The RFC says that challenges in the tunneled layer are allowed in TTLS-PAP. https://tools.ietf.org/html/rfc5281#section-11.2.5 But the code comments seem to indicate otherwise. From eap_peer/eap_ttls.c: /* EAP-TTLS/{MSCHAP,PAP,CHAP} should not send any TLS tunneled * requests to the supplicant */ Does wpa_supplicant support PAP challenges over TTLS-PAP? If yes, how do I detect this? If no, is there a plan to add support for this? Thanks. Shriram | -----Original Message----- | From: Shriram Jandhyala | Sent: Thursday, January 11, 2018 7:52 PM | To: 'hostap@xxxxxxxxxxxxxxxxxxx' <hostap@xxxxxxxxxxxxxxxxxxx> | Subject: EAP-TTLS with PAP | | Hi, | | I'm trying to use EAP-TTLS with PAP to authenticate to an RSA server. | When the RSA server issues a user challenge to change PIN, I do not see this | request, and the auth times out. | When I connect to the same server using PEAP-GTC, I get the | eap_param_needed() with fld=WPA_CTRL_REQ_EAP_OTP, and | txt="message from server". | Does the wpa_supplicant support inner challenges over EAP-TTLS? And, if it | does, how do I detect this? | | Thanks. | Shriram _______________________________________________ Hostap mailing list Hostap@xxxxxxxxxxxxxxxxxxx http://lists.infradead.org/mailman/listinfo/hostap
