hostapd/wpa_supplicant - new stable release v0.5.7

[Jouni Malinen]

New versions of wpa_supplicant and hostapd were just released and are
now available from http://hostap.epitest.fi/

This release moves 0.5.x branch from development to stable status. In
other words, from now on, 0.5.x versions are the latest available
stable releases. 0.4.x branch continues to be supported, but it is
moving more towards only including critical fixes. 0.3.x branch is
about to reach its end of life. I'm planning on releasing one more
0.3.x version with whatever changes have accumulated in the branch and
after that, no more changes are made to the 0.3.x branch unless
critical bugs are found. In other words, I would recommend starting to
move to either 0.5.x or 0.4.x versions if you are still using 0.3.x.

0.5.x development is in its own branch (hostap_0_5_branch) and CVS
trunk continues to be the place for the main development branch with
eventual 0.6.x releases. The development branch may also move to
Git-based repository in the future.


0.5.x branch brings in number of new features when comparing to the
previous stable branch (0.4.x). hostapd got support for multiple BSSes
per radio interface (only with some driver interfaces) and dynamic
VLAN configuration. Number of EAP methods were also added and/or
completed for the EAP server in hostapd.

wpa_supplicant 0.5.x has number of clean ups in the source code and
design to improve portability to new OSes and C libraries/compilers.
The included project files for Microsoft Visual Studio 2005 can be
used to build Windows versions natively. Number of improvements were
added to the Windows integration, too. Many EAP peer methods were
improved, just like the server side in hostapd.

An experimental TLSv1 client implementation was added to provide
better support for target systems that do not include TLS
functionality needed for EAP-TLS/PEAP/TTLS/FAST. One of the main goals
for this library is to keep the code size very small to fit into
embedded systems (adding just 30 kB or so of extra code whereas some
external libraries can be close to 1 MB in size).


Below are the change logs from 0.5.6. More detailed lists of changes
in older 0.5.x versions are included in the ChangeLog files in the
source code release files.

hostapd:
* updated EAP-SAKE to RFC 4763 and the IANA-allocated EAP type 48
* updated EAP-PSK to use the IANA-allocated EAP type 47
* fixed EAP-PSK bit ordering of the Flags field
* fixed configuration reloading (SIGHUP) to re-initialize WPA PSKs
  by reading wpa_psk_file [Bug 181]
* fixed EAP-TTLS AVP parser processing for too short AVP lengths
* fixed IPv6 connection to RADIUS accounting server

wpa_supplicant:
* updated EAP-SAKE to RFC 4763 and the IANA-allocated EAP type 48
* updated EAP-PSK to use the IANA-allocated EAP type 47
* fixed EAP-PAX key derivation
* fixed EAP-PSK bit ordering of the Flags field
* fixed EAP-PEAP/TTLS/FAST to use the correct EAP identifier in
  tunnelled identity request (previously, the identifier from the outer
  method was used, not the tunnelled identifier which could be
  different)
* fixed EAP-TTLS AVP parser processing for too short AVP lengths
* added support for EAP-FAST authentication with inner methods that
  generate MSK (e.g., EAP-MSCHAPv2 that was previously only supported
  for PAC provisioning)
* fixed dbus ctrl_iface to validate message interface before
  dispatching to avoid a possible segfault [Bug 190]
* fixed PeerKey key derivation to use the correct PRF label
* updated Windows binary build to link against OpenSSL 0.9.8d and
  added support for EAP-FAST


-- 
Jouni Malinen                                            PGP id EFC895FA