starred/goproxy

Fork 0

mirror of https://github.com/snail007/goproxy.git synced 2026-04-27 00:15:51 +03:00

[GH-ISSUE #259] proxyconnect tcp: tls: first record does not look like a TLS handshake #175

New issue

Closed

opened 2026-02-27 23:15:48 +03:00 by kerem · 6 comments

kerem commented

2026-02-27 23:15:48 +03:00

Owner

Originally created by @seaguest on GitHub (Apr 11, 2019).
Original GitHub issue: https://github.com/snail007/goproxy/issues/259

Hi,

I got this error when I use my https proxy to request a https site, here is the code

package main

import (
	"crypto/tls"
	"fmt"
	"net/http"
	"net/http/httputil"
	"net/url"
)

func main() {
	u, err := url.Parse("https://username:password@ip:port")
	if err != nil {
		panic(err)
	}
	tr := &http.Transport{
		Proxy: http.ProxyURL(u),
		// Disable HTTP/2.
		TLSNextProto: make(map[string]func(authority string, c *tls.Conn) http.RoundTripper),
	}
	client := &http.Client{Transport: tr}
	resp, err := client.Get("https://baidu.com")
	if err != nil {
		panic(err)
	}
	defer resp.Body.Close()
	dump, err := httputil.DumpResponse(resp, true)
	if err != nil {
		panic(err)
	}
	fmt.Printf("%q", dump)
}

Then I got this error:

panic: Get https://baidu.com: proxyconnect tcp: tls: first record does not look like a TLS handshake

And here is the outputput from goproxy:

2019/04/11 14:26:25 decoder error , from 27.17.105.102:31691, ERR:require auth header data

I am using go 1.12, when I used 1.10 I got another error message:

tls: oversized record received with length 20527

Originally created by @seaguest on GitHub (Apr 11, 2019). Original GitHub issue: https://github.com/snail007/goproxy/issues/259 Hi, I got this error when I use my https proxy to request a https site, here is the code ``` package main import ( "crypto/tls" "fmt" "net/http" "net/http/httputil" "net/url" ) func main() { u, err := url.Parse("https://username:password@ip:port") if err != nil { panic(err) } tr := &http.Transport{ Proxy: http.ProxyURL(u), // Disable HTTP/2. TLSNextProto: make(map[string]func(authority string, c *tls.Conn) http.RoundTripper), } client := &http.Client{Transport: tr} resp, err := client.Get("https://baidu.com") if err != nil { panic(err) } defer resp.Body.Close() dump, err := httputil.DumpResponse(resp, true) if err != nil { panic(err) } fmt.Printf("%q", dump) } ``` Then I got this error: ``` panic: Get https://baidu.com: proxyconnect tcp: tls: first record does not look like a TLS handshake ``` And here is the outputput from goproxy: ``` 2019/04/11 14:26:25 decoder error , from 27.17.105.102:31691, ERR:require auth header data ``` I am using go 1.12, when I used 1.10 I got another error message: ``` tls: oversized record received with length 20527 ```

kerem

2026-02-27 23:15:48 +03:00

closed this issue
added the
invalid
label

kerem commented

2026-02-27 23:15:48 +03:00

Author

Owner

@snail007 commented on GitHub (Apr 11, 2019):

command arguments?
it's seems like you have mistake wiith argument -t tls,if you using http.ProxyURL(u), u of goproxy , local type must be -t tcp not tls

@snail007 commented on GitHub (Apr 11, 2019): command arguments? it's seems like you have mistake wiith argument -t tls,if you using `http.ProxyURL(u)`, `u` of goproxy , local type must be -t tcp not tls

kerem commented

2026-02-27 23:15:48 +03:00

Author

Owner

@seaguest commented on GitHub (Apr 11, 2019):

@snail007

I simply use this:

proxy http -p 0.0.0.0:port -a u:p --forever

@seaguest commented on GitHub (Apr 11, 2019): @snail007 I simply use this: ``` proxy http -p 0.0.0.0:port -a u:p --forever ```

kerem commented

2026-02-27 23:15:48 +03:00

Author

Owner

@snail007 commented on GitHub (Apr 11, 2019):

using curl -x http://ip: port -U u:p URL for testing.

@snail007 commented on GitHub (Apr 11, 2019): using curl -x http://ip: port -U u:p URL for testing.

kerem commented

2026-02-27 23:15:48 +03:00

Author

Owner

@seaguest commented on GitHub (Apr 12, 2019):

@snail007

curl -x https://ip: port -U u:p https://www.google.com
curl: (56) Recv failure: Connection reset by peer

curl -x https://ip: port -U u:p https://www.google.com
curl: (56) Recv failure: Connection reset by peer

if I tried www.baidu.com, then sometimes it works, sometimes the above error occurs, from the ip server, I can access both baidu.com and google.com page.

Even I set timeout to 30 second (--connect-timeout 30), I got the same result.

@seaguest commented on GitHub (Apr 12, 2019): @snail007 ``` curl -x https://ip: port -U u:p https://www.google.com curl: (56) Recv failure: Connection reset by peer curl -x https://ip: port -U u:p https://www.google.com curl: (56) Recv failure: Connection reset by peer ``` if I tried www.baidu.com, then sometimes it works, sometimes the above error occurs, from the ip server, I can access both baidu.com and google.com page. Even I set timeout to 30 second (--connect-timeout 30), I got the same result.

kerem commented

2026-02-27 23:15:48 +03:00

Author

Owner

@seaguest commented on GitHub (Apr 12, 2019):

maybe this is due to CONNECT request not handled?

@seaguest commented on GitHub (Apr 12, 2019): maybe this is due to CONNECT request not handled?

kerem commented

2026-02-27 23:15:48 +03:00

Author

Owner

@snail007 commented on GitHub (Apr 12, 2019):