Can't connec to PEAP anymore on current Ubuntu (2.10 built with openssl3)

Sebastien Bacher seb128 at ubuntu.com
Thu Mar 17 03:50:02 PDT 2022


We also have another report about connecting to  eduroam failing, 
https://bugs.launchpad.net/ubuntu/+source/wpa/+bug/1958267

The log from that one, https://launchpadlibrarian.net/589472756/log.txt 
includes

```
SSL: SSL3 alert: write (local SSL3 detected an error):fatal:handshake 
failure
EAP: Status notification: local TLS alert (param=handshake failure)
SSL: (where=0x1002 ret=0xffffffff)
SSL: SSL_connect:error in error
OpenSSL: openssl_handshake - SSL_connect error:0A000152:SSL 
routines::unsafe legacy renegotiation disabled
SSL: 7 bytes pending from ssl_out
SSL: Using TLS version TLSv1.2
SSL: Failed - tls_out available to report error (len=7)
SSL: 7 bytes left to be sent out (of total 7 bytes)
EAP-PEAP: TLS processing failed
```

Cheers,
Sebastien Bacher

Le 17/03/2022 à 11:44, Sebastien Bacher a écrit :
> Hey there,
>
> Ubuntu switched to openssl3 by default for its incoming LTS and we 
> started received reports that connect to PEAP wifis isn't working for 
> some users. Our version of wpa is 2.10
>
> One such report, 
> https://bugs.launchpad.net/ubuntu/+source/wpa/+bug/1962541
>
> The wpa is coming from Debian without change and an user reported that 
> installing the Debian build (which is still using openssl1) doesn't 
> have the issue
>
> The log has those errors
>
> wpa_supplicant[648]: SSL: SSL3 alert: write (local SSL3 detected an 
> error):fatal:internal error
> wpa_supplicant[648]: OpenSSL: openssl_handshake - SSL_connect 
> error:0A0C0103:SSL routines::internal error
> wpa_supplicant[648]: wlp4s0: CTRL-EVENT-EAP-FAILURE EAP authentication 
> failed
>
> A debug log is available on 
> https://bugs.launchpad.net/ubuntu/+source/wpa/+bug/1962541/+attachment/5569942/+files/wpa_supplicant.log
>
> Thanks,
> Sebastien Bacher
>
>



More information about the Hostap mailing list