hostapd/wpa_supplicant - new development release v0.6.5
Jouni Malinen
j
Sat Nov 1 08:35:57 PDT 2008
New versions of wpa_supplicant and hostapd were just
released and are now available from http://w1.fi/
This release is from the development branch (0.6.x). Please note that
the 0.5.x branch continues to be the current source of stable releases.
hostapd:
* added support for SHA-256 as X.509 certificate digest when using the
internal X.509/TLSv1 implementation
* fixed EAP-FAST PAC-Opaque padding (0.6.4 broke this for some peer
identity lengths)
* fixed internal TLSv1 implementation for abbreviated handshake (used
by EAP-FAST server)
* added support for setting VLAN ID for STAs based on local MAC ACL
(accept_mac_file) as an alternative for RADIUS server-based
configuration
* updated management frame protection to use IEEE 802.11w/D6.0
(adds a new association ping to protect against unauthenticated
authenticate or (re)associate request frames dropping association)
* added support for using SHA256-based stronger key derivation for WPA2
(IEEE 802.11w)
* added new "driver wrapper" for RADIUS-only configuration
(driver=none in hostapd.conf; CONFIG_DRIVER_NONE=y in .config)
* fixed WPA/RSN IE validation to verify that the proto (WPA vs. WPA2)
is enabled in configuration
* changed EAP-FAST configuration to use separate fields for A-ID and
A-ID-Info (eap_fast_a_id_info) to allow A-ID to be set to a fixed
16-octet len binary value for better interoperability with some peer
implementations; eap_fast_a_id is now configured as a hex string
* driver_nl80211: Updated to match the current Linux mac80211 AP mode
configuration (wireless-testing.git and Linux kernel releases
starting from 2.6.29)
wpa_supplicant:
* added support for SHA-256 as X.509 certificate digest when using the
internal X.509/TLSv1 implementation
* updated management frame protection to use IEEE 802.11w/D6.0
* added support for using SHA256-based stronger key derivation for WPA2
(IEEE 802.11w)
* fixed FT (IEEE 802.11r) authentication after a failed association to
use correct FTIE
* added support for configuring Phase 2 (inner/tunneled) authentication
method with wpa_gui-qt4
git-shortlog for 0.6.4 -> 0.6.5:
Andriy Tkachuk (1):
Fix build with CONFIG_CLIENT_MLME, but without CONFIG_IEEE80211W
Bernard Gray (2):
wpa_gui-qt4: add svg icon
wpa_gui-qt4: enhance svg icon
Dan Nicholson (2):
Restore scan request settings if initial association failed
Don't post scan results when initial scan is emtpy
Dan Williams (1):
Add an optional set_mode() driver_ops handler for setting mode before keys
Johannes Berg (3):
nl80211 driver: correctly set the encrypt bit for eapol frames
nl80211 hostapd driver: clean up netlink code
driver_nl80211: Remove set_ssid from nl80211 driver
Jouni Malinen (86):
IEEE Std 802.11r-2008 has been released, so update references
nl80211: Fixed set_mode() to actually use adhoc/station nl80211 variables
nl80211: Fixed re-initialization of removed and re-inserted interface
Fixed supported rates IE generation for Probe Response frames.
nl80211: Preliminary code for usermode MLME support
Updated EAP-TTLSv0 references to use RFC 5281
Internal X.509/TLSv1: Support SHA-256 in X.509 certificate digest
Added mlme_{add,remove}_sta() for userspace MLME
Add preliminary IEEE 802.11n support into hostapd
Add configuration option for enabling optional use of short preamble
Do not store dynamic HT IEs in configuration structures
Moved IEEE 802.11n parameter to be per-radio instead of per-BSS
HT: Removed unused definitions
Fixed EAP-FAST server PAC-Opaque padding
Fixed internal TLSv1 server implementation for abbreviated handshake
Updated the OpenSSL EAP-FAST patch for the current OpenSSL 0.9.9 snapshot
Switched driver_nl80211 to use the new sta_add2()
Send HT parameters for new STAs
Fixed WEXT scan result parser to not crash on invalid IEs (zero len buffer)
Added support for setting VLAN ID for STAs based on local MAC ACL
Added a place for example mac80211_hwsim test cases
Updated MFP defines based on IEEE 802.11w/D6.0 and use new MFPC/MFPR
Copy previous BSSID into STA data only after full validation of the request
IEEE 802.11w: Added association ping
Moved WMM action category definition into ieee802_11_defs.h
Cleaned up TX callback request processing
Added support for using SHA256-based stronger key derivation for WPA2
MFP + FT: Added support for sending IGTK in FTIE
FT: Fixed FTIE for authentication after a failed association
IEEE 802.11w: Use comeback duration to delay association
Fixed eap_example build to match with EAP-PEAP changes
Add a new auto-generated file to be ignored
Split wpa_supplicant_select_bss() into three and remove odd debug message
Silenced compiler warnings on size_t printf format and shadowed variables
Validate WEXT event iwe->u.data.length before using the event data
Added OpenSSL 0.9.8i patch for EAP-FAST
Update the OpenSSL EAP-FAST patch for current snapshot (20080928)
Fixed build without CONFIG_CLIENT_MLME
Added set_mode() handler for privsep
FT: Do not call wpa_ft_prepare_auth_request() if FT is not used
nl80211: clean up netlink code
Fixed EAP-TTLS server to verify eap_ttls_phase2_eap_init() return code
Added a new driver wrapper, "none", for RADIUS server only configuration
Silenced some of the driver-related messages for driver=none case
Add pcsc="" to configuration for EAP-SIM and EAP-AKA
wpa_gui-qt4: Added support for configuring Phase 2 method
Extended ctrl_iface SET_NETWORK to allow variables to be unset
wpa_gui-qt4: Unset string variables instead of setting them to ""
wpa_gui-qt4: Set EAP-FAST provisioning parameters
Fixed a typo
wpa_gui-qt4: Fixed phase2 format for EAP-FAST GTC+MSCHAPv2 case
Save config after blob updates from EAP (if update_config=1)
Set update_config=1 in the example Windows registry config
NDIS: Set authMode=WPA2, if needed, when flushing PMKID cache
Added debug_timestamp option to Windows registry
Register a quick auth timeout if EAPOL fails to avoid long waits
Fixed EAP-FAST peer not to add double Result TLV when ACKing PAC
SoH: Add all the mandatory attributes into SSoH vendor specific attribute
SoH: Add null termination for empty url in MS-Quarantine-State.
Updated the comment on MS-Packet-Info mismatch based on [MS-SOH] info
wpa_gui-qt4: Set EAP-FAST provisioning parameters if inner method is 'any'
Change the order of Result TLV and PAC TLV to avoid interop issues
EAP-FAST: Added support for disabling anonymous/authenticated provisioning
EAP-FAST: Make PAC-Key lifetime values configurable
Avoid some gcc 4.3 warnings about deprecated string conversions
Fixed WPA/RSN IE validation to verify the proto (WPA vs. WPA2) is enabled
EAP-FAST: Allow A-ID and A-ID-Info to be configured separately
EAP-FAST peer: Fixed not to add PAC Request in PAC Acknowledgement message
Fix group key rekeying when reauth happens during pending group key update
Fixed EAPOL skip for PMKSA caching case to remain in authenticated state
Set TX queue parameters during initialization
nl80211: Finish dumps properly (ported from iw.git)
Fixed size_t printf format for 64-bit targets
Verify fread(), fwrite(), and system() return values
driver_nl80211: Added basic rate configuration
driver_nl80211: Added TX queue parameter configuration
Removed the unused hapd argument to ieee802_11_parse_elems()
Moved ieee802_11_parse_elems() into common code
Use the common ieee802_11_parse_elems() implementations for mlme.c
Use os_snprintf() instead of snprintf()
Updated VS2005 project files with new and removed C files
Fixed ctrl_iface BSS command to fetch scan results, if needed
Added a note about hostapd driver_nl80211 and AP mode in wireless-testing
Added a comment about VS2008EE and updated WinPcap/OpenSSL versions
Fixed fwrite error path in eap_fast_write_pac not to free buf
Preparations for 0.6.5 release
Kel Modderman (9):
wpa_gui-qt4: desktop entry file
wpa_gui-qt4: use new svg as application icon
wpa_gui-qt4: remove qPixmapFromMimeSource from ui files
wpa_gui-qt4: add system tray support
wpa_gui-qt4: add status fields to tray message
wpa_gui-qt4: remove lastWindowClosed() signal handler
Don't bother showing a status message when returning to the system tray,
wpa_gui-qt4: clean up closeEvent handler
wpa_gui-qt4: add support for starting in system tray only
Tomas Winkler (1):
Add Intel copyright for files with 802.11n Intel changes
--
Jouni Malinen PGP id EFC895FA
More information about the Hostap
mailing list