Skip to content
  • v4.31.0
  • 1f70185
  • Compare
    Choose a tag to compare
    Search for a tag
  • v4.31.0
  • 1f70185
  • Compare
    Choose a tag to compare
    Search for a tag

@kslr kslr released this Oct 10, 2020

Warning

  • Remove Shadowsosks OTA
  • Compiling v2ray-core requires Go 1.15+

Fixes

  • Fix Trojan inbound access log

Features

Refactor

  • VLESS fallbacks & XTLS other improvements
  • Stats: Implements blocking/non-blocking messaging of Channel. @Vigilans

Chores

Build and compiling

  • Compiler uses gccgo, remove flags gcflags and asmflags
  • Make builds reproducible

Notice

The project gets rid of GOPATH mode entirely from now on. Use Git and go mod command as your first choice while developing.
For more information, visit:

Download: https://github.com/v2fly/v2ray-core/releases/tag/v4.31.0

Assets 2
  • v4.28.2
  • 20926be
  • Compare
    Choose a tag to compare
    Search for a tag
  • v4.28.2
  • 20926be
  • Compare
    Choose a tag to compare
    Search for a tag

@kslr kslr released this Sep 18, 2020 · 100 commits to master since this release

Fixes

Routing Context: Fix GetUser() & Use string for Attributes Value. @Vigilans
Fix the coarse-grained mutex in HTTP outbound. @darhwa

Chores

Support disable VMessAead by os environ. @wwqgtxx
Fix and refine workflows. @Loyalsoldier

Assets 52
Release 66.2 KB
Release.dgst 295 Bytes

@kslr kslr released this Sep 2, 2020 · 176 commits to master since this release

Features

Parse X-Forwarded-For in http transport @lucifer9

Fix

Fix according to staticcheck result @Loyalsoldier
Fix: Bound check when accessing DNS server's ipIndexMap @Vigilans
Refine code @Loyalsoldier

⚠️ VMess AEAD will be used when alterId is 0 in V2Ray v4.28.0+

Assets 52
Release 66.2 KB
Release.dgst 295 Bytes
  • v4.27.0
  • 90a61a5
  • Compare
    Choose a tag to compare
    Search for a tag
  • v4.27.0
  • 90a61a5
  • Compare
    Choose a tag to compare
    Search for a tag

@kslr kslr released this Aug 6, 2020 · 303 commits to master since this release

Feature

Fix

  • Shadowsocks supports cipher as None @yuhan6665
  • Add access log for Dokodemo inbound @lucifer9
  • Some typo fixes @DuckSoft
  • Fix the error of missing curl in Dockerfile @kallydev
  • GitHub Actions push to docker hub @kallydev
  • Optimize SO_REUSEPORT implementation @Vigilans
  • DOH supports HTTP/2 @darhwa
  • Apply Sockopt from inbound config to Dokodemo Tproxy response connection @Vigilans

Breaking Change

  • VMessAEAD has been updated and needs both client and server to be the same version for it to work.
  • Release file structure changes.

⚠️ VMess AEAD will be used when alterId is 0 in V2Ray v4.28.0+

Assets 53
Release 71.4 KB
Release.dgst 295 Bytes
  • v4.26.0
  • 4bb3e4e
  • Compare
    Choose a tag to compare
    Search for a tag
  • v4.26.0
  • 4bb3e4e
  • Compare
    Choose a tag to compare
    Search for a tag

@kslr kslr released this Jul 8, 2020 · 369 commits to master since this release

Updates

  • V2Fly’s signing infrastructure has been revised. You can from now on verify V2Fly’s release with the “Release” signed manifest file with v2ctl.

  • VMessAEAD has been updated to rely more on AEAD.

  • Outbound traffic accounting API. Thanks @yuhan6665

  • HTTP outbound can now handle HTTP2 over TLS, HTTP 1.1 over TLS in addition to HTTP 1.1 proxy traffic. Thanks @darhwa

  • ARM release will from now on have an explicit version in it. Thanks @rprx

  • V2Ray will from now on generate Windows 32 ARM binary release.

  • Minor code tidy up. Thanks Roger Shimizu.

  • Minor code tidy up. Thanks @agioi

  • Fix crash when the client supplied an invalid domain name to DoH. Thanks @DuckSoft

Breaking Change

  • VMessAEAD has been updated and needs both client and server to be the same version for it to work.
Assets 45
  • v4.25.1
  • c5a3306
  • Compare
    Choose a tag to compare
    Search for a tag
  • v4.25.1
  • c5a3306
  • Compare
    Choose a tag to compare
    Search for a tag

@kslr kslr released this Jun 23, 2020 · 434 commits to master since this release

Fix

Improve ARM platform stability. Thank @gitgayhub @rprx and other testers

Assets 40
  • v4.25.0
  • 3628ca4
  • Compare
    Choose a tag to compare
    Search for a tag
  • v4.25.0
  • 3628ca4
  • Compare
    Choose a tag to compare
    Search for a tag

@kslr kslr released this Jun 19, 2020 · 452 commits to master since this release

Fix

  • Further remove the identity leakage with TLS ClientHello from #2521 thank @darhwa

  • Fix UDP stability issue in Socks5 inbound, Shadowsocks inbound, and Dokodemo( TProxy ) inbound. This should alleviate unnecessary CPU, memory usage, and premature disconnection issue typically triggered by playing games, video conference, and Torrenting. See #2565
    thank @JimHan75d8c5 @xiaokangwang and Other testers @1265578519 @zhj9709 @Kylejustknows etc

  • Added ARM v5 binary in the release. This should allow legacy ARM devices to run V2Ray correctly. See #2536

Breaking Changes

  • The file structure for ARM release files has changed.
Assets 40
  • v4.24.2
  • f9935d0
  • Compare
    Choose a tag to compare
    Search for a tag
  • v4.24.2
  • f9935d0
  • Compare
    Choose a tag to compare
    Search for a tag

@kslr kslr released this Jun 10, 2020 · 465 commits to master since this release

New Functions

  • VMess's new header format experiment begins. You can now enable VMessAEAD to be better protected. Documents EN CH are updated. See extra-VMessAEADdoc.zip for a more detailed explanation available in both Chinese and English.

  • mKCP can now be encrypted to resist recognition, address issue mentioned in #2530 #2253 #2131. Documents EN CH are updated.

Breaking Changes

  • To slow down certain replay attacks, taint mechanic for VMess MD5 authentication data is introduced. Unless the server is under attack, a well-behaved client is not influenced. Pay attention to this change if you are designing a "V2Ray Panel", "Airport" or "V2Ray Service Provider". Documents EN CH are updated.

Minor fixes from v2fly/v2ray-core#12 v2fly/v2ray-core#10 included.

  • Updated Golang tool-chain. Thanks @rprx
  • LocalAddr() in UDP workers will now return correct local addr. Thanks @zhuobixin

About AV warnings

We are aware some anti-virus software detects V2Ray as malware, which it isn't, but we can't afford to pay the fee needed to make them not detect V2Ray as malware. Microsoft's AV detects V2Ray as "Trojan:Win32/Wacatac.C!ml" , "Program:Win32/Wacapew.C!ml" each time we release a new version, and I have to manually contact them each time to remove it from the malware database. If you have more information to report please leave them here. These AVs are known to generate false-positive results: "Microsoft", "McAfee", "Cylance", "Symantec", "F-Secure", "SecureAge APEX", "Cybereason", "Cynet", "MaxSecure", "F-Secure", "Avira", "AVAST", "AVG", "Rising"(瑞星).

Assets 41

@nicholascw nicholascw released this Jun 3, 2020 · 488 commits to master since this release

Fix

  • Issued further fixs for VMess weakness described in #2523 #2539
  • Issued a fix for Fake HTTP Header weakness described in #2537

Breaking Changes

  • For VMess connections, clients cannot rely on servers to indicate issues in connectivity or password mismatch by closing connection. Well behaved clients are not influenced.
  • For VMess servers, it is not recommended to change UUID frequently as VMess will procedurally generate its connection drain and close pattern based on UUID it has when the first connection arrives. This is very unlikely to influence users that are using V2Ray as a standalone software. However, for those dynamically add and remove UUID, it is recommended to connect to V2Ray's port immediately after starting it before adding more UUIDs with API and make sure there is at least one UUID in the configure file even if you plan to add more later.
  • For users using Fake HTTP Header, it is necessary to keep clients and servers synchronized on fake HTTP header settings, and assign a path with sufficient entropy. From now on, if the request path is not expected, the server will abort the connection.
  • Server will by default wait 60 seconds for the handshakes to complete before closing the connection instead of 4 seconds. This may increase server load if the server is under a DDoS attack. This allows the server to blend into normal TCP servers better and its benefit is significantly higher than potential downsides. This behavior is tweakable with the configure file.

Security Advisory

  • From now on, the VMess protocol will drain any unrecognized or invalid connection based on procedurally generate connection drain and close patterns. It can neutralize all known "replay and observe close" attacks. The base drain size and drain size jitter will be generated based on UUID a VMess inbound have when the first connection arrives. For each server, these values will be different and remain constant for that server. The attacker will not be able to aggregate results in order to identify server identity. If you have multiple VMess inbounds on the same host, the protection offered by procedurally generated connection drain and close patterns will be slightly encumbered.
  • Fake HTTP Header will from now on imitate standard HTTP server behavior better and is able to significantly hindrance active probing. However, it is only designed to circumvent ISP's QoS, rate limiting, throttling, and sabotage of unrecognized connection. For an attacker with privileged access to network path, Fake HTTP Header does not offer adequate protection against specialized detection or manual inspections by attackers with special tools and knowledge.

A Request for Users and Client Authors

Please refer to https://github.com/v2fly/v2ray-core/releases for further updates instead of the V2Ray release page. Currently, update in V2Fly will be mirrored to the V2Ray release page but this will NOT continue indefinitely.

Assets 40

@nicholascw nicholascw released this Jun 1, 2020 · 509 commits to master since this release

Fix

  • Issued an emergency fix for VMess weakness described in #2523

This fix can significantly hindrance attack based on the weakness described. Only servers need to be updated to apply this emergency fix, it not expected for well-behaved clients to be influenced. A more permanent solution is underway.

Assets 40
You can’t perform that action at this time.