wpa_supplicant and hostapd support for WiMAX authentication

Jouni Malinen j
Thu Mar 22 19:58:28 PDT 2007

On Thu, Mar 22, 2007 at 07:11:11PM +0800, Macpaul Lin wrote:

> And I'm kicking start to implement/modify wpa_supplicant/hostapd for some of
> WiMAX solution's authentication part.
> I've found that WiMAX dosen't support EAPOL header in 802.16e spec.

Yes, WiMAX uses its own mechanism for tunneling EAP authentication
instead of using IEEE 802.1X like IEEE 802.11 is.

> I've already wrote a driver interface to RX/TX raw packet for some WiMAX
> solution.
> And successfully inserted some interface to some WiMAX solution.
> But now I need to takeoff EAPOL header from wpa_supplicant/hostapd.
> Is there any way to disable or strip EAPOL header off to make
> wpa_supplicant/hostapd support some WiMAX sulotion's authentication process?
> Is any state machine or RX handling function need to be modified since it
> seems EAPOL is hard implemented into the core of wpa_supplicant/hostapd.

In general, there are two options for using code from
wpa_supplicant/hostapd with WiMAX. One option is to just use the EAP
server/peer implementation and implement the WiMAX-specific parts on top
of that. The other option would be to replace the EAPOL state machine
implementation and the related interfaces, i.e., eapol_sm.c (and also
ieee802_1x.c in case of hostapd). I'm aware of at least couple of
designs that have done something along these lines for WiMAX use.

The interface from IEEE 802.1X/EAPOL state machines is hardcoded, but
the implementation of the state machine can be modified. Which way to go
here would depend on the design used in rest of the software that is
used for WiMAX support.

> I hope there is a chance that wpa_supplicant/hostapd may support EAPOL
> sublayer as a configurable feature for more flexible integration.

Strictly speaking, wpa_supplicant/hostapd does not have this support,
but some of the components used in these programs may allow this do be
done relatively easily. As an example, eapol_test.c shows how EAP peer
implementation can be linked directly to RADIUS client to allow EAP
negotiation to be tested without having to use IEEE 802.1X/EAPOL frame

So far, all the WiMAX changes for hostapd/wpa_supplicant has been done
in quite closed projects and there is unfortunately no publicly
available source code for this as far as I know. I would be interested
in helping to make wpa_supplicant/hostapd more suitable for this kind of
use if someone is willing to do this openly (i.e., end results would be
open sourced). I don't have any WiMAX hardware/drivers, so I haven't had
much personal need or interest in working on this area, but that can be
easily changed by making such things available ;-).
Jouni Malinen                                            PGP id EFC895FA

More information about the Hostap mailing list