Eu preciso recuperar a data de expiração de um certificado SSL. O aplicativo curl
fornece essas informações:
$ curl -v https://google.com/
* Hostname was NOT found in DNS cache
* Trying 212.179.180.121...
* Connected to google.com (212.179.180.121) port 443 (#0)
* successfully set certificate verify locations:
* CAfile: none
CApath: /etc/ssl/certs
* SSLv3, TLS handshake, Client hello (1):
* SSLv3, TLS handshake, Server hello (2):
* SSLv3, TLS handshake, CERT (11):
* SSLv3, TLS handshake, Server key exchange (12):
* SSLv3, TLS handshake, Server finished (14):
* SSLv3, TLS handshake, Client key exchange (16):
* SSLv3, TLS change cipher, Client hello (1):
* SSLv3, TLS handshake, Finished (20):
* SSLv3, TLS change cipher, Client hello (1):
* SSLv3, TLS handshake, Finished (20):
* SSL connection using ECDHE-ECDSA-AES128-GCM-SHA256
* Server certificate:
* subject: C=US; ST=California; L=Mountain View; O=Google Inc; CN=*.google.com
* start date: 2014-10-22 13:04:07 GMT
* expire date: 2015-01-20 00:00:00 GMT
* subjectAltName: google.com matched
* issuer: C=US; O=Google Inc; CN=Google Internet Authority G2
* SSL certificate verify ok.
> GET / HTTP/1.1
> User-Agent: curl/7.35.0
> Host: google.com
> Accept: */*
>
< HTTP/1.1 302 Found
< Cache-Control: private
< Content-Type: text/html; charset=UTF-8
< Location: https://www.google.co.il/?gfe_rd=cr&ei=HkxbVMzCM-WkiAbU6YCoCg
< Content-Length: 262
< Date: Thu, 06 Nov 2014 10:23:26 GMT
* Server GFE/2.0 is not blacklisted
< Server: GFE/2.0
<
<HTML><HEAD><meta http-equiv="content-type" content="text/html;charset=utf-8">
<TITLE>302 Moved</TITLE></HEAD><BODY>
<H1>302 Moved</H1>
The document has moved
<A HREF="https://www.google.co.il/?gfe_rd=cr&ei=HkxbVMzCM-WkiAbU6YCoCg">here</A>.
</BODY></HTML>
* Connection #0 to host google.com left intact
No entanto, ao enviar a saída via grep
, o resultado não é menor informação na tela, mas muito mais :
$ curl -v https://google.com/ | grep expire
* Hostname was NOT found in DNS cache
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
0 0 0 0 0 0 0 0 --:--:-- --:--:-- --:--:-- 0* Trying 212.179.180.84...
* Connected to google.com (212.179.180.84) port 443 (#0)
* successfully set certificate verify locations:
* CAfile: none
CApath: /etc/ssl/certs
* SSLv3, TLS handshake, Client hello (1):
} [data not shown]
* SSLv3, TLS handshake, Server hello (2):
{ [data not shown]
0 0 0 0 0 0 0 0 --:--:-- --:--:-- --:--:-- 0* SSLv3, TLS handshake, CERT (11):
{ [data not shown]
* SSLv3, TLS handshake, Server key exchange (12):
{ [data not shown]
* SSLv3, TLS handshake, Server finished (14):
{ [data not shown]
* SSLv3, TLS handshake, Client key exchange (16):
} [data not shown]
* SSLv3, TLS change cipher, Client hello (1):
} [data not shown]
* SSLv3, TLS handshake, Finished (20):
} [data not shown]
* SSLv3, TLS change cipher, Client hello (1):
{ [data not shown]
* SSLv3, TLS handshake, Finished (20):
{ [data not shown]
* SSL connection using ECDHE-ECDSA-AES128-GCM-SHA256
* Server certificate:
* subject: C=US; ST=California; L=Mountain View; O=Google Inc; CN=*.google.com
* start date: 2014-10-22 13:04:07 GMT
* expire date: 2015-01-20 00:00:00 GMT
* subjectAltName: google.com matched
* issuer: C=US; O=Google Inc; CN=Google Internet Authority G2
* SSL certificate verify ok.
> GET / HTTP/1.1
> User-Agent: curl/7.35.0
> Host: google.com
> Accept: */*
>
< HTTP/1.1 302 Found
< Cache-Control: private
< Content-Type: text/html; charset=UTF-8
< Location: https://www.google.co.il/?gfe_rd=cr&ei=IkxbVMy4K4OBbKuDgKgF
< Content-Length: 260
< Date: Thu, 06 Nov 2014 10:23:30 GMT
* Server GFE/2.0 is not blacklisted
< Server: GFE/2.0
<
{ [data not shown]
100 260 100 260 0 0 714 0 --:--:-- --:--:-- --:--:-- 714
* Connection #0 to host google.com left intact
Eu suspeito que curl
detecta que não está imprimindo em um terminal e, portanto, fornece resultados diferentes, nem todos são reconhecidos por grep
como sendo stdout
e é, portanto, passou para o terminal. No entanto, o mais parecido com isso que encontrei em man curl
(não procure no Google por isso!) é:
PROGRESS METER
curl normally displays a progress meter during operations, indicating the amount of transferred data, transfer speeds and estimated time
left, etc.
curl displays this data to the terminal by default, so if you invoke curl to do an operation and it is about to write data to the terminal,
it disables the progress meter as otherwise it would mess up the output mixing progress meter and response data.
If you want a progress meter for HTTP POST or PUT requests, you need to redirect the response output to a file, using shell redirect (>), -o
[file] or similar.
It is not the same case for FTP upload as that operation does not spit out any response data to the terminal.
If you prefer a progress "bar" instead of the regular meter, -# is your friend.
Como posso obter apenas a expiry
da saída curl
? Além disso, o que devo ler para entender melhor a situação?
Parece que esse seria um bom caso de uso para um descritor de arquivo "stdmeta" .