Rename ClientParameters to Parameters

ClientLibrary/clientlib/clientlib.go

@@ -81,9 +81,9 @@ type PsiphonTunnel struct {
 	SOCKSProxyPort int
 }
 
-// ClientParametersDelta allows for fine-grained modification of parameters.ClientParameters.
+// ParametersDelta allows for fine-grained modification of parameters.Parameters.
 // NOTE: Ordinary users of this library should never need this.
-type ClientParametersDelta map[string]interface{}
+type ParametersDelta map[string]interface{}
 
 // NoticeEvent represents the notices emitted by tunnel core. It will be passed to
 // noticeReceiver, if supplied.
@@ -110,14 +110,14 @@ var ErrTimeout = std_errors.New("clientlib: tunnel establishment timeout")
 //
 // params are config values that typically need to be overridden at runtime.
 //
-// paramsDelta contains changes that will be applied to the ClientParameters.
+// paramsDelta contains changes that will be applied to the Parameters.
 // NOTE: Ordinary users of this library should never need this and should pass nil.
 //
 // noticeReceiver, if non-nil, will be called for each notice emitted by tunnel core.
 // NOTE: Ordinary users of this library should never need this and should pass nil.
 func StartTunnel(ctx context.Context,
 	configJSON []byte, embeddedServerEntryList string,
-	params Parameters, paramsDelta ClientParametersDelta,
+	params Parameters, paramsDelta ParametersDelta,
 	noticeReceiver func(NoticeEvent)) (tunnel *PsiphonTunnel, retErr error) {
 
 	config, err := psiphon.LoadConfig(configJSON)
@@ -154,19 +154,19 @@ func StartTunnel(ctx context.Context,
 		}
 	} // else use the value in the config
 
-	// config.Commit must be called before calling config.SetClientParameters
+	// config.Commit must be called before calling config.SetParameters
 	// or attempting to connect.
 	err = config.Commit(true)
 	if err != nil {
 		return nil, errors.TraceMsg(err, "config.Commit failed")
 	}
 
-	// If supplied, apply the client parameters delta
+	// If supplied, apply the parameters delta
 	if len(paramsDelta) > 0 {
-		err = config.SetClientParameters("", false, paramsDelta)
+		err = config.SetParameters("", false, paramsDelta)
 		if err != nil {
 			return nil, errors.TraceMsg(
-				err, fmt.Sprintf("SetClientParameters failed for delta: %v", paramsDelta))
+				err, fmt.Sprintf("SetParameters failed for delta: %v", paramsDelta))
 		}
 	}
 

ClientLibrary/clientlib/clientlib_test.go

@@ -85,7 +85,7 @@ func TestStartTunnel(t *testing.T) {
 		configJSON              []byte
 		embeddedServerEntryList string
 		params                  Parameters
-		paramsDelta             ClientParametersDelta
+		paramsDelta             ParametersDelta
 		noticeReceiver          func(NoticeEvent)
 	}
 	tests := []struct {

psiphon/common/fragmentor/fragmentor.go

@@ -58,19 +58,19 @@ type Config struct {
 // NewUpstreamConfig creates a new Config; may return nil. Specifying the PRNG
 // seed allows for optional replay of a fragmentor sequence.
 func NewUpstreamConfig(
-	p parameters.ClientParametersAccessor, tunnelProtocol string, seed *prng.Seed) *Config {
+	p parameters.ParametersAccessor, tunnelProtocol string, seed *prng.Seed) *Config {
 	return newConfig(p, true, tunnelProtocol, seed)
 }
 
 // NewDownstreamConfig creates a new Config; may return nil. Specifying the
 // PRNG seed allows for optional replay of a fragmentor sequence.
 func NewDownstreamConfig(
-	p parameters.ClientParametersAccessor, tunnelProtocol string, seed *prng.Seed) *Config {
+	p parameters.ParametersAccessor, tunnelProtocol string, seed *prng.Seed) *Config {
 	return newConfig(p, false, tunnelProtocol, seed)
 }
 
 func newConfig(
-	p parameters.ClientParametersAccessor,
+	p parameters.ParametersAccessor,
 	isUpstream bool,
 	tunnelProtocol string,
 	seed *prng.Seed) *Config {

psiphon/common/fragmentor/fragmentor_test.go

@@ -58,11 +58,11 @@ func TestFragmentor(t *testing.T) {
 	minDelay := 2 * time.Millisecond
 	maxDelay := 2 * time.Millisecond
 
-	clientParameters, err := parameters.NewClientParameters(nil)
+	params, err := parameters.NewParameters(nil)
 	if err != nil {
-		t.Fatalf("parameters.NewClientParameters failed: %s", err)
+		t.Fatalf("parameters.NewParameters failed: %s", err)
 	}
-	_, err = clientParameters.Set("", false, map[string]interface{}{
+	_, err = params.Set("", false, map[string]interface{}{
 		"FragmentorProbability":              1.0,
 		"FragmentorLimitProtocols":           protocol.TunnelProtocols{tunnelProtocol},
 		"FragmentorMinTotalBytes":            bytesToFragment,
@@ -81,7 +81,7 @@ func TestFragmentor(t *testing.T) {
 		"FragmentorDownstreamMaxDelay":       maxDelay,
 	})
 	if err != nil {
-		t.Fatalf("ClientParameters.Set failed: %s", err)
+		t.Fatalf("parameters.Parameters.Set failed: %s", err)
 	}
 
 	testGroup, testCtx := errgroup.WithContext(context.Background())
@@ -93,7 +93,7 @@ func TestFragmentor(t *testing.T) {
 			return errors.Trace(err)
 		}
 		fragConn := NewConn(
-			NewDownstreamConfig(clientParameters.Get(), tunnelProtocol, nil),
+			NewDownstreamConfig(params.Get(), tunnelProtocol, nil),
 			func(message string) { t.Logf(message) },
 			conn)
 		defer fragConn.Close()
@@ -137,7 +137,7 @@ func TestFragmentor(t *testing.T) {
 			return errors.Trace(err)
 		}
 		fragConn := NewConn(
-			NewUpstreamConfig(clientParameters.Get(), tunnelProtocol, seed),
+			NewUpstreamConfig(params.Get(), tunnelProtocol, seed),
 			func(message string) { t.Logf(message) },
 			conn)
 		defer fragConn.Close()

psiphon/common/parameters/clientParameters.go → psiphon/common/parameters/parameters.go

@@ -19,19 +19,20 @@
 
 /*
 Package parameters implements dynamic, concurrency-safe parameters that
-determine Psiphon client behavior.
+determine Psiphon client and server behaviors.
 
 Parameters include network timeouts, probabilities for actions, lists of
 protocols, etc. Parameters are initialized with reasonable defaults. New
-values may be applied, allowing the client to customized its parameters from
-both a config file and tactics data. Sane minimum values are enforced.
+values may be applied, allowing the client or server to customize its
+parameters from both a config file and tactics data. Sane minimum values are
+enforced.
 
 Parameters may be read and updated concurrently. The read mechanism offers a
 snapshot so that related parameters, such as two Ints representing a range; or
 a more complex series of related parameters; may be read in an atomic and
 consistent way. For example:
 
-    p := clientParameters.Get()
+    p := params.Get()
     min := p.Int("Min")
     max := p.Int("Max")
     p = nil
@@ -40,8 +41,8 @@ For long-running operations, it is recommended to set any pointer to the
 snapshot to nil to allow garbage collection of old snaphots in cases where the
 parameters change.
 
-In general, client parameters should be read as close to the point of use as
-possible to ensure that dynamic changes to the parameter values take effect.
+In general, parameters should be read as close to the point of use as possible
+to ensure that dynamic changes to the parameter values take effect.
 
 For duration parameters, time.ParseDuration-compatible string values are
 supported when applying new values. This allows specifying durations as, for
@@ -264,8 +265,8 @@ const (
 	serverSideOnly              = 2
 )
 
-// defaultClientParameters specifies the type, default value, and minimum
-// value for all dynamically configurable client parameters.
+// defaultParameters specifies the type, default value, and minimum value for
+// all dynamically configurable client and server parameters.
 //
 // Do not change the names or types of existing values, as that can break
 // client logic or cause parameters to not be applied.
@@ -273,7 +274,7 @@ const (
 // Minimum values are a fail-safe for cases where lower values would break the
 // client logic. For example, setting a ConnectionWorkerPoolSize of 0 would
 // make the client never connect.
-var defaultClientParameters = map[string]struct {
+var defaultParameters = map[string]struct {
 	value   interface{}
 	minimum interface{}
 	flags   int32
@@ -539,42 +540,42 @@ var defaultClientParameters = map[string]struct {
 // IsServerSideOnly indicates if the parameter specified by name is used
 // server-side only.
 func IsServerSideOnly(name string) bool {
-	defaultParameter, ok := defaultClientParameters[name]
+	defaultParameter, ok := defaultParameters[name]
 	return ok && (defaultParameter.flags&serverSideOnly) != 0
 }
 
-// ClientParameters is a set of client parameters. To use the parameters, call
-// Get. To apply new values to the parameters, call Set.
-type ClientParameters struct {
+// Parameters is a set of parameters. To use the parameters, call Get. To
+// apply new values to the parameters, call Set.
+type Parameters struct {
 	getValueLogger func(error)
 	snapshot       atomic.Value
 }
 
-// NewClientParameters initializes a new ClientParameters with the default
-// parameter values.
+// NewParameters initializes a new Parameters with the default parameter
+// values.
 //
 // getValueLogger is optional, and is used to report runtime errors with
 // getValue; see comment in getValue.
-func NewClientParameters(
-	getValueLogger func(error)) (*ClientParameters, error) {
+func NewParameters(
+	getValueLogger func(error)) (*Parameters, error) {
 
-	clientParameters := &ClientParameters{
+	parameters := &Parameters{
 		getValueLogger: getValueLogger,
 	}
 
-	_, err := clientParameters.Set("", false)
+	_, err := parameters.Set("", false)
 	if err != nil {
 		return nil, errors.Trace(err)
 	}
 
-	return clientParameters, nil
+	return parameters, nil
 }
 
 func makeDefaultParameters() (map[string]interface{}, error) {
 
 	parameters := make(map[string]interface{})
 
-	for name, defaults := range defaultClientParameters {
+	for name, defaults := range defaultParameters {
 
 		if defaults.value == nil {
 			return nil, errors.Tracef("default parameter missing value: %s", name)
@@ -613,7 +614,7 @@ func makeDefaultParameters() (map[string]interface{}, error) {
 //
 // For use in logging, Set returns a count of the number of parameters applied
 // from each applyParameters.
-func (p *ClientParameters) Set(
+func (p *Parameters) Set(
 	tag string, skipOnError bool, applyParameters ...map[string]interface{}) ([]int, error) {
 
 	makeTypedValue := func(templateValue, value interface{}) (interface{}, error) {
@@ -837,23 +838,23 @@ func (p *ClientParameters) Set(
 				}
 			}
 
-			// Enforce any minimums. Assumes defaultClientParameters[name]
+			// Enforce any minimums. Assumes defaultParameters[name]
 			// exists.
-			if defaultClientParameters[name].minimum != nil {
+			if defaultParameters[name].minimum != nil {
 				valid := true
 				switch v := newValue.(type) {
 				case int:
-					m, ok := defaultClientParameters[name].minimum.(int)
+					m, ok := defaultParameters[name].minimum.(int)
 					if !ok || v < m {
 						valid = false
 					}
 				case float64:
-					m, ok := defaultClientParameters[name].minimum.(float64)
+					m, ok := defaultParameters[name].minimum.(float64)
 					if !ok || v < m {
 						valid = false
 					}
 				case time.Duration:
-					m, ok := defaultClientParameters[name].minimum.(time.Duration)
+					m, ok := defaultParameters[name].minimum.(time.Duration)
 					if !ok || v < m {
 						valid = false
 					}
@@ -879,7 +880,7 @@ func (p *ClientParameters) Set(
 		counts = append(counts, count)
 	}
 
-	snapshot := &clientParametersSnapshot{
+	snapshot := &parametersSnapshot{
 		getValueLogger: p.getValueLogger,
 		tag:            tag,
 		parameters:     parameters,
@@ -895,15 +896,15 @@ func (p *ClientParameters) Set(
 // Values read from the current parameters are not deep copies and must be
 // treated read-only.
 //
-// The returned ClientParametersAccessor may be used to read multiple related
-// values atomically and consistently while the current set of values in
-// ClientParameters may change concurrently.
+// The returned ParametersAccessor may be used to read multiple related values
+// atomically and consistently while the current set of values in Parameters
+// may change concurrently.
 //
 // Get does not perform any heap allocations and is intended for repeated,
 // direct, low-overhead invocations.
-func (p *ClientParameters) Get() ClientParametersAccessor {
-	return ClientParametersAccessor{
-		snapshot: p.snapshot.Load().(*clientParametersSnapshot)}
+func (p *Parameters) Get() ParametersAccessor {
+	return ParametersAccessor{
+		snapshot: p.snapshot.Load().(*parametersSnapshot)}
 }
 
 // GetCustom returns the current parameters while also setting customizations
@@ -917,20 +918,20 @@ func (p *ClientParameters) Get() ClientParametersAccessor {
 // - customNetworkLatencyMultiplier, which overrides NetworkLatencyMultiplier
 //   for this instance only.
 //
-func (p *ClientParameters) GetCustom(
-	customNetworkLatencyMultiplier float64) ClientParametersAccessor {
+func (p *Parameters) GetCustom(
+	customNetworkLatencyMultiplier float64) ParametersAccessor {
 
-	return ClientParametersAccessor{
-		snapshot:                       p.snapshot.Load().(*clientParametersSnapshot),
+	return ParametersAccessor{
+		snapshot:                       p.snapshot.Load().(*parametersSnapshot),
 		customNetworkLatencyMultiplier: customNetworkLatencyMultiplier,
 	}
 }
 
-// clientParametersSnapshot is an atomic snapshot of the client parameter
-// values. ClientParameters.Get will return a snapshot which may be used to
-// read multiple related values atomically and consistently while the current
-// snapshot in ClientParameters may change concurrently.
-type clientParametersSnapshot struct {
+// parametersSnapshot is an atomic snapshot of the parameter values.
+// Parameters.Get will return a snapshot which may be used to read multiple
+// related values atomically and consistently while the current snapshot in
+// Parameters may change concurrently.
+type parametersSnapshot struct {
 	getValueLogger func(error)
 	tag            string
 	parameters     map[string]interface{}
@@ -942,13 +943,13 @@ type clientParametersSnapshot struct {
 // type of target points to does not match the value.
 //
 // Any of these conditions would be a bug in the caller. getValue does not
-// panic in these cases as the client is deployed as a library in various apps
+// panic in these cases as clients are deployed as a library in various apps
 // and the failure of Psiphon may not be a failure for the app process.
 //
 // Instead, errors are logged to the getValueLogger and getValue leaves the
 // target unset, which will result in the caller getting and using a zero
 // value of the requested type.
-func (p *clientParametersSnapshot) getValue(name string, target interface{}) {
+func (p *parametersSnapshot) getValue(name string, target interface{}) {
 
 	value, ok := p.parameters[name]
 	if !ok {
@@ -983,76 +984,73 @@ func (p *clientParametersSnapshot) getValue(name string, target interface{}) {
 	targetValue.Elem().Set(reflect.ValueOf(value))
 }
 
-// ClientParametersAccessor provides consistent, atomic access to client
-// parameter values. Any customizations are applied transparently.
-type ClientParametersAccessor struct {
-	snapshot                       *clientParametersSnapshot
+// ParametersAccessor provides consistent, atomic access to  parameter values.
+// Any customizations are applied transparently.
+type ParametersAccessor struct {
+	snapshot                       *parametersSnapshot
 	customNetworkLatencyMultiplier float64
 }
 
-// MakeNilClientParametersAccessor produces a stub ClientParametersAccessor
-// which returns true for IsNil. This may be used where a
-// ClientParametersAccessor value is required, but ClientParameters.Get may
-// not succeed. In contexts where MakeNilClientParametersAccessor may be used,
-// calls to ClientParametersAccessor must first check IsNil before calling
-// accessor functions.
-func MakeNilClientParametersAccessor() ClientParametersAccessor {
-	return ClientParametersAccessor{}
+// MakeNilParametersAccessor produces a stub ParametersAccessor which returns
+// true for IsNil. This may be used where a ParametersAccessor value is
+// required, but Parameters.Get may not succeed. In contexts where
+// MakeNilParametersAccessor may be used, calls to ParametersAccessor must
+// first check IsNil before calling accessor functions.
+func MakeNilParametersAccessor() ParametersAccessor {
+	return ParametersAccessor{}
 }
 
-// IsNil indicates that this ClientParametersAccessor is a stub and its
-// accessor functions may not be called. A ClientParametersAccessor produced
-// by ClientParameters.Get will never return true for IsNil and IsNil guards
-// are not required for ClientParametersAccessors known to be produced by
-// ClientParameters.Get.
-func (p ClientParametersAccessor) IsNil() bool {
+// IsNil indicates that this ParametersAccessor is a stub and its accessor
+// functions may not be called. A ParametersAccessor produced by
+// Parameters.Get will never return true for IsNil and IsNil guards are not
+// required for ParametersAccessors known to be produced by Parameters.Get.
+func (p ParametersAccessor) IsNil() bool {
 	return p.snapshot == nil
 }
 
 // Close clears internal references to large memory objects, allowing them to
-// be garbage collected. Call Close when done using a
-// ClientParametersAccessor, where memory footprint is a concern, and where
-// the ClientParametersAccessor is not immediately going out of scope. After
-// Close is called, all other ClientParametersAccessor functions will panic if
-// called.
-func (p ClientParametersAccessor) Close() {
+// be garbage collected. Call Close when done using a ParametersAccessor,
+// where memory footprint is a concern, and where the ParametersAccessor is
+// not immediately going out of scope. After Close is called, all other
+// ParametersAccessor functions will panic if called.
+func (p ParametersAccessor) Close() {
 	p.snapshot = nil
 }
 
 // Tag returns the tag associated with these parameters.
-func (p ClientParametersAccessor) Tag() string {
+func (p ParametersAccessor) Tag() string {
 	return p.snapshot.tag
 }
 
 // String returns a string parameter value.
-func (p ClientParametersAccessor) String(name string) string {
+func (p ParametersAccessor) String(name string) string {
 	value := ""
 	p.snapshot.getValue(name, &value)
 	return value
 }
 
-func (p ClientParametersAccessor) Strings(name string) []string {
+func (p ParametersAccessor) Strings(name string) []string {
 	value := []string{}
 	p.snapshot.getValue(name, &value)
 	return value
 }
 
 // Int returns an int parameter value.
-func (p ClientParametersAccessor) Int(name string) int {
+func (p ParametersAccessor) Int(name string) int {
 	value := int(0)
 	p.snapshot.getValue(name, &value)
 	return value
 }
 
 // Bool returns a bool parameter value.
-func (p ClientParametersAccessor) Bool(name string) bool {
+func (p ParametersAccessor) Bool(name string) bool {
 	value := false
 	p.snapshot.getValue(name, &value)
 	return value
 }
 
 // Float returns a float64 parameter value.
-func (p ClientParametersAccessor) Float(name string) float64 {
+func (p ParametersAccessor) Float(name string) float64 {
 	value := float64(0.0)
 	p.snapshot.getValue(name, &value)
 	return value
@@ -1060,7 +1058,7 @@ func (p ClientParametersAccessor) Float(name string) float64 {
 
 // WeightedCoinFlip returns the result of prng.FlipWeightedCoin using the
 // specified float parameter as the probability input.
-func (p ClientParametersAccessor) WeightedCoinFlip(name string) bool {
+func (p ParametersAccessor) WeightedCoinFlip(name string) bool {
 	var value float64
 	p.snapshot.getValue(name, &value)
 	return prng.FlipWeightedCoin(value)
@@ -1069,11 +1067,11 @@ func (p ClientParametersAccessor) WeightedCoinFlip(name string) bool {
 // Duration returns a time.Duration parameter value. When the duration
 // parameter has the useNetworkLatencyMultiplier flag, the
 // NetworkLatencyMultiplier is applied to the returned value.
-func (p ClientParametersAccessor) Duration(name string) time.Duration {
+func (p ParametersAccessor) Duration(name string) time.Duration {
 	value := time.Duration(0)
 	p.snapshot.getValue(name, &value)
 
-	defaultParameter, ok := defaultClientParameters[name]
+	defaultParameter, ok := defaultParameters[name]
 	if value > 0 && ok && defaultParameter.flags&useNetworkLatencyMultiplier != 0 {
 
 		multiplier := float64(0.0)
@@ -1097,7 +1095,7 @@ func (p ClientParametersAccessor) Duration(name string) time.Duration {
 // If there is a corresponding Probability value, a weighted coin flip
 // will be performed and, depending on the result, the value or the
 // parameter default will be returned.
-func (p ClientParametersAccessor) TunnelProtocols(name string) protocol.TunnelProtocols {
+func (p ParametersAccessor) TunnelProtocols(name string) protocol.TunnelProtocols {
 
 	probabilityName := name + "Probability"
 	_, ok := p.snapshot.parameters[probabilityName]
@@ -1105,7 +1103,7 @@ func (p ClientParametersAccessor) TunnelProtocols(name string) protocol.TunnelPr
 		probabilityValue := float64(1.0)
 		p.snapshot.getValue(probabilityName, &probabilityValue)
 		if !prng.FlipWeightedCoin(probabilityValue) {
-			defaultParameter, ok := defaultClientParameters[name]
+			defaultParameter, ok := defaultParameters[name]
 			if ok {
 				defaultValue, ok := defaultParameter.value.(protocol.TunnelProtocols)
 				if ok {
@@ -1126,7 +1124,7 @@ func (p ClientParametersAccessor) TunnelProtocols(name string) protocol.TunnelPr
 // If there is a corresponding Probability value, a weighted coin flip
 // will be performed and, depending on the result, the value or the
 // parameter default will be returned.
-func (p ClientParametersAccessor) TLSProfiles(name string) protocol.TLSProfiles {
+func (p ParametersAccessor) TLSProfiles(name string) protocol.TLSProfiles {
 
 	probabilityName := name + "Probability"
 	_, ok := p.snapshot.parameters[probabilityName]
@@ -1134,7 +1132,7 @@ func (p ClientParametersAccessor) TLSProfiles(name string) protocol.TLSProfiles
 		probabilityValue := float64(1.0)
 		p.snapshot.getValue(probabilityName, &probabilityValue)
 		if !prng.FlipWeightedCoin(probabilityValue) {
-			defaultParameter, ok := defaultClientParameters[name]
+			defaultParameter, ok := defaultParameters[name]
 			if ok {
 				defaultValue, ok := defaultParameter.value.(protocol.TLSProfiles)
 				if ok {
@@ -1154,7 +1152,7 @@ func (p ClientParametersAccessor) TLSProfiles(name string) protocol.TLSProfiles
 // LabeledTLSProfiles returns a protocol.TLSProfiles parameter value
 // corresponding to the specified labeled set and label value. The return
 // value is nil when no set is found.
-func (p ClientParametersAccessor) LabeledTLSProfiles(name, label string) protocol.TLSProfiles {
+func (p ParametersAccessor) LabeledTLSProfiles(name, label string) protocol.TLSProfiles {
 	var value protocol.LabeledTLSProfiles
 	p.snapshot.getValue(name, &value)
 	return value[label]
@@ -1164,7 +1162,7 @@ func (p ClientParametersAccessor) LabeledTLSProfiles(name, label string) protoco
 // If there is a corresponding Probability value, a weighted coin flip
 // will be performed and, depending on the result, the value or the
 // parameter default will be returned.
-func (p ClientParametersAccessor) QUICVersions(name string) protocol.QUICVersions {
+func (p ParametersAccessor) QUICVersions(name string) protocol.QUICVersions {
 
 	probabilityName := name + "Probability"
 	_, ok := p.snapshot.parameters[probabilityName]
@@ -1172,7 +1170,7 @@ func (p ClientParametersAccessor) QUICVersions(name string) protocol.QUICVersion
 		probabilityValue := float64(1.0)
 		p.snapshot.getValue(probabilityName, &probabilityValue)
 		if !prng.FlipWeightedCoin(probabilityValue) {
-			defaultParameter, ok := defaultClientParameters[name]
+			defaultParameter, ok := defaultParameters[name]
 			if ok {
 				defaultValue, ok := defaultParameter.value.(protocol.QUICVersions)
 				if ok {
@@ -1192,28 +1190,28 @@ func (p ClientParametersAccessor) QUICVersions(name string) protocol.QUICVersion
 // LabeledQUICVersions returns a protocol.QUICVersions parameter value
 // corresponding to the specified labeled set and label value. The return
 // value is nil when no set is found.
-func (p ClientParametersAccessor) LabeledQUICVersions(name, label string) protocol.QUICVersions {
+func (p ParametersAccessor) LabeledQUICVersions(name, label string) protocol.QUICVersions {
 	value := protocol.LabeledQUICVersions{}
 	p.snapshot.getValue(name, &value)
 	return value[label]
 }
 
 // TransferURLs returns a TransferURLs parameter value.
-func (p ClientParametersAccessor) TransferURLs(name string) TransferURLs {
+func (p ParametersAccessor) TransferURLs(name string) TransferURLs {
 	value := TransferURLs{}
 	p.snapshot.getValue(name, &value)
 	return value
 }
 
 // RateLimits returns a common.RateLimits parameter value.
-func (p ClientParametersAccessor) RateLimits(name string) common.RateLimits {
+func (p ParametersAccessor) RateLimits(name string) common.RateLimits {
 	value := common.RateLimits{}
 	p.snapshot.getValue(name, &value)
 	return value
 }
 
 // HTTPHeaders returns an http.Header parameter value.
-func (p ClientParametersAccessor) HTTPHeaders(name string) http.Header {
+func (p ParametersAccessor) HTTPHeaders(name string) http.Header {
 	value := make(http.Header)
 	p.snapshot.getValue(name, &value)
 	return value
@@ -1221,7 +1219,7 @@ func (p ClientParametersAccessor) HTTPHeaders(name string) http.Header {
 
 // CustomTLSProfileNames returns the CustomTLSProfile.Name fields for
 // each profile in the CustomTLSProfiles parameter value.
-func (p ClientParametersAccessor) CustomTLSProfileNames() []string {
+func (p ParametersAccessor) CustomTLSProfileNames() []string {
 	value := protocol.CustomTLSProfiles{}
 	p.snapshot.getValue(CustomTLSProfiles, &value)
 	names := make([]string, len(value))
@@ -1234,7 +1232,7 @@ func (p ClientParametersAccessor) CustomTLSProfileNames() []string {
 // CustomTLSProfile returns the CustomTLSProfile fields with the specified
 // Name field if it exists in the CustomTLSProfiles parameter value.
 // Returns nil if not found.
-func (p ClientParametersAccessor) CustomTLSProfile(name string) *protocol.CustomTLSProfile {
+func (p ParametersAccessor) CustomTLSProfile(name string) *protocol.CustomTLSProfile {
 	value := protocol.CustomTLSProfiles{}
 	p.snapshot.getValue(CustomTLSProfiles, &value)
 
@@ -1249,7 +1247,7 @@ func (p ClientParametersAccessor) CustomTLSProfile(name string) *protocol.Custom
 }
 
 // KeyValues returns a KeyValues parameter value.
-func (p ClientParametersAccessor) KeyValues(name string) KeyValues {
+func (p ParametersAccessor) KeyValues(name string) KeyValues {
 	value := KeyValues{}
 	p.snapshot.getValue(name, &value)
 	return value
@@ -1258,7 +1256,7 @@ func (p ClientParametersAccessor) KeyValues(name string) KeyValues {
 // BPFProgram returns an assembled BPF program corresponding to a
 // BPFProgramSpec parameter value. Returns nil in the case of any empty
 // program.
-func (p ClientParametersAccessor) BPFProgram(name string) (bool, string, []bpf.RawInstruction) {
+func (p ParametersAccessor) BPFProgram(name string) (bool, string, []bpf.RawInstruction) {
 	var value *BPFProgramSpec
 	p.snapshot.getValue(name, &value)
 	if value == nil {
@@ -1270,14 +1268,14 @@ func (p ClientParametersAccessor) BPFProgram(name string) (bool, string, []bpf.R
 }
 
 // PacketManipulationSpecs returns a PacketManipulationSpecs parameter value.
-func (p ClientParametersAccessor) PacketManipulationSpecs(name string) PacketManipulationSpecs {
+func (p ParametersAccessor) PacketManipulationSpecs(name string) PacketManipulationSpecs {
 	value := PacketManipulationSpecs{}
 	p.snapshot.getValue(name, &value)
 	return value
 }
 
 // ProtocolPacketManipulations returns a ProtocolPacketManipulations parameter value.
-func (p ClientParametersAccessor) ProtocolPacketManipulations(name string) ProtocolPacketManipulations {
+func (p ParametersAccessor) ProtocolPacketManipulations(name string) ProtocolPacketManipulations {
 	value := make(ProtocolPacketManipulations)
 	p.snapshot.getValue(name, &value)
 	return value

psiphon/common/parameters/clientParameters_test.go → psiphon/common/parameters/parameters_test.go

@@ -32,12 +32,12 @@ import (
 
 func TestGetDefaultParameters(t *testing.T) {
 
-	p, err := NewClientParameters(nil)
+	p, err := NewParameters(nil)
 	if err != nil {
-		t.Fatalf("NewClientParameters failed: %s", err)
+		t.Fatalf("NewParameters failed: %s", err)
 	}
 
-	for name, defaults := range defaultClientParameters {
+	for name, defaults := range defaultParameters {
 		switch v := defaults.value.(type) {
 		case string:
 			g := p.Get().String(name)
@@ -149,12 +149,12 @@ func TestGetValueLogger(t *testing.T) {
 
 	loggerCalled := false
 
-	p, err := NewClientParameters(
+	p, err := NewParameters(
 		func(error) {
 			loggerCalled = true
 		})
 	if err != nil {
-		t.Fatalf("NewClientParameters failed: %s", err)
+		t.Fatalf("NewParameters failed: %s", err)
 	}
 
 	p.Get().Int("unknown-parameter-name")
@@ -170,20 +170,20 @@ func TestOverrides(t *testing.T) {
 	applyParameters := make(map[string]interface{})
 
 	// Below minimum, should not apply
-	defaultConnectionWorkerPoolSize := defaultClientParameters[ConnectionWorkerPoolSize].value.(int)
-	minimumConnectionWorkerPoolSize := defaultClientParameters[ConnectionWorkerPoolSize].minimum.(int)
+	defaultConnectionWorkerPoolSize := defaultParameters[ConnectionWorkerPoolSize].value.(int)
+	minimumConnectionWorkerPoolSize := defaultParameters[ConnectionWorkerPoolSize].minimum.(int)
 	newConnectionWorkerPoolSize := minimumConnectionWorkerPoolSize - 1
 	applyParameters[ConnectionWorkerPoolSize] = newConnectionWorkerPoolSize
 
 	// Above minimum, should apply
-	defaultInitialLimitTunnelProtocolsCandidateCount := defaultClientParameters[InitialLimitTunnelProtocolsCandidateCount].value.(int)
-	minimumInitialLimitTunnelProtocolsCandidateCount := defaultClientParameters[InitialLimitTunnelProtocolsCandidateCount].minimum.(int)
+	defaultInitialLimitTunnelProtocolsCandidateCount := defaultParameters[InitialLimitTunnelProtocolsCandidateCount].value.(int)
+	minimumInitialLimitTunnelProtocolsCandidateCount := defaultParameters[InitialLimitTunnelProtocolsCandidateCount].minimum.(int)
 	newInitialLimitTunnelProtocolsCandidateCount := minimumInitialLimitTunnelProtocolsCandidateCount + 1
 	applyParameters[InitialLimitTunnelProtocolsCandidateCount] = newInitialLimitTunnelProtocolsCandidateCount
 
-	p, err := NewClientParameters(nil)
+	p, err := NewParameters(nil)
 	if err != nil {
-		t.Fatalf("NewClientParameters failed: %s", err)
+		t.Fatalf("NewParameters failed: %s", err)
 	}
 
 	// No skip on error; should fail and not apply any changes
@@ -230,9 +230,9 @@ func TestOverrides(t *testing.T) {
 }
 
 func TestNetworkLatencyMultiplier(t *testing.T) {
-	p, err := NewClientParameters(nil)
+	p, err := NewParameters(nil)
 	if err != nil {
-		t.Fatalf("NewClientParameters failed: %s", err)
+		t.Fatalf("NewParameters failed: %s", err)
 	}
 
 	timeout1 := p.Get().Duration(TunnelConnectTimeout)
@@ -252,9 +252,9 @@ func TestNetworkLatencyMultiplier(t *testing.T) {
 }
 
 func TestCustomNetworkLatencyMultiplier(t *testing.T) {
-	p, err := NewClientParameters(nil)
+	p, err := NewParameters(nil)
 	if err != nil {
-		t.Fatalf("NewClientParameters failed: %s", err)
+		t.Fatalf("NewParameters failed: %s", err)
 	}
 
 	timeout1 := p.Get().Duration(TunnelConnectTimeout)
@@ -274,9 +274,9 @@ func TestCustomNetworkLatencyMultiplier(t *testing.T) {
 }
 
 func TestLimitTunnelProtocolProbability(t *testing.T) {
-	p, err := NewClientParameters(nil)
+	p, err := NewParameters(nil)
 	if err != nil {
-		t.Fatalf("NewClientParameters failed: %s", err)
+		t.Fatalf("NewParameters failed: %s", err)
 	}
 
 	// Default probability should be 1.0 and always return tunnelProtocols
@@ -330,9 +330,9 @@ func TestLimitTunnelProtocolProbability(t *testing.T) {
 }
 
 func TestLabeledLists(t *testing.T) {
-	p, err := NewClientParameters(nil)
+	p, err := NewParameters(nil)
 	if err != nil {
-		t.Fatalf("NewClientParameters failed: %s", err)
+		t.Fatalf("NewParameters failed: %s", err)
 	}
 
 	tlsProfiles := make(protocol.TLSProfiles, 0)
@@ -381,9 +381,9 @@ func TestLabeledLists(t *testing.T) {
 }
 
 func TestCustomTLSProfiles(t *testing.T) {
-	p, err := NewClientParameters(nil)
+	p, err := NewParameters(nil)
 	if err != nil {
-		t.Fatalf("NewClientParameters failed: %s", err)
+		t.Fatalf("NewParameters failed: %s", err)
 	}
 
 	customTLSProfiles := protocol.CustomTLSProfiles{
@@ -449,9 +449,9 @@ func TestApplicationParameters(t *testing.T) {
 		t.Fatalf("Unmarshal failed: %s", err)
 	}
 
-	p, err := NewClientParameters(nil)
+	p, err := NewParameters(nil)
 	if err != nil {
-		t.Fatalf("NewClientParameters failed: %s", err)
+		t.Fatalf("NewParameters failed: %s", err)
 	}
 
 	_, err = p.Set("", false, applyParameters)

psiphon/common/tactics/tactics.go

@@ -106,11 +106,11 @@ the handshake request parameters with tactics inputs, and calls
 HandleTacticsPayload to process the tactics payload in the handshake response.
 
 The core tactics data is custom values for a subset of the parameters in
-parameters.ClientParameters. A client takes the default ClientParameters,
-applies any custom values set in its config file, and then applies any stored or
-received tactics. Each time the tactics changes, this process is repeated so
-that obsolete tactics parameters are not retained in the client's
-ClientParameters instance.
+parameters.Parameters. A client takes the default Parameters, applies any
+custom values set in its config file, and then applies any stored or received
+tactics. Each time the tactics changes, this process is repeated so that
+obsolete tactics parameters are not retained in the client's Parameters
+instance.
 
 Tactics has a probability parameter that is used in a weighted coin flip to
 determine if the tactics is to be applied or skipped for the current client
@@ -516,12 +516,12 @@ func (server *Server) Validate() error {
 			return errors.TraceNew("invalid probability")
 		}
 
-		clientParameters, err := parameters.NewClientParameters(nil)
+		params, err := parameters.NewParameters(nil)
 		if err != nil {
 			return errors.Trace(err)
 		}
 
-		_, err = clientParameters.Set("", false, tactics.Parameters)
+		_, err = params.Set("", false, tactics.Parameters)
 		if err != nil {
 			return errors.Trace(err)
 		}
@@ -796,19 +796,19 @@ func (server *Server) GetTactics(
 }
 
 // TODO: refactor this copy of psiphon/server.getStringRequestParam into common?
-func getStringRequestParam(params common.APIParameters, name string) (string, error) {
-	if params[name] == nil {
+func getStringRequestParam(apiParams common.APIParameters, name string) (string, error) {
+	if apiParams[name] == nil {
 		return "", errors.Tracef("missing param: %s", name)
 	}
-	value, ok := params[name].(string)
+	value, ok := apiParams[name].(string)
 	if !ok {
 		return "", errors.Tracef("invalid param: %s", name)
 	}
 	return value, nil
 }
 
-func getJSONRequestParam(params common.APIParameters, name string, value interface{}) error {
-	if params[name] == nil {
+func getJSONRequestParam(apiParams common.APIParameters, name string, value interface{}) error {
+	if apiParams[name] == nil {
 		return errors.Tracef("missing param: %s", name)
 	}
 
@@ -817,7 +817,7 @@ func getJSONRequestParam(params common.APIParameters, name string, value interfa
 	// unmarhsal-into-struct, common.APIParameters will have an unmarshal-into-interface
 	// value as described here: https://golang.org/pkg/encoding/json/#Unmarshal.
 
-	jsonValue, err := json.Marshal(params[name])
+	jsonValue, err := json.Marshal(apiParams[name])
 	if err != nil {
 		return errors.Trace(err)
 	}
@@ -1115,7 +1115,6 @@ type Storer interface {
 // parameters for tactics. This is used by the Psiphon client when
 // preparing its handshake request.
 func SetTacticsAPIParameters(
-	clientParameters *parameters.ClientParameters,
 	storer Storer,
 	networkID string,
 	apiParams common.APIParameters) error {
@@ -1230,7 +1229,7 @@ func UseStoredTactics(
 // FetchTactics modifies the apiParams input.
 func FetchTactics(
 	ctx context.Context,
-	clientParameters *parameters.ClientParameters,
+	params *parameters.Parameters,
 	storer Storer,
 	getNetworkID func() string,
 	apiParams common.APIParameters,
@@ -1256,7 +1255,7 @@ func FetchTactics(
 
 	if len(speedTestSamples) == 0 {
 
-		p := clientParameters.Get()
+		p := params.Get()
 		request := prng.Padding(
 			p.Int(parameters.SpeedTestPaddingMinBytes),
 			p.Int(parameters.SpeedTestPaddingMaxBytes))
@@ -1276,7 +1275,7 @@ func FetchTactics(
 		}
 
 		err = AddSpeedTestSample(
-			clientParameters,
+			params,
 			storer,
 			networkID,
 			endPointRegion,
@@ -1399,7 +1398,7 @@ func MakeSpeedTestResponse(minPadding, maxPadding int) ([]byte, error) {
 // that limit is reached, the oldest samples are removed to make room
 // for the new sample.
 func AddSpeedTestSample(
-	clientParameters *parameters.ClientParameters,
+	params *parameters.Parameters,
 	storer Storer,
 	networkID string,
 	endPointRegion string,
@@ -1431,7 +1430,7 @@ func AddSpeedTestSample(
 		BytesDown:        len(response),
 	}
 
-	maxCount := clientParameters.Get().Int(parameters.SpeedTestMaxSampleCount)
+	maxCount := params.Get().Int(parameters.SpeedTestMaxSampleCount)
 	if maxCount == 0 {
 		return errors.TraceNew("speed test max sample count is 0")
 	}

psiphon/common/tactics/tactics_test.go

@@ -151,11 +151,11 @@ func TestTactics(t *testing.T) {
 	logger := newTestLogger()
 
 	validator := func(
-		params common.APIParameters) error {
+		apiParams common.APIParameters) error {
 
 		expectedParams := []string{"client_platform", "client_version"}
 		for _, name := range expectedParams {
-			value, ok := params[name]
+			value, ok := apiParams[name]
 			if !ok {
 				return fmt.Errorf("missing param: %s", name)
 			}
@@ -169,9 +169,9 @@ func TestTactics(t *testing.T) {
 
 	formatter := func(
 		geoIPData common.GeoIPData,
-		params common.APIParameters) common.LogFields {
+		apiParams common.APIParameters) common.LogFields {
 
