parameters

package
v2.0.28+incompatible Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Nov 2, 2022 License: GPL-3.0 Imports: 16 Imported by: 58

Documentation

Overview

Package parameters implements dynamic, concurrency-safe parameters that determine Psiphon client and server behaviors.

Parameters include network timeouts, probabilities for actions, lists of protocols, etc. Parameters are initialized with reasonable defaults. New values may be applied, allowing the client or server to customize its parameters from both a config file and tactics data. Sane minimum values are enforced.

Parameters may be read and updated concurrently. The read mechanism offers a snapshot so that related parameters, such as two Ints representing a range; or a more complex series of related parameters; may be read in an atomic and consistent way. For example: 

p := params.Get()
min := p.Int("Min")
max := p.Int("Max")
p = nil

For long-running operations, it is recommended to set any pointer to the snapshot to nil to allow garbage collection of old snaphots in cases where the parameters change.

In general, parameters should be read as close to the point of use as possible to ensure that dynamic changes to the parameter values take effect.

For duration parameters, time.ParseDuration-compatible string values are supported when applying new values. This allows specifying durations as, for example, "100ms" or "24h".

Values read from the parameters are not deep copies and must be treated as read-only.

Index

Constants

View Source 
const (
	NetworkLatencyMultiplier                         = "NetworkLatencyMultiplier"
	NetworkLatencyMultiplierMin                      = "NetworkLatencyMultiplierMin"
	NetworkLatencyMultiplierMax                      = "NetworkLatencyMultiplierMax"
	NetworkLatencyMultiplierLambda                   = "NetworkLatencyMultiplierLambda"
	TacticsWaitPeriod                                = "TacticsWaitPeriod"
	TacticsRetryPeriod                               = "TacticsRetryPeriod"
	TacticsRetryPeriodJitter                         = "TacticsRetryPeriodJitter"
	TacticsTimeout                                   = "TacticsTimeout"
	ConnectionWorkerPoolSize                         = "ConnectionWorkerPoolSize"
	TunnelPoolSize                                   = "TunnelPoolSize"
	TunnelConnectTimeout                             = "TunnelConnectTimeout"
	EstablishTunnelTimeout                           = "EstablishTunnelTimeout"
	EstablishTunnelWorkTime                          = "EstablishTunnelWorkTime"
	EstablishTunnelPausePeriod                       = "EstablishTunnelPausePeriod"
	EstablishTunnelPausePeriodJitter                 = "EstablishTunnelPausePeriodJitter"
	EstablishTunnelServerAffinityGracePeriod         = "EstablishTunnelServerAffinityGracePeriod"
	StaggerConnectionWorkersPeriod                   = "StaggerConnectionWorkersPeriod"
	StaggerConnectionWorkersJitter                   = "StaggerConnectionWorkersJitter"
	LimitIntensiveConnectionWorkers                  = "LimitIntensiveConnectionWorkers"
	UpstreamProxyErrorMinWaitDuration                = "UpstreamProxyErrorMinWaitDuration"
	UpstreamProxyErrorMaxWaitDuration                = "UpstreamProxyErrorMaxWaitDuration"
	IgnoreHandshakeStatsRegexps                      = "IgnoreHandshakeStatsRegexps"
	PrioritizeTunnelProtocolsProbability             = "PrioritizeTunnelProtocolsProbability"
	PrioritizeTunnelProtocols                        = "PrioritizeTunnelProtocols"
	PrioritizeTunnelProtocolsCandidateCount          = "PrioritizeTunnelProtocolsCandidateCount"
	InitialLimitTunnelProtocolsProbability           = "InitialLimitTunnelProtocolsProbability"
	InitialLimitTunnelProtocols                      = "InitialLimitTunnelProtocols"
	InitialLimitTunnelProtocolsCandidateCount        = "InitialLimitTunnelProtocolsCandidateCount"
	LimitTunnelProtocolsProbability                  = "LimitTunnelProtocolsProbability"
	LimitTunnelProtocols                             = "LimitTunnelProtocols"
	LimitTunnelDialPortNumbersProbability            = "LimitTunnelDialPortNumbersProbability"
	LimitTunnelDialPortNumbers                       = "LimitTunnelDialPortNumbers"
	LimitTLSProfilesProbability                      = "LimitTLSProfilesProbability"
	LimitTLSProfiles                                 = "LimitTLSProfiles"
	UseOnlyCustomTLSProfiles                         = "UseOnlyCustomTLSProfiles"
