From cfaf1262845ec57778120b644ed94625929dc493 Mon Sep 17 00:00:00 2001 From: Andrew Ayer Date: Fri, 5 Feb 2016 08:13:11 -0800 Subject: [PATCH] To monitor all domains, require "." to be specified Now that we save all certs by default, we want to prevent people from accidentally monitoring all domains, which could lead to MASSIVE disk usage. "." is used because it denotes the root zone in DNS. --- cmd/ctwatch/main.go | 21 +++++++++++++-------- 1 file changed, 13 insertions(+), 8 deletions(-) diff --git a/cmd/ctwatch/main.go b/cmd/ctwatch/main.go index 128f895..669fa72 100644 --- a/cmd/ctwatch/main.go +++ b/cmd/ctwatch/main.go @@ -15,8 +15,17 @@ var stateDir = flag.String("state_dir", cmd.DefaultStateDir("ctwatch"), "Directo func main() { flag.Parse() - var domains []string + if flag.NArg() == 0 { + fmt.Fprintf(os.Stderr, "Usage: %s [flags] domain ...\n", os.Args[0]) + fmt.Fprintf(os.Stderr, "\n") + fmt.Fprintf(os.Stderr, "To read domain list from stdin, use '-'. To monitor all domains, use '.'.\n") + fmt.Fprintf(os.Stderr, "See '%s -help' for a list of valid flags.\n", os.Args[0]) + os.Exit(2) + } + + var matcher ctwatch.Matcher if flag.NArg() == 1 && flag.Arg(0) == "-" { + var domains []string scanner := bufio.NewScanner(os.Stdin) for scanner.Scan() { domains = append(domains, scanner.Text()) @@ -25,15 +34,11 @@ func main() { fmt.Fprintf(os.Stderr, "%s: Error reading standard input: %s\n", os.Args[0], err) os.Exit(3) } - } else { - domains = flag.Args() - } - - var matcher ctwatch.Matcher - if len(domains) == 0 { + matcher = ctwatch.NewDomainMatcher(domains) + } else if flag.NArg() == 1 && flag.Arg(0) == "." { // "." as in root zone matcher = ctwatch.MatchAll{} } else { - matcher = ctwatch.NewDomainMatcher(domains) + matcher = ctwatch.NewDomainMatcher(flag.Args()) } cmd.Main(*stateDir, matcher)