TLS handshake failed

1,412 views

Skip to first unread message

kloc...@gmail.com

unread,

Aug 2, 2016, 4:54:31 PM8/2/16

to tunnelblick-discuss

We have 1 person unable to negotiate the TLS handshake, here is the situation:

- users in the US and internationally can connect without problem

- one international user:

- could previously connect

- cannot connect from his home as of a few days ago

- can connect from a friend's house (different ISP)

- able to establish a test udp connection with the server (using netcat on both ends)

We had him turn logging up to 6, and the TLS connection setup looks out of whack, not sure why:

2016-08-02 17:55:57 us=409976 MANAGEMENT: >STATE:1470153357,AUTH,,,

2016-08-02 17:55:57 us=410114 TLS: Initial packet from [AF_INET]51.24.45.108:1195, sid=19300993 49b2ead4

2016-08-02 17:55:57 us=410645 UDPv4 WRITE [22] to [AF_INET]51.24.45.108:1195: P_ACK_V1 kid=0 [ 0 ]

2016-08-02 17:55:57 us=410908 WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this

2016-08-02 17:55:57 us=411470 UDPv4 WRITE [275] to [AF_INET]51.24.45.108:1195: P_CONTROL_V1 kid=0 [ ] pid=1 DATA len=261

2016-08-02 17:55:57 us=656959 UDPv4 READ [14] from [AF_INET]51.24.45.108:1195: P_CONTROL_HARD_RESET_SERVER_V2 kid=0 [ ] pid=0 DATA len=0

2016-08-02 17:55:57 us=657196 UDPv4 WRITE [22] to [AF_INET]51.24.45.108:1195: P_ACK_V1 kid=0 [ 0 ]

2016-08-02 17:55:59 us=843316 UDPv4 WRITE [275] to [AF_INET]51.24.45.108:1195: P_CONTROL_V1 kid=0 [ ] pid=1 DATA len=261

2016-08-02 17:56:00 us=139918 UDPv4 READ [14] from [AF_INET]51.24.45.108:1195: P_CONTROL_HARD_RESET_SERVER_V2 kid=0 [ ] pid=0 DATA len=0

2016-08-02 17:56:00 us=146655 UDPv4 WRITE [22] to [AF_INET]51.24.45.108:1195: P_ACK_V1 kid=0 [ 0 ]

2016-08-02 17:56:02 us=607213 UDPv4 READ [14] from [AF_INET]51.24.45.108:1195: P_CONTROL_HARD_RESET_SERVER_V2 kid=0 [ ] pid=0 DATA len=0

2016-08-02 17:56:02 us=607700 UDPv4 WRITE [22] to [AF_INET]51.24.45.108:1195: P_ACK_V1 kid=0 [ 0 ]

2016-08-02 17:56:03 us=709300 UDPv4 WRITE [275] to [AF_INET]51.24.45.108:1195: P_CONTROL_V1 kid=0 [ ] pid=1 DATA len=261

2016-08-02 17:56:09 us=977678 UDPv4 READ [14] from [AF_INET]51.24.45.108:1195: P_CONTROL_HARD_RESET_SERVER_V2 kid=0 [ ] pid=0 DATA len=0

2016-08-02 17:56:09 us=977959 UDPv4 WRITE [22] to [AF_INET]51.24.45.108:1195: P_ACK_V1 kid=0 [ 0 ]

2016-08-02 17:56:11 us=61387 UDPv4 WRITE [275] to [AF_INET]51.24.45.108:1195: P_CONTROL_V1 kid=0 [ ] pid=1 DATA len=261

2016-08-02 17:56:27 us=974523 UDPv4 WRITE [275] to [AF_INET]51.24.45.108:1195: P_CONTROL_V1 kid=0 [ ] pid=1 DATA len=261

2016-08-02 17:56:31 us=703790 UDPv4 READ [22] from [AF_INET]51.24.45.108:1195: P_ACK_V1 kid=0 [ 0 ]

2016-08-02 17:56:39 us=224428 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)

2016-08-02 17:56:39 us=224597 TLS Error: TLS handshake failed

2016-08-02 17:56:39 us=224786 TCP/UDP: Closing socket

2016-08-02 17:56:39 us=225035 SIGUSR1[soft,tls-error] received, process restarting

2016-08-02 17:56:39 us=225177 MANAGEMENT: >STATE:1470153399,RECONNECTING,tls-error,,

Help would be much appreciated, he's sidelined and frustrated, and this is beyond my networking abilities.

- Kevin

Here is the full log:

------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------

*Tunnelblick: OS X 10.11.6; Tunnelblick 3.6.5 (build 4566); prior version 3.6.4a (build 4561); Admin user

git commit 1ce99d52f26c980e108e5d21a6500f33f12607bf

Configuration company-staging

"Sanitized" condensed configuration file for /Users/kush/Library/Application Support/Tunnelblick/Configurations/company-staging.tblk:

client

dev tun

proto udp

remote stg-vpn.foobar.com 1195

resolv-retry infinite

nobind

persist-key

persist-tun

comp-lzo

verb 3

auth-user-pass

<ca>

[Security-related line(s) omitted]

</ca>

<cert>

[Security-related line(s) omitted]

</cert>

<key>

[Security-related line(s) omitted]

</key>

================================================================================

Non-Apple kexts that are loaded:

Index Refs Address Size Wired Name (Version) UUID <Linked Against>

144 0 0xffffff7f82ede000 0x14000 0x14000 com.intel.kext.intelhaxm (6.0.1) 8FF2C637-0A5E-367E-B007-5B08655B1E8A <7 5 4 3 1>

145 3 0xffffff7f82ef2000 0x63000 0x63000 org.virtualbox.kext.VBoxDrv (5.0.20) 63689CCF-CA21-3900-B5C6-487E41A57997 <7 5 4 3 1>

151 0 0xffffff7f82f55000 0x8000 0x8000 org.virtualbox.kext.VBoxUSB (5.0.20) F158578A-D7B0-3B85-B742-9E7867BCF948 <150 145 41 7 5 4 3 1>

152 0 0xffffff7f82f5d000 0x5000 0x5000 org.virtualbox.kext.VBoxNetFlt (5.0.20) FF55D9DF-7F3D-3827-BE31-B319D57BBCF8 <145 7 5 4 3 1>

153 0 0xffffff7f82f62000 0x6000 0x6000 org.virtualbox.kext.VBoxNetAdp (5.0.20) FEA9836D-EE06-392E-903E-9CDC607668D5 <145 5 4 1>

186 0 0xffffff7f82fd0000 0x3000 0x3000 com.avast.PacketForwarder (2.1) DF6C7E21-ED1D-328A-8285-4B2BB47556BA <4 1>

187 0 0xffffff7f82fd3000 0x8000 0x8000 com.avast.AvastFileShield (3.0.0) 68E49DA0-3DB6-3633-A350-F82518DEC2DF <5 4 1>

================================================================================

There are no unusual files in company-staging.tblk

================================================================================

Configuration preferences:

autoConnect = 0

-onSystemStart = 0

-keychainHasUsernameAndPassword = 1

-notOKToCheckThatIPAddressDidNotChangeAfterConnection = 0

-loggingLevel = 6

-lastConnectionSucceeded = 0

================================================================================

Wildcard preferences:

-notOKToCheckThatIPAddressDidNotChangeAfterConnection = 1

================================================================================

Program preferences:

skipWarningAboutSimultaneousConnections = 1

launchAtNextLogin = 1

notOKToCheckThatIPAddressDidNotChangeAfterConnection = 1

askedUserIfOKToCheckThatIPAddressDidNotChangeAfterConnection = 1

tunnelblickVersionHistory = (

"3.6.5 (build 4566)",

"3.6.4a (build 4561)",

"3.6.3 (build 4560)",

"3.6.2 (build 4558)",

"3.6.0a (build 4543.4546)",

"3.5.8 (build 4270.4530)",

"3.5.7 (build 4270.4517)",

"3.5.6 (build 4270.4505)",

"3.5.5 (build 4270.4461)",

"3.5.4 (build 4270.4395)"

)

statusDisplayNumber = 0

lastLaunchTime = 491846123.761522

connectionWindowDisplayCriteria = showWhenConnecting

maxLogDisplaySize = 102400

lastConnectedDisplayName = company-production

keyboardShortcutIndex = 1

updateCheckAutomatically = 1

updateSendProfileInfo = 0

tunnelblickdHash = 004cdba8e08abd144bc48409040bc80e29c12ee9741ed7d73754f51d2547f7ea

tunnelblickdPlistHash = ce400d395d1801b003398461b5420021f4d591822783a04b79b2f43956d28620

NSWindow Frame SettingsSheetWindow = 1035 530 829 524 0 0 1920 1057

NSWindow Frame ConnectingWindow = 765 653 389 187 0 0 1920 1057

NSWindow Frame SUStatusFrame = 768 697 384 129 0 0 1920 1057

detailsWindowFrameVersion = 4566

detailsWindowFrame = {{-1172, 215}, {992, 668}}

detailsWindowLeftFrame = {{0, 0}, {179, 550}}

detailsWindowViewIndex = 0

detailsWindowConfigurationsTabIdentifier = settings

leftNavSelectedDisplayName = company-staging

AdvancedWindowTabIdentifier = connectingAndDisconnecting

haveDealtWithSparkle1dot5b6 = 1

haveDealtWithOldTunTapPreferences = 1

haveDealtWithOldLoginItem = 1

SUEnableAutomaticChecks = 1

SUFeedURL = https://www.tunnelblick.net/appcast-s.rss

SUScheduledCheckInterval = 86400

SUSendProfileInfo = 0

SULastCheckTime = 2016-08-02 15:55:23 +0000

SULastProfileSubmissionDate = 2016-01-28 19:44:58 +0000

SUHasLaunchedBefore = 1

WebKitDefaultFontSize = 11

WebKitStandardFont = .AppleSystemUIFont

================================================================================

Tunnelblick Log:

