On Tuesday, February 12, 2013 6:44:09 AM UTC+11, Eric Sorenson wrote: > > > Hi Alex, I've also seen this from other users -- would it be possible to > get a tcpdump that shows the negotiation? Doesn't have to be decrypted, the > thing I'm mostly curious about is available in the plaintext payload. I > want to see how far into the ssl negotiation this actually gets, and > whether there's a specific TLS Alert being returned. Feel free to email me > directly if you don't want to post it. > > Eric Sorenson - eric.s...@puppetlabs.com <javascript:> > #puppet irc: eric0 > For the sake of the archives (and not sure how useful this will be in the archives but...) I'll post in plaintext what I see on my screen and then send you a PCAP file privately.
myaix53client[/]# tcpdump host mymaster tcpdump: verbose output suppressed, use -v or -vv for full protocol decode listening on en1, link-type 1, capture size 65535 bytes 15:31:51.552551 IP myaix53client.mydomain.com.44565 > mymaster.mydomain.com.8140: S 2290943239:2290943239(0) win 65535 <mss 1460,nop,wscale 3,nop,nop,timestamp 1428647350 0> 15:31:51.553289 IP mymaster.mydomain.com.8140 > myaix53client.mydomain.com.44565: S 2034061028:2034061028(0) ack 2290943240 win 5792 <mss 1460,nop,nop,timestamp 1255468285 1428647350,nop,wscale 9> 15:31:51.553325 IP myaix53client.mydomain.com.44565 > mymaster.mydomain.com.8140: . ack 1 win 32761 <nop,nop,timestamp 1428647350 1255468285> 15:31:51.554202 IP myaix53client.mydomain.com.44565 > mymaster.mydomain.com.8140: P 1:106(105) ack 1 win 32761 <nop,nop,timestamp 1428647350 1255468285> 15:31:51.554578 IP mymaster.mydomain.com.8140 > myaix53client.mydomain.com.44565: . ack 106 win 12 <nop,nop,timestamp 1255468286 1428647350> 15:31:51.601942 IP mymaster.mydomain.com.8140 > myaix53client.mydomain.com.44565: . 1:1449(1448) ack 106 win 12 <nop,nop,timestamp 1255468334 1428647350> 15:31:51.601960 IP mymaster.mydomain.com.8140 > myaix53client.mydomain.com.44565: . 1449:2897(1448) ack 106 win 12 <nop,nop,timestamp 1255468334 1428647350> 15:31:51.601967 IP mymaster.mydomain.com.8140 > myaix53client.mydomain.com.44565: P 2897:3741(844) ack 106 win 12 <nop,nop,timestamp 1255468334 1428647350> 15:31:51.602043 IP myaix53client.mydomain.com.44565 > mymaster.mydomain.com.8140: . ack 3741 win 32660 <nop,nop,timestamp 1428647350 1255468334> 15:31:51.602728 IP myaix53client.mydomain.com.44565 > mymaster.mydomain.com.8140: P 106:113(7) ack 3741 win 32660 <nop,nop,timestamp 1428647350 1255468334> 15:31:51.603095 IP myaix53client.mydomain.com.44565 > mymaster.mydomain.com.8140: F 113:113(0) ack 3741 win 32761 <nop,nop,timestamp 1428647350 1255468334> 15:31:51.603215 IP mymaster.mydomain.com.8140 > myaix53client.mydomain.com.44565: . ack 113 win 12 <nop,nop,timestamp 1255468335 1428647350> 15:31:51.603497 IP mymaster.mydomain.com.8140 > myaix53client.mydomain.com.44565: F 3741:3741(0) ack 114 win 12 <nop,nop,timestamp 1255468336 1428647350> 15:31:51.603510 IP myaix53client.mydomain.com.44565 > mymaster.mydomain.com.8140: . ack 3742 win 32761 <nop,nop,timestamp 1428647350 1255468336> 15:31:51.621912 IP myaix53client.mydomain.com.44566 > mymaster.mydomain.com.8140: S 1333307615:1333307615(0) win 65535 <mss 1460,nop,wscale 3,nop,nop,timestamp 1428647350 0> 15:31:51.622251 IP mymaster.mydomain.com.8140 > myaix53client.mydomain.com.44566: S 2034842199:2034842199(0) ack 1333307616 win 5792 <mss 1460,nop,nop,timestamp 1255468354 1428647350,nop,wscale 9> 15:31:51.622285 IP myaix53client.mydomain.com.44566 > mymaster.mydomain.com.8140: . ack 1 win 32761 <nop,nop,timestamp 1428647350 1255468354> 15:31:51.622759 IP myaix53client.mydomain.com.44566 > mymaster.mydomain.com.8140: P 1:106(105) ack 1 win 32761 <nop,nop,timestamp 1428647350 1255468354> 15:31:51.623150 IP mymaster.mydomain.com.8140 > myaix53client.mydomain.com.44566: . ack 106 win 12 <nop,nop,timestamp 1255468355 1428647350> 15:31:51.670146 IP mymaster.mydomain.com.8140 > myaix53client.mydomain.com.44566: . 1:1449(1448) ack 106 win 12 <nop,nop,timestamp 1255468402 1428647350> 15:31:51.670164 IP mymaster.mydomain.com.8140 > myaix53client.mydomain.com.44566: . 1449:2897(1448) ack 106 win 12 <nop,nop,timestamp 1255468402 1428647350> 15:31:51.670169 IP mymaster.mydomain.com.8140 > myaix53client.mydomain.com.44566: P 2897:3741(844) ack 106 win 12 <nop,nop,timestamp 1255468402 1428647350> 15:31:51.670305 IP myaix53client.mydomain.com.44566 > mymaster.mydomain.com.8140: . ack 3741 win 32660 <nop,nop,timestamp 1428647350 1255468402> 15:31:51.670847 IP myaix53client.mydomain.com.44566 > mymaster.mydomain.com.8140: P 106:113(7) ack 3741 win 32660 <nop,nop,timestamp 1428647350 1255468402> 15:31:51.671156 IP myaix53client.mydomain.com.44566 > mymaster.mydomain.com.8140: F 113:113(0) ack 3741 win 32761 <nop,nop,timestamp 1428647350 1255468402> 15:31:51.671368 IP mymaster.mydomain.com.8140 > myaix53client.mydomain.com.44566: . ack 113 win 12 <nop,nop,timestamp 1255468404 1428647350> 15:31:51.671765 IP mymaster.mydomain.com.8140 > myaix53client.mydomain.com.44566: F 3741:3741(0) ack 114 win 12 <nop,nop,timestamp 1255468404 1428647350> 15:31:51.671777 IP myaix53client.mydomain.com.44566 > mymaster.mydomain.com.8140: . ack 3742 win 32761 <nop,nop,timestamp 1428647350 1255468404> 15:31:51.677245 IP myaix53client.mydomain.com.44567 > mymaster.mydomain.com.8140: S 3647731133:3647731133(0) win 65535 <mss 1460,nop,wscale 3,nop,nop,timestamp 1428647350 0> 15:31:51.677636 IP mymaster.mydomain.com.8140 > myaix53client.mydomain.com.44567: S 2045073666:2045073666(0) ack 3647731134 win 5792 <mss 1460,nop,nop,timestamp 1255468410 1428647350,nop,wscale 9> 15:31:51.677652 IP myaix53client.mydomain.com.44567 > mymaster.mydomain.com.8140: . ack 1 win 32761 <nop,nop,timestamp 1428647350 1255468410> 15:31:51.678464 IP myaix53client.mydomain.com.44567 > mymaster.mydomain.com.8140: P 1:106(105) ack 1 win 32761 <nop,nop,timestamp 1428647350 1255468410> 15:31:51.678861 IP mymaster.mydomain.com.8140 > myaix53client.mydomain.com.44567: . ack 106 win 12 <nop,nop,timestamp 1255468411 1428647350> 15:31:51.725119 IP mymaster.mydomain.com.8140 > myaix53client.mydomain.com.44567: . 1:1449(1448) ack 106 win 12 <nop,nop,timestamp 1255468457 1428647350> 15:31:51.725133 IP mymaster.mydomain.com.8140 > myaix53client.mydomain.com.44567: . 1449:2897(1448) ack 106 win 12 <nop,nop,timestamp 1255468457 1428647350> 15:31:51.725140 IP mymaster.mydomain.com.8140 > myaix53client.mydomain.com.44567: P 2897:3741(844) ack 106 win 12 <nop,nop,timestamp 1255468457 1428647350> 15:31:51.725253 IP myaix53client.mydomain.com.44567 > mymaster.mydomain.com.8140: . ack 3741 win 32660 <nop,nop,timestamp 1428647350 1255468457> 15:31:51.725744 IP myaix53client.mydomain.com.44567 > mymaster.mydomain.com.8140: P 106:113(7) ack 3741 win 32660 <nop,nop,timestamp 1428647350 1255468457> 15:31:51.726041 IP myaix53client.mydomain.com.44567 > mymaster.mydomain.com.8140: F 113:113(0) ack 3741 win 32761 <nop,nop,timestamp 1428647350 1255468457> 15:31:51.726281 IP mymaster.mydomain.com.8140 > myaix53client.mydomain.com.44567: . ack 113 win 12 <nop,nop,timestamp 1255468458 1428647350> 15:31:51.726582 IP mymaster.mydomain.com.8140 > myaix53client.mydomain.com.44567: F 3741:3741(0) ack 114 win 12 <nop,nop,timestamp 1255468459 1428647350> 15:31:51.726592 IP myaix53client.mydomain.com.44567 > mymaster.mydomain.com.8140: . ack 3742 win 32761 <nop,nop,timestamp 1428647350 1255468459> 15:31:54.601573 IP myaix53client.mydomain.com.44568 > mymaster.mydomain.com.8140: S 629116937:629116937(0) win 65535 <mss 1460,nop,wscale 3,nop,nop,timestamp 1428647356 0> 15:31:54.601996 IP mymaster.mydomain.com.8140 > myaix53client.mydomain.com.44568: S 2048498450:2048498450(0) ack 629116938 win 5792 <mss 1460,nop,nop,timestamp 1255471334 1428647356,nop,wscale 9> 15:31:54.602033 IP myaix53client.mydomain.com.44568 > mymaster.mydomain.com.8140: . ack 1 win 32761 <nop,nop,timestamp 1428647356 1255471334> 15:31:54.602649 IP myaix53client.mydomain.com.44568 > mymaster.mydomain.com.8140: P 1:106(105) ack 1 win 32761 <nop,nop,timestamp 1428647356 1255471334> 15:31:54.602975 IP mymaster.mydomain.com.8140 > myaix53client.mydomain.com.44568: . ack 106 win 12 <nop,nop,timestamp 1255471336 1428647356> 15:31:54.649868 IP mymaster.mydomain.com.8140 > myaix53client.mydomain.com.44568: . 1:1449(1448) ack 106 win 12 <nop,nop,timestamp 1255471382 1428647356> 15:31:54.649878 IP mymaster.mydomain.com.8140 > myaix53client.mydomain.com.44568: . 1449:2897(1448) ack 106 win 12 <nop,nop,timestamp 1255471382 1428647356> 15:31:54.649884 IP mymaster.mydomain.com.8140 > myaix53client.mydomain.com.44568: P 2897:3741(844) ack 106 win 12 <nop,nop,timestamp 1255471382 1428647356> 15:31:54.649953 IP myaix53client.mydomain.com.44568 > mymaster.mydomain.com.8140: . ack 3741 win 32660 <nop,nop,timestamp 1428647356 1255471382> 15:31:54.650581 IP myaix53client.mydomain.com.44568 > mymaster.mydomain.com.8140: P 106:113(7) ack 3741 win 32660 <nop,nop,timestamp 1428647356 1255471382> 15:31:54.651121 IP myaix53client.mydomain.com.44568 > mymaster.mydomain.com.8140: F 113:113(0) ack 3741 win 32761 <nop,nop,timestamp 1428647356 1255471382> 15:31:54.651130 IP mymaster.mydomain.com.8140 > myaix53client.mydomain.com.44568: . ack 113 win 12 <nop,nop,timestamp 1255471383 1428647356> 15:31:54.651490 IP mymaster.mydomain.com.8140 > myaix53client.mydomain.com.44568: F 3741:3741(0) ack 114 win 12 <nop,nop,timestamp 1255471384 1428647356> 15:31:54.651502 IP myaix53client.mydomain.com.44568 > mymaster.mydomain.com.8140: . ack 3742 win 32761 <nop,nop,timestamp 1428647356 1255471384> 15:31:54.666859 IP myaix53client.mydomain.com.44569 > mymaster.mydomain.com.8140: S 1897231777:1897231777(0) win 65535 <mss 1460,nop,wscale 3,nop,nop,timestamp 1428647356 0> 15:31:54.667268 IP mymaster.mydomain.com.8140 > myaix53client.mydomain.com.44569: S 2051610074:2051610074(0) ack 1897231778 win 5792 <mss 1460,nop,nop,timestamp 1255471399 1428647356,nop,wscale 9> 15:31:54.667284 IP myaix53client.mydomain.com.44569 > mymaster.mydomain.com.8140: . ack 1 win 32761 <nop,nop,timestamp 1428647356 1255471399> 15:31:54.667598 IP myaix53client.mydomain.com.44569 > mymaster.mydomain.com.8140: P 1:106(105) ack 1 win 32761 <nop,nop,timestamp 1428647356 1255471399> 15:31:54.668055 IP mymaster.mydomain.com.8140 > myaix53client.mydomain.com.44569: . ack 106 win 12 <nop,nop,timestamp 1255471400 1428647356> 15:31:54.715307 IP mymaster.mydomain.com.8140 > myaix53client.mydomain.com.44569: . 1:1449(1448) ack 106 win 12 <nop,nop,timestamp 1255471447 1428647356> 15:31:54.715320 IP mymaster.mydomain.com.8140 > myaix53client.mydomain.com.44569: . 1449:2897(1448) ack 106 win 12 <nop,nop,timestamp 1255471447 1428647356> 15:31:54.715327 IP mymaster.mydomain.com.8140 > myaix53client.mydomain.com.44569: P 2897:3741(844) ack 106 win 12 <nop,nop,timestamp 1255471447 1428647356> 15:31:54.715382 IP myaix53client.mydomain.com.44569 > mymaster.mydomain.com.8140: . ack 3741 win 32660 <nop,nop,timestamp 1428647356 1255471447> 15:31:54.715808 IP myaix53client.mydomain.com.44569 > mymaster.mydomain.com.8140: P 106:113(7) ack 3741 win 32660 <nop,nop,timestamp 1428647356 1255471447> 15:31:54.716024 IP myaix53client.mydomain.com.44569 > mymaster.mydomain.com.8140: F 113:113(0) ack 3741 win 32761 <nop,nop,timestamp 1428647356 1255471447> 15:31:54.716241 IP mymaster.mydomain.com.8140 > myaix53client.mydomain.com.44569: . ack 113 win 12 <nop,nop,timestamp 1255471448 1428647356> 15:31:54.716559 IP mymaster.mydomain.com.8140 > myaix53client.mydomain.com.44569: F 3741:3741(0) ack 114 win 12 <nop,nop,timestamp 1255471448 1428647356> 15:31:54.716570 IP myaix53client.mydomain.com.44569 > mymaster.mydomain.com.8140: . ack 3742 win 32761 <nop,nop,timestamp 1428647356 1255471448> ^C 623 packets received by filter 0 packets dropped by kernel -- You received this message because you are subscribed to the Google Groups "Puppet Developers" group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-dev+unsubscr...@googlegroups.com. To post to this group, send email to puppet-dev@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-dev?hl=en. For more options, visit https://groups.google.com/groups/opt_out.
