Metalink patches for Intel WPS code

Assaf Harel AssafH at mtlk.com
Tue Dec 4 08:29:41 EST 2007


Jouni,

see embedded marked with >>>.

Regards,
Assaf 

-----Original Message-----
From: Jouni Malinen [mailto:j at w1.fi] 
Sent: Sunday, December 02, 2007 20:01
To: Assaf Harel
Cc: hostap at shmoo.com; Inna Reznik
Subject: Re: Metalink patches for Intel WPS code

On Mon, Nov 26, 2007 at 07:47:30PM +0200, Assaf Harel wrote:

> Metalink released another patch today:
> http://w1.fi/contrib/metalink/Intel_WSC_Metalink_WSC.patch
> This patch updates Intel's original WPS daemon (known as Wsccmd) that 
> runs on top of hostapd / wpa_supplicant.
> 
> Now it is possible to pass wifi WPS certification

Nice to see this type of changes released. I know that number of
companies have worked on modifications to the Intel reference
implementation, but the changes have not usually been released which
leads into duplicate work.

Do you have any plans or do you know of anyone else having plans to
maintain the WSC reference implementation in the future? The Intel web
site for this does not seem to indicate that this code would be
maintained or modified to become production quality code. I'm somewhat
worried about depending on an implementation that does not have someone
maintaining it. Especially so, when there are still number of areas that
would benefit of major cleanup.

>>> We're certainly plan to maintain this code for our own purposes (bug
fixes, specific client support, etc), and we plan to release these
modifications as patches when there will be enough to release. Intel are
working on this as well, at least so they told me on a separate e-mail,
but they are not doing this as a maintenance job, they simply offer next
versions, which clean bugs and support new features. I hope that their
next version will take our modifications into consideration, because we
think it made their package more mature (and certifiable...). 

As far as the EAP method is concerned, there are number of issues with
the original hostapd/wpa_supplicant 0.4.x -based implementation. In
order to go forward on this area, I implemented an EAP method that
provides just the EAP transport part for WPS using the 0.6.x code base
and proper use of expanded EAP header. This, I believe, is also moving
the interface between EAP transport and WPS Registration Protocol into
cleaner location, i.e., doing all EAP specific stuff (including
fragmentation and reassembly and EAP header processing) into the EAP
method while leaving the WPS Registration Protocol to handle WSC M1..M8,
Done, ACK, and NACK.

The current version does not include interface for an external process
for processing the WPS messages. There is only a dummy implementation
that can be used for testing the EAP transport. However, communication
with an external process could be implemented using pending EAP
processing functionality in hostapd/wpa_supplicant to avoid the blocking
calls to external process which is used in the reference WSC code (and
which will not be acceptable for hostapd/wpa_supplicant integration).

>>> I understand where you getting to, and we do plan to connect wsccmd
with 0.6.x version. This is a work in progress here, and it takes us
time, since we don't work with 0.6.x version on our commercial platform.
We'll use the latest git version, to enjoy your latest additions.

The more I look at the reference WSC code, the more I would like to see
this done with simpler design or at least in smaller steps. I think it
would be useful to see a minimal implementation that supports just the
case of AP with an internal Registrar and client with an Enrollee and
only EAP transport (i.e., no UPnP complexity) as the first step. Once
this is available in a clean, maintainable implementation, more
functionality could be added.

I do not like the extra complexity caused by wsccmd being responsible
for starting hostapd/wpa_supplicant with hardcoded command line and
configuration file options. I would much rather see something that
allows both programs to be started (and configured) independently and
then whatever information needs to be transfered between the processes
would go through the ctrl_iface.

Is someone interested in working with a larger design change for the
Intel wsccd code? I have to say that I'm not exactly looking forward to
touching that code myself and would likely find it easier to work with a
new in-process implementation of WPS Registration Protocol as a library
that is designed to fit hostapd/wpa_supplicant model better if I had to
do the work..

>>> Jouni, I agree with you completely. When we started this project we
faced the same questions, and chose to work with Intel for practical
purposes (shorter development time). If you want to start such a
development process, of adding WPS capabilities to
hostapd/wpa_supplicant, I would welcome this effort very much, and can
promise you that we will adopt to that version, once is published, and
offer help as much as required.

-- 
Jouni Malinen                                            PGP id EFC895FA

-- Disclaimer: --
This e-mail is intended solely for the person to whom it is addressed and may contain confidential or legally privileged information. Access to this e-mail by anyone else is unauthorized. If an addressing or transmission error has misdirected this e-mail, please notify the author by replying to this e-mail and destroy this e-mail and any attachments. 
E-mail may be susceptible to data corruption, interception, unauthorized amendment, viruses and delays or the consequences thereof. If you are not the intended recipient, be advised that you have received this email in error and that any use, dissemination, forwarding, printing or copying of this email is strictly prohibited.



More information about the HostAP mailing list