Patches for OpenSSL

Jouni Malinen j at
Tue Oct 26 05:41:07 EDT 2010

On Tue, Oct 26, 2010 at 01:13:36AM +0100, Panagiotis Georgopoulos wrote:
>                In the recent version of wpa_supplicant and hostapd, I've
> seen some patches which seem to be for OpenSSL. I am not quite sure of what
> their purpose is and whether I should apply them.

Their only purpose is to enable EAP-FAST support in OpenSSL 0.9.8
(similar patch was included in OpenSSL 1.0.0).

>                I am having some issues with session resumption when using
> EAP-TLS or EAP-TTLS with OpenSSL 0.9.8k (ubuntu 10.04) and I was thinking
> whether the patches included in wpa_supplicant will help with that.

No, they should not affect EAP-TLS or EAP-TTLS at all.

> Is my only option to manually compile openSSL 1.0.0 from source for both my
> supplicant, hostapd and FreeRadius in order to successfully use Session
> Resumption in EAP-TLS and EAP-TTLS? (although I am guessing that if hostapd
> is not used as a radius server then it doesn't require the newer version of
> openSSL).

No, session resumption is expected to work with standard OpenSSL builds.
Please describe the problems you are seeing in more detail.

Jouni Malinen                                            PGP id EFC895FA

More information about the HostAP mailing list