How are multiple clients handled in hostapd?

khali singh khali3620 at gmail.com
Tue Aug 12 01:44:36 EDT 2014


Thanks Arend and Jouni for clarifying.

I do use an sqlite database connection to do this on the server!

Khali


On Mon, Aug 11, 2014 at 11:38 PM, Jouni Malinen <j at w1.fi> wrote:

> On Mon, Aug 11, 2014 at 11:27:23AM +0300, khali singh wrote:
> > I use global variables at the top of the .C file containing my new EAP
> > method. Is it possible that two connecting clients can write to each
> others
> > data?
>
> Yes. I would strongly discourage such design.
>
> > For example the C file contains a variable called as a global variable
> > u8 sessid[17];
> >
> > Can two simultaneous clients cause a problem?
>
> Yes. There is a reason why every EAP method implementation in hostap.git
> uses struct eap_*_data for per-session data.. There can be multiple
> concurrent instances of an EAP server method. While there is only a
> single thread running, that won't protect against this type of uses of
> global variables with multiple users being able to try to authenticate
> at the same time.
>
> That said, it should be noted that the EAP server methods do not have
> support for fast session resumption in a similar way to the EAP peer
> methods since they do not maintain any internal state between EAP
> sessions. The existing examples use either the TLS library to do this
> (EAP-TTLS/PEAP/TLS) or a separate component (EAP-SIM/AKA/AKA' and
> eap_sim_db). The latter would likely be closer to what you are
> describing here.
>
> --
> Jouni Malinen                                            PGP id EFC895FA
> _______________________________________________
> HostAP mailing list
> HostAP at lists.shmoo.com
> http://lists.shmoo.com/mailman/listinfo/hostap
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.shmoo.com/pipermail/hostap/attachments/20140812/b73ccbd7/attachment-0001.htm>


More information about the HostAP mailing list