Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

testingsocks5: TestInvalidVersion: connection_reset_by_peer #2538

Open
bassosimone opened this issue Sep 18, 2023 · 0 comments
Open

testingsocks5: TestInvalidVersion: connection_reset_by_peer #2538

bassosimone opened this issue Sep 18, 2023 · 0 comments
Assignees

Comments

@bassosimone
Copy link
Contributor

bassosimone commented Sep 18, 2023

I have seen this test of the ./internal/testingsocks5 package fail twice in ooni/probe-cli#1281.

The full log of a failed tests run is here:

--- FAIL: TestInvalidVersion (0.00s)
    internal_test.go:102: write tcp 127.0.0.1:49540->127.0.0.1:38529: write: connection reset by peer
2023/09/18 11:41:03  info SOCKS5_CLIENT: sending: [5]
2023/09/18 11:41:03  info SOCKS5_CLIENT: expecting: []
2023/09/18 11:41:03  info SOCKS5: got version: [5] 
2023/09/18 11:41:03  info SOCKS5_CLIENT: got: []   
2023/09/18 11:41:03  info SOCKS5_CLIENT: sending: [5 1 2 1 3 102 111 111 51 98 97 114]
2023/09/18 11:41:03  info SOCKS5_CLIENT: expecting: [5 255]
2023/09/18 11:41:03  warn SOCKS5: s.serveConn: failed to authenticate: failed to get auth methods: EOF
2023/09/18 11:41:03  info SOCKS5: got version: [5] 
2023/09/18 11:41:03  info SOCKS5_CLIENT: got: [5 255]
2023/09/18 11:41:03  info SOCKS5_CLIENT: sending: [5 1 0]
2023/09/18 11:41:03  info SOCKS5_CLIENT: expecting: [5 0]
2023/09/18 11:41:03  info SOCKS5: got version: [5] 
2023/09/18 11:41:03  info SOCKS5: authenticated: &{Method:0 Payload:map[]}
2023/09/18 11:41:03  info SOCKS5_CLIENT: got: [5 0]
2023/09/18 11:41:03  info SOCKS5_CLIENT: sending: [5]
2023/09/18 11:41:03  info SOCKS5_CLIENT: expecting: []
2023/09/18 11:41:03  info SOCKS5_CLIENT: got: []   
2023/09/18 11:41:03  info SOCKS5_CLIENT: sending: [5 1 0]
2023/09/18 11:41:03  info SOCKS5_CLIENT: expecting: [5 0]
2023/09/18 11:41:03  warn SOCKS5: s.serveConn: failed to read destination address: failed to get command version: unexpected EOF
2023/09/18 11:41:03  info SOCKS5: got version: [5] 
2023/09/18 11:41:03  info SOCKS5: authenticated: &{Method:0 Payload:map[]}
2023/09/18 11:41:03  info SOCKS5_CLIENT: got: [5 0]
2023/09/18 11:41:03  info SOCKS5_CLIENT: sending: [17 2 0]
2023/09/18 11:41:03  info SOCKS5_CLIENT: expecting: []
2023/09/18 11:41:03  info SOCKS5_CLIENT: got: []   
2023/09/18 11:41:03  info SOCKS5_CLIENT: sending: [5 1 0]
2023/09/18 11:41:03  info SOCKS5_CLIENT: expecting: [5 0]
2023/09/18 11:41:03  warn SOCKS5: s.serveConn: failed to read destination address: unsupported command version: 17
2023/09/18 11:41:03  info SOCKS5: got version: [5] 
2023/09/18 11:41:03  info SOCKS5: authenticated: &{Method:0 Payload:map[]}
2023/09/18 11:41:03  info SOCKS5_CLIENT: got: [5 0]
2023/09/18 11:41:03  info SOCKS5_CLIENT: sending: [5 2 0 1 127 0 0 1 0 80]
2023/09/18 11:41:03  info SOCKS5_CLIENT: expecting: [5 7 0 1 0 0 0 0 0 0]
2023/09/18 11:41:03  info SOCKS5_CLIENT: got: [5 7 0 1 0 0 0 0 0 0]
2023/09/18 11:41:03  info SOCKS5_CLIENT: sending: [5 1 0]
2023/09/18 11:41:03  info SOCKS5_CLIENT: expecting: [5 0]
2023/09/18 11:41:03  info SOCKS5: got version: [5] 
2023/09/18 11:41:03  info SOCKS5: authenticated: &{Method:0 Payload:map[]}
2023/09/18 11:41:03  info SOCKS5_CLIENT: got: [5 0]
2023/09/18 11:41:03  info SOCKS5_CLIENT: sending: [5 2 0 55 127 0 0 1 0 80]
2023/09/18 11:41:03  info SOCKS5_CLIENT: expecting: []
2023/09/18 11:41:03  info SOCKS5_CLIENT: got: []   
2023/09/18 11:41:03  info SOCKS5_CLIENT: sending: [5 1 0]
2023/09/18 11:41:03  info SOCKS5_CLIENT: expecting: [5 0]
2023/09/18 11:41:03  warn SOCKS5: s.serveConn: failed to read destination address: unrecognized address type
2023/09/18 11:41:03  info SOCKS5: got version: [5] 
2023/09/18 11:41:03  info SOCKS5: authenticated: &{Method:0 Payload:map[]}
2023/09/18 11:41:03  info SOCKS5_CLIENT: got: [5 0]
2023/09/18 11:41:03  info SOCKS5_CLIENT: sending: [5 2 0]
2023/09/18 11:41:03  info SOCKS5_CLIENT: expecting: []
2023/09/18 11:41:03  info SOCKS5_CLIENT: got: []   
2023/09/18 11:41:03  info SOCKS5_CLIENT: sending: [5 1 0]
2023/09/18 11:41:03  info SOCKS5_CLIENT: expecting: [5 0]
2023/09/18 11:41:03  warn SOCKS5: s.serveConn: failed to read destination address: EOF
2023/09/18 11:41:03  info SOCKS5: got version: [5] 
2023/09/18 11:41:03  info SOCKS5: authenticated: &{Method:0 Payload:map[]}
2023/09/18 11:41:03  info SOCKS5_CLIENT: got: [5 0]
2023/09/18 11:41:03  info SOCKS5_CLIENT: sending: [5 2 0 1]
2023/09/18 11:41:03  info SOCKS5_CLIENT: expecting: []
2023/09/18 11:41:03  info SOCKS5_CLIENT: got: []   
2023/09/18 11:41:03  info SOCKS5_CLIENT: sending: [5 1 0]
2023/09/18 11:41:03  info SOCKS5_CLIENT: expecting: [5 0]
2023/09/18 11:41:03  warn SOCKS5: s.serveConn: failed to read destination address: EOF
2023/09/18 11:41:03  info SOCKS5: got version: [5] 
2023/09/18 11:41:03  info SOCKS5: authenticated: &{Method:0 Payload:map[]}
2023/09/18 11:41:03  info SOCKS5_CLIENT: got: [5 0]
2023/09/18 11:41:03  info SOCKS5_CLIENT: sending: [5 2 0 4]
2023/09/18 11:41:03  info SOCKS5_CLIENT: expecting: []
2023/09/18 11:41:03  info SOCKS5_CLIENT: got: []   
2023/09/18 11:41:03  info SOCKS5_CLIENT: sending: [5 1 0]
2023/09/18 11:41:03  info SOCKS5_CLIENT: expecting: [5 0]
2023/09/18 11:41:03  warn SOCKS5: s.serveConn: failed to read destination address: EOF
2023/09/18 11:41:03  info SOCKS5: got version: [5] 
2023/09/18 11:41:03  info SOCKS5: authenticated: &{Method:0 Payload:map[]}
2023/09/18 11:41:03  info SOCKS5_CLIENT: got: [5 0]
2023/09/18 11:41:03  info SOCKS5_CLIENT: sending: [5 2 0 3]
2023/09/18 11:41:03  info SOCKS5_CLIENT: expecting: []
2023/09/18 11:41:03  info SOCKS5_CLIENT: got: []   
2023/09/18 11:41:03  warn SOCKS5: s.serveConn: failed to authenticate: no supported authentication mechanism
2023/09/18 11:41:03  warn SOCKS5: s.serveConn: failed to read destination address: EOF
2023/09/18 11:41:03  info SOCKS5_CLIENT: sending: [5 1 0]
2023/09/18 11:41:03  info SOCKS5_CLIENT: expecting: [5 0]
2023/09/18 11:41:03  info SOCKS5: got version: [5] 
2023/09/18 11:41:03  info SOCKS5_CLIENT: got: [5 0]
2023/09/18 11:41:03  info SOCKS5: authenticated: &{Method:0 Payload:map[]}
2023/09/18 11:41:03  info SOCKS5_CLIENT: sending: [5 2 0 3 10]
2023/09/18 11:41:03  info SOCKS5_CLIENT: expecting: []
2023/09/18 11:41:03  info SOCKS5_CLIENT: got: []   
2023/09/18 11:41:03  warn SOCKS5: s.serveConn: failed to read destination address: EOF
2023/09/18 11:41:03  info SOCKS5_CLIENT: sending: [5 1 0]
2023/09/18 11:41:03  info SOCKS5_CLIENT: expecting: [5 0]
