[dependencies] Update golangci/golangci-lint-action action to v8

documentation: Bump version
Fix systemd package
2025-06-08 01:22:07 +08:00 · 2025-06-06 15:18:24 +00:00 · 2025-06-06 23:17:46 +08:00 · 2025-06-06 23:17:46 +08:00 · 2025-06-06 23:17:46 +08:00 · 2025-06-06 23:17:46 +08:00
9 changed files with 33 additions and 15 deletions
--- a/.fpm_systemd
+++ b/.fpm_systemd
@ -8,6 +8,7 @@
 --deb-field "Bug: https://github.com/SagerNet/sing-box/issues"
 --no-deb-generate-changes
 --config-files /etc/sing-box/config.json
+--after-install release/config/sing-box.postinst

 release/config/config.json=/etc/sing-box/config.json

--- a/common/dialer/default.go
+++ b/common/dialer/default.go
@ -97,10 +97,6 @@ func NewDefault(ctx context.Context, options option.DialerOptions) (*DefaultDial
 			} else if networkManager.AutoDetectInterface() {
 				if platformInterface != nil {
 					networkStrategy = (*C.NetworkStrategy)(options.NetworkStrategy)
-					if networkStrategy == nil {
-						networkStrategy = common.Ptr(C.NetworkStrategyDefault)
-						defaultNetworkStrategy = true
-					}
 					networkType = common.Map(options.NetworkType, option.InterfaceType.Build)
 					fallbackNetworkType = common.Map(options.FallbackNetworkType, option.InterfaceType.Build)
 					if networkStrategy == nil && len(networkType) == 0 && len(fallbackNetworkType) == 0 {
@ -112,6 +108,10 @@ func NewDefault(ctx context.Context, options option.DialerOptions) (*DefaultDial
 					if networkFallbackDelay == 0 && defaultOptions.FallbackDelay != 0 {
 						networkFallbackDelay = defaultOptions.FallbackDelay
 					}
+					if networkStrategy == nil {
+						networkStrategy = common.Ptr(C.NetworkStrategyDefault)
+						defaultNetworkStrategy = true
+					}
 					bindFunc := networkManager.ProtectFunc()
 					dialer.Control = control.Append(dialer.Control, bindFunc)
 					listener.Control = control.Append(listener.Control, bindFunc)
--- a/common/dialer/tfo.go
+++ b/common/dialer/tfo.go
@ -12,7 +12,6 @@ import (

 	"github.com/sagernet/sing/common"
 	"github.com/sagernet/sing/common/bufio"
-	E "github.com/sagernet/sing/common/exceptions"
 	M "github.com/sagernet/sing/common/metadata"
 	N "github.com/sagernet/sing/common/network"

@ -76,10 +75,11 @@ func (c *slowOpenConn) Write(b []byte) (n int, err error) {
 		return c.conn.Write(b)
 	default:
 	}
-	c.conn, err = c.dialer.DialContext(c.ctx, c.network, c.destination.String(), b)
+	conn, err := c.dialer.DialContext(c.ctx, c.network, c.destination.String(), b)
 	if err != nil {
-		c.conn = nil
-		c.err = E.Cause(err, "dial tcp fast open")
+		c.err = err
+	} else {
+		c.conn = conn
 	}
 	n = len(b)
 	close(c.create)
--- a/docs/changelog.md
+++ b/docs/changelog.md
@ -2,6 +2,10 @@
 icon: material/alert-decagram
 ---

