ospab/ostp - ostp - ostp git server

Commit Graph

Author	SHA1	Message	Date
ospab	7986b1ca5b	fix(reality): fix TLS 1.3 handshake causing 1KB DPI cutoff on mobile The core bug: server sent 5 TLS records in server_hello but client only read the first one (ServerHello), then passed remaining bytes (CCS + fake records) into RealityStream. RealityStream saw 0x14 (CCS) != 0x17 and immediately returned an error, killing the connection. Changes: - reality.rs: append ChangeCipherSpec after ClientHello (RFC 8446 D.4) export REALITY_SERVER_HANDSHAKE_RECORDS=5 constant - xhttp.rs: drain all 5 server handshake records before creating RealityStream - uot.rs: rebuild server_hello as proper 5-record TLS 1.3 flight: ServerHello + CCS + fake EE (108B) + fake Cert (812B) + fake Fin (52B) drain client CCS from raw stream before wrapping in RealityStream	2026-05-29 16:21:59 +03:00
ospab	cd218c9cf8	CI/CD: release version v0.2.69	2026-05-29 15:19:51 +03:00
ospab	7656f3a3ce	feat: implement custom Reality protocol with ChaCha20Poly1305 and X25519	2026-05-29 15:00:17 +03:00
ospab	f4830f043f	feat: implement optional WSS framing for DPI bypass & extract framing logic	2026-05-29 13:59:59 +03:00
ospab	0ef43bb823	CI/CD: release version v0.2.68	2026-05-29 00:18:47 +03:00
ospab	6a685f8226	CI/CD: release version v0.2.67	2026-05-28 23:18:21 +03:00
ospab	da06cbc8f3	CI/CD: release version v0.2.66	2026-05-28 19:43:56 +03:00
ospab	4ee2007754	CI/CD: release version v0.2.65	2026-05-28 19:33:33 +03:00
ospab	fe5db7cb10	CI/CD: release version v0.2.64	2026-05-28 18:51:54 +03:00
ospab	57a5464103	CI/CD: release version v0.2.63	2026-05-28 18:21:12 +03:00
ospab	a0292b6087	CI/CD: release version v0.2.61	2026-05-28 16:41:04 +03:00
ospab	c13642fa3b	CI/CD: release version v0.2.60	2026-05-28 15:31:00 +03:00
ospab	f90607e471	CI/CD: release version v0.2.59	2026-05-28 15:19:18 +03:00
ospab	ddb9ac2123	CI/CD: release version v0.2.58	2026-05-28 15:06:40 +03:00
ospab	c7a614958e	CI/CD: release version v0.2.57	2026-05-28 15:02:01 +03:00
ospab	6d9b7d8a26	CI/CD: release version v0.2.56	2026-05-28 14:54:17 +03:00
ospab	7bc31d2bac	CI/CD: release version v0.2.55	2026-05-28 14:48:37 +03:00
ospab	d8d3e858e9	CI/CD: release version v0.2.54	2026-05-28 14:40:04 +03:00
ospab	cbdb20402d	CI/CD: release version v0.2.53	2026-05-28 12:30:28 +03:00
ospab	db1f8a5b89	CI/CD: release version v0.2.52	2026-05-28 01:39:52 +03:00
ospab	05d4fe166c	CI/CD: release version v0.2.51	2026-05-28 01:29:12 +03:00
ospab	3b88359746	CI/CD: release version v0.2.50	2026-05-28 01:09:45 +03:00
ospab	6d57b3ef00	CI/CD: release version v0.2.49	2026-05-28 00:29:37 +03:00
ospab	13128c510a	CI/CD: release version v0.2.48	2026-05-27 23:44:16 +03:00
ospab	3920665d89	CI/CD: release version v0.2.46	2026-05-27 22:50:27 +03:00
ospab	43d28b2c81	CI/CD: release version v0.2.45	2026-05-27 22:24:39 +03:00
ospab	cea8ebaa5c	feat: Built-in DNS Server with AdBlock and DoH proxy	2026-05-27 22:23:06 +03:00
ospab	ba1a5cd16c	CI/CD: release version v0.2.44	2026-05-27 18:17:37 +03:00
