changelog

WLAN无线网络管理的最新程序

ChangeLog for wpa_supplicant

2008-02-19 - v0.5.10
	* added support for Makefile builds to include debug-log-to-a-file
	  functionality (CONFIG_DEBUG_FILE=y and -f<path> on command line)
	* added network configuration parameter 'frequency' for setting
	  initial channel for IBSS (adhoc) networks
	* fixed EAP-SIM and EAP-AKA message parser to validate attribute
	  lengths properly to avoid potential crash caused by invalid messages
	* added driver_wext workaround for race condition between scanning and
	  association with drivers that take very long time to scan all
	  channels (e.g., madwifi with dual-band cards); wpa_supplicant is now
	  using a longer hardcoded timeout for the scan if the driver supports
	  notifications for scan completion (SIOCGIWSCAN event); this helps,
	  e.g., in cases where wpa_supplicant and madwifi driver ended up in
	  loop where the driver did not even try to associate
	* fixed EAP-SIM not to include AT_NONCE_MT and AT_SELECTED_VERSION
	  attributes in EAP-SIM Start/Response when using fast reauthentication
	* fixed problems in getting NDIS events from WMI on Windows 2000

2007-12-02 - v0.5.9
	* fixed an integer overflow issue in the ASN.1 parser used by the
	  (experimental) internal TLS implementation to avoid a potential
	  buffer read overflow
	* fixed a race condition with -W option (wait for a control interface
	  monitor before starting) that could have caused the first messages to
	  be lost
	* updated EAP Generalized Pre-Shared Key (EAP-GPSK) to use the latest
	  draft (draft-ietf-emu-eap-gpsk-07.txt)
	* added ctrl_iface RECONNECT (wpa_cli reconnect) command
	  (like reassociate, but only takes effect if already associated)
	* fixed a possible race condition between wpa_cli reassociate and
	  wpa_cli disconnect
	* return a non-zero exit code from non-interactive wpa_cli if the
	  command is not recognized or fails
	* fixed 0.5.8 regressions in BSS selection that prevented wildcard SSID
	  from being used with non-WPA networks and disabled workaround for
	  ignoring bogus WPA/RSN IE in non-WPA configuration
	* fixed OpenSSL TLS wrapper to clear trusted CA list to allow
	  network blocks to use different trusted CA configurations
	* fixed a potential EAP state machine loop when mloving from PSK to EAP
	  configuration without restarting wpa_supplicant

2007-05-28 - v0.5.8
	* updated driver_wext.c to build with the current wireless-dev.git tree
	  and net/d80211 changes
	* updated EAP Generalized Pre-Shared Key (EAP-GPSK) to use the latest
	  draft (draft-ietf-emu-eap-gpsk-03.txt)
	* fixed 'make install'
	* fixed EAP-TTLS implementation not to crash on use of freed memory
	  if TLS library initialization fails
	* fixed EAP-AKA Notification processing to allow Notification to be
	  processed after AKA Challenge response has been sent

2006-12-31 - v0.5.7
	* updated EAP-SAKE to RFC 4763 and the IANA-allocated EAP type 48
	* updated EAP-PSK to use the IANA-allocated EAP type 47
	* fixed EAP-PAX key derivation
	* fixed EAP-PSK bit ordering of the Flags field
	* fixed EAP-PEAP/TTLS/FAST to use the correct EAP identifier in
	  tunnelled identity request (previously, the identifier from the outer
	  method was used, not the tunnelled identifier which could be
	  different)
	* fixed EAP-TTLS AVP parser processing for too short AVP lengths
	* added support for EAP-FAST authentication with inner methods that
	  generate MSK (e.g., EAP-MSCHAPv2 that was previously only supported
	  for PAC provisioning)
	* fixed dbus ctrl_iface to validate message interface before
	  dispatching to avoid a possible segfault [Bug 190]
	* fixed PeerKey key derivation to use the correct PRF label
	* updated Windows binary build to link against OpenSSL 0.9.8d and
	  added support for EAP-FAST

