V2Ray v4.23.4 已发布。
更新内容
* 对 VMess 协议的弱点完成了进一步修复。
* 对 HTTP 头伪装的弱点进行了修复。
-----------
V2Ray v4.23.4 has been released.
Update
* Issued further fixs for VMess weakness described in v2ray#2523 v2ray#2539
* Issued a fix for Fake HTTP Header weakness described in v2ray#2537
更新内容
* 对 VMess 协议的弱点完成了进一步修复。
* 对 HTTP 头伪装的弱点进行了修复。
-----------
V2Ray v4.23.4 has been released.
Update
* Issued further fixs for VMess weakness described in v2ray#2523 v2ray#2539
* Issued a fix for Fake HTTP Header weakness described in v2ray#2537
GitHub
Release v4.23.4 · v2fly/v2ray-core
Fix
Issued further fixs for VMess weakness described in v2ray#2523 v2ray/v2ray-core#2539
Issued a fix for Fake HTTP Header weakness described in v2ray/v2ray-core#2537
Breaking Changes
For VMess ...
Issued further fixs for VMess weakness described in v2ray#2523 v2ray/v2ray-core#2539
Issued a fix for Fake HTTP Header weakness described in v2ray/v2ray-core#2537
Breaking Changes
For VMess ...
关于在近期收到的数个漏洞的项目组公告 https://github.com/v2ray/v2ray-core/issues/2542
GitHub
关于在近期收到的数个漏洞的项目组公告 · Issue #2542 · v2ray/v2ray-core
V2Ray 项目在最近的几天内收到了数个隐匿性能方面的漏洞报告。这些漏洞都在被提出的数个小时内被解决(除 mKCP 修复暂缓)并发布相关更新。您可以升级到最新版本 v4.23.4 来获取最大程度的保护。我们支持和鼓励寻找并提出 V2Ray 各个方面漏洞的人。我们希望 V2Ray 的用户不要指责或者攻击为我们提供安全审计的人士。 可以使用 如果你已经升级到 V2Ray v4.23.4,并且没有...
V2Ray v4.24.2 已发布。
更新内容
* mKCP增加了加密混淆,详情请参考文档。
* VMess 中开始了新协议头的实验,可以更好的防御重放攻击,详情请参考文档。
我们已经知道部分杀毒软件会错误检测V2为病毒,然后暂时交不起让他们别识别V2为病毒的钱。微软的杀毒软件检测V2为"Trojan:Win32/Wacatac.C!ml" , "Program:Win32/Wacapew.C!ml",我们现在需要每次更新后联系他们让他们把V2从病毒库里面移除。
-----------
V2Ray v4.24.2 has been released.
Update
* VMess's new header format experiment begins. You can now enable VMessAEAD to be better protected. Document
* mKCP can now be encrypted to resist recognition. Document
We are aware some anti-virus software detects V2Ray as malware, which it isn't, but we can't afford to pay the fee needed to make them not detect V2Ray as malware. Microsoft's AV detects V2Ray as "Trojan:Win32/Wacatac.C!ml" , "Program:Win32/Wacapew.C!ml" each time we release a new version, and I have to manually contact them each time to remove it from the malware database.
更新内容
* mKCP增加了加密混淆,详情请参考文档。
* VMess 中开始了新协议头的实验,可以更好的防御重放攻击,详情请参考文档。
我们已经知道部分杀毒软件会错误检测V2为病毒,然后暂时交不起让他们别识别V2为病毒的钱。微软的杀毒软件检测V2为"Trojan:Win32/Wacatac.C!ml" , "Program:Win32/Wacapew.C!ml",我们现在需要每次更新后联系他们让他们把V2从病毒库里面移除。
-----------
V2Ray v4.24.2 has been released.
Update
* VMess's new header format experiment begins. You can now enable VMessAEAD to be better protected. Document
* mKCP can now be encrypted to resist recognition. Document
We are aware some anti-virus software detects V2Ray as malware, which it isn't, but we can't afford to pay the fee needed to make them not detect V2Ray as malware. Microsoft's AV detects V2Ray as "Trojan:Win32/Wacatac.C!ml" , "Program:Win32/Wacapew.C!ml" each time we release a new version, and I have to manually contact them each time to remove it from the malware database.
GitHub
Release v4.24.2 · v2fly/v2ray-core
New Functions
VMess's new header format experiment begins. You can now enable VMessAEAD to be better protected. Documents EN CH are updated. See extra-VMessAEADdoc.zip for a more detailed ex...
VMess's new header format experiment begins. You can now enable VMessAEAD to be better protected. Documents EN CH are updated. See extra-VMessAEADdoc.zip for a more detailed ex...
TLS协议的相关漏洞 => 客户端更新到4.23.2+版本可以修复
现有VMess协议的相关漏洞 => 客户端服务端同时更新到4.23.4+可以修复
新协议VMessAEAD => 客户端服务端同时更新到4.24.2+,更改配置文件后可以修复
假 HTTP 头伪装的相关漏洞 => 服务端更新到v4.23.4+可以修复
mKCP 的相关漏洞 => 客户端服务端同时更新到4.24.2+,更改配置文件后可以修复
漏洞修复状态详见 https://github.com/v2ray/v2ray-core/releases
现有VMess协议的相关漏洞 => 客户端服务端同时更新到4.23.4+可以修复
新协议VMessAEAD => 客户端服务端同时更新到4.24.2+,更改配置文件后可以修复
假 HTTP 头伪装的相关漏洞 => 服务端更新到v4.23.4+可以修复
mKCP 的相关漏洞 => 客户端服务端同时更新到4.24.2+,更改配置文件后可以修复
漏洞修复状态详见 https://github.com/v2ray/v2ray-core/releases
GitHub
Releases · v2ray/v2ray-core
A platform for building proxies to bypass network restrictions. - v2ray/v2ray-core
v4.25.0 已发布
* 你可以在 tlsSetting 中添加 disableSessionResumption 选项来选择是否开启 Session_ticket
* Vmess 和 Shadowsocks 中的 UDP 的性能优化,降低了CPU和内存占用以及可能出现的无响应,现在你大概可以打FPS游戏了 ( 需要更多报告)
* 你可以在 tlsSetting 中添加 disableSessionResumption 选项来选择是否开启 Session_ticket
* Vmess 和 Shadowsocks 中的 UDP 的性能优化,降低了CPU和内存占用以及可能出现的无响应,现在你大概可以打FPS游戏了 ( 需要更多报告)
v4.25.1 已发布
解决了ARM设备下出现segmentation fault错误的问题
解决了ARM设备下出现segmentation fault错误的问题
v4.26.0
* VMessAEAD 已经更新,现在你必须保持相同版本客户端和服务端才可使用 (需要手动启用)。
> https://www.v2fly.org/chapter_02/protocols/vmess.html
* 新的发布签名,你可以用
* 现在 Outbound 的流量可以被统计到,具体参考 v2fly.org 文档
* HTTP outbound 支持 HTTP 2, HTTP2 over TLS, HTTP 1.1 over TLS in addition to HTTP 1.1 proxy traffic
* 添加 Windows 32 ARM 版本
* 修复 DOH 遇到无效域名崩溃 ( .google.com )
* 其他代码优化
* VMessAEAD 已经更新,现在你必须保持相同版本客户端和服务端才可使用 (需要手动启用)。
> https://www.v2fly.org/chapter_02/protocols/vmess.html
* 新的发布签名,你可以用
v2ctl verify --sig=Release example-file来确认未被修改
* 现在 Outbound 的流量可以被统计到,具体参考 v2fly.org 文档
* HTTP outbound 支持 HTTP 2, HTTP2 over TLS, HTTP 1.1 over TLS in addition to HTTP 1.1 proxy traffic
* 添加 Windows 32 ARM 版本
* 修复 DOH 遇到无效域名崩溃 ( .google.com )
* 其他代码优化
Forwarded from gcc-11
Forwarded from Kowalski
你的 AlterID 有多大?
Anonymous Poll
21%
0,经常更新 core 程序
9%
0,很少更新 core 程序
23%
< 10
13%
< 50
23%
< 100
5%
< 500
1%
< 1000
5%
< 65535
v4.27.0 已经发布
Breaking Change
* VMessAEAD 已经更新,你需要保持客户端和服务器相同版本
* 发布文件的结构进行了更改,变得更加清晰,但一些脚本可能需要更新,如果使用arm设备最好手动更新
* 4.28.0 版本及以后版本中,如果把
Feature
* VLESS PREVIEW 1.3 https://www.v2fly.org/config/protocols/vless.html
* Add Linux riscv64 release @rprx
Fix
* Shadowsocks supports cipher as None [none, plain] @yuhan6665
* Add access log for Dokodemo inbound @lucifer9
* Some typo fixes @DuckSoft
* Fix the error of missing curl in Dockerfile @kallydev
* GitHub Actions push to docker hub @kallydev
* Optimize SO_REUSEPORT implementation @Vigilans
* DOH supports HTTP/2 @darhwa
* Apply Sockopt from inbound config to Dokodemo Tproxy response connection @Vigilans
Breaking Change
* VMessAEAD 已经更新,你需要保持客户端和服务器相同版本
* 发布文件的结构进行了更改,变得更加清晰,但一些脚本可能需要更新,如果使用arm设备最好手动更新
* 4.28.0 版本及以后版本中,如果把
alterId 设置为 0 则代表为启用VMess AEAD(别忘记升级你的服务端)。Feature
* VLESS PREVIEW 1.3 https://www.v2fly.org/config/protocols/vless.html
* Add Linux riscv64 release @rprx
Fix
* Shadowsocks supports cipher as None [none, plain] @yuhan6665
* Add access log for Dokodemo inbound @lucifer9
* Some typo fixes @DuckSoft
* Fix the error of missing curl in Dockerfile @kallydev
* GitHub Actions push to docker hub @kallydev
* Optimize SO_REUSEPORT implementation @Vigilans
* DOH supports HTTP/2 @darhwa
* Apply Sockopt from inbound config to Dokodemo Tproxy response connection @Vigilans
www.v2fly.org
VLESS | V2Fly.org
Project V 是一个工具集合,它可以帮助你打造专属的基础通信网络
VMessAEAD 设计文档 https://github.com/v2fly/v2fly-github-io/issues/20
4.28.0 版本及以后版本中,如果把
没有直接使用 Core 的开发者们请及时更新
4.28.0 版本及以后版本中,如果把
alterId 设置为 0 则代表为启用VMess AEAD (别忘了更新到最新版本)没有直接使用 Core 的开发者们请及时更新
GitHub
VMessAEAD 设计文档 · Issue #20 · v2fly/v2fly-github-io
1. 现状 目前 VMess 已可根据协议头自动协商使用 AEAD 加密并认证传输的流量。但 VMess 协议头部仍然使用 MD5 + AES-CFB ,不能保证协议头部自身的完整性。 2. 定义 KDF: KDF 接受一个字节数组形式的主密钥,和若干字节数组形式的路径,生成一个子密钥 func KDF(key []byte, path [][]byte) []byte { oKDF = H...
原 https://install.direct/go.sh 已经弃用。
现在请使用 https://github.com/v2fly/fhs-install-v2ray
Q&A
从旧脚本迁移至此 https://github.com/v2fly/fhs-install-v2ray/wiki/Migrate-from-the-old-script-to-this
使用证书时提示权限不足 https://github.com/v2fly/fhs-install-v2ray/wiki/Insufficient-permissions-when-using-certificates
现在请使用 https://github.com/v2fly/fhs-install-v2ray
Q&A
从旧脚本迁移至此 https://github.com/v2fly/fhs-install-v2ray/wiki/Migrate-from-the-old-script-to-this
使用证书时提示权限不足 https://github.com/v2fly/fhs-install-v2ray/wiki/Insufficient-permissions-when-using-certificates
GitHub
GitHub - v2fly/fhs-install-v2ray: Bash script for installing V2Ray in operating systems such as Debian / CentOS / Fedora / openSUSE…
Bash script for installing V2Ray in operating systems such as Debian / CentOS / Fedora / openSUSE that support systemd - v2fly/fhs-install-v2ray
v4.27.4 已经发布
https://github.com/v2fly/v2ray-core/releases/tag/v4.27.4
Feature
* Dotless domain support in built-in DNS @Vigilans
* Support source port matching in routing config @Vigilans
* Make HTTP outbound 0-rtt @darhwa
* Add asset location auto search @vcptr
* Add PROXY protocol support to TCP & WebSocket inbound @lucifer9 and @rprx
* VLESS PREVIEW 1.5 @rprx
Fix
* Amending domain matcher with returning array of all matches @Vigilans
* Refactor DNS Server to record original rule of domain matchers @Vigilans
* New Systemd unit file @dctxmei
* Fix: logging empty rules & DNS @Loyalsoldier
* Fix a typo @dikaixu1999
* Shadowsocks Detection defense @studentmain and xiaokangwang
* Update Old file @Loyalsoldier
需要注意的是:
* Shadowsocks 的一个探测防御措施
* DNS 域匹配优先级 https://github.com/v2fly/v2ray-core/issues/92#issuecomment-673238489
* 路由源端口的匹配 https://github.com/v2fly/v2ray-core/issues/
* VLESS fallback -> fallbacks, see https://www.v2fly.org/config/protocols/vless.html
https://github.com/v2fly/v2ray-core/releases/tag/v4.27.4
Feature
* Dotless domain support in built-in DNS @Vigilans
* Support source port matching in routing config @Vigilans
* Make HTTP outbound 0-rtt @darhwa
* Add asset location auto search @vcptr
* Add PROXY protocol support to TCP & WebSocket inbound @lucifer9 and @rprx
* VLESS PREVIEW 1.5 @rprx
Fix
* Amending domain matcher with returning array of all matches @Vigilans
* Refactor DNS Server to record original rule of domain matchers @Vigilans
* New Systemd unit file @dctxmei
* Fix: logging empty rules & DNS @Loyalsoldier
* Fix a typo @dikaixu1999
* Shadowsocks Detection defense @studentmain and xiaokangwang
* Update Old file @Loyalsoldier
需要注意的是:
* Shadowsocks 的一个探测防御措施
* DNS 域匹配优先级 https://github.com/v2fly/v2ray-core/issues/92#issuecomment-673238489
* 路由源端口的匹配 https://github.com/v2fly/v2ray-core/issues/
* VLESS fallback -> fallbacks, see https://www.v2fly.org/config/protocols/vless.html
GitHub
Release v4.27.4 · v2fly/v2ray-core
Features
17f51f4 Dotless domain support in built-in DNS @Vigilans
c74a33f Support source port matching in routing config @Vigilans
d05ddc8 Make HTTP outbound 0-rtt @darhwa
bc00811 Add asset locat...
17f51f4 Dotless domain support in built-in DNS @Vigilans
c74a33f Support source port matching in routing config @Vigilans
d05ddc8 Make HTTP outbound 0-rtt @darhwa
bc00811 Add asset locat...
v4.27.5 已经发布
https://github.com/v2fly/v2ray-core/releases/tag/v4.27.5
Features
Parse X-Forwarded-For in http transport @lucifer9
Fix
Fix according to staticcheck result @Loyalsoldier
Fix: Bound check when accessing DNS server's ipIndexMap @Vigilans
Refine code @Loyalsoldier
https://github.com/v2fly/v2ray-core/releases/tag/v4.27.5
Features
Parse X-Forwarded-For in http transport @lucifer9
Fix
Fix according to staticcheck result @Loyalsoldier
Fix: Bound check when accessing DNS server's ipIndexMap @Vigilans
Refine code @Loyalsoldier
GitHub
Release v4.27.5 · v2fly/v2ray-core
Features
Parse X-Forwarded-For in http transport @lucifer9
Fix
Fix according to staticcheck result @Loyalsoldier
Fix: Bound check when accessing DNS server's ipIndexMap @Vigilans
Refine code @L...
Parse X-Forwarded-For in http transport @lucifer9
Fix
Fix according to staticcheck result @Loyalsoldier
Fix: Bound check when accessing DNS server's ipIndexMap @Vigilans
Refine code @L...
v4.28.0 已经发布
https://github.com/v2fly/v2ray-core/releases/tag/v4.28.0
Changes
Use Golang 1.15
VMess AEAD will be used when alterId is 0. ("testsEnabled" is discarded)
Fixes
Fix dns tests by setting v2ray.location.asset @felixonmars
fix abstract UDS & add PROXY protocol support to DS inbound @lucifer9 @rprx
Systemd: prevent restart on corrupt config @DuckSoft
Chores
Upgrade all dependencies @rprx
Change lint order to avoid file changes notice @Loyalsoldier
Update geoip, geosite
https://github.com/v2fly/v2ray-core/releases/tag/v4.28.0
Changes
Use Golang 1.15
VMess AEAD will be used when alterId is 0. ("testsEnabled" is discarded)
Fixes
Fix dns tests by setting v2ray.location.asset @felixonmars
fix abstract UDS & add PROXY protocol support to DS inbound @lucifer9 @rprx
Systemd: prevent restart on corrupt config @DuckSoft
Chores
Upgrade all dependencies @rprx
Change lint order to avoid file changes notice @Loyalsoldier
Update geoip, geosite
GitHub
Release v4.28.0 · v2fly/v2ray-core
bump version