Implement SSL monitoring through server
This commit is contained in:
parent
ff877e734a
commit
b678777f06
|
@ -1,10 +1,13 @@
|
||||||
import os, setuptools, socketserver, sys, syslog, threading
|
import datetime, os, setuptools, socketserver, ssltools, sys, syslog, threading
|
||||||
|
|
||||||
SYSLOG = 0
|
SYSLOG = 0
|
||||||
STDOUT = 1
|
STDOUT = 1
|
||||||
STDDEB = 2 # STDOUT + Debug
|
STDDEB = 2 # STDOUT + Debug
|
||||||
SILENT = 9 # Quiet mode
|
SILENT = 9 # Quiet mode
|
||||||
|
|
||||||
|
SSL = 0
|
||||||
|
PORT = 1
|
||||||
|
|
||||||
exec("logging = %s or STDOUT" % setuptools.getSetting("Log", "sink"))
|
exec("logging = %s or STDOUT" % setuptools.getSetting("Log", "sink"))
|
||||||
|
|
||||||
def logger(message, prio=syslog.LOG_INFO, sink=logging):
|
def logger(message, prio=syslog.LOG_INFO, sink=logging):
|
||||||
|
@ -25,6 +28,12 @@ def logger(message, prio=syslog.LOG_INFO, sink=logging):
|
||||||
logging = STDOUT
|
logging = STDOUT
|
||||||
logger(message, prio, logging)
|
logger(message, prio, logging)
|
||||||
|
|
||||||
|
def listIncluded(host, section):
|
||||||
|
for i in setuptools.getListSetting("SSL" if section == 0 else "Ports", "hosts"):
|
||||||
|
if i[0] == host:
|
||||||
|
return True
|
||||||
|
return False
|
||||||
|
|
||||||
class TCPHandler(socketserver.StreamRequestHandler):
|
class TCPHandler(socketserver.StreamRequestHandler):
|
||||||
def readString(self):
|
def readString(self):
|
||||||
return self.rfile.readline().strip()
|
return self.rfile.readline().strip()
|
||||||
|
@ -38,20 +47,39 @@ class TCPHandler(socketserver.StreamRequestHandler):
|
||||||
def worker(self, message):
|
def worker(self, message):
|
||||||
content = message.split()
|
content = message.split()
|
||||||
command = content[0].lower()
|
command = content[0].lower()
|
||||||
if command in ("hi"):
|
try:
|
||||||
return "HI: Kumi Status v0.8.15 (KSP)"
|
if command in ("hi"):
|
||||||
elif command in ("heartbeat", "hb", "ping"):
|
return "HI: Kumi Status v0.8.15 (KSP)"
|
||||||
return "OK: Still here? Wow."
|
elif command in ("heartbeat", "hb", "ping"):
|
||||||
elif command in ("stat", "status"):
|
return "OK: Still here? Wow."
|
||||||
return False
|
elif command in ("stat", "status"):
|
||||||
elif command in ("ssl", "tls"):
|
return False
|
||||||
return False
|
elif command in ("ssl", "tls"):
|
||||||
elif command in ("req", "request"):
|
try:
|
||||||
return "NI: Requesting monitoring is not yet implemented."
|
if listIncluded(str(content[1]), SSL):
|
||||||
elif command == "help":
|
expiry = ssltools.getRemoteExpiry(str(content[1]), int(content[2]))
|
||||||
return False
|
if expiry > datetime.datetime.now():
|
||||||
else:
|
return "OK: %s certificate is valid until %s." % (content[1], expiry)
|
||||||
return "UC: Unknown command %s." % command
|
elif expiry < datetime.datetime.now():
|
||||||
|
return "AL: %s certificate has expired! (%s) Please renew ASAP!" % (content[1], expiry)
|
||||||
|
else:
|
||||||
|
return "NM: %s is not being monitored!" % content[1]
|
||||||
|
except TypeError:
|
||||||
|
raise
|
||||||
|
except:
|
||||||
|
return "ER: Could not verify SSL certificate on %s:%i. Is the server down?" % (content[1], content[2])
|
||||||
|
elif command == "port":
|
||||||
|
return False
|
||||||
|
elif command in ("req", "request"):
|
||||||
|
return "NI: Requesting monitoring is not yet implemented."
|
||||||
|
elif command == "help":
|
||||||
|
return False
|
||||||
|
else:
|
||||||
|
return "IM: Unknown command %s." % command
|
||||||
|
# except TypeError:
|
||||||
|
# return "IM: Invalid values passed to %s." % command
|
||||||
|
except IndexError:
|
||||||
|
return "IM: Invalid values passed to %s." % command
|
||||||
|
|
||||||
def handle(self):
|
def handle(self):
|
||||||
remote = self.client_address[0] + ":" + str(self.client_address[1])
|
remote = self.client_address[0] + ":" + str(self.client_address[1])
|
||||||
|
|
Loading…
Reference in a new issue