Documentation
¶
Index ¶
- Constants
- Variables
- func EncodeServerEntry(serverEntry *ServerEntry) (string, error)
- func GetCapability(protocol string) string
- func TunnelProtocolUsesMeekHTTP(protocol string) bool
- func TunnelProtocolUsesMeekHTTPS(protocol string) bool
- func TunnelProtocolUsesObfuscatedSSH(protocol string) bool
- func TunnelProtocolUsesObfuscatedSessionTickets(protocol string) bool
- func TunnelProtocolUsesSSH(protocol string) bool
- func ValidateServerEntry(serverEntry *ServerEntry) error
- type ConnectedResponse
- type HandshakeResponse
- type OSLRequest
- type SSHPasswordPayload
- type ServerEntry
- func (serverEntry *ServerEntry) DisableImpairedProtocols(impairedProtocols []string)
- func (serverEntry *ServerEntry) GetSupportedProtocols() []string
- func (serverEntry *ServerEntry) GetUntunneledWebRequestPorts() []string
- func (serverEntry *ServerEntry) SupportsProtocol(protocol string) bool
- func (serverEntry *ServerEntry) SupportsSSHAPIRequests() bool
Constants ¶
const ( TUNNEL_PROTOCOL_SSH = "SSH" TUNNEL_PROTOCOL_OBFUSCATED_SSH = "OSSH" TUNNEL_PROTOCOL_UNFRONTED_MEEK = "UNFRONTED-MEEK-OSSH" TUNNEL_PROTOCOL_UNFRONTED_MEEK_HTTPS = "UNFRONTED-MEEK-HTTPS-OSSH" TUNNEL_PROTOCOL_UNFRONTED_MEEK_SESSION_TICKET = "UNFRONTED-MEEK-SESSION-TICKET-OSSH" TUNNEL_PROTOCOL_FRONTED_MEEK = "FRONTED-MEEK-OSSH" TUNNEL_PROTOCOL_FRONTED_MEEK_HTTP = "FRONTED-MEEK-HTTP-OSSH" SERVER_ENTRY_SOURCE_EMBEDDED = "EMBEDDED" SERVER_ENTRY_SOURCE_REMOTE = "REMOTE" SERVER_ENTRY_SOURCE_DISCOVERY = "DISCOVERY" SERVER_ENTRY_SOURCE_TARGET = "TARGET" SERVER_ENTRY_SOURCE_OBFUSCATED = "OBFUSCATED" CAPABILITY_SSH_API_REQUESTS = "ssh-api-requests" CAPABILITY_UNTUNNELED_WEB_API_REQUESTS = "handshake" CLIENT_CAPABILITY_SERVER_REQUESTS = "server-requests" PSIPHON_API_HANDSHAKE_REQUEST_NAME = "psiphon-handshake" PSIPHON_API_CONNECTED_REQUEST_NAME = "psiphon-connected" PSIPHON_API_STATUS_REQUEST_NAME = "psiphon-status" PSIPHON_API_CLIENT_VERIFICATION_REQUEST_NAME = "psiphon-client-verification" PSIPHON_API_OSL_REQUEST_NAME = "psiphon-osl" PSIPHON_API_CLIENT_SESSION_ID_LENGTH = 16 PSIPHON_SSH_API_PROTOCOL = "ssh" PSIPHON_WEB_API_PROTOCOL = "web" )
Variables ¶
var SupportedServerEntrySources = []string{ SERVER_ENTRY_SOURCE_EMBEDDED, SERVER_ENTRY_SOURCE_REMOTE, SERVER_ENTRY_SOURCE_DISCOVERY, SERVER_ENTRY_SOURCE_TARGET, SERVER_ENTRY_SOURCE_OBFUSCATED, }
Functions ¶
func EncodeServerEntry ¶
func EncodeServerEntry(serverEntry *ServerEntry) (string, error)
EncodeServerEntry returns a string containing the encoding of a ServerEntry following Psiphon conventions.
func GetCapability ¶
GetCapability returns the server capability corresponding to the protocol.
