Compare commits
2 Commits
0046798424
...
b32b15b5b7
Author | SHA1 | Date |
---|---|---|
nervuri | b32b15b5b7 | |
nervuri | d536aa9003 |
|
@ -84,6 +84,7 @@ while read -r host; do
|
||||||
cert=$(fetch_cert "$host_and_port" 'timeout 10')
|
cert=$(fetch_cert "$host_and_port" 'timeout 10')
|
||||||
|
|
||||||
if [ -z "$cert" ]; then
|
if [ -z "$cert" ]; then
|
||||||
|
>&2 echo # empty line
|
||||||
>&2 echo "$host_and_port - connection failed"
|
>&2 echo "$host_and_port - connection failed"
|
||||||
fi
|
fi
|
||||||
|
|
||||||
|
@ -100,6 +101,7 @@ while read -r host; do
|
||||||
cert_via_tor=$(fetch_cert "$host_and_port" 'timeout 25' 'torsocks')
|
cert_via_tor=$(fetch_cert "$host_and_port" 'timeout 25' 'torsocks')
|
||||||
|
|
||||||
if [ -z "$cert_via_tor" ]; then
|
if [ -z "$cert_via_tor" ]; then
|
||||||
|
[ -n "$cert" ] && >&2 echo # output empty line to stderr if cert was downloaded without Tor
|
||||||
>&2 echo "$host_and_port - Tor connection failed"
|
>&2 echo "$host_and_port - Tor connection failed"
|
||||||
elif [ -n "$cert" ] && [ "$cert" != "$cert_via_tor" ]; then
|
elif [ -n "$cert" ] && [ "$cert" != "$cert_via_tor" ]; then
|
||||||
>&2 echo "$host_and_port - Tor VERIFICATION FAILED (certs don't match)!!!"
|
>&2 echo "$host_and_port - Tor VERIFICATION FAILED (certs don't match)!!!"
|
||||||
|
|
3
main.sh
3
main.sh
|
@ -19,6 +19,9 @@ else
|
||||||
./get-certs.sh
|
./get-certs.sh
|
||||||
fi
|
fi
|
||||||
|
|
||||||
|
echo '=== prune old certs ==='
|
||||||
|
./prune-old-certs.sh
|
||||||
|
|
||||||
echo '=== cert details ==='
|
echo '=== cert details ==='
|
||||||
./cert-details.sh
|
./cert-details.sh
|
||||||
|
|
||||||
|
|
|
@ -0,0 +1,32 @@
|
||||||
|
#!/bin/sh
|
||||||
|
|
||||||
|
# Remove certificates of hosts that both:
|
||||||
|
# - have been down for more than 30 days;
|
||||||
|
# - are no longer in the hosts file.
|
||||||
|
|
||||||
|
set -o errexit # (-e) exit immediately if any command has a non-zero exit status
|
||||||
|
set -o nounset # (-u) don't accept undefined variables
|
||||||
|
#set -o xtrace # for debugging
|
||||||
|
|
||||||
|
# Go where this script is.
|
||||||
|
cd "$(dirname "$0")" || exit
|
||||||
|
|
||||||
|
# Go through certs of hosts that have been down for more than 30 days.
|
||||||
|
find certs -mtime +30 -type f -execdir sh -c '
|
||||||
|
cert_file="$1"
|
||||||
|
host=$(expr "$cert_file" : "^\.\/\(.*\)\:[0-9]*\.pem$")
|
||||||
|
port=$(expr "$cert_file" : "^\.\/.*\:\([0-9]*\)\.pem$")
|
||||||
|
|
||||||
|
# Append port if not default
|
||||||
|
if [ "$port" != 1965 ]; then
|
||||||
|
host="$host:$port"
|
||||||
|
fi
|
||||||
|
|
||||||
|
# If it is not in the hosts file, delete it.
|
||||||
|
if ! grep -xq "$host" ../hosts; then
|
||||||
|
echo "Pruning $host"
|
||||||
|
rm "$cert_file"
|
||||||
|
fi
|
||||||
|
' sh {} \;
|
||||||
|
|
||||||
|
echo OK
|
Loading…
Reference in New Issue