Add: H3 support - incomplete
This commit is contained in:
DaZuo0122
@@ -10,7 +10,7 @@ v0.3.0 focuses on improving diagnostic depth and fidelity of existing commands r
|
||||
Major upgrades in this release:
|
||||
- richer traceroute output and per-hop statistics
|
||||
- HTTP timing breakdown accuracy (connect/tls stages)
|
||||
- optional HTTP/3 support (best-effort)
|
||||
- optional HTTP/3 support (feature-gated; experimental)
|
||||
- TLS diagnostics upgrades (OCSP stapling indicator, richer certificate parsing)
|
||||
- ports connections view and summaries
|
||||
- improved cert baseline/diff for system roots
|
||||
@@ -67,7 +67,7 @@ Acceptance:
|
||||
- on timeout / failure, partial timing must still be meaningful.
|
||||
|
||||
### 3.3 HTTP/3 (optional feature flag) (SHOULD)
|
||||
Current: HTTP/3 not implemented.
|
||||
Current: feature-gated HTTP/3 path exists but is incomplete; keep disabled in default builds.
|
||||
Target:
|
||||
- add `--http3` support behind Cargo feature `http3`
|
||||
- behavior:
|
||||
@@ -79,6 +79,7 @@ Target:
|
||||
Acceptance:
|
||||
- builds without `http3` feature still work
|
||||
- with feature enabled, HTTP/3 works on at least one known compatible endpoint
|
||||
- documented as experimental until stabilized
|
||||
|
||||
### 3.4 TLS extras: OCSP + richer cert parsing (MUST)
|
||||
Current: `tls handshake/verify/cert/alpn` exists.
|
||||
|
||||
@@ -3,42 +3,43 @@
|
||||
This is a practical checklist to execute v0.3.0.
|
||||
|
||||
## 1) probe/trace upgrades
|
||||
- [ ] add `--per-hop <n>` and store RTT samples per hop
|
||||
- [ ] compute loss% per hop
|
||||
- [ ] add `--rdns` best-effort reverse lookup (cached + time-bounded)
|
||||
- [ ] improve hop formatting + JSON schema
|
||||
- [x] add `--per-hop <n>` and store RTT samples per hop
|
||||
- [x] compute loss% per hop
|
||||
- [x] add `--rdns` best-effort reverse lookup (cached + time-bounded)
|
||||
- [x] improve hop formatting + JSON schema
|
||||
|
||||
## 2) http timing improvements
|
||||
- [ ] implement `connect_ms` and `tls_ms` timing
|
||||
- [ ] report `null` + warning when measurement unavailable
|
||||
- [x] implement `connect_ms` and `tls_ms` timing
|
||||
- [x] report `null` + warning when measurement unavailable
|
||||
- [ ] keep current `dns_ms` and `ttfb_ms`
|
||||
|
||||
## 3) optional HTTP/3
|
||||
- [ ] add `http3` cargo feature + deps
|
||||
- [ ] implement `--http3` / `--http3-only`
|
||||
- [ ] define error classification for QUIC failures
|
||||
## 3) tls extras
|
||||
- [x] add OCSP stapling presence indicator (if available)
|
||||
- [x] parse SANs and key usage / EKU best-effort
|
||||
- [x] add `--show-extensions` and `--ocsp` flags
|
||||
|
||||
## 4) tls extras
|
||||
- [ ] add OCSP stapling presence indicator (if available)
|
||||
- [ ] parse SANs and key usage / EKU best-effort
|
||||
- [ ] add `--show-extensions` and `--ocsp` flags
|
||||
## 4) ports conns
|
||||
- [x] implement `wtfn ports conns`
|
||||
- [x] add `--top <n>` and `--by-process`
|
||||
- [x] best-effort PID mapping with warnings
|
||||
|
||||
## 5) ports conns
|
||||
- [ ] implement `wtfn ports conns`
|
||||
- [ ] add `--top <n>` and `--by-process`
|
||||
- [ ] best-effort PID mapping with warnings
|
||||
## 5) cert baseline/diff improvements
|
||||
- [x] baseline schema version
|
||||
- [x] match by SHA256 fingerprint
|
||||
- [x] diff categories: add/remove/expired/changed
|
||||
|
||||
## 6) cert baseline/diff improvements
|
||||
- [ ] baseline schema version
|
||||
- [ ] match by SHA256 fingerprint
|
||||
- [ ] diff categories: add/remove/expired/changed
|
||||
|
||||
## 7) optional LLMNR/NBNS
|
||||
## 6) optional LLMNR/NBNS
|
||||
- [ ] implement `discover llmnr`
|
||||
- [ ] implement `discover nbns`
|
||||
- [ ] bounded collection, low-noise
|
||||
|
||||
## 8) docs updates
|
||||
- [ ] update README roadmap
|
||||
## 7) docs updates
|
||||
- [x] update README roadmap
|
||||
- [ ] update COMMANDS.md with new flags/commands
|
||||
- [ ] add RELEASE_v0.3.0.md
|
||||
|
||||
## 8) optional HTTP/3 (last)
|
||||
- [x] add `http3` cargo feature + deps
|
||||
- [x] implement `--http3` / `--http3-only`
|
||||
- [ ] define error classification for QUIC failures
|
||||
- [ ] keep feature disabled in default builds until stabilized
|
||||
|
||||
@@ -9,7 +9,7 @@ This document tracks current implementation status against the original design i
|
||||
- GeoIP: local GeoLite2 Country + ASN support.
|
||||
- Probe: ping/tcping/trace with GeoIP enrichment.
|
||||
- DNS: Hickory-based query/detect with best-effort heuristics.
|
||||
- HTTP: head/get via reqwest.
|
||||
- HTTP: head/get via reqwest with best-effort timing breakdown and optional HTTP/3 (feature-gated).
|
||||
- TLS: rustls-based handshake/verify/cert/alpn.
|
||||
- Discover: mDNS/SSDP bounded collection.
|
||||
- Diag: bundle export in zip.
|
||||
@@ -17,11 +17,11 @@ This document tracks current implementation status against the original design i
|
||||
## Deviations or refinements
|
||||
- DNS adds DoT/DoH and SOCKS5 proxy support.
|
||||
- HTTP/TLS/TCP ping include SOCKS5 proxy support.
|
||||
- HTTP timing breakdown is best-effort: `dns_ms` and `ttfb_ms` are captured; `connect_ms`/`tls_ms` remain placeholders.
|
||||
- HTTP timing breakdown is best-effort: `dns_ms`/`ttfb_ms` are captured; `connect_ms`/`tls_ms` are measured via a separate probe and can be `null` with warnings.
|
||||
- DNS watch uses `pnet` and is feature-gated as best-effort.
|
||||
|
||||
## Gaps vs design (as of now)
|
||||
- HTTP/3 not implemented.
|
||||
- HTTP/3 is feature-gated and incomplete; not enabled in default builds.
|
||||
- TLS verification is rustls-based (no OS-native verifier).
|
||||
- Discover does not include LLMNR/NBNS.
|
||||
|
||||
|
||||
@@ -26,8 +26,8 @@ This document tracks the planned roadmap alongside the current implementation st
|
||||
- TLS extras: OCSP stapling indicator, richer cert parsing
|
||||
- ports conns improvements (top talkers / summary)
|
||||
- better baseline/diff for system roots
|
||||
- optional HTTP/3 (feature-gated)
|
||||
- optional LLMNR/NBNS discovery
|
||||
- optional HTTP/3 (feature-gated; experimental, incomplete)
|
||||
|
||||
## Current stage
|
||||
|
||||
@@ -63,12 +63,18 @@ This document tracks the planned roadmap alongside the current implementation st
|
||||
- HTTP crate with head/get support, timing breakdown, optional GeoIP, and SOCKS5 proxy.
|
||||
- TLS crate with handshake/verify/cert/alpn support in CLI (SOCKS5 proxy supported).
|
||||
- TCP ping supports SOCKS5 proxy.
|
||||
- v0.3: probe trace per-hop stats + rdns support.
|
||||
- v0.3: http connect/tls timing best-effort with warnings.
|
||||
- v0.3: ports conns (active TCP connections + summaries).
|
||||
- v0.3: TLS extras (OCSP flag + richer cert parsing).
|
||||
- v0.3: cert baseline/diff improvements.
|
||||
- v0.3: HTTP/3 request path (feature-gated; experimental, incomplete).
|
||||
- Discover crate with mdns/ssdp commands.
|
||||
- Diag crate with report and bundle export.
|
||||
- Basic unit tests for calc and TLS parsing.
|
||||
|
||||
### In progress
|
||||
- v0.3: probe trace upgrades (per-hop stats + rdns).
|
||||
- v0.3: optional HTTP/3 (feature-gated; keep disabled until stabilized).
|
||||
|
||||
### Next
|
||||
- Complete v0.3 trace upgrades and update CLI output.
|
||||
|
||||
Reference in New Issue
Block a user