checker: Add matrix client tests
This commit is contained in:
parent
6269ac83d4
commit
805b654170
@ -8,6 +8,7 @@ import (
|
|||||||
"log"
|
"log"
|
||||||
"net"
|
"net"
|
||||||
"net/http"
|
"net/http"
|
||||||
|
"net/url"
|
||||||
"strings"
|
"strings"
|
||||||
"time"
|
"time"
|
||||||
|
|
||||||
@ -428,7 +429,7 @@ type matrix_result struct {
|
|||||||
FederationOK bool `json:"FederationOK"`
|
FederationOK bool `json:"FederationOK"`
|
||||||
}
|
}
|
||||||
|
|
||||||
func check_matrix(domain string) (version string, err error) {
|
func check_matrix_federation(domain string) (version string, err error) {
|
||||||
var resp *http.Response
|
var resp *http.Response
|
||||||
resp, err = http.Get(fmt.Sprintf("https://federation-tester.adlin.nemunai.re/api/report?server_name=%s", strings.TrimSuffix(domain, ".")))
|
resp, err = http.Get(fmt.Sprintf("https://federation-tester.adlin.nemunai.re/api/report?server_name=%s", strings.TrimSuffix(domain, ".")))
|
||||||
if err != nil {
|
if err != nil {
|
||||||
@ -442,7 +443,7 @@ func check_matrix(domain string) (version string, err error) {
|
|||||||
|
|
||||||
var federationTest matrix_result
|
var federationTest matrix_result
|
||||||
if err = json.NewDecoder(resp.Body).Decode(&federationTest); err != nil {
|
if err = json.NewDecoder(resp.Body).Decode(&federationTest); err != nil {
|
||||||
log.Printf("Error in check_matrix, when decoding json: %w", err.Error())
|
log.Printf("Error in check_matrix_federation, when decoding json: %w", err.Error())
|
||||||
return "", fmt.Errorf("Sorry, the federation tester is broken. Check on https://federationtester.matrix.org/#%s", strings.TrimSuffix(domain, "."))
|
return "", fmt.Errorf("Sorry, the federation tester is broken. Check on https://federationtester.matrix.org/#%s", strings.TrimSuffix(domain, "."))
|
||||||
} else if federationTest.FederationOK {
|
} else if federationTest.FederationOK {
|
||||||
version = federationTest.Version.Name + " " + federationTest.Version.Version
|
version = federationTest.Version.Name + " " + federationTest.Version.Version
|
||||||
@ -467,6 +468,71 @@ func check_matrix(domain string) (version string, err error) {
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
type matrix_wk_client struct {
|
||||||
|
Homeserver struct {
|
||||||
|
BaseURL string `json:"base_url"`
|
||||||
|
} `json:"m.homeserver"`
|
||||||
|
IdentityServer struct {
|
||||||
|
BaseURL string `json:"base_url"`
|
||||||
|
} `json:"m.identity_server"`
|
||||||
|
}
|
||||||
|
|
||||||
|
type matrix_client_versions struct {
|
||||||
|
Versions []string `json:"versions"`
|
||||||
|
UnstableFeatures map[string]bool `json:"unstable_features"`
|
||||||
|
}
|
||||||
|
|
||||||
|
func check_matrix_client(domain string) (version string, err error) {
|
||||||
|
var resp *http.Response
|
||||||
|
resp, err = http.Get(fmt.Sprintf("https://%s/.well-known/matrix/client", strings.TrimSuffix(domain, ".")))
|
||||||
|
if err != nil {
|
||||||
|
return
|
||||||
|
}
|
||||||
|
defer resp.Body.Close()
|
||||||
|
|
||||||
|
var HomeserverBase = fmt.Sprintf("https://%s", strings.TrimSuffix(domain, "."))
|
||||||
|
|
||||||
|
if resp.StatusCode < 300 {
|
||||||
|
var wellknown matrix_wk_client
|
||||||
|
if err = json.NewDecoder(resp.Body).Decode(&wellknown); err != nil {
|
||||||
|
log.Printf("Error in check_matrix_client, when decoding json: %w", err.Error())
|
||||||
|
return "", fmt.Errorf("File at https://%s/.well-known/matrix/client is invalid: JSON parse error", strings.TrimSuffix(domain, "."))
|
||||||
|
} else if wellknown.Homeserver.BaseURL != "" {
|
||||||
|
if baseurl, err := url.Parse(wellknown.Homeserver.BaseURL); err != nil {
|
||||||
|
return "", fmt.Errorf("File at https://%s/.well-known/matrix/client is invalid: Bad homeserver URL: %s", strings.TrimSuffix(domain, "."), err.Error())
|
||||||
|
} else if !strings.HasSuffix(strings.TrimSuffix(baseurl.Host, "."), strings.TrimSuffix(domain, ".")) {
|
||||||
|
return "", fmt.Errorf("Your homeserver base_url is not under %s", strings.TrimSuffix(domain, "."))
|
||||||
|
} else if strings.TrimSuffix(baseurl.Host, ".") == strings.TrimSuffix(domain, ".") {
|
||||||
|
// This test can be optional
|
||||||
|
return "", fmt.Errorf("Your homeserver should be on its own subdomain")
|
||||||
|
} else {
|
||||||
|
HomeserverBase = wellknown.Homeserver.BaseURL
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
var resp2 *http.Response
|
||||||
|
resp2, err = http.Get(fmt.Sprintf("%s/_matrix/client/versions", HomeserverBase))
|
||||||
|
if err != nil {
|
||||||
|
return
|
||||||
|
}
|
||||||
|
defer resp2.Body.Close()
|
||||||
|
|
||||||
|
if resp.StatusCode != http.StatusOK {
|
||||||
|
return "", fmt.Errorf("Unable to fetch your homeserver versions at %s/_matrix/client/versions: %s", HomeserverBase, resp.Status)
|
||||||
|
}
|
||||||
|
|
||||||
|
var clientTest matrix_client_versions
|
||||||
|
if err = json.NewDecoder(resp2.Body).Decode(&clientTest); err != nil {
|
||||||
|
log.Printf("Error in check_matrix_client, when decoding versions json: %w", err.Error())
|
||||||
|
return "", fmt.Errorf("File at %s/_matrix/client/versions is invalid: JSON parse error: %s", HomeserverBase, err.Error())
|
||||||
|
} else if len(clientTest.Versions) == 0 {
|
||||||
|
return "", fmt.Errorf("File at %s/_matrix/client/versions is invalid: no protocol version supported", HomeserverBase)
|
||||||
|
} else {
|
||||||
|
return clientTest.Versions[len(clientTest.Versions)-1], nil
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
// Main
|
// Main
|
||||||
|
|
||||||
func minTunnelVersion(std *adlin.Student, suffixip int) (int, error) {
|
func minTunnelVersion(std *adlin.Student, suffixip int) (int, error) {
|
||||||
@ -558,29 +624,29 @@ func studentsChecker() {
|
|||||||
if glueErr != nil {
|
if glueErr != nil {
|
||||||
dnsAt = " + there is a problem with the GLUE record: " + glueErr.Error()
|
dnsAt = " + there is a problem with the GLUE record: " + glueErr.Error()
|
||||||
}
|
}
|
||||||
if errreg := std.RegisterChallengeError(100*(tunnel_version-1)+3, fmt.Errorf("%s: empty response from the server%s", std.MyDelegatedDomain(), dnsAt)); errreg != nil {
|
if errreg := std.RegisterChallengeError(CheckMap[tunnel_version][DNSDelegation], fmt.Errorf("%s: empty response from the server%s", std.MyDelegatedDomain(), dnsAt)); errreg != nil {
|
||||||
log.Printf("Unable to register challenge error for %s: %s\n", std.Login, errreg)
|
log.Printf("Unable to register challenge error for %s: %s\n", std.Login, errreg)
|
||||||
}
|
}
|
||||||
} else {
|
} else {
|
||||||
if verbose {
|
if verbose {
|
||||||
log.Printf("%s just unlocked DNS challenge\n", std.Login)
|
log.Printf("%s just unlocked DNS challenge\n", std.Login)
