c/ooni-probe-cli
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
f59e98fd05
ooni-probe-cli/internal/ptx/snowflake.go

152 lines
4.2 KiB
Go
Raw Normal View History

feat: introduce ptx package for pluggable transports dialers (#373) * feat: introduce ptx package for pluggable transports dialers Version 2 of the pluggable transports specification defines a function that's like `Dial() (net.Conn, error`). Because we use contexts as much as possible in `probe-cli`, we are wrapping such an interface into a `DialContext` func. The code for obfs4 is adapted from https://github.com/ooni/probe-cli/pull/341. The code for snowflake is significantly easier than it is in https://github.com/ooni/probe-cli/pull/341, because now Snowflake supports the PTv2 spec (thanks @cohosh!). The code for setting up a pluggable transport listener has also been adapted from https://github.com/ooni/probe-cli/pull/341. We cannot merge this code yet, because we need unit testing, yet the newly added code already seems suitable for these use cases: 1. testing by dialing and seeing whether we can dial (which is not very useful but still better than not doing it); 2. spawning tor+pluggable transports for circumvention (we need a little more hammering like we did in https://github.com/ooni/probe-cli/pull/341, which is basically https://github.com/ooni/probe/issues/1565, and then we will be able to do that, as demonstrated by the new, simple client which already allows us to use pluggable transports with tor); 3. testing by launching tor (when available) with a set of pluggable transports (which depends on https://github.com/ooni/probe-engine/issues/897 and has not been assigned an issue yet). * fix: tweaks after self code-review * feat: write quick tests for ptx/obfs4 (They run in 0.4s, so I think it's fine for them to always run.) * feat(ptx/snowflake): write unit and integration tests * feat: create a fake PTDialer The idea is that we'll use this simpler PTDialer for testing. * feat: finish writing tests for new package * Apply suggestions from code review * Update internal/ptx/dependencies_test.go Co-authored-by: Arturo Filastò <arturo@openobservatory.org> * Update internal/ptx/dependencies_test.go Co-authored-by: Arturo Filastò <arturo@openobservatory.org> * chore: use as testing bridge one that's used by tor browser The previous testing bridge used to be used by tor browser but it was subsequently removed here: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/commit/e26e91bef8bd8d04d79bdd69f087efd808bc925d See https://github.com/ooni/probe-cli/pull/373#discussion_r649820724 Co-authored-by: Arturo Filastò <arturo@openobservatory.org>
2021-06-14 10:20:54 +02:00
package ptx
import (
"context"
"net"
sflib "git.torproject.org/pluggable-transports/snowflake.git/client/lib"
)
// SnowflakeDialer is a dialer for snowflake. When optional fields are
// not specified, we use defaults from the snowflake repository.
type SnowflakeDialer struct {
// BrokerURL is the optional broker URL. If not specified,
// we will be using a sensible default value.
BrokerURL string
// FrontDomain is the domain to use for fronting. If not
// specified, we will be using a sensible default.
FrontDomain string
// ICEAddresses contains the addresses to use for ICE. If not
// specified, we will be using a sensible default.
ICEAddresses []string
// MaxSnowflakes is the maximum number of snowflakes we
// should create per dialer. If negative or zero, we will
// be using a sensible default.
MaxSnowflakes int
// newClientTransport is an optional hook for creating
// an alternative snowflakeTransport in testing.
newClientTransport func(brokerURL string, frontDomain string,
iceAddresses []string, keepLocalAddresses bool,
maxSnowflakes int) (snowflakeTransport, error)
}
// snowflakeTransport is anything that allows us to dial a snowflake
type snowflakeTransport interface {
Dial() (net.Conn, error)
}
// DialContext establishes a connection with the given SF proxy. The context
// argument allows to interrupt this operation midway.
func (d *SnowflakeDialer) DialContext(ctx context.Context) (net.Conn, error) {
conn, _, err := d.dialContext(ctx)
return conn, err
}
func (d *SnowflakeDialer) dialContext(
ctx context.Context) (net.Conn, chan interface{}, error) {
done := make(chan interface{})
txp, err := d.newSnowflakeClient(
d.brokerURL(), d.frontDomain(), d.iceAddresses(),
false, d.maxSnowflakes(),
)
if err != nil {
return nil, nil, err
}
connch, errch := make(chan net.Conn), make(chan error, 1)
go func() {
defer close(done) // allow tests to synchronize with this goroutine's exit
conn, err := txp.Dial()
if err != nil {
errch <- err // buffered channel
return
}
select {
case connch <- conn:
default:
conn.Close() // context won the race
}
}()
select {
case conn := <-connch:
return conn, done, nil
case err := <-errch:
return nil, done, err
case <-ctx.Done():
return nil, done, ctx.Err()
}
}
// newSnowflakeClient allows us to call a mock rather than
// the real sflib.NewSnowflakeClient.
