Re: Starting EAP sequence

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Thanks Alan!

That does make sense indeed. I'll try to use eapol_supp for better handling of the EAPOL layer on top of EAP. I hope this code can be used with just the code I ported for the EAP library to compile.

Is there any documentation explaining what all the context parameters do (see test_eapol function in eapol_test.c), which are required and for which functionality etc? All I need is to implement an EAPOL client with certificates, so no WPA/WEP or any of the wireless stuff.

I'll come back with more questions probably, thanks for pointing me in the right direction!

Regards,

Michel Verhagen
Microsoft eMVP

 GuruCE Limited
 Microsoft Embedded Partner
 NXP Gold Partner
 https://guruce.com
 240 Ohiwa Harbour Road
 RD2
 Opotiki, 3198
 New Zealand
 Ph.  +64 (0)7  929 5807
 Mob. +64 (0)21 104 6208


 CONFIDENTIALITY NOTICE: The information contained in this message and attachments, if any, is confidential and is
 intended solely for the use of the individual or entity to whom it is addressed. You should not copy, disclose or
 distribute this communication without the authority of GuruCE Ltd. GuruCE Ltd. is neither liable for the proper and
 complete transmission of the information contained in this communication nor for any delay in its receipt. GuruCE Ltd.
 does not guarantee that the integrity of this communication has been maintained nor that the communication is free of
 viruses, interceptions or interference. If you are not the intended recipient of this communication please return the
 communication to the sender and delete and destroy all copies. If you are not the intended recipient, you are hereby
 notified that any use, dissemination, copying, or storage of this message or its attachments is strictly prohibited.

On 12/03/2021 01:23, Alan DeKok wrote:
On Mar 10, 2021, at 11:56 PM, Michel Verhagen <mike@xxxxxxxxxx> wrote:
I'm using the EAP library to implement EAPOL on an embedded device. Got it to go, with EAP-MD5 and EAP-TTLS and certificates, so all good. However, I'm trying to get the library to prepare me an EAPOL START packet. I'd like to initiate the start of the EAP handshake, because depending on the settings of the authenticator, it can take a long time before the EAP handshake sequence is initiated.
   I haven't used the library myself, but the problem, here is likely layering.

   i.e. you're using an EAP library.  EAP runs on EAPoL, PPP, PANA, RADIUS, Diameter, ..., where the library just does EAP.

   EAPoL is managed by the IEEE 802.1X state machine.  Which uses EAP, but isn't part of the EAP library.

I thought setting _eap_ctx.eapRestart to 1 (true) or even eapTriggerStart to 1 and calling eap_peer_step would get me the packet data to send, but I can't see eapTriggerStart used anywhere in the code.
   See src/eapol_supp/eapol_supp_sm.c, which runs the EAPoL supplicant state machine.  It checks eapTriggerStart, and ends up calling eapol_sm_txStart().

Does anybody know how to get the EAP library to prepare an EAP Start packet?
   You can't.  EAP isn't the same as the Ethernet layer EAPoL state machine.

I can of course prepare and send that packet myself, but it looks like the EAP library should be able to do this as well...
   No.  The EAP library does EAP.  The 802.1X / supplicant state machine does Ethernet, and EAPoL.

   Alan DeKok.



_______________________________________________
Hostap mailing list
Hostap@xxxxxxxxxxxxxxxxxxx
http://lists.infradead.org/mailman/listinfo/hostap



[Index of Archives]     [Linux Wireless]     [Linux Kernel]     [ATH6KL]     [Linux Bluetooth]     [Linux Netdev]     [Kernel Newbies]     [IDE]     [Security]     [Git]     [Netfilter]     [Bugtraq]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Linux ATA RAID]     [Samba]     [Device Mapper]

  Powered by Linux