[mbed-tls] Handshake Fails Server Side error fatal:unexpected_message

6 Mar 2024


      Hi,
We are testing the HosatAP module integrated with MBedTLS version 2.19.1.
But we are receiving an error during the SSL handshake. In Server side we
are using hostapd daemon - we see the below error:
random: getrandom() support available
Configuration file: data/eap/hostap-standalone/hostapd_newCrt.conf
Opening raw packet socket for ifindex 4
BSS count 1, BSSID mask 00:00:00:00:00:00 (0 bits)
Using existing control interface directory.
eaptest1: IEEE 802.11 Fetching hardware channel/rate support not supported.
Completing interface initialization
hostapd_setup_bss(hapd=0x564a594121c0 (eaptest1), first=1)
eaptest1: Flushing old station entries
eaptest1: Deauthenticate all stations
Using interface eaptest1 with hwaddr 02:11:11:11:11:11 and ssid ""
TLS: Trusted root certificate(s) loaded
OpenSSL: tls_use_private_key_file (PEM) --> loaded
eaptest1: interface state UNINITIALIZED->ENABLED
eaptest1: AP-ENABLED
eaptest1: Setup of interface done.
ctrl_iface not configured!
Received EAPOL packet
eaptest1: Event NEW_STA (22) received
Data frame from unknown STA 00:1b:08:00:8c:94 - adding a new STA
  New STA
ap_sta_add: register ap_handle_timer timeout for 00:1b:08:00:8c:94
(300 seconds - ap_max_inactivity)
eaptest1: STA 00:1b:08:00:8c:94 IEEE 802.1X: start authentication
EAP: Server state machine created
IEEE 802.1X: 00:1b:08:00:8c:94 BE_AUTH entering state IDLE
IEEE 802.1X: 00:1b:08:00:8c:94 CTRL_DIR entering state FORCE_BOTH
eaptest1: hostapd_new_assoc_sta: canceled wired ap_handle_timer
timeout for 00:1b:08:00:8c:94
eaptest1: Event EAPOL_RX (23) received
IEEE 802.1X: 46 bytes from 00:1b:08:00:8c:94
   IEEE 802.1X: version=2 type=1 length=0
   ignoring 42 extra octets after IEEE 802.1X packet
eaptest1: STA 00:1b:08:00:8c:94 IEEE 802.1X: received EAPOL-Start from STA
IEEE 802.1X: 00:1b:08:00:8c:94 AUTH_PAE entering state DISCONNECTED
eaptest1: STA 00:1b:08:00:8c:94 IEEE 802.1X: unauthorizing port
IEEE 802.1X: 00:1b:08:00:8c:94 AUTH_PAE entering state RESTART
EAP: EAP entering state INITIALIZE
eaptest1: CTRL-EVENT-EAP-STARTED 00:1b:08:00:8c:94
EAP: EAP entering state SELECT_ACTION
EAP: getDecision: no identity known yet -> CONTINUE
EAP: EAP entering state PROPOSE_METHOD
EAP: getNextMethod: vendor 0 type 1
eaptest1: CTRL-EVENT-EAP-PROPOSED-METHOD vendor=0 method=1
EAP: EAP entering state METHOD_REQUEST
EAP: building EAP-Request: Identifier 124
EAP: EAP entering state SEND_REQUEST
EAP: EAP entering state IDLE
EAP: retransmit timeout 3 seconds (from dynamic back off; retransCount=0)
IEEE 802.1X: 00:1b:08:00:8c:94 AUTH_PAE entering state CONNECTING
IEEE 802.1X: 00:1b:08:00:8c:94 AUTH_PAE entering state AUTHENTICATING
IEEE 802.1X: 00:1b:08:00:8c:94 BE_AUTH entering state REQUEST
eaptest1: STA 00:1b:08:00:8c:94 IEEE 802.1X: Sending EAP Packet (identifier 124)
