关于http-connect和https proxy和http1.0问题

[Polaris0112]

作者你好， issue发生环境：

• 系统：Ubuntu16.04
• redsocks2版本：

  # ./redsocks/redsocks2 -v
  redsocks.git/release-0.67-36-g1951b49 OpenSSL\nFeatures:
  Built with libevent-2.0.21-stable
  Runs  with libevent-2.0.21-stable

• curl 版本：

  # curl --version
  curl 7.47.0 (x86_64-pc-linux-gnu) libcurl/7.47.0 GnuTLS/3.4.10 zlib/1.2.8 libidn/1.32 librtmp/2.3
  Protocols: dict file ftp ftps gopher http https imap imaps ldap ldaps pop3 pop3s rtmp rtsp smb smbs smtp smtps telnet tftp
  Features: AsynchDNS IDN IPv6 Largefile GSS-API Kerberos SPNEGO NTLM NTLM_WB SSL libz TLS-SRP UnixSockets

目前已经搭建http和https代理，通过系统设置http_proxy和https_proxy变量能正常使用，证明正向代理是正常能用的 然后通过redsocks配置后 配置文件如下

base {
    log_debug = on;
    log_info = on;
    log = stderr;
    daemon = off;
    redirector = iptables;
    reuseport = off;
}
redsocks {
    bind = "127.0.0.1:1**8";
    relay = "142.******161:10***";
    type = http-relay;
    autoproxy = 0;
    timeout = 10;
}
redsocks {
        bind = "127.0.0.1:2****";
        relay = "142.******.161:**2";
        type = http-connect;
        autoproxy = 0;
        timeout = 10;
}

iptables配置：

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination
REDSOCKS   tcp  --  0.0.0.0/0            0.0.0.0/0            tcp dpt:80
REDSOCKSHTTPS  tcp  --  0.0.0.0/0            0.0.0.0/0            tcp dpt:443

Chain POSTROUTING (policy ACCEPT)
target     prot opt source               destination

Chain REDSOCKS (1 references)
target     prot opt source               destination
REDIRECT   tcp  --  0.0.0.0/0            0.0.0.0/0            redir ports 1**8

Chain REDSOCKSHTTPS (1 references)
target     prot opt source               destination
REDIRECT   tcp  --  0.0.0.0/0            0.0.0.0/0            redir ports **2

启动后http请求没问题，能符合预期使用，但是https请求会出现

# curl https://ipinfo.io
curl: (35) gnutls_handshake() failed: The TLS connection was non-properly terminated.

然后redsocks2控制台报错是

1628248017.122668 debug redsocks.c:837 redsocks_accept_client(...) [192.*******.154:41224->34.******.81:443]: accepted
1628248017.448724 notice http-connect.c:139 httpc_read_cb(...) [192.*******.154:41224->34.******.81:443]: HTTP/1.0 403 Forbidden
1628248017.448986 debug redsocks.c:421 redsocks_drop_client(...) [192.*******.154:41224->34.******.81:443]: dropping client @ state: 1

请问这个是redsocks2里面对http有修改？还是https proxy是需要支持http1.0？

[Polaris0112]

已排查https proxy支持http 1.0