前面几篇文章大概描述了EAP-TLS实验相关部分的配置信息,包括认证服务器freeradius3.0的搭建配置(及其一些简单本地认证例子,如链接MySQL、证书创建认证等等)、NAS设备(H3C MSR2600系列)的基本认证配置及嵌入式认证客户端相关源代码的移植,此篇将完成在嵌入式设备上的EAP-TLS实验。

环境

硬件

认证服务器:ThinkPad T14;

NAS:H3C MSR2600;

认证客户端:zynq armv7l(XILINX ZYNQ XC7Z010);

软件

认证服务器:Ubuntu20.04 + freeRADIUS3.0;

认证客户端:openssl-1.1.1w+libnl-3.9.0+wpa_supplicant-2.10;

配置

认证服务器

        参考前期文章《EAP-TLS实验之Ubuntu20.04环境搭建配置(FreeRADIUS3.0)(一)_freeradius3.0配置-CSDN博客》系列;

NAS

        参考前期文章《EAP-TLS实验之H3C MSR2600-10-X1配置相关-CSDN博客》,但此篇文章在实验时没有配置NAS域相关的内容,如你的认证服务器端设置了域相关的内容,则可按照文章中的相关内容进行修改配置;

认证客户端

openssl

        可参考前期相关文章或网上其他博客,资源很多,只不过需要注意的是,openssl1.0.系列只支持<=tls1.2,从openssl1.1(不再需要打补丁)开始支持tls1.3,根据你自己的需求来选择,可参考下述命令进行配置(用的是Configure文件并不是一般的config文件)、交叉编译及安装。

#mkdir /home/mike/wpa_supplicant/2.10/ssl
#./Configure linux-armv4 -march=armv6 -D__ARM_MAX_ARCH__=8 no-asm --prefix=/home/mike/wpa_supplicant/2.10/ssl --cross-compile-prefix=/root/DCJ_hf/buildroot/output/host/usr/bin/arm-linux-gnueabihf-
#make
#make install

上述配置命令指明了目标平台的架构等相关情况,可仔细阅读路径下的Configure文件及Configurations/10-main.conf;

libnl

        在执行第一步./configure配置(生成Makefile)时如果提示缺少flex及bison,执行下面语句进行下载安装(如果是路径环境问题则解决路径问题)。

# sudo apt-get update
# sudo apt-get install flex
# sudo apt-get install bison
# ./configure --host=arm-linux --prefix=/home/mike/wpa_supplicant/2.10/nl --enable-static --enable-shared CC=/root/Desktop/DCJ_20190123_hf/rootfs/buildroot/output/host/usr/bin/arm-linux-gnueabihf-gcc
# make
# make install
wpa_supplicant
# cd wpa_supplicant
# cp defconfig .config

        由于我的目标是进行有线认证,所以相关无线的部分内容可以屏蔽(裁剪),从而减小目标文件的大小,下面贴出我的.config相关配置,以供大家参考:

# Example wpa_supplicant build time configuration
#
# This file lists the configuration options that are used when building the
# wpa_supplicant binary. All lines starting with # are ignored. Configuration
# option lines must be commented out complete, if they are not to be included,
# i.e., just setting VARIABLE=n is not disabling that variable.
#
# This file is included in Makefile, so variables like CFLAGS and LIBS can also
# be modified from here. In most cases, these lines should use += in order not
# to override previous values of the variables.

CC=/root/DCJ_hf/buildroot/output/host/usr/bin/arm-linux-gnueabihf-gcc

CFLAGS += -I/home/mike/wpa_supplicant/2.10/ssl/include
LIBS += -L/home/mike/wpa_supplicant/2.10/ssl/lib

CFLAGS += -I/home/mike/wpa_supplicant/2.10/nl/include/libnl3
LIBS += -L/home/mike/wpa_supplicant/2.10/nl/lib

#export PKG_CONFIG_PATH=/home/mike/wpa_supplicant/2.10/nl/lib/pkgconfig:$PKG_CONFIG_PATH

# Uncomment following two lines and fix the paths if you have installed OpenSSL
# or GnuTLS in non-default location
#CFLAGS += -I/usr/local/openssl/include
#LIBS += -L/usr/local/openssl/lib

# Some Red Hat versions seem to include kerberos header files from OpenSSL, but
# the kerberos files are not in the default include path. Following line can be
# used to fix build issues on such systems (krb5.h not found).
#CFLAGS += -I/usr/include/kerberos

# Driver interface for generic Linux wireless extensions
# Note: WEXT is deprecated in the current Linux kernel version and no new
# functionality is added to it. nl80211-based interface is the new
# replacement for WEXT and its use allows wpa_supplicant to properly control
# the driver to improve existing functionality like roaming and to support new
# functionality.
#CONFIG_DRIVER_WEXT=y

# Driver interface for Linux drivers using the nl80211 kernel interface
#CONFIG_DRIVER_NL80211=y

# QCA vendor extensions to nl80211
#CONFIG_DRIVER_NL80211_QCA=y

# driver_nl80211.c requires libnl. If you are compiling it yourself
# you may need to point hostapd to your version of libnl.
#
#CFLAGS += -I$<path to libnl include files>
#LIBS += -L$<path to libnl library files>

# Use libnl v2.0 (or 3.0) libraries.
#CONFIG_LIBNL20=y

# Use libnl 3.2 libraries (if this is selected, CONFIG_LIBNL20 is ignored)
#CONFIG_LIBNL32=y


# Driver interface for FreeBSD net80211 layer (e.g., Atheros driver)
#CONFIG_DRIVER_BSD=y
#CFLAGS += -I/usr/local/include
#LIBS += -L/usr/local/lib
#LIBS_p += -L/usr/local/lib
#LIBS_c += -L/usr/local/lib

# Driver interface for Windows NDIS
#CONFIG_DRIVER_NDIS=y
#CFLAGS += -I/usr/include/w32api/ddk
#LIBS += -L/usr/local/lib
# For native build using mingw
#CONFIG_NATIVE_WINDOWS=y
# Additional directories for cross-compilation on Linux host for mingw target
#CFLAGS += -I/opt/mingw/mingw32/include/ddk
#LIBS += -L/opt/mingw/mingw32/lib
#CC=mingw32-gcc
# By default, driver_ndis uses WinPcap for low-level operations. This can be
# replaced with the following option which replaces WinPcap calls with NDISUIO.
# However, this requires that WZC is disabled (net stop wzcsvc) before starting
# wpa_supplicant.
# CONFIG_USE_NDISUIO=y

# Driver interface for wired Ethernet drivers
CONFIG_DRIVER_WIRED=y

# Driver interface for MACsec capable Qualcomm Atheros drivers
#CONFIG_DRIVER_MACSEC_QCA=y

# Driver interface for Linux MACsec drivers
CONFIG_DRIVER_MACSEC_LINUX=y

# Driver interface for the Broadcom RoboSwitch family
CONFIG_DRIVER_ROBOSWITCH=y

# Driver interface for no driver (e.g., WPS ER only)
#CONFIG_DRIVER_NONE=y

# Solaris libraries
#LIBS += -lsocket -ldlpi -lnsl
#LIBS_c += -lsocket

# Enable IEEE 802.1X Supplicant (automatically included if any EAP method or
# MACsec is included)
CONFIG_IEEE8021X_EAPOL=y

# EAP-MD5
CONFIG_EAP_MD5=y

# EAP-MSCHAPv2
CONFIG_EAP_MSCHAPV2=y

# EAP-TLS
CONFIG_EAP_TLS=y

# EAL-PEAP
CONFIG_EAP_PEAP=y

# EAP-TTLS
CONFIG_EAP_TTLS=y

# EAP-FAST
CONFIG_EAP_FAST=y

# EAP-TEAP
# Note: The current EAP-TEAP implementation is experimental and should not be
# enabled for production use. The IETF RFC 7170 that defines EAP-TEAP has number
# of conflicting statements and missing details and the implementation has
# vendor specific workarounds for those and as such, may not interoperate with
# any other implementation. This should not be used for anything else than
# experimentation and interoperability testing until those issues has been
# resolved.
#CONFIG_EAP_TEAP=y

# EAP-GTC
CONFIG_EAP_GTC=y

# EAP-OTP
CONFIG_EAP_OTP=y

# EAP-SIM (enable CONFIG_PCSC, if EAP-SIM is used)
#CONFIG_EAP_SIM=y

# Enable SIM simulator (Milenage) for EAP-SIM
#CONFIG_SIM_SIMULATOR=y

# EAP-PSK (experimental; this is _not_ needed for WPA-PSK)
#CONFIG_EAP_PSK=y

# EAP-pwd (secure authentication using only a password)
CONFIG_EAP_PWD=y

# EAP-PAX
CONFIG_EAP_PAX=y

# LEAP
CONFIG_EAP_LEAP=y

# EAP-AKA (enable CONFIG_PCSC, if EAP-AKA is used)
#CONFIG_EAP_AKA=y

# EAP-AKA' (enable CONFIG_PCSC, if EAP-AKA' is used).
# This requires CONFIG_EAP_AKA to be enabled, too.
#CONFIG_EAP_AKA_PRIME=y

# Enable USIM simulator (Milenage) for EAP-AKA
#CONFIG_USIM_SIMULATOR=y

# EAP-SAKE
CONFIG_EAP_SAKE=y

# EAP-GPSK
CONFIG_EAP_GPSK=y
# Include support for optional SHA256 cipher suite in EAP-GPSK
CONFIG_EAP_GPSK_SHA256=y

# EAP-TNC and related Trusted Network Connect support (experimental)
CONFIG_EAP_TNC=y

# Wi-Fi Protected Setup (WPS)
#CONFIG_WPS=y
# Enable WPS external registrar functionality
#CONFIG_WPS_ER=y
# Disable credentials for an open network by default when acting as a WPS
# registrar.
#CONFIG_WPS_REG_DISABLE_OPEN=y
# Enable WPS support with NFC config method
#CONFIG_WPS_NFC=y

# EAP-IKEv2
CONFIG_EAP_IKEV2=y

# EAP-EKE
#CONFIG_EAP_EKE=y

# MACsec
CONFIG_MACSEC=y

# PKCS#12 (PFX) support (used to read private key and certificate file from
# a file that usually has extension .p12 or .pfx)
CONFIG_PKCS12=y

# Smartcard support (i.e., private key on a smartcard), e.g., with openssl
# engine.
#CONFIG_SMARTCARD=y

# PC/SC interface for smartcards (USIM, GSM SIM)
# Enable this if EAP-SIM or EAP-AKA is included
#CONFIG_PCSC=y

# Support HT overrides (disable HT/HT40, mask MCS rates, etc.)
#CONFIG_HT_OVERRIDES=y

# Support VHT overrides (disable VHT, mask MCS rates, etc.)
#CONFIG_VHT_OVERRIDES=y

# Development testing
CONFIG_EAPOL_TEST=y

# Select control interface backend for external programs, e.g, wpa_cli:
# unix = UNIX domain sockets (default for Linux/*BSD)
# udp = UDP sockets using localhost (127.0.0.1)
# udp6 = UDP IPv6 sockets using localhost (::1)
# named_pipe = Windows Named Pipe (default for Windows)
# udp-remote = UDP sockets with remote access (only for tests systems/purpose)
# udp6-remote = UDP IPv6 sockets with remote access (only for tests purpose)
# y = use default (backwards compatibility)
# If this option is commented out, control interface is not included in the
# build.
CONFIG_CTRL_IFACE=y

# Include support for GNU Readline and History Libraries in wpa_cli.
# When building a wpa_cli binary for distribution, please note that these
# libraries are licensed under GPL and as such, BSD license may not apply for
# the resulting binary.
#CONFIG_READLINE=y

# Include internal line edit mode in wpa_cli. This can be used as a replacement
# for GNU Readline to provide limited command line editing and history support.
#CONFIG_WPA_CLI_EDIT=y

# Remove debugging code that is printing out debug message to stdout.
# This can be used to reduce the size of the wpa_supplicant considerably
# if debugging code is not needed. The size reduction can be around 35%
# (e.g., 90 kB).
#CONFIG_NO_STDOUT_DEBUG=y

# Remove WPA support, e.g., for wired-only IEEE 802.1X supplicant, to save
# 35-50 kB in code size.
#CONFIG_NO_WPA=y

# Remove IEEE 802.11i/WPA-Personal ASCII passphrase support
# This option can be used to reduce code size by removing support for
# converting ASCII passphrases into PSK. If this functionality is removed, the
# PSK can only be configured as the 64-octet hexstring (e.g., from
# wpa_passphrase). This saves about 0.5 kB in code size.
#CONFIG_NO_WPA_PASSPHRASE=y

# Simultaneous Authentication of Equals (SAE), WPA3-Personal
#SCONFIG_SAE=y

# Disable scan result processing (ap_scan=1) to save code size by about 1 kB.
# This can be used if ap_scan=1 mode is never enabled.
#CONFIG_NO_SCAN_PROCESSING=y

# Select configuration backend:
# file = text file (e.g., wpa_supplicant.conf; note: the configuration file
#	path is given on command line, not here; this option is just used to
#	select the backend that allows configuration files to be used)
# winreg = Windows registry (see win_example.reg for an example)
CONFIG_BACKEND=file

# Remove configuration write functionality (i.e., to allow the configuration
# file to be updated based on runtime configuration changes). The runtime
# configuration can still be changed, the changes are just not going to be
# persistent over restarts. This option can be used to reduce code size by
# about 3.5 kB.
#CONFIG_NO_CONFIG_WRITE=y

# Remove support for configuration blobs to reduce code size by about 1.5 kB.
#CONFIG_NO_CONFIG_BLOBS=y

# Select program entry point implementation:
# main = UNIX/POSIX like main() function (default)
# main_winsvc = Windows service (read parameters from registry)
# main_none = Very basic example (development use only)
#CONFIG_MAIN=main

# Select wrapper for operating system and C library specific functions
# unix = UNIX/POSIX like systems (default)
# win32 = Windows systems
# none = Empty template
#CONFIG_OS=unix

# Select event loop implementation
# eloop = select() loop (default)
# eloop_win = Windows events and WaitForMultipleObject() loop
#CONFIG_ELOOP=eloop

# Should we use poll instead of select? Select is used by default.
#CONFIG_ELOOP_POLL=y

# Should we use epoll instead of select? Select is used by default.
#CONFIG_ELOOP_EPOLL=y

# Should we use kqueue instead of select? Select is used by default.
#CONFIG_ELOOP_KQUEUE=y

# Select layer 2 packet implementation
# linux = Linux packet socket (default)
# pcap = libpcap/libdnet/WinPcap
# freebsd = FreeBSD libpcap
# winpcap = WinPcap with receive thread
# ndis = Windows NDISUIO (note: requires CONFIG_USE_NDISUIO=y)
# none = Empty template
#CONFIG_L2_PACKET=linux

# Disable Linux packet socket workaround applicable for station interface
# in a bridge for EAPOL frames. This should be uncommented only if the kernel
# is known to not have the regression issue in packet socket behavior with
# bridge interfaces (commit 'bridge: respect RFC2863 operational state')').
#CONFIG_NO_LINUX_PACKET_SOCKET_WAR=y

# Support Operating Channel Validation
#CONFIG_OCV=y

# Select TLS implementation
# openssl = OpenSSL (default)
# gnutls = GnuTLS
# internal = Internal TLSv1 implementation (experimental)
# linux = Linux kernel AF_ALG and internal TLSv1 implementation (experimental)
# none = Empty template
CONFIG_TLS=openssl

# TLS-based EAP methods require at least TLS v1.0. Newer version of TLS (v1.1)
# can be enabled to get a stronger construction of messages when block ciphers
# are used. It should be noted that some existing TLS v1.0 -based
# implementation may not be compatible with TLS v1.1 message (ClientHello is
# sent prior to negotiating which version will be used)
CONFIG_TLSV11=y

# TLS-based EAP methods require at least TLS v1.0. Newer version of TLS (v1.2)
# can be enabled to enable use of stronger crypto algorithms. It should be
# noted that some existing TLS v1.0 -based implementation may not be compatible
# with TLS v1.2 message (ClientHello is sent prior to negotiating which version
# will be used)
CONFIG_TLSV12=y

# Select which ciphers to use by default with OpenSSL if the user does not
# specify them.
#CONFIG_TLS_DEFAULT_CIPHERS="DEFAULT:!EXP:!LOW"

# If CONFIG_TLS=internal is used, additional library and include paths are
# needed for LibTomMath. Alternatively, an integrated, minimal version of
# LibTomMath can be used. See beginning of libtommath.c for details on benefits
# and drawbacks of this option.
#CONFIG_INTERNAL_LIBTOMMATH=y
#ifndef CONFIG_INTERNAL_LIBTOMMATH
#LTM_PATH=/usr/src/libtommath-0.39
#CFLAGS += -I$(LTM_PATH)
#LIBS += -L$(LTM_PATH)
#LIBS_p += -L$(LTM_PATH)
#endif
# At the cost of about 4 kB of additional binary size, the internal LibTomMath
# can be configured to include faster routines for exptmod, sqr, and div to
# speed up DH and RSA calculation considerably
#CONFIG_INTERNAL_LIBTOMMATH_FAST=y

# Include NDIS event processing through WMI into wpa_supplicant/wpasvc.
# This is only for Windows builds and requires WMI-related header files and
# WbemUuid.Lib from Platform SDK even when building with MinGW.
#CONFIG_NDIS_EVENTS_INTEGRATED=y
#PLATFORMSDKLIB="/opt/Program Files/Microsoft Platform SDK/Lib"

# Add support for new DBus control interface
# (fi.w1.wpa_supplicant1)
#CONFIG_CTRL_IFACE_DBUS_NEW=y

# Add introspection support for new DBus control interface
#CONFIG_CTRL_IFACE_DBUS_INTRO=y

# Add support for loading EAP methods dynamically as shared libraries.
# When this option is enabled, each EAP method can be either included
# statically (CONFIG_EAP_<method>=y) or dynamically (CONFIG_EAP_<method>=dyn).
# Dynamic EAP methods are build as shared objects (eap_*.so) and they need to
# be loaded in the beginning of the wpa_supplicant configuration file
# (see load_dynamic_eap parameter in the example file) before being used in
# the network blocks.
#
# Note that some shared parts of EAP methods are included in the main program
# and in order to be able to use dynamic EAP methods using these parts, the
# main program must have been build with the EAP method enabled (=y or =dyn).
# This means that EAP-TLS/PEAP/TTLS/FAST cannot be added as dynamic libraries
# unless at least one of them was included in the main build to force inclusion
# of the shared code. Similarly, at least one of EAP-SIM/AKA must be included
# in the main build to be able to load these methods dynamically.
#
# Please also note that using dynamic libraries will increase the total binary
# size. Thus, it may not be the best option for targets that have limited
# amount of memory/flash.
#CONFIG_DYNAMIC_EAP_METHODS=y

# IEEE Std 802.11r-2008 (Fast BSS Transition) for station mode
CONFIG_IEEE80211R=y

# Add support for writing debug log to a file (/tmp/wpa_supplicant-log-#.txt)
CONFIG_DEBUG_FILE=y

# Send debug messages to syslog instead of stdout
CONFIG_DEBUG_SYSLOG=y
# Set syslog facility for debug messages
#CONFIG_DEBUG_SYSLOG_FACILITY=LOG_DAEMON

# Add support for sending all debug messages (regardless of debug verbosity)
# to the Linux kernel tracing facility. This helps debug the entire stack by
# making it easy to record everything happening from the driver up into the
# same file, e.g., using trace-cmd.
#CONFIG_DEBUG_LINUX_TRACING=y

# Add support for writing debug log to Android logcat instead of standard
# output
#CONFIG_ANDROID_LOG=y

# Enable privilege separation (see README 'Privilege separation' for details)
#CONFIG_PRIVSEP=y

# Enable mitigation against certain attacks against TKIP by delaying Michael
# MIC error reports by a random amount of time between 0 and 60 seconds
#CONFIG_DELAYED_MIC_ERROR_REPORT=y

# Enable tracing code for developer debugging
# This tracks use of memory allocations and other registrations and reports
# incorrect use with a backtrace of call (or allocation) location.
#CONFIG_WPA_TRACE=y
# For BSD, uncomment these.
#LIBS += -lexecinfo
#LIBS_p += -lexecinfo
#LIBS_c += -lexecinfo

# Use libbfd to get more details for developer debugging
# This enables use of libbfd to get more detailed symbols for the backtraces
# generated by CONFIG_WPA_TRACE=y.
#CONFIG_WPA_TRACE_BFD=y
# For BSD, uncomment these.
#LIBS += -lbfd -liberty -lz
#LIBS_p += -lbfd -liberty -lz
#LIBS_c += -lbfd -liberty -lz

# wpa_supplicant depends on strong random number generation being available
# from the operating system. os_get_random() function is used to fetch random
# data when needed, e.g., for key generation. On Linux and BSD systems, this
# works by reading /dev/urandom. It should be noted that the OS entropy pool
# needs to be properly initialized before wpa_supplicant is started. This is
# important especially on embedded devices that do not have a hardware random
# number generator and may by default start up with minimal entropy available
# for random number generation.
#
# As a safety net, wpa_supplicant is by default trying to internally collect
# additional entropy for generating random data to mix in with the data fetched
# from the OS. This by itself is not considered to be very strong, but it may
# help in cases where the system pool is not initialized properly. However, it
# is very strongly recommended that the system pool is initialized with enough
# entropy either by using hardware assisted random number generator or by
# storing state over device reboots.
#
# wpa_supplicant can be configured to maintain its own entropy store over
# restarts to enhance random number generation. This is not perfect, but it is
# much more secure than using the same sequence of random numbers after every
# reboot. This can be enabled with -e<entropy file> command line option. The
# specified file needs to be readable and writable by wpa_supplicant.
#
# If the os_get_random() is known to provide strong random data (e.g., on
# Linux/BSD, the board in question is known to have reliable source of random
# data from /dev/urandom), the internal wpa_supplicant random pool can be
# disabled. This will save some in binary size and CPU use. However, this
# should only be considered for builds that are known to be used on devices
# that meet the requirements described above.
#CONFIG_NO_RANDOM_POOL=y

# Should we attempt to use the getrandom(2) call that provides more reliable
# yet secure randomness source than /dev/random on Linux 3.17 and newer.
# Requires glibc 2.25 to build, falls back to /dev/random if unavailable.
#CONFIG_GETRANDOM=y

# IEEE 802.11ac (Very High Throughput) support (mainly for AP mode)
CONFIG_IEEE80211AC=y

# Wireless Network Management (IEEE Std 802.11v-2011)
# Note: This is experimental and not complete implementation.
#CONFIG_WNM=y

# Interworking (IEEE 802.11u)
# This can be used to enable functionality to improve interworking with
# external networks (GAS/ANQP to learn more about the networks and network
# selection based on available credentials).
CONFIG_INTERWORKING=y

# Hotspot 2.0
CONFIG_HS20=y

# Enable interface matching in wpa_supplicant
CONFIG_MATCH_IFACE=y

# Disable roaming in wpa_supplicant
#CONFIG_NO_ROAMING=y

# AP mode operations with wpa_supplicant
# This can be used for controlling AP mode operations with wpa_supplicant. It
# should be noted that this is mainly aimed at simple cases like
# WPA2-Personal while more complex configurations like WPA2-Enterprise with an
# external RADIUS server can be supported with hostapd.
#CONFIG_AP=y

# P2P (Wi-Fi Direct)
# This can be used to enable P2P support in wpa_supplicant. See README-P2P for
# more information on P2P operations.
#CONFIG_P2P=y

# Enable TDLS support
CONFIG_TDLS=y

# Wi-Fi Display
# This can be used to enable Wi-Fi Display extensions for P2P using an external
# program to control the additional information exchanges in the messages.
#CONFIG_WIFI_DISPLAY=y

# Autoscan
# This can be used to enable automatic scan support in wpa_supplicant.
# See wpa_supplicant.conf for more information on autoscan usage.
#
# Enabling directly a module will enable autoscan support.
# For exponential module:
#CONFIG_AUTOSCAN_EXPONENTIAL=y
# For periodic module:
#CONFIG_AUTOSCAN_PERIODIC=y

# Password (and passphrase, etc.) backend for external storage
# These optional mechanisms can be used to add support for storing passwords
# and other secrets in external (to wpa_supplicant) location. This allows, for
# example, operating system specific key storage to be used
#
# External password backend for testing purposes (developer use)
#CONFIG_EXT_PASSWORD_TEST=y
# File-based backend to read passwords from an external file.
#CONFIG_EXT_PASSWORD_FILE=y

# Enable Fast Session Transfer (FST)
#CONFIG_FST=y

# Enable CLI commands for FST testing
#CONFIG_FST_TEST=y

# OS X builds. This is only for building eapol_test.
#CONFIG_OSX=y

# Automatic Channel Selection
# This will allow wpa_supplicant to pick the channel automatically when channel
# is set to "0".
#
# TODO: Extend parser to be able to parse "channel=acs_survey" as an alternative
# to "channel=0". This would enable us to eventually add other ACS algorithms in
# similar way.
#
# Automatic selection is currently only done through initialization, later on
# we hope to do background checks to keep us moving to more ideal channels as
# time goes by. ACS is currently only supported through the nl80211 driver and
# your driver must have survey dump capability that is filled by the driver
# during scanning.
#
# TODO: In analogy to hostapd be able to customize the ACS survey algorithm with
# a newly to create wpa_supplicant.conf variable acs_num_scans.
#
# Supported ACS drivers:
# * ath9k
# * ath5k
# * ath10k
#
# For more details refer to:
# http://wireless.kernel.org/en/users/Documentation/acs
#CONFIG_ACS=y

# Support Multi Band Operation
#CONFIG_MBO=y

# Fast Initial Link Setup (FILS) (IEEE 802.11ai)
#CONFIG_FILS=y
# FILS shared key authentication with PFS
#CONFIG_FILS_SK_PFS=y

# Support RSN on IBSS networks
# This is needed to be able to use mode=1 network profile with proto=RSN and
# key_mgmt=WPA-PSK (i.e., full key management instead of WPA-None).
CONFIG_IBSS_RSN=y

# External PMKSA cache control
# This can be used to enable control interface commands that allow the current
# PMKSA cache entries to be fetched and new entries to be added.
#CONFIG_PMKSA_CACHE_EXTERNAL=y

# Mesh Networking (IEEE 802.11s)
#CONFIG_MESH=y

# Background scanning modules
# These can be used to request wpa_supplicant to perform background scanning
# operations for roaming within an ESS (same SSID). See the bgscan parameter in
# the wpa_supplicant.conf file for more details.
# Periodic background scans based on signal strength
#CONFIG_BGSCAN_SIMPLE=y
# Learn channels used by the network and try to avoid bgscans on other
# channels (experimental)
#CONFIG_BGSCAN_LEARN=y

# Opportunistic Wireless Encryption (OWE)
# Experimental implementation of draft-harkins-owe-07.txt
#CONFIG_OWE=y

# Device Provisioning Protocol (DPP) (also known as Wi-Fi Easy Connect)
CONFIG_DPP=y
# DPP version 2 support
CONFIG_DPP2=y
# DPP version 3 support (experimental and still changing; do not enable for
# production use)
#CONFIG_DPP3=y

# Wired equivalent privacy (WEP)
# WEP is an obsolete cryptographic data confidentiality algorithm that is not
# considered secure. It should not be used for anything anymore. The
# functionality needed to use WEP is available in the current wpa_supplicant
# release under this optional build parameter. This functionality is subject to
# be completely removed in a future release.
#CONFIG_WEP=y

# Remove all TKIP functionality
# TKIP is an old cryptographic data confidentiality algorithm that is not
# considered secure. It should not be used anymore for anything else than a
# backwards compatibility option as a group cipher when connecting to APs that
# use WPA+WPA2 mixed mode. For now, the default wpa_supplicant build includes
# support for this by default, but that functionality is subject to be removed
# in the future.
#CONFIG_NO_TKIP=y

# Pre-Association Security Negotiation (PASN)
# Experimental implementation based on IEEE P802.11z/D2.6 and the protocol
# design is still subject to change. As such, this should not yet be enabled in
# production use.
#CONFIG_PASN=y

文件配置好后依次执行如下命令进行编译安装:

#export PKG_CONFIG_PATH=/home/mike/wpa_supplicant/2.10/nl/lib/pkgconfig:$PKG_CONFIG_PATH
#make eapol_test
#arm-linux-gnueabihf-strip eapol_test

第一句是配置libnl的环境变量,最好配置完成后通过echo $PKG_CONFIG_PATH检查确认下,如果不对再source ~/.bashrc刷新下。如果不设置,会报找不到libnl相关的错误。第二句是编译eapol_test,如果你需要其他目标文件,如wpa_supplicant、wpa_cli等等,可直接make。第三句是减小目标文件的大小,因为我是静态编译的(不用再拷贝相关依赖库文件到开发板上),一个目标文件大小可能会高达十几兆,需要瘦瘦身。

下面贴出我的wpa_supplicant-2.10工程的Makefile文件,以供大家参考:

BINALL=wpa_supplicant wpa_cli

ifndef CONFIG_NO_WPA_PASSPHRASE
BINALL += wpa_passphrase
endif

ALL = $(BINALL)
ALL += systemd/wpa_supplicant.service
ALL += systemd/wpa_supplicant@.service
ALL += systemd/wpa_supplicant-nl80211@.service
ALL += systemd/wpa_supplicant-wired@.service
ALL += dbus/fi.w1.wpa_supplicant1.service
ifdef CONFIG_BUILD_WPA_CLIENT_SO
ALL += libwpa_client.so
endif

EXTRA_TARGETS=dynamic_eap_methods

CONFIG_FILE=.config
include ../src/build.rules

ifdef LIBS
# If LIBS is set with some global build system defaults, clone those for
# LIBS_c and LIBS_p to cover wpa_passphrase and wpa_cli as well.
ifndef LIBS_c
LIBS_c := $(LIBS)
endif
ifndef LIBS_p
LIBS_p := $(LIBS)
endif
endif

export LIBDIR ?= /usr/local/lib
export INCDIR ?= /usr/local/include
export BINDIR ?= /usr/local/sbin
PKG_CONFIG ?= pkg-config

CFLAGS += $(EXTRA_CFLAGS)
CFLAGS += -I$(abspath ../src)
CFLAGS += -I$(abspath ../src/utils)

ifndef CONFIG_NO_GITVER
# Add VERSION_STR postfix for builds from a git repository
ifeq ($(wildcard ../.git),../.git)
GITVER := $(shell git describe --dirty=+)
ifneq ($(GITVER),)
CFLAGS += -DGIT_VERSION_STR_POSTFIX=\"-$(GITVER)\"
endif
endif
endif

ifdef CONFIG_TESTING_OPTIONS
CFLAGS += -DCONFIG_TESTING_OPTIONS
CONFIG_WPS_TESTING=y
CONFIG_TDLS_TESTING=y
endif

mkconfig:
	@if [ -f .config ]; then \
		echo '.config exists - did not replace it'; \
		exit 1; \
	fi
	echo CONFIG_DRIVER_HOSTAP=y >> .config
	echo CONFIG_DRIVER_WEXT=y >> .config

$(DESTDIR)$(BINDIR)/%: %
	install -D $(<) $(@)

install: $(addprefix $(DESTDIR)$(BINDIR)/,$(BINALL))
	$(MAKE) -C ../src install
ifdef CONFIG_BUILD_WPA_CLIENT_SO
	install -m 0644 -D libwpa_client.so $(DESTDIR)/$(LIBDIR)/libwpa_client.so
	install -m 0644 -D ../src/common/wpa_ctrl.h $(DESTDIR)/$(INCDIR)/wpa_ctrl.h
endif
	if ls eap_*.so >/dev/null 2>&1; then \
		install -d $(DESTDIR)$(LIBDIR)/wpa_supplicant && \
		cp *.so $(DESTDIR)$(LIBDIR)/wpa_supplicant \
	; fi

ifdef CONFIG_FIPS
CONFIG_NO_RANDOM_POOL=
CONFIG_OPENSSL_CMAC=y
endif

OBJS = config.o
OBJS += notify.o
OBJS += bss.o
OBJS += eap_register.o
OBJS += ../src/utils/common.o
OBJS += ../src/utils/config.o
OBJS += ../src/utils/wpa_debug.o
OBJS += ../src/utils/wpabuf.o
OBJS += ../src/utils/bitfield.o
OBJS += ../src/utils/ip_addr.o
OBJS += ../src/utils/crc32.o
OBJS += op_classes.o
OBJS += rrm.o
OBJS += twt.o
OBJS += robust_av.o
OBJS_p = wpa_passphrase.o
OBJS_p += ../src/utils/common.o
OBJS_p += ../src/utils/wpa_debug.o
OBJS_p += ../src/utils/wpabuf.o
OBJS_c = wpa_cli.o ../src/common/wpa_ctrl.o
OBJS_c += ../src/utils/wpa_debug.o
OBJS_c += ../src/utils/common.o
OBJS_c += ../src/common/cli.o
OBJS += wmm_ac.o

ifndef CONFIG_OS
ifdef CONFIG_NATIVE_WINDOWS
CONFIG_OS=win32
else
CONFIG_OS=unix
endif
endif

ifeq ($(CONFIG_OS), internal)
CFLAGS += -DOS_NO_C_LIB_DEFINES
endif

OBJS += ../src/utils/os_$(CONFIG_OS).o
OBJS_p += ../src/utils/os_$(CONFIG_OS).o
OBJS_c += ../src/utils/os_$(CONFIG_OS).o

ifdef CONFIG_WPA_TRACE
CFLAGS += -DWPA_TRACE
OBJS += ../src/utils/trace.o
OBJS_p += ../src/utils/trace.o
OBJS_c += ../src/utils/trace.o
OBJS_priv += ../src/utils/trace.o
LIBCTRL += ../src/utils/trace.o
LIBCTRLSO += ../src/utils/trace.c
LDFLAGS += -rdynamic
CFLAGS += -funwind-tables
ifdef CONFIG_WPA_TRACE_BFD
CFLAGS += -DPACKAGE="wpa_supplicant" -DWPA_TRACE_BFD
LIBS += -lbfd -ldl -liberty -lz
LIBS_p += -lbfd -ldl -liberty -lz
LIBS_c += -lbfd -ldl -liberty -lz
endif
endif

ifndef CONFIG_ELOOP
CONFIG_ELOOP=eloop
endif
OBJS += ../src/utils/$(CONFIG_ELOOP).o
OBJS_c += ../src/utils/$(CONFIG_ELOOP).o

ifndef CONFIG_OSX
ifeq ($(CONFIG_ELOOP), eloop)
# Using glibc < 2.17 requires -lrt for clock_gettime()
# OS X has an alternate implementation
LIBS += -lrt
LIBS_c += -lrt
LIBS_p += -lrt
endif
endif

ifdef CONFIG_ELOOP_POLL
CFLAGS += -DCONFIG_ELOOP_POLL
endif

ifdef CONFIG_ELOOP_EPOLL
CFLAGS += -DCONFIG_ELOOP_EPOLL
endif

ifdef CONFIG_ELOOP_KQUEUE
CFLAGS += -DCONFIG_ELOOP_KQUEUE
endif

ifdef CONFIG_EAPOL_TEST
CFLAGS += -Werror -DEAPOL_TEST
endif

ifdef CONFIG_CODE_COVERAGE
CFLAGS += -O0 -fprofile-arcs -ftest-coverage
LIBS += -lgcov
LIBS_c += -lgcov
LIBS_p += -lgcov
endif

ifdef CONFIG_HT_OVERRIDES
CFLAGS += -DCONFIG_HT_OVERRIDES
endif

ifdef CONFIG_VHT_OVERRIDES
CFLAGS += -DCONFIG_VHT_OVERRIDES
endif

ifdef CONFIG_HE_OVERRIDES
CFLAGS += -DCONFIG_HE_OVERRIDES
endif

ifndef CONFIG_BACKEND
CONFIG_BACKEND=file
endif

ifeq ($(CONFIG_BACKEND), file)
OBJS += config_file.o
ifndef CONFIG_NO_CONFIG_BLOBS
NEED_BASE64=y
endif
CFLAGS += -DCONFIG_BACKEND_FILE
endif

ifeq ($(CONFIG_BACKEND), winreg)
OBJS += config_winreg.o
endif

ifeq ($(CONFIG_BACKEND), none)
OBJS += config_none.o
endif

ifdef CONFIG_NO_CONFIG_WRITE
CFLAGS += -DCONFIG_NO_CONFIG_WRITE
endif

ifdef CONFIG_NO_CONFIG_BLOBS
CFLAGS += -DCONFIG_NO_CONFIG_BLOBS
endif

ifdef CONFIG_NO_SCAN_PROCESSING
CFLAGS += -DCONFIG_NO_SCAN_PROCESSING
endif

ifdef CONFIG_SUITEB
CFLAGS += -DCONFIG_SUITEB
endif

ifdef CONFIG_SUITEB192
CFLAGS += -DCONFIG_SUITEB192
NEED_SHA384=y
endif

ifdef CONFIG_OCV
CFLAGS += -DCONFIG_OCV
OBJS += ../src/common/ocv.o
endif

ifdef CONFIG_IEEE80211R
CFLAGS += -DCONFIG_IEEE80211R
OBJS += ../src/rsn_supp/wpa_ft.o
endif

ifdef CONFIG_MESH
NEED_80211_COMMON=y
NEED_AES_SIV=y
CONFIG_SAE=y
CONFIG_AP=y
CFLAGS += -DCONFIG_MESH
OBJS += mesh.o
OBJS += mesh_mpm.o
OBJS += mesh_rsn.o
endif

ifdef CONFIG_SAE
CFLAGS += -DCONFIG_SAE
OBJS += ../src/common/sae.o
ifdef CONFIG_SAE_PK
CFLAGS += -DCONFIG_SAE_PK
OBJS += ../src/common/sae_pk.o
endif
NEED_ECC=y
NEED_DH_GROUPS=y
NEED_HMAC_SHA256_KDF=y
NEED_DRAGONFLY=y
ifdef CONFIG_TESTING_OPTIONS
NEED_DH_GROUPS_ALL=y
endif
endif

ifdef CONFIG_DPP
CFLAGS += -DCONFIG_DPP
OBJS += ../src/common/dpp.o
OBJS += ../src/common/dpp_auth.o
OBJS += ../src/common/dpp_backup.o
OBJS += ../src/common/dpp_crypto.o
OBJS += ../src/common/dpp_pkex.o
OBJS += ../src/common/dpp_reconfig.o
OBJS += ../src/common/dpp_tcp.o
OBJS += dpp_supplicant.o
NEED_AES_SIV=y
NEED_HMAC_SHA256_KDF=y
NEED_HMAC_SHA384_KDF=y
NEED_HMAC_SHA512_KDF=y
NEED_SHA384=y
NEED_SHA512=y
NEED_ECC=y
NEED_JSON=y
NEED_GAS_SERVER=y
NEED_BASE64=y
NEED_ASN1=y
ifdef CONFIG_DPP2
CFLAGS += -DCONFIG_DPP2
endif
ifdef CONFIG_DPP3
CFLAGS += -DCONFIG_DPP3
endif
endif

ifdef CONFIG_OWE
CFLAGS += -DCONFIG_OWE
NEED_ECC=y
NEED_HMAC_SHA256_KDF=y
NEED_HMAC_SHA384_KDF=y
NEED_HMAC_SHA512_KDF=y
NEED_SHA384=y
NEED_SHA512=y
endif

ifdef CONFIG_FILS
CFLAGS += -DCONFIG_FILS
NEED_SHA384=y
NEED_AES_SIV=y
ifdef CONFIG_FILS_SK_PFS
CFLAGS += -DCONFIG_FILS_SK_PFS
NEED_ECC=y
endif
endif

ifdef CONFIG_MBO
CONFIG_WNM=y
endif

ifdef CONFIG_WNM
CFLAGS += -DCONFIG_WNM
OBJS += wnm_sta.o
endif

ifdef CONFIG_TDLS
CFLAGS += -DCONFIG_TDLS
OBJS += ../src/rsn_supp/tdls.o
endif

ifdef CONFIG_TDLS_TESTING
CFLAGS += -DCONFIG_TDLS_TESTING
endif

ifdef CONFIG_PMKSA_CACHE_EXTERNAL
CFLAGS += -DCONFIG_PMKSA_CACHE_EXTERNAL
endif

ifndef CONFIG_NO_WPA
OBJS += ../src/rsn_supp/wpa.o
OBJS += ../src/rsn_supp/preauth.o
OBJS += ../src/rsn_supp/pmksa_cache.o
OBJS += ../src/rsn_supp/wpa_ie.o
OBJS += ../src/common/wpa_common.o
NEED_AES=y
NEED_SHA1=y
NEED_MD5=y
NEED_RC4=y
else
CFLAGS += -DCONFIG_NO_WPA
ifeq ($(CONFIG_TLS), internal)
NEED_SHA1=y
NEED_MD5=y
endif
endif

