source/shadowsocks-rust
1
0
Fork 0
mirror of https://github.com/shadowsocks/shadowsocks-rust.git synced 2026-02-09 01:59:16 +08:00
Code Issues Packages Projects Releases Wiki Activity
3,080 Commits 17 Branches 171 Tags
5d491bc2c17a47e5a75ca1422d52eb50ba0eaf0b
Commit Graph

3080 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Artem D.
5d491bc2c1 feat: add selinux module (#1995) 
This policy provides several security improvements over running shadowsocks as `unconfined_service_t`:

- **Principle of least privilege**: Only grants necessary permissions
- **Network isolation**: Controls which ports and connections are allowed
- **File system protection**: Restricts file access to configuration and required system files
- **Process isolation**: Runs in a dedicated SELinux domain
- **Audit trail**: All access attempts are logged for security monitoring
 2025-08-06 10:26:51 +08:00
Aaron Chen
4f4d4a8bc9 chore: add sha512 to pin third-party musl-cross files (#1998) 2025-08-06 10:21:52 +08:00
renovate[bot]
466cb35bb5 fix(deps): update rust crate etherparse to 0.19 2025-08-04 20:56:45 +00:00
renovate[bot]
6655776a0c fix(deps): update rust crate tokio to v1.47.1 2025-08-04 16:38:59 +00:00
renovate[bot]
32efef3d57 fix(deps): update rust crate serde_json to v1.0.142 2025-08-04 08:19:14 +00:00
Aaron Chen
71ee9562dc fix(docker): replace musl.cc (#1996) 2025-08-04 16:16:53 +08:00
renovate[bot]
de2651b041 fix(deps): update rust crate clap to v4.5.42 2025-07-30 05:41:07 +00:00
renovate[bot]
83286640e9 fix(deps): update rust crate etherparse to v0.18.2 2025-07-28 22:49:13 +00:00
renovate[bot]
d70608a1ea fix(deps): update rust crate sysexits to v0.9.1 2025-07-28 09:37:52 +00:00
renovate[bot]
b156c7c594 fix(deps): update rust crate etherparse to v0.18.1 2025-07-27 14:29:55 +00:00
renovate[bot]
d18fcd132a fix(deps): update rust crate tokio to v1.47.0 2025-07-26 16:32:54 +00:00
renovate[bot]
b6204b1858 fix(deps): update rust crate rand to v0.9.2 2025-07-20 20:30:36 +00:00
renovate[bot]
a45ff84f4c fix(deps): update rust crate serde_json to v1.0.141 2025-07-18 19:46:18 +00:00
renovate[bot]
84e6ce6760 fix(deps): update rust crate webpki-roots to v1.0.2 2025-07-18 15:02:20 +00:00
renovate[bot]
3f73bccfe3 fix(deps): update rust crate dynosaur to 0.3.0 (#1987) 
* fix(deps): update rust crate dynosaur to 0.3.0

* fix(shadowsocks): compatible with dynosaur 0.3

---------

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: ty <zonyitoo@gmail.com>
 2025-07-17 12:25:36 +08:00
renovate[bot]
c6ca044d14 fix(deps): update rust crate clap to v4.5.41 2025-07-10 03:40:56 +00:00
renovate[bot]
11c7ac206f fix(deps): update rust crate tokio-tfo to 0.4 2025-07-05 18:05:21 +00:00
renovate[bot]
fa9aad3bbd fix(deps): update rust crate socket2 to 0.6 (#1984) 
* fix(deps): update rust crate socket2 to 0.6

