diff options
author | Jo-Philipp Wich <jo@mein.io> | 2017-10-17 22:19:08 +0200 |
---|---|---|
committer | Jo-Philipp Wich <jo@mein.io> | 2017-10-17 22:19:08 +0200 |
commit | 48ed00e5b9cda33a29188a3b9833c9a86051fd0a (patch) | |
tree | afdf77f9010a99bc81ba247528e290424c34b04a | |
parent | 27fbdada6c78464fd54f5a9bcf8ddf0dae0fc7b2 (diff) |
luci-mod-admin-full: wifi: expose "wpa_disable_eapol_key_retries" option
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
-rw-r--r-- | modules/luci-mod-admin-full/luasrc/model/cbi/admin_network/wifi.lua | 11 |
1 files changed, 11 insertions, 0 deletions
diff --git a/modules/luci-mod-admin-full/luasrc/model/cbi/admin_network/wifi.lua b/modules/luci-mod-admin-full/luasrc/model/cbi/admin_network/wifi.lua index f431c26a0e..e4f512b662 100644 --- a/modules/luci-mod-admin-full/luasrc/model/cbi/admin_network/wifi.lua +++ b/modules/luci-mod-admin-full/luasrc/model/cbi/admin_network/wifi.lua @@ -1018,6 +1018,17 @@ if hwtype == "mac80211" then retry_timeout.placeholder = "201" retry_timeout.rmempty = true end + + local key_retries = s:taboption("encryption", Flag, "wpa_disable_eapol_key_retries", + translate("Enable key reinstallation (KRACK) countermeasures"), + translate("Works around key reinstallation attacks on the client side by disabling retransmission of EAPOL-Key frames that are used to install keys. This workaround might cause interoperability issues and reduced robustness of key negotiation especially in environments with heavy traffic load.")) + + key_retries:depends({mode="ap", encryption="wpa2"}) + key_retries:depends({mode="ap", encryption="psk2"}) + key_retries:depends({mode="ap", encryption="psk-mixed"}) + key_retries:depends({mode="ap-wds", encryption="wpa2"}) + key_retries:depends({mode="ap-wds", encryption="psk2"}) + key_retries:depends({mode="ap-wds", encryption="psk-mixed"}) end if hwtype == "mac80211" or hwtype == "prism2" then |