openwrt/package/network/services/hostapd
Stijn Tintel d501786ff2 hostapd: add wpa_disable_eapol_key_retries option
Commit b6c3931ad6 introduced an AP-side
workaround for key reinstallation attacks. This option can be used to
mitigate KRACK on the station side, in case those stations cannot be
updated. Since many devices are out there will not receive an update
anytime soon (if at all), it makes sense to include this workaround.

Unfortunately this can cause interoperability issues and reduced
robustness of key negotiation, so disable the workaround by default, and
add an option to allow the user to enable it if he deems necessary.

Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
(cherry picked from commit c5f97c9372)
2017-10-17 17:59:45 +03:00
..
files hostapd: add wpa_disable_eapol_key_retries option 2017-10-17 17:59:45 +03:00
patches hostapd: backport extra changes related to KRACK 2017-10-17 17:54:59 +03:00
src/src hostapd: fix feature indication 2017-03-01 01:18:58 +01:00
Config.in hostapd: Add ability to specify that that wireless driver supports 802.11ac 2016-12-20 16:24:22 +01:00
Makefile hostapd: add wpa_disable_eapol_key_retries option 2017-10-17 17:59:45 +03:00