EAP-TLS - Authentication succeeds with in-correct "private_key_passwd"

saurav barik saurav.barik at gmail.com
Thu Oct 7 14:59:35 EDT 2010


Yes, logoff followed by logon also skips reauth. I tried forcing a
reauth using eapol_sm_request_reauth() in "logon" path. Still it does
not reauth. I am wandering whether it should be considered as a
known-issue in wpa_supplicant or is this behavior acceptable. I
believe wpa_supplicant should reauthenticate if there is a change in
EAP-TLS related config. Should I flush PMKSA caching in logon path as
well? Is there any command-line config option(from wpa_cli) for it?

Please advise.

Thanks,
Saurav

On Tue, Oct 5, 2010 at 11:58 PM, Jouni Malinen <j at w1.fi> wrote:
> On Tue, Oct 05, 2010 at 06:40:59PM +0530, saurav barik wrote:
>> Is there any way to trigger a forced reauthentication from a running
>> wpa_supplicant? wpa_cli config options does not have it.
>
> When using IEEE 802.1X/EAP, logoff follow by logon would do this without
> reassociation and reassociate will do this in all security modes
> (though, PMKSA caching may be used to skip EAP authentication in that
> case).
>
> --
> Jouni Malinen                                            PGP id EFC895FA
> _______________________________________________
> HostAP mailing list
> HostAP at lists.shmoo.com
> http://lists.shmoo.com/mailman/listinfo/hostap
>


More information about the HostAP mailing list