From: Michael Braun <michael-dev@xxxxxxxxxxxxx> Hi, this series is about hostapd roaming. I was trying to achieve with hostapd: - FT over-air and over-ds with fully dynamic VLANs enabled including RADIUS accounting and session_timeout - 802.11i pre-authentication with fully dynamic VLANs - FT-PSK without inter-AP communication - Handle a dynamic set of APs: all APs are interconnected using some VPN and there is some churn regaring the APs installed/connected - Multiple BSS per hostapd instance When finally having this ready, I tested it locally with debugging turned on. Then my clients ran into retries because hostapd replied to slow. So there are some patches that try to optimize on this. So this patch series adds to hostapd: FT: - VLAN support - accounting support - session timeout support - FT autodiscovery (broadcast) with caching 802.11i pre-authentication: - fully dynamic VLAN support These patches can also be found here: (in case they are too big for the mailing list) https://github.com/michael-dev/hostapd/tree/mail-20160222 Regards, M. Braun Michael Braun (44): test: tagged-vlan only change on reauthentication test: verify correct vlan operation after reconnect test: add tshark and python-netifaces to example dependency test: test pmksa auth with per_sta_vif FT: wpa_auth_ft rrb fix data length FT: add IEEE vlan support (including tagged vlans) test: FT-EAP with VLAN nl80211: fix CMD_FRAME used with VLANs vlan: factor out bridge and ifconfig code FT: RRB messages can be exchanged in a separate interface/VLAN test: FT ft_bridge dummy generation FT: add expiration to PMK-R0 and PMK-R1 cache test: FT-PSK with VLAN 802.11 Factor out authentication code for reuse with FT-over-DS FT-over-DS: use macaddr_acl FT: generate PMK_R0 and PMK_R1 for FT-PSK locally test: FT with locally generated PMK_R0/PMK_R1 from PSK test: FT RRB internal delivery to non-WPA BSS FT: check hapd->wpa_auth before RRB internal delivery FT: add support for wildcard R0KH / R1KH FT: cache newly detected R0KH / R1KH when using wildcard FT: resend pull request FT: negative caching when using wilcard r0kh test: FT with broadcasts Prepare 802.11i pre-authentication for full dynamic vlan. Enable 802.11i pre-authentication with full dynamic vlans test: pre-authentification with full dynamic vlans FT: preset r1_key_holder to bssid vlan: create new interface name on stack Move password hashing out of 802.11 authentication path psk list sharing RADIUS: enable PSK generation at RADIUS Server STA: avoid driver warning when configuring not connected STAs for WPA FT: do not change ANonce during re-sent auth request FT: check destination mac addr on RRB receive FT: include identity and radius_cui in pull/resp frames FT: add session_timeout to push/resp nl80211: cleanup ifidx properly start radius accounting after FT and PREauth FT: handle OVER_DS reassociate client retry FT: convert r0_key_lifetime to seconds FT: add r1_max_key_lifetime FT OVER_DS with fullstate station driver VLAN: avoid use of libnl cache hostapd/Makefile | 23 + hostapd/config_file.c | 21 + hostapd/defconfig | 3 + hostapd/hostapd.conf | 85 ++- src/ap/ap_config.c | 32 + src/ap/ap_config.h | 22 + src/ap/ap_drv_ops.c | 15 +- src/ap/ap_drv_ops.h | 3 + src/ap/bridge.c | 253 +++++++ src/ap/bridge.h | 19 + src/ap/dummy.c | 118 ++++ src/ap/dummy.h | 10 + src/ap/hostapd.c | 5 + src/ap/hostapd.h | 6 + src/ap/ieee802_11.c | 155 +++-- src/ap/ieee802_11.h | 4 + src/ap/ieee802_11_auth.c | 147 +++-- src/ap/ieee802_11_auth.h | 22 +- src/ap/ieee802_1x.c | 20 +- src/ap/ifconfig.c | 73 +++ src/ap/ifconfig.h | 5 + src/ap/l2_snoop.h | 72 ++ src/ap/l2_snoop_pcap.c | 134 ++++ src/ap/preauth_auth.c | 273 +++++++- src/ap/preauth_auth.h | 19 + src/ap/sta_info.c | 29 +- src/ap/sta_info.h | 6 +- src/ap/vlan_init.c | 341 ++-------- src/ap/vlan_util.c | 30 +- src/ap/wpa_auth.c | 6 +- src/ap/wpa_auth.h | 88 ++- src/ap/wpa_auth_ft.c | 1052 +++++++++++++++++++++++++++--- src/ap/wpa_auth_glue.c | 511 ++++++++++++++- src/ap/wpa_auth_i.h | 2 + src/common/defs.h | 5 + src/common/wpa_common.c | 3 + src/common/wpa_common.h | 3 + src/drivers/driver.h | 3 +- src/drivers/driver_atheros.c | 3 +- src/drivers/driver_hostap.c | 10 +- src/drivers/driver_nl80211.c | 153 +++-- src/drivers/driver_nl80211.h | 3 + tests/hwsim/auth_serv/eap_user.conf | 5 + tests/hwsim/auth_serv/eap_user_vlan.conf | 3 + tests/hwsim/example-hostapd.config | 1 + tests/hwsim/example-setup.txt | 5 +- tests/hwsim/hostapd.wlan3.vlan | 1 + tests/hwsim/hostapd.wlan4.vlan | 1 + tests/hwsim/test_ap_ft.py | 501 +++++++++++++- tests/hwsim/test_ap_vlan.py | 81 ++- tests/hwsim/test_pmksa_cache.py | 208 +++--- wpa_supplicant/driver_i.h | 2 +- 52 files changed, 3798 insertions(+), 797 deletions(-) create mode 100644 src/ap/bridge.c create mode 100644 src/ap/bridge.h create mode 100644 src/ap/dummy.c create mode 100644 src/ap/dummy.h create mode 100644 src/ap/ifconfig.c create mode 100644 src/ap/ifconfig.h create mode 100644 src/ap/l2_snoop.h create mode 100644 src/ap/l2_snoop_pcap.c -- 1.9.1 _______________________________________________ Hostap mailing list Hostap@xxxxxxxxxxxxxxxxxxx http://lists.infradead.org/mailman/listinfo/hostap