SystemSh0cker/gocsaf
1
0
Fork 0
mirror of https://github.com/gocsaf/csaf.git synced 2025-12-22 18:15:42 +01:00
Code Issues Releases Activity Actions
508 commits 13 branches 34 tags 8.5 MiB
Commit graph

508 commits

This branch
This branch
All branches
Author SHA1 Message Date
Sascha L. Teichmann
ada8070c63 There are no index.txt, changes.csv in ROLIE dists. 2022-08-01 07:20:52 +02:00
s-l-teichmann s-l-teichmann@users.noreply.github.com
4c0785c060 Apply automatic changes 2022-07-29 09:34:13 +00:00
mfd2007
f325723e74
Update config option (#266) 
Update names of config options and add new options.
 2022-07-29 11:33:30 +02:00
Fadi Abbud
8478322111
Merge pull request #265 from csaf-poc/unify-client-cert-loading 
Unify loading of client certs in checker and uploader.
 2022-07-27 09:55:10 +02:00
Fadi Abbud
fcafcbf13f Remove code duplication 
* The availability check of both the cert and key file is done in the
"prepare" function.
 2022-07-27 09:40:10 +02:00
Sascha L. Teichmann
e5f584092c Unify loading of client certs in checker and uploader. 2022-07-27 01:28:37 +02:00
Sascha L. Teichmann
1241429d19
Load client certs early to detect misconfiguration 
* Move loading of client certificate into the TLS handling code
   to an earlier position.
 2022-07-26 18:00:07 +02:00
s-l-teichmann s-l-teichmann@users.noreply.github.com
be15d43dd3 Apply automatic changes 2022-07-26 13:14:14 +00:00
Bernhard E. Reiter
86fb441446
Change default port for secvisogram (#262) 
* Change default port for secvisogram

 * Following change from
   https://github.com/secvisogram/csaf-validator-service/pull/14

* Improve script for setting up validation service

 * Add a test to fail if we cannot connect.
 * Add copyright header.
 2022-07-26 15:13:02 +02:00
Fadi Abbud
2614c1a4ba
Merge pull request #260 from csaf-poc/dont-omit-errors-loading-pmds 
Do not silence errors when fetching a pmd
 2022-07-26 15:11:14 +02:00
Sascha L. Teichmann
bed44e5e87 Do not silence errors when fetching a pmd 2022-07-26 12:06:14 +02:00
Bernhard Reiter
490fe4a589
Fix integration tests setup script 
* Change from calling the web interface to create the folders to
   using the `/api/create` so it works even if the web interface is
   turned off.
 2022-07-26 11:14:40 +02:00
Bernhard E. Reiter
dce0a9b51f
Disable experimental web interface for provider (#257) 
* Disable experimental web interface for provider

* More compact init

* Fixed typo

Co-authored-by: Sascha L. Teichmann <sascha.teichmann@intevation.de>
 2022-07-25 16:28:54 +02:00
Bernhard Reiter
4abddee3bb
Merge branch 'main' of github.com:csaf-poc/csaf_distribution into main 2022-07-25 15:24:51 +02:00
Bernhard Reiter
8df67a7b1d
Improve aggregator doc formatting (minor) 2022-07-25 15:24:26 +02:00
s-l-teichmann s-l-teichmann@users.noreply.github.com
101dd6880c Apply automatic changes 2022-07-25 13:24:11 +00:00
Bernhard E. Reiter
677b0fdd4f
Add docs for a provider proxy (#255) 
* Add instructions for an internal proxy provider

* Improve example test config

 * .. by moving CSAF_CONFIG out of the common fcgiwrap.conf,
   so it can more easily be changed in a different context.

* Improve proxy-provider-for-aggregator.md

 * Add section to aggregator documentation.
 * Fix typos.
 * Improve instructions.

* Fix one path

* Complre proxy-provider-for-aggregator.md
 2022-07-25 15:23:11 +02:00
Bernhard Reiter
c511a971d6
Improve aggregator docs (minor) 
* Add hint to OpenPGP private key in case unattended usage
   is wanted.
 2022-07-25 15:21:14 +02:00
Fadi Abbud
016188060f
Merge pull request #247 from csaf-poc/dont-forward-json-error 
Handle none JSON replies to uploader calls as errors.
 2022-07-25 13:23:19 +02:00
Fadi Abbud
52724d0a4a
Merge pull request #254 from csaf-poc/dedup-pmd-loading-error-checking 
Avoid duplicate errors checking and logging when loading pmds.
 2022-07-25 12:04:58 +02:00
Jan Höfelmeyer
92f6bc5a31 fixes missing negation of condition and fixes error messages 2022-07-25 08:25:06 +02:00
Sascha L. Teichmann
7cb376dd0e Use content-type to tell unexpected errors from good ones apart. 2022-07-24 16:41:49 +02:00
Sascha L. Teichmann
772e6351b8 Improved default logging prefix. 2022-07-23 16:29:38 +02:00
Sascha L. Teichmann
58ec57e1cb Avoid duplicate errors checking and logging when loading pmds. 2022-07-23 16:11:54 +02:00
Fadi Abbud
1b0e5b4238
Merge pull request #248 from csaf-poc/itest-download-from-agg 
Improve integration test scripts
 2022-07-22 10:08:37 +02:00
Bernhard Reiter
82a1a1997a
Merge branch 'main' into itest-download-from-agg 2022-07-22 09:10:07 +02:00
Sascha L. Teichmann
60b1db2da1
Fix aggregator to create valid uppercase TLPs. (#250) 
Resolve #249
 2022-07-22 09:09:25 +02:00
bernhardreiter bernhardreiter@users.noreply.github.com
ca69997e2b Apply automatic changes 2022-07-21 16:00:56 +00:00
JanHoefelmeyer
3769f1d338
Add abilities to aggregator to mirror and list 
* Aggregator now checks every provider on whether its mirrored or listed. 
*Add the option to the docs.
* Clean up the example  toml file to still contain two mirrors and one example-lister.

