[ previous ] [ next ] [ threads ]
 From:  "John Voigt" <megeek at jvoigt dot com>
 To:  "Phill R Kenoyer" <phill at bmg50 dot com>, <barry at unix dot co dot nz>
 Cc:  "'M0n0Wall' list" <m0n0wall at lists dot m0n0 dot ch>
 Subject:  Re: [m0n0wall] Re: wi1 dies after +- 9 - 11 days
 Date:  Fri, 7 May 2004 10:02:40 -0400
----- Original Message ----- 
From: "Phill R Kenoyer" <phill at bmg50 dot com>
To: <barry at unix dot co dot nz>
Cc: "'M0n0Wall' list" <m0n0wall at lists dot m0n0 dot ch>
Sent: Friday, May 07, 2004 9:44 AM
Subject: [m0n0wall] Re: wi1 dies after +- 9 - 11 days

> On May 6, 2004, at 10:29 PM, barry at unix dot co dot nz wrote:
> >> The reason this is happening is that someone connected to the m0n0box
> >> via wireless has their power save mode setting on their wireless card
> >> turned on.  This freaks out the HostAP drivers.  I'm getting it all 
> >> the
> >> time because I run a WISP.  I hear that FreeBSD 5.x has a fix for 
> >> this.
> >>
> >
> > Why does this make a difference, is it a hostap issue? Must be someone 
> > within
> > range doing that, however I have power save turned off on my devices.
> HostAP has bugs.

There's a new HostAP out:

Begin forwarded message:

From: Jouni Malinen <jkmaline at cc dot hut dot fi>
Date: May 7, 2004 12:22:31 AM EDT
To: hostap at shmoo dot com
Subject: Prism2/2.5/3 Host AP - new release v0.2.1 - 2004-05-06

A new version of Prism2/2.5/3 Host AP was just released and is now
available from http://hostap.epitest.fi/

This release is from the development (0.2.x) branch. Please note that
the stable branch (0.1.x releases) still continues to be the source of
stable releases, although all new development is happening on the
development branch.

The main changes from the previous version are WPA Authenticator
support in hostapd, IEEE 802.11i RSN (WPA2) support in both hostapd
and wpa_supplicant, and internal IEEE 802.1X/EAPOL Supplicant
(EAP-TLS, EAP-PEAP/MSCHAPv2) in wpa_supplicant.


2004-05-06 - v0.2.1

* allow hostapd to send encrypted frames using wlan#ap interface
* fixed get_key for TKIP to return the sequence number of the last
transmitted frame, not the seq# of the next frame
* added driver support for hostapd WPA Authenticator
* fixed TKIP get sequence number
* clear IFF_RUNNING and generate linkwatch events based on association
status in Managed mode
* added alternative TKIP implementation which uses Michael MIC
implementation in CryptoAPI instead of Host AP specific
* fixed a bug in TKIP Phase1 key caching for the case when ICV
verification fails
* added support for RSN (IEEE 802.11i/WPA2)
* removed (or added rate limitation to) some of the printk debug
messages to reduce the size of the kernel log
* fixed byte order for CCMP packet number get/set


2004-05-06 - v0.2.1

* hostap_rid: fixed handling of failed RID reads


2004-05-06 - v0.2.1

* added WPA and IEEE 802.11i/RSN (WPA2) Authenticator functionality
- based on IEEE 802.11i/D10.0 but modified to interoperate with WPA
(i.e., IEEE 802.11i/D3.0)
- supports WPA-only, RSN-only, and mixed WPA/RSN mode
- both WPA-PSK and WPA-RADIUS/EAP are supported
- PMKSA caching and pre-authentication
- new hostapd.conf variables: wpa, wpa_psk, wpa_passphrase,
wpa_key_mgmt, wpa_pairwise, wpa_group_rekey, wpa_gmk_rekey,
rsn_preauth, rsn_preauth_interfaces
* fixed interim accounting to remove any pending accounting messages
to the STA before sending a new one


2004-05-06 - v0.2.1

* added support for internal IEEE 802.1X (actually, IEEE 802.1aa/D6.1)
- EAPOL state machines for Supplicant [IEEE 802.1aa/D6.1]
- EAP peer state machine [draft-ietf-eap-statemachine-02.pdf]
- EAP-MD5 (cannot be used with WPA-RADIUS)
- EAP-TLS [RFC 2716]
- EAP-MSCHAPv2 (currently used only with EAP-PEAP)
- EAP-PEAP/MSCHAPv2 [draft-josefsson-pppext-eap-tls-eap-07.txt]
(PEAP version 0, 1, and parts of 2; only 0 and 1 are enabled by
default; tested with FreeRADIUS, Microsoft IAS, and Funk Odyssey)
- new configuration file options: eap, identity, password, ca_cert,
client_cert, privatekey, private_key_passwd
- Xsupplicant is not required anymore, but it can be used by
disabling the internal IEEE 802.1X Supplicant with -e command line
- this code is not included in the default build; Makefile need to
be edited for this (uncomment lines for selected functionality)
- EAP-TLS and EAP-PEAP require openssl libraries
* use module prefix in debug messages (WPA, EAP, EAP-TLS, ..)
* added support for non-WPA IEEE 802.1X mode with dynamic WEP keys
(i.e., complete IEEE 802.1X/EAP authentication and use IEEE 802.1X
EAPOL-Key frames instead of WPA key handshakes)
* added support for IEEE 802.11i/RSN (WPA2)
- improved PTK Key Handshake
- PMKSA caching, pre-authentication
* fixed wpa_supplicant to ignore possible extra data after WPA
EAPOL-Key packets (this fixes 'Invalid EAPOL-Key MIC when using
TPTK' error from message 3 of 4-Way Handshake in case the AP
includes extra data after the EAPOL-Key)
* added interface for external programs (frontends) to control
- CLI example (wpa_cli) with interactive mode and command line
- replaced SIGUSR1 status/statistics with the new control interface
* made some feature compile time configurable
- .config file for make
- driver interfaces (hostap, hermes, ..)
- EAPOL/EAP functions

Jouni Malinen PGP id EFC895FA
HostAP mailing list
HostAP at shmoo dot com