Infinite loop in doh2
Making a request with cURL to the /dns-query endpoint without any parameters produces an infinite loop.
This is the simplest configuration I have found that reproduces the issue in Knot Resolver 5.4.4 in Debian 11.
log_level('debug')
net.listen('127.0.0.1', 443, { kind = 'doh2' })
kresd --config /etc/knot-resolver/kresd.conf
kresd --config /etc/knot-resolver/kresd.conf[system] loading config '/usr/lib/knot-resolver/postconfig.lua' (workdir '/')
[system] running as root, no capabilities dropped
Interactive mode:
> [plan ][00000.00] plan '.' type 'NS' uid [65536.00]
[iterat][65536.00] '.' type 'NS' new uid was assigned .01, parent uid .00
[cache ][65536.01] => satisfied by exact RRset: rank 060, new TTL 517436
[iterat][65536.01] <= rcode: NOERROR
[valdtr][65536.01] <= answer valid, OK
[resolv][65536.01] AD: request classified as SECURE
[resolv][65536.01] finished in state: 4, queries: 1, mempool: 81952 B
[plan ][00000.00] plan 'a.root-servers.net.' type 'A' uid [65537.00]
[iterat][65537.00] 'a.root-servers.net.' type 'A' new uid was assigned .01, parent uid .00
[cache ][65537.01] => satisfied by exact RRset: rank 030, new TTL 517436
[iterat][65537.01] <= rcode: NOERROR
[resolv][65537.01] AD: request NOT classified as SECURE
[resolv][65537.01] finished in state: 4, queries: 1, mempool: 81952 B
[plan ][00000.00] plan 'a.root-servers.net.' type 'AAAA' uid [65538.00]
[iterat][65538.00] 'a.root-servers.net.' type 'AAAA' new uid was assigned .01, parent uid .00
[cache ][65538.01] => satisfied by exact RRset: rank 030, new TTL 517436
[iterat][65538.01] <= rcode: NOERROR
[resolv][65538.01] AD: request NOT classified as SECURE
[resolv][65538.01] finished in state: 4, queries: 1, mempool: 81952 B
[plan ][00000.00] plan 'b.root-servers.net.' type 'A' uid [65539.00]
[iterat][65539.00] 'b.root-servers.net.' type 'A' new uid was assigned .01, parent uid .00
[cache ][65539.01] => satisfied by exact RRset: rank 030, new TTL 517436
[iterat][65539.01] <= rcode: NOERROR
[resolv][65539.01] AD: request NOT classified as SECURE
[resolv][65539.01] finished in state: 4, queries: 1, mempool: 81952 B
[plan ][00000.00] plan 'b.root-servers.net.' type 'AAAA' uid [65540.00]
[iterat][65540.00] 'b.root-servers.net.' type 'AAAA' new uid was assigned .01, parent uid .00
[cache ][65540.01] => satisfied by exact RRset: rank 030, new TTL 517436
[iterat][65540.01] <= rcode: NOERROR
[resolv][65540.01] AD: request NOT classified as SECURE
[resolv][65540.01] finished in state: 4, queries: 1, mempool: 81952 B
[plan ][00000.00] plan 'c.root-servers.net.' type 'A' uid [65541.00]
[iterat][65541.00] 'c.root-servers.net.' type 'A' new uid was assigned .01, parent uid .00
[cache ][65541.01] => satisfied by exact RRset: rank 030, new TTL 517436
[iterat][65541.01] <= rcode: NOERROR
[resolv][65541.01] AD: request NOT classified as SECURE
[resolv][65541.01] finished in state: 4, queries: 1, mempool: 81952 B
[plan ][00000.00] plan 'c.root-servers.net.' type 'AAAA' uid [65542.00]
[iterat][65542.00] 'c.root-servers.net.' type 'AAAA' new uid was assigned .01, parent uid .00
[cache ][65542.01] => satisfied by exact RRset: rank 030, new TTL 517436
[iterat][65542.01] <= rcode: NOERROR
[resolv][65542.01] AD: request NOT classified as SECURE
[resolv][65542.01] finished in state: 4, queries: 1, mempool: 81952 B
[plan ][00000.00] plan 'd.root-servers.net.' type 'A' uid [65543.00]
[iterat][65543.00] 'd.root-servers.net.' type 'A' new uid was assigned .01, parent uid .00
[cache ][65543.01] => satisfied by exact RRset: rank 030, new TTL 517436
[iterat][65543.01] <= rcode: NOERROR
[resolv][65543.01] AD: request NOT classified as SECURE
[resolv][65543.01] finished in state: 4, queries: 1, mempool: 81952 B
[plan ][00000.00] plan 'd.root-servers.net.' type 'AAAA' uid [65544.00]
[iterat][65544.00] 'd.root-servers.net.' type 'AAAA' new uid was assigned .01, parent uid .00
[cache ][65544.01] => satisfied by exact RRset: rank 030, new TTL 517436
[iterat][65544.01] <= rcode: NOERROR
[resolv][65544.01] AD: request NOT classified as SECURE
[resolv][65544.01] finished in state: 4, queries: 1, mempool: 81952 B
[plan ][00000.00] plan 'e.root-servers.net.' type 'A' uid [65545.00]
[iterat][65545.00] 'e.root-servers.net.' type 'A' new uid was assigned .01, parent uid .00
[cache ][65545.01] => satisfied by exact RRset: rank 030, new TTL 517436
[iterat][65545.01] <= rcode: NOERROR
[resolv][65545.01] AD: request NOT classified as SECURE
[resolv][65545.01] finished in state: 4, queries: 1, mempool: 81952 B
[plan ][00000.00] plan 'e.root-servers.net.' type 'AAAA' uid [65546.00]
[iterat][65546.00] 'e.root-servers.net.' type 'AAAA' new uid was assigned .01, parent uid .00
[cache ][65546.01] => satisfied by exact RRset: rank 030, new TTL 517436
[iterat][65546.01] <= rcode: NOERROR
[resolv][65546.01] AD: request NOT classified as SECURE
[resolv][65546.01] finished in state: 4, queries: 1, mempool: 81952 B
[plan ][00000.00] plan 'f.root-servers.net.' type 'A' uid [65547.00]
[iterat][65547.00] 'f.root-servers.net.' type 'A' new uid was assigned .01, parent uid .00
[cache ][65547.01] => satisfied by exact RRset: rank 030, new TTL 517436
[iterat][65547.01] <= rcode: NOERROR
[resolv][65547.01] AD: request NOT classified as SECURE
[resolv][65547.01] finished in state: 4, queries: 1, mempool: 81952 B
[plan ][00000.00] plan 'f.root-servers.net.' type 'AAAA' uid [65548.00]
[iterat][65548.00] 'f.root-servers.net.' type 'AAAA' new uid was assigned .01, parent uid .00
[cache ][65548.01] => satisfied by exact RRset: rank 030, new TTL 517493
[iterat][65548.01] <= rcode: NOERROR
[resolv][65548.01] AD: request NOT classified as SECURE
[resolv][65548.01] finished in state: 4, queries: 1, mempool: 81952 B
[plan ][00000.00] plan 'g.root-servers.net.' type 'A' uid [65549.00]
[iterat][65549.00] 'g.root-servers.net.' type 'A' new uid was assigned .01, parent uid .00
[cache ][65549.01] => satisfied by exact RRset: rank 030, new TTL 517436
[iterat][65549.01] <= rcode: NOERROR
[resolv][65549.01] AD: request NOT classified as SECURE
[resolv][65549.01] finished in state: 4, queries: 1, mempool: 81952 B
[plan ][00000.00] plan 'g.root-servers.net.' type 'AAAA' uid [65550.00]
[iterat][65550.00] 'g.root-servers.net.' type 'AAAA' new uid was assigned .01, parent uid .00
[cache ][65550.01] => satisfied by exact RRset: rank 030, new TTL 517436
[iterat][65550.01] <= rcode: NOERROR
[resolv][65550.01] AD: request NOT classified as SECURE
[resolv][65550.01] finished in state: 4, queries: 1, mempool: 81952 B
[plan ][00000.00] plan 'h.root-servers.net.' type 'A' uid [65551.00]
[iterat][65551.00] 'h.root-servers.net.' type 'A' new uid was assigned .01, parent uid .00
[cache ][65551.01] => satisfied by exact RRset: rank 030, new TTL 517436
[iterat][65551.01] <= rcode: NOERROR
[resolv][65551.01] AD: request NOT classified as SECURE
[resolv][65551.01] finished in state: 4, queries: 1, mempool: 81952 B
[plan ][00000.00] plan 'h.root-servers.net.' type 'AAAA' uid [65552.00]
[iterat][65552.00] 'h.root-servers.net.' type 'AAAA' new uid was assigned .01, parent uid .00
[cache ][65552.01] => satisfied by exact RRset: rank 030, new TTL 517436
[iterat][65552.01] <= rcode: NOERROR
[resolv][65552.01] AD: request NOT classified as SECURE
[resolv][65552.01] finished in state: 4, queries: 1, mempool: 81952 B
[plan ][00000.00] plan 'i.root-servers.net.' type 'A' uid [65553.00]
[iterat][65553.00] 'i.root-servers.net.' type 'A' new uid was assigned .01, parent uid .00
[cache ][65553.01] => satisfied by exact RRset: rank 030, new TTL 517493
[iterat][65553.01] <= rcode: NOERROR
[resolv][65553.01] AD: request NOT classified as SECURE
[resolv][65553.01] finished in state: 4, queries: 1, mempool: 81952 B
[plan ][00000.00] plan 'i.root-servers.net.' type 'AAAA' uid [65554.00]
[iterat][65554.00] 'i.root-servers.net.' type 'AAAA' new uid was assigned .01, parent uid .00
[cache ][65554.01] => satisfied by exact RRset: rank 030, new TTL 517436
[iterat][65554.01] <= rcode: NOERROR
[resolv][65554.01] AD: request NOT classified as SECURE
[resolv][65554.01] finished in state: 4, queries: 1, mempool: 81952 B
[plan ][00000.00] plan 'j.root-servers.net.' type 'A' uid [65555.00]
[iterat][65555.00] 'j.root-servers.net.' type 'A' new uid was assigned .01, parent uid .00
[cache ][65555.01] => satisfied by exact RRset: rank 030, new TTL 517436
[iterat][65555.01] <= rcode: NOERROR
[resolv][65555.01] AD: request NOT classified as SECURE
[resolv][65555.01] finished in state: 4, queries: 1, mempool: 81952 B
[plan ][00000.00] plan 'j.root-servers.net.' type 'AAAA' uid [65556.00]
[iterat][65556.00] 'j.root-servers.net.' type 'AAAA' new uid was assigned .01, parent uid .00
[cache ][65556.01] => satisfied by exact RRset: rank 030, new TTL 517436
[iterat][65556.01] <= rcode: NOERROR
[resolv][65556.01] AD: request NOT classified as SECURE
[resolv][65556.01] finished in state: 4, queries: 1, mempool: 81952 B
[plan ][00000.00] plan 'k.root-servers.net.' type 'A' uid [65557.00]
[iterat][65557.00] 'k.root-servers.net.' type 'A' new uid was assigned .01, parent uid .00
[cache ][65557.01] => satisfied by exact RRset: rank 030, new TTL 517436
[iterat][65557.01] <= rcode: NOERROR
[resolv][65557.01] AD: request NOT classified as SECURE
[resolv][65557.01] finished in state: 4, queries: 1, mempool: 81952 B
[plan ][00000.00] plan 'k.root-servers.net.' type 'AAAA' uid [65558.00]
[iterat][65558.00] 'k.root-servers.net.' type 'AAAA' new uid was assigned .01, parent uid .00
[cache ][65558.01] => satisfied by exact RRset: rank 030, new TTL 517493
[iterat][65558.01] <= rcode: NOERROR
[resolv][65558.01] AD: request NOT classified as SECURE
[resolv][65558.01] finished in state: 4, queries: 1, mempool: 81952 B
[plan ][00000.00] plan 'l.root-servers.net.' type 'A' uid [65559.00]
[iterat][65559.00] 'l.root-servers.net.' type 'A' new uid was assigned .01, parent uid .00
[cache ][65559.01] => satisfied by exact RRset: rank 030, new TTL 517436
[iterat][65559.01] <= rcode: NOERROR
[resolv][65559.01] AD: request NOT classified as SECURE
[resolv][65559.01] finished in state: 4, queries: 1, mempool: 81952 B
[plan ][00000.00] plan 'l.root-servers.net.' type 'AAAA' uid [65560.00]
[iterat][65560.00] 'l.root-servers.net.' type 'AAAA' new uid was assigned .01, parent uid .00
[cache ][65560.01] => satisfied by exact RRset: rank 030, new TTL 517436
[iterat][65560.01] <= rcode: NOERROR
[resolv][65560.01] AD: request NOT classified as SECURE
[resolv][65560.01] finished in state: 4, queries: 1, mempool: 81952 B
[plan ][00000.00] plan 'm.root-servers.net.' type 'A' uid [65561.00]
[iterat][65561.00] 'm.root-servers.net.' type 'A' new uid was assigned .01, parent uid .00
[cache ][65561.01] => satisfied by exact RRset: rank 030, new TTL 517436
[iterat][65561.01] <= rcode: NOERROR
[resolv][65561.01] AD: request NOT classified as SECURE
[resolv][65561.01] finished in state: 4, queries: 1, mempool: 81952 B
[plan ][00000.00] plan 'm.root-servers.net.' type 'AAAA' uid [65562.00]
[iterat][65562.00] 'm.root-servers.net.' type 'AAAA' new uid was assigned .01, parent uid .00
[cache ][65562.01] => satisfied by exact RRset: rank 030, new TTL 517436
[iterat][65562.01] <= rcode: NOERROR
[resolv][65562.01] AD: request NOT classified as SECURE
[resolv][65562.01] finished in state: 4, queries: 1, mempool: 81952 B
[primin] triggered priming query, next in 517436 seconds
[plan ][00000.00] plan '.' type 'NS' uid [65563.00]
[iterat][65563.00] '.' type 'NS' new uid was assigned .01, parent uid .00
[zoncut][65563.01] found cut: . (rank 060 return codes: DS -2, DNSKEY 0)
[select][65563.01] => id: '53759' choosing: 'f.root-servers.net.'@'192.5.5.241#00053' with timeout 34 ms zone cut: '.'
[resolv][65563.01] => id: '53759' querying: 'f.root-servers.net.'@'192.5.5.241#00053' zone cut: '.' qname: '.' qtype: 'NS' proto: 'udp'
[taupd ] refreshing TA for .
[plan ][00000.00] plan '.' type 'DNSKEY' uid [65564.00]
[iterat][65564.00] '.' type 'DNSKEY' new uid was assigned .01, parent uid .00
[zoncut][65564.01] found cut: . (rank 060 return codes: DS -2, DNSKEY 0)
[resolv][65564.01] >< TA: '.'
[select][65564.01] => id: '14006' choosing: 'e.root-servers.net.'@'2001:500:a8::e#00053' with timeout 68 ms zone cut: '.'
[resolv][65564.01] => id: '14006' querying: 'e.root-servers.net.'@'2001:500:a8::e#00053' zone cut: '.' qname: '.' qtype: 'DNSKEY' proto: 'udp'
[select][65563.01] => id: '53759' updating: 'f.root-servers.net.'@'192.5.5.241#00053' zone cut: '.' with rtt 12 to srtt: 14 and variance: 4
[iterat][65563.01] <= rcode: NOERROR
[cache ][65563.01] => not overwriting NS .
[resolv][65563.01] AD: request NOT classified as SECURE
[resolv][65563.01] finished in state: 4, queries: 1, mempool: 98352 B
[timesk] Local system time "Sat Mar 12 18:00:24 2022" is within RRSIG validity interval <"Sat Mar 12 16:00:00 2022","Fri Mar 25 17:00:00 2022">.
[select][65564.01] NO6: timed out, appended, timeouts 1/6
[select][65564.01] => id: '14006' noting selection error: 'e.root-servers.net.'@'2001:500:a8::e#00053' zone cut: '.' error: 1 QUERY_TIMEOUT
[iterat][65564.01] '.' type 'DNSKEY' new uid was assigned .02, parent uid .00
[select][65564.02] => id: '10194' choosing: 'f.root-servers.net.'@'192.5.5.241#00053' with timeout 34 ms zone cut: '.'
[resolv][65564.02] => id: '10194' querying: 'f.root-servers.net.'@'192.5.5.241#00053' zone cut: '.' qname: '.' qtype: 'DNSKEY' proto: 'udp'
[select][65564.02] => id: '10194' updating: 'f.root-servers.net.'@'192.5.5.241#00053' zone cut: '.' with rtt 11 to srtt: 14 and variance: 4
[iterat][65564.02] <= rcode: NOERROR
[valdtr][65564.02] <= answer valid, OK
[cache ][65564.02] => stashed . DNSKEY, rank 060, 824 B total, incl. 1 RRSIGs
[tasign] signalling query triggered: _ta-4f66.
[resolv][65564.02] AD: request classified as SECURE
[resolv][65564.02] finished in state: 4, queries: 1, mempool: 98352 B
[taupd ] next refresh for . in 12 hours
[plan ][00000.00] plan '_ta-4f66.' type 'NULL' uid [65565.00]
[iterat][65565.00] '_ta-4f66.' type 'NULL' new uid was assigned .01, parent uid .00
[cache ][65565.01] => trying zone: ., NSEC, hash 0
[cache ][65565.01] => NSEC sname: covered by: . -> aaa., new TTL 85436
[cache ][65565.01] => NSEC wildcard: covered by: . -> aaa., new TTL 85436
[iterat][65565.01] <= rcode: NXDOMAIN
[iterat][00000.00] deleted duplicate RR
[iterat][00000.00] deleted duplicate RR
[valdtr][65565.01] <= answer valid, OK
[resolv][65565.01] AD: request classified as SECURE
[resolv][65565.01] finished in state: 4, queries: 1, mempool: 98352 B
[gnutls] (2) signing structure using ECDSA-SHA256
[gnutls] (3) ASSERT: ../../../lib/nettle/mpi.c[wrap_nettle_mpi_print]:60
[gnutls] (3) ASSERT: ../../../lib/nettle/mpi.c[wrap_nettle_mpi_print]:60
[gnutls] (3) ASSERT: ../../../lib/nettle/mpi.c[wrap_nettle_mpi_print]:60
[gnutls] (3) ASSERT: ../../../lib/x509/x509_ext.c[gnutls_subject_alt_names_get]:111
[gnutls] (3) ASSERT: ../../../lib/x509/x509.c[get_alt_name]:1848
[gnutls] (4) cannot use privkey of EC/ECDSA with RSA-PSS-SHA256
[gnutls] (4) cannot use privkey of EC/ECDSA with RSA-PSS-RSAE-SHA256
[gnutls] (4) cannot use privkey of EC/ECDSA with RSA-PSS-SHA384
[gnutls] (4) cannot use privkey of EC/ECDSA with RSA-PSS-RSAE-SHA384
[gnutls] (4) cannot use privkey of EC/ECDSA with RSA-PSS-SHA512
[gnutls] (4) cannot use privkey of EC/ECDSA with RSA-PSS-RSAE-SHA512
[gnutls] (4) cannot use privkey of EC/ECDSA with EdDSA-Ed25519
[gnutls] (4) cannot use privkey of EC/ECDSA with EdDSA-Ed448
[gnutls] (3) ASSERT: ../../../lib/nettle/mpi.c[wrap_nettle_mpi_print]:60
[gnutls] (3) ASSERT: ../../../lib/nettle/mpi.c[wrap_nettle_mpi_print]:60
[tls ] Using ephemeral TLS credentials
[tls ] RFC 7858 OOB key-pin (0): pin-sha256=""
[gnutls] (3) ASSERT: ../../lib/cert-cred-x509.c[gnutls_certificate_get_x509_crt]:901
[gnutls] (5) REC[0x211e170]: Allocating epoch #0
[gnutls] (2) added 4 protocols, 29 ciphersuites, 19 sig algos and 10 groups into priority list
[doh ] [0x21373f0] h2 session created for 127.0.0.1#55200
[gnutls] (5) REC[0x211e170]: Allocating epoch #1
[gnutls] (3) ASSERT: ../../lib/buffers.c[get_last_packet]:1185
[gnutls] (5) REC[0x211e170]: SSL 3.1 Handshake packet received. Epoch 0, length: 512
[gnutls] (5) REC[0x211e170]: Expected Packet Handshake(22)
[gnutls] (5) REC[0x211e170]: Received Packet Handshake(22) with length: 512
[gnutls] (5) REC[0x211e170]: Decrypted Packet[0] Handshake(22) with length: 512
[gnutls] (4) HSK[0x211e170]: CLIENT HELLO (1) was received. Length 508[508], frag offset 0, frag length: 508, sequence: 0
[gnutls] (4) HSK[0x211e170]: Client's version: 3.3
[gnutls] (4) EXT[0x211e170]: Parsing extension 'Supported Versions/43' (5 bytes)
[gnutls] (4) EXT[0x211e170]: Found version: 3.4
[gnutls] (4) EXT[0x211e170]: Found version: 3.3
[gnutls] (4) EXT[0x211e170]: Negotiated version: 3.4
[gnutls] (4) EXT[0x211e170]: Parsing extension 'ALPN/16' (14 bytes)
[gnutls] (4) EXT[0x211e170]: Parsing extension 'Encrypt-then-MAC/22' (0 bytes)
[gnutls] (4) EXT[0x211e170]: Parsing extension 'Extended Master Secret/23' (0 bytes)
[gnutls] (4) EXT[0x211e170]: Ignoring extension 'ClientHello Padding/21'
[gnutls] (4) EXT[0x211e170]: Parsing extension 'Supported EC Point Formats/11' (4 bytes)
[gnutls] (4) EXT[0x211e170]: Parsing extension 'Supported Groups/10' (12 bytes)
[gnutls] (4) EXT[0x211e170]: Received group X25519 (0x1d)
[gnutls] (4) EXT[0x211e170]: Received group SECP256R1 (0x17)
[gnutls] (4) EXT[0x211e170]: Received group X448 (0x1e)
[gnutls] (4) EXT[0x211e170]: Received group SECP521R1 (0x19)
[gnutls] (4) EXT[0x211e170]: Received group SECP384R1 (0x18)
[gnutls] (4) EXT[0x211e170]: Selected group X25519
[gnutls] (4) EXT[0x211e170]: Parsing extension 'Post Handshake Auth/49' (0 bytes)
[gnutls] (4) EXT[0x211e170]: Parsing extension 'Signature Algorithms/13' (42 bytes)
[gnutls] (4) EXT[0x211e170]: rcvd signature algo (4.3) ECDSA-SECP256R1-SHA256
[gnutls] (4) EXT[0x211e170]: rcvd signature algo (5.3) ECDSA-SECP384R1-SHA384
[gnutls] (4) EXT[0x211e170]: rcvd signature algo (6.3) ECDSA-SECP521R1-SHA512
[gnutls] (4) EXT[0x211e170]: rcvd signature algo (8.7) EdDSA-Ed25519
[gnutls] (4) EXT[0x211e170]: rcvd signature algo (8.8) EdDSA-Ed448
[gnutls] (4) EXT[0x211e170]: rcvd signature algo (8.9) RSA-PSS-SHA256
[gnutls] (4) EXT[0x211e170]: rcvd signature algo (8.10) RSA-PSS-SHA384
[gnutls] (4) EXT[0x211e170]: rcvd signature algo (8.11) RSA-PSS-SHA512
[gnutls] (4) EXT[0x211e170]: rcvd signature algo (8.4) RSA-PSS-RSAE-SHA256
[gnutls] (4) EXT[0x211e170]: rcvd signature algo (8.5) RSA-PSS-RSAE-SHA384
[gnutls] (4) EXT[0x211e170]: rcvd signature algo (8.6) RSA-PSS-RSAE-SHA512
[gnutls] (4) EXT[0x211e170]: rcvd signature algo (4.1) RSA-SHA256
[gnutls] (4) EXT[0x211e170]: rcvd signature algo (5.1) RSA-SHA384
[gnutls] (4) EXT[0x211e170]: rcvd signature algo (6.1) RSA-SHA512
[gnutls] (4) EXT[0x211e170]: rcvd signature algo (3.3) (null)
[gnutls] (4) EXT[0x211e170]: rcvd signature algo (3.1) (null)
[gnutls] (4) EXT[0x211e170]: rcvd signature algo (3.2) (null)
[gnutls] (4) EXT[0x211e170]: rcvd signature algo (4.2) (null)
[gnutls] (4) EXT[0x211e170]: rcvd signature algo (5.2) (null)
[gnutls] (4) EXT[0x211e170]: rcvd signature algo (6.2) (null)
[gnutls] (4) EXT[0x211e170]: Parsing extension 'PSK Key Exchange Modes/45' (2 bytes)
[gnutls] (4) EXT[0x211e170]: PSK KE mode 01 received
[gnutls] (4) HSK[0x211e170]: Received safe renegotiation CS
[gnutls] (2) checking 13.02 (GNUTLS_AES_256_GCM_SHA384) for compatibility
[gnutls] (3) ASSERT: ../../../lib/ext/server_name.c[gnutls_server_name_get]:239
[gnutls] (4) HSK[0x211e170]: Requested server name: ''
[gnutls] (4) HSK[0x211e170]: checking compat of GNUTLS_AES_256_GCM_SHA384 with certificate[0] (EC/ECDSA/X.509)
[gnutls] (4) checking cert compat with ECDSA-SECP256R1-SHA256
[gnutls] (4) Selected signature algorithm: ECDSA-SECP256R1-SHA256
[gnutls] (2) Selected (EC/ECDSA) cert based on ciphersuite 13.2: GNUTLS_AES_256_GCM_SHA384
[gnutls] (4) HSK[0x211e170]: Selected cipher suite: GNUTLS_AES_256_GCM_SHA384
[gnutls] (4) HSK[0x211e170]: Selected version TLS1.3
[gnutls] (4) EXT[0x211e170]: Parsing extension 'Key Share/51' (38 bytes)
[gnutls] (4) EXT[0x211e170]: Received key share for X25519
[gnutls] (4) HSK[0x211e170]: Selected group X25519 (6)
[gnutls] (2) EXT[0x211e170]: server generated X25519 shared key
[gnutls] (4) HSK[0x211e170]: Safe renegotiation succeeded
[gnutls] (4) HSK[0x211e170]: SessionID: 0ed0901089315c6dffb1e8c78fe66d7ff0318d3874a74f009691b35a019bbcc8
[gnutls] (4) EXT[0x211e170]: Not sending extension (OCSP Status Request/5) for 'TLS 1.3 server hello'
[gnutls] (4) EXT[0x211e170]: Not sending extension (Client Certificate Type/19) for 'TLS 1.3 server hello'
[gnutls] (4) EXT[0x211e170]: Not sending extension (Server Certificate Type/20) for 'TLS 1.3 server hello'
[gnutls] (4) EXT[0x211e170]: Not sending extension (Supported Groups/10) for 'TLS 1.3 server hello'
[gnutls] (4) EXT[0x211e170]: Not sending extension (Supported EC Point Formats/11) for 'TLS 1.3 server hello'
[gnutls] (4) EXT[0x211e170]: Not sending extension (SRP/12) for 'TLS 1.3 server hello'
[gnutls] (4) EXT[0x211e170]: Not sending extension (Signature Algorithms/13) for 'TLS 1.3 server hello'
[gnutls] (4) EXT[0x211e170]: Not sending extension (SRTP/14) for 'TLS 1.3 server hello'
[gnutls] (4) EXT[0x211e170]: Not sending extension (Heartbeat/15) for 'TLS 1.3 server hello'
[gnutls] (4) EXT[0x211e170]: Not sending extension (ALPN/16) for 'TLS 1.3 server hello'
[gnutls] (4) EXT[0x211e170]: Not sending extension (Encrypt-then-MAC/22) for 'TLS 1.3 server hello'
[gnutls] (4) EXT[0x211e170]: Not sending extension (Extended Master Secret/23) for 'TLS 1.3 server hello'
[gnutls] (4) EXT[0x211e170]: Not sending extension (Session Ticket/35) for 'TLS 1.3 server hello'
[gnutls] (4) EXT[0x211e170]: Preparing extension (Key Share/51) for 'TLS 1.3 server hello'
[gnutls] (4) EXT[0x211e170]: sending key share for X25519
[gnutls] (4) EXT[0x211e170]: Sending extension Key Share/51 (36 bytes)
[gnutls] (4) EXT[0x211e170]: Preparing extension (Supported Versions/43) for 'TLS 1.3 server hello'
[gnutls] (4) EXT[0x211e170]: Sending extension Supported Versions/43 (2 bytes)
[gnutls] (4) EXT[0x211e170]: Not sending extension (Post Handshake Auth/49) for 'TLS 1.3 server hello'
[gnutls] (4) EXT[0x211e170]: Not sending extension (Safe Renegotiation/65281) for 'TLS 1.3 server hello'
[gnutls] (4) EXT[0x211e170]: Not sending extension (Server Name Indication/0) for 'TLS 1.3 server hello'
[gnutls] (4) EXT[0x211e170]: Not sending extension (Cookie/44) for 'TLS 1.3 server hello'
[gnutls] (4) EXT[0x211e170]: Not sending extension (Early Data/42) for 'TLS 1.3 server hello'
[gnutls] (4) EXT[0x211e170]: Preparing extension (PSK Key Exchange Modes/45) for 'TLS 1.3 server hello'
[gnutls] (4) EXT[0x211e170]: Not sending extension (Record Size Limit/28) for 'TLS 1.3 server hello'
[gnutls] (4) EXT[0x211e170]: Not sending extension (Maximum Record Size/1) for 'TLS 1.3 server hello'
[gnutls] (4) EXT[0x211e170]: Not sending extension (ClientHello Padding/21) for 'TLS 1.3 server hello'
[gnutls] (4) EXT[0x211e170]: Preparing extension (Pre Shared Key/41) for 'TLS 1.3 server hello'
[gnutls] (4) HSK[0x211e170]: SERVER HELLO was queued [122 bytes]
[gnutls] (5) REC[0x211e170]: Preparing Packet Handshake(22) with length: 122 and min pad: 0
[gnutls] (5) REC[0x211e170]: Sent Packet[1] Handshake(22) in epoch 0 and length: 127
[gnutls] (5) REC[0x211e170]: Preparing Packet ChangeCipherSpec(20) with length: 1 and min pad: 0
[gnutls] (5) REC[0x211e170]: Sent Packet[2] ChangeCipherSpec(20) in epoch 0 and length: 6
[gnutls] (4) REC[0x211e170]: Sent ChangeCipherSpec
[gnutls] (5) REC[0x211e170]: Initializing epoch #1
[gnutls] (5) REC[0x211e170]: Epoch #1 ready
[gnutls] (4) HSK[0x211e170]: TLS 1.3 re-key with cipher suite: GNUTLS_AES_256_GCM_SHA384
[gnutls] (4) EXT[0x211e170]: Not sending extension (OCSP Status Request/5) for 'encrypted extensions'
[gnutls] (4) EXT[0x211e170]: Preparing extension (Client Certificate Type/19) for 'encrypted extensions'
[gnutls] (4) EXT[0x211e170]: Preparing extension (Server Certificate Type/20) for 'encrypted extensions'
[gnutls] (4) EXT[0x211e170]: Preparing extension (Supported Groups/10) for 'encrypted extensions'
[gnutls] (4) EXT[0x211e170]: Not sending extension (Supported EC Point Formats/11) for 'encrypted extensions'
[gnutls] (4) EXT[0x211e170]: Not sending extension (SRP/12) for 'encrypted extensions'
[gnutls] (4) EXT[0x211e170]: Not sending extension (Signature Algorithms/13) for 'encrypted extensions'
[gnutls] (4) EXT[0x211e170]: Preparing extension (SRTP/14) for 'encrypted extensions'
[gnutls] (4) EXT[0x211e170]: Preparing extension (Heartbeat/15) for 'encrypted extensions'
[gnutls] (4) EXT[0x211e170]: Preparing extension (ALPN/16) for 'encrypted extensions'
[gnutls] (4) EXT[0x211e170]: Sending extension ALPN/16 (5 bytes)
[gnutls] (4) EXT[0x211e170]: Not sending extension (Encrypt-then-MAC/22) for 'encrypted extensions'
[gnutls] (4) EXT[0x211e170]: Not sending extension (Extended Master Secret/23) for 'encrypted extensions'
[gnutls] (4) EXT[0x211e170]: Not sending extension (Session Ticket/35) for 'encrypted extensions'
[gnutls] (4) EXT[0x211e170]: Not sending extension (Key Share/51) for 'encrypted extensions'
[gnutls] (4) EXT[0x211e170]: Not sending extension (Supported Versions/43) for 'encrypted extensions'
[gnutls] (4) EXT[0x211e170]: Not sending extension (Post Handshake Auth/49) for 'encrypted extensions'
[gnutls] (4) EXT[0x211e170]: Not sending extension (Safe Renegotiation/65281) for 'encrypted extensions'
[gnutls] (4) EXT[0x211e170]: Preparing extension (Server Name Indication/0) for 'encrypted extensions'
[gnutls] (4) EXT[0x211e170]: Not sending extension (Cookie/44) for 'encrypted extensions'
[gnutls] (4) EXT[0x211e170]: Preparing extension (Early Data/42) for 'encrypted extensions'
[gnutls] (4) EXT[0x211e170]: Not sending extension (PSK Key Exchange Modes/45) for 'encrypted extensions'
[gnutls] (4) EXT[0x211e170]: Preparing extension (Record Size Limit/28) for 'encrypted extensions'
[gnutls] (4) EXT[0x211e170]: Preparing extension (Maximum Record Size/1) for 'encrypted extensions'
[gnutls] (4) EXT[0x211e170]: Not sending extension (ClientHello Padding/21) for 'encrypted extensions'
[gnutls] (4) EXT[0x211e170]: Not sending extension (Pre Shared Key/41) for 'encrypted extensions'
[gnutls] (4) HSK[0x211e170]: ENCRYPTED EXTENSIONS was queued [15 bytes]
[gnutls] (4) HSK[0x211e170]: CERTIFICATE was queued [407 bytes]
[gnutls] (4) checking cert compat with ECDSA-SECP256R1-SHA256
[gnutls] (4) HSK[0x211e170]: signing TLS 1.3 handshake data: using ECDSA-SECP256R1-SHA256 and PRF: SHA384
[gnutls] (3) ASSERT: ../../../lib/nettle/mpi.c[wrap_nettle_mpi_print]:60
[gnutls] (3) ASSERT: ../../../lib/nettle/mpi.c[wrap_nettle_mpi_print]:60
[gnutls] (4) HSK[0x211e170]: CERTIFICATE VERIFY was queued [79 bytes]
[gnutls] (4) HSK[0x211e170]: sending finished
[gnutls] (4) HSK[0x211e170]: FINISHED was queued [52 bytes]
[gnutls] (5) REC[0x211e170]: Preparing Packet Handshake(22) with length: 15 and min pad: 0
[gnutls] (5) REC[0x211e170]: Sent Packet[1] Handshake(22) in epoch 1 and length: 37
[gnutls] (5) REC[0x211e170]: Preparing Packet Handshake(22) with length: 407 and min pad: 0
[gnutls] (5) REC[0x211e170]: Sent Packet[2] Handshake(22) in epoch 1 and length: 429
[gnutls] (5) REC[0x211e170]: Preparing Packet Handshake(22) with length: 79 and min pad: 0
[gnutls] (5) REC[0x211e170]: Sent Packet[3] Handshake(22) in epoch 1 and length: 101
[gnutls] (5) REC[0x211e170]: Preparing Packet Handshake(22) with length: 52 and min pad: 0
[gnutls] (5) REC[0x211e170]: Sent Packet[4] Handshake(22) in epoch 1 and length: 74
[gnutls] (3) ASSERT: ../../lib/constate.c[_gnutls_epoch_get]:955
[gnutls] (5) REC[0x211e170]: Allocating epoch #2
[gnutls] (4) HSK[0x211e170]: unauthenticated session eligible for early start
[gnutls] (5) REC[0x211e170]: Initializing epoch #2
[gnutls] (5) REC[0x211e170]: Epoch #2 ready
[gnutls] (4) HSK[0x211e170]: TLS 1.3 set write key with cipher suite: GNUTLS_AES_256_GCM_SHA384
[gnutls] (4) HSK[0x211e170]: switching early to application traffic keys
[gnutls] (4) HSK[0x211e170]: NEW SESSION TICKET was queued [251 bytes]
[gnutls] (4) HSK[0x211e170]: NEW SESSION TICKET was queued [251 bytes]
[gnutls] (5) REC[0x211e170]: Preparing Packet Handshake(22) with length: 251 and min pad: 0
[gnutls] (5) REC[0x211e170]: Sent Packet[1] Handshake(22) in epoch 2 and length: 273
[gnutls] (5) REC[0x211e170]: Preparing Packet Handshake(22) with length: 251 and min pad: 0
[gnutls] (5) REC[0x211e170]: Sent Packet[2] Handshake(22) in epoch 2 and length: 273
[gnutls] (3) ASSERT: ../../lib/buffers.c[get_last_packet]:1185
[gnutls] (3) ASSERT: ../../lib/buffers.c[_gnutls_io_read_buffered]:589
[gnutls] (3) ASSERT: ../../lib/tls13/finished.c[_gnutls13_recv_finished]:101
[gnutls] (3) ASSERT: ../../lib/buffers.c[get_last_packet]:1185
[gnutls] (5) REC[0x211e170]: SSL 3.3 ChangeCipherSpec packet received. Epoch 1, length: 1
[gnutls] (5) REC[0x211e170]: Expected Packet Handshake(22)
[gnutls] (5) REC[0x211e170]: Received Packet ChangeCipherSpec(20) with length: 1
[gnutls] (5) REC[0x211e170]: SSL 3.3 Application Data packet received. Epoch 1, length: 69
[gnutls] (5) REC[0x211e170]: Expected Packet Handshake(22)
[gnutls] (5) REC[0x211e170]: Received Packet Application Data(23) with length: 69
[gnutls] (5) REC[0x211e170]: Decrypted Packet[0] Handshake(22) with length: 52
[gnutls] (4) HSK[0x211e170]: FINISHED (20) was received. Length 48[48], frag offset 0, frag length: 48, sequence: 0
[gnutls] (4) HSK[0x211e170]: parsing finished
[gnutls] (4) HSK[0x211e170]: TLS 1.3 set read key with cipher suite: GNUTLS_AES_256_GCM_SHA384
[gnutls] (5) REC[0x211e170]: Start of epoch cleanup
[gnutls] (5) REC[0x211e170]: Epoch #0 freed
[gnutls] (5) REC[0x211e170]: Epoch #1 freed
[gnutls] (5) REC[0x211e170]: End of epoch cleanup
