Lines Matching refs:in
21 - discard unencrypted EAPOL frames in additional cases
22 - use Secure=1 in message 2 during PTK rekeying
33 - this is based on additional details being added in the IEEE 802.11
45 * add support for explicit SSID protection in 4-way handshake
48 - in addition, verify SSID after key setup when beacon protection is
59 get enabled by default in the future
71 * fixed PMF disconnection protection bypass in AP mode
76 * fixed various issues in experimental support for EAP-TEAP peer
103 to other compiled in options
119 * fixed a regression in OpenSSL 1.1+ engine loading
120 * added validation of RSNE in (Re)Association Response frames
130 * fixed a regression in WMM parameter configuration for a TDLS peer
131 * fixed a regression in operation with drivers that offload 802.1X
149 in REVmd (allow only FFC groups with prime >= 3072 bits and ECC
151 - minimize timing and memory use differences in PWE derivation
154 - minimize timing and memory use differences in PWE derivation
161 - fix a memory leak in PWE derivation
179 * fixed dNSName matching in domain_match and domain_suffix_match when
190 * fixed a regression in FT-over-DS with mac80211-based drivers
210 * fixed unauthenticated EAPOL-Key decryption in wpa_supplicant
221 * fixed a regression in TDLS prohibited bit validation
240 * fixed a regression in RSN pre-authentication candidate selection
263 - added support for OSEN connection in a shared RSN BSS
270 BIP-GMAC-256 in addition to previously supported BIP-CMAC-128
271 - fixed additional IE inclusion in Reassociation Request frame when
286 * fixed TK configuration to the driver in EAPOL-Key 3/4 retry case
296 - fix peer link counting in reconnect case
303 - allow pairwise/group cipher to be configured in the network profile
313 without internal support in wpa_supplicant for the specific element
314 (anqp[265]=<hexdump> in "BSS <BSSID>" command output)
316 - filter control characters in group client device names to be
319 - indicate group completion in P2P Client role after data association
344 configuration by not trying to connect in some corner cases where the
356 * fixed SIGNAL_POLL in IBSS and mesh cases
378 (tls_ext_cert_check=1 in the network profile phase1 parameter)
384 * added command for retrieving HS 2.0 icons with in-memory storage
389 ("Invalid Compound_MAC in cryptobinding TLV")
406 * added POLL_STA command to check connectivity in AP mode
437 * modified Extended Capabilities element use in Probe Request frames to
441 * added support for hashed password (NtHash) in EAP-pwd peer
448 channels 161 and 169 to be used if they are enabled in the current
466 * fixed SAE group selection in an error case
488 - add passive channels in invitation response from P2P Client
490 - fix regresssion in disallow_freq preventing search on social
492 - fix regressions in P2P SD query processing
494 in invitation
506 * fixed regression in ap_scan=2 special case for WPS
529 * add support for MAC address randomization in scans with nl80211
534 * include peer certificate in EAP events even without a separate probe
544 * add a workaround for Linux packet socket behavior when interface is in
546 * increase 5 GHz band preference in BSS selection (estimate SNR, if info
550 implement Interworking network selection behavior in upper layers
557 * allow hostapd DFS implementation to be used in wpa_supplicant AP mode
560 * fixed number of minor issues identified in static analyzer warnings
579 * fixed IBSS channel configuration in some corner cases
586 keeping private data in memory longer than necessary
590 * added option to set Hotspot 2.0 Rel 2 update_identifier in network
596 * added fields to show unrecognized vendor elements in P2P_PEER
607 * fixed number of small P2P issues to make negotiations more robust in
665 - prefer the last added network in Interworking connection to make the
672 search (all suitable APs in scan results)
695 * fixed TDLS interoperability issues with supported operating class in
719 * fixed regression in parsing of WNM Sleep Mode exit key data
720 * fixed potential segmentation fault and memory leaks in WNM neighbor
733 * added support for using epoll in eloop (CONFIG_ELOOP_EPOLL=y)
736 could result in the management interface getting disabled)
737 * fixed a memory leak in SAE random number generation
738 * fixed off-by-one bounds checking in printf_encode()
739 - this could result in some control interface ATTACH command cases
791 included in the build
811 * added support for external SIM/USIM processing in EAP-SIM, EAP-AKA,
819 scanned (comma-separated frequency ranges in MHz)
823 included in event messages related to this specific scan operation
840 - allow external programs to request exclusive radio control in a way
859 included in more entries)
871 - added optional delay=<search delay in milliseconds> parameter for
875 - allow all channels in GO Negotiation if the driver supports
883 - STA entry authorization in RSN IBSS
891 * do not save an invalid network block in wpa_supplicant.conf to avoid
898 * merged in number of changes from Android repository for P2P, nl80211,
903 for WPS use cases in AP mode
906 * improved reassociation behavior in cases where association is rejected
930 - handle race conditions in GO Negotiation start by both devices
938 * fixed issues in WPA/RSN element validation when roaming with ap_scan=1
940 * do not expire P2P peer entries while connected with the peer in a
942 * fixed WSC element inclusion in cases where P2P is disabled
946 * EAP-SIM/AKA: store pseudonym identity in network configuration to
960 * removed ctrl_iface event on P2P PD Response in join-group case
965 which fields are included in the response
967 fetch information about several BSSes in one call
1016 - SSID can now be configured in the same format: ssid=P"abc\x00test"
1027 - do not export TLS keys in FIPS mode
1032 DRBG to be used in FIPS mode
1036 was enabled by default in recent OpenSSL versions
1056 * allow peer to propose channel in P2P invitation process for a
1084 * bsd: Add support for setting HT values in IFM_MMASK.
