[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
LDAP SSL session reuse
This maybe a general LDAP, SSL problem and since there are experts on this list who maybe able to help, please don't flame.
We are using an LDAP server, Active Directory, over SSL which appears to default to CertificateRequest in the ServerHello.
I do not see why the CertificateRequest is included but I've modified nss_ldap and pam_ldap to use ldapssl_clientauth_init and ldapssl_enable_clientauth. The following ssldump trace shows that the client certificate is now sent in response to the ServerHello.
However, when the client attempts to reuse an SSL session (e.g. packet "4 1") it appears to result in an error following the ChangeCipherSpec dialog (e.g. packet "4 7" application_data is followed by packet "4 8" HelloRequest).
The application data following the ChangeCipherSpec is always the same (e.g. packets "1 8", "2 8", "3 8", "4 7") and is the result of an ldap_simple_bind, although I've observed the same behaviour with ldap_sasl_bind_s.
Note, the above behaviour occurs even if client certificates are NOT sent e.g. using standard pam_ldap and nss_ldap.
I maybe 2 + 2 = 5... but I have the following questions:
1. any idea why the dialog fails at packet "4 8"?
2. is it OK to call ldap_*_bind when an SSL session is reused?
3. just because I'm curious is it possible to prevent SSL session reuse?
4. any other ideas why this is failing?
I'd really like to get this fixed so any help would be appreciated.
Thanks,
Stuart
Environment: Solaris 5.8, Windows 2K + SP2, Active Directory, PADL pam_ldap nss_ldap, iPlanet LDAP C SDK 5.08
Script started on Thu 23 May 2002 11:17:02 AM BST
#
# ssldump -i hme0 -ANd -p Flapjack -k cpqunix_test2.pem
New TCP connection #1: sun6.reo.cpqcorp.net(33091) <-> cpqtestdc1.cpqunix.net(636)
1 1 0.0028 (0.0028) C>S SSLv2 compatible client hello
Version 3.1
cipher suites
TLS_DHE_DSS_WITH_RC4_128_SHA
TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA
TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA
TLS_RSA_WITH_RC4_128_MD5
Unknown value 0xfeff
TLS_RSA_WITH_3DES_EDE_CBC_SHA
Unknown value 0xfefe
TLS_DHE_RSA_WITH_DES_CBC_SHA
TLS_DHE_DSS_WITH_DES_CBC_SHA
TLS_RSA_WITH_DES_CBC_SHA
TLS_RSA_EXPORT1024_WITH_RC4_56_SHA
TLS_RSA_EXPORT1024_WITH_DES_CBC_SHA
TLS_RSA_EXPORT_WITH_RC4_40_MD5
TLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5
1 2 0.0043 (0.0014) S>CV3.1(3915) Handshake
ServerHello
Version 3.1
random[32]=
d8 6c f2 d0 e2 f2 d3 a0 92 b6 02 1e c9 61 ae fe
0c 01 94 21 ea fe dd 49 27 e7 fe fe d0 80 bf 61
session_id[32]=
9b 04 00 00 ff 49 71 4b a5 f9 a5 41 e4 ea 87 4f
23 72 1a a8 a7 65 06 62 fd 23 cf 96 8d 39 f8 32
cipherSuite TLS_RSA_WITH_RC4_128_MD5
compressionMethod NULL
Certificate
Subject
C=GB
ST=Berks
L=Reading
O=CPQ UNIX ENTERPRISE CA
OU=NAP DP
CN=cpqtestdc1.cpqunix.net
Issuer
C=UK
ST=Berks
L=Reading
O=UNIX LAND
OU=NAP DP
CN=CPQ UNIX ENTERPRISE CA
Serial 61 3c 1f a9 00 00 00 00 00 08
Extensions
Extension: X509v3 Key Usage
Extension: X509v3 Extended Key Usage
Extension: X509v3 Subject Key Identifier
Extension: X509v3 Authority Key Identifier
Extension: X509v3 CRL Distribution Points
Extension: Authority Information Access
Extension: 1.3.6.1.4.1.311.20.2
CertificateRequest
certificate_types rsa_sign
certificate_authority
C=US
O=VeriSign, Inc.
OU=Class 1 Public Primary Certification Authority - G2
OU=(c) 1998 VeriSign, Inc. - For authorized use only
OU=VeriSign Trust Network
certificate_authority
C=US
O=VeriSign, Inc.
OU=Class 4 Public Primary Certification Authority - G2
OU=(c) 1998 VeriSign, Inc. - For authorized use only
OU=VeriSign Trust Network
certificate_authority
C=ZA
ST=Western Cape
L=Cape Town
O=Thawte Consulting
OU=Certification Services Division
CN=Thawte Personal Freemail CA
Email=personal-freemail@thawte.com
certificate_authority
C=UK
ST=Berks
L=Reading
O=UNIX LAND
OU=NAP DP
CN=CPQ UNIX ENTERPRISE CA
certificate_authority
C=ZA
ST=Western Cape
L=Cape Town
O=Thawte Consulting
OU=Certification Services Division
CN=Thawte Personal Premium CA
Email=personal-premium@thawte.com
certificate_authority
C=US
O=First Data Digital Certificates Inc.
CN=First Data Digital Certificates Inc. Certification Authority
certificate_authority
C=ZA
ST=Western Cape
L=Cape Town
O=Thawte Consulting
OU=Certification Services Division
CN=Thawte Personal Basic CA
Email=personal-basic@thawte.com
certificate_authority
C=US
O=VeriSign, Inc.
OU=Class 3 Public Primary Certification Authority
certificate_authority
C=US
O=VeriSign, Inc.
OU=Class 2 Public Primary Certification Authority
certificate_authority
C=US
O=VeriSign, Inc.
OU=Class 1 Public Primary Certification Authority
certificate_authority
C=US
O=VeriSign, Inc.
OU=Class 3 Public Primary Certification Authority - G2
OU=(c) 1998 VeriSign, Inc. - For authorized use only
OU=VeriSign Trust Network
certificate_authority
C=US
O=GTE Corporation
CN=GTE CyberTrust Root
certificate_authority
C=US
O=GTE Corporation
OU=GTE CyberTrust Solutions, Inc.
CN=GTE CyberTrust Global Root
certificate_authority
OU=Copyright (c) 1997 Microsoft Corp.
OU=Microsoft Corporation
CN=Microsoft Root Authority
certificate_authority
C=US
O=VeriSign, Inc.
OU=Class 2 Public Primary Certification Authority - G2
OU=(c) 1998 VeriSign, Inc. - For authorized use only
OU=VeriSign Trust Network
certificate_authority
C=US
O=GTE Corporation
OU=GTE CyberTrust Solutions, Inc.
