Overview
========

This is an implementation of the GSS EAP mechanism, as described in
draft-howlett-eap-gss-xx.txt.

Building
========

In order to build this, a recent Kerberos implementation (MIT or
Heimdal), Shibboleth, and EAP libraries are required, along with
all of their dependencies.

Installing
==========

When installing, be sure to edit $prefix/etc/gss/mech to register
the EAP mechanisms. A sample configuration file is in this directory.

Make sure your RADIUS library is configured to talk to the server of
your choice.

Testing
=======

You can then test the MIT or Cyrus GSS and SASL example programs.
Sample usage is given below. Substitute <user>, <pass> and <host>
appropriately (<host> is the name of the host running the server,
not the RADIUS server).

% gss-client -port 5555 -spnego -mech "{1 3 6 1 4 1 5322 21 1 18}" \
  -user <user> -pass <pass> <host> host@<host> "Testing GSS EAP"
% gss-server -port 5555 -export host@<host>

Note: for SASL you will be prompted for a username and password.

% client -C -p 5556 -s host -m EAP-AES128 <host>
% server -c -p 5556 -s host -h <host>