Lines Matching +full:ipv6 +full:- +full:multi +full:- +full:target
3 2018-12-02 - v2.7
6 [http://w1.fi/security/2017-1/] (CVE-2017-13082)
10 * added support for DPP (Wi-Fi Device Provisioning Protocol)
12 - added local generation of PMK-R0/PMK-R1 for FT-PSK
14 - replaced inter-AP protocol with a cleaner design that is more
18 - added support for wildcard R0KH/R1KH
19 - replaced r0_key_lifetime (minutes) parameter with
21 - fixed wpa_psk_file use for FT-PSK
22 - fixed FT-SAE PMKID matching
23 - added expiration to PMK-R0 and PMK-R1 cache
24 - added IEEE VLAN support (including tagged VLANs)
25 - added support for SHA384 based AKM
27 - fixed some PMKSA caching cases with SAE
28 - added support for configuring SAE password separately of the
30 - added option to require MFP for SAE associations
32 - fixed PTK and EAPOL-Key integrity and key-wrap algorithm selection
37 - added support for Password Identifier
41 * added option to configure EAPOL-Key retry limits
50 - added support for setting Venue URL ANQP-element (venue_url)
51 - added support for advertising Hotspot 2.0 operator icons
52 - added support for Roaming Consortium Selection element
53 - added support for Terms and Conditions
54 - added support for OSEN connection in a shared RSN BSS
56 * added EAP-pwd server support for salted passwords
58 2016-10-02 - v2.6
59 * fixed EAP-pwd last fragment validation
60 [http://w1.fi/security/2015-7/] (CVE-2015-5314)
62 [http://w1.fi/security/2016-1/] (CVE-2016-4476)
64 * added support for configuring new ANQP-elements with
66 * fixed Suite B 192-bit AKM to use proper PMK length
69 frame sending for not-associated STAs if max_num_sta limit has been
71 * added option (-S as command line argument) to request all interfaces
74 to allow -1 to be used to disable RTS/fragmentation
75 * EAP-pwd: added support for Brainpool Elliptic Curves
78 * fixed FTIE generation for 4-way handshake after FT protocol run
81 - support SHA384 and SHA512 hashes
82 - support TLS v1.2 signature algorithm with SHA384 and SHA512
83 - support PKCS #5 v2.0 PBES2
84 - support PKCS #5 with PKCS #12 style key decryption
85 - minimal support for PKCS #12
86 - support OCSP stapling (including ocsp_multi)
88 - drop support for OpenSSL 0.9.8
89 - drop support for OpenSSL 1.0.0
90 * EAP-PEAP: support fast-connect crypto binding
92 - fix Called-Station-Id to not escape SSID
93 - add Event-Timestamp to all Accounting-Request packets
94 - add Acct-Session-Id to Accounting-On/Off
95 - add Acct-Multi-Session-Id ton Access-Request packets
96 - add Service-Type (= Frames)
97 - allow server to provide PSK instead of passphrase for WPA-PSK
99 - update full message for interim accounting updates
100 - add Acct-Delay-Time into Accounting messages
101 - add require_message_authenticator configuration option to require
102 CoA/Disconnect-Request packets to be authenticated
103 * started to postpone WNM-Notification frame sending by 100 ms so that
105 received after the 4-way handshake
107 * extended VLAN support (per-STA vif, etc.)
110 - added support for full station state operations
111 - fix IEEE 802.1X/WEP EAP reauthentication and rekeying to use
119 - use Address 3 = wildcard BSSID in GAS response if a query from an
121 - fix TX status processing for Address 3 = wildcard BSSID
122 - add gas_address3 configuration parameter to control Address 3
124 * added command line parameter -i to override interface parameter in
131 2015-09-27 - v2.5
133 [http://w1.fi/security/2015-2/] (CVE-2015-4141)
135 [http://w1.fi/security/2015-3/] (CVE-2015-4142)
136 * fixed EAP-pwd server missing payload length validation
137 [http://w1.fi/security/2015-4/]
138 (CVE-2015-4143, CVE-2015-4144, CVE-2015-4145)
140 [http://w1.fi/security/2015-5/]
142 - fixed vendor command handling to check OUI properly
146 * added support for hashed password (NtHash) in EAP-pwd server
148 * added EAP-EKE server support for deriving Session-Id
149 * set Acct-Session-Id to a random value to make it more likely to be
151 * added more 2.4 GHz channels for 20/40 MHz HT co-ex scan
156 * added support for CCMP-256 and GCMP-256 as group ciphers with FT
161 * fixed key derivation for Suite B 192-bit AKM (this breaks
167 2015-03-15 - v2.4
172 * fixed Accounting-Request to not include duplicated Acct-Session-Id
173 * add support for Acct-Multi-Session-Id in RADIUS Accounting messages
177 * add INTERFACE-ENABLED and INTERFACE-DISABLED ctrl_iface events
178 * add support for learning STA IPv4/IPv6 addresses and configuring
181 * add support for Suite B (128-bit and 192-bit level) key management and
184 * extend EAPOL-Key msg 1/4 retry workaround for changing SNonce
186 Request frames and BSS-TM-RESP event to indicate response to such
188 * add support for EAP Re-Authentication Protocol (ERP)
189 * fixed AP IE in EAPOL-Key 3/4 when both WPA and FT was enabled
191 * set stdout to be line-buffered
193 (VHT-MCS 8 and 9) on 2.4 GHz band
195 - extend Disconnect-Request processing to allow matching of multiple
197 - support Acct-Multi-Session-Id as an identifier
198 - allow PMKSA cache entry to be removed without association
211 2014-10-09 - v2.3
213 * fixed DFS and channel switch operation for multi-BSS cases
220 (Mobility-Domain-Id, WLAN-HESSID, WLAN-Pairwise-Cipher,
221 WLAN-Group-Cipher, WLAN-AKM-Suite, WLAN-Group-Mgmt-Pairwise-Cipher)
224 * fixed PMKSA cache timeout from Session-Timeout for WPA/WPA2 cases
228 (CVE-2014-3686)
230 2014-06-04 - v2.2
231 * fixed SAE confirm-before-commit validation to avoid a potential
235 - Operating Mode Notification
236 - Power Constraint element (local_pwr_constraint)
237 - Spectrum management capability (spectrum_mgmt_required=1)
238 - fix VHT80 segment picking in ACS
239 - fix vht_capab 'Maximum A-MPDU Length Exponent' handling
240 - fix VHT20
241 * fixed HT40 co-ex scan for some pri/sec channel switches
242 * extended HT40 co-ex support to allow dynamic channel width changes
244 * fixed HT40 co-ex support to check for overlapping 20 MHz BSS
245 * fixed MSCHAP UTF-8 to UCS-2 conversion for three-byte encoding;
246 this fixes password with include UTF-8 characters that use
247 three-byte encoding EAP methods that use NtPasswordHash
249 any AAA server certificate with id-kp-clientAuth even if
250 id-kp-serverAuth EKU was included
254 * enforce full EAP authentication after RADIUS Disconnect-Request by
256 * added support for NAS-IP-Address, NAS-identifier, and NAS-IPv6-Address
257 in RADIUS Disconnect-Request
259 entry with "-"
261 - support Hotspot 2.0 Release 2
271 - do not use Interworking filtering rules on Probe Request if
274 - AP interface teardown optimization
275 - support vendor specific driver command
280 - add SHA256-based cipher suites
281 - add DHE-RSA cipher suites
282 - fix X.509 validation of PKCS#1 signature to check for extra data
284 - add minimal RADIUS accounting server support (hostapd-as-server);
286 - allow authentication log to be written into SQLite databse
287 - added option for TLS protocol testing of an EAP peer by simulating
289 - MAC ACL support for testing purposes
290 * fixed PTK derivation for CCMP-256 and GCMP-256
291 * extended WPS per-station PSK to support ER case
293 (group_mgmt_cipher=AES-128-CMAC (default), BIP-GMAC-128, BIP-GMAC-256,
294 BIP-CMAC-256)
297 * added support for postponing FT response in case PMK-R1 needs to be
300 ht_capab=[40-INTOLERANT]
303 * EAP-pwd fixes
304 - fix possible segmentation fault on EAP method deinit if an invalid
307 - there was a potential ctash due to freed memory being accessed
308 - failover to a backup server mechanism did not work properly
313 * fixed off-by-one bounds checking in printf_encode()
314 - this could result in deinial of service in some EAP server cases
317 2014-02-04 - v2.1
