def scrape_and_verify_scts(hostname, verification_tasks, ctlogs):
logger.info(flo('# {hostname}\n'))
res = do_handshake(hostname,
scts_tls=(verify_scts_by_tls in verification_tasks),
scts_ocsp=(verify_scts_by_ocsp in verification_tasks))
if res.ee_cert_der:
logger.debug('got certificate\n')
if res.ee_cert.is_ev_cert:
logger.info('* EV cert')
else:
logger.info('* no EV cert')
if res.ee_cert.is_letsencrypt_cert:
logger.info("* issued by Let's Encrypt\n")
else:
logger.info("* not issued by Let's Encrypt\n")
if res.err:
logger.warn(res.err)
else:
for verification_task in verification_tasks:
logger.info(flo('## {verification_task.__name__}\n'))
verifications = verification_task(res, ctlogs)
if verifications:
for verification in verifications:
show_verification(verification)
elif res.ee_cert_der is not None:
logger.info('no SCTs\n')
def main():
init_logger()
parser = create_parser()
args = parser.parse_args()
setup_logging(args.loglevel)
logger.debug(args)
if args.print_schema:
print_schema()
else:
ctloglist(args.print_json)
def main():
init_logger()
parser = create_parser()
args = parser.parse_args()
setup_logging(args.loglevel)
logger.debug(args)
# set ctlogs, type: [<ctutlz.ctlog.Log>, ...]
logs_dict = args.fetch_ctlogs()
set_operator_names(logs_dict)
ctlogs = Logs(logs_dict['logs'])
if args.log_list_filename:
logs_dict = read_log_list(args.log_list_filename)
set_operator_names(logs_dict)
ctlogs = Logs(logs_dict['logs'])
for host in args.hostname:
scrape_and_verify_scts(host, args.verification_tasks, ctlogs)