66 lines
1.8 KiB
Python
66 lines
1.8 KiB
Python
#!/usr/bin/python
|
|
from __future__ import print_function
|
|
from sys import stderr
|
|
|
|
import subprocess, time, calendar, os, getopt
|
|
|
|
def usage():
|
|
print("""Usage: cert-check [options] files ...
|
|
-h,--help this message
|
|
-q,--quiet do not print cert files needing (re)newing
|
|
-d n,--days=n days before expiration to renew (default 7)
|
|
Succeeds only if all certs exist and are more than <days> from expiration.""",
|
|
file=stderr)
|
|
return 2
|
|
|
|
def main(argv):
|
|
days = 7 # days ahead to
|
|
quiet = False
|
|
|
|
try:
|
|
opts,args = getopt.getopt(argv,'hqd:',['days=','quiet','help'])
|
|
except getopt.GetoptError as err:
|
|
# print help information and exit:
|
|
print(err,file=stderr) # prints something like "option -a not recognized"
|
|
return usage()
|
|
|
|
for opt,val in opts:
|
|
if opt in ('-h','--help'):
|
|
return usage()
|
|
if opt in ('-q','--quiet'):
|
|
quiet = True
|
|
if opt in ('-d','--days'):
|
|
try:
|
|
days = int(val)
|
|
except:
|
|
return usage()
|
|
|
|
now = time.time()
|
|
soon = now + days * 24 * 60 * 60
|
|
rc = 0
|
|
|
|
for fn in args:
|
|
try:
|
|
size = os.path.getsize(fn)
|
|
except:
|
|
size = 0
|
|
if size == 0:
|
|
if not quiet: print(fn)
|
|
rc += 1
|
|
continue
|
|
proc = subprocess.Popen(
|
|
["openssl", "x509", "-in", fn, "-noout", "-enddate"],
|
|
stdin=subprocess.PIPE, stdout=subprocess.PIPE, stderr=subprocess.PIPE)
|
|
out, err = proc.communicate()
|
|
if proc.returncode != 0:
|
|
raise IOError("{1}: OpenSSL Error: {0}".format(err,fn))
|
|
t = time.strptime(out.decode(),'notAfter=%b %d %H:%M:%S %Y GMT\n')
|
|
t = calendar.timegm(t)
|
|
if soon > t:
|
|
if not quiet: print(fn)
|
|
rc += 1
|
|
return rc > 0
|
|
|
|
if __name__ == '__main__':
|
|
import sys
|
|
sys.exit(main(sys.argv[1:]))
|