2006-11-24 - v0.5.6
	* added experimental, integrated TLSv1 client implementation with the
	  needed X.509/ASN.1/RSA/bignum processing (this can be enabled by
	  setting CONFIG_TLS=internal and CONFIG_INTERNAL_LIBTOMMATH=y in
	  .config); this can be useful, e.g., if the target system does not
	  have a suitable TLS library and a minimal code size is required
	  (total size of this internal TLS/crypto code is bit under 50 kB on
	  x86 and the crypto code is shared by rest of the supplicant so some
	  of it was already required; TLSv1/X.509/ASN.1/RSA added about 25 kB)
	* removed STAKey handshake since PeerKey handshake has replaced it in
	  IEEE 802.11ma and there are no known deployments of STAKey
	* updated EAP Generalized Pre-Shared Key (EAP-GPSK) to use the latest
	  draft (draft-ietf-emu-eap-gpsk-01.txt)
	* added preliminary implementation of IEEE 802.11w/D1.0 (management
	  frame protection)
	  (Note: this requires driver support to work properly.)
	  (Note2: IEEE 802.11w is an unapproved draft and subject to change.)
	* fixed Windows named pipes ctrl_iface to not stop listening for
	  commands if client program opens a named pipe and closes it
	  immediately without sending a command
	* fixed USIM PIN status determination for the case that PIN is not
	  needed (this allows EAP-AKA to be used with USIM cards that do not
	  use PIN)
	* added support for reading 3G USIM AID from EF_DIR to allow EAP-AKA to
	  be used with cards that do not support file selection based on
	  partial AID
	* added support for matching the subjectAltName of the authentication
	  server certificate against multiple name components (e.g.,
	  altsubject_match="DNS:server.example.com;DNS:server2.example.com")
	* fixed EAP-SIM/AKA key derivation for re-authentication case (only
	  affects IEEE 802.1X with dynamic WEP keys)
	* changed ctrl_iface network configuration 'get' operations to not
	  return password/key material; if these fields are requested, "*"
	  will be returned if the password/key is set, but the value of the
	  parameter is not exposed

2006-08-27 - v0.5.5
	* added support for building Windows version with UNICODE defined
	  (wide-char functions)
	* driver_ndis: fixed static WEP configuration to avoid race condition
	  issues with some NDIS drivers between association and setting WEP
	  keys
	* driver_ndis: added validation for IELength value in scan results to
	  avoid crashes when using buggy NDIS drivers [Bug 165]
	* fixed Release|Win32 target in the Visual Studio project files
	  (previously, only Debug|Win32 target was set properly)
	* changed control interface API call wpa_ctrl_pending() to allow it to
	  return -1 on error (e.g., connection lost); control interface clients
	  will need to make sure that they verify that the value is indeed >0
	  when determining whether there are pending messages
	* added an alternative control interface backend for Windows targets:
	  Named Pipe (CONFIG_CTRL_IFACE=named_pipe); this is now the default
	  control interface mechanism for Windows builds (previously, UDP to
	  localhost was used)
	* changed ctrl_interface configuration for UNIX domain sockets:
	  - deprecated ctrl_interface_group variable (it may be removed in
	    future versions)
	  - allow both directory and group be configured with ctrl_interface
	    in following format: DIR=/var/run/wpa_supplicant GROUP=wheel
	  - ctrl_interface=/var/run/wpa_supplicant is still supported for the
	    case when group is not changed
	* added support for controlling more than one interface per process in
	  Windows version
	* added a workaround for a case where the AP is using unknown address
	  (e.g., MAC address of the wired interface) as the source address for
	  EAPOL-Key frames; previously, that source address was used as the
	  destination for EAPOL-Key frames and in key derivation; now, BSSID is
	  used even if the source address does not match with it
	  (this resolves an interoperability issue with Thomson SpeedTouch 580)
	* added a workaround for UDP-based control interface (which was used in
	  Windows builds before this release) to prevent packets with forged
	  addresses from being accepted as local control requests
	* removed ndis_events.cpp and possibility of using external
	  ndis_events.exe; C version (ndis_events.c) is fully functional and
	  there is no desire to maintain two separate versions of this
	  implementation
	* ndis_events: Changed NDIS event notification design to use WMI to
	  learn the adapter description through Win32_PnPEntity class; this
	  should fix some cases where the adapter name was not recognized
	  correctly (e.g., with some USB WLAN adapters, e.g., Ralink RT2500
	  USB) [Bug 113]
	* fixed selection of the first network in ap_scan=2 mode; previously,
	  wpa_supplicant could get stuck in SCANNING state when only the first
	  network for enabled (e.g., after 'wpa_cli select_network 0')
	* winsvc: added support for configuring ctrl_interface parameters in
	  registry (ctrl_interface string value in
	  HKLM\SOFTWARE\wpa_supplicant\interfaces\0000 key); this new value is
	  required to enable control interface (previously, this was hardcoded
	  to be enabled)
	* allow wpa_gui subdirectory to be built with both Qt3 and Qt4
	* converted wpa_gui-qt4 subdirectory to use Qt4 specific project format

2006-06-20 - v0.5.4
	* fixed build with CONFIG_STAKEY=y [Bug 143]
	* added support for doing MLME (IEEE 802.11 management frame
	  processing) in wpa_supplicant when using Devicescape IEEE 802.11
	  stack (wireless-dev.git tree)
	* added a new network block configuration option, fragment_size, to
	  configure the maximum EAP fragment size
	* driver_ndis: Disable WZC automatically for the selected interface to
	  avoid conflicts with two programs trying to control the radio; WZC
	  will be re-enabled (if it was enabled originally) when wpa_supplicant
	  is terminated
	* added an experimental TLSv1 client implementation
	  (CONFIG_TLS=internal) that can be used instead of an external TLS
	  library, e.g., to reduce total size requirement on systems that do
	  not include any TLS library by default (this is not yet complete;
	  basic functionality is there, but certificate validation is not yet
	  included)
	* added PeerKey handshake implementation for IEEE 802.11e
	  direct link setup (DLS) to replace STAKey handshake
	* fixed WPA PSK update through ctrl_iface for the case where the old
	  PSK was derived from an ASCII passphrase and the new PSK is set as
	  a raw PSK (hex string)
	* added new configuration option for identifying which network block
	  was used (id_str in wpa_supplicant.conf; included on
	  WPA_EVENT_CONNECT monitor event and as WPA_ID_STR environmental
	  variable in wpa_cli action scripts; in addition WPA_ID variable is
	  set to the current unique identifier that wpa_supplicant assigned
	  automatically for the network and that can be used with
	  GET_NETWORK/SET_NETWORK ctrl_iface commands)
	* wpa_cli action script is now called only when the connect/disconnect
	  status changes or when associating with a different network
	* fixed configuration parser not to remove CCMP from group cipher list
	  if WPA-None (adhoc) is used (pairwise=NONE in that case)
	* fixed integrated NDIS events processing not to hang the process due
	  to a missed change in eloop_win.c API in v0.5.3 [Bug 155]
	* added support for EAP Generalized Pre-Shared Key (EAP-GPSK,
	  draft-clancy-emu-eap-shared-secret-00.txt)
	* added Microsoft Visual Studio 2005 solution and project files for
	  build wpa_supplicant for Windows (see vs2005 subdirectory)
	* eloop_win: fixed unregistration of Windows events
	* l2_packet_winpcap: fixed a deadlock in deinitializing l2_packet
	  at the end of RSN pre-authentication and added unregistration of
	  a Windows event to avoid getting eloop_win stuck with an invalid
	  handle
	* driver_ndis: added support for selecting AP based on BSSID
	* added new environmental variable for wpa_cli action scripts:
	  WPA_CTRL_DIR is the current control interface directory
	* driver_ndis: added support for using NDISUIO instead of WinPcap for
	  OID set/query operations (CONFIG_USE_NDISUIO=y in .config); with new
	  l2_packet_ndis (CONFIG_L2_PACKET=ndis), this can be used to build
	  wpa_supplicant without requiring WinPcap; note that using NDISUIO
	  requires that WZC is disabled (net stop wzcsvc) since NDISUIO allows
	  only one application to open the device
	* changed NDIS driver naming to only include device GUID, e.g.,
	  {7EE3EFE5-C165-472F-986D-F6FBEDFE8C8D}, instead of including WinPcap
	  specific \Device\NPF_ prefix before the GUID; the prefix is still
	  allowed for backwards compatibility, but it is not required anymore
	  when specifying the interface
	* driver_ndis: re-initialize driver interface is the adapter is removed
	  and re-inserted [Bug 159]
	* driver_madwifi: fixed TKIP and CCMP sequence number configuration on
	  big endian hosts [Bug 146]

2006-04-27 - v0.5.3
	* fixed EAP-GTC response to include correct user identity when run as
	  phase 2 method of EAP-FAST (i.e., EAP-FAST did not work in v0.5.2)
	* driver_ndis: Fixed encryption mode configuration for unencrypted
	  networks (some NDIS drivers ignored this, but others, e.g., Broadcom,
	  refused to associate with open networks) [Bug 106]
	* driver_ndis: use BSSID OID polling to detect when IBSS network is
	  formed even when ndis_events code is included since some NDIS drivers
	  do not generate media connect events in IBSS mode
	* config_winreg: allow global ctrl_interface parameter to be configured
	  in Windows registry
	* config_winreg: added support for saving configuration data into
	  Windows registry
	* added support for controlling network device operational state
	  (dormant/up) for Linux 2.6.17 to improve DHCP processing (see
	  http://www.flamewarmaster.de/software/dhcpclient/ for a DHCP client
	  that can use this information)
	* driver_wext: added support for WE-21 change to SSID configuration
	* driver_wext: fixed privacy configuration for static WEP keys mode
	  [Bug 140]
	* added an optional driver_ops callback for MLME-SETPROTECTION.request
	  primitive
	* added support for EAP-SAKE (no EAP method number allocated yet, so
	  this is using the same experimental type 255 as EAP-PSK)
	* added support for dynamically loading EAP methods (.so files) instead
	  of requiring them to be statically linked in; this is disabled by
	  default (see CONFIG_DYNAMIC_EAP_METHODS in defconfig for information
	  on how to use this)