| Commit message (Collapse) | Author | Age |
|---|
| |\
| |
| | |
hostapd: use getrandom(2)
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Motivation: Devices with few entropy sources on boot hang/block if many services try to
read from /dev/random.
https://w1.fi/cgit/hostap/commit/?id=89a7cdd690b48a0c56380cf4609442ed13527f44
states getrandom() is recommended, but not enabled by default since it
relies on:
* Linux kernel 3.17 (NixOS 19.09 has 4.19; master presumably later)
* glibc 2.25 (NixOS master has 2.27
https://github.com/NixOS/nixpkgs/blob/master/pkgs/development/libraries/glibc/common.nix#L37 )
|
| |/
|
|
|
|
|
|
|
| |
Associated release note:
https://w1.fi/security/2019-6/sae-eap-pwd-side-channel-attack-update.txt
Note: we are building hostapd with the CONFIG_EAP_PWD=y flag by
default, we might be impacted by a EAP_PWD side-channel attach on
hostapd 2.8.
|
| |
|
|
|
| |
Permanent redirects on homepages and/or source URLs
as reported by Repology
|
| |
|
|
|
|
|
|
|
| |
treewide replacement of
stdenv.mkDerivation rec {
name = "*-${version}";
version = "*";
to pname
|
| | |
|
| |
|
|
|
| |
Something somehow got wrong in #63699; some adjustments made after the
review have been discarded :/
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Applies OpenWRT's noscan patch to hostapd and the relevant option to
the hostapd module.
This noscan patch adds a new `noscan` option allowing us to create
some overlapping BSSs in HT40+/- mode.
Note: this option is disabled by default, we leave this up to the end
user whether it should be enabled or not.
Not being able to create those overlapping BSSs is basically
preventing us to use 802.11n in any urban area where chances to
overlap with another SSID are extremely high.
The patch we are using is a courtesy of the openwrt team and is
applied to the defaul hostapd package in both OpenWRT and Archlinux.
|
| | |
|
| | |
|
| |
|
|
|
|
| |
He prefers to contribute to his own nixpkgs fork triton.
Since he is still marked as maintainer in many packages
this leaves the wrong impression he still maintains those.
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
CVE-2017-13077: Reinstallation of the pairwise encryption key (PTK-TK) in the 4-way handshake.
CVE-2017-13078: Reinstallation of the group key (GTK) in the 4-way handshake.
CVE-2017-13079: Reinstallation of the integrity group key (IGTK) in the 4-way handshake.
CVE-2017-13080: Reinstallation of the group key (GTK) in the group key handshake.
CVE-2017-13081: Reinstallation of the integrity group key (IGTK) in the group key handshake.
CVE-2017-13082: Accepting a retransmitted Fast BSS Transition (FT) Reassociation Request and reinstalling the pairwise encryption key (PTK-TK) while processing it.
CVE-2017-13084: Reinstallation of the STK key in the PeerKey handshake.
CVE-2017-13086: reinstallation of the Tunneled Direct-Link Setup (TDLS) PeerKey (TPK) key in the TDLS handshake.
CVE-2017-13087: reinstallation of the group key (GTK) when processing a Wireless Network Management (WNM) Sleep Mode Response frame.
CVE-2017-13088: reinstallation of the integrity group key (IGTK) when processing a Wireless Network Management (WNM) Sleep Mode Response frame.
|
| | |
|
| | |
|
| | |
|
| |
|
|
| |
Fixes #17315.
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
|
|
svn path=/nixpkgs/trunk/; revision=27501
|