1
1
ChangeLog for wpa_supplicant
4
* updated EAP-SAKE to RFC 4763 and the IANA-allocated EAP type 48
5
* updated EAP-PSK to use the IANA-allocated EAP type 47
6
* fixed EAP-PAX key derivation
7
* fixed EAP-PSK bit ordering of the Flags field
8
* fixed EAP-PEAP/TTLS/FAST to use the correct EAP identifier in
9
tunnelled identity request (previously, the identifier from the outer
10
method was used, not the tunnelled identifier which could be
12
* fixed EAP-TTLS AVP parser processing for too short AVP lengths
13
* added support for EAP-FAST authentication with inner methods that
14
generate MSK (e.g., EAP-MSCHAPv2 that was previously only supported
16
* fixed dbus ctrl_iface to validate message interface before
17
dispatching to avoid a possible segfault [Bug 190]
18
* fixed PeerKey key derivation to use the correct PRF label
19
* updated Windows binary build to link against OpenSSL 0.9.8d and
20
added support for EAP-FAST
23
* added experimental, integrated TLSv1 client implementation with the
24
needed X.509/ASN.1/RSA/bignum processing (this can be enabled by
25
setting CONFIG_TLS=internal and CONFIG_INTERNAL_LIBTOMMATH=y in
26
.config); this can be useful, e.g., if the target system does not
27
have a suitable TLS library and a minimal code size is required
28
(total size of this internal TLS/crypto code is bit under 50 kB on
29
x86 and the crypto code is shared by rest of the supplicant so some
30
of it was already required; TLSv1/X.509/ASN.1/RSA added about 25 kB)
31
* removed STAKey handshake since PeerKey handshake has replaced it in
32
IEEE 802.11ma and there are no known deployments of STAKey
33
* updated EAP Generalized Pre-Shared Key (EAP-GPSK) to use the latest
34
draft (draft-ietf-emu-eap-gpsk-01.txt)
35
* added preliminary implementation of IEEE 802.11w/D1.0 (management
37
(Note: this requires driver support to work properly.)
38
(Note2: IEEE 802.11w is an unapproved draft and subject to change.)
39
* fixed Windows named pipes ctrl_iface to not stop listening for
40
commands if client program opens a named pipe and closes it
41
immediately without sending a command
42
* fixed USIM PIN status determination for the case that PIN is not
43
needed (this allows EAP-AKA to be used with USIM cards that do not
45
* added support for reading 3G USIM AID from EF_DIR to allow EAP-AKA to
46
be used with cards that do not support file selection based on
48
* added support for matching the subjectAltName of the authentication
49
server certificate against multiple name components (e.g.,
50
altsubject_match="DNS:server.example.com;DNS:server2.example.com")
51
* fixed EAP-SIM/AKA key derivation for re-authentication case (only
52
affects IEEE 802.1X with dynamic WEP keys)
53
* changed ctrl_iface network configuration 'get' operations to not
54
return password/key material; if these fields are requested, "*"
55
will be returned if the password/key is set, but the value of the
56
parameter is not exposed
59
4
* added support for building Windows version with UNICODE defined
60
5
(wide-char functions)