Closed hdid closed 1 week ago
Maybe it is related to kyber768 algorirthm which changes TLS Hello. see https://www.ithome.com/0/765/151.htm (chineses)
I sugguest you can use wireshsrk to capture naive's traffic (both 123 and 124)and upload the screenshot of tls section if possible. It matters.
Checked with naiveproxy's source code. Kyber768 is enabled by default for desktop platfrom from v124 just like chrome v124 release:
https://github.com/klzgrad/naiveproxy/blob/master/src/net/base/features.cc#L154 https://github.com/search?q=repo%3Aklzgrad%2Fnaiveproxy%20kPostQuantumKyber&type=code https://chromestatus.com/feature/5257822742249472
@klzgrad I suggest to add a feature switch to turn this option (aka PostQuantumKyber) off just like chrome does.
Edited: It should support something like
/opt/naiveproxy/naive --disable-features=PostQuantumKyber /etc/naiveproxy/config.json
I tried current binary but no luck.
Maybe you need to deal with command line with Switches
if (base::CommandLine::ForCurrentProcess()->HasSwitch(
switches::PostQuantumKyber)) {
// Enable quantum kyber 768
return;
}
Cannot reproduce with v124 and https://github.com/klzgrad/forwardproxy/releases/tag/v2.7.6-naive2
Cannot reproduce with v124 and https://github.com/klzgrad/forwardproxy/releases/tag/v2.7.6-naive2
See the article https://www.ithome.com/0/765/151.htm
It only affects some specific middlebox such as AWS.
Cannot reproduce with v124 and https://github.com/klzgrad/forwardproxy/releases/tag/v2.7.6-naive2
See the article https://www.ithome.com/0/765/151.htm
It only affects some specific middlebox such as AWS.
Naiveproxy doesn't work with a load balancer that terminate TLS, and works well with l4 proxy that doesn't understand ClientHello. I wonder why AWS midbox should be blamed.
By Google and Microsoft, Kyber768(PostQuantumKyber) is enabled only for desktop platform (Chrome and Edge 124) but not for mobile users such as iOS and Android. Why don't they turn it on for mobile users? It must be kind of experimental feature.
Cannot reproduce with v124 and https://github.com/klzgrad/forwardproxy/releases/tag/v2.7.6-naive2
See the article https://www.ithome.com/0/765/151.htm It only affects some specific middlebox such as AWS.
Naiveproxy doesn't work with a load balancer that terminate TLS, and works well with l4 proxy that doesn't understand ClientHello. I wonder why AWS midbox should be blamed.
By some comments, Kyber768 doesn't work with middlebox which understands TLS but not TLS 1.2 with Kyber768 extension because Kyber768 adds kind of TLS 1.3 information in ClientHello even it is TLS 1.2.
You need additional efforts on chrome policy support https://source.chromium.org/chromium/chromium/src/+/main:components/policy/resources/templates/README.md if you want to avoid feature switches completely. And I didn't find a way to enable/disable feature switches without base::FeatureList::InitInstance
call.
Still, there is no registry in Linux and macOS. You need load these options from command line or configuration files as described in #642. And abuse chrome policy might cause the confuse of chrome users.
I need to grab some sleep now.
tested with new build. not resolved! https://github.com/klzgrad/naiveproxy/issues/641#issuecomment-2099869192
not resolved!
Cannot reproduce.
➜ naiveproxy-v124.0.6367.54-3-linux-x64 ./naive --version
naive 124.0.6367.54
With kyber768:
With no-kyber768:
➜ naiveproxy-v123.0.6312.40-1-linux-x64 ./naive --version
naive 123.0.6312.40
What's changed?
➜ naiveproxy-v124.0.6367.54-3-linux-x64 cat config.json
{
"listen": "http://127.0.0.1:1081",
"proxy": "https://goodurl",
"log": ""
}
Read the fine release notes.
For comparision with naiveproxy, let me show how yass behaves:
➜ ~ yass_cli --version
yass_cli 1.9.3
Last Change: 968722e9b6dd0b38a0d2879982e7eaa60e1c359f-refs/branch-heads/1.9.3{1}
Features: linux;arch: x86_64;release;clang 19.0.0;lto thin;linker lld;ldflags icf;libc++;abseil-cpp;tcmalloc_minimal;re2;googleurl;boringssl;mbedtls;builtin ca-bundle;asio;nlohmann json;protobuf;zlib;c-ares;nghttp2;quiche;balsa http parser
yass with kyber768 turned on, similar to naiveproxy 124:
yass without kyber768, similar to naiveproxy 123:
Look at the ClientHello packet's size. With kyber768, it is much larger and more than 1500 mtu, while without kyber768, it stays less than 600 bytes.
@klzgrad please read the screenshots, your naiveproxy's switch fix doesn't work at all. yass 1.9.3 is based on chromium 125, containing all changes from 124.
@klzgrad please read the screenshots, your naiveproxy's switch fix doesn't work at all. yass 1.9.3 is based on chromium 125, containing all changes from 124.
Your statement is false, and your tests were not configured correctly.
These were produced by v124.0.6367.54-3 with the new option:
TLSv1.3 Record Layer: Handshake Protocol: Client Hello
Content Type: Handshake (22)
Version: TLS 1.0 (0x0301)
Length: 604
Handshake Protocol: Client Hello
TLSv1.3 Record Layer: Handshake Protocol: Client Hello
Content Type: Handshake (22)
Version: TLS 1.0 (0x0301)
Length: 513
Handshake Protocol: Client Hello
@Chilledheart i'm confused. what is the solution when --no-post-quantum option does not help?
@hdid I got the same result with u. It is up to the author of this project to determine whether there is a switch for turning off post quantum kyber.
@hdid anyway, you can try my project yass https://github.com/Chilledheart/yass?tab=readme-ov-file#prebuilt-binaries
I'm getting increasingly grumpy with this stuff. First it's not Chrome's responsibility to keep broken middleboxes working, and since naiveproxy is a verbatim downstream of Chromium, I can justifiably claim to not support this behavior without adding a line of code change. Then there is no established causal link that the reporter's issue has anything to do with post-quantum key agreement. Then I said ok, I add this flag, and there is still no information whatsoever about how to reproduce this issue.
This issue is closed as not reproducible. It's the job of the reporter to come up with a reproducer.
You are recommended to try other tools if they work for you. I'd be glad to see less users so there is less attention.
@klzgrad i like this tool and use it almost everyday but new version did not work for me. anyway i tested with another box that had ubuntu 22 and it seems working without changing config. just i do not know is it os limitation or cpu instruction set one. thank you both @klzgrad and @Chilledheart and sorry for the trouble.
@hdid it depends on the middlebox (such as some router, old firewall, or something similar) where naive creates TLS connections, but not the OS nor CPU. And the failure case is very limited and this issue should not affect most of use cases.
./naive
Yours is false-advertising. --no-post-quantum
is not working at all.
I have new setup. And the TLS Client Hello is still too large.
4 0.098745 192.168.2.117 → masked_ip TLSv1 1856 Client Hello
Full log attached:
Console 1:
➜ Downloads curl -L -O https://github.com/klzgrad/naiveproxy/releases/download/v124.0.6367.54-3/naiveproxy-v124.0.6367.54-3-linux-x64.tar.xz
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
0 0 0 0 0 0 0 0 --:--:-- --:--:-- --:--:-- 0
100 2654k 100 2654k 0 0 658k 0 0:00:04 0:00:04 --:--:-- 1167k
➜ Downloads sha256sum naiveproxy-v124.0.6367.54-3-linux-x64.tar.xz
4d9d9f2f918b6b8b90f0094d485abdeadc8fd90ccccd07fed828ee2358959ecc naiveproxy-v124.0.6367.54-3-linux-x64.tar.xz
➜ Downloads tar -xf naiveproxy-v124.0.6367.54-3-linux-x64.tar.xz
➜ Downloads cd naiveproxy-v124.0.6367.54-3-linux-x64
➜ naiveproxy-v124.0.6367.54-3-linux-x64 cat
➜ naiveproxy-v124.0.6367.54-3-linux-x64 cat > config.json
{
"listen": "http://127.0.0.1:1080",
"proxy": "https://goodurl",
"log": ""
}
➜ naiveproxy-v124.0.6367.54-3-linux-x64 ./naive --no-post-quantum -log config.json
[0507/100312.403065:INFO:naive_proxy_bin.cc(194)] Proxying via HTTPS goodurl:443
