Ticket #926: client.log

Tue Aug 15 17:07:31 2017 OpenVPN 2.4.3 x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [PKCS11] [MH/PKTINFO] [AEAD] built on Jun 20 2017
Tue Aug 15 17:07:31 2017 library versions: OpenSSL 1.0.2g  1 Mar 2016, LZO 2.08
Tue Aug 15 17:07:31 2017 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
Tue Aug 15 17:07:31 2017 Outgoing Control Channel Authentication: Using 256 bit message hash 'SHA256' for HMAC authentication
Tue Aug 15 17:07:31 2017 Incoming Control Channel Authentication: Using 256 bit message hash 'SHA256' for HMAC authentication
Tue Aug 15 17:07:31 2017 nice 5 succeeded
Tue Aug 15 17:07:31 2017 TCP/UDP: Preserving recently used remote address: [AF_INET]SERVER_IP_HERE:443
Tue Aug 15 17:07:31 2017 Socket Buffers: R=[212992->212992] S=[212992->212992]
Tue Aug 15 17:07:31 2017 UDPv4 link local: (not bound)
Tue Aug 15 17:07:31 2017 UDPv4 link remote: [AF_INET]SERVER_IP_HERE:443
Tue Aug 15 17:07:31 2017 TLS: Initial packet from [AF_INET]SERVER_IP_HERE:443, sid=4660fc3a fd328279
Tue Aug 15 17:07:31 2017 VERIFY OK: depth=1, CN=Easy-RSA CA
Tue Aug 15 17:07:31 2017 VERIFY KU OK
Tue Aug 15 17:07:31 2017 Validating certificate extended key usage
Tue Aug 15 17:07:31 2017 ++ Certificate has EKU (str) TLS Web Server Authentication, expects TLS Web Server Authentication
Tue Aug 15 17:07:31 2017 VERIFY EKU OK
Tue Aug 15 17:07:31 2017 VERIFY OK: depth=0, CN=server
Tue Aug 15 17:07:32 2017 Control Channel: TLSv1.2, cipher TLSv1/SSLv3 ECDHE-RSA-AES256-GCM-SHA384, 2048 bit RSA
Tue Aug 15 17:07:32 2017 [server] Peer Connection Initiated with [AF_INET]SERVER_IP_HERE:443
Tue Aug 15 17:07:33 2017 SENT CONTROL [server]: 'PUSH_REQUEST' (status=1)
Tue Aug 15 17:07:33 2017 PUSH: Received control message: 'PUSH_REPLY,comp-lzo adaptive,route-gateway 172.16.16.1,topology subnet,ping 10,ping-restart 40,redirect-gateway def1,dhcp-option DNS 8.8.8.8,dhcp-option DNS 208.67.222.222,ifconfig 172.16.16.2 255.255.255.0,peer-id 1,cipher AES-256-GCM'
Tue Aug 15 17:07:33 2017 OPTIONS IMPORT: timers and/or timeouts modified
Tue Aug 15 17:07:33 2017 OPTIONS IMPORT: compression parms modified
Tue Aug 15 17:07:33 2017 OPTIONS IMPORT: --ifconfig/up options modified
Tue Aug 15 17:07:33 2017 OPTIONS IMPORT: route options modified
Tue Aug 15 17:07:33 2017 OPTIONS IMPORT: route-related options modified
Tue Aug 15 17:07:33 2017 OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified
Tue Aug 15 17:07:33 2017 OPTIONS IMPORT: peer-id set
Tue Aug 15 17:07:33 2017 OPTIONS IMPORT: WARNING: peer-id set, but link-mtu fixed by config - reducing tun-mtu to 1295, expect MTU problems
Tue Aug 15 17:07:33 2017 OPTIONS IMPORT: data channel crypto options modified
Tue Aug 15 17:07:33 2017 Data Channel Encrypt: Cipher 'AES-256-GCM' initialized with 256 bit key
Tue Aug 15 17:07:33 2017 Data Channel Decrypt: Cipher 'AES-256-GCM' initialized with 256 bit key
Tue Aug 15 17:07:33 2017 ROUTE_GATEWAY 192.168.0.1/255.255.255.0 IFACE=eth0 HWADDR=34:23:87:96:6d:cf
Tue Aug 15 17:07:33 2017 TUN/TAP device tun0 opened
Tue Aug 15 17:07:33 2017 TUN/TAP TX queue length set to 100
Tue Aug 15 17:07:33 2017 do_ifconfig, tt->did_ifconfig_ipv6_setup=0
Tue Aug 15 17:07:33 2017 /sbin/ip link set dev tun0 up mtu 1367
Tue Aug 15 17:07:33 2017 /sbin/ip addr add dev tun0 172.16.16.2/24 broadcast 172.16.16.255
Tue Aug 15 17:07:33 2017 up.sh tun0 1367 1420 172.16.16.2 255.255.255.0 init
BASH=/bin/bash
BASHOPTS=cmdhist:complete_fullquote:extquote:force_fignore:hostcomplete:interactive_comments:progcomp:promptvars:sourcepath
BASH_ALIASES=()
BASH_ARGC=([0]="6")
BASH_ARGV=([0]="init" [1]="255.255.255.0" [2]="172.16.16.2" [3]="1420" [4]="1367" [5]="tun0")
BASH_CMDS=()
BASH_LINENO=([0]="0")
BASH_SOURCE=([0]="up.sh")
BASH_VERSINFO=([0]="4" [1]="3" [2]="48" [3]="1" [4]="release" [5]="x86_64-pc-linux-gnu")
BASH_VERSION='4.3.48(1)-release'
DIRSTACK=()
EUID=0
GROUPS=()
HOSTNAME=SOMEHOST
HOSTTYPE=x86_64
IFS='
'
MACHTYPE=x86_64-pc-linux-gnu
OPTERR=1
OPTIND=1
OSTYPE=linux-gnu
PATH=/usr/local/bin:/usr/local/sbin:/usr/bin:/usr/sbin:/bin:/sbin:.
PIPESTATUS=([0]="0")
POSIXLY_CORRECT=y
PPID=16131
PS4='+ '
PWD=/some/path
SHELL=/bin/bash
SHELLOPTS=braceexpand:hashall:interactive-comments:posix
SHLVL=1
TERM=dumb
UID=0
X509_0_CN=server
X509_1_CN='Easy-RSA CA'
_=posix
common_name=server
config=client.conf
daemon=0
daemon_log_redirect=0
daemon_pid=16131
daemon_start_time=1502791651
dev=tun0
dev_type=tun
foreign_option_1='dhcp-option DNS 8.8.8.8'
foreign_option_2='dhcp-option DNS 208.67.222.222'
ifconfig_broadcast=172.16.16.255
ifconfig_local=172.16.16.2
ifconfig_netmask=255.255.255.0
link_mtu=1420
proto_1=udp4
proto_2=tcp4-client
remote_1=SERVER_IP_HERE
remote_2=SERVER_IP_HERE
remote_port_1=443
remote_port_2=443
route_net_gateway=192.168.0.1
route_vpn_gateway=172.16.16.1
script_context=init
script_type=up
tls_digest_0=4a:f3:c3:b1:a6:6f:90:a0:29:f0:ec:cd:f6:17:87:2c:ab:04:ce:a6
tls_digest_1=0b:73:36:b4:3e:b6:af:e8:a8:81:b0:de:ae:1a:8a:76:c1:5b:25:b4
tls_digest_sha256_0=1f:d1:21:ee:1b:2e:8e:fa:76:75:d2:d7:3d:d3:d7:d4:34:8d:c8:ca:c1:65:6b:83:87:39:5b:b9:c1:00:cf:7a
tls_digest_sha256_1=fa:2c:1e:da:f6:80:ee:88:97:88:1d:e0:1d:ad:74:8c:80:5b:57:c8:a0:df:4c:d6:99:75:4d:b7:3b:93:03:47
tls_id_0=CN=server
tls_id_1='CN=Easy-RSA CA'
tls_serial_0=1
tls_serial_1=14638174323727231863
tls_serial_hex_0=01
tls_serial_hex_1=cb:25:3d:fd:b6:01:6b:77
trusted_ip=SERVER_IP_HERE
trusted_port=443
tun_mtu=1367
untrusted_ip=SERVER_IP_HERE
untrusted_port=443
verb=3
Tue Aug 15 17:07:33 2017 /sbin/ip route add SERVER_IP_HERE/32 via 192.168.0.1
Tue Aug 15 17:07:33 2017 /sbin/ip route add 0.0.0.0/1 via 172.16.16.1
Tue Aug 15 17:07:33 2017 /sbin/ip route add 128.0.0.0/1 via 172.16.16.1
Tue Aug 15 17:07:33 2017 WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
Tue Aug 15 17:07:33 2017 Initialization Sequence Completed