supplicant's response to a corrupted server hello message
jkmaline at cc.hut.fi
Wed Dec 6 23:11:54 EST 2006
On Tue, Dec 05, 2006 at 05:26:30PM -0800, Andrew wrote:
> I think I got a wrong response from wpa_supplicant(version 0.4.8) to a
> corrupted server hello message. The below is the log. And the response
> message is 023c000d150015000000020246. The FreeRadius server says the
> the tls version is wrong. Has any one seen this problem before? And how
> to fix it?
Can you reproduce this issue? Would it be possible to get more complete
debug log showing hexdump of the TLS messages?
> SSL: SSL3 alert: write (local SSL3 detected an error):fatal:protocol
This is OpenSSL saying that the received TLS packet was invalid.
> SSL: 7 bytes left to be sent out (of total 7 bytes)
And this is the TLS alert message from OpenSSL. these 7 bytes are the
last seven bytes in the message above.. For some reason the TLS version
field is 0000 which sounds a bit odd. Other than that, it looks like a
valid TLS alert. Anyway, this is from OpenSSL and wpa_supplicant is
forwarding it unmodified.
Jouni Malinen PGP id EFC895FA
More information about the HostAP