astelm
/
telemt
mirror of https://github.com/telemt/telemt.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
945 Commits 2 Branches 76 Tags 21 MiB
Commit Graph

73 Commits

Author SHA1 Message Date
David Osipov 97d4a1c5c8
Refactor and enhance security in proxy and handshake modules 
- Updated `direct_relay_security_tests.rs` to ensure sanitized paths are correctly validated against resolved paths.
- Added tests for symlink handling in `unknown_dc_log_path_revalidation` to prevent symlink target escape vulnerabilities.
- Modified `handshake.rs` to use a more robust hashing strategy for eviction offsets, improving the eviction logic in `auth_probe_record_failure_with_state`.
- Introduced new tests in `handshake_security_tests.rs` to validate eviction logic under various conditions, ensuring low fail streak entries are prioritized for eviction.
- Simplified `route_mode.rs` by removing unnecessary atomic mode tracking, streamlining the transition logic in `RouteRuntimeController`.
- Enhanced `route_mode_security_tests.rs` with comprehensive tests for mode transitions and their effects on session states, ensuring consistency under concurrent modifications.
- Cleaned up `emulator.rs` by removing unused ALPN extension handling, improving code clarity and maintainability.
 2026-03-18 01:40:38 +04:00
David Osipov d9aa6f4956
Merge upstream/main into pr-sec-1 2026-03-17 17:49:10 +04:00
Alexey 35bca7d4cc
Update Cargo.toml 2026-03-17 16:31:32 +03:00
David Osipov e0d821c6b6
Merge remote-tracking branch 'upstream/main' into pr-sec-1 2026-03-17 01:51:35 +04:00
Alexey 2c10560795
Update Cargo.toml 2026-03-16 21:25:14 +03:00
David Osipov 6ffbc51fb0
security: harden handshake/masking flows and add adversarial regressions 
- forward valid-TLS/invalid-MTProto clients to mask backend in both client paths\n- harden TLS validation against timing and clock edge cases\n- move replay tracking behind successful authentication to avoid cache pollution\n- tighten secret decoding and key-material handling paths\n- add dedicated security test modules for tls/client/handshake/masking\n- include production-path regression for ClientHandler fallback behavior
 2026-03-16 20:04:41 +04:00
David Osipov f10ca192fa
chore: merge upstream/main (92972ab) into pr-sec-1 2026-03-16 13:50:46 +04:00
Alexey 3d43ff6e57
Update Cargo.toml 2026-03-15 00:32:57 +03:00
David Osipov 2bd9036908
ci: add security policy, cargo-deny configuration, and audit workflow 
- Add deny.toml with license/advisory policy for cargo-deny
- Add security.yml GitHub Actions workflow for automated audit
- Update rust.yml with hardened clippy lint enforcement
- Update Cargo.toml/Cargo.lock with audit-related dependency additions
- Fix clippy lint placement in config.toml (Clippy lints must not live in rustflags)

Part of PR-SEC-1: no Rust source changes, establishes CI gates for all subsequent PRs.
 2026-03-15 00:30:36 +04:00
Alexey 50caeb1803
Update Cargo.toml 2026-03-14 13:24:16 +03:00
David Osipov 8b5cbb7b4b
Add Rust coding conventions and self-explanatory commenting guidelines; update dependencies and version in Cargo files; enhance OpenBSD support in installation and documentation; improve TCP socket configuration and testing 2026-03-11 20:49:51 +04:00
Alexey 5ab3170f69
Update Cargo.toml 2026-03-09 18:43:46 +03:00
Alexey 5f7fb15dd8
Update Cargo.toml 2026-03-08 06:20:56 +03:00
Alexey aa3fcfbbe1
Update Cargo.toml 2026-03-08 04:53:40 +03:00
Alexey 76b28aea74
Update Cargo.toml 2026-03-08 03:45:46 +03:00
Alexey d641137537
Update Cargo.toml 2026-03-08 03:09:33 +03:00
Alexey ca2eaa9ead
Update Cargo.toml 2026-03-07 19:37:40 +03:00
Alexey 7b745bc7bc
Update Cargo.toml 2026-03-07 16:34:32 +03:00
Alexey 9e7f80b9b3
Update Cargo.toml 2026-03-07 13:57:58 +03:00
Alexey 484137793f
Update Cargo.toml 2026-03-07 03:32:00 +03:00
Alexey 2468ee15e7
Update Cargo.toml 2026-03-07 03:16:48 +03:00
Alexey d752a440e5
Update Cargo.toml 2026-03-06 20:38:17 +03:00
Alexey 30ef8df1b3
Update Cargo.toml 2026-03-06 12:44:40 +03:00
Alexey 691607f269
Update Cargo.toml 2026-03-06 04:05:35 +03:00
Alexey 69b02caf77
Update Cargo.toml 2026-03-05 23:23:24 +03:00
Alexey 0e2cbe6178
Update Cargo.toml 2026-03-05 22:32:08 +03:00
Alexey 48ce59900e
Update Cargo.toml 2026-03-05 16:40:28 +03:00
Alexey 02c6af4912
Update Cargo.toml 2026-03-05 12:46:57 +03:00
Alexey 173624c838
Update Cargo.toml 2026-03-04 11:44:50 +03:00
Alexey 314f30a434
Update Cargo.toml 2026-03-04 02:53:47 +03:00
Alexey d31b4cd6c8
Update Cargo.toml 2026-03-03 23:38:15 +03:00
Alexey 3b8eea762b
Update Cargo.toml 2026-03-03 03:28:37 +03:00
Alexey b7a8e759eb
Update Cargo.toml 2026-03-02 21:36:00 +03:00
Alexey 12e68f805f
Update Cargo.toml 2026-02-28 15:51:15 +03:00
Alexey 60231224ac
Update Cargo.toml 2026-02-26 19:41:37 +03:00
Alexey 5a09d30e1c
Update Cargo.toml 2026-02-25 03:09:02 +03:00
Alexey 866c2fbd96
Update Cargo.toml 2026-02-25 00:29:58 +03:00
Alexey 25ab79406f
Update Cargo.toml 2026-02-25 00:28:26 +03:00
Alexey ee07325eba
Update Cargo.toml 2026-02-24 21:12:44 +03:00
Alexey 9aed6c8631
Update Cargo.toml 2026-02-23 18:47:26 +03:00
Alexey 829dc16fa3
Update Cargo.toml 2026-02-23 14:35:47 +03:00
Alexey 23af3cad5d
Update Cargo.toml 2026-02-23 06:04:36 +03:00
Alexey 536e6417a0
Update Cargo.toml 2026-02-23 03:48:40 +03:00
Alexey cf96e686d1
Update Cargo.toml 2026-02-23 02:41:54 +03:00
Alexey 8c1d66a03e
Update Cargo.toml 2026-02-23 02:32:13 +03:00
Alexey 3d3428ad4d
Update Cargo.toml 2026-02-21 14:11:12 +03:00
Alexey 40711fda09
Update Cargo.toml 2026-02-21 13:20:44 +03:00
Alexey eb3245b78f
Merge branch 'main-stage' into flow 2026-02-20 17:19:23 +03:00
Alexey da84151e9f
Merge pull request #184 from artemws/main 
CIDR вместо обычного IP адреса metrics_whitelist
 2026-02-20 17:15:54 +03:00
Alexey bae811f8f1
Update Cargo.toml 2026-02-20 17:05:35 +03:00