GnuTLS and FreeRADIUS
Alan DeKok
aland at deployingradius.com
Tue Mar 24 18:40:47 CET 2009
Carolin Latze wrote:
> I was searching for some time now and I found a lot of messages from
> people who wanted to replace the OpenSSL dependencies in FreeRADIUS with
> GnuTLS. But so far it seems, that nobody really did that, is that right?
> Or has there been work on that and it failed for some reason? To be
> honest I have absolutely no idea how complicated that will be but at
> least I don't expect it to be easy. :)
It's hard. The GNUTLS stuff contains wrappers for OpenSSL. However,
they also got a number of things in their API wrong. (From what I recall
about the last time I checked). This made using GnuTLS difficult.
Hostap has wrapper functions around OpenSSL, GnuTLS, and their own
implementation of SSL. It may be worth investigating that API, too.
Alan DeKok.
More information about the Freeradius-Devel
mailing list