Tandem
/
certspotter
mirror of https://github.com/SSLMate/certspotter.git
2
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Refine interface for malformed log entries

This commit is contained in:
Andrew Ayer 2024-04-04 07:55:44 -04:00
parent 73327f0c2c
commit 7bb5602d09
3 changed files with 5 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
monitor/fsstate.go
View File

@ -146,7 +146,7 @@ func (s *FilesystemState) NotifyCert(ctx context.Context, cert *DiscoveredCert)
return nil return nil
} }
func (s *FilesystemState) NotifyMalformedEntry(ctx context.Context, entry *LogEntry, parseError string) error { func (s *FilesystemState) NotifyMalformedEntry(ctx context.Context, entry *LogEntry, parseError error) error {
var ( var (
dirPath = filepath.Join(s.logStateDir(entry.Log.LogID), "malformed_entries") dirPath = filepath.Join(s.logStateDir(entry.Log.LogID), "malformed_entries")
entryPath = filepath.Join(dirPath, fmt.Sprintf("%d.json", entry.Index)) entryPath = filepath.Join(dirPath, fmt.Sprintf("%d.json", entry.Index))
@ -168,7 +168,7 @@ func (s *FilesystemState) NotifyMalformedEntry(ctx context.Context, entry *LogEn
fmt.Fprintf(text, "Unable to determine if log entry matches your watchlist. Please file a bug report at https://github.com/SSLMate/certspotter/issues/new with the following details:\n") fmt.Fprintf(text, "Unable to determine if log entry matches your watchlist. Please file a bug report at https://github.com/SSLMate/certspotter/issues/new with the following details:\n")
writeField("Log Entry", fmt.Sprintf("%d @ %s", entry.Index, entry.Log.URL)) writeField("Log Entry", fmt.Sprintf("%d @ %s", entry.Index, entry.Log.URL))
writeField("Leaf Hash", entry.LeafHash.Base64String()) writeField("Leaf Hash", entry.LeafHash.Base64String())
writeField("Error", parseError) writeField("Error", parseError.Error())
if err := writeJSONFile(entryPath, entryJSON, 0666); err != nil { if err := writeJSONFile(entryPath, entryJSON, 0666); err != nil {
return fmt.Errorf("error saving JSON file: %w", err) return fmt.Errorf("error saving JSON file: %w", err)
@ -183,7 +183,7 @@ func (s *FilesystemState) NotifyMalformedEntry(ctx context.Context, entry *LogEn
"LOG_URI=" + entry.Log.URL, "LOG_URI=" + entry.Log.URL,
"ENTRY_INDEX=" + fmt.Sprint(entry.Index), "ENTRY_INDEX=" + fmt.Sprint(entry.Index),
"LEAF_HASH=" + entry.LeafHash.Base64String(), "LEAF_HASH=" + entry.LeafHash.Base64String(),
"PARSE_ERROR=" + parseError, "PARSE_ERROR=" + parseError.Error(),
"ENTRY_FILENAME=" + entryPath, "ENTRY_FILENAME=" + entryPath,
"TEXT_FILENAME=" + textPath, "TEXT_FILENAME=" + textPath,
"CERT_PARSEABLE=no", // backwards compat with pre-0.15.0; not documented "CERT_PARSEABLE=no", // backwards compat with pre-0.15.0; not documented

2
monitor/process.go
View File

@ -111,7 +111,7 @@ func processCertificate(ctx context.Context, config *Config, entry *LogEntry, ce
} }
func processMalformedLogEntry(ctx context.Context, config *Config, entry *LogEntry, parseError error) error { func processMalformedLogEntry(ctx context.Context, config *Config, entry *LogEntry, parseError error) error {
if err := config.State.NotifyMalformedEntry(ctx, entry, parseError.Error()); err != nil { if err := config.State.NotifyMalformedEntry(ctx, entry, parseError); err != nil {
return fmt.Errorf("error notifying about malformed log entry %d in %s (%q): %w", entry.Index, entry.Log.URL, parseError, err) return fmt.Errorf("error notifying about malformed log entry %d in %s (%q): %w", entry.Index, entry.Log.URL, parseError, err)
} }
return nil return nil

2
monitor/state.go
View File

@ -55,7 +55,7 @@ type StateProvider interface {
NotifyCert(context.Context, *DiscoveredCert) error NotifyCert(context.Context, *DiscoveredCert) error
// Called when certspotter fails to parse a log entry. // Called when certspotter fails to parse a log entry.
NotifyMalformedEntry(ctx context.Context, entry *LogEntry, parseError string) error NotifyMalformedEntry(context.Context, *LogEntry, error) error
// Called when a health check fails. The log is nil if the // Called when a health check fails. The log is nil if the
// feailure is not associated with a log. // feailure is not associated with a log.