Problem:Broadcasting Multicast key using EAPOL-Key message

[Krishna Prasanth P]

Hi

I am using latest hostap code and facing an issue while sending
multicast key to the Windows machine.

Setup :
      
   Supplicant : Windows XP(professional) using odyssey client manager
                Security is enabled through EAP-TLS, and dynamic keys.
   AccessPoint: Hostap code on intel platform.
   Authenitcation Server: Free RADIUS.

We are trying to generate our own keys using the session key generated
by the RADIUS Server and pass them to the supplicant to use further on.
When i first try to connect to the access point using the XP Odyssey
client manager, the keys are getting xchanged properly(both 
multicast and unicast, this we concluded by the traffic going on ).

After this if i try to reauthenticate(odyssey supports this, which will
only try to authenticate using 802.1x only, not 802.11 authentication),
the XP  is not accepting the keys. 
The keys which are generated on the AP for the supplicant are not
updated. (Odyssey indicates this).
We tried several combinations to isolate this problem which showed that,
sending multicast keys twice within the same session will result not
updation of unicast keys also on the XP.

If we block sending multicast keys not more than once, then the keys are
getting exchanged properly(unicast keys only). 
Another observation is if we try to start the session(right from the
802.11 authentication, 1x authentication), then the keys(unicast &
Broadcast) are proper.


Please let me know where we are wrong or what should be the
behaviour while using multicast keys.


Thanks in advance.....

regards
-prasanth