From e9d40a337c9d63c261f0ea34b0f4e808847d53fe Mon Sep 17 00:00:00 2001
From: Nathan Woodburn <github@nathan.woodburn.au>
Date: Wed, 27 Sep 2023 18:29:09 +1000
Subject: [PATCH] bot: Update ssl parsing

---
 bot.py | 30 ++++++++++++++----------------
 1 file changed, 14 insertions(+), 16 deletions(-)

diff --git a/bot.py b/bot.py
index 3638c4d..57c77b7 100644
--- a/bot.py
+++ b/bot.py
@@ -9,7 +9,8 @@ import subprocess
 import tempfile
 import re
 import binascii
-import ssl
+from cryptography import x509
+from cryptography.hazmat.backends import default_backend
 
 
 load_dotenv()
@@ -203,22 +204,19 @@ async def ssl(ctx, domain: str):
 
 
             # Get domains
-            x509 = ssl.load_certificate(ssl.PEM_cert_to_DER_cert(cert.encode("utf-8")))
+            cert_obj = x509.load_pem_x509_certificate(cert.encode("utf-8"), default_backend())
+
             domains = []
-            try:
-                san_list = x509.get_extension_by_oid("subjectAltName")
-                san_list = san_list._subjectAltNameString().split(", ")
-                domains.extend(san_list)
-            except Exception as e:
-                print(e, flush=True)
-                
-            try:
-                subject = x509.get_subject()
-                common_name = subject.CN
-                if common_name:
-                    domains.append(common_name)
-            except Exception as e:
-                print(e, flush=True)
+            for ext in cert_obj.extensions:
+                if ext.oid == x509.ExtensionOID.SUBJECT_ALTERNATIVE_NAME:
+                    san_list = ext.value.get_values_for_type(x509.DNSName)
+                    domains.extend(san_list)
+            
+            # Extract the common name (CN) from the subject
+            common_name = cert_obj.subject.get_attributes_for_oid(x509.NameOID.COMMON_NAME)
+            if common_name:
+                domains.append(common_name[0].value)
+
 
             if domains:
                 message = message + "\n## SSL Domains:\n"