Commit Graph

21 Commits

Author SHA1 Message Date
Andrew Ayer 7d910d5521 When version is set via ldflag, append a "?" to indicate uncertainty 2023-02-09 11:29:30 -05:00
Faidon Liambotis 1a5f581c07 certspotterVersion: also allow -X=main.Version
debug.ReadBuildInfo() doesn't work for the Debian package, where there
is no git repository (at best; could be the Debian packaging one). The
go module doesn't have a version either.

Add a quick shortcut at the top, that sets the version to main.Version
if it's non-empty -- which is by default, so no change in behavior.

Effectively, this allows one to use the standard
-ldflags=-X=main.Version to set the version, like we intend to do in the
Debian package.
2023-02-09 11:28:04 -05:00
Andrew Ayer 6a6f74414a Fix typos
Closes: #3
2023-02-09 11:27:48 -05:00
Andrew Ayer 52949d8ea3 Apply gofmt 2023-02-06 09:18:53 -05:00
Andrew Ayer 2a24abaa31 Make health check interval configurable 2023-02-06 09:18:37 -05:00
Andrew Ayer 2f2ad094db Set User-Agent header when fetching log list 2023-02-03 15:24:55 -05:00
Andrew Ayer 209cdb181b Convert to a daemon and make many other improvements
Specifically, certspotter no longer terminates unless it receives SIGTERM
or SIGINT or there is a serious error.

Although using cron made sense in the early days of Certificate
Transparency, certspotter now needs to run continuously to reliably keep
up with the high growth rate of contemporary CT logs, and to gracefully
handle the many transient errors that can arise when monitoring CT.

Closes: #63
Closes: #37
Closes: #32 (presumably by eliminating $DNS_NAMES and $IP_ADDRESSES)
Closes: #21 (with $WATCH_ITEM)
Closes: #25
2023-02-03 14:12:03 -05:00
Andrew Ayer c9aaa2782f Add -version flag 2021-10-12 10:28:34 -04:00
Andrew Ayer 2cccf67601 Avoid leaving a file open for longer than necessary 2020-10-06 19:27:58 -04:00
Ian Foster 6991be261c changed bygonessl behavior 2018-07-19 16:12:17 -07:00
Ian Foster 1b4943c198 rename issued_before to valid_at 2018-07-13 11:11:58 -07:00
Ian Foster e5fd2e9efc Initial BygoneSSL support 2018-07-04 19:03:57 -07:00
Jonathan Rudenberg acc6781f29 Run gofmt
Signed-off-by: Jonathan Rudenberg <jonathan@titanous.com>
2016-07-28 14:55:46 -04:00
Andrew Ayer 2c8cb1f402 Return exit code from cmd.Main instead of exiting directly
This allows the calling code to do custom cleanup.
2016-06-03 07:21:08 -07:00
Andrew Ayer 2bed88e7c5 Rework watchlist
Watchlist is now read from ~/.certspotter/watchlist by default, or from
the file specified by -watchlist (- for stdin).

By default, only exact DNS names are matched.  To match both the domain
itself and all sub-domains, prefix with a dot (e.g. .example.com).

Comments are now allowed in watchlist files.
2016-05-12 11:30:59 -07:00
Andrew Ayer 7196ec5217 Use $CERTSPOTTER_STATE_DIR to specify state directory 2016-05-12 10:53:57 -07:00
Andrew Ayer f9432ae4b9 Reverse order of certspotter.MatchesWildcard arguments 2016-05-10 14:29:04 -07:00
Andrew Ayer 92fbdcb947 Support crazy wildcards (not just in the left-most label) 2016-05-10 10:37:10 -07:00
Andrew Ayer b79cb31413 Move package to software.sslmate.com/src/certspotter 2016-05-04 12:19:59 -07:00
Andrew Ayer 1e582e2e0c License under the MPL 2.0 2016-05-04 11:56:13 -07:00
Andrew Ayer 670cddafbc Rename project to certspotter 2016-05-04 11:49:07 -07:00