Article delegate-en/3140 of [1-5169] on the server localhost:119
  upper oldest olders older1 this newer1 newers latest
search
[Top/Up] [oldest] - [Older+chunk] - [Newer+chunk] - [newest + Check]

Newsgroups: mail-lists.delegate-en
[DeleGate-En] Re: SSL disconnect problem
22 Feb 2006 09:02:36 GMT peqgabdyi-6rjyzcltgs3r.ml@ml.delegate.org 

Hi,

Now I can see that delegate answers the encrypted alert, but it still 
stays up in windows. If I check with netstat, delegate session are up 
(TIME_WAIT) until windows time_wait value are reached. 

Below are a part from the log ,

02/22 10:01:24.26 [3448] 2+0: (0) accepted [5] 
-@[194.252.66.15]ekmgw.ekm.fi:57749 (0.015s)(1)
02/22 10:01:24.26 [3448] 2+0: dirfopen(E:/Program 
Files/DeleGate/adm/shutout/194.252.66.15,r): 0 [-1]
02/22 10:01:24.26 [3448] 2+0: #### Socketpair(AF_UNIX) failed (2)
02/22 10:01:24.26 [3448] 2+0: START EXEC: 5 23 func=4512c6 arg[FCL 
0/1671/0 sslway -vd]
02/22 10:01:24.26 [3448] 2+0: SEQNO: 
ff1835fb/8026/3184/1140594261/0/23/-1/5/1340632/1205416/2088959398/2088958755/10643920/1/2/0,8/15/30/6/67109889/0/16/-1/-19009921/0/1/0/0,///
02/22 10:01:24.26 [3448] 2+0: 
HOSTS=localhost/127.0.0.1,localhost/__1,.af-local/127.0.0.127,ssh/{192.168.10.50,192.168.255.2},{www.delegate.org,c199028.ppp.asahi-net.or.jp}/210.155.199.28,ekmgw.ekm.fi/194.252.66.15
(WIN) 01:24.278 [3448] spawn() = 1844 [3620], children(alive=1,total=1) 
0.016s
02/22 10:01:24.27 [3448] 2+0: dirfopen(E:/Program 
Files/DeleGate/adm/shutout/194.252.66.15,r): 0 [-1]
02/22 10:01:24.27 [3448] 2+0: KeepAlive[22] = 1
02/22 10:01:24.27 [3448] 2+0: execGeneralist->execSpecialist
02/22 10:01:24.27 [3448] 2+0: PATH: 
telnet://192.168.10.6:23!ssh:8026!ekmgw.ekm.fi:57749!anonymous@ekmgw.ekm.fi;1140595284
02/22 10:01:24.27 [3620] 2+0: SPECIALIST: telnet
02/22 10:01:24.27 [3620] 2+0: ##DeleGate/6.X: MIMECONV=thru is set by 
default. MIMECONV="" will make it compatible with former versions.
02/22 10:01:24.27 [3620] 2+0: dirfopen(E:/Program 
Files/DeleGate/log/errors.log,a): 67f800 [26]
02/22 10:01:24.27 [3620] 2+0: dirfopen(E:/Program 
Files/DeleGate/log/abort/8026,a): 67f820 [27]
02/22 10:01:24.27 [3620] 2+0: #### newRoute[NOTIFYPLTFM] 0/16
02/22 10:01:24.27 [3620] 2+0: [0] NOTIFYPLTFM=://:0-_-{}:{}
02/22 10:01:24.27 [3620] 2+0: #### newRoute[CMAP] 0/16
02/22 10:01:24.27 [3620] 2+0: [0] CMAP={localhost/21}AuthServer{*}:{*}:{*}
02/22 10:01:24.27 [3620] 2+0: REMITTABLE bound by SERVER: telnet/23
02/22 10:01:24.27 [3620] 2+0: #### newRoute[REMITTABLE] 0/16
02/22 10:01:24.27 [3620] 2+0: [0] REMITTABLE={}{telnet/23}:{*}:{*}
02/22 10:01:24.27 [3620] 2+0: #### newRoute[RELIABLE] 0/16
02/22 10:01:24.27 [3620] 2+0: [0] RELIABLE=://:0-_-{}:{}
02/22 10:01:24.27 [3620] 2+0: #### newRoute[CMAP] 1/16
02/22 10:01:24.27 [3620] 2+0: [1] 
CMAP={delegate,vhost,nojava}relay{*}:{*}:{.localnet}
02/22 10:01:24.27 [3620] 2+0: #### newRoute[CMAP] 2/16
02/22 10:01:24.27 [3620] 2+0: [2] CMAP={proxy}relay{*}:{*}:{*}
02/22 10:01:24.27 [3620] 2+0: ## SSLway CFI_TYPE=FCL: -ac is assumed
02/22 10:01:24.27 [3620] 2+0: ## SSLway start
