|
|
@@ -390,6 +390,20 @@ type Config struct {
|
|
|
// is used. This value is typical overridden for testing.
|
|
|
FetchUpgradeRetryPeriodMilliseconds *int
|
|
|
|
|
|
+ // FeedbackUploadURLs is a list of SecureTransferURLs which specify
|
|
|
+ // locations where feedback data can be uploaded, pairing with each
|
|
|
+ // location a public key with which to encrypt the feedback data. This
|
|
|
+ // value is supplied by and depends on the Psiphon Network, and is
|
|
|
+ // typically embedded in the client binary. At least one TransferURL must
|
|
|
+ // have OnlyAfterAttempts = 0.
|
|
|
+ FeedbackUploadURLs parameters.TransferURLs
|
|
|
+
|
|
|
+ // FeedbackEncryptionPublicKey is a default base64-encoded, RSA public key
|
|
|
+ // value used to encrypt feedback data. Used when uploading feedback with a
|
|
|
+ // TransferURL which has no public key value configured, i.e.
|
|
|
+ // B64EncodedPublicKey = "".
|
|
|
+ FeedbackEncryptionPublicKey string
|
|
|
+
|
|
|
// TrustedCACertificatesFilename specifies a file containing trusted CA
|
|
|
// certs. When set, this toggles use of the trusted CA certs, specified in
|
|
|
// TrustedCACertificatesFilename, for tunneled TLS connections that expect
|
|
|
@@ -480,77 +494,6 @@ type Config struct {
|
|
|
// Required for the exchange functionality.
|
|
|
ExchangeObfuscationKey string
|
|
|
|
|
|
- // TransformHostNameProbability is for testing purposes.
|
|
|
- TransformHostNameProbability *float64
|
|
|
-
|
|
|
- // FragmentorProbability and associated Fragmentor fields are for testing
|
|
|
- // purposes.
|
|
|
- FragmentorProbability *float64
|
|
|
- FragmentorLimitProtocols []string
|
|
|
- FragmentorMinTotalBytes *int
|
|
|
- FragmentorMaxTotalBytes *int
|
|
|
- FragmentorMinWriteBytes *int
|
|
|
- FragmentorMaxWriteBytes *int
|
|
|
- FragmentorMinDelayMicroseconds *int
|
|
|
- FragmentorMaxDelayMicroseconds *int
|
|
|
-
|
|
|
- // MeekTrafficShapingProbability and associated fields are for testing
|
|
|
- // purposes.
|
|
|
- MeekTrafficShapingProbability *float64
|
|
|
- MeekTrafficShapingLimitProtocols []string
|
|
|
- MeekMinTLSPadding *int
|
|
|
- MeekMaxTLSPadding *int
|
|
|
- MeekMinLimitRequestPayloadLength *int
|
|
|
- MeekMaxLimitRequestPayloadLength *int
|
|
|
- MeekRedialTLSProbability *float64
|
|
|
-
|
|
|
- // ObfuscatedSSHAlgorithms and associated ObfuscatedSSH fields are for
|
|
|
- // testing purposes. If specified, ObfuscatedSSHAlgorithms must have 4 SSH
|
|
|
- // KEX elements in order: the kex algorithm, cipher, MAC, and server host
|
|
|
- // key algorithm.
|
|
|
- ObfuscatedSSHAlgorithms []string
|
|
|
- ObfuscatedSSHMinPadding *int
|
|
|
- ObfuscatedSSHMaxPadding *int
|
|
|
-
|
|
|
- // LivenessTestMinUpstreamBytes and other LivenessTest fields are for
|
|
|
- // testing purposes.
|
|
|
- LivenessTestMinUpstreamBytes *int
|
|
|
- LivenessTestMaxUpstreamBytes *int
|
|
|
- LivenessTestMinDownstreamBytes *int
|
|
|
- LivenessTestMaxDownstreamBytes *int
|
|
|
-
|
|
|
- // ReplayCandidateCount and other Replay fields are for testing purposes.
|
|
|
- ReplayCandidateCount *int
|
|
|
- ReplayDialParametersTTLSeconds *int
|
|
|
- ReplayTargetUpstreamBytes *int
|
|
|
- ReplayTargetDownstreamBytes *int
|
|
|
- ReplayTargetTunnelDurationSeconds *int
|
|
|
- ReplayLaterRoundMoveToFrontProbability *float64
|
|
|
- ReplayRetainFailedProbability *float64
|
|
|
-
|
|
|
- // NetworkLatencyMultiplierMin and other NetworkLatencyMultiplier fields are
|
|
|
- // for testing purposes.
|
|
|
- NetworkLatencyMultiplierMin float64
|
|
|
- NetworkLatencyMultiplierMax float64
|
|
|
- NetworkLatencyMultiplierLambda float64
|
|
|
-
|
|
|
- // UseOnlyCustomTLSProfiles and other TLS configuration fields are for
|
|
|
- // testing purposes.
|
|
|
- UseOnlyCustomTLSProfiles *bool
|
|
|
- CustomTLSProfiles protocol.CustomTLSProfiles
|
|
|
- SelectRandomizedTLSProfileProbability *float64
|
|
|
- NoDefaultTLSSessionIDProbability *float64
|
|
|
-
|
|
|
- // ClientBurstUpstreamTargetBytes and other burst metric fields are for
|
|
|
- // testing purposes.
|
|
|
- ClientBurstUpstreamTargetBytes *int
|
|
|
- ClientBurstUpstreamDeadlineMilliseconds *int
|
|
|
- ClientBurstDownstreamTargetBytes *int
|
|
|
- ClientBurstDownstreamDeadlineMilliseconds *int
|
|
|
-
|
|
|
- // ApplicationParameters is for testing purposes.
|
|
|
- ApplicationParameters parameters.KeyValues
|
|
|
-
|
|
|
// MigrateHomepageNoticesFilename migrates a homepage file from the path
|
|
|
// previously configured with setNoticeFiles to the new path for homepage
|
|
|
// files under the data root directory. The file specified by this config
|
|
|
@@ -578,6 +521,48 @@ type Config struct {
|
|
|
// If not set, no migration operation will be performed.
|
|
|
MigrateRotatingNoticesFilename string
|
|
|
|
|
|
+ // MigrateDataStoreDirectory indicates the location of the datastore
|
|
|
+ // directory, as previously configured with the deprecated
|
|
|
+ // DataStoreDirectory config field. Datastore files found in the specified
|
|
|
+ // directory will be moved under the data root directory.
|
|
|
+ //
|
|
|
+ // Note: see comment for config.Commit() for a description of how file
|
|
|
+ // migrations are performed.
|
|
|
+ MigrateDataStoreDirectory string
|
|
|
+
|
|
|
+ // MigrateRemoteServerListDownloadFilename indicates the location of
|
|
|
+ // remote server list download files. The remote server list files found at
|
|
|
+ // the specified path will be moved under the data root directory.
|
|
|
+ //
|
|
|
+ // Note: see comment for config.Commit() for a description of how file
|
|
|
+ // migrations are performed.
|
|
|
+ MigrateRemoteServerListDownloadFilename string
|
|
|
+
|
|
|
+ // MigrateObfuscatedServerListDownloadDirectory indicates the location of
|
|
|
+ // the obfuscated server list downloads directory, as previously configured
|
|
|
+ // with ObfuscatedServerListDownloadDirectory. Obfuscated server list
|
|
|
+ // download files found in the specified directory will be moved under the
|
|
|
+ // data root directory.
|
|
|
+ //
|
|
|
+ // Warning: if the directory is empty after obfuscated server
|
|
|
+ // list files are moved, then it will be deleted.
|
|
|
+ //
|
|
|
+ // Note: see comment for config.Commit() for a description of how file
|
|
|
+ // migrations are performed.
