hostapd/wpa_supplicant - new development release v0.3.1

Jouni Malinen jkmaline
Sun Dec 12 21:27:47 PST 2004 

New versions of hostapd and wpa_supplicant were just released and are
now available from http://hostap.epitest.fi/

This release is from the development (0.3.x) branch. Please note that
0.2.x branch continues to be the current source of stable releases.

The main new features of this release are integrated EAP-TLS
authentication server in hostapd and Windows/cygwin port of
wpa_supplicant.

So far, I have only tested wpa_supplicant port with WinXP (SP2) and
latest version of cygwin and WinPcap. It looks like all features are
working in my test setup. If you happen to test this on something
else, it would be nice to hear reports of what kind of combinations
worked. I have not tried to find out, which Windows versions are
supposed to have the needed functionality, but wpa_supplicant may work
on quite many older versions since the driver interface code is using
quite simple access through WinPcap which itself has support from
Win9x up. See README-Windows.txt for more information.

I cannot really claim to know Windows programming very well, so if
someone with more experience on this area would like to tell me how to
get NdisMIndicateStatus reports in user space (e.g., notification of
link status changes), I would be interested in that information and/or
example code.. Likewise, if there is interest for a native (i.e., not
requiring cygwin) port, it would be nice to hear, too. I have a test
version which at least compiles with -mno-cygwin (after removing
things like control interface that is using UNIX domain sockets), but
I have not yet finished getting rid of all cygwin dependencies.


hostapd:
* added support for integrated EAP-TLS authentication (new hostapd.conf
  variables: ca_cert, server_cert, private_key, private_key_passwd);
  this enabled dynamic keying (WPA2/WPA/IEEE 802.1X/WEP) without
  external RADIUS server
* added support for reading PKCS#12 (PFX) files (as a replacement for
  PEM/DER) to get certificate and private key (CONFIG_PKCS12)

wpa_supplicant:
* added support for reading PKCS#12 (PFX) files (as a replacement for
  PEM/DER) to get certificate and private key (CONFIG_PKCS12)
* fixed compilation with CONFIG_PCSC=y
* added new ap_scan mode, ap_scan=2, for drivers that take care of
  association, but need to be configured with security policy and SSID,
  e.g., ndiswrapper and NDIS driver; this mode should allow such
  drivers to work with hidden SSIDs and optimized roaming; when
  ap_scan=2 is used, only the first network block in the configuration
  file is used and this configuration should have explicit security
  policy (i.e., only one option in the lists) for key_mgmt, pairwise,
  group, proto variables
* added experimental port of wpa_supplicant for Windows
  - driver_ndis.c driver interface (NDIS OIDs)
  - currently, this requires cygwin and WinPcap
  - small utility, win_if_list, can be used to get interface name
* control interface can now be removed at build time; add
  CONFIG_CTRL_IFACE=y to .config to maintain old functionality
* optional Xsupplicant interface can now be removed at build time;
  (CONFIG_XSUPPLICANT_IFACE=y in .config to bring it back)
* added auth_alg to driver interface associate() parameters to make it
  easier for drivers to configure authentication algorithm as part of
  the association


-- 
Jouni Malinen                                            PGP id EFC895FA

More information about the Hostap mailing list