4 # Copyright (C) 2010 Google Inc.
6 # This program is free software; you can redistribute it and/or modify
7 # it under the terms of the GNU General Public License as published by
8 # the Free Software Foundation; either version 2 of the License, or
9 # (at your option) any later version.
11 # This program is distributed in the hope that it will be useful, but
12 # WITHOUT ANY WARRANTY; without even the implied warranty of
13 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
14 # General Public License for more details.
16 # You should have received a copy of the GNU General Public License
17 # along with this program; if not, write to the Free Software
18 # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
21 """Tool to detect expired X509 certificates.
25 # pylint: disable=C0103
26 # C0103: Invalid name check-cert-expired
32 from ganeti import constants
33 from ganeti import cli
34 from ganeti import utils
41 program = os.path.basename(sys.argv[0])
43 if len(sys.argv) != 2:
44 cli.ToStderr("Usage: %s <certificate-path>", program)
45 sys.exit(constants.EXIT_FAILURE)
47 filename = sys.argv[1]
51 cert_pem = utils.ReadFile(filename)
52 except EnvironmentError, err:
53 cli.ToStderr("Unable to read %s: %s", filename, err)
54 sys.exit(constants.EXIT_FAILURE)
58 cert = OpenSSL.crypto.load_certificate(OpenSSL.crypto.FILETYPE_PEM,
61 (errcode, msg) = utils.VerifyX509Certificate(cert, None, None)
63 cli.ToStderr("%s: %s", filename, msg)
64 if errcode == utils.CERT_ERROR:
65 sys.exit(constants.EXIT_SUCCESS)
67 except (KeyboardInterrupt, SystemExit):
69 except Exception, err: # pylint: disable=W0703
70 cli.ToStderr("Unable to check %s: %s", filename, err)
72 sys.exit(constants.EXIT_FAILURE)
75 if __name__ == "__main__":
projects / ganeti-local / blob