From dea23b49d5045be7da0d8e308c721635176d5859 Mon Sep 17 00:00:00 2001
From: Simone Basso <bassosimone@gmail.com>
Date: Wed, 8 Jun 2022 10:14:10 +0200
Subject: [PATCH] refactor(oohelperd): use netxlite rather than netx (#806)

The oohelperd implementation did not actually need using netx because
it was just constructing default types with logging, which is what
netxlite already does. Hence, let's avoid using netx here.

See https://github.com/ooni/probe/issues/2121
---
 .../internal/webconnectivity/http.go          |  3 +-
 .../internal/webconnectivity/measure.go       |  3 +-
 .../webconnectivity/webconnectivity.go        |  2 +-
 internal/cmd/oohelperd/oohelperd.go           | 35 ++++++++++---------
 4 files changed, 22 insertions(+), 21 deletions(-)

diff --git a/internal/cmd/oohelperd/internal/webconnectivity/http.go b/internal/cmd/oohelperd/internal/webconnectivity/http.go
index d98710f..8400258 100644
--- a/internal/cmd/oohelperd/internal/webconnectivity/http.go
+++ b/internal/cmd/oohelperd/internal/webconnectivity/http.go
@@ -8,6 +8,7 @@ import (
 	"sync"
 
 	"github.com/ooni/probe-cli/v3/internal/engine/experiment/webconnectivity"
+	"github.com/ooni/probe-cli/v3/internal/model"
 	"github.com/ooni/probe-cli/v3/internal/netxlite"
 	"github.com/ooni/probe-cli/v3/internal/tracex"
 )
@@ -18,7 +19,7 @@ type CtrlHTTPResponse = webconnectivity.ControlHTTPRequestResult
 
 // HTTPConfig configures the HTTP check.
 type HTTPConfig struct {
-	Client            *http.Client
+	Client            model.HTTPClient
 	Headers           map[string][]string
 	MaxAcceptableBody int64
 	Out               chan CtrlHTTPResponse
diff --git a/internal/cmd/oohelperd/internal/webconnectivity/measure.go b/internal/cmd/oohelperd/internal/webconnectivity/measure.go
index ccd218b..971df6c 100644
--- a/internal/cmd/oohelperd/internal/webconnectivity/measure.go
+++ b/internal/cmd/oohelperd/internal/webconnectivity/measure.go
@@ -3,7 +3,6 @@ package webconnectivity
 import (
 	"context"
 	"net"
-	"net/http"
 	"net/url"
 	"sync"
 
@@ -21,7 +20,7 @@ type (
 
 // MeasureConfig contains configuration for Measure.
 type MeasureConfig struct {
-	Client            *http.Client
+	Client            model.HTTPClient
 	Dialer            model.Dialer
 	MaxAcceptableBody int64
 	Resolver          model.Resolver
diff --git a/internal/cmd/oohelperd/internal/webconnectivity/webconnectivity.go b/internal/cmd/oohelperd/internal/webconnectivity/webconnectivity.go
index 947241a..01a4480 100644
--- a/internal/cmd/oohelperd/internal/webconnectivity/webconnectivity.go
+++ b/internal/cmd/oohelperd/internal/webconnectivity/webconnectivity.go
@@ -14,7 +14,7 @@ import (
 
 // Handler implements the Web Connectivity test helper HTTP API.
 type Handler struct {
-	Client            *http.Client
+	Client            model.HTTPClient
 	Dialer            model.Dialer
 	MaxAcceptableBody int64
 	Resolver          model.Resolver
diff --git a/internal/cmd/oohelperd/oohelperd.go b/internal/cmd/oohelperd/oohelperd.go
index 42ad103..9da6446 100644
--- a/internal/cmd/oohelperd/oohelperd.go
+++ b/internal/cmd/oohelperd/oohelperd.go
@@ -10,32 +10,33 @@ import (
 
 	"github.com/apex/log"
 	"github.com/ooni/probe-cli/v3/internal/cmd/oohelperd/internal/webconnectivity"
-	"github.com/ooni/probe-cli/v3/internal/engine/netx"
 	"github.com/ooni/probe-cli/v3/internal/model"
-	"github.com/ooni/probe-cli/v3/internal/runtimex"
+	"github.com/ooni/probe-cli/v3/internal/netxlite"
 )
 
 const maxAcceptableBody = 1 << 24
 
 var (
-	dialer    model.Dialer
-	endpoint  = flag.String("endpoint", ":8080", "Endpoint where to listen")
-	httpx     *http.Client
-	resolver  model.Resolver
-	srvcancel context.CancelFunc
-	srvctx    context.Context
-	srvwg     = new(sync.WaitGroup)
+	dialer     model.Dialer
+	endpoint   = flag.String("endpoint", ":8080", "Endpoint where to listen")
+	httpClient model.HTTPClient
+	resolver   model.Resolver
+	srvcancel  context.CancelFunc
+	srvctx     context.Context
+	srvwg      = new(sync.WaitGroup)
 )
 
 func init() {
 	srvctx, srvcancel = context.WithCancel(context.Background())
-	dialer = netx.NewDialer(netx.Config{Logger: log.Log})
-	txp := netx.NewHTTPTransport(netx.Config{Logger: log.Log})
-	httpx = &http.Client{Transport: txp}
-	// fix: use 8.8.8.8:53/udp so we pin to a specific resolver.
-	var err error
-	resolver, err = netx.NewDNSClient(netx.Config{Logger: log.Log}, "udp://8.8.8.8:53")
-	runtimex.PanicOnError(err, "NewDNSClient failed")
+	// Implementation note: pin to a specific resolver so we don't depend upon the
+	// default resolver configured by the box. Also, use an encrypted transport thus
+	// we're less vulnerable to any policy implemented by the box's provider.
+	resolver = netxlite.NewParallelDNSOverHTTPSResolver(log.Log, "https://8.8.8.8/dns-query")
+	thx := netxlite.NewTLSHandshakerStdlib(log.Log)
+	dialer = netxlite.NewDialerWithResolver(log.Log, resolver)
+	tlsDialer := netxlite.NewTLSDialer(dialer, thx)
+	txp := netxlite.NewHTTPTransport(log.Log, dialer, tlsDialer)
+	httpClient = netxlite.NewHTTPClient(txp)
 }
 
 func shutdown(srv *http.Server) {
@@ -58,7 +59,7 @@ func main() {
 func testableMain() {
 	mux := http.NewServeMux()
 	mux.Handle("/", webconnectivity.Handler{
-		Client:            httpx,
+		Client:            httpClient,
 		Dialer:            dialer,
 		MaxAcceptableBody: maxAcceptableBody,
 		Resolver:          resolver,