SystemSh0cker/gocsaf
1
0
Fork 0
mirror of https://github.com/gocsaf/csaf.git synced 2025-12-22 05:40:11 +01:00
Code Issues Releases Activity Actions
1177 commits 13 branches 34 tags 8.5 MiB
Commit graph

1177 commits

This branch
This branch
All branches
Author SHA1 Message Date
Fadi Abbud
9e2a9d7fad Code documentation and fix typo 2022-03-08 17:31:13 +01:00
Bernhard Reiter
6b47ed8f1d
Change test to trigger results 2022-03-08 16:33:39 +01:00
Bernhard Reiter
74523df5f0
Fix go test in workflow 2022-03-08 16:26:04 +01:00
Bernhard E. Reiter
87dd8307a3
Add first simple unit test with workflow (#81) 
* Adding first simple unit test

* Add test run to workflow

Co-authored-by: Sascha L. Teichmann <sascha.teichmann@intevation.de>
 2022-03-08 16:25:17 +01:00
Fadi Abbud
056f0fc6d6 Typo 2022-03-08 11:28:55 +01:00
Fadi Abbud
41a2d50773 Code documentation 2022-03-07 14:39:29 +01:00
Sascha L. Teichmann
737fc89cd5 Made the issuer optional if using client sides certs for auth. 2022-03-07 13:27:22 +01:00
Fadi Abbud
aa60e8f245 Add some code documentation 2022-03-04 16:04:21 +01:00
Bernhard Reiter
1c5664d8cb
Improve Texts "PGP key" -> "public OpenPGP key" 2022-03-03 14:46:07 +01:00
Sascha L. Teichmann
b852ae4ec1
Merge pull request #78 from csaf-poc/dev-fix-typos2 
Improve checker's reporting texts
 2022-03-03 12:23:20 +01:00
Sascha L. Teichmann
7841d78bb8 removed unnecessary assignments. 2022-03-03 12:21:16 +01:00
Fadi Abbud
7c64540c7e
Improve Documentation for provider (#61) 2022-03-03 11:57:41 +01:00
Bernhard Reiter
bfa5e787a2
Improve checker's reporting texts 
* Remove minor typos.
 * Go upper case for HTTPS as this is more common.
 * Make texts indicating a good result start with somethink else
   than "No", this removes an indirection in thinking and also offers
   a visible difference.
 * Bump copyright year to 2022.
 * Do PGP to "public OpenPGP keys" while at the reporters.go file
   while at it (to make merging easier).
 * Use an explicit message to indicate that a check is not done because
   of a missing implementation.
 2022-03-03 11:55:03 +01:00
Fadi Abbud
1c59b671d5 Improve documentation 2022-03-03 11:22:41 +01:00
Fadi Abbud
5f6a067119 Improve usage example 2022-03-02 15:42:44 +01:00
Fadi Abbud
65e199d9e6
Add csaf_checker to README 
Co-authored-by: Bernhard E. Reiter <bernhard@intevation.de>
 2022-03-02 15:09:04 +01:00
Fadi Abbud
64db8b4afd
Merge pull request #65 from csaf-poc/dev-fix-typo-casf 
Fixing `CASF' typos
 2022-02-27 15:29:22 +01:00
Bernhard Reiter
1f4f32435d
Fixing `CASF' typos 
* Bump copyright year 2021 -> 2022 on a few files.
 2022-02-25 17:38:07 +01:00
Fadi Abbud
b4341cf8ec
Merge pull request #64 from csaf-poc/factor-out-summary-extraction 
Factor out summary extraction from advisories.
 2022-02-24 12:47:14 +01:00
Sascha L. Teichmann
b12ad718c5 Factor out summary extraction from advisories. 2022-02-24 12:22:10 +01:00
Fadi Abbud
d4270e2d39
Merge pull request #63 from csaf-poc/rolie-extra-feed-layer 
Add another layer aound the ROLIE feed documents.
 2022-02-24 10:00:09 +01:00
Fadi Abbud
670f4cbf60 Fix Typo 2022-02-24 09:06:16 +01:00
Sascha L. Teichmann
4fc6bc5509 Add another layer aound the ROLIE feed documents. 2022-02-23 21:10:19 +01:00
Fadi Abbud
cbf39f9806 Documentation 2022-02-22 11:06:51 +01:00
Fadi Abbud
9e422d5ad2 Add one config option (provider) 
* "Issuer" config option for setting the CA issuer, these is used to
determine the valid TLS client certificates that allowed to access the
web-interface of the provider.
 2022-02-22 08:37:51 +01:00
Fadi Abbud
a5d64a4038 Add info to one command (client-certificate-setup.md) 2022-02-18 14:40:31 +01:00
Fadi Abbud
d451cc3908 (minor) Fix one option value 2022-02-18 13:57:45 +01:00
Fadi Abbud
9e13831a6f
Merge pull request #55 from csaf-poc/dev-docs-development-ca 
