REALITY protocol: Add optional Post-Quantum ML-DSA-65 verification for cert's ExtraExtensions #4915 & TLS client & server: Support ECH #3813
REALITY 抗量子更新第二弹来袭!本次更新为 REALITY 协议加上了可选的、抗量子的 ML-DSA-65 签名验签机制,向后兼容,详情见 #4915 ,注意目标网站证书链总长度需 3500+,VLESS 分享链接标准 #716 已更新 REALITY pqv
该版本修复了 post-handshake records 的日志问题 #4845 、端口范围问题 #4843 ,将启动时探测改为并发并优化了缓存机制 XTLS/REALITY@e62c4ae 、改为用三种 ALPN 进行探测 XTLS/REALITY@05a351a ,已经 cover 绝大多数客户端指纹
时机成熟后,该版本终于合并了 TLS ECH 功能 #3813 ,文档见 XTLS/Xray-docs-next@b9a72a4 ,#716 已更新 TLS ech
该版本还新增了一些功能,比如 @Fangliding 给 DNS 出站的 nonIPQuery 加了 "reject" 以对非 IP 查询回复拒绝包 #4824 ,该版本还含有大量修复,据 @patterniha 称 Serverless-for-Iran-Anti-Sanctions 终于等齐了所有新功能和修复,即将更新
NFT
本次久违地放出了一些 REALITY NFT 和几个 Project X NFT
请支持一个 REALITY NFT:https://opensea.io/assets/ethereum/0x5ee362866001613093361eb8569d59c4141b76d1/2
如果你有余力,请支持一个 Project X NFT:https://opensea.io/assets/ethereum/0x5ee362866001613093361eb8569d59c4141b76d1/1
该版本升级了一些依赖,并使用 Go 1.24.5 编译,已 tag v1.250726.0,感谢所有贡献者,详见下方 change log
What's Changed
- BurstObservatory: add option to set http method for burst check by @Jolymmiles @Fangliding in #4835
- API: Fix issue with inbounduser not finding emails with uppercase letters by @fL1pSt3r in #4818
- DNS: Add new nonIPQuery "reject" by @Fangliding in #4824
- common: fix task leak in timer by @isluckys in #4831
- API: add option to fetch only tags from ListInbounds by @Jolymmiles in #4870
- Bump quic-go to v0.53.0 & update codes by @xDragonZ in #4906
- REALITY server: Three types of ALPN for post-handshake records detection & imitation; Two fixes by @RPRX in 1785178
- README.md: Add AnyPortal to GUI Clients by @AnyPortal in #4902
- VLESS fallbacks:
destdefaults to "127.0.0.1" -> "localhost" by @xqzr in #4840 - Commands: Display Post-Quantum key exchange in
tls pingby @Fangliding in #4857 - Stats API: Return status "not found" instead of "unknown" by @M03ED in #4860
- Workflows: Cleaner Docker builds, support for manual exec and pre-release by @Meo597 in #4809
- DNS outbound: Prevent panic from rejecting invalid domain by @Fangliding in #4903
- REALITY protocol: Add optional Post-Quantum ML-DSA-65 verification for cert's ExtraExtensions by @RPRX in #4915
- Freedom: Cache UDP resolve result by @Fangliding in #4804
- Freedom: Fix UDP reply mismatch-address by @patterniha in #4816
- MUX: Refine and Fix some occasional problems by @patterniha in #4861
- Reverse: portal-worker should not be closed before making sure there is at least one other active worker by @patterniha in #4869
- UDP: Fix removeRay will close a connEntry that not belongs to it by @Fangliding in #4899
- DNS hosts: Support returning RCode by @j2rong4cn in #4681
- README.md: Add Happ to macOS x64 & tvOS Clients by @mangustyura @RPRX in #4921
- README.md: Add GoXRay to macOS & Linux Clients by @garstas @RPRX in #4260
- README.md: Add Project X NFT's image & link by @RPRX in a196a16
- Update github.com/xtls/reality to 20250723121014 by @RPRX in 4433641
- Chore: Three small fixes by @patterniha in #4922
- REALITY config: Allow
mldsa65fields to be empty by @Fangliding in #4924 - REALITY config: Convert mldsa65Seed to its private key later by @RPRX in 31b508d
- README.md: Update Donation & NFTs by @RPRX in 26de589
- REALITY client: Fix log when printing "is using X25519MLKEM768..." by @Fangliding in #4929
- Commands: Output certificate chain's total length in
tls pingby @Fangliding @RPRX in #4933 - Inbounds & Outbounds: TCP KeepAlive better default value by @Fangliding in #4931
- Update github.com/xtls/reality to 20250725142056 by @RPRX in caee152
- UDP: Remove removeRay()'s error log by @Fangliding in #4936
- Workflows: Fix github.ref_name sometimes is empty when building Docker images by @Meo597 in #4937
- UDP listener: Allow listening on "localhost" by @Fangliding in #4940
- Freedom UDP: Fix some cone uses like STUN,... when address is domain by @patterniha in #4942
- REALITY config:
mldsa65SeedandprivateKeycan not be the same value by @RPRX in 5f93ff6 - Commands: Add adu/rmu inbound user management to API by @vrnobody in #4943
- TLS client & server: Support Encrypted Client Hello (ECH) by @Fangliding @yuhan6665 in #3813
New Contributors
- @Jolymmiles made their first contribution in #4835
- @fL1pSt3r made their first contribution in #4818
- @xDragonZ made their first contribution in #4906
- @AnyPortal made their first contribution in #4902
- @M03ED made their first contribution in #4860
- @garstas made their first contribution in #4260
Full Changelog: v25.6.8...v25.7.26