Accepting request 433085 from home:intrbiz:branches:Base:System

Update Hostapd to 2.6

OBS-URL: https://build.opensuse.org/request/show/433085
OBS-URL: https://build.opensuse.org/package/show/Base:System/hostapd?expand=0&rev=38

hostapd.changes

@@ -1,3 +1,79 @@
+-------------------------------------------------------------------
+Mon Oct 02 14:39:02 GMT 2016 - chris@intrbiz.com
+
+- update to upstream release 2.6
+  * fixed EAP-pwd last fragment validation
+    [http://w1.fi/security/2015-7/] (CVE-2015-5314)
+  * fixed WPS configuration update vulnerability with malformed passphrase
+    [http://w1.fi/security/2016-1/] (CVE-2016-4476)
+  * extended channel switch support for VHT bandwidth changes
+  * added support for configuring new ANQP-elements with
+    anqp_elem=<InfoID>:<hexdump of payload>
+  * fixed Suite B 192-bit AKM to use proper PMK length
+    (note: this makes old releases incompatible with the fixed behavior)
+  * added no_probe_resp_if_max_sta=1 parameter to disable Probe Response
+    frame sending for not-associated STAs if max_num_sta limit has been
+    reached
+  * added option (-S as command line argument) to request all interfaces
+    to be started at the same time
+  * modified rts_threshold and fragm_threshold configuration parameters
+    to allow -1 to be used to disable RTS/fragmentation
+  * EAP-pwd: added support for Brainpool Elliptic Curves
+    (with OpenSSL 1.0.2 and newer)
+  * fixed EAPOL reauthentication after FT protocol run
+  * fixed FTIE generation for 4-way handshake after FT protocol run
+  * fixed and improved various FST operations
+  * TLS server
+    - support SHA384 and SHA512 hashes
+    - support TLS v1.2 signature algorithm with SHA384 and SHA512
+    - support PKCS #5 v2.0 PBES2
+    - support PKCS #5 with PKCS #12 style key decryption
+    - minimal support for PKCS #12
+    - support OCSP stapling (including ocsp_multi)
+  * added support for OpenSSL 1.1 API changes
+    - drop support for OpenSSL 0.9.8
+    - drop support for OpenSSL 1.0.0
+  * EAP-PEAP: support fast-connect crypto binding
+  * RADIUS
+    - fix Called-Station-Id to not escape SSID
+    - add Event-Timestamp to all Accounting-Request packets
+    - add Acct-Session-Id to Accounting-On/Off
+    - add Acct-Multi-Session-Id  ton Access-Request packets
+    - add Service-Type (= Frames)
+    - allow server to provide PSK instead of passphrase for WPA-PSK
+      Tunnel_password case
+    - update full message for interim accounting updates
+    - add Acct-Delay-Time into Accounting messages
+    - add require_message_authenticator configuration option to require
+      CoA/Disconnect-Request packets to be authenticated
+  * started to postpone WNM-Notification frame sending by 100 ms so that
+    the STA has some more time to configure the key before this frame is
+    received after the 4-way handshake
+  * VHT: added interoperability workaround for 80+80 and 160 MHz channels
+  * extended VLAN support (per-STA vif, etc.)
+  * fixed PMKID derivation with SAE
+  * nl80211
+    - added support for full station state operations
+    - fix IEEE 802.1X/WEP EAP reauthentication and rekeying to use
+      unencrypted EAPOL frames
+  * added initial MBO support; number of extensions to WNM BSS Transition
+    Management
+  * added initial functionality for location related operations
+  * added assocresp_elements parameter to allow vendor specific elements
+    to be added into (Re)Association Response frames
+  * improved Public Action frame addressing
+    - use Address 3 = wildcard BSSID in GAS response if a query from an
+      unassociated STA used that address
+    - fix TX status processing for Address 3 = wildcard BSSID
+    - add gas_address3 configuration parameter to control Address 3
+      behavior
+  * added command line parameter -i to override interface parameter in
+    hostapd.conf
+  * added command completion support to hostapd_cli
+  * added passive client taxonomy determination (CONFIG_TAXONOMY=y
+    compile option and "SIGNATURE <addr>" control interface command)
+  * number of small fixes
+
 -------------------------------------------------------------------
 Sun Oct 18 12:59:02 UTC 2015 - michael@stroeder.com