From 66ed027d1a96ea8f2d5730b30b0dd1b596b6df6c Mon Sep 17 00:00:00 2001
From: Ian Young <ian@iay.org.uk>
Date: Wed, 11 Jun 2008 14:33:03 +0000
Subject: [PATCH] Look at expiry date on embedded certificates: flag ones which
 have expired, warn about ones close to expiry (30 days) and show ones within
 60 days of expiry.

---
 build/check_embedded.pl | 14 ++++++++++++++
 1 file changed, 14 insertions(+)

diff --git a/build/check_embedded.pl b/build/check_embedded.pl
index 131054e2..9ff196b2 100755
--- a/build/check_embedded.pl
+++ b/build/check_embedded.pl
@@ -1,5 +1,6 @@
 #!/usr/bin/perl -w
 use File::Temp qw(tempfile);
+use Date::Parse;
 
 while (<>) {
 
@@ -78,6 +79,19 @@
 					print "      *** PUBLIC KEY TOO SHORT ***\n";
 				}
 			}
+			if (/Not After : (.*)$/) {
+				$notAfter = $1;
+				$days = (str2time($notAfter)-time())/86400.0;
+				if ($days < 0) {
+					print "   *** EXPIRED ***\n";
+				} elsif ($days < 30) {
+					$days = int($days);
+					print "   *** expires in $days days\n";
+				} elsif ($days < 90) {
+					$days = int($days);
+					print "   expires in $days days\n";
+				}
+			}
 		}
 		close SSL;
 		#print "   text lines: $#lines\n";