Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package xmpp-dns for openSUSE:Factory checked in at 2023-08-17 19:44:41 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/xmpp-dns (Old) and /work/SRC/openSUSE:Factory/.xmpp-dns.new.1766 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "xmpp-dns" Thu Aug 17 19:44:41 2023 rev:7 rq:1104315 version:0.3.7 Changes: -------- --- /work/SRC/openSUSE:Factory/xmpp-dns/xmpp-dns.changes 2023-03-28 17:50:55.311425466 +0200 +++ /work/SRC/openSUSE:Factory/.xmpp-dns.new.1766/xmpp-dns.changes 2023-08-17 19:44:57.398947736 +0200 @@ -1,0 +2,8 @@ +Thu Aug 17 07:25:34 UTC 2023 - Michael Vetter <[email protected]> + +- Update to 0.3.7: + * Show reason for denied s2s due to policy-violation. + * Apply timeout to TLS handshake as well instead of only for the + tcp connection. + +------------------------------------------------------------------- Old: ---- xmpp-dns-0.3.6.tar.gz New: ---- xmpp-dns-0.3.7.tar.gz ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ xmpp-dns.spec ++++++ --- /var/tmp/diff_new_pack.NHLE0C/_old 2023-08-17 19:44:58.390949591 +0200 +++ /var/tmp/diff_new_pack.NHLE0C/_new 2023-08-17 19:44:58.394949599 +0200 @@ -17,7 +17,7 @@ Name: xmpp-dns -Version: 0.3.6 +Version: 0.3.7 Release: 0 Summary: A CLI tool to check XMPP SRV records License: BSD-2-Clause ++++++ _service ++++++ --- /var/tmp/diff_new_pack.NHLE0C/_old 2023-08-17 19:44:58.442949688 +0200 +++ /var/tmp/diff_new_pack.NHLE0C/_new 2023-08-17 19:44:58.450949704 +0200 @@ -3,7 +3,7 @@ <param name="url">https://salsa.debian.org/mdosch/xmpp-dns.git</param> <param name="scm">git</param> <param name="exclude">.git</param> - <param name="revision">v0.3.6</param> + <param name="revision">v0.3.7</param> <param name="versionformat">@PARENT_TAG@</param> <param name="changesgenerate">disable</param> <param name="versionrewrite-pattern">v(.*)</param> ++++++ vendor.tar.gz ++++++ ++++++ xmpp-dns-0.3.6.tar.gz -> xmpp-dns-0.3.7.tar.gz ++++++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/xmpp-dns-0.3.6/CHANGELOG.md new/xmpp-dns-0.3.7/CHANGELOG.md --- old/xmpp-dns-0.3.6/CHANGELOG.md 2023-03-27 20:12:24.000000000 +0200 +++ new/xmpp-dns-0.3.7/CHANGELOG.md 2023-08-15 19:05:51.000000000 +0200 @@ -1,12 +1,19 @@ # Changelog +## [0.3.7] +### Added +- Show reason for denied s2s due to policy-violation. + +### Changed +- Apply timeout to TLS handshake as well instead of only for the tcp connection. + ## [0.3.6] 2023-03-27 ### Changed - Remove `println()` added for debugging. ## [0.3.5] 2023-03-27 ### Changed -- Don't use CNAME of xmpp server domain for SRV lookups (via xmppsrv UNRELEASED). +- Don't use CNAME of xmpp server domain for SRV lookups (via xmppsrv 0.2.5). ## [0.3.4] ### Changed diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/xmpp-dns-0.3.6/LICENSE new/xmpp-dns-0.3.7/LICENSE --- old/xmpp-dns-0.3.6/LICENSE 2023-03-27 20:12:24.000000000 +0200 +++ new/xmpp-dns-0.3.7/LICENSE 2023-08-15 19:05:51.000000000 +0200 @@ -1,6 +1,6 @@ BSD 2-Clause License -Copyright (c) 2021, Martin Dosch +Copyright (c) Martin Dosch All rights reserved. Redistribution and use in source and binary forms, with or without diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/xmpp-dns-0.3.6/go.sum new/xmpp-dns-0.3.7/go.sum --- old/xmpp-dns-0.3.6/go.sum 2023-03-27 20:12:24.000000000 +0200 +++ new/xmpp-dns-0.3.7/go.sum 2023-08-15 19:05:51.000000000 +0200 @@ -1,8 +1,4 @@ github.com/pborman/getopt/v2 v2.1.0 h1:eNfR+r+dWLdWmV8g5OlpyrTYHkhVNxHBdN2cCrJmOEA= github.com/pborman/getopt/v2 v2.1.0/go.mod h1:4NtW75ny4eBw9fO1bhtNdYTlZKYX5/tBLtsOpwKIKd0= -salsa.debian.org/mdosch/xmppsrv v0.2.4 h1:ZroUkfml+kxgO+BFocVoVvYqJgk03D9oT1alXoFIyE4= -salsa.debian.org/mdosch/xmppsrv v0.2.4/go.mod h1:udWXnWFa9zkcyN9YSB/u44BCnnRDpeQ0eDy3MVLjHZQ= -salsa.debian.org/mdosch/xmppsrv v0.2.5-0.20230327161640-c09eb51c5bf4 