12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061 |
- #!/bin/bash
-
- . "$(sfpath)" || exit 3
-
- shellfu import pretty
-
- usage() {
- mkusage "[-d] SERVER:PORT"
- }
-
- cached() {
- local cache_size # size of cache, just to help debugging
- cache_size=$(stat -c %s "$Cache")
- debug -v Cache cache_size
- if test "$cache_size" -gt 0;
- then
- debug "using cache ($cache_size bytes)"
- cat "$Cache"
- else
- debug "building cache"
- get_cert | tee "$Cache"
- fi
- }
-
- get_cert() {
- debug heya
- </dev/null openssl s_client -connect "$Conn" 2>/dev/null
- }
-
- get_fp() {
- local fun="$1"
- debug -v Conn fun
- cached get_cert \
- | openssl x509 -noout -"$fun" -fingerprint 2>/dev/null
- }
-
- get_fps() {
- get_fp md5
- get_fp sha1
- get_fp sha256
- }
-
- main() {
- local Conn # connection target (SERVER:PORT)
- local Cache # cert cache (for re-computing hashes)
- local es # exit status
- #shellcheck disable=SC2034
- while true; do case "$1" in
- *:*) Conn="$1"; shift ;;
- -d) PRETTY_DEBUG=true; shift ;;
- "") break ;;
- *) usage ;;
- esac done
- test -n "$Conn" || usage
- Cache="$(mktemp -t ssl_fp.cache.XXXXXXXX)"
- get_fps; es=$?
- rm -f "$Cache"
- return "$es"
- }
-
- main "$@"
|