SystemSh0cker/gocsaf
1
0
Fork 0
mirror of https://github.com/gocsaf/csaf.git synced 2025-12-22 11:55:40 +01:00
Code Issues Releases Activity Actions

Downloader: Add forwarding to HTTP endpoint (#442)

Browse source 
* started with forwarding support in downloader

* Add missing files.

* Add missing files.

* Raise needed Go version

* More Go version bumping.

* Fix forwarding

* Go 1.21+ needed

* Make terminating forwarder more robust.

* Better var naming

* Remove dead code. Improve commentary.

* Prepare validation status adjustment.

* Move validations to functions to make them executable in a loop.

* Introduce validation mode flag (strict, unsafe)
This commit is contained in:
Sascha L. Teichmann 2023-08-25 10:31:27 +02:00 committed by GitHub
parent 7d3c3a68df
commit e0475791ff
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
13 changed files with 398 additions and 63 deletions
Download patch file Download diff file Expand all files Collapse all files

18
cmd/csaf_uploader/processor.go
View file

@ -18,7 +18,6 @@ import (
"log"
"mime/multipart"
"net/http"
"net/textproto"
"os"
"path/filepath"
"strings"
@ -28,6 +27,7 @@ import (
"github.com/ProtonMail/gopenpgp/v2/crypto"
"github.com/csaf-poc/csaf_distribution/v2/csaf"
"github.com/csaf-poc/csaf_distribution/v2/internal/misc"
"github.com/csaf-poc/csaf_distribution/v2/util"
)
@ -103,20 +103,6 @@ func (p *processor) create() error {
return nil
}
var escapeQuotes = strings.NewReplacer("\\", "\\\\", `"`, "\\\"").Replace
// createFormFile creates an [io.Writer] like [mime/multipart.Writer.CreateFromFile].
// This version allows to set the mime type, too.
func createFormFile(w *multipart.Writer, fieldname, filename, mimeType string) (io.Writer, error) {
// Source: https://cs.opensource.google/go/go/+/refs/tags/go1.20:src/mime/multipart/writer.go;l=140
h := make(textproto.MIMEHeader)
h.Set("Content-Disposition",
fmt.Sprintf(`form-data; name="%s"; filename="%s"`,
escapeQuotes(fieldname), escapeQuotes(filename)))
h.Set("Content-Type", mimeType)
return w.CreatePart(h)
}
// uploadRequest creates the request for uploading a csaf document by passing the filename.
// According to the flags values the multipart sections of the request are established.
// It returns the created http request.
@ -151,7 +137,7 @@ func (p *processor) uploadRequest(filename string) (*http.Request, error) {
// As the csaf_provider only accepts uploads with mime type
// "application/json" we have to set this.
part, err := createFormFile(
part, err := misc.CreateFormFile(
writer, "csaf", filepath.Base(filename), "application/json")
if err != nil {
return nil, err