refactor: merge tlsx into netxlite (#403)

Part of https://github.com/ooni/probe/issues/1505
2021-06-25 12:39:45 +02:00 · 2021-06-25 12:39:45 +02:00 · 7f2463d745
commit 7f2463d745
parent f1ee763f94
15 changed files with 41 additions and 47 deletions
--- a/internal/engine/experiment/riseupvpn/riseupvpn.go
+++ b/internal/engine/experiment/riseupvpn/riseupvpn.go
@ -12,7 +12,7 @@ import (
 	"github.com/ooni/probe-cli/v3/internal/engine/experiment/urlgetter"
 	"github.com/ooni/probe-cli/v3/internal/engine/model"
 	"github.com/ooni/probe-cli/v3/internal/engine/netx/archival"
-	"github.com/ooni/probe-cli/v3/internal/engine/netx/tlsx"
+	"github.com/ooni/probe-cli/v3/internal/netxlite"
 )

 const (
@ -183,7 +183,7 @@ func (m Measurer) Run(ctx context.Context, sess model.ExperimentSession,
 	measurement.TestKeys = testkeys
 	urlgetter.RegisterExtensions(measurement)

-	certPool := tlsx.NewDefaultCertPool()
+	certPool := netxlite.NewDefaultCertPool()

 	// used multiple times below
 	multi := urlgetter.Multi{
--- a/internal/engine/experiment/signal/signal.go
+++ b/internal/engine/experiment/signal/signal.go
@ -10,7 +10,7 @@ import (

 	"github.com/ooni/probe-cli/v3/internal/engine/experiment/urlgetter"
 	"github.com/ooni/probe-cli/v3/internal/engine/model"
-	"github.com/ooni/probe-cli/v3/internal/engine/netx/tlsx"
+	"github.com/ooni/probe-cli/v3/internal/netxlite"
 )

 const (
@ -111,7 +111,7 @@ func (m Measurer) Run(ctx context.Context, sess model.ExperimentSession,
 	defer cancel()
 	urlgetter.RegisterExtensions(measurement)

-	certPool := tlsx.NewDefaultCertPool()
+	certPool := netxlite.NewDefaultCertPool()
 	signalCABytes := []byte(signalCA)
 	if m.Config.SignalCA != "" {
 		signalCABytes = []byte(m.Config.SignalCA)
--- a/internal/engine/experiment/urlgetter/configurer.go
+++ b/internal/engine/experiment/urlgetter/configurer.go
@ -10,8 +10,8 @@ import (

 	"github.com/ooni/probe-cli/v3/internal/engine/model"
 	"github.com/ooni/probe-cli/v3/internal/engine/netx"
-	"github.com/ooni/probe-cli/v3/internal/engine/netx/tlsx"
 	"github.com/ooni/probe-cli/v3/internal/engine/netx/trace"
+	"github.com/ooni/probe-cli/v3/internal/netxlite"
 )

 // The Configurer job is to construct a Configuration that can
@ -90,7 +90,7 @@ func (c Configurer) NewConfiguration() (Configuration, error) {
 	if c.Config.TLSServerName != "" {
 		configuration.HTTPConfig.TLSConfig.ServerName = c.Config.TLSServerName
 	}
-	err = tlsx.ConfigureTLSVersion(
+	err = netxlite.ConfigureTLSVersion(
 		configuration.HTTPConfig.TLSConfig, c.Config.TLSVersion,
 	)
 	if err != nil {
--- a/internal/engine/experiment/urlgetter/configurer_test.go
+++ b/internal/engine/experiment/urlgetter/configurer_test.go
@ -10,8 +10,8 @@ import (
 	"github.com/apex/log"
 	"github.com/ooni/probe-cli/v3/internal/engine/experiment/urlgetter"
 	"github.com/ooni/probe-cli/v3/internal/engine/netx/resolver"
-	"github.com/ooni/probe-cli/v3/internal/engine/netx/tlsx"
 	"github.com/ooni/probe-cli/v3/internal/engine/netx/trace"
+	"github.com/ooni/probe-cli/v3/internal/netxlite"
 )

 func TestConfigurerNewConfigurationVanilla(t *testing.T) {
@ -711,7 +711,7 @@ func TestConfigurerNewConfigurationTLSvInvalid(t *testing.T) {
 		Saver:  saver,
 	}
 	_, err := configurer.NewConfiguration()
-	if !errors.Is(err, tlsx.ErrInvalidTLSVersion) {
+	if !errors.Is(err, netxlite.ErrInvalidTLSVersion) {
 		t.Fatalf("not the error we expected: %+v", err)
 	}
 }
--- a/internal/engine/legacy/netxlogger/netxlogger.go
+++ b/internal/engine/legacy/netxlogger/netxlogger.go
@ -9,7 +9,7 @@ import (
 	"strings"

