Re: EAP TLS - Hostapd

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Wed, Apr 10, 2024 at 01:55:47PM -0400, Alan DeKok wrote:
> On Apr 10, 2024, at 12:11 PM, Satya Prakash Prasad <satyaprakash.developer.unix@xxxxxxxxx> wrote:
> > Many thanks for the information as provided. Yes we are trying data
> > in-between server and peer after the secure connection is
> > established..
> 
>   This is more of a protocol question than a hostap question.
> 
>   EAP-TLS does not support sending data inside of the TLS tunnel.
> 
>   You might be able to send some data inside of a TTLS tunnel, but that is very limited.  EAP-TLS, TTLS, etc. are not designed as general-purpose transport protocols.
> 
>   Perhaps you could describe what data you need to send, and why.
> 
>   Alan DeKok.

Satya has not previously written *anything* with hostap code,
and has not previously written *anything* with mbedtls.

Satya is an undergraduate student and their questions appear to
be part of a group project.

> On Wed, Mar 27, 2024 at 09:35:15PM +0530, Satya Prakash Prasad wrote:
> > I am an IT student doing this project to gain knowledge and experience.on
> > Arduino Arm board.

**
** Please do continue to help them if you like!
**

After sending a personal email to me, I asked for more info.
Satya provided this:

> On Tue, Mar 26, 2024 at 19:45:35PM +0530, Satya Prakash Prasad wrote:
> We are building EAP functionality / feature using MBedTLS into our embedded
> device so there is no concept of process - it's just FreeRTOS running in it
> Our device will act as a peer / client device where any authorized
> supplicant / other device can connect to access our device information.
> 
> So we are running EAP as in a thread and on a connection we need to
> authorize the connection to allow access to our device parameters.

Whether naivety or not, I felt they displayed little respect for the
**time** of the professionals to which the questions have been sent.
(Case in point, I am providing the context to this thread, which they
failed to do, even after having failed to do the same when contacting
me privately two weeks ago.)

After I pointed Satya to tls_init() description in
hostap/src/crypto/tls.h:

> > > On Wed, Mar 27, 2024 at 02:44:14PM +0530, Satya Prakash Prasad wrote:
> > > > Hi Glenn,
> > > >
> > > > Many thanks for your prompt reply and indeed this is my first effort in
> > > > programming with MbedTLS and EAP modules.
> > > >
> > > > As rightly stated I am not able to understand the description of the
> > > > interface for tls_init() and have no relationship with prplfoundation -
> > > > it's just that for an embedded product being developed as part of
> > > > undergraduate program project we are planning to integrate EAP TLS
> > > > functionality using third party's code available.
> > > >
> > > > Hence I also do not have much idea on mbedtls_ssl_context either but need
> > > > to self educate on the same. Can you please help us how to start and
> > > > understand each API description / implementation?
> > > >
> > > > Please guide us accordingly.
> > > >
> > > > Thanks in advance and please let me know incase of any issues or concerns.
> > > >
> > > > Regards,
> > > > Prakash

_______________________________________________
Hostap mailing list
Hostap@xxxxxxxxxxxxxxxxxxx
http://lists.infradead.org/mailman/listinfo/hostap



[Index of Archives]     [Linux Wireless]     [Linux Kernel]     [ATH6KL]     [Linux Bluetooth]     [Linux Netdev]     [Kernel Newbies]     [IDE]     [Security]     [Git]     [Netfilter]     [Bugtraq]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Linux ATA RAID]     [Samba]     [Device Mapper]

  Powered by Linux