Comparison

mod_checkcerts/mod_checkcerts.lua @ 943:a8203db13ca2

mod_checkcerts: Modify wording a bit.
author Kim Alvefur <zash@zash.se>
date Fri, 29 Mar 2013 15:16:00 +0100
parent 941:a6c2345bcf87
child 1098:cbbeac61f1ab
comparison
equal deleted inserted replaced
942:4fdcb5c35021 943:a8203db13ca2
39 local valid_at = cert.valid_at or cert.validat; 39 local valid_at = cert.valid_at or cert.validat;
40 if not valid_at then return end -- Broken or uncommon LuaSec version? 40 if not valid_at then return end -- Broken or uncommon LuaSec version?
41 41
42 -- This might be wrong if the certificate has NotBefore in the future. 42 -- This might be wrong if the certificate has NotBefore in the future.
43 -- However this is unlikely to happen with CA-issued certs in the wild. 43 -- However this is unlikely to happen with CA-issued certs in the wild.
44 local notafter = cert.notafter and cert:notafter();
44 if not valid_at(cert, now) then 45 if not valid_at(cert, now) then
45 module:log("error", "The certificate %s has expired", certfile); 46 module:log("error", "The certificate %s has expired", certfile);
46 module:send(st.message({from=module.host,to=admin,type="chat"},("Certificate for host %s has expired!"):format(module.host))); 47 module:send(st.message({from=module.host,to=admin,type="chat"},("Certificate for host %s has expired!"):format(module.host)));
47 elseif not valid_at(cert, now+86400*7) then 48 elseif not valid_at(cert, now+86400*7) then
48 module:log("warn", "The certificate %s will expire this week", certfile); 49 module:log("warn", "The certificate %s will expire %s", certfile, notafter or "this week");
49 for _,admin in ipairs(module:get_option_array("admins", {})) do 50 for _,admin in ipairs(module:get_option_array("admins", {})) do
50 module:send(st.message({from=module.host,to=admin,type="chat"},("Certificate for host %s is about to expire!"):format(module.host))); 51 module:send(st.message({from=module.host,to=admin,type="chat"},("Certificate for host %s will expire %s!"):format(module.host, notafter or "this week")));
51 end 52 end
52 elseif not valid_at(cert, now+86400*30) then 53 elseif not valid_at(cert, now+86400*30) then
53 module:log("warn", "The certificate %s will expire later this month", certfile); 54 module:log("warn", "The certificate %s will expire later this month", certfile);
54 else 55 else
55 module:log("info", "The certificate %s is valid until %s", certfile, cert.notafter and cert:notafter() or "later"); 56 module:log("info", "The certificate %s is valid until %s", certfile, notafter or "later");
56 end 57 end
57 end 58 end
58 end 59 end
59 60
60 module:hook_global("config-reloaded", check_certs_validity); 61 module:hook_global("config-reloaded", check_certs_validity);