SystemSh0cker/gocsaf
1
0
Fork 0
mirror of https://github.com/gocsaf/csaf.git synced 2025-12-22 11:55:40 +01:00
Code Issues Releases Activity Actions
999 commits 13 branches 34 tags 8.5 MiB
Commit graph

999 commits

This branch
This branch
All branches
Author SHA1 Message Date
JanHoefelmeyer
38dfabde1a Add documentation for extra headers for csaf_aggregator 2023-08-03 11:20:17 +02:00
JanHoefelmeyer
b0b3852e99 Add documentation for client_cert, client_key and client_passphrase for csaf_aggregator 2023-08-03 10:04:51 +02:00
Sascha L. Teichmann
47e55a33bc Add support for client certificates and extra headers to aggregator 2023-08-02 22:44:44 +02:00
Sascha L. Teichmann
f31ee53c27 Add client certificate support to the downloader 2023-08-02 21:16:32 +02:00
Sascha L. Teichmann
017a6b0a10 Move cert handling into library and add option passphrase. Adjust uploader and checker. 2023-08-02 21:02:58 +02:00
Sascha L. Teichmann
873eb4879b Add time range to checker report. 2023-08-02 20:01:04 +02:00
JanHoefelmeyer
b6e5af9b49 Clarified docs on where and how to use ignorepattern for aggregator 2023-08-02 08:36:05 +02:00
Sascha L. Teichmann
607bd0ebe1 Add ignore patterns to aggreagtor. 2023-08-01 22:16:14 +02:00
Sascha L. Teichmann
85f9d02ac0 Rename config.check to config.prepare to make symmerical to other tools. 2023-08-01 21:45:30 +02:00
Sascha L. Teichmann
98bf2990ae Ignore advisories in checker. 2023-08-01 21:38:55 +02:00
Sascha L. Teichmann
5a4e5607cb Factored out matching lists of regular expressions. 2023-08-01 17:05:49 +02:00
Sascha L. Teichmann
97304ab38e Typo fix. 2023-08-01 16:43:31 +02:00
Sascha L. Teichmann
8aa31984df Add docs and fix output. 2023-08-01 09:54:43 +02:00
Sascha L. Teichmann
2864176111 Add ignore patterns to downloader. 2023-08-01 01:46:58 +02:00
Sascha L. Teichmann
383b0ca77b Add an option to downloader to store advisories into a given folder. 2023-07-31 17:19:38 +02:00
Sascha L. Teichmann
1d9969162f Fix version config and make aggreator use new command line parser. 2023-07-30 22:37:32 +02:00
JanHoefelmeyer
8aed2c034e
Merge pull request #414 from csaf-poc/checker-interval 
Checker: Make time range configurable to check advisories from
 2023-07-28 09:53:41 +02:00
JanHoefelmeyer
505693b3f0 Merge branch 'main' into checker-interval 2023-07-28 09:51:18 +02:00
JanHoefelmeyer
bb0df4cd55 Merge branch 'main' into checker-interval 2023-07-28 09:44:24 +02:00
JanHoefelmeyer
8a9dd6e842
Merge pull request #413 from csaf-poc/downloader-interval 
Downloader: Make time range configurable to download advisories from
 2023-07-28 09:43:49 +02:00
JanHoefelmeyer
2271c50ee7 Merge branch 'main' into downloader-interval 2023-07-28 09:38:13 +02:00
JanHoefelmeyer
690efbe075
Merge pull request #412 from csaf-poc/checker-cfg-toml 
Add TOML config to checker
 2023-07-28 08:19:23 +02:00
Sascha L. Teichmann
ac8d8a9196 Improve wording of docs a bit. 2023-07-26 13:46:13 +02:00
Sascha L. Teichmann
5e5074fbf1 Add time range to checker. 2023-07-26 13:34:15 +02:00
Sascha L. Teichmann
125028773f go-flag needs its own Unmarshaler. 2023-07-26 12:06:16 +02:00
Sascha L. Teichmann
1d892ff681 Fix docs. 2023-07-26 11:07:30 +02:00
Sascha L. Teichmann
eade9f7ae4 Fixed switched time.Parse args. 2023-07-26 10:52:20 +02:00
Sascha L. Teichmann
5e6fb8241c Prettifying docs 2023-07-26 04:28:42 +02:00
Sascha L. Teichmann
975e350510 Prettifying docs 2023-07-26 04:27:04 +02:00
Sascha L. Teichmann
1f301b6301 Prettifying docs 2023-07-26 04:25:45 +02:00
Sascha L. Teichmann
9e665a2fa1 Adjust docs 2023-07-26 04:18:54 +02:00
Sascha L. Teichmann
204ddb5a96 Use changes.csv instead of index.txt when using dir bases provider to make date filtering possible. 2023-07-26 03:56:05 +02:00
Sascha L. Teichmann
0ad4ed9e36 Expose logging as field in AdvisoryFileProcessor to shrink constructor signature. 2023-07-26 03:31:00 +02:00
Sascha L. Teichmann
f8c3741d12 Remove stray field in config. 2023-07-26 03:29:13 +02:00
Sascha L. Teichmann
de0599ebe3 Add time interval filtering to downloader. 2023-07-26 03:22:33 +02:00
Sascha L. Teichmann
0e297fc616 Add internal model for time ranges. 2023-07-26 02:22:45 +02:00
Sascha L. Teichmann
31a37a4daf Don't use default in command line args. 2023-07-25 11:59:11 +02:00
Sascha L. Teichmann
655b8f4db1 Be more rigid specifying format in config file. 2023-07-25 11:32:18 +02:00
Sascha L. Teichmann
1bdaf5854a Fallback to default config files if no config file was given. 2023-07-25 10:53:18 +02:00
Sascha L. Teichmann
9697e99d86 Improve comment 2023-07-25 00:17:44 +02:00
Sascha L. Teichmann
19433856ca Adjusted docs. 2023-07-24 23:42:21 +02:00
Sascha L. Teichmann
95bd705036 Factor command line parsing into an internal package for reuse. 2023-07-24 23:25:16 +02:00
Sascha L. Teichmann
27ec66353c Merge branch 'main' into checker-cfg-toml 2023-07-20 11:07:32 +02:00
Sascha L. Teichmann
81ead2776b
Use TOML as config file format in downloader (#405) 
* Use TOML as config file format.

