openwrt/package
Timo Sigurdsson 19ebc19f54 hostapd: Expose the tdls_prohibit option to UCI
wpa_disable_eapol_key_retries can't prevent attacks against the
Tunneled Direct-Link Setup (TDLS) handshake. Jouni Malinen suggested
that the existing hostapd option tdls_prohibit can be used to further
complicate this possibility at the AP side. tdls_prohibit=1 makes
hostapd advertise that use of TDLS is not allowed in the BSS.

Note: If an attacker manages to lure both TDLS peers into a fake
AP, hiding the tdls_prohibit advertisement from them, it might be
possible to bypass this protection.

Make this option configurable via UCI, but disabled by default.

Signed-off-by: Timo Sigurdsson <public_timo.s@silentcreek.de>
(cherry picked from commit 6515887ed9)
2017-12-07 19:42:30 +01:00
..
base-files functions.sh: fix default_postinst function 2017-11-08 23:26:20 +01:00
boot uboot-envtools: add support for ALFA Network AP121F 2017-07-23 00:26:51 +02:00
devel binutils: fix build with host gcc < 4.9 2017-05-24 18:05:18 +02:00
firmware ath10k-firmware: do not select the qca988x by default 2017-05-27 14:22:16 +02:00
kernel mt76: update to the latest version 2017-12-04 10:52:52 +01:00
libs openssl: update to 1.0.2m 2017-11-13 00:53:35 +01:00
network hostapd: Expose the tdls_prohibit option to UCI 2017-12-07 19:42:30 +01:00
system rpcd: update to version 2017-11-12 2017-11-17 14:42:49 +01:00
utils f2fs-tools: fix mkfs.f2fs on big-endian systems 2017-09-03 10:14:09 +03:00
Makefile build: fix triggering opkg/host compilation 2017-04-09 15:42:20 +02:00