ltsdb/clients/record_tlscert

#!/usr/bin/python3

import argparse
import socket
import ssl
import time

import ltsdb_record

ap = argparse.ArgumentParser()
ap.add_argument("--verbose", action="store_true")
ap.add_argument("hostname")
ap.add_argument("port", type=int, default=443, nargs="?")
args = ap.parse_args()

now = time.time()
report0 = []

with socket.create_connection((args.hostname, args.port)) as sock:
    context = ssl.create_default_context()
    try:
        with context.wrap_socket(sock, server_hostname=args.hostname) as ssock:
            cert = ssock.getpeercert()
            not_after = ssl.cert_time_to_seconds(cert["notAfter"])
            delta = not_after - now
    except ssl.SSLCertVerificationError as e:
        print("got error %s; setting delta to 0", e)
        delta = 0
    report0.append({ "measure": "tls_cert_ttl", "unit": "s", "value": delta })

report = [
    {
        "description": {
            "hostname": args.hostname,
            "port": args.port,
            "measure": r["measure"],
            "unit": r["unit"]
        },
        "data": [
            [now, r["value"]]
        ]
    }
    for r in report0
]

success = ltsdb_record.record_observations(report)
exit(1 - success)
Add simple visualization 2022-11-20 18:43:45 +01:00			`#!/usr/bin/python3`

			`import argparse`
			`import socket`
			`import ssl`
			`import time`

Use ltsdb_record.record_observations 2023-09-20 11:00:39 +02:00			`import ltsdb_record`
Add simple visualization 2022-11-20 18:43:45 +01:00
			`ap = argparse.ArgumentParser()`
Print SSLCertVerificationError if we get one This also adds an option --verbose, but it doesn't actually do anything. The error is alway reported. 2022-12-21 10:03:13 +01:00			`ap.add_argument("--verbose", action="store_true")`
Add simple visualization 2022-11-20 18:43:45 +01:00			`ap.add_argument("hostname")`
			`ap.add_argument("port", type=int, default=443, nargs="?")`
			`args = ap.parse_args()`

			`now = time.time()`
			`report0 = []`

			`with socket.create_connection((args.hostname, args.port)) as sock:`
			`context = ssl.create_default_context()`
Report errors as "just expired" 2022-11-20 18:46:39 +01:00			`try:`
			`with context.wrap_socket(sock, server_hostname=args.hostname) as ssock:`
			`cert = ssock.getpeercert()`
			`not_after = ssl.cert_time_to_seconds(cert["notAfter"])`
			`delta = not_after - now`
Print SSLCertVerificationError if we get one This also adds an option --verbose, but it doesn't actually do anything. The error is alway reported. 2022-12-21 10:03:13 +01:00			`except ssl.SSLCertVerificationError as e:`
			`print("got error %s; setting delta to 0", e)`
Report errors as "just expired" 2022-11-20 18:46:39 +01:00			`delta = 0`
			`report0.append({ "measure": "tls_cert_ttl", "unit": "s", "value": delta })`
Add simple visualization 2022-11-20 18:43:45 +01:00
			`report = [`
			`{`
			`"description": {`
			`"hostname": args.hostname,`
			`"port": args.port,`
			`"measure": r["measure"],`
			`"unit": r["unit"]`
			`},`
			`"data": [`
			`[now, r["value"]]`
			`]`
			`}`
			`for r in report0`
			`]`

Use ltsdb_record.record_observations 2023-09-20 11:00:39 +02:00			`success = ltsdb_record.record_observations(report)`
			`exit(1 - success)`