Skip to content

Releases: v2fly/v2ray-core

v5.4.0 User Preview

19 Feb 15:21
e9943b5
Compare
Choose a tag to compare
v5.4.0 User Preview Pre-release
Pre-release

New Features

  • Add Integrated Container Image Building (#2328)
  • Skip validating on empty http host config (#2265) Thanks @heimoshuiyu .
  • Feat: add PacketAddr support to Trojan (#2225) Thanks @AkinoKaede .
  • feat: add an option to replace destination address in access log with sniffed domain. (#2311) Thanks @mydogshitgold .
  • [app/proxyman] DomainStrategy support for all outbounds (#2334) Thanks @Vigilans .

Fixes

  • [app/dispatcher] Correctly implement QUIC sniffer (#2335) Thanks @Vigilans .
  • Fix sockopt.TcpKeepAliveInterval (#2149) Thanks @cubarco .
  • [common/buf] Add bytespools ownership for buf.Buffer (#2336) Thanks @Vigilans .

Chores

  • Compatibility change for go 1.18 (#2317) Thanks @moetayuko .
  • Chore: bump golang.org/x/crypto from 0.4.0 to 0.6.0
  • Chore: bump github.com/refraction-networking/utls from 1.2.0 to 1.2.2
  • Chore: bump golang.org/x/net from 0.6.0 to 0.7.0
  • Chore: bump github.com/go-playground/validator/v10
  • Chore: bump google.golang.org/grpc from 1.51.0 to 1.53.0
  • Chore: bump github.com/pion/dtls/v2 from 2.0.0-rc.7 to 2.2.4
  • Chore: bump github.com/quic-go/qtls-go1-20 from 0.1.0 to 0.1.1
  • Chore: bump github.com/quic-go/qtls-go1-19 from 0.2.0 to 0.2.1

v5.3.0 User Preview

07 Feb 20:34
1aac75c
Compare
Choose a tag to compare

New Features

  • uTLS uTLS ALPN Control (#2261)
    • CN EN Document have been updated.

Fixes

Chores

v5.2.1 User Preview

14 Jan 15:32
42b1667
Compare
Choose a tag to compare

New Features

Fixes

  • Fix typo in error message (#2146) Thanks @kvii .
  • Support domain string validation (#2188) Thanks @Vigilans .
  • Charset of ACAutomationMatcherGroup should accept all ASCII characters (#1988) Thanks @Vigilans .
  • Fix logic of domain override Thanks @AkinoKaede .
  • Fix HTTP sniff Thanks @AkinoKaede .
  • Fix config merger fixes (#2084) Thanks @qjebbs .
  • Fix selectLeastLoad() returns wrong number of nodes (#2083) Thanks @qjebbs .
  • Fix(freebsd): ReadUDPMsg nil pointer Thanks @kscooo @AkinoKaede .
  • fix: socks4/4a client handshake (#1971) Thanks @dyhkwong .
  • Add transport original name to listen unix (#2048) Thanks @AkinoKaede .
  • fix Replace "math/rand" with "crypto/rand" in padding generation(#2032) @nlzy .
  • Fix remove v2ctl from debian/rules (#1954) Thanks @felixonmars @Loyalsoldier .
  • Fix getting shared flags for balance info command (#1905) Thanks @iusearch .
  • Fix erroneous prefix checking Thanks @iusearch .
  • Fix json.Reader: fill output bytes as much as possible Thanks @EHfive .
  • Guard against nil pointer dereference of (*NetworkList) Thanks @EHfive.
  • Fix server name not applied to security engine in TCP transport. (#2260) Thanks @Zeezorn.

Chores

v5.2.0 User Preview

25 Dec 17:35
b18f592
Compare
Choose a tag to compare
v5.2.0 User Preview Pre-release
Pre-release

New Features

Fixes

  • Fix typo in error message (#2146) Thanks @kvii .
  • Support domain string validation (#2188) Thanks @Vigilans .
  • Charset of ACAutomationMatcherGroup should accept all ASCII characters (#1988) Thanks @Vigilans .
  • Fix logic of domain override Thanks @AkinoKaede .
  • Fix HTTP sniff Thanks @AkinoKaede .
  • Fix config merger fixes (#2084) Thanks @qjebbs .
  • Fix selectLeastLoad() returns wrong number of nodes (#2083) Thanks @qjebbs .
  • Fix(freebsd): ReadUDPMsg nil pointer Thanks @kscooo @AkinoKaede .
  • fix: socks4/4a client handshake (#1971) Thanks @dyhkwong .
  • Add transport original name to listen unix (#2048) Thanks @AkinoKaede .
  • fix Replace "math/rand" with "crypto/rand" in padding generation(#2032) @nlzy .
  • Fix remove v2ctl from debian/rules (#1954) Thanks @felixonmars @Loyalsoldier .
  • Fix getting shared flags for balance info command (#1905) Thanks @iusearch .
  • Fix erroneous prefix checking Thanks @iusearch .
  • Fix json.Reader: fill output bytes as much as possible Thanks @EHfive .
  • Guard against nil pointer dereference of (*NetworkList) Thanks @EHfive.

Chores

v5.1.0 User Preview

06 Sep 20:18
6fcdf99
Compare
Choose a tag to compare

v5.1.0 User Preview

New Features

  • Jsonv5 New configuration format. This enables support for automatic component recognition.
  • VLite UDP P2P focused proxy protocol with Full Cone, Forward Error Correction, Self-Healing Connection(Connection Stabilization) support.
    • UDP based VLite support was added in #1732.
    • The ZH EN documents have been updated.
  • UDP PacketAddr UDP endpoint independent mapping(aka Full Cone) support.
  • SocksOpt Add KeepAlive Support. Thanks @ValdikSS .
  • SocksOpt Add BindToDevice Support. Thanks @database64128 .
  • SocksOpt Add Rx/TxBuf Size Support.
  • Burst Observatory Measure connection quality to a significant amount of outbound at the same time. Thanks @qjebbs.
  • Multi Observatory Run more than one Observatory at the same time.
  • Router Load balancing strategy LeastLoad. Thanks @qjebbs.
  • Jsonv4 Additional representation format for Jsonv4 configure file format. This includes YAML, TOML. Thanks @qjebbs.
  • Jsonv4 General purpose merger for all configure formats. Thanks @qjebbs.
  • Shadowsocks Reduced IV Head Entropy Experiment. Thanks GFWReport and other collaborators.
  • CLI Reworked command line Interface. Thanks @qjebbs.
  • Developer Assistance Protobuf configure format reverse engineering.
  • Asset Search for assets in xdg data directories on non-windows platforms #1578 Thanks @NickCao.
  • DNS Feat: refine find IPs logic for DoH. Thanks @AkinoKaede .
  • gRPC Feat: make gRPC dialer accept socket config #1697 Thanks @dyhkwong
  • JSONv5 Feat: add JSONC support to v5 configuration #1778 Thanks @AkinoKaede
  • DNS Change the default port of Dns over Quic #1834 Thanks @simpleandstupid @AkinoKaede
  • DNS feat: change ALPN of DNS over QUIC Thanks @AkinoKaede
  • UDP Feat: increase idle timeout to 300s for udp split #1903 Thanks @AkinoKaede
  • Feat: refine cipher and network config #1436 Thanks @AkinoKaede
  • Feat: refine the logic of security type AUTO #1913 Thanks @H1JK

Fixes

  • Router Fixed a memory leak bug caused by requiring component.
  • FakeDNS Fix a concurrency issue in fakedns #1666 Thanks @yuhan6665 .
  • Jsonv5 Fix: context of DNS simplified config #1665 Thanks @AkinoKaede .
  • DNS Fix: fix failure of cache expired DNS record querying over DoH #1706 Thanks @KujouRinka.
  • DNS Fix: failure of cache expired DNS record querying over DoQ. Thanks @AkinoKaede .
  • Fix client dialer log #1568 Thanks @yuhan6665 @AkinoKaede @kslr.
  • Fix: net.Address type checking #1629 Thanks @1ocalhost
  • Fix "disable quit on connection interrupt" #1763 Thanks @dyhkwong
  • Fix TLS Client Certificate Verify Not Applied
  • Fix: proxy/http: Avoid getting stuck when using server-first protocols #1517 Thanks @lrh2000
  • Fix: correct a type assertion of dokodemo simplified config #1771 Thanks @EHfive
  • Fix: build routing condition for geo domain #1772 Thanks @EHfive
  • Fix: correct TCP keepalive sockopt names for darwin #1777 Thanks @EHfive
  • Fix ticker usage Thanks @nekohasekai
  • Fix: load auto format config with io.Reader #1773 Thanks @AkinoKaede
  • Fix: V5 config register #1879 Thanks @AkinoKaede
  • Fix: length of DNS over QUIC #1888 Thanks @AkinoKaede

Chores

v5.0.8 Developer Preview

19 Aug 21:42
64cb1a2
Compare
Choose a tag to compare
Pre-release

v5.0.8 Developer Preview

-----> ⚠️ Important Message ⚠️<-----

This might be the last Developer Preview of V2Ray V5. We will soon begin to release User Preview that are signed and marked as stable. This User Preview will suitable for users to start using v5 version of V2Ray, and user facing config will be more stable than Developer Preview. The version number for that release will be v5.1.0, and then increase middle version number for each regular update, then a minor version increase for minor patches.

For testing purpose, this v5.0.8 version might be signed as well.

This is a pre-release version of V2Ray intended for developer preview. Users are not advised to use this version right now. Contributors are encouraged to send pull requests to the V5 version of the codebase.
This release note is being edited to reflect all significant changes made to the codebase, please contact us if you think something is missing.
Most new features are currently undocumented. The documents will be updated over time.

Breaking Changes

  • DNS DNS over QUIC's default port changed from 784 to 853
  • Jsonv5 field network renamed to networks

New Features

  • Jsonv5 New configuration format. This enables support for automatic component recognition.
  • VLite UDP P2P focused proxy protocol with Full Cone, Forward Error Correction, Self-Healing Connection(Connection Stabilization) support.
    • UDP based VLite support was added in #1732.
    • The ZH EN documents have been updated.
  • UDP PacketAddr UDP endpoint independent mapping(aka Full Cone) support.
  • SocksOpt Add KeepAlive Support. Thanks @ValdikSS .
  • SocksOpt Add BindToDevice Support. Thanks @database64128 .
  • SocksOpt Add Rx/TxBuf Size Support.
  • Burst Observatory Measure connection quality to a significant amount of outbound at the same time. Thanks @qjebbs.
  • Multi Observatory Run more than one Observatory at the same time.
  • Router Load balancing strategy LeastLoad. Thanks @qjebbs.
  • Jsonv4 Additional representation format for Jsonv4 configure file format. This includes YAML, TOML. Thanks @qjebbs.
  • Jsonv4 General purpose merger for all configure formats. Thanks @qjebbs.
  • Shadowsocks Reduced IV Head Entropy Experiment. Thanks GFWReport and other collaborators.
  • CLI Reworked command line Interface. Thanks @qjebbs.
  • Developer Assistance Protobuf configure format reverse engineering.
  • Asset Search for assets in xdg data directories on non-windows platforms #1578 Thanks @NickCao.
  • DNS Feat: refine find IPs logic for DoH. Thanks @AkinoKaede .
  • gRPC Feat: make gRPC dialer accept socket config #1697 Thanks @dyhkwong
  • JSONv5 Feat: add JSONC support to v5 configuration #1778 Thanks @AkinoKaede
  • DNS Change the default port of Dns over Quic #1834 Thanks @simpleandstupid @AkinoKaede
  • DNS feat: change ALPN of DNS over QUIC Thanks @AkinoKaede
  • UDP Feat: increase idle timeout to 300s for udp split #1903 Thanks @AkinoKaede
  • Feat: refine cipher and network config #1436 Thanks @AkinoKaede
  • Feat: refine the logic of security type AUTO #1913 Thanks @H1JK

Fixes

  • Router Fixed a memory leak bug caused by requiring component.
  • FakeDNS Fix a concurrency issue in fakedns #1666 Thanks @yuhan6665 .
  • Jsonv5 Fix: context of DNS simplified config #1665 Thanks @AkinoKaede .
  • DNS Fix: fix failure of cache expired DNS record querying over DoH #1706 Thanks @KujouRinka.
  • DNS Fix: failure of cache expired DNS record querying over DoQ. Thanks @AkinoKaede .
  • Fix client dialer log #1568 Thanks @yuhan6665 @AkinoKaede @kslr.
  • Fix: net.Address type checking #1629 Thanks @1ocalhost
  • Fix "disable quit on connection interrupt" #1763 Thanks @dyhkwong
  • Fix TLS Client Certificate Verify Not Applied
  • Fix: proxy/http: Avoid getting stuck when using server-first protocols #1517 Thanks @lrh2000
  • Fix: correct a type assertion of dokodemo simplified config #1771 Thanks @EHfive
  • Fix: build routing condition for geo domain #1772 Thanks @EHfive
  • Fix: correct TCP keepalive sockopt names for darwin #1777 Thanks @EHfive
  • Fix ticker usage Thanks @nekohasekai
  • Fix: load auto format config with io.Reader #1773 Thanks @AkinoKaede
  • Fix: V5 config register #1879 Thanks @AkinoKaede
  • Fix: length of DNS over QUIC #1888 Thanks @AkinoKaede

Chores

v5.0.7 Developer Preview

12 Jun 22:45
b4069f7
Compare
Choose a tag to compare
Pre-release

This release includes security enhancement for all users.

!!! Important SECURITY enhancement !!!

  • Fix DoS attack vulnerability in VMess Option Processing. (Thanks @nekohasekai )

Security Advisory

This update fixes a DoS vulnerability in V2Ray. This vulnerability allows a VMess Client with authentication information controlled by an attacker to crash a VMess Server by sending a specially crafted VMess handshake message with an invalid option or encryption type. This vulnerability does NOT allow the attacker to retrieve any information(other than it used an unpatched version of the software) and does NOT allow an attacker to control the unpatched software or system. It is strongly recommended for all users to apply this security update at the earliest possible opportunity. We would like to thank @nekohasekai for the discovery of this vulnerability.

此更新修复了在 V2Ray 中的一个拒绝服务攻击漏洞。这个漏洞允许攻击者控制的拥有认证信息的 VMess 客户端迫使 VMess 服务器端崩溃。这个漏洞可以通过在 VMess 握手阶段由客户端发送一个恶意的数据包被触发,触发漏洞数据包拥有无效的选项或加密方式。 攻击者 无法 通过这个漏洞获取任何信息(除客户端尚未应用此安全更新以外),也 不会 允许攻击者控制客户端软件或系统。强烈推荐所有用户在第一时间应用本安全更新。我们在此感谢 @nekohasekai 发现此漏洞。

Edit: Fixed a typo. Last version of this document withdrawn.

v4.45.2

12 Jun 22:54
1c6e4bb
Compare
Choose a tag to compare

This release includes security enhancement for all users.

!!! Important SECURITY enhancement !!!

  • Fix DoS attack vulnerability in VMess Option Processing. (Thanks @nekohasekai )

Security Advisory

This update fixes a DoS vulnerability in V2Ray. This vulnerability allows a VMess Client with authentication information controlled by an attacker to crash a VMess Server by sending a specially crafted VMess handshake message with an invalid option or encryption type. This vulnerability does NOT allow the attacker to retrieve any information(other than it used an unpatched version of the software) and does NOT allow an attacker to control the unpatched software or system. It is strongly recommended for all users to apply this security update at the earliest possible opportunity. We would like to thank @nekohasekai for the discovery of this vulnerability.

此更新修复了在 V2Ray 中的一个拒绝服务攻击漏洞。这个漏洞允许攻击者控制的拥有认证信息的 VMess 客户端迫使 VMess 服务器端崩溃。这个漏洞可以通过在 VMess 握手阶段由客户端发送一个恶意的数据包被触发,触发漏洞数据包拥有无效的选项或加密方式。 攻击者 无法 通过这个漏洞获取任何信息(除客户端尚未应用此安全更新以外),也 不会 允许攻击者控制客户端软件或系统。强烈推荐所有用户在第一时间应用本安全更新。我们在此感谢 @nekohasekai 发现此漏洞。

Edit: Fixed a typo. Last version of this document withdrawn.

v4.45.1

12 Jun 22:47
63d9bd2
Compare
Choose a tag to compare

This release have with withdrawn.

v5.0.6 Developer Preview

03 May 14:38
17a93bb
Compare
Choose a tag to compare
Pre-release

v5.0.5 Developer Preview

This is a pre-release version of V2Ray intended for developer preview. Users are not advised to use this version right now. Contributors are encouraged to send pull requests to the V5 version of the codebase.
This release note is being edited to reflect all significant changes made to the codebase, please contact us if you think something is missing.
Most new features are currently undocumented. The documents will be updated over time.

!!! SECURITY !!!

Fix TLS Client Certificate Verify setting is not applied. Most users do not use this feature in V5.

!!! BREAKING !!!

TLS Certificates are required to have usage set to AUTHORITY_VERIFY, or AUTHORITY_VERIFY_CLIENT to be recognized as respective CA.

New Features

  • Jsonv5 New configuration format. This enables support for automatic component recognition.
  • VLite UDP P2P focused proxy protocol with Full Cone, Forward Error Correction, Self-Healing Connection(Connection Stabilization) support.
    • UDP based VLite support was added in #1732.
    • The ZH EN documents have been updated.
  • UDP PacketAddr UDP endpoint independent mapping(aka Full Cone) support.
  • SocksOpt Add KeepAlive Support. Thanks @ValdikSS .
  • SocksOpt Add BindToDevice Support. Thanks @database64128 .
  • SocksOpt Add Rx/TxBuf Size Support.
  • Burst Observatory Measure connection quality to a significant amount of outbound at the same time. Thanks @qjebbs.
  • Multi Observatory Run more than one Observatory at the same time.
  • Router Load balancing strategy LeastLoad. Thanks @qjebbs.
  • Jsonv4 Additional representation format for Jsonv4 configure file format. This includes YAML, TOML. Thanks @qjebbs.
  • Jsonv4 General purpose merger for all configure formats. Thanks @qjebbs.
  • Shadowsocks Reduced IV Head Entropy Experiment. Thanks GFWReport and other collaborators.
  • CLI Reworked command line Interface. Thanks @qjebbs.
  • Developer Assistance Protobuf configure format reverse engineering.
  • Asset Search for assets in xdg data directories on non-windows platforms #1578 Thanks @NickCao.
  • DNS Feat: refine find IPs logic for DoH. Thanks @AkinoKaede .
  • gRPC Feat: make gRPC dialer accept socket config #1697 Thanks @dyhkwong

Fixes

  • Router Fixed a memory leak bug caused by requiring component.
  • FakeDNS Fix a concurrency issue in fakedns #1666 Thanks @yuhan6665 .
  • Jsonv5 Fix: context of DNS simplified config #1665 Thanks @AkinoKaede .
  • DNS Fix: fix failure of cache expired DNS record querying over DoH #1706 Thanks @KujouRinka.
  • DNS Fix: failure of cache expired DNS record querying over DoQ. Thanks @AkinoKaede .
  • Fix client dialer log #1568 Thanks @yuhan6665 @AkinoKaede @kslr.
  • Fix: net.Address type checking #1629 Thanks @1ocalhost
  • Fix "disable quit on connection interrupt" #1763 Thanks @dyhkwong
  • Fix TLS Client Certificate Verify Not Applied

Chores