wpa_supplicant - Navisradius5 failure parsing ClientHello

Jouni Malinen j
Sun Mar 9 22:34:36 PDT 2008


On Mon, Mar 10, 2008 at 04:03:48PM +1300, caz riley wrote:

>   tcpdump attached...

Thanks. The ClientHello in the message from the client looks fine.
However, it does include a SessionTicket request as a TLS extension. I
would guess that the authentication server does not like this since I
did not see anything else wrong in the message.

Which version of OpenSSL are you using in the client? Has it been built
with TLS extension support? If yes, I would suggest a test that does not
include it.. I'll consider adding some code into wpa_supplicant to
disable this by default since SessionTicket is not used by most EAP
methods and the way it is used with EAP-FAST is not compatible with this
type of request.

-- 
Jouni Malinen                                            PGP id EFC895FA



More information about the Hostap mailing list