OpenSSL reports wrong TLS version to FreeRADIUS

[Alfred Arnold]

Hi,

>Alfred, I'd like to say "thanks" once more.
>
>I tried with newer ciphers and version 1.2 - and now freeradius (3.0.16) 
>indeed sends me the second
>"challenge". So, it's a huge progress.

Indeed, the capture now looks like an EAP-TLS negotiation should go on. 
The server accepted the client hello, an prepared its message flight of 
messages.  Among them is the server's Certificate message, which is quite 
huge, and so they cannot be sent in one packet.  Your client would next 
send an empty EAP-TLS message, thereby acknowledging reception of this 
message fragment.  The server would then send the next fragment of these 
messages.  Since the overall length of the message flight is 3137, and 
FreeRADUIS decided to send ~1000 bytes per fragment, expect another two of 
those 'ping-pongs' to happen until your client is able to reassemble and 
process the server's messages.

>However it still complains on the unknown TLS version. I attach the 
>server log and the packet capture, just in case.

Well, no idea where the version 0x0304 is coming from.  One would probably 
have to look into the FreeRADIUS sources, or ask on the proper FreeRADIUS 
mailing lists for assistance.  My personal "wild guess" is that this is 
some sort of 'internal default' as long as the the EAP-TLS module hasn't 
yet decided about the used protocol version.  I wouldn't bother about this 
too much if you're interested in other things.

There's however one other thing I wanted to mention: The Random value your 
clients sends in the Client Hello is not that random...there is the time 
stamp in the first four bytes, but the remaining 28 bytes are all-zero - 
they should contain data from a cryptographically safe random number 
generator.

Best regards

Alfred Arnold

-- 
Alfred Arnold                   E-Mail: alfred at ccac.rwth-aachen.de
Computer Club at the            http://john.ccac.rwth-aachen.de:8000/alf/
Technical University            Phone: +49-241-406526
of Aachen