hostapd/wpa_supplicant - stable release v0.4.10

Jouni Malinen j
Mon Feb 19 09:00:18 PST 2007 

New versions of wpa_supplicant and hostapd were just released and are
now available from http://w1.fi/

This release is a bug fix version from the old stable (0.4.x) branch
and it replaces 0.4.9 as the recommended stable version if you have
not yet updated to the current stable branch (0.5.x).

If you are already using 0.5.7, you have all the fixes included in
this 0.4.10 release. If you are still using 0.3.x versions, I would
recommend upgrading to either 0.5.7 or this 0.4.10 release. There will
likely be one more 0.3.x bug fix release, but the 0.3.x branch is
getting close to reaching its end.


hostapd:
* added -P<pid file> argument for wpa_supplicant to write the current
  process id into a file
* fixed hostapd to add PMKID KDE into 4-Way Handshake Message 1 when
  using WPA2 even if PMKSA caching is not used
* driver_madwifi: fixed configuration of unencrypted modes (plaintext
  and IEEE 802.1X without WEP)
* fixed session timeout processing with drivers that do not use
  ieee802_11.c (e.g., madwifi)
* fixed EAP-PSK bit ordering of the Flags field
* fixed configuration reloading (SIGHUP) to re-initialize WPA PSKs
  by reading wpa_psk_file [Bug 181]
* fixed EAP-TTLS AVP parser processing for too short AVP lengths
* fixed IPv6 connection to RADIUS accounting server

wpa_supplicant:
* driver_madwifi: fixed TKIP and CCMP sequence number configuration on
  big endian hosts [Bug 146]
* Windows: added a workaround for UDP-based control interface to
  prevent packets with forged addresses from being accepted as local
  control requests
* fixed EAP-SIM/AKA key derivation for re-authentication case (only
  affects IEEE 802.1X with dynamic WEP keys)
* fixed WPA PSK update through ctrl_iface for the case where the old
  PSK was derived from an ASCII passphrase and the new PSK is set as
  a raw PSK (hex string)
* fixed configuration parser not to remove CCMP from group cipher list
  if WPA-None (adhoc) is used (pairwise=NONE in that case)
* driver_ndis: fixed static WEP configuration to avoid race condition
  issues with some NDIS drivers between association and setting WEP
  keys
* driver_ndis: added validation for IELength value in scan results to
  avoid crashes when using buggy NDIS drivers [Bug 165]
* fixed selection of the first network in ap_scan=2 mode; previously,
  wpa_supplicant could get stuck in SCANNING state when only the first
  network for enabled (e.g., after 'wpa_cli select_network 0')
* driver_ndis: added support for selecting AP based on BSSID
* fixed USIM PIN status determination for the case that PIN is not
  needed (this allows EAP-AKA to be used with USIM cards that do not
  use PIN)
* added support for reading 3G USIM AID from EF_DIR to allow EAP-AKA to
  be used with cards that do not support file selection based on
  partial AID
* fixed EAP-PSK bit ordering of the Flags field
* fixed EAP-PEAP/TTLS/FAST to use the correct EAP identifier in
  tunnelled identity request (previously, the identifier from the outer
  method was used, not the tunnelled identifier which could be
  different)
* fixed EAP-TTLS AVP parser processing for too short AVP lengths
* updated Windows binary build to link against OpenSSL 0.9.8d and
  added support for EAP-FAST
* added a workaround for a case where the AP is using unknown address
  (e.g., MAC address of the wired interface) as the source address for
  EAPOL-Key frames; previously, that source address was used as the
  destination for EAPOL-Key frames and in key derivation; now, BSSID is
  used even if the source address does not match with it
  (this resolves an interoperability issue with Thomson SpeedTouch 580)

-- 
Jouni Malinen                                            PGP id EFC895FA

More information about the Hostap mailing list