pax_global_header00006660000000000000000000000064145423456520014524gustar00rootroot0000000000000052 comment=99be1dbbb41d5607162f532a647ddffb1460e8e5 xmpp-dns-v0.3.10/000077500000000000000000000000001454234565200135415ustar00rootroot00000000000000xmpp-dns-v0.3.10/.gitlab-ci.yml000066400000000000000000000067571454234565200162140ustar00rootroot00000000000000# To contribute improvements to CI/CD templates, please follow the Development guide at: # https://docs.gitlab.com/ee/development/cicd/templates.html # This specific template is located at: # https://gitlab.com/gitlab-org/gitlab/-/blob/master/lib/gitlab/ci/templates/Go.gitlab-ci.yml image: golang:latest variables: # Please edit to your GitLab project REPO_NAME: salsa.debian.org/mdosch/xmpp-dns # The problem is that to be able to use go get, one needs to put # the repository in the $GOPATH. So for example if your gitlab domain # is gitlab.com, and that your repository is namespace/project, and # the default GOPATH being /go, then you'd need to have your # repository in /go/src/gitlab.com/namespace/project # Thus, making a symbolic link corrects this. before_script: - mkdir -p $GOPATH/src/$(dirname $REPO_NAME) - ln -svf $CI_PROJECT_DIR $GOPATH/src/$REPO_NAME - cd $GOPATH/src/$REPO_NAME stages: - test - build - release format: stage: test script: - go fmt $(go list ./... | grep -v /vendor/) - go vet $(go list ./... | grep -v /vendor/) - go test -race $(go list ./... | grep -v /vendor/) compile: stage: build only: - tags script: - echo "${CI_JOB_ID}" > CI_JOB_ID.txt - env GOOS=linux GOARCH=amd64 go build -buildmode=pie -ldflags "-s -w -extldflags '-static'" -o $CI_PROJECT_DIR/linux-amd64/xmpp-dns - env GOOS=linux GOARCH=arm64 go build -buildmode=pie -ldflags "-s -w -extldflags '-static'" -o $CI_PROJECT_DIR/linux-arm64/xmpp-dns - env GOOS=linux GOARCH=386 go build -ldflags "-s -w -extldflags '-static'" -o $CI_PROJECT_DIR/linux-386/xmpp-dns - env GOOS=linux GOARCH=arm go build -ldflags "-s -w -extldflags '-static'" -o $CI_PROJECT_DIR/linux-arm/xmpp-dns - env GOOS=windows GOARCH=386 go build -buildmode=pie -ldflags "-s -w -extldflags '-static'" -o $CI_PROJECT_DIR/win386/xmpp-dns.exe - env GOOS=windows GOARCH=amd64 go build -buildmode=pie -ldflags "-s -w -extldflags '-static'" -o $CI_PROJECT_DIR/win64/xmpp-dns.exe artifacts: paths: - linux-amd64/xmpp-dns - linux-arm64/xmpp-dns - linux-386/xmpp-dns - linux-arm/xmpp-dns - win386/xmpp-dns.exe - win64/xmpp-dns.exe - CI_JOB_ID.txt release: stage: release image: registry.gitlab.com/gitlab-org/release-cli:latest only: - tags script: - | release-cli create --name "Release $CI_COMMIT_TAG" --tag-name $CI_COMMIT_TAG --description="`head -n $(expr "$(grep -nm2 "^## " CHANGELOG.md|awk '(NR>1) {print $1}'|cut -f1 -d:) - 2"|bc) CHANGELOG.md`" \ --assets-link "{\"name\":\"Linux amd64\",\"url\":\"https://salsa.debian.org/mdosch/xmpp-dns/-/jobs/`cat CI_JOB_ID.txt`/artifacts/file/linux-amd64/xmpp-dns\"}" \ --assets-link "{\"name\":\"Linux arm64\",\"url\":\"https://salsa.debian.org/mdosch/xmpp-dns/-/jobs/`cat CI_JOB_ID.txt`/artifacts/file/linux-arm64/xmpp-dns\"}" \ --assets-link "{\"name\":\"Linux 386\",\"url\":\"https://salsa.debian.org/mdosch/xmpp-dns/-/jobs/`cat CI_JOB_ID.txt`/artifacts/file/linux-386/xmpp-dns\"}" \ --assets-link "{\"name\":\"Linux arm\",\"url\":\"https://salsa.debian.org/mdosch/xmpp-dns/-/jobs/`cat CI_JOB_ID.txt`/artifacts/file/linux-arm/xmpp-dns\"}" \ --assets-link "{\"name\":\"Windows 386\",\"url\":\"https://salsa.debian.org/mdosch/xmpp-dns/-/jobs/`cat CI_JOB_ID.txt`/artifacts/file/win386/xmpp-dns.exe\"}" \ --assets-link "{\"name\":\"Windows amd64\",\"url\":\"https://salsa.debian.org/mdosch/xmpp-dns/-/jobs/`cat CI_JOB_ID.txt`/artifacts/file/win64/xmpp-dns.exe\"}" xmpp-dns-v0.3.10/CHANGELOG.md000066400000000000000000000037111454234565200153540ustar00rootroot00000000000000# Changelog ## [0.3.10] 2023-12-25 ### Changed - Fix stream initialization bug with StartTLS (thanks moparisthebest). - Further improve StartTLS stream initialization. - Improve error messages when server closes connection. ## [0.3.9] 2023-11-09 ### Changed - Also apply timeout when server doesn't reply to StartTLS initialisation. ## [0.3.8] 2023-08-22 ### Changed - Don't look up IPs and don't try to connect if the SRV records target is ".". ## [0.3.7] 2023-08-15 ### Added - Show reason for denied s2s due to policy-violation. ### Changed - Apply timeout to TLS handshake as well instead of only for the tcp connection. ## [0.3.6] 2023-03-27 ### Changed - Remove `println()` added for debugging. ## [0.3.5] 2023-03-27 ### Changed - Don't use CNAME of xmpp server domain for SRV lookups (via xmppsrv 0.2.5). ## [0.3.4] ### Changed - Fix namespace for xmpps-client stream opening (`jabber:client` instead of `jabber:server`). - Add `from` attribute for server-to-server connection test. ## [0.3.3] ### Changed - Fix wrong timeout parsing on some systems. ## [0.3.2] ### Changed - Fix detection of XMPP support when using direct TLS and ALPN. ## [0.3.1] ### Changed - Print error details if SRV lookup fails. - Print error details if IP lookup fails. - Respect CNAME records. - Detect CNAME loops (max. 5 CNAMEs) (via xmppsrv >= 0.2.4) ## [0.3.0] ### Added - Possibility to specify the DNS resolver. - DoT support ### Changed - [golint] Coding style improvements. ## [0.2.4] ### Added - Provide manpages. ## Changed - Don't sort SRV records with the same priority by weight (via xmppsrv >= 0.1.1) ## [0.2.3] ### Added - Make connection timeout configurable. ## [0.2.2] ### Added - Possibility to test fallback ports if no SRV records are provided. ### Changed - Disable colored output in windows. ## [0.2.1] ### Changed - Change tlsConfig.NextProtos instead of appending. ## [0.2.0] ### Added - Support for xmpps-server SRV records ## [0.1.0] ### Added - Initial release xmpp-dns-v0.3.10/LICENSE000066400000000000000000000024441454234565200145520ustar00rootroot00000000000000BSD 2-Clause License Copyright (c) Martin Dosch All rights reserved. Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: 1. Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer. 2. Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution. THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. xmpp-dns-v0.3.10/README.md000066400000000000000000000043371454234565200150270ustar00rootroot00000000000000# xmpp-dns A CLI tool to check XMPP SRV records. ## installation ### repositories including xmpp-dns [![Packaging status](https://repology.org/badge/vertical-allrepos/xmpp-dns.svg)](https://repology.org/project/xmpp-dns/versions) ### manual installation #### Go < 1.16 Current development version: ``` go get -u salsa.debian.org/mdosch/xmpp-dns ``` #### Go >= 1.16 Latest release: ``` go install salsa.debian.org/mdosch/xmpp-dns@latest ``` Current development version: ``` go install salsa.debian.org/mdosch/xmpp-dns@master ``` The binary will be in your `$GOBIN` (usually `~/go/bin/`). ### binaries There are some (automatically built and untested) binaries linked to the [release](https://salsa.debian.org/mdosch/xmpp-dns/-/releases). ## usage ``` Usage: xmpp-dns [-46cfstv] [--dot] [--help] [--no-color] [--resolver value] [--timeout value] [--tls-version value] [--version] [parameters ...] -4 Resolve IPv4. -6 Resolve IPv6. -c, --client Show client SRV records. --dot Use DoT. -f, --fallback Check fallback (Standard ports on A/AAAA records) if no SRV records are provided. --help Show help. --no-color Don't colorize output. --resolver=value Custom resolver e.g. "1.1.1.1" for common DNS or "5.1.66.255#dot.ffmuc.net" for usage with "--dot". -s, --server Show server SRV records. -t Test connection and certificates. --timeout=value Connection timeout in seconds. [60] --tls-version=value Minimal TLS version. 10 (TSLv1.0), 11 (TLSv1.1), 12 (TLSv1.2) or 13 (TLSv1.3). [12] -v Resolve IPs. --version Show version information. ``` ## screenshot [![xmpp-dns screenshot](https://salsa.debian.org/mdosch/xmpp-dns/-/raw/master/img/screenshot.png)](https://salsa.debian.org/mdosch/xmpp-dns/-/raw/master/img/screenshot.png) ### shell completion #### zsh There are no shell completions yet (contributions welcome) but for zsh it is possible to autom atically create completions from `--help` which might work *good enough*. Just place the following in your `~/.zshrc` or `~/.zshrc.local`: ``` bash compdef _gnu_generic xmpp-dns ``` xmpp-dns-v0.3.10/go.mod000066400000000000000000000002131454234565200146430ustar00rootroot00000000000000module salsa.debian.org/mdosch/xmpp-dns go 1.15 require ( github.com/pborman/getopt/v2 v2.1.0 salsa.debian.org/mdosch/xmppsrv v0.2.5 ) xmpp-dns-v0.3.10/go.sum000066400000000000000000000005441454234565200146770ustar00rootroot00000000000000github.com/pborman/getopt/v2 v2.1.0 h1:eNfR+r+dWLdWmV8g5OlpyrTYHkhVNxHBdN2cCrJmOEA= github.com/pborman/getopt/v2 v2.1.0/go.mod h1:4NtW75ny4eBw9fO1bhtNdYTlZKYX5/tBLtsOpwKIKd0= salsa.debian.org/mdosch/xmppsrv v0.2.5 h1:ACPk8EhmCAUMl59TnGe5kvvwSnW065CJrhN7uvt25xY= salsa.debian.org/mdosch/xmppsrv v0.2.5/go.mod h1:udWXnWFa9zkcyN9YSB/u44BCnnRDpeQ0eDy3MVLjHZQ= xmpp-dns-v0.3.10/img/000077500000000000000000000000001454234565200143155ustar00rootroot00000000000000xmpp-dns-v0.3.10/img/screenshot.png000066400000000000000000000102741454234565200172040ustar00rootroot00000000000000PNG  IHDRL,^bKGDqIDATxMuryV$0𤧽 2zADR><~ 32"ssNԤ\Ds䝥;OLs^.^u_gxe]|;yaz~_~9ݷ^億QH*Rqk=NWHnvx؂Gf\uHg1=WD7?Rhr*~/ zQyޜX؄W]n;_W-_: -\j[j^?vr6= cq:-b˼X5|rkT}a qsM@fr5` ;lqJm{mUoTm?!'$U2.R.[7^ }CUn/ŔoAG9UpnP5+iqYĴ'i8'v{͐sPiJPv~oL5x-x~crݻMdgT)Hp&u gP?Y]O<(U~>_{|{q1gBg_;@^O\$xLlj"ڔ2lrsC8w}ДWhiX?1b}֟toWG~ɵ穮~ZFF W I a"a"a.Oiu;.7N,*OŁ0Y>K!nEM>G(>#|og#u>y"*YWũgay#6EZrO0ܟIl+W#([p__T͠8sPn|fdd9Rzf= /\Q2Z$֫nzߛkQiLϫ, G.l[E{~fD7p;˄1 Ҵ+~8{VQn%ǝu0]OrowIU5_׭F(˭+Fs+pgF)֣W&^q*_-O;^W3ڪVȭS1_ng`]ݛf1.