mirror of
https://github.com/processone/ejabberd.git
synced 2024-11-26 16:26:24 +01:00
Format expired certificates differently in list_certificates
This commit is contained in:
parent
2b1fea01cd
commit
7140c8d844
@ -311,16 +311,18 @@ renew_certificate(CAUrl, {DomainName, _} = Cert, PrivateKey) ->
|
|||||||
cert_to_expire({DomainName, #data_cert{pem = Pem}}) ->
|
cert_to_expire({DomainName, #data_cert{pem = Pem}}) ->
|
||||||
Certificate = pem_to_certificate(Pem),
|
Certificate = pem_to_certificate(Pem),
|
||||||
Validity = get_utc_validity(Certificate),
|
Validity = get_utc_validity(Certificate),
|
||||||
close_to_expire(Validity).
|
|
||||||
|
|
||||||
-spec close_to_expire(string()) -> boolean().
|
%% 30 days before expiration
|
||||||
close_to_expire(Validity) ->
|
close_to_expire(Validity, 30).
|
||||||
|
|
||||||
|
-spec close_to_expire(string(), integer()) -> boolean().
|
||||||
|
close_to_expire(Validity, Days) ->
|
||||||
{ValidDate, _ValidTime} = utc_string_to_datetime(Validity),
|
{ValidDate, _ValidTime} = utc_string_to_datetime(Validity),
|
||||||
ValidDays = calendar:date_to_gregorian_days(ValidDate),
|
ValidDays = calendar:date_to_gregorian_days(ValidDate),
|
||||||
|
|
||||||
{CurrentDate, _CurrentTime} = calendar:universal_time(),
|
{CurrentDate, _CurrentTime} = calendar:universal_time(),
|
||||||
CurrentDays = calendar:date_to_gregorian_days(CurrentDate),
|
CurrentDays = calendar:date_to_gregorian_days(CurrentDate),
|
||||||
CurrentDays > ValidDays - 30.
|
CurrentDays > ValidDays - Days.
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
@ -378,20 +380,26 @@ format_certificate(DataCert, Verbose) ->
|
|||||||
format_certificate_plain(DomainName, NotAfter, Path) ->
|
format_certificate_plain(DomainName, NotAfter, Path) ->
|
||||||
Result = lists:flatten(io_lib:format(
|
Result = lists:flatten(io_lib:format(
|
||||||
" Domain: ~s~n"
|
" Domain: ~s~n"
|
||||||
" Valid until: ~s UTC~n"
|
" ~s~n"
|
||||||
" Path: ~s",
|
" Path: ~s",
|
||||||
[DomainName, NotAfter, Path])),
|
[DomainName, format_validity(NotAfter), Path])),
|
||||||
Result.
|
Result.
|
||||||
|
|
||||||
-spec format_certificate_verbose(bitstring(), string(), bitstring()) -> string().
|
-spec format_certificate_verbose(bitstring(), string(), bitstring()) -> string().
|
||||||
format_certificate_verbose(DomainName, NotAfter, PemCert) ->
|
format_certificate_verbose(DomainName, NotAfter, PemCert) ->
|
||||||
Result = lists:flatten(io_lib:format(
|
Result = lists:flatten(io_lib:format(
|
||||||
" Domain: ~s~n"
|
" Domain: ~s~n"
|
||||||
" Valid until: ~s UTC~n"
|
" ~s~n"
|
||||||
" Certificate In PEM format: ~n~s",
|
" Certificate In PEM format: ~n~s",
|
||||||
[DomainName, NotAfter, PemCert])),
|
[DomainName, format_validity(NotAfter), PemCert])),
|
||||||
Result.
|
Result.
|
||||||
|
|
||||||
|
-spec format_validity({'expired' | 'ok', string()}) -> string().
|
||||||
|
format_validity({expired, NotAfter}) ->
|
||||||
|
io_lib:format("Expired at: ~s UTC", [NotAfter]);
|
||||||
|
format_validity({ok, NotAfter}) ->
|
||||||
|
io_lib:format("Valid until: ~s UTC", [NotAfter]).
|
||||||
|
|
||||||
-spec fail_format_certificate(bitstring()) -> string().
|
-spec fail_format_certificate(bitstring()) -> string().
|
||||||
fail_format_certificate(DomainName) ->
|
fail_format_certificate(DomainName) ->
|
||||||
Result = lists:flatten(io_lib:format(
|
Result = lists:flatten(io_lib:format(
|
||||||
@ -413,7 +421,7 @@ get_commonName(#'Certificate'{tbsCertificate = TbsCertificate}) ->
|
|||||||
%% TODO: Remove the length-encoding from the commonName before returning it
|
%% TODO: Remove the length-encoding from the commonName before returning it
|
||||||
CommonName.
|
CommonName.
|
||||||
|
|
||||||
-spec get_notAfter(#'Certificate'{}) -> string().
|
-spec get_notAfter(#'Certificate'{}) -> {expired | ok, string()}.
|
||||||
get_notAfter(Certificate) ->
|
get_notAfter(Certificate) ->
|
||||||
UtcTime = get_utc_validity(Certificate),
|
UtcTime = get_utc_validity(Certificate),
|
||||||
%% TODO: Find a library function to decode utc time
|
%% TODO: Find a library function to decode utc time
|
||||||
@ -426,7 +434,12 @@ get_notAfter(Certificate) ->
|
|||||||
[YEAR, [MO1,MO2], [D1,D2],
|
[YEAR, [MO1,MO2], [D1,D2],
|
||||||
[H1,H2], [MI1,MI2], [S1,S2]])),
|
[H1,H2], [MI1,MI2], [S1,S2]])),
|
||||||
|
|
||||||
NotAfter.
|
case close_to_expire(UtcTime, 0) of
|
||||||
|
true ->
|
||||||
|
{expired, NotAfter};
|
||||||
|
false ->
|
||||||
|
{ok, NotAfter}
|
||||||
|
end.
|
||||||
|
|
||||||
-spec get_utc_validity(#'Certificate'{}) -> string().
|
-spec get_utc_validity(#'Certificate'{}) -> string().
|
||||||
get_utc_validity(#'Certificate'{tbsCertificate = TbsCertificate}) ->
|
get_utc_validity(#'Certificate'{tbsCertificate = TbsCertificate}) ->
|
||||||
|
Loading…
Reference in New Issue
Block a user