Commit Graph

696 Commits

Author SHA1 Message Date
Simone Basso
3766ab2721
feat(webconnectivity@v0.5): use TLS info from TH (#933)
This diff modifies webconnectivity@v0.5 to take decisions regarding
TLS blocking by using the response from the TH rather than using
questionable heuristics based on inspecting the TLSHandshake list
alone. This change should improve correctness _when_ we're using
the improved TH, which is currently used for 50% of the probes.

See https://github.com/ooni/probe/issues/2257

While there, modify `control.go` to specify which control is being used.
2022-09-05 11:35:48 +02:00
Simone Basso
34dc029b33
feat(miniooni): optionally log using emojis (#932)
As silly as it seems, emojis help _a lot_ when eyeballing logs
to quickly identify unexpected lines.

I'm doing this work as part of https://github.com/ooni/probe/issues/2257
2022-09-05 10:06:44 +02:00
Simone Basso
4b13e4e78b
chore: upgrade user-agent used for measuring (#931)
Part of https://github.com/ooni/probe/issues/2130
2022-09-04 18:02:59 +02:00
Simone Basso
6533d8a6c9
chore: run go generate ./... (#929)
This is part of the routine tasks before a release.

See https://github.com/ooni/probe/issues/2130
2022-09-04 17:33:22 +02:00
Simone Basso
7df25795c0
fix(probeservices): use api.ooni.io (#926)
See https://github.com/ooni/probe/issues/2147.

Note that this PR also tries to reduce usage of legacy names inside unit/integration tests.
2022-09-02 16:48:14 +02:00
Simone Basso
535be51cd1
fix(tracex): use HTTP transaction end time for t (#925)
This issue was mentioned in https://github.com/ooni/probe/issues/2137.

I double checked the spec and this field is not mentioned. We will
update it when we do https://github.com/ooni/probe/issues/2238.
2022-09-02 15:10:57 +02:00
Simone Basso
1153850aca
cleanup: doh.powerdns.org is not working anymore (#924)
While there, `.../internal/sessionresolver` => `.../sessionresolver`

See https://github.com/ooni/probe/issues/2255
2022-09-02 14:44:23 +02:00
Simone Basso
ec73ae20b4
fix(dnscheck): trim the static input list (#923)
This should make the measurements faster since users have been
complaining about "experimental" taking too much time.

See https://github.com/ooni/probe/issues/2234
2022-09-02 13:54:59 +02:00
Simone Basso
7cdcf9f15b
fix(dnscheck): record whether residual is enabled (#922)
The residual censorship algorithm prevents dnscheck for checking the
same endpoint again in a short time frame under the assumption that a
previous measurement could have caused residual censorship.

In https://github.com/ooni/probe/issues/2234, we mentioned we probably
wanted to disable this algorithm because we didn't want to slow down
dnscheck too much and because we didn't detect this alleged source of
blocking in our previous measurements.

It turns out the algorithm was already disabled. I probably did this
after we published the paper on DNS censorship to make measurements
overall a bit faster.

So, just introduce a new extension field to the measurement telling us
that the residual censorship algorithm is disabled.

It's not super useful except as for the fact that the next time I
read the source code I notice that the algorithm is disabled.
2022-09-02 13:31:24 +02:00
Simone Basso
a68472dcee
dnscheck: bump patch version number (#919)
Part of https://github.com/ooni/probe/issues/2234
2022-09-01 19:23:46 +02:00
Simone Basso
cee89132af
fix(dnscheck): lower the default timeouts (#917)
Closes https://github.com/ooni/probe/issues/2234
2022-09-01 15:45:42 +02:00
Simone Basso
860426b874
doc: document the minioonirunv2 functionality (#916)
Closes https://github.com/ooni/probe/issues/2184
2022-08-31 19:51:31 +02:00
Simone Basso
d0da224a2a
feat(oonirun): improve tests (#915)
See https://github.com/ooni/probe/issues/2184

While there, rename `runtimex.PanicIfFalse` to `runtimex.Assert` (it was about time...)
2022-08-31 18:40:27 +02:00
Simone Basso
a8a29cc0dd
fix(miniooni): handle panics with --repeat-every (#914)
Most of miniooni panics on errors. We should not panic on error with
--repeat-every, rather we should try the next measurement.

