DGNum/hostapd
6
0
Fork 0
Code Issues Pull requests 1 Projects Releases Packages Wiki Activity Actions

TLS: Add tls_disable_tlsv1_1 and tls_disable_tlsv1_2 phase1 params

Browse source 
These can be used to disable TLSv1.1 and TLSv1.2 as a workaround for AAA
servers that have issues interoperating with newer TLS versions.

Signed-off-by: Dmitry Shmidt <dimitrysh@google.com>
This commit is contained in:
Dmitry Shmidt 2014-02-19 13:21:58 -08:00 committed by Jouni Malinen
parent 41ff0fa64c
commit e9a6f18385
4 changed files with 27 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

4
wpa_supplicant/wpa_supplicant.conf
View file

@ -800,6 +800,10 @@ fast_reauth=1
# EAP workarounds are disabled with eap_workarounds=0.
# For EAP-FAST, this must be set to 0 (or left unconfigured for the
# default value to be used automatically).
# tls_disable_tlsv1_1=1 - disable use of TLSv1.1 (a workaround for AAA servers
# that have issues interoperating with updated TLS version)
# tls_disable_tlsv1_2=1 - disable use of TLSv1.2 (a workaround for AAA servers
# that have issues interoperating with updated TLS version)
#
# Following certificate/private key fields are used in inner Phase2
# authentication when using EAP-TTLS or EAP-PEAP.