NetBSD-Users archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
Re: Trying to run hostapd as solely a stand-alone Radius server
In article <0bee8c6432b826c8139af27b4e0c0582%mail.bigjar.com@localhost>,
jmitchel <jmitchel%bigjar.com@localhost> wrote:
>On 2018-01-13 22:06, christos%zoulas.com@localhost wrote:
>> On Jan 13, 9:43pm, jmitchel%bigjar.com@localhost (jmitchel) wrote:
>> -- Subject: Re: Trying to run hostapd as solely a stand-alone Radius
>> server
>>
>> | And if I run hostapd with driver=bsd and my ethernet interface, I
>> lose
>> | my SSH connection and can no longer ping the interface. The machine
>> is
>> | still up and hostapd exits.
>>
>> I committed this on HEAD; try rebuilding it with:
>>
>> christos
>>
>> Index: Makefile
>> ===================================================================
>> RCS file: /cvsroot/src/external/bsd/wpa/bin/hostapd/Makefile,v
>> retrieving revision 1.10
>> diff -u -u -r1.10 Makefile
>> --- Makefile 21 Nov 2016 20:15:16 -0000 1.10
>> +++ Makefile 14 Jan 2018 03:04:54 -0000
>> @@ -47,6 +47,8 @@
>> # drivers
>> SRCS+= \
>> driver_bsd.c \
>> +driver_none.c \
>> +driver_wired.c \
>> driver_common.c \
>> drivers.c
>>
>> @@ -117,6 +119,9 @@
>> CPPFLAGS+= -DCONFIG_CTRL_IFACE
>> CPPFLAGS+= -DCONFIG_CTRL_IFACE_UNIX
>> CPPFLAGS+= -DCONFIG_DRIVER_BSD
>> +CPPFLAGS+= -DCONFIG_DRIVER_NONE
>> +CPPFLAGS+= -DCONFIG_DRIVER_WIRED
>> +CPPFLAGS+= -DCONFIG_DRIVER_WPA
>> .if ${MKINET6} != "no"
>> CPPFLAGS+= -DCONFIG_IPV6
>> .endif
>
>Thanks! hostapd runs now. But there's one problem remaining. The Radius
>server only seems to be looking for encapsulated EAP requests. When I
>try from a regular radius client, I get this message from hostapd (with
>debugging turned on)
>
>RADIUS SRV: Received 116 bytes from A.B.C.D:58059
>RADIUS SRV: Creating a new session
>RADIUS SRV: Matching user entry found
>EAP: Server state machine created
>RADIUS SRV: New session 0x0 initialized
>RADIUS SRV: No EAP-Message in RADIUS packet from A.B.C.D
>
>Is there any way to use the Radius server in hostapd without sending an
>encapsulated EAP request?
The relevant code is:
if (eap == NULL && sess->macacl) {
reply = radius_server_macacl(data, client, sess, msg);
if (reply == NULL)
return -1;
goto send_reply;
}
if (eap == NULL) {
RADIUS_DEBUG("No EAP-Message in RADIUS packet from %s",
from_addr);
data->counters.packets_dropped++;
client->counters.packets_dropped++;
return -1; // You could put goto send_reply; here
// but we need to fill the the packet before?
}
So if the session does not have a macacl (whatever that means) and there
is no eap data then we fail. Can you see how it gets macacl?
christos
Home |
Main Index |
Thread Index |
Old Index