diff options
Diffstat (limited to 'testing/source/wpa_supplicant/patches/allow-tlsv1.patch')
| -rw-r--r-- | testing/source/wpa_supplicant/patches/allow-tlsv1.patch | 22 |
1 files changed, 0 insertions, 22 deletions
diff --git a/testing/source/wpa_supplicant/patches/allow-tlsv1.patch b/testing/source/wpa_supplicant/patches/allow-tlsv1.patch deleted file mode 100644 index eb5fb781..00000000 --- a/testing/source/wpa_supplicant/patches/allow-tlsv1.patch +++ /dev/null @@ -1,22 +0,0 @@ -From: Andrej Shadura <andrewsh@debian.org> -Subject: Enable TLSv1.0 by default - -OpenSSL 1.1.1 disables TLSv1.0 by default and sets the security level to 2. -Some older networks may support for TLSv1.0 and less secure cyphers. - ---- a/src/crypto/tls_openssl.c -+++ b/src/crypto/tls_openssl.c -@@ -988,6 +988,13 @@ - os_free(data); - return NULL; - } -+ -+#ifndef EAP_SERVER_TLS -+ /* Enable TLSv1.0 by default to allow connecting to legacy -+ * networks since Debian OpenSSL is set to minimum TLSv1.2 and SECLEVEL=2. */ -+ SSL_CTX_set_min_proto_version(ssl, TLS1_VERSION); -+#endif -+ - data->ssl = ssl; - if (conf) - data->tls_session_lifetime = conf->tls_session_lifetime; |