GnuTLS continue in a conversation when second ClienHello is different than the first CH, in HRR.
Description of problem:
When second ClientHello message is sent after HRR and contain same extensions as a first ClientHello msg, but in different order. GnuTLS continue in a conversation and sends ServerHello msg after second CH, but this type of conversation should be rejected with illegal_parameter Alert, as first and second CH msgs are different.
Version of gnutls used:
Distributor of gnutls (e.g., Ubuntu, Fedora, RHEL)
local compile on Fedora 27
How reproducible:
Steps to Reproduce:
- git clone git@github.com:tomato42/tlsfuzzer.git
- run GnuTLS server
- run a test-script
PYTHONPATH=. python scripts/test-tls13-shuffled-extentions.py
Actual results:
tlsfuzzer output
sanity ...
OK
HRR reversed order of known extensions ...
Error encountered while processing node <tlsfuzzer.expect.ExpectAlert object at 0x7f32d2f855f8> (child: <tlsfuzzer.expect.ExpectClose object at 0x7f32d2f85710>) with last message being: <tlslite.messages.Message object at 0x7f32d215fbe0>
Error while processing
Traceback (most recent call last):
File "scripts/test-tls13-shuffled-extentions.py", line 258, in main
runner.run()
File "/home/rkolcun/tls_repo/tlsfuzzer/tlsfuzzer/runner.py", line 217, in run
RecordHeader2)))
AssertionError: Unexpected message from peer: Handshake(server_hello)
HRR reversed order of unassigned extensions, ext_ids in range from 52 to 4147 ...
Error encountered while processing node <tlsfuzzer.expect.ExpectAlert object at 0x7f32d2f85c18> (child: <tlsfuzzer.expect.ExpectClose object at 0x7f32d2f85b70>) with last message being: <tlslite.messages.Message object at 0x7f32d215f4e0>
Error while processing
Traceback (most recent call last):
File "scripts/test-tls13-shuffled-extentions.py", line 258, in main
runner.run()
File "/home/rkolcun/tls_repo/tlsfuzzer/tlsfuzzer/runner.py", line 217, in run
RecordHeader2)))
AssertionError: Unexpected message from peer: Handshake(server_hello)
HRR reversed order of unassigned extensions, ext_ids in range from 4148 to 8243 ...
Error encountered while processing node <tlsfuzzer.expect.ExpectAlert object at 0x7f32d2f85f98> (child: <tlsfuzzer.expect.ExpectClose object at 0x7f32d2f85f28>) with last message being: <tlslite.messages.Message object at 0x7f32d1df33c8>
Error while processing
Traceback (most recent call last):
File "scripts/test-tls13-shuffled-extentions.py", line 258, in main
runner.run()
File "/home/rkolcun/tls_repo/tlsfuzzer/tlsfuzzer/runner.py", line 217, in run
RecordHeader2)))
AssertionError: Unexpected message from peer: Handshake(server_hello)
HRR reversed order of unassigned extensions, ext_ids in range from 8244 to 12339 ...
Error encountered while processing node <tlsfuzzer.expect.ExpectAlert object at 0x7f32d2c8c470> (child: <tlsfuzzer.expect.ExpectClose object at 0x7f32d2c8c588>) with last message being: <tlslite.messages.Message object at 0x7f32d1cfef98>
Error while processing
Traceback (most recent call last):
File "scripts/test-tls13-shuffled-extentions.py", line 258, in main
runner.run()
File "/home/rkolcun/tls_repo/tlsfuzzer/tlsfuzzer/runner.py", line 217, in run
RecordHeader2)))
AssertionError: Unexpected message from peer: Handshake(server_hello)
HRR reversed order of unassigned extensions, ext_ids in range from 12340 to 16435 ...
Error encountered while processing node <tlsfuzzer.expect.ExpectAlert object at 0x7f32d2c8c9e8> (child: <tlsfuzzer.expect.ExpectClose object at 0x7f32d2c8c8d0>) with last message being: <tlslite.messages.Message object at 0x7f32d1b19c18>
Error while processing
Traceback (most recent call last):
File "scripts/test-tls13-shuffled-extentions.py", line 258, in main
runner.run()
File "/home/rkolcun/tls_repo/tlsfuzzer/tlsfuzzer/runner.py", line 217, in run
RecordHeader2)))
AssertionError: Unexpected message from peer: Handshake(server_hello)
HRR reversed order of unassigned extensions, ext_ids in range from 16436 to 20531 ...
Error encountered while processing node <tlsfuzzer.expect.ExpectAlert object at 0x7f32d2c8ccc0> (child: <tlsfuzzer.expect.ExpectClose object at 0x7f32d2c8ccf8>) with last message being: <tlslite.messages.Message object at 0x7f32d18b56d8>
Error while processing
Traceback (most recent call last):
File "scripts/test-tls13-shuffled-extentions.py", line 258, in main
runner.run()
File "/home/rkolcun/tls_repo/tlsfuzzer/tlsfuzzer/runner.py", line 217, in run
RecordHeader2)))
AssertionError: Unexpected message from peer: Handshake(server_hello)
HRR reversed order of unassigned extensions, ext_ids in range from 20532 to 24627 ...
Error encountered while processing node <tlsfuzzer.expect.ExpectAlert object at 0x7f32d2931278> (child: <tlsfuzzer.expect.ExpectClose object at 0x7f32d2931358>) with last message being: <tlslite.messages.Message object at 0x7f32d16cdf60>
Error while processing
Traceback (most recent call last):
File "scripts/test-tls13-shuffled-extentions.py", line 258, in main
runner.run()
File "/home/rkolcun/tls_repo/tlsfuzzer/tlsfuzzer/runner.py", line 217, in run
RecordHeader2)))
AssertionError: Unexpected message from peer: Handshake(server_hello)
HRR reversed order of unassigned extensions, ext_ids in range from 24628 to 28723 ...
Error encountered while processing node <tlsfuzzer.expect.ExpectAlert object at 0x7f32d29317b8> (child: <tlsfuzzer.expect.ExpectClose object at 0x7f32d29316a0>) with last message being: <tlslite.messages.Message object at 0x7f32d13d85f8>
Error while processing
Traceback (most recent call last):
File "scripts/test-tls13-shuffled-extentions.py", line 258, in main
runner.run()
File "/home/rkolcun/tls_repo/tlsfuzzer/tlsfuzzer/runner.py", line 217, in run
RecordHeader2)))
AssertionError: Unexpected message from peer: Handshake(server_hello)
HRR reversed order of unassigned extensions, ext_ids in range from 28724 to 32819 ...
Error encountered while processing node <tlsfuzzer.expect.ExpectAlert object at 0x7f32d2931c88> (child: <tlsfuzzer.expect.ExpectClose object at 0x7f32d2931c18>) with last message being: <tlslite.messages.Message object at 0x7f32d12e55f8>
Error while processing
Traceback (most recent call last):
File "scripts/test-tls13-shuffled-extentions.py", line 258, in main
runner.run()
File "/home/rkolcun/tls_repo/tlsfuzzer/tlsfuzzer/runner.py", line 217, in run
RecordHeader2)))
AssertionError: Unexpected message from peer: Handshake(server_hello)
HRR reversed order of unassigned extensions, ext_ids in range from 32820 to 36915 ...
Error encountered while processing node <tlsfuzzer.expect.ExpectAlert object at 0x7f32d2687198> (child: <tlsfuzzer.expect.ExpectClose object at 0x7f32d26870b8>) with last message being: <tlslite.messages.Message object at 0x7f32d107ef60>
Error while processing
Traceback (most recent call last):
File "scripts/test-tls13-shuffled-extentions.py", line 258, in main
runner.run()
File "/home/rkolcun/tls_repo/tlsfuzzer/tlsfuzzer/runner.py", line 217, in run
RecordHeader2)))
AssertionError: Unexpected message from peer: Handshake(server_hello)
HRR reversed order of unassigned extensions, ext_ids in range from 36916 to 41011 ...
Error encountered while processing node <tlsfuzzer.expect.ExpectAlert object at 0x7f32d26875c0> (child: <tlsfuzzer.expect.ExpectClose object at 0x7f32d26874e0>) with last message being: <tlslite.messages.Message object at 0x7f32d0d265f8>
Error while processing
Traceback (most recent call last):
File "scripts/test-tls13-shuffled-extentions.py", line 258, in main
runner.run()
File "/home/rkolcun/tls_repo/tlsfuzzer/tlsfuzzer/runner.py", line 217, in run
RecordHeader2)))
AssertionError: Unexpected message from peer: Handshake(server_hello)
HRR reversed order of unassigned extensions, ext_ids in range from 41012 to 45107 ...
Error encountered while processing node <tlsfuzzer.expect.ExpectAlert object at 0x7f32d2687978> (child: <tlsfuzzer.expect.ExpectClose object at 0x7f32d26879b0>) with last message being: <tlslite.messages.Message object at 0x7f32d0c335f8>
Error while processing
Traceback (most recent call last):
File "scripts/test-tls13-shuffled-extentions.py", line 258, in main
runner.run()
File "/home/rkolcun/tls_repo/tlsfuzzer/tlsfuzzer/runner.py", line 217, in run
RecordHeader2)))
AssertionError: Unexpected message from peer: Handshake(server_hello)
HRR reversed order of unassigned extensions, ext_ids in range from 45108 to 49203 ...
Error encountered while processing node <tlsfuzzer.expect.ExpectAlert object at 0x7f32d2687da0> (child: <tlsfuzzer.expect.ExpectClose object at 0x7f32d2687e10>) with last message being: <tlslite.messages.Message object at 0x7f32d0a4cf60>
Error while processing
Traceback (most recent call last):
File "scripts/test-tls13-shuffled-extentions.py", line 258, in main
runner.run()
File "/home/rkolcun/tls_repo/tlsfuzzer/tlsfuzzer/runner.py", line 217, in run
RecordHeader2)))
AssertionError: Unexpected message from peer: Handshake(server_hello)
HRR reversed order of unassigned extensions, ext_ids in range from 49204 to 53299 ...
Error encountered while processing node <tlsfuzzer.expect.ExpectAlert object at 0x7f32d2571390> (child: <tlsfuzzer.expect.ExpectClose object at 0x7f32d25712e8>) with last message being: <tlslite.messages.Message object at 0x7f32d06f55f8>
Error while processing
Traceback (most recent call last):
File "scripts/test-tls13-shuffled-extentions.py", line 258, in main
runner.run()
File "/home/rkolcun/tls_repo/tlsfuzzer/tlsfuzzer/runner.py", line 217, in run
RecordHeader2)))
AssertionError: Unexpected message from peer: Handshake(server_hello)
HRR reversed order of unassigned extensions, ext_ids in range from 53300 to 57395 ...
Error encountered while processing node <tlsfuzzer.expect.ExpectAlert object at 0x7f32d25717f0> (child: <tlsfuzzer.expect.ExpectClose object at 0x7f32d2571710>) with last message being: <tlslite.messages.Message object at 0x7f32d06035f8>
Error while processing
Traceback (most recent call last):
File "scripts/test-tls13-shuffled-extentions.py", line 258, in main
runner.run()
File "/home/rkolcun/tls_repo/tlsfuzzer/tlsfuzzer/runner.py", line 217, in run
RecordHeader2)))
AssertionError: Unexpected message from peer: Handshake(server_hello)
HRR reversed order of unassigned extensions, ext_ids in range from 57396 to 61491 ...
Error encountered while processing node <tlsfuzzer.expect.ExpectAlert object at 0x7f32d2571cc0> (child: <tlsfuzzer.expect.ExpectClose object at 0x7f32d2571c50>) with last message being: <tlslite.messages.Message object at 0x7f32d02a8b70>
Error while processing
Traceback (most recent call last):
File "scripts/test-tls13-shuffled-extentions.py", line 258, in main
runner.run()
File "/home/rkolcun/tls_repo/tlsfuzzer/tlsfuzzer/runner.py", line 217, in run
RecordHeader2)))
AssertionError: Unexpected message from peer: Handshake(server_hello)
HRR reversed order of unassigned extensions, ext_ids in range from 61492 to 65278 ...
Error encountered while processing node <tlsfuzzer.expect.ExpectAlert object at 0x7f32d215f128> (child: <tlsfuzzer.expect.ExpectClose object at 0x7f32d215f160>) with last message being: <tlslite.messages.Message object at 0x7f32cfec9780>
Error while processing
Traceback (most recent call last):
File "scripts/test-tls13-shuffled-extentions.py", line 258, in main
runner.run()
File "/home/rkolcun/tls_repo/tlsfuzzer/tlsfuzzer/runner.py", line 217, in run
RecordHeader2)))
AssertionError: Unexpected message from peer: Handshake(server_hello)
sanity ...
OK
TLS 1.3 communication with shuffled extensions in CH messages.
