First develop

Author: Tetsuya NAKAMURA

.gitignore

@@ -0,0 +1,75 @@
+
+# Created by https://www.gitignore.io/api/go,vim,macos,visualstudiocode
+
+### Go ###
+# Binaries for programs and plugins
+*.exe
+*.dll
+*.so
+*.dylib
+
+# Test binary, build with `go test -c`
+*.test
+
+# Output of the go coverage tool, specifically when used with LiteIDE
+*.out
+
+# Project-local glide cache, RE: https://github.com/Masterminds/glide/issues/736
+.glide/
+
+### macOS ###
+*.DS_Store
+.AppleDouble
+.LSOverride
+
+# Icon must end with two \r
+Icon
+
+# Thumbnails
+._*
+
+# Files that might appear in the root of a volume
+.DocumentRevisions-V100
+.fseventsd
+.Spotlight-V100
+.TemporaryItems
+.Trashes
+.VolumeIcon.icns
+.com.apple.timemachine.donotpresent
+
+# Directories potentially created on remote AFP share
+.AppleDB
+.AppleDesktop
+Network Trash Folder
+Temporary Items
+.apdisk
+
+### Vim ###
+# swap
+[._]*.s[a-v][a-z]
+[._]*.sw[a-p]
+[._]s[a-v][a-z]
+[._]sw[a-p]
+# session
+Session.vim
+# temporary
+.netrwhist
+*~
+# auto-generated tag files
+tags
+
+### VisualStudioCode ###
+.vscode/*
+!.vscode/settings.json
+!.vscode/tasks.json
+!.vscode/launch.json
+!.vscode/extensions.json
+.history
+
+# End of https://www.gitignore.io/api/go,vim,macos,visualstudiocode
+
+### build ###
+/check-cert-expire
+/check-cert-expire.exe
+/release
+/build

Makefile

@@ -0,0 +1,77 @@
+NAME := check-cert-expire
+VERSION := 0.1.0
+
+.PHONY: \
+	all \
+	release_dir \
+	linux64 \
+	linux386 \
+	darwin64 \
+	darwin386 \
+	windows64 \
+	windows386 \
+	source \
+	clean
+
+all: linux64 linux386 darwin64 darwin386 windows64 windows386
+
+release_dir:
+	mkdir -p ./release
+
+linux64: release_dir
+	$(eval GOOS := linux)
+	$(eval GOARCH := amd64)
+	$(eval TARGET := ${NAME}_${VERSION}_${GOOS}_${GOARCH})
+	mkdir -p ./build/${TARGET}
+	GOOS=${GOOS} GOARCH=${GOARCH} go build -o ./build/${TARGET}/${NAME}
+	cd ./build && zip -r ${TARGET}.zip ${TARGET}
+	mv ./build/${TARGET}.zip ./release/
+
+linux386: release_dir
+	$(eval GOOS := linux)
+	$(eval GOARCH := 386)
+	$(eval TARGET := ${NAME}_${VERSION}_${GOOS}_${GOARCH})
+	mkdir -p ./build/${TARGET}
+	GOOS=${GOOS} GOARCH=${GOARCH} go build -o ./build/${TARGET}/${NAME}
+	cd ./build && zip -r ${TARGET}.zip ${TARGET}
+	mv ./build/${TARGET}.zip ./release/
+
+darwin64: release_dir
+	$(eval GOOS := darwin)
+	$(eval GOARCH := amd64)
+	$(eval TARGET := ${NAME}_${VERSION}_${GOOS}_${GOARCH})
+	mkdir -p ./build/${TARGET}
+	GOOS=${GOOS} GOARCH=${GOARCH} go build -o ./build/${TARGET}/${NAME}
+	cd ./build && zip -r ${TARGET}.zip ${TARGET}
+	mv ./build/${TARGET}.zip ./release/
+
+darwin386: release_dir
+	$(eval GOOS := darwin)
+	$(eval GOARCH := 386)
+	$(eval TARGET := ${NAME}_${VERSION}_${GOOS}_${GOARCH})
+	mkdir -p ./build/${TARGET}
+	GOOS=${GOOS} GOARCH=${GOARCH} go build -o ./build/${TARGET}/${NAME}
+	cd ./build && zip -r ${TARGET}.zip ${TARGET}
+	mv ./build/${TARGET}.zip ./release/
+
+windows64: release_dir
+	$(eval GOOS := windows)
+	$(eval GOARCH := amd64)
+	$(eval TARGET := ${NAME}_${VERSION}_${GOOS}_${GOARCH})
+	mkdir -p ./build/${TARGET}
+	GOOS=${GOOS} GOARCH=${GOARCH} go build -o ./build/${TARGET}/${NAME}.exe
+	cd ./build && zip -r ${TARGET}.zip ${TARGET}
+	mv ./build/${TARGET}.zip ./release/
+
+windows386: release_dir
+	$(eval GOOS := windows)
+	$(eval GOARCH := 386)
+	$(eval TARGET := ${NAME}_${VERSION}_${GOOS}_${GOARCH})
+	mkdir -p ./build/${TARGET}
+	GOOS=${GOOS} GOARCH=${GOARCH} go build -o ./build/${TARGET}/${NAME}.exe
+	cd ./build && zip -r ${TARGET}.zip ${TARGET}
+	mv ./build/${TARGET}.zip ./release/
+
+clean:
+	go clean
+	rm -rf ./build ./release