1085 * Delay STA entry removal until Deauth/Disassoc TX status in AP mode.
1087 Disassociation frames when the STA is in power save sleep. Only
1091 likely to hit connection issues in environments with huge number
1122 - Treat '' in SSIDs of Interface.Scan as a request for broadcast
1134 - Add ability to set scan interval (the time in seconds wpa_s waits
1136 network in scan results) using scan_interval command.
1142 used to clear the bssid_set flag in a network block, i.e., to remove
1162 * Add WPA_IGNORE_CONFIG_ERRORS build option to continue in case of bad
1169 be used in a UI to generate a PIN without starting WPS (or P2P)
1181 - New wps_cancel command in wpa_cli will cancel a pending WPS
1190 - Allow AP to start in Enrollee mode without AP PIN for probing, to
1233 * Interworking: Support added for 802.11u. Enable in .config with
1244 * TLS: Add support for tls_disable_time_checks=1 in client mode.
1252 Move HT IEs to be later in (Re)Assoc Resp.
1260 strength are present in scan results
1274 messages to reduce latency in showing these
1275 (CFLAGS += -DCONFIG_WPA_CLI_FORK=y in .config to enable this)
1277 * BSSes to be included in the BSS table can be filtered based on
1286 dynamic changes to background scanning interval based on changes in
1288 ESS quite a bit, e.g., with bgscan="simple:30:-45:300" in the network
1309 * dbus: major design changes in the new D-Bus API
1335 scan_ssid=1 operations in ap_scan=1 mode (i.e., search for hidden
1346 nl80211; SME in wpa_supplicant); this allows over-the-air FT protocol
1352 * added AP mode functionality (CONFIG_AP=y) with mode=2 in the network
1354 (optionally, with WPS); this links in parts of hostapd functionality
1357 (other devices, including APs and stations, etc. in the neighborhood)
1374 (scan_freq option in the network configuration block); this can speed
1376 subset of channels is actually used in the network (this is currently
1388 enroll credentials for a network using PIN and PBC methods; in
1391 into .config and setting the runtime configuration variables in
1392 wpa_supplicant.conf (see WPS section in the example configuration
1399 * fixed PSK editing in wpa_gui
1402 DLLs; in addition, it set up the registry automatically so that user
1410 enable with CONFIG_SIM_SIMULATOR=y/CONFIG_USIM_SIMULATOR=y in .config
1411 and password="Ki:OPc"/password="Ki:OPc:SQN" in network configuration)
1418 CONFIG_DELAYED_MIC_ERROR_REPORT=y in .config
1419 * fixed EAP-AKA to use RES Length field in AT_RES as length in bits,
1428 * added support (Linux only) for RoboSwitch chipsets (often found in
1446 * added support for EAP Sequences in EAP-FAST Phase 2
1456 * added option of using faster, but larger, routines in the internal
1460 handshake to avoid getting stuck in incorrect state [Bug 261]
1483 attributes in EAP-SIM Start/Response when using fast reauthentication
1484 * fixed EAPOL not to end up in infinite loop when processing dynamic
1486 * fixed problems in getting NDIS events from WMI on Windows 2000
1498 AT_CHECKCODE (optional feature in RFC 4187)
1506 e.g., in cases where wpa_supplicant and madwifi driver ended up in
1508 * stop EAPOL timer tick when no timers are in use in order to reduce
1513 non-root process); see 'Privilege separation' in README for details;
1515 in .config
1530 only shared key/password authentication is supported in this version
1534 (16-byte MD4 hash of password) in hash:<32 hex digits> format
1541 internally (WPA_DRIVER_FLAGS_4WAY_HANDSHAKE in get_capa flags and
1542 WPA_ALG_PMK in set_key)
1543 * added an experimental port for Mac OS X (CONFIG_DRIVER_OSX=y in
1546 * fixed a buffer overflow in parsing TSF from scan results when using
1550 * fixed an integer overflow issue in the ASN.1 parser used by the
1567 * fixed EAP-PEAP/TTLS/FAST to use the correct EAP identifier in
1579 store in a PAC list (fast_max_pac_list_len=<max> in phase1 string)
1580 * added support for storing EAP-FAST PACs in binary format
1581 (fast_pac_format=binary in phase1 string)
1597 needed to run two methods in sequence (IF-T) and the IF-IMC and
1603 setting CONFIG_TLS=internal and CONFIG_INTERNAL_LIBTOMMATH=y in
1609 * removed STAKey handshake since PeerKey handshake has replaced it in
1642 * driver_ndis: added validation for IELength value in scan results to
1644 * fixed Release|Win32 target in the Visual Studio project files
1655 - deprecated ctrl_interface_group variable (it may be removed in
1658 in following format: DIR=/var/run/wpa_supplicant GROUP=wheel
1661 * added support for controlling more than one interface per process in
1666 destination for EAPOL-Key frames and in key derivation; now, BSSID is
1669 * added a workaround for UDP-based control interface (which was used in
1681 * fixed selection of the first network in ap_scan=2 mode; previously,
1682 wpa_supplicant could get stuck in SCANNING state when only the first
1684 * winsvc: added support for configuring ctrl_interface parameters in
1685 registry (ctrl_interface string value in
1695 processing) in wpa_supplicant when using Devicescape IEEE 802.11
1715 was used (id_str in wpa_supplicant.conf; included on
1717 variable in wpa_cli action scripts; in addition WPA_ID variable is
1724 if WPA-None (adhoc) is used (pairwise=NONE in that case)
1726 to a missed change in eloop_win.c API in v0.5.3 [Bug 155]
1732 * l2_packet_winpcap: fixed a deadlock in deinitializing l2_packet
1740 OID set/query operations (CONFIG_USE_NDISUIO=y in .config); with new
1757 phase 2 method of EAP-FAST (i.e., EAP-FAST did not work in v0.5.2)
1763 do not generate media connect events in IBSS mode
1765 in Windows registry
1780 of requiring them to be statically linked in; this is disabled by
1781 default (see CONFIG_DYNAMIC_EAP_METHODS in defconfig for information
1787 * fixed EAP phase 2 Nak for EAP-{PEAP,TTLS,FAST} (this was broken in
1791 starting up in ap_scan=1 mode (this can speed up initial association
1800 * fixed a memory leak in EAP-TTLS re-authentication
1808 a directory with sockets that include MAC address for each device in
1813 * wpa_cli/wpa_gui: skip non-socket files in control directory when
1815 interface (e.g., a PID file could be in this directory, even though
1821 used it; some Linux drivers do this and they were causing problems in
1823 would break a case where the SSID actually ends in '\0', but that is
1824 not likely to happen in real use.
1833 direct link setup (DLS); note: this is disabled by default in both
1842 wrapper functions defined in os.h and implemented in os_*.c to make
1866 WaitForMultipleObject() instead of select() in order to allow waiting
1868 CONFIG_ELOOP=eloop_win in .config
1869 * added support for selecting l2_packet implementation in .config
1874 reduce latency in EAPOL receive processing from about 100 ms to about
1904 in order to get rid of bogus "EAP failed" messages
1913 * fixed EAP state machine to not discard EAP-Failure messages in many
1915 * fixed a infinite loop in private key reading if the configured file
1920 * driver_ndis: fixed scan request in ap_scan=2 mode not to change SSID
1921 * driver_ndis: include Beacon IEs in AssocInfo in order to notice if
1927 * allow fallback to WPA, if mixed WPA+WPA2 networks have mismatch in
1929 * added support for named configuration blobs in order to avoid having
1934 * fixed RSN pre-authentication (it was broken in the clean up of WPA
1935 state machine interface in v0.4.5)
1943 this case; in addition, -p argument can be used to provide
1956 * added simple configuration file examples (in examples subdirectory)
1969 PF_PACKET in order to prepare for network devices that do not use
1971 header in the frames)
1983 * driver_wired: add PAE address to the multicast address list in order
1989 in wpa_supplicant.conf)
1992 update_config=1 variable in wpa_supplicant.conf; this allows wpa_cli
1993 and wpa_gui to store the configuration changes in a permanent store
2001 OpenSSL library will need to be patched with the new patch in order
2054 and the network block order in the file is used instead
2055 * fixed a potential issue in RSN pre-authentication ending up using
2063 control interface (wpa_cli/wpa_gui) if one is not included in the
2065 * driver_broadcom: fixed couple of memory leaks in scan result
2072 the key in this case
2088 ioctl order in v0.4.0
2099 * fixed a possible double free in EAP-TTLS fast-reauthentication when
