import logging
from socket import socket, AF_INET6, AF_INET, create_connection
-from ssl import SSLContext, PROTOCOL_TLSv1_2, CERT_REQUIRED, cert_time_to_seconds, SSLError, CertificateError, create_default_context
-from unbound import ub_ctx, ub_strerror
+from ssl import SSLError, CertificateError, SSLContext
+from ssl import PROTOCOL_TLSv1_2, CERT_REQUIRED
+from unbound import ub_ctx
from check_dane.tlsa import verify_tlsa_record
from check_dane.cert import verify_certificate, add_certificate_options
connection = sslcontext.wrap_socket(socket(AF_INET),
server_hostname=host)
connection.connect((host, port))
+ answer = connection.recv(512)
+ logging.debug(answer)
+
+ connection.send(b"EHLO localhost\r\n")
+ answer = connection.recv(512)
+ logging.debug(answer)
else:
port = 25 if args.port == 0 else args.port
connection = sslcontext.wrap_socket(connection, server_hostname=host)
connection.do_handshake()
+ connection.send(b"EHLO localhost\r\n")
+ answer = connection.recv(512)
+ logging.debug(answer)
+
return connection
return 2
retval = verify_certificate(connection.getpeercert(), args)
- nretval = verify_tlsa_record(resolver, "_%d._tcp.%s" % (port, host), connection.getpeercert(binary_form=True))
+ nretval = verify_tlsa_record(resolver, "_%d._tcp.%s" % (port, host),
+ connection.getpeercert(binary_form=True))
retval = max(retval, nretval)
close_connection(connection)
projects / dane-monitoring-plugins.git / blobdiff