diff --git a/internal/engine/experiment/dash/dash.go b/internal/engine/experiment/dash/dash.go index 9015104..a44021d 100644 --- a/internal/engine/experiment/dash/dash.go +++ b/internal/engine/experiment/dash/dash.go @@ -263,7 +263,7 @@ func (m Measurer) Run( // See https://github.com/ooni/probe/issues/2112 Dialer: netxlite.NewMaybeShapingDialer(netx.NewDialer(netx.Config{ ContextByteCounting: true, - DialSaver: saver, + Saver: saver, Logger: sess.Logger(), })), Logger: sess.Logger(), diff --git a/internal/engine/experiment/dnscheck/dnscheck.go b/internal/engine/experiment/dnscheck/dnscheck.go index 7a34aa3..c9fd3f8 100644 --- a/internal/engine/experiment/dnscheck/dnscheck.go +++ b/internal/engine/experiment/dnscheck/dnscheck.go @@ -171,7 +171,7 @@ func (m *Measurer) Run( resolver := netx.NewResolver(netx.Config{ BogonIsError: true, Logger: sess.Logger(), - ResolveSaver: evsaver, + Saver: evsaver, }) addrs, err := m.lookupHost(ctx, URL.Hostname(), resolver) queries := tracex.NewDNSQueriesList(begin, evsaver.Read()) diff --git a/internal/engine/experiment/stunreachability/stunreachability.go b/internal/engine/experiment/stunreachability/stunreachability.go index 8dbe046..81f1af2 100644 --- a/internal/engine/experiment/stunreachability/stunreachability.go +++ b/internal/engine/experiment/stunreachability/stunreachability.go @@ -116,10 +116,9 @@ func (tk *TestKeys) run( begin := time.Now() err := tk.do(ctx, config, netx.NewDialer(netx.Config{ ContextByteCounting: true, - DialSaver: saver, Logger: sess.Logger(), ReadWriteSaver: saver, - ResolveSaver: saver, + Saver: saver, }), endpoint) events := saver.Read() tk.NetworkEvents = append( diff --git a/internal/engine/experiment/urlgetter/configurer.go b/internal/engine/experiment/urlgetter/configurer.go index cc4b2eb..af39e24 100644 --- a/internal/engine/experiment/urlgetter/configurer.go +++ b/internal/engine/experiment/urlgetter/configurer.go @@ -41,15 +41,11 @@ func (c Configurer) NewConfiguration() (Configuration, error) { HTTPConfig: netx.Config{ BogonIsError: c.Config.RejectDNSBogons, CacheResolutions: true, - CertPool: c.Config.CertPool, ContextByteCounting: true, - DialSaver: c.Saver, HTTP3Enabled: c.Config.HTTP3Enabled, - HTTPSaver: c.Saver, Logger: c.Logger, ReadWriteSaver: c.Saver, - ResolveSaver: c.Saver, - TLSSaver: c.Saver, + Saver: c.Saver, }, } // fill DNS cache @@ -96,7 +92,8 @@ func (c Configurer) NewConfiguration() (Configuration, error) { if err != nil { return configuration, err } - configuration.HTTPConfig.NoTLSVerify = c.Config.NoTLSVerify + configuration.HTTPConfig.TLSConfig.InsecureSkipVerify = c.Config.NoTLSVerify + configuration.HTTPConfig.TLSConfig.RootCAs = c.Config.CertPool // configure proxy configuration.HTTPConfig.ProxyURL = c.ProxyURL return configuration, nil diff --git a/internal/engine/experiment/urlgetter/configurer_test.go b/internal/engine/experiment/urlgetter/configurer_test.go index 886476e..0f13294 100644 --- a/internal/engine/experiment/urlgetter/configurer_test.go +++ b/internal/engine/experiment/urlgetter/configurer_test.go @@ -33,23 +33,14 @@ func TestConfigurerNewConfigurationVanilla(t *testing.T) { if configuration.HTTPConfig.ContextByteCounting != true { t.Fatal("not the ContextByteCounting we expected") } - if configuration.HTTPConfig.DialSaver != saver { - t.Fatal("not the DialSaver we expected") - } - if configuration.HTTPConfig.HTTPSaver != saver { - t.Fatal("not the HTTPSaver we expected") - } if configuration.HTTPConfig.Logger != log.Log { t.Fatal("not the Logger we expected") } if configuration.HTTPConfig.ReadWriteSaver != saver { t.Fatal("not the ReadWriteSaver we expected") } - if configuration.HTTPConfig.ResolveSaver != saver { - t.Fatal("not the ResolveSaver we expected") - } - if configuration.HTTPConfig.TLSSaver != saver { - t.Fatal("not the TLSSaver we expected") + if configuration.HTTPConfig.Saver != saver { + t.Fatal("not the Saver we expected") } if configuration.HTTPConfig.BaseResolver == nil { t.Fatal("not the BaseResolver we expected") @@ -63,7 +54,7 @@ func TestConfigurerNewConfigurationVanilla(t *testing.T) { if configuration.HTTPConfig.TLSConfig.NextProtos[1] != "http/1.1" { t.Fatal("not the TLSConfig we expected") } - if configuration.HTTPConfig.NoTLSVerify == true { + if configuration.HTTPConfig.TLSConfig.InsecureSkipVerify == true { t.Fatal("not the NoTLSVerify we expected") } if configuration.HTTPConfig.ProxyURL != nil { @@ -94,23 +85,14 @@ func TestConfigurerNewConfigurationResolverDNSOverHTTPSPowerdns(t *testing.T) { if configuration.HTTPConfig.ContextByteCounting != true { t.Fatal("not the ContextByteCounting we expected") } - if configuration.HTTPConfig.DialSaver != saver { - t.Fatal("not the DialSaver we expected") - } - if configuration.HTTPConfig.HTTPSaver != saver { - t.Fatal("not the HTTPSaver we expected") - } if configuration.HTTPConfig.Logger != log.Log { t.Fatal("not the Logger we expected") } if configuration.HTTPConfig.ReadWriteSaver != saver { t.Fatal("not the ReadWriteSaver we expected") } - if configuration.HTTPConfig.ResolveSaver != saver { - t.Fatal("not the ResolveSaver we expected") - } - if configuration.HTTPConfig.TLSSaver != saver { - t.Fatal("not the TLSSaver we expected") + if configuration.HTTPConfig.Saver != saver { + t.Fatal("not the Saver we expected") } if configuration.HTTPConfig.BaseResolver == nil { t.Fatal("not the BaseResolver we expected") @@ -139,7 +121,7 @@ func TestConfigurerNewConfigurationResolverDNSOverHTTPSPowerdns(t *testing.T) { if configuration.HTTPConfig.TLSConfig.NextProtos[1] != "http/1.1" { t.Fatal("not the TLSConfig we expected") } - if configuration.HTTPConfig.NoTLSVerify == true { + if configuration.HTTPConfig.TLSConfig.InsecureSkipVerify == true { t.Fatal("not the NoTLSVerify we expected") } if configuration.HTTPConfig.ProxyURL != nil { @@ -170,23 +152,14 @@ func TestConfigurerNewConfigurationResolverDNSOverHTTPSGoogle(t *testing.T) { if configuration.HTTPConfig.ContextByteCounting != true { t.Fatal("not the ContextByteCounting we expected") } - if configuration.HTTPConfig.DialSaver != saver { - t.Fatal("not the DialSaver we expected") - } - if configuration.HTTPConfig.HTTPSaver != saver { - t.Fatal("not the HTTPSaver we expected") - } if configuration.HTTPConfig.Logger != log.Log { t.Fatal("not the Logger we expected") } if configuration.HTTPConfig.ReadWriteSaver != saver { t.Fatal("not the ReadWriteSaver we expected") } - if configuration.HTTPConfig.ResolveSaver != saver { - t.Fatal("not the ResolveSaver we expected") - } - if configuration.HTTPConfig.TLSSaver != saver { - t.Fatal("not the TLSSaver we expected") + if configuration.HTTPConfig.Saver != saver { + t.Fatal("not the Saver we expected") } if configuration.HTTPConfig.BaseResolver == nil { t.Fatal("not the BaseResolver we expected") @@ -215,7 +188,7 @@ func TestConfigurerNewConfigurationResolverDNSOverHTTPSGoogle(t *testing.T) { if configuration.HTTPConfig.TLSConfig.NextProtos[1] != "http/1.1" { t.Fatal("not the TLSConfig we expected") } - if configuration.HTTPConfig.NoTLSVerify == true { + if configuration.HTTPConfig.TLSConfig.InsecureSkipVerify == true { t.Fatal("not the NoTLSVerify we expected") } if configuration.HTTPConfig.ProxyURL != nil { @@ -246,23 +219,14 @@ func TestConfigurerNewConfigurationResolverDNSOverHTTPSCloudflare(t *testing.T) if configuration.HTTPConfig.ContextByteCounting != true { t.Fatal("not the ContextByteCounting we expected") } - if configuration.HTTPConfig.DialSaver != saver { - t.Fatal("not the DialSaver we expected") - } - if configuration.HTTPConfig.HTTPSaver != saver { - t.Fatal("not the HTTPSaver we expected") - } if configuration.HTTPConfig.Logger != log.Log { t.Fatal("not the Logger we expected") } if configuration.HTTPConfig.ReadWriteSaver != saver { t.Fatal("not the ReadWriteSaver we expected") } - if configuration.HTTPConfig.ResolveSaver != saver { - t.Fatal("not the ResolveSaver we expected") - } - if configuration.HTTPConfig.TLSSaver != saver { - t.Fatal("not the TLSSaver we expected") + if configuration.HTTPConfig.Saver != saver { + t.Fatal("not the Saver we expected") } if configuration.HTTPConfig.BaseResolver == nil { t.Fatal("not the BaseResolver we expected") @@ -291,7 +255,7 @@ func TestConfigurerNewConfigurationResolverDNSOverHTTPSCloudflare(t *testing.T) if configuration.HTTPConfig.TLSConfig.NextProtos[1] != "http/1.1" { t.Fatal("not the TLSConfig we expected") } - if configuration.HTTPConfig.NoTLSVerify == true { + if configuration.HTTPConfig.TLSConfig.InsecureSkipVerify == true { t.Fatal("not the NoTLSVerify we expected") } if configuration.HTTPConfig.ProxyURL != nil { @@ -322,23 +286,14 @@ func TestConfigurerNewConfigurationResolverUDP(t *testing.T) { if configuration.HTTPConfig.ContextByteCounting != true { t.Fatal("not the ContextByteCounting we expected") } - if configuration.HTTPConfig.DialSaver != saver { - t.Fatal("not the DialSaver we expected") - } - if configuration.HTTPConfig.HTTPSaver != saver { - t.Fatal("not the HTTPSaver we expected") - } if configuration.HTTPConfig.Logger != log.Log { t.Fatal("not the Logger we expected") } if configuration.HTTPConfig.ReadWriteSaver != saver { t.Fatal("not the ReadWriteSaver we expected") } - if configuration.HTTPConfig.ResolveSaver != saver { - t.Fatal("not the ResolveSaver we expected") - } - if configuration.HTTPConfig.TLSSaver != saver { - t.Fatal("not the TLSSaver we expected") + if configuration.HTTPConfig.Saver != saver { + t.Fatal("not the Saver we expected") } if configuration.HTTPConfig.BaseResolver == nil { t.Fatal("not the BaseResolver we expected") @@ -367,7 +322,7 @@ func TestConfigurerNewConfigurationResolverUDP(t *testing.T) { if configuration.HTTPConfig.TLSConfig.NextProtos[1] != "http/1.1" { t.Fatal("not the TLSConfig we expected") } - if configuration.HTTPConfig.NoTLSVerify == true { + if configuration.HTTPConfig.TLSConfig.InsecureSkipVerify == true { t.Fatal("not the NoTLSVerify we expected") } if configuration.HTTPConfig.ProxyURL != nil { @@ -517,7 +472,7 @@ func TestConfigurerNewConfigurationNoTLSVerify(t *testing.T) { if err != nil { t.Fatal(err) } - if configuration.HTTPConfig.NoTLSVerify != true { + if configuration.HTTPConfig.TLSConfig.InsecureSkipVerify != true { t.Fatal("not the NoTLSVerify we expected") } } diff --git a/internal/engine/netx/netx.go b/internal/engine/netx/netx.go index 1ce0a94..7395f53 100644 --- a/internal/engine/netx/netx.go +++ b/internal/engine/netx/netx.go @@ -23,7 +23,6 @@ package netx import ( "crypto/tls" - "crypto/x509" "errors" "net" "net/http" @@ -45,23 +44,18 @@ type Config struct { BogonIsError bool // default: bogon is not error ByteCounter *bytecounter.Counter // default: no explicit byte counting CacheResolutions bool // default: no caching - CertPool *x509.CertPool // default: use vendored gocertifi ContextByteCounting bool // default: no implicit byte counting DNSCache map[string][]string // default: cache is empty - DialSaver *tracex.Saver // default: not saving dials Dialer model.Dialer // default: dialer.DNSDialer FullResolver model.Resolver // default: base resolver + goodies QUICDialer model.QUICDialer // default: quicdialer.DNSDialer HTTP3Enabled bool // default: disabled - HTTPSaver *tracex.Saver // default: not saving HTTP Logger model.Logger // default: no logging - NoTLSVerify bool // default: perform TLS verify ProxyURL *url.URL // default: no proxy - ReadWriteSaver *tracex.Saver // default: not saving read/write - ResolveSaver *tracex.Saver // default: not saving resolves + ReadWriteSaver *tracex.Saver // default: not saving I/O events + Saver *tracex.Saver // default: not saving non-I/O events TLSConfig *tls.Config // default: attempt using h2 TLSDialer model.TLSDialer // default: dialer.TLSDialer - TLSSaver *tracex.Saver // default: not saving TLS } // NewResolver creates a new resolver from the specified config @@ -93,7 +87,7 @@ func NewResolver(config Config) model.Resolver { Resolver: r, } } - r = config.ResolveSaver.WrapResolver(r) // WAI when config.ResolveSaver==nil + r = config.Saver.WrapResolver(r) // WAI when config.Saver==nil return &netxlite.ResolverIDNA{Resolver: r} } @@ -104,7 +98,7 @@ func NewDialer(config Config) model.Dialer { } logger := model.ValidLoggerOrDefault(config.Logger) d := netxlite.NewDialerWithResolver( - logger, config.FullResolver, config.DialSaver.NewConnectObserver(), + logger, config.FullResolver, config.Saver.NewConnectObserver(), config.ReadWriteSaver.NewReadWriteObserver(), ) d = netxlite.NewMaybeProxyDialer(d, config.ProxyURL) @@ -122,7 +116,7 @@ func NewQUICDialer(config Config) model.QUICDialer { // TODO(bassosimone): we should count the bytes consumed by this QUIC dialer ql := config.ReadWriteSaver.WrapQUICListener(netxlite.NewQUICListener()) logger := model.ValidLoggerOrDefault(config.Logger) - return netxlite.NewQUICDialerWithResolver(ql, logger, config.FullResolver, config.TLSSaver) + return netxlite.NewQUICDialerWithResolver(ql, logger, config.FullResolver, config.Saver) } // NewTLSDialer creates a new TLSDialer from the specified config @@ -132,13 +126,8 @@ func NewTLSDialer(config Config) model.TLSDialer { } logger := model.ValidLoggerOrDefault(config.Logger) thx := netxlite.NewTLSHandshakerStdlib(logger) - thx = config.TLSSaver.WrapTLSHandshaker(thx) // WAI when TLSSaver is nil + thx = config.Saver.WrapTLSHandshaker(thx) // WAI even when config.Saver is nil tlsConfig := netxlite.ClonedTLSConfigOrNewEmptyConfig(config.TLSConfig) - // TODO(bassosimone): we should not provide confusing options and - // so we should drop CertPool and NoTLSVerify in favour of encouraging - // the users of this library to always use a TLSConfig. - tlsConfig.RootCAs = config.CertPool // netxlite uses default cert pool if this is nil - tlsConfig.InsecureSkipVerify = config.NoTLSVerify return netxlite.NewTLSDialerWithConfig(config.Dialer, thx, tlsConfig) } @@ -165,9 +154,9 @@ func NewHTTPTransport(config Config) model.HTTPTransport { if config.Logger != nil { txp = &netxlite.HTTPTransportLogger{Logger: config.Logger, HTTPTransport: txp} } - if config.HTTPSaver != nil { + if config.Saver != nil { txp = &tracex.HTTPTransportSaver{ - HTTPTransport: txp, Saver: config.HTTPSaver} + HTTPTransport: txp, Saver: config.Saver} } return txp } @@ -241,7 +230,7 @@ func NewDNSClientWithOverrides(config Config, URL, hostOverride, SNIOverride, httpClient := &http.Client{Transport: NewHTTPTransport(config)} var txp model.DNSTransport = netxlite.NewUnwrappedDNSOverHTTPSTransportWithHostOverride( httpClient, URL, hostOverride) - txp = config.ResolveSaver.WrapDNSTransport(txp) // safe when config.ResolveSaver == nil + txp = config.Saver.WrapDNSTransport(txp) // safe when config.Saver == nil return netxlite.NewUnwrappedSerialResolver(txp), nil case "udp": dialer := NewDialer(config) @@ -251,7 +240,7 @@ func NewDNSClientWithOverrides(config Config, URL, hostOverride, SNIOverride, } var txp model.DNSTransport = netxlite.NewUnwrappedDNSOverUDPTransport( dialer, endpoint) - txp = config.ResolveSaver.WrapDNSTransport(txp) // safe when config.ResolveSaver == nil + txp = config.Saver.WrapDNSTransport(txp) // safe when config.Saver == nil return netxlite.NewUnwrappedSerialResolver(txp), nil case "dot": config.TLSConfig.NextProtos = []string{"dot"} @@ -262,7 +251,7 @@ func NewDNSClientWithOverrides(config Config, URL, hostOverride, SNIOverride, } var txp model.DNSTransport = netxlite.NewUnwrappedDNSOverTLSTransport( tlsDialer.DialTLSContext, endpoint) - txp = config.ResolveSaver.WrapDNSTransport(txp) // safe when config.ResolveSaver == nil + txp = config.Saver.WrapDNSTransport(txp) // safe when config.Saver == nil return netxlite.NewUnwrappedSerialResolver(txp), nil case "tcp": dialer := NewDialer(config) @@ -272,7 +261,7 @@ func NewDNSClientWithOverrides(config Config, URL, hostOverride, SNIOverride, } var txp model.DNSTransport = netxlite.NewUnwrappedDNSOverTCPTransport( dialer.DialContext, endpoint) - txp = config.ResolveSaver.WrapDNSTransport(txp) // safe when config.ResolveSaver == nil + txp = config.Saver.WrapDNSTransport(txp) // safe when config.Saver == nil return netxlite.NewUnwrappedSerialResolver(txp), nil default: return nil, errors.New("unsupported resolver scheme") diff --git a/internal/engine/netx/netx_test.go b/internal/engine/netx/netx_test.go index 655b1ff..137b955 100644 --- a/internal/engine/netx/netx_test.go +++ b/internal/engine/netx/netx_test.go @@ -119,7 +119,7 @@ func TestNewResolverWithLogging(t *testing.T) { func TestNewResolverWithSaver(t *testing.T) { saver := new(tracex.Saver) r := NewResolver(Config{ - ResolveSaver: saver, + Saver: saver, }) ir, ok := r.