IEEE 802.1X: 00:1b:08:00:8c:94 - (EAP) retransWhile --> 0
EAP: EAP entering state RETRANSMIT
eaptest1: CTRL-EVENT-EAP-RETRANSMIT 00:1b:08:00:8c:94
EAP: EAP entering state IDLE
EAP: retransmit timeout 6 seconds (from dynamic back off; retransCount=1)
IEEE 802.1X: 00:1b:08:00:8c:94 BE_AUTH entering state REQUEST
eaptest1: STA 00:1b:08:00:8c:94 IEEE 802.1X: Sending EAP Packet (identifier 124)
Received EAPOL packet
eaptest1: Event NEW_STA (22) received
eaptest1: Event EAPOL_RX (23) received
IEEE 802.1X: 46 bytes from 00:1b:08:00:8c:94
   IEEE 802.1X: version=2 type=0 length=9
   ignoring 33 extra octets after IEEE 802.1X packet
EAP: code=2 identifier=124 length=9
 (response)
eaptest1: STA 00:1b:08:00:8c:94 IEEE 802.1X: received EAP packet
(code=2 id=124 len=9) from STA: EAP Response-Identity (1)
IEEE 802.1X: 00:1b:08:00:8c:94 BE_AUTH entering state RESPONSE
EAP: EAP entering state RECEIVED
EAP: parseEapResp: rxResp=1 rxInitiate=0 respId=124 respMethod=1
respVendor=0 respVendorMethod=0
EAP: EAP entering state INTEGRITY_CHECK
EAP: EAP entering state METHOD_RESPONSE
EAP-Identity: Peer identity - hexdump_ascii(len=4):
     75 73 65 72                                       user
EAP: EAP entering state SELECT_ACTION
EAP: getDecision: another method available -> CONTINUE
EAP: EAP entering state PROPOSE_METHOD
EAP: getNextMethod: vendor 0 type 13
eaptest1: CTRL-EVENT-EAP-PROPOSED-METHOD vendor=0 method=13
EAP: EAP entering state METHOD_REQUEST
EAP: building EAP-Request: Identifier 125
EAP-TLS: START -> CONTINUE
EAP: EAP entering state SEND_REQUEST
EAP: EAP entering state IDLE
EAP: retransmit timeout 3 seconds (from dynamic back off; retransCount=0)
IEEE 802.1X: 00:1b:08:00:8c:94 BE_AUTH entering state REQUEST
eaptest1: STA 00:1b:08:00:8c:94 IEEE 802.1X: Sending EAP Packet (identifier 125)
Received EAPOL packet
eaptest1: Event NEW_STA (22) received
eaptest1: Event EAPOL_RX (23) received
IEEE 802.1X: 212 bytes from 00:1b:08:00:8c:94
   IEEE 802.1X: version=2 type=0 length=208
EAP: code=2 identifier=125 length=208
 (response)
eaptest1: STA 00:1b:08:00:8c:94 IEEE 802.1X: received EAP packet
(code=2 id=125 len=208) from STA: EAP Response-TLS (13)IEEE 802.1X:
00:1b:08:00:8c:94 BE_AUTH entering state RESPONSE
EAP: EAP entering state RECEIVED
EAP: parseEapResp: rxResp=1 rxInitiate=0 respId=125 respMethod=13
respVendor=0 respVendorMethod=0
EAP: EAP entering state INTEGRITY_CHECK
EAP: EAP entering state METHOD_RESPONSE
SSL: Received packet(len=208) - Flags 0x00
SSL: Received packet: Flags 0x0 Message Length 0
SSL: (where=0x10 ret=0x1)
SSL: (where=0x2001 ret=0x1)
SSL: SSL_accept:before SSL initialization
OpenSSL: RX ver=0x0 content_type=256 (TLS header info/)
OpenSSL: Message - hexdump(len=5): [REMOVED]
SSL: (where=0x2001 ret=0x1)
SSL: SSL_accept:before SSL initialization
OpenSSL: RX ver=0x304 content_type=22 (handshake/client hello)
OpenSSL: Message - hexdump(len=197): [REMOVED]
