astelm/telemt
1
0
Fork 0
mirror of https://github.com/telemt/telemt.git synced 2026-05-01 17:34:09 +03:00
Code Issues Packages Projects Releases Wiki Activity
1,529 Commits 1 Branch 88 Tags
8520955a5f229460909ad560e4a7946cdc8998fb
Commit Graph

197 Commits

Author SHA1 Message Date
Alexey
9412f089c0 Restore active IP observability for users without unique-IP limits 2026-04-25 15:49:28 +03:00
Alexey
37c916056a Rustfmt 2026-04-25 14:35:35 +03:00
Alexey
2f2fe9d5d3 Bound relay queues by bytes 
Co-Authored-By: brekotis <93345790+brekotis@users.noreply.github.com>
Signed-off-by: Alexey <247128645+axkurcom@users.noreply.github.com>
 2026-04-25 13:54:20 +03:00
Alexey
27b5d576c0 Bound hot-path pressure in ME Relay + Handshake 
Co-Authored-By: brekotis <93345790+brekotis@users.noreply.github.com>
Signed-off-by: Alexey <247128645+axkurcom@users.noreply.github.com>
 2026-04-25 12:16:26 +03:00
Alexey
e78592ef9b Avoid IP tracking when unique-IP limits are disabled and cap beobachten memory 
Co-Authored-By: brekotis <93345790+brekotis@users.noreply.github.com>
Signed-off-by: Alexey <247128645+axkurcom@users.noreply.github.com>
 2026-04-25 12:00:46 +03:00
Alexey
033ebf5038 Relays Tests Fixes 2026-04-24 15:51:19 +03:00
Alexey
8960fad8cd Сlassified Bad Connections and Handshake Failures in API 
Co-Authored-By: brekotis <93345790+brekotis@users.noreply.github.com>
 2026-04-24 10:56:30 +03:00
Alexey
67357310f7 TLS 1.2/1.3 Correctness + Full ServerHello + Rustfmt 
Co-Authored-By: brekotis <93345790+brekotis@users.noreply.github.com>
 2026-04-23 21:29:18 +03:00
Alexey
db8d333ed6 Noisy-network peer Close Errors Classification 2026-04-21 15:35:11 +03:00
Alexey
4ce6b14bd8 Rustfmt 2026-04-21 13:31:24 +03:00
Alexey
db114f09c3 Sync tests with code 2026-04-21 13:30:11 +03:00
Alexey
09310ff284 Unlimited mask_relay_max_bytes 2026-04-21 11:30:58 +03:00
lie-must-die
dd27206104 Implement test for unknown SNI reject policy 
Add test for unknown SNI rejection policy emitting TLS alert.
 2026-04-19 12:44:39 +03:00
lie-must-die
f11c7880e6 Enhance unknown SNI action handling in handshake 
Updated handling of unknown SNI actions in TLS handshake process. Added support for RejectHandshake action and adjusted delay application logic.
 2026-04-19 12:43:54 +03:00
Alexey
17a966b822 Rustfmt 2026-04-17 10:48:01 +03:00
Alexey
f36f2eae24 Evaluating hard-idle timeout after read timeout 
Co-Authored-By: brekotis <93345790+brekotis@users.noreply.github.com>
 2026-04-15 15:20:38 +03:00
Alexey
497ec6aa84 Small frames as idle activity 
Co-Authored-By: brekotis <93345790+brekotis@users.noreply.github.com>
 2026-04-15 13:38:30 +03:00
Alexey
21ca1014ae Drafting Traffic Control 
Co-Authored-By: brekotis <93345790+brekotis@users.noreply.github.com>
 2026-04-15 13:14:45 +03:00
Alexey
696316f919 Rustfmt 2026-04-15 01:39:47 +03:00
Alexey
d7a0319696 Server.Listeners + Upstream V4/V6 
Co-Authored-By: brekotis <93345790+brekotis@users.noreply.github.com>
 2026-04-15 01:32:49 +03:00
Alexey
13f86062f4 BINDTODEVICE for Direct Upstreams by #683 
Co-Authored-By: brekotis <93345790+brekotis@users.noreply.github.com>
 2026-04-14 18:32:06 +03:00
Batmaev
26c40092f3 rm hardcoded mask timeouts 2026-04-12 10:46:18 +03:00
sintanial
ddeda8d914 feat: add configurable RST-on-close mode for client sockets 
Add `rst_on_close` config option (off/errors/always) to control
SO_LINGER(0) behaviour on accepted TCP connections.

