From owner-svn-src-head@freebsd.org Wed Dec 12 05:09:50 2018 Return-Path: Delivered-To: svn-src-head@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 973E4132C512; Wed, 12 Dec 2018 05:09:50 +0000 (UTC) (envelope-from jkim@FreeBSD.org) Received: from smtp.freebsd.org (smtp.freebsd.org [96.47.72.83]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) server-signature RSA-PSS (4096 bits) client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "smtp.freebsd.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 3A10C71EED; Wed, 12 Dec 2018 05:09:50 +0000 (UTC) (envelope-from jkim@FreeBSD.org) Received: from freefall.freebsd.org (static-71-168-218-4.cmdnnj.fios.verizon.net [71.168.218.4]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client did not present a certificate) (Authenticated sender: jkim/mail) by smtp.freebsd.org (Postfix) with ESMTPSA id F205C2107; Wed, 12 Dec 2018 05:09:49 +0000 (UTC) (envelope-from jkim@FreeBSD.org) Subject: Re: svn commit: r341759 - in head: contrib/wpa contrib/wpa/hostapd contrib/wpa/hs20/client contrib/wpa/src/ap contrib/wpa/src/common contrib/wpa/src/crypto contrib/wpa/src/drivers contrib/wpa/src/eap_c... To: Cy Schubert , src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org References: <201812090645.wB96jnso066329@repo.freebsd.org> From: Jung-uk Kim Openpgp: preference=signencrypt Autocrypt: addr=jkim@FreeBSD.org; prefer-encrypt=mutual; keydata= xsBNBFJBztUBCAChqNyGqmFuNo0U7MBzsD+q/G6Cv0l7LGVrOAsgh34M8wIWhD+tztDWMVfn AhxNDd0ceCj2bYOe67sTQxAScEcbt2FfvPOLp9MEXb9qohZj172Gwkk7dnhOhZZKhVGVZKM4 NcsuBDUzgf4f3Vdzj4wg6WlqplnTZo8lPE4hZWvZHoFIyunPTJWenybeV1xnxK7JkUdSvQR0 fA59RfTTECMwTrSEfYGUnxIDBraxJ7Ecs/0hGQ7sljIj8WBvlRDU5fU1xfF35aw56T8POQRq F4E6RVJW3YGuTpSwgtGZOTfygcLRhAiq3dFC3JNLaTVTpM8PjOinJyt9AU6RoITGOKwDABEB AAHNHkp1bmctdWsgS2ltIDxqa2ltQEZyZWVCU0Qub3JnPsLAfQQTAQoAJwUCUkHO1QIbAwUJ E0/POwULCQgHAwUVCgkICwUWAgMBAAIeAQIXgAAKCRB8n5Ym/NvxRqyzB/wL7QtsIpeGfGIA ZPMtgXMucM3NWzomyQMln2j2efUkDKthzh9jBxgF53TjOr7imwIt0PT2k1bqctPrq5IRqnu9 mGroqaCLE3LG2/E3jEaao4k9PO6efwlioyivUo5NrqIQOQ4k3EAXw7d2y0Dk1VpTgdMrnUAB hj7lGlLqS4ydcrf24DdbCRGdEQwqd9DBeBgbWynxAJMgbZBhYVEyIHuQKkJ8qY0ibIPXXuF0 KYDeH0qUHtWV2K3srNyPtymUkBQD84Pl1GWRYx05XdUHDmnX0JV3lg0BfYJZgZv0ehPQrMfY Fd9abTkf9FHQYz1JtsC8wUuRgqElRd6+YAGf8Tt9zsBNBFJBztUBCADLtSrP44El2VoJmH14 OFrlOgxzZnbn+Y/Gf1k12mJBiR+A+pBeRLD50p7AiTrjHRxO3cHcl9Dh0uf1VSbXgp8Or0ye iP/86fZPd4k5HXNmDTLL0HecPE08SCqGZ0W8vllQrokB1QxxRUB+fFMPJyMCjDAZ7P9fFTOS dTw1bJSTtOD8Sx8MpZUa9ti06bXFlVYDlaqSdgk181SSx+ZbSKkQR8CIMARlHwiLsa3Z9q9O EJr20HPyxe0AlTvwvFndH61hg7ds63eRvglwRnNON28VXO/lvKXq7Br/CiiyhFdKfINIx2Z5 htYq22tgGTW7mBURbIKoECFBTX9Lv6BXz6w9ABEBAAHCwGUEGAEKAA8FAlJBztUCGwwFCRNP zzsACgkQfJ+WJvzb8UZcJQf+IsTCxUEqY7W/pT84sMg5/QD3s6ufTRncvq14fEOxCNq1Rf4Q 9P+tOFa8GZfKDGB2BFGIrW7uT5mlmKdK1vO6ZIA930y5kUsnCmBUEBJkE2ciSQk01aB/1o62 Q3Gk/F6BwtNY9OXiqF7AcAo+K/BMIaqb26QKeh+IIgK1NN9dQiq3ByTbl4zpGZa6MmsnnRTu mzGKt2nkz7vBzH6+hZp1OzGZikgjjhYWVFoJo1dvf/rv4obs0ZJEqFPQs/1Qa1dbkKBv6odB XJpPH0ssOluTY24d1XxTiKTwmWvHeQkOKRAIfD7VTtF4TesoZYkf7hsh3e3VwXhptSLFnEOi WwYofg== Message-ID: Date: Wed, 12 Dec 2018 00:09:37 -0500 User-Agent: Mozilla/5.0 (X11; FreeBSD amd64; rv:60.0) Gecko/20100101 Thunderbird/60.3.3 MIME-Version: 1.0 In-Reply-To: <201812090645.wB96jnso066329@repo.freebsd.org> Content-Type: multipart/signed; micalg=pgp-sha256; protocol="application/pgp-signature"; boundary="1WzVlQChcwPiBmKooCiYuMNrbS28KVujs" X-Rspamd-Queue-Id: 3A10C71EED X-Spamd-Bar: / Authentication-Results: mx1.freebsd.org X-Spamd-Result: default: False [-0.34 / 15.00]; local_wl_from(0.00)[FreeBSD.org]; NEURAL_HAM_SHORT(-0.34)[-0.335,0]; ASN(0.00)[asn:11403, ipnet:96.47.64.0/20, country:US] X-BeenThere: svn-src-head@freebsd.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: SVN commit messages for the src tree for head/-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 12 Dec 2018 05:09:50 -0000 This is an OpenPGP/MIME signed message (RFC 4880 and 3156) --1WzVlQChcwPiBmKooCiYuMNrbS28KVujs Content-Type: multipart/mixed; boundary="mK5ijTqRdq36SSbJEKLOKtLDhMyjY2IRB"; protected-headers="v1" From: Jung-uk Kim To: Cy Schubert , src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org Message-ID: Subject: Re: svn commit: r341759 - in head: contrib/wpa contrib/wpa/hostapd contrib/wpa/hs20/client contrib/wpa/src/ap contrib/wpa/src/common contrib/wpa/src/crypto contrib/wpa/src/drivers contrib/wpa/src/eap_c... References: <201812090645.wB96jnso066329@repo.freebsd.org> In-Reply-To: <201812090645.wB96jnso066329@repo.freebsd.org> --mK5ijTqRdq36SSbJEKLOKtLDhMyjY2IRB Content-Type: multipart/mixed; boundary="------------875BC694AF1AFD327ADF2704" Content-Language: en-US This is a multi-part message in MIME format. --------------875BC694AF1AFD327ADF2704 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable On 18. 12. 9., Cy Schubert wrote: > Author: cy > Date: Sun Dec 9 06:45:49 2018 > New Revision: 341759 > URL: https://svnweb.freebsd.org/changeset/base/341759 >=20 > Log: > MFV r341618: > =20 > Update wpa 2.6 --> 2.7. =2E.. This broke my network configuration and I found the following messages from /dev/log/message. =2E.. bge0: CTRL-EVENT-EAP-PROPOSED-METHOD vendor=3D0 method=3D25 =2E.. bge0: CTRL-EVENT-EAP-METHOD EAP vendor 0 method 25 (PEAP) selected =2E.. SSL: SSL3 alert: write (local SSL3 detected an error):fatal:interna= l error =2E.. OpenSSL: openssl_handshake - SSL_connect error:141A90B5:SSL routines:ssl_cipher_list_to_bytes:no ciphers available =2E.. bge0: CTRL-EVENT-EAP-FAILURE EAP authentication failed I tracked it down and found default ciphers were not set because usr.sbin/wpa/Makefile.inc added an empty string, i.e., -DTLS_DEFAULT_CIPHERS=3D\"\". With the attached patch, I got my connection back. Jung-uk Kim --------------875BC694AF1AFD327ADF2704 Content-Type: text/x-patch; name="wpa.diff" Content-Transfer-Encoding: quoted-printable Content-Disposition: attachment; filename="wpa.diff" Index: usr.sbin/wpa/Makefile.inc =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D --- usr.sbin/wpa/Makefile.inc (revision 341826) +++ usr.sbin/wpa/Makefile.inc (working copy) @@ -32,6 +32,6 @@ CFLAGS+=3D-I${WPA_DISTDIR}/src/wps CFLAGS+=3D -DCONFIG_CTRL_IFACE CFLAGS+=3D -DCONFIG_CTRL_IFACE_UNIX CFLAGS+=3D -DNEED_AP_MLME -CFLAGS+=3D -DTLS_DEFAULT_CIPHERS=3D\"$(CONFIG_TLS_DEFAULT_CIPHERS)\" +CFLAGS+=3D -DTLS_DEFAULT_CIPHERS=3D\"DEFAULT:!EXP:!LOW\" =20 .include --------------875BC694AF1AFD327ADF2704-- --mK5ijTqRdq36SSbJEKLOKtLDhMyjY2IRB-- --1WzVlQChcwPiBmKooCiYuMNrbS28KVujs Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc" -----BEGIN PGP SIGNATURE----- iQEzBAEBCAAdFiEEl1bqgKaRyqfWXu/CfJ+WJvzb8UYFAlwQmB0ACgkQfJ+WJvzb 8UZPCQf/fGCa42t3K+WY98wae6F1bhEVVnSqV7/VgsvT35JjiOYD5HsTHRYIauXq Bwi3LSLT7fOgJVGP4qSpNNUuHYY2u+wEYMkDuZhY9MQWg7dCx0B7L/or6ChECMQ0 qybutZ8YcHSEVavpmg8V8n1nT09ja4pe7/GDm9+tsjHBwbl1myOL5kqkALXS9sZl FwCsUKsfOGnishvFydn6Yanlum23NZQ3a+cr4XkJGjtxR8ouI6cgLS5IlgdbcUb2 mzLNkK/MHtxVvQPDw26Y6H2ca0UOy++D0o4nJb7wnj/v1Fan1XczfhqerDA/+Pnr S5IBKd+F0jqi8tV+DlCj3b4hJqfi4A== =3nnk -----END PGP SIGNATURE----- --1WzVlQChcwPiBmKooCiYuMNrbS28KVujs--