T4666: hostap: Reintroduce Debian's allow-tlsv1.patch

After the fixes for T4537/T4584, which added a custom hostap package, wpa_supplicant no longer allows TLSv1.0 connections, which is required for EAP-TLS with certain ISPs. Previously, VyOS allowed TLSv1.0 via Debian's `allow-tlsv1.patch` patch. This commit reintroduces that patch for the custom hostap package. Signed-off-by: Andrew Gunnerson <chillermillerlong@hotmail.com> (cherry picked from commit 54a2f0aa704db96707c8545b81b180934b5f8b9c)
author: Andrew Gunnerson <chillermillerlong@hotmail.com> 2022-09-02 18:27:24 -0400
committer: Christian Poessinger <christian@poessinger.com> 2022-09-03 20:39:23 +0200
commit: 50a88a508ada1ce1e6633fcf33e5eaf467fd4ad2 (patch)
tree: 5aa733fab4caf3366f6d6c720ce8458492a11140 /packages/hostap
parent: a16db434a75b8d05b684d815b5ae277519fb9003 (diff)
download: vyos-build-50a88a508ada1ce1e6633fcf33e5eaf467fd4ad2.tar.gz
vyos-build-50a88a508ada1ce1e6633fcf33e5eaf467fd4ad2.zip
1 files changed, 3 insertions, 1 deletions
diff --git a/packages/hostap/build.sh b/packages/hostap/build.sh
index 90b3358c..8e5d324b 100755
--- a/packages/hostap/build.sh
+++ b/packages/hostap/build.sh
@@ -16,7 +16,9 @@ fi
 
 echo "I: Copy Debian build instructions"
 cp -a ${SRC_DEB}/debian ${SRC}
-rm -rf ${SRC}/debian/patches
+# Preserve Debian's default of allowing TLSv1.0 for compatibility
+find ${SRC}/debian/patches -mindepth 1 ! -name allow-tlsv1.patch -delete
+echo 'allow-tlsv1.patch' > ${SRC}/debian/patches/series
 
 # Build Debian package
 cd ${SRC}
author	Andrew Gunnerson <chillermillerlong@hotmail.com>	2022-09-02 18:27:24 -0400
committer	Christian Poessinger <christian@poessinger.com>	2022-09-03 20:39:23 +0200
commit	50a88a508ada1ce1e6633fcf33e5eaf467fd4ad2 (patch)
tree	5aa733fab4caf3366f6d6c720ce8458492a11140 /packages/hostap
parent	a16db434a75b8d05b684d815b5ae277519fb9003 (diff)
download	vyos-build-50a88a508ada1ce1e6633fcf33e5eaf467fd4ad2.tar.gz vyos-build-50a88a508ada1ce1e6633fcf33e5eaf467fd4ad2.zip