-
Notifications
You must be signed in to change notification settings - Fork 11
/
Copy pathssl-service-check
110 lines (97 loc) · 2.77 KB
/
ssl-service-check
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
#!/bin/sh
#
# Program: SSL Site Check <ssl-site-check>
#
# Author: Matty < matty91 at gmail dot com >
#
# Current Version: 1.1
#
# Revision History:
#
# Version 1.1
# Make better use of global binary definitions -- Philipp Ottlinger
#
# Version 1.0
# Original release
#
# Last Updated: 03-23-2006
#
# Purpose:
# Connects to ${HOST} on ${PORT} and issues a GET / to check if
# a secure web server is responding. If the web server is hung, a
# message will be logged with the logadm utility, and an e-mail
# will be sent to the specified user. The host and port options
# are passed as options to the script.
#
# Requirements:
# Requires openssl
#
# Installation:
# Copy the shell script to a suitable location
#
# Example:
# $ ssl-service-check -s mail.prefetch.net -p 443
#
PATH=/bin:/usr/bin:/usr/local/ssl/bin:/usr/sfw/bin ; export PATH
# Where to send E-mail with results ( cmdline: -e )
ADMIN="root"
LOGGER="/usr/bin/logger"
MAIL="/usr/bin/mail"
OPENSSL="/usr/sfw/bin/openssl"
GREP="/usr/bin/grep"
# Temporary file
TMP="$HOME/connect.$$"
umask 077
touch ${TMP}
usage() {
echo "Usage: $0 [ -s server_name ] [ -p port ] [ -e email_address ]"
echo " -e email_address : Specifies who to send messages to when connection errors occur"
echo " -p port : Specifies the TCP port to connect to"
echo " -s server_name : Specifies the servername to connect to"
}
### Parse the options passed on the command line
while getopts p:s:e: option
do
case "${option}"
in
e) ADMIN=${OPTARG};;
p) PORT=${OPTARG};;
s) HOST=${OPTARG};;
\?) usage
exit 1;;
esac
done
### Make sure a host and port were passed as arguments
if [ "${HOST}" = "" ] || [ "${PORT}" = "" ];then
usage
exit 1
fi
### Check to see if the openssl binary exists
if [ -f ${OPENSSL} ]; then
:
else
echo "ERROR: The openssl binary does not exist in ${OPENSSL} ."
echo " FIX: Please modify the \$OPENSSL variable in the program header."
exit 1
fi
${OPENSSL} s_client -quiet -connect ${HOST}:${PORT} > ${TMP} 2>&1 << EOF
GET / HTTP/1.0
EOF
### Connect to the web server and issues an HTTP GET /. If the
### the server provides a valid response header, the 'Server:'
### attribute will be present in the header
if ${GREP} "Server:" ${TMP} > /dev/null; then
:
else
if [ -f ${LOGGER} ]
then
${LOGGER} -p daemon.notice "Failed to connect to ${HOST} on Port ${PORT}"
fi
if [ -f ${MAIL} ]; then
echo "Failed to initiate SSL connection to ${HOST} on ${PORT}" \
| ${MAIL} -s "$0: Failed to connect to secure server \
on ${HOST}:${PORT}" ${ADMIN}
fi
fi
### Remove the temporary file
rm -f ${TMP}