diff --git a/go.mod b/go.mod index 2032c36..582e641 100644 --- a/go.mod +++ b/go.mod @@ -5,13 +5,14 @@ go 1.15 require ( github.com/cespare/xxhash/v2 v2.2.0 // indirect github.com/matrix-org/gomatrix v0.0.0-20220926102614-ceba4d9f7530 // indirect - github.com/matrix-org/gomatrixserverlib v0.0.0-20230131183213-122f1e0e3fa1 + github.com/matrix-org/gomatrixserverlib v0.0.0-20230819231112-2812403ba8ee github.com/matrix-org/util v0.0.0-20221111132719-399730281e66 // indirect github.com/pkg/errors v0.9.1 github.com/prometheus/client_golang v1.14.0 github.com/prometheus/common v0.41.0 // indirect github.com/prometheus/procfs v0.9.0 // indirect - github.com/tidwall/gjson v1.14.4 // indirect + github.com/sirupsen/logrus v1.9.3 // indirect + github.com/tidwall/gjson v1.16.0 // indirect github.com/tidwall/pretty v1.2.1 // indirect - golang.org/x/crypto v0.6.0 // indirect + golang.org/x/crypto v0.12.0 // indirect ) diff --git a/go.sum b/go.sum index b5ca185..eebc0ba 100644 --- a/go.sum +++ b/go.sum @@ -165,8 +165,8 @@ github.com/kr/text v0.2.0/go.mod h1:eLer722TekiGuMkidMxC/pM04lWEeraHUUmBw8l2grE= github.com/matrix-org/gomatrix v0.0.0-20210324163249-be2af5ef2e16/go.mod h1:/gBX06Kw0exX1HrwmoBibFA98yBk/jxKpGVeyQbff+s= github.com/matrix-org/gomatrix v0.0.0-20220926102614-ceba4d9f7530 h1:kHKxCOLcHH8r4Fzarl4+Y3K5hjothkVW5z7T1dUM11U= github.com/matrix-org/gomatrix v0.0.0-20220926102614-ceba4d9f7530/go.mod h1:/gBX06Kw0exX1HrwmoBibFA98yBk/jxKpGVeyQbff+s= -github.com/matrix-org/gomatrixserverlib v0.0.0-20230131183213-122f1e0e3fa1 h1:JSw0nmjMrgBmoM2aQsa78LTpI5BnuD9+vOiEQ4Qo0qw= -github.com/matrix-org/gomatrixserverlib v0.0.0-20230131183213-122f1e0e3fa1/go.mod h1:Mtifyr8q8htcBeugvlDnkBcNUy5LO8OzUoplAf1+mb4= +github.com/matrix-org/gomatrixserverlib v0.0.0-20230819231112-2812403ba8ee h1:oXPFQuA0EuiOQ6yXYF7PDR99tY40j6OkmGGK8krJ0EI= +github.com/matrix-org/gomatrixserverlib v0.0.0-20230819231112-2812403ba8ee/go.mod h1:H9V9N3Uqn1bBJqYJNGK1noqtgJTaCEhtTdcH/mp50uU= github.com/matrix-org/util v0.0.0-20200807132607-55161520e1d4/go.mod h1:vVQlW/emklohkZnOPwD3LrZUBqdfsbiyO3p1lNV8F6U= github.com/matrix-org/util v0.0.0-20221111132719-399730281e66 h1:6z4KxomXSIGWqhHcfzExgkH3Z3UkIXry4ibJS4Aqz2Y= github.com/matrix-org/util v0.0.0-20221111132719-399730281e66/go.mod h1:iBI1foelCqA09JJgPV0FYz4qA5dUXYOxMi57FxKBdd4= @@ -224,8 +224,9 @@ github.com/rogpeppe/go-internal v1.6.1/go.mod h1:xXDCJY+GAPziupqXw64V24skbSoqbTE github.com/sirupsen/logrus v1.2.0/go.mod h1:LxeOpSwHxABJmUn/MG1IvRgCAasNZTLOkJPxbbu5VWo= github.com/sirupsen/logrus v1.4.2/go.mod h1:tLMulIdttU9McNUspp0xgXVQah82FyeX6MwdIuYE2rE= github.com/sirupsen/logrus v1.6.0/go.mod h1:7uNnSEd1DgxDLC74fIahvMZmmYsHGZGEOFrfsX/uA88= -github.com/sirupsen/logrus v1.9.0 h1:trlNQbNUG3OdDrDil03MCb1H2o9nJ1x4/5LYw7byDE0= github.com/sirupsen/logrus v1.9.0/go.mod h1:naHLuLoDiP4jHNo9R0sCBMtWGeIprob74mVsIT4qYEQ= +github.com/sirupsen/logrus v1.9.3 h1:dueUQJ1C2q9oE3F7wvmSGAaVtTmUizReu6fjN8uqzbQ= +github.com/sirupsen/logrus v1.9.3/go.mod h1:naHLuLoDiP4jHNo9R0sCBMtWGeIprob74mVsIT4qYEQ= github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= github.com/stretchr/objx v0.1.1/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= github.com/stretchr/objx v0.4.0/go.mod h1:YvHI0jy2hoMjB+UWwv71VJQ9isScKT/TqJzVSSt89Yw= @@ -238,8 +239,8 @@ github.com/stretchr/testify v1.8.0 h1:pSgiaMZlXftHpm5L7V1+rVB+AZJydKsMxsQBIJw4PK github.com/stretchr/testify v1.8.0/go.mod h1:yNjHg4UonilssWZ8iaSj1OCr/vHnekPRkoO+kdMU+MU= github.com/tidwall/gjson