Testing PKCS#11 auth... 
warning: skipping unknown option 'cookie-validity'
Parsing plain auth method subconfig using legacy format
note: setting 'certificate+plain' as primary authentication method
note: setting 'file' as supplemental config option
listening (TCP) on 0.0.0.0:443...
listening (TCP) on [::]:443...
listening (UDP) on 0.0.0.0:443...
listening (UDP) on [::]:443...
ocserv[17291]: main: not using control unix socket
ocserv[17291]: main: initialized ocserv 0.12.1
ocserv[17293]: sec-mod: reading supplemental config from files
ocserv[17293]: sec-mod: sec-mod initialized (socket: ./ocserv-socket.6094e0d8)
Connecting to obtain cookie (token openconnect-test key object=RSA)... POST https://127.0.0.2/
Attempting to connect to server 127.0.0.2:443
Connected to 127.0.0.2:443
Using PKCS#11 certificate pkcs11:token=openconnect-test;object=RSA;type=cert?pin-value=1234
Initializing all PKCS #11 modules
p11: Initializing module: p11-kit-trust
p11: Initializing module: softhsm2
ASSERT: pkcs11.c[compat_load]:889
p11: No login requested.
Trying PKCS#11 key URL pkcs11:token=openconnect-test;object=RSA;type=private?pin-value=1234
p11: Using pin-value to retrieve PIN
p11: Login result = ok (0)
Using PKCS#11 key pkcs11:token=openconnect-test;object=RSA;type=private?pin-value=1234
Using client certificate 'A user'
p11: No login requested.
ASSERT: pkcs11.c[find_cert_cb]:4206
ASSERT: pkcs11.c[find_cert_cb]:4031
p11: No login requested.
ASSERT: pkcs11.c[find_cert_cb]:4206
ASSERT: pkcs11.c[find_cert_cb]:4031
ASSERT: pkcs11.c[gnutls_pkcs11_get_raw_issuer]:4302
Got no issuer from PKCS#11
ASSERT: x509_ext.c[gnutls_subject_alt_names_get]:110
ASSERT: x509.c[get_alt_name]:1815
REC[0x8006c0]: Allocating epoch #0
added 6 protocols, 29 ciphersuites, 18 sig algos and 9 groups into priority list
SSL negotiation with 127.0.0.2
REC[0x8006c0]: Allocating epoch #1
HSK[0x8006c0]: Adv. version: 3.3
Keeping ciphersuite 13.02 (GNUTLS_AES_256_GCM_SHA384)
Keeping ciphersuite 13.03 (GNUTLS_CHACHA20_POLY1305_SHA256)
Keeping ciphersuite 13.01 (GNUTLS_AES_128_GCM_SHA256)
Keeping ciphersuite 13.04 (GNUTLS_AES_128_CCM_SHA256)
Keeping ciphersuite c0.2c (GNUTLS_ECDHE_ECDSA_AES_256_GCM_SHA384)
Keeping ciphersuite cc.a9 (GNUTLS_ECDHE_ECDSA_CHACHA20_POLY1305)
Keeping ciphersuite c0.ad (GNUTLS_ECDHE_ECDSA_AES_256_CCM)
Keeping ciphersuite c0.0a (GNUTLS_ECDHE_ECDSA_AES_256_CBC_SHA1)
Keeping ciphersuite c0.2b (GNUTLS_ECDHE_ECDSA_AES_128_GCM_SHA256)
Keeping ciphersuite c0.ac (GNUTLS_ECDHE_ECDSA_AES_128_CCM)
Keeping ciphersuite c0.09 (GNUTLS_ECDHE_ECDSA_AES_128_CBC_SHA1)
Keeping ciphersuite c0.30 (GNUTLS_ECDHE_RSA_AES_256_GCM_SHA384)
Keeping ciphersuite cc.a8 (GNUTLS_ECDHE_RSA_CHACHA20_POLY1305)
Keeping ciphersuite c0.14 (GNUTLS_ECDHE_RSA_AES_256_CBC_SHA1)
Keeping ciphersuite c0.2f (GNUTLS_ECDHE_RSA_AES_128_GCM_SHA256)
Keeping ciphersuite c0.13 (GNUTLS_ECDHE_RSA_AES_128_CBC_SHA1)
Keeping ciphersuite 00.9d (GNUTLS_RSA_AES_256_GCM_SHA384)
Keeping ciphersuite c0.9d (GNUTLS_RSA_AES_256_CCM)
Keeping ciphersuite 00.35 (GNUTLS_RSA_AES_256_CBC_SHA1)
Keeping ciphersuite 00.9c (GNUTLS_RSA_AES_128_GCM_SHA256)
Keeping ciphersuite c0.9c (GNUTLS_RSA_AES_128_CCM)
Keeping ciphersuite 00.2f (GNUTLS_RSA_AES_128_CBC_SHA1)
Keeping ciphersuite 00.9f (GNUTLS_DHE_RSA_AES_256_GCM_SHA384)
Keeping ciphersuite cc.aa (GNUTLS_DHE_RSA_CHACHA20_POLY1305)
Keeping ciphersuite c0.9f (GNUTLS_DHE_RSA_AES_256_CCM)
Keeping ciphersuite 00.39 (GNUTLS_DHE_RSA_AES_256_CBC_SHA1)
Keeping ciphersuite 00.9e (GNUTLS_DHE_RSA_AES_128_GCM_SHA256)
Keeping ciphersuite c0.9e (GNUTLS_DHE_RSA_AES_128_CCM)
Keeping ciphersuite 00.33 (GNUTLS_DHE_RSA_AES_128_CBC_SHA1)
EXT[0x8006c0]: Preparing extension (Maximum Record Size/1) for 'client hello'
EXT[0x8006c0]: Preparing extension (OCSP Status Request/5) for 'client hello'
EXT[0x8006c0]: Sending extension OCSP Status Request/5 (5 bytes)
EXT[0x8006c0]: Preparing extension (Client Certificate Type/19) for 'client hello'
EXT[0x8006c0]: Preparing extension (Server Certificate Type/20) for 'client hello'
EXT[0x8006c0]: Preparing extension (Supported Groups/10) for 'client hello'
EXT[0x8006c0]: Sent group SECP256R1 (0x17)
EXT[0x8006c0]: Sent group SECP384R1 (0x18)
EXT[0x8006c0]: Sent group SECP521R1 (0x19)
EXT[0x8006c0]: Sent group X25519 (0x1d)
EXT[0x8006c0]: Sent group FFDHE2048 (0x100)
EXT[0x8006c0]: Sent group FFDHE3072 (0x101)
EXT[0x8006c0]: Sent group FFDHE4096 (0x102)
EXT[0x8006c0]: Sent group FFDHE6144 (0x103)
EXT[0x8006c0]: Sent group FFDHE8192 (0x104)
EXT[0x8006c0]: Sending extension Supported Groups/10 (20 bytes)
EXT[0x8006c0]: Preparing extension (Supported EC Point Formats/11) for 'client hello'
EXT[0x8006c0]: Sending extension Supported EC Point Formats/11 (2 bytes)
EXT[0x8006c0]: Preparing extension (SRP/12) for 'client hello'
EXT[0x8006c0]: Preparing extension (Signature Algorithms/13) for 'client hello'
EXT[0x8006c0]: sent signature algo (4.1) RSA-SHA256
EXT[0x8006c0]: sent signature algo (8.9) RSA-PSS-SHA256
EXT[0x8006c0]: sent signature algo (8.4) RSA-PSS-RSAE-SHA256
EXT[0x8006c0]: sent signature algo (4.3) ECDSA-SHA256
EXT[0x8006c0]: sent signature algo (8.7) EdDSA-Ed25519
EXT[0x8006c0]: sent signature algo (5.1) RSA-SHA384
EXT[0x8006c0]: sent signature algo (8.10) RSA-PSS-SHA384
EXT[0x8006c0]: sent signature algo (8.5) RSA-PSS-RSAE-SHA384
EXT[0x8006c0]: sent signature algo (5.3) ECDSA-SHA384
EXT[0x8006c0]: sent signature algo (6.1) RSA-SHA512
EXT[0x8006c0]: sent signature algo (8.11) RSA-PSS-SHA512
EXT[0x8006c0]: sent signature algo (8.6) RSA-PSS-RSAE-SHA512
EXT[0x8006c0]: sent signature algo (6.3) ECDSA-SHA512
EXT[0x8006c0]: sent signature algo (2.1) RSA-SHA1
EXT[0x8006c0]: sent signature algo (2.3) ECDSA-SHA1
EXT[0x8006c0]: Sending extension Signature Algorithms/13 (32 bytes)
EXT[0x8006c0]: Preparing extension (SRTP/14) for 'client hello'
EXT[0x8006c0]: Preparing extension (Heartbeat/15) for 'client hello'
EXT[0x8006c0]: Preparing extension (ALPN/16) for 'client hello'
EXT[0x8006c0]: Preparing extension (Encrypt-then-MAC/22) for 'client hello'
EXT[0x8006c0]: Preparing extension (Extended Master Secret/23) for 'client hello'
EXT[0x8006c0]: Preparing extension (Session Ticket/35) for 'client hello'
EXT[0x8006c0]: Sending extension Session Ticket/35 (0 bytes)
EXT[0x8006c0]: Preparing extension (Key Share/51) for 'client hello'
EXT[0x8006c0]: sending key share for SECP256R1
ASSERT: mpi.c[wrap_nettle_mpi_print]:60
ASSERT: mpi.c[wrap_nettle_mpi_print]:60
EXT[0x8006c0]: sending key share for X25519
EXT[0x8006c0]: Sending extension Key Share/51 (107 bytes)
EXT[0x8006c0]: Preparing extension (Supported Versions/43) for 'client hello'
Advertizing version 3.4
Advertizing version 3.3
Advertizing version 3.2
Advertizing version 3.1
EXT[0x8006c0]: Sending extension Supported Versions/43 (9 bytes)
EXT[0x8006c0]: Preparing extension (Post Handshake Auth/49) for 'client hello'
EXT[0x8006c0]: Preparing extension (Safe Renegotiation/65281) for 'client hello'
EXT[0x8006c0]: Sending extension Safe Renegotiation/65281 (1 bytes)
EXT[0x8006c0]: Preparing extension (Server Name Indication/0) for 'client hello'
EXT[0x8006c0]: Preparing extension (Cookie/44) for 'client hello'
EXT[0x8006c0]: Preparing extension (Early Data/42) for 'client hello'
EXT[0x8006c0]: Preparing extension (PSK Key Exchange Modes/45) for 'client hello'
EXT[0x8006c0]: Sending extension PSK Key Exchange Modes/45 (3 bytes)
EXT[0x8006c0]: Preparing extension (Record Size Limit/28) for 'client hello'
EXT[0x8006c0]: Sending extension Record Size Limit/28 (2 bytes)
EXT[0x8006c0]: Preparing extension (ClientHello Padding/21) for 'client hello'
EXT[0x8006c0]: Sending extension ClientHello Padding/21 (184 bytes)
EXT[0x8006c0]: Preparing extension (Pre Shared Key/41) for 'client hello'
HSK[0x8006c0]: CLIENT HELLO was queued [512 bytes]
HWRITE: enqueued [CLIENT HELLO] 512. Total 512 bytes.
HWRITE FLUSH: 512 bytes in buffer.
REC[0x8006c0]: Preparing Packet Handshake(22) with length: 512 and min pad: 0
ENC[0x8006c0]: cipher: NULL, MAC: MAC-NULL, Epoch: 0
WRITE: enqueued 517 bytes for 0x5. Total 517 bytes.
REC[0x8006c0]: Sent Packet[1] Handshake(22) in epoch 0 and length: 517
HWRITE: wrote 1 bytes, 0 bytes left.
WRITE FLUSH: 517 bytes in buffer.
WRITE: wrote 517 bytes, 0 bytes left.
ASSERT: buffers.c[get_last_packet]:1171
READ: Got 5 bytes from 0x5
READ: read 5 bytes from 0x5
RB: Have 0 bytes into buffer. Adding 5 bytes.
RB: Requested 5 bytes
REC[0x8006c0]: SSL 3.3 Handshake packet received. Epoch 0, length: 123
REC[0x8006c0]: Expected Packet Handshake(22)
REC[0x8006c0]: Received Packet Handshake(22) with length: 123
READ: Got 123 bytes from 0x5
READ: read 123 bytes from 0x5
RB: Have 5 bytes into buffer. Adding 123 bytes.
RB: Requested 128 bytes
REC[0x8006c0]: Decrypted Packet[0] Handshake(22) with length: 123
BUF[REC]: Inserted 123 bytes of Data(22)
HSK[0x8006c0]: SERVER HELLO (2) was received. Length 119[119], frag offset 0, frag length: 119, sequence: 0
ASSERT: buffers.c[get_last_packet]:1162
ASSERT: buffers.c[_gnutls_handshake_io_recv_int]:1413
HSK[0x8006c0]: Server's version: 3.3
EXT[0x8006c0]: Parsing extension 'Supported Versions/43' (2 bytes)
EXT[0x8006c0]: Negotiated version: 3.4
HSK[0x8006c0]: Selected cipher suite: GNUTLS_AES_128_GCM_SHA256
EXT[0x8006c0]: Parsing extension 'Key Share/51' (69 bytes)
HSK[0x8006c0]: Selected group SECP256R1 (2)
EXT[0x8006c0]: client generated SECP256R1 shared key
HWRITE: enqueued [CHANGE CIPHER SPEC] 1. Total 1 bytes.
HWRITE FLUSH: 1 bytes in buffer.
REC[0x8006c0]: Preparing Packet ChangeCipherSpec(20) with length: 1 and min pad: 0
ENC[0x8006c0]: cipher: NULL, MAC: MAC-NULL, Epoch: 0
WRITE: enqueued 6 bytes for 0x5. Total 6 bytes.
REC[0x8006c0]: Sent Packet[2] ChangeCipherSpec(20) in epoch 0 and length: 6
HWRITE: wrote 1 bytes, 0 bytes left.
WRITE FLUSH: 6 bytes in buffer.
WRITE: wrote 6 bytes, 0 bytes left.
REC[0x8006c0]: Sent ChangeCipherSpec
REC[0x8006c0]: Initializing epoch #1
INT: CLIENT WRITE KEY [16]: 6ddf0c97d807f626cf2a0b9ceee46713
INT: SERVER WRITE KEY [16]: a2ce27adeedf7e06c202e0bf9726d43d
INT: CLIENT WRITE IV [12]: f4b0048fa50859f3d42f6634
INT: SERVER WRITE IV [12]: e88502c6f778315285489c6b
REC[0x8006c0]: Epoch #1 ready
HSK[0x8006c0]: TLS 1.3 re-key with cipher suite: GNUTLS_AES_128_GCM_SHA256
ASSERT: buffers.c[get_last_packet]:1171
READ: Got 5 bytes from 0x5
READ: read 5 bytes from 0x5
RB: Have 0 bytes into buffer. Adding 5 bytes.
RB: Requested 5 bytes
REC[0x8006c0]: SSL 3.3 ChangeCipherSpec packet received. Epoch 1, length: 1
REC[0x8006c0]: Expected Packet Handshake(22)
REC[0x8006c0]: Received Packet ChangeCipherSpec(20) with length: 1
READ: Got 1 bytes from 0x5
READ: read 1 bytes from 0x5
RB: Have 5 bytes into buffer. Adding 1 bytes.
RB: Requested 6 bytes
discarding change cipher spec in TLS1.3
READ: Got 5 bytes from 0x5
READ: read 5 bytes from 0x5
RB: Have 0 bytes into buffer. Adding 5 bytes.
RB: Requested 5 bytes
REC[0x8006c0]: SSL 3.3 Application Data packet received. Epoch 1, length: 29
REC[0x8006c0]: Expected Packet Handshake(22)
REC[0x8006c0]: Received Packet Application Data(23) with length: 29
READ: Got 29 bytes from 0x5
READ: read 29 bytes from 0x5
RB: Have 5 bytes into buffer. Adding 29 bytes.
RB: Requested 34 bytes
REC[0x8006c0]: Decrypted Packet[0] Handshake(22) with length: 12
BUF[REC]: Inserted 12 bytes of Data(22)
HSK[0x8006c0]: ENCRYPTED EXTENSIONS (8) was received. Length 8[8], frag offset 0, frag length: 8, sequence: 0
HSK[0x8006c0]: parsing encrypted extensions
EXT[0x8006c0]: Parsing extension 'Record Size Limit/28' (2 bytes)
ASSERT: buffers.c[get_last_packet]:1171
READ: Got 5 bytes from 0x5
READ: read 5 bytes from 0x5
RB: Have 0 bytes into buffer. Adding 5 bytes.
RB: Requested 5 bytes
REC[0x8006c0]: SSL 3.3 Application Data packet received. Epoch 1, length: 85
REC[0x8006c0]: Expected Packet Handshake(22)
REC[0x8006c0]: Received Packet Application Data(23) with length: 85
READ: Got 85 bytes from 0x5
READ: read 85 bytes from 0x5
RB: Have 5 bytes into buffer. Adding 85 bytes.
RB: Requested 90 bytes
REC[0x8006c0]: Decrypted Packet[1] Handshake(22) with length: 68
BUF[REC]: Inserted 68 bytes of Data(22)
HSK[0x8006c0]: CERTIFICATE REQUEST (13) was received. Length 64[64], frag offset 0, frag length: 64, sequence: 0
HSK[0x8006c0]: parsing certificate request
EXT[0x8006c0]: rcvd signature algo (4.1) RSA-SHA256
EXT[0x8006c0]: rcvd signature algo (8.9) RSA-PSS-SHA256
EXT[0x8006c0]: rcvd signature algo (8.4) RSA-PSS-RSAE-SHA256
EXT[0x8006c0]: rcvd signature algo (4.3) ECDSA-SECP256R1-SHA256
EXT[0x8006c0]: rcvd signature algo (8.7) EdDSA-Ed25519
EXT[0x8006c0]: rcvd signature algo (5.1) RSA-SHA384
EXT[0x8006c0]: rcvd signature algo (8.10) RSA-PSS-SHA384
EXT[0x8006c0]: rcvd signature algo (8.5) RSA-PSS-RSAE-SHA384
EXT[0x8006c0]: rcvd signature algo (5.3) ECDSA-SECP384R1-SHA384
EXT[0x8006c0]: rcvd signature algo (6.1) RSA-SHA512
EXT[0x8006c0]: rcvd signature algo (8.11) RSA-PSS-SHA512
EXT[0x8006c0]: rcvd signature algo (8.6) RSA-PSS-RSAE-SHA512
EXT[0x8006c0]: rcvd signature algo (6.3) ECDSA-SECP521R1-SHA512
EXT[0x8006c0]: rcvd signature algo (2.1) RSA-SHA1
EXT[0x8006c0]: rcvd signature algo (2.3) ECDSA-SHA1
EXT[0x8006c0]: rcvd signature algo (2.2) (null)
Peer requested CA: CN=CA
ASSERT: buffers.c[get_last_packet]:1171
READ: Got 5 bytes from 0x5
READ: read 5 bytes from 0x5
RB: Have 0 bytes into buffer. Adding 5 bytes.
RB: Requested 5 bytes
REC[0x8006c0]: SSL 3.3 Application Data packet received. Epoch 1, length: 947
REC[0x8006c0]: Expected Packet Handshake(22)
REC[0x8006c0]: Received Packet Application Data(23) with length: 947
READ: Got 947 bytes from 0x5
READ: read 947 bytes from 0x5
RB: Have 5 bytes into buffer. Adding 947 bytes.
RB: Requested 952 bytes
REC[0x8006c0]: Decrypted Packet[2] Handshake(22) with length: 930
BUF[REC]: Inserted 930 bytes of Data(22)
HSK[0x8006c0]: CERTIFICATE (11) was received. Length 926[926], frag offset 0, frag length: 926, sequence: 0
HSK[0x8006c0]: parsing certificate message
ASSERT: buffers.c[get_last_packet]:1171
READ: Got 5 bytes from 0x5
READ: read 5 bytes from 0x5
RB: Have 0 bytes into buffer. Adding 5 bytes.
RB: Requested 5 bytes
REC[0x8006c0]: SSL 3.3 Application Data packet received. Epoch 1, length: 329
REC[0x8006c0]: Expected Packet Handshake(22)
REC[0x8006c0]: Received Packet Application Data(23) with length: 329
READ: Got 329 bytes from 0x5
READ: read 329 bytes from 0x5
RB: Have 5 bytes into buffer. Adding 329 bytes.
RB: Requested 334 bytes
REC[0x8006c0]: Decrypted Packet[3] Handshake(22) with length: 312
BUF[REC]: Inserted 312 bytes of Data(22)
HSK[0x8006c0]: CERTIFICATE VERIFY (15) was received. Length 308[308], frag offset 0, frag length: 308, sequence: 0
HSK[0x8006c0]: Parsing certificate verify
HSK[0x8006c0]: verifying TLS 1.3 handshake data using RSA-PSS-RSAE-SHA256
ASSERT: mpi.c[wrap_nettle_mpi_print]:60
ASSERT: mpi.c[wrap_nettle_mpi_print]:60
ASSERT: ocsp-api.c[gnutls_ocsp_status_request_get2]:99
ASSERT: verify.c[verify_crt]:663
ASSERT: verify.c[verify_crt]:815
ASSERT: verify.c[_gnutls_verify_crt_status]:985
issuer in verification was not found or insecure; trying against trust list
ASSERT: verify.c[verify_crt]:663
ASSERT: verify.c[verify_crt]:815
ASSERT: verify.c[_gnutls_verify_crt_status]:985
ASSERT: verify-high.c[gnutls_x509_trust_list_verify_crt2]:1374
Server certificate verify failed: signer not found
ASSERT: common.c[_gnutls_copy_data]:1611
ASSERT: x509.c[gnutls_x509_crt_export]:2922
ASSERT: buffers.c[get_last_packet]:1171
READ: Got 5 bytes from 0x5
READ: read 5 bytes from 0x5
RB: Have 0 bytes into buffer. Adding 5 bytes.
RB: Requested 5 bytes
REC[0x8006c0]: SSL 3.3 Application Data packet received. Epoch 1, length: 53
REC[0x8006c0]: Expected Packet Handshake(22)
REC[0x8006c0]: Received Packet Application Data(23) with length: 53
READ: Got 53 bytes from 0x5
READ: read 53 bytes from 0x5
RB: Have 5 bytes into buffer. Adding 53 bytes.
RB: Requested 58 bytes
REC[0x8006c0]: Decrypted Packet[4] Handshake(22) with length: 36
BUF[REC]: Inserted 36 bytes of Data(22)
HSK[0x8006c0]: FINISHED (20) was received. Length 32[32], frag offset 0, frag length: 32, sequence: 0
HSK[0x8006c0]: parsing finished
HSK[0x8006c0]: CERTIFICATE was queued [925 bytes]
HWRITE: enqueued [CERTIFICATE] 925. Total 925 bytes.
checking cert compat with RSA-SHA256
ASSERT: signature.c[_gnutls_session_sign_algo_enabled]:365
Signature algorithm RSA-SHA256 is not enabled
checking cert compat with RSA-PSS-SHA256
checking cert compat with RSA-PSS-RSAE-SHA256
HSK[0x8006c0]: signing TLS 1.3 handshake data: using RSA-PSS-RSAE-SHA256 and PRF: SHA256
HSK[0x8006c0]: CERTIFICATE VERIFY was queued [312 bytes]
HWRITE: enqueued [CERTIFICATE VERIFY] 312. Total 1237 bytes.
HSK[0x8006c0]: sending finished
HSK[0x8006c0]: FINISHED was queued [36 bytes]
HWRITE: enqueued [FINISHED] 36. Total 1273 bytes.
HWRITE FLUSH: 1273 bytes in buffer.
REC[0x8006c0]: Preparing Packet Handshake(22) with length: 925 and min pad: 0
ENC[0x8006c0]: cipher: AES-128-GCM, MAC: AEAD, Epoch: 1
WRITE: enqueued 947 bytes for 0x5. Total 947 bytes.
REC[0x8006c0]: Sent Packet[1] Handshake(22) in epoch 1 and length: 947
HWRITE: wrote 1 bytes, 348 bytes left.
REC[0x8006c0]: Preparing Packet Handshake(22) with length: 312 and min pad: 0
ENC[0x8006c0]: cipher: AES-128-GCM, MAC: AEAD, Epoch: 1
WRITE: enqueued 334 bytes for 0x5. Total 1281 bytes.
REC[0x8006c0]: Sent Packet[2] Handshake(22) in epoch 1 and length: 334
HWRITE: wrote 1 bytes, 36 bytes left.
REC[0x8006c0]: Preparing Packet Handshake(22) with length: 36 and min pad: 0
ENC[0x8006c0]: cipher: AES-128-GCM, MAC: AEAD, Epoch: 1
WRITE: enqueued 58 bytes for 0x5. Total 1339 bytes.
REC[0x8006c0]: Sent Packet[3] Handshake(22) in epoch 1 and length: 58
HWRITE: wrote 1 bytes, 0 bytes left.
WRITE FLUSH: 1339 bytes in buffer.
WRITE: wrote 1339 bytes, 0 bytes left.
ASSERT: constate.c[_gnutls_epoch_get]:901
REC[0x8006c0]: Allocating epoch #2
REC[0x8006c0]: Initializing epoch #2
INT: CLIENT WRITE KEY [16]: 5a2efb631cc5667e947976bfc525b90c
INT: SERVER WRITE KEY [16]: 831882e0d46b6df043ef902522d793b1
INT: CLIENT WRITE IV [12]: d769309259e08fad1ecfa9dc
INT: SERVER WRITE IV [12]: deea6d20a81395c0970bb4a0
REC[0x8006c0]: Epoch #2 ready
HSK[0x8006c0]: TLS 1.3 re-key with cipher suite: GNUTLS_AES_128_GCM_SHA256
BUF[HSK]: Emptied buffer
BUF[HSK]: Emptied buffer
REC[0x8006c0]: Start of epoch cleanup
REC[0x8006c0]: Epoch #0 freed
REC[0x8006c0]: Epoch #1 freed
REC[0x8006c0]: End of epoch cleanup
Connected to HTTPS on 127.0.0.2
REC[0x8006c0]: Preparing Packet Application Data(23) with length: 575 and min pad: 0
ENC[0x8006c0]: cipher: AES-128-GCM, MAC: AEAD, Epoch: 2
WRITE: enqueued 597 bytes for 0x5. Total 597 bytes.
WRITE FLUSH: 597 bytes in buffer.
WRITE: wrote 597 bytes, 0 bytes left.
REC[0x8006c0]: Sent Packet[1] Application Data(23) in epoch 2 and length: 597
READ: -1 returned from 0x5, errno=11 gerrno=0
ASSERT: buffers.c[_gnutls_io_read_buffered]:589
ASSERT: record.c[_gnutls_recv_int]:1759
ocserv[17310]: worker:  client certificate verification succeeded
READ: Got 5 bytes from 0x5
READ: read 5 bytes from 0x5
RB: Have 0 bytes into buffer. Adding 5 bytes.
RB: Requested 5 bytes
REC[0x8006c0]: SSL 3.3 Application Data packet received. Epoch 2, length: 494
REC[0x8006c0]: Expected Packet Application Data(23)
REC[0x8006c0]: Received Packet Application Data(23) with length: 494
READ: Got 494 bytes from 0x5
READ: read 494 bytes from 0x5
RB: Have 5 bytes into buffer. Adding 494 bytes.
RB: Requested 499 bytes
REC[0x8006c0]: Decrypted Packet[0] Application Data(23) with length: 477
BUF[REC]: Inserted 477 bytes of Data(23)
Got HTTP response: HTTP/1.1 200 OK
Set-Cookie: webvpncontext=; expires=Thu, 01 Jan 1970 22:00:00 GMT; path=/; Secure
Content-Type: text/xml
Content-Length: 306
X-Transcend-Version: 1
HTTP body length:  (306)
BUF[HSK]: Emptied buffer
REC[0x8006c0]: Start of epoch cleanup
REC[0x8006c0]: End of epoch cleanup
REC[0x8006c0]: Epoch #2 freed
XML POST enabled
Please enter your username.
