[openssl.org #1574] Session Ticket in OpenSSL 0.9.9 and EAP-FAST
Tomas Mraz via RT
the patch into the official OpenSSL sources. Are the OpenSSL developers
interested in getting the EAP-FAST support into OpenSSL or they do not
want it at all and if so, then why?
Thanks for any response,
--
Tomas Mraz
No matter how far down the wrong road you've gone, turn back.
Turkish proverb
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List opens...@openssl.org
Automated List Manager majo...@openssl.org
Jouni Malinen via RT
specific changes to TLS SessionTicket (RFC 5077) processing. This
updates the patch to work with the current 0.9.9 snapshots.
The original patch for making it possible to use OpenSSL for EAP-FAST
implementation was posted more than three years ago. So far, there has
been next to no comments from the OpenSSL team on the changes. I would
really appreciate getting some feedback on the proposed changes and
feasibility of finally getting them included into the OpenSSL releases.
Maintaining an external patch for a standard system component makes it
much harder for users and distributions to handle the current situation
if they need EAP-FAST support. Getting the changes, or something else
providing similar functionality, included in the OpenSSL would be very
helpful in avoiding these issues. Any advice on how to contribute to
OpenSSL development as someone outside the core development team would
also be appreciated if no one in the core team is interested in looking
into this or providing comments.
--
Jouni Malinen PGP id EFC895FA
Jouni Malinen via RT
OpenSSL snapshot. The ssl/s3_srvr.c change from 03-Sep-2008 (rev 1.163)
seemed to have reverted some earlier changes and because of this, the
extra call to ssl3_digest_cached_records() that was added in the
previous EAP-FAST patch update must be removed from the patch. This
version was tested with openssl-SNAP-20080928.tar.gz.
Stephen Henson via RT
I've had an initial look at this patch. Is there some reason you need to
be able to generate generic extensions rather than just being able to
override the session ticket extension?
Steve.
Jouni Malinen via RT
> I've had an initial look at this patch. Is there some reason you need to
> be able to generate generic extensions rather than just being able to
> override the session ticket extension?
Not really. This just remains from the initial patch that was done
before the session ticket support was added to OpenSSL. In practice,
SSL_set_hello_extension() is only used to replace the SessionTicket
extension (ext_type=35) and any mechanism that allows this to be done
would be fine.
--
Jouni Malinen PGP id EFC895FA
Jouni Malinen
> I've had an initial look at this patch. Is there some reason you need to
> be able to generate generic extensions rather than just being able to
> override the session ticket extension?
Not really. This just remains from the initial patch that was done
before the session ticket support was added to OpenSSL. In practice,
SSL_set_hello_extension() is only used to replace the SessionTicket
extension (ext_type=35) and any mechanism that allows this to be done
would be fine.
--
Jouni Malinen PGP id EFC895FA
Stephen Henson via RT
>
> On Wed, Oct 22, 2008 at 01:19:53PM +0200, Stephen Henson via RT wrote:
>
> > I've had an initial look at this patch. Is there some reason you need to
> > be able to generate generic extensions rather than just being able to
> > override the session ticket extension?
>
> Not really. This just remains from the initial patch that was done
> before the session ticket support was added to OpenSSL. In practice,
> SSL_set_hello_extension() is only used to replace the SessionTicket
> extension (ext_type=35) and any mechanism that allows this to be done
> would be fine.
>
>
OK, we'd need the generic extension part of the patch modified to only
override the session ticket extension.
A companion callback to supply the details of the ticket extension would
be appropriate instead of using the debugging interface.
The indentation in that patch is also inconsistent with the rest of OpenSSL.
Jouni Malinen
> OK, we'd need the generic extension part of the patch modified to only
> override the session ticket extension.
I replaced SSL_set_hello_extension() function with
SSL_set_session_ticket_ext() and renamed the related structures to use
less generic names. Please note that I left SSL_set_hello_extension()
into this version as a simple wrapper to make it easier to test this
with the current wpa_supplicant/hostapd implementation, but that can
obviously be removed when the patch goes in and I'll change
wpa_supplicant/hostapd to use OpenSSL version to select which calls to
use.
> A companion callback to supply the details of the ticket extension would
> be appropriate instead of using the debugging interface.
Are you referring to the use of SSL_set_tlsext_debug_callback() in the
EAP-FAST server implementation? This was originally done with a new
SSL_set_hello_extension_cb(), but I removed the extra code when session
ticket code was added to OpenSSL. Would you like to get the
SSL_set_hello_extension_cb() and related call from
ssl3_get_client_hello() to be included in the patch?