func (d *SnowflakeDialer) newSnowflakeClient(brokerURL string, frontDomain string,
iceAddresses []string, keepLocalAddresses bool,
maxSnowflakes int) (snowflakeTransport, error) {
if d.newClientTransport != nil {
return d.newClientTransport(brokerURL, frontDomain, iceAddresses,
keepLocalAddresses, maxSnowflakes)
}
return sflib.NewSnowflakeClient(
brokerURL, frontDomain, iceAddresses,
keepLocalAddresses, maxSnowflakes)
}
// brokerURL returns a suitable broker URL.
func (d *SnowflakeDialer) brokerURL() string {
if d.BrokerURL != "" {
return d.BrokerURL
}
return "https://snowflake-broker.torproject.net.global.prod.fastly.net/"
}
// frontDomain returns a suitable front domain.
func (d *SnowflakeDialer) frontDomain() string {
if d.FrontDomain != "" {
return d.FrontDomain
}
return "cdn.sstatic.net"
}
// iceAddresses returns suitable ICE addresses.
func (d *SnowflakeDialer) iceAddresses() []string {
if len(d.ICEAddresses) > 0 {
return d.ICEAddresses
}
return []string{
"stun:stun.voip.blackberry.com:3478",
"stun:stun.altar.com.pl:3478",
"stun:stun.antisip.com:3478",
"stun:stun.bluesip.net:3478",
"stun:stun.dus.net:3478",
"stun:stun.epygi.com:3478",
"stun:stun.sonetel.com:3478",
"stun:stun.sonetel.net:3478",
"stun:stun.stunprotocol.org:3478",
"stun:stun.uls.co.za:3478",
"stun:stun.voipgate.com:3478",
"stun:stun.voys.nl:3478",
}
}
// maxSnowflakes returns the number of snowflakes to collect.
func (d *SnowflakeDialer) maxSnowflakes() int {
if d.MaxSnowflakes > 0 {
return d.MaxSnowflakes
}
fix(snowflake.go): default maxSnowflakes() to 1 (#378) See https://github.com/ooni/probe-cli/pull/373#discussion_r651080925
2021-06-14 18:18:36 +02:00
return 1
feat: introduce ptx package for pluggable transports dialers (#373) * feat: introduce ptx package for pluggable transports dialers Version 2 of the pluggable transports specification defines a function that's like `Dial() (net.Conn, error`). Because we use contexts as much as possible in `probe-cli`, we are wrapping such an interface into a `DialContext` func. The code for obfs4 is adapted from https://github.com/ooni/probe-cli/pull/341. The code for snowflake is significantly easier than it is in https://github.com/ooni/probe-cli/pull/341, because now Snowflake supports the PTv2 spec (thanks @cohosh!). The code for setting up a pluggable transport listener has also been adapted from https://github.com/ooni/probe-cli/pull/341. We cannot merge this code yet, because we need unit testing, yet the newly added code already seems suitable for these use cases: 1. testing by dialing and seeing whether we can dial (which is not very useful but still better than not doing it); 2. spawning tor+pluggable transports for circumvention (we need a little more hammering like we did in https://github.com/ooni/probe-cli/pull/341, which is basically https://github.com/ooni/probe/issues/1565, and then we will be able to do that, as demonstrated by the new, simple client which already allows us to use pluggable transports with tor); 3. testing by launching tor (when available) with a set of pluggable transports (which depends on https://github.com/ooni/probe-engine/issues/897 and has not been assigned an issue yet). * fix: tweaks after self code-review * feat: write quick tests for ptx/obfs4 (They run in 0.4s, so I think it's fine for them to always run.) * feat(ptx/snowflake): write unit and integration tests * feat: create a fake PTDialer The idea is that we'll use this simpler PTDialer for testing. * feat: finish writing tests for new package * Apply suggestions from code review * Update internal/ptx/dependencies_test.go Co-authored-by: Arturo Filastò <arturo@openobservatory.org> * Update internal/ptx/dependencies_test.go Co-authored-by: Arturo Filastò <arturo@openobservatory.org> * chore: use as testing bridge one that's used by tor browser The previous testing bridge used to be used by tor browser but it was subsequently removed here: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/commit/e26e91bef8bd8d04d79bdd69f087efd808bc925d See https://github.com/ooni/probe-cli/pull/373#discussion_r649820724 Co-authored-by: Arturo Filastò <arturo@openobservatory.org>
2021-06-14 10:20:54 +02:00
}
// AsBridgeArgument returns the argument to be passed to
// the tor command line to declare this bridge.
func (d *SnowflakeDialer) AsBridgeArgument() string {
return "snowflake 192.0.2.3:1 2B280B23E1107BB62ABFC40DDCC8824814F80A72"
}
// Name returns the pluggable transport name.
func (d *SnowflakeDialer) Name() string {
return "snowflake"
}
Reference in New Issue Copy Permalink