1 ChangeLog for wpa_supplicant
4 * modified the EAP workaround that accepts EAP-Success with incorrect
5 Identifier to be even less strict about verification in order to
6 interoperate with some authentication servers
7 * fixed RSN IE in 4-Way Handshake message 2/4 for the case where
8 Authenticator rejects PMKSA caching attempt and the driver is not
9 using assoc_info events
10 * fixed a possible double free in EAP-TTLS fast-reauthentication when
11 identity or password is entered through control interface
12 * added -P<pid file> argument for wpa_supplicant to write the current
13 process id into a file
14 * driver_madwifi: fixed association in plaintext mode
15 * driver_madwifi: added preliminary support for compiling against 'BSD'
16 branch of madwifi CVS tree
17 * added EAP workaround for PEAPv1 session resumption: allow outer,
18 i.e., not tunneled, EAP-Success to terminate session since; this can
19 be disabled with eap_workaround=0
20 * driver_ipw: updated driver structures to match with ipw2200-1.0.4
21 (note: ipw2100-1.1.0 is likely to require an update to work with
23 * driver_broadcom: fixed couple of memory leaks in scan result
27 * fixed EAPOL-Key validation to drop packets with invalid Key Data
28 Length; such frames could have crashed wpa_supplicant due to buffer
31 2005-02-12 - v0.3.7 (beginning of 0.3.x stable releases)
32 * added new phase1 option parameter, include_tls_length=1, to force
33 wpa_supplicant to add TLS Message Length field to all TLS messages
34 even if the packet is not fragmented; this may be needed with some
35 authentication servers
36 * fixed WPA/RSN IE verification in message 3 of 4-Way Handshake when
37 using drivers that take care of AP selection (e.g., when using
39 * fixed reprocessing of pending request after ctrl_iface requests for
41 * fixed ctrl_iface requests for identity/password/otp in Phase 2 of
43 * all drivers using driver_wext: set interface up and select Managed
44 mode when starting wpa_supplicant; set interface down when exiting
45 * renamed driver_ipw2100.c to driver_ipw.c since it now supports both
46 ipw2100 and ipw2200; please note that this also changed the
47 configuration variable in .config to CONFIG_DRIVER_IPW
50 * fixed a busy loop introduced in v0.3.5 for scan result processing
51 when no matching AP is found
54 * added a workaround for an interoperability issue with a Cisco AP
56 * fixed non-WPA IEEE 802.1X to use the same authentication timeout as
57 WPA with IEEE 802.1X (i.e., timeout 10 -> 70 sec to allow
58 retransmission of dropped frames)
59 * fixed issues with 64-bit CPUs and SHA1 cleanup in previous version
60 (e.g., segfault when processing EAPOL-Key frames)
61 * fixed EAP workaround and fast reauthentication configuration for
62 RSN pre-authentication; previously these were disabled and
63 pre-authentication would fail if the used authentication server
64 requires EAP workarounds
65 * added support for blacklisting APs that fail or timeout
66 authentication in ap_scan=1 mode so that all APs are tried in cases
67 where the ones with strongest signal level are failing authentication
68 * fixed CA certificate loading after a failed EAP-TLS/PEAP/TTLS
69 authentication attempt
70 * allow EAP-PEAP/TTLS fast reauthentication only if Phase 2 succeeded
71 in the previous authentication (previously, only Phase 1 success was
75 * added preliminary support for IBSS (ad-hoc) mode configuration
76 (mode=1 in network block); this included a new key_mgmt mode
77 WPA-NONE, i.e., TKIP or CCMP with a fixed key (based on psk) and no
78 key management; see wpa_supplicant.conf for more details and an
79 example on how to configure this (note: this is currently implemented
80 only for driver_hostapd.c, but the changes should be trivial to add
81 in associate() handler for other drivers, too (assuming the driver
83 * added preliminary port for native Windows (i.e., no cygwin) using
87 * added optional support for GNU Readline and History Libraries for
88 wpa_cli (CONFIG_READLINE)
89 * cleaned up EAP state machine <-> method interface and number of
90 small problems with error case processing not terminating on
91 EAP-Failure but waiting for timeout
92 * added couple of workarounds for interoperability issues with a
93 Cisco AP when using WPA2
94 * added support for EAP-FAST (draft-cam-winget-eap-fast-00.txt);
95 Note: This requires a patch for openssl to add support for TLS
96 extensions and number of workarounds for operations without
97 certificates. Proof of concept type of experimental patch is
98 included in openssl-tls-extensions.patch.
