Hi guys,
any reason my stunnel would not reuse sessions?
2021.09.09 13:14:00 LOG7[9]: TLS state (connect): before SSL initialization 2021.09.09 13:14:00 LOG6[8]: writesocket: Socket is closed 2021.09.09 13:14:00 LOG7[9]: Initializing application specific data for session authenticated 2021.09.09 13:14:00 LOG5[8]: Connection closed: 170 byte(s) sent to TLS, 32768 byte(s) sent to socket 2021.09.09 13:14:00 LOG7[8]: Remote descriptor (FD=10) closed 2021.09.09 13:14:00 LOG7[8]: Local descriptor (FD=3) closed 2021.09.09 13:14:00 LOG7[8]: Service [squid] finished 2021.09.09 13:14:00 LOG7[ui]: Found 1 ready file descriptor(s) 2021.09.09 13:14:00 LOG7[ui]: FD=4 events=0x1 revents=0x1 2021.09.09 13:14:00 LOG7[ui]: FD=10 events=0x1 revents=0x0 2021.09.09 13:14:00 LOG7[ui]: Dispatching a signal from the signal pipe 2021.09.09 13:14:00 LOG7[ui]: Processing SIGCHLD 2021.09.09 13:14:00 LOG7[ui]: Retrieving pid statuses with waitpid() 2021.09.09 13:14:00 LOG6[ui]: Process 1933 finished with code 0 2021.09.09 13:14:00 LOG7[9]: TLS state (connect): SSLv3/TLS write client hello 2021.09.09 13:14:00 LOG7[9]: TLS state (connect): SSLv3/TLS write client hello 2021.09.09 13:14:00 LOG7[9]: TLS state (connect): SSLv3/TLS read server hello 2021.09.09 13:14:00 LOG6[9]: Certificate verification disabled 2021.09.09 13:14:00 LOG6[9]: Certificate verification disabled 2021.09.09 13:14:00 LOG7[9]: TLS state (connect): SSLv3/TLS read server certificate 2021.09.09 13:14:00 LOG6[9]: Client certificate not requested 2021.09.09 13:14:00 LOG7[9]: TLS state (connect): SSLv3/TLS read server done 2021.09.09 13:14:00 LOG7[9]: TLS state (connect): SSLv3/TLS write client key exchange 2021.09.09 13:14:00 LOG7[9]: TLS state (connect): SSLv3/TLS write change cipher spec 2021.09.09 13:14:00 LOG7[9]: TLS state (connect): SSLv3/TLS write finished 2021.09.09 13:14:00 LOG7[9]: TLS state (connect): SSLv3/TLS write finished 2021.09.09 13:14:00 LOG7[9]: TLS state (connect): SSLv3/TLS read server session ticket 2021.09.09 13:14:00 LOG7[9]: TLS state (connect): SSLv3/TLS read change cipher spec 2021.09.09 13:14:00 LOG7[9]: TLS state (connect): SSLv3/TLS read finished 2021.09.09 13:14:00 LOG7[9]: New session callback 2021.09.09 13:14:00 LOG7[9]: Peer certificate was cached (2037 bytes) 2021.09.09 13:14:00 LOG6[9]: Session id: DC783240F69C6910A2F8B9829504840EF619E30A14FEA982C944FBFB6828555F 2021.09.09 13:14:00 LOG7[9]: 1 client connect(s) requested 2021.09.09 13:14:00 LOG7[9]: 1 client connect(s) succeeded 2021.09.09 13:14:00 LOG7[9]: 0 client renegotiation(s) requested 2021.09.09 13:14:00 LOG7[9]: 0 session reuse(s) 2021.09.09 13:14:00 LOG6[9]: TLS connected: new session negotiated 2021.09.09 13:14:00 LOG6[9]: TLSv1.2 ciphersuite: AES128-GCM-SHA256 (128-bit encryption) 2021.09.09 13:14:00 LOG3[9]: SSL_get_peer_tmp_key: Peer suddenly disconnected 2021.09.09 13:14:00 LOG7[9]: Compression: null, expansion: null 2021.09.09 13:14:01 LOG6[9]: Read socket closed (readsocket) 2021.09.09 13:14:01 LOG7[9]: Sending close_notify alert 2021.09.09 13:14:01 LOG6[9]: socket fd: Broken pipe (32) 2021.09.09 13:14:01 LOG7[9]: TLS alert (write): warning: close notify 2021.09.09 13:14:01 LOG6[9]: SSL_shutdown successfully sent close_notify alert 2021.09.09 13:14:01 LOG6[9]: writesocket: Socket is closed 