hostapd: add wpa_strict_rekey support
authorKyle Copperfield <kmcopper@danwin1210.me>
Sat, 9 Nov 2019 03:42:57 +0000 (19:42 -0800)
committerJohn Crispin <john@phrozen.org>
Wed, 15 Jan 2020 19:13:49 +0000 (20:13 +0100)
The sender domain has a DMARC Reject/Quarantine policy which disallows
sending mailing list messages using the original "From" header.

To mitigate this problem, the original message has been wrapped
automatically by the mailing list software.
Rekey GTK on STA disassociate

Signed-off-by: Kyle Copperfield <kmcopper@danwin1210.me>
package/network/services/hostapd/files/hostapd.sh

index ba41fcdc3ce6cbf3d669d0a6c9cb842331a89e28..c1f8e7f0711973460d6eaa4afcbdae433364d80b 100644 (file)
@@ -185,6 +185,7 @@ hostapd_common_add_bss_config() {
        config_add_int \
                wep_rekey eap_reauth_period \
                wpa_group_rekey wpa_pair_rekey wpa_master_rekey
+       config_add_boolean wpa_strict_rekey
        config_add_boolean wpa_disable_eapol_key_retries
 
        config_add_boolean tdls_prohibit
@@ -270,7 +271,7 @@ hostapd_set_bss_options() {
        local wep_rekey wpa_group_rekey wpa_pair_rekey wpa_master_rekey wpa_key_mgmt
 
        json_get_vars \
-               wep_rekey wpa_group_rekey wpa_pair_rekey wpa_master_rekey \
+               wep_rekey wpa_group_rekey wpa_pair_rekey wpa_master_rekey wpa_strict_rekey \
                wpa_disable_eapol_key_retries tdls_prohibit \
                maxassoc max_inactivity disassoc_low_ack isolate auth_cache \
                wps_pushbutton wps_label ext_registrar wps_pbc_in_m1 wps_ap_setup_locked \
@@ -325,6 +326,7 @@ hostapd_set_bss_options() {
                [ -n "$wpa_group_rekey"  ] && append bss_conf "wpa_group_rekey=$wpa_group_rekey" "$N"
                [ -n "$wpa_pair_rekey"   ] && append bss_conf "wpa_ptk_rekey=$wpa_pair_rekey"    "$N"
                [ -n "$wpa_master_rekey" ] && append bss_conf "wpa_gmk_rekey=$wpa_master_rekey"  "$N"
+               [ -n "$wpa_strict_rekey" ] && append bss_conf "wpa_strict_rekey=$wpa_strict_rekey" "$N"
        }
 
        [ -n "$nasid" ] && append bss_conf "nas_identifier=$nasid" "$N"