02/22 10:01:24.29 [3448] 2+0: *** gethostbyname(192.168.10.6) -> 
byaddr(4,2)
02/22 10:01:24.29 [3448] 2+0: TMPFILE(regGetResolvConf) = (23) E:/Program 
Files/DeleGate/tmp/dg3448.1.1140595284
02/22 10:01:24.29 [3448] 2+0: >>>TMPFILE(regGetResolvConf)>>>67f860[23]
02/22 10:01:24.29 [3448] 2+0: {R} dup. RES_NS[0]=194.137.58.2:53 ignored
02/22 10:01:24.29 [3448] 2+0: HOSTS[6]=/192.168.10.6 
02/22 10:01:24.29 [3448] 2+0: TMPFILE(NULLFP) = (23) E:/Program 
Files/DeleGate/tmp/dg3448.2.1140595284
02/22 10:01:24.29 [3448] 2+0: >>>TMPFILE(NULLFP)>>>67f860[23]
02/22 10:01:24.29 [3448] 2+0: *** gethostbyname(192.168.10.6) -> 
byaddr(4,2)
02/22 10:01:24.29 [3620] 2+0: ## SSLway new ctx #4118756 B921D8
02/22 10:01:24.29 [3448] 2+0: DC[  1] f1:241 NOP
02/22 10:01:24.29 [3620] 2+0: ### [0] server-key.pem 0
02/22 10:01:24.29 [3448] 2+0: *** gethostbyname(192.168.10.6) -> 
byaddr(4,2)
02/22 10:01:24.29 [3620] 2+0: ### [1] C:\WINDOWS\system32\server-key.pem 0
02/22 10:01:24.29 [3620] 2+0: ### [2] E:/Program 
Files/DeleGate/lib\server-key.pem 0
02/22 10:01:24.29 [3620] 2+0: ### [3] E:\download\delegate\server-key.pem 
67f840
02/22 10:01:24.29 [3620] 2+0: ### [0] server-cert.pem 0
02/22 10:01:24.29 [3620] 2+0: ### [1] C:\WINDOWS\system32\server-cert.pem 
0
02/22 10:01:24.29 [3620] 2+0: ### [2] E:/Program 
Files/DeleGate/lib\server-cert.pem 0
02/22 10:01:24.29 [3620] 2+0: ### [3] E:\download\delegate\server-cert.pem 
67f840
02/22 10:01:24.29 [3620] 2+0: ## SSLway certfile loaded: 
E:\download\delegate\server-cert.pem
02/22 10:01:24.29 [3620] 2+0: ## SSLway keyfile loaded: 
E:\download\delegate\server-key.pem
02/22 10:01:24.29 [3620] 2+0: ## SSLway -- 0.000000 start
02/22 10:01:24.29 [3620] 2+0: ## SSLway -- 0.000000 init done
02/22 10:01:24.29 [3620] 2+0: ## SSLway -- 0.000000 begin args
02/22 10:01:24.29 [3620] 2+0: ## SSLway -- 0.000000 end args
02/22 10:01:24.29 [3620] 2+0: ## SSLway -- 0.000000 end rand_seed
02/22 10:01:24.29 [3620] 2+0: ## SSLway -- 0.000000 start con/acc
02/22 10:01:24.29 [3620] 2+0: ## SSLway -- 0.000000 before ssl_new
02/22 10:01:24.29 [3620] 2+0: ## SSLway -- 0.015000 after ssl_new
02/22 10:01:24.29 [3620] 2+0: ## SSLway -- 0.015000 before loadContext
02/22 10:01:24.29 [3620] 2+0: ## SSLway -- 0.015000 after loadContext
02/22 10:01:24.29 [3620] 2+0: ## SSLway -- 0.015000 start relay ...
02/22 10:01:24.29 [3620] 2+0: ## SSLway initialized ctx #0000000 0 X
02/22 10:01:24.29 [3620] 2+0: ### [0] gzip 0
02/22 10:01:24.29 [3620] 2+0: ### [1] E:\download\delegate\gzip 0
02/22 10:01:24.29 [3620] 2+0: ### [2] E:/Program Files/DeleGate/lib\gzip 0
02/22 10:01:24.29 [3620] 2+0: ### [3] gzip 0
02/22 10:01:24.29 [3620] 2+0: ### [4] E:/Program Files/DeleGate/etc\gzip 0
02/22 10:01:24.29 [3620] 2+0: ### [0] C:\Program Files\Windows Resource 
Kits\Tools;C:\WINDOWS\system32\gzip 0
02/22 10:01:24.29 [3620] 2+0: ### [1] C:\WINDOWS\gzip 0
02/22 10:01:24.29 [3620] 2+0: ### [2] C:\WINDOWS\System32\Wbem\gzip 0
02/22 10:01:24.29 [3620] 2+0: ### [3] C:\Program Files\Microsoft SQL 
Server\80\Tools\Binn\gzip 0
02/22 10:01:24.29 [3620] 2+0: ### [0] gzip.exe 0
