feat: add ability to output just the sans in a space separated list

tests: add test for --san-only
2021-10-04 09:58:43 -04:00 · 2021-10-04 09:58:43 -04:00 · 157da703b7
commit 157da703b7
parent 61a92c5c63
2 changed files with 17 additions and 1 deletions
--- a/checkcert/checkcert.py
+++ b/checkcert/checkcert.py
@ -109,8 +109,14 @@ def get_host_list_tuple(hosts: list) -> List[Tuple[str, int]]:
@click.option(
    "--valid/--no-valid", default=True, help="Show True/False for cert validity"
 )
+@click.option(
+    "--san-only",
+    "-o",
+    is_flag=True,
+    help="Output only the SAN names to use in passing to certbot for example",
+)
@click.argument("hosts", nargs=-1)
-def main(san, dump, color, filename, valid, hosts):
+def main(san, dump, color, filename, valid, san_only, hosts):
    """Return information about certificates given including their validity"""
    # setup the list of tuples
    # handle a domain given with a : in it to specify the port
@ -127,6 +133,10 @@ def main(san, dump, color, filename, valid, hosts):
            if dump:
                print(get_x509_text(hostinfo.cert).decode())
            else:
+                if san_only:
+                    san_names = " ".join(get_alt_names(hostinfo.cert))
+                    print(san_names)
+                    break
                output_string += (
                    f"{hostinfo.hostname} "
                    f"({hostinfo.peername[0]}:{hostinfo.peername[1]})\n"
--- a/tests/test_checkcert.py
+++ b/tests/test_checkcert.py
@ -48,6 +48,12 @@ def test_san():
    assert response.exit_code == 0


+def test_san_only():
+    """verify --san outputs correctly"""
+    response = runner.invoke(cert_main, ["www.franklin.edu", "--san-only"])
+    assert response.exit_code == 0
+
+
 def test_bad_cert():
    """verify an expired certificate works"""
    response = runner.invoke(cert_main, ["support.bluequill.com", "--san"])