Home » Mailing list archives » madwifi-devel » 2004 » May » 14

[Madwifi-devel] hostapd support for madwifi

!MAILaRCHIVE_VOTE_RePLACE
Previous message: [thread] [date] [author]
Next message: [thread] [date] [author]
[view in full thread]
From: Paul Stewart <stewart@...>
Subject: [Madwifi-devel] hostapd support for madwifi
Date: Friday, May 14, 2004 - 8:28 pm

I'd like to use the Atheros chipset in a master mode that performs =20
802.1x authentication.  Although hostapd is currently targeted only at =20
the hostap driver, I think the problem of making it more generic is not =20
insurmountable.  Are there other folks interested/actively involved in =20
this effort?  I don't want to duplicate effort or end up with something =20
that won't ever get picked up if I venture into doing.

As far as I can tell, the 802.1x subsystem of hostapd depends on the =20
hostap driver for only a few non-standard features.  There's a lot of =20
room in hostapd to change the API to driver.c into something that's =20
more hardware neutral.  Apart from a couple wierd calls the WPA code =20
uses, there are calls for enabling "HOSTAPD mode" and tuning 802.1x =20
mode on, on and off per-station encryption, and toggling host-based =20
encryption.

It makes sense (to me) to implement versions of the following =20
functionality for madwifi:

 - Per-client "authorized" flag, instead of (what appears to
   be) M_HOSTAP authorizing all clients blindly.  This allows a fast
   path through the driver for forwarding frames from associated hosts.

 - Per-client keys.  This is implemented in HostAP by storing
   per-associated-client state in the driver containing each of the
   tx/rx keys.  Again, this is useful in order to provide fast-path
   bridging.  There are get/set commands through the PRISM API for per-
   host keys to be pushed/pulled from the driver There are individaul
   REMOVE_STA and FLUSH command to selectively or completely clean up
   this state.

 - The above implies encryption is done in software, that but that
   seems to be the current case with madwifi, modulo the current lack
   in flexibility in which keys to encrypt with.

 - Paths for sending raw frames to hostapd.  Specifically, PAE,
   management, and "To DS" frames from non-associated/unknown stations.
   The code in ath_rx_capture() is pretty close to what's needed.

 - Apart from a couple wierd calls the WPA code uses, there are calls
   for enabling "HOSTAPD mode" and tuning 802.1x mode on (mainly
   providing the functionality above) turning on and off per-station
   encryption, and toggling host-based encryption.

I'm fishing for reactions..

--
Paul




-------------------------------------------------------
This SF.Net email is sponsored by: SourceForge.net Broadband
Sign-up now for SourceForge Broadband and get the fastest
6.0/768 connection for only $19.95/mo for the first 3 months!
http://ads.osdn.com/?ad_id=2562&alloc_id=6184&op=click
_______________________________________________
Madwifi-devel mailing list
Madwifi-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/madwifi-devel
Previous message: [thread] [date] [author]
Next message: [thread] [date] [author]
Messages in current thread:
[Madwifi-devel] hostapd support for madwifi, Paul Stewart, (Fri May 14, 8:28 pm)