fix(geolocate): no proxy when discovering our IP address (#251)

* fix(geolocate): no proxy when discovering our IP address

The use case of --proxy is that you cannot contact the OONI
backend otherwise. It is wrong, though, using the proxy when
discovering our IP address. The measurement won't use the
proxy anyway. Therefore, we need to use the IP address that
is performing the measurement. Not the one of the proxy.

What's more, stun is not using a proxy. Therefore, it does
not make much sense that http IP resolvers use a proxy. This
leads to inconsistencies. So, here's anothe reason why this
patch is a good thing (TM).

Finally, because knowing the IP address enables us to sanitize
the data, it's important we discover the correct IP.

Now, up until this point, the `--proxy` option has mostly
been a developers toy. But, users have asked us to have the
possibility of configuring a proxy.

This explains why I have been looking into making `--proxy`
right for a couple of hours now.

See https://github.com/ooni/probe/issues/1382

* fix(session): properly configure the IP lookupper

internal/engine/geolocate/geolocate.go

@@ -5,9 +5,9 @@ import (
 	"context"
 	"errors"
 	"fmt"
-	"net/http"
 
 	"github.com/ooni/probe-cli/v3/internal/engine/model"
+	"github.com/ooni/probe-cli/v3/internal/engine/netx"
 	"github.com/ooni/probe-cli/v3/internal/engine/runtimex"
 	"github.com/ooni/probe-cli/v3/internal/version"
 )
@@ -51,7 +51,12 @@ var (
 
 // Logger is the definition of Logger used by this package.
 type Logger interface {
+	Debug(msg string)
 	Debugf(format string, v ...interface{})
+	Info(msg string)
+	Infof(format string, v ...interface{})
+	Warn(msg string)
+	Warnf(format string, v ...interface{})
 }
 
 // Results contains geolocate results
@@ -115,15 +120,23 @@ type ResourcesManager interface {
 	MaybeUpdateResources(ctx context.Context) error
 }
 
+// Resolver is a DNS resolver.
+type Resolver interface {
+	LookupHost(ctx context.Context, domain string) ([]string, error)
+	Network() string
+	Address() string
+}
+
 // Config contains configuration for a geolocate Task.
 type Config struct {
 	// EnableResolverLookup indicates whether we want to
 	// perform the optional resolver lookup.
 	EnableResolverLookup bool
 
-	// HTTPClient is the HTTP client to use. If not set, then
+	// Resolver is the resolver we should use when
-	// we will use the http.DefaultClient.
+	// making requests for discovering the IP. When
-	HTTPClient *http.Client
+	// this field is not set, we use the stdlib.
+	Resolver Resolver
 
 	// Logger is the logger to use. If not set, then we will
 	// use a logger that discards all messages.
@@ -146,9 +159,6 @@ func Must(task *Task, err error) *Task {
 
 // NewTask creates a new instance of Task from config.
 func NewTask(config Config) (*Task, error) {
-	if config.HTTPClient == nil {
-		config.HTTPClient = http.DefaultClient
-	}
 	if config.Logger == nil {
 		config.Logger = model.DiscardLogger
 	}
@@ -158,13 +168,17 @@ func NewTask(config Config) (*Task, error) {
 	if config.UserAgent == "" {
 		config.UserAgent = fmt.Sprintf("ooniprobe-engine/%s", version.Version)
 	}
+	if config.Resolver == nil {
+		config.Resolver = netx.NewResolver(
+			netx.Config{Logger: config.Logger})
+	}
 	return &Task{
 		countryLookupper:     mmdbLookupper{},
 		enableResolverLookup: config.EnableResolverLookup,
 		probeIPLookupper: ipLookupClient{
-			HTTPClient: config.HTTPClient,
+			Resolver:  config.Resolver,
-			Logger:     config.Logger,
+			Logger:    config.Logger,
-			UserAgent:  config.UserAgent,
+			UserAgent: config.UserAgent,
 		},
 		probeASNLookupper:    mmdbLookupper{},
 		resolverASNLookupper: mmdbLookupper{},

internal/engine/geolocate/geolocate_test.go

@@ -393,3 +393,10 @@ func TestNewTaskWithNoResourcesManager(t *testing.T) {
 		t.Fatal("expected nil task here")
 	}
 }
+
+func TestASNStringWorks(t *testing.T) {
+	r := Results{ASN: 1234}
+	if r.ASNString() != "AS1234" {
+		t.Fatal("unexpected result")
+	}
+}

internal/engine/geolocate/iplookup.go

@@ -11,6 +11,7 @@ import (
 	"time"
 
