DGNum/hostapd
6
0
Fork 0
Code Issues Pull requests 1 Projects Releases Packages Wiki Activity Actions
hostapd/src
History
Alexander Wetzel 1a7963e36f AP: Allow PTK rekeying without Ext KeyID to be disabled as a workaround 
Rekeying a pairwise key using only keyid 0 (PTK0 rekey) has many broken
implementations and should be avoided when using or interacting with
one. The effects can be triggered by either end of the connection and
range from hardly noticeable disconnects over long connection freezes up
to leaking clear text MPDUs.

To allow affected users to mitigate the issues, add a new hostapd
configuration option "wpa_deny_ptk0_rekey" to replace all PTK0 rekeys
with disconnection. This requires the station to reassociate to get
connected again and as such, can result in connectivity issues as well.

Signed-off-by: Alexander Wetzel <alexander@wetzel-home.de>
2020-02-23 12:22:49 +02:00
..
ap AP: Allow PTK rekeying without Ext KeyID to be disabled as a workaround 2020-02-23 12:22:49 +02:00
common AP: Allow PTK rekeying without Ext KeyID to be disabled as a workaround 2020-02-23 12:22:49 +02:00
crypto wlantest: Add PTK derivation support with SAE, OWE, DPP 2020-02-10 21:58:10 +02:00
drivers nl80211: Add driver capability flag for CAN_REPLACE_PTK0 2020-02-23 12:00:23 +02:00
eap_common EAP-SIM/AKA peer: Add support for EAP Method prefix 2020-01-10 19:16:13 +02:00
eap_peer EAP-SIM peer: Do not accept SIM/Challenge without SIM/Start 2019-12-23 23:59:16 +02:00
eap_server Clean up base64_{encode,decode} pointer types 2019-11-28 16:39:09 +02:00
eapol_auth EAP server: Use struct eap_config to avoid duplicated definitions 2019-08-18 17:36:32 +03:00
eapol_supp Pass full struct to peer certificate callbacks 2019-06-14 23:10:50 +03:00
fst FST: Update FST about MAC address change 2019-10-15 15:39:22 +03:00
l2_packet l2_packet: Fix bridge workaround for repeater configuration 2019-12-24 21:16:23 +02:00
p2p P2P: Increase number of channels per operating class 2020-02-12 23:17:24 +02:00
pae mka: Check OLPN for exhaustion on SAKuse decode 2019-09-19 00:21:47 +03:00
radius RADIUS client: fix extra retry before failover 2019-12-30 19:13:51 +02:00
rsn_supp Configure received BIGTK on station/supplicant side 2020-02-18 00:18:47 +02:00
tls ASN.1: Helper functions for building DER encoded data 2020-01-31 23:16:05 +02:00
utils webkit: Clean up USE_WEBKIT2 blocks 2020-02-16 19:21:06 +02:00
wps WPS: Make it possible to use PSKs loaded from the PSK file 2020-02-15 17:28:00 +02:00
lib.rules tests: Fix CFLAGS passing for new fuzzing tools 2019-06-11 06:34:19 +03:00
Makefile FST: Add the Fast Session Transfer (FST) module 2015-07-16 18:26:15 +03:00