X-Git-Url: https://git.siccegge.de//index.cgi?p=tools.git;a=blobdiff_plain;f=tls-check;fp=tls-check;h=d8bdc9b2c18158281cde21b567029ff6d2a3a03c;hp=46100633dae58e9d5aa7cf5072ad945818267861;hb=71aba94cf046d40bbc758fe3e2490425488d55e2;hpb=46c2647692ccd87951a86e04c2c6c63b6f65ec2b diff --git a/tls-check b/tls-check index 4610063..d8bdc9b 100644 --- a/tls-check +++ b/tls-check @@ -3,7 +3,7 @@ from __future__ import print_function from optparse import OptionParser from ssl import SSLContext, PROTOCOL_TLSv1_2, CERT_REQUIRED, cert_time_to_seconds, SSLError, CertificateError -from socket import socket, AF_INET6 +from socket import socket, AF_INET6, create_connection from datetime import datetime, timedelta from smtplib import SMTP import yaml @@ -23,7 +23,29 @@ class Verifier: if hasattr(self, 'remote_check_%s' % proto): getattr(self, 'remote_check_%s' % proto)(context, host, port, name) - def remote_check_smtp(self, context, host, port): + def remote_check_xmpp(self, context, host, port, name): + xmpp_open = ("" ) + xmpp_starttls = "" + + connection = create_connection((host, port)) + connection.sendall(xmpp_open.format(name).encode('utf-8')) + response = connection.recv(4096).decode('utf-8') + + if not '' in response: + response = response + connection.recv(4096).decode('utf-8') + + connection.sendall(xmpp_starttls.encode('utf-8')) + response = response + "\n\n" + connection.recv(4096).decode('utf-8') + + connection = context.wrap_socket(connection, server_hostname=name) + connection.do_handshake() + + cert = connection.getpeercert() + return self.check_cert(cert, host, port, name) + + def remote_check_smtp(self, context, host, port, name): smtp = SMTP(host, port) try: smtp.starttls(context=context)