ospab/ospab.network
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
13 Commits 1 Branch 0 Tags
ec6b608cf798828453218a800f6462554e5a320b
Commit Graph

13 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
ospab
ec6b608cf7 feat(dist): add standalone Linux client release package 
New client-only distribution: ostp-client-linux-x64.tar.gz (0.92 MB)

Contents:
- ostp-client-linux (2.0 MB) - Universal musl static binary
- README.md (8.3 KB) - Complete user guide with examples
- client.json.example - Configuration template
- SHA256SUMS - Integrity verification

Documentation includes:
- Quick start guide (install, setup, connect)
- All CLI commands with examples
- Profile management workflow
- Configuration options
- Troubleshooting guide
- Security features overview
- Systemd service template
- Advanced usage (scripting, multiple profiles)

Commands:
- ostp-client-linux setup           # Interactive wizard
- ostp-client-linux connect --profile default
- ostp-client-linux status          # Show stats
- ostp-client-linux disconnect
- ostp-client-linux profiles list   # Manage profiles

Features:
- Profile storage: ~/.config/ostp/profiles.json
- TUN interface: ostp0 (10.X.Y.Z/16)
- TLS mimicry with geo-specific SNI
- Anti-VM detection (production only)
- Root privilege check (libc::geteuid)

Distribution strategy:
- Server package: ostp-server-linux-x64.tar.gz (6.86 MB) - server + client + master
- Client package: ostp-client-linux-x64.tar.gz (0.92 MB) - client only
- Windows package: ostp-client-windows-x64.zip (1.29 MB) - GUI + daemon + installer
 2026-01-02 03:13:19 +03:00
ospab
f779404e0f feat(ostp-client-linux): add CLI VPN client for Linux 
New CLI client for Linux with TUN interface support:
- Interactive setup wizard with profile management
- Connect/disconnect commands with root privilege check
- Status monitoring (interface stats, traffic counters)
- Test connection (handshake verification)
- Profile management (add/remove/set-default)
- Anti-VM detection (production mode only)
- Stealth mode (TLS mimicry, geo-SNI selection)

Features:
- Static musl binary (2.0 MB) - universal Linux
- Config storage: ~/.config/ostp/profiles.json
- TUN interface: ostp0 (10.X.Y.Z)
- Security: libc::geteuid() root check, ostp-guard integration
- Error handling: graceful disconnect on Ctrl+C

Commands:
- ostp-client-linux setup             # Interactive wizard
- ostp-client-linux connect --profile default
- ostp-client-linux connect --server 1.2.3.4:443 --psk HEX
- ostp-client-linux status            # Show connection info
- ostp-client-linux disconnect        # Kill running client
- ostp-client-linux profiles list     # List saved profiles
- ostp-client-linux test --server X --psk Y

Distribution updates:
- Added ostp-client-linux (2.0 MB) to linux-x64 package
- Updated SHA256SUMS with all 3 binaries
- Updated README.md with client installation guide
- Rebuilt ostp-server-linux-x64.tar.gz (6.86 MB total)

Note: TUN interface and traffic relay are TODO (placeholders)
 2026-01-02 03:06:29 +03:00
ospab
963feb1582 feat(dist): add distribution packages with docs and checksums 
Linux Server Package (ostp-server-linux-x64.tar.gz - 5.94 MB):
- ostp-server (9.2 MB) + oncp-master (4.8 MB)
- Automated deploy.sh script with systemd integration
- README.md with quick start guide
- systemd service units (ostp-server.service, oncp-master.service)
- Config examples (server.json, server-enrollment.json)
- SHA256SUMS for integrity verification

Windows Client Package (ostp-client-windows-x64.zip - 1.29 MB):
- ostp-client.exe (1.64 MB) - CLI client
- ostp-daemon.exe (0.53 MB) - Windows Service
- ostp-installer.exe (0.37 MB) - Setup wizard
- README.md with GUI/CLI usage guide
- SHA256SUMS.txt for integrity verification

Deploy Script Features:
- Automated PSK generation
- Systemd service installation
- Firewall configuration (ufw)
- OTP token generation (60 min)
- Network validation (10.X.0.0/16)
- Security hardening (NoNewPrivileges, ProtectSystem)

Documentation includes:
- Installation instructions
- Configuration examples
- Troubleshooting guides
- Security best practices
- API reference
 2026-01-02 02:59:08 +03:00
ospab
bb9692aa16 fix: build errors in ostp-guard, ostp-daemon, ostp-installer 
- Make check_analysis_tools() public in ostp-guard
- Fix PWSTR type in ostp-installer (use windows::core::PWSTR)
- Remove unused imports (Context, Foundation, fileapi, minwindef)

Build artifacts in dist/:
- Linux x64: ostp-server (9.2 MB), oncp-master (4.8 MB)
- Windows x64: ostp-client.exe (1.64 MB), ostp-daemon.exe (0.53 MB), ostp-installer.exe (0.37 MB)
 2026-01-02 02:53:16 +03:00
ospab
91ab02dc8e feat(oncp): OTP enrollment tokens and dynamic IPAM 
- Add OTP token management (oncp/src/token.rs)
  * Time-limited tokens with expiry (default 3 minutes)
  * One-time use validation (token deleted after use)
  * Automatic cleanup of expired tokens
  * Cryptographically secure random generation (10 chars)
  * Token masking in logs (XX****XX format)