ifdef CONFIG_IBSS_RSN
NEED_RSN_AUTHENTICATOR=y
CFLAGS += -DCONFIG_IBSS_RSN
CFLAGS += -DCONFIG_NO_VLAN
OBJS += ibss_rsn.o
endif

ifdef CONFIG_MATCH_IFACE
CFLAGS += -DCONFIG_MATCH_IFACE
endif

ifdef CONFIG_P2P
OBJS += p2p_supplicant.o
OBJS += p2p_supplicant_sd.o
OBJS += ../src/p2p/p2p.o
OBJS += ../src/p2p/p2p_utils.o
OBJS += ../src/p2p/p2p_parse.o
OBJS += ../src/p2p/p2p_build.o
OBJS += ../src/p2p/p2p_go_neg.o
OBJS += ../src/p2p/p2p_sd.o
OBJS += ../src/p2p/p2p_pd.o
OBJS += ../src/p2p/p2p_invitation.o
OBJS += ../src/p2p/p2p_dev_disc.o
OBJS += ../src/p2p/p2p_group.o
OBJS += ../src/ap/p2p_hostapd.o
CFLAGS += -DCONFIG_P2P
NEED_GAS=y
NEED_OFFCHANNEL=y
CONFIG_WPS=y
CONFIG_AP=y
ifdef CONFIG_P2P_STRICT
CFLAGS += -DCONFIG_P2P_STRICT
endif
ifdef CONFIG_WIFI_DISPLAY
CFLAGS += -DCONFIG_WIFI_DISPLAY
OBJS += wifi_display.o
endif
endif

ifdef CONFIG_PASN
CFLAGS += -DCONFIG_PASN
CFLAGS += -DCONFIG_PTKSA_CACHE
NEED_HMAC_SHA256_KDF=y
NEED_HMAC_SHA384_KDF=y
NEED_SHA256=y
NEED_SHA384=y
OBJS += ../src/common/ptksa_cache.o
OBJS += pasn_supplicant.o
endif

ifdef CONFIG_HS20
OBJS += hs20_supplicant.o
CFLAGS += -DCONFIG_HS20
CONFIG_INTERWORKING=y
endif

ifdef CONFIG_INTERWORKING
OBJS += interworking.o
CFLAGS += -DCONFIG_INTERWORKING
NEED_GAS=y
endif

ifdef CONFIG_NO_ROAMING
CFLAGS += -DCONFIG_NO_ROAMING
endif

include ../src/drivers/drivers.mak
ifdef CONFIG_AP
OBJS_d += $(DRV_BOTH_OBJS)
CFLAGS += $(DRV_BOTH_CFLAGS)
LDFLAGS += $(DRV_BOTH_LDFLAGS)
LIBS += $(DRV_BOTH_LIBS)
else
NEED_AP_MLME=
OBJS_d += $(DRV_WPA_OBJS)
CFLAGS += $(DRV_WPA_CFLAGS)
LDFLAGS += $(DRV_WPA_LDFLAGS)
LIBS += $(DRV_WPA_LIBS)
endif

ifndef CONFIG_L2_PACKET
CONFIG_L2_PACKET=linux
endif

OBJS_l2 += ../src/l2_packet/l2_packet_$(CONFIG_L2_PACKET).o

ifeq ($(CONFIG_L2_PACKET), pcap)
ifdef CONFIG_WINPCAP
CFLAGS += -DCONFIG_WINPCAP
LIBS += -lwpcap -lpacket
LIBS_w += -lwpcap
else
LIBS += -ldnet -lpcap
endif
endif

ifeq ($(CONFIG_L2_PACKET), winpcap)
LIBS += -lwpcap -lpacket
LIBS_w += -lwpcap
endif

ifeq ($(CONFIG_L2_PACKET), freebsd)
LIBS += -lpcap
endif

ifdef CONFIG_ERP
CFLAGS += -DCONFIG_ERP
NEED_HMAC_SHA256_KDF=y
endif

ifdef CONFIG_EAP_TLS
# EAP-TLS
ifeq ($(CONFIG_EAP_TLS), dyn)
CFLAGS += -DEAP_TLS_DYNAMIC
EAPDYN += eap_tls.so
else
CFLAGS += -DEAP_TLS
OBJS += ../src/eap_peer/eap_tls.o
endif
TLS_FUNCS=y
CONFIG_IEEE8021X_EAPOL=y
endif

ifdef CONFIG_EAP_UNAUTH_TLS
# EAP-UNAUTH-TLS
CFLAGS += -DEAP_UNAUTH_TLS
ifndef CONFIG_EAP_TLS
OBJS += ../src/eap_peer/eap_tls.o
TLS_FUNCS=y
endif
CONFIG_IEEE8021X_EAPOL=y
endif

ifdef CONFIG_EAP_PEAP
# EAP-PEAP
SRC_EAP_PEAP = ../src/eap_peer/eap_peap.c ../src/eap_common/eap_peap_common.c
ifeq ($(CONFIG_EAP_PEAP), dyn)
CFLAGS += -DEAP_PEAP_DYNAMIC
EAPDYN += eap_peap.so
else
CFLAGS += -DEAP_PEAP
OBJS += $(patsubst %.c, %.o, $(SRC_EAP_PEAP))
endif
TLS_FUNCS=y
CONFIG_IEEE8021X_EAPOL=y
endif

ifdef CONFIG_EAP_TTLS
# EAP-TTLS
ifeq ($(CONFIG_EAP_TTLS), dyn)
CFLAGS += -DEAP_TTLS_DYNAMIC
EAPDYN += eap_ttls.so
else
CFLAGS += -DEAP_TTLS
OBJS += ../src/eap_peer/eap_ttls.o
endif
TLS_FUNCS=y
ifndef CONFIG_FIPS
MS_FUNCS=y
CHAP=y
endif
CONFIG_IEEE8021X_EAPOL=y
endif

ifdef CONFIG_EAP_MD5
# EAP-MD5
ifeq ($(CONFIG_EAP_MD5), dyn)
CFLAGS += -DEAP_MD5_DYNAMIC
EAPDYN += eap_md5.so
else
CFLAGS += -DEAP_MD5
OBJS += ../src/eap_peer/eap_md5.o
endif
CHAP=y
CONFIG_IEEE8021X_EAPOL=y
endif

# backwards compatibility for old spelling
ifdef CONFIG_MSCHAPV2
ifndef CONFIG_EAP_MSCHAPV2
CONFIG_EAP_MSCHAPV2=y
endif
endif

ifdef CONFIG_EAP_MSCHAPV2
# EAP-MSCHAPv2
SRC_EAP_MSCHAPV2 = ../src/eap_peer/eap_mschapv2.c ../src/eap_peer/mschapv2.c
ifeq ($(CONFIG_EAP_MSCHAPV2), dyn)
CFLAGS += -DEAP_MSCHAPv2_DYNAMIC
EAPDYN += eap_mschapv2.so
else
CFLAGS += -DEAP_MSCHAPv2
OBJS += $(patsubst %.c, %.o, $(SRC_EAP_MSCHAPV2))
endif
MS_FUNCS=y
CONFIG_IEEE8021X_EAPOL=y
endif

ifdef CONFIG_EAP_GTC
# EAP-GTC
ifeq ($(CONFIG_EAP_GTC), dyn)
CFLAGS += -DEAP_GTC_DYNAMIC
EAPDYN += eap_gtc.so
else
CFLAGS += -DEAP_GTC
OBJS += ../src/eap_peer/eap_gtc.o
endif
CONFIG_IEEE8021X_EAPOL=y
endif

ifdef CONFIG_EAP_OTP
# EAP-OTP
ifeq ($(CONFIG_EAP_OTP), dyn)
CFLAGS += -DEAP_OTP_DYNAMIC
EAPDYN += eap_otp.so
else
CFLAGS += -DEAP_OTP
OBJS += ../src/eap_peer/eap_otp.o
endif
CONFIG_IEEE8021X_EAPOL=y
endif

ifdef CONFIG_EAP_SIM
# EAP-SIM
ifeq ($(CONFIG_EAP_SIM), dyn)
CFLAGS += -DEAP_SIM_DYNAMIC
EAPDYN += eap_sim.so
else
CFLAGS += -DEAP_SIM
OBJS += ../src/eap_peer/eap_sim.o
endif
CONFIG_IEEE8021X_EAPOL=y
CONFIG_EAP_SIM_COMMON=y
NEED_AES_CBC=y
endif

ifdef CONFIG_EAP_LEAP
# EAP-LEAP
ifeq ($(CONFIG_EAP_LEAP), dyn)
CFLAGS += -DEAP_LEAP_DYNAMIC
EAPDYN += eap_leap.so
else
CFLAGS += -DEAP_LEAP
OBJS += ../src/eap_peer/eap_leap.o
endif
MS_FUNCS=y
CONFIG_IEEE8021X_EAPOL=y
endif

ifdef CONFIG_EAP_PSK
# EAP-PSK
SRC_EAP_PSK = ../src/eap_peer/eap_psk.c ../src/eap_common/eap_psk_common.c
ifeq ($(CONFIG_EAP_PSK), dyn)
CFLAGS += -DEAP_PSK_DYNAMIC
EAPDYN += eap_psk.so
else
CFLAGS += -DEAP_PSK
OBJS += $(patsubst %.c, %.o, $(SRC_EAP_PSK))
endif
CONFIG_IEEE8021X_EAPOL=y
NEED_AES=y
NEED_AES_ENCBLOCK=y
NEED_AES_EAX=y
endif

ifdef CONFIG_EAP_AKA
# EAP-AKA
ifeq ($(CONFIG_EAP_AKA), dyn)
CFLAGS += -DEAP_AKA_DYNAMIC
EAPDYN += eap_aka.so
else
CFLAGS += -DEAP_AKA
OBJS += ../src/eap_peer/eap_aka.o
endif
CONFIG_IEEE8021X_EAPOL=y
CONFIG_EAP_SIM_COMMON=y
NEED_AES_CBC=y
endif

ifdef CONFIG_EAP_PROXY
CFLAGS += -DCONFIG_EAP_PROXY
OBJS += ../src/eap_peer/eap_proxy_$(CONFIG_EAP_PROXY).o
include eap_proxy_$(CONFIG_EAP_PROXY).mak
CONFIG_IEEE8021X_EAPOL=y
endif

ifdef CONFIG_EAP_AKA_PRIME
# EAP-AKA'
ifeq ($(CONFIG_EAP_AKA_PRIME), dyn)
CFLAGS += -DEAP_AKA_PRIME_DYNAMIC
else
CFLAGS += -DEAP_AKA_PRIME
endif
endif

ifdef CONFIG_EAP_SIM_COMMON
OBJS += ../src/eap_common/eap_sim_common.o
NEED_AES=y
NEED_FIPS186_2_PRF=y
endif

ifdef CONFIG_EAP_FAST
# EAP-FAST
SRC_EAP_FAST = ../src/eap_peer/eap_fast.c ../src/eap_peer/eap_fast_pac.c
SRC_EAP_FAST += ../src/eap_common/eap_fast_common.c
ifeq ($(CONFIG_EAP_FAST), dyn)
CFLAGS += -DEAP_FAST_DYNAMIC
EAPDYN += eap_fast.so
else
CFLAGS += -DEAP_FAST
OBJS += $(patsubst %.c, %.o, $(SRC_EAP_FAST))
endif
TLS_FUNCS=y
CONFIG_IEEE8021X_EAPOL=y
NEED_T_PRF=y
endif

ifdef CONFIG_EAP_TEAP
# EAP-TEAP
SRC_EAP_TEAP = ../src/eap_peer/eap_teap.c ../src/eap_peer/eap_teap_pac.c
SRC_EAP_TEAP += ../src/eap_common/eap_teap_common.c
ifeq ($(CONFIG_EAP_TEAP), dyn)
CFLAGS += -DEAP_TEAP_DYNAMIC
EAPDYN += eap_teap.so
else
CFLAGS += -DEAP_TEAP
OBJS += $(patsubst %.c, %.o, $(SRC_EAP_TEAP))
endif
TLS_FUNCS=y
CONFIG_IEEE8021X_EAPOL=y
NEED_T_PRF=y
NEED_SHA384=y
NEED_TLS_PRF_SHA256=y
NEED_TLS_PRF_SHA384=y
endif

ifdef CONFIG_EAP_PAX
# EAP-PAX
SRC_EAP_PAX = ../src/eap_peer/eap_pax.c ../src/eap_common/eap_pax_common.c
ifeq ($(CONFIG_EAP_PAX), dyn)
CFLAGS += -DEAP_PAX_DYNAMIC
EAPDYN += eap_pax.so
else
CFLAGS += -DEAP_PAX
OBJS += $(patsubst %.c, %.o, $(SRC_EAP_PAX))
endif
CONFIG_IEEE8021X_EAPOL=y
endif

ifdef CONFIG_EAP_SAKE
# EAP-SAKE
SRC_EAP_SAKE = ../src/eap_peer/eap_sake.c ../src/eap_common/eap_sake_common.c
ifeq ($(CONFIG_EAP_SAKE), dyn)
CFLAGS += -DEAP_SAKE_DYNAMIC
EAPDYN += eap_sake.so
else
CFLAGS += -DEAP_SAKE
OBJS += $(patsubst %.c, %.o, $(SRC_EAP_SAKE))
endif
CONFIG_IEEE8021X_EAPOL=y
endif

ifdef CONFIG_EAP_GPSK
# EAP-GPSK
SRC_EAP_GPSK = ../src/eap_peer/eap_gpsk.c ../src/eap_common/eap_gpsk_common.c
ifeq ($(CONFIG_EAP_GPSK), dyn)
CFLAGS += -DEAP_GPSK_DYNAMIC
EAPDYN += eap_gpsk.so
else
CFLAGS += -DEAP_GPSK
OBJS += $(patsubst %.c, %.o, $(SRC_EAP_GPSK))
endif
CONFIG_IEEE8021X_EAPOL=y
ifdef CONFIG_EAP_GPSK_SHA256
CFLAGS += -DEAP_GPSK_SHA256
endif
endif

ifdef CONFIG_EAP_PWD
CFLAGS += -DEAP_PWD
ifeq ($(CONFIG_TLS), wolfssl)
CFLAGS += -DCONFIG_ECC
endif
OBJS += ../src/eap_peer/eap_pwd.o ../src/eap_common/eap_pwd_common.o
CONFIG_IEEE8021X_EAPOL=y
NEED_ECC=y
NEED_DRAGONFLY=y
endif

ifdef CONFIG_EAP_EKE
# EAP-EKE
SRC_EAP_EKE = ../src/eap_peer/eap_eke.c ../src/eap_common/eap_eke_common.c
ifeq ($(CONFIG_EAP_EKE), dyn)
CFLAGS += -DEAP_EKE_DYNAMIC
EAPDYN += eap_eke.so
else
CFLAGS += -DEAP_EKE
OBJS += $(patsubst %.c, %.o, $(SRC_EAP_EKE))
endif
CONFIG_IEEE8021X_EAPOL=y
NEED_DH_GROUPS=y
NEED_DH_GROUPS_ALL=y
NEED_AES_CBC=y
endif

ifdef CONFIG_WPS
# EAP-WSC
CFLAGS += -DCONFIG_WPS -DEAP_WSC
OBJS += wps_supplicant.o
OBJS += ../src/utils/uuid.o
OBJS += ../src/eap_peer/eap_wsc.o ../src/eap_common/eap_wsc_common.o
OBJS += ../src/wps/wps.o
OBJS += ../src/wps/wps_common.o
OBJS += ../src/wps/wps_attr_parse.o
OBJS += ../src/wps/wps_attr_build.o
OBJS += ../src/wps/wps_attr_process.o
OBJS += ../src/wps/wps_dev_attr.o
OBJS += ../src/wps/wps_enrollee.o
OBJS += ../src/wps/wps_registrar.o
CONFIG_IEEE8021X_EAPOL=y
NEED_DH_GROUPS=y
NEED_BASE64=y
NEED_AES_CBC=y
NEED_MODEXP=y

ifdef CONFIG_WPS_NFC
CFLAGS += -DCONFIG_WPS_NFC
OBJS += ../src/wps/ndef.o
NEED_WPS_OOB=y
endif

ifdef NEED_WPS_OOB
CFLAGS += -DCONFIG_WPS_OOB
endif

ifdef CONFIG_WPS_ER
CONFIG_WPS_UPNP=y
CFLAGS += -DCONFIG_WPS_ER
OBJS += ../src/wps/wps_er.o
OBJS += ../src/wps/wps_er_ssdp.o
endif

ifdef CONFIG_WPS_UPNP
CFLAGS += -DCONFIG_WPS_UPNP
OBJS += ../src/wps/wps_upnp.o
OBJS += ../src/wps/wps_upnp_ssdp.o
OBJS += ../src/wps/wps_upnp_web.o
OBJS += ../src/wps/wps_upnp_event.o
OBJS += ../src/wps/wps_upnp_ap.o
OBJS += ../src/wps/upnp_xml.o
OBJS += ../src/wps/httpread.o
OBJS += ../src/wps/http_client.o
OBJS += ../src/wps/http_server.o
endif

ifdef CONFIG_WPS_STRICT
CFLAGS += -DCONFIG_WPS_STRICT
OBJS += ../src/wps/wps_validate.o
endif

ifdef CONFIG_WPS_TESTING
CFLAGS += -DCONFIG_WPS_TESTING
endif

ifdef CONFIG_WPS_REG_DISABLE_OPEN
CFLAGS += -DCONFIG_WPS_REG_DISABLE_OPEN
endif

endif

ifdef CONFIG_EAP_IKEV2
# EAP-IKEv2
SRC_EAP_IKEV2 = ../src/eap_peer/eap_ikev2.c
SRC_EAP_IKEV2 += ../src/eap_peer/ikev2.c
SRC_EAP_IKEV2 += ../src/eap_common/eap_ikev2_common.c
SRC_EAP_IKEV2 += ../src/eap_common/ikev2_common.c
ifeq ($(CONFIG_EAP_IKEV2), dyn)
CFLAGS += -DEAP_IKEV2_DYNAMIC
EAPDYN += eap_ikev2.so
else
CFLAGS += -DEAP_IKEV2
OBJS += $(patsubst %.c, %.o, $(SRC_EAP_IKEV2))
endif
CONFIG_IEEE8021X_EAPOL=y
NEED_DH_GROUPS=y
NEED_DH_GROUPS_ALL=y
NEED_MODEXP=y
NEED_CIPHER=y
endif

ifdef CONFIG_EAP_VENDOR_TEST
ifeq ($(CONFIG_EAP_VENDOR_TEST), dyn)
CFLAGS += -DEAP_VENDOR_TEST_DYNAMIC
EAPDYN += eap_vendor_test.so
else
CFLAGS += -DEAP_VENDOR_TEST
OBJS += ../src/eap_peer/eap_vendor_test.o
endif
CONFIG_IEEE8021X_EAPOL=y
endif

ifdef CONFIG_EAP_TNC
# EAP-TNC
CFLAGS += -DEAP_TNC
OBJS += ../src/eap_peer/eap_tnc.o
OBJS += ../src/eap_peer/tncc.o
NEED_BASE64=y
ifndef CONFIG_NATIVE_WINDOWS
ifndef CONFIG_DRIVER_BSD
LIBS += -ldl
endif
endif
endif

ifdef CONFIG_MACSEC
CFLAGS += -DCONFIG_MACSEC
CONFIG_IEEE8021X_EAPOL=y
NEED_AES_ENCBLOCK=y
NEED_AES_UNWRAP=y
NEED_AES_WRAP=y
OBJS += wpas_kay.o
OBJS += ../src/pae/ieee802_1x_cp.o
OBJS += ../src/pae/ieee802_1x_kay.o
OBJS += ../src/pae/ieee802_1x_key.o
OBJS += ../src/pae/ieee802_1x_secy_ops.o
ifdef CONFIG_AP
OBJS += ../src/ap/wpa_auth_kay.o
endif
endif

ifdef CONFIG_IEEE8021X_EAPOL
# IEEE 802.1X/EAPOL state machines (e.g., for RADIUS authentication)
CFLAGS += -DIEEE8021X_EAPOL
OBJS += ../src/eapol_supp/eapol_supp_sm.o
OBJS += ../src/eap_peer/eap.o ../src/eap_peer/eap_methods.o
NEED_EAP_COMMON=y
ifdef CONFIG_DYNAMIC_EAP_METHODS
CFLAGS += -DCONFIG_DYNAMIC_EAP_METHODS
LIBS += -ldl -rdynamic
endif
endif

ifdef CONFIG_AP
NEED_EAP_COMMON=y
NEED_RSN_AUTHENTICATOR=y
CFLAGS += -DCONFIG_AP
OBJS += ap.o
CFLAGS += -DCONFIG_NO_RADIUS
CFLAGS += -DCONFIG_NO_ACCOUNTING
CFLAGS += -DCONFIG_NO_VLAN
OBJS += ../src/ap/hostapd.o
OBJS += ../src/ap/wpa_auth_glue.o
OBJS += ../src/ap/utils.o
OBJS += ../src/ap/authsrv.o
OBJS += ../src/ap/ap_config.o
OBJS += ../src/ap/sta_info.o
OBJS += ../src/ap/tkip_countermeasures.o
OBJS += ../src/ap/ap_mlme.o
OBJS += ../src/ap/ieee802_1x.o
OBJS += ../src/eapol_auth/eapol_auth_sm.o
OBJS += ../src/ap/ieee802_11_auth.o
OBJS += ../src/ap/ieee802_11_shared.o
OBJS += ../src/ap/drv_callbacks.o
OBJS += ../src/ap/ap_drv_ops.o
OBJS += ../src/ap/beacon.o
OBJS += ../src/ap/bss_load.o
OBJS += ../src/ap/eap_user_db.o
OBJS += ../src/ap/neighbor_db.o
OBJS += ../src/ap/rrm.o
OBJS += ../src/ap/ieee802_11_ht.o
ifdef CONFIG_IEEE80211AC
OBJS += ../src/ap/ieee802_11_vht.o
endif
ifdef CONFIG_IEEE80211AX
OBJS += ../src/ap/ieee802_11_he.o
endif
ifdef CONFIG_WNM_AP
CFLAGS += -DCONFIG_WNM_AP
OBJS += ../src/ap/wnm_ap.o
endif
ifdef CONFIG_MBO
OBJS += ../src/ap/mbo_ap.o
endif
ifdef CONFIG_FILS
OBJS += ../src/ap/fils_hlp.o
endif
ifdef CONFIG_CTRL_IFACE
OBJS += ../src/ap/ctrl_iface_ap.o
endif

CFLAGS += -DEAP_SERVER -DEAP_SERVER_IDENTITY
OBJS += ../src/eap_server/eap_server.o
OBJS += ../src/eap_server/eap_server_identity.o
OBJS += ../src/eap_server/eap_server_methods.o

ifdef CONFIG_IEEE80211AC
CFLAGS += -DCONFIG_IEEE80211AC
endif
ifdef CONFIG_IEEE80211AX
CFLAGS += -DCONFIG_IEEE80211AX
endif

ifdef NEED_AP_MLME
OBJS += ../src/ap/wmm.o
OBJS += ../src/ap/ap_list.o
OBJS += ../src/ap/ieee802_11.o
OBJS += ../src/ap/hw_features.o
OBJS += ../src/ap/dfs.o
CFLAGS += -DNEED_AP_MLME
endif
ifdef CONFIG_WPS
CFLAGS += -DEAP_SERVER_WSC
OBJS += ../src/ap/wps_hostapd.o
OBJS += ../src/eap_server/eap_server_wsc.o
endif
ifdef CONFIG_DPP
OBJS += ../src/ap/dpp_hostapd.o
OBJS += ../src/ap/gas_query_ap.o
NEED_AP_GAS_SERV=y
endif
ifdef CONFIG_INTERWORKING
NEED_AP_GAS_SERV=y
endif
ifdef NEED_AP_GAS_SERV
OBJS += ../src/ap/gas_serv.o
endif
ifdef CONFIG_HS20
OBJS += ../src/ap/hs20.o
endif
endif

ifdef CONFIG_MBO
OBJS += mbo.o
CFLAGS += -DCONFIG_MBO
endif

ifdef NEED_RSN_AUTHENTICATOR
CFLAGS += -DCONFIG_NO_RADIUS
NEED_AES_WRAP=y
OBJS += ../src/ap/wpa_auth.o
OBJS += ../src/ap/wpa_auth_ie.o
OBJS += ../src/ap/pmksa_cache_auth.o
endif

ifdef CONFIG_ACS
CFLAGS += -DCONFIG_ACS
OBJS += ../src/ap/acs.o
LIBS += -lm
endif

ifdef CONFIG_PCSC
# PC/SC interface for smartcards (USIM, GSM SIM)
CFLAGS += -DPCSC_FUNCS -I/usr/include/PCSC
OBJS += ../src/utils/pcsc_funcs.o
ifdef CONFIG_NATIVE_WINDOWS
#Once MinGW gets support for WinScard, -lwinscard could be used instead of the
#dynamic symbol loading that is now used in pcsc_funcs.c
#LIBS += -lwinscard
else
ifdef CONFIG_OSX
LIBS += -framework PCSC
else
LIBS += $(shell $(PKG_CONFIG) --libs libpcsclite)
endif
endif
endif

ifdef CONFIG_SIM_SIMULATOR
CFLAGS += -DCONFIG_SIM_SIMULATOR
NEED_MILENAGE=y
endif

ifdef CONFIG_USIM_SIMULATOR
CFLAGS += -DCONFIG_USIM_SIMULATOR
NEED_MILENAGE=y
endif

ifdef NEED_MILENAGE
OBJS += ../src/crypto/milenage.o
NEED_AES_ENCBLOCK=y
endif

ifdef CONFIG_PKCS12
CFLAGS += -DPKCS12_FUNCS
endif

ifdef CONFIG_SMARTCARD
CFLAGS += -DCONFIG_SMARTCARD
endif

ifdef NEED_DRAGONFLY
OBJS += ../src/common/dragonfly.o
endif

ifdef MS_FUNCS
OBJS += ../src/crypto/ms_funcs.o
NEED_DES=y
NEED_MD4=y
endif

ifdef CHAP
OBJS += ../src/eap_common/chap.o
endif

ifdef TLS_FUNCS
NEED_DES=y
# Shared TLS functions (needed for EAP_TLS, EAP_PEAP, EAP_TTLS, EAP_FAST, and
# EAP_TEAP)
OBJS += ../src/eap_peer/eap_tls_common.o
ifndef CONFIG_FIPS
NEED_TLS_PRF=y
NEED_SHA1=y
NEED_MD5=y
endif
endif

ifndef CONFIG_TLS
CONFIG_TLS=openssl
endif

ifdef CONFIG_TLSV11
CFLAGS += -DCONFIG_TLSV11
endif

ifdef CONFIG_TLSV12
CFLAGS += -DCONFIG_TLSV12
endif

ifeq ($(CONFIG_TLS), wolfssl)
ifdef TLS_FUNCS
CFLAGS += -DWOLFSSL_DER_LOAD
OBJS += ../src/crypto/tls_wolfssl.o
endif
OBJS += ../src/crypto/crypto_wolfssl.o
OBJS_p += ../src/crypto/crypto_wolfssl.o
ifdef NEED_FIPS186_2_PRF
OBJS += ../src/crypto/fips_prf_wolfssl.o
endif
NEED_TLS_PRF_SHA256=y
LIBS += -lwolfssl -lm
LIBS_p += -lwolfssl -lm
endif

ifeq ($(CONFIG_TLS), openssl)
ifdef TLS_FUNCS
CFLAGS += -DEAP_TLS_OPENSSL
OBJS += ../src/crypto/tls_openssl.o
OBJS += ../src/crypto/tls_openssl_ocsp.o
LIBS += -lssl
endif
OBJS += ../src/crypto/crypto_openssl.o
OBJS_p += ../src/crypto/crypto_openssl.o
OBJS_priv += ../src/crypto/crypto_openssl.o
ifdef NEED_FIPS186_2_PRF
OBJS += ../src/crypto/fips_prf_openssl.o
endif
NEED_TLS_PRF_SHA256=y
LIBS += -ldl
LIBS += -lcrypto
LIBS_p += -lcrypto
ifdef CONFIG_TLS_ADD_DL
LIBS += -ldl
LIBS_p += -ldl
endif
ifndef CONFIG_TLS_DEFAULT_CIPHERS
CONFIG_TLS_DEFAULT_CIPHERS = "DEFAULT:!EXP:!LOW"
endif
CFLAGS += -DTLS_DEFAULT_CIPHERS=\"$(CONFIG_TLS_DEFAULT_CIPHERS)\"
endif

ifeq ($(CONFIG_TLS), gnutls)
ifndef CONFIG_CRYPTO
# default to libgcrypt
CONFIG_CRYPTO=gnutls
endif
ifdef TLS_FUNCS
OBJS += ../src/crypto/tls_gnutls.o
LIBS += -lgnutls -lgpg-error
endif
OBJS += ../src/crypto/crypto_$(CONFIG_CRYPTO).o
OBJS_p += ../src/crypto/crypto_$(CONFIG_CRYPTO).o
OBJS_priv += ../src/crypto/crypto_$(CONFIG_CRYPTO).o
ifdef NEED_FIPS186_2_PRF
OBJS += ../src/crypto/fips_prf_internal.o
SHA1OBJS += ../src/crypto/sha1-internal.o
endif
ifeq ($(CONFIG_CRYPTO), gnutls)
LIBS += -lgcrypt
LIBS_p += -lgcrypt
CONFIG_INTERNAL_RC4=y
CONFIG_INTERNAL_DH_GROUP5=y
endif
ifeq ($(CONFIG_CRYPTO), nettle)
LIBS += -lnettle -lgmp
LIBS_p += -lnettle -lgmp
CONFIG_INTERNAL_RC4=y
CONFIG_INTERNAL_DH_GROUP5=y
endif
endif

ifeq ($(CONFIG_TLS), internal)
ifndef CONFIG_CRYPTO
CONFIG_CRYPTO=internal
endif
ifdef TLS_FUNCS
OBJS += ../src/crypto/crypto_internal-rsa.o
OBJS += ../src/crypto/tls_internal.o
OBJS += ../src/tls/tlsv1_common.o
OBJS += ../src/tls/tlsv1_record.o
OBJS += ../src/tls/tlsv1_cred.o
OBJS += ../src/tls/tlsv1_client.o
OBJS += ../src/tls/tlsv1_client_write.o
OBJS += ../src/tls/tlsv1_client_read.o
OBJS += ../src/tls/tlsv1_client_ocsp.o
OBJS += ../src/tls/rsa.o
OBJS += ../src/tls/x509v3.o
OBJS += ../src/tls/pkcs1.o
OBJS += ../src/tls/pkcs5.o
OBJS += ../src/tls/pkcs8.o
NEED_ASN1=y
NEED_BASE64=y
NEED_TLS_PRF=y
ifdef CONFIG_TLSV12
NEED_TLS_PRF_SHA256=y
endif
NEED_MODEXP=y
NEED_CIPHER=y
CFLAGS += -DCONFIG_TLS_INTERNAL_CLIENT
endif
ifdef NEED_CIPHER
NEED_DES=y
OBJS += ../src/crypto/crypto_internal-cipher.o
endif
ifdef NEED_MODEXP
OBJS += ../src/crypto/crypto_internal-modexp.o
OBJS += ../src/tls/bignum.o
endif
ifeq ($(CONFIG_CRYPTO), libtomcrypt)
OBJS += ../src/crypto/crypto_libtomcrypt.o
OBJS_p += ../src/crypto/crypto_libtomcrypt.o
LIBS += -ltomcrypt -ltfm
LIBS_p += -ltomcrypt -ltfm
CONFIG_INTERNAL_SHA256=y
CONFIG_INTERNAL_RC4=y
CONFIG_INTERNAL_DH_GROUP5=y
endif
ifeq ($(CONFIG_CRYPTO), internal)
OBJS += ../src/crypto/crypto_internal.o
OBJS_p += ../src/crypto/crypto_internal.o
NEED_AES_ENC=y
CFLAGS += -DCONFIG_CRYPTO_INTERNAL
ifdef CONFIG_INTERNAL_LIBTOMMATH
CFLAGS += -DCONFIG_INTERNAL_LIBTOMMATH
ifdef CONFIG_INTERNAL_LIBTOMMATH_FAST
CFLAGS += -DLTM_FAST
endif
else
LIBS += -ltommath
LIBS_p += -ltommath
endif
CONFIG_INTERNAL_AES=y
CONFIG_INTERNAL_DES=y
CONFIG_INTERNAL_SHA1=y
CONFIG_INTERNAL_MD4=y
CONFIG_INTERNAL_MD5=y
CONFIG_INTERNAL_SHA256=y
CONFIG_INTERNAL_SHA384=y
CONFIG_INTERNAL_SHA512=y
CONFIG_INTERNAL_RC4=y
CONFIG_INTERNAL_DH_GROUP5=y
endif
ifeq ($(CONFIG_CRYPTO), cryptoapi)
OBJS += ../src/crypto/crypto_cryptoapi.o
OBJS_p += ../src/crypto/crypto_cryptoapi.o
CFLAGS += -DCONFIG_CRYPTO_CRYPTOAPI
CONFIG_INTERNAL_SHA256=y
CONFIG_INTERNAL_RC4=y
endif
endif

ifeq ($(CONFIG_TLS), linux)
OBJS += ../src/crypto/crypto_linux.o
OBJS_p += ../src/crypto/crypto_linux.o
ifdef TLS_FUNCS
OBJS += ../src/crypto/crypto_internal-rsa.o
OBJS += ../src/crypto/tls_internal.o
OBJS += ../src/tls/tlsv1_common.o
OBJS += ../src/tls/tlsv1_record.o
OBJS += ../src/tls/tlsv1_cred.o
OBJS += ../src/tls/tlsv1_client.o
OBJS += ../src/tls/tlsv1_client_write.o
OBJS += ../src/tls/tlsv1_client_read.o
OBJS += ../src/tls/tlsv1_client_ocsp.o
OBJS += ../src/tls/rsa.o
OBJS += ../src/tls/x509v3.o
OBJS += ../src/tls/pkcs1.o
OBJS += ../src/tls/pkcs5.o
OBJS += ../src/tls/pkcs8.o
NEED_ASN1=y
NEED_BASE64=y
NEED_TLS_PRF=y
ifdef CONFIG_TLSV12
NEED_TLS_PRF_SHA256=y
endif
NEED_MODEXP=y
NEED_CIPHER=y
CFLAGS += -DCONFIG_TLS_INTERNAL_CLIENT
endif
ifdef NEED_MODEXP
OBJS += ../src/crypto/crypto_internal-modexp.o
OBJS += ../src/tls/bignum.o
CFLAGS += -DCONFIG_INTERNAL_LIBTOMMATH
CFLAGS += -DLTM_FAST
endif
CONFIG_INTERNAL_DH_GROUP5=y
ifdef NEED_FIPS186_2_PRF
OBJS += ../src/crypto/fips_prf_internal.o
OBJS += ../src/crypto/sha1-internal.o
endif
endif

ifeq ($(CONFIG_TLS), none)
ifdef TLS_FUNCS
OBJS += ../src/crypto/tls_none.o
CFLAGS += -DEAP_TLS_NONE
CONFIG_INTERNAL_AES=y
CONFIG_INTERNAL_SHA1=y
CONFIG_INTERNAL_MD5=y
endif
OBJS += ../src/crypto/crypto_none.o
OBJS_p += ../src/crypto/crypto_none.o
CONFIG_INTERNAL_SHA256=y
CONFIG_INTERNAL_RC4=y
endif

ifdef TLS_FUNCS
ifdef CONFIG_SMARTCARD
ifndef CONFIG_NATIVE_WINDOWS
ifneq ($(CONFIG_L2_PACKET), freebsd)
LIBS += -ldl
endif
endif
endif
endif

ifndef TLS_FUNCS
OBJS += ../src/crypto/tls_none.o
ifeq ($(CONFIG_TLS), internal)
CONFIG_INTERNAL_AES=y
CONFIG_INTERNAL_SHA1=y
CONFIG_INTERNAL_MD5=y
CONFIG_INTERNAL_RC4=y
endif
endif

AESOBJS = # none so far (see below)
ifdef CONFIG_INTERNAL_AES
AESOBJS += ../src/crypto/aes-internal.o ../src/crypto/aes-internal-dec.o
endif

ifneq ($(CONFIG_TLS), openssl)
ifneq ($(CONFIG_TLS), wolfssl)
NEED_INTERNAL_AES_WRAP=y
endif
endif
ifdef CONFIG_OPENSSL_INTERNAL_AES_WRAP
# Seems to be needed at least with BoringSSL
NEED_INTERNAL_AES_WRAP=y
CFLAGS += -DCONFIG_OPENSSL_INTERNAL_AES_WRAP
endif
ifdef CONFIG_FIPS
# Have to use internal AES key wrap routines to use OpenSSL EVP since the
# OpenSSL AES_wrap_key()/AES_unwrap_key() API is not available in FIPS mode.
NEED_INTERNAL_AES_WRAP=y
endif

ifdef NEED_INTERNAL_AES_WRAP
ifneq ($(CONFIG_TLS), linux)
AESOBJS += ../src/crypto/aes-unwrap.o
endif
endif
ifdef NEED_AES_EAX
AESOBJS += ../src/crypto/aes-eax.o
NEED_AES_CTR=y
endif
ifdef NEED_AES_SIV
AESOBJS += ../src/crypto/aes-siv.o
NEED_AES_CTR=y
endif
ifdef NEED_AES_CTR
AESOBJS += ../src/crypto/aes-ctr.o
endif
ifdef NEED_AES_ENCBLOCK
AESOBJS += ../src/crypto/aes-encblock.o
endif
NEED_AES_ENC=y
ifdef CONFIG_OPENSSL_CMAC
CFLAGS += -DCONFIG_OPENSSL_CMAC
else
ifneq ($(CONFIG_TLS), linux)
ifneq ($(CONFIG_TLS), wolfssl)
AESOBJS += ../src/crypto/aes-omac1.o
endif
endif
endif
ifdef NEED_AES_WRAP
NEED_AES_ENC=y
ifdef NEED_INTERNAL_AES_WRAP
AESOBJS += ../src/crypto/aes-wrap.o
endif
endif
ifdef NEED_AES_CBC
NEED_AES_ENC=y
ifneq ($(CONFIG_TLS), openssl)
ifneq ($(CONFIG_TLS), linux)
ifneq ($(CONFIG_TLS), wolfssl)
AESOBJS += ../src/crypto/aes-cbc.o
endif
endif
endif
endif
ifdef NEED_AES_ENC
ifdef CONFIG_INTERNAL_AES
AESOBJS += ../src/crypto/aes-internal-enc.o
endif
endif
ifdef NEED_AES
OBJS += $(AESOBJS)
endif

ifdef NEED_SHA1
ifneq ($(CONFIG_TLS), openssl)
ifneq ($(CONFIG_TLS), linux)
ifneq ($(CONFIG_TLS), gnutls)
ifneq ($(CONFIG_TLS), wolfssl)
SHA1OBJS += ../src/crypto/sha1.o
endif
endif
endif
endif
SHA1OBJS += ../src/crypto/sha1-prf.o
ifdef CONFIG_INTERNAL_SHA1
SHA1OBJS += ../src/crypto/sha1-internal.o
ifdef NEED_FIPS186_2_PRF
SHA1OBJS += ../src/crypto/fips_prf_internal.o
endif
endif
ifdef CONFIG_NO_WPA_PASSPHRASE
CFLAGS += -DCONFIG_NO_PBKDF2
else
ifneq ($(CONFIG_TLS), openssl)
ifneq ($(CONFIG_TLS), wolfssl)
SHA1OBJS += ../src/crypto/sha1-pbkdf2.o
endif
endif
endif
ifdef NEED_T_PRF
SHA1OBJS += ../src/crypto/sha1-tprf.o
endif
ifdef NEED_TLS_PRF
SHA1OBJS += ../src/crypto/sha1-tlsprf.o
endif
endif

ifndef CONFIG_FIPS
ifneq ($(CONFIG_TLS), openssl)
ifneq ($(CONFIG_TLS), linux)
ifneq ($(CONFIG_TLS), gnutls)
ifneq ($(CONFIG_TLS), wolfssl)
MD5OBJS += ../src/crypto/md5.o
endif
endif
endif
endif
endif
ifdef NEED_MD5
ifdef CONFIG_INTERNAL_MD5
MD5OBJS += ../src/crypto/md5-internal.o
endif
OBJS += $(MD5OBJS)
OBJS_p += $(MD5OBJS)
OBJS_priv += $(MD5OBJS)
endif

ifdef NEED_MD4
ifdef CONFIG_INTERNAL_MD4
OBJS += ../src/crypto/md4-internal.o
endif
endif