101 * fixed private key loading for cases where passphrase is not set
102 * fixed Windows/cygwin L2 packet handler freeing; previous version
103 could cause a segfault when RSN pre-authentication was completed
104 * added support for PMKSA caching with drivers that generate RSN IEs
105 (e.g., NDIS); currently, this is only implemented in driver_ndis.c,
106 but similar code can be easily added to driver_ndiswrapper.c once
107 ndiswrapper gets full support for RSN PMKSA caching
108 * improved recovery from PMKID mismatches by requesting full EAP
109 authentication in case of failed PMKSA caching attempt
110 * driver_ndis: added support for NDIS NdisMIncidateStatus() events
111 (this requires that ndis_events is ran while wpa_supplicant is
113 * driver_ndis: use ADD_WEP/REMOVE_WEP when configuring WEP keys
114 * added support for driver interfaces to replace the interface name
115 based on driver/OS specific mapping, e.g., in case of driver_ndis,
116 this allows the beginning of the adapter description to be used as
118 * added support for CR+LF (Windows-style) line ends in configuration
120 * driver_ndis: enable radio before starting scanning, disable radio
122 * modified association event handler to set portEnabled = FALSE before
123 clearing port Valid in order to reset EAP state machine and avoid
124 problems with new authentication getting ignored because of state
125 machines ending up in AUTHENTICATED/SUCCESS state based on old
127 * added support for driver events to add PMKID candidates in order to
128 allow drivers to give priority to most likely roaming candidates
129 * driver_hostap: moved PrivacyInvoked configuration to associate()
130 function so that this will not be set for plaintext connections
131 * added KEY_MGMT_802_1X_NO_WPA as a new key_mgmt type so that driver
132 interface can distinguish plaintext and IEEE 802.1X (no WPA)
134 * fixed static WEP key configuration to use broadcast/default type for
135 all keys (previously, the default TX key was configured as pairwise/
137 * driver_ndis: added legacy WPA capability detection for non-WPA2
139 * added support for setting static WEP keys for IEEE 802.1X without
140 dynamic WEP keying (eapol_flags=0)
143 * added support for reading PKCS#12 (PFX) files (as a replacement for
144 PEM/DER) to get certificate and private key (CONFIG_PKCS12)
145 * fixed compilation with CONFIG_PCSC=y
146 * added new ap_scan mode, ap_scan=2, for drivers that take care of
147 association, but need to be configured with security policy and SSID,
148 e.g., ndiswrapper and NDIS driver; this mode should allow such
149 drivers to work with hidden SSIDs and optimized roaming; when
150 ap_scan=2 is used, only the first network block in the configuration
151 file is used and this configuration should have explicit security
152 policy (i.e., only one option in the lists) for key_mgmt, pairwise,
153 group, proto variables
154 * added experimental port of wpa_supplicant for Windows
155 - driver_ndis.c driver interface (NDIS OIDs)
156 - currently, this requires cygwin and WinPcap
157 - small utility, win_if_list, can be used to get interface name
158 * control interface can now be removed at build time; add
159 CONFIG_CTRL_IFACE=y to .config to maintain old functionality
160 * optional Xsupplicant interface can now be removed at build time;
161 (CONFIG_XSUPPLICANT_IFACE=y in .config to bring it back)
162 * added auth_alg to driver interface associate() parameters to make it
163 easier for drivers to configure authentication algorithm as part of
166 2004-12-05 - v0.3.0 (beginning of 0.3.x development releases)
167 * driver_broadcom: added new driver interface for Broadcom wl.o driver
168 (a generic driver for Broadcom IEEE 802.11a/g cards)
169 * wpa_cli: fixed parsing of -p <path> command line argument
170 * PEAPv1: fixed tunneled EAP-Success reply handling to reply with TLS
171 ACK, not tunneled EAP-Success (of which only the first byte was
172 actually send due to a bug in previous code); this seems to
173 interoperate with most RADIUS servers that implements PEAPv1
174 * PEAPv1: added support for terminating PEAP authentication on tunneled
175 EAP-Success message; this can be configured by adding
176 peap_outer_success=0 on phase1 parameters in wpa_supplicant.conf
177 (some RADIUS servers require this whereas others require a tunneled
179 * PEAPv1: changed phase1 option peaplabel to use default to 0, i.e., to
180 the old label for key derivation; previously, the default was 1,
181 but it looks like most existing PEAPv1 implementations use the old
182 label which is thus more suitable default option
183 * added support for EAP-PSK (draft-bersani-eap-psk-03.txt)
184 * fixed parsing of wep_tx_keyidx
185 * added support for configuring list of allowed Phase 2 EAP types
186 (for both EAP-PEAP and EAP-TTLS) instead of only one type
187 * added support for configuring IEEE 802.11 authentication algorithm
188 (auth_alg; mainly for using Shared Key authentication with static
190 * added support for EAP-AKA (with UMTS SIM)
191 * fixed couple of errors in PCSC handling that could have caused
192 random-looking errors for EAP-SIM
193 * added support for EAP-SIM pseudonyms and fast re-authentication
194 * added support for EAP-TLS/PEAP/TTLS fast re-authentication (TLS
196 * added support for EAP-SIM with two challanges
197 (phase1="sim_min_num_chal=3" can be used to require three challenges)
198 * added support for configuring DH/DSA parameters for an ephemeral DH
199 key exchange (EAP-TLS/PEAP/TTLS) using new configuration parameters
200 dh_file and dh_file2 (phase 2); this adds support for using DSA keys
201 and optional DH key exchange to achieve forward secracy with RSA keys
202 * added support for matching subject of the authentication server
203 certificate with a substring when using EAP-TLS/PEAP/TTLS; new
204 configuration variables subject_match and subject_match2
205 * changed SSID configuration in driver_wext.c (used by many driver
206 interfaces) to use ssid_len+1 as the length for SSID since some Linux
208 * fixed couple of unaligned reads in scan result parsing to fix WPA
209 connection on some platforms (e.g., ARM)
210 * added driver interface for Intel ipw2100 driver
211 * added support for LEAP with WPA
212 * added support for larger scan results report (old limit was 4 kB of
213 data, i.e., about 35 or so APs) when using Linux wireless extensions
215 * fixed a bug in PMKSA cache processing: skip sending of EAPOL-Start
216 only if there is a PMKSA cache entry for the current AP
217 * fixed error handling for case where reading of scan results fails:
218 must schedule a new scan or wpa_supplicant will remain waiting
220 * changed debug output to remove shared password/key material by
221 default; all key information can be included with -K command line
222 argument to match the previous behavior
223 * added support for timestamping debug log messages (disabled by
224 default, can be enabled with -t command line argument)
225 * set pairwise/group cipher suite for non-WPA IEEE 802.1X to WEP-104
226 if keys are not configured to be used; this fixes IEEE 802.1X mode
227 with drivers that use this information to configure whether Privacy
228 bit can be in Beacon frames (e.g., ndiswrapper)
229 * avoid clearing driver keys if no keys have been configured since last
230 key clear request; this seems to improve reliability of group key
231 handshake for ndiswrapper & NDIS driver which seems to be suffering
232 of some kind of timing issue when the keys are cleared again after
234 * changed driver interface API:
235 - WPA_SUPPLICANT_DRIVER_VERSION define can be used to determine which
236 version is being used (now, this is set to 2; previously, it was
238 - pass pointer to private data structure to all calls
239 - the new API is not backwards compatible; all in-tree driver
240 interfaces has been converted to the new API
241 * added support for controlling multiple interfaces (radios) per
242 wpa_supplicant process; each interface needs to be listed on the
243 command line (-c, -i, -D arguments) with -N as a separator
244 (-cwpa1.conf -iwlan0 -Dhostap -N -cwpa2.conf -iath0 -Dmadwifi)
245 * added a workaround for EAP servers that incorrectly use same Id for
246 sequential EAP packets
247 * changed libpcap/libdnet configuration to use .config variable,
248 CONFIG_DNET_PCAP, instead of requiring Makefile modification
249 * improved downgrade attack detection in IE verification of msg 3/4:
250 verify both WPA and RSN IEs, if present, not only the selected one;
251 reject the AP if an RSN IE is found in msg 3/4, but not in Beacon or
252 Probe Response frame, and RSN is enabled in wpa_supplicant
254 * fixed WPA msg 3/4 processing to allow Key Data field contain other
255 IEs than just one WPA IE
256 * added support for FreeBSD and driver interface for the BSD net80211
257 layer (CONFIG_DRIVER_BSD=y in .config); please note that some of the
258 required kernel mods have not yet been committed
259 * made EAP workarounds configurable; enabled by default, can be
260 disabled with network block option eap_workaround=0
262 2004-07-17 - v0.2.4 (beginning of 0.2.x stable releases)
263 * resolved couple of interoperability issues with EAP-PEAPv1 and
264 Phase 2 (inner EAP) fragment reassembly
265 * driver_madwifi: fixed WEP key configuration for IEEE 802.1X when the
266 AP is using non-zero key index for the unicast key and key index zero
267 for the broadcast key
268 * driver_hostap: fixed IEEE 802.1X WEP key updates and
269 re-authentication by allowing unencrypted EAPOL frames when not using
271 * added a new driver interface, 'wext', which uses only standard,
272 driver independent functionality in Linux wireless extensions;
273 currently, this can be used only for non-WPA IEEE 802.1X mode, but
274 eventually, this is to be extended to support full WPA/WPA2 once
275 Linux wireless extensions get support for this
276 * added support for mode in which the driver is responsible for AP
277 scanning and selection; this is disabled by default and can be
278 enabled with global ap_scan=0 variable in wpa_supplicant.conf;
279 this mode can be used, e.g., with generic 'wext' driver interface to
280 use wpa_supplicant as IEEE 802.1X Supplicant with any Linux driver
281 supporting wireless extensions.
282 * driver_madwifi: fixed WPA2 configuration and scan_ssid=1 (e.g.,
283 operation with an AP that does not include SSID in the Beacon frames)
284 * added support for new EAP authentication methods:
285 EAP-TTLS/EAP-OTP, EAP-PEAPv0/OTP, EAP-PEAPv1/OTP, EAP-OTP
286 * added support for asking one-time-passwords from frontends (e.g.,
287 wpa_cli); this 'otp' command works otherwise like 'password' command,
288 but the password is used only once and the frontend will be asked for
289 a new password whenever a request from authenticator requires a
290 password; this can be used with both EAP-OTP and EAP-GTC
291 * changed wpa_cli to automatically re-establish connection so that it
292 does not need to be re-started when wpa_supplicant is terminated and
294 * improved user data (identity/password/otp) requests through
295 frontends: process pending EAPOL packets after getting new
296 information so that full authentication does not need to be
297 restarted; in addition, send pending requests again whenever a new
299 * changed control frontends to use a new directory for socket files to
300 make it easier for wpa_cli to automatically select between interfaces
301 and to provide access control for the control interface;
302 wpa_supplicant.conf: ctrl_interface is now a path
303 (/var/run/wpa_supplicant is the recommended path) and
304 ctrl_interface_group can be used to select which group gets access to
305 the control interface;
306 wpa_cli: by default, try to connect to the first interface available
307 in /var/run/wpa_supplicant; this path can be overriden with -p option
308 and an interface can be selected with -i option (i.e., in most common
309 cases, wpa_cli does not need to get any arguments)
310 * added support for LEAP
311 * added driver interface for Linux ndiswrapper
312 * added priority option for network blocks in the configuration file;
313 this allows networks to be grouped based on priority (the scan
314 results are searched for matches with network blocks in this order)
317 * sort scan results to improve AP selection
318 * fixed control interface socket removal for some error cases
319 * improved scan requesting and authentication timeout
320 * small improvements/bug fixes for EAP-MSCHAPv2, EAP-PEAP, and
322 * PEAP version can now be forced with phase1="peapver=<ver>"
323 (mostly for testing; by default, the highest version supported by
324 both the Supplicant and Authentication Server is selected
326 * added support for madwifi driver (Atheros ar521x)
327 * added a workaround for cases where AP sets Install Tx/Rx bit for
328 WPA Group Key messages when pairwise keys are used (without this,
329 the Group Key would be used for Tx and the AP would drop frames
331 * added GSM SIM/USIM interface for GSM authentication algorithm for
332 EAP-SIM; this requires pcsc-lite
333 * added support for ATMEL AT76C5XXx driver
334 * fixed IEEE 802.1X WEP key derivation in the case where Authenticator
335 does not include key data in the EAPOL-Key frame (i.e., part of
336 EAP keying material is used as data encryption key)
337 * added support for using plaintext and static WEP networks
341 * added support for new EAP authentication methods:
342 EAP-TTLS/EAP-MD5-Challenge
344 EAP-TTLS/EAP-MSCHAPv2
352 EAP-PEAP/MD5-Challenge
354 EAP-SIM (not yet complete; needs GSM/SIM authentication interface)
355 * added support for anonymous identity (to be used when identity is
356 sent in plaintext; real identity will be used within TLS protected
357 tunnel (e.g., with EAP-TTLS)
358 * added event messages from wpa_supplicant to frontends, e.g., wpa_cli
359 * added support for requesting identity and password information using
360 control interface; in other words, the password for EAP-PEAP or
361 EAP-TTLS does not need to be included in the configuration file since
362 a frontand (e.g., wpa_cli) can ask it from the user
363 * improved RSN pre-authentication to use a candidate list and process
364 all candidates from each scan; not only one per scan
365 * fixed RSN IE and WPA IE capabilities field parsing
366 * ignore Tx bit in GTK IE when Pairwise keys are used
367 * avoid making new scan requests during IEEE 802.1X negotiation
368 * use openssl/libcrypto for MD5 and SHA-1 when compiling wpa_supplicant
369 with TLS support (this replaces the included implementation with
370 library code to save about 8 kB since the library code is needed
372 * fixed WPA-PSK only mode when compiled without IEEE 802.1X support
373 (i.e., without CONFIG_IEEE8021X_EAPOL=y in .config)
376 * added support for internal IEEE 802.1X (actually, IEEE 802.1aa/D6.1)
378 - EAPOL state machines for Supplicant [IEEE 802.1aa/D6.1]
379 - EAP peer state machine [draft-ietf-eap-statemachine-02.pdf]
380 - EAP-MD5 (cannot be used with WPA-RADIUS)
381 [draft-ietf-eap-rfc2284bis-09.txt]
383 - EAP-MSCHAPv2 (currently used only with EAP-PEAP)
384 - EAP-PEAP/MSCHAPv2 [draft-josefsson-pppext-eap-tls-eap-07.txt]
385 [draft-kamath-pppext-eap-mschapv2-00.txt]
386 (PEAP version 0, 1, and parts of 2; only 0 and 1 are enabled by
387 default; tested with FreeRADIUS, Microsoft IAS, and Funk Odyssey)
388 - new configuration file options: eap, identity, password, ca_cert,
389 client_cert, privatekey, private_key_passwd
390 - Xsupplicant is not required anymore, but it can be used by
391 disabling the internal IEEE 802.1X Supplicant with -e command line
393 - this code is not included in the default build; Makefile need to
394 be edited for this (uncomment lines for selected functionality)
395 - EAP-TLS and EAP-PEAP require openssl libraries
396 * use module prefix in debug messages (WPA, EAP, EAP-TLS, ..)
397 * added support for non-WPA IEEE 802.1X mode with dynamic WEP keys
398 (i.e., complete IEEE 802.1X/EAP authentication and use IEEE 802.1X
399 EAPOL-Key frames instead of WPA key handshakes)
400 * added support for IEEE 802.11i/RSN (WPA2)
401 - improved PTK Key Handshake
402 - PMKSA caching, pre-authentication
403 * fixed wpa_supplicant to ignore possible extra data after WPA
404 EAPOL-Key packets (this fixes 'Invalid EAPOL-Key MIC when using
405 TPTK' error from message 3 of 4-Way Handshake in case the AP
406 includes extra data after the EAPOL-Key)
407 * added interface for external programs (frontends) to control
409 - CLI example (wpa_cli) with interactive mode and command line
411 - replaced SIGUSR1 status/statistics with the new control interface
412 * made some feature compile time configurable
413 - .config file for make
414 - driver interfaces (hostap, hermes, ..)
415 - EAPOL/EAP functions
418 * Initial version of wpa_supplicant