shadowsocks-rust (1.21.2) unstable; urgency=medium ## Bug Fixes - #1730 `local-http`: HTTP Client removes Authority from Request URI only for HTTP/1.x shadowsocks-rust (1.21.1) unstable; urgency=medium ## Bug Fixes - #1730 `local-http`: The URI field in HTTP Request sent from `sslocal` should only contain path and query. ## Miscellaneous - #1702 Debian package build removes dependency of `pwgen` shadowsocks-rust (1.21.0) unstable; urgency=medium ## Features - #1641 `shadowsocks`: `ProxySocket` supports generic I/O socket type - #1567 `shadowsocks-service`: Support OpenBSD Packet-Filter (pf) shadowsocks-rust (1.20.4) unstable; urgency=medium ## Features - #1616 `local`: Allow configuring SOCKS5 `UDP_ASSOCIATE` address - #1607 Published in MacPorts: https://ports.macports.org/port/shadowsocks-rust/ - #1613 `ProxyServerStream::from_stream` made public ## Bug Fixes - #1612 `server`: Properly exit server instance if any of the sub-tasks exited shadowsocks-rust (1.20.3) unstable; urgency=medium ## Features - `local`: Ping Balancer scores replaced standard deviation with median absolute deviation, which should help focusing less on outlying observations in latency samples. ## Bug Fixes - #1589 `local-tun`: Removes linking to [`SetInterfaceDnsSettings`](https://learn.microsoft.com/en-us/windows/win32/api/netioapi/nf-netioapi-setinterfacednssettings) on Windows shadowsocks-rust (1.20.2) unstable; urgency=medium ## Features - #1560 PingBalancer check Firefox portal allowing `200` HTTP status shadowsocks-rust (1.20.1) unstable; urgency=medium ## Bug Fixes - `local-online-config`: SIP008 auto reload configuration task will add online servers without replacing the existed ones. This bug will eventually cause `sslocal` consumes too many memories and get OOM killed. Users are encourage to update to this version if using 1.19.4 to 1.20.0. ## Features - `shadowsocks-service`: Updated [`rustls`](https://crates.io/crates/rustls) to v0.23 with [`ring`](https://crates.io/crates/ring) backend. - `local-redir`, `server`: Better approach to check current platform IP stack capabilities like Go (IPv4, IPv6, IPv4-mapped-IPv6 supports). - Explicitly enable dual-stack if listen addresses (`server`, `local_address`) are IPv4-mapped-IPv6, by setting `IPV6_V6ONLY=0`. shadowsocks-rust (1.20.0) unstable; urgency=medium ## Breaking Changes - #887 shadowsocks stream cipher (`TABLE`) doesn't need to make a derived key instead of using user's predefined key directly. This change will make shadowsocks-rust not going to be compatible with its older version. Users who are using `TABLE` cipher should upgrade all your local and server instances to the latest version of shadowsocks-rust. On the other hand, `TABLE` cipher is marked deprecated because it is vulnerable, users **must** migrate to other more secured methods immediately. shadowsocks-rust (1.19.4) unstable; urgency=medium ## Features - `local-online-config`: Making HTTP requests with `local-http`'s HttpClient implementation, mainly for supporting `outbound_*` socket configurations. ## Miscellaneous - Fixed build failures on some platforms. shadowsocks-rust (1.19.3) unstable; urgency=medium ## Breaking Changes - Feature `dns-over-h3` moved from feature `full` to `full-extra`. DNS over H3 is still an experimental feature. - `local-fake-dns`: Disabled compression (zstd), which seems to be deprecated by [`sled`](https://crates.io/crates/sled). ## Features - `local-online-config`: Set 30s timeout for update HTTP requests. shadowsocks-rust (1.19.2) unstable; urgency=medium ## Bug Fixes - `local-tun`: `tun2` handles IP packet information automatically. shadowsocks-rust (1.19.1) unstable; urgency=medium ## Features - Rollback `rustls` to v0.22, v0.23 first introduced `aws-lc` as the default crypto implementation, but it cannot be built on some targets if there are still older versions of `rustls` in the dependency tree. - `local-tun`: Switch from `tun` to `tun2`, which is a fork of `tun`. `tun` seems to be abandoned. ## Bug Fixes - #1539 `local-fake-dns`: Query Response Message has to include the original Query and flags. shadowsocks-rust (1.19.0) unstable; urgency=medium ## Features - #302 `sslocal` support SIP008 Online Configuration. Pull `servers` from remote servers automatically. (Experimental) - Add `basic`, `full`, `full-extra` features makes building command line arguments shorter ## Bug Fixes - #1525 Check `"users"` in server configuration if `method` doesn't support AEAD-2022 EIH. - #1528 Fixed FreeBSD build. ## Miscellaneous - Snap: Add alias names like `sslocal`, `ssserver`, ... - `local-tun` feature could be enabled even if target platform is not supported. ## BREAKING - Minimal Supported Rust Version (MSRV) is v1.74 shadowsocks-rust (1.18.4) unstable; urgency=medium ## Features - #1495 Binaries support `--plugin-mode` command line argument - `local-tun` is enabled by default for Windows targets in CI builds ## Bug Fixes - #1516 `local-dns` UDP client support AEAD-2022 protocol properly shadowsocks-rust (1.18.3) unstable; urgency=medium ## Features - #1466 Support `outbound_fwmark` in server side to split outbound tunnel - #1467 Default build for `*-windows-*` targets includes `sswinservice` - `local-fakedns`: Add a basic implementation of Fake-DNS, which will allocate IPs from pool for DNS queries. This experimental feature could be useful when using `local-tun`, `local-redir` or other features that could only receive IP destinations, the domain name that is resolved by the Fake-DNS will be translated from IP back to domain name when connecting to the remote. - #1500 Add `launchd_udp_socket_name`, `launchd_tcp_socket_name` to basic config format ## Bug Fixes - Fixed build on OpenBSD - #1491 Fixed per-server outbound options not taking effect - #1509 `local-tun` TCP socket creation made non-blocking shadowsocks-rust (1.18.2) unstable; urgency=medium ## Features - `local-tun`: Support `tun_interface_destination` configuration key ## Bug Fixes - `local`: macOS launch activate sockets set non-blocking shadowsocks-rust (1.18.1) unstable; urgency=medium ## Features - Default logging framework changed to [`tracing-subscriber`](https://crates.io/crates/tracing-subscriber), which: - Support libraries that log with both [`tracing`](https://crates.io/crates/tracing), and [`log`](https://crates.io/crates/log). - NOTE: `--log-config` parameter will apply only to [`log4rs`](https://crates.io/crates/log4rs), which doesn't support the `tracing` framework. ## Bug Fixes - #1425 Enable `EDNS(0)` by default for hickory-dns resolver. ## NOTE - [`clap`](https://crates.io/crates/clap) upgraded MSRV (Minimal Supported Rust Version) to v1.74 since v4.5.0. This project will have to stay in v4.4 until the next major release. -- ty Sun, 18 Feb 2024 22:05:00 +0800 shadowsocks-rust (1.18.0) unstable; urgency=medium Mostly identical to v1.17.2, except that: - Minimal Supported Rust Version (MSRV) upgraded from v1.64 to v1.71 - #1259 Fixed Snapcraft build. `base` changed to `core22`, auto-build architecture changed to [`arm64`, `amd64`, `armhf`] - #1426 MIPS targets removed from release build, because MIPS targets are now downgraded to TIER 3 -- ty Thu, 08 Feb 2024 00:00:00 +0800 shadowsocks-rust (1.17.2) unstable; urgency=medium ## Features - `local`: `socks` local server will support SOCKS5, SOCKS4a, HTTP proxy protocols when `local-http`, `local-socks4` features are enabled - `local`: Support setting `udp_mtu` in configuration file to actively reject `packet.size > MTU` ## Bug Fixes - #1378 dns-over-tls/https with rustls add dependencies to certs - #1381 Set the incoming socket buffer sizes properly on the listen socket - #1414 TUN synchronize SYN packet and Socket creation shadowsocks-rust (1.17.1) unstable; urgency=medium ## Features - #1330 `local`: Support macOS launch activate socket (https://developer.apple.com/documentation/xpc/1505523-launch_activate_socket) - #1357 `local`: Upgrade hyper (https://crates.io/crates/hyper) to v1.0 ## Bug Fixes - #1328 `run_as_user` aborts if any error occurs ## Miscellaneous - Minor improvements for `local-tun` on Windows - Upgrade `shadowsocks-crypto` that supports `sm4-gcm`, `sm4-ccm` non-standard AEAD ciphers shadowsocks-rust (1.17.0) unstable; urgency=medium ## Features - Trust-DNS is rebranded to Hickory-DNS https://github.com/hickory-dns/hickory-dns/releases/tag/v0.24.0 - Experimental: Support DNS-over-H3 (Try with configuration `"dns": "google_h3"` and compile with feature `"dns-over-h3"`) - #1319 Allow configuring `local-dns` client cache size - Experimental: `local-tun` supports Windows with [Wintun](https://www.wintun.net/) shadowsocks-rust (1.16.2) unstable; urgency=medium ## Features - `ssurl`: #1287 Support SIP008 links - `ssserver`: #1293 Disable UDP dual-stack outbound socket when IPv6 is not supported - `sswinservice`: #1292 Support Windows Service shadowsocks-rust (1.16.1) unstable; urgency=medium ## Bug Fixes - #1285 [Regression fix] local DNS uses mode `tcp_and_udp` by default shadowsocks-rust (1.16.0) unstable; urgency=medium ## Features - `local-redir`: #1159 Linux Redirect (TCP) supports dual-stack listener - #1156 Support Multipath-TCP - DNS resolver (with `trust-dns` enabled) support outbound socket configurations, like `outbound-fwmark`, `outbound-bind-addr`, ... - #1127 Support SIP003u, UDP plugins - #1185 Support creating servers with builder pattern to allow users to retrieve the actual listening address of the server listeners - #1204 Support reading default configuration files `local.json`, `server.json` and `manager.json` - #1229 Support configuring DNS cache size with `--dns-cache-size` in command line options and `dns_cache_size` in configuration file - #1266 Support Network Adapters' `FriendlyName` on Windows in `outbound_bind_interface` ## Bug Fixes - #1239 Fixed misaligned read in shadowsocks' socks5 protocol implementation. It may cause panics compiled by rustc newer than 1.68. - #1234 PingBalancer shouldn't check TCP mode by default - #1221 Compatible with Linux Kernels that doesn't support `IP6T_SO_ORIGINAL_DST` - #1254 Fixed Tree-Rule detector for REGEX rules that ends with `$` ## Miscellaneous - Docker: #1149 Changed binary path to `/usr/bin` from `/usr/local/bin` preventing being overwritten by K8S mount - Snap: Add `network-control` plug for `tun` protocol -- ty Sat, 27 Aug 2023 00:20:00 shadowsocks-rust (1.15.4) unstable; urgency=medium ## Bug Fixed - #1239 Fixed misaligned read in shadowsocks' socks5 protocol implementation. It may cause panics compiled by rustc newer than 1.68. shadowsocks-rust (1.15.3) unstable; urgency=medium ## Features - local-tun: Support `tun_interface_destination` for configuring Tun device's destination address - Support `outbound_fwmark`, `outbound_user_cookie`, `outbound_bind_interface` and `outbound_bind_addr` in configuration file ## Bug Fixed - local-tun: #1138 Fixed TCP state management - local-redir: #988 UDP compatible with Linux < 2.6.37 (without `IPV6_TRANSPARENT`) - manager: #1101 Set missing `ipv6_first` for servers ## Miscellaneous - Snap: #1088 Disable Snap daemon by default shadowsocks-rust (1.15.2) unstable; urgency=medium ## Bug Fixes - #1060 ACL supports checking IPv4-mapped-IPv6 addresses with IPv4 rules ## Miscellaneous - Code style and potential bug fixes with clippy check shadowsocks-rust (1.15.0) unstable; urgency=medium ## Features - #811 AEAD-2022 protocol ([SIP022](https://github.com/shadowsocks/shadowsocks-org/issues/196)) - WARN: This is still a draft protocol, use it at your own risk. - SIP002 Extended Format: Allowing unencoded user-info in URL, https://github.com/shadowsocks/shadowsocks-org/issues/27#issuecomment-1124853747 - #810 Manager standalone mode support bypassing ACL files - #818 Allow `sslocal` run without any `servers`, which will bypass all connections and packets - #838 `"password"` is optional for `none` / `plain` method - redir-local: Enable dual-stack