reauth-problem with WPA2-tls

Andreas Hartmann andihartmann at 01019freenet.de
Sat Jun 5 08:16:48 CEST 2010


Alan DeKok schrieb:
> Andreas Hartmann wrote:
>> Now, I looked at the SSL-session_id.
>>
>> tls_session->ssl->session->session_id is empty when the data is saved to
>> the session.
>>
>> At the time the data is fetched from the session during reauth, the
>> session_id is not empty (means: there is another id).
> 
>   <shrug>  OpenSSL is weird.
> 
>   The fast re-auth worked when I tested it with TTLS && PEAP.  Others
> have tested it to work.


See http://bugs.freeradius.org/bugzilla/show_bug.cgi?id=81

It does not work for me. There seem to be problems with the
session-handling, which should be checked, explained and, if necessary,
fixed.

Until I don't have a comprehensibly explanation for the reported
session-ID behavior, the current version (and 2.1.8) of freeradius is
highly insecure.


Kind regards,
Andreas



More information about the Freeradius-Users mailing list