Shin (Former Aleph)
64409f6b41
Three fixes + one behaviour change from v1.0.1 reports. APK signature is now stable (release.jks committed) ---------------------------------------------------- v1.0.0 and v1.0.1 signed release APKs with Gradle's auto-generated debug keystore, which is randomly generated per machine and per CI runner. Result: every upgrade failed with INSTALL_FAILED_UPDATE_INCOMPATIBLE and users had to uninstall first. Unfixable without a stable key. android/app/release.jks now holds that key, committed to the repo with the password in plaintext in build.gradle.kts. This is fine for a FOSS sideload project without a Play Store identity — the trust model is "trust the source tree you pulled from," not "trust the key we hold." Anyone forking and shipping a rebranded build should generate their own key. One-time cost: v1.0.1 → v1.0.2 STILL requires uninstall, because we're switching signature keys. Every upgrade from v1.0.2 onward is clean. Stop no longer (sometimes) closes the app ----------------------------------------- teardown() is reachable from three paths on two threads: 1. ACTION_STOP onStartCommand branch (mhrv-teardown worker) 2. onDestroy after stopSelf (main thread) 3. VpnService revocation out-of-band (main thread) Running the full native cleanup sequence twice races the two threads through Tun2proxy.stop() → fd.close() → Native.stopProxy(handle) on state that's already been nullified — SIGSEGV source, user-visible as "tap Stop, app disappears." New AtomicBoolean `tornDown` gates entry: first caller wins, every subsequent caller logs "teardown: already done" and returns. onDestroy also wraps the call in try/catch — crashing out of onDestroy takes the whole process with it, which is exactly the bug we're trying to fix. Smoke-tested on emulator: teardown now logs teardown: begin caller=mhrv-teardown ... clean sequence ... teardown: done onDestroy entered teardown: already done, skipping (caller=main) onDestroy done with PID unchanged throughout. CA install now routes to the Settings search -------------------------------------------- Old flow: `Settings.ACTION_SECURITY_SETTINGS` deep-link, then walk "Encryption & credentials → Install a certificate → CA certificate". That path varies wildly between OEMs (Samsung buries it under "Biometrics and security → Other security settings"; Xiaomi under "Passwords & Security → Privacy"; Pixel splits it between "More security settings" and "Privacy controls" depending on Android version). Users got lost. New flow: open the top-level Settings app (`Settings.ACTION_SETTINGS`) and instruct the user to use the Settings search bar to find "CA certificate". Search is consistent across OEMs and Android versions; the menu paths are not. Dialog, snackbar, and `docs/android.md` copy all updated to match. Version bump: 1.0.1 → 1.0.2 (versionCode 101 → 102). releases/mhrv-rs-android-universal-v1.0.1.apk replaced with the v1.0.2 build. 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-authored-by: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
Prebuilt Binaries
This folder contains the prebuilt binaries from the latest release, committed directly to the repository for users who cannot reach the GitHub Releases page.
Current version: v1.0.2
| File | Platform | Contents |
|---|---|---|
mhrv-rs-android-universal-v1.0.2.apk |
Android 7.0+ (all ABIs) | Universal APK — arm64-v8a, armeabi-v7a, x86_64, x86 in one file |
mhrv-rs-linux-amd64.tar.gz |
Linux x86_64 | mhrv-rs, mhrv-rs-ui, run.sh |
mhrv-rs-linux-arm64.tar.gz |
Linux aarch64 | mhrv-rs, run.sh (CLI only) |
mhrv-rs-raspbian-armhf.tar.gz |
Raspberry Pi / ARMv7 hardfloat | mhrv-rs, run.sh (CLI only) |
mhrv-rs-macos-amd64.tar.gz |
macOS Intel | mhrv-rs, mhrv-rs-ui, run.sh, run.command |
mhrv-rs-macos-amd64-app.zip |
macOS Intel | mhrv-rs.app bundle (double-click from Finder) |
mhrv-rs-macos-arm64.tar.gz |
macOS Apple Silicon | mhrv-rs, mhrv-rs-ui, run.sh, run.command |
mhrv-rs-macos-arm64-app.zip |
macOS Apple Silicon | mhrv-rs.app bundle (double-click from Finder) |
mhrv-rs-windows-amd64.zip |
Windows x86_64 | mhrv-rs.exe, mhrv-rs-ui.exe, run.bat |
mhrv-rs-linux-musl-amd64.tar.gz |
OpenWRT / Alpine x86_64 | static mhrv-rs + mhrv-rs.init (procd) |
mhrv-rs-linux-musl-arm64.tar.gz |
OpenWRT / Alpine aarch64 | static mhrv-rs + mhrv-rs.init (procd) |
Download via git clone
git clone https://github.com/therealaleph/MasterHttpRelayVPN-RUST.git
cd MasterHttpRelayVPN-RUST/releases
Download via ZIP
Go to github.com/therealaleph/MasterHttpRelayVPN-RUST, click the green Code button, then Download ZIP. Extract it — the archives are in the releases/ folder.
After download
Linux / macOS
tar xzf mhrv-rs-macos-arm64.tar.gz
cd mhrv-rs-macos-arm64 # or wherever the archive extracted to
./run.sh # or ./run.command on macOS (double-click in Finder)
Windows
Extract mhrv-rs-windows-amd64.zip, then double-click run.bat inside the extracted folder (accept the UAC prompt so the MITM CA can be installed).
Android
Copy mhrv-rs-android-universal-v1.0.2.apk to your phone, tap it from the Files app, and allow "Install unknown apps" for whichever app is opening the APK (Files, Chrome, etc.). See the Android guide for the full walk-through of the first-run steps (Apps Script deployment, MITM CA install, VPN permission, SNI tester).
See the main README for desktop setup (Apps Script deployment, config, browser proxy settings).
فایلهای اجرایی
این پوشه شامل فایلهای آخرین نسخه است و مستقیماً در ریپو قرار گرفته برای کاربرانی که به صفحهٔ GitHub Releases دسترسی ندارند.
نسخهٔ فعلی: v1.0.2
دانلود از طریق ZIP
به github.com/therealaleph/MasterHttpRelayVPN-RUST بروید، روی دکمهٔ سبز Code کلیک و Download ZIP را بزنید. پس از extract، آرشیوها در پوشهٔ releases/ هستند.
بعد از دانلود
لینوکس / مک:
tar xzf mhrv-rs-macos-arm64.tar.gz
cd mhrv-rs-macos-arm64
./run.sh # در مک میتوانید روی run.command هم از Finder دو بار کلیک کنید
ویندوز: فایل mhrv-rs-windows-amd64.zip را extract کنید و داخل پوشه روی run.bat دو بار کلیک کنید (UAC را قبول کنید تا گواهی MITM نصب شود).
اندروید: فایل mhrv-rs-android-universal-v1.0.2.apk را روی گوشی کپی کنید، از Files app روی آن tap کنید و اجازهٔ "نصب برنامههای ناشناس" را بدهید. راهنمای کامل شروع به کار (دیپلوی Apps Script، نصب CA، اجازهٔ VPN، تستر SNI) در راهنمای اندروید هست.
برای راهاندازی کامل دسکتاپ (دیپلوی Apps Script، config، تنظیم proxy مرورگر) به README اصلی مراجعه کنید.