Make hostapd-0.5.8 as Authentication server
kinki37 at hotmail.com
Thu Jun 14 07:16:36 EDT 2007
>From: 林 Kinki <kinki37 at hotmail.com>
>To: j at w1.fi, hostap at shmoo.com
>Subject: Re: Make hostapd-0.5.8 as Authentication server
>Date: Wed, 13 Jun 2007 12:14:11 +0800
> >From: Jouni Malinen <j at w1.fi>
> >To: ?L Kinki <kinki37 at hotmail.com>
> >CC: hostap at shmoo.com
> >Subject: Re: Make hostapd-0.5.8 as Authentication server
> >Date: Mon, 11 Jun 2007 15:29:25 -0700
> >On Sun, Jun 10, 2007 at 10:50:53PM +0800, ?L Kinki wrote:
> > > The server can work now, but it still has two problems.
> > > Could not set passive scanning:Unknown error 4294967295
> > > Flushing old station entries
> > > Deauthenticate all stations
> > > test_driver_set_privacy(ifname= enable=0)
> > > test_driver_set_encryption(iface= algo=none idx=0 txkey=1)
> > > test_driver_set_encryption(iface= algo=none idx=1 txkey=1)
> > > test_driver_set_encryption(iface= algo=none idx=2 txkey=1)
> > > test_driver_set_encryption(iface= algo=none idx=3 txkey=1)
> > > Using interface with hwaddr 02:56:20:22:3d:2a and ssid' '
> > > The line "Could not..." sounds like an error, and the four lines
> > > "test_driver" sound like we are using WEP encryption.
> > > But I am trying to treat it like a server, it should not show any WEP
> > > information.
> >That is expected behavior and can be ignored. hostapd still believes it
> >is controlling a wireless interface, but the driver_test.c interface
> >does not really use any device.
> > > I am trying to use EAP-SIM and EAP-AKA, and try EAP-SIM first.
> > > But EAP-SIM will never success.
> > >
> > > It will show messages like "Failed to get GSM authenticsation
> > > the peer".
> > > I am prettry sure I have store IMSI,Kc,SRES,and RAND in
> > > the error messages means the state machine couldn't find a match item
> > > its database. Isn't it odd?
> >Are you running hlr_auc_gw to provide the authentication triplers for
>My original hostapd.conf is using "eap_sim_db=hostapd.sim_db".
>I add the hlr_auc_gw.sock in hostapd.conf by changing it into
>Then hlr_auc_gw should be enable, isn't it?
>But after I enable hostapd, I get the following error messages:
>connect(eap_sim_db):No such file or directory
>HLR/AuC GW socket - hexdump_ascii(len=20):
> 2f 74 6d 70 2f 68 6c 72 5f 61 75 63 5f 67 77 2e /tmp/hlr_auc_gw.
> 73 6f 63 6b
>Failed to initialize EAP-SIM database interface
I still get the same error message even if I write
"eap_sim_db=hostapd.sim_db", "eap_sim_db=unix:/hlr_auc_gw.sock" or
How could I enable EAP-SIM/EAP-AKA correctly?
What value should be assigned to eap_sim_db?
>Do I use a wrong way to run the hlr_auc_gw?
>If I enable hostapd in this hostapd.conf,
>can the IMSI, KC, SRES, and RAND which I store in the hostapd.sim_db be
>Or I must write them into hlr_auc_gw.milenage_db?
If I enable hlr_auc_gw to authenticate the clients, IMSI,KC,SRES,and RAND
should be written in hlr_auc_gw.milenage_db , or hostapd.sim_db?
Does the OPc value in hlr_auc_gw.milenage_db mean the random number?
And about the AMF, how could I get it ?
Can I get them from any messages?
I am trying to test EAP-SIM and EAP-AKA using my code, so I don't use a
real USIM to authenticate.
Can I fake a AMF and a OPc ? or I must get them from a real USIM?
Thanks for your great great help!!
> > > I notice that AKA doesn't have the database file, then how could you
> > > EAP-AKA without the home encironment?
> >If you are planning on using real USIM cards, you cannot test EAP-AKA
> >without matching AuC/HLR implementation. hostapd (the hlr_auc_gw part of
> >it) implements AuC/HLR for generating AKA authentication data using
> >Milenage algorithm. That can be used with USIM cards that have been
> >configured to use Milenage with a known private key.
>I notice there are OPc , AMF, and SQN in hlr_auc_gw.milenage_db.
>What's the meaning of OPc? And how do I get them?
>Can I just write a fake value to make EAP-AKA work?
>Thank you very much.
>I get lots of information from your letters.
> >Jouni Malinen PGP id EFC895FA
>Windows Live Messenger 正式版熱烈下載中：共用資料夾，傳檔案再大也不怕
>HostAP mailing list
>HostAP at shmoo.com
Windows Live Messenger 正式版熱烈下載中：共用資料夾，傳檔案再大也不怕
More information about the HostAP