psiphon-tunnel-core

module

v0.0.0-...-a933db7 Latest Latest Go to latest Published: May 3, 2018 License: GPL-3.0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/mfallone/psiphon-tunnel-core

Links

Open Source Insights

README ¶

Psiphon 3 Tunnel Core README

Overview

Psiphon client and server components implemented in Go. These components provides core tunnel functionality, handling all aspects of evading blocking and relaying traffic through Psiphon. In the client, local proxies provide an interface for routing traffic through the tunnel.

The client component does not include a UI and does not handle capturing or routing local traffic. These major aspects are handled by other parts of Psiphon client applications.

Status

This project is in production and used as the tunneling engine in our Windows and Android clients, which are available at our Psiphon 3 repository.

Client Setup

Build

Go 1.9 (or higher) is required.
This project builds and runs on recent versions of Windows, Linux, and Mac OS X.
Note that the psiphon package is imported using the absolute path github.com/Psiphon-Labs/psiphon-tunnel-core/psiphon; without further local configuration, go will use this version of the code and not the local copy in the repository.

In this repository, run go build in ConsoleClient to make the ConsoleClient binary, a console Psiphon client application.

Build versioning info may be configured as follows, and passed to go build in the -ldflags argument:

BUILDDATE=$(date --iso-8601=seconds)
BUILDREPO=$(git config --get remote.origin.url)
BUILDREV=$(git rev-parse --short HEAD)
GOVERSION=$(go version | perl -ne '/go version (.*?) / && print $1')
DEPENDENCIES=$(echo -n "{" && go list -f '{{range $dep := .Deps}}{{printf "%s\n" $dep}}{{end}}' | xargs go list -f '{{if not .Standard}}{{.ImportPath}}{{end}}' | xargs -I pkg bash -c 'cd $GOPATH/src/pkg && echo -n "\"pkg\":\"$(git rev-parse --short HEAD)\","' | sed 's/,$/}/')

LDFLAGS="\
-X github.com/Psiphon-Labs/psiphon-tunnel-core/psiphon/common.buildDate=$BUILDDATE \
-X github.com/Psiphon-Labs/psiphon-tunnel-core/psiphon/common.buildRepo=$BUILDREPO \
-X github.com/Psiphon-Labs/psiphon-tunnel-core/psiphon/common.buildRev=$BUILDREV \
-X github.com/Psiphon-Labs/psiphon-tunnel-core/psiphon/common.goVersion=$GOVERSION \
-X github.com/Psiphon-Labs/psiphon-tunnel-core/psiphon/common.dependencies=$DEPENDENCIES \
"

Platform-specific instructions

macOS

Building without OpenSSL support (that is, without indistinguishable TLS support) requires no extra steps. To compile with OpenSSL support, follow these steps:

You must have Homebrew installed.
brew install openssl pkg-config
Find out where Homebrew put the pkgconfig files for OpenSSL -- the location depends on your Homebrew installation. Run this command:
```
$ brew info openssl
```
Make note of the "build variable" path for PKG_CONFIG_PATH.
Set PKG_CONFIG_PATH=<path discovered above> when building, and provide the -tags OPENSSL flag. This can be easily done on the build command line like so:
```
$ PKG_CONFIG_PATH=<path discovered above> go build -tags OPENSSL
```

Configure

Configuration files are standard text files containing a valid JSON object. Example:

{
    "PropagationChannelId" : "<placeholder>",
    "SponsorId" : "<placeholder>",
    "LocalHttpProxyPort" : 8080,
    "LocalSocksProxyPort" : 1080
}

Note: The lines  and <--END-SAMPLE-CONFIG--> (visible in the raw Markdown) are used by the config test. Do not remove them.

All config file parameters are documented here.
Replace each <placeholder> with a value from your Psiphon server. The Psiphon server-side stack is open source and can be found in our Psiphon 3 repository.

Run

Run ./ConsoleClient --config psiphon.config where psiphon.config is created as described in the Configure section above

Other Platforms

The project builds and runs on Android. See the Android Library README for more information about building the Go component, and the Android Sample App README for a sample Android app that uses it.

