search

v2ray / v2ray-core

A platform for building proxies to bypass network restrictions.
https://www.v2ray.com/
MIT License
45.08k stars 8.94k forks source link

WebSocket+TLS+Web配置报400 Bad Request #1588

Closed xorxorxorxor closed 5 years ago

xorxorxorxor commented 5 years ago

1) v2ray版本:V2Ray 4.18.0 (Po) 20190228

2) 场景:chrome访问google首页

3) 不正常的现象:

  1. chrome无法访问google首页
  2. 客户端报错
  3. 服务端报错

4) 你期待看到的正确表现是怎样的? 可以正常打开google的首页

5) 配置 服务器端配置:

      {
 "log": {
    "access": "/var/run/v2ray/access.log",
    "error": "/var/run/v2ray/error.log",
    "loglevel": "debug"
    },
  "inbounds": [
    {
      "port": 10000,
      "listen":"127.0.0.1",
      "protocol": "vmess",
      "settings": {
        "clients": [
        {
            "id": "uuid",
            "alterId": 64
          }
        ]
      },
      "streamSettings": {
        "network": "ws",
        "wsSettings": {
    "path": "/ray"
        }
      }
    }
  ],
  "outbounds": [
    {
      "protocol": "freedom",
      "settings": {}
    }
  ]
}

客户端配置:

    {
  "inbounds": [
    {
      "port": 1080,
      "listen": "127.0.0.1",
      "protocol": "socks",
      "sniffing": {
        "enabled": true,
        "destOverride": ["http", "tls"]
      },
      "settings": {
        "auth": "noauth",
        "udp": false
      }
    }
  ],
  "outbounds": [
    {
      "protocol": "vmess",
      "settings": {
        "vnext": [
          {
            "address": "xxx.com",
            "port": 443,
            "users": [
              {
                "id": "uuid",
                "alterId": 64
              }
            ]
          }
        ]
      },
      "streamSettings": {
        "network": "ws",
        "security": "tls",
    "wsSettings": {
          "path": "/ray"
        }
      }
    }
  ]
}

6) 错误日志

服务器端错误日志:

    [Warning] v2ray.com/core/transport/internet/websocket: failed to serve http for WebSocket > accept tcp 127.0.0.1:10000: use of closed network connection

客户端错误日志:

    [Warning] [770114581] v2ray.com/core/app/proxyman/outbound: failed to process outbound traffic > v2ray.com/core/proxy/vmess/outbound: failed to find an available destination > v2ray.com/core/common/retry: [v2ray.com/core/transport/internet/websocket: failed to dial WebSocket > v2ray.com/core/transport/internet/websocket: failed to dial to (wss://xxx.com/ray): 400 Bad Request: too many Host headers > websocket: bad handshake] > v2ray.com/core/common/retry: all retry attempts failed

7) 访问日志

日志为空

8) nginx

  1. 配置

                cat /etc/nginx/nginx.conf
     ```javascript
        user nginx;
        worker_processes auto;
        error_log /var/log/nginx/error.log;
        pid /run/nginx.pid;

        include /usr/share/nginx/modules/*.conf;

        events {
            worker_connections 1024;
        }

        http {
            log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
                              '$status $body_bytes_sent "$http_referer" '
                              '"$http_user_agent" "$http_x_forwarded_for"';

            access_log  /var/log/nginx/access.log  main;

            sendfile            on;
            tcp_nopush          on;
            tcp_nodelay         on;
            keepalive_timeout   65;
            types_hash_max_size 2048;

            include             /etc/nginx/mime.types;
            default_type        application/octet-stream;

            include /etc/nginx/conf.d/*.conf;

                server {
                    listen       80 default_server;
                    listen       [::]:80 default_server;
                    server_name  _;
                    root         /usr/share/nginx/html;

                   include /etc/nginx/default.d/*.conf;

                    location / {
                    }

                    error_page 404 /404.html;
                        location = /40x.html {
                    }

                    error_page 500 502 503 504 /50x.html;
                        location = /50x.html {
                    }
                }

            server {
              listen  443 ssl;
              ssl on;
              ssl_certificate       /etc/v2ray/v2ray.crt;
              ssl_certificate_key   /etc/v2ray/v2ray.key;
              ssl_protocols         TLSv1 TLSv1.1 TLSv1.2;
              ssl_ciphers           HIGH:!aNULL:!MD5;
              server_name           xxx.com;
                    location /ray { 
                    proxy_redirect off;
                    proxy_pass http://127.0.0.1:10000;

                    proxy_http_version 1.1;
                    proxy_set_header Upgrade $http_upgrade;
                    proxy_set_header Connection "upgrade";
                    proxy_set_header Host $http_host;

                    proxy_set_header X-Real-IP $remote_addr;
                    proxy_set_header Host $host;
                    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
                    }
            }
            }

 ```
  2. access.log 
          - - [05/Mar/2019:10:10:48 +0000] "GET /ray HTTP/1.1" 400 49 "-" "Go-http-client/1.1" "-"
      - - [05/Mar/2019:10:10:48 +0000] "GET /ray HTTP/1.1" 499 0 "-" "Go-http-client/1.1" "-"
  3. error.log 
    
     [error] 32491#0: *29 connect() failed (111: Connection refused) while connecting to upstream,                   client: x.x.x.x, server: xxx.com, request: "GET /ray/ HTTP/1.1", upstream:          "http://127.0.0.1:10000/ray/", host: "xxx.com"
9)  V2Ray 启动正常

10) V2Ray 服务运行正常

11) 补充说明:

  1. 根据白话文教程中的WebSocket+TLS+Web来配置的
  2. 在使用该配置之前,单独配置vmess已经成功,单独配置ws也成功了,单独配置tls也成功了,唯独使用tls+ws+web的时候失败了
  3. nginx的安装是使用yum直接安装的,没有创建虚拟主机,不知道影响不?
hsly109 commented 5 years ago

proxy_set_header Host $http_host; proxy_set_header Host $host; 這兩個重複了,刪除一個即可正常

flukaxkx commented 5 years ago

服务端的配置不对吧,in和out写反了吧,端口也不对。

xorxorxorxor commented 5 years ago

服务端的配置不对吧,in和out写反了吧,端口也不对。

不好意思,贴错了配置了,把客户端的贴上去了,现在已经更新了。现在好了,就是 和@hsly109说的一样,删掉一个就正常了,谢谢你

xorxorxorxor commented 5 years ago

proxy_set_header Host $http_host; proxy_set_header Host $host; 這兩個重複了,刪除一個即可正常

非常感谢,这回正常了,不过这个配置不是我添加的,是安装好nginx后,配置文件默认就是这样,不知道nginx的默认配置会这样写

kslr commented 5 years ago

你是如何安装的,为什么会默认有proxy

xorxorxorxor commented 5 years ago

你是如何安装的,为什么会默认有proxy

yum安装:yum -y install nginx

参看了这篇文章:nginx服务器详细安装过程(使用yum 和 源码包两种安装方式,并说明其区别)

kslr commented 5 years ago

我看了下,原因来自白话文教程的nginx配置 5天前有人提交了PR,还没有合并https://github.com/ToutyRater/v2ray-guide/pull/52

guanbear commented 5 years ago

感谢,同样是被教程的配置坑了,修改后成功

litanid commented 5 years ago

proxy_set_header Host $http_host; proxy_set_header Host $host; 這兩個重複了,刪除一個即可正常

实在是太感谢了,注释一个就正常了,自己摸索了一个礼拜都不成功。

xiebruce commented 5 years ago

靠,这个文档WebSocket+TLS+Web 真的被它害死了,我说怎么一直报400的,关键我开始还可以,后来重启了才不可以,我还纳闷为什么,我说我没改配置呀。。。这文章随写的?可不可以改改呀,坑死人呀! image

chenjie commented 5 years ago

靠,这个文档WebSocket+TLS+Web 真的被它害死了,我说怎么一直报400的,关键我开始还可以,后来重启了才不可以,我还纳闷为什么,我说我没改配置呀。。。这文章随写的?可不可以改改呀,坑死人呀! image

@xiebruce Good catch!

chenjie commented 5 years ago

顺带分享下我的服务器端成功搭建配置 (config.json):

{
  "log": {
    "access": "/var/log/v2ray/access.log",
    "error": "/var/log/v2ray/error.log",
    "loglevel": "info"
  },
  "inbounds": [
    {
      "port": 10000,
      "listen":"127.0.0.1",
      "protocol": "vmess",
      "settings": {
        "clients": [
          {
            "id": "<UUID>",
            "alterId": 64,
            "security": "aes-128-gcm",
            "level": 0
          }
        ]
      },
      "streamSettings": {
        "network": "ws",
        "wsSettings": {
          "path": "/websocket/"
        }
      }
    }
  ],
  "outbounds": [
    {
      "protocol": "freedom",
      "settings": {}
    }
  ]
}
fbens commented 5 years ago

我也遇到这个问题了,服务除了 nginx有请求记录,服务器的v2ray没有任何记录。 nginx的access.log一直在报错提示400,请问楼主现在解决了吗

madobet commented 5 years ago

靠,这个文档WebSocket+TLS+Web 真的被它害死了,我说怎么一直报400的,关键我开始还可以,后来重启了才不可以,我还纳闷为什么,我说我没改配置呀。。。这文章随写的?可不可以改改呀,坑死人呀! image

and hasn't been fixed yet :P

Sakakibara-Hu commented 4 years ago

靠,这个文档WebSocket+TLS+Web 真的被它害死了,我说怎么一直报400的,关键我开始还可以,后来重启了才不可以,我还纳闷为什么,我说我没改配置呀。。。这文章随写的?可不可以改改呀,坑死人呀! image

然后我也被坑了