Wed Jan 9 03:21:06 UTC 201920190109032106

ap/alsa-utils-1.1.8-x86_64-1.txz:  Upgraded.
ap/gutenprint-5.3.1-x86_64-1.txz:  Upgraded.
  Shared library .so-version bump.
l/alsa-lib-1.1.8-x86_64-1.txz:  Upgraded.
l/alsa-oss-1.1.8-x86_64-1.txz:  Upgraded.
l/alsa-plugins-1.1.8-x86_64-1.txz:  Upgraded.
extra/pure-alsa-system/alsa-lib-1.1.8-x86_64-1_alsa.txz:  Upgraded.
extra/pure-alsa-system/alsa-plugins-1.1.8-x86_64-1_alsa.txz:  Upgraded.

1 files changed, 22 insertions, 0 deletions

diff --git a/source/n/wpa_supplicant/patches/allow-tlsv1.patch b/source/n/wpa_supplicant/patches/allow-tlsv1.patch
new file mode 100644
index 000000000..eb5fb7818
--- /dev/null
+++ b/source/n/wpa_supplicant/patches/allow-tlsv1.patch
@@ -0,0 +1,22 @@
+From: Andrej Shadura <andrewsh@debian.org>
+Subject: Enable TLSv1.0 by default
+
+OpenSSL 1.1.1 disables TLSv1.0 by default and sets the security level to 2.
+Some older networks may support for TLSv1.0 and less secure cyphers.
+
+--- a/src/crypto/tls_openssl.c
++++ b/src/crypto/tls_openssl.c
+@@ -988,6 +988,13 @@
+ 		os_free(data);
+ 		return NULL;
+ 	}
++
++#ifndef EAP_SERVER_TLS
++	/* Enable TLSv1.0 by default to allow connecting to legacy
++	 * networks since Debian OpenSSL is set to minimum TLSv1.2 and SECLEVEL=2. */
++	SSL_CTX_set_min_proto_version(ssl, TLS1_VERSION);
++#endif
++
+ 	data->ssl = ssl;
+ 	if (conf)
+ 		data->tls_session_lifetime = conf->tls_session_lifetime;