*Tunnelblick: OS X 10.11.6; Tunnelblick 3.6.5 (build 4566); prior version 3.6.4a (build 4561)

2016-08-02 17:55:37 *Tunnelblick: Attempting connection with company-staging using shadow copy; Set nameserver = 1537; monitoring connection

2016-08-02 17:55:37 *Tunnelblick: openvpnstart start company-staging.tblk 1338 1537 0 1 0 1065264 -ptADGNWradsgnw 2.3.11

2016-08-02 17:55:38 *Tunnelblick: openvpnstart log:

OpenVPN started successfully. Command used to start OpenVPN (one argument per displayed line):

/Applications/Tunnelblick.app/Contents/Resources/openvpn/openvpn-2.3.11/openvpn

--daemon

--log

/Library/Application Support/Tunnelblick/Logs/-SUsers-Skush-SLibrary-SApplication Support-STunnelblick-SConfigurations-Scompany--staging.tblk-SContents-SResources-Sconfig.ovpn.1537_0_1_0_1065264.1338.openvpn.log

--cd

/Library/Application Support/Tunnelblick/Users/kush/company-staging.tblk/Contents/Resources

--verb

--config

/Library/Application Support/Tunnelblick/Users/kush/company-staging.tblk/Contents/Resources/config.ovpn

--verb

--cd

/Library/Application Support/Tunnelblick/Users/kush/company-staging.tblk/Contents/Resources

--management

127.0.0.1

1338

--management-query-passwords

--management-hold

--script-security

--up

/Applications/Tunnelblick.app/Contents/Resources/client.up.tunnelblick.sh -9 -d -f -m -w -ptADGNWradsgnw

--down

/Applications/Tunnelblick.app/Contents/Resources/client.down.tunnelblick.sh -9 -d -f -m -w -ptADGNWradsgnw

2016-08-02 17:55:37 *Tunnelblick: openvpnstart starting OpenVPN

2016-08-02 17:55:38 *Tunnelblick: Established communication with OpenVPN

2016-08-02 17:55:38 *Tunnelblick: Obtained VPN username and password from the Keychain

2016-08-02 17:55:38 us=195764 Current Parameter Settings:

2016-08-02 17:55:38 us=195989 config = '/Library/Application Support/Tunnelblick/Users/kush/company-staging.tblk/Contents/Resources/config.ovpn'

2016-08-02 17:55:38 us=196002 mode = 0

2016-08-02 17:55:38 us=196011 show_ciphers = DISABLED

2016-08-02 17:55:38 us=196019 show_digests = DISABLED

2016-08-02 17:55:38 us=196027 show_engines = DISABLED

2016-08-02 17:55:38 us=196035 genkey = DISABLED

2016-08-02 17:55:38 us=196044 key_pass_file = '[UNDEF]'

2016-08-02 17:55:38 us=196052 show_tls_ciphers = DISABLED

2016-08-02 17:55:38 us=196060 Connection profiles [default]:

2016-08-02 17:55:38 us=196072 proto = udp

2016-08-02 17:55:38 us=196080 local = '[UNDEF]'

2016-08-02 17:55:38 us=196088 local_port = 0

2016-08-02 17:55:38 us=196096 remote = 'stg-vpn.pvsher.com'

2016-08-02 17:55:38 us=196118 remote_port = 1195

2016-08-02 17:55:38 us=196127 remote_float = DISABLED

2016-08-02 17:55:38 us=196135 bind_defined = DISABLED

2016-08-02 17:55:38 us=196144 bind_local = DISABLED

2016-08-02 17:55:38 us=196191 connect_retry_seconds = 5

2016-08-02 17:55:38 us=196229 connect_timeout = 10

2016-08-02 17:55:38 us=196243 connect_retry_max = 0

2016-08-02 17:55:38 us=196290 xormethod = 0

2016-08-02 17:55:38 us=196312 xormask = ''

2016-08-02 17:55:38 us=196322 xormasklen = 0

2016-08-02 17:55:38 us=196330 socks_proxy_server = '[UNDEF]'

2016-08-02 17:55:38 us=196338 socks_proxy_port = 0

2016-08-02 17:55:38 us=196346 socks_proxy_retry = DISABLED

2016-08-02 17:55:38 us=196355 tun_mtu = 1500

2016-08-02 17:55:38 us=196363 tun_mtu_defined = ENABLED

2016-08-02 17:55:38 us=196371 link_mtu = 1500

2016-08-02 17:55:38 us=196379 link_mtu_defined = DISABLED

2016-08-02 17:55:38 us=196388 tun_mtu_extra = 0

2016-08-02 17:55:38 us=196396 tun_mtu_extra_defined = DISABLED

2016-08-02 17:55:38 us=196404 mtu_discover_type = -1

2016-08-02 17:55:38 us=196413 fragment = 0

2016-08-02 17:55:38 us=196421 mssfix = 1450

2016-08-02 17:55:38 us=196429 explicit_exit_notification = 0

2016-08-02 17:55:38 us=196437 Connection profiles END

2016-08-02 17:55:38 us=196445 remote_random = DISABLED

2016-08-02 17:55:38 us=196453 ipchange = '[UNDEF]'

