[prev in list] [next in list] [prev in thread] [next in thread]
List: stunnel-users
Subject: [stunnel-users] Session reuse problem
From: Alen Loncaric <alen.loncaric () avera ! si>
Date: 2021-09-10 5:45:56
Message-ID: CAOfYKABts7D9kc7mP7YU=wLG8FHW7S5sKSW83Gsm-8Kp7CmA-g () mail ! gmail ! com
[Download RAW message or body]
[Attachment #2 (multipart/alternative)]
Hi guys,
any reason my stunnel would not reuse sessions?
2021.09.09 13:14:00 LOG7[9]: TLS state (connect): before SSL initialization
2021.09.09 13:14:00 LOG6[8]: writesocket: Socket is closed
2021.09.09 13:14:00 LOG7[9]: Initializing application specific data
for session authenticated
2021.09.09 13:14:00 LOG5[8]: Connection closed: 170 byte(s) sent to
TLS, 32768 byte(s) sent to socket
2021.09.09 13:14:00 LOG7[8]: Remote descriptor (FD=10) closed
2021.09.09 13:14:00 LOG7[8]: Local descriptor (FD=3) closed
2021.09.09 13:14:00 LOG7[8]: Service [squid] finished
2021.09.09 13:14:00 LOG7[ui]: Found 1 ready file descriptor(s)
2021.09.09 13:14:00 LOG7[ui]: FD=4 events=0x1 revents=0x1
2021.09.09 13:14:00 LOG7[ui]: FD=10 events=0x1 revents=0x0
2021.09.09 13:14:00 LOG7[ui]: Dispatching a signal from the signal pipe
2021.09.09 13:14:00 LOG7[ui]: Processing SIGCHLD
2021.09.09 13:14:00 LOG7[ui]: Retrieving pid statuses with waitpid()
2021.09.09 13:14:00 LOG6[ui]: Process 1933 finished with code 0
2021.09.09 13:14:00 LOG7[9]: TLS state (connect): SSLv3/TLS write client hello
2021.09.09 13:14:00 LOG7[9]: TLS state (connect): SSLv3/TLS write client hello
2021.09.09 13:14:00 LOG7[9]: TLS state (connect): SSLv3/TLS read server hello
2021.09.09 13:14:00 LOG6[9]: Certificate verification disabled
2021.09.09 13:14:00 LOG6[9]: Certificate verification disabled
2021.09.09 13:14:00 LOG7[9]: TLS state (connect): SSLv3/TLS read
server certificate
2021.09.09 13:14:00 LOG6[9]: Client certificate not requested
2021.09.09 13:14:00 LOG7[9]: TLS state (connect): SSLv3/TLS read server done
2021.09.09 13:14:00 LOG7[9]: TLS state (connect): SSLv3/TLS write
client key exchange
2021.09.09 13:14:00 LOG7[9]: TLS state (connect): SSLv3/TLS write
change cipher spec
2021.09.09 13:14:00 LOG7[9]: TLS state (connect): SSLv3/TLS write finished
2021.09.09 13:14:00 LOG7[9]: TLS state (connect): SSLv3/TLS write finished
2021.09.09 13:14:00 LOG7[9]: TLS state (connect): SSLv3/TLS read
server session ticket
2021.09.09 13:14:00 LOG7[9]: TLS state (connect): SSLv3/TLS read
change cipher spec
2021.09.09 13:14:00 LOG7[9]: TLS state (connect): SSLv3/TLS read finished
2021.09.09 13:14:00 LOG7[9]: New session callback
2021.09.09 13:14:00 LOG7[9]: Peer certificate was cached (2037 bytes)
2021.09.09 13:14:00 LOG6[9]: Session id:
DC783240F69C6910A2F8B9829504840EF619E30A14FEA982C944FBFB6828555F
2021.09.09 13:14:00 LOG7[9]: 1 client connect(s) requested
2021.09.09 13:14:00 LOG7[9]: 1 client connect(s) succeeded
2021.09.09 13:14:00 LOG7[9]: 0 client renegotiation(s) requested
2021.09.09 13:14:00 LOG7[9]: 0 session reuse(s)
2021.09.09 13:14:00 LOG6[9]: TLS connected: new session negotiated
2021.09.09 13:14:00 LOG6[9]: TLSv1.2 ciphersuite: AES128-GCM-SHA256
(128-bit encryption)
2021.09.09 13:14:00 LOG3[9]: SSL_get_peer_tmp_key: Peer suddenly disconnected
2021.09.09 13:14:00 LOG7[9]: Compression: null, expansion: null
2021.09.09 13:14:01 LOG6[9]: Read socket closed (readsocket)
2021.09.09 13:14:01 LOG7[9]: Sending close_notify alert
2021.09.09 13:14:01 LOG6[9]: socket fd: Broken pipe (32)
2021.09.09 13:14:01 LOG7[9]: TLS alert (write): warning: close notify
2021.09.09 13:14:01 LOG6[9]: SSL_shutdown successfully sent close_notify alert
2021.09.09 13:14:01 LOG6[9]: writesocket: Socket is closed
2021.09.09 13:14:01 LOG5[9]: Connection closed: 170 byte(s) sent to
TLS, 32768 byte(s) sent to socket