+#### 1.12.0-beta.22
+
+* Fixes and improvements
+
 #### 1.12.0-beta.21

 * Fix missing `home` option for DERP service **1**
--- a/go.mod
+++ b/go.mod
@ -35,7 +35,7 @@ require (
 	github.com/sagernet/sing-shadowsocks2 v0.2.1
 	github.com/sagernet/sing-shadowtls v0.2.1-0.20250503051639-fcd445d33c11
 	github.com/sagernet/sing-tun v0.6.6-0.20250428031943-0686f8c4f210
-	github.com/sagernet/sing-vmess v0.2.4-0.20250527060135-661c827800bc
+	github.com/sagernet/sing-vmess v0.2.4-0.20250605032146-38cc72672c88
 	github.com/sagernet/smux v1.5.34-mod.2
 	github.com/sagernet/tailscale v1.80.3-mod.5
 	github.com/sagernet/wireguard-go v0.0.1-beta.7
--- a/go.sum
+++ b/go.sum
@ -182,8 +182,8 @@ github.com/sagernet/sing-shadowtls v0.2.1-0.20250503051639-fcd445d33c11 h1:tK+75
 github.com/sagernet/sing-shadowtls v0.2.1-0.20250503051639-fcd445d33c11/go.mod h1:sWqKnGlMipCHaGsw1sTTlimyUpgzP4WP3pjhCsYt9oA=
 github.com/sagernet/sing-tun v0.6.6-0.20250428031943-0686f8c4f210 h1:6H4BZaTqKI3YcDMyTV3E576LuJM4S4wY99xoq2T1ECw=
 github.com/sagernet/sing-tun v0.6.6-0.20250428031943-0686f8c4f210/go.mod h1:fisFCbC4Vfb6HqQNcwPJi2CDK2bf0Xapyz3j3t4cnHE=
-github.com/sagernet/sing-vmess v0.2.4-0.20250527060135-661c827800bc h1:kd3olNfnf/1EAAHDQm0flN9eihyjpeQDKdGONlLtXfc=
-github.com/sagernet/sing-vmess v0.2.4-0.20250527060135-661c827800bc/go.mod h1:IL8Rr+EGwuqijszZkNrEFTQDKhilEpkqFqOlvdpS6/w=
+github.com/sagernet/sing-vmess v0.2.4-0.20250605032146-38cc72672c88 h1:0pVm8sPOel+BoiCddW3pV3cKDKEaSioVTYDdTSKjyFI=
+github.com/sagernet/sing-vmess v0.2.4-0.20250605032146-38cc72672c88/go.mod h1:IL8Rr+EGwuqijszZkNrEFTQDKhilEpkqFqOlvdpS6/w=
 github.com/sagernet/smux v1.5.34-mod.2 h1:gkmBjIjlJ2zQKpLigOkFur5kBKdV6bNRoFu2WkltRQ4=
 github.com/sagernet/smux v1.5.34-mod.2/go.mod h1:0KW0+R+ycvA2INW4gbsd7BNyg+HEfLIAxa5N02/28Zc=
 github.com/sagernet/tailscale v1.80.3-mod.5 h1:7V7z+p2C//TGtff20pPnDCt3qP6uFyY62peJoKF9z/A=
--- a/release/config/sing-box.postinst
+++ b/release/config/sing-box.postinst
@ -0,0 +1,3 @@
+#!/bin/sh
+
+systemd-sysusers sing-box.conf
--- a/route/dns.go
+++ b/route/dns.go
@ -36,7 +36,7 @@ func (r *Router) hijackDNSStream(ctx context.Context, conn net.Conn, metadata ad
 	}
 }

-func (r *Router) hijackDNSPacket(ctx context.Context, conn N.PacketConn, packetBuffers []*N.PacketBuffer, metadata adapter.InboundContext) error {
+func (r *Router) hijackDNSPacket(ctx context.Context, conn N.PacketConn, packetBuffers []*N.PacketBuffer, metadata adapter.InboundContext, onClose N.CloseHandlerFunc) error {
 	if natConn, isNatConn := conn.(udpnat.Conn); isNatConn {
 		metadata.Destination = M.Socksaddr{}
 		for _, packet := range packetBuffers {
@ -51,10 +51,12 @@ func (r *Router) hijackDNSPacket(ctx context.Context, conn N.PacketConn, packetB
 			conn:     conn,
 			ctx:      ctx,
 			metadata: metadata,
+			onClose:  onClose,
 		})
 		return nil
 	}
 	err := dnsOutbound.NewDNSPacketConnection(ctx, r.dns, conn, packetBuffers, metadata)
+	N.CloseOnHandshakeFailure(conn, onClose, err)
 	if err != nil && !E.IsClosedOrCanceled(err) {
 		return E.Cause(err, "process DNS packet")
 	}
@ -93,8 +95,16 @@ type dnsHijacker struct {
 	conn     N.PacketConn
 	ctx      context.Context
 	metadata adapter.InboundContext
+	onClose  N.CloseHandlerFunc
 }

 func (h *dnsHijacker) NewPacketEx(buffer *buf.Buffer, destination M.Socksaddr) {
 	go ExchangeDNSPacket(h.ctx, h.router, h.logger, h.conn, buffer, h.metadata, destination)
 }
+
+func (h *dnsHijacker) Close() error {
+	if h.onClose != nil {
+		h.onClose(nil)
+	}
+	return nil
+}
--- a/route/route.go
+++ b/route/route.go
@ -117,7 +117,8 @@ func (r *Router) routeConnection(ctx context.Context, conn net.Conn, metadata ad
 			for _, buffer := range buffers {
 				conn = bufio.NewCachedConn(conn, buffer)
 			}
-			return r.hijackDNSStream(ctx, conn, metadata)
+			N.CloseOnHandshakeFailure(conn, onClose, r.hijackDNSStream(ctx, conn, metadata))
+			return nil
 		}
 	}
 	if selectedRule == nil {
@ -228,8 +229,7 @@ func (r *Router) routePacketConnection(ctx context.Context, conn N.PacketConn, m
 			N.ReleaseMultiPacketBuffer(packetBuffers)
 			return action.Error(ctx)
 		case *rule.RuleActionHijackDNS:
-			return r.hijackDNSPacket(ctx, conn, packetBuffers, metadata)
-
+			return r.hijackDNSPacket(ctx, conn, packetBuffers, metadata, onClose)
 		}
 	}
 	if selectedRule == nil || selectReturn {
Author	SHA1	Message	Date
renovate[bot]	1bfced0e42	[dependencies] Update golangci/golangci-lint-action action to v8	2025-06-06 15:18:24 +00:00
世界	c3cc010880	documentation: Bump version	2025-06-06 23:17:46 +08:00
世界	1920c191be	Fix systemd package	2025-06-06 23:17:46 +08:00
世界	e0ac459204	Fix missing home for derp service	2025-06-06 23:17:46 +08:00
Zero Clover	09fb897805	documentation: Fix services	2025-06-06 23:17:46 +08:00
世界	a1b3d891a3	Fix `dns.client_subnet` ignored	2025-06-06 23:17:46 +08:00
世界	d866a40469	documentation: Minor fixes	2025-06-06 23:17:46 +08:00
世界	45cd04b07e	Fix tailscale forward	2025-06-06 23:17:46 +08:00
世界	2cf0528c4d	Minor fixes	2025-06-06 23:17:46 +08:00
世界	905a2ded93	Add SSM API service	2025-06-06 23:17:46 +08:00
世界	cb3c0829c5	Add resolved service and DNS server	2025-06-06 23:17:45 +08:00
世界	1a8f6e053d	Add DERP service	2025-06-06 23:17:27 +08:00
世界	99a09a6ce5	Add service component type	2025-06-06 23:17:27 +08:00
世界	01b4c7fcdd	Fix tproxy tcp control	2025-06-06 23:17:27 +08:00
愚者	fe89f946c1	release: Fix build tags for android Signed-off-by: 愚者 <11926619+FansChou@users.noreply.github.com>	2025-06-06 23:17:27 +08:00
世界	6c17c7a8f5	prevent creation of bind and mark controls on unsupported platforms	2025-06-06 23:17:27 +08:00
PuerNya	ea067e5478	documentation: Fix description of reject DNS action behavior	2025-06-06 23:17:27 +08:00
Restia-Ashbell	75af9a824e	Fix TLS record fragment	2025-06-06 23:17:27 +08:00
世界	a5d4a42119	Add missing `accept_routes` option for Tailscale	2025-06-06 23:17:26 +08:00
世界	9821fbc3e3	Add TLS record fragment support	2025-06-06 23:17:26 +08:00
世界	c0408ad1de	release: Update Go to 1.24.3	2025-06-06 23:17:26 +08:00
世界	6b0e861afa	Fix set edns0 client subnet	2025-06-06 23:17:26 +08:00
世界	e32d686d6c	Update minor dependencies	2025-06-06 23:17:26 +08:00
世界	844308e128	Update certmagic and providers	2025-06-06 23:17:26 +08:00
世界	93c14db281	Update protobuf and grpc	2025-06-06 23:17:26 +08:00
