Alan DeKok schrieb: > Andreas Hartmann wrote: >> Now, I looked at the SSL-session_id. >> >> tls_session->ssl->session->session_id is empty when the data is saved to >> the session. >> >> At the time the data is fetched from the session during reauth, the >> session_id is not empty (means: there is another id). > > <shrug> OpenSSL is weird. > > The fast re-auth worked when I tested it with TTLS && PEAP. Others > have tested it to work.
See http://bugs.freeradius.org/bugzilla/show_bug.cgi?id=81 It does not work for me. There seem to be problems with the session-handling, which should be checked, explained and, if necessary, fixed. Until I don't have a comprehensibly explanation for the reported session-ID behavior, the current version (and 2.1.8) of freeradius is highly insecure. Kind regards, Andreas - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html