Hello Chatty, I would like to have a check if it's possible to enable FILS feature on Raspberry Pi 3b+ platform and create a wireless network with FILS feature, if so I can verify the authentication and HLP features. I have two Raspberry Pi 3b+, and I pulled down the latest master branch of hostap git repo, copied the "defconfig" to ".config" file in the hostapd and wpa_supplicant directory. Comment out below configuration: # Fast Initial Link Setup (FILS) (IEEE 802.11ai) CONFIG_FILS=y # FILS shared key authentication with PFS CONFIG_FILS_SK_PFS=y and I can compile the hostapd and wpa_supplicant execute file successfully. Then I have a simple “ hostapd.conf" to configure the Raspberry Pi 3b+ as Wi-Fi AP. interface=wlan0 driver=nl80211 hw_mode=g channel=11 ssid=hostapd wmm_enabled=0 wpa=2 wpa_key_mgmt=FILS-SHA256 wpa_passphrase=12345678 rsn_pairwise=CCMP Then I ran the hostapd with below command: # sudo hostapd -P /run/hostapd.pid /etc/hostapd/hostapd.conf -B -dd if my understanding is correct from reading the IEEE80211ai standard, AP which can support FILS capability would broadcast Beacon frame with FILS Indication element (element ID: 240) and also set FILS Capability bit (bit 72) in the Extended Capabilities element. I can observe the FILS indication element bytes from the output log of hostapd, like below: nl80211: Beacon head - hexdump(len=57): 80 00 00 00 ff ff ff ff ff ff b8 27 eb 70 e9 b0 b8 27 eb 70 e9 b0 00 00 00 00 00 00 00 00 00 00 64 00 31 04 00 06 50 69 34 2d 41 50 01 08 82 84 8b 96 0c 12 18 24 03 01 0b nl80211: Beacon tail - hexdump(len=39): 2a 01 00 32 04 30 48 60 6c 30 14 01 00 00 0f ac 04 01 00 00 0f ac 04 01 00 00 0f ac 02 00 00 f0 06 80 02 12 34 d4 c9 the last 8 bytes: f0 06 80 02 12 34 d4 c9, I believe that's FILS indication elements. However, when I use wireshark to capture the packet over the air, I didn't notice these kind of information appeared in the Beacon frame sent from AP (Raspberry Pi 3b+). Not sure if the nl80211 driver on Raspberry Pi does't support FILS feature yet or something else. BTW, I also noticed that in the python unittest on FILS feature, when scanning the APs, the test code can always get the flags [WPA_FILS_SHA256_CCMP][ESS]. However, when I used the compiled wpa_supplicant to scan the APs nearby, from the scan_result, I get the flags: [WEP][ESS] for the hostapd who enables FILS with above hostapd.conf. Please correct me if I miss something and any feedback is pretty welcomed. That would be great if I can get some example config on “hostapd.conf" that enables FILS feature. Thanks! _______________________________________________ Hostap mailing list Hostap@xxxxxxxxxxxxxxxxxxx http://lists.infradead.org/mailman/listinfo/hostap