2023/09/18 11:41:03  info SOCKS5: got version: [5] 
2023/09/18 11:41:03  info SOCKS5: authenticated: &{Method:0 Payload:map[]}
2023/09/18 11:41:03  info SOCKS5_CLIENT: got: [5 0]
2023/09/18 11:41:03  info SOCKS5_CLIENT: sending: [5 2 0 4 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0]
2023/09/18 11:41:03  info SOCKS5_CLIENT: expecting: []
2023/09/18 11:41:03  info SOCKS5_CLIENT: got: []   
2023/09/18 11:41:03  warn SOCKS5: s.serveConn: failed to read destination address: EOF
2023/09/18 11:41:03 dialerWithAssertions: verified that the network is tcp as expected
2023/09/18 11:41:03 dialerWithAssertions: verified that the address is 10.0.0.1 as expected
2023/09/18 11:41:03  info SOCKS5: got version: [5] 
2023/09/18 11:41:03  info SOCKS5: authenticated: &{Method:0 Payload:map[]}
2023/09/18 11:41:03  info SOCKS5: handling CONNECT command
2023/09/18 11:41:03  info SOCKS5: endpoint: www.example.com:80
2023/09/18 11:41:03  warn netem: ReadFrameNonblocking: netem: network stack closed
2023/09/18 11:41:03  warn netem: dns: pconn.ReadFrom: EOF
2023/09/18 11:41:03  warn netem: ReadFrameNonblocking: netem: network stack closed
2023/09/18 11:41:04 dialerWithAssertions: verified that the network is tcp as expected
2023/09/18 11:41:04 dialerWithAssertions: verified that the address is 10.0.0.1 as expected
2023/09/18 11:41:04  info SOCKS5: got version: [5] 
2023/09/18 11:41:04  info SOCKS5: authenticated: &{Method:0 Payload:map[]}
2023/09/18 11:41:04  info SOCKS5: handling CONNECT command
2023/09/18 11:41:04  info SOCKS5: endpoint: www.example.com:443
2023/09/18 11:41:04  warn netem: dns: pconn.ReadFrom: EOF
2023/09/18 11:41:04 dialerWithAssertions: verified that the network is tcp as expected
2023/09/18 11:41:04 dialerWithAssertions: verified that the address is 10.0.0.1 as expected
2023/09/18 11:41:04  info SOCKS5: got version: [5] 
2023/09/18 11:41:04  info SOCKS5: authenticated: &{Method:0 Payload:map[]}
2023/09/18 11:41:04  info SOCKS5: handling CONNECT command
2023/09/18 11:41:04  info SOCKS5: endpoint: 93.184.216.34:80
2023/09/18 11:41:04  warn netem: ReadFrameNonblocking: netem: network stack closed
2023/09/18 11:41:04  warn netem: dns: pconn.ReadFrom: EOF
2023/09/18 11:41:05 dialerWithAssertions: verified that the network is tcp as expected
2023/09/18 11:41:05 dialerWithAssertions: verified that the address is 10.0.0.1 as expected
2023/09/18 11:41:05  info SOCKS5: got version: [5] 
2023/09/18 11:41:05  info SOCKS5: authenticated: &{Method:0 Payload:map[]}
2023/09/18 11:41:05  info SOCKS5: handling CONNECT command
2023/09/18 11:41:05  info SOCKS5: endpoint: 93.184.216.34:443
2023/09/18 11:41:05  warn netem: dns: pconn.ReadFrom: EOF
2023/09/18 11:41:05  warn netem: ReadFrameNonblocking: netem: network stack closed
2023/09/18 11:41:06  info SOCKS5: got version: [5] 
2023/09/18 11:41:06  info SOCKS5: authenticated: &{Method:0 Payload:map[]}
2023/09/18 11:41:06  info SOCKS5: handling CONNECT command
2023/09/18 11:41:06  info SOCKS5: endpoint: www.example.com:443
2023/09/18 11:41:06  warn netem: dns: pconn.ReadFrom: EOF
FAIL
	github.com/ooni/probe-cli/v3/internal/testingsocks5	coverage: 100.0% of statements
FAIL	github.com/ooni/probe-cli/v3/internal/testingsocks5	3.517s

I am going to commit a mitigation for this test being flaky. We should investigate and fix it when possible.

@bassosimone bassosimone self-assigned this Sep 18, 2023
bassosimone added a commit to ooni/probe-cli that referenced this issue Sep 18, 2023
I am making progress with ooni/probe#2531 and
I want to reactor model/netx.go such that the TLSHandshaker returns a
model.TLSConn rather than a net.Conn.

Returning a net.Conn and documenting it is a model.TLSConn is bad
compared to returning a model.TLSConn directly.

Note that we cannot apply the same transformation to netxlite's
TLSDialer.DialTLSContext because such a method must be assignable to
net/http and github.com/ooni/oohttp's Transport function also called
DialTLSContext.

The fact that we need code to be assignable to the Transport function is
what historically led the TLSHandshaker to return a net.Conn as well.
But it was quite clear from the get go that this choice led to some
quirks (and, in fact, this behavior was explicitly documented as such).

While there, slightly refactor `internal/experiment/echcheck/utls.go` to
avoid storing the conn inside the handshaker and make sure the test
coverage does not drop for this experiment.

While there, note that ooni/probe#2538 exists
and commit a mitigation.
Murphy-OrangeMud pushed a commit to Murphy-OrangeMud/probe-cli that referenced this issue Feb 13, 2024
I am making progress with ooni/probe#2531 and
I want to reactor model/netx.go such that the TLSHandshaker returns a
model.TLSConn rather than a net.Conn.

Returning a net.Conn and documenting it is a model.TLSConn is bad
compared to returning a model.TLSConn directly.

Note that we cannot apply the same transformation to netxlite's
TLSDialer.DialTLSContext because such a method must be assignable to
net/http and github.com/ooni/oohttp's Transport function also called
DialTLSContext.

The fact that we need code to be assignable to the Transport function is
what historically led the TLSHandshaker to return a net.Conn as well.
But it was quite clear from the get go that this choice led to some
quirks (and, in fact, this behavior was explicitly documented as such).

While there, slightly refactor `internal/experiment/echcheck/utls.go` to
avoid storing the conn inside the handshaker and make sure the test
coverage does not drop for this experiment.

While there, note that ooni/probe#2538 exists
and commit a mitigation.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
Status: No status
Development

No branches or pull requests

1 participant