Verify that server reject second CH message,
when the order of extensions in first and second CH is different.
Also unassigned extensions are used.
version: 1
Test end
successful: 2
failed: 17
'HRR reversed order of known extensions'
'HRR reversed order of unassigned extensions, ext_ids in range from 52 to 4147'
'HRR reversed order of unassigned extensions, ext_ids in range from 4148 to 8243'
'HRR reversed order of unassigned extensions, ext_ids in range from 8244 to 12339'
'HRR reversed order of unassigned extensions, ext_ids in range from 12340 to 16435'
'HRR reversed order of unassigned extensions, ext_ids in range from 16436 to 20531'
'HRR reversed order of unassigned extensions, ext_ids in range from 20532 to 24627'
'HRR reversed order of unassigned extensions, ext_ids in range from 24628 to 28723'
'HRR reversed order of unassigned extensions, ext_ids in range from 28724 to 32819'
'HRR reversed order of unassigned extensions, ext_ids in range from 32820 to 36915'
'HRR reversed order of unassigned extensions, ext_ids in range from 36916 to 41011'
'HRR reversed order of unassigned extensions, ext_ids in range from 41012 to 45107'
'HRR reversed order of unassigned extensions, ext_ids in range from 45108 to 49203'
'HRR reversed order of unassigned extensions, ext_ids in range from 49204 to 53299'
'HRR reversed order of unassigned extensions, ext_ids in range from 53300 to 57395'
'HRR reversed order of unassigned extensions, ext_ids in range from 57396 to 61491'
'HRR reversed order of unassigned extensions, ext_ids in range from 61492 to 65278'
GnuTLS output
Processed 1 CA certificate(s).
|<3>| ASSERT: x509_ext.c[gnutls_subject_alt_names_get]:110
|<3>| ASSERT: x509.c[get_alt_name]:1812
|<3>| ASSERT: mpi.c[wrap_nettle_mpi_print]:60
|<3>| ASSERT: x509_ext.c[gnutls_subject_alt_names_get]:110
|<3>| ASSERT: x509.c[get_alt_name]:1812
|<3>| ASSERT: mpi.c[wrap_nettle_mpi_print]:60
|<3>| ASSERT: mpi.c[wrap_nettle_mpi_print]:60
|<3>| ASSERT: x509_ext.c[gnutls_subject_alt_names_get]:110
|<3>| ASSERT: x509.c[get_alt_name]:1812
|<3>| ASSERT: mpi.c[wrap_nettle_mpi_print]:60
|<3>| ASSERT: mpi.c[wrap_nettle_mpi_print]:60
|<3>| ASSERT: x509_ext.c[gnutls_subject_alt_names_get]:110
|<3>| ASSERT: x509.c[get_alt_name]:1812
|<3>| ASSERT: mpi.c[wrap_nettle_mpi_print]:60
|<3>| ASSERT: attributes.c[_x509_parse_attribute]:103
|<3>| ASSERT: attributes.c[_x509_parse_attribute]:174
|<3>| ASSERT: x509_ext.c[gnutls_subject_alt_names_get]:110
|<3>| ASSERT: x509.c[get_alt_name]:1812
|<3>| ASSERT: mpi.c[wrap_nettle_mpi_print]:60
|<3>| ASSERT: mpi.c[wrap_nettle_mpi_print]:60
HTTP Server listening on IPv4 0.0.0.0 port 4433...done
HTTP Server listening on IPv6 :: port 4433...done
|<5>| REC[0x1374570]: Allocating epoch #0
|<2>| added 2 protocols, 43 ciphersuites, 18 sig algos and 9 groups into priority list
* Accepted connection from IPv4 127.0.0.1 port 38568 on Mon Nov 12 14:41:23 2018
|<5>| REC[0x1374570]: Allocating epoch #1
|<3>| ASSERT: buffers.c[get_last_packet]:1171
|<5>| REC[0x1374570]: SSL 3.0 Handshake packet received. Epoch 0, length: 213
|<5>| REC[0x1374570]: Expected Packet Handshake(22)
|<5>| REC[0x1374570]: Received Packet Handshake(22) with length: 213
|<5>| REC[0x1374570]: Decrypted Packet[0] Handshake(22) with length: 213
|<4>| HSK[0x1374570]: CLIENT HELLO (1) was received. Length 209[209], frag offset 0, frag length: 209, sequence: 0
|<4>| HSK[0x1374570]: Client's version: 3.3
|<4>| EXT[0x1374570]: Parsing extension 'Supported Versions/43' (5 bytes)
|<4>| EXT[0x1374570]: Found version: 3.4
|<4>| EXT[0x1374570]: Negotiated version: 3.4
|<4>| EXT[0x1374570]: Parsing extension 'Supported Groups/10' (4 bytes)
|<4>| EXT[0x1374570]: Received group SECP256R1 (0x17)
|<4>| EXT[0x1374570]: Selected group SECP256R1
|<4>| EXT[0x1374570]: Parsing extension 'Signature Algorithms/13' (6 bytes)
|<4>| EXT[0x1374570]: rcvd signature algo (8.4) RSA-PSS-RSAE-SHA256
|<4>| EXT[0x1374570]: rcvd signature algo (8.9) RSA-PSS-SHA256
|<4>| HSK[0x1374570]: Received safe renegotiation CS
|<2>| checking 13.01 (GNUTLS_AES_128_GCM_SHA256) for compatibility
|<3>| ASSERT: server_name.c[gnutls_server_name_get]:235
|<4>| HSK[0x1374570]: Requested server name: ''
|<4>| HSK[0x1374570]: checking compat of GNUTLS_AES_128_GCM_SHA256 with certificate[3] (RSA-PSS/X.509)
|<4>| checking cert compat with RSA-PSS-RSAE-SHA256
|<4>| checking cert compat with RSA-PSS-SHA256
|<4>| Selected signature algorithm: RSA-PSS-SHA256
|<2>| Selected (RSA-PSS) cert based on ciphersuite 13.1: GNUTLS_AES_128_GCM_SHA256
|<4>| HSK[0x1374570]: Selected cipher suite: GNUTLS_AES_128_GCM_SHA256
|<4>| HSK[0x1374570]: Selected version TLS1.3
|<4>| EXT[0x1374570]: Parsing extension 'Key Share/51' (71 bytes)
|<4>| EXT[0x1374570]: Received key share for SECP256R1
|<4>| HSK[0x1374570]: Selected group SECP256R1 (2)
|<2>| EXT[0x1374570]: server generated SECP256R1 shared key
|<4>| HSK[0x1374570]: Safe renegotiation succeeded
|<4>| HSK[0x1374570]: SessionID: e0ab7d1ccfabf78f114b488d14ed77a90107dd180d30071f2e5248441d6b50ce
|<4>| EXT[0x1374570]: Not sending extension (Maximum Record Size/1) for 'TLS 1.3 server hello'
|<4>| EXT[0x1374570]: Not sending extension (OCSP Status Request/5) for 'TLS 1.3 server hello'
|<4>| EXT[0x1374570]: Not sending extension (Client Certificate Type/19) for 'TLS 1.3 server hello'
|<4>| EXT[0x1374570]: Not sending extension (Server Certificate Type/20) for 'TLS 1.3 server hello'
|<4>| EXT[0x1374570]: Not sending extension (Supported Groups/10) for 'TLS 1.3 server hello'
|<4>| EXT[0x1374570]: Not sending extension (Supported EC Point Formats/11) for 'TLS 1.3 server hello'
|<4>| EXT[0x1374570]: Not sending extension (SRP/12) for 'TLS 1.3 server hello'
|<4>| EXT[0x1374570]: Not sending extension (Signature Algorithms/13) for 'TLS 1.3 server hello'
|<4>| EXT[0x1374570]: Not sending extension (SRTP/14) for 'TLS 1.3 server hello'
|<4>| EXT[0x1374570]: Not sending extension (Heartbeat/15) for 'TLS 1.3 server hello'
|<4>| EXT[0x1374570]: Not sending extension (ALPN/16) for 'TLS 1.3 server hello'
|<4>| EXT[0x1374570]: Not sending extension (Encrypt-then-MAC/22) for 'TLS 1.3 server hello'
|<4>| EXT[0x1374570]: Not sending extension (Extended Master Secret/23) for 'TLS 1.3 server hello'
|<4>| EXT[0x1374570]: Not sending extension (Session Ticket/35) for 'TLS 1.3 server hello'
|<4>| EXT[0x1374570]: Preparing extension (Key Share/51) for 'TLS 1.3 server hello'
|<4>| EXT[0x1374570]: sending key share for SECP256R1
|<4>| EXT[0x1374570]: Sending extension Key Share/51 (69 bytes)
|<4>| EXT[0x1374570]: Preparing extension (Supported Versions/43) for 'TLS 1.3 server hello'
|<4>| EXT[0x1374570]: Sending extension Supported Versions/43 (2 bytes)
|<4>| EXT[0x1374570]: Not sending extension (Post Handshake Auth/49) for 'TLS 1.3 server hello'
|<4>| EXT[0x1374570]: Not sending extension (Safe Renegotiation/65281) for 'TLS 1.3 server hello'
|<4>| EXT[0x1374570]: Not sending extension (Server Name Indication/0) for 'TLS 1.3 server hello'
|<4>| EXT[0x1374570]: Not sending extension (Cookie/44) for 'TLS 1.3 server hello'
|<4>| EXT[0x1374570]: Not sending extension (Early Data/42) for 'TLS 1.3 server hello'
|<4>| EXT[0x1374570]: Preparing extension (PSK Key Exchange Modes/45) for 'TLS 1.3 server hello'
|<4>| EXT[0x1374570]: Not sending extension (Record Size Limit/28) for 'TLS 1.3 server hello'
|<4>| EXT[0x1374570]: Not sending extension (ClientHello Padding/21) for 'TLS 1.3 server hello'
|<4>| EXT[0x1374570]: Preparing extension (Pre Shared Key/41) for 'TLS 1.3 server hello'
|<4>| HSK[0x1374570]: SERVER HELLO was queued [155 bytes]
|<5>| REC[0x1374570]: Preparing Packet Handshake(22) with length: 155 and min pad: 0
|<5>| REC[0x1374570]: Sent Packet[1] Handshake(22) in epoch 0 and length: 160
|<5>| REC[0x1374570]: Preparing Packet ChangeCipherSpec(20) with length: 1 and min pad: 0
|<5>| REC[0x1374570]: Sent Packet[2] ChangeCipherSpec(20) in epoch 0 and length: 6
|<4>| REC[0x1374570]: Sent ChangeCipherSpec
|<5>| REC[0x1374570]: Initializing epoch #1
|<5>| REC[0x1374570]: Epoch #1 ready
|<4>| HSK[0x1374570]: TLS 1.3 re-key with cipher suite: GNUTLS_AES_128_GCM_SHA256
|<4>| EXT[0x1374570]: Preparing extension (Maximum Record Size/1) for 'encrypted extensions'
|<4>| EXT[0x1374570]: Not sending extension (OCSP Status Request/5) for 'encrypted extensions'
|<4>| EXT[0x1374570]: Preparing extension (Client Certificate Type/19) for 'encrypted extensions'
|<4>| EXT[0x1374570]: Preparing extension (Server Certificate Type/20) for 'encrypted extensions'
|<4>| EXT[0x1374570]: Preparing extension (Supported Groups/10) for 'encrypted extensions'
|<4>| EXT[0x1374570]: Not sending extension (Supported EC Point Formats/11) for 'encrypted extensions'
|<4>| EXT[0x1374570]: Not sending extension (SRP/12) for 'encrypted extensions'
|<4>| EXT[0x1374570]: Not sending extension (Signature Algorithms/13) for 'encrypted extensions'
|<4>| EXT[0x1374570]: Preparing extension (SRTP/14) for 'encrypted extensions'
|<4>| EXT[0x1374570]: Preparing extension (Heartbeat/15) for 'encrypted extensions'
|<4>| EXT[0x1374570]: Preparing extension (ALPN/16) for 'encrypted extensions'
|<4>| EXT[0x1374570]: Not sending extension (Encrypt-then-MAC/22) for 'encrypted extensions'
|<4>| EXT[0x1374570]: Not sending extension (Extended Master Secret/23) for 'encrypted extensions'
|<4>| EXT[0x1374570]: Not sending extension (Session Ticket/35) for 'encrypted extensions'
|<4>| EXT[0x1374570]: Not sending extension (Key Share/51) for 'encrypted extensions'
|<4>| EXT[0x1374570]: Not sending extension (Supported Versions/43) for 'encrypted extensions'
|<4>| EXT[0x1374570]: Not sending extension (Post Handshake Auth/49) for 'encrypted extensions'
|<4>| EXT[0x1374570]: Not sending extension (Safe Renegotiation/65281) for 'encrypted extensions'
|<4>| EXT[0x1374570]: Preparing extension (Server Name Indication/0) for 'encrypted extensions'
