avoid EAP REQUEST ID

fbernal at um.es fbernal
Wed Mar 5 13:14:53 PST 2008 

Hi all, Jouni,

See inline,

Jouni Malinen <j at w1.fi> escribi???

> On Mon, Mar 03, 2008 at 06:33:56PM +0100, fbernal at um.es wrote:
>
>> I'm working with HOSTAP and I want to avoid the sending of the EAP
>> REQUEST ID message and to start directly with the first message of a
>> EAP METHOD. See the following example to clarify.
>
> Are you referring to "hostapd" with "HOSTAP"? Are you using the embedded
> EAP server implementation or an external RADIUS server?

Yes, I'm using hostapd and embedded EAP server is being used too.

>
>> message interchange in the EAP MD5 method.
>> 1) A-> P: eap request/id
>> 2) P->A: eap response/id
>> 3) A->P: eap-md5 request
>> 4) P->A: eap-md5 response
>> 5) A->P: eap success
>
>> The idea is remove messages 1 and 2 when the mobile node attaches to
>> the access point.
>
> While the change itself could be useful for some cases, EAP-MD5 is a bit
> odd example for this since it does not negotiate identity like some
> other EAP methods do.. How would the EAP-MD5 server know which identity
> is used here?

   EAP-MD5 was illustrated like an example. I'm writing my own EAP  
method and I'm interested in avoid the EAP REQUEST ID interchange. So,  
I register my method before EAP REQUEST ID METHOD and then EAP REQUEST  
ID is registered, I do this because if my method fails (EAP failure) I  
want start the EAP REQUEST ID method. Then, to performing this I have  
decided:

if (sm->identity == NULL || sm->currentId == -1) {
		*vendor = EAP_VENDOR_IETF;
		next = EAP_TYPE_IDENTITY;
		sm->update_user = TRUE;

To:
if (sm->identity == NULL || sm->currentId == -1) {
                 next = sm->user->methods[idx].method;
		sm->user_eap_method_index++;
                 if (next == EAP_TYPE_IDENTITY)
                      sm->update_user = TRUE;

Do you think that with this change EAP REQUEST IDENTITY should be  
selected if the first method fails?

Thank you,
Fernando.

>
> --
> Jouni Malinen                                            PGP id EFC895FA
> _______________________________________________
> HostAP mailing list
> HostAP at lists.shmoo.com
> http://lists.shmoo.com/mailman/listinfo/hostap
>

More information about the Hostap mailing list