mirror of
https://github.com/gocsaf/csaf.git
synced 2025-12-22 11:55:40 +01:00
Add remote validator support to downloader.
This commit is contained in:
Sascha L. Teichmann
parent
1d0499ddea
commit
bcc31c0cd6
3 changed files with 65 additions and 13 deletions
|
|
@ -39,12 +39,37 @@ type downloader struct {
|
||||||
directory string
|
directory string
|
||||||
keys []*crypto.KeyRing
|
keys []*crypto.KeyRing
|
||||||
eval *util.PathEval
|
eval *util.PathEval
|
||||||
|
validator csaf.RemoteValidator
|
||||||
}
|
}
|
||||||
|
|
||||||
func newDownloader(opts *options) *downloader {
|
func newDownloader(opts *options) (*downloader, error) {
|
||||||
|
|
||||||
|
var validator csaf.RemoteValidator
|
||||||
|
|
||||||
|
if opts.RemoteValidator != "" {
|
||||||
|
validatorOptions := csaf.RemoteValidatorOptions{
|
||||||
|
URL: opts.RemoteValidator,
|
||||||
|
Presets: opts.RemoteValidatorPresets,
|
||||||
|
Cache: opts.RemoteValidatorCache,
|
||||||
|
}
|
||||||
|
var err error
|
||||||
|
if validator, err = validatorOptions.Open(); err != nil {
|
||||||
|
return nil, fmt.Errorf(
|
||||||
|
"preparing remote validator failed: %w", err)
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
return &downloader{
|
return &downloader{
|
||||||
opts: opts,
|
opts: opts,
|
||||||
eval: util.NewPathEval(),
|
eval: util.NewPathEval(),
|
||||||
|
validator: validator,
|
||||||
|
}, nil
|
||||||
|
}
|
||||||
|
|
||||||
|
func (d *downloader) close() {
|
||||||
|
if d.validator != nil {
|
||||||
|
d.validator.Close()
|
||||||
|
d.validator = nil
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
@ -330,6 +355,19 @@ func (d *downloader) downloadFiles(label csaf.TLPLabel, files []csaf.AdvisoryFil
|
||||||
continue
|
continue
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// Validate against remote validator
|
||||||
|
if d.validator != nil {
|
||||||
|
ok, err := d.validator.Validate(doc)
|
||||||
|
if err != nil {
|
||||||
|
return fmt.Errorf(
|
||||||
|
"calling remote validator on %q failed: %w",
|
||||||
|
file.URL(), err)
|
||||||
|
}
|
||||||
|
if !ok {
|
||||||
|
log.Printf("Remote validation of %q failed\n", file.URL())
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
if err := d.eval.Extract(`$.document.tracking.initial_release_date`, dateExtract, false, doc); err != nil {
|
if err := d.eval.Extract(`$.document.tracking.initial_release_date`, dateExtract, false, doc); err != nil {
|
||||||
log.Printf("Cannot extract initial_release_date from advisory '%s'\n", file.URL())
|
log.Printf("Cannot extract initial_release_date from advisory '%s'\n", file.URL())
|
||||||
initialReleaseDate = time.Now()
|
initialReleaseDate = time.Now()
|
||||||
|
|
|
||||||
|
|
@ -19,11 +19,15 @@ import (
|
||||||
)
|
)
|
||||||
|
|
||||||
type options struct {
|
type options struct {
|
||||||
Directory *string `short:"d" long:"directory" description:"Directory to store the downloaded files in"`
|
Directory *string `short:"d" long:"directory" description:"DIRectory to store the downloaded files in" value-name:"DIR"`
|
||||||
Insecure bool `long:"insecure" description:"Do not check TLS certificates from provider"`
|
Insecure bool `long:"insecure" description:"Do not check TLS certificates from provider"`
|
||||||
Version bool `long:"version" description:"Display version of the binary"`
|
Version bool `long:"version" description:"Display version of the binary"`
|
||||||
Verbose bool `long:"verbose" short:"v" description:"Verbose output"`
|
Verbose bool `long:"verbose" short:"v" description:"Verbose output"`
|
||||||
Rate *float64 `long:"rate" short:"r" description:"The average upper limit of https operations per second"`
|
Rate *float64 `long:"rate" short:"r" description:"The average upper limit of https operations per second"`
|
||||||
|
|
||||||
|
RemoteValidator string `long:"validator" description:"URL to validate documents remotely" value-name:"URL"`
|
||||||
|
RemoteValidatorCache string `long:"validatorcache" description:"FILE to cache remote validations" value-name:"FILE"`
|
||||||
|
RemoteValidatorPresets []string `long:"validatorpreset" description:"One or more presets to validate remotely"`
|
||||||
}
|
}
|
||||||
|
|
||||||
func errCheck(err error) {
|
func errCheck(err error) {
|
||||||
|
|
@ -35,6 +39,15 @@ func errCheck(err error) {
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
func run(opts *options, domains []string) error {
|
||||||
|
d, err := newDownloader(opts)
|
||||||
|
if err != nil {
|
||||||
|
return err
|
||||||
|
}
|
||||||
|
defer d.close()
|
||||||
|
return d.run(domains)
|
||||||
|
}
|
||||||
|
|
||||||
func main() {
|
func main() {
|
||||||
|
|
||||||
opts := new(options)
|
opts := new(options)
|
||||||
|
|
@ -54,7 +67,5 @@ func main() {
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
|
||||||
d := newDownloader(opts)
|
errCheck(run(opts, domains))
|
||||||
|
|
||||||
errCheck(d.run(domains))
|
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -8,12 +8,15 @@ Usage:
|
||||||
csaf_downloader [OPTIONS] domain...
|
csaf_downloader [OPTIONS] domain...
|
||||||
|
|
||||||
Application Options:
|
Application Options:
|
||||||
-d, --directory= Directory to store the downloaded files in
|
-d, --directory=DIR DIRectory to store the downloaded files in
|
||||||
--insecure Do not check TLS certificates from provider
|
--insecure Do not check TLS certificates from provider
|
||||||
--version Display version of the binary
|
--version Display version of the binary
|
||||||
-v, --verbose Verbose output
|
-v, --verbose Verbose output
|
||||||
-r, --rate= The average upper limit of https operations per second
|
-r, --rate= The average upper limit of https operations per second
|
||||||
|
--validator=URL URL to validate documents remotely
|
||||||
|
--validatorcache=FILE FILE to cache remote validations
|
||||||
|
--validatorpreset= One or more presets to validate remotely
|
||||||
|
|
||||||
Help Options:
|
Help Options:
|
||||||
-h, --help Show this help message
|
-h, --help Show this help message
|
||||||
```
|
```
|
||||||
|
|
|
||||||
Loading…
Add table
Add a link
Reference in a new issue