refactor(netx): remove forwardes for tlsx (#365)
Part of https://github.com/ooni/probe/issues/1591
This commit is contained in:
parent
adbde7246b
commit
a647cf4988
|
@ -11,8 +11,8 @@ import (
|
||||||
|
|
||||||
"github.com/ooni/probe-cli/v3/internal/engine/experiment/urlgetter"
|
"github.com/ooni/probe-cli/v3/internal/engine/experiment/urlgetter"
|
||||||
"github.com/ooni/probe-cli/v3/internal/engine/model"
|
"github.com/ooni/probe-cli/v3/internal/engine/model"
|
||||||
"github.com/ooni/probe-cli/v3/internal/engine/netx"
|
|
||||||
"github.com/ooni/probe-cli/v3/internal/engine/netx/archival"
|
"github.com/ooni/probe-cli/v3/internal/engine/netx/archival"
|
||||||
|
"github.com/ooni/probe-cli/v3/internal/engine/netx/tlsx"
|
||||||
)
|
)
|
||||||
|
|
||||||
const (
|
const (
|
||||||
|
@ -183,7 +183,7 @@ func (m Measurer) Run(ctx context.Context, sess model.ExperimentSession,
|
||||||
measurement.TestKeys = testkeys
|
measurement.TestKeys = testkeys
|
||||||
urlgetter.RegisterExtensions(measurement)
|
urlgetter.RegisterExtensions(measurement)
|
||||||
|
|
||||||
certPool := netx.NewDefaultCertPool()
|
certPool := tlsx.NewDefaultCertPool()
|
||||||
|
|
||||||
// used multiple times below
|
// used multiple times below
|
||||||
multi := urlgetter.Multi{
|
multi := urlgetter.Multi{
|
||||||
|
|
|
@ -10,7 +10,7 @@ import (
|
||||||
|
|
||||||
"github.com/ooni/probe-cli/v3/internal/engine/experiment/urlgetter"
|
"github.com/ooni/probe-cli/v3/internal/engine/experiment/urlgetter"
|
||||||
"github.com/ooni/probe-cli/v3/internal/engine/model"
|
"github.com/ooni/probe-cli/v3/internal/engine/model"
|
||||||
"github.com/ooni/probe-cli/v3/internal/engine/netx"
|
"github.com/ooni/probe-cli/v3/internal/engine/netx/tlsx"
|
||||||
)
|
)
|
||||||
|
|
||||||
const (
|
const (
|
||||||
|
@ -111,12 +111,12 @@ func (m Measurer) Run(ctx context.Context, sess model.ExperimentSession,
|
||||||
defer cancel()
|
defer cancel()
|
||||||
urlgetter.RegisterExtensions(measurement)
|
urlgetter.RegisterExtensions(measurement)
|
||||||
|
|
||||||
certPool := netx.NewDefaultCertPool()
|
certPool := tlsx.NewDefaultCertPool()
|
||||||
signalCABytes := []byte(signalCA)
|
signalCABytes := []byte(signalCA)
|
||||||
if m.Config.SignalCA != "" {
|
if m.Config.SignalCA != "" {
|
||||||
signalCABytes = []byte(m.Config.SignalCA)
|
signalCABytes = []byte(m.Config.SignalCA)
|
||||||
}
|
}
|
||||||
if certPool.AppendCertsFromPEM(signalCABytes) == false {
|
if !certPool.AppendCertsFromPEM(signalCABytes) {
|
||||||
return errors.New("AppendCertsFromPEM failed")
|
return errors.New("AppendCertsFromPEM failed")
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -10,6 +10,7 @@ import (
|
||||||
|
|
||||||
"github.com/ooni/probe-cli/v3/internal/engine/model"
|
"github.com/ooni/probe-cli/v3/internal/engine/model"
|
||||||
"github.com/ooni/probe-cli/v3/internal/engine/netx"
|
"github.com/ooni/probe-cli/v3/internal/engine/netx"
|
||||||
|
"github.com/ooni/probe-cli/v3/internal/engine/netx/tlsx"
|
||||||
"github.com/ooni/probe-cli/v3/internal/engine/netx/trace"
|
"github.com/ooni/probe-cli/v3/internal/engine/netx/trace"
|
||||||
)
|
)
|
||||||
|
|
||||||
|
@ -89,7 +90,7 @@ func (c Configurer) NewConfiguration() (Configuration, error) {
|
||||||
if c.Config.TLSServerName != "" {
|
if c.Config.TLSServerName != "" {
|
||||||
configuration.HTTPConfig.TLSConfig.ServerName = c.Config.TLSServerName
|
configuration.HTTPConfig.TLSConfig.ServerName = c.Config.TLSServerName
|
||||||
}
|
}
|
||||||
err = netx.ConfigureTLSVersion(
|
err = tlsx.ConfigureTLSVersion(
|
||||||
configuration.HTTPConfig.TLSConfig, c.Config.TLSVersion,
|
configuration.HTTPConfig.TLSConfig, c.Config.TLSVersion,
|
||||||
)
|
)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
|
|
|
@ -9,8 +9,8 @@ import (
|
||||||
|
|
||||||
"github.com/apex/log"
|
"github.com/apex/log"
|
||||||
"github.com/ooni/probe-cli/v3/internal/engine/experiment/urlgetter"
|
"github.com/ooni/probe-cli/v3/internal/engine/experiment/urlgetter"
|
||||||
"github.com/ooni/probe-cli/v3/internal/engine/netx"
|
|
||||||
"github.com/ooni/probe-cli/v3/internal/engine/netx/resolver"
|
"github.com/ooni/probe-cli/v3/internal/engine/netx/resolver"
|
||||||
|
"github.com/ooni/probe-cli/v3/internal/engine/netx/tlsx"
|
||||||
"github.com/ooni/probe-cli/v3/internal/engine/netx/trace"
|
"github.com/ooni/probe-cli/v3/internal/engine/netx/trace"
|
||||||
)
|
)
|
||||||
|
|
||||||
|
@ -711,7 +711,7 @@ func TestConfigurerNewConfigurationTLSvInvalid(t *testing.T) {
|
||||||
Saver: saver,
|
Saver: saver,
|
||||||
}
|
}
|
||||||
_, err := configurer.NewConfiguration()
|
_, err := configurer.NewConfiguration()
|
||||||
if !errors.Is(err, netx.ErrInvalidTLSVersion) {
|
if !errors.Is(err, tlsx.ErrInvalidTLSVersion) {
|
||||||
t.Fatalf("not the error we expected: %+v", err)
|
t.Fatalf("not the error we expected: %+v", err)
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
@ -109,11 +109,7 @@ type tlsHandshaker interface {
|
||||||
net.Conn, tls.ConnectionState, error)
|
net.Conn, tls.ConnectionState, error)
|
||||||
}
|
}
|
||||||
|
|
||||||
// NewDefaultCertPool returns a copy of the default x509
|
var defaultCertPool *x509.CertPool = tlsx.NewDefaultCertPool()
|
||||||
// certificate pool that we bundle from Mozilla.
|
|
||||||
var NewDefaultCertPool = tlsx.NewDefaultCertPool
|
|
||||||
|
|
||||||
var defaultCertPool *x509.CertPool = NewDefaultCertPool()
|
|
||||||
|
|
||||||
// NewResolver creates a new resolver from the specified config
|
// NewResolver creates a new resolver from the specified config
|
||||||
func NewResolver(config Config) Resolver {
|
func NewResolver(config Config) Resolver {
|
||||||
|
@ -308,14 +304,6 @@ func NewDNSClient(config Config, URL string) (DNSClient, error) {
|
||||||
return NewDNSClientWithOverrides(config, URL, "", "", "")
|
return NewDNSClientWithOverrides(config, URL, "", "", "")
|
||||||
}
|
}
|
||||||
|
|
||||||
// ErrInvalidTLSVersion indicates that you passed us a string
|
|
||||||
// that does not represent a valid TLS version.
|
|
||||||
var ErrInvalidTLSVersion = tlsx.ErrInvalidTLSVersion
|
|
||||||
|
|
||||||
// ConfigureTLSVersion configures the correct TLS version into
|
|
||||||
// the specified *tls.Config or returns an error.
|
|
||||||
var ConfigureTLSVersion = tlsx.ConfigureTLSVersion
|
|
||||||
|
|
||||||
// NewDNSClientWithOverrides creates a new DNS client, similar to NewDNSClient,
|
// NewDNSClientWithOverrides creates a new DNS client, similar to NewDNSClient,
|
||||||
// with the option to override the default Hostname and SNI.
|
// with the option to override the default Hostname and SNI.
|
||||||
func NewDNSClientWithOverrides(config Config, URL, hostOverride, SNIOverride,
|
func NewDNSClientWithOverrides(config Config, URL, hostOverride, SNIOverride,
|
||||||
|
@ -336,7 +324,7 @@ func NewDNSClientWithOverrides(config Config, URL, hostOverride, SNIOverride,
|
||||||
return c, err
|
return c, err
|
||||||
}
|
}
|
||||||
config.TLSConfig = &tls.Config{ServerName: SNIOverride}
|
config.TLSConfig = &tls.Config{ServerName: SNIOverride}
|
||||||
if err := ConfigureTLSVersion(config.TLSConfig, TLSVersion); err != nil {
|
if err := tlsx.ConfigureTLSVersion(config.TLSConfig, TLSVersion); err != nil {
|
||||||
return c, err
|
return c, err
|
||||||
}
|
}
|
||||||
switch resolverURL.Scheme {
|
switch resolverURL.Scheme {
|
||||||
|
|
|
@ -14,6 +14,7 @@ import (
|
||||||
"github.com/ooni/probe-cli/v3/internal/engine/netx/httptransport"
|
"github.com/ooni/probe-cli/v3/internal/engine/netx/httptransport"
|
||||||
"github.com/ooni/probe-cli/v3/internal/engine/netx/resolver"
|
"github.com/ooni/probe-cli/v3/internal/engine/netx/resolver"
|
||||||
"github.com/ooni/probe-cli/v3/internal/engine/netx/tlsdialer"
|
"github.com/ooni/probe-cli/v3/internal/engine/netx/tlsdialer"
|
||||||
|
"github.com/ooni/probe-cli/v3/internal/engine/netx/tlsx"
|
||||||
"github.com/ooni/probe-cli/v3/internal/engine/netx/trace"
|
"github.com/ooni/probe-cli/v3/internal/engine/netx/trace"
|
||||||
)
|
)
|
||||||
|
|
||||||
|
@ -1188,7 +1189,7 @@ func TestNewDNSClientBadUDPEndpoint(t *testing.T) {
|
||||||
func TestNewDNSCLientWithInvalidTLSVersion(t *testing.T) {
|
func TestNewDNSCLientWithInvalidTLSVersion(t *testing.T) {
|
||||||
_, err := netx.NewDNSClientWithOverrides(
|
_, err := netx.NewDNSClientWithOverrides(
|
||||||
netx.Config{}, "dot://8.8.8.8", "", "", "TLSv999")
|
netx.Config{}, "dot://8.8.8.8", "", "", "TLSv999")
|
||||||
if !errors.Is(err, netx.ErrInvalidTLSVersion) {
|
if !errors.Is(err, tlsx.ErrInvalidTLSVersion) {
|
||||||
t.Fatalf("not the error we expected: %+v", err)
|
t.Fatalf("not the error we expected: %+v", err)
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in New Issue
Block a user