C3L-NOC/tls-expiry-tracker Changeset - c2c6882a8ded · Chaos Computer Club Lëtzebuerg Projects

Changeset - c2c6882a8ded

Parent rev.

Child rev.

[Not reviewed]

0 2 0

x - 11 months ago 2024-05-09 18:33:34
xbr@c3l.lu

fix: use UTC for datetime + cryptography DeprecationWarning

2 files changed with 2 insertions and 2 deletions:

backend/tls_utils.py

backend/web.py

0 comments (0 inline, 0 general)

backend/tls_utils.py

➞

Show inline comments

@@ @@ -21,25 +21,25 @@ class TLSDetails: @@
         self.connection_error = connection_error
     def print(self, console: Console):
         if self.connection_error:
             console.log("[orange bold underline]" + self.domain_name, self.error_message, style="orange")
         elif self.error_message != None:
             console.log("[red bold underline]" + self.domain_name, self.error_message, style="red")
         elif self.expires_in_days < 0:
             console.log("[red bold underline]" + self.domain_name, "expired", abs(self.expires_in_days), "days ago.", style="red")
         else:
             console.log("[green bold underline]" + self.domain_name, "expires in", self.expires_in_days, "days", style="green")
 def get_expiry_timestamps(expiry_timestamp: int, now_timestamp: int = datetime.datetime.now().timestamp()) -> tuple[bool, int]:
+def get_expiry_timestamps(expiry_timestamp: int, now_timestamp: int = datetime.datetime.now(datetime.UTC).timestamp()) -> tuple[bool, int]:
     seconds_left = expiry_timestamp - now_timestamp
     days_left = math.floor(seconds_left / 86400)
     return (seconds_left >= 0, days_left)
 def get_validity_days(cert) -> tuple[bool, int]:
     # Get expiry date
     notAfter = cert['notAfter']
     notAfter_date = datetime.datetime.strptime(notAfter, '%b %d %H:%M:%S %Y %Z')
     # datetime to UNIX time
     notAfter_timestamp = notAfter_date.timestamp()
     expiry = get_expiry_timestamps(notAfter_timestamp)

backend/web.py

➞

Show inline comments

@@ @@ -13,25 +13,25 @@ class SSLHandler: @@
         self.port = port
         self.context = context
     def connect(self, verification: bool) -> int:
         if verification:
             with self.context.wrap_socket(socket.socket(), server_hostname=self.host) as s:
                 s.connect((self.host, self.port))
                 cert = s.getpeercert()
                 return tls_utils.get_validity_days(cert)[1]
         else:
             pem_cert = ssl.get_server_certificate((self.host, self.port), timeout=5)
             cert = x509.load_pem_x509_certificate(pem_cert.encode())
-            not_after = cert.not_valid_after.timestamp()
+            not_after = cert.not_valid_after_utc.timestamp()
             return tls_utils.get_expiry_timestamps(not_after)[1]
 class SSLVerificator:
     def __init__(self, context: ssl.SSLContext):
         self.context = context
     def connect(self, domain: str, port: int) -> TLSDetails:
         handler = SSLHandler(domain, port, self.context)
         try:
             expiry = handler.connect(True)
             return TLSDetails(domain_name=domain, expires_in_days=expiry)
         except ssl.SSLCertVerificationError as e:

0 comments (0 inline, 0 general)