Make hostapd-0.5.8 as Authentication server

林 Kinki kinki37 at hotmail.com
Sun Jun 10 10:50:53 EDT 2007


Dear Jouni,

Thank you very much for your kindly help!
It's so nice of you to respond so fast.

The server can work now, but it still has two problems.

1.
After I enable the server using ./hostapd -ddK hostapd.conf,
it will show messages like this:
Configuration file: hostapd.conf
TLS:Trusted root certificates loaded
TLS:Successfully parsed PKCS12 data
TLS:Got certificate from PKCS12:subject='/CN=wifi-server'
TLS:Got private key from PKCS12
TLS:additional certificate from PKCS12:subject='/CN=WiFi-Root-CA'
TLS:additional certificate from 
PKCS12:subject='/CN=WiFi-Intermediate-CA-srv'
BSS count 1, BSSID mask ff:ff:ff:ff:ff:ff (0 bits)
RATE[0] rate =10 flags=0x152
Could not set passive scanning:Unknown error 4294967295
Flushing old station entries
Deauthenticate all stations
test_driver_set_privacy(ifname= enable=0)
test_driver_set_encryption(iface= algo=none idx=0 txkey=1)
test_driver_set_encryption(iface= algo=none idx=1 txkey=1)
test_driver_set_encryption(iface= algo=none idx=2 txkey=1)
test_driver_set_encryption(iface= algo=none idx=3 txkey=1)
Using interface with hwaddr 02:56:20:22:3d:2a and ssid' '
:Setup of interface done.

The line "Could not..." sounds like an error, and the four lines 
"test_driver" sound like we are using WEP encryption.
But I am trying to treat it like a server, it should not show any WEP 
information. 
Do I miss any configuration?

2.
I am trying to use EAP-SIM and EAP-AKA, and try EAP-SIM first.
But EAP-SIM will never success.

It will show messages like "Failed to get GSM authenticsation triplets for 
the peer".
I am prettry sure I have store IMSI,Kc,SRES,and RAND in hostapd.sim_db, but 
the error messages means the state machine couldn't find a match item in 
its database. Isn't it odd?
How can I fix it?
I notice that AKA doesn't have the database file, then how could you test 
EAP-AKA without the home encironment?

Please give me some advice.

Thank you so much, your help means a lot to me.

Thank you,
Kinki


>From: Jouni Malinen <j at w1.fi>
>To: hostap at shmoo.com
>Subject: Re: Make hostapd-0.5.8 as Authentication server
>Date: Fri, 8 Jun 2007 07:05:31 -0700
>
>On Wed, Jun 06, 2007 at 05:56:51PM +0800, ?L ?X?p wrote:
>
> > I am using the files from http://hostap.epitest.fi/hostapd/, and the
> > version is 0.5.8.
> > I hope to use EAP-AKA as the authentication method and make hostapd as 
the
> > stand-alone authentication server.
> > Not planning to use hostapd as the AP and the integrated server, but 
treat
> > it as an authentication server, which communicates with external AP 
through
> > wired network
> > Can hostapd do this functionality? Actually, I am not sure about this.
>
>Yes, hostapd can be configured to act as a RADIUS authentication server
>and not to control a wireless interface.
>
> > I use the cmd ./hostapd -ddK hostapd.conf to start hostapd.
> > But I get a segmentation fault message.
> > Like this:
> > Configuration file: hostapd.conf
> > Segmentation fault.
>
>That's a bug in hostapd somewhere. It shouldn't really crash, but
>provide more useful error message here..
>
> > Here is my .config file and hostapd.conf file:
> > 1.  .config
>
>You need to add following line into .config:
>
>CONFIG_DRIVER_TEST=y
>
> > # RADIUS authentication server. This provides access to the integrated 
EAP
> > # server from external hosts using RADIUS.
> > #CONFIG_RADIUS_SERVER=y
>
>And that line needs to be uncommented.
>
>--
>Jouni Malinen                                            PGP id EFC895FA
>_______________________________________________
>HostAP mailing list
>HostAP at shmoo.com
>http://lists.shmoo.com/mailman/listinfo/hostap

_________________________________________________________________
現在就用 Live.com:全方位個人化首頁 http://www.live.com 




More information about the HostAP mailing list