support on Linux (TProxy) and FreeBSD - Disable `md5-asm` and `sha1-asm`: https://github.com/shadowsocks/shadowsocks-crypto/issues/16 - `"acl"` and `"outbound_fwmark"` are available in configuration file ## Miscellaneous - shadowsocks/shadowsocks-org#204 Remove `security-iv-printable-prefix` experimental feature - Upgrade [clap](https://crates.io/crates/clap) to v4.0. - UDP association channel size shrinked to 1024, which could save a lot of memory for each associations ## Enhancements - #855 Properly handle IPv4-mapped-IPv6 addresses in UDP assocations - `ssserver` always convert IPv4-mapped-IPv6 addresses to IPv4 in UDP respond target addresses - `sslocal` - `tun`, `socks5` always convert IPv4-mapped-IPv6 addresses to IPv4 - `redir` always use IPv6 sockets for sending back packets shadowsocks-rust (1.14.3) unstable; urgency=medium ## Features - Automatically bump `RLIMIT_NOFILE` on Unix (except Android) - https://github.com/golang/go/issues/46279 - http://0pointer.net/blog/file-descriptor-limits.html shadowsocks-rust (1.14.2) unstable; urgency=medium ## Features - #788 `sslocal` SOCKS5 protocol supports RFC1929 Username/Password Authentication - SECURITY: This is insecured because (a) shadowsocks' SOCKS5 UDP Association doesn't require a dynamic port for each authorized clients (b) Username and passwords are sent in plain text. - RustCrypto/ring-compat#79 HKDF-SHA1 uses [ring](https://crates.io/crates/ring)'s assembly implementation shadowsocks-rust (1.14.1) unstable; urgency=medium ## Miscellaneous - `shadowsocks`, `shadowsocks-service` crates upgraded to Rust Edition 2021. shadowsocks-rust (1.14.0) unstable; urgency=medium ## Features - Optimization: UDP associations managment removes unnecessary locks ## Breaking Changes - `shadowsocks_service::local::net::udp::UdpAssociationManager::new` returns clean-up interval and keep-alive receiver. It is not recommended to use this directly in your Project, because the API may change occationally. shadowsocks-rust (1.13.5) unstable; urgency=medium ## Features - #773 Set environment variable `SS_SYSTEM_DNS_RESOLVER_FORCE_BUILTIN` to use system's builtin DNS resolver shadowsocks-rust (1.13.4) unstable; urgency=medium ## Features - Allow setting `"system"` in DNS configuration key `"dns"` to use system provided DNS API ## BUG Fixes - `ssservice` - fixed command line options when running it as symlink of `ssserver` and `ssmanager` shadowsocks-rust (1.13.3) unstable; urgency=medium ## BUG Fixes - #767 REGRESSION: `ssmanager` missing `--server-host` command line option since v1.13.0 - shadowsocks/shadowsocks-crypto#12 REGRESSION: `rc4-md5` method cipher IV length should be 16 shadowsocks-rust (1.13.2) unstable; urgency=medium ## Features - (EXPERIMENTAL) Support setting `SO_USER_COOKIE` on FreeBSD - Set cookie with `--outbound-user-cookie` command line option, working just like `--outbound-fwmark` on Linux - (EXPERIMENTAL) Local `tun` interface refactored the `VirtDevice::poll` strategy - Improve performance - Still slow comparing to system's network stack ## BUG Fixes - #765 Updated broken Wiki URL for Plugins in command line help message - #764 Regression of client blocking ACL strategy on `ssserver` - Introduced since v1.9.0 shadowsocks-rust (1.13.1) unstable; urgency=medium ## Bug Fixes - `Instant` subtraction may be overflowed in `PingBalancer` - When `sslocal` has set multiple remote servers and the host system just reboots, it will crash. shadowsocks-rust (1.13.0) unstable; urgency=medium ## Features - #706 `balancer.check_best_interval` could let ping balancer to ping only the chosen best server in this interval - Recommended: Set a shorter interval in `balancer.check_best_interval` than `balancer.check_interval` to check much frequently the best server. - `balancer.check_interval` controls the interval of checking all the available servers - When server start, the "check best" strategy starts after it receives enough data for estimating all servers' scores - #744 Refactored `local-tun`, using `smoltcp` as a user-space network stack ## Miscelleneous - Upgrade [`clap`](https://crates.io/crates/clap) (the command-line argument handling library) to v3.0 - #739 Support K8S deployment - [shadowsocks-crypto](https://github.com/shadowsocks/shadowsocks-crypto) switch underlying encryption library to [RustCrypto](https://github.com/RustCrypto) - Able to build with stable Rust - Build for target `aarch64` with nightly, features `"armv8 neon"` should be enabled for hardware acceleration. shadowsocks-rust (1.12.5) unstable; urgency=medium ## Bug Fixes - #725 High CPU consumption on Linux Kernel < 4.11 when TCP Fast Open is enabled. -- ty Fri, 17 Dec 2021 00:13:26 +0800 shadowsocks-rust (1.12.4) unstable; urgency=medium ## Features - Configuration - `ipv6_only` configuration option setting `IPV6_V6ONLY` to all listener sockets that are listening to dual-stack address (`::`) - #700 Default configuration search path also includes `$PWD` - Log and Runtime related options could be configured via configuration file - #698 New binary `ssservice` unified features in (`sslocal`, `ssserver` and `ssmanager`) ## Bug Fixes - #694 UDP binds to dual-stack address (`::`) will detect `0.0.0.0` already in use automatically - Transparent Proxy (redir) local client will always set `IPV6_V6ONLY` for listeners that are listening on `::` ## Miscelleneous - Deprecating `SS_LOG_VERBOSE_LEVEL` and `SS_LOG_WITHOUT_TIME` (introduced in [v1.12.3](https://github.com/shadowsocks/shadowsocks-rust/releases/tag/v1.12.3)) in flavor of configuring in the configuration file -- ty Sun, 28 Nov 2021 15:01:54 +0800 shadowsocks-rust (1.12.3) unstable; urgency=medium ## Features - #688 Support default configuration file path for `sslocal`, `ssserver` and `ssmanager` - Linux: `$XDG_CONFIG_PATH/shadowsocks-rust/config.json` or `$HOME/.config/shadowsocks-rust/config.json` - Windows: `{FOLDERID_RoamingAppData}\shadowsocks\shadowsocks-rust\config\config.json` - macOS: `$HOME/Library/Application Support/org.shadowsocks.shadowsocks-rust/config.json` - #691 Manipulating default logging options (command line options `-vvv` and `--log-without-time`) with environment variable `SS_LOG_VERBOSE_LEVEL` and `SS_LOG_WITHOUT_TIME` - #419 Read servers' password from environment variables - Server created from command line argument without `--password` will try to read it from TTY - Servers' `"password"` field or `--password` option support `${VAR_NAME}` format to read password from environment variable `VAR_NAME` -- ty Fri, 26 Nov 2021 00:12:13 +0800 shadowsocks-rust (1.12.2) unstable; urgency=medium ## BUG Fixes - #683 local-dns command line `--remote-dns-addr` will have default port `53` ## Miscellaneous - Removed direct dependency to [`mio`](https://crates.io/crates/mio), sending file descriptors through UDS now with [`sendfd`](https://crates.io/crates/sendfd). -- ty Tue, 16 Nov 00:11:44 2021 +0800 shadowsocks-rust (1.12.1) unstable; urgency=medium ## Features - #669 ACL regular expression rules will try to convert to `||` (sub-domains) and `|` (exact match) rules. ## Bug Fixes - #674 MIPS targets in pre-built releases binaries will be compressed by `upx` - #670 Servers created by command line options in `ssserver` will have mode `tcp_only` -- ty Tue, 9 Nov 2021 23:27:48 +0800 shadowsocks-rust (1.12.0) unstable; urgency=medium ## Features - TCP connects with Happy Eyeballs (RFC6555, RFC8305) strategy - Local - #586 Basic support of `tun` interface in `sslocal` (Experimental) Tested on macOS and Linux - #620 Local server will choose remote servers based on their `"mode"` - Local Balancer - Configurable `max_server_rtt` and `check_interval` - Reload configuration `"servers"` in runtime when receiving `SIGUSR1` signal - Manager - #421 `ssmanager` support `--plugin` and `--plugin-opts` as default plugin configurations - #648 `ssmanager` support starting `ssserver` in standalone (independent process) mode. - #627 ACL support `|` and `||` hash-set and domain-tree mode - Support `--outbound-bind-interface` on Windows. ## Bug Fixed - #579 UDP server reply target address should be received source address - TFO socket on Windows should bind to `SOCKADDR_IN6` for IPv6 targets - #640 `--daemonize` will set `chdir` to current working directory - [BREAKING] In the previous version `--daemonize` will call `chdir` to `/` by default, so it may change the behavior if users using relative paths in `"plugin"` or `"plugin_opts"` ## Miscellaneous - #596 Support Snapcraft https://snapcraft.io/shadowsocks-rust - TFO on Linux queue length set to 1024 to match backlogs - Completely remove Replay Attack Protection with Ping-Pong bloom filter in default build configuration -- ty Tue, 2 Nov 2021 12:52:17 +0800 shadowsocks-rust (1.11.2) unstable; urgency=medium ## Features - #570 Multi-architecture Docker image for release - Replaced `futures::future::abortable` with `tokio`'s builtin `tokio::task::JoinHandle::abort` - Define binaries' exit code with standard in `sysexits.h` - HTTP local listener supports `TCP_NODELAY`, `SO_KEEPALIVE` and dual-stack ## Bug Fixed - #577 `ssmanager` and `ssserver` command line argument `-u` should overwrite `mode` to be `Mode::UdpOnly` - #566 Exit with error code instead of `panic!` when loading ACL fails - #555 Properly handling `EINPROGRESS` for TFO connect when falling backs - #557 Properly killing UDP associations, which may cause `Future` (memory) leaks ## Security - #556 Remove silent dropping when replay was detected -- ty Sat, 24 July 2021 11:50:00 +0800 shadowsocks-rust (1.11.1) unstable; urgency=medium ## Features - #546 Enable TCP Keep Alive for inbound and outbound sockets - Add a new `keep_alive` key in configuration for configuring keep alive timeout - Default timeout is 15 seconds (like Go's `net` library's default) - #543 Add `disabled` key for local servers in configuration ## Bug Fixed - #490 Try to purge half-open TCP connections when one direction is closed - When one direction is closed, server will set a 5 seconds read timeout on the other half - #542 Allow setting `method` for default encryption method when starting `ssmanager` with configuration - #541 Fixed ACL rules for `ssmanager` -- ty Sun, 6 June 2021 23:16:00 +0800 shadowsocks-rust (1.11.0) unstable; urgency=medium ## Features - Support TFO (TCP Fast Open) on Linux, Windows, macOS (iOS), FreeBSD (https://github.com/shadowsocks/shadowsocks-rust/issues/184) - Support customizing servers' weight for balancer (https://github.com/shadowsocks/shadowsocks-rust/issues/510) -- ty Fri, 14 May 2021 12:31:54 +0800 shadowsocks-rust (1.10.9) unstable; urgency=medium ## Bug Fixes - HTTP Proxy preserves headers' title case. https://github.com/shadowsocks/shadowsocks-rust/discussions/491 , https://github.com/hyperium/hyper/issues/2313 -- ty Fri, 23 Apr 2021 23:58:08 +0800 shadowsocks-rust (1.10.8) unstable; urgency=medium ## Bug Fixes - Removes non-standard AEAD ciphers that have variable nonce length, including - `aes-128-ocb-taglen128`, `aes-192-ocb-taglen128`, `aes-256-ocb-taglen128` - `aes-siv-cmac-256`, `aes-siv-cmac-384`, `aes-siv-cmac-512` -- ty Sun, 18 Apr 2021 21:00:21 +0800 shadowsocks-rust (1.10.7) unstable; urgency=medium ## Features - Support non-standard AEAD ciphers `sm4-gcm` and `sm4-ccm` -- ty Sat, 17 Apr 2021 22:46:39 +0800 shadowsocks-rust (1.10.6) unstable; urgency=medium ## Features - [shadowsocks/shadowsocks-crypto#8](https://github.com/shadowsocks/shadowsocks-crypto/issues/8) Support non-standard AEAD ciphers with `crypto2`, could be enabled by feature `aead-cipher-extra` - `aes-128-ccm`, `aes-256-ccm` - `aes-128-gcm-siv`, `aes-256-gcm-siv` - `aes-128-ocb-taglen128`, `aes-192-ocb-taglen128`, `aes-256-ocb-taglen128` - `aes-siv-cmac-256`, `aes-siv-cmac-384`, `aes-siv-cmac-512` - `xchacha20-ietf-poly1305` ## Bug Fixes - [shadowsocks/shadowsocks-android#2705](https://github.com/shadowsocks/shadowsocks-android/issues/2705) MD5 algorithm bug causes KDF (Key Derived Function) produces wrong key when `LEN(password) % 64 in [50, 64)` -- ty Sat, 17 Apr 2021 21:45:46 +0800 shadowsocks-rust (1.10.5) unstable; urgency=medium ## BUG Fixed - `ProxyClientStream` should keep the concatenated first packet buffer alive before asynchronous `write()` finishes -- ty Sat, 10 Apr 2021 09:07:52 +0800 shadowsocks-rust (1.10.4) unstable; urgency=medium # Fixed BUG - `ProxyClientStream::poll_write` may lose the `Address` in the packet to be sent if socket returns `EAGAIN` # Features - Support `protocol` in basic configuration format -- ty Fri, 9 Apr 2021 17:25:04 +0800 shadowsocks-rust (1.10.3) unstable; urgency=medium ## BUG Fixed - #472 Fixed `SO_INCOMING_CPU` when building on some Linux targets. rust-lang/socket2#213 -- ty Wed, 7 Apr 2021 09:55:40 +0800 shadowsocks-rust (1.10.2) unstable; urgency=medium ## BUG Fixed - `mode` in basic configuration format doesn't work for local instance -- ty Sun, 28 Mar 2021 11:13:01 +0800 shadowsocks-rust (1.10.1) unstable; urgency=medium ## BUG Fixed - #469 Compilation error on Android ## Miscellaneous - `sslocal` checks new local instance's parameters dependency - `--protocol`, `--forward-addr`, ... will require `--local-addr` to be specified -- ty Sat, 27 Mar 2021 00:13:00 +0800 shadowsocks-rust (1.10.0) unstable; urgency=medium ## Features - #452 `sslocal` supports starting multiple instances in the same process - Add `locals` in extended configuration format for specifying multiple local server instances - (Android Only) Support `unix://` schema in `dns` configuration - Support `tcp://` and `udp://` in `dns`configuration for setting DNS protocol. Uses both TCP and UDP if not specified. - Support `quad9_https` predefined DNS servers - Updated `shadowsocks-crypto` to `v0.2`, which `Cipher` implementation uses `enum` static dispatch instead of `Box`ed Trait Object for dynamic dispatch ## BUG Fixes - PingBalancer 2nd check will be sent 10s after 1st initialization check. ## Breaking Changes - `sslocal`'s command line options are now for creating a new local instance: - `--local-addr`, `--forward-addr`, `-U`, `-u`, `--protocol`, ... will only applied to the local instance specified by `--local-addr` - `ssserver`'s command line options are now for creating a new server instance: - `-U` and `-u` will only applied to the local instance specified by `--server-addr` -- ty Thu, 25 Mar 2021 18:10:00 +0800 shadowsocks-rust (1.9.2) unstable; urgency=medium ## Features * #442 Check repeated salt after first successful decryption ## BUG Fixes * Redir: setting SO_REUSEPORT, SO_MARK for UDP send-back sockets -- ty Fri, 6 Mar 2021 01:15:00 +0800 shadowsocks-rust (1.9.1) unstable; urgency=medium ## BUG Fixes * #431 UdpSocket::from_std requires sockets to be non-blocked. ## Features * Removed avx from the default CPU features -- ty Fri, 26 Feb 2021 19:01:06 +0800 shadowsocks-rust (1.9.0) unstable; urgency=medium Complete refactored the whole implementation and splits into 3 different crates: * shadowsocks - Core feature of shadowsocks * shadowsocks-service - Service library for implementing Local Server, Remote Server, Manager Server * shadowsocks-rust - Binary crate for release Replaced libsodium and libcrypto with [crypto2](https://github.com/shadowsocks/crypto2). ## Features * Support setting SO_MARK, SO_BINDTODEVICE on Linux * Support setting SO_SNDBUF and SO_RCVBUF for TCP sockets * Support [SIP008](https://github.com/shadowsocks/shadowsocks-org/issues/89 "Online config") extend server fields server, server_port, remarks * Local DNS Relay * Support sending TCP and UDP queries simutaneously * Support connection reusability * Remove mostly TCP timeout setting for tunnels, connections will only be killed if clients or servers close * Auto-reload DNS resolver configuration from /etc/resolv.conf on *NIX platforms. * [#379](https://github.com/shadowsocks/shadowsocks-rust/issues/379 "希望通过传递参数方式,指定多线程模式下tokio启动的线程数") Allow customizing number of worker-threads for multi-threaded scheduler. * [#401](https://github.com/shadowsocks/shadowsocks-rust/issues/401 "Lazy server disable implementation") Support field disabled in extended server configuration * Ping Balancer * Treat timeouts as failures, so requests that receive no response count as failures. * Increase check timeout from 2s to 5s to avoid penalties on slow servers. * Increase check interval from 6s to 10s. * `--outbound-bind-interface` is now supported in both Linux and macOS * [#352](https://github.com/shadowsocks/shadowsocks-rust/issues/352 "Add command line arguments to control incoming/outgoing send/receive socket OS buffer size") Support customizing inbound and outbound sockets' SO_SNDBUF and SO_RCVBUF by command line options ## Library Update * [tokio v1.0](https://tokio.rs/blog/2020-12-tokio-1-0) * [shadowsocks-crypto](https://github.com/shadowsocks/shadowsocks-crypto), [crypto2](https://github.com/shadowsocks/crypto2) ## Optimization * UDP Relays sending respond packets directly to UdpSocket instead of channel, which will significantly improve respond latency * [#408](https://github.com/shadowsocks/shadowsocks-rust/issues/408 "using crate spin without feature "std" causes performance problem") Enable std features for the spin crate to enable yielding threads when spinning on waiting. ## BUG Fixes * For BSD systems, set IPV6_BINDANY and SO_BINDANY on SOL_SOCKET properly * `trust-dns-resolver` requires explicit enables feature `dns-over-https-rustls` for DoH [#367](https://github.com/shadowsocks/shadowsocks-rust/issues/367 "Compile error on latest `master` branch while enabling `dns-over-tls` & `dns-over-https`") * ACL domain rules should be case insensitive. Domain names are case insensitive. * [shadowsocks/shadowsocks-android#2667](https://github.com/shadowsocks/shadowsocks-android/issues/2667 "Service is down intermittently") set timeout for protect() call to Android's VpnService ## Miscellaneous * Disable HTTPS outbound connection for local HTTP proxy by default. For most use cases, HTTPS should be proxied with CONNECT method. * Unified UDP relay association implementation for less duplicated code. * Deprecated `single-threaded` build feature, replaced by `multi-threaded`. * Disable stream ciphers by default. Could be enabled with feature `stream-cipher`. * Enable IPv6 dual stack mode by default when listening on `::`. -- ty Mon, 22 Feb 2021 09:28:28 +0800 shadowsocks-rust (1.8.23) unstable; urgency=medium ## BUG Fixed * Fixed REDIR client setsockopt options, IPv6 should use IPV6_TRANSPARENT on level SOL_IPV6 or IPPROTO_IPV6 -- ty Tue, 3 Nov 2020 01:17:47 +0800 shadowsocks-rust (1.8.22) unstable; urgency=medium ## Features * Load balancer uses Firefox's network detection address: http://detectportal.firefox.com/success.txt * The original http://dl.google.com/generate_204 is not always available all over the world ## BUG Fixed * ARMv6 release target (arm-unknown-linux-gnueabihf) shouldn't enable output AES instructions * Moves many connection ERROR logs to DEBUG level -- ty Mon, 2 Nov 2020 01:37:24 +0800 shadowsocks-rust (1.8.21) unstable; urgency=medium ## Features * Support [SIP008](https://github.com/shadowsocks/shadowsocks-org/issues/89 "Online config") multi-server configuration keys: `server`, `server_port` and `remarks`: { "servers": [ { "server": "your.shadowsocks.server", "server_port": 8388, "method": "aes-256-gcm", "password": "password", "remarks": "My Shadowsocks Server" } ] } * [#308](https://github.com/shadowsocks/shadowsocks-rust/issues/308 "没有后台运行的吗?") Supports daemonize with command line option (`-d`, `--daemonize`) on *nix platforms * Switched logging facility to [log4rs](https://crates.io/crates/log4rs) for more extensible configurations ## BUG Fixed * [#284](https://github.com/shadowsocks/shadowsocks-rust/issues/284 "ssurl is broken") Fixed conflicts in ssurl command line options * [#309](https://github.com/shadowsocks/shadowsocks-rust/issues/309 "端口占用造成插件退出") Fixed mode in add command of ssmanager * [#303](https://github.com/shadowsocks/shadowsocks-rust/issues/303 "sslocal tries to connect to servers even when network is not yet online") Lower proxy connection error messages to DEBUG level * Call sleep() if server accept() failed -- ty Mon, 19 Oct 2020 09:38:47 +0800 shadowsocks-rust (1.8.20) unstable; urgency=medium ## Features * Updated various dependencies to their latest release * Lazy creating bypassed and proxied UDP associations in ACL mode * Each UDP associations that running in ACL mode would create 2 file descriptors (or HANDLEs) (one for bypassed, the other for proxied) when constructing in older version * UDP associations in ssserver will try to return domain name addresses when receives packets from remotes that were requested with domain name address targets. ## BUG Fixed * UDP associations in sslocal handled bypassed requests incorrectly, which would try to parse response packets in shadowsocks' server protocol -- ty Wed, 14 Oct 2020 00:46:08 +0800 shadowsocks-rust (1.8.19) unstable; urgency=medium ## Features * Plugin configurations in files have a new optional field plugin_args for passing command line arguments when plugin starts { "plugin": "your_plugin", "plugin_args": [ "-p", "arg1" ] } * increase_nonce function for AEAD ciphers is optimized if sodium feature is disabled. * Add arm-unknown-linux-musleabi target in releases * Optimized EncryptWriter by reusing decrypting buffers -- ty Sun, 11 Oct 2020 16:34:58 +0800 shadowsocks-rust (1.8.18) unstable; urgency=medium ## BUG Fixed * [#294](https://github.com/shadowsocks/shadowsocks-rust/pull/294 "") UDP relay server's associations shouldn't bind to local address, which will eventually cause EADDRINUSE -- ty Tue, 15 Sep 2020 10:11:43 +0800 shadowsocks-rust (1.8.17) unstable; urgency=medium ## BUG Fixed * [#292](https://github.com/shadowsocks/shadowsocks-rust/pull/292) Hold the TCP connection if it failed to decrypt the first packet for preventing active probing. * [#293](https://github.com/shadowsocks/shadowsocks-rust/pull/293) Keep server running if it fails to create UDP associations. -- ty Tue, 8 Sep 2020 23:31:20 +0800 shadowsocks-rust (1.8.16) unstable; urgency=medium ## Features * [#290](https://github.com/shadowsocks/shadowsocks-rust/pull/290) UDP's ServerClient support split() into ReadHalf and WriteHalf ## BUG Fixed * [#289](https://github.com/shadowsocks/shadowsocks-rust/pull/289) Fixed UDP's ServerClient data decryption -- ty Thu, 20 Aug 2020 17:11:01 +0800 shadowsocks-rust (1.8.15) unstable; urgency=medium Code base are exactly the same as v1.8.14. ## Bug Fixed * `x86_64-unknown-linux-gnu` release should be built by cross with GLIBC_2.15 * `x86_64-apple-darwin` release built with invalid format sslocal (still don't know why) -- ty Mon, 10 Aug 2020 01:12:54 +0800 shadowsocks-rust (1.8.14) unstable; urgency=medium ## Features * Support customizing memory allocator by features: tcmalloc, mimalloc, jemalloc ## BUG Fixed * [#273](https://github.com/shadowsocks/shadowsocks-rust/issues/273) Use AtomicUsize for maximum compatibility in flow statistics * [#285](https://github.com/shadowsocks/shadowsocks-rust/issues/285) Fixed binaries command line options issue causing by conflicts_with -- ty Sun, 9 Aug 2020 01:06:49 +0800 shadowsocks-rust (1.8.13) unstable; urgency=medium ## Features * Direct send data for none ciphers, prevent unnecessary data copies * Feature jemalloc for enabling jemalloc allocator (use system's default allocator by default) * [#272](https://github.com/shadowsocks/shadowsocks-rust/issues/272) Support customizing manager created server's bind address ## BUG Fixed * Client flow reports tx and rx are swapped * AEAD TCP protocol must check the reserved higher 2 bits -- ty Sun, 19 Jul 2020 12:17:48 +0800 shadowsocks-rust (1.8.12) unstable; urgency=medium ## Features * [#260](https://github.com/shadowsocks/shadowsocks-rust/issues/260) sslocal supports https protocol (HTTP Proxy over TLS) * [#263](https://github.com/shadowsocks/shadowsocks-rust/issues/263) UDP Associations connect() to proxies' IP to avoid re-resolving domain names for every packets * [#233](https://github.com/shadowsocks/shadowsocks-rust/issues/233) sslocal supports socks4 protocol (SOCKS4/4a) * Options for LRU cache in UDP relay: * udp_timeout: UDP Association will be kept up to this duration (in seconds) * udp_max_associations: Maximum number of UDP Associations will be kept simultaneously ## BUG Fixed * Removed unnecessary UDP socket wake ups * Expired Associations will be cleaned by a separated task ## BREAKING Changes * Manager's configurations are now wrapped into ManagerConfig * timeout field in Config is removed inflavored timeout in ServerConfig * DNS resolving timeout is using the default configuration (5 seconds for most cases) * Bypassing TCP streams won't timeout -- ty Mon, 1 Jun 2020 23:48:55 +0800 shadowsocks-rust (1.8.11) unstable; urgency=medium ## Features * [#232](https://github.com/shadowsocks/shadowsocks-rust/issues/232) Send data along with handshake (LOCAL -> REMOTE) * HTTP server supports https target with both native-tls and rustls * For rustls, https connections will try to negotiate h2 with ALPN * shadowsocks/shadowsocks-org#161 Support none as dummy cipher's name * Adding local-tunnel feature for controlling tunnel protocol * [#252](https://github.com/shadowsocks/shadowsocks-rust/issues/252) Support udp_max_associations configuration option * Various updates for local-dns-relay for Android integration ## Fixed BUGs * [#234](https://github.com/shadowsocks/shadowsocks-rust/issues/234) Ensure plugin subprocesses are killed when server is exited * On *NIX platform, SIGTERM is sent to plugins for graceful exit * [#237](https://github.com/shadowsocks/shadowsocks-rust/issues/237) Increase regex memory limit for ACL host rules * [#240](https://github.com/shadowsocks/shadowsocks-rust/issues/240) Wait for 10 seconds for plugins to start * ssserver should start plugins with PluginMode::Server ## BREAKING Changes * Removed Runtime's Handle for all run entry functions -- ty Sat, 16 May 2020 00:20:45 +0800 shadowsocks-rust (1.8.10) unstable; urgency=medium ## Features * Support ACL configuration * Examples could be found in [shadowsocks/shadowsocks-libev](https://github.com/shadowsocks/shadowsocks-libev/tree/master/acl) * sslocal supports transparent proxy protocol (experimental) * TCP * Linux: iptables with REDIRECT or TPROXY rules * macOS: pf * FreeBSD: pf or ipfw, not tested * OpenBSD: pf, not tested * UDP * Linux: iptables with TPROXY rules * FreeBSD/OpenBSD: pf, not tested * Usage: Run sslocal with --protocol redir * Better command line option verifications ## Fixed BUGs * sslocal with HTTP protocol clears [Hop-by-Hop headers](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers) * CryptoStream is now thread safe * [#222](https://github.com/shadowsocks/shadowsocks-rust/issues/222) rc4 cipher is now working ## Miscellaneous * Integrate into the Android's client implementation, [shadowsocks/shadowsocks-android#2452](https://github.com/shadowsocks/shadowsocks-android/issues/2452) * Not finished yet, you shouldn't use them in production environment * Abort on `panic!` for release builds * [#223](https://github.com/shadowsocks/shadowsocks-rust/issues/223) `--log-without-time` command line option is added back * [#205](https://github.com/shadowsocks/shadowsocks-rust/issues/205) `-6` command line option to resolve host names to IPv6 addresses first ## BREAKING Changes * Merged sstunnel and ssredir into sslocal * DNS-over-HTTPS and DNS-over-TLS are disabled by default, could be enabled by features dns-over-https and dns-over-tls * [#217](https://github.com/shadowsocks/shadowsocks-rust/issues/217) Logging output uses local datetime instead of UTC * Logging output is now in customized format -- ty Fri, 10 Apr 2020 19:39:14 +0800 shadowsocks-rust (1.8.9) unstable; urgency=medium ## Features * ssmanager - Supports Manage Multiple Users APIs * Create / Remove servers in the same tokio runtime dynamically * Fallback to tokio's builtin DNS resolver (currently it is libstd's builtin) if trust-dns's resolver initialize failed ## Fixed BUGs * Ping tasks will panic if remote servers fail to connect for the first time -- ty Thu, 13 Feb 2020 01:13:07 +0800 shadowsocks-rust (1.8.8) unstable; urgency=medium ## Features * ssredir - (Experimental) Transparent Proxy. Currently only supports the following platforms: * Linux - TCP: REDIRECT and TPROXY, UDP: TPROXY * FreeBSD - TCP, UDP: ipfw ## BUG Fixed * Enable TCP_NODELAY for better handshaking performance, for * sslocal's socks5 protocol handshaking * Local and Remote server shadowsocks' IV/nonce exchanging * Ensure plugins starts before listening for sslocal * Eliminated those connection failures while sslocal server just started * [#191](https://github.com/shadowsocks/shadowsocks-rust/issues/191) Skip IV/nonce duplication check for plain cipher ## Miscellaneous * Nightly builds on CircleCI: https://circleci.com/gh/shadowsocks/shadowsocks-rust * Obtain release binaries in #Artifacts, for example: * https://circleci.com/gh/shadowsocks/shadowsocks-rust/151#artifacts/containers/0 -- ty Thu, 6 Feb 2020 20:14:57 +0800 shadowsocks-rust (1.8.7) unstable; urgency=medium ## Features * Set RLIMIT_NOFILE on *nix systems by * -r, --nofile command line argument * nofile key in configuration file ## BUG Fixed * ssserver shouldn't use local_port in configuration to bind() before connect() or sendto() * Command line argument --bind-addr or -b should only accept IP or Domain -- ty Mon, 13 Jan 2020 10:45:54 +0800 shadowsocks-rust (1.8.6) unstable; urgency=medium Basically the same as v1.8.5, but prints the actual error while handshaking with clients. Useful if server received a repeated IV and salt (probably replay attacks). -- ty Sun, 12 Jan 2020 09:44:18 +0800 shadowsocks-rust (1.8.5) unstable; urgency=medium ## Features * Add feature