2021.09.09 13:14:01 LOG7[9]: Remote descriptor (FD=10) closed
2021.09.09 13:14:01 LOG7[9]: Local descriptor (FD=3) closed
2021.09.09 13:14:01 LOG7[9]: Service [squid] finished
2021.09.09 13:14:01 LOG7[ui]: Found 1 ready file descriptor(s)
2021.09.09 13:14:01 LOG7[ui]: FD=4 events=0x1 revents=0x1
2021.09.09 13:14:01 LOG7[ui]: FD=10 events=0x1 revents=0x0
2021.09.09 13:14:01 LOG7[ui]: Dispatching a signal from the signal pipe
2021.09.09 13:14:01 LOG7[ui]: Processing SIGCHLD
2021.09.09 13:14:01 LOG7[ui]: Retrieving pid statuses with waitpid()
2021.09.09 13:14:01 LOG6[ui]: Process 1934 finished with code 0
2021.09.09 13:14:03 LOG7[ui]: Found 1 ready file descriptor(s)
2021.09.09 13:14:03 LOG7[ui]: FD=4 events=0x1 revents=0x0
2021.09.09 13:14:03 LOG7[ui]: FD=10 events=0x1 revents=0x1
2021.09.09 13:14:03 LOG7[ui]: Service [squid] accepted (FD=3) from
127.0.0.1:49567
2021.09.09 13:14:03 LOG7[10]: Service [squid] started
2021.09.09 13:14:03 LOG7[10]: Setting local socket options (FD=3)
2021.09.09 13:14:03 LOG7[10]: Option TCP_NODELAY set on local socket
2021.09.09 13:14:03 LOG5[10]: Service [squid] accepted connection from
127.0.0.1:49567
2021.09.09 13:14:03 LOG6[10]: s_connect: connecting 44.44.44.44:522
2021.09.09 13:14:03 LOG7[10]: s_connect: s_poll_wait 44.44.44.44:522:
waiting 10 seconds
2021.09.09 13:14:03 LOG7[10]: FD=6 events=0x1 revents=0x0
2021.09.09 13:14:03 LOG7[10]: FD=10 events=0x5 revents=0x0
2021.09.09 13:14:03 LOG5[10]: s_connect: connected 44.44.44.44:522
2021.09.09 13:14:03 LOG5[10]: Service [squid] connected remote server
from 10.1.3.57:42843
2021.09.09 13:14:03 LOG7[10]: Setting remote socket options (FD=10)
2021.09.09 13:14:03 LOG7[10]: Option TCP_NODELAY set on remote socket
2021.09.09 13:14:03 LOG7[10]: Remote descriptor (FD=10) initialized
2021.09.09 13:14:03 LOG6[10]: SNI: sending servername: 44.44.44.44
2021.09.09 13:14:03 LOG6[10]: Peer certificate not required
2021.09.09 13:14:03 LOG7[10]: TLS state (connect): before SSL initialization
2021.09.09 13:14:03 LOG7[10]: Initializing application specific data
for session authenticated
2021.09.09 13:14:03 LOG7[10]: TLS state (connect): SSLv3/TLS write client hello
2021.09.09 13:14:03 LOG7[10]: TLS state (connect): SSLv3/TLS write client hello
2021.09.09 13:14:03 LOG7[10]: TLS state (connect): SSLv3/TLS read server hello
2021.09.09 13:14:03 LOG6[10]: Certificate verification disabled
2021.09.09 13:14:03 LOG6[10]: Certificate verification disabled
2021.09.09 13:14:03 LOG7[10]: TLS state (connect): SSLv3/TLS read
server certificate
2021.09.09 13:14:03 LOG6[10]: Client certificate not requested
2021.09.09 13:14:03 LOG7[10]: TLS state (connect): SSLv3/TLS read server done
2021.09.09 13:14:03 LOG7[10]: TLS state (connect): SSLv3/TLS write
client key exchange
2021.09.09 13:14:03 LOG7[10]: TLS state (connect): SSLv3/TLS write
change cipher spec
2021.09.09 13:14:03 LOG7[10]: TLS state (connect): SSLv3/TLS write finished
2021.09.09 13:14:03 LOG7[10]: TLS state (connect): SSLv3/TLS write finished
2021.09.09 13:14:03 LOG7[10]: TLS state (connect): SSLv3/TLS read
server session ticket
2021.09.09 13:14:03 LOG7[10]: TLS state (connect): SSLv3/TLS read
change cipher spec
2021.09.09 13:14:03 LOG7[10]: TLS state (connect): SSLv3/TLS read finished
2021.09.09 13:14:03 LOG7[10]: New session callback
2021.09.09 13:14:03 LOG7[10]: Peer certificate was cached (2037 bytes)
2021.09.09 13:14:03 LOG6[10]: Session id:
85FD50E2A9D57B12D315C834EBA949CF015B7776C6A18486B06CE53F4C52D689
2021.09.09 13:14:03 LOG7[10]: 1 client connect(s) requested
2021.09.09 13:14:03 LOG7[10]: 1 client connect(s) succeeded
2021.09.09 13:14:03 LOG7[10]: 0 client renegotiation(s) requested
2021.09.09 13:14:03 LOG7[10]: 0 session reuse(s)
2021.09.09 13:14:03 LOG6[10]: TLS connected: new session negotiated
2021.09.09 13:14:03 LOG6[10]: TLSv1.2 ciphersuite: AES128-GCM-SHA256
(128-bit encryption)
2021.09.09 13:14:03 LOG3[10]: SSL_get_peer_tmp_key: Peer suddenly disconnected
2021.09.09 13:14:03 LOG7[10]: Compression: null, expansion: null
2021.09.09 13:14:03 LOG7[ui]: Found 1 ready file descriptor(s)
2021.09.09 13:14:03 LOG7[ui]: FD=4 events=0x1 revents=0x0
2021.09.09 13:14:03 LOG7[ui]: FD=10 events=0x1 revents=0x1
2021.09.09 13:14:03 LOG7[ui]: Service [squid] accepted (FD=3) from
127.0.0.1:49569
2021.09.09 13:14:03 LOG7[11]: Service [squid] started
2021.09.09 13:14:03 LOG7[11]: Setting local socket options (FD=3)
2021.09.09 13:14:03 LOG7[11]: Option TCP_NODELAY set on local socket
2021.09.09 13:14:03 LOG5[11]: Service [squid] accepted connection from
127.0.0.1:49569
2021.09.09 13:14:03 LOG6[11]: s_connect: connecting 44.44.44.44:522
2021.09.09 13:14:03 LOG7[11]: s_connect: s_poll_wait 44.44.44.44:522:
waiting 10 seconds
2021.09.09 13:14:03 LOG7[11]: FD=6 events=0x1 revents=0x0
2021.09.09 13:14:03 LOG7[11]: FD=10 events=0x5 revents=0x0
2021.09.09 13:14:03 LOG5[11]: s_connect: connected 44.44.44.44:522
2021.09.09 13:14:03 LOG5[11]: Service [squid] connected remote server
from 10.1.3.57:42845
2021.09.09 13:14:03 LOG6[10]: Read socket closed (readsocket)
2021.09.09 13:14:03 LOG7[11]: Setting remote socket options (FD=10)
2021.09.09 13:14:03 LOG7[11]: Option TCP_NODELAY set on remote socket
2021.09.09 13:14:03 LOG7[11]: Remote descriptor (FD=10) initialized
2021.09.09 13:14:03 LOG7[10]: Sending close_notify alert
2021.09.09 13:14:03 LOG6[11]: SNI: sending servername: 44.44.44.44
2021.09.09 13:14:03 LOG6[10]: socket fd: Broken pipe (32)
2021.09.09 13:14:03 LOG6[11]: Peer certificate not required
2021.09.09 13:14:03 LOG7[10]: TLS alert (write): warning: close notify
2021.09.09 13:14:03 LOG6[10]: SSL_shutdown successfully sent close_notify alert
2021.09.09 13:14:03 LOG6[10]: writesocket: Socket is closed
2021.09.09 13:14:03 LOG7[11]: TLS state (connect): before SSL
initialization2021.09.09 13:14:03 LOG5[10]: Connection closed: 170
byte(s) sent to TLS, 32768 byte(s) sent to socket
2021.09.09 13:14:03 LOG7[11]: Initializing application specific data
for session authenticated
2021.09.09 13:14:03 LOG7[10]: Remote descriptor (FD=10) closed
2021.09.09 13:14:03 LOG7[10]: Local descriptor (FD=3) closed
2021.09.09 13:14:03 LOG7[10]: Service [squid] finished
2021.09.09 13:14:03 LOG7[ui]: Found 1 ready file descriptor(s)
2021.09.09 13:14:03 LOG7[ui]: FD=4 events=0x1 revents=0x1
2021.09.09 13:14:03 LOG7[ui]: FD=10 events=0x1 revents=0x0
2021.09.09 13:14:03 LOG7[ui]: Dispatching a signal from the signal pipe
2021.09.09 13:14:03 LOG7[ui]: Processing SIGCHLD
2021.09.09 13:14:03 LOG7[ui]: Retrieving pid statuses with waitpid()
2021.09.09 13:14:03 LOG6[ui]: Process 1937 finished with code 0
2021.09.09 13:14:03 LOG7[11]: TLS state (connect): SSLv3/TLS write client hello
2021.09.09 13:14:03 LOG7[11]: TLS state (connect): SSLv3/TLS write client hello
2021.09.09 13:14:03 LOG7[11]: TLS state (connect): SSLv3/TLS read server hello
2021.09.09 13:14:03 LOG6[11]: Certificate verification disabled
2021.09.09 13:14:03 LOG6[11]: Certificate verification disabled
2021.09.09 13:14:03 LOG7[11]: TLS state (connect): SSLv3/TLS read
server certificate
2021.09.09 13:14:03 LOG6[11]: Client certificate not requested
2021.09.09 13:14:03 LOG7[11]: TLS state (connect): SSLv3/TLS read server done
2021.09.09 13:14:03 LOG7[11]: TLS state (connect): SSLv3/TLS write
client key exchange
2021.09.09 13:14:03 LOG7[11]: TLS state (connect): SSLv3/TLS write
change cipher spec
2021.09.09 13:14:03 LOG7[11]: TLS state (connect): SSLv3/TLS write finished
2021.09.09 13:14:03 LOG7[11]: TLS state (connect): SSLv3/TLS write finished
2021.09.09 13:14:03 LOG7[11]: TLS state (connect): SSLv3/TLS read
server session ticket
2021.09.09 13:14:03 LOG7[11]: TLS state (connect): SSLv3/TLS read
change cipher spec
2021.09.09 13:14:03 LOG7[11]: TLS state (connect): SSLv3/TLS read finished
2021.09.09 13:14:03 LOG7[11]: New session callback
2021.09.09 13:14:03 LOG7[11]: Peer certificate was cached (2037 bytes)
2021.09.09 13:14:03 LOG6[11]: Session id:
B171BF0D4CDB808D50C3CE4CDAA6AE53F2396068A9BD947D8277294F91CCFBFE
2021.09.09 13:14:03 LOG7[11]: 1 client connect(s) requested
2021.09.09 13:14:03 LOG7[11]: 1 client connect(s) succeeded
2021.09.09 13:14:03 LOG7[11]: 0 client renegotiation(s) requested
2021.09.09 13:14:03 LOG7[11]: 0 session reuse(s)
2021.09.09 13:14:03 LOG6[11]: TLS connected: new session negotiated
2021.09.09 13:14:03 LOG6[11]: TLSv1.2 ciphersuite: AES128-GCM-SHA256
(128-bit encryption)
2021.09.09 13:14:03 LOG3[11]: SSL_get_peer_tmp_key: Peer suddenly disconnected
2021.09.09 13:14:03 LOG7[11]: Compression: null, expansion: null
2021.09.09 13:14:03 LOG6[11]: Read socket closed (readsocket)
2021.09.09 13:14:03 LOG7[11]: Sending close_notify alert
2021.09.09 13:14:03 LOG6[11]: socket fd: Broken pipe (32)
2021.09.09 13:14:03 LOG7[11]: TLS alert (write): warning: close notify
2021.09.09 13:14:03 LOG6[11]: SSL_shutdown successfully sent close_notify alert
2021.09.09 13:14:03 LOG6[11]: writesocket: Socket is closed
2021.09.09 13:14:03 LOG5[11]: Connection closed: 170 byte(s) sent to
TLS, 32768 byte(s) sent to socket
2021.09.09 13:14:03 LOG7[11]: Remote descriptor (FD=10) closed
2021.09.09 13:14:03 LOG7[11]: Local descriptor (FD=3) closed
2021.09.09 13:14:03 LOG7[11]: Service [squid] finished
2021.09.09 13:14:03 LOG7[ui]: Found 1 ready file descriptor(s)
2021.09.09 13:14:03 LOG7[ui]: FD=4 events=0x1 revents=0x1
2021.09.09 13:14:03 LOG7[ui]: FD=10 events=0x1 revents=0x0
2021.09.09 13:14:03 LOG7[ui]: Dispatching a signal from the signal pipe
2021.09.09 13:14:03 LOG7[ui]: Processing SIGCHLD
2021.09.09 13:14:03 LOG7[ui]: Retrieving pid statuses with waitpid()
2021.09.09 13:14:03 LOG6[ui]: Process 1938 finished with code 0
If i test with s_client: openssl s_client -connect 44.44.44.44:522
-reconnect
I see TLS reused every time.
Thank you!
[Attachment #5 (text/html)]
<div dir="ltr"><div class="gmail_default" style="font-family:tahoma,sans-serif">Hi \
guys,</div><div class="gmail_default" \
style="font-family:tahoma,sans-serif"><br></div><div class="gmail_default" \
style="font-family:tahoma,sans-serif"><p \
style="margin-top:0px;margin-right:0px;margin-left:0px;padding:0px;border:0px;font-var \
iant-numeric:inherit;font-variant-east-asian:inherit;font-stretch:inherit;line-height:inherit;font-family:-apple-system,BlinkMacSystemFont,"Segoe \
UI","Liberation \
Sans",sans-serif;font-size:15px;vertical-align:baseline;box-sizing:inherit;clear:both;color:rgb(35,38,41)">any \
reason my stunnel would not reuse sessions?</p><pre \
style="margin-top:0px;padding:12px;border:0px;font-variant-numeric:inherit;font-varian \
t-east-asian:inherit;font-stretch:inherit;line-height:1.30769;font-size:13px;vertical- \
align:baseline;box-sizing:inherit;width:auto;max-height:600px;overflow:auto;border-radius:5px"><code \
style="margin:0px;padding:0px;border:0px;font-style:inherit;font-variant:inherit;font- \
weight:inherit;font-stretch:inherit;line-height:inherit;vertical-align:baseline;box-si \
zing:inherit;background-color:transparent;white-space:inherit;border-radius:0px">2021.09.09 \
13:14:00 LOG7[9]: TLS state (connect): before SSL initialization 2021.09.09 13:14:00 \
LOG6[8]: writesocket: Socket is closed 2021.09.09 13:14:00 LOG7[9]: Initializing \
application specific data for session authenticated 2021.09.09 13:14:00 LOG5[8]: \
Connection closed: 170 byte(s) sent to TLS, 32768 byte(s) sent to socket 2021.09.09 \
13:14:00 LOG7[8]: Remote descriptor (FD=10) closed 2021.09.09 13:14:00 LOG7[8]: Local \
descriptor (FD=3) closed 2021.09.09 13:14:00 LOG7[8]: Service [squid] finished
2021.09.09 13:14:00 LOG7[ui]: Found 1 ready file descriptor(s)
2021.09.09 13:14:00 LOG7[ui]: FD=4 events=0x1 revents=0x1
2021.09.09 13:14:00 LOG7[ui]: FD=10 events=0x1 revents=0x0
2021.09.09 13:14:00 LOG7[ui]: Dispatching a signal from the signal pipe
2021.09.09 13:14:00 LOG7[ui]: Processing SIGCHLD
2021.09.09 13:14:00 LOG7[ui]: Retrieving pid statuses with waitpid()
2021.09.09 13:14:00 LOG6[ui]: Process 1933 finished with code 0
2021.09.09 13:14:00 LOG7[9]: TLS state (connect): SSLv3/TLS write client hello
2021.09.09 13:14:00 LOG7[9]: TLS state (connect): SSLv3/TLS write client hello
2021.09.09 13:14:00 LOG7[9]: TLS state (connect): SSLv3/TLS read server hello
2021.09.09 13:14:00 LOG6[9]: Certificate verification disabled
2021.09.09 13:14:00 LOG6[9]: Certificate verification disabled
2021.09.09 13:14:00 LOG7[9]: TLS state (connect): SSLv3/TLS read server certificate
2021.09.09 13:14:00 LOG6[9]: Client certificate not requested
2021.09.09 13:14:00 LOG7[9]: TLS state (connect): SSLv3/TLS read server done
2021.09.09 13:14:00 LOG7[9]: TLS state (connect): SSLv3/TLS write client key exchange
2021.09.09 13:14:00 LOG7[9]: TLS state (connect): SSLv3/TLS write change cipher spec
2021.09.09 13:14:00 LOG7[9]: TLS state (connect): SSLv3/TLS write finished
2021.09.09 13:14:00 LOG7[9]: TLS state (connect): SSLv3/TLS write finished
2021.09.09 13:14:00 LOG7[9]: TLS state (connect): SSLv3/TLS read server session \
ticket 2021.09.09 13:14:00 LOG7[9]: TLS state (connect): SSLv3/TLS read change cipher \
spec 2021.09.09 13:14:00 LOG7[9]: TLS state (connect): SSLv3/TLS read finished
2021.09.09 13:14:00 LOG7[9]: New session callback
2021.09.09 13:14:00 LOG7[9]: Peer certificate was cached (2037 bytes)
2021.09.09 13:14:00 LOG6[9]: Session id: \
DC783240F69C6910A2F8B9829504840EF619E30A14FEA982C944FBFB6828555F 2021.09.09 13:14:00 \
LOG7[9]: 1 client connect(s) requested 2021.09.09 13:14:00 LOG7[9]: 1 \
client connect(s) succeeded 2021.09.09 13:14:00 LOG7[9]: 0 client \
renegotiation(s) requested 2021.09.09 13:14:00 LOG7[9]: 0 session reuse(s)
2021.09.09 13:14:00 LOG6[9]: TLS connected: new session negotiated
2021.09.09 13:14:00 LOG6[9]: TLSv1.2 ciphersuite: AES128-GCM-SHA256 (128-bit \
encryption) 2021.09.09 13:14:00 LOG3[9]: SSL_get_peer_tmp_key: Peer suddenly \
disconnected 2021.09.09 13:14:00 LOG7[9]: Compression: null, expansion: null
2021.09.09 13:14:01 LOG6[9]: Read socket closed (readsocket)
2021.09.09 13:14:01 LOG7[9]: Sending close_notify alert
2021.09.09 13:14:01 LOG6[9]: socket fd: Broken pipe (32)
2021.09.09 13:14:01 LOG7[9]: TLS alert (write): warning: close notify
2021.09.09 13:14:01 LOG6[9]: SSL_shutdown successfully sent close_notify alert
2021.09.09 13:14:01 LOG6[9]: writesocket: Socket is closed
2021.09.09 13:14:01 LOG5[9]: Connection closed: 170 byte(s) sent to TLS, 32768 \
byte(s) sent to socket 2021.09.09 13:14:01 LOG7[9]: Remote descriptor (FD=10) closed
2021.09.09 13:14:01 LOG7[9]: Local descriptor (FD=3) closed
2021.09.09 13:14:01 LOG7[9]: Service [squid] finished
2021.09.09 13:14:01 LOG7[ui]: Found 1 ready file descriptor(s)
2021.09.09 13:14:01 LOG7[ui]: FD=4 events=0x1 revents=0x1
2021.09.09 13:14:01 LOG7[ui]: FD=10 events=0x1 revents=0x0
2021.09.09 13:14:01 LOG7[ui]: Dispatching a signal from the signal pipe
2021.09.09 13:14:01 LOG7[ui]: Processing SIGCHLD
2021.09.09 13:14:01 LOG7[ui]: Retrieving pid statuses with waitpid()
2021.09.09 13:14:01 LOG6[ui]: Process 1934 finished with code 0
2021.09.09 13:14:03 LOG7[ui]: Found 1 ready file descriptor(s)
2021.09.09 13:14:03 LOG7[ui]: FD=4 events=0x1 revents=0x0
2021.09.09 13:14:03 LOG7[ui]: FD=10 events=0x1 revents=0x1
2021.09.09 13:14:03 LOG7[ui]: Service [squid] accepted (FD=3) from <a \
href="http://127.0.0.1:49567">127.0.0.1:49567</a> 2021.09.09 13:14:03 LOG7[10]: \
Service [squid] started 2021.09.09 13:14:03 LOG7[10]: Setting local socket options \
(FD=3) 2021.09.09 13:14:03 LOG7[10]: Option TCP_NODELAY set on local socket
2021.09.09 13:14:03 LOG5[10]: Service [squid] accepted connection from <a \
href="http://127.0.0.1:49567">127.0.0.1:49567</a> 2021.09.09 13:14:03 LOG6[10]: \
s_connect: connecting <a href="http://44.44.44.44:522">44.44.44.44:522</a> 2021.09.09 \
13:14:03 LOG7[10]: s_connect: s_poll_wait <a \
href="http://44.44.44.44:522">44.44.44.44:522</a>: waiting 10 seconds 2021.09.09 \
13:14:03 LOG7[10]: FD=6 events=0x1 revents=0x0 2021.09.09 13:14:03 LOG7[10]: FD=10 \
events=0x5 revents=0x0 2021.09.09 13:14:03 LOG5[10]: s_connect: connected <a \
href="http://44.44.44.44:522">44.44.44.44:522</a> 2021.09.09 13:14:03 LOG5[10]: \
Service [squid] connected remote server from <a \
href="http://10.1.3.57:42843">10.1.3.57:42843</a> 2021.09.09 13:14:03 LOG7[10]: \
Setting remote socket options (FD=10) 2021.09.09 13:14:03 LOG7[10]: Option \
TCP_NODELAY set on remote socket 2021.09.09 13:14:03 LOG7[10]: Remote descriptor \
(FD=10) initialized 2021.09.09 13:14:03 LOG6[10]: SNI: sending servername: \
44.44.44.44 2021.09.09 13:14:03 LOG6[10]: Peer certificate not required
2021.09.09 13:14:03 LOG7[10]: TLS state (connect): before SSL initialization
2021.09.09 13:14:03 LOG7[10]: Initializing application specific data for session \
authenticated 2021.09.09 13:14:03 LOG7[10]: TLS state (connect): SSLv3/TLS write \
client hello 2021.09.09 13:14:03 LOG7[10]: TLS state (connect): SSLv3/TLS write \
client hello 2021.09.09 13:14:03 LOG7[10]: TLS state (connect): SSLv3/TLS read server \
hello 2021.09.09 13:14:03 LOG6[10]: Certificate verification disabled
2021.09.09 13:14:03 LOG6[10]: Certificate verification disabled
2021.09.09 13:14:03 LOG7[10]: TLS state (connect): SSLv3/TLS read server certificate
2021.09.09 13:14:03 LOG6[10]: Client certificate not requested
2021.09.09 13:14:03 LOG7[10]: TLS state (connect): SSLv3/TLS read server done
2021.09.09 13:14:03 LOG7[10]: TLS state (connect): SSLv3/TLS write client key \
exchange 2021.09.09 13:14:03 LOG7[10]: TLS state (connect): SSLv3/TLS write change \
cipher spec 2021.09.09 13:14:03 LOG7[10]: TLS state (connect): SSLv3/TLS write \
finished 2021.09.09 13:14:03 LOG7[10]: TLS state (connect): SSLv3/TLS write finished
2021.09.09 13:14:03 LOG7[10]: TLS state (connect): SSLv3/TLS read server session \
ticket 2021.09.09 13:14:03 LOG7[10]: TLS state (connect): SSLv3/TLS read change \
cipher spec 2021.09.09 13:14:03 LOG7[10]: TLS state (connect): SSLv3/TLS read \
finished 2021.09.09 13:14:03 LOG7[10]: New session callback
2021.09.09 13:14:03 LOG7[10]: Peer certificate was cached (2037 bytes)
2021.09.09 13:14:03 LOG6[10]: Session id: \
85FD50E2A9D57B12D315C834EBA949CF015B7776C6A18486B06CE53F4C52D689 2021.09.09 13:14:03 \
LOG7[10]: 1 client connect(s) requested 2021.09.09 13:14:03 LOG7[10]: 1 \
client connect(s) succeeded 2021.09.09 13:14:03 LOG7[10]: 0 client \
renegotiation(s) requested 2021.09.09 13:14:03 LOG7[10]: 0 session reuse(s)
2021.09.09 13:14:03 LOG6[10]: TLS connected: new session negotiated
2021.09.09 13:14:03 LOG6[10]: TLSv1.2 ciphersuite: AES128-GCM-SHA256 (128-bit \
encryption) 2021.09.09 13:14:03 LOG3[10]: SSL_get_peer_tmp_key: Peer suddenly \
disconnected 2021.09.09 13:14:03 LOG7[10]: Compression: null, expansion: null
2021.09.09 13:14:03 LOG7[ui]: Found 1 ready file descriptor(s)
2021.09.09 13:14:03 LOG7[ui]: FD=4 events=0x1 revents=0x0
2021.09.09 13:14:03 LOG7[ui]: FD=10 events=0x1 revents=0x1
2021.09.09 13:14:03 LOG7[ui]: Service [squid] accepted (FD=3) from <a \
href="http://127.0.0.1:49569">127.0.0.1:49569</a> 2021.09.09 13:14:03 LOG7[11]: \
Service [squid] started 2021.09.09 13:14:03 LOG7[11]: Setting local socket options \
(FD=3) 2021.09.09 13:14:03 LOG7[11]: Option TCP_NODELAY set on local socket
2021.09.09 13:14:03 LOG5[11]: Service [squid] accepted connection from <a \
href="http://127.0.0.1:49569">127.0.0.1:49569</a> 2021.09.09 13:14:03 LOG6[11]: \
s_connect: connecting <a href="http://44.44.44.44:522">44.44.44.44:522</a> 2021.09.09 \
13:14:03 LOG7[11]: s_connect: s_poll_wait <a \
href="http://44.44.44.44:522">44.44.44.44:522</a>: waiting 10 seconds 2021.09.09 \
13:14:03 LOG7[11]: FD=6 events=0x1 revents=0x0 2021.09.09 13:14:03 LOG7[11]: FD=10 \
events=0x5 revents=0x0 2021.09.09 13:14:03 LOG5[11]: s_connect: connected <a \
href="http://44.44.44.44:522">44.44.44.44:522</a> 2021.09.09 13:14:03 LOG5[11]: \
Service [squid] connected remote server from <a \
href="http://10.1.3.57:42845">10.1.3.57:42845</a> 2021.09.09 13:14:03 LOG6[10]: Read \
socket closed (readsocket) 2021.09.09 13:14:03 LOG7[11]: Setting remote socket \
options (FD=10) 2021.09.09 13:14:03 LOG7[11]: Option TCP_NODELAY set on remote socket
2021.09.09 13:14:03 LOG7[11]: Remote descriptor (FD=10) initialized
2021.09.09 13:14:03 LOG7[10]: Sending close_notify alert
2021.09.09 13:14:03 LOG6[11]: SNI: sending servername: 44.44.44.44
2021.09.09 13:14:03 LOG6[10]: socket fd: Broken pipe (32)
2021.09.09 13:14:03 LOG6[11]: Peer certificate not required
2021.09.09 13:14:03 LOG7[10]: TLS alert (write): warning: close notify
2021.09.09 13:14:03 LOG6[10]: SSL_shutdown successfully sent close_notify alert
2021.09.09 13:14:03 LOG6[10]: writesocket: Socket is closed
2021.09.09 13:14:03 LOG7[11]: TLS state (connect): before SSL \
initialization2021.09.09 13:14:03 LOG5[10]: Connection closed: 170 byte(s) sent to \
TLS, 32768 byte(s) sent to socket
2021.09.09 13:14:03 LOG7[11]: Initializing application specific data for session \
authenticated 2021.09.09 13:14:03 LOG7[10]: Remote descriptor (FD=10) closed
2021.09.09 13:14:03 LOG7[10]: Local descriptor (FD=3) closed
2021.09.09 13:14:03 LOG7[10]: Service [squid] finished
2021.09.09 13:14:03 LOG7[ui]: Found 1 ready file descriptor(s)
2021.09.09 13:14:03 LOG7[ui]: FD=4 events=0x1 revents=0x1
2021.09.09 13:14:03 LOG7[ui]: FD=10 events=0x1 revents=0x0
2021.09.09 13:14:03 LOG7[ui]: Dispatching a signal from the signal pipe
2021.09.09 13:14:03 LOG7[ui]: Processing SIGCHLD
2021.09.09 13:14:03 LOG7[ui]: Retrieving pid statuses with waitpid()
2021.09.09 13:14:03 LOG6[ui]: Process 1937 finished with code 0
2021.09.09 13:14:03 LOG7[11]: TLS state (connect): SSLv3/TLS write client hello
2021.09.09 13:14:03 LOG7[11]: TLS state (connect): SSLv3/TLS write client hello
2021.09.09 13:14:03 LOG7[11]: TLS state (connect): SSLv3/TLS read server hello
2021.09.09 13:14:03 LOG6[11]: Certificate verification disabled
2021.09.09 13:14:03 LOG6[11]: Certificate verification disabled
2021.09.09 13:14:03 LOG7[11]: TLS state (connect): SSLv3/TLS read server certificate
2021.09.09 13:14:03 LOG6[11]: Client certificate not requested
2021.09.09 13:14:03 LOG7[11]: TLS state (connect): SSLv3/TLS read server done
2021.09.09 13:14:03 LOG7[11]: TLS state (connect): SSLv3/TLS write client key \
exchange 2021.09.09 13:14:03 LOG7[11]: TLS state (connect): SSLv3/TLS write change \
cipher spec 2021.09.09 13:14:03 LOG7[11]: TLS state (connect): SSLv3/TLS write \
finished 2021.09.09 13:14:03 LOG7[11]: TLS state (connect): SSLv3/TLS write finished
2021.09.09 13:14:03 LOG7[11]: TLS state (connect): SSLv3/TLS read server session \
ticket 2021.09.09 13:14:03 LOG7[11]: TLS state (connect): SSLv3/TLS read change \
cipher spec 2021.09.09 13:14:03 LOG7[11]: TLS state (connect): SSLv3/TLS read \
