cert-expirations.sh: check CARP state only when checking ca and certs expirations
This commit is contained in:
parent
7382947fc3
commit
24249d829c
|
@ -12,6 +12,8 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
|
||||||
|
|
||||||
### Fixed
|
### Fixed
|
||||||
|
|
||||||
|
* cert-expirations.sh: check CARP state only when checking ca and certs expirations
|
||||||
|
|
||||||
### Removed
|
### Removed
|
||||||
|
|
||||||
### Security
|
### Security
|
||||||
|
|
|
@ -23,6 +23,16 @@ Usage: ${0} [--version]
|
||||||
END
|
END
|
||||||
}
|
}
|
||||||
|
|
||||||
|
check_carp_state() {
|
||||||
|
if [ "${SYSTEM}" = "openbsd" ]; then
|
||||||
|
carp=$(/sbin/ifconfig carp0 2>/dev/null | grep 'status' | cut -d' ' -f2)
|
||||||
|
|
||||||
|
if [ "$carp" = "backup" ]; then
|
||||||
|
exit 0
|
||||||
|
fi
|
||||||
|
fi
|
||||||
|
}
|
||||||
|
|
||||||
check_ca_expiration() {
|
check_ca_expiration() {
|
||||||
echo "CA certificate:"
|
echo "CA certificate:"
|
||||||
openssl x509 -enddate -noout -in ${cacert_path} \
|
openssl x509 -enddate -noout -in ${cacert_path} \
|
||||||
|
@ -79,15 +89,6 @@ check_certs_expiration() {
|
||||||
|
|
||||||
main() {
|
main() {
|
||||||
SYSTEM=$(uname | tr '[:upper:]' '[:lower:]')
|
SYSTEM=$(uname | tr '[:upper:]' '[:lower:]')
|
||||||
|
|
||||||
if [ "${SYSTEM}" = "openbsd" ]; then
|
|
||||||
carp=$(/sbin/ifconfig carp0 2>/dev/null | grep 'status' | cut -d' ' -f2)
|
|
||||||
|
|
||||||
if [ "$carp" = "backup" ]; then
|
|
||||||
exit 0
|
|
||||||
fi
|
|
||||||
fi
|
|
||||||
|
|
||||||
cacert_path="/etc/openvpn/ssl/ca/cacert.pem"
|
cacert_path="/etc/openvpn/ssl/ca/cacert.pem"
|
||||||
index_path="/etc/openvpn/ssl/ca/index.txt"
|
index_path="/etc/openvpn/ssl/ca/index.txt"
|
||||||
somedays="3456000" # 40 days currently
|
somedays="3456000" # 40 days currently
|
||||||
|
@ -107,6 +108,7 @@ main() {
|
||||||
;;
|
;;
|
||||||
|
|
||||||
"")
|
"")
|
||||||
|
check_carp_state
|
||||||
echo "Warning : all times are in UTC !"
|
echo "Warning : all times are in UTC !"
|
||||||
echo ""
|
echo ""
|
||||||
check_ca_expiration
|
check_ca_expiration
|
||||||
|
|
Loading…
Reference in a new issue