~singpolyma/xmpp-certwatch

Reset count to 0 even if it was low

Otherwise we'll just go straight to sending the error next time instead
of waiting for two.
Raise the timeout again, it is affecting some people
Hack to not say success if we never said fail

In the network case we allow one retry.
Only alert of network errors the second time

To help with hosts that have flaky networks
Support ALPN for direct TLS
Need to do handshake for direct TLS case
More diagnostic info
Don't crash if there is no cert chain
Improve suggestion display
If SRV matches known good value, as good as DNSSEC
Usage 1 is fine

It asserts the exact cert same as 3, just also says PKIX should pass
too.
Always include unchecked

So they can be shown as suggestions
Monitor direct tls as well

This was never meant to be commented out
Double the timeout, sometimes Tor is slow
AnyChecked should use Checked not Ok
If any DANE record present, failure is a failure
Fix proxy timeouts
Fix spelling on Tor
Next