CN=GTE CyberTrust Root
ServerHelloDone
1 3 0.0430 (0.0387) C>SV3.1(1688) Handshake
Certificate
Subject
CN=Administrator
Issuer
C=UK
ST=Berks
L=Reading
O=UNIX LAND
OU=NAP DP
CN=CPQ UNIX ENTERPRISE CA
Serial 0f 1b 79 5d 00 00 00 00 00 10
Extensions
Extension: X509v3 Subject Key Identifier
Extension: X509v3 Authority Key Identifier
Extension: X509v3 CRL Distribution Points
Extension: Authority Information Access
Extension: X509v3 Basic Constraints
Critical
Extension: X509v3 Key Usage
Extension: X509v3 Extended Key Usage
Extension: 1.3.6.1.4.1.311.20.2
Extension: X509v3 Subject Alternative Name
ClientKeyExchange
EncryptedPreMasterSecret[64]=
18 77 68 ca 8a f6 71 71 84 2c b4 74 e6 ad c6 17
92 f5 1a 77 be d7 b2 98 14 12 ad 12 b6 4a cd 17
81 92 77 07 49 fd 8b 4b 1a 7d 39 5d de 19 11 f4
08 54 62 51 91 49 d3 cd 12 0e 58 10 35 0c 68 a7
CertificateVerify
Signature[128]=
0b 0b e1 0a 14 f9 16 04 88 fc 3e 3f b6 7e cb 20
8a 41 f2 46 f5 d0 3b c8 8d fe 50 8b ba 88 73 13
56 17 44 16 43 87 4f 6b 7a 7c 84 0d ed 51 f2 a2
d0 2b 02 23 aa e5 9f 68 5c f5 b9 ae 63 98 26 4e
85 a0 b4 5a 0b bb 5f dd 42 46 45 57 50 32 8d 87
bc 5c 4a bc 7c 78 67 3c fc f2 85 ac cf 39 b6 76
53 ff 51 5b 8d 71 a0 42 cd 73 8f 7b c9 23 d0 2c
e0 3b bd f2 64 b6 8a e9 62 83 4e f0 f3 85 e9 a8
1 4 0.0430 (0.0000) C>SV3.1(1) ChangeCipherSpec
1 5 0.0430 (0.0000) C>SV3.1(32) Handshake
Finished
verify_data[12]=
65 3c 74 ed 4e da c3 7d 18 73 82 ac
1 6 0.0510 (0.0079) S>CV3.1(1) ChangeCipherSpec
1 7 0.0510 (0.0000) S>CV3.1(32) Handshake
Finished
verify_data[12]=
5f 7e c8 3b c3 23 5e ea 47 b3 2a 18
1 8 0.0523 (0.0012) C>SV3.1(81) application_data
---------------------------------------------------------------
30 3f 02 01 01 60 3a 02 01 03 04 2b 63 6e 3d 61 0?...`:....+cn=a
64 6d 69 6e 69 73 74 72 61 74 6f 72 2c 63 6e 3d dministrator,cn=
75 73 65 72 73 2c 64 63 3d 63 70 71 75 6e 69 78 users,dc=cpqunix
2c 64 63 3d 6e 65 74 80 08 6a 61 63 6b 66 6c 61 ,dc=net..jackfla
70 p
---------------------------------------------------------------
1 9 0.0557 (0.0033) S>CV3.1(38) application_data
---------------------------------------------------------------
30 84 00 00 00 10 02 01 01 61 84 00 00 00 07 0a 0........a......
01 00 04 00 04 00 ......
---------------------------------------------------------------
1 10 0.0583 (0.0026) C>SV3.1(228) application_data
---------------------------------------------------------------
30 81 d1 02 01 02 63 81 cb 04 1a 63 6e 3d 75 73 0.....c....cn=us
65 72 73 2c 64 63 3d 63 70 71 75 6e 69 78 2c 64 ers,dc=cpqunix,d
63 3d 6e 65 74 0a 01 02 0a 01 00 02 01 01 02 01 c=net...........
00 01 01 00 a0 27 a3 13 04 0b 6f 62 6a 65 63 74 .....'....object
63 6c 61 73 73 04 04 55 73 65 72 a3 10 04 09 6d class..User....m
73 53 46 55 4e 61 6d 65 04 03 64 61 76 30 75 04 sSFUName..dav0u.
09 6d 73 53 46 55 4e 61 6d 65 04 0d 6d 73 53 46 .msSFUName..msSF
55 50 61 73 73 77 6f 72 64 04 09 75 69 64 4e 75 UPassword..uidNu
6d 62 65 72 04 09 67 69 64 4e 75 6d 62 65 72 04 mber..gidNumber.
02 63 6e 04 12 6d 73 53 46 55 48 6f 6d 65 44 69 .cn..msSFUHomeDi
72 65 63 74 6f 72 79 04 0a 6c 6f 67 69 6e 53 68 rectory..loginSh
65 6c 6c 04 05 67 65 63 6f 73 04 0b 64 65 73 63 ell..gecos..desc
72 69 70 74 69 6f 6e 04 0b 6f 62 6a 65 63 74 43 ription..objectC
6c 61 73 73 lass
---------------------------------------------------------------
1 11 0.0620 (0.0037) S>CV3.1(415) application_data
---------------------------------------------------------------
30 84 00 00 01 73 02 01 02 64 84 00 00 01 6a 04 0....s...d....j.
2d 43 4e 3d 53 74 75 61 72 74 20 44 61 76 69 64 -CN=Stuart David
73 6f 6e 2c 43 4e 3d 55 73 65 72 73 2c 44 43 3d son,CN=Users,DC=
63 70 71 75 6e 69 78 2c 44 43 3d 6e 65 74 30 84 cpqunix,DC=net0.
00 00 01 35 30 84 00 00 00 1b 04 02 63 6e 31 84 ...50.......cn1.
00 00 00 11 04 0f 53 74 75 61 72 74 20 44 61 76 ......Stuart Dav
69 64 73 6f 6e 30 84 00 00 00 3c 04 0b 6f 62 6a idson0....<..obj
65 63 74 43 6c 61 73 73 31 84 00 00 00 29 04 03 ectClass1....)..
74 6f 70 04 06 70 65 72 73 6f 6e 04 14 6f 72 67 top..person..org
61 6e 69 7a 61 74 69 6f 6e 61 6c 50 65 72 73 6f anizationalPerso
6e 04 04 75 73 65 72 30 84 00 00 00 16 04 09 67 n..user0.......g
69 64 4e 75 6d 62 65 72 31 84 00 00 00 05 04 03 idNumber1.......
34 30 31 30 84 00 00 00 1b 04 0a 6c 6f 67 69 6e 4010.......login
53 68 65 6c 6c 31 84 00 00 00 09 04 07 2f 62 69 Shell1......./bi
6e 2f 73 68 30 84 00 00 00 2c 04 12 6d 73 53 46 n/sh0....,..msSF
55 48 6f 6d 65 44 69 72 65 63 74 6f 72 79 31 84 UHomeDirectory1.
00 00 00 12 04 10 2f 65 78 70 6f 72 74 2f 68 6f ....../export/ho
6d 65 2f 64 61 76 30 84 00 00 00 16 04 09 6d 73 me/dav0.......ms
53 46 55 4e 61 6d 65 31 84 00 00 00 05 04 03 64 SFUName1.......d
61 76 30 84 00 00 00 24 04 0d 6d 73 53 46 55 50 av0....$..msSFUP
61 73 73 77 6f 72 64 31 84 00 00 00 0f 04 0d 68 assword1.......h
37 64 6b 30 6b 7a 79 65 69 41 44 45 30 84 00 00 7dk0kzyeiADE0...
00 17 04 09 75 69 64 4e 75 6d 62 65 72 31 84 00 ....uidNumber1..
00 00 06 04 04 34 30 30 31 30 84 00 00 00 10 02 .....40010......
01 02 65 84 00 00 00 07 0a 01 00 04 00 04 00 ..e............
---------------------------------------------------------------
1 12 0.0851 (0.0230) C>SV3.1(228) application_data
---------------------------------------------------------------
30 81 d1 02 01 03 63 81 cb 04 1a 63 6e 3d 75 73 0.....c....cn=us
65 72 73 2c 64 63 3d 63 70 71 75 6e 69 78 2c 64 ers,dc=cpqunix,d
63 3d 6e 65 74 0a 01 02 0a 01 00 02 01 01 02 01 c=net...........
00 01 01 00 a0 27 a3 13 04 0b 6f 62 6a 65 63 74 .....'....object
63 6c 61 73 73 04 04 55 73 65 72 a3 10 04 09 6d class..User....m
73 53 46 55 4e 61 6d 65 04 03 64 61 76 30 75 04 sSFUName..dav0u.
09 6d 73 53 46 55 4e 61 6d 65 04 0d 6d 73 53 46 .msSFUName..msSF
55 50 61 73 73 77 6f 72 64 04 09 75 69 64 4e 75 UPassword..uidNu
6d 62 65 72 04 09 67 69 64 4e 75 6d 62 65 72 04 mber..gidNumber.
02 63 6e 04 12 6d 73 53 46 55 48 6f 6d 65 44 69 .cn..msSFUHomeDi
72 65 63 74 6f 72 79 04 0a 6c 6f 67 69 6e 53 68 rectory..loginSh
65 6c 6c 04 05 67 65 63 6f 73 04 0b 64 65 73 63 ell..gecos..desc
72 69 70 74 69 6f 6e 04 0b 6f 62 6a 65 63 74 43 ription..objectC
6c 61 73 73 lass
---------------------------------------------------------------
1 13 0.0875 (0.0024) S>CV3.1(415) application_data
---------------------------------------------------------------
30 84 00 00 01 73 02 01 03 64 84 00 00 01 6a 04 0....s...d....j.
2d 43 4e 3d 53 74 75 61 72 74 20 44 61 76 69 64 -CN=Stuart David
73 6f 6e 2c 43 4e 3d 55 73 65 72 73 2c 44 43 3d son,CN=Users,DC=
63 70 71 75 6e 69 78 2c 44 43 3d 6e 65 74 30 84 cpqunix,DC=net0.
00 00 01 35 30 84 00 00 00 1b 04 02 63 6e 31 84 ...50.......cn1.
00 00 00 11 04 0f 53 74 75 61 72 74 20 44 61 76 ......Stuart Dav
69 64 73 6f 6e 30 84 00 00 00 3c 04 0b 6f 62 6a idson0....<..obj
65 63 74 43 6c 61 73 73 31 84 00 00 00 29 04 03 ectClass1....)..
74 6f 70 04 06 70 65 72 73 6f 6e 04 14 6f 72 67 top..person..org
61 6e 69 7a 61 74 69 6f 6e 61 6c 50 65 72 73 6f anizationalPerso
6e 04 04 75 73 65 72 30 84 00 00 00 16 04 09 67 n..user0.......g
69 64 4e 75 6d 62 65 72 31 84 00 00 00 05 04 03 idNumber1.......
34 30 31 30 84 00 00 00 1b 04 0a 6c 6f 67 69 6e 4010.......login
53 68 65 6c 6c 31 84 00 00 00 09 04 07 2f 62 69 Shell1......./bi
6e 2f 73 68 30 84 00 00 00 2c 04 12 6d 73 53 46 n/sh0....,..msSF
55 48 6f 6d 65 44 69 72 65 63 74 6f 72 79 31 84 UHomeDirectory1.
00 00 00 12 04 10 2f 65 78 70 6f 72 74 2f 68 6f ....../export/ho
6d 65 2f 64 61 76 30 84 00 00 00 16 04 09 6d 73 me/dav0.......ms
53 46 55 4e 61 6d 65 31 84 00 00 00 05 04 03 64 SFUName1.......d
61 76 30 84 00 00 00 24 04 0d 6d 73 53 46 55 50 av0....$..msSFUP
61 73 73 77 6f 72 64 31 84 00 00 00 0f 04 0d 68 assword1.......h
37 64 6b 30 6b 7a 79 65 69 41 44 45 30 84 00 00 7dk0kzyeiADE0...
00 17 04 09 75 69 64 4e 75 6d 62 65 72 31 84 00 ....uidNumber1..
00 00 06 04 04 34 30 30 31 30 84 00 00 00 10 02 .....40010......
01 03 65 84 00 00 00 07 0a 01 00 04 00 04 00 ..e............
---------------------------------------------------------------
1 14 0.1875 (0.0999) C>SV3.1(153) application_data
---------------------------------------------------------------
30 81 86 02 01 04 63 81 80 04 1a 63 6e 3d 75 73 0.....c....cn=us
65 72 73 2c 64 63 3d 63 70 71 75 6e 69 78 2c 64 ers,dc=cpqunix,d
63 3d 6e 65 74 0a 01 02 0a 01 00 02 01 01 02 01 c=net...........
00 01 01 00 a0 28 a3 14 04 0b 6f 62 6a 65 63 74 .....(....object
63 6c 61 73 73 04 05 47 72 6f 75 70 a3 10 04 09 class..Group....
67 69 64 4e 75 6d 62 65 72 04 03 34 30 31 30 29 gidNumber..4010)
04 02 63 6e 04 0d 6d 73 53 46 55 50 61 73 73 77 ..cn..msSFUPassw
6f 72 64 04 09 6d 65 6d 62 65 72 55 69 64 04 09 ord..memberUid..
