Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

上接Socks5服务器不支持用户名密码验证? #1459

Closed
reusu opened this issue Dec 6, 2018 · 9 comments

Comments

@reusu
Copy link

@reusu reusu commented Dec 6, 2018

提交 Issue 之前请先阅读 Issue 指引,然后回答下面的问题,谢谢。
除非特殊情况,请完整填写所有问题。不按模板发的 issue 将直接被关闭。
如果你遇到的问题不是 V2Ray 的 bug,比如你不清楚要如何配置,请使用Discussion进行讨论。

  1. 你正在使用哪个版本的 V2Ray?(如果服务器和客户端使用了不同版本,请注明)
    V2Ray 3.50 (die Commanderin) 20181027 ARM

  2. 你的使用场景是什么?比如使用 Chrome 通过 Socks/VMess 代理观看 YouTube 视频。
    上接有验证的SOCKS5服务器 下方NOAUTH的SOCKS5和透明代理

  3. 你看到的不正常的现象是什么?(请描述具体现象,比如访问超时,TLS 证书错误等)
    无法获取正常流量
    日志提示“auth method not supported”

  4. 你期待看到的正确表现是怎样的?
    可以使用noath的socks5进行上网

  5. 请附上你的配置(提交 Issue 前请隐藏服务器端IP地址)。

服务器端配置:(省略)

客户端配置:

{
	"inboundDetour": [{
		"port": 10801,
		"protocol": "dokodemo-door",
		"streamSettings": {
			"sockopt": {
				"tproxy": "tproxy"
			}
		},
		"tag": "v2-redir",
		"settings": {
			"followRedirect": true,
			"network": "tcp,udp",
			"timeout": 300
		},
		"listen": "0.0.0.0"
	}],
	"log": {
		"loglevel": "debug",
		"access": "",
		"error": ""
	},
	"dns": {
		"servers": ["localhost"]
	},
	"outboundDetour": [{
		"settings": {
			
		},
		"protocol": "freedom",
		"tag": "direct"
	},
	{
		"settings": {
			"response": {
				"type": "http"
			}
		},
		"protocol": "blackhole",
		"tag": "blockout"
	}],
	"outbound": {
		"settings": {
			"servers": [{
				"port": <port>,
				"users": [{
					"pass": "<pass>",
					"user": "<user>"
				}],
				"address": "<server>"
			}]
		},
		"protocol": "socks",
		"streamSettings": {
			"tcpSettings": {
				"header": {
					"type": "none"
				}
			},
			"network": "tcp",
			"security": "none"
		}
	},
	"inbound": {
		"port": 10800,
		"protocol": "socks",
		"tag": "v2-local",
		"settings": {
			"udp": true,
			"ip": "0.0.0.0",
			"auth": "noauth"
		},
		"listen": "0.0.0.0"
	}
}
  1. 请附上出错时软件输出的错误日志。在 Linux 中,日志通常在 /var/log/v2ray/error.log 文件中。

服务器端错误日志:(省略)

客户端错误日志:

2018/12/06 00:56:29 tcp:192.168.250.60:54494 accepted tcp:149.154.175.100:80
2018/12/06 00:56:29 [Info] [2110587973] v2ray.com/core/transport/internet/tcp: dialing TCP to tcp:<server>:<port>
2018/12/06 00:56:29 [Warning] [2222403552] v2ray.com/core/app/proxyman/outbound: failed to process outbound traffic > v2ray.com/core/proxy/socks: failed to establish connection to server > v2ray.com/core/proxy/socks: auth method not supported.
2018/12/06 00:56:29 [Info] [2222403552] v2ray.com/core/app/proxyman/inbound: connection ends > v2ray.com/core/proxy/socks: connection ends > v2ray.com/core/proxy/socks: failed to transport all TCP response > io: read/write on closed pipe
2018/12/06 00:56:29 [Warning] [2110587973] v2ray.com/core/app/proxyman/outbound: failed to process outbound traffic > v2ray.com/core/proxy/socks: failed to establish connection to server > v2ray.com/core/proxy/socks: auth method not supported.
2018/12/06 00:56:29 [Info] [2110587973] v2ray.com/core/app/proxyman/inbound: connection ends > v2ray.com/core/proxy/socks: connection ends > v2ray.com/core/proxy/socks: failed to transport all TCP response > io: read/write on closed pipe
  1. 请附上访问日志。在 Linux 中,日志通常在 /var/log/v2ray/access.log 文件中。(省略)

  2. 其它相关的配置文件(如 Nginx)和相关日志。

  3. 如果 V2Ray 无法启动,请附上 --test 输出。

通常的命令为 /usr/bin/v2ray/v2ray --test --config /etc/v2ray/config.json。请按实际情况修改。

  1. 如果 V2Ray 服务运行不正常,请附上 journal 日志。

通常的命令为 journalctl -u v2ray

请预览一下你填的内容再提交。

@reusu

This comment has been minimized.

Copy link
Author

@reusu reusu commented Dec 6, 2018

> : Client to Server   
< : Server to Client 

V2Ray的S5交互

> 0000   05 01 02 01 04 61 6c 61 6e 05 61 6c 61 6e 31
< 0000   05 ff  

b.Byte(1)(0xff) != authNotRequired(0x00)
提示不支持加密 结束

Proxifier的S5交互

> 0000   05 01 02
< 0000   05 02
> 0000   01 04 61 6c 61 6e 05 61 6c 61 6e 31
< 0000   01 00
< 0000   05 00 00 01 00 00 00 00 00 00
@reusu

This comment has been minimized.

Copy link
Author

@reusu reusu commented Dec 6, 2018

另外 上端如果是noauth的话可以使用
但是无法转发UDP包

@VictoriaRaymond

This comment has been minimized.

Copy link
Member

@VictoriaRaymond VictoriaRaymond commented Dec 6, 2018

你用的socks服务器是什么软件?

@reusu

This comment has been minimized.

Copy link
Author

@reusu reusu commented Dec 7, 2018

你用的socks服务器是什么软件?

ss5

目前看来v2ray异常 proxifier正常
感觉是兼容性方面的问题

@VictoriaRaymond

This comment has been minimized.

Copy link
Member

@VictoriaRaymond VictoriaRaymond commented Dec 7, 2018

具体的问题是这样的,Proxifier的握手过程解释如下:

  1. 05 01 02: 客户端请求用户名密码验证,01表示只有这一种验证方式,02表示用户名密码验证
  2. 05 02: 服务器同意使用这种验证方式
  3. 01 04 61 6c 61 6e 05 61 6c 61 6e 31: 客户端发送用户名密码
  4. 01 00: 服务器验证通过
  5. 05 00 00 01 00 00 00 00 00 00: 代理的具体内容

V2Ray只是把1和3合并为一个数据包来发送,这从TCP的角度来说是没有问题的,socks服务器不应该区分数据包的情况。V2Ray合并发送数据包的特性,是因为之前碰到过其它工具,不接受分开发送的情况。

而V2Ray发送完合并的数据包之后,服务器返回了05 ff表示不支持这种验证方式。所以基本上这是服务器端的问题。

@Cwek

This comment has been minimized.

Copy link

@Cwek Cwek commented Dec 8, 2018

感觉是不同服务器实现不统一的问题。

如果按照RFC 3089(socks5的RFC)的话,是先客户端握手和展示期望认证方法(简称握手),然后服务器挑选认证方法。

如果服务器调选了无认证的话,就不会有中间的认证步骤。

如果将握手和UserPass认证一起发送的话,是假设服务器只有UserPass?这样服务器是先响应握手信息,还是直接到响应认证步骤?如果服务器愿意接受无认证,那后面的UserPass会被理解为socks5的请求连接信息的。

@VictoriaRaymond

This comment has been minimized.

Copy link
Member

@VictoriaRaymond VictoriaRaymond commented Dec 8, 2018

认证方式是客户端挑的,客户端请求中只有UserPass (05 01 02),如果服务器不接受就断开了,接受的话必然会读取后面的UserPass信息。

@VictoriaRaymond

This comment has been minimized.

Copy link
Member

@VictoriaRaymond VictoriaRaymond commented Dec 18, 2018

Closing as external issue.

@Yamazaki-wu

This comment has been minimized.

Copy link

@Yamazaki-wu Yamazaki-wu commented Sep 15, 2019

请教一下,V2能否使用socks5作为中转代理?
目的:V2客户端(境内)——socks5中转代理(境内)——V2服务端(境外且自己更改不了配置)——Google(境外)
搭建的中转socks5在SSR软件中可以正常使用。
请问需要在socks5的VPS上搭建什么东西么?SSR中使用前置socks5很方便,只需客户端配置即可。不知V2能否和SSR一样只在客户端(config.json)更改即可实现中转?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
4 participants
You can’t perform that action at this time.