hostapd/wpa_supplicant - new development release v0.6.7
Jouni Malinen
j
Tue Jan 6 10:58:57 PST 2009
New versions of wpa_supplicant and hostapd were just
released and are now available from http://w1.fi/
This release is the last development release from 0.6.x branch. The
next release, 0.6.8, will be the start of stable 0.6.x releases.
Development will continue in the hostap.git repository and a new
hostap-06.git repository will be used for stable releases. The goal
for the future 0.6.x releases is to mainly integrate bug fixes from
hostap.git. All new features will be developed in the 0.7.x
development branch.
hostapd:
* added support for Wi-Fi Protected Setup (WPS)
(hostapd can now be configured to act as an integrated WPS Registrar
and provision credentials for WPS Enrollees using PIN and PBC
methods; external wireless Registrar can configure the AP, but
external WLAN Manager Registrars are not supported); WPS support can
be enabled by adding CONFIG_WPS=y into .config and setting the
runtime configuration variables in hostapd.conf (see WPS section in
the example configuration file); new hostapd_cli commands wps_pin and
wps_pbc are used to configure WPS negotiation; see README-WPS for
more details
* added IEEE 802.11n HT capability configuration (ht_capab)
* added support for generating Country IE based on nl80211 regulatory
information (added if ieee80211d=1 in configuration)
* fixed WEP authentication (both Open System and Shared Key) with
mac80211
* added support for EAP-AKA' (draft-arkko-eap-aka-kdf)
* added support for using driver_test over UDP socket
* changed EAP-GPSK to use the IANA assigned EAP method type 51
* updated management frame protection to use IEEE 802.11w/D7.0
* fixed retransmission of EAP requests if no response is received
wpa_supplicant:
* added support for Wi-Fi Protected Setup (WPS)
(wpa_supplicant can now be configured to act as a WPS Enrollee to
enroll credentials for a network using PIN and PBC methods; in
addition, wpa_supplicant can act as a wireless WPS Registrar to
configure an AP); WPS support can be enabled by adding CONFIG_WPS=y
into .config and setting the runtime configuration variables in
wpa_supplicant.conf (see WPS section in the example configuration
file); new wpa_cli commands wps_pin, wps_pbc, and wps_reg are used to
manage WPS negotiation; see README-WPS for more details
* added support for EAP-AKA' (draft-arkko-eap-aka-kdf)
* added support for using driver_test over UDP socket
* fixed PEAPv0 Cryptobinding interoperability issue with Windows Server
2008 NPS; optional cryptobinding is now enabled (again) by default
* fixed PSK editing in wpa_gui
* changed EAP-GPSK to use the IANA assigned EAP method type 51
* added a Windows installer that includes WinPcap and all the needed
DLLs; in addition, it set up the registry automatically so that user
will only need start wpa_gui to get prompted to start the wpasvc
servide and add a new interface if needed through wpa_gui dialog
* updated management frame protection to use IEEE 802.11w/D7.0
git-shortlog for 0.6.6 -> 0.6.7:
Andriy Tkachuk (4):
Fix CONFIG_WPS=y, CONFIG_TLS=internal build
Longer auth_timeout for WPS key_mgmt
WPS: Do not use Selected Registrar Config Methods from scan results
NEED_BASE64 for WPS
Eygene Ryabinkin (3):
wpa_cli: fix readline history cleaning
wpa_cli: Improve sensitive command detection for readline history
wpa_cli: Embed command usage into the wpa_cli_commands array
Helmut Schaa (1):
wpa_supplicant: print password field only if -K is given
Ihar Hrachyshka (1):
Fix wpa_supplicant build for uClinux
Jouni Malinen (208):
Added preliminary Wi-Fi Protected Setup (WPS) implementation
Add a .gitignore for the new wps directory.
