SystemSh0cker/gocsaf
1
0
Fork 0
mirror of https://github.com/gocsaf/csaf.git synced 2025-12-22 18:15:42 +01:00
Code Issues Releases Activity Actions
253 commits 13 branches 34 tags 8.5 MiB
Commit graph

57 commits

Author SHA1 Message Date
Bernhard Reiter
50ec5678cb
Merge branch 'main' into experimental-integration-test-coverage 2022-04-13 14:28:51 +02:00
Fadi Abbud
6fe6907c1d
Add --version option 
* Add flag to display the version for each binary. It is based on `git describe` but adds
  a number to the PATCH level if we are between annotated tags, so makes it semver.org
 compatible. Use the "-ldflags" method that also works with go 1.17.
* Use Makefile bash and sed magic to do PATCH level increase if needed.

Co-authored-by: Bernhard Reiter <bernhard@intevation.de>
 2022-04-13 14:27:11 +02:00
Bernhard Reiter
6abbac6c2d
Add integration test ability to provider 2022-04-08 10:40:01 +02:00
Bernhard Reiter
21eb768a05
Improve providers handlung of tls client certs 
* Change logging logic to print out the Issuer when a certificate
   was presented.
 2022-03-31 12:00:13 +02:00
Fadi Abbud
782d653e59 Issuer documentation 
* Documentation for the "issuer" option of the provider.
* More info of the format of the accepted file
* Print out the value of `SSL_CLIENT_I_DN` also when it is not match the issuer.
 2022-03-24 16:46:47 +01:00
Bernhard E. Reiter
1d7e7a3124
Merge branch 'main' into client-certificate 2022-03-23 20:19:51 +01:00
Bernhard Reiter
3753f08370
Merge branch 'main' into client-certificate 2022-03-23 20:12:36 +01:00
Fadi Abbud
5e1f2092e8
add setup options to provider docs 
* Add a first description of the config options for csaf_provider.
 * Change option name from `domain` to `canonical_prefix_url`
    to make the usage more intuitively. Use`https` in the default,
    if unset.