* fix: socket2 0.6 compatible

---------

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: zonyitoo <zonyitoo@gmail.com>
 2025-07-06 02:04:09 +08:00
zonyitoo
c1def63247 chore(shadowsocks-service): CI test for shadowsocks-service (#1982) 2025-07-06 00:14:25 +08:00
zonyitoo
c5552d22d5 chore(shadowsocks-service): release v1.23.6 2025-07-05 11:35:51 +08:00
zonyitoo
87a0619e76 feat(shadowsocks-service): Better coding style with cfg_if (#1982) 2025-07-05 11:35:26 +08:00
Hanabishi
84bb832110 fix(shadowsocks-service): fix compilation without aead-cipher (#1983) 2025-07-05 11:32:15 +08:00
renovate[bot]
38e5a1ffbc fix(deps): update rust crate tokio to v1.46.1 2025-07-04 20:00:30 +00:00
zonyitoo
8f9419efa5 chore: release v1.23.5 v1.23.5 2025-07-04 22:57:36 +08:00
renovate[bot]
a4845481a0 fix(deps): update rust crate notify to v8.1.0 2025-07-03 12:31:37 +00:00
renovate[bot]
8b4ee3ccb8 fix(deps): update rust crate tokio to v1.46.0 2025-07-02 12:07:45 +00:00
renovate[bot]
ec6cfc16bf fix(deps): update rust crate tun to v0.8.3 2025-07-02 06:10:20 +00:00
renovate[bot]
161af884d4 fix(deps): update rust crate reqwest to v0.12.22 2025-07-01 20:32:54 +00:00
renovate[bot]
fa3843ab62 fix(deps): update rust crate reqwest to v0.12.21 2025-06-30 22:29:00 +00:00
zonyitoo
636d9c5f50 feat: impls AsSocket, AsRawSocket for UdpSocket 2025-07-01 01:28:23 +08:00
Aaron Chen
393e09ce12 chore: allow clippy::uninlined_format_args (#1981) 2025-06-28 23:08:36 +08:00
zonyitoo
277f370e6b chore: update indirect dependencies 2025-06-22 02:58:58 +08:00
zonyitoo
c0bd03ad63 feat(shadowsocks): making android::SocketProtect sealed (#1974) 2025-06-22 02:47:37 +08:00
ty
01337d349c fix(shadowsocks-service): removed any default features for shadowsocks-service (#1968) 2025-06-20 10:53:41 +08:00
renovate[bot]
50fdbef2be fix(deps): update rust crate webpki-roots to v1.0.1 2025-06-19 23:14:02 +00:00
zonyitoo
12c4ff2593 feat: add MakeSocketProtect and docs, reformatted 2025-06-19 00:33:20 +08:00
Zhang San
1fff8e64ae Allow user to pass SocketProtectFn for android (#1974) 
* add vpn socket protect fn for android

Signed-off-by: San Zhang <sanzhang@mail.com>

* add SocketProtect trait

Signed-off-by: San Zhang <sanzhang@mail.com>

* fix an error

Signed-off-by: San Zhang <sanzhang@mail.com>

* Add missing trait

Signed-off-by: San Zhang <sanzhang@mail.com>

* Add new impl for SocketProtect

Signed-off-by: San Zhang <sanzhang@mail.com>

* Add missing trait

Signed-off-by: San Zhang <sanzhang@mail.com>

* Add missing fn

Signed-off-by: San Zhang <sanzhang@mail.com>

* Some change

Signed-off-by: San Zhang <sanzhang@mail.com>

* Rename to call

Signed-off-by: San Zhang <sanzhang@mail.com>

* Make some change

Signed-off-by: San Zhang <sanzhang@mail.com>

---------

Signed-off-by: San Zhang <sanzhang@mail.com>
 2025-06-18 23:45:30 +08:00
Aaron Chen
73748e7995 fix: make hickory-dns truly optional (#1968) 2025-06-18 10:11:18 +08:00
renovate[bot]
7afd020198 fix(deps): update rust crate libc to v0.2.174 2025-06-17 19:13:13 +00:00
ty
49d00ce100 chore: FALSE could be found in Win32::Foundation 2025-06-17 14:07:14 +08:00
renovate[bot]
16dda13859 fix(deps): update rust crate windows-sys to 0.60 (#1973) 
* fix(deps): update rust crate windows-sys to 0.60

* fix: windows-sys 0.60 BOOL moved to core

---------

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: ty <zonyitoo@gmail.com>
 2025-06-17 14:02:03 +08:00
renovate[bot]
57b136a0be fix(deps): update rust crate mimalloc to v0.1.47 2025-06-16 17:11:29 +00:00
Zhang San
3a31fa6959 feat: impl AsRawFd and AsFd for UdpSocket (#1971) 
Signed-off-by: San Zhang <sanzhang@mail.com>
 2025-06-16 18:35:28 +08:00
renovate[bot]
68ce97d492 fix(deps): update rust crate tun to v0.8.2 2025-06-15 09:07:55 +00:00
renovate[bot]
fa543e0bbe fix(deps): update rust crate libc to v0.2.173 2025-06-15 08:05:46 +00:00
ty
5eb032ed5f fix(shadowsocks-service): removed unused functions 2025-06-12 12:14:05 +08:00
ty
86d68d4607 fix(shadowsocks-service): ACL host rule clearify 2025-06-12 12:13:01 +08:00
ty
e1bd1e8e08 chore: README fixes mode, adds outbound_allow_* 2025-06-12 10:17:25 +08:00
ty
c0361e6522 fix(shadowsocks-service): ACL host rule resolved IP check return if matched 2025-06-12 10:10:09 +08:00
zonyitoo
ea5e3a514f feat(shadowsocks-service): ACL support outbound_allow_list 
- [outbound_allow_all] BlackList mode, allow all outbound addresses by
  default
- [outbound_block_all] WhiteList mode, blocked all outbound addresses by
  default
- [outbound_block_list] Addresses in this list will be blocked
- [outbound_allow_list] Addresses in this list will be allowed

fixes #1967

Breaking Changes:

- ACL IP rules now checking both allow_list and block_list
- Hostnames, IPs that didn't match any rules will fallback to default
  mode
 2025-06-12 00:19:48 +08:00