|
@@ -180,10 +180,34 @@ class TransparencyWatcher(object):
|
|
|
|
|
|
async def mux_ctl_stream(watcher):
|
|
|
logger = logging.getLogger('certstream.watcher')
|
|
|
+ watch_suffix = os.getenv("WATCH_SUFFIX", None)
|
|
|
+
|
|
|
+ if not watch_suffix:
|
|
|
+ return
|
|
|
+
|
|
|
+ suffixes = []
|
|
|
+ for suffix in watch_suffix.split(','):
|
|
|
+ suffix = suffix.strip()
|
|
|
+ suffixes.append(suffix)
|
|
|
+ logger.info('Watching for: %s', suffixes)
|
|
|
|
|
|
while True:
|
|
|
cert_data = await watcher.stream.get()
|
|
|
- logger.info('%s: %s, %s', cert_data['source']['url'], cert_data['leaf_cert']['subject']['CN'], cert_data['leaf_cert']['extensions'].get('subjectAltName', ''))
|
|
|
+ cn = cert_data['leaf_cert']['subject']['CN']
|
|
|
+ alt = cert_data['leaf_cert']['extensions'].get('subjectAltName', '')
|
|
|
+ source = cert_data['source']['url']
|
|
|
+
|
|
|
+ found = False
|
|
|
+ if cn and cn.endswith(tuple(suffixes)):
|
|
|
+ found = True
|
|
|
+ else:
|
|
|
+ for dnsname in alt.split(','):
|
|
|
+ if dnsname.strip().endswith(tuple(suffixes)):
|
|
|
+ found = True
|
|
|
+ break
|
|
|
+
|
|
|
+ if found:
|
|
|
+ logger.info('%s: %s, %s', cert_data['source']['url'], cert_data['leaf_cert']['subject']['CN'], cert_data['leaf_cert']['extensions'].get('subjectAltName', ''))
|
|
|
|
|
|
|
|
|
if __name__ == "__main__":
|