From b01a71f32db710b8bd0061a20106ddcfdc5f1abe Mon Sep 17 00:00:00 2001 From: Yunheng Liu <121078488+Kookiejarz@users.noreply.github.com> Date: Wed, 4 Mar 2026 22:13:08 -0500 Subject: [PATCH 1/3] Replace random string generation method with OpenSSL for better randomness in install.sh The previous implementation using cat /dev/urandom | tr caused tr to hang and consume 100% CPU on certain environments (e.g., GCP, specific kernels) due to delayed SIGPIPE handling. Using openssl provides a finite, cryptographically secure string that eliminates this CPU spike and is noticeably faster." --- install.sh | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) diff --git a/install.sh b/install.sh index 9d1aeb6b..6a64e115 100644 --- a/install.sh +++ b/install.sh @@ -105,10 +105,12 @@ install_base() { gen_random_string() { local length="$1" - local random_string=$(LC_ALL=C tr -dc 'a-zA-Z0-9' Date: Wed, 4 Mar 2026 22:35:25 -0500 Subject: [PATCH 2/3] fix: add openssl to install_base deps and fix comment style --- install.sh | 20 ++++++++++---------- 1 file changed, 10 insertions(+), 10 deletions(-) diff --git a/install.sh b/install.sh index 6a64e115..8b9aed57 100644 --- a/install.sh +++ b/install.sh @@ -76,41 +76,41 @@ is_port_in_use() { install_base() { case "${release}" in ubuntu | debian | armbian) - apt-get update && apt-get install -y -q cron curl tar tzdata socat ca-certificates + apt-get update && apt-get install -y -q cron curl tar tzdata socat ca-certificates openssl ;; fedora | amzn | virtuozzo | rhel | almalinux | rocky | ol) - dnf -y update && dnf install -y -q curl tar tzdata socat ca-certificates + dnf -y update && dnf install -y -q curl tar tzdata socat ca-certificates openssl ;; centos) if [[ "${VERSION_ID}" =~ ^7 ]]; then - yum -y update && yum install -y curl tar tzdata socat ca-certificates + yum -y update && yum install -y curl tar tzdata socat ca-certificates openssl else - dnf -y update && dnf install -y -q curl tar tzdata socat ca-certificates + dnf -y update && dnf install -y -q curl tar tzdata socat ca-certificates openssl fi ;; arch | manjaro | parch) - pacman -Syu && pacman -Syu --noconfirm curl tar tzdata socat ca-certificates + pacman -Syu && pacman -Syu --noconfirm curl tar tzdata socat ca-certificates openssl ;; opensuse-tumbleweed | opensuse-leap) - zypper refresh && zypper -q install -y curl tar timezone socat ca-certificates + zypper refresh && zypper -q install -y curl tar timezone socat ca-certificates openssl ;; alpine) - apk update && apk add curl tar tzdata socat ca-certificates + apk update && apk add curl tar tzdata socat ca-certificates openssl ;; *) - apt-get update && apt-get install -y -q curl tar tzdata socat ca-certificates + apt-get update && apt-get install -y -q curl tar tzdata socat ca-certificates openssl ;; esac } gen_random_string() { local length="$1" - # openssl output base64,no need /dev/urandom + tr + # openssl output base64, no need /dev/urandom + tr openssl rand -base64 $(( length * 2 )) \ | tr -dc 'a-zA-Z0-9' \ | head -c "$length" } - + install_acme() { echo -e "${green}Installing acme.sh for SSL certificate management...${plain}" cd ~ || return 1 From 4348140a781e2fa6ca86beed35a98dd9d21080a9 Mon Sep 17 00:00:00 2001 From: Kookiejarz Date: Sun, 8 Mar 2026 20:08:36 -0400 Subject: [PATCH 3/3] update gen_random_string for all three scripts --- install.sh | 1 - update.sh | 5 +++-- x-ui.sh | 5 +++-- 3 files changed, 6 insertions(+), 5 deletions(-) diff --git a/install.sh b/install.sh index 8b9aed57..af6b8a51 100644 --- a/install.sh +++ b/install.sh @@ -105,7 +105,6 @@ install_base() { gen_random_string() { local length="$1" - # openssl output base64, no need /dev/urandom + tr openssl rand -base64 $(( length * 2 )) \ | tr -dc 'a-zA-Z0-9' \ | head -c "$length" diff --git a/update.sh b/update.sh index 5dce0ce3..9365bf8a 100755 --- a/update.sh +++ b/update.sh @@ -100,8 +100,9 @@ is_port_in_use() { gen_random_string() { local length="$1" - local random_string=$(LC_ALL=C tr -dc 'a-zA-Z0-9'