 	"github.com/ooni/probe-cli/v3/internal/engine/legacy/netx/modelx"
-	"github.com/ooni/probe-cli/v3/internal/engine/netx/tlsx"
+	"github.com/ooni/probe-cli/v3/internal/netxlite"
 )

 // Logger is the interface we expect from a logger
@ -66,7 +66,7 @@ func (h *Handler) OnMeasurement(m modelx.Measurement) {
 		h.logger.Debugf(
 			"TLS done: %s, %s (alpn='%s')",
 			fmtError(m.TLSHandshakeDone.Error),
-			tlsx.VersionString(m.TLSHandshakeDone.ConnectionState.Version),
+			netxlite.TLSVersionString(m.TLSHandshakeDone.ConnectionState.Version),
 			m.TLSHandshakeDone.ConnectionState.NegotiatedProtocol,
 		)
 	}
--- a/internal/engine/legacy/oonidatamodel/oonidatamodel.go
+++ b/internal/engine/legacy/oonidatamodel/oonidatamodel.go
@ -20,7 +20,7 @@ import (
 	"github.com/ooni/probe-cli/v3/internal/engine/legacy/oonitemplates"
 	"github.com/ooni/probe-cli/v3/internal/engine/model"
 	"github.com/ooni/probe-cli/v3/internal/engine/netx/errorx"
-	"github.com/ooni/probe-cli/v3/internal/engine/netx/tlsx"
+	"github.com/ooni/probe-cli/v3/internal/netxlite"
 )

 // ExtSpec describes a data format extension
@ -463,12 +463,12 @@ func NewTLSHandshakesList(results oonitemplates.Results) TLSHandshakesList {
 	var out TLSHandshakesList
 	for _, in := range results.TLSHandshakes {
 		out = append(out, TLSHandshake{
-			CipherSuite:        tlsx.CipherSuiteString(in.ConnectionState.CipherSuite),
+			CipherSuite:        netxlite.TLSCipherSuiteString(in.ConnectionState.CipherSuite),
 			Failure:            makeFailure(in.Error),
 			NegotiatedProtocol: in.ConnectionState.NegotiatedProtocol,
 			PeerCertificates:   makePeerCerts(in.ConnectionState.PeerCertificates),
 			T:                  in.DurationSinceBeginning.Seconds(),
-			TLSVersion:         tlsx.VersionString(in.ConnectionState.Version),
+			TLSVersion:         netxlite.TLSVersionString(in.ConnectionState.Version),
 		})
 	}
 	return out
--- a/internal/engine/netx/netx.go
+++ b/internal/engine/netx/netx.go
@ -37,7 +37,6 @@ import (
 	"github.com/ooni/probe-cli/v3/internal/engine/netx/quicdialer"
 	"github.com/ooni/probe-cli/v3/internal/engine/netx/resolver"
 	"github.com/ooni/probe-cli/v3/internal/engine/netx/tlsdialer"
-	"github.com/ooni/probe-cli/v3/internal/engine/netx/tlsx"
 	"github.com/ooni/probe-cli/v3/internal/engine/netx/trace"
 	"github.com/ooni/probe-cli/v3/internal/netxlite"
 )
@ -110,7 +109,7 @@ type tlsHandshaker interface {
 		net.Conn, tls.ConnectionState, error)
 }

-var defaultCertPool *x509.CertPool = tlsx.NewDefaultCertPool()
+var defaultCertPool *x509.CertPool = netxlite.NewDefaultCertPool()

