v1.15.0-alpha.8

Identical to v1.15.0-alpha.7.

v1.15.0-alpha.7

Features

• Disable md5-asm and sha1-asm: shadowsocks/shadowsocks-crypto#16

v1.15.0-alpha.6

Features

• #860 sslocal statistic report supports TCP destination
• EXPERIMENTAL: AEAD-2022 Extensible Identity Headers
  • https://github.com/Shadowsocks-NET/shadowsocks-specs/blob/main/2022-2-shadowsocks-2022-extensible-identity-headers.md
• #876 Support switching users with -a command line options

Bug Fixes

• #856 sslocal with tun device support fixes bugs on Android

v1.15.0-alpha.5

Features

• "acl" and "outbound_fwmark" are available in configuration file

Enhancements

• #855 Properly handle IPv4-mapped-IPv6 addresses in UDP assocations
  • ssserver always convert IPv4-mapped-IPv6 addresses to IPv4 in UDP respond target addresses
  • sslocal
    • tun, socks5 always convert IPv4-mapped-IPv6 addresses to IPv4
    • redir always use IPv6 sockets for sending back packets
• #844 security-iv-printable-prefix removes rand for improving preformance

What's Changed

• update: remove rnd from security-iv-printable-prefix feature by @chuxi in #844
• Bump hyper from 0.14.18 to 0.14.19 by @dependabot in #851
• Bump jemallocator from 0.3.2 to 0.5.0 by @dependabot in #852
• Bump once_cell from 1.11.0 to 1.12.0 by @dependabot in #853
• Add instructions for Homebrew by @CourierKyn in #857
• Bump async-trait from 0.1.53 to 0.1.56 by @dependabot in #859
• Bump snmalloc-rs from 0.2.28 to 0.3.0 by @dependabot in #858

New Contributors

• @chuxi made their first contribution in #844
• @CourierKyn made their first contribution in #857

Full Changelog: v1.15.0-alpha.4...v1.15.0-alpha.5

v1.15.0-alpha.4

Features

• SIP002 Extended Format: Allowing unencoded user-info in URL, shadowsocks/shadowsocks-org#27 (comment)
• #818 Allow sslocal run without any servers, which will bypass all connections and packets
• #838 "password" is optional for none / plain method

Breaking Changes

• SIP022 AEAD-2022 TCP Protocol Format breaking changes: shadowsocks/shadowsocks-org#196 (comment)
  • Not compatible with v1.15.0-alpha.1, v1.15.0-alpha.2, v1.15.0-alpha.3

Bug Fixed

• AEAD-2022 TCP salt replay filter must be enabled
• UDP Associations will create only one dual-stack outbound socket
  • In the previous versions, it will create 2 outbound sockets for IPv4 and IPv6 target addresses

What's Changed

• Bump smoltcp from 0.8.0 to 0.8.1 by @dependabot in #840

Full Changelog: v1.15.0-alpha.3...v1.15.0-alpha.4

v1.15.0-alpha.3

Identical to v1.15.0-alpha.1, but removed depencency of nix on Linux and Android.

• nix-rust/nix#1719

v1.15.0-alpha.1

Features

• #811 AEAD-2022 protocol (SIP022)
  • WARN: This is still a draft protocol, use it at your own risk.
• #810 Manager standalone mode support bypassing ACL files

Miscelleneous

• UDP association channel size shrinked to 1024, which could save a lot of memory for each associations

What's Changed

• AEAD-2022 ciphers (new protocol) by @zonyitoo in #811
• Bump nix from 0.23.1 to 0.24.1 by @dependabot in #817
• Update build-release.yml to add popular armv7 build targets by @xiazuojie in #821
• Bump mimalloc from 0.1.28 to 0.1.29 by @dependabot in #825
• Bump thiserror from 1.0.30 to 1.0.31 by @dependabot in #826
• Bump notify from 5.0.0-pre.14 to 5.0.0-pre.15 by @dependabot in #827
• Bump serde_json from 1.0.79 to 1.0.80 by @dependabot in #828
• Bump clap from 3.1.12 to 3.1.14 by @dependabot in #829
• fix(docs): JSON config usage update by @NeverBehave in #831
• Bump clap from 3.1.14 to 3.1.15 by @dependabot in #833
• Bump serde_json from 1.0.79 to 1.0.81 by @dependabot in #832

New Contributors

• @xiazuojie made their first contribution in #821
• @NeverBehave made their first contribution in #831

Full Changelog: v1.14.3...v1.15.0-alpha.1

v1.14.3

Features

• Automatically bump RLIMIT_NOFILE on Unix (except Android)
  • golang/go#46279
  • http://0pointer.net/blog/file-descriptor-limits.html

What's Changed

• Remove (or make optional) some dependencies by @dlon in #798

New Contributors

• @dlon made their first contribution in #798

Full Changelog: v1.14.2...v1.14.3

v1.14.2

Features

• #788 sslocal SOCKS5 protocol supports RFC1929 Username/Password Authentication
  • SECURITY: This is insecured because (a) shadowsocks' SOCKS5 UDP Association doesn't require a dynamic port for each authorized clients (b) Username and passwords are sent in plain text.
• RustCrypto/ring-compat#79 HKDF-SHA1 uses ring's assembly implementation

Full Changelog: v1.14.1...v1.14.2

v1.14.1

Miscellaneous

• shadowsocks, shadowsocks-service crates upgraded to Rust Edition 2021.

Full Changelog: v1.14.0...v1.14.1