	CustomTLSProfiles                                = "CustomTLSProfiles"
	SelectRandomizedTLSProfileProbability            = "SelectRandomizedTLSProfileProbability"
	NoDefaultTLSSessionIDProbability                 = "NoDefaultTLSSessionIDProbability"
	DisableFrontingProviderTLSProfiles               = "DisableFrontingProviderTLSProfiles"
	LimitQUICVersionsProbability                     = "LimitQUICVersionsProbability"
	LimitQUICVersions                                = "LimitQUICVersions"
	DisableFrontingProviderQUICVersions              = "DisableFrontingProviderQUICVersions"
	QUICDisableClientPathMTUDiscoveryProbability     = "QUICDisableClientPathMTUDiscoveryProbability"
	FragmentorProbability                            = "FragmentorProbability"
	FragmentorLimitProtocols                         = "FragmentorLimitProtocols"
	FragmentorMinTotalBytes                          = "FragmentorMinTotalBytes"
	FragmentorMaxTotalBytes                          = "FragmentorMaxTotalBytes"
	FragmentorMinWriteBytes                          = "FragmentorMinWriteBytes"
	FragmentorMaxWriteBytes                          = "FragmentorMaxWriteBytes"
	FragmentorMinDelay                               = "FragmentorMinDelay"
	FragmentorMaxDelay                               = "FragmentorMaxDelay"
	FragmentorDownstreamProbability                  = "FragmentorDownstreamProbability"
	FragmentorDownstreamLimitProtocols               = "FragmentorDownstreamLimitProtocols"
	FragmentorDownstreamMinTotalBytes                = "FragmentorDownstreamMinTotalBytes"
	FragmentorDownstreamMaxTotalBytes                = "FragmentorDownstreamMaxTotalBytes"
	FragmentorDownstreamMinWriteBytes                = "FragmentorDownstreamMinWriteBytes"
	FragmentorDownstreamMaxWriteBytes                = "FragmentorDownstreamMaxWriteBytes"
	FragmentorDownstreamMinDelay                     = "FragmentorDownstreamMinDelay"
	FragmentorDownstreamMaxDelay                     = "FragmentorDownstreamMaxDelay"
	ObfuscatedSSHMinPadding                          = "ObfuscatedSSHMinPadding"
	ObfuscatedSSHMaxPadding                          = "ObfuscatedSSHMaxPadding"
	TunnelOperateShutdownTimeout                     = "TunnelOperateShutdownTimeout"
	TunnelPortForwardDialTimeout                     = "TunnelPortForwardDialTimeout"
	PacketTunnelReadTimeout                          = "PacketTunnelReadTimeout"
	TunnelRateLimits                                 = "TunnelRateLimits"
	AdditionalCustomHeaders                          = "AdditionalCustomHeaders"
	SpeedTestPaddingMinBytes                         = "SpeedTestPaddingMinBytes"
	SpeedTestPaddingMaxBytes                         = "SpeedTestPaddingMaxBytes"
	SpeedTestMaxSampleCount                          = "SpeedTestMaxSampleCount"
	SSHKeepAliveSpeedTestSampleProbability           = "SSHKeepAliveSpeedTestSampleProbability"
	SSHKeepAlivePaddingMinBytes                      = "SSHKeepAlivePaddingMinBytes"
	SSHKeepAlivePaddingMaxBytes                      = "SSHKeepAlivePaddingMaxBytes"
	SSHKeepAlivePeriodMin                            = "SSHKeepAlivePeriodMin"
	SSHKeepAlivePeriodMax                            = "SSHKeepAlivePeriodMax"
	SSHKeepAlivePeriodicTimeout                      = "SSHKeepAlivePeriodicTimeout"
	SSHKeepAlivePeriodicInactivePeriod               = "SSHKeepAlivePeriodicInactivePeriod"
	SSHKeepAliveProbeTimeout                         = "SSHKeepAliveProbeTimeout"
	SSHKeepAliveProbeInactivePeriod                  = "SSHKeepAliveProbeInactivePeriod"
	SSHKeepAliveNetworkConnectivityPollingPeriod     = "SSHKeepAliveNetworkConnectivityPollingPeriod"
	SSHKeepAliveResetOnFailureProbability            = "SSHKeepAliveResetOnFailureProbability"
	HTTPProxyOriginServerTimeout                     = "HTTPProxyOriginServerTimeout"
	HTTPProxyMaxIdleConnectionsPerHost               = "HTTPProxyMaxIdleConnectionsPerHost"
	FetchRemoteServerListTimeout                     = "FetchRemoteServerListTimeout"
	FetchRemoteServerListRetryPeriod                 = "FetchRemoteServerListRetryPeriod"
	FetchRemoteServerListStalePeriod                 = "FetchRemoteServerListStalePeriod"
	RemoteServerListSignaturePublicKey               = "RemoteServerListSignaturePublicKey"
	RemoteServerListURLs                             = "RemoteServerListURLs"
	ObfuscatedServerListRootURLs                     = "ObfuscatedServerListRootURLs"
	PsiphonAPIRequestTimeout                         = "PsiphonAPIRequestTimeout"