319 stronger password-based authentication with WPA2-Personal
321 - VHT configuration for nl80211
322 - support split wiphy dump
323 - driver-based MAC ACL
324 - QoS Mapping configuration
326 * allow ctrl_iface group to be specified on command line (-G<group>)
333 re-selection)
334 * added EAP-EKE server
336 * added option for using per-BSS (vif) configuration files with
337 -b<phyname>:<config file name>
341 * added support for sending debug info to Linux tracing (-T on command
348 - improved protocol
349 - option to fetch and report alternative carrier records for external
353 2013-01-12 - v2.0
354 * added AP-STA-DISCONNECTED ctrl_iface event
360 use of the Secure bit in EAPOL-Key msg 3/4
364 - replace monitor interface with nl80211 commands
365 - additional information for driver-based AP SME
366 * EAP-pwd:
367 - fix KDF for group 21 and zero-padding
368 - added support for fragmentation
369 - increased maximum number of hunting-and-pecking iterations
376 * added support for getting per-device PSK from RADIUS Tunnel-Password
379 * added a workaround for 4-way handshake to update SNonce even after
380 having sent EAPOL-Key 3/4 to avoid issues with some supplicant
381 implementations that can change SNonce for each EAP-Key 2/4
382 * added a workaround for EAPOL-Key 4/4 using incorrect type value in
389 - GAS/ANQP advertisement of network information
390 - disable_dgaf parameter to disable downstream group-addressed
394 * EAP-SIM: fixed re-authentication not to update pseudonym
395 * EAP-SIM: use Notification round before EAP-Failure
396 * EAP-AKA: added support for AT_COUNTER_TOO_SMALL
397 * EAP-AKA: skip AKA/Identity exchange if EAP identity is recognized
398 * EAP-AKA': fixed identity for MK derivation
399 * EAP-AKA': updated to RFC 5448 (username prefixes changed); note: this
401 * EAP-SIM/AKA: allow pseudonym to be used after unknown reauth id
402 * changed ANonce to be a random number instead of Counter-based
407 - a new command line parameter -u can be used to enable updating of
409 - use 5 bit IND for SQN updates
410 - SQLite database can now be used to store Milenage information
411 * EAP-SIM/AKA DB: added optional use of SQLite database for pseudonyms
413 * added support for Chargeable-User-Identity (RFC 4372)
416 Access-Request and Accounting-Request packets
419 - BSS max idle period
420 - WNM-Sleep Mode
422 - removed obsoleted WPS_OOB command (including support for deprecated
427 * changed VENDOR-TEST EAP method to use proper private enterprise number
432 * added support for 256-bit AES with internal TLS implementation
434 * fixed EAP-TLS/PEAP/TTLS/FAST server to validate TLS Message Length
436 terminate before this fix [CVE-2012-4445]
443 * added Acct-Session-Id attribute into Access-Request messages
444 * fixed EAPOL frame transmission to non-QoS STAs with nl80211
448 2012-05-10 - v1.0
462 isolation can be used to prevent low-level bridging of frames
469 * Add support for writing debug log to a file using "-f" option. Also
470 add relog CLI command to re-open the log file.
476 - Add wds_bridge command for specifying bridge for WDS STA
478 - Add relog command for reopening log file.
479 - Send AP-STA-DISCONNECTED event when an AP disconnects a station
481 - Add wps_config ctrl_interface command for configuring AP. This
485 - Many WPS/WPS ER commands - see WPS/WPS ER sections for details.
486 - Add command get version, that returns hostapd version string.
497 - Send AP Settings as a wrapped Credential attribute to ctrl_iface
498 in WPS-NEW-AP-SETTINGS.
499 - Dispatch more WPS events through hostapd ctrl_iface.
500 - Add mechanism for indicating non-standard WPS errors.
501 - Change concurrent radio AP to use only one WPS UPnP instance.
502 - Add wps_check_pin command for processing PIN from user input.
505 - Add hostap_cli get_config command to display current AP config.
506 - Add new hostapd_cli command, wps_ap_pin, to manage AP PIN at
508 - Disable AP PIN after 10 consecutive failures. Slow down attacks
510 - Allow AP to start in Enrollee mode without AP PIN for probing,
512 - Add Config Error into WPS-FAIL events to provide more info
514 - When controlling multiple interfaces:
515 - apply WPS commands to all interfaces configured to use WPS
516 - apply WPS config changes to all interfaces that use WPS
517 - when an attack is detected on any interface, disable AP PIN on
520 - Show SetSelectedRegistrar events as ctrl_iface events.
521 - Add special AP Setup Locked mode to allow read only ER.
525 - Add build option CONFIG_WPS_EXTENSIBILITY_TESTING to enable tool
527 - Add build option CONFIG_WPS_STRICT to allow disabling of WPS
529 - Add support for AuthorizedMACs attribute.
531 - Allow TDLS use or TDLS channel switching in the BSS to be
544 -ddd to enable.
547 - Add support for TLS v1.1 (RFC 4346). Enable with build parameter
549 - Add domainComponent parser for X.509 names
555 2010-04-18 - v0.7.2
558 * bsd: Cleaned up driver wrapper and added various low-level
561 * EAP-TNC: add Flags field into fragment acknowledgement (needed to
564 * cleaned up driver wrapper API for multi-BSS operations
565 * nl80211: fix multi-BSS and VLAN operations
582 2010-01-16 - v0.7.1
584 is not fully backwards compatible, so out-of-tree driver wrappers
595 * EAP-FAST server: piggyback Phase 2 start with the end of Phase 1
598 * added support for WDS (4-address frame) mode with per-station virtual
609 2009-11-21 - v0.7.0
611 configurable with a new command line options (-G<seconds>)
617 * added support for WPS USBA out-of-band mechanism with USB Flash
621 * fixed TNC with EAP-TTLS
624 * fixed SHA-256 based key derivation function to match with the
634 * updated management frame protection to use IEEE Std 802.11w-2009
637 * added some IEEE 802.11n co-existence rules to disable 40 MHz channels
640 * added support for NFC out-of-band mechanism with WPS
643 2009-01-06 - v0.6.7
644 * added support for Wi-Fi Protected Setup (WPS)
652 wps_pbc are used to configure WPS negotiation; see README-WPS for
659 * added support for EAP-AKA' (draft-arkko-eap-aka-kdf)
661 * changed EAP-GPSK to use the IANA assigned EAP method type 51
665 2008-11-23 - v0.6.6
669 * updated OpenSSL code for EAP-FAST to use an updated version of the
671 OpenSSL 0.9.9 tree on 2008-11-15 (no additional OpenSSL patch is
679 * fixed EAP-TLS message processing for the last TLS message if it is
684 2008-11-01 - v0.6.5
685 * added support for SHA-256 as X.509 certificate digest when using the
687 * fixed EAP-FAST PAC-Opaque padding (0.6.4 broke this for some peer
690 by EAP-FAST server)
692 (accept_mac_file) as an alternative for RADIUS server-based
697 * added support for using SHA256-based stronger key derivation for WPA2
699 * added new "driver wrapper" for RADIUS-only configuration
703 * changed EAP-FAST configuration to use separate fields for A-ID and
704 A-ID-Info (eap_fast_a_id_info) to allow A-ID to be set to a fixed
705 16-octet len binary value for better interoperability with some peer
708 configuration (wireless-testing.git and Linux kernel releases
711 2008-08-10 - v0.6.4
712 * added peer identity into EAP-FAST PAC-Opaque and skip Phase 2
714 * added support for EAP Sequences in EAP-FAST Phase 2
715 * added support for EAP-TNC (Trusted Network Connect)
716 (this version implements the EAP-TNC method and EAP-TTLS/EAP-FAST
717 changes needed to run two methods in sequence (IF-T) and the IF-IMV
718 and IF-TNCCS interfaces from TNCS)
720 * added fragmentation support for EAP-TNC
721 * added support for fragmenting EAP-TTLS/PEAP/FAST Phase 2 (tunneled)
725 2008-02-22 - v0.6.3
729 * copy optional Proxy-State attributes into RADIUS response when acting
734 * fixed EAP-SIM/AKA realm processing to allow decorated usernames to
736 * added a workaround for EAP-SIM/AKA peers that include incorrect null
738 * fixed EAP-SIM/AKA protected result indication to include AT_COUNTER
741 * fixed EAP-SIM Start response processing for fast reauthentication
743 * added support for pending EAP processing in EAP-{PEAP,TTLS,FAST}
744 phase 2 to allow EAP-SIM and EAP-AKA to be used as the Phase 2 method
746 2008-01-01 - v0.6.2
747 * fixed EAP-SIM and EAP-AKA message parser to validate attribute
753 * added support for protecting EAP-AKA/Identity messages with
756 EAP-SIM and EAP-AKA (eap_sim_aka_result_ind=1)
757 * added support for configuring EAP-TTLS phase 2 non-EAP methods in
760 enabled with new method names TTLS-PAP, TTLS-CHAP, TTLS-MSCHAP,
761 TTLS-MSCHAPV2
764 -d (or -dd) command line arguments
765 * added support for EAP-IKEv2 (draft-tschofenig-eap-ikev2-15.txt);
768 2007-11-24 - v0.6.1
772 .config); this can be useful, e.g., if the target system does not