* Parse command line a second time if config file was loaded.

* Handle default values correctly.

* Use same names for config file options and command line options.
 2023-07-20 11:05:20 +02:00
Sascha L. Teichmann
bfcf98464f Load config from TOML file 2023-07-20 01:33:58 +02:00
Sascha L. Teichmann
12ad7706e3 Rename opts to cfg 2023-07-20 01:16:05 +02:00
Sascha L. Teichmann
0d17db0c59 Move options to separate file. 2023-07-19 23:39:52 +02:00
Sascha L. Teichmann
8630e8bac2
Add support for config files in downloader. (#404) 
* Add support for config files in downloader.

* Add no-ini for the version flag, too.

* Add config file options in doc to downloader.
 2023-07-19 10:49:17 +02:00
JanHoefelmeyer
de27a668d1
Complete requirement 4 (ROLIE) (#391) 
* Create dummy structure to uniquely identify each advisory

* Remove dummy values, remove unused variable for now

* Formatting

* Add Evaluation of whether a white Advisory is access protected and add it to the respective slice, implement functionality

* Initialize p.whiteAdvisories before using it, stop sorting if no Client was used

* Ammend rules to include requirement 4, warning instead of error if white advisory is found protected, use badWhitePermissions.use()

* Formatting

* Fix typo: avaible -> available

* Improve check on whether building identifier failed

* Move extracting of tlp labels and related functions from processor to roliecheck

* Create Labelchecker and check access of white advisories regardless of whether ROLIE feeds exist. Only check Ranks if ROLIE feeds are used

* Formatting

* Do not use label checker as a pointer.

* Rename label checker

* Add XXX to questionable code.

* Simplify checking white advisories.

* Improve error message if no checks for accessibility of white advisories were done

* Extract TLP label directly without extractTLP function, consistent plural in error message

* Add comments and check type assertion in tlp label extraction.

* Move check for white advisories to label checker.

* Improve methods naming an comments.

* Address a few review questions.

* Move functionality of checkProtection fully into evaluateTLP

* Add comments and warn only if we are in a white feed or in a dirlisting.

---------

Co-authored-by: JanHoefelmeyer <Jan Höfelmeyer jhoefelmeyer@intevation.de>
Co-authored-by: JanHoefelmeyer <hoefelmeyer.jan@gmail.com>
Co-authored-by: Sascha L. Teichmann <sascha.teichmann@intevation.de>
 2023-07-13 22:22:11 +02:00
JanHoefelmeyer
f05bcd3642
Add info for Req 8-10 if direct url was given and as such no checks were performed. (#401) 
* Add info for Req 8-10 if direct url was given and as such no checks were performed.

* Update cmd/csaf_checker/processor.go

Co-authored-by: tschmidtb51 <65305130+tschmidtb51@users.noreply.github.com>

* Break overly long lines

---------

Co-authored-by: JanHoefelmeyer <hoefelmeyer.jan@gmail.com>
Co-authored-by: tschmidtb51 <65305130+tschmidtb51@users.noreply.github.com>
 2023-07-13 15:59:23 +02:00