Package accesscontrol implements an access control authorization scheme based on digital signatures.

Package errors provides error wrapping helpers that add inline, single frame stack trace information to error messages.

* Copyright (c) 2023, Psiphon Inc.

Package monotime provides a fast monotonic clock source.

Package osl implements the Obfuscated Server List (OSL) mechanism.

Package packetman implements low-level manipulation of TCP packets, enabling a variety of strategies to evade network censorship.

Package parameters implements dynamic, concurrency-safe parameters that determine Psiphon client and server behaviors.

Package prng implements a seeded, unbiased PRNG that is suitable for use cases including obfuscation, network jitter, load balancing.

Package quic wraps github.com/lucas-clemente/quic-go with net.Listener and net.Conn types that provide a drop-in replacement for net.TCPConn.

Package regen is a library for generating random strings from regular expressions.

Package resolver implements a DNS stub resolver, or DNS client, which resolves domain names.

Package sss implements Shamir's Secret Sharing algorithm over GF(2^8).

Package stacktrace provides helpers for handling stack trace information.

Package tactics provides dynamic Psiphon client configuration based on GeoIP attributes, API parameters, and speed test data.

Package transforms provides a mechanism to define and apply string data transformations, with the transformations defined by regular expressions to match data to be transformed, and regular expression generators to specify additional or replacement data.

Package tun is an IP packet tunnel server and client.

Package values provides a mechanism for specifying and selecting dynamic values employed by the Psiphon client and server.

Package wildcard implements a very simple wildcard matcher which supports only the term '*', which matches any sequence of characters.

Compress returns zlib compressed data.

Contains is a helper function that returns true if the target string is in the list.

ContainsAny returns true if any string in targets is present in the list.

ContainsInt returns true if the target int is in the list.

ContainsWildcard returns true if target matches any of the patterns.

CopyBuffer calls io.CopyBuffer, masking out any src.WriteTo or dst.ReadFrom to force use of the specified buf.

Decompress returns zlib decompressed data.

EscapeRedactIPAddressString escapes the IP or IP:port addresses in the input in such a way that they won't be redacted when part of the input to RedactIPAddresses.

FileExists returns true if a file, or directory, exists at the given path.

FormatByteCount returns a string representation of the specified byte count in conventional, human-readable format.

GenerateAuthenticatedDataPackageKeys generates a key pair be used to sign and verify AuthenticatedDataPackages.

GenerateWebServerCertificate creates a self-signed web server certificate, using the specified host name.

GetCurrentTimestamp returns the current time in UTC as an RFC 3339 formatted string.

GetInterfaceIPAddresses takes an interface name, such as "eth0", and returns the first non-link local IPv4 and IPv6 addresses associated with it.

GetRoutableInterfaceIPAddresses returns GetInterfaceIPAddresses values for the first non-loopback, non-point-to-point network interface on the host that has an IP address.

GetStringSlice converts an interface{} which is of type []interace{}, and with the type of each element a string, to []string.

IPAddressFromAddr is a helper which extracts an IP address from a net.Addr or returns "" if there is no IP address.

IsBogon checks if the specified IP is a bogon (loopback, private addresses, link-local addresses, etc.).

MakeSecureRandomBytes is a helper function that wraps crypto/rand.Read.

MergeContextCancel returns a context which has the properties of the 1st input content and merges in the cancellation signal of the 2nd context, so the returned context is cancelled when either input context is cancelled.

NewActivityMonitoredConn creates a new ActivityMonitoredConn.

NewAuthenticatedDataPackageReader extracts and verifies authenticated data from an AuthenticatedDataPackage stored in the specified file.

NewBurstMonitoredConn creates a new BurstMonitoredConn.

NewConns initializes a new Conns.

NewHTTPRoundTripper creates a new HTTPRoundTripper, using the specified roundTrip function for HTTP round trips.

NewLRUConns initializes a new LRUConns.

NewReloadableFile initializes a new ReloadableFile.

NewSubnetLookup creates a SubnetLookup from a list of subnet CIDRs.

NewSubnetLookupFromRoutes creates a SubnetLookup from text routes data.

NewThrottledConn initializes a new ThrottledConn.

ParseDNSQuestion parses a DNS message.

PortFromAddr is a helper which extracts a port number from a net.Addr or returns 0 if there is no port number.

