Skip to content

v1.9.0
Compare
Choose a tag to compare
@github-actions github-actions released this 22 Feb 01:49
· 1442 commits to master since this release
v1.9.0
b3de247
This commit was signed with the committer’s verified signature.
zonyitoo ty
GPG key ID: 5B8C3CB62F6E9D9E
Learn about vigilant mode.

Complete refactored the whole implementation and splits into 3 different crates:

  • shadowsocks - Core feature of shadowsocks
  • shadowsocks-service - Service library for implementing Local Server, Remote Server, Manager Server
  • shadowsocks-rust - Binary crate for release

Replaced libsodium and libcrypto with crypto2.

Features

  • Support setting SO_MARK, SO_BINDTODEVICE on Linux
  • Support setting SO_SNDBUF and SO_RCVBUF for TCP sockets
  • Support SIP008 extend server fields server, server_port, remarks
  • Local DNS Relay
    • Support sending TCP and UDP queries simutaneously
    • Support connection reusability
  • Remove mostly TCP timeout setting for tunnels, connections will only be killed if clients or servers close
  • Auto-reload DNS resolver configuration from /etc/resolv.conf on *NIX platforms.
  • #379 Allow customizing number of worker-threads for multi-threaded scheduler.
  • #401 Support field disabled in extended server configuration
  • Ping Balancer
    • Treat timeouts as failures, so requests that receive no response count as failures.
    • Increase check timeout from 2s to 5s to avoid penalties on slow servers.
    • Increase check interval from 6s to 10s.
  • --outbound-bind-interface is now supported in both Linux and macOS
  • #352 Support customizing inbound and outbound sockets' SO_SNDBUF and SO_RCVBUF by command line options

Library Update

Optimization

  • UDP Relays sending respond packets directly to UdpSocket instead of channel, which will significantly improve respond latency
  • #408 Enable std features for the spin crate to enable yielding threads when spinning on waiting.

BUG Fixes

  • For BSD systems, set IPV6_BINDANY and SO_BINDANY on SOL_SOCKET properly
  • trust-dns-resolver requires explicit enables feature dns-over-https-rustls for DoH #367
  • ACL domain rules should be case insensitive. Domain names are case insensitive.
  • shadowsocks/shadowsocks-android#2667 set timeout for protect() call to Android's VpnService

Miscellaneous

  • Disable HTTPS outbound connection for local HTTP proxy by default. For most use cases, HTTPS should be proxied with CONNECT method.
  • Unified UDP relay association implementation for less duplicated code.
  • Deprecated single-threaded build feature, replaced by multi-threaded.
  • Disable stream ciphers by default. Could be enabled with feature stream-cipher.
  • Enable IPv6 dual stack mode by default when listening on ::.

Releases

Releases are built with ISA that are supported by Modern CPUs, see comments in .cargo/config.toml. If you see any related messages like Illegal Instruction, then you must be running on a very old CPU, so you can:

  • Delete .cargo/config.toml and build your own release
    • NOTE: This may lead to no hardware accleration for cryptographic operations
  • Change your CPU to some more advanced model
Assets 26
Loading