Tandem/certspotter
2
0
Fork 0
mirror of https://github.com/SSLMate/certspotter.git synced 2025-06-27 10:15:33 +02:00
Code Issues Packages Projects Releases Wiki Activity

Commit Graph

  • 0bd48084f0 Add MakeMerkleTreeBuilder Andrew Ayer 2016-11-25 20:13:17 -08:00
  • adce61e035 Add GetAuditProof to LogClient Andrew Ayer 2016-11-25 20:09:59 -08:00
  • b63a024876 Replace MerkleTreeBuilder.Finish with non-mutating CalculateRoot Andrew Ayer 2016-11-25 17:43:07 -08:00
  • ef18092eb9 Add new logs: Icarus, Skydiver, StartCom, WoSign Andrew Ayer 2016-11-15 12:48:56 -08:00
  • 9bf82346d8 Avoid use of json.Decoder Andrew Ayer 2016-11-15 12:43:31 -08:00
  • 36210a9544 VerifyConsistencyProof: properly return tree builder when two trees are the same Andrew Ayer 2016-11-15 12:38:49 -08:00
  • 31f2316aa2 Rework -all_time logic Andrew Ayer 2016-11-15 12:23:24 -08:00
  • 7d2936eada README: document upcoming mandatory CT Andrew Ayer 2016-11-12 08:09:42 -08:00
  • f706b09bc8 README: document GlobalSign DV logging Andrew Ayer 2016-11-12 08:09:27 -08:00
  • 2a80e85783 Increase log client request timeout to 60 seconds Andrew Ayer 2016-08-30 10:39:58 -07:00
  • 35c646ae62 Add NEWS file for 0.2 release 0.2 Andrew Ayer 2016-08-25 17:13:31 -07:00
  • 4104152de6 Use io.ReadFull instead of raw Read Joe Tsai 2016-05-09 18:22:08 -07:00
  • c36452f67a Improve log client error messages Andrew Ayer 2016-08-25 16:04:29 -07:00
  • 1af6309367 Define tagUTCTime and tagGeneralizedTime Andrew Ayer 2016-08-20 19:43:10 -07:00
  • b1dc229785 Fix typo Andrew Ayer 2016-07-28 15:52:32 -07:00
  • 1f97fb3a13 Suppress duplicate identifiers Andrew Ayer 2016-07-28 13:56:58 -07:00
  • 6cae4942e4 Identifiers: abstract out appendIPAddress Andrew Ayer 2016-07-28 13:53:24 -07:00
  • c217200b96 Return errors from InvokeHookScript instead of failing silently Jonathan Rudenberg 2016-07-28 15:11:32 -04:00
  • acc6781f29 Run gofmt #1 Jonathan Rudenberg 2016-07-28 14:55:46 -04:00
  • 38b9c920eb Add README 0.1 Andrew Ayer 2016-07-27 14:17:53 -07:00
  • 1dc7e1cda9 Refine command line flag descriptions Andrew Ayer 2016-07-26 17:02:56 -07:00
  • 902755d4e8 Don't enforce public key compliance Andrew Ayer 2016-07-26 17:00:01 -07:00
  • f75c47d9ca Always store files in ~/.certspotter, even if running as root Andrew Ayer 2016-07-26 16:57:26 -07:00
  • c185657181 Remove Izenpe log, add CNNIC Andrew Ayer 2016-07-19 10:46:15 -07:00
  • cf8a5d8703 Remove description field from logs.go Andrew Ayer 2016-07-19 10:39:01 -07:00
  • 37bc55be2d Add key hash to logs.go Andrew Ayer 2016-07-19 10:32:05 -07:00
  • ebdf2af720 Add some comments Andrew Ayer 2016-07-19 10:31:23 -07:00
  • 19e05b901a Remove some dead code from the scanner Andrew Ayer 2016-06-22 10:32:42 -07:00
  • 74f9ceb6a2 Add attribution of the ct sub-directory Andrew Ayer 2016-06-22 10:30:16 -07:00
  • 724517e4c4 Update crt.sh link to use sha256= instead of q= Andrew Ayer 2016-06-20 15:23:15 -07:00
  • fa1236f434 Use a switch statement instead of an if statement Andrew Ayer 2016-06-08 15:57:56 -07:00
  • 196bd864cd Properly handle non-200 responses from logs Andrew Ayer 2016-06-08 15:18:28 -07:00
  • 1fc964732b Allow public key to be omitted from log JSON file Andrew Ayer 2016-06-03 08:10:38 -07:00