Acknowledgements

Psiphon Tunnel Core uses:

Licensing

Please see the LICENSE file.

Contacts

We maintain a developer mailing list at psiphon3-developers@googlegroups.com. For more information about Psiphon Inc., please visit our web site at www.psiphon.ca.

Directories ¶

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL

Path	Synopsis
ConsoleClient
MobileLibrary
psi
Server
psiphon Package psiphon implements the core tunnel functionality of a Psiphon client.	Package psiphon implements the core tunnel functionality of a Psiphon client.
common
common/accesscontrol Package accesscontrol implements an access control authorization scheme based on digital signatures.	Package accesscontrol implements an access control authorization scheme based on digital signatures.
common/crypto/acme Package acme provides an implementation of the Automatic Certificate Management Environment (ACME) spec.	Package acme provides an implementation of the Automatic Certificate Management Environment (ACME) spec.
common/crypto/acme/autocert Package autocert provides automatic access to certificates from Let's Encrypt and any other ACME-based CA.	Package autocert provides automatic access to certificates from Let's Encrypt and any other ACME-based CA.
common/crypto/bcrypt Package bcrypt implements Provos and Mazières's bcrypt adaptive hashing algorithm.	Package bcrypt implements Provos and Mazières's bcrypt adaptive hashing algorithm.
common/crypto/blake2b Package blake2b implements the BLAKE2b hash algorithm defined by RFC 7693 and the extendable output function (XOF) BLAKE2Xb.	Package blake2b implements the BLAKE2b hash algorithm defined by RFC 7693 and the extendable output function (XOF) BLAKE2Xb.
common/crypto/blake2s Package blake2s implements the BLAKE2s hash algorithm defined by RFC 7693 and the extendable output function (XOF) BLAKE2Xs.	Package blake2s implements the BLAKE2s hash algorithm defined by RFC 7693 and the extendable output function (XOF) BLAKE2Xs.
common/crypto/blowfish Package blowfish implements Bruce Schneier's Blowfish encryption algorithm.	Package blowfish implements Bruce Schneier's Blowfish encryption algorithm.
common/crypto/bn256 Package bn256 implements a particular bilinear group at the 128-bit security level.	Package bn256 implements a particular bilinear group at the 128-bit security level.
common/crypto/cast5 Package cast5 implements CAST5, as defined in RFC 2144.	Package cast5 implements CAST5, as defined in RFC 2144.
common/crypto/chacha20poly1305 Package chacha20poly1305 implements the ChaCha20-Poly1305 AEAD as specified in RFC 7539.	Package chacha20poly1305 implements the ChaCha20-Poly1305 AEAD as specified in RFC 7539.
common/crypto/chacha20poly1305/internal/chacha20 Package ChaCha20 implements the core ChaCha20 function as specified in https://tools.ietf.org/html/rfc7539#section-2.3.	Package ChaCha20 implements the core ChaCha20 function as specified in https://tools.ietf.org/html/rfc7539#section-2.3.
common/crypto/cryptobyte Package cryptobyte implements building and parsing of byte strings for DER-encoded ASN.1 and TLS messages.	Package cryptobyte implements building and parsing of byte strings for DER-encoded ASN.1 and TLS messages.
common/crypto/curve25519 Package curve25519 provides an implementation of scalar multiplication on the elliptic curve known as curve25519.	Package curve25519 provides an implementation of scalar multiplication on the elliptic curve known as curve25519.
common/crypto/ed25519 Package ed25519 implements the Ed25519 signature algorithm.	Package ed25519 implements the Ed25519 signature algorithm.
common/crypto/ed25519/internal/edwards25519
common/crypto/hkdf Package hkdf implements the HMAC-based Extract-and-Expand Key Derivation Function (HKDF) as defined in RFC 5869.	Package hkdf implements the HMAC-based Extract-and-Expand Key Derivation Function (HKDF) as defined in RFC 5869.
common/crypto/md4 Package md4 implements the MD4 hash algorithm as defined in RFC 1320.	Package md4 implements the MD4 hash algorithm as defined in RFC 1320.
common/crypto/nacl/box Package box authenticates and encrypts messages using public-key cryptography.	Package box authenticates and encrypts messages using public-key cryptography.