|<4>| EXT[0x1374570]: Not sending extension (Cookie/44) for 'encrypted extensions'
|<4>| EXT[0x1374570]: Not sending extension (Early Data/42) for 'encrypted extensions'
|<4>| EXT[0x1374570]: Not sending extension (PSK Key Exchange Modes/45) for 'encrypted extensions'
|<4>| EXT[0x1374570]: Preparing extension (Record Size Limit/28) for 'encrypted extensions'
|<4>| EXT[0x1374570]: Not sending extension (ClientHello Padding/21) for 'encrypted extensions'
|<4>| EXT[0x1374570]: Not sending extension (Pre Shared Key/41) for 'encrypted extensions'
|<4>| HSK[0x1374570]: ENCRYPTED EXTENSIONS was queued [6 bytes]
|<4>| HSK[0x1374570]: CERTIFICATE was queued [874 bytes]
|<4>| checking cert compat with RSA-PSS-RSAE-SHA256
|<4>| checking cert compat with RSA-PSS-SHA256
|<4>| HSK[0x1374570]: signing TLS 1.3 handshake data: using RSA-PSS-SHA256 and PRF: SHA256
|<3>| ASSERT: mpi.c[wrap_nettle_mpi_print]:60
|<4>| HSK[0x1374570]: CERTIFICATE VERIFY was queued [264 bytes]
|<4>| HSK[0x1374570]: sending finished
|<4>| HSK[0x1374570]: FINISHED was queued [36 bytes]
|<5>| REC[0x1374570]: Preparing Packet Handshake(22) with length: 6 and min pad: 0
|<5>| REC[0x1374570]: Sent Packet[1] Handshake(22) in epoch 1 and length: 28
|<5>| REC[0x1374570]: Preparing Packet Handshake(22) with length: 874 and min pad: 0
|<5>| REC[0x1374570]: Sent Packet[2] Handshake(22) in epoch 1 and length: 896
|<5>| REC[0x1374570]: Preparing Packet Handshake(22) with length: 264 and min pad: 0
|<5>| REC[0x1374570]: Sent Packet[3] Handshake(22) in epoch 1 and length: 286
|<5>| REC[0x1374570]: Preparing Packet Handshake(22) with length: 36 and min pad: 0
|<5>| REC[0x1374570]: Sent Packet[4] Handshake(22) in epoch 1 and length: 58
|<3>| ASSERT: constate.c[_gnutls_epoch_get]:836
|<5>| REC[0x1374570]: Allocating epoch #2
|<4>| HSK[0x1374570]: unauthenticated session eligible for early start
|<5>| REC[0x1374570]: Initializing epoch #2
|<5>| REC[0x1374570]: Epoch #2 ready
|<4>| HSK[0x1374570]: TLS 1.3 set write key with cipher suite: GNUTLS_AES_128_GCM_SHA256
|<4>| HSK[0x1374570]: switching early to application traffic keys
|<4>| HSK[0x1374570]: NEW SESSION TICKET was queued [203 bytes]
|<5>| REC[0x1374570]: Preparing Packet Handshake(22) with length: 203 and min pad: 0
|<5>| REC[0x1374570]: Sent Packet[1] Handshake(22) in epoch 2 and length: 225
|<3>| ASSERT: buffers.c[get_last_packet]:1171
|<5>| REC[0x1374570]: SSL 3.3 Application Data packet received. Epoch 1, length: 53
|<5>| REC[0x1374570]: Expected Packet Handshake(22)
|<5>| REC[0x1374570]: Received Packet Application Data(23) with length: 53
|<5>| REC[0x1374570]: Decrypted Packet[0] Handshake(22) with length: 36
|<4>| HSK[0x1374570]: FINISHED (20) was received. Length 32[32], frag offset 0, frag length: 32, sequence: 0
|<4>| HSK[0x1374570]: parsing finished
|<4>| HSK[0x1374570]: TLS 1.3 set read key with cipher suite: GNUTLS_AES_128_GCM_SHA256
|<5>| REC[0x1374570]: Start of epoch cleanup
|<5>| REC[0x1374570]: Epoch #0 freed
|<5>| REC[0x1374570]: Epoch #1 freed
|<5>| REC[0x1374570]: End of epoch cleanup
- Description: (TLS1.3)-(ECDHE-SECP256R1)-(RSA-PSS-SHA256)-(AES-128-GCM)
- Session ID: 8B:64:3F:C8:38:8A:40:B8:FD:50:93:C3:2A:46:0C:06:9D:D2:E1:E8:13:AF:5D:E0:32:0D:7E:8E:BA:E5:F2:CE
|<3>| ASSERT: server_name.c[gnutls_server_name_get]:235
- Ephemeral EC Diffie-Hellman parameters
- Using curve: SECP256R1
- Curve size: 256 bits
- Version: TLS1.3
- Server Signature: RSA-PSS-SHA256
- Cipher: AES-128-GCM
- MAC: AEAD
|<3>| ASSERT: ocsp-api.c[gnutls_ocsp_status_request_get2]:99
|<3>| ASSERT: ocsp-api.c[gnutls_ocsp_status_request_is_checked]:627
- Options: safe renegotiation,
|<3>| ASSERT: srtp.c[gnutls_srtp_get_selected_profile]:320
|<3>| ASSERT: alpn.c[gnutls_alpn_get_selected_protocol]:255
- Channel binding 'tls-unique':
|<3>| ASSERT: buffers.c[_gnutls_io_read_buffered]:589
|<3>| ASSERT: record.c[_gnutls_recv_int]:1709
|<5>| REC[0x1374570]: SSL 3.3 Application Data packet received. Epoch 2, length: 35
|<5>| REC[0x1374570]: Expected Packet Application Data(23)
|<5>| REC[0x1374570]: Received Packet Application Data(23) with length: 35
|<5>| REC[0x1374570]: Decrypted Packet[0] Application Data(23) with length: 18
|<3>| ASSERT: server_name.c[gnutls_server_name_get]:235
|<5>| REC[0x1374570]: Preparing Packet Application Data(23) with length: 685 and min pad: 0
|<5>| REC[0x1374570]: Sent Packet[2] Application Data(23) in epoch 2 and length: 707
|<3>| ASSERT: buffers.c[_gnutls_io_write_flush]:696
|<5>| REC: Sending Alert[1|0] - Close notify
|<5>| REC[0x1374570]: Preparing Packet Alert(21) with length: 2 and min pad: 0
|<5>| REC[0x1374570]: Sent Packet[3] Alert(21) in epoch 2 and length: 24
|<5>| REC[0x1374570]: Start of epoch cleanup
|<5>| REC[0x1374570]: End of epoch cleanup
|<5>| REC[0x1374570]: Epoch #2 freed
|<5>| REC[0x1374570]: Allocating epoch #0
|<2>| added 2 protocols, 43 ciphersuites, 18 sig algos and 9 groups into priority list
* Accepted connection from IPv4 127.0.0.1 port 38570 on Mon Nov 12 14:41:23 2018
|<5>| REC[0x1374570]: Allocating epoch #1
|<3>| ASSERT: buffers.c[get_last_packet]:1171
|<5>| REC[0x1374570]: SSL 3.0 Handshake packet received. Epoch 0, length: 144
|<5>| REC[0x1374570]: Expected Packet Handshake(22)
|<5>| REC[0x1374570]: Received Packet Handshake(22) with length: 144
|<5>| REC[0x1374570]: Decrypted Packet[0] Handshake(22) with length: 144
|<4>| HSK[0x1374570]: CLIENT HELLO (1) was received. Length 140[140], frag offset 0, frag length: 140, sequence: 0
|<4>| HSK[0x1374570]: Client's version: 3.3
|<4>| EXT[0x1374570]: Parsing extension 'Supported Versions/43' (5 bytes)
|<4>| EXT[0x1374570]: Found version: 3.4
|<4>| EXT[0x1374570]: Negotiated version: 3.4
|<4>| EXT[0x1374570]: Parsing extension 'Supported Groups/10' (4 bytes)
|<4>| EXT[0x1374570]: Received group SECP256R1 (0x17)
|<4>| EXT[0x1374570]: Selected group SECP256R1
|<4>| EXT[0x1374570]: Parsing extension 'Signature Algorithms/13' (6 bytes)
|<4>| EXT[0x1374570]: rcvd signature algo (8.4) RSA-PSS-RSAE-SHA256
|<4>| EXT[0x1374570]: rcvd signature algo (8.9) RSA-PSS-SHA256
|<4>| HSK[0x1374570]: Received safe renegotiation CS
|<2>| checking 13.01 (GNUTLS_AES_128_GCM_SHA256) for compatibility
|<3>| ASSERT: server_name.c[gnutls_server_name_get]:235
|<4>| HSK[0x1374570]: Requested server name: ''
|<4>| HSK[0x1374570]: checking compat of GNUTLS_AES_128_GCM_SHA256 with certificate[3] (RSA-PSS/X.509)
|<4>| checking cert compat with RSA-PSS-RSAE-SHA256
|<4>| checking cert compat with RSA-PSS-SHA256
|<4>| Selected signature algorithm: RSA-PSS-SHA256
|<2>| Selected (RSA-PSS) cert based on ciphersuite 13.1: GNUTLS_AES_128_GCM_SHA256
|<4>| HSK[0x1374570]: Selected cipher suite: GNUTLS_AES_128_GCM_SHA256
|<4>| HSK[0x1374570]: Selected version TLS1.3
|<4>| EXT[0x1374570]: Parsing extension 'Key Share/51' (2 bytes)
|<3>| ASSERT: key_share.c[key_share_recv_params]:575
|<3>| ASSERT: hello_ext.c[hello_ext_parse]:273
|<3>| ASSERT: extv.c[_gnutls_extv_parse]:69
|<3>| ASSERT: hello_ext.c[_gnutls_parse_hello_extensions]:306
|<3>| ASSERT: handshake.c[read_client_hello]:820
|<3>| ASSERT: handshake.c[_gnutls_recv_handshake]:1538
|<4>| EXT[0x1374570]: Not sending extension (Maximum Record Size/1) for 'hello retry request'
|<4>| EXT[0x1374570]: Not sending extension (OCSP Status Request/5) for 'hello retry request'
|<4>| EXT[0x1374570]: Not sending extension (Client Certificate Type/19) for 'hello retry request'
|<4>| EXT[0x1374570]: Not sending extension (Server Certificate Type/20) for 'hello retry request'
|<4>| EXT[0x1374570]: Not sending extension (Supported Groups/10) for 'hello retry request'
|<4>| EXT[0x1374570]: Not sending extension (Supported EC Point Formats/11) for 'hello retry request'
|<4>| EXT[0x1374570]: Not sending extension (SRP/12) for 'hello retry request'
|<4>| EXT[0x1374570]: Not sending extension (Signature Algorithms/13) for 'hello retry request'
|<4>| EXT[0x1374570]: Not sending extension (SRTP/14) for 'hello retry request'
|<4>| EXT[0x1374570]: Not sending extension (Heartbeat/15) for 'hello retry request'
|<4>| EXT[0x1374570]: Not sending extension (ALPN/16) for 'hello retry request'
|<4>| EXT[0x1374570]: Not sending extension (Encrypt-then-MAC/22) for 'hello retry request'
|<4>| EXT[0x1374570]: Not sending extension (Extended Master Secret/23) for 'hello retry request'
|<4>| EXT[0x1374570]: Not sending extension (Session Ticket/35) for 'hello retry request'
|<4>| EXT[0x1374570]: Preparing extension (Key Share/51) for 'hello retry request'
|<4>| HSK[0x1374570]: Selected group SECP256R1 (2)
|<4>| EXT[0x1374570]: requesting retry with group SECP256R1
|<4>| EXT[0x1374570]: Sending extension Key Share/51 (2 bytes)
|<4>| EXT[0x1374570]: Preparing extension (Supported Versions/43) for 'hello retry request'
|<4>| EXT[0x1374570]: Sending extension Supported Versions/43 (2 bytes)
|<4>| EXT[0x1374570]: Not sending extension (Post Handshake Auth/49) for 'hello retry request'
|<4>| EXT[0x1374570]: Not sending extension (Safe Renegotiation/65281) for 'hello retry request'
|<4>| EXT[0x1374570]: Not sending extension (Server Name Indication/0) for 'hello retry request'
|<4>| EXT[0x1374570]: Preparing extension (Cookie/44) for 'hello retry request'
|<4>| EXT[0x1374570]: Not sending extension (Early Data/42) for 'hello retry request'
|<4>| EXT[0x1374570]: Not sending extension (PSK Key Exchange Modes/45) for 'hello retry request'
|<4>| EXT[0x1374570]: Not sending extension (Record Size Limit/28) for 'hello retry request'
|<4>| EXT[0x1374570]: Not sending extension (ClientHello Padding/21) for 'hello retry request'
|<4>| EXT[0x1374570]: Not sending extension (Pre Shared Key/41) for 'hello retry request'
|<4>| HSK[0x1374570]: HELLO RETRY REQUEST was queued [88 bytes]
|<5>| REC[0x1374570]: Preparing Packet Handshake(22) with length: 88 and min pad: 0
