EAP-AKA fast re-authentication using hostapd as library

Jouni Malinen j at w1.fi
Wed Feb 19 06:26:58 EST 2014


On Wed, Feb 19, 2014 at 12:40:26PM +0530, samiran saha wrote:
>         I am trying to implement server client program using hostapd as
> library that will at first complete full authentication process and then it
> will do fast re-authentication using the re-authentication id received from
> server. I have completed the first step i.e. full authentication process
> using EAP-AKA but can not proceed further for fast re-authentication
> because after full authentication server goes to EAP-SUCCESS state and if I
> reinitialize the state machine then it allocate new sm . So how can I do
> fast re-authentication, any clue or does hostapd support fast
> re-authentication at all?

I'm not sure how you use "hostapd as a library", but anyway, hostapd as
an independent process does support EAP-AKA fast re-authentication. The
fast re-auth information is kept in memory by default, so if you
reinitialize state completely, you will lose that data. You can enable
CONFIG_SQLITE=y for the build and set eap_user_file to point to an
SQLite database to use a database to store such information to
persistent over hostapd restarts, so I'd assume that would work for you
use case as well.

-- 
Jouni Malinen                                            PGP id EFC895FA


More information about the HostAP mailing list