DESOBJS = # none needed when not internal
ifdef NEED_DES
ifndef CONFIG_FIPS
CFLAGS += -DCONFIG_DES
endif
ifdef CONFIG_INTERNAL_DES
DESOBJS += ../src/crypto/des-internal.o
endif
endif

ifdef CONFIG_NO_RC4
CFLAGS += -DCONFIG_NO_RC4
endif

ifdef NEED_RC4
ifdef CONFIG_INTERNAL_RC4
ifndef CONFIG_NO_RC4
OBJS += ../src/crypto/rc4.o
endif
endif
endif

SHA256OBJS = # none by default
CFLAGS += -DCONFIG_SHA256
ifneq ($(CONFIG_TLS), openssl)
ifneq ($(CONFIG_TLS), linux)
ifneq ($(CONFIG_TLS), gnutls)
ifneq ($(CONFIG_TLS), wolfssl)
SHA256OBJS += ../src/crypto/sha256.o
endif
endif
endif
endif
SHA256OBJS += ../src/crypto/sha256-prf.o
ifdef CONFIG_INTERNAL_SHA256
SHA256OBJS += ../src/crypto/sha256-internal.o
endif
ifdef CONFIG_INTERNAL_SHA384
CFLAGS += -DCONFIG_INTERNAL_SHA384
SHA256OBJS += ../src/crypto/sha384-internal.o
endif
ifdef CONFIG_INTERNAL_SHA512
CFLAGS += -DCONFIG_INTERNAL_SHA512
SHA256OBJS += ../src/crypto/sha512-internal.o
endif
ifdef NEED_TLS_PRF_SHA256
SHA256OBJS += ../src/crypto/sha256-tlsprf.o
endif
ifdef NEED_TLS_PRF_SHA384
SHA256OBJS += ../src/crypto/sha384-tlsprf.o
endif
ifdef NEED_HMAC_SHA256_KDF
CFLAGS += -DCONFIG_HMAC_SHA256_KDF
OBJS += ../src/crypto/sha256-kdf.o
endif
ifdef NEED_HMAC_SHA384_KDF
CFLAGS += -DCONFIG_HMAC_SHA384_KDF
OBJS += ../src/crypto/sha384-kdf.o
endif
ifdef NEED_HMAC_SHA512_KDF
CFLAGS += -DCONFIG_HMAC_SHA512_KDF
OBJS += ../src/crypto/sha512-kdf.o
endif
OBJS += $(SHA256OBJS)
ifdef NEED_SHA384
ifneq ($(CONFIG_TLS), openssl)
ifneq ($(CONFIG_TLS), linux)
ifneq ($(CONFIG_TLS), gnutls)
ifneq ($(CONFIG_TLS), wolfssl)
OBJS += ../src/crypto/sha384.o
endif
endif
endif
endif
CFLAGS += -DCONFIG_SHA384
OBJS += ../src/crypto/sha384-prf.o
endif
ifdef NEED_SHA512
ifneq ($(CONFIG_TLS), openssl)
ifneq ($(CONFIG_TLS), linux)
ifneq ($(CONFIG_TLS), gnutls)
ifneq ($(CONFIG_TLS), wolfssl)
OBJS += ../src/crypto/sha512.o
endif
endif
endif
endif
CFLAGS += -DCONFIG_SHA512
OBJS += ../src/crypto/sha512-prf.o
endif

ifdef NEED_ASN1
OBJS += ../src/tls/asn1.o
endif

ifdef NEED_DH_GROUPS
OBJS += ../src/crypto/dh_groups.o
endif
ifdef NEED_DH_GROUPS_ALL
CFLAGS += -DALL_DH_GROUPS
endif
ifdef CONFIG_INTERNAL_DH_GROUP5
ifdef NEED_DH_GROUPS
OBJS += ../src/crypto/dh_group5.o
endif
endif

ifdef NEED_ECC
CFLAGS += -DCONFIG_ECC
endif

ifdef CONFIG_NO_RANDOM_POOL
CFLAGS += -DCONFIG_NO_RANDOM_POOL
else
ifdef CONFIG_GETRANDOM
CFLAGS += -DCONFIG_GETRANDOM
endif
OBJS += ../src/crypto/random.o
endif

ifdef CONFIG_CTRL_IFACE
ifeq ($(CONFIG_CTRL_IFACE), y)
ifdef CONFIG_NATIVE_WINDOWS
CONFIG_CTRL_IFACE=named_pipe
else
CONFIG_CTRL_IFACE=unix
endif
endif
CFLAGS += -DCONFIG_CTRL_IFACE
ifeq ($(CONFIG_CTRL_IFACE), unix)
CFLAGS += -DCONFIG_CTRL_IFACE_UNIX
OBJS += ../src/common/ctrl_iface_common.o
endif
ifeq ($(CONFIG_CTRL_IFACE), udp)
CFLAGS += -DCONFIG_CTRL_IFACE_UDP
endif
ifeq ($(CONFIG_CTRL_IFACE), udp6)
CONFIG_CTRL_IFACE=udp
CFLAGS += -DCONFIG_CTRL_IFACE_UDP
CFLAGS += -DCONFIG_CTRL_IFACE_UDP_IPV6
endif
ifeq ($(CONFIG_CTRL_IFACE), named_pipe)
CFLAGS += -DCONFIG_CTRL_IFACE_NAMED_PIPE
endif
ifeq ($(CONFIG_CTRL_IFACE), udp-remote)
CONFIG_CTRL_IFACE=udp
CFLAGS += -DCONFIG_CTRL_IFACE_UDP
CFLAGS += -DCONFIG_CTRL_IFACE_UDP_REMOTE
endif
ifeq ($(CONFIG_CTRL_IFACE), udp6-remote)
CONFIG_CTRL_IFACE=udp
CFLAGS += -DCONFIG_CTRL_IFACE_UDP
CFLAGS += -DCONFIG_CTRL_IFACE_UDP_REMOTE
CFLAGS += -DCONFIG_CTRL_IFACE_UDP_IPV6
endif
OBJS += ctrl_iface.o ctrl_iface_$(CONFIG_CTRL_IFACE).o
endif

ifdef CONFIG_CTRL_IFACE_DBUS_NEW
CFLAGS += -DCONFIG_CTRL_IFACE_DBUS_NEW
OBJS += dbus/dbus_dict_helpers.o
OBJS += dbus/dbus_new_helpers.o
OBJS += dbus/dbus_new.o dbus/dbus_new_handlers.o
OBJS += dbus/dbus_common.o
ifdef CONFIG_WPS
OBJS += dbus/dbus_new_handlers_wps.o
endif
ifdef CONFIG_P2P
OBJS += dbus/dbus_new_handlers_p2p.o
endif
ifndef DBUS_LIBS
DBUS_LIBS := $(shell $(PKG_CONFIG) --libs dbus-1)
endif
ifndef DBUS_INCLUDE
DBUS_INCLUDE := $(shell $(PKG_CONFIG) --cflags dbus-1)
endif
ifdef CONFIG_CTRL_IFACE_DBUS_INTRO
OBJS += dbus/dbus_new_introspect.o
CFLAGS += -DCONFIG_CTRL_IFACE_DBUS_INTRO
endif
CFLAGS += $(DBUS_INCLUDE)
LIBS += $(DBUS_LIBS)
endif

ifdef CONFIG_READLINE
OBJS_c += ../src/utils/edit_readline.o
LIBS_c += -lreadline -lncurses
else
ifdef CONFIG_WPA_CLI_EDIT
OBJS_c += ../src/utils/edit.o
else
OBJS_c += ../src/utils/edit_simple.o
endif
endif

ifdef CONFIG_NATIVE_WINDOWS
CFLAGS += -DCONFIG_NATIVE_WINDOWS
LIBS += -lws2_32 -lgdi32 -lcrypt32
LIBS_c += -lws2_32
LIBS_p += -lws2_32 -lgdi32
ifeq ($(CONFIG_CRYPTO), cryptoapi)
LIBS_p += -lcrypt32
endif
endif

ifdef CONFIG_NO_STDOUT_DEBUG
CFLAGS += -DCONFIG_NO_STDOUT_DEBUG
ifndef CONFIG_CTRL_IFACE
CFLAGS += -DCONFIG_NO_WPA_MSG
endif
endif

ifdef CONFIG_IPV6
# for eapol_test only
CFLAGS += -DCONFIG_IPV6
endif

ifdef CONFIG_NO_LINUX_PACKET_SOCKET_WAR
CFLAGS += -DCONFIG_NO_LINUX_PACKET_SOCKET_WAR
endif

ifdef NEED_BASE64
OBJS += ../src/utils/base64.o
endif

ifdef NEED_SME
OBJS += sme.o
CFLAGS += -DCONFIG_SME
endif

OBJS += ../src/common/ieee802_11_common.o
OBJS += ../src/common/hw_features_common.o

ifdef NEED_EAP_COMMON
OBJS += ../src/eap_common/eap_common.o
endif

ifndef CONFIG_MAIN
CONFIG_MAIN=main
endif

ifdef CONFIG_DEBUG_SYSLOG
CFLAGS += -DCONFIG_DEBUG_SYSLOG
ifdef CONFIG_DEBUG_SYSLOG_FACILITY
CFLAGS += -DLOG_HOSTAPD="$(CONFIG_DEBUG_SYSLOG_FACILITY)"
endif
endif

ifdef CONFIG_DEBUG_LINUX_TRACING
CFLAGS += -DCONFIG_DEBUG_LINUX_TRACING
endif

ifdef CONFIG_DEBUG_FILE
CFLAGS += -DCONFIG_DEBUG_FILE
endif

ifdef CONFIG_DELAYED_MIC_ERROR_REPORT
CFLAGS += -DCONFIG_DELAYED_MIC_ERROR_REPORT
endif

ifdef CONFIG_FIPS
CFLAGS += -DCONFIG_FIPS
ifneq ($(CONFIG_TLS), openssl)
ifneq ($(CONFIG_TLS), wolfssl)
$(error CONFIG_FIPS=y requires CONFIG_TLS=openssl)
endif
endif
endif

OBJS += $(SHA1OBJS) $(DESOBJS)

OBJS_p += $(SHA1OBJS)
OBJS_p += $(SHA256OBJS)
OBJS_priv += $(SHA1OBJS)

ifdef CONFIG_BGSCAN_SIMPLE
CFLAGS += -DCONFIG_BGSCAN_SIMPLE
OBJS += bgscan_simple.o
NEED_BGSCAN=y
endif

ifdef CONFIG_BGSCAN_LEARN
CFLAGS += -DCONFIG_BGSCAN_LEARN
OBJS += bgscan_learn.o
NEED_BGSCAN=y
endif

ifdef NEED_BGSCAN
CFLAGS += -DCONFIG_BGSCAN
OBJS += bgscan.o
endif

ifdef CONFIG_AUTOSCAN_EXPONENTIAL
CFLAGS += -DCONFIG_AUTOSCAN_EXPONENTIAL
OBJS += autoscan_exponential.o
NEED_AUTOSCAN=y
endif

ifdef CONFIG_AUTOSCAN_PERIODIC
CFLAGS += -DCONFIG_AUTOSCAN_PERIODIC
OBJS += autoscan_periodic.o
NEED_AUTOSCAN=y
endif

ifdef NEED_AUTOSCAN
CFLAGS += -DCONFIG_AUTOSCAN
OBJS += autoscan.o
endif

ifdef CONFIG_EXT_PASSWORD_TEST
OBJS += ../src/utils/ext_password_test.o
CFLAGS += -DCONFIG_EXT_PASSWORD_TEST
NEED_EXT_PASSWORD=y
endif

ifdef CONFIG_EXT_PASSWORD_FILE
OBJS += ../src/utils/ext_password_file.o
CFLAGS += -DCONFIG_EXT_PASSWORD_FILE
NEED_EXT_PASSWORD=y
endif

ifdef NEED_EXT_PASSWORD
OBJS += ../src/utils/ext_password.o
CFLAGS += -DCONFIG_EXT_PASSWORD
endif

ifdef NEED_GAS_SERVER
OBJS += ../src/common/gas_server.o
CFLAGS += -DCONFIG_GAS_SERVER
NEED_GAS=y
endif

ifdef NEED_GAS
OBJS += ../src/common/gas.o
OBJS += gas_query.o
CFLAGS += -DCONFIG_GAS
NEED_OFFCHANNEL=y
endif

ifdef NEED_OFFCHANNEL
OBJS += offchannel.o
CFLAGS += -DCONFIG_OFFCHANNEL
endif

ifdef NEED_JSON
OBJS += ../src/utils/json.o
CFLAGS += -DCONFIG_JSON
endif

ifdef CONFIG_MODULE_TESTS
CFLAGS += -DCONFIG_MODULE_TESTS
OBJS += wpas_module_tests.o
OBJS += ../src/utils/utils_module_tests.o
OBJS += ../src/common/common_module_tests.o
OBJS += ../src/crypto/crypto_module_tests.o
ifdef CONFIG_WPS
OBJS += ../src/wps/wps_module_tests.o
endif
endif

OBJS += ../src/drivers/driver_common.o
OBJS_priv += ../src/drivers/driver_common.o

OBJS += wpa_supplicant.o events.o bssid_ignore.o wpas_glue.o scan.o
OBJS_t := $(OBJS) $(OBJS_l2) eapol_test.o
OBJS_t += ../src/radius/radius_client.o
OBJS_t += ../src/radius/radius.o
OBJS_t2 := $(OBJS) $(OBJS_l2) preauth_test.o

OBJS_nfc := $(OBJS) $(OBJS_l2) nfc_pw_token.o
OBJS_nfc += $(OBJS_d) ../src/drivers/drivers.o

OBJS += $(CONFIG_MAIN).o

ifdef CONFIG_PRIVSEP
OBJS_priv += $(OBJS_d) ../src/drivers/drivers.o
OBJS_priv += $(OBJS_l2)
OBJS_priv += ../src/utils/os_$(CONFIG_OS).o
OBJS_priv += ../src/utils/$(CONFIG_ELOOP).o
OBJS_priv += ../src/utils/common.o
OBJS_priv += ../src/utils/wpa_debug.o
OBJS_priv += ../src/utils/wpabuf.o
OBJS_priv += wpa_priv.o
ifdef CONFIG_DRIVER_NL80211
OBJS_priv += ../src/common/ieee802_11_common.o
endif
OBJS += ../src/l2_packet/l2_packet_privsep.o
OBJS += ../src/drivers/driver_privsep.o
EXTRA_progs += wpa_priv
else
OBJS += $(OBJS_d) ../src/drivers/drivers.o
OBJS += $(OBJS_l2)
endif

ifdef CONFIG_NDIS_EVENTS_INTEGRATED
CFLAGS += -DCONFIG_NDIS_EVENTS_INTEGRATED
OBJS += ../src/drivers/ndis_events.o
EXTRALIBS += -loleaut32 -lole32 -luuid
ifdef PLATFORMSDKLIB
EXTRALIBS += $(PLATFORMSDKLIB)/WbemUuid.Lib
else
EXTRALIBS += WbemUuid.Lib
endif
endif

ifdef CONFIG_FST
CFLAGS += -DCONFIG_FST
ifdef CONFIG_FST_TEST
CFLAGS += -DCONFIG_FST_TEST
endif
FST_OBJS += ../src/fst/fst.o
FST_OBJS += ../src/fst/fst_session.o
FST_OBJS += ../src/fst/fst_iface.o
FST_OBJS += ../src/fst/fst_group.o
FST_OBJS += ../src/fst/fst_ctrl_aux.o
ifdef CONFIG_CTRL_IFACE
FST_OBJS += ../src/fst/fst_ctrl_iface.o
endif
OBJS += $(FST_OBJS)
OBJS_t += $(FST_OBJS)
OBJS_t2 += $(FST_OBJS)
OBJS_nfc += $(FST_OBJS)
endif

ifdef CONFIG_WEP
CFLAGS += -DCONFIG_WEP
endif

ifdef CONFIG_NO_TKIP
CFLAGS += -DCONFIG_NO_TKIP
endif

dynamic_eap_methods: $(EAPDYN)

_OBJS_VAR := OBJS_priv
include ../src/objs.mk
wpa_priv: $(BCHECK) $(OBJS_priv)
	$(Q)$(LDO) --static $(LDFLAGS) -o wpa_priv $(OBJS_priv) $(LIBS) -lpthread -ldl
	@$(E) "  LD " $@

_OBJS_VAR := OBJS
include ../src/objs.mk
wpa_supplicant: $(BCHECK) $(OBJS) $(EXTRA_progs)
	$(Q)$(LDO) --static $(LDFLAGS) -o wpa_supplicant $(OBJS) $(LIBS) $(EXTRALIBS) -lpthread -ldl
	@$(E) "  LD " $@

_OBJS_VAR := OBJS_t
include ../src/objs.mk
eapol_test: $(OBJS_t)
	$(Q)$(LDO) --static $(LDFLAGS) -o eapol_test $(OBJS_t) $(LIBS) -lpthread -ldl
	@$(E) "  LD " $@

_OBJS_VAR := OBJS_t2
include ../src/objs.mk
preauth_test: $(OBJS_t2)
	$(Q)$(LDO) $(LDFLAGS) -o preauth_test $(OBJS_t2) $(LIBS) -lpthread -ldl
	@$(E) "  LD " $@

_OBJS_VAR := OBJS_p
include ../src/objs.mk
wpa_passphrase: $(OBJS_p)
	$(Q)$(LDO) $(LDFLAGS) -o wpa_passphrase $(OBJS_p) $(LIBS_p) $(LIBS) -lpthread -ldl
	@$(E) "  LD " $@

_OBJS_VAR := OBJS_c
include ../src/objs.mk
wpa_cli: $(OBJS_c)
	$(Q)$(LDO) --static $(LDFLAGS) -o wpa_cli $(OBJS_c) $(LIBS_c) -lpthread -ldl
	@$(E) "  LD " $@

LIBCTRL += ../src/common/wpa_ctrl.o
LIBCTRL += ../src/utils/os_$(CONFIG_OS).o
LIBCTRL += ../src/utils/common.o
LIBCTRL += ../src/utils/wpa_debug.o
LIBCTRLSO += ../src/common/wpa_ctrl.c
LIBCTRLSO += ../src/utils/os_$(CONFIG_OS).c
LIBCTRLSO += ../src/utils/common.c
LIBCTRLSO += ../src/utils/wpa_debug.c

_OBJS_VAR := LIBCTRL
include ../src/objs.mk
libwpa_client.a: $(LIBCTRL)
	$(Q)rm -f $@
	$(Q)$(AR) crs $@ $?
	@$(E) "  AR " $@

libwpa_client.so: $(LIBCTRLSO)
	@$(E) "  CC  $@ ($^)"
	$(Q)$(CC) $(LDFLAGS) -o $@ $(CFLAGS) -shared -fPIC $^

OBJS_wpatest := libwpa_test.o
_OBJS_VAR := OBJS_wpatest
include ../src/objs.mk
libwpa_test1: $(OBJS_wpatest) libwpa_client.a
	$(Q)$(LDO) $(LDFLAGS) -o libwpa_test1 $(OBJS_wpatest) libwpa_client.a $(LIBS_c)
	@$(E) "  LD " $@

libwpa_test2: $(OBJS_wpatest) libwpa_client.so
	$(Q)$(LDO) $(LDFLAGS) -o libwpa_test2 $(OBJS_wpatest) -L. -lwpa_client $(LIBS_c)
	@$(E) "  LD " $@

_OBJS_VAR := OBJS_nfc
include ../src/objs.mk
nfc_pw_token: $(OBJS_nfc)
	$(Q)$(LDO) $(LDFLAGS) -o nfc_pw_token $(OBJS_nfc) $(LIBS)
	@$(E) "  LD " $@

win_if_list: win_if_list.c
	$(Q)$(LDO) $(LDFLAGS) -o $@ win_if_list.c $(CFLAGS) $(LIBS_w)
	@$(E) "  LD " $@

eap_psk.so: $(SRC_EAP_PSK)
	$(Q)$(CC) $(LDFLAGS) -o $@ $(CFLAGS) -shared -rdynamic -fPIC $^ \
		-Deap_peer_psk_register=eap_peer_method_dynamic_init
	@$(E) "  CC/LD " $@

eap_pax.so: $(SRC_EAP_PAX)
	$(Q)$(CC) $(LDFLAGS) -o $@ $(CFLAGS) -shared -rdynamic -fPIC $^ \
		-D$(@F:eap_%.so=eap_peer_%)_register=eap_peer_method_dynamic_init
	@$(E) "  CC/LD " $@

eap_peap.so: $(SRC_EAP_PEAP)
	$(Q)$(CC) $(LDFLAGS) -o $@ $(CFLAGS) -shared -rdynamic -fPIC $^ \
		-D$(@F:eap_%.so=eap_peer_%)_register=eap_peer_method_dynamic_init
	@$(E) "  CC/LD " $@

eap_sake.so: $(SRC_EAP_SAKE)
	$(Q)$(CC) $(LDFLAGS) -o $@ $(CFLAGS) -shared -rdynamic -fPIC $^ \
		-D$(@F:eap_%.so=eap_peer_%)_register=eap_peer_method_dynamic_init
	@$(E) "  CC/LD " $@

eap_ikev2.so: $(SRC_EAP_IKEV2)
	$(Q)$(CC) $(LDFLAGS) -o $@ $(CFLAGS) -shared -rdynamic -fPIC $^ \
		-D$(@F:eap_%.so=eap_peer_%)_register=eap_peer_method_dynamic_init
	@$(E) "  CC/LD " $@

eap_eke.so: $(SRC_EAP_EKE)
	$(Q)$(CC) $(LDFLAGS) -o $@ $(CFLAGS) -shared -rdynamic -fPIC $^ \
		-D$(@F:eap_%.so=eap_peer_%)_register=eap_peer_method_dynamic_init
	@$(E) "  CC/LD " $@

eap_mschapv2.so: $(SRC_EAP_MSCHAPV2)
	$(Q)$(CC) $(LDFLAGS) -o $@ $(CFLAGS) -shared -rdynamic -fPIC $^ \
		-D$(@F:eap_%.so=eap_peer_%)_register=eap_peer_method_dynamic_init
	@$(E) "  CC/LD " $@

eap_fast.so: $(SRC_EAP_FAST)
	$(Q)$(CC) $(LDFLAGS) -o $@ $(CFLAGS) -shared -rdynamic -fPIC $^ \
		-D$(@F:eap_%.so=eap_peer_%)_register=eap_peer_method_dynamic_init
	@$(E) "  CC/LD " $@

eap_teap.so: $(SRC_EAP_TEAP)
	$(Q)$(CC) $(LDFLAGS) -o $@ $(CFLAGS) -shared -rdynamic -fPIC $^ \
		-D$(@F:eap_%.so=eap_peer_%)_register=eap_peer_method_dynamic_init
	@$(E) "  CC/LD " $@

eap_gpsk.so: $(SRC_EAP_GPSK)
	$(Q)$(CC) $(LDFLAGS) -o $@ $(CFLAGS) -shared -rdynamic -fPIC $^ \
		-D$(@F:eap_%.so=eap_peer_%)_register=eap_peer_method_dynamic_init
	@$(E) "  CC/LD " $@

%.so: ../src/eap_peer/%.c
	$(Q)$(CC) $(LDFLAGS) -o $@ $(CFLAGS) -shared -rdynamic -fPIC $< \
		-D$(*F:eap_%=eap_peer_%)_register=eap_peer_method_dynamic_init
	@$(E) "  CC/LD " $@

%.service: %.service.in
	$(Q)sed -e 's|\@BINDIR\@|$(BINDIR)|g' $< >$@
	@$(E) "  sed" $<

%@.service: %.service.arg.in
	$(Q)sed -e 's|\@BINDIR\@|$(BINDIR)|g' $< >$@
	@$(E) "  sed" $<

wpa_supplicant.exe: wpa_supplicant
	mv -f $< $@
wpa_cli.exe: wpa_cli
	mv -f $< $@
wpa_passphrase.exe: wpa_passphrase
	mv -f $< $@
win_if_list.exe: win_if_list
	mv -f $< $@
eapol_test.exe: eapol_test
	mv -f $< $@

WINALL=wpa_supplicant.exe wpa_cli.exe wpa_passphrase.exe win_if_list.exe

windows-bin: $(WINALL)
	$(STRIP) $(WINALL)

wpa_gui:
	@echo "wpa_gui has been removed - see wpa_gui-qt4 for replacement"

wpa_gui-qt4/Makefile:
	qmake -o wpa_gui-qt4/Makefile wpa_gui-qt4/wpa_gui.pro

wpa_gui-qt4/lang/wpa_gui_de.qm: wpa_gui-qt4/lang/wpa_gui_de.ts
	lrelease wpa_gui-qt4/wpa_gui.pro

wpa_gui-qt4: wpa_gui-qt4/Makefile wpa_gui-qt4/lang/wpa_gui_de.qm
	$(MAKE) -C wpa_gui-qt4

FIPSDIR=/usr/local/ssl/fips-2.0
FIPSLD=$(FIPSDIR)/bin/fipsld
fips:
	$(MAKE) CC=$(FIPSLD) FIPSLD_CC="$(CC)"

.PHONY: lcov-html
lcov-html: $(call BUILDOBJ,wpa_supplicant.gcda)
	lcov -c -d $(BUILDDIR) > lcov.info
	genhtml lcov.info --output-directory lcov-html

clean: common-clean
	$(MAKE) -C ../src clean
	$(MAKE) -C dbus clean
	rm -f core *~ *.o *.d *.gcno *.gcda *.gcov
	rm -f eap_*.so $(WINALL) eapol_test preauth_test
	rm -f wpa_priv
	rm -f nfc_pw_token
	rm -f lcov.info
	rm -rf lcov-html
	rm -f libwpa_client.a
	rm -f libwpa_client.so
	rm -f libwpa_test1 libwpa_test2
wpa_supplicant.conf
#ctrl_interface=/var/run/wpa_supplicant
#ctrl_interface_group=wheel
ap_scan=0
network={
    key_mgmt=IEEE8021X
    eap=TLS
    identity="testing"
    password="password"
    ca_cert="/fs2nd/var/cert/ca.pem"
    client_cert="/fs2nd/var/cert/client.pem"
    private_key="/fs2nd/var/cert/client.key"
    private_key_passwd="whatever"
    eapol_flags=0
}

问题

        之前在本地进行EAP-TLS测试时(wpa_supplicant-2.10 + openssl-1.1.1w)一切正常,可

参见《

EAP-TLS实验之Ubuntu20.04环境搭建配置(FreeRADIUS3.0)(四)-CSDN博客

》,但是当我移植到arm上并运行eapol_test -c /fs2nd/etc/wpa_test.conf -a 192.168.0.100 -p 1812 -s testing123 -r 1时,居然卡住了,如下面截图:

最后通过在wpa_supplicant及openssl源代码中添加打印语句,定位到问题所在,原来发生死锁了,而且是在某次获取写(第一次正常)锁时发生死锁!(移植openssl-1.0.2版本则运行正常)

解决

        通过检查openssl-1.1.1w源代码,发现在处理保护某些变量时调用的是读写锁相关函数

int CRYPTO_THREAD_write_lock(CRYPTO_RWLOCK *lock)、

int CRYPTO_THREAD_read_lock(CRYPTO_RWLOCK *lock)、

int CRYPTO_THREAD_unlock(CRYPTO_RWLOCK *lock)函数,在调用的函数里面,并没有对返回结果进行判断,比如在调用CRYPTO_THREAD_write_lock后,接着就直接处理相关内容,处理完成后直接CRYPTO_THREAD_unlock。如果获取锁正常返回0,不做判断则程序正常运行,但是该线程若获取锁失败返回非零的值(EBUSY、EDEADLK(35)、EINVAL)的时候,再调用CRYPTO_THREAD_unlock释放锁,后果不可推测,照目前来看,一旦某次获取锁失败后直接释放锁会导致后面多次获取锁失败,最终引起某次的死锁。

        目前理论上有两种解决方式,其一修改openssl读写锁调用逻辑(增加返回值判断),其二换种变量保护机制锁,比如经典的互斥锁,如下图屏蔽默认的读写锁(crypto/threads_pthread.c),启用互斥锁(//#define USE_RWLOCK)。

测试

        重新交叉编译并安装openssl-1.1.1w,重新静态交叉编译eapol_test,将eapol_test拷贝到开发板后,执行

#eapol_test -c /fs2nd/etc/wpa_test.conf -a 192.168.0.100 -p 1812 -s testing123 -r 1

输出如下:

# eapol_test -c /fs2nd/etc/wpa_test.conf -a 192.168.0.100 -p 1812 -s testing123
-r 1
Reading configuration file '/fs2nd/etc/wpa_test.conf'
ap_scan=0
Line: 4 - start of a new network block
key_mgmt: 0x8
eap methods - hexdump(len=16): 00 00 00 00 0d 00 00 00 00 00 00 00 00 00 00 00
identity - hexdump_ascii(len=7):
     74 65 73 74 69 6e 67                              testing
password - hexdump_ascii(len=8):
     70 61 73 73 77 6f 72 64                           password
ca_cert - hexdump_ascii(len=22):
     2f 66 73 32 6e 64 2f 76 61 72 2f 63 65 72 74 2f   /fs2nd/var/cert/
     63 61 2e 70 65 6d                                 ca.pem
client_cert - hexdump_ascii(len=26):
     2f 66 73 32 6e 64 2f 76 61 72 2f 63 65 72 74 2f   /fs2nd/var/cert/
     63 6c 69 65 6e 74 2e 70 65 6d                     client.pem
private_key - hexdump_ascii(len=26):
     2f 66 73 32 6e 64 2f 76 61 72 2f 63 65 72 74 2f   /fs2nd/var/cert/
     63 6c 69 65 6e 74 2e 6b 65 79                     client.key
private_key_passwd - hexdump_ascii(len=8):
     77 68 61 74 65 76 65 72                           whatever
eapol_flags=0 (0x0)
Priority group 0
   id=0 ssid=''
Authentication server 192.168.0.100:1812
RADIUS local address: 192.168.0.60:53296
auth=1,sel_sock=3
radius_client_init ok!
os_realloc_array ok!
wpa_supplicant_scard_init ok
in test_eapol..
ctx = os_zalloc ok
1eapol_sm_init(ctx)
in eapol_sm_init..
sm = os_zalloc ok
1sm = eap_peer_sm_init
in eap_peer_sm_init...
1dl_list_init
2dl_list_init
1tls_init
openssl tls_init..
1openssl_load_legacy_provider
2openssl_load_legacy_provider
3openssl_load_legacy_provider
1tls_context_new
2tls_context_new
1SSL_CTX_new...
SSL_CTX_new ok
2SSL_CTX_new
SSL_CTX_new ok
1SSL_CTX_set_options
2SSL_CTX_set_options
3SSL_CTX_set_options
1SSL_CTX_set_mode
2SSL_CTX_set_mode
no auto chain 1SSL_CTX_clear_mode
2SSL_CTX_clear_mode
auto chain 1SSL_CTX_set_info_callback
2SSL_CTX_set_info_callback
SSL_CTX_set_app_data
1SSL_CTX_set_session_cache_mode
2SSL_CTX_set_session_cache_mode
1SSL_SESSION_get_ex_new_index
2SSL_SESSION_get_ex_new_index
defined OPENSSL_NO_ENGINE
success return data !
2tls_init
openssl tls_init..
<1.1.0 1tls_context_new
<1.1.0 2tls_context_new
1SSL_CTX_new...
SSL_CTX_new ok
2SSL_CTX_new
SSL_CTX_new ok
1SSL_CTX_set_options
2SSL_CTX_set_options
3SSL_CTX_set_options
1SSL_CTX_set_mode
2SSL_CTX_set_mode
no auto chain 1SSL_CTX_clear_mode
2SSL_CTX_clear_mode
auto chain 1SSL_CTX_set_info_callback
2SSL_CTX_set_info_callback
SSL_CTX_set_app_data
1SSL_CTX_set_session_cache_mode
2SSL_CTX_set_session_cache_mode
defined OPENSSL_NO_ENGINE
success return data !
3tls_init
2sm = eap_peer_sm_init
1eapol_sm_step
EAPOL: SUPP_PAE entering state DISCONNECTED
EAPOL: KEY_RX entering state NO_KEY_RECEIVE
EAPOL: SUPP_BE entering state INITIALIZE
EAP: EAP entering state DISABLED
2eapol_sm_step
3eapol_sm_step
eloop_register_timeout..
eapol_sm_init exit..
2eapol_sm_init(ctx)
wctx = os_zalloc ok
wpa_sm_init ok
ssid ok
1eapol_sm_notify_config
2eapol_sm_notify_config
1eapol_sm_register_scard_ctx
2eapol_sm_register_scard_ctx
1eapol_sm_notify_portValid
EAPOL: External notification - portValid=0
1eapol_sm_notify_portEnabled
EAPOL: External notification - portEnabled=1
EAPOL: SUPP_PAE entering state CONNECTING
EAPOL: SUPP_BE entering state IDLE
EAP: EAP entering state INITIALIZE
EAP: EAP entering state IDLE
2eapol_sm_notify_portEnabled
test_eapol ok
wpas_init_ext_pw ok
Sending fake EAP-Request-Identity
EAPOL: Received EAP-Packet frame
EAPOL: SUPP_PAE entering state RESTART
EAP: EAP entering state INITIALIZE
EAP: EAP entering state IDLE
EAPOL: SUPP_PAE entering state AUTHENTICATING
EAPOL: SUPP_BE entering state REQUEST
EAPOL: getSuppRsp
EAP: EAP entering state RECEIVED
EAP: Received EAP-Request id=184 method=1 vendor=0 vendorMethod=0
EAP: EAP entering state IDENTITY
CTRL-EVENT-EAP-STARTED EAP authentication started
EAP: Status notification: started (param=)
EAP: EAP-Request Identity data - hexdump_ascii(len=0):
EAP: using real identity - hexdump_ascii(len=7):
     74 65 73 74 69 6e 67                              testing
EAP: EAP entering state SEND_RESPONSE
EAP: EAP entering state IDLE
EAPOL: SUPP_BE entering state RESPONSE
EAPOL: txSuppRsp
WPA: eapol_test_eapol_send(type=0 len=12)
TX EAP -> RADIUS - hexdump(len=12): 02 b8 00 0c 01 74 65 73 74 69 6e 67
Encapsulating EAP message into a RADIUS packet
Learned identity from EAP-Response-Identity - hexdump(len=7): 74 65 73 74 69 6e 67
Sending RADIUS message to authentication server
RADIUS message: code=1 (Access-Request) identifier=0 length=128
   Attribute 1 (User-Name) length=9
      Value: 'testing'
   Attribute 4 (NAS-IP-Address) length=6
      Value: 127.0.0.1
   Attribute 31 (Calling-Station-Id) length=19
      Value: '02-00-00-00-00-01'
   Attribute 12 (Framed-MTU) length=6
      Value: 1400
   Attribute 61 (NAS-Port-Type) length=6
      Value: 19
   Attribute 6 (Service-Type) length=6
      Value: 2
   Attribute 77 (Connect-Info) length=24
      Value: 'CONNECT 11Mbps 802.11b'
   Attribute 79 (EAP-Message) length=14
      Value: 02b8000c0174657374696e67
   Attribute 80 (Message-Authenticator) length=18
      Value: 0eca70ccd8de9768b78501586eb2df75
Next RADIUS client retransmit in 3 seconds
EAPOL: SUPP_BE entering state RECEIVE
Received 64 bytes from RADIUS server
Received RADIUS message
RADIUS message: code=11 (Access-Challenge) identifier=0 length=64
   Attribute 79 (EAP-Message) length=8
      Value: 01b900060d20
   Attribute 80 (Message-Authenticator) length=18
      Value: b1d7b01336bc8df5a2ec2d57e6950d35
   Attribute 24 (State) length=18
      Value: ca743fdecacd324cf45abe976bc7a86c
STA 02:00:00:00:00:01: Received RADIUS packet matched with a pending request, round trip time 0.00 sec

RADIUS packet matching with station
decapsulated EAP packet (code=1 id=185 len=6) from RADIUS server: EAP-Request-TLS (13)
EAPOL: Received EAP-Packet frame
EAPOL: SUPP_BE entering state REQUEST
EAPOL: getSuppRsp
EAP: EAP entering state RECEIVED
EAP: Received EAP-Request id=185 method=13 vendor=0 vendorMethod=0
EAP: EAP entering state GET_METHOD
CTRL-EVENT-EAP-PROPOSED-METHOD vendor=0 method=13
EAP: Status notification: accept proposed method (param=TLS)
EAP: Initialize selected EAP method: vendor 0 method 13 (TLS)
TLS: using phase1 config options
TLS: Trusted root certificate(s) loaded
OpenSSL: SSL_use_certificate_chain_file --> OK
OpenSSL: tls_use_private_key_file (PEM) --> loaded
SSL: Private key loaded successfully
CTRL-EVENT-EAP-METHOD EAP vendor 0 method 13 (TLS) selected
EAP: EAP entering state METHOD
SSL: Received packet(len=6) - Flags 0x20
EAP-TLS: Start
SSL: (where=0x10 ret=0x1)
SSL: (where=0x1001 ret=0x1)
SSL: SSL_connect:before SSL initialization
OpenSSL: TX ver=0x0 content_type=256 (TLS header info/)
OpenSSL: Message - hexdump(len=5): 16 03 01 00 b9
OpenSSL: TX ver=0x303 content_type=22 (handshake/client hello)
OpenSSL: Message - hexdump(len=185): 01 00 00 b5 03 03 c6 43 d6 4f b9 ff ad 62 a8 01 30 eb 50 67 7a 7b 04 20 b3 f7 f0 82 7e 7f 18 f9 2e e9 02 87 39 48 00 00 38 c0 2c c0 30 00 9f cc a9 cc a8 cc aa c0 2b c0 2f 00 9e c0 24 c0 28 00 6b c0 23 c0 27 00 67 c0 0a c0 14 00 39 c0 09 c0 13 00 33 00 9d 00 9c 00 3d 00 3c 00 35 00 2f 00 ff 01 00 00 54 00 0b 00 04 03 00 01 02 00 0a 00 0c 00 0a 00 1d 00 17 00 1e 00 19 00 18 00 16 00 00 00 17 00 00 00 0d 00 30 00 2e 04 03 05 03 06 03 08 07 08 08 08 09 08 0a 08 0b 08 04 08 05 08 06 04 01 05 01 06 01 03 03 02 03 03 01 02 01 03 02 02 02 04 02 05 02 06 02
SSL: (where=0x1001 ret=0x1)
SSL: SSL_connect:SSLv3/TLS write client hello
SSL: (where=0x1002 ret=0xffffffff)
SSL: SSL_connect:error in SSLv3/TLS write client hello
SSL: SSL_connect - want more data
SSL: 190 bytes pending from ssl_out
SSL: Using TLS version TLSv1.2
SSL: 190 bytes left to be sent out (of total 190 bytes)
EAP: method process -> ignore=FALSE methodState=MAY_CONT decision=FAIL eapRespData=0x3c02a0
EAP: EAP entering state SEND_RESPONSE
EAP: EAP entering state IDLE
EAPOL: SUPP_BE entering state RESPONSE
EAPOL: txSuppRsp
WPA: eapol_test_eapol_send(type=0 len=196)
TX EAP -> RADIUS - hexdump(len=196): 02 b9 00 c4 0d 00 16 03 01 00 b9 01 00 00 b5 03 03 c6 43 d6 4f b9 ff ad 62 a8 01 30 eb 50 67 7a 7b 04 20 b3 f7 f0 82 7e 7f 18 f9 2e e9 02 87 39 48 00 00 38 c0 2c c0 30 00 9f cc a9 cc a8 cc aa c0 2b c0 2f 00 9e c0 24 c0 28 00 6b c0 23 c0 27 00 67 c0 0a c0 14 00 39 c0 09 c0 13 00 33 00 9d 00 9c 00 3d 00 3c 00 35 00 2f 00 ff 01 00 00 54 00 0b 00 04 03 00 01 02 00 0a 00 0c 00 0a 00 1d 00 17 00 1e 00 19 00 18 00 16 00 00 00 17 00 00 00 0d 00 30 00 2e 04 03 05 03 06 03 08 07 08 08 08 09 08 0a 08 0b 08 04 08 05 08 06 04 01 05 01 06 01 03 03 02 03 03 01 02 01 03 02 02 02 04 02 05 02 06 02
Encapsulating EAP message into a RADIUS packet
  Copied RADIUS State Attribute
Sending RADIUS message to authentication server
RADIUS message: code=1 (Access-Request) identifier=1 length=330
   Attribute 1 (User-Name) length=9
      Value: 'testing'
   Attribute 4 (NAS-IP-Address) length=6
      Value: 127.0.0.1
   Attribute 31 (Calling-Station-Id) length=19
      Value: '02-00-00-00-00-01'
   Attribute 12 (Framed-MTU) length=6
      Value: 1400
   Attribute 61 (NAS-Port-Type) length=6
      Value: 19
   Attribute 6 (Service-Type) length=6
      Value: 2
   Attribute 77 (Connect-Info) length=24
      Value: 'CONNECT 11Mbps 802.11b'
   Attribute 79 (EAP-Message) length=198
      Value: 02b900c40d0016030100b9010000b50303c643d64fb9ffad62a80130eb50677a7b0420b3f7f0827e7f18f92ee902873948000038c02cc030009fcca9cca8ccaac02bc02f009ec024c028006bc023c0270067c00ac0140039c009c0130033009d009c003d003c0035002f00ff01000054000b000403000102000a000c000a001d0017001e001900180016000000170000000d0030002e040305030603080708080809080a080b080408050806040105010601030302030301020103020202040205020602
   Attribute 24 (State) length=18
      Value: ca743fdecacd324cf45abe976bc7a86c
   Attribute 80 (Message-Authenticator) length=18
      Value: 506db8afdaaab4828eb2d610b761b975
Next RADIUS client retransmit in 3 seconds
EAPOL: SUPP_BE entering state RECEIVE
Received 1068 bytes from RADIUS server
Received RADIUS message
RADIUS message: code=11 (Access-Challenge) identifier=1 length=1068
   Attribute 79 (EAP-Message) length=255
      Value: 01ba03ec0dc000000b5c160303003d0200003903036204450d5f0ebe6e6983c030c4cf1b5a3a5fc28db4c466b14391dc329d9c45d100c030000011ff01000100000b0004030001020017000016030308e90b0008e50008e20003de308203da308202c2a003020102020101300d06092a864886f70d01010b0500308193310b3009060355040613024652310f300d06035504080c065261646975733112301006035504070c09536f6d65776865726531153013060355040a0c0c4578616d706c6520496e632e3120301e06092a864886f70d010901161161646d696e406578616d706c652e6f72673126302406035504030c1d4578616d706c65204365
   Attribute 79 (EAP-Message) length=255
      Value: 72746966696361746520417574686f72697479301e170d3234303232313032353532355a170d3234303432313032353532355a307c310b3009060355040613024652310f300d06035504080c0652616469757331153013060355040a0c0c4578616d706c6520496e632e3123302106035504030c1a4578616d706c65205365727665722043657274696669636174653120301e06092a864886f70d010901161161646d696e406578616d706c652e6f726730820122300d06092a864886f70d01010105000382010f003082010a0282010100d1c0abffd46f4b5369d6d00416364ab0adef9cb6e6650d29521299d8ad893bf218f0934d0b97018b2dca90
   Attribute 79 (EAP-Message) length=255
      Value: 3b2bc3dc35144dbebe52e72021d263a2138231492ba3a6aadf640bcdabc40433c22d6d53ce4fb384c2576cc9326dae0befaaad84207485b03751401051d13e1e175a15926d4bd9ddabdc4bc327fd88eba4b01d6e4e61c54b3a36b8c3150d6b44699045e265040c85d67f181bd51e236f437e03b0755418b6d7c570f22c5216defb52dc25e1dbd6438f262dfa04f673f1fd325abad4e9d05cd1aa66258a27d5d174e6c2d4c3ecd756b1c9d2806c8fd7998d765e3bc8091101fba7ccadbb33f92560d6fba647c303d21366450adfd6c296d829c693870203010001a34f304d30130603551d25040c300a06082b0601050507030130360603551d1f042f30
   Attribute 79 (EAP-Message) length=247
      Value: 2d302ba029a0278625687474703a2f2f7777772e6578616d706c652e636f6d2f6578616d706c655f63612e63726c300d06092a864886f70d01010b05000382010100bd49899734116830715ab1b59f5748c02d47b925228a7c180cba3966d09c61d906ee2cc792065be7f44ea25da7837bd142d3b280178fbce6eda7abd9031f01f0cbbf17607d4543f9c649656f331584f56273933afd58fd4de6c40b9dff9dc2c4b7bcf09a713fcdf81a07ad00a73d099cbef6f1e81474d5fda07a975248861de4116171a7db5360e650bee856f75c838d51ae3bb1841f05e9f39166ff132a23e81cff02855b53cf09f7d54070be0c5107f64ab5
   Attribute 80 (Message-Authenticator) length=18
      Value: 8e0cd414d815957da7ae15a73e202a4d
   Attribute 24 (State) length=18
      Value: ca743fdecbce324cf45abe976bc7a86c
STA 02:00:00:00:00:01: Received RADIUS packet matched with a pending request, round trip time 0.00 sec

RADIUS packet matching with station
decapsulated EAP packet (code=1 id=186 len=1004) from RADIUS server: EAP-Request-TLS (13)
EAPOL: Received EAP-Packet frame
EAPOL: SUPP_BE entering state REQUEST
EAPOL: getSuppRsp
EAP: EAP entering state RECEIVED
EAP: Received EAP-Request id=186 method=13 vendor=0 vendorMethod=0
EAP: EAP entering state METHOD
SSL: Received packet(len=1004) - Flags 0xc0
SSL: TLS Message Length: 2908
SSL: Need 1914 bytes more input data
SSL: Building ACK (type=13 id=186 ver=0)
EAP: method process -> ignore=FALSE methodState=MAY_CONT decision=FAIL eapRespData=0x3bd5c8
EAP: EAP entering state SEND_RESPONSE
EAP: EAP entering state IDLE
EAPOL: SUPP_BE entering state RESPONSE
EAPOL: txSuppRsp
WPA: eapol_test_eapol_send(type=0 len=6)
TX EAP -> RADIUS - hexdump(len=6): 02 ba 00 06 0d 00
Encapsulating EAP message into a RADIUS packet
  Copied RADIUS State Attribute
Sending RADIUS message to authentication server
RADIUS message: code=1 (Access-Request) identifier=2 length=140
   Attribute 1 (User-Name) length=9
      Value: 'testing'
   Attribute 4 (NAS-IP-Address) length=6
      Value: 127.0.0.1
   Attribute 31 (Calling-Station-Id) length=19
      Value: '02-00-00-00-00-01'
   Attribute 12 (Framed-MTU) length=6
      Value: 1400
   Attribute 61 (NAS-Port-Type) length=6
      Value: 19
   Attribute 6 (Service-Type) length=6
      Value: 2
   Attribute 77 (Connect-Info) length=24
      Value: 'CONNECT 11Mbps 802.11b'
   Attribute 79 (EAP-Message) length=8
      Value: 02ba00060d00
   Attribute 24 (State) length=18
      Value: ca743fdecbce324cf45abe976bc7a86c
   Attribute 80 (Message-Authenticator) length=18
      Value: 4e9401c97b21fb096d43684ccbfaac05
Next RADIUS client retransmit in 3 seconds
EAPOL: SUPP_BE entering state RECEIVE
Received 1068 bytes from RADIUS server
Received RADIUS message
RADIUS message: code=11 (Access-Challenge) identifier=2 length=1068
   Attribute 79 (EAP-Message) length=255
      Value: 01bb03ec0dc000000b5cd38235a4811c3f2e4cc129e388ad6f6c6237386b5f4d7ecc8d193c2465dfe051194474b53e1ac364e4b8fdcb527d6de8ca809cbfd5eb53a47785e62eaa3f7bafbeff699f9e631a78efbd38d6270004fe308204fa308203e2a00302010202144a1dec91e0857d76d65f37d6ddaab4191176ebcb300d06092a864886f70d01010b0500308193310b3009060355040613024652310f300d06035504080c065261646975733112301006035504070c09536f6d65776865726531153013060355040a0c0c4578616d706c6520496e632e3120301e06092a864886f70d010901161161646d696e406578616d706c652e6f7267312630
   Attribute 79 (EAP-Message) length=255
      Value: 2406035504030c1d4578616d706c6520436572746966696361746520417574686f72697479301e170d3234303232313032353532355a170d3234303432313032353532355a308193310b3009060355040613024652310f300d06035504080c065261646975733112301006035504070c09536f6d65776865726531153013060355040a0c0c4578616d706c6520496e632e3120301e06092a864886f70d010901161161646d696e406578616d706c652e6f72673126302406035504030c1d4578616d706c6520436572746966696361746520417574686f7269747930820122300d06092a864886f70d01010105000382010f003082010a0282010100d7
   Attribute 79 (EAP-Message) length=255
      Value: ab97ba11f901e2bcbe703c7b5a468fea2a402bd27b361c815926d7d1f57fc33a400483d80c8a3fbceb16bca825981cda2ec7330b407800f17dcff77618b2f6a4a7a92216ef2ca4200e5be35a17a0f2a15bf8b43312c66290729aeab2c5ba237ec94e9a1f5257483eeede76626d677f0dd91ee89202fc8dae4e3c015fb98a4f0750aa0e7ed1bd5c3a6b8623638d876f4dab25690be87e096d7e887529072bd3eedea0bff065fd9b79914e0e7b740f236f20372b3b0ad1e9acec52b37541cea0af33729dae3e4a6322e86b44a159c6df35790b0b6a26fc9428a8f323e35198648b7b509350f3dd72929ab5f2970f5dd4ef271575f3665b69b5bd94768b84
   Attribute 79 (EAP-Message) length=247
      Value: 783f0203010001a38201423082013e301d0603551d0e0416041401571d779e50f5b591d6dad496f89ac3bc91cf273081d30603551d230481cb3081c8801401571d779e50f5b591d6dad496f89ac3bc91cf27a18199a48196308193310b3009060355040613024652310f300d06035504080c065261646975733112301006035504070c09536f6d65776865726531153013060355040a0c0c4578616d706c6520496e632e3120301e06092a864886f70d010901161161646d696e406578616d706c652e6f72673126302406035504030c1d4578616d706c6520436572746966696361746520417574686f7269747982144a1dec91e0
   Attribute 80 (Message-Authenticator) length=18
      Value: 7253b16c84f85e7531cfa162d819b3ec
   Attribute 24 (State) length=18
      Value: ca743fdec8cf324cf45abe976bc7a86c
STA 02:00:00:00:00:01: Received RADIUS packet matched with a pending request, round trip time 0.00 sec

RADIUS packet matching with station
decapsulated EAP packet (code=1 id=187 len=1004) from RADIUS server: EAP-Request-TLS (13)
EAPOL: Received EAP-Packet frame
EAPOL: SUPP_BE entering state REQUEST
EAPOL: getSuppRsp
EAP: EAP entering state RECEIVED
EAP: Received EAP-Request id=187 method=13 vendor=0 vendorMethod=0
EAP: EAP entering state METHOD
SSL: Received packet(len=1004) - Flags 0xc0
SSL: TLS Message Length: 2908
SSL: Need 920 bytes more input data
SSL: Building ACK (type=13 id=187 ver=0)
EAP: method process -> ignore=FALSE methodState=MAY_CONT decision=FAIL eapRespData=0x3baa50
EAP: EAP entering state SEND_RESPONSE
EAP: EAP entering state IDLE
EAPOL: SUPP_BE entering state RESPONSE
EAPOL: txSuppRsp
WPA: eapol_test_eapol_send(type=0 len=6)
TX EAP -> RADIUS - hexdump(len=6): 02 bb 00 06 0d 00
Encapsulating EAP message into a RADIUS packet
  Copied RADIUS State Attribute
Sending RADIUS message to authentication server
RADIUS message: code=1 (Access-Request) identifier=3 length=140
   Attribute 1 (User-Name) length=9
      Value: 'testing'
   Attribute 4 (NAS-IP-Address) length=6
      Value: 127.0.0.1
   Attribute 31 (Calling-Station-Id) length=19
      Value: '02-00-00-00-00-01'
   Attribute 12 (Framed-MTU) length=6
      Value: 1400
   Attribute 61 (NAS-Port-Type) length=6
      Value: 19
   Attribute 6 (Service-Type) length=6
      Value: 2
   Attribute 77 (Connect-Info) length=24
      Value: 'CONNECT 11Mbps 802.11b'
   Attribute 79 (EAP-Message) length=8
      Value: 02bb00060d00
   Attribute 24 (State) length=18
      Value: ca743fdec8cf324cf45abe976bc7a86c
   Attribute 80 (Message-Authenticator) length=18
      Value: 2920190046d413961a6973655ea49010
Next RADIUS client retransmit in 3 seconds
EAPOL: SUPP_BE entering state RECEIVE
Received 994 bytes from RADIUS server
Received RADIUS message
RADIUS message: code=11 (Access-Challenge) identifier=3 length=994
   Attribute 79 (EAP-Message) length=255
      Value: 01bc03a20d8000000b5c857d76d65f37d6ddaab4191176ebcb300f0603551d130101ff040530030101ff30360603551d1f042f302d302ba029a0278625687474703a2f2f7777772e6578616d706c652e6f72672f6578616d706c655f63612e63726c300d06092a864886f70d01010b050003820101005a51d379e5b56b816e7a7bd9ea454a1a686230c60c53f17ca70b7f716c0c0da2ebafbaacf1615dac121f23e4b9f83b66700c2dbf935a16e9ad936fb6c608f9f12cbd45027e0889e6b59c78cc47f407ea36e32bdd38ae9a5bf3909bf68c0328e3bef677fec2d98731b1bd09456832b211c86574121e3f2e8de75602b0f5eb974f3a4de26a815497
   Attribute 79 (EAP-Message) length=255
      Value: 22779451a947d69b5dc9f7b388e21974d5ed3518b704d951a1eda7301d009493e3fc407ebbae924df016903a69adc37909ecdf3722eb1b964633fccd6eefd8f94ccce6108ce3e84b1d4d6e8a257b20e0babdc53cd8b240e9ca8440bd977a4db811814164a7890abb48d0642a83d23a901c605465ffeeeac241160303014d0c0001490300174104b328454ec67fc6ec7be8870acc825b11b696362888140587baf35b6a09f8315c1263373cebdff600b75a3c40e120190b9e3fb415a2b907cfb1b8988caf43d0a108040100617b8fa6165a7e9641eaff376a93251b042cbc664eeed6a76fa4ea120efa120ef86433c6cfb3f60900eb0754bb82c8d45ee2
   Attribute 79 (EAP-Message) length=255
      Value: e0425ab338d292bb4d1507ca6d6c21bf2ca140cf0c47f6c4cc82d613c8c407d149945ed72c6a769b7b14a9a0601a0e10d845b9fb15be001c4f0aa1848ba18b8f7aeae95e7c9c54f4ee804b34f4e8552ba662841d5eddb7094ac8fa29c8ca6fb0e7de725bb4d07203a71c25b59af96e27b641b92bb27ce6baedd0f44cb61bb51dbdb92cd5c91d1a878b535a48255cae736f6327fe89dbe1299d1679d469cc479c5cb828b7d15969d46a184a72583bdf07f300bd82cb30db64e324af98dc09abcb8c5b8fe0266b1fa4e88dcda077ec16030300cc0d0000c8030102400028040305030603080708080809080a080b08040805080604010501060103030301
   Attribute 79 (EAP-Message) length=173
      Value: 030204020502060200980096308193310b3009060355040613024652310f300d06035504080c065261646975733112301006035504070c09536f6d65776865726531153013060355040a0c0c4578616d706c6520496e632e3120301e06092a864886f70d010901161161646d696e406578616d706c652e6f72673126302406035504030c1d4578616d706c6520436572746966696361746520417574686f7269747916030300040e000000
   Attribute 80 (Message-Authenticator) length=18
      Value: 57160d99af46f89a7126472c53c5bba3
   Attribute 24 (State) length=18
      Value: ca743fdec9c8324cf45abe976bc7a86c
STA 02:00:00:00:00:01: Received RADIUS packet matched with a pending request, round trip time 0.00 sec

RADIUS packet matching with station
decapsulated EAP packet (code=1 id=188 len=930) from RADIUS server: EAP-Request-TLS (13)
EAPOL: Received EAP-Packet frame
EAPOL: SUPP_BE entering state REQUEST
EAPOL: getSuppRsp
EAP: EAP entering state RECEIVED
EAP: Received EAP-Request id=188 method=13 vendor=0 vendorMethod=0
EAP: EAP entering state METHOD
SSL: Received packet(len=930) - Flags 0x80
SSL: TLS Message Length: 2908
OpenSSL: RX ver=0x0 content_type=256 (TLS header info/)
OpenSSL: Message - hexdump(len=5): 16 03 03 00 3d
SSL: (where=0x1001 ret=0x1)
SSL: SSL_connect:SSLv3/TLS write client hello
OpenSSL: RX ver=0x303 content_type=22 (handshake/server hello)
OpenSSL: Message - hexdump(len=61): 02 00 00 39 03 03 62 04 45 0d 5f 0e be 6e 69 83 c0 30 c4 cf 1b 5a 3a 5f c2 8d b4 c4 66 b1 43 91 dc 32 9d 9c 45 d1 00 c0 30 00 00 11 ff 01 00 01 00 00 0b 00 04 03 00 01 02 00 17 00 00
OpenSSL: RX ver=0x0 content_type=256 (TLS header info/)
OpenSSL: Message - hexdump(len=5): 16 03 03 08 e9
SSL: (where=0x1001 ret=0x1)
SSL: SSL_connect:SSLv3/TLS read server hello
OpenSSL: RX ver=0x303 content_type=22 (handshake/certificate)
OpenSSL: Message - hexdump(len=2281): 0b 00 08 e5 00 08 e2 00 03 de 30 82 03 da 30 82 02 c2 a0 03 02 01 02 02 01 01 30 0d 06 09 2a 86 48 86 f7 0d 01 01 0b 05 00 30 81 93 31 0b 30 09 06 03 55 04 06 13 02 46 52 31 0f 30 0d 06 03 55 04 08 0c 06 52 61 64 69 75 73 31 12 30 10 06 03 55 04 07 0c 09 53 6f 6d 65 77 68 65 72 65 31 15 30 13 06 03 55 04 0a 0c 0c 45 78 61 6d 70 6c 65 20 49 6e 63 2e 31 20 30 1e 06 09 2a 86 48 86 f7 0d 01 09 01 16 11 61 64 6d 69 6e 40 65 78 61 6d 70 6c 65 2e 6f 72 67 31 26 30 24 06 03 55 04 03 0c 1d 45 78 61 6d 70 6c 65 20 43 65 72 74 69 66 69 63 61 74 65 20 41 75 74 68 6f 72 69 74 79 30 1e 17 0d 32 34 30 32 32 31 30 32 35 35 32 35 5a 17 0d 32 34 30 34 32 31 30 32 35 35 32 35 5a 30 7c 31 0b 30 09 06 03 55 04 06 13 02 46 52 31 0f 30 0d 06 03 55 04 08 0c 06 52 61 64 69 75 73 31 15 30 13 06 03 55 04 0a 0c 0c 45 78 61 6d 70 6c 65 20 49 6e 63 2e 31 23 30 21 06 03 55 04 03 0c 1a 45 78 61 6d 70 6c 65 20 53 65 72 76 65 72 20 43 65 72 74 69 66 69 63 61 74 65 31 20 30 1e 06 09 2a 86 48 86 f7 0d 01 09 01 16 11 61 64 6d 69 6e 40 65 78 61 6d 70 6c 65 2e 6f 72 67 30 82 01 22 30 0d 06 09 2a 86 48 86 f7 0d 01 01 01 05 00 03 82 01 0f 00 30 82 01 0a 02 82 01 01 00 d1 c0 ab ff d4 6f 4b 53 69 d6 d0 04 16 36 4a b0 ad ef 9c b6 e6 65 0d 29 52 12 99 d8 ad 89 3b f2 18 f0 93 4d 0b 97 01 8b 2d ca 90 3b 2b c3 dc 35 14 4d be be 52 e7 20 21 d2 63 a2 13 82 31 49 2b a3 a6 aa df 64 0b cd ab c4 04 33 c2 2d 6d 53 ce 4f b3 84 c2 57 6c c9 32 6d ae 0b ef aa ad 84 20 74 85 b0 37 51 40 10 51 d1 3e 1e 17 5a 15 92 6d 4b d9 dd ab dc 4b c3 27 fd 88 eb a4 b0 1d 6e 4e 61 c5 4b 3a 36 b8 c3 15 0d 6b 44 69 90 45 e2 65 04 0c 85 d6 7f 18 1b d5 1e 23 6f 43 7e 03 b0 75 54 18 b6 d7 c5 70 f2 2c 52 16 de fb 52 dc 25 e1 db d6 43 8f 26 2d fa 04 f6 73 f1 fd 32 5a ba d4 e9 d0 5c d1 aa 66 25 8a 27 d5 d1 74 e6 c2 d4 c3 ec d7 56 b1 c9 d2 80 6c 8f d7 99 8d 76 5e 3b c8 09 11 01 fb a7 cc ad bb 33 f9 25 60 d6 fb a6 47 c3 03 d2 13 66 45 0a df d6 c2 96 d8 29 c6 93 87 02 03 01 00 01 a3 4f 30 4d 30 13 06 03 55 1d 25 04 0c 30 0a 06 08 2b 06 01 05 05 07 03 01 30 36 06 03 55 1d 1f 04 2f 30 2d 30 2b a0 29 a0 27 86 25 68 74 74 70 3a 2f 2f 77 77 77 2e 65 78 61 6d 70 6c 65 2e 63 6f 6d 2f 65 78 61 6d 70 6c 65 5f 63 61 2e 63 72 6c 30 0d 06 09 2a 86 48 86 f7 0d 01 01 0b 05 00 03 82 01 01 00 bd 49 89 97 34 11 68 30 71 5a b1 b5 9f 57 48 c0 2d 47 b9 25 22 8a 7c 18 0c ba 39 66 d0 9c 61 d9 06 ee 2c c7 92 06 5b e7 f4 4e a2 5d a7 83 7b d1 42 d3 b2 80 17 8f bc e6 ed a7 ab d9 03 1f 01 f0 cb bf 17 60 7d 45 43 f9 c6 49 65 6f 33 15 84 f5 62 73 93 3a fd 58 fd 4d e6 c4 0b 9d ff 9d c2 c4 b7 bc f0 9a 71 3f cd f8 1a 07 ad 00 a7 3d 09 9c be f6 f1 e8 14 74 d5 fd a0 7a 97 52 48 86 1d e4 11 61 71 a7 db 53 60 e6 50 be e8 56 f7 5c 83 8d 51 ae 3b b1 84 1f 05 e9 f3 91 66 ff 13 2a 23 e8 1c ff 02 85 5b 53 cf 09 f7 d5 40 70 be 0c 51 07 f6 4a b5 d3 82 35 a4 81 1c 3f 2e 4c c1 29 e3 88 ad 6f 6c 62 37 38 6b 5f 4d 7e cc 8d 19 3c 24 65 df e0 51 19 44 74 b5 3e 1a c3 64 e4 b8 fd cb 52 7d 6d e8 ca 80 9c bf d5 eb 53 a4 77 85 e6 2e aa 3f 7b af be ff 69 9f 9e 63 1a 78 ef bd 38 d6 27 00 04 fe 30 82 04 fa 30 82 03 e2 a0 03 02 01 02 02 14 4a 1d ec 91 e0 85 7d 76 d6 5f 37 d6 dd aa b4 19 11 76 eb cb 30 0d 06 09 2a 86 48 86 f7 0d 01 01 0b 05 00 30 81 93 31 0b 30 09 06 03 55 04 06 13 02 46 52 31 0f 30 0d 06 03 55 04 08 0c 06 52 61 64 69 75 73 31 12 30 10 06 03 55 04 07 0c 09 53 6f 6d 65 77 68 65 72 65 31 15 30 13 06 03 55 04 0a 0c 0c 45 78 61 6d 70 6c 65 20 49 6e 63 2e 31 20 30 1e 06 09 2a 86 48 86 f7 0d 01 09 01 16 11 61 64 6d 69 6e 40 65 78 61 6d 70 6c 65 2e 6f 72 67 31 26 30 24 06 03 55 04 03 0c 1d 45 78 61 6d 70 6c 65 20 43 65 72 74 69 66 69 63 61 74 65 20 41 75 74 68 6f 72 69 74 79 30 1e 17 0d 32 34 30 32 32 31 30 32 35 35 32 35 5a 17 0d 32 34 30 34 32 31 30 32 35 35 32 35 5a 30 81 93 31 0b 30 09 06 03 55 04 06 13 02 46 52 31 0f 30 0d 06 03 55 04 08 0c 06 52 61 64 69 75 73 31 12 30 10 06 03 55 04 07 0c 09 53 6f 6d 65 77 68 65 72 65 31 15 30 13 06 03 55 04 0a 0c 0c 45 78 61 6d 70 6c 65 20 49 6e 63 2e 31 20 30 1e 06 09 2a 86 48 86 f7 0d 01 09 01 16 11 61 64 6d 69 6e 40 65 78 61 6d 70 6c 65 2e 6f 72 67 31 26 30 24 06 03 55 04 03 0c 1d 45 78 61 6d 70 6c 65 20 43 65 72 74 69 66 69 63 61 74 65 20 41 75 74 68 6f 72 69 74 79 30 82 01 22 30 0d 06 09 2a 86 48 86 f7 0d 01 01 01 05 00 03 82 01 0f 00 30 82 01 0a 02 82 01 01 00 d7 ab 97 ba 11 f9 01 e2 bc be 70 3c 7b 5a 46 8f ea 2a 40 2b d2 7b 36 1c 81 59 26 d7 d1 f5 7f c3 3a 40 04 83 d8 0c 8a 3f bc eb 16 bc a8 25 98 1c da 2e c7 33 0b 40 78 00 f1 7d cf f7 76 18 b2 f6 a4 a7 a9 22 16 ef 2c a4 20 0e 5b e3 5a 17 a0 f2 a1 5b f8 b4 33 12 c6 62 90 72 9a ea b2 c5 ba 23 7e c9 4e 9a 1f 52 57 48 3e ee de 76 62 6d 67 7f 0d d9 1e e8 92 02 fc 8d ae 4e 3c 01 5f b9 8a 4f 07 50 aa 0e 7e d1 bd 5c 3a 6b 86 23 63 8d 87 6f 4d ab 25 69 0b e8 7e 09 6d 7e 88 75 29 07 2b d3 ee de a0 bf f0 65 fd 9b 79 91 4e 0e 7b 74 0f 23 6f 20 37 2b 3b 0a d1 e9 ac ec 52 b3 75 41 ce a0 af 33 72 9d ae 3e 4a 63 22 e8 6b 44 a1 59 c6 df 35 79 0b 0b 6a 26 fc 94 28 a8 f3 23 e3 51 98 64 8b 7b 50 93 50 f3 dd 72 92 9a b5 f2 97 0f 5d d4 ef 27 15 75 f3 66 5b 69 b5 bd 94 76 8b 84 78 3f 02 03 01 00 01 a3 82 01 42 30 82 01 3e 30 1d 06 03 55 1d 0e 04 16 04 14 01 57 1d 77 9e 50 f5 b5 91 d6 da d4 96 f8 9a c3 bc 91 cf 27 30 81 d3 06 03 55 1d 23 04 81 cb 30 81 c8 80 14 01 57 1d 77 9e 50 f5 b5 91 d6 da d4 96 f8 9a c3 bc 91 cf 27 a1 81 99 a4 81 96 30 81 93 31 0b 30 09 06 03 55 04 06 13 02 46 52 31 0f 30 0d 06 03 55 04 08 0c 06 52 61 64 69 75 73 31 12 30 10 06 03 55 04 07 0c 09 53 6f 6d 65 77 68 65 72 65 31 15 30 13 06 03 55 04 0a 0c 0c 45 78 61 6d 70 6c 65 20 49 6e 63 2e 31 20 30 1e 06 09 2a 86 48 86 f7 0d 01 09 01 16 11 61 64 6d 69 6e 40 65 78 61 6d 70 6c 65 2e 6f 72 67 31 26 30 24 06 03 55 04 03 0c 1d 45 78 61 6d 70 6c 65 20 43 65 72 74 69 66 69 63 61 74 65 20 41 75 74 68 6f 72 69 74 79 82 14 4a 1d ec 91 e0 85 7d 76 d6 5f 37 d6 dd aa b4 19 11 76 eb cb 30 0f 06 03 55 1d 13 01 01 ff 04 05 30 03 01 01 ff 30 36 06 03 55 1d 1f 04 2f 30 2d 30 2b a0 29 a0 27 86 25 68 74 74 70 3a 2f 2f 77 77 77 2e 65 78 61 6d 70 6c 65 2e 6f 72 67 2f 65 78 61 6d 70 6c 65 5f 63 61 2e 63 72 6c 30 0d 06 09 2a 86 48 86 f7 0d 01 01 0b 05 00 03 82 01 01 00 5a 51 d3 79 e5 b5 6b 81 6e 7a 7b d9 ea 45 4a 1a 68 62 30 c6 0c 53 f1 7c a7 0b 7f 71 6c 0c 0d a2 eb af ba ac f1 61 5d ac 12 1f 23 e4 b9 f8 3b 66 70 0c 2d bf 93 5a 16 e9 ad 93 6f b6 c6 08 f9 f1 2c bd 45 02 7e 08 89 e6 b5 9c 78 cc 47 f4 07 ea 36 e3 2b dd 38 ae 9a 5b f3 90 9b f6 8c 03 28 e3 be f6 77 fe c2 d9 87 31 b1 bd 09 45 68 32 b2 11 c8 65 74 12 1e 3f 2e 8d e7 56 02 b0 f5 eb 97 4f 3a 4d e2 6a 81 54 97 22 77 94 51 a9 47 d6 9b 5d c9 f7 b3 88 e2 19 74 d5 ed 35 18 b7 04 d9 51 a1 ed a7 30 1d 00 94 93 e3 fc 40 7e bb ae 92 4d f0 16 90 3a 69 ad c3 79 09 ec df 37 22 eb 1b 96 46 33 fc cd 6e ef d8 f9 4c cc e6 10 8c e3 e8 4b 1d 4d 6e 8a 25 7b 20 e0 ba bd c5 3c d8 b2 40 e9 ca 84 40 bd 97 7a 4d b8 11 81 41 64 a7 89 0a bb 48 d0 64 2a 83 d2 3a 90 1c 60 54 65 ff ee ea c2 41
OpenSSL: Peer certificate - depth 1
Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            4a:1d:ec:91:e0:85:7d:76:d6:5f:37:d6:dd:aa:b4:19:11:76:eb:cb
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: C=FR, ST=Radius, L=Somewhere, O=Example Inc./emailAddress=admin@example.org, CN=Example Certificate Authority
        Validity
            Not Before: Feb 21 02:55:25 2024 GMT
            Not After : Apr 21 02:55:25 2024 GMT
        Subject: C=FR, ST=Radius, L=Somewhere, O=Example Inc./emailAddress=admin@example.org, CN=Example Certificate Authority
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d7:ab:97:ba:11:f9:01:e2:bc:be:70:3c:7b:5a:
                    46:8f:ea:2a:40:2b:d2:7b:36:1c:81:59:26:d7:d1:
                    f5:7f:c3:3a:40:04:83:d8:0c:8a:3f:bc:eb:16:bc:
                    a8:25:98:1c:da:2e:c7:33:0b:40:78:00:f1:7d:cf:
                    f7:76:18:b2:f6:a4:a7:a9:22:16:ef:2c:a4:20:0e:
                    5b:e3:5a:17:a0:f2:a1:5b:f8:b4:33:12:c6:62:90:
                    72:9a:ea:b2:c5:ba:23:7e:c9:4e:9a:1f:52:57:48:
                    3e:ee:de:76:62:6d:67:7f:0d:d9:1e:e8:92:02:fc:
                    8d:ae:4e:3c:01:5f:b9:8a:4f:07:50:aa:0e:7e:d1:
                    bd:5c:3a:6b:86:23:63:8d:87:6f:4d:ab:25:69:0b:
                    e8:7e:09:6d:7e:88:75:29:07:2b:d3:ee:de:a0:bf:
                    f0:65:fd:9b:79:91:4e:0e:7b:74:0f:23:6f:20:37:
                    2b:3b:0a:d1:e9:ac:ec:52:b3:75:41:ce:a0:af:33:
                    72:9d:ae:3e:4a:63:22:e8:6b:44:a1:59:c6:df:35:
                    79:0b:0b:6a:26:fc:94:28:a8:f3:23:e3:51:98:64:
                    8b:7b:50:93:50:f3:dd:72:92:9a:b5:f2:97:0f:5d:
                    d4:ef:27:15:75:f3:66:5b:69:b5:bd:94:76:8b:84:
                    78:3f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                01:57:1D:77:9E:50:F5:B5:91:D6:DA:D4:96:F8:9A:C3:BC:91:CF:27
            X509v3 Authority Key Identifier:
                keyid:01:57:1D:77:9E:50:F5:B5:91:D6:DA:D4:96:F8:9A:C3:BC:91:CF:27
                DirName:/C=FR/ST=Radius/L=Somewhere/O=Example Inc./emailAddress=admin@example.org/CN=Example Certificate Authority
                serial:4A:1D:EC:91:E0:85:7D:76:D6:5F:37:D6:DD:AA:B4:19:11:76:EB:CB

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:http://www.example.org/example_ca.crl

    Signature Algorithm: sha256WithRSAEncryption
         5a:51:d3:79:e5:b5:6b:81:6e:7a:7b:d9:ea:45:4a:1a:68:62:
         30:c6:0c:53:f1:7c:a7:0b:7f:71:6c:0c:0d:a2:eb:af:ba:ac:
         f1:61:5d:ac:12:1f:23:e4:b9:f8:3b:66:70:0c:2d:bf:93:5a:
         16:e9:ad:93:6f:b6:c6:08:f9:f1:2c:bd:45:02:7e:08:89:e6:
         b5:9c:78:cc:47:f4:07:ea:36:e3:2b:dd:38:ae:9a:5b:f3:90:
         9b:f6:8c:03:28:e3:be:f6:77:fe:c2:d9:87:31:b1:bd:09:45:
         68:32:b2:11:c8:65:74:12:1e:3f:2e:8d:e7:56:02:b0:f5:eb:
         97:4f:3a:4d:e2:6a:81:54:97:22:77:94:51:a9:47:d6:9b:5d:
         c9:f7:b3:88:e2:19:74:d5:ed:35:18:b7:04:d9:51:a1:ed:a7:
         30:1d:00:94:93:e3:fc:40:7e:bb:ae:92:4d:f0:16:90:3a:69:
         ad:c3:79:09:ec:df:37:22:eb:1b:96:46:33:fc:cd:6e:ef:d8:
         f9:4c:cc:e6:10:8c:e3:e8:4b:1d:4d:6e:8a:25:7b:20:e0:ba:
         bd:c5:3c:d8:b2:40:e9:ca:84:40:bd:97:7a:4d:b8:11:81:41:
         64:a7:89:0a:bb:48:d0:64:2a:83:d2:3a:90:1c:60:54:65:ff:
         ee:ea:c2:41

CTRL-EVENT-EAP-PEER-CERT depth=1 subject='/C=FR/ST=Radius/L=Somewhere/O=Example Inc./emailAddress=admin@example.org/CN=Example Certificate Authority' hash=5a7df6ac8a17be4f95d70e75e60d255c20228efd5de61400b72207dfbc976477
TLS: tls_verify_cb - preverify_ok=1 err=0 (ok) ca_cert_verify=1 depth=1 buf='/C=FR/ST=Radius/L=Somewhere/O=Example Inc./emailAddress=admin@example.org/CN=Example Certificate Authority'
OpenSSL: Peer certificate - depth 0
Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1 (0x1)
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: C=FR, ST=Radius, L=Somewhere, O=Example Inc./emailAddress=admin@example.org, CN=Example Certificate Authority
        Validity
            Not Before: Feb 21 02:55:25 2024 GMT
            Not After : Apr 21 02:55:25 2024 GMT
        Subject: C=FR, ST=Radius, O=Example Inc., CN=Example Server Certificate/emailAddress=admin@example.org
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d1:c0:ab:ff:d4:6f:4b:53:69:d6:d0:04:16:36:
                    4a:b0:ad:ef:9c:b6:e6:65:0d:29:52:12:99:d8:ad:
                    89:3b:f2:18:f0:93:4d:0b:97:01:8b:2d:ca:90:3b:
                    2b:c3:dc:35:14:4d:be:be:52:e7:20:21:d2:63:a2:
                    13:82:31:49:2b:a3:a6:aa:df:64:0b:cd:ab:c4:04:
                    33:c2:2d:6d:53:ce:4f:b3:84:c2:57:6c:c9:32:6d:
                    ae:0b:ef:aa:ad:84:20:74:85:b0:37:51:40:10:51:
                    d1:3e:1e:17:5a:15:92:6d:4b:d9:dd:ab:dc:4b:c3:
                    27:fd:88:eb:a4:b0:1d:6e:4e:61:c5:4b:3a:36:b8:
                    c3:15:0d:6b:44:69:90:45:e2:65:04:0c:85:d6:7f:
                    18:1b:d5:1e:23:6f:43:7e:03:b0:75:54:18:b6:d7:
                    c5:70:f2:2c:52:16:de:fb:52:dc:25:e1:db:d6:43:
                    8f:26:2d:fa:04:f6:73:f1:fd:32:5a:ba:d4:e9:d0:
                    5c:d1:aa:66:25:8a:27:d5:d1:74:e6:c2:d4:c3:ec:
                    d7:56:b1:c9:d2:80:6c:8f:d7:99:8d:76:5e:3b:c8:
                    09:11:01:fb:a7:cc:ad:bb:33:f9:25:60:d6:fb:a6:
                    47:c3:03:d2:13:66:45:0a:df:d6:c2:96:d8:29:c6:
                    93:87
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Extended Key Usage:
                TLS Web Server Authentication
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:http://www.example.com/example_ca.crl

    Signature Algorithm: sha256WithRSAEncryption
         bd:49:89:97:34:11:68:30:71:5a:b1:b5:9f:57:48:c0:2d:47:
         b9:25:22:8a:7c:18:0c:ba:39:66:d0:9c:61:d9:06:ee:2c:c7:
         92:06:5b:e7:f4:4e:a2:5d:a7:83:7b:d1:42:d3:b2:80:17:8f:
         bc:e6:ed:a7:ab:d9:03:1f:01:f0:cb:bf:17:60:7d:45:43:f9:
         c6:49:65:6f:33:15:84:f5:62:73:93:3a:fd:58:fd:4d:e6:c4:
         0b:9d:ff:9d:c2:c4:b7:bc:f0:9a:71:3f:cd:f8:1a:07:ad:00:
         a7:3d:09:9c:be:f6:f1:e8:14:74:d5:fd:a0:7a:97:52:48:86:
         1d:e4:11:61:71:a7:db:53:60:e6:50:be:e8:56:f7:5c:83:8d:
         51:ae:3b:b1:84:1f:05:e9:f3:91:66:ff:13:2a:23:e8:1c:ff:
         02:85:5b:53:cf:09:f7:d5:40:70:be:0c:51:07:f6:4a:b5:d3:
         82:35:a4:81:1c:3f:2e:4c:c1:29:e3:88:ad:6f:6c:62:37:38:
         6b:5f:4d:7e:cc:8d:19:3c:24:65:df:e0:51:19:44:74:b5:3e:
         1a:c3:64:e4:b8:fd:cb:52:7d:6d:e8:ca:80:9c:bf:d5:eb:53:
         a4:77:85:e6:2e:aa:3f:7b:af:be:ff:69:9f:9e:63:1a:78:ef:
         bd:38:d6:27

CTRL-EVENT-EAP-PEER-CERT depth=0 subject='/C=FR/ST=Radius/O=Example Inc./CN=Example Server Certificate/emailAddress=admin@example.org' hash=442c76845b6912ab534b2e2ea69570c8c86cd0e6098e66239bfd6bcc0a40d9fc
TLS: tls_verify_cb - preverify_ok=1 err=0 (ok) ca_cert_verify=1 depth=0 buf='/C=FR/ST=Radius/O=Example Inc./CN=Example Server Certificate/emailAddress=admin@example.org'
EAP: Status notification: remote certificate verification (param=success)
OpenSSL: RX ver=0x0 content_type=256 (TLS header info/)
OpenSSL: Message - hexdump(len=5): 16 03 03 01 4d
SSL: (where=0x1001 ret=0x1)
SSL: SSL_connect:SSLv3/TLS read server certificate
OpenSSL: RX ver=0x303 content_type=22 (handshake/server key exchange)
OpenSSL: Message - hexdump(len=333): 0c 00 01 49 03 00 17 41 04 b3 28 45 4e c6 7f c6 ec 7b e8 87 0a cc 82 5b 11 b6 96 36 28 88 14 05 87 ba f3 5b 6a 09 f8 31 5c 12 63 37 3c eb df f6 00 b7 5a 3c 40 e1 20 19 0b 9e 3f b4 15 a2 b9 07 cf b1 b8 98 8c af 43 d0 a1 08 04 01 00 61 7b 8f a6 16 5a 7e 96 41 ea ff 37 6a 93 25 1b 04 2c bc 66 4e ee d6 a7 6f a4 ea 12 0e fa 12 0e f8 64 33 c6 cf b3 f6 09 00 eb 07 54 bb 82 c8 d4 5e e2 e0 42 5a b3 38 d2 92 bb 4d 15 07 ca 6d 6c 21 bf 2c a1 40 cf 0c 47 f6 c4 cc 82 d6 13 c8 c4 07 d1 49 94 5e d7 2c 6a 76 9b 7b 14 a9 a0 60 1a 0e 10 d8 45 b9 fb 15 be 00 1c 4f 0a a1 84 8b a1 8b 8f 7a ea e9 5e 7c 9c 54 f4 ee 80 4b 34 f4 e8 55 2b a6 62 84 1d 5e dd b7 09 4a c8 fa 29 c8 ca 6f b0 e7 de 72 5b b4 d0 72 03 a7 1c 25 b5 9a f9 6e 27 b6 41 b9 2b b2 7c e6 ba ed d0 f4 4c b6 1b b5 1d bd b9 2c d5 c9 1d 1a 87 8b 53 5a 48 25 5c ae 73 6f 63 27 fe 89 db e1 29 9d 16 79 d4 69 cc 47 9c 5c b8 28 b7 d1 59 69 d4 6a 18 4a 72 58 3b df 07 f3 00 bd 82 cb 30 db 64 e3 24 af 98 dc 09 ab cb 8c 5b 8f e0 26 6b 1f a4 e8 8d cd a0 77 ec
OpenSSL: RX ver=0x0 content_type=256 (TLS header info/)
OpenSSL: Message - hexdump(len=5): 16 03 03 00 cc
SSL: (where=0x1001 ret=0x1)
SSL: SSL_connect:SSLv3/TLS read server key exchange
OpenSSL: RX ver=0x303 content_type=22 (handshake/certificate request)
OpenSSL: Message - hexdump(len=204): 0d 00 00 c8 03 01 02 40 00 28 04 03 05 03 06 03 08 07 08 08 08 09 08 0a 08 0b 08 04 08 05 08 06 04 01 05 01 06 01 03 03 03 01 03 02 04 02 05 02 06 02 00 98 00 96 30 81 93 31 0b 30 09 06 03 55 04 06 13 02 46 52 31 0f 30 0d 06 03 55 04 08 0c 06 52 61 64 69 75 73 31 12 30 10 06 03 55 04 07 0c 09 53 6f 6d 65 77 68 65 72 65 31 15 30 13 06 03 55 04 0a 0c 0c 45 78 61 6d 70 6c 65 20 49 6e 63 2e 31 20 30 1e 06 09 2a 86 48 86 f7 0d 01 09 01 16 11 61 64 6d 69 6e 40 65 78 61 6d 70 6c 65 2e 6f 72 67 31 26 30 24 06 03 55 04 03 0c 1d 45 78 61 6d 70 6c 65 20 43 65 72 74 69 66 69 63 61 74 65 20 41 75 74 68 6f 72 69 74 79
OpenSSL: RX ver=0x0 content_type=256 (TLS header info/)
OpenSSL: Message - hexdump(len=5): 16 03 03 00 04
SSL: (where=0x1001 ret=0x1)
SSL: SSL_connect:SSLv3/TLS read server certificate request
OpenSSL: RX ver=0x303 content_type=22 (handshake/server hello done)
OpenSSL: Message - hexdump(len=4): 0e 00 00 00
SSL: (where=0x1001 ret=0x1)
SSL: SSL_connect:SSLv3/TLS read server done
OpenSSL: TX ver=0x0 content_type=256 (TLS header info/)
OpenSSL: Message - hexdump(len=5): 16 03 03 08 de
OpenSSL: TX ver=0x303 content_type=22 (handshake/certificate)
OpenSSL: Message - hexdump(len=2270): 0b 00 08 da 00 08 d7 00 03 d3 30 82 03 cf 30 82 02 b7 a0 03 02 01 02 02 01 02 30 0d 06 09 2a 86 48 86 f7 0d 01 01 0b 05 00 30 81 93 31 0b 30 09 06 03 55 04 06 13 02 46 52 31 0f 30 0d 06 03 55 04 08 0c 06 52 61 64 69 75 73 31 12 30 10 06 03 55 04 07 0c 09 53 6f 6d 65 77 68 65 72 65 31 15 30 13 06 03 55 04 0a 0c 0c 45 78 61 6d 70 6c 65 20 49 6e 63 2e 31 20 30 1e 06 09 2a 86 48 86 f7 0d 01 09 01 16 11 61 64 6d 69 6e 40 65 78 61 6d 70 6c 65 2e 6f 72 67 31 26 30 24 06 03 55 04 03 0c 1d 45 78 61 6d 70 6c 65 20 43 65 72 74 69 66 69 63 61 74 65 20 41 75 74 68 6f 72 69 74 79 30 1e 17 0d 32 34 30 32 32 31 30 32 35 35 32 35 5a 17 0d 32 34 30 34 32 31 30 32 35 35 32 35 5a 30 71 31 0b 30 09 06 03 55 04 06 13 02 46 52 31 0f 30 0d 06 03 55 04 08 0c 06 52 61 64 69 75 73 31 15 30 13 06 03 55 04 0a 0c 0c 45 78 61 6d 70 6c 65 20 49 6e 63 2e 31 19 30 17 06 03 55 04 03 0c 10 75 73 65 72 40 65 78 61 6d 70 6c 65 2e 6f 72 67 31 1f 30 1d 06 09 2a 86 48 86 f7 0d 01 09 01 16 10 75 73 65 72 40 65 78 61 6d 70 6c 65 2e 6f 72 67 30 82 01 22 30 0d 06 09 2a 86 48 86 f7 0d 01 01 01 05 00 03 82 01 0f 00 30 82 01 0a 02 82 01 01 00 ac 64 f9 52 38 ec f6 6d 2e 16 5e 9e 5b 33 10 ca 9d b0 b8 2d c7 98 21 6e 76 49 c9 e7 73 48 82 90 a6 fd 40 85 2f 7a 6f a8 50 7f a8 8a 81 33 e1 b6 51 75 40 17 ea 49 bb 27 d3 f7 55 ee c4 47 0b 82 4e 29 3e 7d e0 b0 6e 6c aa 88 55 99 3e 21 a1 5e 22 35 22 01 71 2d 04 87 82 25 39 0a 26 d5 44 b2 8f eb 4d e3 29 46 a7 83 de e5 01 d5 81 e4 2c ed bf fe 7f 57 70 df 52 f0 64 77 e9 8f ff 30 43 19 8e 08 28 76 99 99 89 6f 8e a1 d4 e6 5e 34 6f 04 67 30 b9 b3 a1 94 53 3c 9f c6 e7 71 3e ad 2a 11 ff 38 33 24 35 3f 76 ee 91 cf da 03 51 56 3d 4a 12 7d 05 0c 73 8b 88 f4 d0 38 27 b3 e8 09 3c 8d ff 67 cc 2d 1f ce 02 c1 d8 34 62 2b 42 5a 33 19 ae cd 30 4a 89 54 74 6b b2 28 59 f7 65 7c 72 29 04 3d e1 fc 31 c8 c9 ad 8a 1c 10 17 4a 71 88 99 aa 44 28 f7 3d 18 d3 8f 9f 17 3e ca 71 56 bd 67 02 03 01 00 01 a3 4f 30 4d 30 13 06 03 55 1d 25 04 0c 30 0a 06 08 2b 06 01 05 05 07 03 02 30 36 06 03 55 1d 1f 04 2f 30 2d 30 2b a0 29 a0 27 86 25 68 74 74 70 3a 2f 2f 77 77 77 2e 65 78 61 6d 70 6c 65 2e 63 6f 6d 2f 65 78 61 6d 70 6c 65 5f 63 61 2e 63 72 6c 30 0d 06 09 2a 86 48 86 f7 0d 01 01 0b 05 00 03 82 01 01 00 7f 6a 16 6b 0b 48 1b c5 b6 2f 4f e2 49 42 fe 84 16 f4 46 c3 f5 dd ea 61 2b e4 e9 91 ed 8f 00 c3 15 bc 58 ba c2 9a da 2b d6 c9 2f c1 a9 10 b3 fb 15 10 0c 2b 8f 3f 82 67 73 05 f2 69 45 46 26 8c a9 76 6c 07 67 af 42 a1 7d a8 5b 4a 1c c5 59 33 8e 7d c8 d4 e5 4b 93 7a 31 cf aa be 2e 9c 65 29 73 c7 02 3b b7 c1 49 a2 f5 54 ca 73 de b0 12 b4 55 03 44 34 aa cb 81 0e 11 4f a0 13 a7 d8 63 f3 3d 70 86 48 e7 88 ee 56 5c eb 83 04 c4 77 a7 e7 8d da 95 a6 1c b4 86 0c 48 51 b1 8a c6 b8 52 44 b8 3b 55 59 78 60 e9 94 42 c7 a1 28 4b 1d c7 95 fc 0e 5a 3f 63 56 2b 4c 9a 0e c6 2d 41 61 ad 1c e5 86 3b f3 71 14 1f e9 03 82 c6 41 3d 9d f7 88 77 d0 55 a0 dc cc d9 c3 1f 68 40 5f 07 a4 18 8d cf cc dd 11 13 bd 59 79 c7 f7 2c f1 2e 97 f7 63 47 28 92 c1 91 04 91 6e db e9 44 2f d8 c5 4a be 00 04 fe 30 82 04 fa 30 82 03 e2 a0 03 02 01 02 02 14 4a 1d ec 91 e0 85 7d 76 d6 5f 37 d6 dd aa b4 19 11 76 eb cb 30 0d 06 09 2a 86 48 86 f7 0d 01 01 0b 05 00 30 81 93 31 0b 30 09 06 03 55 04 06 13 02 46 52 31 0f 30 0d 06 03 55 04 08 0c 06 52 61 64 69 75 73 31 12 30 10 06 03 55 04 07 0c 09 53 6f 6d 65 77 68 65 72 65 31 15 30 13 06 03 55 04 0a 0c 0c 45 78 61 6d 70 6c 65 20 49 6e 63 2e 31 20 30 1e 06 09 2a 86 48 86 f7 0d 01 09 01 16 11 61 64 6d 69 6e 40 65 78 61 6d 70 6c 65 2e 6f 72 67 31 26 30 24 06 03 55 04 03 0c 1d 45 78 61 6d 70 6c 65 20 43 65 72 74 69 66 69 63 61 74 65 20 41 75 74 68 6f 72 69 74 79 30 1e 17 0d 32 34 30 32 32 31 30 32 35 35 32 35 5a 17 0d 32 34 30 34 32 31 30 32 35 35 32 35 5a 30 81 93 31 0b 30 09 06 03 55 04 06 13 02 46 52 31 0f 30 0d 06 03 55 04 08 0c 06 52 61 64 69 75 73 31 12 30 10 06 03 55 04 07 0c 09 53 6f 6d 65 77 68 65 72 65 31 15 30 13 06 03 55 04 0a 0c 0c 45 78 61 6d 70 6c 65 20 49 6e 63 2e 31 20 30 1e 06 09 2a 86 48 86 f7 0d 01 09 01 16 11 61 64 6d 69 6e 40 65 78 61 6d 70 6c 65 2e 6f 72 67 31 26 30 24 06 03 55 04 03 0c 1d 45 78 61 6d 70 6c 65 20 43 65 72 74 69 66 69 63 61 74 65 20 41 75 74 68 6f 72 69 74 79 30 82 01 22 30 0d 06 09 2a 86 48 86 f7 0d 01 01 01 05 00 03 82 01 0f 00 30 82 01 0a 02 82 01 01 00 d7 ab 97 ba 11 f9 01 e2 bc be 70 3c 7b 5a 46 8f ea 2a 40 2b d2 7b 36 1c 81 59 26 d7 d1 f5 7f c3 3a 40 04 83 d8 0c 8a 3f bc eb 16 bc a8 25 98 1c da 2e c7 33 0b 40 78 00 f1 7d cf f7 76 18 b2 f6 a4 a7 a9 22 16 ef 2c a4 20 0e 5b e3 5a 17 a0 f2 a1 5b f8 b4 33 12 c6 62 90 72 9a ea b2 c5 ba 23 7e c9 4e 9a 1f 52 57 48 3e ee de 76 62 6d 67 7f 0d d9 1e e8 92 02 fc 8d ae 4e 3c 01 5f b9 8a 4f 07 50 aa 0e 7e d1 bd 5c 3a 6b 86 23 63 8d 87 6f 4d ab 25 69 0b e8 7e 09 6d 7e 88 75 29 07 2b d3 ee de a0 bf f0 65 fd 9b 79 91 4e 0e 7b 74 0f 23 6f 20 37 2b 3b 0a d1 e9 ac ec 52 b3 75 41 ce a0 af 33 72 9d ae 3e 4a 63 22 e8 6b 44 a1 59 c6 df 35 79 0b 0b 6a 26 fc 94 28 a8 f3 23 e3 51 98 64 8b 7b 50 93 50 f3 dd 72 92 9a b5 f2 97 0f 5d d4 ef 27 15 75 f3 66 5b 69 b5 bd 94 76 8b 84 78 3f 02 03 01 00 01 a3 82 01 42 30 82 01 3e 30 1d 06 03 55 1d 0e 04 16 04 14 01 57 1d 77 9e 50 f5 b5 91 d6 da d4 96 f8 9a c3 bc 91 cf 27 30 81 d3 06 03 55 1d 23 04 81 cb 30 81 c8 80 14 01 57 1d 77 9e 50 f5 b5 91 d6 da d4 96 f8 9a c3 bc 91 cf 27 a1 81 99 a4 81 96 30 81 93 31 0b 30 09 06 03 55 04 06 13 02 46 52 31 0f 30 0d 06 03 55 04 08 0c 06 52 61 64 69 75 73 31 12 30 10 06 03 55 04 07 0c 09 53 6f 6d 65 77 68 65 72 65 31 15 30 13 06 03 55 04 0a 0c 0c 45 78 61 6d 70 6c 65 20 49 6e 63 2e 31 20 30 1e 06 09 2a 86 48 86 f7 0d 01 09 01 16 11 61 64 6d 69 6e 40 65 78 61 6d 70 6c 65 2e 6f 72 67 31 26 30 24 06 03 55 04 03 0c 1d 45 78 61 6d 70 6c 65 20 43 65 72 74 69 66 69 63 61 74 65 20 41 75 74 68 6f 72 69 74 79 82 14 4a 1d ec 91 e0 85 7d 76 d6 5f 37 d6 dd aa b4 19 11 76 eb cb 30 0f 06 03 55 1d 13 01 01 ff 04 05 30 03 01 01 ff 30 36 06 03 55 1d 1f 04 2f 30 2d 30 2b a0 29 a0 27 86 25 68 74 74 70 3a 2f 2f 77 77 77 2e 65 78 61 6d 70 6c 65 2e 6f 72 67 2f 65 78 61 6d 70 6c 65 5f 63 61 2e 63 72 6c 30 0d 06 09 2a 86 48 86 f7 0d 01 01 0b 05 00 03 82 01 01 00 5a 51 d3 79 e5 b5 6b 81 6e 7a 7b d9 ea 45 4a 1a 68 62 30 c6 0c 53 f1 7c a7 0b 7f 71 6c 0c 0d a2 eb af ba ac f1 61 5d ac 12 1f 23 e4 b9 f8 3b 66 70 0c 2d bf 93 5a 16 e9 ad 93 6f b6 c6 08 f9 f1 2c bd 45 02 7e 08 89 e6 b5 9c 78 cc 47 f4 07 ea 36 e3 2b dd 38 ae 9a 5b f3 90 9b f6 8c 03 28 e3 be f6 77 fe c2 d9 87 31 b1 bd 09 45 68 32 b2 11 c8 65 74 12 1e 3f 2e 8d e7 56 02 b0 f5 eb 97 4f 3a 4d e2 6a 81 54 97 22 77 94 51 a9 47 d6 9b 5d c9 f7 b3 88 e2 19 74 d5 ed 35 18 b7 04 d9 51 a1 ed a7 30 1d 00 94 93 e3 fc 40 7e bb ae 92 4d f0 16 90 3a 69 ad c3 79 09 ec df 37 22 eb 1b 96 46 33 fc cd 6e ef d8 f9 4c cc e6 10 8c e3 e8 4b 1d 4d 6e 8a 25 7b 20 e0 ba bd c5 3c d8 b2 40 e9 ca 84 40 bd 97 7a 4d b8 11 81 41 64 a7 89 0a bb 48 d0 64 2a 83 d2 3a 90 1c 60 54 65 ff ee ea c2 41
SSL: (where=0x1001 ret=0x1)
SSL: SSL_connect:SSLv3/TLS write client certificate
OpenSSL: TX ver=0x0 content_type=256 (TLS header info/)
OpenSSL: Message - hexdump(len=5): 16 03 03 00 46
OpenSSL: TX ver=0x303 content_type=22 (handshake/client key exchange)
OpenSSL: Message - hexdump(len=70): 10 00 00 42 41 04 ef 34 59 f4 24 ec 61 69 76 b1 e1 df b9 4e fa df 66 6d f2 01 26 26 d2 db 1c b2 40 08 e3 79 96 ab 18 09 10 c7 3d 42 e3 d7 1a 36 80 ac 28 48 5b a2 4a 25 98 eb 5a b6 4c e2 09 19 32 83 86 8e 34 0a
SSL: (where=0x1001 ret=0x1)
SSL: SSL_connect:SSLv3/TLS write client key exchange
OpenSSL: TX ver=0x0 content_type=256 (TLS header info/)
OpenSSL: Message - hexdump(len=5): 16 03 03 01 08
OpenSSL: TX ver=0x303 content_type=22 (handshake/certificate verify)
OpenSSL: Message - hexdump(len=264): 0f 00 01 04 08 04 01 00 9b 3f 12 86 18 67 71 5d 81 c0 70 f4 c9 e1 7a da 81 86 8f e0 bf a1 86 a5 72 ed 56 4b 41 33 e9 34 4a eb b1 04 80 5c 48 39 0e 4e 51 9e 3e 4e 4f 35 e9 7c 77 1b 3b 89 66 57 82 ee c3 38 86 63 5a 84 03 c5 eb 88 df ef 10 05 44 c7 3a 03 26 c0 76 0f 62 1b 93 61 d6 fa 6f a5 d9 0c a4 a0 21 9f 22 9b d1 b3 9c 1b 85 a5 58 7d 3c 17 d6 42 69 8a f8 a2 0c 57 fe c4 20 dc 1d db d6 74 59 bb 0f 67 3c 43 6e 98 7c 50 72 64 50 06 9c 4f d9 db c1 2d fb e2 f5 ce 24 23 63 29 ef d7 70 1d c5 1b a1 e2 a0 6a 56 dd f6 48 7d 8c bb 2a 4c d3 75 0b 8f af 4e c6 c1 10 14 8e da 35 e7 43 02 ba e7 2a 06 e9 1a bb ad 9d 88 2e a8 1a 26 a8 07 a1 dd 83 bd 1e f6 9c a4 18 7d 09 d6 e2 ab 8b ff d0 d5 49 a6 8a 88 02 e3 58 c1 36 36 f2 4f 9f e5 e9 db 93 63 e3 a8 12 b8 75 da f1 fd 19 9a 99 8d 77 80 d7 08 c7 c4 3b
SSL: (where=0x1001 ret=0x1)
SSL: SSL_connect:SSLv3/TLS write certificate verify
OpenSSL: TX ver=0x0 content_type=256 (TLS header info/)
OpenSSL: Message - hexdump(len=5): 14 03 03 00 01
OpenSSL: TX ver=0x303 content_type=20 (change cipher spec/)
OpenSSL: Message - hexdump(len=1): 01
SSL: (where=0x1001 ret=0x1)
SSL: SSL_connect:SSLv3/TLS write change cipher spec
OpenSSL: TX ver=0x0 content_type=256 (TLS header info/)
OpenSSL: Message - hexdump(len=5): 16 03 03 00 28
OpenSSL: TX ver=0x303 content_type=22 (handshake/finished)
OpenSSL: Message - hexdump(len=16): 14 00 00 0c da c6 85 0e 80 96 ac ff 1d 11 f9 54
SSL: (where=0x1001 ret=0x1)
SSL: SSL_connect:SSLv3/TLS write finished
SSL: (where=0x1002 ret=0xffffffff)
SSL: SSL_connect:error in SSLv3/TLS write finished
SSL: SSL_connect - want more data
SSL: 2670 bytes pending from ssl_out
SSL: Using TLS version TLSv1.2
SSL: 2670 bytes left to be sent out (of total 2670 bytes)
SSL: sending 1398 bytes, more fragments will follow
EAP: method process -> ignore=FALSE methodState=MAY_CONT decision=FAIL eapRespData=0x3d3678
EAP: EAP entering state SEND_RESPONSE
EAP: EAP entering state IDLE
EAPOL: SUPP_BE entering state RESPONSE
EAPOL: txSuppRsp
WPA: eapol_test_eapol_send(type=0 len=1408)
TX EAP -> RADIUS - hexdump(len=1408): 02 bc 05 80 0d c0 00 00 0a 6e 16 03 03 08 de 0b 00 08 da 00 08 d7 00 03 d3 30 82 03 cf 30 82 02 b7 a0 03 02 01 02 02 01 02 30 0d 06 09 2a 86 48 86 f7 0d 01 01 0b 05 00 30 81 93 31 0b 30 09 06 03 55 04 06 13 02 46 52 31 0f 30 0d 06 03 55 04 08 0c 06 52 61 64 69 75 73 31 12 30 10 06 03 55 04 07 0c 09 53 6f 6d 65 77 68 65 72 65 31 15 30 13 06 03 55 04 0a 0c 0c 45 78 61 6d 70 6c 65 20 49 6e 63 2e 31 20 30 1e 06 09 2a 86 48 86 f7 0d 01 09 01 16 11 61 64 6d 69 6e 40 65 78 61 6d 70 6c 65 2e 6f 72 67 31 26 30 24 06 03 55 04 03 0c 1d 45 78 61 6d 70 6c 65 20 43 65 72 74 69 66 69 63 61 74 65 20 41 75 74 68 6f 72 69 74 79 30 1e 17 0d 32 34 30 32 32 31 30 32 35 35 32 35 5a 17 0d 32 34 30 34 32 31 30 32 35 35 32 35 5a 30 71 31 0b 30 09 06 03 55 04 06 13 02 46 52 31 0f 30 0d 06 03 55 04 08 0c 06 52 61 64 69 75 73 31 15 30 13 06 03 55 04 0a 0c 0c 45 78 61 6d 70 6c 65 20 49 6e 63 2e 31 19 30 17 06 03 55 04 03 0c 10 75 73 65 72 40 65 78 61 6d 70 6c 65 2e 6f 72 67 31 1f 30 1d 06 09 2a 86 48 86 f7 0d 01 09 01 16 10 75 73 65 72 40 65 78 61 6d 70 6c 65 2e 6f 72 67 30 82 01 22 30 0d 06 09 2a 86 48 86 f7 0d 01 01 01 05 00 03 82 01 0f 00 30 82 01 0a 02 82 01 01 00 ac 64 f9 52 38 ec f6 6d 2e 16 5e 9e 5b 33 10 ca 9d b0 b8 2d c7 98 21 6e 76 49 c9 e7 73 48 82 90 a6 fd 40 85 2f 7a 6f a8 50 7f a8 8a 81 33 e1 b6 51 75 40 17 ea 49 bb 27 d3 f7 55 ee c4 47 0b 82 4e 29 3e 7d e0 b0 6e 6c aa 88 55 99 3e 21 a1 5e 22 35 22 01 71 2d 04 87 82 25 39 0a 26 d5 44 b2 8f eb 4d e3 29 46 a7 83 de e5 01 d5 81 e4 2c ed bf fe 7f 57 70 df 52 f0 64 77 e9 8f ff 30 43 19 8e 08 28 76 99 99 89 6f 8e a1 d4 e6 5e 34 6f 04 67 30 b9 b3 a1 94 53 3c 9f c6 e7 71 3e ad 2a 11 ff 38 33 24 35 3f 76 ee 91 cf da 03 51 56 3d 4a 12 7d 05 0c 73 8b 88 f4 d0 38 27 b3 e8 09 3c 8d ff 67 cc 2d 1f ce 02 c1 d8 34 62 2b 42 5a 33 19 ae cd 30 4a 89 54 74 6b b2 28 59 f7 65 7c 72 29 04 3d e1 fc 31 c8 c9 ad 8a 1c 10 17 4a 71 88 99 aa 44 28 f7 3d 18 d3 8f 9f 17 3e ca 71 56 bd 67 02 03 01 00 01 a3 4f 30 4d 30 13 06 03 55 1d 25 04 0c 30 0a 06 08 2b 06 01 05 05 07 03 02 30 36 06 03 55 1d 1f 04 2f 30 2d 30 2b a0 29 a0 27 86 25 68 74 74 70 3a 2f 2f 77 77 77 2e 65 78 61 6d 70 6c 65 2e 63 6f 6d 2f 65 78 61 6d 70 6c 65 5f 63 61 2e 63 72 6c 30 0d 06 09 2a 86 48 86 f7 0d 01 01 0b 05 00 03 82 01 01 00 7f 6a 16 6b 0b 48 1b c5 b6 2f 4f e2 49 42 fe 84 16 f4 46 c3 f5 dd ea 61 2b e4 e9 91 ed 8f 00 c3 15 bc 58 ba c2 9a da 2b d6 c9 2f c1 a9 10 b3 fb 15 10 0c 2b 8f 3f 82 67 73 05 f2 69 45 46 26 8c a9 76 6c 07 67 af 42 a1 7d a8 5b 4a 1c c5 59 33 8e 7d c8 d4 e5 4b 93 7a 31 cf aa be 2e 9c 65 29 73 c7 02 3b b7 c1 49 a2 f5 54 ca 73 de b0 12 b4 55 03 44 34 aa cb 81 0e 11 4f a0 13 a7 d8 63 f3 3d 70 86 48 e7 88 ee 56 5c eb 83 04 c4 77 a7 e7 8d da 95 a6 1c b4 86 0c 48 51 b1 8a c6 b8 52 44 b8 3b 55 59 78 60 e9 94 42 c7 a1 28 4b 1d c7 95 fc 0e 5a 3f 63 56 2b 4c 9a 0e c6 2d 41 61 ad 1c e5 86 3b f3 71 14 1f e9 03 82 c6 41 3d 9d f7 88 77 d0 55 a0 dc cc d9 c3 1f 68 40 5f 07 a4 18 8d cf cc dd 11 13 bd 59 79 c7 f7 2c f1 2e 97 f7 63 47 28 92 c1 91 04 91 6e db e9 44 2f d8 c5 4a be 00 04 fe 30 82 04 fa 30 82 03 e2 a0 03 02 01 02 02 14 4a 1d ec 91 e0 85 7d 76 d6 5f 37 d6 dd aa b4 19 11 76 eb cb 30 0d 06 09 2a 86 48 86 f7 0d 01 01 0b 05 00 30 81 93 31 0b 30 09 06 03 55 04 06 13 02 46 52 31 0f 30 0d 06 03 55 04 08 0c 06 52 61 64 69 75 73 31 12 30 10 06 03 55 04 07 0c 09 53 6f 6d 65 77 68 65 72 65 31 15 30 13 06 03 55 04 0a 0c 0c 45 78 61 6d 70 6c 65 20 49 6e 63 2e 31 20 30 1e 06 09 2a 86 48 86 f7 0d 01 09 01 16 11 61 64 6d 69 6e 40 65 78 61 6d 70 6c 65 2e 6f 72 67 31 26 30 24 06 03 55 04 03 0c 1d 45 78 61 6d 70 6c 65 20 43 65 72 74 69 66 69 63 61 74 65 20 41 75 74 68 6f 72 69 74 79 30 1e 17 0d 32 34 30 32 32 31 30 32 35 35 32 35 5a 17 0d 32 34 30 34 32 31 30 32 35 35 32 35 5a 30 81 93 31 0b 30 09 06 03 55 04 06 13 02 46 52 31 0f 30 0d 06 03 55 04 08 0c 06 52 61 64 69 75 73 31 12 30 10 06 03 55 04 07 0c 09 53 6f 6d 65 77 68 65 72 65 31 15 30 13 06 03 55 04 0a 0c 0c 45 78 61 6d 70 6c 65 20 49 6e 63 2e 31 20 30 1e 06 09 2a 86 48 86 f7 0d 01 09 01 16 11 61 64 6d 69 6e 40 65 78 61 6d 70 6c 65 2e 6f 72 67 31 26 30 24 06 03 55 04 03 0c 1d 45 78 61 6d 70 6c 65 20 43 65 72 74 69 66 69 63 61 74 65 20 41 75 74 68 6f 72 69 74 79 30 82 01 22 30 0d 06 09 2a 86 48 86 f7 0d 01 01 01 05 00
Encapsulating EAP message into a RADIUS packet
  Copied RADIUS State Attribute
Sending RADIUS message to authentication server
RADIUS message: code=1 (Access-Request) identifier=4 length=1552
   Attribute 1 (User-Name) length=9
      Value: 'testing'
   Attribute 4 (NAS-IP-Address) length=6
      Value: 127.0.0.1
   Attribute 31 (Calling-Station-Id) length=19
      Value: '02-00-00-00-00-01'
   Attribute 12 (Framed-MTU) length=6
      Value: 1400
   Attribute 61 (NAS-Port-Type) length=6
      Value: 19
   Attribute 6 (Service-Type) length=6
      Value: 2
   Attribute 77 (Connect-Info) length=24
      Value: 'CONNECT 11Mbps 802.11b'
   Attribute 79 (EAP-Message) length=255
      Value: 02bc05800dc000000a6e16030308de0b0008da0008d70003d3308203cf308202b7a003020102020102300d06092a864886f70d01010b0500308193310b3009060355040613024652310f300d06035504080c065261646975733112301006035504070c09536f6d65776865726531153013060355040a0c0c4578616d706c6520496e632e3120301e06092a864886f70d010901161161646d696e406578616d706c652e6f72673126302406035504030c1d4578616d706c6520436572746966696361746520417574686f72697479301e170d3234303232313032353532355a170d3234303432313032353532355a3071310b3009060355040613024652
   Attribute 79 (EAP-Message) length=255
      Value: 310f300d06035504080c0652616469757331153013060355040a0c0c4578616d706c6520496e632e3119301706035504030c1075736572406578616d706c652e6f7267311f301d06092a864886f70d010901161075736572406578616d706c652e6f726730820122300d06092a864886f70d01010105000382010f003082010a0282010100ac64f95238ecf66d2e165e9e5b3310ca9db0b82dc798216e7649c9e773488290a6fd40852f7a6fa8507fa88a8133e1b651754017ea49bb27d3f755eec4470b824e293e7de0b06e6caa8855993e21a15e22352201712d04878225390a26d544b28feb4de32946a783dee501d581e42cedbffe7f5770df52f0
   Attribute 79 (EAP-Message) length=255
      Value: 6477e98fff3043198e0828769999896f8ea1d4e65e346f046730b9b3a194533c9fc6e7713ead2a11ff383324353f76ee91cfda0351563d4a127d050c738b88f4d03827b3e8093c8dff67cc2d1fce02c1d834622b425a3319aecd304a8954746bb22859f7657c7229043de1fc31c8c9ad8a1c10174a718899aa4428f73d18d38f9f173eca7156bd670203010001a34f304d30130603551d25040c300a06082b0601050507030230360603551d1f042f302d302ba029a0278625687474703a2f2f7777772e6578616d706c652e636f6d2f6578616d706c655f63612e63726c300d06092a864886f70d01010b050003820101007f6a166b0b481bc5b62f4f
   Attribute 79 (EAP-Message) length=255
      Value: e24942fe8416f446c3f5ddea612be4e991ed8f00c315bc58bac29ada2bd6c92fc1a910b3fb15100c2b8f3f82677305f2694546268ca9766c0767af42a17da85b4a1cc559338e7dc8d4e54b937a31cfaabe2e9c652973c7023bb7c149a2f554ca73deb012b455034434aacb810e114fa013a7d863f33d708648e788ee565ceb8304c477a7e78dda95a61cb4860c4851b18ac6b85244b83b55597860e99442c7a1284b1dc795fc0e5a3f63562b4c9a0ec62d4161ad1ce5863bf371141fe90382c6413d9df78877d055a0dcccd9c31f68405f07a4188dcfccdd1113bd5979c7f72cf12e97f763472892c19104916edbe9442fd8c54abe0004fe308204fa30
   Attribute 79 (EAP-Message) length=255
      Value: 8203e2a00302010202144a1dec91e0857d76d65f37d6ddaab4191176ebcb300d06092a864886f70d01010b0500308193310b3009060355040613024652310f300d06035504080c065261646975733112301006035504070c09536f6d65776865726531153013060355040a0c0c4578616d706c6520496e632e3120301e06092a864886f70d010901161161646d696e406578616d706c652e6f72673126302406035504030c1d4578616d706c6520436572746966696361746520417574686f72697479301e170d3234303232313032353532355a170d3234303432313032353532355a308193310b3009060355040613024652310f300d06035504080c
   Attribute 79 (EAP-Message) length=145
      Value: 065261646975733112301006035504070c09536f6d65776865726531153013060355040a0c0c4578616d706c6520496e632e3120301e06092a864886f70d010901161161646d696e406578616d706c652e6f72673126302406035504030c1d4578616d706c6520436572746966696361746520417574686f7269747930820122300d06092a864886f70d0101010500
   Attribute 24 (State) length=18
      Value: ca743fdec9c8324cf45abe976bc7a86c
   Attribute 80 (Message-Authenticator) length=18
      Value: ff71bfe0e834ff4f8eae377eb64a945a
Next RADIUS client retransmit in 3 seconds
EAPOL: SUPP_BE entering state RECEIVE
Received 64 bytes from RADIUS server
Received RADIUS message
RADIUS message: code=11 (Access-Challenge) identifier=4 length=64
   Attribute 79 (EAP-Message) length=8
      Value: 01bd00060d00
   Attribute 80 (Message-Authenticator) length=18
      Value: 409f7b64a905d206c9772289272d06c5
   Attribute 24 (State) length=18
      Value: ca743fdecec9324cf45abe976bc7a86c
STA 02:00:00:00:00:01: Received RADIUS packet matched with a pending request, round trip time 0.00 sec

RADIUS packet matching with station
decapsulated EAP packet (code=1 id=189 len=6) from RADIUS server: EAP-Request-TLS (13)
EAPOL: Received EAP-Packet frame
EAPOL: SUPP_BE entering state REQUEST
EAPOL: getSuppRsp
EAP: EAP entering state RECEIVED
EAP: Received EAP-Request id=189 method=13 vendor=0 vendorMethod=0
EAP: EAP entering state METHOD
SSL: Received packet(len=6) - Flags 0x00
SSL: 1272 bytes left to be sent out (of total 2670 bytes)
EAP: method process -> ignore=FALSE methodState=MAY_CONT decision=FAIL eapRespData=0x3d1d60
EAP: EAP entering state SEND_RESPONSE
EAP: EAP entering state IDLE
EAPOL: SUPP_BE entering state RESPONSE
EAPOL: txSuppRsp
WPA: eapol_test_eapol_send(type=0 len=1278)
TX EAP -> RADIUS - hexdump(len=1278): 02 bd 04 fe 0d 00 03 82 01 0f 00 30 82 01 0a 02 82 01 01 00 d7 ab 97 ba 11 f9 01 e2 bc be 70 3c 7b 5a 46 8f ea 2a 40 2b d2 7b 36 1c 81 59 26 d7 d1 f5 7f c3 3a 40 04 83 d8 0c 8a 3f bc eb 16 bc a8 25 98 1c da 2e c7 33 0b 40 78 00 f1 7d cf f7 76 18 b2 f6 a4 a7 a9 22 16 ef 2c a4 20 0e 5b e3 5a 17 a0 f2 a1 5b f8 b4 33 12 c6 62 90 72 9a ea b2 c5 ba 23 7e c9 4e 9a 1f 52 57 48 3e ee de 76 62 6d 67 7f 0d d9 1e e8 92 02 fc 8d ae 4e 3c 01 5f b9 8a 4f 07 50 aa 0e 7e d1 bd 5c 3a 6b 86 23 63 8d 87 6f 4d ab 25 69 0b e8 7e 09 6d 7e 88 75 29 07 2b d3 ee de a0 bf f0 65 fd 9b 79 91 4e 0e 7b 74 0f 23 6f 20 37 2b 3b 0a d1 e9 ac ec 52 b3 75 41 ce a0 af 33 72 9d ae 3e 4a 63 22 e8 6b 44 a1 59 c6 df 35 79 0b 0b 6a 26 fc 94 28 a8 f3 23 e3 51 98 64 8b 7b 50 93 50 f3 dd 72 92 9a b5 f2 97 0f 5d d4 ef 27 15 75 f3 66 5b 69 b5 bd 94 76 8b 84 78 3f 02 03 01 00 01 a3 82 01 42 30 82 01 3e 30 1d 06 03 55 1d 0e 04 16 04 14 01 57 1d 77 9e 50 f5 b5 91 d6 da d4 96 f8 9a c3 bc 91 cf 27 30 81 d3 06 03 55 1d 23 04 81 cb 30 81 c8 80 14 01 57 1d 77 9e 50 f5 b5 91 d6 da d4 96 f8 9a c3 bc 91 cf 27 a1 81 99 a4 81 96 30 81 93 31 0b 30 09 06 03 55 04 06 13 02 46 52 31 0f 30 0d 06 03 55 04 08 0c 06 52 61 64 69 75 73 31 12 30 10 06 03 55 04 07 0c 09 53 6f 6d 65 77 68 65 72 65 31 15 30 13 06 03 55 04 0a 0c 0c 45 78 61 6d 70 6c 65 20 49 6e 63 2e 31 20 30 1e 06 09 2a 86 48 86 f7 0d 01 09 01 16 11 61 64 6d 69 6e 40 65 78 61 6d 70 6c 65 2e 6f 72 67 31 26 30 24 06 03 55 04 03 0c 1d 45 78 61 6d 70 6c 65 20 43 65 72 74 69 66 69 63 61 74 65 20 41 75 74 68 6f 72 69 74 79 82 14 4a 1d ec 91 e0 85 7d 76 d6 5f 37 d6 dd aa b4 19 11 76 eb cb 30 0f 06 03 55 1d 13 01 01 ff 04 05 30 03 01 01 ff 30 36 06 03 55 1d 1f 04 2f 30 2d 30 2b a0 29 a0 27 86 25 68 74 74 70 3a 2f 2f 77 77 77 2e 65 78 61 6d 70 6c 65 2e 6f 72 67 2f 65 78 61 6d 70 6c 65 5f 63 61 2e 63 72 6c 30 0d 06 09 2a 86 48 86 f7 0d 01 01 0b 05 00 03 82 01 01 00 5a 51 d3 79 e5 b5 6b 81 6e 7a 7b d9 ea 45 4a 1a 68 62 30 c6 0c 53 f1 7c a7 0b 7f 71 6c 0c 0d a2 eb af ba ac f1 61 5d ac 12 1f 23 e4 b9 f8 3b 66 70 0c 2d bf 93 5a 16 e9 ad 93 6f b6 c6 08 f9 f1 2c bd 45 02 7e 08 89 e6 b5 9c 78 cc 47 f4 07 ea 36 e3 2b dd 38 ae 9a 5b f3 90 9b f6 8c 03 28 e3 be f6 77 fe c2 d9 87 31 b1 bd 09 45 68 32 b2 11 c8 65 74 12 1e 3f 2e 8d e7 56 02 b0 f5 eb 97 4f 3a 4d e2 6a 81 54 97 22 77 94 51 a9 47 d6 9b 5d c9 f7 b3 88 e2 19 74 d5 ed 35 18 b7 04 d9 51 a1 ed a7 30 1d 00 94 93 e3 fc 40 7e bb ae 92 4d f0 16 90 3a 69 ad c3 79 09 ec df 37 22 eb 1b 96 46 33 fc cd 6e ef d8 f9 4c cc e6 10 8c e3 e8 4b 1d 4d 6e 8a 25 7b 20 e0 ba bd c5 3c d8 b2 40 e9 ca 84 40 bd 97 7a 4d b8 11 81 41 64 a7 89 0a bb 48 d0 64 2a 83 d2 3a 90 1c 60 54 65 ff ee ea c2 41 16 03 03 00 46 10 00 00 42 41 04 ef 34 59 f4 24 ec 61 69 76 b1 e1 df b9 4e fa df 66 6d f2 01 26 26 d2 db 1c b2 40 08 e3 79 96 ab 18 09 10 c7 3d 42 e3 d7 1a 36 80 ac 28 48 5b a2 4a 25 98 eb 5a b6 4c e2 09 19 32 83 86 8e 34 0a 16 03 03 01 08 0f 00 01 04 08 04 01 00 9b 3f 12 86 18 67 71 5d 81 c0 70 f4 c9 e1 7a da 81 86 8f e0 bf a1 86 a5 72 ed 56 4b 41 33 e9 34 4a eb b1 04 80 5c 48 39 0e 4e 51 9e 3e 4e 4f 35 e9 7c 77 1b 3b 89 66 57 82 ee c3 38 86 63 5a 84 03 c5 eb 88 df ef 10 05 44 c7 3a 03 26 c0 76 0f 62 1b 93 61 d6 fa 6f a5 d9 0c a4 a0 21 9f 22 9b d1 b3 9c 1b 85 a5 58 7d 3c 17 d6 42 69 8a f8 a2 0c 57 fe c4 20 dc 1d db d6 74 59 bb 0f 67 3c 43 6e 98 7c 50 72 64 50 06 9c 4f d9 db c1 2d fb e2 f5 ce 24 23 63 29 ef d7 70 1d c5 1b a1 e2 a0 6a 56 dd f6 48 7d 8c bb 2a 4c d3 75 0b 8f af 4e c6 c1 10 14 8e da 35 e7 43 02 ba e7 2a 06 e9 1a bb ad 9d 88 2e a8 1a 26 a8 07 a1 dd 83 bd 1e f6 9c a4 18 7d 09 d6 e2 ab 8b ff d0 d5 49 a6 8a 88 02 e3 58 c1 36 36 f2 4f 9f e5 e9 db 93 63 e3 a8 12 b8 75 da f1 fd 19 9a 99 8d 77 80 d7 08 c7 c4 3b 14 03 03 00 01 01 16 03 03 00 28 80 3a 61 dc 8e b4 07 13 ca 3b 61 d7 4e 92 69 67 cc 0f 79 31 11 54 29 dc 6c d6 f8 e5 af 3a bd dd 58 80 ab 19 5a 77 d5 f8
Encapsulating EAP message into a RADIUS packet
  Copied RADIUS State Attribute
Sending RADIUS message to authentication server
RADIUS message: code=1 (Access-Request) identifier=5 length=1422
   Attribute 1 (User-Name) length=9
      Value: 'testing'
   Attribute 4 (NAS-IP-Address) length=6
      Value: 127.0.0.1
   Attribute 31 (Calling-Station-Id) length=19
      Value: '02-00-00-00-00-01'
   Attribute 12 (Framed-MTU) length=6
      Value: 1400
   Attribute 61 (NAS-Port-Type) length=6
      Value: 19
   Attribute 6 (Service-Type) length=6
      Value: 2
   Attribute 77 (Connect-Info) length=24
      Value: 'CONNECT 11Mbps 802.11b'
   Attribute 79 (EAP-Message) length=255
      Value: 02bd04fe0d000382010f003082010a0282010100d7ab97ba11f901e2bcbe703c7b5a468fea2a402bd27b361c815926d7d1f57fc33a400483d80c8a3fbceb16bca825981cda2ec7330b407800f17dcff77618b2f6a4a7a92216ef2ca4200e5be35a17a0f2a15bf8b43312c66290729aeab2c5ba237ec94e9a1f5257483eeede76626d677f0dd91ee89202fc8dae4e3c015fb98a4f0750aa0e7ed1bd5c3a6b8623638d876f4dab25690be87e096d7e887529072bd3eedea0bff065fd9b79914e0e7b740f236f20372b3b0ad1e9acec52b37541cea0af33729dae3e4a6322e86b44a159c6df35790b0b6a26fc9428a8f323e35198648b7b509350f3dd7292
   Attribute 79 (EAP-Message) length=255
      Value: 9ab5f2970f5dd4ef271575f3665b69b5bd94768b84783f0203010001a38201423082013e301d0603551d0e0416041401571d779e50f5b591d6dad496f89ac3bc91cf273081d30603551d230481cb3081c8801401571d779e50f5b591d6dad496f89ac3bc91cf27a18199a48196308193310b3009060355040613024652310f300d06035504080c065261646975733112301006035504070c09536f6d65776865726531153013060355040a0c0c4578616d706c6520496e632e3120301e06092a864886f70d010901161161646d696e406578616d706c652e6f72673126302406035504030c1d4578616d706c6520436572746966696361746520417574
   Attribute 79 (EAP-Message) length=255
      Value: 686f7269747982144a1dec91e0857d76d65f37d6ddaab4191176ebcb300f0603551d130101ff040530030101ff30360603551d1f042f302d302ba029a0278625687474703a2f2f7777772e6578616d706c652e6f72672f6578616d706c655f63612e63726c300d06092a864886f70d01010b050003820101005a51d379e5b56b816e7a7bd9ea454a1a686230c60c53f17ca70b7f716c0c0da2ebafbaacf1615dac121f23e4b9f83b66700c2dbf935a16e9ad936fb6c608f9f12cbd45027e0889e6b59c78cc47f407ea36e32bdd38ae9a5bf3909bf68c0328e3bef677fec2d98731b1bd09456832b211c86574121e3f2e8de75602b0f5eb974f3a4de26a
   Attribute 79 (EAP-Message) length=255
      Value: 81549722779451a947d69b5dc9f7b388e21974d5ed3518b704d951a1eda7301d009493e3fc407ebbae924df016903a69adc37909ecdf3722eb1b964633fccd6eefd8f94ccce6108ce3e84b1d4d6e8a257b20e0babdc53cd8b240e9ca8440bd977a4db811814164a7890abb48d0642a83d23a901c605465ffeeeac2411603030046100000424104ef3459f424ec616976b1e1dfb94efadf666df2012626d2db1cb24008e37996ab180910c73d42e3d71a3680ac28485ba24a2598eb5ab64ce209193283868e340a16030301080f000104080401009b3f12861867715d81c070f4c9e17ada81868fe0bfa186a572ed564b4133e9344aebb104805c48390e
   Attribute 79 (EAP-Message) length=255
      Value: 4e519e3e4e4f35e97c771b3b89665782eec33886635a8403c5eb88dfef100544c73a0326c0760f621b9361d6fa6fa5d90ca4a0219f229bd1b39c1b85a5587d3c17d642698af8a20c57fec420dc1ddbd67459bb0f673c436e987c50726450069c4fd9dbc12dfbe2f5ce24236329efd7701dc51ba1e2a06a56ddf6487d8cbb2a4cd3750b8faf4ec6c110148eda35e74302bae72a06e91abbad9d882ea81a26a807a1dd83bd1ef69ca4187d09d6e2ab8bffd0d549a68a8802e358c13636f24f9fe5e9db9363e3a812b875daf1fd199a998d7780d708c7c43b1403030001011603030028803a61dc8eb40713ca3b61d74e926967cc0f7931115429dc6cd6f8
   Attribute 79 (EAP-Message) length=15
      Value: e5af3abddd5880ab195a77d5f8
   Attribute 24 (State) length=18
      Value: ca743fdecec9324cf45abe976bc7a86c
   Attribute 80 (Message-Authenticator) length=18
      Value: 9550604ba66918b74a4350dd39366fd0
Next RADIUS client retransmit in 3 seconds
EAPOL: SUPP_BE entering state RECEIVE
Received 119 bytes from RADIUS server
Received RADIUS message
RADIUS message: code=11 (Access-Challenge) identifier=5 length=119
   Attribute 79 (EAP-Message) length=63
      Value: 01be003d0d8000000033140303000101160303002880cd716166856fe585cab22c42aff0c7ca8f071830f82ae92b122a9b03b14f6a36a1c4c2f0e430d1
   Attribute 80 (Message-Authenticator) length=18
      Value: 75228fd1189fbb3f55e1676af77dd5f6
   Attribute 24 (State) length=18
      Value: ca743fdecfca324cf45abe976bc7a86c
STA 02:00:00:00:00:01: Received RADIUS packet matched with a pending request, round trip time 0.00 sec

RADIUS packet matching with station
decapsulated EAP packet (code=1 id=190 len=61) from RADIUS server: EAP-Request-TLS (13)
EAPOL: Received EAP-Packet frame
EAPOL: SUPP_BE entering state REQUEST
EAPOL: getSuppRsp
EAP: EAP entering state RECEIVED
EAP: Received EAP-Request id=190 method=13 vendor=0 vendorMethod=0
EAP: EAP entering state METHOD
SSL: Received packet(len=61) - Flags 0x80
SSL: TLS Message Length: 51
OpenSSL: RX ver=0x0 content_type=256 (TLS header info/)
OpenSSL: Message - hexdump(len=5): 14 03 03 00 01
SSL: (where=0x1001 ret=0x1)
SSL: SSL_connect:SSLv3/TLS write finished
OpenSSL: RX ver=0x0 content_type=256 (TLS header info/)
OpenSSL: Message - hexdump(len=5): 16 03 03 00 28
SSL: (where=0x1001 ret=0x1)
SSL: SSL_connect:SSLv3/TLS read change cipher spec
OpenSSL: RX ver=0x303 content_type=22 (handshake/finished)
OpenSSL: Message - hexdump(len=16): 14 00 00 0c a6 ff d3 4d c8 ca 27 b4 ad 4f 29 9d
SSL: (where=0x1001 ret=0x1)
SSL: SSL_connect:SSLv3/TLS read finished
SSL: (where=0x20 ret=0x1)
SSL: (where=0x1002 ret=0x1)
SSL: 0 bytes pending from ssl_out
OpenSSL: Handshake finished - resumed=0
SSL: No Application Data included
SSL: Using TLS version TLSv1.2
SSL: No data to be sent out
EAP-TLS: Done
EAP-TLS: Derived key - hexdump(len=64): 74 a9 50 8a 03 34 27 02 c6 f9 68 76 95 f0 a4 e8 21 8a 92 df 7e 7b c6 48 9e c0 c4 17 db 1b c6 6c 95 42 77 4f 05 f8 bf 76 77 40 2b 61 90 dd 64 36 0e 5f 4c 22 be d7 38 51 50 c4 a7 7a 44 1f 34 03
EAP-TLS: Derived EMSK - hexdump(len=64): bb ea 99 21 dc 07 cd 67 fb 5e e1 32 5f c4 a1 ab 6b c1 5a 4d a8 28 18 69 27 97 03 ff 0d 92 99 0e 06 39 d3 48 bb 8f dd 44 06 af f9 ff 2f 7b 67 d6 c2 b4 d9 a1 c7 da 86 c9 17 cf 4a 28 85 47 a0 9c
EAP-TLS: Derived Session-Id - hexdump(len=65): 0d c6 43 d6 4f b9 ff ad 62 a8 01 30 eb 50 67 7a 7b 04 20 b3 f7 f0 82 7e 7f 18 f9 2e e9 02 87 39 48 62 04 45 0d 5f 0e be 6e 69 83 c0 30 c4 cf 1b 5a 3a 5f c2 8d b4 c4 66 b1 43 91 dc 32 9d 9c 45 d1
SSL: Building ACK (type=13 id=190 ver=0)
EAP: method process -> ignore=FALSE methodState=DONE decision=UNCOND_SUCC eapRespData=0x3baf08
EAP: Session-Id - hexdump(len=65): 0d c6 43 d6 4f b9 ff ad 62 a8 01 30 eb 50 67 7a 7b 04 20 b3 f7 f0 82 7e 7f 18 f9 2e e9 02 87 39 48 62 04 45 0d 5f 0e be 6e 69 83 c0 30 c4 cf 1b 5a 3a 5f c2 8d b4 c4 66 b1 43 91 dc 32 9d 9c 45 d1
EAP: EAP entering state SEND_RESPONSE
EAP: EAP entering state IDLE
EAPOL: SUPP_BE entering state RESPONSE
EAPOL: txSuppRsp
WPA: eapol_test_eapol_send(type=0 len=6)
TX EAP -> RADIUS - hexdump(len=6): 02 be 00 06 0d 00
Encapsulating EAP message into a RADIUS packet
  Copied RADIUS State Attribute
Sending RADIUS message to authentication server
RADIUS message: code=1 (Access-Request) identifier=6 length=140
   Attribute 1 (User-Name) length=9
      Value: 'testing'
   Attribute 4 (NAS-IP-Address) length=6
      Value: 127.0.0.1
   Attribute 31 (Calling-Station-Id) length=19
      Value: '02-00-00-00-00-01'
   Attribute 12 (Framed-MTU) length=6
      Value: 1400
   Attribute 61 (NAS-Port-Type) length=6
      Value: 19
   Attribute 6 (Service-Type) length=6
      Value: 2
   Attribute 77 (Connect-Info) length=24
      Value: 'CONNECT 11Mbps 802.11b'
   Attribute 79 (EAP-Message) length=8
      Value: 02be00060d00
   Attribute 24 (State) length=18
      Value: ca743fdecfca324cf45abe976bc7a86c
   Attribute 80 (Message-Authenticator) length=18
      Value: 1f83f01938806ca447ca42b6c9fa7e7a
Next RADIUS client retransmit in 3 seconds
EAPOL: SUPP_BE entering state RECEIVE
Received 169 bytes from RADIUS server
Received RADIUS message
RADIUS message: code=2 (Access-Accept) identifier=6 length=169
   Attribute 26 (Vendor-Specific) length=58
      Value: 000001371134a6b47cbc9fa846d2a61b63381681f9881fe9b08cd0895719dc95c43b34cbe45e1ab5610c9e8be1bce9cc705518749322b095
   Attribute 26 (Vendor-Specific) length=58
      Value: 000001371034ac686a0dca24879fefc56c0ffe01a8f7560699698f1109daf273634780bbf4c0684f7b69375678d3704ee0d3796b1f08707f
   Attribute 79 (EAP-Message) length=6
      Value: 03be0004
   Attribute 80 (Message-Authenticator) length=18
      Value: bf684e6efb53590f2326199973d75e5c
   Attribute 1 (User-Name) length=9
      Value: 'testing'
STA 02:00:00:00:00:01: Received RADIUS packet matched with a pending request, round trip time 0.01 sec

RADIUS packet matching with station
MS-MPPE-Send-Key (sign) - hexdump(len=32): 95 42 77 4f 05 f8 bf 76 77 40 2b 61 90 dd 64 36 0e 5f 4c 22 be d7 38 51 50 c4 a7 7a 44 1f 34 03
MS-MPPE-Recv-Key (crypt) - hexdump(len=32): 74 a9 50 8a 03 34 27 02 c6 f9 68 76 95 f0 a4 e8 21 8a 92 df 7e 7b c6 48 9e c0 c4 17 db 1b c6 6c
decapsulated EAP packet (code=3 id=190 len=4) from RADIUS server: EAP Success
EAPOL: Received EAP-Packet frame
EAPOL: SUPP_BE entering state REQUEST
EAPOL: getSuppRsp
EAP: EAP entering state RECEIVED
EAP: Received EAP-Success
EAP: Status notification: completion (param=success)
EAP: EAP entering state SUCCESS
CTRL-EVENT-EAP-SUCCESS EAP authentication completed successfully
EAPOL: IEEE 802.1X for plaintext connection; no EAPOL-Key frames required
WPA: EAPOL processing complete
Cancelling authentication timeout
State: DISCONNECTED -> COMPLETED
EAPOL: SUPP_PAE entering state AUTHENTICATED
EAPOL: SUPP_BE entering state RECEIVE
EAPOL: SUPP_BE entering state SUCCESS
EAPOL: SUPP_BE entering state IDLE
eapol_sm_cb: result=1
EAPOL: Successfully fetched key (len=32)
PMK from EAPOL - hexdump(len=32): 74 a9 50 8a 03 34 27 02 c6 f9 68 76 95 f0 a4 e8 21 8a 92 df 7e 7b c6 48 9e c0 c4 17 db 1b c6 6c
No EAP-Key-Name received from server





eapol_test: Triggering EAP reauthentication

Sending fake EAP-Request-Identity
EAPOL: Received EAP-Packet frame
EAPOL: SUPP_PAE entering state RESTART
EAP: EAP entering state INITIALIZE
EAP: maintaining EAP method data for fast reauthentication
EAP: EAP entering state IDLE
EAPOL: SUPP_PAE entering state AUTHENTICATING
EAPOL: SUPP_BE entering state REQUEST
EAPOL: getSuppRsp
EAP: EAP entering state RECEIVED
EAP: Received EAP-Request id=134 method=1 vendor=0 vendorMethod=0
EAP: EAP entering state IDENTITY
CTRL-EVENT-EAP-STARTED EAP authentication started
EAP: Status notification: started (param=)
EAP: EAP-Request Identity data - hexdump_ascii(len=0):
EAP: using real identity - hexdump_ascii(len=7):
     74 65 73 74 69 6e 67                              testing
EAP: EAP entering state SEND_RESPONSE
EAP: EAP entering state IDLE
EAPOL: SUPP_BE entering state RESPONSE
EAPOL: txSuppRsp
WPA: eapol_test_eapol_send(type=0 len=12)
TX EAP -> RADIUS - hexdump(len=12): 02 86 00 0c 01 74 65 73 74 69 6e 67
Encapsulating EAP message into a RADIUS packet
Learned identity from EAP-Response-Identity - hexdump(len=7): 74 65 73 74 69 6e 67
Sending RADIUS message to authentication server
RADIUS message: code=1 (Access-Request) identifier=7 length=128
   Attribute 1 (User-Name) length=9
      Value: 'testing'
   Attribute 4 (NAS-IP-Address) length=6
      Value: 127.0.0.1
   Attribute 31 (Calling-Station-Id) length=19
      Value: '02-00-00-00-00-01'
   Attribute 12 (Framed-MTU) length=6
      Value: 1400
   Attribute 61 (NAS-Port-Type) length=6
      Value: 19
   Attribute 6 (Service-Type) length=6
      Value: 2
   Attribute 77 (Connect-Info) length=24
      Value: 'CONNECT 11Mbps 802.11b'
   Attribute 79 (EAP-Message) length=14
      Value: 0286000c0174657374696e67
   Attribute 80 (Message-Authenticator) length=18
      Value: 7c05335773ffe6708e2a049d2cddb44a
Next RADIUS client retransmit in 3 seconds
EAPOL: SUPP_BE entering state RECEIVE
Received 64 bytes from RADIUS server
Received RADIUS message
RADIUS message: code=11 (Access-Challenge) identifier=7 length=64
   Attribute 79 (EAP-Message) length=8
      Value: 018700060d20
   Attribute 80 (Message-Authenticator) length=18
      Value: 09f844d18cedab059e1f882fee791c3d
   Attribute 24 (State) length=18
      Value: c3766526c3f1680cfcfe39c092ffd9b8
STA 02:00:00:00:00:01: Received RADIUS packet matched with a pending request, round trip time 0.00 sec

RADIUS packet matching with station
decapsulated EAP packet (code=1 id=135 len=6) from RADIUS server: EAP-Request-TLS (13)
EAPOL: Received EAP-Packet frame
EAPOL: SUPP_BE entering state REQUEST
EAPOL: getSuppRsp
EAP: EAP entering state RECEIVED
EAP: Received EAP-Request id=135 method=13 vendor=0 vendorMethod=0
EAP: EAP entering state GET_METHOD
CTRL-EVENT-EAP-PROPOSED-METHOD vendor=0 method=13
EAP: Status notification: accept proposed method (param=TLS)
EAP: Using previous method data for fast re-authentication
EAP: Initialize selected EAP method: vendor 0 method 13 (TLS)
CTRL-EVENT-EAP-METHOD EAP vendor 0 method 13 (TLS) selected
EAP: EAP entering state METHOD
SSL: Received packet(len=6) - Flags 0x20
EAP-TLS: Start
SSL: (where=0x10 ret=0x1)
SSL: (where=0x1001 ret=0x1)
SSL: SSL_connect:before SSL initialization
OpenSSL: TX ver=0x0 content_type=256 (TLS header info/)
OpenSSL: Message - hexdump(len=5): 16 03 01 00 b9
OpenSSL: TX ver=0x303 content_type=22 (handshake/client hello)
OpenSSL: Message - hexdump(len=185): 01 00 00 b5 03 03 1d bc 83 68 a3 72 fe a4 9b fe 33 e1 3c ce 1d 56 f5 50 ae 62 f9 c6 54 ed 13 04 08 b8 37 0f b7 f3 00 00 38 c0 2c c0 30 00 9f cc a9 cc a8 cc aa c0 2b c0 2f 00 9e c0 24 c0 28 00 6b c0 23 c0 27 00 67 c0 0a c0 14 00 39 c0 09 c0 13 00 33 00 9d 00 9c 00 3d 00 3c 00 35 00 2f 00 ff 01 00 00 54 00 0b 00 04 03 00 01 02 00 0a 00 0c 00 0a 00 1d 00 17 00 1e 00 19 00 18 00 16 00 00 00 17 00 00 00 0d 00 30 00 2e 04 03 05 03 06 03 08 07 08 08 08 09 08 0a 08 0b 08 04 08 05 08 06 04 01 05 01 06 01 03 03 02 03 03 01 02 01 03 02 02 02 04 02 05 02 06 02
SSL: (where=0x1001 ret=0x1)
SSL: SSL_connect:SSLv3/TLS write client hello
SSL: (where=0x1002 ret=0xffffffff)
SSL: SSL_connect:error in SSLv3/TLS write client hello
SSL: SSL_connect - want more data
SSL: 190 bytes pending from ssl_out
SSL: Using TLS version TLSv1.2
SSL: 190 bytes left to be sent out (of total 190 bytes)
EAP: method process -> ignore=FALSE methodState=MAY_CONT decision=FAIL eapRespData=0x3d5d38
EAP: EAP entering state SEND_RESPONSE
EAP: EAP entering state IDLE
EAPOL: SUPP_BE entering state RESPONSE
EAPOL: txSuppRsp
WPA: eapol_test_eapol_send(type=0 len=196)
TX EAP -> RADIUS - hexdump(len=196): 02 87 00 c4 0d 00 16 03 01 00 b9 01 00 00 b5 03 03 1d bc 83 68 a3 72 fe a4 9b fe 33 e1 3c ce 1d 56 f5 50 ae 62 f9 c6 54 ed 13 04 08 b8 37 0f b7 f3 00 00 38 c0 2c c0 30 00 9f cc a9 cc a8 cc aa c0 2b c0 2f 00 9e c0 24 c0 28 00 6b c0 23 c0 27 00 67 c0 0a c0 14 00 39 c0 09 c0 13 00 33 00 9d 00 9c 00 3d 00 3c 00 35 00 2f 00 ff 01 00 00 54 00 0b 00 04 03 00 01 02 00 0a 00 0c 00 0a 00 1d 00 17 00 1e 00 19 00 18 00 16 00 00 00 17 00 00 00 0d 00 30 00 2e 04 03 05 03 06 03 08 07 08 08 08 09 08 0a 08 0b 08 04 08 05 08 06 04 01 05 01 06 01 03 03 02 03 03 01 02 01 03 02 02 02 04 02 05 02 06 02
Encapsulating EAP message into a RADIUS packet
  Copied RADIUS State Attribute
Sending RADIUS message to authentication server
RADIUS message: code=1 (Access-Request) identifier=8 length=330
   Attribute 1 (User-Name) length=9
      Value: 'testing'
   Attribute 4 (NAS-IP-Address) length=6
      Value: 127.0.0.1
   Attribute 31 (Calling-Station-Id) length=19
      Value: '02-00-00-00-00-01'
   Attribute 12 (Framed-MTU) length=6
      Value: 1400
   Attribute 61 (NAS-Port-Type) length=6
      Value: 19
   Attribute 6 (Service-Type) length=6
      Value: 2
   Attribute 77 (Connect-Info) length=24
      Value: 'CONNECT 11Mbps 802.11b'
   Attribute 79 (EAP-Message) length=198
      Value: 028700c40d0016030100b9010000b503031dbc8368a372fea49bfe33e13cce1d56f550ae62f9c654ed130408b8370fb7f3000038c02cc030009fcca9cca8ccaac02bc02f009ec024c028006bc023c0270067c00ac0140039c009c0130033009d009c003d003c0035002f00ff01000054000b000403000102000a000c000a001d0017001e001900180016000000170000000d0030002e040305030603080708080809080a080b080408050806040105010601030302030301020103020202040205020602
   Attribute 24 (State) length=18
      Value: c3766526c3f1680cfcfe39c092ffd9b8
   Attribute 80 (Message-Authenticator) length=18
      Value: 79b8f37e7aee6496068bcbdb99b671fb
Next RADIUS client retransmit in 3 seconds
EAPOL: SUPP_BE entering state RECEIVE
Received 1068 bytes from RADIUS server
Received RADIUS message
RADIUS message: code=11 (Access-Challenge) identifier=8 length=1068
   Attribute 79 (EAP-Message) length=255
      Value: 018803ec0dc000000b5c160303003d0200003903033dc475556230a3bc1589f3317ffb723f8453f53968bad139085a3afab3dcd54300c030000011ff01000100000b0004030001020017000016030308e90b0008e50008e20003de308203da308202c2a003020102020101300d06092a864886f70d01010b0500308193310b3009060355040613024652310f300d06035504080c065261646975733112301006035504070c09536f6d65776865726531153013060355040a0c0c4578616d706c6520496e632e3120301e06092a864886f70d010901161161646d696e406578616d706c652e6f72673126302406035504030c1d4578616d706c65204365
   Attribute 79 (EAP-Message) length=255
      Value: 72746966696361746520417574686f72697479301e170d3234303232313032353532355a170d3234303432313032353532355a307c310b3009060355040613024652310f300d06035504080c0652616469757331153013060355040a0c0c4578616d706c6520496e632e3123302106035504030c1a4578616d706c65205365727665722043657274696669636174653120301e06092a864886f70d010901161161646d696e406578616d706c652e6f726730820122300d06092a864886f70d01010105000382010f003082010a0282010100d1c0abffd46f4b5369d6d00416364ab0adef9cb6e6650d29521299d8ad893bf218f0934d0b97018b2dca90
   Attribute 79 (EAP-Message) length=255
      Value: 3b2bc3dc35144dbebe52e72021d263a2138231492ba3a6aadf640bcdabc40433c22d6d53ce4fb384c2576cc9326dae0befaaad84207485b03751401051d13e1e175a15926d4bd9ddabdc4bc327fd88eba4b01d6e4e61c54b3a36b8c3150d6b44699045e265040c85d67f181bd51e236f437e03b0755418b6d7c570f22c5216defb52dc25e1dbd6438f262dfa04f673f1fd325abad4e9d05cd1aa66258a27d5d174e6c2d4c3ecd756b1c9d2806c8fd7998d765e3bc8091101fba7ccadbb33f92560d6fba647c303d21366450adfd6c296d829c693870203010001a34f304d30130603551d25040c300a06082b0601050507030130360603551d1f042f30
   Attribute 79 (EAP-Message) length=247
      Value: 2d302ba029a0278625687474703a2f2f7777772e6578616d706c652e636f6d2f6578616d706c655f63612e63726c300d06092a864886f70d01010b05000382010100bd49899734116830715ab1b59f5748c02d47b925228a7c180cba3966d09c61d906ee2cc792065be7f44ea25da7837bd142d3b280178fbce6eda7abd9031f01f0cbbf17607d4543f9c649656f331584f56273933afd58fd4de6c40b9dff9dc2c4b7bcf09a713fcdf81a07ad00a73d099cbef6f1e81474d5fda07a975248861de4116171a7db5360e650bee856f75c838d51ae3bb1841f05e9f39166ff132a23e81cff02855b53cf09f7d54070be0c5107f64ab5
   Attribute 80 (Message-Authenticator) length=18
      Value: ba9bdd44acc5f781047b8bd39005b0ed
   Attribute 24 (State) length=18
      Value: c3766526c2fe680cfcfe39c092ffd9b8
STA 02:00:00:00:00:01: Received RADIUS packet matched with a pending request, round trip time 0.00 sec

RADIUS packet matching with station
decapsulated EAP packet (code=1 id=136 len=1004) from RADIUS server: EAP-Request-TLS (13)
EAPOL: Received EAP-Packet frame
EAPOL: SUPP_BE entering state REQUEST
EAPOL: getSuppRsp
EAP: EAP entering state RECEIVED
EAP: Received EAP-Request id=136 method=13 vendor=0 vendorMethod=0
EAP: EAP entering state METHOD
SSL: Received packet(len=1004) - Flags 0xc0
SSL: TLS Message Length: 2908
SSL: Need 1914 bytes more input data
SSL: Building ACK (type=13 id=136 ver=0)
EAP: method process -> ignore=FALSE methodState=MAY_CONT decision=FAIL eapRespData=0x3baf08
EAP: EAP entering state SEND_RESPONSE
EAP: EAP entering state IDLE
EAPOL: SUPP_BE entering state RESPONSE
EAPOL: txSuppRsp
WPA: eapol_test_eapol_send(type=0 len=6)
TX EAP -> RADIUS - hexdump(len=6): 02 88 00 06 0d 00
Encapsulating EAP message into a RADIUS packet
  Copied RADIUS State Attribute
Sending RADIUS message to authentication server
RADIUS message: code=1 (Access-Request) identifier=9 length=140
   Attribute 1 (User-Name) length=9
      Value: 'testing'
   Attribute 4 (NAS-IP-Address) length=6
      Value: 127.0.0.1
   Attribute 31 (Calling-Station-Id) length=19
      Value: '02-00-00-00-00-01'
   Attribute 12 (Framed-MTU) length=6
      Value: 1400
   Attribute 61 (NAS-Port-Type) length=6
      Value: 19
   Attribute 6 (Service-Type) length=6
      Value: 2
   Attribute 77 (Connect-Info) length=24
      Value: 'CONNECT 11Mbps 802.11b'
   Attribute 79 (EAP-Message) length=8
      Value: 028800060d00
   Attribute 24 (State) length=18
      Value: c3766526c2fe680cfcfe39c092ffd9b8
   Attribute 80 (Message-Authenticator) length=18
      Value: f0bd54e84a9c38b83bb611121571fe1f
Next RADIUS client retransmit in 3 seconds
EAPOL: SUPP_BE entering state RECEIVE
Received 1068 bytes from RADIUS server
Received RADIUS message
RADIUS message: code=11 (Access-Challenge) identifier=9 length=1068
   Attribute 79 (EAP-Message) length=255
      Value: 018903ec0dc000000b5cd38235a4811c3f2e4cc129e388ad6f6c6237386b5f4d7ecc8d193c2465dfe051194474b53e1ac364e4b8fdcb527d6de8ca809cbfd5eb53a47785e62eaa3f7bafbeff699f9e631a78efbd38d6270004fe308204fa308203e2a00302010202144a1dec91e0857d76d65f37d6ddaab4191176ebcb300d06092a864886f70d01010b0500308193310b3009060355040613024652310f300d06035504080c065261646975733112301006035504070c09536f6d65776865726531153013060355040a0c0c4578616d706c6520496e632e3120301e06092a864886f70d010901161161646d696e406578616d706c652e6f7267312630
   Attribute 79 (EAP-Message) length=255
      Value: 2406035504030c1d4578616d706c6520436572746966696361746520417574686f72697479301e170d3234303232313032353532355a170d3234303432313032353532355a308193310b3009060355040613024652310f300d06035504080c065261646975733112301006035504070c09536f6d65776865726531153013060355040a0c0c4578616d706c6520496e632e3120301e06092a864886f70d010901161161646d696e406578616d706c652e6f72673126302406035504030c1d4578616d706c6520436572746966696361746520417574686f7269747930820122300d06092a864886f70d01010105000382010f003082010a0282010100d7
   Attribute 79 (EAP-Message) length=255
      Value: ab97ba11f901e2bcbe703c7b5a468fea2a402bd27b361c815926d7d1f57fc33a400483d80c8a3fbceb16bca825981cda2ec7330b407800f17dcff77618b2f6a4a7a92216ef2ca4200e5be35a17a0f2a15bf8b43312c66290729aeab2c5ba237ec94e9a1f5257483eeede76626d677f0dd91ee89202fc8dae4e3c015fb98a4f0750aa0e7ed1bd5c3a6b8623638d876f4dab25690be87e096d7e887529072bd3eedea0bff065fd9b79914e0e7b740f236f20372b3b0ad1e9acec52b37541cea0af33729dae3e4a6322e86b44a159c6df35790b0b6a26fc9428a8f323e35198648b7b509350f3dd72929ab5f2970f5dd4ef271575f3665b69b5bd94768b84
   Attribute 79 (EAP-Message) length=247
      Value: 783f0203010001a38201423082013e301d0603551d0e0416041401571d779e50f5b591d6dad496f89ac3bc91cf273081d30603551d230481cb3081c8801401571d779e50f5b591d6dad496f89ac3bc91cf27a18199a48196308193310b3009060355040613024652310f300d06035504080c065261646975733112301006035504070c09536f6d65776865726531153013060355040a0c0c4578616d706c6520496e632e3120301e06092a864886f70d010901161161646d696e406578616d706c652e6f72673126302406035504030c1d4578616d706c6520436572746966696361746520417574686f7269747982144a1dec91e0
   Attribute 80 (Message-Authenticator) length=18
      Value: e97f8eda5912a3943555c8db64c874e7
   Attribute 24 (State) length=18
      Value: c3766526c1ff680cfcfe39c092ffd9b8
STA 02:00:00:00:00:01: Received RADIUS packet matched with a pending request, round trip time 0.00 sec

RADIUS packet matching with station
decapsulated EAP packet (code=1 id=137 len=1004) from RADIUS server: EAP-Request-TLS (13)
EAPOL: Received EAP-Packet frame
EAPOL: SUPP_BE entering state REQUEST
EAPOL: getSuppRsp
EAP: EAP entering state RECEIVED
EAP: Received EAP-Request id=137 method=13 vendor=0 vendorMethod=0
EAP: EAP entering state METHOD
SSL: Received packet(len=1004) - Flags 0xc0
SSL: TLS Message Length: 2908
SSL: Need 920 bytes more input data
SSL: Building ACK (type=13 id=137 ver=0)
EAP: method process -> ignore=FALSE methodState=MAY_CONT decision=FAIL eapRespData=0x3d0f78
EAP: EAP entering state SEND_RESPONSE
EAP: EAP entering state IDLE
EAPOL: SUPP_BE entering state RESPONSE
EAPOL: txSuppRsp
WPA: eapol_test_eapol_send(type=0 len=6)
TX EAP -> RADIUS - hexdump(len=6): 02 89 00 06 0d 00
Encapsulating EAP message into a RADIUS packet
  Copied RADIUS State Attribute
Sending RADIUS message to authentication server
RADIUS message: code=1 (Access-Request) identifier=10 length=140
   Attribute 1 (User-Name) length=9
      Value: 'testing'
   Attribute 4 (NAS-IP-Address) length=6
      Value: 127.0.0.1
   Attribute 31 (Calling-Station-Id) length=19
      Value: '02-00-00-00-00-01'
   Attribute 12 (Framed-MTU) length=6
      Value: 1400
   Attribute 61 (NAS-Port-Type) length=6
      Value: 19
   Attribute 6 (Service-Type) length=6
      Value: 2
   Attribute 77 (Connect-Info) length=24
      Value: 'CONNECT 11Mbps 802.11b'
   Attribute 79 (EAP-Message) length=8
      Value: 028900060d00
   Attribute 24 (State) length=18
      Value: c3766526c1ff680cfcfe39c092ffd9b8
   Attribute 80 (Message-Authenticator) length=18
      Value: 36abb31eaa28f8db58a950da6ab7a500
Next RADIUS client retransmit in 3 seconds
EAPOL: SUPP_BE entering state RECEIVE
Received 994 bytes from RADIUS server
Received RADIUS message
RADIUS message: code=11 (Access-Challenge) identifier=10 length=994
   Attribute 79 (EAP-Message) length=255
      Value: 018a03a20d8000000b5c857d76d65f37d6ddaab4191176ebcb300f0603551d130101ff040530030101ff30360603551d1f042f302d302ba029a0278625687474703a2f2f7777772e6578616d706c652e6f72672f6578616d706c655f63612e63726c300d06092a864886f70d01010b050003820101005a51d379e5b56b816e7a7bd9ea454a1a686230c60c53f17ca70b7f716c0c0da2ebafbaacf1615dac121f23e4b9f83b66700c2dbf935a16e9ad936fb6c608f9f12cbd45027e0889e6b59c78cc47f407ea36e32bdd38ae9a5bf3909bf68c0328e3bef677fec2d98731b1bd09456832b211c86574121e3f2e8de75602b0f5eb974f3a4de26a815497
   Attribute 79 (EAP-Message) length=255
      Value: 22779451a947d69b5dc9f7b388e21974d5ed3518b704d951a1eda7301d009493e3fc407ebbae924df016903a69adc37909ecdf3722eb1b964633fccd6eefd8f94ccce6108ce3e84b1d4d6e8a257b20e0babdc53cd8b240e9ca8440bd977a4db811814164a7890abb48d0642a83d23a901c605465ffeeeac241160303014d0c00014903001741040c25822372c56e62ecf35dd2d92fd84f1bf35fb7886f0d011cbc8190f7cab8fc9ba3d913a809fae867f5501d818c6e3b2a7e37c4f4cee3b5640990c57a3f5cf608040100a30c437cbb0c0b9de4727b5bb90b8f508a0c3053e89f059e61069f1351747df5f1a91b28198c7a2cf9a0fab99930ec90e7e7
   Attribute 79 (EAP-Message) length=255
      Value: 222c6448a59abbe15378ed750ea82f01ae7eff0674790084692b939241dbc34c4e1756c88677d66e46c749c712d3f4527d281c6e743e549940a97a845fdb2b3e0d49406dab4c46d4fe6b18a9c5ab7f59c2b2b9c2171c1144ea0403c0450f10c2be236583ad195bbf1152fd39c3fedca44a446be2b2c3f700034dffac2e47fffef98ad80bee289f3ff61349379d0dd7ff272ac4849d94a1d16888bba344efb96fd588ae9f92d50d3127909769e5552fab91621cc5cef910b83c8c3af70815db05f657e1c84f73672e4ba823a9480d16030300cc0d0000c8030102400028040305030603080708080809080a080b08040805080604010501060103030301
   Attribute 79 (EAP-Message) length=173
      Value: 030204020502060200980096308193310b3009060355040613024652310f300d06035504080c065261646975733112301006035504070c09536f6d65776865726531153013060355040a0c0c4578616d706c6520496e632e3120301e06092a864886f70d010901161161646d696e406578616d706c652e6f72673126302406035504030c1d4578616d706c6520436572746966696361746520417574686f7269747916030300040e000000
   Attribute 80 (Message-Authenticator) length=18
      Value: 1e46aaf226b3feb527d8078b405dda55
   Attribute 24 (State) length=18
      Value: c3766526c0fc680cfcfe39c092ffd9b8
STA 02:00:00:00:00:01: Received RADIUS packet matched with a pending request, round trip time 0.01 sec

RADIUS packet matching with station
decapsulated EAP packet (code=1 id=138 len=930) from RADIUS server: EAP-Request-TLS (13)
EAPOL: Received EAP-Packet frame
EAPOL: SUPP_BE entering state REQUEST
EAPOL: getSuppRsp
EAP: EAP entering state RECEIVED
EAP: Received EAP-Request id=138 method=13 vendor=0 vendorMethod=0
EAP: EAP entering state METHOD
SSL: Received packet(len=930) - Flags 0x80
SSL: TLS Message Length: 2908
OpenSSL: RX ver=0x0 content_type=256 (TLS header info/)
OpenSSL: Message - hexdump(len=5): 16 03 03 00 3d
SSL: (where=0x1001 ret=0x1)
SSL: SSL_connect:SSLv3/TLS write client hello
OpenSSL: RX ver=0x303 content_type=22 (handshake/server hello)
OpenSSL: Message - hexdump(len=61): 02 00 00 39 03 03 3d c4 75 55 62 30 a3 bc 15 89 f3 31 7f fb 72 3f 84 53 f5 39 68 ba d1 39 08 5a 3a fa b3 dc d5 43 00 c0 30 00 00 11 ff 01 00 01 00 00 0b 00 04 03 00 01 02 00 17 00 00
OpenSSL: RX ver=0x0 content_type=256 (TLS header info/)
OpenSSL: Message - hexdump(len=5): 16 03 03 08 e9
SSL: (where=0x1001 ret=0x1)
SSL: SSL_connect:SSLv3/TLS read server hello
OpenSSL: RX ver=0x303 content_type=22 (handshake/certificate)
OpenSSL: Message - hexdump(len=2281): 0b 00 08 e5 00 08 e2 00 03 de 30 82 03 da 30 82 02 c2 a0 03 02 01 02 02 01 01 30 0d 06 09 2a 86 48 86 f7 0d 01 01 0b 05 00 30 81 93 31 0b 30 09 06 03 55 04 06 13 02 46 52 31 0f 30 0d 06 03 55 04 08 0c 06 52 61 64 69 75 73 31 12 30 10 06 03 55 04 07 0c 09 53 6f 6d 65 77 68 65 72 65 31 15 30 13 06 03 55 04 0a 0c 0c 45 78 61 6d 70 6c 65 20 49 6e 63 2e 31 20 30 1e 06 09 2a 86 48 86 f7 0d 01 09 01 16 11 61 64 6d 69 6e 40 65 78 61 6d 70 6c 65 2e 6f 72 67 31 26 30 24 06 03 55 04 03 0c 1d 45 78 61 6d 70 6c 65 20 43 65 72 74 69 66 69 63 61 74 65 20 41 75 74 68 6f 72 69 74 79 30 1e 17 0d 32 34 30 32 32 31 30 32 35 35 32 35 5a 17 0d 32 34 30 34 32 31 30 32 35 35 32 35 5a 30 7c 31 0b 30 09 06 03 55 04 06 13 02 46 52 31 0f 30 0d 06 03 55 04 08 0c 06 52 61 64 69 75 73 31 15 30 13 06 03 55 04 0a 0c 0c 45 78 61 6d 70 6c 65 20 49 6e 63 2e 31 23 30 21 06 03 55 04 03 0c 1a 45 78 61 6d 70 6c 65 20 53 65 72 76 65 72 20 43 65 72 74 69 66 69 63 61 74 65 31 20 30 1e 06 09 2a 86 48 86 f7 0d 01 09 01 16 11 61 64 6d 69 6e 40 65 78 61 6d 70 6c 65 2e 6f 72 67 30 82 01 22 30 0d 06 09 2a 86 48 86 f7 0d 01 01 01 05 00 03 82 01 0f 00 30 82 01 0a 02 82 01 01 00 d1 c0 ab ff d4 6f 4b 53 69 d6 d0 04 16 36 4a b0 ad ef 9c b6 e6 65 0d 29 52 12 99 d8 ad 89 3b f2 18 f0 93 4d 0b 97 01 8b 2d ca 90 3b 2b c3 dc 35 14 4d be be 52 e7 20 21 d2 63 a2 13 82 31 49 2b a3 a6 aa df 64 0b cd ab c4 04 33 c2 2d 6d 53 ce 4f b3 84 c2 57 6c c9 32 6d ae 0b ef aa ad 84 20 74 85 b0 37 51 40 10 51 d1 3e 1e 17 5a 15 92 6d 4b d9 dd ab dc 4b c3 27 fd 88 eb a4 b0 1d 6e 4e 61 c5 4b 3a 36 b8 c3 15 0d 6b 44 69 90 45 e2 65 04 0c 85 d6 7f 18 1b d5 1e 23 6f 43 7e 03 b0 75 54 18 b6 d7 c5 70 f2 2c 52 16 de fb 52 dc 25 e1 db d6 43 8f 26 2d fa 04 f6 73 f1 fd 32 5a ba d4 e9 d0 5c d1 aa 66 25 8a 27 d5 d1 74 e6 c2 d4 c3 ec d7 56 b1 c9 d2 80 6c 8f d7 99 8d 76 5e 3b c8 09 11 01 fb a7 cc ad bb 33 f9 25 60 d6 fb a6 47 c3 03 d2 13 66 45 0a df d6 c2 96 d8 29 c6 93 87 02 03 01 00 01 a3 4f 30 4d 30 13 06 03 55 1d 25 04 0c 30 0a 06 08 2b 06 01 05 05 07 03 01 30 36 06 03 55 1d 1f 04 2f 30 2d 30 2b a0 29 a0 27 86 25 68 74 74 70 3a 2f 2f 77 77 77 2e 65 78 61 6d 70 6c 65 2e 63 6f 6d 2f 65 78 61 6d 70 6c 65 5f 63 61 2e 63 72 6c 30 0d 06 09 2a 86 48 86 f7 0d 01 01 0b 05 00 03 82 01 01 00 bd 49 89 97 34 11 68 30 71 5a b1 b5 9f 57 48 c0 2d 47 b9 25 22 8a 7c 18 0c ba 39 66 d0 9c 61 d9 06 ee 2c c7 92 06 5b e7 f4 4e a2 5d a7 83 7b d1 42 d3 b2 80 17 8f bc e6 ed a7 ab d9 03 1f 01 f0 cb bf 17 60 7d 45 43 f9 c6 49 65 6f 33 15 84 f5 62 73 93 3a fd 58 fd 4d e6 c4 0b 9d ff 9d c2 c4 b7 bc f0 9a 71 3f cd f8 1a 07 ad 00 a7 3d 09 9c be f6 f1 e8 14 74 d5 fd a0 7a 97 52 48 86 1d e4 11 61 71 a7 db 53 60 e6 50 be e8 56 f7 5c 83 8d 51 ae 3b b1 84 1f 05 e9 f3 91 66 ff 13 2a 23 e8 1c ff 02 85 5b 53 cf 09 f7 d5 40 70 be 0c 51 07 f6 4a b5 d3 82 35 a4 81 1c 3f 2e 4c c1 29 e3 88 ad 6f 6c 62 37 38 6b 5f 4d 7e cc 8d 19 3c 24 65 df e0 51 19 44 74 b5 3e 1a c3 64 e4 b8 fd cb 52 7d 6d e8 ca 80 9c bf d5 eb 53 a4 77 85 e6 2e aa 3f 7b af be ff 69 9f 9e 63 1a 78 ef bd 38 d6 27 00 04 fe 30 82 04 fa 30 82 03 e2 a0 03 02 01 02 02 14 4a 1d ec 91 e0 85 7d 76 d6 5f 37 d6 dd aa b4 19 11 76 eb cb 30 0d 06 09 2a 86 48 86 f7 0d 01 01 0b 05 00 30 81 93 31 0b 30 09 06 03 55 04 06 13 02 46 52 31 0f 30 0d 06 03 55 04 08 0c 06 52 61 64 69 75 73 31 12 30 10 06 03 55 04 07 0c 09 53 6f 6d 65 77 68 65 72 65 31 15 30 13 06 03 55 04 0a 0c 0c 45 78 61 6d 70 6c 65 20 49 6e 63 2e 31 20 30 1e 06 09 2a 86 48 86 f7 0d 01 09 01 16 11 61 64 6d 69 6e 40 65 78 61 6d 70 6c 65 2e 6f 72 67 31 26 30 24 06 03 55 04 03 0c 1d 45 78 61 6d 70 6c 65 20 43 65 72 74 69 66 69 63 61 74 65 20 41 75 74 68 6f 72 69 74 79 30 1e 17 0d 32 34 30 32 32 31 30 32 35 35 32 35 5a 17 0d 32 34 30 34 32 31 30 32 35 35 32 35 5a 30 81 93 31 0b 30 09 06 03 55 04 06 13 02 46 52 31 0f 30 0d 06 03 55 04 08 0c 06 52 61 64 69 75 73 31 12 30 10 06 03 55 04 07 0c 09 53 6f 6d 65 77 68 65 72 65 31 15 30 13 06 03 55 04 0a 0c 0c 45 78 61 6d 70 6c 65 20 49 6e 63 2e 31 20 30 1e 06 09 2a 86 48 86 f7 0d 01 09 01 16 11 61 64 6d 69 6e 40 65 78 61 6d 70 6c 65 2e 6f 72 67 31 26 30 24 06 03 55 04 03 0c 1d 45 78 61 6d 70 6c 65 20 43 65 72 74 69 66 69 63 61 74 65 20 41 75 74 68 6f 72 69 74 79 30 82 01 22 30 0d 06 09 2a 86 48 86 f7 0d 01 01 01 05 00 03 82 01 0f 00 30 82 01 0a 02 82 01 01 00 d7 ab 97 ba 11 f9 01 e2 bc be 70 3c 7b 5a 46 8f ea 2a 40 2b d2 7b 36 1c 81 59 26 d7 d1 f5 7f c3 3a 40 04 83 d8 0c 8a 3f bc eb 16 bc a8 25 98 1c da 2e c7 33 0b 40 78 00 f1 7d cf f7 76 18 b2 f6 a4 a7 a9 22 16 ef 2c a4 20 0e 5b e3 5a 17 a0 f2 a1 5b f8 b4 33 12 c6 62 90 72 9a ea b2 c5 ba 23 7e c9 4e 9a 1f 52 57 48 3e ee de 76 62 6d 67 7f 0d d9 1e e8 92 02 fc 8d ae 4e 3c 01 5f b9 8a 4f 07 50 aa 0e 7e d1 bd 5c 3a 6b 86 23 63 8d 87 6f 4d ab 25 69 0b e8 7e 09 6d 7e 88 75 29 07 2b d3 ee de a0 bf f0 65 fd 9b 79 91 4e 0e 7b 74 0f 23 6f 20 37 2b 3b 0a d1 e9 ac ec 52 b3 75 41 ce a0 af 33 72 9d ae 3e 4a 63 22 e8 6b 44 a1 59 c6 df 35 79 0b 0b 6a 26 fc 94 28 a8 f3 23 e3 51 98 64 8b 7b 50 93 50 f3 dd 72 92 9a b5 f2 97 0f 5d d4 ef 27 15 75 f3 66 5b 69 b5 bd 94 76 8b 84 78 3f 02 03 01 00 01 a3 82 01 42 30 82 01 3e 30 1d 06 03 55 1d 0e 04 16 04 14 01 57 1d 77 9e 50 f5 b5 91 d6 da d4 96 f8 9a c3 bc 91 cf 27 30 81 d3 06 03 55 1d 23 04 81 cb 30 81 c8 80 14 01 57 1d 77 9e 50 f5 b5 91 d6 da d4 96 f8 9a c3 bc 91 cf 27 a1 81 99 a4 81 96 30 81 93 31 0b 30 09 06 03 55 04 06 13 02 46 52 31 0f 30 0d 06 03 55 04 08 0c 06 52 61 64 69 75 73 31 12 30 10 06 03 55 04 07 0c 09 53 6f 6d 65 77 68 65 72 65 31 15 30 13 06 03 55 04 0a 0c 0c 45 78 61 6d 70 6c 65 20 49 6e 63 2e 31 20 30 1e 06 09 2a 86 48 86 f7 0d 01 09 01 16 11 61 64 6d 69 6e 40 65 78 61 6d 70 6c 65 2e 6f 72 67 31 26 30 24 06 03 55 04 03 0c 1d 45 78 61 6d 70 6c 65 20 43 65 72 74 69 66 69 63 61 74 65 20 41 75 74 68 6f 72 69 74 79 82 14 4a 1d ec 91 e0 85 7d 76 d6 5f 37 d6 dd aa b4 19 11 76 eb cb 30 0f 06 03 55 1d 13 01 01 ff 04 05 30 03 01 01 ff 30 36 06 03 55 1d 1f 04 2f 30 2d 30 2b a0 29 a0 27 86 25 68 74 74 70 3a 2f 2f 77 77 77 2e 65 78 61 6d 70 6c 65 2e 6f 72 67 2f 65 78 61 6d 70 6c 65 5f 63 61 2e 63 72 6c 30 0d 06 09 2a 86 48 86 f7 0d 01 01 0b 05 00 03 82 01 01 00 5a 51 d3 79 e5 b5 6b 81 6e 7a 7b d9 ea 45 4a 1a 68 62 30 c6 0c 53 f1 7c a7 0b 7f 71 6c 0c 0d a2 eb af ba ac f1 61 5d ac 12 1f 23 e4 b9 f8 3b 66 70 0c 2d bf 93 5a 16 e9 ad 93 6f b6 c6 08 f9 f1 2c bd 45 02 7e 08 89 e6 b5 9c 78 cc 47 f4 07 ea 36 e3 2b dd 38 ae 9a 5b f3 90 9b f6 8c 03 28 e3 be f6 77 fe c2 d9 87 31 b1 bd 09 45 68 32 b2 11 c8 65 74 12 1e 3f 2e 8d e7 56 02 b0 f5 eb 97 4f 3a 4d e2 6a 81 54 97 22 77 94 51 a9 47 d6 9b 5d c9 f7 b3 88 e2 19 74 d5 ed 35 18 b7 04 d9 51 a1 ed a7 30 1d 00 94 93 e3 fc 40 7e bb ae 92 4d f0 16 90 3a 69 ad c3 79 09 ec df 37 22 eb 1b 96 46 33 fc cd 6e ef d8 f9 4c cc e6 10 8c e3 e8 4b 1d 4d 6e 8a 25 7b 20 e0 ba bd c5 3c d8 b2 40 e9 ca 84 40 bd 97 7a 4d b8 11 81 41 64 a7 89 0a bb 48 d0 64 2a 83 d2 3a 90 1c 60 54 65 ff ee ea c2 41
OpenSSL: Peer certificate - depth 1
Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            4a:1d:ec:91:e0:85:7d:76:d6:5f:37:d6:dd:aa:b4:19:11:76:eb:cb
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: C=FR, ST=Radius, L=Somewhere, O=Example Inc./emailAddress=admin@example.org, CN=Example Certificate Authority
        Validity
            Not Before: Feb 21 02:55:25 2024 GMT
            Not After : Apr 21 02:55:25 2024 GMT
        Subject: C=FR, ST=Radius, L=Somewhere, O=Example Inc./emailAddress=admin@example.org, CN=Example Certificate Authority
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d7:ab:97:ba:11:f9:01:e2:bc:be:70:3c:7b:5a:
                    46:8f:ea:2a:40:2b:d2:7b:36:1c:81:59:26:d7:d1:
                    f5:7f:c3:3a:40:04:83:d8:0c:8a:3f:bc:eb:16:bc:
                    a8:25:98:1c:da:2e:c7:33:0b:40:78:00:f1:7d:cf:
                    f7:76:18:b2:f6:a4:a7:a9:22:16:ef:2c:a4:20:0e:
                    5b:e3:5a:17:a0:f2:a1:5b:f8:b4:33:12:c6:62:90:
                    72:9a:ea:b2:c5:ba:23:7e:c9:4e:9a:1f:52:57:48:
                    3e:ee:de:76:62:6d:67:7f:0d:d9:1e:e8:92:02:fc:
                    8d:ae:4e:3c:01:5f:b9:8a:4f:07:50:aa:0e:7e:d1:
                    bd:5c:3a:6b:86:23:63:8d:87:6f:4d:ab:25:69:0b:
                    e8:7e:09:6d:7e:88:75:29:07:2b:d3:ee:de:a0:bf:
                    f0:65:fd:9b:79:91:4e:0e:7b:74:0f:23:6f:20:37:
                    2b:3b:0a:d1:e9:ac:ec:52:b3:75:41:ce:a0:af:33:
                    72:9d:ae:3e:4a:63:22:e8:6b:44:a1:59:c6:df:35:
                    79:0b:0b:6a:26:fc:94:28:a8:f3:23:e3:51:98:64:
                    8b:7b:50:93:50:f3:dd:72:92:9a:b5:f2:97:0f:5d:
                    d4:ef:27:15:75:f3:66:5b:69:b5:bd:94:76:8b:84:
                    78:3f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                01:57:1D:77:9E:50:F5:B5:91:D6:DA:D4:96:F8:9A:C3:BC:91:CF:27
            X509v3 Authority Key Identifier:
                keyid:01:57:1D:77:9E:50:F5:B5:91:D6:DA:D4:96:F8:9A:C3:BC:91:CF:27
                DirName:/C=FR/ST=Radius/L=Somewhere/O=Example Inc./emailAddress=admin@example.org/CN=Example Certificate Authority
                serial:4A:1D:EC:91:E0:85:7D:76:D6:5F:37:D6:DD:AA:B4:19:11:76:EB:CB

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:http://www.example.org/example_ca.crl

    Signature Algorithm: sha256WithRSAEncryption
         5a:51:d3:79:e5:b5:6b:81:6e:7a:7b:d9:ea:45:4a:1a:68:62:
         30:c6:0c:53:f1:7c:a7:0b:7f:71:6c:0c:0d:a2:eb:af:ba:ac:
         f1:61:5d:ac:12:1f:23:e4:b9:f8:3b:66:70:0c:2d:bf:93:5a:
         16:e9:ad:93:6f:b6:c6:08:f9:f1:2c:bd:45:02:7e:08:89:e6:
         b5:9c:78:cc:47:f4:07:ea:36:e3:2b:dd:38:ae:9a:5b:f3:90:
         9b:f6:8c:03:28:e3:be:f6:77:fe:c2:d9:87:31:b1:bd:09:45:
         68:32:b2:11:c8:65:74:12:1e:3f:2e:8d:e7:56:02:b0:f5:eb:
         97:4f:3a:4d:e2:6a:81:54:97:22:77:94:51:a9:47:d6:9b:5d:
         c9:f7:b3:88:e2:19:74:d5:ed:35:18:b7:04:d9:51:a1:ed:a7:
         30:1d:00:94:93:e3:fc:40:7e:bb:ae:92:4d:f0:16:90:3a:69:
         ad:c3:79:09:ec:df:37:22:eb:1b:96:46:33:fc:cd:6e:ef:d8:
         f9:4c:cc:e6:10:8c:e3:e8:4b:1d:4d:6e:8a:25:7b:20:e0:ba:
         bd:c5:3c:d8:b2:40:e9:ca:84:40:bd:97:7a:4d:b8:11:81:41:
         64:a7:89:0a:bb:48:d0:64:2a:83:d2:3a:90:1c:60:54:65:ff:
         ee:ea:c2:41

CTRL-EVENT-EAP-PEER-CERT depth=1 subject='/C=FR/ST=Radius/L=Somewhere/O=Example Inc./emailAddress=admin@example.org/CN=Example Certificate Authority' hash=5a7df6ac8a17be4f95d70e75e60d255c20228efd5de61400b72207dfbc976477
TLS: tls_verify_cb - preverify_ok=1 err=0 (ok) ca_cert_verify=1 depth=1 buf='/C=FR/ST=Radius/L=Somewhere/O=Example Inc./emailAddress=admin@example.org/CN=Example Certificate Authority'
OpenSSL: Peer certificate - depth 0
Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1 (0x1)
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: C=FR, ST=Radius, L=Somewhere, O=Example Inc./emailAddress=admin@example.org, CN=Example Certificate Authority
        Validity
            Not Before: Feb 21 02:55:25 2024 GMT
            Not After : Apr 21 02:55:25 2024 GMT
        Subject: C=FR, ST=Radius, O=Example Inc., CN=Example Server Certificate/emailAddress=admin@example.org
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d1:c0:ab:ff:d4:6f:4b:53:69:d6:d0:04:16:36:
                    4a:b0:ad:ef:9c:b6:e6:65:0d:29:52:12:99:d8:ad:
                    89:3b:f2:18:f0:93:4d:0b:97:01:8b:2d:ca:90:3b:
                    2b:c3:dc:35:14:4d:be:be:52:e7:20:21:d2:63:a2:
                    13:82:31:49:2b:a3:a6:aa:df:64:0b:cd:ab:c4:04:
                    33:c2:2d:6d:53:ce:4f:b3:84:c2:57:6c:c9:32:6d:
                    ae:0b:ef:aa:ad:84:20:74:85:b0:37:51:40:10:51:
                    d1:3e:1e:17:5a:15:92:6d:4b:d9:dd:ab:dc:4b:c3:
                    27:fd:88:eb:a4:b0:1d:6e:4e:61:c5:4b:3a:36:b8:
                    c3:15:0d:6b:44:69:90:45:e2:65:04:0c:85:d6:7f:
                    18:1b:d5:1e:23:6f:43:7e:03:b0:75:54:18:b6:d7:
                    c5:70:f2:2c:52:16:de:fb:52:dc:25:e1:db:d6:43:
                    8f:26:2d:fa:04:f6:73:f1:fd:32:5a:ba:d4:e9:d0:
                    5c:d1:aa:66:25:8a:27:d5:d1:74:e6:c2:d4:c3:ec:
                    d7:56:b1:c9:d2:80:6c:8f:d7:99:8d:76:5e:3b:c8:
                    09:11:01:fb:a7:cc:ad:bb:33:f9:25:60:d6:fb:a6:
                    47:c3:03:d2:13:66:45:0a:df:d6:c2:96:d8:29:c6:
                    93:87
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Extended Key Usage:
                TLS Web Server Authentication
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:http://www.example.com/example_ca.crl

    Signature Algorithm: sha256WithRSAEncryption
         bd:49:89:97:34:11:68:30:71:5a:b1:b5:9f:57:48:c0:2d:47:
         b9:25:22:8a:7c:18:0c:ba:39:66:d0:9c:61:d9:06:ee:2c:c7:
         92:06:5b:e7:f4:4e:a2:5d:a7:83:7b:d1:42:d3:b2:80:17:8f:
         bc:e6:ed:a7:ab:d9:03:1f:01:f0:cb:bf:17:60:7d:45:43:f9:
         c6:49:65:6f:33:15:84:f5:62:73:93:3a:fd:58:fd:4d:e6:c4:
         0b:9d:ff:9d:c2:c4:b7:bc:f0:9a:71:3f:cd:f8:1a:07:ad:00:
         a7:3d:09:9c:be:f6:f1:e8:14:74:d5:fd:a0:7a:97:52:48:86:
         1d:e4:11:61:71:a7:db:53:60:e6:50:be:e8:56:f7:5c:83:8d:
         51:ae:3b:b1:84:1f:05:e9:f3:91:66:ff:13:2a:23:e8:1c:ff:
         02:85:5b:53:cf:09:f7:d5:40:70:be:0c:51:07:f6:4a:b5:d3:
         82:35:a4:81:1c:3f:2e:4c:c1:29:e3:88:ad:6f:6c:62:37:38:
         6b:5f:4d:7e:cc:8d:19:3c:24:65:df:e0:51:19:44:74:b5:3e:
         1a:c3:64:e4:b8:fd:cb:52:7d:6d:e8:ca:80:9c:bf:d5:eb:53:
         a4:77:85:e6:2e:aa:3f:7b:af:be:ff:69:9f:9e:63:1a:78:ef:
         bd:38:d6:27

