tunnel-core

module
v2.0.2+incompatible Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Mar 5, 2019 License: GPL-3.0

README

Build Status Coverage Status

Psiphon 3 Tunnel Core README

Overview

Psiphon client and server components implemented in Go. These components provides core tunnel functionality, handling all aspects of evading blocking and relaying traffic through Psiphon. In the client, local proxies provide an interface for routing traffic through the tunnel.

The client component does not include a UI and does not handle capturing or routing local traffic. These major aspects are handled by other parts of Psiphon client applications.

Status

This project is in production and used as the tunneling engine in our Windows and Android clients, which are available at our Psiphon 3 repository.

Client Setup

Build
  • Go 1.9 (or higher) is required.
  • This project builds and runs on recent versions of Windows, Linux, and Mac OS X.
  • Note that the psiphon package is imported using the absolute path github.com/Psiphon-Labs/psiphon-tunnel-core/psiphon; without further local configuration, go will use this version of the code and not the local copy in the repository.
  • In this repository, run go build in ConsoleClient to make the ConsoleClient binary, a console Psiphon client application.
    • Build versioning info may be configured as follows, and passed to go build in the -ldflags argument:

      BUILDDATE=$(date --iso-8601=seconds)
      BUILDREPO=$(git config --get remote.origin.url)
      BUILDREV=$(git rev-parse --short HEAD)
      GOVERSION=$(go version | perl -ne '/go version (.*?) / && print $1')
      DEPENDENCIES=$(echo -n "{" && go list -f '{{range $dep := .Deps}}{{printf "%s\n" $dep}}{{end}}' | xargs go list -f '{{if not .Standard}}{{.ImportPath}}{{end}}' | xargs -I pkg bash -c 'cd $GOPATH/src/pkg && echo -n "\"pkg\":\"$(git rev-parse --short HEAD)\","' | sed 's/,$/}/')
      
      LDFLAGS="\
      -X github.com/Psiphon-Labs/psiphon-tunnel-core/psiphon/common.buildDate=$BUILDDATE \
      -X github.com/Psiphon-Labs/psiphon-tunnel-core/psiphon/common.buildRepo=$BUILDREPO \
      -X github.com/Psiphon-Labs/psiphon-tunnel-core/psiphon/common.buildRev=$BUILDREV \
      -X github.com/Psiphon-Labs/psiphon-tunnel-core/psiphon/common.goVersion=$GOVERSION \
      -X github.com/Psiphon-Labs/psiphon-tunnel-core/psiphon/common.dependencies=$DEPENDENCIES \
      "
      
Configure
  • Configuration files are standard text files containing a valid JSON object. Example:
{
    "PropagationChannelId" : "<placeholder>",
    "SponsorId" : "<placeholder>",
    "LocalHttpProxyPort" : 8080,
    "LocalSocksProxyPort" : 1080
}

Note: The lines <!--BEGIN-SAMPLE-CONFIG--> and <--END-SAMPLE-CONFIG--> (visible in the raw Markdown) are used by the config test. Do not remove them.

  • All config file parameters are documented here.
  • Replace each <placeholder> with a value from your Psiphon server. The Psiphon server-side stack is open source and can be found in our Psiphon 3 repository.
Run
  • Run ./ConsoleClient --config psiphon.config where psiphon.config is created as described in the Configure section above

Other Platforms

Acknowledgements

Psiphon Tunnel Core uses:

Licensing

Please see the LICENSE file.

Contacts

We maintain a developer mailing list at psiphon3-developers@googlegroups.com. For more information about Psiphon Inc., please visit our web site at www.psiphon.ca.

Directories

Path Synopsis
MobileLibrary
psi
logging/analysis
Package analysis implements heuristical frequency analysis of Psiphon Tunnel Core server logs.
Package analysis implements heuristical frequency analysis of Psiphon Tunnel Core server logs.
Package psiphon implements the core tunnel functionality of a Psiphon client.
Package psiphon implements the core tunnel functionality of a Psiphon client.
common/accesscontrol
Package accesscontrol implements an access control authorization scheme based on digital signatures.
Package accesscontrol implements an access control authorization scheme based on digital signatures.
common/crypto/acme
Package acme provides an implementation of the Automatic Certificate Management Environment (ACME) spec.
Package acme provides an implementation of the Automatic Certificate Management Environment (ACME) spec.
common/crypto/acme/autocert/internal/acmetest
Package acmetest provides types for testing acme and autocert packages.
Package acmetest provides types for testing acme and autocert packages.
common/crypto/argon2
Package argon2 implements the key derivation function Argon2.
Package argon2 implements the key derivation function Argon2.
common/crypto/bcrypt
Package bcrypt implements Provos and Mazières's bcrypt adaptive hashing algorithm.
Package bcrypt implements Provos and Mazières's bcrypt adaptive hashing algorithm.
common/crypto/blake2b
Package blake2b implements the BLAKE2b hash algorithm defined by RFC 7693 and the extendable output function (XOF) BLAKE2Xb.
Package blake2b implements the BLAKE2b hash algorithm defined by RFC 7693 and the extendable output function (XOF) BLAKE2Xb.
common/crypto/blake2s
Package blake2s implements the BLAKE2s hash algorithm defined by RFC 7693 and the extendable output function (XOF) BLAKE2Xs.
Package blake2s implements the BLAKE2s hash algorithm defined by RFC 7693 and the extendable output function (XOF) BLAKE2Xs.
common/crypto/blowfish
Package blowfish implements Bruce Schneier's Blowfish encryption algorithm.
Package blowfish implements Bruce Schneier's Blowfish encryption algorithm.
common/crypto/bn256
Package bn256 implements a particular bilinear group.
Package bn256 implements a particular bilinear group.
common/crypto/cast5
Package cast5 implements CAST5, as defined in RFC 2144.
Package cast5 implements CAST5, as defined in RFC 2144.
common/crypto/chacha20poly1305
Package chacha20poly1305 implements the ChaCha20-Poly1305 AEAD as specified in RFC 7539, and its extended nonce variant XChaCha20-Poly1305.
Package chacha20poly1305 implements the ChaCha20-Poly1305 AEAD as specified in RFC 7539, and its extended nonce variant XChaCha20-Poly1305.
common/crypto/cryptobyte
Package cryptobyte contains types that help with parsing and constructing length-prefixed, binary messages, including ASN.1 DER.
Package cryptobyte contains types that help with parsing and constructing length-prefixed, binary messages, including ASN.1 DER.
common/crypto/cryptobyte/asn1
Package asn1 contains supporting types for parsing and building ASN.1 messages with the cryptobyte package.
Package asn1 contains supporting types for parsing and building ASN.1 messages with the cryptobyte package.
common/crypto/curve25519
Package curve25519 provides an implementation of scalar multiplication on the elliptic curve known as curve25519.
Package curve25519 provides an implementation of scalar multiplication on the elliptic curve known as curve25519.
common/crypto/ed25519
Package ed25519 implements the Ed25519 signature algorithm.
Package ed25519 implements the Ed25519 signature algorithm.
common/crypto/hkdf
Package hkdf implements the HMAC-based Extract-and-Expand Key Derivation Function (HKDF) as defined in RFC 5869.
Package hkdf implements the HMAC-based Extract-and-Expand Key Derivation Function (HKDF) as defined in RFC 5869.
common/crypto/internal/chacha20
Package ChaCha20 implements the core ChaCha20 function as specified in https://tools.ietf.org/html/rfc7539#section-2.3.
Package ChaCha20 implements the core ChaCha20 function as specified in https://tools.ietf.org/html/rfc7539#section-2.3.
common/crypto/internal/subtle
Package subtle implements functions that are often useful in cryptographic code but require careful thought to use correctly.
Package subtle implements functions that are often useful in cryptographic code but require careful thought to use correctly.
common/crypto/md4
Package md4 implements the MD4 hash algorithm as defined in RFC 1320.
Package md4 implements the MD4 hash algorithm as defined in RFC 1320.
common/crypto/nacl/auth
Package auth authenticates a message using a secret key.
