search

XTLS / Xray-core

Xray, Penetrates Everything. Also the best v2ray-core, with XTLS support. Fully compatible configuration.
https://t.me/projectXray
Mozilla Public License 2.0
25.48k stars 3.94k forks source link

使用 a479013 版本,会偶尔遇到的 SSL 错误的现象 #1732

Closed chika0801 closed 1 year ago

chika0801 commented 1 year ago

使用的是Vision+REALITY,服务端是自己偷自己,客户端 ——Vision+REALITY—— 服务端,检测到是成人网站,服务端出站用ss2022——另一个VPS落地

sukebei.nyaa.si为浏览器访问的网站,是一个TLS 1.2的,我也遇到了访问TLS 1.3的javbus.com报SSL出错的现象(没抓到日志)。这个是正好记录了。

暂时用了10分钟,遇到次数很少,再观察一下了

以下是客户端日志

2023/03/03 12:55:27 [Info] [370085563] proxy/http: request to Method [CONNECT] Host [sukebei.nyaa.si:443] with URL [//sukebei.nyaa.si:443]
2023/03/03 12:55:27 [Info] [370085563] app/dispatcher: sniffed domain: sukebei.nyaa.si
2023/03/03 12:55:27 [Info] [370085563] app/dispatcher: taking detour [proxy] for [tcp:sukebei.nyaa.si:443]
2023/03/03 12:55:27 127.0.0.1:2367 accepted //sukebei.nyaa.si:443 [proxy]
2023/03/03 12:55:27 [Info] [370085563] transport/internet/tcp: dialing TCP to tcp:[VPS的IP]:443
2023/03/03 12:55:27 [Debug] transport/internet: dialing to tcp:[VPS的IP]:443
REALITY localAddr: 192.168.10.10:2368   hello.sessionId[:16]: [1 7 5 0 100 1 125 191 213 57 1 103 234 200 244 178]
REALITY localAddr: 192.168.10.10:2368   hello.sessionId: [4 47 192 58 229 242 69 130 188 37 66 111 43 172 172 229 42 76 32 86 110 193 65 187 143 187 105 198 236 128 109 169]
REALITY localAddr: 192.168.10.10:2368   uConn.AuthKey: [100 1 143 250 241 30 108 255 149 68 184 247 244 97 110 1 69 78 125 59 200 250 31 198 135 40 217 157 54 52 17 92]
REALITY localAddr: 192.168.10.10:2368   uConn.Verified: true
2023/03/03 12:55:27 [Info] [370085563] proxy/vless/outbound: tunneling request to tcp:sukebei.nyaa.si:443 via [VPS的IP]:443
2023/03/03 12:55:27 [Info] [370085563] proxy/vless/encoding: XtlsFilterTls found tls client hello! 517
2023/03/03 12:55:27 [Info] [370085563] proxy/vless/encoding: XtlsPadding 517 441 0
2023/03/03 12:55:27 [Info] [1083789458] proxy/http: request to Method [CONNECT] Host [kukushouhou.com:443] with URL [//kukushouhou.com:443]
2023/03/03 12:55:27 [Info] [1083789458] app/dispatcher: sniffed domain: kukushouhou.com
2023/03/03 12:55:27 [Info] [1083789458] app/dispatcher: default route for tcp:kukushouhou.com:443
2023/03/03 12:55:27 127.0.0.1:2369 accepted //kukushouhou.com:443 [proxy]
2023/03/03 12:55:27 [Info] [1083789458] transport/internet/tcp: dialing TCP to tcp:[VPS的IP]:443
2023/03/03 12:55:27 [Debug] transport/internet: dialing to tcp:[VPS的IP]:443
REALITY localAddr: 192.168.10.10:2370   hello.sessionId[:16]: [1 7 5 0 100 1 125 191 213 57 1 103 234 200 244 178]
REALITY localAddr: 192.168.10.10:2370   hello.sessionId: [37 118 181 83 136 153 233 33 177 201 54 135 56 49 180 22 132 72 104 92 213 230 186 177 170 84 247 14 101 48 175 142]
REALITY localAddr: 192.168.10.10:2370   uConn.AuthKey: [219 107 149 241 54 46 51 48 64 64 20 177 163 121 4 160 90 59 63 226 140 183 9 109 215 115 177 4 249 85 187 167]
REALITY localAddr: 192.168.10.10:2370   uConn.Verified: true
2023/03/03 12:55:27 [Info] [1083789458] proxy/vless/outbound: tunneling request to tcp:kukushouhou.com:443 via [VPS的IP]:443
2023/03/03 12:55:27 [Info] [1083789458] proxy/vless/encoding: XtlsFilterTls found tls client hello! 517
2023/03/03 12:55:27 [Info] [1083789458] proxy/vless/encoding: XtlsPadding 517 464 0
2023/03/03 12:55:28 [Info] [370085563] proxy/vless/encoding: Xtls Unpadding new block0 16 content 2048 padding 194 0
2023/03/03 12:55:28 [Info] [370085563] proxy/vless/encoding: XtlsFilterTls found tls 1.2! 1163
2023/03/03 12:55:28 [Info] [370085563] proxy/vless/encoding: Xtls Unpadding new block0 1079 content 18679 padding 48746 238
2023/03/03 12:55:28 [Info] [370085563] proxy/vless/encoding: XtlsPadding 7 1359 0
2023/03/03 12:55:28 [Info] [2085836322] proxy/http: request to Method [CONNECT] Host [sukebei.nyaa.si:443] with URL [//sukebei.nyaa.si:443]
2023/03/03 12:55:28 [Info] [2085836322] app/dispatcher: sniffed domain: sukebei.nyaa.si
2023/03/03 12:55:28 [Info] [2085836322] app/dispatcher: taking detour [proxy] for [tcp:sukebei.nyaa.si:443]
2023/03/03 12:55:28 127.0.0.1:2371 accepted //sukebei.nyaa.si:443 [proxy]
2023/03/03 12:55:28 [Info] [2085836322] transport/internet/tcp: dialing TCP to tcp:[VPS的IP]:443
2023/03/03 12:55:28 [Debug] transport/internet: dialing to tcp:[VPS的IP]:443
REALITY localAddr: 192.168.10.10:2372   hello.sessionId[:16]: [1 7 5 0 100 1 125 192 213 57 1 103 234 200 244 178]
REALITY localAddr: 192.168.10.10:2372   hello.sessionId: [194 218 75 158 159 233 45 153 52 110 200 229 181 63 185 124 109 84 246 139 124 40 161 170 65 135 206 205 58 188 24 49]
REALITY localAddr: 192.168.10.10:2372   uConn.AuthKey: [58 100 240 221 125 136 227 238 230 130 7 124 110 92 64 111 151 227 207 253 237 74 36 247 184 116 245 101 140 133 134 89]
REALITY localAddr: 192.168.10.10:2372   uConn.Verified: true
2023/03/03 12:55:28 [Info] [2085836322] proxy/vless/outbound: tunneling request to tcp:sukebei.nyaa.si:443 via [VPS的IP]:443
2023/03/03 12:55:28 [Info] [2085836322] proxy/vless/encoding: XtlsFilterTls found tls client hello! 517
2023/03/03 12:55:28 [Info] [2085836322] proxy/vless/encoding: XtlsPadding 517 513 0
2023/03/03 12:55:29 [Info] [2085836322] proxy/vless/encoding: Xtls Unpadding new block0 16 content 2048 padding 233 0
2023/03/03 12:55:29 [Info] [2085836322] proxy/vless/encoding: XtlsFilterTls found tls 1.2! 1163
2023/03/03 12:55:29 [Info] [2085836322] proxy/vless/encoding: Xtls Unpadding new block0 1118 content 18679 padding 48746 238
2023/03/03 12:55:29 [Info] [2085836322] proxy/vless/encoding: XtlsPadding 7 1106 0
2023/03/03 12:55:29 [Info] [370085563] app/proxyman/inbound: connection ends > proxy/http: connection ends > context canceled
2023/03/03 12:55:29 [Info] [1083789458] proxy/vless/encoding: Xtls Unpadding new block0 16 content 2048 padding 78 0
2023/03/03 12:55:29 [Info] [1083789458] proxy/vless/encoding: XtlsFilterTls found tls 1.2! 1163
2023/03/03 12:55:29 [Info] [1083789458] proxy/vless/encoding: Xtls Unpadding new block0 0 content 1148 padding 82 0
2023/03/03 12:55:29 [Info] [1083789458] proxy/vless/encoding: XtlsPadding 126 805 0
2023/03/03 12:55:29 [Info] [1083789458] proxy/vless/encoding: XtlsPadding 741 351 1
chika0801 commented 1 year ago

服务端日志

2023/03/03 12:55:27 [Info] [3979353728] proxy/vless/inbound: firstLen = 1035
2023/03/03 12:55:27 [Info] [3979353728] proxy/vless/inbound: received request for tcp:sukebei.nyaa.si:443
2023/03/03 12:55:27 [Info] [3979353728] proxy/vless/encoding: Xtls Unpadding new block0 16 content 517 padding 441 0
2023/03/03 12:55:27 [Info] [3979353728] proxy/vless/encoding: XtlsFilterTls found tls client hello! 517
2023/03/03 12:55:27 [Info] [3979353728] app/dispatcher: sniffed domain: sukebei.nyaa.si
2023/03/03 12:55:27 [Info] [3979353728] app/dispatcher: taking detour [chuncheon] for [tcp:sukebei.nyaa.si:443]
2023/03/03 12:55:27 [Info] [3979353728] proxy/shadowsocks_2022: tunneling request to tcp:sukebei.nyaa.si:443 via [落地机的IP]:60000
2023/03/03 12:55:27 [Info] [3979353728] transport/internet/tcp: dialing TCP to tcp:[落地机的IP]:60000
2023/03/03 12:55:27 [Debug] transport/internet: dialing to tcp:[落地机的IP]:60000
2023/03/03 12:55:27 [客户端的IP]:2368 accepted tcp:sukebei.nyaa.si:443 [chuncheon]
REALITY remoteAddr: [客户端的IP]:2370
REALITY remoteAddr: [客户端的IP]:2370   hs.clientHello.sessionId: [37 118 181 83 136 153 233 33 177 201 54 135 56 49 180 22 132 72 104 92 213 230 186 177 170 84 247 14 101 48 175 142]
REALITY remoteAddr: [客户端的IP]:2370   hs.c.AuthKey: [219 107 149 241 54 46 51 48 64 64 20 177 163 121 4 160 90 59 63 226 140 183 9 109 215 115 177 4 249 85 187 167]
REALITY remoteAddr: [客户端的IP]:2370   hs.c.ClientVer: [1 7 5]
REALITY remoteAddr: [客户端的IP]:2370   hs.c.ClientTime: 2023-03-03 12:55:27 +0800 CST
REALITY remoteAddr: [客户端的IP]:2370   hs.c.ClientShortId: [213 57 1 103 234 200 244 178]
REALITY remoteAddr: [客户端的IP]:2370   hs.c.conn == conn: true
REALITY remoteAddr: [客户端的IP]:2370   len(s2cSaved): 4887 Server Hello: 127
REALITY remoteAddr: [客户端的IP]:2370   len(s2cSaved): 4760 Change Cipher Spec: 6
REALITY remoteAddr: [客户端的IP]:2370   len(s2cSaved): 4754 Encrypted Extensions: 41
REALITY remoteAddr: [客户端的IP]:2370   len(s2cSaved): 4713 Certificate: 4555
REALITY remoteAddr: [客户端的IP]:2370   len(s2cSaved): 158  Certificate Verify: 100
REALITY remoteAddr: [客户端的IP]:2370   len(s2cSaved): 58   Finished: 58
REALITY remoteAddr: [客户端的IP]:2370   hs.handshake() err: <nil>
REALITY remoteAddr: [客户端的IP]:2370   handled: true
2023/03/03 12:55:27 [Info] [2769283347] proxy/vless/inbound: firstLen = 1058
2023/03/03 12:55:27 [Info] [2769283347] proxy/vless/inbound: received request for tcp:kukushouhou.com:443
2023/03/03 12:55:27 [Info] [2769283347] proxy/vless/encoding: Xtls Unpadding new block0 16 content 517 padding 464 0
2023/03/03 12:55:27 [Info] [2769283347] proxy/vless/encoding: XtlsFilterTls found tls client hello! 517
2023/03/03 12:55:27 [Info] [2769283347] app/dispatcher: sniffed domain: kukushouhou.com
2023/03/03 12:55:27 [Info] [2769283347] app/dispatcher: taking detour [chuncheon] for [tcp:kukushouhou.com:443]
2023/03/03 12:55:27 [Info] [2769283347] proxy/shadowsocks_2022: tunneling request to tcp:kukushouhou.com:443 via [落地机的IP]:60000
2023/03/03 12:55:27 [Info] [2769283347] transport/internet/tcp: dialing TCP to tcp:[落地机的IP]:60000
2023/03/03 12:55:27 [Debug] transport/internet: dialing to tcp:[落地机的IP]:60000
2023/03/03 12:55:27 [客户端的IP]:2370 accepted tcp:kukushouhou.com:443 [chuncheon]
2023/03/03 12:55:28 [Info] [3979353728] proxy/vless/encoding: XtlsFilterTls found tls 1.2! 2048
2023/03/03 12:55:28 [Info] [3979353728] proxy/vless/encoding: XtlsPadding 2048 194 0
2023/03/03 12:55:28 [Info] [3979353728] proxy/vless/encoding: XtlsPadding 1368 218 0
2023/03/03 12:55:28 [Info] [3979353728] proxy/vless/encoding: XtlsPadding 1002 30 0
2023/03/03 12:55:28 [Info] [3979353728] proxy/vless/encoding: Xtls Unpadding new block0 0 content 7 padding 1359 0
REALITY remoteAddr: [客户端的IP]:2372
REALITY remoteAddr: [客户端的IP]:2372   hs.clientHello.sessionId: [194 218 75 158 159 233 45 153 52 110 200 229 181 63 185 124 109 84 246 139 124 40 161 170 65 135 206 205 58 188 24 49]
REALITY remoteAddr: [客户端的IP]:2372   hs.c.AuthKey: [58 100 240 221 125 136 227 238 230 130 7 124 110 92 64 111 151 227 207 253 237 74 36 247 184 116 245 101 140 133 134 89]
REALITY remoteAddr: [客户端的IP]:2372   hs.c.ClientVer: [1 7 5]
REALITY remoteAddr: [客户端的IP]:2372   hs.c.ClientTime: 2023-03-03 12:55:28 +0800 CST
REALITY remoteAddr: [客户端的IP]:2372   hs.c.ClientShortId: [213 57 1 103 234 200 244 178]
REALITY remoteAddr: [客户端的IP]:2372   hs.c.conn == conn: true
REALITY remoteAddr: [客户端的IP]:2372   len(s2cSaved): 4889 Server Hello: 127
REALITY remoteAddr: [客户端的IP]:2372   len(s2cSaved): 4762 Change Cipher Spec: 6
REALITY remoteAddr: [客户端的IP]:2372   len(s2cSaved): 4756 Encrypted Extensions: 41
REALITY remoteAddr: [客户端的IP]:2372   len(s2cSaved): 4715 Certificate: 4555
REALITY remoteAddr: [客户端的IP]:2372   len(s2cSaved): 160  Certificate Verify: 102
REALITY remoteAddr: [客户端的IP]:2372   len(s2cSaved): 58   Finished: 58
REALITY remoteAddr: [客户端的IP]:2372   hs.handshake() err: <nil>
REALITY remoteAddr: [客户端的IP]:2372   handled: true
2023/03/03 12:55:28 [Info] [940162353] proxy/vless/inbound: firstLen = 1107
2023/03/03 12:55:28 [Info] [940162353] proxy/vless/inbound: received request for tcp:sukebei.nyaa.si:443
2023/03/03 12:55:28 [Info] [940162353] proxy/vless/encoding: Xtls Unpadding new block0 16 content 517 padding 513 0
2023/03/03 12:55:28 [Info] [940162353] proxy/vless/encoding: XtlsFilterTls found tls client hello! 517
2023/03/03 12:55:28 [Info] [940162353] app/dispatcher: sniffed domain: sukebei.nyaa.si
2023/03/03 12:55:28 [Info] [940162353] app/dispatcher: taking detour [chuncheon] for [tcp:sukebei.nyaa.si:443]
2023/03/03 12:55:28 [Info] [940162353] proxy/shadowsocks_2022: tunneling request to tcp:sukebei.nyaa.si:443 via [落地机的IP]:60000
2023/03/03 12:55:28 [Info] [940162353] transport/internet/tcp: dialing TCP to tcp:[落地机的IP]:60000
2023/03/03 12:55:28 [Debug] transport/internet: dialing to tcp:[落地机的IP]:60000
2023/03/03 12:55:28 [客户端的IP]:2372 accepted tcp:sukebei.nyaa.si:443 [chuncheon]
2023/03/03 12:55:29 [Info] [940162353] proxy/vless/encoding: XtlsFilterTls found tls 1.2! 2048
2023/03/03 12:55:29 [Info] [940162353] proxy/vless/encoding: XtlsPadding 2048 233 0
2023/03/03 12:55:29 [Info] [940162353] proxy/vless/encoding: XtlsPadding 1368 205 0
2023/03/03 12:55:29 [Info] [940162353] proxy/vless/encoding: XtlsPadding 1002 166 0
2023/03/03 12:55:29 [Info] [940162353] proxy/vless/encoding: Xtls Unpadding new block0 0 content 7 padding 1106 0
2023/03/03 12:55:29 [Info] [2769283347] proxy/vless/encoding: XtlsFilterTls found tls 1.2! 2048
2023/03/03 12:55:29 [Info] [2769283347] proxy/vless/encoding: XtlsPadding 2048 78 0
2023/03/03 12:55:29 [Info] [2769283347] proxy/vless/encoding: XtlsPadding 1148 82 0
2023/03/03 12:55:29 [Info] [2769283347] proxy/vless/encoding: Xtls Unpadding new block0 0 content 126 padding 805 0
2023/03/03 12:55:29 [Info] [2769283347] proxy/vless/encoding: Xtls Unpadding new block0 0 content 741 padding 351 1
REALITY remoteAddr: [客户端的IP]:2374
REALITY remoteAddr: [客户端的IP]:2374   hs.clientHello.sessionId: [8 101 16 208 31 122 57 254 158 90 237 70 233 67 115 211 58 25 74 111 185 166 218 160 244 47 23 164 200 60 144 218]
REALITY remoteAddr: [客户端的IP]:2374   hs.c.AuthKey: [34 28 212 146 149 25 152 188 176 160 73 213 48 43 56 24 20 5 79 200 1 65 231 26 90 18 43 67 36 23 191 52]
REALITY remoteAddr: [客户端的IP]:2374   hs.c.ClientVer: [1 7 5]
REALITY remoteAddr: [客户端的IP]:2374   hs.c.ClientTime: 2023-03-03 12:55:29 +0800 CST
REALITY remoteAddr: [客户端的IP]:2374   hs.c.ClientShortId: [213 57 1 103 234 200 244 178]
REALITY remoteAddr: [客户端的IP]:2374   hs.c.conn == conn: true
REALITY remoteAddr: [客户端的IP]:2374   len(s2cSaved): 4887 Server Hello: 127
REALITY remoteAddr: [客户端的IP]:2374   len(s2cSaved): 4760 Change Cipher Spec: 6
REALITY remoteAddr: [客户端的IP]:2374   len(s2cSaved): 4754 Encrypted Extensions: 41
REALITY remoteAddr: [客户端的IP]:2374   len(s2cSaved): 4713 Certificate: 4555
REALITY remoteAddr: [客户端的IP]:2374   len(s2cSaved): 158  Certificate Verify: 100
REALITY remoteAddr: [客户端的IP]:2374   len(s2cSaved): 58   Finished: 58
REALITY remoteAddr: [客户端的IP]:2374   hs.handshake() err: <nil>
REALITY remoteAddr: [客户端的IP]:2374   handled: true
2023/03/03 12:55:29 [Info] [4157460378] proxy/vless/inbound: firstLen = 1186
2023/03/03 12:55:29 [Info] [4157460378] proxy/vless/inbound: received request for tcp:optimizationguide-pa.googleapis.com:443
2023/03/03 12:55:29 [Info] [4157460378] proxy/vless/encoding: Xtls Unpadding new block0 16 content 517 padding 745 0
2023/03/03 12:55:29 [Info] [4157460378] proxy/vless/encoding: XtlsFilterTls found tls client hello! 517
2023/03/03 12:55:29 [Info] [4157460378] app/dispatcher: sniffed domain: optimizationguide-pa.googleapis.com
2023/03/03 12:55:29 [Info] [4157460378] app/dispatcher: default route for tcp:optimizationguide-pa.googleapis.com:443
2023/03/03 12:55:29 [Info] [4157460378] proxy/freedom: opening connection to tcp:optimizationguide-pa.googleapis.com:443
2023/03/03 12:55:29 [Info] [4157460378] transport/internet/tcp: dialing TCP to tcp:optimizationguide-pa.googleapis.com:443
2023/03/03 12:55:29 [Debug] transport/internet: dialing to tcp:optimizationguide-pa.googleapis.com:443
2023/03/03 12:55:29 [客户端的IP]:2374 accepted tcp:optimizationguide-pa.googleapis.com:443 [direct]
2023/03/03 12:55:29 [Info] [4157460378] proxy/vless/encoding: XtlsFilterTls found tls 1.3! 4866 TLS_AES_128_GCM_SHA256
2023/03/03 12:55:29 [Info] [4157460378] proxy/vless/encoding: XtlsPadding 4866 53 0
2023/03/03 12:55:29 [Info] [4157460378] proxy/vless/encoding: Xtls Unpadding new block0 0 content 74 padding 960 0
2023/03/03 12:55:29 [Info] [4157460378] proxy/vless/encoding: Xtls Unpadding new block0 0 content 98 padding 1147 2
2023/03/03 12:55:29 [Info] [4157460378] proxy/vless/encoding: XtlsRead readV
2023/03/03 12:55:29 [Info] [4157460378] proxy/vless/encoding: XtlsPadding 998 73 2
2023/03/03 12:55:29 [Info] [4157460378] proxy/vless/encoding: XtlsWrite writeV 0 1076 0
2023/03/03 12:55:29 [Info] [2769283347] proxy/vless/encoding: XtlsPadding 258 657 0
2023/03/03 12:55:29 [Info] [2769283347] proxy/vless/encoding: XtlsPadding 936 250 1
yuhan6665 commented 1 year ago

不太确定新的 ssl 问题 麻烦测一下 https://github.com/XTLS/Xray-core/actions/runs/4324509449

RPRX commented 1 year ago

麻烦测一下 main 分支该问题是否仍存在

RPRX commented 1 year ago

若不存在,麻烦关掉这个 issue,让 v1.8.0 少一个 release blocker

chika0801 commented 1 year ago

https://github.com/XTLS/Xray-core/actions/runs/4324509449 文件测试了。暂时没出现了。