2022-05-09 10:25:50 +02:00
|
|
|
// Package tlsping is the experimental tlsping experiment.
|
|
|
|
|
//
|
|
|
|
|
// See https://github.com/ooni/spec/blob/master/nettests/ts-033-tlsping.md.
|
|
|
|
|
package tlsping
|
|
|
|
|
|
|
|
|
|
import (
|
|
|
|
|
"context"
|
|
|
|
|
"crypto/tls"
|
|
|
|
|
"errors"
|
|
|
|
|
"fmt"
|
2022-05-24 16:29:13 +02:00
|
|
|
"net"
|
2022-05-09 10:25:50 +02:00
|
|
|
"net/url"
|
|
|
|
|
"strings"
|
|
|
|
|
"time"
|
|
|
|
|
|
2022-07-01 12:22:22 +02:00
|
|
|
"github.com/ooni/probe-cli/v3/internal/measurexlite"
|
2022-05-09 10:25:50 +02:00
|
|
|
"github.com/ooni/probe-cli/v3/internal/model"
|
|
|
|
|
"github.com/ooni/probe-cli/v3/internal/netxlite"
|
|
|
|
|
)
|
|
|
|
|
|
|
|
|
|
const (
|
|
|
|
|
testName = "tlsping"
|
2022-07-01 12:22:22 +02:00
|
|
|
testVersion = "0.2.0"
|
2022-05-09 10:25:50 +02:00
|
|
|
)
|
|
|
|
|
|
|
|
|
|
// Config contains the experiment configuration.
|
|
|
|
|
type Config struct {
|
|
|
|
|
// ALPN allows to specify which ALPN or ALPNs to send.
|
|
|
|
|
ALPN string `ooni:"space separated list of ALPNs to use"`
|
|
|
|
|
|
|
|
|
|
// Delay is the delay between each repetition (in milliseconds).
|
|
|
|
|
Delay int64 `ooni:"number of milliseconds to wait before sending each ping"`
|
|
|
|
|
|
|
|
|
|
// Repetitions is the number of repetitions for each ping.
|
|
|
|
|
Repetitions int64 `ooni:"number of times to repeat the measurement"`
|
|
|
|
|
|
|
|
|
|
// SNI is the SNI value to use.
|
|
|
|
|
SNI string `ooni:"the SNI value to use"`
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
func (c *Config) alpn() string {
|
|
|
|
|
if c.ALPN != "" {
|
|
|
|
|
return c.ALPN
|
|
|
|
|
}
|
|
|
|
|
return "h2 http/1.1"
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
func (c *Config) delay() time.Duration {
|
|
|
|
|
if c.Delay > 0 {
|
|
|
|
|
return time.Duration(c.Delay) * time.Millisecond
|
|
|
|
|
}
|
|
|
|
|
return time.Second
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
func (c *Config) repetitions() int64 {
|
|
|
|
|
if c.Repetitions > 0 {
|
|
|
|
|
return c.Repetitions
|
|
|
|
|
}
|
|
|
|
|
return 10
|
|
|
|
|
}
|
|
|
|
|
|
2022-05-24 16:29:13 +02:00
|
|
|
func (c *Config) sni(address string) string {
|
|
|
|
|
if c.SNI != "" {
|
|
|
|
|
return c.SNI
|
|
|
|
|
}
|
|
|
|
|
addr, _, err := net.SplitHostPort(address)
|
|
|
|
|
if err != nil {
|
|
|
|
|
return ""
|
|
|
|
|
}
|
|
|
|
|
return addr
|
|
|
|
|
}
|
|
|
|
|
|
2022-05-09 10:25:50 +02:00
|
|
|
// TestKeys contains the experiment results.
|
|
|
|
|
type TestKeys struct {
|
|
|
|
|
Pings []*SinglePing `json:"pings"`
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// SinglePing contains the results of a single ping.
|
|
|
|
|
type SinglePing struct {
|
2022-07-01 12:22:22 +02:00
|
|
|
NetworkEvents []*model.ArchivalNetworkEvent `json:"network_events"`
|
|
|
|
|
TCPConnect *model.ArchivalTCPConnectResult `json:"tcp_connect"`
|
|
|
|
|
TLSHandshake *model.ArchivalTLSOrQUICHandshakeResult `json:"tls_handshake"`
|
2022-05-09 10:25:50 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// Measurer performs the measurement.
