Connection issues with Android Marshmallow

Arran Cudbard-Bell a.cudbardb at freeradius.org
Fri Oct 16 19:01:24 CEST 2015


> On Oct 16, 2015, at 11:15 AM, Mathieu Simon (Lists) <matsimon.lists at simweb.ch> wrote:
> 
> Hi
> 
> Am 16.10.2015 um 16:31 schrieb Alan DeKok:
>> On Oct 16, 2015, at 10:29 AM, A.L.M.Buxey at lboro.ac.uk wrote:
>>> 
>>>> We use them because everything else is worse. :(
>>> 
>>> LibreSSL ? :-)
>> 
>>  It's API compatible with OpenSSL, and it doesn't add new / better APIs.
> 
> Concerning a new / better API in LibreSSL: The OpenBSD folks have the
> same / similar concerns bout the OpenSSL API. True, they have libssl for
> backwards-compatibility but have added a new libtls library trying to
> address these concerns.
> 
> Their goal is to provide more simple API where an application can ask
> for a secure channel and libtls will do the reset - no need for the
> application to know and handle the gory details about TLS version etc. -
> that's their actual motivation. OpenBSD has started using libtls in
> tools of their base system for what I know and LibreSSL has become
> portable for quite some time.

We can't use it.  All the functions it provides assume I/O over a file descriptor. We don't use file descriptors for EAP, we use record buffers.

-Arran


-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 842 bytes
Desc: Message signed with OpenPGP using GPGMail
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20151016/cee641e0/attachment-0001.sig>


More information about the Freeradius-Users mailing list