PEAP/SoH patch

Phil Mayers p.mayers at imperial.ac.uk
Tue Nov 24 17:50:52 CET 2009


All,

I've started to do some work on supporting the SoH messages in PEAPv0, 
which are supported in WinXP SP3+ and Vista/Win7

So far I've made the necessary (I believe) modifications to the PEAP 
state machine, and have code to generate the SoH request TLV, but the 
clients are choking on it.

EAP Request, Identity [RFC3748]
EAP Response, Identity [RFC3748]
EAP Request, PEAP [Palekar]
TLSv1 Client Hello
EAP Request, PEAP [Palekar]
EAP Response, PEAP [Palekar]
EAP Request, PEAP [Palekar]
EAP Response, PEAP [Palekar]
TLSv1 Server Hello, Certificate, Server Hello D
TLSv1 Client Key Exchange, Change Cipher Spec,
TLSv1 Change Cipher Spec, Encrypted Handshake M
EAP Response, PEAP [Palekar]
TLSv1 Application Data
TLSv1 Application Data
TLSv1 Application Data
^^^ containing the SoH requests

...and everything stops

Please don't bombard me with "Me too, please send me your patch" 
requests at this point - it doesn't work, and I can't easily publish a 
git tree from here anyway.

What I'm looking for is help from people for review & implementation - 
in particular, if there's anyone out there who knows how the hell I get 
debugging out of WinXP SP3. Could interested and technically capable 
parties contact me off-list or direct me to a place more appropriate for 
discussion?



More information about the Freeradius-Users mailing list