From d436e3cd9ab0d3d622734f6a8b4bfbc655175d31 Mon Sep 17 00:00:00 2001 From: alireza Date: Wed, 3 Oct 2018 16:46:18 -0700 Subject: [PATCH 1/2] added new script to do a health check on a remote site/host --- README.md | 2 + site_health.py | 113 +++++++++++++++++++++++++++++++++++++++++++++++++ 2 files changed, 115 insertions(+) create mode 100644 site_health.py diff --git a/README.md b/README.md index cd0d9fa34f4..eacfd41e8b6 100644 --- a/README.md +++ b/README.md @@ -62,3 +62,5 @@ In the scripts the comments and other documents are lined up correctly when they - [cricket_live_score](https://github.com/geekcomputers/Python/blob/master/Cricket_score.py) - Uses BeautifulSoup to provide live cricket score. - [youtube.py](https://github.com/geekcomputers/Python/blob/master/youtube.py) - Takes a song name as input and fetches the YouTube url of the best matching song and plays it. + +- [site_health.py](https://github.com/geekcomputers/Python/blob/master/youtube.py) - This script is very useful for when you just to do a health check on a remote server. diff --git a/site_health.py b/site_health.py new file mode 100644 index 00000000000..87447b72b09 --- /dev/null +++ b/site_health.py @@ -0,0 +1,113 @@ +#! /usr/bin/env python +"""This script is very useful to just to see get status/infromation about your host and it's certificate""" +from urllib.request import Request, urlopen, ssl, socket +from urllib.error import URLError, HTTPError +import os,json,hashlib, re + + +class ServerHealthCheck(): + + def __init__(self, base_url, port, tcp): + self.base_url=base_url + self.ip_now = self.obtain_ip() + self.port=port + self.tcp=tcp + self.url_path = self.tcp+"://"+base_url + self.ping_host() + self.obtain_http_info() + self.obtain_cert_info() + + + def obtain_ip(self): + print("__LOOKUP____________________________________________") + currnet_ip = socket.gethostbyname(self.base_url) + print("ip: "+currnet_ip) + print("FQDN: "+socket.getfqdn(self.base_url)) + distinct_ips = [] + # 0,0,0,0 is for (family, type, proto, canonname, sockaddr) + socket_info = socket.getaddrinfo(self.base_url,0,0,0,0) + for result in socket_info: + ns_ip = result[4][0] + if distinct_ips.count(ns_ip)==0: + distinct_ips.append(ns_ip) + print(ns_ip) + distinct_ips = list(set(distinct_ips)) + return currnet_ip + + def ping_host(self): + #ping reesult + print("\n\n"+"__PING INFO____________________________________________") + response = os.system("ping -c 1 " + self.ip_now) + #and then check the response... + if response == 0: + print("server "+ self.base_url+": is up ") + else: + print("server "+ self.base_url+": is DOWN !!!") + + def obtain_http_info(self): + print("__SSL/TLS INFO____________________________________________") + + req = Request(self.url_path) + try: + response = urlopen(req,context=ssl._create_unverified_context()) + #htmlSource = response.read() + except HTTPError as e: + print('The server couldn\'t fulfill the request.') + print('Error code: ', e.code) + except URLError as e: + print('We failed to reach a server.') + print('Reason: ', e.reason) + else: + print("http code:"+str(response.getcode()) ) + + def obtain_cert_info(self): + + context = ssl.create_default_context() + with socket.create_connection((self.base_url, self.port)) as socket_connection: + with context.wrap_socket(socket_connection, server_hostname=self.base_url) as server_socket: + #uncomment to print everything + #print(json.dumps(server_socket.getpeercert() , indent=2, sort_keys=True)) + + cert_info = server_socket.getpeercert() + subject = dict(x[0] for x in cert_info['subject']) + issued_to = subject['commonName'] + issuer = dict(x[0] for x in cert_info['issuer']) + issued_by = issuer['commonName'] + valid_from =cert_info['notBefore'] + valid_to = cert_info['notAfter'] + serial_number =cert_info['serialNumber'] + + + + der_cert = server_socket.getpeercert(False) + der_cert_bin = server_socket.getpeercert(True) + + pem_cert = ssl.DER_cert_to_PEM_cert(server_socket.getpeercert(True)) + # uncomment the below line if you want to see the actual public cert + #print("certificate pub:",pem_cert) + thumb_md5 = hashlib.md5(der_cert_bin).hexdigest() + thumb_sha1 = hashlib.sha1(der_cert_bin).hexdigest() + thumb_sha256 = hashlib.sha256(der_cert_bin).hexdigest() + print("issued_to: " + issued_to) + print("issued_by: " + issued_by) + print("valid_from: " + valid_from) + print("valid_to: " + valid_from) + print("MD5: " + thumb_md5) + print("SHA1: " + thumb_sha1) + print("SHA256: " + thumb_sha256) + print ("cipher: "+str(server_socket.cipher())) + print("SSL/TLS version: "+server_socket.version()) + print("serial_number: "+serial_number) + # print(server_socket.shared_ciphers()) + server_socket.close() + + + +if __name__ == '__main__': + # DO NOT USE IP + + host_name = input("host name ? (example github.com) \n") + + prt = input("port ? \n") + tcp_it = "https" + serverHealthCheck = ServerHealthCheck(host_name, prt, tcp_it) From b6582e03e051555bccf79c02760019f7959f6f87 Mon Sep 17 00:00:00 2001 From: alireza Date: Wed, 3 Oct 2018 16:55:02 -0700 Subject: [PATCH 2/2] removed spaces and lines --- site_health.py | 14 ++++---------- 1 file changed, 4 insertions(+), 10 deletions(-) diff --git a/site_health.py b/site_health.py index 87447b72b09..d6ddc77994b 100644 --- a/site_health.py +++ b/site_health.py @@ -1,5 +1,8 @@ #! /usr/bin/env python -"""This script is very useful to just to see get status/infromation about your host and it's certificate""" +"""This script is very useful for when you just to do a health check on a remote server. It does the followings: + - NSLOOKUP + - PING to see if the site is up + - Certificate/SSL/TLS info """ from urllib.request import Request, urlopen, ssl, socket from urllib.error import URLError, HTTPError import os,json,hashlib, re @@ -16,7 +19,6 @@ def __init__(self, base_url, port, tcp): self.ping_host() self.obtain_http_info() self.obtain_cert_info() - def obtain_ip(self): print("__LOOKUP____________________________________________") @@ -46,7 +48,6 @@ def ping_host(self): def obtain_http_info(self): print("__SSL/TLS INFO____________________________________________") - req = Request(self.url_path) try: response = urlopen(req,context=ssl._create_unverified_context()) @@ -61,13 +62,11 @@ def obtain_http_info(self): print("http code:"+str(response.getcode()) ) def obtain_cert_info(self): - context = ssl.create_default_context() with socket.create_connection((self.base_url, self.port)) as socket_connection: with context.wrap_socket(socket_connection, server_hostname=self.base_url) as server_socket: #uncomment to print everything #print(json.dumps(server_socket.getpeercert() , indent=2, sort_keys=True)) - cert_info = server_socket.getpeercert() subject = dict(x[0] for x in cert_info['subject']) issued_to = subject['commonName'] @@ -76,12 +75,8 @@ def obtain_cert_info(self): valid_from =cert_info['notBefore'] valid_to = cert_info['notAfter'] serial_number =cert_info['serialNumber'] - - - der_cert = server_socket.getpeercert(False) der_cert_bin = server_socket.getpeercert(True) - pem_cert = ssl.DER_cert_to_PEM_cert(server_socket.getpeercert(True)) # uncomment the below line if you want to see the actual public cert #print("certificate pub:",pem_cert) @@ -102,7 +97,6 @@ def obtain_cert_info(self): server_socket.close() - if __name__ == '__main__': # DO NOT USE IP