finished 2021.09.09 13:14:03 LOG7[11]: New session callback
2021.09.09 13:14:03 LOG7[11]: Peer certificate was cached (2037 bytes)
2021.09.09 13:14:03 LOG6[11]: Session id: \
B171BF0D4CDB808D50C3CE4CDAA6AE53F2396068A9BD947D8277294F91CCFBFE 2021.09.09 13:14:03 \
LOG7[11]: 1 client connect(s) requested 2021.09.09 13:14:03 LOG7[11]: 1 \
client connect(s) succeeded 2021.09.09 13:14:03 LOG7[11]: 0 client \
renegotiation(s) requested 2021.09.09 13:14:03 LOG7[11]: 0 session reuse(s)
2021.09.09 13:14:03 LOG6[11]: TLS connected: new session negotiated
2021.09.09 13:14:03 LOG6[11]: TLSv1.2 ciphersuite: AES128-GCM-SHA256 (128-bit \
encryption) 2021.09.09 13:14:03 LOG3[11]: SSL_get_peer_tmp_key: Peer suddenly \
disconnected 2021.09.09 13:14:03 LOG7[11]: Compression: null, expansion: null
2021.09.09 13:14:03 LOG6[11]: Read socket closed (readsocket)
2021.09.09 13:14:03 LOG7[11]: Sending close_notify alert
2021.09.09 13:14:03 LOG6[11]: socket fd: Broken pipe (32)
2021.09.09 13:14:03 LOG7[11]: TLS alert (write): warning: close notify
2021.09.09 13:14:03 LOG6[11]: SSL_shutdown successfully sent close_notify alert
2021.09.09 13:14:03 LOG6[11]: writesocket: Socket is closed
2021.09.09 13:14:03 LOG5[11]: Connection closed: 170 byte(s) sent to TLS, 32768 \
byte(s) sent to socket 2021.09.09 13:14:03 LOG7[11]: Remote descriptor (FD=10) closed
2021.09.09 13:14:03 LOG7[11]: Local descriptor (FD=3) closed
2021.09.09 13:14:03 LOG7[11]: Service [squid] finished
2021.09.09 13:14:03 LOG7[ui]: Found 1 ready file descriptor(s)
2021.09.09 13:14:03 LOG7[ui]: FD=4 events=0x1 revents=0x1
2021.09.09 13:14:03 LOG7[ui]: FD=10 events=0x1 revents=0x0
2021.09.09 13:14:03 LOG7[ui]: Dispatching a signal from the signal pipe
2021.09.09 13:14:03 LOG7[ui]: Processing SIGCHLD
2021.09.09 13:14:03 LOG7[ui]: Retrieving pid statuses with waitpid()
2021.09.09 13:14:03 LOG6[ui]: Process 1938 finished with code 0
</code></pre><p style="margin-top:0px;margin-right:0px;margin-left:0px;padding:0px;bor \
der:0px;font-variant-numeric:inherit;font-variant-east-asian:inherit;font-stretch:inherit;line-height:inherit;font-family:-apple-system,BlinkMacSystemFont,"Segoe \
UI","Liberation \
Sans",sans-serif;font-size:15px;vertical-align:baseline;box-sizing:inherit;clear:both;color:rgb(35,38,41)">If \
i test with s_client: openssl s_client -connect <a \
href="http://44.44.44.44:522">44.44.44.44:522</a> -reconnect</p><p \
style="margin-top:0px;margin-right:0px;margin-left:0px;padding:0px;border:0px;font-var \
iant-numeric:inherit;font-variant-east-asian:inherit;font-stretch:inherit;line-height:inherit;font-family:-apple-system,BlinkMacSystemFont,"Segoe \
UI","Liberation \
Sans",sans-serif;font-size:15px;vertical-align:baseline;box-sizing:inherit;clear:both;color:rgb(35,38,41)">I \
see TLS reused every time.</p><p \
style="margin-top:0px;margin-right:0px;margin-left:0px;padding:0px;border:0px;font-var \
iant-numeric:inherit;font-variant-east-asian:inherit;font-stretch:inherit;line-height:inherit;font-family:-apple-system,BlinkMacSystemFont,"Segoe \
UI","Liberation \
Sans",sans-serif;font-size:15px;vertical-align:baseline;box-sizing:inherit;clear:both;color:rgb(35,38,41)"><br></p><p \
style="margin-top:0px;margin-right:0px;margin-left:0px;padding:0px;border:0px;font-var \
iant-numeric:inherit;font-variant-east-asian:inherit;font-stretch:inherit;line-height:inherit;font-family:-apple-system,BlinkMacSystemFont,"Segoe \
UI","Liberation \
Sans",sans-serif;font-size:15px;vertical-align:baseline;box-sizing:inherit;clear:both;color:rgb(35,38,41)">Thank \
you!</p></div></div>
_______________________________________________
stunnel-users mailing list -- stunnel-users@stunnel.org
To unsubscribe send an email to stunnel-users-leave@stunnel.org
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic