telemt

mirror of https://github.com/telemt/telemt.git synced 2026-06-20 02:00:09 +07:00

Author	SHA1	Message	Date
Alexey	2798039ab8	Merge pull request #507 from dzhus/patch-2 Fix typo in systemd service metadata	2026-03-20 17:04:41 +03:00
David Osipov	9dce748679	changed version	2026-03-20 18:04:37 +04:00
David Osipov	79093679ab	Merge latest upstream/main into test/main-into-flow-sec	2026-03-20 18:00:20 +04:00
David Osipov	35a8f5b2e5	Add method to retrieve inner reader with pending plaintext This commit introduces the `into_inner_with_pending_plaintext` method to the `FakeTlsReader` struct. This method allows users to extract the underlying reader along with any pending plaintext data that may have been buffered during the TLS reading process. The method handles the state transition and ensures that any buffered data is returned as a vector, facilitating easier management of plaintext data in TLS streams.	2026-03-20 17:56:37 +04:00
David Osipov	456c433875	Обновил версию	2026-03-20 17:34:09 +04:00
David Osipov	8f1ffe8c25	fix(proxy): исправление wire-transparency при fallback и усиление безопасности Исправлена критическая логическая ошибка в цепочке Fake TLS -> MTProto. Ранее при валидном TLS-хендшейке, но неверном MTProto-пакете, прокси ошибочно передавал в маскирующий релей обернутый (FakeTls) поток. Теперь транспорт корректно разворачивается (unwrap) до сырого сокета через .into_inner(), обеспечивая полную прозрачность (wire-transparency) для DPI и маскирующего бэкенда. Security & Hardening: - Логика приведена в соответствие с требованиями OWASP ASVS L2 (V5: Validation, Sanitization and Encoding). - Реализовано поведение "fail-closed": при любой ошибке верификации прокси мимикрирует под обычный веб-сервер, не раскрывая своей роли. - Улучшена диагностика и логирование состояний аутентификации для защиты от активного пробинга. Adversarial Testing (Black-hat mindset): - Добавлен отдельный пакет `client_tls_mtproto_fallback_security_tests.rs` (18+ тестов). - Покрыты сценарии: хаос-фрагментация (побайтовая нарезка TLS-записей), record-splitting, half-close состояния, сбросы бэкенда и replay-pressure. - В `client_adversarial_tests.rs` добавлено 10+ тестов на "злые" гонки (race conditions), утечки лимитов по IP и проверку изоляции состояний параллельных сессий. - Все 832 теста проходят (passed) в locked-режиме.	2026-03-20 17:33:46 +04:00
Alexey	342b0119dd	Merge pull request #509 from telemt/bump Update Cargo.toml 3.3.28	2026-03-20 16:27:39 +03:00
Alexey	2605929b93	Update Cargo.toml	2026-03-20 16:26:57 +03:00
Alexey	36814b6355	ME Draining on Dual-Stack + TLS Fetcher Upstream Selection: merge pull request #508 from telemt/flow ME Draining on Dual-Stack + TLS Fetcher Upstream Selection	2026-03-20 16:24:17 +03:00
Alexey	269ba537ad	ME Draining on Dual-Stack Co-Authored-By: brekotis <93345790+brekotis@users.noreply.github.com>	2026-03-20 16:07:12 +03:00
Alexey	5c0eb6dbe8	TLS Fetcher Upstream Selection Co-Authored-By: brekotis <93345790+brekotis@users.noreply.github.com>	2026-03-20 16:05:24 +03:00
David Osipov	a78c3e3ebd	One more small test fix	2026-03-20 16:48:14 +04:00
David Osipov	a4b70405b8	Add adversarial tests module for client security testing	2026-03-20 16:47:26 +04:00
David Osipov	3afc3e1775	Changed version	2026-03-20 16:46:09 +04:00
David Osipov	512bee6a8d	Add security tests for middle relay idle policy and enhance stats tracking - Introduced a new test module for middle relay idle policy security tests, covering various scenarios including soft mark, hard close, and grace periods. - Implemented functions to create crypto readers and encrypt data for testing. - Enhanced the Stats struct to include counters for relay idle soft marks, hard closes, pressure evictions, and protocol desync closes. - Added corresponding increment and retrieval methods for the new stats fields.	2026-03-20 16:43:50 +04:00
Maxim Myalin	66867d3f5b	Merge branch 'main' into feat/shadowsocks-upstream # Conflicts: # Cargo.lock # src/api/runtime_stats.rs	2026-03-20 15:22:36 +03:00
Dmitry Dzhus	db36945293	Fix typo in systemd service metadata	2026-03-20 12:00:41 +00:00
David Osipov	5c5fdcb124	Updated cargo	2026-03-20 15:03:42 +04:00
David Osipov	0ded366199	Changed version	2026-03-20 14:29:45 +04:00
David Osipov	84a34cea3d	Merge latest upstream/main into test/main-into-flow-sec	2026-03-20 14:26:49 +04:00
David Osipov	7dc3c3666d	Merge upstream/main into test/main-into-flow-sec	2026-03-20 14:20:20 +04:00
Alexey	dd07fa9453	Merge pull request #505 from telemt/flow-me Teardown Monitoring in API and Metrics 3.3.27	2026-03-20 12:59:39 +03:00
Alexey	bb1a372ac4	Merge branch 'main' into flow-me	2026-03-20 12:59:32 +03:00
Alexey	6661401a34	Merge pull request #506 from telemt/about-releases Update README.md	2026-03-20 12:59:09 +03:00
Alexey	cd65fb432b	Update README.md	2026-03-20 12:58:55 +03:00
Alexey	caf0717789	Merge branch 'main' into flow-me	2026-03-20 12:57:27 +03:00
Alexey	4a610d83a3	Update Cargo.toml Co-Authored-By: brekotis <93345790+brekotis@users.noreply.github.com>	2026-03-20 12:56:13 +03:00
Alexey	aba4205dcc	Teardown Monitoring in Metrics Co-Authored-By: brekotis <93345790+brekotis@users.noreply.github.com>	2026-03-20 12:46:35 +03:00
Alexey	ef9b7b1492	Teardown Monitoring in API Co-Authored-By: brekotis <93345790+brekotis@users.noreply.github.com>	2026-03-20 12:45:53 +03:00
Alexey	d112f15b90	ME Writers Anti-stuck + Quarantine fixes + ME Writers Advanced Cleanup + Authoritative Teardown + Orphan Watchdog + Force-Close Safery Policy: merge pull request #504 from telemt/flow-me ME Writers Anti-stuck + Quarantine fixes + ME Writers Advanced Cleanup + Authoritative Teardown + Orphan Watchdog + Force-Close Safery Policy 3.3.26	2026-03-20 12:41:45 +03:00
Alexey	b55b264345	Merge branch 'main' into flow-me	2026-03-20 12:20:51 +03:00
Alexey	f61d25ebe0	Authoritative Teardown + Orphan Watchdog + Force-Close Safery Policy Co-Authored-By: brekotis <93345790+brekotis@users.noreply.github.com>	2026-03-20 12:11:47 +03:00
Alexey	ed4d1167dd	ME Writers Advanced Cleanup Co-Authored-By: brekotis <93345790+brekotis@users.noreply.github.com>	2026-03-20 12:09:23 +03:00
Alexey	dc6948cf39	Merge pull request #502 from telemt/about-releases Update README.md	2026-03-20 11:25:19 +03:00
Alexey	4f11aa0772	Update README.md	2026-03-20 11:25:07 +03:00
David Osipov	6ea8ba25c4	Refactor OpenBSD build workflow for clarity	2026-03-20 02:27:21 +04:00
Alexey	e40361b171	Cargo.toml + Cargo.lock Co-Authored-By: brekotis <93345790+brekotis@users.noreply.github.com>	2026-03-20 00:45:04 +03:00
Alexey	1c6c73beda	ME Writers Anti-stuck and Quarantine fixes Co-Authored-By: Nook Scheel <nook@live.ru>	2026-03-20 00:41:40 +03:00
David Osipov	3f3bf5bbd2	Update build-openbsd.yml	2026-03-20 01:27:11 +04:00
David Osipov	ec793f3065	Added cargo.toml	2026-03-20 01:06:00 +04:00
David Osipov	e83d366518	Fixed issues with an action	2026-03-20 00:58:11 +04:00
David Osipov	5a4209fe00	Changed version	2026-03-20 00:53:32 +04:00
David Osipov	e7daf51193	Added runner for Openbsd	2026-03-20 00:43:05 +04:00
David Osipov	754e4db8a9	Add security tests for pool writer and pool refill functionality	2026-03-20 00:07:41 +04:00
David Osipov	7416829e89	Merge remote-tracking branch 'upstream/main' into test/main-into-flow-sec # Conflicts: # Cargo.toml # src/api/model.rs # src/api/runtime_stats.rs # src/transport/middle_proxy/health.rs # src/transport/middle_proxy/health_regression_tests.rs # src/transport/middle_proxy/pool_status.rs	2026-03-19 23:48:40 +04:00
David Osipov	c07b600acb	Integration hardening: reconcile main+flow-sec API drift and restore green suite	2026-03-19 20:24:44 +04:00
David Osipov	7b44496706	Integration test merge: upstream/main into flow-sec security branch (prefer flow-sec on conflicts)	2026-03-19 19:42:04 +04:00
Alexey	67dc1e8d18	Merge pull request #498 from telemt/bump Update Cargo.toml 3.3.25	2026-03-19 18:25:14 +03:00
Alexey	ad8ada33c9	Update Cargo.toml	2026-03-19 18:24:01 +03:00
Alexey	bbb201b433	Instadrain + Hard-remove for long draining-state: merge pull request #497 from telemt/flow-stuck-writer Instadrain + Hard-remove for long draining-state	2026-03-19 18:23:38 +03:00

... 7 8 9 10 11 ...

1441 Commits