hostap/src
Jouni Malinen 7f7bfba919 Add an option allow canned EAP-Success for wired IEEE 802.1X
For wired IEEE 802.1X authentication, phase1="allow_canned_success=1"
can now be used to configure a mode that allows EAP-Success (and
EAP-Failure) without going through authentication step. Some switches
use such sequence when forcing the port to be authorized/unauthorized or
as a fallback option if the authentication server is unreachable. By
default, wpa_supplicant discards such frames to protect against
potential attacks by rogue devices, but this option can be used to
disable that protection for cases where the server/authenticator does
not need to be authenticated.

When enabled, this mode allows EAP-Success/EAP-Failure as an immediate
response to EAPOL-Start (or even without EAPOL-Start) and EAP-Success is
also allowed immediately after EAP-Identity exchange (fallback case for
authenticator not being able to connect to authentication server).

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-02-01 19:22:54 +02:00
..
ap hostapd: Simplify vlan_add_dynamic error paths 2015-02-01 11:06:24 +02:00
common Add Suite B 192-bit AKM 2015-01-27 01:43:52 +02:00
crypto OpenSSL: Implement aes_wrap() and aes_unwrap() 2015-01-28 13:09:31 +02:00
drivers nl80211: Fix build with libnl 1.1 2015-01-27 01:50:02 +02:00
eap_common ERP: Add TV/TLV parser 2014-12-04 12:08:59 +02:00
eap_peer Add an option allow canned EAP-Success for wired IEEE 802.1X 2015-02-01 19:22:54 +02:00
eap_server EAP-PEAP server: Fix Phase 2 TLV length in error case 2015-01-28 16:15:58 +02:00
eapol_auth Check os_snprintf() result more consistently - automatic 1 2014-12-08 11:42:07 +02:00
eapol_supp Simplify eapol_sm_notify_pmkid_attempt() 2015-01-28 13:09:31 +02:00
l2_packet Work around Linux packet socket regression 2015-01-31 17:21:58 +02:00
p2p P2P: Fix NULL pointer dereference with SD query cancellation 2015-01-22 15:49:37 +02:00
pae MACsec: Update protect frames and replay on reauthentication 2014-12-09 16:56:10 +02:00
radius hostapd: Debug messages for dodgy RADIUS servers 2015-01-23 01:48:27 +02:00
rsn_supp Fix resource leaks on rsn_preauth_init() error paths 2015-01-31 13:44:48 +02:00
tls TLS: Add new cipher suites to tls_get_cipher() 2014-12-09 16:57:05 +02:00
utils Define host_to_le32() for Windows builds 2015-01-11 00:58:10 +02:00
wps WPS: Re-fix an interoperability issue with mixed mode and AP Settings 2015-01-19 18:35:59 +02:00
lib.rules Add QUIET=1 option for make 2014-12-29 15:49:05 +02:00
Makefile MACsec: Add PAE implementation 2014-05-09 20:42:44 +03:00