robust_av.c - OpenGrok history log for /freebsd/contrib/wpa/wpa_supplicant/robust

Revision (<<< Hide revision tags) (Show revision tags >>>)	Date	Author	Comments
# a90b9d01	21-Jul-2024	Cy Schubert <cy@FreeBSD.org>	wpa: Import 2.11 Following is a changelog of new features and fixes to wpa: hostapd: * Wi-Fi Easy Connect - add support for DPP release 3 - allow Configurator parameters to be provided during c wpa: Import 2.11 Following is a changelog of new features and fixes to wpa: hostapd: * Wi-Fi Easy Connect - add support for DPP release 3 - allow Configurator parameters to be provided during config exchange * HE/IEEE 802.11ax/Wi-Fi 6 - various fixes * EHT/IEEE 802.11be/Wi-Fi 7 - add preliminary support * SAE: add support for fetching the password from a RADIUS server * support OpenSSL 3.0 API changes * support background radar detection and CAC with some additional drivers * support RADIUS ACL/PSK check during 4-way handshake (wpa_psk_radius=3) * EAP-SIM/AKA: support IMSI privacy * improve 4-way handshake operations - use Secure=1 in message 3 during PTK rekeying * OCV: do not check Frequency Segment 1 Channel Number for 160 MHz cases to avoid interoperability issues * support new SAE AKM suites with variable length keys * support new AKM for 802.1X/EAP with SHA384 * extend PASN support for secure ranging * FT: Use SHA256 to derive PMKID for AKM 00-0F-AC:3 (FT-EAP) - this is based on additional details being added in the IEEE 802.11 standard - the new implementation is not backwards compatible * improved ACS to cover additional channel types/bandwidths * extended Multiple BSSID support * fix beacon protection with FT protocol (incorrect BIGTK was provided) * support unsynchronized service discovery (USD) * add preliminary support for RADIUS/TLS * add support for explicit SSID protection in 4-way handshake (a mitigation for CVE-2023-52424; disabled by default for now, can be enabled with ssid_protection=1) * fix SAE H2E rejected groups validation to avoid downgrade attacks * use stricter validation for some RADIUS messages * a large number of other fixes, cleanup, and extensions wpa_supplicant: * Wi-Fi Easy Connect - add support for DPP release 3 - allow Configurator parameters to be provided during config exchange * MACsec - add support for GCM-AES-256 cipher suite - remove incorrect EAP Session-Id length constraint - add hardware offload support for additional drivers * HE/IEEE 802.11ax/Wi-Fi 6 - support BSS color updates - various fixes * EHT/IEEE 802.11be/Wi-Fi 7 - add preliminary support * support OpenSSL 3.0 API changes * improve EAP-TLS support for TLSv1.3 * EAP-SIM/AKA: support IMSI privacy * improve mitigation against DoS attacks when PMF is used * improve 4-way handshake operations - discard unencrypted EAPOL frames in additional cases - use Secure=1 in message 2 during PTK rekeying * OCV: do not check Frequency Segment 1 Channel Number for 160 MHz cases to avoid interoperability issues * support new SAE AKM suites with variable length keys * support new AKM for 802.1X/EAP with SHA384 * improve cross-AKM roaming with driver-based SME/BSS selection * PASN - extend support for secure ranging - allow PASN implementation to be used with external programs for Wi-Fi Aware * FT: Use SHA256 to derive PMKID for AKM 00-0F-AC:3 (FT-EAP) - this is based on additional details being added in the IEEE 802.11 standard - the new implementation is not backwards compatible, but PMKSA caching with FT-EAP was, and still is, disabled by default * support a pregenerated MAC (mac_addr=3) as an alternative mechanism for using per-network random MAC addresses * EAP-PEAP: require Phase 2 authentication by default (phase2_auth=1) to improve security for still unfortunately common invalid configurations that do not set ca_cert * extend SCS support for QoS Characteristics * extend MSCS support * support unsynchronized service discovery (USD) * add support for explicit SSID protection in 4-way handshake (a mitigation for CVE-2023-52424; disabled by default for now, can be enabled with ssid_protection=1) - in addition, verify SSID after key setup when beacon protection is used * fix SAE H2E rejected groups validation to avoid downgrade attacks * a large number of other fixes, cleanup, and extensions MFC after: 2 months Merge commit '6377230b3cf4f238dcd0dc2d76ff25943d3040e5' show more ...
Revision tags: release/14.1.0, release/13.3.0, release/14.0.0, release/13.2.0, release/12.4.0, release/13.1.0
# 4b72b91a	03-Dec-2021	Cy Schubert <cy@FreeBSD.org>	wpa: Redo import wpa_supplicant/hostapd commit 14ab4a816 This is the November update to vendor/wpa committed upstream 2021-11-26. MFC after: 1 month
# db0ac6de	02-Dec-2021	Cy Schubert <cy@FreeBSD.org>	Revert "wpa: Import wpa_supplicant/hostapd commit 14ab4a816" This reverts commit 266f97b5e9a7958e365e78288616a459b40d924a, reversing changes made to a10253cffea84c0c980a36ba6776b00ed96c3e3b. A mism Revert "wpa: Import wpa_supplicant/hostapd commit 14ab4a816" This reverts commit 266f97b5e9a7958e365e78288616a459b40d924a, reversing changes made to a10253cffea84c0c980a36ba6776b00ed96c3e3b. A mismerge of a merge to catch up to main resulted in files being committed which should not have been. show more ...
# 266f97b5	02-Dec-2021	Cy Schubert <cy@FreeBSD.org>	wpa: Import wpa_supplicant/hostapd commit 14ab4a816 This is the November update to vendor/wpa committed upstream 2021-11-26. MFC after: 1 month
Revision tags: release/12.3.0
# c1d255d3	03-Sep-2021	Cy Schubert <cy@FreeBSD.org>	wpa: Import wpa_supplicant/hostapd commits up to b4f7506ff Merge vendor commits 40c7ff83e74eabba5a7e2caefeea12372b2d3f9a, efec8223892b3e677acb46eae84ec3534989971f, and 2f6c3ea9600b494d24cac5a38c1cea wpa: Import wpa_supplicant/hostapd commits up to b4f7506ff Merge vendor commits 40c7ff83e74eabba5a7e2caefeea12372b2d3f9a, efec8223892b3e677acb46eae84ec3534989971f, and 2f6c3ea9600b494d24cac5a38c1cea0ac192245e. Tested by: philip MFC after: 2 months show more ...
# 0aad5de3	17-Apr-2021	Cy Schubert <cy@FreeBSD.org>	Revert wpa import. b51f459a2098622c31ed54f5c1bf0e03efce403b resulted in a mismerge due to having to do a remerge because my tree was over a week out of date. Changes that were made to fix the build Revert wpa import. b51f459a2098622c31ed54f5c1bf0e03efce403b resulted in a mismerge due to having to do a remerge because my tree was over a week out of date. Changes that were made to fix the build were lost in the remerge resulting in build errors that were fixed a week ago. show more ...
# b51f459a	17-Apr-2021	Cy Schubert <cy@FreeBSD.org>	wpa: Import wpa_supplicant/hostapd commit f91680c15 This is the April update to vendor/wpa committed upstream 2021/04/07. This is MFV efec8223892b3e677acb46eae84ec3534989971f. Suggested by: phili wpa: Import wpa_supplicant/hostapd commit f91680c15 This is the April update to vendor/wpa committed upstream 2021/04/07. This is MFV efec8223892b3e677acb46eae84ec3534989971f. Suggested by: philip Reviewed by: philip MFC after: 2 months Differential Revision: https://reviews.freebsd.org/D29744 show more ...