reauth-problem with WPA2-tls
Alan DeKok
aland at deployingradius.com
Sat Jun 5 07:30:06 CEST 2010
Andreas Hartmann wrote:
> well, I thought about the problem with reauth: Why must there be passwords
> in the session?
There shouldn't be passwords in the session. There should be a *name*
in the session.
> That's why it shouldn't be necessary to have these Keys in the Session or
> in the response (the client didn't send any password, too).
>
> At the moment of adding the Password to the session, the handshake has been done already.
I have no idea why you think it's adding passwords to the session.
It's not.
> Therefore, I did the following change (-> for testing only!!!!
> This should be used only with EAP/tls for testing - no warranty!):
That change removes the fix added in 2.1.8. It *will* break your system.
Alan DeKok.
More information about the Freeradius-Users
mailing list