From 909f02fc1d0b4e480d2d5052f96427a78c96d6ba Mon Sep 17 00:00:00 2001 From: berhsi Date: Tue, 10 Sep 2019 17:29:39 +0200 Subject: [PATCH] statusd.py: extend the logging logs now the common name and serial number from client certificate. display_peercert() new. --- statusd.py | 20 +++++++++++--------- 1 file changed, 11 insertions(+), 9 deletions(-) diff --git a/statusd.py b/statusd.py index e0f1462..deb876b 100755 --- a/statusd.py +++ b/statusd.py @@ -92,10 +92,13 @@ def print_ciphers(cipherlist): def display_peercert(cert): for i in cert.keys(): - print(i) - for j in cert[i]: - print('\t{}'.format(j)) - return + print('{}:'.format(i)) + if i in ('subject', 'issuer'): + for j in cert[i]: + print('\t{}'.format(j)) + else: + print('\t{}'.format(cert[i])) + return True def receive_buffer_is_valid(raw_data): @@ -208,10 +211,8 @@ def main(): 'VERBOSITY': 'info' } CONFIG_FILE = './statusd.conf' - FINGERPRINT = \ - '35:8E:35:FA:58:0A:DD:2B:C8:6A:F9:EA:A3:7B:10:F5:62:89:AB:D0:AB:53:3E:B5:8B:AB:E1:23:CF:93:F5:F9' - loglevel = logging.DEBUG + loglevel = logging.INFO logging.basicConfig(format='%(levelname)s: %(message)s', level=loglevel) read_config(CONFIG_FILE, CONFIG) print_config(CONFIG) @@ -255,7 +256,9 @@ def main(): try: conn = context.wrap_socket(fromSocket, server_side = True) # display_peercert(conn.getpeercert()) - logging.debug('SSL established. Peer: {}'.format(conn.getpeercert())) + logging.info('SSL connection established') + logging.info('commonName: {}'.format(conn.getpeercert()['subject'][5][0][1])) + logging.info('serialNumber: {}'.format(conn.getpeercert()['serialNumber'])) except Exception as e: logging.error('SSL handshake failed: {}'.format(e)) raw_data = conn.recv(1) @@ -276,7 +279,6 @@ def main(): conn.send(b'\x03') sleep(0.1) # protection against dos except KeyboardInterrupt: - print('\rExit') logging.info('Exit') exit() except Exception as e: