Module framing 

Zero-Copy TCP Framing Pipeline

Проблема: старый подход делал data.clone() + encrypt_in_place() + write(len) + write(data) = 2 syscalls + 1 clone. TLS 1.3 (rustls) делает всё за 1 внутренний write.

Решение: prepend 4-byte length header → encrypt payload in-place → single write_all().

Structs

FrameReader

Zero-copy frame reader — reads and decrypts from TCP stream

FrameWriter

Zero-copy frame writer — encrypts and writes in a single syscall

Enums

FrameError

Frame errors

PaddingProfile

Padding profile — mimics real-world traffic distributions.

Constants

FRAME_HEADER_SIZE

Frame header size: 4 bytes for payload length (u32 BE)

MAX_FRAME_PAYLOAD

Maximum frame payload size (before encryption)

Functions

adaptive_pad_size

apply_adaptive_padding

strip_adaptive_padding