SystemSh0cker/gocsaf
1
0
Fork 0
mirror of https://github.com/gocsaf/csaf.git synced 2025-12-22 11:55:40 +01:00
Code Issues Releases Activity Actions
gocsaf/docs/csaf_downloader.md
Sascha L. Teichmann 8630e8bac2
Add support for config files in downloader. (#404) 
* Add support for config files in downloader.

* Add no-ini for the version flag, too.

* Add config file options in doc to downloader.
2023-07-19 10:49:17 +02:00

2.2 KiB
Raw Blame History

csaf_downloader

A tool to download CSAF documents from CSAF providers.

Usage

csaf_downloader [OPTIONS] domain...

Application Options:
  -d, --directory=DIR          DIRectory to store the downloaded files in
      --insecure               Do not check TLS certificates from provider
      --ignoresigcheck         Ignore signature check results, just warn on mismatch
      --version                Display version of the binary
  -v, --verbose                Verbose output
  -r, --rate=                  The average upper limit of https operations per second (defaults to unlimited)
  -w, --worker=NUM             NUMber of concurrent downloads (default: 2)
  -H, --header=                One or more extra HTTP header fields
      --validator=URL          URL to validate documents remotely
      --validatorcache=FILE    FILE to cache remote validations
      --validatorpreset=       One or more presets to validate remotely (default: mandatory)
  -c, --config=INI-FILE        Path to config ini file

Help Options:
  -h, --help                   Show this help message

Will download all CSAF documents for the given domains, by trying each as a CSAF provider.

If a domain starts with https:// it is instead considered a direct URL to the provider-metadata.json and downloading procedes from there.

Increasing the number of workers opens more connections to the web servers to download more advisories at once. This may improve the overall speed of the download. However, since this also increases the load on the servers, their administrators could have taken countermeasures to limit this.

If no config file is explictly given the follwing places are searched for a config file:

~/.config/csaf/downloader.ini
~/.csaf_downloader.ini
csaf_downloader.ini

with ~ expanding to $HOME on unixoid systems and %HOMEPATH on Windows systems.

Supported options in config files:

directory         # not set by default
insecure          = false
ignoresigcheck    = false
verbose           = false
# rate            # set to unlimited
worker            = 2
# header          # not set by default
# validator       # not set by default
# validatorcache  # not set by default
validatorpreset   = "mandatory"