Problem:
Client terminal was closing immediately on connect command because
todo!() macros in TUN interface and relay functions were causing panics.
Changes:
1. ✅ Replaced create_tun_interface() todo with stub returning dummy interface
2. ✅ Replaced configure_routing() todo with stub (no-op)
3. ✅ Replaced cleanup_routing() todo with stub (no-op)
4. ✅ Replaced relay_traffic() todo with infinite sleep (keeps connection alive)
5. ✅ Added warning messages with yellow ⚠ indicator for stub functions
6. ✅ Updated SHA256SUMS for both packages
7. ✅ Recreated distribution archives
8. ✅ Added CONFIG_FILES.md explaining server-enrollment.json.example usage
Client Behavior Now:
- Connection establishes successfully
- Shows [STUB] warnings for TUN/routing/relay
- Stays connected (Ctrl+C to exit)
- No actual traffic forwarding yet (TODO for next iteration)
server-enrollment.json.example Usage:
- For Standalone mode (connecting to existing Master Node)
- Requires enrollment_token from admin
- psk: 'AUTO' until approved
- See CONFIG_FILES.md for detailed workflow
Next Steps:
- Implement real TUN interface using osn crate
- Implement route configuration via ip command
- Implement packet relay loop (TUN ↔ OSTP client)
- Add daemon mode (fork + detach)
Distribution:
- ostp-server-linux-x64.tar.gz: 6.85 MB
- ostp-client-linux-x64.tar.gz: 0.92 MB (updated client)
- Build static musl binaries (work on any Linux distro)
- Redesign ostp-guard with weighted scoring system (threshold: 4 points)
- HIGH (2pts): Analysis tools (gdb/ida/ghidra), sandbox artifacts
- MEDIUM (1pt): Low resources (<1GB RAM), suspicious env vars
- Production VPS safe (1-2 points), sandbox blocked (4+ points)
- Anti-debug: Windows (IsDebuggerPresent), Linux (/proc/self/status)
- Deployment packages for Linux + Windows with SHA256 checksums
- osds: Added system DNS forwarder on 127.0.0.1:53
- SystemDnsManager for Windows/Linux DNS configuration
- Auto-restore original DNS on exit
- *.ospab.internal routing to master node
- Encrypted DNS forwarding through OSTP tunnel
- oncp: Implemented node enrollment system
- EnrollmentRegistry with state machine (Pending->Approved->Active)
- SQLite-backed enrollment storage
- Node PSK generation on approval
- REST API endpoints for enrollment workflow
- oncp-master: Added enrollment CLI commands
- 'node pending' - List pending enrollment requests
- 'node approve <id>' - Approve and generate PSK
- 'node reject <id>' - Reject enrollment
- ostp-server: Auto-registration on startup
- Submits enrollment request to master node
- Exits if PSK='AUTO' and awaits approval
- Integrates with ONCP enrollment API
- oncp API: Enhanced CDN steering
- Best nodes by country_code with fallback
- Steering metadata (matched, fallback status)
- Load-based node selection
- Tauri 2.0 based graphical installer
- Access Key parsing with AES-256-GCM encryption
- Windows Service installation via sc.exe
- WinTUN driver extraction from embedded resources
- System requirements checking (admin, AES-NI, OS version)
- Modern dark UI with step-by-step wizard flow
- Country/region selection for SNI mimicry
- Add REST API for node/user management (axum-based)
- Add NodeRegistry for server check-in and load balancing
- Add SniManager for dynamic SNI updates and emergency blocking
- Add CDN Dashboard CLI (oncp-master) with real-time monitoring
- Add ProbeDetector in ostp-guard for active probing detection
- Add iptables/nftables/Windows firewall ban integration
- Extend MimicryEngine with async SNI updates from control plane
- Fix all compilation warnings
- Update author to ospab.team