> The indentation in that patch is also inconsistent with the rest of OpenSSL.
The attached version should clean up indentation to match with rest of
the code.
Stephen Henson via RT
>
> On Tue, Nov 11, 2008 at 12:09:55PM +0100, Stephen Henson via RT wrote:
>
> > OK, we'd need the generic extension part of the patch modified to
> only
> > override the session ticket extension.
>
> I replaced SSL_set_hello_extension() function with
> SSL_set_session_ticket_ext() and renamed the related structures to use
> less generic names. Please note that I left SSL_set_hello_extension()
> into this version as a simple wrapper to make it easier to test this
> with the current wpa_supplicant/hostapd implementation, but that can
> obviously be removed when the patch goes in and I'll change
> wpa_supplicant/hostapd to use OpenSSL version to select which calls to
> use.
>
OK, thanks.
> > A companion callback to supply the details of the ticket extension
> would
> > be appropriate instead of using the debugging interface.
>
> Are you referring to the use of SSL_set_tlsext_debug_callback() in the
> EAP-FAST server implementation? This was originally done with a new
> SSL_set_hello_extension_cb(), but I removed the extra code when
> session
> ticket code was added to OpenSSL. Would you like to get the
> SSL_set_hello_extension_cb() and related call from
> ssl3_get_client_hello() to be included in the patch?
>
Well I'm assuming that there needs to be a way to obtain the ticket
value the peer has sent. Although it is possible to use the debugging
interface for that it then prevents it being used for anything else.
Something like an SSL_set_session_ticket_cb() function which would call
the supplied callback with the received ticket extension value.
Functionally doing the same as the debug callback but for the ticket
extension only.
> > The indentation in that patch is also inconsistent with the rest of
> OpenSSL.
>
> The attached version should clean up indentation to match with rest of
> the code.
>
>
Thank you.
Jouni Malinen
> Well I'm assuming that there needs to be a way to obtain the ticket
> value the peer has sent. Although it is possible to use the debugging
> interface for that it then prevents it being used for anything else.
>
> Something like an SSL_set_session_ticket_cb() function which would call
> the supplied callback with the received ticket extension value.
The attached version adds SSL_set_session_ticket_ext_cb() to register a
callback that will be called whenever a Session Ticket extension is
received in ServerHello or ClientHello. EAP-FAST will only use this from
the ClientHello, but I added the same code for ServerHello should anyone
else have need for that in a client.
I also removed the extra SSL_set_hello_extension() wrapper to clean up
the patch. I have run a quick test with this version and
hostapd/wpa_supplicant, but I haven't committed the matching changes yet
into my repository since I did not want to change the API use there
before the modified version gets into the OpenSSL repository.
Stephen Henson via RT
Let me know of any problems.
Steve.
Jouni Malinen via RT
> You patch has now been applied to HEAD. Thank you for the contribution.
> Let me know of any problems.
Thank you! I updated wpa_supplicant and hostapd to use the new API when
building against OpenSSL 0.9.9. This seems to be working fine and will
make it much easier for distributions to include EAP-FAST support in the
future.
--
Jouni Malinen PGP id EFC895FA
Jouni Malinen
> You patch has now been applied to HEAD. Thank you for the contribution.
> Let me know of any problems.
Thank you! I updated wpa_supplicant and hostapd to use the new API when
building against OpenSSL 0.9.9. This seems to be working fine and will
make it much easier for distributions to include EAP-FAST support in the
future.
--
Jouni Malinen PGP id EFC895FA
Jouni Malinen via RT
OpenSSL 0.9.8i. This provides the same API that was committed into 0.9.9
tree and it can be used with the current development snapshot of
wpa_supplicant/hostapd 0.6.x for EAP-FAST.
Mike McCauley
> Here's a backport version of the session ticket override patch against
> OpenSSL 0.9.8i. This provides the same API that was committed into 0.9.9
> tree and it can be used with the current development snapshot of
> wpa_supplicant/hostapd 0.6.x for EAP-FAST.
Thanks Jouni. Net::SSLeay perl module has been updated in SVN to match the new
defines and code.
Cheers.
--
Mike McCauley mi...@open.com.au
Open System Consultants Pty. Ltd
9 Bulbul Place Currumbin Waters QLD 4223 Australia http://www.open.com.au
Phone +61 7 5598-7474 Fax +61 7 5598-7070
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald,
Platypus, Freeside, TACACS+, PAM, external, Active Directory, EAP, TLS,
TTLS, PEAP, TNC, WiMAX, RSA, Vasco, DIAMETER etc. Full source
on Unix, Windows, MacOSX, Solaris, VMS, NetWare etc.