# Implementing 802.1x authenticator



## ipinlnd (Nov 9, 2015)

I'm trying to implement 802.1x authenticator on FreeBSD, using hostapd(8). When I run the daemon, this is what I get:

```
Starting hostapd.
Configuration file: /etc/hostapd.conf
ioctl[SIOCS80211, op=21, val=0, arg_len=42]: Invalid argument
Could not connect to kernel driver.
ioctl[SIOCS80211, op=21, val=0, arg_len=42]: Invalid argument
ioctl[SIOCS80211, op=17, val=0, arg_len=0]: Invalid argument
ioctl[SIOCS80211, op=20, val=0, arg_len=7]: Invalid argument
ioctl[SIOCS80211, op=20, val=0, arg_len=7]: Invalid argument
ioctl[SIOCS80211, op=20, val=0, arg_len=7]: Invalid argument
ioctl[SIOCS80211, op=20, val=0, arg_len=7]: Invalid argument
ioctl[SIOCS80211, op=1, arg_len=32]: Invalid argument
Could not read SSID from system
em0: Unable to setup interface.
ioctl[SIOCS80211, op=21, val=0, arg_len=42]: Invalid argument
Could not connect to kernel driver.
ioctl[SIOCS80211, op=21, val=0, arg_len=42]: Invalid argument
ioctl[SIOCS80211, op=7, val=4, arg_len=0]: Invalid argument
/etc/rc.d/hostapd: WARNING: failed to start hostapd
```
And then it changes my interface to down. This is my hostapd.conf:

```
interface=em0
#driver=wired
logger_stdout=-1
logger_stdout_level=1
debug=2
dump_file=/tmp/hostapd.dump
ieee8021x=1
eap_reauth_period=3600
use_pae_group_addr=1
own_ip_addr=127.0.0.1
nas_identifier=ap.example.com
auth_server_addr=127.0.0.1
auth_server_port=1812
auth_server_shared_secret=radius
acct_server_addr=127.0.0.1
acct_server_port=1813
acct_server_shared_secret=radius
```
Thanks


----------



## SirDice (Nov 9, 2015)

It would probably help if you used the correct format for wpa_supplicant.conf(5). Not sure where you got this from.

http://mini-it-world.blogspot.nl/2013/03/freebsd-9-authenticate-to-8021x-wired.html


----------



## ipinlnd (Nov 9, 2015)

Well that's not wpa_supplicant(8). It's hostapd(8). I got it from hostapd.conf()
This is the Authenticator part. I'll use wpa_supplicant(8) for the client.


----------



## SirDice (Nov 9, 2015)

Oh, duh... I think I really need to get some coffee.

Looking through the various man pages I'm beginning to think the FreeBSD hostapd(8) doesn't support this on wired. The Linux implementation does seem to support it.


----------



## ipinlnd (Nov 10, 2015)

Well thanks anyway 
I'm starting to write the service myself in C. I hope it's not that hard!


----------



## ipinlnd (Feb 25, 2016)

In file : /src/drivers/driver_wired.c :
There is a function that initializes the wired driver (wired_driver_hapd_init) and in it, it calls the "wired_init_sockets". Inside that function, I found this:


```
#ifdef __linux__
// a lot of stuff
#else
return -1;
#endif
```

So apparently, they gave FreeBSD no chance.
What I did is, i copied the codes that do the stuff for linux, and tried debugging it for FreeBSD. But I couldn't find equivalent for some:

1:

```
drv->sock = socket(PF_PACKET, SOCK_RAW, htons(ETH_P_PAE));
```
2:

```
addr.sll_family = AF_PACKET;
```

Where "PF_PACKET" and "AF_PACKET" are unknown to FreeBSD. How can I implement these two?


----------



## kp_ (Apr 3, 2016)

Are you still interested in these stuff?


----------



## cqexbesd (Jul 10, 2016)

ipinlnd said:


> Where "PF_PACKET" and "AF_PACKET" are unknown to FreeBSD. How can I implement these two?



IIUC you can use PF_LINK or the bpf device for this (like the DHCP client does). I don't know if either method will do what you need to do but maybe something to check.


----------



## uchman (Oct 16, 2017)

I would really like to fiddle around with this. Is there any effort put into adding the wired driver for FreeBSD?


----------