2107 wpa_supplicant in state where it will not associate before
2126 * obsoleted set_wpa() handler in the driver interface API (it can be
2129 but they may be removed in the future)
2130 * driver_madwifi: fixed association in plaintext mode
2132 Identifier to be even less strict about verification in order to
2138 wpa_cli); if a PIN is needed, but not included in the configuration
2142 private key operations in EAP-TLS (CONFIG_SMARTCARD=y in .config);
2151 -B (run in background), -P (write PID file); wpa_supplicant has a new
2153 control interface command is received in order to avoid missing
2157 * fixed RSN IE in 4-Way Handshake message 2/4 for the case where
2168 * fixed WPA/RSN IE verification in message 3 of 4-Way Handshake when
2173 * fixed ctrl_iface requests for identity/password/otp in Phase 2 of
2179 configuration variable in .config to CONFIG_DRIVER_IPW
2182 * fixed a busy loop introduced in v0.3.5 for scan result processing
2191 * fixed issues with 64-bit CPUs and SHA1 cleanup in previous version
2198 authentication in ap_scan=1 mode so that all APs are tried in cases
2203 in the previous authentication (previously, only Phase 1 success was
2208 (mode=1 in network block); this included a new key_mgmt mode
2213 in associate() handler for other drivers, too (assuming the driver
2230 included in openssl-tls-extensions.patch.
2237 (e.g., NDIS); currently, this is only implemented in driver_ndis.c,
2241 authentication in case of failed PMKSA caching attempt
2247 based on driver/OS specific mapping, e.g., in case of driver_ndis,
2250 * added support for CR+LF (Windows-style) line ends in configuration
2255 clearing port Valid in order to reset EAP state machine and avoid
2257 machines ending up in AUTHENTICATED/SUCCESS state based on old
2259 * added support for driver events to add PMKID candidates in order to
2282 ap_scan=2 is used, only the first network block in the configuration
2284 policy (i.e., only one option in the lists) for key_mgmt, pairwise,
2293 (CONFIG_XSUPPLICANT_IFACE=y in .config to bring it back)
2304 actually send due to a bug in previous code); this seems to
2308 peap_outer_success=0 on phase1 parameters in wpa_supplicant.conf
2323 * fixed couple of errors in PCSC handling that could have caused
2337 * changed SSID configuration in driver_wext.c (used by many driver
2340 * fixed couple of unaligned reads in scan result parsing to fix WPA
2347 * fixed a bug in PMKSA cache processing: skip sending of EAPOL-Start
2360 bit can be in Beacon frames (e.g., ndiswrapper)
2371 - the new API is not backwards compatible; all in-tree driver
2381 * improved downgrade attack detection in IE verification of msg 3/4:
2383 reject the AP if an RSN IE is found in msg 3/4, but not in Beacon or
2384 Probe Response frame, and RSN is enabled in wpa_supplicant
2389 layer (CONFIG_DRIVER_BSD=y in .config); please note that some of the
2404 driver independent functionality in Linux wireless extensions;
2408 * added support for mode in which the driver is responsible for AP
2410 enabled with global ap_scan=0 variable in wpa_supplicant.conf;
2415 operation with an AP that does not include SSID in the Beacon frames)
2429 restarted; in addition, send pending requests again whenever a new
2439 in /var/run/wpa_supplicant; this path can be overridden with -p option
2440 and an interface can be selected with -i option (i.e., in most common
2444 * added priority option for network blocks in the configuration file;
2446 results are searched for matches with network blocks in this order)
2466 * fixed IEEE 802.1X WEP key derivation in the case where Authenticator
2467 does not include key data in the EAPOL-Key frame (i.e., part of
2488 sent in plaintext; real identity will be used within TLS protected
2492 control interface; in other words, the password for EAP-PEAP or
2493 EAP-TTLS does not need to be included in the configuration file since
2498 * ignore Tx bit in GTK IE when Pairwise keys are used
2505 (i.e., without CONFIG_IEEE8021X_EAPOL=y in .config)
2525 - this code is not included in the default build; Makefile need to
2528 * use module prefix in debug messages (WPA, EAP, EAP-TLS, ..)
2537 TPTK' error from message 3 of 4-Way Handshake in case the AP