v1.14.2/go.mod h1:/wbyibRr2FHMks5tjHJ5F8dMZh3AcwJEMf5vlfC0lxk= github.com/tidwall/gjson v1.14.3/go.mod h1:/wbyibRr2FHMks5tjHJ5F8dMZh3AcwJEMf5vlfC0lxk= -github.com/tidwall/gjson v1.14.4 h1:uo0p8EbA09J7RQaflQ1aBRffTR7xedD2bcIVSYxLnkM= -github.com/tidwall/gjson v1.14.4/go.mod h1:/wbyibRr2FHMks5tjHJ5F8dMZh3AcwJEMf5vlfC0lxk= +github.com/tidwall/gjson v1.16.0 h1:SyXa+dsSPpUlcwEDuKuEBJEz5vzTvOea+9rjyYodQFg= +github.com/tidwall/gjson v1.16.0/go.mod h1:/wbyibRr2FHMks5tjHJ5F8dMZh3AcwJEMf5vlfC0lxk= github.com/tidwall/match v1.1.1 h1:+Ho715JplO36QYgwN9PGYNhgZvoUSc9X2c80KVTi+GA= github.com/tidwall/match v1.1.1/go.mod h1:eRSPERbgtNPcGhD8UCthc6PmLEQXEWd3PRB5JTxsfmM= github.com/tidwall/pretty v1.2.0/go.mod h1:ITEVvHYasfjBbM0u2Pg8T2nJnzm8xPwvNhhsoaGGjNU= @@ -267,8 +268,8 @@ golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550/go.mod h1:yigFU9vqHzYiE8U golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto= golang.org/x/crypto v0.0.0-20210921155107-089bfa567519/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc= golang.org/x/crypto v0.0.0-20220919173607-35f4265a4bc0/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4= -golang.org/x/crypto v0.6.0 h1:qfktjS5LUO+fFKeJXZ+ikTRijMmljikvG68fpMMruSc= -golang.org/x/crypto v0.6.0/go.mod h1:OFC/31mSvZgRz0V1QTNCzfAI1aIRzbiufJtkMIlEp58= +golang.org/x/crypto v0.12.0 h1:tFM/ta59kqch6LlvYnPa0yx5a83cL2nHflFhYKvv9Yk= +golang.org/x/crypto v0.12.0/go.mod h1:NF0Gs7EO5K4qLn+Ylc+fih8BSTeIjAP05siRnAh98yw= golang.org/x/exp v0.0.0-20190121172915-509febef88a4/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= golang.org/x/exp v0.0.0-20190306152737-a1d7652674e8/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= golang.org/x/exp v0.0.0-20190510132918-efd6b22b2522/go.mod h1:ZjyILWgesfNpC6sMxTJOJm9Kp84zZh5NQWvqDGG3Qr8= @@ -300,8 +301,9 @@ golang.org/x/mod v0.1.1-0.20191107180719-034126e5016b/go.mod h1:QqPTAvyqsEbceGzB golang.org/x/mod v0.2.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= golang.org/x/mod v0.3.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= golang.org/x/mod v0.4.2/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= -golang.org/x/mod v0.6.0-dev.0.20220419223038-86c51ed26bb4 h1:6zppjxzCulZykYSLyVDYbneBfbaBIQPYMevg0bEwv2s= golang.org/x/mod v0.6.0-dev.0.20220419223038-86c51ed26bb4/go.mod h1:jJ57K6gSWd91VN4djpZkiMVwK6gcyfeH4XE8wZrZaV4= +golang.org/x/mod v0.8.0 h1:LUYupSeNrTNCGzR/hVBk2NHZO4hXcVaW1k4Qx7rjPx8= +golang.org/x/mod v0.8.0/go.mod h1:iBbtSCu2XBx23ZKBPSOrRkjjQPZFPuis4dIYUhu/chs= golang.org/x/net v0.0.0-20180724234803-3673e40ba225/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= golang.org/x/net v0.0.0-20180826012351-8a410e7b638d/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= golang.org/x/net v0.0.0-20181114220301-adae6a3d119a/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= @@ -338,10 +340,10 @@ golang.org/x/net v0.0.0-20211112202133-69e39bad7dc2/go.mod h1:9nx3DQGgdP8bBQD5qx golang.org/x/net v0.0.0-20220127200216-cd36cc0744dd/go.mod h1:CfG3xpIq0wQ8r1q4Su4UZFWDARRcnwPjda9FqA0JpMk= golang.org/x/net v0.0.0-20220225172249-27dd8689420f/go.mod h1:CfG3xpIq0wQ8r1q4Su4UZFWDARRcnwPjda9FqA0JpMk= golang.org/x/net v0.0.0-20220722155237-a158d28d115b/go.mod h1:XRhObCWvk6IyKnWLug+ECip1KBveYUHfp+8e9klMJ9c= -golang.org/x/net v0.0.0-20220919232410-f2f64ebce3c1/go.mod h1:YDH+HFinaLZZlnHAfSS6ZXJJ9M9t4Dl22yv3iI2vPwk= golang.org/x/net v0.6.0/go.mod h1:2Tu9+aMcznHK/AK1HMvgo6xiTLG5rD5rZLDS+rp2Bjs= -golang.org/x/net v0.7.0 