rpm/hostapd
SHA256
1
0
Fork 0
forked from pool/hostapd
Code Pull Requests Activity

* Wi-Fi Easy Connect

Browse Source 
- add support for DPP release 3
    - allow Configurator parameters to be provided during config
      exchange
  * HE/IEEE 802.11ax/Wi-Fi 6
    - various fixes
  * EHT/IEEE 802.11be/Wi-Fi 7
    - add preliminary support
  * SAE: add support for fetching the password from a RADIUS server
  * support OpenSSL 3.0 API changes
  * support background radar detection and CAC with some additional
    drivers
  * support RADIUS ACL/PSK check during 4-way handshake (wpa_psk_radius=3)
  * EAP-SIM/AKA: support IMSI privacy
  * improve 4-way handshake operations
    - use Secure=1 in message 3 during PTK rekeying
  * OCV: do not check Frequency Segment 1 Channel Number for 160 MHz cases
    to avoid interoperability issues
  * support new SAE AKM suites with variable length keys
  * support new AKM for 802.1X/EAP with SHA384
  * extend PASN support for secure ranging
  * FT: Use SHA256 to derive PMKID for AKM 00-0F-AC:3 (FT-EAP)
    - this is based on additional details being added in the IEEE 802.11
    standard
    - the new implementation is not backwards compatible
  * improved ACS to cover additional channel types/bandwidths
  * extended Multiple BSSID support
  * fix beacon protection with FT protocol (incorrect BIGTK was provided)
  * support unsynchronized service discovery (USD)
  * add preliminary support for RADIUS/TLS

OBS-URL: https://build.opensuse.org/package/show/Base:System/hostapd?expand=0&rev=70
This commit is contained in:
Dirk Mueller 2024-08-31 09:33:42 +00:00 committed by Git OBS Bridge
parent 788dd5615c
commit e97fd0f1ba
1 changed files with 50 additions and 49 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

71
hostapd.changes
View File

@ -2,41 +2,42 @@
Thu Aug 8 07:30:47 UTC 2024 - chris@computersalat.de Thu Aug 8 07:30:47 UTC 2024 - chris@computersalat.de
- 2024-07-20 - v2.11 - 2024-07-20 - v2.11
* Wi-Fi Easy Connect * Wi-Fi Easy Connect
- add support for DPP release 3 - add support for DPP release 3
- allow Configurator parameters to be provided during config exchange - allow Configurator parameters to be provided during config
* HE/IEEE 802.11ax/Wi-Fi 6 exchange
- various fixes * HE/IEEE 802.11ax/Wi-Fi 6
* EHT/IEEE 802.11be/Wi-Fi 7 - various fixes
- add preliminary support * EHT/IEEE 802.11be/Wi-Fi 7
* SAE: add support for fetching the password from a RADIUS server - add preliminary support
* support OpenSSL 3.0 API changes * SAE: add support for fetching the password from a RADIUS server
* support background radar detection and CAC with some additional * support OpenSSL 3.0 API changes
drivers * support background radar detection and CAC with some additional
* support RADIUS ACL/PSK check during 4-way handshake (wpa_psk_radius=3) drivers
* EAP-SIM/AKA: support IMSI privacy * support RADIUS ACL/PSK check during 4-way handshake (wpa_psk_radius=3)
* improve 4-way handshake operations * EAP-SIM/AKA: support IMSI privacy
- use Secure=1 in message 3 during PTK rekeying * improve 4-way handshake operations
* OCV: do not check Frequency Segment 1 Channel Number for 160 MHz cases - use Secure=1 in message 3 during PTK rekeying
to avoid interoperability issues * OCV: do not check Frequency Segment 1 Channel Number for 160 MHz cases
* support new SAE AKM suites with variable length keys to avoid interoperability issues
* support new AKM for 802.1X/EAP with SHA384 * support new SAE AKM suites with variable length keys
* extend PASN support for secure ranging * support new AKM for 802.1X/EAP with SHA384
* FT: Use SHA256 to derive PMKID for AKM 00-0F-AC:3 (FT-EAP) * extend PASN support for secure ranging
- this is based on additional details being added in the IEEE 802.11 * FT: Use SHA256 to derive PMKID for AKM 00-0F-AC:3 (FT-EAP)
standard - this is based on additional details being added in the IEEE 802.11
- the new implementation is not backwards compatible standard
* improved ACS to cover additional channel types/bandwidths - the new implementation is not backwards compatible
* extended Multiple BSSID support * improved ACS to cover additional channel types/bandwidths
* fix beacon protection with FT protocol (incorrect BIGTK was provided) * extended Multiple BSSID support
* support unsynchronized service discovery (USD) * fix beacon protection with FT protocol (incorrect BIGTK was provided)
* add preliminary support for RADIUS/TLS * support unsynchronized service discovery (USD)
* add support for explicit SSID protection in 4-way handshake * add preliminary support for RADIUS/TLS
(a mitigation for CVE-2023-52424; disabled by default for now, can be * add support for explicit SSID protection in 4-way handshake
enabled with ssid_protection=1) (a mitigation for CVE-2023-52424; disabled by default for now, can be
* fix SAE H2E rejected groups validation to avoid downgrade attacks enabled with ssid_protection=1)
* use stricter validation for some RADIUS messages * fix SAE H2E rejected groups validation to avoid downgrade attacks
* a large number of other fixes, cleanup, and extensions * use stricter validation for some RADIUS messages
* a large number of other fixes, cleanup, and extensions
------------------------------------------------------------------- -------------------------------------------------------------------
Fri Mar 11 21:35:37 UTC 2022 - Clemens Famulla-Conrad <cfamullaconrad@suse.com> Fri Mar 11 21:35:37 UTC 2022 - Clemens Famulla-Conrad <cfamullaconrad@suse.com>