EAP-TLS problem
shantanu choudhary
shantanu_843
Mon Jun 11 01:20:37 PDT 2007
hello all,
earlier i was having problem of segmentation fault for wpa supplicant, that i have resolved(at least i think so, it was because i was not using xauth module of ath card). but now i am having a problem of validating CA, i am not able to validate server certificate.
i am sending u my wpa_supplicant result i hope u can help me out.
EAP-TLS: Requesting private key passphrase
CTRL-REQ-PASSPHRASE-0:Private key passphrase needed for SSID ATH183
CTRL_IFACE monitor send - hexdump(len=21): 2f 74 6d 70 2f 77 70 61 5f 63 74 72 6c 5f 37 30 39 36 2d 31 00
EAP: Failed to initialize EAP method: vendor 0 method 13 (TLS)
CTRL_IFACE monitor send - hexdump(len=21): 2f 74 6d 70 2f 77 70 61 5f 63 74 72 6c 5f 37 30 39 36 2d 31 00
EAP: Pending PIN/passphrase request - skip Nak
EAP: EAP entering
state SEND_RESPONSE
EAP: EAP entering state IDLE
RX ctrl_iface - hexdump_ascii(len=4):
50 49 4e 47 PING
RX ctrl_iface - hexdump_ascii(len=6):
53 54 41 54 55 53 STATUS
ioctl[SIOCGIFADDR]: Cannot assign requested address
RX ctrl_iface - hexdump_ascii(len=13):
4c 49 53 54 5f 4e 45 54 57 4f 52 4b
53 LIST_NETWORKS
RX ctrl_iface - hexdump_ascii(len=4):
50 49 4e 47 PING
RX ctrl_iface - hexdump_ascii(len=4):
50 49 4e 47 PING
EAPOL: startWhen --> 0
RX ctrl_iface - hexdump_ascii(len=4):
50 49 4e
47 PING
RX ctrl_iface - hexdump_ascii(len=4):
50 49 4e 47 PING
RX ctrl_iface - hexdump_ascii(len=30): [REMOVED]
CTRL_IFACE: field=PASSPHRASE id=0
CTRL_IFACE: value - hexdump_ascii(len=8): [REMOVED]
EAPOL: received control response (user input) notification - retrying pending EAP Request
EAP: EAP entering state RECEIVED
EAP: Received EAP-Request
id=1 method=13 vendor=0 vendorMethod=0
EAP: EAP entering state GET_METHOD
EAP: Initialize selected EAP method: vendor 0 method 13 (TLS)
TLS: Trusted root certificate(s) loaded
TLS - SSL error: error:0B07C065:x509 certificate routines:X509_STORE_add_cert:cert already in hash table
OpenSSL: tls_connection_client_cert - SSL_use_certificate_file (DER) failed error:0D0680A8:asn1 encoding routines:ASN1_CHECK_TLEN:wrong tag
OpenSSL: pending error: error:0D07803A:asn1 encoding routines:ASN1_ITEM_EX_D2I:nested asn1 error
OpenSSL: pending error: error:140C800D:SSL routines:SSL_use_certificate_file:ASN1 lib
OpenSSL: SSL_use_certificate_file (PEM) --> OK
OpenSSL: tls_connection_private_key - SSL_use_PrivateKey_File (DER) failed error:0D094065:asn1 encoding routines:d2i_ASN1_SET:bad class
OpenSSL: pending error: error:0D0680A8:asn1 encoding routines:ASN1_CHECK_TLEN:wrong tag
OpenSSL: pending error: error:0D07803A:asn1 encoding
routines:ASN1_ITEM_EX_D2I:nested asn1 error
OpenSSL: pending error: error:0D09A00D:asn1 encoding routines:d2i_PrivateKey:ASN1 lib
OpenSSL: pending error: error:140CB00D:SSL routines:SSL_use_PrivateKey_file:ASN1 lib
OpenSSL: SSL_use_PrivateKey_File (PEM) --> OK
SSL: Private key loaded successfully
CTRL-EVENT-EAP-METHOD EAP vendor 0 method 13 (TLS) selected
