[prev in list] [next in list] [prev in thread] [next in thread]
List: hostap
Subject: Re: data transmission failes for hostapd and wpa_supplicant
From: Jouni Malinen <j () w1 ! fi>
Date: 2008-10-28 13:56:26
Message-ID: 20081028135626.GS19710 () jm ! kir ! nu
[Download RAW message or body]
On Mon, Oct 27, 2008 at 03:07:02PM +0100, laptopcss@gmx.de wrote:
> I'm working with hostapd and wpa_supplicant. Based on the topic trusted Computing I \
> want to transmit during a EAP-TLS /EAP-TTLS handshake my current measurement list. \
> At the moment it has a size of 99200 byte. The problem is that the transmission \
> ends after 24800 byte because the buffer is full. The whole process collaps because \
> the measurement list is not transmitted complete and the check cannot be \
> fullfilled.
That's quite a large amount measurement data.. Anyway, TNC-IFT does
actually require support for up to 100 kilobytes in IF-TNCCS messages,
so in that sense, this would be fine. However..
The current hostapd and wpa_supplicant implementations have a limit on
maximum number of EAP round-trips to avoid infinite loops between the
server and peer in error cases. However, this will also limit the
maximum size of data that can be transmitted over the EAP-TTLS tunnel. I
would suggest a test run with the maximum values increased from 50 to,
say, 100 (or even larger, if needed). This can be done be changing the
EAP_MAX_AUTH_ROUNDS value in src/eap_peer/eap.c and
src/eap_server/eap.c. If this resolves the problem for you, I could
consider changing the hard limit in the future releases or making it
somehow depend on whether TNC is used or not.
--
Jouni Malinen PGP id EFC895FA
_______________________________________________
HostAP mailing list
HostAP@lists.shmoo.com
http://lists.shmoo.com/mailman/listinfo/hostap
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic