From 4c69cf585b42f11d7861db56b098c0ac0d5b46c3 Mon Sep 17 00:00:00 2001
From: Evgeny Zinoviev <me@ch1p.io>
Date: Mon, 7 Nov 2022 04:02:04 +0300
Subject: support whois check (registration expiration dates)

---
 src/ssl_expire_notifier.php | 89 +++++++++++++++++++++++++++++++++++++--------
 1 file changed, 73 insertions(+), 16 deletions(-)

(limited to 'src')

diff --git a/src/ssl_expire_notifier.php b/src/ssl_expire_notifier.php
index e6549e6..5f01bcc 100755
--- a/src/ssl_expire_notifier.php
+++ b/src/ssl_expire_notifier.php
@@ -1,17 +1,74 @@
 #!/usr/bin/env php
 <?php
 
+require_once __DIR__.'/../vendor/autoload.php';
 require_once __DIR__.'/lib/Logger.php';
 
+use Iodev\Whois\Factory;
+
 error_reporting(E_ALL);
 ini_set('display_errors', 1);
 
+const TIME_FMT = 'd.m.Y, H:i:s';
+const TYPE_SSL = 0;
+const TYPE_WHOIS = 1;
+
 $file = getenv('HOME').'/.config/ssl_expire_notifier.ini';
 if (!file_exists($file))
     die('ERROR: config '.$file.' not found');
 
+$now = time();
 $config = parse_ini_file($file);
 
+function handle_result(int $type, string $host, int $exp, Logger $logger) {
+    global $now, $config;
+
+    static $cfg_prefixes = [
+        TYPE_SSL => 'ssl_',
+        TYPE_WHOIS => 'reg_'
+    ];
+    static $subtitles = [
+        TYPE_SSL => 'SSL',
+        TYPE_WHOIS => 'REGISTRATION'
+    ];
+
+    $cfg_prefix = $cfg_prefixes[$type];
+    $subtitle = $subtitles[$type];
+
+    $logger->debug("{$subtitle}: valid till ".date(TIME_FMT, $exp));
+
+    if ($exp <= $now) {
+        $logger->fatal($subtitle.': already expired at '.date(TIME_FMT, $exp));
+    } else {
+        $method = null;
+        if ($exp-$now < 86400*$config[$cfg_prefix.'error_days'])
+            $method = 'error';
+        else if ($exp-$now < 86400*$config[$cfg_prefix.'warn_days'])
+            $method = 'warn';
+
+        if ($method !== null)
+            call_user_func([$logger, $method], "{$subtitle}: expires at ".date(TIME_FMT, $exp));
+        else
+            $logger->debug('ok');
+    }
+}
+
+function get_top_domains() {
+    global $config;
+    $domains = array_map(function(string $d) {
+        if (($pos = strpos($d, ':')) !== false)
+            $d = substr($d, 0, $pos);
+        $words = explode('.', $d);
+        if (count($words) < 2) {
+            trigger_error('weird domain: '.$d);
+            return $d;
+        }
+        $words = array_reverse($words);
+        return "{$words[1]}.{$words[0]}";
+    }, $config['hosts']);
+    return array_values(array_unique($domains));
+}
+
 function ssl_expire_notifier() {
     global $config;
     $now = time();
@@ -50,24 +107,24 @@ function ssl_expire_notifier() {
         $cert = stream_context_get_params($read);
         $cert_info = openssl_x509_parse($cert['options']['ssl']['peer_certificate']);
 
-        $valid_till = $cert_info['validTo_time_t'];
-        $logger->debug("valid till ".date('d.m.Y, H:i:s', $valid_till));
+        handle_result(TYPE_SSL, $host, $cert_info['validTo_time_t'], $logger);
+    }
+}
 
-        if ($valid_till <= $now) {
-            $logger->fatal('already expired at '.date('d.m.Y, H:i:s', $valid_till));
-        } else {
-            $method = null;
-            if ($valid_till-$now < 86400*$config['error_days'])
-                $method = 'error';
-            else if ($valid_till-$now < 86400*$config['warn_days'])
-                $method = 'warn';
-
-            if ($method !== null)
-                call_user_func([$logger, $method], "expires at ".date('d.m.Y, H:i:s', $valid_till));
-            else
-                $logger->debug('ok');
+function whois_expire_notifier() {
+    $whois = Factory::get()->createWhois();
+
+    $domains = get_top_domains();
+    foreach ($domains as $domain) {
+        $logger = new Logger($domain);
+        try {
+            $info = $whois->loadDomainInfo($domain);
+            handle_result(TYPE_WHOIS, $domain, $info->expirationDate, $logger);
+        } catch (\Iodev\Whois\Exceptions\WhoisException $e) {
+            $logger->error("WhoisException: ".$e->getMessage());
         }
     }
 }
 
-ssl_expire_notifier();
\ No newline at end of file
+ssl_expire_notifier();
+whois_expire_notifier();
\ No newline at end of file
-- 
cgit v1.2.3