From dcb8fe3d186533cdee8f9de47cf65057736e7728 Mon Sep 17 00:00:00 2001
From: Peter Palfrader <peter@palfrader.org>
Date: Mon, 15 Jul 2013 22:50:55 +0000
Subject: Support a cert cache dir

git-svn-id: svn+ssh://asteria.noreply.org/svn/weaselutils/trunk@632 bc3d92e2-beff-0310-a7cd-cc87d7ac0ede
---
 tor-exit-ssl-check | 21 +++++++++++++++++----
 1 file changed, 17 insertions(+), 4 deletions(-)

diff --git a/tor-exit-ssl-check b/tor-exit-ssl-check
index 5185830..6af71e0 100755
--- a/tor-exit-ssl-check
+++ b/tor-exit-ssl-check
@@ -27,13 +27,14 @@ set -u
 shopt -s extglob
 
 usage() {
-	echo "Usage: $0 [-v [-v]] [-d <datadir>] <torserver-fpr> <targethost>[:<targetport>] [<targethost>[:<targetport>] [...]]"
+	echo "Usage: $0 [-v [-v]] [-d <datadir>] -c [<cert-cachedir>] <torserver-fpr> <targethost>[:<targetport>] [<targethost>[:<targetport>] [...]]"
 	echo "   If torserver-fpr is -, a list of fingerprints is read from stdin"
 }
 
 verbose=0
+cachedir=""
 datadir=""
-while getopts "vhd:" OPTION
+while getopts "vhc:d:" OPTION
 do
 	case "$OPTION" in
 		v)
@@ -43,6 +44,9 @@ do
 			usage
 			exit 0
 			;;
+		c)
+			cachedir="$OPTARG"
+			;;
 		d)
 			datadir="$OPTARG"
 			;;
@@ -139,12 +143,21 @@ expect_ok() {
 	fi
 }
 
+[ -n "$cachedir" ] && find "$cachedir" -mmin +1400 -exec rm '{}' '+'
+
 for ((i=0; i < ${#targets[@]}; i++)); do
 	host="${targets[$i]}"
 	[ "${host%%+([0-9])}" = "$host" ] && host="$host:443"
 
-	[ "$verbose" = 0 ] || echo "Directly to $host:"
-	openssl s_client -no_ticket -showcerts -connect "$host" < /dev/null 2>&1 | eatdata "$tmpdir/cert-direct-$i"
+	if [ -n "$cachedir" ] && [ -e "$cachedir/$host" ] ; then
+		[ "$verbose" = 0 ] || echo "Using cached certificate for $host."
+		cp "$cachedir/$host" "$tmpdir/cert-direct-$i"
+	else
+		[ "$verbose" = 0 ] || echo "Directly to $host:"
+		openssl s_client -no_ticket -showcerts -connect "$host" < /dev/null 2>&1 | eatdata "$tmpdir/cert-direct-$i"
+		[ -n "$cachedir" ] && cp "$tmpdir/cert-direct-$i" "$cachedir/$host"
+	fi
+
 	egrep -v '(Session-ID|Master-Key|Start Time):' < "$tmpdir/cert-direct-$i" > "$tmpdir/cert-direct-$i.filtered"
 	[ "$verbose" = 0 ] || echo "===="
 done
-- 
cgit v1.2.3