02/22 10:01:24.29 [3620] 2+0: ### [1] E:\download\delegate\gzip.exe 0
02/22 10:01:24.29 [3620] 2+0: ### [2] E:/Program 
Files/DeleGate/lib\gzip.exe 0
02/22 10:01:24.29 [3620] 2+0: ### [3] gzip.exe 0
02/22 10:01:24.29 [3620] 2+0: ### [4] E:/Program 
Files/DeleGate/etc\gzip.exe 0
02/22 10:01:24.29 [3620] 2+0: ### [0] C:\Program Files\Windows Resource 
Kits\Tools;C:\WINDOWS\system32\gzip.exe 0
02/22 10:01:24.29 [3620] 2+0: ### [1] C:\WINDOWS\gzip.exe 0
02/22 10:01:24.29 [3620] 2+0: ### [2] C:\WINDOWS\System32\Wbem\gzip.exe 0
02/22 10:01:24.29 [3620] 2+0: ### [3] C:\Program Files\Microsoft SQL 
Server\80\Tools\Binn\gzip.exe 0
02/22 10:01:24.29 [3620] 2+0: ### [0] gunzip 0
02/22 10:01:24.29 [3620] 2+0: ### [1] E:\download\delegate\gunzip 0
02/22 10:01:24.29 [3620] 2+0: ### [2] E:/Program Files/DeleGate/lib\gunzip 
0
02/22 10:01:24.29 [3620] 2+0: ### [3] gunzip 0
02/22 10:01:24.29 [3620] 2+0: ### [4] E:/Program Files/DeleGate/etc\gunzip 
0
02/22 10:01:24.29 [3620] 2+0: ### [0] C:\Program Files\Windows Resource 
Kits\Tools;C:\WINDOWS\system32\gunzip 0
02/22 10:01:24.29 [3620] 2+0: ### [1] C:\WINDOWS\gunzip 0
02/22 10:01:24.29 [3620] 2+0: ### [2] C:\WINDOWS\System32\Wbem\gunzip 0
02/22 10:01:24.29 [3620] 2+0: ### [3] C:\Program Files\Microsoft SQL 
Server\80\Tools\Binn\gunzip 0
02/22 10:01:24.29 [3620] 2+0: ### [0] gunzip.exe 0
02/22 10:01:24.29 [3620] 2+0: ### [1] E:\download\delegate\gunzip.exe 0
02/22 10:01:24.29 [3620] 2+0: ### [2] E:/Program 
Files/DeleGate/lib\gunzip.exe 0
02/22 10:01:24.29 [3620] 2+0: ### [3] gunzip.exe 0
02/22 10:01:24.29 [3620] 2+0: ### [4] E:/Program 
Files/DeleGate/etc\gunzip.exe 0
02/22 10:01:24.29 [3620] 2+0: ### [0] C:\Program Files\Windows Resource 
Kits\Tools;C:\WINDOWS\system32\gunzip.exe 0
02/22 10:01:24.29 [3620] 2+0: ### [1] C:\WINDOWS\gunzip.exe 0
02/22 10:01:24.29 [3620] 2+0: ### [2] C:\WINDOWS\System32\Wbem\gunzip.exe 
0
02/22 10:01:24.29 [3620] 2+0: ### [3] C:\Program Files\Microsoft SQL 
Server\80\Tools\Binn\gunzip.exe 0
02/22 10:01:24.29 [3620] 2+0: S[www.delegate.org] = UP[]U[]P[] + 
HP[www.delegate.org]H[www.delegate.org]P[]
02/22 10:01:24.29 [3620] 2+0: MOUNT HOST www.delegate.org=210.155.199.28
02/22 10:01:24.29 [3620] 2+0: [1] MOUNT=/-/ext/builtin/ 
http://www.delegate.org[210.155.199.28]:80/delegate/ext/builtin/ 
default,verify=rsa:config-data@id.delegate.org
02/22 10:01:24.29 [3620] 2+0: EXEC START: 24 25 func=4512c6 arg[FCL 
0/1671/0 sslway -vd]
02/22 10:01:24.29 [3620] 2+0: #### newRoute[USERIDENT] 0/16
02/22 10:01:24.29 [3620] 2+0: [0] USERIDENT=://:0-_-{}:{}
02/22 10:01:24.29 [3620] 2+0: -- SockHost: [192.168.255.2] ssh:8026
02/22 10:01:24.29 [3620] 2+0: [FCL] callFilter2: 24=1 25=1 sslway -vd
02/22 10:01:24.29 [3620] 2+0: ## SSLway CFI_TYPE=FCL: -ac is assumed
02/22 10:01:24.29 [3620] 2+0: ## SSLway start
02/22 10:01:24.29 [3620] 2+0: TCP_NODELAY[28] 0 -> 1
02/22 10:01:24.29 [3620] 2+0: TCP_NODELAY[29] 0 -> 1
02/22 10:01:24.29 [3620] 2+0: ## SSLway reuse ctx #4118756 B921D8
02/22 10:01:24.37 [3184] 2+0: AcceptByMain: start polling(15000)[14]...
02/22 10:01:24.76 [3620] 2+0: ## SSLway accepted
