Having problem on wpa_supplicant with EAP-TTLS

Paul-Henri Gauzence de Lastours gauzence
Fri Aug 11 07:54:01 PDT 2006

On 11/08/06, Jouni Malinen <jkmaline at cc.hut.fi> wrote:
> On Fri, Aug 11, 2006 at 10:40:54AM +0200, Paul-Henri Gauzence de Lastours
> wrote:
> > - in the *eap_tls_common* file, in the function
> *eap_tls_process_helper*,
> > the function *tls_connection_handshake *is never called, because *
> > eap_tls_data_reassemble* returns a NULL, and so, we quit *
> > eap_tls_process_helper*. I tried to force the call of
> *eap_tls_handshake* by
> > commenting out the test on msg value. Then, the *client hello* message
> was
> > correctly sent, but then, there were lots and lots of strange characters
> on
> > debug output, and the authentication failed. But the *Client_hello* and
> *
> > Response_EAP-TTLS* packets were correctly sent.
> >
> > So it seems that OpenSSL is correctly working, and that the problem
> comes
> > from *eap_tls_data_reassemble*. I'm continuing to work on that, but
> would
> > you have any idea of what could provok getting a NULL from this function
> ?
> I would suggest testing with the current 0.5.x development tree. My
> first guess would be that uclibc is returning NULL from malloc(0) call
> on your target system. 0.4.8 has "data->tls_in = malloc(in_len)" in this
> function whereas this has been changed to "data->tls_in = malloc(in_len
> ? in_len : 1)" in 0.5.x branch.

You're right about that, and I reached the same conclusion. I changed it my
0-4-8 version (it is not changed yet in the 0-5-4 I downloaded), and
everything went fine, at least at the beginning... Then it seems I've got
some problems with certifcate checking, but I'm gonna work on it.

Many thanks for your help.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.shmoo.com/pipermail/hostap/attachments/20060811/f14f00d7/attachment.htm 

More information about the Hostap mailing list