OpenSSL: Fix EAP-FAST with OpenSSL 1.1.1-pre1

TLS v1.3 needs to be explicitly disabled to allow cipher suite selection
for EAP-FAST to work with OpenSSL builds that include TLS v1.3 support.
Without this, OpenSSL refuses to generate ClientHello due to the cipher
suite list including only ciphers allowed with older versions than TLS
v1.3.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>

diff --git a/src/crypto/tls_openssl.c b/src/crypto/tls_openssl.c
index ce7384896929cba1c543a5a0441982f4cd382634..316836784ae41f2cbc961a781a4e0137b769658c 100644 (file)
--- a/src/crypto/tls_openssl.c
+++ b/src/crypto/tls_openssl.c
@@ -4309,6 +4309,15 @@ int tls_connection_set_params(void *tls_ctx, struct tls_connection *conn,
                }
        }
 #endif
+#if OPENSSL_VERSION_NUMBER >= 0x10101000L
+       if (params->flags & TLS_CONN_EAP_FAST) {
+               /* Need to disable TLS v1.3 at least for now since OpenSSL 1.1.1
+                * refuses to start the handshake with the modified ciphersuite
+                * list (no TLS v1.3 ciphersuites included) for EAP-FAST. */
+               wpa_printf(MSG_DEBUG, "OpenSSL: Disable TLSv1.3 for EAP-FAST");
+               SSL_set_options(conn->ssl, SSL_OP_NO_TLSv1_3);
+       }
+#endif
 #endif /* EAP_FAST || EAP_FAST_DYNAMIC || EAP_SERVER_FAST */
 
        while ((err = ERR_get_error())) {