Just to note that this patch should be considered in conjunction with the subsequent, dependent patch that adds an Acct-Session-Id to Accounting-On and Accounting-Off, which the RFC mandates must be present. The RADIUS RFC shows its age and does not demand global and temporal uniqueness for its session ids but this is something that can and should be done by RADIUS clients as these are opaque tokens. There is no reason not to do this, and there are many reasons why this should be done. RFC 3580 is also in error in its suggested construction for the Acct-Multi-Session-Id as it is possible to get duplicate values when NTP sync has not occurred. Its recommendation should not be followed as it is bad practice. Nick _______________________________________________ Hostap mailing list Hostap@xxxxxxxxxxxxxxxxxxx http://lists.infradead.org/mailman/listinfo/hostap