File tree Expand file tree Collapse file tree 1 file changed +6
-3
lines changed
Expand file tree Collapse file tree 1 file changed +6
-3
lines changed Original file line number Diff line number Diff line change @@ -9914,16 +9914,19 @@ certificate_info() {
99149914 check_pwnedkeys "$HOSTCERT" "$cert_key_algo" "$cert_keysize"
99159915 case "$?" in
99169916 0) outln "not checked"; fileout "pwnedkeys${json_postfix}" "INFO" "not checked" ;;
9917- 1) pr_svrty_good "not in database"; fileout "pwnedkeys${json_postfix}" "OK" "not in database" ;;
9918- 2) pr_svrty_critical "NOT ok --"; outln " key appears in database"; fileout "pwnedkeys${json_postfix}" "CRITICAL" "private key is known" ;;
9917+ 1) prln_svrty_good "not in database"; fileout "pwnedkeys${json_postfix}" "OK" "not in database" ;;
9918+ 2) pr_svrty_critical "NOT ok --"; outln " key appears in database"
9919+ fileout "pwnedkeys${json_postfix}" "CRITICAL" "private key is known" ;;
99199920 7) prln_warning "error querying https://v1.pwnedkeys.com"; fileout "pwnedkeys${json_postfix}" "WARN" "connection error" ;;
99209921 esac
99219922 fi
99229923
99239924 out "$indent"; pr_bold " Certificate Revocation List "
99249925 jsonID="cert_crlDistributionPoints"
99259926 # ~ get next 50 lines after pattern , strip until Signature Algorithm and retrieve URIs
9926- crl="$(awk '/X509v3 CRL Distribution/{i=50} i&&i--' <<< "$cert_txt" | awk '/^$|^.*Name.*$|^.*Reasons.*$|^.*CRL Issuer.*$/,/^ [a-zA-Z0-9]+|^ Signature Algorithm:/' | awk -F'URI:' '/URI/ { print $2 }')"
9927+ crl="$(awk '/X509v3 CRL Distribution/{i=50} i&&i--' <<< "$cert_txt" | \
9928+ awk '/^$|^.*Name.*$|^.*Reasons.*$|^.*CRL Issuer.*$/,/^ [a-zA-Z0-9]+|^ Signature Algorithm:/' | \
9929+ awk -F'URI:' '/URI/ { print $2 }')"
99279930 if [[ -z "$crl" ]] ; then
99289931 fileout "${jsonID}${json_postfix}" "INFO" "--"
99299932 outln "--"
You can’t perform that action at this time.
0 commit comments