Connection issues with Android Marshmallow
Arran Cudbard-Bell
a.cudbardb at freeradius.org
Fri Oct 16 18:46:47 CEST 2015
> On Oct 16, 2015, at 9:34 AM, Alan DeKok <aland at deployingradius.com> wrote:
>
> On Oct 16, 2015, at 9:29 AM, Sebastian Hagedorn <Hagedorn at uni-koeln.de> wrote:
>>
>> I hope this isn't a dumb question ... I (successfully) tried eapol_test on a RHEL 6 system with OpenSSL openssl-1.0.1e-42.el6.x86_64 and FreeRadius 3.0.10 and was surprised that I didn't see TLSv1... at all.
>
> OpenSSL is pretty stingy in the information it gives to the application. FreeRADIUS also doesn't print out everything it can.
Yeah in this case those strings are coming from OpenSSL *sigh*. Even 'SSL negotiation finished successfully' comes from OpenSSL.
I've made it a bit better:
Fri Oct 16 12:41:21 2015 : Debug: (124) eap_peap: >>> send handshake [length 16], finished
Fri Oct 16 12:41:21 2015 : Debug: (124) eap_peap: TLS Accept: SSLv3 write finished A
Fri Oct 16 12:41:21 2015 : Debug: (124) eap_peap: TLS Accept: SSLv3 flush data
Fri Oct 16 12:41:21 2015 : Debug: (124) eap_peap: SSL negotiation finished successfully
Fri Oct 16 12:41:21 2015 : Debug: (124) eap_peap: TLS established with cipher suite: ECDHE-RSA-AES256-GCM-SHA384 TLSv1.2 Kx=ECDH Au=RSA Enc=AESGCM(256) Mac=AEAD
Fri Oct 16 12:41:21 2015 : Debug: (124) eap_peap: [eaptls process] = handled
Fri Oct 16 12:41:21 2015 : Debug: (124) eap: Sending EAP Request (code 1) ID 6 length 57
At least now you can check the protocol version in the cipher to be sure.
Again OpenSSL provides the string, which is why there's the random whitespace :(
-Arran
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 842 bytes
Desc: Message signed with OpenPGP using GPGMail
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20151016/cc79ab05/attachment.sig>
More information about the Freeradius-Users
mailing list