  • 2c8cb1f402 Return exit code from cmd.Main instead of exiting directly Andrew Ayer 2016-06-03 07:21:08 -07:00
  • 6db3f7564c Add function to reconstruct pre-cert TBS from cert TBS Andrew Ayer 2016-05-16 11:32:48 -07:00
  • ae59c317dc Ignore empty DNS names Andrew Ayer 2016-05-13 10:31:13 -07:00
  • 2bed88e7c5 Rework watchlist Andrew Ayer 2016-05-12 11:30:59 -07:00
  • 7196ec5217 Use $CERTSPOTTER_STATE_DIR to specify state directory Andrew Ayer 2016-05-12 10:53:57 -07:00
  • dac062e17d Add unit tests for MatchesWildcard Andrew Ayer 2016-05-10 14:29:10 -07:00
  • f9432ae4b9 Reverse order of certspotter.MatchesWildcard arguments Andrew Ayer 2016-05-10 14:29:04 -07:00
  • 92fbdcb947 Support crazy wildcards (not just in the left-most label) Andrew Ayer 2016-05-10 10:37:10 -07:00
  • e99ee481a4 Disable check of pre-cert poision value Andrew Ayer 2016-05-09 15:46:14 -07:00
  • 9342adcd93 Tighten up the cert information output Andrew Ayer 2016-05-09 15:41:00 -07:00
  • b79cb31413 Move package to software.sslmate.com/src/certspotter Andrew Ayer 2016-05-04 12:19:59 -07:00
  • 1e582e2e0c License under the MPL 2.0 Andrew Ayer 2016-05-04 11:53:48 -07:00
  • 670cddafbc Rename project to certspotter Andrew Ayer 2016-05-04 11:49:07 -07:00
  • ea3db97486 Only replace DNS label with placeholder if it's utterly unparsable Andrew Ayer 2016-05-04 11:43:02 -07:00
  • 60636ba2d7 Move Identifiers from CertInfo to EntryInfo Andrew Ayer 2016-05-03 11:58:59 -07:00
  • 5f4e35843a Display SANs in output Andrew Ayer 2016-05-02 11:59:55 -07:00
  • df5ad71a40 Support for IP addresses encoded as strings in CNs/DNS SANs Andrew Ayer 2016-05-02 11:38:08 -07:00
  • 82167b8151 Additional handling of pathological DNS names Andrew Ayer 2016-05-01 17:02:52 -07:00
  • 3ec8a0a3db Ignore IP address SANs with an invalid length Andrew Ayer 2016-05-01 14:52:19 -07:00
  • ca8f60740a Trim trailing dots from DNS names Andrew Ayer 2016-05-01 12:49:26 -07:00
  • 3c220e56f6 scanner: reduce channel queue buffer length Andrew Ayer 2016-05-01 12:49:07 -07:00
  • a0859acad3 Remove defunct Certly log Andrew Ayer 2016-04-30 15:03:16 -07:00
  • 847b7129e8 Monitor for all DNS names that _might_ match a monitored domain Andrew Ayer 2016-04-29 09:02:03 -07:00
  • ec68dde647 Only allow * and ? as entire DNS name labels Andrew Ayer 2016-04-29 08:45:54 -07:00
  • 2c9df274e9 Gracefully handle all manner of poorly encoded identifiers Andrew Ayer 2016-04-28 21:26:59 -07:00
  • a072440db8 Handle certificates with multiple Basic Constraints extensions Andrew Ayer 2016-04-26 18:06:59 -07:00
  • 65ed742477 Support wildcards Andrew Ayer 2016-04-26 14:49:39 -07:00
  • 4132ed5e9f Add support for IDNs Andrew Ayer 2016-04-26 14:38:09 -07:00
  • 19c5f86d23 Allow DNS SANs to contain UTF-8 Andrew Ayer 2016-04-26 14:14:08 -07:00
  • 2426817cd5 Raise parse error if certain strings are improperly encoded Andrew Ayer 2016-04-24 09:11:28 -07:00
  • 2d2aa37202 Parse common names separately from DNS names Andrew Ayer 2016-04-22 20:58:33 -07:00
  • ef0b46b7a5 Remove defunct Wosign log Andrew Ayer 2016-04-14 17:55:50 -07:00
  • e091186d83 Save consistency proof along with evidence of misbehavior Andrew Ayer 2016-04-06 08:10:06 -07:00
