diff options
Diffstat (limited to 'modules/luci-mod-admin-full')
| -rw-r--r-- | modules/luci-mod-admin-full/luasrc/model/cbi/admin_network/wifi.lua | 11 |
1 files changed, 11 insertions, 0 deletions
diff --git a/modules/luci-mod-admin-full/luasrc/model/cbi/admin_network/wifi.lua b/modules/luci-mod-admin-full/luasrc/model/cbi/admin_network/wifi.lua index f431c26a0e..e4f512b662 100644 --- a/modules/luci-mod-admin-full/luasrc/model/cbi/admin_network/wifi.lua +++ b/modules/luci-mod-admin-full/luasrc/model/cbi/admin_network/wifi.lua @@ -1018,6 +1018,17 @@ if hwtype == "mac80211" then retry_timeout.placeholder = "201" retry_timeout.rmempty = true end + + local key_retries = s:taboption("encryption", Flag, "wpa_disable_eapol_key_retries", + translate("Enable key reinstallation (KRACK) countermeasures"), + translate("Works around key reinstallation attacks on the client side by disabling retransmission of EAPOL-Key frames that are used to install keys. This workaround might cause interoperability issues and reduced robustness of key negotiation especially in environments with heavy traffic load.")) + + key_retries:depends({mode="ap", encryption="wpa2"}) + key_retries:depends({mode="ap", encryption="psk2"}) + key_retries:depends({mode="ap", encryption="psk-mixed"}) + key_retries:depends({mode="ap-wds", encryption="wpa2"}) + key_retries:depends({mode="ap-wds", encryption="psk2"}) + key_retries:depends({mode="ap-wds", encryption="psk-mixed"}) end if hwtype == "mac80211" or hwtype == "prism2" then |