Closed Fadiabb closed 2 years ago
Is addressed in branch https://github.com/csaf-poc/csaf_distribution/tree/checker-locate-provider-metadata-json
Should be implemented. @Fadiabb please give it a test.
Current head does not do searching for DNS correctley, here is my test (internal):
curl https://csaf.data.security.intevation.de --insecure --silent | head -2
{
"canonical_url": "https://localhost:8443/.well-known/csaf/provider-metadata.json",
./bin-linux-amd64/csaf_checker --version
0.3.1-31-g29f26e0
./bin-linux-amd64/csaf_checker intevation.de
[..]
"No provider-metadata.json found.",
[...]
"num": 10,
"description": "DNS path",
"messages": [
"No csaf.data.security.domain.tld DNS record checked."
Branch https://github.com/csaf-poc/csaf_distribution/tree/dev-dns-detection will have improvements.
With #138 we check for DNS, so we check at least all methods once. As for the specific order and details, the remaining part of this is tracked in #60. (With this overlap resolved, we can close here.)
Split out from #24 .
The checker has to check if the
provider-metadata.json
can be found in at least one of the following to be valid:These should be fulfilled according to the second group of the requirements in Role: CSAF provider