No description
bf206cada3
The server handshake processing was still using SSL_read() to get OpenSSL to perform the handshake. While this works for most cases, it caused some issues for re-authentication. This is now changed to use SSL_accept() which is more approriate here since we know that the handshake is still going on and there will not be any tunneled data available. This resolves some of the re-authentication issues and makes it possible for the server to notice if TLS processing fails (SSL_read() did not return an error in many of these cases while SSL_accept() does). Set session id context to a unique value in order to avoid fatal errors when client tries session resumption (SSL_set_session_id_context() must be called for that to work), but disable session resumption with the unique value for the time being since not all server side code is ready for it yet (e.g., EAP-TTLS needs special Phase 2 processing when using abbreviated handshake). Changed EAP-TLS server not to call TLS library when processing the final ACK (empty data) from the client in order to avoid starting a new TLS handshake with SSL_accept(). |
||
---|---|---|
eap_example | ||
hostapd | ||
patches | ||
radius_example | ||
src | ||
testing | ||
wpa_supplicant | ||
www | ||
build_release | ||
COPYING | ||
FAQ | ||
README |
wpa_supplicant and hostapd v0.6.x --------------------------------- Copyright (c) 2002-2007, Jouni Malinen <j@w1.fi> and contributors All Rights Reserved. These program is dual-licensed under both the GPL version 2 and BSD license. Either license may be used at your option. This package may include either wpa_supplicant, hostapd, or both. See README file respective subdirectories (wpa_supplicant/README or hostapd/README) for more details. Source code files have been moved around in v0.6.x releases and compared to earlier releases, the programs are now build by first going to a subdirectory (wpa_supplicant or hostapd) and creating build configuration (.config) and running 'make' there (for Linux/BSD/cygwin builds).