	PsiphonAPIStatusRequestPeriodMin                 = "PsiphonAPIStatusRequestPeriodMin"
	PsiphonAPIStatusRequestPeriodMax                 = "PsiphonAPIStatusRequestPeriodMax"
	PsiphonAPIStatusRequestShortPeriodMin            = "PsiphonAPIStatusRequestShortPeriodMin"
	PsiphonAPIStatusRequestShortPeriodMax            = "PsiphonAPIStatusRequestShortPeriodMax"
	PsiphonAPIStatusRequestPaddingMinBytes           = "PsiphonAPIStatusRequestPaddingMinBytes"
	PsiphonAPIStatusRequestPaddingMaxBytes           = "PsiphonAPIStatusRequestPaddingMaxBytes"
	PsiphonAPIPersistentStatsMaxCount                = "PsiphonAPIPersistentStatsMaxCount"
	PsiphonAPIConnectedRequestPeriod                 = "PsiphonAPIConnectedRequestPeriod"
	PsiphonAPIConnectedRequestRetryPeriod            = "PsiphonAPIConnectedRequestRetryPeriod"
	FetchSplitTunnelRoutesTimeout                    = "FetchSplitTunnelRoutesTimeout"
	SplitTunnelRoutesURLFormat                       = "SplitTunnelRoutesURLFormat"
	SplitTunnelRoutesSignaturePublicKey              = "SplitTunnelRoutesSignaturePublicKey"
	SplitTunnelDNSServer                             = "SplitTunnelDNSServer"
	SplitTunnelClassificationTTL                     = "SplitTunnelClassificationTTL"
	SplitTunnelClassificationMaxEntries              = "SplitTunnelClassificationMaxEntries"
	FetchUpgradeTimeout                              = "FetchUpgradeTimeout"
	FetchUpgradeRetryPeriod                          = "FetchUpgradeRetryPeriod"
	FetchUpgradeStalePeriod                          = "FetchUpgradeStalePeriod"
	UpgradeDownloadURLs                              = "UpgradeDownloadURLs"
	UpgradeDownloadClientVersionHeader               = "UpgradeDownloadClientVersionHeader"
	TotalBytesTransferredNoticePeriod                = "TotalBytesTransferredNoticePeriod"
	TotalBytesTransferredEmitMemoryMetrics           = "TotalBytesTransferredEmitMemoryMetrics"
	MeekDialDomainsOnly                              = "MeekDialDomainsOnly"
	MeekLimitBufferSizes                             = "MeekLimitBufferSizes"
	MeekCookieMaxPadding                             = "MeekCookieMaxPadding"
	MeekFullReceiveBufferLength                      = "MeekFullReceiveBufferLength"
	MeekReadPayloadChunkLength                       = "MeekReadPayloadChunkLength"
	MeekLimitedFullReceiveBufferLength               = "MeekLimitedFullReceiveBufferLength"
	MeekLimitedReadPayloadChunkLength                = "MeekLimitedReadPayloadChunkLength"
	MeekMinPollInterval                              = "MeekMinPollInterval"
	MeekMinPollIntervalJitter                        = "MeekMinPollIntervalJitter"
	MeekMaxPollInterval                              = "MeekMaxPollInterval"
	MeekMaxPollIntervalJitter                        = "MeekMaxPollIntervalJitter"
	MeekPollIntervalMultiplier                       = "MeekPollIntervalMultiplier"
	MeekPollIntervalJitter                           = "MeekPollIntervalJitter"
	MeekApplyPollIntervalMultiplierProbability       = "MeekApplyPollIntervalMultiplierProbability"
	MeekRoundTripRetryDeadline                       = "MeekRoundTripRetryDeadline"
	MeekRoundTripRetryMinDelay                       = "MeekRoundTripRetryMinDelay"
	MeekRoundTripRetryMaxDelay                       = "MeekRoundTripRetryMaxDelay"
	MeekRoundTripRetryMultiplier                     = "MeekRoundTripRetryMultiplier"
	MeekRoundTripTimeout                             = "MeekRoundTripTimeout"
	MeekTrafficShapingProbability                    = "MeekTrafficShapingProbability"
	MeekTrafficShapingLimitProtocols                 = "MeekTrafficShapingLimitProtocols"
	MeekMinTLSPadding                                = "MeekMinTLSPadding"
	MeekMaxTLSPadding                                = "MeekMaxTLSPadding"
	MeekMinLimitRequestPayloadLength                 = "MeekMinLimitRequestPayloadLength"
	MeekMaxLimitRequestPayloadLength                 = "MeekMaxLimitRequestPayloadLength"
	MeekRedialTLSProbability                         = "MeekRedialTLSProbability"
	MeekAlternateCookieNameProbability               = "MeekAlternateCookieNameProbability"
	MeekAlternateContentTypeProbability              = "MeekAlternateContentTypeProbability"
	TransformHostNameProbability                     = "TransformHostNameProbability"
	PickUserAgentProbability                         = "PickUserAgentProbability"
	LivenessTestMinUpstreamBytes                     = "LivenessTestMinUpstreamBytes"
	LivenessTestMaxUpstreamBytes                     = "LivenessTestMaxUpstreamBytes"
	LivenessTestMinDownstreamBytes                   = "LivenessTestMinDownstreamBytes"
	LivenessTestMaxDownstreamBytes                   = "LivenessTestMaxDownstreamBytes"
	ReplayCandidateCount                             = "ReplayCandidateCount"
	ReplayDialParametersTTL                          = "ReplayDialParametersTTL"
	ReplayTargetUpstreamBytes                        = "ReplayTargetUpstreamBytes"
	ReplayTargetDownstreamBytes                      = "ReplayTargetDownstreamBytes"
	ReplayTargetTunnelDuration                       = "ReplayTargetTunnelDuration"
	ReplayLaterRoundMoveToFrontProbability           = "ReplayLaterRoundMoveToFrontProbability"
	ReplayRetainFailedProbability                    = "ReplayRetainFailedProbability"
	ReplayBPF                                        = "ReplayBPF"
	ReplaySSH                                        = "ReplaySSH"
	ReplayObfuscatorPadding                          = "ReplayObfuscatorPadding"
	ReplayFragmentor                                 = "ReplayFragmentor"
	ReplayTLSProfile                                 = "ReplayTLSProfile"
	ReplayRandomizedTLSProfile                       = "ReplayRandomizedTLSProfile"
	ReplayFronting                                   = "ReplayFronting"
	ReplayHostname                                   = "ReplayHostname"
	ReplayQUICVersion                                = "ReplayQUICVersion"
	ReplayObfuscatedQUIC                             = "ReplayObfuscatedQUIC"
	ReplayConjureRegistration                        = "ReplayConjureRegistration"
	ReplayConjureTransport                           = "ReplayConjureTransport"
	ReplayLivenessTest                               = "ReplayLivenessTest"
	ReplayUserAgent                                  = "ReplayUserAgent"
	ReplayAPIRequestPadding                          = "ReplayAPIRequestPadding"
	ReplayHoldOffTunnel                              = "ReplayHoldOffTunnel"
	ReplayResolveParameters                          = "ReplayResolveParameters"
	APIRequestUpstreamPaddingMinBytes                = "APIRequestUpstreamPaddingMinBytes"
	APIRequestUpstreamPaddingMaxBytes                = "APIRequestUpstreamPaddingMaxBytes"
	APIRequestDownstreamPaddingMinBytes              = "APIRequestDownstreamPaddingMinBytes"
	APIRequestDownstreamPaddingMaxBytes              = "APIRequestDownstreamPaddingMaxBytes"
	PersistentStatsMaxStoreRecords                   = "PersistentStatsMaxStoreRecords"
	PersistentStatsMaxSendBytes                      = "PersistentStatsMaxSendBytes"
	RecordRemoteServerListPersistentStatsProbability = "RecordRemoteServerListPersistentStatsProbability"
	RecordFailedTunnelPersistentStatsProbability     = "RecordFailedTunnelPersistentStatsProbability"
	ServerEntryMinimumAgeForPruning                  = "ServerEntryMinimumAgeForPruning"
	ApplicationParametersProbability                 = "ApplicationParametersProbability"
	ApplicationParameters                            = "ApplicationParameters"
	BPFServerTCPProgram                              = "BPFServerTCPProgram"
	BPFServerTCPProbability                          = "BPFServerTCPProbability"
	BPFClientTCPProgram                              = "BPFClientTCPProgram"
	BPFClientTCPProbability                          = "BPFClientTCPProbability"
	ServerPacketManipulationSpecs                    = "ServerPacketManipulationSpecs"
	ServerProtocolPacketManipulations                = "ServerProtocolPacketManipulations"
	ServerPacketManipulationProbability              = "ServerPacketManipulationProbability"
	FeedbackUploadURLs                               = "FeedbackUploadURLs"
	FeedbackEncryptionPublicKey                      = "FeedbackEncryptionPublicKey"
	FeedbackTacticsWaitPeriod                        = "FeedbackTacticsWaitPeriod"
	FeedbackUploadMaxAttempts                        = "FeedbackUploadMaxAttempts"
	FeedbackUploadRetryMinDelaySeconds               = "FeedbackUploadRetryMinDelaySeconds"
	FeedbackUploadRetryMaxDelaySeconds               = "FeedbackUploadRetryMaxDelaySeconds"
	FeedbackUploadTimeoutSeconds                     = "FeedbackUploadTimeoutSeconds"
	ServerReplayPacketManipulation                   = "ServerReplayPacketManipulation"
	ServerReplayFragmentor                           = "ServerReplayFragmentor"
	ServerReplayUnknownGeoIP                         = "ServerReplayUnknownGeoIP"
	ServerReplayTTL                                  = "ServerReplayTTL"
