HostAP IEEE 802.1x modifications
jkmaline at cc.hut.fi
Sun Dec 8 23:17:40 EST 2002
On Wed, Nov 13, 2002 at 06:43:20PM +0000, Oleg Izhvanov wrote:
> Ok, here is the patch. There are some other modifications except
> WEP rekeying, so here is the brief changelog:
> * WEP rekeying support added ('-t' command line option)
Merged to CVS version. I modified this a bit and it seems to work fine
also with individual station keys (i.e., both broadcast and unicast keys
will be updated). I still need to add TX callback function to make sure
that station ACKs (802.11) EAPOL-Key frame before taking the new unicast
key into use. Broadcast key needs to be taken into use immediately (but
previous key is still available for decryption). EAPOL-Key could anyway
be resent if a station does not ACK it.
I removed MSB setting of key index from hostapd_rotate_wep() since it
looked like a workaround for WinXP Supplicant and I would guess it
should be in more generic place. Similar behavior is now available with
separate command line option '-w'. Do you have any extra information
about the WinXP Supplicant operations? At least, setting this bit did
not fix my WinXP Supplicant.
On the positive side, with this rekeying patch, I was able to use
Xsupplicant and Host AP driver in the Managed mode to automatically set
both the broadcast and unicast keys and rekey them. prism2_params
ieee_802_1x, host_encrypt, and host_decrypt need to be set to make
> * EAPOL-key frame now uses an NTP timestamp as the replay
Merged to CVS.
> * Added support for non-prism based cards(Wireless Extensions only).
I haven't merged this in yet. I'm going to change the patch a bit and
call it something else.. It should work also with Prism-based card when
using Host AP driver without hostapd (i.e., kernel driver performing
Jouni Malinen PGP id EFC895FA
More information about the HostAP