[openssl-dev] EAP-FAST and OpenSSL 1.1.x with new client TLS state machine
Jouni Malinen
j at w1.fi
Fri Dec 4 13:08:34 UTC 2015
On Fri, Dec 04, 2015 at 10:27:48AM +0000, Matt Caswell wrote:
> EAP-FAST is very strange. Normally you know whether you are resuming a
> session or not based on the session id returned from the server. However
> that's not the case with EAP-FAST - you have to wait to see what message
> the server sends you next to determine what's happening (which is really
> horrible).
Indeed. EAP-FAST is a good example of what can happen if a company
designs a new EAP method and pushes that to the market without going
through proper IETF review.. This part here is not the only difficult
item in supporting EAP-FAST. :(
> The new state machine code waits until a message is received from the
> peer and then checks it against its allowed list of transitions based on
> its current state. If its not allowed then you get an unexpected message
> alert. It looks like the check for the EAP-FAST session resumption case
> is missing from the new code.
>
> Please can you try the attached patch and see if that resolves the
> issue? Let me know how you get on.
Thanks! That fixes the issue. With this applied on top of the current
master branch snapshot, I was able to pass all my EAP regression tests.
--
Jouni Malinen PGP id EFC895FA
More information about the openssl-dev
mailing list