reauth-problem with WPA2-tls
Andreas Hartmann
andihartmann at 01019freenet.de
Mon Jun 7 22:46:20 CEST 2010
Hello!
Problem is fixed! Your missing a ssl-option when setting up SSL. Since
SSL version 0.9.8j, openssl supports stateless session resumption. This
means, no session_id is created in the server, if both, client and
server, support it.
I'm using on both sides openssl 0.9.8k, the server generates no
session-key (which you need for saving resume-data).
See: http://www.mail-archive.com/openssl-users@openssl.org/msg56976.html.
Setting
ctx_options |= SSL_OP_NO_TICKET ;
in rlm_eap_tls.c
is needed, to get a working sessionhandling in freeradius with openssl >
0.9.8i.
It was good to have a lot of comments in the code and to have a lot of
debug messages. So I could follow what's going on in detail.
Kind regards,
Andreas
More information about the Freeradius-Users
mailing list