Problems with EAP-TLS
Jouni Malinen
j
Sun Nov 22 12:12:33 PST 2009
On Fri, Nov 20, 2009 at 07:51:56PM -0500, Christian Scheid wrote:
> Attached please find a more detailed trace with hex dumps of the
> received/sent packets. It looks to me that the supplicant is responding to
> id 4 but the server keeps resending the last id. Not sure why. Could it be a
> timing issue?
Thanks. It looks like there is something quite badly wrong in whatever
is translating these messages between the authentication server and the
EAP peer implementation from wpa_supplicant. Based on the certificate
names, I would assume this is using WiMAX and some kind of translation
of EAP information from there into wpa_supplicant code. This code is not
included in the wpa_supplicant repository nor have I seen it, so I
cannot provide more comments on what could be wrong there.
I would suggest checking the translation glue code between WiMAX and EAP
peer. It seems to be sending most EAP messages multiple times (id=1
once, id=2 twice, id=3 thrice, id=4 at least four times)..
Is the WiMAX glue code that is used here something that is available
under an open source license (or could be released as such)?
--
Jouni Malinen PGP id EFC895FA
More information about the Hostap
mailing list