02/22 10:01:24.76 [3620] 2+0: ## SSLway ## 0.469000 sescache[1] HIT=0 sR=0 
cR=1
02/22 10:01:24.76 [3620] 2+0: ## SSLway -- 0.000000 start
02/22 10:01:24.76 [3620] 2+0: ## SSLway -- 0.000000 init done
02/22 10:01:24.76 [3620] 2+0: ## SSLway -- 0.000000 begin args
02/22 10:01:24.76 [3620] 2+0: ## SSLway -- 0.000000 end args
02/22 10:01:24.76 [3620] 2+0: ## SSLway -- 0.000000 nodelay set
02/22 10:01:24.76 [3620] 2+0: ## SSLway -- 0.000000 start con/acc
02/22 10:01:24.76 [3620] 2+0: ## SSLway -- 0.000000 ssl_acc() start
02/22 10:01:24.76 [3620] 2+0: ## SSLway -- 0.000000 loadSession OK
02/22 10:01:24.76 [3620] 2+0: ## SSLway -- 0.000000 before accept
02/22 10:01:24.76 [3620] 2+0: ## SSLway -- 0.469000 after accept
02/22 10:01:24.76 [3620] 2+0: ## SSLway -- 0.469000 saveSession OK
02/22 10:01:24.76 [3620] 2+0: ## SSLway -- 0.469000 start relay ...
02/22 10:01:24.76 [3620] 2+0: ## SSLway client's cert. = NONE
02/22 10:01:24.76 [3620] 2+0: ## SSLway S-C: 70/70 -> 70/SSL
02/22 10:01:25.01 [3620] 2+0: ## SSLway C-S: 9/9 -> 9
02/22 10:01:25.01 [3448] 2+0: WONT-Echo [client-says:none,none], Half=1(1)
02/22 10:01:25.01 [3448] 2+0: CD 66
02/22 10:01:25.01 [3448] 2+0: CD 46
02/22 10:01:25.02 [3448] 2+0: CD 77
02/22 10:01:25.02 [3448] 2+0: CD 73
02/22 10:01:25.02 [3448] 2+0: CD 58
02/22 10:01:25.02 [3448] 2+0: CD 62
02/22 10:01:25.02 [3448] 2+0: CD 71
02/22 10:01:25.02 [3448] 2+0: CD 78
02/22 10:01:25.02 [3448] 2+0: CD d
02/22 10:01:25.02 [3448] 2+0: EOL char = d
02/22 10:01:25.02 [3448] 2+0: DC[  2] 01:  1 WILL Echo
02/22 10:01:25.02 [3448] 2+0: DC[  2] 03:  3 WILL SuppressGoAhead
02/22 10:01:25.02 [3620] 2+0: ## SSLway S-C: 25/25 -> 25/SSL
02/22 10:01:25.23 [3620] 2+0: ## SSLway C-S: 9/9 -> 9
02/22 10:01:25.23 [3448] 2+0: WONT-Echo [client-says:none,none], Half=1(1)
02/22 10:01:25.23 [3448] 2+0: CD 4c
02/22 10:01:25.23 [3448] 2+0: CD 37
02/22 10:01:25.23 [3620] 2+0: ## SSLway S-C: 1/1 -> 1/SSL
02/22 10:01:25.23 [3448] 2+0: CD 78
02/22 10:01:25.23 [3448] 2+0: CD 54
02/22 10:01:25.23 [3620] 2+0: ## SSLway S-C: 3/3 -> 3/SSL
02/22 10:01:25.23 [3448] 2+0: CD 4d
02/22 10:01:25.23 [3448] 2+0: CD 41
02/22 10:01:25.23 [3620] 2+0: ## SSLway S-C: 2/2 -> 2/SSL
02/22 10:01:25.23 [3448] 2+0: CD 32
02/22 10:01:25.23 [3448] 2+0: CD 66
02/22 10:01:25.23 [3448] 2+0: CD d
02/22 10:01:25.23 [3448] 2+0: EOL char = d
02/22 10:01:25.23 [3620] 2+0: ## SSLway S-C: 2/2 -> 2/SSL
02/22 10:01:25.23 [3448] 2+0: Authorizer: ftp://localhost/21:21 -> 
xxx://localhost:21
02/22 10:01:25.23 [3448] 2+0: AUTH_CACHE 0 ftp://fFwsXbqx@localhost:21
02/22 10:01:25.23 [3448] 2+0: expfopen: E:/Program 
Files/DeleGate/adm/authorizer/localhost/ce7352bbeca0a5676f581d8a34a65217-cache
02/22 10:01:25.23 [3448] 2+0: [0.00,37][AUTH cache-VALID: 37 < 180] 
E:/Program 
Files/DeleGate/adm/authorizer/localhost/ce7352bbeca0a5676f581d8a34a65217-cache
02/22 10:01:25.23 [3448] 2+0: cached auth OK: fFwsXbqx@localhost
02/22 10:01:25.23 [3448] 2+0: ## Auth/FTP = 1 <fFwsXbqx:****@localhost/21>
02/22 10:01:25.23 [3448] 2+0: ##[doAUTH] set ClientAuth 
[fFwsXbqx@localhost/21]
(WIN) 01:25.231 [3448] dup2(0000/0000/0X,-1/0/22)