	ServerReplayTargetWaitDuration                   = "ServerReplayTargetWaitDuration"
	ServerReplayTargetTunnelDuration                 = "ServerReplayTargetTunnelDuration"
	ServerReplayTargetUpstreamBytes                  = "ServerReplayTargetUpstreamBytes"
	ServerReplayTargetDownstreamBytes                = "ServerReplayTargetDownstreamBytes"
	ServerReplayFailedCountThreshold                 = "ServerReplayFailedCountThreshold"
	ServerBurstUpstreamDeadline                      = "ServerBurstUpstreamDeadline"
	ServerBurstUpstreamTargetBytes                   = "ServerBurstUpstreamTargetBytes"
	ServerBurstDownstreamDeadline                    = "ServerBurstDownstreamDeadline"
	ServerBurstDownstreamTargetBytes                 = "ServerBurstDownstreamTargetBytes"
	ClientBurstUpstreamDeadline                      = "ClientBurstUpstreamDeadline"
	ClientBurstUpstreamTargetBytes                   = "ClientBurstUpstreamTargetBytes"
	ClientBurstDownstreamDeadline                    = "ClientBurstDownstreamDeadline"
	ClientBurstDownstreamTargetBytes                 = "ClientBurstDownstreamTargetBytes"
	ConjureCachedRegistrationTTL                     = "ConjureCachedRegistrationTTL"
	ConjureAPIRegistrarURL                           = "ConjureAPIRegistrarURL"
	ConjureAPIRegistrarBidirectionalURL              = "ConjureAPIRegistrarBidirectionalURL"
	ConjureAPIRegistrarFrontingSpecs                 = "ConjureAPIRegistrarFrontingSpecs"
	ConjureAPIRegistrarMinDelay                      = "ConjureAPIRegistrarMinDelay"
	ConjureAPIRegistrarMaxDelay                      = "ConjureAPIRegistrarMaxDelay"
	ConjureDecoyRegistrarProbability                 = "ConjureDecoyRegistrarProbability"
	ConjureDecoyRegistrarWidth                       = "ConjureDecoyRegistrarWidth"
	ConjureDecoyRegistrarMinDelay                    = "ConjureDecoyRegistrarMinDelay"
	ConjureDecoyRegistrarMaxDelay                    = "ConjureDecoyRegistrarMaxDelay"
	ConjureTransportObfs4Probability                 = "ConjureTransportObfs4Probability"
	CustomHostNameRegexes                            = "CustomHostNameRegexes"
	CustomHostNameProbability                        = "CustomHostNameProbability"
	CustomHostNameLimitProtocols                     = "CustomHostNameLimitProtocols"
	HoldOffTunnelMinDuration                         = "HoldOffTunnelMinDuration"
	HoldOffTunnelMaxDuration                         = "HoldOffTunnelMaxDuration"
	HoldOffTunnelProtocols                           = "HoldOffTunnelProtocols"
	HoldOffTunnelFrontingProviderIDs                 = "HoldOffTunnelFrontingProviderIDs"
	HoldOffTunnelProbability                         = "HoldOffTunnelProbability"
	RestrictFrontingProviderIDs                      = "RestrictFrontingProviderIDs"
	RestrictFrontingProviderIDsServerProbability     = "RestrictFrontingProviderIDsServerProbability"
	RestrictFrontingProviderIDsClientProbability     = "RestrictFrontingProviderIDsClientProbability"
	UpstreamProxyAllowAllServerEntrySources          = "UpstreamProxyAllowAllServerEntrySources"
	DestinationBytesMetricsASN                       = "DestinationBytesMetricsASN"
	DNSResolverAttemptsPerServer                     = "DNSResolverAttemptsPerServer"
	DNSResolverAttemptsPerPreferredServer            = "DNSResolverAttemptsPerPreferredServer"
	DNSResolverRequestTimeout                        = "DNSResolverRequestTimeout"
	DNSResolverAwaitTimeout                          = "DNSResolverAwaitTimeout"
	DNSResolverPreresolvedIPAddressCIDRs             = "DNSResolverPreresolvedIPAddressCIDRs"
	DNSResolverPreresolvedIPAddressProbability       = "DNSResolverPreresolvedIPAddressProbability"
	DNSResolverAlternateServers                      = "DNSResolverAlternateServers"
	DNSResolverPreferredAlternateServers             = "DNSResolverPreferredAlternateServers"
	DNSResolverPreferAlternateServerProbability      = "DNSResolverPreferAlternateServerProbability"
	DNSResolverProtocolTransformSpecs                = "DNSResolverProtocolTransformSpecs"
	DNSResolverProtocolTransformScopedSpecNames      = "DNSResolverProtocolTransformScopedSpecNames"
	DNSResolverProtocolTransformProbability          = "DNSResolverProtocolTransformProbability"
	DNSResolverIncludeEDNS0Probability               = "DNSResolverIncludeEDNS0Probability"
	DNSResolverCacheExtensionInitialTTL              = "DNSResolverCacheExtensionInitialTTL"
	DNSResolverCacheExtensionVerifiedTTL             = "DNSResolverCacheExtensionVerifiedTTL"
)