See https://github.com/ooni/probe/issues/2250
2022-08-31 13:07:24 +02:00
Simone Basso
0bc6aae601
feat(miniooni): make CLI much more user friendly (#913)
Part of https://github.com/ooni/probe/issues/2184, because I wanted
to allow swapping commands and options more freely.

As a side effect, this PR closes https://github.com/ooni/probe/issues/2248.

AFAICT, every usage that was legal before is still legal. What has
changed seems the freedom to swap commands and options and a much
better help that lists the available options.
2022-08-31 12:44:46 +02:00
Simone Basso
7daa686c68
refactor(miniooni): divide et impera (#912)
This diff splits miniooni's implementation in smaller and more
easily tractable blocks ahead of future refactoring.

I'm trying to make `miniooni oonirun -i URL` as possible as
`miniooni -i URL oonirun`, because users typically expect this
kind of flexibity from modern Unix commands.

Part of https://github.com/ooni/probe/issues/2184
2022-08-31 10:20:04 +02:00
Simone Basso
705589bbe1
fix(oohelperd): measurement -> wctask (#906)
Make sure we don't say measurement in metrics.

See https://github.com/ooni/probe/issues/2183#issuecomment-1230327725
2022-08-29 18:52:30 +02:00
Simone Basso
8c855ca597
fix(oohelperd): metrics improvements after design review (#903)
This diff updates the metrics according to https://github.com/ooni/probe/issues/2183#issuecomment-1230327725
2022-08-29 16:36:46 +02:00
Simone Basso
4ce414d104
chore: we're now hacking on v3.16.0-alpha.2 (#901)
Just a chore commit to increase the version given that we just tagged v3.16.0-alpha.1
2022-08-29 09:35:17 +02:00
Simone Basso
90089d4d8f
chore: we're now hacking on v3.16.0-alpha.1 (#899)
Just a chore commit to increase the version given that we just tagged v3.16.0-alpha
2022-08-29 00:29:01 +02:00
Simone Basso
9bd1c5ff20
fix(oohelperd): refuse to measure bogons (#898)
See the explanatory newly-added comment for more information.

Closes https://github.com/ooni/probe/issues/2064
2022-08-29 00:06:57 +02:00
Simone Basso
dcdd8fb712
feat(oohelperd): add prometheus metrics (#897)
Closes https://github.com/ooni/probe/issues/2183

While there, avoid exposing nil values for optional fields of the
THResponse struct (i.e., "ip_info" and "tls_handshake").

While there, fix `measurexlite`'s `OperationLogger` test
and make it deterministic rather than racy.
2022-08-28 23:54:22 +02:00
Simone Basso
4241ee4bc1
feat(oohelperd): log messages at info level (#896)
We're using a request-specific logger where we also print the ID
of the request. This design helps to observe logs produced by
concurrent requests.

Part of https://github.com/ooni/probe/issues/2183

While there, fix https://github.com/ooni/probe/issues/2241
2022-08-28 22:26:58 +02:00
Simone Basso
8ca7645026
refactor: make measurex depend on measurexlite (#892)
This diff makes `measurex` depend on `measurexlite` rather than the other way around.

While there, add unit tests.

Closes https://github.com/ooni/probe/issues/2240
2022-08-28 21:41:58 +02:00
Simone Basso
7c1b2bbcb0
refactor: move WebGetTitle inside measurexlite (#895)
Part of https://github.com/ooni/probe/issues/2240
2022-08-28 20:26:40 +02:00
Simone Basso
bb6563f363
refactor: move TH structs and definitions to model (#894)
This commit moves the TH structs and definitions to model. We don't want
oohelperd to depend on web_connectivity@v0.4.

