Radius server retry with different secret

Nicolas Goy kuon at goyman.com
Mon Aug 3 00:20:32 EDT 2020

(sorry for half message, I hit send by mistake)


I am trying to implement a radius client, but I have an issue with server failover.

I based my code on radius_example.c, and in this example, the auth message is build and sent only once.

Now, if all failover servers have the same shared_secret, the failover works, but if they don't, the auth message needs to be rebuilt.

In radius_client.c, there is a note about that:

		/* Pending RADIUS packets used different shared secret, so
		 * they need to be modified. Update accounting message
		 * authenticators here. Authentication messages are removed
		 * since they would require more changes and the new RADIUS
		 * server may not be prepared to receive them anyway due to
		 * missing state information. Client will likely retry
		 * authentication, so this should not be an issue. */

Now my question is: how can I be notified in my code that this occurred and that I need to rebuild the message and recall radius_client_send ?


Nicolas Goy


Goyman SA

More information about the Hostap mailing list