Thanks Sam, What should i put for HOSTAPD_CFLAGS, HOSTAPD_DPADD, HOSTAPD_LDADD or WPA_SUPPLICANT_* (not sure which ones i should use) in order to get hostapd rebuilt with the functionality i want ?
Regards, Vladimir On Thu, 2009-06-18 at 20:36 +0300, Sam Leffler wrote: > EAP/TLS and TTLS should be configured by default in HEAD. Not sure > what > is done in RELENG_7. Regardless you can trivially rebuild hostapd w/ > the functionality you want by definitions to your src.conf: > > HOSTAPD_CFLAGS > HOSTAPD_DPADD > HOSTAPD_LDADD > > (looks like you use WPA_SUPPLICANT_* knobs in RELENG_7, check > usr.sbin/wpa/hostapd/Makefile). > > As to what should be enabled by default, I can only say that I tried > to > choose the most common setup as the default. Choosing this > configuration also balances between bloat and inclusion of code that > might not be as well audited and/or tested as other code. Hence the > default setup used to be WPA-PSK only but has since grown to include > various EAP flavors. My assumption was that anyone building a system > using these tools would want to go through and choose what they wanted > anyway so enabling everything was a bad idea. > > Sam > > > Vladimir Terziev wrote: > > Hi Paul, > > > > is there some special reason behind this? Why the server is made > part of > > the main distribution with stripped functionality ? > > > > Also, how can i enable it ? > > > > Thanks, > > > > Vladimir > > > > > > On Thu, 2009-06-18 at 13:55 +0300, Paul B. Mahol wrote: > > > >> On 6/18/09, Vladimir Terziev <vladim...@partygaming.com> wrote: > >> > >>> Hi, > >>> > >>> i try to setup wireless access point at home, based on FreeBSD > >>> 7.2R-i386, ral(4) wireless card and hostpad(8). > >>> > >>> I want my wireless AP to support 802.1x EAP-TLS/TTLS > authentication. > >>> > >> I > >> > >>> issued a custom SSL certificate for the hostapd(8) and put the > >>> > >> following > >> > >>> directives in hostapd.conf: > >>> > >>> eap_server=0 > >>> ca_cert=/usr/local/etc/myCA.crt.pem > >>> server_cert=/usr/local/etc/hostapd.server.crt.pem > >>> private_key=/usr/local/etc/hostapd.server.key.pem > >>> private_key_passwd=some_pass > >>> > >>> When i tried to start the hostapd(8) i got the following errors: > >>> > >>> Line 15: unknown configuration item 'eap_server' > >>> Line 16: unknown configuration item 'ca_cert' > >>> Line 17: unknown configuration item 'server_cert' > >>> Line 18: unknown configuration item 'private_key' > >>> Line 19: unknown configuration item 'private_key_passwd' > >>> > >>> Does the stock FreeBSD's hostapd(8) support 802.1X EAP-TLS/TTLS at > >>> > >> all > >> > >>> and if "not" why ? > >>> > >> 802.1X EAP-TLS/TTLS is not enabled by default on FreeBSD's > hostapd(8). > >> > >> -- > >> Paul > >> > >> > >> > > > > This email and any attachments are confidential, and may be legally > privileged and protected by copyright. If you are not the intended > recipient dissemination or copying of this email is prohibited. If you > have received this in error, please notify the sender by replying by > email and then delete the email completely from your system. > > > > Any views or opinions are solely those of the sender. This > communication is not intended to form a binding contract unless > expressly indicated to the contrary and properly authorised. Any > actions taken on the basis of this email are at the recipient's own > risk. > > > > > > _______________________________________________ > > freebsd-net@freebsd.org mailing list > > http://lists.freebsd.org/mailman/listinfo/freebsd-net > > To unsubscribe, send any mail to > "freebsd-net-unsubscr...@freebsd.org" > > > > > > > > > _______________________________________________ freebsd-net@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-net To unsubscribe, send any mail to "freebsd-net-unsubscr...@freebsd.org"
