hostapd/wpa_supplicant - new development release v0.7.2

Jouni Malinen j
Sun Apr 18 11:17:32 PDT 2010

New versions of wpa_supplicant and hostapd were just
released and are now available from

This release is the last development release from the 0.7.x branch. The
next release, 0.7.3, will be the start of stable 0.7.x releases.
Development will continue in the hostap.git repository and a new
hostap-07.git repository will be used for stable 0.7.x releases. The
goal for the future 0.7.x releases is to mainly integrate bug fixes
from hostap.git. All new features will be developed in the development

* fix WPS internal Registrar use when an external Registrar is also
* bsd: Cleaned up driver wrapper and added various low-level
  configuration options
* TNC: fixed issues with fragmentation
* EAP-TNC: add Flags field into fragment acknowledgement (needed to
  interoperate with other implementations; may potentially breaks
  compatibility with older wpa_supplicant/hostapd versions)
* cleaned up driver wrapper API for multi-BSS operations
* nl80211: fix multi-BSS and VLAN operations
* fix number of issues with IEEE 802.11r/FT; this version is not
  backwards compatible with old versions
* add SA Query Request processing in AP mode (IEEE 802.11w)
* fix IGTK PN in group rekeying (IEEE 802.11w)
* fix WPS PBC session overlap detection to use correct attribute
* hostapd_notif_Assoc() can now be called with all IEs to simplify
  driver wrappers
* work around interoperability issue with some WPS External Registrar
* nl80211: fix WPS IE update
* hostapd_cli: add support for action script operations (run a script
  on hostapd events)
* fix DH padding with internal crypto code (mainly, for WPS)
* fix WPS association with both WPS IE and WPA/RSN IE present with
  driver wrappers that use hostapd MLME (e.g., nl80211)

* nl80211: fixed number of issues with roaming
* avoid unnecessary roaming if multiple APs with similar signal
  strength are present in scan results
* add TLS client events and server probing to ease design of
  automatic detection of EAP parameters
* add option for server certificate matching (SHA256 hash of the
  certificate) instead of trusted CA certificate configuration
* bsd: Cleaned up driver wrapper and added various low-level
  configuration options
* wpa_gui-qt4: do not show too frequent WPS AP available events as
  tray messages
* TNC: fixed issues with fragmentation
* EAP-TNC: add Flags field into fragment acknowledgement (needed to
  interoperate with other implementations; may potentially breaks
  compatibility with older wpa_supplicant/hostapd versions)
* wpa_cli: added option for using a separate process to receive event
  messages to reduce latency in showing these
  (CFLAGS += -DCONFIG_WPA_CLI_FORK=y in .config to enable this)
* maximum BSS table size can now be configured (bss_max_count)
* BSSes to be included in the BSS table can be filtered based on
  configured SSIDs to save memory (filter_ssids)
* fix number of issues with IEEE 802.11r/FT; this version is not
  backwards compatible with old versions
* nl80211: add support for IEEE 802.11r/FT protocol (both over-the-air
  and over-the-DS)
* add freq_list network configuration parameter to allow the AP
  selection to filter out entries based on the operating channel
* add signal strength change events for bgscan; this allows more
  dynamic changes to background scanning interval based on changes in
  the signal strength with the current AP; this improves roaming within
  ESS quite a bit, e.g., with bgscan="simple:30:-45:300" in the network
  configuration block to request background scans less frequently when
  signal strength remains good and to automatically trigger background
  scans whenever signal strength drops noticeably
  (this is currently only available with nl80211)
* add BSSID and reason code (if available) to disconnect event messages
* wpa_gui-qt4: more complete support for translating the GUI with
  linguist and add German translation
* fix DH padding with internal crypto code (mainly, for WPS)
* do not trigger initial scan automatically anymore if there are no
  enabled networks

git shortlog for 0.7.1 -> 0.7.2:

Andriy Tkachuk (1):
      Fix WPA/RSN IE update on reconfig with set_generic_elem()

Christian Lamparter (1):
      ap: Reorder authsrv_init() to fix IEEE 802.1X initialization

Dmitry Shmidt (1):
      Update priority list after priority change

Felix Fietkau (5):
      hostapd: add ifname to the sta_set_flags callback
      hostapd: fix bogus nl80211 interface remove messages for STA WDS
      hostapd: Fix interface selection for the nl80211 driver
      hostapd: allow stations to move between different bss interfaces
      hostapd: fix a segfault in the error path of the nl80211 if_add function

