Mac applications ignore proxychains after successful preloading
yi-ji opened this issue · 16 comments
Hi,
I have almost read all the similar issues but still no luck, so I opened a new one here for some help.
I am with MacOS 10.12, I want to use proxychains for a Mac application (Netease Music).
I am aware of the SIP problem. Running apps under /Applications shouldn't be affected, but I still copied the application from /Application to my home dir.
When I run in with DEBUG, I got:
proxychains4 /Applications/NeteaseMusic.app/Contents/MacOS/NeteaseMusic
[proxychains] config file found: /usr/local/etc/proxychains.conf
[proxychains] preloading /usr/local/lib/libproxychains4.dylib
DEBUG:init_lib_wrapper called from gcc_init
DEBUG:pid[31900]:at_init
DEBUG:pid[31900]:wait_data
DEBUG:[play] socks5 127.0.0.1:9050
[proxychains] DLL init: proxychains-ng 4.12-git-2-gb631b02
DEBUG:loaded symbol 'connect' real addr 0x7fffb9ba2314 wrapped addr 0x10e94dad0
DEBUG:loaded symbol 'sendto' real addr 0x7fffb9ba3030 wrapped addr 0x10e94e7f0
DEBUG:loaded symbol 'gethostbyname' real addr 0x7fffb9b74c37 wrapped addr 0x10e94e1b0
DEBUG:loaded symbol 'getaddrinfo' real addr 0x7fffb9b63d6a wrapped addr 0x10e94e230
DEBUG:loaded symbol 'freeaddrinfo' real addr 0x7fffb9b69370 wrapped addr 0x10e94e330
DEBUG:loaded symbol 'gethostbyaddr' real addr 0x7fffb9b74f5f wrapped addr 0x10e94e6c0
DEBUG:loaded symbol 'getnameinfo' real addr 0x7fffb9b6a9a1 wrapped addr 0x10e94a100
DEBUG:loaded symbol 'close' real addr 0x7fffb9ba3748 wrapped addr 0x10e94d9e0
2017-07-19 13:52:04.258 NeteaseMusic[31900:647532] NSWindow warning: adding an unknown subview: <INMovableByBackgroundContainerView: 0x7f806b473fc0>. Break on NSLog to debug.
2017-07-19 13:52:04.259 NeteaseMusic[31900:647532] Call stack:
(
0 AppKit 0x00007fffa207267d -[NSThemeFrame addSubview:] + 109
1 AppKit 0x00007fffa20723c8 -[NSView addSubview:positioned:relativeTo:] + 217
2 AppKit 0x00007fffa2888011 -[NSThemeFrame addSubview:positioned:relativeTo:] + 43
3 NeteaseMusic 0x000000010e75d701 NeteaseMusic + 169729
4 NeteaseMusic 0x000000010e75c539 NeteaseMusic + 165177
5 NeteaseMusic 0x000000010e75a7cc NeteaseMusic + 157644
6 NeteaseMusic 0x000000010e7687a7 NeteaseMusic + 214951
7 AppKit 0x00007fffa20dd287 -[NSWindowTemplate nibInstantiate] + 478
8 AppKit 0x00007fffa20269be -[NSIBObjectData instantiateObject:] + 286
9 AppKit 0x00007fffa20260b4 -[NSIBObjectData nibInstantiateWithOwner:options:topLevelObjects:] + 591
10 AppKit 0x00007fffa201d65e loadNib + 375
11 AppKit 0x00007fffa201cba4 +[NSBundle(NSNibLoading) _loadNibFile:nameTable:options:withZone:ownerBundle:] + 308
12 AppKit 0x00007fffa201c95c -[NSBundle(NSNibLoading) loadNibNamed:owner:topLevelObjects:] + 201
13 AppKit 0x00007fffa201c719 +[NSBundle(NSNibLoading) loadNibNamed:owner:] + 414
14 AppKit 0x00007fffa201756d NSApplicationMain + 498
15 libdyld.dylib 0x00007fffb9a74255 start + 1
)
DEBUG:pid[31900]:connect
DEBUG:pid[31900]:connect
DEBUG:pid[31900]:connect
2017-07-19 13:52:05.198 NeteaseMusic[31900:647532] *** WARNING: Method convertPointToBase: in class NSView is deprecated on 10.7 and later. It should not be used in new applications.
