Skip to content

Instantly share code, notes, and snippets.

@enko

enko/check_rrsig.py

Created September 6, 2015 17:10
Show Gist options
  • Save enko/22a2e9c88ea9431c1916 to your computer and use it in GitHub Desktop.
Save enko/22a2e9c88ea9431c1916 to your computer and use it in GitHub Desktop.
Download ZIP
A script to check to the lifetime of a rrsig
Raw
check_rrsig.py
#!/usr/bin/env python
# -*- coding: utf-8 -*-
import sys
import subprocess
import re
import datetime
def main():
if (len(sys.argv) != 2):
print "please specify a zone"
return
command = "dig +noall +answer +dnssec -t rrsig +cd %s" % (sys.argv[1])
results = subprocess.check_output(command,shell=True)
lines = results.split("\n")
timetoexpire = 200
for line in lines:
elements = re.split("\s",line)
if (len(elements) == 26):
format = "%Y%m%d%H%M%S"
now = datetime.datetime.now()
minexpire = datetime.datetime.strptime(elements[10], format)
maxexpire = datetime.datetime.strptime(elements[9], format)
if ((maxexpire-now).days < timetoexpire):
timetoexpire = (maxexpire-now).days
print timetoexpire
if __name__ == "__main__":
main()
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment