Delicately-TUICed 0-RTT proxy protocol
A fork of original TUIC repo https://github.com/tuic-protocol/tuic
Compared to origin, this fork's new features:
Infrastructure & CI/CD:
- In-tree Docker image builds with multi-platform support (linux/amd64, linux/arm64)
- Reusable CI/CD workflows with extensive cross-compilation support via cross-rs
- Support for multiple platforms: Linux (GNU/musl), Windows (MSVC), macOS, FreeBSD, and more
TLS & Security:
- Automatic SSL/TLS certificate provisioning via ACME (Let's Encrypt)
- Self-signed certificate support with automatic fallback
- Certificate auto hot-reload for zero-downtime updates
skip_cert_verifyoption for client connections
Performance & Stability:
- JEMalloc allocator integration for better memory management
- AWS-LC-RS crypto provider for improved performance
- More active
max_concurrent_streamsstrategy - Rust edition 2024
Server Features:
- ACL (Access Control List) support with configurable outbound rules
- SOCKS5 outbound proxy support
- RESTful API with traffic statistics
- Configurable IP stack preference (IPv4/IPv6)
- Network interface binding support
- Default localhost access protection
Client Features:
- TCP/UDP port forwarding support
- Local socket rebinding for better reliability
- IP stack preference configuration
Development:
- Up-to-date dependencies
- Comprehensive unit tests
- And more...
TUIC is a proxy protocol focusing on minimize the additional handshake latency caused by relaying as much as possible, as well as keeping the protocol itself being simple and easy to implement
TUIC is originally designed to be used on top of the QUIC protocol, but you can use it with any other protocol, e.g. TCP, in theory
When paired with QUIC, TUIC can achieve:
- 0-RTT TCP proxying
- 0-RTT UDP proxying with NAT type Full Cone
- 0-RTT authentication
- Two UDP proxying modes:
native: Having characteristics of native UDP mechanismquic: Transferring UDP packets losslessly using QUIC streams
- Fully multiplexed
- All the advantages of QUIC, including but not limited to:
- Bidirectional user-space congestion control
- Optional 0-RTT connection handshake
- Connection migration
Fully-detailed TUIC protocol specification can be found in SPEC.md
There are 4 crates provided in this repository:
- tuic - Library. The protocol itself, protocol & model abstraction, synchronous / asynchronous marshalling
- tuic-quinn - Library. A thin layer on top of quinn to provide functions of TUIC
- tuic-server - Binary. Minimalistic TUIC server implementation as a reference
- tuic-client - Binary. Minimalistic TUIC client implementation as a reference
Search TODO in code base or Assist with Open Issues
Contributors should fork from the main branch and submit pull requests to the main branch. Please note that the dev branch may be force-pushed from time to time, so avoid basing your work on it.
Code in this repository is licensed under GNU General Public License v3.0
However, the concept of the TUIC protocol is license-free. You can implement, modify, and redistribute the protocol without any restrictions, even for commercial use