SystemSh0cker/gocsaf
1
0
Fork 0
mirror of https://github.com/gocsaf/csaf.git synced 2025-12-22 11:55:40 +01:00
Code Issues Releases Activity Actions
241 commits 13 branches 34 tags 8.5 MiB
Commit graph

241 commits

This branch
This branch
All branches
Author SHA1 Message Date
Bernhard Reiter
6dada4fd14
Change checker to allow integration test coverage 
* Add realMain() to allow a call with test argument redacted.
 * Add main_test to call realMain with arguments after `--`.
 2022-04-07 18:02:41 +02:00
Fadi Abbud
530a02742e
Go binaries for Github releases (#86) 
* Add github action to automate publishing Go binaries for Github
releases.
 2022-04-06 15:52:04 +02:00
Fadi Abbud
a91d36cc95
Add options to use TLS client certificate for authentication (Checker) 
* Add "client-cert" and "client-key" flag options to allow the checker to use TLS client certificate for authentication.
* Fix typo TSL -> TLS in docs.


Co-authored-by: Bernhard Reiter <bernhard@intevation.de>
 2022-03-31 17:57:43 +02:00
Fadi Abbud
b9603b7742
Add options to use TLS client certificate for authentication (Uploader) 
* Add "client-cert" and "client-key" flag options to allow the uploader to use
TLS client certificate for authentication with the provider.

Co-authored-by: Bernhard Reiter <bernhard@intevation.de>
 2022-03-31 15:57:00 +02:00
Fadi Abbud
b99322708e
Merge pull request #25 from csaf-poc/client-certificate 
Configure nginx for client certificate authentication
 2022-03-25 07:47:56 +01:00
Fadi Abbud
43c9a25c34 Improve documentation (client-certificate-setup.md) 2022-03-25 07:45:02 +01:00
Fadi Abbud
782d653e59 Issuer documentation 
* Documentation for the "issuer" option of the provider.
* More info of the format of the accepted file
* Print out the value of `SSL_CLIENT_I_DN` also when it is not match the issuer.
 2022-03-24 16:46:47 +01:00
Fadi Abbud
1a2af34df0 Add example to README (client-certificate-setup.md) 2022-03-24 09:36:59 +01:00
Bernhard E. Reiter
1d7e7a3124
Merge branch 'main' into client-certificate 2022-03-23 20:19:51 +01:00
Bernhard Reiter
3753f08370
Merge branch 'main' into client-certificate 2022-03-23 20:12:36 +01:00
Fadi Abbud
5e1f2092e8
add setup options to provider docs 
* Add a first description of the config options for csaf_provider.
 * Change option name from `domain` to `canonical_prefix_url`
    to make the usage more intuitively. Use`https` in the default,
    if unset.

resolve #32 

Co-authored-by: Bernhard E. Reiter <bernhard@intevation.de>
Co-authored-by: tschmidtb51 <65305130+tschmidtb51@users.noreply.github.com>
 2022-03-23 19:48:05 +01:00
Fadi Abbud
4fae2ec627 Fix typo 2022-03-22 08:39:13 +01:00
Sascha L. Teichmann
45ac434871
Merge pull request #80 from csaf-poc/checker-documentation 
Checker documentation
 2022-03-21 22:20:00 +01:00
Sascha L. Teichmann
f2f4b9081f
Merge pull request #79 from csaf-poc/dev-pgp-to-pubkeysopenpgp 
Improve Texts "PGP key" -> "public OpenPGP key"
 2022-03-21 22:17:41 +01:00
Fadi Abbud
9e2a9d7fad Code documentation and fix typo 2022-03-08 17:31:13 +01:00
Bernhard Reiter
6b47ed8f1d
Change test to trigger results 2022-03-08 16:33:39 +01:00
Bernhard Reiter
74523df5f0
Fix go test in workflow 2022-03-08 16:26:04 +01:00
Bernhard E. Reiter
87dd8307a3
Add first simple unit test with workflow (#81) 
* Adding first simple unit test