|
||||||
}
|
}
|
||||||
if _, err := std.UnlockChallenge(100*(tunnel_version-1)+3, addr.String()); err != nil {
|
if _, err := std.UnlockChallenge(CheckMap[tunnel_version][DNSDelegation], addr.String()); err != nil {
|
||||||
log.Printf("Unable to register challenge for %s: %s\n", std.Login, err.Error())
|
log.Printf("Unable to register challenge for %s: %s\n", std.Login, err.Error())
|
||||||
}
|
}
|
||||||
|
|
||||||
// Check HTTP with DNS
|
// Check HTTP with DNS
|
||||||
if glueErr != nil {
|
if glueErr != nil {
|
||||||
std.RegisterChallengeError(100*(tunnel_version-1)+4, fmt.Errorf("Unable to perform the test due to GLUE problem: %w", glueErr))
|
std.RegisterChallengeError(CheckMap[tunnel_version][HTTPonDelegatedDomain], fmt.Errorf("Unable to perform the test due to GLUE problem: %w", glueErr))
|
||||||
} else if err := check_http(addr.String(), std.MyDelegatedDomain()); err == nil {
|
} else if err := check_http(addr.String(), std.MyDelegatedDomain()); err == nil {
|
||||||
if verbose {
|
if verbose {
|
||||||
log.Printf("%s just unlocked HTTP challenge\n", std.Login)
|
log.Printf("%s just unlocked HTTP challenge\n", std.Login)
|
||||||
}
|
}
|
||||||
if _, err := std.UnlockChallenge(100*(tunnel_version-1)+4, ""); err != nil {
|
if _, err := std.UnlockChallenge(CheckMap[tunnel_version][HTTPonDelegatedDomain], ""); err != nil {
|
||||||
log.Printf("Unable to register challenge for %s: %s\n", std.Login, err.Error())
|
log.Printf("Unable to register challenge for %s: %s\n", std.Login, err.Error())
|
||||||
}
|
}
|
||||||
} else {
|
} else {
|
||||||
std.RegisterChallengeError(100*(tunnel_version-1)+4, err)
|
std.RegisterChallengeError(CheckMap[tunnel_version][HTTPonDelegatedDomain], err)
|
||||||
if verbose {
|
if verbose {
|
||||||
log.Printf("%s and HTTP (with DNS ip=%s): %s\n", std.Login, addr.String(), err)
|
log.Printf("%s and HTTP (with DNS ip=%s): %s\n", std.Login, addr.String(), err)
|
||||||
}
|
}
|
||||||
@ -588,16 +654,16 @@ func studentsChecker() {
|
|||||||
|
|
||||||
// Check HTTPs with DNS
|
// Check HTTPs with DNS
|
||||||
if glueErr != nil {
|
if glueErr != nil {
|
||||||
std.RegisterChallengeError(100*(tunnel_version-1)+5, fmt.Errorf("Unable to perform the test due to GLUE problem: %w", glueErr))
|
std.RegisterChallengeError(CheckMap[tunnel_version][HTTPSonDelegatedDomain], fmt.Errorf("Unable to perform the test due to GLUE problem: %w", glueErr))
|
||||||
} else if err := check_https(std.MyDelegatedDomain(), addr.String()); err == nil {
|
} else if err := check_https(std.MyDelegatedDomain(), addr.String()); err == nil {
|
||||||
if verbose {
|
if verbose {
|
||||||
log.Printf("%s just unlocked HTTPS challenge\n", std.Login)
|
log.Printf("%s just unlocked HTTPS challenge\n", std.Login)
|
||||||
}
|
}
|
||||||
if _, err := std.UnlockChallenge(100*(tunnel_version-1)+5, ""); err != nil {
|
if _, err := std.UnlockChallenge(CheckMap[tunnel_version][HTTPSonDelegatedDomain], ""); err != nil {
|
||||||
log.Printf("Unable to register challenge for %s: %s\n", std.Login, err.Error())
|
log.Printf("Unable to register challenge for %s: %s\n", std.Login, err.Error())
|
||||||
}
|
}
|
||||||
} else {
|
