will wpa_supplication support for advanced AP features (e.g. mac address based authentication)

邢冲 xingchong at gmail.com
Mon Dec 28 16:36:07 PST 2015

Hi, Jouni Malinen

thanks for your reply.

The use case is not for security. It's for convenience.
I am going to group different kinds of clients, and dynamically close
the connection from clients in one group (without any interaction from

2015-12-28 21:54 GMT+08:00 Jouni Malinen <j at w1.fi>:
> On Mon, Dec 28, 2015 at 06:49:32PM +0800, 邢冲 wrote:
>> As I know wpa_supplicant only implements a subset of hostapd. For example,
>> we want the feature of mac address based authentication, which only exists
>> in hostapd, and missing in wpa_supplicant.
> wpa_supplicant does actually use MAC address -based limitation for one
> use cases (P2P group formation). However, I'd like to make it clear that
> this is not really authentication and "advanced AP feature".. It is
> trivial to change the MAC address of a device and this does not add any
> real security.
>> Is there any plan that wpa_supplicant support such AP features?
> If there is a reasonable use case for it, sure, it could be added. No
> such use case has come up so far, though..
>> Or even will hostapd and wpa_supplicant be merged?And so that we can expect
>> connman/wpa_supplicant delivery advanced AP features.
> Well, they are both already sharing the same source code repository.
> Whether they will ever be fully merged in a way that there is no option
> to build something similar to what is built today is unclear, but
> anyway, the main missing part from wpa_supplicant is in providing new
> configuration options to take any of the existing hostapd functionality
> into use. If there are good use cases for such functions, they can be
> added on top of the current wpa_supplicant configuration mechanism.
> --
> Jouni Malinen                                            PGP id EFC895FA

More information about the Hostap mailing list