search

cfal / shoes

A multi-protocol proxy server written in Rust (HTTP, HTTPS, SOCKS5, Vmess, Vless, Shadowsocks, Trojan, Snell)
MIT License
221 stars 20 forks source link

[Bug]: Vless Over QUIC #26

Open radiumatic opened 1 day ago

radiumatic commented 1 day ago

I have a sing-box vless-over-QUIC server and shoes fails to work with it. I don't think connectivity is the problem as trying to open connections to nonexistent domains instantly results in an error, not to mention that the same configuration works with sing-box and the older version of Xray-core that had QUIC support.

- address: 127.0.0.1:8888
  transport: tcp
  protocol:
    type: socks5
  rules:
    # Directly connect to 192.168.*
    - mask: 192.168.0.0/16
      action: allow
      client_proxy: direct
    # Forward all other connection requests through a Vmess WSS server.
    - mask: 0.0.0.0/0
      action: allow
      client_proxy:
        - address: "example.com:443"  # Replace with the actual server address and port
          protocol:
            type: vless
            user_id: "A UUID"  # Replace with your actual UUID
          transport: quic
          quic_settings:
            verify: true  # Whether to verify the server's certificate
            sni_hostname: "example.com"  # Optional SNI hostname; can be left unspecified
            alpn_protocols:
              - "h3"  # Specify the ALPN protocol; e.g., HTTP/3%

The error:

[2024-10-15T15:13:41Z ERROR shoes::tcp_server] 127.0.0.1:49834 finished with error: Custom { kind: UnexpectedEof, error: "failed to setup client stream to www.google.com:443: early eof" }
cfal commented 7 hours ago

can you share any logs from the server side? since it's an early eof, i assume that the server detected some issue and decided to disconnect the client.

also, when this was written, i was not aware of any server the shoes QUIC VLESS client could be tested against. the shoes QUIC VLESS server did work correctly when tested against iOS Shadowrocket.

radiumatic commented 6 hours ago

Here is the log from sing-box running as a server on my local machine:

INFO[0054] [2526169208 0ms] inbound/vless[vless]: inbound connection from 127.0.0.1:32783
INFO[0054] [2834703561 0ms] inbound/vless[vless]: inbound connection to 1.1.1.1:80
TRACE[0055] [2834703561 301ms] router: sniffed no protocol: read payload: i/o timeout
INFO[0055] [2834703561 301ms] outbound/direct: outbound connection to 1.1.1.1:80
DEBUG[0070] [2526169208 15.56s] inbound/vless[vless]: connection closed: process connection from 127.0.0.1:32783: upload: use of closed network connection
DEBUG[0070] inbound/vless[vless]: connection closed: Application error 0x0 (remote)

That's it. Not sure what it means. A quick search says at some point it also occurred with cloudflared (cloudflare's port forwarding program written in go).