Co-authored-by: Jan Höfelmeyer <Jan Höfelmeyer jhoefelmeyer@intevation.de>
Co-authored-by: Sascha L. Teichmann <sascha.teichmann@intevation.de>
Co-authored-by: Bernhard Reiter <bernhard@intevation.de>
 2022-07-21 17:59:58 +02:00
Sascha L. Teichmann
d1855a9c30
Improve checks and messages for bad entries in files 
* Ignore bad URLs in index.txt, improve messages.

resolve #158
 2022-07-21 17:11:46 +02:00
Bernhard Reiter
6a605fdbcc
Add checker hint about not yet using role 2022-07-21 16:31:22 +02:00
Bernhard Reiter
94fe738b8c
Fix testDownloader url 2022-07-21 16:25:12 +02:00
Bernhard Reiter
35c31e9a76
Improve integration test 
* Add hint that some fails are okay, while we try to setup the
   validation service.
 2022-07-21 16:22:02 +02:00
Bernhard Reiter
88a2d585be
Improve integration test scripts 
* Add a simple aggegator web server config.
  * Add a downloader test using a direct url from the aggregator.
 2022-07-21 16:16:16 +02:00
Jan Höfelmeyer
82feb18eef Exchanged error message if Decoder fails to point towards server logs 2022-07-21 15:54:46 +02:00
bernhardreiter bernhardreiter@users.noreply.github.com
d5b9aa9ce0 Apply automatic changes 2022-07-21 13:04:51 +00:00
JanHoefelmeyer
5716374eac
Move example location of config files to /etc 
* Move example and integration test configuration files to /etc/csaf,
   this includes the provider's config.toml as well as the test OpenPGP keys.
   This shall make it more compatible with good practices like the FHS.

Co-authored-by: Jan Höfelmeyer <Jan Höfelmeyer jhoefelmeyer@intevation.de>
Co-authored-by: Bernhard Reiter <bernhard@intevation.de>
 2022-07-21 15:04:09 +02:00
JanHoefelmeyer
a84afa35cd
improve error message for requirement 9 (#243) 
* Improve phrasing to be more clear about that the test
  was not performed if we had found not provider-metadata.json.
 2022-07-21 12:48:48 +02:00
Bernhard Reiter
7965917168
Improve doc for development test script setup 
* Add a commented out hint how to clone a special branch
   in the calling example of docs/scripts/Readme.md.
 2022-07-21 12:44:03 +02:00
JanHoefelmeyer
16ff06180c
Merge pull request #241 from csaf-poc/verbose-validation-downloader 
Tested on version: 0.9.4-31-ga1d609c.
 2022-07-21 09:20:36 +02:00
Sascha L. Teichmann
a1d609c7d8 when downloader is run with verbose flag the advisory validation issues are logged in detail. 2022-07-20 12:49:50 +02:00
s-l-teichmann s-l-teichmann@users.noreply.github.com
0375e22747 Apply automatic changes 2022-07-20 10:05:55 +00:00
Fadi Abbud
9bb65a8cf8
Include service/category documents in itests (#239) 2022-07-20 12:05:08 +02:00
JanHoefelmeyer
cca460c77b
Merge pull request #238 from csaf-poc/publisher-in-report 
Added publisher and role to domain report.
 2022-07-20 11:58:14 +02:00
Sascha L. Teichmann
3a43ca5630 Merge branch 'main' into publisher-in-report 2022-07-20 11:35:17 +02:00
Sascha L. Teichmann
6bf7b52890 Add fieldset araound publsher in html report 2022-07-20 11:35:04 +02:00
Sascha L. Teichmann
4c1fdd2289
simplified loading of provider metadata in case of dns fallback. (#240) 2022-07-19 16:14:56 +02:00
Fadi Abbud
6a87157184
Merge pull request #235 from csaf-poc/bad-dirs-only-once 
Only report bad directories in listing check only once.
 2022-07-19 12:51:29 +02:00
Fadi Abbud
798e11ad18
Merge pull request #234 from csaf-poc/quick-ckeck 
Quick ckeck
 2022-07-19 10:07:08 +02:00
Sascha L. Teichmann
649b5c904b Added publisher and role to domain report. 2022-07-18 22:44:34 +02:00