[RFC 5/6] hostap: add UDP support for ctrl iface

Janusz Dziedzic janusz.dziedzic at tieto.com
Thu Jan 14 22:12:38 PST 2016


On 14 January 2016 at 20:58, Alan DeKok <aland at deployingradius.com> wrote:
> On Jan 14, 2016, at 12:49 PM, Peter Oh <poh at codeaurora.org> wrote:
>>
>>
>> On 01/14/2016 05:19 AM, Janusz Dziedzic wrote:
>>> Add UDP support for ctrl interface.
>> can you add more details such as why we need it?
>
>   Even if it's needed, there's essentially no security on the UDP packets.  I don't see a static and *clear-text* cookie as offering any security.
>
This is only for tests purpose and should not be enabled in production code.
Main idea is to use wpaspy (patch 6/6) and run tests using machines
from local network. Currently there are a hwsim tests, which are used
for wpa_supplicant/hostapd testing.
In the future I think about testing whole stack also -
wpa_supplicant/hostapd + driver + hw. And for that using UDP version
of wpaspy + wpa_supplicant/hostapd with CTRL UDP iface.

BR
Janusz

>   The protocol should at the minimum include randomness, so that packets can't be replayed.  And the entire contents should be authenticated, ideally with an HMAC construct.
>
>   Or, just use TCP and TLS for the control interface.  That would be infinitely preferable to UDP.
>
>   Alan DeKok.
>
>
> _______________________________________________
> Hostap mailing list
> Hostap at lists.infradead.org
> http://lists.infradead.org/mailman/listinfo/hostap



More information about the Hostap mailing list