Variables

This section is empty.

Functions

func IsServerSideOnly added in v1.0.9 

func IsServerSideOnly(name string) bool

IsServerSideOnly indicates if the parameter specified by name is used server-side only.

Types

type BPFInstructionSpec 

type BPFInstructionSpec struct {
	Op   string
	Args json.RawMessage
}

BPFInstructionSpec represents a golang.org/x/net/bpf.Instruction and can be marshaled.

func (*BPFInstructionSpec) GetInstruction 

func (s *BPFInstructionSpec) GetInstruction() (bpf.Instruction, error)

GetInstruction coverts a BPFInstructionSpec to the equivilent golang.org/x/net/bpf.Instruction.

type BPFProgramSpec 

type BPFProgramSpec struct {
	Name         string
	Instructions []BPFInstructionSpec
}

BPFProgramSpec specifies a BPF program. The Name field is informational and may be used for logging. The Instructions field is a list of values which map to golang.org/x/net/bpf.Instruction and which can be marshaled.

func (*BPFProgramSpec) Assemble 

func (s *BPFProgramSpec) Assemble() ([]bpf.RawInstruction, error)

Assemble converts the Instructions to equivilent golang.org/x/net/bpf.Instruction values and assembles these into raw instructions suitable for attaching to a socket.

func (*BPFProgramSpec) Validate 

func (s *BPFProgramSpec) Validate() error

Validate validates a BPF program spec.

type FrontingSpec 

type FrontingSpec struct {
	FrontingProviderID string
	Addresses          []string
	DisableSNI         bool
	VerifyServerName   string
	VerifyPins         []string
	Host               string
}

FrontingSpec specifies a domain fronting configuration, to be used with MeekConn and MeekModePlaintextRoundTrip. In MeekModePlaintextRoundTrip, the fronted origin is an arbitrary web server, not a Psiphon server. This MeekConn mode requires HTTPS and server certificate validation: VerifyServerName is required; VerifyPins is recommended. See also psiphon.MeekConfig and psiphon.MeekConn.

FrontingSpec.Addresses supports the functionality of both ServerEntry.MeekFrontingAddressesRegex and ServerEntry.MeekFrontingAddresses: multiple candidates are supported, and each candidate may be a regex, or a static value (with regex syntax).

type FrontingSpecs 

type FrontingSpecs []*FrontingSpec

FrontingSpecs is a list of domain fronting specs.

func (FrontingSpecs) SelectParameters 

func (specs FrontingSpecs) SelectParameters() (
	string, string, string, string, []string, string, error)

SelectParameters selects fronting parameters from the given FrontingSpecs, first selecting a spec at random. SelectParameters is similar to psiphon.selectFrontingParameters, which operates on server entries.

The return values are: - Dial Address (domain or IP address) - SNI (which may be transformed; unless it is "", which indicates omit SNI) - VerifyServerName (see psiphon.CustomTLSConfig) - VerifyPins (see psiphon.CustomTLSConfig) - Host (Host header value)

func (FrontingSpecs) Validate 

func (specs FrontingSpecs) Validate() error

Validate checks that the JSON values are well-formed.

type KeyValues 

type KeyValues map[string]json.RawMessage

KeyValues represents a set of name/JSON pairs.

func (KeyValues) Validate 

func (keyValues KeyValues) Validate() error

Validate checks that the JSON values are well-formed.

type LabeledCIDRs 

type LabeledCIDRs map[string][]string

LabeledCIDRs consists of lists of CIDRs referenced by a label value.

func (LabeledCIDRs) Validate 

func (c LabeledCIDRs) Validate() error

Validate checks that the CIDR values are well-formed.

type PacketManipulationSpec 

type PacketManipulationSpec struct {
	Name        string
	PacketSpecs [][]string
}

PacketManipulationSpec is type-compatible with psiphon/common.packetman.Spec.

type PacketManipulationSpecs 

type PacketManipulationSpecs []*PacketManipulationSpec

PacketManipulationSpecs is a list of packet manipulation specs.

func (PacketManipulationSpecs) Validate 

func (specs PacketManipulationSpecs) Validate() error

Validate checks that each spec name is unique and that each spec compiles.

type Parameters 

type Parameters struct {
	// contains filtered or unexported fields
}

Parameters is a set of parameters. To use the parameters, call Get. To apply new values to the parameters, call Set.

func NewParameters 

func NewParameters(
	getValueLogger func(error)) (*Parameters, error)

NewParameters initializes a new Parameters with the default parameter values.

getValueLogger is optional, and is used to report runtime errors with getValue; see comment in getValue.

func (*Parameters) Get 

func (p *Parameters) Get() ParametersAccessor

Get returns the current parameters.

Values read from the current parameters are not deep copies and must be treated read-only.

The returned ParametersAccessor may be used to read multiple related values atomically and consistently while the current set of values in Parameters may change concurrently.

Get does not perform any heap allocations and is intended for repeated, direct, low-overhead invocations.

func (*Parameters) GetCustom 

func (p *Parameters) GetCustom(
	customNetworkLatencyMultiplier float64) ParametersAccessor

GetCustom returns the current parameters while also setting customizations for this instance.

The properties of Get also apply to GetCustom: must be read-only; atomic and consisent view; no heap allocations.

Customizations include:

  • customNetworkLatencyMultiplier, which overrides NetworkLatencyMultiplier for this instance only.

func (*Parameters) Set 

func (p *Parameters) Set(
	tag string, skipOnError bool, applyParameters ...map[string]interface{}) ([]int, error)

Set replaces the current parameters. First, a set of parameters are initialized using the default values. Then, each applyParameters is applied in turn, with the later instances having precedence.

When skipOnError is true, unknown or invalid parameters in any applyParameters are skipped instead of aborting with an error.

For protocol.TunnelProtocols and protocol.TLSProfiles type values, when skipOnError is true the values are filtered instead of validated, so only known tunnel protocols and TLS profiles are retained.

When an error is returned, the previous parameters remain completely unmodified.

