documentation: Bump version

Fix DNS lookup context pollution
Fix http3 DNS server connecting to wrong address
2025-06-13 21:54:13 +08:00 · 2025-03-13 20:58:51 +08:00 · 2025-03-13 20:58:42 +08:00 · 2025-03-13 20:58:42 +08:00 · 2025-03-13 20:58:21 +08:00 · 2025-03-13 20:58:21 +08:00
11 changed files with 21 additions and 95 deletions
--- a/common/dialer/dialer.go
+++ b/common/dialer/dialer.go
@ -103,14 +103,9 @@ func NewWithOptions(options Options) (N.Dialer, error) {
 			resolveFallbackDelay = time.Duration(dialOptions.FallbackDelay)
 		} else if options.NewDialer {
 			return nil, E.New("missing domain resolver for domain server address")
 		} else {
 			transports := dnsTransport.Transports()
 			if len(transports) < 2 {
 				dnsQueryOptions.Transport = dnsTransport.Default()
 		} else {
 			deprecated.Report(options.Context, deprecated.OptionMissingDomainResolver)
 		}
 		}
 		dialer = NewResolveDialer(
 			options.Context,
 			dialer,
--- a/docs/changelog.md
+++ b/docs/changelog.md
@ -2,17 +2,10 @@
 icon: material/alert-decagram
 ---
-#### 1.12.0-alpha.16
+#### 1.12.0-alpha.15
 * Update `domain_resolver` behavior **1**
 * Fixes and improvements
 **1**:
 `route.default_domain_resolver` or `outbound.domain_resolver` is now optional when only one DNS server is configured.
 See [Dial Fields](/configuration/shared/dial/#domain_resolver).
 ### 1.11.5
 * Fixes and improvements
--- a/docs/configuration/shared/dial.md
+++ b/docs/configuration/shared/dial.md
@ -106,10 +106,6 @@ Valid time units are "ns", "us" (or "µs"), "ms", "s", "m", "h".
    `outbound` DNS rule items are deprecated and will be removed in sing-box 1.14.0, so this item will be required for outbound/endpoints using domain name in server address since sing-box 1.14.0.
 !!! info ""
    `domain_resolver` or `route.default_domain_resolver` is optional when only one DNS server is configured.
 Set domain resolver to use for resolving domain names.
 This option uses the same format as the [route DNS rule action](/configuration/dns/rule_action/#route) without the `action` field.
--- a/docs/configuration/shared/dial.zh.md
+++ b/docs/configuration/shared/dial.zh.md
@ -105,10 +105,6 @@ icon: material/new-box
    `outbound` DNS 规则项已弃用，且将在 sing-box 1.14.0 中被移除。因此，从 sing-box 1.14.0 版本开始，所有在服务器地址中使用域名的出站/端点均需配置此项。
 !!! info ""
    当只有一个 DNS 服务器已配置时，`domain_resolver` 或 `route.default_domain_resolver` 是可选的。 
 用于设置解析域名的域名解析器。
 此选项的格式与 [路由 DNS 规则动作](/configuration/dns/rule_action/#route) 相同，但不包含 `action` 字段。  
--- a/log/id.go
+++ b/log/id.go
@ -20,16 +20,12 @@ type ID struct {
 }
 func ContextWithNewID(ctx context.Context) context.Context {
-	return ContextWithID(ctx, ID{
+	return context.WithValue(ctx, (*idKey)(nil), ID{
 		ID:        rand.Uint32(),
 		CreatedAt: time.Now(),
 	})
 }
 func ContextWithID(ctx context.Context, id ID) context.Context {
 	return context.WithValue(ctx, (*idKey)(nil), id)
 }
 func IDFromContext(ctx context.Context) (ID, bool) {
 	id, loaded := ctx.Value((*idKey)(nil)).(ID)
 	return id, loaded
--- a/option/outbound.go
+++ b/option/outbound.go
@ -116,14 +116,7 @@ func (o *DomainResolveOptions) UnmarshalJSON(bytes []byte) error {
 		o.Server = stringValue
 		return nil
 	}
-	err = json.Unmarshal(bytes, (*_DomainResolveOptions)(o))
+	return json.Unmarshal(bytes, (*_DomainResolveOptions)(o))
 	if err != nil {
 		return err
 	}
 	if o.Server == "" {
 		return E.New("empty domain_resolver.server")
 	}
 	return nil
 }
 func (o *DialerOptions) TakeDialerOptions() DialerOptions {
--- a/route/conn.go
+++ b/route/conn.go
@ -5,7 +5,6 @@ import (
 	"io"
 	"net"
 	"net/netip"
 	"os"
 	"sync"
 	"sync/atomic"
 	"time"
@ -15,7 +14,6 @@ import (
 	"github.com/sagernet/sing-box/common/tlsfragment"
 	C "github.com/sagernet/sing-box/constant"
 	"github.com/sagernet/sing/common"
 	"github.com/sagernet/sing/common/buf"
 	"github.com/sagernet/sing/common/bufio"
 	"github.com/sagernet/sing/common/canceler"
 	E "github.com/sagernet/sing/common/exceptions"
@ -208,16 +206,14 @@ func (m *ConnectionManager) NewPacketConnection(ctx context.Context, this N.Dial
 	go m.packetConnectionCopy(ctx, destination, conn, true, &done, onClose)
 }
-func (m *ConnectionManager) connectionCopy(ctx context.Context, source net.Conn, destination net.Conn, direction bool, done *atomic.Bool, onClose N.CloseHandlerFunc) {
+func (m *ConnectionManager) connectionCopy(ctx context.Context, source io.Reader, destination io.Writer, direction bool, done *atomic.Bool, onClose N.CloseHandlerFunc) {
-	var (
+	originSource := source
-		sourceReader      io.Reader = source
+	originDestination := destination
 		destinationWriter io.Writer = destination
 	)
 	var readCounters, writeCounters []N.CountFunc
 	for {
-		sourceReader, readCounters = N.UnwrapCountReader(sourceReader, readCounters)
+		source, readCounters = N.UnwrapCountReader(source, readCounters)
-		destinationWriter, writeCounters = N.UnwrapCountWriter(destinationWriter, writeCounters)
+		destination, writeCounters = N.UnwrapCountWriter(destination, writeCounters)
-		if cachedSrc, isCached := sourceReader.(N.CachedReader); isCached {
+		if cachedSrc, isCached := source.(N.CachedReader); isCached {
 			cachedBuffer := cachedSrc.ReadCached()
 			if cachedBuffer != nil {
 				dataLen := cachedBuffer.Len()
@ -227,7 +223,7 @@ func (m *ConnectionManager) connectionCopy(ctx context.Context, source net.Conn,
 					if done.Swap(true) {
 						onClose(err)
 					}
-					common.Close(source, destination)
+					common.Close(originSource, originDestination)
 					if !direction {
 						m.logger.ErrorContext(ctx, "connection upload payload: ", err)
 					} else {
@ -246,13 +242,9 @@ func (m *ConnectionManager) connectionCopy(ctx context.Context, source net.Conn,
 		}
 		break
 	}
-	if earlyConn, isEarlyConn := common.Cast[N.EarlyConn](destinationWriter); isEarlyConn && earlyConn.NeedHandshake() {
+	if earlyConn, isEarlyConn := common.Cast[N.EarlyConn](destination); isEarlyConn && earlyConn.NeedHandshake() {
-		err := m.connectionCopyEarly(source, destination)
+		_, err := destination.Write(nil)
 		if err != nil {
 			if done.Swap(true) {
 				onClose(err)
 			}
 			common.Close(source, destination)
 			if !direction {
 				m.logger.ErrorContext(ctx, "connection upload handshake: ", err)
 			} else {
@ -261,20 +253,20 @@ func (m *ConnectionManager) connectionCopy(ctx context.Context, source net.Conn,
 			return
 		}
 	}
-	_, err := bufio.CopyWithCounters(destination, sourceReader, source, readCounters, writeCounters)
+	_, err := bufio.CopyWithCounters(destination, source, originSource, readCounters, writeCounters)
 	if err != nil {
-		common.Close(source, destination)
+		common.Close(originDestination)
 	} else if duplexDst, isDuplex := destination.(N.WriteCloser); isDuplex {
 		err = duplexDst.CloseWrite()
 		if err != nil {
-			common.Close(source, destination)
+			common.Close(originSource, originDestination)
 		}
 	} else {
-		destination.Close()
+		common.Close(originDestination)
 	}
 	if done.Swap(true) {
 		onClose(err)
-		common.Close(source, destination)
+		common.Close(originSource, originDestination)
 	}
 	if !direction {
 		if err == nil {
@ -295,28 +287,6 @@ func (m *ConnectionManager) connectionCopy(ctx context.Context, source net.Conn,
 	}
 }
 func (m *ConnectionManager) connectionCopyEarly(source net.Conn, destination io.Writer) error {
 	payload := buf.NewPacket()
 	defer payload.Release()
 	err := source.SetReadDeadline(time.Now().Add(C.ReadPayloadTimeout))
 	if err != nil {
 		if err == os.ErrInvalid {
 			return common.Error(destination.Write(nil))
 		}
 		return err
 	}
 	_, err = payload.ReadOnceFrom(source)
 	if err != nil && !E.IsTimeout(err) {
 		return E.Cause(err, "read payload")
 	}
 	_ = source.SetReadDeadline(time.Time{})
 	_, err = destination.Write(payload.Bytes())
 	if err != nil {
 		return E.Cause(err, "write payload")
 	}
 	return nil
 }
 func (m *ConnectionManager) packetConnectionCopy(ctx context.Context, source N.PacketReader, destination N.PacketWriter, direction bool, done *atomic.Bool, onClose N.CloseHandlerFunc) {
 	_, err := bufio.CopyPacket(destination, source)
 	if !direction {
--- a/transport/v2rayhttp/conn.go
+++ b/transport/v2rayhttp/conn.go
@ -2,7 +2,6 @@ package v2rayhttp
 import (
 	std_bufio "bufio"
 	"context"
 	"io"
 	"net"
 	"net/http"
@ -11,7 +10,6 @@ import (
 	"sync"
 	"time"
 	"github.com/sagernet/sing-box/log"
 	"github.com/sagernet/sing/common"
 	"github.com/sagernet/sing/common/baderror"
 	"github.com/sagernet/sing/common/buf"
@ -257,11 +255,3 @@ func (w *HTTP2ConnWrapper) Close() error {
 func (w *HTTP2ConnWrapper) Upstream() any {
 	return w.ExtendedConn
 }
 func DupContext(ctx context.Context) context.Context {
 	id, loaded := log.IDFromContext(ctx)
 	if !loaded {
 		return context.Background()
 	}
 	return log.ContextWithID(context.Background(), id)
 }
--- a/transport/v2rayhttp/server.go
+++ b/transport/v2rayhttp/server.go
@ -132,7 +132,7 @@ func (s *Server) ServeHTTP(writer http.ResponseWriter, request *http.Request) {
 		if requestBody != nil {
 			conn = bufio.NewCachedConn(conn, requestBody)
 		}
-		s.handler.NewConnectionEx(DupContext(request.Context()), conn, source, M.Socksaddr{}, nil)
+		s.handler.NewConnectionEx(request.Context(), conn, source, M.Socksaddr{}, nil)
 	} else {
 		writer.WriteHeader(http.StatusOK)
 		done := make(chan struct{})
--- a/transport/v2rayhttpupgrade/server.go
+++ b/transport/v2rayhttpupgrade/server.go
@ -12,7 +12,6 @@ import (
 	C "github.com/sagernet/sing-box/constant"
 	"github.com/sagernet/sing-box/log"
 	"github.com/sagernet/sing-box/option"
 	"github.com/sagernet/sing-box/transport/v2rayhttp"
 	"github.com/sagernet/sing/common"
 	E "github.com/sagernet/sing/common/exceptions"
 	"github.com/sagernet/sing/common/logger"
@ -38,7 +37,6 @@ type Server struct {
 func NewServer(ctx context.Context, logger logger.ContextLogger, options option.V2RayHTTPUpgradeOptions, tlsConfig tls.ServerConfig, handler adapter.V2RayServerTransportHandler) (*Server, error) {
 	server := &Server{
 		ctx:       ctx,
 		logger:    logger,
 		tlsConfig: tlsConfig,
 		handler:   handler,
 		host:      options.Host,
@ -112,7 +110,7 @@ func (s *Server) ServeHTTP(writer http.ResponseWriter, request *http.Request) {
 		s.invalidRequest(writer, request, http.StatusInternalServerError, E.Cause(err, "hijack failed"))
 		return
 	}
-	s.handler.NewConnectionEx(v2rayhttp.DupContext(request.Context()), conn, sHttp.SourceAddress(request), M.Socksaddr{}, nil)
+	s.handler.NewConnectionEx(request.Context(), conn, sHttp.SourceAddress(request), M.Socksaddr{}, nil)
 }
 func (s *Server) invalidRequest(writer http.ResponseWriter, request *http.Request, statusCode int, err error) {
--- a/transport/v2raywebsocket/server.go
+++ b/transport/v2raywebsocket/server.go
@ -13,7 +13,6 @@ import (
 	C "github.com/sagernet/sing-box/constant"
 	"github.com/sagernet/sing-box/log"
 	"github.com/sagernet/sing-box/option"
 	"github.com/sagernet/sing-box/transport/v2rayhttp"
 	"github.com/sagernet/sing/common"
 	"github.com/sagernet/sing/common/buf"
 	"github.com/sagernet/sing/common/bufio"
@ -115,7 +114,7 @@ func (s *Server) ServeHTTP(writer http.ResponseWriter, request *http.Request) {
 	if len(earlyData) > 0 {
 		conn = bufio.NewCachedConn(conn, buf.As(earlyData))
 	}
-	s.handler.NewConnectionEx(v2rayhttp.DupContext(request.Context()), conn, source, M.Socksaddr{}, nil)
+	s.handler.NewConnectionEx(request.Context(), conn, source, M.Socksaddr{}, nil)
 }
 func (s *Server) invalidRequest(writer http.ResponseWriter, request *http.Request, statusCode int, err error) {
Author	SHA1	Message	Date
世界	32c43a8f87	documentation: Bump version	2025-03-13 20:58:51 +08:00
世界	c0ecfedce6	Fix DNS lookup context pollution	2025-03-13 20:58:42 +08:00
世界	0595567594	Fix http3 DNS server connecting to wrong address	2025-03-13 20:58:42 +08:00
Restia-Ashbell	2dbadb8789	documentation: Fix typo	2025-03-13 20:58:21 +08:00
anytls	f5429fdf31	Update sing-anytls Co-authored-by: anytls <anytls>	2025-03-13 20:58:21 +08:00
k9982874	7843b7473d	Fix hosts DNS server	2025-03-13 20:58:21 +08:00
世界	1d7bf3cbf8	Fix UDP DNS server crash	2025-03-13 20:58:20 +08:00
世界	06321ec655	documentation: Fix missing `ip_accept_any` DNS rule option	2025-03-13 20:58:20 +08:00
世界	4e202f8ed7	Fix anytls dialer usage	2025-03-13 20:58:20 +08:00
世界	8fa4dfce91	Move predefined DNS server to rule action	2025-03-13 20:58:19 +08:00
世界	ce0036ae56	Fix domain resolver on direct outbound	2025-03-13 20:58:19 +08:00
Zephyruso	5c85409eb8	Fix missing AnyTLS display name	2025-03-13 20:58:19 +08:00
anytls	0bb55be50f	Update sing-anytls Co-authored-by: anytls <anytls>	2025-03-13 20:58:19 +08:00
Estel	99776a199e	documentation: Fix typo Signed-off-by: Estel <callmebedrockdigger@gmail.com>	2025-03-13 20:58:18 +08:00
TargetLocked	ec0902623c	Fix parsing legacy DNS options	2025-03-13 20:58:18 +08:00
世界	97e99daeef	Fix DNS fallback	2025-03-13 20:58:18 +08:00
世界	d11143ead8	documentation: Fix missing hosts DNS server	2025-03-13 20:58:17 +08:00
anytls	5a1ca90c70	Add MinIdleSession option to AnyTLS outbound Co-authored-by: anytls <anytls>	2025-03-13 20:58:17 +08:00
ReleTor	bf70b096bf	documentation: Minor fixes	2025-03-13 20:58:17 +08:00
libtry486	46c8bafae5	documentation: Fix typo fix typo Signed-off-by: libtry486 <89328481+libtry486@users.noreply.github.com>	2025-03-13 20:58:17 +08:00
Alireza Ahmadi	ee8cd25b31	Fix Outbound deadlock	2025-03-13 20:58:17 +08:00
世界	587a74311b	documentation: Fix AnyTLS doc	2025-03-13 20:58:16 +08:00
anytls	0c5e5f7ab8	Add AnyTLS protocol	2025-03-13 20:58:16 +08:00
世界	1908dd0672	Migrate to stdlib ECH support	2025-03-13 20:58:15 +08:00
世界	6e5bddccaa	Add fallback local DNS server for iOS	2025-03-13 20:58:15 +08:00
世界	b646949449	Get darwin local DNS server from libresolv	2025-03-13 20:58:15 +08:00
世界	db973cf246	Improve resolve action	2025-03-13 20:58:08 +08:00
世界	6e06ce55ab	Fix toolchain version	2025-03-13 20:58:07 +08:00
世界	6b29c2e8e3	Add back port hopping to hysteria 1	2025-03-13 20:58:07 +08:00
世界	ba0cf49ae3	Update dependencies	2025-03-13 20:58:07 +08:00
xchacha20-poly1305	46c743cdee	Remove single quotes of raw Moziila certs	2025-03-13 20:58:06 +08:00
世界	7dc1d66857	Add Tailscale endpoint	2025-03-13 20:58:06 +08:00
世界	1b1f3a12b2	Build legacy binaries with latest Go	2025-03-13 20:58:05 +08:00
世界	0eee4abdad	documentation: Remove outdated icons	2025-03-13 20:58:05 +08:00
世界	cfcf77bb4f	documentation: Certificate store	2025-03-13 20:58:05 +08:00
世界	7a1f014094	documentation: TLS fragment	2025-03-13 20:58:04 +08:00
世界	45d785c256	documentation: Outbound domain resolver	2025-03-13 20:58:04 +08:00
世界	ab01bbf79e	documentation: Refactor DNS	2025-03-13 20:57:57 +08:00
世界	d6825fa358	Add certificate store	2025-03-13 20:57:56 +08:00
世界	9d6cee976e	Add TLS fragment support	2025-03-13 20:57:56 +08:00
世界	476552eeb4	refactor: Outbound domain resolver	2025-03-13 20:57:56 +08:00
世界	f81518ea82	refactor: DNS	2025-03-13 20:57:55 +08:00