|<5>| REC[0x1374570]: Sent Packet[1] Handshake(22) in epoch 0 and length: 93
|<5>| REC[0x1374570]: Preparing Packet ChangeCipherSpec(20) with length: 1 and min pad: 0
|<5>| REC[0x1374570]: Sent Packet[2] ChangeCipherSpec(20) in epoch 0 and length: 6
|<4>| REC[0x1374570]: Sent ChangeCipherSpec
|<3>| ASSERT: buffers.c[get_last_packet]:1171
|<5>| REC[0x1374570]: SSL 3.3 Handshake packet received. Epoch 0, length: 213
|<5>| REC[0x1374570]: Expected Packet Handshake(22)
|<5>| REC[0x1374570]: Received Packet Handshake(22) with length: 213
|<5>| REC[0x1374570]: Decrypted Packet[1] Handshake(22) with length: 213
|<4>| HSK[0x1374570]: CLIENT HELLO (1) was received. Length 209[209], frag offset 0, frag length: 209, sequence: 0
|<4>| HSK[0x1374570]: Client's version: 3.3
|<4>| EXT[0x1374570]: Parsing extension 'Supported Versions/43' (5 bytes)
|<4>| EXT[0x1374570]: Found version: 3.4
|<4>| EXT[0x1374570]: Negotiated version: 3.4
|<4>| EXT[0x1374570]: Parsing extension 'Signature Algorithms/13' (6 bytes)
|<4>| EXT[0x1374570]: rcvd signature algo (8.4) RSA-PSS-RSAE-SHA256
|<4>| EXT[0x1374570]: rcvd signature algo (8.9) RSA-PSS-SHA256
|<4>| EXT[0x1374570]: Parsing extension 'Supported Groups/10' (4 bytes)
|<4>| EXT[0x1374570]: Received group SECP256R1 (0x17)
|<4>| EXT[0x1374570]: Selected group SECP256R1
|<4>| HSK[0x1374570]: Received safe renegotiation CS
|<2>| checking 13.01 (GNUTLS_AES_128_GCM_SHA256) for compatibility
|<3>| ASSERT: server_name.c[gnutls_server_name_get]:235
|<4>| HSK[0x1374570]: Requested server name: ''
|<4>| HSK[0x1374570]: checking compat of GNUTLS_AES_128_GCM_SHA256 with certificate[3] (RSA-PSS/X.509)
|<4>| checking cert compat with RSA-PSS-RSAE-SHA256
|<4>| checking cert compat with RSA-PSS-SHA256
|<4>| Selected signature algorithm: RSA-PSS-SHA256
|<2>| Selected (RSA-PSS) cert based on ciphersuite 13.1: GNUTLS_AES_128_GCM_SHA256
|<4>| HSK[0x1374570]: Selected cipher suite: GNUTLS_AES_128_GCM_SHA256
|<4>| HSK[0x1374570]: Selected version TLS1.3
|<4>| EXT[0x1374570]: Parsing extension 'Key Share/51' (71 bytes)
|<4>| EXT[0x1374570]: Received key share for SECP256R1
|<4>| HSK[0x1374570]: Selected group SECP256R1 (2)
|<2>| EXT[0x1374570]: server generated SECP256R1 shared key
|<4>| HSK[0x1374570]: SessionID: 41071e3919b18ea54c6287132f74a9e913edb274c58924f2d17076ee5a743c74
|<4>| EXT[0x1374570]: Not sending extension (Maximum Record Size/1) for 'TLS 1.3 server hello'
|<4>| EXT[0x1374570]: Not sending extension (OCSP Status Request/5) for 'TLS 1.3 server hello'
|<4>| EXT[0x1374570]: Not sending extension (Client Certificate Type/19) for 'TLS 1.3 server hello'
|<4>| EXT[0x1374570]: Not sending extension (Server Certificate Type/20) for 'TLS 1.3 server hello'
|<4>| EXT[0x1374570]: Not sending extension (Supported Groups/10) for 'TLS 1.3 server hello'
|<4>| EXT[0x1374570]: Not sending extension (Supported EC Point Formats/11) for 'TLS 1.3 server hello'
|<4>| EXT[0x1374570]: Not sending extension (SRP/12) for 'TLS 1.3 server hello'
|<4>| EXT[0x1374570]: Not sending extension (Signature Algorithms/13) for 'TLS 1.3 server hello'
|<4>| EXT[0x1374570]: Not sending extension (SRTP/14) for 'TLS 1.3 server hello'
|<4>| EXT[0x1374570]: Not sending extension (Heartbeat/15) for 'TLS 1.3 server hello'
|<4>| EXT[0x1374570]: Not sending extension (ALPN/16) for 'TLS 1.3 server hello'
|<4>| EXT[0x1374570]: Not sending extension (Encrypt-then-MAC/22) for 'TLS 1.3 server hello'
|<4>| EXT[0x1374570]: Not sending extension (Extended Master Secret/23) for 'TLS 1.3 server hello'
|<4>| EXT[0x1374570]: Not sending extension (Session Ticket/35) for 'TLS 1.3 server hello'
|<4>| EXT[0x1374570]: Preparing extension (Key Share/51) for 'TLS 1.3 server hello'
|<4>| EXT[0x1374570]: sending key share for SECP256R1
|<4>| EXT[0x1374570]: Sending extension Key Share/51 (69 bytes)
|<4>| EXT[0x1374570]: Preparing extension (Supported Versions/43) for 'TLS 1.3 server hello'
|<4>| EXT[0x1374570]: Sending extension Supported Versions/43 (2 bytes)
|<4>| EXT[0x1374570]: Not sending extension (Post Handshake Auth/49) for 'TLS 1.3 server hello'
|<4>| EXT[0x1374570]: Not sending extension (Safe Renegotiation/65281) for 'TLS 1.3 server hello'
|<4>| EXT[0x1374570]: Not sending extension (Server Name Indication/0) for 'TLS 1.3 server hello'
|<4>| EXT[0x1374570]: Not sending extension (Cookie/44) for 'TLS 1.3 server hello'
|<4>| EXT[0x1374570]: Not sending extension (Early Data/42) for 'TLS 1.3 server hello'
|<4>| EXT[0x1374570]: Preparing extension (PSK Key Exchange Modes/45) for 'TLS 1.3 server hello'
|<4>| EXT[0x1374570]: Not sending extension (Record Size Limit/28) for 'TLS 1.3 server hello'
|<4>| EXT[0x1374570]: Not sending extension (ClientHello Padding/21) for 'TLS 1.3 server hello'
|<4>| EXT[0x1374570]: Preparing extension (Pre Shared Key/41) for 'TLS 1.3 server hello'
|<4>| HSK[0x1374570]: SERVER HELLO was queued [155 bytes]
|<5>| REC[0x1374570]: Initializing epoch #1
|<5>| REC[0x1374570]: Epoch #1 ready
|<4>| HSK[0x1374570]: TLS 1.3 re-key with cipher suite: GNUTLS_AES_128_GCM_SHA256
|<4>| EXT[0x1374570]: Preparing extension (Maximum Record Size/1) for 'encrypted extensions'
|<4>| EXT[0x1374570]: Not sending extension (OCSP Status Request/5) for 'encrypted extensions'
|<4>| EXT[0x1374570]: Preparing extension (Client Certificate Type/19) for 'encrypted extensions'
|<4>| EXT[0x1374570]: Preparing extension (Server Certificate Type/20) for 'encrypted extensions'
|<4>| EXT[0x1374570]: Preparing extension (Supported Groups/10) for 'encrypted extensions'
|<4>| EXT[0x1374570]: Not sending extension (Supported EC Point Formats/11) for 'encrypted extensions'
|<4>| EXT[0x1374570]: Not sending extension (SRP/12) for 'encrypted extensions'
|<4>| EXT[0x1374570]: Not sending extension (Signature Algorithms/13) for 'encrypted extensions'
|<4>| EXT[0x1374570]: Preparing extension (SRTP/14) for 'encrypted extensions'
|<4>| EXT[0x1374570]: Preparing extension (Heartbeat/15) for 'encrypted extensions'
|<4>| EXT[0x1374570]: Preparing extension (ALPN/16) for 'encrypted extensions'
|<4>| EXT[0x1374570]: Not sending extension (Encrypt-then-MAC/22) for 'encrypted extensions'
|<4>| EXT[0x1374570]: Not sending extension (Extended Master Secret/23) for 'encrypted extensions'
|<4>| EXT[0x1374570]: Not sending extension (Session Ticket/35) for 'encrypted extensions'
|<4>| EXT[0x1374570]: Not sending extension (Key Share/51) for 'encrypted extensions'
|<4>| EXT[0x1374570]: Not sending extension (Supported Versions/43) for 'encrypted extensions'
|<4>| EXT[0x1374570]: Not sending extension (Post Handshake Auth/49) for 'encrypted extensions'
|<4>| EXT[0x1374570]: Not sending extension (Safe Renegotiation/65281) for 'encrypted extensions'
|<4>| EXT[0x1374570]: Preparing extension (Server Name Indication/0) for 'encrypted extensions'
|<4>| EXT[0x1374570]: Not sending extension (Cookie/44) for 'encrypted extensions'
|<4>| EXT[0x1374570]: Not sending extension (Early Data/42) for 'encrypted extensions'
|<4>| EXT[0x1374570]: Not sending extension (PSK Key Exchange Modes/45) for 'encrypted extensions'
|<4>| EXT[0x1374570]: Preparing extension (Record Size Limit/28) for 'encrypted extensions'
|<4>| EXT[0x1374570]: Not sending extension (ClientHello Padding/21) for 'encrypted extensions'
|<4>| EXT[0x1374570]: Not sending extension (Pre Shared Key/41) for 'encrypted extensions'
|<4>| HSK[0x1374570]: ENCRYPTED EXTENSIONS was queued [6 bytes]
|<4>| HSK[0x1374570]: CERTIFICATE was queued [874 bytes]
|<4>| checking cert compat with RSA-PSS-RSAE-SHA256
|<4>| checking cert compat with RSA-PSS-SHA256
|<4>| HSK[0x1374570]: signing TLS 1.3 handshake data: using RSA-PSS-SHA256 and PRF: SHA256
|<3>| ASSERT: mpi.c[wrap_nettle_mpi_print]:60
|<4>| HSK[0x1374570]: CERTIFICATE VERIFY was queued [264 bytes]
|<4>| HSK[0x1374570]: sending finished
|<4>| HSK[0x1374570]: FINISHED was queued [36 bytes]
|<5>| REC[0x1374570]: Preparing Packet Handshake(22) with length: 155 and min pad: 0
|<5>| REC[0x1374570]: Sent Packet[3] Handshake(22) in epoch 0 and length: 160
|<5>| REC[0x1374570]: Preparing Packet Handshake(22) with length: 6 and min pad: 0
|<5>| REC[0x1374570]: Sent Packet[1] Handshake(22) in epoch 1 and length: 28
|<5>| REC[0x1374570]: Preparing Packet Handshake(22) with length: 874 and min pad: 0
|<5>| REC[0x1374570]: Sent Packet[2] Handshake(22) in epoch 1 and length: 896
|<5>| REC[0x1374570]: Preparing Packet Handshake(22) with length: 264 and min pad: 0
|<5>| REC[0x1374570]: Sent Packet[3] Handshake(22) in epoch 1 and length: 286
|<5>| REC[0x1374570]: Preparing Packet Handshake(22) with length: 36 and min pad: 0
|<5>| REC[0x1374570]: Sent Packet[4] Handshake(22) in epoch 1 and length: 58
|<3>| ASSERT: constate.c[_gnutls_epoch_get]:836
|<5>| REC[0x1374570]: Allocating epoch #2
|<4>| HSK[0x1374570]: unauthenticated session eligible for early start
|<5>| REC[0x1374570]: Initializing epoch #2
|<5>| REC[0x1374570]: Epoch #2 ready
|<4>| HSK[0x1374570]: TLS 1.3 set write key with cipher suite: GNUTLS_AES_128_GCM_SHA256
|<4>| HSK[0x1374570]: switching early to application traffic keys
|<4>| HSK[0x1374570]: NEW SESSION TICKET was queued [203 bytes]
|<5>| REC[0x1374570]: Preparing Packet Handshake(22) with length: 203 and min pad: 0
|<5>| REC[0x1374570]: Sent Packet[1] Handshake(22) in epoch 2 and length: 225
|<3>| ASSERT: buffers.c[get_last_packet]:1171
|<3>| ASSERT: buffers.c[_gnutls_stream_read]:369
|<3>| ASSERT: buffers.c[_gnutls_io_read_buffered]:589
|<3>| ASSERT: record.c[recv_headers]:1169
|<3>| ASSERT: record.c[_gnutls_recv_in_buffers]:1300
|<3>| ASSERT: buffers.c[_gnutls_handshake_io_recv_int]:1448
|<3>| ASSERT: handshake.c[_gnutls_recv_handshake]:1497
|<3>| ASSERT: tls13/finished.c[_gnutls13_recv_finished]:101
|<3>| ASSERT: handshake-tls13.c[_gnutls13_handshake_server]:481
Error in handshake: Error in the pull function.
