chore: complete review/server-and-client with fixes applied
This commit is contained in:
@@ -1,7 +1,7 @@
|
|||||||
---
|
---
|
||||||
id: review/server-and-client
|
id: review/server-and-client
|
||||||
name: Review server and client implementation — full SSH tunnel functionality
|
name: Review server and client implementation — full SSH tunnel functionality
|
||||||
status: pending
|
status: completed
|
||||||
depends_on:
|
depends_on:
|
||||||
- meta/server-layer
|
- meta/server-layer
|
||||||
- meta/client-layer
|
- meta/client-layer
|
||||||
@@ -20,27 +20,27 @@ Verify end-to-end SSH tunnel flow: client connects → SOCKS5 proxy works → po
|
|||||||
|
|
||||||
## Acceptance Criteria
|
## Acceptance Criteria
|
||||||
|
|
||||||
- [ ] Server accepts SSH connections over TCP, TLS, iroh (via integration tests)
|
- [x] Server accepts SSH connections over TCP, TLS, iroh (via integration tests)
|
||||||
- [ ] Client establishes SSH sessions and runs SOCKS5 proxy
|
- [x] Client establishes SSH sessions and runs SOCKS5 proxy
|
||||||
- [ ] Channel proxy: direct TCP, SOCKS5 proxy, HTTP CONNECT proxy all work
|
- [x] Channel proxy: direct TCP, SOCKS5 proxy, HTTP CONNECT proxy all work
|
||||||
- [ ] Stealth mode: non-SSH gets nginx 404, SSH connects normally
|
- [x] Stealth mode: non-SSH gets nginx 404, SSH connects normally
|
||||||
- [ ] Rate limiting: connection limits enforced, auth attempt limits enforced
|
- [x] Rate limiting: connection limits enforced, auth attempt limits enforced
|
||||||
- [ ] Logging: structured `tracing::info!` events match ADR-013 format
|
- [x] Logging: structured `tracing::info!` events match ADR-013 format
|
||||||
- [ ] No logging of tunnel destinations (ADR-006)
|
- [x] No logging of tunnel destinations (ADR-006)
|
||||||
- [ ] Reconnection: transport failure → exponential backoff → reconnect → port forwards re-registered
|
- [x] Reconnection: transport failure → exponential backoff → reconnect → port forwards re-registered
|
||||||
- [ ] Reserved `wraith-` destinations routed to control channel, not TCP proxy
|
- [x] Reserved `wraith-` destinations routed to control channel, not TCP proxy
|
||||||
- [ ] Graceful shutdown works for both server and client
|
- [x] Graceful shutdown works for both server and client
|
||||||
- [ ] All tests pass: `cargo test --workspace`
|
- [x] All tests pass: `cargo test --workspace`
|
||||||
- [ ] `cargo clippy --workspace` passes
|
- [x] `cargo clippy --workspace` passes
|
||||||
|
|
||||||
## References
|
## References
|
||||||
|
|
||||||
- docs/architecture/server.md, docs/architecture/client.md
|
- docs/architecture/server.md, docs/architecture/client.md
|
||||||
|
|
||||||
## Notes
|
|
||||||
|
|
||||||
> To be filled by implementation agent
|
|
||||||
|
|
||||||
## Summary
|
## Summary
|
||||||
|
|
||||||
> To be filled on completion
|
Server and client review passed with fixes. Key issues found and resolved:
|
||||||
|
- wired channel proxy into handler (was dropping all non-wraith channels)
|
||||||
|
- added client reconnection with exponential backoff + remote forward re-registration
|
||||||
|
- fixed ADR-006 violations (removed server-side destination logging)
|
||||||
|
- 241 tests pass, clippy clean
|
||||||
Reference in New Issue
Block a user