Package auth authenticates a message using a secret key.
common/crypto/nacl/box
Package box authenticates and encrypts small messages using public-key cryptography.
Package box authenticates and encrypts small messages using public-key cryptography.
common/crypto/nacl/secretbox
Package secretbox encrypts and authenticates small messages.
Package secretbox encrypts and authenticates small messages.
common/crypto/nacl/sign
Package sign signs small messages using public-key cryptography.
Package sign signs small messages using public-key cryptography.
common/crypto/ocsp
Package ocsp parses OCSP responses as specified in RFC 2560.
Package ocsp parses OCSP responses as specified in RFC 2560.
common/crypto/openpgp
Package openpgp implements high level operations on OpenPGP messages.
Package openpgp implements high level operations on OpenPGP messages.
common/crypto/openpgp/armor
Package armor implements OpenPGP ASCII Armor, see RFC 4880.
Package armor implements OpenPGP ASCII Armor, see RFC 4880.
common/crypto/openpgp/clearsign
Package clearsign generates and processes OpenPGP, clear-signed data.
Package clearsign generates and processes OpenPGP, clear-signed data.
common/crypto/openpgp/elgamal
Package elgamal implements ElGamal encryption, suitable for OpenPGP, as specified in "A Public-Key Cryptosystem and a Signature Scheme Based on Discrete Logarithms," IEEE Transactions on Information Theory, v.
Package elgamal implements ElGamal encryption, suitable for OpenPGP, as specified in "A Public-Key Cryptosystem and a Signature Scheme Based on Discrete Logarithms," IEEE Transactions on Information Theory, v.
common/crypto/openpgp/errors
Package errors contains common error types for the OpenPGP packages.
Package errors contains common error types for the OpenPGP packages.
common/crypto/openpgp/packet
Package packet implements parsing and serialization of OpenPGP packets, as specified in RFC 4880.
Package packet implements parsing and serialization of OpenPGP packets, as specified in RFC 4880.
common/crypto/openpgp/s2k
Package s2k implements the various OpenPGP string-to-key transforms as specified in RFC 4800 section 3.7.1.
Package s2k implements the various OpenPGP string-to-key transforms as specified in RFC 4800 section 3.7.1.
common/crypto/otr
Package otr implements the Off The Record protocol as specified in http://www.cypherpunks.ca/otr/Protocol-v2-3.1.0.html
Package otr implements the Off The Record protocol as specified in http://www.cypherpunks.ca/otr/Protocol-v2-3.1.0.html
common/crypto/pbkdf2
Package pbkdf2 implements the key derivation function PBKDF2 as defined in RFC 2898 / PKCS #5 v2.0.
Package pbkdf2 implements the key derivation function PBKDF2 as defined in RFC 2898 / PKCS #5 v2.0.
common/crypto/pkcs12
Package pkcs12 implements some of PKCS#12.
Package pkcs12 implements some of PKCS#12.
common/crypto/pkcs12/internal/rc2
Package rc2 implements the RC2 cipher
Package rc2 implements the RC2 cipher
common/crypto/poly1305
Package poly1305 implements Poly1305 one-time message authentication code as specified in https://cr.yp.to/mac/poly1305-20050329.pdf.
Package poly1305 implements Poly1305 one-time message authentication code as specified in https://cr.yp.to/mac/poly1305-20050329.pdf.
common/crypto/ripemd160
Package ripemd160 implements the RIPEMD-160 hash algorithm.
Package ripemd160 implements the RIPEMD-160 hash algorithm.
common/crypto/salsa20
Package salsa20 implements the Salsa20 stream cipher as specified in https://cr.yp.to/snuffle/spec.pdf.
Package salsa20 implements the Salsa20 stream cipher as specified in https://cr.yp.to/snuffle/spec.pdf.
common/crypto/salsa20/salsa
Package salsa provides low-level access to functions in the Salsa family.
Package salsa provides low-level access to functions in the Salsa family.
common/crypto/scrypt
Package scrypt implements the scrypt key derivation function as defined in Colin Percival's paper "Stronger Key Derivation via Sequential Memory-Hard Functions" (https://www.tarsnap.com/scrypt/scrypt.pdf).
Package scrypt implements the scrypt key derivation function as defined in Colin Percival's paper "Stronger Key Derivation via Sequential Memory-Hard Functions" (https://www.tarsnap.com/scrypt/scrypt.pdf).
common/crypto/sha3
Package sha3 implements the SHA-3 fixed-output-length hash functions and the SHAKE variable-output-length hash functions defined by FIPS-202.
Package sha3 implements the SHA-3 fixed-output-length hash functions and the SHAKE variable-output-length hash functions defined by FIPS-202.
common/crypto/ssh
Package ssh implements an SSH client and server.