|
|
|
+ MigrateObfuscatedServerListDownloadDirectory string
|
|
|
+
|
|
|
+ // MigrateUpgradeDownloadFilename indicates the location of downloaded
|
|
|
+ // application upgrade files. Downloaded upgrade files found at the
|
|
|
+ // specified path will be moved under the data root directory.
|
|
|
+ //
|
|
|
+ // Note: see comment for config.Commit() for a description of how file
|
|
|
+ // migrations are performed.
|
|
|
+ MigrateUpgradeDownloadFilename string
|
|
|
+
|
|
|
+ //
|
|
|
+ // The following parameters are deprecated.
|
|
|
+ //
|
|
|
+
|
|
|
// DataStoreDirectory is the directory in which to store the persistent
|
|
|
// database, which contains information such as server entries. By
|
|
|
// default, current working directory.
|
|
|
@@ -592,15 +577,6 @@ type Config struct {
|
|
|
// directory.
|
|
|
DataStoreDirectory string
|
|
|
|
|
|
- // MigrateDataStoreDirectory indicates the location of the datastore
|
|
|
- // directory, as previously configured with the deprecated
|
|
|
- // DataStoreDirectory config field. Datastore files found in the specified
|
|
|
- // directory will be moved under the data root directory.
|
|
|
- //
|
|
|
- // Note: see comment for config.Commit() for a description of how file
|
|
|
- // migrations are performed.
|
|
|
- MigrateDataStoreDirectory string
|
|
|
-
|
|
|
// RemoteServerListDownloadFilename specifies a target filename for
|
|
|
// storing the remote server list download. Data is stored in co-located
|
|
|
// files (RemoteServerListDownloadFilename.part*) to allow for resumable
|
|
|
@@ -615,14 +591,6 @@ type Config struct {
|
|
|
// will be moved under the data root directory.
|
|
|
RemoteServerListDownloadFilename string
|
|
|
|
|
|
- // MigrateRemoteServerListDownloadFilename indicates the location of
|
|
|
- // remote server list download files. The remote server list files found at
|
|
|
- // the specified path will be moved under the data root directory.
|
|
|
- //
|
|
|
- // Note: see comment for config.Commit() for a description of how file
|
|
|
- // migrations are performed.
|
|
|
- MigrateRemoteServerListDownloadFilename string
|
|
|
-
|
|
|
// ObfuscatedServerListDownloadDirectory specifies a target directory for
|
|
|
// storing the obfuscated remote server list downloads. Data is stored in
|
|
|
// co-located files (<OSL filename>.part*) to allow for resumable
|
|
|
@@ -637,19 +605,6 @@ type Config struct {
|
|
|
// will be moved under the data root directory.
|
|
|
ObfuscatedServerListDownloadDirectory string
|
|
|
|
|
|
- // MigrateObfuscatedServerListDownloadDirectory indicates the location of
|
|
|
- // the obfuscated server list downloads directory, as previously configured
|
|
|
- // with ObfuscatedServerListDownloadDirectory. Obfuscated server list
|
|
|
- // download files found in the specified directory will be moved under the
|
|
|
- // data root directory.
|
|
|
- //
|
|
|
- // Warning: if the directory is empty after obfuscated server
|
|
|
- // list files are moved, then it will be deleted.
|
|
|
- //
|
|
|
- // Note: see comment for config.Commit() for a description of how file
|
|
|
- // migrations are performed.
|
|
|
- MigrateObfuscatedServerListDownloadDirectory string
|
|
|
-
|
|
|
// UpgradeDownloadFilename is the local target filename for an upgrade
|
|
|
// download. This parameter is required when UpgradeDownloadURLs (or
|
|
|
// UpgradeDownloadUrl) is specified. Data is stored in co-located files
|
|
|
@@ -663,14 +618,6 @@ type Config struct {
|
|
|
// under the data root directory.
|
|
|
UpgradeDownloadFilename string
|
|
|
|
|
|
- // MigrateUpgradeDownloadFilename indicates the location of downloaded
|
|
|
- // application upgrade files. Downloaded upgrade files found at the
|
|
|
- // specified path will be moved under the data root directory.
