report-expiry.php 1.65 KB
Newer Older
Erick Hitter's avatar
Erick Hitter committed
1
<?php
Erick Hitter's avatar
Cleanup  
Erick Hitter committed
2 3 4 5 6
/**
 * Report certificate details.
 *
 * @package PHP_Cert_Reporter
 */
Erick Hitter's avatar
Erick Hitter committed
7

Erick Hitter's avatar
Cleanup  
Erick Hitter committed
8 9 10 11 12 13
namespace PHP_Cert_Reporter;

/**
 * Load table renderer.
 */
require_once __DIR__ . '/vendor/autoload.php';
Erick Hitter's avatar
Erick Hitter committed
14

Erick Hitter's avatar
Cleanup  
Erick Hitter committed
15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30
/**
 * Display certificate details in a table.
 *
 * Suitable for use in CI.
 *
 * @param bool $exit Exit with status code indicating if expired certificates were found.
 */
function report( $exit = true ): void {
	$data = [
		[
			'Filename',
			'CN',
			'Expires',
			'Days Left',
			'SAN',
		],
Erick Hitter's avatar
Erick Hitter committed
31 32
	];

Erick Hitter's avatar
Cleanup  
Erick Hitter committed
33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52
	$dir_includes_expired = false;

	printf( 'RESULTS FOR `%1$s`%2$s', getcwd(), "\n" );

	foreach ( glob( '*.crt', GLOB_NOSORT ) as $cert ) {
		$path = getcwd() . '/' . $cert;
		$x509 = openssl_x509_parse( file_get_contents( $path ) );

		if ( ! is_array( $x509 ) ) {
			printf( 'Failed to parse certificate from `%1$s`%2$s', $path, "\n\n" );
			continue;
		}

		$cert_data = [
			0 => $cert,
			1 => $x509['subject']['CN'],
			2 => date( 'Y-m-d H:i:s T', $x509['validTo_time_t'] ),
			3 => (int) round( ( $x509['validTo_time_t'] - time() ) / 86400 ),
			4 => '',
		];
Erick Hitter's avatar
Erick Hitter committed
53

Erick Hitter's avatar
Cleanup  
Erick Hitter committed
54
		if ( ! $dir_includes_expired && $cert_data[3] <= 0 ) {
Erick Hitter's avatar
Erick Hitter committed
55
			$dir_includes_expired = true;
Erick Hitter's avatar
Erick Hitter committed
56 57
		}

Erick Hitter's avatar
Cleanup  
Erick Hitter committed
58 59 60 61 62 63 64 65 66 67 68 69
		if ( isset( $x509['extensions']['subjectAltName'] ) ) {
			$sans = explode( ',', $x509['extensions']['subjectAltName'] );

			foreach ( $sans as $i => $san ) {
				$san        = explode( ':', $san );
				$sans[ $i ] = array_pop( $san );
			}

			$cert_data[4] = implode( ' ', $sans );
		}

		$data[] = $cert_data;
Erick Hitter's avatar
Erick Hitter committed
70 71
	}

Erick Hitter's avatar
Cleanup  
Erick Hitter committed
72
	$table = new \cli\Table( array_shift( $data ), $data );
73
	$table->setRenderer( new \cli\table\Ascii() );
Erick Hitter's avatar
Cleanup  
Erick Hitter committed
74 75
	$table->sort( 2 );
	$table->display();
Erick Hitter's avatar
Erick Hitter committed
76

Erick Hitter's avatar
Cleanup  
Erick Hitter committed
77 78 79 80 81
	if ( $exit ) {
		exit( $dir_includes_expired ? 1 : 0 );
	}
}
report();