NAI on reconnection
khali singh
khali3620
Sun Aug 10 02:27:35 PDT 2014
I was referring to the EAP-Response/Identity message.
You are right about forwarding the Radius messages, so instead I think I
would try to use sessid+abc at example.com instead. So that the radius proxies
in the middle can still work well.
IS the get_identity() only called for re-authentication?
Thanks!
On Sun, Aug 10, 2014 at 12:19 PM, Jouni Malinen <j at w1.fi> wrote:
> On Sun, Aug 10, 2014 at 11:47:38AM +0300, khali singh wrote:
> > The SessID need not be stored over restarts. What I was hoping is that
> the
> > first time I use the NAI as abc at example.com but for reauthentication I
> use
> > abc at example.com+sessid.
> >
> > Should this be supplied in the init_for_reauth() method somehow?
>
> Which EAP message are you talking about? Registering init_for_reauth()
> allows you to maintain EAP method state so that you can build the
> identity with the session id in the next run. If you want the
> alternative form of identity in EAP-Response/Identity message, then
> you can use the get_identity() callback for it (i.e., generate that
> identity with sessid in that callback of the EAP method implementation).
> Though, I'd recommend using proper NAI rather than an NAI with extra
> information added to its end for the EAP-Response/Identity message since
> that string gets used for forwarding the RADIUS (etc.) messages.
>
> --
> Jouni Malinen PGP id EFC895FA
> _______________________________________________
> HostAP mailing list
> HostAP at lists.shmoo.com
> http://lists.shmoo.com/mailman/listinfo/hostap
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.shmoo.com/pipermail/hostap/attachments/20140810/774462ac/attachment.htm>
More information about the Hostap
mailing list