Middle-End protocol hardening

- Secure framing / hot-path fix: enforced a single length + padding contract across the framing layer. Replaced legacy runtime `len % 4` recovery with strict validation to eliminate undefined behavior paths. - ME RPC aligned with C reference contract: handshake now includes `flags + sender_pid + peer_pid`. Added negotiated CRC mode (CRC32 / CRC32C) and applied the negotiated mode consistently in read/write paths. - Sequence fail-fast semantics: immediate connection termination on first sequence mismatch with dedicated counter increment. - Keepalive reworked to RPC ping/pong: removed raw CBC keepalive frames. Introduced stale ping tracker with proper timeout accounting. - Route/backpressure observability improvements: increased per-connection route queue to 4096. Added `RouteResult` with explicit failure reasons (NoConn, ChannelClosed, QueueFull) and per-reason counters. - Direct-DC secure mode-gate relaxation: removed TLS/secure conflict in Direct-DC handshake path.
2026-04-18 02:54:10 +03:00 · 2026-02-23 02:28:00 +03:00
parent 69be44b2b6
commit 6ff29e43d3
16 changed files with 407 additions and 137 deletions
--- a/src/config/defaults.rs
+++ b/src/config/defaults.rs
@@ -37,7 +37,7 @@ pub(crate) fn default_replay_window_secs() -> u64 {
 }

 pub(crate) fn default_handshake_timeout() -> u64 {
-    30
+    15
 }

 pub(crate) fn default_connect_timeout() -> u64 {
@@ -52,11 +52,11 @@ pub(crate) fn default_ack_timeout() -> u64 {
    300
 }
 pub(crate) fn default_me_one_retry() -> u8 {
-    12
+    3
 }

 pub(crate) fn default_me_one_timeout() -> u64 {
-    1200
+    1500
 }

 pub(crate) fn default_listen_addr() -> String {
@@ -83,7 +83,7 @@ pub(crate) fn default_unknown_dc_log_path() -> Option<String> {
 }

 pub(crate) fn default_pool_size() -> usize {
-    16
+    2
 }

 pub(crate) fn default_keepalive_interval() -> u64 {
@@ -207,4 +207,4 @@ where
        }
    }
    Ok(out)
-}
+}