mech_eap: libeap tls-_internal does not support hash://server/sha256
Bug #1181391 reported by
Sam Hartman
This bug affects 1 person
| Affects | Status | Importance | Assigned to | Milestone | |
|---|---|---|---|---|---|
| Project Moonshot |
Fix Released
|
Critical
|
Unassigned | ||
Bug Description
affects moonshot
The portal generates credentials that use a sha256 of the server
certificate.
This is probably what we want.
Unfortunately the libeap's tls_internal doesn't actually support that.
Only openssl's libeap driver supports this.
Moving to openssl complicates windows builds in the non-SSP case.
In addition for this to work right we need to move away from schannel
builds for the SSP.
This bug requires more discussion and a real plan.
importance critical
Revision history for this message
| Luke Howard (lukeh-padl) wrote Re: [Bug 1181391] [NEW] mech_eap: libeap tls-_internal does not support hash://server/sha256 | #1 |
Revision history for this message
| Sam Hartman (hartmans) wrote | #2 |
Revision history for this message
| Luke Howard (lukeh-padl) wrote | #3 |
| Changed in moonshot: | |
| milestone: | none → pilot5 |
| Changed in moonshot: | |
| status: | New → Fix Released |
To post a comment you must log in.
> In addition for this to work right we need to move away from schannel
> builds for the SSP.
How come? A lot of work went into getting this to work right :-) It supports locating certificates by SHA256 hash.
-- Luke