Part of https://github.com/ooni/probe/issues/2240
2022-08-28 20:20:12 +02:00
Simone Basso
110a11828b
refactor: spin geoipx off geolocate (#893)
A bunch of packages (including oohelperd) just need the ability to
use MaxMind-like databases. They don't need the additional functionality
implemented by the geolocate package. Such a package, in fact, is
mostly (if not only) needed by the engine package.

Therefore, move code to query MaxMind-like databases to a separate
package, and avoid depending on geolocate in all the packages for
which it's sufficient to use geoipx.

Part of https://github.com/ooni/probe/issues/2240
2022-08-28 20:00:25 +02:00
Simone Basso
1e7384d1cc
feat(oohelperd): measure TLS for :443 endpoints (#886)
This diff improves oohelperd to measure :443 endpoints with TLS.

Part of https://github.com/ooni/probe/issues/2237.
2022-08-28 14:34:40 +02:00
Simone Basso
df0e099b73
feat(oohelperd): follow (and record) TH and probe endpoints (#890)
This diff introduces the following `oohelperd` enhancements:

1. measure both IP addresses resolved by the TH and IP addresses resolved by the probe;

2. when the URL scheme is http and there's no explicit port, measure both 80 and 443 (which will pay off big once we introduce support for optionally performing TLS handshakes);

3. include information about the probe and TH IP addresses into the results: who resolved each IP address, whether an address is a bogon, the ASN associated to an address.

This diff is part of https://github.com/ooni/probe/issues/2237
2022-08-28 13:49:24 +02:00
Simone Basso
867a243fef
refactor(oohelperd): make performing additional measurements easier (#889)
This diff refactors oohelperd to make performing additional measurements easier. We need:

1. to run the DNS task _before_ other tasks such that we can measure both IP addresses returned by the TH and the ones returned by the probe. When we'll introduce TLS measurements, this will allow us to validate probe-provided IP addresses inside the TH call. If probe-provided addresses work with TLS, they are legitimate for the domain.

2. to tie the number of TCP measurements to a list of endpoints collected by the probe _or_ the TH rather than just to the one provided by the probe. Anticipating this change, let us refactor how we read the results of the TCP task to make it independent of the number of addresses provided by the probe.

This work is part of https://github.com/ooni/probe/issues/2237
2022-08-28 12:17:31 +02:00
Simone Basso
b8cc548d41
fix(oohelperd): enforce timeout for each measurement step (#888)
While working on https://github.com/ooni/probe/issues/2237, I noticed
there's no enforced timeout for measurement tasks.

So, this diff introduces the following timeouts:

1. use a 4 seconds timeout for the DNS lookup;

2. use a 10 seconds timeout for TCP;

3. use a 15 seconds timeout for HTTP.

They are a bit stricter than what we have on the probe because the TH
should supposedly have better bandwidth and connectivity.
2022-08-28 12:02:17 +02:00
Simone Basso
d711c19b55
fix(oohelperd): by default listen on localhost (#887)
Part of https://github.com/ooni/probe/issues/2183
2022-08-28 11:54:15 +02:00
Simone Basso
8a0c062844
feat: clearly indicate which resolver we're using (#885)
See what we documented at https://github.com/ooni/spec/pull/257

Reference issue: https://github.com/ooni/probe/issues/2238

See also the related ooni/spec PR: https://github.com/ooni/spec/pull/257

See also https://github.com/ooni/probe/issues/2237

While there, bump webconnectivity@v0.5 version because this change
has an impact onto the generated data format.

The drop in coverage is unavoidable because we've written some
tests for `measurex` to ensure we deal with DNS resolvers and transport
names correctly depending on the splitting policy we use.

(However, `measurex` is only used for the `tor` experiment and, per
the step-by-step design document, new experiments should use
`measurexlite` instead, so this is hopefully fine(TM).)

