EAP-TLS + PSK : Unsupported EAP type 'PSK'

Léo Peltier lpeltier at ivsweb.com
Wed Jul 16 05:16:17 EDT 2014


Hi,

I'm currently setting up access points that need both EAP-TLS
authentication and a PSK when an user need to access the device
directly. This works using 'hostapd v0.7.3' on Ubuntu 12.04 (i386) using the
following config:

hostapd.conf (shortened):
> wpa_key_mgmt=WPA-EAP WPA-PSK
> wpa_psk=deadb33fdeadb33fdeadb33fdeadb33fdeadb33fdeadb33fdeadb33fdeadb33f
> eap_user_file=/path/to/users

users:
> "some-prefix-"* TLS
> * PSK deadb33fdeadb33fdeadb33fdeadb33fdeadb33fdeadb33fdeadb33fdeadb33f

I'm now setting up the same thing on an Arduino Yùn using the latest
OpenWrt-Yun HEAD and 'hostapd v2.1-devel'. Using the same configuration,
hostapd exits immediately with the following output:

> $ hostapd -dd /var/run/hostapd-phy0.conf
> Configuration file: /var/run/hostapd-phy0.conf
> Unsupported EAP type 'PSK' on line 2 in '/var/run/hostapd-eap'
> 1 errors found in configuration file '/var/run/hostapd-phy0.conf'
> Failed to set up interface with /var/run/hostapd-phy0.conf
> Failed to initialize interface

After reading the code and diffing the bits that seemed relevant in
both versions, I could not find anything obvious.
hostapd_config_read_eap_user() (where the error originates) does not
change between versions and nothing seemed off where eap_methods are
registered.

Is this really a bug of am I doing something wrong?

If it is indeed a bug, where should I look to fix it? I don't have a
development environment set up for the Arduino and I don't know the
codebase, so I can do little besides riddling the code with printf()
calls.

Thanks.

-- 
Léo Peltier

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 901 bytes
Desc: OpenPGP digital signature
URL: <http://lists.shmoo.com/pipermail/hostap/attachments/20140716/a832acdf/attachment.pgp>


More information about the HostAP mailing list