SSL: (where=0x2001 ret=0x1)
SSL: SSL_accept:SSLv3/TLS read client hello
OpenSSL: TX ver=0x0 content_type=256 (TLS header info/)
OpenSSL: Message - hexdump(len=5): [REMOVED]
OpenSSL: TX ver=0x303 content_type=22 (handshake/server hello)
OpenSSL: Message - hexdump(len=61): [REMOVED]
SSL: (where=0x2001 ret=0x1)
SSL: SSL_accept:SSLv3/TLS write server hello
OpenSSL: TX ver=0x0 content_type=256 (TLS header info/)
OpenSSL: Message - hexdump(len=5): [REMOVED]
OpenSSL: TX ver=0x303 content_type=22 (handshake/certificate)
OpenSSL: Message - hexdump(len=855): [REMOVED]
SSL: (where=0x2001 ret=0x1)
SSL: SSL_accept:SSLv3/TLS write certificate
OpenSSL: TX ver=0x0 content_type=256 (TLS header info/)
OpenSSL: Message - hexdump(len=5): [REMOVED]
OpenSSL: TX ver=0x303 content_type=22 (handshake/server key exchange)
OpenSSL: Message - hexdump(len=401): [REMOVED]
SSL: (where=0x2001 ret=0x1)
SSL: SSL_accept:SSLv3/TLS write key exchange
OpenSSL: TX ver=0x0 content_type=256 (TLS header info/)
OpenSSL: Message - hexdump(len=5): [REMOVED]
OpenSSL: TX ver=0x303 content_type=22 (handshake/certificate request)
OpenSSL: Message - hexdump(len=153): [REMOVED]
SSL: (where=0x2001 ret=0x1)
SSL: SSL_accept:SSLv3/TLS write certificate request
OpenSSL: TX ver=0x0 content_type=256 (TLS header info/)
OpenSSL: Message - hexdump(len=5): [REMOVED]
OpenSSL: TX ver=0x303 content_type=22 (handshake/server hello done)
OpenSSL: Message - hexdump(len=4): [REMOVED]
SSL: (where=0x2001 ret=0x1)
SSL: SSL_accept:SSLv3/TLS write server done
SSL: (where=0x2002 ret=0xffffffff)
SSL: SSL_accept:error in SSLv3/TLS write server done
SSL: SSL_connect - want more data
SSL: 1499 bytes pending from ssl_out
SSL: Using TLS version TLSv1.2
EAP: EAP entering state METHOD_REQUEST
EAP: building EAP-Request: Identifier 126
SSL: Generating Request
SSL: Sending out 1393 bytes (106 more to send)
EAP: EAP entering state SEND_REQUEST
EAP: EAP entering state IDLE
EAP: retransmit timeout 3 seconds (from dynamic back off; retransCount=0)
IEEE 802.1X: 00:1b:08:00:8c:94 BE_AUTH entering state REQUEST
eaptest1: STA 00:1b:08:00:8c:94 IEEE 802.1X: Sending EAP Packet (identifier 126)
Received EAPOL packet
eaptest1: Event NEW_STA (22) received
eaptest1: Event EAPOL_RX (23) received
IEEE 802.1X: 46 bytes from 00:1b:08:00:8c:94
   IEEE 802.1X: version=2 type=0 length=6
   ignoring 36 extra octets after IEEE 802.1X packet
EAP: code=2 identifier=126 length=6
 (response)
eaptest1: STA 00:1b:08:00:8c:94 IEEE 802.1X: received EAP packet
(code=2 id=126 len=6) from STA: EAP Response-TLS (13)
IEEE 802.1X: 00:1b:08:00:8c:94 BE_AUTH entering state RESPONSE
EAP: EAP entering state RECEIVED
EAP: parseEapResp: rxResp=1 rxInitiate=0 respId=126 respMethod=13
respVendor=0 respVendorMethod=0
EAP: EAP entering state INTEGRITY_CHECK
EAP: EAP entering state METHOD_RESPONSE
SSL: Received packet(len=6) - Flags 0x00
