#!/usr/bin/perl -w
#
# Remind which x509 certificates are about to expire.
#
# Copyright (C) 2007 ASTER scpa [http://www.aster.it/]
#
# Released under the terms of the GPL version 2 or later
#
# Ver. 0.1
# ======================================================

use Date::Calc qw(
	Delta_Days
	Today
);

# ======================================================

my $CERTINDEX	= "/usr/local/admin/CA/index.txt";
my $EXPDAYS	= 7;
my $SUBJECT	= "Certificates about to expire";
my $RECIPIENT	= "admin\@nowhere.local";

my $RM		= "/bin/rm";
my $MAIL	= "/usr/bin/mail";
my $BODY	= "/tmp/ca-reminder";

# Open the certificates list
#
open(CERTS, $CERTINDEX) or die "Can't open certificates list: $!\n";
open(BODY, ">$BODY") or die "Can't open temporary file: $!\n";

my ($year, $month, $day) = Today;

# Parse the list of certificates
#

my $output = 0;		# Suppose there's nothing to warn about

while(<CERTS>) {
	next if /^$/;		# Skip empty lines
	next if /^R/;		# Skip revoked certificates

	chomp;

	# Get the expiration date
	#
	my $exp_year	= "1970";
	my $exp_month	= "01";
	my $exp_day	= "01";
	my $cn		= "";

	if (/^V\s+(..)(..)(..).+Z.+CN\=(.+)/) {
		$exp_year	= $1 + 2000;
		$exp_month	= $2;
		$exp_day	= $3;
		$cn		= $4;
	}

	# Evaluate the number of days left
	#
	$dd = Delta_Days($year, $month, $day, $exp_year, $exp_month, $exp_day);

	# Warn if the certificate is about to expire
	#
	if($dd < $EXPDAYS) {
		$output = 1;
		printf BODY "%-3s days: %s\n", $dd, $cn;
	}
}

if($output) { qx/$MAIL -s "$SUBJECT" $RECIPIENT < $BODY/; }

close(CERTS);
close(BODY);

qx/$RM $BODY/;

exit 0;