67 69 64 4e 75 6d 62 65 72 gidNumber
---------------------------------------------------------------
1 15 0.1925 (0.0050) S>CV3.1(167) application_data
---------------------------------------------------------------
30 84 00 00 00 7b 02 01 04 64 84 00 00 00 72 04 0....{...d....r.
2d 43 4e 3d 74 65 73 74 5f 75 6e 69 78 5f 67 72 -CN=test_unix_gr
6f 75 70 2c 43 4e 3d 55 73 65 72 73 2c 44 43 3d oup,CN=Users,DC=
63 70 71 75 6e 69 78 2c 44 43 3d 6e 65 74 30 84 cpqunix,DC=net0.
00 00 00 3d 30 84 00 00 00 1b 04 02 63 6e 31 84 ...=0.......cn1.
00 00 00 11 04 0f 74 65 73 74 5f 75 6e 69 78 5f ......test_unix_
67 72 6f 75 70 30 84 00 00 00 16 04 09 67 69 64 group0.......gid
4e 75 6d 62 65 72 31 84 00 00 00 05 04 03 34 30 Number1.......40
31 30 84 00 00 00 10 02 01 04 65 84 00 00 00 07 10........e.....
0a 01 00 04 00 04 00 .......
---------------------------------------------------------------
1 16 0.2063 (0.0137) C>SV3.1(153) application_data
---------------------------------------------------------------
30 81 86 02 01 05 63 81 80 04 1a 63 6e 3d 75 73 0.....c....cn=us
65 72 73 2c 64 63 3d 63 70 71 75 6e 69 78 2c 64 ers,dc=cpqunix,d
63 3d 6e 65 74 0a 01 02 0a 01 00 02 01 00 02 01 c=net...........
00 01 01 00 a0 28 a3 14 04 0b 6f 62 6a 65 63 74 .....(....object
63 6c 61 73 73 04 05 47 72 6f 75 70 a3 10 04 09 class..Group....
6d 65 6d 62 65 72 55 69 64 04 03 64 61 76 30 29 memberUid..dav0)
04 02 63 6e 04 0d 6d 73 53 46 55 50 61 73 73 77 ..cn..msSFUPassw
6f 72 64 04 09 6d 65 6d 62 65 72 55 69 64 04 09 ord..memberUid..
67 69 64 4e 75 6d 62 65 72 gidNumber
---------------------------------------------------------------
1 17 0.2081 (0.0017) S>CV3.1(38) application_data
---------------------------------------------------------------
30 84 00 00 00 10 02 01 05 65 84 00 00 00 07 0a 0........e......
01 00 04 00 04 00 ......
---------------------------------------------------------------
New TCP connection #2: sun6.reo.cpqcorp.net(33092) <-> cpqtestdc1.cpqunix.net(636)
2 1 0.0020 (0.0020) C>S SSLv2 compatible client hello
Version 3.1
cipher suites
TLS_DHE_DSS_WITH_RC4_128_SHA
TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA
TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA
TLS_RSA_WITH_RC4_128_MD5
Unknown value 0xfeff
TLS_RSA_WITH_3DES_EDE_CBC_SHA
Unknown value 0xfefe
TLS_DHE_RSA_WITH_DES_CBC_SHA
TLS_DHE_DSS_WITH_DES_CBC_SHA
TLS_RSA_WITH_DES_CBC_SHA
TLS_RSA_EXPORT1024_WITH_RC4_56_SHA
TLS_RSA_EXPORT1024_WITH_DES_CBC_SHA
TLS_RSA_EXPORT_WITH_RC4_40_MD5
TLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5
2 2 0.0035 (0.0014) S>CV3.1(3915) Handshake
ServerHello
Version 3.1
random[32]=
75 6e 7b f3 68 2c 2b c4 6c 64 ba bb de ff 0c ea
36 84 31 89 37 bb f3 9b 71 27 77 9e 3a c9 5c 5d
session_id[32]=
77 19 00 00 22 5d aa df 08 da 4c 4a a9 62 1f 19
15 31 cf b6 93 38 dd dd 28 d4 83 f7 5d 7b 2e e2
cipherSuite TLS_RSA_WITH_RC4_128_MD5
compressionMethod NULL
Certificate
Subject
C=GB
ST=Berks
L=Reading
O=CPQ UNIX ENTERPRISE CA
OU=NAP DP
CN=cpqtestdc1.cpqunix.net
Issuer
C=UK
ST=Berks
L=Reading
O=UNIX LAND
OU=NAP DP
CN=CPQ UNIX ENTERPRISE CA
Serial 61 3c 1f a9 00 00 00 00 00 08
Extensions
Extension: X509v3 Key Usage
Extension: X509v3 Extended Key Usage
Extension: X509v3 Subject Key Identifier
Extension: X509v3 Authority Key Identifier
Extension: X509v3 CRL Distribution Points
Extension: Authority Information Access
Extension: 1.3.6.1.4.1.311.20.2
CertificateRequest
certificate_types rsa_sign
certificate_authority
C=US
O=VeriSign, Inc.
OU=Class 1 Public Primary Certification Authority - G2
OU=(c) 1998 VeriSign, Inc. - For authorized use only
OU=VeriSign Trust Network
certificate_authority
C=US
O=VeriSign, Inc.
OU=Class 4 Public Primary Certification Authority - G2
OU=(c) 1998 VeriSign, Inc. - For authorized use only
OU=VeriSign Trust Network
certificate_authority
C=ZA
ST=Western Cape
L=Cape Town
O=Thawte Consulting
OU=Certification Services Division
CN=Thawte Personal Freemail CA
Email=personal-freemail@thawte.com
certificate_authority
C=UK
ST=Berks
L=Reading
O=UNIX LAND
OU=NAP DP
CN=CPQ UNIX ENTERPRISE CA
certificate_authority
C=ZA
ST=Western Cape
L=Cape Town
O=Thawte Consulting
OU=Certification Services Division
CN=Thawte Personal Premium CA
Email=personal-premium@thawte.com
certificate_authority
C=US
O=First Data Digital Certificates Inc.
CN=First Data Digital Certificates Inc. Certification Authority
certificate_authority
C=ZA
ST=Western Cape
L=Cape Town
O=Thawte Consulting
OU=Certification Services Division
CN=Thawte Personal Basic CA
Email=personal-basic@thawte.com
certificate_authority
C=US
O=VeriSign, Inc.
OU=Class 3 Public Primary Certification Authority
certificate_authority
C=US
O=VeriSign, Inc.
OU=Class 2 Public Primary Certification Authority
certificate_authority
C=US
O=VeriSign, Inc.
OU=Class 1 Public Primary Certification Authority
certificate_authority
C=US
O=VeriSign, Inc.
OU=Class 3 Public Primary Certification Authority - G2
OU=(c) 1998 VeriSign, Inc. - For authorized use only
OU=VeriSign Trust Network
certificate_authority
C=US
O=GTE Corporation
CN=GTE CyberTrust Root
certificate_authority
C=US
O=GTE Corporation
OU=GTE CyberTrust Solutions, Inc.
CN=GTE CyberTrust Global Root
certificate_authority
OU=Copyright (c) 1997 Microsoft Corp.
OU=Microsoft Corporation
CN=Microsoft Root Authority
certificate_authority
C=US
O=VeriSign, Inc.
OU=Class 2 Public Primary Certification Authority - G2
OU=(c) 1998 VeriSign, Inc. - For authorized use only
OU=VeriSign Trust Network
certificate_authority
C=US
O=GTE Corporation
OU=GTE CyberTrust Solutions, Inc.
CN=GTE CyberTrust Root
ServerHelloDone
2 3 0.0395 (0.0359) C>SV3.1(1688) Handshake
Certificate
Subject
CN=Administrator
Issuer
C=UK
ST=Berks
L=Reading
O=UNIX LAND
OU=NAP DP
CN=CPQ UNIX ENTERPRISE CA
Serial 0f 1b 79 5d 00 00 00 00 00 10
Extensions
Extension: X509v3 Subject Key Identifier
Extension: X509v3 Authority Key Identifier
Extension: X509v3 CRL Distribution Points
Extension: Authority Information Access
Extension: X509v3 Basic Constraints
Critical
Extension: X509v3 Key Usage
Extension: X509v3 Extended Key Usage
Extension: 1.3.6.1.4.1.311.20.2
Extension: X509v3 Subject Alternative Name
ClientKeyExchange
EncryptedPreMasterSecret[64]=
3d 33 b2 55 c3 7b b1 e4 de 69 bf 22 61 fb 41 b8
1b 5c 13 7e 80 bd c2 df 20 a9 04 9e 13 29 51 b2
a1 55 35 8d 82 27 7a 8c 76 6a 6c 6a 71 c1 16 e8
d2 ee fa 64 96 b0 e5 b8 ba e4 a0 c7 d5 a5 78 ab
CertificateVerify
Signature[128]=
1e b1 29 60 3b cc 9d 73 8a a2 90 44 63 13 50 e5
c8 13 a2 b3 d7 4f ee e7 80 68 81 7c 67 96 88 00
fa 6d 7e c4 38 35 92 85 e7 dd c5 52 b5 5f 26 85
34 32 88 4b a5 69 40 61 af 53 f7 b6 93 3b 22 8b
30 92 63 77 d3 fc c2 0d f8 df e1 c7 0b a0 95 f6
95 fb 4f f6 84 1d 7a e2 8d dd 57 da 34 31 a1 db
48 4a 11 0f 43 66 76 2a 2b 12 00 bd 5a d3 4f a8
69 14 a0 a4 b7 a1 f7 d9 43 3f f7 0b 72 26 05 1f
2 4 0.0395 (0.0000) C>SV3.1(1) ChangeCipherSpec
2 5 0.0395 (0.0000) C>SV3.1(32) Handshake
Finished
verify_data[12]=
48 a8 1b 43 40 af 13 e7 20 2e 8a dd
2 6 0.0473 (0.0078) S>CV3.1(1) ChangeCipherSpec
2 7 0.0473 (0.0000) S>CV3.1(32) Handshake
Finished
verify_data[12]=
00 03 1d ea d7 16 12 8b 86 ff 9b 28
2 8 0.1192 (0.0718) C>SV3.1(81) application_data
---------------------------------------------------------------
30 3f 02 01 01 60 3a 02 01 03 04 2b 63 6e 3d 61 0?...`:....+cn=a
64 6d 69 6e 69 73 74 72 61 74 6f 72 2c 63 6e 3d dministrator,cn=
75 73 65 72 73 2c 64 63 3d 63 70 71 75 6e 69 78 users,dc=cpqunix
2c 64 63 3d 6e 65 74 80 08 6a 61 63 6b 66 6c 61 ,dc=net..jackfla
70 p
---------------------------------------------------------------
2 9 0.1240 (0.0047) S>CV3.1(38) application_data
---------------------------------------------------------------
30 84 00 00 00 10 02 01 01 61 84 00 00 00 07 0a 0........a......
01 00 04 00 04 00 ......
---------------------------------------------------------------
2 10 0.1263 (0.0023) C>SV3.1(229) application_data
---------------------------------------------------------------
30 81 d2 02 01 02 63 81 cc 04 1a 63 6e 3d 75 73 0.....c....cn=us
65 72 73 2c 64 63 3d 63 70 71 75 6e 69 78 2c 64 ers,dc=cpqunix,d
63 3d 6e 65 74 0a 01 02 0a 01 00 02 01 01 02 01 c=net...........
00 01 01 00 a0 28 a3 13 04 0b 6f 62 6a 65 63 74 .....(....object
63 6c 61 73 73 04 04 55 73 65 72 a3 11 04 09 75 class..User....u
69 64 4e 75 6d 62 65 72 04 04 34 30 30 31 30 75 idNumber..40010u
04 09 6d 73 53 46 55 4e 61 6d 65 04 0d 6d 73 53 ..msSFUName..msS
46 55 50 61 73 73 77 6f 72 64 04 09 75 69 64 4e FUPassword..uidN
75 6d 62 65 72 04 09 67 69 64 4e 75 6d 62 65 72 umber..gidNumber
04 02 63 6e 04 12 6d 73 53 46 55 48 6f 6d 65 44 ..cn..msSFUHomeD
69 72 65 63 74 6f 72 79 04 0a 6c 6f 67 69 6e 53 irectory..loginS
68 65 6c 6c 04 05 67 65 63 6f 73 04 0b 64 65 73 hell..gecos..des
63 72 69 70 74 69 6f 6e 04 0b 6f 62 6a 65 63 74 cription..object
43 6c 61 73 73 Class
---------------------------------------------------------------
2 11 0.1290 (0.0026) S>CV3.1(415) application_data
---------------------------------------------------------------
30 84 00 00 01 73 02 01 02 64 84 00 00 01 6a 04 0....s...d....j.
2d 43 4e 3d 53 74 75 61 72 74 20 44 61 76 69 64 -CN=Stuart David
73 6f 6e 2c 43 4e 3d 55 73 65 72 73 2c 44 43 3d son,CN=Users,DC=
63 70 71 75 6e 69 78 2c 44 43 3d 6e 65 74 30 84 cpqunix,DC=net0.
00 00 01 35 30 84 00 00 00 1b 04 02 63 6e 31 84 ...50.......cn1.
00 00 00 11 04 0f 53 74 75 61 72 74 20 44 61 76 ......Stuart Dav
69 64 73 6f 6e 30 84 00 00 00 3c 04 0b 6f 62 6a idson0....<..obj
65 63 74 43 6c 61 73 73 31 84 00 00 00 29 04 03 ectClass1....)..
74 6f 70 04 06 70 65 72 73 6f 6e 04 14 6f 72 67 top..person..org
61 6e 69 7a 61 74 69 6f 6e 61 6c 50 65 72 73 6f anizationalPerso
6e 04 04 75 73 65 72 30 84 00 00 00 16 04 09 67 n..user0.......g
69 64 4e 75 6d 62 65 72 31 84 00 00 00 05 04 03 idNumber1.......
34 30 31 30 84 00 00 00 1b 04 0a 6c 6f 67 69 6e 4010.......login
53 68 65 6c 6c 31 84 00 00 00 09 04 07 2f 62 69 Shell1......./bi
6e 2f 73 68 30 84 00 00 00 2c 04 12 6d 73 53 46 n/sh0....,..msSF
55 48 6f 6d 65 44 69 72 65 63 74 6f 72 79 31 84 UHomeDirectory1.
00 00 00 12 04 10 2f 65 78 70 6f 72 74 2f 68 6f ....../export/ho
6d 65 2f 64 61 76 30 84 00 00 00 16 04 09 6d 73 me/dav0.......ms
53 46 55 4e 61 6d 65 31 84 00 00 00 05 04 03 64 SFUName1.......d
61 76 30 84 00 00 00 24 04 0d 6d 73 53 46 55 50 av0....$..msSFUP
61 73 73 77 6f 72 64 31 84 00 00 00 0f 04 0d 68 assword1.......h
37 64 6b 30 6b 7a 79 65 69 41 44 45 30 84 00 00 7dk0kzyeiADE0...
00 17 04 09 75 69 64 4e 75 6d 62 65 72 31 84 00 ....uidNumber1..
00 00 06 04 04 34 30 30 31 30 84 00 00 00 10 02 .....40010......
01 02 65 84 00 00 00 07 0a 01 00 04 00 04 00 ..e............
---------------------------------------------------------------
2 0.1402 (0.0111) C>S TCP FIN
2 0.1409 (0.0007) S>C TCP FIN
New TCP connection #3: sun6.reo.cpqcorp.net(33093) <-> cpqtestdc1.cpqunix.net(636)
3 1 0.0025 (0.0025) C>S SSLv2 compatible client hello
Version 3.1
cipher suites
TLS_DHE_DSS_WITH_RC4_128_SHA
TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA
TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA
TLS_RSA_WITH_RC4_128_MD5
Unknown value 0xfeff
TLS_RSA_WITH_3DES_EDE_CBC_SHA
Unknown value 0xfefe
TLS_DHE_RSA_WITH_DES_CBC_SHA
TLS_DHE_DSS_WITH_DES_CBC_SHA
TLS_RSA_WITH_DES_CBC_SHA
TLS_RSA_EXPORT1024_WITH_RC4_56_SHA
TLS_RSA_EXPORT1024_WITH_DES_CBC_SHA
TLS_RSA_EXPORT_WITH_RC4_40_MD5
TLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5
3 2 0.0039 (0.0014) S>CV3.1(3915) Handshake
ServerHello
Version 3.1
random[32]=
67 99 2e 2a aa b6 be 9d cd 7a ed c9 1a 0e 3e 7a
81 36 cb aa 62 2b 77 5c 8a b1 ad e1 ad 7f 45 d3
session_id[32]=
e0 12 00 00 12 b5 54 fd 38 45 f2 e3 98 24 01 50
48 97 02 0d f7 ae 09 29 d0 89 d5 93 93 4c 9a ac
cipherSuite TLS_RSA_WITH_RC4_128_MD5
compressionMethod NULL
Certificate
Subject
C=GB
ST=Berks
L=Reading
O=CPQ UNIX ENTERPRISE CA
OU=NAP DP
CN=cpqtestdc1.cpqunix.net
Issuer
C=UK
ST=Berks
L=Reading
O=UNIX LAND
OU=NAP DP
CN=CPQ UNIX ENTERPRISE CA
Serial 61 3c 1f a9 00 00 00 00 00 08
Extensions
Extension: X509v3 Key Usage
Extension: X509v3 Extended Key Usage
Extension: X509v3 Subject Key Identifier
Extension: X509v3 Authority Key Identifier
Extension: X509v3 CRL Distribution Points
Extension: Authority Information Access
Extension: 1.3.6.1.4.1.311.20.2
CertificateRequest
certificate_types rsa_sign
certificate_authority
C=US
O=VeriSign, Inc.
OU=Class 1 Public Primary Certification Authority - G2
OU=(c) 1998 VeriSign, Inc. - For authorized use only
OU=VeriSign Trust Network
certificate_authority
C=US
O=VeriSign, Inc.
OU=Class 4 Public Primary Certification Authority - G2
OU=(c) 1998 VeriSign, Inc. - For authorized use only
OU=VeriSign Trust Network
certificate_authority
C=ZA
ST=Western Cape
L=Cape Town
O=Thawte Consulting
OU=Certification Services Division
CN=Thawte Personal Freemail CA
Email=personal-freemail@thawte.com
certificate_authority
C=UK
ST=Berks
L=Reading
O=UNIX LAND
OU=NAP DP
CN=CPQ UNIX ENTERPRISE CA
certificate_authority
C=ZA
ST=Western Cape
L=Cape Town
O=Thawte Consulting
OU=Certification Services Division
CN=Thawte Personal Premium CA
Email=personal-premium@thawte.com
certificate_authority
C=US
O=First Data Digital Certificates Inc.
CN=First Data Digital Certificates Inc. Certification Authority
certificate_authority
C=ZA
ST=Western Cape
L=Cape Town
O=Thawte Consulting
OU=Certification Services Division
CN=Thawte Personal Basic CA
Email=personal-basic@thawte.com
certificate_authority
C=US
O=VeriSign, Inc.
OU=Class 3 Public Primary Certification Authority
certificate_authority
C=US
O=VeriSign, Inc.
OU=Class 2 Public Primary Certification Authority
certificate_authority
C=US
O=VeriSign, Inc.
OU=Class 1 Public Primary Certification Authority
certificate_authority
C=US
O=VeriSign, Inc.
