diff --git a/debug_http.go b/debug_http.go index 09f015e7..df356c2e 100644 --- a/debug_http.go +++ b/debug_http.go @@ -5,6 +5,7 @@ import ( "net/http/pprof" "runtime" "runtime/debug" + "strings" "github.com/sagernet/sing-box/common/humanize" "github.com/sagernet/sing-box/log" @@ -47,12 +48,20 @@ func applyDebugListenOption(options option.DebugOptions) { encoder.SetIndent("", " ") encoder.Encode(memObject) }) - r.HandleFunc("/pprof", pprof.Index) - r.HandleFunc("/pprof/*", pprof.Index) - r.HandleFunc("/pprof/cmdline", pprof.Cmdline) - r.HandleFunc("/pprof/profile", pprof.Profile) - r.HandleFunc("/pprof/symbol", pprof.Symbol) - r.HandleFunc("/pprof/trace", pprof.Trace) + r.Route("/pprof", func(r chi.Router) { + r.HandleFunc("/", func(writer http.ResponseWriter, request *http.Request) { + if !strings.HasSuffix(request.URL.Path, "/") { + http.Redirect(writer, request, request.URL.Path+"/", http.StatusMovedPermanently) + } else { + pprof.Index(writer, request) + } + }) + r.HandleFunc("/*", pprof.Index) + r.HandleFunc("/cmdline", pprof.Cmdline) + r.HandleFunc("/profile", pprof.Profile) + r.HandleFunc("/symbol", pprof.Symbol) + r.HandleFunc("/trace", pprof.Trace) + }) }) debugHTTPServer = &http.Server{ Addr: options.Listen, diff --git a/debug_stub.go b/debug_stub.go index ea7e2c0b..a8988c20 100644 --- a/debug_stub.go +++ b/debug_stub.go @@ -1,4 +1,4 @@ -//go:build !linux +//go:build !(linux || darwin) package box diff --git a/debug_linux.go b/debug_unix.go similarity index 93% rename from debug_linux.go rename to debug_unix.go index 3296bdec..3be097e9 100644 --- a/debug_linux.go +++ b/debug_unix.go @@ -1,3 +1,5 @@ +//go:build linux || darwin + package box import ( diff --git a/docs/configuration/shared/tls.md b/docs/configuration/shared/tls.md index 20a3abf8..a5c7bec4 100644 --- a/docs/configuration/shared/tls.md +++ b/docs/configuration/shared/tls.md @@ -173,10 +173,9 @@ By default, the maximum version is currently TLS 1.3. #### cipher_suites -The elliptic curves that will be used in an ECDHE handshake, in preference order. +A list of enabled TLS 1.0–1.2 cipher suites. The order of the list is ignored. Note that TLS 1.3 cipher suites are not configurable. -If empty, the default will be used. The client will use the first preference as the type for its key share in TLS 1.3. -This may change in the future. +If empty, a safe default list is used. The default cipher suites might change over time. #### certificate diff --git a/docs/configuration/shared/tls.zh.md b/docs/configuration/shared/tls.zh.md index 1af7b014..5a75945d 100644 --- a/docs/configuration/shared/tls.zh.md +++ b/docs/configuration/shared/tls.zh.md @@ -170,12 +170,9 @@ TLS 版本值: #### cipher_suites -将在 ECDHE 握手中使用的椭圆曲线,按优先顺序排列。 +启用的 TLS 1.0-1.2密码套件的列表。列表的顺序被忽略。请注意,TLS 1.3 的密码套件是不可配置的。 -如果为空,将使用默认值。 - -客户端将使用第一个首选项作为其在 TLS 1.3 中的密钥共享类型。 -这在未来可能会改变。 +如果为空,则使用安全的默认列表。默认密码套件可能会随着时间的推移而改变。 #### certificate