-		return common.LogFields(params)
+		return common.LogFields(apiParams)
 	}
 
 	server, err := NewServer(
@@ -211,12 +211,12 @@ func TestTactics(t *testing.T) {
 
 	// Configure client
 
-	clientParams, err := parameters.NewClientParameters(
+	params, err := parameters.NewParameters(
 		func(err error) {
-			t.Fatalf("ClientParameters getValue failed: %s", err)
+			t.Fatalf("Parameters getValue failed: %s", err)
 		})
 	if err != nil {
-		t.Fatalf("NewClientParameters failed: %s", err)
+		t.Fatalf("NewParameters failed: %s", err)
 	}
 
 	networkID := "NETWORK1"
@@ -276,9 +276,9 @@ func TestTactics(t *testing.T) {
 
 	checkParameters := func(r *Record) {
 
-		p, err := parameters.NewClientParameters(nil)
+		p, err := parameters.NewParameters(nil)
 		if err != nil {
-			t.Fatalf("NewClientParameters failed: %s", err)
+			t.Fatalf("NewParameters failed: %s", err)
 		}
 
 		if r.Tactics.Probability != tacticsProbability {
@@ -318,7 +318,7 @@ func TestTactics(t *testing.T) {
 
 	initialFetchTacticsRecord, err := FetchTactics(
 		ctx,
-		clientParams,
+		params,
 		storer,
 		getNetworkID,
 		apiParams,
@@ -390,7 +390,7 @@ func TestTactics(t *testing.T) {
 
 	fetchTacticsRecord, err := FetchTactics(
 		context.Background(),
-		clientParams,
+		params,
 		storer,
 		getNetworkID,
 		apiParams,
@@ -467,7 +467,7 @@ func TestTactics(t *testing.T) {
 
 	fetchTacticsRecord, err = FetchTactics(
 		context.Background(),
-		clientParams,
+		params,
 		storer,
 		getNetworkID,
 		apiParams,
@@ -507,7 +507,7 @@ func TestTactics(t *testing.T) {
 		"client_platform": "P1",
 		"client_version":  "V1"}
 
-	err = SetTacticsAPIParameters(clientParams, storer, networkID, handshakeParams)
+	err = SetTacticsAPIParameters(storer, networkID, handshakeParams)
 	if err != nil {
 		t.Fatalf("SetTacticsAPIParameters failed: %s", err)
 	}
@@ -576,7 +576,7 @@ func TestTactics(t *testing.T) {
 
 	// Exercise speed test sample truncation
 
-	maxSamples := clientParams.Get().Int(parameters.SpeedTestMaxSampleCount)
+	maxSamples := params.Get().Int(parameters.SpeedTestMaxSampleCount)
 
 	for i := 0; i < maxSamples*2; i++ {
 
@@ -586,7 +586,7 @@ func TestTactics(t *testing.T) {
 		}
 
 		err = AddSpeedTestSample(
-			clientParams,
+			params,
 			storer,
 			networkID,
 			"",
@@ -623,7 +623,7 @@ func TestTactics(t *testing.T) {
 
 	_, err = FetchTactics(
 		context.Background(),
-		clientParams,
+		params,
 		storer,
 		getNetworkID,
 		apiParams,
@@ -638,7 +638,7 @@ func TestTactics(t *testing.T) {
 
 	_, err = FetchTactics(
 		context.Background(),
-		clientParams,
+		params,
 		storer,
 		getNetworkID,
 		apiParams,

psiphon/config.go

@@ -717,12 +717,12 @@ type Config struct {
 	// B64EncodedPublicKey = "".
 	FeedbackEncryptionPublicKey string
 
-	// clientParameters is the active ClientParameters with defaults, config
-	// values, and, optionally, tactics applied.
+	// params is the active parameters.Parameters with defaults, config values,
+	// and, optionally, tactics applied.
 	//
-	// New tactics must be applied by calling Config.SetClientParameters;
-	// calling clientParameters.Set directly will fail to add config values.
-	clientParameters *parameters.ClientParameters
+	// New tactics must be applied by calling Config.SetParameters; calling
+	// params.Set directly will fail to add config values.
+	params *parameters.Parameters
 
 	dialParametersHash []byte
 
@@ -1062,9 +1062,9 @@ func (config *Config) Commit(migrateFromLegacyFields bool) error {
 		return errors.TraceNew("invalid SessionID")
 	}
 
-	config.clientParameters, err = parameters.NewClientParameters(
+	config.params, err = parameters.NewParameters(
 		func(err error) {
-			NoticeWarning("ClientParameters getValue failed: %s", err)
+			NoticeWarning("Parameters getValue failed: %s", err)
 		})
 	if err != nil {
 		return errors.Trace(err)
@@ -1076,9 +1076,10 @@ func (config *Config) Commit(migrateFromLegacyFields bool) error {
 		return errors.TraceNew("invalid ObfuscatedSSHAlgorithms")
 	}
 
-	// clientParameters.Set will validate the config fields applied to parameters.
+	// parametersParameters.Set will validate the config fields applied to
+	// parametersParameters.
 
-	err = config.SetClientParameters("", false, nil)
+	err = config.SetParameters("", false, nil)
 	if err != nil {
 		return errors.Trace(err)
 	}
@@ -1180,12 +1181,12 @@ func (config *Config) Commit(migrateFromLegacyFields bool) error {
 	return nil
 }
 
-// GetClientParameters returns the current client parameters.
-func (config *Config) GetClientParameters() *parameters.ClientParameters {
-	return config.clientParameters
+// GetParameters returns the current parameters.Parameters.
+func (config *Config) GetParameters() *parameters.Parameters {
+	return config.params
 }
 
-// SetClientParameters resets Config.clientParameters to the default values,
+// SetParameters resets the parameters.Parameters to the default values,
 // applies any config file values, and then applies the input parameters (from
 // tactics, etc.)
 //
@@ -1193,19 +1194,19 @@ func (config *Config) GetClientParameters() *parameters.ClientParameters {
 // this will validate the values and should fail. Set skipOnError to true when
 // applying tactics to ignore invalid or unknown parameter values from tactics.
 //
-// In the case of applying tactics, do not call Config.clientParameters.Set
+// In the case of applying tactics, do not call Config.parameters.Set
 // directly as this will not first apply config values.
 //
-// If there is an error, the existing Config.clientParameters are left
+// If there is an error, the existing Config.parameters are left
 // entirely unmodified.
-func (config *Config) SetClientParameters(tag string, skipOnError bool, applyParameters map[string]interface{}) error {
+func (config *Config) SetParameters(tag string, skipOnError bool, applyParameters map[string]interface{}) error {
 
 	setParameters := []map[string]interface{}{config.makeConfigParameters()}
 	if applyParameters != nil {
 		setParameters = append(setParameters, applyParameters)
 	}
 
-	counts, err := config.clientParameters.Set(tag, skipOnError, setParameters...)
+	counts, err := config.params.Set(tag, skipOnError, setParameters...)
 	if err != nil {
 		return errors.Trace(err)
 	}
@@ -1213,7 +1214,7 @@ func (config *Config) SetClientParameters(tag string, skipOnError bool, applyPar
 	NoticeInfo("applied %v parameters with tag '%s'", counts, tag)
 
 	// Emit certain individual parameter values for quick reference in diagnostics.
-	p := config.clientParameters.Get()
+	p := config.params.Get()
 	NoticeInfo(
 		"NetworkLatencyMultiplier Min/Max/Lambda: %f/%f/%f",
 		p.Float(parameters.NetworkLatencyMultiplierMin),

psiphon/controller.go

@@ -357,7 +357,7 @@ fetcherLoop:
 		// Skip fetch entirely (i.e., send no request at all, even when ETag would save
 		// on response size) when a recent fetch was successful
 
-		stalePeriod := controller.config.GetClientParameters().Get().Duration(
+		stalePeriod := controller.config.GetParameters().Get().Duration(
 			parameters.FetchRemoteServerListStalePeriod)
 
 		if !lastFetchTime.IsZero() &&
@@ -393,7 +393,7 @@ fetcherLoop:
 
 			NoticeWarning("failed to fetch %s remote server list: %s", name, err)
 
-			retryPeriod := controller.config.GetClientParameters().Get().Duration(
+			retryPeriod := controller.config.GetParameters().Get().Duration(
 				parameters.FetchRemoteServerListRetryPeriod)
 
 			timer := time.NewTimer(retryPeriod)
@@ -417,7 +417,7 @@ fetcherLoop:
 func (controller *Controller) establishTunnelWatcher() {
 	defer controller.runWaitGroup.Done()
 
-	timeout := controller.config.GetClientParameters().Get().Duration(
+	timeout := controller.config.GetParameters().Get().Duration(
 		parameters.EstablishTunnelTimeout)
 
 	if timeout > 0 {
@@ -490,7 +490,7 @@ loop:
 		if reported {
 			duration = 24 * time.Hour
 		} else {
-			duration = controller.config.GetClientParameters().Get().Duration(
+			duration = controller.config.GetParameters().Get().Duration(
 				parameters.PsiphonAPIConnectedRequestRetryPeriod)
 		}
 		timer := time.NewTimer(duration)
@@ -556,7 +556,7 @@ downloadLoop:
 			break downloadLoop
 		}
 
-		stalePeriod := controller.config.GetClientParameters().Get().Duration(
+		stalePeriod := controller.config.GetParameters().Get().Duration(
 			parameters.FetchUpgradeStalePeriod)
 
 		// Unless handshake is explicitly advertizing a new version, skip
@@ -596,7 +596,7 @@ downloadLoop:
 
 			NoticeWarning("failed to download upgrade: %s", err)
 
-			timeout := controller.config.GetClientParameters().Get().Duration(
+			timeout := controller.config.GetParameters().Get().Duration(
 				parameters.FetchUpgradeRetryPeriod)
 
 			timer := time.NewTimer(timeout)
@@ -1253,7 +1253,7 @@ func (controller *Controller) launchEstablishing() {
 
 	if !controller.config.DisableTactics {
 
-		timeout := controller.config.GetClientParameters().Get().Duration(
+		timeout := controller.config.GetParameters().Get().Duration(
 			parameters.TacticsWaitPeriod)
 
 		tacticsDone := make(chan struct{})
@@ -1287,11 +1287,11 @@ func (controller *Controller) launchEstablishing() {
 
 	// Initial- and LimitTunnelProtocols are set once per establishment, for
 	// consistent application of related probabilities (applied by
-	// ClientParametersAccessor.TunnelProtocols). The
+	// ParametersAccessor.TunnelProtocols). The
 	// establishLimitTunnelProtocolsState field must be read-only after this
 	// point, allowing concurrent reads by establishment workers.
 
-	p := controller.config.GetClientParameters().Get()
+	p := controller.config.GetParameters().Get()
 
 	controller.protocolSelectionConstraints = &protocolSelectionConstraints{
 		useUpstreamProxy:                    controller.config.UseUpstreamProxy(),
@@ -1508,7 +1508,7 @@ loop:
 		roundStartTime := time.Now()
 		var roundNetworkWaitDuration time.Duration
 
-		workTime := controller.config.GetClientParameters().Get().Duration(
+		workTime := controller.config.GetParameters().Get().Duration(
 			parameters.EstablishTunnelWorkTime)
 
 		candidateServerEntryCount := 0
@@ -1582,7 +1582,7 @@ loop:
 				// candidate has completed (success or failure) or is still working
 				// and the grace period has elapsed.
 
-				gracePeriod := controller.config.GetClientParameters().Get().Duration(
+				gracePeriod := controller.config.GetParameters().Get().Duration(
 					parameters.EstablishTunnelServerAffinityGracePeriod)
 
 				if gracePeriod > 0 {
@@ -1627,7 +1627,7 @@ loop:
 		// in typical conditions (it isn't strictly necessary to wait for this, there will
 		// be more rounds if required).
 
-		p := controller.config.GetClientParameters().Get()
+		p := controller.config.GetParameters().Get()
 		timeout := prng.JitterDuration(
 			p.Duration(parameters.EstablishTunnelPausePeriod),
 			p.Float(parameters.EstablishTunnelPausePeriodJitter))
@@ -1695,7 +1695,7 @@ loop:
 			// _some_ tunnel should connect. If the upstream proxy configuration is
 			// broken, the error should persist and eventually get posted.
 
-			p := controller.config.GetClientParameters().Get()
+			p := controller.config.GetParameters().Get()
 			workerPoolSize := p.Int(parameters.ConnectionWorkerPoolSize)
 			minWaitDuration := p.Duration(parameters.UpstreamProxyErrorMinWaitDuration)
 			maxWaitDuration := p.Duration(parameters.UpstreamProxyErrorMaxWaitDuration)
@@ -1739,7 +1739,7 @@ loop:
 		// intensive. In this case, a StaggerConnectionWorkersMilliseconds
 		// delay may still be incurred.
 
-		limitIntensiveConnectionWorkers := controller.config.GetClientParameters().Get().Int(
+		limitIntensiveConnectionWorkers := controller.config.GetParameters().Get().Int(
 			parameters.LimitIntensiveConnectionWorkers)
 
 		controller.concurrentEstablishTunnelsMutex.Lock()
@@ -1849,7 +1849,7 @@ loop:
 		// The stagger is applied when establishConnectTunnelCount > 0 -- that
 		// is, for all but the first dial.
 
