Здравствуйте,
Наткнулся на проблему с angie 1.4.1.
Пытаюсь подключиться к эндпоинту, находящимся за angie прокси. Подключение к прокси со стороны клиента - http/2, связь прокси- S3 эндпоинт - http/1.1
Проблема в том, что когда я пытаюсь подключиться curl к прокси по протоколу http/2 и скачать данные о s3 бакете - получаю мусор в полях даты, хотя SSL сессия проходит нормально. Вот лог curl:
>>> /usr/bin/curl -k --aws-sigv4 aws:amz:us-east-1:iam --user <ID> --head -v --http2 --trace-config all dump
https://S3-host.local/bucket-name <<<
18:08:14.998207 [1-1] * Host S3-host.local:443 was resolved.
18:08:14.998289 [1-1] * IPv4: 10.10.10.10
18:08:14.998348 [1-1] * [HTTPS-CONNECT] added
18:08:14.998400 [1-1] * [HTTPS-CONNECT] connect, init
18:08:14.998456 [1-1] * [HTTPS-CONNECT] connect, check h21
18:08:14.998513 [1-1] * [HAPPY-EYEBALLS] created ipv4 (timeout 299999ms)
18:08:14.998568 [1-1] * [HAPPY-EYEBALLS] ipv4 starting (timeout=299999ms)
18:08:14.998633 [1-1] * Trying 10.10.10.00:443...
18:08:14.998696 [1-1] * [TCP] cf_socket_open() -> 0, fd=5
18:08:14.998879 [1-1] * [TCP] local address 10.10.10.10 port 41664...
18:08:14.998948 [1-1] * [HAPPY-EYEBALLS] ipv4 connect -> 0, connected=0
18:08:14.998998 [1-1] * [HTTPS-CONNECT] connect -> 0, done=0
18:08:14.999051 [1-1] * [TCP] adjust_pollset(!connected) -> 1 socks
18:08:14.999100 [1-1] * [HAPPY-EYEBALLS] adjust_pollset -> 1 socks
18:08:14.999151 [1-1] * [HTTPS-CONNECT] adjust_pollset -> 1 socks
18:08:14.999201 [1-1] * [TCP] adjust_pollset(!connected) -> 1 socks
18:08:14.999252 [1-1] * [HAPPY-EYEBALLS] adjust_pollset -> 1 socks
18:08:14.999304 [1-1] * [HTTPS-CONNECT] adjust_pollset -> 1 socks
18:08:14.999360 [1-1] * [HTTPS-CONNECT] connect, check h21
18:08:14.999417 [1-1] * [TCP] connected
18:08:14.999466 [1-1] * [HAPPY-EYEBALLS] ipv4 connect -> 0, connected=1
18:08:14.999519 [1-1] * Connected to S3-host.local (10.10.10.10) port 443
18:08:14.999571 [1-1] * [SSL] cf_connect()
18:08:15.001571 [1-1] * ALPN: curl offers h2,http/1.1
18:08:15.002066 [1-1] * TLSv1.3 (OUT), TLS handshake, Client hello (1):
18:08:15.002207 [1-1] * [TCP] send(len=517) -> 517, err=0
18:08:15.002314 [1-1] * [SSL] ossl_bio_cf_out_write(len=517) -> 517, err=0
18:08:15.002449 [1-1] * [TCP] nw_in_read(len=5) -> -1, err=81
18:08:15.002544 [1-1] * [TCP] recv(len=5) -> -1, err=81
18:08:15.002637 [1-1] * [SSL] ossl_bio_cf_in_read(len=5) -> -1, err=81
18:08:15.002730 [1-1] * [SSL] populate_x509_store, path=/etc/ssl/certs/ca-certificates.crt, blob=0
18:08:15.002828 [1-1] * [SSL] cf_connect() -> 0, done=0
18:08:15.002950 [1-1] * [HTTPS-CONNECT] connect -> 0, done=0
18:08:15.003051 [1-1] * [HTTPS-CONNECT] adjust_pollset -> 1 socks
18:08:15.003146 [1-1] * [HTTPS-CONNECT] adjust_pollset -> 1 socks
18:08:15.011291 [1-1] * [HTTPS-CONNECT] connect, check h21
18:08:15.011633 [1-1] * [SSL] cf_connect()
18:08:15.011700 [1-1] * [TCP] nw_in_read(len=5) -> 5, err=0
18:08:15.011749 [1-1] * [TCP] recv(len=5) -> 5, err=0
18:08:15.011799 [1-1] * [SSL] ossl_bio_cf_in_read(len=5) -> 5, err=0
18:08:15.011852 [1-1] * [TCP] nw_in_read(len=122) -> 122, err=0
18:08:15.011901 [1-1] * [TCP] recv(len=122) -> 122, err=0
18:08:15.011952 [1-1] * [SSL] ossl_bio_cf_in_read(len=122) -> 122, err=0
18:08:15.012014 [1-1] * TLSv1.3 (IN), TLS handshake, Server hello (2):
18:08:15.012369 [1-1] * [TCP] nw_in_read(len=5) -> 5, err=0
18:08:15.012422 [1-1] * [TCP] recv(len=5) -> 5, err=0
18:08:15.012482 [1-1] * [SSL] ossl_bio_cf_in_read(len=5) -> 5, err=0
18:08:15.012535 [1-1] * [TCP] nw_in_read(len=1) -> 1, err=0
18:08:15.012583 [1-1] * [TCP] recv(len=1) -> 1, err=0
18:08:15.012633 [1-1] * [SSL] ossl_bio_cf_in_read(len=1) -> 1, err=0
18:08:15.012684 [1-1] * [TCP] nw_in_read(len=5) -> 5, err=0
18:08:15.012733 [1-1] * [TCP] recv(len=5) -> 5, err=0
18:08:15.012781 [1-1] * [SSL] ossl_bio_cf_in_read(len=5) -> 5, err=0
18:08:15.012831 [1-1] * [TCP] nw_in_read(len=36) -> 36, err=0
18:08:15.012880 [1-1] * [TCP] recv(len=36) -> 36, err=0
18:08:15.012936 [1-1] * [SSL] ossl_bio_cf_in_read(len=36) -> 36, err=0
18:08:15.012998 [1-1] * TLSv1.3 (IN), TLS handshake, Encrypted Extensions (8):
18:08:15.013052 [1-1] * [TCP] nw_in_read(len=5) -> 5, err=0
18:08:15.013101 [1-1] * [TCP] recv(len=5) -> 5, err=0
18:08:15.013149 [1-1] * [SSL] ossl_bio_cf_in_read(len=5) -> 5, err=0
18:08:15.013209 [1-1] * [TCP] nw_in_read(len=2527) -> 2527, err=0
18:08:15.013257 [1-1] * [TCP] recv(len=2527) -> 2527, err=0
18:08:15.013305 [1-1] * [SSL] ossl_bio_cf_in_read(len=2527) -> 2527, err=0
18:08:15.013391 [1-1] * TLSv1.3 (IN), TLS handshake, Certificate (11):
18:08:15.013963 [1-1] * [TCP] nw_in_read(len=5) -> 5, err=0
18:08:15.014016 [1-1] * [TCP] recv(len=5) -> 5, err=0
18:08:15.014066 [1-1] * [SSL] ossl_bio_cf_in_read(len=5) -> 5, err=0
18:08:15.014119 [1-1] * [TCP] nw_in_read(len=537) -> 537, err=0
18:08:15.014168 [1-1] * [TCP] recv(len=537) -> 537, err=0
18:08:15.014217 [1-1] * [SSL] ossl_bio_cf_in_read(len=537) -> 537, err=0
18:08:15.014280 [1-1] * TLSv1.3 (IN), TLS handshake, CERT verify (15):
18:08:15.014512 [1-1] * [TCP] nw_in_read(len=5) -> 5, err=0
18:08:15.014561 [1-1] * [TCP] recv(len=5) -> 5, err=0
18:08:15.014611 [1-1] * [SSL] ossl_bio_cf_in_read(len=5) -> 5, err=0
18:08:15.014664 [1-1] * [TCP] nw_in_read(len=69) -> 69, err=0
18:08:15.014713 [1-1] * [TCP] recv(len=69) -> 69, err=0
18:08:15.014762 [1-1] * [SSL] ossl_bio_cf_in_read(len=69) -> 69, err=0
18:08:15.014829 [1-1] * TLSv1.3 (IN), TLS handshake, Finished (20):
18:08:15.014946 [1-1] * TLSv1.3 (OUT), TLS change cipher, Change cipher spec (1):
18:08:15.015020 [1-1] * TLSv1.3 (OUT), TLS handshake, Finished (20):
18:08:15.015113 [1-1] * [TCP] send(len=80) -> 80, err=0
18:08:15.015164 [1-1] * [SSL] ossl_bio_cf_out_write(len=80) -> 80, err=0
18:08:15.015250 [1-1] * SSL connection using TLSv1.3 / TLS_AES_256_GCM_SHA384 / X25519 / RSASSA-PSS
18:08:15.015302 [1-1] * ALPN: server accepted h2
18:08:15.015360 [1-1] * Server certificate:
...
18:08:15.015655 [1-1] * SSL certificate verify result: unable to get local issuer certificate (20), continuing anyway.
18:08:15.015732 [1-1] * Certificate level 0: Public key type RSA (4096/152 Bits/secBits), signed using sha256WithRSAEncryption
18:08:15.015786 [1-1] * [SSL] cf_connect() -> 0, done=1
18:08:15.015836 [1-1] * [HTTPS-CONNECT] connect+handshake h21: 17ms, 1st data: 13ms
18:08:15.015957 [1-1] * [HTTP/2] [0] created h2 session
18:08:15.016036 [1-1] * [TCP] nw_in_read(len=5) -> 5, err=0
18:08:15.016087 [1-1] * [TCP] recv(len=5) -> 5, err=0
18:08:15.016144 [1-1] * [SSL] ossl_bio_cf_in_read(len=5) -> 5, err=0
18:08:15.016203 [1-1] * [TCP] nw_in_read(len=74) -> 74, err=0
18:08:15.016255 [1-1] * [TCP] recv(len=74) -> 74, err=0
18:08:15.016305 [1-1] * [SSL] ossl_bio_cf_in_read(len=74) -> 74, err=0
18:08:15.016392 [1-1] * TLSv1.3 (IN), TLS handshake, Newsession Ticket (4):
18:08:15.016480 [1-1] * [TCP] nw_in_read(len=5) -> 5, err=0
18:08:15.016530 [1-1] * [TCP] recv(len=5) -> 5, err=0
18:08:15.016579 [1-1] * [SSL] ossl_bio_cf_in_read(len=5) -> 5, err=0
18:08:15.016632 [1-1] * [TCP] nw_in_read(len=74) -> 74, err=0
18:08:15.016685 [1-1] * [TCP] recv(len=74) -> 74, err=0
18:08:15.016735 [1-1] * [SSL] ossl_bio_cf_in_read(len=74) -> 74, err=0
18:08:15.016791 [1-1] * TLSv1.3 (IN), TLS handshake, Newsession Ticket (4):
18:08:15.016851 [1-1] * old SSL session ID is stale, removing
18:08:15.016913 [1-1] * [TCP] nw_in_read(len=5) -> 5, err=0
18:08:15.016962 [1-1] * [TCP] recv(len=5) -> 5, err=0
18:08:15.017012 [1-1] * [SSL] ossl_bio_cf_in_read(len=5) -> 5, err=0
18:08:15.017080 [1-1] * [TCP] nw_in_read(len=57) -> 57, err=0
18:08:15.017130 [1-1] * [TCP] recv(len=57) -> 57, err=0
18:08:15.017180 [1-1] * [SSL] ossl_bio_cf_in_read(len=57) -> 57, err=0
18:08:15.017236 [1-1] * [TCP] nw_in_read(len=5) -> -1, err=81
18:08:15.017327 [1-1] * [TCP] recv(len=5) -> -1, err=81
18:08:15.017384 [1-1] * [SSL] ossl_bio_cf_in_read(len=5) -> -1, err=81
18:08:15.017434 [1-1] * [SSL] cf_recv(len=16384) -> 40, 0
18:08:15.017483 [1-1] * [HTTP/2] [0] ingress: read 40 bytes
18:08:15.017556 [1-1] * [HTTP/2] [0] <- FRAME[SETTINGS, len=18]
18:08:15.017607 [1-1] * [HTTP/2] [0] MAX_CONCURRENT_STREAMS: 128
18:08:15.017655 [1-1] * [HTTP/2] [0] ENABLE_PUSH: TRUE
18:08:15.017703 [1-1] * [HTTP/2] [0] notify MAX_CONCURRENT_STREAMS: 128
18:08:15.017752 [1-1] * [HTTP/2] [0] <- FRAME[WINDOW_UPDATE, incr=2147418112]
18:08:15.017809 [1-1] * [TCP] nw_in_read(len=5) -> -1, err=81
18:08:15.018540 [1-1] * [TCP] recv(len=5) -> -1, err=81
18:08:15.019506 [1-1] * [SSL] ossl_bio_cf_in_read(len=5) -> -1, err=81
18:08:15.020345 [1-1] * [SSL] cf_recv(len=16384) -> -1, 81
18:08:15.021177 [1-1] * [HTTP/2] [0] -> FRAME[SETTINGS, len=18]
18:08:15.021964 [1-1] * [HTTP/2] [0] -> FRAME[SETTINGS, ack=1]
18:08:15.022046 [1-1] * [HTTP/2] [0] -> FRAME[WINDOW_UPDATE, incr=1048510465]
18:08:15.022153 [1-1] * [TCP] send(len=95) -> 95, err=0
18:08:15.022203 [1-1] * [SSL] ossl_bio_cf_out_write(len=95) -> 95, err=0
18:08:15.022273 [1-1] * [HTTP/2] [0] egress: wrote 73 bytes
18:08:15.022323 [1-1] * [HTTP/2] cf_connect() -> 0, 1,
18:08:15.022372 [1-1] * using HTTP/2
18:08:15.022428 [1-1] * [HTTPS-CONNECT] connect -> 0, done=1
18:08:15.022560 [1-1] * Server auth using AWS_SIGV4 with user '<ID>'
18:08:15.022636 [1-1] * [HTTP/2] [1] OPENED stream for https://S3-host.local/bucket-name
18:08:15.022686 [1-1] * [HTTP/2] [1] [:method: HEAD]
18:08:15.022735 [1-1] * [HTTP/2] [1] [:scheme: https]
18:08:15.022785 [1-1] * [HTTP/2] [1] [:authority: S3-host.local]
18:08:15.022834 [1-1] * [HTTP/2] [1] [:path: /bucket-name]
18:08:15.022883 [1-1] * [HTTP/2] [1] [authorization: AWS4-HMAC-SHA256 Credential=4nnTN/20240327/us-east-1/iam/aws4_request, SignedHeaders=host;x-amz-date, Signature=a96080862c74ce5a13...
18:08:15.022946 [1-1] * [HTTP/2] [1] [x-amz-date: 20240327T180814Z]
18:08:15.022995 [1-1] * [HTTP/2] [1] [user-agent: curl/8.6.0]
18:08:15.023044 [1-1] * [HTTP/2] [1] [accept: */*]
18:08:15.023094 [1-1] * [HTTP/2] [1] submit -> 442, 0
18:08:15.023160 [1-1] * [HTTP/2] [1] -> FRAME[HEADERS, len=301, hend=1, eos=1]
18:08:15.023240 [1-1] * [TCP] send(len=332) -> 332, err=0
18:08:15.023290 [1-1] * [SSL] ossl_bio_cf_out_write(len=332) -> 332, err=0
18:08:15.023340 [1-1] * [HTTP/2] [0] egress: wrote 310 bytes
18:08:15.023394 [1-1] * [HTTP/2] [1] cf_send(len=442) -> 442, 0, upload_left=0, h2 windows 65536-2147483647 (stream-conn), buffers 0-0 (stream-conn)
18:08:15.023443 [1-1] > HEAD /bucket-name HTTP/2
18:08:15.023443 [1-1] > Host: S3-host.local
18:08:15.023443 [1-1] > Authorization: AWS4-HMAC-SHA256 Credential=4nnTgmj3Jp/20240327/us-east-1/iam/aws4_request, SignedHeaders=host;x-amz-date, Signature=a96080862c74ce5a13...
18:08:15.023443 [1-1] > X-Amz-Date: 20240327T180814Z
18:08:15.023443 [1-1] > User-Agent: curl/8.6.0
18:08:15.023443 [1-1] > Accept: */*
18:08:15.023443 [1-1] >
18:08:15.024135 [1-1] * [HTTP/2] [1] data done send
18:08:15.026031 [1-1] * [TCP] nw_in_read(len=5) -> 5, err=0
18:08:15.029779 [1-1] * [TCP] recv(len=5) -> 5, err=0
18:08:15.029834 [1-1] * [SSL] ossl_bio_cf_in_read(len=5) -> 5, err=0
18:08:15.029898 [1-1] * [TCP] nw_in_read(len=26) -> 26, err=0
18:08:15.029948 [1-1] * [TCP] recv(len=26) -> 26, err=0
18:08:15.029997 [1-1] * [SSL] ossl_bio_cf_in_read(len=26) -> 26, err=0
18:08:15.032911 [1-1] * [TCP] nw_in_read(len=5) -> -1, err=81
18:08:15.032963 [1-1] * [TCP] recv(len=5) -> -1, err=81
18:08:15.033012 [1-1] * [SSL] ossl_bio_cf_in_read(len=5) -> -1, err=81
18:08:15.033064 [1-1] * [SSL] cf_recv(len=16384) -> 9, 0
18:08:15.033115 [1-1] * [HTTP/2] [0] ingress: read 9 bytes
18:08:15.033170 [1-1] * [HTTP/2] [0] <- FRAME[SETTINGS, ack=1]
18:08:15.033224 [1-1] * [TCP] nw_in_read(len=5) -> -1, err=81
18:08:15.033273 [1-1] * [TCP] recv(len=5) -> -1, err=81
18:08:15.033322 [1-1] * [SSL] ossl_bio_cf_in_read(len=5) -> -1, err=81
18:08:15.033385 [1-1] * [SSL] cf_recv(len=16384) -> -1, 81
18:08:15.033442 [1-1] * [HTTP/2] [1] cf_recv(len=102400) -> -1 81, buffered=0, window=0/10485760, connection 1048576000/1048576000
18:08:15.060538 [1-1] * [TCP] nw_in_read(len=5) -> 5, err=0
18:08:15.060613 [1-1] * [TCP] recv(len=5) -> 5, err=0
18:08:15.060668 [1-1] * [SSL] ossl_bio_cf_in_read(len=5) -> 5, err=0
18:08:15.060724 [1-1] * [TCP] nw_in_read(len=371) -> 371, err=0
18:08:15.060810 [1-1] * [TCP] recv(len=371) -> 371, err=0
18:08:15.060859 [1-1] * [SSL] ossl_bio_cf_in_read(len=371) -> 371, err=0
18:08:15.060932 [1-1] * [TCP] nw_in_read(len=5) -> -1, err=81
18:08:15.060981 [1-1] * [TCP] recv(len=5) -> -1, err=81
18:08:15.061030 [1-1] * [SSL] ossl_bio_cf_in_read(len=5) -> -1, err=81
18:08:15.061083 [1-1] * [SSL] cf_recv(len=16384) -> 354, 0
18:08:15.061135 [1-1] * [HTTP/2] [0] ingress: read 354 bytes
18:08:15.061215 [1-1] * [HTTP/2] [1] status: HTTP/2 200
18:08:15.061276 [1-1] * [HTTP/2] [1] header: server: Angie
18:08:15.061329 [1-1] * [HTTP/2] [1] header: date: apsnAoe1x3W0zA8l1m0scsm614 GMT
18:08:15.061380 [1-1] * [HTTP/2] [1] header: content-length: 0
НИЖЕ НАЧИНАЮТСЯ ОШИБКИ HTTP/2
18:08:15.061436 [1-1] * Invalid HTTP header field was received: frame type: 1, stream: 1, name: [/nn1R7cu0=3l], value: [bytes]
