[EMAIL PROTECTED] wrote: > 1) When the client doesn't respond, the AP will > dissassociate it 30 seconds after and end the > authentication procedure. During this time, FreeRADIUS > is sleeping So, I would like to know if there is a > sort of "garbage collector" which frees unfinished > authentications ?
Yes. > 2) My EAP module must return 0 or 1 to FreeRADIUS. If > it is 1, it siginifies that there is an EAP Request to > send. I tried to send an EAP Message with the code > equal to 5: FreeRADIUS detected correctly that the EAP > Code was invalid : it sent an Access-Reject but the > included EAP message was corrupted : 0x05050004 ! > Why not sending an EAP Failure in this case ? It looks like a bug. > 3) It seems that it's impossible to silently discard a > packet under FreeRADIUS ? The RFC's say you're not allowed to silently discard Access-Request packets. > In case of a client bad EAP Response, my EAP method > has to choose between two solutions : discard it > silently or re send the previous EAP Request. Which EAP method are you implementing? Why is this necessary? Note that you also have access to the previous EAP request. > 4) I succeeded to modify the EAP Identifier on the > client side, but I didn't arrive in my EAP module. It > seems that FreeRADIUS choses the EAP Identifier by > incrementing by one the previous sent EAP Identifier. > Is it really that ? Yes. Why do you need it different? Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
