update readme + back of example

Issif · Jun 7, 2020 · 1a78371 · 1a78371
1 parent 3bfc5fb
commit 1a78371
Show file tree

Hide file tree

Showing 5 changed files with 13 additions and 9 deletions.
diff --git a/.gitignore b/.gitignore
@@ -2,4 +2,5 @@ cercat
 config.yaml
 dist
 dist/**
-lib/*.xml
+lib/*.xml
+.vscode
diff --git a/README.md b/README.md
@@ -1,6 +1,6 @@
 # cercat
 
-`certcat` is for **Certificate Catcher**. It's monitors issued certificates from [CertStream](https://certstream.calidog.io/) stream and send an alert to **Slack** if a domain matchs a specified **regexp**.
+`certcat` is for **Certificate Catcher**. It monitors issued certificates from [CertStream](https://certstream.calidog.io/) stream and sends an alert to **Slack** if a domain matches a specified **regexp**.
 
 ```bash
                websocket    +----------+   POST
@@ -13,6 +13,8 @@ CertSteam <-----------------> cercat   +-----------> Slack
 
 It's highly inspired by [CertStreamMonitor](https://github.com/AssuranceMaladieSec/CertStreamMonitor/blob/master/README.md), the first idea was to improve performances for catching with a **Golang** version.
 
+The regexp is applied on principal an SAN domains. If one of these domains is an [IDN](https://en.wikipedia.org/wiki/Internationalized_domain_name), it's converted in an equivalend in ASCII before applying the regexp.
+
 ## Configuration
 
 Two methods are available for configuration and can be mixed :
@@ -51,14 +53,14 @@ Flags:
 You can run with Docker :
 
 ```
-docker run -d -e SLACKWEBHOOKURL=https://hooks.slack.com/services/XXXXX -e REGEXP=".*fr$" issif/cercat:latest 
+docker run -d -e SLACKWEBHOOKURL=https://hooks.slack.com/services/XXXXX -e REGEXP=".*\\.fr$" issif/cercat:latest 
 ```
 
 ## Logs
 
 ```bash
-2020/04/14 17:29:40 [INFO]  : A certificate for 'www.XXXX.fr' has been issued : {"domain":"www.XXXX.fr","SAN":["www.XXXX.fr"],"issuer":"Let's Encrypt","Addresses":["XX.XX.XX.183","XX.XX.XX.182"]}
-2020/04/14 17:29:41 [INFO]  : A certificate for 'XXXX.fr' has been issued : {"domain":"XXXX.fr","SAN":["mail.XXXX.fr","XXXX.fr","www.XXXX.fr"],"issuer":"Let's Encrypt","Addresses":["XX.XX.XX.108"]}
+INFO[0005] A certificate for 'xxxx.fr' has been issued : {"domain":"xxxx.fr","SAN":["xxxx.fr","www.xxxx.fr"],"issuer":"Let's Encrypt","Addresses":["X.X.X.129"]} 
+INFO[0008] A certificate for 'xxxx.fr' has been issued : {"domain":"xxxx.fr","SAN":["xxxx.fr","www.xxxx.fr"],"issuer":"Let's Encrypt","Addresses":["X.X.X.116"]} 
 ```
 
 ## Profiles, Traces and Metrics
@@ -69,6 +71,8 @@ The service opens port `6060` for `profiles`, `traces` and `expvar`. Go to [http
 
 MIT
 
-## Author
+## Authors
 
 Thomas Labarussias - [@Issif](https://www.github.com/issif)
+Ayoul Elaassal - [@Ayoul3](https://github.com/ayoul3)
+
diff --git a/example.yaml b/example.yaml
@@ -2,5 +2,4 @@
 SlackWebhookURL: "" #Slack Webhook URL
 SlackIconURL: "" #Slack Icon (Avatar) URL
 SlackUsername: "" #Slack Username
-Regexp: ".*\\.fr" #Regexp to match. Can't be empty. It uses Golang regexp format
-Workers: 20 #Number of workers for consuming stream from CertStream
+Regexp: ".*\\.fr$" #Regexp to match. Can't be empty. It uses Golang regexp format
diff --git a/lib_test/lib_suite_test.go → lib/lib_suite_test.go b/lib_test/lib_suite_test.go → lib/lib_suite_test.go
diff --git a/lib_test/lib_test.go → lib/lib_test.go b/lib_test/lib_test.go → lib/lib_test.go
@@ -23,7 +23,7 @@ var _ = Describe("Handler", func() {
 			})
 		})
 		Describe("If alternative subject matches", func() {
-			cert := &lib.Result{Domain: "www.test.net", SAN: []string{"www.test.com"}}
+			cert := &lib.Result{Domain: "www.tset.net", SAN: []string{"www.test.com"}}
 			It("should return true", func() {
 				result := lib.IsMatchingCert(config, cert, reg)
 				Expect(result).To(BeTrue())