shadowsocks-rust: update to 1.24.0

.github/workflows/Auto cache software release jsons.yml

@@ -17,7 +17,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Checkout
-        uses: actions/checkout@v5
+        uses: actions/checkout@v4
 
       - name: Initialization environment
         run: |
@@ -26,12 +26,15 @@ jobs:
       - name: Install GitHub CLI
         run: sudo apt-get update && sudo apt-get install -y gh
 
-      - name: Fetch GitHub release JSONs
+      - name: Delete old release and tag
+        run: |
+          gh release delete api-cache --cleanup-tag -y || echo "No existing release to delete"
         env:
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-        run: |
-          mkdir -p output old_json
 
+      - name: Fetch GitHub release JSONs
+        run: |
+          mkdir -p output
           declare -A repos
           repos["geoview"]="snowie2000/geoview"
           repos["chinadns-ng"]="zfl9/chinadns-ng"
@@ -39,62 +42,14 @@ jobs:
           repos["sing-box"]="SagerNet/sing-box"
           repos["hysteria"]="HyNetwork/hysteria"
 
-          echo "Downloading previous api-cache release assets (if exists)..."
-          gh release download api-cache --dir old_json --pattern "*.json" || echo "No previous release found"
-
           for name in "${!repos[@]}"; do
             repo="${repos[$name]}"
-            echo "Processing $name from $repo ..."
-
-            for t in release pre-release; do
-              old="old_json/${name}-${t}-api.json"
-              if [ -f "$old" ]; then
-                cp "$old" "output/${name}-${t}-api.json.bak"
-              fi
-            done
-
+            echo "Fetching release JSONs for $name from $repo ..."
             curl -sL "https://api.github.com/repos/$repo/releases/latest" -o "output/${name}-release-api.json"
             curl -sL "https://api.github.com/repos/$repo/releases?per_page=1" -o "output/${name}-pre-release-api.json"
-
-            for t in release pre-release; do
-              file="output/${name}-${t}-api.json"
-
-              TAG_NAME=$(grep -oP '"tag_name": "\K[^"]+' "$file" || true)
-
-              if [ -z "$TAG_NAME" ]; then
-                echo "❌ ${file} No tag_name, restore old files..."
-                rm -f "$file"
-
-                if [ -f "${file}.bak" ]; then
-                  mv "${file}.bak" "$file"
-                fi
-              else
-                echo "✅ ${file} Verification successful, delete bak."
-                rm -f "${file}.bak"
-              fi
-            done
           done
 
-      - name: Check output directory
-        id: check_output
-        run: |
-          if [ -z "$(ls -A output 2>/dev/null)" ]; then
-            echo "empty=true" >> $GITHUB_OUTPUT
-            echo "⚠️ The output directory is empty, and subsequent Upload/Release steps will be skipped."
-          else
-            echo "empty=false" >> $GITHUB_OUTPUT
-            echo "✔ The output directory contains files."
-          fi
-
-      - name: Delete old release and tag
-        if: steps.check_output.outputs.empty == 'false'
-        run: |
-          gh release delete api-cache --cleanup-tag -y || echo "No existing release to delete."
-        env:
-          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-
       - name: Upload to release
-        if: steps.check_output.outputs.empty == 'false'
         uses: softprops/action-gh-release@v2
         with:
           tag_name: api-cache

.github/workflows/Close stale issues and Prs.yml

@@ -7,7 +7,7 @@ jobs:
   stale:
     runs-on: ubuntu-22.04
     steps:
-      - uses: actions/stale@v10
+      - uses: actions/stale@v7.0.0
         with:
           stale-issue-message: "Stale Issue"
           stale-pr-message: "Stale PR"

geoview/Makefile

@@ -1,12 +1,12 @@
 include $(TOPDIR)/rules.mk
 
 PKG_NAME:=geoview
-PKG_VERSION:=0.2.2
+PKG_VERSION:=0.1.11
 PKG_RELEASE:=1
 
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
 PKG_SOURCE_URL:=https://codeload.github.com/snowie2000/geoview/tar.gz/$(PKG_VERSION)?
-PKG_HASH:=3cdec7da60d5ec84f71e086fdc77f43287d064371f51d49bcfe09abd50604343
+PKG_HASH:=a3ad07d3926c329f6990d67e17119f0c9a4ee26e89b0e2f541b27230c2806e94
 
 PKG_LICENSE:=Apache-2.0
 PKG_LICENSE_FILES:=LICENSE

microsocks/Makefile

@@ -6,7 +6,7 @@ include $(TOPDIR)/rules.mk
 
 PKG_NAME:=microsocks
 PKG_VERSION:=1.0.5
-PKG_RELEASE:=2
+PKG_RELEASE:=1
 
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
 PKG_SOURCE_URL:=https://codeload.github.com/rofl0r/microsocks/tar.gz/v$(PKG_VERSION)?
@@ -25,7 +25,7 @@ define Package/microsocks
   SECTION:=net
   CATEGORY:=Network
   SUBMENU:=Web Servers/Proxies
-  TITLE:=Tiny, portable SOCKS5 server. Support forwarding rules
+  TITLE:=Tiny, portable SOCKS5 server
   URL:=https://github.com/rofl0r/microsocks
   DEPENDS:=+libpthread
 endef
@@ -33,7 +33,6 @@ endef
 define Package/microsocks/description
   A SOCKS5 service that you can run on your remote boxes to tunnel connections
   through them, if for some reason SSH doesn't cut it for you.
-  This version supports forwarding rules.
 endef
 
 define Package/microsocks/install

microsocks/patches/100-Add-SOCKS5-forwarding-rules-support.patch

@@ -1,428 +0,0 @@
---- a/sockssrv.c
-+++ b/sockssrv.c
-@@ -33,8 +33,10 @@
- #include <arpa/inet.h>
- #include <errno.h>
- #include <limits.h>
-+#include <sys/time.h>
- #include "server.h"
- #include "sblist.h"
-+#define MICROSOCKS_VERSION "1.0.5-forward"
- 
- /* timeout in microseconds on resource exhaustion to prevent excessive
-    cpu usage. */
-@@ -71,6 +73,7 @@
- static pthread_rwlock_t auth_ips_lock = PTHREAD_RWLOCK_INITIALIZER;
- static const struct server* server;
- static union sockaddr_union bind_addr = {.v4.sin_family = AF_UNSPEC};
-+static sblist *fwd_rules;
- 
- enum socksstate {
- 	SS_1_CONNECTED,
-@@ -97,6 +100,17 @@
- 	EC_ADDRESSTYPE_NOT_SUPPORTED = 8,
- };
- 
-+struct fwd_rule {
-+	char *match_name;
-+	short match_port;
-+	char *auth_buf; /* Username/Password request buffer (RFC-1929) */
-+	size_t auth_len;
-+	char *upstream_name;
-+	short upstream_port;
-+	char *req_buf; /* Client Connection Request buffer to send to upstream */
-+	size_t req_len;
-+};
-+
- struct thread {
- 	pthread_t pt;
- 	struct client client;
-@@ -116,6 +130,109 @@
- static void dolog(const char* fmt, ...) { }
- #endif
- 
-+static int upstream_handshake(const struct fwd_rule* rule, unsigned char *client_buf, size_t client_buf_len, 
-+							int client_fd, int upstream_fd, unsigned short client_port) {
-+	unsigned char sbuf[512];
-+	ssize_t r;
-+
-+	if(rule->auth_buf) {
-+		unsigned char handshake[4] = {5, 2, 0, 2};
-+		if (write(upstream_fd, handshake, 4) != 4) {
-+			close(upstream_fd);
-+			return -1;
-+		}
-+	} else {
-+		unsigned char handshake[3] = {5, 1, 0};
-+		if (write(upstream_fd, handshake, 3) != 3) {
-+			close(upstream_fd);
-+			return -1;
-+		}
-+	}
-+
-+	if (read(upstream_fd, sbuf, 2) != 2 || sbuf[0] != 5) {
-+		close(upstream_fd);
-+		return -1;
-+	}
-+
-+	if (sbuf[1] == 2) {
-+		if (!rule->auth_buf) {
-+			close(upstream_fd);
-+			return -1;
-+		}
-+		if (write(upstream_fd, rule->auth_buf, rule->auth_len) != (ssize_t)rule->auth_len) {
-+			close(upstream_fd);
-+			return -1;
-+		}
-+		if (read(upstream_fd, sbuf, 2) != 2 || sbuf[0] != 1 || sbuf[1] != 0) {
-+			close(upstream_fd);
-+			return -1;
-+		}
-+	} else if (sbuf[1] != 0) {
-+		close(upstream_fd);
-+		return -1;
-+	}
-+
-+	if (write(upstream_fd, client_buf, client_buf_len) != (ssize_t)client_buf_len) {
-+		close(upstream_fd);
-+		return -1;
-+	}
-+
-+	size_t total = 0;
-+	size_t need = 4;
-+
-+	while (total < need) {
-+		r = read(upstream_fd, sbuf + total, need - total);
-+		if (r <= 0) {
-+			close(upstream_fd);
-+			return -1;
-+		}
-+		total += r;
-+	}
-+
-+	if (sbuf[1] != 0) {
-+		close(upstream_fd);
-+		return -sbuf[1];
-+	}
-+
-+	size_t need_more = 0;
-+	switch (sbuf[3]) {
-+		case 1:
-+			need_more = 4 + 2;
-+			break;
-+		case 4:
-+			need_more = 16 + 2;
-+			break;
-+		case 3:
-+			r = read(upstream_fd, sbuf + total, 1);
-+			if (r != 1) {
-+				close(upstream_fd);
-+				return -1;
-+			}
-+			total += r;
-+			need_more = sbuf[4] + 2;
-+			break;
-+		default:
-+			close(upstream_fd);
-+			return -EC_ADDRESSTYPE_NOT_SUPPORTED;
-+	}
-+
-+	while (total < need + need_more) {
-+		r = read(upstream_fd, sbuf + total, (need + need_more) - total);
-+		if (r <= 0) {
-+			close(upstream_fd);
-+			return -1;
-+		}
-+		total += r;
-+	}
-+
-+	if (write(client_fd, sbuf, total) != (ssize_t)total) {
-+		close(upstream_fd);
-+		return -1;
-+	}
-+
-+	return upstream_fd;
-+}
-+
- static struct addrinfo* addr_choose(struct addrinfo* list, union sockaddr_union* bindaddr) {
- 	int af = SOCKADDR_UNION_AF(bindaddr);
- 	if(af == AF_UNSPEC) return list;
-@@ -125,7 +242,9 @@
- 	return list;
- }
- 
--static int connect_socks_target(unsigned char *buf, size_t n, struct client *client) {
-+static int connect_socks_target(unsigned char *buf, size_t n, struct client *client, int *used_rule) {
-+	*used_rule = 0;
-+
- 	if(n < 5) return -EC_GENERAL_FAILURE;
- 	if(buf[0] != 5) return -EC_GENERAL_FAILURE;
- 	if(buf[1] != 1) return -EC_COMMAND_NOT_SUPPORTED; /* we support only CONNECT method */
-@@ -158,6 +277,29 @@
- 	}
- 	unsigned short port;
- 	port = (buf[minlen-2] << 8) | buf[minlen-1];
-+
-+	size_t i;
-+	struct fwd_rule *rule = NULL;
-+	char original_name[256];
-+	unsigned short original_port = port;
-+	strncpy(original_name, namebuf, sizeof(original_name) - 1);
-+	original_name[sizeof(original_name) - 1] = '\0';
-+	if(fwd_rules) {
-+		for(i=0;i<sblist_getsize(fwd_rules);++i) {
-+			struct fwd_rule* r = (struct fwd_rule*)sblist_get(fwd_rules, i);
-+			int name_match = (r->match_name[0]=='\0' || strcmp(r->match_name, namebuf) == 0);
-+			int port_match = (r->match_port == 0 || r->match_port == port);
-+			if(name_match && port_match) {
-+				rule = r;
-+				*used_rule = 1;
-+				strncpy(namebuf, r->upstream_name, sizeof(namebuf)-1);
-+				namebuf[sizeof(namebuf)-1] = '\0';
-+				port = r->upstream_port;
-+				break;
-+			}
-+		}
-+	}
-+
- 	/* there's no suitable errorcode in rfc1928 for dns lookup failure */
- 	if(resolve(namebuf, port, &remote)) return -EC_GENERAL_FAILURE;
- 	struct addrinfo* raddr = addr_choose(remote, &bind_addr);
-@@ -186,6 +328,11 @@
- 			return -EC_GENERAL_FAILURE;
- 		}
- 	}
-+
-+	struct timeval tv = {5, 0};
-+	setsockopt(fd, SOL_SOCKET, SO_RCVTIMEO, (const char*)&tv, sizeof(tv));
-+	setsockopt(fd, SOL_SOCKET, SO_SNDTIMEO, (const char*)&tv, sizeof(tv));
-+
- 	if(SOCKADDR_UNION_AF(&bind_addr) == raddr->ai_family &&
- 	   bindtoip(fd, &bind_addr) == -1)
- 		goto eval_errno;
-@@ -198,9 +345,22 @@
- 		af = SOCKADDR_UNION_AF(&client->addr);
- 		void *ipdata = SOCKADDR_UNION_ADDRESS(&client->addr);
- 		inet_ntop(af, ipdata, clientname, sizeof clientname);
--		dolog("client[%d] %s: connected to %s:%d\n", client->fd, clientname, namebuf, port);
-+		if (rule) {
-+			dolog("client[%d] %s: %s:%d -> via %s:%d\n", client->fd, clientname, original_name, original_port, rule->upstream_name, rule->upstream_port);
-+		} else {
-+			dolog("client[%d] %s: connected to %s:%d\n", client->fd, clientname, namebuf, port);
-+		}
- 	}
--	return fd;
-+
-+	if (rule) {
-+		int result = upstream_handshake(rule, buf, n, client->fd, fd, original_port);
-+		if (result < 0) {
-+			close(fd);
-+			return result;
-+		}
-+		return result;
-+	}
-+    return fd;
- }
- 
- static int is_authed(union sockaddr_union *client, union sockaddr_union *authedip) {
-@@ -322,6 +482,7 @@
- 	ssize_t n;
- 	int ret;
- 	enum authmethod am;
-+	int used_rule = 0;
- 	t->state = SS_1_CONNECTED;
- 	while((n = recv(t->client.fd, buf, sizeof buf, 0)) > 0) {
- 		switch(t->state) {
-@@ -345,12 +506,14 @@
- 				}
- 				break;
- 			case SS_3_AUTHED:
--				ret = connect_socks_target(buf, n, &t->client);
-+				ret = connect_socks_target(buf, n, &t->client, &used_rule);
- 				if(ret < 0) {
- 					send_error(t->client.fd, ret*-1);
- 					return -1;
- 				}
--				send_error(t->client.fd, EC_SUCCESS);
-+				if (!used_rule) {
-+					send_error(t->client.fd, EC_SUCCESS);
-+				}
- 				return ret;
- 		}
- 	}
-@@ -382,11 +545,131 @@
- 	}
- }
- 
-+static short host_get_port(char *name) {
-+	int p,n;
-+	char *c;
-+	if((c = strrchr(name, ':')) && sscanf(c+1,"%d%n",&p, &n)==1 && n == (int)(strlen(c + 1)) && p >= 0 && p < USHRT_MAX)
-+		return (*c='\0'),(short)p;
-+	else
-+		return -1;
-+}
-+
-+static int fwd_rules_add(char *str) {
-+	char *match = NULL, *upstream = NULL, *remote = NULL;
-+	unsigned short match_port, upstream_port, remote_port;
-+	int ncred;
-+
-+	if(sscanf(str, "%m[^,],%n%m[^,],%ms\n", &match, &ncred, &upstream, &remote) != 3)
-+		return 1;
-+
-+	match_port = host_get_port(match);
-+	upstream_port = host_get_port(upstream);
-+	remote_port = host_get_port(remote);
-+
-+	if(match_port < 0 || upstream_port <= 0 || remote_port < 0) {
-+		free(match);
-+		free(upstream);
-+		free(remote);
-+		return 1;
-+	}
-+
-+	char *match_copy = strdup(match);
-+	char *upstream_copy = strdup(upstream);
-+	char *remote_copy = strdup(remote);
-+
-+	struct fwd_rule *rule = (struct fwd_rule*)malloc(sizeof(struct fwd_rule));
-+	if (!rule) {
-+		free(match_copy);
-+		free(upstream_copy);
-+		free(remote_copy);
-+		free(match);
-+		free(upstream);
-+		free(remote);
-+		return 1;
-+	}
-+
-+	if(strcmp(match_copy, "0.0.0.0") == 0 || strcmp(match_copy, "*") == 0) {
-+		free(match_copy);
-+		rule->match_name = strdup("");
-+	} else {
-+		rule->match_name = match_copy;
-+	}
-+	rule->match_port = match_port;
-+	rule->auth_buf = NULL;
-+	rule->auth_len = 0;
-+
-+	char *at_sign = strchr(upstream_copy, '@');
-+	if (at_sign) {
-+		*at_sign = '\0';
-+		char *auth_part = upstream_copy;
-+		char *host_part = at_sign + 1;
-+		char *colon = strchr(auth_part, ':');
-+		if (!colon) {
-+			free(rule);
-+			free(upstream_copy);
-+			free(remote_copy);
-+			free(match);
-+			free(upstream);
-+			free(remote);
-+			return 1;
-+		}
-+		*colon++ = '\0';
-+		char *username = auth_part;
-+		char *password = colon;
-+		size_t ulen = strlen(username);
-+		size_t plen = strlen(password);
-+		if (ulen > 255 || plen > 255) {
-+			free(rule);
-+			free(upstream_copy);
-+			free(remote_copy);
-+			free(match);
-+			free(upstream);
-+			free(remote);
-+			return 1;
-+		}
-+		rule->auth_len = 1 + 1 + ulen + 1 + plen;
-+		rule->auth_buf = malloc(rule->auth_len);
-+		rule->auth_buf[0] = 1;
-+		rule->auth_buf[1] = ulen;
-+		memcpy(&rule->auth_buf[2], username, ulen);
-+		rule->auth_buf[2 + ulen] = plen;
-+		memcpy(&rule->auth_buf[3 + ulen], password, plen);
-+		rule->upstream_name = strdup(host_part);
-+		rule->upstream_port = upstream_port;
-+		/* hide from ps */
-+		memset(str+ncred, '*', ulen+1+plen);
-+	} else {
-+		rule->upstream_name = strdup(upstream_copy);
-+		rule->upstream_port = upstream_port;
-+	}
-+
-+	free(upstream_copy);
-+	short rlen = strlen(remote_copy);
-+	rule->req_len = 3 + 1 + 1 + rlen + 2;
-+	rule->req_buf = (char*)malloc(rule->req_len);
-+	rule->req_buf[0] = 5;
-+	rule->req_buf[1] = 1;
-+	rule->req_buf[2] = 0;
-+	rule->req_buf[3] = 3;
-+	rule->req_buf[4] = rlen;
-+	memcpy(&rule->req_buf[5], remote_copy, rlen);
-+	unsigned short rport = remote_port ? remote_port : 0;
-+	rule->req_buf[5 + rlen]     = (rport >> 8) & 0xFF;
-+	rule->req_buf[5 + rlen + 1] = (rport & 0xFF);
-+	free(remote_copy);
-+	sblist_add(fwd_rules, rule);
-+	free(match);
-+	free(upstream);
-+	free(remote);
-+
-+	return 0;
-+}
-+
- static int usage(void) {
- 	dprintf(2,
- 		"MicroSocks SOCKS5 Server\n"
- 		"------------------------\n"
--		"usage: microsocks -1 -q -i listenip -p port -u user -P pass -b bindaddr -w ips\n"
-+		"usage: microsocks -1 -q -i listenip -p port -u user -P pass -b bindaddr -w ips -f fwdrule\n"
- 		"all arguments are optional.\n"
- 		"by default listenip is 0.0.0.0 and port 1080.\n\n"
- 		"option -q disables logging.\n"
-@@ -401,6 +684,12 @@
- 		" this is handy for programs like firefox that don't support\n"
- 		" user/pass auth. for it to work you'd basically make one connection\n"
- 		" with another program that supports it, and then you can use firefox too.\n"
-+		"option -f specifies a forwarding rule of the form\n"
-+		"  match_name:match_port,[user:password@]upstream_name:upstream_port,remote_name:remote_port\n"
-+		" this will cause requests that /match/ to be renamed to /remote/\n"
-+		" and sent to the /upstream/ SOCKS5 proxy server.\n"
-+		" this option may be specified multiple times.\n"
-+		"option -V prints version information and exits.\n"
- 	);
- 	return 1;
- }
-@@ -416,7 +705,7 @@
- 	const char *listenip = "0.0.0.0";
- 	char *p, *q;
- 	unsigned port = 1080;
--	while((ch = getopt(argc, argv, ":1qb:i:p:u:P:w:")) != -1) {
-+	while((ch = getopt(argc, argv, ":1qb:i:p:u:P:w:f:V")) != -1) {
- 		switch(ch) {
- 			case 'w': /* fall-through */
- 			case '1':
-@@ -456,11 +745,20 @@
- 			case 'p':
- 				port = atoi(optarg);
- 				break;
-+			case 'f':
-+				if(!fwd_rules)
-+					fwd_rules = sblist_new(sizeof(struct fwd_rule), 16);
-+				if(fwd_rules_add(optarg))
-+					return dprintf(2, "error: could not parse forwarding rule %s\n", optarg), 1;
-+				break;
- 			case ':':
- 				dprintf(2, "error: option -%c requires an operand\n", optopt);
- 				/* fall through */
- 			case '?':
- 				return usage();
-+			case 'V':
-+				dprintf(1, "MicroSocks %s\n", MICROSOCKS_VERSION);
-+				return 0;
- 		}
- 	}
- 	if((auth_user && !auth_pass) || (!auth_user && auth_pass)) {

naiveproxy/Makefile

@@ -1,8 +1,8 @@
 include $(TOPDIR)/rules.mk
 
 PKG_NAME:=naiveproxy
-PKG_VERSION:=143.0.7499.109
-PKG_RELEASE:=2
+PKG_VERSION:=140.0.7339.123
+PKG_RELEASE:=3
 
 ARCH_PREBUILT:=$(ARCH_PACKAGES)
 
@@ -25,47 +25,47 @@ PKG_SOURCE:=naiveproxy-v$(PKG_VERSION)-$(PKG_RELEASE)-openwrt-$(ARCH_PREBUILT).t
 PKG_SOURCE_URL:=https://github.com/klzgrad/naiveproxy/releases/download/v$(PKG_VERSION)-$(PKG_RELEASE)/
 
 ifeq ($(ARCH_PREBUILT),aarch64_cortex-a53)
-  PKG_HASH:=e5eec05d7e799c4b6f93adb02129246142a88e427d76d6275a0312872031a1db
+  PKG_HASH:=9bda77ac7c551e1fd33b2db21cc235e4d2e35c414655018f53e0d419ac2b46d1
 else ifeq ($(ARCH_PREBUILT),aarch64_cortex-a72)
-  PKG_HASH:=ca7975f7b711d1936d44b7a3676d4ddec59dd84339da0e28aa8bbc1fa738523a
+  PKG_HASH:=5a8a02055d14abd56916fb1e2ede9b56b55785fc842c893ac9cfdc98f1ceb6bd
 else ifeq ($(ARCH_PREBUILT),aarch64_generic)
-  PKG_HASH:=a4b34126901ad577a018332dd8cfa015ca5de1dcbbcf445465fb5a89a29a6b29
+  PKG_HASH:=d2b41880a40e204ebe91baaf8202d0d1f3004b5335266afa426c680f2f0a909e
 else ifeq ($(ARCH_PREBUILT),arm_arm1176jzf-s_vfp)
-  PKG_HASH:=ec0a9a76bc51d7608897db9d87c3e52a889989856b3456cf1b35c4a42891fc40
+  PKG_HASH:=76df8b546ed640ed2e581f32ab837fc487aae0a80a5985a42405c2c8bad87c18
 else ifeq ($(ARCH_PREBUILT),arm_arm926ej-s)
-  PKG_HASH:=bdd03cdec1f7215369cafdc7922f3d78ecd570a59d5cd04e829cab33c6dbc68e
+  PKG_HASH:=27b28beaa032165e9b93d423353ced3cfe594c71353fd9d109699f330b785732
 else ifeq ($(ARCH_PREBUILT),arm_cortex-a15_neon-vfpv4)
-  PKG_HASH:=fce86759321a06cc373ceef1a38fee456cf0383cc466a3762671b9a0fc4e13ba
+  PKG_HASH:=14d4929d2b417baa7f31df114eefa2d0a1ae4bc255cf1b3a037558bd67b77faf
 else ifeq ($(ARCH_PREBUILT),arm_cortex-a5_vfpv4)
-  PKG_HASH:=3bb0eef45955ccb656c0b074db40024e35a96c0588250534d25468242b21e067
+  PKG_HASH:=49a9c7eecab54155a31c3bfae71cf5193a881189715c7b4d29ce50a8c5c759d6
 else ifeq ($(ARCH_PREBUILT),arm_cortex-a7)
-  PKG_HASH:=42c95ce44d9abb1472f4817b5839252fc418cecd3b1d683a0211ca98e7e9a21f
+  PKG_HASH:=99b22874957bce541a0f8cbc0d23c501b85c20e8645bfa777a9f358d0b121d03
 else ifeq ($(ARCH_PREBUILT),arm_cortex-a7_neon-vfpv4)
-  PKG_HASH:=7222d40cc5b0f29e5858e6023e713cc69174672b2489a8c8525d031822b38230
+  PKG_HASH:=c0ff70018cf45b8115c9dd3f56ffc7d82b9c381d97ea75722c56401689d2948c
 else ifeq ($(ARCH_PREBUILT),arm_cortex-a7_vfpv4)
-  PKG_HASH:=1c15ceeb689d686e198afd0c1bb72b6c54ef89bde5b347205d6c2cedf359f37a
+  PKG_HASH:=725add2f90194dc44397e1034d861c1f88387eeea2f32baaa07bc384bfab2176
 else ifeq ($(ARCH_PREBUILT),arm_cortex-a8_vfpv3)
-  PKG_HASH:=a5f370df608aba401cb5a761c17f994d27d1a912be1aa9c7bcc0417314ecfb62
+  PKG_HASH:=3f281c94e72d47b3676cd9135e5b83858421c2a108e7b121629480f0fd5b4830
 else ifeq ($(ARCH_PREBUILT),arm_cortex-a9)
-  PKG_HASH:=f5df82bd5d3a45e8869026977c2d30bac6ccc258dadb7046e3306d4e54395741
+  PKG_HASH:=b9623d595a35609050c9638c8d2903cdb51eb56675ff4109627d66d8a6a993e3
 else ifeq ($(ARCH_PREBUILT),arm_cortex-a9_neon)
-  PKG_HASH:=7600df27693dda5f43c7d38715b9d4664db77ed4488c77da822c690cb28fcf90
+  PKG_HASH:=ab5a699ef830d65344f014547ae6ce73e0f25103ad02d3e80a5d441e19c7e21e
 else ifeq ($(ARCH_PREBUILT),arm_cortex-a9_vfpv3-d16)
-  PKG_HASH:=c010124d705e19da53e0df4658c23a5ad0ff71e89f8819e01f9e7011160042fa
+  PKG_HASH:=efb7650c31c862564f39be269d67fca4e1a43bf356a5d4c1c158cc83e7c378e2
 else ifeq ($(ARCH_PREBUILT),arm_mpcore)
-  PKG_HASH:=6ccbf7cf6b17b4cf4ab7b29b12a279b1fc79257f2fc569e81a5af6bda18819f4
+  PKG_HASH:=1e0fa7d2f283807a019c85ddb58f99b711bcf86eb4ac759562b221d998091093
 else ifeq ($(ARCH_PREBUILT),arm_xscale)
-  PKG_HASH:=5367433f1759aa0b947f6180c9d1944205629d7829db9f3466bd38d40da57ae0
+  PKG_HASH:=40175f13102597b88f92c664bf5c595ab69b248a5b64229a6aba388be77345b4
 else ifeq ($(ARCH_PREBUILT),mipsel_24kc)
-  PKG_HASH:=444a59288e3e7e80b2ca04fb4d6fb9a046a624cb01a9cea2314834c736561433
+  PKG_HASH:=63b1f692d2643de026d1a53699a65e7f30ee5c226beaa6cc255189a7c04d5817
 else ifeq ($(ARCH_PREBUILT),mipsel_mips32)
-  PKG_HASH:=fa568b8a8ed8505a99d5ca30568cbdb2539cc48d218c338a321fba116632daa1
+  PKG_HASH:=e5dd26061343287e6636003795763bcc9d8d83f4b7096246bdc81ed5da45253c
 else ifeq ($(ARCH_PREBUILT),riscv64)
-  PKG_HASH:=13c1a43e58cef7219baf828250afb9390fd2ed9379d30f7d7b182db61492fe69
+  PKG_HASH:=38c6a3fafbf073a83229f6b0629f725006e928f06d9d2353bdd3c072ef9a99bf
 else ifeq ($(ARCH_PREBUILT),x86)
-  PKG_HASH:=8088dd1ea80321109248f68f6f1a7c45f5b4dc0982992aabde725c3503a5b442
+  PKG_HASH:=a3e8aad951330b995273176cc310038971f4f3fff56ab047d5e60e3a0eb67d14
 else ifeq ($(ARCH_PREBUILT),x86_64)
-  PKG_HASH:=5681e13c833757cfb5769755fd93d1906c47448af190585067bde9de590bdb2e
+  PKG_HASH:=d6c39befccb1f3ad54ffa11c5ae8ad11a90151998eeaae6b1a73cc0702f24966
 else
   PKG_HASH:=dummy
 endif

sing-box/Makefile

@@ -5,12 +5,12 @@
 include $(TOPDIR)/rules.mk
 
 PKG_NAME:=sing-box
-PKG_VERSION:=1.12.14
+PKG_VERSION:=1.12.12
 PKG_RELEASE:=1
 
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
 PKG_SOURCE_URL:=https://codeload.github.com/SagerNet/sing-box/tar.gz/v$(PKG_VERSION)?
-PKG_HASH:=f19761d09f88e2d33aadfdb3c4ff471654f34b28561826e4786b9859654ca887
+PKG_HASH:=f08add81eab7e4d6091195179bb39fa3f64dbb0326feaa022994566b702d1245
 
 PKG_LICENSE:=GPL-3.0-or-later
 PKG_LICENSE_FILES:=LICENSE

v2ray-geodata/Makefile

@@ -5,29 +5,29 @@
 include $(TOPDIR)/rules.mk
 
 PKG_NAME:=v2ray-geodata
-PKG_RELEASE:=1
+PKG_RELEASE:=$(AUTORELEASE)
 
 PKG_LICENSE_FILES:=LICENSE
 PKG_MAINTAINER:=Tianling Shen <cnsztl@immortalwrt.org>
 
 include $(INCLUDE_DIR)/package.mk
 
-GEOIP_VER:=202512180020
+GEOIP_VER:=202511270021
 GEOIP_FILE:=geoip.dat.$(GEOIP_VER)
 define Download/geoip
   URL:=https://github.com/Loyalsoldier/geoip/releases/download/$(GEOIP_VER)/
   URL_FILE:=geoip.dat
   FILE:=$(GEOIP_FILE)
-  HASH:=63c20c159aeec8a13d61be9b89d0d1c82fecf4675f1c177db67e97477c89199d
+  HASH:=5b6fe77546c989308620dda7cc584995b92003f1fc1b53b4d18c039d9a97790a
 endef
 
-GEOSITE_VER:=202512202213
+GEOSITE_VER:=202511262214
 GEOSITE_FILE:=geosite.dat.$(GEOSITE_VER)
 define Download/geosite
   URL:=https://github.com/Loyalsoldier/v2ray-rules-dat/releases/download/$(GEOSITE_VER)/
   URL_FILE:=geosite.dat
   FILE:=$(GEOSITE_FILE)
-  HASH:=3f43687438bde815719ce0bcd9ed21c7fa807b69caa98ee1c7d6ed8954a8ff1a
+  HASH:=aa306e474877cab761dd306b5fe4ee2da763e482916ecbf3681d723781f818a0
 endef
 
 define Package/v2ray-geodata/template

xray-core/Makefile

@@ -1,12 +1,12 @@
 include $(TOPDIR)/rules.mk
 
 PKG_NAME:=Xray-core
-PKG_VERSION:=25.12.8
+PKG_VERSION:=25.10.15
 PKG_RELEASE:=1
 
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
 PKG_SOURCE_URL:=https://codeload.github.com/XTLS/Xray-core/tar.gz/v$(PKG_VERSION)?
-PKG_HASH:=d4519b2d9bb1871f4d7612aa7a8db1c451573b5a44ac824219bb44d63f404e61
+PKG_HASH:=5df030f456db58b682110545e19da9b971303387955562ec408f484580450736
 
 PKG_MAINTAINER:=Tianling Shen <cnsztl@immortalwrt.org>
 PKG_LICENSE:=MPL-2.0