DEBUG:pid[31900]:connect
DEBUG:pid[31900]:connect
DEBUG:pid[31900]:connect
DEBUG:pid[31900]:connect
......(repeated lines of DEBUG:pid[31900]:connect)
and no more output after these. The application just run as usual, totally ignoring the proxy setting.
Here is some debug info may be helpful:
sudo dtruss -f proxychains4 ./Contents/MacOS/NeteaseMusic
dtrace: system integrity protection is on, some features will not be available
PID/THRD SYSCALL(args) = return
[proxychains] config file found: /usr/local/Cellar/proxychains-ng/4.7/etc/proxychains.conf
[proxychains] preloading /usr/local/Cellar/proxychains-ng/4.7/lib/libproxychains4.dylib
43246/0x9471f: open("/dev/dtracehelper\0", 0x2, 0x7FFF5E10C870) = 3 0
43246/0x9471f: ioctl(0x3, 0x80086804, 0x7FFF5E10C7F8) = 0 0
43246/0x9471f: close(0x3) = 0 0
43246/0x9471f: thread_selfid(0x3, 0x80086804, 0x7FFF5E10C7F8) = 608031 0
43246/0x9471f: bsdthread_register(0x7FFFA14FA1F0, 0x7FFFA14FA1E0, 0x2000) = 1073741919 0
43246/0x9471f: ulock_wake(0x1, 0x7FFF5E10BF1C, 0x0) = -1 Err#2
43246/0x9471f: issetugid(0x1, 0x7FFF5E10BF1C, 0x0) = 0 0
43246/0x9471f: mprotect(0x101AFF000, 0x88, 0x1) = 0 0
43246/0x9471f: mprotect(0x101B01000, 0x1000, 0x0) = 0 0
43246/0x9471f: mprotect(0x101B17000, 0x1000, 0x0) = 0 0
43246/0x9471f: mprotect(0x101B18000, 0x1000, 0x0) = 0 0
43246/0x9471f: mprotect(0x101B2E000, 0x1000, 0x0) = 0 0
43246/0x9471f: mprotect(0x101B2F000, 0x1000, 0x1) = 0 0
43246/0x9471f: mprotect(0x101AFF000, 0x88, 0x3) = 0 0
43246/0x9471f: mprotect(0x101AFF000, 0x88, 0x1) = 0 0
43246/0x9471f: getpid(0x101AFF000, 0x88, 0x1) = 43246 0
43246/0x9471f: stat64("/AppleInternal/XBS/.isChrooted\0", 0x7FFF5E10BDD8, 0x1) = -1 Err#2
43246/0x9471f: stat64("/AppleInternal\0", 0x7FFF5E10BE70, 0x1) = -1 Err#2
43246/0x9471f: csops(0xA8EE, 0x7, 0x7FFF5E10B900) = -1 Err#22
dtrace: error on enabled probe ID 2158 (ID 552: syscall::sysctl:return): invalid kernel access in action #11 at DIF offset 40
43246/0x9471f: csops(0xA8EE, 0x7, 0x7FFF5E10B1E0) = -1 Err#22
43246/0x9471f: open_nocancel(".\0", 0x0, 0x1) = 3 0
43246/0x9471f: fstat64(0x3, 0x7FFF5E10D440, 0x1) = 0 0
43246/0x9471f: fcntl_nocancel(0x3, 0x32, 0x7FFF5E10CFB0) = 0 0
43246/0x9471f: close_nocancel(0x3) = 0 0
43246/0x9471f: stat64("/Users/jiyi/Documents/repository/NetEaseMusicAbroad\0", 0x7FFF5E10D3B0, 0x7FFF5E10CFB0) = 0 0
43246/0x9471f: access("/Users/jiyi/Documents/repository/NetEaseMusicAbroad/proxychains.conf\0", 0x4, 0x7FFF5E10CFB0) = -1 Err#2
43246/0x9471f: access("/Users/jiyi/.proxychains/proxychains.conf\0", 0x4, 0x7FFF5E10CFB0) = -1 Err#2
43246/0x9471f: access("/usr/local/Cellar/proxychains-ng/4.7/etc/proxychains.conf\0", 0x4, 0x7FFF5E10CFB0) = 0 0
dtrace: error on enabled probe ID 2133 (ID 942: syscall::write_nocancel:return): invalid kernel access in action #13 at DIF offset 92
43246/0x9471f: access("./libproxychains4.dylib\0", 0x4, 0x5B) = -1 Err#2
43246/0x9471f: access("./libproxychains4.dylib\0", 0x4, 0x5B) = -1 Err#2
43246/0x9471f: access("/usr/local/Cellar/proxychains-ng/4.7/lib/libproxychains4.dylib\0", 0x4, 0x5B) = 0 0
dtrace: error on enabled probe ID 2133 (ID 942: syscall::write_nocancel:return): invalid kernel access in action #13 at DIF offset 92
Also, to prove that proxychains should work for this app, I used ldd to find out the dynamically loaded libs:
ldd Contents/MacOS/NeteaseMusic
Contents/MacOS/NeteaseMusic:
/System/Library/Frameworks/MediaPlayer.framework/Versions/A/MediaPlayer (compatibility version 1.0.0, current version 1.0.0)
@executable_path/../Frameworks/FLAC.framework/Versions/A/FLAC (compatibility version 1.0.0, current version 1.0.0)
/System/Library/Frameworks/SystemConfiguration.framework/Versions/A/SystemConfiguration (compatibility version 1.0.0, current version 888.20.5)
/System/Library/Frameworks/ScriptingBridge.framework/Versions/A/ScriptingBridge (compatibility version 1.0.0, current version 1.0.0)
/System/Library/Frameworks/QuartzCore.framework/Versions/A/QuartzCore (compatibility version 1.2.0, current version 1.11.0)
/System/Library/Frameworks/Security.framework/Versions/A/Security (compatibility version 1.0.0, current version 57740.20.22)
@rpath/MAC.framework/Versions/A/MAC (compatibility version 1.0.0, current version 1.0.0)
@rpath/CrashReporter.framework/Versions/A/CrashReporter (compatibility version 1.0.0, current version 1.0.0)
/System/Library/Frameworks/Carbon.framework/Versions/A/Carbon (compatibility version 2.0.0, current version 157.0.0)
/usr/lib/libsqlite3.dylib (compatibility version 9.0.0, current version 252.0.0)
/System/Library/Frameworks/Accelerate.framework/Versions/A/Accelerate (compatibility version 1.0.0, current version 4.0.0)
/System/Library/Frameworks/CoreMedia.framework/Versions/A/CoreMedia (compatibility version 1.0.0, current version 1.0.0)
/System/Library/Frameworks/AudioUnit.framework/Versions/A/AudioUnit (compatibility version 1.0.0, current version 1.0.0)
/System/Library/Frameworks/CoreAudio.framework/Versions/A/CoreAudio (compatibility version 1.0.0, current version 1.0.0)
/System/Library/Frameworks/AudioToolbox.framework/Versions/A/AudioToolbox (compatibility version 1.0.0, current version 492.0.0)
/usr/lib/libz.1.dylib (compatibility version 1.0.0, current version 1.2.8)
/System/Library/Frameworks/AVFoundation.framework/Versions/A/AVFoundation (compatibility version 1.0.0, current version 2.0.0)
/System/Library/Frameworks/IOKit.framework/Versions/A/IOKit (compatibility version 1.0.0, current version 275.0.0)
/System/Library/Frameworks/JavaScriptCore.framework/Versions/A/JavaScriptCore (compatibility version 1.0.0, current version 602.2.14)
/System/Library/Frameworks/WebKit.framework/Versions/A/WebKit (compatibility version 1.0.0, current version 602.2.14)
/System/Library/Frameworks/Cocoa.framework/Versions/A/Cocoa (compatibility version 1.0.0, current version 22.0.0)
/System/Library/Frameworks/Foundation.framework/Versions/C/Foundation (compatibility version 300.0.0, current version 1349.0.0)
/usr/lib/libobjc.A.dylib (compatibility version 1.0.0, current version 228.0.0)
/usr/lib/libc++.1.dylib (compatibility version 1.0.0, current version 307.4.0)
/usr/lib/libSystem.B.dylib (compatibility version 1.0.0, current version 1238.0.0)
/System/Library/Frameworks/AppKit.framework/Versions/C/AppKit (compatibility version 45.0.0, current version 1504.59.0)
/System/Library/Frameworks/ApplicationServices.framework/Versions/A/ApplicationServices (compatibility version 1.0.0, current version 48.0.0)
/System/Library/Frameworks/CoreFoundation.framework/Versions/A/CoreFoundation (compatibility version 150.0.0, current version 1348.15.0)
/System/Library/Frameworks/CoreGraphics.framework/Versions/A/CoreGraphics (compatibility version 64.0.0, current version 1070.6.0)
/System/Library/Frameworks/CoreServices.framework/Versions/A/CoreServices (compatibility version 1.0.0, current version 775.8.2)
Also I set a breakpoint at connect function using lldb, and I got:
(lldb) breakpoint set --name connect
error: libarclite_macosx.a(arclite.o) failed to load objfile for /Applications/Xcode.app/Contents/Developer/Toolchains/XcodeDefault.xctoolchain/usr/lib/arc/libarclite_macosx.a
Breakpoint 1: 24 locations.
when i hit run, I got two kinds of breakpoint stop (mostly the first):
(lldb) run
Process 1294 launched: '/Applications/NeteaseMusic.app/Contents/MacOS/NeteaseMusic' (x86_64)
Process 1294 stopped
* thread #6: tid = 0x306f, 0x00007fffb9ba2314 libsystem_kernel.dylib`__connect, queue = 'com.apple.network.resolver_queue', stop reason = breakpoint 1.19
frame #0: 0x00007fffb9ba2314 libsystem_kernel.dylib`__connect
libsystem_kernel.dylib`__connect:
-> 0x7fffb9ba2314 <+0>: movl $0x2000062, %eax ; imm = 0x2000062
0x7fffb9ba2319 <+5>: movq %rcx, %r10
0x7fffb9ba231c <+8>: syscall
0x7fffb9ba231e <+10>: jae 0x7fffb9ba2328 ; <+20>
and
(lldb) continue
Process 1294 resuming
Process 1294 stopped
* thread #1: tid = 0x3033, 0x00007fffac58c350 WebCore`WebCore::WebSocketChannel::connect(WebCore::URL const&, WTF::String const&), queue = 'com.apple.main-thread', stop reason = breakpoint 1.14
frame #0: 0x00007fffac58c350 WebCore`WebCore::WebSocketChannel::connect(WebCore::URL const&, WTF::String const&)
WebCore`WebCore::WebSocketChannel::connect:
-> 0x7fffac58c350 <+0>: pushq %rbp
0x7fffac58c351 <+1>: movq %rsp, %rbp
0x7fffac58c354 <+4>: pushq %r15
0x7fffac58c356 <+6>: pushq %r14
I am not sure about which should be the hooked function. I hope this info is useful.
Of course I tested on some other programs such as ping and curl, it had no problem.
I also tested on some other Mac applications, failed in the same way (proxychains ignored).
Out of ideas now. I would really appreciate some kind help.
@valkjsaaa Thanks but like I said at beginning, it shouldn't be SIP problem...
@yi-ji you are right, but unfortunately i cannot tell you what the issue is, due to lack of apple hardware.
i suspect it could be related to the issue i tried to fix in f1e5f2b .
so if you feel adventurous enough you may try to disable the "close" hook in libproxychains.c:
comment out this line SETUP_SYM(close);, this linewhile(close_fds_cnt) true_close(close_fds[--close_fds_cnt]); and this block:
int close(int fd) {
...
}you can comment out the block by putting it between #if 0 and #endif statements.
that could eventually fix the issue, but then proxychains will not work anymore with programs like ssh that greadily close all open fds on startup (that's why the close hook was introduced). it would however already be helpful to know if that is causing the issue.
Hi @rofl0r ,
First many thanks to your quick reply and kind help!
Though not fully understanding, I tried your suggestion (as in yi-ji@b631b02), compiled it and tested again, but unfortunately the outcome is exactly the same.
I checked by running dtruss -f proxychains4 ./Contents/MacOS/NeteaseMusic again and the output log weren't changed at all.
Also, as you mentioned this change will make proxychains not work for ssh, but I tested, it still works for ssh. But I am pretty sure I made those changes as you told.
So, seems we haven't found the real reason causing the issue yet?
that's weird, your commit looks correct. maybe you forgot to install the newly built libproxychains.dylib after you compiled it ?
sorry for late reply.
well I did run
make install
./tools/install.sh -D -m 644 libproxychains4.dylib /usr/local/lib/libproxychains4.dylib
./tools/install.sh -D -m 755 proxychains4 /usr/local/bin/proxychains4
and I verified it
stat /usr/local/lib/libproxychains4.dylib
16777220 33818559 -rw-r--r-- 1 jiyi admin 0 53960 "Jul 17 10:32:28 2017" "Jul 17 10:32:28 2017" "Jul 17 10:32:28 2017" "Jul 17 10:32:28 2017" 4096 112 0 /usr/local/lib/libproxychains4.dylib
and also when I launch proxychains and the application, this dylib is surely accessed.
In addition, I complied version 4.11 (before issue #119) and it still doesn't work. An interesting thing is that someone is using proxychains for the same app as me in #119 but his problem is simply fixed by the master branch while I am not. TAT
And finally an important observation: proxychains works for some apps such as firefox. But NeteaseMusic is not the only failed app either.
well, the way proxychains does things is a hack and will always stay a hack (as mentioned on top of the README).
apart from stepping through the code and finding the exact issue you encounter (which would require a mac), the only thing i can think of i could do to help you is introduce a proxychains-3 compat mode which disables 2 things:
- close hook
- remote-dns, and generally doing all DNS resolves through proxyresolve shell script (which requires dig and a DNS server which accepts TCP requests. that way the code doesn't have to touch pthread code etc. this is much slower, and obviously doesn't work with .onion urls, but it's more robust.
I updated the output info with DEBUG defined, in the first comment, top of this page. (I enabled close hook for full debug info.) It seems that the hooked connect function does not work well, returned to unhooked connect:
if(!((fam == AF_INET || fam == AF_INET6) && socktype == SOCK_STREAM))
return true_connect(sock, addr, len);
So I tried to comment out these two lines, and printed out fam, socktype, and I got this repeatedly (only this, nothing else):
DEBUG:pid[34693]:connect
DEBUG:fam is 32 != AF_INET and != AF_INET6, DEBUG:socktype is 2 != SOCK_STREAM
DEBUG:target: 9.0.0.0
DEBUG:port: 512
DEBUG:pid[34693]:connect_proxy_chain
DEBUG:[play] socks5 127.0.0.1:9050
[proxychains] Strict chain ... 127.0.0.1:9050 DEBUG:pid[34693]:timed_connect
DEBUG:
connect ret=-1
DEBUG:
poll ret=1
DEBUG:
value=61
... timeout
DEBUG:start_chain failed
DEBUG:error
The weirdest thing is that even if the above outputs look like proxychains is working, but still NeteaseMusic can work normally (I haven't set up the proxy server at port 9050 yet). This does not happen in Firefox case (Firefox cannot open webpages if proxy server is down).
I will soon set up my proxy server and check whether simply removing those two lines will finally solve the problem.
For more info about this app, NeteaseMusic, I pasted outputs from lsof -i | grep Netease
NeteaseMu 32165 jiyi 14u IPv4 0t0 TCP localhost:62601->localhost:commplex-link (ESTABLISHED)
NeteaseMu 32165 jiyi 36u IPv4 0t0 TCP 192.168.11.33:62659->103.211.228.143:https (ESTABLISHED)
NeteaseMu 32165 jiyi 40u IPv4 0t0 TCP 192.168.11.33:62615->223.252.199.6:6003 (ESTABLISHED)
NeteaseMu 32165 jiyi 42u IPv4 0t0 TCP 192.168.11.33:62660->103.211.228.143:https (ESTABLISHED)
NeteaseMu 32165 jiyi 49u IPv4 0t0 TCP 192.168.11.33:62617->223.252.199.6:6003 (ESTABLISHED)
NeteaseMu 32165 jiyi 50u IPv4 0t0 TCP 192.168.11.33:62617->223.252.199.6:6003 (ESTABLISHED)
NeteaseMu 32165 jiyi 14u IPv4 0t0 TCP localhost:62601->localhost:commplex-link (ESTABLISHED)
NeteaseMu 32165 jiyi 36u IPv4 0t0 TCP 192.168.11.33:62670->103.211.228.143:https (ESTABLISHED)
NeteaseMu 32165 jiyi 40u IPv4 0t0 TCP 192.168.11.33:62615->223.252.199.6:6003 (ESTABLISHED)
