jeltz/hostap
1
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity
hostap/src/tls
History
Jouni Malinen 9e783041fa Add a workaround for EAP-FAST with Cisco AP local RADIUS server 
When using the internal TLS implementation, EAP-FAST unauthenticated
provisioning ends up proposing multiple cipher suites. It looks like
Cisco AP (at least 350 and 1200 series) local authentication server does
not know how to search cipher suites from the list and seem to require
that the last entry in the list is the one that it wants to use.
However, TLS specification requires the list to be in the client
preference order. As a workaround, ass anon-DH AES-128-SHA1 again at the
end of the list to allow the Cisco code to find it.

This fixed EAP-FAST provisioning with the following IOS version:
Cisco IOS Software, C350 Software (C350-K9W7-M), Version 12.3(8)JEA3,
RELEASE SOFTWARE (fc2)
Compiled Wed 21-Nov-07 14:08 by ccai
2009-03-08 12:04:39 +02:00
..
.gitignore Re-initialize hostapd/wpa_supplicant git repository based on 0.6.3 release 2008-02-27 17:34:43 -08:00
asn1.c Re-initialize hostapd/wpa_supplicant git repository based on 0.6.3 release 2008-02-27 17:34:43 -08:00
asn1.h Re-initialize hostapd/wpa_supplicant git repository based on 0.6.3 release 2008-02-27 17:34:43 -08:00
asn1_test.c Re-initialize hostapd/wpa_supplicant git repository based on 0.6.3 release 2008-02-27 17:34:43 -08:00
bignum.c Fixed number of doxygen warnings 2009-01-02 22:28:04 +02:00
bignum.h Re-initialize hostapd/wpa_supplicant git repository based on 0.6.3 release 2008-02-27 17:34:43 -08:00
libtommath.c Updated the LibTomMath reference to use 0.41 version 2008-06-06 10:32:09 +03:00
Makefile Improved 'make install' (use BINDIR/LIBDIR, install shared objects) 2009-02-15 14:22:50 +02:00
rsa.c Re-initialize hostapd/wpa_supplicant git repository based on 0.6.3 release 2008-02-27 17:34:43 -08:00
rsa.h Re-initialize hostapd/wpa_supplicant git repository based on 0.6.3 release 2008-02-27 17:34:43 -08:00
tlsv1_client.c Add a workaround for EAP-FAST with Cisco AP local RADIUS server 2009-03-08 12:04:39 +02:00
tlsv1_client.h Re-initialize hostapd/wpa_supplicant git repository based on 0.6.3 release 2008-02-27 17:34:43 -08:00
tlsv1_client_i.h Re-initialize hostapd/wpa_supplicant git repository based on 0.6.3 release 2008-02-27 17:34:43 -08:00
tlsv1_client_read.c Silenced compiler warnings on size_t printf format and shadowed variables 2008-09-27 10:46:06 +03:00
tlsv1_client_write.c Re-initialize hostapd/wpa_supplicant git repository based on 0.6.3 release 2008-02-27 17:34:43 -08:00
tlsv1_common.c Re-initialize hostapd/wpa_supplicant git repository based on 0.6.3 release 2008-02-27 17:34:43 -08:00
tlsv1_common.h Re-initialize hostapd/wpa_supplicant git repository based on 0.6.3 release 2008-02-27 17:34:43 -08:00
tlsv1_cred.c Re-initialize hostapd/wpa_supplicant git repository based on 0.6.3 release 2008-02-27 17:34:43 -08:00
tlsv1_cred.h Re-initialize hostapd/wpa_supplicant git repository based on 0.6.3 release 2008-02-27 17:34:43 -08:00
tlsv1_record.c Re-initialize hostapd/wpa_supplicant git repository based on 0.6.3 release 2008-02-27 17:34:43 -08:00
tlsv1_record.h Re-initialize hostapd/wpa_supplicant git repository based on 0.6.3 release 2008-02-27 17:34:43 -08:00
tlsv1_server.c Re-initialize hostapd/wpa_supplicant git repository based on 0.6.3 release 2008-02-27 17:34:43 -08:00
tlsv1_server.h Re-initialize hostapd/wpa_supplicant git repository based on 0.6.3 release 2008-02-27 17:34:43 -08:00
tlsv1_server_i.h Re-initialize hostapd/wpa_supplicant git repository based on 0.6.3 release 2008-02-27 17:34:43 -08:00
tlsv1_server_read.c Re-initialize hostapd/wpa_supplicant git repository based on 0.6.3 release 2008-02-27 17:34:43 -08:00
tlsv1_server_write.c Re-initialize hostapd/wpa_supplicant git repository based on 0.6.3 release 2008-02-27 17:34:43 -08:00
x509v3.c Internal X.509/TLSv1: Support SHA-256 in X.509 certificate digest 2008-08-16 11:21:22 +03:00
x509v3.h Re-initialize hostapd/wpa_supplicant git repository based on 0.6.3 release 2008-02-27 17:34:43 -08:00