Michael Griego <[EMAIL PROTECTED]> wrote: > I'll take a look at the patch that gets submitted, but technically, the > HP client is correct per the RFCs. The EAP RFC simply says that the > sequence number must be "different". Only the EAP-TLS RFC states that > the sequence number must be numerically sequential.
LEAP isn't in an RFC. And so far as RADIUS & EAP interaction, no EAP variant other than LEAP sends an EAP "Request" packet to a RADIUS server. LEAP is implemented the way it is because it interoperates with Cisco clients, which behave in the expected way. HP does it differently... if they're interoperable with Cisco ACS, then I guess we should make the LEAP handling a little more forgiving. > Hmm... as per above, this may need to be looked at... Non-TLS EAP types > must be able to handle non-sequential sequences while the TLS-based EAP > types must be sequential to be RFC-compliant. I haven't seen any interoperability problems until now, so I'm hesitant to change the code. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