CTRL_IFACE monitor send - hexdump(len=21): 2f 74 6d 70 2f 77 70 61 5f 63 74 72 6c 5f 37 30 39 36 2d 31 00
EAP: EAP entering state METHOD
SSL: Received packet(len=6) - Flags 0x20
EAP-TLS: Start
SSL: SSL_connect - want more data
SSL: 101 bytes pending from ssl_out
SSL: 101 bytes left to be sent out (of total 101 bytes)
EAP: method process -> ignore=FALSE methodState=MAY_CONT decision=FAIL
EAP: EAP entering state SEND_RESPONSE
EAP: EAP entering state IDLE
EAPOL: SUPP_BE entering state RESPONSE
EAPOL: txSuppRsp
TX EAPOL - hexdump(len=111): 01 00 00 6b 02 01 00 6b 0d
00 16 03 01 00 60 01 00 00 5c 03 01 46 6d 06 4b cc 4f b2 ae eb 76 1c 1a ab 4f 82 ee 2f bd fd 8e 83 a6 c6 cd da 79 43 cb b4 07 97 13 00 00 34 00 39 00 38 00 35 00 16 00 13 00 0a 00 33 00 32 00 2f 00 66 00 05 00 04 00 63 00 62 00 61 00 15 00 12 00 09 00 65 00 64 00 60 00 14 00 11 00 08 00 06 00 03 02 01 00
EAPOL: SUPP_BE entering state RECEIVE
RX EAPOL from 00:03:7f:09:60:7e
------------------------------------------------------------------------------------------------------
EAPOL: Received EAP-Packet frame
EAPOL: SUPP_BE entering state REQUEST
EAPOL: getSuppRsp
EAP: EAP entering state RECEIVED
EAP: Received EAP-Request id=2 method=13 vendor=0 vendorMethod=0
EAP: EAP entering state METHOD
SSL: Received packet(len=1034) - Flags 0xc0
SSL: TLS Message Length: 1950
SSL: Need 926 bytes more input data
SSL: Building ACK
EAP: method process -> ignore=FALSE
methodState=MAY_CONT decision=FAIL
EAP: EAP entering state SEND_RESPONSE
EAP: EAP entering state IDLE
EAPOL: SUPP_BE entering state RESPONSE
EAPOL: txSuppRsp
TX EAPOL - hexdump(len=10): 01 00 00 06 02 02 00 06 0d 00
EAPOL: SUPP_BE entering state RECEIVE
RX EAPOL from 00:03:7f:09:60:7e
RX EAPOL - hexdump(len=940): 01 00 03 a8 01 03 03 a8 0d 80 00 00 07 9e 17 0d 30 36 30 31 32 34 31 33 32 36 30 37 5a 30 81 9f 31 0b 30 09 06 03 55 04 06 13 02 43 41 31 11 30 0f 06 03 55 04 08 13 08 50 72 6f 76 69 6e 63 65 31 12 30 10 06 03 55 04 07 13 09 53 6f 6d 65 20 43 69 74 79 31 15 30 13 06 03 55 04 0a 13 0c 4f 72 67 61 6e 69 7a 61 74 69 6f 6e 31 12 30 10 06 03 55 04 0b 13 09 6c 6f 63 61 6c 68 6f 73 74 31 1b 30 19 06 03 55 04 03 13 12 43 6c 69 65 6e 74 20 63 65 72 74 69 66 69 63 61 74 65 31 21 30 1f 06 09 2a 86 48 86 f7 0d 01 09 01 16 12 63 6c 69 65 6e 74 40 65 78 61 6d 70 6c 65 2e 63 6f 6d 30 81 9f 30 0d 06 09 2a 86 48 86 f7 0d 01 01 01 05 00 03 81 8d 00 30 81 89
02 81 81 00 d4 c5 b1 97 24 f1 64 ac f1 ff b1 89 db 1c 8f bf f4 f1 43 96 ea 7c b1 e9 0f 78 d6 94 51 72 53 77 89 5d fe 52 cc b9 9b 41 e8 0d de b5 8b 12 7a 94 3f 4f 58 cb c5 62 87 81 92 fb dc 6f ec e9 f8 71 e7 c1 30 d3 5c f5 18 88 17 e9 b1 33 24 9e dd 2a 1c 75 d3 10 43 ae 87 55 3c ec 7a 77 ef 26 aa 7d 74 28 1d b9 b7 7e 17 c6 44 6c 5d d9 b1 88 b4 32 50 ca 02 29 96 37 22 a1 23 a7 26 b0 0b 40 27 fd 02 03 01 00 01 a3 81 ff 30 81 fc 30 1d 06 03 55 1d 0e 04 16 04 14 68 d3 6d 3e 1e e7 bc 9d 5a 05 70 21 c3 63 da 13 65 d1 ad e3 30 81 cc 06 03 55 1d 23 04 81 c4 30 81 c1 80 14 68 d3 6d 3e 1e e7 bc 9d 5a 05 70 21 c3 63 da 13 65 d1 ad e3 a1 81 a5 a4 81 a2 30 81 9f 31 0b 30 09 06 03 55 04 06 13 02 43 41 31 11 30 0f 06 03 55 04 08 13 08 50 72 6f 76 69 6e 63 65 31 12 30 10 06 03 55 04 07 13 09 53 6f 6d 65 20 43 69 74 79 31 15 30 13 06 03 55 04 0a 13 0c 4f 72 67 61 6e 69 7a 61 74 69 6f 6e 31 12 30 10 06 03 55 04 0b 13 09 6c 6f 63 61 6c 68 6f 73 74 31 1b 30 19 06 03 55 04 03 13 12 43 6c 69 65
6e 74 20 63 65 72 74 69 66 69 63 61 74 65 31 21 30 1f 06 09 2a 86 48 86 f7 0d 01 09 01 16 12 63 6c 69 65 6e 74 40 65 78 61 6d 70 6c 65 2e 63 6f 6d 82 01 00 30 0c 06 03 55 1d 13 04 05 30 03 01 01 ff 30 0d 06 09 2a 86 48 86 f7 0d 01 01 04 05 00 03 81 81 00 33 c0 0b 66 b1 e5 79 ef 73 a0 67 98 25 2d ab 8d 5e 55 11 fc 00 fd 27 6d 80 d1 2f 83 47 77 c6 74 3f dc 27 43 fc a1 50 77 04 e4 bc 09 79 e4 f6 0a c3 ad 9e e8 3e 6f 34 73 69 22 9d 1f 77 22 9b a2 e9 82 35 9d a5 63 02 4a 00 16 3d ba 6d 6c 98 6c 0b ad 28 af 85 13 2f f8 f0 d7 65 01 bf 1b 7c 2d ff 65 8c e1 e6 2c 01 99 7b 6e 64 e3 e8 d4 37 33 54 ce 99 12 84 76 51 53 90 63 b8 5b bc 54 85 c5 16 03 01 00 b1 0d 00 00 a9 02 01 02 00 a4 00 a2 30 81 9f 31 0b 30 09 06 03 55 04 06 13 02 43 41 31 11 30 0f 06 03 55 04 08 13 08 50 72 6f 76 69 6e 63 65 31 12 30 10 06 03 55 04 07 13 09 53 6f 6d 65 20 43 69 74 79 31 15 30 13 06 03 55 04 0a 13 0c 4f 72 67 61 6e 69 7a 61 74 69 6f 6e 31 12 30 10 06 03 55 04 0b 13 09 6c 6f 63 61 6c 68 6f 73 74 31 1b
30 19 06 03 55 04 03 13 12 43 6c 69 65 6e 74 20 63 65 72 74 69 66 69 63 61 74 65 31 21 30 1f 06 09 2a 86 48 86 f7 0d 01 09 01 16 12 63 6c 69 65 6e 74 40 65 78 61 6d 70 6c 65 2e 63 6f 6d 0e 00 00 00
EAPOL: Received EAP-Packet frame
EAPOL: SUPP_BE entering state REQUEST
EAPOL: getSuppRsp
EAP: EAP entering state RECEIVED
EAP: Received EAP-Request id=3 method=13 vendor=0 vendorMethod=0
EAP: EAP entering state METHOD
SSL: Received packet(len=936) - Flags 0x80
SSL: TLS Message Length: 1950
TLS: Certificate verification failed, error 19 (self signed certificate in certificate chain) depth 1 for '/C=CA/ST=Province/L=Some City/O=Organization/OU=localhost/CN=Client certificate/emailAddress=client at example.com'
OpenSSL: tls_connection_handshake - SSL_connect error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed
SSL: 7 bytes pending from ssl_out
SSL: Failed - tls_out available to report error
SSL: 7 bytes left to be
sent out (of total 7 bytes)
EAP-TLS: TLS processing failed
EAP: method process -> ignore=FALSE methodState=DONE decision=FAIL
EAP: EAP entering state SEND_RESPONSE
EAP: EAP entering state IDLE
EAPOL: SUPP_BE entering state RESPONSE
EAPOL: txSuppRsp
TX EAPOL - hexdump(len=17): 01 00 00 0d 02 03 00 0d 0d 00 15 03 01 00 02 02 30
EAPOL: SUPP_BE entering state RECEIVE
regards
shantanu
Did you know? You can CHAT without downloading messenger. Know how!
Download prohibited? No problem! To chat from any browser without download, Click Here: http://in.messenger.yahoo.com/webmessengerpromo.php
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.shmoo.com/pipermail/hostap/attachments/20070611/124db6cb/attachment.htm
More information about the Hostap
mailing list