wpa_supplicant: wired driver

Cristian Ionescu-Idbohrn cristian.ionescu-idbohrn at axis.com
Mon Sep 19 11:31:52 EDT 2005


I'll answer both Jouni and Edgar.

On Mon, 19 Sep 2005, Edgar E. Iglesias wrote:

> On Sat, Sep 17, 2005 at 05:57:18PM -0700, Jouni Malinen wrote:
> > On Thu, Sep 15, 2005 at 03:25:20PM +0200, Cristian Ionescu-Idbohrn wrote:
> >
> > > I'm trying to use wpa_supplicant, the wired driver, EAP-TLS.
> > > I've got it working, but also discovered (I think) a small
> > > glitch. I have to set the nic in promiscuous mode, else it won't
> > > see the 802.1x frames sent by the switch the nic is connected
> > > to.
> >
> > Which kernel version and which driver are you using?

2.4.31, cris architecture (embeded system).

> > > My understanding is that both wpa_supplicant and the switch send
> > > their frames to the multicast address 01:80:c2:00:00:03.
> > > wpa_supplicant misses frames comming from the switch, like:
> >
> > That's correct.
> >
> > > unless the nic in the supplicant side is set in promiscuous mode
> > > or wpa_supplicant requires PACKET_ADD_MEMBERSHIP with
> > > setsockopt.
> > >
> > > I'd like to skip the promiscuous mode stuff. Can anyone point me
> > > to what (and maybe where) I need to add a small hack.
> >
> > For some reason, all my test systems work without doing this.

You must have got the iface into promiscuous mode somehow. Ethereal
running? Any other application that might put the iface into
promiscuous mode?

> > Anyway, PACKET_ADD_MEMBERSHIP is indeed what should be done on
> > Linux (and SIOCADDMULTI on BSD). I modified driver_wired.c to do
> > this. I haven't been able to verify whether this actually works
> > since my test configurations work with and without these
> > modifications.
> >
> > I would appreciate it if you could take the modified version of
> > driver_wired.c from my CVS repository (or a full devel snapshot,
> > for that maetter) and let me know whether it resolves this issue
> > in your setup.

I did verify now the driver_wired.c, cvs version 1.3. No dice
:( Took a look at /proc/net/dev_mcast. No such (0180c2000003) address
there.

> Linux will drop the multicast memberships when the sockets that
> added them are not around anymore. We need to keep the pf-socket
> alive as long as we have active memberships. The BSD ioctl's are ok
> in CVS.
>
> This patch fixes the issue on linux.

And that showed up to do trick :)

,----
| # cat /proc/net/dev_mcast
| ...
| 2    eth0            1     1     0180c2000003
`----

My thanks to both of you.


Cheers,
Cristian



More information about the HostAP mailing list