first cut at (user space) 802.1x supplicant program.
first of all, I'm not particularly proud of the code --
this is work in progress, the second rough version that works.
it definitely needs cleaning up
(in particular: global variables, creating/parsing of messages,
debugging output (reduce amount, make more useful),
integration of 802.1x-document based state machines
with plan 9 thread style of dealing with multiple open files,
get rid of compiler warnings).
I hope this will happen in due time.
I'm making this available to allow constructive criticism.
This depends on:
- the tlshand patches I submitted on sources/patch
and which have been applied in the mean time
- fastkey support in wlan driver
(separate wavelan.[ch] etherwavelan.c)
It assumes a writable, append-only /sys/log/8021x file.
command line option -d outputs lots of debugging
command line option -D outputs tls handshake debugging
TODO:
- code cleanup
- see if we can fix memory leak (leaking 32K per re-auth?)
- see why we sometimes go throught the tls handshake
multiple times (error in my state machines?)
- see why we sometimes get error
'invalid initial SSL2-like message'
- look at checking server certificate
(as done in some of the programs that use tlsClient)
- reduce (debug) output to syslog
- use tls session resumption (here it takes about 15 sec
for tlsCLient to complete the handshake),
but for that we first need to enhance tlsClient
(and thus tlshand/tlsdev)
with support for tls session resumption
Axel.Belinfante@cs.utwente.nl
|