2021.09.09 13:14:01 LOG5[9]: Connection closed: 170 byte(s) sent to TLS, 32768 byte(s) sent to socket 2021.09.09 13:14:01 LOG7[9]: Remote descriptor (FD=10) closed 2021.09.09 13:14:01 LOG7[9]: Local descriptor (FD=3) closed 2021.09.09 13:14:01 LOG7[9]: Service [squid] finished 2021.09.09 13:14:01 LOG7[ui]: Found 1 ready file descriptor(s) 2021.09.09 13:14:01 LOG7[ui]: FD=4 events=0x1 revents=0x1 2021.09.09 13:14:01 LOG7[ui]: FD=10 events=0x1 revents=0x0 2021.09.09 13:14:01 LOG7[ui]: Dispatching a signal from the signal pipe 2021.09.09 13:14:01 LOG7[ui]: Processing SIGCHLD 2021.09.09 13:14:01 LOG7[ui]: Retrieving pid statuses with waitpid() 2021.09.09 13:14:01 LOG6[ui]: Process 1934 finished with code 0 2021.09.09 13:14:03 LOG7[ui]: Found 1 ready file descriptor(s) 2021.09.09 13:14:03 LOG7[ui]: FD=4 events=0x1 revents=0x0 2021.09.09 13:14:03 LOG7[ui]: FD=10 events=0x1 revents=0x1 2021.09.09 13:14:03 LOG7[ui]: Service [squid] accepted (FD=3) from 127.0.0.1:49567 2021.09.09 13:14:03 LOG7[10]: Service [squid] started 2021.09.09 13:14:03 LOG7[10]: Setting local socket options (FD=3) 2021.09.09 13:14:03 LOG7[10]: Option TCP_NODELAY set on local socket 2021.09.09 13:14:03 LOG5[10]: Service [squid] accepted connection from 127.0.0.1:49567 2021.09.09 13:14:03 LOG6[10]: s_connect: connecting 44.44.44.44:522 2021.09.09 13:14:03 LOG7[10]: s_connect: s_poll_wait 44.44.44.44:522: waiting 10 seconds 2021.09.09 13:14:03 LOG7[10]: FD=6 events=0x1 revents=0x0 2021.09.09 13:14:03 LOG7[10]: FD=10 events=0x5 revents=0x0 2021.09.09 13:14:03 LOG5[10]: s_connect: connected 44.44.44.44:522 2021.09.09 13:14:03 LOG5[10]: Service [squid] connected remote server from 10.1.3.57:42843 2021.09.09 13:14:03 LOG7[10]: Setting remote socket options (FD=10) 2021.09.09 13:14:03 LOG7[10]: Option TCP_NODELAY set on remote socket 2021.09.09 13:14:03 LOG7[10]: Remote descriptor (FD=10) initialized 2021.09.09 13:14:03 LOG6[10]: SNI: sending servername: 44.44.44.44 2021.09.09 13:14:03 LOG6[10]: Peer certificate not required 2021.09.09 13:14:03 LOG7[10]: TLS state (connect): before SSL initialization 2021.09.09 13:14:03 LOG7[10]: Initializing application specific data for session authenticated 2021.09.09 13:14:03 LOG7[10]: TLS state (connect): SSLv3/TLS write client hello 2021.09.09 13:14:03 LOG7[10]: TLS state (connect): SSLv3/TLS write client hello 2021.09.09 13:14:03 LOG7[10]: TLS state (connect): SSLv3/TLS read server hello 2021.09.09 13:14:03 LOG6[10]: Certificate verification disabled 2021.09.09 13:14:03 LOG6[10]: Certificate verification disabled 2021.09.09 13:14:03 LOG7[10]: TLS state (connect): SSLv3/TLS read server certificate 2021.09.09 13:14:03 LOG6[10]: Client certificate not requested 2021.09.09 13:14:03 LOG7[10]: TLS state (connect): SSLv3/TLS read server done 2021.09.09 13:14:03 LOG7[10]: TLS state (connect): SSLv3/TLS write client key exchange 2021.09.09 13:14:03 LOG7[10]: TLS state (connect): SSLv3/TLS write change cipher spec 2021.09.09 13:14:03 LOG7[10]: TLS state (connect): SSLv3/TLS write finished 2021.09.09 13:14:03 LOG7[10]: TLS state (connect): SSLv3/TLS write finished 2021.09.09 13:14:03 LOG7[10]: TLS state (connect): SSLv3/TLS read server session ticket 2021.09.09 13:14:03 LOG7[10]: TLS state (connect): SSLv3/TLS read change cipher spec 2021.09.09 