h1:rJrUqqhjsgNp7KqAIc25s9pZnjU7TUcSY7HcVZjdn1g= golang.org/x/net v0.7.0/go.mod h1:2Tu9+aMcznHK/AK1HMvgo6xiTLG5rD5rZLDS+rp2Bjs= +golang.org/x/net v0.10.0 h1:X2//UzNDwYmtCLn7To6G58Wr6f5ahEAQgKNzv9Y951M= +golang.org/x/net v0.10.0/go.mod h1:0qNGK6F8kojg2nk9dLZ2mShWaEBan6FAoqfSigmmuDg= golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U= golang.org/x/oauth2 v0.0.0-20190226205417-e64efc72b421/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= golang.org/x/oauth2 v0.0.0-20190604053449-0f29369cfe45/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= @@ -409,14 +411,16 @@ golang.org/x/sys v0.0.0-20220114195835-da31bd327af9/go.mod h1:oPkhp1MJrh7nUepCBc golang.org/x/sys v0.0.0-20220520151302-bc2c85ada10a/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20220715151400-c0bba94af5f8/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20220722155257-8c9f86f7a55f/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.0.0-20220728004956-3c1f35247d10/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.0.0-20220919091848-fb04ddd9f9c8/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.3.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.5.0 h1:MUK/U/4lj1t1oPg0HfuXDN/Z1wv31ZJ/YcPiGccS4DU= golang.org/x/sys v0.5.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.8.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.11.0 h1:eG7RXZHdqOJ1i+0lgLgCpSXAp6M3LYlAo6osgSi0xOM= +golang.org/x/sys v0.11.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo= golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8= golang.org/x/term v0.5.0/go.mod h1:jMB1sMXY+tzblOD4FWmEbocvup2/aLOaQEp7JmGp78k= +golang.org/x/term v0.8.0/go.mod h1:xPskH00ivmX89bAKVGSKKtLOWNx2+17Eiy94tnKShWo= +golang.org/x/term v0.11.0/go.mod h1:zC9APTIj3jG3FdV/Ons+XE1riIZXG4aZ4GTHiPZJPIU= golang.org/x/text v0.0.0-20170915032832-14c0d48ead0c/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= golang.org/x/text v0.3.1-0.20180807135948-17ff2d5776d2/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= @@ -425,6 +429,8 @@ golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= golang.org/x/text v0.3.6/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= golang.org/x/text v0.3.7/go.mod h1:u+2+/6zg+i71rQMx5EYifcz6MCKuco9NR6JIITiCfzQ= golang.org/x/text v0.7.0/go.mod h1:mrYo+phRRbMaCq/xk9113O4dZlRixOauAjOtrjsXDZ8= +golang.org/x/text v0.9.0/go.mod h1:e1OnstbJyHTd6l/uOt8jFFHp6TRDWZR/bV3emEE/zU8= +golang.org/x/text v0.12.0/go.mod h1:TvPlkZtksWOMsz7fbANvkp4WM8x/WCo/om8BMLbz+aE= golang.org/x/time v0.0.0-20181108054448-85acf8d2951c/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= golang.org/x/time v0.0.0-20190308202827-9d24e82272b4/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= golang.org/x/time v0.0.0-20191024005414-555d28b269f0/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= @@ -469,8 +475,9 @@ golang.org/x/tools v0.0.0-20200729194436-6467de6f59a7/go.mod h1:njjCfa9FT2d7l9Bc golang.org/x/tools v0.0.0-20200804011535-6c149bb5ef0d/go.mod h1:njjCfa9FT2d7l9Bc6FUM5FLjQPp3cFF28FI3qnDFljA= golang.org/x/tools v0.0.0-20200825202427-b303f430e36d/go.mod h1:njjCfa9FT2d7l9Bc6FUM5FLjQPp3cFF28FI3qnDFljA= golang.org/x/tools v0.1.6-0.20210726203631-07bc1bf47fb2/go.mod h1:o0xws9oXOQQZyjljx8fwUC0k7L1pTE6eaCbjGeHmOkk= -golang.org/x/tools v0.1.12 h1:VveCTK38A2rkS8ZqFY25HIDFscX5X9OoEhJd3quQmXU= golang.org/x/tools v0.1.12/go.mod h1:hNGJHUnrk76NpqgfD5Aqm5Crs+Hm0VOH/i9J2+nxYbc= +golang.org/x/tools v0.6.0 h1:BOw41kyTf3PuCW1pVQf8+Cyg8pMlkYB1oo9iJ6D/lKM= +golang.org/x/tools v0.6.0/go.mod h1:Xwgl3UAJ/d3gWutnCtw505GrjyAbvKui8lOU390QaIU= golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= diff --git a/main.go b/main.go index 2262ea8..3e2b2b4 100644 --- a/main.go +++ b/main.go @@ -18,6 +18,8 @@ import ( "time" "github.com/matrix-org/gomatrixserverlib" + "github.com/matrix-org/gomatrixserverlib/fclient" + "github.com/matrix-org/gomatrixserverlib/spec" "github.com/matrix-org/matrix-federation-tester/promutils" @@ -66,7 +68,7 @@ func handleCommon(w http.ResponseWriter, req *http.Request, rt ResponseType) { handleRequestError(w, "Unsupported method") return } - serverName := gomatrixserverlib.ServerName(req.URL.Query().Get("server_name")) + serverName := spec.ServerName(req.URL.Query().Get("server_name")) if len(serverName) == 0 { w.WriteHeader(400) handleRequestError(w, "Missing server_name parameter") @@ -199,8 +201,8 @@ type VersionReport struct { // A WellKnownReport is the combination of data from a matrix server's // .well-known file, as well as any errors reported during the lookup. type WellKnownReport struct { - ServerAddress gomatrixserverlib.ServerName `json:"m.server"` - Result string `json:"result,omitempty"` + ServerAddress spec.ServerName `json:"m.server"` + Result string `json:"result,omitempty"` CacheExpiresAt int64 } @@ -228,13 +230,13 @@ type Info struct{} // A ConnectionReport is information about a connection made to a matrix server. type ConnectionReport struct { - Certificates []X509CertSummary // Summary information for each x509 certificate served up by this server. - Cipher CipherSummary // Summary information on the TLS cipher used by this server. - Checks ConnectionChecks // Checks applied to the server and their results. - Errors []error // String slice describing any problems encountered during testing. - Ed25519VerifyKeys map[gomatrixserverlib.KeyID]gomatrixserverlib.Base64Bytes // The Verify keys for this server or nil if the checks were not ok. - Info Info // Checks that are not necessary to pass, rather simply informative. - Keys *json.RawMessage // The server key JSON returned by this server. + Certificates []X509CertSummary // Summary information for each x509 certificate served up by this server. + Cipher CipherSummary // Summary information on the TLS cipher used by this server. + Checks ConnectionChecks // Checks applied to the server and their results. + Errors []error // String slice describing any problems encountered during testing. + Ed25519VerifyKeys map[gomatrixserverlib.KeyID]spec.Base64Bytes // The Verify keys for this server or nil if the checks were not ok. + Info Info // Checks that are not necessary to pass, rather simply informative. + Keys *json.RawMessage // The server key JSON returned by this server. } // ConnectionChecks represents the result of the checks done on a connection @@ -253,16 +255,16 @@ type CipherSummary struct { // A X509CertSummary is a summary of the information in a X509 certificate. type X509CertSummary struct { - SubjectCommonName string // The common name of the subject. - IssuerCommonName string // The common name of the issuer. - SHA256Fingerprint gomatrixserverlib.Base64Bytes // The SHA256 fingerprint of the certificate. - DNSNames []string // The DNS names this certificate is valid for. + SubjectCommonName string // The common name of the subject. + IssuerCommonName string // The common name of the issuer. + SHA256Fingerprint spec.Base64Bytes // The SHA256 