[Pkg-openssl-devel] Bug#807057: Bug#807057: Incorrect PRF used by tls1_export_keying_material() with TLS 1.2
Kurt Roeckx
kurt at roeckx.be
Fri Dec 4 17:34:37 UTC 2015
On Fri, Dec 04, 2015 at 06:16:28PM +0100, Tobias Brunner wrote:
> Package: libssl1.0.0
> Version: 1.0.1e-2+deb7u18
>
> When calling tls1_PRF() tls1_export_keying_material() directly passes
> the value of algorithm2 instead of using ssl_get_algorithm2(), which
> overrides the default PRF algorithm when TLS 1.2 is used. Therefore,
> the keying material is actually derived using the old PRF (combination
> of MD5/SHA1), which breaks e.g. EAP-TLS with newer versions of FreeRADIUS.
>
> The problem is corrected in later versions of OpenSSL. The fix can be
> found at [1].
>
> Regards,
> Tobias
>
> [1]
> https://github.com/openssl/openssl/commit/4fdf91742e3b7eb73e41b38d8d5b2f17d4d5b544
In the 1.0.1 branch it would be 28e117f49f215df9bc8088de10b2bbd650de21ee
I have a request with the release team be able to use the upstream
versions in stable updates. I'm still waiting for a reply. Fixes
like this is one of the reasons I want to use those versions.
Kurt
More information about the Pkg-openssl-devel
mailing list