13:14:03 LOG7[10]: TLS state (connect): SSLv3/TLS read finished 2021.09.09 13:14:03 LOG7[10]: New session callback 2021.09.09 13:14:03 LOG7[10]: Peer certificate was cached (2037 bytes) 2021.09.09 13:14:03 LOG6[10]: Session id: 85FD50E2A9D57B12D315C834EBA949CF015B7776C6A18486B06CE53F4C52D689 2021.09.09 13:14:03 LOG7[10]: 1 client connect(s) requested 2021.09.09 13:14:03 LOG7[10]: 1 client connect(s) succeeded 2021.09.09 13:14:03 LOG7[10]: 0 client renegotiation(s) requested 2021.09.09 13:14:03 LOG7[10]: 0 session reuse(s) 2021.09.09 13:14:03 LOG6[10]: TLS connected: new session negotiated 2021.09.09 13:14:03 LOG6[10]: TLSv1.2 ciphersuite: AES128-GCM-SHA256 (128-bit encryption) 2021.09.09 13:14:03 LOG3[10]: SSL_get_peer_tmp_key: Peer suddenly disconnected 2021.09.09 13:14:03 LOG7[10]: Compression: null, expansion: null 2021.09.09 13:14:03 LOG7[ui]: Found 1 ready file descriptor(s) 2021.09.09 13:14:03 LOG7[ui]: FD=4 events=0x1 revents=0x0 2021.09.09 13:14:03 LOG7[ui]: FD=10 events=0x1 revents=0x1 2021.09.09 13:14:03 LOG7[ui]: Service [squid] accepted (FD=3) from 127.0.0.1:49569 2021.09.09 13:14:03 LOG7[11]: Service [squid] started 2021.09.09 13:14:03 LOG7[11]: Setting local socket options (FD=3) 2021.09.09 13:14:03 LOG7[11]: Option TCP_NODELAY set on local socket 2021.09.09 13:14:03 LOG5[11]: Service [squid] accepted connection from 127.0.0.1:49569 2021.09.09 13:14:03 LOG6[11]: s_connect: connecting 44.44.44.44:522 2021.09.09 13:14:03 LOG7[11]: s_connect: s_poll_wait 44.44.44.44:522: waiting 10 seconds 2021.09.09 13:14:03 LOG7[11]: FD=6 events=0x1 revents=0x0 2021.09.09 13:14:03 LOG7[11]: FD=10 events=0x5 revents=0x0 2021.09.09 13:14:03 LOG5[11]: s_connect: connected 44.44.44.44:522 2021.09.09 13:14:03 LOG5[11]: Service [squid] connected remote server from 10.1.3.57:42845 2021.09.09 13:14:03 LOG6[10]: Read socket closed (readsocket) 2021.09.09 13:14:03 LOG7[11]: Setting remote socket options (FD=10) 2021.09.09 13:14:03 LOG7[11]: Option TCP_NODELAY set on remote socket 2021.09.09 13:14:03 LOG7[11]: Remote descriptor (FD=10) initialized 2021.09.09 13:14:03 LOG7[10]: Sending close_notify alert 2021.09.09 13:14:03 LOG6[11]: SNI: sending servername: 44.44.44.44 2021.09.09 13:14:03 LOG6[10]: socket fd: Broken pipe (32) 2021.09.09 13:14:03 LOG6[11]: Peer certificate not required 2021.09.09 13:14:03 LOG7[10]: TLS alert (write): warning: close notify 2021.09.09 13:14:03 LOG6[10]: SSL_shutdown successfully sent close_notify alert 2021.09.09 13:14:03 LOG6[10]: writesocket: Socket is closed 2021.09.09 13:14:03 LOG7[11]: TLS state (connect): before SSL initialization2021.09.09 13:14:03 LOG5[10]: Connection closed: 170 byte(s) sent to TLS, 32768 byte(s) sent to socket
2021.09.09 13:14:03 LOG7[11]: Initializing application specific data for session authenticated 2021.09.09 13:14:03 LOG7[10]: Remote descriptor (FD=10) closed 2021.09.09 13:14:03 LOG7[10]: Local descriptor (FD=3) closed 2021.09.09 13:14:03 LOG7[10]: Service [squid] finished 2021.09.09 13:14:03 LOG7[ui]: Found 1 ready file descriptor(s) 2021.09.09 13:14:03 LOG7[ui]: FD=4 events=0x1 revents=0x1 2021.09.09 13:14:03 LOG7[ui]: FD=10 events=0x1 revents=0x0 2021.09.09 13:14:03 LOG7[ui]: Dispatching a signal from the signal pipe 2021.09.09 13:14:03 LOG7[ui]: Processing SIGCHLD 2021.09.09 