  • db2cd2c458 logclient: work around HTTP/2 issue Andrew Ayer 2016-03-27 11:54:34 -07:00
  • 80bfe1321c Add helpers to get fingerprint/hashes in byte form Andrew Ayer 2016-03-26 18:04:22 -07:00
  • ef395b8e60 Add function to validate a pre-cert Andrew Ayer 2016-03-23 21:03:00 -07:00
  • 81bfa0bbd8 Add ctparsewatch Andrew Ayer 2016-03-23 20:19:39 -07:00
  • 786e9e3460 Add a relaxed ASN.1 Time parser Andrew Ayer 2016-03-23 20:18:26 -07:00
  • af14fca70f Add HasParseErrors method to EntryInfo Andrew Ayer 2016-03-23 20:18:12 -07:00
  • 616ac0cb83 Adjust gitignore Andrew Ayer 2016-03-23 20:04:55 -07:00
  • eded2ff458 Ensure ParseDNSNames does not return a nil slice Andrew Ayer 2016-03-22 17:17:38 -07:00
  • 3b59332bf1 Rename a function for clarity Andrew Ayer 2016-03-17 16:34:53 -07:00
  • a071e9490a Replace embedded X509 parser with my own lightweight parser Andrew Ayer 2016-03-16 16:58:00 -07:00
  • 5ccf9fdcd3 ctwatch: allow state dir to be set by $CTWATCH_STATE_DIR Andrew Ayer 2016-03-08 07:09:26 -08:00
  • f988d05b4b Decode JSON directly into []byte Andrew Ayer 2016-03-08 07:01:10 -08:00
  • 2608a74e66 Make trailing garbage a fatal error when extracting DNS names Andrew Ayer 2016-02-22 19:35:21 -08:00
  • 08fa700d29 scanner: don't prefix log messages with log URI Andrew Ayer 2016-02-22 19:23:08 -08:00
  • 5803389588 Fix some pointer inconsistencies in code Andrew Ayer 2016-02-22 15:29:52 -08:00
  • 09c37cfdfd Clarify a flag Andrew Ayer 2016-02-22 15:14:17 -08:00
  • 8f3bd3b6ff Improve logging Andrew Ayer 2016-02-22 14:58:11 -08:00
  • b297ba9967 Use bits in the exit code to convey what happened Andrew Ayer 2016-02-22 14:45:50 -08:00
  • 40123f9ba8 Allow . to be specified on stdin as well Andrew Ayer 2016-02-22 14:18:56 -08:00
  • 94ccbc0a4f Add backoff during fetch errors Andrew Ayer 2016-02-22 14:11:47 -08:00
  • df6527b165 Change -all_time to only affect logs we haven't seen before Andrew Ayer 2016-02-20 12:04:07 -08:00
  • ff44576c87 Save old and new STHs if consistency proof fails Andrew Ayer 2016-02-18 12:40:21 -08:00
  • 672491e065 Fix bug where we were returning a nil tree builder Andrew Ayer 2016-02-18 11:58:00 -08:00
  • 16bf546258 Embed Google CT library, with my own changes Andrew Ayer 2016-02-18 10:44:56 -08:00
  • 3c33dc8277 Remove sha1watch Andrew Ayer 2016-02-18 10:41:55 -08:00
  • e91d7bacbd Minor cleanup to improve encapsulation Andrew Ayer 2016-02-18 10:23:07 -08:00
  • b47d35a005 Rename some types/functions for clarity Andrew Ayer 2016-02-18 10:15:56 -08:00
  • 35eef25f4a Rename function for clarity Andrew Ayer 2016-02-18 10:09:33 -08:00
  • 9558efc955 Verify STH signatures Andrew Ayer 2016-02-17 16:03:49 -08:00
  • 4b304fd192 Audit Merkle tree when retrieving entries Andrew Ayer 2016-02-17 14:54:25 -08:00
  • b6dec7822d Overhaul to be more robust and simpler Andrew Ayer 2016-02-09 10:28:52 -08:00
  • 1dcbe91877 WriteCertRepository: avoid serializing precerts twice Andrew Ayer 2016-02-07 14:47:05 -08:00
  • a79cc26570 Include filename of saved cert in output/script invocation Andrew Ayer 2016-02-05 08:20:12 -08:00
  • cfaf126284 To monitor all domains, require "." to be specified Andrew Ayer 2016-02-05 08:13:11 -08:00