POST https://127.0.0.2/auth
REC[0x8006c0]: Allocating epoch #0
added 6 protocols, 29 ciphersuites, 18 sig algos and 9 groups into priority list
SSL negotiation with 127.0.0.2
REC[0x8006c0]: Allocating epoch #1
HSK[0x8006c0]: Adv. version: 3.3
Keeping ciphersuite 13.02 (GNUTLS_AES_256_GCM_SHA384)
Keeping ciphersuite 13.03 (GNUTLS_CHACHA20_POLY1305_SHA256)
Keeping ciphersuite 13.01 (GNUTLS_AES_128_GCM_SHA256)
Keeping ciphersuite 13.04 (GNUTLS_AES_128_CCM_SHA256)
Keeping ciphersuite c0.2c (GNUTLS_ECDHE_ECDSA_AES_256_GCM_SHA384)
Keeping ciphersuite cc.a9 (GNUTLS_ECDHE_ECDSA_CHACHA20_POLY1305)
Keeping ciphersuite c0.ad (GNUTLS_ECDHE_ECDSA_AES_256_CCM)
Keeping ciphersuite c0.0a (GNUTLS_ECDHE_ECDSA_AES_256_CBC_SHA1)
Keeping ciphersuite c0.2b (GNUTLS_ECDHE_ECDSA_AES_128_GCM_SHA256)
Keeping ciphersuite c0.ac (GNUTLS_ECDHE_ECDSA_AES_128_CCM)
Keeping ciphersuite c0.09 (GNUTLS_ECDHE_ECDSA_AES_128_CBC_SHA1)
Keeping ciphersuite c0.30 (GNUTLS_ECDHE_RSA_AES_256_GCM_SHA384)
Keeping ciphersuite cc.a8 (GNUTLS_ECDHE_RSA_CHACHA20_POLY1305)
Keeping ciphersuite c0.14 (GNUTLS_ECDHE_RSA_AES_256_CBC_SHA1)
Keeping ciphersuite c0.2f (GNUTLS_ECDHE_RSA_AES_128_GCM_SHA256)
Keeping ciphersuite c0.13 (GNUTLS_ECDHE_RSA_AES_128_CBC_SHA1)
Keeping ciphersuite 00.9d (GNUTLS_RSA_AES_256_GCM_SHA384)
Keeping ciphersuite c0.9d (GNUTLS_RSA_AES_256_CCM)
Keeping ciphersuite 00.35 (GNUTLS_RSA_AES_256_CBC_SHA1)
Keeping ciphersuite 00.9c (GNUTLS_RSA_AES_128_GCM_SHA256)
Keeping ciphersuite c0.9c (GNUTLS_RSA_AES_128_CCM)
Keeping ciphersuite 00.2f (GNUTLS_RSA_AES_128_CBC_SHA1)
Keeping ciphersuite 00.9f (GNUTLS_DHE_RSA_AES_256_GCM_SHA384)
Keeping ciphersuite cc.aa (GNUTLS_DHE_RSA_CHACHA20_POLY1305)
Keeping ciphersuite c0.9f (GNUTLS_DHE_RSA_AES_256_CCM)
Keeping ciphersuite 00.39 (GNUTLS_DHE_RSA_AES_256_CBC_SHA1)
Keeping ciphersuite 00.9e (GNUTLS_DHE_RSA_AES_128_GCM_SHA256)
Keeping ciphersuite c0.9e (GNUTLS_DHE_RSA_AES_128_CCM)
Keeping ciphersuite 00.33 (GNUTLS_DHE_RSA_AES_128_CBC_SHA1)
EXT[0x8006c0]: Preparing extension (Maximum Record Size/1) for 'client hello'
EXT[0x8006c0]: Preparing extension (OCSP Status Request/5) for 'client hello'
EXT[0x8006c0]: Sending extension OCSP Status Request/5 (5 bytes)
EXT[0x8006c0]: Preparing extension (Client Certificate Type/19) for 'client hello'
EXT[0x8006c0]: Preparing extension (Server Certificate Type/20) for 'client hello'
EXT[0x8006c0]: Preparing extension (Supported Groups/10) for 'client hello'
EXT[0x8006c0]: Sent group SECP256R1 (0x17)
EXT[0x8006c0]: Sent group SECP384R1 (0x18)
EXT[0x8006c0]: Sent group SECP521R1 (0x19)
EXT[0x8006c0]: Sent group X25519 (0x1d)
EXT[0x8006c0]: Sent group FFDHE2048 (0x100)
EXT[0x8006c0]: Sent group FFDHE3072 (0x101)
EXT[0x8006c0]: Sent group FFDHE4096 (0x102)
EXT[0x8006c0]: Sent group FFDHE6144 (0x103)
EXT[0x8006c0]: Sent group FFDHE8192 (0x104)
EXT[0x8006c0]: Sending extension Supported Groups/10 (20 bytes)
EXT[0x8006c0]: Preparing extension (Supported EC Point Formats/11) for 'client hello'
EXT[0x8006c0]: Sending extension Supported EC Point Formats/11 (2 bytes)
EXT[0x8006c0]: Preparing extension (SRP/12) for 'client hello'
EXT[0x8006c0]: Preparing extension (Signature Algorithms/13) for 'client hello'
EXT[0x8006c0]: sent signature algo (4.1) RSA-SHA256
EXT[0x8006c0]: sent signature algo (8.9) RSA-PSS-SHA256
EXT[0x8006c0]: sent signature algo (8.4) RSA-PSS-RSAE-SHA256
EXT[0x8006c0]: sent signature algo (4.3) ECDSA-SHA256
EXT[0x8006c0]: sent signature algo (8.7) EdDSA-Ed25519
EXT[0x8006c0]: sent signature algo (5.1) RSA-SHA384
EXT[0x8006c0]: sent signature algo (8.10) RSA-PSS-SHA384
EXT[0x8006c0]: sent signature algo (8.5) RSA-PSS-RSAE-SHA384
EXT[0x8006c0]: sent signature algo (5.3) ECDSA-SHA384
EXT[0x8006c0]: sent signature algo (6.1) RSA-SHA512
EXT[0x8006c0]: sent signature algo (8.11) RSA-PSS-SHA512
EXT[0x8006c0]: sent signature algo (8.6) RSA-PSS-RSAE-SHA512
EXT[0x8006c0]: sent signature algo (6.3) ECDSA-SHA512
EXT[0x8006c0]: sent signature algo (2.1) RSA-SHA1
EXT[0x8006c0]: sent signature algo (2.3) ECDSA-SHA1
EXT[0x8006c0]: Sending extension Signature Algorithms/13 (32 bytes)
EXT[0x8006c0]: Preparing extension (SRTP/14) for 'client hello'
EXT[0x8006c0]: Preparing extension (Heartbeat/15) for 'client hello'
EXT[0x8006c0]: Preparing extension (ALPN/16) for 'client hello'
EXT[0x8006c0]: Preparing extension (Encrypt-then-MAC/22) for 'client hello'
EXT[0x8006c0]: Preparing extension (Extended Master Secret/23) for 'client hello'
EXT[0x8006c0]: Preparing extension (Session Ticket/35) for 'client hello'
EXT[0x8006c0]: Sending extension Session Ticket/35 (0 bytes)
EXT[0x8006c0]: Preparing extension (Key Share/51) for 'client hello'
EXT[0x8006c0]: sending key share for SECP256R1
ASSERT: mpi.c[wrap_nettle_mpi_print]:60
ASSERT: mpi.c[wrap_nettle_mpi_print]:60
EXT[0x8006c0]: sending key share for X25519
EXT[0x8006c0]: Sending extension Key Share/51 (107 bytes)
EXT[0x8006c0]: Preparing extension (Supported Versions/43) for 'client hello'
Advertizing version 3.4
Advertizing version 3.3
Advertizing version 3.2
Advertizing version 3.1
EXT[0x8006c0]: Sending extension Supported Versions/43 (9 bytes)
EXT[0x8006c0]: Preparing extension (Post Handshake Auth/49) for 'client hello'
EXT[0x8006c0]: Preparing extension (Safe Renegotiation/65281) for 'client hello'
EXT[0x8006c0]: Sending extension Safe Renegotiation/65281 (1 bytes)
EXT[0x8006c0]: Preparing extension (Server Name Indication/0) for 'client hello'
EXT[0x8006c0]: Preparing extension (Cookie/44) for 'client hello'
EXT[0x8006c0]: Preparing extension (Early Data/42) for 'client hello'
EXT[0x8006c0]: Preparing extension (PSK Key Exchange Modes/45) for 'client hello'
EXT[0x8006c0]: Sending extension PSK Key Exchange Modes/45 (3 bytes)
EXT[0x8006c0]: Preparing extension (Record Size Limit/28) for 'client hello'
EXT[0x8006c0]: Sending extension Record Size Limit/28 (2 bytes)
EXT[0x8006c0]: Preparing extension (ClientHello Padding/21) for 'client hello'
EXT[0x8006c0]: Sending extension ClientHello Padding/21 (184 bytes)
EXT[0x8006c0]: Preparing extension (Pre Shared Key/41) for 'client hello'
HSK[0x8006c0]: CLIENT HELLO was queued [512 bytes]
HWRITE: enqueued [CLIENT HELLO] 512. Total 512 bytes.
HWRITE FLUSH: 512 bytes in buffer.
REC[0x8006c0]: Preparing Packet Handshake(22) with length: 512 and min pad: 0
ENC[0x8006c0]: cipher: NULL, MAC: MAC-NULL, Epoch: 0
WRITE: enqueued 517 bytes for 0x5. Total 517 bytes.
REC[0x8006c0]: Sent Packet[1] Handshake(22) in epoch 0 and length: 517
HWRITE: wrote 1 bytes, 0 bytes left.
WRITE FLUSH: 517 bytes in buffer.
WRITE: wrote 517 bytes, 0 bytes left.
ASSERT: buffers.c[get_last_packet]:1171
ocserv[17291]: main:127.0.0.2:27296 user disconnected (reason: unspecified, rx: 0, tx: 0)
READ: Got 5 bytes from 0x5
READ: read 5 bytes from 0x5
RB: Have 0 bytes into buffer. Adding 5 bytes.
RB: Requested 5 bytes
REC[0x8006c0]: SSL 3.3 Handshake packet received. Epoch 0, length: 123
REC[0x8006c0]: Expected Packet Handshake(22)
REC[0x8006c0]: Received Packet Handshake(22) with length: 123
READ: Got 123 bytes from 0x5
READ: read 123 bytes from 0x5
RB: Have 5 bytes into buffer. Adding 123 bytes.
RB: Requested 128 bytes
REC[0x8006c0]: Decrypted Packet[0] Handshake(22) with length: 123
BUF[REC]: Inserted 123 bytes of Data(22)
HSK[0x8006c0]: SERVER HELLO (2) was received. Length 119[119], frag offset 0, frag length: 119, sequence: 0
ASSERT: buffers.c[get_last_packet]:1162
ASSERT: buffers.c[_gnutls_handshake_io_recv_int]:1413
HSK[0x8006c0]: Server's version: 3.3
EXT[0x8006c0]: Parsing extension 'Supported Versions/43' (2 bytes)
EXT[0x8006c0]: Negotiated version: 3.4
HSK[0x8006c0]: Selected cipher suite: GNUTLS_AES_128_GCM_SHA256
EXT[0x8006c0]: Parsing extension 'Key Share/51' (69 bytes)
HSK[0x8006c0]: Selected group SECP256R1 (2)
EXT[0x8006c0]: client generated SECP256R1 shared key
HWRITE: enqueued [CHANGE CIPHER SPEC] 1. Total 1 bytes.
HWRITE FLUSH: 1 bytes in buffer.
REC[0x8006c0]: Preparing Packet ChangeCipherSpec(20) with length: 1 and min pad: 0
ENC[0x8006c0]: cipher: NULL, MAC: MAC-NULL, Epoch: 0
WRITE: enqueued 6 bytes for 0x5. Total 6 bytes.
REC[0x8006c0]: Sent Packet[2] ChangeCipherSpec(20) in epoch 0 and length: 6
HWRITE: wrote 1 bytes, 0 bytes left.
WRITE FLUSH: 6 bytes in buffer.
WRITE: wrote 6 bytes, 0 bytes left.
REC[0x8006c0]: Sent ChangeCipherSpec
REC[0x8006c0]: Initializing epoch #1
INT: CLIENT WRITE KEY [16]: 1969170ae964ec20856cc0873fd76ad8
INT: SERVER WRITE KEY [16]: aff245c2e7d9718385b042fc39c39343
INT: CLIENT WRITE IV [12]: dd0bd374ab3a992ddcb4f334
INT: SERVER WRITE IV [12]: 2d92a928eb66cd88da9a4b71
REC[0x8006c0]: Epoch #1 ready
HSK[0x8006c0]: TLS 1.3 re-key with cipher suite: GNUTLS_AES_128_GCM_SHA256
ASSERT: buffers.c[get_last_packet]:1171
READ: Got 5 bytes from 0x5
READ: read 5 bytes from 0x5
RB: Have 0 bytes into buffer. Adding 5 bytes.
RB: Requested 5 bytes
REC[0x8006c0]: SSL 3.3 ChangeCipherSpec packet received. Epoch 1, length: 1
REC[0x8006c0]: Expected Packet Handshake(22)
REC[0x8006c0]: Received Packet ChangeCipherSpec(20) with length: 1
READ: Got 1 bytes from 0x5
READ: read 1 bytes from 0x5
RB: Have 5 bytes into buffer. Adding 1 bytes.
RB: Requested 6 bytes
discarding change cipher spec in TLS1.3
READ: Got 5 bytes from 0x5
READ: read 5 bytes from 0x5
RB: Have 0 bytes into buffer. Adding 5 bytes.
RB: Requested 5 bytes
REC[0x8006c0]: SSL 3.3 Application Data packet received. Epoch 1, length: 29
REC[0x8006c0]: Expected Packet Handshake(22)
REC[0x8006c0]: Received Packet Application Data(23) with length: 29
READ: Got 29 bytes from 0x5
READ: read 29 bytes from 0x5
RB: Have 5 bytes into buffer. Adding 29 bytes.
RB: Requested 34 bytes
REC[0x8006c0]: Decrypted Packet[0] Handshake(22) with length: 12
BUF[REC]: Inserted 12 bytes of Data(22)
HSK[0x8006c0]: ENCRYPTED EXTENSIONS (8) was received. Length 8[8], frag offset 0, frag length: 8, sequence: 0
HSK[0x8006c0]: parsing encrypted extensions
EXT[0x8006c0]: Parsing extension 'Record Size Limit/28' (2 bytes)
ASSERT: buffers.c[get_last_packet]:1171
READ: Got 5 bytes from 0x5
READ: read 5 bytes from 0x5
RB: Have 0 bytes into buffer. Adding 5 bytes.
RB: Requested 5 bytes
REC[0x8006c0]: SSL 3.3 Application Data packet received. Epoch 1, length: 85
REC[0x8006c0]: Expected Packet Handshake(22)
REC[0x8006c0]: Received Packet Application Data(23) with length: 85
READ: Got 85 bytes from 0x5
READ: read 85 bytes from 0x5
RB: Have 5 bytes into buffer. Adding 85 bytes.
RB: Requested 90 bytes
REC[0x8006c0]: Decrypted Packet[1] Handshake(22) with length: 68
BUF[REC]: Inserted 68 bytes of Data(22)
HSK[0x8006c0]: CERTIFICATE REQUEST (13) was received. Length 64[64], frag offset 0, frag length: 64, sequence: 0
HSK[0x8006c0]: parsing certificate request
EXT[0x8006c0]: rcvd signature algo (4.1) RSA-SHA256
EXT[0x8006c0]: rcvd signature algo (8.9) RSA-PSS-SHA256
EXT[0x8006c0]: rcvd signature algo (8.4) RSA-PSS-RSAE-SHA256
EXT[0x8006c0]: rcvd signature algo (4.3) ECDSA-SECP256R1-SHA256
EXT[0x8006c0]: rcvd signature algo (8.7) EdDSA-Ed25519
EXT[0x8006c0]: rcvd signature algo (5.1) RSA-SHA384
EXT[0x8006c0]: rcvd signature algo (8.10) RSA-PSS-SHA384
EXT[0x8006c0]: rcvd signature algo (8.5) RSA-PSS-RSAE-SHA384
EXT[0x8006c0]: rcvd signature algo (5.3) ECDSA-SECP384R1-SHA384
EXT[0x8006c0]: rcvd signature algo (6.1) RSA-SHA512
EXT[0x8006c0]: rcvd signature algo (8.11) RSA-PSS-SHA512
EXT[0x8006c0]: rcvd signature algo (8.6) RSA-PSS-RSAE-SHA512
EXT[0x8006c0]: rcvd signature algo (6.3) ECDSA-SECP521R1-SHA512
EXT[0x8006c0]: rcvd signature algo (2.1) RSA-SHA1
EXT[0x8006c0]: rcvd signature algo (2.3) ECDSA-SHA1
EXT[0x8006c0]: rcvd signature algo (2.2) (null)
Peer requested CA: CN=CA
ASSERT: buffers.c[get_last_packet]:1171
READ: Got 5 bytes from 0x5
READ: read 5 bytes from 0x5
RB: Have 0 bytes into buffer. Adding 5 bytes.
RB: Requested 5 bytes
REC[0x8006c0]: SSL 3.3 Application Data packet received. Epoch 1, length: 947
REC[0x8006c0]: Expected Packet Handshake(22)
REC[0x8006c0]: Received Packet Application Data(23) with length: 947
READ: Got 947 bytes from 0x5
READ: read 947 bytes from 0x5
RB: Have 5 bytes into buffer. Adding 947 bytes.
RB: Requested 952 bytes
REC[0x8006c0]: Decrypted Packet[2] Handshake(22) with length: 930
BUF[REC]: Inserted 930 bytes of Data(22)
HSK[0x8006c0]: CERTIFICATE (11) was received. Length 926[926], frag offset 0, frag length: 926, sequence: 0
HSK[0x8006c0]: parsing certificate message
ASSERT: buffers.c[get_last_packet]:1171
READ: Got 5 bytes from 0x5
READ: read 5 bytes from 0x5
RB: Have 0 bytes into buffer. Adding 5 bytes.
RB: Requested 5 bytes
REC[0x8006c0]: SSL 3.3 Application Data packet received. Epoch 1, length: 329
REC[0x8006c0]: Expected Packet Handshake(22)
REC[0x8006c0]: Received Packet Application Data(23) with length: 329
READ: Got 329 bytes from 0x5
READ: read 329 bytes from 0x5
RB: Have 5 bytes into buffer. Adding 329 bytes.
RB: Requested 334 bytes
REC[0x8006c0]: Decrypted Packet[3] Handshake(22) with length: 312
BUF[REC]: Inserted 312 bytes of Data(22)
HSK[0x8006c0]: CERTIFICATE VERIFY (15) was received. Length 308[308], frag offset 0, frag length: 308, sequence: 0
HSK[0x8006c0]: Parsing certificate verify
HSK[0x8006c0]: verifying TLS 1.3 handshake data using RSA-PSS-RSAE-SHA256
ASSERT: mpi.c[wrap_nettle_mpi_print]:60
ASSERT: mpi.c[wrap_nettle_mpi_print]:60
ASSERT: ocsp-api.c[gnutls_ocsp_status_request_get2]:99
ASSERT: verify.c[verify_crt]:663
ASSERT: verify.c[verify_crt]:815
ASSERT: verify.c[_gnutls_verify_crt_status]:985
issuer in verification was not found or insecure; trying against trust list
ASSERT: verify.c[verify_crt]:663
ASSERT: verify.c[verify_crt]:815
ASSERT: verify.c[_gnutls_verify_crt_status]:985
ASSERT: verify-high.c[gnutls_x509_trust_list_verify_crt2]:1374
Server certificate verify failed: signer not found
ASSERT: common.c[_gnutls_copy_data]:1611
ASSERT: x509.c[gnutls_x509_crt_export]:2922
ASSERT: buffers.c[get_last_packet]:1171
READ: Got 5 bytes from 0x5
READ: read 5 bytes from 0x5
RB: Have 0 bytes into buffer. Adding 5 bytes.
RB: Requested 5 bytes
REC[0x8006c0]: SSL 3.3 Application Data packet received. Epoch 1, length: 53
REC[0x8006c0]: Expected Packet Handshake(22)
REC[0x8006c0]: Received Packet Application Data(23) with length: 53
READ: Got 53 bytes from 0x5
READ: read 53 bytes from 0x5
RB: Have 5 bytes into buffer. Adding 53 bytes.
RB: Requested 58 bytes
REC[0x8006c0]: Decrypted Packet[4] Handshake(22) with length: 36
BUF[REC]: Inserted 36 bytes of Data(22)
HSK[0x8006c0]: FINISHED (20) was received. Length 32[32], frag offset 0, frag length: 32, sequence: 0
HSK[0x8006c0]: parsing finished
HSK[0x8006c0]: CERTIFICATE was queued [925 bytes]
HWRITE: enqueued [CERTIFICATE] 925. Total 925 bytes.
checking cert compat with RSA-SHA256
ASSERT: signature.c[_gnutls_session_sign_algo_enabled]:365
Signature algorithm RSA-SHA256 is not enabled
checking cert compat with RSA-PSS-SHA256
checking cert compat with RSA-PSS-RSAE-SHA256
HSK[0x8006c0]: signing TLS 1.3 handshake data: using RSA-PSS-RSAE-SHA256 and PRF: SHA256
HSK[0x8006c0]: CERTIFICATE VERIFY was queued [312 bytes]
HWRITE: enqueued [CERTIFICATE VERIFY] 312. Total 1237 bytes.
HSK[0x8006c0]: sending finished
HSK[0x8006c0]: FINISHED was queued [36 bytes]
HWRITE: enqueued [FINISHED] 36. Total 1273 bytes.
HWRITE FLUSH: 1273 bytes in buffer.
REC[0x8006c0]: Preparing Packet Handshake(22) with length: 925 and min pad: 0
ENC[0x8006c0]: cipher: AES-128-GCM, MAC: AEAD, Epoch: 1
WRITE: enqueued 947 bytes for 0x5. Total 947 bytes.
REC[0x8006c0]: Sent Packet[1] Handshake(22) in epoch 1 and length: 947
HWRITE: wrote 1 bytes, 348 bytes left.
REC[0x8006c0]: Preparing Packet Handshake(22) with length: 312 and min pad: 0
ENC[0x8006c0]: cipher: AES-128-GCM, MAC: AEAD, Epoch: 1
WRITE: enqueued 334 bytes for 0x5. Total 1281 bytes.
REC[0x8006c0]: Sent Packet[2] Handshake(22) in epoch 1 and length: 334
HWRITE: wrote 1 bytes, 36 bytes left.
REC[0x8006c0]: Preparing Packet Handshake(22) with length: 36 and min pad: 0
ENC[0x8006c0]: cipher: AES-128-GCM, MAC: AEAD, Epoch: 1
WRITE: enqueued 58 bytes for 0x5. Total 1339 bytes.
REC[0x8006c0]: Sent Packet[3] Handshake(22) in epoch 1 and length: 58
HWRITE: wrote 1 bytes, 0 bytes left.
WRITE FLUSH: 1339 bytes in buffer.
WRITE: wrote 1339 bytes, 0 bytes left.
ASSERT: constate.c[_gnutls_epoch_get]:901
REC[0x8006c0]: Allocating epoch #2
REC[0x8006c0]: Initializing epoch #2
INT: CLIENT WRITE KEY [16]: f8be6e391770b3b173ff7ebeac1a7454
INT: SERVER WRITE KEY [16]: 961461eaac2487b07b58b03697385c50
INT: CLIENT WRITE IV [12]: d01a6c2a14319c56bf874c4c
INT: SERVER WRITE IV [12]: b0b917b5ee44bdc49693e334
REC[0x8006c0]: Epoch #2 ready
HSK[0x8006c0]: TLS 1.3 re-key with cipher suite: GNUTLS_AES_128_GCM_SHA256
BUF[HSK]: Emptied buffer
BUF[HSK]: Emptied buffer
REC[0x8006c0]: Start of epoch cleanup
REC[0x8006c0]: Epoch #0 freed
REC[0x8006c0]: Epoch #1 freed
REC[0x8006c0]: End of epoch cleanup
Connected to HTTPS on 127.0.0.2
REC[0x8006c0]: Preparing Packet Application Data(23) with length: 579 and min pad: 0
ENC[0x8006c0]: cipher: AES-128-GCM, MAC: AEAD, Epoch: 2
WRITE: enqueued 601 bytes for 0x5. Total 601 bytes.
WRITE FLUSH: 601 bytes in buffer.
WRITE: wrote 601 bytes, 0 bytes left.
REC[0x8006c0]: Sent Packet[1] Application Data(23) in epoch 2 and length: 601
READ: -1 returned from 0x5, errno=11 gerrno=0
ASSERT: buffers.c[_gnutls_io_read_buffered]:589
ASSERT: record.c[_gnutls_recv_int]:1759
ocserv[17311]: worker:  client certificate verification succeeded
ocserv[17293]: sec-mod: using 'certificate+plain' authentication to authenticate user (session: wkTQkU)
READ: Got 5 bytes from 0x5
READ: read 5 bytes from 0x5
RB: Have 0 bytes into buffer. Adding 5 bytes.
RB: Requested 5 bytes
REC[0x8006c0]: SSL 3.3 Application Data packet received. Epoch 2, length: 508
REC[0x8006c0]: Expected Packet Application Data(23)
REC[0x8006c0]: Received Packet Application Data(23) with length: 508
READ: Got 508 bytes from 0x5
READ: read 508 bytes from 0x5
RB: Have 5 bytes into buffer. Adding 508 bytes.
RB: Requested 513 bytes
REC[0x8006c0]: Decrypted Packet[0] Application Data(23) with length: 491
BUF[REC]: Inserted 491 bytes of Data(23)
Got HTTP response: HTTP/1.1 200 OK
Set-Cookie: webvpncontext=dSi78ARUQY9XeS2dObqMOqv5RnNkwBtqOGJc2fzajwM=; Max-Age=120; Secure
Content-Type: text/xml
Content-Length: 310
X-Transcend-Version: 1
HTTP body length:  (310)
Please enter your password.
POST https://127.0.0.2/auth
REC[0x8006c0]: Preparing Packet Application Data(23) with length: 647 and min pad: 0
ENC[0x8006c0]: cipher: AES-128-GCM, MAC: AEAD, Epoch: 2
WRITE: enqueued 669 bytes for 0x5. Total 669 bytes.
WRITE FLUSH: 669 bytes in buffer.
WRITE: wrote 669 bytes, 0 bytes left.
REC[0x8006c0]: Sent Packet[2] Application Data(23) in epoch 2 and length: 669
READ: -1 returned from 0x5, errno=11 gerrno=0
ASSERT: buffers.c[_gnutls_io_read_buffered]:589
ASSERT: record.c[_gnutls_recv_int]:1759
READ: Got 5 bytes from 0x5
READ: read 5 bytes from 0x5
RB: Have 0 bytes into buffer. Adding 5 bytes.
RB: Requested 5 bytes
REC[0x8006c0]: SSL 3.3 Application Data packet received. Epoch 2, length: 644
REC[0x8006c0]: Expected Packet Application Data(23)
REC[0x8006c0]: Received Packet Application Data(23) with length: 644
READ: Got 644 bytes from 0x5
READ: read 644 bytes from 0x5
RB: Have 5 bytes into buffer. Adding 644 bytes.
RB: Requested 649 bytes
REC[0x8006c0]: Decrypted Packet[1] Application Data(23) with length: 627
BUF[REC]: Inserted 627 bytes of Data(23)
Got HTTP response: HTTP/1.1 200 OK
Connection: Keep-Alive
Content-Type: text/xml
Content-Length: 189
X-Transcend-Version: 1
Set-Cookie: webvpncontext=dSi78ARUQY9XeS2dObqMOqv5RnNkwBtqOGJc2fzajwM=; Secure
Set-Cookie: webvpn=<elided>; Secure
Set-Cookie: webvpnc=; expires=Thu, 01 Jan 1970 22:00:00 GMT; path=/; Secure
Set-Cookie: webvpnc=bu:/&p:t&iu:1/&sh:D66B507AE074D03B02EAFCA40D35F87DD81049D3; path=/; Secure
HTTP body length:  (189)
BUF[HSK]: Emptied buffer
REC[0x8006c0]: Start of epoch cleanup
REC[0x8006c0]: End of epoch cleanup
REC[0x8006c0]: Epoch #2 freed
ocserv[17291]: main:127.0.0.2:27297 user disconnected (reason: unspecified, rx: 0, tx: 0)
COOKIE='dSi78ARUQY9XeS2dObqMOqv5RnNkwBtqOGJc2fzajwM='
HOST='127.0.0.2'
FINGERPRINT='pin-sha256:xp3scfzy3rOQsv9NcOve/8YVVv+pHr4qNCXEXrNl5s8='
Connecting to obtain cookie (token openconnect-test key id=%01)... POST https://127.0.0.2/
Attempting to connect to server 127.0.0.2:443
Connected to 127.0.0.2:443
Using PKCS#11 certificate pkcs11:token=openconnect-test;id=%01;type=cert?pin-value=1234
Initializing all PKCS #11 modules
p11: Initializing module: p11-kit-trust
p11: Initializing module: softhsm2
ASSERT: pkcs11.c[compat_load]:889
p11: No login requested.
Trying PKCS#11 key URL pkcs11:token=openconnect-test;id=%01;type=private?pin-value=1234
p11: Using pin-value to retrieve PIN
p11: Login result = ok (0)
Using PKCS#11 key pkcs11:token=openconnect-test;id=%01;type=private?pin-value=1234
Using client certificate 'A user'
p11: No login requested.
ASSERT: pkcs11.c[find_cert_cb]:4206
ASSERT: pkcs11.c[find_cert_cb]:4031
p11: No login requested.
ASSERT: pkcs11.c[find_cert_cb]:4206
ASSERT: pkcs11.c[find_cert_cb]:4031
ASSERT: pkcs11.c[gnutls_pkcs11_get_raw_issuer]:4302
Got no issuer from PKCS#11
ASSERT: x509_ext.c[gnutls_subject_alt_names_get]:110
ASSERT: x509.c[get_alt_name]:1815
REC[0x88fb20]: Allocating epoch #0
added 6 protocols, 29 ciphersuites, 18 sig algos and 9 groups into priority list
SSL negotiation with 127.0.0.2
REC[0x88fb20]: Allocating epoch #1
HSK[0x88fb20]: Adv. version: 3.3
Keeping ciphersuite 13.02 (GNUTLS_AES_256_GCM_SHA384)
Keeping ciphersuite 13.03 (GNUTLS_CHACHA20_POLY1305_SHA256)
Keeping ciphersuite 13.01 (GNUTLS_AES_128_GCM_SHA256)
Keeping ciphersuite 13.04 (GNUTLS_AES_128_CCM_SHA256)
Keeping ciphersuite c0.2c (GNUTLS_ECDHE_ECDSA_AES_256_GCM_SHA384)
Keeping ciphersuite cc.a9 (GNUTLS_ECDHE_ECDSA_CHACHA20_POLY1305)
Keeping ciphersuite c0.ad (GNUTLS_ECDHE_ECDSA_AES_256_CCM)
Keeping ciphersuite c0.0a (GNUTLS_ECDHE_ECDSA_AES_256_CBC_SHA1)
Keeping ciphersuite c0.2b (GNUTLS_ECDHE_ECDSA_AES_128_GCM_SHA256)
Keeping ciphersuite c0.ac (GNUTLS_ECDHE_ECDSA_AES_128_CCM)
Keeping ciphersuite c0.09 (GNUTLS_ECDHE_ECDSA_AES_128_CBC_SHA1)
Keeping ciphersuite c0.30 (GNUTLS_ECDHE_RSA_AES_256_GCM_SHA384)
Keeping ciphersuite cc.a8 (GNUTLS_ECDHE_RSA_CHACHA20_POLY1305)
Keeping ciphersuite c0.14 (GNUTLS_ECDHE_RSA_AES_256_CBC_SHA1)
Keeping ciphersuite c0.2f (GNUTLS_ECDHE_RSA_AES_128_GCM_SHA256)
Keeping ciphersuite c0.13 (GNUTLS_ECDHE_RSA_AES_128_CBC_SHA1)
Keeping ciphersuite 00.9d (GNUTLS_RSA_AES_256_GCM_SHA384)
Keeping ciphersuite c0.9d (GNUTLS_RSA_AES_256_CCM)
Keeping ciphersuite 00.35 (GNUTLS_RSA_AES_256_CBC_SHA1)
Keeping ciphersuite 00.9c (GNUTLS_RSA_AES_128_GCM_SHA256)
Keeping ciphersuite c0.9c (GNUTLS_RSA_AES_128_CCM)
Keeping ciphersuite 00.2f (GNUTLS_RSA_AES_128_CBC_SHA1)
Keeping ciphersuite 00.9f (GNUTLS_DHE_RSA_AES_256_GCM_SHA384)
Keeping ciphersuite cc.aa (GNUTLS_DHE_RSA_CHACHA20_POLY1305)
Keeping ciphersuite c0.9f (GNUTLS_DHE_RSA_AES_256_CCM)
Keeping ciphersuite 00.39 (GNUTLS_DHE_RSA_AES_256_CBC_SHA1)
Keeping ciphersuite 00.9e (GNUTLS_DHE_RSA_AES_128_GCM_SHA256)
Keeping ciphersuite c0.9e (GNUTLS_DHE_RSA_AES_128_CCM)
Keeping ciphersuite 00.33 (GNUTLS_DHE_RSA_AES_128_CBC_SHA1)
EXT[0x88fb20]: Preparing extension (Maximum Record Size/1) for 'client hello'
EXT[0x88fb20]: Preparing extension (OCSP Status Request/5) for 'client hello'
EXT[0x88fb20]: Sending extension OCSP Status Request/5 (5 bytes)
EXT[0x88fb20]: Preparing extension (Client Certificate Type/19) for 'client hello'
EXT[0x88fb20]: Preparing extension (Server Certificate Type/20) for 'client hello'
EXT[0x88fb20]: Preparing extension (Supported Groups/10) for 'client hello'
EXT[0x88fb20]: Sent group SECP256R1 (0x17)
EXT[0x88fb20]: Sent group SECP384R1 (0x18)
EXT[0x88fb20]: Sent group SECP521R1 (0x19)
EXT[0x88fb20]: Sent group X25519 (0x1d)
EXT[0x88fb20]: Sent group FFDHE2048 (0x100)
EXT[0x88fb20]: Sent group FFDHE3072 (0x101)
EXT[0x88fb20]: Sent group FFDHE4096 (0x102)
EXT[0x88fb20]: Sent group FFDHE6144 (0x103)
EXT[0x88fb20]: Sent group FFDHE8192 (0x104)
EXT[0x88fb20]: Sending extension Supported Groups/10 (20 bytes)
EXT[0x88fb20]: Preparing extension (Supported EC Point Formats/11) for 'client hello'
EXT[0x88fb20]: Sending extension Supported EC Point Formats/11 (2 bytes)
EXT[0x88fb20]: Preparing extension (SRP/12) for 'client hello'
EXT[0x88fb20]: Preparing extension (Signature Algorithms/13) for 'client hello'
EXT[0x88fb20]: sent signature algo (4.1) RSA-SHA256
EXT[0x88fb20]: sent signature algo (8.9) RSA-PSS-SHA256
EXT[0x88fb20]: sent signature algo (8.4) RSA-PSS-RSAE-SHA256
EXT[0x88fb20]: sent signature algo (4.3) ECDSA-SHA256
EXT[0x88fb20]: sent signature algo (8.7) EdDSA-Ed25519
EXT[0x88fb20]: sent signature algo (5.1) RSA-SHA384
EXT[0x88fb20]: sent signature algo (8.10) RSA-PSS-SHA384
EXT[0x88fb20]: sent signature algo (8.5) RSA-PSS-RSAE-SHA384
EXT[0x88fb20]: sent signature algo (5.3) ECDSA-SHA384
EXT[0x88fb20]: sent signature algo (6.1) RSA-SHA512
EXT[0x88fb20]: sent signature algo (8.11) RSA-PSS-SHA512
EXT[0x88fb20]: sent signature algo (8.6) RSA-PSS-RSAE-SHA512
EXT[0x88fb20]: sent signature algo (6.3) ECDSA-SHA512
EXT[0x88fb20]: sent signature algo (2.1) RSA-SHA1
EXT[0x88fb20]: sent signature algo (2.3) ECDSA-SHA1
EXT[0x88fb20]: Sending extension Signature Algorithms/13 (32 bytes)
EXT[0x88fb20]: Preparing extension (SRTP/14) for 'client hello'
EXT[0x88fb20]: Preparing extension (Heartbeat/15) for 'client hello'
EXT[0x88fb20]: Preparing extension (ALPN/16) for 'client hello'
EXT[0x88fb20]: Preparing extension (Encrypt-then-MAC/22) for 'client hello'
EXT[0x88fb20]: Preparing extension (Extended Master Secret/23) for 'client hello'
EXT[0x88fb20]: Preparing extension (Session Ticket/35) for 'client hello'
EXT[0x88fb20]: Sending extension Session Ticket/35 (0 bytes)
EXT[0x88fb20]: Preparing extension (Key Share/51) for 'client hello'
EXT[0x88fb20]: sending key share for SECP256R1
ASSERT: mpi.c[wrap_nettle_mpi_print]:60
ASSERT: mpi.c[wrap_nettle_mpi_print]:60
EXT[0x88fb20]: sending key share for X25519
EXT[0x88fb20]: Sending extension Key Share/51 (107 bytes)
EXT[0x88fb20]: Preparing extension (Supported Versions/43) for 'client hello'
Advertizing version 3.4
Advertizing version 3.3
Advertizing version 3.2
Advertizing version 3.1
EXT[0x88fb20]: Sending extension Supported Versions/43 (9 bytes)
EXT[0x88fb20]: Preparing extension (Post Handshake Auth/49) for 'client hello'
EXT[0x88fb20]: Preparing extension (Safe Renegotiation/65281) for 'client hello'
EXT[0x88fb20]: Sending extension Safe Renegotiation/65281 (1 bytes)
EXT[0x88fb20]: Preparing extension (Server Name Indication/0) for 'client hello'
EXT[0x88fb20]: Preparing extension (Cookie/44) for 'client hello'
EXT[0x88fb20]: Preparing extension (Early Data/42) for 'client hello'
EXT[0x88fb20]: Preparing extension (PSK Key Exchange Modes/45) for 'client hello'
EXT[0x88fb20]: Sending extension PSK Key Exchange Modes/45 (3 bytes)
EXT[0x88fb20]: Preparing extension (Record Size Limit/28) for 'client hello'
EXT[0x88fb20]: Sending extension Record Size Limit/28 (2 bytes)
EXT[0x88fb20]: Preparing extension (ClientHello Padding/21) for 'client hello'
EXT[0x88fb20]: Sending extension ClientHello Padding/21 (184 bytes)
EXT[0x88fb20]: Preparing extension (Pre Shared Key/41) for 'client hello'
HSK[0x88fb20]: CLIENT HELLO was queued [512 bytes]
HWRITE: enqueued [CLIENT HELLO] 512. Total 512 bytes.
HWRITE FLUSH: 512 bytes in buffer.
REC[0x88fb20]: Preparing Packet Handshake(22) with length: 512 and min pad: 0
ENC[0x88fb20]: cipher: NULL, MAC: MAC-NULL, Epoch: 0
WRITE: enqueued 517 bytes for 0x5. Total 517 bytes.
REC[0x88fb20]: Sent Packet[1] Handshake(22) in epoch 0 and length: 517
HWRITE: wrote 1 bytes, 0 bytes left.
WRITE FLUSH: 517 bytes in buffer.
WRITE: wrote 517 bytes, 0 bytes left.
ASSERT: buffers.c[get_last_packet]:1171
READ: Got 5 bytes from 0x5
READ: read 5 bytes from 0x5
RB: Have 0 bytes into buffer. Adding 5 bytes.
RB: Requested 5 bytes
REC[0x88fb20]: SSL 3.3 Handshake packet received. Epoch 0, length: 123
REC[0x88fb20]: Expected Packet Handshake(22)
REC[0x88fb20]: Received Packet Handshake(22) with length: 123
READ: Got 123 bytes from 0x5
READ: read 123 bytes from 0x5
RB: Have 5 bytes into buffer. Adding 123 bytes.
RB: Requested 128 bytes
REC[0x88fb20]: Decrypted Packet[0] Handshake(22) with length: 123
BUF[REC]: Inserted 123 bytes of Data(22)
HSK[0x88fb20]: SERVER HELLO (2) was received. Length 119[119], frag offset 0, frag length: 119, sequence: 0
ASSERT: buffers.c[get_last_packet]:1162
ASSERT: buffers.c[_gnutls_handshake_io_recv_int]:1413
HSK[0x88fb20]: Server's version: 3.3
EXT[0x88fb20]: Parsing extension 'Supported Versions/43' (2 bytes)
EXT[0x88fb20]: Negotiated version: 3.4
HSK[0x88fb20]: Selected cipher suite: GNUTLS_AES_128_GCM_SHA256
EXT[0x88fb20]: Parsing extension 'Key Share/51' (69 bytes)
HSK[0x88fb20]: Selected group SECP256R1 (2)
EXT[0x88fb20]: client generated SECP256R1 shared key
HWRITE: enqueued [CHANGE CIPHER SPEC] 1. Total 1 bytes.
HWRITE FLUSH: 1 bytes in buffer.
REC[0x88fb20]: Preparing Packet ChangeCipherSpec(20) with length: 1 and min pad: 0
ENC[0x88fb20]: cipher: NULL, MAC: MAC-NULL, Epoch: 0
WRITE: enqueued 6 bytes for 0x5. Total 6 bytes.
REC[0x88fb20]: Sent Packet[2] ChangeCipherSpec(20) in epoch 0 and length: 6
HWRITE: wrote 1 bytes, 0 bytes left.
WRITE FLUSH: 6 bytes in buffer.
WRITE: wrote 6 bytes, 0 bytes left.
REC[0x88fb20]: Sent ChangeCipherSpec
REC[0x88fb20]: Initializing epoch #1
INT: CLIENT WRITE KEY [16]: 28ae8a3661e6970d0e853a69c6bba1f7
INT: SERVER WRITE KEY [16]: 64576af723ce68fb75fa4a64cfada79f
INT: CLIENT WRITE IV [12]: 61286c896cbb66dfbc30d5d7
INT: SERVER WRITE IV [12]: afd9a18bcca815ab6435974b
REC[0x88fb20]: Epoch #1 ready
HSK[0x88fb20]: TLS 1.3 re-key with cipher suite: GNUTLS_AES_128_GCM_SHA256
ASSERT: buffers.c[get_last_packet]:1171
READ: Got 5 bytes from 0x5
READ: read 5 bytes from 0x5
RB: Have 0 bytes into buffer. Adding 5 bytes.
RB: Requested 5 bytes
REC[0x88fb20]: SSL 3.3 ChangeCipherSpec packet received. Epoch 1, length: 1
REC[0x88fb20]: Expected Packet Handshake(22)
REC[0x88fb20]: Received Packet ChangeCipherSpec(20) with length: 1
READ: Got 1 bytes from 0x5
READ: read 1 bytes from 0x5
RB: Have 5 bytes into buffer. Adding 1 bytes.
RB: Requested 6 bytes
discarding change cipher spec in TLS1.3
READ: Got 5 bytes from 0x5
READ: read 5 bytes from 0x5
RB: Have 0 bytes into buffer. Adding 5 bytes.
RB: Requested 5 bytes
REC[0x88fb20]: SSL 3.3 Application Data packet received. Epoch 1, length: 29
REC[0x88fb20]: Expected Packet Handshake(22)
REC[0x88fb20]: Received Packet Application Data(23) with length: 29
READ: Got 29 bytes from 0x5
READ: read 29 bytes from 0x5
RB: Have 5 bytes into buffer. Adding 29 bytes.
RB: Requested 34 bytes
REC[0x88fb20]: Decrypted Packet[0] Handshake(22) with length: 12
BUF[REC]: Inserted 12 bytes of Data(22)
HSK[0x88fb20]: ENCRYPTED EXTENSIONS (8) was received. Length 8[8], frag offset 0, frag length: 8, sequence: 0
HSK[0x88fb20]: parsing encrypted extensions
EXT[0x88fb20]: Parsing extension 'Record Size Limit/28' (2 bytes)
ASSERT: buffers.c[get_last_packet]:1171
READ: Got 5 bytes from 0x5
READ: read 5 bytes from 0x5
RB: Have 0 bytes into buffer. Adding 5 bytes.
RB: Requested 5 bytes
REC[0x88fb20]: SSL 3.3 Application Data packet received. Epoch 1, length: 85
REC[0x88fb20]: Expected Packet Handshake(22)
REC[0x88fb20]: Received Packet Application Data(23) with length: 85
READ: Got 85 bytes from 0x5
READ: read 85 bytes from 0x5
RB: Have 5 bytes into buffer. Adding 85 bytes.
RB: Requested 90 bytes
REC[0x88fb20]: Decrypted Packet[1] Handshake(22) with length: 68
BUF[REC]: Inserted 68 bytes of Data(22)
HSK[0x88fb20]: CERTIFICATE REQUEST (13) was received. Length 64[64], frag offset 0, frag length: 64, sequence: 0
HSK[0x88fb20]: parsing certificate request
EXT[0x88fb20]: rcvd signature algo (4.1) RSA-SHA256
EXT[0x88fb20]: rcvd signature algo (8.9) RSA-PSS-SHA256
EXT[0x88fb20]: rcvd signature algo (8.4) RSA-PSS-RSAE-SHA256
EXT[0x88fb20]: rcvd signature algo (4.3) ECDSA-SECP256R1-SHA256
EXT[0x88fb20]: rcvd signature algo (8.7) EdDSA-Ed25519
EXT[0x88fb20]: rcvd signature algo (5.1) RSA-SHA384
EXT[0x88fb20]: rcvd signature algo (8.10) RSA-PSS-SHA384
EXT[0x88fb20]: rcvd signature algo (8.5) RSA-PSS-RSAE-SHA384
EXT[0x88fb20]: rcvd signature algo (5.3) ECDSA-SECP384R1-SHA384
EXT[0x88fb20]: rcvd signature algo (6.1) RSA-SHA512
EXT[0x88fb20]: rcvd signature algo (8.11) RSA-PSS-SHA512
EXT[0x88fb20]: rcvd signature algo (8.6) RSA-PSS-RSAE-SHA512
EXT[0x88fb20]: rcvd signature algo (6.3) ECDSA-SECP521R1-SHA512
EXT[0x88fb20]: rcvd signature algo (2.1) RSA-SHA1
EXT[0x88fb20]: rcvd signature algo (2.3) ECDSA-SHA1
EXT[0x88fb20]: rcvd signature algo (2.2) (null)
Peer requested CA: CN=CA
ASSERT: buffers.c[get_last_packet]:1171
READ: Got 5 bytes from 0x5
READ: read 5 bytes from 0x5
RB: Have 0 bytes into buffer. Adding 5 bytes.
RB: Requested 5 bytes
REC[0x88fb20]: SSL 3.3 Application Data packet received. Epoch 1, length: 947
REC[0x88fb20]: Expected Packet Handshake(22)
REC[0x88fb20]: Received Packet Application Data(23) with length: 947
READ: Got 947 bytes from 0x5
READ: read 947 bytes from 0x5
RB: Have 5 bytes into buffer. Adding 947 bytes.
RB: Requested 952 bytes
REC[0x88fb20]: Decrypted Packet[2] Handshake(22) with length: 930
BUF[REC]: Inserted 930 bytes of Data(22)
HSK[0x88fb20]: CERTIFICATE (11) was received. Length 926[926], frag offset 0, frag length: 926, sequence: 0
HSK[0x88fb20]: parsing certificate message
ASSERT: buffers.c[get_last_packet]:1171
READ: Got 5 bytes from 0x5
READ: read 5 bytes from 0x5
RB: Have 0 bytes into buffer. Adding 5 bytes.
RB: Requested 5 bytes
REC[0x88fb20]: SSL 3.3 Application Data packet received. Epoch 1, length: 329
REC[0x88fb20]: Expected Packet Handshake(22)
REC[0x88fb20]: Received Packet Application Data(23) with length: 329
READ: Got 329 bytes from 0x5
READ: read 329 bytes from 0x5
RB: Have 5 bytes into buffer. Adding 329 bytes.
RB: Requested 334 bytes
REC[0x88fb20]: Decrypted Packet[3] Handshake(22) with length: 312
BUF[REC]: Inserted 312 bytes of Data(22)
HSK[0x88fb20]: CERTIFICATE VERIFY (15) was received. Length 308[308], frag offset 0, frag length: 308, sequence: 0
HSK[0x88fb20]: Parsing certificate verify
HSK[0x88fb20]: verifying TLS 1.3 handshake data using RSA-PSS-RSAE-SHA256
ASSERT: mpi.c[wrap_nettle_mpi_print]:60
ASSERT: mpi.c[wrap_nettle_mpi_print]:60
ASSERT: ocsp-api.c[gnutls_ocsp_status_request_get2]:99
ASSERT: verify.c[verify_crt]:663
ASSERT: verify.c[verify_crt]:815
ASSERT: verify.c[_gnutls_verify_crt_status]:985
issuer in verification was not found or insecure; trying against trust list
ASSERT: verify.c[verify_crt]:663
ASSERT: verify.c[verify_crt]:815
ASSERT: verify.c[_gnutls_verify_crt_status]:985
ASSERT: verify-high.c[gnutls_x509_trust_list_verify_crt2]:1374
Server certificate verify failed: signer not found
ASSERT: common.c[_gnutls_copy_data]:1611
ASSERT: x509.c[gnutls_x509_crt_export]:2922
ASSERT: buffers.c[get_last_packet]:1171
READ: Got 5 bytes from 0x5
READ: read 5 bytes from 0x5
RB: Have 0 bytes into buffer. Adding 5 bytes.
RB: Requested 5 bytes
REC[0x88fb20]: SSL 3.3 Application Data packet received. Epoch 1, length: 53
REC[0x88fb20]: Expected Packet Handshake(22)
REC[0x88fb20]: Received Packet Application Data(23) with length: 53
READ: Got 53 bytes from 0x5
READ: read 53 bytes from 0x5
RB: Have 5 bytes into buffer. Adding 53 bytes.
RB: Requested 58 bytes
REC[0x88fb20]: Decrypted Packet[4] Handshake(22) with length: 36
BUF[REC]: Inserted 36 bytes of Data(22)
HSK[0x88fb20]: FINISHED (20) was received. Length 32[32], frag offset 0, frag length: 32, sequence: 0
HSK[0x88fb20]: parsing finished
HSK[0x88fb20]: CERTIFICATE was queued [925 bytes]
HWRITE: enqueued [CERTIFICATE] 925. Total 925 bytes.
checking cert compat with RSA-SHA256
ASSERT: signature.c[_gnutls_session_sign_algo_enabled]:365
Signature algorithm RSA-SHA256 is not enabled
checking cert compat with RSA-PSS-SHA256
checking cert compat with RSA-PSS-RSAE-SHA256
HSK[0x88fb20]: signing TLS 1.3 handshake data: using RSA-PSS-RSAE-SHA256 and PRF: SHA256
HSK[0x88fb20]: CERTIFICATE VERIFY was queued [312 bytes]
HWRITE: enqueued [CERTIFICATE VERIFY] 312. Total 1237 bytes.
HSK[0x88fb20]: sending finished
HSK[0x88fb20]: FINISHED was queued [36 bytes]
HWRITE: enqueued [FINISHED] 36. Total 1273 bytes.
HWRITE FLUSH: 1273 bytes in buffer.
REC[0x88fb20]: Preparing Packet Handshake(22) with length: 925 and min pad: 0
ENC[0x88fb20]: cipher: AES-128-GCM, MAC: AEAD, Epoch: 1
WRITE: enqueued 947 bytes for 0x5. Total 947 bytes.
REC[0x88fb20]: Sent Packet[1] Handshake(22) in epoch 1 and length: 947
HWRITE: wrote 1 bytes, 348 bytes left.
REC[0x88fb20]: Preparing Packet Handshake(22) with length: 312 and min pad: 0
ENC[0x88fb20]: cipher: AES-128-GCM, MAC: AEAD, Epoch: 1
WRITE: enqueued 334 bytes for 0x5. Total 1281 bytes.
REC[0x88fb20]: Sent Packet[2] Handshake(22) in epoch 1 and length: 334
HWRITE: wrote 1 bytes, 36 bytes left.
REC[0x88fb20]: Preparing Packet Handshake(22) with length: 36 and min pad: 0
ENC[0x88fb20]: cipher: AES-128-GCM, MAC: AEAD, Epoch: 1
WRITE: enqueued 58 bytes for 0x5. Total 1339 bytes.
REC[0x88fb20]: Sent Packet[3] Handshake(22) in epoch 1 and length: 58
HWRITE: wrote 1 bytes, 0 bytes left.
WRITE FLUSH: 1339 bytes in buffer.
WRITE: wrote 1339 bytes, 0 bytes left.
ASSERT: constate.c[_gnutls_epoch_get]:901
REC[0x88fb20]: Allocating epoch #2
REC[0x88fb20]: Initializing epoch #2
INT: CLIENT WRITE KEY [16]: 9d447c5ecaf07d05296da8b56d50b93e
INT: SERVER WRITE KEY [16]: 2bd65b52e99d8bca80f873bc70c3cc8f
INT: CLIENT WRITE IV [12]: ba25176e57f6d0f4307de362
INT: SERVER WRITE IV [12]: 014aa16198f2ee858909ce43
REC[0x88fb20]: Epoch #2 ready
HSK[0x88fb20]: TLS 1.3 re-key with cipher suite: GNUTLS_AES_128_GCM_SHA256
BUF[HSK]: Emptied buffer
BUF[HSK]: Emptied buffer
REC[0x88fb20]: Start of epoch cleanup
REC[0x88fb20]: Epoch #0 freed
REC[0x88fb20]: Epoch #1 freed
REC[0x88fb20]: End of epoch cleanup
Connected to HTTPS on 127.0.0.2
REC[0x88fb20]: Preparing Packet Application Data(23) with length: 575 and min pad: 0
ENC[0x88fb20]: cipher: AES-128-GCM, MAC: AEAD, Epoch: 2
WRITE: enqueued 597 bytes for 0x5. Total 597 bytes.
WRITE FLUSH: 597 bytes in buffer.
WRITE: wrote 597 bytes, 0 bytes left.
REC[0x88fb20]: Sent Packet[1] Application Data(23) in epoch 2 and length: 597
READ: -1 returned from 0x5, errno=11 gerrno=0
ASSERT: buffers.c[_gnutls_io_read_buffered]:589
ASSERT: record.c[_gnutls_recv_int]:1759
ocserv[17328]: worker:  client certificate verification succeeded
READ: Got 5 bytes from 0x5
READ: read 5 bytes from 0x5
RB: Have 0 bytes into buffer. Adding 5 bytes.
RB: Requested 5 bytes
REC[0x88fb20]: SSL 3.3 Application Data packet received. Epoch 2, length: 494
REC[0x88fb20]: Expected Packet Application Data(23)
REC[0x88fb20]: Received Packet Application Data(23) with length: 494
READ: Got 494 bytes from 0x5
READ: read 494 bytes from 0x5
RB: Have 5 bytes into buffer. Adding 494 bytes.
RB: Requested 499 bytes
REC[0x88fb20]: Decrypted Packet[0] Application Data(23) with length: 477
BUF[REC]: Inserted 477 bytes of Data(23)
Got HTTP response: HTTP/1.1 200 OK
Set-Cookie: webvpncontext=; expires=Thu, 01 Jan 1970 22:00:00 GMT; path=/; Secure
Content-Type: text/xml
Content-Length: 306
X-Transcend-Version: 1
HTTP body length:  (306)
BUF[HSK]: Emptied buffer
REC[0x88fb20]: Start of epoch cleanup
REC[0x88fb20]: End of epoch cleanup
REC[0x88fb20]: Epoch #2 freed
XML POST enabled
Please enter your username.
