Szwendacz/ContainersWorkspace
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

add pycert to system-toolbox
Some checks failed
Build images / build-images-amd64 (push) Failing after 9m39s
Details
Build images / build-images-arm64 (push) Failing after 12m28s
Details
Build images / update-images-manifests (push) Has been skipped
Details

Browse source
This commit is contained in:
Szwendacz 2024-04-05 12:46:04 +02:00 committed by Maciej Lebiest
parent 8c86d9aaf3
commit 213a7e2a3f
2 changed files with 88 additions and 6 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

12
system-toolbox/Containerfile
View file

@ -1,4 +1,4 @@
FROM registry.fedoraproject.org/fedora:39 FROM registry.fedoraproject.org/fedora-minimal
USER root USER root
@ -6,7 +6,7 @@ ENV HISTSIZE=10000
ENV HISTTIMEFORMAT="%d/%m/%y %T " ENV HISTTIMEFORMAT="%d/%m/%y %T "
ENV HISTFILESIZE=20000 ENV HISTFILESIZE=20000
ENV PKGS_BASE="fzf bash-completion" ENV PKGS_BASE="fzf bash-completion python3-cryptography"
ENV PKGS_GENERAL="htop \ ENV PKGS_GENERAL="htop \
btop \ btop \
@ -37,12 +37,12 @@ ENV PKGS_NETWORK="bind-utils \
iptraf-ng \ iptraf-ng \
mtr" mtr"
RUN dnf clean all && \ RUN dnf5 install -y ${PKGS_BASE} ${PKGS_GENERAL} ${PKGS_PROCESSES} ${PKGS_NETWORK} && \
dnf install -y ${PKGS_BASE} ${PKGS_GENERAL} ${PKGS_PROCESSES} ${PKGS_NETWORK} && \ dnf5 -y autoremove && \
dnf -y autoremove && \ dnf5 -y clean all
dnf -y clean all
COPY help-toolbox.sh /usr/bin/help-toolbox COPY help-toolbox.sh /usr/bin/help-toolbox
COPY ./bin /usr/local/bin
RUN chmod 555 /usr/bin/help-toolbox && \ RUN chmod 555 /usr/bin/help-toolbox && \
echo $'[ -f /usr/share/fzf/shell/key-bindings.bash ] && source /usr/share/fzf/shell/key-bindings.bash;\ echo $'[ -f /usr/share/fzf/shell/key-bindings.bash ] && source /usr/share/fzf/shell/key-bindings.bash;\

82
system-toolbox/bin/pycert Executable file
View file

@ -0,0 +1,82 @@
#!/usr/bin/env python3
import argparse
import socket
import ssl
from cryptography import x509
parser = argparse.ArgumentParser(description='Show ssl certificate info')
parser.add_argument(type=str,
dest='host',
help='Address on which ssl cert is served.')
parser.add_argument('-H',
'--hostname',
type=str,
required=False,
default=None,
dest='hostname',
help='Hostname to be used in ssl context.')
args = parser.parse_args()
address: list[str] = args.host.split(':')
HOST: str = address[0]
HOSTNAME: str
if args.hostname:
HOSTNAME = args.hostname
else:
HOSTNAME = HOST
PORT: int
if len(address) > 1:
PORT = int(address[1])
else:
PORT = 443
context: ssl.SSLContext = ssl.create_default_context()
context.check_hostname = False
context.verify_mode = ssl.CERT_NONE
conn: ssl.SSLSocket
with context.wrap_socket(socket.socket(socket.AF_INET),
server_hostname=HOSTNAME,
do_handshake_on_connect=True) as conn:
conn.settimeout(5.0)
conn.connect((HOST, PORT))
cert_pem = ssl.DER_cert_to_PEM_cert(conn.getpeercert(binary_form=True))
cert: x509.Certificate = x509.load_pem_x509_certificate(cert_pem.encode())
key: x509.Extension
san = ""
for key in cert.extensions:
if key.oid._name == 'subjectAltName':
san = f"subjectAltName: {key.value}"
print(f"""
Issuer: {cert.issuer}
Subject: {cert.subject}
{san}
Not valid before: {cert.not_valid_before}
Not valid after: {cert.not_valid_after}
Public key type: {cert.public_key().__class__.__name__}
Public key size: {cert.public_key().key_size}
Version: {cert.version}
Serial number: {cert.serial_number}
Signature algorithm: {cert.signature_algorithm_oid._name}
Signature hash: {cert.signature_hash_algorithm.name}
""")
key: x509.Extension
for key in cert.extensions:
print(f'{key.oid._name}: {key.value}')
print(f"""
SSL connection context info:
SSL/TLS version: {conn.version()}
Ciphers: {conn.cipher()}
Hostname: {conn.server_hostname}
""")
print(f"""PEM cert:
{cert_pem}
""")