Possibility of bypassing hostapd's "Radius Client"

Jouni Malinen j
Mon Sep 19 09:46:51 PDT 2011


On Mon, Sep 19, 2011 at 07:18:23PM +0530, uday kiran wrote:
> I am using one application which runs RADIUS client and IEEE 802.1x EAPOL
> authenticator. I am using this application to authenticate the "wired" users
> connected to ethernet ports . At the same time , i want to run hostapd to
> authenticate the "wi-fi" users too ( I have wired and wi-fi ports on my
> machine).
> 
> I want to avoid the redundency of running two RADIUS clients and two EAPOL
> authenticators ( Just came to know that my application also got one EAPOL
> authenticator).

How much do you want to avoid that redundancy? Like I mentioned, there
should be no problems in running two RADIUS clients on the same host and
as such, you should be able to already use the design as-is..

> Hence I want to detach that part of hostapd , so that I can use my
> application's RADIUS client and EAPOL code  for authenticating both wired
> and wireless users.
> 
> Is that a good approach ? Awaiting your comments ?

Depends on how much you are interested in doing additional work in
hostapd to make it possible to use another RADIUS client. I don't see
enough justification for doing that, but you are obviously free to go
through that exercise if you think it is needed.

-- 
Jouni Malinen                                            PGP id EFC895FA



More information about the Hostap mailing list