SSL: Received packet: Flags 0x0 Message Length 0
SSL: Fragment acknowledged
EAP: EAP entering state METHOD_REQUEST
EAP: building EAP-Request: Identifier 127
SSL: Generating Request
SSL: Sending out 106 bytes (message sent completely)
EAP: EAP entering state SEND_REQUEST
EAP: EAP entering state IDLE
EAP: retransmit timeout 3 seconds (from dynamic back off; retransCount=0)
IEEE 802.1X: 00:1b:08:00:8c:94 BE_AUTH entering state REQUEST
eaptest1: STA 00:1b:08:00:8c:94 IEEE 802.1X: Sending EAP Packet (identifier 127)
IEEE 802.1X: 00:1b:08:00:8c:94 - (EAP) retransWhile --> 0
EAP: EAP entering state RETRANSMIT
eaptest1: CTRL-EVENT-EAP-RETRANSMIT 00:1b:08:00:8c:94
EAP: EAP entering state IDLE
EAP: retransmit timeout 6 seconds (from dynamic back off; retransCount=1)
IEEE 802.1X: 00:1b:08:00:8c:94 BE_AUTH entering state REQUEST
eaptest1: STA 00:1b:08:00:8c:94 IEEE 802.1X: Sending EAP Packet (identifier 127)
Received EAPOL packet
eaptest1: Event NEW_STA (22) received
eaptest1: Event EAPOL_RX (23) received
IEEE 802.1X: 46 bytes from 00:1b:08:00:8c:94
   IEEE 802.1X: version=2 type=0 length=6
   ignoring 36 extra octets after IEEE 802.1X packet
EAP: code=2 identifier=127 length=6
 (response)
eaptest1: STA 00:1b:08:00:8c:94 IEEE 802.1X: received EAP packet
(code=2 id=127 len=6) from STA: EAP Response-TLS (13)
IEEE 802.1X: 00:1b:08:00:8c:94 BE_AUTH entering state RESPONSE
EAP: EAP entering state RECEIVED
EAP: parseEapResp: rxResp=1 rxInitiate=0 respId=127 respMethod=13
respVendor=0 respVendorMethod=0
EAP: EAP entering state INTEGRITY_CHECK
EAP: EAP entering state METHOD_RESPONSE
SSL: Received packet(len=6) - Flags 0x00
SSL: Received packet: Flags 0x0 Message Length 0
SSL: (where=0x2002 ret=0xffffffff)
SSL: SSL_accept:error in SSLv3/TLS write server done
SSL: SSL_connect - want more data
SSL: 0 bytes pending from ssl_out
SSL: Using TLS version TLSv1.2
EAP: EAP entering state METHOD_REQUEST
EAP: building EAP-Request: Identifier 128
SSL: Generating Request
SSL: Sending out 0 bytes (message sent completely)
EAP: EAP entering state SEND_REQUEST
EAP: EAP entering state IDLE
EAP: retransmit timeout 3 seconds (from dynamic back off; retransCount=0)
IEEE 802.1X: 00:1b:08:00:8c:94 BE_AUTH entering state REQUEST
eaptest1: STA 00:1b:08:00:8c:94 IEEE 802.1X: Sending EAP Packet (identifier 128)
Received EAPOL packet
eaptest1: Event NEW_STA (22) received
eaptest1: Event EAPOL_RX (23) received
IEEE 802.1X: 46 bytes from 00:1b:08:00:8c:94
   IEEE 802.1X: version=2 type=0 length=6
   ignoring 36 extra octets after IEEE 802.1X packet
EAP: code=2 identifier=127 length=6
 (response)
eaptest1: STA 00:1b:08:00:8c:94 IEEE 802.1X: received EAP packet
(code=2 id=127 len=6) from STA: EAP Response-TLS (13)
IEEE 802.1X: 00:1b:08:00:8c:94 BE_AUTH entering state RESPONSE
EAP: EAP entering state RECEIVED
EAP: parseEapResp: rxResp=1 rxInitiate=0 respId=127 respMethod=13
respVendor=0 respVendorMethod=0