Gregory Detal (2):
      AP: Add wpa_msg() events for EAP server state machine
      Add support for action scripts in hostapd_cli

Hamish Guthrie (1):
      driver_ps3: Remove legacy ps3 wpa driver

Holger Schurig (1):
      nl80211: Fix WEP key configuration for prior to authentication

Jouni Malinen (180):
      nl80211: Clear cfg80211 authentication data for old entries
      SME: Request a new scan if SME association command fails
      nl80211: Dump scan results in debug log if association command fails
      Try to avoid some unnecessary roaming
      wpa_gui-qt4: Stop BSS fetch loop on error for Peers dialog
      driver_bsd: Fix build without SIOCS80211CHANNEL
      nl80211: Do not try to remove non-existing STA WDS interface
      Add new ctrl_iface event for EAP methods proposed by the server
      WPS: Fix AP operation with internal Registrar when ER is also active
      OpenSSL: Fix tls_init(NULL) with FIPS-enabled build
      Fix TLS in/out buffer freeing
      Fix memory leak on TLS setup error path
      Add TLS client events, server probing, and srv cert matching
      EAP-TNC: Accept fragment ack frame with Flags field
      EAP-TNC server: Fix processing when last message is fragmented
      wpa_gui: Use separate ctrl_iface connection for event messages
      EAP-TNC: Add Flags field into fragment acknowledgement
      wpa_cli: Add option to use child process to receive events
      Sync with linux/nl80211.h from wireless-testing.git
      Add alloc_interface_addr() drv op option for specifying ifname
      nl80211: Add support for off-channel Action TX/RX commands
      Make EAPOL Authenticator buildable with Microsoft compiler
      Rename EAP server source files to avoid duplicate names
      Use os_snprintf instead of snprintf
      Add more debug prints to make deauth/disassoc events clearer
      Clear current_bss pointer on disassociation/deauthentication
      Add suspend/resume notifications
      Do not inhibit suspend even if wpa_cli command fails
      Allow roam based on preferred BSSID regardless of signal strength
      Make maximum BSS table size configurable
      Add optional scan result filter based on SSID
      bsd: Use os_strlcpy instead of strlcpy
      Avoid warnings on unused function/variables if debug is disabled
      Remove unneeded CONFIG_EAP comments
      Remove unnecessary ifname parameter from set_beacon()
      nl80211: Unregister forgotten eloop socket on init failure
      Remove forgotten ifname parameter from set_beacon() call
      Remove unneeded iface parameter from if_add() driver op
      Avoid crash after driver init failure
      driver_test: Use driver private BSS context instead of BSS lookup
      Remove unneeded ifname parameter from set_privacy() driver op
      Remove unnecessary ifname parameter from set_generic_elem() driver op
      Remove unnecessary ifname parameter from hapd_get_ssid/hapd_set_ssid
      Remove unnecessary ifname parameter from sta_add() driver op
      Remove unnecessary ifname parameter to sta_set_flags() driver op
      Remove unnecessary ifname parameter from set_ht_params() driver op
      Remove unnecessary ifname parameter from set_ap_wps_ie() driver op
      wpa_gui: Remove unneeded wpa_ctrl_request() msg_cb
      Fix a typo in r1kh config parameter description
      nl80211: Fix driver context pointer for auth-failure-case
      FT: Include pairwise cipher suite in PMK-R0 SA and PMK-R1 SA
      nl80211: Add preliminary implementation of FT Action send
      nl80211: Fix FT Action send command
      FT: Add preliminary processing of FT Action Response from EVENT_RX_ACTION
      wpa_cli: Redisplay readline edit after event messages
      wpa_cli: Fix detach race with forked monitor process
      wpa_cli: Improved command parameter tab completion
      Fix WPS IE in Probe Response frame to include proper Config Methods values
      FT: Request reassociation after successful FT Action frame exchange
      FT: Add a workaround to set PTK after reassociation
      FT: Update SME frequency info before sme_associate() call
      FT: Add driver op for marking a STA authenticated
      FT: Fix PTK configuration in authenticator
      FT: Process reassoc resp FT IEs when using wpa_supplicant SME
      FT: Clean EAPOL supp portValid to force re-entry to AUTHENTICATED
      FT: Fix Authorized flag setting for FT protocol
      nl80211: Silence set_key ENOLINK failure messages on key clearing
      nl80211: Add more debug information about scan request parameters
      Add freq_list network configuration parameter
      Fix wpa_auth_iface_iter() to skip BSSes without Authenticator
      Sync with wireless-testing.git include/linux/nl80211.h
      nl80211: Parse CQM events
      Add driver command and event for signal strength monitoring
      bgscan: Add signal strength change events
      Fix ctrl_iface get-STA-MIB for WPS disabled case
      MFP: Add MFPR flag into station RSN IE if 802.11w is mandatory
      Add deauthenticate/disassociate ctrl_iface commands
      Add test commands for sending deauth/disassoc without dropping state
      MFP: Add SA Query Request processing in AP mode
      Add a drop_sa command to allow 802.11w testing
      MFP: Fix IGTK PN in group rekeying
      driver_osx: Update set_key arguments to fix build
      WPS: Fix PBC session overlap detection to use Device Password Id
      WPS: Do not include Label in default Config Methods
      Add address to hostapd_logger output in wpa_supplicant as AP case
      Fix Windows compilation issues with AP mode code
      Allow hostapd_notif_assoc() to be called with all IEs
      Add AP-STA-DISCONNECT event for driver-based MLME
