From c714b59c878436d2712bd08f2292aea8fcf2bbcd Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E4=B8=96=E7=95=8C?= Date: Wed, 17 Sep 2025 17:49:58 +0800 Subject: [PATCH] Do not use linkname by default to simplify debugging --- .github/workflows/build.yml | 2 +- .github/workflows/linux.yml | 2 +- Dockerfile | 2 +- Makefile | 2 +- cmd/internal/build_libbox/main.go | 4 +--- common/badtls/raw_conn.go | 2 +- common/badtls/raw_half_conn.go | 2 +- common/badtls/read_wait.go | 2 +- common/badtls/read_wait_stub.go | 2 +- common/badtls/registry.go | 2 +- common/badtls/registry_utls.go | 2 +- common/ktls/ktls.go | 2 +- common/ktls/ktls_alert.go | 2 +- common/ktls/ktls_cipher_suites_linux.go | 2 +- common/ktls/ktls_close.go | 2 +- common/ktls/ktls_const.go | 2 +- common/ktls/ktls_handshake_messages.go | 2 +- common/ktls/ktls_key_update.go | 2 +- common/ktls/ktls_linux.go | 2 +- common/ktls/ktls_prf.go | 2 +- common/ktls/ktls_read.go | 2 +- common/ktls/ktls_read_wait.go | 2 +- common/ktls/ktls_stub_nolinkname.go | 15 +++++++++++++++ .../ktls/{ktls_stub.go => ktls_stub_nonlinux.go} | 6 +++--- common/ktls/ktls_stub_oldgo.go | 15 +++++++++++++++ common/ktls/ktls_write.go | 2 +- release/local/debug.sh | 2 +- release/local/install.sh | 2 +- release/local/reinstall.sh | 2 +- 29 files changed, 59 insertions(+), 31 deletions(-) create mode 100644 common/ktls/ktls_stub_nolinkname.go rename common/ktls/{ktls_stub.go => ktls_stub_nonlinux.go} (67%) create mode 100644 common/ktls/ktls_stub_oldgo.go diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 64be0d875..ec9d9f1af 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -146,7 +146,7 @@ jobs: - name: Set build tags run: | set -xeuo pipefail - TAGS='with_gvisor,with_quic,with_dhcp,with_wireguard,with_utls,with_acme,with_clash_api,with_tailscale' + TAGS='with_gvisor,with_quic,with_dhcp,with_wireguard,with_utls,with_acme,with_clash_api,with_tailscale,badlinkname' echo "BUILD_TAGS=${TAGS}" >> "${GITHUB_ENV}" - name: Build if: matrix.os != 'android' diff --git a/.github/workflows/linux.yml b/.github/workflows/linux.yml index c56044d7c..a1c0e6105 100644 --- a/.github/workflows/linux.yml +++ b/.github/workflows/linux.yml @@ -85,7 +85,7 @@ jobs: - name: Set build tags run: | set -xeuo pipefail - TAGS='with_gvisor,with_quic,with_dhcp,with_wireguard,with_utls,with_acme,with_clash_api,with_tailscale' + TAGS='with_gvisor,with_quic,with_dhcp,with_wireguard,with_utls,with_acme,with_clash_api,with_tailscale,badlinkname' echo "BUILD_TAGS=${TAGS}" >> "${GITHUB_ENV}" - name: Build run: | diff --git a/Dockerfile b/Dockerfile index 1c8dbec9f..4bfd61d05 100644 --- a/Dockerfile +++ b/Dockerfile @@ -13,7 +13,7 @@ RUN set -ex \ && export COMMIT=$(git rev-parse --short HEAD) \ && export VERSION=$(go run ./cmd/internal/read_tag) \ && go build -v -trimpath -tags \ - "with_gvisor,with_quic,with_dhcp,with_wireguard,with_utls,with_acme,with_clash_api,with_tailscale" \ + "with_gvisor,with_quic,with_dhcp,with_wireguard,with_utls,with_acme,with_clash_api,with_tailscale,badlinkname" \ -o /go/bin/sing-box \ -ldflags "-X \"github.com/sagernet/sing-box/constant.Version=$VERSION\" -s -w -buildid= -checklinkname=0" \ ./cmd/sing-box diff --git a/Makefile b/Makefile index ca7047c33..f0b19bee3 100644 --- a/Makefile +++ b/Makefile @@ -1,6 +1,6 @@ NAME = sing-box COMMIT = $(shell git rev-parse --short HEAD) -TAGS ?= with_gvisor,with_quic,with_dhcp,with_wireguard,with_utls,with_acme,with_clash_api,with_tailscale +TAGS ?= with_gvisor,with_quic,with_dhcp,with_wireguard,with_utls,with_acme,with_clash_api,with_tailscale,badlinkname GOHOSTOS = $(shell go env GOHOSTOS) GOHOSTARCH = $(shell go env GOHOSTARCH) diff --git a/cmd/internal/build_libbox/main.go b/cmd/internal/build_libbox/main.go index 483bebedf..974769d98 100644 --- a/cmd/internal/build_libbox/main.go +++ b/cmd/internal/build_libbox/main.go @@ -62,7 +62,7 @@ func init() { sharedFlags = append(sharedFlags, "-ldflags", "-X github.com/sagernet/sing-box/constant.Version="+currentTag+" -s -w -buildid= -checklinkname=0") debugFlags = append(debugFlags, "-ldflags", "-X github.com/sagernet/sing-box/constant.Version="+currentTag+" -checklinkname=0") - sharedTags = append(sharedTags, "with_gvisor", "with_quic", "with_wireguard", "with_utls", "with_clash_api", "with_conntrack") + sharedTags = append(sharedTags, "with_gvisor", "with_quic", "with_wireguard", "with_utls", "with_clash_api", "with_conntrack", "badlinkname") macOSTags = append(macOSTags, "with_dhcp") memcTags = append(memcTags, "with_tailscale") notMemcTags = append(notMemcTags, "with_low_memory") @@ -107,10 +107,8 @@ func buildAndroid() { } if !debugEnabled { - // sharedFlags[3] = sharedFlags[3] + " -checklinkname=0" args = append(args, sharedFlags...) } else { - // debugFlags[1] = debugFlags[1] + " -checklinkname=0" args = append(args, debugFlags...) } diff --git a/common/badtls/raw_conn.go b/common/badtls/raw_conn.go index 1029d66bf..774e39a58 100644 --- a/common/badtls/raw_conn.go +++ b/common/badtls/raw_conn.go @@ -1,4 +1,4 @@ -//go:build go1.25 && !without_badtls +//go:build go1.25 && badlinkname package badtls diff --git a/common/badtls/raw_half_conn.go b/common/badtls/raw_half_conn.go index dd5e249e8..4d2c8b64a 100644 --- a/common/badtls/raw_half_conn.go +++ b/common/badtls/raw_half_conn.go @@ -1,4 +1,4 @@ -//go:build go1.25 && !without_badtls +//go:build go1.25 && badlinkname package badtls diff --git a/common/badtls/read_wait.go b/common/badtls/read_wait.go index d18b4c0e2..8448b1a24 100644 --- a/common/badtls/read_wait.go +++ b/common/badtls/read_wait.go @@ -1,4 +1,4 @@ -//go:build go1.25 && !without_badtls +//go:build go1.25 && badlinkname package badtls diff --git a/common/badtls/read_wait_stub.go b/common/badtls/read_wait_stub.go index 4bd4fc60b..9258a46e5 100644 --- a/common/badtls/read_wait_stub.go +++ b/common/badtls/read_wait_stub.go @@ -1,4 +1,4 @@ -//go:build !go1.25 || without_badtls +//go:build !go1.25 || !badlinkname package badtls diff --git a/common/badtls/registry.go b/common/badtls/registry.go index cc11a16ee..34cfe9eca 100644 --- a/common/badtls/registry.go +++ b/common/badtls/registry.go @@ -1,4 +1,4 @@ -//go:build go1.25 && !without_badtls +//go:build go1.25 && badlinkname package badtls diff --git a/common/badtls/registry_utls.go b/common/badtls/registry_utls.go index c04543552..330f64f58 100644 --- a/common/badtls/registry_utls.go +++ b/common/badtls/registry_utls.go @@ -1,4 +1,4 @@ -//go:build go1.25 && !without_badtls +//go:build go1.25 && badlinkname package badtls diff --git a/common/ktls/ktls.go b/common/ktls/ktls.go index eb2e86cf3..33a59b13e 100644 --- a/common/ktls/ktls.go +++ b/common/ktls/ktls.go @@ -1,4 +1,4 @@ -//go:build linux && go1.25 && !without_badtls +//go:build linux && go1.25 && badlinkname package ktls diff --git a/common/ktls/ktls_alert.go b/common/ktls/ktls_alert.go index 8c68d36b3..e755feae7 100644 --- a/common/ktls/ktls_alert.go +++ b/common/ktls/ktls_alert.go @@ -2,7 +2,7 @@ // Use of this source code is governed by a BSD-style // license that can be found in the LICENSE file. -//go:build linux && go1.25 && !without_badtls +//go:build linux && go1.25 && badlinkname package ktls diff --git a/common/ktls/ktls_cipher_suites_linux.go b/common/ktls/ktls_cipher_suites_linux.go index 348b1c42e..571f02511 100644 --- a/common/ktls/ktls_cipher_suites_linux.go +++ b/common/ktls/ktls_cipher_suites_linux.go @@ -2,7 +2,7 @@ // Use of this source code is governed by a BSD-style // license that can be found in the LICENSE file. -//go:build linux && go1.25 && !without_badtls +//go:build linux && go1.25 && badlinkname package ktls diff --git a/common/ktls/ktls_close.go b/common/ktls/ktls_close.go index f9392a561..2052524d5 100644 --- a/common/ktls/ktls_close.go +++ b/common/ktls/ktls_close.go @@ -2,7 +2,7 @@ // Use of this source code is governed by a BSD-style // license that can be found in the LICENSE file. -//go:build linux && go1.25 && !without_badtls +//go:build linux && go1.25 && badlinkname package ktls diff --git a/common/ktls/ktls_const.go b/common/ktls/ktls_const.go index 0b8e72e87..40cff7605 100644 --- a/common/ktls/ktls_const.go +++ b/common/ktls/ktls_const.go @@ -2,7 +2,7 @@ // Use of this source code is governed by a BSD-style // license that can be found in the LICENSE file. -//go:build linux && go1.25 && !without_badtls +//go:build linux && go1.25 && badlinkname package ktls diff --git a/common/ktls/ktls_handshake_messages.go b/common/ktls/ktls_handshake_messages.go index e80531e1b..f44958c0e 100644 --- a/common/ktls/ktls_handshake_messages.go +++ b/common/ktls/ktls_handshake_messages.go @@ -2,7 +2,7 @@ // Use of this source code is governed by a BSD-style // license that can be found in the LICENSE file. -//go:build linux && go1.25 && !without_badtls +//go:build linux && go1.25 && badlinkname package ktls diff --git a/common/ktls/ktls_key_update.go b/common/ktls/ktls_key_update.go index 9e0d0ee1f..35268e8fa 100644 --- a/common/ktls/ktls_key_update.go +++ b/common/ktls/ktls_key_update.go @@ -2,7 +2,7 @@ // Use of this source code is governed by a BSD-style // license that can be found in the LICENSE file. -//go:build linux && go1.25 && !without_badtls +//go:build linux && go1.25 && badlinkname package ktls diff --git a/common/ktls/ktls_linux.go b/common/ktls/ktls_linux.go index bc9fb8b91..1e3277511 100644 --- a/common/ktls/ktls_linux.go +++ b/common/ktls/ktls_linux.go @@ -1,4 +1,4 @@ -//go:build linux && go1.25 && !without_badtls +//go:build linux && go1.25 && badlinkname package ktls diff --git a/common/ktls/ktls_prf.go b/common/ktls/ktls_prf.go index f74a4876f..ecf0b735a 100644 --- a/common/ktls/ktls_prf.go +++ b/common/ktls/ktls_prf.go @@ -2,7 +2,7 @@ // Use of this source code is governed by a BSD-style // license that can be found in the LICENSE file. -//go:build linux && go1.25 && !without_badtls +//go:build linux && go1.25 && badlinkname package ktls diff --git a/common/ktls/ktls_read.go b/common/ktls/ktls_read.go index 453504410..7ffa1e180 100644 --- a/common/ktls/ktls_read.go +++ b/common/ktls/ktls_read.go @@ -2,7 +2,7 @@ // Use of this source code is governed by a BSD-style // license that can be found in the LICENSE file. -//go:build linux && go1.25 && !without_badtls +//go:build linux && go1.25 && badlinkname package ktls diff --git a/common/ktls/ktls_read_wait.go b/common/ktls/ktls_read_wait.go index 8c1a8ff04..4b4edc1e0 100644 --- a/common/ktls/ktls_read_wait.go +++ b/common/ktls/ktls_read_wait.go @@ -2,7 +2,7 @@ // Use of this source code is governed by a BSD-style // license that can be found in the LICENSE file. -//go:build linux && go1.25 && !without_badtls +//go:build linux && go1.25 && badlinkname package ktls diff --git a/common/ktls/ktls_stub_nolinkname.go b/common/ktls/ktls_stub_nolinkname.go new file mode 100644 index 000000000..44a0b30cc --- /dev/null +++ b/common/ktls/ktls_stub_nolinkname.go @@ -0,0 +1,15 @@ +//go:build linux && go1.25 && !badlinkname + +package ktls + +import ( + "context" + + E "github.com/sagernet/sing/common/exceptions" + "github.com/sagernet/sing/common/logger" + aTLS "github.com/sagernet/sing/common/tls" +) + +func NewConn(ctx context.Context, logger logger.ContextLogger, conn aTLS.Conn, txOffload, rxOffload bool) (aTLS.Conn, error) { + return nil, E.New("kTLS requires build flags `badlinkname` and `-ldflags=-checklinkname=0`, please recompile your binary") +} diff --git a/common/ktls/ktls_stub.go b/common/ktls/ktls_stub_nonlinux.go similarity index 67% rename from common/ktls/ktls_stub.go rename to common/ktls/ktls_stub_nonlinux.go index 66d3e88a7..e754b7759 100644 --- a/common/ktls/ktls_stub.go +++ b/common/ktls/ktls_stub_nonlinux.go @@ -1,15 +1,15 @@ -//go:build !linux || !go1.25 || without_badtls +//go:build !linux package ktls import ( "context" - "os" + E "github.com/sagernet/sing/common/exceptions" "github.com/sagernet/sing/common/logger" aTLS "github.com/sagernet/sing/common/tls" ) func NewConn(ctx context.Context, logger logger.ContextLogger, conn aTLS.Conn, txOffload, rxOffload bool) (aTLS.Conn, error) { - return nil, os.ErrInvalid + return nil, E.New("kTLS is only supported on Linux") } diff --git a/common/ktls/ktls_stub_oldgo.go b/common/ktls/ktls_stub_oldgo.go new file mode 100644 index 000000000..613bf7f1e --- /dev/null +++ b/common/ktls/ktls_stub_oldgo.go @@ -0,0 +1,15 @@ +//go:build linux && !go1.25 + +package ktls + +import ( + "context" + + E "github.com/sagernet/sing/common/exceptions" + "github.com/sagernet/sing/common/logger" + aTLS "github.com/sagernet/sing/common/tls" +) + +func NewConn(ctx context.Context, logger logger.ContextLogger, conn aTLS.Conn, txOffload, rxOffload bool) (aTLS.Conn, error) { + return nil, E.New("kTLS requires Go 1.25 or later, please recompile your binary") +} diff --git a/common/ktls/ktls_write.go b/common/ktls/ktls_write.go index 6f04ca29e..76533b4a6 100644 --- a/common/ktls/ktls_write.go +++ b/common/ktls/ktls_write.go @@ -2,7 +2,7 @@ // Use of this source code is governed by a BSD-style // license that can be found in the LICENSE file. -//go:build linux && go1.25 && !without_badtls +//go:build linux && go1.25 && badlinkname package ktls diff --git a/release/local/debug.sh b/release/local/debug.sh index d649bed41..d6bd3057e 100755 --- a/release/local/debug.sh +++ b/release/local/debug.sh @@ -13,7 +13,7 @@ pushd $PROJECT git fetch git reset FETCH_HEAD --hard git clean -fdx -go install -v -trimpath -ldflags "-s -w -buildid= -checklinkname=0" -tags with_quic,with_acme,debug ./cmd/sing-box +go install -v -trimpath -ldflags "-s -w -buildid=" -tags with_quic,with_acme,debug ./cmd/sing-box popd sudo systemctl stop sing-box diff --git a/release/local/install.sh b/release/local/install.sh index 3aa3d976f..24e9d006e 100755 --- a/release/local/install.sh +++ b/release/local/install.sh @@ -10,7 +10,7 @@ DIR=$(dirname "$0") PROJECT=$DIR/../.. pushd $PROJECT -go install -v -trimpath -ldflags "-s -w -buildid= -checklinkname=0" -tags with_quic,with_wireguard,with_acme ./cmd/sing-box +go install -v -trimpath -ldflags "-s -w -buildid=" -tags with_quic,with_wireguard,with_acme ./cmd/sing-box popd sudo cp $(go env GOPATH)/bin/sing-box /usr/local/bin/ diff --git a/release/local/reinstall.sh b/release/local/reinstall.sh index 04cef16be..71d071095 100755 --- a/release/local/reinstall.sh +++ b/release/local/reinstall.sh @@ -10,7 +10,7 @@ DIR=$(dirname "$0") PROJECT=$DIR/../.. pushd $PROJECT -go install -v -trimpath -ldflags "-s -w -buildid= -checklinkname=0" -tags with_quic,with_wireguard,with_acme ./cmd/sing-box +go install -v -trimpath -ldflags "-s -w -buildid=" -tags with_quic,with_wireguard,with_acme ./cmd/sing-box popd sudo systemctl stop sing-box