From c13d3db839ec605ee7b323a3e7306673e912da5e Mon Sep 17 00:00:00 2001 From: Stephen Paul Weber Date: Mon, 15 Apr 2024 09:28:35 -0500 Subject: [PATCH] Hack to not say success if we never said fail In the network case we allow one retry. --- cmd/cron/main.go | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/cmd/cron/main.go b/cmd/cron/main.go index 4db2df5..e5aa39d 100644 --- a/cmd/cron/main.go +++ b/cmd/cron/main.go @@ -94,16 +94,16 @@ func main() { } } else if !result.Dnssec { log.Printf("No DNSSEC for %s\n", host) - rclient.HIncrBy(context.Background(), "mitm_monitor_hosts", host, 1) + rclient.HIncrBy(context.Background(), "mitm_monitor_hosts", host, 2) publish(host, fmt.Sprintf("DNSSEC failed for %s", host)) } else if !result.Daneok { log.Printf("DANE failed for %s\n", host) - rclient.HIncrBy(context.Background(), "mitm_monitor_hosts", host, 1) + rclient.HIncrBy(context.Background(), "mitm_monitor_hosts", host, 2) publish(host, fmt.Sprintf("Certificate check failed for %s: possible MITM or you changed your public key", host)) } else { log.Printf("Success for %s\n", host) errCountI, _ := strconv.Atoi(errCount) - if errCountI > 0 { + if errCountI > 1 { rclient.HSet(context.Background(), "mitm_monitor_hosts", host, 0) publish(host, fmt.Sprintf("Certificate checks passed for %s", host)) } -- 2.45.2