#!/usr/bin/env python3
# -*- coding: utf-8 -*-
# Copyright 2017, Florent Thiery
'''
Criticality: Normal
Checks that SSL certificates are valid; if invalid, the user will have to add an exception in his browser
'''
import os
import sys
import requests
import imp

GREEN = '\033[92m'
RED = '\033[91m'
DEF = '\033[0m'

if not os.path.isdir('/etc/nginx'):
    print('Nginx not found, skipping test')
    sys.exit(2)

os.chdir(os.path.dirname(__file__))
if not os.path.isfile('../utils.py'):
    print('conf.sh not found')
    sys.exit(1)

es_utils = imp.load_source('es_utils', '../utils.py')
conf = es_utils.load_conf()

all_ok = True

conf_servers = (
    ('MS_SERVER_NAME', 'mediaserver'),
    ('MONITOR_SERVER_NAME', 'monitor'),
    ('CM_SERVER_NAME', 'campusmanager'),
)

for s, d in conf_servers:
    v = conf.get(s)
    if v == d:
        # vhost is using default value (the service is surely not installed)
        continue
    try:
        url = 'https://%s' % v
        print('Checking SSL certificate of %s' % url)
        requests.get(url)
    except requests.exceptions.SSLError:
        print('%sSSL certificate for %s is not valid%s' % (RED, url, DEF))
        all_ok = False
if not all_ok:
    sys.exit(3)
else:
    sys.exit(0)