statusd.py: extend the logging

logs now the common name and serial number from client certificate. display_peercert() new.
This commit is contained in:
berhsi 2019-09-10 17:29:39 +02:00
parent fef38a278b
commit 909f02fc1d

View file

@ -92,10 +92,13 @@ def print_ciphers(cipherlist):
def display_peercert(cert):
for i in cert.keys():
print(i)
print('{}:'.format(i))
if i in ('subject', 'issuer'):
for j in cert[i]:
print('\t{}'.format(j))
return
else:
print('\t{}'.format(cert[i]))
return True
def receive_buffer_is_valid(raw_data):
@ -208,10 +211,8 @@ def main():
'VERBOSITY': 'info'
}
CONFIG_FILE = './statusd.conf'
FINGERPRINT = \
'35:8E:35:FA:58:0A:DD:2B:C8:6A:F9:EA:A3:7B:10:F5:62:89:AB:D0:AB:53:3E:B5:8B:AB:E1:23:CF:93:F5:F9'
loglevel = logging.DEBUG
loglevel = logging.INFO
logging.basicConfig(format='%(levelname)s: %(message)s', level=loglevel)
read_config(CONFIG_FILE, CONFIG)
print_config(CONFIG)
@ -255,7 +256,9 @@ def main():
try:
conn = context.wrap_socket(fromSocket, server_side = True)
# display_peercert(conn.getpeercert())
logging.debug('SSL established. Peer: {}'.format(conn.getpeercert()))
logging.info('SSL connection established')
logging.info('commonName: {}'.format(conn.getpeercert()['subject'][5][0][1]))
logging.info('serialNumber: {}'.format(conn.getpeercert()['serialNumber']))
except Exception as e:
logging.error('SSL handshake failed: {}'.format(e))
raw_data = conn.recv(1)
@ -276,7 +279,6 @@ def main():
conn.send(b'\x03')
sleep(0.1) # protection against dos
except KeyboardInterrupt:
print('\rExit')
logging.info('Exit')
exit()
except Exception as e: