refactor: merge tlsx into netxlite (#403)
Part of https://github.com/ooni/probe/issues/1505
This commit is contained in:
parent
f1ee763f94
commit
7f2463d745
|
@ -12,7 +12,7 @@ import (
|
|||
"github.com/ooni/probe-cli/v3/internal/engine/experiment/urlgetter"
|
||||
"github.com/ooni/probe-cli/v3/internal/engine/model"
|
||||
"github.com/ooni/probe-cli/v3/internal/engine/netx/archival"
|
||||
"github.com/ooni/probe-cli/v3/internal/engine/netx/tlsx"
|
||||
"github.com/ooni/probe-cli/v3/internal/netxlite"
|
||||
)
|
||||
|
||||
const (
|
||||
|
@ -183,7 +183,7 @@ func (m Measurer) Run(ctx context.Context, sess model.ExperimentSession,
|
|||
measurement.TestKeys = testkeys
|
||||
urlgetter.RegisterExtensions(measurement)
|
||||
|
||||
certPool := tlsx.NewDefaultCertPool()
|
||||
certPool := netxlite.NewDefaultCertPool()
|
||||
|
||||
// used multiple times below
|
||||
multi := urlgetter.Multi{
|
||||
|
|
|
@ -10,7 +10,7 @@ import (
|
|||
|
||||
"github.com/ooni/probe-cli/v3/internal/engine/experiment/urlgetter"
|
||||
"github.com/ooni/probe-cli/v3/internal/engine/model"
|
||||
"github.com/ooni/probe-cli/v3/internal/engine/netx/tlsx"
|
||||
"github.com/ooni/probe-cli/v3/internal/netxlite"
|
||||
)
|
||||
|
||||
const (
|
||||
|
@ -111,7 +111,7 @@ func (m Measurer) Run(ctx context.Context, sess model.ExperimentSession,
|
|||
defer cancel()
|
||||
urlgetter.RegisterExtensions(measurement)
|
||||
|
||||
certPool := tlsx.NewDefaultCertPool()
|
||||
certPool := netxlite.NewDefaultCertPool()
|
||||
signalCABytes := []byte(signalCA)
|
||||
if m.Config.SignalCA != "" {
|
||||
signalCABytes = []byte(m.Config.SignalCA)
|
||||
|
|
|
@ -10,8 +10,8 @@ import (
|
|||
|
||||
"github.com/ooni/probe-cli/v3/internal/engine/model"
|
||||
"github.com/ooni/probe-cli/v3/internal/engine/netx"
|
||||
"github.com/ooni/probe-cli/v3/internal/engine/netx/tlsx"
|
||||
"github.com/ooni/probe-cli/v3/internal/engine/netx/trace"
|
||||
"github.com/ooni/probe-cli/v3/internal/netxlite"
|
||||
)
|
||||
|
||||
// The Configurer job is to construct a Configuration that can
|
||||
|
@ -90,7 +90,7 @@ func (c Configurer) NewConfiguration() (Configuration, error) {
|
|||
if c.Config.TLSServerName != "" {
|
||||
configuration.HTTPConfig.TLSConfig.ServerName = c.Config.TLSServerName
|
||||
}
|
||||
err = tlsx.ConfigureTLSVersion(
|
||||
err = netxlite.ConfigureTLSVersion(
|
||||
configuration.HTTPConfig.TLSConfig, c.Config.TLSVersion,
|
||||
)
|
||||
if err != nil {
|
||||
|
|
|
@ -10,8 +10,8 @@ import (
|
|||
"github.com/apex/log"
|
||||
"github.com/ooni/probe-cli/v3/internal/engine/experiment/urlgetter"
|
||||
"github.com/ooni/probe-cli/v3/internal/engine/netx/resolver"
|
||||
"github.com/ooni/probe-cli/v3/internal/engine/netx/tlsx"
|
||||
"github.com/ooni/probe-cli/v3/internal/engine/netx/trace"
|
||||
"github.com/ooni/probe-cli/v3/internal/netxlite"
|
||||
)
|
||||
|
||||
func TestConfigurerNewConfigurationVanilla(t *testing.T) {
|
||||
|
@ -711,7 +711,7 @@ func TestConfigurerNewConfigurationTLSvInvalid(t *testing.T) {
|
|||
Saver: saver,
|
||||
}
|
||||
_, err := configurer.NewConfiguration()
|
||||
if !errors.Is(err, tlsx.ErrInvalidTLSVersion) {
|
||||
if !errors.Is(err, netxlite.ErrInvalidTLSVersion) {
|
||||
t.Fatalf("not the error we expected: %+v", err)
|
||||
}
|
||||
}
|
||||
|
|
|
@ -9,7 +9,7 @@ import (
|
|||
"strings"
|
||||
|
||||
"github.com/ooni/probe-cli/v3/internal/engine/legacy/netx/modelx"
|
||||
"github.com/ooni/probe-cli/v3/internal/engine/netx/tlsx"
|
||||
"github.com/ooni/probe-cli/v3/internal/netxlite"
|
||||
)
|
||||
|
||||
// Logger is the interface we expect from a logger
|
||||
|
@ -66,7 +66,7 @@ func (h *Handler) OnMeasurement(m modelx.Measurement) {
|
|||
h.logger.Debugf(
|
||||
"TLS done: %s, %s (alpn='%s')",
|
||||
fmtError(m.TLSHandshakeDone.Error),
|
||||
tlsx.VersionString(m.TLSHandshakeDone.ConnectionState.Version),
|
||||
netxlite.TLSVersionString(m.TLSHandshakeDone.ConnectionState.Version),
|
||||
m.TLSHandshakeDone.ConnectionState.NegotiatedProtocol,
|
||||
)
|
||||
}
|
||||
|
|
|
@ -20,7 +20,7 @@ import (
|
|||
"github.com/ooni/probe-cli/v3/internal/engine/legacy/oonitemplates"
|
||||
"github.com/ooni/probe-cli/v3/internal/engine/model"
|
||||
"github.com/ooni/probe-cli/v3/internal/engine/netx/errorx"
|
||||
"github.com/ooni/probe-cli/v3/internal/engine/netx/tlsx"
|
||||
"github.com/ooni/probe-cli/v3/internal/netxlite"
|
||||
)
|
||||
|
||||
// ExtSpec describes a data format extension
|
||||
|
@ -463,12 +463,12 @@ func NewTLSHandshakesList(results oonitemplates.Results) TLSHandshakesList {
|
|||
var out TLSHandshakesList
|
||||
for _, in := range results.TLSHandshakes {
|
||||
out = append(out, TLSHandshake{
|
||||
CipherSuite: tlsx.CipherSuiteString(in.ConnectionState.CipherSuite),
|
||||
CipherSuite: netxlite.TLSCipherSuiteString(in.ConnectionState.CipherSuite),
|
||||
Failure: makeFailure(in.Error),
|
||||
NegotiatedProtocol: in.ConnectionState.NegotiatedProtocol,
|
||||
PeerCertificates: makePeerCerts(in.ConnectionState.PeerCertificates),
|
||||
T: in.DurationSinceBeginning.Seconds(),
|
||||
TLSVersion: tlsx.VersionString(in.ConnectionState.Version),
|
||||
TLSVersion: netxlite.TLSVersionString(in.ConnectionState.Version),
|
||||
})
|
||||
}
|
||||
return out
|
||||
|
|
|
@ -37,7 +37,6 @@ import (
|
|||
"github.com/ooni/probe-cli/v3/internal/engine/netx/quicdialer"
|
||||
"github.com/ooni/probe-cli/v3/internal/engine/netx/resolver"
|
||||
"github.com/ooni/probe-cli/v3/internal/engine/netx/tlsdialer"
|
||||
"github.com/ooni/probe-cli/v3/internal/engine/netx/tlsx"
|
||||
"github.com/ooni/probe-cli/v3/internal/engine/netx/trace"
|
||||
"github.com/ooni/probe-cli/v3/internal/netxlite"
|
||||
)
|
||||
|
@ -110,7 +109,7 @@ type tlsHandshaker interface {
|
|||
net.Conn, tls.ConnectionState, error)
|
||||
}
|
||||
|
||||
var defaultCertPool *x509.CertPool = tlsx.NewDefaultCertPool()
|
||||
var defaultCertPool *x509.CertPool = netxlite.NewDefaultCertPool()
|
||||
|
||||
// NewResolver creates a new resolver from the specified config
|
||||
func NewResolver(config Config) Resolver {
|
||||
|
@ -312,7 +311,7 @@ func NewDNSClientWithOverrides(config Config, URL, hostOverride, SNIOverride,
|
|||
return c, err
|
||||
}
|
||||
config.TLSConfig = &tls.Config{ServerName: SNIOverride}
|
||||
if err := tlsx.ConfigureTLSVersion(config.TLSConfig, TLSVersion); err != nil {
|
||||
if err := netxlite.ConfigureTLSVersion(config.TLSConfig, TLSVersion); err != nil {
|
||||
return c, err
|
||||
}
|
||||
switch resolverURL.Scheme {
|
||||
|
|
|
@ -13,7 +13,6 @@ import (
|
|||
"github.com/ooni/probe-cli/v3/internal/engine/netx/httptransport"
|
||||
"github.com/ooni/probe-cli/v3/internal/engine/netx/resolver"
|
||||
"github.com/ooni/probe-cli/v3/internal/engine/netx/tlsdialer"
|
||||
"github.com/ooni/probe-cli/v3/internal/engine/netx/tlsx"
|
||||
"github.com/ooni/probe-cli/v3/internal/engine/netx/trace"
|
||||
"github.com/ooni/probe-cli/v3/internal/netxlite"
|
||||
)
|
||||
|
@ -848,7 +847,7 @@ func TestNewDNSClientBadUDPEndpoint(t *testing.T) {
|
|||
func TestNewDNSCLientWithInvalidTLSVersion(t *testing.T) {
|
||||
_, err := netx.NewDNSClientWithOverrides(
|
||||
netx.Config{}, "dot://8.8.8.8", "", "", "TLSv999")
|
||||
if !errors.Is(err, tlsx.ErrInvalidTLSVersion) {
|
||||
if !errors.Is(err, netxlite.ErrInvalidTLSVersion) {
|
||||
t.Fatalf("not the error we expected: %+v", err)
|
||||
}
|
||||
}
|
||||
|
|
|
@ -6,8 +6,8 @@ import (
|
|||
"time"
|
||||
|
||||
"github.com/lucas-clemente/quic-go"
|
||||
"github.com/ooni/probe-cli/v3/internal/engine/netx/tlsx"
|
||||
"github.com/ooni/probe-cli/v3/internal/engine/netx/trace"
|
||||
"github.com/ooni/probe-cli/v3/internal/netxlite"
|
||||
)
|
||||
|
||||
// HandshakeSaver saves events occurring during the handshake
|
||||
|
@ -50,12 +50,12 @@ func (h HandshakeSaver) DialContext(ctx context.Context, network string,
|
|||
Duration: stop.Sub(start),
|
||||
Name: "quic_handshake_done",
|
||||
