diff options
author | sam <sam@FreeBSD.org> | 2006-03-07 05:26:33 +0000 |
---|---|---|
committer | sam <sam@FreeBSD.org> | 2006-03-07 05:26:33 +0000 |
commit | 840099f34d8de1ca769f02fae379c4d8e5d6688a (patch) | |
tree | 0c0ff34569d807e7bceb062a6210ce68490a8764 /contrib/wpa_supplicant/todo.txt | |
parent | 34dbcde8dfa5b3d152d250b6d69965e001238e49 (diff) | |
download | FreeBSD-src-840099f34d8de1ca769f02fae379c4d8e5d6688a.zip FreeBSD-src-840099f34d8de1ca769f02fae379c4d8e5d6688a.tar.gz |
Import of WPA supplicant 0.4.8
Diffstat (limited to 'contrib/wpa_supplicant/todo.txt')
-rw-r--r-- | contrib/wpa_supplicant/todo.txt | 43 |
1 files changed, 22 insertions, 21 deletions
diff --git a/contrib/wpa_supplicant/todo.txt b/contrib/wpa_supplicant/todo.txt index 52f3349..5ecda1d 100644 --- a/contrib/wpa_supplicant/todo.txt +++ b/contrib/wpa_supplicant/todo.txt @@ -1,21 +1,9 @@ To do: -- add WPA support to Linux Wireless Extensions -- add support for other drivers -- implement GUI for WPA Supplicant/Xsupplicant/iwconfig/iwlist - (easy to use configuration and network stats, etc.) -- add support for opportunistic PMKSA caching - hostap: try other roaming modes NOTE: current mode (manual roaming) does not really roam at all.. Firmware did not notice the current AP disappearing.. -- EAP-MSCHAPv2: add support for password changing - add support for WPA with ap_scan=0 (update selected cipher etc. based on AssocInfo; make sure these match with configuration) -- add driver interface for using wpa_supplicant with wired interface - (or a separate program using EAPOL library) -- wpa_supplicant.conf g+rw so that frontend can change wpa_supplicant.conf - and RECONFIG wpa_supplicant (?) - (or wpa_supplicant changes .conf and ctrl interface gets support for - changing config?) - optional security separation (build time option): run EAPOL state machines as non-root (need to add something like socketpair between privileged root process and non-root handler; send EAPOL packets between processes @@ -29,9 +17,6 @@ To do: auth) - EAP-AKA: AT_CHECKCODE - EAP-SIM/AKA: AT_RESULT_IND -- abort auth if EAP method initialization fails and there no other - accepted methods (i.e., do not send NAK for the same method that just - failed) - on disconnect event, could try to associate with another AP if one is present in scan results; would need to update scan results periodically.. - add flag scan_requested and only try to re-associate if this is set when @@ -40,15 +25,31 @@ To do: - if driver/hw is not WPA2 capable, must remove WPA_PROTO_RSN flag from ssid->proto fields to avoid detecting downgrade attacks when the driver is not reporting RSN IE, but msg 3/4 has one -- read CA certs from PFX file - EAP-SIM/AKA: if SIM reader initialization fails, do not start authentication - Cisco AP and non-zero keyidx for unicast -> map to broadcast (actually, this already works with driver_ndis; so maybe just change driver_*.c to do the mapping for drivers that cannot handle non-zero keyidx - for unicast) + for unicast); worked also with Host AP driver and madwifi - IEEE 802.1X and key update with driver_ndis?? wpa_supplicant did not seem to see unencrypted EAPOL-Key frames at all.. -- update developer.txt to match with current implementation - (driver API updates, EAP methods) -- driver_wext.c and driver that does not support WPA -> fix plaintext, WEP, and - IEEE 802.1X operation (e.g., use capabilities to report no support for WPA) +- -Dwired: if ssid is set in network block, authentication gets "stuck" since + driver_wired.c only reports empty SSID and association is not assumed to be + ok +- EAP-PAX with PAX_SEC +- EAP: extended nak, vendor method; go through rfc + RFC 3748 + * Expanded Type (Sect. 5.7) + * Experimental Type + * Expanded Nak (Sect. 5.3.2) + * OTP Extended Responses (Sect. 5.5) +- test what happens if authenticator sends EAP-Success before real EAP + authentication ("canned" Success); this should be ignored based on + RFC 3748 Sect. 4.2 +- test compilation with gcc -W options (more warnings?) +- add proper support for using dot11RSNAConfigSATimeout +- ctrl_iface: get/set/remove blob +- use doc/docbook/*.sgml and docbook2{txt,html,pdf} to replace README and + web pages including the same information.. i.e., have this information only + in one page; how to build a PDF file with all the SGML included? +- test wait-for-interface and daemonize combinations with number of driver + interfaces |