|<5>| REC: Sending Alert[2|80] - Internal error
|<5>| REC[0x1374570]: Preparing Packet Alert(21) with length: 2 and min pad: 0
|<2>| WRITE: -1 returned from 0x5, errno: 32
|<3>| ASSERT: buffers.c[errno_to_gerr]:230
|<3>| ASSERT: buffers.c[_gnutls_io_write_flush]:722
|<3>| ASSERT: record.c[_gnutls_send_tlen_int]:572
|<5>| REC[0x1374570]: Start of epoch cleanup
|<5>| REC[0x1374570]: Epoch #0 freed
|<5>| REC[0x1374570]: End of epoch cleanup
|<5>| REC[0x1374570]: Epoch #1 freed
|<5>| REC[0x1374570]: Epoch #2 freed
|<5>| REC[0x1374570]: Allocating epoch #0
|<2>| added 2 protocols, 43 ciphersuites, 18 sig algos and 9 groups into priority list
* Accepted connection from IPv4 127.0.0.1 port 38572 on Mon Nov 12 14:41:23 2018
|<5>| REC[0x1374570]: Allocating epoch #1
|<3>| ASSERT: buffers.c[get_last_packet]:1171
|<5>| REC[0x1374570]: SSL 3.0 Handshake packet received. Epoch 0, length: 16384
|<5>| REC[0x1374570]: Expected Packet Handshake(22)
|<5>| REC[0x1374570]: Received Packet Handshake(22) with length: 16384
|<5>| REC[0x1374570]: Decrypted Packet[0] Handshake(22) with length: 16384
|<4>| HSK[0x1374570]: CLIENT HELLO (1) was received. Length 16524[16380], frag offset 0, frag length: 16380, sequence: 0
|<3>| ASSERT: buffers.c[_gnutls_parse_record_buffered_msgs]:1302
|<3>| ASSERT: buffers.c[get_last_packet]:1171
|<5>| REC[0x1374570]: SSL 3.0 Handshake packet received. Epoch 0, length: 144
|<5>| REC[0x1374570]: Expected Packet Handshake(22)
|<5>| REC[0x1374570]: Received Packet Handshake(22) with length: 144
|<5>| REC[0x1374570]: Decrypted Packet[1] Handshake(22) with length: 144
|<4>| HSK[0x1374570]: Client's version: 3.3
|<4>| EXT[0x1374570]: Parsing extension 'Supported Versions/43' (5 bytes)
|<4>| EXT[0x1374570]: Found version: 3.4
|<4>| EXT[0x1374570]: Negotiated version: 3.4
|<4>| EXT[0x1374570]: Parsing extension 'Supported Groups/10' (4 bytes)
|<4>| EXT[0x1374570]: Received group SECP256R1 (0x17)
|<4>| EXT[0x1374570]: Selected group SECP256R1
|<4>| EXT[0x1374570]: Parsing extension 'Signature Algorithms/13' (6 bytes)
|<4>| EXT[0x1374570]: rcvd signature algo (8.4) RSA-PSS-RSAE-SHA256
|<4>| EXT[0x1374570]: rcvd signature algo (8.9) RSA-PSS-SHA256
|<4>| HSK[0x1374570]: Received safe renegotiation CS
|<2>| checking 13.01 (GNUTLS_AES_128_GCM_SHA256) for compatibility
|<3>| ASSERT: server_name.c[gnutls_server_name_get]:235
|<4>| HSK[0x1374570]: Requested server name: ''
|<4>| HSK[0x1374570]: checking compat of GNUTLS_AES_128_GCM_SHA256 with certificate[3] (RSA-PSS/X.509)
|<4>| checking cert compat with RSA-PSS-RSAE-SHA256
|<4>| checking cert compat with RSA-PSS-SHA256
|<4>| Selected signature algorithm: RSA-PSS-SHA256
|<2>| Selected (RSA-PSS) cert based on ciphersuite 13.1: GNUTLS_AES_128_GCM_SHA256
|<4>| HSK[0x1374570]: Selected cipher suite: GNUTLS_AES_128_GCM_SHA256
|<4>| HSK[0x1374570]: Selected version TLS1.3
|<4>| EXT[0x1374570]: Parsing extension 'Key Share/51' (2 bytes)
|<3>| ASSERT: key_share.c[key_share_recv_params]:575
|<3>| ASSERT: hello_ext.c[hello_ext_parse]:273
|<3>| ASSERT: extv.c[_gnutls_extv_parse]:69
|<3>| ASSERT: hello_ext.c[_gnutls_parse_hello_extensions]:306
|<3>| ASSERT: handshake.c[read_client_hello]:820
|<3>| ASSERT: handshake.c[_gnutls_recv_handshake]:1538
|<4>| EXT[0x1374570]: Not sending extension (Maximum Record Size/1) for 'hello retry request'
|<4>| EXT[0x1374570]: Not sending extension (OCSP Status Request/5) for 'hello retry request'
|<4>| EXT[0x1374570]: Not sending extension (Client Certificate Type/19) for 'hello retry request'
|<4>| EXT[0x1374570]: Not sending extension (Server Certificate Type/20) for 'hello retry request'
|<4>| EXT[0x1374570]: Not sending extension (Supported Groups/10) for 'hello retry request'
|<4>| EXT[0x1374570]: Not sending extension (Supported EC Point Formats/11) for 'hello retry request'
|<4>| EXT[0x1374570]: Not sending extension (SRP/12) for 'hello retry request'
|<4>| EXT[0x1374570]: Not sending extension (Signature Algorithms/13) for 'hello retry request'
|<4>| EXT[0x1374570]: Not sending extension (SRTP/14) for 'hello retry request'
|<4>| EXT[0x1374570]: Not sending extension (Heartbeat/15) for 'hello retry request'
|<4>| EXT[0x1374570]: Not sending extension (ALPN/16) for 'hello retry request'
|<4>| EXT[0x1374570]: Not sending extension (Encrypt-then-MAC/22) for 'hello retry request'
|<4>| EXT[0x1374570]: Not sending extension (Extended Master Secret/23) for 'hello retry request'
|<4>| EXT[0x1374570]: Not sending extension (Session Ticket/35) for 'hello retry request'
|<4>| EXT[0x1374570]: Preparing extension (Key Share/51) for 'hello retry request'
|<4>| HSK[0x1374570]: Selected group SECP256R1 (2)
|<4>| EXT[0x1374570]: requesting retry with group SECP256R1
|<4>| EXT[0x1374570]: Sending extension Key Share/51 (2 bytes)
|<4>| EXT[0x1374570]: Preparing extension (Supported Versions/43) for 'hello retry request'
|<4>| EXT[0x1374570]: Sending extension Supported Versions/43 (2 bytes)
|<4>| EXT[0x1374570]: Not sending extension (Post Handshake Auth/49) for 'hello retry request'
|<4>| EXT[0x1374570]: Not sending extension (Safe Renegotiation/65281) for 'hello retry request'
|<4>| EXT[0x1374570]: Not sending extension (Server Name Indication/0) for 'hello retry request'
|<4>| EXT[0x1374570]: Preparing extension (Cookie/44) for 'hello retry request'
|<4>| EXT[0x1374570]: Not sending extension (Early Data/42) for 'hello retry request'
|<4>| EXT[0x1374570]: Not sending extension (PSK Key Exchange Modes/45) for 'hello retry request'
|<4>| EXT[0x1374570]: Not sending extension (Record Size Limit/28) for 'hello retry request'
|<4>| EXT[0x1374570]: Not sending extension (ClientHello Padding/21) for 'hello retry request'
|<4>| EXT[0x1374570]: Not sending extension (Pre Shared Key/41) for 'hello retry request'
|<4>| HSK[0x1374570]: HELLO RETRY REQUEST was queued [88 bytes]
|<5>| REC[0x1374570]: Preparing Packet Handshake(22) with length: 88 and min pad: 0
|<5>| REC[0x1374570]: Sent Packet[1] Handshake(22) in epoch 0 and length: 93
|<5>| REC[0x1374570]: Preparing Packet ChangeCipherSpec(20) with length: 1 and min pad: 0
|<5>| REC[0x1374570]: Sent Packet[2] ChangeCipherSpec(20) in epoch 0 and length: 6
|<4>| REC[0x1374570]: Sent ChangeCipherSpec
|<3>| ASSERT: buffers.c[get_last_packet]:1171
|<5>| REC[0x1374570]: SSL 3.3 Handshake packet received. Epoch 0, length: 16384
|<5>| REC[0x1374570]: Expected Packet Handshake(22)
|<5>| REC[0x1374570]: Received Packet Handshake(22) with length: 16384
|<5>| REC[0x1374570]: Decrypted Packet[2] Handshake(22) with length: 16384
|<4>| HSK[0x1374570]: CLIENT HELLO (1) was received. Length 16593[16380], frag offset 0, frag length: 16380, sequence: 0
|<3>| ASSERT: buffers.c[_gnutls_parse_record_buffered_msgs]:1302
|<3>| ASSERT: buffers.c[get_last_packet]:1171
|<5>| REC[0x1374570]: SSL 3.3 Handshake packet received. Epoch 0, length: 213
|<5>| REC[0x1374570]: Expected Packet Handshake(22)
|<5>| REC[0x1374570]: Received Packet Handshake(22) with length: 213
|<5>| REC[0x1374570]: Decrypted Packet[3] Handshake(22) with length: 213
|<4>| HSK[0x1374570]: Client's version: 3.3
|<4>| EXT[0x1374570]: Parsing extension 'Supported Versions/43' (5 bytes)
|<4>| EXT[0x1374570]: Found version: 3.4
|<4>| EXT[0x1374570]: Negotiated version: 3.4
|<4>| EXT[0x1374570]: Parsing extension 'Signature Algorithms/13' (6 bytes)
|<4>| EXT[0x1374570]: rcvd signature algo (8.4) RSA-PSS-RSAE-SHA256
|<4>| EXT[0x1374570]: rcvd signature algo (8.9) RSA-PSS-SHA256
|<4>| EXT[0x1374570]: Parsing extension 'Supported Groups/10' (4 bytes)
|<4>| EXT[0x1374570]: Received group SECP256R1 (0x17)
|<4>| EXT[0x1374570]: Selected group SECP256R1
|<4>| HSK[0x1374570]: Received safe renegotiation CS
|<2>| checking 13.01 (GNUTLS_AES_128_GCM_SHA256) for compatibility
|<3>| ASSERT: server_name.c[gnutls_server_name_get]:235
|<4>| HSK[0x1374570]: Requested server name: ''
|<4>| HSK[0x1374570]: checking compat of GNUTLS_AES_128_GCM_SHA256 with certificate[3] (RSA-PSS/X.509)
|<4>| checking cert compat with RSA-PSS-RSAE-SHA256
|<4>| checking cert compat with RSA-PSS-SHA256