18:08:15.061498 [1-1] * [TCP] nw_in_read(len=5) -> -1, err=81
18:08:15.061548 [1-1] * [TCP] recv(len=5) -> -1, err=81
18:08:15.061598 [1-1] * [SSL] ossl_bio_cf_in_read(len=5) -> -1, err=81
18:08:15.061649 [1-1] * [SSL] cf_recv(len=16384) -> -1, 81
18:08:15.061702 [1-1] * [HTTP/2] [0] -> FRAME[GOAWAY, error=9, reason='', last_stream=0]
18:08:15.061782 [1-1] * [TCP] send(len=39) -> 39, err=0
18:08:15.061831 [1-1] * [SSL] ossl_bio_cf_out_write(len=39) -> 39, err=0
18:08:15.061881 [1-1] * [HTTP/2] [0] egress: wrote 17 bytes
18:08:15.061932 [1-1] * [HTTP/2] [1] cf_recv(len=102400) -> 85 0, buffered=0, window=0/10485760, connection 1048576000/1048576000
18:08:15.061985 [1-1] < HTTP/2 200
HTTP/2 200
18:08:15.062045 [1-1] < server: Angie
server: Angie
18:08:15.062098 [1-1] < date: apsnAoe1x3W0zA8l1m0scsm614 GMT
date: apsnAoe1x3W0zA8l1m0scsm614 GMT
18:08:15.062153 [1-1] < content-length: 0
content-length: 0
18:09:30.062663 [1-1] * [TCP] nw_in_read(len=5) -> 5, err=0
18:09:30.062841 [1-1] * [TCP] recv(len=5) -> 5, err=0
18:09:30.062893 [1-1] * [SSL] ossl_bio_cf_in_read(len=5) -> 5, err=0
18:09:30.062981 [1-1] * [TCP] nw_in_read(len=34) -> 34, err=0
18:09:30.063050 [1-1] * [TCP] recv(len=34) -> 34, err=0
18:09:30.063119 [1-1] * [SSL] ossl_bio_cf_in_read(len=34) -> 34, err=0
18:09:30.063227 [1-1] * [TCP] nw_in_read(len=5) -> 5, err=0
18:09:30.063279 [1-1] * [TCP] recv(len=5) -> 5, err=0
18:09:30.063329 [1-1] * [SSL] ossl_bio_cf_in_read(len=5) -> 5, err=0
18:09:30.063381 [1-1] * [TCP] nw_in_read(len=19) -> 19, err=0
18:09:30.063431 [1-1] * [TCP] recv(len=19) -> 19, err=0
18:09:30.063481 [1-1] * [SSL] ossl_bio_cf_in_read(len=19) -> 19, err=0
18:09:30.063581 [1-1] * TLSv1.3 (IN), TLS alert, close notify (256):
18:09:30.063637 [1-1] * [SSL] cf_recv(len=16384) -> 17, 0
18:09:30.063688 [1-1] * [HTTP/2] [0] ingress: read 17 bytes
18:09:30.063753 [1-1] * [SSL] cf_recv(len=16384) -> 0, 0
18:09:30.063828 [1-1] * [HTTP/2] [0] ingress: connection closed
18:09:30.063895 [1-1] * [HTTP/2] [1] returning ERR
18:09:30.063964 [1-1] * [HTTP/2] [1] stream_recv(len=102400) -> -1, 56
18:09:30.064034 [1-1] * [HTTP/2] [1] cf_recv(len=102400) -> -1 56, buffered=0, window=0/10485760, connection 1048576000/1048576000
18:09:30.064105 [1-1] * [HTTP/2] [1] premature DATA_DONE, RST stream
18:09:30.064212 [1-1] * Closing connection
18:09:30.064283 [1-1] * [HTTPS-CONNECT] close
18:09:30.064408 [1-1] * [SETUP] close
18:09:30.065107 [1-1] * [TCP] send(len=24) -> 24, err=0
18:09:30.066207 [1-1] * [SSL] ossl_bio_cf_out_write(len=24) -> 24, err=0
18:09:30.066433 [1-1] * TLSv1.3 (OUT), TLS alert, close notify (256):
18:09:30.066505 [1-1] * [SSL] SSL shutdown finished
18:09:30.066810 [1-1] * [HAPPY-EYEBALLS] close
18:09:30.066869 [1-1] * [TCP] cf_socket_close(5)
18:09:30.066984 [1-1] * [TCP] destroy
18:09:30.067037 [1-1] * [HAPPY-EYEBALLS] destroy
18:09:30.067091 [1-1] * [SETUP] destroy
18:09:30.067142 [1-1] * [HTTPS-CONNECT] destroy
Непонятно наличие мусора в поле данных:
18:08:15.062098 [1-1] < date: apsnAoe1x3W0zA8l1m0scsm614 GMT
date: apsnAoe1x3W0zA8l1m0scsm614 GMT
Если подключаться по протоколу http/1.1 - все в порядке. Данные уходят как надо и приходят.
>>> /usr/bin/curl -k --aws-sigv4 aws:amz:us-east-1:iam --user <ID> --head -v --http1.1 --trace-config all dump https://S3-host.local/bucket-name <<<
18:42:48.672730 [1-1] * Host S3-host.local:443 was resolved.