EAP: RECEIVED->DISCARD: rxResp=1 respId=127 currentId=128
respMethod=13 currentMethod=13
EAP: EAP entering state DISCARD
EAP: EAP entering state IDLE
EAP: retransmit timeout 3 seconds (from dynamic back off; retransCount=0)
IEEE 802.1X: 00:1b:08:00:8c:94 BE_AUTH entering state IGNORE
IEEE 802.1X: 00:1b:08:00:8c:94 - (EAP) retransWhile --> 0
EAP: EAP entering state RETRANSMIT
eaptest1: CTRL-EVENT-EAP-RETRANSMIT 00:1b:08:00:8c:94
EAP: EAP entering state IDLE
EAP: retransmit timeout 6 seconds (from dynamic back off; retransCount=1)
IEEE 802.1X: 00:1b:08:00:8c:94 BE_AUTH entering state REQUEST
eaptest1: STA 00:1b:08:00:8c:94 IEEE 802.1X: Sending EAP Packet (identifier 128)
IEEE 802.1X: 00:1b:08:00:8c:94 - (EAP) retransWhile --> 0
EAP: EAP entering state RETRANSMIT
eaptest1: CTRL-EVENT-EAP-RETRANSMIT 00:1b:08:00:8c:94
EAP: EAP entering state IDLE
EAP: retransmit timeout 12 seconds (from dynamic back off; retransCount=2)
IEEE 802.1X: 00:1b:08:00:8c:94 BE_AUTH entering state REQUEST
eaptest1: STA 00:1b:08:00:8c:94 IEEE 802.1X: Sending EAP Packet (identifier 128)
Received EAPOL packet
eaptest1: Event NEW_STA (22) received
eaptest1: Event EAPOL_RX (23) received
IEEE 802.1X: 212 bytes from 00:1b:08:00:8c:94
   IEEE 802.1X: version=2 type=0 length=208
EAP: code=2 identifier=128 length=208
 (response)
eaptest1: STA 00:1b:08:00:8c:94 IEEE 802.1X: received EAP packet
(code=2 id=128 len=208) from STA: EAP Response-TLS (13)IEEE 802.1X:
00:1b:08:00:8c:94 BE_AUTH entering state RESPONSE
EAP: EAP entering state RECEIVED
EAP: parseEapResp: rxResp=1 rxInitiate=0 respId=128 respMethod=13
respVendor=0 respVendorMethod=0
EAP: EAP entering state INTEGRITY_CHECK
EAP: EAP entering state METHOD_RESPONSE
SSL: Received packet(len=208) - Flags 0x00
SSL: Received packet: Flags 0x0 Message Length 0
OpenSSL: RX ver=0x0 content_type=256 (TLS header info/)
OpenSSL: Message - hexdump(len=5): [REMOVED]
SSL: (where=0x2001 ret=0x1)
SSL: SSL_accept:SSLv3/TLS write server done
OpenSSL: TX ver=0x0 content_type=256 (TLS header info/)
OpenSSL: Message - hexdump(len=5): [REMOVED]
OpenSSL: TX ver=0x303 content_type=21 (alert/)
OpenSSL: Message - hexdump(len=2): [REMOVED]
SSL: (where=0x4008 ret=0x20a)
SSL: SSL3 alert: write (local SSL3 detected an error):fatal:unexpected_message
authsrv: local TLS alert: unexpected_message
SSL: (where=0x2002 ret=0xffffffff)
SSL: SSL_accept:error in error
OpenSSL: openssl_handshake - SSL_connect error:141A20F4:SSL
routines:ossl_statem_server_read_transition:unexpected message
SSL: 7 bytes pending from ssl_out
SSL: Failed - tls_out available to report error
EAP-TLS: CONTINUE -> FAILURE
OpenSSL: Session was not cached
EAP: Session-Id - hexdump(len=0): [NULL]
EAP: EAP entering state SELECT_ACTION
EAP: getDecision: method failed -> FAILURE
EAP: EAP entering state FAILURE
EAP: Building EAP-Failure (id=128)
eaptest1: CTRL-EVENT-EAP-FAILURE 00:1b:08:00:8c:94