 // NewResolver creates a new resolver from the specified config
 func NewResolver(config Config) Resolver {
@ -312,7 +311,7 @@ func NewDNSClientWithOverrides(config Config, URL, hostOverride, SNIOverride,
 		return c, err
 	}
 	config.TLSConfig = &tls.Config{ServerName: SNIOverride}
-	if err := tlsx.ConfigureTLSVersion(config.TLSConfig, TLSVersion); err != nil {
+	if err := netxlite.ConfigureTLSVersion(config.TLSConfig, TLSVersion); err != nil {
 		return c, err
 	}
 	switch resolverURL.Scheme {
--- a/internal/engine/netx/netx_test.go
+++ b/internal/engine/netx/netx_test.go
@ -13,7 +13,6 @@ import (
 	"github.com/ooni/probe-cli/v3/internal/engine/netx/httptransport"
 	"github.com/ooni/probe-cli/v3/internal/engine/netx/resolver"
 	"github.com/ooni/probe-cli/v3/internal/engine/netx/tlsdialer"
-	"github.com/ooni/probe-cli/v3/internal/engine/netx/tlsx"
 	"github.com/ooni/probe-cli/v3/internal/engine/netx/trace"
 	"github.com/ooni/probe-cli/v3/internal/netxlite"
 )
@ -848,7 +847,7 @@ func TestNewDNSClientBadUDPEndpoint(t *testing.T) {
 func TestNewDNSCLientWithInvalidTLSVersion(t *testing.T) {
 	_, err := netx.NewDNSClientWithOverrides(
 		netx.Config{}, "dot://8.8.8.8", "", "", "TLSv999")
-	if !errors.Is(err, tlsx.ErrInvalidTLSVersion) {
+	if !errors.Is(err, netxlite.ErrInvalidTLSVersion) {
 		t.Fatalf("not the error we expected: %+v", err)
 	}
 }
--- a/internal/engine/netx/quicdialer/saver.go
+++ b/internal/engine/netx/quicdialer/saver.go
@ -6,8 +6,8 @@ import (
 	"time"

 	"github.com/lucas-clemente/quic-go"
-	"github.com/ooni/probe-cli/v3/internal/engine/netx/tlsx"
 	"github.com/ooni/probe-cli/v3/internal/engine/netx/trace"
+	"github.com/ooni/probe-cli/v3/internal/netxlite"
 )

 // HandshakeSaver saves events occurring during the handshake
@ -50,12 +50,12 @@ func (h HandshakeSaver) DialContext(ctx context.Context, network string,
 		Duration:           stop.Sub(start),
 		Name:               "quic_handshake_done",
 		NoTLSVerify:        tlsCfg.InsecureSkipVerify,
-		TLSCipherSuite:     tlsx.CipherSuiteString(state.CipherSuite),
+		TLSCipherSuite:     netxlite.TLSCipherSuiteString(state.CipherSuite),
 		TLSNegotiatedProto: state.NegotiatedProtocol,
 		TLSNextProtos:      tlsCfg.NextProtos,
 		TLSPeerCerts:       trace.PeerCerts(state, err),
 		TLSServerName:      tlsCfg.ServerName,
-		TLSVersion:         tlsx.VersionString(state.Version),
+		TLSVersion:         netxlite.TLSVersionString(state.Version),
 		Time:               stop,
 	})
 	return sess, nil
--- a/internal/engine/netx/tlsdialer/saver.go
+++ b/internal/engine/netx/tlsdialer/saver.go
@ -6,8 +6,8 @@ import (
 	"net"
 	"time"

-	"github.com/ooni/probe-cli/v3/internal/engine/netx/tlsx"
 	"github.com/ooni/probe-cli/v3/internal/engine/netx/trace"
+	"github.com/ooni/probe-cli/v3/internal/netxlite"
 )

 // SaverTLSHandshaker saves events occurring during the handshake
@ -35,12 +35,12 @@ func (h SaverTLSHandshaker) Handshake(
 		Err:                err,
 		Name:               "tls_handshake_done",
 		NoTLSVerify:        config.InsecureSkipVerify,
-		TLSCipherSuite:     tlsx.CipherSuiteString(state.CipherSuite),
+		TLSCipherSuite:     netxlite.TLSCipherSuiteString(state.CipherSuite),
 		TLSNegotiatedProto: state.NegotiatedProtocol,
 		TLSNextProtos:      config.NextProtos,
 		TLSPeerCerts:       trace.PeerCerts(state, err),
 		TLSServerName:      config.ServerName,
-		TLSVersion:         tlsx.VersionString(state.Version),
+		TLSVersion:         netxlite.TLSVersionString(state.Version),
 		Time:               stop,
 	})
 	return tlsconn, state, err
--- a/internal/engine/netx/tlsx/certifi.go
+++ b/internal/engine/netx/tlsx/certifi.go
@ -1,10 +1,10 @@
 // Code generated by go generate; DO NOT EDIT.
-// 2021-06-15 10:55:55.638897 +0200 CEST m=+4.257631084
+// 2021-06-25 12:32:42.759674 +0200 CEST m=+0.458880709
 // https://curl.haxx.se/ca/cacert.pem

-package tlsx
+package netxlite

-//go:generate go run generate.go "https://curl.haxx.se/ca/cacert.pem"
+//go:generate go run certifigen.go "https://curl.haxx.se/ca/cacert.pem"

 const pemcerts string = `
 ##
--- a/internal/engine/netx/tlsx/generate.go
+++ b/internal/engine/netx/tlsx/generate.go
@ -28,9 +28,9 @@ var tmpl = template.Must(template.New("").Parse(`// Code generated by go generat
 // {{ .Timestamp }}
 // {{ .URL }}

-package tlsx
+package netxlite

-//go:generate go run generate.go "{{ .URL }}"
+//go:generate go run certifigen.go "{{ .URL }}"

 const pemcerts string = ` + "`" + `
 {{ .Bundle }}
--- a/internal/netxlite/tlshandshaker.go
+++ b/internal/netxlite/tlshandshaker.go
@ -5,8 +5,6 @@ import (
 	"crypto/tls"
 	"net"
 	"time"
-
-	"github.com/ooni/probe-cli/v3/internal/engine/netx/tlsx"
 )

 // TLSHandshaker is the generic TLS handshaker.
@ -74,8 +72,8 @@ func (h *TLSHandshakerLogger) Handshake(
 	h.Logger.Debugf(
 		"tls {sni=%s next=%+v}... ok in %s {next=%s cipher=%s v=%s}",
 		config.ServerName, config.NextProtos, elapsed, state.NegotiatedProtocol,
-		tlsx.CipherSuiteString(state.CipherSuite),
-		tlsx.VersionString(state.Version))
+		TLSCipherSuiteString(state.CipherSuite),
+		TLSVersionString(state.Version))
 	return tlsconn, state, nil
 }

--- a/internal/engine/netx/tlsx/tlsx.go
+++ b/internal/engine/netx/tlsx/tlsx.go
@ -1,5 +1,4 @@
-// Package tlsx contains TLS extensions
-package tlsx
+package netxlite

 import (
 	"crypto/tls"
@ -10,7 +9,6 @@ import (

 var (
 	tlsVersionString = map[uint16]string{
-		tls.VersionSSL30: "SSLv3",
 		tls.VersionTLS10: "TLSv1",
 		tls.VersionTLS11: "TLSv1.1",
 		tls.VersionTLS12: "TLSv1.2",
@ -48,16 +46,16 @@ var (
 	}
 )

-// VersionString returns a TLS version string.
-func VersionString(value uint16) string {
+// TLSVersionString returns a TLS version string.
+func TLSVersionString(value uint16) string {
 	if str, found := tlsVersionString[value]; found {
 		return str
 	}
 	return fmt.Sprintf("TLS_VERSION_UNKNOWN_%d", value)
 }

-// CipherSuiteString returns the TLS cipher suite as a string.
-func CipherSuiteString(value uint16) string {
+// TLSCipherSuiteString returns the TLS cipher suite as a string.
+func TLSCipherSuiteString(value uint16) string {
 	if str, found := tlsCipherSuiteString[value]; found {
 		return str
 	}
--- a/internal/engine/netx/tlsx/tlsx_test.go
+++ b/internal/engine/netx/tlsx/tlsx_test.go
@ -1,4 +1,4 @@
-package tlsx
+package netxlite

 import (
 	"crypto/tls"
@ -7,25 +7,25 @@ import (
 )

 func TestVersionString(t *testing.T) {
-	if VersionString(tls.VersionTLS13) != "TLSv1.3" {
+	if TLSVersionString(tls.VersionTLS13) != "TLSv1.3" {
 		t.Fatal("not working for existing version")
 	}
-	if VersionString(1) != "TLS_VERSION_UNKNOWN_1" {
+	if TLSVersionString(1) != "TLS_VERSION_UNKNOWN_1" {
 		t.Fatal("not working for nonexisting version")
 	}
-	if VersionString(0) != "" {
+	if TLSVersionString(0) != "" {
 		t.Fatal("not working for zero version")
 	}
 }

 func TestCipherSuite(t *testing.T) {
-	if CipherSuiteString(tls.TLS_AES_128_GCM_SHA256) != "TLS_AES_128_GCM_SHA256" {
+	if TLSCipherSuiteString(tls.TLS_AES_128_GCM_SHA256) != "TLS_AES_128_GCM_SHA256" {
 		t.Fatal("not working for existing cipher suite")
 	}
-	if CipherSuiteString(1) != "TLS_CIPHER_SUITE_UNKNOWN_1" {
+	if TLSCipherSuiteString(1) != "TLS_CIPHER_SUITE_UNKNOWN_1" {
 		t.Fatal("not working for nonexisting cipher suite")
 	}
-	if CipherSuiteString(0) != "" {
+	if TLSCipherSuiteString(0) != "" {
 		t.Fatal("not working for zero cipher suite")
 	}
 }