Integrated EAP server

Tran Thanh Dinh dinh107 at yahoo.com
Wed Aug 30 11:50:02 EDT 2006


  Hi,

  I have a question concerning the integrated EAP
server issue. In the README file, it's written that
"It only requests the identity of the Supplicant and
authorizes any host that is able to send a valid EAP
Response frame." Does it mean: the integrated server
send to supplicant via the authenticator entity a
EAP-Request / Identity. If the Supplicant is able to
send back a EAP-Response /Identity, it is
authenticated?

  Then while looking into the code, I found the
following code part in  ieee802_1x_request_identity()
function of ieee802_1x.c file:
if (hapd->conf->eap_server) {
	HOSTAPD_DEBUG(HOSTAPD_DEBUG_MINIMAL,
	      "IEEE 802.1X: Integrated EAP server in "
	      "use - do not generate
EAP-Request/Identity\n");
	return;
}
I understand it like: As the integrated EAP server is
in use, no EAP-Request/Identity will be sent. So it's
opposite of what's talked above.

  I am confused because of these 2 parts. Could you
please clarify this issue for me please?

  Another thing concerns the EAP-Success message.
Normally this message is sent from the authentication
server. Once the authenticator receives this message,
the controlled port is authorized. In case of
integrated server, is it still the same please?

  As I understand, the integrated server is really
simple in hosapd and it is not able to manage session,
etc. The only one thing it does is: send
EAP-Request/Identity, receive EAP-Response/Identity
and send EAP-Success. Could you please confirm if I am
right?

  I got to know from the hostapd.conf file that "
hostapd can be used as a RADIUS authentication server
for other hosts. This requires that the integrated EAP
authenticator is also enabled and both
 authentication services are sharing the same
configuration." Does it mean that we can have the
authenticator and Radius authentication server running
on the same machine and the Radius server acts as an
external server?

  Because of card installation, I havent got yet
hostapd and wpa_supplicant running, I dont know how
these 2 implementations work yet. My questions come up
when I read the document and code of hostapd. Then, I
am sorry if I ask question that should not be asked
:(. 

  Thanks a lot for any reply,
  Best regards,

Dinh Tran

 



__________________________________________________
Do You Yahoo!?
Tired of spam?  Yahoo! Mail has the best spam protection around 
http://mail.yahoo.com 



More information about the HostAP mailing list