[PATCH v3 0/2] EAP-{TTLS,PEAP} support (draft) for TLS 1.3

[Alexander Clouter]

Hello,

Any thoughts on these patches and what other changes may need to be made for consideration of inclusion?

Microsoft and Network RADIUS (authors of FreeRADIUS) are pressing ahead with interop testing based around these patches.

Regards

Alex

On Fri, 16 Oct 2020, at 09:49, Alexander Clouter wrote:
> Support TLS 1.3 for EAP-{TTLS,PEAP} as described in
> draft-ietf-emu-tls-eap-types and tested against FreeRADIUS[1].
> 
> [1] https://github.com/FreeRADIUS/freeradius-server/pull/3517
> 
> Changes since
>  v2:
>   * commit message changes; no code change
>  v1:
>   * changes also made to hostapd to support TLS 1.3
>   * improved EAP-TLS commitment message
> 
> Signed-off-by: Alexander Clouter <alex at digriz.org.uk>
> 
> Alexander Clouter (2):
>   EAP-TTLS/PEAP peer: fix failure when using session tickets under TLS 1.3
>   EAP peer/server: support for draft-ietf-emu-tls-eap-types-00
> 
>  src/crypto/tls_openssl.c               | 17 +++++--
>  src/eap_peer/eap_peap.c                | 17 +++++--
>  src/eap_peer/eap_tls.c                 | 11 ++---
>  src/eap_peer/eap_tls_common.c          |  4 +-
>  src/eap_peer/eap_ttls.c                | 29 +++++++++++-
>  src/eap_server/eap_server_peap.c       | 65 ++++++++++++++++++++++----
>  src/eap_server/eap_server_tls.c        | 33 -------------
>  src/eap_server/eap_server_tls_common.c | 51 +++++++++++++++++++-
>  src/eap_server/eap_server_ttls.c       | 28 +++++++++--
>  9 files changed, 189 insertions(+), 66 deletions(-)
> 
> -- 
> 2.20.1
> 
>

-- 
Alexander Clouter