[ws+uTLS] VMess协议无法使用

[flben233]

描述问题

预期行为：正常使用

实际行为：应用内测速提示EOF，打开代理后(全局模式)无法上网

如何复现

代理使用的是VMess+ws+tls，配置为手动填写，如下(已隐藏域名和UUID)：

{
  "dns": {
    "rules": [
      {
        "domain": [
          "***"
        ],
        "server": "dns-direct"
      },
      {
        "disable_cache": true,
        "domain_suffix": [
          ".arpa.",
          ".arpa"
        ],
        "server": "dns-block"
      }
    ],
    "servers": [
      {
        "address": "https://8.8.8.8/dns-query",
        "address_resolver": "dns-direct",
        "tag": "dns-remote"
      },
      {
        "address": "https://223.5.5.5/dns-query",
        "address_resolver": "dns-local",
        "detour": "direct",
        "tag": "dns-direct"
      },
      {
        "address": "underlying://0.0.0.0",
        "detour": "direct",
        "tag": "dns-local"
      },
      {
        "address": "rcode://success",
        "tag": "dns-block"
      }
    ],
    "strategy": "ipv4_only"
  },
  "inbounds": [
    {
      "listen": "127.0.0.1",
      "listen_port": 6450,
      "override_address": "8.8.8.8",
      "override_port": 53,
      "tag": "dns-in",
      "type": "direct"
    },
    {
      "domain_strategy": "",
      "endpoint_independent_nat": true,
      "inet4_address": [
        "172.19.0.1/28"
      ],
      "sniff": false,
      "stack": "system",
      "tag": "tun-in",
      "type": "tun"
    },
    {
      "domain_strategy": "",
      "listen": "127.0.0.1",
      "listen_port": 2080,
      "tag": "mixed-in",
      "type": "mixed"
    }
  ],
  "log": {
    "level": "trace"
  },
  "outbounds": [
    {
      "alter_id": 0,
      "packet_encoding": "",
      "security": "auto",
      "server": "***",
      "server_port": 443,
      "tls": {
        "enabled": true,
        "insecure": false,
        "server_name": "***",
        "utls": {
          "enabled": true,
          "fingerprint": "firefox"
        }
      },
      "transport": {
        "headers": {},
        "path": "/tyu",
        "type": "ws"
      },
      "uuid": "***",
      "type": "vmess",
      "tag": "proxy",
      "domain_strategy": ""
    },
    {
      "tag": "direct",
      "type": "direct"
    },
    {
      "tag": "bypass",
      "type": "direct"
    },
    {
      "tag": "block",
      "type": "block"
    },
    {
      "tag": "dns-out",
      "type": "dns"
    }
  ],
  "route": {
    "auto_detect_interface": true,
    "rules": [
      {
        "outbound": "dns-out",
        "port": [
          53
        ]
      },
      {
        "inbound": [
          "dns-in"
        ],
        "outbound": "dns-out"
      },
      {
        "ip_cidr": [
          "224.0.0.0/3",
          "ff00::/8"
        ],
        "outbound": "block",
        "source_ip_cidr": [
          "224.0.0.0/3",
          "ff00::/8"
        ]
      }
    ]
  }
}

日志

NekoBox for Andoird 0.8 (40) OSS
Date: 2023-03-26 10:31:10.627 UTC

OS_VERSION: 5.4.147-qgki-g369674717ad3
SDK_INT: 33
RELEASE: 13
ID: TKQ1.220829.002
DISPLAY: TKQ1.220829.002 test-keys
INCREMENTAL: V14.0.23.1.9.DEV
SECURITY_PATCH: 2023-01-01
IS_DEBUGGABLE: 0
IS_EMULATOR: null
IS_TREBLE_ENABLED: true
TYPE: user
TAGS: release-keys

MANUFACTURER: Xiaomi
BRAND: Xiaomi
MODEL: 2106118C
PRODUCT: odin
BOARD: odin
HARDWARE: qcom
DEVICE: odin
SUPPORTED_ABIS: arm64-v8a, armeabi-v7a, armeabi

Settings: 

mixedPort: 2080
portLocalDns: 6450
transproxyPort: 9200
nightTheme: 0
serviceMode: vpn
tunImplementation: 1
mtu: 9000
speedInterval: 1000
profileTrafficStatistics: true
showGroupInNotification: false
alwaysShowAddress: false
meteredNetwork: false
showDirectSpeed: true
resolveDestination: false
ipv6Mode: 0
rulesProvider: 0
muxConcurrency: 8
remoteDns: https://8.8.8.8/dns-query
directDns: https://223.5.5.5/dns-query
directDnsUseSystem: false
dnsNetwork: []
enableFakeDns: false
appendHttpProxy: false
requireTransproxy: false
transproxyMode: 0
connectionTestURL: http://cp.cloudflare.com/
acquireWakeLock: false
enableClashAPI: false
tcpKeepAliveInterval: 15
appTLSVersion: 1.2
appTheme: 20
bypassMode: false
individual: com.microsoft.emmx
com.android.vending
com.google.android.gms
com.google.android.gsf
com.picacomic.fregata
com.valvesoftware.android.steam.community
com.google.android.youtube
jp.pxv.android
com.android.providers.downloads.ui
com.android.providers.downloads
com.android.browser
com.nexon.bluearchive
showBottomBar: true
profileId: 7
trafficSniffing: false
bypassLanInCore: false
bypassLan: false
proxyApps: false
mux: []
enableDnsRouting: false
allowAccess: false
profileCurrent: 7
logLevel: 4
profileGroup: 1

Logcat: 

--------- beginning of main
03-26 18:31:09.689  9178 22186 D AppScoutStateMachine: 9178-ScoutStateMachinecreated
03-26 18:31:09.728  9178 20089 I ContentCatcher: Interceptor : Catcher list invalid for moe.nb4a@io.nekohasekai.sagernet.ui.MainActivity@117584001
03-26 18:31:09.728  9178 20089 I ContentCatcher: Interceptor : Get featureInfo from config image_pick_mode
03-26 18:31:09.729  9178 20089 I ContentCatcher: Interceptor : Get featureInfo from config pick_mode
03-26 18:31:09.887  9178  9178 D DecorView[]: onWindowFocusChanged hasWindowFocus true
03-26 18:31:09.899  9178  9178 I HandWritingStubImpl: refreshLastKeyboardType: 1
03-26 18:31:09.900  9178  9178 I HandWritingStubImpl: getCurrentKeyboardType: 1

2023/03/26 10:25:11 [Warning] [StatsBar$testConnection$1] java.lang.IllegalStateException: Get "http://cp.cloudflare.com/": unexpected EOF
2023/03/26 10:25:29 [Warning] [StatsBar$testConnection$1] java.lang.IllegalStateException: Get "http://cp.cloudflare.com/": malformed HTTP response "\x00\x00\x18\x04\x00\x00\x00\x00\x00\x00\x05\x00\x10\x00\x00\x00\x03\x00\x00\x00\xfa\x00\x06\x00\x10\x01@\x00\x04\x00\x10\x00\x00"

[arm64v8a]

有可能是因为utls覆盖了alpn的原因，请关掉或换一个指纹

[flben233]

有可能是因为utls覆盖了alpn的原因，请关掉或换一个指纹

试了下关掉或者utls设置android确实可以解决，其他的都不行

[AlirezaMoseni]

I had this problem too and its fixed by setting utls=android

[EndermanCo]

I have tested a vmess+ws+utls chrome+alpn h2,http/1.1 server with version 1.1.1 and it seems to be working. @arm64v8a https://github.com/SagerNet/sing-box/commit/e50b334b9ac3e6219601e42e2b40e33332e887b8