Initial commit

2026-04-23 11:25:26 +07:00 · 2026-04-23 11:25:26 +07:00 · 86b92eec9d
commit 86b92eec9d
33 changed files with 5407 additions and 0 deletions
--- a/checker/rules_tls_quality.go
+++ b/checker/rules_tls_quality.go
@ -0,0 +1,36 @@
+package checker
+
+import (
+	"context"
+
+	sdk "git.happydns.org/checker-sdk-go/checker"
+)
+
+// tlsQualityRule folds findings from a downstream TLS checker (cert chain,
+// hostname match, expiry, …) into SMTP rule output, so they show up on the
+// SMTP service page without the user opening a separate report.
+type tlsQualityRule struct{}
+
+func (r *tlsQualityRule) Name() string { return "smtp.tls_quality" }
+func (r *tlsQualityRule) Description() string {
+	return "Folds downstream TLS checker findings (certificate chain, hostname match, expiry) onto the SMTP service."
+}
+
+func (r *tlsQualityRule) Evaluate(ctx context.Context, obs sdk.ObservationGetter, _ sdk.CheckerOptions) []sdk.CheckState {
+	data, errSt := loadSMTPData(ctx, obs)
+	if errSt != nil {
+		return []sdk.CheckState{*errSt}
+	}
+	if data.MX.NullMX {
+		return []sdk.CheckState{notTestedState("smtp.tls_quality.skipped", "Skipped: domain declares a null MX.")}
+	}
+	related, _ := obs.GetRelated(ctx, TLSRelatedKey)
+	if len(related) == 0 {
+		return []sdk.CheckState{notTestedState("smtp.tls_quality.skipped", "No related TLS observation available (no TLS checker downstream, or no probe yet).")}
+	}
+	issues := tlsIssuesFromRelated(related)
+	if len(issues) == 0 {
+		return []sdk.CheckState{passState("smtp.tls_quality.ok", "Downstream TLS checker reports no issues on the MX endpoints.")}
+	}
+	return statesFromIssues(issues)
+}