Watfaq / clash-rs

custom protocol network proxy
https://watfaq.gitbook.io/clashrs-user-manual/
Apache License 2.0
808 stars 64 forks source link

closed with error crypto error: BAD_DECRYPT #216

Closed xmh0511 closed 10 months ago

xmh0511 commented 11 months ago
grpc initialization error
closed with error crypto error: BAD_DECRYPT
 error: invalid peer certificate: Other(UnsupportedCertVersion)
ibigbug commented 11 months ago

UnsupportedCertVersion

Likely to be https://github.com/rustls/webpki/issues/29#issuecomment-1453783741

xmh0511 commented 10 months ago

clash-rs should support this certification, the core clash written by Golang supports this configuration and can work well.

xmh0511 commented 10 months ago

https://github.com/keiko233/clash-nyanpasu/issues/54

ibigbug commented 10 months ago

I don't know how to reproduce this, if the issue is the cert, if you don't mind sharing a server that raises the error.

ibigbug commented 10 months ago

Thanks. Will have a look later. I've saved the info, you can delete it if you want.

xmh0511 commented 10 months ago

Thanks. Will have a look later. I've saved the info, you can delete it if you want.

Ok. if you want the complete configuration file, I can send it to your email for security.

ibigbug commented 10 months ago

No that should be enough. Will let you know if I need more details.

xmh0511 commented 10 months ago

@ibigbug I tested the latest version, It still doesn't work. The given node can have a timeout test however cannot open any website through the node. Moreover, some other nodes cannot have a timeout test. 452590302

截屏2023-12-28 11 02 40
ibigbug commented 10 months ago

Could you send you config to dev@watfaw.com

There might be other issues.

xmh0511 commented 10 months ago

Could you send you config to dev@watfaw.com

There might be other issues.

I have sent it to you, check it out.

xmh0511 commented 10 months ago

@ibigbug The email responded me with the error:

 DNS Error: DNS type 'mx' lookup of watfaw.com responded with code NXDOMAIN Domain name not found: watfaw.com Learn more at https://support.google.com/mail/?p=BadRcptDomain 
ibigbug commented 10 months ago

Sorry. A dev@watfaq.com. I typed too fast.

ibigbug commented 10 months ago

i took one failed proxy yiyuanjichang.com and the original go clash can't use it either.

more over the grpc init is rejected by cloudflare with

grpc init stream resp: Response { status: 403, version: HTTP/2.0, headers: {"server": "cloudflare", "date": "Thu, 28 Dec 2023 08:32:54 GMT", "content-type": "text/html", "content-length": "151", "cf-ray": "83c874958f89a973-SYD"}, body: RecvStream { inner: FlowControl { inner: OpaqueStreamRef { stream_id: StreamId(1), ref_count: 2 } } } }

maybe consult your provider

xmh0511 commented 10 months ago

@ibigbug

original go clash can't use it either.

The Clash Premium written by Go can use it.

截屏2023-12-28 17 15 30 截屏2023-12-28 17 15 14