Commit Graph

636 Commits

Author SHA1 Message Date
Simone Basso
721ce95315
fix(all): introduce and use iox.CopyContext (#380)
* fix(all): introduce and use iox.CopyContext

This PR is part of https://github.com/ooni/probe/issues/1417.

In https://github.com/ooni/probe-cli/pull/379 we introduced a context
aware wrapper for io.ReadAll (formerly ioutil.ReadAll).

Here we introduce a context aware wrapper for io.Copy.

* fix(humanize): more significant digits

* fix: rename humanize files to follow the common pattern

* fix aligment

* fix test
2021-06-15 13:44:28 +02:00
Simone Basso
0fdc9cafb5
fix(all): introduce and use iox.ReadAllContext (#379)
* fix(all): introduce and use iox.ReadAllContext

This improvement over the ioutil.ReadAll utility returns early
if the context expires. This enables us to unblock stuck code in
case there's censorship confounding the TCP stack.

See https://github.com/ooni/probe/issues/1417.

Compared to the functionality postulated in the above mentioned
issue, I choose to be more generic and separate limiting the
maximum body size (not implemented here) from using the context
to return early when reading a body (or any other reader).

After implementing iox.ReadAllContext, I made sure we always
use it everywhere in the tree instead of ioutil.ReadAll.

This includes many parts of the codebase where in theory we don't
need iox.ReadAllContext. Though, changing all the places makes
checking whether we're not using ioutil.ReadAll where we should
not be using it easy: `git grep` should return no lines.

* Update internal/iox/iox_test.go

* fix(ndt7): treat context errors as non-errors

The rationale is explained by the comment documenting reduceErr.

* Update internal/engine/experiment/ndt7/download.go
2021-06-15 11:57:40 +02:00
Simone Basso
576e035b20
fix(snowflake.go): default maxSnowflakes() to 1 (#378)
See https://github.com/ooni/probe-cli/pull/373#discussion_r651080925
2021-06-14 18:18:36 +02:00
kelmenhorst
10a2055163
quic: use RFC9000 version (#376)
* #1682: RFC9000 as main QUIC version

* removed extra ALPN values from the TLSConfig

* updated to quic-go v0.21.0

* only use h3
2021-06-14 16:59:24 +02:00
Simone Basso
69a44eb283
chore(snowflake.go): this TODO comment is now an issue (#375)
This work concludes https://github.com/ooni/probe/issues/1605.

The follow-up issue is https://github.com/ooni/probe/issues/1681.
2021-06-14 11:49:53 +02:00
Simone Basso
85c71c09dc
feat: introduce ptx package for pluggable transports dialers (#373)
* feat: introduce ptx package for pluggable transports dialers

Version 2 of the pluggable transports specification defines a function
that's like `Dial() (net.Conn, error`).

Because we use contexts as much as possible in `probe-cli`, we are
wrapping such an interface into a `DialContext` func.

The code for obfs4 is adapted from https://github.com/ooni/probe-cli/pull/341.

The code for snowflake is significantly easier than it is in
https://github.com/ooni/probe-cli/pull/341, because now Snowflake
supports the PTv2 spec (thanks @cohosh!).

The code for setting up a pluggable transport listener has also
been adapted from https://github.com/ooni/probe-cli/pull/341.

We cannot merge this code yet, because we need unit testing, yet the
newly added code already seems suitable for these use cases:

1. testing by dialing and seeing whether we can dial (which is not
very useful but still better than not doing it);

2. spawning tor+pluggable transports for circumvention (we need a
little more hammering like we did in https://github.com/ooni/probe-cli/pull/341,
which is basically https://github.com/ooni/probe/issues/1565, and then
we will be able to do that, as demonstrated by the new, simple client which
already allows us to use pluggable transports with tor);

3. testing by launching tor (when available) with a set of
pluggable transports (which depends on https://github.com/ooni/probe-engine/issues/897
and has not been assigned an issue yet).

* fix: tweaks after self code-review

* feat: write quick tests for ptx/obfs4

(They run in 0.4s, so I think it's fine for them to always run.)

* feat(ptx/snowflake): write unit and integration tests

* feat: create a fake PTDialer

The idea is that we'll use this simpler PTDialer for testing.

* feat: finish writing tests for new package

* Apply suggestions from code review

* Update internal/ptx/dependencies_test.go

Co-authored-by: Arturo Filastò <arturo@openobservatory.org>

* Update internal/ptx/dependencies_test.go

Co-authored-by: Arturo Filastò <arturo@openobservatory.org>

* chore: use as testing bridge one that's used by tor browser

The previous testing bridge used to be used by tor browser but
it was subsequently removed here:

e26e91bef8

See https://github.com/ooni/probe-cli/pull/373#discussion_r649820724

Co-authored-by: Arturo Filastò <arturo@openobservatory.org>
2021-06-14 10:20:54 +02:00
Simone Basso
06ee0e55a9
refactor(netx/dialer): hide implementation complexity (#372)
* refactor(netx/dialer): hide implementation complexity

This follows the blueprint of `module.Config` and `nodule.New`
described at https://github.com/ooni/probe/issues/1591.

* fix: ndt7 bug where we were not using the right resolver

* fix(legacy/netx): clarify irrelevant implementation change

* fix: improve comments

* fix(hhfm): do not use dialer.New b/c it breaks it

Unclear to me why this is happening. Still, improve upon the
previous situation by adding a timeout.

It does not seem a priority to look into this issue now.
2021-06-09 09:42:31 +02:00
Simone Basso
b7a6dbe47b
refactor(netx/dialer): we can simplify the proxy (#371)
The socks5 factory always returns a DialContext capable dialer. We just
need to cast to obtain such a dialer.

Also, the code will use the DialContext if passed a dialer that
implements DialContext.

Write a test that proves my point.

Part of https://github.com/ooni/probe/issues/1591.
2021-06-09 07:11:31 +02:00
Simone Basso
ee35b10a98
refactor(netx): dialer does not use legacy/netx anymore (#370)
Part of https://github.com/ooni/probe-engine/issues/897
2021-06-09 00:29:40 +02:00
Simone Basso
3672e14d3e
refactor(netx): towards removing connid, dialid, etc (#369)
I have verified that experiment/tor does not depend on this
functionality, therefore we can safely remove it.

Part of https://github.com/ooni/probe-engine/issues/897
2021-06-09 00:15:33 +02:00
Simone Basso
5b73230a6d
refactor(netx): move dialer's mockable types in mockablex (#368)
Part of https://github.com/ooni/probe/issues/1591
2021-06-08 23:59:30 +02:00
Simone Basso
b8cae3f5a6
cleanup(netx): remove unused proxy-via-context codepath (#367)
We always set the proxy explicitly now. So, let us remove this
extra bit of code we're not using.

Part of https://github.com/ooni/probe/issues/1507.
2021-06-08 22:26:24 +02:00
Simone Basso
8ad17775fa
refactor(netx): the TimeoutDialer is useless (#366)
We already configure a timeout in the underlying dialer, hence
there's no point in keeping the TimeoutDialer around.

Part of https://github.com/ooni/probe/issues/1507
2021-06-08 21:56:57 +02:00
Simone Basso
a647cf4988
refactor(netx): remove forwardes for tlsx (#365)
Part of https://github.com/ooni/probe/issues/1591
2021-06-08 21:14:45 +02:00
Simone Basso
adbde7246b
refactor(netx): remove the self censorship mechanism (#364)
We're currently use jafar for QA and jafar is a better mechanism,
even though it is not portable outside of Linux.

This self censorship mechanism was less cool and added a bunch
of (also cognitive) complexity to netx.

If we ever want to go down a self censorship like road, we probably
want to do as little work as possible in the problem and as much
work as possible inside a helper like jafar.

Part of https://github.com/ooni/probe/issues/1591.
2021-06-08 19:40:17 +02:00
Simone Basso
c553afdbd5
refactor(netx): start moving tls-specific code inside the tlsx pkg (#363)
* refactor(netx): move cert pool code inside tlsx

* refactor(netx): move more tls code inside tlsx
2021-06-08 15:39:25 +02:00
Simone Basso
0317420398
Merge pull request #362 from ooni/develop
I am currently working on https://github.com/ooni/probe-engine/issues/725 with an eye on https://github.com/ooni/probe/issues/1507. While approaching these issues, it seems that the `netx` codebase could use some consolidation (_coagula_) and some splitting (_solve_).

The general idea of these changes is that I want to arrive to the situation where we have (1) a `New` factory method for each package under `netx` for which it makes sense (e.g., `dialer.New`, `tlsdialer.New`, `httptransport.New`), (2) a separate `Config` structure per package (e.g., `dialer.Config`) rather than having all the possible config into the same structure (3) part of the `urlgetter` code (and namely the low-level part) moved into the `netx` package. (See https://github.com/ooni/probe/issues/1591.)

