statusd.py: extend the logging
logs now the common name and serial number from client certificate. display_peercert() new.
This commit is contained in:
parent
fef38a278b
commit
909f02fc1d
1 changed files with 11 additions and 9 deletions
20
statusd.py
20
statusd.py
|
@ -92,10 +92,13 @@ def print_ciphers(cipherlist):
|
||||||
|
|
||||||
def display_peercert(cert):
|
def display_peercert(cert):
|
||||||
for i in cert.keys():
|
for i in cert.keys():
|
||||||
print(i)
|
print('{}:'.format(i))
|
||||||
for j in cert[i]:
|
if i in ('subject', 'issuer'):
|
||||||
print('\t{}'.format(j))
|
for j in cert[i]:
|
||||||
return
|
print('\t{}'.format(j))
|
||||||
|
else:
|
||||||
|
print('\t{}'.format(cert[i]))
|
||||||
|
return True
|
||||||
|
|
||||||
|
|
||||||
def receive_buffer_is_valid(raw_data):
|
def receive_buffer_is_valid(raw_data):
|
||||||
|
@ -208,10 +211,8 @@ def main():
|
||||||
'VERBOSITY': 'info'
|
'VERBOSITY': 'info'
|
||||||
}
|
}
|
||||||
CONFIG_FILE = './statusd.conf'
|
CONFIG_FILE = './statusd.conf'
|
||||||
FINGERPRINT = \
|
|
||||||
'35:8E:35:FA:58:0A:DD:2B:C8:6A:F9:EA:A3:7B:10:F5:62:89:AB:D0:AB:53:3E:B5:8B:AB:E1:23:CF:93:F5:F9'
|
|
||||||
|
|
||||||
loglevel = logging.DEBUG
|
loglevel = logging.INFO
|
||||||
logging.basicConfig(format='%(levelname)s: %(message)s', level=loglevel)
|
logging.basicConfig(format='%(levelname)s: %(message)s', level=loglevel)
|
||||||
read_config(CONFIG_FILE, CONFIG)
|
read_config(CONFIG_FILE, CONFIG)
|
||||||
print_config(CONFIG)
|
print_config(CONFIG)
|
||||||
|
@ -255,7 +256,9 @@ def main():
|
||||||
try:
|
try:
|
||||||
conn = context.wrap_socket(fromSocket, server_side = True)
|
conn = context.wrap_socket(fromSocket, server_side = True)
|
||||||
# display_peercert(conn.getpeercert())
|
# display_peercert(conn.getpeercert())
|
||||||
logging.debug('SSL established. Peer: {}'.format(conn.getpeercert()))
|
logging.info('SSL connection established')
|
||||||
|
logging.info('commonName: {}'.format(conn.getpeercert()['subject'][5][0][1]))
|
||||||
|
logging.info('serialNumber: {}'.format(conn.getpeercert()['serialNumber']))
|
||||||
except Exception as e:
|
except Exception as e:
|
||||||
logging.error('SSL handshake failed: {}'.format(e))
|
logging.error('SSL handshake failed: {}'.format(e))
|
||||||
raw_data = conn.recv(1)
|
raw_data = conn.recv(1)
|
||||||
|
@ -276,7 +279,6 @@ def main():
|
||||||
conn.send(b'\x03')
|
conn.send(b'\x03')
|
||||||
sleep(0.1) # protection against dos
|
sleep(0.1) # protection against dos
|
||||||
except KeyboardInterrupt:
|
except KeyboardInterrupt:
|
||||||
print('\rExit')
|
|
||||||
logging.info('Exit')
|
logging.info('Exit')
|
||||||
exit()
|
exit()
|
||||||
except Exception as e:
|
except Exception as e:
|
||||||
|
|
Loading…
Reference in a new issue