Update version to v2.7 and copyright years to include 2018
Also add the ChangeLog entries for both hostapd and wpa_supplicant to describe main changes between v2.6 and v2.7. Signed-off-by: Jouni Malinen <j@w1.fi>
This commit is contained in:
parent
55570efe35
commit
c2c6c01bb8
20 changed files with 146 additions and 21 deletions
|
@ -140,7 +140,7 @@ The license terms used for hostap.git files
|
|||
|
||||
Modified BSD license (no advertisement clause):
|
||||
|
||||
Copyright (c) 2002-2017, Jouni Malinen <j@w1.fi> and contributors
|
||||
Copyright (c) 2002-2018, Jouni Malinen <j@w1.fi> and contributors
|
||||
All Rights Reserved.
|
||||
|
||||
Redistribution and use in source and binary forms, with or without
|
||||
|
|
2
COPYING
2
COPYING
|
@ -1,7 +1,7 @@
|
|||
wpa_supplicant and hostapd
|
||||
--------------------------
|
||||
|
||||
Copyright (c) 2002-2017, Jouni Malinen <j@w1.fi> and contributors
|
||||
Copyright (c) 2002-2018, Jouni Malinen <j@w1.fi> and contributors
|
||||
All Rights Reserved.
|
||||
|
||||
|
||||
|
|
2
README
2
README
|
@ -1,7 +1,7 @@
|
|||
wpa_supplicant and hostapd
|
||||
--------------------------
|
||||
|
||||
Copyright (c) 2002-2017, Jouni Malinen <j@w1.fi> and contributors
|
||||
Copyright (c) 2002-2018, Jouni Malinen <j@w1.fi> and contributors
|
||||
All Rights Reserved.
|
||||
|
||||
These programs are licensed under the BSD license (the one with
|
||||
|
|
|
@ -31,7 +31,7 @@ PROJECT_NAME = "wpa_supplicant / hostapd"
|
|||
# This could be handy for archiving the generated documentation or
|
||||
# if some version control system is used.
|
||||
|
||||
PROJECT_NUMBER = 2.6
|
||||
PROJECT_NUMBER = 2.7
|
||||
|
||||
# The OUTPUT_DIRECTORY tag is used to specify the (relative or absolute)
|
||||
# base path where the generated documentation will be put.
|
||||
|
|
|
@ -1,5 +1,60 @@
|
|||
ChangeLog for hostapd
|
||||
|
||||
2018-12-02 - v2.7
|
||||
* fixed WPA packet number reuse with replayed messages and key
|
||||
reinstallation
|
||||
[http://w1.fi/security/2017-1/] (CVE-2017-13082)
|
||||
* added support for FILS (IEEE 802.11ai) shared key authentication
|
||||
* added support for OWE (Opportunistic Wireless Encryption, RFC 8110;
|
||||
and transition mode defined by WFA)
|
||||
* added support for DPP (Wi-Fi Device Provisioning Protocol)
|
||||
* FT:
|
||||
- added local generation of PMK-R0/PMK-R1 for FT-PSK
|
||||
(ft_psk_generate_local=1)
|
||||
- replaced inter-AP protocol with a cleaner design that is more
|
||||
easily extensible; this breaks backward compatibility and requires
|
||||
all APs in the ESS to be updated at the same time to maintain FT
|
||||
functionality
|
||||
- added support for wildcard R0KH/R1KH
|
||||
- replaced r0_key_lifetime (minutes) parameter with
|
||||
ft_r0_key_lifetime (seconds)
|
||||
- fixed wpa_psk_file use for FT-PSK
|
||||
- fixed FT-SAE PMKID matching
|
||||
- added expiration to PMK-R0 and PMK-R1 cache
|
||||
- added IEEE VLAN support (including tagged VLANs)
|
||||
- added support for SHA384 based AKM
|
||||
* SAE
|
||||
- fixed some PMKSA caching cases with SAE
|
||||
- added support for configuring SAE password separately of the
|
||||
WPA2 PSK/passphrase
|
||||
- added option to require MFP for SAE associations
|
||||
(sae_require_pmf=1)
|
||||
- fixed PTK and EAPOL-Key integrity and key-wrap algorithm selection
|
||||
for SAE;
|
||||
note: this is not backwards compatible, i.e., both the AP and
|
||||
station side implementations will need to be update at the same
|
||||
time to maintain interoperability
|
||||
- added support for Password Identifier
|
||||
* hostapd_cli: added support for command history and completion
|
||||
* added support for requesting beacon report
|
||||
* large number of other fixes, cleanup, and extensions
|
||||
* added option to configure EAPOL-Key retry limits
|
||||
(wpa_group_update_count and wpa_pairwise_update_count)
