Lines Matching refs:EAP
42 * added support for EAP-AKA' (draft-arkko-eap-aka-kdf)
47 * changed EAP-GPSK to use the IANA assigned EAP method type 51
55 * added Milenage SIM/USIM emulator for EAP-SIM/EAP-AKA
66 * fixed EAP-AKA to use RES Length field in AT_RES as length in bits,
68 * updated OpenSSL code for EAP-FAST to use an updated version of the
93 * added support for EAP Sequences in EAP-FAST Phase 2
94 * added support for using TNC with EAP-FAST
97 * fixed the OpenSSL patches (0.9.8g and 0.9.9) for EAP-FAST to
99 * added fragmentation support for EAP-TNC
112 previously used for configuring user identity and key for EAP-PSK,
113 EAP-PAX, EAP-SAKE, and EAP-GPSK. 'identity' field is now used as the
129 * fixed EAP-SIM not to include AT_NONCE_MT and AT_SELECTED_VERSION
130 attributes in EAP-SIM Start/Response when using fast reauthentication
138 * fixed EAP-SIM and EAP-AKA message parser to validate attribute
142 changed and various interfaces (e.g., EAP) is not compatible with old
144 * added support for protecting EAP-AKA/Identity messages with
147 EAP-SIM and EAP-AKA (phase1="result_ind=1")
176 * added support for EAP-IKEv2 (draft-tschofenig-eap-ikev2-15.txt);
183 full handshake when using EAP-FAST (e.g., due to an expired
185 * updated EAP Generalized Pre-Shared Key (EAP-GPSK) to use the latest
210 * updated EAP-SAKE to RFC 4763 and the IANA-allocated EAP type 48
211 * updated EAP-PSK to use the IANA-allocated EAP type 47
212 * fixed EAP-PAX key derivation
213 * fixed EAP-PSK bit ordering of the Flags field
214 * fixed EAP-PEAP/TTLS/FAST to use the correct EAP identifier in
219 of EAP-PEAP/TTLS/FAST
220 * fixed EAP-TTLS AVP parser processing for too short AVP lengths
221 * added support for EAP-FAST authentication with inner methods that
222 generate MSK (e.g., EAP-MSCHAPv2 that was previously only supported
224 * added support for authenticated EAP-FAST provisioning
225 * added support for configuring maximum number of EAP-FAST PACs to
227 * added support for storing EAP-FAST PACs in binary format
233 added support for EAP-FAST
234 * updated EAP Generalized Pre-Shared Key (EAP-GPSK) to use the latest
236 * fixed EAP-AKA Notification processing to allow Notification to be
240 * fixed EAP-TTLS implementation not to crash on use of freed memory
242 * added support for EAP-TNC (Trusted Network Connect)
243 (this version implements the EAP-TNC method and EAP-TTLS changes
258 * updated EAP Generalized Pre-Shared Key (EAP-GPSK) to use the latest
268 needed (this allows EAP-AKA to be used with USIM cards that do not
270 * added support for reading 3G USIM AID from EF_DIR to allow EAP-AKA to
276 * fixed EAP-SIM/AKA key derivation for re-authentication case (only
345 configure the maximum EAP fragment size
374 * added support for EAP Generalized Pre-Shared Key (EAP-GPSK,
403 * fixed EAP-GTC response to include correct user identity when run as
404 phase 2 method of EAP-FAST (i.e., EAP-FAST did not work in v0.5.2)
424 * added support for EAP-SAKE (no EAP method number allocated yet, so
425 this is using the same experimental type 255 as EAP-PSK)
426 * added support for dynamically loading EAP methods (.so files) instead
433 access for a network that has not enabled EAP-AKA
434 * fixed EAP phase 2 Nak for EAP-{PEAP,TTLS,FAST} (this was broken in
435 v0.5.1 due to the new support for expanded EAP types)
436 * added support for generating EAP Expanded Nak
443 * changed EAP method registration to use a dynamic list of methods
447 * fixed a memory leak in EAP-TTLS re-authentication
457 * added support for EAP expanded type (vendor specific EAP methods)
475 EAP-SIM and EAP-AKA with real SIM/USIM card when using ap_scan=0 or
483 * fixed EAP-SIM and EAP-AKA pseudonym and fast re-authentication to
485 * fixed EAP-AKA to allow resynchronization within the same session
510 refused the previously used parameters; this fixes EAP-SIM and
511 EAP-AKA authentication using SIM/USIM card under Windows
523 * added support for EAP-FAST key derivation using other ciphers than
550 * disable EAP state machine when IEEE 802.1X authentication is not used
551 in order to get rid of bogus "EAP failed" messages
560 * fixed EAP state machine to not discard EAP-Failure messages in many
608 EAP authentication immediately after association
619 for EAP state machine to allow recovery from dropped EAP-Success
622 layer (Ethernet) header during WPA and EAPOL/EAP processing; this
626 * updated EAP-PSK to use draft 9 by default since this can now be