|
|
|
|
|
type Measurer struct {
|
|
|
|
|
config Config
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// ExperimentName implements ExperimentMeasurer.ExperiExperimentName.
|
|
|
|
|
func (m *Measurer) ExperimentName() string {
|
|
|
|
|
return testName
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// ExperimentVersion implements ExperimentMeasurer.ExperimentVersion.
|
|
|
|
|
func (m *Measurer) ExperimentVersion() string {
|
|
|
|
|
return testVersion
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
var (
|
|
|
|
|
// errNoInputProvided indicates you didn't provide any input
|
|
|
|
|
errNoInputProvided = errors.New("not input provided")
|
|
|
|
|
|
|
|
|
|
// errInputIsNotAnURL indicates that input is not an URL
|
|
|
|
|
errInputIsNotAnURL = errors.New("input is not an URL")
|
|
|
|
|
|
|
|
|
|
// errInvalidScheme indicates that the scheme is invalid
|
|
|
|
|
errInvalidScheme = errors.New("scheme must be tlshandshake")
|
|
|
|
|
|
|
|
|
|
// errMissingPort indicates that there is no port.
|
|
|
|
|
errMissingPort = errors.New("the URL must include a port")
|
|
|
|
|
)
|
|
|
|
|
|
|
|
|
|
// Run implements ExperimentMeasurer.Run.
|
|
|
|
|
func (m *Measurer) Run(
|
|
|
|
|
ctx context.Context,
|
|
|
|
|
sess model.ExperimentSession,
|
|
|
|
|
measurement *model.Measurement,
|
|
|
|
|
callbacks model.ExperimentCallbacks,
|
|
|
|
|
) error {
|
|
|
|
|
if measurement.Input == "" {
|
|
|
|
|
return errNoInputProvided
|
|
|
|
|
}
|
|
|
|
|
parsed, err := url.Parse(string(measurement.Input))
|
|
|
|
|
if err != nil {
|
|
|
|
|
return fmt.Errorf("%w: %s", errInputIsNotAnURL, err.Error())
|
|
|
|
|
}
|
|
|
|
|
if parsed.Scheme != "tlshandshake" {
|
|
|
|
|
return errInvalidScheme
|
|
|
|
|
}
|
|
|
|
|
if parsed.Port() == "" {
|
|
|
|
|
return errMissingPort
|
|
|
|
|
}
|
|
|
|
|
tk := new(TestKeys)
|
|
|
|
|
measurement.TestKeys = tk
|
2022-07-01 12:22:22 +02:00
|
|
|
out := make(chan *SinglePing)
|
|
|
|
|
go m.tlsPingLoop(ctx, measurement.MeasurementStartTimeSaved, sess.Logger(), parsed.Host, out)
|
2022-05-09 10:25:50 +02:00
|
|
|
for len(tk.Pings) < int(m.config.repetitions()) {
|
2022-07-01 12:22:22 +02:00
|
|
|
tk.Pings = append(tk.Pings, <-out)
|
2022-05-09 10:25:50 +02:00
|
|
|
}
|
|
|
|
|
return nil // return nil so we always submit the measurement
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// tlsPingLoop sends all the ping requests and emits the results onto the out channel.
|
2022-07-01 12:22:22 +02:00
|
|
|
func (m *Measurer) tlsPingLoop(ctx context.Context, zeroTime time.Time,
|
|
|
|
|
logger model.Logger, address string, out chan<- *SinglePing) {
|
2022-05-09 10:25:50 +02:00
|
|
|
ticker := time.NewTicker(m.config.delay())
|
|
|
|
|
defer ticker.Stop()
|
|
|
|
|
for i := int64(0); i < m.config.repetitions(); i++ {
|
2022-07-01 12:22:22 +02:00
|
|
|
go m.tlsPingAsync(ctx, i, zeroTime, logger, address, out)
|
2022-05-09 10:25:50 +02:00
|
|
|
<-ticker.C
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// tlsPingAsync performs a TLS ping and emits the result onto the out channel.
|
2022-07-01 12:22:22 +02:00
|
|
|
func (m *Measurer) tlsPingAsync(ctx context.Context, index int64,
|
|
|
|
|
zeroTime time.Time, logger model.Logger, address string, out chan<- *SinglePing) {
|
|
|
|
|
out <- m.tlsConnectAndHandshake(ctx, index, zeroTime, logger, address)
|
2022-05-09 10:25:50 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// tlsConnectAndHandshake performs a TCP connect followed by a TLS handshake
|
|
|
|
|
// and returns the results of these operations to the caller.
|
2022-07-01 12:22:22 +02:00
|
|
|
func (m *Measurer) tlsConnectAndHandshake(ctx context.Context, index int64,
|
|
|
|
|
zeroTime time.Time, logger model.Logger, address string) *SinglePing {
|
2022-05-09 10:25:50 +02:00
|
|
|
// TODO(bassosimone): make the timeout user-configurable
|
|
|
|
|
ctx, cancel := context.WithTimeout(ctx, 3*time.Second)
|
|
|
|
|
defer cancel()
|
2022-07-01 12:22:22 +02:00
|
|
|
sp := &SinglePing{
|
|
|
|
|
NetworkEvents: []*model.ArchivalNetworkEvent{},
|
|
|
|
|
TCPConnect: nil,
|
|
|
|
|
TLSHandshake: nil,
|
|
|
|
|
}
|
|
|
|
|
trace := measurexlite.NewTrace(index, zeroTime)
|
|
|
|
|
dialer := trace.NewDialerWithoutResolver(logger)
|
|
|
|
|
alpn := strings.Split(m.config.alpn(), " ")
|
|
|
|
|
sni := m.config.sni(address)
|
|
|
|
|
ol := measurexlite.NewOperationLogger(logger, "TLSPing #%d %s %s %v", index, address, sni, alpn)
|
|
|
|
|
conn, err := dialer.DialContext(ctx, "tcp", address)
|
2022-08-17 20:10:48 +02:00
|
|
|
sp.TCPConnect = trace.FirstTCPConnectOrNil() // record the first connect from the buffer
|
2022-07-01 12:22:22 +02:00
|
|
|
if err != nil {
|
|
|
|
|
ol.Stop(err)
|
|
|
|
|
return sp
|
|
|
|
|
}
|
|
|
|
|
defer conn.Close()
|
|
|
|
|
thx := trace.NewTLSHandshakerStdlib(logger)
|
|
|
|
|
config := &tls.Config{
|
|
|
|
|
NextProtos: alpn,
|
2022-05-09 10:25:50 +02:00
|
|
|
RootCAs: netxlite.NewDefaultCertPool(),
|
2022-07-01 12:22:22 +02:00
|
|
|
ServerName: sni,
|
|
|
|
|
}
|
|
|
|
|
_, _, err = thx.Handshake(ctx, conn, config)
|
|
|
|
|
ol.Stop(err)
|
2022-08-17 20:10:48 +02:00
|
|
|
sp.TLSHandshake = trace.FirstTLSHandshakeOrNil() // record the first handshake from the buffer
|
2022-07-01 12:22:22 +02:00
|
|
|
sp.NetworkEvents = trace.NetworkEvents()
|
|
|
|
|
return sp
|
2022-05-09 10:25:50 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// NewExperimentMeasurer creates a new ExperimentMeasurer.
|
|
|
|
|
func NewExperimentMeasurer(config Config) model.ExperimentMeasurer {
|
|
|
|
|
return &Measurer{config: config}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// SummaryKeys contains summary keys for this experiment.
|
|
|
|
|
//
|
|
|
|
|
// Note that this structure is part of the ABI contract with ooniprobe
|
|
|
|
|
// therefore we should be careful when changing it.
|
|
|
|
|
type SummaryKeys struct {
|
|
|
|
|
IsAnomaly bool `json:"-"`
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// GetSummaryKeys implements model.ExperimentMeasurer.GetSummaryKeys.
|
|
|
|
|
func (m Measurer) GetSummaryKeys(measurement *model.Measurement) (interface{}, error) {
|
|
|
|
|
return SummaryKeys{IsAnomaly: false}, nil
|
|
|
|
|
}
|