[tls ] TLS handshake with 127.0.0.1#55200 has completed
[gnutls] (3) ASSERT: ../../lib/buffers.c[_gnutls_io_read_buffered]:589
[gnutls] (3) ASSERT: ../../lib/record.c[_gnutls_recv_int]:1776
[gnutls] (5) REC[0x211e170]: SSL 3.3 Application Data packet received. Epoch 2, length: 41
[gnutls] (5) REC[0x211e170]: Expected Packet Application Data(23)
[gnutls] (5) REC[0x211e170]: Received Packet Application Data(23) with length: 41
[gnutls] (5) REC[0x211e170]: Decrypted Packet[0] Application Data(23) with length: 24
[gnutls] (3) ASSERT: ../../lib/buffers.c[_gnutls_io_read_buffered]:589
[gnutls] (3) ASSERT: ../../lib/record.c[_gnutls_recv_int]:1776
[gnutls] (5) REC[0x211e170]: Preparing Packet Application Data(23) with length: 15 and min pad: 0
[gnutls] (5) REC[0x211e170]: Sent Packet[3] Application Data(23) in epoch 2 and length: 37
[gnutls] (5) REC[0x211e170]: SSL 3.3 Application Data packet received. Epoch 2, length: 44
[gnutls] (5) REC[0x211e170]: Expected Packet Application Data(23)
[gnutls] (5) REC[0x211e170]: Received Packet Application Data(23) with length: 44
[gnutls] (5) REC[0x211e170]: Decrypted Packet[1] Application Data(23) with length: 27
[gnutls] (5) REC[0x211e170]: SSL 3.3 Application Data packet received. Epoch 2, length: 30
[gnutls] (5) REC[0x211e170]: Expected Packet Application Data(23)
[gnutls] (5) REC[0x211e170]: Received Packet Application Data(23) with length: 30
[gnutls] (5) REC[0x211e170]: Decrypted Packet[2] Application Data(23) with length: 13
[gnutls] (3) ASSERT: ../../lib/buffers.c[_gnutls_io_read_buffered]:589
[gnutls] (3) ASSERT: ../../lib/record.c[_gnutls_recv_int]:1776
[gnutls] (5) REC[0x211e170]: Preparing Packet Application Data(23) with length: 9 and min pad: 0
[gnutls] (5) REC[0x211e170]: Sent Packet[4] Application Data(23) in epoch 2 and length: 31
[gnutls] (5) REC[0x211e170]: SSL 3.3 Application Data packet received. Epoch 2, length: 62
[gnutls] (5) REC[0x211e170]: Expected Packet Application Data(23)
[gnutls] (5) REC[0x211e170]: Received Packet Application Data(23) with length: 62
[gnutls] (5) REC[0x211e170]: Decrypted Packet[3] Application Data(23) with length: 45
[gnutls] (3) ASSERT: ../../lib/buffers.c[_gnutls_io_read_buffered]:589
[gnutls] (3) ASSERT: ../../lib/record.c[_gnutls_recv_int]:1776
[gnutls] (5) REC[0x211e170]: Preparing Packet Application Data(23) with length: 13 and min pad: 0
[gnutls] (5) REC[0x211e170]: Sent Packet[5] Application Data(23) in epoch 2 and length: 35
[gnutls] (5) REC[0x211e170]: SSL 3.3 Application Data packet received. Epoch 2, length: 26
[gnutls] (5) REC[0x211e170]: Expected Packet Application Data(23)
[gnutls] (5) REC[0x211e170]: Received Packet Application Data(23) with length: 26
[gnutls] (5) REC[0x211e170]: Decrypted Packet[4] Application Data(23) with length: 9
[gnutls] (3) ASSERT: ../../lib/buffers.c[_gnutls_io_read_buffered]:589
[gnutls] (3) ASSERT: ../../lib/record.c[_gnutls_recv_int]:1776
[gnutls] (5) REC[0x211e170]: SSL 3.3 Application Data packet received. Epoch 2, length: 19
[gnutls] (5) REC[0x211e170]: Expected Packet Application Data(23)
[gnutls] (5) REC[0x211e170]: Received Packet Application Data(23) with length: 19
[gnutls] (5) REC[0x211e170]: Decrypted Packet[5] Alert(21) with length: 2
[gnutls] (5) REC[0x211e170]: Alert[1|0] - Close notify - was received
[gnutls] (3) ASSERT: ../../lib/record.c[_gnutls_recv_in_buffers]:1578
[io ] => connection to '127.0.0.1#55200' closed by peer (end of file)
[doh ] [0x21373f0] h2 session freed
[gnutls] (5) REC[0x211e170]: Start of epoch cleanup
[gnutls] (5) REC[0x211e170]: End of epoch cleanup
[gnutls] (5) REC[0x211e170]: Epoch #2 freed
[gnutls] (5) REC[0x211e0e0]: Allocating epoch #0
[gnutls] (2) added 4 protocols, 29 ciphersuites, 19 sig algos and 10 groups into priority list
[doh ] [0x21373f0] h2 session created for 127.0.0.1#55202
[gnutls] (5) REC[0x211e0e0]: Allocating epoch #1
[gnutls] (3) ASSERT: ../../lib/buffers.c[get_last_packet]:1185
[gnutls] (5) REC[0x211e0e0]: SSL 3.1 Handshake packet received. Epoch 0, length: 593
[gnutls] (5) REC[0x211e0e0]: Expected Packet Handshake(22)
[gnutls] (5) REC[0x211e0e0]: Received Packet Handshake(22) with length: 593
[gnutls] (5) REC[0x211e0e0]: Decrypted Packet[0] Handshake(22) with length: 593
[gnutls] (4) HSK[0x211e0e0]: CLIENT HELLO (1) was received. Length 589[589], frag offset 0, frag length: 589, sequence: 0
[gnutls] (4) HSK[0x211e0e0]: Client's version: 3.3
[gnutls] (4) EXT[0x211e0e0]: Parsing extension 'Supported Versions/43' (5 bytes)
[gnutls] (4) EXT[0x211e0e0]: Found version: 3.4
[gnutls] (4) EXT[0x211e0e0]: Found version: 3.3
[gnutls] (4) EXT[0x211e0e0]: Negotiated version: 3.4
[gnutls] (4) EXT[0x211e0e0]: Parsing extension 'ALPN/16' (14 bytes)
[gnutls] (4) EXT[0x211e0e0]: Parsing extension 'Encrypt-then-MAC/22' (0 bytes)
[gnutls] (4) EXT[0x211e0e0]: Parsing extension 'Extended Master Secret/23' (0 bytes)
[gnutls] (4) EXT[0x211e0e0]: Parsing extension 'Supported EC Point Formats/11' (4 bytes)
[gnutls] (4) EXT[0x211e0e0]: Parsing extension 'Supported Groups/10' (12 bytes)
[gnutls] (4) EXT[0x211e0e0]: Received group X25519 (0x1d)
[gnutls] (4) EXT[0x211e0e0]: Received group SECP256R1 (0x17)
[gnutls] (4) EXT[0x211e0e0]: Received group X448 (0x1e)
[gnutls] (4) EXT[0x211e0e0]: Received group SECP521R1 (0x19)
[gnutls] (4) EXT[0x211e0e0]: Received group SECP384R1 (0x18)
[gnutls] (4) EXT[0x211e0e0]: Selected group X25519
[gnutls] (4) EXT[0x211e0e0]: Parsing extension 'Post Handshake Auth/49' (0 bytes)
[gnutls] (4) EXT[0x211e0e0]: Parsing extension 'Signature Algorithms/13' (42 bytes)
[gnutls] (4) EXT[0x211e0e0]: rcvd signature algo (4.3) ECDSA-SECP256R1-SHA256
[gnutls] (4) EXT[0x211e0e0]: rcvd signature algo (5.3) ECDSA-SECP384R1-SHA384
[gnutls] (4) EXT[0x211e0e0]: rcvd signature algo (6.3) ECDSA-SECP521R1-SHA512
[gnutls] (4) EXT[0x211e0e0]: rcvd signature algo (8.7) EdDSA-Ed25519
[gnutls] (4) EXT[0x211e0e0]: rcvd signature algo (8.8) EdDSA-Ed448
[gnutls] (4) EXT[0x211e0e0]: rcvd signature algo (8.9) RSA-PSS-SHA256
[gnutls] (4) EXT[0x211e0e0]: rcvd signature algo (8.10) RSA-PSS-SHA384
[gnutls] (4) EXT[0x211e0e0]: rcvd signature algo (8.11) RSA-PSS-SHA512
[gnutls] (4) EXT[0x211e0e0]: rcvd signature algo (8.4) RSA-PSS-RSAE-SHA256
[gnutls] (4) EXT[0x211e0e0]: rcvd signature algo (8.5) RSA-PSS-RSAE-SHA384
[gnutls] (4) EXT[0x211e0e0]: rcvd signature algo (8.6) RSA-PSS-RSAE-SHA512
[gnutls] (4) EXT[0x211e0e0]: rcvd signature algo (4.1) RSA-SHA256
[gnutls] (4) EXT[0x211e0e0]: rcvd signature algo (5.1) RSA-SHA384
[gnutls] (4) EXT[0x211e0e0]: rcvd signature algo (6.1) RSA-SHA512
[gnutls] (4) EXT[0x211e0e0]: rcvd signature algo (3.3) (null)
[gnutls] (4) EXT[0x211e0e0]: rcvd signature algo (3.1) (null)
[gnutls] (4) EXT[0x211e0e0]: rcvd signature algo (3.2) (null)
[gnutls] (4) EXT[0x211e0e0]: rcvd signature algo (4.2) (null)
[gnutls] (4) EXT[0x211e0e0]: rcvd signature algo (5.2) (null)
[gnutls] (4) EXT[0x211e0e0]: rcvd signature algo (6.2) (null)
[gnutls] (4) EXT[0x211e0e0]: Parsing extension 'PSK Key Exchange Modes/45' (2 bytes)
[gnutls] (4) EXT[0x211e0e0]: PSK KE mode 01 received
[gnutls] (4) EXT[0x211e0e0]: Parsing extension 'Pre Shared Key/41' (289 bytes)
[gnutls] (4) EXT[0x211e0e0]: selected DHE-PSK mode
[gnutls] (4) EXT[0x211e0e0]: selected resumption PSK identity (0)
[gnutls] (4) HSK[0x211e0e0]: Received safe renegotiation CS
[gnutls] (2) checking 13.02 (GNUTLS_AES_256_GCM_SHA384) for compatibility
[gnutls] (4) HSK[0x211e0e0]: Selected cipher suite: GNUTLS_AES_256_GCM_SHA384
[gnutls] (4) HSK[0x211e0e0]: Selected version TLS1.3
[gnutls] (4) EXT[0x211e0e0]: Parsing extension 'Key Share/51' (38 bytes)
[gnutls] (4) EXT[0x211e0e0]: Received key share for X25519
[gnutls] (4) HSK[0x211e0e0]: Selected group X25519 (6)
[gnutls] (2) EXT[0x211e0e0]: server generated X25519 shared key
[gnutls] (4) HSK[0x211e0e0]: Safe renegotiation succeeded
[gnutls] (4) HSK[0x211e0e0]: SessionID: 81d219ba924093e708406e0b027ebc4d0bf7be0ba922e155a1a774179cad5de5
[gnutls] (4) EXT[0x211e0e0]: Not sending extension (OCSP Status Request/5) for 'TLS 1.3 server hello'
[gnutls] (4) EXT[0x211e0e0]: Not sending extension (Client Certificate Type/19) for 'TLS 1.3 server hello'
[gnutls] (4) EXT[0x211e0e0]: Not sending extension (Server Certificate Type/20) for 'TLS 1.3 server hello'
[gnutls] (4) EXT[0x211e0e0]: Not sending extension (Supported Groups/10) for 'TLS 1.3 server hello'
[gnutls] (4) EXT[0x211e0e0]: Not sending extension (Supported EC Point Formats/11) for 'TLS 1.3 server hello'
[gnutls] (4) EXT[0x211e0e0]: Not sending extension (SRP/12) for 'TLS 1.3 server hello'
[gnutls] (4) EXT[0x211e0e0]: Not sending extension (Signature Algorithms/13) for 'TLS 1.3 server hello'
[gnutls] (4) EXT[0x211e0e0]: Not sending extension (SRTP/14) for 'TLS 1.3 server hello'
[gnutls] (4) EXT[0x211e0e0]: Not sending extension (Heartbeat/15) for 'TLS 1.3 server hello'
[gnutls] (4) EXT[0x211e0e0]: Not sending extension (ALPN/16) for 'TLS 1.3 server hello'
[gnutls] (4) EXT[0x211e0e0]: Not sending extension (Encrypt-then-MAC/22) for 'TLS 1.3 server hello'
[gnutls] (4) EXT[0x211e0e0]: Not sending extension (Extended Master Secret/23) for 'TLS 1.3 server hello'
[gnutls] (4) EXT[0x211e0e0]: Not sending extension (Session Ticket/35) for 'TLS 1.3 server hello'
[gnutls] (4) EXT[0x211e0e0]: Preparing extension (Key Share/51) for 'TLS 1.3 server hello'
[gnutls] (4) EXT[0x211e0e0]: sending key share for X25519
[gnutls] (4) EXT[0x211e0e0]: Sending extension Key Share/51 (36 bytes)
[gnutls] (4) EXT[0x211e0e0]: Preparing extension (Supported Versions/43) for 'TLS 1.3 server hello'
[gnutls] (4) EXT[0x211e0e0]: Sending extension Supported Versions/43 (2 bytes)
[gnutls] (4) EXT[0x211e0e0]: Not sending extension (Post Handshake Auth/49) for 'TLS 1.3 server hello'
[gnutls] (4) EXT[0x211e0e0]: Not sending extension (Safe Renegotiation/65281) for 'TLS 1.3 server hello'
[gnutls] (4) EXT[0x211e0e0]: Not sending extension (Server Name Indication/0) for 'TLS 1.3 server hello'
[gnutls] (4) EXT[0x211e0e0]: Not sending extension (Cookie/44) for 'TLS 1.3 server hello'
[gnutls] (4) EXT[0x211e0e0]: Not sending extension (Early Data/42) for 'TLS 1.3 server hello'
[gnutls] (4) EXT[0x211e0e0]: Preparing extension (PSK Key Exchange Modes/45) for 'TLS 1.3 server hello'
[gnutls] (4) EXT[0x211e0e0]: Not sending extension (Record Size Limit/28) for 'TLS 1.3 server hello'
[gnutls] (4) EXT[0x211e0e0]: Not sending extension (Maximum Record Size/1) for 'TLS 1.3 server hello'
[gnutls] (4) EXT[0x211e0e0]: Not sending extension (ClientHello Padding/21) for 'TLS 1.3 server hello'
[gnutls] (4) EXT[0x211e0e0]: Preparing extension (Pre Shared Key/41) for 'TLS 1.3 server hello'
[gnutls] (4) EXT[0x211e0e0]: Sending extension Pre Shared Key/41 (2 bytes)
[gnutls] (4) HSK[0x211e0e0]: SERVER HELLO was queued [128 bytes]
[gnutls] (5) REC[0x211e0e0]: Preparing Packet Handshake(22) with length: 128 and min pad: 0
[gnutls] (5) REC[0x211e0e0]: Sent Packet[1] Handshake(22) in epoch 0 and length: 133
[gnutls] (5) REC[0x211e0e0]: Preparing Packet ChangeCipherSpec(20) with length: 1 and min pad: 0
[gnutls] (5) REC[0x211e0e0]: Sent Packet[2] ChangeCipherSpec(20) in epoch 0 and length: 6
[gnutls] (4) REC[0x211e0e0]: Sent ChangeCipherSpec
[gnutls] (5) REC[0x211e0e0]: Initializing epoch #1
[gnutls] (5) REC[0x211e0e0]: Epoch #1 ready
[gnutls] (4) HSK[0x211e0e0]: TLS 1.3 re-key with cipher suite: GNUTLS_AES_256_GCM_SHA384
[gnutls] (4) EXT[0x211e0e0]: Not sending extension (OCSP Status Request/5) for 'encrypted extensions'
[gnutls] (4) EXT[0x211e0e0]: Preparing extension (Client Certificate Type/19) for 'encrypted extensions'
[gnutls] (4) EXT[0x211e0e0]: Preparing extension (Server Certificate Type/20) for 'encrypted extensions'
[gnutls] (4) EXT[0x211e0e0]: Preparing extension (Supported Groups/10) for 'encrypted extensions'
[gnutls] (4) EXT[0x211e0e0]: Not sending extension (Supported EC Point Formats/11) for 'encrypted extensions'
[gnutls] (4) EXT[0x211e0e0]: Not sending extension (SRP/12) for 'encrypted extensions'
[gnutls] (4) EXT[0x211e0e0]: Not sending extension (Signature Algorithms/13) for 'encrypted extensions'
[gnutls] (4) EXT[0x211e0e0]: Preparing extension (SRTP/14) for 'encrypted extensions'
[gnutls] (4) EXT[0x211e0e0]: Preparing extension (Heartbeat/15) for 'encrypted extensions'
[gnutls] (4) EXT[0x211e0e0]: Preparing extension (ALPN/16) for 'encrypted extensions'
[gnutls] (4) EXT[0x211e0e0]: Sending extension ALPN/16 (5 bytes)
[gnutls] (4) EXT[0x211e0e0]: Not sending extension (Encrypt-then-MAC/22) for 'encrypted extensions'
[gnutls] (4) EXT[0x211e0e0]: Not sending extension (Extended Master Secret/23) for 'encrypted extensions'
[gnutls] (4) EXT[0x211e0e0]: Not sending extension (Session Ticket/35) for 'encrypted extensions'
[gnutls] (4) EXT[0x211e0e0]: Not sending extension (Key Share/51) for 'encrypted extensions'
[gnutls] (4) EXT[0x211e0e0]: Not sending extension (Supported Versions/43) for 'encrypted extensions'
[gnutls] (4) EXT[0x211e0e0]: Not sending extension (Post Handshake Auth/49) for 'encrypted extensions'
[gnutls] (4) EXT[0x211e0e0]: Not sending extension (Safe Renegotiation/65281) for 'encrypted extensions'
[gnutls] (4) EXT[0x211e0e0]: Preparing extension (Server Name Indication/0) for 'encrypted extensions'
[gnutls] (4) EXT[0x211e0e0]: Not sending extension (Cookie/44) for 'encrypted extensions'
[gnutls] (4) EXT[0x211e0e0]: Preparing extension (Early Data/42) for 'encrypted extensions'
[gnutls] (4) EXT[0x211e0e0]: Not sending extension (PSK Key Exchange Modes/45) for 'encrypted extensions'
[gnutls] (4) EXT[0x211e0e0]: Preparing extension (Record Size Limit/28) for 'encrypted extensions'
[gnutls] (4) EXT[0x211e0e0]: Preparing extension (Maximum Record Size/1) for 'encrypted extensions'
[gnutls] (4) EXT[0x211e0e0]: Not sending extension (ClientHello Padding/21) for 'encrypted extensions'
[gnutls] (4) EXT[0x211e0e0]: Not sending extension (Pre Shared Key/41) for 'encrypted extensions'
[gnutls] (4) HSK[0x211e0e0]: ENCRYPTED EXTENSIONS was queued [15 bytes]
[gnutls] (4) HSK[0x211e0e0]: sending finished
[gnutls] (4) HSK[0x211e0e0]: FINISHED was queued [52 bytes]
[gnutls] (5) REC[0x211e0e0]: Preparing Packet Handshake(22) with length: 15 and min pad: 0
[gnutls] (5) REC[0x211e0e0]: Sent Packet[1] Handshake(22) in epoch 1 and length: 37
[gnutls] (5) REC[0x211e0e0]: Preparing Packet Handshake(22) with length: 52 and min pad: 0
[gnutls] (5) REC[0x211e0e0]: Sent Packet[2] Handshake(22) in epoch 1 and length: 74
[gnutls] (3) ASSERT: ../../lib/constate.c[_gnutls_epoch_get]:955
[gnutls] (5) REC[0x211e0e0]: Allocating epoch #2
[gnutls] (5) REC[0x211e0e0]: Initializing epoch #2
[gnutls] (5) REC[0x211e0e0]: Epoch #2 ready
[gnutls] (4) HSK[0x211e0e0]: TLS 1.3 set write key with cipher suite: GNUTLS_AES_256_GCM_SHA384
[gnutls] (4) HSK[0x211e0e0]: switching early to application traffic keys
[gnutls] (3) ASSERT: ../../lib/buffers.c[get_last_packet]:1185
[gnutls] (3) ASSERT: ../../lib/buffers.c[_gnutls_io_read_buffered]:589
[gnutls] (3) ASSERT: ../../lib/tls13/finished.c[_gnutls13_recv_finished]:101
[gnutls] (3) ASSERT: ../../lib/buffers.c[get_last_packet]:1185
[gnutls] (5) REC[0x211e0e0]: SSL 3.3 ChangeCipherSpec packet received. Epoch 1, length: 1
[gnutls] (5) REC[0x211e0e0]: Expected Packet Handshake(22)
[gnutls] (5) REC[0x211e0e0]: Received Packet ChangeCipherSpec(20) with length: 1
[gnutls] (5) REC[0x211e0e0]: SSL 3.3 Application Data packet received. Epoch 1, length: 69
[gnutls] (5) REC[0x211e0e0]: Expected Packet Handshake(22)
[gnutls] (5) REC[0x211e0e0]: Received Packet Application Data(23) with length: 69
[gnutls] (5) REC[0x211e0e0]: Decrypted Packet[0] Handshake(22) with length: 52
[gnutls] (4) HSK[0x211e0e0]: FINISHED (20) was received. Length 48[48], frag offset 0, frag length: 48, sequence: 0
[gnutls] (4) HSK[0x211e0e0]: parsing finished
[gnutls] (4) HSK[0x211e0e0]: TLS 1.3 set read key with cipher suite: GNUTLS_AES_256_GCM_SHA384
[gnutls] (4) HSK[0x211e0e0]: NEW SESSION TICKET was queued [251 bytes]
[gnutls] (4) HSK[0x211e0e0]: NEW SESSION TICKET was queued [251 bytes]
[gnutls] (5) REC[0x211e0e0]: Preparing Packet Handshake(22) with length: 251 and min pad: 0
