Commit Graph

13 Commits

Author SHA1 Message Date
Dirk Stöcker 6f019acd7b support filtering 2024-05-23 15:44:12 +02:00
Andrew Ayer 7bb5602d09 Refine interface for malformed log entries 2024-04-04 07:55:44 -04:00
Andrew Ayer 5e0737353c Abstract state storage and notification logic behind an interface 2024-04-04 07:47:25 -04:00
Andrew Ayer bd2bab5fcb Save malformed entries, and put paths in environment variables
To allow scripts to access them.
2023-02-19 08:45:32 -05:00
Andrew Ayer 2dc99f8d23 Fix notification suppression 2023-02-07 09:23:01 -05:00
Andrew Ayer 9ec3c74400 Rename LeafSHA256 to avoid confusion with Merkle leafs 2023-02-05 08:41:17 -05:00
Andrew Ayer 7a8a770d99 Apply gofmt 2023-02-05 08:30:53 -05:00
Andrew Ayer c68cf401a3 Add $TBS_SHA256 and tbs_sha256 to script environment and JSON 2023-02-05 08:30:45 -05:00
Andrew Ayer bc36175a53 Ensure that precertificates match the Merkle leaf input 2023-02-05 08:18:28 -05:00
Andrew Ayer 03c21ed118 Add PubkeySHA256 to discoveredCert 2023-02-05 08:08:07 -05:00
Andrew Ayer a5a9008de2 Add .v1 to file suffix of JSON files
If we add fields in the future this will make it clear that old
files don't have the new fields
2023-02-03 14:32:35 -05:00
Andrew Ayer 6848316a5b Make the .notified file a hidden file
Since it's an implementation detail that users shouldn't need
to know about.
2023-02-03 14:29:58 -05:00
Andrew Ayer 209cdb181b Convert to a daemon and make many other improvements
Specifically, certspotter no longer terminates unless it receives SIGTERM
or SIGINT or there is a serious error.

Although using cron made sense in the early days of Certificate
Transparency, certspotter now needs to run continuously to reliably keep
up with the high growth rate of contemporary CT logs, and to gracefully
handle the many transient errors that can arise when monitoring CT.

Closes: #63
Closes: #37
Closes: #32 (presumably by eliminating $DNS_NAMES and $IP_ADDRESSES)
Closes: #21 (with $WATCH_ITEM)
Closes: #25
2023-02-03 14:12:03 -05:00