wpa built with openssl3 can't connect to servers using TLS 1.1 or older
Stefan Paetow
Stefan.Paetow at jisc.ac.uk
Sun May 22 05:21:22 PDT 2022
Hi Sebastian,
See https://lists.infradead.org/pipermail/hostap/2022-May/040500.html
Jouni is adding/has added something to the code for that.
Stefan Paetow
Federated Roaming Technical Specialist
t: +44 (0)1235 822 125
e-mail/teams: stefan.paetow at jisc.ac.uk
gpg: 0x3FCE5142
On Mondays and Wednesdays, I am not available between 12:00 noon and 15:00.
In line with government advice, at Jisc we’re now working from home and our offices are currently closed. Read our statement on coronavirus <https://www.jisc.ac.uk/about/corporate/coronavirus-statement>.
jisc.ac.uk
Jisc is a registered charity (number 1149740) and a company limited by guarantee which is registered in England under Company No. 5747339, VAT No. GB 197 0632 86. Jisc’s registered office is: One Castlepark, Tower Hill, Bristol, BS2 0JA. T 0203 697 5800.
On 18/05/2022, 15:29, "Hostap on behalf of Sebastien Bacher" <hostap-bounces at lists.infradead.org on behalf of seb128 at ubuntu.com> wrote:
Hey there,
The issue has been reported downstream, it's a problem for legacy setups
but those don't seem rare from the users feedback
https://eur01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fbugs.debian.org%2Fcgi-bin%2Fbugreport.cgi%3Fbug%3D1011121&data=05%7C01%7Cstefan.paetow%40jisc.ac.uk%7Cde2d103422e64d3d926708da38da6afe%7C48f9394d8a144d2782a6f35f12361205%7C0%7C0%7C637884809710226705%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=o64iFZrtffIX5vk1A7vbMnZeBLlXZuQsGsY1qq8WMJo%3D&reserved=0
https://eur01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fbugs.launchpad.net%2Fubuntu%2F%2Bsource%2Fwpa%2F%2Bbug%2F1958267&data=05%7C01%7Cstefan.paetow%40jisc.ac.uk%7Cde2d103422e64d3d926708da38da6afe%7C48f9394d8a144d2782a6f35f12361205%7C0%7C0%7C637884809710226705%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=MPxxTW7P087I5WkmwrCfveVekpmwToGfqQ9fIBOwV6k%3D&reserved=0
https://eur01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fbugzilla.redhat.com%2Fshow_bug.cgi%3Fid%3D2069239&data=05%7C01%7Cstefan.paetow%40jisc.ac.uk%7Cde2d103422e64d3d926708da38da6afe%7C48f9394d8a144d2782a6f35f12361205%7C0%7C0%7C637884809710226705%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=vaMphCC0%2BUo%2Bla9ng2P1ybqPgFsCmFLjKa1akdcCCLw%3D&reserved=0
The authentification fails
> OpenSSL: openssl_handshake - SSL_connect error:0A0C0103:SSL
routines::internal error
Clemens Lang explained the issue
'these servers only offer TLS 1.1 or older, which uses MD5-SHA1 as
digest in its signature algorithm. Due to recent collision attacks on
SHA1, this no longer meets OpenSSL default level of security of 80 bits
(see https://eur01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fsha-mbles.github.io%2F&data=05%7C01%7Cstefan.paetow%40jisc.ac.uk%7Cde2d103422e64d3d926708da38da6afe%7C48f9394d8a144d2782a6f35f12361205%7C0%7C0%7C637884809710226705%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=EDVNnLJFBBBmHr9DZ%2BkoQ%2Bfzzu6m7W3uukVVFnZR%2Bqg%3D&reserved=0 <https://eur01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fsha-mbles.github.io%2F&data=05%7C01%7Cstefan.paetow%40jisc.ac.uk%7Cde2d103422e64d3d926708da38da6afe%7C48f9394d8a144d2782a6f35f12361205%7C0%7C0%7C637884809710226705%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=EDVNnLJFBBBmHr9DZ%2BkoQ%2Bfzzu6m7W3uukVVFnZR%2Bqg%3D&reserved=0>, which
reduced the chosen-prefix collision to 63.4 bits).
Fedora fixes the problem with those patches in openssl
https://eur01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fsrc.fedoraproject.org%2Frpms%2Fopenssl%2Fblob%2Ff36%2Ff%2F0049-Allow-disabling-of-SHA1-signatures.patch&data=05%7C01%7Cstefan.paetow%40jisc.ac.uk%7Cde2d103422e64d3d926708da38da6afe%7C48f9394d8a144d2782a6f35f12361205%7C0%7C0%7C637884809710226705%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=oRH8QL6J4ceTzUCBiSTzVTJ352golA0o%2F%2FvrYZpxG18%3D&reserved=0
https://eur01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fsrc.fedoraproject.org%2Frpms%2Fopenssl%2Fblob%2Ff36%2Ff%2F0052-Allow-SHA1-in-seclevel-1-if-rh-allow-sha1-signatures.patch&data=05%7C01%7Cstefan.paetow%40jisc.ac.uk%7Cde2d103422e64d3d926708da38da6afe%7C48f9394d8a144d2782a6f35f12361205%7C0%7C0%7C637884809710226705%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=BMUrSCcIX59CuUngiykoNQ9uTrE0h49JXzWzRWBqsbs%3D&reserved=0
There is an open discussion upstream about adding the option in
https://eur01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgithub.com%2Fopenssl%2Fopenssl%2Fissues%2F17662&data=05%7C01%7Cstefan.paetow%40jisc.ac.uk%7Cde2d103422e64d3d926708da38da6afe%7C48f9394d8a144d2782a6f35f12361205%7C0%7C0%7C637884809710226705%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=dJ2ZpAyzwDg%2FZjO9wLZTyIPjrU8dATeBe3MysbfdvH8%3D&reserved=0
Since it's likely to take time for the openssl change to be agreed on,
land and reach distribution I was wondering if wpa could do something to
help in those cases? Would it be possible to maybe default to SECLEVEL=0
for TLS <= 1.1 connections when building with openssl3?
Cheers,
Sebastien Bacher
_______________________________________________
Hostap mailing list
Hostap at lists.infradead.org
https://eur01.safelinks.protection.outlook.com/?url=http%3A%2F%2Flists.infradead.org%2Fmailman%2Flistinfo%2Fhostap&data=05%7C01%7Cstefan.paetow%40jisc.ac.uk%7Cde2d103422e64d3d926708da38da6afe%7C48f9394d8a144d2782a6f35f12361205%7C0%7C0%7C637884809710226705%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=izuQm2JVMyN3E1nVa%2FneRUmire7L%2BtDozkmSMkb0wPY%3D&reserved=0
More information about the Hostap
mailing list