与EPOCH进行日期比较以找到bash脚本中的到期日期

时间:2017-09-15 14:52:37

标签: bash 

#!/bin/bash
for ADDR in `netstat -plant|grep LISTEN|grep http|awk '{print $4}'|egrep -v ':80$|:5555$'|sort -u`; do
  EXPDATE=`openssl s_time 2>/dev/null | openssl s_client -connect $ADDR 2>/dev/null | openssl x509 -dates 2>/dev/null | grep ^notA | cut -f2 -d= | sed -e "s/ GMT//"`
  printf "\t\t\t|%s\t|%s\t|\t%s\t|\n" "$ADDR" "$EXPDATE"
done

EXPDATES="$(echo "$EXPDATE" | awk '{print $1,$2,$4,$3}')"
CURREPOCH="$(date +%s)"

for i in "$EXPDATES"; do
  CREXPEPOCH="$(date +%s -d "$i")"
  if [[ "$CURREPOCH" -gt "$CREXPEPOCH" ]]; then
    echo "No Expiry Found."
  else
    echo "Cert expired"
  fi
done

在这里,我从EXPDATE获取日期,该日期有多个日期值,如下所示,

Jul 12 12:00:00 2019
Jun 18 12:00:00 2019
May  8 00:00:00 2018
Nov 14 00:00:00 2017

并且,转换到EPOCH时间以便与当前的EPOCH进行更好的比较..

如果找到过去的日期,脚本应返回"已过期",否则"未找到到期日" ..

我尝试了以上脚本无法正常工作..

我怎么能这样做?有什么帮助吗?

1 个答案:

答案 0 :(得分:0)

下面跟踪数组中的内容,而不是尝试将字符串滥用为可迭代。

#!/usr/bin/env bash

# return all addresses that smell like HTTP
get_addrs() {
  netstat -plant \
  | awk '/LISTEN/ && /http/ && ! ($4 ~ /:(80|5555)$/) { print $4; }' \
  | sort -u
}

# Given a local server address, return a usable client address
# converts wildcard addresses to loopback ones.
clientAddr() {
  local addr=$1
  case $addr in
    0.0.0.0:*) addr=127.0.0.1:${addr#0.0.0.0:} ;;
    :::*)      addr='localhost:'"${addr#:::}"  ;;
  esac
  printf '%s\n' "$addr"
}

# Given a local address that runs a HTTPS server, return the last valid date for its certificate
endDateForAddr() {
  local addr endDate
  addr=$(clientAddr "$1") || return
  endDate=$(openssl s_client -connect "${addr}" </dev/null 2>/dev/null \
            | openssl x509 -dates \
            | awk -F= '/^notAfter/ { print $2; exit }')
  [[ $endDate ]] && printf '%s\n' "$endDate"
}

# Loop over our local HTTPS services...
expDates=( )
while read -r addr; do
  # find an address we can use to refer to each...
  addr=$(clientAddr "$addr") || continue
  # ...and use that to find its certificate expirey date.
  result=$(endDateForAddr "$addr") || continue
  # then add that to our array.
  expDates+=( "$result" )
done < <(get_addrs)

# in bash 4.3, this is more efficiently written: printf -v curr_epoch '%(%s)T' -1
curr_epoch="$(date +%s)"

for expdate in "${expDates[@]}"; do
  exp_epoch=$(date +%s -d "$expdate")
  if (( curr_epoch > exp_epoch )); then
    echo "$expdate is in the past"
  else
    echo "$expdate is in the future"
  fi
done

...它的输出(截至本文时正确):

Jul 12 12:00:00 2019 is in the future
Jun 18 12:00:00 2019 is in the future
May  8 00:00:00 2018 is in the future
Nov 14 00:00:00 2017 is in the future
相关问题
最新问题