astelm
/
telemt
mirror of https://github.com/telemt/telemt.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
1,124 Commits 2 Branches 76 Tags 22 MiB
Commit Graph

70 Commits

Author SHA1 Message Date
David Osipov ead23608f0
Add stress and manual benchmark tests for handshake protocols 
- Introduced `handshake_real_bug_stress_tests.rs` to validate TLS and MTProto handshake behaviors under various conditions, including ALPN rejection and session ID handling.
- Implemented tests to ensure replay cache integrity and proper handling of malicious input without panicking.
- Added `handshake_timing_manual_bench_tests.rs` for performance benchmarking of user authentication paths, comparing preferred user handling against full user scans in both MTProto and TLS contexts.
- Included timing-sensitive tests to measure the impact of SNI on handshake performance.
 2026-03-22 15:39:57 +04:00
David Osipov e7e763888b
Implement aggressive shape hardening mode and related tests 2026-03-21 22:25:29 +04:00
Alexey b14c2b0a9b
Merge pull request #517 from DavidOsipov/test/main-into-flow-sec 
Усиление обхода DPI (Shape/Timing Hardening), защита от тайминг-атак и масштабное покрытие тестами
 2026-03-21 15:03:05 +03:00
David Osipov c8632de5b6
Update dependencies and refactor random number generation 
- Bump versions of several dependencies in Cargo.toml for improved functionality and security, including:
  - socket2 to 0.6
  - nix to 0.31
  - toml to 1.0
  - x509-parser to 0.18
  - dashmap to 6.1
  - rand to 0.10
  - reqwest to 0.13
  - notify to 8.2
  - ipnetwork to 0.21
  - webpki-roots to 1.0
  - criterion to 0.8
- Introduce `OnceLock` for secure random number generation in multiple modules to ensure thread safety and reduce overhead.
- Refactor random number generation calls to use the new `RngExt` trait methods for consistency and clarity.
- Add new PNG files for architectural documentation.
 2026-03-21 15:43:07 +04:00
David Osipov bb355e916f
Add comprehensive security tests for masking and shape hardening features 
- Introduced red-team expected-fail tests for client masking shape hardening.
- Added integration tests for masking AB envelope blur to improve obfuscation.
- Implemented masking security tests to validate the behavior of masking under various conditions.
- Created tests for masking shape above-cap blur to ensure proper functionality.
- Developed adversarial tests for masking shape hardening to evaluate robustness against attacks.
- Added timing normalization security tests to assess the effectiveness of timing obfuscation.
- Implemented red-team expected-fail tests for timing side-channel vulnerabilities.
 2026-03-21 00:30:51 +04:00
Michael Karpov 777b15b1da
Update section title for Docker usage 
Изменено название раздела с 'Запуск в Docker Compose' на 'Запуск без Docker Compose'.
 2026-03-20 22:23:36 +02:00
David Osipov ebd37932c5
Merge latest upstream/main into test/main-into-flow-sec 2026-03-20 23:21:22 +04:00
David Osipov 0eca535955
Refactor TLS fallback tests to remove unnecessary client hello assertions 
- Removed assertions for expected client hello messages in multiple TLS fallback tests to streamline the test logic.
- Updated the tests to focus on verifying the trailing TLS records received after the fallback.
- Enhanced the masking functionality by adding shape hardening features, including dynamic padding based on sent data size.
- Modified the relay_to_mask function to accommodate new parameters for shape hardening.
- Updated masking security tests to reflect changes in the relay_to_mask function signature.
 2026-03-20 22:44:39 +04:00
Maxim Myalin 66867d3f5b
Merge branch 'main' into feat/shadowsocks-upstream 
# Conflicts:
#	Cargo.lock
#	src/api/runtime_stats.rs
 2026-03-20 15:22:36 +03:00
Alexey dd8ef4d996
Merge branch 'main' into feat/shadowsocks-upstream 2026-03-19 17:19:01 +03:00
TEMAndroid 05c066c676
fix(docker): expose port 9091 and allow external API access 
Add 9091 port mapping to compose.yml to make the REST API reachable
from outside the container. Previously only port 9090 (metrics) was
published, making the documented curl commands non-functional.

fixes #434
 2026-03-19 15:54:01 +03:00
Dimasssss 1935455256
Update CONFIG_PARAMS.en.md 2026-03-18 18:20:23 +03:00
Maxim Myalin 062464175e
Merge branch 'main' into feat/shadowsocks-upstream 2026-03-18 12:38:23 +03:00
Maxim Myalin def42f0baa
Add Shadowsocks upstream support 2026-03-18 12:36:44 +03:00
Dimasssss 462c927da6
Create CONFIG_PARAMS.en.md 2026-03-18 10:53:09 +03:00
Dimasssss bd0cefdb12
Update TLS-F-TCP-S.ru.md 2026-03-17 11:56:56 +03:00
Dimasssss e1ef192c10
Update FAQ.en.md 2026-03-16 22:03:28 +03:00
Dimasssss ee4d15fed6
Update FAQ.ru.md 2026-03-16 22:02:55 +03:00
Dimasssss 0ae67db492
Update QUICK_START_GUIDE.en.md 2026-03-16 13:40:50 +03:00
Dimasssss c4f77814ee
Update QUICK_START_GUIDE.ru.md 2026-03-16 13:40:20 +03:00
Dimasssss 3d5af3d248
Update FAQ.en.md 2026-03-15 19:09:02 +03:00
Dimasssss 2d7df3da6c
Update FAQ.ru.md 2026-03-15 19:06:56 +03:00
Alexey 7d5e1cb9e8
Rename TLS-F-TCP-s.ru.md to TLS-F-TCP-S.ru.md 2026-03-14 20:42:21 +03:00
Alexey 56e38e8d00
Update TLS-F-TCP-s.ru.md 2026-03-14 20:41:14 +03:00
Alexey 4ddbb97908
Create TLS-F-TCP-s.ru.md 2026-03-14 20:29:12 +03:00
Alexey 58e5605f39
Telemt PL 3 на русском языке 2026-03-14 15:23:41 +03:00
Alexey 75a654c766
TELEMT-Lizenz 3 auf Deutsch 2026-03-14 15:23:24 +03:00
Alexey 2b058f7df7
Create LICENSE.en.md 2026-03-14 15:11:12 +03:00
Alexey c12d27f08a
Middle-End docs 2026-03-14 15:10:07 +03:00
farton1983 89923dbaa2
Update QUICK_START_GUIDE.ru.md 2026-03-14 11:07:12 +03:00
Alexey b8da986fd5
ReRoute + Bnd-checks in API + Per-upstream Runtime Selftest + BSD-Support: merge pull request #394 from telemt/flow 
ReRoute + Bnd-checks in API + Per-upstream Runtime Selftest + BSD-Support
 2026-03-11 23:34:45 +03:00
David Osipov 8b5cbb7b4b
Add Rust coding conventions and self-explanatory commenting guidelines; update dependencies and version in Cargo files; enhance OpenBSD support in installation and documentation; improve TCP socket configuration and testing 2026-03-11 20:49:51 +04:00
Alexey 0e476c71a5
Merge pull request #385 from Shulyaka/Shulyaka-patch-2 
Document running as unprivileged user in QUICK_START_GUIDE
 2026-03-11 11:59:31 +03:00
Alexey d2db9b8cf9
Update API.md 2026-03-10 00:05:38 +03:00
Alexey fabb3c45f1
Runtime Selftest in API Docs 2026-03-10 00:04:22 +03:00
Denis Shulyaka a09b597fab
Fix the ru translation also 2026-03-09 19:39:55 +03:00
Denis Shulyaka c920dc6381
Fix config path and update service creation steps 
Updated paths and instructions in the quick start guide for Telemt configuration and service setup.
 2026-03-09 19:38:55 +03:00
Alexey 3a997fcf71
Update API.md 2026-03-09 17:23:25 +03:00
Talya d543dbca92
Fix typo in QUICK_START_GUIDE.ru.md 2026-03-07 14:48:02 +01:00
Dimasssss 01893f3712
Create FAQ.en.md 2026-03-07 00:25:40 +03:00
Dimasssss 8ae741ec72
Update FAQ.ru.md 2026-03-07 00:16:46 +03:00
Dimasssss ce375b62e4
Update QUICK_START_GUIDE.en.md 2026-03-06 21:04:50 +03:00
Dimasssss 95971ac62c
Update QUICK_START_GUIDE.ru.md 2026-03-06 21:03:45 +03:00
Dimasssss 6fd9f0595d
Update FAQ.ru.md 2026-03-06 20:24:17 +03:00
Alexey 640468d4e7
Update API.md 
Co-Authored-By: brekotis <93345790+brekotis@users.noreply.github.com>
 2026-03-06 20:01:12 +03:00
Alexey fc160913bf
Update API.md 2026-03-06 13:07:31 +03:00
Alexey 99edcbe818
Runtime Model 2026-03-06 11:11:44 +03:00
Alexey 651f257a5d
Update API.md 
Co-Authored-By: brekotis <93345790+brekotis@users.noreply.github.com>
 2026-03-05 12:30:29 +03:00
Dimasssss 0d9470a840
Update QUICK_START_GUIDE.en.md 2026-03-04 14:10:46 +03:00
Dimasssss 0d320c20e0
Update QUICK_START_GUIDE.ru.md 2026-03-04 14:10:12 +03:00