Shadowsocks-libev: OpenSSL SSL_connect: SSL_ERROR_SYSCALL in connection to www.google.com:443

Created on 24 Aug 2018  ·  4Comments  ·  Source: shadowsocks/shadowsocks-libev

What version of shadowsocks-libev are you using?

3.1.3

What operating system are you using?

ubuntu 18.04.1 LTS

What did you do?

export http_proxy=socks5://127.0.0.1
export https_proxy=socks5://127.0.0.1

curl -v https://www.google.com

What did you expect to see?

What did you see instead?

* Rebuilt URL to: https://www.google.com/
* Uses proxy env variable https_proxy == 'socks5://127.0.0.1:1080'
*   Trying 127.0.0.1...
* TCP_NODELAY set
* SOCKS5 communication to www.google.com:443
* SOCKS5 connect to IPv4 208.101.48.171 (locally resolved)
* SOCKS5 request granted.
* Connected to 127.0.0.1 (127.0.0.1) port 1080 (#0)
* ALPN, offering http/1.1
* Cipher selection: ALL:!EXPORT:!EXPORT40:!EXPORT56:!aNULL:!LOW:!RC4:@STRENGTH
* successfully set certificate verify locations:
*   CAfile: /home/xnpeng/anaconda3/ssl/cacert.pem
  CApath: none
* TLSv1.2 (OUT), TLS header, Certificate Status (22):
* TLSv1.2 (OUT), TLS handshake, Client hello (1):
* OpenSSL SSL_connect: SSL_ERROR_SYSCALL in connection to www.google.com:443
* Closing connection 0
curl: (35) OpenSSL SSL_connect: SSL_ERROR_SYSCALL in connection to www.google.com:443

What is your config in detail (with all sensitive info masked)?

/etc/shadowsocks-libev/config.json:
{
    "server":"202.5.19.225",
    "server_port":8989,
    "local_port":1080,
    "password":"pop007",
    "timeout":60,
    "method":"aes-256-cfb"
}
question
Source
picture sitexa

Most helpful comment

export https_proxy=socks5h:127.0.0.1:1080 will solve this problem because the 'h' after socks5 means hostname is passed to proxy to resolve. It's the same as curl --socks5-hostname 127.0.0.1:1080 https://google.com

picture J0hnChang on 9 Jun 2020
👍2

All 4 comments

shadowsocks is a SOCKS5 proxy, not a HTTP/HTTPS proxy.

madeye picture madeye on 30 Aug 2018

@sitexa from your log I see this line

* SOCKS5 connect to IPv4 208.101.48.171 (locally resolved)

meaning DNS query has NOT been routed through the SOCKS5 server.
simply use -x socks5://127.0.0.1 option?

basically I have no idea how to resolv the problem. Just to say curl is buggy and go ahead n drop it.

oakaigh picture oakaigh on 30 Aug 2018

Oh. @sitexa do not publish your server configs including password publicly.

lidoma picture lidoma on 5 Sep 2018

export https_proxy=socks5h:127.0.0.1:1080 will solve this problem because the 'h' after socks5 means hostname is passed to proxy to resolve. It's the same as curl --socks5-hostname 127.0.0.1:1080 https://google.com

J0hnChang picture J0hnChang on 9 Jun 2020
👍2
Was this page helpful?
0 / 5 - 0 ratings

Related issues

iceberg1369 picture iceberg1369  ·  3Comments
jzp820927 picture jzp820927  ·  3Comments
viennadd picture viennadd  ·  3Comments
mcmxciv picture mcmxciv  ·  3Comments
zent00 picture zent00  ·  3Comments