|<4>| Selected signature algorithm: RSA-PSS-SHA256
|<2>| Selected (RSA-PSS) cert based on ciphersuite 13.1: GNUTLS_AES_128_GCM_SHA256
|<4>| HSK[0x1374570]: Selected cipher suite: GNUTLS_AES_128_GCM_SHA256
|<4>| HSK[0x1374570]: Selected version TLS1.3
|<4>| EXT[0x1374570]: Parsing extension 'Key Share/51' (71 bytes)
|<4>| EXT[0x1374570]: Received key share for SECP256R1
|<4>| HSK[0x1374570]: Selected group SECP256R1 (2)
|<2>| EXT[0x1374570]: server generated SECP256R1 shared key
|<4>| HSK[0x1374570]: SessionID: f7b8d68f3836505ef88cc9915ea3799c7b15a0565034ddc66800b3d8166ca53f
|<4>| EXT[0x1374570]: Not sending extension (Maximum Record Size/1) for 'TLS 1.3 server hello'
|<4>| EXT[0x1374570]: Not sending extension (OCSP Status Request/5) for 'TLS 1.3 server hello'
|<4>| EXT[0x1374570]: Not sending extension (Client Certificate Type/19) for 'TLS 1.3 server hello'
|<4>| EXT[0x1374570]: Not sending extension (Server Certificate Type/20) for 'TLS 1.3 server hello'
|<4>| EXT[0x1374570]: Not sending extension (Supported Groups/10) for 'TLS 1.3 server hello'
|<4>| EXT[0x1374570]: Not sending extension (Supported EC Point Formats/11) for 'TLS 1.3 server hello'
|<4>| EXT[0x1374570]: Not sending extension (SRP/12) for 'TLS 1.3 server hello'
|<4>| EXT[0x1374570]: Not sending extension (Signature Algorithms/13) for 'TLS 1.3 server hello'
|<4>| EXT[0x1374570]: Not sending extension (SRTP/14) for 'TLS 1.3 server hello'
|<4>| EXT[0x1374570]: Not sending extension (Heartbeat/15) for 'TLS 1.3 server hello'
|<4>| EXT[0x1374570]: Not sending extension (ALPN/16) for 'TLS 1.3 server hello'
|<4>| EXT[0x1374570]: Not sending extension (Encrypt-then-MAC/22) for 'TLS 1.3 server hello'
|<4>| EXT[0x1374570]: Not sending extension (Extended Master Secret/23) for 'TLS 1.3 server hello'
|<4>| EXT[0x1374570]: Not sending extension (Session Ticket/35) for 'TLS 1.3 server hello'
|<4>| EXT[0x1374570]: Preparing extension (Key Share/51) for 'TLS 1.3 server hello'
|<4>| EXT[0x1374570]: sending key share for SECP256R1
|<4>| EXT[0x1374570]: Sending extension Key Share/51 (69 bytes)
|<4>| EXT[0x1374570]: Preparing extension (Supported Versions/43) for 'TLS 1.3 server hello'
|<4>| EXT[0x1374570]: Sending extension Supported Versions/43 (2 bytes)
|<4>| EXT[0x1374570]: Not sending extension (Post Handshake Auth/49) for 'TLS 1.3 server hello'
|<4>| EXT[0x1374570]: Not sending extension (Safe Renegotiation/65281) for 'TLS 1.3 server hello'
|<4>| EXT[0x1374570]: Not sending extension (Server Name Indication/0) for 'TLS 1.3 server hello'
|<4>| EXT[0x1374570]: Not sending extension (Cookie/44) for 'TLS 1.3 server hello'
|<4>| EXT[0x1374570]: Not sending extension (Early Data/42) for 'TLS 1.3 server hello'
|<4>| EXT[0x1374570]: Preparing extension (PSK Key Exchange Modes/45) for 'TLS 1.3 server hello'
|<4>| EXT[0x1374570]: Not sending extension (Record Size Limit/28) for 'TLS 1.3 server hello'
|<4>| EXT[0x1374570]: Not sending extension (ClientHello Padding/21) for 'TLS 1.3 server hello'
|<4>| EXT[0x1374570]: Preparing extension (Pre Shared Key/41) for 'TLS 1.3 server hello'
|<4>| HSK[0x1374570]: SERVER HELLO was queued [155 bytes]
|<5>| REC[0x1374570]: Initializing epoch #1
|<5>| REC[0x1374570]: Epoch #1 ready
|<4>| HSK[0x1374570]: TLS 1.3 re-key with cipher suite: GNUTLS_AES_128_GCM_SHA256
|<4>| EXT[0x1374570]: Preparing extension (Maximum Record Size/1) for 'encrypted extensions'
|<4>| EXT[0x1374570]: Not sending extension (OCSP Status Request/5) for 'encrypted extensions'
|<4>| EXT[0x1374570]: Preparing extension (Client Certificate Type/19) for 'encrypted extensions'
|<4>| EXT[0x1374570]: Preparing extension (Server Certificate Type/20) for 'encrypted extensions'
|<4>| EXT[0x1374570]: Preparing extension (Supported Groups/10) for 'encrypted extensions'
|<4>| EXT[0x1374570]: Not sending extension (Supported EC Point Formats/11) for 'encrypted extensions'
|<4>| EXT[0x1374570]: Not sending extension (SRP/12) for 'encrypted extensions'
|<4>| EXT[0x1374570]: Not sending extension (Signature Algorithms/13) for 'encrypted extensions'
|<4>| EXT[0x1374570]: Preparing extension (SRTP/14) for 'encrypted extensions'
|<4>| EXT[0x1374570]: Preparing extension (Heartbeat/15) for 'encrypted extensions'
|<4>| EXT[0x1374570]: Preparing extension (ALPN/16) for 'encrypted extensions'
|<4>| EXT[0x1374570]: Not sending extension (Encrypt-then-MAC/22) for 'encrypted extensions'
|<4>| EXT[0x1374570]: Not sending extension (Extended Master Secret/23) for 'encrypted extensions'
|<4>| EXT[0x1374570]: Not sending extension (Session Ticket/35) for 'encrypted extensions'
|<4>| EXT[0x1374570]: Not sending extension (Key Share/51) for 'encrypted extensions'
|<4>| EXT[0x1374570]: Not sending extension (Supported Versions/43) for 'encrypted extensions'
|<4>| EXT[0x1374570]: Not sending extension (Post Handshake Auth/49) for 'encrypted extensions'
|<4>| EXT[0x1374570]: Not sending extension (Safe Renegotiation/65281) for 'encrypted extensions'
|<4>| EXT[0x1374570]: Preparing extension (Server Name Indication/0) for 'encrypted extensions'
|<4>| EXT[0x1374570]: Not sending extension (Cookie/44) for 'encrypted extensions'
|<4>| EXT[0x1374570]: Not sending extension (Early Data/42) for 'encrypted extensions'
|<4>| EXT[0x1374570]: Not sending extension (PSK Key Exchange Modes/45) for 'encrypted extensions'
|<4>| EXT[0x1374570]: Preparing extension (Record Size Limit/28) for 'encrypted extensions'
|<4>| EXT[0x1374570]: Not sending extension (ClientHello Padding/21) for 'encrypted extensions'
|<4>| EXT[0x1374570]: Not sending extension (Pre Shared Key/41) for 'encrypted extensions'
|<4>| HSK[0x1374570]: ENCRYPTED EXTENSIONS was queued [6 bytes]
|<4>| HSK[0x1374570]: CERTIFICATE was queued [874 bytes]
|<4>| checking cert compat with RSA-PSS-RSAE-SHA256
|<4>| checking cert compat with RSA-PSS-SHA256
|<4>| HSK[0x1374570]: signing TLS 1.3 handshake data: using RSA-PSS-SHA256 and PRF: SHA256
|<3>| ASSERT: mpi.c[wrap_nettle_mpi_print]:60
|<4>| HSK[0x1374570]: CERTIFICATE VERIFY was queued [264 bytes]
|<4>| HSK[0x1374570]: sending finished
|<4>| HSK[0x1374570]: FINISHED was queued [36 bytes]
|<5>| REC[0x1374570]: Preparing Packet Handshake(22) with length: 155 and min pad: 0
|<5>| REC[0x1374570]: Sent Packet[3] Handshake(22) in epoch 0 and length: 160
|<5>| REC[0x1374570]: Preparing Packet Handshake(22) with length: 6 and min pad: 0
|<5>| REC[0x1374570]: Sent Packet[1] Handshake(22) in epoch 1 and length: 28
|<5>| REC[0x1374570]: Preparing Packet Handshake(22) with length: 874 and min pad: 0
|<5>| REC[0x1374570]: Sent Packet[2] Handshake(22) in epoch 1 and length: 896
|<5>| REC[0x1374570]: Preparing Packet Handshake(22) with length: 264 and min pad: 0
|<5>| REC[0x1374570]: Sent Packet[3] Handshake(22) in epoch 1 and length: 286
|<5>| REC[0x1374570]: Preparing Packet Handshake(22) with length: 36 and min pad: 0
|<5>| REC[0x1374570]: Sent Packet[4] Handshake(22) in epoch 1 and length: 58
|<3>| ASSERT: constate.c[_gnutls_epoch_get]:836
|<5>| REC[0x1374570]: Allocating epoch #2
|<4>| HSK[0x1374570]: unauthenticated session eligible for early start
|<5>| REC[0x1374570]: Initializing epoch #2
|<5>| REC[0x1374570]: Epoch #2 ready
|<4>| HSK[0x1374570]: TLS 1.3 set write key with cipher suite: GNUTLS_AES_128_GCM_SHA256
|<4>| HSK[0x1374570]: switching early to application traffic keys
|<4>| HSK[0x1374570]: NEW SESSION TICKET was queued [203 bytes]
|<5>| REC[0x1374570]: Preparing Packet Handshake(22) with length: 203 and min pad: 0
|<5>| REC[0x1374570]: Sent Packet[1] Handshake(22) in epoch 2 and length: 225
|<3>| ASSERT: buffers.c[get_last_packet]:1171
|<3>| ASSERT: buffers.c[_gnutls_stream_read]:369
|<3>| ASSERT: buffers.c[_gnutls_io_read_buffered]:589
|<3>| ASSERT: record.c[recv_headers]:1169
|<3>| ASSERT: record.c[_gnutls_recv_in_buffers]:1300
|<3>| ASSERT: buffers.c[_gnutls_handshake_io_recv_int]:1448
|<3>| ASSERT: handshake.c[_gnutls_recv_handshake]:1497
|<3>| ASSERT: tls13/finished.c[_gnutls13_recv_finished]:101
|<3>| ASSERT: handshake-tls13.c[_gnutls13_handshake_server]:481
Error in handshake: Error in the pull function.