|
||||
* removed all PeerKey functionality
|
||||
* fixed nl80211 AP mode configuration regression with Linux 4.15 and
|
||||
newer
|
||||
* added support for using wolfSSL cryptographic library
|
||||
* fixed some 20/40 MHz coexistence cases where the BSS could drop to
|
||||
20 MHz even when 40 MHz would be allowed
|
||||
* Hotspot 2.0
|
||||
- added support for setting Venue URL ANQP-element (venue_url)
|
||||
- added support for advertising Hotspot 2.0 operator icons
|
||||
- added support for Roaming Consortium Selection element
|
||||
- added support for Terms and Conditions
|
||||
- added support for OSEN connection in a shared RSN BSS
|
||||
* added support for using OpenSSL 1.1.1
|
||||
* added EAP-pwd server support for salted passwords
|
||||
|
||||
2016-10-02 - v2.6
|
||||
* fixed EAP-pwd last fragment validation
|
||||
[http://w1.fi/security/2015-7/] (CVE-2015-5314)
|
||||
|
|
|
@ -2,7 +2,7 @@ hostapd - user space IEEE 802.11 AP and IEEE 802.1X/WPA/WPA2/EAP
|
|||
Authenticator and RADIUS authentication server
|
||||
================================================================
|
||||
|
||||
Copyright (c) 2002-2017, Jouni Malinen <j@w1.fi> and contributors
|
||||
Copyright (c) 2002-2018, Jouni Malinen <j@w1.fi> and contributors
|
||||
All Rights Reserved.
|
||||
|
||||
This program is licensed under the BSD license (the one with
|
||||
|
|
|
@ -1,6 +1,6 @@
|
|||
/*
|
||||
* hostapd - command line interface for hostapd daemon
|
||||
* Copyright (c) 2004-2017, Jouni Malinen <j@w1.fi>
|
||||
* Copyright (c) 2004-2018, Jouni Malinen <j@w1.fi>
|
||||
*
|
||||
* This software may be distributed under the terms of the BSD license.
|
||||
* See README for more details.
|
||||
|
@ -21,7 +21,7 @@
|
|||
|
||||
static const char *const hostapd_cli_version =
|
||||
"hostapd_cli v" VERSION_STR "\n"
|
||||
"Copyright (c) 2004-2017, Jouni Malinen <j@w1.fi> and contributors";
|
||||
"Copyright (c) 2004-2018, Jouni Malinen <j@w1.fi> and contributors";
|
||||
|
||||
static struct wpa_ctrl *ctrl_conn;
|
||||
static int hostapd_cli_quit = 0;
|
||||
|
|
|
@ -1,6 +1,6 @@
|
|||
/*
|
||||
* hostapd / main()
|
||||
* Copyright (c) 2002-2017, Jouni Malinen <j@w1.fi>
|
||||
* Copyright (c) 2002-2018, Jouni Malinen <j@w1.fi>
|
||||
*
|
||||
* This software may be distributed under the terms of the BSD license.
|
||||
* See README for more details.
|
||||
|
@ -456,7 +456,7 @@ static void show_version(void)
|
|||
"hostapd v" VERSION_STR "\n"
|
||||
"User space daemon for IEEE 802.11 AP management,\n"
|
||||
"IEEE 802.1X/WPA/WPA2/EAP/RADIUS Authenticator\n"
|
||||
"Copyright (c) 2002-2017, Jouni Malinen <j@w1.fi> "
|
||||
"Copyright (c) 2002-2018, Jouni Malinen <j@w1.fi> "
|
||||
"and contributors\n");
|
||||
}
|
||||
|
||||
|
|
|
@ -9,6 +9,6 @@
|
|||
#define GIT_VERSION_STR_POSTFIX ""
|
||||
#endif /* GIT_VERSION_STR_POSTFIX */
|
||||
|
||||
#define VERSION_STR "2.7-devel" VERSION_STR_POSTFIX GIT_VERSION_STR_POSTFIX
|
||||
#define VERSION_STR "2.7" VERSION_STR_POSTFIX GIT_VERSION_STR_POSTFIX
|
||||
|
||||
#endif /* VERSION_H */
|
||||
|
|
|
@ -1,5 +1,75 @@
|
|||
ChangeLog for wpa_supplicant
|
||||
|
||||
2018-12-02 - v2.7
|
||||
* fixed WPA packet number reuse with replayed messages and key
|
||||
reinstallation
|
||||
[https://w1.fi/security/2017-1/] (CVE-2017-13077, CVE-2017-13078,
|
||||
CVE-2017-13079, CVE-2017-13080, CVE-2017-13081, CVE-2017-13082,
|
||||
CVE-2017-13086, CVE-2017-13087, CVE-2017-13088)
|
||||
* fixed unauthenticated EAPOL-Key decryption in wpa_supplicant
|
||||
[https://w1.fi/security/2018-1/] (CVE-2018-14526)
|
||||
* added support for FILS (IEEE 802.11ai) shared key authentication
|
||||
* added support for OWE (Opportunistic Wireless Encryption, RFC 8110;
|
||||
and transition mode defined by WFA)
|
||||
* added support for DPP (Wi-Fi Device Provisioning Protocol)
|
