monitor/josef_reader.py


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121

#!/usr/bin/python
# -*- coding: utf-8 -*-     

import sys
from josef_lib import *
import leveldb
import argparse
import json
import base64
import subprocess
from josef_leveldb import *
from datetime import datetime as dt
import ast
from monitor_conf import DB_PATH


parser = argparse.ArgumentParser(description="")
parser.add_argument('--domain', default=None)
parser.add_argument('--log', default=None)
parser.add_argument('--exclude-invalid', action='store_true')
parser.add_argument('--get-cert', action='store_true')

args = parser.parse_args()

monitored_domains = [
    "google.com",
    "preishelden.de",
    "liu.se",
    "nordu.net",
    "symantec.com",
]

db = DB_PATH


def db_monitor_domain(domain, log=None, exclude_invalid=None, get_cert=None):
    print domain
    raw = db_lookup_domain(db, domain)

    cur_time = dt.now()
    count_valid = 0
    count_expired = 0
    count_not_yet_valid = 0
    count_all = 0
    for item in raw:
        try:
            entry = ast.literal_eval(item)
        except:
            print (item + '}').replace("'", '"')
        success = True
        not_after_time = dt.strptime(entry["not_after"], "%b %d %H:%M:%S %Y GMT")
        not_before_time = dt.strptime(entry["not_before"], "%b %d %H:%M:%S %Y GMT")


        if log:
            if log in entry["log"]:
                pass
            else:
                success = False

        if cur_time > not_after_time:
            valid = False
            expired = True
        elif cur_time < not_before_time:
            valid = False
            expired = False
        else:
            expired = False
            valid = True

        # Exclude expired
        if exclude_invalid and not valid:
            success = False
            
        
        # Set count matches
        if success:
            count_all += 1
            if valid:
                count_valid += 1
            elif expired:
                count_expired += 1
            else:
                count_not_yet_valid += 1

        # Print matching
        if success:
            s = entry["subject"].split("CN=")[1] + \
            " certified by " + entry["issuer"].split("CN=")[1] + \
            " (" + entry["log"] + ") "
            if valid:
                print "(VALID) " + s
            else:
                print "(NOT VALID) " + s

            if get_cert:
                print get_full_cert(entry)


    print str(count_all) + " matches found. " \
    + str(count_valid) + " valid, " \
    + str(count_expired) + " expired and " \
    + str(count_not_yet_valid) + " not yet valid."


if args.domain:
    # if args.log:
    #     log = args.log
    # else:
    #     log = None
    # d = args.domain
    db_monitor_domain(args.domain)
    # db_monitor_domain(args.domain, args.log, args.exclude_invalid, args.get_cert)
else:
    print "No domain selected!"
    sys.exit()