fingerprint of the certificate. + DNSNames []string // The DNS names this certificate is valid for. } // Report creates a ServerReport for a matrix server. func Report( ctx context.Context, - serverName gomatrixserverlib.ServerName, + serverName spec.ServerName, ) (report ServerReport, err error) { // Map of network address to report. report.ConnectionReports = make(map[string]ConnectionReport) @@ -279,7 +281,7 @@ func Report( serverHost := serverName // Validate the server name, and retrieve domain name to send as SNI to server - sni, _, valid := gomatrixserverlib.ParseAndValidateServerName(serverHost) + sni, _, valid := spec.ParseAndValidateServerName(serverHost) if !valid { report.Error = fmt.Sprintf("Invalid server name '%s'", serverHost) report.FederationOK = false @@ -287,15 +289,15 @@ func Report( } // Check for .well-known - var wellKnownResult *gomatrixserverlib.WellKnownResult - if wellKnownResult, err = gomatrixserverlib.LookupWellKnown(ctx, serverName); err == nil { + var wellKnownResult *fclient.WellKnownResult + if wellKnownResult, err = fclient.LookupWellKnown(ctx, serverName); err == nil { // Use well-known as new host serverHost = wellKnownResult.NewAddress report.WellKnownResult.ServerAddress = wellKnownResult.NewAddress report.WellKnownResult.CacheExpiresAt = wellKnownResult.CacheExpiresAt // need to revalidate the server name and update the SNI - sni, _, valid = gomatrixserverlib.ParseAndValidateServerName(serverHost) + sni, _, valid = spec.ParseAndValidateServerName(serverHost) if !valid { report.Error = fmt.Sprintf("Invalid server name '%s' in .well-known result", serverHost) report.FederationOK = false @@ -306,8 +308,8 @@ func Report( } // Lookup server version - client := gomatrixserverlib.NewClient( - gomatrixserverlib.WithWellKnownSRVLookups(true), + client := fclient.NewClient( + fclient.WithWellKnownSRVLookups(true), ) version, err := client.GetVersion(ctx, serverName) if err == nil { @@ -335,7 +337,7 @@ func Report( // Iterate through each address and run checks in parallel for _, addr := range report.DNSResult.Addrs { wg.Add(1) - go func(report *ServerReport, serverHost, serverName gomatrixserverlib.ServerName, addr, sni string) { + go func(report *ServerReport, serverHost, serverName spec.ServerName, addr, sni string) { defer wg.Done() if connReport, connErr := connCheck( @@ -360,7 +362,7 @@ func Report( } // lookupServer looks up a matrix server in DNS. -func lookupServer(serverName gomatrixserverlib.ServerName) (*DNSResult, error) { // nolint: gocyclo +func lookupServer(serverName spec.ServerName) (*DNSResult, error) { // nolint: gocyclo var result DNSResult result.Hosts = map[string]HostResult{} @@ -368,23 +370,51 @@ func lookupServer(serverName gomatrixserverlib.ServerName) (*DNSResult, error) { if !strings.Contains(string(serverName), ":") { // If there isn't an explicit port set then try to look up the SRV record. var err error - result.SRVCName, result.SRVRecords, err = net.LookupSRV("matrix", "tcp", string(serverName)) + // Try Matrix 1.8 records first + result.SRVCName, result.SRVRecords, err = net.LookupSRV("matrix-fed", "tcp", string(serverName)) result.SRVError = err + // Append the deprecated ones too + cname, records, err2 := net.LookupSRV("matrix", "tcp", string(serverName)) + if result.SRVCName == "" { + result.SRVCName = cname + } + if records != nil { + result.SRVRecords = append(result.SRVRecords, records...) + } + + // We should have already encountered errors we care about, but overwrite anyways if needed + if err2 != nil { + result.SRVError = err2 + } + missingFedSrv := false if err != nil { if dnserr, ok := err.(*net.DNSError); ok { - // If the error is a network timeout talking to the DNS server - // then give up now rather than trying to fallback. - if dnserr.Timeout() { - return nil, err + // If the error is because the record is not found, proceed to deprecated SRV fallback. + if dnserr.IsNotFound { + missingFedSrv = true + } else if dnserr.Timeout() { // give up early if the error is a timeout + return nil, dnserr } } - // If there isn't a SRV record in DNS then fallback to "serverName:8448". - hosts[string(serverName)] = []net.SRV{{ - Target: string(serverName), - Port: 8448, - }} - } else { + } + addedFallback := false + if err2 != nil { + if dnserr, ok := err2.(*net.DNSError); ok { + // If the error is because the record is not found, proceed to 8448 fallback. + if dnserr.IsNotFound && missingFedSrv { + hosts[string(serverName)] = []net.SRV{{ + Target: string(serverName), + Port: 8448, + }} + addedFallback = true + } else if dnserr.Timeout() { // give up early if the error is a timeout + return nil, dnserr + } + } + } + + if !addedFallback { // Group the SRV records by target host. for _, record := range result.SRVRecords { // Check whether the target is a CNAME record. @@ -463,7 +493,7 @@ func lookupServer(serverName gomatrixserverlib.ServerName) (*DNSResult, error) { // Returns an error if the keys for the server couldn't be fetched. func connCheck( ctx context.Context, - addr string, serverHost, serverName gomatrixserverlib.ServerName, sni string, + addr string, serverHost, serverName spec.ServerName, sni string, ) (*ConnectionReport, error) { keys, connState, err := fetchKeysDirect(ctx, serverHost, addr, sni) if err != nil { @@ -483,7 +513,7 @@ func connCheck( intermediateCerts.AddCert(cert) } - valid, err := gomatrixserverlib.IsValidCertificate(serverHost, leafCert, intermediateCerts) + valid, err := isValidCertificate(serverHost, leafCert, intermediateCerts) if err != nil { connReport.Errors = append(connReport.Errors, asReportError(err)) } @@ -524,7 +554,7 @@ func connCheck( // them. func fetchKeysDirect( ctx context.Context, - serverName gomatrixserverlib.ServerName, addr, sni string, + serverName spec.ServerName, addr, sni string, ) (*gomatrixserverlib.ServerKeys, *tls.ConnectionState, error) { cli := http.Client{ Timeout: fetchKeysTimeout, @@ -598,6 +628,25 @@ func (report *ServerReport) touchUpReport() { } } +// isValidCertificate is sourced from an old version of gomatrixserverlib +func isValidCertificate(serverName spec.ServerName, c *x509.Certificate, intermediates *x509.CertPool) (valid bool, err error) { + host, _, isValid := spec.ParseAndValidateServerName(serverName) + if !isValid { + err = fmt.Errorf("%q is not a valid serverName", serverName) + return false, err + } + + // Check certificate chain validity + verificationOpts := x509.VerifyOptions{ + // Certificate.Verify appears to handle IP addresses optionally surrounded by square brackets. + DNSName: host, + Intermediates: intermediates, + } + roots, err := c.Verify(verificationOpts) + + return len(roots) > 0, err +} + // enumToString converts a uint16 enum into a human readable string using a fixed mapping. // If no mapping can be found then return a "UNKNOWN[0x%x]" string with the raw enum. func enumToString(names map[uint16]string, value uint16) string {