c/ooni-probe-cli
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

[forwardport] fix: avoid http3 for dns.google and www.google.com (#593) (#594)

Browse Source 
This commit forward ports dedd84fa7ecb09f718f6b1a9c83999cb37b34dfa.

Original commit message:

- - -

This diff changes code the release/3.11 branch to ensure we're not using dns.google and www.google.com over HTTP3. As documented in https://github.com/ooni/probe/issues/1873, since this morning (approx) these services do not support HTTP3 anymore. (I didn't bother with checking whether this issue affects _other_ Google services; I just limited my analysis to the services that we were using as part of testing.)

This patch WILL require forward porting to the master branch.
This commit is contained in:
Simone Basso
2021-11-12 14:43:28 +01:00
committed by GitHub
parent 3dad324f09
commit 0a322ebab0
9 changed files with 90 additions and 33 deletions
Download Patch File Download Diff File Expand all files Collapse all files
internal/engine/legacy/errorsx/integration_test.go
+7 -7
View File
@@ -8,9 +8,10 @@ import (
"github.com/lucas-clemente/quic-go"
errorsxlegacy "github.com/ooni/probe-cli/v3/internal/engine/legacy/errorsx"
"github.com/ooni/probe-cli/v3/internal/netxlite"
"github.com/ooni/probe-cli/v3/internal/netxlite/quictesting"
)
func TestErrorWrapperQUICDialerInvalidCertificate(t *testing.T) {
func TestErrorWrapperQUICDialerFailure(t *testing.T) {
nextprotos := []string{"h3"}
servername := "example.com"
tlsConf := &tls.Config{
@@ -21,17 +22,16 @@ func TestErrorWrapperQUICDialerInvalidCertificate(t *testing.T) {
dlr := &errorsxlegacy.ErrorWrapperQUICDialer{Dialer: &netxlite.QUICDialerQUICGo{
QUICListener: &netxlite.QUICListenerStdlib{},
}}
// use Google IP
sess, err := dlr.DialContext(context.Background(), "udp",
"216.58.212.164:443", tlsConf, &quic.Config{})
quictesting.Endpoint("443"), tlsConf, &quic.Config{})
if err == nil {
t.Fatal("expected an error here")
}
if sess != nil {
t.Fatal("expected nil sess here")
}
if err.Error() != netxlite.FailureSSLInvalidCertificate {
t.Fatal("unexpected failure")
if err.Error() != netxlite.FailureSSLFailedHandshake {
t.Fatal("unexpected failure", err.Error())
}
}
@@ -39,12 +39,12 @@ func TestErrorWrapperQUICDialerSuccess(t *testing.T) {
ctx := context.Background()
tlsConf := &tls.Config{
NextProtos: []string{"h3"},
ServerName: "www.google.com",
ServerName: quictesting.Domain,
}
d := &errorsxlegacy.ErrorWrapperQUICDialer{Dialer: &netxlite.QUICDialerQUICGo{
QUICListener: &netxlite.QUICListenerStdlib{},
}}
sess, err := d.DialContext(ctx, "udp", "216.58.212.164:443", tlsConf, &quic.Config{})
sess, err := d.DialContext(ctx, "udp", quictesting.Endpoint("443"), tlsConf, &quic.Config{})
if err != nil {
t.Fatal(err)
}