messages = p.badWellknownMetadataReporter req.Messages = p.badWellknownMetadataReporter
} }
// report tests if the "csaf.data.security.domain.tld" DNS record available and serves the "provider-metadata.json"
func (r *dnsPathReporter) report(p *processor, domain *Domain) { func (r *dnsPathReporter) report(p *processor, domain *Domain) {
req := r.requirement(domain) req := r.requirement(domain)
if !p.badDNSPathReporter.used() { if !p.badDNSPathReporter.used() {