openssl binary replaced with golang crypto/x509 library
This commit is contained in:
Vitaliy Snurnitsin
parent
9b1b34d4c4
commit
77adc1108c
20
main.go
20
main.go
|
|
@ -4,8 +4,11 @@ import (
|
||||||
"bufio"
|
"bufio"
|
||||||
"bytes"
|
"bytes"
|
||||||
"context"
|
"context"
|
||||||
|
"crypto/x509"
|
||||||
"encoding/json"
|
"encoding/json"
|
||||||
|
"encoding/pem"
|
||||||
"fmt"
|
"fmt"
|
||||||
|
"io/ioutil"
|
||||||
"net"
|
"net"
|
||||||
"net/http"
|
"net/http"
|
||||||
"os"
|
"os"
|
||||||
|
|
@ -1263,16 +1266,21 @@ func getOvpnCaCertExpireDate() time.Time {
|
||||||
}
|
}
|
||||||
|
|
||||||
caCertPath := *easyrsaDirPath + "/pki/ca.crt"
|
caCertPath := *easyrsaDirPath + "/pki/ca.crt"
|
||||||
caCertExpireDate := runBash(fmt.Sprintf("openssl x509 -in %s -noout -enddate | awk -F \"=\" {'print $2'}", caCertPath))
|
caCert, err := ioutil.ReadFile(caCertPath)
|
||||||
|
|
||||||
dateLayout := "Jan 2 15:04:05 2006 MST"
|
|
||||||
t, err := time.Parse(dateLayout, strings.TrimSpace(caCertExpireDate))
|
|
||||||
if err != nil {
|
if err != nil {
|
||||||
log.Errorf("WARNING: can`t parse expire date for CA cert: %v\n", err)
|
log.Errorf("error read file %s: %s", caCertPath, err.Error())
|
||||||
|
}
|
||||||
|
|
||||||
|
certPem, _ := pem.Decode(caCert)
|
||||||
|
certPemBytes := certPem.Bytes
|
||||||
|
|
||||||
|
cert, err := x509.ParseCertificate(certPemBytes)
|
||||||
|
if err != nil {
|
||||||
|
log.Errorf("error parse certificate ca.crt: %s", err.Error())
|
||||||
return time.Now()
|
return time.Now()
|
||||||
}
|
}
|
||||||
|
|
||||||
return t
|
return cert.NotAfter
|
||||||
}
|
}
|
||||||
|
|
||||||
// https://community.openvpn.net/openvpn/ticket/623
|
// https://community.openvpn.net/openvpn/ticket/623
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue