From 186df09a8fdbb459d47d45d4630e3170247bb25b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Arturo=20Filast=C3=B2?= Date: Fri, 8 Nov 2024 14:18:54 +0100 Subject: [PATCH] Add support for OuterSni field * Add extra handshake that uses a different outer SNI field --- internal/experiment/echcheck/measure.go | 41 ++++++++++++++++++++----- internal/model/archival.go | 1 + 2 files changed, 35 insertions(+), 7 deletions(-) diff --git a/internal/experiment/echcheck/measure.go b/internal/experiment/echcheck/measure.go index bd1d12ffb..3a19bde9c 100644 --- a/internal/experiment/echcheck/measure.go +++ b/internal/experiment/echcheck/measure.go @@ -92,14 +92,22 @@ func (m *Measurer) Run( return netxlite.NewErrWrapper(netxlite.ClassifyGenericError, netxlite.ConnectOperation, err) } + ol = logx.NewOperationLogger(args.Session.Logger(), "echcheck: TCPConnect#3 %s", address) + conn3, err := dialer.DialContext(ctx, "tcp", address) + ol.Stop(err) + if err != nil { + return netxlite.NewErrWrapper(netxlite.ClassifyGenericError, netxlite.ConnectOperation, err) + } + // 3. Conduct and measure control and target TLS handshakes in parallel - controlChannel := make(chan model.ArchivalTLSOrQUICHandshakeResult) - targetChannel := make(chan model.ArchivalTLSOrQUICHandshakeResult) + noEchChannel := make(chan model.ArchivalTLSOrQUICHandshakeResult) + echWithMatchingOuterSniChannel := make(chan model.ArchivalTLSOrQUICHandshakeResult) + echWithExampleOuterSniChannel := make(chan model.ArchivalTLSOrQUICHandshakeResult) ctx, cancel := context.WithTimeout(ctx, 10*time.Second) defer cancel() go func() { - controlChannel <- *handshake( + noEchChannel <- *handshake( ctx, conn, args.Measurement.MeasurementStartTimeSaved, @@ -110,7 +118,7 @@ func (m *Measurer) Run( }() go func() { - targetChannel <- *handshakeWithEch( + echWithMatchingOuterSniChannel <- *handshakeWithEch( ctx, conn2, args.Measurement.MeasurementStartTimeSaved, @@ -120,10 +128,29 @@ func (m *Measurer) Run( ) }() - control := <-controlChannel - target := <-targetChannel + exampleSni := "cloudflare.com" + go func() { + echWithExampleOuterSniChannel <- *handshakeWithEch( + ctx, + conn3, + args.Measurement.MeasurementStartTimeSaved, + address, + exampleSni, + args.Session.Logger(), + ) + }() - args.Measurement.TestKeys = TestKeys{TLSHandshakes: []*model.ArchivalTLSOrQUICHandshakeResult{&control, &target}} + noEch := <-noEchChannel + echWithMatchingOuterSni := <-echWithMatchingOuterSniChannel + echWithMatchingOuterSni.ServerName = parsed.Host + echWithMatchingOuterSni.OuterServerName = parsed.Host + echWithExampleOuterSni := <-echWithExampleOuterSniChannel + echWithExampleOuterSni.ServerName = parsed.Host + echWithExampleOuterSni.OuterServerName = exampleSni + + args.Measurement.TestKeys = TestKeys{TLSHandshakes: []*model.ArchivalTLSOrQUICHandshakeResult{ + &noEch, &echWithMatchingOuterSni, &echWithExampleOuterSni, + }} return nil } diff --git a/internal/model/archival.go b/internal/model/archival.go index affa15c33..1930dc53c 100644 --- a/internal/model/archival.go +++ b/internal/model/archival.go @@ -248,6 +248,7 @@ type ArchivalTLSOrQUICHandshakeResult struct { NoTLSVerify bool `json:"no_tls_verify"` PeerCertificates []ArchivalBinaryData `json:"peer_certificates"` ServerName string `json:"server_name"` + OuterServerName string `json:"outer_server_name,omitempty"` ECHConfig string `json:"echconfig,omitempty"` T0 float64 `json:"t0,omitempty"` T float64 `json:"t"`