- Add dynamic IPAM (oncp/src/network.rs)
  * NetworkConfig for 10.X.0.0/16 subnet management
  * IpamPool with sequential IP allocation
  * Master node octet validation (0-255, excluding reserved)
  * IP release mechanism for rollback scenarios

- Update enrollment flow
  * EnrollmentRequest requires OTP token field
  * Silent drop (HTTP 444) for invalid tokens
  * IP allocation during node approval
  * CLI command: 'node token --expiry 3'
  * Master CLI --network-octet parameter

- Security enhancements
  * Two-factor enrollment: token + admin approval
  * Token enumeration prevention (no error responses)
  * Automatic token cleanup every 60 seconds
  * PSK + assigned IP returned on approval

Tests: All 16 tests passing (4 token, 5 network, 7 existing)
 2026-01-02 02:43:27 +03:00
ospab
85a2b01074 feat: Windows stack (daemon, installer, GUI) 
Components:
- ostp-daemon: Windows Service with Named Pipe IPC
- ostp-installer: Setup wizard with admin privileges
- ostp-gui: Tauri dark theme UI (450x600)

Features:
- Background service management (OspabGuard)
- IPC commands: CONNECT/DISCONNECT/STATUS
- Firewall rules auto-configuration
- Wintun driver placeholder (download from wintun.net)
- Real-time stats display (upload/download/ping)

Note: Requires wintun.dll download for full functionality
 2026-01-02 02:17:15 +03:00
ospab
7ed4217987 feat: Universal Linux build + redesigned ostp-guard 
- Build static musl binaries (work on any Linux distro)
- Redesign ostp-guard with weighted scoring system (threshold: 4 points)
  - HIGH (2pts): Analysis tools (gdb/ida/ghidra), sandbox artifacts
  - MEDIUM (1pt): Low resources (<1GB RAM), suspicious env vars
- Production VPS safe (1-2 points), sandbox blocked (4+ points)
- Anti-debug: Windows (IsDebuggerPresent), Linux (/proc/self/status)
- Deployment packages for Linux + Windows with SHA256 checksums
 2026-01-02 01:38:30 +03:00
ospab
5879344336 feat: System DNS, Node Enrollment, and CDN Steering 
- osds: Added system DNS forwarder on 127.0.0.1:53
  - SystemDnsManager for Windows/Linux DNS configuration
  - Auto-restore original DNS on exit
  - *.ospab.internal routing to master node
  - Encrypted DNS forwarding through OSTP tunnel

- oncp: Implemented node enrollment system
  - EnrollmentRegistry with state machine (Pending->Approved->Active)
  - SQLite-backed enrollment storage
  - Node PSK generation on approval
  - REST API endpoints for enrollment workflow

- oncp-master: Added enrollment CLI commands
  - 'node pending' - List pending enrollment requests
  - 'node approve <id>' - Approve and generate PSK
  - 'node reject <id>' - Reject enrollment

- ostp-server: Auto-registration on startup
  - Submits enrollment request to master node
  - Exits if PSK='AUTO' and awaits approval
  - Integrates with ONCP enrollment API

- oncp API: Enhanced CDN steering
  - Best nodes by country_code with fallback
  - Steering metadata (matched, fallback status)
  - Load-based node selection
 2026-01-01 23:45:24 +03:00
ospab
7e1c87e70b feat: Windows Setup Wizard (ostp-setup) with Tauri 
- Tauri 2.0 based graphical installer
- Access Key parsing with AES-256-GCM encryption
- Windows Service installation via sc.exe
- WinTUN driver extraction from embedded resources
- System requirements checking (admin, AES-NI, OS version)
- Modern dark UI with step-by-step wizard flow
- Country/region selection for SNI mimicry
 2026-01-01 21:49:37 +03:00
ospab
320e5fee85 build: fix Linux cross-compilation, add dist binaries 2026-01-01 21:25:41 +03:00
ospab
6d4c06a013 feat: CDN Control Plane (ONCP) implementation 
- Add REST API for node/user management (axum-based)
- Add NodeRegistry for server check-in and load balancing
- Add SniManager for dynamic SNI updates and emergency blocking
- Add CDN Dashboard CLI (oncp-master) with real-time monitoring
- Add ProbeDetector in ostp-guard for active probing detection
- Add iptables/nftables/Windows firewall ban integration
- Extend MimicryEngine with async SNI updates from control plane
- Fix all compilation warnings
- Update author to ospab.team
 2026-01-01 20:33:03 +03:00
ospab
fc00214b07 Initial commit: OSTP stealth VPN protocol with anti-RE protection 
- Core transport layer (ostp): ChaCha20-Poly1305 AEAD, X25519 key exchange, TLS mimicry
- Control plane (oncp): Session management, SQLite billing, user registry
- Network layer (osn): TUN device abstraction and routing
- DNS forwarder (osds): Stealth DNS with anti-hijack detection
- Anti-RE protection (ostp-guard): String obfuscation, anti-debug, anti-VM, control flow obfuscation
- CLI binaries: ostp-server (Linux), ostp-client (Windows) with interactive setup
- Comprehensive documentation: README, LICENSE, deployment guides
- Hardened release profile: LTO, symbol stripping, static linking
 2026-01-01 19:03:31 +03:00
ospab
5fbb32d243 start, reverse guard, cli-frontend for server and client 2026-01-01 18:54:36 +03:00