Created attachment 1833438 [details] EAPOL conf file + output from test Description of problem: eapol test fails with EAP-TTLS-MSCHAPv2 authentication mechanisms in Fedora. Version-Release number of selected component (if applicable): freeradius-3.0.25-1.fc36.x86_64 openssl-3.0.0-1.fc36.x86_64 wpa_supplicant-2.9-16.fc36.x86_64 How reproducible: Steps to Reproduce: 1. install freeradius, wpa_supplicant 2. generate certificates via bootrap script, add user into /etc/raddb/user 3. run radiusd 4. run eapol test /usr/sbin/eapol_test -c EAP-TTLS_MSCHAPV2.conf -s testing123 Actual results: ... RADIUS packet matching with station decapsulated EAP packet (code=4 id=238 len=4) from RADIUS server: EAP Failure EAPOL: Received EAP-Packet frame EAPOL: SUPP_BE entering state REQUEST EAPOL: getSuppRsp EAP: EAP entering state RECEIVED EAP: Received EAP-Failure EAP: Status notification: completion (param=failure) EAP: EAP entering state DISCARD EAP: EAP entering state IDLE EAPOL: SUPP_BE entering state RECEIVE EAPOL: EAP key not available EAPOL: EAP Session-Id not available WPA: Clear old PMK and PTK EAP: deinitialize previously used EAP method (21, TTLS) at EAP deinit ENGINE: engine deinit MPPE keys OK: 0 mismatch: 1 FAILURE Expected results: eapol test should pass for EAP-TTLS-MSCHAPv2 mechanism Additional info:
The future upstream release 3.0.26 contains fixes related to OpenSSL3 support that fix this issue. Closing this BZ as the fixes will get into Rawhide when 3.0.26 releases.