mirror of
https://github.com/vanhoefm/fragattacks.git
synced 2024-11-25 00:38:24 -05:00
Remove completed to-do items
While this file has not really been updated in years, some of the completed items can easily be removed. Signed-off-by: Jouni Malinen <j@w1.fi>
This commit is contained in:
parent
01b32d5e36
commit
ee231fdb2b
@ -5,8 +5,6 @@ To do:
|
||||
authentication has been completed (cache scard data based on serial#(?)
|
||||
and try to optimize next connection if the same card is present for next
|
||||
auth)
|
||||
- on disconnect event, could try to associate with another AP if one is
|
||||
present in scan results; would need to update scan results periodically..
|
||||
- if driver/hw is not WPA2 capable, must remove WPA_PROTO_RSN flag from
|
||||
ssid->proto fields to avoid detecting downgrade attacks when the driver
|
||||
is not reporting RSN IE, but msg 3/4 has one
|
||||
@ -24,8 +22,7 @@ To do:
|
||||
RFC 3748 Sect. 4.2
|
||||
- test compilation with gcc -W options (more warnings?)
|
||||
(Done once; number of unused function arguments still present)
|
||||
- add proper support for using dot11RSNAConfigSATimeout
|
||||
- ctrl_iface: get/set/remove blob
|
||||
- ctrl_iface: get/remove blob
|
||||
- use doc/docbook/*.sgml and docbook2{txt,html,pdf} to replace README and
|
||||
web pages including the same information.. i.e., have this information only
|
||||
in one page; how to build a PDF file with all the SGML included?
|
||||
@ -56,14 +53,11 @@ To do:
|
||||
- try to work around race in configuring PTK and sending msg 4/4 (some NDIS
|
||||
drivers with ndiswrapper end up not being able to complete 4-way handshake
|
||||
in some cases; extra delay before setting the key seems to help)
|
||||
- add wpa_secure_memzero() macro and secure implementation (volatile u8*) to
|
||||
clear memory; this would be used to clear temporary buffers containing
|
||||
private data (e.g., keys); the macro can be defined to NOP in order to save
|
||||
space (i.e., no code should depend on the macro doing something)
|
||||
- make sure that TLS session cache is not shared between EAP types or if it
|
||||
is, that the cache entries are bound to only one EAP type; e.g., cache entry
|
||||
created with EAP-TLS must not be allowed to do fast re-auth with EAP-TTLS
|
||||
- consider moving eap_tls_build_ack() call into eap_tls_process_helper()
|
||||
- consider moving eap_peer_tls_build_ack() call into
|
||||
eap_peer_tls_process_helper()
|
||||
(it seems to be called always if helper returns 1)
|
||||
* could need to modify eap_{ttls,peap,fast}_decrypt to do same
|
||||
- add support for fetching full user cert chain from Windows certificate
|
||||
|
Loading…
Reference in New Issue
Block a user