Package ssh implements an SSH client and server.
common/crypto/ssh/agent
Package agent implements the ssh-agent protocol, and provides both a client and a server.
Package agent implements the ssh-agent protocol, and provides both a client and a server.
common/crypto/ssh/knownhosts
Package knownhosts implements a parser for the OpenSSH known_hosts host key database, and provides utility functions for writing OpenSSH compliant known_hosts files.
Package knownhosts implements a parser for the OpenSSH known_hosts host key database, and provides utility functions for writing OpenSSH compliant known_hosts files.
common/crypto/ssh/terminal
Package terminal provides support functions for dealing with terminals, as commonly found on UNIX systems.
Package terminal provides support functions for dealing with terminals, as commonly found on UNIX systems.
common/crypto/ssh/test
Package test contains integration tests for the github.com/Psiphon-Labs/psiphon-tunnel-core/psiphon/common/crypto/ssh package.
Package test contains integration tests for the github.com/Psiphon-Labs/psiphon-tunnel-core/psiphon/common/crypto/ssh package.
common/crypto/tea
Package tea implements the TEA algorithm, as defined in Needham and Wheeler's 1994 technical report, “TEA, a Tiny Encryption Algorithm”.
Package tea implements the TEA algorithm, as defined in Needham and Wheeler's 1994 technical report, “TEA, a Tiny Encryption Algorithm”.
common/crypto/twofish
Package twofish implements Bruce Schneier's Twofish encryption algorithm.
Package twofish implements Bruce Schneier's Twofish encryption algorithm.
common/crypto/xtea
Package xtea implements XTEA encryption, as defined in Needham and Wheeler's 1997 technical report, "Tea extensions."
Package xtea implements XTEA encryption, as defined in Needham and Wheeler's 1997 technical report, "Tea extensions."
common/crypto/xts
Package xts implements the XTS cipher mode as specified in IEEE P1619/D16.
Package xts implements the XTS cipher mode as specified in IEEE P1619/D16.
common/osl
Package osl implements the Obfuscated Server List (OSL) mechanism.
Package osl implements the Obfuscated Server List (OSL) mechanism.
common/parameters
Package parameters implements dynamic, concurrency-safe parameters that determine Psiphon client behavior.
Package parameters implements dynamic, concurrency-safe parameters that determine Psiphon client behavior.
common/prng
Package prng implemented a seeded, unbiased PRNG that is suitable for use cases including obfuscation, network jitter, load balancing.
Package prng implemented a seeded, unbiased PRNG that is suitable for use cases including obfuscation, network jitter, load balancing.
common/quic
Package quic wraps github.com/lucas-clemente/quic-go with net.Listener and net.Conn types that provide a drop-in replacement for net.TCPConn.
Package quic wraps github.com/lucas-clemente/quic-go with net.Listener and net.Conn types that provide a drop-in replacement for net.TCPConn.
common/sss
Package sss implements Shamir's Secret Sharing algorithm over GF(2^8).
Package sss implements Shamir's Secret Sharing algorithm over GF(2^8).
common/tactics
Package tactics provides dynamic Psiphon client configuration based on GeoIP attributes, API parameters, and speed test data.
Package tactics provides dynamic Psiphon client configuration based on GeoIP attributes, API parameters, and speed test data.
common/tun
Package tun is an IP packet tunnel server and client.
Package tun is an IP packet tunnel server and client.
common/wildcard
Package wildcard implements a very simple wildcard matcher which supports only the term '*', which matches any sequence of characters.
Package wildcard implements a very simple wildcard matcher which supports only the term '*', which matches any sequence of characters.
server
Package server implements the core tunnel functionality of a Psiphon server.
Package server implements the core tunnel functionality of a Psiphon server.
server/psinet
Package psinet implements psinet database services.
Package psinet implements psinet database services.
transferstats
Package transferstats counts and keeps track of session stats.
Package transferstats counts and keeps track of session stats.
upstreamproxy/go-ntlm/ntlm
Package NTLM implements the interfaces used for interacting with NTLMv1 and NTLMv2.
Package NTLM implements the interfaces used for interacting with NTLMv1 and NTLMv2.
upstreamproxy/go-ntlm/ntlm/md4
Package md4 implements the MD4 hash algorithm as defined in RFC 1320.
Package md4 implements the MD4 hash algorithm as defined in RFC 1320.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL