subject:"Trying to run hostapd as solely a stand\-alone Radius server"

Re: Trying to run hostapd as solely a stand-alone Radius server

2018-01-19 Thread Christos Zoulas

In article <0bee8c6432b826c8139af27b4e0c0...@mail.bigjar.com>,
jmitchel   wrote:
>On 2018-01-13 22:06, chris...@zoulas.com wrote:
>> On Jan 13,  9:43pm, jmitc...@bigjar.com (jmitchel) wrote:
>> -- Subject: Re: Trying to run hostapd as solely a stand-alone Radius 
>> server
>> 
>> | And if I run hostapd with driver=bsd and my ethernet interface, I 
>> lose
>> | my SSH connection and can no longer ping the interface. The machine 
>> is
>> | still up and hostapd exits.
>> 
>> I committed this on HEAD; try rebuilding it with:
>> 
>> christos
>> 
>> Index: Makefile
>> ===
>> RCS file: /cvsroot/src/external/bsd/wpa/bin/hostapd/Makefile,v
>> retrieving revision 1.10
>> diff -u -u -r1.10 Makefile
>> --- Makefile21 Nov 2016 20:15:16 -  1.10
>> +++ Makefile14 Jan 2018 03:04:54 -
>> @@ -47,6 +47,8 @@
>>  # drivers
>>  SRCS+= \
>>  driver_bsd.c \
>> +driver_none.c \
>> +driver_wired.c \
>>  driver_common.c \
>>  drivers.c
>> 
>> @@ -117,6 +119,9 @@
>>  CPPFLAGS+= -DCONFIG_CTRL_IFACE
>>  CPPFLAGS+= -DCONFIG_CTRL_IFACE_UNIX
>>  CPPFLAGS+= -DCONFIG_DRIVER_BSD
>> +CPPFLAGS+= -DCONFIG_DRIVER_NONE
>> +CPPFLAGS+= -DCONFIG_DRIVER_WIRED
>> +CPPFLAGS+= -DCONFIG_DRIVER_WPA
>>  .if ${MKINET6} != "no"
>>  CPPFLAGS+= -DCONFIG_IPV6
>>  .endif
>
>Thanks! hostapd runs now. But there's one problem remaining. The Radius 
>server only seems to be looking for encapsulated EAP requests. When I 
>try from a regular radius client, I get this message from hostapd (with 
>debugging turned on)
>
>RADIUS SRV: Received 116 bytes from A.B.C.D:58059
>RADIUS SRV: Creating a new session
>RADIUS SRV: Matching user entry found
>EAP: Server state machine created
>RADIUS SRV: New session 0x0 initialized
>RADIUS SRV: No EAP-Message in RADIUS packet from A.B.C.D
>
>Is there any way to use the Radius server in hostapd without sending an 
>encapsulated EAP request?

The relevant code is:


if (eap == NULL && sess->macacl) {
reply = radius_server_macacl(data, client, sess, msg);
if (reply == NULL)
return -1;
goto send_reply;
}   
if (eap == NULL) {   
RADIUS_DEBUG("No EAP-Message in RADIUS packet from %s",
 from_addr);
data->counters.packets_dropped++;  
client->counters.packets_dropped++;
return -1;  // You could put goto send_reply; here
// but we need to fill the the packet before?
}   


So if the session does not have a macacl (whatever that means) and there
is no eap data then we fail. Can you see how it gets macacl?

christos

Re: Trying to run hostapd as solely a stand-alone Radius server

2018-01-18 Thread jmitchel


On 2018-01-13 22:06, chris...@zoulas.com wrote:

On Jan 13,  9:43pm, jmitc...@bigjar.com (jmitchel) wrote:
-- Subject: Re: Trying to run hostapd as solely a stand-alone Radius 
server


| And if I run hostapd with driver=bsd and my ethernet interface, I 
lose
| my SSH connection and can no longer ping the interface. The machine 
is

| still up and hostapd exits.

I committed this on HEAD; try rebuilding it with:

christos

Index: Makefile
===
RCS file: /cvsroot/src/external/bsd/wpa/bin/hostapd/Makefile,v
retrieving revision 1.10
diff -u -u -r1.10 Makefile
--- Makefile21 Nov 2016 20:15:16 -  1.10
+++ Makefile14 Jan 2018 03:04:54 -
@@ -47,6 +47,8 @@
 # drivers
 SRCS+= \
 driver_bsd.c \
+driver_none.c \
+driver_wired.c \
 driver_common.c \
 drivers.c

@@ -117,6 +119,9 @@
 CPPFLAGS+= -DCONFIG_CTRL_IFACE
 CPPFLAGS+= -DCONFIG_CTRL_IFACE_UNIX
 CPPFLAGS+= -DCONFIG_DRIVER_BSD
+CPPFLAGS+= -DCONFIG_DRIVER_NONE
+CPPFLAGS+= -DCONFIG_DRIVER_WIRED
+CPPFLAGS+= -DCONFIG_DRIVER_WPA
 .if ${MKINET6} != "no"
 CPPFLAGS+= -DCONFIG_IPV6
 .endif


Thanks! hostapd runs now. But there's one problem remaining. The Radius 
server only seems to be looking for encapsulated EAP requests. When I 
try from a regular radius client, I get this message from hostapd (with 
debugging turned on)


RADIUS SRV: Received 116 bytes from A.B.C.D:58059
RADIUS SRV: Creating a new session
RADIUS SRV: Matching user entry found
EAP: Server state machine created
RADIUS SRV: New session 0x0 initialized
RADIUS SRV: No EAP-Message in RADIUS packet from A.B.C.D

Is there any way to use the Radius server in hostapd without sending an 
encapsulated EAP request?


Thanks,

Jason M.

Re: Trying to run hostapd as solely a stand-alone Radius server

2018-01-13 Thread Christos Zoulas

On Jan 13,  9:43pm, jmitc...@bigjar.com (jmitchel) wrote:
-- Subject: Re: Trying to run hostapd as solely a stand-alone Radius server

| And if I run hostapd with driver=bsd and my ethernet interface, I lose 
| my SSH connection and can no longer ping the interface. The machine is 
| still up and hostapd exits.

I committed this on HEAD; try rebuilding it with:

christos

Index: Makefile
===
RCS file: /cvsroot/src/external/bsd/wpa/bin/hostapd/Makefile,v
retrieving revision 1.10
diff -u -u -r1.10 Makefile
--- Makefile21 Nov 2016 20:15:16 -  1.10
+++ Makefile14 Jan 2018 03:04:54 -
@@ -47,6 +47,8 @@
 # drivers
 SRCS+= \
 driver_bsd.c \
+driver_none.c \
+driver_wired.c \
 driver_common.c \
 drivers.c
 
@@ -117,6 +119,9 @@
 CPPFLAGS+= -DCONFIG_CTRL_IFACE
 CPPFLAGS+= -DCONFIG_CTRL_IFACE_UNIX
 CPPFLAGS+= -DCONFIG_DRIVER_BSD
+CPPFLAGS+= -DCONFIG_DRIVER_NONE
+CPPFLAGS+= -DCONFIG_DRIVER_WIRED
+CPPFLAGS+= -DCONFIG_DRIVER_WPA
 .if ${MKINET6} != "no"
 CPPFLAGS+= -DCONFIG_IPV6
 .endif

Re: Trying to run hostapd as solely a stand-alone Radius server

2018-01-13 Thread jmitchel


On 2018-01-13 07:21, chris...@astron.com wrote:

In article <7c6a79ab05e9fdd22e449d63d7cb1...@mail.bigjar.com>,
jmitchel   wrote:

Hello,

I'm trying to run hostapd as a standalone Radius server without any of
the wireless functionality.
/usr/src/external/bsd/wpa/dist/hostapd/hostapd.conf has the following:

# Driver interface type (hostap/wired/madwifi/test/none/nl80211/bsd);
# default: hostap). nl80211 is used with all Linux mac80211 drivers.
# Use driver=none if building hostapd as a standalone RADIUS server 
that

does
# not control any wireless/wired driver.
# driver=hostap

But the only option for driver that doesn't cause hostapd to generate 
an

error on startup is bsd, and you have to supply a physical interface
(not lo0) which stops working when you run hostapd.

I'm running NetBSD 6.1.5 on port-i386. As a test I'm running on a full
installation of NetBSD, but the target is an embedded appliance.

Is there a way to disable the wireless portion of things and still 
have

a functioning radius server? Sorry if this is the wrong group. If so,
please let me know where I should send this to.

Thanks,

Jason M.

P.S. Please copy me on any replies, I'm not subscribed to 
netbsd-users.

Thanks again!


Have you tried driver=test?

christos


Yes, I tried them all. The only one that doesn't cause hostapd to exit 
with an error is bsd.


quantumleap:/home/jmitchel/temp# hostapd 
/home/jmitchel/temp/hostapd.conf

Configuration file: /home/jmitchel/temp/hostapd.conf
Line 9: invalid/unknown driver 'test'
1 errors found in configuration file '/home/jmitchel/temp/hostapd.conf'

quantumleap:/home/jmitchel/temp# hostapd 
/home/jmitchel/temp/hostapd.conf

Configuration file: /home/jmitchel/temp/hostapd.conf
Line 9: invalid/unknown driver 'none'
1 errors found in configuration file '/home/jmitchel/temp/hostapd.conf'

quantumleap:/home/jmitchel/temp# hostapd 
/home/jmitchel/temp/hostapd.conf

Configuration file: /home/jmitchel/temp/hostapd.conf
Line 9: invalid/unknown driver 'hostap'
1 errors found in configuration file '/home/jmitchel/temp/hostapd.conf'

quantumleap:/home/jmitchel/temp# hostapd 
/home/jmitchel/temp/hostapd.conf

Configuration file: /home/jmitchel/temp/hostapd.conf
Line 9: invalid/unknown driver 'wired'
1 errors found in configuration file '/home/jmitchel/temp/hostapd.conf'

quantumleap:/home/jmitchel/temp# hostapd 
/home/jmitchel/temp/hostapd.conf

Configuration file: /home/jmitchel/temp/hostapd.conf
Line 9: invalid/unknown driver 'madwifi'
1 errors found in configuration file '/home/jmitchel/temp/hostapd.conf'

quantumleap:/home/jmitchel/temp# hostapd 
/home/jmitchel/temp/hostapd.conf

Configuration file: /home/jmitchel/temp/hostapd.conf
Line 9: invalid/unknown driver 'nl80211'
1 errors found in configuration file '/home/jmitchel/temp/hostapd.conf'

And if I run hostapd with driver=bsd and my ethernet interface, I lose 
my SSH connection and can no longer ping the interface. The machine is 
still up and hostapd exits.


Thanks,

Jason M.

Re: Trying to run hostapd as solely a stand-alone Radius server

2018-01-13 Thread Christos Zoulas

In article <7c6a79ab05e9fdd22e449d63d7cb1...@mail.bigjar.com>,
jmitchel   wrote:
>Hello,
>
>I'm trying to run hostapd as a standalone Radius server without any of 
>the wireless functionality. 
>/usr/src/external/bsd/wpa/dist/hostapd/hostapd.conf has the following:
>
># Driver interface type (hostap/wired/madwifi/test/none/nl80211/bsd);
># default: hostap). nl80211 is used with all Linux mac80211 drivers.
># Use driver=none if building hostapd as a standalone RADIUS server that 
>does
># not control any wireless/wired driver.
># driver=hostap
>
>But the only option for driver that doesn't cause hostapd to generate an 
>error on startup is bsd, and you have to supply a physical interface 
>(not lo0) which stops working when you run hostapd.
>
>I'm running NetBSD 6.1.5 on port-i386. As a test I'm running on a full 
>installation of NetBSD, but the target is an embedded appliance.
>
>Is there a way to disable the wireless portion of things and still have 
>a functioning radius server? Sorry if this is the wrong group. If so, 
>please let me know where I should send this to.
>
>Thanks,
>
>Jason M.
>
>P.S. Please copy me on any replies, I'm not subscribed to netbsd-users. 
>Thanks again!

Have you tried driver=test?

christos

Trying to run hostapd as solely a stand-alone Radius server

2018-01-12 Thread jmitchel


Hello,

I'm trying to run hostapd as a standalone Radius server without any of 
the wireless functionality. 
/usr/src/external/bsd/wpa/dist/hostapd/hostapd.conf has the following:


# Driver interface type (hostap/wired/madwifi/test/none/nl80211/bsd);
# default: hostap). nl80211 is used with all Linux mac80211 drivers.
# Use driver=none if building hostapd as a standalone RADIUS server that 
does

# not control any wireless/wired driver.
# driver=hostap

But the only option for driver that doesn't cause hostapd to generate an 
error on startup is bsd, and you have to supply a physical interface 
(not lo0) which stops working when you run hostapd.


I'm running NetBSD 6.1.5 on port-i386. As a test I'm running on a full 
installation of NetBSD, but the target is an embedded appliance.


Is there a way to disable the wireless portion of things and still have 
a functioning radius server? Sorry if this is the wrong group. If so, 
please let me know where I should send this to.


Thanks,

Jason M.

P.S. Please copy me on any replies, I'm not subscribed to netbsd-users. 
Thanks again!

Re: Trying to run hostapd as solely a stand-alone Radius server

Re: Trying to run hostapd as solely a stand-alone Radius server

Re: Trying to run hostapd as solely a stand-alone Radius server

Re: Trying to run hostapd as solely a stand-alone Radius server

Re: Trying to run hostapd as solely a stand-alone Radius server

Trying to run hostapd as solely a stand-alone Radius server

6 matches

Site Navigation

Mail list logo

Footer information