applying openssl patch for EAP-FAST support
Jouni Malinen
j at w1.fi
Mon Oct 20 12:05:46 EDT 2008
On Mon, Oct 20, 2008 at 05:20:48PM +0530, Paresh Sawant wrote:
> I succeeded to build hostapd with support for FAST. Now I'm trying to
> associate wpa_supplicant with hostapd using EAP-FAST.
>
> I'm running wpa_supplicant on windows XP, and I have patched openssl to
> support EAP-FAST. Following is my configured network block -
Which version of OpenSSL did you use with hostapd and with
wpa_supplicant? Have you tested with the 0.6.4 Windows binary release
instead of something you built yourself?
> EAP-FAST: SessionTicket callback
> EAP-FAST: SessionTicket (PAC-Opaque) - hexdump(len=0): [NULL]
> EAP-FAST: Ignore invalid SessionTicket
This should be fine..
> SSL: (where=0x4008 ret=0x228)
> SSL: SSL3 alert: write (local SSL3 detected an error):fatal:handshake
> failure
> SSL: (where=0x2002 ret=0xffffffff)
> SSL: SSL_accept:error in SSLv3 read client hello C
> OpenSSL: tls_connection_server_handshake - SSL_accept error:1408A0C1:SSL
> routines:SSL3_GET_CLIENT_HELLO:no shared cipher
This does not look promising..
Could you please capture the negotiation packets (e.g., with wireshark)
and send me a trace showing the TLS handshake packets?
--
Jouni Malinen PGP id EFC895FA
More information about the HostAP
mailing list