diff options
| author | Georg Brandl <georg@python.org> | 2010-12-30 17:32:22 +0000 | 
|---|---|---|
| committer | Georg Brandl <georg@python.org> | 2010-12-30 17:32:22 +0000 | 
| commit | 5684a9ac30c09bf78f15be16864be7f1147cc2bb (patch) | |
| tree | f9ceb9068ec6a9dc39c1dd869cfefcb606adb6c6 /Tools/ssl/get-remote-certificate.py | |
| parent | 4cf83f4d128bd40ebe3b6e59ced4895f554d18de (diff) | |
| download | cpython-git-5684a9ac30c09bf78f15be16864be7f1147cc2bb.tar.gz | |
Clean up tools: remove "world" and "framer", move single SSL script to scripts/.
Diffstat (limited to 'Tools/ssl/get-remote-certificate.py')
| -rw-r--r-- | Tools/ssl/get-remote-certificate.py | 83 | 
1 files changed, 0 insertions, 83 deletions
| diff --git a/Tools/ssl/get-remote-certificate.py b/Tools/ssl/get-remote-certificate.py deleted file mode 100644 index 02f1c8a868..0000000000 --- a/Tools/ssl/get-remote-certificate.py +++ /dev/null @@ -1,83 +0,0 @@ -#!/usr/bin/env python3 -# -# fetch the certificate that the server(s) are providing in PEM form -# -# args are HOST:PORT [, HOST:PORT...] -# -# By Bill Janssen. - -import re -import os -import ssl -import sys -import tempfile - - -def fetch_server_certificate (host, port): - -    def subproc(cmd): -        from subprocess import Popen, PIPE, STDOUT -        proc = Popen(cmd, stdout=PIPE, stderr=STDOUT, shell=True) -        status = proc.wait() -        output = proc.stdout.read() -        return status, output - -    def strip_to_x509_cert(certfile_contents, outfile=None): -        m = re.search(br"^([-]+BEGIN CERTIFICATE[-]+[\r]*\n" -                      br".*[\r]*^[-]+END CERTIFICATE[-]+)$", -                      certfile_contents, re.MULTILINE | re.DOTALL) -        if not m: -            return None -        else: -            tn = tempfile.mktemp() -            fp = open(tn, "wb") -            fp.write(m.group(1) + b"\n") -            fp.close() -            try: -                tn2 = (outfile or tempfile.mktemp()) -                status, output = subproc(r'openssl x509 -in "%s" -out "%s"' % -                                         (tn, tn2)) -                if status != 0: -                    raise OperationError(status, tsig, output) -                fp = open(tn2, 'rb') -                data = fp.read() -                fp.close() -                os.unlink(tn2) -                return data -            finally: -                os.unlink(tn) - -    if sys.platform.startswith("win"): -        tfile = tempfile.mktemp() -        fp = open(tfile, "w") -        fp.write("quit\n") -        fp.close() -        try: -            status, output = subproc( -                'openssl s_client -connect "%s:%s" -showcerts < "%s"' % -                (host, port, tfile)) -        finally: -            os.unlink(tfile) -    else: -        status, output = subproc( -            'openssl s_client -connect "%s:%s" -showcerts < /dev/null' % -            (host, port)) -    if status != 0: -        raise OSError(status) -    certtext = strip_to_x509_cert(output) -    if not certtext: -        raise ValueError("Invalid response received from server at %s:%s" % -                         (host, port)) -    return certtext - - -if __name__ == "__main__": -    if len(sys.argv) < 2: -        sys.stderr.write( -            "Usage:  %s HOSTNAME:PORTNUMBER [, HOSTNAME:PORTNUMBER...]\n" % -            sys.argv[0]) -        sys.exit(1) -    for arg in sys.argv[1:]: -        host, port = arg.split(":") -        sys.stdout.buffer.write(fetch_server_certificate(host, int(port))) -    sys.exit(0) | 
