Check for identifier in EAP-PEAP phase-2
paul peterson
paul.petersn
Fri Sep 24 11:49:01 PDT 2010
Hi,
I'm trying to perform EAP-PEAPv1 authentication using Juniper SBR. I have
EAP-GTC disabled in wpa_supplicant, so in phase-2 when wpa_supp receives
EAP-GTC proposal, it sends legacy NAK with method MSCHAPv2. In response SBR
sends a new proposal for MSCHAPv2 but with same identifier value as in the
last EAP frame. I see wpa_supplicant does not have any check to see if the
identifier value matches with the one in the last frame received during the
EAP-PEAP second stage. Is this correct to skip the check ?
- Paul
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.shmoo.com/pipermail/hostap/attachments/20100925/bef6c532/attachment.htm
More information about the Hostap
mailing list