On 14 January 2016 at 20:58, Alan DeKok <aland@xxxxxxxxxxxxxxxxxxx> wrote: > On Jan 14, 2016, at 12:49 PM, Peter Oh <poh@xxxxxxxxxxxxxx> wrote: >> >> >> On 01/14/2016 05:19 AM, Janusz Dziedzic wrote: >>> Add UDP support for ctrl interface. >> can you add more details such as why we need it? > > Even if it's needed, there's essentially no security on the UDP packets. I don't see a static and *clear-text* cookie as offering any security. > This is only for tests purpose and should not be enabled in production code. Main idea is to use wpaspy (patch 6/6) and run tests using machines from local network. Currently there are a hwsim tests, which are used for wpa_supplicant/hostapd testing. In the future I think about testing whole stack also - wpa_supplicant/hostapd + driver + hw. And for that using UDP version of wpaspy + wpa_supplicant/hostapd with CTRL UDP iface. BR Janusz > The protocol should at the minimum include randomness, so that packets can't be replayed. And the entire contents should be authenticated, ideally with an HMAC construct. > > Or, just use TCP and TLS for the control interface. That would be infinitely preferable to UDP. > > Alan DeKok. > > > _______________________________________________ > Hostap mailing list > Hostap@xxxxxxxxxxxxxxxxxxx > http://lists.infradead.org/mailman/listinfo/hostap _______________________________________________ Hostap mailing list Hostap@xxxxxxxxxxxxxxxxxxx http://lists.infradead.org/mailman/listinfo/hostap