From owner-freebsd-current@FreeBSD.ORG  Thu Jun 24 19:43:08 2004
Return-Path: <owner-freebsd-current@FreeBSD.ORG>
Delivered-To: freebsd-current@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP
	id 5004016A4CE; Thu, 24 Jun 2004 19:43:08 +0000 (GMT)
Received: from ebb.errno.com (ebb.errno.com [66.127.85.87])
	by mx1.FreeBSD.org (Postfix) with ESMTP
	id F065743D45; Thu, 24 Jun 2004 19:43:07 +0000 (GMT)
	(envelope-from sam@errno.com)
Received: from [66.127.85.91] ([66.127.85.91])
	(authenticated bits=0)
	by ebb.errno.com (8.12.9/8.12.6) with ESMTP id i5OJh0Wi057301
	(version=TLSv1/SSLv3 cipher=RC4-MD5 bits=128 verify=NO);
	Thu, 24 Jun 2004 12:43:00 -0700 (PDT)
	(envelope-from sam@errno.com)
From: Sam Leffler <sam@errno.com>
Organization: Errno Consulting
To: freebsd-current@freebsd.org
Date: Thu, 24 Jun 2004 12:45:05 -0700
User-Agent: KMail/1.6.1
References: <20040624175803.GA6517@freefall.freebsd.org>
In-Reply-To: <20040624175803.GA6517@freefall.freebsd.org>
MIME-Version: 1.0
Content-Disposition: inline
Content-Type: text/plain;
  charset="iso-8859-1"
Content-Transfer-Encoding: 7bit
Message-Id: <200406241245.05956.sam@errno.com>
cc: Bosko Milekic <bmilekic@freebsd.org>
cc: Ivan Voras <ivoras@fer.hr>
cc: current@freebsd.org
Subject: Re: 802.1x?
X-BeenThere: freebsd-current@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
List-Id: Discussions about the use of FreeBSD-current
	<freebsd-current.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-current>,
	<mailto:freebsd-current-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-current>
List-Post: <mailto:freebsd-current@freebsd.org>
List-Help: <mailto:freebsd-current-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-current>,
	<mailto:freebsd-current-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Thu, 24 Jun 2004 19:43:08 -0000

On Thursday 24 June 2004 10:58 am, Bosko Milekic wrote:
> Ivan Voras wrote:
> >Is there any way for a FreeBSD machine to be a supplicant in 802.1x
> >authorisation scheme? Open1x project has abandoned support for FreeBSD
> > (not that they had any) and googling around turns up only old
> > information.
> >
> >My situation is that I need it for authorisation "over the wire" - not on
> > a wireless adapter but over ethernet (and then to a RADIUS server I
> > presume...).
>
>   Take a look at Pekka Nikander's paper from Usenix02:
>
>   Pekka Nikander, "Authorization and charging in public WLANs using
>   FreeBSD and 802.1x," in Proceedings of the Freenix track: 2002 USENIX
>   Annual Technical Conference, Monterey, CA, June 10-15, 2002.
>
>   http://www.tml.hut.fi/~pnr/publications/Freenix2002-Nikander.pdf
>
>   He has a netgraph module (perhaps a tad outdated) available.

He asked for supplicant.  Pekka's work is for the authenticator (unless I've 
forgotten).

I've got wpa_supplicant working with a Linux version of the net80211 code and 
it includes .1x supplicant support.  I've trolled for someone to port the 
work back to FreeBSD but come up empty so far.

FWIW my revised net80211 layer also includes a working .1x authenticator.

	Sam