lqez · October 12, 2015 08:28
diff --git a/gistfile1.py b/gistfile1.py
 #!/usr/bin/python
 # -*- coding:utf-8 -*-
 # Park Hyunwoo <[email protected]>
 #
 # You can download ssl-cert-check from http://prefetch.net/articles/checkcertificate.html
 #

 import smtplib
 import email
 import os
 import re
 import subprocess

 conf = {
    'host'          : 'YOUR_SMTP_SERVER_HOSTNAME',
    'port'          : 587,
    'user'          : 'USERNAME_FOR_AUTH',
    'password'      : 'PASSWORD_FOR_AUTH',

    'cert_checker'  : 'ssl-cert-check',
    'cert_dir'      : 'DIRECTORY_CONTAINS_CERTS',
    'cert_filter'   : '*production*.pem',
    'warn_to_day'   : 7,

    'from'          : 'Certificate Sentry <[email protected]>',
    'to'            : 'MAIL_OF_YOU',
 }

 def check_certificates( cert_dir, cert_filter, cert_checker, warn_to_day ):
    res = {'warning':[], 'expired':[]}
    try:
        output = subprocess.check_output(
            'find %s -name %s -exec %s -x %d -c {} \; | grep FILE:' % (cert_dir, cert_filter, cert_checker, warn_to_day),
            shell=True)
        prog = re.compile(r'FILE:([^ ]+) (Valid|Expired)[ ]+([A-Za-z]{3} [0-9]{,2} [0-9]{4})[ ]+([0-9\-]+)')
        for s in output.split('\n'):
            r = prog.match(s)
            if not r: continue

            if r.group(2) == 'Expiring':
                res['warning'].append({'file': r.group(1), 'day': r.group(4)})
            elif r.group(2) == 'Expired':
                res['expired'].append({'file': r.group(1), 'day': r.group(4)})

    except subprocess.CalledProcessError:
        return None

    return res

 def send_mail(host, port, user, password, from_user, to_user, subject, text):
    msg = email.MIMEMultipart.MIMEMultipart('alternative')
    msg['From'] = from_user
    msg['To'] = to_user
    msg['Subject'] = email.Header.Header(s=subject, charset='utf-8')
    msg['Date'] = email.Utils.formatdate(localtime = 1)
    msg.attach(email.MIMEText.MIMEText(text, 'html', _charset='utf-8'))

    smtp = smtplib.SMTP(host, port)
    smtp.ehlo()
    smtp.starttls()
    smtp.ehlo()
    smtp.login(user, password)
    smtp.sendmail(from_user, to_user, msg.as_string())
    smtp.close()


 if __name__ == '__main__':
    result = check_certificates( conf['cert_dir'], conf['cert_filter'], conf['cert_checker'], conf['warn_to_day'] )
    if result:
        title = None
        body = ''

        if result['warning']:
            title = 'Some certificates are going to be expired.'
            tab = '<h2>WARNING</h2><table><tr><th>Remain</th><th>File</th></tr>'
            for w in result['warning']:
                tab = tab + '<tr><td>%s</td><td>%s</td></tr>' % (w['day'], w['file'])
            tab = tab + '</table>'
            body = body + tab

        if result['expired']:
            title = '[ERROR] Expired certifications were detected.'
            tab = '<h2><font color="red">EXPIRED</font></h2><table><tr><th>Over</th><th>File</th></tr>'
            for e in result['expired']:
                tab = tab + '<tr><td>%s</td><td>%s</td></tr>' % (e['day'], e['file'])
            tab = tab + '</table>'
            body = tab + body

        body = '<html><body>'+body+'</body></html>'

        if title:
            send_mail( conf['host'], conf['port'], conf['user'], conf['password'], conf['from'], conf['to'], title, body )
	#!/usr/bin/python
	# -- coding:utf-8 --
	# Park Hyunwoo <[email protected]>
	#
	# You can download ssl-cert-check from http://prefetch.net/articles/checkcertificate.html
	#

	import smtplib
	import email
	import os
	import re
	import subprocess

	conf = {
	'host' : 'YOUR_SMTP_SERVER_HOSTNAME',
	'port' : 587,
	'user' : 'USERNAME_FOR_AUTH',
	'password' : 'PASSWORD_FOR_AUTH',

	'cert_checker' : 'ssl-cert-check',
	'cert_dir' : 'DIRECTORY_CONTAINS_CERTS',
	'cert_filter' : 'production.pem',
	'warn_to_day' : 7,

	'from' : 'Certificate Sentry <[email protected]>',
	'to' : 'MAIL_OF_YOU',
	}

	def check_certificates( cert_dir, cert_filter, cert_checker, warn_to_day ):
	res = {'warning':[], 'expired':[]}
	try:
	output = subprocess.check_output(
	'find %s -name %s -exec %s -x %d -c {} \; \| grep FILE:' % (cert_dir, cert_filter, cert_checker, warn_to_day),
	shell=True)
	prog = re.compile(r'FILE:([^ ]+) (Valid\|Expired)[ ]+([A-Za-z]{3} [0-9]{,2} [0-9]{4})[ ]+([0-9\-]+)')
	for s in output.split('\n'):
	r = prog.match(s)
	if not r: continue

	if r.group(2) == 'Expiring':
	res['warning'].append({'file': r.group(1), 'day': r.group(4)})
	elif r.group(2) == 'Expired':
	res['expired'].append({'file': r.group(1), 'day': r.group(4)})

	except subprocess.CalledProcessError:
	return None

	return res

	def send_mail(host, port, user, password, from_user, to_user, subject, text):
	msg = email.MIMEMultipart.MIMEMultipart('alternative')
	msg['From'] = from_user
	msg['To'] = to_user
	msg['Subject'] = email.Header.Header(s=subject, charset='utf-8')
	msg['Date'] = email.Utils.formatdate(localtime = 1)
	msg.attach(email.MIMEText.MIMEText(text, 'html', _charset='utf-8'))

	smtp = smtplib.SMTP(host, port)
	smtp.ehlo()
	smtp.starttls()
	smtp.ehlo()
	smtp.login(user, password)
	smtp.sendmail(from_user, to_user, msg.as_string())
	smtp.close()


	if __name__ == '__main__':
	result = check_certificates( conf['cert_dir'], conf['cert_filter'], conf['cert_checker'], conf['warn_to_day'] )
	if result:
	title = None
	body = ''

	if result['warning']:
	title = 'Some certificates are going to be expired.'
	tab = '<h2>WARNING</h2><table><tr><th>Remain</th><th>File</th></tr>'
	for w in result['warning']:
	tab = tab + '<tr><td>%s</td><td>%s</td></tr>' % (w['day'], w['file'])
	tab = tab + '</table>'
	body = body + tab

	if result['expired']:
	title = '[ERROR] Expired certifications were detected.'
	tab = '<h2><font color="red">EXPIRED</font></h2><table><tr><th>Over</th><th>File</th></tr>'
	for e in result['expired']:
	tab = tab + '<tr><td>%s</td><td>%s</td></tr>' % (e['day'], e['file'])
	tab = tab + '</table>'
	body = tab + body

	body = '<html><body>'+body+'</body></html>'

	if title:
	send_mail( conf['host'], conf['port'], conf['user'], conf['password'], conf['from'], conf['to'], title, body )