|
|
|
- //
|
|
|
- // Note: see comment for config.Commit() for a description of how file
|
|
|
- // migrations are performed.
|
|
|
- MigrateUpgradeDownloadFilename string
|
|
|
-
|
|
|
// TunnelProtocol indicates which protocol to use. For the default, "",
|
|
|
// all protocols are used.
|
|
|
//
|
|
|
@@ -710,19 +657,80 @@ type Config struct {
|
|
|
// nil, this parameter is ignored.
|
|
|
UpgradeDownloadUrl string
|
|
|
|
|
|
- // FeedbackUploadURLs is a list of SecureTransferURLs which specify
|
|
|
- // locations where feedback data can be uploaded, pairing with each
|
|
|
- // location a public key with which to encrypt the feedback data. This
|
|
|
- // value is supplied by and depends on the Psiphon Network, and is
|
|
|
- // typically embedded in the client binary. At least one TransferURL must
|
|
|
- // have OnlyAfterAttempts = 0.
|
|
|
- FeedbackUploadURLs parameters.TransferURLs
|
|
|
+ //
|
|
|
+ // The following parameters are for testing purposes.
|
|
|
+ //
|
|
|
|
|
|
- // FeedbackEncryptionPublicKey is a default base64-encoded, RSA public key
|
|
|
- // value used to encrypt feedback data. Used when uploading feedback with a
|
|
|
- // TransferURL which has no public key value configured, i.e.
|
|
|
- // B64EncodedPublicKey = "".
|
|
|
- FeedbackEncryptionPublicKey string
|
|
|
+ // TransformHostNameProbability is for testing purposes.
|
|
|
+ TransformHostNameProbability *float64
|
|
|
+
|
|
|
+ // FragmentorProbability and associated Fragmentor fields are for testing
|
|
|
+ // purposes.
|
|
|
+ FragmentorProbability *float64
|
|
|
+ FragmentorLimitProtocols []string
|
|
|
+ FragmentorMinTotalBytes *int
|
|
|
+ FragmentorMaxTotalBytes *int
|
|
|
+ FragmentorMinWriteBytes *int
|
|
|
+ FragmentorMaxWriteBytes *int
|
|
|
+ FragmentorMinDelayMicroseconds *int
|
|
|
+ FragmentorMaxDelayMicroseconds *int
|
|
|
+
|
|
|
+ // MeekTrafficShapingProbability and associated fields are for testing
|
|
|
+ // purposes.
|
|
|
+ MeekTrafficShapingProbability *float64
|
|
|
+ MeekTrafficShapingLimitProtocols []string
|
|
|
+ MeekMinTLSPadding *int
|
|
|
+ MeekMaxTLSPadding *int
|
|
|
+ MeekMinLimitRequestPayloadLength *int
|
|
|
+ MeekMaxLimitRequestPayloadLength *int
|
|
|
+ MeekRedialTLSProbability *float64
|
|
|
+
|
|
|
+ // ObfuscatedSSHAlgorithms and associated ObfuscatedSSH fields are for
|
|
|
+ // testing purposes. If specified, ObfuscatedSSHAlgorithms must have 4 SSH
|
|
|
+ // KEX elements in order: the kex algorithm, cipher, MAC, and server host
|
|
|
+ // key algorithm.
|
|
|
+ ObfuscatedSSHAlgorithms []string
|
|
|
+ ObfuscatedSSHMinPadding *int
|
|
|
+ ObfuscatedSSHMaxPadding *int
|
|
|
+
|
|
|
+ // LivenessTestMinUpstreamBytes and other LivenessTest fields are for
|
|
|
+ // testing purposes.
|
|
|
+ LivenessTestMinUpstreamBytes *int
|
|
|
+ LivenessTestMaxUpstreamBytes *int
|
|
|
+ LivenessTestMinDownstreamBytes *int
|
|
|
+ LivenessTestMaxDownstreamBytes *int
|
|
|
+
|
|
|
+ // ReplayCandidateCount and other Replay fields are for testing purposes.