While there, fix a broken integration test that does not run in `-short` mode.
2022-08-27 15:47:48 +02:00
Simone Basso
c3964e43b3
feat(webconnectivity@v0.5): record late DNS replies (#883)
Part of https://github.com/ooni/probe/issues/2237
2022-08-26 18:32:36 +02:00
Simone Basso
1a1d3126ae
feat(webconnectivity): long-term-evolution prototype (#882)
See https://github.com/ooni/probe/issues/2237
2022-08-26 16:42:48 +02:00
Simone Basso
9ba6f8dcbb
feat(measurexlite): generate HTTP traces (#881)
In a pure step-by-step model, we don't need to trace HTTP round trips like we did before. We _may_ want in the future to also have some form of HTTP tracing (see https://github.com/ooni/probe-cli/pull/868 for a prototype) but doing that is currently not in scope for moving forward the step-by-step design. For this reason, I only added a public convenience function for formatting an OONI spec compatible request. I also added new fields, which should be documented inside the ooni/spec repository (see https://github.com/ooni/probe/issues/2238).

Required by https://github.com/ooni/probe/issues/2237
2022-08-26 13:11:43 +02:00
DecFox
0ef1f24617
feat: record delayed DNS responses in dnsping (#878)
See https://github.com/ooni/probe/issues/2231

Co-authored-by: decfox <decfox@github.com>
Co-authored-by: Simone Basso <bassosimone@gmail.com>
2022-08-25 13:59:24 +02:00
Simone Basso
6ef3febf69
feat(measurexlite): add T0 and TransactionID (#879)
The T0 field is the moment when we started collecting data, while T
is the moment when we finished collecting data.

The TransactionID field will be repurposed for step-by-step measurements
to indicate related observations collected as part of the same flow
(e.g., TCP+TLS+HTTP).

Note that, for now, this change will only affect measurexlite and we're
not planning on changing other libraries for measuring.

Part of https://github.com/ooni/probe/issues/2137
2022-08-25 13:41:26 +02:00
Simone Basso
c9943dff38
feat(dns): expose more low-level fields (#873)
This pull request started as a draft to enable users to see CNAME answers. It contained several patches which we merged separately (see https://github.com/ooni/probe-cli/pull/873#issuecomment-1222406732 and 2301a30630...60b7d1f87b for details on what has actually changed, which is based on patches originally part of this PR). In its final form, however, this PR only deals with exposing more low-level DNS fields to the archival data format.

Closes: https://github.com/ooni/probe/issues/2228

Related PR spec: https://github.com/ooni/spec/pull/256
2022-08-23 16:12:04 +02:00
Simone Basso
60b7d1f87b
feat: save CNAME into archival data format (#877)
* feat: save CNAME into archival data format

When a DNSResponse contains a non-empty CNAME, we include it
into the related list of answers.

Closes https://github.com/ooni/probe/issues/2227

* doc: add design note

While there, make code more compact and robust to a case where
we're going to extract additional answers.

* doc: document the expected growth of extraction function

Based on feedback by @DecFox
2022-08-23 15:13:37 +02:00
Simone Basso
080abf90d9
feat(dnsovergetaddrinfo): collect the CNAME (#876)
* feat(dnsovergetaddrinfo): collect the CNAME

This diff modifies how dnsovergetaddrinfo.go works such that the
returned DNSResponse includes the CNAME.

Closes https://github.com/ooni/probe/issues/2226.

While there, recognize that we can remove getaddrinfoLookupHost and
always call getaddrinfoLookupANY everywhere. (This simplification is
why we did https://github.com/ooni/probe-cli/pull/874.)

* fix: extra debugging because of failing CI

Everything is OK locally (on macOS). However, maybe things are a bit
different on GNU/Linux perhaps?