common/crypto/nacl/secretbox Package secretbox encrypts and authenticates small messages.	Package secretbox encrypts and authenticates small messages.
common/crypto/ocsp Package ocsp parses OCSP responses as specified in RFC 2560.	Package ocsp parses OCSP responses as specified in RFC 2560.
common/crypto/openpgp Package openpgp implements high level operations on OpenPGP messages.	Package openpgp implements high level operations on OpenPGP messages.
common/crypto/openpgp/armor Package armor implements OpenPGP ASCII Armor, see RFC 4880.	Package armor implements OpenPGP ASCII Armor, see RFC 4880.
common/crypto/openpgp/clearsign Package clearsign generates and processes OpenPGP, clear-signed data.	Package clearsign generates and processes OpenPGP, clear-signed data.
common/crypto/openpgp/elgamal Package elgamal implements ElGamal encryption, suitable for OpenPGP, as specified in "A Public-Key Cryptosystem and a Signature Scheme Based on Discrete Logarithms," IEEE Transactions on Information Theory, v.	Package elgamal implements ElGamal encryption, suitable for OpenPGP, as specified in "A Public-Key Cryptosystem and a Signature Scheme Based on Discrete Logarithms," IEEE Transactions on Information Theory, v.
common/crypto/openpgp/errors Package errors contains common error types for the OpenPGP packages.	Package errors contains common error types for the OpenPGP packages.
common/crypto/openpgp/packet Package packet implements parsing and serialization of OpenPGP packets, as specified in RFC 4880.	Package packet implements parsing and serialization of OpenPGP packets, as specified in RFC 4880.
common/crypto/openpgp/s2k Package s2k implements the various OpenPGP string-to-key transforms as specified in RFC 4800 section 3.7.1.	Package s2k implements the various OpenPGP string-to-key transforms as specified in RFC 4800 section 3.7.1.
common/crypto/otr Package otr implements the Off The Record protocol as specified in http://www.cypherpunks.ca/otr/Protocol-v2-3.1.0.html	Package otr implements the Off The Record protocol as specified in http://www.cypherpunks.ca/otr/Protocol-v2-3.1.0.html
common/crypto/pbkdf2 Package pbkdf2 implements the key derivation function PBKDF2 as defined in RFC 2898 / PKCS #5 v2.0.	Package pbkdf2 implements the key derivation function PBKDF2 as defined in RFC 2898 / PKCS #5 v2.0.
common/crypto/pkcs12 Package pkcs12 implements some of PKCS#12.	Package pkcs12 implements some of PKCS#12.
common/crypto/pkcs12/internal/rc2 Package rc2 implements the RC2 cipher https://www.ietf.org/rfc/rfc2268.txt http://people.csail.mit.edu/rivest/pubs/KRRR98.pdf This code is licensed under the MIT license.	Package rc2 implements the RC2 cipher https://www.ietf.org/rfc/rfc2268.txt http://people.csail.mit.edu/rivest/pubs/KRRR98.pdf This code is licensed under the MIT license.
common/crypto/poly1305 Package poly1305 implements Poly1305 one-time message authentication code as specified in https://cr.yp.to/mac/poly1305-20050329.pdf.	Package poly1305 implements Poly1305 one-time message authentication code as specified in https://cr.yp.to/mac/poly1305-20050329.pdf.
common/crypto/ripemd160 Package ripemd160 implements the RIPEMD-160 hash algorithm.	Package ripemd160 implements the RIPEMD-160 hash algorithm.
common/crypto/salsa20 Package salsa20 implements the Salsa20 stream cipher as specified in https://cr.yp.to/snuffle/spec.pdf.	Package salsa20 implements the Salsa20 stream cipher as specified in https://cr.yp.to/snuffle/spec.pdf.
common/crypto/salsa20/salsa Package salsa provides low-level access to functions in the Salsa family.	Package salsa provides low-level access to functions in the Salsa family.
common/crypto/scrypt Package scrypt implements the scrypt key derivation function as defined in Colin Percival's paper "Stronger Key Derivation via Sequential Memory-Hard Functions" (https://www.tarsnap.com/scrypt/scrypt.pdf).	Package scrypt implements the scrypt key derivation function as defined in Colin Percival's paper "Stronger Key Derivation via Sequential Memory-Hard Functions" (https://www.tarsnap.com/scrypt/scrypt.pdf).
