[PATCH 00/44] Improvements for roaming
michael-dev at fami-braun.de
michael-dev at fami-braun.de
Wed Feb 24 03:53:06 PST 2016
From: Michael Braun <michael-dev at fami-braun.de>
Hi,
this series is about hostapd roaming.
I was trying to achieve with hostapd:
- FT over-air and over-ds with fully dynamic VLANs enabled including
RADIUS accounting and session_timeout
- 802.11i pre-authentication with fully dynamic VLANs
- FT-PSK without inter-AP communication
- Handle a dynamic set of APs: all APs are interconnected using some VPN
and there is some churn regaring the APs installed/connected
- Multiple BSS per hostapd instance
When finally having this ready, I tested it locally with debugging turned
on. Then my clients ran into retries because hostapd replied to slow. So
there are some patches that try to optimize on this.
So this patch series adds to hostapd:
FT:
- VLAN support
- accounting support
- session timeout support
- FT autodiscovery (broadcast) with caching
802.11i pre-authentication:
- fully dynamic VLAN support
These patches can also be found here:
(in case they are too big for the mailing list)
https://github.com/michael-dev/hostapd/tree/mail-20160222
Regards,
M. Braun
Michael Braun (44):
test: tagged-vlan only change on reauthentication
test: verify correct vlan operation after reconnect
test: add tshark and python-netifaces to example dependency
test: test pmksa auth with per_sta_vif
FT: wpa_auth_ft rrb fix data length
FT: add IEEE vlan support (including tagged vlans)
test: FT-EAP with VLAN
nl80211: fix CMD_FRAME used with VLANs
vlan: factor out bridge and ifconfig code
FT: RRB messages can be exchanged in a separate interface/VLAN
test: FT ft_bridge dummy generation
FT: add expiration to PMK-R0 and PMK-R1 cache
test: FT-PSK with VLAN
802.11 Factor out authentication code for reuse with FT-over-DS
FT-over-DS: use macaddr_acl
FT: generate PMK_R0 and PMK_R1 for FT-PSK locally
test: FT with locally generated PMK_R0/PMK_R1 from PSK
test: FT RRB internal delivery to non-WPA BSS
FT: check hapd->wpa_auth before RRB internal delivery
FT: add support for wildcard R0KH / R1KH
FT: cache newly detected R0KH / R1KH when using wildcard
FT: resend pull request
FT: negative caching when using wilcard r0kh
test: FT with broadcasts
Prepare 802.11i pre-authentication for full dynamic vlan.
Enable 802.11i pre-authentication with full dynamic vlans
test: pre-authentification with full dynamic vlans
FT: preset r1_key_holder to bssid
vlan: create new interface name on stack
Move password hashing out of 802.11 authentication path
psk list sharing
RADIUS: enable PSK generation at RADIUS Server
STA: avoid driver warning when configuring not connected STAs for WPA
FT: do not change ANonce during re-sent auth request
FT: check destination mac addr on RRB receive
FT: include identity and radius_cui in pull/resp frames
FT: add session_timeout to push/resp
nl80211: cleanup ifidx properly
start radius accounting after FT and PREauth
FT: handle OVER_DS reassociate client retry
FT: convert r0_key_lifetime to seconds
FT: add r1_max_key_lifetime
FT OVER_DS with fullstate station driver
VLAN: avoid use of libnl cache
hostapd/Makefile | 23 +
hostapd/config_file.c | 21 +
hostapd/defconfig | 3 +
hostapd/hostapd.conf | 85 ++-
src/ap/ap_config.c | 32 +
src/ap/ap_config.h | 22 +
src/ap/ap_drv_ops.c | 15 +-
src/ap/ap_drv_ops.h | 3 +
src/ap/bridge.c | 253 +++++++
src/ap/bridge.h | 19 +
src/ap/dummy.c | 118 ++++
src/ap/dummy.h | 10 +
src/ap/hostapd.c | 5 +
src/ap/hostapd.h | 6 +
src/ap/ieee802_11.c | 155 +++--
src/ap/ieee802_11.h | 4 +
src/ap/ieee802_11_auth.c | 147 +++--
src/ap/ieee802_11_auth.h | 22 +-
src/ap/ieee802_1x.c | 20 +-
src/ap/ifconfig.c | 73 +++
src/ap/ifconfig.h | 5 +
src/ap/l2_snoop.h | 72 ++
src/ap/l2_snoop_pcap.c | 134 ++++
src/ap/preauth_auth.c | 273 +++++++-
src/ap/preauth_auth.h | 19 +
src/ap/sta_info.c | 29 +-
src/ap/sta_info.h | 6 +-
src/ap/vlan_init.c | 341 ++--------
src/ap/vlan_util.c | 30 +-
src/ap/wpa_auth.c | 6 +-
src/ap/wpa_auth.h | 88 ++-
src/ap/wpa_auth_ft.c | 1052 +++++++++++++++++++++++++++---
src/ap/wpa_auth_glue.c | 511 ++++++++++++++-
src/ap/wpa_auth_i.h | 2 +
src/common/defs.h | 5 +
src/common/wpa_common.c | 3 +
src/common/wpa_common.h | 3 +
src/drivers/driver.h | 3 +-
src/drivers/driver_atheros.c | 3 +-
src/drivers/driver_hostap.c | 10 +-
src/drivers/driver_nl80211.c | 153 +++--
src/drivers/driver_nl80211.h | 3 +
tests/hwsim/auth_serv/eap_user.conf | 5 +
tests/hwsim/auth_serv/eap_user_vlan.conf | 3 +
tests/hwsim/example-hostapd.config | 1 +
tests/hwsim/example-setup.txt | 5 +-
tests/hwsim/hostapd.wlan3.vlan | 1 +
tests/hwsim/hostapd.wlan4.vlan | 1 +
tests/hwsim/test_ap_ft.py | 501 +++++++++++++-
tests/hwsim/test_ap_vlan.py | 81 ++-
tests/hwsim/test_pmksa_cache.py | 208 +++---
wpa_supplicant/driver_i.h | 2 +-
52 files changed, 3798 insertions(+), 797 deletions(-)
create mode 100644 src/ap/bridge.c
create mode 100644 src/ap/bridge.h
create mode 100644 src/ap/dummy.c
create mode 100644 src/ap/dummy.h
create mode 100644 src/ap/ifconfig.c
create mode 100644 src/ap/ifconfig.h
create mode 100644 src/ap/l2_snoop.h
create mode 100644 src/ap/l2_snoop_pcap.c
--
1.9.1
More information about the Hostap
mailing list