From 4b2b8a95ff3fd4b46f74d52d7538e978eacbcce7 Mon Sep 17 00:00:00 2001
From: Jeremy Dubois <jdubois@evolix.fr>
Date: Fri, 18 Feb 2022 11:45:12 +0100
Subject: [PATCH] cert-expirations.sh: search for valid certificates in the
 index file rather than in a directory where files could be deleted with the
 certificates still being valids

---
 cert-expirations.sh | 12 +++++++-----
 1 file changed, 7 insertions(+), 5 deletions(-)

diff --git a/cert-expirations.sh b/cert-expirations.sh
index c59eea8..9e27dcc 100644
--- a/cert-expirations.sh
+++ b/cert-expirations.sh
@@ -16,9 +16,11 @@ openssl x509 -enddate -noout -in /etc/shellpki/cacert.pem \
 echo ""
 
 echo "Client certificates:"
-grep "Not After" -r /etc/shellpki/certs/ \
-    | sed -e "s/^.*certs\/\([-._@a-zA-Z0-9]*\).*After\ :\ \(.*\).*GMT$/\2\1X/" \
-    | sed -e "s/^\(.*\)\ \(20..\)\ \(.*\)$/- \2 \1 \3/" \
-    | tr "X" "\n" \
-    | sed '/^$/d' \
+cat /etc/shellpki/index.txt \
+    | grep ^V \
+    | awk -F "/" '{print $1,$5}' \
+    | awk '{print $2,$5}' \
+    | sed 's/CN=//' \
+    | sed -E 's/([[:digit:]]{2})([[:digit:]]{2})([[:digit:]]{2})([[:digit:]]{2})([[:digit:]]{2})([[:digit:]]{2})Z (.*)/- 20\1 \2 \3 \4:\5:\6 \7/' \
+    | awk '{if ($3 == "01") $3="Jan"; else if ($3 == "02") $3="Feb"; else if ($3 == "03") $3="Mar"; else if ($3 == "04") $3="Apr"; else if ($3 == "05") $3="May"; else if ($3 == "06") $3="Jun"; else if ($3 == "07") $3="Jul"; else if ($3 == "08") $3="Aug"; else if ($3 == "09") $3="Sep"; else if ($3 == "10") $3="Oct"; else if ($3 == "11") $3="Nov"; else if ($3 == "12") $3="Dec"; print $0;}' \
     | sort -n -k 2 -k 3M -k 4