POST https://127.0.0.2/auth
REC[0x88fb20]: Allocating epoch #0
added 6 protocols, 29 ciphersuites, 18 sig algos and 9 groups into priority list
SSL negotiation with 127.0.0.2
REC[0x88fb20]: Allocating epoch #1
HSK[0x88fb20]: Adv. version: 3.3
Keeping ciphersuite 13.02 (GNUTLS_AES_256_GCM_SHA384)
Keeping ciphersuite 13.03 (GNUTLS_CHACHA20_POLY1305_SHA256)
Keeping ciphersuite 13.01 (GNUTLS_AES_128_GCM_SHA256)
Keeping ciphersuite 13.04 (GNUTLS_AES_128_CCM_SHA256)
Keeping ciphersuite c0.2c (GNUTLS_ECDHE_ECDSA_AES_256_GCM_SHA384)
Keeping ciphersuite cc.a9 (GNUTLS_ECDHE_ECDSA_CHACHA20_POLY1305)
Keeping ciphersuite c0.ad (GNUTLS_ECDHE_ECDSA_AES_256_CCM)
Keeping ciphersuite c0.0a (GNUTLS_ECDHE_ECDSA_AES_256_CBC_SHA1)
Keeping ciphersuite c0.2b (GNUTLS_ECDHE_ECDSA_AES_128_GCM_SHA256)
Keeping ciphersuite c0.ac (GNUTLS_ECDHE_ECDSA_AES_128_CCM)
Keeping ciphersuite c0.09 (GNUTLS_ECDHE_ECDSA_AES_128_CBC_SHA1)
Keeping ciphersuite c0.30 (GNUTLS_ECDHE_RSA_AES_256_GCM_SHA384)
Keeping ciphersuite cc.a8 (GNUTLS_ECDHE_RSA_CHACHA20_POLY1305)
Keeping ciphersuite c0.14 (GNUTLS_ECDHE_RSA_AES_256_CBC_SHA1)
Keeping ciphersuite c0.2f (GNUTLS_ECDHE_RSA_AES_128_GCM_SHA256)
Keeping ciphersuite c0.13 (GNUTLS_ECDHE_RSA_AES_128_CBC_SHA1)
Keeping ciphersuite 00.9d (GNUTLS_RSA_AES_256_GCM_SHA384)
Keeping ciphersuite c0.9d (GNUTLS_RSA_AES_256_CCM)
Keeping ciphersuite 00.35 (GNUTLS_RSA_AES_256_CBC_SHA1)
Keeping ciphersuite 00.9c (GNUTLS_RSA_AES_128_GCM_SHA256)
Keeping ciphersuite c0.9c (GNUTLS_RSA_AES_128_CCM)
Keeping ciphersuite 00.2f (GNUTLS_RSA_AES_128_CBC_SHA1)
Keeping ciphersuite 00.9f (GNUTLS_DHE_RSA_AES_256_GCM_SHA384)
Keeping ciphersuite cc.aa (GNUTLS_DHE_RSA_CHACHA20_POLY1305)
Keeping ciphersuite c0.9f (GNUTLS_DHE_RSA_AES_256_CCM)
Keeping ciphersuite 00.39 (GNUTLS_DHE_RSA_AES_256_CBC_SHA1)
Keeping ciphersuite 00.9e (GNUTLS_DHE_RSA_AES_128_GCM_SHA256)
Keeping ciphersuite c0.9e (GNUTLS_DHE_RSA_AES_128_CCM)
Keeping ciphersuite 00.33 (GNUTLS_DHE_RSA_AES_128_CBC_SHA1)
EXT[0x88fb20]: Preparing extension (Maximum Record Size/1) for 'client hello'
EXT[0x88fb20]: Preparing extension (OCSP Status Request/5) for 'client hello'
EXT[0x88fb20]: Sending extension OCSP Status Request/5 (5 bytes)
EXT[0x88fb20]: Preparing extension (Client Certificate Type/19) for 'client hello'
EXT[0x88fb20]: Preparing extension (Server Certificate Type/20) for 'client hello'
EXT[0x88fb20]: Preparing extension (Supported Groups/10) for 'client hello'
EXT[0x88fb20]: Sent group SECP256R1 (0x17)
EXT[0x88fb20]: Sent group SECP384R1 (0x18)
EXT[0x88fb20]: Sent group SECP521R1 (0x19)
EXT[0x88fb20]: Sent group X25519 (0x1d)
EXT[0x88fb20]: Sent group FFDHE2048 (0x100)
EXT[0x88fb20]: Sent group FFDHE3072 (0x101)
EXT[0x88fb20]: Sent group FFDHE4096 (0x102)
EXT[0x88fb20]: Sent group FFDHE6144 (0x103)
EXT[0x88fb20]: Sent group FFDHE8192 (0x104)
EXT[0x88fb20]: Sending extension Supported Groups/10 (20 bytes)
EXT[0x88fb20]: Preparing extension (Supported EC Point Formats/11) for 'client hello'
EXT[0x88fb20]: Sending extension Supported EC Point Formats/11 (2 bytes)
EXT[0x88fb20]: Preparing extension (SRP/12) for 'client hello'
EXT[0x88fb20]: Preparing extension (Signature Algorithms/13) for 'client hello'
EXT[0x88fb20]: sent signature algo (4.1) RSA-SHA256
EXT[0x88fb20]: sent signature algo (8.9) RSA-PSS-SHA256
EXT[0x88fb20]: sent signature algo (8.4) RSA-PSS-RSAE-SHA256
EXT[0x88fb20]: sent signature algo (4.3) ECDSA-SHA256
EXT[0x88fb20]: sent signature algo (8.7) EdDSA-Ed25519
EXT[0x88fb20]: sent signature algo (5.1) RSA-SHA384
EXT[0x88fb20]: sent signature algo (8.10) RSA-PSS-SHA384
EXT[0x88fb20]: sent signature algo (8.5) RSA-PSS-RSAE-SHA384
EXT[0x88fb20]: sent signature algo (5.3) ECDSA-SHA384
EXT[0x88fb20]: sent signature algo (6.1) RSA-SHA512
EXT[0x88fb20]: sent signature algo (8.11) RSA-PSS-SHA512
EXT[0x88fb20]: sent signature algo (8.6) RSA-PSS-RSAE-SHA512
EXT[0x88fb20]: sent signature algo (6.3) ECDSA-SHA512
EXT[0x88fb20]: sent signature algo (2.1) RSA-SHA1
EXT[0x88fb20]: sent signature algo (2.3) ECDSA-SHA1
EXT[0x88fb20]: Sending extension Signature Algorithms/13 (32 bytes)
EXT[0x88fb20]: Preparing extension (SRTP/14) for 'client hello'
EXT[0x88fb20]: Preparing extension (Heartbeat/15) for 'client hello'
EXT[0x88fb20]: Preparing extension (ALPN/16) for 'client hello'
EXT[0x88fb20]: Preparing extension (Encrypt-then-MAC/22) for 'client hello'
EXT[0x88fb20]: Preparing extension (Extended Master Secret/23) for 'client hello'
EXT[0x88fb20]: Preparing extension (Session Ticket/35) for 'client hello'
EXT[0x88fb20]: Sending extension Session Ticket/35 (0 bytes)
EXT[0x88fb20]: Preparing extension (Key Share/51) for 'client hello'
EXT[0x88fb20]: sending key share for SECP256R1
ASSERT: mpi.c[wrap_nettle_mpi_print]:60
ASSERT: mpi.c[wrap_nettle_mpi_print]:60
EXT[0x88fb20]: sending key share for X25519
EXT[0x88fb20]: Sending extension Key Share/51 (107 bytes)
EXT[0x88fb20]: Preparing extension (Supported Versions/43) for 'client hello'
Advertizing version 3.4
Advertizing version 3.3
Advertizing version 3.2
Advertizing version 3.1
EXT[0x88fb20]: Sending extension Supported Versions/43 (9 bytes)
EXT[0x88fb20]: Preparing extension (Post Handshake Auth/49) for 'client hello'
EXT[0x88fb20]: Preparing extension (Safe Renegotiation/65281) for 'client hello'
EXT[0x88fb20]: Sending extension Safe Renegotiation/65281 (1 bytes)
EXT[0x88fb20]: Preparing extension (Server Name Indication/0) for 'client hello'
EXT[0x88fb20]: Preparing extension (Cookie/44) for 'client hello'
EXT[0x88fb20]: Preparing extension (Early Data/42) for 'client hello'
EXT[0x88fb20]: Preparing extension (PSK Key Exchange Modes/45) for 'client hello'
EXT[0x88fb20]: Sending extension PSK Key Exchange Modes/45 (3 bytes)
EXT[0x88fb20]: Preparing extension (Record Size Limit/28) for 'client hello'
EXT[0x88fb20]: Sending extension Record Size Limit/28 (2 bytes)
EXT[0x88fb20]: Preparing extension (ClientHello Padding/21) for 'client hello'
EXT[0x88fb20]: Sending extension ClientHello Padding/21 (184 bytes)
EXT[0x88fb20]: Preparing extension (Pre Shared Key/41) for 'client hello'
HSK[0x88fb20]: CLIENT HELLO was queued [512 bytes]
HWRITE: enqueued [CLIENT HELLO] 512. Total 512 bytes.
HWRITE FLUSH: 512 bytes in buffer.
REC[0x88fb20]: Preparing Packet Handshake(22) with length: 512 and min pad: 0
ENC[0x88fb20]: cipher: NULL, MAC: MAC-NULL, Epoch: 0
WRITE: enqueued 517 bytes for 0x5. Total 517 bytes.
REC[0x88fb20]: Sent Packet[1] Handshake(22) in epoch 0 and length: 517
HWRITE: wrote 1 bytes, 0 bytes left.
WRITE FLUSH: 517 bytes in buffer.
WRITE: wrote 517 bytes, 0 bytes left.
ASSERT: buffers.c[get_last_packet]:1171
ocserv[17291]: main:127.0.0.2:27314 user disconnected (reason: unspecified, rx: 0, tx: 0)
READ: Got 5 bytes from 0x5
READ: read 5 bytes from 0x5
RB: Have 0 bytes into buffer. Adding 5 bytes.
RB: Requested 5 bytes
REC[0x88fb20]: SSL 3.3 Handshake packet received. Epoch 0, length: 123
REC[0x88fb20]: Expected Packet Handshake(22)
REC[0x88fb20]: Received Packet Handshake(22) with length: 123
READ: Got 123 bytes from 0x5
READ: read 123 bytes from 0x5
RB: Have 5 bytes into buffer. Adding 123 bytes.
RB: Requested 128 bytes
REC[0x88fb20]: Decrypted Packet[0] Handshake(22) with length: 123
BUF[REC]: Inserted 123 bytes of Data(22)
HSK[0x88fb20]: SERVER HELLO (2) was received. Length 119[119], frag offset 0, frag length: 119, sequence: 0
ASSERT: buffers.c[get_last_packet]:1162
ASSERT: buffers.c[_gnutls_handshake_io_recv_int]:1413
HSK[0x88fb20]: Server's version: 3.3
EXT[0x88fb20]: Parsing extension 'Supported Versions/43' (2 bytes)
EXT[0x88fb20]: Negotiated version: 3.4
HSK[0x88fb20]: Selected cipher suite: GNUTLS_AES_128_GCM_SHA256
EXT[0x88fb20]: Parsing extension 'Key Share/51' (69 bytes)
HSK[0x88fb20]: Selected group SECP256R1 (2)
EXT[0x88fb20]: client generated SECP256R1 shared key
HWRITE: enqueued [CHANGE CIPHER SPEC] 1. Total 1 bytes.
HWRITE FLUSH: 1 bytes in buffer.
REC[0x88fb20]: Preparing Packet ChangeCipherSpec(20) with length: 1 and min pad: 0
ENC[0x88fb20]: cipher: NULL, MAC: MAC-NULL, Epoch: 0
WRITE: enqueued 6 bytes for 0x5. Total 6 bytes.
REC[0x88fb20]: Sent Packet[2] ChangeCipherSpec(20) in epoch 0 and length: 6
HWRITE: wrote 1 bytes, 0 bytes left.
WRITE FLUSH: 6 bytes in buffer.
WRITE: wrote 6 bytes, 0 bytes left.
REC[0x88fb20]: Sent ChangeCipherSpec
REC[0x88fb20]: Initializing epoch #1
INT: CLIENT WRITE KEY [16]: 73f86e6f268e7dded99c7c07d5b0a63e
INT: SERVER WRITE KEY [16]: 104ff9bd64f9b4a5891faca906db3661
INT: CLIENT WRITE IV [12]: b8469393260bff0742bfe95c
INT: SERVER WRITE IV [12]: 7a12d255072cb07f93d085a1
REC[0x88fb20]: Epoch #1 ready
HSK[0x88fb20]: TLS 1.3 re-key with cipher suite: GNUTLS_AES_128_GCM_SHA256
ASSERT: buffers.c[get_last_packet]:1171
READ: Got 5 bytes from 0x5
READ: read 5 bytes from 0x5
RB: Have 0 bytes into buffer. Adding 5 bytes.
RB: Requested 5 bytes
REC[0x88fb20]: SSL 3.3 ChangeCipherSpec packet received. Epoch 1, length: 1
REC[0x88fb20]: Expected Packet Handshake(22)
REC[0x88fb20]: Received Packet ChangeCipherSpec(20) with length: 1
READ: Got 1 bytes from 0x5
READ: read 1 bytes from 0x5
RB: Have 5 bytes into buffer. Adding 1 bytes.
RB: Requested 6 bytes
discarding change cipher spec in TLS1.3
READ: Got 5 bytes from 0x5
READ: read 5 bytes from 0x5
RB: Have 0 bytes into buffer. Adding 5 bytes.
RB: Requested 5 bytes
REC[0x88fb20]: SSL 3.3 Application Data packet received. Epoch 1, length: 29
REC[0x88fb20]: Expected Packet Handshake(22)
REC[0x88fb20]: Received Packet Application Data(23) with length: 29
READ: Got 29 bytes from 0x5
READ: read 29 bytes from 0x5
RB: Have 5 bytes into buffer. Adding 29 bytes.
RB: Requested 34 bytes
REC[0x88fb20]: Decrypted Packet[0] Handshake(22) with length: 12
BUF[REC]: Inserted 12 bytes of Data(22)
HSK[0x88fb20]: ENCRYPTED EXTENSIONS (8) was received. Length 8[8], frag offset 0, frag length: 8, sequence: 0
HSK[0x88fb20]: parsing encrypted extensions
EXT[0x88fb20]: Parsing extension 'Record Size Limit/28' (2 bytes)
ASSERT: buffers.c[get_last_packet]:1171
READ: Got 5 bytes from 0x5
READ: read 5 bytes from 0x5
RB: Have 0 bytes into buffer. Adding 5 bytes.
RB: Requested 5 bytes
REC[0x88fb20]: SSL 3.3 Application Data packet received. Epoch 1, length: 85
REC[0x88fb20]: Expected Packet Handshake(22)
REC[0x88fb20]: Received Packet Application Data(23) with length: 85
READ: Got 85 bytes from 0x5
READ: read 85 bytes from 0x5
RB: Have 5 bytes into buffer. Adding 85 bytes.
RB: Requested 90 bytes
REC[0x88fb20]: Decrypted Packet[1] Handshake(22) with length: 68
BUF[REC]: Inserted 68 bytes of Data(22)
HSK[0x88fb20]: CERTIFICATE REQUEST (13) was received. Length 64[64], frag offset 0, frag length: 64, sequence: 0
HSK[0x88fb20]: parsing certificate request
EXT[0x88fb20]: rcvd signature algo (4.1) RSA-SHA256
EXT[0x88fb20]: rcvd signature algo (8.9) RSA-PSS-SHA256
EXT[0x88fb20]: rcvd signature algo (8.4) RSA-PSS-RSAE-SHA256
EXT[0x88fb20]: rcvd signature algo (4.3) ECDSA-SECP256R1-SHA256
EXT[0x88fb20]: rcvd signature algo (8.7) EdDSA-Ed25519
EXT[0x88fb20]: rcvd signature algo (5.1) RSA-SHA384
EXT[0x88fb20]: rcvd signature algo (8.10) RSA-PSS-SHA384
EXT[0x88fb20]: rcvd signature algo (8.5) RSA-PSS-RSAE-SHA384
EXT[0x88fb20]: rcvd signature algo (5.3) ECDSA-SECP384R1-SHA384
EXT[0x88fb20]: rcvd signature algo (6.1) RSA-SHA512
EXT[0x88fb20]: rcvd signature algo (8.11) RSA-PSS-SHA512
EXT[0x88fb20]: rcvd signature algo (8.6) RSA-PSS-RSAE-SHA512
EXT[0x88fb20]: rcvd signature algo (6.3) ECDSA-SECP521R1-SHA512
EXT[0x88fb20]: rcvd signature algo (2.1) RSA-SHA1
EXT[0x88fb20]: rcvd signature algo (2.3) ECDSA-SHA1
EXT[0x88fb20]: rcvd signature algo (2.2) (null)
Peer requested CA: CN=CA
ASSERT: buffers.c[get_last_packet]:1171
READ: Got 5 bytes from 0x5
READ: read 5 bytes from 0x5
RB: Have 0 bytes into buffer. Adding 5 bytes.
RB: Requested 5 bytes
REC[0x88fb20]: SSL 3.3 Application Data packet received. Epoch 1, length: 947
REC[0x88fb20]: Expected Packet Handshake(22)
REC[0x88fb20]: Received Packet Application Data(23) with length: 947
READ: Got 947 bytes from 0x5
READ: read 947 bytes from 0x5
RB: Have 5 bytes into buffer. Adding 947 bytes.
RB: Requested 952 bytes
REC[0x88fb20]: Decrypted Packet[2] Handshake(22) with length: 930
BUF[REC]: Inserted 930 bytes of Data(22)
HSK[0x88fb20]: CERTIFICATE (11) was received. Length 926[926], frag offset 0, frag length: 926, sequence: 0
HSK[0x88fb20]: parsing certificate message
ASSERT: buffers.c[get_last_packet]:1171
READ: Got 5 bytes from 0x5
READ: read 5 bytes from 0x5
RB: Have 0 bytes into buffer. Adding 5 bytes.
RB: Requested 5 bytes
REC[0x88fb20]: SSL 3.3 Application Data packet received. Epoch 1, length: 329
REC[0x88fb20]: Expected Packet Handshake(22)
REC[0x88fb20]: Received Packet Application Data(23) with length: 329
READ: Got 329 bytes from 0x5
READ: read 329 bytes from 0x5
RB: Have 5 bytes into buffer. Adding 329 bytes.
RB: Requested 334 bytes
REC[0x88fb20]: Decrypted Packet[3] Handshake(22) with length: 312
BUF[REC]: Inserted 312 bytes of Data(22)
HSK[0x88fb20]: CERTIFICATE VERIFY (15) was received. Length 308[308], frag offset 0, frag length: 308, sequence: 0
HSK[0x88fb20]: Parsing certificate verify
HSK[0x88fb20]: verifying TLS 1.3 handshake data using RSA-PSS-RSAE-SHA256
ASSERT: mpi.c[wrap_nettle_mpi_print]:60
ASSERT: mpi.c[wrap_nettle_mpi_print]:60
ASSERT: ocsp-api.c[gnutls_ocsp_status_request_get2]:99
ASSERT: verify.c[verify_crt]:663
ASSERT: verify.c[verify_crt]:815
ASSERT: verify.c[_gnutls_verify_crt_status]:985
issuer in verification was not found or insecure; trying against trust list
ASSERT: verify.c[verify_crt]:663
ASSERT: verify.c[verify_crt]:815
ASSERT: verify.c[_gnutls_verify_crt_status]:985
ASSERT: verify-high.c[gnutls_x509_trust_list_verify_crt2]:1374
Server certificate verify failed: signer not found
ASSERT: common.c[_gnutls_copy_data]:1611
ASSERT: x509.c[gnutls_x509_crt_export]:2922
ASSERT: buffers.c[get_last_packet]:1171
READ: Got 5 bytes from 0x5
READ: read 5 bytes from 0x5
RB: Have 0 bytes into buffer. Adding 5 bytes.
RB: Requested 5 bytes
REC[0x88fb20]: SSL 3.3 Application Data packet received. Epoch 1, length: 53
REC[0x88fb20]: Expected Packet Handshake(22)
REC[0x88fb20]: Received Packet Application Data(23) with length: 53
READ: Got 53 bytes from 0x5
READ: read 53 bytes from 0x5
RB: Have 5 bytes into buffer. Adding 53 bytes.
RB: Requested 58 bytes
REC[0x88fb20]: Decrypted Packet[4] Handshake(22) with length: 36
BUF[REC]: Inserted 36 bytes of Data(22)
HSK[0x88fb20]: FINISHED (20) was received. Length 32[32], frag offset 0, frag length: 32, sequence: 0
HSK[0x88fb20]: parsing finished
HSK[0x88fb20]: CERTIFICATE was queued [925 bytes]
HWRITE: enqueued [CERTIFICATE] 925. Total 925 bytes.
checking cert compat with RSA-SHA256
ASSERT: signature.c[_gnutls_session_sign_algo_enabled]:365
Signature algorithm RSA-SHA256 is not enabled
checking cert compat with RSA-PSS-SHA256
checking cert compat with RSA-PSS-RSAE-SHA256
HSK[0x88fb20]: signing TLS 1.3 handshake data: using RSA-PSS-RSAE-SHA256 and PRF: SHA256
HSK[0x88fb20]: CERTIFICATE VERIFY was queued [312 bytes]
HWRITE: enqueued [CERTIFICATE VERIFY] 312. Total 1237 bytes.
HSK[0x88fb20]: sending finished
HSK[0x88fb20]: FINISHED was queued [36 bytes]
HWRITE: enqueued [FINISHED] 36. Total 1273 bytes.
HWRITE FLUSH: 1273 bytes in buffer.
REC[0x88fb20]: Preparing Packet Handshake(22) with length: 925 and min pad: 0
ENC[0x88fb20]: cipher: AES-128-GCM, MAC: AEAD, Epoch: 1
WRITE: enqueued 947 bytes for 0x5. Total 947 bytes.
REC[0x88fb20]: Sent Packet[1] Handshake(22) in epoch 1 and length: 947
HWRITE: wrote 1 bytes, 348 bytes left.
REC[0x88fb20]: Preparing Packet Handshake(22) with length: 312 and min pad: 0
ENC[0x88fb20]: cipher: AES-128-GCM, MAC: AEAD, Epoch: 1
WRITE: enqueued 334 bytes for 0x5. Total 1281 bytes.
REC[0x88fb20]: Sent Packet[2] Handshake(22) in epoch 1 and length: 334
HWRITE: wrote 1 bytes, 36 bytes left.
REC[0x88fb20]: Preparing Packet Handshake(22) with length: 36 and min pad: 0
ENC[0x88fb20]: cipher: AES-128-GCM, MAC: AEAD, Epoch: 1
WRITE: enqueued 58 bytes for 0x5. Total 1339 bytes.
REC[0x88fb20]: Sent Packet[3] Handshake(22) in epoch 1 and length: 58
HWRITE: wrote 1 bytes, 0 bytes left.
WRITE FLUSH: 1339 bytes in buffer.
WRITE: wrote 1339 bytes, 0 bytes left.
ASSERT: constate.c[_gnutls_epoch_get]:901
REC[0x88fb20]: Allocating epoch #2
REC[0x88fb20]: Initializing epoch #2
INT: CLIENT WRITE KEY [16]: 308b19f6f2c08bc1cb58dc66f47df6fa
INT: SERVER WRITE KEY [16]: a2ac5fe4c051635d23e65b9912b4ad3b
INT: CLIENT WRITE IV [12]: 950d8ca3b1614a3b428e463c
INT: SERVER WRITE IV [12]: daf65ec553f82cfc771ea0be
REC[0x88fb20]: Epoch #2 ready
HSK[0x88fb20]: TLS 1.3 re-key with cipher suite: GNUTLS_AES_128_GCM_SHA256
BUF[HSK]: Emptied buffer
BUF[HSK]: Emptied buffer
REC[0x88fb20]: Start of epoch cleanup
REC[0x88fb20]: Epoch #0 freed
REC[0x88fb20]: Epoch #1 freed
REC[0x88fb20]: End of epoch cleanup
Connected to HTTPS on 127.0.0.2
REC[0x88fb20]: Preparing Packet Application Data(23) with length: 579 and min pad: 0
ENC[0x88fb20]: cipher: AES-128-GCM, MAC: AEAD, Epoch: 2
WRITE: enqueued 601 bytes for 0x5. Total 601 bytes.
WRITE FLUSH: 601 bytes in buffer.
WRITE: wrote 601 bytes, 0 bytes left.
REC[0x88fb20]: Sent Packet[1] Application Data(23) in epoch 2 and length: 601
READ: -1 returned from 0x5, errno=11 gerrno=0
ASSERT: buffers.c[_gnutls_io_read_buffered]:589
ASSERT: record.c[_gnutls_recv_int]:1759
ocserv[17329]: worker:  client certificate verification succeeded
ocserv[17293]: sec-mod: using 'certificate+plain' authentication to authenticate user (session: VwJXlc)
READ: Got 5 bytes from 0x5
READ: read 5 bytes from 0x5
RB: Have 0 bytes into buffer. Adding 5 bytes.
RB: Requested 5 bytes
REC[0x88fb20]: SSL 3.3 Application Data packet received. Epoch 2, length: 508
REC[0x88fb20]: Expected Packet Application Data(23)
REC[0x88fb20]: Received Packet Application Data(23) with length: 508
READ: Got 508 bytes from 0x5
READ: read 508 bytes from 0x5
RB: Have 5 bytes into buffer. Adding 508 bytes.
RB: Requested 513 bytes
REC[0x88fb20]: Decrypted Packet[0] Application Data(23) with length: 491
BUF[REC]: Inserted 491 bytes of Data(23)
Got HTTP response: HTTP/1.1 200 OK
Set-Cookie: webvpncontext=Ow7Qvzvu3n7Nr4kdyncK4uV7cStCC74/D/utu1sSacw=; Max-Age=120; Secure
Content-Type: text/xml
Content-Length: 310
X-Transcend-Version: 1
HTTP body length:  (310)
Please enter your password.
POST https://127.0.0.2/auth
REC[0x88fb20]: Preparing Packet Application Data(23) with length: 647 and min pad: 0
ENC[0x88fb20]: cipher: AES-128-GCM, MAC: AEAD, Epoch: 2
WRITE: enqueued 669 bytes for 0x5. Total 669 bytes.
WRITE FLUSH: 669 bytes in buffer.
WRITE: wrote 669 bytes, 0 bytes left.
REC[0x88fb20]: Sent Packet[2] Application Data(23) in epoch 2 and length: 669
READ: -1 returned from 0x5, errno=11 gerrno=0
ASSERT: buffers.c[_gnutls_io_read_buffered]:589
ASSERT: record.c[_gnutls_recv_int]:1759
READ: Got 5 bytes from 0x5
READ: read 5 bytes from 0x5
RB: Have 0 bytes into buffer. Adding 5 bytes.
RB: Requested 5 bytes
REC[0x88fb20]: SSL 3.3 Application Data packet received. Epoch 2, length: 644
REC[0x88fb20]: Expected Packet Application Data(23)
REC[0x88fb20]: Received Packet Application Data(23) with length: 644
READ: Got 644 bytes from 0x5
READ: read 644 bytes from 0x5
RB: Have 5 bytes into buffer. Adding 644 bytes.
RB: Requested 649 bytes
REC[0x88fb20]: Decrypted Packet[1] Application Data(23) with length: 627
BUF[REC]: Inserted 627 bytes of Data(23)
Got HTTP response: HTTP/1.1 200 OK
Connection: Keep-Alive
Content-Type: text/xml
Content-Length: 189
X-Transcend-Version: 1
Set-Cookie: webvpncontext=Ow7Qvzvu3n7Nr4kdyncK4uV7cStCC74/D/utu1sSacw=; Secure
Set-Cookie: webvpn=<elided>; Secure
Set-Cookie: webvpnc=; expires=Thu, 01 Jan 1970 22:00:00 GMT; path=/; Secure
Set-Cookie: webvpnc=bu:/&p:t&iu:1/&sh:D66B507AE074D03B02EAFCA40D35F87DD81049D3; path=/; Secure
HTTP body length:  (189)
BUF[HSK]: Emptied buffer
REC[0x88fb20]: Start of epoch cleanup
REC[0x88fb20]: End of epoch cleanup
REC[0x88fb20]: Epoch #2 freed
ocserv[17291]: main:127.0.0.2:27315 user disconnected (reason: unspecified, rx: 0, tx: 0)
COOKIE='Ow7Qvzvu3n7Nr4kdyncK4uV7cStCC74/D/utu1sSacw='
HOST='127.0.0.2'
FINGERPRINT='pin-sha256:xp3scfzy3rOQsv9NcOve/8YVVv+pHr4qNCXEXrNl5s8='
Connecting to obtain cookie (token openconnect-test key object=EC)... POST https://127.0.0.2/
Attempting to connect to server 127.0.0.2:443
Connected to 127.0.0.2:443
Using PKCS#11 certificate pkcs11:token=openconnect-test;object=EC;type=cert?pin-value=1234
Initializing all PKCS #11 modules
p11: Initializing module: p11-kit-trust
p11: Initializing module: softhsm2
ASSERT: pkcs11.c[compat_load]:889
p11: No login requested.
ASSERT: common.c[_gnutls_x509_get_raw_field2]:1570
ASSERT: x509.c[gnutls_x509_crt_get_subject_unique_id]:3902
ASSERT: x509.c[gnutls_x509_crt_get_issuer_unique_id]:3952
Trying PKCS#11 key URL pkcs11:token=openconnect-test;object=EC;type=private?pin-value=1234
p11: Using pin-value to retrieve PIN
p11: Login result = ok (0)
Using PKCS#11 key pkcs11:token=openconnect-test;object=EC;type=private?pin-value=1234
Using client certificate 'A user'
ASSERT: x509.c[gnutls_x509_crt_get_authority_key_id]:1490
p11: No login requested.
ASSERT: pkcs11.c[find_cert_cb]:4206
ASSERT: pkcs11.c[find_cert_cb]:4031
p11: No login requested.
ASSERT: pkcs11.c[find_cert_cb]:4206
ASSERT: pkcs11.c[find_cert_cb]:4031
ASSERT: pkcs11.c[gnutls_pkcs11_get_raw_issuer]:4302
Got no issuer from PKCS#11
ASSERT: common.c[_gnutls_x509_get_raw_field2]:1570
ASSERT: x509.c[gnutls_x509_crt_get_subject_unique_id]:3902
ASSERT: x509.c[gnutls_x509_crt_get_issuer_unique_id]:3952
ASSERT: x509_ext.c[gnutls_subject_alt_names_get]:110
ASSERT: x509.c[get_alt_name]:1815
REC[0xe98900]: Allocating epoch #0
added 6 protocols, 29 ciphersuites, 18 sig algos and 9 groups into priority list
SSL negotiation with 127.0.0.2
REC[0xe98900]: Allocating epoch #1
HSK[0xe98900]: Adv. version: 3.3
Keeping ciphersuite 13.02 (GNUTLS_AES_256_GCM_SHA384)
Keeping ciphersuite 13.03 (GNUTLS_CHACHA20_POLY1305_SHA256)
Keeping ciphersuite 13.01 (GNUTLS_AES_128_GCM_SHA256)
Keeping ciphersuite 13.04 (GNUTLS_AES_128_CCM_SHA256)
Keeping ciphersuite c0.2c (GNUTLS_ECDHE_ECDSA_AES_256_GCM_SHA384)
Keeping ciphersuite cc.a9 (GNUTLS_ECDHE_ECDSA_CHACHA20_POLY1305)
Keeping ciphersuite c0.ad (GNUTLS_ECDHE_ECDSA_AES_256_CCM)
Keeping ciphersuite c0.0a (GNUTLS_ECDHE_ECDSA_AES_256_CBC_SHA1)
Keeping ciphersuite c0.2b (GNUTLS_ECDHE_ECDSA_AES_128_GCM_SHA256)
Keeping ciphersuite c0.ac (GNUTLS_ECDHE_ECDSA_AES_128_CCM)
Keeping ciphersuite c0.09 (GNUTLS_ECDHE_ECDSA_AES_128_CBC_SHA1)
Keeping ciphersuite c0.30 (GNUTLS_ECDHE_RSA_AES_256_GCM_SHA384)
Keeping ciphersuite cc.a8 (GNUTLS_ECDHE_RSA_CHACHA20_POLY1305)
Keeping ciphersuite c0.14 (GNUTLS_ECDHE_RSA_AES_256_CBC_SHA1)
Keeping ciphersuite c0.2f (GNUTLS_ECDHE_RSA_AES_128_GCM_SHA256)
Keeping ciphersuite c0.13 (GNUTLS_ECDHE_RSA_AES_128_CBC_SHA1)
Keeping ciphersuite 00.9d (GNUTLS_RSA_AES_256_GCM_SHA384)
Keeping ciphersuite c0.9d (GNUTLS_RSA_AES_256_CCM)
Keeping ciphersuite 00.35 (GNUTLS_RSA_AES_256_CBC_SHA1)
Keeping ciphersuite 00.9c (GNUTLS_RSA_AES_128_GCM_SHA256)
Keeping ciphersuite c0.9c (GNUTLS_RSA_AES_128_CCM)
Keeping ciphersuite 00.2f (GNUTLS_RSA_AES_128_CBC_SHA1)
Keeping ciphersuite 00.9f (GNUTLS_DHE_RSA_AES_256_GCM_SHA384)
Keeping ciphersuite cc.aa (GNUTLS_DHE_RSA_CHACHA20_POLY1305)
Keeping ciphersuite c0.9f (GNUTLS_DHE_RSA_AES_256_CCM)
Keeping ciphersuite 00.39 (GNUTLS_DHE_RSA_AES_256_CBC_SHA1)
Keeping ciphersuite 00.9e (GNUTLS_DHE_RSA_AES_128_GCM_SHA256)
Keeping ciphersuite c0.9e (GNUTLS_DHE_RSA_AES_128_CCM)
Keeping ciphersuite 00.33 (GNUTLS_DHE_RSA_AES_128_CBC_SHA1)
EXT[0xe98900]: Preparing extension (Maximum Record Size/1) for 'client hello'
EXT[0xe98900]: Preparing extension (OCSP Status Request/5) for 'client hello'
EXT[0xe98900]: Sending extension OCSP Status Request/5 (5 bytes)
EXT[0xe98900]: Preparing extension (Client Certificate Type/19) for 'client hello'
EXT[0xe98900]: Preparing extension (Server Certificate Type/20) for 'client hello'
EXT[0xe98900]: Preparing extension (Supported Groups/10) for 'client hello'
EXT[0xe98900]: Sent group SECP256R1 (0x17)
EXT[0xe98900]: Sent group SECP384R1 (0x18)
EXT[0xe98900]: Sent group SECP521R1 (0x19)
EXT[0xe98900]: Sent group X25519 (0x1d)
EXT[0xe98900]: Sent group FFDHE2048 (0x100)
EXT[0xe98900]: Sent group FFDHE3072 (0x101)
EXT[0xe98900]: Sent group FFDHE4096 (0x102)
EXT[0xe98900]: Sent group FFDHE6144 (0x103)
EXT[0xe98900]: Sent group FFDHE8192 (0x104)
EXT[0xe98900]: Sending extension Supported Groups/10 (20 bytes)
EXT[0xe98900]: Preparing extension (Supported EC Point Formats/11) for 'client hello'
EXT[0xe98900]: Sending extension Supported EC Point Formats/11 (2 bytes)
EXT[0xe98900]: Preparing extension (SRP/12) for 'client hello'
EXT[0xe98900]: Preparing extension (Signature Algorithms/13) for 'client hello'
EXT[0xe98900]: sent signature algo (4.1) RSA-SHA256
EXT[0xe98900]: sent signature algo (8.9) RSA-PSS-SHA256
EXT[0xe98900]: sent signature algo (8.4) RSA-PSS-RSAE-SHA256
EXT[0xe98900]: sent signature algo (4.3) ECDSA-SHA256
EXT[0xe98900]: sent signature algo (8.7) EdDSA-Ed25519
EXT[0xe98900]: sent signature algo (5.1) RSA-SHA384
EXT[0xe98900]: sent signature algo (8.10) RSA-PSS-SHA384
EXT[0xe98900]: sent signature algo (8.5) RSA-PSS-RSAE-SHA384
EXT[0xe98900]: sent signature algo (5.3) ECDSA-SHA384
EXT[0xe98900]: sent signature algo (6.1) RSA-SHA512
EXT[0xe98900]: sent signature algo (8.11) RSA-PSS-SHA512
EXT[0xe98900]: sent signature algo (8.6) RSA-PSS-RSAE-SHA512
EXT[0xe98900]: sent signature algo (6.3) ECDSA-SHA512
EXT[0xe98900]: sent signature algo (2.1) RSA-SHA1
EXT[0xe98900]: sent signature algo (2.3) ECDSA-SHA1
EXT[0xe98900]: Sending extension Signature Algorithms/13 (32 bytes)
EXT[0xe98900]: Preparing extension (SRTP/14) for 'client hello'
EXT[0xe98900]: Preparing extension (Heartbeat/15) for 'client hello'
EXT[0xe98900]: Preparing extension (ALPN/16) for 'client hello'
EXT[0xe98900]: Preparing extension (Encrypt-then-MAC/22) for 'client hello'
EXT[0xe98900]: Preparing extension (Extended Master Secret/23) for 'client hello'
EXT[0xe98900]: Preparing extension (Session Ticket/35) for 'client hello'
EXT[0xe98900]: Sending extension Session Ticket/35 (0 bytes)
EXT[0xe98900]: Preparing extension (Key Share/51) for 'client hello'
EXT[0xe98900]: sending key share for SECP256R1
ASSERT: mpi.c[wrap_nettle_mpi_print]:60
ASSERT: mpi.c[wrap_nettle_mpi_print]:60
EXT[0xe98900]: sending key share for X25519
EXT[0xe98900]: Sending extension Key Share/51 (107 bytes)
EXT[0xe98900]: Preparing extension (Supported Versions/43) for 'client hello'
Advertizing version 3.4
Advertizing version 3.3
Advertizing version 3.2
Advertizing version 3.1
EXT[0xe98900]: Sending extension Supported Versions/43 (9 bytes)
EXT[0xe98900]: Preparing extension (Post Handshake Auth/49) for 'client hello'
EXT[0xe98900]: Preparing extension (Safe Renegotiation/65281) for 'client hello'
EXT[0xe98900]: Sending extension Safe Renegotiation/65281 (1 bytes)
EXT[0xe98900]: Preparing extension (Server Name Indication/0) for 'client hello'
EXT[0xe98900]: Preparing extension (Cookie/44) for 'client hello'
EXT[0xe98900]: Preparing extension (Early Data/42) for 'client hello'
EXT[0xe98900]: Preparing extension (PSK Key Exchange Modes/45) for 'client hello'
EXT[0xe98900]: Sending extension PSK Key Exchange Modes/45 (3 bytes)
EXT[0xe98900]: Preparing extension (Record Size Limit/28) for 'client hello'
EXT[0xe98900]: Sending extension Record Size Limit/28 (2 bytes)
EXT[0xe98900]: Preparing extension (ClientHello Padding/21) for 'client hello'
EXT[0xe98900]: Sending extension ClientHello Padding/21 (184 bytes)
EXT[0xe98900]: Preparing extension (Pre Shared Key/41) for 'client hello'
HSK[0xe98900]: CLIENT HELLO was queued [512 bytes]
HWRITE: enqueued [CLIENT HELLO] 512. Total 512 bytes.
HWRITE FLUSH: 512 bytes in buffer.
REC[0xe98900]: Preparing Packet Handshake(22) with length: 512 and min pad: 0
ENC[0xe98900]: cipher: NULL, MAC: MAC-NULL, Epoch: 0
WRITE: enqueued 517 bytes for 0x5. Total 517 bytes.
REC[0xe98900]: Sent Packet[1] Handshake(22) in epoch 0 and length: 517
HWRITE: wrote 1 bytes, 0 bytes left.
WRITE FLUSH: 517 bytes in buffer.
WRITE: wrote 517 bytes, 0 bytes left.
ASSERT: buffers.c[get_last_packet]:1171
READ: Got 5 bytes from 0x5
READ: read 5 bytes from 0x5
RB: Have 0 bytes into buffer. Adding 5 bytes.
RB: Requested 5 bytes
REC[0xe98900]: SSL 3.3 Handshake packet received. Epoch 0, length: 123
REC[0xe98900]: Expected Packet Handshake(22)
REC[0xe98900]: Received Packet Handshake(22) with length: 123
READ: Got 123 bytes from 0x5
READ: read 123 bytes from 0x5
RB: Have 5 bytes into buffer. Adding 123 bytes.
RB: Requested 128 bytes
REC[0xe98900]: Decrypted Packet[0] Handshake(22) with length: 123
BUF[REC]: Inserted 123 bytes of Data(22)
HSK[0xe98900]: SERVER HELLO (2) was received. Length 119[119], frag offset 0, frag length: 119, sequence: 0
ASSERT: buffers.c[get_last_packet]:1162
ASSERT: buffers.c[_gnutls_handshake_io_recv_int]:1413
HSK[0xe98900]: Server's version: 3.3
EXT[0xe98900]: Parsing extension 'Supported Versions/43' (2 bytes)
EXT[0xe98900]: Negotiated version: 3.4
HSK[0xe98900]: Selected cipher suite: GNUTLS_AES_128_GCM_SHA256
EXT[0xe98900]: Parsing extension 'Key Share/51' (69 bytes)
HSK[0xe98900]: Selected group SECP256R1 (2)
EXT[0xe98900]: client generated SECP256R1 shared key
HWRITE: enqueued [CHANGE CIPHER SPEC] 1. Total 1 bytes.
HWRITE FLUSH: 1 bytes in buffer.
REC[0xe98900]: Preparing Packet ChangeCipherSpec(20) with length: 1 and min pad: 0
ENC[0xe98900]: cipher: NULL, MAC: MAC-NULL, Epoch: 0
WRITE: enqueued 6 bytes for 0x5. Total 6 bytes.
REC[0xe98900]: Sent Packet[2] ChangeCipherSpec(20) in epoch 0 and length: 6
HWRITE: wrote 1 bytes, 0 bytes left.
WRITE FLUSH: 6 bytes in buffer.
WRITE: wrote 6 bytes, 0 bytes left.
REC[0xe98900]: Sent ChangeCipherSpec
REC[0xe98900]: Initializing epoch #1
INT: CLIENT WRITE KEY [16]: c1d2281a3144daf0f3e1fd1354b2e524
INT: SERVER WRITE KEY [16]: 4f4a98bbb84b2b0e6d1bd37a6c0c4a7e
INT: CLIENT WRITE IV [12]: e1c627fa94bf74f8c9b16bf6
INT: SERVER WRITE IV [12]: c68d889f265d4c3da4d27e27
REC[0xe98900]: Epoch #1 ready
HSK[0xe98900]: TLS 1.3 re-key with cipher suite: GNUTLS_AES_128_GCM_SHA256
ASSERT: buffers.c[get_last_packet]:1171
READ: Got 5 bytes from 0x5
READ: read 5 bytes from 0x5
RB: Have 0 bytes into buffer. Adding 5 bytes.
RB: Requested 5 bytes
REC[0xe98900]: SSL 3.3 ChangeCipherSpec packet received. Epoch 1, length: 1
REC[0xe98900]: Expected Packet Handshake(22)
REC[0xe98900]: Received Packet ChangeCipherSpec(20) with length: 1
READ: Got 1 bytes from 0x5
READ: read 1 bytes from 0x5
RB: Have 5 bytes into buffer. Adding 1 bytes.
RB: Requested 6 bytes
discarding change cipher spec in TLS1.3
READ: Got 5 bytes from 0x5
READ: read 5 bytes from 0x5
RB: Have 0 bytes into buffer. Adding 5 bytes.
RB: Requested 5 bytes
REC[0xe98900]: SSL 3.3 Application Data packet received. Epoch 1, length: 29
REC[0xe98900]: Expected Packet Handshake(22)
REC[0xe98900]: Received Packet Application Data(23) with length: 29
READ: Got 29 bytes from 0x5
READ: read 29 bytes from 0x5
RB: Have 5 bytes into buffer. Adding 29 bytes.
RB: Requested 34 bytes
REC[0xe98900]: Decrypted Packet[0] Handshake(22) with length: 12
BUF[REC]: Inserted 12 bytes of Data(22)
HSK[0xe98900]: ENCRYPTED EXTENSIONS (8) was received. Length 8[8], frag offset 0, frag length: 8, sequence: 0
HSK[0xe98900]: parsing encrypted extensions
EXT[0xe98900]: Parsing extension 'Record Size Limit/28' (2 bytes)
ASSERT: buffers.c[get_last_packet]:1171
READ: Got 5 bytes from 0x5
READ: read 5 bytes from 0x5
RB: Have 0 bytes into buffer. Adding 5 bytes.
RB: Requested 5 bytes
REC[0xe98900]: SSL 3.3 Application Data packet received. Epoch 1, length: 85
REC[0xe98900]: Expected Packet Handshake(22)
REC[0xe98900]: Received Packet Application Data(23) with length: 85
READ: Got 85 bytes from 0x5
READ: read 85 bytes from 0x5
RB: Have 5 bytes into buffer. Adding 85 bytes.
RB: Requested 90 bytes
REC[0xe98900]: Decrypted Packet[1] Handshake(22) with length: 68
BUF[REC]: Inserted 68 bytes of Data(22)
HSK[0xe98900]: CERTIFICATE REQUEST (13) was received. Length 64[64], frag offset 0, frag length: 64, sequence: 0
HSK[0xe98900]: parsing certificate request
EXT[0xe98900]: rcvd signature algo (4.1) RSA-SHA256
EXT[0xe98900]: rcvd signature algo (8.9) RSA-PSS-SHA256
EXT[0xe98900]: rcvd signature algo (8.4) RSA-PSS-RSAE-SHA256
EXT[0xe98900]: rcvd signature algo (4.3) ECDSA-SECP256R1-SHA256
EXT[0xe98900]: rcvd signature algo (8.7) EdDSA-Ed25519
EXT[0xe98900]: rcvd signature algo (5.1) RSA-SHA384
EXT[0xe98900]: rcvd signature algo (8.10) RSA-PSS-SHA384
EXT[0xe98900]: rcvd signature algo (8.5) RSA-PSS-RSAE-SHA384
EXT[0xe98900]: rcvd signature algo (5.3) ECDSA-SECP384R1-SHA384
EXT[0xe98900]: rcvd signature algo (6.1) RSA-SHA512
EXT[0xe98900]: rcvd signature algo (8.11) RSA-PSS-SHA512
EXT[0xe98900]: rcvd signature algo (8.6) RSA-PSS-RSAE-SHA512
EXT[0xe98900]: rcvd signature algo (6.3) ECDSA-SECP521R1-SHA512
EXT[0xe98900]: rcvd signature algo (2.1) RSA-SHA1
EXT[0xe98900]: rcvd signature algo (2.3) ECDSA-SHA1
EXT[0xe98900]: rcvd signature algo (2.2) (null)
Peer requested CA: CN=CA
ASSERT: buffers.c[get_last_packet]:1171
READ: Got 5 bytes from 0x5
READ: read 5 bytes from 0x5
RB: Have 0 bytes into buffer. Adding 5 bytes.
RB: Requested 5 bytes
REC[0xe98900]: SSL 3.3 Application Data packet received. Epoch 1, length: 947
REC[0xe98900]: Expected Packet Handshake(22)
REC[0xe98900]: Received Packet Application Data(23) with length: 947
READ: Got 947 bytes from 0x5
READ: read 947 bytes from 0x5
RB: Have 5 bytes into buffer. Adding 947 bytes.
RB: Requested 952 bytes
REC[0xe98900]: Decrypted Packet[2] Handshake(22) with length: 930
BUF[REC]: Inserted 930 bytes of Data(22)
HSK[0xe98900]: CERTIFICATE (11) was received. Length 926[926], frag offset 0, frag length: 926, sequence: 0
HSK[0xe98900]: parsing certificate message
ASSERT: buffers.c[get_last_packet]:1171
READ: Got 5 bytes from 0x5
READ: read 5 bytes from 0x5
RB: Have 0 bytes into buffer. Adding 5 bytes.
RB: Requested 5 bytes
REC[0xe98900]: SSL 3.3 Application Data packet received. Epoch 1, length: 329
REC[0xe98900]: Expected Packet Handshake(22)
REC[0xe98900]: Received Packet Application Data(23) with length: 329
READ: Got 329 bytes from 0x5
READ: read 329 bytes from 0x5
RB: Have 5 bytes into buffer. Adding 329 bytes.
RB: Requested 334 bytes
REC[0xe98900]: Decrypted Packet[3] Handshake(22) with length: 312
BUF[REC]: Inserted 312 bytes of Data(22)
HSK[0xe98900]: CERTIFICATE VERIFY (15) was received. Length 308[308], frag offset 0, frag length: 308, sequence: 0
HSK[0xe98900]: Parsing certificate verify
HSK[0xe98900]: verifying TLS 1.3 handshake data using RSA-PSS-RSAE-SHA256
ASSERT: mpi.c[wrap_nettle_mpi_print]:60
ASSERT: mpi.c[wrap_nettle_mpi_print]:60
ASSERT: ocsp-api.c[gnutls_ocsp_status_request_get2]:99
ASSERT: verify.c[verify_crt]:663
ASSERT: verify.c[verify_crt]:815
ASSERT: verify.c[_gnutls_verify_crt_status]:985
issuer in verification was not found or insecure; trying against trust list
ASSERT: verify.c[verify_crt]:663
ASSERT: verify.c[verify_crt]:815
ASSERT: verify.c[_gnutls_verify_crt_status]:985
ASSERT: verify-high.c[gnutls_x509_trust_list_verify_crt2]:1374
Server certificate verify failed: signer not found
ASSERT: common.c[_gnutls_copy_data]:1611
ASSERT: x509.c[gnutls_x509_crt_export]:2922
ASSERT: buffers.c[get_last_packet]:1171
READ: Got 5 bytes from 0x5
READ: read 5 bytes from 0x5
RB: Have 0 bytes into buffer. Adding 5 bytes.
RB: Requested 5 bytes
REC[0xe98900]: SSL 3.3 Application Data packet received. Epoch 1, length: 53
REC[0xe98900]: Expected Packet Handshake(22)
REC[0xe98900]: Received Packet Application Data(23) with length: 53
READ: Got 53 bytes from 0x5
READ: read 53 bytes from 0x5
RB: Have 5 bytes into buffer. Adding 53 bytes.
RB: Requested 58 bytes
REC[0xe98900]: Decrypted Packet[4] Handshake(22) with length: 36
BUF[REC]: Inserted 36 bytes of Data(22)
HSK[0xe98900]: FINISHED (20) was received. Length 32[32], frag offset 0, frag length: 32, sequence: 0
HSK[0xe98900]: parsing finished
HSK[0xe98900]: CERTIFICATE was queued [544 bytes]
HWRITE: enqueued [CERTIFICATE] 544. Total 544 bytes.
checking cert compat with RSA-SHA256
cannot use privkey of EC/ECDSA with RSA-SHA256
checking cert compat with RSA-PSS-SHA256
cannot use privkey of EC/ECDSA with RSA-PSS-SHA256
checking cert compat with RSA-PSS-RSAE-SHA256
cannot use privkey of EC/ECDSA with RSA-PSS-RSAE-SHA256
checking cert compat with ECDSA-SECP256R1-SHA256
HSK[0xe98900]: signing TLS 1.3 handshake data: using ECDSA-SECP256R1-SHA256 and PRF: SHA256
HSK[0xe98900]: CERTIFICATE VERIFY was queued [78 bytes]
HWRITE: enqueued [CERTIFICATE VERIFY] 78. Total 622 bytes.
HSK[0xe98900]: sending finished
HSK[0xe98900]: FINISHED was queued [36 bytes]
HWRITE: enqueued [FINISHED] 36. Total 658 bytes.
HWRITE FLUSH: 658 bytes in buffer.
REC[0xe98900]: Preparing Packet Handshake(22) with length: 544 and min pad: 0
ENC[0xe98900]: cipher: AES-128-GCM, MAC: AEAD, Epoch: 1
WRITE: enqueued 566 bytes for 0x5. Total 566 bytes.
REC[0xe98900]: Sent Packet[1] Handshake(22) in epoch 1 and length: 566
HWRITE: wrote 1 bytes, 114 bytes left.
REC[0xe98900]: Preparing Packet Handshake(22) with length: 78 and min pad: 0
ENC[0xe98900]: cipher: AES-128-GCM, MAC: AEAD, Epoch: 1
WRITE: enqueued 100 bytes for 0x5. Total 666 bytes.
REC[0xe98900]: Sent Packet[2] Handshake(22) in epoch 1 and length: 100
HWRITE: wrote 1 bytes, 36 bytes left.
REC[0xe98900]: Preparing Packet Handshake(22) with length: 36 and min pad: 0
ENC[0xe98900]: cipher: AES-128-GCM, MAC: AEAD, Epoch: 1
WRITE: enqueued 58 bytes for 0x5. Total 724 bytes.
REC[0xe98900]: Sent Packet[3] Handshake(22) in epoch 1 and length: 58
HWRITE: wrote 1 bytes, 0 bytes left.
WRITE FLUSH: 724 bytes in buffer.
WRITE: wrote 724 bytes, 0 bytes left.
ASSERT: constate.c[_gnutls_epoch_get]:901
REC[0xe98900]: Allocating epoch #2
REC[0xe98900]: Initializing epoch #2
INT: CLIENT WRITE KEY [16]: 86c8eb8dbf73ff966ecf0bd53d90acc4
INT: SERVER WRITE KEY [16]: 2aba3a581759fc4b72d8cfb0e935282b
INT: CLIENT WRITE IV [12]: 97b7ffdc668e37d77fc1a8f9
INT: SERVER WRITE IV [12]: 50cac66572f26150df6dd062
REC[0xe98900]: Epoch #2 ready
HSK[0xe98900]: TLS 1.3 re-key with cipher suite: GNUTLS_AES_128_GCM_SHA256
BUF[HSK]: Emptied buffer
BUF[HSK]: Emptied buffer
REC[0xe98900]: Start of epoch cleanup
REC[0xe98900]: Epoch #0 freed
REC[0xe98900]: Epoch #1 freed
REC[0xe98900]: End of epoch cleanup
Connected to HTTPS on 127.0.0.2
REC[0xe98900]: Preparing Packet Application Data(23) with length: 575 and min pad: 0
ENC[0xe98900]: cipher: AES-128-GCM, MAC: AEAD, Epoch: 2
WRITE: enqueued 597 bytes for 0x5. Total 597 bytes.
WRITE FLUSH: 597 bytes in buffer.
WRITE: wrote 597 bytes, 0 bytes left.
REC[0xe98900]: Sent Packet[1] Application Data(23) in epoch 2 and length: 597
READ: -1 returned from 0x5, errno=11 gerrno=0
ASSERT: buffers.c[_gnutls_io_read_buffered]:589
ASSERT: record.c[_gnutls_recv_int]:1759
ocserv[17346]: worker:  client certificate verification succeeded
READ: Got 5 bytes from 0x5
READ: read 5 bytes from 0x5
RB: Have 0 bytes into buffer. Adding 5 bytes.
RB: Requested 5 bytes
REC[0xe98900]: SSL 3.3 Application Data packet received. Epoch 2, length: 494
REC[0xe98900]: Expected Packet Application Data(23)
REC[0xe98900]: Received Packet Application Data(23) with length: 494
READ: Got 494 bytes from 0x5
READ: read 494 bytes from 0x5
RB: Have 5 bytes into buffer. Adding 494 bytes.
RB: Requested 499 bytes
REC[0xe98900]: Decrypted Packet[0] Application Data(23) with length: 477
BUF[REC]: Inserted 477 bytes of Data(23)
Got HTTP response: HTTP/1.1 200 OK
Set-Cookie: webvpncontext=; expires=Thu, 01 Jan 1970 22:00:00 GMT; path=/; Secure
Content-Type: text/xml
Content-Length: 306
X-Transcend-Version: 1
HTTP body length:  (306)
BUF[HSK]: Emptied buffer
REC[0xe98900]: Start of epoch cleanup
REC[0xe98900]: End of epoch cleanup
REC[0xe98900]: Epoch #2 freed
XML POST enabled
Please enter your username.
POST https://127.0.0.2/auth
REC[0xea1c80]: Allocating epoch #0
added 6 protocols, 29 ciphersuites, 18 sig algos and 9 groups into priority list
SSL negotiation with 127.0.0.2
REC[0xea1c80]: Allocating epoch #1
HSK[0xea1c80]: Adv. version: 3.3
Keeping ciphersuite 13.02 (GNUTLS_AES_256_GCM_SHA384)
Keeping ciphersuite 13.03 (GNUTLS_CHACHA20_POLY1305_SHA256)
Keeping ciphersuite 13.01 (GNUTLS_AES_128_GCM_SHA256)
Keeping ciphersuite 13.04 (GNUTLS_AES_128_CCM_SHA256)
Keeping ciphersuite c0.2c (GNUTLS_ECDHE_ECDSA_AES_256_GCM_SHA384)
Keeping ciphersuite cc.a9 (GNUTLS_ECDHE_ECDSA_CHACHA20_POLY1305)
Keeping ciphersuite c0.ad (GNUTLS_ECDHE_ECDSA_AES_256_CCM)
Keeping ciphersuite c0.0a (GNUTLS_ECDHE_ECDSA_AES_256_CBC_SHA1)
Keeping ciphersuite c0.2b (GNUTLS_ECDHE_ECDSA_AES_128_GCM_SHA256)
Keeping ciphersuite c0.ac (GNUTLS_ECDHE_ECDSA_AES_128_CCM)
Keeping ciphersuite c0.09 (GNUTLS_ECDHE_ECDSA_AES_128_CBC_SHA1)
Keeping ciphersuite c0.30 (GNUTLS_ECDHE_RSA_AES_256_GCM_SHA384)
Keeping ciphersuite cc.a8 (GNUTLS_ECDHE_RSA_CHACHA20_POLY1305)
Keeping ciphersuite c0.14 (GNUTLS_ECDHE_RSA_AES_256_CBC_SHA1)
Keeping ciphersuite c0.2f (GNUTLS_ECDHE_RSA_AES_128_GCM_SHA256)
Keeping ciphersuite c0.13 (GNUTLS_ECDHE_RSA_AES_128_CBC_SHA1)
Keeping ciphersuite 00.9d (GNUTLS_RSA_AES_256_GCM_SHA384)
Keeping ciphersuite c0.9d (GNUTLS_RSA_AES_256_CCM)
Keeping ciphersuite 00.35 (GNUTLS_RSA_AES_256_CBC_SHA1)
Keeping ciphersuite 00.9c (GNUTLS_RSA_AES_128_GCM_SHA256)
Keeping ciphersuite c0.9c (GNUTLS_RSA_AES_128_CCM)
Keeping ciphersuite 00.2f (GNUTLS_RSA_AES_128_CBC_SHA1)
Keeping ciphersuite 00.9f (GNUTLS_DHE_RSA_AES_256_GCM_SHA384)
Keeping ciphersuite cc.aa (GNUTLS_DHE_RSA_CHACHA20_POLY1305)
Keeping ciphersuite c0.9f (GNUTLS_DHE_RSA_AES_256_CCM)
Keeping ciphersuite 00.39 (GNUTLS_DHE_RSA_AES_256_CBC_SHA1)
Keeping ciphersuite 00.9e (GNUTLS_DHE_RSA_AES_128_GCM_SHA256)
Keeping ciphersuite c0.9e (GNUTLS_DHE_RSA_AES_128_CCM)
Keeping ciphersuite 00.33 (GNUTLS_DHE_RSA_AES_128_CBC_SHA1)
EXT[0xea1c80]: Preparing extension (Maximum Record Size/1) for 'client hello'
EXT[0xea1c80]: Preparing extension (OCSP Status Request/5) for 'client hello'
EXT[0xea1c80]: Sending extension OCSP Status Request/5 (5 bytes)
EXT[0xea1c80]: Preparing extension (Client Certificate Type/19) for 'client hello'
EXT[0xea1c80]: Preparing extension (Server Certificate Type/20) for 'client hello'
EXT[0xea1c80]: Preparing extension (Supported Groups/10) for 'client hello'
EXT[0xea1c80]: Sent group SECP256R1 (0x17)
EXT[0xea1c80]: Sent group SECP384R1 (0x18)
EXT[0xea1c80]: Sent group SECP521R1 (0x19)
EXT[0xea1c80]: Sent group X25519 (0x1d)
EXT[0xea1c80]: Sent group FFDHE2048 (0x100)
EXT[0xea1c80]: Sent group FFDHE3072 (0x101)
EXT[0xea1c80]: Sent group FFDHE4096 (0x102)
EXT[0xea1c80]: Sent group FFDHE6144 (0x103)
EXT[0xea1c80]: Sent group FFDHE8192 (0x104)
EXT[0xea1c80]: Sending extension Supported Groups/10 (20 bytes)
EXT[0xea1c80]: Preparing extension (Supported EC Point Formats/11) for 'client hello'
EXT[0xea1c80]: Sending extension Supported EC Point Formats/11 (2 bytes)
EXT[0xea1c80]: Preparing extension (SRP/12) for 'client hello'
EXT[0xea1c80]: Preparing extension (Signature Algorithms/13) for 'client hello'
EXT[0xea1c80]: sent signature algo (4.1) RSA-SHA256
EXT[0xea1c80]: sent signature algo (8.9) RSA-PSS-SHA256
EXT[0xea1c80]: sent signature algo (8.4) RSA-PSS-RSAE-SHA256
EXT[0xea1c80]: sent signature algo (4.3) ECDSA-SHA256
EXT[0xea1c80]: sent signature algo (8.7) EdDSA-Ed25519
EXT[0xea1c80]: sent signature algo (5.1) RSA-SHA384
EXT[0xea1c80]: sent signature algo (8.10) RSA-PSS-SHA384
EXT[0xea1c80]: sent signature algo (8.5) RSA-PSS-RSAE-SHA384
EXT[0xea1c80]: sent signature algo (5.3) ECDSA-SHA384
EXT[0xea1c80]: sent signature algo (6.1) RSA-SHA512
EXT[0xea1c80]: sent signature algo (8.11) RSA-PSS-SHA512
EXT[0xea1c80]: sent signature algo (8.6) RSA-PSS-RSAE-SHA512
EXT[0xea1c80]: sent signature algo (6.3) ECDSA-SHA512
EXT[0xea1c80]: sent signature algo (2.1) RSA-SHA1
EXT[0xea1c80]: sent signature algo (2.3) ECDSA-SHA1
EXT[0xea1c80]: Sending extension Signature Algorithms/13 (32 bytes)
EXT[0xea1c80]: Preparing extension (SRTP/14) for 'client hello'
EXT[0xea1c80]: Preparing extension (Heartbeat/15) for 'client hello'
EXT[0xea1c80]: Preparing extension (ALPN/16) for 'client hello'
EXT[0xea1c80]: Preparing extension (Encrypt-then-MAC/22) for 'client hello'
EXT[0xea1c80]: Preparing extension (Extended Master Secret/23) for 'client hello'
EXT[0xea1c80]: Preparing extension (Session Ticket/35) for 'client hello'
EXT[0xea1c80]: Sending extension Session Ticket/35 (0 bytes)
EXT[0xea1c80]: Preparing extension (Key Share/51) for 'client hello'
EXT[0xea1c80]: sending key share for SECP256R1
ASSERT: mpi.c[wrap_nettle_mpi_print]:60
ASSERT: mpi.c[wrap_nettle_mpi_print]:60
EXT[0xea1c80]: sending key share for X25519
EXT[0xea1c80]: Sending extension Key Share/51 (107 bytes)
EXT[0xea1c80]: Preparing extension (Supported Versions/43) for 'client hello'
Advertizing version 3.4
Advertizing version 3.3
Advertizing version 3.2
Advertizing version 3.1
EXT[0xea1c80]: Sending extension Supported Versions/43 (9 bytes)
EXT[0xea1c80]: Preparing extension (Post Handshake Auth/49) for 'client hello'
EXT[0xea1c80]: Preparing extension (Safe Renegotiation/65281) for 'client hello'
EXT[0xea1c80]: Sending extension Safe Renegotiation/65281 (1 bytes)
EXT[0xea1c80]: Preparing extension (Server Name Indication/0) for 'client hello'
EXT[0xea1c80]: Preparing extension (Cookie/44) for 'client hello'
EXT[0xea1c80]: Preparing extension (Early Data/42) for 'client hello'
EXT[0xea1c80]: Preparing extension (PSK Key Exchange Modes/45) for 'client hello'
EXT[0xea1c80]: Sending extension PSK Key Exchange Modes/45 (3 bytes)
EXT[0xea1c80]: Preparing extension (Record Size Limit/28) for 'client hello'
EXT[0xea1c80]: Sending extension Record Size Limit/28 (2 bytes)
EXT[0xea1c80]: Preparing extension (ClientHello Padding/21) for 'client hello'
EXT[0xea1c80]: Sending extension ClientHello Padding/21 (184 bytes)
EXT[0xea1c80]: Preparing extension (Pre Shared Key/41) for 'client hello'
HSK[0xea1c80]: CLIENT HELLO was queued [512 bytes]
HWRITE: enqueued [CLIENT HELLO] 512. Total 512 bytes.
HWRITE FLUSH: 512 bytes in buffer.
REC[0xea1c80]: Preparing Packet Handshake(22) with length: 512 and min pad: 0
ENC[0xea1c80]: cipher: NULL, MAC: MAC-NULL, Epoch: 0
WRITE: enqueued 517 bytes for 0x5. Total 517 bytes.
REC[0xea1c80]: Sent Packet[1] Handshake(22) in epoch 0 and length: 517
HWRITE: wrote 1 bytes, 0 bytes left.
WRITE FLUSH: 517 bytes in buffer.
WRITE: wrote 517 bytes, 0 bytes left.
ASSERT: buffers.c[get_last_packet]:1171
ocserv[17291]: main:127.0.0.2:27332 user disconnected (reason: unspecified, rx: 0, tx: 0)
READ: Got 5 bytes from 0x5
READ: read 5 bytes from 0x5
RB: Have 0 bytes into buffer. Adding 5 bytes.
RB: Requested 5 bytes
REC[0xea1c80]: SSL 3.3 Handshake packet received. Epoch 0, length: 123
REC[0xea1c80]: Expected Packet Handshake(22)
REC[0xea1c80]: Received Packet Handshake(22) with length: 123
READ: Got 123 bytes from 0x5
READ: read 123 bytes from 0x5
RB: Have 5 bytes into buffer. Adding 123 bytes.
RB: Requested 128 bytes
REC[0xea1c80]: Decrypted Packet[0] Handshake(22) with length: 123
BUF[REC]: Inserted 123 bytes of Data(22)
HSK[0xea1c80]: SERVER HELLO (2) was received. Length 119[119], frag offset 0, frag length: 119, sequence: 0
ASSERT: buffers.c[get_last_packet]:1162
ASSERT: buffers.c[_gnutls_handshake_io_recv_int]:1413
HSK[0xea1c80]: Server's version: 3.3
EXT[0xea1c80]: Parsing extension 'Supported Versions/43' (2 bytes)
EXT[0xea1c80]: Negotiated version: 3.4
HSK[0xea1c80]: Selected cipher suite: GNUTLS_AES_128_GCM_SHA256
EXT[0xea1c80]: Parsing extension 'Key Share/51' (69 bytes)
HSK[0xea1c80]: Selected group SECP256R1 (2)
EXT[0xea1c80]: client generated SECP256R1 shared key
HWRITE: enqueued [CHANGE CIPHER SPEC] 1. Total 1 bytes.
HWRITE FLUSH: 1 bytes in buffer.
REC[0xea1c80]: Preparing Packet ChangeCipherSpec(20) with length: 1 and min pad: 0
ENC[0xea1c80]: cipher: NULL, MAC: MAC-NULL, Epoch: 0
WRITE: enqueued 6 bytes for 0x5. Total 6 bytes.
REC[0xea1c80]: Sent Packet[2] ChangeCipherSpec(20) in epoch 0 and length: 6
HWRITE: wrote 1 bytes, 0 bytes left.
WRITE FLUSH: 6 bytes in buffer.
WRITE: wrote 6 bytes, 0 bytes left.
REC[0xea1c80]: Sent ChangeCipherSpec
REC[0xea1c80]: Initializing epoch #1
INT: CLIENT WRITE KEY [16]: 5570a8827b5bd7f7bcdb3616a1706733
INT: SERVER WRITE KEY [16]: 050318b15bab21c4d3d6f1c0f250db6c
INT: CLIENT WRITE IV [12]: 95b36d82bc992bff24bfc7b2
INT: SERVER WRITE IV [12]: a3d4592cfad1d2b58a18ef09
REC[0xea1c80]: Epoch #1 ready
HSK[0xea1c80]: TLS 1.3 re-key with cipher suite: GNUTLS_AES_128_GCM_SHA256
ASSERT: buffers.c[get_last_packet]:1171
READ: Got 5 bytes from 0x5
READ: read 5 bytes from 0x5
RB: Have 0 bytes into buffer. Adding 5 bytes.
RB: Requested 5 bytes
REC[0xea1c80]: SSL 3.3 ChangeCipherSpec packet received. Epoch 1, length: 1
REC[0xea1c80]: Expected Packet Handshake(22)
REC[0xea1c80]: Received Packet ChangeCipherSpec(20) with length: 1
READ: Got 1 bytes from 0x5
READ: read 1 bytes from 0x5
RB: Have 5 bytes into buffer. Adding 1 bytes.
RB: Requested 6 bytes
discarding change cipher spec in TLS1.3
READ: Got 5 bytes from 0x5
READ: read 5 bytes from 0x5
RB: Have 0 bytes into buffer. Adding 5 bytes.
RB: Requested 5 bytes
REC[0xea1c80]: SSL 3.3 Application Data packet received. Epoch 1, length: 29
REC[0xea1c80]: Expected Packet Handshake(22)
REC[0xea1c80]: Received Packet Application Data(23) with length: 29
READ: Got 29 bytes from 0x5
READ: read 29 bytes from 0x5
RB: Have 5 bytes into buffer. Adding 29 bytes.
RB: Requested 34 bytes
REC[0xea1c80]: Decrypted Packet[0] Handshake(22) with length: 12
BUF[REC]: Inserted 12 bytes of Data(22)
HSK[0xea1c80]: ENCRYPTED EXTENSIONS (8) was received. Length 8[8], frag offset 0, frag length: 8, sequence: 0
HSK[0xea1c80]: parsing encrypted extensions
EXT[0xea1c80]: Parsing extension 'Record Size Limit/28' (2 bytes)
ASSERT: buffers.c[get_last_packet]:1171
READ: Got 5 bytes from 0x5
READ: read 5 bytes from 0x5
RB: Have 0 bytes into buffer. Adding 5 bytes.
RB: Requested 5 bytes
REC[0xea1c80]: SSL 3.3 Application Data packet received. Epoch 1, length: 85
REC[0xea1c80]: Expected Packet Handshake(22)
REC[0xea1c80]: Received Packet Application Data(23) with length: 85
READ: Got 85 bytes from 0x5
READ: read 85 bytes from 0x5
RB: Have 5 bytes into buffer. Adding 85 bytes.
RB: Requested 90 bytes
REC[0xea1c80]: Decrypted Packet[1] Handshake(22) with length: 68
BUF[REC]: Inserted 68 bytes of Data(22)
HSK[0xea1c80]: CERTIFICATE REQUEST (13) was received. Length 64[64], frag offset 0, frag length: 64, sequence: 0
HSK[0xea1c80]: parsing certificate request
EXT[0xea1c80]: rcvd signature algo (4.1) RSA-SHA256
EXT[0xea1c80]: rcvd signature algo (8.9) RSA-PSS-SHA256
EXT[0xea1c80]: rcvd signature algo (8.4) RSA-PSS-RSAE-SHA256
EXT[0xea1c80]: rcvd signature algo (4.3) ECDSA-SECP256R1-SHA256
EXT[0xea1c80]: rcvd signature algo (8.7) EdDSA-Ed25519
EXT[0xea1c80]: rcvd signature algo (5.1) RSA-SHA384
EXT[0xea1c80]: rcvd signature algo (8.10) RSA-PSS-SHA384
EXT[0xea1c80]: rcvd signature algo (8.5) RSA-PSS-RSAE-SHA384
EXT[0xea1c80]: rcvd signature algo (5.3) ECDSA-SECP384R1-SHA384
EXT[0xea1c80]: rcvd signature algo (6.1) RSA-SHA512
EXT[0xea1c80]: rcvd signature algo (8.11) RSA-PSS-SHA512
EXT[0xea1c80]: rcvd signature algo (8.6) RSA-PSS-RSAE-SHA512
EXT[0xea1c80]: rcvd signature algo (6.3) ECDSA-SECP521R1-SHA512
EXT[0xea1c80]: rcvd signature algo (2.1) RSA-SHA1
EXT[0xea1c80]: rcvd signature algo (2.3) ECDSA-SHA1
EXT[0xea1c80]: rcvd signature algo (2.2) (null)
Peer requested CA: CN=CA
ASSERT: buffers.c[get_last_packet]:1171
READ: Got 5 bytes from 0x5
READ: read 5 bytes from 0x5
RB: Have 0 bytes into buffer. Adding 5 bytes.
RB: Requested 5 bytes
REC[0xea1c80]: SSL 3.3 Application Data packet received. Epoch 1, length: 947
REC[0xea1c80]: Expected Packet Handshake(22)
REC[0xea1c80]: Received Packet Application Data(23) with length: 947
READ: Got 947 bytes from 0x5
READ: read 947 bytes from 0x5
RB: Have 5 bytes into buffer. Adding 947 bytes.
RB: Requested 952 bytes
REC[0xea1c80]: Decrypted Packet[2] Handshake(22) with length: 930
BUF[REC]: Inserted 930 bytes of Data(22)
HSK[0xea1c80]: CERTIFICATE (11) was received. Length 926[926], frag offset 0, frag length: 926, sequence: 0
HSK[0xea1c80]: parsing certificate message
ASSERT: buffers.c[get_last_packet]:1171
READ: Got 5 bytes from 0x5
READ: read 5 bytes from 0x5
RB: Have 0 bytes into buffer. Adding 5 bytes.
RB: Requested 5 bytes
REC[0xea1c80]: SSL 3.3 Application Data packet received. Epoch 1, length: 329
REC[0xea1c80]: Expected Packet Handshake(22)
REC[0xea1c80]: Received Packet Application Data(23) with length: 329
READ: Got 329 bytes from 0x5
READ: read 329 bytes from 0x5
RB: Have 5 bytes into buffer. Adding 329 bytes.
RB: Requested 334 bytes
REC[0xea1c80]: Decrypted Packet[3] Handshake(22) with length: 312
BUF[REC]: Inserted 312 bytes of Data(22)
HSK[0xea1c80]: CERTIFICATE VERIFY (15) was received. Length 308[308], frag offset 0, frag length: 308, sequence: 0
HSK[0xea1c80]: Parsing certificate verify
HSK[0xea1c80]: verifying TLS 1.3 handshake data using RSA-PSS-RSAE-SHA256
ASSERT: mpi.c[wrap_nettle_mpi_print]:60
ASSERT: mpi.c[wrap_nettle_mpi_print]:60
ASSERT: ocsp-api.c[gnutls_ocsp_status_request_get2]:99
ASSERT: verify.c[verify_crt]:663
ASSERT: verify.c[verify_crt]:815
ASSERT: verify.c[_gnutls_verify_crt_status]:985
issuer in verification was not found or insecure; trying against trust list
ASSERT: verify.c[verify_crt]:663
ASSERT: verify.c[verify_crt]:815
ASSERT: verify.c[_gnutls_verify_crt_status]:985
ASSERT: verify-high.c[gnutls_x509_trust_list_verify_crt2]:1374
Server certificate verify failed: signer not found
ASSERT: common.c[_gnutls_copy_data]:1611
ASSERT: x509.c[gnutls_x509_crt_export]:2922
ASSERT: buffers.c[get_last_packet]:1171
READ: Got 5 bytes from 0x5
READ: read 5 bytes from 0x5
RB: Have 0 bytes into buffer. Adding 5 bytes.
RB: Requested 5 bytes
REC[0xea1c80]: SSL 3.3 Application Data packet received. Epoch 1, length: 53
REC[0xea1c80]: Expected Packet Handshake(22)
REC[0xea1c80]: Received Packet Application Data(23) with length: 53
READ: Got 53 bytes from 0x5
READ: read 53 bytes from 0x5
RB: Have 5 bytes into buffer. Adding 53 bytes.
RB: Requested 58 bytes
REC[0xea1c80]: Decrypted Packet[4] Handshake(22) with length: 36
BUF[REC]: Inserted 36 bytes of Data(22)
HSK[0xea1c80]: FINISHED (20) was received. Length 32[32], frag offset 0, frag length: 32, sequence: 0
HSK[0xea1c80]: parsing finished
HSK[0xea1c80]: CERTIFICATE was queued [544 bytes]
HWRITE: enqueued [CERTIFICATE] 544. Total 544 bytes.
checking cert compat with RSA-SHA256
cannot use privkey of EC/ECDSA with RSA-SHA256
checking cert compat with RSA-PSS-SHA256
cannot use privkey of EC/ECDSA with RSA-PSS-SHA256
checking cert compat with RSA-PSS-RSAE-SHA256
cannot use privkey of EC/ECDSA with RSA-PSS-RSAE-SHA256
checking cert compat with ECDSA-SECP256R1-SHA256
HSK[0xea1c80]: signing TLS 1.3 handshake data: using ECDSA-SECP256R1-SHA256 and PRF: SHA256
HSK[0xea1c80]: CERTIFICATE VERIFY was queued [79 bytes]
HWRITE: enqueued [CERTIFICATE VERIFY] 79. Total 623 bytes.
HSK[0xea1c80]: sending finished
HSK[0xea1c80]: FINISHED was queued [36 bytes]
HWRITE: enqueued [FINISHED] 36. Total 659 bytes.
HWRITE FLUSH: 659 bytes in buffer.
REC[0xea1c80]: Preparing Packet Handshake(22) with length: 544 and min pad: 0
ENC[0xea1c80]: cipher: AES-128-GCM, MAC: AEAD, Epoch: 1
WRITE: enqueued 566 bytes for 0x5. Total 566 bytes.
REC[0xea1c80]: Sent Packet[1] Handshake(22) in epoch 1 and length: 566
HWRITE: wrote 1 bytes, 115 bytes left.
REC[0xea1c80]: Preparing Packet Handshake(22) with length: 79 and min pad: 0
ENC[0xea1c80]: cipher: AES-128-GCM, MAC: AEAD, Epoch: 1
WRITE: enqueued 101 bytes for 0x5. Total 667 bytes.
REC[0xea1c80]: Sent Packet[2] Handshake(22) in epoch 1 and length: 101
HWRITE: wrote 1 bytes, 36 bytes left.
REC[0xea1c80]: Preparing Packet Handshake(22) with length: 36 and min pad: 0
ENC[0xea1c80]: cipher: AES-128-GCM, MAC: AEAD, Epoch: 1
WRITE: enqueued 58 bytes for 0x5. Total 725 bytes.
REC[0xea1c80]: Sent Packet[3] Handshake(22) in epoch 1 and length: 58
HWRITE: wrote 1 bytes, 0 bytes left.
WRITE FLUSH: 725 bytes in buffer.
WRITE: wrote 725 bytes, 0 bytes left.
ASSERT: constate.c[_gnutls_epoch_get]:901
REC[0xea1c80]: Allocating epoch #2
REC[0xea1c80]: Initializing epoch #2
INT: CLIENT WRITE KEY [16]: a577e372f57fe1e01ee910a976396a6d
INT: SERVER WRITE KEY [16]: 2309219a0d7d60bbdb8fab885ff928bc
INT: CLIENT WRITE IV [12]: 85b76b4373c231fedff06bcc
INT: SERVER WRITE IV [12]: 647ced7bed776cdb154d835f
REC[0xea1c80]: Epoch #2 ready
HSK[0xea1c80]: TLS 1.3 re-key with cipher suite: GNUTLS_AES_128_GCM_SHA256
BUF[HSK]: Emptied buffer
BUF[HSK]: Emptied buffer
REC[0xea1c80]: Start of epoch cleanup
REC[0xea1c80]: Epoch #0 freed
REC[0xea1c80]: Epoch #1 freed
REC[0xea1c80]: End of epoch cleanup
Connected to HTTPS on 127.0.0.2
REC[0xea1c80]: Preparing Packet Application Data(23) with length: 579 and min pad: 0
ENC[0xea1c80]: cipher: AES-128-GCM, MAC: AEAD, Epoch: 2
WRITE: enqueued 601 bytes for 0x5. Total 601 bytes.
WRITE FLUSH: 601 bytes in buffer.
WRITE: wrote 601 bytes, 0 bytes left.
REC[0xea1c80]: Sent Packet[1] Application Data(23) in epoch 2 and length: 601
READ: -1 returned from 0x5, errno=11 gerrno=0
ASSERT: buffers.c[_gnutls_io_read_buffered]:589
ASSERT: record.c[_gnutls_recv_int]:1759
ocserv[17347]: worker:  client certificate verification succeeded
ocserv[17293]: sec-mod: using 'certificate+plain' authentication to authenticate user (session: DjbNut)
READ: Got 5 bytes from 0x5
READ: read 5 bytes from 0x5
RB: Have 0 bytes into buffer. Adding 5 bytes.
RB: Requested 5 bytes
REC[0xea1c80]: SSL 3.3 Application Data packet received. Epoch 2, length: 508
REC[0xea1c80]: Expected Packet Application Data(23)
REC[0xea1c80]: Received Packet Application Data(23) with length: 508
READ: Got 508 bytes from 0x5
READ: read 508 bytes from 0x5
RB: Have 5 bytes into buffer. Adding 508 bytes.
RB: Requested 513 bytes
REC[0xea1c80]: Decrypted Packet[0] Application Data(23) with length: 491
BUF[REC]: Inserted 491 bytes of Data(23)
Got HTTP response: HTTP/1.1 200 OK
Set-Cookie: webvpncontext=0rlsvyT693hKl/pOBLZG25MnG24giAppDL2LTSno4/c=; Max-Age=120; Secure
Content-Type: text/xml
Content-Length: 310
X-Transcend-Version: 1
HTTP body length:  (310)
Please enter your password.
POST https://127.0.0.2/auth
REC[0xea1c80]: Preparing Packet Application Data(23) with length: 647 and min pad: 0
ENC[0xea1c80]: cipher: AES-128-GCM, MAC: AEAD, Epoch: 2
WRITE: enqueued 669 bytes for 0x5. Total 669 bytes.
WRITE FLUSH: 669 bytes in buffer.
WRITE: wrote 669 bytes, 0 bytes left.
REC[0xea1c80]: Sent Packet[2] Application Data(23) in epoch 2 and length: 669
READ: -1 returned from 0x5, errno=11 gerrno=0
ASSERT: buffers.c[_gnutls_io_read_buffered]:589
ASSERT: record.c[_gnutls_recv_int]:1759
READ: Got 5 bytes from 0x5
READ: read 5 bytes from 0x5
RB: Have 0 bytes into buffer. Adding 5 bytes.
RB: Requested 5 bytes
REC[0xea1c80]: SSL 3.3 Application Data packet received. Epoch 2, length: 644
REC[0xea1c80]: Expected Packet Application Data(23)
REC[0xea1c80]: Received Packet Application Data(23) with length: 644
READ: Got 644 bytes from 0x5
READ: read 644 bytes from 0x5
RB: Have 5 bytes into buffer. Adding 644 bytes.
RB: Requested 649 bytes
REC[0xea1c80]: Decrypted Packet[1] Application Data(23) with length: 627
BUF[REC]: Inserted 627 bytes of Data(23)
Got HTTP response: HTTP/1.1 200 OK
Connection: Keep-Alive
Content-Type: text/xml
Content-Length: 189
X-Transcend-Version: 1
Set-Cookie: webvpncontext=0rlsvyT693hKl/pOBLZG25MnG24giAppDL2LTSno4/c=; Secure
Set-Cookie: webvpn=<elided>; Secure
Set-Cookie: webvpnc=; expires=Thu, 01 Jan 1970 22:00:00 GMT; path=/; Secure
Set-Cookie: webvpnc=bu:/&p:t&iu:1/&sh:D66B507AE074D03B02EAFCA40D35F87DD81049D3; path=/; Secure
HTTP body length:  (189)
BUF[HSK]: Emptied buffer
REC[0xea1c80]: Start of epoch cleanup
REC[0xea1c80]: End of epoch cleanup
REC[0xea1c80]: Epoch #2 freed
ocserv[17291]: main:127.0.0.2:27333 user disconnected (reason: unspecified, rx: 0, tx: 0)
COOKIE='0rlsvyT693hKl/pOBLZG25MnG24giAppDL2LTSno4/c='
HOST='127.0.0.2'
FINGERPRINT='pin-sha256:xp3scfzy3rOQsv9NcOve/8YVVv+pHr4qNCXEXrNl5s8='
Connecting to obtain cookie (token openconnect-test key id=%03)... POST https://127.0.0.2/
Attempting to connect to server 127.0.0.2:443
Connected to 127.0.0.2:443
Using PKCS#11 certificate pkcs11:token=openconnect-test;id=%03;type=cert?pin-value=1234
Initializing all PKCS #11 modules
p11: Initializing module: p11-kit-trust
p11: Initializing module: softhsm2
ASSERT: pkcs11.c[compat_load]:889
p11: No login requested.
