naiveproxy: PostQuantumKyber breaks middleboxes after v124

Hi After updating both server and client to the v124; i have problem with client, it does not work anymore (both socks and redir mode). but with v123 everything is normal and working.

root@client:/opt/naiveproxy# ./naive config.json

[0427/085057.622121:INFO:naive_proxy_bin.cc(498)] Proxying via HTTPS server.com:443
[0427/085057.758080:INFO:naive_proxy_bin.cc(698)] Listening on socks://0.0.0.0:1080
[0427/085103.827213:INFO:naive_connection.cc(273)] Connection 1 to api.github.com:443
[0427/085103.834976:INFO:naive_connection.cc(273)] Connection 2 to collector.github.com:443
[0427/085104.125668:INFO:naive_connection.cc(273)] Connection 3 to api.github.com:443
[0427/085104.163995:INFO:naive_connection.cc(273)] Connection 4 to alive.github.com:443
[0427/085105.185023:INFO:naive_connection.cc(273)] Connection 5 to api.github.com:443
[0427/085105.252068:INFO:naive_connection.cc(273)] Connection 6 to collector.github.com:443
[0427/085107.080554:INFO:naive_connection.cc(273)] Connection 7 to witch.valdikss.org.ru:80
[0427/085134.121821:INFO:naive_proxy.cc(184)] Connection 5 closed: ERR_PROXY_CONNECTION_FAILED
[0427/085134.122036:INFO:naive_proxy.cc(184)] Connection 6 closed: ERR_PROXY_CONNECTION_FAILED
[0427/085134.133097:INFO:naive_connection.cc(273)] Connection 8 to api.github.com:443
[0427/085134.134542:INFO:naive_connection.cc(273)] Connection 9 to collector.github.com:443
[0427/085134.246392:INFO:naive_proxy.cc(184)] Connection 9 closed: ERR_PROXY_CONNECTION_FAILED
[0427/085134.253462:INFO:naive_proxy.cc(184)] Connection 8 closed: ERR_PROXY_CONNECTION_FAILED
[0427/085134.343275:INFO:naive_proxy.cc(184)] Connection 4 closed: ERR_PROXY_CONNECTION_FAILED
[0427/085135.358480:INFO:naive_proxy.cc(184)] Connection 3 closed: ERR_PROXY_CONNECTION_FAILED
[0427/085135.430652:INFO:naive_proxy.cc(184)] Connection 2 closed: ERR_PROXY_CONNECTION_FAILED
[0427/085137.507773:INFO:naive_proxy.cc(184)] Connection 7 closed: ERR_PROXY_CONNECTION_FAILED
[0427/085138.607908:INFO:naive_connection.cc(273)] Connection 10 to witch.valdikss.org.ru:80
[0427/085141.224345:INFO:naive_connection.cc(273)] Connection 11 to alive.github.com:443
[0427/085145.231536:INFO:naive_connection.cc(273)] Connection 12 to github.com:443
[0427/085154.906494:INFO:naive_connection.cc(273)] Connection 13 to optimizationguide-pa.googleapis.com:443

root@client:/opt/naiveproxy# cat config.json
{
  "listen": "socks://0.0.0.0:1080",
  "proxy": "https://uname:PaSs@server.com",
  "log": ""
}

About this issue

  • Original URL
  • State: closed
  • Created 2 months ago
  • Comments: 32 (28 by maintainers)

Most upvoted comments

@hdid anyway, you can try my project yass https://github.com/Chilledheart/yass?tab=readme-ov-file#prebuilt-binaries

+1
Chilledheart on May 6, 2024

@hdid I got the same result with u. It is up to the author of this project to determine whether there is a switch for turning off post quantum kyber.

+1
Chilledheart on May 6, 2024

Maybe it is related to kyber768 algorirthm which changes TLS Hello. see https://www.ithome.com/0/765/151.htm (chineses)

+1
Chilledheart on Apr 30, 2024
Read more comments on GitHub
← balena-pihole: WARN: Could not accept() in listener() (/__w/FTL/FTL/src/api/socket.c:267): Bad file descriptor
micro-ecc: Failure to verify against openssl →