}]z to@]pEO n͈{l$@   Dn|y3+kMvY /[D?my:4I]yr&ޏq/FǙ\[>Rn;pDSSkdwL뉹t(wn'sXGL3Nv./aL继;:jMw*EOkyuh,w'pA|po~nDs]&qoq0]aĴr׵-c!Nd4ԶDȃgzBwo{ӽ9zM+w?$P a"a"a|0םk]=ӧwzn!yrE `qu) x϶:lN)|a=g=go <]?hӫ#J!aďmǛ gN"vgyEpMnx;I\Ja.U3yYָm^WU :?D![g.um|jhgUȽ9}14lzEF=lQ(tW. 1_rtT.WY)9B 081; 0y9[[(`ٓ7;FnzyHgUA @7` a"a"a"a"a"aquFw3U[E^&N>po nodN !7qRpLqԍY2Ḱtr:>)gSkzN= MUUsqrӓNsUs4x+6It-0% J cD3\I೐{ѥ ckm.n|Z3BE>HL,3>ix#{T000000qWO!>e]jOt{󇷃"JMRw9X>:>PtHyn q:2_ 3ߡ`l|F\xwiI]#Ewz!Eϭѐ0B[#,'yzF` a"a"a"a"a"aR1^\߅qF4s#w{gםg;I6+:R#FKW;>z㼌]t^#%+P\d vv F{ѠAhM 0Ye>vJ #$'.t`>Jw׏LKFgS$gxpxJF` a"a"a"a"a"aq/4\\ONӫ+wBܭzCf0݉z, bgsd U vpk4Ib0j;뵏^iۥ&R T+-j=Nl^W[k@j*Lw3BUu0T4at3Rq:I0E8g;u> ϊSW{I?w!řLr\`=*HHHHHHdG{]AB0%?~3'84zT.]}K5zI$!-&+o7IIf6j7ZnNٌ?)7ӻsOnkJع-c7/4UUMMO;_4Գ?zǝkJzeG/[bmM{..1.H 1W ੮$uYNzv1z丶w7>-΁.wb?8 [>?(Ǚϳ~p#{T000000mmG\/Emq$$*{U^{N \[ɥF,;f| .Fu>~H/o8q2n;3_*̗&#e?~&}+-εtͭWtT ~FjZ#-Aoް!lvT&ӛ'\#]fz"%ByˁyndzeDX(KkCbNqt8˕43'9O;m*~$z<ի3 Ev4t<>N_^O].>YiĽ6/Z<~tP(wtqrZ^rGO.Wd?p1_ZL\Ǻ{g5|&#PA MRVn$j(\I  MR7M~@w0~K{jR.9G] ctވ0{6O/r60jVwߡR<9T FrCf1=őoםuz{*9U^$ `8GjS 5B|ٯj=|$皀zճ MIP5+iц3^8qz4]Ro&Ol noD<,;Bg;ZXyZܣ%3BYb waG.kmD|to^!xwV+:c=*HHrM1h4Wvj9{7$ B$ B$ B$ B$ B$ B$ B$ B$ B$ Bw?! SIENDB`xmpp-dns-v0.3.10/main.go000066400000000000000000000342601454234565200150210ustar00rootroot00000000000000// Copyright Martin Dosch. // Use of this source code is governed by the BSD-2-clause // license that can be found in the LICENSE file. package main import ( "context" "crypto/tls" "encoding/xml" "fmt" "log" "net" "os" "runtime" "strings" "time" "github.com/pborman/getopt/v2" // BSD-3-Clause "salsa.debian.org/mdosch/xmppsrv" // BSD-2-Clause ) const ( version = "0.3.10" ) // Created with https://github.com/miku/zek type StreamError struct { XMLName xml.Name `xml:"stream"` Text string `xml:",chardata"` Version string `xml:"version,attr"` Stream string `xml:"stream,attr"` Db string `xml:"db,attr"` Lang string `xml:"lang,attr"` From string `xml:"from,attr"` Xmlns string `xml:"xmlns,attr"` ID string `xml:"id,attr"` To string `xml:"to,attr"` Error struct { Chardata string `xml:",chardata"` PolicyViolation struct { Text string `xml:",chardata"` Xmlns string `xml:"xmlns,attr"` } `xml:"policy-violation"` Text struct { Text string `xml:",chardata"` Xmlns string `xml:"xmlns,attr"` } `xml:"text"` } `xml:"error"` } var ( // statusOK will print [OK] in green color. statusOK = "[\033[32mOK\033[00m]" // statusNOK will print [Not OK] in red color. statusNOK = "[\033[31mNot OK\033[00m]" ) func main() { // Define command line flags. flagHelp := getopt.BoolLong("help", 0, "Show help.") flagClient := getopt.BoolLong("client", 'c', "Show client SRV records.") flagServer := getopt.BoolLong("server", 's', "Show server SRV records.") flagVerbose := getopt.Bool('v', "Resolve IPs.") flagV4 := getopt.Bool('4', "Resolve IPv4.") flagV6 := getopt.Bool('6', "Resolve IPv6.") flagTest := getopt.Bool('t', "Test connection and certificates.") flagNoColor := getopt.BoolLong("no-color", 0, "Don't colorize output.") flagTLSVersion := getopt.IntLong("tls-version", 0, 12, "Minimal TLS version. 10 (TSLv1.0), 11 (TLSv1.1), 12 (TLSv1.2) or 13 (TLSv1.3).") flagVersion := getopt.BoolLong("version", 0, "Show version information.") flagFallback := getopt.BoolLong("fallback", 'f', "Check fallback (Standard ports on A/AAAA records)"+ " if no SRV records are provided.") flagTimeout := getopt.IntLong("timeout", 0, 60, "Connection timeout in seconds.") flagResolver := getopt.StringLong("resolver", 0, "", "Custom resolver e.g. \"1.1.1.1\" for common DNS"+ " or \"5.1.66.255#dot.ffmuc.net\" for usage with \"--dot\".") flagDoT := getopt.BoolLong("dot", 0, "Use DNSoverTLS (DoT), see also \"--resolver\".") // Parse command line flags. getopt.Parse() // If requested, show help and quit. if *flagHelp { getopt.Usage() os.Exit(0) } // If requested, show version and quit. if *flagVersion { fmt.Println("xmpp-dns", version) fmt.Println("License: BSD-2-clause") os.Exit(0) } if *flagNoColor || runtime.GOOS == "windows" { statusOK = "[OK]" statusNOK = "[Not OK]" } // If connection test is required we'll also show IPs. if *flagTest && !*flagVerbose { *flagVerbose = true } // If verbose output (showing IPs) is requested but neither IPv4 nor Ipv6 // is specified we'll show both. if *flagVerbose && !*flagV4 && !*flagV6 { *flagV4 = true *flagV6 = true } // If either IPv4 or IPv6 is specified but the verbose flag // is not set, we'll just set it. if !*flagVerbose && (*flagV4 || *flagV6) { *flagVerbose = true } // If DoT is enabled a resolver must be set. if *flagDoT && *flagResolver == "" { log.Fatal("A resolver must be specified for DoT.") } // Read server from command line. server := getopt.Args() switch count := len(server); { case count == 0: log.Fatal("Please specify a server.") case count > 1: log.Fatal("Please specify only one server.") } // Configure DNS resolver c := xmppsrv.Config{ Resolver: *flagResolver, DoT: *flagDoT, } // Timeout timeout := time.Duration(*flagTimeout) * time.Second // Set TLS config var tlsConfig tls.Config tlsConfig.ServerName = server[0] tlsConfig.InsecureSkipVerify = false switch *flagTLSVersion { case 10: tlsConfig.MinVersion = tls.VersionTLS10 case 11: tlsConfig.MinVersion = tls.VersionTLS11 case 12: tlsConfig.MinVersion = tls.VersionTLS12 case 13: tlsConfig.MinVersion = tls.VersionTLS13 default: fmt.Println("Unknown TLS version.") os.Exit(0) } // If neither client or server are chosen we default to showing both. if !*flagClient && !*flagServer { *flagClient = true *flagServer = true } if *flagClient { clientRecords, err := c.LookupClient(server[0]) if err != nil && len(clientRecords) == 0 { fmt.Println(err) if *flagFallback && *flagTest { fmt.Println("Trying fallback ports.") fmt.Println() clientRecords = []xmppsrv.SRV{ { Type: "xmpp-client", Target: server[0], Port: 5222, }, { Type: "xmpps-client", Target: server[0], Port: 5223, }, { Type: "xmpps-client", Target: server[0], Port: 443, }, } } } checkRecord(clientRecords, *flagVerbose, *flagV4, *flagV6, *flagTest, &tlsConfig, timeout) } if *flagServer { if *flagClient { fmt.Println() } serverRecords, err := c.LookupServer(server[0]) if err != nil && len(serverRecords) == 0 { fmt.Println(err) if *flagFallback && *flagTest { fmt.Println("Trying fallback ports.") fmt.Println() serverRecords = []xmppsrv.SRV{ { Type: "xmpp-server", Target: server[0], Port: 5269, }, { Type: "xmpps-server", Target: server[0], Port: 5270, }, } } } checkRecord(serverRecords, *flagVerbose, *flagV4, *flagV6, *flagTest, &tlsConfig, timeout) } } func checkRecord(records []xmppsrv.SRV, verbose bool, ipv4 bool, ipv6 bool, test bool, tlsConfig *tls.Config, timeout time.Duration, ) { for count, record := range records { if count > 0 { fmt.Println() } printRecord(record) if verbose && record.Target != "." { printIP(record, ipv4, ipv6, test, tlsConfig, timeout) } } } func printRecord(record xmppsrv.SRV) { fmt.Println(record.Type, record.Target, record.Port) fmt.Print("Priority: ", record.Priority) fmt.Println(" Weight:", record.Weight) } func printIP(record xmppsrv.SRV, ipv4 bool, ipv6 bool, test bool, tlsConfig *tls.Config, timeout time.Duration, ) { addresses, err := net.LookupIP(record.Target) switch { case err != nil: fmt.Println("No IP addresses found for", record.Target, err) case len(addresses) == 0: fmt.Println("No IP addresses found for", record.Target) default: var c net.Conn addresses = removeDuplicates(addresses) for _, address := range addresses { transport := "unset" if (address.To4() != nil) && ipv4 { transport = "tcp4" fmt.Println("IP:", address.To4()) } if (address.To4() == nil) && ipv6 { transport = "tcp6" fmt.Println("IP:", address.To16()) } if test && transport != "unset" { server := net.JoinHostPort(fmt.Sprint(address), fmt.Sprint(record.Port)) c, err = connectionTest(server, transport, timeout) if err == nil { switch record.Type { case "xmpp-client": startTLS("client", c, tlsConfig, timeout) c.Close() case "xmpps-client": tlsConfig.NextProtos = []string{"xmpp-client"} directTLS("client", c, tlsConfig, timeout) c.Close() case "xmpp-server": startTLS("server", c, tlsConfig, timeout) c.Close() case "xmpps-server": tlsConfig.NextProtos = []string{"xmpp-server"} directTLS("server", c, tlsConfig, timeout) c.Close() default: c.Close() } } } } } } func connectionTest(server string, transport string, timeout time.Duration) (net.Conn, error) { c, err := net.DialTimeout(transport, server, timeout) if err != nil { fmt.Println("Connection:", statusNOK) fmt.Println(err) return c, err } fmt.Println("Connection:", statusOK) return c, err } func startTLS(recordType string, c net.Conn, tlsConfig *tls.Config, timeout time.Duration) { // Created with https://github.com/miku/zek type Proceed struct { XMLName xml.Name `xml:"proceed"` Text string `xml:",chardata"` Xmlns string `xml:"xmlns,attr"` } // Created with https://github.com/miku/zek type Failure struct { XMLName xml.Name `xml:"failure"` Text string `xml:",chardata"` Xmlns string `xml:"xmlns,attr"` } var ( serverProceed Proceed serverFailure Failure serverStreamError StreamError ) var from string if recordType == "server" { from = " from='xmpp-dns.mdosch.de'" } else { from = "" } startStream := "" _, err := c.Write([]byte(startStream)) if err != nil { fmt.Println("StartTLS:", statusNOK) fmt.Println(err) return } var buf []byte bufChan := make(chan []byte) ctx, cancel := context.WithCancel(context.Background()) defer cancel() go func() { buf := make([]byte, 4096) _, err = c.Read(buf) if err != nil { select { case <-ctx.Done(): return default: fmt.Println("StartTLS:", statusNOK) if err.Error() == "EOF" { // TODO: Properly check for all possible server errors // instead of only checking for "policy-violation". err = xml.Unmarshal(buf, &serverStreamError) if err == nil { fmt.Println("Server sent policy-violation:", serverStreamError.Error.Text.Text) } else { fmt.Println("Server closed connection.") } } else { fmt.Println(err) } } } else { bufChan <- buf } }() select { case buf = <-bufChan: case <-time.After(timeout): } if buf == nil { fmt.Println("StartTLS:", statusNOK) fmt.Println("Timeout while waiting for server reply.") cancel() return } _ = xml.Unmarshal(buf, &serverFailure) if serverFailure.XMLName.Local == "failure" { fmt.Println("StartTLS:", statusNOK) fmt.Println("Server sent failure.") return } _, err = c.Write([]byte("")) if err != nil { fmt.Println("StartTLS:", statusNOK) fmt.Println(err) return } for !(serverProceed.XMLName.Local == "proceed" && serverProceed.Xmlns == "urn:ietf:params:xml:ns:xmpp-tls") { _, err = c.Read(buf) if err != nil { fmt.Println("StartTLS:", statusNOK) if err.Error() == "EOF" { err = xml.Unmarshal(buf, &serverStreamError) if err == nil { fmt.Println("Server sent policy-violation:", serverStreamError.Error.Text.Text) } else { fmt.Println("Server closed connection.") } } else { fmt.Println(err) } return } _ = xml.Unmarshal(buf, &serverProceed) _ = xml.Unmarshal(buf, &serverFailure) if serverFailure.XMLName.Local == "failure" { fmt.Println("StartTLS:", statusNOK) fmt.Println("Server sent failure.") return } } d := tls.Client(c, tlsConfig) ctx2, cancel2 := context.WithTimeout(context.Background(), timeout) defer cancel2() err = d.HandshakeContext(ctx2) if err != nil { switch err.Error() { case "EOF": fmt.Println("StartTLS:", statusNOK) fmt.Println("Server closed connection during handshake.") case "context deadline exceeded": fmt.Println("StartTLS:", statusNOK) fmt.Println("Timeout during handshake.") default: fmt.Println("STartTLS:", statusNOK) fmt.Println(err) } } else { fmt.Println("StartTLS:", statusOK) checkCertExpiry(d) d.Close() } } func directTLS(recordType string, conn net.Conn, tlsConfig *tls.Config, timeout time.Duration) { var serverStreamError StreamError c := tls.Client(conn, tlsConfig) ctx := context.Background() ctx, cancel := context.WithTimeout(ctx, timeout) defer cancel() err := c.HandshakeContext(ctx) if err != nil { switch err.Error() { case "EOF": fmt.Println("TLS:", statusNOK) fmt.Println("Server closed connection during handshake.") case "context deadline exceeded": fmt.Println("TLS:", statusNOK) fmt.Println("Timeout during handshake.") default: fmt.Println("TLS:", statusNOK) fmt.Println(err) } } else { var from string if recordType == "server" { from = " from='xmpp-dns.mdosch.de'" } else { from = "" } startStream := "" _, err := c.Write([]byte(startStream)) if err != nil { fmt.Println("TLS:", statusNOK) fmt.Println(err) return } buf := make([]byte, 4096) ctx3, cancel3 := context.WithCancel(context.Background()) defer cancel3() go func() { for { _, err = c.Read(buf) if err != nil { fmt.Println("TLS:", statusNOK) if err.Error() == "EOF" { err = xml.Unmarshal(buf, &serverStreamError) if err == nil { fmt.Println("Server sent policy-violation:", serverStreamError.Error.Text.Text) } else { fmt.Println("Server closed connection.") } } else { fmt.Println(err) } cancel3() break } if strings.Contains(strings.ToLower(string(buf[:])), " xmpp-dns(1) - A CLI tool to check XMPP SRV records.
  1. xmpp-dns(1)
  3. xmpp-dns(1)

NAME

xmpp-dns - A CLI tool to check XMPP SRV records.

SYNOPSIS

xmpp-dns [-46cfstv] [--help] [--no-color] [--timeout value] [--tls-version value] [--version] [parameters ...]

DESCRIPTION

A little CLI tool to check SRV records for XMPP. Beside showing the records it can also try to connect to the server and also test StartTLS and direct TLS.

OPTIONS

-4
Resolve IPv4.
-6
Resolve IPv6.
-c, --client
Show client SRV records.
--dot
Use DoT, see also --resolver.
-f, --fallback
Check fallback (Standard ports on A/AAAA records) if no SRV records are provided.
--help
Show help.
--no-color
Don't colorize output.
--resolver
Custom resolver e.g. "1.1.1.1" for common DNS or "5.1.66.255#dot.ffmuc.net" for usage with "--dot".
-s, --server
Show server SRV records.
-t
Test connection and certificates.
--timeout=[value]
Connection timeout in seconds. Default: 60.
--tls-version=[value]
Minimal TLS version. 10 (TSLv1.0), 11 (TLSv1.1), 12 (TLSv1.2) or 13 (TLSv1.3). Default: 12.
-v
Resolve IPs.
--version
Show version information.

SHELL COMPLETION

ZSH

There are no shell completions yet (contributions welcome) but for zsh it is possible to automatically create completions from --help which might work good enough.

Just place the following in your ~/.zshrc or ~/.zshrc.local:

compdef _gnu_generic xmpp-dns

CHAT

There is no dedicated chat for xmpp-dns, but feel free to join https://join.jabber.network/#go-sendxmpp@chat.mdosch.de?join.

AUTHOR

Written by Martin Dosch.

REPORTING BUGS

Report bugs at https://salsa.debian.org/mdosch/xmpp-dns/issues.

Copyright (c) Martin Dosch License: BSD-2-clause License

  2. May 2023
  3. xmpp-dns(1)
xmpp-dns-v0.3.10/man/xmpp-dns.1.ronn000066400000000000000000000035341454234565200171240ustar00rootroot00000000000000xmpp-dns(1) -- A CLI tool to check XMPP SRV records. ==== ## SYNOPSIS `xmpp-dns` [-46cfstv] [--help] [--no-color] [--timeout value] [--tls-version value] [--version] [parameters ...] ## DESCRIPTION A little CLI tool to check SRV records for XMPP. Beside showing the records it can also try to connect to the server and also test StartTLS and direct TLS. ## OPTIONS * `-4`: Resolve IPv4. * `-6`: Resolve IPv6. * `-c`, `--client`: Show client SRV records. * `--dot`: Use DoT, see also `--resolver`. * `-f`, `--fallback`: Check fallback (Standard ports on A/AAAA records) if no SRV records are provided. * `--help`: Show help. * `--no-color`: Don't colorize output. * `--resolver`: Custom resolver e.g. "1.1.1.1" for common DNS or "5.1.66.255#dot.ffmuc.net" for usage with "--dot". * `-s`, `--server`: Show server SRV records. * `-t`: Test connection and certificates. * `--timeout`=[]: Connection timeout in seconds. Default: 60. * `--tls-version`=[]: Minimal TLS version. 10 (TSLv1.0), 11 (TLSv1.1), 12 (TLSv1.2) or 13 (TLSv1.3). Default: 12. * `-v`: Resolve IPs. * `--version`: Show version information. ## SHELL COMPLETION ### ZSH There are no shell completions yet (contributions welcome) but for zsh it is possible to automatically create completions from `--help` which might work good enough. Just place the following in your `~/.zshrc` or `~/.zshrc.local`: ``` compdef _gnu_generic xmpp-dns ``` ## CHAT There is no dedicated chat for `xmpp-dns`, but feel free to join [https://join.jabber.network/#go-sendxmpp@chat.mdosch.de?join](https://join.jabber.network/#go-sendxmpp@chat.mdosch.de?join). ## AUTHOR Written by Martin Dosch. ## REPORTING BUGS Report bugs at [https://salsa.debian.org/mdosch/xmpp-dns/issues](https://salsa.debian.org/mdosch/xmpp-dns/issues). ## COPYRIGHT Copyright (c) Martin Dosch License: BSD-2-clause License