alknet/crates/wraith-core/src/server/mod.rs at 7dcf7502b7fe7d092ed34802bcd7191593f81e19 - alknet - Gitea: Git with a cup of tea

alkdev/alknet

Files

glm-5.1 7dcf7502b7 feat(server): implement stealth mode protocol multiplexing (ADR-017)

Add stealth mode detection that peeks at the first bytes after TLS handshake
to determine SSH vs HTTP protocol. SSH connections proceed to russh handler;
non-SSH connections receive a fake nginx 404 response, making the server
indistinguishable from an ordinary HTTPS site to scanners and DPI systems.

- ProtocolDetection enum (Ssh, Http) for protocol classification
- detect_protocol() uses BufReader::fill_buf() to peek without consuming bytes
- send_fake_nginx_404() writes HTTP/1.1 404 + Server: nginx headers
- validate_stealth_config() enforces TLS transport requirement for stealth
- 17 unit tests covering SSH banner, HTTP, random data, and edge cases

2026-06-02 11:13:15 +00:00

5 lines

193 B

Rust

Raw Blame History

 pub mod handler;
 pub mod stealth;
 pub use handler::{ProxyConfig, ProxyMode, ServerHandler};
 pub use stealth::{ProtocolDetection, detect_protocol, send_fake_nginx_404, validate_stealth_config};