Initiating supplicant connections

khali singh khali3620 at gmail.com
Thu Feb 11 06:42:17 PST 2016 

Hi Dan

Thanks a lot for your response.

You are right. This is a sort of layer/stack violation. And perhaps
what I am trying to achieve is probably something similar to WPS (I am
not an expert, as you can probably tell). I want to opportunistically
try connecting with different APs around me.  This is because my
supplicant does not have possibility of user selecting the SSID (and
you can't always rely on the user to choose correctly).

In this opportunistic connection, the server may ask supplicant to
backoff for a while (not bother it/ddos) by sending EAP response
containing x number of seconds for which at minimum the supplicant
should back off, followed by EAP failure. I don't want to blacklist an
Access point/server because of an EAP failure. Instead I want to
sequentially try all AP/server that support's my home-brewed EAP
method in a round robin fashion until one of them results in
EAP-Success. an AP/server can send infinite if it doesn't want to see
the supplicant again.

So, what I am essentially asking is, how can my EAP method inform the
supplicant when it should try connection with this AP/server again? I
was hoping that there could be a file/database of SSID and timer after
which next eapol message is sent by the supplicant to an AP.

Hope I am not speaking total gibberish? But feel free to shoot me
down. I am just a wifi security hobbyist who wants to try out a new
project.

Yours Sincerely
Khali singh

On Wed, Feb 10, 2016 at 5:12 PM, Dan Williams <dcbw at redhat.com> wrote:
> On Wed, 2016-02-10 at 14:12 +0200, khali singh wrote:
>> Hi Jouni and team
>>
>> It would be great if one of you could answer this.
>>
>> Is there a way for an EAP method to register an event? This event
>> should trigger after x number of seconds and make the supplicant try
>> connection with a particular SSID/BSSID again.
>
> That actually seems like a pretty big layering violation (though
> eap_wsc.c is somewhat guilty of this).  Why is the EAP method involved
> in SSID selection?  EAP methods are usually just authentication code
> run after the SSID/BSSID has already been selected, associated with,
> and that specific EAP method has been negotiated via 802.1x.
>
> Though I have no idea what you're actually trying to do, it seems like
> what you want is to tell the supplicant to clear the blacklist after an
> EAP failure, so that it will retry the connection to the SSID/BSSID and
> your EAP method will run again.  That can be accomplished through
> wpa_cli, the D-Bus interface, or the other control interfaces.
>
> Could you describe a bit more what needs to happen, and then perhaps we
> can figure out a cleaner way of doing that?
>
> Dan
>
>> I could update the .conf file from the eap method to specify which
>> SSID/BSSID should be used the next time, but how can the EAP method
>> provide hints to the remaining supplicant software what and when
>> should it do next.
>>
>> Pardon me if my questions are (a bit) stupid. But it would be great
>> help if you could tell me the relevant supplicant files that I should
>> look at; to understand how and when does the supplicant try
>> connecting
>> again.
>>
>> I don't want the userspace application to kill and start
>> wpa_supplicant every time. Instead the user should just start it once
>> and let the supplicant do its magic.
>>
>> Thanks
>>
>> On Sun, Feb 7, 2016 at 12:02 PM, khali singh <khali3620 at gmail.com>
>> wrote:
>> > Hi team
>> >
>> > Is there a way for an EAP method to register an event? This event
>> > should trigger after x number of seconds and make the supplicant
>> > try
>> > connection with a particular SSID/BSSID again.
>> >
>> > I could update the .conf file from the eap method to specify which
>> > SSID/BSSID should be used the next time, but how can the EAP method
>> > provide hints to the remaining supplicant software what and when
>> > should it do next.
>> >
>> > Pardon me if my questions are (a bit) stupid. But it would be great
>> > help if you could tell me the relevant supplicant files that I
>> > should
>> > look at; to understand how and when does the supplicant try
>> > connecting
>> > again.
>> >
>> > I don't want the userspace application to kill and start
>> > wpa_supplicant every time. Instead the user should just start it
>> > once
>> > and let the supplicant do its magic.
>> >
>> > Thanks
>> > Khali Singh
>>
>> _______________________________________________
>> Hostap mailing list
>> Hostap at lists.infradead.org
>> http://lists.infradead.org/mailman/listinfo/hostap

More information about the Hostap mailing list