def getCertValidityRange(certPath, daysYN=0): """ parse a cert (x509) and snag the validity range. Returns (notBefore, notAfter) in seconds or days the epoch. """ certPath = cleanupAbsPath(certPath) if not os.path.exists(certPath): return None, None args = "/usr/bin/openssl x509 -dates -noout -in %s" % certPath ret, out_stream, err_stream = rhn_popen(args) out = out_stream.read(); out_stream.close() err = err_stream.read(); err_stream.close() out = string.strip(out) if ret or not out: raise RhnSslToolException("certificate parse (for validity range) " "failed:\n%s\n%s" % (out, err)) if out \ and string.find(out, 'notBefore=')!=-1 \ and string.find(out, 'notAfter=')!=-1: notBefore, notAfter = string.split(out, '\n') notBefore = string.strip(string.split(notBefore, 'notBefore=')[1])[:-4] notAfter = string.strip(string.split(notAfter, 'notAfter=')[1])[:-4] # secs from epoch notBefore = str2secs(notBefore, '%b %d %H:%M:%S %Y') notAfter = str2secs(notAfter, '%b %d %H:%M:%S %Y') if daysYN: # days from epoch notBefore = secs2days(notBefore) notAfter = secs2days(notAfter) return notBefore, notAfter else: raise RhnSslToolException("certificate parse (for validity range) " "failed:\n%s\n%s" % (out, err))
def daysTil18Jan2038(): "(float) days til 1 day before the great 32-bit overflow" return secs2days(secsTil18Jan2038())