https://www.phoronix.com/news/IWD-WPA-WiFi-Auth-Vulns
https://www.top10vpn.com/research/wifi-vulnerabilities/

PEAP client: Update Phase 2 authentication requirements

The previous PEAP client behavior allowed the server to skip Phase 2
authentication with the expectation that the server was authenticated
during Phase 1 through TLS server certificate validation. Various PEAP
specifications are not exactly clear on what the behavior on this front
is supposed to be and as such, this ended up being more flexible than
the TTLS/FAST/TEAP cases. However, this is not really ideal when
unfortunately common misconfiguration of PEAP is used in deployed
devices where the server trust root (ca_cert) is not configured or the
user has an easy option for allowing this validation step to be skipped.

Change the default PEAP client behavior to be to require Phase 2
authentication to be successfully completed for cases where TLS session
resumption is not used and the client certificate has not been
configured. Those two exceptions are the main cases where a deployed
authentication server might skip Phase 2 and as such, where a more
strict default behavior could result in undesired interoperability
issues. Requiring Phase 2 authentication will end up disabling TLS
session resumption automatically to avoid interoperability issues.

Allow Phase 2 authentication behavior to be configured with a new phase1
configuration parameter option:
'phase2_auth' option can be used to control Phase 2 (i.e., within TLS
tunnel) behavior for PEAP:
* 0 = do not require Phase 2 authentication
* 1 = require Phase 2 authentication when client certificate
(private_key/client_cert) is no used and TLS session resumption was
not used (default)
* 2 = require Phase 2 authentication in all cases

branches: 1.1.1;
Initial revision

ChangeLog for wpa_supplicant

2019-08-07 - v2.9
* SAE changes
- disable use of groups using Brainpool curves
- improved protection against side channel attacks
[https://w1.fi/security/2019-6/]
* EAP-pwd changes
- disable use of groups using Brainpool curves
- improved protection against side channel attacks
[https://w1.fi/security/2019-6/]
* fixed FT-EAP initial mobility domain association using PMKSA caching
* added configuration of airtime policy
* fixed FILS to and RSNE into (Re)Association Response frames
* fixed DPP bootstrapping URI parser of channel list
* added support for regulatory WMM limitation (for ETSI)
* added support for MACsec Key Agreement using IEEE 802.1X/PSK
* added experimental support for EAP-TEAP server (RFC 7170)
* added experimental support for EAP-TLS server with TLS v1.3
* added support for two server certificates/keys (RSA/ECC)
* added AKMSuiteSelector into "STA <addr>" control interface data to
determine with AKM was used for an association
* added eap_sim_id parameter to allow EAP-SIM/AKA server pseudonym and
fast reauthentication use to be disabled
* fixed an ECDH operation corner case with OpenSSL

2019-04-21 - v2.8
* SAE changes
- added support for SAE Password Identifier
- changed default configuration to enable only group 19
(i.e., disable groups 20, 21, 25, 26 from default configuration) and
disable all unsuitable groups completely based on REVmd changes
- improved anti-clogging token mechanism and SAE authentication
frame processing during heavy CPU load; this mitigates some issues
with potential DoS attacks trying to flood an AP with large number
of SAE messages
- added Finite Cyclic Group field in status code 77 responses
- reject use of unsuitable groups based on new implementation guidance
in REVmd (allow only FFC groups with prime >= 3072 bits and ECC
groups with prime >= 256)
- minimize timing and memory use differences in PWE derivation
[https://w1.fi/security/2019-1/] (CVE-2019-9494)
- fixed confirm message validation in error cases
[https://w1.fi/security/2019-3/] (CVE-2019-9496)
* EAP-pwd changes
- minimize timing and memory use differences in PWE derivation
[https://w1.fi/security/2019-2/] (CVE-2019-9495)
- verify peer scalar/element
[https://w1.fi/security/2019-4/] (CVE-2019-9497 and CVE-2019-9498)
- fix message reassembly issue with unexpected fragment
[https://w1.fi/security/2019-5/]
- enforce rand,mask generation rules more strictly
- fix a memory leak in PWE derivation
- disallow ECC groups with a prime under 256 bits (groups 25, 26, and
27)
* Hotspot 2.0 changes
- added support for release number 3
- reject release 2 or newer association without PMF
* added support for RSN operating channel validation
(CONFIG_OCV=y and configuration parameter ocv=1)
* added Multi-AP protocol support
* added FTM responder configuration
* fixed build with LibreSSL
* added FT/RRB workaround for short Ethernet frame padding
* fixed KEK2 derivation for FILS+FT
* added RSSI-based association rejection from OCE
* extended beacon reporting functionality
* VLAN changes
- allow local VLAN management with remote RADIUS authentication
- add WPA/WPA2 passphrase/PSK -based VLAN assignment
* OpenSSL: allow systemwide policies to be overridden
* extended PEAP to derive EMSK to enable use with ERP/FILS
* extended WPS to allow SAE configuration to be added automatically
for PSK (wps_cred_add_sae=1)
* fixed FT and SA Query Action frame with AP-MLME-in-driver cases
* OWE: allow Diffie-Hellman Parameter element to be included with DPP
in preparation for DPP protocol extension
* RADIUS server: started to accept ERP keyName-NAI as user identity
automatically without matching EAP database entry
* fixed PTK rekeying with FILS and FT

ChangeLog for hostapd

2019-08-07 - v2.9
* SAE changes
- disable use of groups using Brainpool curves
- improved protection against side channel attacks
[https://w1.fi/security/2019-6/]
* EAP-pwd changes
- disable use of groups using Brainpool curves
- allow the set of groups to be configured (eap_pwd_groups)
- improved protection against side channel attacks
[https://w1.fi/security/2019-6/]
* fixed FT-EAP initial mobility domain association using PMKSA caching
(disabled by default for backwards compatibility; can be enabled
with ft_eap_pmksa_caching=1)
* fixed a regression in OpenSSL 1.1+ engine loading
* added validation of RSNE in (Re)Association Response frames
* fixed DPP bootstrapping URI parser of channel list
* extended EAP-SIM/AKA fast re-authentication to allow use with FILS
* extended ca_cert_blob to support PEM format
* improved robustness of P2P Action frame scheduling
* added support for EAP-SIM/AKA using anonymous@realm identity
* fixed Hotspot 2.0 credential selection based on roaming consortium
to ignore credentials without a specific EAP method
* added experimental support for EAP-TEAP peer (RFC 7170)
* added experimental support for EAP-TLS peer with TLS v1.3
* fixed a regression in WMM parameter configuration for a TDLS peer
* fixed a regression in operation with drivers that offload 802.1X
4-way handshake
* fixed an ECDH operation corner case with OpenSSL

2019-04-21 - v2.8
* SAE changes
- added support for SAE Password Identifier
- changed default configuration to enable only groups 19, 20, 21
(i.e., disable groups 25 and 26) and disable all unsuitable groups
completely based on REVmd changes
- do not regenerate PWE unnecessarily when the AP uses the
anti-clogging token mechanisms
- fixed some association cases where both SAE and FT-SAE were enabled
on both the station and the selected AP
- started to prefer FT-SAE over SAE AKM if both are enabled
- started to prefer FT-SAE over FT-PSK if both are enabled
- fixed FT-SAE when SAE PMKSA caching is used
- reject use of unsuitable groups based on new implementation guidance
in REVmd (allow only FFC groups with prime >= 3072 bits and ECC
groups with prime >= 256)
- minimize timing and memory use differences in PWE derivation
[https://w1.fi/security/2019-1/] (CVE-2019-9494)
* EAP-pwd changes
- minimize timing and memory use differences in PWE derivation
[https://w1.fi/security/2019-2/] (CVE-2019-9495)
- verify server scalar/element
[https://w1.fi/security/2019-4/] (CVE-2019-9499)
- fix message reassembly issue with unexpected fragment
[https://w1.fi/security/2019-5/]
- enforce rand,mask generation rules more strictly
- fix a memory leak in PWE derivation
- disallow ECC groups with a prime under 256 bits (groups 25, 26, and
27)
* fixed CONFIG_IEEE80211R=y (FT) build without CONFIG_FILS=y
* Hotspot 2.0 changes
- do not indicate release number that is higher than the one
AP supports
- added support for release number 3
- enable PMF automatically for network profiles created from
credentials
* fixed OWE network profile saving
* fixed DPP network profile saving
* added support for RSN operating channel validation
(CONFIG_OCV=y and network profile parameter ocv=1)
* added Multi-AP backhaul STA support
* fixed build with LibreSSL
* number of MKA/MACsec fixes and extensions
* extended domain_match and domain_suffix_match to allow list of values
* fixed dNSName matching in domain_match and domain_suffix_match when
using wolfSSL
* started to prefer FT-EAP-SHA384 over WPA-EAP-SUITE-B-192 AKM if both
are enabled
* extended nl80211 Connect and external authentication to support
SAE, FT-SAE, FT-EAP-SHA384
* fixed KEK2 derivation for FILS+FT
* extended client_cert file to allow loading of a chain of PEM
encoded certificates
* extended beacon reporting functionality
* extended D-Bus interface with number of new properties
* fixed a regression in FT-over-DS with mac80211-based drivers
* OpenSSL: allow systemwide policies to be overridden
* extended driver flags indication for separate 802.1X and PSK
4-way handshake offload capability
* added support for random P2P Device/Interface Address use
* extended PEAP to derive EMSK to enable use with ERP/FILS
* extended WPS to allow SAE configuration to be added automatically
for PSK (wps_cred_add_sae=1)
* removed support for the old D-Bus interface (CONFIG_CTRL_IFACE_DBUS)
* extended domain_match and domain_suffix_match to allow list of values
* added a RSN workaround for misbehaving PMF APs that advertise
IGTK/BIP KeyID using incorrect byte order
* fixed PTK rekeying with FILS and FT

2018-12-02 - v2.7
* fixed WPA packet number reuse with replayed messages and key
reinstallation
[https://w1.fi/security/2017-1/] (CVE-2017-13077, CVE-2017-13078,
CVE-2017-13079, CVE-2017-13080, CVE-2017-13081, CVE-2017-13082,
CVE-2017-13086, CVE-2017-13087, CVE-2017-13088)
* fixed unauthenticated EAPOL-Key decryption in wpa_supplicant
[https://w1.fi/security/2018-1/] (CVE-2018-14526)
* added support for FILS (IEEE 802.11ai) shared key authentication
* added support for OWE (Opportunistic Wireless Encryption, RFC 8110;
and transition mode defined by WFA)
* added support for DPP (Wi-Fi Device Provisioning Protocol)
* added support for RSA 3k key case with Suite B 192-bit level
* fixed Suite B PMKSA caching not to update PMKID during each 4-way
handshake
* fixed EAP-pwd pre-processing with PasswordHashHash
* added EAP-pwd client support for salted passwords
* fixed a regression in TDLS prohibited bit validation
* started to use estimated throughput to avoid undesired signal
strength based roaming decision
* MACsec/MKA:
- new macsec_linux driver interface support for the Linux
kernel macsec module
- number of fixes and extensions
* added support for external persistent storage of PMKSA cache
(PMKSA_GET/PMKSA_ADD control interface commands; and
MESH_PMKSA_GET/MESH_PMKSA_SET for the mesh case)
* fixed mesh channel configuration pri/sec switch case
* added support for beacon report
* large number of other fixes, cleanup, and extensions
* added support for randomizing local address for GAS queries
(gas_rand_mac_addr parameter)
* fixed EAP-SIM/AKA/AKA' ext auth cases within TLS tunnel
* added option for using random WPS UUID (auto_uuid=1)
* added SHA256-hash support for OCSP certificate matching
* fixed EAP-AKA' to add AT_KDF into Synchronization-Failure
* fixed a regression in RSN pre-authentication candidate selection
* added option to configure allowed group management cipher suites
(group_mgmt network profile parameter)
* removed all PeerKey functionality
* fixed nl80211 AP and mesh mode configuration regression with
Linux 4.15 and newer
* added ap_isolate configuration option for AP mode
* added support for nl80211 to offload 4-way handshake into the driver
* added support for using wolfSSL cryptographic library
* SAE
- added support for configuring SAE password separately of the
WPA2 PSK/passphrase
- fixed PTK and EAPOL-Key integrity and key-wrap algorithm selection
for SAE;
note: this is not backwards compatible, i.e., both the AP and
station side implementations will need to be update at the same
time to maintain interoperability
- added support for Password Identifier
- fixed FT-SAE PMKID matching
* Hotspot 2.0
- added support for fetching of Operator Icon Metadata ANQP-element
- added support for Roaming Consortium Selection element
- added support for Terms and Conditions
- added support for OSEN connection in a shared RSN BSS
- added support for fetching Venue URL information
* added support for using OpenSSL 1.1.1
* FT
- disabled PMKSA caching with FT since it is not fully functional
- added support for SHA384 based AKM
- added support for BIP ciphers BIP-CMAC-256, BIP-GMAC-128,
BIP-GMAC-256 in addition to previously supported BIP-CMAC-128
- fixed additional IE inclusion in Reassociation Request frame when
using FT protocol

branches: 1.1.1.6.12; 1.1.1.6.14;
Import wpa_supplicant and hostapd

branches: 1.1.1.5.2;
2015-03-15 - v2.4
* allow OpenSSL cipher configuration to be set for internal EAP server
(openssl_ciphers parameter)
* fixed number of small issues based on hwsim test case failures and
static analyzer reports
* P2P:
- add new=<0/1> flag to P2P-DEVICE-FOUND events
- add passive channels in invitation response from P2P Client
- enable nl80211 P2P_DEVICE support by default
- fix regresssion in disallow_freq preventing search on social
channels
- fix regressions in P2P SD query processing
- try to re-invite with social operating channel if no common channels
in invitation
- allow cross connection on parent interface (this fixes number of
use cases with nl80211)
- add support for P2P services (P2PS)
- add p2p_go_ctwindow configuration parameter to allow GO CTWindow to
be configured
* increase postponing of EAPOL-Start by one second with AP/GO that
supports WPS 2.0 (this makes it less likely to trigger extra roundtrip
of identity frames)
* add support for PMKSA caching with SAE
* add support for control mesh BSS (IEEE 802.11s) operations
* fixed number of issues with D-Bus P2P commands
* fixed regression in ap_scan=2 special case for WPS
* fixed macsec_validate configuration
* add a workaround for incorrectly behaving APs that try to use
EAPOL-Key descriptor version 3 when the station supports PMF even if
PMF is not enabled on the AP
* allow TLS v1.1 and v1.2 to be negotiated by default; previous behavior
of disabling these can be configured to work around issues with broken
servers with phase1="tls_disable_tlsv1_1=1 tls_disable_tlsv1_2=1"
* add support for Suite B (128-bit and 192-bit level) key management and
cipher suites
* add WMM-AC support (WMM_AC_ADDTS/WMM_AC_DELTS)
* improved BSS Transition Management processing
* add support for neighbor report
* add support for link measurement
* fixed expiration of BSS entry with all-zeros BSSID
* add optional LAST_ID=x argument to LIST_NETWORK to allow all
configured networks to be listed even with huge number of network
profiles
* add support for EAP Re-Authentication Protocol (ERP)
* fixed EAP-IKEv2 fragmentation reassembly
* improved PKCS#11 configuration for OpenSSL
* set stdout to be line-buffered
* add TDLS channel switch configuration
* add support for MAC address randomization in scans with nl80211
* enable HT for IBSS if supported by the driver
* add BSSID black and white lists (bssid_blacklist, bssid_whitelist)
* add support for domain_suffix_match with GnuTLS
* add OCSP stapling client support with GnuTLS
* include peer certificate in EAP events even without a separate probe
operation; old behavior can be restored with cert_in_cb=0
* add peer ceritficate alt subject name to EAP events
(CTRL-EVENT-EAP-PEER-ALT)
* add domain_match network profile parameter (similar to
domain_suffix_match, but full match is required)
* enable AP/GO mode HT Tx STBC automatically based on driver support
* add ANQP-QUERY-DONE event to provide information on ANQP parsing
status
* allow passive scanning to be forced with passive_scan=1
* add a workaround for Linux packet socket behavior when interface is in
bridge
* increase 5 GHz band preference in BSS selection (estimate SNR, if info
not available from driver; estimate maximum throughput based on common
HT/VHT/specific TX rate support)
* add INTERWORKING_ADD_NETWORK ctrl_iface command; this can be used to
implement Interworking network selection behavior in upper layers
software components
* add optional reassoc_same_bss_optim=1 (disabled by default)
optimization to avoid unnecessary Authentication frame exchange
* extend TDLS frame padding workaround to cover all packets
* allow wpa_supplicant to recover nl80211 functionality if the cfg80211
module gets removed and reloaded without restarting wpa_supplicant
* allow hostapd DFS implementation to be used in wpa_supplicant AP mode

Import wpa_supplicant and hostapd

branches: 1.1.1.3.4;
import v2_0:

2013-01-12 - v2.0
* removed Qt3-based wpa_gui (obsoleted by wpa_qui-qt4)
* removed unmaintained driver wrappers broadcom, iphone, osx, ralink,
hostap, madwifi (hostap and madwifi remain available for hostapd;
their wpa_supplicant functionality is obsoleted by wext)
* improved debug logging (human readable event names, interface name
included in more entries)
* changed AP mode behavior to enable WPS only for open and
WPA/WPA2-Personal configuration
* improved P2P concurrency operations
- better coordination of concurrent scan and P2P search operations
- avoid concurrent remain-on-channel operation requests by canceling
previous operations prior to starting a new one
- reject operations that would require multi-channel concurrency if
the driver does not support it
- add parameter to select whether STA or P2P connection is preferred
if the driver cannot support both at the same time
- allow driver to indicate channel changes
- added optional delay=<search delay in milliseconds> parameter for
p2p_find to avoid taking all radio resources
- use 500 ms p2p_find search delay by default during concurrent
operations
- allow all channels in GO Negotiation if the driver supports
multi-channel concurrency
* added number of small changes to make it easier for static analyzers
to understand the implementation
* fixed number of small bugs (see git logs for more details)
* nl80211: number of updates to use new cfg80211/nl80211 functionality
- replace monitor interface with nl80211 commands for AP mode
- additional information for driver-based AP SME
- STA entry authorization in RSN IBSS
* EAP-pwd:
- fixed KDF for group 21 and zero-padding
- added support for fragmentation
- increased maximum number of hunting-and-pecking iterations
* avoid excessive Probe Response retries for broadcast Probe Request
frames (only with drivers using wpa_supplicant AP mode SME/MLME)
* added "GET country" ctrl_iface command
* do not save an invalid network block in wpa_supplicant.conf to avoid
problems reading the file on next start
* send STA connected/disconnected ctrl_iface events to both the P2P
group and parent interfaces
* added preliminary support for using TLS v1.2 (CONFIG_TLSV12=y)
* added "SET pno <1/0>" ctrl_iface command to start/stop preferred
network offload with sched_scan driver command
* merged in number of changes from Android repository for P2P, nl80211,
and build parameters
* changed P2P GO mode configuration to use driver capabilities to
automatically enable HT operations when supported
* added "wpa_cli status wps" command to fetch WPA2-Personal passhrase
for WPS use cases in AP mode
* EAP-AKA: keep pseudonym identity across EAP exchanges to match EAP-SIM
behavior
* improved reassociation behavior in cases where association is rejected
or when an AP disconnects us to handle common load balancing
mechanisms
- try to avoid extra scans when the needed information is available
* added optional "join" argument for p2p_prov_disc ctrl_iface command
* added group ifname to P2P-PROV-DISC-* events
* added P2P Device Address to AP-STA-DISCONNECTED event and use
p2p_dev_addr parameter name with AP-STA-CONNECTED
* added workarounds for WPS PBC overlap detection for some P2P use cases
where deployed stations work incorrectly
* optimize WPS connection speed by disconnecting prior to WPS scan and
by using single channel scans when AP channel is known
* PCSC and SIM/USIM improvements:
- accept 0x67 (Wrong length) as a response to READ RECORD to fix
issues with some USIM cards
- try to read MNC length from SIM/USIM
- build realm according to 3GPP TS 23.003 with identity from the SIM
- allow T1 protocol to be enabled
* added more WPS and P2P information available through D-Bus
* improve P2P negotiation robustness
- extra waits to get ACK frames through
- longer timeouts for cases where deployed devices have been
identified have issues meeting the specification requirements
- more retries for some P2P frames
- handle race conditions in GO Negotiation start by both devices
- ignore unexpected GO Negotiation Response frame
* added support for libnl 3.2 and newer
* added P2P persistent group info to P2P_PEER data
* maintain a list of P2P Clients for persistent group on GO
* AP: increased initial group key handshake retransmit timeout to 500 ms
* added optional dev_id parameter for p2p_find
* added P2P-FIND-STOPPED ctrl_iface event
* fixed issues in WPA/RSN element validation when roaming with ap_scan=1
and driver-based BSS selection
* do not expire P2P peer entries while connected with the peer in a
group
* fixed WSC element inclusion in cases where P2P is disabled
* AP: added a WPS workaround for mixed mode AP Settings with Windows 7
* EAP-SIM: fixed AT_COUNTER_TOO_SMALL use
* EAP-SIM/AKA: append realm to pseudonym identity
* EAP-SIM/AKA: store pseudonym identity in network configuration to
allow it to persist over multiple EAP sessions and wpa_supplicant
restarts
* EAP-AKA': updated to RFC 5448 (username prefixes changed); note: this
breaks interoperability with older versions
* added support for WFA Hotspot 2.0
- GAS/ANQP to fetch network information
- credential configuration and automatic network selections based on
credential match with ANQP information
* limited PMKSA cache entries to be used only with the network context
that was used to create them
* improved PMKSA cache expiration to avoid unnecessary disconnections
* adjusted bgscan_simple fast-scan backoff to avoid too frequent
background scans
* removed ctrl_iface event on P2P PD Response in join-group case
* added option to fetch BSS table entry based on P2P Device Address
("BSS p2p_dev_addr=<P2P Device Address>")
* added BSS entry age to ctrl_iface BSS command output
* added optional MASK=0xH option for ctrl_iface BSS command to select
which fields are included in the response
* added optional RANGE=ALL|N1-N2 option for ctrl_iface BSS command to
fetch information about several BSSes in one call
* simplified licensing terms by selecting the BSD license as the only
alternative
* added "P2P_SET disallow_freq <freq list>" ctrl_iface command to
disable channels from P2P use
* added p2p_pref_chan configuration parameter to allow preferred P2P
channels to be specified
* added support for advertising immediate availability of a WPS
credential for P2P use cases
* optimized scan operations for P2P use cases (use single channel scan
for a specific SSID when possible)
* EAP-TTLS: fixed peer challenge generation for MSCHAPv2
* SME: do not use reassociation after explicit disconnection request
(local or a notification from an AP)
* added support for sending debug info to Linux tracing (-T on command
line)
* added support for using Deauthentication reason code 3 as an
indication of P2P group termination
* added wps_vendor_ext_m1 configuration parameter to allow vendor
specific attributes to be added to WPS M1
* started using separate TLS library context for tunneled TLS
(EAP-PEAP/TLS, EAP-TTLS/TLS, EAP-FAST/TLS) to support different CA
certificate configuration between Phase 1 and Phase 2
* added optional "auto" parameter for p2p_connect to request automatic
GO Negotiation vs. join-a-group selection
* added disabled_scan_offload parameter to disable automatic scan
offloading (sched_scan)
* added optional persistent=<network id> parameter for p2p_connect to
allow forcing of a specific SSID/passphrase for GO Negotiation
* added support for OBSS scan requests and 20/40 BSS coexistence reports
* reject PD Request for unknown group
* removed scripts and notes related to Windows binary releases (which
have not been used starting from 1.x)
* added initial support for WNM operations
- Keep-alive based on BSS max idle period
- WNM-Sleep Mode
- minimal BSS Transition Management processing
* added autoscan module to control scanning behavior while not connected
- autoscan_periodic and autoscan_exponential modules
* added new WPS NFC ctrl_iface mechanism
- added initial support NFC connection handover
- removed obsoleted WPS_OOB command (including support for deprecated
UFD config_method)
* added optional framework for external password storage ("ext:<name>")
* wpa_cli: added optional support for controlling wpa_supplicant
remotely over UDP (CONFIG_CTRL_IFACE=udp-remote) for testing purposes
* wpa_cli: extended tab completion to more commands
* changed SSID output to use printf-escaped strings instead of masking
of non-ASCII characters
- SSID can now be configured in the same format: ssid=P"abc\x00test"
* removed default ACM=1 from AC_VO and AC_VI
* added optional "ht40" argument for P2P ctrl_iface commands to allow
40 MHz channels to be requested on the 5 GHz band
* added optional parameters for p2p_invite command to specify channel
when reinvoking a persistent group as the GO
* improved FIPS mode builds with OpenSSL
- "make fips" with CONFIG_FIPS=y to build wpa_supplicant with the
OpenSSL FIPS object module
- replace low level OpenSSL AES API calls to use EVP
- use OpenSSL keying material exporter when possible
- do not export TLS keys in FIPS mode
- remove MD5 from CONFIG_FIPS=y builds
- use OpenSSL function for PKBDF2 passphrase-to-PSK
- use OpenSSL HMAC implementation
- mix RAND_bytes() output into random_get_bytes() to force OpenSSL
DRBG to be used in FIPS mode
- use OpenSSL CMAC implementation
* added mechanism to disable TLS Session Ticket extension
- a workaround for servers that do not support TLS extensions that
was enabled by default in recent OpenSSL versions
- tls_disable_session_ticket=1
- automatically disable TLS Session Ticket extension by default when
using EAP-TLS/PEAP/TTLS (i.e., only use it with EAP-FAST)
* changed VENDOR-TEST EAP method to use proper private enterprise number
(this will not interoperate with older versions)
* disable network block temporarily on authentication failures
* improved WPS AP selection during WPS PIN iteration
* added support for configuring GCMP cipher for IEEE 802.11ad
* added support for Wi-Fi Display extensions
- WFD_SUBELEMENT_SET ctrl_iface command to configure WFD subelements
- SET wifi_display <0/1> to disable/enable WFD support
- WFD service discovery
- an external program is needed to manage the audio/video streaming
and codecs
* optimized scan result use for network selection
- use the internal BSS table instead of raw scan results
- allow unnecessary scans to be skipped if fresh information is
available (e.g., after GAS/ANQP round for Interworking)
* added support for 256-bit AES with internal TLS implementation
* allow peer to propose channel in P2P invitation process for a
persistent group
* added disallow_aps parameter to allow BSSIDs/SSIDs to be disallowed
from network selection
* re-enable the networks disabled during WPS operations
* allow P2P functionality to be disabled per interface (p2p_disabled=1)
* added secondary device types into P2P_PEER output
* added an option to disable use of a separate P2P group interface
(p2p_no_group_iface=1)
* fixed P2P Bonjour SD to match entries with both compressed and not
compressed domain name format and support multiple Bonjour PTR matches
for the same key
* use deauthentication instead of disassociation for all disconnection
operations; this removes the now unused disassociate() wpa_driver_ops
callback
* optimized PSK generation on P2P GO by caching results to avoid
multiple PBKDF2 operations
* added okc=1 global configuration parameter to allow OKC to be enabled
by default for all network blocks
* added a workaround for WPS PBC session overlap detection to avoid
interop issues with deployed station implementations that do not
remove active PBC indication from Probe Request frames properly
* added basic support for 60 GHz band
* extend EAPOL frames processing workaround for roaming cases
(postpone processing of unexpected EAPOL frame until association
event to handle reordered events)

from hostap.epitest.fi

branches: 1.1.1.1.6; 1.1.1.1.8; 1.1.1.1.12; 1.1.1.1.14; 1.1.1.1.16;
Import wpa_supplicant and hostapd

2018-12-02 - v2.7
* fixed WPA packet number reuse with replayed messages and key
reinstallation
[https://w1.fi/security/2017-1/] (CVE-2017-13077, CVE-2017-13078,
CVE-2017-13079, CVE-2017-13080, CVE-2017-13081, CVE-2017-13082,
CVE-2017-13086, CVE-2017-13087, CVE-2017-13088)
* fixed unauthenticated EAPOL-Key decryption in wpa_supplicant
[https://w1.fi/security/2018-1/] (CVE-2018-14526)
* added support for FILS (IEEE 802.11ai) shared key authentication
* added support for OWE (Opportunistic Wireless Encryption, RFC 8110;
and transition mode defined by WFA)
* added support for DPP (Wi-Fi Device Provisioning Protocol)
* added support for RSA 3k key case with Suite B 192-bit level
* fixed Suite B PMKSA caching not to update PMKID during each 4-way
handshake
* fixed EAP-pwd pre-processing with PasswordHashHash
* added EAP-pwd client support for salted passwords
* fixed a regression in TDLS prohibited bit validation
* started to use estimated throughput to avoid undesired signal
strength based roaming decision
* MACsec/MKA:
- new macsec_linux driver interface support for the Linux
kernel macsec module
- number of fixes and extensions
* added support for external persistent storage of PMKSA cache
(PMKSA_GET/PMKSA_ADD control interface commands; and
MESH_PMKSA_GET/MESH_PMKSA_SET for the mesh case)
* fixed mesh channel configuration pri/sec switch case
* added support for beacon report
* large number of other fixes, cleanup, and extensions
* added support for randomizing local address for GAS queries
(gas_rand_mac_addr parameter)
* fixed EAP-SIM/AKA/AKA' ext auth cases within TLS tunnel
* added option for using random WPS UUID (auto_uuid=1)
* added SHA256-hash support for OCSP certificate matching
* fixed EAP-AKA' to add AT_KDF into Synchronization-Failure
* fixed a regression in RSN pre-authentication candidate selection
* added option to configure allowed group management cipher suites
(group_mgmt network profile parameter)
* removed all PeerKey functionality
* fixed nl80211 AP and mesh mode configuration regression with
Linux 4.15 and newer
* added ap_isolate configuration option for AP mode
* added support for nl80211 to offload 4-way handshake into the driver
* added support for using wolfSSL cryptographic library
* SAE
- added support for configuring SAE password separately of the
WPA2 PSK/passphrase
- fixed PTK and EAPOL-Key integrity and key-wrap algorithm selection
for SAE;
note: this is not backwards compatible, i.e., both the AP and
station side implementations will need to be update at the same
time to maintain interoperability
- added support for Password Identifier
- fixed FT-SAE PMKID matching
* Hotspot 2.0
- added support for fetching of Operator Icon Metadata ANQP-element
- added support for Roaming Consortium Selection element
- added support for Terms and Conditions
- added support for OSEN connection in a shared RSN BSS
- added support for fetching Venue URL information
* added support for using OpenSSL 1.1.1
* FT
- disabled PMKSA caching with FT since it is not fully functional
- added support for SHA384 based AKM
- added support for BIP ciphers BIP-CMAC-256, BIP-GMAC-128,
BIP-GMAC-256 in addition to previously supported BIP-CMAC-128
- fixed additional IE inclusion in Reassociation Request frame when
using FT protocol

