OpenSSL reports wrong TLS version to FreeRADIUS

[iilinasi]

Dear everyone,


I'm looking for your pointers to help me to debug&solve the issue I 
have.

I try to implement an auth exchange with the RADIUS, requesting EAP-TLS. 
At this moment I only need to get to the phase when server responds with 
Access-Challenge with server certificate (so, 2 packets from NAD and 2 
from the server). To generate NAD-side packets I use python3 with scapy.

Freeradius (3.0.16, 3.0.20) was set up to use EAP-TLS for test user 
auth. First access-request from the NAD side is responded with 
Access-Challenge from the server. So far so good.

But when I send the second packet, I receive an Access-Reject. 
Suprisingly, the server reports I'm using unsupported TLS version ?0304? 
(which corresponds to TLS1.3). Why "surprizingly"? Well, because I use 
earlier TLS version, and it is well visible (AVP "Eap-Message" - EAP 
section - TLS part has "0301", that corresponds to TLS1.0, handshake 
version also set to TLS1.0 (0x0301)).

I also checked in Wireshark (captured both on the server machine and 
"NAD" machine - same results) - the packet is correctly dissected by 
latest wireshark (no errors reported) and has TLS1.0 inside.

OpenSSL is already at the newest version (1.1.1-1ubuntu2.1~18.04.5).


After a discussion in freeradius maillist, I got to know that freeradius 
receives all the TLS-related information from the OpenSSL.
I attach the packet exchange for the reference, the packet in question 
is packet#3.


I'd like to understand, how does OpenSSL get to the idea of "0304" 
version, if there is no such a byte sequence in the packet...
My question is: how OpenSSL determines the TLS version? How to debug it?

-- 
Have a great day!

Irina Ilina-Sidorova
-------------- next part --------------
A non-text attachment was scrubbed...
Name: test.pcapng
Type: application/octet-stream
Size: 996 bytes
Desc: not available
URL: <http://mta.openssl.org/pipermail/openssl-users/attachments/20200302/59bcd9d0/attachment-0001.obj>