astelm
/
telemt
mirror of https://github.com/telemt/telemt.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
telemt/docs
History
David Osipov 91be148b72
Security hardening, concurrency fixes, and expanded test coverage 
This commit introduces a comprehensive set of improvements to enhance
the security, reliability, and configurability of the proxy server,
specifically targeting adversarial resilience and high-load concurrency.

Security & Cryptography:
- Zeroize MTProto cryptographic key material (`dec_key`, `enc_key`)
  immediately after use to prevent memory leakage on early returns.
- Move TLS handshake replay tracking after full policy/ALPN validation
  to prevent cache poisoning by unauthenticated probes.
- Add `proxy_protocol_trusted_cidrs` configuration to restrict PROXY
  protocol headers to trusted networks, rejecting spoofed IPs.

Adversarial Resilience & DoS Mitigation:
- Implement "Tiny Frame Debt" tracking in the middle-relay to prevent
  CPU exhaustion from malicious 0-byte or 1-byte frame floods.
- Add `mask_relay_max_bytes` to strictly bound unauthenticated fallback
  connections, preventing the proxy from being abused as an open relay.
- Add a 5ms prefetch window (`mask_classifier_prefetch_timeout_ms`) to
  correctly assemble and classify fragmented HTTP/1.1 and HTTP/2 probes
  (e.g., `PRI * HTTP/2.0`) before routing them to masking heuristics.
- Prevent recursive masking loops (FD exhaustion) by verifying the mask
  target is not the proxy's own listener via local interface enumeration.

Concurrency & Reliability:
- Eliminate executor waker storms during quota lock contention by replacing
  the spin-waker task with inline `Sleep` and exponential backoff.
- Roll back user quota reservations (`rollback_me2c_quota_reservation`)
  if a network write fails, preventing Head-of-Line (HoL) blocking from
  permanently burning data quotas.
- Recover gracefully from idle-registry `Mutex` poisoning instead of
  panicking, ensuring isolated thread failures do not break the proxy.
- Fix `auth_probe_scan_start_offset` modulo logic to ensure bounds safety.

Testing:
- Add extensive adversarial, timing, fuzzing, and invariant test suites
  for both the client and handshake modules.
 		2026-03-22 23:09:49 +04:00
..
LICENSE Telemt PL 3 на русском языке 2026-03-14 15:23:41 +03:00
fronting-splitting Update TLS-F-TCP-S.ru.md 2026-03-17 11:56:56 +03:00
middle-end/KDF-internals Middle-End docs 2026-03-14 15:10:07 +03:00
model Update dependencies and refactor random number generation 2026-03-21 15:43:07 +04:00
API.md Add Shadowsocks upstream support 2026-03-18 12:36:44 +03:00
CONFIG_PARAMS.en.md Security hardening, concurrency fixes, and expanded test coverage 2026-03-22 23:09:49 +04:00
FAQ.en.md Add Shadowsocks upstream support 2026-03-18 12:36:44 +03:00
FAQ.ru.md Add Shadowsocks upstream support 2026-03-18 12:36:44 +03:00
OPENBSD.en.md Add Rust coding conventions and self-explanatory commenting guidelines; update dependencies and version in Cargo files; enhance OpenBSD support in installation and documentation; improve TCP socket configuration and testing 2026-03-11 20:49:51 +04:00
QUICK_START_GUIDE.en.md fix(docker): expose port 9091 and allow external API access 2026-03-19 15:54:01 +03:00
QUICK_START_GUIDE.ru.md Update section title for Docker usage 2026-03-20 22:23:36 +02:00
TUNING.de.md Add Shadowsocks upstream support 2026-03-18 12:36:44 +03:00
TUNING.en.md Add Shadowsocks upstream support 2026-03-18 12:36:44 +03:00
TUNING.ru.md Add Shadowsocks upstream support 2026-03-18 12:36:44 +03:00
XRAY-SINGBOX-ROUTING.ru.md Create XRAY-SINGBOX-ROUTING.ru.md 2026-03-02 01:23:09 +03:00