0fdc9cafb5
* fix(all): introduce and use iox.ReadAllContext This improvement over the ioutil.ReadAll utility returns early if the context expires. This enables us to unblock stuck code in case there's censorship confounding the TCP stack. See https://github.com/ooni/probe/issues/1417. Compared to the functionality postulated in the above mentioned issue, I choose to be more generic and separate limiting the maximum body size (not implemented here) from using the context to return early when reading a body (or any other reader). After implementing iox.ReadAllContext, I made sure we always use it everywhere in the tree instead of ioutil.ReadAll. This includes many parts of the codebase where in theory we don't need iox.ReadAllContext. Though, changing all the places makes checking whether we're not using ioutil.ReadAll where we should not be using it easy: `git grep` should return no lines. * Update internal/iox/iox_test.go * fix(ndt7): treat context errors as non-errors The rationale is explained by the comment documenting reduceErr. * Update internal/engine/experiment/ndt7/download.go
172 lines
4.2 KiB
Go
172 lines
4.2 KiB
Go
package netx_test
|
|
|
|
import (
|
|
"context"
|
|
"crypto/x509"
|
|
"errors"
|
|
"net"
|
|
"net/http"
|
|
"net/http/httptest"
|
|
"net/url"
|
|
"strings"
|
|
"testing"
|
|
"time"
|
|
|
|
"github.com/ooni/probe-cli/v3/internal/engine/legacy/netx"
|
|
"github.com/ooni/probe-cli/v3/internal/engine/netx/errorx"
|
|
"github.com/ooni/probe-cli/v3/internal/iox"
|
|
)
|
|
|
|
func dowithclient(t *testing.T, client *netx.HTTPClient) {
|
|
defer client.CloseIdleConnections()
|
|
resp, err := client.HTTPClient.Get("https://www.google.com")
|
|
if err != nil {
|
|
t.Fatal(err)
|
|
}
|
|
defer resp.Body.Close()
|
|
_, err = iox.ReadAllContext(context.Background(), resp.Body)
|
|
if err != nil {
|
|
t.Fatal(err)
|
|
}
|
|
}
|
|
|
|
func TestHTTPClient(t *testing.T) {
|
|
client := netx.NewHTTPClient()
|
|
dowithclient(t, client)
|
|
}
|
|
|
|
func TestHTTPClientAndTransport(t *testing.T) {
|
|
client := netx.NewHTTPClient()
|
|
client.Transport = netx.NewHTTPTransport()
|
|
dowithclient(t, client)
|
|
}
|
|
|
|
func TestHTTPClientConfigureDNS(t *testing.T) {
|
|
client := netx.NewHTTPClientWithoutProxy()
|
|
err := client.ConfigureDNS("udp", "1.1.1.1:53")
|
|
if err != nil {
|
|
t.Fatal(err)
|
|
}
|
|
dowithclient(t, client)
|
|
}
|
|
|
|
func TestHTTPClientSetResolver(t *testing.T) {
|
|
client := netx.NewHTTPClientWithoutProxy()
|
|
client.SetResolver(new(net.Resolver))
|
|
dowithclient(t, client)
|
|
}
|
|
|
|
func TestHTTPClientSetCABundle(t *testing.T) {
|
|
client := netx.NewHTTPClientWithoutProxy()
|
|
err := client.SetCABundle("testdata/cacert.pem")
|
|
if err != nil {
|
|
t.Fatal(err)
|
|
}
|
|
resp, err := client.HTTPClient.Get("https://www.google.com")
|
|
var target x509.UnknownAuthorityError
|
|
if errors.As(err, &target) == false {
|
|
t.Fatal("not the error we expected")
|
|
}
|
|
if resp != nil {
|
|
t.Fatal("expected a nil conn here")
|
|
}
|
|
}
|
|
|
|
func TestHTTPClientForceSpecificSNI(t *testing.T) {
|
|
client := netx.NewHTTPClientWithoutProxy()
|
|
err := client.ForceSpecificSNI("www.facebook.com")
|
|
if err != nil {
|
|
t.Fatal(err)
|
|
}
|
|
resp, err := client.HTTPClient.Get("https://www.google.com")
|
|
var target x509.HostnameError
|
|
if errors.As(err, &target) == false {
|
|
t.Fatal("not the error we expected")
|
|
}
|
|
if resp != nil {
|
|
t.Fatal("expected a nil response here")
|
|
}
|
|
}
|
|
|
|
func TestHTTPClientForceSkipVerify(t *testing.T) {
|
|
client := netx.NewHTTPClientWithoutProxy()
|
|
client.ForceSkipVerify()
|
|
resp, err := client.HTTPClient.Get("https://self-signed.badssl.com/")
|
|
if err != nil {
|
|
t.Fatal(err)
|
|
}
|
|
if resp == nil {
|
|
t.Fatal("expected non nil response here")
|
|
}
|
|
}
|
|
|
|
func TestHTTPNewClientProxy(t *testing.T) {
|
|
server := httptest.NewServer(http.HandlerFunc(
|
|
func(w http.ResponseWriter, r *http.Request) {
|
|
w.WriteHeader(451)
|
|
}))
|
|
defer server.Close()
|
|
client := netx.NewHTTPClientWithoutProxy()
|
|
httpProxyTestMain(t, client.HTTPClient, 200)
|
|
client = netx.NewHTTPClientWithProxyFunc(func(req *http.Request) (*url.URL, error) {
|
|
return url.Parse(server.URL)
|
|
})
|
|
httpProxyTestMain(t, client.HTTPClient, 451)
|
|
}
|
|
|
|
const httpProxyTestsURL = "http://explorer.ooni.org"
|
|
|
|
func httpProxyTestMain(t *testing.T, client *http.Client, expect int) {
|
|
req, err := http.NewRequest("GET", httpProxyTestsURL, nil)
|
|
if err != nil {
|
|
t.Fatal(err)
|
|
}
|
|
resp, err := client.Do(req)
|
|
if err != nil {
|
|
t.Fatal(err)
|
|
}
|
|
defer resp.Body.Close()
|
|
_, err = iox.ReadAllContext(context.Background(), resp.Body)
|
|
if err != nil {
|
|
t.Fatal(err)
|
|
}
|
|
if resp.StatusCode != expect {
|
|
t.Fatal("unexpected status code")
|
|
}
|
|
}
|
|
|
|
func TestHTTPTransportTimeout(t *testing.T) {
|
|
client := &http.Client{Transport: netx.NewHTTPTransport()}
|
|
req, err := http.NewRequest("GET", "https://www.google.com", nil)
|
|
if err != nil {
|
|
t.Fatal(err)
|
|
}
|
|
ctx, cancel := context.WithTimeout(context.Background(), time.Millisecond)
|
|
defer cancel()
|
|
req = req.WithContext(ctx)
|
|
resp, err := client.Do(req)
|
|
if err == nil {
|
|
t.Fatal("expected an error here")
|
|
}
|
|
if !strings.HasSuffix(err.Error(), errorx.FailureGenericTimeoutError) {
|
|
t.Fatal("not the error we expected")
|
|
}
|
|
if resp != nil {
|
|
t.Fatal("expected nil resp here")
|
|
}
|
|
}
|
|
|
|
func TestHTTPTransportFailure(t *testing.T) {
|
|
client := &http.Client{Transport: netx.NewHTTPTransport()}
|
|
// This fails the request because we attempt to speak cleartext HTTP with
|
|
// a server that instead is expecting TLS.
|
|
resp, err := client.Get("http://www.google.com:443")
|
|
if err == nil {
|
|
t.Fatal("expected an error here")
|
|
}
|
|
if resp != nil {
|
|
t.Fatal("expected a nil response here")
|
|
}
|
|
client.CloseIdleConnections()
|
|
}
|