summaryrefslogtreecommitdiff
path: root/crypt-expiry-check.in
diff options
context:
space:
mode:
authorErich Eckner <git@eckner.net>2022-07-18 22:40:43 +0200
committerErich Eckner <git@eckner.net>2022-07-18 22:40:43 +0200
commit4ad5214592cb257b9307e7ae29172c1c4b975193 (patch)
tree08ff5bf9543e9c3cd36ac16ebd7d205123af862b /crypt-expiry-check.in
parente4d2011028cc8a8e0ff0c650ee671172b17ab0d9 (diff)
downloadcrypt-expiry-check-4ad5214592cb257b9307e7ae29172c1c4b975193.tar.xz
fix whitespaces
Diffstat (limited to 'crypt-expiry-check.in')
-rwxr-xr-xcrypt-expiry-check.in46
1 files changed, 23 insertions, 23 deletions
diff --git a/crypt-expiry-check.in b/crypt-expiry-check.in
index 474fc97..b9834cc 100755
--- a/crypt-expiry-check.in
+++ b/crypt-expiry-check.in
@@ -6,13 +6,13 @@
# Author of ssl-cert-check: Matty < matty91 at gmail dot com >
# Maintainer of crypt-expiry-check: Erich < crux at eckner dot net >
#
-# Purpose:
+# Purpose:
# crypt-expiry-check checks to see if a digital certificate in X.509 format
-# or a GnuPG-key has expired. ssl-cert-check can be run in interactive
-# and batch mode, and provides facilities to alarm if a certificate is
+# or a GnuPG-key has expired. ssl-cert-check can be run in interactive
+# and batch mode, and provides facilities to alarm if a certificate is
# about to expire.
#
-# License:
+# License:
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation; either version 2 of the License, or
@@ -25,12 +25,12 @@
#
# Requirements:
# Requires openssl gnupg
-#
-# Installation:
+#
+# Installation:
# Copy the shell script to a suitable location
#
# Usage:
-# Refer to the usage() sub-routine, or invoke crypt-expiry-check
+# Refer to the usage() sub-routine, or invoke crypt-expiry-check
# with the "-h" option.
PATH=/bin:/usr/bin:/sbin:/usr/sbin:/usr/local/bin:/usr/local/ssl/bin:/usr/sfw/bin
@@ -117,13 +117,13 @@ set_retcode()
# Purpose: Print a line with the expiraton interval
# Arguments:
# $1 -> Hostname
-# $2 -> TCP Port
+# $2 -> TCP Port
# $3 -> Status of certification (e.g., expired or valid)
# $4 -> Date when certificate will expire
-# $5 -> Days left until the certificate will expire
+# $5 -> Days left until the certificate will expire
# $6 -> Issuer of the certificate
#####################################################################
-prints()
+prints()
{
if ${ISSUER} && ! ${VALIDATION}
then
@@ -146,7 +146,7 @@ prints()
${PRINTF} "%-47s %-12s %-12s %-4s %-30s\n" "$1:$2" "$3" "${MIN_DATE}" \|days="$5"
else
${PRINTF} "%-47s %-12s %-12s %-4s %-30s\n" "$1:$2" "$3" "${MIN_DATE}" "$5"
- fi
+ fi
else
${PRINTF} "%-35s %-35s %-32s\n" "$1:$2" "$7" "$8"
fi
@@ -158,10 +158,10 @@ prints()
# Arguments:
# None
####################################################
-print_heading()
+print_heading()
{
if ! ${NOHEADER}
- then
+ then
if ${ISSUER} && ! ${NAGIOS} && ! ${VALIDATION}
then
${PRINTF} "\n%-35s %-17s %-8s %-11s %-4s\n" "Host" "Issuer" "Status" "Expires" "Days" >> ${STDOUT_TMP}
@@ -171,12 +171,12 @@ print_heading()
then
${PRINTF} "\n%-35s %-35s %-32s %-17s\n" "Host" "Common Name" "Serial #" "Issuer" >> ${STDOUT_TMP}
echo "----------------------------------- ----------------------------------- -------------------------------- -----------------" >> ${STDOUT_TMP}
-
+
elif ! ${NAGIOS} && ! ${VALIDATION}
then
${PRINTF} "\n%-47s %-12s %-12s %-4s\n" "Host" "Status" "Expires" "Days" >> ${STDOUT_TMP}
echo "----------------------------------------------- ------------ ------------ ----" >> ${STDOUT_TMP}
-
+
elif ! ${NAGIOS} && ${VALIDATION}
then
${PRINTF} "\n%-35s %-35s %-32s\n" "Host" "Common Name" "Serial #" >> ${STDOUT_TMP}
@@ -192,11 +192,11 @@ print_heading()
# Arguments:
# None
##########################################
-usage()
+usage()
{
>&2 echo "$(basename "$0") checks expiration of gpg keys and X.509 certificates and sends emails if keys are about to expire."
