shell/certificate
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

-u <url> | —url <url> argument

Browse Source 
Now we can pass a single url as argument to be checked.
This commit is contained in:
Bruno21
2024-11-01 15:06:23 +01:00
parent e23249c733
commit b0d2988961
2 changed files with 137 additions and 55 deletions
Download Patch File Download Diff File Expand all files Collapse all files

175
urls_check.sh
View File

@@ -14,7 +14,6 @@ green="\033[0;32m"
greenbold="\033[1;32m" greenbold="\033[1;32m"
reset="\033[0m" reset="\033[0m"
command -v showcert >/dev/null 2>&1 || { echo -e "${bold}showcert${reset} is not installed ${italic}(pip install showcert)${reset}. Aborting..." >&2; exit 1; }
cat < /dev/null > /dev/tcp/1.1.1.1/53 cat < /dev/null > /dev/tcp/1.1.1.1/53
if [[ $? -ne 0 ]]; then if [[ $? -ne 0 ]]; then
@@ -23,7 +22,7 @@ if [[ $? -ne 0 ]]; then
exit 1 exit 1
fi fi
#urls=("https://clicclac.info" "https://clicclac.info/wordpress" "https://sur-le-sentier.fr" "https://maboiteverte.fr") url=
urls=() urls=()
port=443 port=443
# Days left before notification # Days left before notification
@@ -90,15 +89,21 @@ display_help() {
# taken from https://stackoverflow.com/users/4307337/vincent-stans # taken from https://stackoverflow.com/users/4307337/vincent-stans
echo "Usage: $0 " >&2 echo "Usage: $0 " >&2
echo echo
echo "urls_check.sh will read a list of urls in urls_list.txt file, then return the status code for each url." echo -e "${bold}urls_check.sh${reset} will read a list of urls in ${underline}urls_list.txt${reset} file, then return the status code for each url."
echo "If the site is up (status code: 200, 301, 302, 303, 307), then certificate information will be displayed." echo -e "If the site is up (status code: 200, 301, 302, 303, 307), then certificate information will be displayed."
echo "If the site is down or the certificate is outdated, a Pushover (or Gotify) notification will be sent." echo -e "If the site is down or the certificate is outdated, a Pushover (or Gotify) notification will be sent."
echo "status.txt give description and a link to Mozilla for each status code." echo -e "${underline}status.txt${reset} give description and a link to Mozilla for each status code."
echo -e "${bold}showcert${reset} is required to check certificate ${italic}(pip install showcert)${reset}. If not, ${bold}openssl${reset} will be used."
echo
echo -e "${bold}Options:${reset}"
echo -e " -u <url> | --url <url> Check the url passed as argument."
echo -e " -h | --help Display this help."
echo echo
# echo some stuff here for the -a or --add-options # echo some stuff here for the -a or --add-options
exit 1 exit 1
} }
: << 'COMMENTS'
while [[ "$#" -gt 0 ]]; do while [[ "$#" -gt 0 ]]; do
case $1 in case $1 in
-h|--help) display_help; shift ;; -h|--help) display_help; shift ;;
@@ -106,47 +111,96 @@ while [[ "$#" -gt 0 ]]; do
esac esac
shift shift
done done
COMMENTS
optspec=":u:h-:"
# Chargement de la liste des urls depuis urls_list.txt while getopts "$optspec" opt
while read -r line
do do