|<5>| REC: Sending Alert[2|80] - Internal error
|<5>| REC[0x1374570]: Preparing Packet Alert(21) with length: 2 and min pad: 0
|<2>| WRITE: -1 returned from 0x5, errno: 32
|<3>| ASSERT: buffers.c[errno_to_gerr]:230
|<3>| ASSERT: buffers.c[_gnutls_io_write_flush]:722
|<3>| ASSERT: record.c[_gnutls_send_tlen_int]:572
|<5>| REC[0x1374570]: Start of epoch cleanup
|<5>| REC[0x1374570]: Epoch #0 freed
|<5>| REC[0x1374570]: End of epoch cleanup
|<5>| REC[0x1374570]: Epoch #1 freed
|<5>| REC[0x1374570]: Epoch #2 freed
|<5>| REC[0x1374570]: Allocating epoch #0
|<2>| added 2 protocols, 43 ciphersuites, 18 sig algos and 9 groups into priority list
* Accepted connection from IPv4 127.0.0.1 port 38574 on Mon Nov 12 14:41:23 2018
|<5>| REC[0x1374570]: Allocating epoch #1
|<3>| ASSERT: buffers.c[get_last_packet]:1171
|<5>| REC[0x1374570]: SSL 3.0 Handshake packet received. Epoch 0, length: 16384
|<5>| REC[0x1374570]: Expected Packet Handshake(22)
|<5>| REC[0x1374570]: Received Packet Handshake(22) with length: 16384
|<5>| REC[0x1374570]: Decrypted Packet[0] Handshake(22) with length: 16384
|<4>| HSK[0x1374570]: CLIENT HELLO (1) was received. Length 16524[16380], frag offset 0, frag length: 16380, sequence: 0
|<3>| ASSERT: buffers.c[_gnutls_parse_record_buffered_msgs]:1302
|<3>| ASSERT: buffers.c[get_last_packet]:1171
|<5>| REC[0x1374570]: SSL 3.0 Handshake packet received. Epoch 0, length: 144
|<5>| REC[0x1374570]: Expected Packet Handshake(22)
|<5>| REC[0x1374570]: Received Packet Handshake(22) with length: 144
|<5>| REC[0x1374570]: Decrypted Packet[1] Handshake(22) with length: 144
|<4>| HSK[0x1374570]: Client's version: 3.3
|<4>| EXT[0x1374570]: Parsing extension 'Supported Versions/43' (5 bytes)
|<4>| EXT[0x1374570]: Found version: 3.4
|<4>| EXT[0x1374570]: Negotiated version: 3.4
|<4>| EXT[0x1374570]: Parsing extension 'Supported Groups/10' (4 bytes)
|<4>| EXT[0x1374570]: Received group SECP256R1 (0x17)
|<4>| EXT[0x1374570]: Selected group SECP256R1
|<4>| EXT[0x1374570]: Parsing extension 'Signature Algorithms/13' (6 bytes)
|<4>| EXT[0x1374570]: rcvd signature algo (8.4) RSA-PSS-RSAE-SHA256
|<4>| EXT[0x1374570]: rcvd signature algo (8.9) RSA-PSS-SHA256
|<4>| HSK[0x1374570]: Received safe renegotiation CS
|<2>| checking 13.01 (GNUTLS_AES_128_GCM_SHA256) for compatibility
|<3>| ASSERT: server_name.c[gnutls_server_name_get]:235
|<4>| HSK[0x1374570]: Requested server name: ''
|<4>| HSK[0x1374570]: checking compat of GNUTLS_AES_128_GCM_SHA256 with certificate[3] (RSA-PSS/X.509)
|<4>| checking cert compat with RSA-PSS-RSAE-SHA256
|<4>| checking cert compat with RSA-PSS-SHA256
|<4>| Selected signature algorithm: RSA-PSS-SHA256
|<2>| Selected (RSA-PSS) cert based on ciphersuite 13.1: GNUTLS_AES_128_GCM_SHA256
|<4>| HSK[0x1374570]: Selected cipher suite: GNUTLS_AES_128_GCM_SHA256
|<4>| HSK[0x1374570]: Selected version TLS1.3
|<4>| EXT[0x1374570]: Parsing extension 'Key Share/51' (2 bytes)
|<3>| ASSERT: key_share.c[key_share_recv_params]:575
|<3>| ASSERT: hello_ext.c[hello_ext_parse]:273
|<3>| ASSERT: extv.c[_gnutls_extv_parse]:69
|<3>| ASSERT: hello_ext.c[_gnutls_parse_hello_extensions]:306
|<3>| ASSERT: handshake.c[read_client_hello]:820
|<3>| ASSERT: handshake.c[_gnutls_recv_handshake]:1538
|<4>| EXT[0x1374570]: Not sending extension (Maximum Record Size/1) for 'hello retry request'
|<4>| EXT[0x1374570]: Not sending extension (OCSP Status Request/5) for 'hello retry request'
|<4>| EXT[0x1374570]: Not sending extension (Client Certificate Type/19) for 'hello retry request'
|<4>| EXT[0x1374570]: Not sending extension (Server Certificate Type/20) for 'hello retry request'
|<4>| EXT[0x1374570]: Not sending extension (Supported Groups/10) for 'hello retry request'
|<4>| EXT[0x1374570]: Not sending extension (Supported EC Point Formats/11) for 'hello retry request'
|<4>| EXT[0x1374570]: Not sending extension (SRP/12) for 'hello retry request'
|<4>| EXT[0x1374570]: Not sending extension (Signature Algorithms/13) for 'hello retry request'
|<4>| EXT[0x1374570]: Not sending extension (SRTP/14) for 'hello retry request'
|<4>| EXT[0x1374570]: Not sending extension (Heartbeat/15) for 'hello retry request'
|<4>| EXT[0x1374570]: Not sending extension (ALPN/16) for 'hello retry request'
|<4>| EXT[0x1374570]: Not sending extension (Encrypt-then-MAC/22) for 'hello retry request'
|<4>| EXT[0x1374570]: Not sending extension (Extended Master Secret/23) for 'hello retry request'
|<4>| EXT[0x1374570]: Not sending extension (Session Ticket/35) for 'hello retry request'
|<4>| EXT[0x1374570]: Preparing extension (Key Share/51) for 'hello retry request'
|<4>| HSK[0x1374570]: Selected group SECP256R1 (2)
|<4>| EXT[0x1374570]: requesting retry with group SECP256R1
|<4>| EXT[0x1374570]: Sending extension Key Share/51 (2 bytes)
|<4>| EXT[0x1374570]: Preparing extension (Supported Versions/43) for 'hello retry request'
|<4>| EXT[0x1374570]: Sending extension Supported Versions/43 (2 bytes)
|<4>| EXT[0x1374570]: Not sending extension (Post Handshake Auth/49) for 'hello retry request'
|<4>| EXT[0x1374570]: Not sending extension (Safe Renegotiation/65281) for 'hello retry request'
|<4>| EXT[0x1374570]: Not sending extension (Server Name Indication/0) for 'hello retry request'
|<4>| EXT[0x1374570]: Preparing extension (Cookie/44) for 'hello retry request'
|<4>| EXT[0x1374570]: Not sending extension (Early Data/42) for 'hello retry request'
|<4>| EXT[0x1374570]: Not sending extension (PSK Key Exchange Modes/45) for 'hello retry request'
|<4>| EXT[0x1374570]: Not sending extension (Record Size Limit/28) for 'hello retry request'
|<4>| EXT[0x1374570]: Not sending extension (ClientHello Padding/21) for 'hello retry request'
|<4>| EXT[0x1374570]: Not sending extension (Pre Shared Key/41) for 'hello retry request'
|<4>| HSK[0x1374570]: HELLO RETRY REQUEST was queued [88 bytes]
|<5>| REC[0x1374570]: Preparing Packet Handshake(22) with length: 88 and min pad: 0
|<5>| REC[0x1374570]: Sent Packet[1] Handshake(22) in epoch 0 and length: 93
|<5>| REC[0x1374570]: Preparing Packet ChangeCipherSpec(20) with length: 1 and min pad: 0
|<5>| REC[0x1374570]: Sent Packet[2] ChangeCipherSpec(20) in epoch 0 and length: 6
|<4>| REC[0x1374570]: Sent ChangeCipherSpec
|<3>| ASSERT: buffers.c[get_last_packet]:1171
|<5>| REC[0x1374570]: SSL 3.3 Handshake packet received. Epoch 0, length: 16384
|<5>| REC[0x1374570]: Expected Packet Handshake(22)
|<5>| REC[0x1374570]: Received Packet Handshake(22) with length: 16384
|<5>| REC[0x1374570]: Decrypted Packet[2] Handshake(22) with length: 16384
|<4>| HSK[0x1374570]: CLIENT HELLO (1) was received. Length 16593[16380], frag offset 0, frag length: 16380, sequence: 0
|<3>| ASSERT: buffers.c[_gnutls_parse_record_buffered_msgs]:1302
|<3>| ASSERT: buffers.c[get_last_packet]:1171
|<5>| REC[0x1374570]: SSL 3.3 Handshake packet received. Epoch 0, length: 213
|<5>| REC[0x1374570]: Expected Packet Handshake(22)
|<5>| REC[0x1374570]: Received Packet Handshake(22) with length: 213
|<5>| REC[0x1374570]: Decrypted Packet[3] Handshake(22) with length: 213
|<4>| HSK[0x1374570]: Client's version: 3.3
|<4>| EXT[0x1374570]: Parsing extension 'Supported Versions/43' (5 bytes)
|<4>| EXT[0x1374570]: Found version: 3.4
|<4>| EXT[0x1374570]: Negotiated version: 3.4
|<4>| EXT[0x1374570]: Parsing extension 'Signature Algorithms/13' (6 bytes)
|<4>| EXT[0x1374570]: rcvd signature algo (8.4) RSA-PSS-RSAE-SHA256
|<4>| EXT[0x1374570]: rcvd signature algo (8.9) RSA-PSS-SHA256
|<4>| EXT[0x1374570]: Parsing extension 'Supported Groups/10' (4 bytes)
|<4>| EXT[0x1374570]: Received group SECP256R1 (0x17)
|<4>| EXT[0x1374570]: Selected group SECP256R1
|<4>| HSK[0x1374570]: Received safe renegotiation CS
|<2>| checking 13.01 (GNUTLS_AES_128_GCM_SHA256) for compatibility
|<3>| ASSERT: server_name.c[gnutls_server_name_get]:235
|<4>| HSK[0x1374570]: Requested server name: ''
|<4>| HSK[0x1374570]: checking compat of GNUTLS_AES_128_GCM_SHA256 with certificate[3] (RSA-PSS/X.509)
|<4>| checking cert compat with RSA-PSS-RSAE-SHA256
|<4>| checking cert compat with RSA-PSS-SHA256
|<4>| Selected signature algorithm: RSA-PSS-SHA256
|<2>| Selected (RSA-PSS) cert based on ciphersuite 13.1: GNUTLS_AES_128_GCM_SHA256
|<4>| HSK[0x1374570]: Selected cipher suite: GNUTLS_AES_128_GCM_SHA256
|<4>| HSK[0x1374570]: Selected version TLS1.3
|<4>| EXT[0x1374570]: Parsing extension 'Key Share/51' (71 bytes)
|<4>| EXT[0x1374570]: Received key share for SECP256R1
|<4>| HSK[0x1374570]: Selected group SECP256R1 (2)
|<2>| EXT[0x1374570]: server generated SECP256R1 shared key
|<4>| HSK[0x1374570]: SessionID: 6a8a865722efa66a14559de60ec5bac519f48e7bd30e70d7dddbc6b934774bb0
|<4>| EXT[0x1374570]: Not sending extension (Maximum Record Size/1) for 'TLS 1.3 server hello'
|<4>| EXT[0x1374570]: Not sending extension (OCSP Status Request/5) for 'TLS 1.3 server hello'
|<4>| EXT[0x1374570]: Not sending extension (Client Certificate Type/19) for 'TLS 1.3 server hello'
|<4>| EXT[0x1374570]: Not sending extension (Server Certificate Type/20) for 'TLS 1.3 server hello'
|<4>| EXT[0x1374570]: Not sending extension (Supported Groups/10) for 'TLS 1.3 server hello'
|<4>| EXT[0x1374570]: Not sending extension (Supported EC Point Formats/11) for 'TLS 1.3 server hello'
|<4>| EXT[0x1374570]: Not sending extension (SRP/12) for 'TLS 1.3 server hello'
|<4>| EXT[0x1374570]: Not sending extension (Signature Algorithms/13) for 'TLS 1.3 server hello'
|<4>| EXT[0x1374570]: Not sending extension (SRTP/14) for 'TLS 1.3 server hello'
|<4>| EXT[0x1374570]: Not sending extension (Heartbeat/15) for 'TLS 1.3 server hello'
|<4>| EXT[0x1374570]: Not sending extension (ALPN/16) for 'TLS 1.3 server hello'
|<4>| EXT[0x1374570]: Not sending extension (Encrypt-then-MAC/22) for 'TLS 1.3 server hello'
|<4>| EXT[0x1374570]: Not sending extension (Extended Master Secret/23) for 'TLS 1.3 server hello'
|<4>| EXT[0x1374570]: Not sending extension (Session Ticket/35) for 'TLS 1.3 server hello'
|<4>| EXT[0x1374570]: Preparing extension (Key Share/51) for 'TLS 1.3 server hello'
|<4>| EXT[0x1374570]: sending key share for SECP256R1
|<4>| EXT[0x1374570]: Sending extension Key Share/51 (69 bytes)
|<4>| EXT[0x1374570]: Preparing extension (Supported Versions/43) for 'TLS 1.3 server hello'
|<4>| EXT[0x1374570]: Sending extension Supported Versions/43 (2 bytes)
|<4>| EXT[0x1374570]: Not sending extension (Post Handshake Auth/49) for 'TLS 1.3 server hello'
|<4>| EXT[0x1374570]: Not sending extension (Safe Renegotiation/65281) for 'TLS 1.3 server hello'
|<4>| EXT[0x1374570]: Not sending extension (Server Name Indication/0) for 'TLS 1.3 server hello'
|<4>| EXT[0x1374570]: Not sending extension (Cookie/44) for 'TLS 1.3 server hello'
|<4>| EXT[0x1374570]: Not sending extension (Early Data/42) for 'TLS 1.3 server hello'
