From f611aa929cd36be5a7f0fcb9a903c62b179f62b1 Mon Sep 17 00:00:00 2001 From: Nathan Woodburn Date: Wed, 27 Sep 2023 18:34:24 +1000 Subject: [PATCH] bot: Finish domain check --- bot.py | 12 ++++++++++-- 1 file changed, 10 insertions(+), 2 deletions(-) diff --git a/bot.py b/bot.py index 57c77b7..4e72ecc 100644 --- a/bot.py +++ b/bot.py @@ -149,6 +149,7 @@ async def ssl(ctx, domain: str): resolver = dns.resolver.Resolver() resolver.nameservers = ["100.74.29.146"] resolver.port = 53 + domain_check = False try: # Query the DNS record response = resolver.resolve(domain, "A") @@ -215,13 +216,16 @@ async def ssl(ctx, domain: str): # Extract the common name (CN) from the subject common_name = cert_obj.subject.get_attributes_for_oid(x509.NameOID.COMMON_NAME) if common_name: - domains.append(common_name[0].value) + if common_name[0].value not in domains: + domains.append(common_name[0].value) if domains: message = message + "\n## SSL Domains:\n" for domain in domains: message = message + "- " + domain + "\n" + if domain in domains: + domain_check = True else: @@ -241,7 +245,11 @@ async def ssl(ctx, domain: str): message = message + "\n## Result:\n:x: No TLSA record found\n" else: if tlsa_server == tlsa_records[0]: - message = message + "\n## Result:\n:white_check_mark: TLSA record matches certificate\n" + if domain_check: + message = message + "\n## Result:\n:white_check_mark: TLSA record matches certificate\n" + else: + message = message + "\n## Result:\n:x: TLSA record matches certificate but domain does not match\n" + else: message = message + "\n## Result:\n:x: TLSA record does not match certificate\n"