CTRL-EVENT-EAP-PEER-CERT depth=0 subject='/C=FR/ST=Radius/O=Example Inc./CN=Example Server Certificate/emailAddress=admin@example.org' hash=442c76845b6912ab534b2e2ea69570c8c86cd0e6098e66239bfd6bcc0a40d9fc
TLS: tls_verify_cb - preverify_ok=1 err=0 (ok) ca_cert_verify=1 depth=0 buf='/C=FR/ST=Radius/O=Example Inc./CN=Example Server Certificate/emailAddress=admin@example.org'
EAP: Status notification: remote certificate verification (param=success)
OpenSSL: RX ver=0x0 content_type=256 (TLS header info/)
OpenSSL: Message - hexdump(len=5): 16 03 03 01 4d
SSL: (where=0x1001 ret=0x1)
SSL: SSL_connect:SSLv3/TLS read server certificate
OpenSSL: RX ver=0x303 content_type=22 (handshake/server key exchange)
OpenSSL: Message - hexdump(len=333): 0c 00 01 49 03 00 17 41 04 0c 25 82 23 72 c5 6e 62 ec f3 5d d2 d9 2f d8 4f 1b f3 5f b7 88 6f 0d 01 1c bc 81 90 f7 ca b8 fc 9b a3 d9 13 a8 09 fa e8 67 f5 50 1d 81 8c 6e 3b 2a 7e 37 c4 f4 ce e3 b5 64 09 90 c5 7a 3f 5c f6 08 04 01 00 a3 0c 43 7c bb 0c 0b 9d e4 72 7b 5b b9 0b 8f 50 8a 0c 30 53 e8 9f 05 9e 61 06 9f 13 51 74 7d f5 f1 a9 1b 28 19 8c 7a 2c f9 a0 fa b9 99 30 ec 90 e7 e7 22 2c 64 48 a5 9a bb e1 53 78 ed 75 0e a8 2f 01 ae 7e ff 06 74 79 00 84 69 2b 93 92 41 db c3 4c 4e 17 56 c8 86 77 d6 6e 46 c7 49 c7 12 d3 f4 52 7d 28 1c 6e 74 3e 54 99 40 a9 7a 84 5f db 2b 3e 0d 49 40 6d ab 4c 46 d4 fe 6b 18 a9 c5 ab 7f 59 c2 b2 b9 c2 17 1c 11 44 ea 04 03 c0 45 0f 10 c2 be 23 65 83 ad 19 5b bf 11 52 fd 39 c3 fe dc a4 4a 44 6b e2 b2 c3 f7 00 03 4d ff ac 2e 47 ff fe f9 8a d8 0b ee 28 9f 3f f6 13 49 37 9d 0d d7 ff 27 2a c4 84 9d 94 a1 d1 68 88 bb a3 44 ef b9 6f d5 88 ae 9f 92 d5 0d 31 27 90 97 69 e5 55 2f ab 91 62 1c c5 ce f9 10 b8 3c 8c 3a f7 08 15 db 05 f6 57 e1 c8 4f 73 67 2e 4b a8 23 a9 48 0d
OpenSSL: RX ver=0x0 content_type=256 (TLS header info/)
OpenSSL: Message - hexdump(len=5): 16 03 03 00 cc
SSL: (where=0x1001 ret=0x1)
SSL: SSL_connect:SSLv3/TLS read server key exchange
OpenSSL: RX ver=0x303 content_type=22 (handshake/certificate request)
OpenSSL: Message - hexdump(len=204): 0d 00 00 c8 03 01 02 40 00 28 04 03 05 03 06 03 08 07 08 08 08 09 08 0a 08 0b 08 04 08 05 08 06 04 01 05 01 06 01 03 03 03 01 03 02 04 02 05 02 06 02 00 98 00 96 30 81 93 31 0b 30 09 06 03 55 04 06 13 02 46 52 31 0f 30 0d 06 03 55 04 08 0c 06 52 61 64 69 75 73 31 12 30 10 06 03 55 04 07 0c 09 53 6f 6d 65 77 68 65 72 65 31 15 30 13 06 03 55 04 0a 0c 0c 45 78 61 6d 70 6c 65 20 49 6e 63 2e 31 20 30 1e 06 09 2a 86 48 86 f7 0d 01 09 01 16 11 61 64 6d 69 6e 40 65 78 61 6d 70 6c 65 2e 6f 72 67 31 26 30 24 06 03 55 04 03 0c 1d 45 78 61 6d 70 6c 65 20 43 65 72 74 69 66 69 63 61 74 65 20 41 75 74 68 6f 72 69 74 79
OpenSSL: RX ver=0x0 content_type=256 (TLS header info/)
OpenSSL: Message - hexdump(len=5): 16 03 03 00 04
SSL: (where=0x1001 ret=0x1)
SSL: SSL_connect:SSLv3/TLS read server certificate request
OpenSSL: RX ver=0x303 content_type=22 (handshake/server hello done)
OpenSSL: Message - hexdump(len=4): 0e 00 00 00
SSL: (where=0x1001 ret=0x1)
SSL: SSL_connect:SSLv3/TLS read server done
OpenSSL: TX ver=0x0 content_type=256 (TLS header info/)
OpenSSL: Message - hexdump(len=5): 16 03 03 08 de
OpenSSL: TX ver=0x303 content_type=22 (handshake/certificate)
OpenSSL: Message - hexdump(len=2270): 0b 00 08 da 00 08 d7 00 03 d3 30 82 03 cf 30 82 02 b7 a0 03 02 01 02 02 01 02 30 0d 06 09 2a 86 48 86 f7 0d 01 01 0b 05 00 30 81 93 31 0b 30 09 06 03 55 04 06 13 02 46 52 31 0f 30 0d 06 03 55 04 08 0c 06 52 61 64 69 75 73 31 12 30 10 06 03 55 04 07 0c 09 53 6f 6d 65 77 68 65 72 65 31 15 30 13 06 03 55 04 0a 0c 0c 45 78 61 6d 70 6c 65 20 49 6e 63 2e 31 20 30 1e 06 09 2a 86 48 86 f7 0d 01 09 01 16 11 61 64 6d 69 6e 40 65 78 61 6d 70 6c 65 2e 6f 72 67 31 26 30 24 06 03 55 04 03 0c 1d 45 78 61 6d 70 6c 65 20 43 65 72 74 69 66 69 63 61 74 65 20 41 75 74 68 6f 72 69 74 79 30 1e 17 0d 32 34 30 32 32 31 30 32 35 35 32 35 5a 17 0d 32 34 30 34 32 31 30 32 35 35 32 35 5a 30 71 31 0b 30 09 06 03 55 04 06 13 02 46 52 31 0f 30 0d 06 03 55 04 08 0c 06 52 61 64 69 75 73 31 15 30 13 06 03 55 04 0a 0c 0c 45 78 61 6d 70 6c 65 20 49 6e 63 2e 31 19 30 17 06 03 55 04 03 0c 10 75 73 65 72 40 65 78 61 6d 70 6c 65 2e 6f 72 67 31 1f 30 1d 06 09 2a 86 48 86 f7 0d 01 09 01 16 10 75 73 65 72 40 65 78 61 6d 70 6c 65 2e 6f 72 67 30 82 01 22 30 0d 06 09 2a 86 48 86 f7 0d 01 01 01 05 00 03 82 01 0f 00 30 82 01 0a 02 82 01 01 00 ac 64 f9 52 38 ec f6 6d 2e 16 5e 9e 5b 33 10 ca 9d b0 b8 2d c7 98 21 6e 76 49 c9 e7 73 48 82 90 a6 fd 40 85 2f 7a 6f a8 50 7f a8 8a 81 33 e1 b6 51 75 40 17 ea 49 bb 27 d3 f7 55 ee c4 47 0b 82 4e 29 3e 7d e0 b0 6e 6c aa 88 55 99 3e 21 a1 5e 22 35 22 01 71 2d 04 87 82 25 39 0a 26 d5 44 b2 8f eb 4d e3 29 46 a7 83 de e5 01 d5 81 e4 2c ed bf fe 7f 57 70 df 52 f0 64 77 e9 8f ff 30 43 19 8e 08 28 76 99 99 89 6f 8e a1 d4 e6 5e 34 6f 04 67 30 b9 b3 a1 94 53 3c 9f c6 e7 71 3e ad 2a 11 ff 38 33 24 35 3f 76 ee 91 cf da 03 51 56 3d 4a 12 7d 05 0c 73 8b 88 f4 d0 38 27 b3 e8 09 3c 8d ff 67 cc 2d 1f ce 02 c1 d8 34 62 2b 42 5a 33 19 ae cd 30 4a 89 54 74 6b b2 28 59 f7 65 7c 72 29 04 3d e1 fc 31 c8 c9 ad 8a 1c 10 17 4a 71 88 99 aa 44 28 f7 3d 18 d3 8f 9f 17 3e ca 71 56 bd 67 02 03 01 00 01 a3 4f 30 4d 30 13 06 03 55 1d 25 04 0c 30 0a 06 08 2b 06 01 05 05 07 03 02 30 36 06 03 55 1d 1f 04 2f 30 2d 30 2b a0 29 a0 27 86 25 68 74 74 70 3a 2f 2f 77 77 77 2e 65 78 61 6d 70 6c 65 2e 63 6f 6d 2f 65 78 61 6d 70 6c 65 5f 63 61 2e 63 72 6c 30 0d 06 09 2a 86 48 86 f7 0d 01 01 0b 05 00 03 82 01 01 00 7f 6a 16 6b 0b 48 1b c5 b6 2f 4f e2 49 42 fe 84 16 f4 46 c3 f5 dd ea 61 2b e4 e9 91 ed 8f 00 c3 15 bc 58 ba c2 9a da 2b d6 c9 2f c1 a9 10 b3 fb 15 10 0c 2b 8f 3f 82 67 73 05 f2 69 45 46 26 8c a9 76 6c 07 67 af 42 a1 7d a8 5b 4a 1c c5 59 33 8e 7d c8 d4 e5 4b 93 7a 31 cf aa be 2e 9c 65 29 73 c7 02 3b b7 c1 49 a2 f5 54 ca 73 de b0 12 b4 55 03 44 34 aa cb 81 0e 11 4f a0 13 a7 d8 63 f3 3d 70 86 48 e7 88 ee 56 5c eb 83 04 c4 77 a7 e7 8d da 95 a6 1c b4 86 0c 48 51 b1 8a c6 b8 52 44 b8 3b 55 59 78 60 e9 94 42 c7 a1 28 4b 1d c7 95 fc 0e 5a 3f 63 56 2b 4c 9a 0e c6 2d 41 61 ad 1c e5 86 3b f3 71 14 1f e9 03 82 c6 41 3d 9d f7 88 77 d0 55 a0 dc cc d9 c3 1f 68 40 5f 07 a4 18 8d cf cc dd 11 13 bd 59 79 c7 f7 2c f1 2e 97 f7 63 47 28 92 c1 91 04 91 6e db e9 44 2f d8 c5 4a be 00 04 fe 30 82 04 fa 30 82 03 e2 a0 03 02 01 02 02 14 4a 1d ec 91 e0 85 7d 76 d6 5f 37 d6 dd aa b4 19 11 76 eb cb 30 0d 06 09 2a 86 48 86 f7 0d 01 01 0b 05 00 30 81 93 31 0b 30 09 06 03 55 04 06 13 02 46 52 31 0f 30 0d 06 03 55 04 08 0c 06 52 61 64 69 75 73 31 12 30 10 06 03 55 04 07 0c 09 53 6f 6d 65 77 68 65 72 65 31 15 30 13 06 03 55 04 0a 0c 0c 45 78 61 6d 70 6c 65 20 49 6e 63 2e 31 20 30 1e 06 09 2a 86 48 86 f7 0d 01 09 01 16 11 61 64 6d 69 6e 40 65 78 61 6d 70 6c 65 2e 6f 72 67 31 26 30 24 06 03 55 04 03 0c 1d 45 78 61 6d 70 6c 65 20 43 65 72 74 69 66 69 63 61 74 65 20 41 75 74 68 6f 72 69 74 79 30 1e 17 0d 32 34 30 32 32 31 30 32 35 35 32 35 5a 17 0d 32 34 30 34 32 31 30 32 35 35 32 35 5a 30 81 93 31 0b 30 09 06 03 55 04 06 13 02 46 52 31 0f 30 0d 06 03 55 04 08 0c 06 52 61 64 69 75 73 31 12 30 10 06 03 55 04 07 0c 09 53 6f 6d 65 77 68 65 72 65 31 15 30 13 06 03 55 04 0a 0c 0c 45 78 61 6d 70 6c 65 20 49 6e 63 2e 31 20 30 1e 06 09 2a 86 48 86 f7 0d 01 09 01 16 11 61 64 6d 69 6e 40 65 78 61 6d 70 6c 65 2e 6f 72 67 31 26 30 24 06 03 55 04 03 0c 1d 45 78 61 6d 70 6c 65 20 43 65 72 74 69 66 69 63 61 74 65 20 41 75 74 68 6f 72 69 74 79 30 82 01 22 30 0d 06 09 2a 86 48 86 f7 0d 01 01 01 05 00 03 82 01 0f 00 30 82 01 0a 02 82 01 01 00 d7 ab 97 ba 11 f9 01 e2 bc be 70 3c 7b 5a 46 8f ea 2a 40 2b d2 7b 36 1c 81 59 26 d7 d1 f5 7f c3 3a 40 04 83 d8 0c 8a 3f bc eb 16 bc a8 25 98 1c da 2e c7 33 0b 40 78 00 f1 7d cf f7 76 18 b2 f6 a4 a7 a9 22 16 ef 2c a4 20 0e 5b e3 5a 17 a0 f2 a1 5b f8 b4 33 12 c6 62 90 72 9a ea b2 c5 ba 23 7e c9 4e 9a 1f 52 57 48 3e ee de 76 62 6d 67 7f 0d d9 1e e8 92 02 fc 8d ae 4e 3c 01 5f b9 8a 4f 07 50 aa 0e 7e d1 bd 5c 3a 6b 86 23 63 8d 87 6f 4d ab 25 69 0b e8 7e 09 6d 7e 88 75 29 07 2b d3 ee de a0 bf f0 65 fd 9b 79 91 4e 0e 7b 74 0f 23 6f 20 37 2b 3b 0a d1 e9 ac ec 52 b3 75 41 ce a0 af 33 72 9d ae 3e 4a 63 22 e8 6b 44 a1 59 c6 df 35 79 0b 0b 6a 26 fc 94 28 a8 f3 23 e3 51 98 64 8b 7b 50 93 50 f3 dd 72 92 9a b5 f2 97 0f 5d d4 ef 27 15 75 f3 66 5b 69 b5 bd 94 76 8b 84 78 3f 02 03 01 00 01 a3 82 01 42 30 82 01 3e 30 1d 06 03 55 1d 0e 04 16 04 14 01 57 1d 77 9e 50 f5 b5 91 d6 da d4 96 f8 9a c3 bc 91 cf 27 30 81 d3 06 03 55 1d 23 04 81 cb 30 81 c8 80 14 01 57 1d 77 9e 50 f5 b5 91 d6 da d4 96 f8 9a c3 bc 91 cf 27 a1 81 99 a4 81 96 30 81 93 31 0b 30 09 06 03 55 04 06 13 02 46 52 31 0f 30 0d 06 03 55 04 08 0c 06 52 61 64 69 75 73 31 12 30 10 06 03 55 04 07 0c 09 53 6f 6d 65 77 68 65 72 65 31 15 30 13 06 03 55 04 0a 0c 0c 45 78 61 6d 70 6c 65 20 49 6e 63 2e 31 20 30 1e 06 09 2a 86 48 86 f7 0d 01 09 01 16 11 61 64 6d 69 6e 40 65 78 61 6d 70 6c 65 2e 6f 72 67 31 26 30 24 06 03 55 04 03 0c 1d 45 78 61 6d 70 6c 65 20 43 65 72 74 69 66 69 63 61 74 65 20 41 75 74 68 6f 72 69 74 79 82 14 4a 1d ec 91 e0 85 7d 76 d6 5f 37 d6 dd aa b4 19 11 76 eb cb 30 0f 06 03 55 1d 13 01 01 ff 04 05 30 03 01 01 ff 30 36 06 03 55 1d 1f 04 2f 30 2d 30 2b a0 29 a0 27 86 25 68 74 74 70 3a 2f 2f 77 77 77 2e 65 78 61 6d 70 6c 65 2e 6f 72 67 2f 65 78 61 6d 70 6c 65 5f 63 61 2e 63 72 6c 30 0d 06 09 2a 86 48 86 f7 0d 01 01 0b 05 00 03 82 01 01 00 5a 51 d3 79 e5 b5 6b 81 6e 7a 7b d9 ea 45 4a 1a 68 62 30 c6 0c 53 f1 7c a7 0b 7f 71 6c 0c 0d a2 eb af ba ac f1 61 5d ac 12 1f 23 e4 b9 f8 3b 66 70 0c 2d bf 93 5a 16 e9 ad 93 6f b6 c6 08 f9 f1 2c bd 45 02 7e 08 89 e6 b5 9c 78 cc 47 f4 07 ea 36 e3 2b dd 38 ae 9a 5b f3 90 9b f6 8c 03 28 e3 be f6 77 fe c2 d9 87 31 b1 bd 09 45 68 32 b2 11 c8 65 74 12 1e 3f 2e 8d e7 56 02 b0 f5 eb 97 4f 3a 4d e2 6a 81 54 97 22 77 94 51 a9 47 d6 9b 5d c9 f7 b3 88 e2 19 74 d5 ed 35 18 b7 04 d9 51 a1 ed a7 30 1d 00 94 93 e3 fc 40 7e bb ae 92 4d f0 16 90 3a 69 ad c3 79 09 ec df 37 22 eb 1b 96 46 33 fc cd 6e ef d8 f9 4c cc e6 10 8c e3 e8 4b 1d 4d 6e 8a 25 7b 20 e0 ba bd c5 3c d8 b2 40 e9 ca 84 40 bd 97 7a 4d b8 11 81 41 64 a7 89 0a bb 48 d0 64 2a 83 d2 3a 90 1c 60 54 65 ff ee ea c2 41
SSL: (where=0x1001 ret=0x1)
SSL: SSL_connect:SSLv3/TLS write client certificate
OpenSSL: TX ver=0x0 content_type=256 (TLS header info/)
OpenSSL: Message - hexdump(len=5): 16 03 03 00 46
OpenSSL: TX ver=0x303 content_type=22 (handshake/client key exchange)
OpenSSL: Message - hexdump(len=70): 10 00 00 42 41 04 93 6a 1a 99 16 e7 f6 49 d3 af d9 ef 72 12 09 9a f9 5e 61 f2 48 4f c5 13 53 3e 4d 22 36 28 2b 4c d1 ea ef 18 5d de c6 7e fc b0 3d e2 0d cb 5a 63 67 f7 7a b8 82 e8 95 6d 31 ba 6a 6d 9f 16 3c 71
SSL: (where=0x1001 ret=0x1)
SSL: SSL_connect:SSLv3/TLS write client key exchange
OpenSSL: TX ver=0x0 content_type=256 (TLS header info/)
OpenSSL: Message - hexdump(len=5): 16 03 03 01 08
OpenSSL: TX ver=0x303 content_type=22 (handshake/certificate verify)
OpenSSL: Message - hexdump(len=264): 0f 00 01 04 08 04 01 00 3d 88 40 f6 11 1f 79 ba ba 79 40 a0 d9 79 88 2e bd c5 67 14 00 7a e7 31 1f 1c 8b 04 a3 07 4f 59 47 d9 59 1a bf 0c 63 50 5d bd 04 f1 d6 6a f6 de b0 83 d4 57 04 57 20 25 20 a2 38 25 45 03 77 21 70 27 b4 58 59 e6 39 2b 07 9d a5 42 61 7f ee 10 87 c8 14 c3 78 e1 f2 6f d8 df 64 8d 2a 49 31 9a ad 60 24 ca 7a 97 75 7c 62 5a 48 d0 30 01 36 c5 8d 5f 16 63 1f db 58 99 6a 24 c8 d7 47 ab 45 57 2b 81 c9 f7 51 4f 07 a7 90 20 94 6e 04 31 02 4c d5 01 02 51 1e cb 76 1c b0 5f ba aa af 22 91 6f eb 45 dd cc b4 50 22 fc eb e1 10 a8 e6 95 f5 5b 5d 0f 9c 0c f1 67 c7 56 1c 2a 09 fc 2d 4f a2 4f c1 8b 79 52 fe 21 b3 c5 6f 82 5b 98 d3 d5 24 26 08 53 cc 5c 1f b3 71 3e 08 ec db 30 46 bf 49 ec f6 9b 94 59 22 7c 62 7b 85 5f d5 aa 01 45 c2 b9 1e ea 2b 4c fb b3 75 3e 65 6f de 95 4d 00 a2 3b
SSL: (where=0x1001 ret=0x1)
SSL: SSL_connect:SSLv3/TLS write certificate verify
OpenSSL: TX ver=0x0 content_type=256 (TLS header info/)
OpenSSL: Message - hexdump(len=5): 14 03 03 00 01
OpenSSL: TX ver=0x303 content_type=20 (change cipher spec/)
OpenSSL: Message - hexdump(len=1): 01
SSL: (where=0x1001 ret=0x1)
SSL: SSL_connect:SSLv3/TLS write change cipher spec
OpenSSL: TX ver=0x0 content_type=256 (TLS header info/)
OpenSSL: Message - hexdump(len=5): 16 03 03 00 28
OpenSSL: TX ver=0x303 content_type=22 (handshake/finished)
OpenSSL: Message - hexdump(len=16): 14 00 00 0c 92 67 75 de 2d f8 44 b3 ee af fe 0c
SSL: (where=0x1001 ret=0x1)
SSL: SSL_connect:SSLv3/TLS write finished
SSL: (where=0x1002 ret=0xffffffff)
SSL: SSL_connect:error in SSLv3/TLS write finished
SSL: SSL_connect - want more data
SSL: 2670 bytes pending from ssl_out
SSL: Using TLS version TLSv1.2
SSL: 2670 bytes left to be sent out (of total 2670 bytes)
SSL: sending 1398 bytes, more fragments will follow
EAP: method process -> ignore=FALSE methodState=MAY_CONT decision=FAIL eapRespData=0x3d1750
EAP: EAP entering state SEND_RESPONSE
EAP: EAP entering state IDLE
EAPOL: SUPP_BE entering state RESPONSE
EAPOL: txSuppRsp
WPA: eapol_test_eapol_send(type=0 len=1408)
TX EAP -> RADIUS - hexdump(len=1408): 02 8a 05 80 0d c0 00 00 0a 6e 16 03 03 08 de 0b 00 08 da 00 08 d7 00 03 d3 30 82 03 cf 30 82 02 b7 a0 03 02 01 02 02 01 02 30 0d 06 09 2a 86 48 86 f7 0d 01 01 0b 05 00 30 81 93 31 0b 30 09 06 03 55 04 06 13 02 46 52 31 0f 30 0d 06 03 55 04 08 0c 06 52 61 64 69 75 73 31 12 30 10 06 03 55 04 07 0c 09 53 6f 6d 65 77 68 65 72 65 31 15 30 13 06 03 55 04 0a 0c 0c 45 78 61 6d 70 6c 65 20 49 6e 63 2e 31 20 30 1e 06 09 2a 86 48 86 f7 0d 01 09 01 16 11 61 64 6d 69 6e 40 65 78 61 6d 70 6c 65 2e 6f 72 67 31 26 30 24 06 03 55 04 03 0c 1d 45 78 61 6d 70 6c 65 20 43 65 72 74 69 66 69 63 61 74 65 20 41 75 74 68 6f 72 69 74 79 30 1e 17 0d 32 34 30 32 32 31 30 32 35 35 32 35 5a 17 0d 32 34 30 34 32 31 30 32 35 35 32 35 5a 30 71 31 0b 30 09 06 03 55 04 06 13 02 46 52 31 0f 30 0d 06 03 55 04 08 0c 06 52 61 64 69 75 73 31 15 30 13 06 03 55 04 0a 0c 0c 45 78 61 6d 70 6c 65 20 49 6e 63 2e 31 19 30 17 06 03 55 04 03 0c 10 75 73 65 72 40 65 78 61 6d 70 6c 65 2e 6f 72 67 31 1f 30 1d 06 09 2a 86 48 86 f7 0d 01 09 01 16 10 75 73 65 72 40 65 78 61 6d 70 6c 65 2e 6f 72 67 30 82 01 22 30 0d 06 09 2a 86 48 86 f7 0d 01 01 01 05 00 03 82 01 0f 00 30 82 01 0a 02 82 01 01 00 ac 64 f9 52 38 ec f6 6d 2e 16 5e 9e 5b 33 10 ca 9d b0 b8 2d c7 98 21 6e 76 49 c9 e7 73 48 82 90 a6 fd 40 85 2f 7a 6f a8 50 7f a8 8a 81 33 e1 b6 51 75 40 17 ea 49 bb 27 d3 f7 55 ee c4 47 0b 82 4e 29 3e 7d e0 b0 6e 6c aa 88 55 99 3e 21 a1 5e 22 35 22 01 71 2d 04 87 82 25 39 0a 26 d5 44 b2 8f eb 4d e3 29 46 a7 83 de e5 01 d5 81 e4 2c ed bf fe 7f 57 70 df 52 f0 64 77 e9 8f ff 30 43 19 8e 08 28 76 99 99 89 6f 8e a1 d4 e6 5e 34 6f 04 67 30 b9 b3 a1 94 53 3c 9f c6 e7 71 3e ad 2a 11 ff 38 33 24 35 3f 76 ee 91 cf da 03 51 56 3d 4a 12 7d 05 0c 73 8b 88 f4 d0 38 27 b3 e8 09 3c 8d ff 67 cc 2d 1f ce 02 c1 d8 34 62 2b 42 5a 33 19 ae cd 30 4a 89 54 74 6b b2 28 59 f7 65 7c 72 29 04 3d e1 fc 31 c8 c9 ad 8a 1c 10 17 4a 71 88 99 aa 44 28 f7 3d 18 d3 8f 9f 17 3e ca 71 56 bd 67 02 03 01 00 01 a3 4f 30 4d 30 13 06 03 55 1d 25 04 0c 30 0a 06 08 2b 06 01 05 05 07 03 02 30 36 06 03 55 1d 1f 04 2f 30 2d 30 2b a0 29 a0 27 86 25 68 74 74 70 3a 2f 2f 77 77 77 2e 65 78 61 6d 70 6c 65 2e 63 6f 6d 2f 65 78 61 6d 70 6c 65 5f 63 61 2e 63 72 6c 30 0d 06 09 2a 86 48 86 f7 0d 01 01 0b 05 00 03 82 01 01 00 7f 6a 16 6b 0b 48 1b c5 b6 2f 4f e2 49 42 fe 84 16 f4 46 c3 f5 dd ea 61 2b e4 e9 91 ed 8f 00 c3 15 bc 58 ba c2 9a da 2b d6 c9 2f c1 a9 10 b3 fb 15 10 0c 2b 8f 3f 82 67 73 05 f2 69 45 46 26 8c a9 76 6c 07 67 af 42 a1 7d a8 5b 4a 1c c5 59 33 8e 7d c8 d4 e5 4b 93 7a 31 cf aa be 2e 9c 65 29 73 c7 02 3b b7 c1 49 a2 f5 54 ca 73 de b0 12 b4 55 03 44 34 aa cb 81 0e 11 4f a0 13 a7 d8 63 f3 3d 70 86 48 e7 88 ee 56 5c eb 83 04 c4 77 a7 e7 8d da 95 a6 1c b4 86 0c 48 51 b1 8a c6 b8 52 44 b8 3b 55 59 78 60 e9 94 42 c7 a1 28 4b 1d c7 95 fc 0e 5a 3f 63 56 2b 4c 9a 0e c6 2d 41 61 ad 1c e5 86 3b f3 71 14 1f e9 03 82 c6 41 3d 9d f7 88 77 d0 55 a0 dc cc d9 c3 1f 68 40 5f 07 a4 18 8d cf cc dd 11 13 bd 59 79 c7 f7 2c f1 2e 97 f7 63 47 28 92 c1 91 04 91 6e db e9 44 2f d8 c5 4a be 00 04 fe 30 82 04 fa 30 82 03 e2 a0 03 02 01 02 02 14 4a 1d ec 91 e0 85 7d 76 d6 5f 37 d6 dd aa b4 19 11 76 eb cb 30 0d 06 09 2a 86 48 86 f7 0d 01 01 0b 05 00 30 81 93 31 0b 30 09 06 03 55 04 06 13 02 46 52 31 0f 30 0d 06 03 55 04 08 0c 06 52 61 64 69 75 73 31 12 30 10 06 03 55 04 07 0c 09 53 6f 6d 65 77 68 65 72 65 31 15 30 13 06 03 55 04 0a 0c 0c 45 78 61 6d 70 6c 65 20 49 6e 63 2e 31 20 30 1e 06 09 2a 86 48 86 f7 0d 01 09 01 16 11 61 64 6d 69 6e 40 65 78 61 6d 70 6c 65 2e 6f 72 67 31 26 30 24 06 03 55 04 03 0c 1d 45 78 61 6d 70 6c 65 20 43 65 72 74 69 66 69 63 61 74 65 20 41 75 74 68 6f 72 69 74 79 30 1e 17 0d 32 34 30 32 32 31 30 32 35 35 32 35 5a 17 0d 32 34 30 34 32 31 30 32 35 35 32 35 5a 30 81 93 31 0b 30 09 06 03 55 04 06 13 02 46 52 31 0f 30 0d 06 03 55 04 08 0c 06 52 61 64 69 75 73 31 12 30 10 06 03 55 04 07 0c 09 53 6f 6d 65 77 68 65 72 65 31 15 30 13 06 03 55 04 0a 0c 0c 45 78 61 6d 70 6c 65 20 49 6e 63 2e 31 20 30 1e 06 09 2a 86 48 86 f7 0d 01 09 01 16 11 61 64 6d 69 6e 40 65 78 61 6d 70 6c 65 2e 6f 72 67 31 26 30 24 06 03 55 04 03 0c 1d 45 78 61 6d 70 6c 65 20 43 65 72 74 69 66 69 63 61 74 65 20 41 75 74 68 6f 72 69 74 79 30 82 01 22 30 0d 06 09 2a 86 48 86 f7 0d 01 01 01 05 00
Encapsulating EAP message into a RADIUS packet
  Copied RADIUS State Attribute
Sending RADIUS message to authentication server
RADIUS message: code=1 (Access-Request) identifier=11 length=1552
   Attribute 1 (User-Name) length=9
      Value: 'testing'
   Attribute 4 (NAS-IP-Address) length=6
      Value: 127.0.0.1
   Attribute 31 (Calling-Station-Id) length=19
      Value: '02-00-00-00-00-01'
   Attribute 12 (Framed-MTU) length=6
      Value: 1400
   Attribute 61 (NAS-Port-Type) length=6
      Value: 19
   Attribute 6 (Service-Type) length=6
      Value: 2
   Attribute 77 (Connect-Info) length=24
      Value: 'CONNECT 11Mbps 802.11b'
   Attribute 79 (EAP-Message) length=255
      Value: 028a05800dc000000a6e16030308de0b0008da0008d70003d3308203cf308202b7a003020102020102300d06092a864886f70d01010b0500308193310b3009060355040613024652310f300d06035504080c065261646975733112301006035504070c09536f6d65776865726531153013060355040a0c0c4578616d706c6520496e632e3120301e06092a864886f70d010901161161646d696e406578616d706c652e6f72673126302406035504030c1d4578616d706c6520436572746966696361746520417574686f72697479301e170d3234303232313032353532355a170d3234303432313032353532355a3071310b3009060355040613024652
   Attribute 79 (EAP-Message) length=255
      Value: 310f300d06035504080c0652616469757331153013060355040a0c0c4578616d706c6520496e632e3119301706035504030c1075736572406578616d706c652e6f7267311f301d06092a864886f70d010901161075736572406578616d706c652e6f726730820122300d06092a864886f70d01010105000382010f003082010a0282010100ac64f95238ecf66d2e165e9e5b3310ca9db0b82dc798216e7649c9e773488290a6fd40852f7a6fa8507fa88a8133e1b651754017ea49bb27d3f755eec4470b824e293e7de0b06e6caa8855993e21a15e22352201712d04878225390a26d544b28feb4de32946a783dee501d581e42cedbffe7f5770df52f0
   Attribute 79 (EAP-Message) length=255
      Value: 6477e98fff3043198e0828769999896f8ea1d4e65e346f046730b9b3a194533c9fc6e7713ead2a11ff383324353f76ee91cfda0351563d4a127d050c738b88f4d03827b3e8093c8dff67cc2d1fce02c1d834622b425a3319aecd304a8954746bb22859f7657c7229043de1fc31c8c9ad8a1c10174a718899aa4428f73d18d38f9f173eca7156bd670203010001a34f304d30130603551d25040c300a06082b0601050507030230360603551d1f042f302d302ba029a0278625687474703a2f2f7777772e6578616d706c652e636f6d2f6578616d706c655f63612e63726c300d06092a864886f70d01010b050003820101007f6a166b0b481bc5b62f4f
   Attribute 79 (EAP-Message) length=255
      Value: e24942fe8416f446c3f5ddea612be4e991ed8f00c315bc58bac29ada2bd6c92fc1a910b3fb15100c2b8f3f82677305f2694546268ca9766c0767af42a17da85b4a1cc559338e7dc8d4e54b937a31cfaabe2e9c652973c7023bb7c149a2f554ca73deb012b455034434aacb810e114fa013a7d863f33d708648e788ee565ceb8304c477a7e78dda95a61cb4860c4851b18ac6b85244b83b55597860e99442c7a1284b1dc795fc0e5a3f63562b4c9a0ec62d4161ad1ce5863bf371141fe90382c6413d9df78877d055a0dcccd9c31f68405f07a4188dcfccdd1113bd5979c7f72cf12e97f763472892c19104916edbe9442fd8c54abe0004fe308204fa30
   Attribute 79 (EAP-Message) length=255
      Value: 8203e2a00302010202144a1dec91e0857d76d65f37d6ddaab4191176ebcb300d06092a864886f70d01010b0500308193310b3009060355040613024652310f300d06035504080c065261646975733112301006035504070c09536f6d65776865726531153013060355040a0c0c4578616d706c6520496e632e3120301e06092a864886f70d010901161161646d696e406578616d706c652e6f72673126302406035504030c1d4578616d706c6520436572746966696361746520417574686f72697479301e170d3234303232313032353532355a170d3234303432313032353532355a308193310b3009060355040613024652310f300d06035504080c
   Attribute 79 (EAP-Message) length=145
      Value: 065261646975733112301006035504070c09536f6d65776865726531153013060355040a0c0c4578616d706c6520496e632e3120301e06092a864886f70d010901161161646d696e406578616d706c652e6f72673126302406035504030c1d4578616d706c6520436572746966696361746520417574686f7269747930820122300d06092a864886f70d0101010500
   Attribute 24 (State) length=18
      Value: c3766526c0fc680cfcfe39c092ffd9b8
   Attribute 80 (Message-Authenticator) length=18
      Value: def53521352fc920110f7648a61baabc
Next RADIUS client retransmit in 3 seconds
EAPOL: SUPP_BE entering state RECEIVE
Received 64 bytes from RADIUS server
Received RADIUS message
RADIUS message: code=11 (Access-Challenge) identifier=11 length=64
   Attribute 79 (EAP-Message) length=8
      Value: 018b00060d00
   Attribute 80 (Message-Authenticator) length=18
      Value: a50962434e6a3cb26adc3f7b6cf2e534
   Attribute 24 (State) length=18
      Value: c3766526c7fd680cfcfe39c092ffd9b8
STA 02:00:00:00:00:01: Received RADIUS packet matched with a pending request, round trip time 0.00 sec

RADIUS packet matching with station
decapsulated EAP packet (code=1 id=139 len=6) from RADIUS server: EAP-Request-TLS (13)
EAPOL: Received EAP-Packet frame
EAPOL: SUPP_BE entering state REQUEST
EAPOL: getSuppRsp
EAP: EAP entering state RECEIVED
EAP: Received EAP-Request id=139 method=13 vendor=0 vendorMethod=0
EAP: EAP entering state METHOD
SSL: Received packet(len=6) - Flags 0x00
SSL: 1272 bytes left to be sent out (of total 2670 bytes)
EAP: method process -> ignore=FALSE methodState=MAY_CONT decision=FAIL eapRespData=0x3d8858
EAP: EAP entering state SEND_RESPONSE
EAP: EAP entering state IDLE
EAPOL: SUPP_BE entering state RESPONSE
EAPOL: txSuppRsp
WPA: eapol_test_eapol_send(type=0 len=1278)
TX EAP -> RADIUS - hexdump(len=1278): 02 8b 04 fe 0d 00 03 82 01 0f 00 30 82 01 0a 02 82 01 01 00 d7 ab 97 ba 11 f9 01 e2 bc be 70 3c 7b 5a 46 8f ea 2a 40 2b d2 7b 36 1c 81 59 26 d7 d1 f5 7f c3 3a 40 04 83 d8 0c 8a 3f bc eb 16 bc a8 25 98 1c da 2e c7 33 0b 40 78 00 f1 7d cf f7 76 18 b2 f6 a4 a7 a9 22 16 ef 2c a4 20 0e 5b e3 5a 17 a0 f2 a1 5b f8 b4 33 12 c6 62 90 72 9a ea b2 c5 ba 23 7e c9 4e 9a 1f 52 57 48 3e ee de 76 62 6d 67 7f 0d d9 1e e8 92 02 fc 8d ae 4e 3c 01 5f b9 8a 4f 07 50 aa 0e 7e d1 bd 5c 3a 6b 86 23 63 8d 87 6f 4d ab 25 69 0b e8 7e 09 6d 7e 88 75 29 07 2b d3 ee de a0 bf f0 65 fd 9b 79 91 4e 0e 7b 74 0f 23 6f 20 37 2b 3b 0a d1 e9 ac ec 52 b3 75 41 ce a0 af 33 72 9d ae 3e 4a 63 22 e8 6b 44 a1 59 c6 df 35 79 0b 0b 6a 26 fc 94 28 a8 f3 23 e3 51 98 64 8b 7b 50 93 50 f3 dd 72 92 9a b5 f2 97 0f 5d d4 ef 27 15 75 f3 66 5b 69 b5 bd 94 76 8b 84 78 3f 02 03 01 00 01 a3 82 01 42 30 82 01 3e 30 1d 06 03 55 1d 0e 04 16 04 14 01 57 1d 77 9e 50 f5 b5 91 d6 da d4 96 f8 9a c3 bc 91 cf 27 30 81 d3 06 03 55 1d 23 04 81 cb 30 81 c8 80 14 01 57 1d 77 9e 50 f5 b5 91 d6 da d4 96 f8 9a c3 bc 91 cf 27 a1 81 99 a4 81 96 30 81 93 31 0b 30 09 06 03 55 04 06 13 02 46 52 31 0f 30 0d 06 03 55 04 08 0c 06 52 61 64 69 75 73 31 12 30 10 06 03 55 04 07 0c 09 53 6f 6d 65 77 68 65 72 65 31 15 30 13 06 03 55 04 0a 0c 0c 45 78 61 6d 70 6c 65 20 49 6e 63 2e 31 20 30 1e 06 09 2a 86 48 86 f7 0d 01 09 01 16 11 61 64 6d 69 6e 40 65 78 61 6d 70 6c 65 2e 6f 72 67 31 26 30 24 06 03 55 04 03 0c 1d 45 78 61 6d 70 6c 65 20 43 65 72 74 69 66 69 63 61 74 65 20 41 75 74 68 6f 72 69 74 79 82 14 4a 1d ec 91 e0 85 7d 76 d6 5f 37 d6 dd aa b4 19 11 76 eb cb 30 0f 06 03 55 1d 13 01 01 ff 04 05 30 03 01 01 ff 30 36 06 03 55 1d 1f 04 2f 30 2d 30 2b a0 29 a0 27 86 25 68 74 74 70 3a 2f 2f 77 77 77 2e 65 78 61 6d 70 6c 65 2e 6f 72 67 2f 65 78 61 6d 70 6c 65 5f 63 61 2e 63 72 6c 30 0d 06 09 2a 86 48 86 f7 0d 01 01 0b 05 00 03 82 01 01 00 5a 51 d3 79 e5 b5 6b 81 6e 7a 7b d9 ea 45 4a 1a 68 62 30 c6 0c 53 f1 7c a7 0b 7f 71 6c 0c 0d a2 eb af ba ac f1 61 5d ac 12 1f 23 e4 b9 f8 3b 66 70 0c 2d bf 93 5a 16 e9 ad 93 6f b6 c6 08 f9 f1 2c bd 45 02 7e 08 89 e6 b5 9c 78 cc 47 f4 07 ea 36 e3 2b dd 38 ae 9a 5b f3 90 9b f6 8c 03 28 e3 be f6 77 fe c2 d9 87 31 b1 bd 09 45 68 32 b2 11 c8 65 74 12 1e 3f 2e 8d e7 56 02 b0 f5 eb 97 4f 3a 4d e2 6a 81 54 97 22 77 94 51 a9 47 d6 9b 5d c9 f7 b3 88 e2 19 74 d5 ed 35 18 b7 04 d9 51 a1 ed a7 30 1d 00 94 93 e3 fc 40 7e bb ae 92 4d f0 16 90 3a 69 ad c3 79 09 ec df 37 22 eb 1b 96 46 33 fc cd 6e ef d8 f9 4c cc e6 10 8c e3 e8 4b 1d 4d 6e 8a 25 7b 20 e0 ba bd c5 3c d8 b2 40 e9 ca 84 40 bd 97 7a 4d b8 11 81 41 64 a7 89 0a bb 48 d0 64 2a 83 d2 3a 90 1c 60 54 65 ff ee ea c2 41 16 03 03 00 46 10 00 00 42 41 04 93 6a 1a 99 16 e7 f6 49 d3 af d9 ef 72 12 09 9a f9 5e 61 f2 48 4f c5 13 53 3e 4d 22 36 28 2b 4c d1 ea ef 18 5d de c6 7e fc b0 3d e2 0d cb 5a 63 67 f7 7a b8 82 e8 95 6d 31 ba 6a 6d 9f 16 3c 71 16 03 03 01 08 0f 00 01 04 08 04 01 00 3d 88 40 f6 11 1f 79 ba ba 79 40 a0 d9 79 88 2e bd c5 67 14 00 7a e7 31 1f 1c 8b 04 a3 07 4f 59 47 d9 59 1a bf 0c 63 50 5d bd 04 f1 d6 6a f6 de b0 83 d4 57 04 57 20 25 20 a2 38 25 45 03 77 21 70 27 b4 58 59 e6 39 2b 07 9d a5 42 61 7f ee 10 87 c8 14 c3 78 e1 f2 6f d8 df 64 8d 2a 49 31 9a ad 60 24 ca 7a 97 75 7c 62 5a 48 d0 30 01 36 c5 8d 5f 16 63 1f db 58 99 6a 24 c8 d7 47 ab 45 57 2b 81 c9 f7 51 4f 07 a7 90 20 94 6e 04 31 02 4c d5 01 02 51 1e cb 76 1c b0 5f ba aa af 22 91 6f eb 45 dd cc b4 50 22 fc eb e1 10 a8 e6 95 f5 5b 5d 0f 9c 0c f1 67 c7 56 1c 2a 09 fc 2d 4f a2 4f c1 8b 79 52 fe 21 b3 c5 6f 82 5b 98 d3 d5 24 26 08 53 cc 5c 1f b3 71 3e 08 ec db 30 46 bf 49 ec f6 9b 94 59 22 7c 62 7b 85 5f d5 aa 01 45 c2 b9 1e ea 2b 4c fb b3 75 3e 65 6f de 95 4d 00 a2 3b 14 03 03 00 01 01 16 03 03 00 28 3c dc c4 cd 80 68 a9 e3 8f 47 a1 9f b0 f7 31 5a 42 d9 c7 9a 5b 21 37 34 97 74 11 b9 82 19 15 9c 0b 20 d6 be fc c4 ed 5c
Encapsulating EAP message into a RADIUS packet
  Copied RADIUS State Attribute
Sending RADIUS message to authentication server
RADIUS message: code=1 (Access-Request) identifier=12 length=1422
   Attribute 1 (User-Name) length=9
      Value: 'testing'
   Attribute 4 (NAS-IP-Address) length=6
      Value: 127.0.0.1
   Attribute 31 (Calling-Station-Id) length=19
      Value: '02-00-00-00-00-01'
   Attribute 12 (Framed-MTU) length=6
      Value: 1400
   Attribute 61 (NAS-Port-Type) length=6
      Value: 19
   Attribute 6 (Service-Type) length=6
      Value: 2
   Attribute 77 (Connect-Info) length=24
      Value: 'CONNECT 11Mbps 802.11b'
   Attribute 79 (EAP-Message) length=255
      Value: 028b04fe0d000382010f003082010a0282010100d7ab97ba11f901e2bcbe703c7b5a468fea2a402bd27b361c815926d7d1f57fc33a400483d80c8a3fbceb16bca825981cda2ec7330b407800f17dcff77618b2f6a4a7a92216ef2ca4200e5be35a17a0f2a15bf8b43312c66290729aeab2c5ba237ec94e9a1f5257483eeede76626d677f0dd91ee89202fc8dae4e3c015fb98a4f0750aa0e7ed1bd5c3a6b8623638d876f4dab25690be87e096d7e887529072bd3eedea0bff065fd9b79914e0e7b740f236f20372b3b0ad1e9acec52b37541cea0af33729dae3e4a6322e86b44a159c6df35790b0b6a26fc9428a8f323e35198648b7b509350f3dd7292
   Attribute 79 (EAP-Message) length=255
      Value: 9ab5f2970f5dd4ef271575f3665b69b5bd94768b84783f0203010001a38201423082013e301d0603551d0e0416041401571d779e50f5b591d6dad496f89ac3bc91cf273081d30603551d230481cb3081c8801401571d779e50f5b591d6dad496f89ac3bc91cf27a18199a48196308193310b3009060355040613024652310f300d06035504080c065261646975733112301006035504070c09536f6d65776865726531153013060355040a0c0c4578616d706c6520496e632e3120301e06092a864886f70d010901161161646d696e406578616d706c652e6f72673126302406035504030c1d4578616d706c6520436572746966696361746520417574
   Attribute 79 (EAP-Message) length=255
      Value: 686f7269747982144a1dec91e0857d76d65f37d6ddaab4191176ebcb300f0603551d130101ff040530030101ff30360603551d1f042f302d302ba029a0278625687474703a2f2f7777772e6578616d706c652e6f72672f6578616d706c655f63612e63726c300d06092a864886f70d01010b050003820101005a51d379e5b56b816e7a7bd9ea454a1a686230c60c53f17ca70b7f716c0c0da2ebafbaacf1615dac121f23e4b9f83b66700c2dbf935a16e9ad936fb6c608f9f12cbd45027e0889e6b59c78cc47f407ea36e32bdd38ae9a5bf3909bf68c0328e3bef677fec2d98731b1bd09456832b211c86574121e3f2e8de75602b0f5eb974f3a4de26a
   Attribute 79 (EAP-Message) length=255
      Value: 81549722779451a947d69b5dc9f7b388e21974d5ed3518b704d951a1eda7301d009493e3fc407ebbae924df016903a69adc37909ecdf3722eb1b964633fccd6eefd8f94ccce6108ce3e84b1d4d6e8a257b20e0babdc53cd8b240e9ca8440bd977a4db811814164a7890abb48d0642a83d23a901c605465ffeeeac2411603030046100000424104936a1a9916e7f649d3afd9ef7212099af95e61f2484fc513533e4d2236282b4cd1eaef185ddec67efcb03de20dcb5a6367f77ab882e8956d31ba6a6d9f163c7116030301080f000104080401003d8840f6111f79baba7940a0d979882ebdc56714007ae7311f1c8b04a3074f5947d9591abf0c63505d
   Attribute 79 (EAP-Message) length=255
      Value: bd04f1d66af6deb083d4570457202520a23825450377217027b45859e6392b079da542617fee1087c814c378e1f26fd8df648d2a49319aad6024ca7a97757c625a48d0300136c58d5f16631fdb58996a24c8d747ab45572b81c9f7514f07a79020946e0431024cd50102511ecb761cb05fbaaaaf22916feb45ddccb45022fcebe110a8e695f55b5d0f9c0cf167c7561c2a09fc2d4fa24fc18b7952fe21b3c56f825b98d3d524260853cc5c1fb3713e08ecdb3046bf49ecf69b9459227c627b855fd5aa0145c2b91eea2b4cfbb3753e656fde954d00a23b14030300010116030300283cdcc4cd8068a9e38f47a19fb0f7315a42d9c79a5b213734977411
   Attribute 79 (EAP-Message) length=15
      Value: b98219159c0b20d6befcc4ed5c
   Attribute 24 (State) length=18
      Value: c3766526c7fd680cfcfe39c092ffd9b8
   Attribute 80 (Message-Authenticator) length=18
      Value: 60c5fa168b21191b382b78469f128812
Next RADIUS client retransmit in 3 seconds
EAPOL: SUPP_BE entering state RECEIVE
Received 119 bytes from RADIUS server
Received RADIUS message
RADIUS message: code=11 (Access-Challenge) identifier=12 length=119
   Attribute 79 (EAP-Message) length=63
      Value: 018c003d0d80000000331403030001011603030028d883bcf1df2d97abd3a30bc451a89e8e7f571177ce2cea2da756fc2577a1b1fa573677203292f418
   Attribute 80 (Message-Authenticator) length=18
      Value: d9a7114f605de92f97df1ed4d53be22e
   Attribute 24 (State) length=18
      Value: c3766526c6fa680cfcfe39c092ffd9b8
STA 02:00:00:00:00:01: Received RADIUS packet matched with a pending request, round trip time 0.00 sec

RADIUS packet matching with station
decapsulated EAP packet (code=1 id=140 len=61) from RADIUS server: EAP-Request-TLS (13)
EAPOL: Received EAP-Packet frame
EAPOL: SUPP_BE entering state REQUEST
EAPOL: getSuppRsp
EAP: EAP entering state RECEIVED
EAP: Received EAP-Request id=140 method=13 vendor=0 vendorMethod=0
EAP: EAP entering state METHOD
SSL: Received packet(len=61) - Flags 0x80
SSL: TLS Message Length: 51
OpenSSL: RX ver=0x0 content_type=256 (TLS header info/)
OpenSSL: Message - hexdump(len=5): 14 03 03 00 01
SSL: (where=0x1001 ret=0x1)
SSL: SSL_connect:SSLv3/TLS write finished
OpenSSL: RX ver=0x0 content_type=256 (TLS header info/)
OpenSSL: Message - hexdump(len=5): 16 03 03 00 28
SSL: (where=0x1001 ret=0x1)
SSL: SSL_connect:SSLv3/TLS read change cipher spec
OpenSSL: RX ver=0x303 content_type=22 (handshake/finished)
OpenSSL: Message - hexdump(len=16): 14 00 00 0c 87 19 f2 d6 f1 37 ad 4f 28 c1 26 02
SSL: (where=0x1001 ret=0x1)
SSL: SSL_connect:SSLv3/TLS read finished
SSL: (where=0x20 ret=0x1)
SSL: (where=0x1002 ret=0x1)
SSL: 0 bytes pending from ssl_out
OpenSSL: Handshake finished - resumed=0
SSL: No Application Data included
SSL: Using TLS version TLSv1.2
SSL: No data to be sent out
EAP-TLS: Done
EAP-TLS: Derived key - hexdump(len=64): 83 b4 cd a5 f8 56 78 2c 47 74 ba 05 f8 1a 94 09 16 ee c2 e2 a4 d6 27 2b db 56 a6 ae 16 b7 8b 3d e4 0e 25 20 df 13 22 7d 43 b4 27 9b a9 bf 78 59 33 46 d7 09 c2 bc e3 2c d8 35 e4 a0 09 65 cd c5
EAP-TLS: Derived EMSK - hexdump(len=64): 41 0f 0d 03 61 6f 85 e7 8b d3 c5 b0 b9 72 23 35 ec 74 a4 b9 09 8f 6c d3 e5 07 a5 f4 b7 f1 52 da f6 00 51 cc 61 91 48 e3 6f cb b2 fb 70 14 e7 b5 f0 82 13 6f c8 44 e0 a7 b7 6d 67 35 f7 b2 b6 c2
EAP-TLS: Derived Session-Id - hexdump(len=65): 0d 1d bc 83 68 a3 72 fe a4 9b fe 33 e1 3c ce 1d 56 f5 50 ae 62 f9 c6 54 ed 13 04 08 b8 37 0f b7 f3 3d c4 75 55 62 30 a3 bc 15 89 f3 31 7f fb 72 3f 84 53 f5 39 68 ba d1 39 08 5a 3a fa b3 dc d5 43
SSL: Building ACK (type=13 id=140 ver=0)
EAP: method process -> ignore=FALSE methodState=DONE decision=UNCOND_SUCC eapRespData=0x3bf820
EAP: Session-Id - hexdump(len=65): 0d 1d bc 83 68 a3 72 fe a4 9b fe 33 e1 3c ce 1d 56 f5 50 ae 62 f9 c6 54 ed 13 04 08 b8 37 0f b7 f3 3d c4 75 55 62 30 a3 bc 15 89 f3 31 7f fb 72 3f 84 53 f5 39 68 ba d1 39 08 5a 3a fa b3 dc d5 43
EAP: EAP entering state SEND_RESPONSE
EAP: EAP entering state IDLE
EAPOL: SUPP_BE entering state RESPONSE
EAPOL: txSuppRsp
WPA: eapol_test_eapol_send(type=0 len=6)
TX EAP -> RADIUS - hexdump(len=6): 02 8c 00 06 0d 00
Encapsulating EAP message into a RADIUS packet
  Copied RADIUS State Attribute
Sending RADIUS message to authentication server
RADIUS message: code=1 (Access-Request) identifier=13 length=140
   Attribute 1 (User-Name) length=9
      Value: 'testing'
   Attribute 4 (NAS-IP-Address) length=6
      Value: 127.0.0.1
   Attribute 31 (Calling-Station-Id) length=19
      Value: '02-00-00-00-00-01'
   Attribute 12 (Framed-MTU) length=6
      Value: 1400
   Attribute 61 (NAS-Port-Type) length=6
      Value: 19
   Attribute 6 (Service-Type) length=6
      Value: 2
   Attribute 77 (Connect-Info) length=24
      Value: 'CONNECT 11Mbps 802.11b'
   Attribute 79 (EAP-Message) length=8
      Value: 028c00060d00
   Attribute 24 (State) length=18
      Value: c3766526c6fa680cfcfe39c092ffd9b8
   Attribute 80 (Message-Authenticator) length=18
      Value: 1cd8026f64ba525135b3e3c877d6d0d9
Next RADIUS client retransmit in 3 seconds
EAPOL: SUPP_BE entering state RECEIVE
Received 169 bytes from RADIUS server
Received RADIUS message
RADIUS message: code=2 (Access-Accept) identifier=13 length=169
   Attribute 26 (Vendor-Specific) length=58
      Value: 000001371134b57bbf07fb1872fbb96aeadae01184ddd9039107c8edfa57e8edd69ada90eda472b4892dc54dd01cbdf830f9e06f4309d78c
   Attribute 26 (Vendor-Specific) length=58
      Value: 000001371034bed03d4ef24549a72cb834f43d1b2e168c62f52f8894c49636b06b0a427d61f5f90dc92ba76c24460abf34eecc2dd4f0a69f
   Attribute 79 (EAP-Message) length=6
      Value: 038c0004
   Attribute 80 (Message-Authenticator) length=18
      Value: e688a58523ffebb173d4b04ec941d85c
   Attribute 1 (User-Name) length=9
      Value: 'testing'
STA 02:00:00:00:00:01: Received RADIUS packet matched with a pending request, round trip time 0.00 sec

RADIUS packet matching with station
MS-MPPE-Send-Key (sign) - hexdump(len=32): e4 0e 25 20 df 13 22 7d 43 b4 27 9b a9 bf 78 59 33 46 d7 09 c2 bc e3 2c d8 35 e4 a0 09 65 cd c5
MS-MPPE-Recv-Key (crypt) - hexdump(len=32): 83 b4 cd a5 f8 56 78 2c 47 74 ba 05 f8 1a 94 09 16 ee c2 e2 a4 d6 27 2b db 56 a6 ae 16 b7 8b 3d
decapsulated EAP packet (code=3 id=140 len=4) from RADIUS server: EAP Success
EAPOL: Received EAP-Packet frame
EAPOL: SUPP_BE entering state REQUEST
EAPOL: getSuppRsp
EAP: EAP entering state RECEIVED
EAP: Received EAP-Success
EAP: Status notification: completion (param=success)
EAP: EAP entering state SUCCESS
CTRL-EVENT-EAP-SUCCESS EAP authentication completed successfully
EAPOL: SUPP_PAE entering state AUTHENTICATED
EAPOL: SUPP_BE entering state RECEIVE
EAPOL: SUPP_BE entering state SUCCESS
EAPOL: SUPP_BE entering state IDLE
eapol_sm_cb: result=1
eloop_run...
after eloop_cancel_timeout...
EAPOL: Successfully fetched key (len=32)
PMK from EAPOL - hexdump(len=32): 83 b4 cd a5 f8 56 78 2c 47 74 ba 05 f8 1a 94 09 16 ee c2 e2 a4 d6 27 2b db 56 a6 ae 16 b7 8b 3d
No EAP-Key-Name received from server
WPA: Clear old PMK and PTK
EAP: deinitialize previously used EAP method (13, TLS) at EAP deinit
test_eapol_clean
eap_peer_unregister_methods
eloop_destroy
MPPE keys OK: 2  mismatch: 0
SUCCESS
os_program_deinit
#

至此,关于eap-tls的一次完整测试暂告一段落。

Logo

开放原子开发者工作坊旨在鼓励更多人参与开源活动,与志同道合的开发者们相互交流开发经验、分享开发心得、获取前沿技术趋势。工作坊有多种形式的开发者活动,如meetup、训练营等,主打技术交流,干货满满,真诚地邀请各位开发者共同参与!

更多推荐