🆕 New features

Split-mode: front/back node deployment (0.8.4)
Run the Ranch listener (front, domestic server) and DC pool (back, foreign server) as separate Erlang nodes connected via Erlang distribution. Helps bypass DPI that targets direct connections to foreign IPs. See Split-mode setup in the README.

• New config key role: both (default) | front | back
• New config key back_node (front node): name of the back Erlang node
• make ROLE=front|back and make init-config ROLE=front|back build targets
• TLS distribution support with scripts/gen_dist_certs.sh helper
• Config examples: config/sys.config.{front,back}.example, config/vm.args.{front,back}.example

Per-SNI derived secrets (0.8.3)
Each fake-TLS SNI domain gets a unique 16-byte secret derived from the base secret + SNI + a private salt. Users cannot extract the base secret from their proxy link or forge tokens for other domains.
New config keys: {per_sni_secrets, off | on}, {per_sni_secret_salt, <<"...">>}

Transparent client migration on DC connection death (0.8.3)
When Telegram closes a downstream DC connection, connected clients are silently remapped to a surviving or freshly-spawned replacement connection instead of being dropped.

RPC_PING / RPC_PONG (0.8.3)
Proxy now decodes RPC_PING from Telegram and responds with RPC_PONG, matching the reference C implementation.

TCP keepalives on downstream connections (0.8.3)
KEEPIDLE=40s, KEEPINTVL=40s, KEEPCNT=5 — matches the reference C implementation.

🐛 Bug fixes

• TLS decode_error alert on malformed ClientHello / missing SNI (0.8.3): scanners that send structurally invalid ClientHellos now receive a proper TLS fatal alert instead of seeing a silent connection close (which is itself detectable).
• RPC protocol flags (0.8.3): FLAG_ABRIDGED / FLAG_INTERMEDIATE / FLAG_PAD are now set correctly per client protocol; previously always sent FLAG_ABRIDGED.
• Memory leak in mtp_handler (0.8.2): .hello_acc accumulator was never cleared after handshake, retaining the full ClientHello for the lifetime of the connection.
• Noisy error logs on expected DC rotation (0.8.3): when Telegram closes a downstream connection with no active clients, the pool now logs info instead of error.

⚙️ Improvements

• DC fallback uses Telegram's declared default DC (0.8.3): mtp_config now parses the default X; line from Telegram's config response; DC pool lookup falls back to the declared default instead of a random choice.
• Ranch 1.7 → 2.2 (0.8.2): updated protocol callback and ranch:info/0 usage for Ranch 2.x API.
• ETS table for mtp_config changed to protected (0.8.3): only mtp_config writes; all other processes read.

🐳 Docker / infra

• Base image upgraded to erlang:27-alpine / alpine:3.22 (0.8.3).

Upgrade notes

• Config format is unchanged; role defaults to both so existing single-server deployments need no changes.
• Ranch 2.x is now required (updated in rebar.lock); if you vendor deps, re-run rebar3 upgrade ranch.
• mtp_config:get_netloc_safe/1 removed (was dead code since 2018).

What's Changed

• Fix/dc ids range by @centuriononon in #115
• Use OTP logger instead of lager
• TLS Domain fronting feature

New Contributors

• @centuriononon made their first contribution in #115

Full Changelog: 0.7.4...0.8.1

Contributors

• @centuriononon

• Add support for new ClientHello for Fake-tls
• Support for newer Erlang versions (27, 28)

Compatibility with newer Erlang versions
Make sure it builds given some IP lookup services no longer exists

• Maturing Fake-TLS
• Connection policies
• Configuration reload without downtime
• Better handle telegram servers disconnects
• Added option to close connections with RST
• More tests and benchmarks

• Fake-TLS protocol implemented
• Codecs were refactored
• IPv6: proxy can accept client connections by IPv6
• More tests

• Multiplexing in master
• Replay attack protection
• Common tests
• Property-based tests