common/crypto/sha3 Package sha3 implements the SHA-3 fixed-output-length hash functions and the SHAKE variable-output-length hash functions defined by FIPS-202.	Package sha3 implements the SHA-3 fixed-output-length hash functions and the SHAKE variable-output-length hash functions defined by FIPS-202.
common/crypto/ssh Package ssh implements an SSH client and server.	Package ssh implements an SSH client and server.
common/crypto/ssh/agent Package agent implements the ssh-agent protocol, and provides both a client and a server.	Package agent implements the ssh-agent protocol, and provides both a client and a server.
common/crypto/ssh/knownhosts Package knownhosts implements a parser for the OpenSSH known_hosts host key database.	Package knownhosts implements a parser for the OpenSSH known_hosts host key database.
common/crypto/ssh/terminal Package terminal provides support functions for dealing with terminals, as commonly found on UNIX systems.	Package terminal provides support functions for dealing with terminals, as commonly found on UNIX systems.
common/crypto/ssh/test This package contains integration tests for the github.com/Psiphon-Labs/psiphon-tunnel-core/psiphon/common/crypto/ssh package.	This package contains integration tests for the github.com/Psiphon-Labs/psiphon-tunnel-core/psiphon/common/crypto/ssh package.
common/crypto/tea
common/crypto/twofish Package twofish implements Bruce Schneier's Twofish encryption algorithm.	Package twofish implements Bruce Schneier's Twofish encryption algorithm.
common/crypto/xtea Package xtea implements XTEA encryption, as defined in Needham and Wheeler's 1997 technical report, "Tea extensions."	Package xtea implements XTEA encryption, as defined in Needham and Wheeler's 1997 technical report, "Tea extensions."
common/crypto/xts Package xts implements the XTS cipher mode as specified in IEEE P1619/D16.	Package xts implements the XTS cipher mode as specified in IEEE P1619/D16.
common/osl Package osl implements the Obfuscated Server List (OSL) mechanism.	Package osl implements the Obfuscated Server List (OSL) mechanism.
common/osl/paver
common/parameters Package parameters implements dynamic, concurrency-safe parameters that determine Psiphon client behavior.	Package parameters implements dynamic, concurrency-safe parameters that determine Psiphon client behavior.
common/protocol
common/sss Package sss implements Shamir's Secret Sharing algorithm over GF(2^8).	Package sss implements Shamir's Secret Sharing algorithm over GF(2^8).
common/tactics Package tactics provides dynamic Psiphon client configuration based on GeoIP attributes, API parameters, and speed test data.	Package tactics provides dynamic Psiphon client configuration based on GeoIP attributes, API parameters, and speed test data.
common/tls Package tls partially implements TLS 1.2, as specified in RFC 5246.	Package tls partially implements TLS 1.2, as specified in RFC 5246.
common/tls/cipherhw Package cipherhw exposes common functions for detecting whether hardware support for certain ciphers and authenticators is present.	Package cipherhw exposes common functions for detecting whether hardware support for certain ciphers and authenticators is present.
common/tun Package tun is an IP packet tunnel server and client.	Package tun is an IP packet tunnel server and client.
server Package server implements the core tunnel functionality of a Psiphon server.	Package server implements the core tunnel functionality of a Psiphon server.
server/psinet Package psinet implements psinet database services.	Package psinet implements psinet database services.
transferstats Package transferstats counts and keeps track of session stats.	Package transferstats counts and keeps track of session stats.
upstreamproxy
upstreamproxy/go-ntlm/ntlm Package NTLM implements the interfaces used for interacting with NTLMv1 and NTLMv2.	Package NTLM implements the interfaces used for interacting with NTLMv1 and NTLMv2.
upstreamproxy/go-ntlm/ntlm/md4 Package md4 implements the MD4 hash algorithm as defined in RFC 1320.	Package md4 implements the MD4 hash algorithm as defined in RFC 1320.