~singpolyma/xmpp-certwatch

78d67d3187c64a5185836714abe2cc07a16807a3 — Stephen Paul Weber 7 months ago d86647f
If any DANE record present, failure is a failure
2 files changed, 4 insertions(+), 2 deletions(-)

M cmd/web/main.go
M common/common.go
M cmd/web/main.go => cmd/web/main.go +1 -1
@@ 79,7 79,7 @@ func checkOneHandler(w http.ResponseWriter, r *http.Request) {
		}
		rclient.HSet(context.Background(), "mitm_monitor_hosts", fqdn, "0")
		t.ExecuteTemplate(w, "success.html", result)
	} else if !result.AllChecked {
	} else if !result.AllChecked && !result.AnyChecked {
		dedupeTlsa(&result)
		t.ExecuteTemplate(w, "setup.html", result)
	} else {

M common/common.go => common/common.go +3 -1
@@ 142,12 142,13 @@ type CheckResult struct {
	Dnssec     bool
	Daneok     bool
	AllChecked bool
	AnyChecked bool
	Tlsa       map[string]dane.TLSAinfo
	Err        error
}

func CheckOne(hostname string) CheckResult {
	finalResult := CheckResult{hostname, true, true, true, map[string]dane.TLSAinfo{}, nil}
	finalResult := CheckResult{hostname, true, true, true, false, map[string]dane.TLSAinfo{}, nil}
	resolver, err := dane.GetResolver("")
	if err != nil {
		finalResult.Err = err


@@ 232,6 233,7 @@ func CheckOne(hostname string) CheckResult {
	for _, info := range finalResult.Tlsa {
		for _, rdata := range info.Rdata {
			finalResult.AllChecked = finalResult.AllChecked && rdata.Checked
			finalResult.AnyChecked = finalResult.AnyChecked || rdata.Ok
		}
	}