- `off` (default): normal FIN on all closes, no behaviour change.
- `errors`: SO_LINGER(0) set on accept, cleared after successful
  handshake auth. Pre-handshake failures (scanners, DPI probes,
  timeouts) send RST instead of FIN, eliminating FIN-WAIT-1 and
  orphan socket accumulation. Authenticated relay sessions still
  close gracefully with FIN.
- `always`: SO_LINGER(0) on accept, never cleared — all closes
  send RST regardless of handshake outcome.
 2026-04-10 05:01:38 +03:00
Alexey
4a77335ba9 Round-bounded Retries + Bounded Retry-Round Constant 
Co-Authored-By: brekotis <93345790+brekotis@users.noreply.github.com>
 2026-04-07 19:19:40 +03:00
Alexey
14674bd4e6 Update relay.rs 2026-04-06 19:01:12 +03:00
Alexey
a36c7b3f66 Update handshake_security_tests.rs 2026-04-06 17:45:45 +03:00
Alexey
d848e4a729 Fixes for test + Rustfmt 2026-04-06 16:12:46 +03:00
Alexey
8d865a980c MRU Search + Runtime user snapshot + Ordered candidate auth + Sticky hints + Overload Budgets 2026-04-06 15:04:15 +03:00
Alexey
13dc1f70bf Accept as unknown_sni_action 2026-04-06 12:03:06 +03:00
Alexey
5f5582865e Rustfmt 2026-04-05 17:23:40 +03:00
Alexey
7f0057acd7 Conntrack Control Method 
Co-Authored-By: brekotis <93345790+brekotis@users.noreply.github.com>
 2026-04-04 11:28:32 +03:00
David Osipov
6ea867ce36 Phase 2 implemented with additional guards 2026-04-03 02:08:59 +04:00
David Osipov
a9f695623d Implementation plan + Phase 1 finished 2026-04-02 20:08:47 +04:00
Alexey
3df274caa6 Rustfmt 2026-03-31 19:42:07 +03:00
Alexey
780546a680 Memory Consumption in Stats and Metrics 
Co-Authored-By: brekotis <93345790+brekotis@users.noreply.github.com>
 2026-03-31 19:37:29 +03:00
Alexey
729ffa0fcd Shrink Session Vec 
Co-Authored-By: brekotis <93345790+brekotis@users.noreply.github.com>
 2026-03-31 19:29:47 +03:00
Alexey
e594d6f079 Buffer Pool Trim 
Co-Authored-By: brekotis <93345790+brekotis@users.noreply.github.com>
 2026-03-31 19:22:36 +03:00
Alexey
d8d8534cf8 Update masking_ab_envelope_blur_integration_security_tests.rs 2026-03-31 12:30:43 +03:00
Alexey
b8cf596e7d Admission-timeouts + Global Each TCP Connections 
Co-Authored-By: brekotis <93345790+brekotis@users.noreply.github.com>
 2026-03-31 11:14:55 +03:00
Alexey
65da1f91ec Drafting fixes for Apple/XNU Darwin Connectivity issues 
Co-Authored-By: Aleksandr Kalashnikov <33665156+sleep3r@users.noreply.github.com>
 2026-03-30 23:35:41 +03:00
sintanial
d06ac222d6 fix: move tg_connect to general, rustfmt upstream, fix UpstreamManager::new tests 
- Relocate tg_connect from [timeouts] to [general] with validation and docs updates.
- Apply rustfmt to per-attempt upstream connect timeout expression in upstream.rs.
- Pass tg_connect_timeout_secs in all UpstreamManager::new test call sites.
- Wire hot reload and runtime snapshot to general.tg_connect.
 2026-03-28 14:25:18 +03:00
Alexey
7a075b2ffe Middle Relay fixes 
Co-Authored-By: brekotis <93345790+brekotis@users.noreply.github.com>
 2026-03-26 02:18:39 +03:00
Alexey
ceae1564af Floor Runtime + Writer Selection Policy + Reconnect/Warmup + TransportPolicy + NAT Runtime Cores 
Co-Authored-By: brekotis <93345790+brekotis@users.noreply.github.com>
 2026-03-25 20:55:20 +03:00
Alexey
0b78583cf5 ME Routing Core 
Co-Authored-By: brekotis <93345790+brekotis@users.noreply.github.com>
 2026-03-25 18:18:06 +03:00
Alexey
8bab3f70e1 WritersState on ArcSwao + Preferred Endpoint on ArcSwap + Two-map Rotation for Desync Dedup 
Co-Authored-By: brekotis <93345790+brekotis@users.noreply.github.com>
 2026-03-25 17:25:35 +03:00
Alexey
ae16080de5 TLS Validator: Unknown SNI as WARN in Log 2026-03-24 21:01:41 +03:00
Alexey
8b92b80b4a Rustks CryptoProvider fixes + Rustfmt 2026-03-24 10:33:06 +03:00
Alexey
a40d6929e5 Upstream-driver getProxyConfig and getProxyConfig 
Co-Authored-By: brekotis <93345790+brekotis@users.noreply.github.com>
 2026-03-23 22:41:17 +03:00
Alexey
8db566dbe9 TLS Validator 
Co-Authored-By: brekotis <93345790+brekotis@users.noreply.github.com>
 2026-03-23 21:58:39 +03:00
Alexey
bb71de0230 Missing proxy_protocol_trusted_cidrs as trust- 
Co-Authored-By: brekotis <93345790+brekotis@users.noreply.github.com>
 2026-03-23 20:54:58 +03:00