Reject GPSK-3 if ID_Server in it does not match with the value in GPSK-1
Use SSL_F_SSL_SET_SESSION_TICKET_EXT instead of OPENSSL_VERSION_NUMBER
Updated OpenSSL 0.9.8i patch to use new session ticket override API
Updated HT Capabilities Info field names to match with 802.11n/D7.0
Added IEEE 802.11n HT capability configuration (ht_capab)
Fixed HT Capabilities Info byte order processing for big endian CPUs
Rename [40HT] to [HT40] in ht_capab
Added support for configuring secondary channel offset for HT40
Add set STA Channel Width field to 1 when allowing HT40
Add some notes on which channels can be used with HT40- and HT40+
Get maximum TX power for each allowed channel from mac80211
Added support for generating Country IE based on nl80211 regulatory info
driver_nl80211: Added set_country() handler
Validate HT40 channel pair validity based on IEEE 802.11n Annex J
Change HT parameter configuration to use a single driver ops function
nl80211: Add support for setting channel frequency and HT20 vs. HT40
Added option to distinguish non-HT and HT20 in set_freq
nl80211: Clear HT flags from the channel when exiting
nl80211: Fixed a merge issue in an earlier commit for set_freq
PEAPv0: Added support for IPMK/CMK derivation in session resumption case
Changed NL80211_ATTR_WIPHY_SEC_CHAN_OFFSET to use U32
WPS: Moved UUID configuration from phase1 into global config area
WPS: Added parsing of Request Type and Response Type attributes
Fixed a typo in a debug message
WPS: Moved Credential and AP Settings processing in common code
WPS: Process old AP Settings in M7 when registering as external Registrar
WPS: Moved Credential building to use struct wps_credential
WPS: Update supplicant configuration when acting as an external Registrar
0.5.11 release
WPS: Moved device attributes into wps_context::dev for Enrollee case
WPS: Move WPS glue code from wpas_glue.c to wps_supplicant.c
WPS: Merged two cred_cb variables into the same one
WPS: Moved wps_context initialization into wps_supplicant.c
WPS: Moved mac_addr and uuid configuration into wps_context
WPS: Added comments for main data structures
WPS: Parse Request Type from WPS IE in (Re)AssocReq and derive mgmt keys
WPS: Pass device data into wps_enrollee_build_probe_req_ie()
WPS: Moved ProbeReq/AssocReq WPS IE building into wps_common.c
WPS: Moved RF Bands processing into wps_dev_attr.c
WPS: Split wps_common.c into parts
WPS: Moved WPS IE building for ProbeReq/AssocReq into wps.c
WPS: Set Request Type properly into WPS IE in ProbeReq/AssocReq
WPS: Added helper functions for generating and validating PINs
Fixed wpa_config_parse_string() not to modify const string.
WPS: Added wpa_supplicant ctrl_iface commands to start WPS processing
WPS: Added WPS into key_mgmt config write handler
WPS: Get AP PIN from configuration instead of using hardcoded value
WPS: Fixed hostapd to use allocated buffers for device attributes
WPS: Add length limits to device attribute strings
WPS: Added driver_test debug dump of Beacon/ProbeResp WPS IE
WPS: Added support for fragmented WPS IE in Beacon and Probe Response
Always clear EAP altAccept and altReject variables on new association
Clear various flags on re-association to allow key_mgmt changes
WPS: Added initial documentation on using WPS with wpa_supplicant
WPS: Added note about update_config and added WPS to ChangeLog
WPS: Added more verbose debug info on authentication type mismatch
WPS: Added support for wildcard PINs that work with any UUID-E
Fixed non-HT (and GF, 20 MHz) counting
Add a starting point for EAP-AKA' (draft-arkko-eap-aka-kdf-10)
Use a variable to store EAP method type for EAP-AKA vs. EAP-AKA'
EAP-AKA': Use SHA256 for AT_CHECKCODE
EAP-AKA': Use HMAC-SHA-256-128 for AT_MAC
nl80211: Generate 802.11b mode based on 802.11g information
EAP-AKA': Derive keys using the new KDF (PRF')
Removed mac_addr from eapol_ctx to fix the eapol_test build
EAP-AKA': Allow both AKA AKA' to be registed from eap_aka_prime.c
Fixed WEP authentication (both Open System and Shared Key) with mac80211
Made 802.11 management frame IE parser aware of vendor HT Capab IE
nl80211: Remove the debug print from data frame processing
Fixed EAP-SIM and EAP-AKA AT_IDENTITY parsing (server only)
EAP-AKA': Added processing of AT_KDF and AT_KDF_INPUT attributes
EAP-AKA': Comment out EAP-AKA' server KDF negotiation
EAP-AKA': Added CK',IK' derivation
Fixed a typo in a comment
Added protection against EAP-AKA' -> EAP-AKA bidding down attacks
Merged EAP-AKA' into eap_aka.c and added it to defconfig/ChangeLog
Added EAP-FAST interop test results with Radiator 4.3.1
Added option to force SoH version 1 (tnc=soh1)
nl80211: Include copy of linux/nl80211.h with hostapd/wpa_supplicant
WPS: Added [WPS], [WPS-PIN], [WPS-PBC] flags for scan results
driver_test: Added support for testing WPS without use_mlme
Fixed a typo in wpa_supplicant manpage
Added libnl 2.0 compatibility code (CONFIG_LIBNL20=y in .config needed)
Added documentation for the new 'country' configuration option
Renamed the 'alpha2' variable to 'country' to match with config string
Updated the comment about libnl to state that version 1.1 is new enough
Fixed build without CONFIG_IEEE80211N
Added CONFIG_IEEE80211N into defconfig (commented out)
SHA256 is needed for EAP-AKA' and WPS
Don't include unused calls to SHA256 functions if EAP-AKA' is not enabled
Rename MSG to MESG to avoid conflicts with Windows header files
Resolved number of signed/unsigned mismatches and ntddndis.h location
Workaround number of compiler warnings with newer MinGW version
Comment out dynamic CertEnumCertificatesInStore loading by default
driver_test: Optional support for using UDP socket
Ported driver_test to Windows (only UDP socket available)
driver_test: Handle WPS IE in non-MLME test
Added configuration of WPS device parameters for wpa_supplicant
First step in cleaning up global config parser: use parse_data array
Share the same global config parser function for integer values
Use shared string parser for global configuration fields
Added INT_RANGE parser for global configuration variables
Cleaned up EAP-MSCHAPv2 key derivation
Fixed interoperability issue with PEAPv0 cryptobinding and NPS
Fixed memory leak in WPS PBC overlap detection
WPS: Added control interface notification for available WPS APs
Use a fixed wps_msg prefix with WPS creds notification
WPS: Added WPS support into wpa_gui-qt4
Improve EAPOL-Key handshake stability with retransmitted frames
Fixed EAP-AKA build in case EAP-AKA' is disabled
Use less frequent polling when wpa_gui is hidden
WPS: Improved error processing to use NACK correctly
WPS: Added wpa_gui-qt4 support for BSS selection and AP PIN use
Do not allow HT with WPA/WPA2 to be enabled without CCMP
WPS: Fixed deinit code for freeing config and registrar data
Cleaned up EAPOL-Key timeout processing
Fixed PSK editing in wpa_gui (copy-paste bug in field names)
Fixed global conf write to skip default values for uuid and os_version
WPS: Added event callback and M2D notification
WPS: Added callback for failure-after-M2/M2D
WPS: Added event callback for successfully completed registration
IANA allocated EAP method type 51 to EAP-GPSK
Added a note about mac80211-based drivers and nl80211
Changed win_gui cross compilation to use cleaner Qt setup
Create PNG version of the wpa_gui tray icon file for cross compilation
Added Windows NSIS installer for wpa_supplicant
Use parallel compilation to speed up release build
Register wpasvc service on install and unregister on uninstall
Include WPS support in the Windows binary
Fixed a typo in a comment
WPS: Added support for wildcard SSID matching in ap_scan=2 mode
Added more notes about WPS GUI scan operations and wpa_gui
Silence a compiler warning
wpa_gui-qt4: Added wpasvc start/stop functionality for Windows
Fixed NDIS AuthMode configuration for WPS connection
Fixed PBC overlap detection to handle case of missing UUID-E
Use wildcard UUID when setting AP PIN for Registrar in wpa_supplicant
Add Start menu shortcuts to wpa_gui and uninstall
Allow HT to be enabled for a STA even without WMM
Reject association if HT STA tries to use TKIP as pairwise cipher
Changed the example device_type value to be Computer/PC
Added support for global driver data (shared by multiple interfaces)
Mark local functions static.
