[RFC 5/6] hostap: add UDP support for ctrl iface
janusz.dziedzic at tieto.com
Thu Jan 14 22:12:38 PST 2016
On 14 January 2016 at 20:58, Alan DeKok <aland at deployingradius.com> wrote:
> On Jan 14, 2016, at 12:49 PM, Peter Oh <poh at codeaurora.org> wrote:
>> On 01/14/2016 05:19 AM, Janusz Dziedzic wrote:
>>> Add UDP support for ctrl interface.
>> can you add more details such as why we need it?
> Even if it's needed, there's essentially no security on the UDP packets. I don't see a static and *clear-text* cookie as offering any security.
This is only for tests purpose and should not be enabled in production code.
Main idea is to use wpaspy (patch 6/6) and run tests using machines
from local network. Currently there are a hwsim tests, which are used
for wpa_supplicant/hostapd testing.
In the future I think about testing whole stack also -
wpa_supplicant/hostapd + driver + hw. And for that using UDP version
of wpaspy + wpa_supplicant/hostapd with CTRL UDP iface.
> The protocol should at the minimum include randomness, so that packets can't be replayed. And the entire contents should be authenticated, ideally with an HMAC construct.
> Or, just use TCP and TLS for the control interface. That would be infinitely preferable to UDP.
> Alan DeKok.
> Hostap mailing list
> Hostap at lists.infradead.org
More information about the Hostap