EAP authentication timeout
Morten Brørup
mb at smartsharesystems.com
Wed Jan 11 01:40:07 PST 2023
> From: Hostap [mailto:hostap-bounces at lists.infradead.org] On Behalf Of
> Matthew Wang
>
> Hi all,
>
> Does anyone have context on the 70 second timeout for EAP
> authentication? Specifically, this snippet of code in
> wpa_supplicant_rx_eapol:
>
> if (wpa_key_mgmt_wpa_ieee8021x(wpa_s->key_mgmt) ||
> wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA ||
> wpa_s->key_mgmt == WPA_KEY_MGMT_WPS) {
> /* Use longer timeout for IEEE 802.1X/EAP */
> timeout = 70;
> }
>
> This seems like an egregiously long timeout, and it looks to be
> untouched since before 2008. Is this something that folks would be
> interested in changing? Any thoughts for or against?
>
> Thanks!
> Matthew
I'm not familiar with the context here.
However, I can mention that VSAT (satellite based) links can expose a round trip time in the order of 60 seconds under extreme conditions, so it might be related to RADIUS communication across VSAT links?
-Morten
More information about the Hostap
mailing list