Added a mechanism for quering driver wrappers for available interfaces
wpasvc: Add skip_on_error registry value to skip interfaces on error
Added get_interfaces() handler to list all NDIS adapters
wpa_gui-qt4: Added support for adding new network interfaces
Add Windows registry entries during installation
Fixed control interface enabling for dynamically added interface
wpa_gui-qt4: Do not about new network adapters unless service is running
Added a ChangeLog entry about the new Windows installer
WPS: As a workaround, pad zero-length device attributes
Fixed the MFP Status/Reason Code values per 802.11w/D7.0
Renamed Ping procedure into SA Query procedure per 802.11w/D7.0
Updated SA Query procedure to use timeouts per 802.11w/D7.0
Add Key Length field into IGTK sub-element (FTIE) per 802.11w/D7.0
Do not use SA Query procedure if reassociation is part of FT
Added a note about IEEE 802.11w/D7.0 update
hostap.epitest.fi server is not at ISC anymore.
Added a TODO item for sending protected Disassoc after failed SA Query
Add RADIUS server support for identity selection hint (RFC 4284)
Fixed retransmission of EAP requests if no response is received
WPS: Set recommended retransmission times with EAP method specific hint
Disconnect the STA if EAP timeout is reached
Fix TLS message processing if Flags field is not present
Added ctrl_interface command for sending a SA Query request
MFP: Remove mac80211 workaround of IGTK in monitor netdev
Clear BIP keys, too, when removing broadcast keys with MFP enabled
Fixed SA Query Request length
MFP: Fix SA Query Action Category
MFP: Require MFP is it is enabled and AP scan shows support for it
Renamed nl80211 HT channel parameters to match with kernel
Sync nl80211.h copy with the current kernel version
Include pending MFP defines in nl80211_copy.h
WPS: Cleanup UUID and MAC address configuration
WPS: Generate UUID based on MAC address, if not set
Replaced string comparison operator '==' with '=' to work with dash
Include ieee802_11_defs.h explicitly instead of assuming it gets included
Initialize wpa_ie_len to 0 if WPA IE is not set on all paths
Move addr_un definitions to avoid using out-of-scope buffer
Updated doxygen configuration files to work with new doxygen
Added more src subdirectories into doxygen docs
Fixed number of doxygen warnings
Create all doxygen docs from root directory to get proper path names
Added Doxygen documentation for WPS code
Removed unused WPS_PENDING processing result
Removed duplicated authenticator yes/no from wps_config and wps_data
Removed registrar pointer from wps_config and wps_data
Moved WPS Registrar initialization from EAP peer to wps_supplicant.c
Include the header file to validate function prototype.
Mark functions static if not used elsewhere and use proper prototypes
Removed sparse destinations since "CC=cgcc make" works fine
Fixed sparse warnings about integer vs. pointer use
Added endianness annotation for sparse
Use NULL, not 0, when comparing a pointer
Completed Doxygen documentation for functions declared in wps/wps.h
Fixed Doxygen function links
Resolve a Doxygen warning
Remove unwanted wpa_supplicant -> struct wpa_supplicant links
Remove temporary Qt build directories from Doxygen run
Fixed IMAGE_PATH for doxygen run in root directory
Remove wpa_gui from doxygen documentations
Silenced number of Doxygen warnings
Fixed a typo in usage help
Preparations for 0.6.7 release
Create PNG icon before running qmake to avoid resource warning
Luis R. Rodriguez (1):
wpa_supplicant: Add support for setting of a regulatory domain
Tomasz Wolniewicz (1):
eapol_test: Add a universal way of adding extra RADIUS attributes
--
Jouni Malinen PGP id EFC895FA
More information about the Hostap
mailing list