-		p := controller.config.GetClientParameters().Get()
+		p := controller.config.GetParameters().Get()
 		staggerPeriod := p.Duration(parameters.StaggerConnectionWorkersPeriod)
 		staggerJitter := p.Float(parameters.StaggerConnectionWorkersJitter)
 		p.Close()

psiphon/dataStore.go

@@ -560,7 +560,7 @@ func newTargetServerEntryIterator(config *Config, isTactics bool) (bool, *Server
 			return false, nil, errors.TraceNew("TargetServerEntry does not support EgressRegion")
 		}
 
-		limitTunnelProtocols := config.GetClientParameters().Get().TunnelProtocols(parameters.LimitTunnelProtocols)
+		limitTunnelProtocols := config.GetParameters().Get().TunnelProtocols(parameters.LimitTunnelProtocols)
 		if len(limitTunnelProtocols) > 0 {
 			// At the ServerEntryIterator level, only limitTunnelProtocols is applied;
 			// excludeIntensive is handled higher up.
@@ -679,7 +679,7 @@ func (iterator *ServerEntryIterator) reset(isInitialRound bool) error {
 		//
 		// TODO: move only up to parameters.ReplayCandidateCount to front?
 
-		p := iterator.config.GetClientParameters().Get()
+		p := iterator.config.GetParameters().Get()
 
 		if (isInitialRound || p.WeightedCoinFlip(parameters.ReplayLaterRoundMoveToFrontProbability)) &&
 			p.Int(parameters.ReplayCandidateCount) != 0 {
@@ -982,7 +982,7 @@ func PruneServerEntry(config *Config, serverEntryTag string) {
 
 func pruneServerEntry(config *Config, serverEntryTag string) error {
 
-	minimumAgeForPruning := config.GetClientParameters().Get().Duration(
+	minimumAgeForPruning := config.GetParameters().Get().Duration(
 		parameters.ServerEntryMinimumAgeForPruning)
 
 	return datastoreUpdate(func(tx *datastoreTx) error {
@@ -1464,7 +1464,7 @@ func StorePersistentStat(config *Config, statType string, stat []byte) error {
 		return errors.Tracef("invalid persistent stat type: %s", statType)
 	}
 
-	maxStoreRecords := config.GetClientParameters().Get().Int(
+	maxStoreRecords := config.GetParameters().Get().Int(
 		parameters.PersistentStatsMaxStoreRecords)
 
 	err := datastoreUpdate(func(tx *datastoreTx) error {
@@ -1540,7 +1540,7 @@ func TakeOutUnreportedPersistentStats(config *Config) (map[string][][]byte, erro
 
 	stats := make(map[string][][]byte)
 
-	maxSendBytes := config.GetClientParameters().Get().Int(
+	maxSendBytes := config.GetParameters().Get().Int(
 		parameters.PersistentStatsMaxSendBytes)
 
 	err := datastoreUpdate(func(tx *datastoreTx) error {

psiphon/dialParameters.go

@@ -155,7 +155,7 @@ func MakeDialParameters(
 
 	networkID := config.GetNetworkID()
 
-	p := config.GetClientParameters().Get()
+	p := config.GetParameters().Get()
 
 	ttl := p.Duration(parameters.ReplayDialParametersTTL)
 	replayBPF := p.Bool(parameters.ReplayBPF)
@@ -676,7 +676,7 @@ func MakeDialParameters(
 
 		dialParams.meekConfig = &MeekConfig{
 			DiagnosticID:                  serverEntry.GetDiagnosticID(),
-			ClientParameters:              config.clientParameters,
+			Parameters:                    config.GetParameters(),
 			DialAddress:                   dialParams.MeekDialAddress,
 			UseQUIC:                       protocol.TunnelProtocolUsesFrontedMeekQUIC(dialParams.TunnelProtocol),
 			QUICVersion:                   dialParams.QUICVersion,
@@ -768,7 +768,7 @@ func (dialParams *DialParameters) Failed(config *Config) {
 	// to, e.g., temporary network disruptions or server load limiting.
 
 	if dialParams.IsReplay &&
-		!config.GetClientParameters().Get().WeightedCoinFlip(
+		!config.GetParameters().Get().WeightedCoinFlip(
 			parameters.ReplayRetainFailedProbability) {
 
 		NoticeInfo("Delete dial parameters for %s", dialParams.ServerEntry.GetDiagnosticID())
@@ -857,7 +857,7 @@ func (dialParams *ExchangedDialParameters) Validate(serverEntry *protocol.Server
 // then later fully initialized by MakeDialParameters.
 func (dialParams *ExchangedDialParameters) MakeDialParameters(
 	config *Config,
-	p parameters.ClientParametersAccessor,
+	p parameters.ParametersAccessor,
 	serverEntry *protocol.ServerEntry) *DialParameters {
 
 	return &DialParameters{
@@ -870,7 +870,7 @@ func (dialParams *ExchangedDialParameters) MakeDialParameters(
 
 func getConfigStateHash(
 	config *Config,
-	p parameters.ClientParametersAccessor,
+	p parameters.ParametersAccessor,
 	serverEntry *protocol.ServerEntry) []byte {
 
 	// The config state hash should reflect config, tactics, and server entry
@@ -949,7 +949,7 @@ func selectFrontingParameters(serverEntry *protocol.ServerEntry) (string, string
 func selectQUICVersion(
 	isFronted bool,
 	frontingProviderID string,
-	p parameters.ClientParametersAccessor) string {
+	p parameters.ParametersAccessor) string {
 
 	limitQUICVersions := p.QUICVersions(parameters.LimitQUICVersions)
 
@@ -997,7 +997,7 @@ func selectQUICVersion(
 
 // selectUserAgentIfUnset selects a User-Agent header if one is not set.
 func selectUserAgentIfUnset(
-	p parameters.ClientParametersAccessor, headers http.Header) (bool, string) {
+	p parameters.ParametersAccessor, headers http.Header) (bool, string) {
 
 	if _, ok := headers["User-Agent"]; !ok {
 
@@ -1014,7 +1014,7 @@ func selectUserAgentIfUnset(
 
 func makeDialCustomHeaders(
 	config *Config,
-	p parameters.ClientParametersAccessor) http.Header {
+	p parameters.ParametersAccessor) http.Header {
 
 	dialCustomHeaders := make(http.Header)
 	if config.CustomHeaders != nil {

psiphon/dialParameters_test.go

@@ -79,9 +79,9 @@ func runDialParametersAndReplay(t *testing.T, tunnelProtocol string) {
 	applyParameters := make(map[string]interface{})
 	applyParameters[parameters.TransformHostNameProbability] = 1.0
 	applyParameters[parameters.PickUserAgentProbability] = 1.0
-	err = clientConfig.SetClientParameters("tag1", true, applyParameters)
+	err = clientConfig.SetParameters("tag1", true, applyParameters)
 	if err != nil {
-		t.Fatalf("SetClientParameters failed: %s", err)
+		t.Fatalf("SetParameters failed: %s", err)
 	}
 
 	err = OpenDataStore(clientConfig)
@@ -326,9 +326,9 @@ func runDialParametersAndReplay(t *testing.T, tunnelProtocol string) {
 	// Test: no replay after change tactics
 
 	applyParameters[parameters.ReplayDialParametersTTL] = "1s"
-	err = clientConfig.SetClientParameters("tag2", true, applyParameters)
+	err = clientConfig.SetParameters("tag2", true, applyParameters)
 	if err != nil {
-		t.Fatalf("SetClientParameters failed: %s", err)
+		t.Fatalf("SetParameters failed: %s", err)
 	}
 
 	dialParams, err = MakeDialParameters(clientConfig, nil, canReplay, selectProtocol, serverEntries[0], false, 0, 0)
@@ -380,9 +380,9 @@ func runDialParametersAndReplay(t *testing.T, tunnelProtocol string) {
 	applyParameters[parameters.ReplayObfuscatedQUIC] = false
 	applyParameters[parameters.ReplayLivenessTest] = false
 	applyParameters[parameters.ReplayAPIRequestPadding] = false
-	err = clientConfig.SetClientParameters("tag3", true, applyParameters)
+	err = clientConfig.SetParameters("tag3", true, applyParameters)
 	if err != nil {
-		t.Fatalf("SetClientParameters failed: %s", err)
+		t.Fatalf("SetParameters failed: %s", err)
 	}
 
 	dialParams, err = MakeDialParameters(clientConfig, nil, canReplay, selectProtocol, serverEntries[0], false, 0, 0)

psiphon/exchange.go

@@ -254,7 +254,7 @@ func importExchangePayload(config *Config, encodedPayload string) error {
 		if err == nil {
 			dialParams := payload.ExchangedDialParameters.MakeDialParameters(
 				config,
-				config.GetClientParameters().Get(),
+				config.GetParameters().Get(),
 				serverEntry)
 
 			err = SetDialParameters(

psiphon/feedback.go

@@ -110,7 +110,7 @@ func SendFeedback(ctx context.Context, configJson, diagnosticsJson, uploadPath s
 	}
 
 	// Get tactics, may update client parameters
-	p := config.GetClientParameters().Get()
+	p := config.GetParameters().Get()
 	timeout := p.Duration(parameters.FeedbackTacticsWaitPeriod)
 	p.Close()
 	getTacticsCtx, cancelFunc := context.WithTimeout(ctx, timeout)
@@ -120,7 +120,7 @@ func SendFeedback(ctx context.Context, configJson, diagnosticsJson, uploadPath s
 	GetTactics(getTacticsCtx, config)
 
 	// Get the latest client parameters
-	p = config.GetClientParameters().Get()
+	p = config.GetParameters().Get()
 	feedbackUploadMinRetryDelay := p.Duration(parameters.FeedbackUploadRetryMinDelaySeconds)
 	feedbackUploadMaxRetryDelay := p.Duration(parameters.FeedbackUploadRetryMaxDelaySeconds)
 	feedbackUploadTimeout := p.Duration(parameters.FeedbackUploadTimeoutSeconds)

psiphon/httpProxy.go

@@ -118,7 +118,7 @@ func NewHttpProxy(
 		return tunneler.DirectDial(addr)
 	}
 
-	p := config.GetClientParameters().Get()
+	p := config.GetParameters().Get()
 	responseHeaderTimeout := p.Duration(parameters.HTTPProxyOriginServerTimeout)
 	maxIdleConnsPerHost := p.Int(parameters.HTTPProxyMaxIdleConnectionsPerHost)
 

psiphon/interrupt_dials_test.go

@@ -64,9 +64,9 @@ func TestInterruptDials(t *testing.T) {
 
 	// TODO: test upstreamproxy.ProxyAuthTransport
 
-	clientParameters, err := parameters.NewClientParameters(nil)
+	params, err := parameters.NewParameters(nil)
 	if err != nil {
-		t.Fatalf("NewClientParameters failed: %s", err)
+		t.Fatalf("NewParameters failed: %s", err)
 	}
 
 	seed, err := prng.NewSeed()
@@ -77,7 +77,7 @@ func TestInterruptDials(t *testing.T) {
 	makeDialers["TLS"] = func(string) Dialer {
 		return NewCustomTLSDialer(
 			&CustomTLSConfig{
-				ClientParameters:         clientParameters,
+				Parameters:               params,
 				Dial:                     NewTCPDialer(&DialConfig{}),
 				RandomizedTLSProfileSeed: seed,
 			})

psiphon/limitProtocols_test.go

@@ -124,7 +124,7 @@ func TestLimitTunnelProtocols(t *testing.T) {
 	applyParameters[parameters.InitialLimitTunnelProtocolsCandidateCount] = initialLimitTunnelProtocolsCandidateCount
 	applyParameters[parameters.LimitTunnelProtocols] = limitTunnelProtocols
 
-	err = clientConfig.SetClientParameters("", true, applyParameters)
+	err = clientConfig.SetParameters("", true, applyParameters)
 	if err != nil {
 		t.Fatalf("error setting client parameters: %s", err)
 	}

psiphon/meekConn.go

@@ -67,9 +67,9 @@ type MeekConfig struct {
 	// DiagnosticID is the server ID to record in any diagnostics notices.
 	DiagnosticID string
 
-	// ClientParameters is the active set of client parameters to use
+	// Parameters is the active set of parameters.Parameters to use
 	// for the meek dial.
-	ClientParameters *parameters.ClientParameters
+	Parameters *parameters.Parameters
 
 	// DialAddress is the actual network address to dial to establish a
 	// connection to the meek server. This may be either a fronted or
@@ -155,7 +155,7 @@ type MeekConfig struct {
 // MeekConn also operates in unfronted mode, in which plain HTTP connections are made without routing
 // through a CDN.
 type MeekConn struct {
-	clientParameters          *parameters.ClientParameters
+	params                    *parameters.Parameters
 	networkLatencyMultiplier  float64
 	isQUIC                    bool
 	url                       *url.URL
@@ -191,8 +191,8 @@ type MeekConn struct {
 	fullSendBuffer          chan *bytes.Buffer
 }
 
-func (conn *MeekConn) getCustomClientParameters() parameters.ClientParametersAccessor {
-	return conn.clientParameters.GetCustom(conn.networkLatencyMultiplier)
+func (conn *MeekConn) getCustomParameters() parameters.ParametersAccessor {
+	return conn.params.GetCustom(conn.networkLatencyMultiplier)
 }
 
 // transporter is implemented by both http.Transport and upstreamproxy.ProxyAuthTransport.
@@ -230,7 +230,7 @@ func DialMeek(
 	}()
 
 	meek = &MeekConn{
-		clientParameters:         meekConfig.ClientParameters,
+		params:                   meekConfig.Parameters,
 		networkLatencyMultiplier: meekConfig.NetworkLatencyMultiplier,
 		isClosed:                 false,
 		runCtx:                   runCtx,
@@ -247,7 +247,7 @@ func DialMeek(
 			meek.redialTLSProbability,
 			err =
 			makeMeekObfuscationValues(
-				meek.getCustomClientParameters(),
+				meek.getCustomParameters(),
 				meekConfig.MeekCookieEncryptionPublicKey,
 				meekConfig.MeekObfuscatedKey,
 				meekConfig.MeekObfuscatorPaddingSeed,
@@ -338,7 +338,7 @@ func DialMeek(
 		scheme = "https"
 
 		tlsConfig := &CustomTLSConfig{
-			ClientParameters:              meekConfig.ClientParameters,
+			Parameters:                    meekConfig.Parameters,
 			DialAddr:                      meekConfig.DialAddress,
 			Dial:                          NewTCPDialer(dialConfig),
 			SNIServerName:                 meekConfig.SNIServerName,
@@ -537,7 +537,7 @@ func DialMeek(
 		// Write() calls and relay() are synchronized in a similar way, using a single
 		// sendBuffer.
 
