diff options
Diffstat (limited to 'monitor/josef_reader.py')
| -rwxr-xr-x | monitor/josef_reader.py | 86 |
1 files changed, 68 insertions, 18 deletions
diff --git a/monitor/josef_reader.py b/monitor/josef_reader.py index c1ff10c..3abadb2 100755 --- a/monitor/josef_reader.py +++ b/monitor/josef_reader.py @@ -11,7 +11,7 @@ import subprocess from josef_leveldb import * from datetime import datetime as dt import ast -from monitor_conf import DB_PATH +from monitor_conf import DB_PATH, MONITORED_DOMAINS @@ -23,13 +23,35 @@ class monitored_domain: def add(self, item): self.entries.appent(item) + def set(self): + self.entries = db_monitor_domain(self.url, None, True, None) + print "Got " + str(len(self.entries)) + " certs for " + self.url + + def update(self): + new = db_monitor_domain(self.url, None, True, None) + if len(new) != len(self.entries): + # print self.entries + # print new + compare_entry_lists(new, self.entries) + self.entries = new + else: + for i in range(len(new)): + if new[i] == self.entries[i]: + pass + else: + print "ITEM CHANGED!" + + class monitored_entry: - def __init__(self, subject, issuer, log, status): + def __init__(self, subject, issuer, log, status, leaf_hash): self.issuer = issuer self.subject = subject self.log = log self.status = status + self.leaf_hash = leaf_hash + def __eq__(self, other): + return self.leaf_hash == other.leaf_hash def __str__(self): s = self.subject + \ @@ -51,15 +73,34 @@ parser.add_argument('--get-cert', action='store_true') args = parser.parse_args() -monitored_domains = [ - monitored_domain("*.preishelden.de"), - monitored_domain("*.liu.se"), - monitored_domain("*.kth.se"), - monitored_domain("*.nordu.net"), -] +monitored_domains = [] +for md in MONITORED_DOMAINS: + monitored_domains.append(monitored_domain(md)) db = DB_PATH +def compare_entry_lists(new, old): + added_items = [] + removed_items = [] + + for item in new: + if not item in old: + added_items.append(item) + + for item in old: + if not item in new: + removed_items.append(item) + + if len(added_items) != 0: + print str(len(added_items)) + " new item(s):" + for item in added_items: + print item + + if len(removed_items) != 0: + print str(len(removed_items)) + " removed item(s):" + for item in removed_items: + print item + def db_monitor_domain(domain, log=None, exclude_invalid=None, get_cert=None): @@ -76,7 +117,9 @@ def db_monitor_domain(domain, log=None, exclude_invalid=None, get_cert=None): try: entry = ast.literal_eval(item) except: - print (item + '}').replace("'", '"') + print "Failed to parse item: " + item + continue + success = True not_after_time = dt.strptime(entry["not_after"], "%b %d %H:%M:%S %Y GMT") not_before_time = dt.strptime(entry["not_before"], "%b %d %H:%M:%S %Y GMT") @@ -115,19 +158,24 @@ def db_monitor_domain(domain, log=None, exclude_invalid=None, get_cert=None): # Print matching if success: - me = monitored_entry(entry["subject"].split("CN=")[1], entry["issuer"].split("CN=")[1], entry["log"],valid) - print str(me) + me = monitored_entry(entry["subject"].split("CN=")[1], \ + entry["issuer"].split("CN=")[1], \ + entry["log"], \ + valid, \ + entry["leaf_hash"]) + # print str(me) if get_cert: print get_full_cert(entry) - res.append(me) + if me not in res: + res.append(me) - print str(count_all) + " matches found. " \ - + str(count_valid) + " valid, " \ - + str(count_expired) + " expired and " \ - + str(count_not_yet_valid) + " not yet valid for " \ - + domain + # print str(count_all) + " matches found. " \ + # + str(count_valid) + " valid, " \ + # + str(count_expired) + " expired and " \ + # + str(count_not_yet_valid) + " not yet valid for " \ + # + domain return res @@ -136,7 +184,9 @@ if args.domain: else: print "Running on " + str(len(monitored_domains)) + " monitored domains." for d in monitored_domains: - db_monitor_domain(d.url, args.log, args.exclude_invalid, args.get_cert) + d.set() + for d in monitored_domains: + d.update() |