kellya/checkcert
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

refactor: use Any as a workaround for specific types that haven't been imported yet

Browse source
This commit is contained in:
Alex Kelly 2021-10-01 17:00:32 -04:00
commit 61a92c5c63
1 changed files with 7 additions and 10 deletions
Download patch file Download diff file Expand all files Collapse all files

17
checkcert/checkcert.py
View file

@ -2,6 +2,7 @@
from collections import namedtuple from collections import namedtuple
import concurrent.futures import concurrent.futures
from socket import socket from socket import socket
from typing import List, Tuple, Any
import click import click
from OpenSSL import SSL from OpenSSL import SSL
from OpenSSL import crypto from OpenSSL import crypto
@ -12,9 +13,7 @@ import idna
__version__ = "0.4.0" __version__ = "0.4.0"
HostInfo = namedtuple( HostInfo = namedtuple("HostInfo", ["cert", "hostname", "peername", "is_valid"])
field_names="cert hostname peername is_valid", typename="HostInfo"
)
def get_certificate(hostname: str, port: int) -> HostInfo: def get_certificate(hostname: str, port: int) -> HostInfo:
@ -25,8 +24,6 @@ def get_certificate(hostname: str, port: int) -> HostInfo:
sock.connect((hostname, port)) sock.connect((hostname, port))
peername = sock.getpeername() peername = sock.getpeername()
ctx = SSL.Context(SSL.SSLv23_METHOD) # most compatible ctx = SSL.Context(SSL.SSLv23_METHOD) # most compatible
ctx.check_hostname = False
ctx.verify_mode = SSL.VERIFY_NONE
sock_ssl = SSL.Connection(ctx, sock) sock_ssl = SSL.Connection(ctx, sock)
sock_ssl.set_connect_state() sock_ssl.set_connect_state()
sock_ssl.set_tlsext_host_name(hostname_idna) sock_ssl.set_tlsext_host_name(hostname_idna)
@ -44,7 +41,7 @@ def get_certificate(hostname: str, port: int) -> HostInfo:
) )
def get_alt_names(cert: str) -> str: def get_alt_names(cert: Any) -> Any:
"""retrieve the SAN values for given cert""" """retrieve the SAN values for given cert"""
try: try:
ext = cert.extensions.get_extension_for_class(x509.SubjectAlternativeName) ext = cert.extensions.get_extension_for_class(x509.SubjectAlternativeName)
@ -53,12 +50,12 @@ def get_alt_names(cert: str) -> str:
return None return None
def get_x509_text(cert: str) -> str: def get_x509_text(cert: Any) -> Any:
"""return the human-readable text version of the certificate""" """return the human-readable text version of the certificate"""
return crypto.dump_certificate(crypto.FILETYPE_TEXT, cert) return crypto.dump_certificate(crypto.FILETYPE_TEXT, cert)
def get_common_name(cert: str) -> str: def get_common_name(cert: Any) -> Any:
"""Return the common name from the certificate""" """Return the common name from the certificate"""
try: try:
names = cert.subject.get_attributes_for_oid(NameOID.COMMON_NAME) names = cert.subject.get_attributes_for_oid(NameOID.COMMON_NAME)
@ -67,7 +64,7 @@ def get_common_name(cert: str) -> str:
return None return None
def get_issuer(cert: str) -> str: def get_issuer(cert: Any) -> Any:
"""Return the name of the CA/Issuer of the certificate""" """Return the name of the CA/Issuer of the certificate"""
try: try:
names = cert.issuer.get_attributes_for_oid(NameOID.COMMON_NAME) names = cert.issuer.get_attributes_for_oid(NameOID.COMMON_NAME)
@ -76,7 +73,7 @@ def get_issuer(cert: str) -> str:
return None return None
def get_host_list_tuple(hosts: list) -> list: def get_host_list_tuple(hosts: list) -> List[Tuple[str, int]]:
"""create a tuple of host and port based on hosts given to us in the form """create a tuple of host and port based on hosts given to us in the form
host:port host:port
""" """