(WIN) 01:25.231 [3448] dup2(0000/0000/0X,-1/0/22)
02/22 10:01:25.23 [3620] 2+0: ## SSLway S-C: 63/63 -> 63/SSL
02/22 10:01:25.23 [3448] 2+0: #### newRoute[REACHABLE] 0/16
02/22 10:01:25.23 [3448] 2+0: [0] REACHABLE=://:0-_-{}:{}
02/22 10:01:25.23 [3448] 2+0: PERMITTED: telnet://192.168.10.6
02/22 10:01:25.23 [3448] 2+0: dirfopen(E:/Program 
Files/DeleGate/act/servers/cc/telnet-anonymous-192.168.10.6-23-0,r+): 0 
[-1]
02/22 10:01:25.23 [3448] 2+0: ConnectToServer: 
DFLT=telnet://192.168.10.6:23 REAL=://:0
02/22 10:01:25.23 [3448] 2+0: ConnectToServer connect 
telnet://192.168.10.6:23
02/22 10:01:25.23 [3448] 2+0: connectTO: assume in non-blocking mode
(WIN) 01:25.231 [3448] setNonblockingSocket(24,1)=0
(WIN) 01:25.231 [3448] setNonblockingSocket(24,0)=0
02/22 10:01:25.24 [3448] 2+0: ConnectToServer connected [24] 
{192.168.10.6:23 <- 192.168.10.50:1675} [0.015s]
02/22 10:01:25.24 [3448] 2+0: KeepAlive[24] = 1
02/22 10:01:25.24 [3448] 2+0: willSTLS_SV: ServerFlags=10
02/22 10:01:25.26 [3448] 2+0: DC[  1] f1:241 NOP
02/22 10:01:25.26 [3448] 2+0: buffer: CS=8192[22>24] SC=8192[24>22] 
(Polling)
02/22 10:01:25.26 [3620] 2+0: ## SSLway S-C: 2/2 -> 2/SSL
02/22 10:01:25.57 [3620] 2+0: ## SSLway C-S: 273/273 -> 273
02/22 10:01:26.04 [3620] 2+0: ## SSLway S-C: 128/128 -> 128/SSL
02/22 10:01:26.05 [3620] 2+0: ## SSLway S-C: 23/23 -> 23/SSL
02/22 10:01:26.16 [3620] 2+0: ## SSLway C-S EOF from the client
02/22 10:01:26.16 [3620] 2+0: ## SSLway C>> shutdown from client: 2
02/22 10:01:26.16 [3620] 2+0: ## SSLway C<< return shutdown to client
02/22 10:01:26.16 [3620] 2+0: ## SSLway done
(WIN) 01:26.168 [3448] -- SOCKET recv(22)=0 error=0 [0.000]
02/22 10:01:26.16 [3448] 2+0: sock=22 read=0, errno=0
02/22 10:01:26.18 [3448] 2+0: CS-EOF
02/22 10:01:26.18 [3448] 2+0: CS-RELAY[22>24]: 273Bytes 1I/O buf=8192
02/22 10:01:26.18 [3448] 2+0: SC-RELAY[22<24]: 151Bytes 2I/O buf=8192
02/22 10:01:26.18 [3448] 2+0: dirfopen(E:/Program 
Files/DeleGate/act/clients/26/194.252.66.15..ekmgw.ekm.fi,r+): 67f840 [22]
02/22 10:01:26.18 [3448] 2+0: disconnected [5] 
-@[194.252.66.15]ekmgw.ekm.fi:57749 (1.937s)(0)
(WIN) 01:26.184 [3448] wait3(N) = 1844 [3620] 0, children(alive=0,total=1) 
0.00s
02/22 10:01:26.18 [3448] 2+0: CFI process [1844] done (1/1 AFT-0)
02/22 10:01:34.15 [3184] 2+0: TERMINATE...
02/22 10:01:34.15 [3184] 2+0: DGAuth: ERROR getCkey(), ekeyFd=-1
02/22 10:01:34.15 [3184] 2+0: StickyKill(15): 0/0 killed
02/22 10:01:34.15 [3184] 2+0: unlinked E:/Program 
Files/DeleGate/work/8026/3184
02/22 10:01:34.15 [3184] 2+0: removed E:/Program Files/DeleGate/work/8026/
02/22 10:01:34.15 [3184] 2+0: dirfopen(E:/Program 
Files/DeleGate/act/pid/8026,r): 67f8e0 [20]
(WIN) 01:34.151 [3184] wait3(N) = 380 [3448] 0, children(alive=0,total=2) 
0.00s
02/22 10:01:34.16 [3184] 2+0: (0) process [380] dead
02/22 10:01:34.18 [3184] 2+0: AcceptByMain: break on TERMINATE.
02/22 10:01:34.18 [3184] 2+0: main loop break on TERMINATE.
02/22 10:01:34.18 [3184] 2+0: _main() done
02/22 10:01:34.18 [3184] 2+0: SetStatus: STOPPED
02/22 10:01:34.18 [3184] 2+0: TERMINATED.
02/22 10:01:34.18 [3184] 2+0: SetStatus: STOP


Best regards
-------------------------------------------------------------------------------
Johan Bäck
Network Manager

Oy EKM Service Ab
Bangatan 10 - 10600 Ekenäs -Finland
Tel: 000-000 0001 Fax: 000-000 0001
GSM: 000-000 0001
e-mail: peqgabdyi-6rjyzcltgs3r.ml@ml.delegate.org

http://www.ekm.fi
http://www.surfnet.fi



feedback@delegate.org (Yutaka Sato) 
20.02.2006 17:05
Please respond to
feedback@delegate.org


To
feedback@delegate.org
cc
peqgabdyi-6rjyzcltgs3r.ml@ml.delegate.org
Subject
Re: [DeleGate-En:3143] SSL disconnect problem






Hi,

In message 
<_A3136@delegate-en.ML_> on 
02/17/06(17:39:15)
you peqgabdyi-6rjyzcltgs3r.ml@ml.delegate.org wrote:
 |I can't see any "half_duplex" in the logs.
 |
 |We are using delegate to protect telnet clients with ssl,  we are 
 |using/starting delegate as following
 |
 |dg9_0_4.exe -P8039 ADMIN="jback@ekm..fi" SERVER=telnet://192.168.10.30 
 |FCL="sslway" RELIABLE="*"  AUTHORIZER="localhost/21"
 |
 |Below are the captured Encrypted Alert that delegate does not 
understand, 
 |when delegate receive this alert it should close the connection.

I'm a little confused because your first mail was about a connection for
"https" protocol.  Anyway as you pointed it out, echoing shutdown against
shutdown from the peer has not been supported in SSLway.
So I made a modification for 9.0.6-pre3 to do it, and uploaded a modified
version as dg9_0_6-pre3fix1.exe at 
ftp://ftp.delegate.org/pub/DeleGate/tmp/.
I hope it will solve your problem.  The "-vd" option both for DeleGate
and SSLway will show us detailed log of Telnet and SSL respectively.

  dg9_0_6-pre3fix1.exe -w -vd ... FCL="sslway -vd" ...

On my WinXP machine, when a Telnet/TCP connection is closed from the
client-side, it puts a log like this:

  02/20 23:46:05.46 [256] 1+0: ## SSLway C>> shutdown from client: 2
  02/20 23:46:05.46 [256] 1+0: ## SSLway C<< return shutdown to client

Cheers,
Yutaka
--
  D G   Yutaka Sato <y.sato@delegate.org> http://delegate.org/y.sato/
 ( - )  National Institute of Advanced Industrial Science and Technology
_<   >_ 1-1-4 Umezono, Tsukuba, Ibaraki, 305-8568 Japan
Do the more with the less -- B. Fuller

02/20 23:45:57.64 [336] 0+0: --INITIALIZATION START: 9.0.6-pre3fix1 on 
WindowsNT--
...
02/20 23:45:57.75 [336] 0+0: --- [ssleay32.dll] 10000000 ssleay32.dll
02/20 23:45:57.75 [336] 0+0: ---- [ssleay32.dll] loaded 89 syms, 
unknown=40, already=0
02/20 23:45:57.75 [336] 0+0: --- [libeay32.dll] D40000 libeay32.dll
02/20 23:45:57.75 [336] 0+0: ---- [libeay32.dll] loaded 89 syms, 
unknown=0, already=48
02/20 23:45:57.75 [336] 0+0: ---- unknown = 0, already = 48 / 89
02/20 23:45:57.75 [336] 0+0: ## SSLway CFI_TYPE=FCL: -ac is assumed
...
02/20 23:46:01.79 [3124] 1+0: (0) accepted [6] 
-@[192.168.1.10]192.168.1.10:51026 (0.047s)(41)
...
02/20 23:46:02.07 [3124] 1+0: SC[  2] 18: 24 DO   TerminalType
02/20 23:46:02.07 [3124] 1+0: SC[  5] 20: 32 DO   TerminalSpeed
02/20 23:46:02.07 [3124] 1+0: SC[  8] 23: 35 DO   XDisplayLocation
02/20 23:46:02.07 [3124] 1+0: SC[ 11] 27: 39 DO   39
02/20 23:46:02.14 [256] 1+0: ## SSLway accepted
02/20 23:46:02.14 [256] 1+0: ## SSLway ## 0.140000 sescache[0] HIT=0 sR=0 
cR=1
02/20 23:46:02.14 [256] 1+0: ## SSLway -- 0.000000 start
02/20 23:46:02.14 [256] 1+0: ## SSLway -- 0.000000 init done
02/20 23:46:02.14 [256] 1+0: ## SSLway -- 0.000000 begin args
02/20 23:46:02.14 [256] 1+0: ## SSLway -- 0.000000 end args
02/20 23:46:02.14 [256] 1+0: ## SSLway -- 0.000000 nodelay set
02/20 23:46:02.14 [256] 1+0: ## SSLway -- 0.000000 start con/acc
02/20 23:46:02.14 [256] 1+0: ## SSLway -- 0.000000 ssl_acc() start
02/20 23:46:02.14 [256] 1+0: ## SSLway -- 0.000000 before accept
02/20 23:46:02.14 [256] 1+0: ## SSLway -- 0.140000 after accept
02/20 23:46:02.14 [256] 1+0: ## SSLway -- 0.140000 saveSession OK
02/20 23:46:02.14 [256] 1+0: ## SSLway -- 0.140000 start relay ...
02/20 23:46:02.14 [256] 1+0: ## SSLway client's cert. = NONE
02/20 23:46:02.14 [256] 1+0: ## SSLway S-C: 14/14 -> 14/SSL
02/20 23:46:02.16 [256] 1+0: ## SSLway C-S: 12/12 -> 12
02/20 23:46:02.16 [3124] 1+0: CS Client-Says WILL TerminalType
02/20 23:46:02.16 [3124] 1+0: CS[  2] 18: 24 WILL TerminalType
02/20 23:46:02.16 [3124] 1+0: CS[  5] 20: 32 WILL TerminalSpeed
02/20 23:46:02.16 [3124] 1+0: CS[  8] 23: 35 WONT XDisplayLocation
02/20 23:46:02.16 [3124] 1+0: CS[ 11] 27: 39 WILL 39
02/20 23:46:02.16 [3124] 1+0: SC[  5] f0:240 SB,TerminalSpeed,1,IAC,SE
02/20 23:46:02.16 [3124] 1+0: SC[ 11] f0:240 SB,39,1,IAC,SE
02/20 23:46:02.16 [3124] 1+0: SC[ 17] f0:240 SB,TerminalType,1,IAC,SE
02/20 23:46:02.16 [256] 1+0: ## SSLway S-C: 18/18 -> 18/SSL
02/20 23:46:02.16 [256] 1+0: ## SSLway C-S: 44/44 -> 44
02/20 23:46:02.16 [3124] 1+0: CS[ 14] f0:240 
SB,TerminalSpeed,0,9600,9600,IAC,SE
02/20 23:46:02.16 [3124] 1+0: CS[ 32] f0:240 
SB,39,0,0,USER,1,yutaka,IAC,SE
02/20 23:46:02.16 [3124] 1+0: CS[ 43] f0:240 
SB,TerminalType,0,VT320,IAC,SE
02/20 23:46:02.16 [3124] 1+0: SC[  2] 03:  3 WILL SuppressGoAhead
02/20 23:46:02.16 [3124] 1+0: SC[  5] 01:  1 DO   Echo
02/20 23:46:02.16 [3124] 1+0: SC[  8] 1f: 31 DO   NegotiateAboutWindowSize
02/20 23:46:02.16 [3124] 1+0: SC[ 11] 05:  5 WILL GiveStatus
02/20 23:46:02.16 [3124] 1+0: SC[ 14] 21: 33 DO   RemoteFlowControl
02/20 23:46:02.16 [256] 1+0: ## SSLway S-C: 15/15 -> 15/SSL
02/20 23:46:02.16 [3124] 1+0: CS[  2] 03:  3 DO   SuppressGoAhead
02/20 23:46:02.16 [3124] 1+0: CS[  5] 01:  1 WONT Echo
02/20 23:46:02.16 [3124] 1+0: CS[  8] 1f: 31 WILL NegotiateAboutWindowSize
02/20 23:46:02.16 [3124] 1+0: CS[ 17] f0:240 
SB,NegotiateAboutWindowSize,0,P,0,2,IAC,SE
02/20 23:46:02.16 [3124] 1+0: CS[ 20] 05:  5 DO   GiveStatus
02/20 23:46:02.16 [3124] 1+0: CS[ 23] 21: 33 WILL RemoteFlowControl
02/20 23:46:02.16 [256] 1+0: ## SSLway C-S: 24/24 -> 24
02/20 23:46:02.18 [3124] 1+0: SC[  2] 01:  1 WILL Echo
02/20 23:46:02.18 [256] 1+0: ## SSLway S-C: 3/3 -> 3/SSL
02/20 23:46:02.18 [256] 1+0: ## SSLway C-S: 3/3 -> 3
02/20 23:46:02.18 [3124] 1+0: CS[  2] 01:  1 DO   Echo
02/20 23:46:02.18 [256] 1+0: ## SSLway S-C: 10/10 -> 10/SSL
02/20 23:46:05.46 [256] 1+0: ## SSLway C-S EOF from the client
02/20 23:46:05.46 [256] 1+0: ## SSLway C>> shutdown from client: 2
02/20 23:46:05.46 [256] 1+0: ## SSLway C<< return shutdown to client
02/20 23:46:05.46 [256] 1+0: ## SSLway done
(WIN) 46:05.493 [3124] -- SOCKET recv(23)=0 error=0 [0.000]
02/20 23:46:05.49 [3124] 1+0: sock=23 read=0, errno=9
02/20 23:46:05.49 [3124] 1+0: CS-EOF
02/20 23:46:05.49 [3124] 1+0: CS-RELAY[23>24]: 83Bytes 4I/O buf=8192
02/20 23:46:05.49 [3124] 1+0: SC-RELAY[23<24]: 58Bytes 5I/O buf=8192
02/20 23:46:05.49 [3124] 1+0: dirfopen(C:/Program 
Files/DeleGate/act/clients/21/192.168.1.10..192.168.1.10,r+): 67f860 [23]
02/20 23:46:05.49 [3124] 1+0: disconnected [6] 
-@[192.168.1.10]192.168.1.10:51026 (3.750s)(40)
(WIN) 46:05.602 [3124] wait3(N) = 1652 [256] 0, children(alive=0,total=1) 
0.00s
02/20 23:46:05.60 [3124] 1+0: CFI process [1652] done (1/1 AFT-1)
02/20 23:46:08.30 [336] 1+0: DGAuth: ERROR getCkey(), ekeyFd=-1
02/20 23:46:08.30 [336] 1+0: DeleGate SERVER EXITS: caught SIGINT [2]
02/20 23:46:08.30 [336] 1+0: Killpg(336,15)
(WIN) 46:08.306 [336] kill(-336,15) = -1, failed GetExitCodeProcess()
(WIN) 46:08.306 [336] wait3(N) = 1648 [3124] 0, children(alive=0,total=1) 
0.00s
  admin search upper oldest olders older1 this newer1 newers latest
[Top/Up] [oldest] - [Older+chunk] - [Newer+chunk] - [newest + Check]
@_@V