diff --git a/Dockerfile b/Dockerfile index ea99603..716c7d1 100644 --- a/Dockerfile +++ b/Dockerfile @@ -6,7 +6,7 @@ WORKDIR /src COPY go.mod go.sum ./ RUN go mod download COPY . . -RUN CGO_ENABLED=0 go build -ldflags "-X main.Version=${CHECKER_VERSION}" -o /checker-tls . +RUN CGO_ENABLED=0 go build -tags standalone -ldflags "-X main.Version=${CHECKER_VERSION}" -o /checker-tls . FROM scratch COPY --from=builder /checker-tls /checker-tls diff --git a/Makefile b/Makefile index bf1467e..8ebb85f 100644 --- a/Makefile +++ b/Makefile @@ -6,12 +6,12 @@ CHECKER_SOURCES := main.go $(wildcard checker/*.go) GO_LDFLAGS := -X main.Version=$(CHECKER_VERSION) -.PHONY: all plugin docker clean +.PHONY: all plugin docker test clean all: $(CHECKER_NAME) $(CHECKER_NAME): $(CHECKER_SOURCES) - go build -ldflags "$(GO_LDFLAGS)" -o $@ . + go build -tags standalone -ldflags "$(GO_LDFLAGS)" -o $@ . plugin: $(CHECKER_NAME).so @@ -21,5 +21,8 @@ $(CHECKER_NAME).so: $(CHECKER_SOURCES) $(wildcard plugin/*.go) docker: docker build --build-arg CHECKER_VERSION=$(CHECKER_VERSION) -t $(CHECKER_IMAGE) . +test: + go test -tags standalone ./... + clean: rm -f $(CHECKER_NAME) $(CHECKER_NAME).so diff --git a/checker/interactive.go b/checker/interactive.go index 85a7dc3..048b7a8 100644 --- a/checker/interactive.go +++ b/checker/interactive.go @@ -1,3 +1,5 @@ +//go:build standalone + package checker import ( @@ -24,7 +26,7 @@ func starttlsChoices() []string { return protos } -// RenderForm satisfies sdk.CheckerInteractive. The fields mirror the inputs +// RenderForm satisfies server.Interactive. The fields mirror the inputs // a producer checker would put into a contract.TLSEndpoint; a human fills // them in directly when running the checker standalone. func (p *tlsProvider) RenderForm() []sdk.CheckerOptionField { @@ -75,7 +77,7 @@ func (p *tlsProvider) RenderForm() []sdk.CheckerOptionField { } } -// ParseForm satisfies sdk.CheckerInteractive. It turns the human inputs into +// ParseForm satisfies server.Interactive. It turns the human inputs into // a single contract.TLSEndpoint, wraps it in a DiscoveryEntry, and returns // CheckerOptions shaped as if a happyDomain host had auto-filled // OptionEndpoints via AutoFillDiscoveryEntries. diff --git a/checker/rule.go b/checker/rule.go index 310c283..4c3d105 100644 --- a/checker/rule.go +++ b/checker/rule.go @@ -69,11 +69,11 @@ func (r *tlsRule) Evaluate(ctx context.Context, obs sdk.ObservationGetter, opts func evaluateProbe(p TLSProbe) sdk.CheckState { subject := fmt.Sprintf("%s://%s", p.Type, p.Endpoint) meta := map[string]any{ - "type": p.Type, - "host": p.Host, - "port": p.Port, - "sni": p.SNI, - "issues": len(p.Issues), + "type": p.Type, + "host": p.Host, + "port": p.Port, + "sni": p.SNI, + "issues": len(p.Issues), } if p.TLSVersion != "" { meta["tls_version"] = p.TLSVersion diff --git a/checker/types.go b/checker/types.go index 58bd547..3509d23 100644 --- a/checker/types.go +++ b/checker/types.go @@ -56,17 +56,17 @@ type TLSProbe struct { // IssuerAKI is the uppercase hex of the leaf's Authority Key Identifier // extension (i.e. the issuer cert's SKI). This is the primary lookup key // into the CCADB CAA Identifiers CSV ("Subject Key Identifier (Hex)"). - IssuerAKI string `json:"issuer_aki,omitempty"` - Subject string `json:"subject,omitempty"` - DNSNames []string `json:"dns_names,omitempty"` + IssuerAKI string `json:"issuer_aki,omitempty"` + Subject string `json:"subject,omitempty"` + DNSNames []string `json:"dns_names,omitempty"` // Chain carries one entry per certificate presented by the server // (leaf first, then intermediates in order). Each entry precomputes // the four TLSA selector×matching_type hashes plus the raw DER so // DANE consumers can match without re-handshaking or re-parsing. - Chain []CertInfo `json:"chain,omitempty"` - ElapsedMS int64 `json:"elapsed_ms,omitempty"` - Error string `json:"error,omitempty"` - Issues []Issue `json:"issues,omitempty"` + Chain []CertInfo `json:"chain,omitempty"` + ElapsedMS int64 `json:"elapsed_ms,omitempty"` + Error string `json:"error,omitempty"` + Issues []Issue `json:"issues,omitempty"` } // CertInfo describes one certificate in the presented chain together with diff --git a/go.mod b/go.mod index 416eb47..bde2901 100644 --- a/go.mod +++ b/go.mod @@ -2,4 +2,4 @@ module git.happydns.org/checker-tls go 1.25.0 -require git.happydns.org/checker-sdk-go v1.2.0 +require git.happydns.org/checker-sdk-go v1.4.0 diff --git a/go.sum b/go.sum index 272600a..072aab1 100644 --- a/go.sum +++ b/go.sum @@ -1,2 +1,2 @@ -git.happydns.org/checker-sdk-go v1.2.0 h1:v4MpKAz0W3PwP+bxx3pya8w893sVH5xTD1of1cc0TV8= -git.happydns.org/checker-sdk-go v1.2.0/go.mod h1:aNAcfYFfbhvH9kJhE0Njp5GX0dQbxdRB0rJ0KvSC5nI= +git.happydns.org/checker-sdk-go v1.4.0 h1:sO8EnF3suhNgYLRsbmCZWJOymH/oNMrOUqj3FEzJArs= +git.happydns.org/checker-sdk-go v1.4.0/go.mod h1:aNAcfYFfbhvH9kJhE0Njp5GX0dQbxdRB0rJ0KvSC5nI= diff --git a/main.go b/main.go index f781e37..ae5167c 100644 --- a/main.go +++ b/main.go @@ -4,7 +4,7 @@ import ( "flag" "log" - sdk "git.happydns.org/checker-sdk-go/checker" + "git.happydns.org/checker-sdk-go/checker/server" tls "git.happydns.org/checker-tls/checker" ) @@ -16,8 +16,8 @@ func main() { flag.Parse() tls.Version = Version - server := sdk.NewServer(tls.Provider()) - if err := server.ListenAndServe(*listenAddr); err != nil { + srv := server.New(tls.Provider()) + if err := srv.ListenAndServe(*listenAddr); err != nil { log.Fatalf("server error: %v", err) } }