2016-08-02 17:55:38 us=196461 dev = 'tun'

2016-08-02 17:55:38 us=196470 dev_type = '[UNDEF]'

2016-08-02 17:55:38 us=196478 dev_node = '[UNDEF]'

2016-08-02 17:55:38 us=196486 lladdr = '[UNDEF]'

2016-08-02 17:55:38 us=196494 topology = 1

2016-08-02 17:55:38 us=196502 tun_ipv6 = DISABLED

2016-08-02 17:55:38 us=196510 ifconfig_local = '[UNDEF]'

2016-08-02 17:55:38 us=196518 ifconfig_remote_netmask = '[UNDEF]'

2016-08-02 17:55:38 us=196527 ifconfig_noexec = DISABLED

2016-08-02 17:55:38 us=196535 ifconfig_nowarn = DISABLED

2016-08-02 17:55:38 us=196543 ifconfig_ipv6_local = '[UNDEF]'

2016-08-02 17:55:38 us=196551 ifconfig_ipv6_netbits = 0

2016-08-02 17:55:38 us=196559 ifconfig_ipv6_remote = '[UNDEF]'

2016-08-02 17:55:38 us=196567 shaper = 0

2016-08-02 17:55:38 us=196575 mtu_test = 0

2016-08-02 17:55:38 us=196584 mlock = DISABLED

2016-08-02 17:55:38 us=196598 keepalive_ping = 0

2016-08-02 17:55:38 us=196624 keepalive_timeout = 0

2016-08-02 17:55:38 us=196637 inactivity_timeout = 0

2016-08-02 17:55:38 us=196646 ping_send_timeout = 0

2016-08-02 17:55:38 us=196654 ping_rec_timeout = 0

2016-08-02 17:55:38 us=196662 ping_rec_timeout_action = 0

2016-08-02 17:55:38 us=196670 ping_timer_remote = DISABLED

2016-08-02 17:55:38 us=196678 remap_sigusr1 = 0

2016-08-02 17:55:38 us=196686 persist_tun = ENABLED

2016-08-02 17:55:38 us=196695 persist_local_ip = DISABLED

2016-08-02 17:55:38 us=196703 persist_remote_ip = DISABLED

2016-08-02 17:55:38 us=196711 persist_key = ENABLED

2016-08-02 17:55:38 us=196734 passtos = DISABLED

2016-08-02 17:55:38 us=196743 resolve_retry_seconds = 1000000000

2016-08-02 17:55:38 us=196751 username = '[UNDEF]'

2016-08-02 17:55:38 us=196759 groupname = '[UNDEF]'

2016-08-02 17:55:38 us=196767 chroot_dir = '[UNDEF]'

2016-08-02 17:55:38 us=196775 cd_dir = '/Library/Application Support/Tunnelblick/Users/kush/company-staging.tblk/Contents/Resources'

2016-08-02 17:55:38 us=196783 writepid = '[UNDEF]'

2016-08-02 17:55:38 us=196791 up_script = '/Applications/Tunnelblick.app/Contents/Resources/client.up.tunnelblick.sh -9 -d -f -m -w -ptADGNWradsgnw'

2016-08-02 17:55:38 us=196803 down_script = '/Applications/Tunnelblick.app/Contents/Resources/client.down.tunnelblick.sh -9 -d -f -m -w -ptADGNWradsgnw'

2016-08-02 17:55:38 us=196812 down_pre = DISABLED

2016-08-02 17:55:38 us=196820 up_restart = DISABLED

2016-08-02 17:55:38 us=196828 up_delay = DISABLED

2016-08-02 17:55:38 us=196836 daemon = ENABLED

2016-08-02 17:55:38 us=196844 inetd = 0

2016-08-02 17:55:38 us=196852 log = ENABLED

2016-08-02 17:55:38 us=196860 suppress_timestamps = DISABLED

2016-08-02 17:55:38 us=196868 nice = 0

2016-08-02 17:55:38 us=196876 verbosity = 6

2016-08-02 17:55:38 us=196884 mute = 0

2016-08-02 17:55:38 us=196892 status_file = '[UNDEF]'