For use in logging, Set returns a count of the number of parameters applied from each applyParameters.

type ParametersAccessor 

type ParametersAccessor struct {
	// contains filtered or unexported fields
}

ParametersAccessor provides consistent, atomic access to parameter values. Any customizations are applied transparently.

func MakeNilParametersAccessor 

func MakeNilParametersAccessor() ParametersAccessor

MakeNilParametersAccessor produces a stub ParametersAccessor which returns true for IsNil. This may be used where a ParametersAccessor value is required, but Parameters.Get may not succeed. In contexts where MakeNilParametersAccessor may be used, calls to ParametersAccessor must first check IsNil before calling accessor functions.

func (ParametersAccessor) BPFProgram 

func (p ParametersAccessor) BPFProgram(name string) (bool, string, []bpf.RawInstruction)

BPFProgram returns an assembled BPF program corresponding to a BPFProgramSpec parameter value. Returns nil in the case of any empty program.

func (ParametersAccessor) Bool 

func (p ParametersAccessor) Bool(name string) bool

Bool returns a bool parameter value.

func (ParametersAccessor) Close 

func (p ParametersAccessor) Close()

Close clears internal references to large memory objects, allowing them to be garbage collected. Call Close when done using a ParametersAccessor, where memory footprint is a concern, and where the ParametersAccessor is not immediately going out of scope. After Close is called, all other ParametersAccessor functions will panic if called.

func (ParametersAccessor) CustomTLSProfile 

func (p ParametersAccessor) CustomTLSProfile(name string) *protocol.CustomTLSProfile

CustomTLSProfile returns the CustomTLSProfile fields with the specified Name field if it exists in the CustomTLSProfiles parameter value. Returns nil if not found.

func (ParametersAccessor) CustomTLSProfileNames 

func (p ParametersAccessor) CustomTLSProfileNames() []string

CustomTLSProfileNames returns the CustomTLSProfile.Name fields for each profile in the CustomTLSProfiles parameter value.

func (ParametersAccessor) Duration 

func (p ParametersAccessor) Duration(name string) time.Duration

Duration returns a time.Duration parameter value. When the duration parameter has the useNetworkLatencyMultiplier flag, the NetworkLatencyMultiplier is applied to the returned value.

func (ParametersAccessor) Float 

func (p ParametersAccessor) Float(name string) float64

Float returns a float64 parameter value.

func (ParametersAccessor) FrontingSpecs 

func (p ParametersAccessor) FrontingSpecs(name string) FrontingSpecs

FrontingSpecs returns a FrontingSpecs parameter value.

func (ParametersAccessor) HTTPHeaders 

func (p ParametersAccessor) HTTPHeaders(name string) http.Header

HTTPHeaders returns an http.Header parameter value.

func (ParametersAccessor) Int 

func (p ParametersAccessor) Int(name string) int

Int returns an int parameter value.

func (ParametersAccessor) IsNil 

func (p ParametersAccessor) IsNil() bool

IsNil indicates that this ParametersAccessor is a stub and its accessor functions may not be called. A ParametersAccessor produced by Parameters.Get will never return true for IsNil and IsNil guards are not required for ParametersAccessors known to be produced by Parameters.Get.

func (ParametersAccessor) KeyValues 

func (p ParametersAccessor) KeyValues(name string) KeyValues

KeyValues returns a KeyValues parameter value.

func (ParametersAccessor) LabeledCIDRs 

func (p ParametersAccessor) LabeledCIDRs(name, label string) []string

LabeledCIDRs returns a CIDR string list parameter value corresponding to the specified labeled set and label value. The return value is nil when no set is found.

func (ParametersAccessor) LabeledQUICVersions 

func (p ParametersAccessor) LabeledQUICVersions(name, label string) protocol.QUICVersions

LabeledQUICVersions returns a protocol.QUICVersions parameter value corresponding to the specified labeled set and label value. The return value is nil when no set is found.

func (ParametersAccessor) LabeledTLSProfiles 

func (p ParametersAccessor) LabeledTLSProfiles(name, label string) protocol.TLSProfiles

LabeledTLSProfiles returns a protocol.TLSProfiles parameter value corresponding to the specified labeled set and label value. The return value is nil when no set is found.

func (ParametersAccessor) PacketManipulationSpecs 

func (p ParametersAccessor) PacketManipulationSpecs(name string) PacketManipulationSpecs

PacketManipulationSpecs returns a PacketManipulationSpecs parameter value.

func (ParametersAccessor) ProtocolPacketManipulations 

func (p ParametersAccessor) ProtocolPacketManipulations(name string) ProtocolPacketManipulations

ProtocolPacketManipulations returns a ProtocolPacketManipulations parameter value.

func (ParametersAccessor) ProtocolTransformScopedSpecNames 

func (p ParametersAccessor) ProtocolTransformScopedSpecNames(name string) transforms.ScopedSpecNames

ProtocolTransformScopedSpecNames returns a transforms.ScopedSpecNames parameter value.

func (ParametersAccessor) ProtocolTransformSpecs 

func (p ParametersAccessor) ProtocolTransformSpecs(name string) transforms.Specs

ProtocolTransformSpecs returns a transforms.Specs parameter value.

func (ParametersAccessor) QUICVersions 

func (p ParametersAccessor) QUICVersions(name string) protocol.QUICVersions

QUICVersions returns a protocol.QUICVersions parameter value. If there is a corresponding Probability value, a weighted coin flip will be performed and, depending on the result, the value or the parameter default will be returned.

