mirror of
https://github.com/mjl-/mox.git
synced 2025-01-14 01:06:27 +03:00
afb182cb14
and add an alerting rule if the failure rate becomes >10% (e.g. expired certificate). the prometheus metrics includes a reason, including potential tls alerts, if remote smtp clients would send those (openssl s_client -starttls does). inspired by issue #237, where incoming connections were aborted by remote. such errors would show up as "eof" in the metrics.
22 lines
553 B
Go
22 lines
553 B
Go
//go:build go1.21
|
|
|
|
// From go1.21 and onwards.
|
|
|
|
package tlsrpt
|
|
|
|
import (
|
|
"crypto/tls"
|
|
"fmt"
|
|
"strings"
|
|
)
|
|
|
|
// FormatAlert formats a TLS alert in the form "alert-<num>" or "alert-<num>-<shortcode>".
|
|
func FormatAlert(alert uint8) string {
|
|
s := fmt.Sprintf("alert-%d", alert)
|
|
err := tls.AlertError(alert) // Since go1.21.0
|
|
// crypto/tls returns messages like "tls: short message" or "tls: alert(321)".
|
|
if str := err.Error(); !strings.Contains(str, "alert(") {
|
|
s += "-" + strings.ReplaceAll(strings.TrimPrefix(str, "tls: "), " ", "-")
|
|
}
|
|
return s
|
|
}
|