2016-08-02 17:55:38 us=196900 status_file_version = 1

2016-08-02 17:55:38 us=196909 status_file_update_freq = 60

2016-08-02 17:55:38 us=196916 occ = ENABLED

2016-08-02 17:55:38 us=196924 rcvbuf = 0

2016-08-02 17:55:38 us=196932 sndbuf = 0

2016-08-02 17:55:38 us=196940 sockflags = 0

2016-08-02 17:55:38 us=196948 fast_io = DISABLED

2016-08-02 17:55:38 us=196956 lzo = 7

2016-08-02 17:55:38 us=196964 route_script = '[UNDEF]'

2016-08-02 17:55:38 us=196972 route_default_gateway = '[UNDEF]'

2016-08-02 17:55:38 us=196980 route_default_metric = 0

2016-08-02 17:55:38 us=196988 route_noexec = DISABLED

2016-08-02 17:55:38 us=196997 route_delay = 0

2016-08-02 17:55:38 us=197005 route_delay_window = 30

2016-08-02 17:55:38 us=197013 route_delay_defined = DISABLED

2016-08-02 17:55:38 us=197022 route_nopull = DISABLED

2016-08-02 17:55:38 us=197030 route_gateway_via_dhcp = DISABLED

2016-08-02 17:55:38 us=197039 max_routes = 100

2016-08-02 17:55:38 us=197047 allow_pull_fqdn = DISABLED

2016-08-02 17:55:38 us=197055 management_addr = '127.0.0.1'

2016-08-02 17:55:38 us=197064 management_port = 1338

2016-08-02 17:55:38 us=197072 management_user_pass = '[UNDEF]'

2016-08-02 17:55:38 us=197081 management_log_history_cache = 250

2016-08-02 17:55:38 us=197089 management_echo_buffer_size = 100

2016-08-02 17:55:38 us=197286 management_write_peer_info_file = '[UNDEF]'

2016-08-02 17:55:38 us=197309 management_client_user = '[UNDEF]'

2016-08-02 17:55:38 us=197323 management_client_group = '[UNDEF]'

2016-08-02 17:55:38 us=197338 management_flags = 6

2016-08-02 17:55:38 us=197351 shared_secret_file = '[UNDEF]'

2016-08-02 17:55:38 us=197365 key_direction = 0

2016-08-02 17:55:38 us=197377 ciphername_defined = ENABLED

2016-08-02 17:55:38 us=197390 ciphername = 'BF-CBC'

2016-08-02 17:55:38 us=197402 authname_defined = ENABLED

2016-08-02 17:55:38 us=197414 authname = 'SHA1'

2016-08-02 17:55:38 us=197427 prng_hash = 'SHA1'

2016-08-02 17:55:38 us=197439 prng_nonce_secret_len = 16

2016-08-02 17:55:38 us=197451 keysize = 0

2016-08-02 17:55:38 us=197466 engine = DISABLED

2016-08-02 17:55:38 us=197480 replay = ENABLED

2016-08-02 17:55:38 us=197494 mute_replay_warnings = DISABLED

2016-08-02 17:55:38 us=197509 replay_window = 64

2016-08-02 17:55:38 us=197523 replay_time = 15

2016-08-02 17:55:38 us=197536 packet_id_file = '[UNDEF]'

2016-08-02 17:55:38 us=197550 use_iv = ENABLED

2016-08-02 17:55:38 us=197582 test_crypto = DISABLED

2016-08-02 17:55:38 us=197597 tls_server = DISABLED

2016-08-02 17:55:38 us=197610 tls_client = ENABLED

2016-08-02 17:55:38 us=197624 key_method = 2

2016-08-02 17:55:38 us=197654 ca_file = '[[INLINE]]'

2016-08-02 17:55:38 us=197678 ca_path = '[UNDEF]'

2016-08-02 17:55:38 us=197692 dh_file = '[UNDEF]'

2016-08-02 17:55:38 us=197707 cert_file = '[[INLINE]]'

2016-08-02 17:55:38 us=197722 extra_certs_file = '[UNDEF]'

2016-08-02 17:55:38 us=197736 priv_key_file = '[[INLINE]]'

2016-08-02 17:55:38 us=197757 pkcs12_file = '[UNDEF]'

2016-08-02 17:55:38 us=197920 cipher_list = '[UNDEF]'

2016-08-02 17:55:38 us=197940 tls_verify = '[UNDEF]'

2016-08-02 17:55:38 us=197954 tls_export_cert = '[UNDEF]'

2016-08-02 17:55:38 us=197966 verify_x509_type = 0

2016-08-02 17:55:38 us=197979 verify_x509_name = '[UNDEF]'

2016-08-02 17:55:38 us=197991 crl_file = '[UNDEF]'