774 * added support for EAP-FAST server method to the integrated EAP
776 * updated EAP Generalized Pre-Shared Key (EAP-GPSK) to use the latest
777 draft (draft-ietf-emu-eap-gpsk-07.txt)
786 2007-05-28 - v0.6.0
788 * updated EAP-SAKE to RFC 4763 and the IANA-allocated EAP type 48
789 * updated EAP-PSK to use the IANA-allocated EAP type 47
790 * fixed EAP-PSK bit ordering of the Flags field
791 * fixed configuration reloading (SIGHUP) to re-initialize WPA PSKs
793 * fixed EAP-TTLS AVP parser processing for too short AVP lengths
794 * fixed IPv6 connection to RADIUS accounting server
795 * updated EAP Generalized Pre-Shared Key (EAP-GPSK) to use the latest
796 draft (draft-ietf-emu-eap-gpsk-04.txt)
801 if a better quality triplets are needed, GSM-Milenage should be used
803 * fixed EAP-MSCHAPv2 server to use a space between S and M parameters
805 * added support for sending EAP-AKA Notifications in error cases
812 2006-11-24 - v0.5.6
817 pre-authentication
818 * added support for dynamic VLAN configuration (i.e., selecting VLAN-ID
819 for each STA based on RADIUS Access-Accept attributes); this requires
826 * updated EAP Generalized Pre-Shared Key (EAP-GPSK) to use the latest
827 draft (draft-ietf-emu-eap-gpsk-01.txt)
832 * hlr_auc_gw: added support for GSM-Milenage (for EAP-SIM)
833 * hlr_auc_gw: added support for reading per-IMSI Milenage keys and
836 EAP-SIM/EAP-AKA
840 2006-08-27 - v0.5.5
844 * fixed hostapd to add PMKID KDE into 4-Way Handshake Message 1 when
846 * added -P<pid file> argument for hostapd to write the current process
850 2006-06-20 - v0.5.4
854 * added support for EAP Generalized Pre-Shared Key (EAP-GPSK,
855 draft-clancy-emu-eap-shared-secret-00.txt)
856 * fixed a segmentation fault when RSN pre-authentication was completed
859 2006-04-27 - v0.5.3
867 * added support for EAP-SAKE (no EAP method number allocated yet, so
868 this is using the same experimental type 255 as EAP-PSK)
869 * fixed EAP-MSCHAPv2 message length validation
871 2006-03-19 - v0.5.2
874 vsyslog on some CPU -- C library combinations
875 * moved HLR/AuC gateway implementation for EAP-SIM/AKA into an external
882 hardcoded AKA authentication data); this can be used to test EAP-SIM
883 and EAP-AKA
885 to make it possible to test EAP-AKA with real USIM cards (this is
889 madwifi-ng svn r1453 and newer; this fixes RSN that was apparently
897 2006-01-29 - v0.5.1
903 2005-12-18 - v0.5.0 (beginning of 0.5.x development releases)
911 * improved EAP-SIM database interface to allow external request to GSM
913 * added support for using EAP-SIM pseudonyms and fast re-authentication
914 * added support for EAP-AKA in the integrated EAP authenticator
916 user database to allow EAP-SIM/AKA selection without extra roundtrip
917 for EAP-Nak negotiation
920 authentication (hash:<16-octet hex value>); added nt_password_hash
923 2005-11-20 - v0.4.7 (beginning of 0.4.x stable releases)
932 * driver_madwifi: added support for madwifi-ng
934 2005-10-27 - v0.4.6
936 User-Name attribute from Access-Accept message, if that is included,
937 for the RADIUS accounting messages (e.g., for EAP-PEAP/TTLS to get
945 condition in which EAPOL-Start message could trigger hostapd to send
946 two EAP-Response/Identity frames to the authentication server
948 2005-09-25 - v0.4.5
951 * added experimental support for EAP-PSK
952 * added support for WE-19 (hostap, madwifi)
954 2005-08-21 - v0.4.4
958 2005-06-26 - v0.4.3
959 * fixed PMKSA caching to copy User-Name and Class attributes so that
962 4-Way Handshake if WPA-PSK is used
966 2005-06-12 - v0.4.2
967 * EAP-PAX is now registered as EAP type 46
968 * fixed EAP-PAX MAC calculation
969 * fixed EAP-PAX CK and ICK key derivation
976 2005-05-22 - v0.4.1
986 * fixed RADIUS Class attribute processing to only use Access-Accept
991 using integrated EAP authenticator for EAP-TLS; new hostapd.conf
