Merge pull request #1 from lupinthe14th/develop

✨ New feature: supprt starttls
tcvem · Jul 4, 2019 · d4b0670 · d4b0670
2 parents a776003 + b41f20f
commit d4b0670
Show file tree

Hide file tree

Showing 5 changed files with 119 additions and 20 deletions.
diff --git a/.travis.yml b/.travis.yml
@@ -3,12 +3,23 @@ language: go
 go:
   - 1.12.x
   - master
+  - tip
 os:
   - linux
   - osx
 dist: trusty
 sudo: false
+before_install:
+  - go get golang.org/x/tools/cmd/cover
+  - go get github.com/mattn/goveralls
 install: true
 script:
   - env GO111MODULE=on go build
-  - env GO111MODULE=on go test
+  - env GO111MODULE=on go test -v -covermode=count -coverprofile=coverage.out
+  - $HOME/gopath/bin/goveralls
+    -coverprofile=coverage.out
+    -service=travis-ci
+    -repotoken $COVERALLS_TOKEN
+env:
+  global:
+    secure: "R+IoGNSttX4tTkDPha5gQOo+Hn3TfjzkWMXfGdu6r1XPYD5Fs8o+aw7rGiNYMVa40oxP54ilW7nlmQUNx/vJytVZWlyWWRfeadNi8VVdpET2BqaOR7U2u/dCHIUZz6FdbXAPMV4XS5blaHYKcQ5zltLb2AbRURFymNkjRlzsLTm8vikjxGPQBYG4LHOE0/piEWgrYHkIMxLlzXAwwnq0A7MeJ8X7qRDdXKIYWYPKhB/s/20h6XkJKELV6shZG21Jgk4dLySrvFSzogtVENWxy575n4N4dIylGBlfdmMqZAqZeiFdnIXYwKk1IoZtR4k1hYsgy2yky1nKGlDobZ+Ihmu553cB5tZo+GhBKzrelBkbxjcvV/P+e1tJK5snQeRNJVQdy2zPvGAHPJQetR+NhGvhb26qqyWZuKtVOv9G09Nh3dVNPIAkobruEpIE0f5wmt1Wt4B3TEqN+FhydQoEhCACacx8Q9B6/m2PVmHfT6SBUsMU/MD++Ztv+CGQEIkHwEIcAneZhoFuP7ZBGwmqlu1Us0HZ9x5GwDMxlLQaVfQJSHtUKL+A5MHXU+kVnOF/KzEsH/jpk+SJoUHUGRngmTi/Im39DcJznV0eNeHVGsBuoY4L+2sLXdqkd+i9w9BzVfY4SDXnechvWtjHIVs51DXJXumXTv3EAzgE0KE6I7Q="
diff --git a/README.md b/README.md
@@ -1,2 +1,5 @@
 # cTLS
 Check TLS Certificates expire
+
+[![Build Status](https://travis-ci.org/lupinthe14th/cTLS.svg?branch=master)](https://travis-ci.org/lupinthe14th/cTLS)
+[![Coverage Status](https://coveralls.io/repos/github/lupinthe14th/cTLS/badge.svg?branch=master)](https://coveralls.io/github/lupinthe14th/cTLS?branch=master)
diff --git a/go.mod b/go.mod
@@ -2,4 +2,7 @@ module github.com/lupinthe14th/cTLS
 
 go 1.12
 
-require github.com/sirupsen/logrus v1.4.2
+require (
+	github.com/sirupsen/logrus v1.4.2
+	github.com/stretchr/testify v1.2.2
+)
diff --git a/main.go b/main.go
@@ -3,7 +3,10 @@ package main
 import (
 	"crypto/tls"
 	"fmt"
+	"net"
+	"net/smtp"
 	"os"
+	"sync"
 	"time"
 
 	log "github.com/sirupsen/logrus"
@@ -13,16 +16,69 @@ func init() {
 	os.Setenv("GODEBUG", os.Getenv("GODEBUG")+",tls13=1")
 }
 