} else {
|
||||||
std.RegisterChallengeError(100*(tunnel_version-1)+5, err)
|
std.RegisterChallengeError(CheckMap[tunnel_version][HTTPSonDelegatedDomain], err)
|
||||||
if verbose {
|
if verbose {
|
||||||
log.Printf("%s and HTTPS (with DNS ip=%s): %s\n", std.Login, addr.String(), err)
|
log.Printf("%s and HTTPS (with DNS ip=%s): %s\n", std.Login, addr.String(), err)
|
||||||
}
|
}
|
||||||
@ -605,17 +671,33 @@ func studentsChecker() {
|
|||||||
|
|
||||||
// Check Matrix (only if GLUE Ok and defer contraint)
|
// Check Matrix (only if GLUE Ok and defer contraint)
|
||||||
if glueErr == nil && istd%10 == check_matrix_for {
|
if glueErr == nil && istd%10 == check_matrix_for {
|
||||||
if v, err := check_matrix(std.MyDelegatedDomain()); err == nil {
|
// Check Matrix Federation first
|
||||||
|
if v, err := check_matrix_federation(std.MyDelegatedDomain()); err == nil {
|
||||||
if verbose {
|
if verbose {
|
||||||
log.Printf("%s just unlocked Matrix challenge\n", std.Login)
|
log.Printf("%s just unlocked Matrix federation challenge\n", std.Login)
|
||||||
}
|
}
|
||||||
if _, err := std.UnlockChallenge(100*(tunnel_version-1)+6, v); err != nil {
|
if _, err := std.UnlockChallenge(CheckMap[tunnel_version][MatrixSrv], v); err != nil {
|
||||||
log.Printf("Unable to register challenge for %s: %s\n", std.Login, err.Error())
|
log.Printf("Unable to register challenge for %s: %s\n", std.Login, err.Error())
|
||||||
}
|
}
|
||||||
} else {
|
} else {
|
||||||
std.RegisterChallengeError(100*(tunnel_version-1)+6, err)
|
std.RegisterChallengeError(CheckMap[tunnel_version][MatrixSrv], err)
|
||||||
if verbose {
|
if verbose {
|
||||||
log.Printf("%s and Matrix: %s\n", std.Login, err)
|
log.Printf("%s and Matrix federation: %s\n", std.Login, err)
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
// Check Matrix Client
|
||||||
|
if v, err := check_matrix_client(std.MyDelegatedDomain()); err == nil {
|
||||||
|
if verbose {
|
||||||
|
log.Printf("%s just unlocked Matrix client challenge\n", std.Login)
|
||||||
|
}
|
||||||
|
if _, err := std.UnlockChallenge(CheckMap[tunnel_version][MatrixClt], v); err != nil {
|
||||||
|
log.Printf("Unable to register challenge for %s: %s\n", std.Login, err.Error())
|
||||||
|
}
|
||||||
|
} else {
|
||||||
|
std.RegisterChallengeError(CheckMap[tunnel_version][MatrixClt], err)
|
||||||
|
if verbose {
|
||||||
|
log.Printf("%s and Matrix client: %s\n", std.Login, err)
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
@ -626,11 +708,11 @@ func studentsChecker() {
|
|||||||
if verbose {
|
if verbose {
|
||||||
log.Printf("%s just unlocked DNSSEC challenge\n", std.Login)
|
log.Printf("%s just unlocked DNSSEC challenge\n", std.Login)
|
||||||
}
|
}
|
||||||
if _, err := std.UnlockChallenge(100*(tunnel_version-1)+7, ""); err != nil {
|
if _, err := std.UnlockChallenge(CheckMap[tunnel_version][DNSSEC], ""); err != nil {
|
||||||
log.Printf("Unable to register challenge for %s: %s\n", std.Login, err.Error())
|
log.Printf("Unable to register challenge for %s: %s\n", std.Login, err.Error())
|
||||||
}
|
}
|
||||||
} else {
|
} else {
|
||||||
std.RegisterChallengeError(100*(tunnel_version-1)+7, err)
|
