1
|
|
2
|
|
3
|
|
4
|
import datetime
|
5
|
from zephir.monitor.agentmanager import util
|
6
|
|
7
|
response = """List of X.509 CRLs:
|
8
|
|
9
|
issuer: "C=FR, O=Education Nationale, OU=0002 110043015, CN=AC EN Scolarite et Formation"
|
10
|
serial: 08:40
|
11
|
revoked: 2 certificates
|
12
|
updates: this Jan 12 07:00:02 2016
|
13
|
next Jan 19 07:00:02 2016, ok (expires in 6 days)
|
14
|
authkey: cc:2e:37:0f:06:b2:b9:b5:e9:2d:ff:be:52:37:c6:1d:b4:b7:07:17
|
15
|
|
16
|
issuer: "C=FR, O=Education Nationale, OU=0002 110043015, CN=AC Education Nationale"
|
17
|
serial: 02
|
18
|
revoked: 0 certificates
|
19
|
updates: this Jul 26 02:00:00 2015
|
20
|
next Jul 26 02:00:00 2016, ok
|
21
|
authkey: d9:bf:42:dd:18:9b:3c:66:25:fa:bb:2e:0a:10:88:89:36:2c:b9:cb
|
22
|
|
23
|
issuer: "C=FR, O=Ministere Education Nationale Enseignement Superieur Recherche, CN=AC Racine Ministere ENESR"
|
24
|
serial: 02
|
25
|
revoked: 0 certificates
|
26
|
updates: this Jul 26 02:00:00 2015
|
27
|
next Jul 26 02:00:00 2016, ok
|
28
|
authkey: 3c:5b:f3:9c:16:d2:6e:16:06:c5:2f:cc:ee:92:0b:6c:b1:d2:38:25
|
29
|
"""
|
30
|
|
31
|
|
32
|
expire = {}
|
33
|
for line in response.split('\n'):
|
34
|
line = line.strip()
|
35
|
if line.startswith('issuer'):
|
36
|
issuer_key = line.split("issuer:")[1].strip()
|
37
|
if line.startswith('next'):
|
38
|
exp_crl = line.split()[1:5]
|
39
|
expire[issuer_key] = " ".join(exp_crl).split(',')[0]
|
40
|
if expire == {}:
|
41
|
|
42
|
print [{'ca_crl': "",
|
43
|
'expire': "ipsec listcrls ne renvoie pas de date d'invalidation de la crl" }]
|
44
|
|
45
|
res = []
|
46
|
warn_delta = datetime.timedelta(seconds=60*20)
|
47
|
date = datetime.datetime.now()
|
48
|
status_err = False
|
49
|
status_warn = False
|
50
|
for issuer_key, exp_date in expire.items():
|
51
|
print exp_date
|
52
|
expdate = util.parse_date(exp_date)
|
53
|
warndate = expdate - warn_delta
|
54
|
if date > expdate:
|
55
|
status_err = True
|
56
|
msg = "Au moins une CRL a expiré"
|
57
|
elif date > warndate and not status_err:
|
58
|
status_warn = True
|
59
|
msg = "Au moins une CRL expire dans les 20 minutes"
|
60
|
res.append({'ca_crl': issuer_key,
|
61
|
'expire': expdate.strftime('%d %b %Y %H:%M:%S')})
|
62
|
if status_err:
|
63
|
|
64
|
res.append('ERREUR')
|
65
|
elif status_warn:
|
66
|
|
67
|
res.append('WARNING')
|
68
|
print res
|
69
|
|