644 * replaced OpenSSL patch for EAP-FAST support
648 to be able to build wpa_supplicant with EAP-FAST support)
650 for client certificate and private key operations (EAP-TLS)
673 * added EAP workaround for PEAP session resumption: allow outer,
674 i.e., not tunneled, EAP-Success to terminate session since; this can
684 * removed interface for external EAPOL/EAP supplicant (e.g.,
708 * added support for querying private key password (EAP-TLS) through the
713 * EAP-PAX is now registered as EAP type 46
714 * fixed EAP-PAX MAC calculation
715 * fixed EAP-PAX CK and ICK key derivation
716 * added support for using password with EAP-PAX (as an alternative to
737 * added support for EAP-MSCHAPv2 password retries within the same EAP
739 * added support for password changes with EAP-MSCHAPv2 (used when the
745 * fixed a possible double free in EAP-TTLS fast-reauthentication when
747 * display EAP Notification messages to user through control interface
748 with "CTRL-EVENT-EAP-NOTIFICATION" prefix
759 * added EAP workaround for PEAPv1 session resumption: allow outer,
760 i.e., not tunneled, EAP-Success to terminate session since; this can
777 * modified the EAP workaround that accepts EAP-Success with incorrect
785 file, a control interface request is sent and EAP processing is
788 private key operations in EAP-TLS (CONFIG_SMARTCARD=y in .config);
792 * added experimental support for EAP-PAX
820 EAP-PEAP and EAP-TTLS
839 * fixed EAP workaround and fast reauthentication configuration for
842 requires EAP workarounds
846 * fixed CA certificate loading after a failed EAP-TLS/PEAP/TTLS
848 * allow EAP-PEAP/TTLS fast reauthentication only if Phase 2 succeeded
867 * cleaned up EAP state machine <-> method interface and number of
869 EAP-Failure but waiting for timeout
872 * added support for EAP-FAST (draft-cam-winget-eap-fast-00.txt);
886 * improved recovery from PMKID mismatches by requesting full EAP
901 clearing port Valid in order to reset EAP state machine and avoid
948 * PEAPv1: fixed tunneled EAP-Success reply handling to reply with TLS
949 ACK, not tunneled EAP-Success (of which only the first byte was
953 EAP-Success message; this can be configured by adding
961 * added support for EAP-PSK (draft-bersani-eap-psk-03.txt)
963 * added support for configuring list of allowed Phase 2 EAP types
964 (for both EAP-PEAP and EAP-TTLS) instead of only one type
968 * added support for EAP-AKA (with UMTS SIM)
970 random-looking errors for EAP-SIM
971 * added support for EAP-SIM pseudonyms and fast re-authentication
972 * added support for EAP-TLS/PEAP/TTLS fast re-authentication (TLS
974 * added support for EAP-SIM with two challanges
977 key exchange (EAP-TLS/PEAP/TTLS) using new configuration parameters
981 certificate with a substring when using EAP-TLS/PEAP/TTLS; new
1023 * added a workaround for EAP servers that incorrectly use same Id for
1024 sequential EAP packets
1037 * made EAP workarounds configurable; enabled by default, can be
1041 * resolved couple of interoperability issues with EAP-PEAPv1 and
1042 Phase 2 (inner EAP) fragment reassembly
1062 * added support for new EAP authentication methods:
1063 EAP-TTLS/EAP-OTP, EAP-PEAPv0/OTP, EAP-PEAPv1/OTP, EAP-OTP
1068 password; this can be used with both EAP-OTP and EAP-GTC
1098 * small improvements/bug fixes for EAP-MSCHAPv2, EAP-PEAP, and
1110 EAP-SIM; this requires pcsc-lite
1114 EAP keying material is used as data encryption key)
1119 * added support for new EAP authentication methods:
1120 EAP-TTLS/EAP-MD5-Challenge
1121 EAP-TTLS/EAP-GTC
1122 EAP-TTLS/EAP-MSCHAPv2
1123 EAP-TTLS/EAP-TLS
1124 EAP-TTLS/MSCHAPv2
1125 EAP-TTLS/MSCHAP
1126 EAP-TTLS/PAP
1127 EAP-TTLS/CHAP
1128 EAP-PEAP/TLS
1129 EAP-PEAP/GTC
1130 EAP-PEAP/MD5-Challenge
1131 EAP-GTC
1132 EAP-SIM (not yet complete; needs GSM/SIM authentication interface)
1135 tunnel (e.g., with EAP-TTLS)
1138 control interface; in other words, the password for EAP-PEAP or
1139 EAP-TTLS does not need to be included in the configuration file since
1157 - EAP peer state machine [draft-ietf-eap-statemachine-02.pdf]
1158 - EAP-MD5 (cannot be used with WPA-RADIUS)
1160 - EAP-TLS [RFC 2716]
1161 - EAP-MSCHAPv2 (currently used only with EAP-PEAP)
1162 - EAP-PEAP/MSCHAPv2 [draft-josefsson-pppext-eap-tls-eap-07.txt]
1173 - EAP-TLS and EAP-PEAP require openssl libraries
1174 * use module prefix in debug messages (WPA, EAP, EAP-TLS, ..)
1176 (i.e., complete IEEE 802.1X/EAP authentication and use IEEE 802.1X
1193 - EAPOL/EAP functions