It's definitely the infrastructure that's using old TLS. As for the unsafe renegotiation, that happens because the server does not send a renegotiation_info extension in its ServerHello message. See https://datatracker.ietf.org/doc/html/rfc5746. See specifically section 4.1, which discusses client behavior. OpenSSL 3 defaults to the secure client behavior, which requires the server to support RFC5746.
For the "0A0C0103:SSL routines::internal error" the issue is that these servers only offer TLS 1.1 or older, which uses MD5-SHA1 as digest in its signature algorithm. Due to recent collision attacks on SHA1, this no longer meets OpenSSL default level of security of 80 bits (see https://sha-mbles.github.io/, which reduced the chosen-prefix collision to 63.4 bits). -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to wpa in Ubuntu. https://bugs.launchpad.net/bugs/1958267 Title: "Connection failed" for WPA Enterprise network (e.g. eduroam) Status in wpa package in Ubuntu: Confirmed Status in wpa source package in Jammy: Confirmed Bug description: With the current jammy version of wpasupplicant (2:2.10-1), I cannot connect to the WPA Enterprise network eduroam, which is used by Universities worldwide. I get a "Connection failed" message or a request to re-enter the password. - I've re-tried the credentials: no fix ;-) - Tried a 21.10 live session on the same machine: works fine! - Manually downgraded wpasupplicant to the impish version (2:2.9.0-21build1): connected normally. - Upgraded wpasupplicant to the latest version: fails to connect again. ProblemType: Bug DistroRelease: Ubuntu 22.04 Package: wpasupplicant 2:2.10-1 ProcVersionSignature: Ubuntu 5.15.0-17.17-generic 5.15.12 Uname: Linux 5.15.0-17-generic x86_64 NonfreeKernelModules: wl ApportVersion: 2.20.11-0ubuntu75 Architecture: amd64 CurrentDesktop: ubuntu:GNOME Date: Tue Jan 18 09:56:23 2022 InstallationDate: Installed on 2021-11-30 (48 days ago) InstallationMedia: Ubuntu 22.04 LTS "Jammy Jellyfish" - Alpha amd64 (20211130) ProcEnviron: TERM=xterm-256color PATH=(custom, no user) XDG_RUNTIME_DIR=<set> LANG=en_US.UTF-8 SHELL=/bin/bash SourcePackage: wpa UpgradeStatus: No upgrade log present (probably fresh install) To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/wpa/+bug/1958267/+subscriptions -- Mailing list: https://launchpad.net/~desktop-packages Post to : desktop-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~desktop-packages More help : https://help.launchpad.net/ListHelp
