Okay, thanks. I have re-opened the original bug against FreeRADIUS so they can comment on whether the problem may be in the patch/additional code. I'll forward their reply and follow up with the author of that code if appropriate.
Regards, David -----Original Message----- From: Stephen Henson via RT [mailto:[email protected]] Sent: Tuesday, September 08, 2009 9:38 PM To: [email protected] Cc: [email protected] Subject: [openssl.org #2036] bug report: TLS session resumption not checking for existence of client finished message > [[email protected] - Tue Sep 08 09:45:22 2009]: > > However I was advised that it is not a bug in FreeRADIUS, since FreeRADIUS > uses OpenSSL for the required functionality, and it was suggested that I > report it to OpenSSL as a bug. > I'm not sure this is an OpenSSL bug either. To use EAP IIRC you need to patch OpenSSL and use additional code to support it. I'd suggest contacting the patch/additional code author. Steve. -- Dr Stephen N. Henson. OpenSSL project core developer. Commercial tech support now available see: http://www.openssl.org ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List [email protected] Automated List Manager [email protected]
