alkdev/alknet
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
47968ee48df2b8e50b9fab4b5ee1329833083fb4
alknet/tasks/review/server-and-client.md
glm-5.1 596c89ce24 refactor!: rebrand wraith to alknet 
Rename all crates, CLI commands, constants, type names, doc comments,
and documentation from wraith to alknet. Includes wire-protocol changes:
ALPN wraith-ssh -> alknet-ssh, reserved destination prefix wraith- ->
alknet-, SSH auth username wraith -> alknet.
2026-06-05 10:04:32 +00:00

46 lines
1.9 KiB
Markdown
Raw Blame History

---
id: review/server-and-client
name: Review server and client implementation — full SSH tunnel functionality
status: completed
depends_on:
- meta/server-layer
- meta/client-layer
- review/core-foundation
scope: broad
risk: low
impact: phase
level: review
---
## Description
Review the server and client implementations after the core foundation review. This is a critical checkpoint before the CLI and NAPI layers — the server and client must work correctly as a unit before wrapping them in CLI flags or NAPI bindings.
Verify end-to-end SSH tunnel flow: client connects → SOCKS5 proxy works → port forwards work → reconnection works → server handles channels → proxy modes work → stealth mode works.
## Acceptance Criteria
- [x] Server accepts SSH connections over TCP, TLS, iroh (via integration tests)
- [x] Client establishes SSH sessions and runs SOCKS5 proxy
- [x] Channel proxy: direct TCP, SOCKS5 proxy, HTTP CONNECT proxy all work
- [x] Stealth mode: non-SSH gets nginx 404, SSH connects normally
- [x] Rate limiting: connection limits enforced, auth attempt limits enforced
- [x] Logging: structured `tracing::info!` events match ADR-013 format
- [x] No logging of tunnel destinations (ADR-006)
- [x] Reconnection: transport failure → exponential backoff → reconnect → port forwards re-registered
- [x] Reserved `alknet-` destinations routed to control channel, not TCP proxy
- [x] Graceful shutdown works for both server and client
- [x] All tests pass: `cargo test --workspace`
- [x] `cargo clippy --workspace` passes
## References
- docs/architecture/server.md, docs/architecture/client.md
## Summary
Server and client review passed with fixes. Key issues found and resolved:
- wired channel proxy into handler (was dropping all non-alknet channels)
- added client reconnection with exponential backoff + remote forward re-registration
- fixed ADR-006 violations (removed server-side destination logging)
- 241 tests pass, clippy clean
Reference in New Issue View Git Blame Copy Permalink