994 2005-04-25 - v0.4.0 (beginning of 0.4.x development releases)
996 EAP-Request/Identity message (ASCII-0 (nul) in eap_message)
997 (e.g., to implement draft-adrange-eap-network-discovery-07.txt)
998 * fixed a bug which caused some RSN pre-authentication cases to use
1007 * added support for RADIUS over IPv6; own_ip_addr, auth_server_addr,
1008 and acct_server_addr can now be IPv6 addresses (CONFIG_IPV6=y needs
1009 to be added to .config to include IPv6 support); for RADIUS server,
1011 in RADIUS clients file can then use IPv6 format
1012 * added experimental support for EAP-PAX
1016 2005-02-12 - v0.3.7 (beginning of 0.3.x stable releases)
1018 2005-01-23 - v0.3.5
1021 * fixed PEAPv1 to use tunneled EAP-Success/Failure instead of EAP-TLV
1039 2005-01-09 - v0.3.4
1041 authentication (EAP-PEAP, EAP-TTLS)
1042 * fixed EAPOL-Start processing to trigger WPA reauthentication
1045 2005-01-02 - v0.3.3
1046 * added support for EAP-PEAP in the integrated EAP authenticator
1047 * added support for EAP-GTC in the integrated EAP authenticator
1050 for EAP-TLS and EAP-PEAP
1051 * added support for EAP-TTLS in the integrated EAP authenticator
1052 * added support for EAP-SIM in the integrated EAP authenticator
1059 2004-12-19 - v0.3.2
1063 * added support for EAP-MSCHAPv2 in the integrated EAP authenticator
1065 2004-12-12 - v0.3.1
1066 * added support for integrated EAP-TLS authentication (new hostapd.conf
1073 2004-12-05 - v0.3.0 (beginning of 0.3.x development releases)
1074 * added support for Acct-{Input,Output}-Gigawords
1075 * added support for Event-Timestamp (in RADIUS Accounting-Requests)
1078 * made EAP re-authentication period configurable (eap_reauth_period)
1082 IEEE 802.11i pre-authentication
1083 * added support for multiple WPA pre-shared keys (e.g., one for each
1097 * fixed an alignment issue that could cause SHA-1 to fail on some
1098 platforms (e.g., Intel ixp425 with a compiler that does not 32-bit
1106 * finished update from IEEE 802.1X-2001 to IEEE 802.1X-REV (now d11)
1110 (instead of broadcast) for IAPP ADD-notify (moved from draft 3 to
1111 IEEE 802.11F-2003)
1116 * dual-licensed hostapd (GPLv2 and BSD licenses)
1124 external RADIUS authentication server; currently, only EAP-MD5 is
1135 2004-07-17 - v0.2.4 (beginning of 0.2.x stable releases)
1136 * fixed some accounting cases where Accounting-Start was sent when
1139 2004-06-20 - v0.2.3
1140 * modified RADIUS client to re-connect the socket in case of certain
1148 2004-05-31 - v0.2.2
1150 * fixed group rekeying to send zero TSC in EAPOL-Key messages to fix
1154 * send canned EAP failure if RADIUS server sends Access-Reject without
1156 * fixed mixed WPA-PSK and WPA-EAP mode to work with WPA-PSK (i.e., do
1157 not start EAPOL state machines if the STA selected to use WPA-PSK)
1159 2004-05-06 - v0.2.1
1161 - based on IEEE 802.11i/D10.0 but modified to interoperate with WPA
1163 - supports WPA-only, RSN-only, and mixed WPA/RSN mode
1164 - both WPA-PSK and WPA-RADIUS/EAP are supported
1165 - PMKSA caching and pre-authentication
1166 - new hostapd.conf variables: wpa, wpa_psk, wpa_passphrase,
1172 2004-02-15 - v0.2.0
1173 * added support for Acct-Interim-Interval:
1174 - draft-ietf-radius-acct-interim-01.txt
1175 - use Acct-Interim-Interval attribute from Access-Accept if local
1177 - allow different update intervals for each STA
1180 * reset sta->timeout_next after successful association to make sure
1182 STA immediately (e.g., if STA deauthenticates and re-associates
1185 add an optional RADIUS Attribute, NAS-Identifier, into authentication
1187 * added support for Accounting-On and Accounting-Off messages
1188 * fixed accounting session handling to send Accounting-Start only once
1189 per session and not to send Accounting-Stop if the session was not
1191 * fixed Accounting-Stop statistics in cases where the message was