dial.go

@@ -0,0 +1,26 @@
+package main
+
+import (
+	"crypto/tls"
+	"time"
+)
+
+func Dial(srvName string, hostName string, port string, isInsecure bool) (*time.Time, error) {
+
+	tlsCfg := &tls.Config{
+		ServerName:         srvName,
+		InsecureSkipVerify: isInsecure,
+	}
+
+	conn, err := tls.Dial("tcp", hostName+":"+port, tlsCfg)
+	if err != nil {
+		return nil, err
+	}
+	defer conn.Close()
+
+	state := conn.ConnectionState()
+	certs := state.PeerCertificates
+	expire := &certs[0].NotAfter
+
+	return expire, nil
+}

dial_test.go

@@ -0,0 +1,18 @@
+package main
+
+import (
+	"fmt"
+	"testing"
+)
+
+func TestDial(t *testing.T) {
+
+	expire, err := Dial("google.com", "google.com", "443", false)
+
+	if err != nil {
+		fmt.Println(err)
+		t.Errorf("google.com's cert should not have error")
+	}
+
+	fmt.Println(expire)
+}

exit_status.go

@@ -0,0 +1,6 @@
+package main
+
+const (
+	ExitError  = 64
+	ExitExpire = 65
+)

help_template.go

@@ -0,0 +1,21 @@
+package main
+
+const HelpTemplate = `NAME:
+   {{.Name}} - {{.Usage}}
+   
+USAGE:
+   {{.HelpName}} [options] servername
+   {{if len .Authors}}
+AUTHOR:
+   {{range .Authors}}{{ . }}{{end}}
+   {{end}}{{if .Commands}}
+OPTIONS:
+   {{range .VisibleFlags}}{{.}}
+   {{end}}{{end}}{{if .Copyright }}
+COPYRIGHT:
+   {{.Copyright}}
+   {{end}}{{if .Version}}
+VERSION:
+   {{.Version}}
+	 {{end}}
+`

main.go

@@ -0,0 +1,106 @@
+package main
+
+import (
+	"fmt"
+	"os"
+	"time"
+
+	"github.com/urfave/cli"
+)
+
+func main() {
+	app := cli.NewApp()
+
+	// App meta
+	app.Name = Name
+	app.Version = Version
+	app.Authors = []cli.Author{
+		cli.Author{
+			Name:  AuthorName,
+			Email: AuthorEmail,
+		},
+	}
+	app.Usage = Usage
+	app.UsageText = fmt.Sprintf("%s [options] servername", Name)
+
+	// Flags
+	var (
+		srvName    string
+		hostName   string
+		port       string
+		delay      int
+		isInsecure bool
+		isSilent   bool
+	)
+
+	app.Flags = []cli.Flag{
+		cli.StringFlag{
+			Name:        "host, H",
+			Usage:       "target host for scanning",
+			Destination: &hostName,
+		},
+		cli.StringFlag{
+			Name:        "port, p",
+			Usage:       "ssl port",
+			Value:       "443",
+			Destination: &port,
+		},
+		cli.IntFlag{
+			Name:        "delay, d",
+			Usage:       "delay of expire",
+			Value:       0,
+			Destination: &delay,
+		},
+		cli.BoolFlag{
+			Name:        "insecure, k",
+			Usage:       "permit insecure cert",
+			Destination: &isInsecure,
+		},
+		cli.BoolFlag{
+			Name:        "silent, s",
+			Usage:       "enable silent mode",
+			Destination: &isSilent,
+		},
+	}
+
+	// Set HelpTemplate
+	cli.AppHelpTemplate = HelpTemplate
+
+	// Main action
+	app.Action = func(c *cli.Context) error {
+
+		// Args
+		if c.NArg() != 1 {
+			cli.ShowAppHelp(c)
+			return nil
+		}
+		srvName = c.Args().Get(0)
+
+		if hostName == "" {
+			hostName = srvName
+		}
+
+		// Dial
+		expire, err := Dial(srvName, hostName, port, isInsecure)
+		if err != nil {
+			if !isSilent {
+				fmt.Println(err)
+			}
+			return cli.NewExitError("", ExitError)
+		}
+
+		if !isSilent {
+			fmt.Println(expire)
+		}
+
+		// Check expire
+		limit := time.Now().AddDate(0, 0, delay).UTC()
+		if !expire.After(limit) {
+			return cli.NewExitError("", ExitExpire)
+		}
+
+		return nil
+	}
+
+	app.Run(os.Args)
+}

meta.go

@@ -0,0 +1,9 @@
+package main
+
+const (
+	Name        = "check-cert-expire"
+	Version     = "0.1.0"
+	Usage       = "Check weather a cert expires or not."
+	AuthorName  = "Tetsuya Nakamura"
+	AuthorEmail = "[email protected]"
+)