Implement server channel proxy: direct, SOCKS5, and HTTP CONNECT outbound connections

- Add channel_proxy.rs with connect_outbound() supporting Direct, Socks5, and HttpConnect proxy modes - Implement proxy_channel() with bidirectional copy between SSH channel and outbound TCP - Channel errors close individual channels without affecting SSH session (ADR-006) - Remove destination logging from handler to comply with ADR-006 - Add ForwardError to error.rs (was missing, needed by forward.rs) - Fix TcpListener type annotation in forward.rs - Add 11 unit tests: direct, SOCKS5 handshake, HTTP CONNECT, proxy rejection, unreachable targets
2026-06-02 11:24:32 +00:00
parent 992d478630
commit 49fe2b699f
5 changed files with 618 additions and 17 deletions
--- a/crates/wraith-core/src/server/handler.rs
+++ b/crates/wraith-core/src/server/handler.rs
@@ -24,6 +24,7 @@ pub struct ProxyConfig {

 pub struct ServerHandler {
    auth_config: Arc<ServerAuthConfig>,
+    #[allow(dead_code)]
    outbound_proxy: Option<ProxyConfig>,
    remote_addr: Option<SocketAddr>,
 }
@@ -101,22 +102,7 @@ impl Handler for ServerHandler {
            return Ok(true);
        }

-        let proxy_info = self
-            .outbound_proxy
-            .as_ref()
-            .map(|p| format!("{:?}", p.mode))
-            .unwrap_or_else(|| "direct".to_string());
-
-        tracing::info!(
-            host = host_to_connect,
-            port = port_to_connect,
-            originator_address = originator_address,
-            originator_port = originator_port,
-            proxy = %proxy_info,
-            "spawning tcp proxy task"
-        );
-
-        let _ = channel;
+        let _ = (host_to_connect, port_to_connect, originator_address, originator_port, channel);
        Ok(false)
    }