Pierluigi Frullani [EMAIL PROTECTED] wrote:
I think this is probably a bug.
Maybe.
I decided then to give a more high level of security, double-checking the
certificate against the root certificate, on client-side.
I've then imported the root certificate ( the same I've installed on
radius ) but as soon I activate the validate server certificate and
restart the authentication, on the radius log I get the error :
rlm_eap_tls: Received unexpected tunneled data after successful handshake
Ok. That's what the debugging messages are for...
Debug: rlm_eap_tls: Received unexpected tunneled data after successful
handshake.
Debug: Tunneled data (23 bytes)
0: 15 03 01 00 12 72 ee 05 fb 3c 18 fc 4c fd 0d b2
16: b2 07 f2 6e d8 7f 7c
I have no clue what that data is, or what it's supposed to be.
You can edit src/modules/rlm_eap/types/rlm_eap_tls/rlm_eap_tls.c to
NOT fail when it prints that message out, which should be a start.
But the real issue is that the EAP-TLS documents don't say what that
data is, or what to do with it.
Alan DeKok.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html