(*netxlite.ResolverIDNA) if !ok { @@ -223,50 +223,12 @@ func TestNewTLSDialer(t *testing.T) { } }) - t.Run("we can collect TLS measurements", func(t *testing.T) { + t.Run("we can collect measurements", func(t *testing.T) { server := filtering.NewTLSServer(filtering.TLSActionReset) defer server.Close() saver := &tracex.Saver{} tdx := NewTLSDialer(Config{ - TLSSaver: saver, - }) - conn, err := tdx.DialTLSContext(context.Background(), "tcp", server.Endpoint()) - if err == nil || err.Error() != netxlite.FailureConnectionReset { - t.Fatal("unexpected err", err) - } - if conn != nil { - t.Fatal("expected nil conn") - } - if len(saver.Read()) <= 0 { - t.Fatal("did not read any event") - } - }) - - t.Run("we can collect dial measurements", func(t *testing.T) { - server := filtering.NewTLSServer(filtering.TLSActionReset) - defer server.Close() - saver := &tracex.Saver{} - tdx := NewTLSDialer(Config{ - DialSaver: saver, - }) - conn, err := tdx.DialTLSContext(context.Background(), "tcp", server.Endpoint()) - if err == nil || err.Error() != netxlite.FailureConnectionReset { - t.Fatal("unexpected err", err) - } - if conn != nil { - t.Fatal("expected nil conn") - } - if len(saver.Read()) <= 0 { - t.Fatal("did not read any event") - } - }) - - t.Run("we can collect I/O measurements", func(t *testing.T) { - server := filtering.NewTLSServer(filtering.TLSActionReset) - defer server.Close() - saver := &tracex.Saver{} - tdx := NewTLSDialer(Config{ - ReadWriteSaver: saver, + Saver: saver, }) conn, err := tdx.DialTLSContext(context.Background(), "tcp", server.Endpoint()) if err == nil || err.Error() != netxlite.FailureConnectionReset { @@ -283,7 +245,9 @@ func TestNewTLSDialer(t *testing.T) { t.Run("we can skip TLS verification", func(t *testing.T) { server := filtering.NewTLSServer(filtering.TLSActionBlockText) defer server.Close() - tdx := NewTLSDialer(Config{NoTLSVerify: true}) + tdx := NewTLSDialer(Config{TLSConfig: &tls.Config{ + InsecureSkipVerify: true, + }}) conn, err := tdx.DialTLSContext(context.Background(), "tcp", server.Endpoint()) if err != nil { t.Fatal(err.(*netxlite.ErrWrapper).WrappedErr) @@ -295,8 +259,8 @@ func TestNewTLSDialer(t *testing.T) { server := filtering.NewTLSServer(filtering.TLSActionBlockText) defer server.Close() tdx := NewTLSDialer(Config{ - CertPool: server.CertPool(), TLSConfig: &tls.Config{ + RootCAs: server.CertPool(), ServerName: "dns.google", }, }) @@ -371,7 +335,7 @@ func TestNewWithLogger(t *testing.T) { func TestNewWithSaver(t *testing.T) { saver := new(tracex.Saver) txp := NewHTTPTransport(Config{ - HTTPSaver: saver, + Saver: saver, }) stxptxp, ok := txp.