|
|
|
+ ReplayCandidateCount *int
|
|
|
+ ReplayDialParametersTTLSeconds *int
|
|
|
+ ReplayTargetUpstreamBytes *int
|
|
|
+ ReplayTargetDownstreamBytes *int
|
|
|
+ ReplayTargetTunnelDurationSeconds *int
|
|
|
+ ReplayLaterRoundMoveToFrontProbability *float64
|
|
|
+ ReplayRetainFailedProbability *float64
|
|
|
+
|
|
|
+ // NetworkLatencyMultiplierMin and other NetworkLatencyMultiplier fields are
|
|
|
+ // for testing purposes.
|
|
|
+ NetworkLatencyMultiplierMin float64
|
|
|
+ NetworkLatencyMultiplierMax float64
|
|
|
+ NetworkLatencyMultiplierLambda float64
|
|
|
+
|
|
|
+ // UseOnlyCustomTLSProfiles and other TLS configuration fields are for
|
|
|
+ // testing purposes.
|
|
|
+ UseOnlyCustomTLSProfiles *bool
|
|
|
+ CustomTLSProfiles protocol.CustomTLSProfiles
|
|
|
+ SelectRandomizedTLSProfileProbability *float64
|
|
|
+ NoDefaultTLSSessionIDProbability *float64
|
|
|
+
|
|
|
+ // ClientBurstUpstreamTargetBytes and other burst metric fields are for
|
|
|
+ // testing purposes.
|
|
|
+ ClientBurstUpstreamTargetBytes *int
|
|
|
+ ClientBurstUpstreamDeadlineMilliseconds *int
|
|
|
+ ClientBurstDownstreamTargetBytes *int
|
|
|
+ ClientBurstDownstreamDeadlineMilliseconds *int
|
|
|
+
|
|
|
+ // ApplicationParameters is for testing purposes.
|
|
|
+ ApplicationParameters parameters.KeyValues
|
|
|
|
|
|
// params is the active parameters.Parameters with defaults, config values,
|
|
|
// and, optionally, tactics applied.
|
|
|
@@ -1454,6 +1462,14 @@ func (config *Config) makeConfigParameters() map[string]interface{} {
|
|
|
applyParameters[parameters.UpgradeDownloadURLs] = config.UpgradeDownloadURLs
|
|
|
}
|
|
|
|
|
|
+ if len(config.FeedbackUploadURLs) > 0 {
|
|
|
+ applyParameters[parameters.FeedbackUploadURLs] = config.FeedbackUploadURLs
|
|
|
+ }
|
|
|
+
|
|
|
+ if config.FeedbackEncryptionPublicKey != "" {
|
|
|
+ applyParameters[parameters.FeedbackEncryptionPublicKey] = config.FeedbackEncryptionPublicKey
|
|
|
+ }
|
|
|
+
|
|
|
applyParameters[parameters.TunnelRateLimits] = config.RateLimits
|
|
|
|
|
|
if config.TransformHostNameProbability != nil {
|
|
|
@@ -1608,14 +1624,6 @@ func (config *Config) makeConfigParameters() map[string]interface{} {
|
|
|
applyParameters[parameters.ApplicationParameters] = config.ApplicationParameters
|
|
|
}
|
|
|
|
|
|
- if len(config.FeedbackUploadURLs) > 0 {
|
|
|
- applyParameters[parameters.FeedbackUploadURLs] = config.FeedbackUploadURLs
|
|
|
- }
|
|
|
-
|
|
|
- if config.FeedbackEncryptionPublicKey != "" {
|
|
|
- applyParameters[parameters.FeedbackEncryptionPublicKey] = config.FeedbackEncryptionPublicKey
|
|
|
- }
|
|
|
-
|
|
|
return applyParameters
|
|
|
}
|
|
|
|
Rod Hynes