[PATCH] Do not send a NAS-Port attribute in Access-Request and Accounting-Request RADIUS packets as the association id is likely to always be 0.
Jouni Malinen
j at w1.fi
Mon Aug 8 09:11:23 PDT 2016
On Mon, Aug 08, 2016 at 01:51:49PM +0100, Nick Lowe wrote:
> It is because the value is not conceptually available where auth takes
> place before assoc.
>
> https://tools.ietf.org/html/rfc3580#section-3.4
>
> "Where IEEE 802.1X authentication occurs prior to association, a
> unique NAS-Port value may not be available."
>
> hostapd always sends a value of 0 in this scenario.
Sure, but that is not the case for most of IEEE 802.11 uses since EAP
authentication happens after association for WPA2-Enterprise and same
for IEEE 802.1X open/WEP cases. It is only RSN pre-authentication where
association id would not be available since there is no association at
all.
--
Jouni Malinen PGP id EFC895FA
More information about the Hostap
mailing list