ospab
/
ostp
mirror of https://github.com/ospab/ostp.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
350 Commits 2 Branches 170 Tags 131 MiB
Commit Graph

350 Commits

Author SHA1 Message Date
ospab 907d03ca38 fix(android): protect xhttp TCP socket from VPN routing loop 
When using xhttp (UoT) mode on Android, the underlying TcpStream was
not protected with VpnService.protect(fd). This caused the TCP connection
to be routed back into the TUN interface, creating an infinite routing
loop and failing the connection immediately.

Added Android-specific socket protection to the TcpStream in connect_xhttp.
This fixes xhttp/UoT mode on mobile networks.
 2026-05-29 17:27:50 +03:00
ospab 6d8e5dd68d CI/CD: release version v0.2.71 2026-05-29 16:42:05 +03:00
ospab af7e148874 fix(workspace): remove missing ostp-prober member from workspace 2026-05-29 16:41:34 +03:00
ospab 2f15a90f15 CI/CD: release version v0.2.70 2026-05-29 16:23:12 +03:00
ospab 7986b1ca5b fix(reality): fix TLS 1.3 handshake causing 1KB DPI cutoff on mobile 
The core bug: server sent 5 TLS records in server_hello but client only
read the first one (ServerHello), then passed remaining bytes (CCS + fake
records) into RealityStream. RealityStream saw 0x14 (CCS) != 0x17 and
immediately returned an error, killing the connection.