ospab	9ac0908c1e	fix(server): generate correct public IP for client configs instead of 0.0.0.0	2026-05-27 18:17:11 +03:00
ospab	ac91665263	CI/CD: release version v0.2.43	2026-05-27 00:18:29 +03:00
ospab	2bff6623d9	feat: migrate TUN tunnel to native in-process smoltcp and refactor Android JNI layer	2026-05-27 00:17:19 +03:00
ospab	85bac8f70a	CI/CD: release version v0.2.42	2026-05-26 23:25:50 +03:00
ospab	8e7c1e58e6	CI/CD: release version v0.2.41	2026-05-26 22:28:01 +03:00
ospab	b46be0d4be	CI/CD: release version v0.2.40	2026-05-26 22:18:06 +03:00
ospab	49c3bce029	fix: config migration uses hardcoded field injection, no ostp --init; fix init template api fields	2026-05-26 21:59:41 +03:00
ospab	352253b95f	CI/CD: release version v0.2.38	2026-05-26 21:45:28 +03:00
ospab	07ee8e85fe	CI/CD: release version v0.2.37	2026-05-26 21:40:45 +03:00
ospab	d3a07f3d32	CI/CD: release version v0.2.36	2026-05-26 21:31:17 +03:00
ospab	7f499d6263	feat: embed web panel via rust-embed with login page and custom webpath	2026-05-26 21:30:49 +03:00
ospab	8c03903524	CI/CD: release version v0.2.35	2026-05-26 20:55:12 +03:00
ospab	89380ef70b	CI/CD: release version v0.2.34	2026-05-26 20:22:34 +03:00
ospab	3564747c1b	CI/CD: release version v0.2.33	2026-05-26 20:05:41 +03:00
ospab	4ab0f04a1b	CI/CD: release version v0.2.32	2026-05-26 19:58:38 +03:00
ospab	65baa4ed7e	CI/CD: release version v0.2.31	2026-05-26 19:40:05 +03:00
ospab	cba7be4b75	Implement config management API, token generation, and update wiki	2026-05-26 19:33:45 +03:00
ospab	951e597d46	CI/CD: release version v0.2.30	2026-05-26 16:48:19 +03:00
ospab	d79b6f2384	feat: relay node system with HMAC pre-validation and key sync from upstream API	2026-05-26 16:29:23 +03:00
ospab	318cdb29fb	CI/CD: release version v0.2.29	2026-05-25 22:32:59 +03:00
ospab	743ede0602	Fix duplicate rustls CryptoProvider panic	2026-05-25 22:32:55 +03:00
ospab	fb1dadc4df	CI/CD: release version v0.2.28	2026-05-25 22:21:02 +03:00
ospab	aa09554881	CI/CD: release version v0.2.27	2026-05-24 23:03:55 +03:00
ospab	1865f66e48	CI/CD: release version v0.2.26	2026-05-24 22:55:13 +03:00
ospab	7a9c32969c	CI/CD: release version v0.2.25	2026-05-24 22:49:59 +03:00
ospab	3e511f1fc5	Implement XTLS-Reality masquerade for UoT/TCP and fix MTU/config settings	2026-05-24 22:49:51 +03:00
ospab	3dd9490ecc	CI/CD: release version v0.2.24	2026-05-21 18:27:08 +03:00
ospab	6c4006c48c	CI/CD: release version v0.2.23	2026-05-21 18:09:46 +03:00
ospab	b57a3180bd	CI/CD: release version v0.2.22	2026-05-21 15:58:16 +03:00
ospab	b9c6022b6c	CI/CD: release version v0.2.21	2026-05-21 15:16:52 +03:00
ospab	be55aa6c6f	CI/CD: release version v0.2.20	2026-05-21 15:05:46 +03:00
ospab	02d0665edd	CI/CD: release version v0.2.19	2026-05-21 14:45:45 +03:00
ospab	3685ecac5c	CI/CD: release version v0.2.18	2026-05-21 14:36:22 +03:00
ospab	9ef2282b31	CI/CD: release version v0.2.17	2026-05-21 14:12:06 +03:00
ospab	975a0dc0d9	CI/CD: release version v0.2.16	2026-05-21 14:06:28 +03:00
ospab	9e2b29723c	CI/CD: release version v0.2.15	2026-05-21 13:43:15 +03:00
ospab	e7ad24bb13	CI/CD: release version v0.2.14	2026-05-21 13:06:19 +03:00
ospab	3eb547db9d	CI/CD: release version v0.2.13	2026-05-21 12:44:06 +03:00
ospab	1c98bf9a51	CI/CD: release version v0.2.12	2026-05-21 03:00:51 +03:00
ospab	c957a3a395	CI/CD: release version v0.2.11	2026-05-21 03:00:24 +03:00
ospab	f55769bae0	CI/CD: release version v0.2.10	2026-05-21 02:33:24 +03:00
ospab	aa3fb70933	CI/CD: release version v0.2.9	2026-05-21 02:28:33 +03:00
ospab	d9c3ba875c	fix: disable aws-lc-rs backend in rustls for 32-bit musl compatibility	2026-05-21 02:28:28 +03:00
ospab	8bc8a3ce51	CI/CD: release version v0.2.8	2026-05-21 02:24:59 +03:00
ospab	30dea79197	CI/CD: release version v0.2.7	2026-05-21 02:24:02 +03:00
ospab	ceb760e4ce	feat: implement server-side UoT and MTU tuning	2026-05-21 02:23:49 +03:00
ospab	112ddfee59	CI/CD: release version v0.2.6	2026-05-21 02:11:45 +03:00
ospab	83f7ff2119	feat: UoT and xHTTP stealth	2026-05-21 02:11:02 +03:00
ospab	baff58c7fb	CI/CD: release version v0.2.5	2026-05-18 22:05:26 +03:00
ospab	4384125bf8	CI/CD: release version v0.2.4	2026-05-18 21:05:15 +03:00
ospab	990af12fbe	CI/CD: release version v0.2.3	2026-05-17 22:13:37 +03:00
ospab	3a16373a31	CI/CD: release version v0.2.2	2026-05-17 21:58:53 +03:00
ospab	bd3def32bb	CI/CD: release version v0.2.1	2026-05-17 21:42:27 +03:00
ospab	3e6baf5a06	fix: use portable-atomic for AtomicU64 on 32-bit targets (MIPS, ARM32)	2026-05-17 21:14:07 +03:00
ospab	05583e189e	feat: v0.2.0 — BBR congestion control, 0-RTT session resumption, management REST API, fallback server, multi-listener Architecture: - BBR-inspired congestion controller (SlowStart/ProbeBandwidth/ProbeRTT phases) - 0-RTT session resumption with anti-replay ticket validation - Management REST API (axum): /api/users CRUD, /api/server/status, Bearer auth - TCP fallback proxy for anti-DPI camouflage (nginx/caddy passthrough) - Multi-listener: bind to multiple UDP addresses simultaneously - Per-user traffic stats with atomic counters and limit enforcement Code quality: - Structured logging: 0 eprintln in server/core/client, all tracing::{info,debug,warn,error} - 35 unit tests across congestion, resumption, relay, outbound, obfuscation - Removed dead code: kex.rs, unused dependencies (async-trait, x25519-dalek, rand_distr) - Modular server: api.rs, fallback.rs, outbound.rs, relay.rs extracted from monolithic lib.rs CLI: - --check: config validation - --generate-key: secure key generation (hex/base64, batch) - --links: share link generation from server config - --init: fallback section in server template Documentation: - README rewritten with architecture diagram, API examples, CLI reference - Wiki: Management-API (EN+RU), Configuration (EN+RU), Home (EN+RU) updated	2026-05-17 21:05:44 +03:00
ospab	a24d5d75d1	CI/CD: release version v0.1.70	2026-05-17 19:03:47 +03:00
ospab	a31319a80a	CI/CD: release version v0.1.69	2026-05-17 18:34:47 +03:00
ospab	6ccaf3a303	CI/CD: release version v0.1.68	2026-05-17 16:40:02 +03:00
ospab	e20e4f2533	CI/CD: release version v0.1.67	2026-05-17 16:28:11 +03:00
ospab	074a3f6371	CI/CD: release version v0.1.66	2026-05-17 15:32:44 +03:00
ospab	0418e5728c	CI/CD: release version v0.1.65	2026-05-17 15:23:12 +03:00
ospab	a6640e1344	CI/CD: release version v0.1.64	2026-05-17 15:16:37 +03:00
ospab	bb7d471864	CI/CD: release version v0.1.63	2026-05-17 14:41:02 +03:00
ospab	f8aa8906ff	CI/CD: release version v0.1.62	2026-05-17 14:23:08 +03:00
ospab	e36d743ad5	refactor: professionalize all scripts and CI workflow build.ps1: - Added mandatory cargo check pre-flight that blocks releases on errors - Added --Check flag for check-only mode (no build, no release) - Reverts version bump if check fails - Professionalized all output (removed informal language) - Cleaner output structure with consistent [ok], [warn], [error] tags install.ps1 / install.sh: - Professionalized all prompts and messages - Removed informal phrasing - Consistent formatting test_linux.sh: - Updated all log string matchers to match professionalized output: 'Connection established' (was 'Bridge connection established') 'Starting server' (was 'Starting in SERVER mode') 'Starting client' (was 'Starting in CLIENT mode') RTT regex updated for new format release.yml: - Added cargo check pre-flight step before native compilation	2026-05-17 03:41:40 +03:00
ospab	696d416eff	fix: resolve KeyExchange import error and clean compiler warnings - Removed stale KeyExchange re-export from crypto/mod.rs (kex.rs only exports HybridSharedSecret and HybridKex after stub refactor) - Removed unused imports in ostp-server/lib.rs (AsyncWriteExt, tcp::OwnedWriteHalf) - Suppressed dead_code warning on HelperMsg::Log variant (IPC spec) - Verified: cargo check passes with zero errors and zero warnings	2026-05-17 03:35:39 +03:00
ospab	5bd653e9d2	fix: immediately ACK duplicate packets instead of silently dropping them to unblock client retries when ACKs are lost	2026-05-17 02:56:16 +03:00
ospab	5c33f08a9b	fix: resolve fatal connection halt caused by unrecoverable dropped untracked Ack/Nack frames. Control frames are now saved in sent_history without auto-retransmission to allow targeted Nack recovery.	2026-05-17 02:40:52 +03:00
ospab	f0a93b4161	perf: heavily tune UDP socket buffers via socket2 to support 10Gbps+ micro-burst resilience	2026-05-17 02:19:59 +03:00
ospab	9c685c8e43	feat: ensure connection and disconnection logs are always visible on the server even without debug mode	2026-05-17 02:16:12 +03:00
ospab	b1dfb335c9	fix: resolve severe server-side head-of-line blocking under high connection concurrency by delegating TCP connection establishments and stream writing to asynchronous spawned tasks	2026-05-17 02:01:40 +03:00
ospab	4cc1f0079c	fix: resolve packet drop & connection timeouts under high speed tests by reducing proxy event queue size and expanding sent history / reorder buffers	2026-05-17 01:35:24 +03:00

1 2 3 4

167 Commits