(*tracex.HTTPTransportSaver) if !ok { @@ -483,7 +447,7 @@ func TestNewDNSClientCloudflareDoH(t *testing.T) { func TestNewDNSClientCloudflareDoHSaver(t *testing.T) { saver := new(tracex.Saver) dnsclient, err := NewDNSClient( - Config{ResolveSaver: saver}, "doh://cloudflare") + Config{Saver: saver}, "doh://cloudflare") if err != nil { t.Fatal(err) } @@ -520,7 +484,7 @@ func TestNewDNSClientUDP(t *testing.T) { func TestNewDNSClientUDPDNSSaver(t *testing.T) { saver := new(tracex.Saver) dnsclient, err := NewDNSClient( - Config{ResolveSaver: saver}, "udp://8.8.8.8:53") + Config{Saver: saver}, "udp://8.8.8.8:53") if err != nil { t.Fatal(err) } @@ -561,7 +525,7 @@ func TestNewDNSClientTCP(t *testing.T) { func TestNewDNSClientTCPDNSSaver(t *testing.T) { saver := new(tracex.Saver) dnsclient, err := NewDNSClient( - Config{ResolveSaver: saver}, "tcp://8.8.8.8:53") + Config{Saver: saver}, "tcp://8.8.8.8:53") if err != nil { t.Fatal(err) } @@ -606,7 +570,7 @@ func TestNewDNSClientDoT(t *testing.T) { func TestNewDNSClientDoTDNSSaver(t *testing.T) { saver := new(tracex.Saver) dnsclient, err := NewDNSClient( - Config{ResolveSaver: saver}, "dot://8.8.8.8:53") + Config{Saver: saver}, "dot://8.8.8.8:53") if err != nil { t.Fatal(err) } @@ -704,12 +668,9 @@ func TestSuccess(t *testing.T) { ByteCounter: counter, CacheResolutions: true, ContextByteCounting: true, - DialSaver: &tracex.Saver{}, - HTTPSaver: &tracex.Saver{}, Logger: log.Log, ReadWriteSaver: &tracex.Saver{}, - ResolveSaver: &tracex.Saver{}, - TLSSaver: &tracex.Saver{}, + Saver: &tracex.Saver{}, } txp := NewHTTPTransport(config) client := &http.Client{Transport: txp} @@ -729,20 +690,11 @@ func TestSuccess(t *testing.T) { if counter.Received.Load() <= 0 { t.Fatal("no bytes received?!") } - if ev := config.DialSaver.Read(); len(ev) <= 0 { - t.Fatal("no dial events?!") - } - if ev := config.HTTPSaver.Read(); len(ev) <= 0 { - t.Fatal("no HTTP events?!") - } if ev := config.ReadWriteSaver.Read(); len(ev) <= 0 { t.Fatal("no R/W events?!") } - if ev := config.ResolveSaver.Read(); len(ev) <= 0 { - t.Fatal("no resolver events?!") - } - if ev := config.TLSSaver.Read(); len(ev) <= 0 { - t.Fatal("no TLS events?!") + if ev := config.Saver.Read(); len(ev) <= 0 { + t.Fatal("no non-I/O events?!") } } @@ -753,8 +705,8 @@ func TestBogonResolutionNotBroken(t *testing.T) { DNSCache: map[string][]string{ "www.google.com": {"127.0.0.1"}, }, - ResolveSaver: saver, - Logger: log.Log, + Saver: saver, + Logger: log.Log, }) addrs, err := r.LookupHost(context.Background(), "www.google.com") if !errors.Is(err, netxlite.ErrDNSBogon) { diff --git a/internal/netxlite/filtering/tls_test.go b/internal/netxlite/filtering/tls_test.go index 5096978..066607a 100644 --- a/internal/netxlite/filtering/tls_test.go +++ b/internal/netxlite/filtering/tls_test.go @@ -86,13 +86,13 @@ func TestTLSServer(t *testing.T) { t.Run("certificate error when we're validating", func(t *testing.T) { srv := NewTLSServer(TLSActionBlockText) defer srv.Close() - // Certificate.Verify now uses platform APIs to verify certificate validity + // "Certificate.Verify now uses platform APIs to verify certificate validity // on macOS and iOS when it is called with a nil VerifyOpts.Roots or when using - // the root pool returned from SystemCertPool. " + // the root pool returned from SystemCertPool." // // -- https://tip.golang.org/doc/go1.18 // - // So we need to explicitly use our default cert pool otherwise we will + // Thus, we need to explicitly use our default cert pool otherwise we will // see this test failing with a different error string here. config := &tls.Config{ ServerName: "dns.google",