check_crl: fixed UnicodeDecodeError when trying to read binary file

check_crl/check_crl.py

@@ -14,6 +14,10 @@
 # You should have received a copy of the GNU General Public License
 # along with this program.  If not, see <http://www.gnu.org/licenses/>.
 
+# Wesley Moore <wmoore@jlab.org> - 2017-05-24
+# Changelog: - fixed UnicodeDecodeError when trying to read binary file
+#            - removed invalid verbose option from usage()
+
 # Mark Ruys <mark.ruys@peercode.nl> - 2015-8-27
 # Changelog: - catch openssl parsing errors
 #            - clean up temporary file on error
@@ -55,12 +59,16 @@ def check_crl(url, warn, crit):
 
     try:
         inform = 'DER'
-        crlfile = open(tmpcrl, "r")
-        for line in crlfile:
-            if "BEGIN X509 CRL" in line:
-                inform = 'PEM'
-                break
-        crlfile.close()
+        ret = subprocess.check_output(["/usr/bin/file", "-b", tmpcrl], stderr=subprocess.STDOUT)
+        ftype = ret.strip().decode('utf-8')
+        if ftype != "data":
+            # not binary, test for PEM
+            crlfile = open(tmpcrl, 'r')
+            for line in crlfile:
+                if "BEGIN X509 CRL" in line:
+                    inform = 'PEM'
+                    break
+            crlfile.close()
 
         ret = subprocess.check_output(["/usr/bin/openssl", "crl", "-inform", inform, "-noout", "-nextupdate", "-in", tmpcrl], stderr=subprocess.STDOUT)
     except:
@@ -100,7 +108,7 @@ def check_crl(url, warn, crit):
     sys.exit(exitcode)
 
 def usage():
-    print ("check_crl.py -h|--help -v|--verbose -u|--url=<url> -w|--warning=<minutes> -c|--critical=<minutes>")
+    print ("check_crl.py -h|--help -u|--url=<url> -w|--warning=<minutes> -c|--critical=<minutes>")
     print ("")
     print ("Example, if you want to get a warning if a CRL expires in 8 hours and a critical if it expires in 6 hours:")
     print ("./check_crl.py -u \"http://domain.tld/url/crl.crl\" -w 480 -c 360")