andrei/telemt
1
0
Fork 0
mirror of https://github.com/telemt/telemt.git synced 2026-06-19 02:00:08 +07:00
Code Issues Packages Projects Releases Wiki Activity
1,119 Commits 2 Branches 96 Tags
cf82b637d2743189d0585344e29628a4dca2da54
Commit Graph

43 Commits

Author SHA1 Message Date
Alexey d7bbb376c9 Format 2026-03-21 15:45:29 +03:00
David Osipov bb355e916f Add comprehensive security tests for masking and shape hardening features 
- Introduced red-team expected-fail tests for client masking shape hardening.
- Added integration tests for masking AB envelope blur to improve obfuscation.
- Implemented masking security tests to validate the behavior of masking under various conditions.
- Created tests for masking shape above-cap blur to ensure proper functionality.
- Developed adversarial tests for masking shape hardening to evaluate robustness against attacks.
- Added timing normalization security tests to assess the effectiveness of timing obfuscation.
- Implemented red-team expected-fail tests for timing side-channel vulnerabilities.
 2026-03-21 00:30:51 +04:00
David Osipov 0eca535955 Refactor TLS fallback tests to remove unnecessary client hello assertions 
- Removed assertions for expected client hello messages in multiple TLS fallback tests to streamline the test logic.
- Updated the tests to focus on verifying the trailing TLS records received after the fallback.
- Enhanced the masking functionality by adding shape hardening features, including dynamic padding based on sent data size.
- Modified the relay_to_mask function to accommodate new parameters for shape hardening.
- Updated masking security tests to reflect changes in the relay_to_mask function signature.
 2026-03-20 22:44:39 +04:00
David Osipov 79093679ab Merge latest upstream/main into test/main-into-flow-sec 2026-03-20 18:00:20 +04:00
Alexey 5c0eb6dbe8 TLS Fetcher Upstream Selection 
Co-Authored-By: brekotis <93345790+brekotis@users.noreply.github.com>
 2026-03-20 16:05:24 +03:00
David Osipov 7416829e89 Merge remote-tracking branch 'upstream/main' into test/main-into-flow-sec 
# Conflicts:
#	Cargo.toml
#	src/api/model.rs
#	src/api/runtime_stats.rs
#	src/transport/middle_proxy/health.rs
#	src/transport/middle_proxy/health_regression_tests.rs
#	src/transport/middle_proxy/pool_status.rs
 2026-03-19 23:48:40 +04:00
Alexey 8d1faece60 Instadrain + Hard-remove for long draining-state 
Co-Authored-By: brekotis <93345790+brekotis@users.noreply.github.com>
 2026-03-19 17:45:17 +03:00
Alexey 89e5668c7e Runtime guardrails 
Co-Authored-By: brekotis <93345790+brekotis@users.noreply.github.com>
 2026-03-18 22:33:41 +03:00
Alexey 31f6258c47 Hot-Reload fixes 
Co-Authored-By: brekotis <93345790+brekotis@users.noreply.github.com>
 2026-03-18 13:54:59 +03:00
Alexey 3739f38440 Adaptive Buffers + Session Eviction Method 2026-03-18 10:49:02 +03:00
Alexey d78360982c Hot-Reload fixes 2026-03-17 13:02:12 +03:00
Alexey 4028579068 Inherited per-user unique IP limit 2026-03-15 12:43:31 +03:00
Alexey 58f26ba8a7 Configurable ME draining writer overflow threshold 2026-03-15 12:13:46 +03:00
Alexey 8b0b47145d New Hot-Reload method 2026-03-14 18:54:05 +03:00
Alexey 633af93b19 DC to Client fine tuning 2026-03-08 04:51:46 +03:00
Alexey 9401c46727 ME Writer Pick 2026-03-08 03:05:47 +03:00
Alexey d2baa8e721 CPU/RAM improvements + removing hot-path obstacles 2026-03-07 19:33:48 +03:00
Alexey 5f77f83b48 ME Adaptive Floor Upper-Limit 2026-03-07 17:27:56 +03:00
Alexey ce9698d39b ME Adaptive Floor Planner 
Co-Authored-By: brekotis <93345790+brekotis@users.noreply.github.com>
 2026-03-07 02:50:11 +03:00
Alexey 2ea85c00d3 Runtime API Defaults 2026-03-06 18:54:00 +03:00
Alexey 8066ea2163 ME Pool Init fixes 2026-03-05 15:31:36 +03:00
Alexey 09bdafa718 Performance improvements 2026-03-05 14:39:32 +03:00
Alexey ccfda10713 ME2DC Fallback + ME Init Retries 
Co-Authored-By: brekotis <93345790+brekotis@users.noreply.github.com>
 2026-03-05 12:43:07 +03:00
Alexey a9209fd3c7 Hot-Reload fixes 
Co-Authored-By: brekotis <93345790+brekotis@users.noreply.github.com>
 2026-03-05 12:18:09 +03:00
Alexey 4ae4ca8ca8 New IP Limit Method 
Co-Authored-By: brekotis <93345790+brekotis@users.noreply.github.com>
 2026-03-05 02:28:19 +03:00
Alexey 6b9c7f7862 Runtime API in defaults 
Co-Authored-By: brekotis <93345790+brekotis@users.noreply.github.com>
 2026-03-04 02:46:12 +03:00
Alexey 7269dfbdc5 API in defaults+load+reload 
Co-Authored-By: brekotis <93345790+brekotis@users.noreply.github.com>
 2026-03-04 01:09:32 +03:00
Alexey a6132bac38 Idle tolerance + Adaptive floor by default + RPC Proxy Req 
Co-Authored-By: brekotis <93345790+brekotis@users.noreply.github.com>
 2026-03-03 23:16:25 +03:00
Alexey 624870109e Upstream Connect in defaults 
Co-Authored-By: brekotis <93345790+brekotis@users.noreply.github.com>
 2026-03-03 20:50:31 +03:00
Alexey cfec6dbb3c ME Adaptive Floor pull-up 
Co-Authored-By: brekotis <93345790+brekotis@users.noreply.github.com>
 2026-03-03 03:38:06 +03:00
sintanial bc432f06e2 Add per-user ad_tag with global fallback and hot-reload 
- Per-user ad_tag in [access.user_ad_tags], global fallback in general.ad_tag
- User tag overrides global; if no user tag, general.ad_tag is used
- Both general.ad_tag and user_ad_tags support hot-reload (no restart)
 2026-03-01 16:28:55 +03:00
Alexey 9afaa28add UpstreamManager: Backoff Retries 2026-02-28 14:21:09 +03:00
Alexey 8b39a4ef6d Statistics on ME + Dynamic backpressure + KDF with SOCKS 
Co-Authored-By: brekotis <93345790+brekotis@users.noreply.github.com>
 2026-02-28 13:18:31 +03:00
Alexey ac064fe773 STUN switch + Ad-tag fixes + DNS-overrides 2026-02-27 15:59:27 +03:00
Alexey 7782336264 ME Probe parallelized 2026-02-26 17:56:22 +03:00
Alexey 0e2d42624f ME Pool Hardswap 2026-02-24 00:04:12 +03:00
Alexey d8dcbbb61e ME Pool Updater + Soft-staged Reinit w/o Reconcile 
Co-Authored-By: brekotis <93345790+brekotis@users.noreply.github.com>
 2026-02-23 16:04:19 +03:00
Alexey d08ddd718a Desync Full Forensics 
Co-Authored-By: brekotis <93345790+brekotis@users.noreply.github.com>
 2026-02-23 15:28:02 +03:00
artemws a74bdf8aea Update hot_reload.rs 2026-02-20 23:03:26 +02:00
artemws ea88a40c8f Add config path canonicalization 
Canonicalize the config path to match notify events.
 2026-02-20 15:37:44 +02:00
artemws 953fab68c4 Refactor hot-reload mechanism to use notify crate 
Updated hot-reload functionality to use notify crate for file watching and improved documentation.
 2026-02-20 15:29:37 +02:00
artemws 25b18ab064 Enhance logging for hot reload configuration changes 
Added detailed logging for various configuration changes during hot reload, including log level, ad tag, middle proxy pool size, and user access changes.
 2026-02-20 14:50:37 +02:00
artemws 26cf6ff4fa Add files via upload 2026-02-20 14:18:30 +02:00