NeteaseMu 32165 jiyi 49u IPv4 0t0 TCP 192.168.11.33:62617->223.252.199.6:6003 (ESTABLISHED)
NeteaseMu 32165 jiyi 50u IPv4 0t0 TCP 192.168.11.33:62617->223.252.199.6:6003 (ESTABLISHED)
NeteaseMu 32165 jiyi 14u IPv4 0t0 TCP localhost:62601->localhost:commplex-link (ESTABLISHED)
NeteaseMu 32165 jiyi 40u IPv4 0t0 TCP 192.168.11.33:62615->223.252.199.6:6003 (ESTABLISHED)
NeteaseMu 32165 jiyi 49u IPv4 0t0 TCP 192.168.11.33:62617->223.252.199.6:6003 (ESTABLISHED)
NeteaseMu 32165 jiyi 50u IPv4 0t0 TCP 192.168.11.33:62617->223.252.199.6:6003 (ESTABLISHED)
NeteaseMu 32165 jiyi 36u IPv4 0t0 TCP 192.168.11.33:62672->103.211.228.143:https (ESTABLISHED)
NeteaseMu 32165 jiyi 42u IPv4 0t0 TCP 192.168.11.33:62678->103.211.228.143:https (ESTABLISHED)
I think we are close to the answer...again I would like to thank you for your patience all the time :)
stupid am I ... I noticed that socktype is 2 which is SOCK_DGRAM, and it is UDP-based.
Seems this is the answer and no solution available, right...?
This confused me because what I want to forward to proxy server are GET and POST requests. They are HTTP requests and should base on TCP. Why didn't they appear in the debug info? (I am sure about GET and POST are sent from NeteaseMusic, shown by a web debugging software).
Also, sock family is 32 which is AF_SYSTEM /* Kernel event messages */ defined in <sys/socket.h>, this is totally weird.
Another failed app gave the some debug info (sock family = AF_SYSTEM, sock type = SOCK_DGRAM) so I am thinking maybe still somewhere is wrong and can be solved.
i guess we could improve debug mode to output that we deal with UDP... but yeah, the address family you got there is weird. check your mac's include directory and grep for AF_INET or PF_INET to find out which named option 32 corresponds to.
I have checked <socket.h> at follows:
/usr/include/sys/socket.h
/System/Library/Frameworks/Kernel.framework/Versions/A/Headers/sys/socket.h
/Library/Developer/CommandLineTools/SDKs/MacOSX.sdk/usr/include/sys/socket.h
and they have same definitions:
#define AF_INET 2 /* internetwork: UDP, TCP, etc. */
#define AF_INET6 30 /* IPv6 */
#define AF_SYSTEM 32 /* Kernel event messages */
#define PF_INET AF_INET
So now I am not sure how to further debug. I set up my proxy server, and sadly no HTTP request is received.
Finally I found an alternative for my purpose. I have tried pfctl (package forwarding) but it's not working and acting weired as well. Then I came to notice that
networksetup -setautoproxyurl wi-fi file:///.../NetEaseMusic.pac
can simply do the task, although it is essentially a global proxy😂
In .pac file just write:
function FindProxyForURL(url, host) {
if (isInNet(host, dnsResolve("music.163.com"), "255.255.255.255"))
{
return "PROXY localhost:32794";
}
return "DIRECT";
}
Many thanks for all the help. But maybe it's time to give up on finding out why a hack it's not working -- like you said, hack does not always work. 😢
thanks, according to you paste
#define AF_SYSTEM 32 /* Kernel event messages */that means the thing you were looking at was some sort of kernel event socket(?) communication.
I'm hitting this with the Mac App Store version of Airmail 3, where the application also ignores the proxy.
if "this" means "doesn't work on mac" i think you should look at the other mac specific issues.
it could help to install the app in a non-system path, for example. the specific issue discussed here is wrong handling of non-SOCK_STREAM and AF_INET socket types.
Sorry for being a bit vague. You're right, I hadn't gotten to that bit of the issue yet, so seems like this doesn't have the same issue here.
Yes, I had attempted copying it to the home folder and running it from there, so I think there's something else going on. Also seeing libc++ libraries when doing a otool -L on the binary.
I suspect it's something to do with CFNetwork, since I see log messages like:
2018-11-07 00:26:39.181 Airmail 3[44996:5632005] CFNetwork SSLHandshake failed (-9806)
遇到同样的问题