802.1x and HostAP and Open1x
Rodney Thayer
rodney
Wed May 12 09:18:45 PDT 2004
We are running this at the iLabs demo at Networld+Interop.
It sort of works. Here's what we see:
1. PEAP doesn't work in HostAP [1] [2]
2. TTLS worked. Sort of. After the first iteration. It
sent only a broadcast key, no individual
key. We traced the code and slipped a 'sleep 3' into the
transmit function and it now sends individual keys but
only after the first negotiation round. So we think
there are two bugs - one in the packet transmitter, sort of
like it doesn't check the queue status and therefore
does two transmit attempts and only one gets through.
[1] We tested against Open1x. "we" is the Open1X team,
who do this sort of thing all the time, so we believe
we had appropriately skilled people testing this.
[2] In our opinion (Us being the iLabs team) MD5 is NEVER
an EAP method we would use, so we don't even try EAP-MD5.
This is 0.2.2 from the CVS tree. HostAP was running on a
Fedora Core 1 system with the 2.4.25 kernel.
SO...
Does this work for anyone else?
What version should we be using?
Would it be useful to provide the "sleep" kludge code?
Would it be useful to submit a packet trace?
More information about the Hostap
mailing list