Date: Tue, 26 Mar 2024 11:02:52 GMT From: Philippe Audeoud <jadawin@FreeBSD.org> To: ports-committers@FreeBSD.org, dev-commits-ports-all@FreeBSD.org, dev-commits-ports-main@FreeBSD.org Subject: git: 4ede5b61f28e - main - security/py-pnu-certwatch: new port Message-ID: <202403261102.42QB2qSO028248@gitrepo.freebsd.org>
next in thread | raw e-mail | index | archive | help
The branch main has been updated by jadawin: URL: https://cgit.FreeBSD.org/ports/commit/?id=4ede5b61f28e82a74af0fca197a75e2db2039ac9 commit 4ede5b61f28e82a74af0fca197a75e2db2039ac9 Author: Philippe Audeoud <jadawin@FreeBSD.org> AuthorDate: 2024-03-26 10:21:37 +0000 Commit: Philippe Audeoud <jadawin@FreeBSD.org> CommitDate: 2024-03-26 11:02:11 +0000 security/py-pnu-certwatch: new port The certwatch utility monitors X509 certificates expiration dates by processing one or more data files containing lists of hostnames with optional port numbers. It's mainly used to check the expiration date of HTTPS certificates (which is the default target when the port number is not indicated), but the tool is protocol-agnostic and can "talk" to any SNI-aware (Server Name Information) SSL/TLS server (smtps, imaps, ldaps, etc.) without making too much assumptions on the correctness of servers certificates. The certificates can be saved to a specified directory for further analysis with other tools (such as OpenSSL). The tool's results are presented as text tables. The main one is the list of certificates successfully fetched, ordered by expiration date. This list can be filtered to only show certificates expired or expiring within the specified number of days. The second table is the sorted list of hostnames / hostports where certificates couldn't be fetched, with our best attempts to identify the reason why. Two additional tables can be generated in order to print the common names and alternate names unmentioned in your input data files. Finally, for user convenience, all these reports can be generated in a single multi-tabs Excel workbook. PR: 277970 Approved by: maintainer, bapt (mentor) --- security/Makefile | 1 + security/py-pnu-certwatch/Makefile | 27 +++++++++++++++++++++++++++ security/py-pnu-certwatch/distinfo | 3 +++ security/py-pnu-certwatch/pkg-descr | 29 +++++++++++++++++++++++++++++ 4 files changed, 60 insertions(+) diff --git a/security/Makefile b/security/Makefile index 8a112586287d..1a519e82e787 100644 --- a/security/Makefile +++ b/security/Makefile @@ -983,6 +983,7 @@ SUBDIR += py-pgpdump SUBDIR += py-pgpy SUBDIR += py-plaso + SUBDIR += py-pnu-certwatch SUBDIR += py-pnu-vuxml SUBDIR += py-potr SUBDIR += py-pwntools diff --git a/security/py-pnu-certwatch/Makefile b/security/py-pnu-certwatch/Makefile new file mode 100644 index 000000000000..874ccc716166 --- /dev/null +++ b/security/py-pnu-certwatch/Makefile @@ -0,0 +1,27 @@ +PORTNAME= pnu-certwatch +DISTVERSION= 1.0.3 +CATEGORIES= security python +MASTER_SITES= PYPI +PKGNAMEPREFIX= ${PYTHON_PKGNAMEPREFIX} + +MAINTAINER= hubert.tournier@gmail.com +COMMENT= Watch X509 certificates expiration dates +WWW= https://github.com/HubTou/certwatch + +LICENSE= BSD3CLAUSE +LICENSE_FILE= ${WRKSRC}/License + +BUILD_DEPENDS= ${PY_SETUPTOOLS} \ + ${PYTHON_PKGNAMEPREFIX}wheel>0:devel/py-wheel@${PY_FLAVOR} + +RUN_DEPENDS= ${PYTHON_PKGNAMEPREFIX}pnu-libpnu>=1.3.0:devel/py-pnu-libpnu@${PY_FLAVOR} \ + ${PYTHON_PKGNAMEPREFIX}openpyxl>0:textproc/py-openpyxl@${PY_FLAVOR} \ + ${PYTHON_PKGNAMEPREFIX}prettytable>0:devel/py-prettytable@${PY_FLAVOR} \ + ${PYTHON_PKGNAMEPREFIX}tqdm>0:misc/py-tqdm@${PY_FLAVOR} + +USES= python shebangfix +USE_PYTHON= autoplist flavors pep517 cryptography + +SHEBANG_FILES= src/certwatch/*.py + +.include <bsd.port.mk> diff --git a/security/py-pnu-certwatch/distinfo b/security/py-pnu-certwatch/distinfo new file mode 100644 index 000000000000..5d81292223f7 --- /dev/null +++ b/security/py-pnu-certwatch/distinfo @@ -0,0 +1,3 @@ +TIMESTAMP = 1711310583 +SHA256 (pnu-certwatch-1.0.3.tar.gz) = e736811765f567cb427035eb8449196638c1ea8ef7cb68755a58b2668b400f44 +SIZE (pnu-certwatch-1.0.3.tar.gz) = 22073 diff --git a/security/py-pnu-certwatch/pkg-descr b/security/py-pnu-certwatch/pkg-descr new file mode 100644 index 000000000000..a09d4334c6ad --- /dev/null +++ b/security/py-pnu-certwatch/pkg-descr @@ -0,0 +1,29 @@ +The certwatch utility monitors X509 certificates expiration dates by +processing one or more data files containing lists of hostnames with +optional port numbers. + +It's mainly used to check the expiration date of HTTPS certificates +(which is the default target when the port number is not indicated), +but the tool is protocol-agnostic and can "talk" to any SNI-aware +(Server Name Information) SSL/TLS server (smtps, imaps, ldaps, etc.) +without making too much assumptions on the correctness of servers +certificates. + +The certificates can be saved to a specified directory for further +analysis with other tools (such as OpenSSL). + +The tool's results are presented as text tables. + +The main one is the list of certificates successfully fetched, ordered +by expiration date. This list can be filtered to only show +certificates expired or expiring within the specified number of days. + +The second table is the sorted list of hostnames / hostports where +certificates couldn't be fetched, with our best attempts to identify +the reason why. + +Two additional tables can be generated in order to print the common +names and alternate names unmentioned in your input data files. + +Finally, for user convenience, all these reports can be generated in a +single multi-tabs Excel workbook.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?202403261102.42QB2qSO028248>