Documentation
¶
Overview ¶
Package config provides the Katzenpost server configuration.
Index ¶
Constants ¶
View Source
const ( // BackendSQL is a SQL based backend. BackendSQL = "sql" // BackendBolt is a BoltDB based backend. BackendBolt = "bolt" // BackendExtern is a External (RESTful http) backend. BackendExtern = "extern" )
Variables ¶
This section is empty.
Functions ¶
Types ¶
type BoltSpoolDB ¶
type BoltSpoolDB struct {
// SpoolDB is the path to the user message spool. If left empty, it will
// use `spool.db` under the DataDir.
SpoolDB string
}
BoltSpoolDB is the BolTDB implementation of the spool.
type BoltUserDB ¶
type BoltUserDB struct {
// UserDB is the path to the user database. If left empty it will use
// `users.db` under the DataDir.
UserDB string
}
BoltUserDB is the BoltDB implementation of userdb.
type CBORPluginKaetzchen ¶
type CBORPluginKaetzchen struct {
// Capability is the capability exposed by the agent.
Capability string
// Endpoint is the provider side endpoint that the agent will accept
// requests at. While not required by the spec, this server only
// supports Endpoints that are lower-case local-parts of an e-mail
// address.
Endpoint string
// Config is the extra per agent arguments to be passed to the agent's
// initialization routine.
Config map[string]interface{}
// Command is the full file path to the external plugin program
// that implements this Kaetzchen service.
Command string
// MaxConcurrency is the number of worker goroutines to start
// for this service.
MaxConcurrency int
// Disable disabled a configured agent.
Disable bool
}
CBORPluginKaetzchen is a Provider auto-responder agent.
type Config ¶
type Config struct {
Server *Server
Logging *Logging
Provider *Provider
PKI *PKI
Management *Management
SphinxGeometry *geo.Geometry
Debug *Debug
}
Config is the top level Katzenpost server configuration.
func Load ¶
Load parses and validates the provided buffer b as a config file body and returns the Config.
func (*Config) FixupAndValidate ¶
FixupAndValidate applies defaults to config entries and validates the supplied configuration. Most people should call one of the Load variants instead.
type Debug ¶
type Debug struct {
// NumSphinxWorkers specifies the number of worker instances to use for
// inbound Sphinx packet processing.
NumSphinxWorkers int
// NumProviderWorkers specifies the number of worker instances to use for
// provider specific packet processing.
NumProviderWorkers int
// NumKaetzchenWorkers specifies the number of worker instances to use for
// Kaetzchen specific packet processing.
NumKaetzchenWorkers int
// SchedulerExternalMemoryQueue will enable the experimental external
// memory queue that is backed by disk.
SchedulerExternalMemoryQueue bool
// SchedulerQueueSize is the maximum allowed scheduler queue size before
// random entries will start getting dropped. A value <= 0 is treated
// as unlimited.
SchedulerQueueSize int
// SchedulerMaxBurst is the maximum number of packets that will be
// dispatched per scheduler wakeup event.
SchedulerMaxBurst int
// UnwrapDelay is the maximum allowed unwrap delay due to queueing in
// milliseconds.
UnwrapDelay int
// ProviderDelay is the maximum allowed provider delay due to queueing
// in milliseconds.
ProviderDelay int
// KaetzchenDelay is the maximum allowed kaetzchen delay due to queueing
// in milliseconds.
KaetzchenDelay int
// SchedulerSlack is the maximum allowed scheduler slack due to queueing
// and or processing in milliseconds.
SchedulerSlack int
// SendSlack is the maximum allowed send queue slack due to queueing and
// or congestion in milliseconds.
SendSlack int
// DecoySlack is the maximum allowed decoy sweep slack due to various
// external delays such as latency before a loop decoy packet will
// be considered lost.
DecoySlack int
// ConnectTimeout specifies the maximum time a connection can take to
// establish a TCP/IP connection in milliseconds.
ConnectTimeout int
// HandshakeTimeout specifies the maximum time a connection can take for a
// link protocol handshake in milliseconds.
HandshakeTimeout int
// ReauthInterval specifies the interval at which a connection will be
// reauthenticated in milliseconds.
ReauthInterval int
// SendDecoyTraffic enables sending decoy traffic. This is still
// experimental and untuned and thus is disabled by default.
//
// WARNING: This option will go away once decoy traffic is more concrete.
SendDecoyTraffic bool
// DisableRateLimit disables the per-client rate limiter. This option
// should only be used for testing.
DisableRateLimit bool
// GenerateOnly halts and cleans up the server right after long term
// key generation.
GenerateOnly bool
}
Debug is the Katzenpost server debug configuration.
type ExternUserDB ¶
type ExternUserDB struct {
// ProviderURL is the base url used for the external provider authentication API.
// It should be in the form `http://localhost:8080/`
ProviderURL string
}
ExternUserDB is the external http user authentication.
type Kaetzchen ¶
type Kaetzchen struct {
// Capability is the capability exposed by the agent.
Capability string
// Endpoint is the provider side endpoint that the agent will accept
// requests at. While not required by the spec, this server only
// supports Endpoints that are lower-case local-parts of an e-mail
// address.
Endpoint string
// Config is the extra per agent arguments to be passed to the agent's
// initialization routine.
Config map[string]interface{}
// Disable disabled a configured agent.
Disable bool
}
Kaetzchen is a Provider auto-responder agent.
type Logging ¶
type Logging struct {
// Disable disables logging entirely.
Disable bool
// File specifies the log file, if omitted stdout will be used.
File string
// Level specifies the log level.
Level string
}
Logging is the Katzenpost server logging configuration.
type Management ¶
type Management struct {
// Enable enables the management interface.
Enable bool
// Path specifies the path to the manaagment interface socket. If left
// empty it will use `management_sock` under the DataDir.
Path string
}
Management is the Katzenpost management interface configuration.
type PKI ¶
type PKI struct {
Voting *Voting
}
PKI is the Katzenpost directory authority configuration.
type Provider ¶
type Provider struct {
// EnableEphemeralhClients is set to true in order to
// allow ephemeral clients to be created when the Provider
// first receives a given user identity string.
EnableEphemeralClients bool
// AltAddresses is the map of extra transports and addresses at which
// the Provider is reachable by clients. The most useful alternative
// transport is likely ("tcp") (`core/pki.TransportTCP`).
AltAddresses map[string][]string
// SQLDB is the SQL database backend configuration.
SQLDB *SQLDB
// UserDB is the userdb backend configuration.
UserDB *UserDB
// SpoolDB is the user message spool configuration.
SpoolDB *SpoolDB
// Kaetzchen is the list of configured internal Kaetzchen (auto-responder agents)
// for this provider.
Kaetzchen []*Kaetzchen
// CBORPluginKaetzchen is the list of configured external CBOR Kaetzchen plugins
// for this provider.
CBORPluginKaetzchen []*CBORPluginKaetzchen
// TrustOnFirstUse indicates whether or not to trust client's wire protocol keys
// on first use. If set to true then first seen keys cause an entry in the userDB
// to be created. It will later be garbage collected.
TrustOnFirstUse bool
}
Provider is the Katzenpost provider configuration.
type SQLDB ¶
type SQLDB struct {
// Backend is the active database backend (driver).
//
// - pgx: Postgresql.
Backend string
// DataSourceName is the SQL data source name or URI. The format
// of this parameter is dependent on the database driver being used.
//
// - pgx: https://godoc.org/github.com/jackc/pgx#ParseConnectionString
DataSourceName string
}
SQLDB is the SQL database backend configuration.
type Server ¶
type Server struct {
// Identifier is the human readable identifier for the node (eg: FQDN).
Identifier string
// WireKEM is the KEM string representing the chosen KEM scheme with which to communicate
// with the mixnet and dirauth nodes.
WireKEM string
// Addresses are the IP address/port combinations that the server will bind
// to for incoming connections.
Addresses []string
// AltAddresses is the map of extra transports and addresses at which
// the mix is reachable by clients. The most useful alternative
// transport is likely ("tcp") (`core/pki.TransportTCP`).
AltAddresses map[string][]string
// If set to true then only advertise to the PKI the AltAddresses
// and do NOT send any of the Addresses.
OnlyAdvertiseAltAddresses bool
// MetricsAddress is the address/port to bind the prometheus metrics endpoint to.
MetricsAddress string
// DataDir is the absolute path to the server's state files.
DataDir string
// IsProvider specifies if the server is a provider (vs a mix).
IsProvider bool
}
Server is the Katzenpost server configuration.
type SpoolDB ¶
type SpoolDB struct {
// Backend is the active spool backend. If left empty, the BoltSpoolDB
// backend will be used (`bolt`).
Backend string
// BoltDB backed spool (`bolt`).
Bolt *BoltSpoolDB
}
SpoolDB is the user message spool configuration.
type UserDB ¶
type UserDB struct {
// Backend is the active userdb backend. If left empty, the BoltUserDB
// backend will be used (`bolt`).
Backend string
// BoltDB backed userdb (`bolt`).
Bolt *BoltUserDB
// Externally defined (RESTful http) userdb (`extern`).
Extern *ExternUserDB
}
UserDB is the userdb backend configuration.
Source Files
Click to show internal directories.
Click to hide internal directories.