def psslcircl(url, user, passwd, q):
cached = _cache_get(q, 'pssl')
if cached is not None:
return cached
psslcircl = PyPSSL(url, basic_auth=(user, passwd))
response = psslcircl.query(q)
if response.get(q) is not None:
entries = response[q]
_cache_set(q, entries, 'pssl')
return entries
return None
def query_certificates():
parser = argparse.ArgumentParser()
parser.add_argument('-u', '--username', required=True, type=str)
parser.add_argument('-p', '--password', required=True, type=str)
parser.add_argument('ip')
args = parser.parse_args()
ip = args.ip
psslObj = PyPSSL(basic_auth=(args.username, args.password))
resp = psslObj.query(ip)
if len(resp) == 0:
serv_pssl.set(ip, {})
else:
serv_pssl.set(ip, resp[ip])
def run(self):
super(Pssl, self).run()
if self.args is None:
return
if self.args.url:
url = self.args.url
elif PSSL_URL:
url = PSSL_URL
else:
self.log('error', 'You need to give the server to query.')
return
# Assuming the backend used is https://github.com/adulau/crl-monitor, the path is set by the API
url = url.rstrip('/')
if self.args.user:
user = self.args.user
else:
user = PSSL_USER
if self.args.password:
password = self.args.password
else:
password = PSSL_PASS
self.pssl = PyPSSL(url, basic_auth=(user, password))
if self.args.ip:
self.query_ip(self.args.ip)
elif self.args.cert:
self.query_cert(self.args.cert)
elif self.args.fetch:
self.fetch_cert(self.args.fetch)
else:
self.log('error', 'Please query something...')
def psslcircl(url, user, passwd, q):
cached = _cache_get(q, 'pssl')
if cached is not None:
return cached
pssl = PyPSSL(url, basic_auth=(user, passwd))
response = pssl.query(q)
if response.get(q) is not None:
certinfo = response.get(q)
entries = {}
for sha1 in certinfo['certificates']:
entries[sha1] = []
if certinfo['subjects'].get(sha1):
for value in certinfo['subjects'][sha1]['values']:
entries[sha1].append(value)
_cache_set(q, entries, 'pssl')
return entries
return None