[gnutls] (5) REC[0x211e0e0]: Sent Packet[1] Handshake(22) in epoch 2 and length: 273
[gnutls] (5) REC[0x211e0e0]: Preparing Packet Handshake(22) with length: 251 and min pad: 0
[gnutls] (5) REC[0x211e0e0]: Sent Packet[2] Handshake(22) in epoch 2 and length: 273
[gnutls] (5) REC[0x211e0e0]: Start of epoch cleanup
[gnutls] (5) REC[0x211e0e0]: Epoch #0 freed
[gnutls] (5) REC[0x211e0e0]: Epoch #1 freed
[gnutls] (5) REC[0x211e0e0]: End of epoch cleanup
[tls ] TLS handshake with 127.0.0.1#55202 has completed
[gnutls] (3) ASSERT: ../../lib/buffers.c[_gnutls_io_read_buffered]:589
[gnutls] (3) ASSERT: ../../lib/record.c[_gnutls_recv_int]:1776
[gnutls] (5) REC[0x211e0e0]: SSL 3.3 Application Data packet received. Epoch 2, length: 41
[gnutls] (5) REC[0x211e0e0]: Expected Packet Application Data(23)
[gnutls] (5) REC[0x211e0e0]: Received Packet Application Data(23) with length: 41
[gnutls] (5) REC[0x211e0e0]: Decrypted Packet[0] Application Data(23) with length: 24
[gnutls] (3) ASSERT: ../../lib/buffers.c[_gnutls_io_read_buffered]:589
[gnutls] (3) ASSERT: ../../lib/record.c[_gnutls_recv_int]:1776
[gnutls] (5) REC[0x211e0e0]: Preparing Packet Application Data(23) with length: 15 and min pad: 0
[gnutls] (5) REC[0x211e0e0]: Sent Packet[3] Application Data(23) in epoch 2 and length: 37
[gnutls] (5) REC[0x211e0e0]: SSL 3.3 Application Data packet received. Epoch 2, length: 44
[gnutls] (5) REC[0x211e0e0]: Expected Packet Application Data(23)
[gnutls] (5) REC[0x211e0e0]: Received Packet Application Data(23) with length: 44
[gnutls] (5) REC[0x211e0e0]: Decrypted Packet[1] Application Data(23) with length: 27
[gnutls] (5) REC[0x211e0e0]: SSL 3.3 Application Data packet received. Epoch 2, length: 30
[gnutls] (5) REC[0x211e0e0]: Expected Packet Application Data(23)
[gnutls] (5) REC[0x211e0e0]: Received Packet Application Data(23) with length: 30
[gnutls] (5) REC[0x211e0e0]: Decrypted Packet[2] Application Data(23) with length: 13
[gnutls] (3) ASSERT: ../../lib/buffers.c[_gnutls_io_read_buffered]:589
[gnutls] (3) ASSERT: ../../lib/record.c[_gnutls_recv_int]:1776
[gnutls] (5) REC[0x211e0e0]: Preparing Packet Application Data(23) with length: 9 and min pad: 0
[gnutls] (5) REC[0x211e0e0]: Sent Packet[4] Application Data(23) in epoch 2 and length: 31
[gnutls] (5) REC[0x211e0e0]: SSL 3.3 Application Data packet received. Epoch 2, length: 62
[gnutls] (5) REC[0x211e0e0]: Expected Packet Application Data(23)
[gnutls] (5) REC[0x211e0e0]: Received Packet Application Data(23) with length: 62
[gnutls] (5) REC[0x211e0e0]: Decrypted Packet[3] Application Data(23) with length: 45
[gnutls] (3) ASSERT: ../../lib/buffers.c[_gnutls_io_read_buffered]:589
[gnutls] (3) ASSERT: ../../lib/record.c[_gnutls_recv_int]:1776
[gnutls] (5) REC[0x211e0e0]: Preparing Packet Application Data(23) with length: 13 and min pad: 0
[gnutls] (5) REC[0x211e0e0]: Sent Packet[5] Application Data(23) in epoch 2 and length: 35
[gnutls] (5) REC[0x211e0e0]: SSL 3.3 Application Data packet received. Epoch 2, length: 26
[gnutls] (5) REC[0x211e0e0]: Expected Packet Application Data(23)
[gnutls] (5) REC[0x211e0e0]: Received Packet Application Data(23) with length: 26
[gnutls] (5) REC[0x211e0e0]: Decrypted Packet[4] Application Data(23) with length: 9
[gnutls] (3) ASSERT: ../../lib/buffers.c[_gnutls_io_read_buffered]:589
[gnutls] (3) ASSERT: ../../lib/record.c[_gnutls_recv_int]:1776
[gnutls] (5) REC[0x211e0e0]: SSL 3.3 Application Data packet received. Epoch 2, length: 19
[gnutls] (5) REC[0x211e0e0]: Expected Packet Application Data(23)
[gnutls] (5) REC[0x211e0e0]: Received Packet Application Data(23) with length: 19
[gnutls] (5) REC[0x211e0e0]: Decrypted Packet[5] Alert(21) with length: 2
[gnutls] (5) REC[0x211e0e0]: Alert[1|0] - Close notify - was received
[gnutls] (3) ASSERT: ../../lib/record.c[_gnutls_recv_in_buffers]:1578
[io ] => connection to '127.0.0.1#55202' closed by peer (end of file)
[doh ] [0x21373f0] h2 session freed
[gnutls] (5) REC[0x211e0e0]: Start of epoch cleanup
[gnutls] (5) REC[0x211e0e0]: End of epoch cleanup
[gnutls] (5) REC[0x211e0e0]: Epoch #2 freed
[gnutls] (5) REC[0x211e0e0]: Allocating epoch #0
[gnutls] (2) added 4 protocols, 29 ciphersuites, 19 sig algos and 10 groups into priority list
[doh ] [0x21373f0] h2 session created for 127.0.0.1#55204
[gnutls] (5) REC[0x211e0e0]: Allocating epoch #1
[gnutls] (3) ASSERT: ../../lib/buffers.c[get_last_packet]:1185
[gnutls] (5) REC[0x211e0e0]: SSL 3.1 Handshake packet received. Epoch 0, length: 593
[gnutls] (5) REC[0x211e0e0]: Expected Packet Handshake(22)
[gnutls] (5) REC[0x211e0e0]: Received Packet Handshake(22) with length: 593
[gnutls] (5) REC[0x211e0e0]: Decrypted Packet[0] Handshake(22) with length: 593
[gnutls] (4) HSK[0x211e0e0]: CLIENT HELLO (1) was received. Length 589[589], frag offset 0, frag length: 589, sequence: 0
[gnutls] (4) HSK[0x211e0e0]: Client's version: 3.3
[gnutls] (4) EXT[0x211e0e0]: Parsing extension 'Supported Versions/43' (5 bytes)
[gnutls] (4) EXT[0x211e0e0]: Found version: 3.4
[gnutls] (4) EXT[0x211e0e0]: Found version: 3.3
[gnutls] (4) EXT[0x211e0e0]: Negotiated version: 3.4
[gnutls] (4) EXT[0x211e0e0]: Parsing extension 'ALPN/16' (14 bytes)
[gnutls] (4) EXT[0x211e0e0]: Parsing extension 'Encrypt-then-MAC/22' (0 bytes)
[gnutls] (4) EXT[0x211e0e0]: Parsing extension 'Extended Master Secret/23' (0 bytes)
[gnutls] (4) EXT[0x211e0e0]: Parsing extension 'Supported EC Point Formats/11' (4 bytes)
[gnutls] (4) EXT[0x211e0e0]: Parsing extension 'Supported Groups/10' (12 bytes)
[gnutls] (4) EXT[0x211e0e0]: Received group X25519 (0x1d)
[gnutls] (4) EXT[0x211e0e0]: Received group SECP256R1 (0x17)
[gnutls] (4) EXT[0x211e0e0]: Received group X448 (0x1e)
[gnutls] (4) EXT[0x211e0e0]: Received group SECP521R1 (0x19)
[gnutls] (4) EXT[0x211e0e0]: Received group SECP384R1 (0x18)
[gnutls] (4) EXT[0x211e0e0]: Selected group X25519
[gnutls] (4) EXT[0x211e0e0]: Parsing extension 'Post Handshake Auth/49' (0 bytes)
[gnutls] (4) EXT[0x211e0e0]: Parsing extension 'Signature Algorithms/13' (42 bytes)
[gnutls] (4) EXT[0x211e0e0]: rcvd signature algo (4.3) ECDSA-SECP256R1-SHA256
[gnutls] (4) EXT[0x211e0e0]: rcvd signature algo (5.3) ECDSA-SECP384R1-SHA384
[gnutls] (4) EXT[0x211e0e0]: rcvd signature algo (6.3) ECDSA-SECP521R1-SHA512
[gnutls] (4) EXT[0x211e0e0]: rcvd signature algo (8.7) EdDSA-Ed25519
[gnutls] (4) EXT[0x211e0e0]: rcvd signature algo (8.8) EdDSA-Ed448
[gnutls] (4) EXT[0x211e0e0]: rcvd signature algo (8.9) RSA-PSS-SHA256
[gnutls] (4) EXT[0x211e0e0]: rcvd signature algo (8.10) RSA-PSS-SHA384
[gnutls] (4) EXT[0x211e0e0]: rcvd signature algo (8.11) RSA-PSS-SHA512
[gnutls] (4) EXT[0x211e0e0]: rcvd signature algo (8.4) RSA-PSS-RSAE-SHA256
[gnutls] (4) EXT[0x211e0e0]: rcvd signature algo (8.5) RSA-PSS-RSAE-SHA384
[gnutls] (4) EXT[0x211e0e0]: rcvd signature algo (8.6) RSA-PSS-RSAE-SHA512
[gnutls] (4) EXT[0x211e0e0]: rcvd signature algo (4.1) RSA-SHA256
[gnutls] (4) EXT[0x211e0e0]: rcvd signature algo (5.1) RSA-SHA384
[gnutls] (4) EXT[0x211e0e0]: rcvd signature algo (6.1) RSA-SHA512
[gnutls] (4) EXT[0x211e0e0]: rcvd signature algo (3.3) (null)
[gnutls] (4) EXT[0x211e0e0]: rcvd signature algo (3.1) (null)
[gnutls] (4) EXT[0x211e0e0]: rcvd signature algo (3.2) (null)
[gnutls] (4) EXT[0x211e0e0]: rcvd signature algo (4.2) (null)
[gnutls] (4) EXT[0x211e0e0]: rcvd signature algo (5.2) (null)
[gnutls] (4) EXT[0x211e0e0]: rcvd signature algo (6.2) (null)
[gnutls] (4) EXT[0x211e0e0]: Parsing extension 'PSK Key Exchange Modes/45' (2 bytes)
[gnutls] (4) EXT[0x211e0e0]: PSK KE mode 01 received
[gnutls] (4) EXT[0x211e0e0]: Parsing extension 'Pre Shared Key/41' (289 bytes)
[gnutls] (4) EXT[0x211e0e0]: selected DHE-PSK mode
[gnutls] (4) EXT[0x211e0e0]: selected resumption PSK identity (0)
[gnutls] (4) HSK[0x211e0e0]: Received safe renegotiation CS
[gnutls] (2) checking 13.02 (GNUTLS_AES_256_GCM_SHA384) for compatibility
[gnutls] (4) HSK[0x211e0e0]: Selected cipher suite: GNUTLS_AES_256_GCM_SHA384
[gnutls] (4) HSK[0x211e0e0]: Selected version TLS1.3
[gnutls] (4) EXT[0x211e0e0]: Parsing extension 'Key Share/51' (38 bytes)
[gnutls] (4) EXT[0x211e0e0]: Received key share for X25519
[gnutls] (4) HSK[0x211e0e0]: Selected group X25519 (6)
[gnutls] (2) EXT[0x211e0e0]: server generated X25519 shared key
[gnutls] (4) HSK[0x211e0e0]: Safe renegotiation succeeded
[gnutls] (4) HSK[0x211e0e0]: SessionID: 5ebe5c5449e6975c7b5df57b8eafe41c4c155382cc7ca1576b340fbeef1280ca
[gnutls] (4) EXT[0x211e0e0]: Not sending extension (OCSP Status Request/5) for 'TLS 1.3 server hello'
[gnutls] (4) EXT[0x211e0e0]: Not sending extension (Client Certificate Type/19) for 'TLS 1.3 server hello'
[gnutls] (4) EXT[0x211e0e0]: Not sending extension (Server Certificate Type/20) for 'TLS 1.3 server hello'
[gnutls] (4) EXT[0x211e0e0]: Not sending extension (Supported Groups/10) for 'TLS 1.3 server hello'
[gnutls] (4) EXT[0x211e0e0]: Not sending extension (Supported EC Point Formats/11) for 'TLS 1.3 server hello'
[gnutls] (4) EXT[0x211e0e0]: Not sending extension (SRP/12) for 'TLS 1.3 server hello'
[gnutls] (4) EXT[0x211e0e0]: Not sending extension (Signature Algorithms/13) for 'TLS 1.3 server hello'
[gnutls] (4) EXT[0x211e0e0]: Not sending extension (SRTP/14) for 'TLS 1.3 server hello'
[gnutls] (4) EXT[0x211e0e0]: Not sending extension (Heartbeat/15) for 'TLS 1.3 server hello'
[gnutls] (4) EXT[0x211e0e0]: Not sending extension (ALPN/16) for 'TLS 1.3 server hello'
[gnutls] (4) EXT[0x211e0e0]: Not sending extension (Encrypt-then-MAC/22) for 'TLS 1.3 server hello'
[gnutls] (4) EXT[0x211e0e0]: Not sending extension (Extended Master Secret/23) for 'TLS 1.3 server hello'
[gnutls] (4) EXT[0x211e0e0]: Not sending extension (Session Ticket/35) for 'TLS 1.3 server hello'
[gnutls] (4) EXT[0x211e0e0]: Preparing extension (Key Share/51) for 'TLS 1.3 server hello'
[gnutls] (4) EXT[0x211e0e0]: sending key share for X25519
[gnutls] (4) EXT[0x211e0e0]: Sending extension Key Share/51 (36 bytes)
[gnutls] (4) EXT[0x211e0e0]: Preparing extension (Supported Versions/43) for 'TLS 1.3 server hello'
[gnutls] (4) EXT[0x211e0e0]: Sending extension Supported Versions/43 (2 bytes)
[gnutls] (4) EXT[0x211e0e0]: Not sending extension (Post Handshake Auth/49) for 'TLS 1.3 server hello'
[gnutls] (4) EXT[0x211e0e0]: Not sending extension (Safe Renegotiation/65281) for 'TLS 1.3 server hello'
[gnutls] (4) EXT[0x211e0e0]: Not sending extension (Server Name Indication/0) for 'TLS 1.3 server hello'
[gnutls] (4) EXT[0x211e0e0]: Not sending extension (Cookie/44) for 'TLS 1.3 server hello'
[gnutls] (4) EXT[0x211e0e0]: Not sending extension (Early Data/42) for 'TLS 1.3 server hello'
[gnutls] (4) EXT[0x211e0e0]: Preparing extension (PSK Key Exchange Modes/45) for 'TLS 1.3 server hello'
[gnutls] (4) EXT[0x211e0e0]: Not sending extension (Record Size Limit/28) for 'TLS 1.3 server hello'
[gnutls] (4) EXT[0x211e0e0]: Not sending extension (Maximum Record Size/1) for 'TLS 1.3 server hello'
[gnutls] (4) EXT[0x211e0e0]: Not sending extension (ClientHello Padding/21) for 'TLS 1.3 server hello'
[gnutls] (4) EXT[0x211e0e0]: Preparing extension (Pre Shared Key/41) for 'TLS 1.3 server hello'
[gnutls] (4) EXT[0x211e0e0]: Sending extension Pre Shared Key/41 (2 bytes)
[gnutls] (4) HSK[0x211e0e0]: SERVER HELLO was queued [128 bytes]
[gnutls] (5) REC[0x211e0e0]: Preparing Packet Handshake(22) with length: 128 and min pad: 0
[gnutls] (5) REC[0x211e0e0]: Sent Packet[1] Handshake(22) in epoch 0 and length: 133
[gnutls] (5) REC[0x211e0e0]: Preparing Packet ChangeCipherSpec(20) with length: 1 and min pad: 0
[gnutls] (5) REC[0x211e0e0]: Sent Packet[2] ChangeCipherSpec(20) in epoch 0 and length: 6
[gnutls] (4) REC[0x211e0e0]: Sent ChangeCipherSpec
[gnutls] (5) REC[0x211e0e0]: Initializing epoch #1
[gnutls] (5) REC[0x211e0e0]: Epoch #1 ready
[gnutls] (4) HSK[0x211e0e0]: TLS 1.3 re-key with cipher suite: GNUTLS_AES_256_GCM_SHA384
[gnutls] (4) EXT[0x211e0e0]: Not sending extension (OCSP Status Request/5) for 'encrypted extensions'
[gnutls] (4) EXT[0x211e0e0]: Preparing extension (Client Certificate Type/19) for 'encrypted extensions'
[gnutls] (4) EXT[0x211e0e0]: Preparing extension (Server Certificate Type/20) for 'encrypted extensions'
[gnutls] (4) EXT[0x211e0e0]: Preparing extension (Supported Groups/10) for 'encrypted extensions'
[gnutls] (4) EXT[0x211e0e0]: Not sending extension (Supported EC Point Formats/11) for 'encrypted extensions'
[gnutls] (4) EXT[0x211e0e0]: Not sending extension (SRP/12) for 'encrypted extensions'
[gnutls] (4) EXT[0x211e0e0]: Not sending extension (Signature Algorithms/13) for 'encrypted extensions'
[gnutls] (4) EXT[0x211e0e0]: Preparing extension (SRTP/14) for 'encrypted extensions'
[gnutls] (4) EXT[0x211e0e0]: Preparing extension (Heartbeat/15) for 'encrypted extensions'
[gnutls] (4) EXT[0x211e0e0]: Preparing extension (ALPN/16) for 'encrypted extensions'
[gnutls] (4) EXT[0x211e0e0]: Sending extension ALPN/16 (5 bytes)
[gnutls] (4) EXT[0x211e0e0]: Not sending extension (Encrypt-then-MAC/22) for 'encrypted extensions'
[gnutls] (4) EXT[0x211e0e0]: Not sending extension (Extended Master Secret/23) for 'encrypted extensions'
[gnutls] (4) EXT[0x211e0e0]: Not sending extension (Session Ticket/35) for 'encrypted extensions'
[gnutls] (4) EXT[0x211e0e0]: Not sending extension (Key Share/51) for 'encrypted extensions'
[gnutls] (4) EXT[0x211e0e0]: Not sending extension (Supported Versions/43) for 'encrypted extensions'
[gnutls] (4) EXT[0x211e0e0]: Not sending extension (Post Handshake Auth/49) for 'encrypted extensions'
[gnutls] (4) EXT[0x211e0e0]: Not sending extension (Safe Renegotiation/65281) for 'encrypted extensions'
[gnutls] (4) EXT[0x211e0e0]: Preparing extension (Server Name Indication/0) for 'encrypted extensions'
[gnutls] (4) EXT[0x211e0e0]: Not sending extension (Cookie/44) for 'encrypted extensions'
[gnutls] (4) EXT[0x211e0e0]: Preparing extension (Early Data/42) for 'encrypted extensions'
[gnutls] (4) EXT[0x211e0e0]: Not sending extension (PSK Key Exchange Modes/45) for 'encrypted extensions'
[gnutls] (4) EXT[0x211e0e0]: Preparing extension (Record Size Limit/28) for 'encrypted extensions'
[gnutls] (4) EXT[0x211e0e0]: Preparing extension (Maximum Record Size/1) for 'encrypted extensions'
[gnutls] (4) EXT[0x211e0e0]: Not sending extension (ClientHello Padding/21) for 'encrypted extensions'
[gnutls] (4) EXT[0x211e0e0]: Not sending extension (Pre Shared Key/41) for 'encrypted extensions'
[gnutls] (4) HSK[0x211e0e0]: ENCRYPTED EXTENSIONS was queued [15 bytes]
[gnutls] (4) HSK[0x211e0e0]: sending finished
[gnutls] (4) HSK[0x211e0e0]: FINISHED was queued [52 bytes]
[gnutls] (5) REC[0x211e0e0]: Preparing Packet Handshake(22) with length: 15 and min pad: 0
[gnutls] (5) REC[0x211e0e0]: Sent Packet[1] Handshake(22) in epoch 1 and length: 37
[gnutls] (5) REC[0x211e0e0]: Preparing Packet Handshake(22) with length: 52 and min pad: 0
[gnutls] (5) REC[0x211e0e0]: Sent Packet[2] Handshake(22) in epoch 1 and length: 74
[gnutls] (3) ASSERT: ../../lib/constate.c[_gnutls_epoch_get]:955
[gnutls] (5) REC[0x211e0e0]: Allocating epoch #2
[gnutls] (5) REC[0x211e0e0]: Initializing epoch #2
[gnutls] (5) REC[0x211e0e0]: Epoch #2 ready
[gnutls] (4) HSK[0x211e0e0]: TLS 1.3 set write key with cipher suite: GNUTLS_AES_256_GCM_SHA384
[gnutls] (4) HSK[0x211e0e0]: switching early to application traffic keys
[gnutls] (3) ASSERT: ../../lib/buffers.c[get_last_packet]:1185
[gnutls] (3) ASSERT: ../../lib/buffers.c[_gnutls_io_read_buffered]:589
[gnutls] (3) ASSERT: ../../lib/tls13/finished.c[_gnutls13_recv_finished]:101
[gnutls] (3) ASSERT: ../../lib/buffers.c[get_last_packet]:1185
[gnutls] (5) REC[0x211e0e0]: SSL 3.3 ChangeCipherSpec packet received. Epoch 1, length: 1
[gnutls] (5) REC[0x211e0e0]: Expected Packet Handshake(22)
[gnutls] (5) REC[0x211e0e0]: Received Packet ChangeCipherSpec(20) with length: 1
[gnutls] (5) REC[0x211e0e0]: SSL 3.3 Application Data packet received. Epoch 1, length: 69
[gnutls] (5) REC[0x211e0e0]: Expected Packet Handshake(22)
[gnutls] (5) REC[0x211e0e0]: Received Packet Application Data(23) with length: 69
[gnutls] (5) REC[0x211e0e0]: Decrypted Packet[0] Handshake(22) with length: 52
[gnutls] (4) HSK[0x211e0e0]: FINISHED (20) was received. Length 48[48], frag offset 0, frag length: 48, sequence: 0
[gnutls] (4) HSK[0x211e0e0]: parsing finished
[gnutls] (4) HSK[0x211e0e0]: TLS 1.3 set read key with cipher suite: GNUTLS_AES_256_GCM_SHA384
[gnutls] (4) HSK[0x211e0e0]: NEW SESSION TICKET was queued [251 bytes]
[gnutls] (4) HSK[0x211e0e0]: NEW SESSION TICKET was queued [251 bytes]
[gnutls] (5) REC[0x211e0e0]: Preparing Packet Handshake(22) with length: 251 and min pad: 0
[gnutls] (5) REC[0x211e0e0]: Sent Packet[1] Handshake(22) in epoch 2 and length: 273
[gnutls] (5) REC[0x211e0e0]: Preparing Packet Handshake(22) with length: 251 and min pad: 0
[gnutls] (5) REC[0x211e0e0]: Sent Packet[2] Handshake(22) in epoch 2 and length: 273
[gnutls] (5) REC[0x211e0e0]: Start of epoch cleanup
[gnutls] (5) REC[0x211e0e0]: Epoch #0 freed
[gnutls] (5) REC[0x211e0e0]: Epoch #1 freed
[gnutls] (5) REC[0x211e0e0]: End of epoch cleanup
[tls ] TLS handshake with 127.0.0.1#55204 has completed
[gnutls] (3) ASSERT: ../../lib/buffers.c[_gnutls_io_read_buffered]:589
[gnutls] (3) ASSERT: ../../lib/record.c[_gnutls_recv_int]:1776
[gnutls] (5) REC[0x211e0e0]: SSL 3.3 Application Data packet received. Epoch 2, length: 41
[gnutls] (5) REC[0x211e0e0]: Expected Packet Application Data(23)
[gnutls] (5) REC[0x211e0e0]: Received Packet Application Data(23) with length: 41
[gnutls] (5) REC[0x211e0e0]: Decrypted Packet[0] Application Data(23) with length: 24
[gnutls] (3) ASSERT: ../../lib/buffers.c[_gnutls_io_read_buffered]:589
[gnutls] (3) ASSERT: ../../lib/record.c[_gnutls_recv_int]:1776
[gnutls] (5) REC[0x211e0e0]: Preparing Packet Application Data(23) with length: 15 and min pad: 0
[gnutls] (5) REC[0x211e0e0]: Sent Packet[3] Application Data(23) in epoch 2 and length: 37
[gnutls] (5) REC[0x211e0e0]: SSL 3.3 Application Data packet received. Epoch 2, length: 44
[gnutls] (5) REC[0x211e0e0]: Expected Packet Application Data(23)
[gnutls] (5) REC[0x211e0e0]: Received Packet Application Data(23) with length: 44
[gnutls] (5) REC[0x211e0e0]: Decrypted Packet[1] Application Data(23) with length: 27
[gnutls] (5) REC[0x211e0e0]: SSL 3.3 Application Data packet received. Epoch 2, length: 30
[gnutls] (5) REC[0x211e0e0]: Expected Packet Application Data(23)
[gnutls] (5) REC[0x211e0e0]: Received Packet Application Data(23) with length: 30
[gnutls] (5) REC[0x211e0e0]: Decrypted Packet[2] Application Data(23) with length: 13
[gnutls] (3) ASSERT: ../../lib/buffers.c[_gnutls_io_read_buffered]:589
[gnutls] (3) ASSERT: ../../lib/record.c[_gnutls_recv_int]:1776
[gnutls] (5) REC[0x211e0e0]: Preparing Packet Application Data(23) with length: 9 and min pad: 0
[gnutls] (5) REC[0x211e0e0]: Sent Packet[4] Application Data(23) in epoch 2 and length: 31
[gnutls] (5) REC[0x211e0e0]: SSL 3.3 Application Data packet received. Epoch 2, length: 62
[gnutls] (5) REC[0x211e0e0]: Expected Packet Application Data(23)
[gnutls] (5) REC[0x211e0e0]: Received Packet Application Data(23) with length: 62
[gnutls] (5) REC[0x211e0e0]: Decrypted Packet[3] Application Data(23) with length: 45
[gnutls] (3) ASSERT: ../../lib/buffers.c[_gnutls_io_read_buffered]:589
[gnutls] (3) ASSERT: ../../lib/record.c[_gnutls_recv_int]:1776
[gnutls] (5) REC[0x211e0e0]: Preparing Packet Application Data(23) with length: 13 and min pad: 0
[gnutls] (5) REC[0x211e0e0]: Sent Packet[5] Application Data(23) in epoch 2 and length: 35
[gnutls] (5) REC[0x211e0e0]: SSL 3.3 Application Data packet received. Epoch 2, length: 26
[gnutls] (5) REC[0x211e0e0]: Expected Packet Application Data(23)
[gnutls] (5) REC[0x211e0e0]: Received Packet Application Data(23) with length: 26
[gnutls] (5) REC[0x211e0e0]: Decrypted Packet[4] Application Data(23) with length: 9
[gnutls] (3) ASSERT: ../../lib/buffers.c[_gnutls_io_read_buffered]:589
[gnutls] (3) ASSERT: ../../lib/record.c[_gnutls_recv_int]:1776
[gnutls] (5) REC[0x211e0e0]: SSL 3.3 Application Data packet received. Epoch 2, length: 19
[gnutls] (5) REC[0x211e0e0]: Expected Packet Application Data(23)
[gnutls] (5) REC[0x211e0e0]: Received Packet Application Data(23) with length: 19
[gnutls] (5) REC[0x211e0e0]: Decrypted Packet[5] Alert(21) with length: 2
[gnutls] (5) REC[0x211e0e0]: Alert[1|0] - Close notify - was received
[gnutls] (3) ASSERT: ../../lib/record.c[_gnutls_recv_in_buffers]:1578
[io ] => connection to '127.0.0.1#55204' closed by peer (end of file)
[doh ] [0x21373f0] h2 session freed
[gnutls] (5) REC[0x211e0e0]: Start of epoch cleanup
[gnutls] (5) REC[0x211e0e0]: End of epoch cleanup
[gnutls] (5) REC[0x211e0e0]: Epoch #2 freed
[gnutls] (5) REC[0x211e0e0]: Allocating epoch #0
[gnutls] (2) added 4 protocols, 29 ciphersuites, 19 sig algos and 10 groups into priority list
[doh ] [0x21373f0] h2 session created for 127.0.0.1#55206
[gnutls] (5) REC[0x211e0e0]: Allocating epoch #1
[gnutls] (3) ASSERT: ../../lib/buffers.c[get_last_packet]:1185
[gnutls] (5) REC[0x211e0e0]: SSL 3.1 Handshake packet received. Epoch 0, length: 593
[gnutls] (5) REC[0x211e0e0]: Expected Packet Handshake(22)
[gnutls] (5) REC[0x211e0e0]: Received Packet Handshake(22) with length: 593
[gnutls] (5) REC[0x211e0e0]: Decrypted Packet[0] Handshake(22) with length: 593
[gnutls] (4) HSK[0x211e0e0]: CLIENT HELLO (1) was received. Length 589[589], frag offset 0, frag length: 589, sequence: 0
[gnutls] (4) HSK[0x211e0e0]: Client's version: 3.3
[gnutls] (4) EXT[0x211e0e0]: Parsing extension 'Supported Versions/43' (5 bytes)
[gnutls] (4) EXT[0x211e0e0]: Found version: 3.4
[gnutls] (4) EXT[0x211e0e0]: Found version: 3.3
[gnutls] (4) EXT[0x211e0e0]: Negotiated version: 3.4
[gnutls] (4) EXT[0x211e0e0]: Parsing extension 'ALPN/16' (14 bytes)
[gnutls] (4) EXT[0x211e0e0]: Parsing extension 'Encrypt-then-MAC/22' (0 bytes)
[gnutls] (4) EXT[0x211e0e0]: Parsing extension 'Extended Master Secret/23' (0 bytes)
[gnutls] (4) EXT[0x211e0e0]: Parsing extension 'Supported EC Point Formats/11' (4 bytes)
[gnutls] (4) EXT[0x211e0e0]: Parsing extension 'Supported Groups/10' (12 bytes)
[gnutls] (4) EXT[0x211e0e0]: Received group X25519 (0x1d)
[gnutls] (4) EXT[0x211e0e0]: Received group SECP256R1 (0x17)
[gnutls] (4) EXT[0x211e0e0]: Received group X448 (0x1e)
[gnutls] (4) EXT[0x211e0e0]: Received group SECP521R1 (0x19)
[gnutls] (4) EXT[0x211e0e0]: Received group SECP384R1 (0x18)
[gnutls] (4) EXT[0x211e0e0]: Selected group X25519
[gnutls] (4) EXT[0x211e0e0]: Parsing extension 'Post Handshake Auth/49' (0 bytes)
[gnutls] (4) EXT[0x211e0e0]: Parsing extension 'Signature Algorithms/13' (42 bytes)
[gnutls] (4) EXT[0x211e0e0]: rcvd signature algo (4.3) ECDSA-SECP256R1-SHA256
[gnutls] (4) EXT[0x211e0e0]: rcvd signature algo (5.3) ECDSA-SECP384R1-SHA384
[gnutls] (4) EXT[0x211e0e0]: rcvd signature algo (6.3) ECDSA-SECP521R1-SHA512
[gnutls] (4) EXT[0x211e0e0]: rcvd signature algo (8.7) EdDSA-Ed25519
[gnutls] (4) EXT[0x211e0e0]: rcvd signature algo (8.8) EdDSA-Ed448
[gnutls] (4) EXT[0x211e0e0]: rcvd signature algo (8.9) RSA-PSS-SHA256
[gnutls] (4) EXT[0x211e0e0]: rcvd signature algo (8.10) RSA-PSS-SHA384
[gnutls] (4) EXT[0x211e0e0]: rcvd signature algo (8.11) RSA-PSS-SHA512
[gnutls] (4) EXT[0x211e0e0]: rcvd signature algo (8.4) RSA-PSS-RSAE-SHA256
[gnutls] (4) EXT[0x211e0e0]: rcvd signature algo (8.5) RSA-PSS-RSAE-SHA384
[gnutls] (4) EXT[0x211e0e0]: rcvd signature algo (8.6) RSA-PSS-RSAE-SHA512
[gnutls] (4) EXT[0x211e0e0]: rcvd signature algo (4.1) RSA-SHA256
[gnutls] (4) EXT[0x211e0e0]: rcvd signature algo (5.1) RSA-SHA384
[gnutls] (4) EXT[0x211e0e0]: rcvd signature algo (6.1) RSA-SHA512
[gnutls] (4) EXT[0x211e0e0]: rcvd signature algo (3.3) (null)
[gnutls] (4) EXT[0x211e0e0]: rcvd signature algo (3.1) (null)
[gnutls] (4) EXT[0x211e0e0]: rcvd signature algo (3.2) (null)
[gnutls] (4) EXT[0x211e0e0]: rcvd signature algo (4.2) (null)
[gnutls] (4) EXT[0x211e0e0]: rcvd signature algo (5.2) (null)
[gnutls] (4) EXT[0x211e0e0]: rcvd signature algo (6.2) (null)
[gnutls] (4) EXT[0x211e0e0]: Parsing extension 'PSK Key Exchange Modes/45' (2 bytes)
[gnutls] (4) EXT[0x211e0e0]: PSK KE mode 01 received
[gnutls] (4) EXT[0x211e0e0]: Parsing extension 'Pre Shared Key/41' (289 bytes)
[gnutls] (4) EXT[0x211e0e0]: selected DHE-PSK mode
[gnutls] (4) EXT[0x211e0e0]: selected resumption PSK identity (0)
[gnutls] (4) HSK[0x211e0e0]: Received safe renegotiation CS
[gnutls] (2) checking 13.02 (GNUTLS_AES_256_GCM_SHA384) for compatibility
[gnutls] (4) HSK[0x211e0e0]: Selected cipher suite: GNUTLS_AES_256_GCM_SHA384
[gnutls] (4) HSK[0x211e0e0]: Selected version TLS1.3
[gnutls] (4) EXT[0x211e0e0]: Parsing extension 'Key Share/51' (38 bytes)
[gnutls] (4) EXT[0x211e0e0]: Received key share for X25519
[gnutls] (4) HSK[0x211e0e0]: Selected group X25519 (6)
[gnutls] (2) EXT[0x211e0e0]: server generated X25519 shared key
[gnutls] (4) HSK[0x211e0e0]: Safe renegotiation succeeded
[gnutls] (4) HSK[0x211e0e0]: SessionID: 3c698c13d66f681ba04710d2656623517471ec4673ba070bdf70a2c90f3b2c36
[gnutls] (4) EXT[0x211e0e0]: Not sending extension (OCSP Status Request/5) for 'TLS 1.3 server hello'
[gnutls] (4) EXT[0x211e0e0]: Not sending extension (Client Certificate Type/19) for 'TLS 1.3 server hello'
[gnutls] (4) EXT[0x211e0e0]: Not sending extension (Server Certificate Type/20) for 'TLS 1.3 server hello'
[gnutls] (4) EXT[0x211e0e0]: Not sending extension (Supported Groups/10) for 'TLS 1.3 server hello'
[gnutls] (4) EXT[0x211e0e0]: Not sending extension (Supported EC Point Formats/11) for 'TLS 1.3 server hello'
[gnutls] (4) EXT[0x211e0e0]: Not sending extension (SRP/12) for 'TLS 1.3 server hello'
[gnutls] (4) EXT[0x211e0e0]: Not sending extension (Signature Algorithms/13) for 'TLS 1.3 server hello'
[gnutls] (4) EXT[0x211e0e0]: Not sending extension (SRTP/14) for 'TLS 1.3 server hello'
[gnutls] (4) EXT[0x211e0e0]: Not sending extension (Heartbeat/15) for 'TLS 1.3 server hello'
[gnutls] (4) EXT[0x211e0e0]: Not sending extension (ALPN/16) for 'TLS 1.3 server hello'
[gnutls] (4) EXT[0x211e0e0]: Not sending extension (Encrypt-then-MAC/22) for 'TLS 1.3 server hello'
[gnutls] (4) EXT[0x211e0e0]: Not sending extension (Extended Master Secret/23) for 'TLS 1.3 server hello'
[gnutls] (4) EXT[0x211e0e0]: Not sending extension (Session Ticket/35) for 'TLS 1.3 server hello'
[gnutls] (4) EXT[0x211e0e0]: Preparing extension (Key Share/51) for 'TLS 1.3 server hello'
[gnutls] (4) EXT[0x211e0e0]: sending key share for X25519
[gnutls] (4) EXT[0x211e0e0]: Sending extension Key Share/51 (36 bytes)
[gnutls] (4) EXT[0x211e0e0]: Preparing extension (Supported Versions/43) for 'TLS 1.3 server hello'
[gnutls] (4) EXT[0x211e0e0]: Sending extension Supported Versions/43 (2 bytes)
[gnutls] (4) EXT[0x211e0e0]: Not sending extension (Post Handshake Auth/49) for 'TLS 1.3 server hello'
[gnutls] (4) EXT[0x211e0e0]: Not sending extension (Safe Renegotiation/65281) for 'TLS 1.3 server hello'
[gnutls] (4) EXT[0x211e0e0]: Not sending extension (Server Name Indication/0) for 'TLS 1.3 server hello'
[gnutls] (4) EXT[0x211e0e0]: Not sending extension (Cookie/44) for 'TLS 1.3 server hello'
[gnutls] (4) EXT[0x211e0e0]: Not sending extension (Early Data/42) for 'TLS 1.3 server hello'
[gnutls] (4) EXT[0x211e0e0]: Preparing extension (PSK Key Exchange Modes/45) for 'TLS 1.3 server hello'
[gnutls] (4) EXT[0x211e0e0]: Not sending extension (Record Size Limit/28) for 'TLS 1.3 server hello'
[gnutls] (4) EXT[0x211e0e0]: Not sending extension (Maximum Record Size/1) for 'TLS 1.3 server hello'
[gnutls] (4) EXT[0x211e0e0]: Not sending extension (ClientHello Padding/21) for 'TLS 1.3 server hello'
[gnutls] (4) EXT[0x211e0e0]: Preparing extension (Pre Shared Key/41) for 'TLS 1.3 server hello'
[gnutls] (4) EXT[0x211e0e0]: Sending extension Pre Shared Key/41 (2 bytes)
[gnutls] (4) HSK[0x211e0e0]: SERVER HELLO was queued [128 bytes]
[gnutls] (5) REC[0x211e0e0]: Preparing Packet Handshake(22) with length: 128 and min pad: 0
[gnutls] (5) REC[0x211e0e0]: Sent Packet[1] Handshake(22) in epoch 0 and length: 133
[gnutls] (5) REC[0x211e0e0]: Preparing Packet ChangeCipherSpec(20) with length: 1 and min pad: 0
[gnutls] (5) REC[0x211e0e0]: Sent Packet[2] ChangeCipherSpec(20) in epoch 0 and length: 6
[gnutls] (4) REC[0x211e0e0]: Sent ChangeCipherSpec
[gnutls] (5) REC[0x211e0e0]: Initializing epoch #1
[gnutls] (5) REC[0x211e0e0]: Epoch #1 ready
[gnutls] (4) HSK[0x211e0e0]: TLS 1.3 re-key with cipher suite: GNUTLS_AES_256_GCM_SHA384
[gnutls] (4) EXT[0x211e0e0]: Not sending extension (OCSP Status Request/5) for 'encrypted extensions'
[gnutls] (4) EXT[0x211e0e0]: Preparing extension (Client Certificate Type/19) for 'encrypted extensions'
[gnutls] (4) EXT[0x211e0e0]: Preparing extension (Server Certificate Type/20) for 'encrypted extensions'
[gnutls] (4) EXT[0x211e0e0]: Preparing extension (Supported Groups/10) for 'encrypted extensions'
[gnutls] (4) EXT[0x211e0e0]: Not sending extension (Supported EC Point Formats/11) for 'encrypted extensions'
[gnutls] (4) EXT[0x211e0e0]: Not sending extension (SRP/12) for 'encrypted extensions'
[gnutls] (4) EXT[0x211e0e0]: Not sending extension (Signature Algorithms/13) for 'encrypted extensions'
[gnutls] (4) EXT[0x211e0e0]: Preparing extension (SRTP/14) for 'encrypted extensions'
[gnutls] (4) EXT[0x211e0e0]: Preparing extension (Heartbeat/15) for 'encrypted extensions'
[gnutls] (4) EXT[0x211e0e0]: Preparing extension (ALPN/16) for 'encrypted extensions'
[gnutls] (4) EXT[0x211e0e0]: Sending extension ALPN/16 (5 bytes)
[gnutls] (4) EXT[0x211e0e0]: Not sending extension (Encrypt-then-MAC/22) for 'encrypted extensions'
[gnutls] (4) EXT[0x211e0e0]: Not sending extension (Extended Master Secret/23) for 'encrypted extensions'
[gnutls] (4) EXT[0x211e0e0]: Not sending extension (Session Ticket/35) for 'encrypted extensions'
[gnutls] (4) EXT[0x211e0e0]: Not sending extension (Key Share/51) for 'encrypted extensions'
[gnutls] (4) EXT[0x211e0e0]: Not sending extension (Supported Versions/43) for 'encrypted extensions'
[gnutls] (4) EXT[0x211e0e0]: Not sending extension (Post Handshake Auth/49) for 'encrypted extensions'
[gnutls] (4) EXT[0x211e0e0]: Not sending extension (Safe Renegotiation/65281) for 'encrypted extensions'
[gnutls] (4) EXT[0x211e0e0]: Preparing extension (Server Name Indication/0) for 'encrypted extensions'
[gnutls] (4) EXT[0x211e0e0]: Not sending extension (Cookie/44) for 'encrypted extensions'
[gnutls] (4) EXT[0x211e0e0]: Preparing extension (Early Data/42) for 'encrypted extensions'
[gnutls] (4) EXT[0x211e0e0]: Not sending extension (PSK Key Exchange Modes/45) for 'encrypted extensions'
[gnutls] (4) EXT[0x211e0e0]: Preparing extension (Record Size Limit/28) for 'encrypted extensions'
[gnutls] (4) EXT[0x211e0e0]: Preparing extension (Maximum Record Size/1) for 'encrypted extensions'
[gnutls] (4) EXT[0x211e0e0]: Not sending extension (ClientHello Padding/21) for 'encrypted extensions'
[gnutls] (4) EXT[0x211e0e0]: Not sending extension (Pre Shared Key/41) for 'encrypted extensions'
[gnutls] (4) HSK[0x211e0e0]: ENCRYPTED EXTENSIONS was queued [15 bytes]
[gnutls] (4) HSK[0x211e0e0]: sending finished
[gnutls] (4) HSK[0x211e0e0]: FINISHED was queued [52 bytes]
[gnutls] (5) REC[0x211e0e0]: Preparing Packet Handshake(22) with length: 15 and min pad: 0
[gnutls] (5) REC[0x211e0e0]: Sent Packet[1] Handshake(22) in epoch 1 and length: 37
[gnutls] (5) REC[0x211e0e0]: Preparing Packet Handshake(22) with length: 52 and min pad: 0
[gnutls] (5) REC[0x211e0e0]: Sent Packet[2] Handshake(22) in epoch 1 and length: 74
[gnutls] (3) ASSERT: ../../lib/constate.c[_gnutls_epoch_get]:955
[gnutls] (5) REC[0x211e0e0]: Allocating epoch #2
[gnutls] (5) REC[0x211e0e0]: Initializing epoch #2
[gnutls] (5) REC[0x211e0e0]: Epoch #2 ready
[gnutls] (4) HSK[0x211e0e0]: TLS 1.3 set write key with cipher suite: GNUTLS_AES_256_GCM_SHA384
[gnutls] (4) HSK[0x211e0e0]: switching early to application traffic keys
[gnutls] (3) ASSERT: ../../lib/buffers.c[get_last_packet]:1185
[gnutls] (3) ASSERT: ../../lib/buffers.c[_gnutls_io_read_buffered]:589
[gnutls] (3) ASSERT: ../../lib/tls13/finished.c[_gnutls13_recv_finished]:101
[gnutls] (3) ASSERT: ../../lib/buffers.c[get_last_packet]:1185
[gnutls] (5) REC[0x211e0e0]: SSL 3.3 ChangeCipherSpec packet received. Epoch 1, length: 1
[gnutls] (5) REC[0x211e0e0]: Expected Packet Handshake(22)
[gnutls] (5) REC[0x211e0e0]: Received Packet ChangeCipherSpec(20) with length: 1
[gnutls] (5) REC[0x211e0e0]: SSL 3.3 Application Data packet received. Epoch 1, length: 69
[gnutls] (5) REC[0x211e0e0]: Expected Packet Handshake(22)
[gnutls] (5) REC[0x211e0e0]: Received Packet Application Data(23) with length: 69
[gnutls] (5) REC[0x211e0e0]: Decrypted Packet[0] Handshake(22) with length: 52
[gnutls] (4) HSK[0x211e0e0]: FINISHED (20) was received. Length 48[48], frag offset 0, frag length: 48, sequence: 0
[gnutls] (4) HSK[0x211e0e0]: parsing finished
[gnutls] (4) HSK[0x211e0e0]: TLS 1.3 set read key with cipher suite: GNUTLS_AES_256_GCM_SHA384
[gnutls] (4) HSK[0x211e0e0]: NEW SESSION TICKET was queued [251 bytes]
[gnutls] (4) HSK[0x211e0e0]: NEW SESSION TICKET was queued [251 bytes]
[gnutls] (5) REC[0x211e0e0]: Preparing Packet Handshake(22) with length: 251 and min pad: 0
[gnutls] (5) REC[0x211e0e0]: Sent Packet[1] Handshake(22) in epoch 2 and length: 273
[gnutls] (5) REC[0x211e0e0]: Preparing Packet Handshake(22) with length: 251 and min pad: 0
[gnutls] (5) REC[0x211e0e0]: Sent Packet[2] Handshake(22) in epoch 2 and length: 273
[gnutls] (5) REC[0x211e0e0]: Start of epoch cleanup
[gnutls] (5) REC[0x211e0e0]: Epoch #0 freed
[gnutls] (5) REC[0x211e0e0]: Epoch #1 freed
[gnutls] (5) REC[0x211e0e0]: End of epoch cleanup
[tls ] TLS handshake with 127.0.0.1#55206 has completed
[gnutls] (3) ASSERT: ../../lib/buffers.c[_gnutls_io_read_buffered]:589
[gnutls] (3) ASSERT: ../../lib/record.c[_gnutls_recv_int]:1776
[gnutls] (5) REC[0x211e0e0]: SSL 3.3 Application Data packet received. Epoch 2, length: 41
[gnutls] (5) REC[0x211e0e0]: Expected Packet Application Data(23)
[gnutls] (5) REC[0x211e0e0]: Received Packet Application Data(23) with length: 41
[gnutls] (5) REC[0x211e0e0]: Decrypted Packet[0] Application Data(23) with length: 24
[gnutls] (3) ASSERT: ../../lib/buffers.c[_gnutls_io_read_buffered]:589
[gnutls] (3) ASSERT: ../../lib/record.c[_gnutls_recv_int]:1776
[gnutls] (5) REC[0x211e0e0]: Preparing Packet Application Data(23) with length: 15 and min pad: 0
[gnutls] (5) REC[0x211e0e0]: Sent Packet[3] Application Data(23) in epoch 2 and length: 37
[gnutls] (5) REC[0x211e0e0]: SSL 3.3 Application Data packet received. Epoch 2, length: 44
[gnutls] (5) REC[0x211e0e0]: Expected Packet Application Data(23)
[gnutls] (5) REC[0x211e0e0]: Received Packet Application Data(23) with length: 44
[gnutls] (5) REC[0x211e0e0]: Decrypted Packet[1] Application Data(23) with length: 27
[gnutls] (5) REC[0x211e0e0]: SSL 3.3 Application Data packet received. Epoch 2, length: 30
[gnutls] (5) REC[0x211e0e0]: Expected Packet Application Data(23)
[gnutls] (5) REC[0x211e0e0]: Received Packet Application Data(23) with length: 30
[gnutls] (5) REC[0x211e0e0]: Decrypted Packet[2] Application Data(23) with length: 13
[gnutls] (3) ASSERT: ../../lib/buffers.c[_gnutls_io_read_buffered]:589
[gnutls] (3) ASSERT: ../../lib/record.c[_gnutls_recv_int]:1776
[gnutls] (5) REC[0x211e0e0]: Preparing Packet Application Data(23) with length: 9 and min pad: 0
[gnutls] (5) REC[0x211e0e0]: Sent Packet[4] Application Data(23) in epoch 2 and length: 31
[gnutls] (5) REC[0x211e0e0]: SSL 3.3 Application Data packet received. Epoch 2, length: 62
[gnutls] (5) REC[0x211e0e0]: Expected Packet Application Data(23)
[gnutls] (5) REC[0x211e0e0]: Received Packet Application Data(23) with length: 62
[gnutls] (5) REC[0x211e0e0]: Decrypted Packet[3] Application Data(23) with length: 45
[gnutls] (3) ASSERT: ../../lib/buffers.c[_gnutls_io_read_buffered]:589
[gnutls] (3) ASSERT: ../../lib/record.c[_gnutls_recv_int]:1776
[gnutls] (5) REC[0x211e0e0]: Preparing Packet Application Data(23) with length: 13 and min pad: 0
[gnutls] (5) REC[0x211e0e0]: Sent Packet[5] Application Data(23) in epoch 2 and length: 35
[gnutls] (5) REC[0x211e0e0]: SSL 3.3 Application Data packet received. Epoch 2, length: 26
[gnutls] (5) REC[0x211e0e0]: Expected Packet Application Data(23)
[gnutls] (5) REC[0x211e0e0]: Received Packet Application Data(23) with length: 26
[gnutls] (5) REC[0x211e0e0]: Decrypted Packet[4] Application Data(23) with length: 9
[gnutls] (3) ASSERT: ../../lib/buffers.c[_gnutls_io_read_buffered]:589
[gnutls] (3) ASSERT: ../../lib/record.c[_gnutls_recv_int]:1776
[gnutls] (5) REC[0x211e0e0]: SSL 3.3 Application Data packet received. Epoch 2, length: 19
[gnutls] (5) REC[0x211e0e0]: Expected Packet Application Data(23)
[gnutls] (5) REC[0x211e0e0]: Received Packet Application Data(23) with length: 19
[gnutls] (5) REC[0x211e0e0]: Decrypted Packet[5] Alert(21) with length: 2
[gnutls] (5) REC[0x211e0e0]: Alert[1|0] - Close notify - was received
[gnutls] (3) ASSERT: ../../lib/record.c[_gnutls_recv_in_buffers]:1578
[io ] => connection to '127.0.0.1#55206' closed by peer (end of file)
[doh ] [0x21373f0] h2 session freed
[gnutls] (5) REC[0x211e0e0]: Start of epoch cleanup
[gnutls] (5) REC[0x211e0e0]: End of epoch cleanup
[gnutls] (5) REC[0x211e0e0]: Epoch #2 freed
[gnutls] (5) REC[0x211e0e0]: Allocating epoch #0
[gnutls] (2) added 4 protocols, 29 ciphersuites, 19 sig algos and 10 groups into priority list
[doh ] [0x21373f0] h2 session created for 127.0.0.1#55208
[gnutls] (5) REC[0x211e0e0]: Allocating epoch #1
[gnutls] (3) ASSERT: ../../lib/buffers.c[get_last_packet]:1185
[gnutls] (5) REC[0x211e0e0]: SSL 3.1 Handshake packet received. Epoch 0, length: 593
[gnutls] (5) REC[0x211e0e0]: Expected Packet Handshake(22)
[gnutls] (5) REC[0x211e0e0]: Received Packet Handshake(22) with length: 593
[gnutls] (5) REC[0x211e0e0]: Decrypted Packet[0] Handshake(22) with length: 593
[gnutls] (4) HSK[0x211e0e0]: CLIENT HELLO (1) was received. Length 589[589], frag offset 0, frag length: 589, sequence: 0
[gnutls] (4) HSK[0x211e0e0]: Client's version: 3.3
[gnutls] (4) EXT[0x211e0e0]: Parsing extension 'Supported Versions/43' (5 bytes)
[gnutls] (4) EXT[0x211e0e0]: Found version: 3.4
[gnutls] (4) EXT[0x211e0e0]: Found version: 3.3
[gnutls] (4) EXT[0x211e0e0]: Negotiated version: 3.4
[gnutls] (4) EXT[0x211e0e0]: Parsing extension 'ALPN/16' (14 bytes)
[gnutls] (4) EXT[0x211e0e0]: Parsing extension 'Encrypt-then-MAC/22' (0 bytes)
[gnutls] (4) EXT[0x211e0e0]: Parsing extension 'Extended Master Secret/23' (0 bytes)
[gnutls] (4) EXT[0x211e0e0]: Parsing extension 'Supported EC Point Formats/11' (4 bytes)
[gnutls] (4) EXT[0x211e0e0]: Parsing extension 'Supported Groups/10' (12 bytes)
[gnutls] (4) EXT[0x211e0e0]: Received group X25519 (0x1d)
[gnutls] (4) EXT[0x211e0e0]: Received group SECP256R1 (0x17)
[gnutls] (4) EXT[0x211e0e0]: Received group X448 (0x1e)
[gnutls] (4) EXT[0x211e0e0]: Received group SECP521R1 (0x19)
[gnutls] (4) EXT[0x211e0e0]: Received group SECP384R1 (0x18)
[gnutls] (4) EXT[0x211e0e0]: Selected group X25519
[gnutls] (4) EXT[0x211e0e0]: Parsing extension 'Post Handshake Auth/49' (0 bytes)
[gnutls] (4) EXT[0x211e0e0]: Parsing extension 'Signature Algorithms/13' (42 bytes)
[gnutls] (4) EXT[0x211e0e0]: rcvd signature algo (4.3) ECDSA-SECP256R1-SHA256
[gnutls] (4) EXT[0x211e0e0]: rcvd signature algo (5.3) ECDSA-SECP384R1-SHA384
[gnutls] (4) EXT[0x211e0e0]: rcvd signature algo (6.3) ECDSA-SECP521R1-SHA512
[gnutls] (4) EXT[0x211e0e0]: rcvd signature algo (8.7) EdDSA-Ed25519
[gnutls] (4) EXT[0x211e0e0]: rcvd signature algo (8.8) EdDSA-Ed448
[gnutls] (4) EXT[0x211e0e0]: rcvd signature algo (8.9) RSA-PSS-SHA256
[gnutls] (4) EXT[0x211e0e0]: rcvd signature algo (8.10) RSA-PSS-SHA384
[gnutls] (4) EXT[0x211e0e0]: rcvd signature algo (8.11) RSA-PSS-SHA512
[gnutls] (4) EXT[0x211e0e0]: rcvd signature algo (8.4) RSA-PSS-RSAE-SHA256
[gnutls] (4) EXT[0x211e0e0]: rcvd signature algo (8.5) RSA-PSS-RSAE-SHA384
[gnutls] (4) EXT[0x211e0e0]: rcvd signature algo (8.6) RSA-PSS-RSAE-SHA512
[gnutls] (4) EXT[0x211e0e0]: rcvd signature algo (4.1) RSA-SHA256
[gnutls] (4) EXT[0x211e0e0]: rcvd signature algo (5.1) RSA-SHA384
[gnutls] (4) EXT[0x211e0e0]: rcvd signature algo (6.1) RSA-SHA512
[gnutls] (4) EXT[0x211e0e0]: rcvd signature algo (3.3) (null)
[gnutls] (4) EXT[0x211e0e0]: rcvd signature algo (3.1) (null)
[gnutls] (4) EXT[0x211e0e0]: rcvd signature algo (3.2) (null)
[gnutls] (4) EXT[0x211e0e0]: rcvd signature algo (4.2) (null)
[gnutls] (4) EXT[0x211e0e0]: rcvd signature algo (5.2) (null)
[gnutls] (4) EXT[0x211e0e0]: rcvd signature algo (6.2) (null)
[gnutls] (4) EXT[0x211e0e0]: Parsing extension 'PSK Key Exchange Modes/45' (2 bytes)
[gnutls] (4) EXT[0x211e0e0]: PSK KE mode 01 received
[gnutls] (4) EXT[0x211e0e0]: Parsing extension 'Pre Shared Key/41' (289 bytes)
[gnutls] (4) EXT[0x211e0e0]: selected DHE-PSK mode
[gnutls] (4) EXT[0x211e0e0]: selected resumption PSK identity (0)
[gnutls] (4) HSK[0x211e0e0]: Received safe renegotiation CS
[gnutls] (2) checking 13.02 (GNUTLS_AES_256_GCM_SHA384) for compatibility
[gnutls] (4) HSK[0x211e0e0]: Selected cipher suite: GNUTLS_AES_256_GCM_SHA384
[gnutls] (4) HSK[0x211e0e0]: Selected version TLS1.3
[gnutls] (4) EXT[0x211e0e0]: Parsing extension 'Key Share/51' (38 bytes)
[gnutls] (4) EXT[0x211e0e0]: Received key share for X25519
[gnutls] (4) HSK[0x211e0e0]: Selected group X25519 (6)
[gnutls] (2) EXT[0x211e0e0]: server generated X25519 shared key
[gnutls] (4) HSK[0x211e0e0]: Safe renegotiation succeeded
[gnutls] (4) HSK[0x211e0e0]: SessionID: ee078dd4ccdf28113228a239675d9f6a179689abc17c1229a6be4c47fef694e4
[gnutls] (4) EXT[0x211e0e0]: Not sending extension (OCSP Status Request/5) for 'TLS 1.3 server hello'
[gnutls] (4) EXT[0x211e0e0]: Not sending extension (Client Certificate Type/19) for 'TLS 1.3 server hello'
[gnutls] (4) EXT[0x211e0e0]: Not sending extension (Server Certificate Type/20) for 'TLS 1.3 server hello'
[gnutls] (4) EXT[0x211e0e0]: Not sending extension (Supported Groups/10) for 'TLS 1.3 server hello'
[gnutls] (4) EXT[0x211e0e0]: Not sending extension (Supported EC Point Formats/11) for 'TLS 1.3 server hello'
[gnutls] (4) EXT[0x211e0e0]: Not sending extension (SRP/12) for 'TLS 1.3 server hello'
[gnutls] (4) EXT[0x211e0e0]: Not sending extension (Signature Algorithms/13) for 'TLS 1.3 server hello'
[gnutls] (4) EXT[0x211e0e0]: Not sending extension (SRTP/14) for 'TLS 1.3 server hello'
[gnutls] (4) EXT[0x211e0e0]: Not sending extension (Heartbeat/15) for 'TLS 1.3 server hello'
[gnutls] (4) EXT[0x211e0e0]: Not sending extension (ALPN/16) for 'TLS 1.3 server hello'
[gnutls] (4) EXT[0x211e0e0]: Not sending extension (Encrypt-then-MAC/22) for 'TLS 1.3 server hello'
[gnutls] (4) EXT[0x211e0e0]: Not sending extension (Extended Master Secret/23) for 'TLS 1.3 server hello'
[gnutls] (4) EXT[0x211e0e0]: Not sending extension (Session Ticket/35) for 'TLS 1.3 server hello'
[gnutls] (4) EXT[0x211e0e0]: Preparing extension (Key Share/51) for 'TLS 1.3 server hello'
[gnutls] (4) EXT[0x211e0e0]: sending key share for X25519
[gnutls] (4) EXT[0x211e0e0]: Sending extension Key Share/51 (36 bytes)
[gnutls] (4) EXT[0x211e0e0]: Preparing extension (Supported Versions/43) for 'TLS 1.3 server hello'
[gnutls] (4) EXT[0x211e0e0]: Sending extension Supported Versions/43 (2 bytes)
[gnutls] (4) EXT[0x211e0e0]: Not sending extension (Post Handshake Auth/49) for 'TLS 1.3 server hello'
[gnutls] (4) EXT[0x211e0e0]: Not sending extension (Safe Renegotiation/65281) for 'TLS 1.3 server hello'
[gnutls] (4) EXT[0x211e0e0]: Not sending extension (Server Name Indication/0) for 'TLS 1.3 server hello'
[gnutls] (4) EXT[0x211e0e0]: Not sending extension (Cookie/44) for 'TLS 1.3 server hello'
[gnutls] (4) EXT[0x211e0e0]: Not sending extension (Early Data/42) for 'TLS 1.3 server hello'
[gnutls] (4) EXT[0x211e0e0]: Preparing extension (PSK Key Exchange Modes/45) for 'TLS 1.3 server hello'
[gnutls] (4) EXT[0x211e0e0]: Not sending extension (Record Size Limit/28) for 'TLS 1.3 server hello'
[gnutls] (4) EXT[0x211e0e0]: Not sending extension (Maximum Record Size/1) for 'TLS 1.3 server hello'
[gnutls] (4) EXT[0x211e0e0]: Not sending extension (ClientHello Padding/21) for 'TLS 1.3 server hello'
[gnutls] (4) EXT[0x211e0e0]: Preparing extension (Pre Shared Key/41) for 'TLS 1.3 server hello'
[gnutls] (4) EXT[0x211e0e0]: Sending extension Pre Shared Key/41 (2 bytes)
[gnutls] (4) HSK[0x211e0e0]: SERVER HELLO was queued [128 bytes]
[gnutls] (5) REC[0x211e0e0]: Preparing Packet Handshake(22) with length: 128 and min pad: 0
[gnutls] (5) REC[0x211e0e0]: Sent Packet[1] Handshake(22) in epoch 0 and length: 133
[gnutls] (5) REC[0x211e0e0]: Preparing Packet ChangeCipherSpec(20) with length: 1 and min pad: 0
[gnutls] (5) REC[0x211e0e0]: Sent Packet[2] ChangeCipherSpec(20) in epoch 0 and length: 6
[gnutls] (4) REC[0x211e0e0]: Sent ChangeCipherSpec
[gnutls] (5) REC[0x211e0e0]: Initializing epoch #1
[gnutls] (5) REC[0x211e0e0]: Epoch #1 ready
[gnutls] (4) HSK[0x211e0e0]: TLS 1.3 re-key with cipher suite: GNUTLS_AES_256_GCM_SHA384
[gnutls] (4) EXT[0x211e0e0]: Not sending extension (OCSP Status Request/5) for 'encrypted extensions'
[gnutls] (4) EXT[0x211e0e0]: Preparing extension (Client Certificate Type/19) for 'encrypted extensions'
[gnutls] (4) EXT[0x211e0e0]: Preparing extension (Server Certificate Type/20) for 'encrypted extensions'
[gnutls] (4) EXT[0x211e0e0]: Preparing extension (Supported Groups/10) for 'encrypted extensions'
[gnutls] (4) EXT[0x211e0e0]: Not sending extension (Supported EC Point Formats/11) for 'encrypted extensions'
[gnutls] (4) EXT[0x211e0e0]: Not sending extension (SRP/12) for 'encrypted extensions'
[gnutls] (4) EXT[0x211e0e0]: Not sending extension (Signature Algorithms/13) for 'encrypted extensions'
[gnutls] (4) EXT[0x211e0e0]: Preparing extension (SRTP/14) for 'encrypted extensions'
[gnutls] (4) EXT[0x211e0e0]: Preparing extension (Heartbeat/15) for 'encrypted extensions'
[gnutls] (4) EXT[0x211e0e0]: Preparing extension (ALPN/16) for 'encrypted extensions'
[gnutls] (4) EXT[0x211e0e0]: Sending extension ALPN/16 (5 bytes)
[gnutls] (4) EXT[0x211e0e0]: Not sending extension (Encrypt-then-MAC/22) for 'encrypted extensions'
[gnutls] (4) EXT[0x211e0e0]: Not sending extension (Extended Master Secret/23) for 'encrypted extensions'
[gnutls] (4) EXT[0x211e0e0]: Not sending extension (Session Ticket/35) for 'encrypted extensions'
[gnutls] (4) EXT[0x211e0e0]: Not sending extension (Key Share/51) for 'encrypted extensions'
[gnutls] (4) EXT[0x211e0e0]: Not sending extension (Supported Versions/43) for 'encrypted extensions'
[gnutls] (4) EXT[0x211e0e0]: Not sending extension (Post Handshake Auth/49) for 'encrypted extensions'
[gnutls] (4) EXT[0x211e0e0]: Not sending extension (Safe Renegotiation/65281) for 'encrypted extensions'
[gnutls] (4) EXT[0x211e0e0]: Preparing extension (Server Name Indication/0) for 'encrypted extensions'
[gnutls] (4) EXT[0x211e0e0]: Not sending extension (Cookie/44) for 'encrypted extensions'
[gnutls] (4) EXT[0x211e0e0]: Preparing extension (Early Data/42) for 'encrypted extensions'
[gnutls] (4) EXT[0x211e0e0]: Not sending extension (PSK Key Exchange Modes/45) for 'encrypted extensions'
[gnutls] (4) EXT[0x211e0e0]: Preparing extension (Record Size Limit/28) for 'encrypted extensions'
[gnutls] (4) EXT[0x211e0e0]: Preparing extension (Maximum Record Size/1) for 'encrypted extensions'
[gnutls] (4) EXT[0x211e0e0]: Not sending extension (ClientHello Padding/21) for 'encrypted extensions'
[gnutls] (4) EXT[0x211e0e0]: Not sending extension (Pre Shared Key/41) for 'encrypted extensions'
[gnutls] (4) HSK[0x211e0e0]: ENCRYPTED EXTENSIONS was queued [15 bytes]
[gnutls] (4) HSK[0x211e0e0]: sending finished
[gnutls] (4) HSK[0x211e0e0]: FINISHED was queued [52 bytes]
[gnutls] (5) REC[0x211e0e0]: Preparing Packet Handshake(22) with length: 15 and min pad: 0
[gnutls] (5) REC[0x211e0e0]: Sent Packet[1] Handshake(22) in epoch 1 and length: 37
[gnutls] (5) REC[0x211e0e0]: Preparing Packet Handshake(22) with length: 52 and min pad: 0
[gnutls] (5) REC[0x211e0e0]: Sent Packet[2] Handshake(22) in epoch 1 and length: 74
[gnutls] (3) ASSERT: ../../lib/constate.c[_gnutls_epoch_get]:955
[gnutls] (5) REC[0x211e0e0]: Allocating epoch #2
[gnutls] (5) REC[0x211e0e0]: Initializing epoch #2
[gnutls] (5) REC[0x211e0e0]: Epoch #2 ready
[gnutls] (4) HSK[0x211e0e0]: TLS 1.3 set write key with cipher suite: GNUTLS_AES_256_GCM_SHA384
[gnutls] (4) HSK[0x211e0e0]: switching early to application traffic keys
[gnutls] (3) ASSERT: ../../lib/buffers.c[get_last_packet]:1185
[gnutls] (3) ASSERT: ../../lib/buffers.c[_gnutls_io_read_buffered]:589
[gnutls] (3) ASSERT: ../../lib/tls13/finished.c[_gnutls13_recv_finished]:101
[gnutls] (3) ASSERT: ../../lib/buffers.c[get_last_packet]:1185
[gnutls] (5) REC[0x211e0e0]: SSL 3.3 ChangeCipherSpec packet received. Epoch 1, length: 1
[gnutls] (5) REC[0x211e0e0]: Expected Packet Handshake(22)
[gnutls] (5) REC[0x211e0e0]: Received Packet ChangeCipherSpec(20) with length: 1
[gnutls] (5) REC[0x211e0e0]: SSL 3.3 Application Data packet received. Epoch 1, length: 69
[gnutls] (5) REC[0x211e0e0]: Expected Packet Handshake(22)
[gnutls] (5) REC[0x211e0e0]: Received Packet Application Data(23) with length: 69
[gnutls] (5) REC[0x211e0e0]: Decrypted Packet[0] Handshake(22) with length: 52
[gnutls] (4) HSK[0x211e0e0]: FINISHED (20) was received. Length 48[48], frag offset 0, frag length: 48, sequence: 0
[gnutls] (4) HSK[0x211e0e0]: parsing finished
[gnutls] (4) HSK[0x211e0e0]: TLS 1.3 set read key with cipher suite: GNUTLS_AES_256_GCM_SHA384
[gnutls] (4) HSK[0x211e0e0]: NEW SESSION TICKET was queued [251 bytes]
[gnutls] (4) HSK[0x211e0e0]: NEW SESSION TICKET was queued [251 bytes]
[gnutls] (5) REC[0x211e0e0]: Preparing Packet Handshake(22) with length: 251 and min pad: 0
[gnutls] (5) REC[0x211e0e0]: Sent Packet[1] Handshake(22) in epoch 2 and length: 273
[gnutls] (5) REC[0x211e0e0]: Preparing Packet Handshake(22) with length: 251 and min pad: 0
[gnutls] (5) REC[0x211e0e0]: Sent Packet[2] Handshake(22) in epoch 2 and length: 273
[gnutls] (5) REC[0x211e0e0]: Start of epoch cleanup
[gnutls] (5) REC[0x211e0e0]: Epoch #0 freed
[gnutls] (5) REC[0x211e0e0]: Epoch #1 freed
[gnutls] (5) REC[0x211e0e0]: End of epoch cleanup
[tls ] TLS handshake with 127.0.0.1#55208 has completed
[gnutls] (3) ASSERT: ../../lib/buffers.c[_gnutls_io_read_buffered]:589
[gnutls] (3) ASSERT: ../../lib/record.c[_gnutls_recv_int]:1776
[gnutls] (5) REC[0x211e0e0]: SSL 3.3 Application Data packet received. Epoch 2, length: 41
[gnutls] (5) REC[0x211e0e0]: Expected Packet Application Data(23)
[gnutls] (5) REC[0x211e0e0]: Received Packet Application Data(23) with length: 41
[gnutls] (5) REC[0x211e0e0]: Decrypted Packet[0] Application Data(23) with length: 24
[gnutls] (5) REC[0x211e0e0]: SSL 3.3 Application Data packet received. Epoch 2, length: 44
[gnutls] (5) REC[0x211e0e0]: Expected Packet Application Data(23)
[gnutls] (5) REC[0x211e0e0]: Received Packet Application Data(23) with length: 44
[gnutls] (5) REC[0x211e0e0]: Decrypted Packet[1] Application Data(23) with length: 27
[gnutls] (5) REC[0x211e0e0]: SSL 3.3 Application Data packet received. Epoch 2, length: 30
[gnutls] (5) REC[0x211e0e0]: Expected Packet Application Data(23)
[gnutls] (5) REC[0x211e0e0]: Received Packet Application Data(23) with length: 30
[gnutls] (5) REC[0x211e0e0]: Decrypted Packet[2] Application Data(23) with length: 13
[gnutls] (3) ASSERT: ../../lib/buffers.c[_gnutls_io_read_buffered]:589
[gnutls] (3) ASSERT: ../../lib/record.c[_gnutls_recv_int]:1776
[gnutls] (5) REC[0x211e0e0]: Preparing Packet Application Data(23) with length: 15 and min pad: 0
[gnutls] (5) REC[0x211e0e0]: Sent Packet[3] Application Data(23) in epoch 2 and length: 37
[gnutls] (5) REC[0x211e0e0]: Preparing Packet Application Data(23) with length: 9 and min pad: 0
[gnutls] (5) REC[0x211e0e0]: Sent Packet[4] Application Data(23) in epoch 2 and length: 31
[gnutls] (5) REC[0x211e0e0]: SSL 3.3 Application Data packet received. Epoch 2, length: 62
[gnutls] (5) REC[0x211e0e0]: Expected Packet Application Data(23)
[gnutls] (5) REC[0x211e0e0]: Received Packet Application Data(23) with length: 62
[gnutls] (5) REC[0x211e0e0]: Decrypted Packet[3] Application Data(23) with length: 45
[gnutls] (3) ASSERT: ../../lib/buffers.c[_gnutls_io_read_buffered]:589
[gnutls] (3) ASSERT: ../../lib/record.c[_gnutls_recv_int]:1776
[gnutls] (5) REC[0x211e0e0]: Preparing Packet Application Data(23) with length: 13 and min pad: 0
[gnutls] (5) REC[0x211e0e0]: Sent Packet[5] Application Data(23) in epoch 2 and length: 35
[gnutls] (5) REC[0x211e0e0]: SSL 3.3 Application Data packet received. Epoch 2, length: 26
[gnutls] (5) REC[0x211e0e0]: Expected Packet Application Data(23)
[gnutls] (5) REC[0x211e0e0]: Received Packet Application Data(23) with length: 26
[gnutls] (5) REC[0x211e0e0]: Decrypted Packet[4] Application Data(23) with length: 9
[gnutls] (3) ASSERT: ../../lib/buffers.c[_gnutls_io_read_buffered]:589
[gnutls] (3) ASSERT: ../../lib/record.c[_gnutls_recv_int]:1776
[gnutls] (5) REC[0x211e0e0]: SSL 3.3 Application Data packet received. Epoch 2, length: 19
[gnutls] (5) REC[0x211e0e0]: Expected Packet Application Data(23)
[gnutls] (5) REC[0x211e0e0]: Received Packet Application Data(23) with length: 19
[gnutls] (5) REC[0x211e0e0]: Decrypted Packet[5] Alert(21) with length: 2
[gnutls] (5) REC[0x211e0e0]: Alert[1|0] - Close notify - was received
[gnutls] (3) ASSERT: ../../lib/record.c[_gnutls_recv_in_buffers]:1578
[io ] => connection to '127.0.0.1#55208' closed by peer (end of file)
[doh ] [0x21373f0] h2 session freed
[gnutls] (5) REC[0x211e0e0]: Start of epoch cleanup
[gnutls] (5) REC[0x211e0e0]: End of epoch cleanup
[gnutls] (5) REC[0x211e0e0]: Epoch #2 freed
[gnutls] (5) REC[0x211e0e0]: Allocating epoch #0
[gnutls] (2) added 4 protocols, 29 ciphersuites, 19 sig algos and 10 groups into priority list
[doh ] [0x21373f0] h2 session created for 127.0.0.1#55210
[gnutls] (5) REC[0x211e0e0]: Allocating epoch #1
[gnutls] (3) ASSERT: ../../lib/buffers.c[get_last_packet]:1185
[gnutls] (5) REC[0x211e0e0]: SSL 3.1 Handshake packet received. Epoch 0, length: 593
[gnutls] (5) REC[0x211e0e0]: Expected Packet Handshake(22)
[gnutls] (5) REC[0x211e0e0]: Received Packet Handshake(22) with length: 593
[gnutls] (5) REC[0x211e0e0]: Decrypted Packet[0] Handshake(22) with length: 593
[gnutls] (4) HSK[0x211e0e0]: CLIENT HELLO (1) was received. Length 589[589], frag offset 0, frag length: 589, sequence: 0
[gnutls] (4) HSK[0x211e0e0]: Client's version: 3.3
[gnutls] (4) EXT[0x211e0e0]: Parsing extension 'Supported Versions/43' (5 bytes)
[gnutls] (4) EXT[0x211e0e0]: Found version: 3.4
[gnutls] (4) EXT[0x211e0e0]: Found version: 3.3
[gnutls] (4) EXT[0x211e0e0]: Negotiated version: 3.4
[gnutls] (4) EXT[0x211e0e0]: Parsing extension 'ALPN/16' (14 bytes)
[gnutls] (4) EXT[0x211e0e0]: Parsing extension 'Encrypt-then-MAC/22' (0 bytes)
[gnutls] (4) EXT[0x211e0e0]: Parsing extension 'Extended Master Secret/23' (0 bytes)
[gnutls] (4) EXT[0x211e0e0]: Parsing extension 'Supported EC Point Formats/11' (4 bytes)
[gnutls] (4) EXT[0x211e0e0]: Parsing extension 'Supported Groups/10' (12 bytes)
[gnutls] (4) EXT[0x211e0e0]: Received group X25519 (0x1d)
[gnutls] (4) EXT[0x211e0e0]: Received group SECP256R1 (0x17)
[gnutls] (4) EXT[0x211e0e0]: Received group X448 (0x1e)
[gnutls] (4) EXT[0x211e0e0]: Received group SECP521R1 (0x19)
[gnutls] (4) EXT[0x211e0e0]: Received group SECP384R1 (0x18)
[gnutls] (4) EXT[0x211e0e0]: Selected group X25519
[gnutls] (4) EXT[0x211e0e0]: Parsing extension 'Post Handshake Auth/49' (0 bytes)
[gnutls] (4) EXT[0x211e0e0]: Parsing extension 'Signature Algorithms/13' (42 bytes)
[gnutls] (4) EXT[0x211e0e0]: rcvd signature algo (4.3) ECDSA-SECP256R1-SHA256
[gnutls] (4) EXT[0x211e0e0]: rcvd signature algo (5.3) ECDSA-SECP384R1-SHA384
[gnutls] (4) EXT[0x211e0e0]: rcvd signature algo (6.3) ECDSA-SECP521R1-SHA512
[gnutls] (4) EXT[0x211e0e0]: rcvd signature algo (8.7) EdDSA-Ed25519
[gnutls] (4) EXT[0x211e0e0]: rcvd signature algo (8.8) EdDSA-Ed448
[gnutls] (4) EXT[0x211e0e0]: rcvd signature algo (8.9) RSA-PSS-SHA256
[gnutls] (4) EXT[0x211e0e0]: rcvd signature algo (8.10) RSA-PSS-SHA384
[gnutls] (4) EXT[0x211e0e0]: rcvd signature algo (8.11) RSA-PSS-SHA512
[gnutls] (4) EXT[0x211e0e0]: rcvd signature algo (8.4) RSA-PSS-RSAE-SHA256
[gnutls] (4) EXT[0x211e0e0]: rcvd signature algo (8.5) RSA-PSS-RSAE-SHA384
[gnutls] (4) EXT[0x211e0e0]: rcvd signature algo (8.6) RSA-PSS-RSAE-SHA512
[gnutls] (4) EXT[0x211e0e0]: rcvd signature algo (4.1) RSA-SHA256
[gnutls] (4) EXT[0x211e0e0]: rcvd signature algo (5.1) RSA-SHA384
[gnutls] (4) EXT[0x211e0e0]: rcvd signature algo (6.1) RSA-SHA512
[gnutls] (4) EXT[0x211e0e0]: rcvd signature algo (3.3) (null)
[gnutls] (4) EXT[0x211e0e0]: rcvd signature algo (3.1) (null)
[gnutls] (4) EXT[0x211e0e0]: rcvd signature algo (3.2) (null)
[gnutls] (4) EXT[0x211e0e0]: rcvd signature algo (4.2) (null)
[gnutls] (4) EXT[0x211e0e0]: rcvd signature algo (5.2) (null)
[gnutls] (4) EXT[0x211e0e0]: rcvd signature algo (6.2) (null)
[gnutls] (4) EXT[0x211e0e0]: Parsing extension 'PSK Key Exchange Modes/45' (2 bytes)
[gnutls] (4) EXT[0x211e0e0]: PSK KE mode 01 received
[gnutls] (4) EXT[0x211e0e0]: Parsing extension 'Pre Shared Key/41' (289 bytes)
[gnutls] (4) EXT[0x211e0e0]: selected DHE-PSK mode
[gnutls] (4) EXT[0x211e0e0]: selected resumption PSK identity (0)
[gnutls] (4) HSK[0x211e0e0]: Received safe renegotiation CS
[gnutls] (2) checking 13.02 (GNUTLS_AES_256_GCM_SHA384) for compatibility
[gnutls] (4) HSK[0x211e0e0]: Selected cipher suite: GNUTLS_AES_256_GCM_SHA384
[gnutls] (4) HSK[0x211e0e0]: Selected version TLS1.3
[gnutls] (4) EXT[0x211e0e0]: Parsing extension 'Key Share/51' (38 bytes)
[gnutls] (4) EXT[0x211e0e0]: Received key share for X25519
[gnutls] (4) HSK[0x211e0e0]: Selected group X25519 (6)
[gnutls] (2) EXT[0x211e0e0]: server generated X25519 shared key
[gnutls] (4) HSK[0x211e0e0]: Safe renegotiation succeeded
[gnutls] (4) HSK[0x211e0e0]: SessionID: 7ff8144c36adcd7b45acdfe51b213d89c8c2694797c6ca4172d443b4f326d87c
[gnutls] (4) EXT[0x211e0e0]: Not sending extension (OCSP Status Request/5) for 'TLS 1.3 server hello'
[gnutls] (4) EXT[0x211e0e0]: Not sending extension (Client Certificate Type/19) for 'TLS 1.3 server hello'
[gnutls] (4) EXT[0x211e0e0]: Not sending extension (Server Certificate Type/20) for 'TLS 1.3 server hello'
[gnutls] (4) EXT[0x211e0e0]: Not sending extension (Supported Groups/10) for 'TLS 1.3 server hello'
[gnutls] (4) EXT[0x211e0e0]: Not sending extension (Supported EC Point Formats/11) for 'TLS 1.3 server hello'
[gnutls] (4) EXT[0x211e0e0]: Not sending extension (SRP/12) for 'TLS 1.3 server hello'
[gnutls] (4) EXT[0x211e0e0]: Not sending extension (Signature Algorithms/13) for 'TLS 1.3 server hello'
[gnutls] (4) EXT[0x211e0e0]: Not sending extension (SRTP/14) for 'TLS 1.3 server hello'
[gnutls] (4) EXT[0x211e0e0]: Not sending extension (Heartbeat/15) for 'TLS 1.3 server hello'
[gnutls] (4) EXT[0x211e0e0]: Not sending extension (ALPN/16) for 'TLS 1.3 server hello'
[gnutls] (4) EXT[0x211e0e0]: Not sending extension (Encrypt-then-MAC/22) for 'TLS 1.3 server hello'
[gnutls] (4) EXT[0x211e0e0]: Not sending extension (Extended Master Secret/23) for 'TLS 1.3 server hello'
[gnutls] (4) EXT[0x211e0e0]: Not sending extension (Session Ticket/35) for 'TLS 1.3 server hello'
[gnutls] (4) EXT[0x211e0e0]: Preparing extension (Key Share/51) for 'TLS 1.3 server hello'
[gnutls] (4) EXT[0x211e0e0]: sending key share for X25519
[gnutls] (4) EXT[0x211e0e0]: Sending extension Key Share/51 (36 bytes)
[gnutls] (4) EXT[0x211e0e0]: Preparing extension (Supported Versions/43) for 'TLS 1.3 server hello'
[gnutls] (4) EXT[0x211e0e0]: Sending extension Supported Versions/43 (2 bytes)
[gnutls] (4) EXT[0x211e0e0]: Not sending extension (Post Handshake Auth/49) for 'TLS 1.3 server hello'
[gnutls] (4) EXT[0x211e0e0]: Not sending extension (Safe Renegotiation/65281) for 'TLS 1.3 server hello'
[gnutls] (4) EXT[0x211e0e0]: Not sending extension (Server Name Indication/0) for 'TLS 1.3 server hello'
[gnutls] (4) EXT[0x211e0e0]: Not sending extension (Cookie/44) for 'TLS 1.3 server hello'
[gnutls] (4) EXT[0x211e0e0]: Not sending extension (Early Data/42) for 'TLS 1.3 server hello'
[gnutls] (4) EXT[0x211e0e0]: Preparing extension (PSK Key Exchange Modes/45) for 'TLS 1.3 server hello'
[gnutls] (4) EXT[0x211e0e0]: Not sending extension (Record Size Limit/28) for 'TLS 1.3 server hello'
[gnutls] (4) EXT[0x211e0e0]: Not sending extension (Maximum Record Size/1) for 'TLS 1.3 server hello'
[gnutls] (4) EXT[0x211e0e0]: Not sending extension (ClientHello Padding/21) for 'TLS 1.3 server hello'
[gnutls] (4) EXT[0x211e0e0]: Preparing extension (Pre Shared Key/41) for 'TLS 1.3 server hello'
[gnutls] (4) EXT[0x211e0e0]: Sending extension Pre Shared Key/41 (2 bytes)
[gnutls] (4) HSK[0x211e0e0]: SERVER HELLO was queued [128 bytes]
[gnutls] (5) REC[0x211e0e0]: Preparing Packet Handshake(22) with length: 128 and min pad: 0
[gnutls] (5) REC[0x211e0e0]: Sent Packet[1] Handshake(22) in epoch 0 and length: 133
[gnutls] (5) REC[0x211e0e0]: Preparing Packet ChangeCipherSpec(20) with length: 1 and min pad: 0
[gnutls] (5) REC[0x211e0e0]: Sent Packet[2] ChangeCipherSpec(20) in epoch 0 and length: 6
[gnutls] (4) REC[0x211e0e0]: Sent ChangeCipherSpec
[gnutls] (5) REC[0x211e0e0]: Initializing epoch #1
[gnutls] (5) REC[0x211e0e0]: Epoch #1 ready
[gnutls] (4) HSK[0x211e0e0]: TLS 1.3 re-key with cipher suite: GNUTLS_AES_256_GCM_SHA384
[gnutls] (4) EXT[0x211e0e0]: Not sending extension (OCSP Status Request/5) for 'encrypted extensions'
[gnutls] (4) EXT[0x211e0e0]: Preparing extension (Client Certificate Type/19) for 'encrypted extensions'
[gnutls] (4) EXT[0x211e0e0]: Preparing extension (Server Certificate Type/20) for 'encrypted extensions'
[gnutls] (4) EXT[0x211e0e0]: Preparing extension (Supported Groups/10) for 'encrypted extensions'
[gnutls] (4) EXT[0x211e0e0]: Not sending extension (Supported EC Point Formats/11) for 'encrypted extensions'
[gnutls] (4) EXT[0x211e0e0]: Not sending extension (SRP/12) for 'encrypted extensions'
[gnutls] (4) EXT[0x211e0e0]: Not sending extension (Signature Algorithms/13) for 'encrypted extensions'
[gnutls] (4) EXT[0x211e0e0]: Preparing extension (SRTP/14) for 'encrypted extensions'
[gnutls] (4) EXT[0x211e0e0]: Preparing extension (Heartbeat/15) for 'encrypted extensions'
[gnutls] (4) EXT[0x211e0e0]: Preparing extension (ALPN/16) for 'encrypted extensions'
[gnutls] (4) EXT[0x211e0e0]: Sending extension ALPN/16 (5 bytes)
[gnutls] (4) EXT[0x211e0e0]: Not sending extension (Encrypt-then-MAC/22) for 'encrypted extensions'
[gnutls] (4) EXT[0x211e0e0]: Not sending extension (Extended Master Secret/23) for 'encrypted extensions'
[gnutls] (4) EXT[0x211e0e0]: Not sending extension (Session Ticket/35) for 'encrypted extensions'
[gnutls] (4) EXT[0x211e0e0]: Not sending extension (Key Share/51) for 'encrypted extensions'
[gnutls] (4) EXT[0x211e0e0]: Not sending extension (Supported Versions/43) for 'encrypted extensions'
[gnutls] (4) EXT[0x211e0e0]: Not sending extension (Post Handshake Auth/49) for 'encrypted extensions'
[gnutls] (4) EXT[0x211e0e0]: Not sending extension (Safe Renegotiation/65281) for 'encrypted extensions'
[gnutls] (4) EXT[0x211e0e0]: Preparing extension (Server Name Indication/0) for 'encrypted extensions'
[gnutls] (4) EXT[0x211e0e0]: Not sending extension (Cookie/44) for 'encrypted extensions'
[gnutls] (4) EXT[0x211e0e0]: Preparing extension (Early Data/42) for 'encrypted extensions'
[gnutls] (4) EXT[0x211e0e0]: Not sending extension (PSK Key Exchange Modes/45) for 'encrypted extensions'
[gnutls] (4) EXT[0x211e0e0]: Preparing extension (Record Size Limit/28) for 'encrypted extensions'
[gnutls] (4) EXT[0x211e0e0]: Preparing extension (Maximum Record Size/1) for 'encrypted extensions'
[gnutls] (4) EXT[0x211e0e0]: Not sending extension (ClientHello Padding/21) for 'encrypted extensions'
[gnutls] (4) EXT[0x211e0e0]: Not sending extension (Pre Shared Key/41) for 'encrypted extensions'
[gnutls] (4) HSK[0x211e0e0]: ENCRYPTED EXTENSIONS was queued [15 bytes]
[gnutls] (4) HSK[0x211e0e0]: sending finished
[gnutls] (4) HSK[0x211e0e0]: FINISHED was queued [52 bytes]
[gnutls] (5) REC[0x211e0e0]: Preparing Packet Handshake(22) with length: 15 and min pad: 0
[gnutls] (5) REC[0x211e0e0]: Sent Packet[1] Handshake(22) in epoch 1 and length: 37
[gnutls] (5) REC[0x211e0e0]: Preparing Packet Handshake(22) with length: 52 and min pad: 0
[gnutls] (5) REC[0x211e0e0]: Sent Packet[2] Handshake(22) in epoch 1 and length: 74
[gnutls] (3) ASSERT: ../../lib/constate.c[_gnutls_epoch_get]:955
[gnutls] (5) REC[0x211e0e0]: Allocating epoch #2
[gnutls] (5) REC[0x211e0e0]: Initializing epoch #2
[gnutls] (5) REC[0x211e0e0]: Epoch #2 ready
[gnutls] (4) HSK[0x211e0e0]: TLS 1.3 set write key with cipher suite: GNUTLS_AES_256_GCM_SHA384
[gnutls] (4) HSK[0x211e0e0]: switching early to application traffic keys
[gnutls] (3) ASSERT: ../../lib/buffers.c[get_last_packet]:1185
[gnutls] (3) ASSERT: ../../lib/buffers.c[_gnutls_io_read_buffered]:589
[gnutls] (3) ASSERT: ../../lib/tls13/finished.c[_gnutls13_recv_finished]:101
[gnutls] (3) ASSERT: ../../lib/buffers.c[get_last_packet]:1185
[gnutls] (5) REC[0x211e0e0]: SSL 3.3 ChangeCipherSpec packet received. Epoch 1, length: 1
[gnutls] (5) REC[0x211e0e0]: Expected Packet Handshake(22)
[gnutls] (5) REC[0x211e0e0]: Received Packet ChangeCipherSpec(20) with length: 1
[gnutls] (5) REC[0x211e0e0]: SSL 3.3 Application Data packet received. Epoch 1, length: 69
[gnutls] (5) REC[0x211e0e0]: Expected Packet Handshake(22)
[gnutls] (5) REC[0x211e0e0]: Received Packet Application Data(23) with length: 69
[gnutls] (5) REC[0x211e0e0]: Decrypted Packet[0] Handshake(22) with length: 52
[gnutls] (4) HSK[0x211e0e0]: FINISHED (20) was received. Length 48[48], frag offset 0, frag length: 48, sequence: 0
[gnutls] (4) HSK[0x211e0e0]: parsing finished
[gnutls] (4) HSK[0x211e0e0]: TLS 1.3 set read key with cipher suite: GNUTLS_AES_256_GCM_SHA384
[gnutls] (4) HSK[0x211e0e0]: NEW SESSION TICKET was queued [251 bytes]
[gnutls] (4) HSK[0x211e0e0]: NEW SESSION TICKET was queued [251 bytes]
[gnutls] (5) REC[0x211e0e0]: Preparing Packet Handshake(22) with length: 251 and min pad: 0
[gnutls] (5) REC[0x211e0e0]: Sent Packet[1] Handshake(22) in epoch 2 and length: 273
[gnutls] (5) REC[0x211e0e0]: Preparing Packet Handshake(22) with length: 251 and min pad: 0
[gnutls] (5) REC[0x211e0e0]: Sent Packet[2] Handshake(22) in epoch 2 and length: 273
[gnutls] (5) REC[0x211e0e0]: Start of epoch cleanup
[gnutls] (5) REC[0x211e0e0]: Epoch #0 freed
[gnutls] (5) REC[0x211e0e0]: Epoch #1 freed
[gnutls] (5) REC[0x211e0e0]: End of epoch cleanup
[tls ] TLS handshake with 127.0.0.1#55210 has completed
[gnutls] (3) ASSERT: ../../lib/buffers.c[_gnutls_io_read_buffered]:589
[gnutls] (3) ASSERT: ../../lib/record.c[_gnutls_recv_int]:1776
[gnutls] (5) REC[0x211e0e0]: SSL 3.3 Application Data packet received. Epoch 2, length: 41
[gnutls] (5) REC[0x211e0e0]: Expected Packet Application Data(23)
[gnutls] (5) REC[0x211e0e0]: Received Packet Application Data(23) with length: 41
[gnutls] (5) REC[0x211e0e0]: Decrypted Packet[0] Application Data(23) with length: 24
[gnutls] (5) REC[0x211e0e0]: SSL 3.3 Application Data packet received. Epoch 2, length: 44
[gnutls] (5) REC[0x211e0e0]: Expected Packet Application Data(23)
[gnutls] (5) REC[0x211e0e0]: Received Packet Application Data(23) with length: 44
[gnutls] (5) REC[0x211e0e0]: Decrypted Packet[1] Application Data(23) with length: 27
[gnutls] (5) REC[0x211e0e0]: SSL 3.3 Application Data packet received. Epoch 2, length: 30
[gnutls] (5) REC[0x211e0e0]: Expected Packet Application Data(23)
[gnutls] (5) REC[0x211e0e0]: Received Packet Application Data(23) with length: 30
[gnutls] (5) REC[0x211e0e0]: Decrypted Packet[2] Application Data(23) with length: 13
[gnutls] (3) ASSERT: ../../lib/buffers.c[_gnutls_io_read_buffered]:589
[gnutls] (3) ASSERT: ../../lib/record.c[_gnutls_recv_int]:1776
[gnutls] (5) REC[0x211e0e0]: Preparing Packet Application Data(23) with length: 15 and min pad: 0
[gnutls] (5) REC[0x211e0e0]: Sent Packet[3] Application Data(23) in epoch 2 and length: 37
[gnutls] (5) REC[0x211e0e0]: Preparing Packet Application Data(23) with length: 9 and min pad: 0
[gnutls] (5) REC[0x211e0e0]: Sent Packet[4] Application Data(23) in epoch 2 and length: 31
[gnutls] (5) REC[0x211e0e0]: SSL 3.3 Application Data packet received. Epoch 2, length: 62
[gnutls] (5) REC[0x211e0e0]: Expected Packet Application Data(23)
[gnutls] (5) REC[0x211e0e0]: Received Packet Application Data(23) with length: 62
[gnutls] (5) REC[0x211e0e0]: Decrypted Packet[3] Application Data(23) with length: 45
[gnutls] (3) ASSERT: ../../lib/buffers.c[_gnutls_io_read_buffered]:589
[gnutls] (3) ASSERT: ../../lib/record.c[_gnutls_recv_int]:1776
[gnutls] (5) REC[0x211e0e0]: Preparing Packet Application Data(23) with length: 13 and min pad: 0
[gnutls] (5) REC[0x211e0e0]: Sent Packet[5] Application Data(23) in epoch 2 and length: 35
[gnutls] (5) REC[0x211e0e0]: SSL 3.3 Application Data packet received. Epoch 2, length: 26
[gnutls] (5) REC[0x211e0e0]: Expected Packet Application Data(23)
[gnutls] (5) REC[0x211e0e0]: Received Packet Application Data(23) with length: 26
[gnutls] (5) REC[0x211e0e0]: Decrypted Packet[4] Application Data(23) with length: 9
[gnutls] (3) ASSERT: ../../lib/buffers.c[_gnutls_io_read_buffered]:589
[gnutls] (3) ASSERT: ../../lib/record.c[_gnutls_recv_int]:1776
[gnutls] (5) REC[0x211e0e0]: SSL 3.3 Application Data packet received. Epoch 2, length: 19
[gnutls] (5) REC[0x211e0e0]: Expected Packet Application Data(23)
[gnutls] (5) REC[0x211e0e0]: Received Packet Application Data(23) with length: 19
[gnutls] (5) REC[0x211e0e0]: Decrypted Packet[5] Alert(21) with length: 2
[gnutls] (5) REC[0x211e0e0]: Alert[1|0] - Close notify - was received
[gnutls] (3) ASSERT: ../../lib/record.c[_gnutls_recv_in_buffers]:1578
[io ] => connection to '127.0.0.1#55210' closed by peer (end of file)
[doh ] [0x21373f0] h2 session freed
[gnutls] (5) REC[0x211e0e0]: Start of epoch cleanup
[gnutls] (5) REC[0x211e0e0]: End of epoch cleanup
[gnutls] (5) REC[0x211e0e0]: Epoch #2 freed
curl -vk 'https://127.0.0.1/dns-query'
curl -vk 'https://127.0.0.1/dns-query'* Trying 127.0.0.1:443...
* Connected to 127.0.0.1 (127.0.0.1) port 443 (#0)
* ALPN, offering h2
* ALPN, offering http/1.1
* successfully set certificate verify locations:
* CAfile: /etc/ssl/certs/ca-certificates.crt
* CApath: /etc/ssl/certs
* TLSv1.3 (OUT), TLS handshake, Client hello (1):
* TLSv1.3 (IN), TLS handshake, Server hello (2):
* TLSv1.3 (IN), TLS handshake, Encrypted Extensions (8):
* TLSv1.3 (IN), TLS handshake, Certificate (11):
* TLSv1.3 (IN), TLS handshake, CERT verify (15):
* TLSv1.3 (IN), TLS handshake, Finished (20):
* TLSv1.3 (OUT), TLS change cipher, Change cipher spec (1):
* TLSv1.3 (OUT), TLS handshake, Finished (20):
* SSL connection using TLSv1.3 / TLS_AES_256_GCM_SHA384
* ALPN, server accepted to use h2
* Server certificate:
* subject: CN=d86326eacf7b
* start date: Mar 12 17:45:29 2022 GMT
* expire date: Jun 10 18:00:29 2022 GMT
* issuer: CN=d86326eacf7b
* SSL certificate verify result: self signed certificate (18), continuing anyway.
* Using HTTP2, server supports multi-use
* Connection state changed (HTTP/2 confirmed)
* Copying HTTP/2 data in stream buffer to connection buffer after upgrade: len=0
* Using Stream ID: 1 (easy handle 0x5578b4bcc560)
> GET /dns-query HTTP/2
> Host: 127.0.0.1
> user-agent: curl/7.74.0
> accept: */*
>
* TLSv1.3 (IN), TLS handshake, Newsession Ticket (4):
* TLSv1.3 (IN), TLS handshake, Newsession Ticket (4):
* old SSL session ID is stale, removing
* Connection state changed (MAX_CONCURRENT_STREAMS == 65535)!
* REFUSED_STREAM, retrying a fresh connect
* Connection died, retrying a fresh connect(retry count: 1)
* Closing connection 0
* TLSv1.3 (OUT), TLS alert, close notify (256):
* Issue another request to this URL: 'https://127.0.0.1/dns-query'
* Hostname 127.0.0.1 was found in DNS cache
* Trying 127.0.0.1:443...
* Connected to 127.0.0.1 (127.0.0.1) port 443 (#1)
* ALPN, offering h2
* ALPN, offering http/1.1
* successfully set certificate verify locations:
* CAfile: /etc/ssl/certs/ca-certificates.crt
* CApath: /etc/ssl/certs
* SSL re-using session ID
* TLSv1.3 (OUT), TLS handshake, Client hello (1):
* TLSv1.3 (IN), TLS handshake, Server hello (2):
* TLSv1.3 (IN), TLS handshake, Encrypted Extensions (8):
* TLSv1.3 (IN), TLS handshake, Finished (20):
* TLSv1.3 (OUT), TLS change cipher, Change cipher spec (1):
* TLSv1.3 (OUT), TLS handshake, Finished (20):
* SSL connection using TLSv1.3 / TLS_AES_256_GCM_SHA384
* ALPN, server accepted to use h2
* Server certificate:
* subject: CN=d86326eacf7b
* start date: Mar 12 17:45:29 2022 GMT
* expire date: Jun 10 18:00:29 2022 GMT
* issuer: CN=d86326eacf7b
* SSL certificate verify result: self signed certificate (18), continuing anyway.
* Using HTTP2, server supports multi-use
* Connection state changed (HTTP/2 confirmed)
* Copying HTTP/2 data in stream buffer to connection buffer after upgrade: len=0
* Using Stream ID: 1 (easy handle 0x5578b4bcc560)
> GET /dns-query HTTP/2
> Host: 127.0.0.1
> user-agent: curl/7.74.0
> accept: */*
>
* TLSv1.3 (IN), TLS handshake, Newsession Ticket (4):
* old SSL session ID is stale, removing
* TLSv1.3 (IN), TLS handshake, Newsession Ticket (4):
* old SSL session ID is stale, removing
* Connection state changed (MAX_CONCURRENT_STREAMS == 65535)!
* REFUSED_STREAM, retrying a fresh connect
* Connection died, retrying a fresh connect(retry count: 2)
* Closing connection 1
* TLSv1.3 (OUT), TLS alert, close notify (256):
* Issue another request to this URL: 'https://127.0.0.1/dns-query'
* Hostname 127.0.0.1 was found in DNS cache
* Trying 127.0.0.1:443...
* Connected to 127.0.0.1 (127.0.0.1) port 443 (#2)
* ALPN, offering h2
* ALPN, offering http/1.1
* successfully set certificate verify locations:
* CAfile: /etc/ssl/certs/ca-certificates.crt
* CApath: /etc/ssl/certs
* SSL re-using session ID
* TLSv1.3 (OUT), TLS handshake, Client hello (1):
* TLSv1.3 (IN), TLS handshake, Server hello (2):
* TLSv1.3 (IN), TLS handshake, Encrypted Extensions (8):
* TLSv1.3 (IN), TLS handshake, Finished (20):
* TLSv1.3 (OUT), TLS change cipher, Change cipher spec (1):
* TLSv1.3 (OUT), TLS handshake, Finished (20):
* SSL connection using TLSv1.3 / TLS_AES_256_GCM_SHA384
* ALPN, server accepted to use h2
* Server certificate:
* subject: CN=d86326eacf7b
* start date: Mar 12 17:45:29 2022 GMT
* expire date: Jun 10 18:00:29 2022 GMT
* issuer: CN=d86326eacf7b
* SSL certificate verify result: self signed certificate (18), continuing anyway.
* Using HTTP2, server supports multi-use
* Connection state changed (HTTP/2 confirmed)
* Copying HTTP/2 data in stream buffer to connection buffer after upgrade: len=0
* Using Stream ID: 1 (easy handle 0x5578b4bcc560)
> GET /dns-query HTTP/2
> Host: 127.0.0.1
> user-agent: curl/7.74.0
> accept: */*
>
* TLSv1.3 (IN), TLS handshake, Newsession Ticket (4):
* old SSL session ID is stale, removing
* TLSv1.3 (IN), TLS handshake, Newsession Ticket (4):
* old SSL session ID is stale, removing
* Connection state changed (MAX_CONCURRENT_STREAMS == 65535)!
* REFUSED_STREAM, retrying a fresh connect
* Connection died, retrying a fresh connect(retry count: 3)
* Closing connection 2
* TLSv1.3 (OUT), TLS alert, close notify (256):
* Issue another request to this URL: 'https://127.0.0.1/dns-query'
* Hostname 127.0.0.1 was found in DNS cache
* Trying 127.0.0.1:443...
* Connected to 127.0.0.1 (127.0.0.1) port 443 (#3)
* ALPN, offering h2
* ALPN, offering http/1.1
* successfully set certificate verify locations:
* CAfile: /etc/ssl/certs/ca-certificates.crt
* CApath: /etc/ssl/certs
* SSL re-using session ID
* TLSv1.3 (OUT), TLS handshake, Client hello (1):
* TLSv1.3 (IN), TLS handshake, Server hello (2):
* TLSv1.3 (IN), TLS handshake, Encrypted Extensions (8):
* TLSv1.3 (IN), TLS handshake, Finished (20):
* TLSv1.3 (OUT), TLS change cipher, Change cipher spec (1):
* TLSv1.3 (OUT), TLS handshake, Finished (20):
* SSL connection using TLSv1.3 / TLS_AES_256_GCM_SHA384
* ALPN, server accepted to use h2
* Server certificate:
* subject: CN=d86326eacf7b
* start date: Mar 12 17:45:29 2022 GMT
* expire date: Jun 10 18:00:29 2022 GMT
* issuer: CN=d86326eacf7b
* SSL certificate verify result: self signed certificate (18), continuing anyway.
* Using HTTP2, server supports multi-use
* Connection state changed (HTTP/2 confirmed)
* Copying HTTP/2 data in stream buffer to connection buffer after upgrade: len=0
* Using Stream ID: 1 (easy handle 0x5578b4bcc560)
> GET /dns-query HTTP/2
> Host: 127.0.0.1
> user-agent: curl/7.74.0
> accept: */*
>
* TLSv1.3 (IN), TLS handshake, Newsession Ticket (4):
* old SSL session ID is stale, removing
* TLSv1.3 (IN), TLS handshake, Newsession Ticket (4):
* old SSL session ID is stale, removing
* Connection state changed (MAX_CONCURRENT_STREAMS == 65535)!
* REFUSED_STREAM, retrying a fresh connect
* Connection died, retrying a fresh connect(retry count: 4)
* Closing connection 3
* TLSv1.3 (OUT), TLS alert, close notify (256):
* Issue another request to this URL: 'https://127.0.0.1/dns-query'
* Hostname 127.0.0.1 was found in DNS cache
* Trying 127.0.0.1:443...
* Connected to 127.0.0.1 (127.0.0.1) port 443 (#4)
* ALPN, offering h2
* ALPN, offering http/1.1
* successfully set certificate verify locations:
* CAfile: /etc/ssl/certs/ca-certificates.crt
* CApath: /etc/ssl/certs
* SSL re-using session ID
* TLSv1.3 (OUT), TLS handshake, Client hello (1):
* TLSv1.3 (IN), TLS handshake, Server hello (2):
* TLSv1.3 (IN), TLS handshake, Encrypted Extensions (8):
* TLSv1.3 (IN), TLS handshake, Finished (20):
* TLSv1.3 (OUT), TLS change cipher, Change cipher spec (1):
* TLSv1.3 (OUT), TLS handshake, Finished (20):
* SSL connection using TLSv1.3 / TLS_AES_256_GCM_SHA384
* ALPN, server accepted to use h2
* Server certificate:
* subject: CN=d86326eacf7b
* start date: Mar 12 17:45:29 2022 GMT
* expire date: Jun 10 18:00:29 2022 GMT
* issuer: CN=d86326eacf7b
* SSL certificate verify result: self signed certificate (18), continuing anyway.
* Using HTTP2, server supports multi-use
* Connection state changed (HTTP/2 confirmed)
* Copying HTTP/2 data in stream buffer to connection buffer after upgrade: len=0
* Using Stream ID: 1 (easy handle 0x5578b4bcc560)
> GET /dns-query HTTP/2
> Host: 127.0.0.1
> user-agent: curl/7.74.0
> accept: */*
>
* TLSv1.3 (IN), TLS handshake, Newsession Ticket (4):
* old SSL session ID is stale, removing
* TLSv1.3 (IN), TLS handshake, Newsession Ticket (4):
* old SSL session ID is stale, removing
* Connection state changed (MAX_CONCURRENT_STREAMS == 65535)!
* REFUSED_STREAM, retrying a fresh connect
* Connection died, retrying a fresh connect(retry count: 5)
* Closing connection 4
* TLSv1.3 (OUT), TLS alert, close notify (256):
* Issue another request to this URL: 'https://127.0.0.1/dns-query'
* Hostname 127.0.0.1 was found in DNS cache
* Trying 127.0.0.1:443...
* Connected to 127.0.0.1 (127.0.0.1) port 443 (#5)
* ALPN, offering h2
* ALPN, offering http/1.1
* successfully set certificate verify locations:
* CAfile: /etc/ssl/certs/ca-certificates.crt
* CApath: /etc/ssl/certs
* SSL re-using session ID
* TLSv1.3 (OUT), TLS handshake, Client hello (1):
* TLSv1.3 (IN), TLS handshake, Server hello (2):
* TLSv1.3 (IN), TLS handshake, Encrypted Extensions (8):
* TLSv1.3 (IN), TLS handshake, Finished (20):
* TLSv1.3 (OUT), TLS change cipher, Change cipher spec (1):
* TLSv1.3 (OUT), TLS handshake, Finished (20):
* SSL connection using TLSv1.3 / TLS_AES_256_GCM_SHA384
* ALPN, server accepted to use h2
* Server certificate:
* subject: CN=d86326eacf7b
* start date: Mar 12 17:45:29 2022 GMT
* expire date: Jun 10 18:00:29 2022 GMT
* issuer: CN=d86326eacf7b
* SSL certificate verify result: self signed certificate (18), continuing anyway.
* Using HTTP2, server supports multi-use
* Connection state changed (HTTP/2 confirmed)
* Copying HTTP/2 data in stream buffer to connection buffer after upgrade: len=0
* Using Stream ID: 1 (easy handle 0x5578b4bcc560)
> GET /dns-query HTTP/2
> Host: 127.0.0.1
> user-agent: curl/7.74.0
> accept: */*
>
* TLSv1.3 (IN), TLS handshake, Newsession Ticket (4):
* old SSL session ID is stale, removing
* TLSv1.3 (IN), TLS handshake, Newsession Ticket (4):
* old SSL session ID is stale, removing
* Connection state changed (MAX_CONCURRENT_STREAMS == 65535)!
* REFUSED_STREAM, retrying a fresh connect
* Connection died, tried 5 times before giving up
* stopped the pause stream!
* Closing connection 5
* TLSv1.3 (OUT), TLS alert, close notify (256):
curl: (56) Connection died, tried 5 times before giving up