Comments (12)
yukinotenshi
commented on May 18, 2024
the same issue persist in Ubuntu-18.04 amd64 using go version 1.8
from utls.
sergeyfrolov
commented on May 18, 2024
Could be a server issue. Did you take a look at which unexpected message is it in wireshark?
from utls.
yukinotenshi
commented on May 18, 2024
This is what I got in wireshark
from utls.
yukinotenshi
commented on May 18, 2024
Comparison when using CHROME_62
from utls.
sergeyfrolov
commented on May 18, 2024
When I visit https://104.27.159.141 in Chrome 83 I get this:
This site can’t provide a secure connection
104.27.159.141 uses an unsupported protocol.
ERR_SSL_VERSION_OR_CIPHER_MISMATCH
Unsupported protocol
The client and server don't support a common SSL protocol version or cipher suite.
Looks like that server needs to update TLS config and/or implementation.
from utls.
yukinotenshi
commented on May 18, 2024
When I visit https://104.27.159.141 in Chrome 83 I get this:
This site can’t provide a secure connection 104.27.159.141 uses an unsupported protocol. ERR_SSL_VERSION_OR_CIPHER_MISMATCH Unsupported protocol The client and server don't support a common SSL protocol version or cipher suite.Looks like that server needs to update TLS config and/or implementation.
I got the same exact problem when running on google.com or even facebook as in the example as well, so I believe it's not a server side issue. Also for the problem you mentioned, it's due to the IP owned by cloudflare. You need to enter the hostname so it can resolve it and look if the domain is set with their SSL or not.
from utls.
rod-hynes
commented on May 18, 2024
I can confirm this issue with HelloChrome_83 and cloudflare.com:443. I believe this is due to this extension not being implemented:
Lines 280 to 282 in ada0bb9
When you comment this extension out, the TLS handshake succeeds. Of course, that's no longer Chrome 83.
Fwiw, a fix exists: #22. We cannot merge that here due to license issues.
Perhaps we can develop our own implementation of certificate compression, or check for another one.
from utls.
sergeyfrolov
commented on May 18, 2024
Perhaps we can.
Or perhaps @Yawning can agree to dual license his uTLS changes so we can pull them here. I am pretty busy right now, since I have a thesis defense next month, so I would really appreciate help with the library.
from utls.
Yawning
commented on May 18, 2024
Or perhaps @Yawning can agree to dual license his uTLS changes so we can pull them here.
I'll need to think about this.
from utls.
yukinotenshi
commented on May 18, 2024
I've resolved some of the issues that I received. It turns out that for some websites (example: www.something.com) I need to put something.com as the ServerName in tls.Config and dial the www.something.com. Putting the www. subdomain in tls.Config will result in handshake error
from utls.
VeNoMouS
commented on May 18, 2024
Confirmed, @Yawning works, UTLS fails with anything using TLS 1.3 with unexpected message on the handshake
from utls.
i542873057
commented on May 18, 2024
Confirmed, @Yawning works, UTLS fails with anything using
TLS 1.3withunexpected messageon the handshake
I have meet the same problem like you. Do you have any solution?
Any help to me will be appreciated!
from utls.
Related Issues (20)
- [BUG] ? StatusRequestV2Extension HOT 7
- [BUG] (Fake|Utls)PreSharedKeyExtension HOT 30
- Please, bump the major version number when you break the API HOT 5
- PSK resumption and ClientHelloRetry HOT 1
- Unable to set `OmitEmptyPsk` in `PreSharedKeyExtension` HOT 3
- Conn.readRecord(...) with multiple goroutine error HOT 1
- Cannot handshake with speed.hetzner.de HOT 4
- Cannot install in Docker base image alpine (package crypto/ecdh is not in GOROOT) HOT 5
- panic: tls: setSessionTicketExt failed: invalid state HOT 3
- Support for padding extension HOT 6
- feat: GREASE ECH Extension HOT 4
- bump Auto parrot for Firefox and Chrome
- bug: configuration for GREASE ECH parrot for Chrome 120 doesn't match BoringSSL HOT 7
- HelloFirefox* gets an ECDSA verification failure HOT 4
- FingerprintClientHello support for GREASE ECH extension
- Weird observation regarding ClientId and Spec HOT 9
- B uTLS does not support 0xFB1A as max version,add ja3 tls error,roundTripper error HOT 7
- crypto/ecdh is not in GOROOT (Go 1.18) HOT 1
- Secured Renegotiation is not supported HOT 10
- What is the hash function of the fingerprint in utls? HOT 6
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from utls.