 	"github.com/ooni/probe-cli/v3/internal/engine/internal/multierror"
+	"github.com/ooni/probe-cli/v3/internal/engine/netx"
 )
 
 var (
@@ -65,8 +66,8 @@ var (
 )
 
 type ipLookupClient struct {
-	// HTTPClient is the HTTP client to use
+	// Resolver is the resolver to use for HTTP.
-	HTTPClient *http.Client
+	Resolver Resolver
 
 	// Logger is the logger to use
 	Logger Logger
@@ -88,7 +89,15 @@ func makeSlice() []method {
 func (c ipLookupClient) doWithCustomFunc(
 	ctx context.Context, fn lookupFunc,
 ) (string, error) {
-	ip, err := fn(ctx, c.HTTPClient, c.Logger, c.UserAgent)
+	// Implementation note: we MUST use an HTTP client that we're
+	// sure IS NOT using any proxy. To this end, we construct a
+	// client ourself that we know is not proxied.
+	clnt := &http.Client{Transport: netx.NewHTTPTransport(netx.Config{
+		Logger:       c.Logger,
+		FullResolver: c.Resolver,
+	})}
+	defer clnt.CloseIdleConnections()
+	ip, err := fn(ctx, clnt, c.Logger, c.UserAgent)
 	if err != nil {
 		return DefaultProbeIP, err
 	}
@@ -102,7 +111,7 @@ func (c ipLookupClient) doWithCustomFunc(
 func (c ipLookupClient) LookupProbeIP(ctx context.Context) (string, error) {
 	union := multierror.New(ErrAllIPLookuppersFailed)
 	for _, method := range makeSlice() {
-		c.Logger.Debugf("iplookup: using %s", method.name)
+		c.Logger.Infof("iplookup: using %s", method.name)
 		ip, err := c.doWithCustomFunc(ctx, method.fn)
 		if err == nil {
 			return ip, nil

internal/engine/geolocate/iplookup_test.go

@@ -4,7 +4,6 @@ import (
 	"context"
 	"errors"
 	"net"
-	"net/http"
 	"testing"
 
 	"github.com/apex/log"
@@ -12,9 +11,8 @@ import (
 
 func TestIPLookupGood(t *testing.T) {
 	ip, err := (ipLookupClient{
-		HTTPClient: http.DefaultClient,
+		Logger:    log.Log,
-		Logger:     log.Log,
+		UserAgent: "ooniprobe-engine/0.1.0",
-		UserAgent:  "ooniprobe-engine/0.1.0",
 	}).LookupProbeIP(context.Background())
 	if err != nil {
 		t.Fatal(err)
@@ -28,9 +26,8 @@ func TestIPLookupAllFailed(t *testing.T) {
 	ctx, cancel := context.WithCancel(context.Background())
 	cancel() // immediately cancel to cause Do() to fail
 	ip, err := (ipLookupClient{
-		HTTPClient: http.DefaultClient,
+		Logger:    log.Log,
-		Logger:     log.Log,
+		UserAgent: "ooniprobe-engine/0.1.0",
-		UserAgent:  "ooniprobe-engine/0.1.0",
 	}).LookupProbeIP(ctx)
 	if !errors.Is(err, context.Canceled) {
 		t.Fatal("expected an error here")
@@ -43,9 +40,8 @@ func TestIPLookupAllFailed(t *testing.T) {
 func TestIPLookupInvalidIP(t *testing.T) {
 	ctx := context.Background()
 	ip, err := (ipLookupClient{
-		HTTPClient: http.DefaultClient,
+		Logger:    log.Log,
-		Logger:     log.Log,
+		UserAgent: "ooniprobe-engine/0.1.0",
-		UserAgent:  "ooniprobe-engine/0.1.0",
 	}).doWithCustomFunc(ctx, invalidIPLookup)
 	if !errors.Is(err, ErrInvalidIPAddress) {
 		t.Fatal("expected an error here")

internal/engine/geolocate/stun.go

@@ -7,6 +7,11 @@ import (
 	"github.com/pion/stun"
 )
 
+// TODO(bassosimone): we should modify the stun code to use
+// the session resolver rather than using its own.
+//
+// See https://github.com/ooni/probe/issues/1383.
+
 type stunClient interface {
 	Close() error
 	Start(m *stun.Message, h stun.Handler) error

internal/engine/session.go

@@ -491,8 +491,8 @@ func (s *Session) LookupLocationContext(ctx context.Context) (*geolocate.Results
 	// when we are using a proxy because that might leak information.
 	task := geolocate.Must(geolocate.NewTask(geolocate.Config{
 		EnableResolverLookup: s.proxyURL == nil,
-		HTTPClient:           s.DefaultHTTPClient(),
 		Logger:               s.Logger(),
+		Resolver:             s.resolver,
 		ResourcesManager:     s,
 		UserAgent:            s.UserAgent(),
 	}))