-		p := meek.getCustomClientParameters()
+		p := meek.getCustomParameters()
 		if p.Bool(parameters.MeekLimitBufferSizes) {
 			meek.fullReceiveBufferLength = p.Int(parameters.MeekLimitedFullReceiveBufferLength)
 			meek.readPayloadChunkLength = p.Int(parameters.MeekLimitedReadPayloadChunkLength)
@@ -695,7 +695,7 @@ func (meek *MeekConn) RoundTrip(
 	}
 
 	cookie, _, _, _, err := makeMeekObfuscationValues(
-		meek.getCustomClientParameters(),
+		meek.getCustomParameters(),
 		meek.meekCookieEncryptionPublicKey,
 		meek.meekObfuscatedKey,
 		meek.meekObfuscatorPaddingSeed,
@@ -864,7 +864,7 @@ func (meek *MeekConn) relay() {
 	// (using goroutines) since Close() will wait on this WaitGroup.
 	defer meek.relayWaitGroup.Done()
 
-	p := meek.getCustomClientParameters()
+	p := meek.getCustomParameters()
 	interval := prng.JitterDuration(
 		p.Duration(parameters.MeekMinPollInterval),
 		p.Float(parameters.MeekMinPollIntervalJitter))
@@ -935,7 +935,7 @@ func (meek *MeekConn) relay() {
 		// flips are used to avoid trivial, static traffic
 		// timing patterns.
 
-		p := meek.getCustomClientParameters()
+		p := meek.getCustomParameters()
 
 		if receivedPayloadSize > 0 || sendPayloadSize > 0 {
 
@@ -1039,7 +1039,7 @@ func (meek *MeekConn) newRequest(
 		// - round trip will abort if it exceeds timeout
 		requestCtx, cancelFunc = context.WithTimeout(
 			meek.runCtx,
-			meek.getCustomClientParameters().Duration(parameters.MeekRoundTripTimeout))
+			meek.getCustomParameters().Duration(parameters.MeekRoundTripTimeout))
 	}
 
 	// Ensure dials are made within the current request context.
@@ -1121,7 +1121,7 @@ func (meek *MeekConn) relayRoundTrip(sendBuffer *bytes.Buffer) (int64, error) {
 
 	retries := uint(0)
 
-	p := meek.getCustomClientParameters()
+	p := meek.getCustomParameters()
 	retryDeadline := time.Now().Add(p.Duration(parameters.MeekRoundTripRetryDeadline))
 	retryDelay := p.Duration(parameters.MeekRoundTripRetryMinDelay)
 	retryMaxDelay := p.Duration(parameters.MeekRoundTripRetryMaxDelay)
@@ -1370,7 +1370,7 @@ func (meek *MeekConn) readPayload(
 // The request payload limit and TLS redial probability apply only to relay
 // mode and are selected once and used for the duration of a meek connction.
 func makeMeekObfuscationValues(
-	p parameters.ClientParametersAccessor,
+	p parameters.ParametersAccessor,
 	meekCookieEncryptionPublicKey string,
 	meekObfuscatedKey string,
 	meekObfuscatorPaddingPRNGSeed *prng.Seed,

psiphon/memory_test/memory_test.go

@@ -124,9 +124,9 @@ func runMemoryTest(t *testing.T, testMode int) {
 	applyParameters := map[string]interface{}{
 		parameters.TacticsWaitPeriod: "1ms",
 	}
-	err = config.SetClientParameters("", true, applyParameters)
+	err = config.SetParameters("", true, applyParameters)
 	if err != nil {
-		t.Fatalf("SetClientParameters failed: %s", err)
+		t.Fatalf("SetParameters failed: %s", err)
 	}
 
 	err = psiphon.OpenDataStore(config)

psiphon/net.go

@@ -315,7 +315,7 @@ func MakeUntunneledHTTPClient(
 	// Note: when verifyLegacyCertificate is not nil, some
 	// of the other CustomTLSConfig is overridden.
 	tlsConfig := &CustomTLSConfig{
-		ClientParameters:              config.clientParameters,
+		Parameters:                    config.GetParameters(),
 		Dial:                          dialer,
 		VerifyLegacyCertificate:       verifyLegacyCertificate,
 		UseDialAddrSNI:                true,

psiphon/packetTunnelTransport.go

@@ -261,7 +261,7 @@ func (p *PacketTunnelTransport) setChannel(
 	// Initialize the read deadline mechanism using parameters associated with the
 	// new tunnel.
 	timeout := channelTunnel.config.
-		GetClientParameters().
+		GetParameters().
 		GetCustom(channelTunnel.dialParams.NetworkLatencyMultiplier).
 		Duration(parameters.PacketTunnelReadTimeout)
 	atomic.StoreInt64(&p.readTimeout, int64(timeout))

psiphon/remoteServerList.go

@@ -53,7 +53,7 @@ func FetchCommonRemoteServerList(
 
 	NoticeInfo("fetching common remote server list")
 
-	p := config.GetClientParameters().Get()
+	p := config.GetParameters().Get()
 	publicKey := p.String(parameters.RemoteServerListSignaturePublicKey)
 	urls := p.TransferURLs(parameters.RemoteServerListURLs)
 	downloadTimeout := p.Duration(parameters.FetchRemoteServerListTimeout)
@@ -145,7 +145,7 @@ func FetchObfuscatedServerLists(
 
 	NoticeInfo("fetching obfuscated remote server lists")
 
-	p := config.GetClientParameters().Get()
+	p := config.GetParameters().Get()
 	publicKey := p.String(parameters.RemoteServerListSignaturePublicKey)
 	urls := p.TransferURLs(parameters.ObfuscatedServerListRootURLs)
 	downloadTimeout := p.Duration(parameters.FetchRemoteServerListTimeout)

psiphon/server/bpf.go

@@ -92,14 +92,13 @@ func newTCPListenerWithBPF(
 
 func getBPFProgram(support *SupportServices) (bool, string, []bpf.RawInstruction, error) {
 
-	tactics, err := support.TacticsServer.GetTactics(
-		true, common.GeoIPData(NewGeoIPData()), make(common.APIParameters))
+	p, err := GetServerTacticsParameters(r.support, NewGeoIPData())
 	if err != nil {
 		return false, "", nil, errors.Trace(err)
 	}
 
-	if tactics == nil {
-		// This server isn't configured with tactics.
+	if p.IsNil() {
+		// No tactics are configured; BPF is disabled.
 		return false, "", nil, nil
 	}
 
@@ -110,23 +109,6 @@ func getBPFProgram(support *SupportServices) (bool, string, []bpf.RawInstruction
 
 	PRNG := prng.NewPRNGWithSeed(seed)
 
-	if !PRNG.FlipWeightedCoin(tactics.Probability) {
-		// Skip tactics with the configured probability.
-		return false, "", nil, nil
-	}
-
-	clientParameters, err := parameters.NewClientParameters(nil)
-	if err != nil {
-		return false, "", nil, nil
-	}
-
-	_, err = clientParameters.Set("", false, tactics.Parameters)
-	if err != nil {
-		return false, "", nil, nil
-	}
-
-	p := clientParameters.Get()
-
 	if !PRNG.FlipWeightedCoin(
 		p.Float(parameters.BPFServerTCPProbability)) {
 		return false, "", nil, nil

psiphon/server/meek_test.go

@@ -309,9 +309,9 @@ func TestMeekResiliency(t *testing.T) {
 		DeviceBinder: new(fileDescriptorInterruptor),
 	}
 
-	clientParameters, err := parameters.NewClientParameters(nil)
+	params, err := parameters.NewParameters(nil)
 	if err != nil {
-		t.Fatalf("NewClientParameters failed: %s", err)
+		t.Fatalf("NewParameters failed: %s", err)
 	}
 
 	meekObfuscatorPaddingSeed, err := prng.NewSeed()
@@ -320,7 +320,7 @@ func TestMeekResiliency(t *testing.T) {
 	}
 
 	meekConfig := &psiphon.MeekConfig{
-		ClientParameters:              clientParameters,
+		Parameters:                    params,
 		DialAddress:                   serverAddress,
 		UseHTTPS:                      useTLS,
 		UseObfuscatedSessionTickets:   useObfuscatedSessionTickets,
@@ -486,9 +486,9 @@ func TestMeekRateLimiter(t *testing.T) {
 
 		dialConfig := &psiphon.DialConfig{}
 
-		clientParameters, err := parameters.NewClientParameters(nil)
+		params, err := parameters.NewParameters(nil)
 		if err != nil {
-			t.Fatalf("NewClientParameters failed: %s", err)
+			t.Fatalf("NewParameters failed: %s", err)
 		}
 
 		meekObfuscatorPaddingSeed, err := prng.NewSeed()
@@ -497,7 +497,7 @@ func TestMeekRateLimiter(t *testing.T) {
 		}
 
 		meekConfig := &psiphon.MeekConfig{
-			ClientParameters:              clientParameters,
+			Parameters:                    params,
 			DialAddress:                   serverAddress,
 			HostHeader:                    "example.com",
 			MeekCookieEncryptionPublicKey: meekCookieEncryptionPublicKey,

psiphon/server/replay.go

@@ -24,7 +24,6 @@ import (
 	"sync"
 	"time"
 
-	"github.com/Psiphon-Labs/psiphon-tunnel-core/psiphon/common"
 	"github.com/Psiphon-Labs/psiphon-tunnel-core/psiphon/common/errors"
 	"github.com/Psiphon-Labs/psiphon-tunnel-core/psiphon/common/parameters"
 	"github.com/Psiphon-Labs/psiphon-tunnel-core/psiphon/common/prng"
@@ -359,38 +358,3 @@ type replayParameters struct {
 	fragmentorSeed             *prng.Seed
 	failedCount                int
 }
-
-// GetServerTacticsParameters returns server-side tactics parameters for the
-// specified GeoIP scope. GetServerTacticsParameters is designed to be called
-// before the API handshake and does not filter by API parameters. IsNil
-// guards must be used when accessing the  returned ClientParametersAccessor.
-func GetServerTacticsParameters(
-	support *SupportServices,
-	geoIPData GeoIPData) (parameters.ClientParametersAccessor, error) {
-
-	nilAccessor := parameters.MakeNilClientParametersAccessor()
-
-	tactics, err := support.TacticsServer.GetTactics(
-		true, common.GeoIPData(geoIPData), make(common.APIParameters))
-	if err != nil {
-		return nilAccessor, errors.Trace(err)
-	}
-
-	if tactics == nil {
-		// This server isn't configured with tactics.
-		return nilAccessor, nil
-	}
-
-	// Tactics.Probability is ignored for server-side tactics.
-
-	clientParameters, err := parameters.NewClientParameters(nil)
-	if err != nil {
-		return nilAccessor, errors.Trace(err)
-	}
-	_, err = clientParameters.Set("", false, tactics.Parameters)
-	if err != nil {
-		return nilAccessor, errors.Trace(err)
-	}
-
-	return clientParameters.Get(), nil
-}

psiphon/server/server_test.go

@@ -916,9 +916,9 @@ func runServer(t *testing.T, runConfig *runServerConfig) {
 		applyParameters[parameters.TunnelConnectTimeout] = "1s"
 		applyParameters[parameters.TunnelRateLimits] = common.RateLimits{WriteBytesPerSecond: 1}
 
-		err = clientConfig.SetClientParameters("", true, applyParameters)
+		err = clientConfig.SetParameters("", true, applyParameters)
 		if err != nil {
-			t.Fatalf("SetClientParameters failed: %s", err)
+			t.Fatalf("SetParameters failed: %s", err)
 		}
 
 	} else {
@@ -950,9 +950,9 @@ func runServer(t *testing.T, runConfig *runServerConfig) {
 			applyParameters[parameters.PsiphonAPIStatusRequestShortPeriodMax] = 1 * time.Millisecond
 		}
 
-		err = clientConfig.SetClientParameters("", true, applyParameters)
+		err = clientConfig.SetParameters("", true, applyParameters)
 		if err != nil {
-			t.Fatalf("SetClientParameters failed: %s", err)
+			t.Fatalf("SetParameters failed: %s", err)
 		}
 	}
 
@@ -2213,9 +2213,9 @@ func storePruneServerEntriesTest(
 	applyParameters := make(map[string]interface{})
 	applyParameters[parameters.RecordFailedTunnelPersistentStatsProbability] = 1.0
 
