Last active
January 13, 2021 04:31
-
-
Save ghulands/f89b49bf180bfac86c98c46c4260f1eb to your computer and use it in GitHub Desktop.
Squid cannot generate a certificate for arstechnica
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| 2021/01/12 20:30:01.590 kid1| 83,3| Handshake.cc(515) parseSniExtension: host_name=arstechnica.com | |
| 2021/01/12 20:30:01.590 kid1| 83,5| Handshake.cc(418) parseExtensions: first unsupported extension: 23 | |
| 2021/01/12 20:30:01.590 kid1| 83,5| ../../src/security/PeerOptions.h(110) convertContextFromRawPtr: SSL_CTX construct, this=0x849f03000 | |
| 2021/01/12 20:30:01.590 kid1| 83,5| ServerOptions.cc(395) updateContextConfig: Using cipher suite EECDH+ECDSA+AESGCM:EECDH+aRSA+AESGCM:EECDH+ECDSA+SHA384:EECDH+ECDSA+SHA256:EECDH+aRSA+SHA384:EECDH+aRSA+SHA256:EECDH+aRSA+RC4:EECDH:EDH+aRSA:HIGH:!RC4:!aNULL:!eNULL:!LOW:!3DES:!MD5:!EXP:!PSK:!SRP:!DSS. | |
| 2021/01/12 20:30:01.601 kid1| 83,5| Session.cc(103) NewSessionObject: SSL_new session=0x82ae1e000 | |
| 2021/01/12 20:30:01.601 kid1| 83,5| bio.cc(620) squid_bio_ctrl: 0x82e4ba600 104(6000, 0x7fffffffe2dc) | |
| 2021/01/12 20:30:01.601 kid1| 83,5| Session.cc(161) CreateSession: link FD 21 to TLS session=0x82ae1e000 | |
| 2021/01/12 20:30:01.601 kid1| 83,5| bio.cc(620) squid_bio_ctrl: 0x82e4ba600 6(0, 0x8362c1480) | |
| 2021/01/12 20:30:01.601 kid1| 83,5| client_side.cc(3179) startPeekAndSplice: Peek and splice at step2 done. Start forwarding the request!!! | |
| 2021/01/12 20:30:01.682 kid1| 83,5| PeerConnector.cc(46) PeerConnector: conn49 local=192.168.11.157:44548 remote=52.14.190.83:443 HIER_DIRECT FD 23 flags=1 | |
| 2021/01/12 20:30:01.683 kid1| 83,5| PeerConnector.cc(69) start: this=0x82e499a58 | |
| 2021/01/12 20:30:01.683 kid1| 83,5| PeerConnector.cc(114) initialize: conn49 local=192.168.11.157:44548 remote=52.14.190.83:443 HIER_DIRECT FD 23 flags=1, ctx=0x8015b7c00 | |
| 2021/01/12 20:30:01.683 kid1| 83,5| Session.cc(103) NewSessionObject: SSL_new session=0x82ae1fc00 | |
| 2021/01/12 20:30:01.683 kid1| 83,5| bio.cc(620) squid_bio_ctrl: 0x8362c1680 104(6001, 0x7fffffffe4ec) | |
| 2021/01/12 20:30:01.683 kid1| 83,5| Session.cc(161) CreateSession: link FD 23 to TLS session=0x82ae1fc00 | |
| 2021/01/12 20:30:01.683 kid1| 83,5| PeerConnector.cc(130) initialize: conn49 local=192.168.11.157:44548 remote=52.14.190.83:443 HIER_DIRECT FD 23 flags=1, session=0x82ae1fc00 | |
| 2021/01/12 20:30:01.683 kid1| 83,5| PeerConnector.cc(178) negotiate: SSL_connect session=0x82ae1fc00 | |
| 2021/01/12 20:30:01.683 kid1| 83,5| bio.cc(620) squid_bio_ctrl: 0x8362c1680 6(0, 0x8362c1700) | |
| 2021/01/12 20:30:01.683 kid1| 83,5| bio.cc(113) write: FD 23 wrote 321 <= 321 | |
| 2021/01/12 20:30:01.683 kid1| 83,5| bio.cc(620) squid_bio_ctrl: 0x8362c1680 11(0, 0x0) | |