trust-dns to allow disable depending on [trust-dns-resolver](https://crates.io/crates/trust-dns-resolver) * Disabling trust-dns would significantly shrink the size of binaries * [#26](https://github.com/shadowsocks/shadowsocks-rust/issues/26) UDP servers will also bind() to local_address and local_port * Check repeated IV / Salt for defending against replay attacks * [Defend against replay attack](https://github.com/shadowsocks/shadowsocks-org/issues/44) -- ty Sun, 12 Jan 2020 00:09:18 +0800 shadowsocks-rust (1.8.4) unstable; urgency=medium ## Features * ssserver supports bind before connect to remote addresses. Can be configured by * local_address and local_port in config.json * -b or --bind-address in command line parameter * Suggestion: Port should be set to 0 otherwise you will get EADDRINUSE ## Breaking Changes * ssserver won't ignore local_address and local_port in config.json -- ty Thu, 9 Jan 2020 23:35:59 +0800 shadowsocks-rust (1.8.3) unstable; urgency=medium ## Enhancements * Refactored PingBalancer for supporting customized Server Configuration structure * For Example: HTTP sslocal can stores HttpClients into the ServerScore structure instead of putting them into a HashMap. * Removed trust-dns feature gate, set as default. -- ty Wed, 8 Jan 2020 13:42:45 +0800 shadowsocks-rust (1.8.2) unstable; urgency=medium ## Enhancements * Refactored PingBalancer for supporting customized Server Configuration structure * For Example: HTTP sslocal can stores HttpClients into the ServerScore structure instead of putting them into a HashMap. * Removed trust-dns feature gate, set as default. -- ty Tue, 7 Jan 2020 09:16:50 +0800 shadowsocks-rust (1.8.1) unstable; urgency=medium ## BUG Fixed * Send crypto IV (Stream Ciphers) / Nonce (AEAD Ciphers) with the first payload in one packet. * Reduced 1 RTT while handshaking with servers * HTTP Proxy client Handles IPv6 URI host properly * RFC 2732 -- ty Sun, 5 Jan 2020 16:40:19 +0800 shadowsocks-rust (1.8.0) unstable; urgency=medium ## Features * A new binary `sstunnel`. Establish TCP and UDP tunnels to remote. Discussion: #177 ``` # Establish an UDP tunnel to 8.8.8.8:53 (just like what ssdns did in the past) sstunnel -c config.json -f '8.8.8.8:53' -u ``` * Uses `async/await` syntax (requires `rustc` version >= `v1.40.0`) * Dependencies * `tokio` - `v0.2` * `trust-dns-resolver` - `v0.18` * `libsodium-sys` (switched from `libsodium-ffi` for better build process) * Ping balancer * Calculate scores not only with servers' latency, but also availability * Supports UDP relay * Retry 3 times if it connects failed to remote proxy server automatically ## Bug Resolved * Refactored UDP relay. Now it works just like NAT. Discussion: #168 * Temporary workaround for UdpSocket `WSAECONNRESET`. Discussion: #179 * Ref: https://stackoverflow.com/questions/30749423/is-winsock-error-10054-wsaeconnreset-normal-with-udp-to-from-localhost ## Breaking Changes * Removed `ssdns`. `sstunnel` can fulfill its job. ## Releases * `shadowsocks-v1.8.0-stable.x86_64-unknown-linux-musl.tar.xz` * SHA256 `5ec41d5a306715e455b1012de0ddaa33273970689b6df48ffbb0da5fb6083531` * `shadowsocks-v1.8.0-stable.x86_64-pc-windows-gnu.zip` * SHA256 `f7e23a145ca42a0ce73349263650256c9cc3e05caf637c2396699d72801d6966` -- ty Sat, 28 Dec 2019 00:00:00 +0800 shadowsocks-rust (1.7.0) unstable; urgency=medium ## Refactors * #141 Build with Rust 2018. * #100 Migrated to Tokio Runtime. * #139 Refactor for using as a library. Move signal monitor outside of shadowsocks library. ## Dependencies * Replaced `ToSocketAddrs` with `trust-dns` * #111 Upgrade rand to v0.5 and use `ThreadRng` * #132 Feature gate RC4 cipher * `--feature miscreant` is now can be built with stable. ## Configurations * Support timeout key in the outer object in configuration ( `{ "timeout": 30 }` ) * UDP relay sets timeout with separated key `udp_timeout` * #123 `set_nodelay` and `set_keepalive`, `no_delay` is configurable in configuration * [Breaking] Replace `enable_udp` with `mode`, possible values are: `tcp_and_udp`, `tcp_only`, `udp_only`. ## Bugfix * [BUG-FIXED] #105 Fixed "Too many open files" in UDP relay. * [BUG-FIXED] Fixed bug while starting UDP relay. While starting server with plugins, it should not change the listening addresses for UDP relay, which are only for TCP relay. * [BUG-FIXED] #106 Server should not panic if accepted socket closed right after `accept()`. * Implemented a new `ssdns` server, which can serve as a DNS server and proxy DNS queries via ShadowSocks' UDP relay. * [FIXED-BUG] #118 #122 Fixed DNS resolving issue. It may failed to resolve remote server's address if you haven't configured any IP addresses in forbidden_ip section. ## New features * Uses `impl Trait` for functions * #113 Supported `xchacha20-ietf-poly1305` encrypt method * Removed all global states in client and servers, which will allow starting multiple ShadowSocks instances in one process. * Uses `json5` to parse config file. * #85 Support `ss-manager` report protocol. (Can co-operate with `ss-manager`) -- ty Wed, 20 Jan 2019 01:14:55 +0800 shadowsocks-rust (1.6.11) unstable; urgency=medium * Updated dependencies -- ty Sat, 20 Jan 2018 20:45:59 +0800 shadowsocks-rust (1.6.10) unstable; urgency=medium * Check AEAD packet length before actually reading it. -- ty Sat, 2 Dec 2017 11:56:00 +0800 shadowsocks-rust (1.6.9) unstable; urgency=medium * Fixed increase_nonce without libsodium -- ty Sun, 26 Nov 2017 10:28:13 UTC shadowsocks-rust (1.6.8) unstable; urgency=medium * Upstream bump version. -- Simon Shi Wed, 08 Nov 2017 14:27:18 +0800 shadowsocks-rust (1.6.6+deb1) unstable; urgency=medium * Add debian files. * Add systemd files and default config. -- Simon Shi Tue, 10 Oct 2017 10:01:14 +0800 shadowsocks-rust (1.6.6) stable; urgency=medium * Removed aes-128-ctr cipher -- ty Wed, 4 Oct 2017 04:11:55 +0800 shadowsocks-rust (1.6.5) unstable; urgency=medium * Initial Release. -- Shigure Moe Sat, 30 Sep 2017 16:21:42 +0800