diff options
author | Patrick J Volkerding <volkerdi@slackware.com> | 2019-01-09 03:21:06 +0000 |
---|---|---|
committer | Eric Hameleers <alien@slackware.com> | 2019-01-09 08:59:41 +0100 |
commit | 1e8ea1d7ed43fc66a7452dfa0557f42aa3916aea (patch) | |
tree | 8050be1a6e0f2c3f07d8e697ef1c1b3cd503281e /source/n/wpa_supplicant/patches/allow-tlsv1.patch | |
parent | 870284c8649cc95fed6d9bd8e1bb5a2b9ac64e84 (diff) | |
download | current-1e8ea1d7ed43fc66a7452dfa0557f42aa3916aea.tar.gz current-1e8ea1d7ed43fc66a7452dfa0557f42aa3916aea.tar.xz |
Wed Jan 9 03:21:06 UTC 201920190109032106
ap/alsa-utils-1.1.8-x86_64-1.txz: Upgraded.
ap/gutenprint-5.3.1-x86_64-1.txz: Upgraded.
Shared library .so-version bump.
l/alsa-lib-1.1.8-x86_64-1.txz: Upgraded.
l/alsa-oss-1.1.8-x86_64-1.txz: Upgraded.
l/alsa-plugins-1.1.8-x86_64-1.txz: Upgraded.
extra/pure-alsa-system/alsa-lib-1.1.8-x86_64-1_alsa.txz: Upgraded.
extra/pure-alsa-system/alsa-plugins-1.1.8-x86_64-1_alsa.txz: Upgraded.
Diffstat (limited to 'source/n/wpa_supplicant/patches/allow-tlsv1.patch')
-rw-r--r-- | source/n/wpa_supplicant/patches/allow-tlsv1.patch | 22 |
1 files changed, 22 insertions, 0 deletions
diff --git a/source/n/wpa_supplicant/patches/allow-tlsv1.patch b/source/n/wpa_supplicant/patches/allow-tlsv1.patch new file mode 100644 index 000000000..eb5fb7818 --- /dev/null +++ b/source/n/wpa_supplicant/patches/allow-tlsv1.patch @@ -0,0 +1,22 @@ +From: Andrej Shadura <andrewsh@debian.org> +Subject: Enable TLSv1.0 by default + +OpenSSL 1.1.1 disables TLSv1.0 by default and sets the security level to 2. +Some older networks may support for TLSv1.0 and less secure cyphers. + +--- a/src/crypto/tls_openssl.c ++++ b/src/crypto/tls_openssl.c +@@ -988,6 +988,13 @@ + os_free(data); + return NULL; + } ++ ++#ifndef EAP_SERVER_TLS ++ /* Enable TLSv1.0 by default to allow connecting to legacy ++ * networks since Debian OpenSSL is set to minimum TLSv1.2 and SECLEVEL=2. */ ++ SSL_CTX_set_min_proto_version(ssl, TLS1_VERSION); ++#endif ++ + data->ssl = ssl; + if (conf) + data->tls_session_lifetime = conf->tls_session_lifetime; |