Opened 8 months ago

Last modified 3 months ago

#30045 new enhancement

output of "tor --key-expiration sign" should be a time stamp

Reported by: toralf Owned by:
Priority: Medium Milestone: Tor: unspecified
Component: Core Tor/Tor Version: Tor: 0.4.0.3-alpha
Severity: Normal Keywords:
Cc: Actual Points:
Parent ID: Points:
Reviewer: Sponsor:

Description

It would be helpful for a cron job having sth like

let "diff = $(tor --key-expiration sign --format=timestamp) - $(date +%s)"

in it.

Child Tickets

Change History (3)

comment:1 Changed 8 months ago by nickm

Milestone: Tor: unspecified

We'd need to add an extra option to control this format; otherwise we would break everything that depended on the old format. That said, I'm not opposed.

comment:2 Changed 3 months ago by nickm

Component: Core TorCore Tor/Tor

comment:3 Changed 3 months ago by toralf

In the mean while I do have this

@daily   [[ $(/opt/torutils/key-expires.py /var/lib/tor/data/keys/ed25519_signing_cert)  -lt 864000 ]] && echo "Tor  key is expiring soon"
@daily   [[ $(/opt/torutils/key-expires.py /var/lib/tor/data2/keys/ed25519_signing_cert) -lt 864000 ]] && echo "Tor2 key is expiring soon"

# cat /opt/torutils/key-expires.py
#!/usr/bin/env python3

# put out the time (in seconds) before the key expires

import codecs
import sys
import time

# eg.: /var/lib/tor/data2/keys/ed25519_signing_cert
#
with open(sys.argv[1], 'rb') as f:
    cert = f.read()
    expire = int(codecs.encode(cert[35:38], 'hex'), 16) * 3600
    now = time.time()
    print(int(expire-now))

which does the job for me.

Note: See TracTickets for help on using tickets.