EAP TLS
Satya Prakash Prasad
satyaprakash.developer.unix at gmail.com
Wed Feb 21 22:08:16 PST 2024
Hi,
This is my first email and at onset I am sorry cause my question is
rel;ated to understanding and fixing an issue for a 3rd party code
integration for EAP TLS feature. Below are the 3rd Party code repos in
concern:
https://github.com/prplfoundation/hostap [Hostapd]
https://github.com/Mbed-TLS/mbedtls [MBed TLs]
I was unable to get any details from the 3rd party Hostapd community
hence emailing you.
Please refer to the Hostapd peer code implementation as provided in
the link below:
https://github.com/prplfoundation/hostap/blob/master/eap_example/eap_example.c
https://github.com/prplfoundation/hostap/blob/master/eap_example/eap_example_peer.c
The main function code snippet is provided below:
https://github.com/prplfoundation/hostap/blob/master/eap_example/eap_example.c
do {
printf("---[ server ]--------------------------------\n");
res_s = eap_example_server_step();
printf("---[ peer ]----------------------------------\n");
res_p = eap_example_peer_step();
} while (res_s || res_p);
Since we are implementing code for peers hence we have removed the
server step. Now we need to keep monitoring for new connections and
act accordingly we have modified the code to something like below -
the intention is to handle in cases of failures
do {
res_p = eap_example_peer_step();
if (eap_ctx.eapNoResp || eap_ctx.eapFail) {
eap_client_peer_deinit();
eap_client_peer_init();
}
} while (1);
Such that the loop iterates for new connections and in case of
failure, re-initialization is required. Is my understanding correct?
The issue I am facing is that the client peer deinit method is not
releasing all memory allocated during eap_example_peer_step() function
processing the EAP TLS server request . I may be wrong but is the
existing implementation correct - I mean is the above code
implementation for failures scenarios correct?
Thanks in advance.
Regards,
Prakash
More information about the Hostap
mailing list