NAI on reconnection
khali3620 at gmail.com
Sun Aug 10 05:27:35 EDT 2014
I was referring to the EAP-Response/Identity message.
You are right about forwarding the Radius messages, so instead I think I
would try to use sessid+abc at example.com instead. So that the radius proxies
in the middle can still work well.
IS the get_identity() only called for re-authentication?
On Sun, Aug 10, 2014 at 12:19 PM, Jouni Malinen <j at w1.fi> wrote:
> On Sun, Aug 10, 2014 at 11:47:38AM +0300, khali singh wrote:
> > The SessID need not be stored over restarts. What I was hoping is that
> > first time I use the NAI as abc at example.com but for reauthentication I
> > abc at example.com+sessid.
> > Should this be supplied in the init_for_reauth() method somehow?
> Which EAP message are you talking about? Registering init_for_reauth()
> allows you to maintain EAP method state so that you can build the
> identity with the session id in the next run. If you want the
> alternative form of identity in EAP-Response/Identity message, then
> you can use the get_identity() callback for it (i.e., generate that
> identity with sessid in that callback of the EAP method implementation).
> Though, I'd recommend using proper NAI rather than an NAI with extra
> information added to its end for the EAP-Response/Identity message since
> that string gets used for forwarding the RADIUS (etc.) messages.
> Jouni Malinen PGP id EFC895FA
> HostAP mailing list
> HostAP at lists.shmoo.com
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the HostAP