世界	b893a27dfc	Add control options for listeners	2025-06-06 23:17:25 +08:00
世界	d39960fa23	Update quic-go to v0.52.0	2025-06-06 23:17:25 +08:00
世界	ba0badd4bf	Update utls to v1.7.2	2025-06-06 23:17:25 +08:00
世界	cfbb5d63d5	Handle EDNS version downgrade	2025-06-06 23:16:21 +08:00
世界	8447a3edfe	documentation: Fix anytls padding scheme description	2025-06-06 23:16:21 +08:00
安容	1a9747a531	Report invalid DNS address early	2025-06-06 23:16:20 +08:00
世界	583ecbea3b	Fix wireguard `listen_port`	2025-06-06 23:16:20 +08:00
世界	bb6c8535a5	clash-api: Add more meta api	2025-06-06 23:16:19 +08:00
世界	10d90e4acc	Fix DNS lookup	2025-06-06 23:16:19 +08:00
世界	e625012219	Fix fetch ECH configs	2025-06-06 23:16:19 +08:00
reletor	670863fd5b	documentation: Minor fixes	2025-06-06 23:16:19 +08:00
caelansar	f7cf87142f	Fix callback deletion in UDP transport	2025-06-06 23:16:18 +08:00
世界	2597a68a01	documentation: Try to make the play review happy	2025-06-06 23:16:18 +08:00
世界	7354332daa	Fix missing handling of legacy `domain_strategy` options	2025-06-06 23:16:18 +08:00
世界	a0d382fc4e	Improve local DNS server	2025-06-06 23:16:18 +08:00
anytls	a6da8b6654	Update anytls Co-authored-by: anytls <anytls>	2025-06-06 23:16:17 +08:00
世界	7385616cca	Fix DNS dialer	2025-06-06 23:16:17 +08:00
世界	4b6784b446	release: Skip override version for iOS	2025-06-06 23:16:16 +08:00
iikira	68579bb93b	Fix UDP DNS server crash Signed-off-by: iikira <i2@mail.iikira.com>	2025-06-06 23:16:16 +08:00
ReleTor	6aace7b1b7	Fix fetch ECH configs	2025-06-06 23:16:16 +08:00
世界	148234b742	Allow direct outbounds without `domain_resolver`	2025-06-06 23:16:16 +08:00
世界	97b7a451be	Fix Tailscale dialer	2025-06-06 23:16:15 +08:00
dyhkwong	73b67e0b48	Fix DNS over QUIC stream close	2025-06-06 23:16:15 +08:00
anytls	88b4d04d59	Update anytls Co-authored-by: anytls <anytls>	2025-06-06 23:16:15 +08:00
Rambling2076	d1ec6c6dd2	Fix missing `with_tailscale` in Dockerfile Signed-off-by: Rambling2076 <Rambling2076@proton.me>	2025-06-06 23:16:14 +08:00
世界	523825336a	Fail when default DNS server not found	2025-06-06 23:16:14 +08:00
世界	032565a026	Update gVisor to 20250319.0	2025-06-06 23:16:14 +08:00
世界	aeea24ae30	Explicitly reject detour to empty direct outbounds	2025-06-06 23:16:14 +08:00
世界	af22549f1a	Add netns support	2025-06-06 23:16:14 +08:00
世界	57b17ceb4b	Add wildcard name support for predefined records	2025-06-06 23:16:13 +08:00
世界	3dd308e7c3	Remove map usage in options	2025-06-06 23:16:13 +08:00
世界	7f75195d86	Fix unhandled DNS loop	2025-06-06 23:16:13 +08:00
世界	2fe4cad905	Add wildcard-sni support for shadow-tls inbound	2025-06-06 23:16:12 +08:00
k9982874	f55eb75a53	Add ntp protocol sniffing	2025-06-06 23:16:12 +08:00
世界	5ffb5b6ad2	option: Fix marshal legacy DNS options	2025-06-06 23:16:12 +08:00
世界	a1d5931759	Make `domain_resolver` optional when only one DNS server is configured	2025-06-06 23:16:12 +08:00
世界	9e68e909cb	Fix DNS lookup context pollution	2025-06-06 23:16:11 +08:00
世界	117e8b76cc	Fix http3 DNS server connecting to wrong address	2025-06-06 23:16:11 +08:00
Restia-Ashbell	d2f83bfd50	documentation: Fix typo	2025-06-06 23:16:11 +08:00
