v4.28.1

Changes

• Use GO 1.15
• VMess AEAD will be used when alterId is 0. ("testsEnabled" is discarded)
• Fix incorrect AEAD IV usage which slightly reduced security. thanks @cute

Fixes

• Fix dns tests by setting v2ray.location.asset @felixonmars
• fix abstract UDS & add PROXY protocol support to DS inbound @lucifer9 @RPRX
• Systemd: prevent restart on corrupt config @DuckSoft

Chores

• Upgrade all dependencies @RPRX
• Change lint order to avoid file changes notice @Loyalsoldier
• Update geoip, geosite

v4.27.5

Features

Parse X-Forwarded-For in http transport @lucifer9

Fix

Fix according to staticcheck result @Loyalsoldier
Fix: Bound check when accessing DNS server's ipIndexMap @Vigilans
Refine code @Loyalsoldier

⚠️ VMess AEAD will be used when alterId is 0 in V2Ray v4.28.0+

v4.27.4

Features

17f51f4 Dotless domain support in built-in DNS @Vigilans
c74a33f Support source port matching in routing config @Vigilans
d05ddc8 Make HTTP outbound 0-rtt @darhwa
bc00811 Add asset location auto search @vcptr
5df1733 Add PROXY protocol support to TCP & WebSocket inbound @lucifer9 and @RPRX
84aaf3a VLESS PREVIEW 1.5 @RPRX

Fixs

1e22242 Amending domain matcher with returning array of all matches @Vigilans
dfeaef7 Refactor DNS Server to record original rule of domain matchers @Vigilans
3e612d8 New Systemd unit file @dctxmei
00b4217 Fix: logging empty rules & DNS @Loyalsoldier
588b40f Fix a typo @dikaixu1999
a40727a Shadowsocks Detection defense @studentmain and @xiaokangwang

Update Old file @Loyalsoldier

Breaking Changes

• VLESS fallback -> fallbacks, see https://www.v2fly.org/config/protocols/vless.html
• DNS domain priority matching

⚠️ VMess AEAD will be used when alterId is 0 in V2Ray v4.28.0+

v4.27.0

Feature

• VLESS PREVIEW 1.3 https://www.v2fly.org/config/protocols/vless.html
• Add Linux riscv64 release @RPRX

Fix

• Shadowsocks supports cipher as None @yuhan6665
• Add access log for Dokodemo inbound @lucifer9
• Some typo fixes @DuckSoft
• Fix the error of missing curl in Dockerfile @kallydev
• GitHub Actions push to docker hub @kallydev
• Optimize SO_REUSEPORT implementation @Vigilans
• DOH supports HTTP/2 @darhwa
• Apply Sockopt from inbound config to Dokodemo Tproxy response connection @Vigilans

Breaking Change

• VMessAEAD has been updated and needs both client and server to be the same version for it to work.
• Release file structure changes.

⚠️ VMess AEAD will be used when alterId is 0 in V2Ray v4.28.0+

v4.26.0

Updates

• V2Fly’s signing infrastructure has been revised. You can from now on verify V2Fly’s release with the “Release” signed manifest file with v2ctl.

• VMessAEAD has been updated to rely more on AEAD.

• Outbound traffic accounting API. Thanks @yuhan6665

• HTTP outbound can now handle HTTP2 over TLS, HTTP 1.1 over TLS in addition to HTTP 1.1 proxy traffic. Thanks @darhwa

• ARM release will from now on have an explicit version in it. Thanks @RPRX

• V2Ray will from now on generate Windows 32 ARM binary release.

• Minor code tidy up. Thanks Roger Shimizu.

• Minor code tidy up. Thanks @agioi

• Fix crash when the client supplied an invalid domain name to DoH. Thanks @DuckSoft

Breaking Change

• VMessAEAD has been updated and needs both client and server to be the same version for it to work.

v4.25.1

Fix

Improve ARM platform stability. Thank @gitgayhub @RPRX And other testers

v4.25.0

Fixs

• Further remove the identity leakage with TLS ClientHello from v2ray/v2ray-core#2521
• Fix UDP stability issue in Socks5 inbound, Shadowsocks inbound, and dokodemo(TProxy) inbound. This should alleviate unnecessary CPU, memory usage, and premature disconnection issue typically triggered by playing games, video conference, and torrenting. See v2ray/v2ray-core#2565
• Added ARMv5 binary in the release. This should allow legacy ARM devices to run V2Ray correctly. See v2ray/v2ray-core#2536

Breaking Changes

• The file structure for ARM release files has changed.

v4.24.2

New Functions

• VMess's new header format experiment begins. You can now enable VMessAEAD to be better protected. Documents EN CH are updated. See extra-VMessAEADdoc.zip for a more detailed explanation available in both Chinese and English.

• mKCP can now be encrypted to resist recognition, address issue mentioned in v2ray/v2ray-core#2530 v2ray/v2ray-core#2253 v2ray/v2ray-core#2131. Documents EN CH are updated.

Breaking Changes

• To slow down certain replay attacks, taint mechanic for VMess MD5 authentication data is introduced. Unless the server is under attack, a well-behaved client is not influenced. Pay attention to this change if you are designing a "V2Ray Panel", "Airport" or "V2Ray Service Provider". Documents EN CH are updated.

Minor fixes from #12 #10 included.

• Updated Golang tool-chain. Thanks @RPRX
• LocalAddr() in UDP workers will now return correct local addr. Thanks @zhuobixin

About AV warnings

We are aware some anti-virus software detects V2Ray as malware, which it isn't, but we can't afford to pay the fee needed to make them not detect V2Ray as malware. Microsoft's AV detects V2Ray as "Trojan:Win32/Wacatac.C!ml" , "Program:Win32/Wacapew.C!ml" each time we release a new version, and I have to manually contact them each time to remove it from the malware database. If you have more information to report please leave them here. These AVs are known to generate false-positive results: "Microsoft", "McAfee", "Cylance", "Symantec", "F-Secure", "SecureAge APEX", "Cybereason", "Cynet", "MaxSecure", "F-Secure", "Avira", "AVAST", "AVG", "Rising"(瑞星).

v4.24.1

New Functions

• VMess's new header format experiment begins. You can now enable VMessAEAD to be better protected. Documents EN CH are updated. See extra-VMessAEADdoc.zip for a more detailed explanation available in both Chinese and English.

• mKCP can now be encrypted to avoid recognition, address issue mentioned in v2ray/v2ray-core#2530 v2ray/v2ray-core#2253 v2ray/v2ray-core#2131. Documents EN CH are updated.

Beaking Changes

• To slow down certain replay attacks, taint mechanic for VMess MD5 authentication data is introduced. Unless the server is under attack, a well-behaved client is not influenced. Pay attention to this change if you are designing a "V2Ray Panel", "Airport" or "V2Ray Service Provider". Documents EN CH are updated.

Minor fixes from #12 included.

v4.24.0

New Functions

• VMess's new header format experiment begins. You can now enable VMessAEAD to be better protected. Documents EN CH are updated. See extra-VMessAEADdoc.zip for a more detailed explanation available in both Chinese and English.

• mKCP can now be encrypted to avoid recognition, address issue mentioned in v2ray/v2ray-core#2530 v2ray/v2ray-core#2253 v2ray/v2ray-core#2131. Documents EN CH are updated.

Beaking Changes

• To slow down certain replay attacks, taint mechanic for VMess MD5 authentication data is introduced. Unless the server is under attack, a well-behaved client is not influenced. Pay attention to this change if you are designing a "V2Ray Panel", "Airport" or "V2Ray Service Provider". Documents EN CH are updated.