v0.4.9 Linux hostapd does work with WPA-PSK to XPs built-in client.  WPA-EAP with certs is giving user not found error:
<br>
<br>hostapd.conf:
<br>
<br>interface=wlan0
<br>driver=madwifi
<br>ieee8021x=1
<br>logger_syslog=-1
<br>logger_syslog_level=2
<br>logger_stdout=-1
<br>logger_stdout_level=2
<br>debug=0
<br>ctrl_interface_group=0
<br>macaddr_acl=0
<br>auth_algs=1
<br>#eapol_key_index_workaround=0
<br>eapol_key_index_workaround=1
<br>eap_server=1
<br>dump_file=/tmp/hostapd.dump
<br>ssid=na
<br>wpa=3
<br>wpa_key_mgmt=WPA-EAP
<br>wpa_pairwise=TKIP CCMP
<br>#wpa_group_rekey=300
<br>#wpa_gmk_rekey=640
<br>
<br># Path for EAP server user database
<br>eap_user_file=/etc/hostapd.eap_user
<br>
<br># CA certificate (PEM or DER file) for EAP-TLS/PEAP/TTLS
<br>ca_cert=/etc/hostapd.ca.pem
<br>
<br># Server certificate (PEM or DER file) for EAP-TLS/PEAP/TTLS
<br>#server_cert=/etc/hostapd.server.pem
<br>
<br># Private key matching with the server certificate for EAP-TLS/PEAP/TTLS
<br># This may point to the same file as server_cert if both certificate and key
<br># are included in a single file. PKCS#12 (PFX) file (.p12/.pfx) can also be
<br># used by commenting out server_cert and specifying the PFX file as the
<br># private_key.
<br>#private_key=/etc/hostapd.server.prv
<br>private_key=/root/w2k.p12
<br>
<br># Passphrase for private key
<br>#private_key_passwd=secret passphrase
<br>
<br>
<br>/etc/hostapd.eap_user:
<br>
<br>"e"              PEAP,TTLS,TLS,SIM
<br>"e4"              PEAP,TTLS,TLS,SIM
<br>"SUPPORT\EAI"              PEAP,TTLS,TLS,SIM
<br>"user"          PEAP,TTLS,TLS,SIM
<br>*               PEAP,TTLS,TLS,SIM
<br>
<br>
<br>hostapd -dd hostapd.conf (I added the sm->user printf which outputs a (null)):
<br>
<br>Wireless event: cmd=0x8c03 len=20
<br>wlan0: STA 00:15:00:16:c9:54 IEEE 802.11: associated
<br>  New STA
<br>wlan0: STA 00:15:00:16:c9:54 WPA: event 1 notification
<br>wlan0: STA 00:15:00:16:c9:54 IEEE 802.1X: start authentication
<br>EAP: State machine created
<br>IEEE 802.1X: 00:15:00:16:c9:54 AUTH_PAE entering state INITIALIZE
<br>IEEE 802.1X: 00:15:00:16:c9:54 BE_AUTH entering state INITIALIZE
<br>IEEE 802.1X: 00:15:00:16:c9:54 REAUTH_TIMER entering state INITIALIZE
<br>IEEE 802.1X: 00:15:00:16:c9:54 AUTH_KEY_TX entering state NO_KEY_TRANSMIT
<br>IEEE 802.1X: 00:15:00:16:c9:54 KEY_RX entering state NO_KEY_RECEIVE
<br>IEEE 802.1X: 00:15:00:16:c9:54 CTRL_DIR entering state IN_OR_BOTH
<br>IEEE 802.1X: 00:15:00:16:c9:54 AUTH_PAE entering state INITIALIZE
<br>IEEE 802.1X: 00:15:00:16:c9:54 BE_AUTH entering state IDLE
<br>IEEE 802.1X: 00:15:00:16:c9:54 KEY_RX entering state NO_KEY_RECEIVE
<br>IEEE 802.1X: 00:15:00:16:c9:54 CTRL_DIR entering state FORCE_BOTH
<br>IEEE 802.1X: 00:15:00:16:c9:54 AUTH_PAE entering state INITIALIZE
<br>IEEE 802.1X: 00:15:00:16:c9:54 KEY_RX entering state NO_KEY_RECEIVE
<br>wlan0: STA 00:15:00:16:c9:54 WPA: start authentication
<br>WPA: 00:15:00:16:c9:54 WPA_PTK entering state INITIALIZE
<br>madwifi_del_key: addr=00:15:00:16:c9:54 key_idx=0
<br>WPA: 00:15:00:16:c9:54 WPA_PTK_GROUP entering state IDLE
<br>WPA: 00:15:00:16:c9:54 WPA_PTK entering state AUTHENTICATION
<br>WPA: 00:15:00:16:c9:54 WPA_PTK entering state AUTHENTICATION2
<br>IEEE 802.1X: 00:15:00:16:c9:54 AUTH_PAE entering state DISCONNECTED
<br>wlan0: STA 00:15:00:16:c9:54 IEEE 802.1X: unauthorizing port
<br>madwifi_set_sta_authorized: addr=00:15:00:16:c9:54 authorized=0
<br>IEEE 802.1X: 00:15:00:16:c9:54 REAUTH_TIMER entering state INITIALIZE
<br>IEEE 802.1X: 00:15:00:16:c9:54 AUTH_PAE entering state RESTART
<br>IEEE 802.1X: Integrated EAP server in use - do not generate EAP-Request/Identity
<br>IEEE 802.1X: 00:15:00:16:c9:54 REAUTH_TIMER entering state INITIALIZE
<br>IEEE 802.1X: 00:15:00:16:c9:54 REAUTH_TIMER entering state INITIALIZE
<br>EAP: EAP entering state INITIALIZE
<br>EAP: EAP entering state SELECT_ACTION
<br>EAP: getDecision: no identity known yet -> CONTINUE
<br>EAP: EAP entering state PROPOSE_METHOD
<br>EAP: getNextMethod: type 1
<br>EAP: EAP entering state METHOD_REQUEST
<br>EAP: building EAP-Request: Identifier 105
<br>EAP: EAP entering state SEND_REQUEST
<br>EAP: eapReqData -> EAPOL - hexdump(len=5): 01 69 00 05 01
<br>EAP: EAP entering state IDLE
<br>IEEE 802.1X: 00:15:00:16:c9:54 AUTH_PAE entering state CONNECTING
<br>IEEE 802.1X: 00:15:00:16:c9:54 REAUTH_TIMER entering state INITIALIZE
<br>IEEE 802.1X: 00:15:00:16:c9:54 AUTH_PAE entering state AUTHENTICATING
<br>IEEE 802.1X: 00:15:00:16:c9:54 BE_AUTH entering state REQUEST
<br>IEEE 802.1X: Sending EAP Packet to 00:15:00:16:c9:54 (identifier 105)
<br>IEEE 802.1X: 00:15:00:16:c9:54 REAUTH_TIMER entering state INITIALIZE
<br>IEEE 802.1X: 00:15:00:16:c9:54 REAUTH_TIMER entering state INITIALIZE
<br>IEEE 802.1X: 00:15:00:16:c9:54 REAUTH_TIMER entering state INITIALIZE
<br>IEEE 802.1X: 00:15:00:16:c9:54 REAUTH_TIMER entering state INITIALIZE
<br>IEEE 802.1X: 00:15:00:16:c9:54 REAUTH_TIMER entering state INITIALIZE
<br>IEEE 802.1X: 5 bytes from 00:15:00:16:c9:54
<br>   IEEE 802.1X: version=1 type=1 length=0
<br>   ignoring 1 extra octets after IEEE 802.1X packet
<br>wlan0: STA 00:15:00:16:c9:54 IEEE 802.1X: received EAPOL-Start from STA
<br>wlan0: STA 00:15:00:16:c9:54 WPA: event 5 notification
<br>WPA: 00:15:00:16:c9:54 WPA_PTK entering state AUTHENTICATION2
<br>IEEE 802.1X: 00:15:00:16:c9:54 AUTH_PAE entering state ABORTING
<br>IEEE 802.1X: 00:15:00:16:c9:54 BE_AUTH entering state INITIALIZE
<br>wlan0: STA 00:15:00:16:c9:54 IEEE 802.1X: aborting authentication
<br>IEEE 802.1X: 00:15:00:16:c9:54 REAUTH_TIMER entering state INITIALIZE
<br>IEEE 802.1X: 00:15:00:16:c9:54 AUTH_PAE entering state RESTART
<br>IEEE 802.1X: Integrated EAP server in use - do not generate EAP-Request/Identity
<br>IEEE 802.1X: 00:15:00:16:c9:54 BE_AUTH entering state IDLE
<br>IEEE 802.1X: 00:15:00:16:c9:54 REAUTH_TIMER entering state INITIALIZE
<br>IEEE 802.1X: 00:15:00:16:c9:54 REAUTH_TIMER entering state INITIALIZE
<br>EAP: EAP entering state INITIALIZE
<br>EAP: EAP entering state SELECT_ACTION
<br>EAP: getDecision: no identity known yet -> CONTINUE
<br>EAP: EAP entering state PROPOSE_METHOD
<br>EAP: getNextMethod: type 1
<br>EAP: EAP entering state METHOD_REQUEST
<br>EAP: building EAP-Request: Identifier 115
<br>EAP: EAP entering state SEND_REQUEST
<br>EAP: eapReqData -> EAPOL - hexdump(len=5): 01 73 00 05 01
<br>EAP: EAP entering state IDLE
<br>IEEE 802.1X: 00:15:00:16:c9:54 AUTH_PAE entering state CONNECTING
<br>IEEE 802.1X: 00:15:00:16:c9:54 REAUTH_TIMER entering state INITIALIZE
<br>IEEE 802.1X: 00:15:00:16:c9:54 AUTH_PAE entering state AUTHENTICATING
<br>IEEE 802.1X: 00:15:00:16:c9:54 BE_AUTH entering state REQUEST
<br>IEEE 802.1X: Sending EAP Packet to 00:15:00:16:c9:54 (identifier 115)
<br>IEEE 802.1X: 00:15:00:16:c9:54 REAUTH_TIMER entering state INITIALIZE
<br>IEEE 802.1X: 00:15:00:16:c9:54 REAUTH_TIMER entering state INITIALIZE
<br>IEEE 802.1X: 11 bytes from 00:15:00:16:c9:54
<br>   IEEE 802.1X: version=1 type=0 length=7
<br>   EAP: code=2 identifier=115 length=7 (response)
<br>wlan0: STA 00:15:00:16:c9:54 IEEE 802.1X: received EAP packet (code=2 id=115 len=7) from STA: EAP Response-Identity (1)
<br>wlan0: STA 00:15:00:16:c9:54 IEEE 802.1X: STA identity 'e4'
<br>IEEE 802.1X: 00:15:00:16:c9:54 BE_AUTH entering state RESPONSE
<br>EAP: EAP-Response received - hexdump(len=7): 02 73 00 07 01 65 34
<br>IEEE 802.1X: 00:15:00:16:c9:54 REAUTH_TIMER entering state INITIALIZE
<br>IEEE 802.1X: 00:15:00:16:c9:54 REAUTH_TIMER entering state INITIALIZE
<br>EAP: EAP entering state RECEIVED
<br>EAP: parseEapResp: rxResp=1 respId=115 respMethod=1
<br>EAP: EAP entering state INTEGRITY_CHECK
<br>EAP: EAP entering state METHOD_RESPONSE
<br>EAP-Identity: Peer identity - hexdump_ascii(len=2):
<br>     65 34                                             e4
<br>EAP: EAP entering state SELECT_ACTION
