Held State after a Authentication Fail. Help to understand this state.

Douglas Diniz dgdiniz
Tue May 13 18:13:39 PDT 2008


Right.... Thanks

On Tue, May 13, 2008 at 9:34 PM, Jouni Malinen <j at w1.fi> wrote:

> On Tue, May 13, 2008 at 05:20:06PM -0300, Douglas Diniz wrote:
>
> > But if when hostap receive the first response identity, send it to
> radius
> > server and wait for server response before receive the second response
> > identity? This second response identity will also be sent to radius
> server?
> > Sorry for this questions, I should search this myself on the state
> machine.
>
> Authenticator (hostapd) is waiting for a single EAP Identifier in a
> response (the one that matches the Identifier used in the last
> transmitted EAP Request). If the sequence here would indeed make hostapd
> wait for the response from the authentication server before receiving
> the second response identity, the challenge received from the
> authentication server would have already been sent out to the supplicant
> when the second identity response is received. Consequently, the second
> identity response would not have a match EAP Identifier and it would be
> dropped, i.e., it would not be sent to the authentication server.
>
> --
> Jouni Malinen                                            PGP id EFC895FA
> _______________________________________________
> HostAP mailing list
> HostAP at lists.shmoo.com
> http://lists.shmoo.com/mailman/listinfo/hostap
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.shmoo.com/pipermail/hostap/attachments/20080513/faa49fe5/attachment.htm 



More information about the Hostap mailing list