[PATCH] Do not send a NAS-Port attribute in Access-Request and Accounting-Request RADIUS packets as the association id is likely to always be 0.

Jouni Malinen j at w1.fi
Mon Aug 8 09:11:23 PDT 2016


On Mon, Aug 08, 2016 at 01:51:49PM +0100, Nick Lowe wrote:
> It is because the value is not conceptually available where auth takes
> place before assoc.
> 
> https://tools.ietf.org/html/rfc3580#section-3.4
> 
> "Where IEEE 802.1X authentication occurs prior to association, a
> unique NAS-Port value may not be available."
> 
> hostapd always sends a value of 0 in this scenario.

Sure, but that is not the case for most of IEEE 802.11 uses since EAP
authentication happens after association for WPA2-Enterprise and same
for IEEE 802.1X open/WEP cases. It is only RSN pre-authentication where
association id would not be available since there is no association at
all.

-- 
Jouni Malinen                                            PGP id EFC895FA



More information about the Hostap mailing list