diff options
| author | Nguyễn Gia Phong <cnx@loang.net> | 2025-05-28 16:53:58 +0900 |
|---|---|---|
| committer | Nguyễn Gia Phong <cnx@loang.net> | 2025-05-28 16:53:58 +0900 |
| commit | f8290e1afa731f26d9da5a9efc860dffc6242923 (patch) | |
| tree | 46e913e0a4e29e7e9edddb4bdfa26928dbb94090 /src | |
| parent | 1b7b6dcd9390464d6a4c79dceac15414139354f7 (diff) | |
| download | scadere-f8290e1afa731f26d9da5a9efc860dffc6242923.tar.gz | |
Test cert checking logic
Diffstat (limited to 'src')
| -rw-r--r-- | src/scadere/check.py | 6 | ||||
| -rw-r--r-- | src/scadere/listen.py | 8 |
2 files changed, 11 insertions, 3 deletions
diff --git a/src/scadere/check.py b/src/scadere/check.py index a0ca24e..fec0b22 100644 --- a/src/scadere/check.py +++ b/src/scadere/check.py @@ -24,12 +24,15 @@ from sys import stderr __all__ = ['check'] -def check(netlocs, after, output): +def check(netlocs, after, output, fake_ca=None): """Check if each netloc's TLS certificate expires after given time. Print the certificate's summary to output file if that is the case. """ ctx = tls_context() + if fake_ca is not None: # for testing + fake_ca.configure_trust(ctx) + for hostname, port in netlocs: netloc = f'{hostname}:{port}' stderr.write(f'TLS certificate for {netloc} ') @@ -40,6 +43,7 @@ def check(netlocs, after, output): cert = conn.getpeercert() except Exception as e: stderr.write(f'cannot be retrieved: {e}\n') + print(f'N/A N/A {hostname} {port} N/A {e}', file=output) else: ca = dict(chain.from_iterable(cert['issuer']))['organizationName'] not_before = parsedate(cert['notBefore']) diff --git a/src/scadere/listen.py b/src/scadere/listen.py index fed8e5b..1cf822a 100644 --- a/src/scadere/listen.py +++ b/src/scadere/listen.py @@ -28,6 +28,11 @@ from . import __version__ __all__ = ['listen'] +def parse_summary(line): + """Parse TLS certificate into a summary tuple.""" + return tuple(line.rstrip('\r\n').split(' ', maxsplit=5)) + + def path(hostname, port, issuer, serial): """Return the relative URL for the given certificate's details.""" return f'{hostname}/{port}/{issuer}/{serial}' @@ -84,8 +89,7 @@ def xml(tree, parent=None): async def handle(certs, base_url, reader, writer): """Handle HTTP request.""" - summaries = tuple(cert.rstrip('\r\n').split(' ', maxsplit=5) - for cert in certs.read_text().splitlines()) + summaries = map(parse_summary, certs.read_text().splitlines()) lookup = {urlsplit(urljoin(base_url, path(hostname, port, issuer, serial))).path: (not_before, not_after, hostname, port, serial, issuer) |