This repository has been archived by the owner on Mar 17, 2024. It is now read-only.
[Bug]reject.unknownsni 有问题 #199
Labels
bug
Something isn't working
Comments
|
收到 |
|
试试最新代码,应该好了 |
未知域名访问可以reject了 |
|
这个ip访问是怎么回事,为什么没有触发reject呢?按道理来说ip访问一定没有sni,而代码里如果没有sni的话就会reject呀。我研究一下~ |
|
测了一下。发现,我设的reject的函数在ip访问时,根本没有被tls包调用! |
|
可以在包外解决。马上写出来。 |
|
最新代码应该解决了,我测了,测试通过!30ddc4aa8cdf3ed9912a20966163d1cd8aa147a7 测试命令: |
e1732a364fed
added a commit
that referenced
this issue
Dec 14, 2022
上一个commit还新增个功能,使用随机证书时自动配置服务端的sni 以及随机证书生成后打印出生成证书的sni;
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
Describe the bug【描述 bug】
ip访问直接回落
未知域名访问程序崩溃
To Reproduce【如何复现该bug】
使用浏览器访问测试
Expected behavior【预期的行为】
Envs (please complete the following information):【系统环境】
服务器是debian 12
Config file 【配置文件,客户端服务端配置都提供】
[[listen]]
tag = "my_proxy"
host = "123456.com"
ip = "0.0.0.0"
port = 443
xver = 0
tls = true
cert = "/root/123456.crt"
key = "/root/123456.key"
path = "grpc"
adv = "grpc"
protocol = "vlesss"
uuid = "************************************"
version = 1
extra.rejectUnknownSni = true
[[dial]]
port = 0
xver = 0
protocol = "direct"
version = 0
Debug Log 【Debug日志, 客户端 和 服务端 的 日志 都提供】
verysimple v1.2.5-alpha.1, go1.19.3 linux amd64, with advLayer packages: [quic grpcSimple ws]
A very simple implementation of V2Ray with some innovation
2022-12-13 19:27:27.984 INFO Program started
2022-12-13 19:27:27.984 INFO zap log init complete. {"logfile": "/root/vs/vs_log_server"}
2022-12-13 19:27:27.985 INFO verysimple v1.2.5-alpha.1, go1.19.3 linux amd64, with advLayer packages: [quic grpcSimple ws]
2022-12-13 19:27:27.985 INFO Working at {"dir": "/root/vs"}
2022-12-13 19:27:27.986 DEBUG All Given Flags {"flags": {"c":"server.toml","ll":"0"}}
Log Level:0
2022-12-13 19:27:27.987 INFO Options {"Log Level": "debug", "UseReadv": true}
2022-12-13 19:27:27.988 INFO Listening {"tag": "my_proxy", "protocol": "+tls+vless", "listen_addr": "0.0.0.0:443", "defaultClient": "dual+direct", "dial_addr": ""}
2022-12-13 19:27:31.024 INFO New Accepted Conn {"connid": 968948, "from": "1.1.1.1:60760", "handler": "+tls+vless://0.0.0.0:443#my_proxy"}
2022-12-13 19:27:31.208 WARN Failed handshakeInserver {"connid": 968948, "handler": "0.0.0.0:443", "client RemoteAddr": "1.1.1.1:60760", "error": " [ Vless Invalid version , Detail: invalid data, Data: 71 ] , with Buffer,len 450"}
2022-12-13 19:27:31.208 WARN Invalid request and no matched fallback, hung up {"connid": 968948, "client RemoteAddr": "1.1.1.1:60760"}
ip访问直接回落了
未知域名访问直接程序崩溃
panic: runtime error: invalid memory address or nil pointer dereference
[signal SIGSEGV: segmentation violation code=0x1 addr=0x278 pc=0x9b001b]
goroutine 10 [running]:
github.com/e1732a364fed/v2ray_simple/tlsLayer.rejectUnknownGetCertificateFunc.func1(0xc8?)
github.com/e1732a364fed/v2ray_simple/tlsLayer/tlsLayer.go:43 +0x1bb
crypto/tls.(*Config).getCertificate(0xc000101500, 0xc00025f040)
crypto/tls/common.go:1069 +0x42
crypto/tls.(*serverHandshakeStateTLS13).pickCertificate(0xc0002a90f8)
crypto/tls/handshake_server_tls13.go:367 +0x354
crypto/tls.(*serverHandshakeStateTLS13).handshake(0xc0002a90f8)
crypto/tls/handshake_server_tls13.go:59 +0x53
crypto/tls.(*Conn).serverHandshake(0xc00024aa80, {0xd80168, 0xc000256d00})
crypto/tls/handshake_server.go:54 +0xd0
crypto/tls.(*Conn).handshakeContext(0xc00024aa80, {0xd801a0, 0xc0000380e8})
crypto/tls/conn.go:1462 +0x32f
crypto/tls.(*Conn).HandshakeContext(...)
crypto/tls/conn.go:1405
crypto/tls.(*Conn).Handshake(...)
crypto/tls/conn.go:1389
github.com/e1732a364fed/v2ray_simple/tlsLayer.(*Server).Handshake(0xc000177e60?, {0xd86330?, 0xc0000122f0})
github.com/e1732a364fed/v2ray_simple/tlsLayer/server.go:44 +0xfe
github.com/e1732a364fed/v2ray_simple.handleNewIncomeConnection({0xd8a570, 0xc0000fe1e0}, {0xd8b858, 0xc00011a1c0}, {0xd86330, 0xc0000122f0}, 0xc0000a1500)
github.com/e1732a364fed/v2ray_simple/main.go:286 +0x61d
github.com/e1732a364fed/v2ray_simple.ListenSer.func4({0xd86330?, 0xc0000122f0?})
github.com/e1732a364fed/v2ray_simple/main.go:201 +0x45
created by github.com/e1732a364fed/v2ray_simple/netLayer.loopAccept
github.com/e1732a364fed/v2ray_simple/netLayer/listen.go:63 +0x2cd
Other 【其他】
【注意,配置文件和客户端服务端配置 太长的话,前后加上三个 `, 如 ```】
The text was updated successfully, but these errors were encountered: