Update shadowsocks-rust to 1.9.0 #2622
Conversation
|
The i386 build seems to have problems with illegal instructions. I guess it's related to crypto2: https://github.com/shadowsocks/crypto2/blob/master/src/blockcipher/aes/x86.rs#L13 For some old x86 devices without AES instructions, we may need to disable the ASM here. To simplify the logic, we can totally disable assembly acceleration on armeabi and i386 build. |
|
I am still working on shadowsocks/shadowsocks-rust#326 , which is the actual v1.9.0. |
|
Okay, no hurry. |
|
@madeye 我想问题应该在这个文件里:https://github.com/shadowsocks/shadowsocks-rust/blob/master/.cargo/config.toml#L10 如果你为一些陈旧的处理器编译版本的话,那可能需要修改这个 RUSTFLAGS,把 AES 和 SSE2 去掉。 |
|
@LuoZijun We'd better separate x86 and x86_64 and enable aes and avx for x86_64 only. I'll try overwrite RUSTC flags in the Gradle config. |
|
不对,这应该是 Ring 的问题,因为 通过 Ring 的 https://github.com/briansmith/ring/blob/main/build.rs#L55-L60 |
|
It looks ring is still in a early stage. I see some similar issues for armv7 build: |
|
If we plan to switch to ring and crypto2 in the next release, we may need to remove the support of armv7 and x86. |
|
I think you might be heavily underestimating how popular 32-bit systems are due to memory constraints. |
|
Guess we need a LTS branch from shadowsocks-rust built with openssl and libsodoum... Or we should find a way to disable AES and AVX for x86 and armv7 target. |
Maybe we could simply disable |
It's a good idea. |
|
BTW, is there any way to optimize the memory usage for ACL. I observed very large memory usage from the previous release. The memory usage easily reaches to 200M in several minutes after the startup. I suspected it's related to the regex we're using now. Maybe we should move to wildcard rules to solve this issue. |
|
@madeye Make a separate thread? Has the issue been here since the beginning? |
Yes. I have also noticed that on my RPI. Regex rules matching is very CPU consuming, which results in very high latency on ARM devices. |
madeye
force-pushed
the
update-shadowsocks-rust
branch
4 times, most recently
from
990fe57
to
37bee29
Compare
madeye
force-pushed
the
update-shadowsocks-rust
branch
2 times, most recently
from
2a43d27
to
9bb65f3
Compare
|
Is it possible to provide local DNS resolver with common TCP & UDP sockets? That would make a lot easier to reuse those existed DNS resolvers. Connecting to Unix Sockets requires a little bit nasty customization to trust-dns-resolver. :( Because by definition, all DNS servers could be identified by Android could listen to a localhost port, say NOTE: I just look deep into how trust-dns-resolver handles DNS requests and responses. It contains quite a lot details that we didn't cover in dns-relay implementations. So I suggest to reuse this library:
|
madeye
force-pushed
the
update-shadowsocks-rust
branch
from
9bb65f3
to
016b5b3
Compare
The key issue is that Android is currently using an unix socket as local DNS resolver, which is not compatible with common DNS libraries. Usually these libraries contains lots of useful tools, like
|
|
@zonyitoo I suggest we keep the current RPC like local resolver for Android app. Actually, the local resolver provided by shadowsocks-android is just a wrapper of Android's API: https://developer.android.com/reference/java/net/InetAddress#getAllByName(java.lang.String). We have no plan to implement a real local DNS resolver in Kotlin or Java. We expect all the local resolver logic would be moved to shadowsocks-rust one day. It's not an easy task, as we need to find a way to call this API from shadowsocks-rust: https://developer.android.com/ndk/reference/group/networking#group___networking_1ga0ae9e15612e6411855e295476a98ceee |
|
@zonyitoo What's the release plan for shadowsocks-rust 1.9.0? I guess including tokio 1.0 in 1.9.0 is too risky? |
It should include tokio v1.0. Because it is almost equivalent to v0.3. All libraries out there held and waited for this final and long term support release. |
It looks not working. All local DNS queries are dropped.
Okay. |
This command line option is also required. |
|
Okay, it works now. |
madeye
force-pushed
the
update-shadowsocks-rust
branch
from
122ed26
to
43edaba
Compare
|
Great. Did you delete those code before test? |
Yes |
|
BTW. On the latest master branch, I have made some modifications about dns-relay: For remote DNS queries, it sends TCP and UDP queries simutaneously. But TCP queries send about 500ms ~ 1.5s after UDP. https://github.com/shadowsocks/shadowsocks-rust/blob/9bc90cc59bc9a1fe61cdab47648c02b055878e5a/crates/shadowsocks-service/src/local/dns/server.rs#L633-L670 |
https://github.com/bbqsrc/cargo-ndk :P |
|
@zonyitoo BTW, the local resolver is UDP only. So we need to make the UDP local resolver always enabled even in TCP only mode. |
Maybe we can control the local and remote DNS protocols? For example, |
madeye
force-pushed
the
update-shadowsocks-rust
branch
from
43edaba
to
016b5b3
Compare
|
Moved to DNS changes to #2635 |
madeye
force-pushed
the
update-shadowsocks-rust
branch
from
016b5b3
to
1b27bee
Compare
That's a good idea. But for general cases, a DNS server must provide both UDP and TCP services. trust-dns won't create the TCP stream if UDP queries are alway succeeded. |
* upgrade to tokio v1.0 - removed tokio::prelude - upgrade hyper to v0.14, tokio-rustls to v0.22 still working on migrating trust-dns-* and tokio-native-tls ref #354 * tokio v1.0 removed with_poll fix #355, ref #354 * removed CTRL-BREAK signal handler ref #354 * fixes compliation error, add missing return fixes #355 * allow setting SO_SNDBUF and SO_RCVBUF for sockets ref #352 * completely removed unix socket based DNS resolving ref shadowsocks/shadowsocks-android#2622 * fix build issue on Windows * fixed uds poll_write loop, fixed udp outbound loopback check ref #355 * disable default trust-dns resolver for andorid, macos, ios This commit also: - Optimized resolve() logging with elapsed time - updated tokio-native-tls * local-dns removed from default features * fix rustc version with rust-toolchain * Bump bytes from 0.6.0 to 1.0.0 * add dependabot badge * indirectly depend on trust_dns_proto via trust_dns_resolver * auto reconnect if udp sendto failed * recreate proxied socket if recv() returns failure * increase score precision to 0.0001 * example of log4rs configuration * PingBalancer instance shouldn't kill probing task when dropping - Probing task should be controlled by the internal shared state * switch to trust-dns main for latest tokio 1.0 support
|
@madeye 这个 PR 在依赖 tokio 的依赖项还没有兼容 tokio 1.0 的时候就合并了,我在想是不是应该再更新一次 git submodule |
Incorrect. On latest Android versions, we use per-Network resolving APIs. Will open a separate issue about UDS later. |
* Allow user to keep data when uninstalling (shadowsocks#2506) * Update README.md * Update dependencies * Add cargo clean task * Enable LTO * Speed up rebuild * Update issue templates with labels * Update dependencies * Fix output name second attempt * Update NDK * Ensure cargoBuild is ran before mergeJniLibFolders * Bump version * Refine release build process * Refine gradle files * Add RUST_BACKTRACE * Use rethrowAsSocketException * Suppress write errors to protect_path * Update shadowsocks-rust * Bump version * Improve accessibility * Rename cipher plain to none * Revert "Add RUST_BACKTRACE" This reverts commit fdff88e. ndk-stack should be used instead. * Use cp.cloudflare.com for connectivity test Credits: https://www.v2ex.com/t/656983#r_8748918 * Update dependencies * Remote DNS setting is enabled unconditionally * Show more information on conflicting plugins Because one of you feckers just cannot learn to be decent. * Add support for PTR queries * Prevent querying PTR on custom Network * Suppress network unspecified exceptions * Handle IOException while reading * Refine handling duplicate plugins * Use any address as default DNS * Suppress EACCES for ProtectWorker * Clean up unused code * Do not suppress IOException * Disable UDP relay if plugin is enabled and no fallback * Remove unnecessary isExperimental * Update dependencies * Fix unchecked cast * Do not use WorkManager in device storage * Remove unnecessary directBootAware overloading * Suppress BadConfigurationProvider * Disable RemoveWorkManagerInitializer lint for apps * Update to Android 11 beta 1 * Request QUERY_ALL_PACKAGES for mobile * Refine code style * Fix ambiguous coroutineContext * Downgrade coroutines * Update dependencies * Deprecate using Handler * Fix shadowsocks#2546 * Only match exported plugins * Update dependencies * Update dependencies * Migrate to ML kit for scanning QR code Fixes shadowsocks#2548. * Make scanner immersive * Lock orientation to prevent camera recreation * Fix missing Serializable declaration * Add missing serialVersionUID * Update dependencies * Partially migrate to ActivityResultContracts AlertDialogFragment will be migrated after the API goes stable. * Add ActionBar to oss activity * Add ActionBar to details activity * Refine Scanner * Bump version * Update dependencies * Suppress cancellation exceptions * Skip processing if EOS is reached * Refine PTR compat * Fix shadowsocks#2557 * Fix shadowsocks#2562 * Update Android gradle * Set VPN flag properly Refine shadowsocks#2562. * Drop support for Android Lollipop * Update dependencies * Remove UDP upstream DNS support. Fix shadowsocks#2564 shadowsocks#2518 * Update shadowsocks-rust * Update dependencies * Decouple main dependencies from plugin lib * Simplify code * Add missing type * Update dependencies * Deprecate old backup mechanism for Android 5- * Update leanback theme to appcompat * Use singleTask launchMode * Fix build * Bump version * Update dependencies * Update dependencies * Bump plugin lib version to 2.0.0 * Add isV2 to PluginManager.InitResult * Pass a value with the VPN option, if plugin version < 2.0 * Switch to __android_vpn * Remove unnecessary parentheses * Update shadowsocks-rust * Bump version * Clean up and bump version * Revert camera-view back to alpha17 * Bump version * Update dependencies * Migrate away from deprecated APIs with core 1.3.0-alpha05 * Clean up code * Refine code style * Remove old ciphers. Fix shadowsocks#2621 * Enable single-threaded * Update shadowsocks-rust to 1.8.23 * Use Parcelize for TrafficStats * Fix platform insets on API 29- * Fix shadowsocks#2623 * Update barcode-scanning * Fix shadowsocks#2571 * Refine error message * Refine shadowsocks#2571 * Limit open sockets to 256 in UDP association. Fix shadowsocks#2625 * Bump version * Fix little problem of profile switching * Update shadowsocks-rust to 1.9.0 (shadowsocks#2622) * Fix shadowsocks#2638 * Bump version * Switch to local UDP DNS resolver (shadowsocks#2635) * Switch to the local UDP DNS resolver * Update shadowsocks-rust * Revert the rustup commands * Fix shadowsocks#2642 * Fix the ByteBuffer allocation * Update shadowsocks-rust * Revert to local UDS resolver Fix shadowsocks#2650 * Check deprecated ciphers (shadowsocks#2651) * Bump version * Fix shadowsocks#2301 * Bump version * Remove the non-ietf chacha20 and salsa20 ciphers * Fix shadowsocks#2665 * Update dependencies * Fix deprecation of kotlin extensions * Remove unused gcm work library for API 23+ * Use work-multiprocess * Refine code style * Update dependencies (shadowsocks#2672) * Update dependencies * Refine code style * Bump gradle to 6.8.2 * Drop packet if out of buffer * Refine error message * Enlarge the buffer size of a UDP connection * Bump version * Ignore all exceptions whilst updating subscriptions * Refine the JSON config file for ss-rust 1.10 * Refine the code style * Update shadowsocks-rust to v1.10.3 * Fix shadowsocks#2679 * Update dependencies Fixes shadowsocks#2699. * Fix deprecation of adapterPosition * Bump plugin to 2.0.1 * Migrate AlertDialogFragment to fragment result API * Remove useless dependency update * Migrate the rest to fragment result API * Remove unused field * Prevent crashing on shitty ROMs * Add search tool for profiles (shadowsocks#2682) * Suppress logging unsupported query type errors * Ignore if connection was prematurely closed * Use default udp_timeout=300 instead Refine shadowsocks#2625. * Mark underlyingNetwork as volatile Attempts at addressing shadowsocks#2667. * Fixed required targetFragments for preference * Downgrade gradle plugin * Update shadowsocks-rust and add back some ciphers Fix shadowsocks#2705 and shadowsocks#2663. * Update dependencies * Check plugin properly Fix shadowsocks#2667. * Check crypto before init * Make code style more Kotlin * Update core and remove workaround * Refine search to respect locale * Double fixes touch target * Resolve server name dynamically always (shadowsocks#2731) Fixes shadowsocks#2722. * Bump version * Downgrade fragment to 1.3.2 Fixes shadowsocks#2733. * Make plugin library depend on minimum version instead * Enable Parallel GC * Set useLegacyPackaging * Update the maven publish plugin (shadowsocks#2734) 1. Remove the unnecessary custom URL 2. Replace jcenter with mavenCentral * Handle illegal profiles properly * Fix windows build failed shadowsocks#2666 shadowsocks#2711 * Allowed build under msys2 or cygwin * Update dependencies * Bring back semitransparent TV app via build variants (shadowsocks#2741) This creates two variants for tv, freedom containing the original design, and google containing one matching Google's nonsense guideline. The former should be published on GitHub and elsewhere. Revert "Revert "Revert "Revert "Revert "Make app fullscreen to match guidelines""""" This reverts commit 0c67ac6. * Fix typo * Show full proxied apps mode to compensate for missing title * Use MaterialAlertDialogBuilder * Add progress indicator to ServiceButton * Remove elevation from progress * Only show progress for connecting * Only show progress when connecting is taking too long * Bump version * Update dependencies * Update sdk to S * Use registerBestMatchingNetworkCallback * Use OsConstants.ENONET * Deal with new requirements * Use main thread for default network callback on API 26+ * Remove unused code * Fix duplicate authentication * Update dependencies * Bump version * More stupid Android 6 bugs * Update dependencies * Downgrade leanback-preference * Update to API 31 * Remove STORAGE permission on Android 10+ * Update dnsjava * Ensure that redirects are always followed Fixes shadowsocks#2786, shadowsocks#2791. * Update dependencies * Update to AGP 7.0.2 * Fix lint * Update dependencies * Fix shadowsocks#2803 * Remove extra file * v5.2.6 * Revert "Show full proxied apps mode to compensate for missing title" This reverts commit d21cf7b. Fixes shadowsocks#2806. * Add linkedin.com to gfwlist * Fix Codacy badge * Update dependencies * Update .gitignore ignore DS_Store * Just to satisfy the obsessive-compulsive disorder :-) * Update shadowsocks-rust Update rust dependency * add new ciphers feature, and reorder cipher name * Modify acl rules * Update config.yml try to fix up the rust build error * enable armv8, neon feathures for hardware acceleration. * Fix the missing springAnimator * Update shadowsocks-rust to v1.15.0-alpha.5 * Bump version * Update translations Fixes shadowsocks#2867. * Add German and Ukrainian translations * Misc fixes * Fix order * Use system resolver * Update dependencies * Declare POST_NOTIFICATIONS * Protect sensitive profile information when copied * Add support for monochrome icons (not recommended) * Declare supported languages * Require authentication for closing service * Support skipping animation in StatsBar * Downgrade AGP * Misc fixes * Turn on fun switch * Remove useless code * Bump version * Fix the compile error shadowsocks#2930 (shadowsocks#2935) Make checking python version code compatible with windows and *nix Redefine the python version detection code Co-authored-by: Mygod <[email protected]> Co-authored-by: Mygod <[email protected]> Co-authored-by: Max Lv <[email protected]> Co-authored-by: cyber386 <[email protected]> Co-authored-by: Goooler <[email protected]> Co-authored-by: SquallATF <[email protected]> Co-authored-by: dev4u <[email protected]>
No description provided.