Adding WPS support for hostapd / wpa_supplicant

Jouni Malinen j
Wed Oct 31 20:29:34 PDT 2007

On Tue, Oct 23, 2007 at 10:00:11AM +0200, Assaf Harel wrote:

> The plot thickens when the Registrar is external, i.e. either Wired
> (Vista) or Wireless (i.e. on another station, yes WPS allows this,
> thinking of a case where you're registrar is on your laptop, handheld,
> cell phone, or even wireless IPTV in the future). In this case the AP
> has to act as proxy and to forward messages between enrollee and
> registrar. The problem is that Intel never implemented this feature
> seriously. They did some "quick and dirty" proxy by simply forwarding
> messages from the wired interface to the wireless one and vise versa.
> This doesn't take care of the case of a wireless registrar, or the case
> of multiple registrars (the standard requires the support of more the
> one registrar through the same AP).
> This implementation is the main contribution Metalink has to add over
> Intel's original patch to hostapd / wpa_supplicant. I believe that this
> would be Atheros main contribution as well, and I believe they differ.
> We can wait for our and their submission, before considering each one
> (we don't mind adopting to Atheros solution if it is superior to ours,
> but I fear that this may not be the case - we saw Atheros device in
> action since it's a part of the WiFi WPS certification testbed).

How much of your changes are on the Intel's code (which runs in a
completely separate process, if I remember correctly) and how much in
changes to hostapd/wpa_supplicant?

One thing to keep in mind is that the Intel project is distributed
separately from hostapd/wpa_supplicant and if both parts are to remain
separate, some coordination will be needed to handle how to maintain the
packages in the future. I'm not up-to-date on the current status of the
Intel WPS project and how it is maintained.

> Please instruct me how you would like to proceed.

In many cases, making an implementation available for review may be the
easiest way of getting started. If needed, I can host contributed files
on like I've done with the files Ted sent.

As far as getting something into hostapd/wpa_supplicant is concerned,
the way to go here is to make patches against the current development
version (now 0.6.x branch in git tree). In general, I would prefer to
see number of small patches introducing larger changes in parts.

As far as the architecture of the WPS solution is concerned, it would be
helpful to get high-level description on how you've implemented this
(e.g., where (separate daemon/hostapd/wpa_supplicant/etc.) each WPS
component is implemented and which processes are needed in various
components in the most common WPS scenarios. I would also like to
understand which of the WPS transports are supported and whether there
is something in the current architecture that you would like to change
based on the experiences with the implementation so far.

Jouni Malinen                                            PGP id EFC895FA

More information about the Hostap mailing list