happyDomain/checker-srv
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Initial commit

Browse source 
Generic SRV records checker for happyDomain.

For each SRV record attached to an svcs.UnknownSRV service, the checker
resolves every target and probes reachability:

  - DNS resolution (A/AAAA), CNAME detection (RFC 2782 violation),
    null-target detection (RFC 2782 "service explicitly unavailable")
  - TCP connect to target:port for _tcp SRVs
  - UDP probe for _udp SRVs, using ICMP port-unreachable detection

The checker also publishes TLS endpoints (host, port, SNI) for every
SRV target hitting a well-known direct-TLS port (443, 465, 636, 853,
993, 995, 5061, 5223, …) via the EndpointDiscoverer SDK interface, so
a downstream TLS checker can pick them up.

The HTML report groups records as cards and surfaces the most common
failure scenarios (DNS failure, CNAME target, TCP unreachable,
null-target) at the top with remediation guidance.
This commit is contained in:
nemunaire 2026-04-19 10:28:39 +07:00
commit 7e50f404a1
27 changed files with 2389 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

38
checker/rules_cname.go Normal file
View file

@ -0,0 +1,38 @@
package checker
import (
"context"
"fmt"
"strings"
sdk "git.happydns.org/checker-sdk-go/checker"
)
type ruleTargetNotCNAME struct{}
func RuleTargetNotCNAME() sdk.CheckRule { return &ruleTargetNotCNAME{} }
func (ruleTargetNotCNAME) Name() string { return "srv_target_not_cname" }
func (ruleTargetNotCNAME) Description() string {
return "RFC 2782: SRV targets must resolve directly to A/AAAA, not through a CNAME."
}
func (ruleTargetNotCNAME) Evaluate(ctx context.Context, obs sdk.ObservationGetter, _ sdk.CheckerOptions) []sdk.CheckState {
d, cs := getData(ctx, obs)
if cs != nil {
return []sdk.CheckState{*cs}
}
var bad []string
for _, r := range d.Records {
if r.IsNullTarget {
continue
}
if r.IsCNAME {
bad = append(bad, r.Target)
}
}
if len(bad) == 0 {
return []sdk.CheckState{{Status: sdk.StatusOK, Code: "srv_targets_not_cname",
Message: "All SRV targets resolve directly (no CNAME)."}}
}
return []sdk.CheckState{{Status: sdk.StatusWarn, Code: "srv_targets_are_cname",
Message: fmt.Sprintf("RFC 2782 violation, SRV target(s) are CNAMEs: %s", strings.Join(bad, ", "))}}
}