diff options
author | Erich Eckner <git@eckner.net> | 2016-11-25 17:33:37 +0100 |
---|---|---|
committer | Erich Eckner <git@eckner.net> | 2016-11-25 17:33:37 +0100 |
commit | 8479a9f3935c76948d94d7952b75366942bb3cd6 (patch) | |
tree | 990510b7c072333fd67b64bb9b1b11010c8b3055 /crypt-expiry-check.in | |
parent | e34f4fa99bee632bcb82a0b4fb563d14401132c0 (diff) | |
download | crypt-expiry-check-8479a9f3935c76948d94d7952b75366942bb3cd6.tar.xz |
crypt-expiry-check kann jetzt auch was anderes statt gpg verwenden
Diffstat (limited to 'crypt-expiry-check.in')
-rwxr-xr-x | crypt-expiry-check.in | 29 |
1 files changed, 19 insertions, 10 deletions
diff --git a/crypt-expiry-check.in b/crypt-expiry-check.in index e631140..d70bb32 100755 --- a/crypt-expiry-check.in +++ b/crypt-expiry-check.in @@ -202,13 +202,14 @@ usage() >&2 echo " -e E-mail address E-mail address to send expiration notices" >&2 echo " -f cert file File with a list of FQDNs and ports" >&2 echo " -g E-mail address E-mail address to check expiry of gpg-key from" + >&2 echo " -G executbl:E-mail Use 'executbl' instead of 'gpg' for checking expiry of E-mail's key. Must accept --list-keys and --list-secret-keys as gpg does." >&2 echo " -h Print this screen" >&2 echo " -i Print the issuer of the certificate" >&2 echo " -k password PKCS12 file password" >&2 echo " -n Run as a Nagios plugin" + >&2 echo " -q Don't print anything on the console" >&2 echo " -s commmon_name:port Server and Port to connect to (interactive mode)" >&2 echo " -t type Specify the certificate type" - >&2 echo " -q Don't print anything on the console" >&2 echo " -v Specify a specific protocol version to use (tls, ssl2, ssl3)" >&2 echo " -V Only print validation data" >&2 echo " -x days Certificate expiration interval (eg. if cert_date < days)" @@ -395,16 +396,16 @@ check_file_status() { check_gpg_key_status() { ### Check to make sure gpg is available - if [ ! -f ${GPG} ] + if [ ! -f "${1}" ] then - >&2 echo "ERROR: The gnupg binary does not exist in ${GPG}." - >&2 echo "FIX: Please modify the \${GPG} variable in the program header or ommit testing of gpg-keys." + >&2 echo "ERROR: The gnupg binary does not exist in ${1}." + >&2 echo "FIX: Please modify the \${GPG} variable in the program header, provide alternative executable via -G or ommit testing of gpg-keys." exit 1 fi - GPG_ADDRESS="${1}" - KEY_INFO="$(${GPG} --list-secret-keys ${GPG_ADDRESS} 2> /dev/null)" - [ -z "${KEY_INFO}" ] && KEY_INFO="$(${GPG} --list-keys ${GPG_ADDRESS})" + GPG_ADDRESS="${2}" + KEY_INFO="$(${1} --list-secret-keys ${GPG_ADDRESS} 2> /dev/null)" + [ -z "${KEY_INFO}" ] && KEY_INFO="$(${1} --list-keys ${GPG_ADDRESS})" KEY_DATE_STR="$( echo "${KEY_INFO}" | \ @@ -449,7 +450,7 @@ check_gpg_key_status() { ################################# ### Start of main program ################################# -while getopts abc:e:f:g:hik:nqs:t:x:v:VZ option +while getopts abc:e:f:g:G:hik:nqs:t:x:v:VZ option do case "${option}" in @@ -470,6 +471,11 @@ do ;; g) CHECKADDRESSES[${#CHECKADDRESSES[@]}]=${OPTARG} + CHECKADDRESSBINARIES[${#CHECKADDRESSBINARIES[@]}]=${GPG} + ;; + G) + CHECKADDRESSES[${#CHECKADDRESSES[@]}]=${OPTARG#*:} + CHECKADDRESSBINARIES[${#CHECKADDRESSBINARIES[@]}]=$(which ${OPTARG%%:*}) ;; i) ISSUER=true @@ -606,7 +612,10 @@ do check_file_status "${HOST}" "FILE" "${HOST}" elif [ "${PORT}" = "GPG" ] then - check_gpg_key_status "${HOST}" + check_gpg_key_status "${GPG}" "${HOST}" + elif [[ "${PORT}" = "GPG:"* ]] + then + check_gpg_key_status "$(which ${PORT#*:})" "${HOST}" else check_server_status "${HOST}" "${PORT}" fi @@ -620,7 +629,7 @@ done for (( i=0; i<${#CHECKADDRESSES[@]}; i++ )) do - check_gpg_key_status "${CHECKADDRESSES[${i}]}" + check_gpg_key_status "${CHECKADDRESSBINARIES[${i}]}" "${CHECKADDRESSES[${i}]}" done if ! ${QUIET} |