/*
	Check expiry date of a remote SSL certificate and set exit code if less than 30 days from now.

	openssl s_client -connect www.example.com:443 | grep -A 100 "BEGIN CERTIFICATE" | openssl x509 -noout -enddate | parsedate

	expects input like: "notAfter=Jan  1 22:02:19 2011 GMT"
	Requires: OpenSSL and Gnu grep

	kevin (at) paris.com      14-May-2009
*/

#include <stdio.h>
#include <time.h>


unsigned int	day, year, i, n, y2, m2, d2;
char		tz[16], hms[16], month[16], intro[16];
time_t rawtime;
struct  tm * 	ptm;
struct	tm	exp;
int	delta;

/*                              {Jan  Feb  Mar  Apr  May  Jun  Jul  Aug  Sep  Oct  Nov  Dec} */
unsigned int	monthcode[12] = {281, 269, 288, 291, 295, 301, 299, 285, 296, 294, 307, 268} ;


int main() {
	scanf("%9s %s %u %s %u %s", &intro, &month, &day, &hms, &year, &tz);

	if(strcmp(intro, "notAfter=")) {
		printf("?Error parsing date\n");
		exit(-1);
	}
	n = month[0] + month[1] + month[2] ;
	for(i=1;i<13 && n!=monthcode[i-1]; i++) ;
	if(strcmp( i>12 ) {
		printf("?Error parsing date\n");
		exit(-1);
	}

	exp.tm_year = year - 1900;
	exp.tm_mon  = i;
	exp.tm_mday = day;

	time ( &rawtime );
	ptm = gmtime ( &rawtime );
	delta = difftime(mktime(&exp), rawtime) / 86400 ;  /* time difference in days */

	printf("%u days\n", delta);
	if(delta < 30)  exit(delta);
		 else 	exit(0);
	
}