Hi there, I've found a bug in the rlm_eap_tls module.
Which is created by the following commit (CVS): File: eap_tls.c Revision: 1.178 Changes since 1.16: +6 -1 lines Comment: Try to handle the case where we get an ACK after sending the last fragment http://www.freeradius.org/cgi-bin/cvsweb.cgi/radiusd/src/modules/rlm_eap/types/rlm_eap_tls/eap_tls.c.diff?r1=1.16&r2=1.17&f=H After sending fragments and receiving a ACK message it is not per default that Access is granted! I thin that EAPTLS_SUCCESS must be replaced with EAPTLS_REQUEST. Test situation: Untrusted ROOT CA and Client Certificate installed on a laptop with Windows and the default 802.1x authentication client, the certificate must be bigger than the size of one fragment! And the authorize/authentication will loop with access to the network. Greetings, Joey _____________________________________________________________ GRATIS LEUK EMAILADRES! http://www.apennootje.nl - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
