Implement SSL monitoring through server
This commit is contained in:
parent
ff877e734a
commit
b678777f06
|
@ -1,10 +1,13 @@
|
|||
import os, setuptools, socketserver, sys, syslog, threading
|
||||
import datetime, os, setuptools, socketserver, ssltools, sys, syslog, threading
|
||||
|
||||
SYSLOG = 0
|
||||
STDOUT = 1
|
||||
STDDEB = 2 # STDOUT + Debug
|
||||
SILENT = 9 # Quiet mode
|
||||
|
||||
SSL = 0
|
||||
PORT = 1
|
||||
|
||||
exec("logging = %s or STDOUT" % setuptools.getSetting("Log", "sink"))
|
||||
|
||||
def logger(message, prio=syslog.LOG_INFO, sink=logging):
|
||||
|
@ -25,6 +28,12 @@ def logger(message, prio=syslog.LOG_INFO, sink=logging):
|
|||
logging = STDOUT
|
||||
logger(message, prio, logging)
|
||||
|
||||
def listIncluded(host, section):
|
||||
for i in setuptools.getListSetting("SSL" if section == 0 else "Ports", "hosts"):
|
||||
if i[0] == host:
|
||||
return True
|
||||
return False
|
||||
|
||||
class TCPHandler(socketserver.StreamRequestHandler):
|
||||
def readString(self):
|
||||
return self.rfile.readline().strip()
|
||||
|
@ -38,20 +47,39 @@ class TCPHandler(socketserver.StreamRequestHandler):
|
|||
def worker(self, message):
|
||||
content = message.split()
|
||||
command = content[0].lower()
|
||||
if command in ("hi"):
|
||||
return "HI: Kumi Status v0.8.15 (KSP)"
|
||||
elif command in ("heartbeat", "hb", "ping"):
|
||||
return "OK: Still here? Wow."
|
||||
elif command in ("stat", "status"):
|
||||
return False
|
||||
elif command in ("ssl", "tls"):
|
||||
return False
|
||||
elif command in ("req", "request"):
|
||||
return "NI: Requesting monitoring is not yet implemented."
|
||||
elif command == "help":
|
||||
return False
|
||||
else:
|
||||
return "UC: Unknown command %s." % command
|
||||
try:
|
||||
if command in ("hi"):
|
||||
return "HI: Kumi Status v0.8.15 (KSP)"
|
||||
elif command in ("heartbeat", "hb", "ping"):
|
||||
return "OK: Still here? Wow."
|
||||
elif command in ("stat", "status"):
|
||||
return False
|
||||
elif command in ("ssl", "tls"):
|
||||
try:
|
||||
if listIncluded(str(content[1]), SSL):
|
||||
expiry = ssltools.getRemoteExpiry(str(content[1]), int(content[2]))
|
||||
if expiry > datetime.datetime.now():
|
||||
return "OK: %s certificate is valid until %s." % (content[1], expiry)
|
||||
elif expiry < datetime.datetime.now():
|
||||
return "AL: %s certificate has expired! (%s) Please renew ASAP!" % (content[1], expiry)
|
||||
else:
|
||||
return "NM: %s is not being monitored!" % content[1]
|
||||
except TypeError:
|
||||
raise
|
||||
except:
|
||||
return "ER: Could not verify SSL certificate on %s:%i. Is the server down?" % (content[1], content[2])
|
||||
elif command == "port":
|
||||
return False
|
||||
elif command in ("req", "request"):
|
||||
return "NI: Requesting monitoring is not yet implemented."
|
||||
elif command == "help":
|
||||
return False
|
||||
else:
|
||||
return "IM: Unknown command %s." % command
|
||||
# except TypeError:
|
||||
# return "IM: Invalid values passed to %s." % command
|
||||
except IndexError:
|
||||
return "IM: Invalid values passed to %s." % command
|
||||
|
||||
def handle(self):
|
||||
remote = self.client_address[0] + ":" + str(self.client_address[1])
|
||||
|
|
Loading…
Reference in New Issue