Patches for OpenSSL

Jouni Malinen j
Tue Oct 26 02:41:07 PDT 2010


On Tue, Oct 26, 2010 at 01:13:36AM +0100, Panagiotis Georgopoulos wrote:
>                In the recent version of wpa_supplicant and hostapd, I've
> seen some patches which seem to be for OpenSSL. I am not quite sure of what
> their purpose is and whether I should apply them.

Their only purpose is to enable EAP-FAST support in OpenSSL 0.9.8
(similar patch was included in OpenSSL 1.0.0).

>                I am having some issues with session resumption when using
> EAP-TLS or EAP-TTLS with OpenSSL 0.9.8k (ubuntu 10.04) and I was thinking
> whether the patches included in wpa_supplicant will help with that.

No, they should not affect EAP-TLS or EAP-TTLS at all.

> Is my only option to manually compile openSSL 1.0.0 from source for both my
> supplicant, hostapd and FreeRadius in order to successfully use Session
> Resumption in EAP-TLS and EAP-TTLS? (although I am guessing that if hostapd
> is not used as a radius server then it doesn't require the newer version of
> openSSL).

No, session resumption is expected to work with standard OpenSSL builds.
Please describe the problems you are seeing in more detail.

-- 
Jouni Malinen                                            PGP id EFC895FA



More information about the Hostap mailing list