There is too much bureaucracy around writing a new experiment. Much of this bureaucracy will go (it seems) if we do what I have said above. After that, we will end up that you run tests by using the top-level `netx` package. (In any case, I am not of course 100% sure about all the changes that will come after, but this comment seems enough to set a direction.)

These are the changes in this pull request:

* refactor(netx): extract tlsdialer from dialer

We want these two packages to be separate. Dialer was doing too much before. Separating TLS dialing code into a separate package allows us to have a `tlsdialer.New` factory that clearly conveys the meaning. Also, this would allow us to much more clearly separate configuration and simplify reasoning on what each factory does.

* refactor(engine): move `tlsx` package inside `netx` and merge the `gocertifi` package inside it

It would be tempting to merge everything inside `tlsdialer` but the reality is that also the `quicdialer` package needs to use the same code, therefore, it seems more tidy to actually have some tls extensions in `netx`.
2021-06-08 13:40:59 +02:00
Simone Basso
626f0df66d chore(netx): fetch new CA bundle 2021-06-08 13:04:42 +02:00
Simone Basso
6620b0bbad refactor(netx): merge gocertifi into tlsx 2021-06-08 13:01:16 +02:00
Simone Basso
63cc692d66 refactor: move i/e/i/tlsx in i/e/netx 2021-06-08 12:56:39 +02:00
Simone Basso
704e5bd870 refactor(netx): extract tlsdialer from dialer 2021-06-08 12:52:15 +02:00
Simone Basso
e0311e8fed
chore: we are now at 3.11.0-alpha (#361) 2021-06-08 10:08:13 +02:00
Simone Basso
d4d1ac3832
cleanup(ndt7): remove redundant/unused code (#360) 2021-06-04 17:44:13 +02:00
Simone Basso
f271e71c0b
geolocate: first pass of code review and minor fixes (#359)
* doc(geolocate): minor cleanup

* more minor cleanups of geolocate

* remove disabled test and see whether now it works
2021-06-04 16:06:24 +02:00
Simone Basso
3cb6c7c6fb
refactor: move tunnel pkg down one level (#358)
* refactor: move tunnel pkg down one level

While there, reduce unnecessary dependency on external packages.

* file I forgot to commit
2021-06-04 15:15:41 +02:00
Simone Basso
39aec6677d
cleanup(shellx): do not directly depend on apex/log (#357) 2021-06-04 14:02:18 +02:00
Simone Basso
944d3c53fa
doc: improve and reference existing bug in the code (#356) 2021-06-04 12:50:23 +02:00
Simone Basso
4764d7f378
cleanup(platform): we don't need CGO anymore (#355)
* cleanup(platform): we don't need CGO anymore

Since go1.16, we have the `ios` port. So we can easily
disambiguate between ios and darwin.

This means we don't need to rely on CGO to correctly guess
whether we are on ios or darwin anymore.

So, now miniooni does not depend on a C compiler even
when you are not cross compiling.

* Update internal/platform/platform.go
2021-06-04 11:46:06 +02:00
Simone Basso
acd4ffff35
doc: cleanup and improve for recently moved pkgs (#354)
* chore(atomicx): review docs and add usage example

* chore(fsx): improve docs, return value, add examples

* fix(kvstore): correct typo and add example

* fix(multierror): add basic example

* doc: revamp ooapi documentation
2021-06-04 11:39:00 +02:00
Simone Basso
33de701263
refactor: flatten and separate (#353)
* refactor(atomicx): move outside the engine package

After merging probe-engine into probe-cli, my impression is that we have
too much unnecessary nesting of packages in this repository.

The idea of this commit and of a bunch of following commits will instead
be to reduce the nesting and simplify the structure.

While there, improve the documentation.

* fix: always use the atomicx package

For consistency, never use sync/atomic and always use ./internal/atomicx
so we can just grep and make sure we're not risking to crash if we make
a subtle mistake on a 32 bit platform.

While there, mention in the contributing guidelines that we want to
always prefer the ./internal/atomicx package over sync/atomic.

* fix(atomicx): remove unnecessary constructor

We don't need a constructor here. The default constructed `&Int64{}`
instance is already usable and the constructor does not add anything to
what we are doing, rather it just creates extra confusion.

* cleanup(atomicx): we are not using Float64

Because atomicx.Float64 is unused, we can safely zap it.

* cleanup(atomicx): simplify impl and improve tests

We can simplify the implementation by using defer and by letting
the Load() method call Add(0).

We can improve tests by making many goroutines updated the
atomic int64 value concurrently.

* refactor(fsx): can live in the ./internal pkg

Let us reduce the amount of nesting. While there, ensure that the
package only exports the bare minimum, and improve the documentation
of the tests, to ease reading the code.

* refactor: move runtimex to ./internal

* refactor: move shellx into the ./internal package

While there, remove unnecessary dependency between packages.

While there, specify in the contributing guidelines that
one should use x/sys/execabs instead of os/exec.

* refactor: move ooapi into the ./internal pkg

* refactor(humanize): move to ./internal and better docs

* refactor: move platform to ./internal

* refactor(randx): move to ./internal

* refactor(multierror): move into the ./internal pkg

* refactor(kvstore): all kvstores in ./internal

Rather than having part of the kvstore inside ./internal/engine/kvstore
and part in ./internal/engine/kvstore.go, let us put every piece of code
that is kvstore related into the ./internal/kvstore package.

* fix(kvstore): always return ErrNoSuchKey on Get() error

It should help to use the kvstore everywhere removing all the
copies that are lingering around the tree.

* sessionresolver: make KVStore mandatory

Simplifies implementation. While there, use the ./internal/kvstore
package rather than having our private implementation.

* fix(ooapi): use the ./internal/kvstore package

* fix(platform): better documentation
2021-06-04 10:34:18 +02:00
Simone Basso
2a7fdcd810
feat: make sure our debian repo is WAI (#351)
We want to be sure it's working for all the supported archs.

See https://github.com/ooni/probe/issues/1484
2021-05-19 14:12:33 +02:00
Simone Basso
e9da23f123
fix(debian): make sure we can publish all archs (#350)
We are mostly good to declare a stable release. We still need to deal with https://github.com/ooni/probe/issues/1484.

In this PR, we fix the aforementioned issue. These are the changes:

1. we remove the vendored `debops-ci`, and we pull it directly from `ooni/sysadmin`
2. we introduce a new script, `./CLI/linux/pubdebian`, to publish packages
3. we modify `./mk` to allow for publishing debian packages built outside of CI

The latter point has been quite useful in debugging what was wrong.
2021-05-19 13:54:19 +02:00
Simone Basso
6125eb96a6
refactor: reorganize and to end and smoke testing (#348)
1. we can merge the e2eminiooni.yml test into the miniooni.yml test
so to reduce the number of tests we run;

2. ideally we would like the smoketest.sh test to evolve and also
check whether we can fetch the measurements we submitted, so start
moving this script into the `./E2E` folder, add a note saying we
would like to do that, and direct all the tests to run this script
at its new location and with its new name (`ooniprobe.sh`).

With these two changes, it's fine to remove the ooniprobe2debian.yml
test in ooni/e2etesting because we're moving its functionality to this
repository. (We mentioned the need to do this move in a previous TODO
comment at the top of such a script.)

Work part of https://github.com/ooni/probe/issues/1468
2021-05-13 18:04:47 +02:00
Simone Basso
c95a2b12fb
feat(mk): prepare desktop builds (#347)
Part of https://github.com/ooni/probe/issues/1468
2021-05-13 12:13:56 +02:00
Simone Basso
7e3455caac
fix(mk): ios must depend on copying the psiphon config (#346)
See https://github.com/ooni/probe/issues/1468
2021-05-13 09:14:10 +02:00
Simone Basso
a4cf473ee9
Release 3.10.0 beta.3 (#345)
* chore: run go-generate

See https://github.com/ooni/probe/issues/1468

* chore: update all the dependencies

Unclear to me why `go get -u -v ./...` did not actually update
all of them and I needed to spell out each of them and force to
update by going `go get -u -v $pkg@latest` ¯\_(ツ)_/¯.

Part of https://github.com/ooni/probe/issues/1468

* fix(c/o/i/d/actions_test.go): ensure we check for return value

Part of https://github.com/ooni/probe/issues/1468

* chore: update the user agents we use

See https://github.com/ooni/probe/issues/1468

* chore: set version to 3.10.0-beta.3

See https://github.com/ooni/probe/issues/1468

* chore: use probe-assets v0.3.1

Part of https://github.com/ooni/probe/issues/1468
2021-05-13 08:16:28 +02:00
Simone Basso
f77f54bcc9
feat: build and publish debian/{armhf,i386} (#344)
* feat: build and publish debian/{armhf,i386}

Part of https://github.com/ooni/probe/issues/807

* zap temporary build
2021-05-11 20:16:27 +02:00
Simone Basso
b2209bb637
refactor: replace ./make (python3) with ./mk (makefile) (#343)
This pull request fixes https://github.com/ooni/probe/issues/1471. We have replaced the original build script (`./make`) with the `./mk` makefile (executable using `#!/usr/bin/make -f`). We concluded supporting direct builds from Windows is not worth the effort and halving the code we need to maintain is probably a good plus. Both macOS and Linux install GNU make at `/usr/bin/make`, so we should be okay in the common use cases.

I significantly simplified the management of Go versioning by requiring the user to manage it and by enforcing that we are using the desired Go version. This speeds up builds and works in sane operating systems that use the last version of a specific package. Otherwise, it's possible to use the `go get golang.org/dl/go${version}` feature.

The remaining question mark was related to updating the Android SDK. I have determined that a good course of action is pinning to the latest CLI tools and always forcing the CLI tools to install the latest required packages (e.g., the NDK).
2021-05-11 16:15:13 +02:00
Simone Basso
6841db6cb0
Merge pull request #340 from ooni/release/3.10.0-beta.2
chore: bump to 3.10.0-beta.2
2021-05-07 14:37:32 +02:00
Simone Basso
2344690960 chore: bump to 3.10.0-beta.2 2021-05-07 12:19:51 +02:00
Simone Basso
ad73fef757
fix(./make): chdir before signing for Android (#339)
More cleanup after https://github.com/ooni/probe/issues/1466
2021-05-07 12:18:40 +02:00
Simone Basso
2c0cef4b1a
refactor(./make): better way to discover deps (#338)
Cleanup after https://github.com/ooni/probe/issues/1466
2021-05-07 12:11:08 +02:00
Simone Basso
e753e57da3
feat(gha/linux): upload deb packages for arm64 (#337)
We're still working on https://github.com/ooni/probe/issues/1466. The idea here is to teach the GH action for Linux to publish the debian package for arm64. When this is done, we can cleanup legacy build scripts and GH actions, because there is no remaining use case for them: we now build everything using the `./make` tool.
2021-05-07 09:22:46 +02:00
Simone Basso
3109d56aef
feat(gha): build debian package using ./make (#331)
Part of https://github.com/ooni/probe/issues/1466. We're building both `arm64` and `amd64`. We are still not publishing `arm64` packages, which is what is asked in the original issue, but we're really close to doing that.
2021-05-06 22:13:09 +02:00
Simone Basso
c258a0fedd
CLI, debian, make: misc cleanup and changes (#336)
This PR	groups misc cleanup and changes from https://github.com/ooni/probe-cli/pull/331.

* CLI/linux/build: add documentation

* debian/.gitignore: ignore generated files

* debian/TODO: unnecessary at this point

* debian/ooniprobe-cli.service: remove commented out lines

* debian/rules: remove unnecessary actions

* make: reindent and fix spelling

* smoketest.sh: don't run in verbose mode

Part of https://github.com/ooni/probe/issues/1466
2021-05-06 21:20:45 +02:00
Simone Basso
1ea760cb5f
refactor(make): simplify the implementation of backticks (#335)
See https://github.com/ooni/probe/issues/1466
2021-05-06 20:57:17 +02:00
Simone Basso
6b88730cc4
refactor(.github/workflows): linux: use ./make, run less frequently (#334)
While there, flush `print`s in `./make` to have more understandable logging.

Also part of https://github.com/ooni/probe/issues/1466
2021-05-06 20:44:56 +02:00
Simone Basso
b5ba1e743f
refactor(.github/workflows): macos, windows: use ./make, run less frequently (#333)
Like in the previous PR, here we make macos and windows builds only run when we're preparing a release. While there, migrate the code to use the `./make` script. Tested in https://github.com/ooni/probe-cli/pull/331.

Reference issue is https://github.com/ooni/probe/issues/1466
2021-05-06 20:08:18 +02:00
Simone Basso
fd333bad16
refactor(.github/workflows): reorganize many builds (#332)
1. reduce the number of periodic builds

2. just build as part of the release process in most cases

3. shorttests duplicates coverage

Preliminary changes as part of https://github.com/ooni/probe/issues/1466
2021-05-06 19:56:55 +02:00
Simone Basso
0f98caf3b4
feat(make): sign more generated binaries (#330)
* doc(make): add not about qemu-user-static

While still investigating https://github.com/ooni/probe/issues/1466

* feat(make): sign more generated binaries

While there, fix an annoying bug where the context manager
was suppressing exceptions that occurred.

Work part of https://github.com/ooni/probe/issues/1466.
2021-05-05 14:26:19 +02:00