-	err = clientConfig.SetClientParameters("", true, applyParameters)
+	err = clientConfig.SetParameters("", true, applyParameters)
 	if err != nil {
-		t.Fatalf("SetClientParameters failed: %s", err)
+		t.Fatalf("SetParameters failed: %s", err)
 	}
 
 	verifyTestCasesStored := make(verifyTestCasesStoredLookup)

psiphon/server/tactics.go

@@ -0,0 +1,61 @@
+/*
+ * Copyright (c) 2020, Psiphon Inc.
+ * All rights reserved.
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program.  If not, see <http://www.gnu.org/licenses/>.
+ *
+ */
+
+package server
+
+import (
+	"github.com/Psiphon-Labs/psiphon-tunnel-core/psiphon/common"
+	"github.com/Psiphon-Labs/psiphon-tunnel-core/psiphon/common/errors"
+	"github.com/Psiphon-Labs/psiphon-tunnel-core/psiphon/common/parameters"
+)
+
+// GetServerTacticsParameters returns server-side tactics parameters for the
+// specified GeoIP scope. GetServerTacticsParameters is designed to be called
+// before the API handshake and does not filter by API parameters. IsNil
+// guards must be used when accessing the returned ParametersAccessor.
+func GetServerTacticsParameters(
+	support *SupportServices,
+	geoIPData GeoIPData) (parameters.ParametersAccessor, error) {
+
+	nilAccessor := parameters.MakeNilParametersAccessor()
+
+	tactics, err := support.TacticsServer.GetTactics(
+		true, common.GeoIPData(geoIPData), make(common.APIParameters))
+	if err != nil {
+		return nilAccessor, errors.Trace(err)
+	}
+
+	if tactics == nil {
+		// This server isn't configured with tactics.
+		return nilAccessor, nil
+	}
+
+	// Tactics.Probability is ignored for server-side tactics.
+
+	params, err := parameters.NewParameters(nil)
+	if err != nil {
+		return nilAccessor, errors.Trace(err)
+	}
+	_, err = params.Set("", false, tactics.Parameters)
+	if err != nil {
+		return nilAccessor, errors.Trace(err)
+	}
+
+	return params.Get(), nil
+}

psiphon/serverApi.go

@@ -99,7 +99,7 @@ func NewServerContext(tunnel *Tunnel) (*ServerContext, error) {
 		paddingPRNG:        prng.NewPRNGWithSeed(tunnel.dialParams.APIRequestPaddingSeed),
 	}
 
-	ignoreRegexps := tunnel.config.GetClientParameters().Get().Bool(
+	ignoreRegexps := tunnel.config.GetParameters().Get().Bool(
 		parameters.IgnoreHandshakeStatsRegexps)
 
 	err := serverContext.doHandshakeRequest(ignoreRegexps)
@@ -154,7 +154,6 @@ func (serverContext *ServerContext) doHandshakeRequest(
 		networkID = serverContext.tunnel.config.GetNetworkID()
 
 		err := tactics.SetTacticsAPIParameters(
-			serverContext.tunnel.config.clientParameters,
 			GetTacticsStorer(serverContext.tunnel.config),
 			networkID,
 			params)
@@ -327,13 +326,13 @@ func (serverContext *ServerContext) doHandshakeRequest(
 			if tacticsRecord != nil &&
 				prng.FlipWeightedCoin(tacticsRecord.Tactics.Probability) {
 
-				err := serverContext.tunnel.config.SetClientParameters(
+				err := serverContext.tunnel.config.SetParameters(
 					tacticsRecord.Tag, true, tacticsRecord.Tactics.Parameters)
 				if err != nil {
 					NoticeInfo("apply handshake tactics failed: %s", err)
 				}
-				// The error will be due to invalid tactics values from
-				// the server. When ApplyClientParameters fails, all
+				// The error will be due to invalid tactics values
+				// from the server. When SetParameters fails, all
 				// previous tactics values are left in place.
 			}
 		}
@@ -642,7 +641,7 @@ func RecordRemoteServerListStat(
 	duration time.Duration,
 	authenticated bool) error {
 
-	if !config.GetClientParameters().Get().WeightedCoinFlip(
+	if !config.GetParameters().Get().WeightedCoinFlip(
 		parameters.RecordRemoteServerListPersistentStatsProbability) {
 		return nil
 	}
@@ -700,7 +699,7 @@ func RecordFailedTunnelStat(
 	bytesDown int64,
 	tunnelErr error) error {
 
-	if !config.GetClientParameters().Get().WeightedCoinFlip(
+	if !config.GetParameters().Get().WeightedCoinFlip(
 		parameters.RecordFailedTunnelPersistentStatsProbability) {
 		return nil
 	}
@@ -832,7 +831,7 @@ func (serverContext *ServerContext) getBaseAPIParameters(
 	// fingerprints. The "pad_response" field instructs the server to pad its
 	// response accordingly.
 
-	p := serverContext.tunnel.config.GetClientParameters().Get()
+	p := serverContext.tunnel.config.GetParameters().Get()
 	minUpstreamPadding := p.Int(parameters.APIRequestUpstreamPaddingMinBytes)
 	maxUpstreamPadding := p.Int(parameters.APIRequestUpstreamPaddingMaxBytes)
 	minDownstreamPadding := p.Int(parameters.APIRequestDownstreamPaddingMinBytes)
@@ -957,7 +956,7 @@ func getBaseAPIParameters(
 		}
 
 		params[tactics.APPLIED_TACTICS_TAG_PARAMETER_NAME] =
-			config.GetClientParameters().Get().Tag()
+			config.GetParameters().Get().Tag()
 
 		if dialParams.DialPortNumber != "" {
 			params["dial_port_number"] = dialParams.DialPortNumber
@@ -1091,7 +1090,7 @@ func makePsiphonHttpsClient(tunnel *Tunnel) (httpsClient *http.Client, err error
 
 	dialer := NewCustomTLSDialer(
 		&CustomTLSConfig{
-			ClientParameters:        tunnel.config.clientParameters,
+			Parameters:              tunnel.config.GetParameters(),
 			Dial:                    tunneledDialer,
 			VerifyLegacyCertificate: certificate,
 		})

psiphon/sessionTicket_test.go

@@ -56,9 +56,9 @@ func TestObfuscatedSessionTicket(t *testing.T) {
 
 func runObfuscatedSessionTicket(t *testing.T, tlsProfile string) {
 
-	clientParameters, err := parameters.NewClientParameters(nil)
+	params, err := parameters.NewParameters(nil)
 	if err != nil {
-		t.Fatalf("NewClientParameters failed: %s\n", err)
+		t.Fatalf("NewParameters failed: %s\n", err)
 	}
 
 	var standardSessionTicketKey [32]byte
@@ -154,7 +154,7 @@ func runObfuscatedSessionTicket(t *testing.T, tlsProfile string) {
 			defer tcpConn.Close()
 
 			utlsClientHelloID, _, err := getUTLSClientHelloID(
-				clientParameters.Get(), tlsProfile)
+				params.Get(), tlsProfile)
 			if err != nil {
 				report(err)
 				return

psiphon/splitTunnel.go

@@ -67,8 +67,8 @@ import (
 // data is cached in the data store so it need not be downloaded in full
 // when fresh data is in the cache.
 type SplitTunnelClassifier struct {
+	config               *Config
 	mutex                sync.RWMutex
-	clientParameters     *parameters.ClientParameters
 	userAgent            string
 	dnsTunneler          Tunneler
 	fetchRoutesWaitGroup *sync.WaitGroup
@@ -84,7 +84,7 @@ type classification struct {
 
 func NewSplitTunnelClassifier(config *Config, tunneler Tunneler) *SplitTunnelClassifier {
 	return &SplitTunnelClassifier{
-		clientParameters:     config.clientParameters,
+		config:               config,
 		userAgent:            MakePsiphonUserAgent(config),
 		dnsTunneler:          tunneler,
 		fetchRoutesWaitGroup: new(sync.WaitGroup),
@@ -104,7 +104,7 @@ func (classifier *SplitTunnelClassifier) Start(fetchRoutesTunnel *Tunnel) {
 
 	classifier.isRoutesSet = false
 
-	p := classifier.clientParameters.Get()
+	p := classifier.config.GetParameters().Get()
 	dnsServerAddress := p.String(parameters.SplitTunnelDNSServer)
 	routesSignaturePublicKey := p.String(parameters.SplitTunnelRoutesSignaturePublicKey)
 	fetchRoutesUrlFormat := p.String(parameters.SplitTunnelRoutesURLFormat)
@@ -158,7 +158,7 @@ func (classifier *SplitTunnelClassifier) IsUntunneled(targetAddress string) bool
 		return false
 	}
 
-	dnsServerAddress := classifier.clientParameters.Get().String(
+	dnsServerAddress := classifier.config.GetParameters().Get().String(
 		parameters.SplitTunnelDNSServer)
 	if dnsServerAddress == "" {
 		// Split tunnel has been disabled.
@@ -225,7 +225,7 @@ func (classifier *SplitTunnelClassifier) setRoutes(tunnel *Tunnel) {
 // fails and cached routes data is present, that cached data is returned.
 func (classifier *SplitTunnelClassifier) getRoutes(tunnel *Tunnel) (routesData []byte, err error) {
 
-	p := classifier.clientParameters.Get()
+	p := classifier.config.GetParameters().Get()
 	routesSignaturePublicKey := p.String(parameters.SplitTunnelRoutesSignaturePublicKey)
 	fetchRoutesUrlFormat := p.String(parameters.SplitTunnelRoutesURLFormat)
 	fetchTimeout := p.Duration(parameters.FetchSplitTunnelRoutesTimeout)

psiphon/tactics.go

@@ -117,7 +117,7 @@ func GetTactics(ctx context.Context, config *Config) {
 			// TODO: distinguish network and local errors and abort
 			// on local errors.
 
-			p := config.GetClientParameters().Get()
+			p := config.GetParameters().Get()
 			timeout := prng.JitterDuration(
 				p.Duration(parameters.TacticsRetryPeriod),
 				p.Float(parameters.TacticsRetryPeriodJitter))
@@ -138,13 +138,13 @@ func GetTactics(ctx context.Context, config *Config) {
 	if tacticsRecord != nil &&
 		prng.FlipWeightedCoin(tacticsRecord.Tactics.Probability) {
 
-		err := config.SetClientParameters(
+		err := config.SetParameters(
 			tacticsRecord.Tag, true, tacticsRecord.Tactics.Parameters)
 		if err != nil {
 			NoticeWarning("apply tactics failed: %s", err)
 
 			// The error will be due to invalid tactics values from
-			// the server. When ApplyClientParameters fails, all
+			// the server. When SetParameters fails, all
 			// previous tactics values are left in place. Abort
 			// without retry since the server is highly unlikely
 			// to return different values immediately.
@@ -215,7 +215,7 @@ func fetchTactics(
 	// Using controller.establishCtx will cancel FetchTactics
 	// if tunnel establishment completes first.
 
-	timeout := config.GetClientParameters().Get().Duration(
+	timeout := config.GetParameters().Get().Duration(
 		parameters.TacticsTimeout)
 
 	ctx, cancelFunc := context.WithTimeout(ctx, timeout)
@@ -243,7 +243,7 @@ func fetchTactics(
 
 	tacticsRecord, err := tactics.FetchTactics(
 		ctx,
-		config.clientParameters,
+		config.GetParameters(),
 		GetTacticsStorer(config),
 		config.GetNetworkID,
 		apiParams,

psiphon/tlsDialer.go

@@ -75,9 +75,9 @@ import (
 // of CustomTLSDial.
 type CustomTLSConfig struct {
 
-	// ClientParameters is the active set of client parameters to use
-	// for the TLS dial.
-	ClientParameters *parameters.ClientParameters
+	// Parameters is the active set of parameters.Parameters to use for the TLS
+	// dial.
+	Parameters *parameters.Parameters
 
 	// Dial is the network connection dialer. TLS is layered on
 	// top of a new network connection created with dialer.
@@ -164,7 +164,7 @@ func SelectTLSProfile(
 	requireTLS12SessionTickets bool,
 	isFronted bool,
 	frontingProviderID string,
-	p parameters.ClientParametersAccessor) string {
+	p parameters.ParametersAccessor) string {
 
 	// Two TLS profile lists are constructed, subject to limit constraints:
 	// stock, fixed parrots (non-randomized SupportedTLSProfiles) and custom
@@ -255,7 +255,7 @@ func SelectTLSProfile(
 }
 
 func getUTLSClientHelloID(
-	p parameters.ClientParametersAccessor,
+	p parameters.ParametersAccessor,
 	tlsProfile string) (utls.ClientHelloID, *utls.ClientHelloSpec, error) {
 
 	switch tlsProfile {
@@ -384,7 +384,7 @@ func CustomTLSDial(
 	network, addr string,
 	config *CustomTLSConfig) (net.Conn, error) {
 
-	p := config.ClientParameters.Get()
+	p := config.Parameters.Get()
 
 	dialAddr := addr
 	if config.DialAddr != "" {
@@ -599,7 +599,7 @@ func CustomTLSDial(
 		if config.NoDefaultTLSSessionID != nil {
 			noDefaultSessionID = *config.NoDefaultTLSSessionID
 		} else {
-			noDefaultSessionID = config.ClientParameters.Get().WeightedCoinFlip(
+			noDefaultSessionID = config.Parameters.Get().WeightedCoinFlip(
 				parameters.NoDefaultTLSSessionIDProbability)
 		}
 

psiphon/tlsDialer_test.go

@@ -121,10 +121,10 @@ func testTLSDialerCompatibility(t *testing.T, address string) {
 		return d.DialContext(ctx, network, address)
 	}
 
-	clientParameters := makeCustomTLSProfilesClientParameters(t, false, "")
+	params := makeCustomTLSProfilesParameters(t, false, "")
 
 	profiles := append([]string(nil), protocol.SupportedTLSProfiles...)
-	profiles = append(profiles, clientParameters.Get().CustomTLSProfileNames()...)
+	profiles = append(profiles, params.Get().CustomTLSProfileNames()...)
 
