Add new check: HTTPS-SNI

Add new available domains
2022-03-08 13:16:32 +01:00 · 2022-03-08 13:16:32 +01:00
4 changed files with 37 additions and 9 deletions
--- a/checker/checker.go
+++ b/checker/checker.go
@ -619,6 +619,9 @@ func studentChecker(std *adlin.Student, also_check_matrix bool) {
 				glueErr = err
 			}
 			snicheck1 := false
 			snicheck1_tested := false
 			// Check DNS
 			if addr, err := check_dns(std.MyDelegatedDomain(), dnsIP); err == nil {
 				if addr == nil {
@ -658,6 +661,8 @@ func studentChecker(std *adlin.Student, also_check_matrix bool) {
 					if glueErr != nil {
 						std.RegisterChallengeError(CheckMap[tunnel_version][HTTPSonDelegatedDomain], fmt.Errorf("Unable to perform the test due to GLUE problem: %w", glueErr))
 					} else if err := check_https(std.MyDelegatedDomain(), addr.String()); err == nil {
 						snicheck1 = true
 						snicheck1_tested = true
 						if verbose {
 							log.Printf("%s just unlocked HTTPS challenge\n", std.Login)
 						}
@ -665,6 +670,7 @@ func studentChecker(std *adlin.Student, also_check_matrix bool) {
 							log.Printf("Unable to register challenge for %s: %s\n", std.Login, err.Error())
 						}
 					} else {
 						snicheck1_tested = true
 						std.RegisterChallengeError(CheckMap[tunnel_version][HTTPSonDelegatedDomain], err)
 						if verbose {
 							log.Printf("%s and HTTPS (with DNS ip=%s): %s\n", std.Login, addr.String(), err)
@ -770,6 +776,16 @@ func studentChecker(std *adlin.Student, also_check_matrix bool) {
 					if _, err := std.UnlockChallenge(CheckMap[tunnel_version][HTTPSonAssociatedDomain], ""); err != nil {
 						log.Printf("Unable to register challenge for %s: %s\n", std.Login, err.Error())
 					}
 					// SNI check: validate if this check + HTTPS on delegation is validated
 					if snicheck1 {
 						if verbose {
 							log.Printf("%s just unlocked HTTPS-SNI challenge\n", std.Login)
 						}
 						if _, err := std.UnlockChallenge(CheckMap[tunnel_version][HTTPSSNI], ""); err != nil {
 							log.Printf("Unable to register challenge for %s: %s\n", std.Login, err.Error())
 						}
 					}
 				} else {
 					std.RegisterChallengeError(CheckMap[tunnel_version][HTTPSonAssociatedDomain], err)
 					if verbose {
@ -778,6 +794,13 @@ func studentChecker(std *adlin.Student, also_check_matrix bool) {
 				}
 			}
 			if snicheck1_tested && !snicheck1 {
 				std.RegisterChallengeError(CheckMap[tunnel_version][HTTPSSNI], fmt.Errorf("associated and delegated domain are not accessible through HTTPS at the same time, see errors for thoses checks"))
 				if verbose {
 					log.Printf("%s and HTTPS-SNI: %s\n", std.Login, "associated and delegated domains not accessible at the same time through HTTPS")
 				}
 			}
 			return
 		})
 	}
--- a/checker/checks.go
+++ b/checker/checks.go
@ -9,6 +9,7 @@ const (
 	DNSDelegation
 	HTTPonDelegatedDomain
 	HTTPSonDelegatedDomain
 	HTTPSSNI
 	MatrixSrv
 	MatrixClt
 	SNI
@ -29,9 +30,10 @@ var CheckMap = map[int]map[AdlinTest]int{
 		DNSDelegation:           103,
 		HTTPonDelegatedDomain:   104,
 		HTTPSonDelegatedDomain:  105,
-		MatrixSrv:               106,
+		HTTPSSNI:                106,
-		MatrixClt:               107,
+		MatrixSrv:               107,
-		DNSSEC:                  108,
+		MatrixClt:               108,
 		DNSSEC:                  109,
 	},
 	3: map[AdlinTest]int{
 		PingResolver:           200,
--- a/libadlin/domain.go
+++ b/libadlin/domain.go
@ -6,8 +6,8 @@ import (
 )
 var (
-	AssociatedDomainSuffixes = []string{"adlin2023.p0m.fr."}
+	AssociatedDomainSuffixes = []string{"adlin2023.driivve.com.", "adlin2023.driivve.co.", "adlin2023.driivee.cloud.", "adlin2023.p0m.fr."}
-	DelegatedDomainSuffixes  = []string{"srs.p0m.fr."}
+	DelegatedDomainSuffixes  = []string{"srs.driivve.com.", "srs.driivve.co.", "srs.driivee.cloud.", "srs.p0m.fr."}
 )
 func (student *Student) MyDelegatedDomainSuffix() string {
--- a/token-validator/htdocs/js/adlin-common.js
+++ b/token-validator/htdocs/js/adlin-common.js
@ -1,4 +1,6 @@
-var tuto_progress = [
+const dn_without_dnssec = ["driivve.com.", "driivee.cloud."];
 const tuto_progress = [
    {
        1: { title: "Is alive?", icon: "👋", label: "Token 1"},
        2: { title: "DMZ reached", icon: "📚", label: "Token 2"},
@ -19,9 +21,10 @@ var tuto_progress = [
        103: { title: "DNS Delegation", icon: "3", label: "DNS"},
        104: { title: "HTTP on delegated domain", icon: "4", label: "HTTP on NS"},
        105: { title: "HTTPS on delegated domain", icon: "5", label: "HTTPS on NS"},
-        106: { title: "Matrix Federation", icon: "6", label: "Matrix SRV"},
+        106: { title: "HTTPS-SNI", icon: "6", label: "HTTPS-SNI"},
-        107: { title: "Matrix Client", icon: "7", label: "Matrix CLT"},
+        107: { title: "Matrix Federation", icon: "7", label: "Matrix SRV"},
-        108: { title: "DNSSEC (bonus)", icon: "8", label: "DNSSEC"},
+        108: { title: "Matrix Client", icon: "8", label: "Matrix CLT"},
        109: { title: "DNSSEC (bonus)", icon: "9", label: "DNSSEC"},
    },
    {
        200: { title: "PONG resolver", icon: "0", label: "PONG srv"},
Author	SHA1	Message	Date
Pierre-Olivier Mercier	3967a4e279	Add new check: HTTPS-SNI All checks were successful continuous-integration/drone/push Build is passing Details	2022-03-08 13:16:32 +01:00
Pierre-Olivier Mercier	4d25665835	Add new available domains	2022-03-08 13:16:32 +01:00