Net::SSLeay::SSLeay_add_ssl_algorithms();
Net::SSLeay::randomize();
-my $VERSION = '0.6.2';
+my $VERSION = '0.6.3';
my $AUTHOR = 'Emmanuel Lacour, <elacour@home-dn.net>';
+
# Default values
my $opensslpath = "/usr/bin/openssl";
my $sendmailpath = "/usr/lib/sendmail";
'mail|m',
'conf|c=s',
'verbose|v',
- 'help',
- 'version|');
+ 'help',
+ 'version|');
+# Command line is used
if (($opts{'host'}) && ($opts{'port'})) {
push @{$hosts{$opts{'host'}}}, $opts{'port'};
-}
-
-$mailreport = 1 if ($opts{'mail'});
-if ($opts{'conf'}) {
- $conf = $opts{'conf'};
-}
+} elsif (($opts{'host'}) || ($opts{'port'})) {
+ print STDERR "ERR: please provide HOST _and_ PORT or use a configuration file.\n";
+ &usage;
-if ($opts{'help'}) {
- &usage;
-}
+# Configuration file is used
+} else {
-if ($opts{'version'}) {
- print "sslexpire $VERSION\n";
- print "Written by $AUTHOR\n";
- exit;
-}
-
-# Parse config file
+ if ($opts{'conf'}) {
+ $conf = $opts{'conf'};
+ }
+ # Parse config file
-if (-f $conf) {
- open (CONF,$conf);
-
+ open (CONF,$conf) or die "Couldn't read configuration file $conf: $!\n";
while (<CONF>) {
# Skip comments
- next if (/^[ ]*#/);
+ next if (/^[ \t]*#/);
# Alert param.
- if (/^alert[ ]*=/) {
- ($tmp,$alert) = split /=/, $_;
+ if (/^alert[ \t]*=/) {
+ ($tmp,$alert) = split /=/, $_;
# Mail param.
- } elsif (/^mail[ ]*=/) {
- ($tmp,$mail) = split /=/, $_;
- # Use hosts from config file if noone are given by command line
+ } elsif (/^mail[ \t]*=/) {
+ ($tmp,$mail) = split /=/, $_;
+ # Use hosts from config file if none are given by command line
} elsif ((!$opts{'host'}) && (!$opts{'port'}) && (/:/)) {
- ($tmp,$portlist) = split /:/, $_;
- chomp ($tmp);
- chomp ($portlist);
- # There is multiple ports
- if (/,/) {
- @ports = split /,/, $portlist;
- foreach (@ports) {
- push @{$hosts{$tmp}}, $_;
- }
- # There is only one port
- } else {
- push @{$hosts{$tmp}},$portlist;
- }
+ ($tmp,$portlist) = split /:/, $_;
+ chomp ($tmp);
+ chomp ($portlist);
+ # There is multiple ports
+ if (/,/) {
+ @ports = split /,/, $portlist;
+ foreach (@ports) {
+ push @{$hosts{$tmp}}, $_;
+ }
+ # There is only one port
+ } else {
+ push @{$hosts{$tmp}},$portlist;
+ }
}
-
}
-
close CONF;
+
+}
+
+$mailreport = 1 if ($opts{'mail'});
+
+if ($opts{'help'}) {
+ &usage;
+}
+
+if ($opts{'version'}) {
+ print "sslexpire $VERSION\n";
+ print "Written by $AUTHOR\n";
+ exit;
}
# Print program usage
if ($l_x509) {
my $l_string = Net::SSLeay::PEM_get_string_X509($l_x509);
# Get the expiration date, using openssl
- ($l_expdate,$l_comment) = split(/\n/, `echo "$l_string" | $opensslpath x509 -enddate -subject -noout 2>&1`);
+ ($l_expdate,$l_comment) = split(/\n/, `echo "$l_string" | $opensslpath x509 -enddate -subject -noout 2>&1`);
$l_expdate =~ s/.*=//;
chomp($l_expdate);
} else {
#
#
sub report {
- # Convert date into epoch using date command
+ # Convert date into epoch
my ($l_expdate,$l_comment,$l_host,$l_port) = @_;
my $l_subject = "";
if ($l_expdate ne "1") {
# The current date
my $l_today = time;
- my $l_epochdate = str2time($l_expdate);
-
+ my $l_epochdate = str2time($l_expdate);
+
# Calculate diff between expiration date and today
- my $l_diff = ($l_epochdate - $l_today)/(3600*24);
+ my $l_diff = ($l_epochdate - $l_today)/(3600*24);
# Report if needed
if ($l_diff < $alert) {
$l_subject = "Warning ssl certificate on $l_host:$l_port expires in $l_diff days:" if ($l_diff > 1);
$l_subject = "Warning ssl certificate on $l_host:$l_port expires today:" if (($l_diff > 0) && ($l_diff < 1));
$l_subject = "Warning ssl certificate on $l_host:$l_port expired:" if ($l_diff <= 0);
- my $l_mesg = "Expiration date: $l_expdate\n$l_comment\n";
+ my $l_mesg = "Expiration date: $l_expdate\n$l_comment\n";
# Mail report
if ($mailreport) {
- sendmail($mail, $l_subject, $l_mesg);
+ sendmail($mail, $l_subject, $l_mesg);
} else {
print "$l_subject\n";
print "$l_mesg\n";
}
} else {
$l_subject = "Unable to read certificate on $l_host:$l_port!";
- if ($mailreport) {
- sendmail($mail, $l_subject, "");
- } else {
- print "$l_subject\n";
- }
+ if ($mailreport) {
+ sendmail($mail, $l_subject, "");
+ } else {
+ print "$l_subject\n";
+ }
}
}
chomp ($to);
chomp ($subj);
chomp ($mesg);
- open (MAIL,"| $sendmailpath -t") or die "Couldn't open $sendmailpath";
+ open (MAIL,"| $sendmailpath -t") or die "Couldn't open $sendmailpath: $!\n";
print MAIL "To: $to\n";
print MAIL "Subject: $subj\n";
print MAIL "\n";
# We haven't hosts to check...
-if (!%hosts) {&usage;};
+if (!%hosts) {
+ print STDERR "No host to check!\n";
+ &usage;
+};
# Parse hosts
if ($opts{'verbose'}) {
print "Checking\t$host:$port\n";
}
-
+
# Get expiration date
my ($expdate,$comment) = &getExpire($host,$port);
-
+
# Report
&report("$expdate","$comment","$host","$port");
}
Prints out version information.
=head1 FILES
-
+
/etc/sslexpire/sslexpire.conf
=head1 AUTHOR