ASSERT: common.c[_gnutls_x509_get_raw_field2]:1570
ASSERT: x509.c[gnutls_x509_crt_get_subject_unique_id]:3902
ASSERT: x509.c[gnutls_x509_crt_get_issuer_unique_id]:3952
Trying PKCS#11 key URL pkcs11:token=openconnect-test;id=%03;type=private?pin-value=1234
p11: Using pin-value to retrieve PIN
p11: Login result = ok (0)
Using PKCS#11 key pkcs11:token=openconnect-test;id=%03;type=private?pin-value=1234
Using client certificate 'A user'
ASSERT: x509.c[gnutls_x509_crt_get_authority_key_id]:1490
p11: No login requested.
ASSERT: pkcs11.c[find_cert_cb]:4206
ASSERT: pkcs11.c[find_cert_cb]:4031
p11: No login requested.
ASSERT: pkcs11.c[find_cert_cb]:4206
ASSERT: pkcs11.c[find_cert_cb]:4031
ASSERT: pkcs11.c[gnutls_pkcs11_get_raw_issuer]:4302
Got no issuer from PKCS#11
ASSERT: common.c[_gnutls_x509_get_raw_field2]:1570
ASSERT: x509.c[gnutls_x509_crt_get_subject_unique_id]:3902
ASSERT: x509.c[gnutls_x509_crt_get_issuer_unique_id]:3952
ASSERT: x509_ext.c[gnutls_subject_alt_names_get]:110
ASSERT: x509.c[get_alt_name]:1815
REC[0xaa78b0]: Allocating epoch #0
added 6 protocols, 29 ciphersuites, 18 sig algos and 9 groups into priority list
SSL negotiation with 127.0.0.2
REC[0xaa78b0]: Allocating epoch #1
HSK[0xaa78b0]: Adv. version: 3.3
Keeping ciphersuite 13.02 (GNUTLS_AES_256_GCM_SHA384)
Keeping ciphersuite 13.03 (GNUTLS_CHACHA20_POLY1305_SHA256)
Keeping ciphersuite 13.01 (GNUTLS_AES_128_GCM_SHA256)
Keeping ciphersuite 13.04 (GNUTLS_AES_128_CCM_SHA256)
Keeping ciphersuite c0.2c (GNUTLS_ECDHE_ECDSA_AES_256_GCM_SHA384)
Keeping ciphersuite cc.a9 (GNUTLS_ECDHE_ECDSA_CHACHA20_POLY1305)
Keeping ciphersuite c0.ad (GNUTLS_ECDHE_ECDSA_AES_256_CCM)
Keeping ciphersuite c0.0a (GNUTLS_ECDHE_ECDSA_AES_256_CBC_SHA1)
Keeping ciphersuite c0.2b (GNUTLS_ECDHE_ECDSA_AES_128_GCM_SHA256)
Keeping ciphersuite c0.ac (GNUTLS_ECDHE_ECDSA_AES_128_CCM)
Keeping ciphersuite c0.09 (GNUTLS_ECDHE_ECDSA_AES_128_CBC_SHA1)
Keeping ciphersuite c0.30 (GNUTLS_ECDHE_RSA_AES_256_GCM_SHA384)
Keeping ciphersuite cc.a8 (GNUTLS_ECDHE_RSA_CHACHA20_POLY1305)
Keeping ciphersuite c0.14 (GNUTLS_ECDHE_RSA_AES_256_CBC_SHA1)
Keeping ciphersuite c0.2f (GNUTLS_ECDHE_RSA_AES_128_GCM_SHA256)
Keeping ciphersuite c0.13 (GNUTLS_ECDHE_RSA_AES_128_CBC_SHA1)
Keeping ciphersuite 00.9d (GNUTLS_RSA_AES_256_GCM_SHA384)
Keeping ciphersuite c0.9d (GNUTLS_RSA_AES_256_CCM)
Keeping ciphersuite 00.35 (GNUTLS_RSA_AES_256_CBC_SHA1)
Keeping ciphersuite 00.9c (GNUTLS_RSA_AES_128_GCM_SHA256)
Keeping ciphersuite c0.9c (GNUTLS_RSA_AES_128_CCM)
Keeping ciphersuite 00.2f (GNUTLS_RSA_AES_128_CBC_SHA1)
Keeping ciphersuite 00.9f (GNUTLS_DHE_RSA_AES_256_GCM_SHA384)
Keeping ciphersuite cc.aa (GNUTLS_DHE_RSA_CHACHA20_POLY1305)
Keeping ciphersuite c0.9f (GNUTLS_DHE_RSA_AES_256_CCM)
Keeping ciphersuite 00.39 (GNUTLS_DHE_RSA_AES_256_CBC_SHA1)
Keeping ciphersuite 00.9e (GNUTLS_DHE_RSA_AES_128_GCM_SHA256)
Keeping ciphersuite c0.9e (GNUTLS_DHE_RSA_AES_128_CCM)
Keeping ciphersuite 00.33 (GNUTLS_DHE_RSA_AES_128_CBC_SHA1)
EXT[0xaa78b0]: Preparing extension (Maximum Record Size/1) for 'client hello'
EXT[0xaa78b0]: Preparing extension (OCSP Status Request/5) for 'client hello'
EXT[0xaa78b0]: Sending extension OCSP Status Request/5 (5 bytes)
EXT[0xaa78b0]: Preparing extension (Client Certificate Type/19) for 'client hello'
EXT[0xaa78b0]: Preparing extension (Server Certificate Type/20) for 'client hello'
EXT[0xaa78b0]: Preparing extension (Supported Groups/10) for 'client hello'
EXT[0xaa78b0]: Sent group SECP256R1 (0x17)
EXT[0xaa78b0]: Sent group SECP384R1 (0x18)
EXT[0xaa78b0]: Sent group SECP521R1 (0x19)
EXT[0xaa78b0]: Sent group X25519 (0x1d)
EXT[0xaa78b0]: Sent group FFDHE2048 (0x100)
EXT[0xaa78b0]: Sent group FFDHE3072 (0x101)
EXT[0xaa78b0]: Sent group FFDHE4096 (0x102)
EXT[0xaa78b0]: Sent group FFDHE6144 (0x103)
EXT[0xaa78b0]: Sent group FFDHE8192 (0x104)
EXT[0xaa78b0]: Sending extension Supported Groups/10 (20 bytes)
EXT[0xaa78b0]: Preparing extension (Supported EC Point Formats/11) for 'client hello'
EXT[0xaa78b0]: Sending extension Supported EC Point Formats/11 (2 bytes)
EXT[0xaa78b0]: Preparing extension (SRP/12) for 'client hello'
EXT[0xaa78b0]: Preparing extension (Signature Algorithms/13) for 'client hello'
EXT[0xaa78b0]: sent signature algo (4.1) RSA-SHA256
EXT[0xaa78b0]: sent signature algo (8.9) RSA-PSS-SHA256
EXT[0xaa78b0]: sent signature algo (8.4) RSA-PSS-RSAE-SHA256
EXT[0xaa78b0]: sent signature algo (4.3) ECDSA-SHA256
EXT[0xaa78b0]: sent signature algo (8.7) EdDSA-Ed25519
EXT[0xaa78b0]: sent signature algo (5.1) RSA-SHA384
EXT[0xaa78b0]: sent signature algo (8.10) RSA-PSS-SHA384
EXT[0xaa78b0]: sent signature algo (8.5) RSA-PSS-RSAE-SHA384
EXT[0xaa78b0]: sent signature algo (5.3) ECDSA-SHA384
EXT[0xaa78b0]: sent signature algo (6.1) RSA-SHA512
EXT[0xaa78b0]: sent signature algo (8.11) RSA-PSS-SHA512
EXT[0xaa78b0]: sent signature algo (8.6) RSA-PSS-RSAE-SHA512
EXT[0xaa78b0]: sent signature algo (6.3) ECDSA-SHA512
EXT[0xaa78b0]: sent signature algo (2.1) RSA-SHA1
EXT[0xaa78b0]: sent signature algo (2.3) ECDSA-SHA1
EXT[0xaa78b0]: Sending extension Signature Algorithms/13 (32 bytes)
EXT[0xaa78b0]: Preparing extension (SRTP/14) for 'client hello'
EXT[0xaa78b0]: Preparing extension (Heartbeat/15) for 'client hello'
EXT[0xaa78b0]: Preparing extension (ALPN/16) for 'client hello'
EXT[0xaa78b0]: Preparing extension (Encrypt-then-MAC/22) for 'client hello'
EXT[0xaa78b0]: Preparing extension (Extended Master Secret/23) for 'client hello'
EXT[0xaa78b0]: Preparing extension (Session Ticket/35) for 'client hello'
EXT[0xaa78b0]: Sending extension Session Ticket/35 (0 bytes)
EXT[0xaa78b0]: Preparing extension (Key Share/51) for 'client hello'
EXT[0xaa78b0]: sending key share for SECP256R1
ASSERT: mpi.c[wrap_nettle_mpi_print]:60
ASSERT: mpi.c[wrap_nettle_mpi_print]:60
EXT[0xaa78b0]: sending key share for X25519
EXT[0xaa78b0]: Sending extension Key Share/51 (107 bytes)
EXT[0xaa78b0]: Preparing extension (Supported Versions/43) for 'client hello'
Advertizing version 3.4
Advertizing version 3.3
Advertizing version 3.2
Advertizing version 3.1
EXT[0xaa78b0]: Sending extension Supported Versions/43 (9 bytes)
EXT[0xaa78b0]: Preparing extension (Post Handshake Auth/49) for 'client hello'
EXT[0xaa78b0]: Preparing extension (Safe Renegotiation/65281) for 'client hello'
EXT[0xaa78b0]: Sending extension Safe Renegotiation/65281 (1 bytes)
EXT[0xaa78b0]: Preparing extension (Server Name Indication/0) for 'client hello'
EXT[0xaa78b0]: Preparing extension (Cookie/44) for 'client hello'
EXT[0xaa78b0]: Preparing extension (Early Data/42) for 'client hello'
EXT[0xaa78b0]: Preparing extension (PSK Key Exchange Modes/45) for 'client hello'
EXT[0xaa78b0]: Sending extension PSK Key Exchange Modes/45 (3 bytes)
EXT[0xaa78b0]: Preparing extension (Record Size Limit/28) for 'client hello'
EXT[0xaa78b0]: Sending extension Record Size Limit/28 (2 bytes)
EXT[0xaa78b0]: Preparing extension (ClientHello Padding/21) for 'client hello'
EXT[0xaa78b0]: Sending extension ClientHello Padding/21 (184 bytes)
EXT[0xaa78b0]: Preparing extension (Pre Shared Key/41) for 'client hello'
HSK[0xaa78b0]: CLIENT HELLO was queued [512 bytes]
HWRITE: enqueued [CLIENT HELLO] 512. Total 512 bytes.
HWRITE FLUSH: 512 bytes in buffer.
REC[0xaa78b0]: Preparing Packet Handshake(22) with length: 512 and min pad: 0
ENC[0xaa78b0]: cipher: NULL, MAC: MAC-NULL, Epoch: 0
WRITE: enqueued 517 bytes for 0x5. Total 517 bytes.
REC[0xaa78b0]: Sent Packet[1] Handshake(22) in epoch 0 and length: 517
HWRITE: wrote 1 bytes, 0 bytes left.
WRITE FLUSH: 517 bytes in buffer.
WRITE: wrote 517 bytes, 0 bytes left.
ASSERT: buffers.c[get_last_packet]:1171
READ: Got 5 bytes from 0x5
READ: read 5 bytes from 0x5
RB: Have 0 bytes into buffer. Adding 5 bytes.
RB: Requested 5 bytes
REC[0xaa78b0]: SSL 3.3 Handshake packet received. Epoch 0, length: 123
REC[0xaa78b0]: Expected Packet Handshake(22)
REC[0xaa78b0]: Received Packet Handshake(22) with length: 123
READ: Got 123 bytes from 0x5
READ: read 123 bytes from 0x5
RB: Have 5 bytes into buffer. Adding 123 bytes.
RB: Requested 128 bytes
REC[0xaa78b0]: Decrypted Packet[0] Handshake(22) with length: 123
BUF[REC]: Inserted 123 bytes of Data(22)
HSK[0xaa78b0]: SERVER HELLO (2) was received. Length 119[119], frag offset 0, frag length: 119, sequence: 0
ASSERT: buffers.c[get_last_packet]:1162
ASSERT: buffers.c[_gnutls_handshake_io_recv_int]:1413
HSK[0xaa78b0]: Server's version: 3.3
EXT[0xaa78b0]: Parsing extension 'Supported Versions/43' (2 bytes)
EXT[0xaa78b0]: Negotiated version: 3.4
HSK[0xaa78b0]: Selected cipher suite: GNUTLS_AES_128_GCM_SHA256
EXT[0xaa78b0]: Parsing extension 'Key Share/51' (69 bytes)
HSK[0xaa78b0]: Selected group SECP256R1 (2)
EXT[0xaa78b0]: client generated SECP256R1 shared key
HWRITE: enqueued [CHANGE CIPHER SPEC] 1. Total 1 bytes.
HWRITE FLUSH: 1 bytes in buffer.
REC[0xaa78b0]: Preparing Packet ChangeCipherSpec(20) with length: 1 and min pad: 0
ENC[0xaa78b0]: cipher: NULL, MAC: MAC-NULL, Epoch: 0
WRITE: enqueued 6 bytes for 0x5. Total 6 bytes.
REC[0xaa78b0]: Sent Packet[2] ChangeCipherSpec(20) in epoch 0 and length: 6
HWRITE: wrote 1 bytes, 0 bytes left.
WRITE FLUSH: 6 bytes in buffer.
WRITE: wrote 6 bytes, 0 bytes left.
REC[0xaa78b0]: Sent ChangeCipherSpec
REC[0xaa78b0]: Initializing epoch #1
INT: CLIENT WRITE KEY [16]: 0a3d3ef9f6d62f4e07487aae24e33b55
INT: SERVER WRITE KEY [16]: 23d7a3b0fcd7d1337646aa028b9c3d58
INT: CLIENT WRITE IV [12]: f29808121335fe27dff67db6
INT: SERVER WRITE IV [12]: 71eb81f52d5e54f8c84e4af5
REC[0xaa78b0]: Epoch #1 ready
HSK[0xaa78b0]: TLS 1.3 re-key with cipher suite: GNUTLS_AES_128_GCM_SHA256
ASSERT: buffers.c[get_last_packet]:1171
READ: Got 5 bytes from 0x5
READ: read 5 bytes from 0x5
RB: Have 0 bytes into buffer. Adding 5 bytes.
RB: Requested 5 bytes
REC[0xaa78b0]: SSL 3.3 ChangeCipherSpec packet received. Epoch 1, length: 1
REC[0xaa78b0]: Expected Packet Handshake(22)
REC[0xaa78b0]: Received Packet ChangeCipherSpec(20) with length: 1
READ: Got 1 bytes from 0x5
READ: read 1 bytes from 0x5
RB: Have 5 bytes into buffer. Adding 1 bytes.
RB: Requested 6 bytes
discarding change cipher spec in TLS1.3
READ: Got 5 bytes from 0x5
READ: read 5 bytes from 0x5
RB: Have 0 bytes into buffer. Adding 5 bytes.
RB: Requested 5 bytes
REC[0xaa78b0]: SSL 3.3 Application Data packet received. Epoch 1, length: 29
REC[0xaa78b0]: Expected Packet Handshake(22)
REC[0xaa78b0]: Received Packet Application Data(23) with length: 29
READ: Got 29 bytes from 0x5
READ: read 29 bytes from 0x5
RB: Have 5 bytes into buffer. Adding 29 bytes.
RB: Requested 34 bytes
REC[0xaa78b0]: Decrypted Packet[0] Handshake(22) with length: 12
BUF[REC]: Inserted 12 bytes of Data(22)
HSK[0xaa78b0]: ENCRYPTED EXTENSIONS (8) was received. Length 8[8], frag offset 0, frag length: 8, sequence: 0
HSK[0xaa78b0]: parsing encrypted extensions
EXT[0xaa78b0]: Parsing extension 'Record Size Limit/28' (2 bytes)
ASSERT: buffers.c[get_last_packet]:1171
READ: Got 5 bytes from 0x5
READ: read 5 bytes from 0x5
RB: Have 0 bytes into buffer. Adding 5 bytes.
RB: Requested 5 bytes
REC[0xaa78b0]: SSL 3.3 Application Data packet received. Epoch 1, length: 85
REC[0xaa78b0]: Expected Packet Handshake(22)
REC[0xaa78b0]: Received Packet Application Data(23) with length: 85
READ: Got 85 bytes from 0x5
READ: read 85 bytes from 0x5
RB: Have 5 bytes into buffer. Adding 85 bytes.
RB: Requested 90 bytes
REC[0xaa78b0]: Decrypted Packet[1] Handshake(22) with length: 68
BUF[REC]: Inserted 68 bytes of Data(22)
HSK[0xaa78b0]: CERTIFICATE REQUEST (13) was received. Length 64[64], frag offset 0, frag length: 64, sequence: 0
HSK[0xaa78b0]: parsing certificate request
EXT[0xaa78b0]: rcvd signature algo (4.1) RSA-SHA256
EXT[0xaa78b0]: rcvd signature algo (8.9) RSA-PSS-SHA256
EXT[0xaa78b0]: rcvd signature algo (8.4) RSA-PSS-RSAE-SHA256
EXT[0xaa78b0]: rcvd signature algo (4.3) ECDSA-SECP256R1-SHA256
EXT[0xaa78b0]: rcvd signature algo (8.7) EdDSA-Ed25519
EXT[0xaa78b0]: rcvd signature algo (5.1) RSA-SHA384
EXT[0xaa78b0]: rcvd signature algo (8.10) RSA-PSS-SHA384
EXT[0xaa78b0]: rcvd signature algo (8.5) RSA-PSS-RSAE-SHA384
EXT[0xaa78b0]: rcvd signature algo (5.3) ECDSA-SECP384R1-SHA384
EXT[0xaa78b0]: rcvd signature algo (6.1) RSA-SHA512
EXT[0xaa78b0]: rcvd signature algo (8.11) RSA-PSS-SHA512
EXT[0xaa78b0]: rcvd signature algo (8.6) RSA-PSS-RSAE-SHA512
EXT[0xaa78b0]: rcvd signature algo (6.3) ECDSA-SECP521R1-SHA512
EXT[0xaa78b0]: rcvd signature algo (2.1) RSA-SHA1
EXT[0xaa78b0]: rcvd signature algo (2.3) ECDSA-SHA1
EXT[0xaa78b0]: rcvd signature algo (2.2) (null)
Peer requested CA: CN=CA
ASSERT: buffers.c[get_last_packet]:1171
READ: Got 5 bytes from 0x5
READ: read 5 bytes from 0x5
RB: Have 0 bytes into buffer. Adding 5 bytes.
RB: Requested 5 bytes
REC[0xaa78b0]: SSL 3.3 Application Data packet received. Epoch 1, length: 947
REC[0xaa78b0]: Expected Packet Handshake(22)
REC[0xaa78b0]: Received Packet Application Data(23) with length: 947
READ: Got 947 bytes from 0x5
READ: read 947 bytes from 0x5
RB: Have 5 bytes into buffer. Adding 947 bytes.
RB: Requested 952 bytes
REC[0xaa78b0]: Decrypted Packet[2] Handshake(22) with length: 930
BUF[REC]: Inserted 930 bytes of Data(22)
HSK[0xaa78b0]: CERTIFICATE (11) was received. Length 926[926], frag offset 0, frag length: 926, sequence: 0
HSK[0xaa78b0]: parsing certificate message
ASSERT: buffers.c[get_last_packet]:1171
READ: Got 5 bytes from 0x5
READ: read 5 bytes from 0x5
RB: Have 0 bytes into buffer. Adding 5 bytes.
RB: Requested 5 bytes
REC[0xaa78b0]: SSL 3.3 Application Data packet received. Epoch 1, length: 329
REC[0xaa78b0]: Expected Packet Handshake(22)
REC[0xaa78b0]: Received Packet Application Data(23) with length: 329
READ: Got 329 bytes from 0x5
READ: read 329 bytes from 0x5
RB: Have 5 bytes into buffer. Adding 329 bytes.
RB: Requested 334 bytes
REC[0xaa78b0]: Decrypted Packet[3] Handshake(22) with length: 312
BUF[REC]: Inserted 312 bytes of Data(22)
HSK[0xaa78b0]: CERTIFICATE VERIFY (15) was received. Length 308[308], frag offset 0, frag length: 308, sequence: 0
HSK[0xaa78b0]: Parsing certificate verify
HSK[0xaa78b0]: verifying TLS 1.3 handshake data using RSA-PSS-RSAE-SHA256
ASSERT: mpi.c[wrap_nettle_mpi_print]:60
ASSERT: mpi.c[wrap_nettle_mpi_print]:60
ASSERT: ocsp-api.c[gnutls_ocsp_status_request_get2]:99
ASSERT: verify.c[verify_crt]:663
ASSERT: verify.c[verify_crt]:815
ASSERT: verify.c[_gnutls_verify_crt_status]:985
issuer in verification was not found or insecure; trying against trust list
ASSERT: verify.c[verify_crt]:663
ASSERT: verify.c[verify_crt]:815
ASSERT: verify.c[_gnutls_verify_crt_status]:985
ASSERT: verify-high.c[gnutls_x509_trust_list_verify_crt2]:1374
Server certificate verify failed: signer not found
ASSERT: common.c[_gnutls_copy_data]:1611
ASSERT: x509.c[gnutls_x509_crt_export]:2922
ASSERT: buffers.c[get_last_packet]:1171
READ: Got 5 bytes from 0x5
READ: read 5 bytes from 0x5
RB: Have 0 bytes into buffer. Adding 5 bytes.
RB: Requested 5 bytes
REC[0xaa78b0]: SSL 3.3 Application Data packet received. Epoch 1, length: 53
REC[0xaa78b0]: Expected Packet Handshake(22)
REC[0xaa78b0]: Received Packet Application Data(23) with length: 53
READ: Got 53 bytes from 0x5
READ: read 53 bytes from 0x5
RB: Have 5 bytes into buffer. Adding 53 bytes.
RB: Requested 58 bytes
REC[0xaa78b0]: Decrypted Packet[4] Handshake(22) with length: 36
BUF[REC]: Inserted 36 bytes of Data(22)
HSK[0xaa78b0]: FINISHED (20) was received. Length 32[32], frag offset 0, frag length: 32, sequence: 0
HSK[0xaa78b0]: parsing finished
HSK[0xaa78b0]: CERTIFICATE was queued [544 bytes]
HWRITE: enqueued [CERTIFICATE] 544. Total 544 bytes.
checking cert compat with RSA-SHA256
cannot use privkey of EC/ECDSA with RSA-SHA256
checking cert compat with RSA-PSS-SHA256
cannot use privkey of EC/ECDSA with RSA-PSS-SHA256
checking cert compat with RSA-PSS-RSAE-SHA256
cannot use privkey of EC/ECDSA with RSA-PSS-RSAE-SHA256
checking cert compat with ECDSA-SECP256R1-SHA256
HSK[0xaa78b0]: signing TLS 1.3 handshake data: using ECDSA-SECP256R1-SHA256 and PRF: SHA256
HSK[0xaa78b0]: CERTIFICATE VERIFY was queued [79 bytes]
HWRITE: enqueued [CERTIFICATE VERIFY] 79. Total 623 bytes.
HSK[0xaa78b0]: sending finished
HSK[0xaa78b0]: FINISHED was queued [36 bytes]
HWRITE: enqueued [FINISHED] 36. Total 659 bytes.
HWRITE FLUSH: 659 bytes in buffer.
REC[0xaa78b0]: Preparing Packet Handshake(22) with length: 544 and min pad: 0
ENC[0xaa78b0]: cipher: AES-128-GCM, MAC: AEAD, Epoch: 1
WRITE: enqueued 566 bytes for 0x5. Total 566 bytes.
REC[0xaa78b0]: Sent Packet[1] Handshake(22) in epoch 1 and length: 566
HWRITE: wrote 1 bytes, 115 bytes left.
REC[0xaa78b0]: Preparing Packet Handshake(22) with length: 79 and min pad: 0
ENC[0xaa78b0]: cipher: AES-128-GCM, MAC: AEAD, Epoch: 1
WRITE: enqueued 101 bytes for 0x5. Total 667 bytes.
REC[0xaa78b0]: Sent Packet[2] Handshake(22) in epoch 1 and length: 101
HWRITE: wrote 1 bytes, 36 bytes left.
REC[0xaa78b0]: Preparing Packet Handshake(22) with length: 36 and min pad: 0
ENC[0xaa78b0]: cipher: AES-128-GCM, MAC: AEAD, Epoch: 1
WRITE: enqueued 58 bytes for 0x5. Total 725 bytes.
REC[0xaa78b0]: Sent Packet[3] Handshake(22) in epoch 1 and length: 58
HWRITE: wrote 1 bytes, 0 bytes left.
WRITE FLUSH: 725 bytes in buffer.
WRITE: wrote 725 bytes, 0 bytes left.
ASSERT: constate.c[_gnutls_epoch_get]:901
REC[0xaa78b0]: Allocating epoch #2
REC[0xaa78b0]: Initializing epoch #2
INT: CLIENT WRITE KEY [16]: 31051ba22508f48906c2584554c674a1
INT: SERVER WRITE KEY [16]: 300cba5a60c4f1683ed43914a6cdc27b
INT: CLIENT WRITE IV [12]: d713c2a97abaeffb71e3aecc
INT: SERVER WRITE IV [12]: 8d07442093e281f75fd9d41f
REC[0xaa78b0]: Epoch #2 ready
HSK[0xaa78b0]: TLS 1.3 re-key with cipher suite: GNUTLS_AES_128_GCM_SHA256
BUF[HSK]: Emptied buffer
BUF[HSK]: Emptied buffer
REC[0xaa78b0]: Start of epoch cleanup
REC[0xaa78b0]: Epoch #0 freed
REC[0xaa78b0]: Epoch #1 freed
REC[0xaa78b0]: End of epoch cleanup
Connected to HTTPS on 127.0.0.2
REC[0xaa78b0]: Preparing Packet Application Data(23) with length: 575 and min pad: 0
ENC[0xaa78b0]: cipher: AES-128-GCM, MAC: AEAD, Epoch: 2
WRITE: enqueued 597 bytes for 0x5. Total 597 bytes.
WRITE FLUSH: 597 bytes in buffer.
WRITE: wrote 597 bytes, 0 bytes left.
REC[0xaa78b0]: Sent Packet[1] Application Data(23) in epoch 2 and length: 597
READ: -1 returned from 0x5, errno=11 gerrno=0
ASSERT: buffers.c[_gnutls_io_read_buffered]:589
ASSERT: record.c[_gnutls_recv_int]:1759
ocserv[17364]: worker:  client certificate verification succeeded
READ: Got 5 bytes from 0x5
READ: read 5 bytes from 0x5
RB: Have 0 bytes into buffer. Adding 5 bytes.
RB: Requested 5 bytes
REC[0xaa78b0]: SSL 3.3 Application Data packet received. Epoch 2, length: 494
REC[0xaa78b0]: Expected Packet Application Data(23)
REC[0xaa78b0]: Received Packet Application Data(23) with length: 494
READ: Got 494 bytes from 0x5
READ: read 494 bytes from 0x5
RB: Have 5 bytes into buffer. Adding 494 bytes.
RB: Requested 499 bytes
REC[0xaa78b0]: Decrypted Packet[0] Application Data(23) with length: 477
BUF[REC]: Inserted 477 bytes of Data(23)
Got HTTP response: HTTP/1.1 200 OK
Set-Cookie: webvpncontext=; expires=Thu, 01 Jan 1970 22:00:00 GMT; path=/; Secure
Content-Type: text/xml
Content-Length: 306
X-Transcend-Version: 1
HTTP body length:  (306)
BUF[HSK]: Emptied buffer
REC[0xaa78b0]: Start of epoch cleanup
REC[0xaa78b0]: End of epoch cleanup
REC[0xaa78b0]: Epoch #2 freed
XML POST enabled
Please enter your username.