Changes:
- reality.rs: append ChangeCipherSpec after ClientHello (RFC 8446 D.4)
  export REALITY_SERVER_HANDSHAKE_RECORDS=5 constant
- xhttp.rs: drain all 5 server handshake records before creating RealityStream
- uot.rs: rebuild server_hello as proper 5-record TLS 1.3 flight:
  ServerHello + CCS + fake EE (108B) + fake Cert (812B) + fake Fin (52B)
  drain client CCS from raw stream before wrapping in RealityStream
 2026-05-29 16:21:59 +03:00
ospab cd218c9cf8 CI/CD: release version v0.2.69 2026-05-29 15:19:51 +03:00
ospab 8577824a3f docs: update obfuscation docs with XTLS-Reality 2026-05-29 15:02:39 +03:00
ospab 7656f3a3ce feat: implement custom Reality protocol with ChaCha20Poly1305 and X25519 2026-05-29 15:00:17 +03:00
ospab f4830f043f feat: implement optional WSS framing for DPI bypass & extract framing logic 2026-05-29 13:59:59 +03:00
ospab 2870569c55 chore: reduce client and server logging verbosity for outbound datagrams and relays 2026-05-29 00:37:08 +03:00
ospab 8cfb7e9c17 docs: add CONTRIBUTING guide in English and Russian, link in README 2026-05-29 00:25:40 +03:00
ospab 0ef43bb823 CI/CD: release version v0.2.68 2026-05-29 00:18:47 +03:00
ospab ba71af2abb feat: implement split-tunneling bypass for TCP/UDP and native UDP NAT 2026-05-29 00:06:11 +03:00
ospab 6a685f8226 CI/CD: release version v0.2.67 2026-05-28 23:18:21 +03:00
ospab da06cbc8f3 CI/CD: release version v0.2.66 2026-05-28 19:43:56 +03:00
ospab 4650947b00 Fix E0728: cannot await inside or_else closure in relay.rs 2026-05-28 19:39:07 +03:00
ospab 4ee2007754 CI/CD: release version v0.2.65 2026-05-28 19:33:33 +03:00
ospab cb797c42d0 Add 'Use Built-in' DNS button in GUI 2026-05-28 19:31:06 +03:00
ospab 0334322aae Fix Speedtest disconnects and Discord WebRTC 2026-05-28 19:25:06 +03:00
ospab 2ba9a3694d Fix UDP over XHTTP and intercept 10.1.0.1 for panel.ostp 2026-05-28 19:13:39 +03:00
ospab fe5db7cb10 CI/CD: release version v0.2.64 2026-05-28 18:51:54 +03:00
ospab ebbe96e4e1 fix(client): prefer IPv6 on Android to support NAT64 mobile networks 2026-05-28 18:51:30 +03:00
ospab 57a5464103 CI/CD: release version v0.2.63 2026-05-28 18:21:12 +03:00
ospab 1b836b26ab Fix Windows TUN NLA delays, UI timer, and Android UDP DNS resolution 2026-05-28 18:19:01 +03:00
ospab a0292b6087 CI/CD: release version v0.2.61 2026-05-28 16:41:04 +03:00
ospab 36ef6f2d04 Fix Windows TUN routing loop for SIM modems (0.0.0.0 NextHop) 2026-05-28 16:40:49 +03:00
ospab 5fa957830c Fix frontend ignoring tunnel errors & fix blocking wintun routines 2026-05-28 16:32:59 +03:00
ospab c13642fa3b CI/CD: release version v0.2.60 2026-05-28 15:31:00 +03:00
ospab 3c687aad46 Fix Tauri RealityConfig init 2026-05-28 15:30:48 +03:00
ospab f90607e471 CI/CD: release version v0.2.59 2026-05-28 15:19:18 +03:00
ospab aeba340405 Upgrade Flutter to 3.41.6 in CI to support Kotlin DSL 2026-05-28 15:19:06 +03:00
ospab ddb9ac2123 CI/CD: release version v0.2.58 2026-05-28 15:06:40 +03:00
ospab 360f84e5bd Fix Android rust_target matrix variable 2026-05-28 15:06:22 +03:00
ospab c7a614958e CI/CD: release version v0.2.57 2026-05-28 15:02:01 +03:00
ospab 33145febbb Fix Tauri build args, split Android into matrix, track flutter/gui, update docs and contacts 2026-05-28 15:01:41 +03:00
ospab 6d9b7d8a26 CI/CD: release version v0.2.56 2026-05-28 14:54:17 +03:00
ospab 532bdc7e76 Update GUI builds to output dual architectures 2026-05-28 14:51:58 +03:00
ospab 7bc31d2bac CI/CD: release version v0.2.55 2026-05-28 14:48:37 +03:00
ospab 25fa74eab6 Merge GUI jobs into release.yml and remove bare Android build 2026-05-28 14:48:26 +03:00
ospab d8d3e858e9 CI/CD: release version v0.2.54 2026-05-28 14:40:04 +03:00
ospab 19f2c36400 Fix STUN bug, improve DNS in TUN, fix config gen, add GHA for clients 2026-05-28 14:39:42 +03:00
ospab 543e36e60e Add session id mismatch error trace 2026-05-28 13:49:33 +03:00
ospab 54fdd444c9 feat: enforce internal DNS on client and restore DNS interception on server 
- Flutter: Hide 'DNS Server' field and force '10.1.0.1' if connection link contains owndns=true
- Flutter: Remove 'Use Provider DNS' toggle to eliminate client-side choice
- Server (relay.rs): Intercept DNS queries targeting '10.1.0.1:53' and process them via internal DnsServer if DNS is enabled
- Server (api.rs): Continue appending owndns=true to subscription links to enforce internal DNS logic on clients
 2026-05-28 13:18:56 +03:00
ospab cbdb20402d CI/CD: release version v0.2.53 2026-05-28 12:30:28 +03:00
ospab 18899db1b2 fix: remove DNS interception on server, fix TUN routing on Windows and Linux 
- ostp-server/relay.rs: remove DNS port 53 interception — DNS queries
  now pass through to the actual DNS server as regular TCP connections
- ostp-client/native_handler.rs (Windows): add explicit gateway/32 route
  via real interface BEFORE setting default route via TUN to prevent loop
- ostp-client/native_handler.rs (Linux): properly detect real gateway and
  add default route via TUN with metric 10 after server IP exclusion
- Remove redundant extra DNS host routes from Windows setup script
 2026-05-28 12:30:06 +03:00
ospab db1f8a5b89 CI/CD: release version v0.2.52 2026-05-28 01:39:52 +03:00
ospab d63c039181 fix(client): proxy UDP DNS over TCP via local socks5 2026-05-28 01:39:20 +03:00
ospab 05d4fe166c CI/CD: release version v0.2.51 2026-05-28 01:29:12 +03:00
ospab 5c39f24bee fix(server): return API token support for Relay servers sync 2026-05-28 01:28:29 +03:00
ospab 3b88359746 CI/CD: release version v0.2.50 2026-05-28 01:09:45 +03:00