path: root/src/eap_server/eap.c
Commit message (Collapse)AuthorAgeFilesLines
* Fix lastReqData freeing to use wpabuf_free()Jouni Malinen2010-01-091-1/+1
| | | | (cherry picked from commit f52ab9e6b0f7cb77d35c59f7f561bcf383795002)
* Fix EAPOL/EAP reauthentication with external RADIUS serverJouni Malinen2009-03-111-2/+11
| | | | | | | | | | | | | The EAP server state machine will need to have special code in getDecision() to avoid starting passthrough operations before having completed Identity round in the beginning of reauthentication. This was broken when moving into using the full authenticator state machine from RFC 4137 in 0.6.x. (cherry picked from commit 1fd4b0db7c1dc82e09234f33d798bd07a69ab0c7) Conflicts: hostapd/ChangeLog
* Fixed retransmission of EAP requests if no response is receivedJouni Malinen2008-12-291-4/+45
| | | | | | | | | | | | | | | | | It looks like this never survived the move from IEEE 802.1X-2001 to IEEE 802.1X-2004 and EAP state machine (RFC 4137). The retransmission scheduling and control is now in EAP authenticator and the calculateTimeout() producedure is used to determine timeout for retransmission (either dynamic backoff or value from EAP method hint). The recommended calculations based on SRTT and RTTVAR (RFC 2988) are not yet implemented since there is no round-trip time measurement available yet. This should make EAP authentication much more robust in environments where initial packets are lost for any reason. If the EAP method does not provide a hint on timeout, default schedule of 3, 6, 12, 20, 20, 20, ... seconds will be used.
* Add RADIUS server support for identity selection hint (RFC 4284)Jouni Malinen2008-12-261-0/+19
| | | | | | | | | | | Previously, only the delivery option 1 from RFC 4284 (EAP-Request/Identity from the AP) was supported. Now option 3 (subsequent EAP-Request/Identity from RADIUS server) can also be used when hostapd is used as a RADIUS server. The eap_user file will need to have a Phase 1 user entry pointing to Identity method in order for this to happen (e.g., "* Identity" in the end of the file). The identity hint is configured in the same was as for AP/Authenticator case (eap_message in hostapd.conf).
* WPS: Parse Request Type from WPS IE in (Re)AssocReq and derive mgmt keysJouni Malinen2008-11-291-0/+3
| | | | | | | WPS IE is now passed from hostapd association processing into EAP-WSC and WPS processing. Request Type attribute is parsed from this information and if the request is for a WLAN Manager Registrar, additional management keys are derived (to be used with UPnP).
* Added preliminary Wi-Fi Protected Setup (WPS) implementationJouni Malinen2008-11-231-0/+1
| | | | | | | | | | | | | This adds WPS support for both hostapd and wpa_supplicant. Both programs can be configured to act as WPS Enrollee and Registrar. Both PBC and PIN methods are supported. Currently, hostapd has more complete configuration option for WPS parameters and wpa_supplicant configuration style will likely change in the future. External Registrars are not yet supported in hostapd or wpa_supplicant. While wpa_supplicant has initial support for acting as an Registrar to configure an AP, this is still using number of hardcoded parameters which will need to be made configurable for proper operation.
* EAP-FAST: Allow A-ID and A-ID-Info to be configured separatelyJouni Malinen2008-10-191-2/+11
| | | | | | | Changed EAP-FAST configuration to use separate fields for A-ID and A-ID-Info (eap_fast_a_id_info) to allow A-ID to be set to a fixed 16-octet len binary value for better interoperability with some peer implementations; eap_fast_a_id is now configured as a hex string.
* EAP-FAST: Make PAC-Key lifetime values configurableJouni Malinen2008-10-081-0/+2
| | | | | The hardcoded values in eap_fast.c were replaced with values read from hostapd.conf.
* EAP-FAST: Added support for disabling anonymous/authenticated provisioningJouni Malinen2008-10-081-0/+1
| | | | | | | | | eap_fast_prov config parameter can now be used to enable/disable different EAP-FAST provisioning modes: 0 = provisioning disabled 1 = only anonymous provisioning allowed 2 = only authenticated provisioning allowed 3 = both provisioning modes allowed
* TNC: Provide 'tnc' configuration option for EAP server and methodsJouni Malinen2008-03-091-0/+1
* Re-initialize hostapd/wpa_supplicant git repository based on 0.6.3 releaseJouni Malinen2008-02-281-0/+1259