Skip to content

fix tls dialer when tls.enabled is false#3505

Closed
nunu6689 wants to merge 41 commits intoSagerNet:dev-nextfrom
nunu6689:nunu6689-fix-tls-enabled-false
Closed

fix tls dialer when tls.enabled is false#3505
nunu6689 wants to merge 41 commits intoSagerNet:dev-nextfrom
nunu6689:nunu6689-fix-tls-enabled-false

Conversation

@nunu6689
Copy link
Copy Markdown

@nunu6689 nunu6689 commented Oct 28, 2025

tls.NewDialer() should return nil if config is nil. Because tls.NewClientWithOptions() always return nilwhentls.Enabled == false`.

fixed #3419, #3466

Zephyruso and others added 30 commits October 27, 2025 22:50
@Zephyruso @nekohasekai
Add /dns/flush-clash meta api
784e1da
@neletor @nekohasekai
Add support for ech retry configs
1b05ee5
@nekohasekai
Fix ECH retry support
20b6488
@nekohasekai
Add interface address rule items
3d0cc9b
@nekohasekai
documentation: Add interface address rule items
fcaaeb2
@nekohasekai
Add preferred_by route rule item
ee5dab7
@nekohasekai
documentation: Add preferred_by route rule item
709748a
@xchacha20-poly1305 @nekohasekai
Fix rule set version
aab3e84
@nekohasekai
Use resolved in local DNS server if available
2be506d
@nekohasekai
Improve local DNS server on darwin
ff5f76f 
We mistakenly believed that `libresolv`'s `search` function worked correctly in NetworkExtension, but it seems only `getaddrinfo` does.

This commit changes the behavior of the `local` DNS server in NetworkExtension to prefer DHCP, falling back to `getaddrinfo` if DHCP servers are unavailable.

It's worth noting that `prefer_go` does not disable DHCP since it respects Dial Fields, but `getaddrinfo` does the opposite. The new behavior only applies to NetworkExtension, not to all scenarios (primarily command-line binaries) as it did previously.

In addition, this commit also improves the DHCP DNS server to use the same robust query logic as `local`.
@nekohasekai
Stop using DHCP on iOS and tvOS
012089c 
We do not have the `com.apple.developer.networking.multicast` entitlement and are unable to obtain it for non-technical reasons.
@nekohasekai
documentation: Improve local DNS server
1eaa6b2
@nekohasekai
documentation: Remove outdated icons
f3a63b3
@nekohasekai
Fix rule-set format
d314b8e
@nekohasekai
Fix legacy DNS config
c5dfc75
@nekohasekai
Remove use of ldflags -checklinkname=0 on darwin
192ae88
@nekohasekai
documentation: Update behavior of local DNS server on darwin
7488825
@nekohasekai
Fix resolve using resolved
6e2111d
@nekohasekai
Add proxy support for ICMP echo request
6a77bd7
@nekohasekai
Add support for kTLS
843c80d 
Reference: https://gitlab.com/go-extension/tls
@nekohasekai
ktls: Add warning for inappropriate scenarios
223bcfa
@nekohasekai
Improve compatibility for kTLS
7a0006c
@nekohasekai
Improve ktls rx error handling
efddaf4
@nekohasekai
release: Fix linux build
be2f25f
@nekohasekai
Fix ping domain
2afb08c
@nekohasekai
Fix preConnectionCopy
a22b090
@nekohasekai
Update WireGuard and Tailscale
c0423bb
@nekohasekai
Update quic-go to v0.55.0
36fd685
@nekohasekai
documentation: Update chinese translations
eded05a
@nekohasekai
Do not use linkname by default to simplify debugging
64ad966
@nekohasekai nekohasekai force-pushed the dev-next branch 22 times, most recently from 83b00a1 to daef974 Compare December 17, 2025 14:18
@nekohasekai nekohasekai force-pushed the dev-next branch 8 times, most recently from fced8e7 to ba353b6 Compare December 25, 2025 07:49
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

tls 字段缺少 enabled: true 时会直接崩溃

5 participants

@nunu6689 @nekohasekai @Zephyruso @neletor @xchacha20-poly1305