>&2 echo ""
- >&2 echo "Usage: $0 [ -e email address ] [ -x days ] [-q] [-a] [-b] [-h] [-i] [-n] [-v] { [ -s common_name:port] } || { [ -f cert_file ] } || { [ -c certificate file ] } || { [ -g email address ] }"
+ >&2 echo "Usage: $0 [ -e email address ] [ -x days ] [-q] [-a] [-b] [-h] [-i] [-n] [-v] { [ -s common_name:port] } || { [ -f cert_file ] } || { [ -c certificate file ] } || { [ -g email address ] }"
>&2 echo ""
>&2 echo " -a Send a warning message through E-mail"
>&2 echo " -b Will not print header"
@@ -242,7 +242,7 @@ check_server_status() {
elif [ "_${2}" = "_pop3" -o "_${2}" = "_110" ]
then
TLSFLAG="-starttls pop3"
-
+
elif [ "_${2}" = "_imap" -o "_${2}" = "_143" ]
then
TLSFLAG="-starttls imap"
@@ -285,12 +285,12 @@ check_server_status() {
then
prints ${1} ${2} "Cannot resolve domain" "Unknown" | ${TEE} -a ${MAILOUT_TMP} >> ${STDOUT_TMP}
set_retcode 3
-
+
elif ${GREP} -iq "Operation timed out" ${ERROR_TMP}
then
prints ${1} ${2} "Operation timed out" "Unknown" | ${TEE} -a ${MAILOUT_TMP} >> ${STDOUT_TMP}
set_retcode 3
-
+
elif ${GREP} -iq "ssl handshake failure" ${ERROR_TMP}
then
prints ${1} ${2} "SSL handshake failed" "Unknown" | ${TEE} -a ${MAILOUT_TMP} >> ${STDOUT_TMP}
@@ -300,7 +300,7 @@ check_server_status() {
then
prints ${1} ${2} "Connection timed out" "Unknown" | ${TEE} -a ${MAILOUT_TMP} >> ${STDOUT_TMP}
set_retcode 3
-
+
else
check_file_status ${CERT_TMP} $1 $2 $3
fi
@@ -406,7 +406,7 @@ check_file_status() {
# send the informational message to /dev/null
${OPENSSL} pkcs12 -nokeys -in ${CERTFILE} \
-out ${CERT_TMP} -clcerts -password pass:${PKCSDBPASSWD} 2> /dev/null
-
+
# Extract the expiration date from the certificate
CERTDATE=$(${OPENSSL} x509 -in ${CERT_TMP} -enddate -noout | \
${SED} 's/notAfter\=//')
@@ -420,7 +420,7 @@ check_file_status() {
COMMONNAME=$(${OPENSSL} x509 -in ${CERT_TMP} -subject -noout | \
${SED} -e 's/.*CN=//' | \
${SED} -e 's/\/.*//')
-
+
### Grab the serial number from the X.509 certificate
SERIAL=$(${OPENSSL} x509 -in ${CERT_TMP} -serial -noout | \
${SED} -e 's/serial=//')