V2Fly - Notification and Updates, V2Ray the second new
6.41K subscribers
4 photos
2 files
81 links
Notifications & Updates from community mainternors for Project V

Find our discussion group in Chinese and English here: @v2fly_chat

https://twitter.com/realV2Fly
Download Telegram
v4.29.0 已经发布

https://github.com/v2fly/v2ray-core/releases/tag/v4.29.0

Features
VLESS & XTLS 组合通过减少 TLS 二次加密实现了更强的性能和能耗改善,特别是在硬路由和移动设备上。但目前在性能充足的设备上,这个提升似乎并不明显。建议亲自测试,并关注后续改进。

VLESS PREVIEW 2
Add XTLS support

https://www.v2fly.org/config/protocols/vless.html

Changes
mKCP: removing annoying NewAEADAESGCMBasedOnSeed hint.

Refactor
Routing: Implement Route interface as the routing result of Router.
Stats: Add ChannelConfig & Return error on subscription.

Chores
Refine linter.
Golangci-lint: disable some plugins.
Make isAEAD more efficient.
Golangci-lint: increase Timeout to 5 minutes.

Warning
Please migrate from V2Ray to V2Fly in time
Compiling v2ray-core requires Go 1.15+

p.s 推特已经恢复正常 https://twitter.com/realV2Fly
V2Fly - Notification and Updates, V2Ray the second new
关于 Shadowsocks 的 OTA 功能的调查
Shadowsocks OTA 这一曾匆匆上马的解决方案很快因为缺陷而被大多数实现弃用,时过境迁,目前只有 V2Ray 还没有移除它,所以我们决定近期推进这件事,盖紧棺材。#Shadowsocks_OTA
v4.30.0 Released

https://github.com/v2fly/v2ray-core/releases/tag/v4.30.0

Warning
* VLESS UDP over TCP struct breaking change.
(see https://github.com/v2fly/v2ray-core/pull/239)
* Shadowsocks OTA is deprecated and will be removed soon.
* Compiling v2ray-core requires Go 1.15+.

Features
* Add Trojan Protocol Support (PREVIEW).
(see https://www.v2fly.org/config/protocols/trojan.html)
* Add XTLS support to DomainSocket.

Refactor
* API: Implements RoutingService.

Chores
* Refine local TLDs for localhost DNS.
* Refine: geofile reading errors.
V2Fly 正在参与由 GitHub 和 DigitalOcean 共同举办的 Hacktoberfest 活动!

凡在10月1日 - 10月31日间提交的 PR 都将在被接受后获得 hacktoberfest-accepted 标签,以争取获得奖品的机会。

详见 https://hacktoberfest.digitalocean.com
V2Fly 的文档需要大家来完善。为鼓励贡献,v2fly.org 现已在页面底部显示其贡献者。

想要头像出现在 V2Fly 的贡献者列表/页面里的小伙伴们,欢迎踊跃PR。

最后感谢 Kid 为此开发的插件
v4.31.0 Released

https://github.com/v2fly/v2ray-core/releases/tag/v4.31.0

Warning
* Remove Shadowsosks OTA
* Compiling v2ray-core requires Go 1.15+

Fixes
* Fix Trojan inbound access log

Features
* VLESS PREVIEW 2.4
* Add XTLS Direct Mode
https://www.v2fly.org/config/protocols/vless.html#xtls-%E9%BB%91%E7%A7%91%E6%8A%80
* Add XTLS support to mKCP
* Add full VLESS fallbacks support to Trojan
* Add padding to abstract UNIX domain socket in fallbacks
* Allow startup when VLESS inbound clients is zero
* Update to IETF QUIC draft-29

Refactor
* VLESS fallbacks & XTLS other improvements
* Stats: Implements blocking/non-blocking messaging of Channel.

Chores
* Refine Azure Pipelines & Bazel: remove unnecessary steps.
* Refine code *26.

Build and compiling
* Compiler uses gccgo, remove flags gcflags and asmflags
* Make builds reproducible

Notice
Project gets rid of GOPATH mode entirely from now on. Use Git and go mod command as your first choice while development.
For more information, visit:
* https://www.v2fly.org/developer/intro/compile.html
* https://www.v2fly.org/developer/intro/guide.html
v4.31.1 Released

https://github.com/v2fly/v2ray-core/releases/tag/v4.31.1

Warning
* Compiling v2ray-core requires Go 1.15+

Changes
* Use Go 1.15.3
* Remove XTLS WriteMultiBuffer method
* Adjust level of some logs in VLESS

Fixes
* mKCP: Fix XTLS over mKCP
* DoH: Reduce timeout & fix ineffassign

Chores
* Upgrade all dependencies
* Refine golangci-lint settings & Refine code according to golangci-lint results
* Fix user-package codename & buildtime error

Notice
Project has got rid of GOPATH mode entirely. Use Git and go mod command as your first choice while development.
For more information, visit:
* https://www.v2fly.org/developer/intro/compile.html
* https://www.v2fly.org/developer/intro/guide.html
v4.31.3 Released

https://github.com/v2fly/v2ray-core/releases/tag/v4.31.3

Warning
* Compiling v2ray-core requires Go 1.15+

Changes
* Add Trojan over XTLS support
* Adjust VLESS & Trojan Validator

Fixes
* Fix Trojan API
* Fix generate .pb.go on Windows

Chores
* Update geoip, geosite, dependencies
* Remove .dev/protoc & Detect and show download link
尽管任何人都可以检查自由开源软件中的源代码是否存在恶意漏洞,但大多数情况下都只是获取这些软件的预编译版本,没有办法确认它们和源代码是否一致。

这就刺激了对发布软件的开发者的攻击 —— 不仅是传统的对漏洞的利用,还以政治影响、勒索甚至暴力威胁的形式。

比起开发者本身,攻击构建程序的基础设施更能控制大量的用户设备,而二进制文件变化,对开发者和用户而言是个共同的盲区。

这些攻击可能还导致特定目标,如异见者,新闻工作者和举报人,以及希望进行自由通信的任何人,可能仅仅因为在专制政权下自由通信而遭受处罚。

因此,Reproducible Builds 允许验证在编译过程中没有漏洞或后门被引入。通过相同的源代码生成相同的二进制,让多个第三方就 "正确" 的结果达成共识,突出任何可疑的和值得仔细检查的偏差。

现在,我们在 https://github.com/v2fly/reproducible-builds 提供该工具,你可以快速运行并校验发布文件是否被修改。
v4.32.0 Released

https://github.com/v2fly/v2ray-core/releases/tag/v4.32.0

Features
* V2Ray loads JSON internally by default
* Refine UNIX domain socket
https://www.v2fly.org/config/inbounds.html

Fixes
* Fix mKCP sending window
* Fix JSON parsing dependency introduced by mutijson config
* Fix proto.go ProtoFilesUsingProtocGenGoFast on Windows

Chores
* Update geoip, geosite, dependencies
* Refine vprotogen & Regenerate .pb.go files

Notice
* Compiling v2ray-core requires Go 1.15+
* Now v2ray-core supports Reproducible Builds
https://github.com/v2fly/reproducible-builds
v4.32.1 Released

https://github.com/v2fly/v2ray-core/releases/tag/v4.32.1

Important improvement
* VLESS XTLS Direct Mode ReadV Experiment
It's strongly recommended to test this change, as it reaches the best performance of current V2Ray platform.
Remember to use V2Ray v4.32.1+ on at least client side. For more information, please visit
https://www.v2fly.org/config/protocols/vless.html#xtls-%E9%BB%91%E7%A7%91%E6%8A%80

Fixes
* Disable 0-RTT mechanism for HTTP/1.x outbound
* Set default alterId to 0 for VMess dynamic ports

Chores
* Use Go 1.15.4
* Update geoip, geosite, dependencies

Notice
* Compiling v2ray-core requires Go 1.15+
* You are able to compile codes to the complete same binaries as assets by simply following
https://www.v2fly.org/developer/intro/compile.html
#performance

最新的 v4.32.1 版本中,VLESS XTLS Direct Mode 引入了 ReadV 增强,减少一层内存 Copy,性能已与 VLESS 无加密裸奔持平(接近于纯流量转发),为传统 VMess WS TLS 方案的五倍、VLESS TCP TLS 的三倍(且测试机器 CPU 均有 AES 指令集,否则差距更大,如硬路由器上),强烈建议测试体验。这或许是当前性能最强的安全代理方式,但并不是上限,因为下一步优化方向是 V2Ray 框架本身的性能。

https://www.v2fly.org/config/protocols/vless.html
感谢 @kidonng 的工作

现在你可以在 macOS 中使用

brew install v2ray

来安装 V2Ray
v4.33.0 Released

https://github.com/v2fly/v2ray-core/releases/tag/v4.33.0

Breaking Changes
* Remove XTLS

Features
* Add support for Debian package
* API: Reflection Service Support
* Update to IETF QUIC draft-32 (draft-29 is still supported)

Chores
* Transfer VSign and related project to V2Fly and share under the same
* Update security policy with renewed GPG public key
* Use Go 1.15.5
* Refine Code

Notice
The project gets rid of GOPATH mode entirely. Use Git and go mod command as your first choice while developing.
For more information, visit:
https://www.v2fly.org/developer/intro/compile.html
New API Service: ReflectionService

This service enables the clients to retrieve gRPC service's API list and signatures without prior access to its proto files. In this way, tools like grpcurl could easily interact with the API service:

# h2c
$ grpcurl -plaintext localhost:10086 list
grpc.reflection.v1alpha.ServerReflection
v2ray.core.app.proxyman.command.HandlerService
v2ray.core.app.stats.command.StatsService

# h2 with tls
$ grpcurl -insecure -cert cert.crt -key cert.key localhost:10086 v2ray.core.app.stats.command.StatsService/GetSysStats
{
"NumGoroutine": 24,
"NumGC": 25,
"Alloc": "24095640",
"TotalAlloc": "511473656",
"Sys": "146657288",
"Mallocs": "6909875",
"Frees": "6464105",
"LiveObjects": "445770",
"PauseTotalNs": "1834456",
"Uptime": 82
}

ref: https://github.com/v2fly/v2ray-core/pull/435
v4.34.0 Released

https://github.com/v2fly/v2ray-core/releases/tag/v4.34.0

Breaking Changes
* Support for the legacy Shadowsocks protocol with stream ciphers has been removed (#566). If you are still using the unsecure stream ciphers, migrate to Shadowsocks AEAD (ChaCha20Poly1305 and AES-GCM) immediately.
* Binaries of the following architectures are no longer a part of the release: s390x, ppc64, ppc64le, mips softfloat.

Changes
* DNS: refactoring DNS (#169)
* DNS: support DNS over QUIC (#534) (currently only non-proxied lookup)
* DNS: add clientIp feature support for every nameserver (#504)
* Release: add Android release (#512)
* Android: default dns set to 8.8.8.8:53 (#572)
* TLS Session Resumption is now disabled by default (#569). See #557 for more information.
* SessionTicketsDisabled is now true by default. See #557 for more information.
* SOCKS: Refine socks5 server UdpAssociate response behavior (#523)
* SOCKS: Fix socks client UDP outbound's wrong destination (#522)
* HTTP2: listen port failed use error level log (#576)
* DNS: refine skipRoutePick (#558)
* DNS: compatible with localhost nameserver (#530)
* DNS & Routing: refine rule parsing process (#528)
* Config: multi-JSON config overide (#409)
* Release: migrate release from Azure Pipelines to GitHub Actions (#453 #468)
* Logging: Prevent trailing whitespaces in logs (#526)
* Test: add race detector
* Minor changes and fixes by U-v-U, CalmLong, dyhkwong
v4.35.1 Released

https://github.com/v2fly/v2ray-core/releases/tag/v4.35.1

New Features
* FakeDNS, an imaginary DNS server to preserve the domain information even if the software do not support proxy settings
* HybridDomainMatcher: a faster and more memory-efficient routing rule matcher.
* Outbound transport level proxySettings: comprehensive chained proxy support
* Support Apple Silicon: add pre-built binary for Apple Silicon named v2ray-macos-arm64-v8a.zip
* VMess: add zero pseudo encryption for better performance
* Support to disable DNS cache

So many other improvements see Github Release Note for detail.
v4.36.1 released.

Features

* Transport: add gRPC / gun transport. This transport's connections can be relayed over Nginx and other supported CDNs, have an ALPN of h2 and a built-in mux. (#757 #783)
-> Docs: Transport; gRPC transport

* Proxy: add loopback proxy. This proxy allows you to send connections back to router to be routed again. It is a drop-in replacement for modified outbound address and dokodemo-door setup while using less system resources. (#770)
-> Docs: Loopback

* Routing: add a faster and more memory-efficient routing rule matcher MphDomainMatcher that uses minimal perfect hash. (#743)
-> Docs: Routing

Fixes

* DNS: Refined DNS default setting logics in Android (#767)
* FakeDNS: use 198.18.0.0/15 as default FakeDNS IP pool (#779)

Notices

* VMess: From Jan 1, 2022, compatibility for legacy VMess MD5 will be disabled by default. Visit here for more information.
* You are able to compile exactly the same binaries as the ones in Assets section below by simply following the compiling guide.

For Downstream Developers

The Go module name of v2ray-core has been changed to github.com/v2fly/v2ray-core/v4. Do NOT use v2ray.com/core anymore.
v4.38.0 is released. (Unstable Release)

This release includes security functionality improvement for some users.

Feature

* FakeDNS: Added fakedns+others sniffer. Thanks yuhan6665 .
* TLS: A SECURITY improvement that allow the remote peer's TLS certificate to be pinned to a known value.
* Observatory: A component that measure the connectivity of selected outbounds.
* Routing : leastPing balancing strategy is added. This strategy will select a outbound that is alive and completed HTTPS GET request in the least time.

Chore

* Fixed two typo in comments. Thanks U-v-U

Security Advisory

* TLS connections with dangerous diagnose option allowInsecure turn on and without certificate pin with pinnedPeerCertificateChainSha256 will not be able protect your data at all from a attacker in privileged network path(for example ISP or any firewall or censorship infrastructure). This is especially dangerous when an unprotected protocol or option is used, such as any VLess configuration, VMess with none or zero security, and any trojan configuration, in which case your data is accessible to attacker in plain text and attacker can inject arbitrary data pretending to the the remote server. In the case of VLess and trojan, the proxy protocol access control credential is also exposed to the attacker, the attacker will be able to use your proxy. You are advised to use certificate pin (and/or other security features provided in a later version of V2Ray) whenever allowInsecure is turned on. Attempting to MITM your connection temporarily to identify TLS based proxy is a known threat.