Geoff Roberts wrote:
Hi Sam,
On Mon, 9 Nov 2009 03:48:41 am Sam Leffler wrote:
snip <
So your station associated and hostapd saw it but nothing in your logs
shows what hostapd did or did not do to complete the radius handshake.
All we see is that hostapd dropped the station--presumably because it
timed out trying to authenticated against the backend.
Not sure what debug level you need for hostapd; I usually use the cmd
line options.
Thanks for responding - it was a great help.
Your comment give me a clue as to where to begin looking.
It appears some components required by hostapd weren't being built.
I am building on an amd64 system.
I had a look at the make file in /usr/src/usr.sbin/wpa/hostapd/Makefile and
found that adding the following to /etc/src.conf fixed my problem:
HOSTAPD_CFLAGS+=-DEAP_SERVER -DEAP_GTC -DEAP_AKA -DEAP_SIM -DEAP_GPSK
HOSTAPD_CFLAGS+=-DEAP_PAX -DEAP_SAKE
WITH_OPENSSL=YES
I haven't had a chance to narrow down exactly which one made the difference,
but I'm guessing it is the -DEAP_SERVER flag.
The only tunable I could find in /usr/src/tools/build/options was
WPA_SUPPLICANT_EAPOL, but this should only affect wpa_supplicant.
Does anyone know if there is a tunable I am missing in my src.conf file, or
should I be setting the HOSTAPD_CFLAGS directly as above.
Setting HOSTAPD_CFLAGS directly is the intended mechanism. EAP_SERVER
is the important one to define; past that you're just adding in some of
the more esoteric mechanisms. I should probably enable it by default
(it comes setup out of the box to do only WPA-PSK).
Sam
_______________________________________________
freebsd-stable@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-stable
To unsubscribe, send any mail to "freebsd-stable-unsubscr...@freebsd.org"