<br>sm->user:  (null)
<br>EAP: getDecision: user not found from database -> FAILURE
<br>EAP: EAP entering state FAILURE
<br>EAP: Building EAP-Failure (id=115)
<br>EAP: eapReqData -> EAPOL - hexdump(len=4): 04 73 00 04
<br>IEEE 802.1X: 00:15:00:16:c9:54 BE_AUTH entering state FAIL
<br>IEEE 802.1X: Sending EAP Packet to 00:15:00:16:c9:54 (identifier 115)
<br>IEEE 802.1X: 00:15:00:16:c9:54 REAUTH_TIMER entering state INITIALIZE
<br>IEEE 802.1X: 00:15:00:16:c9:54 AUTH_PAE entering state HELD
<br>wlan0: STA 00:15:00:16:c9:54 IEEE 802.1X: unauthorizing port
<br>madwifi_set_sta_authorized: addr=00:15:00:16:c9:54 authorized=0
<br>wlan0: STA 00:15:00:16:c9:54 IEEE 802.1X: authentication failed
<br>IEEE 802.1X: 00:15:00:16:c9:54 BE_AUTH entering state IDLE
<br>IEEE 802.1X: 00:15:00:16:c9:54 REAUTH_TIMER entering state INITIALIZE
<br>IEEE 802.1X: 00:15:00:16:c9:54 REAUTH_TIMER entering state INITIALIZE
<br>IEEE 802.1X: 5 bytes from 00:15:00:16:c9:54
<br>   IEEE 802.1X: version=1 type=1 length=0
<br>   ignoring 1 extra octets after IEEE 802.1X packet
<br>wlan0: STA 00:15:00:16:c9:54 IEEE 802.1X: received EAPOL-Start from STA
<br>wlan0: STA 00:15:00:16:c9:54 WPA: event 5 notification
<br>WPA: 00:15:00:16:c9:54 WPA_PTK entering state AUTHENTICATION2
<br>IEEE 802.1X: 00:15:00:16:c9:54 REAUTH_TIMER entering state INITIALIZE
<br>IEEE 802.1X: 00:15:00:16:c9:54 REAUTH_TIMER entering state INITIALIZE
<br>IEEE 802.1X: 00:15:00:16:c9:54 REAUTH_TIMER entering state INITIALIZE
<br>IEEE 802.1X: 00:15:00:16:c9:54 REAUTH_TIMER entering state INITIALIZE
<br>IEEE 802.1X: 00:15:00:16:c9:54 REAUTH_TIMER entering state INITIALIZE
<br>IEEE 802.1X: 00:15:00:16:c9:54 REAUTH_TIMER entering state INITIALIZE
<br>IEEE 802.1X: 00:15:00:16:c9:54 REAUTH_TIMER entering state INITIALIZE
<br>IEEE 802.1X: 00:15:00:16:c9:54 REAUTH_TIMER entering state INITIALIZE
<br>IEEE 802.1X: 00:15:00:16:c9:54 REAUTH_TIMER entering state INITIALIZE
<br>IEEE 802.1X: 00:15:00:16:c9:54 REAUTH_TIMER entering state INITIALIZE
<br>IEEE 802.1X: 00:15:00:16:c9:54 REAUTH_TIMER entering state INITIALIZE
<br>IEEE 802.1X: 00:15:00:16:c9:54 REAUTH_TIMER entering state INITIALIZE
<br>IEEE 802.1X: 00:15:00:16:c9:54 REAUTH_TIMER entering state INITIALIZE
<br>IEEE 802.1X: 00:15:00:16:c9:54 REAUTH_TIMER entering state INITIALIZE
<br>Signal 2 received - terminating
<br>Removing station 00:15:00:16:c9:54
<br>EAP: State machine removed
<br>Flushing old station entries
<br>madwifi_sta_deauth: addr=ff:ff:ff:ff:ff:ff reason_code=3
<br>Deauthenticate all stations
<br>madwifi_set_privacy: enabled=0
<br>madwifi_set_ieee8021x: enabled=0
<br>madwifi_set_iface_flags: dev_up=0