aboutsummaryrefslogtreecommitdiffstats
path: root/scripts/patch-specs.sh
diff options
context:
space:
mode:
authorTimo Sigurdsson <public_timo.s@silentcreek.de>2017-11-14 21:41:29 +0100
committerStijn Tintel <stijn@linux-ipv6.be>2017-12-07 01:57:29 +0200
commit6515887ed9b3f312635409702113dca7c14043e5 (patch)
tree03c27cb7898eb3c1d32130ae3c06df2177f3951e /scripts/patch-specs.sh
parentf9974786551750ea47cd1faf1e739d6a39ec2dc7 (diff)
downloadupstream-6515887ed9b3f312635409702113dca7c14043e5.tar.gz
upstream-6515887ed9b3f312635409702113dca7c14043e5.tar.bz2
upstream-6515887ed9b3f312635409702113dca7c14043e5.zip
hostapd: Expose the tdls_prohibit option to UCI
wpa_disable_eapol_key_retries can't prevent attacks against the Tunneled Direct-Link Setup (TDLS) handshake. Jouni Malinen suggested that the existing hostapd option tdls_prohibit can be used to further complicate this possibility at the AP side. tdls_prohibit=1 makes hostapd advertise that use of TDLS is not allowed in the BSS. Note: If an attacker manages to lure both TDLS peers into a fake AP, hiding the tdls_prohibit advertisement from them, it might be possible to bypass this protection. Make this option configurable via UCI, but disabled by default. Signed-off-by: Timo Sigurdsson <public_timo.s@silentcreek.de>
Diffstat (limited to 'scripts/patch-specs.sh')
0 files changed, 0 insertions, 0 deletions