Fix hardcoded 8.8.8.8 DNS resolver when CGO is enabled on Android#45
Conversation
madeye
left a comment
There was a problem hiding this comment.
Review: request changes
-
Submodule SHA is unreachable.
1fec42d3396602402accf360bbebd06963c1a3bcdoes not exist onshadowsocks/v2ray-plugin(git cat-file/ API /ls-remoteall fail). Any clone or CIgit submodule update --initwill break. -
Description does not match the diff. Body claims a new
dns_android.goand an x/crypto bump, but this Android PR only moves the gitlink. The real plugin-side change was never published. -
Proper fix (in progress). Intent is correct (CGO builds must not force
8.8.8.8; see #44 and v2fly/v2ray-core#3755). Prefer either:- Bump
v2ray-coreto v5.52.0+ (//go:build android && !cgo) once the Go toolchain is ≥ 1.25.5, or - Publish a real plugin commit with only:
and point the submodule at that SHA.
//go:build android && cgo package main import "net" func init() { net.DefaultResolver = &net.Resolver{} }
- Bump
-
Drop the x/crypto bump from this change if it is in the private submodule commit — keep the DNS fix atomic (dependabot has #326 for crypto).
-
Keep this draft closed/replaced once a reviewable PR lands; do not merge as-is.
|
Closing in favor of a reviewable fix:
Same approach as this draft described, without the unreachable gitlink / scope creep. |
|
Superseded by #46 + shadowsocks/v2ray-plugin#335. |
v2ray-core includes a workaround in
system_dns_android.gothat overridesnet.DefaultResolverto use8.8.8.8:53for Android builds without CGO. This plugin builds withCGO_ENABLED=1, so the workaround is never needed — but theinit()still fires, causing DNS loopback and DNS poisoning under Android VPN protect mode.The upstream fix (v2fly/v2ray-core#3755, adding
!cgoto the build tag) only landed in v5.52.0 which requires Go 1.25.5+, beyond the current toolchain.Changes
app/src/main/go/v2ray-plugin/dns_android.go(new file): Adds aninit()in themainpackage gated on//go:build android && cgothat resetsnet.DefaultResolverto its default after v2ray-core's package-level override runs:Since
mainpackage inits execute after all dependency package inits, this cleanly undoes the override and restores the CGO-based system resolver.e9af1cd→ includes this fix plus a pendinggolang.org/x/cryptobump (0.28.0 → 0.31.0).