| 2021/01/12 20:30:01.683 kid1| 83,5| bio.cc(136) read: FD 23 read -1 <= 65535 | |
| 2021/01/12 20:30:01.683 kid1| 83,5| bio.cc(141) read: error: 35 ignored: 1 | |
| 2021/01/12 20:30:01.683 kid1| 83,5| PeerConnector.cc(449) noteWantRead: conn49 local=192.168.11.157:44548 remote=52.14.190.83:443 HIER_DIRECT FD 23 flags=1 | |
| 2021/01/12 20:30:01.683 kid1| 83,5| AsyncCall.cc(30) AsyncCall: The AsyncCall Security::PeerConnector::commTimeoutHandler constructed, this=0x82e4abd60 [call8291] | |
| 2021/01/12 20:30:01.683 kid1| 83,3| client_side_request.cc(1749) doCallouts: Doing calloutContext->hostHeaderVerify() | |
| 2021/01/12 20:30:01.683 kid1| 83,3| client_side_request.cc(1756) doCallouts: Doing calloutContext->clientAccessCheck() | |
| 2021/01/12 20:30:01.683 kid1| 83,3| AccessCheck.cc(42) Start: adaptation off, skipping | |
| 2021/01/12 20:30:01.683 kid1| 83,3| client_side_request.cc(1784) doCallouts: Doing calloutContext->clientAccessCheck2() | |
| 2021/01/12 20:30:01.683 kid1| 83,3| client_side_request.cc(1802) doCallouts: Doing clientInterpretRequestHeaders() | |
| 2021/01/12 20:30:01.683 kid1| 83,3| client_side_request.cc(1896) doCallouts: calling processRequest() | |
| 2021/01/12 20:30:01.769 kid1| 83,5| PeerConnector.cc(178) negotiate: SSL_connect session=0x82ae1fc00 | |
| 2021/01/12 20:30:01.769 kid1| 83,5| bio.cc(136) read: FD 23 read 4344 <= 65535 | |
| 2021/01/12 20:30:01.769 kid1| 83,5| Handshake.cc(622) parseHello: need more data | |
| 2021/01/12 20:30:01.769 kid1| 83,5| PeerConnector.cc(449) noteWantRead: conn49 local=192.168.11.157:44548 remote=52.14.190.83:443 HIER_DIRECT FD 23 flags=1 | |
| 2021/01/12 20:30:01.769 kid1| 83,5| AsyncCall.cc(30) AsyncCall: The AsyncCall Security::PeerConnector::commTimeoutHandler constructed, this=0x82b1cb260 [call8302] | |
| 2021/01/12 20:30:01.769 kid1| 83,5| PeerConnector.cc(178) negotiate: SSL_connect session=0x82ae1fc00 | |
| 2021/01/12 20:30:01.769 kid1| 83,5| bio.cc(136) read: FD 23 read 935 <= 65535 | |
| 2021/01/12 20:30:01.770 kid1| 83,5| Handshake.cc(418) parseExtensions: first unsupported extension: 16 | |
| 2021/01/12 20:30:01.770 kid1| 83,5| Handshake.cc(354) parseHandshakeMessage: ignoring 329-byte type-12 handshake message | |
| 2021/01/12 20:30:01.770 kid1| 83,5| PeerConnector.cc(449) noteWantRead: conn49 local=192.168.11.157:44548 remote=52.14.190.83:443 HIER_DIRECT FD 23 flags=1 | |
| 2021/01/12 20:30:01.770 kid1| 83,5| PeerConnector.cc(719) checkForMissingCertificates: SSL server sent 4 certificates | |
| 2021/01/12 20:30:01.770 kid1| 83,5| PeerConnector.cc(178) negotiate: SSL_connect session=0x82ae1fc00 | |
| 2021/01/12 20:30:01.770 kid1| 83,4| support.cc(1125) untrustedToStoreCtx_cb: Try to use pre-downloaded intermediate certificates | |
| 2021/01/12 20:30:01.770 kid1| 83,5| support.cc(293) ssl_verify_cb: SSL Certificate signature OK: /CN=*.arstechnica.com | |
| 2021/01/12 20:30:01.770 kid1| 83,5| support.cc(293) ssl_verify_cb: SSL Certificate signature OK: /CN=*.arstechnica.com | |
| 2021/01/12 20:30:01.770 kid1| 83,5| support.cc(293) ssl_verify_cb: SSL Certificate signature OK: /CN=*.arstechnica.com | |
| 2021/01/12 20:30:01.770 kid1| 83,4| support.cc(247) check_domain: Verifying server domain arstechnica.com to certificate name/subjectAltName *.arstechnica.com | |
| 2021/01/12 20:30:01.771 kid1| 83,5| PeekingPeerConnector.cc(83) checkForPeekAndSpliceMatched: Will check for peek and splice on FD 23 | |
| 2021/01/12 20:30:01.771 kid1| 83,5| PeekingPeerConnector.cc(102) checkForPeekAndSpliceMatched: Retry the fwdNegotiateSSL on FD 23 | |
| 2021/01/12 20:30:01.771 kid1| 83,5| PeerConnector.cc(487) noteWantWrite: conn49 local=192.168.11.157:44548 remote=52.14.190.83:443 HIER_DIRECT FD 23 flags=1 | |
| 2021/01/12 20:30:01.771 kid1| 83,5| PeerConnector.cc(178) negotiate: SSL_connect session=0x82ae1fc00 | |
| 2021/01/12 20:30:01.771 kid1| 83,5| bio.cc(113) write: FD 23 wrote 126 <= 126 | |
| 2021/01/12 20:30:01.771 kid1| 83,5| bio.cc(620) squid_bio_ctrl: 0x8362c1680 11(0, 0x0) | |
| 2021/01/12 20:30:01.771 kid1| 83,5| bio.cc(136) read: FD 23 read -1 <= 5 | |
| 2021/01/12 20:30:01.771 kid1| 83,5| bio.cc(141) read: error: 35 ignored: 1 | |
| 2021/01/12 20:30:01.771 kid1| 83,5| PeerConnector.cc(449) noteWantRead: conn49 local=192.168.11.157:44548 remote=52.14.190.83:443 HIER_DIRECT FD 23 flags=1 | |
| 2021/01/12 20:30:01.771 kid1| 83,5| AsyncCall.cc(30) AsyncCall: The AsyncCall Security::PeerConnector::commTimeoutHandler constructed, this=0x82e4ac260 [call8307] | |
| 2021/01/12 20:30:01.855 kid1| 83,5| PeerConnector.cc(178) negotiate: SSL_connect session=0x82ae1fc00 | |
| 2021/01/12 20:30:01.855 kid1| 83,5| bio.cc(136) read: FD 23 read 5 <= 5 | |
| 2021/01/12 20:30:01.855 kid1| 83,5| bio.cc(136) read: FD 23 read 202 <= 202 | |
| 2021/01/12 20:30:01.855 kid1| 83,5| bio.cc(136) read: FD 23 read 5 <= 5 | |
| 2021/01/12 20:30:01.855 kid1| 83,5| bio.cc(136) read: FD 23 read 1 <= 1 | |
| 2021/01/12 20:30:01.855 kid1| 83,5| bio.cc(136) read: FD 23 read 5 <= 5 | |
| 2021/01/12 20:30:01.855 kid1| 83,5| bio.cc(136) read: FD 23 read 40 <= 40 | |
| 2021/01/12 20:30:01.855 kid1| 83,5| bio.cc(620) squid_bio_ctrl: 0x8362c1680 7(0, 0x8362c1700) | |
| 2021/01/12 20:30:01.855 kid1| 83,5| NegotiationHistory.cc(83) retrieveNegotiatedInfo: SSL connection info on FD 23 SSL version TLS/1.2 negotiated cipher ECDHE-RSA-AES128-GCM-SHA256 | |
| 2021/01/12 20:30:01.855 kid1| 83,5| PeekingPeerConnector.cc(374) serverCertificateVerified: HTTPS server CN: *.arstechnica.com bumped: conn49 local=192.168.11.157:44548 remote=52.14.190.83:443 HIER_DIRECT FD 23 flags=1 | |
| 2021/01/12 20:30:01.855 kid1| 83,5| PeerConnector.cc(581) callBack: TLS setup ended for conn49 local=192.168.11.157:44548 remote=52.14.190.83:443 HIER_DIRECT FD 23 flags=1 | |
| 2021/01/12 20:30:01.855 kid1| 83,5| helper.cc(136) Submit: request from 0x801d65f98 as crtGenRq3180846/1 | |
| 2021/01/12 20:30:01.859 kid1| 83,5| helper.cc(158) HandleGeneratorReply: to 0x801d65f98 in crtGenRq3180846/1 | |
| 2021/01/12 20:30:01.859 kid1| 83,5| bio.cc(113) write: FD 21 wrote 99 <= 99 | |
| 2021/01/12 20:30:01.859 kid1| 83,5| bio.cc(620) squid_bio_ctrl: 0x82e4ba600 11(0, 0x0) | |
| 2021/01/12 20:30:01.859 kid1| 83,5| bio.cc(136) read: FD 21 read -1 <= 5 | |
| 2021/01/12 20:30:01.859 kid1| 83,5| bio.cc(141) read: error: 35 ignored: 1 | |
| 2021/01/12 20:30:01.865 kid1| 83,5| bio.cc(136) read: FD 21 read 5 <= 5 | |
| 2021/01/12 20:30:01.865 kid1| 83,5| bio.cc(136) read: FD 21 read 1 <= 1 | |
| 2021/01/12 20:30:01.865 kid1| 83,5| bio.cc(136) read: FD 21 read 5 <= 5 | |
| 2021/01/12 20:30:01.865 kid1| 83,5| bio.cc(136) read: FD 21 read 512 <= 512 | |
| 2021/01/12 20:30:01.868 kid1| 83,5| bio.cc(113) write: FD 21 wrote 4096 <= 4096 | |
| 2021/01/12 20:30:01.870 kid1| 83,5| bio.cc(113) write: FD 21 wrote 860 <= 860 | |
| 2021/01/12 20:30:01.870 kid1| 83,5| bio.cc(620) squid_bio_ctrl: 0x82e4ba600 11(0, 0x0) | |
| 2021/01/12 20:30:01.870 kid1| 83,5| bio.cc(136) read: FD 21 read -1 <= 5 | |
| 2021/01/12 20:30:01.870 kid1| 83,5| bio.cc(141) read: error: 35 ignored: 1 | |
| 2021/01/12 20:30:01.877 kid1| 83,5| bio.cc(136) read: FD 21 read 5 <= 5 | |
| 2021/01/12 20:30:01.877 kid1| 83,5| bio.cc(136) read: FD 21 read 19 <= 19 | |
| 2021/01/12 20:30:01.877 kid1| Error negotiating SSL connection on FD 21: error:00000001:lib(0):func(0):reason(1) (1/-1) | |
| 2021/01/12 20:30:01.877 kid1| 83,5| Session.cc(202) SessionSendGoodbye: session=0x82ae1e000 | |
| 2021/01/12 20:30:01.877 kid1| 83,5| Session.cc(100) operator(): SSL_free session=0x82ae1e000 | |
| 2021/01/12 20:30:01.877 kid1| 83,5| bio.cc(620) squid_bio_ctrl: 0x82e4ba600 7(0, 0x8362c1480) | |
| 2021/01/12 20:30:01.877 kid1| 83,5| ../../src/security/PeerOptions.h(112) operator(): SSL_CTX destruct, this=0x849f03000 | |
| 2021/01/12 20:30:01.878 kid1| 83,5| Session.cc(202) SessionSendGoodbye: session=0x82ae1fc00 | |
| 2021/01/12 20:30:01.878 kid1| 83,5| bio.cc(113) write: FD 23 wrote 31 <= 31 | |
| 2021/01/12 20:30:01.878 kid1| 83,5| bio.cc(620) squid_bio_ctrl: 0x8362c1680 11(0, 0x0) | |
| 2021/01/12 20:30:01.878 kid1| 83,5| Session.cc(100) operator(): SSL_free session=0x82ae1fc00 |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment