Site Navigation

Date:      Wed, 12 Dec 2018 00:09:37 -0500
From:      Jung-uk Kim <jkim@FreeBSD.org>
To:        Cy Schubert <cy@FreeBSD.org>, src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org
Subject:   Re: svn commit: r341759 - in head: contrib/wpa contrib/wpa/hostapd contrib/wpa/hs20/client contrib/wpa/src/ap contrib/wpa/src/common contrib/wpa/src/crypto contrib/wpa/src/drivers contrib/wpa/src/eap_c...
Message-ID:  <c7e11559-8619-e65a-f71a-f4ea09d8b8b0@FreeBSD.org>
In-Reply-To: <201812090645.wB96jnso066329@repo.freebsd.org>
References:  <201812090645.wB96jnso066329@repo.freebsd.org>

---

next in thread | previous in thread | raw e-mail | index | archive | help

---

This is an OpenPGP/MIME signed message (RFC 4880 and 3156)
--1WzVlQChcwPiBmKooCiYuMNrbS28KVujs
Content-Type: multipart/mixed; boundary="mK5ijTqRdq36SSbJEKLOKtLDhMyjY2IRB";
 protected-headers="v1"
From: Jung-uk Kim <jkim@FreeBSD.org>
To: Cy Schubert <cy@FreeBSD.org>, src-committers@freebsd.org,
 svn-src-all@freebsd.org, svn-src-head@freebsd.org
Message-ID: <c7e11559-8619-e65a-f71a-f4ea09d8b8b0@FreeBSD.org>
Subject: Re: svn commit: r341759 - in head: contrib/wpa contrib/wpa/hostapd
 contrib/wpa/hs20/client contrib/wpa/src/ap contrib/wpa/src/common
 contrib/wpa/src/crypto contrib/wpa/src/drivers contrib/wpa/src/eap_c...
References: <201812090645.wB96jnso066329@repo.freebsd.org>
In-Reply-To: <201812090645.wB96jnso066329@repo.freebsd.org>

--mK5ijTqRdq36SSbJEKLOKtLDhMyjY2IRB
Content-Type: multipart/mixed;
 boundary="------------875BC694AF1AFD327ADF2704"
Content-Language: en-US

This is a multi-part message in MIME format.
--------------875BC694AF1AFD327ADF2704
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: quoted-printable

On 18. 12. 9., Cy Schubert wrote:
> Author: cy
> Date: Sun Dec  9 06:45:49 2018
> New Revision: 341759
> URL: https://svnweb.freebsd.org/changeset/base/341759
>=20
> Log:
>   MFV r341618:
>  =20
>   Update wpa 2.6 --> 2.7.

=2E..

This broke my network configuration and I found the following messages
from /dev/log/message.

=2E.. bge0: CTRL-EVENT-EAP-PROPOSED-METHOD vendor=3D0 method=3D25
=2E.. bge0: CTRL-EVENT-EAP-METHOD EAP vendor 0 method 25 (PEAP) selected
=2E.. SSL: SSL3 alert: write (local SSL3 detected an error):fatal:interna=
l
error
=2E.. OpenSSL: openssl_handshake - SSL_connect error:141A90B5:SSL
routines:ssl_cipher_list_to_bytes:no ciphers available
=2E.. bge0: CTRL-EVENT-EAP-FAILURE EAP authentication failed

I tracked it down and found default ciphers were not set because
usr.sbin/wpa/Makefile.inc added an empty string, i.e.,
-DTLS_DEFAULT_CIPHERS=3D\"\".

With the attached patch, I got my connection back.

Jung-uk Kim

--------------875BC694AF1AFD327ADF2704
Content-Type: text/x-patch;
 name="wpa.diff"
Content-Transfer-Encoding: quoted-printable
Content-Disposition: attachment;
 filename="wpa.diff"

Index: usr.sbin/wpa/Makefile.inc
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D
--- usr.sbin/wpa/Makefile.inc	(revision 341826)
+++ usr.sbin/wpa/Makefile.inc	(working copy)
@@ -32,6 +32,6 @@ CFLAGS+=3D-I${WPA_DISTDIR}/src/wps
 CFLAGS+=3D -DCONFIG_CTRL_IFACE
 CFLAGS+=3D -DCONFIG_CTRL_IFACE_UNIX
 CFLAGS+=3D -DNEED_AP_MLME
-CFLAGS+=3D -DTLS_DEFAULT_CIPHERS=3D\"$(CONFIG_TLS_DEFAULT_CIPHERS)\"
+CFLAGS+=3D -DTLS_DEFAULT_CIPHERS=3D\"DEFAULT:!EXP:!LOW\"
=20
 .include <bsd.own.mk>

--------------875BC694AF1AFD327ADF2704--

--mK5ijTqRdq36SSbJEKLOKtLDhMyjY2IRB--

--1WzVlQChcwPiBmKooCiYuMNrbS28KVujs
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: OpenPGP digital signature
Content-Disposition: attachment; filename="signature.asc"

-----BEGIN PGP SIGNATURE-----

iQEzBAEBCAAdFiEEl1bqgKaRyqfWXu/CfJ+WJvzb8UYFAlwQmB0ACgkQfJ+WJvzb
8UZPCQf/fGCa42t3K+WY98wae6F1bhEVVnSqV7/VgsvT35JjiOYD5HsTHRYIauXq
Bwi3LSLT7fOgJVGP4qSpNNUuHYY2u+wEYMkDuZhY9MQWg7dCx0B7L/or6ChECMQ0
qybutZ8YcHSEVavpmg8V8n1nT09ja4pe7/GDm9+tsjHBwbl1myOL5kqkALXS9sZl
FwCsUKsfOGnishvFydn6Yanlum23NZQ3a+cr4XkJGjtxR8ouI6cgLS5IlgdbcUb2
mzLNkK/MHtxVvQPDw26Y6H2ca0UOy++D0o4nJb7wnj/v1Fan1XczfhqerDA/+Pnr
S5IBKd+F0jqi8tV+DlCj3b4hJqfi4A==
=3nnk
-----END PGP SIGNATURE-----

--1WzVlQChcwPiBmKooCiYuMNrbS28KVujs--

---

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?c7e11559-8619-e65a-f71a-f4ea09d8b8b0>

Legal Notices | © 1995-2024 The FreeBSD Project. All rights reserved.

Contact