hostap/hostapd/wpa_supplicant - new development release v0.3.5

Jouni Malinen jkmaline at cc.hut.fi
Sun Jan 23 23:57:01 EST 2005


New versions of the Host AP driver, hostapd, and wpa_supplicant were
just released and are now available from http://hostap.epitest.fi/

This release is from the development (0.3.x) branch. Please note that
0.2.x branch continues to be the current source of stable releases.

The main focus on this release was in fixing bugs and this is likely
the last development release of 0.3.x branch. I will make a new CVS
branch for future 0.3.x releases and the first 0.3.x stable release
will be released from this branch after some more testing.


hostap-driver:
* added new ioctl command for hostapd to clear station specific
  accounting data when starting a new accounting session

hostapd:
* added support for configuring a forced PEAP version based on the
  Phase 1 identity
* fixed PEAPv1 to use tunneled EAP-Success/Failure instead of EAP-TLV
  to terminate authentication
* fixed EAP identifier duplicate processing with the new IEEE 802.1X
  draft
* clear accounting data in the driver when starting a new accounting
  session
* driver_madwifi: filter wireless events based on ifindex to allow more
  than one network interface to be used
* fixed WPA message 2/4 processing not to cancel timeout for TimeoutEvt
  setting if the packet does not pass MIC verification (e.g., due to
  incorrect PSK); previously, message 1/4 was not tried again if an
  invalid message 2/4 was received
* fixed reconfiguration of RADIUS client retransmission timer when
  adding a new message to the pending list; previously, timer was not
  updated at this point and if there was a pending message with long
  time for the next retry, the new message needed to wait that long for
  its first retry, too

wpa_supplicant:
* added a workaround for an interoperability issue with a Cisco AP
  when using WPA2-PSK
* fixed non-WPA IEEE 802.1X to use the same authentication timeout as
  WPA with IEEE 802.1X (i.e., timeout 10 -> 70 sec to allow
  retransmission of dropped frames)
* fixed issues with 64-bit CPUs and SHA1 cleanup in previous version
  (e.g., segfault when processing EAPOL-Key frames)
* fixed EAP workaround and fast reauthentication configuration for
  RSN pre-authentication; previously these were disabled and
  pre-authentication would fail if the used authentication server
  requires EAP workarounds
* added support for blacklisting APs that fail or timeout
  authentication in ap_scan=1 mode so that all APs are tried in cases
  where the ones with strongest signal level are failing authentication
* fixed CA certificate loading after a failed EAP-TLS/PEAP/TTLS
  authentication attempt
* allow EAP-PEAP/TTLS fast reauthentication only if Phase 2 succeeded
  in the previous authentication (previously, only Phase 1 success was
  verified)


-- 
Jouni Malinen                                            PGP id EFC895FA



More information about the HostAP mailing list