 	for _, tlsProfile := range profiles {
 
@@ -140,10 +140,10 @@ func testTLSDialerCompatibility(t *testing.T, address string) {
 			transformHostname := i%2 == 0
 
 			tlsConfig := &CustomTLSConfig{
-				ClientParameters: clientParameters,
-				Dial:             dialer,
-				SkipVerify:       true,
-				TLSProfile:       tlsProfile,
+				Parameters: params,
+				Dial:       dialer,
+				SkipVerify: true,
+				TLSProfile: tlsProfile,
 			}
 
 			if transformHostname {
@@ -197,17 +197,17 @@ func testTLSDialerCompatibility(t *testing.T, address string) {
 
 func TestSelectTLSProfile(t *testing.T) {
 
-	clientParameters := makeCustomTLSProfilesClientParameters(t, false, "")
+	params := makeCustomTLSProfilesParameters(t, false, "")
 
 	profiles := append([]string(nil), protocol.SupportedTLSProfiles...)
-	profiles = append(profiles, clientParameters.Get().CustomTLSProfileNames()...)
+	profiles = append(profiles, params.Get().CustomTLSProfileNames()...)
 
 	selected := make(map[string]int)
 
 	numSelections := 10000
 
 	for i := 0; i < numSelections; i++ {
-		profile := SelectTLSProfile(false, false, "", clientParameters.Get())
+		profile := SelectTLSProfile(false, false, "", params.Get())
 		selected[profile] += 1
 	}
 
@@ -237,7 +237,7 @@ func TestSelectTLSProfile(t *testing.T) {
 	t.Logf("ratio of randomized selected: %d/%d",
 		numRandomized, numSelections)
 
-	randomizedProbability := clientParameters.Get().Float(
+	randomizedProbability := params.Get().Float(
 		parameters.SelectRandomizedTLSProfileProbability)
 
 	if numRandomized < int(0.9*float64(numSelections)*randomizedProbability) ||
@@ -250,7 +250,7 @@ func TestSelectTLSProfile(t *testing.T) {
 
 	for i, profile := range profiles {
 		utlsClientHelloID, utlsClientHelloSpec, err :=
-			getUTLSClientHelloID(clientParameters.Get(), profile)
+			getUTLSClientHelloID(params.Get(), profile)
 		if err != nil {
 			t.Fatalf("getUTLSClientHelloID failed: %s\n", err)
 		}
@@ -282,11 +282,11 @@ func TestSelectTLSProfile(t *testing.T) {
 
 	// Only custom TLS profiles should be selected
 
-	clientParameters = makeCustomTLSProfilesClientParameters(t, true, "")
-	customTLSProfileNames := clientParameters.Get().CustomTLSProfileNames()
+	params = makeCustomTLSProfilesParameters(t, true, "")
+	customTLSProfileNames := params.Get().CustomTLSProfileNames()
 
 	for i := 0; i < numSelections; i++ {
-		profile := SelectTLSProfile(false, false, "", clientParameters.Get())
+		profile := SelectTLSProfile(false, false, "", params.Get())
 		if !common.Contains(customTLSProfileNames, profile) {
 			t.Errorf("unexpected non-custom TLS profile selected")
 		}
@@ -296,8 +296,8 @@ func TestSelectTLSProfile(t *testing.T) {
 
 	frontingProviderID := "frontingProviderID"
 
-	clientParameters = makeCustomTLSProfilesClientParameters(t, false, frontingProviderID)
-	disableTLSProfiles := clientParameters.Get().LabeledTLSProfiles(
+	params = makeCustomTLSProfilesParameters(t, false, frontingProviderID)
+	disableTLSProfiles := params.Get().LabeledTLSProfiles(
 		parameters.DisableFrontingProviderTLSProfiles, frontingProviderID)
 
 	if len(disableTLSProfiles) < 1 {
@@ -305,7 +305,7 @@ func TestSelectTLSProfile(t *testing.T) {
 	}
 
 	for i := 0; i < numSelections; i++ {
-		profile := SelectTLSProfile(false, true, frontingProviderID, clientParameters.Get())
+		profile := SelectTLSProfile(false, true, frontingProviderID, params.Get())
 		if common.Contains(disableTLSProfiles, profile) {
 			t.Errorf("unexpected disabled TLS profile selected")
 		}
@@ -314,7 +314,7 @@ func TestSelectTLSProfile(t *testing.T) {
 	// Session ticket incapable TLS 1.2 profiles should not be selected
 
 	for i := 0; i < numSelections; i++ {
-		profile := SelectTLSProfile(true, false, "", clientParameters.Get())
+		profile := SelectTLSProfile(true, false, "", params.Get())
 		if protocol.TLS12ProfileOmitsSessionTickets(profile) {
 			t.Errorf("unexpected session ticket incapable TLS profile selected")
 		}
@@ -329,12 +329,12 @@ func BenchmarkRandomizedGetClientHelloVersion(b *testing.B) {
 	}
 }
 
-func makeCustomTLSProfilesClientParameters(
-	t *testing.T, useOnlyCustomTLSProfiles bool, frontingProviderID string) *parameters.ClientParameters {
+func makeCustomTLSProfilesParameters(
+	t *testing.T, useOnlyCustomTLSProfiles bool, frontingProviderID string) *parameters.Parameters {
 
-	clientParameters, err := parameters.NewClientParameters(nil)
+	params, err := parameters.NewParameters(nil)
 	if err != nil {
-		t.Fatalf("NewClientParameters failed: %s\n", err)
+		t.Fatalf("NewParameters failed: %s\n", err)
 	}
 
 	// Equivilent to utls.HelloChrome_62
@@ -392,15 +392,15 @@ func makeCustomTLSProfilesClientParameters(
 		applyParameters[parameters.DisableFrontingProviderTLSProfiles] = disabledTLSProfiles
 	}
 
-	_, err = clientParameters.Set("", false, applyParameters)
+	_, err = params.Set("", false, applyParameters)
 	if err != nil {
 		t.Fatalf("Set failed: %s", err)
 	}
 
-	customTLSProfileNames := clientParameters.Get().CustomTLSProfileNames()
+	customTLSProfileNames := params.Get().CustomTLSProfileNames()
 	if len(customTLSProfileNames) != 1 {
 		t.Fatalf("Unexpected CustomTLSProfileNames count")
 	}
 
-	return clientParameters
+	return params
 }

psiphon/tunnel.go

@@ -105,17 +105,17 @@ type Tunnel struct {
 	inFlightConnectedRequestSignal chan struct{}
 }
 
-// getCustomClientParameters helpers wrap the verbose function call chain
-// required to get a current snapshot of the ClientParameters customized with
-// the dial parameters associated with a tunnel.
+// getCustomParameters helpers wrap the verbose function call chain required
+// to get a current snapshot of the parameters.Parameters customized with the
+// dial parameters associated with a tunnel.
 
-func (tunnel *Tunnel) getCustomClientParameters() parameters.ClientParametersAccessor {
-	return getCustomClientParameters(tunnel.config, tunnel.dialParams)
+func (tunnel *Tunnel) getCustomParameters() parameters.ParametersAccessor {
+	return getCustomParameters(tunnel.config, tunnel.dialParams)
 }
 
-func getCustomClientParameters(
-	config *Config, dialParams *DialParameters) parameters.ClientParametersAccessor {
-	return config.GetClientParameters().GetCustom(dialParams.NetworkLatencyMultiplier)
+func getCustomParameters(
+	config *Config, dialParams *DialParameters) parameters.ParametersAccessor {
+	return config.GetParameters().GetCustom(dialParams.NetworkLatencyMultiplier)
 }
 
 // ConnectTunnel first makes a network transport connection to the
@@ -210,7 +210,7 @@ func (tunnel *Tunnel) Activate(
 		// request. At this point, there is no operateTunnel monitor that will detect
 		// this condition with SSH keep alives.
 
-		timeout := tunnel.getCustomClientParameters().Duration(
+		timeout := tunnel.getCustomParameters().Duration(
 			parameters.PsiphonAPIRequestTimeout)
 
 		if timeout > 0 {
@@ -315,7 +315,7 @@ func (tunnel *Tunnel) Close(isDiscarded bool) {
 		// tunnel is closed, which will interrupt any slow final status request.
 
 		if isActivated {
-			timeout := tunnel.getCustomClientParameters().Duration(
+			timeout := tunnel.getCustomParameters().Duration(
 				parameters.TunnelOperateShutdownTimeout)
 			afterFunc := time.AfterFunc(
 				timeout,
@@ -492,7 +492,7 @@ func (tunnel *Tunnel) dialChannel(channelType, remoteAddr string) (interface{},
 	results := make(chan *channelDialResult, 1)
 
 	afterFunc := time.AfterFunc(
-		tunnel.getCustomClientParameters().Duration(
+		tunnel.getCustomParameters().Duration(
 			parameters.TunnelPortForwardDialTimeout),
 		func() {
 			results <- &channelDialResult{
@@ -626,7 +626,7 @@ func dialTunnel(
 		return nil, errors.Trace(err)
 	}
 
-	p := getCustomClientParameters(config, dialParams)
+	p := getCustomParameters(config, dialParams)
 	timeout := p.Duration(parameters.TunnelConnectTimeout)
 	rateLimits := p.RateLimits(parameters.TunnelRateLimits)
 	obfuscatedSSHMinPadding := p.Int(parameters.ObfuscatedSSHMinPadding)
@@ -1117,7 +1117,7 @@ func (tunnel *Tunnel) operateTunnel(tunnelOwner TunnelOwner) {
 	// from a range, to make the resulting traffic less fingerprintable,
 	// Note: not using Tickers since these are not fixed time periods.
 	nextStatusRequestPeriod := func() time.Duration {
-		p := tunnel.getCustomClientParameters()
+		p := tunnel.getCustomParameters()
 		return prng.Period(
 			p.Duration(parameters.PsiphonAPIStatusRequestPeriodMin),
 			p.Duration(parameters.PsiphonAPIStatusRequestPeriodMax))
@@ -1131,7 +1131,7 @@ func (tunnel *Tunnel) operateTunnel(tunnelOwner TunnelOwner) {
 	unreported := CountUnreportedPersistentStats()
 	if unreported > 0 {
 		NoticeInfo("Unreported persistent stats: %d", unreported)
-		p := tunnel.getCustomClientParameters()
+		p := tunnel.getCustomParameters()
 		statsTimer.Reset(
 			prng.Period(
 				p.Duration(parameters.PsiphonAPIStatusRequestShortPeriodMin),
@@ -1139,7 +1139,7 @@ func (tunnel *Tunnel) operateTunnel(tunnelOwner TunnelOwner) {
 	}
 
 	nextSshKeepAlivePeriod := func() time.Duration {
-		p := tunnel.getCustomClientParameters()
+		p := tunnel.getCustomParameters()
 		return prng.Period(
 			p.Duration(parameters.SSHKeepAlivePeriodMin),
 			p.Duration(parameters.SSHKeepAlivePeriodMax))
@@ -1224,7 +1224,7 @@ func (tunnel *Tunnel) operateTunnel(tunnelOwner TunnelOwner) {
 			bytesUp := atomic.AddInt64(&totalSent, sent)
 			bytesDown := atomic.AddInt64(&totalReceived, received)
 
-			p := tunnel.getCustomClientParameters()
+			p := tunnel.getCustomParameters()
 			noticePeriod := p.Duration(parameters.TotalBytesTransferredNoticePeriod)
 			replayTargetUpstreamBytes := p.Int(parameters.ReplayTargetUpstreamBytes)
 			replayTargetDownstreamBytes := p.Int(parameters.ReplayTargetDownstreamBytes)
@@ -1268,7 +1268,7 @@ func (tunnel *Tunnel) operateTunnel(tunnelOwner TunnelOwner) {
 			statsTimer.Reset(nextStatusRequestPeriod())
 
 		case <-sshKeepAliveTimer.C:
-			p := tunnel.getCustomClientParameters()
+			p := tunnel.getCustomParameters()
 			inactivePeriod := p.Duration(parameters.SSHKeepAlivePeriodicInactivePeriod)
 			if lastBytesReceivedTime.Add(inactivePeriod).Before(time.Now()) {
 				timeout := p.Duration(parameters.SSHKeepAlivePeriodicTimeout)
@@ -1297,7 +1297,7 @@ func (tunnel *Tunnel) operateTunnel(tunnelOwner TunnelOwner) {
 			if tunnel.conn.IsClosed() {
 				err = errors.TraceNew("underlying conn is closed")
 			} else {
-				p := tunnel.getCustomClientParameters()
+				p := tunnel.getCustomParameters()
 				inactivePeriod := p.Duration(parameters.SSHKeepAliveProbeInactivePeriod)
 				if lastBytesReceivedTime.Add(inactivePeriod).Before(time.Now()) {
 					timeout := p.Duration(parameters.SSHKeepAliveProbeTimeout)
@@ -1390,7 +1390,7 @@ func (tunnel *Tunnel) sendSshKeepAlive(
 	bytesUp int64,
 	bytesDown int64) error {
 
-	p := tunnel.getCustomClientParameters()
+	p := tunnel.getCustomParameters()
 
 	// Random padding to frustrate fingerprinting.
 	request := prng.Padding(
@@ -1453,7 +1453,7 @@ func (tunnel *Tunnel) sendSshKeepAlive(
 		if success && speedTestSample {
 
 			err = tactics.AddSpeedTestSample(
-				tunnel.config.GetClientParameters(),
+				tunnel.config.GetParameters(),
 				GetTacticsStorer(tunnel.config),
 				tunnel.config.GetNetworkID(),
 				tunnel.dialParams.ServerEntry.Region,

psiphon/upgradeDownload.go

@@ -72,7 +72,7 @@ func DownloadUpgrade(
 		return nil
 	}
 
-	p := config.GetClientParameters().Get()
+	p := config.GetParameters().Get()
 	urls := p.TransferURLs(parameters.UpgradeDownloadURLs)
 	clientVersionHeader := p.String(parameters.UpgradeDownloadClientVersionHeader)
 	downloadTimeout := p.Duration(parameters.FetchUpgradeTimeout)