branches: 1.1.1.6.12;
Import wpa_supplicant and hostapd

branches: 1.1.1.5.2;
2015-03-15 - v2.4
* allow OpenSSL cipher configuration to be set for internal EAP server
(openssl_ciphers parameter)
* fixed number of small issues based on hwsim test case failures and
static analyzer reports
* P2P:
- add new=<0/1> flag to P2P-DEVICE-FOUND events
- add passive channels in invitation response from P2P Client
- enable nl80211 P2P_DEVICE support by default
- fix regresssion in disallow_freq preventing search on social
channels
- fix regressions in P2P SD query processing
- try to re-invite with social operating channel if no common channels
in invitation
- allow cross connection on parent interface (this fixes number of
use cases with nl80211)
- add support for P2P services (P2PS)
- add p2p_go_ctwindow configuration parameter to allow GO CTWindow to
be configured
* increase postponing of EAPOL-Start by one second with AP/GO that
supports WPS 2.0 (this makes it less likely to trigger extra roundtrip
of identity frames)
* add support for PMKSA caching with SAE
* add support for control mesh BSS (IEEE 802.11s) operations
* fixed number of issues with D-Bus P2P commands
* fixed regression in ap_scan=2 special case for WPS
* fixed macsec_validate configuration
* add a workaround for incorrectly behaving APs that try to use
EAPOL-Key descriptor version 3 when the station supports PMF even if
PMF is not enabled on the AP
* allow TLS v1.1 and v1.2 to be negotiated by default; previous behavior
of disabling these can be configured to work around issues with broken
servers with phase1="tls_disable_tlsv1_1=1 tls_disable_tlsv1_2=1"
* add support for Suite B (128-bit and 192-bit level) key management and
cipher suites
* add WMM-AC support (WMM_AC_ADDTS/WMM_AC_DELTS)
* improved BSS Transition Management processing
* add support for neighbor report
* add support for link measurement
* fixed expiration of BSS entry with all-zeros BSSID
* add optional LAST_ID=x argument to LIST_NETWORK to allow all
configured networks to be listed even with huge number of network
profiles
* add support for EAP Re-Authentication Protocol (ERP)
* fixed EAP-IKEv2 fragmentation reassembly
* improved PKCS#11 configuration for OpenSSL
* set stdout to be line-buffered
* add TDLS channel switch configuration
* add support for MAC address randomization in scans with nl80211
* enable HT for IBSS if supported by the driver
* add BSSID black and white lists (bssid_blacklist, bssid_whitelist)
* add support for domain_suffix_match with GnuTLS
* add OCSP stapling client support with GnuTLS
* include peer certificate in EAP events even without a separate probe
operation; old behavior can be restored with cert_in_cb=0
* add peer ceritficate alt subject name to EAP events
(CTRL-EVENT-EAP-PEER-ALT)
* add domain_match network profile parameter (similar to
domain_suffix_match, but full match is required)
* enable AP/GO mode HT Tx STBC automatically based on driver support
* add ANQP-QUERY-DONE event to provide information on ANQP parsing
status
* allow passive scanning to be forced with passive_scan=1
* add a workaround for Linux packet socket behavior when interface is in
bridge
* increase 5 GHz band preference in BSS selection (estimate SNR, if info
not available from driver; estimate maximum throughput based on common
HT/VHT/specific TX rate support)
* add INTERWORKING_ADD_NETWORK ctrl_iface command; this can be used to
implement Interworking network selection behavior in upper layers
software components
* add optional reassoc_same_bss_optim=1 (disabled by default)
optimization to avoid unnecessary Authentication frame exchange
* extend TDLS frame padding workaround to cover all packets
* allow wpa_supplicant to recover nl80211 functionality if the cfg80211
module gets removed and reloaded without restarting wpa_supplicant
* allow hostapd DFS implementation to be used in wpa_supplicant AP mode

Import wpa_supplicant and hostapd

branches: 1.1.1.3.4;
import v2_0:

2013-01-12 - v2.0
* removed Qt3-based wpa_gui (obsoleted by wpa_qui-qt4)
* removed unmaintained driver wrappers broadcom, iphone, osx, ralink,
hostap, madwifi (hostap and madwifi remain available for hostapd;
their wpa_supplicant functionality is obsoleted by wext)
* improved debug logging (human readable event names, interface name
included in more entries)
* changed AP mode behavior to enable WPS only for open and
WPA/WPA2-Personal configuration
* improved P2P concurrency operations
- better coordination of concurrent scan and P2P search operations
- avoid concurrent remain-on-channel operation requests by canceling
previous operations prior to starting a new one
- reject operations that would require multi-channel concurrency if
the driver does not support it
- add parameter to select whether STA or P2P connection is preferred
if the driver cannot support both at the same time
- allow driver to indicate channel changes
- added optional delay=<search delay in milliseconds> parameter for
p2p_find to avoid taking all radio resources
- use 500 ms p2p_find search delay by default during concurrent
operations
- allow all channels in GO Negotiation if the driver supports
multi-channel concurrency
* added number of small changes to make it easier for static analyzers
to understand the implementation
* fixed number of small bugs (see git logs for more details)
* nl80211: number of updates to use new cfg80211/nl80211 functionality
- replace monitor interface with nl80211 commands for AP mode
- additional information for driver-based AP SME
- STA entry authorization in RSN IBSS
* EAP-pwd:
- fixed KDF for group 21 and zero-padding
- added support for fragmentation
- increased maximum number of hunting-and-pecking iterations
* avoid excessive Probe Response retries for broadcast Probe Request
frames (only with drivers using wpa_supplicant AP mode SME/MLME)
* added "GET country" ctrl_iface command
* do not save an invalid network block in wpa_supplicant.conf to avoid
problems reading the file on next start
* send STA connected/disconnected ctrl_iface events to both the P2P
group and parent interfaces
* added preliminary support for using TLS v1.2 (CONFIG_TLSV12=y)
* added "SET pno <1/0>" ctrl_iface command to start/stop preferred
network offload with sched_scan driver command
* merged in number of changes from Android repository for P2P, nl80211,
and build parameters
* changed P2P GO mode configuration to use driver capabilities to
automatically enable HT operations when supported
* added "wpa_cli status wps" command to fetch WPA2-Personal passhrase
for WPS use cases in AP mode
* EAP-AKA: keep pseudonym identity across EAP exchanges to match EAP-SIM
behavior
* improved reassociation behavior in cases where association is rejected
or when an AP disconnects us to handle common load balancing
mechanisms
- try to avoid extra scans when the needed information is available
* added optional "join" argument for p2p_prov_disc ctrl_iface command
* added group ifname to P2P-PROV-DISC-* events
* added P2P Device Address to AP-STA-DISCONNECTED event and use
p2p_dev_addr parameter name with AP-STA-CONNECTED
* added workarounds for WPS PBC overlap detection for some P2P use cases
where deployed stations work incorrectly
* optimize WPS connection speed by disconnecting prior to WPS scan and
by using single channel scans when AP channel is known
* PCSC and SIM/USIM improvements:
- accept 0x67 (Wrong length) as a response to READ RECORD to fix
issues with some USIM cards
- try to read MNC length from SIM/USIM
- build realm according to 3GPP TS 23.003 with identity from the SIM
- allow T1 protocol to be enabled
* added more WPS and P2P information available through D-Bus
* improve P2P negotiation robustness
- extra waits to get ACK frames through
- longer timeouts for cases where deployed devices have been
identified have issues meeting the specification requirements
- more retries for some P2P frames
- handle race conditions in GO Negotiation start by both devices
- ignore unexpected GO Negotiation Response frame
* added support for libnl 3.2 and newer
* added P2P persistent group info to P2P_PEER data
* maintain a list of P2P Clients for persistent group on GO
* AP: increased initial group key handshake retransmit timeout to 500 ms
* added optional dev_id parameter for p2p_find
* added P2P-FIND-STOPPED ctrl_iface event
* fixed issues in WPA/RSN element validation when roaming with ap_scan=1
and driver-based BSS selection
* do not expire P2P peer entries while connected with the peer in a
group
* fixed WSC element inclusion in cases where P2P is disabled
* AP: added a WPS workaround for mixed mode AP Settings with Windows 7
* EAP-SIM: fixed AT_COUNTER_TOO_SMALL use
* EAP-SIM/AKA: append realm to pseudonym identity
* EAP-SIM/AKA: store pseudonym identity in network configuration to
allow it to persist over multiple EAP sessions and wpa_supplicant
restarts
* EAP-AKA': updated to RFC 5448 (username prefixes changed); note: this
breaks interoperability with older versions
* added support for WFA Hotspot 2.0
- GAS/ANQP to fetch network information
- credential configuration and automatic network selections based on
credential match with ANQP information
* limited PMKSA cache entries to be used only with the network context
that was used to create them
* improved PMKSA cache expiration to avoid unnecessary disconnections
* adjusted bgscan_simple fast-scan backoff to avoid too frequent
background scans
* removed ctrl_iface event on P2P PD Response in join-group case
* added option to fetch BSS table entry based on P2P Device Address
("BSS p2p_dev_addr=<P2P Device Address>")
* added BSS entry age to ctrl_iface BSS command output
* added optional MASK=0xH option for ctrl_iface BSS command to select
which fields are included in the response
* added optional RANGE=ALL|N1-N2 option for ctrl_iface BSS command to
fetch information about several BSSes in one call
* simplified licensing terms by selecting the BSD license as the only
alternative
* added "P2P_SET disallow_freq <freq list>" ctrl_iface command to
disable channels from P2P use
* added p2p_pref_chan configuration parameter to allow preferred P2P
channels to be specified
* added support for advertising immediate availability of a WPS
credential for P2P use cases
* optimized scan operations for P2P use cases (use single channel scan
for a specific SSID when possible)
* EAP-TTLS: fixed peer challenge generation for MSCHAPv2
* SME: do not use reassociation after explicit disconnection request
(local or a notification from an AP)
* added support for sending debug info to Linux tracing (-T on command
line)
* added support for using Deauthentication reason code 3 as an
indication of P2P group termination
* added wps_vendor_ext_m1 configuration parameter to allow vendor
specific attributes to be added to WPS M1
* started using separate TLS library context for tunneled TLS
(EAP-PEAP/TLS, EAP-TTLS/TLS, EAP-FAST/TLS) to support different CA
certificate configuration between Phase 1 and Phase 2
* added optional "auto" parameter for p2p_connect to request automatic
GO Negotiation vs. join-a-group selection
* added disabled_scan_offload parameter to disable automatic scan
offloading (sched_scan)
* added optional persistent=<network id> parameter for p2p_connect to
allow forcing of a specific SSID/passphrase for GO Negotiation
* added support for OBSS scan requests and 20/40 BSS coexistence reports
* reject PD Request for unknown group
* removed scripts and notes related to Windows binary releases (which
have not been used starting from 1.x)
* added initial support for WNM operations
- Keep-alive based on BSS max idle period
- WNM-Sleep Mode
- minimal BSS Transition Management processing
* added autoscan module to control scanning behavior while not connected
- autoscan_periodic and autoscan_exponential modules
* added new WPS NFC ctrl_iface mechanism
- added initial support NFC connection handover
- removed obsoleted WPS_OOB command (including support for deprecated
UFD config_method)
* added optional framework for external password storage ("ext:<name>")
* wpa_cli: added optional support for controlling wpa_supplicant
remotely over UDP (CONFIG_CTRL_IFACE=udp-remote) for testing purposes
* wpa_cli: extended tab completion to more commands
* changed SSID output to use printf-escaped strings instead of masking
of non-ASCII characters
- SSID can now be configured in the same format: ssid=P"abc\x00test"
* removed default ACM=1 from AC_VO and AC_VI
* added optional "ht40" argument for P2P ctrl_iface commands to allow
40 MHz channels to be requested on the 5 GHz band
* added optional parameters for p2p_invite command to specify channel
when reinvoking a persistent group as the GO
* improved FIPS mode builds with OpenSSL
- "make fips" with CONFIG_FIPS=y to build wpa_supplicant with the
OpenSSL FIPS object module
- replace low level OpenSSL AES API calls to use EVP
- use OpenSSL keying material exporter when possible
- do not export TLS keys in FIPS mode
- remove MD5 from CONFIG_FIPS=y builds
- use OpenSSL function for PKBDF2 passphrase-to-PSK
- use OpenSSL HMAC implementation
- mix RAND_bytes() output into random_get_bytes() to force OpenSSL
DRBG to be used in FIPS mode
- use OpenSSL CMAC implementation
* added mechanism to disable TLS Session Ticket extension
- a workaround for servers that do not support TLS extensions that
was enabled by default in recent OpenSSL versions
- tls_disable_session_ticket=1
- automatically disable TLS Session Ticket extension by default when
using EAP-TLS/PEAP/TTLS (i.e., only use it with EAP-FAST)
* changed VENDOR-TEST EAP method to use proper private enterprise number
(this will not interoperate with older versions)
* disable network block temporarily on authentication failures
* improved WPS AP selection during WPS PIN iteration
* added support for configuring GCMP cipher for IEEE 802.11ad
* added support for Wi-Fi Display extensions
- WFD_SUBELEMENT_SET ctrl_iface command to configure WFD subelements
- SET wifi_display <0/1> to disable/enable WFD support
- WFD service discovery
- an external program is needed to manage the audio/video streaming
and codecs
* optimized scan result use for network selection
- use the internal BSS table instead of raw scan results
- allow unnecessary scans to be skipped if fresh information is
available (e.g., after GAS/ANQP round for Interworking)
* added support for 256-bit AES with internal TLS implementation
* allow peer to propose channel in P2P invitation process for a
persistent group
* added disallow_aps parameter to allow BSSIDs/SSIDs to be disallowed
from network selection
* re-enable the networks disabled during WPS operations
* allow P2P functionality to be disabled per interface (p2p_disabled=1)
* added secondary device types into P2P_PEER output
* added an option to disable use of a separate P2P group interface
(p2p_no_group_iface=1)
* fixed P2P Bonjour SD to match entries with both compressed and not
compressed domain name format and support multiple Bonjour PTR matches
for the same key
* use deauthentication instead of disassociation for all disconnection
operations; this removes the now unused disassociate() wpa_driver_ops
callback
* optimized PSK generation on P2P GO by caching results to avoid
multiple PBKDF2 operations
* added okc=1 global configuration parameter to allow OKC to be enabled
by default for all network blocks
* added a workaround for WPS PBC session overlap detection to avoid
interop issues with deployed station implementations that do not
remove active PBC indication from Probe Request frames properly
* added basic support for 60 GHz band
* extend EAPOL frames processing workaround for roaming cases
(postpone processing of unexpected EAPOL frame until association
event to handle reordered events)

from hostap.epitest.fi

branches: 1.1.1.1.6; 1.1.1.1.8; 1.1.1.1.12; 1.1.1.1.14; 1.1.1.1.16;
Import wpa_supplicant and hostapd

Import wpa_supplicant and hostapd

2015-03-15 - v2.4
* allow OpenSSL cipher configuration to be set for internal EAP server
(openssl_ciphers parameter)
* fixed number of small issues based on hwsim test case failures and
static analyzer reports
* P2P:
- add new=<0/1> flag to P2P-DEVICE-FOUND events
- add passive channels in invitation response from P2P Client
- enable nl80211 P2P_DEVICE support by default
- fix regresssion in disallow_freq preventing search on social
channels
- fix regressions in P2P SD query processing
- try to re-invite with social operating channel if no common channels
in invitation
- allow cross connection on parent interface (this fixes number of
use cases with nl80211)
- add support for P2P services (P2PS)
- add p2p_go_ctwindow configuration parameter to allow GO CTWindow to
be configured
* increase postponing of EAPOL-Start by one second with AP/GO that
supports WPS 2.0 (this makes it less likely to trigger extra roundtrip
of identity frames)
* add support for PMKSA caching with SAE
* add support for control mesh BSS (IEEE 802.11s) operations
* fixed number of issues with D-Bus P2P commands
* fixed regression in ap_scan=2 special case for WPS
* fixed macsec_validate configuration
* add a workaround for incorrectly behaving APs that try to use
EAPOL-Key descriptor version 3 when the station supports PMF even if
PMF is not enabled on the AP
* allow TLS v1.1 and v1.2 to be negotiated by default; previous behavior
of disabling these can be configured to work around issues with broken
servers with phase1="tls_disable_tlsv1_1=1 tls_disable_tlsv1_2=1"
* add support for Suite B (128-bit and 192-bit level) key management and
cipher suites
* add WMM-AC support (WMM_AC_ADDTS/WMM_AC_DELTS)
* improved BSS Transition Management processing
* add support for neighbor report
* add support for link measurement
* fixed expiration of BSS entry with all-zeros BSSID
* add optional LAST_ID=x argument to LIST_NETWORK to allow all
configured networks to be listed even with huge number of network
profiles
* add support for EAP Re-Authentication Protocol (ERP)
* fixed EAP-IKEv2 fragmentation reassembly
* improved PKCS#11 configuration for OpenSSL
* set stdout to be line-buffered
* add TDLS channel switch configuration
* add support for MAC address randomization in scans with nl80211
* enable HT for IBSS if supported by the driver
* add BSSID black and white lists (bssid_blacklist, bssid_whitelist)
* add support for domain_suffix_match with GnuTLS
* add OCSP stapling client support with GnuTLS
* include peer certificate in EAP events even without a separate probe
operation; old behavior can be restored with cert_in_cb=0
* add peer ceritficate alt subject name to EAP events
(CTRL-EVENT-EAP-PEER-ALT)
* add domain_match network profile parameter (similar to
domain_suffix_match, but full match is required)
* enable AP/GO mode HT Tx STBC automatically based on driver support
* add ANQP-QUERY-DONE event to provide information on ANQP parsing
status
* allow passive scanning to be forced with passive_scan=1
* add a workaround for Linux packet socket behavior when interface is in
bridge
* increase 5 GHz band preference in BSS selection (estimate SNR, if info
not available from driver; estimate maximum throughput based on common
HT/VHT/specific TX rate support)
* add INTERWORKING_ADD_NETWORK ctrl_iface command; this can be used to
implement Interworking network selection behavior in upper layers
software components
* add optional reassoc_same_bss_optim=1 (disabled by default)
optimization to avoid unnecessary Authentication frame exchange
* extend TDLS frame padding workaround to cover all packets
* allow wpa_supplicant to recover nl80211 functionality if the cfg80211
module gets removed and reloaded without restarting wpa_supplicant
* allow hostapd DFS implementation to be used in wpa_supplicant AP mode

Import wpa_supplicant and hostapd

branches: 1.1.1.3.4;
import v2_0:

2013-01-12 - v2.0
* removed Qt3-based wpa_gui (obsoleted by wpa_qui-qt4)
* removed unmaintained driver wrappers broadcom, iphone, osx, ralink,
hostap, madwifi (hostap and madwifi remain available for hostapd;
their wpa_supplicant functionality is obsoleted by wext)
* improved debug logging (human readable event names, interface name
included in more entries)
* changed AP mode behavior to enable WPS only for open and
WPA/WPA2-Personal configuration
* improved P2P concurrency operations
- better coordination of concurrent scan and P2P search operations
- avoid concurrent remain-on-channel operation requests by canceling
previous operations prior to starting a new one
- reject operations that would require multi-channel concurrency if
the driver does not support it
- add parameter to select whether STA or P2P connection is preferred
if the driver cannot support both at the same time
- allow driver to indicate channel changes
- added optional delay=<search delay in milliseconds> parameter for
p2p_find to avoid taking all radio resources
- use 500 ms p2p_find search delay by default during concurrent
operations
- allow all channels in GO Negotiation if the driver supports
multi-channel concurrency
* added number of small changes to make it easier for static analyzers
to understand the implementation
* fixed number of small bugs (see git logs for more details)
* nl80211: number of updates to use new cfg80211/nl80211 functionality
- replace monitor interface with nl80211 commands for AP mode
- additional information for driver-based AP SME
- STA entry authorization in RSN IBSS
* EAP-pwd:
- fixed KDF for group 21 and zero-padding
- added support for fragmentation
- increased maximum number of hunting-and-pecking iterations
* avoid excessive Probe Response retries for broadcast Probe Request
frames (only with drivers using wpa_supplicant AP mode SME/MLME)
* added "GET country" ctrl_iface command
* do not save an invalid network block in wpa_supplicant.conf to avoid
problems reading the file on next start
* send STA connected/disconnected ctrl_iface events to both the P2P
group and parent interfaces
* added preliminary support for using TLS v1.2 (CONFIG_TLSV12=y)
* added "SET pno <1/0>" ctrl_iface command to start/stop preferred
network offload with sched_scan driver command
* merged in number of changes from Android repository for P2P, nl80211,
and build parameters
* changed P2P GO mode configuration to use driver capabilities to
automatically enable HT operations when supported
* added "wpa_cli status wps" command to fetch WPA2-Personal passhrase
for WPS use cases in AP mode
* EAP-AKA: keep pseudonym identity across EAP exchanges to match EAP-SIM
behavior
* improved reassociation behavior in cases where association is rejected
or when an AP disconnects us to handle common load balancing
mechanisms
- try to avoid extra scans when the needed information is available
* added optional "join" argument for p2p_prov_disc ctrl_iface command
* added group ifname to P2P-PROV-DISC-* events
* added P2P Device Address to AP-STA-DISCONNECTED event and use
p2p_dev_addr parameter name with AP-STA-CONNECTED
* added workarounds for WPS PBC overlap detection for some P2P use cases
where deployed stations work incorrectly
* optimize WPS connection speed by disconnecting prior to WPS scan and
by using single channel scans when AP channel is known
* PCSC and SIM/USIM improvements:
- accept 0x67 (Wrong length) as a response to READ RECORD to fix
issues with some USIM cards
- try to read MNC length from SIM/USIM
- build realm according to 3GPP TS 23.003 with identity from the SIM
- allow T1 protocol to be enabled
* added more WPS and P2P information available through D-Bus
* improve P2P negotiation robustness
- extra waits to get ACK frames through
- longer timeouts for cases where deployed devices have been
identified have issues meeting the specification requirements
- more retries for some P2P frames
- handle race conditions in GO Negotiation start by both devices
- ignore unexpected GO Negotiation Response frame
* added support for libnl 3.2 and newer
* added P2P persistent group info to P2P_PEER data
* maintain a list of P2P Clients for persistent group on GO
* AP: increased initial group key handshake retransmit timeout to 500 ms
* added optional dev_id parameter for p2p_find
* added P2P-FIND-STOPPED ctrl_iface event
* fixed issues in WPA/RSN element validation when roaming with ap_scan=1
and driver-based BSS selection
* do not expire P2P peer entries while connected with the peer in a
group
* fixed WSC element inclusion in cases where P2P is disabled
* AP: added a WPS workaround for mixed mode AP Settings with Windows 7
* EAP-SIM: fixed AT_COUNTER_TOO_SMALL use
* EAP-SIM/AKA: append realm to pseudonym identity
* EAP-SIM/AKA: store pseudonym identity in network configuration to
allow it to persist over multiple EAP sessions and wpa_supplicant
restarts
* EAP-AKA': updated to RFC 5448 (username prefixes changed); note: this
breaks interoperability with older versions
* added support for WFA Hotspot 2.0
- GAS/ANQP to fetch network information
- credential configuration and automatic network selections based on
credential match with ANQP information
* limited PMKSA cache entries to be used only with the network context
that was used to create them
* improved PMKSA cache expiration to avoid unnecessary disconnections
* adjusted bgscan_simple fast-scan backoff to avoid too frequent
background scans
* removed ctrl_iface event on P2P PD Response in join-group case
* added option to fetch BSS table entry based on P2P Device Address
("BSS p2p_dev_addr=<P2P Device Address>")
* added BSS entry age to ctrl_iface BSS command output
* added optional MASK=0xH option for ctrl_iface BSS command to select
which fields are included in the response
* added optional RANGE=ALL|N1-N2 option for ctrl_iface BSS command to
fetch information about several BSSes in one call
* simplified licensing terms by selecting the BSD license as the only
alternative
* added "P2P_SET disallow_freq <freq list>" ctrl_iface command to
disable channels from P2P use
* added p2p_pref_chan configuration parameter to allow preferred P2P
channels to be specified
* added support for advertising immediate availability of a WPS
credential for P2P use cases
* optimized scan operations for P2P use cases (use single channel scan
for a specific SSID when possible)
* EAP-TTLS: fixed peer challenge generation for MSCHAPv2
* SME: do not use reassociation after explicit disconnection request
(local or a notification from an AP)
* added support for sending debug info to Linux tracing (-T on command
line)
* added support for using Deauthentication reason code 3 as an
indication of P2P group termination
* added wps_vendor_ext_m1 configuration parameter to allow vendor
specific attributes to be added to WPS M1
* started using separate TLS library context for tunneled TLS
(EAP-PEAP/TLS, EAP-TTLS/TLS, EAP-FAST/TLS) to support different CA
certificate configuration between Phase 1 and Phase 2
* added optional "auto" parameter for p2p_connect to request automatic
GO Negotiation vs. join-a-group selection
* added disabled_scan_offload parameter to disable automatic scan
offloading (sched_scan)
* added optional persistent=<network id> parameter for p2p_connect to
allow forcing of a specific SSID/passphrase for GO Negotiation
* added support for OBSS scan requests and 20/40 BSS coexistence reports
* reject PD Request for unknown group
* removed scripts and notes related to Windows binary releases (which
have not been used starting from 1.x)
* added initial support for WNM operations
- Keep-alive based on BSS max idle period
- WNM-Sleep Mode
- minimal BSS Transition Management processing
* added autoscan module to control scanning behavior while not connected
- autoscan_periodic and autoscan_exponential modules
* added new WPS NFC ctrl_iface mechanism
- added initial support NFC connection handover
- removed obsoleted WPS_OOB command (including support for deprecated
UFD config_method)
* added optional framework for external password storage ("ext:<name>")
* wpa_cli: added optional support for controlling wpa_supplicant
remotely over UDP (CONFIG_CTRL_IFACE=udp-remote) for testing purposes
* wpa_cli: extended tab completion to more commands
* changed SSID output to use printf-escaped strings instead of masking
of non-ASCII characters
- SSID can now be configured in the same format: ssid=P"abc\x00test"
* removed default ACM=1 from AC_VO and AC_VI
* added optional "ht40" argument for P2P ctrl_iface commands to allow
40 MHz channels to be requested on the 5 GHz band
* added optional parameters for p2p_invite command to specify channel
when reinvoking a persistent group as the GO
* improved FIPS mode builds with OpenSSL
- "make fips" with CONFIG_FIPS=y to build wpa_supplicant with the
OpenSSL FIPS object module
- replace low level OpenSSL AES API calls to use EVP
- use OpenSSL keying material exporter when possible
- do not export TLS keys in FIPS mode
- remove MD5 from CONFIG_FIPS=y builds
- use OpenSSL function for PKBDF2 passphrase-to-PSK
- use OpenSSL HMAC implementation
- mix RAND_bytes() output into random_get_bytes() to force OpenSSL
DRBG to be used in FIPS mode
- use OpenSSL CMAC implementation
* added mechanism to disable TLS Session Ticket extension
- a workaround for servers that do not support TLS extensions that
was enabled by default in recent OpenSSL versions
- tls_disable_session_ticket=1
- automatically disable TLS Session Ticket extension by default when
using EAP-TLS/PEAP/TTLS (i.e., only use it with EAP-FAST)
* changed VENDOR-TEST EAP method to use proper private enterprise number
(this will not interoperate with older versions)
* disable network block temporarily on authentication failures
* improved WPS AP selection during WPS PIN iteration
* added support for configuring GCMP cipher for IEEE 802.11ad
* added support for Wi-Fi Display extensions
- WFD_SUBELEMENT_SET ctrl_iface command to configure WFD subelements
- SET wifi_display <0/1> to disable/enable WFD support
- WFD service discovery
- an external program is needed to manage the audio/video streaming
and codecs
* optimized scan result use for network selection
- use the internal BSS table instead of raw scan results
- allow unnecessary scans to be skipped if fresh information is
available (e.g., after GAS/ANQP round for Interworking)
* added support for 256-bit AES with internal TLS implementation
* allow peer to propose channel in P2P invitation process for a
persistent group
* added disallow_aps parameter to allow BSSIDs/SSIDs to be disallowed
from network selection
* re-enable the networks disabled during WPS operations
* allow P2P functionality to be disabled per interface (p2p_disabled=1)
* added secondary device types into P2P_PEER output
* added an option to disable use of a separate P2P group interface
(p2p_no_group_iface=1)
* fixed P2P Bonjour SD to match entries with both compressed and not
compressed domain name format and support multiple Bonjour PTR matches
for the same key
* use deauthentication instead of disassociation for all disconnection
operations; this removes the now unused disassociate() wpa_driver_ops
callback
* optimized PSK generation on P2P GO by caching results to avoid
multiple PBKDF2 operations
* added okc=1 global configuration parameter to allow OKC to be enabled
by default for all network blocks
* added a workaround for WPS PBC session overlap detection to avoid
interop issues with deployed station implementations that do not
remove active PBC indication from Probe Request frames properly
* added basic support for 60 GHz band
* extend EAPOL frames processing workaround for roaming cases
(postpone processing of unexpected EAPOL frame until association
event to handle reordered events)

from hostap.epitest.fi

branches: 1.1.1.1.6; 1.1.1.1.12;
Import wpa_supplicant and hostapd