      FT: Force key configuration after association in FT-over-DS
      FT: Set WLAN_AUTH_FT auth_alg on FT-over-DS case
      FT: Use bridge interface (if set) for RRB connection
      FT: Re-set PTK on reassociation
      Add a more flexible version of hwaddr_aton: hwaddr_aton2()
      WPS: Add a workaround for incorrect NewWLANEventMAC format
      WPS: Fix WPS IE update in Beacon frames for nl80211
      Avoid hostapd segfault on invalid driver association event
      Fix SME to update WPA/RSN IE for rsn_supp module based on AssocReq
      Use more os.h wrapper functions in hostapd_cli
      FT: Do not include RSN IE in (Re)Assoc Resp during initial MD association
      FT: Fix FT 4-Way Handshake to include PMKR1Name in messages 2 and 3
      FT: Fix GTK subelement format in FTIE
      Sync with wireless-testing.git include/linux/nl80211.h
      nl80211: Start using NL80211_ATTR_LOCAL_STATE_CHANGE
      Fix compiler warning on non-802.11r build
      FT: Do not add MIC to FTIE during initial MD association
      FT: Fix Reassociation Response in FT Protocol to include ANonce/SNonce
      FT: Add R1KH-ID into FT auth seq 3rd message (Reassoc Req)
      FT: Copy FT Capability and Policy to MDIE from target AP
      FT: Set FT Capability and Policy properly in MDIE during initial MD assoc
      FT: Deauthenticate in case of Reassoc Response validation error
      FT: Validate SNonce and ANonce values during FT Protocol in supplicant
      FT: Validate protect IE count in FTIE MIC Control
      FT: Validate FTIE fields in Reassociation Request
      FT: Clean up wpa_sm_set_ft_params() by using common parse
      Parse EAPOL-Key msg 2/4 Key Data IEs/KDEs before checking RSN/WPA IE
      Make wpa_compare_rsn_ie() handle missing IEs
      FT: Copy MDIE and FTIE from (Re)Association Response into EAPOL-Key 2/4
      Add more verbose debugging for EAPOL-Key Key Data field IEs/KDEs
      FT: Add FTIE, TIE[ReassocDeadline], TIE[KeyLifetime] to EAPOL-Key 3/4
      Split EAPOL-Key msg 3/4 Key Data validation into helper functions
      FT: Verify that MDIE and FTIE matches between AssocResp and EAPOL-Key 3/4
      SME: Do not try to use FT over-the-air if PTK is not available
      FT: Validate MDIE and FTIE in FT 4-way handshake message 2/4
      Fix error messages to print ASCII MAC address, not the parse buffer
      Add ctrl_iface command for triggering a roam to a specific BSS
      Fix wpa_sm_has_ptk() no-WPA wrapper location
      SME: Handle association without own extra IEs
      Use unsigned bitfield for 1-bit values
      nl80211: Fix memory leak on send_action error path
      EAP-MD5: Use conditional success decision
      Optimize post-WPS scan based on channel used during provisioning
      Allow sub-second resolution for scan requests
      Simplify driver_ops for virtual interface add/remove
      Deauthenticate instead of disassociate on disconnect command
      Avoid dropping ctrl_iface on ENOBUFS error burst
      nl80211: Remove forgotten Action frame registration example
      nl80211: Fix key configuration in wpa_supplicant AP mode
      Allow driver wrappers to indicate maximum remain-on-channel duration
      FT: Fix wpa_sm_set_ft_params wrapper for non-FT build
      Add option for overriding scan result handler for a single scan
      Add an option to request a connection without a new scan
      Try to start a new scan more quickly after driver rejection
      Add registerable callback for wpa_supplicant AP mode completion
      Add more wpa_supplicant AP mode parameters for the driver wrapper
      wpa_supplicant AP: More thorough AP mode deinit
      Make sure AP interface is initialize before accepting WPS commands
      wpa_supplicant AP mode: Add function for enabling MAC address filtering
      Started to make set_ap_wps_ie() capable of adding multiple IEs
      Add WPS Registrar success callback
      Add wpa_supplicant AP mode events for Public Action frames
      nl80211: Define set_freq for wpa_supplicant, too
      hostapd_cli: Add deauth/disassoc commands to usage help
      Add BSSID and reason code (if available) to disconnect event
      .gitignore for generated language files
      SME: Fix build without 802.11r or WPS
      Fix internal DH implementation not to pad shared key
      Fix hostapd build without WPS
      Fix get_interfaces() driver call to use correct drv_priv data
      WPS: Fix association when both WPS and WPA/RSN IE are included
      VLAN: Clean up debug code and error messages
      Stop processing if STA VLAN bind fails
      nl80211: Add more debug info on NL80211_ATTR_STA_VLAN failures
      VLAN: Fix bridge interface clean up for no tagged_interface case
      nl80211: Fix wpa_supplicant build
      Do not trigger initial scan if there are no enabled networks
      VLAN: Set statically configured VLAN interfaces up
      VLAN: Reorder init to get same behavior for all VLAN interfaces
      Remove unnecessary SUBDIRS loops from src/*/Makefile
      Fix build without CONFIG_FULL_DYNAMIC_VLAN
      atheros: Update to build with the current driver version
      atheros: Add more robust and complete debug info for ioctl failures
      atheros: Restore ATH_WPS_IE definition and comment
      WPS: Include CONFIG_EAP automatically if WPS is enabled
      TNCS: Fix uninit in error case to not double free IMVs
      TNC: Fix EAP-TNC fragmentation of the last message
      TNC: Add more debug infor to EAP-TNC server state changes
      Preparations for 0.7.2 release
      wpa_gui: Fix Windows build
      wpa_gui: lupdate run before release
      Add wpa_gui-qt4 translation files into build

Kel Modderman (2):
      wpa_gui-qt4: do not show WPS AP available event tray messages
      wpa_supplicant: fix FTBFS on Debian GNU/kFreeBSD

M. Braun (4):
      VLAN: Set dynamic VLAN up to fix STA bind and key setup
      nl80211: Add bridge interfaces to own ifindex list automatically
      nl80211: Fix initial add_ifidx() realloc to not forget values
      VLAN: Decrease bridge forwarding delay to avoid EAPOL timeouts

Marcin Marzec (1):
      Fix typo in WPA_AUTH_ALG_FT definition

Masashi Honma (17):
      driver_bsd.c: Use os_free() instead of free()
      bsd: Enable auto configuration
      driver_bsd.c: Reduce code duplication (DELKEY)
      driver_bsd.c: Reduce code duplication (MLME)
      driver_bsd.c: Reduce code duplication (ifflag)
      driver_bsd.c: Reduce code duplication (setkey)
      driver_bsd: Clean up EAPOL frame transmission code
      driver_bsd.c: Enable AP mode wpa_supplicant
      bsd: Use same field name between hostapd and wpa_supplicant
      bsd: Unify struct bsd_driver_data and struct wpa_driver_bsd_data
      bsd: Unify wpa_driver_bsd_ops
      FreeBSD: Enable channel control
      FreeBSD: Add support for FreeBSD 8.0 STA/AP
      bsd: Aggregate ioctl routines
      bsd: Use device capability information
      NetBSD: Fix driver_bsd.c build
      Support for Solaris default shell restriction

Michael Buesch (1):
      hostapd: Use cp -f in make install

Stefan Oswald (3):
      wpa_gui: Convert strings to use tr() in user-visible text
      wpa_gui: Make Status strings visible to linguist
      wpa_gui: Add Qt translator installation and German translation

Witold Sowa (1):
      dbus: Add new KeyMgmt interface capabilities

Yogesh Ashok Powar (1):
      Allow advertising of U-APSD functionality in Beacon

Jouni Malinen                                            PGP id EFC895FA

More information about the Hostap mailing list