IEEE 802.1X: 00:1b:08:00:8c:94 BE_AUTH entering state FAIL
eaptest1: STA 00:1b:08:00:8c:94 IEEE 802.1X: Sending EAP Packet (identifier 128)
IEEE 802.1X: 00:1b:08:00:8c:94 AUTH_PAE entering state HELD
eaptest1: STA 00:1b:08:00:8c:94 IEEE 802.1X: unauthorizing port
eaptest1: STA 00:1b:08:00:8c:94 IEEE 802.1X: authentication failed -
EAP type: 0 (unknown)
eaptest1: STA 00:1b:08:00:8c:94 IEEE 802.1X: Supplicant used different
EAP type: 13 (TLS)
eaptest1: IEEE 802.1X: Force disconnection of 00:1b:08:00:8c:94 after
EAP-Failure in 10 ms
IEEE 802.1X: 00:1b:08:00:8c:94 BE_AUTH entering state IDLE
eaptest1: IEEE 802.1X: Scheduled disconnection of 00:1b:08:00:8c:94
after EAP-Failure
eaptest1: ap_sta_disconnect STA 00:1b:08:00:8c:94 reason=23
eaptest1: ap_sta_disconnect: reschedule ap_handle_timer timeout for
00:1b:08:00:8c:94 (5 seconds - AP_MAX_INACTIVITY_AFTER_DEAUTH)
IEEE 802.1X: 00:1b:08:00:8c:94 AUTH_PAE entering state INITIALIZE
EAP: EAP entering state DISABLED
eaptest1: Deauthentication callback for STA 00:1b:08:00:8c:94
eaptest1: Removing STA 00:1b:08:00:8c:94 from kernel driver
eaptest1: STA 00:1b:08:00:8c:94 MLME:
MLME-DEAUTHENTICATE.indication(00:1b:08:00:8c:94, 23)
eaptest1: STA 00:1b:08:00:8c:94 MLME: MLME-DELETEKEYS.request(00:1b:08:00:8c:94)
eaptest1: ap_handle_timer: 00:1b:08:00:8c:94 flags=0x40000000 timeout_next=3
eaptest1: STA 00:1b:08:00:8c:94 IEEE 802.11: deauthenticated due to
local deauth request
ap_free_sta: cancel ap_handle_timer for 00:1b:08:00:8c:94
EAP: Server state machine removed
In wireshark logs we see the below details:
[image: image.png]
As you can see the Session Ticket details are missing and that Length 0
field is the last byte in the message but still in Wireshark we see other
details like JA4, JA4_r etc?
Is the "Client Hello" response from the client in the correct format? Why
does the Serve states:
SSL: SSL_accept:SSLv3/TLS write server done
OpenSSL: TX ver=0x0 content_type=256 (TLS header info/)
OpenSSL: Message - hexdump(len=5): [REMOVED]
OpenSSL: TX ver=0x303 content_type=21 (alert/)
OpenSSL: Message - hexdump(len=2): [REMOVED]
SSL: (where=0x4008 ret=0x20a)
SSL: SSL3 alert: write (local SSL3 detected an
error):fatal:unexpected_message
authsrv: local TLS alert: unexpected_message
SSL: (where=0x2002 ret=0xffffffff)
SSL: SSL_accept:error in error
OpenSSL: openssl_handshake - SSL_connect error:141A20F4:SSL
routines:ossl_statem_server_read_transition:unexpected message
SSL: 7 bytes pending from ssl_out
SSL: Failed - tls_out available to report error
*EAP-TLS: CONTINUE -> FAILURE*
OpenSSL: Session was not cached
EAP: Session-Id - hexdump(len=0): [NULL]
EAP: EAP entering state SELECT_ACTION
EAP: getDecision: method failed -> FAILURE
EAP: EAP entering state FAILURE
EAP: Building EAP-Failure (id=134)
Regards,
Prakash

2024

2023

2022

2021

2020

[mbed-tls] Handshake Fails Server Side error fatal:unexpected_message