2021-02-02 12:05:47 +01:00
|
|
|
package geolocate
|
|
|
|
|
|
|
|
import (
|
|
|
|
"context"
|
|
|
|
"net/http"
|
|
|
|
|
2022-01-03 13:53:23 +01:00
|
|
|
"github.com/ooni/probe-cli/v3/internal/model"
|
2021-02-02 12:05:47 +01:00
|
|
|
"github.com/pion/stun"
|
|
|
|
)
|
|
|
|
|
fix(geolocate): no proxy when discovering our IP address (#251)
* fix(geolocate): no proxy when discovering our IP address
The use case of --proxy is that you cannot contact the OONI
backend otherwise. It is wrong, though, using the proxy when
discovering our IP address. The measurement won't use the
proxy anyway. Therefore, we need to use the IP address that
is performing the measurement. Not the one of the proxy.
What's more, stun is not using a proxy. Therefore, it does
not make much sense that http IP resolvers use a proxy. This
leads to inconsistencies. So, here's anothe reason why this
patch is a good thing (TM).
Finally, because knowing the IP address enables us to sanitize
the data, it's important we discover the correct IP.
Now, up until this point, the `--proxy` option has mostly
been a developers toy. But, users have asked us to have the
possibility of configuring a proxy.
This explains why I have been looking into making `--proxy`
right for a couple of hours now.
See https://github.com/ooni/probe/issues/1382
* fix(session): properly configure the IP lookupper
2021-03-10 12:01:08 +01:00
|
|
|
// TODO(bassosimone): we should modify the stun code to use
|
|
|
|
// the session resolver rather than using its own.
|
|
|
|
//
|
|
|
|
// See https://github.com/ooni/probe/issues/1383.
|
|
|
|
|
2021-02-02 12:05:47 +01:00
|
|
|
type stunClient interface {
|
|
|
|
Close() error
|
|
|
|
Start(m *stun.Message, h stun.Handler) error
|
|
|
|
}
|
|
|
|
|
|
|
|
type stunConfig struct {
|
|
|
|
Dial func(network string, address string) (stunClient, error)
|
|
|
|
Endpoint string
|
2022-01-03 13:53:23 +01:00
|
|
|
Logger model.Logger
|
2021-02-02 12:05:47 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
func stunDialer(network string, address string) (stunClient, error) {
|
|
|
|
return stun.Dial(network, address)
|
|
|
|
}
|
|
|
|
|
|
|
|
func stunIPLookup(ctx context.Context, config stunConfig) (string, error) {
|
|
|
|
config.Logger.Debugf("STUNIPLookup: start using %s", config.Endpoint)
|
|
|
|
ip, err := func() (string, error) {
|
|
|
|
dial := config.Dial
|
|
|
|
if dial == nil {
|
|
|
|
dial = stunDialer
|
|
|
|
}
|
|
|
|
clnt, err := dial("udp", config.Endpoint)
|
|
|
|
if err != nil {
|
|
|
|
return DefaultProbeIP, err
|
|
|
|
}
|
|
|
|
defer clnt.Close()
|
|
|
|
message := stun.MustBuild(stun.TransactionID, stun.BindingRequest)
|
|
|
|
errch, ipch := make(chan error, 1), make(chan string, 1)
|
|
|
|
err = clnt.Start(message, func(ev stun.Event) {
|
|
|
|
if ev.Error != nil {
|
|
|
|
errch <- ev.Error
|
|
|
|
return
|
|
|
|
}
|
|
|
|
var xorAddr stun.XORMappedAddress
|
|
|
|
if err := xorAddr.GetFrom(ev.Message); err != nil {
|
|
|
|
errch <- err
|
|
|
|
return
|
|
|
|
}
|
|
|
|
ipch <- xorAddr.IP.String()
|
|
|
|
})
|
|
|
|
if err != nil {
|
|
|
|
return DefaultProbeIP, err
|
|
|
|
}
|
|
|
|
select {
|
|
|
|
case err := <-errch:
|
|
|
|
return DefaultProbeIP, err
|
|
|
|
case ip := <-ipch:
|
|
|
|
return ip, nil
|
|
|
|
case <-ctx.Done():
|
|
|
|
return DefaultProbeIP, ctx.Err()
|
|
|
|
}
|
|
|
|
}()
|
|
|
|
if err != nil {
|
|
|
|
config.Logger.Debugf("STUNIPLookup: failure using %s: %+v", config.Endpoint, err)
|
|
|
|
return DefaultProbeIP, err
|
|
|
|
}
|
|
|
|
return ip, nil
|
|
|
|
}
|
|
|
|
|
|
|
|
func stunEkigaIPLookup(
|
|
|
|
ctx context.Context,
|
|
|
|
httpClient *http.Client,
|
2022-01-03 13:53:23 +01:00
|
|
|
logger model.Logger,
|
2021-02-02 12:05:47 +01:00
|
|
|
userAgent string,
|
|
|
|
) (string, error) {
|
|
|
|
return stunIPLookup(ctx, stunConfig{
|
|
|
|
Endpoint: "stun.ekiga.net:3478",
|
|
|
|
Logger: logger,
|
|
|
|
})
|
|
|
|
}
|
|
|
|
|
|
|
|
func stunGoogleIPLookup(
|
|
|
|
ctx context.Context,
|
|
|
|
httpClient *http.Client,
|
2022-01-03 13:53:23 +01:00
|
|
|
logger model.Logger,
|
2021-02-02 12:05:47 +01:00
|
|
|
userAgent string,
|
|
|
|
) (string, error) {
|
|
|
|
return stunIPLookup(ctx, stunConfig{
|
|
|
|
Endpoint: "stun.l.google.com:19302",
|
|
|
|
Logger: logger,
|
|
|
|
})
|
|
|
|
}
|