Closed wsm25 closed 4 months ago
Windows
Windows11 22631.3155
sing-box 原始命令行程序
No response
Tags: with_gvisor,with_quic,with_dhcp,with_wireguard,with_ech,with_utls,with_reality_server,with_acme,with_clash_api Revision: f288e3898b047a0287b3c2041826e03a691221f5 CGO: disabled
在 XTLS 与多路复用(smux/h2mux)同时启用的情况下,TLS 流量会解密错误;具体表现为 curl 输出 OpenSSL SSL_read: OpenSSL/3.0.13: error:0A000119:SSL routines::decryption failed or bad record mac, errno 0 yamux 多路复用协议工作良好。
OpenSSL SSL_read: OpenSSL/3.0.13: error:0A000119:SSL routines::decryption failed or bad record mac, errno 0
在运行 sing-box -c local.json 和 sing-box -c remote.json 后运行 curl -x socks5h://127.0.0.1:1080 -v -o/dev/null https://sgp.proof.ovh.net/files/100Mb.dat
sing-box -c local.json
sing-box -c remote.json
curl -x socks5h://127.0.0.1:1080 -v -o/dev/null https://sgp.proof.ovh.net/files/100Mb.dat
// local.json { "inbounds": [{"type": "socks", "listen_port": 1080}], "outbounds": [{ "type": "vless", "server": "127.0.0.1", "server_port": 8080, "flow": "xtls-rprx-vision", "uuid": "bf000d23-0752-40b4-affe-68f7707a9661", "multiplex": {"enabled": true}, "tls": { "enabled": true, "server_name": "domain", "certificate_path": "cert" } }] }
// remote.json { "inbounds": [{ "type": "vless", "listen_port": 8080, "users": [{ "name": "sekai", "uuid": "bf000d23-0752-40b4-affe-68f7707a9661", "flow": "xtls-rprx-vision" }], "multiplex": {"enabled": true}, "tls": { "enabled": true, "server_name": "domain", "certificate_path": "cert", "key_path": "key" } }], "outbounds": [{"type": "direct"}] }
# key -----BEGIN EC PARAMETERS----- BggqhkjOPQMBBw== -----END EC PARAMETERS----- -----BEGIN EC PRIVATE KEY----- MHcCAQEEIDq5E2oU3iDgYXlXt9boOOQu//+DDiCsa+qRpqHjCJdToAoGCCqGSM49 AwEHoUQDQgAEm4kzKIz1N4tDFwY5fKTzy+ChXC2TV3jrIOUSuicXtgRqvEbnzKIU +9WDCi0EoG8+W3EtHzOtGUPrv21c61ewyw== -----END EC PRIVATE KEY-----
# cert -----BEGIN CERTIFICATE----- MIIBizCCATCgAwIBAgIUGNE3dRfziBKfLwmahrQpcsZ27LwwCgYIKoZIzj0EAwIw ETEPMA0GA1UEAwwGZG9tYWluMB4XDTI0MDMwMzEzNTkyNFoXDTI1MDMwMzEzNTky NFowETEPMA0GA1UEAwwGZG9tYWluMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAE m4kzKIz1N4tDFwY5fKTzy+ChXC2TV3jrIOUSuicXtgRqvEbnzKIU+9WDCi0EoG8+ W3EtHzOtGUPrv21c61ewy6NmMGQwHQYDVR0OBBYEFFvPeBUIeGuKYZKSaF7/2cJ+ 5B7VMB8GA1UdIwQYMBaAFFvPeBUIeGuKYZKSaF7/2cJ+5B7VMA8GA1UdEwEB/wQF MAMBAf8wEQYDVR0RBAowCIIGZG9tYWluMAoGCCqGSM49BAMCA0kAMEYCIQD3bK32 Y+HMYxHumxHh8y8K+dPSYrlDVcJWWPaie/DKdgIhAPzPclcI0kVXpGi4l843GlTr Au7dgIrRVebLnP/MQfLI -----END CERTIFICATE-----
如果多路复用协议启用,vision 将没有任何意义。
操作系统
Windows
系统版本
Windows11 22631.3155
安装类型
sing-box 原始命令行程序
如果您使用图形客户端程序,请提供该程序版本。
No response
版本
描述
在 XTLS 与多路复用(smux/h2mux)同时启用的情况下,TLS 流量会解密错误;具体表现为 curl 输出
OpenSSL SSL_read: OpenSSL/3.0.13: error:0A000119:SSL routines::decryption failed or bad record mac, errno 0
yamux 多路复用协议工作良好。重现方式
在运行
sing-box -c local.json
和sing-box -c remote.json
后运行curl -x socks5h://127.0.0.1:1080 -v -o/dev/null https://sgp.proof.ovh.net/files/100Mb.dat
日志
No response
完整性要求