SessionTicket patch to OpenSSL 0.9.8e and EAP-FAST

Jouni Malinen j at w1.fi
Wed Jun 27 09:38:58 EDT 2007


On Wed, Jun 27, 2007 at 08:46:52AM -0400, Eric Fung wrote:

> Is the EAP-FAST authentication in hostapd supposed to work when building
> against a patched OpenSSL 0.9.8e? I'm noticing that server_random has  
> not been
> generated before the session ticket callback is being called, so both  
> sides
> compute a different master secret.

No, only the 0.9.9 patch has fixes for the server side functionality. I
did all the server testing with 0.9.9 snapshot and haven't ported the
fixes to the 0.9.8 patches yet.

-- 
Jouni Malinen                                            PGP id EFC895FA



More information about the HostAP mailing list