wpa_supplicant and OTP

Shriram Jandhyala sjandhyala at paloaltonetworks.com
Wed Dec 13 15:35:39 PST 2017


I am using wpa_supplicant 2.6 to do EAPOL. I have built the wpa_supplicant code into my executable (static link) with no driver and control interface configured. I have enabled TLS 1.1 and TLS 1.2, EAP_TLS, EAP_TTLS, EAP_PEAP, ELOOP_EPOLL, IEEE8021X_EAPOL, EAP_TLS_OPENSSL.

This works fine for doing basic EAP/RADIUS authentications.
But when there is a user challenge (over EAP-GTC) for an OTP, I do get a callback to eap_param_needed with wpa_ctrl_req_type set to WPA_CTRL_REQ_EAP_OTP.
At this point, the eapol_sm is waiting for a response. I am unable to restart the state machine. It does not matter if I set the eap_peer_config->password ot eap_peer_config->otp with the user response (OTP value). The EAP auth eventually times out.

How do I restart the eapol state machine with the OTP supplied?


More information about the Hostap mailing list