Hi everybody, I am examining the rlm_eap_tls source code in order to replace the OpenSSL calls with GnuTLS calls. That seems to work pretty straight forward, but I found some lines of code, where I am not sure, whether I understood them right or not: /* * Register the application indices. We can't use * hard-coded "0" and "1" as before, because we need to * set up a "free" handler for the cached session * information. */ if (eaptls_handle_idx < 0) { eaptls_handle_idx = SSL_get_ex_new_index(0, "eaptls_handle_idx", NULL, NULL, NULL); } if (eaptls_conf_idx < 0) { eaptls_conf_idx = SSL_get_ex_new_index(0, "eaptls_conf_idx", NULL, NULL, NULL); } if (eaptls_session_idx < 0) { eaptls_session_idx = SSL_get_ex_new_index(0, "eaptls_session_idx", NULL, NULL, eaptls_session_free); } I would say, these lines are needed in order to implement session caching. Is that right? If yes, I would delete them first in order to get a simple setup for the first test and replace them later. Regards Carolin