jeltz
/
hostap
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
3,729 Commits 3 Branches 0 Tags 25 MiB
Commit Graph

11 Commits

Author SHA1 Message Date
Jouni Malinen 31a4c88580 Updated OpenSSL 0.9.8i patch to use new session ticket override API 
The patch for 0.9.9 was merged into the upstream OpenSSL 0.9.9 tree and
is not needed for EAP-FAST support with that OpenSSL version. The patch
for 0.9.8i is now using the same API that was included in 0.9.9.
 2008-11-23 21:18:26 +02:00
Jouni Malinen 1b554eb0d7 Modified the OpenSSL patch to use session ticket -specific function 
This is the first step in replacing SSL_set_hello_extension() with a new
SSL_set_session_ticket_ext() function that can only be used to override the
session ticket extension, not any arbitrary TLS extension.

SSL_set_hello_extension() is still present as a simple wrapper in this
version to avoid changing the API and to make testing with wpa_supplicant
and hostapd easier. It can be eventually removed when the patch is going in
into OpenSSL distribution.
 2008-11-12 06:15:27 +02:00
Jouni Malinen d13c05cafb Updated indentation in the patch to match style used elsewhere in OpenSSL 2008-11-12 05:06:03 +02:00
Jouni Malinen 1a647aaa69 Update the OpenSSL EAP-FAST patch for current snapshot (20080928) 
This reverts the addition of ssl3_digest_cached_records() call from the
previous update (3d1aa251a3) since OpenSSL
has apparently reverted some earlier changes that broke EAP-FAST.
 2008-09-28 18:06:12 +03:00
Jouni Malinen 8fbcd59930 Added OpenSSL 0.9.8i patch for EAP-FAST 2008-09-28 17:09:22 +03:00
Jouni Malinen 3d1aa251a3 Updated the OpenSSL EAP-FAST patch for the current OpenSSL 0.9.9 snapshot 
sssleay.num had changed (new function allocated) and server code was
modified to call ssl3_digest_cached_records() in the start of abbreviated
handshake to avoid possible segmentation faults later in some cases when
reverting to full handshake. In addition, there is some whitespace cleanup
and added comment explaining TLS ticket processing.
 2008-08-24 13:12:54 +03:00
Jouni Malinen 8816045743 Updated the EAP-FAST patch for the latest OpenSSL 0.9.9 snapshot 2008-05-29 11:00:33 +03:00
Jouni Malinen 2298ca6410 Added the EAP-FAST patch for OpenSSL 0.9.8h 2008-05-29 10:47:03 +03:00
Jouni Malinen fe2b7dda02 Fixed fallback to full handshake when server rejects PAC-Opaque 
The TLS client changes in ssl3_get_server_hello() were based on the
pre-RFC 5077 version of OpenSSL and they hardcoded s->hit to 1 in case
PAC-Opaque was used. This prevented fallback to full TLS handshake in case
the server rejected PAC-Opaque in ClientHello. The fixed version simplifies
ssl3_get_server_hello() and uses the new RFC 5077 functionality in OpenSSL
(ssl3_check_finished) to allow the state machine handle start of
abbreviated handshake based on the used ticket.
 2008-04-15 17:24:06 +03:00
Jouni Malinen d4092763cf Fixed fallback to full handshake when server rejects PAC-Opaque 
The TLS client changes in ssl3_get_server_hello() were based on the
pre-RFC 5077 version of OpenSSL and they hardcoded s->hit to 1 in case
PAC-Opaque was used. This prevented fallback to full TLS handshake in case
the server rejected PAC-Opaque in ClientHello. The fixed version simplifies
ssl3_get_server_hello() and uses the new RFC 5077 functionality in OpenSSL
(ssl3_check_finished) to allow the state machine handle start of
abbreviated handshake based on the used ticket.
 2008-04-15 17:08:15 +03:00
Jouni Malinen 6fc6879bd5 Re-initialize hostapd/wpa_supplicant git repository based on 0.6.3 release 2008-02-27 17:34:43 -08:00