* Add test run to workflow

Co-authored-by: Sascha L. Teichmann <sascha.teichmann@intevation.de>
 2022-03-08 16:25:17 +01:00
Fadi Abbud
056f0fc6d6 Typo 2022-03-08 11:28:55 +01:00
Fadi Abbud
41a2d50773 Code documentation 2022-03-07 14:39:29 +01:00
Sascha L. Teichmann
737fc89cd5 Made the issuer optional if using client sides certs for auth. 2022-03-07 13:27:22 +01:00
Fadi Abbud
aa60e8f245 Add some code documentation 2022-03-04 16:04:21 +01:00
Bernhard Reiter
1c5664d8cb
Improve Texts "PGP key" -> "public OpenPGP key" 2022-03-03 14:46:07 +01:00
Sascha L. Teichmann
b852ae4ec1
Merge pull request #78 from csaf-poc/dev-fix-typos2 
Improve checker's reporting texts
 2022-03-03 12:23:20 +01:00
Sascha L. Teichmann
7841d78bb8 removed unnecessary assignments. 2022-03-03 12:21:16 +01:00
Fadi Abbud
7c64540c7e
Improve Documentation for provider (#61) 2022-03-03 11:57:41 +01:00
Bernhard Reiter
bfa5e787a2
Improve checker's reporting texts 
* Remove minor typos.
 * Go upper case for HTTPS as this is more common.
 * Make texts indicating a good result start with somethink else
   than "No", this removes an indirection in thinking and also offers
   a visible difference.
 * Bump copyright year to 2022.
 * Do PGP to "public OpenPGP keys" while at the reporters.go file
   while at it (to make merging easier).
 * Use an explicit message to indicate that a check is not done because
   of a missing implementation.
 2022-03-03 11:55:03 +01:00
Fadi Abbud
1c59b671d5 Improve documentation 2022-03-03 11:22:41 +01:00
Fadi Abbud
5f6a067119 Improve usage example 2022-03-02 15:42:44 +01:00
Fadi Abbud
65e199d9e6
Add csaf_checker to README 
Co-authored-by: Bernhard E. Reiter <bernhard@intevation.de>
 2022-03-02 15:09:04 +01:00
Fadi Abbud
64db8b4afd
Merge pull request #65 from csaf-poc/dev-fix-typo-casf 
Fixing `CASF' typos
 2022-02-27 15:29:22 +01:00
Bernhard Reiter
1f4f32435d
Fixing `CASF' typos 
* Bump copyright year 2021 -> 2022 on a few files.
 2022-02-25 17:38:07 +01:00
Fadi Abbud
b4341cf8ec
Merge pull request #64 from csaf-poc/factor-out-summary-extraction 
Factor out summary extraction from advisories.
 2022-02-24 12:47:14 +01:00
Sascha L. Teichmann
b12ad718c5 Factor out summary extraction from advisories. 2022-02-24 12:22:10 +01:00
Fadi Abbud
d4270e2d39
Merge pull request #63 from csaf-poc/rolie-extra-feed-layer 
Add another layer aound the ROLIE feed documents.
 2022-02-24 10:00:09 +01:00
Fadi Abbud
670f4cbf60 Fix Typo 2022-02-24 09:06:16 +01:00
Sascha L. Teichmann
4fc6bc5509 Add another layer aound the ROLIE feed documents. 2022-02-23 21:10:19 +01:00
Fadi Abbud
cbf39f9806 Documentation 2022-02-22 11:06:51 +01:00
Fadi Abbud
9e422d5ad2 Add one config option (provider) 
* "Issuer" config option for setting the CA issuer, these is used to
determine the valid TLS client certificates that allowed to access the
web-interface of the provider.
 2022-02-22 08:37:51 +01:00
Fadi Abbud
a5d64a4038 Add info to one command (client-certificate-setup.md) 2022-02-18 14:40:31 +01:00
Fadi Abbud
d451cc3908 (minor) Fix one option value 2022-02-18 13:57:45 +01:00
Fadi Abbud
9e13831a6f
Merge pull request #55 from csaf-poc/dev-docs-development-ca 
Add docs to run a development ca with gnutls
 2022-02-17 10:48:03 +01:00
Sascha L. Teichmann
a02c1cea6c
Merge pull request #39 from csaf-poc/improve_tlp_error_message 
Improve error message of missing tlp
 2022-02-17 10:43:27 +01:00
Sascha L. Teichmann
57f43b9d7c Restore output of found value 2022-02-17 10:41:52 +01:00
Sascha L. Teichmann
cffc7aaa66 Merge branch 'main' into improve_tlp_error_message 2022-02-17 10:34:03 +01:00
Sascha L. Teichmann
83299ebe8b
Merge pull request #51 from csaf-poc/provider_documentation 
Add some code documentation
 2022-02-17 10:30:31 +01:00
Fadi Abbud
21333fe7b4
Merge pull request #56 from csaf-poc/checker-locate-provider-metadata-json 
Checker locate provider metadata json
 2022-02-17 10:24:43 +01:00
Fadi Abbud
d9e326f84a Fix link in development-ca.md 2022-02-17 10:05:08 +01:00
Fadi Abbud
78a04ab081
Improve uploader documentation (#38) 
* improves #33
 2022-02-16 16:32:58 +01:00
Bernhard Reiter
196e123415
Improve docs/development-ca.md 
* Add some considerations and references. So readers can follow some
   of the engineering thoughts.
 2022-02-16 09:55:16 +01:00