Skip to content
This repository

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
Fetching contributors…

Cannot retrieve contributors at this time

file 124 lines (122 sloc) 7.005 kb
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124
To do:
- hostap: try other roaming modes
  NOTE: current mode (manual roaming) does not really roam at all..
  Firmware did not notice the current AP disappearing..
- add support for WPA with ap_scan=0 (update selected cipher etc. based on
  AssocInfo; make sure these match with configuration)
- optional security separation (build time option): run EAPOL state machines
  as non-root (need to add something like socketpair between privileged root
  process and non-root handler; send EAPOL packets between processes
  and send keying data from non-root -> privileged)
  EAPOL-Key processing (WPA & WEP keys) could be in privileged part
  at least in the beginning; some parts might end up being moved to
  non-root part eventually
- consider closing smart card / PCSC connection when EAP-SIM/EAP-AKA
  authentication has been completed (cache scard data based on serial#(?)
  and try to optimize next connection if the same card is present for next
  auth)
- EAP-AKA: AT_CHECKCODE
- EAP-SIM/AKA: AT_RESULT_IND
- on disconnect event, could try to associate with another AP if one is
  present in scan results; would need to update scan results periodically..
- if driver/hw is not WPA2 capable, must remove WPA_PROTO_RSN flag from
  ssid->proto fields to avoid detecting downgrade attacks when the driver
  is not reporting RSN IE, but msg 3/4 has one
- Cisco AP and non-zero keyidx for unicast -> map to broadcast
  (actually, this already works with driver_ndis; so maybe just change
  driver_*.c to do the mapping for drivers that cannot handle non-zero keyidx
  for unicast); worked also with Host AP driver and madwifi
- IEEE 802.1X and key update with driver_ndis?? wpa_supplicant did not seem
  to see unencrypted EAPOL-Key frames at all..
- EAP-PAX with PAX_SEC
- EAP (RFC 3748)
  * OTP Extended Responses (Sect. 5.5)
- test what happens if authenticator sends EAP-Success before real EAP
  authentication ("canned" Success); this should be ignored based on
  RFC 3748 Sect. 4.2
- test compilation with gcc -W options (more warnings?)
  (Done once; number of unused function arguments still present)
- add proper support for using dot11RSNAConfigSATimeout
- ctrl_iface: get/set/remove blob
- use doc/docbook/*.sgml and docbook2{txt,html,pdf} to replace README and
  web pages including the same information.. i.e., have this information only
  in one page; how to build a PDF file with all the SGML included?
- test wait-for-interface and daemonize combinations with number of driver
  interfaces
  * 'test' worked with WPA-PSK
- EAP-POTP/RSA SecurID profile (draft-nystrom-eap-potp-03.txt)
- document wpa_gui build and consider adding it to 'make install'
- test madwifi with pairwise=TKIP group=WEP104
- possibility to link in WPA Authenticator state machine to wpa_supplicant
  (new STAKey handshake, WPA2 IBSS)
- consider merging hostapd and wpa_supplicant PMKSA cache implementations
- add support for configuring password for MSCHAPv2 as NtPasswordHash in
  the same way as was added to hostapd (hash:<hex value>)
- test_driver: configure directory and create AP-<mac> and STA-<mac> files
  there to allow scanning multiple APs (e.g., for testing pre-auth and PMKSA
  caching testing) and to exchange STA-STA EAPOL frames
- consider adding generic buffer functionality that could be used in number
  of places
  * allocate buffer (with default max size), allow reserving head room to
    make it possible to add a header without having to reallocate buffer
  * reallocate buffer (add head and/or tail room)
  * ref count and free when count=0 ?
  * add data (to tail): re-alloc more tailroom if needed and copy new data
  * error flag so that caller can do multiple add()s and only in the end
    check whether something has failed; this should make error handling
    simpler
- consider redesigning pending EAP requests (identity/password/otp from
  ctrl_iface) by moving the retrying of the previous request into EAP
  state machine so that EAPOL state machine is not needed for this
- rfc4284.txt (network selection for eap)
- www pages about configuring wpa_supplicant:
  * global options (ap_scan, ctrl_interfaces) based on OS/driver
  * network block
  * key_mgmt selection
  * WPA parameters
  * EAP options (one page for each method)
  * "configuration wizard" (step 1: select OS, step 2: select driver, ...) to
    generate example configuration
- error path in rsn_preauth_init: should probably deinit l2_packet handlers
  if something fails; does something else need deinit?
- consider moving SIM card functionality (IMSI fetching) away from eap.c;
  this should likely happen before EAP is initialized for authentication;
  now IMSI is read only after receiving EAP-Identity/Request, but since it is
  really needed for all cases, reading IMSI and generating Identity string
  could very well be done before EAP has been started
- test all allowed EAP Phase 2 methods (i.e., anything else than PEAP, TTLS,
  FAST): SIM AKA PAX PSK LEAP; if these work, include in eap_testing.txt; if
  not, either fix or make eap_allowed_phase2_type reject
- try to work around race in receiving association event and first EAPOL
  message
- helper function to do memcmp(addr, "\x00\x00\x00\x00\x00\x00", ETH_ALEN)
- add wpa_secure_memzero() macro and secure implementation (volatile u8*) to
  clear memory; this would be used to clear temporary buffers containing
  private data (e.g., keys); the macro can be defined to NOP in order to save
  space (i.e., no code should depend on the macro doing something)
- make sure that TLS session cache is not shared between EAP types or if it
  is, that the cache entries are bound to only one EAP type; e.g., cache entry
  created with EAP-TLS must not be allowed to do fast re-auth with EAP-TTLS
- consider moving eap_tls_build_ack() call into eap_tls_process_helper()
  (it seems to be called always if helper returns 1)
  * could need to modify eap_{ttls,peap,fast}_decrypt to do same
- add support for fetching full user cert chain from Windows certificate
  stores even when there are intermediate CA certs that are not in the
  configured ca_cert store (e.g., ROOT) (they could be, e.g., in CA store)


0.6.x branch:
- clean up common.[ch]
- change TLS/crypto library interface to use a structure of function
  pointers and helper inline functions (like driver_ops) instead of
  requiring every TLS wrapper to implement all functions
- move from CVS to git (0.3.x, 0.4.x, 0.5.x releases will continue
  to be updated only on CVS)
- move files into subdirectories and combine wpa_supplicant and hostapd
  into a repository that matches in directory structure with the release
  tarballs
  (subdirs: eap_common, eap_peer, eap_server, driver, driver_ap, ...)
- make it clearer that EAP server/peer can be used as a separate library
  for other programs
- add support for encrypted configuration fields (e.g., password, psk,
  passphrase, pin)
- wpa_gui: add support for setting and showing priority, id_str, auth_alg
  (open/shared for static WEP)
Something went wrong with that request. Please try again.