hostapd/wpa_supplicant - new development release v0.6.1

Jouni Malinen j at w1.fi
Sat Nov 24 19:20:02 EST 2007


New versions of wpa_supplicant and hostapd were just
released and are now available from http://w1.fi/

This release is from the development branch (0.6.x). Please note that
the 0.5.x branch continues to be the current source of stable releases.

hostapd:
* added experimental, integrated TLSv1 server implementation with the
  needed X.509/ASN.1/RSA/bignum processing (this can be enabled by
  setting CONFIG_TLS=internal and CONFIG_INTERNAL_LIBTOMMATH=y in
  .config); this can be useful, e.g., if the target system does not
  have a suitable TLS library and a minimal code size is required
* added support for EAP-FAST server method to the integrated EAP
  server
* updated EAP Generalized Pre-Shared Key (EAP-GPSK) to use the latest
  draft (draft-ietf-emu-eap-gpsk-07.txt)
* added a new configuration parameter, rsn_pairwise, to allow different
  pairwise cipher suites to be enabled for WPA and RSN/WPA2
  (note: if wpa_pairwise differs from rsn_pairwise, the driver will
  either need to support this or will have to use the WPA/RSN IEs from
  hostapd; currently, the included madwifi and bsd driver interfaces do
  not have support for this)
* updated FT support to use the latest draft, IEEE 802.11r/D8.0

wpa_supplicant:
* added support for configuring password as NtPasswordHash
  (16-byte MD4 hash of password) in hash:<32 hex digits> format
* added support for fallback from abbreviated TLS handshake to
  full handshake when using EAP-FAST (e.g., due to an expired
  PAC-Opaque)
* updated EAP Generalized Pre-Shared Key (EAP-GPSK) to use the latest
  draft (draft-ietf-emu-eap-gpsk-07.txt)
* added support for drivers that take care of RSN 4-way handshake
  internally (WPA_DRIVER_FLAGS_4WAY_HANDSHAKE in get_capa flags and
  WPA_ALG_PMK in set_key)
* added an experimental port for Mac OS X (CONFIG_DRIVER_OSX=y in
  .config); this version supports only ap_scan=2 mode and allow the
  driver to take care of the 4-way handshake
* fixed a buffer overflow in parsing TSF from scan results when using
  driver_wext.c with a driver that includes the TSF (e.g., iwl4965)
  [Bug 232]
* updated FT support to use the latest draft, IEEE 802.11r/D8.0
* fixed an integer overflow issue in the ASN.1 parser used by the
  (experimental) internal TLS implementation to avoid a potential
  buffer read overflow
* fixed a race condition with -W option (wait for a control interface
  monitor before starting) that could have caused the first messages to
  be lost
* added support for processing TNCC-TNCS-Messages to report
  recommendation (allow/none/isolate) when using TNC [Bug 243]

-- 
Jouni Malinen                                            PGP id EFC895FA



More information about the HostAP mailing list