Michael Kurecka: > I am trying to run wpa_supplicant in FIPS mode.
Why? > I don't think the MD5 function is even called MD5 is part of SSLv3. #6 0x4003e6b8 in ssl3_connect () from /usr/lib/libssl.so.0.9.8#7 0x4004ebf4 in SSL_connect () from /usr/lib/libssl.so.0.9.8#8 0x000526c0 in tls_connection_handshake (ssl_ctx=<value optimized out>, conn=0x94e68, in_data=0x970d0 "\224,@\224,@\020", in_len=0, out_len=0x94d88, appl_data=0xbed1f218, appl_data_len=0xbed1f214) at ../src/crypto/tls_openssl.c:1792 #9 0x0004fcac in eap_peer_tls_process_helper (sm=0x8ad90, data=0x94d80, eap_type=EAP_TYPE_PEAP, peap_version=0, id=98 'b', in_data=0x0, in_len=537439632, out_data=0xbed1f264) at ../src/eap_peer/eap_tls_common.c:463 You need to disable SSLv3 if you want to use FIPS mode. SSLv3 relies on MD5 for some of its security properties, and that's a no-no in FIPS mode. DS ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org
