[Madwifi-devel] hostapd support for madwifi

Paul Stewart stewart
Fri May 14 17:28:12 PDT 2004 

I'd like to use the Atheros chipset in a master mode that performs  
802.1x authentication.  Although hostapd is currently targeted only at  
the hostap driver, I think the problem of making it more generic is not  
insurmountable.  Are there other folks interested/actively involved in  
this effort?  I don't want to duplicate effort or end up with something  
that won't ever get picked up if I venture into doing.

As far as I can tell, the 802.1x subsystem of hostapd depends on the  
hostap driver for only a few non-standard features.  There's a lot of  
room in hostapd to change the API to driver.c into something that's  
more hardware neutral.  Apart from a couple wierd calls the WPA code  
uses, there are calls for enabling "HOSTAPD mode" and tuning 802.1x  
mode on, on and off per-station encryption, and toggling host-based  
encryption.

It makes sense (to me) to implement versions of the following  
functionality for madwifi:

 - Per-client "authorized" flag, instead of (what appears to
   be) M_HOSTAP authorizing all clients blindly.  This allows a fast
   path through the driver for forwarding frames from associated hosts.

 - Per-client keys.  This is implemented in HostAP by storing
   per-associated-client state in the driver containing each of the
   tx/rx keys.  Again, this is useful in order to provide fast-path
   bridging.  There are get/set commands through the PRISM API for per-
   host keys to be pushed/pulled from the driver There are individaul
   REMOVE_STA and FLUSH command to selectively or completely clean up
   this state.

 - The above implies encryption is done in software, that but that
   seems to be the current case with madwifi, modulo the current lack
   in flexibility in which keys to encrypt with.

 - Paths for sending raw frames to hostapd.  Specifically, PAE,
   management, and "To DS" frames from non-associated/unknown stations.
   The code in ath_rx_capture() is pretty close to what's needed.

 - Apart from a couple wierd calls the WPA code uses, there are calls
   for enabling "HOSTAPD mode" and tuning 802.1x mode on (mainly
   providing the functionality above) turning on and off per-station
   encryption, and toggling host-based encryption.

I'm fishing for reactions..

--
Paul




-------------------------------------------------------
This SF.Net email is sponsored by: SourceForge.net Broadband
Sign-up now for SourceForge Broadband and get the fastest
6.0/768 connection for only $19.95/mo for the first 3 months!
http://ads.osdn.com/?ad_id%62&alloc_ida84&op=click
_______________________________________________
Madwifi-devel mailing list
Madwifi-devel at lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/madwifi-devel

More information about the Hostap mailing list