Connection issues with Android Marshmallow

Arran Cudbard-Bell a.cudbardb at freeradius.org
Fri Oct 16 18:46:47 CEST 2015


> On Oct 16, 2015, at 9:34 AM, Alan DeKok <aland at deployingradius.com> wrote:
> 
> On Oct 16, 2015, at 9:29 AM, Sebastian Hagedorn <Hagedorn at uni-koeln.de> wrote:
>> 
>> I hope this isn't a dumb question ... I (successfully) tried eapol_test on a RHEL 6 system with OpenSSL openssl-1.0.1e-42.el6.x86_64 and FreeRadius 3.0.10 and was surprised that I didn't see TLSv1... at all.
> 
>  OpenSSL is pretty stingy in the information it gives to the application.  FreeRADIUS also doesn't print out everything it can.

Yeah in this case those strings are coming from OpenSSL *sigh*.  Even 'SSL negotiation finished successfully' comes from OpenSSL.

I've made it a bit better:

Fri Oct 16 12:41:21 2015 : Debug: (124) eap_peap: >>> send handshake [length 16], finished
Fri Oct 16 12:41:21 2015 : Debug: (124) eap_peap: TLS Accept: SSLv3 write finished A
Fri Oct 16 12:41:21 2015 : Debug: (124) eap_peap: TLS Accept: SSLv3 flush data
Fri Oct 16 12:41:21 2015 : Debug: (124) eap_peap: SSL negotiation finished successfully
Fri Oct 16 12:41:21 2015 : Debug: (124) eap_peap: TLS established with cipher suite: ECDHE-RSA-AES256-GCM-SHA384 TLSv1.2 Kx=ECDH     Au=RSA  Enc=AESGCM(256) Mac=AEAD
Fri Oct 16 12:41:21 2015 : Debug: (124) eap_peap: [eaptls process] = handled
Fri Oct 16 12:41:21 2015 : Debug: (124) eap: Sending EAP Request (code 1) ID 6 length 57

At least now you can check the protocol version in the cipher to be sure.

Again OpenSSL provides the string, which is why there's the random whitespace :(

-Arran
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 842 bytes
Desc: Message signed with OpenPGP using GPGMail
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20151016/cc79ab05/attachment.sig>


More information about the Freeradius-Users mailing list