ospab
/
ostp
mirror of https://github.com/ospab/ostp.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
372 Commits 2 Branches 170 Tags 131 MiB
Commit Graph

99 Commits

Author SHA1 Message Date
ospab 0fdea7ee21 fix(client): resolve borrow after move error in bridge.rs and clean up warnings 2026-05-30 22:09:23 +03:00
ospab 9f143f730a fix(client): send immediate Ping on connection to avoid 60s delay in UI 2026-05-30 22:07:22 +03:00
ospab 53132036c5 fix(client): flush stale proxy_rx messages on background reconnect to prevent UDP burst drops on mobile networks 2026-05-30 21:55:33 +03:00
ospab a82c664e5b Fix UDP IPv4-mapped IPv6 address matching bug and completely remove tun2socks 2026-05-30 21:14:29 +03:00
ospab 4f34f7f19c fix(client): make Android TUN read loop resilient to EINTR, don't abort tunnel on transient read errors 2026-05-30 02:35:14 +03:00
ospab 38f1752fda fix(client): stabilize UDP sessions - prevent crashes on transient recv errors in udp_nat and proxy 2026-05-30 02:12:15 +03:00
ospab 6b58e0e8f3 fix(client): fix async closure compilation error in udp_nat.rs 2026-05-30 02:03:56 +03:00
ospab 6fa6170c75 fix(client): bind SOCKS5 UDP socket to IPv6 properly, and fix 100% CPU spin in Android TUN reader 2026-05-30 02:01:31 +03:00
ospab 02de5456aa fix(client): correctly parse ATYP in SOCKS5 UDP ASSOCIATE response to fix DNS/UDP on IPv6 networks 2026-05-30 01:52:25 +03:00
ospab b67bd18eee fix(client): prevent TUN read loop from crashing on invalid IP packets (fixes LTE MTU/CLAT issues) 2026-05-30 01:42:18 +03:00
ospab 902e762c91 fix(xhttp): rewrite RealityStream buffering to prevent packet drops and data loss 2026-05-30 01:10:29 +03:00
ospab 7257da174a fix(client/mobile): resolve fdsan crash and mobile network proxy issues, add auto config UI 2026-05-30 00:54:46 +03:00
ospab 907d03ca38 fix(android): protect xhttp TCP socket from VPN routing loop 
When using xhttp (UoT) mode on Android, the underlying TcpStream was
not protected with VpnService.protect(fd). This caused the TCP connection
to be routed back into the TUN interface, creating an infinite routing
loop and failing the connection immediately.

Added Android-specific socket protection to the TcpStream in connect_xhttp.
This fixes xhttp/UoT mode on mobile networks.
 2026-05-29 17:27:50 +03:00
ospab 7986b1ca5b fix(reality): fix TLS 1.3 handshake causing 1KB DPI cutoff on mobile 
The core bug: server sent 5 TLS records in server_hello but client only
read the first one (ServerHello), then passed remaining bytes (CCS + fake
records) into RealityStream. RealityStream saw 0x14 (CCS) != 0x17 and
immediately returned an error, killing the connection.