13:14:03 LOG7[ui]: Retrieving pid statuses with waitpid() 2021.09.09 13:14:03 LOG6[ui]: Process 1937 finished with code 0 2021.09.09 13:14:03 LOG7[11]: TLS state (connect): SSLv3/TLS write client hello 2021.09.09 13:14:03 LOG7[11]: TLS state (connect): SSLv3/TLS write client hello 2021.09.09 13:14:03 LOG7[11]: TLS state (connect): SSLv3/TLS read server hello 2021.09.09 13:14:03 LOG6[11]: Certificate verification disabled 2021.09.09 13:14:03 LOG6[11]: Certificate verification disabled 2021.09.09 13:14:03 LOG7[11]: TLS state (connect): SSLv3/TLS read server certificate 2021.09.09 13:14:03 LOG6[11]: Client certificate not requested 2021.09.09 13:14:03 LOG7[11]: TLS state (connect): SSLv3/TLS read server done 2021.09.09 13:14:03 LOG7[11]: TLS state (connect): SSLv3/TLS write client key exchange 2021.09.09 13:14:03 LOG7[11]: TLS state (connect): SSLv3/TLS write change cipher spec 2021.09.09 13:14:03 LOG7[11]: TLS state (connect): SSLv3/TLS write finished 2021.09.09 13:14:03 LOG7[11]: TLS state (connect): SSLv3/TLS write finished 2021.09.09 13:14:03 LOG7[11]: TLS state (connect): SSLv3/TLS read server session ticket 2021.09.09 13:14:03 LOG7[11]: TLS state (connect): SSLv3/TLS read change cipher spec 2021.09.09 13:14:03 LOG7[11]: TLS state (connect): SSLv3/TLS read finished 2021.09.09 13:14:03 LOG7[11]: New session callback 2021.09.09 13:14:03 LOG7[11]: Peer certificate was cached (2037 bytes) 2021.09.09 13:14:03 LOG6[11]: Session id: B171BF0D4CDB808D50C3CE4CDAA6AE53F2396068A9BD947D8277294F91CCFBFE 2021.09.09 13:14:03 LOG7[11]: 1 client connect(s) requested 2021.09.09 13:14:03 LOG7[11]: 1 client connect(s) succeeded 2021.09.09 13:14:03 LOG7[11]: 0 client renegotiation(s) requested 2021.09.09 13:14:03 LOG7[11]: 0 session reuse(s) 2021.09.09 13:14:03 LOG6[11]: TLS connected: new session negotiated 2021.09.09 13:14:03 LOG6[11]: TLSv1.2 ciphersuite: AES128-GCM-SHA256 (128-bit encryption) 2021.09.09 13:14:03 LOG3[11]: SSL_get_peer_tmp_key: Peer suddenly disconnected 2021.09.09 13:14:03 LOG7[11]: Compression: null, expansion: null 2021.09.09 13:14:03 LOG6[11]: Read socket closed (readsocket) 2021.09.09 13:14:03 LOG7[11]: Sending close_notify alert 2021.09.09 13:14:03 LOG6[11]: socket fd: Broken pipe (32) 2021.09.09 13:14:03 LOG7[11]: TLS alert (write): warning: close notify 2021.09.09 13:14:03 LOG6[11]: SSL_shutdown successfully sent close_notify alert 2021.09.09 13:14:03 LOG6[11]: writesocket: Socket is closed 2021.09.09 13:14:03 LOG5[11]: Connection closed: 170 byte(s) sent to TLS, 32768 byte(s) sent to socket 2021.09.09 13:14:03 LOG7[11]: Remote descriptor (FD=10) closed 2021.09.09 13:14:03 LOG7[11]: Local descriptor (FD=3) closed 2021.09.09 13:14:03 LOG7[11]: Service [squid] finished 2021.09.09 13:14:03 LOG7[ui]: Found 1 ready file descriptor(s) 2021.09.09 13:14:03 LOG7[ui]: FD=4 events=0x1 revents=0x1 2021.09.09 13:14:03 LOG7[ui]: FD=10 events=0x1 revents=0x0 2021.09.09 13:14:03 LOG7[ui]: Dispatching a signal from the signal pipe 2021.09.09 13:14:03 LOG7[ui]: Processing SIGCHLD 2021.09.09 13:14:03 LOG7[ui]: Retrieving pid statuses with waitpid() 2021.09.09 13:14:03 LOG6[ui]: Process 1938 finished with code 0
If i test with s_client: openssl s_client -connect 44.44.44.44:522 -reconnect
I see TLS reused every time.
Thank you!
-
Alen Loncaric