search

Doridian / wsvpn

VPN over WebSocket and WebTransport
BSD 3-Clause "New" or "Revised" License
120 stars 12 forks source link

WSS connect auth got 400 error #550

Open Handsome1080P opened 2 weeks ago

Handsome1080P commented 2 weeks ago

WSS can't connect,got error 400.Webtransport can connect.

2024/06/18 15:06:47 base.go:116: [CLIENT-UNSET] Connecting to wss://echoy.xxxxx:8443 with authentications: HTTP 2024/06/18 15:06:48 base.go:79: [CLIENT-UNSET] Client error: unexpected HTTP response status: 400 2024/06/18 15:06:48 base.go:87: [CLIENT-UNSET] Waiting 1s to reconnect... 2024/06/18 15:06:49 base.go:89: [CLIENT-UNSET] Reconnecting now! 2024/06/18 15:06:49 base.go:116: [CLIENT-UNSET] Connecting to wss://echoyxxxxx:8443 with authentications: HTTP ^Croot@Huawei:/home/config/wsvpn# wsvpn -mode client -config client_hkt.yaml 2024/06/18 15:06:50 Local version is: v5.38.2 (protocol 12) 2024/06/18 15:06:50 base.go:116: [CLIENT-UNSET] Connecting to webtransport://echoy.xxxx:8443 with authentications: HTTP 2024/06/18 15:06:50 connection.go:63: [CLIENT-UNSET] Command serialization: json 2024/06/18 15:06:50 connection.go:67: [CLIENT-UNSET] TLS 1.3 WebTransport connection established with cipher=TLS_CHACHA20_POLY1305_SHA256 2024/06/18 15:06:50 commands.go:62: [CLIENT-UNSET] Remote version is: v5.38.2 (protocol 12) 2024/06/18 15:06:50 base.go:169: [CLIENT-UNSET] Setting fragmentation: enabled 2024/06/18 15:06:50 commands.go:82: [CLIENT-UNSET] Got reply to command ID e8b4fbab-4f62-49f6-91e7-dce179b6e0fe (ok): OK 2024/06/18 15:06:50 commands.go:67: [CLIENT-48b7c03c-97b0-401c-be48-22502b70f764] Network mode TUN, Subnet 100.125.0.2/24, MTU 1420, IPConfig enabled 2024/06/18 15:06:50 commands.go:85: [CLIENT-48b7c03c-97b0-401c-be48-22502b70f764] Opened interface tun10 2024/06/18 15:06:50 commands.go:116: [CLIENT-48b7c03c-97b0-401c-be48-22502b70f764] Configured interface, VPN online 2024/06/18 15:07:00 ping.go:37: [CLIENT-48b7c03c-97b0-401c-be48-22502b70f764] Sent ping 2024/06/18 15:07:00 ping.go:13: [CLIENT-48b7c03c-97b0-401c-be48-22502b70f764] Received pong 2024/06/18 15:07:10 ping.go:37: [CLIENT-48b7c03c-97b0-401c-be48-22502b70f764] Sent ping 2024/06/18 15:07:10 ping.go:13: [CLIENT-48b7c03c-97b0-401c-be48-22502b70f764] Received pong 2024/06/18 15:07:20 ping.go:37: [CLIENT-48b7c03c-97b0-401c-be48-22502b70f764] Sent ping 2024/06/18 15:07:20 ping.go:13: [CLIENT-48b7c03c-97b0-401c-be48-22502b70f764] Received pong

Handsome1080P commented 2 weeks ago

Client: tunnel: set-default-gateway: false ping: interval: 10s timeout: 5s features: fragmentation: true

interface: name: "tun10" persist: false

firewall-mark:

scripts: up: [] down: []

client: server: "wss://John:634218@xxx:8443" proxy: "" auth-file: "" auto-reconnect-delay: 1s headers: Host:

  • exxxxxxxx tls: ca: "" certificate: "" key: "" server-name: "xxxx" config: insecure: false min-version: 1.2 max-version: 1.3 cipher-preference: "CHACHA" key-log-file: ""
Handsome1080P commented 2 weeks ago

server:

tunnel: mtu: 1420 subnet: 100.125.0.1/24 mode: TUN allow-client-to-client: true allow-ip-spoofing: false allow-mac-changing: false allowed-macs-per-connection: 1 allow-unknown-ether-types: false features: fragmentation: true ip-config: local: true remote: true ping: interval: 60s timeout: 3s

interface: name: "tun0" persist: false one-interface-per-connection: false

scripts: up: [] down: [] startup: []

server: listen: ":8443" enable-http3: true website-directory: "/home/config/wsvpn/html" headers: X-Some-Host:

  • xxxxxxz tls: client-ca: "" certificate: "/home/config/acme/xxxxx_ecc/fullchain.cer" key: "/home/config/acme/xxxxxxechoxz.key" config: min-version: 1.3 max-version: 1.3 cipher-preference: "CHACHA" key-log-file: "" authenticator: type: "htpasswd" config: "/home/config/wsvpn/123.htpasswd" max-connections-per-user: 0 max-connections-per-user-mode: kill-oldest api: enabled: false users: [] preauthorize-secret: "x"
Doridian commented 1 week ago

@Handsome1080P Can you provide server log for the relevant timeframe?

Handsome1080P commented 1 week ago

@Handsome1080P Can you provide server log for the relevant timeframe?

Client connect to server use WSS,the server not displayed any logs

2024/06/24 15:03:23 Local version is: v5.38.2 (protocol 12) 2024/06/24 15:03:23 listener.go:103: [SERVER-29a74a74-d231-4bbf-8413-b9f28863d412] VPN server online at :8443 (HTTP/3 enabled, TLS enabled, mTLS disabled), Mode TUN, Subnet 100.126.0.1/24 (253 max clients), MTU 1420

But if I use browser visit the server,server will show some logs:

2024/06/24 15:03:23 listener.go:103: [SERVER-29a74a74-d231-4bbf-8413-b9f28863d412] VPN server online at :8443 (HTTP/3 enabled, TLS enabled, mTLS disabled), Mode TUN, Subnet 100.126.0.1/24 (253 max clients), MTU 1420 2024/06/24 15:05:20 sockets.go:52: [CLIENT-e7b70860-ae28-4443-8c2f-21336750b552] TLS 1.3 connection established with cipher=TLS_CHACHA20_POLY1305_SHA256 2024/06/24 15:05:20 auth.go:34: [CLIENT-e7b70860-ae28-4443-8c2f-21336750b552] Client failed authenticator challenge 2024/06/24 15:05:24 sockets.go:52: [CLIENT-3bae2e6a-c653-40d4-9733-371124c26c62] TLS 1.3 connection established with cipher=TLS_CHACHA20_POLY1305_SHA256 2024/06/24 15:05:24 auth.go:34: [CLIENT-3bae2e6a-c653-40d4-9733-371124c26c62] Client failed authenticator challenge 2024/06/24 15:05:30 sockets.go:52: [CLIENT-659c6019-9908-4b83-b6d4-508c722e64ef] TLS 1.3 connection established with cipher=TLS_CHACHA20_POLY1305_SHA256 2024/06/24 15:05:30 sockets.go:71: [CLIENT-659c6019-9908-4b83-b6d4-508c722e64ef] Authenticated as: John 2024/06/24 15:05:31 sockets.go:52: [CLIENT-5f5315d5-b942-4055-9932-797da1224505] TLS 1.3 connection established with cipher=TLS_CHACHA20_POLY1305_SHA256 2024/06/24 15:05:31 sockets.go:71: [CLIENT-5f5315d5-b942-4055-9932-797da1224505] Authenticated as: John