openwrt/package/network
Stijn Tintel d501786ff2 hostapd: add wpa_disable_eapol_key_retries option
Commit b6c3931ad6 introduced an AP-side
workaround for key reinstallation attacks. This option can be used to
mitigate KRACK on the station side, in case those stations cannot be
updated. Since many devices are out there will not receive an update
anytime soon (if at all), it makes sense to include this workaround.

Unfortunately this can cause interoperability issues and reduced
robustness of key negotiation, so disable the workaround by default, and
add an option to allow the user to enable it if he deems necessary.

Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
(cherry picked from commit c5f97c9372)
2017-10-17 17:59:45 +03:00
..
config treewide: fix shellscript syntax errors/typos 2017-09-13 08:07:39 +02:00
ipv6 dhcpv6: add missing dollar sign in dhcpv6 script (FS#874) 2017-06-29 10:02:14 +02:00
services hostapd: add wpa_disable_eapol_key_retries option 2017-10-17 17:59:45 +03:00
utils curl: fix security problems 2017-09-30 15:27:29 +02:00