]> git.ipfire.org Git - thirdparty/hostap.git/commit
projects / thirdparty / hostap.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: c85206b) | patch
OpenSSL: Allow systemwide secpolicy overrides for TLS version
authorJouni Malinen <jouni@codeaurora.org>
Tue, 8 Sep 2020 14:55:36 +0000 (17:55 +0300)
committerJouni Malinen <j@w1.fi>
Tue, 8 Sep 2020 16:32:28 +0000 (19:32 +0300)
commit9afb68b03976d019bb450e5e33b0d8e48867691c
tree43f42c64ce202d6ffd141289824a49ac77c58576tree
parentc85206ba4030350990a02c54e908310c8ad79427commit | diff
OpenSSL: Allow systemwide secpolicy overrides for TLS version

Explicit configuration to enable TLS v1.0 and/or v1.1 did not work with
systemwide OpenSSL secpolicy=2 cases (e.g., Ubuntu 20.04). Allow such
systemwide configuration to be overridden if the older TLS versions have
been explicitly enabled in the network profile. The default behavior
follows the systemwide policy, but this allows compatibility with old
authentication servers without having to touch the systemwide policy.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
src/crypto/tls_openssl.c diff | blob | blame | history
Unnamed repository; edit this file 'description' to name the repository.