diff --git a/app/src/main/assets/yacd.version.txt b/app/src/main/assets/yacd.version.txt index 56a6051..d8263ee 100644 --- a/app/src/main/assets/yacd.version.txt +++ b/app/src/main/assets/yacd.version.txt @@ -1 +1 @@ -1 \ No newline at end of file +2 \ No newline at end of file diff --git a/app/src/main/assets/yacd.zip b/app/src/main/assets/yacd.zip index 46d2b59..fba573c 100644 Binary files a/app/src/main/assets/yacd.zip and b/app/src/main/assets/yacd.zip differ diff --git a/buildScript/lib/core/get_source_env.sh b/buildScript/lib/core/get_source_env.sh index e6436f2..f94764a 100644 --- a/buildScript/lib/core/get_source_env.sh +++ b/buildScript/lib/core/get_source_env.sh @@ -1,5 +1,5 @@ if [ ! -z $ENV_NB4A ]; then - export COMMIT_SING_BOX_EXTRA="c61e8ae9d227a918e85fcd22fb36d89a0ad9a661" + export COMMIT_SING_BOX_EXTRA="1ea593f166ddb44e12ba9c7b41bcc6e73b66b550" fi if [ ! -z $ENV_SING_BOX_EXTRA ]; then diff --git a/libcore/certs.go b/libcore/certs.go new file mode 100644 index 0000000..00a98db --- /dev/null +++ b/libcore/certs.go @@ -0,0 +1,24 @@ +package libcore + +import ( + "crypto/x509" + "log" + _ "unsafe" // for go:linkname +) + +//go:linkname systemRoots crypto/x509.systemRoots +var systemRoots *x509.CertPool + +func updateRootCACerts(pem []byte) { + x509.SystemCertPool() + roots := x509.NewCertPool() + if !roots.AppendCertsFromPEM(pem) { + log.Println("failed to append certificates from pem") + return + } + systemRoots = roots + log.Println("external ca.pem was loaded") +} + +//go:linkname initSystemRoots crypto/x509.initSystemRoots +func initSystemRoots() diff --git a/libcore/nb4a.go b/libcore/nb4a.go index 67650a8..adbac65 100644 --- a/libcore/nb4a.go +++ b/libcore/nb4a.go @@ -78,6 +78,12 @@ func InitCore(process, cachePath, internalAssets, externalAssets string, outdated = "Your version is too old! Please update!! 版本太旧,请升级!" } + // certs + pem, err := os.ReadFile(externalAssetsPath + "ca.pem") + if err == nil { + updateRootCACerts(pem) + } + // bg if isBgProcess { extractAssets()