1.6 KiB
1.6 KiB
id, name, status, depends_on, scope, risk, impact, level
| id | name | status | depends_on | scope | risk | impact | level | ||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| meta/server-layer | Complete server layer — handler, channel proxy, stealth, rate limiting, control channel, serve loop | completed |
|
system | high | phase | planning |
Description
Meta task that clusters all server module tasks. Once complete, the server accepts SSH connections via any transport, authenticates clients, proxies channel traffic to TCP targets (directly or via proxy), handles stealth mode, rate limits connections, routes reserved wraith- destinations, and shuts down gracefully.
Acceptance Criteria
- All server tasks completed
- Server handles SSH connections over TCP, TLS, and iroh transports
- Authentication via Ed25519 keys and cert-authority
- Channel proxying with direct, SOCKS5, and HTTP CONNECT outbound modes
- Stealth mode detects SSH vs HTTP and returns fake nginx 404
- Rate limiting and structured logging
- Control channel routing for
wraith-*destinations - Graceful shutdown
References
- docs/architecture/server.md
Notes
All server module tasks completed across Gens 4-7. Server layer is fully implemented.
Summary
Server layer complete: handler (auth + channel dispatch), channel proxy (direct/SOCKS5/HTTP CONNECT), stealth mode (protocol multiplexing), rate limiting (per-IP connection limits), control channel (wraith-* destination routing), serve loop (accept loop + graceful shutdown). All 229 tests pass.