-func statePeerCertificateExpireDate(host, port string) (expireTime time.Time, err error) {
-	conn, err := tls.Dial("tcp", fmt.Sprint(host, ":", port), &tls.Config{})
+func startTLSConnectionState(host, port string) (state tls.ConnectionState, err error) {
+	addr := fmt.Sprint(host, ":", port)
+	// Dial the tcp connection
+	_, err = net.DialTimeout("tcp", addr, 10*time.Second)
+	if err != nil {
+		log.Errorf("net dial: %s", err)
+		return state, err
+	}
+	// Dial the SMTP server
+	conn, err := smtp.Dial(addr)
+	if err != nil {
+		log.Errorf("smtp: dial: %s", err)
+		return state, err
+	}
+	defer conn.Close()
+	conn.StartTLS(&tls.Config{ServerName: host})
+	state, _ = conn.TLSConnectionState()
+	return state, nil
+}
+
+func tlsConnectionState(host, port string) (state tls.ConnectionState, err error) {
+	addr := fmt.Sprint(host, ":", port)
+	// Dial the tcp connection
+	_, err = net.DialTimeout("tcp", addr, 10*time.Second)
+	if err != nil {
+		log.Errorf("net dial: %s", err)
+		return state, err
+	}
+
+	// Dial the tls connection
+	conn, err := tls.Dial("tcp", addr, &tls.Config{})
 	if err != nil {
-		log.Errorf("client: dial: %s", err)
-		return expireTime, err
+		log.Errorf("tls: dial: %s", err)
+		return state, err
 	}
 	defer conn.Close()
 	log.Debugln("client: connected to: ", conn.RemoteAddr())
 
-	state := conn.ConnectionState()
+	state = conn.ConnectionState()
+	return state, nil
+}
+
+func statePeerCertificateExpireDate(host, port string) (expireTime time.Time, err error) {
+	var state tls.ConnectionState
+	switch port {
+	case "587":
+		log.Debugf("case: %v", port)
+		state, err = startTLSConnectionState(host, port)
+		if err != nil {
+			log.Errorf("startTLS connection state: %s", err)
+			return expireTime, err
+		}
+		log.Debugf("startTLS connection state: %v", state)
+	default:
+		log.Debugf("case: %v", port)
+		state, err = tlsConnectionState(host, port)
+		if err != nil {
+			log.Errorf("TLS connection state: %s", err)
+			return expireTime, err
+		}
+		log.Debugf("TLS connection state: %v", state)
+	}
+
 	for _, v := range state.PeerCertificates {
 		if !v.IsCA {
 			log.Println(v.Subject)
@@ -35,10 +91,27 @@ func statePeerCertificateExpireDate(host, port string) (expireTime time.Time, er
 }
 
 func main() {
-	expireTime, err := statePeerCertificateExpireDate("www.google.com", "443")
-	if err != nil {
-		log.Panicln(err)
+	type addr struct {
+		host string
+		port string
+	}
+	var addrs = []addr{
+		{host: "www.google.com", port: "443"},
+		{host: "smtp.gmail.com", port: "587"},
+	}
+
+	var wg sync.WaitGroup
+	for i, a := range addrs {
+		wg.Add(1)
+		go func(i int, a addr) {
+			defer wg.Done()
+			expireTime, err := statePeerCertificateExpireDate(a.host, a.port)
+			if err != nil {
+				log.Panicln(err)
+			}
+			expireJSTTime := expireTime.In(time.FixedZone("Asia/Tokyo", 9*60*60))
+			fmt.Println(i, ": Peer Certificates: expire time:", expireJSTTime)
+		}(i, a)
 	}
-	expireJSTTime := expireTime.In(time.FixedZone("Asia/Tokyo", 9*60*60))
-	fmt.Println("Peer Certificates: expire time: ", expireJSTTime)
+	wg.Wait()
 }
diff --git a/main_test.go b/main_test.go
@@ -2,23 +2,32 @@ package main
 
 import (
 	"testing"
-	"time"
+
+	"github.com/stretchr/testify/assert"
 )
 
 func TestStatePeerCertificateExpireDate(t *testing.T) {
 	var tests = []struct {
+		name string
 		host string
 		port string
+		err  bool
 	}{
-		{host: "www.google.com", port: "443"},
+		{name: "No Error", host: "www.google.com", port: "443", err: false},
+		{name: "No Error", host: "smtp.gmail.com", port: "587", err: false},
+		{name: "Error", host: "www.google.com", port: "80", err: true},
+		{name: "Error", host: "smtp.gmail.com", port: "25", err: true},
 	}
 
 	for _, tt := range tests {
-		expireTime, err := statePeerCertificateExpireDate(tt.host, tt.port)
-		if err != nil {
-			t.Error(err)
-		}
-		expireJSTTime := expireTime.In(time.FixedZone("Asia/Tokyo", 9*60*60))
-		t.Logf("Peer Certificates: expire time: %+v", expireJSTTime)
+		t.Run(tt.name, func(t *testing.T) {
+			_, err := statePeerCertificateExpireDate(tt.host, tt.port)
+			if !tt.err {
+				assert.NoError(t, err)
+			}
+			if tt.err {
+				assert.Error(t, err)
+			}
+		})
 	}
 }