OU=Class 3 Public Primary Certification Authority - G2
OU=(c) 1998 VeriSign, Inc. - For authorized use only
OU=VeriSign Trust Network
certificate_authority
C=US
O=GTE Corporation
CN=GTE CyberTrust Root
certificate_authority
C=US
O=GTE Corporation
OU=GTE CyberTrust Solutions, Inc.
CN=GTE CyberTrust Global Root
certificate_authority
OU=Copyright (c) 1997 Microsoft Corp.
OU=Microsoft Corporation
CN=Microsoft Root Authority
certificate_authority
C=US
O=VeriSign, Inc.
OU=Class 2 Public Primary Certification Authority - G2
OU=(c) 1998 VeriSign, Inc. - For authorized use only
OU=VeriSign Trust Network
certificate_authority
C=US
O=GTE Corporation
OU=GTE CyberTrust Solutions, Inc.
CN=GTE CyberTrust Root
ServerHelloDone
3 3 0.0406 (0.0366) C>SV3.1(1688) Handshake
Certificate
Subject
CN=Administrator
Issuer
C=UK
ST=Berks
L=Reading
O=UNIX LAND
OU=NAP DP
CN=CPQ UNIX ENTERPRISE CA
Serial 0f 1b 79 5d 00 00 00 00 00 10
Extensions
Extension: X509v3 Subject Key Identifier
Extension: X509v3 Authority Key Identifier
Extension: X509v3 CRL Distribution Points
Extension: Authority Information Access
Extension: X509v3 Basic Constraints
Critical
Extension: X509v3 Key Usage
Extension: X509v3 Extended Key Usage
Extension: 1.3.6.1.4.1.311.20.2
Extension: X509v3 Subject Alternative Name
ClientKeyExchange
EncryptedPreMasterSecret[64]=
3a b3 d8 54 b7 45 58 0c 92 14 f1 02 b6 17 23 f6
49 2a 08 75 11 60 c6 c9 33 e0 92 74 41 50 02 c1
e7 b5 4c 9e 1a db 5e 0e be 87 f8 5d 0a 8c fb 3d
c2 6d d3 0e 3a 76 dc f1 c4 af 85 a5 4e af 9d 64
CertificateVerify
Signature[128]=
8d ca 54 d7 6f 04 19 dd 95 51 c8 1a e9 ce 14 c1
58 f1 76 ea d9 a7 b1 32 c3 13 e6 67 75 6e 66 a9
9c 36 4b f7 95 4f e1 a7 8d a3 37 d6 a3 a3 16 db
92 3b b1 85 a4 a9 79 f8 02 a9 58 46 5a 85 2b 07
85 62 4b 0c 2e 80 0b 0f 1a d3 cd 10 94 c1 8b bd
92 5b 07 99 01 2c 94 a2 94 02 20 09 b0 2c 6c b8
5d 63 39 fd e5 3a dd 62 c8 68 e8 a1 a1 0a ca 8e
59 5e b4 a1 25 62 8a 86 2d 05 40 8f e0 3d f4 8f
3 4 0.0406 (0.0000) C>SV3.1(1) ChangeCipherSpec
3 5 0.0406 (0.0000) C>SV3.1(32) Handshake
Finished
verify_data[12]=
fa af f2 7e e9 8f 54 3a f6 72 2d ac
3 6 0.0485 (0.0079) S>CV3.1(1) ChangeCipherSpec
3 7 0.0485 (0.0000) S>CV3.1(32) Handshake
Finished
verify_data[12]=
77 96 b5 03 80 d1 df 9e f4 a3 41 d3
3 8 0.0497 (0.0012) C>SV3.1(81) application_data
---------------------------------------------------------------
30 3f 02 01 01 60 3a 02 01 03 04 2b 63 6e 3d 61 0?...`:....+cn=a
64 6d 69 6e 69 73 74 72 61 74 6f 72 2c 63 6e 3d dministrator,cn=
75 73 65 72 73 2c 64 63 3d 63 70 71 75 6e 69 78 users,dc=cpqunix
2c 64 63 3d 6e 65 74 80 08 6a 61 63 6b 66 6c 61 ,dc=net..jackfla
70 p
---------------------------------------------------------------
3 9 0.0542 (0.0044) S>CV3.1(38) application_data
---------------------------------------------------------------
30 84 00 00 00 10 02 01 01 61 84 00 00 00 07 0a 0........a......
01 00 04 00 04 00 ......
---------------------------------------------------------------
3 10 0.0567 (0.0025) C>SV3.1(228) application_data
---------------------------------------------------------------
30 81 d1 02 01 02 63 81 cb 04 1a 63 6e 3d 75 73 0.....c....cn=us
65 72 73 2c 64 63 3d 63 70 71 75 6e 69 78 2c 64 ers,dc=cpqunix,d
63 3d 6e 65 74 0a 01 02 0a 01 00 02 01 01 02 01 c=net...........
00 01 01 00 a0 27 a3 13 04 0b 6f 62 6a 65 63 74 .....'....object
63 6c 61 73 73 04 04 55 73 65 72 a3 10 04 09 6d class..User....m
73 53 46 55 4e 61 6d 65 04 03 64 61 76 30 75 04 sSFUName..dav0u.
09 6d 73 53 46 55 4e 61 6d 65 04 0d 6d 73 53 46 .msSFUName..msSF
55 50 61 73 73 77 6f 72 64 04 09 75 69 64 4e 75 UPassword..uidNu
6d 62 65 72 04 09 67 69 64 4e 75 6d 62 65 72 04 mber..gidNumber.
02 63 6e 04 12 6d 73 53 46 55 48 6f 6d 65 44 69 .cn..msSFUHomeDi
72 65 63 74 6f 72 79 04 0a 6c 6f 67 69 6e 53 68 rectory..loginSh
65 6c 6c 04 05 67 65 63 6f 73 04 0b 64 65 73 63 ell..gecos..desc
72 69 70 74 69 6f 6e 04 0b 6f 62 6a 65 63 74 43 ription..objectC
6c 61 73 73 lass
---------------------------------------------------------------
3 11 0.0594 (0.0026) S>CV3.1(415) application_data
---------------------------------------------------------------
30 84 00 00 01 73 02 01 02 64 84 00 00 01 6a 04 0....s...d....j.
2d 43 4e 3d 53 74 75 61 72 74 20 44 61 76 69 64 -CN=Stuart David
73 6f 6e 2c 43 4e 3d 55 73 65 72 73 2c 44 43 3d son,CN=Users,DC=
63 70 71 75 6e 69 78 2c 44 43 3d 6e 65 74 30 84 cpqunix,DC=net0.
00 00 01 35 30 84 00 00 00 1b 04 02 63 6e 31 84 ...50.......cn1.
00 00 00 11 04 0f 53 74 75 61 72 74 20 44 61 76 ......Stuart Dav
69 64 73 6f 6e 30 84 00 00 00 3c 04 0b 6f 62 6a idson0....<..obj
65 63 74 43 6c 61 73 73 31 84 00 00 00 29 04 03 ectClass1....)..
74 6f 70 04 06 70 65 72 73 6f 6e 04 14 6f 72 67 top..person..org
61 6e 69 7a 61 74 69 6f 6e 61 6c 50 65 72 73 6f anizationalPerso
6e 04 04 75 73 65 72 30 84 00 00 00 16 04 09 67 n..user0.......g
69 64 4e 75 6d 62 65 72 31 84 00 00 00 05 04 03 idNumber1.......
34 30 31 30 84 00 00 00 1b 04 0a 6c 6f 67 69 6e 4010.......login
53 68 65 6c 6c 31 84 00 00 00 09 04 07 2f 62 69 Shell1......./bi
6e 2f 73 68 30 84 00 00 00 2c 04 12 6d 73 53 46 n/sh0....,..msSF
55 48 6f 6d 65 44 69 72 65 63 74 6f 72 79 31 84 UHomeDirectory1.
00 00 00 12 04 10 2f 65 78 70 6f 72 74 2f 68 6f ....../export/ho
6d 65 2f 64 61 76 30 84 00 00 00 16 04 09 6d 73 me/dav0.......ms
53 46 55 4e 61 6d 65 31 84 00 00 00 05 04 03 64 SFUName1.......d
61 76 30 84 00 00 00 24 04 0d 6d 73 53 46 55 50 av0....$..msSFUP
61 73 73 77 6f 72 64 31 84 00 00 00 0f 04 0d 68 assword1.......h
37 64 6b 30 6b 7a 79 65 69 41 44 45 30 84 00 00 7dk0kzyeiADE0...
00 17 04 09 75 69 64 4e 75 6d 62 65 72 31 84 00 ....uidNumber1..
00 00 06 04 04 34 30 30 31 30 84 00 00 00 10 02 .....40010......
01 02 65 84 00 00 00 07 0a 01 00 04 00 04 00 ..e............
---------------------------------------------------------------
New TCP connection #4: sun6.reo.cpqcorp.net(33094) <-> cpqtestdc1.cpqunix.net(636)
4 1 0.0017 (0.0017) C>SV3.1(103) Handshake
ClientHello
Version 3.1
random[32]=
00 00 12 fa c0 b7 04 d9 f1 59 ad 26 00 92 b3 0b
62 51 38 75 69 a8 71 45 25 45 aa d3 c7 57 62 64
resume [32]=
e0 12 00 00 12 b5 54 fd 38 45 f2 e3 98 24 01 50
48 97 02 0d f7 ae 09 29 d0 89 d5 93 93 4c 9a ac
cipher suites
TLS_DHE_DSS_WITH_RC4_128_SHA
TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA
TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA
TLS_RSA_WITH_RC4_128_MD5
Unknown value 0xfeff
TLS_RSA_WITH_3DES_EDE_CBC_SHA
Unknown value 0xfefe
TLS_DHE_RSA_WITH_DES_CBC_SHA
TLS_DHE_DSS_WITH_DES_CBC_SHA
TLS_RSA_WITH_DES_CBC_SHA
TLS_RSA_EXPORT1024_WITH_RC4_56_SHA
TLS_RSA_EXPORT1024_WITH_DES_CBC_SHA
TLS_RSA_EXPORT_WITH_RC4_40_MD5
TLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5
compression methods
NULL
4 2 0.0025 (0.0007) S>CV3.1(74) Handshake
ServerHello
Version 3.1
random[32]=
6b b6 b6 79 54 76 65 27 2e 3e c2 04 d5 f5 5a a1
ef f6 4c 93 1f d3 ed 6e 21 15 ff 2b f7 fd ec 0d
session_id[32]=
e0 12 00 00 12 b5 54 fd 38 45 f2 e3 98 24 01 50
48 97 02 0d f7 ae 09 29 d0 89 d5 93 93 4c 9a ac
cipherSuite TLS_RSA_WITH_RC4_128_MD5
compressionMethod NULL
4 3 0.0025 (0.0000) S>CV3.1(1) ChangeCipherSpec
4 4 0.0025 (0.0000) S>CV3.1(32) Handshake
Finished
verify_data[12]=
4d 20 b6 cb 05 ab 16 36 5e b4 24 b2
4 5 0.0061 (0.0035) C>SV3.1(1) ChangeCipherSpec
4 6 0.0061 (0.0000) C>SV3.1(32) Handshake
Finished
verify_data[12]=
2a d0 5a 82 36 83 98 45 ee ef 61 e4
4 7 0.0061 (0.0000) C>SV3.1(81) application_data
---------------------------------------------------------------
30 3f 02 01 01 60 3a 02 01 03 04 2b 63 6e 3d 61 0?...`:....+cn=a
64 6d 69 6e 69 73 74 72 61 74 6f 72 2c 63 6e 3d dministrator,cn=
75 73 65 72 73 2c 64 63 3d 63 70 71 75 6e 69 78 users,dc=cpqunix
2c 64 63 3d 6e 65 74 80 08 6a 61 63 6b 66 6c 61 ,dc=net..jackfla
70 p
---------------------------------------------------------------
4 8 0.0071 (0.0010) S>CV3.1(20) Handshake
HelloRequest
4 9 0.0079 (0.0008) C>SV3.1(87) Handshake
ClientHello
Version 3.1
random[32]=
00 00 12 fa 2a fb ff da f3 8d 18 a5 c9 e5 6f 75
31 e7 54 75 bd 70 cb e3 5d e0 9e 14 5e 5d 93 55
cipher suites
TLS_DHE_DSS_WITH_RC4_128_SHA
TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA
TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA
TLS_RSA_WITH_RC4_128_MD5
Unknown value 0xfeff
TLS_RSA_WITH_3DES_EDE_CBC_SHA
Unknown value 0xfefe
TLS_DHE_RSA_WITH_DES_CBC_SHA
TLS_DHE_DSS_WITH_DES_CBC_SHA
TLS_RSA_WITH_DES_CBC_SHA
TLS_RSA_EXPORT1024_WITH_RC4_56_SHA
TLS_RSA_EXPORT1024_WITH_DES_CBC_SHA
TLS_RSA_EXPORT_WITH_RC4_40_MD5
TLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5
compression methods
NULL
4 0.0099 (0.0020) S>C TCP FIN
3 7.6358 (7.5764) C>S TCP FIN
4 4.0214 (4.0115) C>S TCP FIN
3 7.6369 (0.0010) S>C TCP FIN
^C#
# exit
script done on Thu 23 May 2002 11:18:33 AM BST