[ ${line:0:1} != "#" ] && urls+=("$line") case $opt in
done < urls_list.txt -) case "${OPTARG}" in
help) display_help;;
url)
url="${!OPTIND}"; OPTIND=$(( OPTIND + 1 ))
;;
url=*)
url=${OPTARG#*=}
#opt=${OPTARG%=$file}
opt="$(printf "%s\n" "${OPTARG}" | cut -d'=' -f1 )" ; url="$(printf "%s\n" "${OPTARG}" | cut -d'=' -f2-)"
;;
*)
if [ "$OPTERR" = 1 ] && [ "${optspec:0:1}" = ":" ]; then
echo "Unknown option --${OPTARG}" >&2
fi
exit 3
;;
esac;;
u) url="${OPTARG}";;
h)
display_help
;;
*)
if [ "$OPTERR" != 1 ] || [ "${optspec:0:1}" = ":" ]; then
echo "Non-option argument: '-${OPTARG}'" >&2
fi
exit 4
;;
esac
done
shift "$((OPTIND-1))"
# Ajout des domaines non-requis
if [ -f "$not_required_domains" ]; then command -v showcertif >/dev/null 2>&1 || { echo -e "${bold}showcert${reset} is not installed ${italic}(pip install showcert)${reset}. ${bold}openssl${reset} will be used.\n" >&2; }
#a=$(grep 'not_required=' sync_pihole_lan.sh)
a=$(grep 'not_required=' $not_required_domains)
b=$(echo "$a" | awk -F"=" '{split($2, arr, "[()]"); print arr[2]}' | sed 's/\"//g')
not_required=(${b})
for val in "${!not_required[@]}" regex='(https?|ftp|file)://[-[:alnum:]\+&@#/%?=~_|!:,.;]+'
do if [[ $url =~ $regex ]]; then
z="https://${not_required[$val]}.photos-nas.ovh" # L'URL passé en argument est checkée
urls+=("${z}")
done
urls+=("$url")
else else
echo "file $not_required_domains not find !" # Chargement de la liste des urls depuis urls_list.txt
echo "Domain like drive.photos-nas.ovh won't be checked.'"
while read -r line
do
[ ${line:0:1} != "#" ] && urls+=("$line")
done < urls_list.txt
# Ajout des domaines non-requis
if [ -f "$not_required_domains" ]; then
a=$(grep 'not_required=' $not_required_domains)
b=$(echo "$a" | awk -F"=" '{split($2, arr, "[()]"); print arr[2]}' | sed 's/\"//g')
not_required=(${b})
for val in "${!not_required[@]}"
do
z="https://${not_required[$val]}.photos-nas.ovh"
urls+=("${z}")
done
else
echo "file $not_required_domains not find !"
echo "Domain like drive.photos-nas.ovh won't be checked.'"
fi
# Tri du tableau d'urls
IFS=$'\n' urls_sorted=($(sort <<<"${urls[*]}"))
unset IFS
urls=()
newArr=()
while IFS= read -r -d '' x
do
urls+=("$x")
done < <(printf "%s\0" "${urls_sorted[@]}" | sort -uz)
fi fi
# Tri du tableau d'urls
IFS=$'\n' urls_sorted=($(sort <<<"${urls[*]}"))
unset IFS
urls=()
newArr=()
while IFS= read -r -d '' x
do
urls+=("$x")
done < <(printf "%s\0" "${urls_sorted[@]}" | sort -uz)
# On efface la liste des urls down # On efface la liste des urls down
[ -f "./urls_down_list_curl.txt" ] && rm "./urls_down_list_curl.txt" [ -f "./urls_down_list_curl.txt" ] && rm "./urls_down_list_curl.txt"
@@ -180,20 +234,44 @@ check_url() {
} }
info_certif() { info_certif() {
# cn=$(echo | openssl s_client -connect $1 2>/dev/null | openssl x509 -noout -subject -dates -issuer)
domain=$(echo "$1" | grep -Eo '^http[s]?://[^/]+' | cut -c 9- ) domain=$(echo "$1" | grep -Eo '^http[s]?://[^/]+' | cut -c 9- )
cert=$(showcert "$domain")
ip=$(echo "$cert" | grep IP | awk -F": " '{print $2}') if command -v showcertif >/dev/null 2>&1; then
names=$(echo "$cert" | grep Names | awk -F": " '{print $2}')
issuer=$(echo "$cert" | grep Issuer | awk -F": " '{print $2}') cert=$(showcert "$domain")
start=$(echo "$cert" | grep Before | awk -F": " '{print $2}')
end=$(echo "$cert" | grep notAfter | awk -F": " '{print $2}') ip=$(echo "$cert" | grep IP | awk -F": " '{print $2}')
left=$(echo "$end" | awk -F" " '{split($3, arr, "[()]"); print arr[2]}') names=$(echo "$cert" | grep Names | awk -F": " '{print $2}')
issuer=$(echo "$cert" | grep Issuer | awk -F": " '{print $2}')
start=$(echo "$cert" | grep Before | awk -F": " '{print $2}')
end=$(echo "$cert" | grep notAfter | awk -F": " '{print $2}')
left=$(echo "$end" | awk -F" " '{split($3, arr, "[()]"); print arr[2]}')
subject=""
else
cert=`echo |
openssl s_client -connect $domain:$port 2>/dev/null |
openssl x509 -issuer -subject -dates -noout`
issuer=$(echo "$cert" | grep issuer | awk -F"issuer=" '{print $2}')
subject=$(echo "$cert" | grep subject | awk -F"subject=" '{print $2}')
start=$(echo "$cert" | grep Before | awk -F"=" '{print $2}')
end=$(echo "$cert" | grep notAfter | awk -F"=" '{print $2}')
timestamp_current=$(date +"%s")
timestamp_end=$(date --date="$end" +"%s")
left=$(($((timestamp_end - timestamp_current))/(60*60*24)))
end="$end ($left days left)"
names=""
ip=$(dig +short $host)
fi
[ $left -lt $nday ] && echo -e "${red}" [ $left -lt $nday ] && echo -e "${red}"
echo -e "Names: $names" if [ -n "$names" ]; then
echo -e "Names: $names"
elif [ -n "$subject" ]; then
echo -e "Subject: $subject"
fi
echo -e "Issuer: $issuer" echo -e "Issuer: $issuer"
echo -e "Date début: $start" echo -e "Date début: $start"
echo -e "Date fin: $end\n" echo -e "Date fin: $end\n"
@@ -238,8 +316,9 @@ done
# Affichage des serveurs qui ne répondent pas # Affichage des serveurs qui ne répondent pas
echo -e "\n${redbold}Url down: ${reset}"
if [ -f "./urls_down_list_curl.txt" ]; then if [ -f "./urls_down_list_curl.txt" ]; then
echo -e "\n${redbold}Url down: ${reset}"
cp "./urls_down_list_curl.txt" urls_down_list_curl.bak cp "./urls_down_list_curl.txt" urls_down_list_curl.bak
url_down=$(cat "./urls_down_list_curl.txt") url_down=$(cat "./urls_down_list_curl.txt")
echo -e "$url_down\n" echo -e "$url_down\n"
@@ -262,6 +341,8 @@ if [ -f "./urls_down_list_curl.txt" ]; then
#pushover -a "bash" -m "A new version of Pi-hole is available: <br /> $msg_html <br /> $infos_html <br /> Please run <b>pihole -up</b> on $host to update" -p 2 -f 1 #pushover -a "bash" -m "A new version of Pi-hole is available: <br /> $msg_html <br /> $infos_html <br /> Please run <b>pihole -up</b> on $host to update" -p 2 -f 1
fi fi
else
echo -e "${green}\nNo url is down !${reset}"
fi fi

1
validity.sh
View File

@@ -109,6 +109,7 @@ for host in "${hosts[@]}"; do
e="Date fin: $end" e="Date fin: $end"
else else
echo "$host"
cert=`echo | cert=`echo |
openssl s_client -connect $host:$port 2>/dev/null | openssl s_client -connect $host:$port 2>/dev/null |
openssl x509 -issuer -subject -dates -noout` openssl x509 -issuer -subject -dates -noout`