std.RegisterChallengeError(CheckMap[tunnel_version][DNSSEC], err)
|
||||||
if verbose {
|
if verbose {
|
||||||
log.Printf("%s and DNSSEC: %s\n", std.Login, err)
|
log.Printf("%s and DNSSEC: %s\n", std.Login, err)
|
||||||
}
|
}
|
||||||
@ -638,7 +720,7 @@ func studentsChecker() {
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
} else {
|
} else {
|
||||||
if errreg := std.RegisterChallengeError(100*(tunnel_version-1)+3, err); errreg != nil {
|
if errreg := std.RegisterChallengeError(CheckMap[tunnel_version][DNSDelegation], err); errreg != nil {
|
||||||
log.Printf("Unable to register challenge error for %s: %s\n", std.Login, errreg)
|
log.Printf("Unable to register challenge error for %s: %s\n", std.Login, errreg)
|
||||||
}
|
}
|
||||||
if verbose {
|
if verbose {
|
||||||
@ -668,11 +750,11 @@ func studentsChecker() {
|
|||||||
if verbose {
|
if verbose {
|
||||||
log.Printf("%s just unlocked HTTP (without DNS) challenge\n", std.Login)
|
log.Printf("%s just unlocked HTTP (without DNS) challenge\n", std.Login)
|
||||||
}
|
}
|
||||||
if _, err := std.UnlockChallenge(100*(tunnel_version-1)+1, ""); err != nil {
|
if _, err := std.UnlockChallenge(CheckMap[tunnel_version][HTTPonAssociatedDomain], ""); err != nil {
|
||||||
log.Printf("Unable to register challenge for %s: %s\n", std.Login, err.Error())
|
log.Printf("Unable to register challenge for %s: %s\n", std.Login, err.Error())
|
||||||
}
|
}
|
||||||
} else {
|
} else {
|
||||||
std.RegisterChallengeError(100*(tunnel_version-1)+1, err)
|
std.RegisterChallengeError(CheckMap[tunnel_version][HTTPonAssociatedDomain], err)
|
||||||
if verbose {
|
if verbose {
|
||||||
log.Printf("%s and HTTP (without DNS): %s\n", std.Login, err)
|
log.Printf("%s and HTTP (without DNS): %s\n", std.Login, err)
|
||||||
}
|
}
|
||||||
@ -683,11 +765,11 @@ func studentsChecker() {
|
|||||||
if verbose {
|
if verbose {
|
||||||
log.Printf("%s just unlocked HTTPS challenge\n", std.Login)
|
log.Printf("%s just unlocked HTTPS challenge\n", std.Login)
|
||||||
}
|
}
|
||||||
if _, err := std.UnlockChallenge(100*(tunnel_version-1)+2, ""); err != nil {
|
if _, err := std.UnlockChallenge(CheckMap[tunnel_version][HTTPSonAssociatedDomain], ""); err != nil {
|
||||||
log.Printf("Unable to register challenge for %s: %s\n", std.Login, err.Error())
|
log.Printf("Unable to register challenge for %s: %s\n", std.Login, err.Error())
|
||||||
}
|
}
|
||||||
} else {
|
} else {
|
||||||
std.RegisterChallengeError(100*(tunnel_version-1)+2, err)
|
std.RegisterChallengeError(CheckMap[tunnel_version][HTTPSonAssociatedDomain], err)
|
||||||
if verbose {
|
if verbose {
|
||||||
log.Printf("%s and HTTPS (without DNS): %s\n", std.Login, err)
|
log.Printf("%s and HTTPS (without DNS): %s\n", std.Login, err)
|
||||||
}
|
}
|
||||||
|
|||||||
@ -9,7 +9,8 @@ const (
|
|||||||
DNSDelegation
|
DNSDelegation
|
||||||
HTTPonDelegatedDomain
|
HTTPonDelegatedDomain
|
||||||
HTTPSonDelegatedDomain
|
HTTPSonDelegatedDomain
|
||||||
Matrix
|
MatrixSrv
|
||||||
|
MatrixClt
|
||||||
SNI
|
SNI
|
||||||
DNSSEC
|
DNSSEC
|
||||||
PingResolver
|
PingResolver
|
||||||
@ -28,8 +29,9 @@ var CheckMap = map[int]map[AdlinTest]int{
|
|||||||
DNSDelegation: 103,
|