NoTLSVerify: tlsCfg.InsecureSkipVerify,
|
||||
TLSCipherSuite: tlsx.CipherSuiteString(state.CipherSuite),
|
||||
TLSCipherSuite: netxlite.TLSCipherSuiteString(state.CipherSuite),
|
||||
TLSNegotiatedProto: state.NegotiatedProtocol,
|
||||
TLSNextProtos: tlsCfg.NextProtos,
|
||||
TLSPeerCerts: trace.PeerCerts(state, err),
|
||||
TLSServerName: tlsCfg.ServerName,
|
||||
TLSVersion: tlsx.VersionString(state.Version),
|
||||
TLSVersion: netxlite.TLSVersionString(state.Version),
|
||||
Time: stop,
|
||||
})
|
||||
return sess, nil
|
||||
|
|
|
@ -6,8 +6,8 @@ import (
|
|||
"net"
|
||||
"time"
|
||||
|
||||
"github.com/ooni/probe-cli/v3/internal/engine/netx/tlsx"
|
||||
"github.com/ooni/probe-cli/v3/internal/engine/netx/trace"
|
||||
"github.com/ooni/probe-cli/v3/internal/netxlite"
|
||||
)
|
||||
|
||||
// SaverTLSHandshaker saves events occurring during the handshake
|
||||
|
@ -35,12 +35,12 @@ func (h SaverTLSHandshaker) Handshake(
|
|||
Err: err,
|
||||
Name: "tls_handshake_done",
|
||||
NoTLSVerify: config.InsecureSkipVerify,
|
||||
TLSCipherSuite: tlsx.CipherSuiteString(state.CipherSuite),
|
||||
TLSCipherSuite: netxlite.TLSCipherSuiteString(state.CipherSuite),
|
||||
TLSNegotiatedProto: state.NegotiatedProtocol,
|
||||
TLSNextProtos: config.NextProtos,
|
||||
TLSPeerCerts: trace.PeerCerts(state, err),
|
||||
TLSServerName: config.ServerName,
|
||||
TLSVersion: tlsx.VersionString(state.Version),
|
||||
TLSVersion: netxlite.TLSVersionString(state.Version),
|
||||
Time: stop,
|
||||
})
|
||||
return tlsconn, state, err
|
||||
|
|
|
@ -1,10 +1,10 @@
|
|||
// Code generated by go generate; DO NOT EDIT.
|
||||
// 2021-06-15 10:55:55.638897 +0200 CEST m=+4.257631084
|
||||
// 2021-06-25 12:32:42.759674 +0200 CEST m=+0.458880709
|
||||
// https://curl.haxx.se/ca/cacert.pem
|
||||
|
||||
package tlsx
|
||||
package netxlite
|
||||
|
||||
//go:generate go run generate.go "https://curl.haxx.se/ca/cacert.pem"
|
||||
//go:generate go run certifigen.go "https://curl.haxx.se/ca/cacert.pem"
|
||||
|
||||
const pemcerts string = `
|
||||
##
|
|
@ -28,9 +28,9 @@ var tmpl = template.Must(template.New("").Parse(`// Code generated by go generat
|
|||
// {{ .Timestamp }}
|
||||
// {{ .URL }}
|
||||
|
||||
package tlsx
|
||||
package netxlite
|
||||
|
||||
//go:generate go run generate.go "{{ .URL }}"
|
||||
//go:generate go run certifigen.go "{{ .URL }}"
|
||||
|
||||
const pemcerts string = ` + "`" + `
|
||||
{{ .Bundle }}
|
|
@ -5,8 +5,6 @@ import (
|
|||
"crypto/tls"
|
||||
"net"
|
||||
"time"
|
||||
|
||||
"github.com/ooni/probe-cli/v3/internal/engine/netx/tlsx"
|
||||
)
|
||||
|
||||
// TLSHandshaker is the generic TLS handshaker.
