1667841 – FreeRadius needs to be 3.0.17 or newer to allow wpa_supplicant from F29 to connect due to TLS 1.3 problems (tls_max_version = "1.2" also needs to be set)

Note: This is a public test instance of Red Hat Bugzilla. The data contained within is a snapshot of the live data so any changes you make will not be reflected in the production Bugzilla. Email is disabled so feel free to test any aspect of the site that you want. File any problems you find or give feedback at bugzilla.redhat.com.

Bug 1667841 - FreeRadius needs to be 3.0.17 or newer to allow wpa_supplicant from F29 to connect due to TLS 1.3 problems (tls_max_version = "1.2" also needs to be set)

Summary: FreeRadius needs to be 3.0.17 or newer to allow wpa_supplicant from F29 to co...

Keywords:
Status:	CLOSED CURRENTRELEASE
Alias:	None
Product:	Red Hat Enterprise Linux 8
Classification:	Red Hat
Component:	freeradius-3.0-module
Sub Component:
Version:	8.0
Hardware:	Unspecified
OS:	Unspecified
Priority:	urgent
Severity:	urgent
Target Milestone:	rc
Target Release:	8.0
Assignee:	Alex Scheel
QA Contact:	Ivan Nikolchev
Docs Contact:
URL:
Whiteboard:
Depends On:	1636811
Blocks:
TreeView+	depends on / blocked

Reported:	2019-01-21 09:39 UTC by Ivan Nikolchev
Modified:	2019-06-14 00:45 UTC (History)
CC List:	7 users (show)
Fixed In Version:
Doc Type:	If docs needed, set a value
Doc Text:
Clone Of:	1636811
Environment:
Last Closed:	2019-06-14 00:45:09 UTC
Type:	Bug
Target Upstream Version:
Embargoed:
Dependent Products:

Attachments	(Terms of Use)

Description Ivan Nikolchev 2019-01-21 09:39:38 UTC

This bug also exists in rhel8 version of freeradius.

freeradius-3.0.15-18.module+el8+2441+0808aa29.x86_64
wpa_supplicant-2.6-17.el8.x86_64
openssl-1.1.1-8.el8.x86_64

+++ This bug was initially created as a clone of Bug #1636811 +++


Description of problem:
wpa_supplicant on F29 w openssl 1.1.1 tries to use tls 1.3. FreeRadius on F29 with openssl 1.1.1 does not work. It only gets part way through authenticating then fails. Windows and Android continue to work.

Some of this may also be fixed in freeradius 3.0.16/17

Version-Release number of selected component (if applicable):
openssl-1.1.1-3.fc29.x86_64
wpa_supplicant-2.6-17.fc29.x86_64
freeradius-3.0.15-18.fc29.x86_64

Note You need to log in before you can comment on or make changes to this bug.