R: Eap-Tls Problem

K. Hoercher wbhoer at gmail.com
Wed Aug 23 13:37:13 CEST 2006

Ok, starting to sort this out.

1. This doesn't look like something for -devel. Please consider
starting a new thread in -user with a brief write-up of the problem.
But see below.

2. Stop asking for action (especially here, but nonetheless in -user).
This will discourage people from answering you.

3. I more or less duplicated your setup from
<44EB5C4F.2040504 at crema.unimi.it>and tested it here with
freeradius-1.1.2, hostapd-0.5.3, wpa_supplicant-0.5.4. It worked as
you wish and should be expected.

4. It even worked with the hard Auth-Type setting in users file
(changed to local environment) despite that being unnecessary and
insofar wrong. Please see
http://deployingradius.com/documents/configuration/auth_type.html. I
cannot understand french, but at least in this respect
http://www.alphacore.net/spip/article.php3?id_article=33 seems to err.

5. The error message:

rlm_eap: SSL error error:00000000:lib(0):func(0):reason(0)
In SSL Handshake Phase

is something from openssl not to bother about (search the archive).
I do even get it at this point in negotiation:

    (other): SSL negotiation finished successfully
rlm_eap: SSL error error:00000000:lib(0):func(0):reason(0)
SSL Connection Established
  eaptls_process returned 13

6. The radius.log you attached earlier didn't show any incoming
EAP-Responses to the Challenges freeradius sent out.
The snippets you keep posting since then show a part of the debug log,
which doesn't exhibit a fault compared to what I'm getting here. If
the cut off parts show the same  as in the attached file, the same
problem exists: your client isn't responding properly. Otherwise you
should stop leaving us guessing around and post the full output.

K. Hoercher

More information about the Freeradius-Devel mailing list