resolve #32 

Co-authored-by: Bernhard E. Reiter <bernhard@intevation.de>
Co-authored-by: tschmidtb51 <65305130+tschmidtb51@users.noreply.github.com>
 2022-03-23 19:48:05 +01:00
Sascha L. Teichmann
737fc89cd5 Made the issuer optional if using client sides certs for auth. 2022-03-07 13:27:22 +01:00
Bernhard Reiter
1f4f32435d
Fixing `CASF' typos 
* Bump copyright year 2021 -> 2022 on a few files.
 2022-02-25 17:38:07 +01:00
Sascha L. Teichmann
b12ad718c5 Factor out summary extraction from advisories. 2022-02-24 12:22:10 +01:00
Sascha L. Teichmann
4fc6bc5509 Add another layer aound the ROLIE feed documents. 2022-02-23 21:10:19 +01:00
Fadi Abbud
9e422d5ad2 Add one config option (provider) 
* "Issuer" config option for setting the CA issuer, these is used to
determine the valid TLS client certificates that allowed to access the
web-interface of the provider.
 2022-02-22 08:37:51 +01:00
Sascha L. Teichmann
57f43b9d7c Restore output of found value 2022-02-17 10:41:52 +01:00
Sascha L. Teichmann
cffc7aaa66 Merge branch 'main' into improve_tlp_error_message 2022-02-17 10:34:03 +01:00
Sascha L. Teichmann
81fa044bf0 Made auth middleware more readable. 2022-02-15 20:55:19 +01:00
Bernhard Reiter
dbf52223e9
Fix code format in cmd/csaf_provider/controller.go 2022-02-15 18:26:11 +01:00
Bernhard Reiter
2905a30cc0
Improve tls client cert handling 
* Improve nginx setup to transfer auth information to the fcgiwrap
 backend.
 * Add instructions for creating client certs for testing.
 * Add debug output to see if and which client cert has been used when
   calling the csaf_provider.go .
 2022-02-15 18:20:24 +01:00
Fadi Abbud
c43d690b57 Fix Typo 2022-02-07 13:23:09 +01:00
Fadi Abbud
e8cbab2c29 Add some documentation (controller) 2022-02-07 13:00:28 +01:00
Fadi Abbud
b872f28acd Add some code documentation 2022-02-03 15:18:40 +01:00
Fadi Abbud
54465b54ad Improve error message of missing tlp 
* #34
 2022-01-26 12:26:13 +01:00
Sascha L. Teichmann
dab359dd91 Place CSAF files in the right folder. 2021-12-16 15:53:44 +01:00
Sascha L. Teichmann
86c6b425b5 Merge branch 'main' into csaf-checker-tests 2021-12-15 11:18:22 +01:00
Sascha L. Teichmann
bba9dcec8f Make CSAF upload size configurable. Defaults to 50MB 2021-12-14 22:04:44 +01:00
Sascha L. Teichmann
f945937a6d Implemented loading of PGP keys. 2021-12-13 19:24:44 +01:00
Sascha L. Teichmann
98525ab758 Adjust default OpenPGP URL and replace fingeprint ans key id. 2021-12-12 22:36:07 +01:00
Fadi Abbud
901e5bed74 Add License headers 2021-12-09 16:19:26 +01:00
Sascha L. Teichmann
8e998dd058 No need for io.Copy when writing to hash. 2021-12-09 12:21:32 +01:00
Sascha L. Teichmann
2fb2dfda78 Moved commonly use file operations to separate package. 2021-12-09 11:55:22 +01:00
Sascha L. Teichmann
d335ad1b84 Added server config and middleware to use password to protect endpoints. 2021-12-06 17:24:45 +01:00
Sascha L. Teichmann
52b586d82f Added JSON endpoints. Made Web UI optional. 2021-12-05 21:20:27 +01:00
Sascha L. Teichmann
565238da9a Separated result rendering from controller actions. 2021-12-05 15:20:50 +01:00
Sascha L. Teichmann
8c272fef2a Replaced JSON schema library with a MIT licenensed one. 2021-12-03 02:28:16 +01:00
Sascha L. Teichmann
78f0b2db0b Validate CSAF documents against JSON schema. 2021-12-02 23:38:09 +01:00
Sascha L. Teichmann
f77bb5f1a8 Added default publisher if not configured. Warning if uploads don't have the same publisher as in metadata. 2021-12-02 10:51:25 +01:00
Sascha L. Teichmann
e5a6a8e2da Fixed TLP model conversion. Fixed wrong .well-known path 2021-12-02 01:36:57 +01:00
Sascha L. Teichmann
048c0dce89 Added "0x" before key id in openpgp url to make search on key server happy. 2021-12-02 00:56:21 +01:00
Sascha L. Teichmann
22c7da1ed1 use io.WriterTo instead of custom save interface ti serialize metadata and rolie. 2021-12-02 00:24:27 +01:00
Sascha L. Teichmann
45299f7e44 Only write provider metadata back if it is marked as dynamic in config. 2021-12-01 21:10:02 +01:00
Sascha L. Teichmann
fbe20dbf60 Use Key ID instead of fingerprint in OpenPGP URL interpolation. 2021-12-01 20:51:39 +01:00
Sascha L. Teichmann
9cf4a7cb5c Add OpenPGP key to provider metadata when generated at setup. 2021-12-01 20:16:09 +01:00
Sascha L. Teichmann
f2d8cd1e90 Work in bernhardreiter's PR#4. 2021-12-01 19:35:19 +01:00
Sascha L. Teichmann
70eb8875a4 Read publisher from config. 2021-12-01 19:27:46 +01:00
Sascha L. Teichmann
37d6692fa8 Create security.txt in .wellknown folder. 2021-12-01 01:05:24 +01:00
Sascha L. Teichmann
a54b4199a2 Fixed error handling of TLPs in config of provider. 2021-11-26 17:25:15 +01:00
Sascha L. Teichmann
04fb8f7e75 Fix golint warnings. 2021-11-25 18:21:23 +01:00
Sascha L. Teichmann
699692a9ed Make it build under new repo location. 2021-11-25 12:30:37 +01:00
Sascha L. Teichmann
b82882eb09 Write feed URLs in provider metadata. 2021-11-17 11:47:09 +01:00
Sascha L. Teichmann
1d0d8a6d03 Write a first version of the ROLIE feed. 2021-11-17 02:16:55 +01:00