summaryrefslogtreecommitdiffstats
path: root/scripts/chk_expiry
diff options
context:
space:
mode:
authorDaniel Baumann <daniel.baumann@progress-linux.org>2024-04-28 09:19:41 +0000
committerDaniel Baumann <daniel.baumann@progress-linux.org>2024-04-28 09:19:41 +0000
commita27c8b00ebf173659f22f53ce65679e94e7dfb1b (patch)
tree02c68ec259348b63c6328896aa73265eb7b3d730 /scripts/chk_expiry
parentInitial commit. (diff)
downloaddebian-keyring-upstream.tar.xz
debian-keyring-upstream.zip
Adding upstream version 2022.12.24.upstream/2022.12.24upstream
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to '')
-rwxr-xr-xscripts/chk_expiry69
1 files changed, 69 insertions, 0 deletions
diff --git a/scripts/chk_expiry b/scripts/chk_expiry
new file mode 100755
index 0000000..2d6b020
--- /dev/null
+++ b/scripts/chk_expiry
@@ -0,0 +1,69 @@
+#!/usr/bin/perl
+use strict;
+use Date::Calc qw(Today Delta_Days Add_Delta_YM);
+
+my (%conf);
+%conf = (keyrings => ['debian-keyring.gpg', 'debian-nonupload.gpg',
+ 'debian-maintainers.gpg'],
+ basedir => 'output/keyrings',
+ cmd => 'gpg --no-default-keyring --keyring %s/%s --list-key|grep expire[ds]:'
+# basedir => '/tmp',
+# cmd => 'cat %s/%s'
+ );
+
+for my $keyring (@{$conf{keyrings}}) {
+ my ($keys, @expired, @nextmonth, @threemonths);
+ $keys = {};
+ print "============================================================\n";
+ print "Processing keyring: $keyring\n\n";
+ for my $line (query_keyring($keyring)) {
+ my ($key, $y, $m, $d);
+ unless ($line =~ m![ps]ub\s+\d+[RDg]/
+ ([\dABCDEF]{8})
+ \s.+expire[ds]:\s
+ (\d{4})-(\d{2})-(\d{2})!x) {
+ warn "Unrecognized: $line";
+ next;
+ }
+ ($key, $y, $m, $d) = ($1, $2, $3, $4);
+ $keys->{$key} = [$y, $m, $d];
+ }
+ print "\nAlready expired keys:\n";
+ report($keys, [Today()]);
+ print "\nKeys expiring soon (one month from today):\n";
+ report($keys, [Add_Delta_YM(Today(),0,1)], [Today()]);
+ print "\nKeys expiring after a month but within three months:\n";
+ report($keys, [Add_Delta_YM(Today(),0,1)], [Add_Delta_YM(Today(),0,3)]);
+}
+
+sub query_keyring {
+ my ($keyring, $cmd);
+ $keyring = shift;
+ $cmd = sprintf($conf{cmd}, $conf{basedir}, $keyring);
+ return `$cmd`;
+}
+
+# Called with three parameters:
+# - $keys: Hash keyed by keyid, with the expiry date in [y,m,d] form as its
+# value
+# - $before: [y,m,d] form. Keys expiring before this date will be reported
+# - $limit: Optional, [y,m,d] form. Keys expiring before this date will be
+# ignored.
+sub report {
+ my ($keys, $before, $limit, %res);
+ $keys = shift;
+ $before = shift;
+ $limit = shift;
+ for my $key (keys %$keys) {
+ next if Delta_Days(@{$keys->{$key}}, @{$before}) < 0;
+ next if $limit and Delta_Days(@{$keys->{$key}}, @{$limit}) > 0;
+ $res{$key} = {expiry => $keys->{$key},
+ days_to_exp => Delta_Days(Today, @{$keys->{$key}}) };
+ }
+
+ foreach my $key (sort {$res{$a}{days_to_exp} <=> $res{$b}{days_to_exp}}
+ keys %res) {
+ printf("%s: %s (%s days)\n", $key, join('-', @{$res{$key}{expiry}}),
+ $res{$key}{days_to_exp});
+ }
+}