POST https://127.0.0.2/auth
REC[0xab0a20]: Allocating epoch #0
added 6 protocols, 29 ciphersuites, 18 sig algos and 9 groups into priority list
SSL negotiation with 127.0.0.2
REC[0xab0a20]: Allocating epoch #1
HSK[0xab0a20]: Adv. version: 3.3
Keeping ciphersuite 13.02 (GNUTLS_AES_256_GCM_SHA384)
Keeping ciphersuite 13.03 (GNUTLS_CHACHA20_POLY1305_SHA256)
Keeping ciphersuite 13.01 (GNUTLS_AES_128_GCM_SHA256)
Keeping ciphersuite 13.04 (GNUTLS_AES_128_CCM_SHA256)
Keeping ciphersuite c0.2c (GNUTLS_ECDHE_ECDSA_AES_256_GCM_SHA384)
Keeping ciphersuite cc.a9 (GNUTLS_ECDHE_ECDSA_CHACHA20_POLY1305)
Keeping ciphersuite c0.ad (GNUTLS_ECDHE_ECDSA_AES_256_CCM)
Keeping ciphersuite c0.0a (GNUTLS_ECDHE_ECDSA_AES_256_CBC_SHA1)
Keeping ciphersuite c0.2b (GNUTLS_ECDHE_ECDSA_AES_128_GCM_SHA256)
Keeping ciphersuite c0.ac (GNUTLS_ECDHE_ECDSA_AES_128_CCM)
Keeping ciphersuite c0.09 (GNUTLS_ECDHE_ECDSA_AES_128_CBC_SHA1)
Keeping ciphersuite c0.30 (GNUTLS_ECDHE_RSA_AES_256_GCM_SHA384)
Keeping ciphersuite cc.a8 (GNUTLS_ECDHE_RSA_CHACHA20_POLY1305)
Keeping ciphersuite c0.14 (GNUTLS_ECDHE_RSA_AES_256_CBC_SHA1)
Keeping ciphersuite c0.2f (GNUTLS_ECDHE_RSA_AES_128_GCM_SHA256)
Keeping ciphersuite c0.13 (GNUTLS_ECDHE_RSA_AES_128_CBC_SHA1)
Keeping ciphersuite 00.9d (GNUTLS_RSA_AES_256_GCM_SHA384)
Keeping ciphersuite c0.9d (GNUTLS_RSA_AES_256_CCM)
Keeping ciphersuite 00.35 (GNUTLS_RSA_AES_256_CBC_SHA1)
Keeping ciphersuite 00.9c (GNUTLS_RSA_AES_128_GCM_SHA256)
Keeping ciphersuite c0.9c (GNUTLS_RSA_AES_128_CCM)
Keeping ciphersuite 00.2f (GNUTLS_RSA_AES_128_CBC_SHA1)
Keeping ciphersuite 00.9f (GNUTLS_DHE_RSA_AES_256_GCM_SHA384)
Keeping ciphersuite cc.aa (GNUTLS_DHE_RSA_CHACHA20_POLY1305)
Keeping ciphersuite c0.9f (GNUTLS_DHE_RSA_AES_256_CCM)
Keeping ciphersuite 00.39 (GNUTLS_DHE_RSA_AES_256_CBC_SHA1)
Keeping ciphersuite 00.9e (GNUTLS_DHE_RSA_AES_128_GCM_SHA256)
Keeping ciphersuite c0.9e (GNUTLS_DHE_RSA_AES_128_CCM)
Keeping ciphersuite 00.33 (GNUTLS_DHE_RSA_AES_128_CBC_SHA1)
EXT[0xab0a20]: Preparing extension (Maximum Record Size/1) for 'client hello'
EXT[0xab0a20]: Preparing extension (OCSP Status Request/5) for 'client hello'
EXT[0xab0a20]: Sending extension OCSP Status Request/5 (5 bytes)
EXT[0xab0a20]: Preparing extension (Client Certificate Type/19) for 'client hello'
EXT[0xab0a20]: Preparing extension (Server Certificate Type/20) for 'client hello'
EXT[0xab0a20]: Preparing extension (Supported Groups/10) for 'client hello'
EXT[0xab0a20]: Sent group SECP256R1 (0x17)
EXT[0xab0a20]: Sent group SECP384R1 (0x18)
EXT[0xab0a20]: Sent group SECP521R1 (0x19)
EXT[0xab0a20]: Sent group X25519 (0x1d)
EXT[0xab0a20]: Sent group FFDHE2048 (0x100)
EXT[0xab0a20]: Sent group FFDHE3072 (0x101)
EXT[0xab0a20]: Sent group FFDHE4096 (0x102)
EXT[0xab0a20]: Sent group FFDHE6144 (0x103)
EXT[0xab0a20]: Sent group FFDHE8192 (0x104)
EXT[0xab0a20]: Sending extension Supported Groups/10 (20 bytes)
EXT[0xab0a20]: Preparing extension (Supported EC Point Formats/11) for 'client hello'
EXT[0xab0a20]: Sending extension Supported EC Point Formats/11 (2 bytes)
EXT[0xab0a20]: Preparing extension (SRP/12) for 'client hello'
EXT[0xab0a20]: Preparing extension (Signature Algorithms/13) for 'client hello'
EXT[0xab0a20]: sent signature algo (4.1) RSA-SHA256
EXT[0xab0a20]: sent signature algo (8.9) RSA-PSS-SHA256
EXT[0xab0a20]: sent signature algo (8.4) RSA-PSS-RSAE-SHA256
EXT[0xab0a20]: sent signature algo (4.3) ECDSA-SHA256
EXT[0xab0a20]: sent signature algo (8.7) EdDSA-Ed25519
EXT[0xab0a20]: sent signature algo (5.1) RSA-SHA384
EXT[0xab0a20]: sent signature algo (8.10) RSA-PSS-SHA384
EXT[0xab0a20]: sent signature algo (8.5) RSA-PSS-RSAE-SHA384
EXT[0xab0a20]: sent signature algo (5.3) ECDSA-SHA384
EXT[0xab0a20]: sent signature algo (6.1) RSA-SHA512
EXT[0xab0a20]: sent signature algo (8.11) RSA-PSS-SHA512
EXT[0xab0a20]: sent signature algo (8.6) RSA-PSS-RSAE-SHA512
EXT[0xab0a20]: sent signature algo (6.3) ECDSA-SHA512
EXT[0xab0a20]: sent signature algo (2.1) RSA-SHA1
EXT[0xab0a20]: sent signature algo (2.3) ECDSA-SHA1
EXT[0xab0a20]: Sending extension Signature Algorithms/13 (32 bytes)
EXT[0xab0a20]: Preparing extension (SRTP/14) for 'client hello'
EXT[0xab0a20]: Preparing extension (Heartbeat/15) for 'client hello'
EXT[0xab0a20]: Preparing extension (ALPN/16) for 'client hello'
EXT[0xab0a20]: Preparing extension (Encrypt-then-MAC/22) for 'client hello'
EXT[0xab0a20]: Preparing extension (Extended Master Secret/23) for 'client hello'
EXT[0xab0a20]: Preparing extension (Session Ticket/35) for 'client hello'
EXT[0xab0a20]: Sending extension Session Ticket/35 (0 bytes)
EXT[0xab0a20]: Preparing extension (Key Share/51) for 'client hello'
EXT[0xab0a20]: sending key share for SECP256R1
ASSERT: mpi.c[wrap_nettle_mpi_print]:60
ASSERT: mpi.c[wrap_nettle_mpi_print]:60
EXT[0xab0a20]: sending key share for X25519
EXT[0xab0a20]: Sending extension Key Share/51 (107 bytes)
EXT[0xab0a20]: Preparing extension (Supported Versions/43) for 'client hello'
Advertizing version 3.4
Advertizing version 3.3
Advertizing version 3.2
Advertizing version 3.1
EXT[0xab0a20]: Sending extension Supported Versions/43 (9 bytes)
EXT[0xab0a20]: Preparing extension (Post Handshake Auth/49) for 'client hello'
EXT[0xab0a20]: Preparing extension (Safe Renegotiation/65281) for 'client hello'
EXT[0xab0a20]: Sending extension Safe Renegotiation/65281 (1 bytes)
EXT[0xab0a20]: Preparing extension (Server Name Indication/0) for 'client hello'
EXT[0xab0a20]: Preparing extension (Cookie/44) for 'client hello'
EXT[0xab0a20]: Preparing extension (Early Data/42) for 'client hello'
EXT[0xab0a20]: Preparing extension (PSK Key Exchange Modes/45) for 'client hello'
EXT[0xab0a20]: Sending extension PSK Key Exchange Modes/45 (3 bytes)
EXT[0xab0a20]: Preparing extension (Record Size Limit/28) for 'client hello'
EXT[0xab0a20]: Sending extension Record Size Limit/28 (2 bytes)
EXT[0xab0a20]: Preparing extension (ClientHello Padding/21) for 'client hello'
EXT[0xab0a20]: Sending extension ClientHello Padding/21 (184 bytes)
EXT[0xab0a20]: Preparing extension (Pre Shared Key/41) for 'client hello'
HSK[0xab0a20]: CLIENT HELLO was queued [512 bytes]
HWRITE: enqueued [CLIENT HELLO] 512. Total 512 bytes.
HWRITE FLUSH: 512 bytes in buffer.
REC[0xab0a20]: Preparing Packet Handshake(22) with length: 512 and min pad: 0
ENC[0xab0a20]: cipher: NULL, MAC: MAC-NULL, Epoch: 0
WRITE: enqueued 517 bytes for 0x5. Total 517 bytes.
REC[0xab0a20]: Sent Packet[1] Handshake(22) in epoch 0 and length: 517
HWRITE: wrote 1 bytes, 0 bytes left.
WRITE FLUSH: 517 bytes in buffer.
WRITE: wrote 517 bytes, 0 bytes left.
ASSERT: buffers.c[get_last_packet]:1171
ocserv[17291]: main:127.0.0.2:27350 user disconnected (reason: unspecified, rx: 0, tx: 0)
READ: Got 5 bytes from 0x5
READ: read 5 bytes from 0x5
RB: Have 0 bytes into buffer. Adding 5 bytes.
RB: Requested 5 bytes
REC[0xab0a20]: SSL 3.3 Handshake packet received. Epoch 0, length: 123
REC[0xab0a20]: Expected Packet Handshake(22)
REC[0xab0a20]: Received Packet Handshake(22) with length: 123
READ: Got 123 bytes from 0x5
READ: read 123 bytes from 0x5
RB: Have 5 bytes into buffer. Adding 123 bytes.
RB: Requested 128 bytes
REC[0xab0a20]: Decrypted Packet[0] Handshake(22) with length: 123
BUF[REC]: Inserted 123 bytes of Data(22)
HSK[0xab0a20]: SERVER HELLO (2) was received. Length 119[119], frag offset 0, frag length: 119, sequence: 0
ASSERT: buffers.c[get_last_packet]:1162
ASSERT: buffers.c[_gnutls_handshake_io_recv_int]:1413
HSK[0xab0a20]: Server's version: 3.3
EXT[0xab0a20]: Parsing extension 'Supported Versions/43' (2 bytes)
EXT[0xab0a20]: Negotiated version: 3.4
HSK[0xab0a20]: Selected cipher suite: GNUTLS_AES_128_GCM_SHA256
EXT[0xab0a20]: Parsing extension 'Key Share/51' (69 bytes)
HSK[0xab0a20]: Selected group SECP256R1 (2)
EXT[0xab0a20]: client generated SECP256R1 shared key
HWRITE: enqueued [CHANGE CIPHER SPEC] 1. Total 1 bytes.
HWRITE FLUSH: 1 bytes in buffer.
REC[0xab0a20]: Preparing Packet ChangeCipherSpec(20) with length: 1 and min pad: 0
ENC[0xab0a20]: cipher: NULL, MAC: MAC-NULL, Epoch: 0
WRITE: enqueued 6 bytes for 0x5. Total 6 bytes.
REC[0xab0a20]: Sent Packet[2] ChangeCipherSpec(20) in epoch 0 and length: 6
HWRITE: wrote 1 bytes, 0 bytes left.
WRITE FLUSH: 6 bytes in buffer.
WRITE: wrote 6 bytes, 0 bytes left.
REC[0xab0a20]: Sent ChangeCipherSpec
REC[0xab0a20]: Initializing epoch #1
INT: CLIENT WRITE KEY [16]: 229a741e504715aab494e860af4f7224
INT: SERVER WRITE KEY [16]: 4a686c2980b1cf6a8d6d7c3e638b312e
INT: CLIENT WRITE IV [12]: a23bff7caf58684e8b5d9d51
INT: SERVER WRITE IV [12]: db1b99d1d148762e3a2d176a
REC[0xab0a20]: Epoch #1 ready
HSK[0xab0a20]: TLS 1.3 re-key with cipher suite: GNUTLS_AES_128_GCM_SHA256
ASSERT: buffers.c[get_last_packet]:1171
READ: Got 5 bytes from 0x5
READ: read 5 bytes from 0x5
RB: Have 0 bytes into buffer. Adding 5 bytes.
RB: Requested 5 bytes
REC[0xab0a20]: SSL 3.3 ChangeCipherSpec packet received. Epoch 1, length: 1
REC[0xab0a20]: Expected Packet Handshake(22)
REC[0xab0a20]: Received Packet ChangeCipherSpec(20) with length: 1
READ: Got 1 bytes from 0x5
READ: read 1 bytes from 0x5
RB: Have 5 bytes into buffer. Adding 1 bytes.
RB: Requested 6 bytes
discarding change cipher spec in TLS1.3
READ: Got 5 bytes from 0x5
READ: read 5 bytes from 0x5
RB: Have 0 bytes into buffer. Adding 5 bytes.
RB: Requested 5 bytes
REC[0xab0a20]: SSL 3.3 Application Data packet received. Epoch 1, length: 29
REC[0xab0a20]: Expected Packet Handshake(22)
REC[0xab0a20]: Received Packet Application Data(23) with length: 29
READ: Got 29 bytes from 0x5
READ: read 29 bytes from 0x5
RB: Have 5 bytes into buffer. Adding 29 bytes.
RB: Requested 34 bytes
REC[0xab0a20]: Decrypted Packet[0] Handshake(22) with length: 12
BUF[REC]: Inserted 12 bytes of Data(22)
HSK[0xab0a20]: ENCRYPTED EXTENSIONS (8) was received. Length 8[8], frag offset 0, frag length: 8, sequence: 0
HSK[0xab0a20]: parsing encrypted extensions
EXT[0xab0a20]: Parsing extension 'Record Size Limit/28' (2 bytes)
ASSERT: buffers.c[get_last_packet]:1171
READ: Got 5 bytes from 0x5
READ: read 5 bytes from 0x5
RB: Have 0 bytes into buffer. Adding 5 bytes.
RB: Requested 5 bytes
REC[0xab0a20]: SSL 3.3 Application Data packet received. Epoch 1, length: 85
REC[0xab0a20]: Expected Packet Handshake(22)
REC[0xab0a20]: Received Packet Application Data(23) with length: 85
READ: Got 85 bytes from 0x5
READ: read 85 bytes from 0x5
RB: Have 5 bytes into buffer. Adding 85 bytes.
RB: Requested 90 bytes
REC[0xab0a20]: Decrypted Packet[1] Handshake(22) with length: 68
BUF[REC]: Inserted 68 bytes of Data(22)
HSK[0xab0a20]: CERTIFICATE REQUEST (13) was received. Length 64[64], frag offset 0, frag length: 64, sequence: 0
HSK[0xab0a20]: parsing certificate request
EXT[0xab0a20]: rcvd signature algo (4.1) RSA-SHA256
EXT[0xab0a20]: rcvd signature algo (8.9) RSA-PSS-SHA256
EXT[0xab0a20]: rcvd signature algo (8.4) RSA-PSS-RSAE-SHA256
EXT[0xab0a20]: rcvd signature algo (4.3) ECDSA-SECP256R1-SHA256
EXT[0xab0a20]: rcvd signature algo (8.7) EdDSA-Ed25519
EXT[0xab0a20]: rcvd signature algo (5.1) RSA-SHA384
EXT[0xab0a20]: rcvd signature algo (8.10) RSA-PSS-SHA384
EXT[0xab0a20]: rcvd signature algo (8.5) RSA-PSS-RSAE-SHA384
EXT[0xab0a20]: rcvd signature algo (5.3) ECDSA-SECP384R1-SHA384
EXT[0xab0a20]: rcvd signature algo (6.1) RSA-SHA512
EXT[0xab0a20]: rcvd signature algo (8.11) RSA-PSS-SHA512
EXT[0xab0a20]: rcvd signature algo (8.6) RSA-PSS-RSAE-SHA512
EXT[0xab0a20]: rcvd signature algo (6.3) ECDSA-SECP521R1-SHA512
EXT[0xab0a20]: rcvd signature algo (2.1) RSA-SHA1
EXT[0xab0a20]: rcvd signature algo (2.3) ECDSA-SHA1
EXT[0xab0a20]: rcvd signature algo (2.2) (null)
Peer requested CA: CN=CA
ASSERT: buffers.c[get_last_packet]:1171
READ: Got 5 bytes from 0x5
READ: read 5 bytes from 0x5
RB: Have 0 bytes into buffer. Adding 5 bytes.
RB: Requested 5 bytes
REC[0xab0a20]: SSL 3.3 Application Data packet received. Epoch 1, length: 947
REC[0xab0a20]: Expected Packet Handshake(22)
REC[0xab0a20]: Received Packet Application Data(23) with length: 947
READ: Got 947 bytes from 0x5
READ: read 947 bytes from 0x5
RB: Have 5 bytes into buffer. Adding 947 bytes.
RB: Requested 952 bytes
REC[0xab0a20]: Decrypted Packet[2] Handshake(22) with length: 930
BUF[REC]: Inserted 930 bytes of Data(22)
HSK[0xab0a20]: CERTIFICATE (11) was received. Length 926[926], frag offset 0, frag length: 926, sequence: 0
HSK[0xab0a20]: parsing certificate message
ASSERT: buffers.c[get_last_packet]:1171
READ: Got 5 bytes from 0x5
READ: read 5 bytes from 0x5
RB: Have 0 bytes into buffer. Adding 5 bytes.
RB: Requested 5 bytes
REC[0xab0a20]: SSL 3.3 Application Data packet received. Epoch 1, length: 329
REC[0xab0a20]: Expected Packet Handshake(22)
REC[0xab0a20]: Received Packet Application Data(23) with length: 329
READ: Got 329 bytes from 0x5
READ: read 329 bytes from 0x5
RB: Have 5 bytes into buffer. Adding 329 bytes.
RB: Requested 334 bytes
REC[0xab0a20]: Decrypted Packet[3] Handshake(22) with length: 312
BUF[REC]: Inserted 312 bytes of Data(22)
HSK[0xab0a20]: CERTIFICATE VERIFY (15) was received. Length 308[308], frag offset 0, frag length: 308, sequence: 0
HSK[0xab0a20]: Parsing certificate verify
HSK[0xab0a20]: verifying TLS 1.3 handshake data using RSA-PSS-RSAE-SHA256
ASSERT: mpi.c[wrap_nettle_mpi_print]:60
ASSERT: mpi.c[wrap_nettle_mpi_print]:60
ASSERT: ocsp-api.c[gnutls_ocsp_status_request_get2]:99
ASSERT: verify.c[verify_crt]:663
ASSERT: verify.c[verify_crt]:815
ASSERT: verify.c[_gnutls_verify_crt_status]:985
issuer in verification was not found or insecure; trying against trust list
ASSERT: verify.c[verify_crt]:663
ASSERT: verify.c[verify_crt]:815
ASSERT: verify.c[_gnutls_verify_crt_status]:985
ASSERT: verify-high.c[gnutls_x509_trust_list_verify_crt2]:1374
Server certificate verify failed: signer not found
ASSERT: common.c[_gnutls_copy_data]:1611
ASSERT: x509.c[gnutls_x509_crt_export]:2922
ASSERT: buffers.c[get_last_packet]:1171
READ: Got 5 bytes from 0x5
READ: read 5 bytes from 0x5
RB: Have 0 bytes into buffer. Adding 5 bytes.
RB: Requested 5 bytes
REC[0xab0a20]: SSL 3.3 Application Data packet received. Epoch 1, length: 53
REC[0xab0a20]: Expected Packet Handshake(22)
REC[0xab0a20]: Received Packet Application Data(23) with length: 53
READ: Got 53 bytes from 0x5
READ: read 53 bytes from 0x5
RB: Have 5 bytes into buffer. Adding 53 bytes.
RB: Requested 58 bytes
REC[0xab0a20]: Decrypted Packet[4] Handshake(22) with length: 36
BUF[REC]: Inserted 36 bytes of Data(22)
HSK[0xab0a20]: FINISHED (20) was received. Length 32[32], frag offset 0, frag length: 32, sequence: 0
HSK[0xab0a20]: parsing finished
HSK[0xab0a20]: CERTIFICATE was queued [544 bytes]
HWRITE: enqueued [CERTIFICATE] 544. Total 544 bytes.
checking cert compat with RSA-SHA256
cannot use privkey of EC/ECDSA with RSA-SHA256
checking cert compat with RSA-PSS-SHA256
cannot use privkey of EC/ECDSA with RSA-PSS-SHA256
checking cert compat with RSA-PSS-RSAE-SHA256
cannot use privkey of EC/ECDSA with RSA-PSS-RSAE-SHA256
checking cert compat with ECDSA-SECP256R1-SHA256
HSK[0xab0a20]: signing TLS 1.3 handshake data: using ECDSA-SECP256R1-SHA256 and PRF: SHA256
HSK[0xab0a20]: CERTIFICATE VERIFY was queued [78 bytes]
HWRITE: enqueued [CERTIFICATE VERIFY] 78. Total 622 bytes.
HSK[0xab0a20]: sending finished
HSK[0xab0a20]: FINISHED was queued [36 bytes]
HWRITE: enqueued [FINISHED] 36. Total 658 bytes.
HWRITE FLUSH: 658 bytes in buffer.
REC[0xab0a20]: Preparing Packet Handshake(22) with length: 544 and min pad: 0
ENC[0xab0a20]: cipher: AES-128-GCM, MAC: AEAD, Epoch: 1
WRITE: enqueued 566 bytes for 0x5. Total 566 bytes.
REC[0xab0a20]: Sent Packet[1] Handshake(22) in epoch 1 and length: 566
HWRITE: wrote 1 bytes, 114 bytes left.
REC[0xab0a20]: Preparing Packet Handshake(22) with length: 78 and min pad: 0
ENC[0xab0a20]: cipher: AES-128-GCM, MAC: AEAD, Epoch: 1
WRITE: enqueued 100 bytes for 0x5. Total 666 bytes.
REC[0xab0a20]: Sent Packet[2] Handshake(22) in epoch 1 and length: 100
HWRITE: wrote 1 bytes, 36 bytes left.
REC[0xab0a20]: Preparing Packet Handshake(22) with length: 36 and min pad: 0
ENC[0xab0a20]: cipher: AES-128-GCM, MAC: AEAD, Epoch: 1
WRITE: enqueued 58 bytes for 0x5. Total 724 bytes.
REC[0xab0a20]: Sent Packet[3] Handshake(22) in epoch 1 and length: 58
HWRITE: wrote 1 bytes, 0 bytes left.
WRITE FLUSH: 724 bytes in buffer.
WRITE: wrote 724 bytes, 0 bytes left.
ASSERT: constate.c[_gnutls_epoch_get]:901
REC[0xab0a20]: Allocating epoch #2
REC[0xab0a20]: Initializing epoch #2
INT: CLIENT WRITE KEY [16]: f5c4c6e728f55f662ee96f846f473504
INT: SERVER WRITE KEY [16]: 8d571c75b6d81b8448080e7dcbbc8d84
INT: CLIENT WRITE IV [12]: 8ac54e0182ef815f5176b035
INT: SERVER WRITE IV [12]: 2adbd446273aa3dd17fa9ec3
REC[0xab0a20]: Epoch #2 ready
HSK[0xab0a20]: TLS 1.3 re-key with cipher suite: GNUTLS_AES_128_GCM_SHA256
BUF[HSK]: Emptied buffer
BUF[HSK]: Emptied buffer
REC[0xab0a20]: Start of epoch cleanup
REC[0xab0a20]: Epoch #0 freed
REC[0xab0a20]: Epoch #1 freed
REC[0xab0a20]: End of epoch cleanup
Connected to HTTPS on 127.0.0.2
REC[0xab0a20]: Preparing Packet Application Data(23) with length: 579 and min pad: 0
ENC[0xab0a20]: cipher: AES-128-GCM, MAC: AEAD, Epoch: 2
WRITE: enqueued 601 bytes for 0x5. Total 601 bytes.
WRITE FLUSH: 601 bytes in buffer.
WRITE: wrote 601 bytes, 0 bytes left.
REC[0xab0a20]: Sent Packet[1] Application Data(23) in epoch 2 and length: 601
READ: -1 returned from 0x5, errno=11 gerrno=0
ASSERT: buffers.c[_gnutls_io_read_buffered]:589
ASSERT: record.c[_gnutls_recv_int]:1759
ocserv[17365]: worker:  client certificate verification succeeded
ocserv[17293]: sec-mod: using 'certificate+plain' authentication to authenticate user (session: P6oHKw)
READ: Got 5 bytes from 0x5
READ: read 5 bytes from 0x5
RB: Have 0 bytes into buffer. Adding 5 bytes.
RB: Requested 5 bytes
REC[0xab0a20]: SSL 3.3 Application Data packet received. Epoch 2, length: 508
REC[0xab0a20]: Expected Packet Application Data(23)
REC[0xab0a20]: Received Packet Application Data(23) with length: 508
READ: Got 508 bytes from 0x5
READ: read 508 bytes from 0x5
RB: Have 5 bytes into buffer. Adding 508 bytes.
RB: Requested 513 bytes
REC[0xab0a20]: Decrypted Packet[0] Application Data(23) with length: 491
BUF[REC]: Inserted 491 bytes of Data(23)
Got HTTP response: HTTP/1.1 200 OK
Set-Cookie: webvpncontext=HCAkM0yPkB/MTuTGNuiKQIDF3E8346i4dUwsOBxkVCs=; Max-Age=120; Secure
Content-Type: text/xml
Content-Length: 310
X-Transcend-Version: 1
HTTP body length:  (310)
Please enter your password.
POST https://127.0.0.2/auth
REC[0xab0a20]: Preparing Packet Application Data(23) with length: 647 and min pad: 0
ENC[0xab0a20]: cipher: AES-128-GCM, MAC: AEAD, Epoch: 2
WRITE: enqueued 669 bytes for 0x5. Total 669 bytes.
WRITE FLUSH: 669 bytes in buffer.
WRITE: wrote 669 bytes, 0 bytes left.
REC[0xab0a20]: Sent Packet[2] Application Data(23) in epoch 2 and length: 669
READ: -1 returned from 0x5, errno=11 gerrno=0
ASSERT: buffers.c[_gnutls_io_read_buffered]:589
ASSERT: record.c[_gnutls_recv_int]:1759
READ: Got 5 bytes from 0x5
READ: read 5 bytes from 0x5
RB: Have 0 bytes into buffer. Adding 5 bytes.
RB: Requested 5 bytes
REC[0xab0a20]: SSL 3.3 Application Data packet received. Epoch 2, length: 644
REC[0xab0a20]: Expected Packet Application Data(23)
REC[0xab0a20]: Received Packet Application Data(23) with length: 644
READ: Got 644 bytes from 0x5
READ: read 644 bytes from 0x5
RB: Have 5 bytes into buffer. Adding 644 bytes.
RB: Requested 649 bytes
REC[0xab0a20]: Decrypted Packet[1] Application Data(23) with length: 627
BUF[REC]: Inserted 627 bytes of Data(23)
Got HTTP response: HTTP/1.1 200 OK
Connection: Keep-Alive
Content-Type: text/xml
Content-Length: 189
X-Transcend-Version: 1
Set-Cookie: webvpncontext=HCAkM0yPkB/MTuTGNuiKQIDF3E8346i4dUwsOBxkVCs=; Secure
Set-Cookie: webvpn=<elided>; Secure
Set-Cookie: webvpnc=; expires=Thu, 01 Jan 1970 22:00:00 GMT; path=/; Secure
Set-Cookie: webvpnc=bu:/&p:t&iu:1/&sh:D66B507AE074D03B02EAFCA40D35F87DD81049D3; path=/; Secure
HTTP body length:  (189)
BUF[HSK]: Emptied buffer
REC[0xab0a20]: Start of epoch cleanup
REC[0xab0a20]: End of epoch cleanup
REC[0xab0a20]: Epoch #2 freed
ocserv[17291]: main:127.0.0.2:27351 user disconnected (reason: unspecified, rx: 0, tx: 0)
COOKIE='HCAkM0yPkB/MTuTGNuiKQIDF3E8346i4dUwsOBxkVCs='
HOST='127.0.0.2'
FINGERPRINT='pin-sha256:xp3scfzy3rOQsv9NcOve/8YVVv+pHr4qNCXEXrNl5s8='
ok
ocserv[17291]: main: termination request received; waiting for children to die
PASS auth-pkcs11 (exit status: 0)