[0507/100312.410599:INFO:naive_proxy_bin.cc(449)] Listening on http://127.0.0.1:1080
[0507/100314.170175:INFO:naive_connection.cc(273)] Connection 1 to www.google.com:80
[0507/100314.490472:INFO:naive_proxy_delegate.cc(137)] [goodurl:443] negotiated padding type: Variant1
[0507/100314.754081:INFO:naive_proxy.cc(184)] Connection 1 closed: OK
Console 2:
➜ Downloads sudo tcpdump host masked_ip -w recapped.pcap
dropped privs to pcap
tcpdump: listening on enp5s0, link-type EN10MB (Ethernet), snapshot length 262144 bytes
^C50 packets captured
50 packets received by filter
0 packets dropped by kernel
➜ Downloads tshark -r recapped.pcap
1 0.000000 192.168.2.117 → masked_ip TCP 74 42270 → 443 [SYN] Seq=0 Win=32120 Len=0 MSS=1460 SACK_PERM TSval=1818049297 TSecr=0 WS=128
2 0.097834 masked_ip → 192.168.2.117 TCP 74 443 → 42270 [SYN, ACK] Seq=0 Ack=1 Win=65160 Len=0 MSS=1440 SACK_PERM TSval=2576939398 TSecr=1818049297 WS=64
3 0.097908 192.168.2.117 → masked_ip TCP 66 42270 → 443 [ACK] Seq=1 Ack=1 Win=32128 Len=0 TSval=1818049395 TSecr=2576939398
4 0.098745 192.168.2.117 → masked_ip TLSv1 1856 Client Hello
5 0.196416 masked_ip → 192.168.2.117 TCP 66 443 → 42270 [ACK] Seq=1 Ack=1791 Win=63936 Len=0 TSval=2576939497 TSecr=1818049396
6 0.206275 masked_ip → 192.168.2.117 TLSv1.3 1514 Server Hello, Change Cipher Spec, Application Data
7 0.206321 192.168.2.117 → masked_ip TCP 66 42270 → 443 [ACK] Seq=1791 Ack=1449 Win=31872 Len=0 TSval=1818049503 TSecr=2576939507
8 0.206467 masked_ip → 192.168.2.117 TCP 1514 443 → 42270 [PSH, ACK] Seq=1449 Ack=1791 Win=64128 Len=1448 TSval=2576939507 TSecr=1818049396 [TCP segment of a reassembled PDU]
9 0.206468 masked_ip → 192.168.2.117 TLSv1.3 561 Application Data, Application Data, Application Data, Application Data
10 0.206506 192.168.2.117 → masked_ip TCP 66 42270 → 443 [ACK] Seq=1791 Ack=2897 Win=31872 Len=0 TSval=1818049504 TSecr=2576939507
Console 3:
➜ ~ ALL_PROXY=http://127.0.0.1:1080 curl http://www.google.com
And remote caddy version (built with golang 1.22.2)
$ caddy --version
v2.7.6 h1:w0NymbG2m9PcvKWsrXO6EEkY9Ru4FJK8uQbYcev1p3A=
go version go1.22.2 linux/amd64
For comparsion, some old versioned naiveproxy only created Client Hello with 583 bytes.
➜ Downloads tshark -r naive.pcap
1 0.000000 192.168.2.22 → masked_ip TCP 74 47402 → 443 [SYN] Seq=0 Win=32120 Len=0 MSS=1460 SACK_PERM TSval=4184841450 TSecr=0 WS=128
2 0.162247 masked_ip → 192.168.2.22 TCP 74 443 → 47402 [SYN, ACK] Seq=0 Ack=1 Win=43440 Len=0 MSS=1460 SACK_PERM TSval=3121284606 TSecr=4184841450 WS=1024
3 0.162332 192.168.2.22 → masked_ip TCP 66 47402 → 443 [ACK] Seq=1 Ack=1 Win=32128 Len=0 TSval=4184841613 TSecr=3121284606
4 0.162484 192.168.2.22 → masked_ip TLSv1 583 Client Hello
5 0.325353 masked_ip → 192.168.2.22 TCP 66 443 → 47402 [ACK] Seq=1 Ack=518 Win=43008 Len=0 TSval=3121284769 TSecr=4184841613
6 0.327746 masked_ip → 192.168.2.22 TLSv1.3 1514 Server Hello, Change Cipher Spec, Application Data
Wrong command line syntax:
./naive --no-post-quantum -log config.json
https://github.com/klzgrad/naiveproxy/blob/a08c4d354e5960c6c3c09d0ec8c1f87f00b3a43a/USAGE.txt#L1-L2
Either all command line or all config file. No mixing of config file and command line.
Either all command line or all config file. No mixing of config file and command line.
ahh this was my fault. just putted "no-post-quantum": "" in config file and it works now.
Hi After updating both server and client to the v124; i have problem with client, it does not work anymore (both socks and redir mode). but with v123 everything is normal and working.