#data-transfer #protocols #connection #tls-connection #tunnel #udp #traffic

app hiddenlink

A simple tunnel which tries to hide itself inside of other protocols

17 releases (4 stable)

1.0.3 Oct 12, 2024
1.0.2 Jun 29, 2024
1.0.1 May 4, 2024
1.0.0 Mar 23, 2024
0.2.0 Dec 31, 2023

#975 in Network programming

GPL-3.0+

130KB
3K SLoC

hiddenlink is a simple tunnel which tries to hide itself inside of other protocols.

The main idea is the following: it has some transports configured which availability is constantly monitored. By default the fastest transport is used. If it becomes unavailable (blocked?), the next one (slower, but more inconspicuous) is used in the order of precedence.

For now, the following transports are supported:

  1. Encrypted UDP: A simple protocol which sends each packet in a separate UDP datagram. Expected to be fast, but may reveal the tunnel as a suspicious point-to-point UDP connection with data which looks like an unreadable garbage.

  2. HTTPS: hiddenlink listens to 443 port, terminates TLS connections and securely authenticates them. Authenticated connections are passed for tunnel data transfer and non-authenticated are proxied to a web server to make the traffic look like a regular HTTPS. Supports multiple domains (TLS certificates), allows to split the traffic into multiple connections, reopen them periodically and emulate uploading/downloading HTTP clients to make the connection not look like tunnel in many of its aspects.

Dependencies

~32–58MB
~1M SLoC