Here's the error:

```
--- FAIL: TestPass (0.11s)
    resolver_test.go:113: unexpected rcode
FAIL
coverage: 95.7% of statements
FAIL	github.com/ooni/probe-cli/v3/internal/cmd/jafar/resolver	0.242s
```

I'm a bit confused because jafar's resolver is _unrelated_. But actually this
error never occurred again after a committed the debugging diff.
2022-08-23 13:53:08 +02:00
Simone Basso
cc24f28b9d
feat(netxlite): support extracting the CNAME (#875)
* feat(netxlite): support extracting the CNAME

Closes https://github.com/ooni/probe/issues/2225

* fix(netxlite): attempt to increase coverage and improve tests

1. dnsovergetaddrinfo: specify the behavior of a DNSResponse returned
by this file to make it line with normal responses and write unit tests
to make sure we adhere to expectations;

2. dnsoverudp: make sure we wait to deferred responses also w/o a
custom context and post on a private channel and test that;

3. utls: recognize that we can actually write a test for NetConn and
what needs to change when we'll use go1.19 by default will just be
a cast that at that point can be removed.
2022-08-23 13:04:00 +02:00
Simone Basso
da1c13e312
cleanup: remove UnderlyingNetworkLibrary and TProxy (#874)
* cleanup: remove UnderlyingNetworkLibrary and TProxy

While there, replace mixture of mocking and real connections inside
quicping with pure mocking of network connections.

Closes https://github.com/ooni/probe/issues/2224

* cleanup: we don't need a SimpleResolver now

This type was only used by UnderlyingNetworkLibrary and all the
rest of the code uses Resolver. So, let's avoid complexity by zapping
the SimpleResolver type and merging it inside Resolver.
2022-08-23 11:43:44 +02:00
DecFox
2301a30630
feat: context-based tracing to record delayed DNS responses (#870)
See https://github.com/ooni/probe/issues/2221

Co-authored-by: decfox <decfox@github.com>
Co-authored-by: Simone Basso <bassosimone@gmail.com>
2022-08-22 14:21:32 +02:00
Simone Basso
fe6d378a1f
chore: use {go,oohttp,oocrypto} v1.18.5 (#872)
* chore: use {go,oohttp,oocrypto} v1.18.5

This diff pins OONI to use go1.18.5 and oohttp and oocrypto at
go1.18.5 as the version of go with which we build releases.

The same codebase also works with go1.19 although this configuration
cannot include Psiphon (see https://github.com/ooni/probe/issues/2222).

Closes https://github.com/ooni/probe/issues/2223.

* fix: use oocrypto@v0.1.1

This ensures we keep https://github.com/ooni/probe/issues/2122 fixed.
2022-08-22 12:52:37 +02:00
Simone Basso
208ffa253b
fix: disable psiphon when building with go1.19 (#871)
Part of https://github.com/ooni/probe/issues/2211.

See also https://github.com/ooni/probe/issues/2222, which
describes the issue we have with psiphon and go1.19.
2022-08-22 11:50:58 +02:00
Simone Basso
9ffa124511
chore: upgrade deps and attempt to enable using go1.19 (#869)
* upgrade to our go.mod enabled of psiphon-tunnel-core such that
we're now using v2.0.24 of the tunnel-core;

* upgrade to the latest lucas-clemente/quic-go release;

* upgrade to the latest ooni/oohttp release (which is based on go1.19
but the diff seems good enough to continue using go1.18.x as well);

* upgrade to the latest ooni/oocrypto release (for which we can make the
same remarks regarding using go1.18.x);

* deal with changes in lucas-clemente/quic-go API as well as changes
in what a go1.19 *tls.Conn compatible type should look like.

Unfortunately, we cannot switch to go1.19 because psiphon forks quic-go
and their fork's still not building using such a version of go.

Part of ooni/probe#2211.
2022-08-19 11:26:50 +02:00
DecFox
097926c51f
refactor: allow automatically wrap net/quic conn (#867)
See https://github.com/ooni/probe/issues/2219
2022-08-17 20:58:06 +02:00
DecFox
e1d014e826
refactor(measurexlite): make buffered channels private (#864)
Closes https://github.com/ooni/probe/issues/2215
2022-08-17 20:10:48 +02:00
Ain Ghazal
d50a39ae92
feat: avoid safe options to be serialized into the measurement (#859)
Skip options that begin with the `Safe` prefix from appearing in the
serialization of a Measurement that will be submitted to the OONI
backend.

Fixes https://github.com/ooni/probe/issues/2214
2022-08-17 13:48:59 +02:00