|
||||
|
@ -74,8 +72,8 @@ func (h *TLSHandshakerLogger) Handshake(
|
|||
h.Logger.Debugf(
|
||||
"tls {sni=%s next=%+v}... ok in %s {next=%s cipher=%s v=%s}",
|
||||
config.ServerName, config.NextProtos, elapsed, state.NegotiatedProtocol,
|
||||
tlsx.CipherSuiteString(state.CipherSuite),
|
||||
tlsx.VersionString(state.Version))
|
||||
TLSCipherSuiteString(state.CipherSuite),
|
||||
TLSVersionString(state.Version))
|
||||
return tlsconn, state, nil
|
||||
}
|
||||
|
||||
|
|
|
@ -1,5 +1,4 @@
|
|||
// Package tlsx contains TLS extensions
|
||||
package tlsx
|
||||
package netxlite
|
||||
|
||||
import (
|
||||
"crypto/tls"
|
||||
|
@ -10,7 +9,6 @@ import (
|
|||
|
||||
var (
|
||||
tlsVersionString = map[uint16]string{
|
||||
tls.VersionSSL30: "SSLv3",
|
||||
tls.VersionTLS10: "TLSv1",
|
||||
tls.VersionTLS11: "TLSv1.1",
|
||||
tls.VersionTLS12: "TLSv1.2",
|
||||
|
@ -48,16 +46,16 @@ var (
|
|||
}
|
||||
)
|
||||
|
||||
// VersionString returns a TLS version string.
|
||||
func VersionString(value uint16) string {
|
||||
// TLSVersionString returns a TLS version string.
|
||||
func TLSVersionString(value uint16) string {
|
||||
if str, found := tlsVersionString[value]; found {
|
||||
return str
|
||||
}
|
||||
return fmt.Sprintf("TLS_VERSION_UNKNOWN_%d", value)
|
||||
}
|
||||
|
||||
// CipherSuiteString returns the TLS cipher suite as a string.
|
||||
func CipherSuiteString(value uint16) string {
|
||||
// TLSCipherSuiteString returns the TLS cipher suite as a string.
|
||||
func TLSCipherSuiteString(value uint16) string {
|
||||
if str, found := tlsCipherSuiteString[value]; found {
|
||||
return str
|
||||
}
|
|
@ -1,4 +1,4 @@
|
|||
package tlsx
|
||||
package netxlite
|
||||
|
||||
import (
|
||||
"crypto/tls"
|
||||
|
@ -7,25 +7,25 @@ import (
|
|||
)
|
||||
|
||||
func TestVersionString(t *testing.T) {
|
||||
if VersionString(tls.VersionTLS13) != "TLSv1.3" {
|
||||
if TLSVersionString(tls.VersionTLS13) != "TLSv1.3" {
|
||||
t.Fatal("not working for existing version")
|
||||
}
|
||||
if VersionString(1) != "TLS_VERSION_UNKNOWN_1" {
|
||||
if TLSVersionString(1) != "TLS_VERSION_UNKNOWN_1" {
|
||||
t.Fatal("not working for nonexisting version")
|
||||
}
|
||||
if VersionString(0) != "" {
|
||||
if TLSVersionString(0) != "" {
|
||||
t.Fatal("not working for zero version")
|
||||
}
|
||||
}
|
||||
|
||||
func TestCipherSuite(t *testing.T) {
|
||||
if CipherSuiteString(tls.TLS_AES_128_GCM_SHA256) != "TLS_AES_128_GCM_SHA256" {
|
||||
if TLSCipherSuiteString(tls.TLS_AES_128_GCM_SHA256) != "TLS_AES_128_GCM_SHA256" {
|
||||
t.Fatal("not working for existing cipher suite")
|
||||
}
|
||||
if CipherSuiteString(1) != "TLS_CIPHER_SUITE_UNKNOWN_1" {
|
||||
if TLSCipherSuiteString(1) != "TLS_CIPHER_SUITE_UNKNOWN_1" {
|
||||
t.Fatal("not working for nonexisting cipher suite")
|
||||
}
|
||||
if CipherSuiteString(0) != "" {
|
||||
if TLSCipherSuiteString(0) != "" {
|
||||
t.Fatal("not working for zero cipher suite")
|
||||
}
|
||||
}
|
Loading…
Reference in New Issue
Block a user