aljaz/certspotter
1
1
Fork 0
mirror of https://github.com/SSLMate/certspotter.git synced 2025-12-17 04:24:19 +01:00
Code Issues Packages Projects Releases Wiki Activity
431 Commits 1 Branch 26 Tags
5b138b1e0e9f827d6f46cee7f1d0738870a3ecf4
Commit Graph

431 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Andrew Ayer
5b138b1e0e Release v0.23.0 v0.23.0 2025-12-05 07:27:02 -05:00
Andrew Ayer
9e8fd2bf8f Add optional rate limiting of log queries 
If a log operator publishes a simple rate limit for a log, we can use that
information to avoid sending requests to the log that we know will fail.
This will improve throughput as we won't be wasting time backing off from
failed requests.
 2025-12-04 20:35:33 -05:00
Andrew Ayer
84f39b8940 Release v0.22.0 v0.22.0 2025-09-24 08:04:04 -04:00
Andrew Ayer
078924d878 Prepare changelog for v0.22.0 2025-09-20 08:57:05 -04:00
Andrew Ayer
d7ec166362 Remove -batch_size error message 2025-09-19 22:33:53 -04:00
Andrew Ayer
a7e759a2df Increase minimum Go version to 1.24.6 2025-09-19 22:31:49 -04:00
Andrew Ayer
81659ae791 Move some code for greater clarity 2025-09-19 22:23:35 -04:00
Andrew Ayer
820da0e29f Add $CERTSPOTTER_CACHE_DIR for specifying cache directory 2025-09-19 22:22:21 -04:00
Andrew Ayer
dd76d3f220 Send retries to logs more aggressively 
The old parameters were too gentle and inhibited the timely download of log entries.
 2025-09-18 16:17:59 -04:00
Andrew Ayer
c36f00be9e Truncate the response body that's returned in error messages from logs 2025-09-18 12:50:09 -04:00
Andrew Ayer
dc1ac20e24 monitor: include number of retries in recorded error messages 2025-09-16 09:00:21 -04:00
Andrew Ayer
cf7371ec2c ctclient: add methods for submitting entries 2025-09-16 08:59:56 -04:00
Andrew Ayer
4bad3fd315 Support $STATE_DIRECTORY, $CONFIGURATION_DIRECTORY, and $CACHE_DIRECTORY 2025-08-28 14:47:41 -04:00
Andrew Ayer
1533a277e0 loglist: fail validation if log has negative MMD 2025-07-26 11:11:50 -04:00
Andrew Ayer
efea8a20aa Improve a function name 2025-07-14 18:13:03 -04:00
Andrew Ayer
61fac0199a Do SCT marshalling correctly 2025-07-13 12:06:10 -04:00
Andrew Ayer
505874f2fc Add SCT marshalling 2025-07-13 12:00:28 -04:00
Andrew Ayer
bf723ce51a Ensure loglists are marshalled without optional fields included 2025-07-12 15:52:33 -04:00
Andrew Ayer
ed8cec77ab loglist/mozilla: handle static-ct-api logs 2025-07-04 12:37:51 -04:00
Andrew Ayer
43d6c4de2e Add package for parsing Mozilla's CT log list 2025-07-03 13:36:44 -04:00
Andrew Ayer
8435e9046a Release v0.21.0 v0.21.0 2025-07-02 16:45:31 -04:00
Andrew Ayer
86873ee4a8 Update man page about error handling 2025-06-29 17:55:12 -04:00
Andrew Ayer
b9e9bd0471 Print non-log errors (e.g. log list download failure) to stderr 
These are important and should not happen very often.
 2025-06-29 17:35:00 -04:00
Andrew Ayer
bcefb76275 Remove unused code 2025-06-29 17:33:07 -04:00
Andrew Ayer
4fbbc5818e Store log errors in state directory 
Instead of writing log errors to stderr, write them to a file in the state directory. When reporting a health check failure, include the path to the file and the last several lines.

Log files are named by date, and the last 7 days are kept.

Closes #106
 2025-06-29 17:23:38 -04:00
Andrew Ayer
5a8dd2ca82 Improve -version and User-Agent 2025-06-29 17:18:42 -04:00
Andrew Ayer
b649b399e4 Do not run actions on pull requests 
It's a security minefield.  Thanks to caching of the build environment,
not even read-only actions are safe.
 2025-06-23 23:20:54 -04:00
Andrew Ayer
aecfa745ca Add GitHub Actions for test and lint 2025-06-23 23:10:11 -04:00
Andrew Ayer
f5779c283c Add staticcheck configuration 2025-06-23 23:10:05 -04:00
Andrew Ayer
3e811e86d7 Decapitalize some error messages 2025-06-23 22:33:57 -04:00
Andrew Ayer
a4048f47f8 Send helpful User-Agent string with all requests 2025-06-23 16:32:35 -04:00
Daniel Peukert
187aed078c Fix fmt typos 2025-06-23 19:27:39 +02:00
Andrew Ayer
8ab03b4cf8 Release v0.20.1 v0.20.1 2025-06-19 18:30:03 -04:00
Andrew Ayer
bcbd4e62d9 Improve error handling of hooks and sendmail 2025-06-17 14:03:45 -04:00
Andrew Ayer
a2a1fb1dab Set WaitDelay when executing sendmail and hooks 2025-06-17 14:03:31 -04:00
Andrew Ayer
5430f737b0 Enforce a timeout when running sendmail 
postfix's sendmail command sometimes retries forever instead of terminating on error (see #100)
 2025-06-17 13:59:59 -04:00
Andrew Ayer
f0e8b18d9a Improve code clarity 2025-06-17 11:04:02 -04:00
Andrew Ayer
756782e964 Improve some comments 2025-06-17 11:01:15 -04:00
Andrew Ayer
53029c2a09 Imrove some comments 2025-06-17 10:52:32 -04:00
Andrew Ayer
b05a66f634 Only calculate root hash when needed to verify an STH 2025-06-17 10:45:56 -04:00
Andrew Ayer
b87b33a41b Upgrade dependencies 2025-06-16 23:33:51 -04:00
Andrew Ayer
3279459be2 Add Compare to LogID and merkletree.Hash 2025-06-16 14:24:26 -04:00
Andrew Ayer
d5bc1ef75b Simplify certspotterVersion 
The old code is unnecessary now that go derives a version from the VCS info.
 2025-06-13 16:26:10 -04:00
Andrew Ayer
38bcd36d98 Release v0.20.0 v0.20.0 2025-06-13 12:24:17 -04:00
Andrew Ayer
ca7b11ca96 Print a friendlier error message if -batch_size specified 2025-06-13 12:22:23 -04:00
Andrew Ayer
26439b4deb Remove unused code 2025-05-30 17:09:02 -04:00
Andrew Ayer
9544d8ab50 Imprve comment 2025-05-21 14:59:56 -04:00
Andrew Ayer
694eb276a6 Also check timestamp when comparing STHs 
otherwise we might fail to delete unverified_sths if they have a different timestamp
 2025-05-21 14:33:58 -04:00
Andrew Ayer
90ead642b0 Simplify context cancellation checks 2025-05-21 14:31:24 -04:00
Andrew Ayer
56af38ca70 Rewrite STH pipeline to avoid prematurely deleting STHs 2025-05-21 14:08:12 -04:00