func TunnelProtocolUsesSSH ¶
func ValidateServerEntry ¶
func ValidateServerEntry(serverEntry *ServerEntry) error
ValidateServerEntry checks for malformed server entries. Currently, it checks for a valid ipAddress. This is important since handshake requests submit back to the server a list of known server IP addresses and the handshake API expects well-formed inputs. TODO: validate more fields
Types ¶
type ConnectedResponse ¶
type ConnectedResponse struct {
ConnectedTimestamp string `json:"connected_timestamp"`
}
type HandshakeResponse ¶
type HandshakeResponse struct {
SSHSessionID string `json:"ssh_session_id"`
Homepages []string `json:"homepages"`
UpgradeClientVersion string `json:"upgrade_client_version"`
PageViewRegexes []map[string]string `json:"page_view_regexes"`
HttpsRequestRegexes []map[string]string `json:"https_request_regexes"`
EncodedServerList []string `json:"encoded_server_list"`
ClientRegion string `json:"client_region"`
ServerTimestamp string `json:"server_timestamp"`
}
type OSLRequest ¶
type OSLRequest struct {
ClearLocalSLOKs bool `json:"clear_local_sloks"`
SeedPayload *osl.SeedPayload `json:"seed_payload"`
}
type SSHPasswordPayload ¶
type ServerEntry ¶
type ServerEntry struct {
IpAddress string `json:"ipAddress"`
WebServerPort string `json:"webServerPort"` // not an int
WebServerSecret string `json:"webServerSecret"`
WebServerCertificate string `json:"webServerCertificate"`
SshPort int `json:"sshPort"`
SshUsername string `json:"sshUsername"`
SshPassword string `json:"sshPassword"`
SshHostKey string `json:"sshHostKey"`
SshObfuscatedPort int `json:"sshObfuscatedPort"`
SshObfuscatedKey string `json:"sshObfuscatedKey"`
Capabilities []string `json:"capabilities"`
Region string `json:"region"`
MeekServerPort int `json:"meekServerPort"`
MeekCookieEncryptionPublicKey string `json:"meekCookieEncryptionPublicKey"`
MeekObfuscatedKey string `json:"meekObfuscatedKey"`
MeekFrontingHost string `json:"meekFrontingHost"`
MeekFrontingHosts []string `json:"meekFrontingHosts"`
MeekFrontingDomain string `json:"meekFrontingDomain"`
MeekFrontingAddresses []string `json:"meekFrontingAddresses"`
MeekFrontingAddressesRegex string `json:"meekFrontingAddressesRegex"`
MeekFrontingDisableSNI bool `json:"meekFrontingDisableSNI"`
// These local fields are not expected to be present in downloaded server
// entries. They are added by the client to record and report stats about
// how and when server entries are obtained.
LocalSource string `json:"localSource"`
LocalTimestamp string `json:"localTimestamp"`
}
ServerEntry represents a Psiphon server. It contains information about how to establish a tunnel connection to the server through several protocols. Server entries are JSON records downloaded from various sources.
func DecodeAndValidateServerEntryList ¶
func DecodeAndValidateServerEntryList( encodedServerEntryList, timestamp, serverEntrySource string) (serverEntries []*ServerEntry, err error)
DecodeAndValidateServerEntryList extracts server entries from the list encoding used by remote server lists and Psiphon server handshake requests. Each server entry is validated and invalid entries are skipped. See DecodeServerEntry for note on serverEntrySource/timestamp.
func DecodeServerEntry ¶
func DecodeServerEntry( encodedServerEntry, timestamp, serverEntrySource string) (serverEntry *ServerEntry, err error)
DecodeServerEntry extracts server entries from the encoding used by remote server lists and Psiphon server handshake requests.
The resulting ServerEntry.LocalSource is populated with serverEntrySource, which should be one of SERVER_ENTRY_SOURCE_EMBEDDED, SERVER_ENTRY_SOURCE_REMOTE, SERVER_ENTRY_SOURCE_DISCOVERY, SERVER_ENTRY_SOURCE_TARGET, SERVER_ENTRY_SOURCE_OBFUSCATED. ServerEntry.LocalTimestamp is populated with the provided timestamp, which should be a RFC 3339 formatted string. These local fields are stored with the server entry and reported to the server as stats (a coarse granularity timestamp is reported).
func (*ServerEntry) DisableImpairedProtocols ¶
func (serverEntry *ServerEntry) DisableImpairedProtocols(impairedProtocols []string)
DisableImpairedProtocols modifies the ServerEntry to disable the specified protocols. Note: this assumes that protocol capabilities are 1-to-1.
func (*ServerEntry) GetSupportedProtocols ¶
func (serverEntry *ServerEntry) GetSupportedProtocols() []string
GetSupportedProtocols returns a list of tunnel protocols supported by the ServerEntry's capabilities.
func (*ServerEntry) GetUntunneledWebRequestPorts ¶
func (serverEntry *ServerEntry) GetUntunneledWebRequestPorts() []string
func (*ServerEntry) SupportsProtocol ¶
func (serverEntry *ServerEntry) SupportsProtocol(protocol string) bool
SupportsProtocol returns true if and only if the ServerEntry has the necessary capability to support the specified tunnel protocol.
func (*ServerEntry) SupportsSSHAPIRequests ¶
func (serverEntry *ServerEntry) SupportsSSHAPIRequests() bool
SupportsSSHAPIRequests returns true when the server supports SSH API requests.
Source Files