ooni-probe-cli/internal/experiment/webconnectivity/analysistls.go

51 lines
1.4 KiB
Go
Raw Permalink Normal View History

package webconnectivity
//
// TLS analysis
//
import "github.com/ooni/probe-cli/v3/internal/model"
// analysisTLSToplevel is the toplevel analysis function for TLS.
//
// This algorithm aims to flag the TLS endpoints that failed unreasonably
// compared to what the TH has observed for the same endpoints.
func (tk *TestKeys) analysisTLSToplevel(logger model.Logger) {
// if we don't have a control result, do nothing.
if tk.Control == nil || len(tk.Control.TLSHandshake) <= 0 {
return
}
// walk the list of probe results and compare with TH results
for _, entry := range tk.TLSHandshakes {
// skip successful entries
failure := entry.Failure
if failure == nil {
continue // did not fail
}
epnt := entry.Address
// TODO(bassosimone,kelmenhorst): if, in the future, we choose to
// adapt this code to QUIC, we need to remember to treat EHOSTUNREACH
// and ENETUNREACH specially when the IP address is IPv6.
// obtain the corresponding endpoint
ctrl, found := tk.Control.TLSHandshake[epnt]
if !found {
continue // only the probe tested this, so hard to say anything...
}
if ctrl.Failure != nil {
// If the TH failed as well, don't set XBlockingFlags. Performing
// precise error mapping should be a job for the pipeline.
continue
}
logger.Warnf(
"TLS: unexpected failure %s for %s (see #%d)",
*failure,
epnt,
entry.TransactionID,
)
tk.BlockingFlags |= analysisFlagTLSBlocking
}
}