Radius DAS won't work
j at w1.fi
Thu Feb 20 08:04:59 EST 2014
On Thu, Feb 20, 2014 at 10:43:29AM +0100, Robert Plestenjak wrote:
> PMKSA cache may not be acting properly. After it receives disconnect-message, connection is broken but then it accepts client by authenticating it with data from cache.
> Hostapd should probably ignore cached identity data in case of disconnect-message?
Agreed. PMKSA cache entry should have been removed when processing
Disconnect-Request. This is now implemented in the development tree. By
the way, there is also support for NAS identification attributes, so it
should be fine to include NAS-IP-Address as well.
Jouni Malinen PGP id EFC895FA
More information about the HostAP