V2EX = way to explore
V2EX 是一个关于分享和探索的地方
现在注册
已注册用户请  登录
fuxkcsdn
V2EX  ›  分享发现

连接需要验证的 socks5,当切换用户的时候并不会重新连接

  •  
  •   fuxkcsdn · 2017-03-20 11:16:03 +08:00 · 1323 次点击
    这是一个创建于 2835 天前的主题,其中的信息可能已经有所发展或是发生改变。

    如下代码

    <?php
    
    $ch = curl_init('httpbin.org/ip');
    
    curl_setopt($ch, CURLOPT_PROXY, 'socks5://user1:[email protected]:1080');
    curl_exec($ch);
    
    curl_setopt($ch, CURLOPT_PROXY, 'socks5://another_user:[email protected]:1080'); // 切换用户
    curl_exec($ch);
    

    在 socks5 服务器中,只看得到第一次连接时的用户验证信息,第二次连接没有验证过程

    第 1 条附言  ·  2017-03-20 19:05:20 +08:00

    复用了链接而不重新发起 socks5 验证

    * Found bundle for host httpbin.org: 0x55ab9a6ec800
    * Re-using existing connection! (#0) with host 127.0.0.1
    * Connected to 127.0.0.1 (127.0.0.1) port 1080 (#0)
    

    详细日志

    * Hostname was NOT found in DNS cache
    * Trying 127.0.0.1...
    * Hostname was NOT found in DNS cache
    * 54
    * 235
    * 212
    * 238
    * Connected to 127.0.0.1 (127.0.0.1) port 1080 (#0)
    > GET /ip HTTP/1.1
    Host: httpbin.org
    User-Agent: GuzzleHttp/6.2.1 curl/7.38.0 PHP/7.0.16-1~dotdeb+8.1
    
    < HTTP/1.1 200 OK
    < Connection: keep-alive
    * Server gunicorn/19.7.0 is not blacklisted
    < Server: gunicorn/19.7.0
    < Date: Mon, 20 Mar 2017 11:00:08 GMT
    < Content-Type: application/json
    < Access-Control-Allow-Origin: *
    < Access-Control-Allow-Credentials: true
    < Content-Length: 30
    < Via: 1.1 vegur
    <
    * Connection #0 to host httpbin.org left intact
    {
    "origin": "xx.xx.xx.xx"
    }
    * Found bundle for host httpbin.org: 0x55ab9a6ec800
    * Re-using existing connection! (#0) with host 127.0.0.1
    * Connected to 127.0.0.1 (127.0.0.1) port 1080 (#0)
    > GET /ip HTTP/1.1
    Host: httpbin.org
    User-Agent: GuzzleHttp/6.2.1 curl/7.38.0 PHP/7.0.16-1~dotdeb+8.1
    
    < HTTP/1.1 200 OK
    < Connection: keep-alive
    * Server gunicorn/19.7.0 is not blacklisted
    < Server: gunicorn/19.7.0
    < Date: Mon, 20 Mar 2017 11:00:13 GMT
    < Content-Type: application/json
    < Access-Control-Allow-Origin: *
    < Access-Control-Allow-Credentials: true
    < Content-Length: 30
    < Via: 1.1 vegur
    <
    * Connection #0 to host httpbin.org left intact
    {
    "origin": "xx.xx.xx.xx"
    }
    
    第 2 条附言  ·  2017-03-20 19:10:16 +08:00
    这属于 feature 还是 bug 呢?

    虽然代理服务器没变,但客户端的认证信息确实是变了
    第 3 条附言  ·  2017-03-20 19:35:59 +08:00

    Re-using authenticated connection when unauthenticated

    google 到类似的问题,7.42.0 修复了 NTLM 的问题

    刚用 7.51.0 测试 socks5 的问题,还是会复用连接

    4 条回复    2017-03-21 11:46:13 +08:00
    pubby
        1
    pubby  
       2017-03-20 11:25:00 +08:00
    httpbin.org/ip keepalive 了吧,这样第二个请求根本不用走代理
    fuxkcsdn
        2
    fuxkcsdn  
    OP
       2017-03-20 19:04:33 +08:00
    @pubby 确实是 keep alive 了,但它还是走代理的,只是复用了链接而不重新发起 socks5 验证
    ```shell
    * Found bundle for host httpbin.org: 0x55ab9a6ec800
    * Re-using existing connection! (#0) with host 127.0.0.1
    * Connected to 127.0.0.1 (127.0.0.1) port 1080 (#0)
    ```

    详细日志
    ```shell
    * Hostname was NOT found in DNS cache
    * Trying 127.0.0.1...
    * Hostname was NOT found in DNS cache
    * 54
    * 235
    * 212
    * 238
    * Connected to 127.0.0.1 (127.0.0.1) port 1080 (#0)
    > GET /ip HTTP/1.1
    Host: httpbin.org
    User-Agent: GuzzleHttp/6.2.1 curl/7.38.0 PHP/7.0.16-1~dotdeb+8.1

    < HTTP/1.1 200 OK
    < Connection: keep-alive
    * Server gunicorn/19.7.0 is not blacklisted
    < Server: gunicorn/19.7.0
    < Date: Mon, 20 Mar 2017 11:00:08 GMT
    < Content-Type: application/json
    < Access-Control-Allow-Origin: *
    < Access-Control-Allow-Credentials: true
    < Content-Length: 30
    < Via: 1.1 vegur
    <
    * Connection #0 to host httpbin.org left intact
    {
    "origin": "xx.xx.xx.xx"
    }
    * Found bundle for host httpbin.org: 0x55ab9a6ec800
    * Re-using existing connection! (#0) with host 127.0.0.1
    * Connected to 127.0.0.1 (127.0.0.1) port 1080 (#0)
    > GET /ip HTTP/1.1
    Host: httpbin.org
    User-Agent: GuzzleHttp/6.2.1 curl/7.38.0 PHP/7.0.16-1~dotdeb+8.1

    < HTTP/1.1 200 OK
    < Connection: keep-alive
    * Server gunicorn/19.7.0 is not blacklisted
    < Server: gunicorn/19.7.0
    < Date: Mon, 20 Mar 2017 11:00:13 GMT
    < Content-Type: application/json
    < Access-Control-Allow-Origin: *
    < Access-Control-Allow-Credentials: true
    < Content-Length: 30
    < Via: 1.1 vegur
    <
    * Connection #0 to host httpbin.org left intact
    {
    "origin": "xx.xx.xx.xx"
    }
    ```
    pubby
        3
    pubby  
       2017-03-21 01:28:42 +08:00 via Android
    Socks5 协议里,每次连接才会认证用户,既然是连接复用,没有从新连接,只是在原来的连接上继续收发数据(HTTP 1.1 keepalive 的行为)。
    你可以指定请求头部 Connection: close 来禁止 keepalive 试试
    fuxkcsdn
        4
    fuxkcsdn  
    OP
       2017-03-21 11:46:13 +08:00
    @pubby 刚测试指定 Connection: close ,确实可以禁止复用连接
    关于   ·   帮助文档   ·   博客   ·   API   ·   FAQ   ·   实用小工具   ·   1172 人在线   最高记录 6679   ·     Select Language
    创意工作者们的社区
    World is powered by solitude
    VERSION: 3.9.8.5 · 23ms · UTC 18:16 · PVG 02:16 · LAX 10:16 · JFK 13:16
    Developed with CodeLauncher
    ♥ Do have faith in what you're doing.