~singpolyma/xmpp-certwatch

c13d3db839ec605ee7b323a3e7306673e912da5e — Stephen Paul Weber 7 months ago 44c3bca
Hack to not say success if we never said fail

In the network case we allow one retry.
1 files changed, 3 insertions(+), 3 deletions(-)

M cmd/cron/main.go
M cmd/cron/main.go => cmd/cron/main.go +3 -3
@@ 94,16 94,16 @@ func main() {
			}
		} else if !result.Dnssec {
			log.Printf("No DNSSEC for %s\n", host)
			rclient.HIncrBy(context.Background(), "mitm_monitor_hosts", host, 1)
			rclient.HIncrBy(context.Background(), "mitm_monitor_hosts", host, 2)
			publish(host, fmt.Sprintf("DNSSEC failed for %s", host))
		} else if !result.Daneok {
			log.Printf("DANE failed for %s\n", host)
			rclient.HIncrBy(context.Background(), "mitm_monitor_hosts", host, 1)
			rclient.HIncrBy(context.Background(), "mitm_monitor_hosts", host, 2)
			publish(host, fmt.Sprintf("Certificate check failed for %s: possible MITM or you changed your public key", host))
		} else {
			log.Printf("Success for %s\n", host)
			errCountI, _ := strconv.Atoi(errCount)
			if errCountI > 0 {
			if errCountI > 1 {
				rclient.HSet(context.Background(), "mitm_monitor_hosts", host, 0)
				publish(host, fmt.Sprintf("Certificate checks passed for %s", host))
			}