On 2016/10/05 15:30, David Coppa wrote: > On Wed, Oct 5, 2016 at 3:13 PM, Stuart Henderson <s...@spacehopper.org> wrote: > > > This is a workaround for an OpenSSL bug affecting EAP-FAST. > > > > https://mta.openssl.org/pipermail/openssl-dev/2015-July/002191.html > > So it's not needed, I suppose. > > Thanks! > David >
I think it probably is needed - the fork pre-dates that fix, and while some of ssl23_client_hello() was rewritten it does still wait until the serverhello before creating the session.