DNSDelegation: 103,
|
||||||
HTTPonDelegatedDomain: 104,
|
HTTPonDelegatedDomain: 104,
|
||||||
HTTPSonDelegatedDomain: 105,
|
HTTPSonDelegatedDomain: 105,
|
||||||
Matrix: 106,
|
MatrixSrv: 106,
|
||||||
DNSSEC: 107,
|
MatrixClt: 107,
|
||||||
|
DNSSEC: 108,
|
||||||
},
|
},
|
||||||
3: map[AdlinTest]int{
|
3: map[AdlinTest]int{
|
||||||
PingResolver: 200,
|
PingResolver: 200,
|
||||||
@ -37,11 +39,12 @@ var CheckMap = map[int]map[AdlinTest]int{
|
|||||||
DNSDelegation: 203,
|
DNSDelegation: 203,
|
||||||
HTTPonDelegatedDomain: 204,
|
HTTPonDelegatedDomain: 204,
|
||||||
HTTPSonDelegatedDomain: 205,
|
HTTPSonDelegatedDomain: 205,
|
||||||
Matrix: 206,
|
MatrixSrv: 206,
|
||||||
DHCPonRH: 208,
|
MatrixClt: 207,
|
||||||
DHCPonGuests: 211,
|
DHCPonRH: 209,
|
||||||
RHaccessNews: 209,
|
DHCPonGuests: 212,
|
||||||
RHaccessNet: 210,
|
RHaccessNews: 210,
|
||||||
GuestNet: 212,
|
RHaccessNet: 211,
|
||||||
|
GuestNet: 213,
|
||||||
},
|
},
|
||||||
}
|
}
|
||||||
|
|||||||
@ -19,8 +19,9 @@ var tuto_progress = [
|
|||||||
103: { title: "DNS Delegation", icon: "3", label: "DNS"},
|
103: { title: "DNS Delegation", icon: "3", label: "DNS"},
|
||||||
104: { title: "HTTP on delegated domain", icon: "4", label: "HTTP on NS"},
|
104: { title: "HTTP on delegated domain", icon: "4", label: "HTTP on NS"},
|
||||||
105: { title: "HTTPS on delegated domain", icon: "5", label: "HTTPS on NS"},
|
105: { title: "HTTPS on delegated domain", icon: "5", label: "HTTPS on NS"},
|
||||||
106: { title: "Matrix", icon: "6", label: "Matrix"},
|
106: { title: "Matrix Federation", icon: "6", label: "Matrix SRV"},
|
||||||
107: { title: "DNSSEC (bonus)", icon: "7", label: "DNSSEC"},
|
107: { title: "Matrix Client", icon: "7", label: "Matrix CLT"},
|
||||||
|
108: { title: "DNSSEC (bonus)", icon: "8", label: "DNSSEC"},
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
200: { title: "PONG resolver", icon: "0", label: "PONG srv"},
|
200: { title: "PONG resolver", icon: "0", label: "PONG srv"},
|
||||||
@ -28,9 +29,10 @@ var tuto_progress = [
|
|||||||
203: { title: "DNS Delegation", icon: "2", label: "DNS"},
|
203: { title: "DNS Delegation", icon: "2", label: "DNS"},
|
||||||
204: { title: "HTTP on delegated domain", icon: "3", label: "HTTP on NS"},
|
204: { title: "HTTP on delegated domain", icon: "3", label: "HTTP on NS"},
|
||||||
205: { title: "HTTPS on delegated domain", icon: "4", label: "HTTPS on NS"},
|
205: { title: "HTTPS on delegated domain", icon: "4", label: "HTTPS on NS"},
|
||||||
206: { title: "Matrix", icon: "5", label: "Matrix"},
|
206: { title: "Matrix Federation", icon: "5", label: "Matrix SRV"},
|
||||||
208: { title: "RH access net", icon: "6", label: "RH net"},
|
207: { title: "Matrix Client", icon: "6", label: "Matrix CLT"},
|
||||||
209: { title: "DG access net", icon: "7", label: "DG net"},
|
209: { title: "RH access net", icon: "7", label: "RH net"},
|
||||||
210: { title: "CM access net", icon: "8", label: "CM net"},
|
210: { title: "DG access net", icon: "8", label: "DG net"},
|
||||||
|
211: { title: "CM access net", icon: "9", label: "CM net"},
|
||||||
},
|
},
|
||||||
];
|
];
|
||||||
|
|||||||
Reference in New Issue
Block a user