Hi,
The patch checked out OK and has been committed.
BTW, how do you do that kind of testing? Does everyone of the
developpers have lots of software and hardware clients to do
all kind of testing or what?
Excuse the stupid question, but I'd like to play a bit with
EAP-TTLS and PEAP
[EMAIL PROTECTED] wrote:
BTW, how do you do that kind of testing? Does everyone of the
developpers have lots of software and hardware clients to do
all kind of testing or what?
No. The developers do some testing, but we don't have the time or
money to test against all clients.
Excuse the
Hi,
Excuse the stupid question, but I'd like to play a bit with
EAP-TTLS and PEAP (possibly submitting some patches at a later
time) and don't really know how to even generate suitable queries
to test what I'm doing. :-(
Use various clients.
--verbose ?
I.e. can you recommand
[EMAIL PROTECTED] wrote:
I.e. can you recommand some free, software based EAP-TTLS client which
allow(s) testing a large variety of inner protocols?
xsupplicant, alfa arris...
Google can help, too.
Alan DeKok.
-
List info/subscribe/unsubscribe? See
xsupplicant, alfa arris...
Thanks a lot.
Google can help, too.
Sure. However, that gave me lots of references to lots of
different stuff, all of which I never heard of (while I've
been using various RADIUS stuff for quite some time, I'm
completely new to the world of EAP protocols ...).
Joey Nix [EMAIL PROTECTED] wrote:
So will it be:
case handshake:
if (tls_session-info.handshake_type == finished) {
DEBUG2( rlm_eap_tls: ack handshake is finished);
return EAPTLS_SUCCESS;
}
Sorry I haven't checked this yes. I'll be testing it today. We just
got done with a major electrical repair on campus. They took down the
power to the entire campus for about 36 hours, so we had to power down
our entire infrastructure then bring it back up yesterday. Suffice it
to say that
The patch checked out OK and has been committed.
--
--Mike
---
Michael Griego
Wireless LAN Project Manager
The University of Texas at Dallas
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Michael Griego [EMAIL PROTECTED] wrote:
Question:
Looking through the code, the fragment member of tls_session_t is a flag
that is either set to 0 or 1 in various places (depending on whether or
not there are more fragments to send). In this case, won't the above
always match? (ie
Hi there,
I've found a bug in the rlm_eap_tls module.
Which is created by the following commit (CVS):
File: eap_tls.c
Revision: 1.178
Changes since 1.16: +6 -1 lines
Comment: Try to handle the case where we get an ACK after sending the last fragment
Hi Joey:
Could you please provide more details on this find and
how it gets triggered (test scenario, conditions,
example config). If your find is valid (per feedback
from freeRADIUS authors then this serious flaw should
be patched asap!)
Thanks.
Regards,
Mohammed.
Mohammed H. Petiwala
Senior
I'm using the default config with the following changes in eap.conf:
default_eap_type = tls
and
the tls section excepted by check_crl and check_cert_cn out-commented.
So I'm using the test certificates.
EAP-Type: TLS
freeRADIUS version 1.0.0
Verified with Windows 2000/XP 802.1x Authentication
Joey Nix [EMAIL PROTECTED] wrote:
the tls section excepted by check_crl and check_cert_cn out-commented.
So I'm using the test certificates.
Ok... If you can verify that it works when the *previous* check is
changed to:
} else if (tls_session-fragment = 0) {
...
} else if (tls_session-fragment = 0) {
Question:
Looking through the code, the fragment member of tls_session_t is a flag
that is either set to 0 or 1 in various places (depending on whether or
not there are more fragments to send). In this case, won't the above
always match? (ie
14 matches
Mail list logo