On Mon, Jul 27, 2015 at 11:28:09PM +0100, Matt Caswell wrote: > The master branch implements "security levels". The default security > level does not allow anon ciphersuites. I suspect this may be your problem.
Indeed. SSL_set_security_level(ssl, 0) for this special EAP-FAST case resolved this. > Can you use: > __owur const SSL_CIPHER *SSL_get_current_cipher(const SSL *s); > > and > > int SSL_CIPHER_get_digest_nid(const SSL_CIPHER *c); > > to then call: > EVP_MD_size(EVP_get_digestbynid(nid)); Thanks! This does indeed work fine and is significantly cleaner design than the one I had to use with earlier OpenSSL versions. It looks like things are getting very close to complete now. I was able to get all EAP-FAST test cases passing with the current snapshot of 1.0.2 and using TLSv1.2. With the current snapshot of the master branch, there is an issue on the TLS server side, though. All the EAP-FAST peer functionality worked with the master branch version. The remaining issue for EAP-FAST server is in the SSL_set_session_secret_cb() callback not having access to the correct server_random through SSL_get_server_random(). In earlier OpenSSL versions, I could fetch this from ssl->s3->server_random. However, SSL_get_server_random() seems to return some bogus data at this point in the sequence (_before_ the ServerHello has actually been written). The correct server_random becomes available later, but that's too late to be able to derive the correct master_secret in the session secret callback.. Any idea what could be causing this? Would it be possible to modify the sequence of operations here in a way that the real server_random were available through SSL_get_server_random() from the SSL_set_session_secret_cb() handler on the TLS server side as well as on the client side (where it seems to work now). -- Jouni Malinen PGP id EFC895FA _______________________________________________ openssl-dev mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev