Statistics
| Branch: | Tag: | Revision:

root / tools / check-cert-expired @ 33bff17b

History | View | Annotate | Download (2 kB)

1
#!/usr/bin/python
2
#
3

    
4
# Copyright (C) 2010 Google Inc.
5
#
6
# This program is free software; you can redistribute it and/or modify
7
# it under the terms of the GNU General Public License as published by
8
# the Free Software Foundation; either version 2 of the License, or
9
# (at your option) any later version.
10
#
11
# This program is distributed in the hope that it will be useful, but
12
# WITHOUT ANY WARRANTY; without even the implied warranty of
13
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
14
# General Public License for more details.
15
#
16
# You should have received a copy of the GNU General Public License
17
# along with this program; if not, write to the Free Software
18
# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
19
# 02110-1301, USA.
20

    
21
"""Tool to detect expired X509 certificates.
22

    
23
"""
24

    
25
# pylint: disable=C0103
26
# C0103: Invalid name check-cert-expired
27

    
28
import os.path
29
import sys
30
import OpenSSL
31

    
32
from ganeti import constants
33
from ganeti import cli
34
from ganeti import utils
35

    
36

    
37
def main():
38
  """Main routine.
39

    
40
  """
41
  program = os.path.basename(sys.argv[0])
42

    
43
  if len(sys.argv) != 2:
44
    cli.ToStderr("Usage: %s <certificate-path>", program)
45
    sys.exit(constants.EXIT_FAILURE)
46

    
47
  filename = sys.argv[1]
48

    
49
  # Read certificate
50
  try:
51
    cert_pem = utils.ReadFile(filename)
52
  except EnvironmentError, err:
53
    cli.ToStderr("Unable to read %s: %s", filename, err)
54
    sys.exit(constants.EXIT_FAILURE)
55

    
56
  # Check validity
57
  try:
58
    cert = OpenSSL.crypto.load_certificate(OpenSSL.crypto.FILETYPE_PEM,
59
                                           cert_pem)
60

    
61
    (errcode, msg) = utils.VerifyX509Certificate(cert, None, None)
62
    if msg:
63
      cli.ToStderr("%s: %s", filename, msg)
64
    if errcode == utils.CERT_ERROR:
65
      sys.exit(constants.EXIT_SUCCESS)
66

    
67
  except (KeyboardInterrupt, SystemExit):
68
    raise
69
  except Exception, err: # pylint: disable=W0703
70
    cli.ToStderr("Unable to check %s: %s", filename, err)
71

    
72
  sys.exit(constants.EXIT_FAILURE)
73

    
74

    
75
if __name__ == "__main__":
76
  main()