2016-08-02 17:55:38 us=198003 ns_cert_type = 0

2016-08-02 17:55:38 us=198016 remote_cert_ku[i] = 0

2016-08-02 17:55:38 us=198028 remote_cert_ku[i] = 0

2016-08-02 17:55:38 us=198041 remote_cert_ku[i] = 0

2016-08-02 17:55:38 us=198055 remote_cert_ku[i] = 0

2016-08-02 17:55:38 us=198067 remote_cert_ku[i] = 0

2016-08-02 17:55:38 us=198081 remote_cert_ku[i] = 0

2016-08-02 17:55:38 us=198093 remote_cert_ku[i] = 0

2016-08-02 17:55:38 us=198106 remote_cert_ku[i] = 0

2016-08-02 17:55:38 us=198119 remote_cert_ku[i] = 0

2016-08-02 17:55:38 us=198152 remote_cert_ku[i] = 0

2016-08-02 17:55:38 us=198165 remote_cert_ku[i] = 0

2016-08-02 17:55:38 us=198177 remote_cert_ku[i] = 0

2016-08-02 17:55:38 us=198191 remote_cert_ku[i] = 0

2016-08-02 17:55:38 us=198203 remote_cert_ku[i] = 0

2016-08-02 17:55:38 us=198217 remote_cert_ku[i] = 0

2016-08-02 17:55:38 us=198230 remote_cert_ku[i] = 0

2016-08-02 17:55:38 us=198245 remote_cert_eku = '[UNDEF]'

2016-08-02 17:55:38 us=198258 ssl_flags = 0

2016-08-02 17:55:38 us=198272 tls_timeout = 2

2016-08-02 17:55:38 us=198285 renegotiate_bytes = 0

2016-08-02 17:55:38 us=198299 renegotiate_packets = 0

2016-08-02 17:55:38 us=198312 renegotiate_seconds = 3600

2016-08-02 17:55:38 us=198325 handshake_window = 60

2016-08-02 17:55:38 us=198339 transition_window = 3600

2016-08-02 17:55:38 us=198352 single_session = DISABLED

2016-08-02 17:55:38 us=198366 push_peer_info = DISABLED

2016-08-02 17:55:38 us=198380 tls_exit = DISABLED

2016-08-02 17:55:38 us=198393 tls_auth_file = '[UNDEF]'

2016-08-02 17:55:38 us=198406 pkcs11_protected_authentication = DISABLED

2016-08-02 17:55:38 us=198419 pkcs11_protected_authentication = DISABLED

2016-08-02 17:55:38 us=198432 pkcs11_protected_authentication = DISABLED

2016-08-02 17:55:38 us=198445 pkcs11_protected_authentication = DISABLED

2016-08-02 17:55:38 us=198458 pkcs11_protected_authentication = DISABLED

2016-08-02 17:55:38 us=198471 pkcs11_protected_authentication = DISABLED

2016-08-02 17:55:38 us=198484 pkcs11_protected_authentication = DISABLED

2016-08-02 17:55:38 us=198497 pkcs11_protected_authentication = DISABLED

2016-08-02 17:55:38 us=198510 pkcs11_protected_authentication = DISABLED

2016-08-02 17:55:38 us=198523 pkcs11_protected_authentication = DISABLED

2016-08-02 17:55:38 us=198536 pkcs11_protected_authentication = DISABLED

2016-08-02 17:55:38 us=198599 pkcs11_protected_authentication = DISABLED

2016-08-02 17:55:38 us=198621 pkcs11_protected_authentication = DISABLED

2016-08-02 17:55:38 us=198635 pkcs11_protected_authentication = DISABLED

2016-08-02 17:55:38 us=198675 pkcs11_protected_authentication = DISABLED

2016-08-02 17:55:38 us=198693 pkcs11_protected_authentication = DISABLED

2016-08-02 17:55:38 us=198708 pkcs11_private_mode = 00000000

2016-08-02 17:55:38 us=198744 pkcs11_private_mode = 00000000

2016-08-02 17:55:38 us=198760 pkcs11_private_mode = 00000000

2016-08-02 17:55:38 us=198775 pkcs11_private_mode = 00000000

2016-08-02 17:55:38 us=198790 pkcs11_private_mode = 00000000

2016-08-02 17:55:38 us=198805 pkcs11_private_mode = 00000000

2016-08-02 17:55:38 us=198818 pkcs11_private_mode = 00000000

2016-08-02 17:55:38 us=198831 pkcs11_private_mode = 00000000

2016-08-02 17:55:38 us=198844 pkcs11_private_mode = 00000000

2016-08-02 17:55:38 us=198857 pkcs11_private_mode = 00000000

2016-08-02 17:55:38 us=198871 pkcs11_private_mode = 00000000

2016-08-02 17:55:38 us=198885 pkcs11_private_mode = 00000000

2016-08-02 17:55:38 us=198897 pkcs11_private_mode = 00000000

2016-08-02 17:55:38 us=198911 pkcs11_private_mode = 00000000

2016-08-02 17:55:38 us=198925 pkcs11_private_mode = 00000000

2016-08-02 17:55:38 us=198940 pkcs11_private_mode = 00000000

2016-08-02 17:55:38 us=198954 pkcs11_cert_private = DISABLED

2016-08-02 17:55:38 us=198968 pkcs11_cert_private = DISABLED

2016-08-02 17:55:38 us=198983 pkcs11_cert_private = DISABLED

2016-08-02 17:55:38 us=198998 pkcs11_cert_private = DISABLED

2016-08-02 17:55:38 us=199013 pkcs11_cert_private = DISABLED

2016-08-02 17:55:38 us=199029 pkcs11_cert_private = DISABLED

2016-08-02 17:55:38 us=199044 pkcs11_cert_private = DISABLED

2016-08-02 17:55:38 us=199059 pkcs11_cert_private = DISABLED

2016-08-02 17:55:38 us=199074 pkcs11_cert_private = DISABLED

2016-08-02 17:55:38 us=199089 pkcs11_cert_private = DISABLED

2016-08-02 17:55:38 us=199103 pkcs11_cert_private = DISABLED

2016-08-02 17:55:38 us=199118 pkcs11_cert_private = DISABLED

2016-08-02 17:55:38 us=199171 pkcs11_cert_private = DISABLED

2016-08-02 17:55:38 us=199185 pkcs11_cert_private = DISABLED

2016-08-02 17:55:38 us=199193 pkcs11_cert_private = DISABLED

2016-08-02 17:55:38 us=199202 pkcs11_cert_private = DISABLED

2016-08-02 17:55:38 us=199211 pkcs11_pin_cache_period = -1

2016-08-02 17:55:38 us=199219 pkcs11_id = '[UNDEF]'

2016-08-02 17:55:38 us=199296 pkcs11_id_management = DISABLED

2016-08-02 17:55:38 us=199353 server_network = 0.0.0.0

2016-08-02 17:55:38 us=199379 server_netmask = 0.0.0.0

2016-08-02 17:55:38 us=199402 server_network_ipv6 = ::

2016-08-02 17:55:38 us=199417 server_netbits_ipv6 = 0

2016-08-02 17:55:38 us=199434 server_bridge_ip = 0.0.0.0

2016-08-02 17:55:38 us=199449 server_bridge_netmask = 0.0.0.0

2016-08-02 17:55:38 us=199466 server_bridge_pool_start = 0.0.0.0

2016-08-02 17:55:38 us=199482 server_bridge_pool_end = 0.0.0.0

2016-08-02 17:55:38 us=199497 ifconfig_pool_defined = DISABLED

2016-08-02 17:55:38 us=199513 ifconfig_pool_start = 0.0.0.0

2016-08-02 17:55:38 us=199528 ifconfig_pool_end = 0.0.0.0

2016-08-02 17:55:38 us=199544 ifconfig_pool_netmask = 0.0.0.0

2016-08-02 17:55:38 us=199558 ifconfig_pool_persist_filename = '[UNDEF]'

2016-08-02 17:55:38 us=199572 ifconfig_pool_persist_refresh_freq = 600

2016-08-02 17:55:38 us=199588 ifconfig_ipv6_pool_defined = DISABLED

2016-08-02 17:55:38 us=199604 ifconfig_ipv6_pool_base = ::

2016-08-02 17:55:38 us=199618 ifconfig_ipv6_pool_netbits = 0

2016-08-02 17:55:38 us=199633 n_bcast_buf = 256

2016-08-02 17:55:38 us=199646 tcp_queue_limit = 64

2016-08-02 17:55:38 us=199658 real_hash_size = 256

2016-08-02 17:55:38 us=199673 virtual_hash_size = 256

2016-08-02 17:55:38 us=199688 client_connect_script = '[UNDEF]'

2016-08-02 17:55:38 us=199703 learn_address_script = '[UNDEF]'

2016-08-02 17:55:38 us=199717 client_disconnect_script = '[UNDEF]'

2016-08-02 17:55:38 us=199731 client_config_dir = '[UNDEF]'

2016-08-02 17:55:38 us=199745 ccd_exclusive = DISABLED

2016-08-02 17:55:38 us=199758 tmp_dir = '/var/folders/_4/gzby0myd6g9cc2n7qd9_gjh40000gq/T/'

2016-08-02 17:55:38 us=199793 push_ifconfig_defined = DISABLED

2016-08-02 17:55:38 us=199811 push_ifconfig_local = 0.0.0.0

2016-08-02 17:55:38 us=199827 push_ifconfig_remote_netmask = 0.0.0.0

2016-08-02 17:55:38 us=199840 push_ifconfig_ipv6_defined = DISABLED

2016-08-02 17:55:38 us=199849 push_ifconfig_ipv6_local = ::/0

2016-08-02 17:55:38 us=199859 push_ifconfig_ipv6_remote = ::

2016-08-02 17:55:38 us=199867 enable_c2c = DISABLED

2016-08-02 17:55:38 us=199875 duplicate_cn = DISABLED

2016-08-02 17:55:38 us=199883 cf_max = 0

2016-08-02 17:55:38 us=199892 cf_per = 0

2016-08-02 17:55:38 us=199900 max_clients = 1024

2016-08-02 17:55:38 us=199908 max_routes_per_client = 256

2016-08-02 17:55:38 us=199917 auth_user_pass_verify_script = '[UNDEF]'

