On 1 Apr 2016, at 12:34, Jouni Malinen wrote:
On Fri, Apr 01, 2016 at 11:37:40AM +0200, Thomas Rosenstein wrote:
OpenSSL Version is 1.0.1k-fips 8 Jan 2015 from Fedora 22.
Any idea which version they changed it?
The issue I was thinking of was fixed with this commit:
https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=4fdf917
It was present in OpenSSL 1.0.1f but should be fixed in 1.0.1h and I'd
assume that would include 1.0.1k in Fedora if that really is based on
1.0.1k and not just some important fixes being pulled into an earlier
snapshot. I think this issue is still present in the Ubuntu 14.04
package for example, but that is identified as 1.0.1f-1ubuntu2.18.
It's identified as package openssl.x86_64 1:1.0.1k-14.fc22
So if it is not that one, then something else.. Which TLS cipher suite
are you using here and what kind of X.509 certificate(s) (mainly, the
signature algorithms)?
sha256WithRSAEncryption
It's a public certificate, other side is openssl from NodeJS.
I'm now using TLSv1_server_method to mitigate the issue (since it only
happens with TLS1.2) before that I used TLS_method as secureProtocol
method.
Please note that the hash function changes and
the wpa_supplicant implementation of the internal key derivation does
not support this correctly for some cases (which is one of the reason
for that use of SSL_export_keying_material() being used in the first
place).
I'm only aware of the change SHA1-MD5 -> SHA256 with the transition from
TLS1.1 to TLS1.2.
Are there other algorithms in use?
I know that with 2.3 the TLS1.2 was not implemented correctly, with 2.5
I believe there's a commit adding the functionality.
--
Jouni Malinen PGP id
EFC895FA
Thomas
_______________________________________________
Hostap mailing list
Hostap@xxxxxxxxxxxxxxxxxxx
http://lists.infradead.org/mailman/listinfo/hostap
