diff options
author | Erich Eckner <git@eckner.net> | 2022-07-18 22:40:43 +0200 |
---|---|---|
committer | Erich Eckner <git@eckner.net> | 2022-07-18 22:40:43 +0200 |
commit | 4ad5214592cb257b9307e7ae29172c1c4b975193 (patch) | |
tree | 08ff5bf9543e9c3cd36ac16ebd7d205123af862b /crypt-expiry-check.in | |
parent | e4d2011028cc8a8e0ff0c650ee671172b17ab0d9 (diff) | |
download | crypt-expiry-check-4ad5214592cb257b9307e7ae29172c1c4b975193.tar.xz |
fix whitespaces
Diffstat (limited to 'crypt-expiry-check.in')
-rwxr-xr-x | crypt-expiry-check.in | 46 |
1 files changed, 23 insertions, 23 deletions
diff --git a/crypt-expiry-check.in b/crypt-expiry-check.in index 474fc97..b9834cc 100755 --- a/crypt-expiry-check.in +++ b/crypt-expiry-check.in @@ -6,13 +6,13 @@ # Author of ssl-cert-check: Matty < matty91 at gmail dot com > # Maintainer of crypt-expiry-check: Erich < crux at eckner dot net > # -# Purpose: +# Purpose: # crypt-expiry-check checks to see if a digital certificate in X.509 format -# or a GnuPG-key has expired. ssl-cert-check can be run in interactive -# and batch mode, and provides facilities to alarm if a certificate is +# or a GnuPG-key has expired. ssl-cert-check can be run in interactive +# and batch mode, and provides facilities to alarm if a certificate is # about to expire. # -# License: +# License: # This program is free software; you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by # the Free Software Foundation; either version 2 of the License, or @@ -25,12 +25,12 @@ # # Requirements: # Requires openssl gnupg -# -# Installation: +# +# Installation: # Copy the shell script to a suitable location # # Usage: -# Refer to the usage() sub-routine, or invoke crypt-expiry-check +# Refer to the usage() sub-routine, or invoke crypt-expiry-check # with the "-h" option. PATH=/bin:/usr/bin:/sbin:/usr/sbin:/usr/local/bin:/usr/local/ssl/bin:/usr/sfw/bin @@ -117,13 +117,13 @@ set_retcode() # Purpose: Print a line with the expiraton interval # Arguments: # $1 -> Hostname -# $2 -> TCP Port +# $2 -> TCP Port # $3 -> Status of certification (e.g., expired or valid) # $4 -> Date when certificate will expire -# $5 -> Days left until the certificate will expire +# $5 -> Days left until the certificate will expire # $6 -> Issuer of the certificate ##################################################################### -prints() +prints() { if ${ISSUER} && ! ${VALIDATION} then @@ -146,7 +146,7 @@ prints() ${PRINTF} "%-47s %-12s %-12s %-4s %-30s\n" "$1:$2" "$3" "${MIN_DATE}" \|days="$5" else ${PRINTF} "%-47s %-12s %-12s %-4s %-30s\n" "$1:$2" "$3" "${MIN_DATE}" "$5" - fi + fi else ${PRINTF} "%-35s %-35s %-32s\n" "$1:$2" "$7" "$8" fi @@ -158,10 +158,10 @@ prints() # Arguments: # None #################################################### -print_heading() +print_heading() { if ! ${NOHEADER} - then + then if ${ISSUER} && ! ${NAGIOS} && ! ${VALIDATION} then ${PRINTF} "\n%-35s %-17s %-8s %-11s %-4s\n" "Host" "Issuer" "Status" "Expires" "Days" >> ${STDOUT_TMP} @@ -171,12 +171,12 @@ print_heading() then ${PRINTF} "\n%-35s %-35s %-32s %-17s\n" "Host" "Common Name" "Serial #" "Issuer" >> ${STDOUT_TMP} echo "----------------------------------- ----------------------------------- -------------------------------- -----------------" >> ${STDOUT_TMP} - + elif ! ${NAGIOS} && ! ${VALIDATION} then ${PRINTF} "\n%-47s %-12s %-12s %-4s\n" "Host" "Status" "Expires" "Days" >> ${STDOUT_TMP} echo "----------------------------------------------- ------------ ------------ ----" >> ${STDOUT_TMP} - + elif ! ${NAGIOS} && ${VALIDATION} then ${PRINTF} "\n%-35s %-35s %-32s\n" "Host" "Common Name" "Serial #" >> ${STDOUT_TMP} @@ -192,11 +192,11 @@ print_heading() # Arguments: # None ########################################## -usage() +usage() { >&2 echo "$(basename "$0") checks expiration of gpg keys and X.509 certificates and sends emails if keys are about to expire." >&2 echo "" - >&2 echo "Usage: $0 [ -e email address ] [ -x days ] [-q] [-a] [-b] [-h] [-i] [-n] [-v] { [ -s common_name:port] } || { [ -f cert_file ] } || { [ -c certificate file ] } || { [ -g email address ] }" + >&2 echo "Usage: $0 [ -e email address ] [ -x days ] [-q] [-a] [-b] [-h] [-i] [-n] [-v] { [ -s common_name:port] } || { [ -f cert_file ] } || { [ -c certificate file ] } || { [ -g email address ] }" >&2 echo "" >&2 echo " -a Send a warning message through E-mail" >&2 echo " -b Will not print header" @@ -242,7 +242,7 @@ check_server_status() { elif [ "_${2}" = "_pop3" -o "_${2}" = "_110" ] then TLSFLAG="-starttls pop3" - + elif [ "_${2}" = "_imap" -o "_${2}" = "_143" ] then TLSFLAG="-starttls imap" @@ -285,12 +285,12 @@ check_server_status() { then prints ${1} ${2} "Cannot resolve domain" "Unknown" | ${TEE} -a ${MAILOUT_TMP} >> ${STDOUT_TMP} set_retcode 3 - + elif ${GREP} -iq "Operation timed out" ${ERROR_TMP} then prints ${1} ${2} "Operation timed out" "Unknown" | ${TEE} -a ${MAILOUT_TMP} >> ${STDOUT_TMP} set_retcode 3 - + elif ${GREP} -iq "ssl handshake failure" ${ERROR_TMP} then prints ${1} ${2} "SSL handshake failed" "Unknown" | ${TEE} -a ${MAILOUT_TMP} >> ${STDOUT_TMP} @@ -300,7 +300,7 @@ check_server_status() { then prints ${1} ${2} "Connection timed out" "Unknown" | ${TEE} -a ${MAILOUT_TMP} >> ${STDOUT_TMP} set_retcode 3 - + else check_file_status ${CERT_TMP} $1 $2 $3 fi @@ -406,7 +406,7 @@ check_file_status() { # send the informational message to /dev/null ${OPENSSL} pkcs12 -nokeys -in ${CERTFILE} \ -out ${CERT_TMP} -clcerts -password pass:${PKCSDBPASSWD} 2> /dev/null - + # Extract the expiration date from the certificate CERTDATE=$(${OPENSSL} x509 -in ${CERT_TMP} -enddate -noout | \ ${SED} 's/notAfter\=//') @@ -420,7 +420,7 @@ check_file_status() { COMMONNAME=$(${OPENSSL} x509 -in ${CERT_TMP} -subject -noout | \ ${SED} -e 's/.*CN=//' | \ ${SED} -e 's/\/.*//') - + ### Grab the serial number from the X.509 certificate SERIAL=$(${OPENSSL} x509 -in ${CERT_TMP} -serial -noout | \ ${SED} -e 's/serial=//') |