Manuel Sánchez Cuenca
msc at dif.um.es
Wed Sep 5 09:52:13 CEST 2007
Alan DeKok escribió:
>>> Yes. The TLS code inside of FreeRADIUS assumes that once the initial
>>> handshake is completed, that there is no more data to send.
>> Is this correct?
> Until now, yes.
But this assumption limits the protocol.
>> I mean, why freeradius suppose that only in the initial
>> handshake are necessary fragments, the specification of PEAP says
>> somethig about it?
> The specification of PEAP doesn't say much about that, so far as I recall.
When the specification of PEAP talks about fragmentation, it says:
"By including support for fragmentation and reassembly within PEAPv2,
methods leveraging PEAPv2 do not need to support this on their own."
And in the way fragmentation is implemented in freeradius, it is not
allowed. I mean, if fragmentation is allowed only in the handshake, new
protocols leveraging PEAP in freeradius need to implement fragmentation too.
> Alan DeKok.
> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/devel.html
Manuel Sanchez Cuenca
Departamento de Ingenieria de la Informacion y las Comunicaciones
Facultad de Informatica. Universidad de Murcia
Campus de Espinardo - 30080 Murcia (SPAIN)
Tel.: +34-968-364644 Fax: +34-968-364151
email: msc at dif.um.es | manuelsc at um.es
More information about the Freeradius-Devel