|<4>| EXT[0x1374570]: Preparing extension (PSK Key Exchange Modes/45) for 'TLS 1.3 server hello'
|<4>| EXT[0x1374570]: Not sending extension (Record Size Limit/28) for 'TLS 1.3 server hello'
|<4>| EXT[0x1374570]: Not sending extension (ClientHello Padding/21) for 'TLS 1.3 server hello'
|<4>| EXT[0x1374570]: Preparing extension (Pre Shared Key/41) for 'TLS 1.3 server hello'
|<4>| HSK[0x1374570]: SERVER HELLO was queued [155 bytes]
|<5>| REC[0x1374570]: Initializing epoch #1
|<5>| REC[0x1374570]: Epoch #1 ready
|<4>| HSK[0x1374570]: TLS 1.3 re-key with cipher suite: GNUTLS_AES_128_GCM_SHA256
|<4>| EXT[0x1374570]: Preparing extension (Maximum Record Size/1) for 'encrypted extensions'
|<4>| EXT[0x1374570]: Not sending extension (OCSP Status Request/5) for 'encrypted extensions'
|<4>| EXT[0x1374570]: Preparing extension (Client Certificate Type/19) for 'encrypted extensions'
|<4>| EXT[0x1374570]: Preparing extension (Server Certificate Type/20) for 'encrypted extensions'
|<4>| EXT[0x1374570]: Preparing extension (Supported Groups/10) for 'encrypted extensions'
|<4>| EXT[0x1374570]: Not sending extension (Supported EC Point Formats/11) for 'encrypted extensions'
|<4>| EXT[0x1374570]: Not sending extension (SRP/12) for 'encrypted extensions'
|<4>| EXT[0x1374570]: Not sending extension (Signature Algorithms/13) for 'encrypted extensions'
|<4>| EXT[0x1374570]: Preparing extension (SRTP/14) for 'encrypted extensions'
|<4>| EXT[0x1374570]: Preparing extension (Heartbeat/15) for 'encrypted extensions'
|<4>| EXT[0x1374570]: Preparing extension (ALPN/16) for 'encrypted extensions'
|<4>| EXT[0x1374570]: Not sending extension (Encrypt-then-MAC/22) for 'encrypted extensions'
|<4>| EXT[0x1374570]: Not sending extension (Extended Master Secret/23) for 'encrypted extensions'
|<4>| EXT[0x1374570]: Not sending extension (Session Ticket/35) for 'encrypted extensions'
|<4>| EXT[0x1374570]: Not sending extension (Key Share/51) for 'encrypted extensions'
|<4>| EXT[0x1374570]: Not sending extension (Supported Versions/43) for 'encrypted extensions'
|<4>| EXT[0x1374570]: Not sending extension (Post Handshake Auth/49) for 'encrypted extensions'
|<4>| EXT[0x1374570]: Not sending extension (Safe Renegotiation/65281) for 'encrypted extensions'
|<4>| EXT[0x1374570]: Preparing extension (Server Name Indication/0) for 'encrypted extensions'
|<4>| EXT[0x1374570]: Not sending extension (Cookie/44) for 'encrypted extensions'
|<4>| EXT[0x1374570]: Not sending extension (Early Data/42) for 'encrypted extensions'
|<4>| EXT[0x1374570]: Not sending extension (PSK Key Exchange Modes/45) for 'encrypted extensions'
|<4>| EXT[0x1374570]: Preparing extension (Record Size Limit/28) for 'encrypted extensions'
|<4>| EXT[0x1374570]: Not sending extension (ClientHello Padding/21) for 'encrypted extensions'
|<4>| EXT[0x1374570]: Not sending extension (Pre Shared Key/41) for 'encrypted extensions'
|<4>| HSK[0x1374570]: ENCRYPTED EXTENSIONS was queued [6 bytes]
|<4>| HSK[0x1374570]: CERTIFICATE was queued [874 bytes]
|<4>| checking cert compat with RSA-PSS-RSAE-SHA256
|<4>| checking cert compat with RSA-PSS-SHA256
|<4>| HSK[0x1374570]: signing TLS 1.3 handshake data: using RSA-PSS-SHA256 and PRF: SHA256
|<3>| ASSERT: mpi.c[wrap_nettle_mpi_print]:60
|<4>| HSK[0x1374570]: CERTIFICATE VERIFY was queued [264 bytes]
|<4>| HSK[0x1374570]: sending finished
|<4>| HSK[0x1374570]: FINISHED was queued [36 bytes]
|<5>| REC[0x1374570]: Preparing Packet Handshake(22) with length: 155 and min pad: 0
|<5>| REC[0x1374570]: Sent Packet[3] Handshake(22) in epoch 0 and length: 160
|<5>| REC[0x1374570]: Preparing Packet Handshake(22) with length: 6 and min pad: 0
|<5>| REC[0x1374570]: Sent Packet[1] Handshake(22) in epoch 1 and length: 28
|<5>| REC[0x1374570]: Preparing Packet Handshake(22) with length: 874 and min pad: 0
|<5>| REC[0x1374570]: Sent Packet[2] Handshake(22) in epoch 1 and length: 896
|<5>| REC[0x1374570]: Preparing Packet Handshake(22) with length: 264 and min pad: 0
|<5>| REC[0x1374570]: Sent Packet[3] Handshake(22) in epoch 1 and length: 286
|<5>| REC[0x1374570]: Preparing Packet Handshake(22) with length: 36 and min pad: 0
|<5>| REC[0x1374570]: Sent Packet[4] Handshake(22) in epoch 1 and length: 58
|<3>| ASSERT: constate.c[_gnutls_epoch_get]:836
|<5>| REC[0x1374570]: Allocating epoch #2
|<4>| HSK[0x1374570]: unauthenticated session eligible for early start
|<5>| REC[0x1374570]: Initializing epoch #2
|<5>| REC[0x1374570]: Epoch #2 ready
|<4>| HSK[0x1374570]: TLS 1.3 set write key with cipher suite: GNUTLS_AES_128_GCM_SHA256
|<4>| HSK[0x1374570]: switching early to application traffic keys
|<4>| HSK[0x1374570]: NEW SESSION TICKET was queued [203 bytes]
|<5>| REC[0x1374570]: Preparing Packet Handshake(22) with length: 203 and min pad: 0
|<5>| REC[0x1374570]: Sent Packet[1] Handshake(22) in epoch 2 and length: 225
|<3>| ASSERT: buffers.c[get_last_packet]:1171
|<3>| ASSERT: buffers.c[_gnutls_stream_read]:369
|<3>| ASSERT: buffers.c[_gnutls_io_read_buffered]:589
|<3>| ASSERT: record.c[recv_headers]:1169
|<3>| ASSERT: record.c[_gnutls_recv_in_buffers]:1300
|<3>| ASSERT: buffers.c[_gnutls_handshake_io_recv_int]:1448
|<3>| ASSERT: handshake.c[_gnutls_recv_handshake]:1497
|<3>| ASSERT: tls13/finished.c[_gnutls13_recv_finished]:101
|<3>| ASSERT: handshake-tls13.c[_gnutls13_handshake_server]:481
Error in handshake: Error in the pull function.
|<5>| REC: Sending Alert[2|80] - Internal error
|<5>| REC[0x1374570]: Preparing Packet Alert(21) with length: 2 and min pad: 0
|<2>| WRITE: -1 returned from 0x5, errno: 32
|<3>| ASSERT: buffers.c[errno_to_gerr]:230
|<3>| ASSERT: buffers.c[_gnutls_io_write_flush]:722
|<3>| ASSERT: record.c[_gnutls_send_tlen_int]:572
|<5>| REC[0x1374570]: Start of epoch cleanup
|<5>| REC[0x1374570]: Epoch #0 freed
|<5>| REC[0x1374570]: End of epoch cleanup
|<5>| REC[0x1374570]: Epoch #1 freed
|<5>| REC[0x1374570]: Epoch #2 freed
|<5>| REC[0x1374570]: Allocating epoch #0
|<2>| added 2 protocols, 43 ciphersuites, 18 sig algos and 9 groups into priority list
* Accepted connection from IPv4 127.0.0.1 port 38576 on Mon Nov 12 14:41:23 2018
|<5>| REC[0x1374570]: Allocating epoch #1
|<3>| ASSERT: buffers.c[get_last_packet]:1171
|<5>| REC[0x1374570]: SSL 3.0 Handshake packet received. Epoch 0, length: 16384
|<5>| REC[0x1374570]: Expected Packet Handshake(22)
|<5>| REC[0x1374570]: Received Packet Handshake(22) with length: 16384
|<5>| REC[0x1374570]: Decrypted Packet[0] Handshake(22) with length: 16384
|<4>| HSK[0x1374570]: CLIENT HELLO (1) was received. Length 16524[16380], frag offset 0, frag length: 16380, sequence: 0
|<3>| ASSERT: buffers.c[_gnutls_parse_record_buffered_msgs]:1302
|<3>| ASSERT: buffers.c[get_last_packet]:1171
|<5>| REC[0x1374570]: SSL 3.0 Handshake packet received. Epoch 0, length: 144
|<5>| REC[0x1374570]: Expected Packet Handshake(22)
|<5>| REC[0x1374570]: Received Packet Handshake(22) with length: 144
|<5>| REC[0x1374570]: Decrypted Packet[1] Handshake(22) with length: 144
|<4>| HSK[0x1374570]: Client's version: 3.3
|<4>| EXT[0x1374570]: Parsing extension 'Supported Versions/43' (5 bytes)
|<4>| EXT[0x1374570]: Found version: 3.4
|<4>| EXT[0x1374570]: Negotiated version: 3.4
|<4>| EXT[0x1374570]: Parsing extension 'Supported Groups/10' (4 bytes)
|<4>| EXT[0x1374570]: Received group SECP256R1 (0x17)
|<4>| EXT[0x1374570]: Selected group SECP256R1
|<4>| EXT[0x1374570]: Parsing extension 'Signature Algorithms/13' (6 bytes)
|<4>| EXT[0x1374570]: rcvd signature algo (8.4) RSA-PSS-RSAE-SHA256
|<4>| EXT[0x1374570]: rcvd signature algo (8.9) RSA-PSS-SHA256
|<4>| HSK[0x1374570]: Received safe renegotiation CS
|<2>| checking 13.01 (GNUTLS_AES_128_GCM_SHA256) for compatibility
|<3>| ASSERT: server_name.c[gnutls_server_name_get]:235
|<4>| HSK[0x1374570]: Requested server name: ''
|<4>| HSK[0x1374570]: checking compat of GNUTLS_AES_128_GCM_SHA256 with certificate[3] (RSA-PSS/X.509)
|<4>| checking cert compat with RSA-PSS-RSAE-SHA256
|<4>| checking cert compat with RSA-PSS-SHA256
|<4>| Selected signature algorithm: RSA-PSS-SHA256
|<2>| Selected (RSA-PSS) cert based on ciphersuite 13.1: GNUTLS_AES_128_GCM_SHA256
|<4>| HSK[0x1374570]: Selected cipher suite: GNUTLS_AES_128_GCM_SHA256
|<4>| HSK[0x1374570]: Selected version TLS1.3
|<4>| EXT[0x1374570]: Parsing extension 'Key Share/51' (2 bytes)
|<3>| ASSERT: key_share.c[key_share_recv_params]:575
|<3>| ASSERT: hello_ext.c[hello_ext_parse]:273
|<3>| ASSERT: extv.c[_gnutls_extv_parse]:69
|<3>| ASSERT: hello_ext.c[_gnutls_parse_hello_extensions]:306
|<3>| ASSERT: handshake.c[read_client_hello]:820
|<3>| ASSERT: handshake.c[_gnutls_recv_handshake]:1538
|<4>| EXT[0x1374570]: Not sending extension (Maximum Record Size/1) for 'hello retry request'
|<4>| EXT[0x1374570]: Not sending extension (OCSP Status Request/5) for 'hello retry request'
|<4>| EXT[0x1374570]: Not sending extension (Client Certificate Type/19) for 'hello retry request'
|<4>| EXT[0x1374570]: Not sending extension (Server Certificate Type/20) for 'hello retry request'
|<4>| EXT[0x1374570]: Not sending extension (Supported Groups/10) for 'hello retry request'
|<4>| EXT[0x1374570]: Not sending extension (Supported EC Point Formats/11) for 'hello retry request'
|<4>| EXT[0x1374570]: Not sending extension (SRP/12) for 'hello retry request'
|<4>| EXT[0x1374570]: Not sending extension (Signature Algorithms/13) for 'hello retry request'
|<4>| EXT[0x1374570]: Not sending extension (SRTP/14) for 'hello retry request'
|<4>| EXT[0x1374570]: Not sending extension (Heartbeat/15) for 'hello retry request'
|<4>| EXT[0x1374570]: Not sending extension (ALPN/16) for 'hello retry request'
|<4>| EXT[0x1374570]: Not sending extension (Encrypt-then-MAC/22) for 'hello retry request'
|<4>| EXT[0x1374570]: Not sending extension (Extended Master Secret/23) for 'hello retry request'
|<4>| EXT[0x1374570]: Not sending extension (Session Ticket/35) for 'hello retry request'
|<4>| EXT[0x1374570]: Preparing extension (Key Share/51) for 'hello retry request'
|<4>| HSK[0x1374570]: Selected group SECP256R1 (2)
|<4>| EXT[0x1374570]: requesting retry with group SECP256R1
|<4>| EXT[0x1374570]: Sending extension Key Share/51 (2 bytes)
|<4>| EXT[0x1374570]: Preparing extension (Supported Versions/43) for 'hello retry request'
|<4>| EXT[0x1374570]: Sending extension Supported Versions/43 (2 bytes)
|<4>| EXT[0x1374570]: Not sending extension (Post Handshake Auth/49) for 'hello retry request'
|<4>| EXT[0x1374570]: Not sending extension (Safe Renegotiation/65281) for 'hello retry request'
|<4>| EXT[0x1374570]: Not sending extension (Server Name Indication/0) for 'hello retry request'
|<4>| EXT[0x1374570]: Preparing extension (Cookie/44) for 'hello retry request'
|<4>| EXT[0x1374570]: Not sending extension (Early Data/42) for 'hello retry request
Expected results:
Test cases pass.