openwrt/package
Stijn Tintel d501786ff2 hostapd: add wpa_disable_eapol_key_retries option
Commit b6c3931ad6 introduced an AP-side
workaround for key reinstallation attacks. This option can be used to
mitigate KRACK on the station side, in case those stations cannot be
updated. Since many devices are out there will not receive an update
anytime soon (if at all), it makes sense to include this workaround.

Unfortunately this can cause interoperability issues and reduced
robustness of key negotiation, so disable the workaround by default, and
add an option to allow the user to enable it if he deems necessary.

Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
(cherry picked from commit c5f97c9372)
2017-10-17 17:59:45 +03:00
..
base-files LEDE v17.01.3: revert to branch defaults 2017-10-03 15:10:55 +03:00
boot uboot-envtools: add support for ALFA Network AP121F 2017-07-23 00:26:51 +02:00
devel binutils: fix build with host gcc < 4.9 2017-05-24 18:05:18 +02:00
firmware ath10k-firmware: do not select the qca988x by default 2017-05-27 14:22:16 +02:00
kernel mac80211: backport kernel fix for CVE-2017-13080 2017-10-17 01:57:05 +03:00
libs mbedtls: update to 2.6.0 CVE-2017-14032 2017-09-30 15:24:52 +02:00
network hostapd: add wpa_disable_eapol_key_retries option 2017-10-17 17:59:45 +03:00
system procd: update to the latest git HEAD 2017-08-08 14:41:02 +02:00
utils f2fs-tools: fix mkfs.f2fs on big-endian systems 2017-09-03 10:14:09 +03:00
Makefile build: fix triggering opkg/host compilation 2017-04-09 15:42:20 +02:00