Lines Matching refs:EAP
23 * fixed EAP-AKA to use RES Length field in AT_RES as length in bits,
34 * fixed EAP-SIM and EAP-AKA message parser to validate attribute
43 * fixed EAP-SIM not to include AT_NONCE_MT and AT_SELECTED_VERSION
44 attributes in EAP-SIM Start/Response when using fast reauthentication
54 * updated EAP Generalized Pre-Shared Key (EAP-GPSK) to use the latest
67 * fixed a potential EAP state machine loop when mloving from PSK to EAP
73 * updated EAP Generalized Pre-Shared Key (EAP-GPSK) to use the latest
76 * fixed EAP-TTLS implementation not to crash on use of freed memory
78 * fixed EAP-AKA Notification processing to allow Notification to be
82 * updated EAP-SAKE to RFC 4763 and the IANA-allocated EAP type 48
83 * updated EAP-PSK to use the IANA-allocated EAP type 47
84 * fixed EAP-PAX key derivation
85 * fixed EAP-PSK bit ordering of the Flags field
86 * fixed EAP-PEAP/TTLS/FAST to use the correct EAP identifier in
90 * fixed EAP-TTLS AVP parser processing for too short AVP lengths
91 * added support for EAP-FAST authentication with inner methods that
92 generate MSK (e.g., EAP-MSCHAPv2 that was previously only supported
98 added support for EAP-FAST
111 * updated EAP Generalized Pre-Shared Key (EAP-GPSK) to use the latest
121 needed (this allows EAP-AKA to be used with USIM cards that do not
123 * added support for reading 3G USIM AID from EF_DIR to allow EAP-AKA to
129 * fixed EAP-SIM/AKA key derivation for re-authentication case (only
198 configure the maximum EAP fragment size
227 * added support for EAP Generalized Pre-Shared Key (EAP-GPSK,
256 * fixed EAP-GTC response to include correct user identity when run as
257 phase 2 method of EAP-FAST (i.e., EAP-FAST did not work in v0.5.2)
277 * added support for EAP-SAKE (no EAP method number allocated yet, so
278 this is using the same experimental type 255 as EAP-PSK)
279 * added support for dynamically loading EAP methods (.so files) instead
286 access for a network that has not enabled EAP-AKA
287 * fixed EAP phase 2 Nak for EAP-{PEAP,TTLS,FAST} (this was broken in
288 v0.5.1 due to the new support for expanded EAP types)
289 * added support for generating EAP Expanded Nak
296 * changed EAP method registration to use a dynamic list of methods
300 * fixed a memory leak in EAP-TTLS re-authentication
310 * added support for EAP expanded type (vendor specific EAP methods)
328 EAP-SIM and EAP-AKA with real SIM/USIM card when using ap_scan=0 or
336 * fixed EAP-SIM and EAP-AKA pseudonym and fast re-authentication to
338 * fixed EAP-AKA to allow resynchronization within the same session
363 refused the previously used parameters; this fixes EAP-SIM and
364 EAP-AKA authentication using SIM/USIM card under Windows
376 * added support for EAP-FAST key derivation using other ciphers than
403 * disable EAP state machine when IEEE 802.1X authentication is not used
404 in order to get rid of bogus "EAP failed" messages
413 * fixed EAP state machine to not discard EAP-Failure messages in many
461 EAP authentication immediately after association
472 for EAP state machine to allow recovery from dropped EAP-Success
475 layer (Ethernet) header during WPA and EAPOL/EAP processing; this
479 * updated EAP-PSK to use draft 9 by default since this can now be
497 * replaced OpenSSL patch for EAP-FAST support
501 to be able to build wpa_supplicant with EAP-FAST support)
503 for client certificate and private key operations (EAP-TLS)
526 * added EAP workaround for PEAP session resumption: allow outer,
527 i.e., not tunneled, EAP-Success to terminate session since; this can
537 * removed interface for external EAPOL/EAP supplicant (e.g.,
561 * added support for querying private key password (EAP-TLS) through the
566 * EAP-PAX is now registered as EAP type 46
567 * fixed EAP-PAX MAC calculation
568 * fixed EAP-PAX CK and ICK key derivation
569 * added support for using password with EAP-PAX (as an alternative to
590 * added support for EAP-MSCHAPv2 password retries within the same EAP
592 * added support for password changes with EAP-MSCHAPv2 (used when the
598 * fixed a possible double free in EAP-TTLS fast-reauthentication when
600 * display EAP Notification messages to user through control interface
601 with "CTRL-EVENT-EAP-NOTIFICATION" prefix
612 * added EAP workaround for PEAPv1 session resumption: allow outer,
613 i.e., not tunneled, EAP-Success to terminate session since; this can
630 * modified the EAP workaround that accepts EAP-Success with incorrect
638 file, a control interface request is sent and EAP processing is
641 private key operations in EAP-TLS (CONFIG_SMARTCARD=y in .config);
645 * added experimental support for EAP-PAX
673 EAP-PEAP and EAP-TTLS
692 * fixed EAP workaround and fast reauthentication configuration for
695 requires EAP workarounds
699 * fixed CA certificate loading after a failed EAP-TLS/PEAP/TTLS
701 * allow EAP-PEAP/TTLS fast reauthentication only if Phase 2 succeeded
720 * cleaned up EAP state machine <-> method interface and number of
722 EAP-Failure but waiting for timeout
725 * added support for EAP-FAST (draft-cam-winget-eap-fast-00.txt);
739 * improved recovery from PMKID mismatches by requesting full EAP
754 clearing port Valid in order to reset EAP state machine and avoid
801 * PEAPv1: fixed tunneled EAP-Success reply handling to reply with TLS
802 ACK, not tunneled EAP-Success (of which only the first byte was
806 EAP-Success message; this can be configured by adding
814 * added support for EAP-PSK (draft-bersani-eap-psk-03.txt)
816 * added support for configuring list of allowed Phase 2 EAP types
817 (for both EAP-PEAP and EAP-TTLS) instead of only one type
821 * added support for EAP-AKA (with UMTS SIM)
823 random-looking errors for EAP-SIM
824 * added support for EAP-SIM pseudonyms and fast re-authentication
825 * added support for EAP-TLS/PEAP/TTLS fast re-authentication (TLS
827 * added support for EAP-SIM with two challanges
830 key exchange (EAP-TLS/PEAP/TTLS) using new configuration parameters
834 certificate with a substring when using EAP-TLS/PEAP/TTLS; new
876 * added a workaround for EAP servers that incorrectly use same Id for
877 sequential EAP packets
890 * made EAP workarounds configurable; enabled by default, can be
894 * resolved couple of interoperability issues with EAP-PEAPv1 and
895 Phase 2 (inner EAP) fragment reassembly
915 * added support for new EAP authentication methods:
916 EAP-TTLS/EAP-OTP, EAP-PEAPv0/OTP, EAP-PEAPv1/OTP, EAP-OTP
921 password; this can be used with both EAP-OTP and EAP-GTC
951 * small improvements/bug fixes for EAP-MSCHAPv2, EAP-PEAP, and
963 EAP-SIM; this requires pcsc-lite
967 EAP keying material is used as data encryption key)
972 * added support for new EAP authentication methods:
973 EAP-TTLS/EAP-MD5-Challenge
974 EAP-TTLS/EAP-GTC
975 EAP-TTLS/EAP-MSCHAPv2
976 EAP-TTLS/EAP-TLS
977 EAP-TTLS/MSCHAPv2
978 EAP-TTLS/MSCHAP
979 EAP-TTLS/PAP
980 EAP-TTLS/CHAP
981 EAP-PEAP/TLS
982 EAP-PEAP/GTC
983 EAP-PEAP/MD5-Challenge
984 EAP-GTC
985 EAP-SIM (not yet complete; needs GSM/SIM authentication interface)
988 tunnel (e.g., with EAP-TTLS)
991 control interface; in other words, the password for EAP-PEAP or
992 EAP-TTLS does not need to be included in the configuration file since
1010 - EAP peer state machine [draft-ietf-eap-statemachine-02.pdf]
1011 - EAP-MD5 (cannot be used with WPA-RADIUS)
1013 - EAP-TLS [RFC 2716]
1014 - EAP-MSCHAPv2 (currently used only with EAP-PEAP)
1015 - EAP-PEAP/MSCHAPv2 [draft-josefsson-pppext-eap-tls-eap-07.txt]
1026 - EAP-TLS and EAP-PEAP require openssl libraries
1027 * use module prefix in debug messages (WPA, EAP, EAP-TLS, ..)
1029 (i.e., complete IEEE 802.1X/EAP authentication and use IEEE 802.1X
1046 - EAPOL/EAP functions