[PATCH v2 00/33] Improvements for roaming

Michael Braun michael-dev at fami-braun.de
Sat Sep 24 13:53:41 PDT 2016 

Hi,

this series is again about hostapd roaming. I tried to address all issues left
over from the last time.
That includes:
 - introduce a new TLV based RRB message format, but keep AES encryption for
   simplicity and
 - replace adding dummy interfaces to bridges with using macvlan.

With respect to the changes from Benjamin Berg from 2016-09-19, I don't think
they really supersede this series, but they are not really superseded by this
series either. I can rebase this series on that series if needed.

Regarding using R0-Identifier = R0-BSSID: This series uses an extra broadcast
step, but does not interfere with RADIUS NAS-Identifier.

Regarding cache limitation: This series makes cache time configurable and
triggers cache purge by time. This series lacks cache size limitation.

Regarding his 6/6 "l2: Add outgoing listener to catch packets from other
hostapd". This should also be covered by using the new ft_iface due to the way
MACVLAN "bridge"-mode works, thought I'm unsure about platform support.

Sincerely,
M. Braun

Michael Braun (33):
  FT: generate PMK_R0 and PMK_R1 for FT-PSK locally
  test: FT with locally generated PMK_R0/PMK_R1 from PSK
  test: FT: EAP test for mismatching keys
  FT: add support for wildcard R0KH / R1KH
  test: FT with broadcasts
  FT: cache newly detected R0KH / R1KH when using wildcard
  FT: resend pull request
  FT: negative caching when using wilcard r0kh
  FT: new rrb message format
  FT: add expiration to PMK-R0 and PMK-R1 cache
  FT: add IEEE vlan support (including tagged vlans)
  test: FT-EAP with VLAN
  test: FT-PSK with VLAN
  FT: add r1_max_key_lifetime
  802.11 Factor out authentication code for reuse with FT-over-DS
  FT-over-DS: use macaddr_acl
  tests: FT test macaddr-acl
  factor out ifconfig for use with macvlan
  FT: separate RRB interface
  test: FT ft_macvlan generation
  FT: include identity and radius_cui in pull/resp frames
  tests: FT with CUI
  FT: add session_timeout to push/resp
  Prepare 802.11i pre-authentication for full dynamic vlan.
  Enable 802.11i pre-authentication with full dynamic vlans
  test: pre-authentification with full dynamic vlans
  STA: avoid driver warning when configuring not connected STAs for WPA
  FT: radius accounting after roaming
  FT: handle OVER_DS reassociate client retry
  FT: convert r0_key_lifetime to seconds
  FT OVER_DS with fullstate station driver
  nl80211: fix CMD_FRAME used with VLANs
  FT: do not change ANonce during re-sent auth request

 hostapd/Makefile                    |   32 +-
 hostapd/config_file.c               |   23 +
 hostapd/defconfig                   |   11 +
 hostapd/hostapd.conf                |   81 +-
 src/ap/ap_config.c                  |   32 +
 src/ap/ap_config.h                  |   22 +
 src/ap/ap_drv_ops.c                 |   15 +-
 src/ap/ap_drv_ops.h                 |    3 +
 src/ap/hostapd.h                    |    6 +
 src/ap/ieee802_11.c                 |  171 ++--
 src/ap/ieee802_11.h                 |    4 +
 src/ap/ieee802_11_auth.c            |  110 ++-
 src/ap/ieee802_11_auth.h            |   24 +-
 src/ap/ieee802_1x.c                 |   18 +-
 src/ap/l2_snoop.h                   |   72 ++
 src/ap/l2_snoop_pcap.c              |  134 +++
 src/ap/macvlan.c                    |  130 +++
 src/ap/macvlan.h                    |   10 +
 src/ap/preauth_auth.c               |  278 +++++-
 src/ap/preauth_auth.h               |   19 +
 src/ap/sta_info.c                   |   29 +-
 src/ap/sta_info.h                   |    6 +-
 src/ap/vlan_full.c                  |   23 +-
 src/ap/vlan_ifconfig.c              |    9 +-
 src/ap/vlan_ifconfig.h              |   16 +
 src/ap/vlan_init.c                  |   20 +
 src/ap/vlan_util.h                  |    3 -
 src/ap/wpa_auth.c                   |    6 +-
 src/ap/wpa_auth.h                   |  150 +--
 src/ap/wpa_auth_ft.c                | 1834 ++++++++++++++++++++++++++++++-----
 src/ap/wpa_auth_glue.c              |  430 +++++++-
 src/ap/wpa_auth_i.h                 |    4 +-
 src/common/defs.h                   |    5 +
 src/common/wpa_common.c             |    3 +
 src/common/wpa_common.h             |    3 +
 src/drivers/driver.h                |    3 +-
 src/drivers/driver_atheros.c        |    3 +-
 src/drivers/driver_hostap.c         |   10 +-
 src/drivers/driver_nl80211.c        |   53 +-
 tests/hwsim/auth_serv/eap_user.conf |    5 +
 tests/hwsim/example-hostapd.config  |    3 +
 tests/hwsim/test_ap_ft.py           |  466 ++++++++-
 tests/hwsim/test_pmksa_cache.py     |   19 +
 wpa_supplicant/driver_i.h           |    2 +-
 44 files changed, 3773 insertions(+), 527 deletions(-)
 create mode 100644 src/ap/l2_snoop.h
 create mode 100644 src/ap/l2_snoop_pcap.c
 create mode 100644 src/ap/macvlan.c
 create mode 100644 src/ap/macvlan.h
 create mode 100644 src/ap/vlan_ifconfig.h

-- 
2.1.4

More information about the Hostap mailing list