18:42:48.672810 [1-1] * IPv4: 10.10.10.10
18:42:48.672864 [1-1] * [HTTPS-CONNECT] added
18:42:48.672917 [1-1] * [HTTPS-CONNECT] connect, init
18:42:48.673006 [1-1] * [HTTPS-CONNECT] connect, check h21
18:42:48.673112 [1-1] * [HAPPY-EYEBALLS] created ipv4 (timeout 299999ms)
18:42:48.673213 [1-1] * [HAPPY-EYEBALLS] ipv4 starting (timeout=299999ms)
18:42:48.673330 [1-1] * Trying 10.10.10.10:443...
18:42:48.673444 [1-1] * [TCP] cf_socket_open() -> 0, fd=5
18:42:48.673676 [1-1] * [TCP] local address 10.10.10.10 port 53268...
18:42:48.673729 [1-1] * [HAPPY-EYEBALLS] ipv4 connect -> 0, connected=0
18:42:48.673780 [1-1] * [HTTPS-CONNECT] connect -> 0, done=0
18:42:48.673834 [1-1] * [TCP] adjust_pollset(!connected) -> 1 socks
18:42:48.673886 [1-1] * [HAPPY-EYEBALLS] adjust_pollset -> 1 socks
18:42:48.673936 [1-1] * [HTTPS-CONNECT] adjust_pollset -> 1 socks
18:42:48.673987 [1-1] * [TCP] adjust_pollset(!connected) -> 1 socks
18:42:48.674036 [1-1] * [HAPPY-EYEBALLS] adjust_pollset -> 1 socks
18:42:48.674086 [1-1] * [HTTPS-CONNECT] adjust_pollset -> 1 socks
18:42:48.674144 [1-1] * [HTTPS-CONNECT] connect, check h21
18:42:48.674202 [1-1] * [TCP] connected
18:42:48.674253 [1-1] * [HAPPY-EYEBALLS] ipv4 connect -> 0, connected=1
18:42:48.674308 [1-1] * Connected to S3-host.local (10.10.10.10) port 443
18:42:48.674359 [1-1] * [SSL] cf_connect()
18:42:48.676595 [1-1] * ALPN: curl offers http/1.1
18:42:48.677073 [1-1] * TLSv1.3 (OUT), TLS handshake, Client hello (1):
18:42:48.677171 [1-1] * [TCP] send(len=517) -> 517, err=0
18:42:48.677223 [1-1] * [SSL] ossl_bio_cf_out_write(len=517) -> 517, err=0
18:42:48.677282 [1-1] * [TCP] nw_in_read(len=5) -> -1, err=81
18:42:48.677332 [1-1] * [TCP] recv(len=5) -> -1, err=81
18:42:48.677383 [1-1] * [SSL] ossl_bio_cf_in_read(len=5) -> -1, err=81
18:42:48.677435 [1-1] * [SSL] populate_x509_store, path=/etc/ssl/certs/ca-certificates.crt, blob=0
18:42:48.677508 [1-1] * [SSL] cf_connect() -> 0, done=0
18:42:48.677560 [1-1] * [HTTPS-CONNECT] connect -> 0, done=0
18:42:48.677624 [1-1] * [HTTPS-CONNECT] adjust_pollset -> 1 socks
18:42:48.677682 [1-1] * [HTTPS-CONNECT] adjust_pollset -> 1 socks
18:42:48.689572 [1-1] * [HTTPS-CONNECT] connect, check h21
18:42:48.689663 [1-1] * [SSL] cf_connect()
18:42:48.689727 [1-1] * [TCP] nw_in_read(len=5) -> 5, err=0
18:42:48.689776 [1-1] * [TCP] recv(len=5) -> 5, err=0
18:42:48.689826 [1-1] * [SSL] ossl_bio_cf_in_read(len=5) -> 5, err=0
18:42:48.689879 [1-1] * [TCP] nw_in_read(len=122) -> 122, err=0
18:42:48.689928 [1-1] * [TCP] recv(len=122) -> 122, err=0
18:42:48.689977 [1-1] * [SSL] ossl_bio_cf_in_read(len=122) -> 122, err=0
18:42:48.690060 [1-1] * TLSv1.3 (IN), TLS handshake, Server hello (2):
18:42:48.690466 [1-1] * [TCP] nw_in_read(len=5) -> 5, err=0
18:42:48.690520 [1-1] * [TCP] recv(len=5) -> 5, err=0
18:42:48.690591 [1-1] * [SSL] ossl_bio_cf_in_read(len=5) -> 5, err=0
18:42:48.690645 [1-1] * [TCP] nw_in_read(len=1) -> 1, err=0
18:42:48.690697 [1-1] * [TCP] recv(len=1) -> 1, err=0
18:42:48.690747 [1-1] * [SSL] ossl_bio_cf_in_read(len=1) -> 1, err=0
18:42:48.690800 [1-1] * [TCP] nw_in_read(len=5) -> 5, err=0
18:42:48.690851 [1-1] * [TCP] recv(len=5) -> 5, err=0
18:42:48.690901 [1-1] * [SSL] ossl_bio_cf_in_read(len=5) -> 5, err=0
18:42:48.690954 [1-1] * [TCP] nw_in_read(len=42) -> 42, err=0
18:42:48.691004 [1-1] * [TCP] recv(len=42) -> 42, err=0
18:42:48.691055 [1-1] * [SSL] ossl_bio_cf_in_read(len=42) -> 42, err=0
18:42:48.691117 [1-1] * TLSv1.3 (IN), TLS handshake, Encrypted Extensions (8):
18:42:48.691177 [1-1] * [TCP] nw_in_read(len=5) -> 5, err=0
18:42:48.691239 [1-1] * [TCP] recv(len=5) -> 5, err=0
18:42:48.691289 [1-1] * [SSL] ossl_bio_cf_in_read(len=5) -> 5, err=0
18:42:48.691350 [1-1] * [TCP] nw_in_read(len=2527) -> 2527, err=0
18:42:48.691408 [1-1] * [TCP] recv(len=2527) -> 2527, err=0
18:42:48.691464 [1-1] * [SSL] ossl_bio_cf_in_read(len=2527) -> 2527, err=0
18:42:48.691559 [1-1] * TLSv1.3 (IN), TLS handshake, Certificate (11):
18:42:48.692197 [1-1] * [TCP] nw_in_read(len=5) -> 5, err=0
18:42:48.692262 [1-1] * [TCP] recv(len=5) -> 5, err=0
18:42:48.692361 [1-1] * [SSL] ossl_bio_cf_in_read(len=5) -> 5, err=0
18:42:48.692416 [1-1] * [TCP] nw_in_read(len=537) -> 537, err=0
18:42:48.692470 [1-1] * [TCP] recv(len=537) -> 537, err=0
18:42:48.692524 [1-1] * [SSL] ossl_bio_cf_in_read(len=537) -> 537, err=0
18:42:48.692588 [1-1] * TLSv1.3 (IN), TLS handshake, CERT verify (15):
18:42:48.692856 [1-1] * [TCP] nw_in_read(len=5) -> 5, err=0
18:42:48.692907 [1-1] * [TCP] recv(len=5) -> 5, err=0
18:42:48.692961 [1-1] * [SSL] ossl_bio_cf_in_read(len=5) -> 5, err=0
18:42:48.693021 [1-1] * [TCP] nw_in_read(len=69) -> 69, err=0
18:42:48.693072 [1-1] * [TCP] recv(len=69) -> 69, err=0
18:42:48.693125 [1-1] * [SSL] ossl_bio_cf_in_read(len=69) -> 69, err=0
18:42:48.693196 [1-1] * TLSv1.3 (IN), TLS handshake, Finished (20):
18:42:48.693295 [1-1] * TLSv1.3 (OUT), TLS change cipher, Change cipher spec (1):
18:42:48.693372 [1-1] * TLSv1.3 (OUT), TLS handshake, Finished (20):
18:42:48.693738 [1-1] * [TCP] send(len=80) -> 80, err=0
18:42:48.693837 [1-1] * [SSL] ossl_bio_cf_out_write(len=80) -> 80, err=0
18:42:48.693976 [1-1] * SSL connection using TLSv1.3 / TLS_AES_256_GCM_SHA384 / X25519 / RSASSA-PSS
18:42:48.694081 [1-1] * ALPN: server accepted http/1.1
18:42:48.694184 [1-1] * Server certificate:
...
18:42:48.694751 [1-1] * SSL certificate verify result: unable to get local issuer certificate (20), continuing anyway.
18:42:48.694868 [1-1] * Certificate level 0: Public key type RSA (4096/152 Bits/secBits), signed using sha256WithRSAEncryption
18:42:48.694969 [1-1] * [SSL] cf_connect() -> 0, done=1
18:42:48.695071 [1-1] * [HTTPS-CONNECT] connect+handshake h21: 22ms, 1st data: 16ms
18:42:48.695169 [1-1] * using HTTP/1.x
18:42:48.695276 [1-1] * [HTTPS-CONNECT] connect -> 0, done=1
18:42:48.695460 [1-1] * Server auth using AWS_SIGV4 with user '4nnTgm...'
18:42:48.700177 [1-1] * [TCP] send(len=466) -> 466, err=0
18:42:48.700385 [1-1] * [SSL] ossl_bio_cf_out_write(len=466) -> 466, err=0
18:42:48.700504 [1-1] > HEAD /bucket-name HTTP/1.1
18:42:48.700504 [1-1] > Host: S3-host.local
18:42:48.700504 [1-1] > Authorization: AWS4-HMAC-SHA256 Credential=4nnT...N/20240327/us-east-1/iam/aws4_request, SignedHeaders=host;x-amz-date, Signature=7b5b54...
18:42:48.700504 [1-1] > X-Amz-Date: 20240327T184248Z
18:42:48.700504 [1-1] > User-Agent: curl/8.6.0
18:42:48.700504 [1-1] > Accept: */*
18:42:48.700504 [1-1] >
18:42:48.701705 [1-1] * [TCP] nw_in_read(len=5) -> 5, err=0
18:42:48.701922 [1-1] * [TCP] recv(len=5) -> 5, err=0
18:42:48.702118 [1-1] * [SSL] ossl_bio_cf_in_read(len=5) -> 5, err=0
18:42:48.702310 [1-1] * [TCP] nw_in_read(len=74) -> 74, err=0
18:42:48.702506 [1-1] * [TCP] recv(len=74) -> 74, err=0
18:42:48.702675 [1-1] * [SSL] ossl_bio_cf_in_read(len=74) -> 74, err=0
18:42:48.702948 [1-1] * TLSv1.3 (IN), TLS handshake, Newsession Ticket (4):
18:42:48.703979 [1-1] * [TCP] nw_in_read(len=5) -> 5, err=0
18:42:48.704162 [1-1] * [TCP] recv(len=5) -> 5, err=0
18:42:48.704257 [1-1] * [SSL] ossl_bio_cf_in_read(len=5) -> 5, err=0
18:42:48.704375 [1-1] * [TCP] nw_in_read(len=74) -> 74, err=0
18:42:48.704464 [1-1] * [TCP] recv(len=74) -> 74, err=0
18:42:48.704606 [1-1] * [SSL] ossl_bio_cf_in_read(len=74) -> 74, err=0
18:42:48.704724 [1-1] * TLSv1.3 (IN), TLS handshake, Newsession Ticket (4):
18:42:48.704849 [1-1] * old SSL session ID is stale, removing
18:42:48.704943 [1-1] * [TCP] nw_in_read(len=5) -> -1, err=81
18:42:48.705059 [1-1] * [TCP] recv(len=5) -> -1, err=81
18:42:48.705194 [1-1] * [SSL] ossl_bio_cf_in_read(len=5) -> -1, err=81
18:42:48.705303 [1-1] * [SSL] cf_recv(len=102400) -> -1, 81
18:42:48.724784 [1-1] * [TCP] nw_in_read(len=5) -> 5, err=0
18:42:48.724853 [1-1] * [TCP] recv(len=5) -> 5, err=0
18:42:48.724903 [1-1] * [SSL] ossl_bio_cf_in_read(len=5) -> 5, err=0
18:42:48.724959 [1-1] * [TCP] nw_in_read(len=546) -> 546, err=0
18:42:48.725009 [1-1] * [TCP] recv(len=546) -> 546, err=0
18:42:48.725058 [1-1] * [SSL] ossl_bio_cf_in_read(len=546) -> 546, err=0
18:42:48.725138 [1-1] * [TCP] nw_in_read(len=5) -> -1, err=81
18:42:48.725187 [1-1] * [TCP] recv(len=5) -> -1, err=81
18:42:48.725237 [1-1] * [SSL] ossl_bio_cf_in_read(len=5) -> -1, err=81
18:42:48.725290 [1-1] * [SSL] cf_recv(len=102400) -> 529, 0
18:42:48.725350 [1-1] < HTTP/1.1 200 OK
HTTP/1.1 200 OK
18:42:48.725412 [1-1] < Server: Angie
Server: Angie
18:42:48.725469 [1-1] < Date: Wed, 27 Mar 2024 18:42:48 GMT
Date: Wed, 27 Mar 2024 18:42:48 GMT
18:42:48.725527 [1-1] < Content-Length: 0
Content-Length: 0
18:42:48.725580 [1-1] < Connection: keep-alive
Connection: keep-alive
18:42:48.725634 [1-1] < Accept-Ranges: bytes
Accept-Ranges: bytes
18:42:48.725687 [1-1] < X-Amz-Bucket-Region: default
X-Amz-Bucket-Region: default
18:42:48.725740 [1-1] < X-Amz-Request-Id: 80accb5b-51fe-478d-b51d-8770f02a2669
X-Amz-Request-Id: 80accb5b-51fe-478d-b51d-8770f02a2669
18:42:48.725793 [1-1] < X-Container-Id: 6TR ...
X-Container-Id: 6TR...
18:42:48.725846 [1-1] < X-Container-Name: bucket-name
X-Container-Name: bucket-name
18:42:48.725900 [1-1] < X-Container-Zone: container
X-Container-Zone: container
18:42:48.725953 [1-1] < X-Owner-Id: NMday8
X-Owner-Id: NMu
18:42:48.726014 [1-1] < Strict-Transport-Security: max-age=63072000
Strict-Transport-Security: max-age=63072000
18:42:48.726239 [1-1] <
18:42:48.726298 [1-1] * Connection #1 to host S3-host.local left intact
Как видно - тут дата распознана верно:
18:42:48.725350 [1-1] < HTTP/1.1 200 OK
HTTP/1.1 200 OK
18:42:48.725412 [1-1] < Server: Angie
Server: Angie
18:42:48.725469 [1-1] < Date: Wed, 27 Mar 2024 18:42:48 GMT
Date: Wed, 27 Mar 2024 18:42:48 GMT
18:42:48.725527 [1-1] < Content-Length: 0
Content-Length: 0
Бинарный файл собрал в среде Yocto 4, никаких проблем с ним (версия 1.4.0) не было, все работает как надо.
Никаких проблем более не наблюдается.
Буду признателен за помощь.