7 Jun
2010
7 Jun
'10
4:46 p.m.
Hello! Problem is fixed! Your missing a ssl-option when setting up SSL. Since SSL version 0.9.8j, openssl supports stateless session resumption. This means, no session_id is created in the server, if both, client and server, support it. I'm using on both sides openssl 0.9.8k, the server generates no session-key (which you need for saving resume-data). See: http://www.mail-archive.com/openssl-users@openssl.org/msg56976.html. Setting ctx_options |= SSL_OP_NO_TICKET ; in rlm_eap_tls.c is needed, to get a working sessionhandling in freeradius with openssl > 0.9.8i. It was good to have a lot of comments in the code and to have a lot of debug messages. So I could follow what's going on in detail. Kind regards, Andreas