2016-08-02 17:55:38 us=199925 auth_user_pass_verify_script_via_file = DISABLED

2016-08-02 17:55:38 us=199934 port_share_host = '[UNDEF]'

2016-08-02 17:55:38 us=199942 port_share_port = 0

2016-08-02 17:55:38 us=199950 client = ENABLED

2016-08-02 17:55:38 us=199959 pull = ENABLED

2016-08-02 17:55:38 us=199967 auth_user_pass_file = 'stdin'

2016-08-02 17:55:38 us=199978 OpenVPN 2.3.11 x86_64-apple-darwin [SSL (OpenSSL)] [LZO] [PKCS11] [MH] [IPv6] built on Jul 18 2016

2016-08-02 17:55:38 us=199997 library versions: OpenSSL 1.0.2h 3 May 2016, LZO 2.09

2016-08-02 17:55:38 us=201545 MANAGEMENT: TCP Socket listening on [AF_INET]127.0.0.1:1338

2016-08-02 17:55:38 us=201834 Need hold release from management interface, waiting...

2016-08-02 17:55:38 us=525117 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:1338

2016-08-02 17:55:38 us=580262 MANAGEMENT: CMD 'pid'

2016-08-02 17:55:38 us=582483 MANAGEMENT: CMD 'state on'

2016-08-02 17:55:38 us=583204 MANAGEMENT: CMD 'state'

2016-08-02 17:55:38 us=583511 MANAGEMENT: CMD 'bytecount 1'

2016-08-02 17:55:38 us=583713 MANAGEMENT: CMD 'hold release'

2016-08-02 17:55:38 us=699035 MANAGEMENT: CMD 'username "Auth" "kush"'

2016-08-02 17:55:38 us=699393 MANAGEMENT: CMD 'password [...]'

2016-08-02 17:55:38 us=699982 WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info.

2016-08-02 17:55:38 us=700542 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts

2016-08-02 17:55:38 us=702313 LZO compression initialized

2016-08-02 17:55:38 us=702755 Control Channel MTU parms [ L:1542 D:1212 EF:38 EB:0 ET:0 EL:3 ]

2016-08-02 17:55:38 us=703106 Socket Buffers: R=[196724->196724] S=[9216->9216]

2016-08-02 17:55:38 us=703370 MANAGEMENT: >STATE:1470153338,RESOLVE,,,

2016-08-02 17:55:38 us=706846 Data Channel MTU parms [ L:1542 D:1450 EF:42 EB:143 ET:0 EL:3 AF:3/1 ]

2016-08-02 17:55:38 us=707117 Local Options String: 'V4,dev-type tun,link-mtu 1542,tun-mtu 1500,proto UDPv4,comp-lzo,cipher BF-CBC,auth SHA1,keysize 128,key-method 2,tls-client'

2016-08-02 17:55:38 us=707649 Expected Remote Options String: 'V4,dev-type tun,link-mtu 1542,tun-mtu 1500,proto UDPv4,comp-lzo,cipher BF-CBC,auth SHA1,keysize 128,key-method 2,tls-server'

2016-08-02 17:55:38 us=707795 Local Options hash (VER=V4): '41690919'

2016-08-02 17:55:38 us=708497 Expected Remote Options hash (VER=V4): '530fdded'

2016-08-02 17:55:38 us=708873 UDPv4 link local: [undef]

2016-08-02 17:55:38 us=712798 UDPv4 link remote: [AF_INET]51.24.45.108:1195

2016-08-02 17:55:38 us=713039 MANAGEMENT: >STATE:1470153338,WAIT,,,

2016-08-02 17:55:38 us=713528 UDPv4 WRITE [14] to [AF_INET]51.24.45.108:1195: P_CONTROL_HARD_RESET_CLIENT_V2 kid=0 [ ] pid=0 DATA len=0

2016-08-02 17:55:40 us=808407 UDPv4 WRITE [14] to [AF_INET]51.24.45.108:1195: P_CONTROL_HARD_RESET_CLIENT_V2 kid=0 [ ] pid=0 DATA len=0

2016-08-02 17:55:44 us=993815 UDPv4 WRITE [14] to [AF_INET]51.24.45.108:1195: P_CONTROL_HARD_RESET_CLIENT_V2 kid=0 [ ] pid=0 DATA len=0

2016-08-02 17:55:52 us=475109 UDPv4 WRITE [14] to [AF_INET]51.24.45.108:1195: P_CONTROL_HARD_RESET_CLIENT_V2 kid=0 [ ] pid=0 DATA len=0

2016-08-02 17:55:57 us=409793 UDPv4 READ [26] from [AF_INET]51.24.45.108:1195: P_CONTROL_HARD_RESET_SERVER_V2 kid=0 [ 0 ] pid=0 DATA len=0