h1:3B6LjDKiWkhe2ugYxNrKENAmbBq4X/PYPcdxAx8XaNM= -salsa.debian.org/mdosch/xmppsrv v0.2.5-0.20230327161640-c09eb51c5bf4/go.mod h1:udWXnWFa9zkcyN9YSB/u44BCnnRDpeQ0eDy3MVLjHZQ= salsa.debian.org/mdosch/xmppsrv v0.2.5 h1:ACPk8EhmCAUMl59TnGe5kvvwSnW065CJrhN7uvt25xY= salsa.debian.org/mdosch/xmppsrv v0.2.5/go.mod h1:udWXnWFa9zkcyN9YSB/u44BCnnRDpeQ0eDy3MVLjHZQ= diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/xmpp-dns-0.3.6/main.go new/xmpp-dns-0.3.7/main.go --- old/xmpp-dns-0.3.6/main.go 2023-03-27 20:12:24.000000000 +0200 +++ new/xmpp-dns-0.3.7/main.go 2023-08-15 19:05:51.000000000 +0200 @@ -1,10 +1,11 @@ -// Copyright 2021 Martin Dosch. +// Copyright Martin Dosch. // Use of this source code is governed by the BSD-2-clause // license that can be found in the LICENSE file. package main import ( + "context" "crypto/tls" "encoding/xml" "fmt" @@ -20,9 +21,34 @@ ) const ( - version = "0.3.6" + version = "0.3.7" ) +// Created with https://github.com/miku/zek +type StreamError struct { + XMLName xml.Name `xml:"stream"` + Text string `xml:",chardata"` + Version string `xml:"version,attr"` + Stream string `xml:"stream,attr"` + Db string `xml:"db,attr"` + Lang string `xml:"lang,attr"` + From string `xml:"from,attr"` + Xmlns string `xml:"xmlns,attr"` + ID string `xml:"id,attr"` + To string `xml:"to,attr"` + Error struct { + Chardata string `xml:",chardata"` + PolicyViolation struct { + Text string `xml:",chardata"` + Xmlns string `xml:"xmlns,attr"` + } `xml:"policy-violation"` + Text struct { + Text string `xml:",chardata"` + Xmlns string `xml:"xmlns,attr"` + } `xml:"text"` + } `xml:"error"` +} + var ( // statusOK will print [OK] in green color. statusOK = "[\033[32mOK\033[00m]" @@ -196,7 +222,8 @@ } func checkRecord(records []xmppsrv.SRV, verbose bool, ipv4 bool, ipv6 bool, test bool, - tlsConfig *tls.Config, timeout time.Duration) { + tlsConfig *tls.Config, timeout time.Duration, +) { for count, record := range records { if count > 0 { fmt.Println() @@ -215,7 +242,8 @@ } func printIP(record xmppsrv.SRV, ipv4 bool, ipv6 bool, test bool, - tlsConfig *tls.Config, timeout time.Duration) { + tlsConfig *tls.Config, timeout time.Duration, +) { addresses, err := net.LookupIP(record.Target) switch { case err != nil: @@ -242,18 +270,18 @@ if err == nil { switch record.Type { case "xmpp-client": - startTLS("client", c, tlsConfig) + startTLS("client", c, tlsConfig, timeout) c.Close() case "xmpps-client": tlsConfig.NextProtos = []string{"xmpp-client"} - directTLS("client", c, tlsConfig) + directTLS("client", c, tlsConfig, timeout) c.Close() case "xmpp-server": - startTLS("server", c, tlsConfig) + startTLS("server", c, tlsConfig, timeout) c.Close() case "xmpps-server": tlsConfig.NextProtos = []string{"xmpp-server"} - directTLS("server", c, tlsConfig) + directTLS("server", c, tlsConfig, timeout) c.Close() default: c.Close() @@ -275,7 +303,7 @@ return c, err } -func startTLS(recordType string, c net.Conn, tlsConfig *tls.Config) { +func startTLS(recordType string, c net.Conn, tlsConfig *tls.Config, timeout time.Duration) { // Created with https://github.com/miku/zek type Proceed struct { XMLName xml.Name `xml:"proceed"` @@ -289,8 +317,9 @@ Xmlns string `xml:"xmlns,attr"` } var ( - serverProceed Proceed - serverFailure Failure + serverProceed Proceed + serverFailure Failure + serverStreamError StreamError ) var from string if recordType == "server" { @@ -312,7 +341,15 @@ if err != nil { fmt.Println("StartTLS:", statusNOK) if err.Error() == "EOF" { - fmt.Println("Server sent EOF.") + // TODO: Properly check for all possible server errors + // instead of only checking for "policy-violation". + err = xml.Unmarshal(buf, &serverStreamError) + if err == nil { + fmt.Println("Server sent policy-violation:", + serverStreamError.Error.Text.Text) + } else { + fmt.Println("Server sent EOF.") + } } else { fmt.Println(err) } @@ -336,7 +373,13 @@ if err != nil { fmt.Println("StartTLS:", statusNOK) if err.Error() == "EOF" { - fmt.Println("Server sent EOF.") + err = xml.Unmarshal(buf, &serverStreamError) + if err == nil { + fmt.Println("Server sent policy-violation:", + serverStreamError.Error.Text.Text) + } else { + fmt.Println("Server sent EOF.") + } } else { fmt.Println(err) } @@ -351,13 +394,20 @@ } } d := tls.Client(c, tlsConfig) - err = d.Handshake() + ctx := context.Background() + ctx, cancel := context.WithTimeout(ctx, timeout) + defer cancel() + err = d.HandshakeContext(ctx) if err != nil { - if err.Error() == "EOF" { + switch err.Error() { + case "EOF": fmt.Println("StartTLS:", statusNOK) fmt.Println("Received EOF during handshake.") - } else { + case "context deadline exceeded": fmt.Println("StartTLS:", statusNOK) + fmt.Println("Timeout during handshake.") + default: + fmt.Println("STartTLS:", statusNOK) fmt.Println(err) } } else { @@ -367,14 +417,22 @@ } } -func directTLS(recordType string, conn net.Conn, tlsConfig *tls.Config) { +func directTLS(recordType string, conn net.Conn, tlsConfig *tls.Config, timeout time.Duration) { + var serverStreamError StreamError c := tls.Client(conn, tlsConfig) - err := c.Handshake() + ctx := context.Background() + ctx, cancel := context.WithTimeout(ctx, timeout) + defer cancel() + err := c.HandshakeContext(ctx) if err != nil { - if err.Error() == "EOF" { + switch err.Error() { + case "EOF": fmt.Println("TLS:", statusNOK) fmt.Println("Received EOF during handshake.") - } else { + case "context deadline exceeded": + fmt.Println("TLS:", statusNOK) + fmt.Println("Timeout during handshake.") + default: fmt.Println("TLS:", statusNOK) fmt.Println(err) } @@ -399,7 +457,13 @@ if err != nil { fmt.Println("TLS:", statusNOK) if err.Error() == "EOF" { - fmt.Println("Server sent EOF.") + err = xml.Unmarshal(buf, &serverStreamError) + if err == nil { + fmt.Println("Server sent policy-violation:", + serverStreamError.Error.Text.Text) + } else { + fmt.Println("Server sent EOF.") + } } else { fmt.Println(err) } diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/xmpp-dns-0.3.6/man/xmpp-dns.1 new/xmpp-dns-0.3.7/man/xmpp-dns.1 --- old/xmpp-dns-0.3.6/man/xmpp-dns.1 2023-03-27 20:12:24.000000000 +0200 +++ new/xmpp-dns-0.3.7/man/xmpp-dns.1 2023-08-15 19:05:51.000000000 +0200 @@ -1,6 +1,6 @@ .\" generated with Ronn-NG/v0.9.1 .\" http://github.com/apjanke/ronn-ng/tree/0.9.1 -.TH "XMPP\-DNS" "1" "March 2023" "" +.TH "XMPP\-DNS" "1" "May 2023" "" .SH "NAME" \fBxmpp\-dns\fR \- A CLI tool to check XMPP SRV records\. .SH "SYNOPSIS" @@ -64,4 +64,4 @@ .SH "REPORTING BUGS" Report bugs at \fIhttps://salsa\.debian\.org/mdosch/xmpp\-dns/issues\fR\. .SH "COPYRIGHT" -Copyright (c) 2021 Martin Dosch License: BSD\-2\-clause License +Copyright (c) Martin Dosch License: BSD\-2\-clause License diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/xmpp-dns-0.3.6/man/xmpp-dns.1.html new/xmpp-dns-0.3.7/man/xmpp-dns.1.html --- old/xmpp-dns-0.3.6/man/xmpp-dns.1.html 2023-03-27 20:12:24.000000000 +0200 +++ new/xmpp-dns-0.3.7/man/xmpp-dns.1.html 2023-08-15 19:05:51.000000000 +0200 @@ -156,12 +156,12 @@ <h2 id="COPYRIGHT">COPYRIGHT</h2> -<p>Copyright (c) 2021 Martin Dosch +<p>Copyright (c) Martin Dosch License: BSD-2-clause License</p> <ol class='man-decor man-foot man foot'> <li class='tl'></li> - <li class='tc'>March 2023</li> + <li class='tc'>May 2023</li> <li class='tr'>xmpp-dns(1)</li> </ol> diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/xmpp-dns-0.3.6/man/xmpp-dns.1.ronn new/xmpp-dns-0.3.7/man/xmpp-dns.1.ronn --- old/xmpp-dns-0.3.6/man/xmpp-dns.1.ronn 2023-03-27 20:12:24.000000000 +0200 +++ new/xmpp-dns-0.3.7/man/xmpp-dns.1.ronn 2023-08-15 19:05:51.000000000 +0200 @@ -84,5 +84,5 @@ ## COPYRIGHT -Copyright (c) 2021 Martin Dosch +Copyright (c) Martin Dosch License: BSD-2-clause License
