config

package
v0.0.0-...-c15aa5a Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Dec 6, 2023 License: GPL-3.0, AGPL-3.0 Imports: 21 Imported by: 0

Documentation

Overview

Package config provides the Katzenpost server configuration.

Index

Constants

View Source
const (

	// BackendSQL is a SQL based backend.
	BackendSQL = "sql"

	// BackendBolt is a BoltDB based backend.
	BackendBolt = "bolt"

	// BackendExtern is a External (RESTful http) backend.
	BackendExtern = "extern"
)

Variables

This section is empty.

Functions

func AuthorityPeersFromPeers

func AuthorityPeersFromPeers(peers []*Peer) ([]*config.AuthorityPeer, error)

AuthorityPeersFromPeers loads keys and instances config.AuthorityPeer for each Peer

func Store

func Store(cfg *Config, fileName string) error

Store writes a config to fileName on disk

Types

type BoltSpoolDB

type BoltSpoolDB struct {
	// SpoolDB is the path to the user message spool.  If left empty, it will
	// use `spool.db` under the DataDir.
	SpoolDB string
}

BoltSpoolDB is the BolTDB implementation of the spool.

type BoltUserDB

type BoltUserDB struct {
	// UserDB is the path to the user database.  If left empty it will use
	// `users.db` under the DataDir.
	UserDB string
}

BoltUserDB is the BoltDB implementation of userdb.

type CBORPluginKaetzchen

type CBORPluginKaetzchen struct {
	// Capability is the capability exposed by the agent.
	Capability string

	// Endpoint is the provider side endpoint that the agent will accept
	// requests at.  While not required by the spec, this server only
	// supports Endpoints that are lower-case local-parts of an e-mail
	// address.
	Endpoint string

	// Config is the extra per agent arguments to be passed to the agent's
	// initialization routine.
	Config map[string]interface{}

	// Command is the full file path to the external plugin program
	// that implements this Kaetzchen service.
	Command string

	// MaxConcurrency is the number of worker goroutines to start
	// for this service.
	MaxConcurrency int

	// Disable disabled a configured agent.
	Disable bool
}

CBORPluginKaetzchen is a Provider auto-responder agent.

type Config

type Config struct {
	Server     *Server
	Logging    *Logging
	Provider   *Provider
	PKI        *PKI
	Management *Management

	Debug *Debug
}

Config is the top level Katzenpost server configuration.

func Load

func Load(b []byte) (*Config, error)

Load parses and validates the provided buffer b as a config file body and returns the Config.

func LoadFile

func LoadFile(f string) (*Config, error)

LoadFile loads, parses and validates the provided file and returns the Config.

func (*Config) FixupAndValidate

func (cfg *Config) FixupAndValidate() error

FixupAndValidate applies defaults to config entries and validates the supplied configuration. Most people should call one of the Load variants instead.

type Debug

type Debug struct {
	// IdentityKey specifies the identity private key.
	IdentityKey *eddsa.PrivateKey `toml:"-"`

	// NumSphinxWorkers specifies the number of worker instances to use for
	// inbound Sphinx packet processing.
	NumSphinxWorkers int

	// NumProviderWorkers specifies the number of worker instances to use for
	// provider specific packet processing.
	NumProviderWorkers int

	// NumKaetzchenWorkers specifies the number of worker instances to use for
	// Kaetzchen specific packet processing.
	NumKaetzchenWorkers int

	// SchedulerExternalMemoryQueue will enable the experimental external
	// memory queue that is backed by disk.
	SchedulerExternalMemoryQueue bool

	// SchedulerQueueSize is the maximum allowed scheduler queue size before
	// random entries will start getting dropped.  A value <= 0 is treated
	// as unlimited.
	SchedulerQueueSize int

	// SchedulerMaxBurst is the maximum number of packets that will be
	// dispatched per scheduler wakeup event.
	SchedulerMaxBurst int

	// UnwrapDelay is the maximum allowed unwrap delay due to queueing in
	// milliseconds.
	UnwrapDelay int

	// ProviderDelay is the maximum allowed provider delay due to queueing
	// in milliseconds.
	ProviderDelay int

	// KaetzchenDelay is the maximum allowed kaetzchen delay due to queueing
	// in milliseconds.
	KaetzchenDelay int

	// SchedulerSlack is the maximum allowed scheduler slack due to queueing
	// and or processing in milliseconds.
	SchedulerSlack int

	// SendSlack is the maximum allowed send queue slack due to queueing and
	// or congestion in milliseconds.
	SendSlack int

	// DecoySlack is the maximum allowed decoy sweep slack due to various
	// external delays such as latency before a loop decoy packet will
	// be considered lost.
	DecoySlack int

	// ConnectTimeout specifies the maximum time a connection can take to
	// establish a TCP/IP connection in milliseconds.
	ConnectTimeout int

	// HandshakeTimeout specifies the maximum time a connection can take for a
	// link protocol handshake in milliseconds.
	HandshakeTimeout int

	// ReauthInterval specifies the interval at which a connection will be
	// reauthenticated in milliseconds.
	ReauthInterval int

	// SendDecoyTraffic enables sending decoy traffic.  This is still
	// experimental and untuned and thus is disabled by default.
	//
	// WARNING: This option will go away once decoy traffic is more concrete.
	SendDecoyTraffic bool

	// DisableRateLimit disables the per-client rate limiter.  This option
	// should only be used for testing.
	DisableRateLimit bool

	// GenerateOnly halts and cleans up the server right after long term
	// key generation.
	GenerateOnly bool
}

Debug is the Katzenpost server debug configuration.

func (*Debug) IsUnsafe

func (dCfg *Debug) IsUnsafe() bool

IsUnsafe returns true iff any debug options that destroy security are set.

type ExternUserDB

type ExternUserDB struct {
	// ProviderURL is the base url used for the external provider authentication API.
	// It should be in the form `http://localhost:8080/`
	ProviderURL string
}

ExternUserDB is the external http user authentication.

type Kaetzchen

type Kaetzchen struct {
	// Capability is the capability exposed by the agent.
	Capability string

	// Endpoint is the provider side endpoint that the agent will accept
	// requests at.  While not required by the spec, this server only
	// supports Endpoints that are lower-case local-parts of an e-mail
	// address.
	Endpoint string

	// Config is the extra per agent arguments to be passed to the agent's
	// initialization routine.
	Config map[string]interface{}

	// Disable disabled a configured agent.
	Disable bool
}

Kaetzchen is a Provider auto-responder agent.

type Logging

type Logging struct {
	// Disable disables logging entirely.
	Disable bool

	// File specifies the log file, if omitted stdout will be used.
	File string

	// Level specifies the log level.
	Level string
}

Logging is the Katzenpost server logging configuration.

type Management

type Management struct {
	// Enable enables the management interface.
	Enable bool

	// Path specifies the path to the manaagment interface socket.  If left
	// empty it will use `management_sock` under the DataDir.
	Path string
}

Management is the Katzenpost management interface configuration.

type Nonvoting

type Nonvoting struct {
	// Address is the authority's IP/port combination.
	Address string

	// PublicKey is the authority's public key in Base64 or Base16 format.
	PublicKey string
}

Nonvoting is a non-voting directory authority.

type PKI

type PKI struct {
	// Nonvoting is a non-voting directory authority.
	Nonvoting *Nonvoting
	Voting    *Voting
}

PKI is the Katzenpost directory authority configuration.

type Peer

type Peer struct {
	Addresses         []string
	IdentityPublicKey string
	LinkPublicKey     string
}

Peer is a voting peer.

type Provider

type Provider struct {
	// EnableUserRegistrationHTTP is set to true if the
	// User Registration HTTP service listener is enabled.
	EnableUserRegistrationHTTP bool

	// UserRegistrationHTTPAddresses is quite simply
	// the set of TCP addresses that the User
	// Registration HTTP service should listen on
	// (e.g. "127.0.0.1:36967").
	UserRegistrationHTTPAddresses []string

	// AdvertiseUserRegistrationHTTPAddresses is the set of HTTP URLs
	// that shall be advertised in the mixnet PKI document.
	AdvertiseUserRegistrationHTTPAddresses []string

	// SQLDB is the SQL database backend configuration.
	SQLDB *SQLDB

	// UserDB is the userdb backend configuration.
	UserDB *UserDB

	// SpoolDB is the user message spool configuration.
	SpoolDB *SpoolDB

	// BinaryRecipients disables all Provider side recipient pre-processing,
	// including removing trailing `NUL` bytes, case normalization, and
	// delimiter support.
	BinaryRecipients bool

	// CaseSensitiveRecipients disables recipient case normalization.  If left
	// unset, all user names will be converted to lower case.
	CaseSensitiveRecipients bool

	// RecipientDelimiter is the set of characters that separates a user name
	// from it's extension (eg: `alice+foo`).
	RecipientDelimiter string

	// Kaetzchen is the list of configured internal Kaetzchen (auto-responder agents)
	// for this provider.
	Kaetzchen []*Kaetzchen

	// CBORPluginKaetzchen is the list of configured external CBOR Kaetzchen plugins
	// for this provider.
	CBORPluginKaetzchen []*CBORPluginKaetzchen
}

Provider is the Katzenpost provider configuration.

type SQLDB

type SQLDB struct {
	// Backend is the active database backend (driver).
	//
	//  - pgx: Postgresql.
	Backend string

	// DataSourceName is the SQL data source name or URI.  The format
	// of this parameter is dependent on the database driver being used.
	//
	//  - pgx: https://godoc.org/github.com/jackc/pgx#ParseConnectionString
	DataSourceName string
}

SQLDB is the SQL database backend configuration.

type Server

type Server struct {
	// Identifier is the human readable identifier for the node (eg: FQDN).
	Identifier string

	// Addresses are the IP address/port combinations that the server will bind
	// to for incoming connections.
	Addresses []string

	// AltAddresses is the map of extra transports and addresses at which
	// the mix is reachable by clients.  The most useful alternative
	// transport is likely ("tcp") (`core/pki.TransportTCP`).
	AltAddresses map[string][]string

	// If set to true then only advertise to the PKI the AltAddresses
	// and do NOT send any of the Addresses.
	OnlyAdvertiseAltAddresses bool

	// DataDir is the absolute path to the server's state files.
	DataDir string

	// IsProvider specifies if the server is a provider (vs a mix).
	IsProvider bool
}

Server is the Katzenpost server configuration.

type SpoolDB

type SpoolDB struct {
	// Backend is the active spool backend.  If left empty, the BoltSpoolDB
	// backend will be used (`bolt`).
	Backend string

	// BoltDB backed spool (`bolt`).
	Bolt *BoltSpoolDB
}

SpoolDB is the user message spool configuration.

type UserDB

type UserDB struct {
	// Backend is the active userdb backend.  If left empty, the BoltUserDB
	// backend will be used (`bolt`).
	Backend string

	// BoltDB backed userdb (`bolt`).
	Bolt *BoltUserDB

	// Externally defined (RESTful http) userdb (`extern`).
	Extern *ExternUserDB
}

UserDB is the userdb backend configuration.

type Voting

type Voting struct {
	ChainID            string
	TrustOptions       light.TrustOptions
	PrimaryAddress     string
	WitnessesAddresses []string
	DatabaseName       string
	DatabaseDir        string
	RPCAddress         string
}

Voting is a voting directory authority.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL