[forwardport] fix: avoid http3 for dns.google and www.google.com (#593) (#594)

This commit forward ports dedd84fa7ecb09f718f6b1a9c83999cb37b34dfa. Original commit message: - - - This diff changes code the release/3.11 branch to ensure we're not using dns.google and www.google.com over HTTP3. As documented in https://github.com/ooni/probe/issues/1873, since this morning (approx) these services do not support HTTP3 anymore. (I didn't bother with checking whether this issue affects _other_ Google services; I just limited my analysis to the services that we were using as part of testing.) This patch WILL require forward porting to the master branch.
2021-11-12 14:43:28 +01:00
parent 3dad324f09
commit 0a322ebab0
9 changed files with 90 additions and 33 deletions
@@ -6,6 +6,7 @@ import (
 	"fmt"
 	"net"
 	"net/http"
+	"net/url"
 	"testing"
 	"time"

@@ -13,6 +14,7 @@ import (
 	"github.com/lucas-clemente/quic-go"
 	"github.com/ooni/probe-cli/v3/internal/netxlite"
 	"github.com/ooni/probe-cli/v3/internal/netxlite/filtering"
+	"github.com/ooni/probe-cli/v3/internal/netxlite/quictesting"
 	utls "gitlab.com/yawning/utls.git"
 )

@@ -435,11 +437,11 @@ func TestMeasureWithQUICDialer(t *testing.T) {
 		defer d.CloseIdleConnections()
 		ctx := context.Background()
 		config := &tls.Config{
-			ServerName: "dns.google",
+			ServerName: quictesting.Domain,
 			NextProtos: []string{"h3"},
 			RootCAs:    netxlite.NewDefaultCertPool(),
 		}
-		sess, err := d.DialContext(ctx, "udp", "8.8.4.4:443", config, &quic.Config{})
+		sess, err := d.DialContext(ctx, "udp", quictesting.Endpoint("443"), config, &quic.Config{})
 		if err != nil {
 			t.Fatal(err)
 		}
@@ -455,12 +457,12 @@ func TestMeasureWithQUICDialer(t *testing.T) {
 		defer d.CloseIdleConnections()
 		ctx := context.Background()
 		config := &tls.Config{
-			ServerName: "dns.google",
+			ServerName: quictesting.Domain,
 			NextProtos: []string{"h3"},
 			RootCAs:    netxlite.NewDefaultCertPool(),
 		}
-		// Here we assume 8.8.4.4:1 is filtered
-		sess, err := d.DialContext(ctx, "udp", "8.8.4.4:1", config, &quic.Config{})
+		// Here we assume <target-address>:1 is filtered
+		sess, err := d.DialContext(ctx, "udp", quictesting.Endpoint("1"), config, &quic.Config{})
 		if err == nil || err.Error() != netxlite.FailureGenericTimeoutError {
 			t.Fatal("not the error we expected", err)
 		}
@@ -502,7 +504,8 @@ func TestHTTP3Transport(t *testing.T) {
 		)
 		txp := netxlite.NewHTTP3Transport(log.Log, d, &tls.Config{})
 		client := &http.Client{Transport: txp}
-		resp, err := client.Get("https://www.google.com/robots.txt")
+		URL := (&url.URL{Scheme: "https", Host: quictesting.Domain, Path: "/"}).String()
+		resp, err := client.Get(URL)
 		if err != nil {
 			t.Fatal(err)
 		}
@@ -0,0 +1,38 @@
+// Package quictesting contains code useful to test QUIC.
+package quictesting
+
+import (
+	"context"
+	"net"
+	"strings"
+	"time"
+
+	"github.com/ooni/probe-cli/v3/internal/runtimex"
+)
+
+// Domain is the the domain we should be testing using QUIC.
+const Domain = "www.cloudflare.com"
+
+// Address is the address we should be testing using QUIC.
+var Address string
+
+// Endpoint returns the endpoint to test using QUIC by combining
+// the Address variable with the given port.
+func Endpoint(port string) string {
+	return net.JoinHostPort(Address, port)
+}
+
+func init() {
+	const timeout = 10 * time.Second
+	ctx, cancel := context.WithTimeout(context.Background(), timeout)
+	defer cancel()
+	reso := &net.Resolver{}
+	addrs, err := reso.LookupHost(ctx, Domain)
+	runtimex.PanicOnError(err, "reso.LookupHost failed")
+	for _, addr := range addrs {
+		if !strings.Contains(addr, ":") {
+			Address = addr
+			break
+		}
+	}
+}
@@ -0,0 +1,20 @@
+package quictesting
+
+import (
+	"net"
+	"testing"
+)
+
+func TestWorksAsIntended(t *testing.T) {
+	epnt := Endpoint("443")
+	addr, port, err := net.SplitHostPort(epnt)
+	if err != nil {
+		t.Fatal(err)
+	}
+	if addr != Address {
+		t.Fatal("invalid addr")
+	}
+	if port != "443" {
+		t.Fatal("invalid port")
+	}
+}