From e9773d61b41928292687a52b0dbd4e65f62aa00d Mon Sep 17 00:00:00 2001 From: Ukhanov Anton Date: Thu, 18 Apr 2019 16:34:16 +0300 Subject: [PATCH] added 'check' mode --- tools/unix/check_cert.sh | 23 +++++++++++++++++++---- 1 file changed, 19 insertions(+), 4 deletions(-) mode change 100755 => 100644 tools/unix/check_cert.sh diff --git a/tools/unix/check_cert.sh b/tools/unix/check_cert.sh old mode 100755 new mode 100644 index 6824f4ccc9..0d8a12e964 --- a/tools/unix/check_cert.sh +++ b/tools/unix/check_cert.sh @@ -1,9 +1,14 @@ #!/bin/bash -exit 0 MONTHS_BEFORE_EXPIRATION_TO_BREAK="3" +DAYS_WARNING_INTERVAL="14" PRIVATE_H=$1 -if [[ "$PRIVATE_H" == "" ]]; then\ +MODE=$2 + +if [[ "$MODE" == "" ]]; then + exit 0 +fi +if [[ "$PRIVATE_H" == "" ]]; then PRIVATE_H=$(dirname $0)/../../private.h fi @@ -28,11 +33,21 @@ read mon day time year tz < <( ) if [[ $(uname) == "Darwin" ]]; then + warning_timestamp=`LANG=C LC_ALL=C date -j -v "+${MONTHS_BEFORE_EXPIRATION_TO_BREAK}m" -v "+${DAYS_WARNING_INTERVAL}d" +%s` threshold_timestamp=`LANG=C LC_ALL=C date -j -v "+${MONTHS_BEFORE_EXPIRATION_TO_BREAK}m" +%s` cert_end_timestamp=`LANG=C LC_ALL=C date -j -f "%Y %b %d %H:%M:%S %Z" "$year $mon $day $time $tz" +%s` else - threshold_timestamp=`date --date "+$MONTHS_BEFORE_EXPIRATION_TO_BREAK months" +%s` - cert_end_timestamp=`date --date "$mon $day $year $time $tz" +%s` + warning_timestamp=`LANG=C LC_ALL=C date --date "+${MONTHS_BEFORE_EXPIRATION_TO_BREAK}month ${DAYS_WARNING_INTERVAL}days" +%s` + threshold_timestamp=`LANG=C LC_ALL=C date --date "+$MONTHS_BEFORE_EXPIRATION_TO_BREAK months" +%s` + cert_end_timestamp=`LANG=C LC_ALL=C date --date "$mon $day $year $time $tz" +%s` +fi +if [[ "$MODE" == "check" ]]; then + if [[ "$warning_timestamp" -gt "$cert_end_timestamp" ]]; then + echo "Our client certificate end date of $mon $day $time $year $tz is within ${MONTHS_BEFORE_EXPIRATION_TO_BREAK} month {DAYS_WARNING_INTERVAL} days from now." + echo "Update this certificate!" + echo "Warning" + exit 1 + fi fi if [[ "$threshold_timestamp" -gt "$cert_end_timestamp" ]]; then echo "Our client certificate end date of $mon $day $time $year $tz is within $MONTHS_BEFORE_EXPIRATION_TO_BREAK months from now."