||||
* added support for RSA 3k key case with Suite B 192-bit level
|
||||
* fixed Suite B PMKSA caching not to update PMKID during each 4-way
|
||||
handshake
|
||||
* fixed EAP-pwd pre-processing with PasswordHashHash
|
||||
* added EAP-pwd client support for salted passwords
|
||||
* fixed a regression in TDLS prohibited bit validation
|
||||
* started to use estimated throughput to avoid undesired signal
|
||||
strength based roaming decision
|
||||
* MACsec/MKA:
|
||||
- new macsec_linux driver interface support for the Linux
|
||||
kernel macsec module
|
||||
- number of fixes and extensions
|
||||
* added support for external persistent storage of PMKSA cache
|
||||
(PMKSA_GET/PMKSA_ADD control interface commands; and
|
||||
MESH_PMKSA_GET/MESH_PMKSA_SET for the mesh case)
|
||||
* fixed mesh channel configuration pri/sec switch case
|
||||
* added support for beacon report
|
||||
* large number of other fixes, cleanup, and extensions
|
||||
* added support for randomizing local address for GAS queries
|
||||
(gas_rand_mac_addr parameter)
|
||||
* fixed EAP-SIM/AKA/AKA' ext auth cases within TLS tunnel
|
||||
* added option for using random WPS UUID (auto_uuid=1)
|
||||
* added SHA256-hash support for OCSP certificate matching
|
||||
* fixed EAP-AKA' to add AT_KDF into Synchronization-Failure
|
||||
* fixed a regression in RSN pre-authentication candidate selection
|
||||
* added option to configure allowed group management cipher suites
|
||||
(group_mgmt network profile parameter)
|
||||
* removed all PeerKey functionality
|
||||
* fixed nl80211 AP and mesh mode configuration regression with
|
||||
Linux 4.15 and newer
|
||||
* added ap_isolate configuration option for AP mode
|
||||
* added support for nl80211 to offload 4-way handshake into the driver
|
||||
* added support for using wolfSSL cryptographic library
|
||||
* SAE
|
||||
- added support for configuring SAE password separately of the
|
||||
WPA2 PSK/passphrase
|
||||
- fixed PTK and EAPOL-Key integrity and key-wrap algorithm selection
|
||||
for SAE;
|
||||
note: this is not backwards compatible, i.e., both the AP and
|
||||
station side implementations will need to be update at the same
|
||||
time to maintain interoperability
|
||||
- added support for Password Identifier
|
||||
- fixed FT-SAE PMKID matching
|
||||
* Hotspot 2.0
|
||||
- added support for fetching of Operator Icon Metadata ANQP-element
|
||||
- added support for Roaming Consortium Selection element
|
||||
- added support for Terms and Conditions
|
||||
- added support for OSEN connection in a shared RSN BSS
|
||||
- added support for fetching Venue URL information
|
||||
* added support for using OpenSSL 1.1.1
|
||||
* FT
|
||||
- disabled PMKSA caching with FT since it is not fully functional
|
||||
- added support for SHA384 based AKM
|
||||
- added support for BIP ciphers BIP-CMAC-256, BIP-GMAC-128,
|
||||
BIP-GMAC-256 in addition to previously supported BIP-CMAC-128
|
||||
- fixed additional IE inclusion in Reassociation Request frame when
|
||||
using FT protocol
|
||||
|
||||
2016-10-02 - v2.6
|
||||
* fixed WNM Sleep Mode processing when PMF is not enabled
|
||||
[http://w1.fi/security/2015-6/] (CVE-2015-5310)
|
||||
|
|
|
@ -1,7 +1,7 @@
|
|||
WPA Supplicant
|
||||
==============
|
||||
|
||||
Copyright (c) 2003-2017, Jouni Malinen <j@w1.fi> and contributors
|
||||
Copyright (c) 2003-2018, Jouni Malinen <j@w1.fi> and contributors
|
||||
All Rights Reserved.
|
||||
|
||||
This program is licensed under the BSD license (the one with
|
||||
|
|
|
@ -194,7 +194,7 @@ eapol_test -ctest.conf -a127.0.0.1 -p1812 -ssecret -r1
|
|||
</refsect1>
|
||||
<refsect1>
|
||||
<title>Legal</title>
|
||||
<para>wpa_supplicant is copyright (c) 2003-2017,
|
||||
<para>wpa_supplicant is copyright (c) 2003-2018,
|
||||
Jouni Malinen <email>j@w1.fi</email> and
|
||||
contributors.
|
||||
All Rights Reserved.</para>
|
||||
|
|
|
@ -90,7 +90,7 @@
|
|||
|
||||
<refsect1>
|
||||
<title>Legal</title>
|
||||
<para>wpa_supplicant is copyright (c) 2003-2017,
|
||||
<para>wpa_supplicant is copyright (c) 2003-2018,
|
||||
Jouni Malinen <email>j@w1.fi</email> and
|
||||
contributors.
|
||||
All Rights Reserved.</para>
|
||||
|
|
|
@ -345,7 +345,7 @@ CTRL-REQ-OTP-2:Challenge 1235663 needed for SSID foobar
|
|||
</refsect1>
|
||||
<refsect1>
|
||||
<title>Legal</title>
|
||||
<para>wpa_supplicant is copyright (c) 2003-2017,
|
||||
<para>wpa_supplicant is copyright (c) 2003-2018,
|
||||
Jouni Malinen <email>j@w1.fi</email> and
|
||||
contributors.
|
||||
All Rights Reserved.</para>
|
||||
|
|
|
@ -91,7 +91,7 @@
|
|||
</refsect1>
|
||||
<refsect1>
|
||||
<title>Legal</title>
|
||||
<para>wpa_supplicant is copyright (c) 2003-2017,
|
||||
<para>wpa_supplicant is copyright (c) 2003-2018,
|
||||
Jouni Malinen <email>j@w1.fi</email> and
|
||||
contributors.
|
||||
All Rights Reserved.</para>
|
||||
|
|
|
@ -62,7 +62,7 @@
|
|||
</refsect1>
|
||||
<refsect1>
|
||||
<title>Legal</title>
|
||||
<para>wpa_supplicant is copyright (c) 2003-2017,
|
||||
<para>wpa_supplicant is copyright (c) 2003-2018,
|
||||
Jouni Malinen <email>j@w1.fi</email> and
|
||||
contributors.
|
||||
All Rights Reserved.</para>
|
||||
|
|
|
@ -137,7 +137,7 @@ wpa_supplicant -i ath0 -c wpa_supplicant.conf
|
|||
</refsect1>
|
||||
<refsect1>
|
||||
<title>Legal</title>
|
||||
<para>wpa_supplicant is copyright (c) 2003-2017,
|
||||
<para>wpa_supplicant is copyright (c) 2003-2018,
|
||||
Jouni Malinen <email>j@w1.fi</email> and
|
||||
contributors.
|
||||
All Rights Reserved.</para>
|
||||
|
|
|
@ -729,7 +729,7 @@ fi
|
|||
</refsect1>
|
||||
<refsect1>
|
||||
<title>Legal</title>
|
||||
<para>wpa_supplicant is copyright (c) 2003-2017,
|
||||
<para>wpa_supplicant is copyright (c) 2003-2018,
|
||||
Jouni Malinen <email>j@w1.fi</email> and
|
||||
contributors.
|
||||
All Rights Reserved.</para>
|
||||
|
|
|
@ -1,6 +1,6 @@
|
|||
/*
|
||||
* WPA Supplicant - command line interface for wpa_supplicant daemon
|
||||
* Copyright (c) 2004-2017, Jouni Malinen <j@w1.fi>
|
||||
* Copyright (c) 2004-2018, Jouni Malinen <j@w1.fi>
|
||||
*
|
||||
* This software may be distributed under the terms of the BSD license.
|
||||
* See README for more details.
|
||||
|
@ -29,7 +29,7 @@
|
|||
|
||||
static const char *const wpa_cli_version =
|
||||
"wpa_cli v" VERSION_STR "\n"
|
||||
"Copyright (c) 2004-2017, Jouni Malinen <j@w1.fi> and contributors";
|
||||
"Copyright (c) 2004-2018, Jouni Malinen <j@w1.fi> and contributors";
|
||||
|
||||
#define VENDOR_ELEM_FRAME_ID \
|
||||
" 0: Probe Req (P2P), 1: Probe Resp (P2P) , 2: Probe Resp (GO), " \
|
||||
|
|
|
@ -68,7 +68,7 @@
|
|||
|
||||
const char *const wpa_supplicant_version =
|
||||
"wpa_supplicant v" VERSION_STR "\n"
|
||||
"Copyright (c) 2003-2017, Jouni Malinen <j@w1.fi> and contributors";
|
||||
"Copyright (c) 2003-2018, Jouni Malinen <j@w1.fi> and contributors";
|
||||
|
||||
const char *const wpa_supplicant_license =
|
||||
"This software may be distributed under the terms of the BSD license.\n"
|
||||
|
|
Loading…
Reference in a new issue