func (ParametersAccessor) RateLimits 

func (p ParametersAccessor) RateLimits(name string) common.RateLimits

RateLimits returns a common.RateLimits parameter value.

func (ParametersAccessor) RegexStrings 

func (p ParametersAccessor) RegexStrings(name string) RegexStrings

RegexStrings returns a RegexStrings parameter value.

func (ParametersAccessor) String 

func (p ParametersAccessor) String(name string) string

String returns a string parameter value.

func (ParametersAccessor) Strings 

func (p ParametersAccessor) Strings(name string) []string

func (ParametersAccessor) TLSProfiles 

func (p ParametersAccessor) TLSProfiles(name string) protocol.TLSProfiles

TLSProfiles returns a protocol.TLSProfiles parameter value. If there is a corresponding Probability value, a weighted coin flip will be performed and, depending on the result, the value or the parameter default will be returned.

func (ParametersAccessor) Tag 

func (p ParametersAccessor) Tag() string

Tag returns the tag associated with these parameters.

func (ParametersAccessor) TransferURLs 

func (p ParametersAccessor) TransferURLs(name string) TransferURLs

TransferURLs returns a TransferURLs parameter value.

func (ParametersAccessor) TunnelProtocolPortLists 

func (p ParametersAccessor) TunnelProtocolPortLists(name string) TunnelProtocolPortLists

TunnelProtocolPortLists returns a TunnelProtocolPortLists parameter value.

func (ParametersAccessor) TunnelProtocols 

func (p ParametersAccessor) TunnelProtocols(name string) protocol.TunnelProtocols

TunnelProtocols returns a protocol.TunnelProtocols parameter value. If there is a corresponding Probability value, a weighted coin flip will be performed and, depending on the result, the value or the parameter default will be returned.

func (ParametersAccessor) WeightedCoinFlip 

func (p ParametersAccessor) WeightedCoinFlip(name string) bool

WeightedCoinFlip returns the result of prng.FlipWeightedCoin using the specified float parameter as the probability input.

type ProtocolPacketManipulations 

type ProtocolPacketManipulations map[string][]string

ProtocolPacketManipulations is a map from tunnel protocol names (or "All") to a list of packet manipulation spec names.

func (ProtocolPacketManipulations) Validate 

func (manipulations ProtocolPacketManipulations) Validate(specs PacketManipulationSpecs) error

Validate checks that tunnel protocol and spec names are valid. Duplicate spec names are allowed in each entry, enabling weighted selection.

type RegexStrings 

type RegexStrings []string

RegexStrings is a list of regex values.

func (RegexStrings) Validate 

func (regexes RegexStrings) Validate() error

Validate checks that the regex values are well-formed.

type TransferURL 

type TransferURL struct {

	// URL is the location of the resource. This string is slightly obfuscated
	// with base64 encoding to mitigate trivial binary executable string scanning.
	URL string

	// SkipVerify indicates whether to verify HTTPS certificates. In some
	// circumvention scenarios, verification is not possible. This must
	// only be set to true when the resource has its own verification mechanism.
	SkipVerify bool

	// OnlyAfterAttempts specifies how to schedule this URL when transferring
	// the same resource (same entity, same ETag) from multiple different
	// candidate locations. For a value of N, this URL is only a candidate
	// after N rounds of attempting the transfer to or from other URLs.
	OnlyAfterAttempts int

	// B64EncodedPublicKey is a base64-encoded RSA public key to be used for
	// encrypting the resource, when uploading, or for verifying a signature of
	// the resource, when downloading. Required by some operations, such as
	// uploading feedback.
	B64EncodedPublicKey string `json:",omitempty"`

	// RequestHeaders are optional HTTP headers to set on any requests made to
	// the destination.
	RequestHeaders map[string]string `json:",omitempty"`
}

TransferURL specifies a URL for uploading or downloading resources along with parameters for the transfer strategy.

type TransferURLs 

type TransferURLs []*TransferURL

TransferURLs is a list of transfer URLs.

func (TransferURLs) CanonicalURL 

func (t TransferURLs) CanonicalURL() string

CanonicalURL returns the canonical URL, to be used as a key when storing information related to the TransferURLs, such as an ETag.

func (TransferURLs) DecodeAndValidate 

func (t TransferURLs) DecodeAndValidate() error

DecodeAndValidate validates a list of transfer URLs.

At least one TransferURL in the list must have OnlyAfterAttempts of 0, or no TransferURL would be selected on the first attempt.

func (TransferURLs) Select 

func (t TransferURLs) Select(attempt int) *TransferURL

Select chooses a TransferURL from the list.

The TransferURL is selected based at random from the candidates allowed in the specified attempt.

type TunnelProtocolPortLists 

type TunnelProtocolPortLists map[string]*common.PortList

TunnelProtocolPortLists is a map from tunnel protocol names (or "All") to a list of port number ranges.

func (TunnelProtocolPortLists) Validate 

func (lists TunnelProtocolPortLists) Validate() error

Validate checks that tunnel protocol names are valid.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.