ReadAuthenticatedDataPackage extracts and verifies authenticated data from an AuthenticatedDataPackage.

RedactFilePaths returns a copy of the input with all file paths replaced by "[redacted]".

RedactFilePathsError is RedactFilePaths for errors.

RedactIPAddresses returns a copy of the input with all IP addresses (and optional ports) replaced by "[redacted]".

RedactIPAddressesString is RedactIPAddresses for strings.

RedactNetError removes network address information from a "net" package error message.

RedactURLError transforms an error, when it is a url.Error, removing the URL value.

RunNetworkConfigCommand execs a network config command, such as "ifconfig" or "iptables".

SafeParseRequestURI wraps url.ParseRequestURI, stripping the input URL from any error message.

SafeParseURL wraps url.Parse, stripping the input URL from any error message.

SleepWithContext returns after the specified duration or once the input ctx is done, whichever is first.

SleepWithJitter returns after the specified duration, with random jitter applied, or once the input ctx is done, whichever is first.

TerminateHTTPConnection sends a 404 response to a client and also closes the persistent connection.

TruncateTimestampToHour truncates an RFC 3339 formatted string to hour granularity.

ValueOrDefault returns the input value, or, when value is the zero value of its type, defaultValue.

WriteAuthenticatedDataPackage creates an AuthenticatedDataPackage containing the specified data and signed by the given key.

WriteRuntimeProfiles writes Go runtime profile information to a set of files in the specified output directory.

ActivityMonitoredConn wraps a net.Conn, adding logic to deal with events triggered by I/O activity.

AuthenticatedDataPackage is a JSON record containing some Psiphon data payload, such as list of Psiphon server entries.

BurstMonitoredConn wraps a net.Conn and monitors for data transfer bursts.

Conns is a synchronized list of Conns that is used to coordinate interrupting a set of goroutines establishing connections, or close a set of open connections, etc.

GeoIPData is type-compatible with psiphon/server.GeoIPData.

HTTPRoundTripper is an adapter that allows using a function as a http.RoundTripper.

LRUConns is a concurrency-safe list of net.Conns ordered by recent activity.

LRUConnsEntry is an entry in a LRUConns list.

PortList provides a lookup for a configured list of IP ports and port ranges.

RateLimits specify the rate limits for a ThrottledConn.

ReloadableFile is a file-backed Reloader.

ThrottledConn wraps a net.Conn with read and write rate limiters.

WriteTimeoutPacketConn is the equivilent of WriteTimeoutUDPConn for non-*net.UDPConns.

WriteTimeoutUDPConn sets write deadlines before each UDP packet write.

ActivityUpdater defines an interface for receiving updates for ActivityMonitoredConn activity.

Closer defines the interface to a type, typically a net.Conn, that can be closed.

CloseWriter defines the interface to a type, typically a net.TCPConn, that implements CloseWrite.

FragmentorAccessor defines the interface for accessing properties of a fragmentor Conn.

IrregularIndicator defines the interface for a type, typically a net.Conn, that detects and reports irregular conditions during initial network connection establishment.

Logger exposes a logging interface that's compatible with psiphon/server.TraceLogger.

LogTrace is interface-compatible with the return values from psiphon/server.TraceLogger.WitTrace/WithTraceFields.

MetricsSource is an object that provides metrics to be logged.

NetDialer mimicks the net.Dialer interface.

NoticeMetricsSource is an object that provides metrics to be logged only in notices, for inclusion in diagnostics.

Reloader represents a read-only, in-memory reloadable data object.

UnderlyingTCPAddrSource defines the interface for a type, typically a net.Conn, such as a server meek Conn, which has an underlying TCP conn(s), providing access to the LocalAddr and RemoteAddr properties of the underlying TCP conn.

APIParameterLogFieldFormatter is a function that returns formatted LogFields containing the given GeoIPData and APIParameters.

APIParameters is a set of API parameter values, typically received from a Psiphon client and used/logged by the Psiphon server.

APIParameterValidator is a function that validates API parameters for a particular request or context.

Dialer is a custom network dialer.

LogFields is type-compatible with psiphon/server.LogFields and logrus.LogFields.

SubnetLookup provides an efficient lookup for individual IPv4 addresses within a list of subnets.