diff options
| author |   Patrick J Volkerding <volkerdi@slackware.com> | 2016-06-30 20:26:57 +0000 |
|---|---|---|
| committer |   Eric Hameleers <alien@slackware.com> | 2018-05-31 23:31:18 +0200 |
| commit | d31c50870d0bee042ce660e445c9294a59a3a65b (patch) | |
| tree | 6bfc0de3c95267b401b620c2c67859557dc60f97 /source/n/openssl/openssl0/certwatch | |
| parent | 76fc4757ac91ac7947a01fb7b53dddf9a78a01d1 (diff) | |
| download | current-d31c50870d0bee042ce660e445c9294a59a3a65b.tar.gz current-d31c50870d0bee042ce660e445c9294a59a3a65b.tar.xz | |
Slackware 14.2slackware-14.2
Thu Jun 30 20:26:57 UTC 2016
Slackware 14.2 x86_64 stable is released!
The long development cycle (the Linux community has lately been living in
"interesting times", as they say) is finally behind us, and we're proud to
announce the release of Slackware 14.2. The new release brings many updates
and modern tools, has switched from udev to eudev (no systemd), and adds
well over a hundred new packages to the system. Thanks to the team, the
upstream developers, the dedicated Slackware community, and everyone else
who pitched in to help make this release a reality.
The ISOs are off to be replicated, a 6 CD-ROM 32-bit set and a dual-sided
32-bit/64-bit x86/x86_64 DVD. Please consider supporting the Slackware
project by picking up a copy from store.slackware.com. We're taking
pre-orders now, and offer a discount if you sign up for a subscription.
Have fun! :-)
Diffstat (limited to 'source/n/openssl/openssl0/certwatch')
| -rw-r--r-- | source/n/openssl/openssl0/certwatch | 128 |
1 files changed, 0 insertions, 128 deletions
diff --git a/source/n/openssl/openssl0/certwatch b/source/n/openssl/openssl0/certwatch deleted file mode 100644 index 8fef1509f..000000000 --- a/source/n/openssl/openssl0/certwatch +++ /dev/null @@ -1,128 +0,0 @@ -#!/bin/sh -# -# Will check all certificates stored in $CERTDIR for their expiration date, -# and will display (if optional "stdout" argument is given), or mail a warning -# message to $MAILADDR (if script is executed without any parameter -# - unattended mode suitable for cron execution) for each particular certificate -# that is about to expire in time less to, or equal to $DAYS after this script -# has been executed, or if it has already expired. -# This stupid script (C) 2006,2007 Jan Rafaj - -########################## CONFIGURATION SECTION BEGIN ######################### -# Note: all settings are mandatory -# Warning will be sent if a certificate expires in time <= days given here -DAYS=7 -# E-mail address where to send warnings -MAILADDR=root -# Directory with certificates to check -CERTDIR=/etc/ssl/certs -# Directory where to keep state files if this script isnt executed with "stdout" -STATEDIR=/var/run -########################### CONFIGURATION SECTION END ########################## - -PATH=/bin:/usr/bin:/sbin:/usr/sbin -DAY_IN_SECS=$((60*60*24)) -DATE_CURRENT=$(date '+%s') - -usage() -{ - echo "Usage: $0 [stdout]" - echo - echo "Detailed description and configuration is embedded within the script." - exit 0 -} - -message() -{ - cat << EOF - WARNING: certificate $certfile - is about to expire in time equal to or less than $DAYS days from now on, - or has already expired - it might be a good idea to obtain/create new one. - -EOF -} - -message_mail() -{ - message - cat << EOF - NOTE: This message is being sent only once. - - A lock-file - $STATEDIR/certwatch-mailwarning-sent-$certfilebase - has been created, which will prevent this script from mailing you again - upon its subsequent executions by crond. You dont need to care about it; - the file will be auto-deleted as soon as you'll prolong your certificate. -EOF -} - -unset stdout -case $# in - 0) ;; - 1) if [ "$1" = "-h" -o "$1" == "--help" ]; then - usage - elif [ "$1" = "stdout" ]; then - stdout=1 - else - usage - fi - ;; - *) usage ;; -esac - -for dir in $STATEDIR $CERTDIR ; do - if [ ! -d $dir ]; then - echo "ERROR: directory $dir does not exist" - exit 1 - fi -done -for binary in basename date find grep mail openssl touch ; do - if [ ! \( -x /usr/bin/$binary -o -x /bin/$binary \) ]; then - echo "ERROR: /usr/bin/$binary not found" - exit 1 - fi -done - -find $CERTDIR -type f -maxdepth 1 | while read certfile ; do - certfilebase="$(basename "$certfile")" - inform=PEM - echo "$certfile" | grep -q -i '\.net$' - if [ $? -eq 0 ]; then - # This is based purely on filename extension, so may give false results. - # But lets assume noone uses NET format certs today, ok? - continue - fi - echo "$certfile" | grep -q -i '\.der$' - if [ $? -eq 0 -o "$(file "$certfile" | egrep '(ASCII|PEM)')" == "" ]; then - inform=DER - fi - # We wont use '-checkend' since it is not properly documented (as of - # OpenSSL 0.9.8e). - DATE_CERT_EXPIRES=$(openssl x509 -in "$certfile" -inform $inform -noout -enddate | sed 's/^notAfter=//') - DATE_CERT_EXPIRES=$(date -d"$DATE_CERT_EXPIRES" +%s) - if [ $(($DATE_CERT_EXPIRES - $DATE_CURRENT)) -le $(($DAYS * $DAY_IN_SECS)) ] - then - if [ $stdout ]; then - message - else - if [ ! -f $STATEDIR/certwatch-mailwarning-sent-"$certfilebase" ]; then - subject="$0: certificate $certfile expiration warning" - message_mail | mail -r "certwatch@$HOSTNAME" \ - -s "$subject" \ - $MAILADDR 2>/dev/null - # echo "Mail about expiring certificate $certfile sent to $MAILADDR." - # echo "If you need to send it again, please remove lock-file" - # echo "$STATEDIR/certwatch-mailwarning-sent-$certfilebase ." - # echo - fi - touch $STATEDIR/certwatch-mailwarning-sent-"$certfilebase" - fi - else - if [ ! $stdout ]; then - if [ -f $STATEDIR/certwatch-mailwarning-sent-"$certfilebase" ]; then - rm $STATEDIR/certwatch-mailwarning-sent-"$certfilebase" - fi - fi - fi -done - |