search

teddysun / xray-plugin

A SIP003 plugin based on Xray-core
MIT License
356 stars 64 forks source link

请教个和v2ray-plugin一样的错误 #3

Closed oule closed 3 years ago

oule commented 3 years ago

先说问题 下面是xray-plugin报错: 2021/03/15 19:21:31 [Info] failed to handler mux client connection > proxy/freedom: failed to open connection to tcp:baidu.mydomain.top:443 > common/retry: [transport/internet/websocket: failed to dial WebSocket > transport/internet/websocket: failed to dial to (wss://baidu.mydomain.top/r6of920f5b): > x509: certificate is valid for baidu.mydomain.top, not cloudfront.com] > common/retry: all retry attempts failed 这个报错和v2ray-plugin一模一样

我的VPS上使用的是openresty,tail -f access.log,都没有访问记录。 我猜是域名解析问题,因为第一次启动shadowsocks-libev-redir时域名解析使用cloudflare的代理,但是后来我把代理改成“仅限DNS”,还是不行。我本地主机是网关服务器,上面使用了dnsmasq,我怀疑是dns缓存,就把dnsmasq重启了,同时添加了hosts,把域名直接hosts到VPS,可是报错依旧相同。猜hosts没生效,tail -f dnsmasq.log,发现reply是我的VPS主机ip,报错还是一样,不知道该怎么解决,请高人指点,我的配置如下:

VPS: ip:123.123.123.123 OS: Debian 10 buster 443 port: openresty提供 shadowsocks-libev-3.2.5+ds-1 xray-plugin-v1.4.0或v2ray-plugin-v1.3.1 域名证书是使用acme.sh签发的

openresty配置文件: http { 省略 map $http_upgrade $connection_upgrade { default upgrade; '' close; } server { listen 443 ssl; ssl_certificate ssl/baidu.mydomain.top.cer; ssl_certificate_key ssl/baidu.mydomain.top.key; server_name baidu.mydomain.top; root html; index index.html index.htm;

    location = /r6of920f5b {
        proxy_http_version 1.1;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection $connection_upgrade;
        proxy_set_header Host $host;
        proxy_pass http://127.0.0.1:8388;
    }
}
省略

}

shadowsocks-libev-server配置文件如下: { "server_host":"127.0.0.1", "server_port":8388, "password":"mima", "timeout":300, "method":"chacha20-ietf-poly1305", "mode":"tcp_only", "plugin":"/etc/shadowsocks-libev/v2ray-plugin", "plugin_opts":"server;path=/r6of920f5b;loglevel=debug", "use_syslog": false }

客户端/网关服务器 OS: Debian 10 buster shadowsocks-libev-3.2.5+ds-1 xray-plugin-v1.4.0或v2ray-plugin-v1.3.1

shadowsocks-libev-redir配置文件如下: { "server": "baidu.mydomain.top", "server_port": 443, "ipv6_first": false, "fast_open": true, "reuse_port": true, "local_address": "0.0.0.0", "local_port": 1080, "mode": "tcp_only", "timeout": 60, "method": "chacha20-ietf-poly1305", "password": "mima", "plugin":"/etc/shadowsocks-libev/xray-plugin", "plugin_opts":"tls;path=/r6of920f5b;loglevel=debug", "use_syslog": true }

/etc/hosts配置如下: 123.123.123.123 baidu.mydomain.top

谢谢了!

teddysun commented 3 years ago

感觉是 plugin_opts 配置有误。shadowsocks-libev-redir 和 shadowsocks-libev-server 的不一致。 具体请参考:https://shiping.date/archives/6.html

oule commented 3 years ago

@teddysun 回复的真快啊^_^ VPS的openresty承担了TLS,所以VPS的ss-server就不用TLS了,关键是VPS一点数据都没收到, 访问日志里什么都没有,但是用浏览器可以访问到,好奇怪,客户端plugin的请求数据去哪里了?有点懵 我先看看,有不懂的还得请教你啊

oule commented 3 years ago

@teddysun 连接我也看过了,里面ss-redir的plugin_opts使用了host=xxx,我也试过,报错不同,像下面这样: 2021/03/15 21:52:57 [Info] failed to handler mux client connection > proxy/freedom: failed to open connection to tcp:baidu.mydomain.top:443 > common/retry: [transport/internet/websocket: failed to dial WebSocket > transport/internet/websocket: failed to dial to (wss://baidu.mydomain.top/r6of920f5b): > x509: certificate signed by unknown authority] > common/retry: all retry attempts failed 加不加host=xxx都不行,但是报错不同