Check for identifier in EAP-PEAP phase-2
paul.petersn at gmail.com
Fri Sep 24 14:49:01 EDT 2010
I'm trying to perform EAP-PEAPv1 authentication using Juniper SBR. I have
EAP-GTC disabled in wpa_supplicant, so in phase-2 when wpa_supp receives
EAP-GTC proposal, it sends legacy NAK with method MSCHAPv2. In response SBR
sends a new proposal for MSCHAPv2 but with same identifier value as in the
last EAP frame. I see wpa_supplicant does not have any check to see if the
identifier value matches with the one in the last frame received during the
EAP-PEAP second stage. Is this correct to skip the check ?
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the HostAP