alarig/nagios-check_domain_expiration_rdap
1
0
Fork 0
Code Issues Pull requests Packages Projects Releases 1 Wiki Activity

Compare commits

base: alarig:main
Branches Tags
alarig:main
alarig:v0.1
..
compare: alarig:v0.1
Branches Tags
alarig:main
alarig:v0.1

No commits in common. "main" and "v0.1" have entirely different histories.
main ... v0.1

2 changed files with 13 additions and 37 deletions
Show stats Expand all files Collapse all files

8
README.md
View file

@ -1,7 +1,5 @@
Script intented to check a domain expiration with a query to the corresponding Script intented to check a domain expiration with a query to the corresponding
RDAP server. The RDAP server for the TLD is extracted from the IANA JSON RDAP. RDAP server.
If the expiration field isnt found on the TLD server, the script falls back to
the registrar server.
This script is inspired from This script is inspired from
https://raw.githubusercontent.com/buanzo/check_expiration_rdap/main/src/nagios_check_domain_expiration_rdap/nagios_check_domain_expiration_rdap.py https://raw.githubusercontent.com/buanzo/check_expiration_rdap/main/src/nagios_check_domain_expiration_rdap/nagios_check_domain_expiration_rdap.py
@ -10,9 +8,9 @@ and `/usr/lib/python3.11/site-packages/nagiosplugin/examples/`
The script assumes that the TLD has only one label while looking for the RDAP The script assumes that the TLD has only one label while looking for the RDAP
server from the IANA JSON. If its not the case it will fail. server from the IANA JSON. If its not the case it will fail.
Have fun. I dont understand half of what I wrote
For all the options, run `./check_domain_expiration_rdap.py -h` Have fun.
Here are the tested cases: Here are the tested cases:
```shell ```shell

42
check_domain_expiration_rdap.py
View file

@ -7,7 +7,6 @@ import argparse
import datetime import datetime
import logging import logging
import os import os
import pathlib
import requests import requests
import nagiosplugin import nagiosplugin
@ -19,20 +18,10 @@ __version__ = '0.1'
_log = logging.getLogger('nagiosplugin') _log = logging.getLogger('nagiosplugin')
# cache session for json and csv storage # cache session for json and csv storage
uid = os.getuid() session = requests_cache.CachedSession(
home = pathlib.Path.home() '/tmp/iana_rdap_cache',
for possible_dir in [f'/run/{uid}', home, '/tmp']: cache_control=True
iana_rdap_cache = f'{possible_dir}/iana_rdap_cache' )
try:
cache = open(f'{iana_rdap_cache}.sqlite', 'a')
cache.close()
session = requests_cache.CachedSession(iana_rdap_cache, cache_control=True)
_log.debug(f'Caching to {iana_rdap_cache}.sqlite')
break
except IOError:
_log.debug(f'{iana_rdap_cache}.sqlite is not writtable')
session = requests
iana_rdap_cache = ''
def find_rdap_server(domain): def find_rdap_server(domain):
"""Find the TLD rdap server.""" """Find the TLD rdap server."""
@ -52,7 +41,7 @@ def find_rdap_server(domain):
# no rdap on tld # no rdap on tld
except IndexError: except IndexError:
raise nagiosplugin.CheckError( raise nagiosplugin.CheckError(
f'The TLD {tld} does not have an RDAP server, try forcing the registrar server with --server. It can be found on https://www.iana.org/assignments/registrar-ids/registrar-ids.xhtml' f'The TLD {tld} does not have an RDAP server'
) )
_log.debug(f'The used RDAP server is {url}') _log.debug(f'The used RDAP server is {url}')
@ -64,10 +53,6 @@ def parse_ldap(domain, rdap_server):
req_rdap = requests.get(f'{rdap_server}domain/{domain}') req_rdap = requests.get(f'{rdap_server}domain/{domain}')
match req_rdap.status_code: match req_rdap.status_code:
case 400:
raise nagiosplugin.CheckError(
f'Got {req_rdap.status_code}, the RDAP server {rdap_server} interprets this domain query as a bad request'
)
case 403: case 403:
raise nagiosplugin.CheckError( raise nagiosplugin.CheckError(
f'Got {req_rdap.status_code}, the RDAP server {rdap_server} refused to reply' f'Got {req_rdap.status_code}, the RDAP server {rdap_server} refused to reply'
@ -112,8 +97,7 @@ def parse_ldap(domain, rdap_server):
raw_expiration.append(line[3]) raw_expiration.append(line[3])
elif len(raw_expiration) == 1: elif len(raw_expiration) == 1:
fecha = raw_expiration[0].split('T')[0].strip().split() fecha = raw_expiration[0].split('T')[0]
fecha = fecha[0]
today = datetime.datetime.now() today = datetime.datetime.now()
delta = datetime.datetime.strptime(fecha, '%Y-%m-%d') - today delta = datetime.datetime.strptime(fecha, '%Y-%m-%d') - today
raw_expiration[0] = delta.days raw_expiration[0] = delta.days
@ -140,11 +124,10 @@ def expiration(domain, server):
elif isinstance(raw_expiration[0], str): elif isinstance(raw_expiration[0], str):
import csv import csv
# fetch csv # fetch csv
iana_registrars_req = session.get( iana_registrars_csv = session.get(
'https://www.iana.org/assignments/registrar-ids/registrar-ids-1.csv', 'https://www.iana.org/assignments/registrar-ids/registrar-ids-1.csv',
timeout=120 timeout=120
) ).content.decode('utf-8')
iana_registrars_csv = iana_registrars_req.content.decode('utf-8')
# parse csv # parse csv
registrar_rdap_found = False registrar_rdap_found = False
for registrar_row in csv.reader( for registrar_row in csv.reader(
@ -165,7 +148,7 @@ def expiration(domain, server):
) )
if not(registrar_rdap_found): if not(registrar_rdap_found):
raise nagiosplugin.CheckError( raise nagiosplugin.CheckError(
f'The registrar {raw_expiration[0]} is not found from {iana_registrars_req.url}' f'The registrar {raw_expiration[0]} is not fond from {iana_registrars_csv.url}'
) )
else: else:
@ -259,13 +242,8 @@ def main():
) )
domain = pyunycode.convert(args.domain) domain = pyunycode.convert(args.domain)
# be sure that the provided server url ends with / for future concat
if (isinstance(args.server, str) and args.server[-1] != '/'):
server = args.server + '/'
else:
server = args.server
check = nagiosplugin.Check( check = nagiosplugin.Check(
Expiration(domain, server), Expiration(domain, args.server),
nagiosplugin.ScalarContext( nagiosplugin.ScalarContext(
'daystoexpiration', 'daystoexpiration',
warning=wrange, warning=wrange,