Porting rlm_eap_tls to GnuTLS - eaptls_handle_idx only needed for session caching?
Carolin Latze
carolin.latze at unifr.ch
Fri May 8 14:32:08 CEST 2009
Hi everybody,
I am examining the rlm_eap_tls source code in order to replace the
OpenSSL calls with GnuTLS calls. That seems to work pretty straight
forward, but I found some lines of code, where I am not sure, whether I
understood them right or not:
/*
* Register the application indices. We can't use
* hard-coded "0" and "1" as before, because we need to
* set up a "free" handler for the cached session
* information.
*/
if (eaptls_handle_idx < 0) {
eaptls_handle_idx = SSL_get_ex_new_index(0, "eaptls_handle_idx",
NULL, NULL, NULL);
}
if (eaptls_conf_idx < 0) {
eaptls_conf_idx = SSL_get_ex_new_index(0, "eaptls_conf_idx",
NULL, NULL, NULL);
}
if (eaptls_session_idx < 0) {
eaptls_session_idx = SSL_get_ex_new_index(0, "eaptls_session_idx",
NULL, NULL,
eaptls_session_free);
}
I would say, these lines are needed in order to implement session
caching. Is that right? If yes, I would delete them first in order to
get a simple setup for the first test and replace them later.
Regards
Carolin
More information about the Freeradius-Devel
mailing list