mech_eap: libeap tls-_internal does not support hash://server/sha256
Bug #1181391 reported by
Sam Hartman
This bug affects 1 person
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
Project Moonshot |
Fix Released
|
Critical
|
Unassigned |
Bug Description
affects moonshot
The portal generates credentials that use a sha256 of the server
certificate.
This is probably what we want.
Unfortunately the libeap's tls_internal doesn't actually support that.
Only openssl's libeap driver supports this.
Moving to openssl complicates windows builds in the non-SSP case.
In addition for this to work right we need to move away from schannel
builds for the SSP.
This bug requires more discussion and a real plan.
importance critical
Changed in moonshot: | |
milestone: | none → pilot5 |
Changed in moonshot: | |
status: | New → Fix Released |
To post a comment you must log in.
> In addition for this to work right we need to move away from schannel
> builds for the SSP.
How come? A lot of work went into getting this to work right :-) It supports locating certificates by SHA256 hash.
-- Luke