anytls	eaef13febe	Update sing-anytls Co-authored-by: anytls <anytls>	2025-06-06 23:16:11 +08:00
k9982874	0110c69dc9	Fix hosts DNS server	2025-06-06 23:16:10 +08:00
世界	fb2f5af1fb	Fix UDP DNS server crash	2025-06-06 23:16:10 +08:00
世界	1553923118	documentation: Fix missing `ip_accept_any` DNS rule option	2025-06-06 23:16:10 +08:00
世界	0ada49489d	Fix anytls dialer usage	2025-06-06 23:16:10 +08:00
世界	95d5ca9393	Move predefined DNS server to rule action	2025-06-06 23:16:10 +08:00
世界	6cebbb4590	Fix domain resolver on direct outbound	2025-06-06 23:16:09 +08:00
Zephyruso	0ef81bb5ef	Fix missing AnyTLS display name	2025-06-06 23:16:09 +08:00
anytls	0d30a1df9d	Update sing-anytls Co-authored-by: anytls <anytls>	2025-06-06 23:16:09 +08:00
Estel	563499d2f9	documentation: Fix typo Signed-off-by: Estel <callmebedrockdigger@gmail.com>	2025-06-06 23:16:08 +08:00
TargetLocked	f10c0c1c8d	Fix parsing legacy DNS options	2025-06-06 23:16:08 +08:00
世界	428074d88b	Fix DNS fallback	2025-06-06 23:16:07 +08:00
世界	fa18832ad2	documentation: Fix missing hosts DNS server	2025-06-06 23:16:07 +08:00
anytls	87bce2de29	Add MinIdleSession option to AnyTLS outbound Co-authored-by: anytls <anytls>	2025-06-06 23:16:06 +08:00
ReleTor	f5020554e4	documentation: Minor fixes	2025-06-06 23:16:06 +08:00
libtry486	31f3623b8a	documentation: Fix typo fix typo Signed-off-by: libtry486 <89328481+libtry486@users.noreply.github.com>	2025-06-06 23:16:05 +08:00
Alireza Ahmadi	bb42657177	Fix Outbound deadlock	2025-06-06 23:16:05 +08:00
世界	f19ff7eca7	documentation: Fix AnyTLS doc	2025-06-06 23:16:05 +08:00
anytls	8e45133f2e	Add AnyTLS protocol	2025-06-06 23:16:04 +08:00
世界	63df88675f	Migrate to stdlib ECH support	2025-06-06 23:16:04 +08:00
世界	0423244298	Add fallback local DNS server for iOS	2025-06-06 23:16:03 +08:00
世界	a5f1af9587	Get darwin local DNS server from libresolv	2025-06-06 23:16:03 +08:00
世界	112817c1a4	Improve resolve action	2025-06-06 23:16:02 +08:00
世界	6e91de51f1	Add back port hopping to hysteria 1	2025-06-06 23:16:02 +08:00
xchacha20-poly1305	efc5c542fb	Remove single quotes of raw Moziila certs	2025-06-06 23:16:02 +08:00
世界	f1b569c7d1	Add Tailscale endpoint	2025-06-06 23:16:02 +08:00
世界	a752197d5e	Build legacy binaries with latest Go	2025-06-06 23:16:01 +08:00
世界	65517d4513	documentation: Remove outdated icons	2025-06-06 23:16:01 +08:00
世界	ccf4fa4d3a	documentation: Certificate store	2025-06-06 23:16:01 +08:00
世界	18dbb823a1	documentation: TLS fragment	2025-06-06 23:16:01 +08:00
世界	4ec058e91a	documentation: Outbound domain resolver	2025-06-06 23:16:01 +08:00
世界	6eed06b2c2	documentation: Refactor DNS	2025-06-06 23:16:00 +08:00
世界	dd209cc9d5	Add certificate store	2025-06-06 23:16:00 +08:00
世界	b0c0a6b07d	Add TLS fragment support	2025-06-06 23:15:59 +08:00
世界	951a8fabbf	refactor: Outbound domain resolver	2025-06-06 23:15:59 +08:00
世界	928298b528	refactor: DNS	2025-06-06 23:15:59 +08:00
世界	5b84fa0137	Fix default network strategy	2025-06-06 14:50:38 +08:00
世界	2bb85ac8a1	Fix slowOpenConn	2025-06-06 14:39:40 +08:00
世界	43a9016c83	Fix leak in hijack-dns	2025-06-06 14:28:09 +08:00