Add docs to run a development ca with gnutls
 2022-02-17 10:48:03 +01:00
Sascha L. Teichmann
a02c1cea6c
Merge pull request #39 from csaf-poc/improve_tlp_error_message 
Improve error message of missing tlp
 2022-02-17 10:43:27 +01:00
Sascha L. Teichmann
57f43b9d7c Restore output of found value 2022-02-17 10:41:52 +01:00
Sascha L. Teichmann
cffc7aaa66 Merge branch 'main' into improve_tlp_error_message 2022-02-17 10:34:03 +01:00
Sascha L. Teichmann
83299ebe8b
Merge pull request #51 from csaf-poc/provider_documentation 
Add some code documentation
 2022-02-17 10:30:31 +01:00
Fadi Abbud
21333fe7b4
Merge pull request #56 from csaf-poc/checker-locate-provider-metadata-json 
Checker locate provider metadata json
 2022-02-17 10:24:43 +01:00
Fadi Abbud
d9e326f84a Fix link in development-ca.md 2022-02-17 10:05:08 +01:00
Fadi Abbud
78a04ab081
Improve uploader documentation (#38) 
* improves #33
 2022-02-16 16:32:58 +01:00
Bernhard Reiter
196e123415
Improve docs/development-ca.md 
* Add some considerations and references. So readers can follow some
   of the engineering thoughts.
 2022-02-16 09:55:16 +01:00
Bernhard Reiter
72a0f1f4ed
Improve docs/install-server-certificate.md 
* Be more explizit about not using a development ca in production
   for the server.
 2022-02-16 09:31:16 +01:00
Sascha L. Teichmann
81fa044bf0 Made auth middleware more readable. 2022-02-15 20:55:19 +01:00
Bernhard Reiter
dbf52223e9
Fix code format in cmd/csaf_provider/controller.go 2022-02-15 18:26:11 +01:00
Bernhard Reiter
f20a9e2da6
Merge branch 'client-certificate' of github.com:csaf-poc/csaf_distribution into client-certificate 2022-02-15 18:21:41 +01:00
Bernhard Reiter
2905a30cc0
Improve tls client cert handling 
* Improve nginx setup to transfer auth information to the fcgiwrap
 backend.
 * Add instructions for creating client certs for testing.
 * Add debug output to see if and which client cert has been used when
   calling the csaf_provider.go .
 2022-02-15 18:20:24 +01:00
Bernhard Reiter
a71f490999
Merge branch 'main' into client-certificate 2022-02-15 10:01:18 +01:00
Bernhard Reiter
ae776306e2
Fix typo 2022-02-14 16:38:40 +01:00
Bernhard Reiter
ef402259a1
Improve client cert setup 
* remove cert creation, as it will be described in a different
   file.
 2022-02-14 13:24:22 +01:00
Bernhard E. Reiter
069ea10968
Merge branch 'main' into dev-docs-development-ca 2022-02-14 13:12:58 +01:00
Bernhard Reiter
64ff01c237
Merge branch 'main' into dev-docs-development-ca 2022-02-14 13:11:15 +01:00
Bernhard Reiter
ed82234305
Add docs to run a development ca with gnuls 2022-02-14 13:04:10 +01:00
Fadi Abbud
6a106640c6
Improve docs: add instructions to install TLS cert for nginx 
* Add instructions for installing a TLS server certificate on nginx 
 * Fix link to nginx in README.md
 * List all three ways to get a webserver TLS certificate. With some
   hints on which to chose for which purpose.
 * Do not add CSR instructions, because they can change over time and each CA may
   have slightly different requirements.
 * Add a hint about setting protocol selection.
 * Fix typo in provider-setup.md
 2022-02-14 12:39:40 +01:00
Bernhard Reiter
122cfb4757
Improve install-server-certificate.md 
* Add technical hint about ERR_SSL_KEY_USAGE_INCOMPATIBLE.
 * Improve format and spelling.
 * Remove OSCP hint as this is related to client certificates.
 2022-02-14 10:45:02 +01:00
Bernhard Reiter
d3f99189b5
Rework docs/install-server-certificate.md 
* List all three ways to get a webserver TLS certificate. With some
   hints on which to chose for which purpose.
 * Refer to the official nginx documentation and remove some of the
   instructions, because they can change over time and each CA may
   have slightly different requirements.
 * Add a hint about setting protocol selection.
 2022-02-11 17:42:24 +01:00