forked from ooni/probe-cli
-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathmain.go
More file actions
165 lines (158 loc) · 4.6 KB
/
main.go
File metadata and controls
165 lines (158 loc) · 4.6 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
// -=-=- StartHere -=-=-
//
// # Chapter I: HTTP GET with QUIC conn
//
// In this chapter we will write together a `main.go` file that
// uses netxlite to establish a QUIC connection to a remote endpoint
// and then fetches a webpage from it using GET.
//
// This file is basically the same as the one used in chapter04
// with the small addition of the code to perform the GET.
//
// (This file is auto-generated from the corresponding source file,
// so make sure you don't edit it manually.)
//
// ## The main.go file
//
// We define `main.go` file using `package main`.
//
// The beginning of the program is equal to chapter04,
// so there is not much to say about it.
//
// ```Go
package main
import (
"context"
"crypto/tls"
"errors"
"flag"
"net/http"
"net/url"
"os"
"time"
"github.com/apex/log"
"github.com/ooni/probe-cli/v3/internal/netxlite"
"github.com/quic-go/quic-go"
)
func main() {
log.SetLevel(log.DebugLevel)
address := flag.String("address", "8.8.4.4:443", "Remote endpoint address")
sni := flag.String("sni", "dns.google", "SNI to use")
timeout := flag.Duration("timeout", 60*time.Second, "Timeout")
flag.Parse()
ctx, cancel := context.WithTimeout(context.Background(), *timeout)
defer cancel()
config := &tls.Config{ // #nosec G402 - we need to use a large TLS versions range for measuring
ServerName: *sni,
NextProtos: []string{"h3"},
RootCAs: nil,
}
qconn, _, err := dialQUIC(ctx, *address, config)
if err != nil {
fatal(err)
}
log.Infof("Connection type : %T", qconn)
// ```
//
// This is where things diverge. We create an HTTP client
// using a transport created with `netxlite.NewHTTP3Transport`.
//
// This transport will use a "single use" QUIC dialer.
// What does this mean? Well, we create such a QUICDialer
// using the connection we already established. The first
// time the HTTP code dials for QUIC, the QUICDialer will
// return the connection we passed to its constructor
// immediately. Every subsequent QUIC dial attempt will fail.
//
// The result is an HTTPTransport suitable for performing
// a single request using the given QUIC conn.
//
// (A similar construct allows to create an HTTPTransport that
// uses a cleartext TCP connection. In the previous chapter we've
// seen how to do the same using TLS conns.)
//
// ```Go
clnt := &http.Client{Transport: netxlite.NewHTTP3Transport(
log.Log, netxlite.NewSingleUseQUICDialer(qconn),
&tls.Config{}, // #nosec G402 - we need to use a large TLS versions range for measuring
)}
// ```
//
// Once we have the proper transport and client, the rest of
// the code is basically standard Go for fetching a webpage
// using the GET method.
//
// ```Go
log.Infof("Transport : %T", clnt.Transport)
defer clnt.CloseIdleConnections()
resp, err := clnt.Get(
(&url.URL{Scheme: "https", Host: *sni, Path: "/"}).String())
if err != nil {
fatal(err)
}
log.Infof("Status code: %d", resp.StatusCode)
_ = resp.Body.Close()
}
// ```
//
// We won't comment on the rest of the program because it is
// exactly like what we've seen in chapter04.
//
// ```Go
func dialQUIC(ctx context.Context, address string,
config *tls.Config) (quic.EarlyConnection, tls.ConnectionState, error) {
netx := &netxlite.Netx{}
ql := netx.NewUDPListener()
d := netx.NewQUICDialerWithoutResolver(ql, log.Log)
qconn, err := d.DialContext(ctx, address, config, &quic.Config{})
if err != nil {
return nil, tls.ConnectionState{}, err
}
return qconn, qconn.ConnectionState().TLS, nil
}
func fatal(err error) {
var ew *netxlite.ErrWrapper
if !errors.As(err, &ew) {
log.Fatal("cannot get ErrWrapper")
}
log.Warnf("error string : %s", err.Error())
log.Warnf("OONI failure : %s", ew.Failure)
log.Warnf("failed operation: %s", ew.Operation)
log.Warnf("underlying error: %+v", ew.WrappedErr)
os.Exit(1)
}
// ```
//
// ## Running the code
//
// ### Vanilla run
//
// You can now run this code as follows:
//
// ```bash
// go run -race ./internal/tutorial/netxlite/chapter08
// ```
//
// You will see debug logs describing what is happening along with timing info.
//
// ### QUIC handshake timeout
//
// ```bash
// go run -race ./internal/tutorial/netxlite/chapter08 -address 8.8.4.4:1
// ```
//
// should cause a QUIC handshake timeout error. Try lowering the timout adding, e.g.,
// the `-timeout 5s` flag to the command line.
//
// ### SNI mismatch
//
// ```bash
// go run -race ./internal/tutorial/netxlite/chapter08 -sni example.com
// ```
//
// should give you an error mentioning the certificate is invalid.
//
// ## Conclusions
//
// We have seen how to establish a QUIC connection with a website
// and then how to GET a webpage using such a connection.