47 lines
1.2 KiB
Go
47 lines
1.2 KiB
Go
package checker
|
|
|
|
import (
|
|
sdk "git.happydns.org/checker-sdk-go/checker"
|
|
)
|
|
|
|
func Provider() sdk.ObservationProvider {
|
|
return &sipProvider{}
|
|
}
|
|
|
|
type sipProvider struct{}
|
|
|
|
func (p *sipProvider) Key() sdk.ObservationKey {
|
|
return ObservationKeySIP
|
|
}
|
|
|
|
// Definition implements sdk.CheckerDefinitionProvider.
|
|
func (p *sipProvider) Definition() *sdk.CheckerDefinition {
|
|
return Definition()
|
|
}
|
|
|
|
// DiscoverEndpoints implements sdk.EndpointDiscoverer.
|
|
//
|
|
// It publishes every _sips._tcp SRV target as a "tls" discovery
|
|
// endpoint so the downstream TLS checker can verify certificate chain,
|
|
// SAN and expiry without re-doing the SRV lookup. SNI is set to the
|
|
// SRV target — SIPS certificates are expected to cover the server
|
|
// hostname (unlike XMPP where it's the bare JID domain).
|
|
//
|
|
// _sip._udp and _sip._tcp are plaintext with no historical STARTTLS
|
|
// convention, so nothing is emitted for them.
|
|
func (p *sipProvider) DiscoverEndpoints(data any) ([]sdk.DiscoveredEndpoint, error) {
|
|
d, ok := data.(*SIPData)
|
|
if !ok || d == nil {
|
|
return nil, nil
|
|
}
|
|
var out []sdk.DiscoveredEndpoint
|
|
for _, r := range d.SRV.SIPS {
|
|
out = append(out, sdk.DiscoveredEndpoint{
|
|
Type: "tls",
|
|
Host: r.Target,
|
|
Port: r.Port,
|
|
SNI: r.Target,
|
|
})
|
|
}
|
|
return out, nil
|
|
}
|