added 'check' mode

tools/unix/check_cert.sh

@@ -1,9 +1,14 @@
 #!/bin/bash
-exit 0
 
 MONTHS_BEFORE_EXPIRATION_TO_BREAK="3"
+DAYS_WARNING_INTERVAL="14"
 PRIVATE_H=$1
-if [[ "$PRIVATE_H" == "" ]]; then\
+MODE=$2
+
+if [[ "$MODE" == "" ]]; then
+	exit 0
+fi
+if [[ "$PRIVATE_H" == "" ]]; then
 	PRIVATE_H=$(dirname $0)/../../private.h
 fi
 
@@ -28,11 +33,21 @@ read mon day time year tz < <(
 )
 
 if [[ $(uname) == "Darwin" ]]; then
+	warning_timestamp=`LANG=C LC_ALL=C date -j -v "+${MONTHS_BEFORE_EXPIRATION_TO_BREAK}m" -v "+${DAYS_WARNING_INTERVAL}d" +%s`
 	threshold_timestamp=`LANG=C LC_ALL=C date -j -v "+${MONTHS_BEFORE_EXPIRATION_TO_BREAK}m" +%s`
 	cert_end_timestamp=`LANG=C LC_ALL=C date -j -f "%Y %b %d %H:%M:%S %Z" "$year $mon $day $time $tz" +%s`
 else
-	threshold_timestamp=`date --date "+$MONTHS_BEFORE_EXPIRATION_TO_BREAK months" +%s`
-	cert_end_timestamp=`date --date "$mon $day $year $time $tz" +%s`
+	warning_timestamp=`LANG=C LC_ALL=C date --date "+${MONTHS_BEFORE_EXPIRATION_TO_BREAK}month ${DAYS_WARNING_INTERVAL}days" +%s`
+	threshold_timestamp=`LANG=C LC_ALL=C date --date "+$MONTHS_BEFORE_EXPIRATION_TO_BREAK months" +%s`
+	cert_end_timestamp=`LANG=C LC_ALL=C date --date "$mon $day $year $time $tz" +%s`
+fi
+if [[ "$MODE" == "check" ]]; then
+	if [[ "$warning_timestamp" -gt "$cert_end_timestamp" ]]; then
+		echo "Our client certificate end date of $mon $day $time $year $tz is within ${MONTHS_BEFORE_EXPIRATION_TO_BREAK} month {DAYS_WARNING_INTERVAL} days from now."
+		echo "Update this certificate!"
+		echo "Warning"
+		exit 1
+	fi
 fi
 if [[ "$threshold_timestamp" -gt "$cert_end_timestamp" ]]; then
 	echo "Our client certificate end date of $mon $day $time $year $tz is within $MONTHS_BEFORE_EXPIRATION_TO_BREAK months from now."