Changes:
- reality.rs: append ChangeCipherSpec after ClientHello (RFC 8446 D.4)
  export REALITY_SERVER_HANDSHAKE_RECORDS=5 constant
- xhttp.rs: drain all 5 server handshake records before creating RealityStream
- uot.rs: rebuild server_hello as proper 5-record TLS 1.3 flight:
  ServerHello + CCS + fake EE (108B) + fake Cert (812B) + fake Fin (52B)
  drain client CCS from raw stream before wrapping in RealityStream
 2026-05-29 16:21:59 +03:00
ospab 7656f3a3ce feat: implement custom Reality protocol with ChaCha20Poly1305 and X25519 2026-05-29 15:00:17 +03:00
ospab f4830f043f feat: implement optional WSS framing for DPI bypass & extract framing logic 2026-05-29 13:59:59 +03:00
ospab 2870569c55 chore: reduce client and server logging verbosity for outbound datagrams and relays 2026-05-29 00:37:08 +03:00
ospab ba71af2abb feat: implement split-tunneling bypass for TCP/UDP and native UDP NAT 2026-05-29 00:06:11 +03:00
ospab 0334322aae Fix Speedtest disconnects and Discord WebRTC 2026-05-28 19:25:06 +03:00
ospab ebbe96e4e1 fix(client): prefer IPv6 on Android to support NAT64 mobile networks 2026-05-28 18:51:30 +03:00
ospab 1b836b26ab Fix Windows TUN NLA delays, UI timer, and Android UDP DNS resolution 2026-05-28 18:19:01 +03:00
ospab 36ef6f2d04 Fix Windows TUN routing loop for SIM modems (0.0.0.0 NextHop) 2026-05-28 16:40:49 +03:00
ospab 5fa957830c Fix frontend ignoring tunnel errors & fix blocking wintun routines 2026-05-28 16:32:59 +03:00
ospab 19f2c36400 Fix STUN bug, improve DNS in TUN, fix config gen, add GHA for clients 2026-05-28 14:39:42 +03:00
ospab 18899db1b2 fix: remove DNS interception on server, fix TUN routing on Windows and Linux 
- ostp-server/relay.rs: remove DNS port 53 interception — DNS queries
  now pass through to the actual DNS server as regular TCP connections
- ostp-client/native_handler.rs (Windows): add explicit gateway/32 route
  via real interface BEFORE setting default route via TUN to prevent loop
- ostp-client/native_handler.rs (Linux): properly detect real gateway and
  add default route via TUN with metric 10 after server IP exclusion
- Remove redundant extra DNS host routes from Windows setup script
 2026-05-28 12:30:06 +03:00
ospab d63c039181 fix(client): proxy UDP DNS over TCP via local socks5 2026-05-28 01:39:20 +03:00
ospab 4155e48224 fix(client): resolve server domain to IP before starting TUN to prevent DNS deadlock on reconnects 2026-05-28 01:09:10 +03:00
ospab cea8ebaa5c feat: Built-in DNS Server with AdBlock and DoH proxy 2026-05-27 22:23:06 +03:00
ospab 9ac0908c1e fix(server): generate correct public IP for client configs instead of 0.0.0.0 2026-05-27 18:17:11 +03:00
ospab 2bff6623d9 feat: migrate TUN tunnel to native in-process smoltcp and refactor Android JNI layer 2026-05-27 00:17:19 +03:00
ospab 800c07de5d perf: increase backpressure limit to 16384 and reduce retransmit tick to 10ms for multi-gigabit speeds 2026-05-26 23:21:33 +03:00
ospab abcb8999ce fix: integrate BBR cwnd for bufferbloat and relax mobile timeouts 2026-05-26 20:54:30 +03:00
ospab 87540166f6 gui, flutter: use server rtt for ping display 2026-05-25 23:00:52 +03:00
ospab 9e50984549 Fix linux format args, proxy config fields, and unused warnings 2026-05-24 23:03:50 +03:00
ospab 3e511f1fc5 Implement XTLS-Reality masquerade for UoT/TCP and fix MTU/config settings 2026-05-24 22:49:51 +03:00
ospab ef242bf6f4 feat(client): add linux headless warnings for TUN mode and sysproxy instructions 2026-05-21 22:31:02 +03:00
ospab 3ffa057d03 fix(client): fix catastrophic channel loopback in UoT transport that echoed packets locally 2026-05-21 18:24:48 +03:00
ospab 1cff291fdd fix: noise-read in UoT handshake (single attempt, 4s timeout); add TCP rate limiter against bots 2026-05-21 15:15:56 +03:00
ospab 09b6f202d0 fix: UoT always uses plain TCP (remove broken TLS branch for port 443) 2026-05-21 14:59:48 +03:00
ospab 41562707ec fix: UoT uses server port instead of hardcoded 443 when stealth_port not overridden 2026-05-21 14:54:03 +03:00
ospab 3febe79b15 feat: log raw HTTP response on UoT handshake failure 2026-05-21 14:35:45 +03:00
ospab 834c244f94 feat: disguise UoT handshake as WebSocket to bypass DPI and proxies 2026-05-21 14:11:50 +03:00
ospab 960382e93b fix: revert UoT POST back to GET for direct DPI bypass without proxy 2026-05-21 14:05:43 +03:00
ospab 1bc63c4094 feat: add X-Ostp-Server validation to UoT handshake 2026-05-21 13:15:49 +03:00
ospab 92fc73756f fix: use POST and Content-Length in UoT to prevent nginx chunked encoding 2026-05-21 13:06:06 +03:00
ospab a81625d721 fix: correctly handle payload buffering during http handshake in uot 2026-05-21 12:43:47 +03:00
ospab 5fa110d962 fix: make uot check case-insensitive 2026-05-21 03:00:07 +03:00
ospab b87e87a7bd fix: correctly parse transport config section from json in CLI and GUI 2026-05-21 02:33:14 +03:00
ospab d9c3ba875c fix: disable aws-lc-rs backend in rustls for 32-bit musl compatibility 2026-05-21 02:28:28 +03:00
ospab ceb760e4ce feat: implement server-side UoT and MTU tuning 2026-05-21 02:23:49 +03:00