summaryrefslogtreecommitdiff
path: root/packages
diff options
context:
space:
mode:
authorAndrew Gunnerson <chillermillerlong@hotmail.com>2022-09-02 18:27:24 -0400
committerAndrew Gunnerson <chillermillerlong@hotmail.com>2022-09-02 18:27:24 -0400
commit54a2f0aa704db96707c8545b81b180934b5f8b9c (patch)
tree1270dc82b96dbd6e70ef32a2492756cab627c5ec /packages
parent831846e744b63f71707a6b2ca27b10b32cef5d26 (diff)
downloadvyos-build-54a2f0aa704db96707c8545b81b180934b5f8b9c.tar.gz
vyos-build-54a2f0aa704db96707c8545b81b180934b5f8b9c.zip
T4666: hostap: Reintroduce Debian's allow-tlsv1.patch
After the fixes for T4537/T4584, which added a custom hostap package, wpa_supplicant no longer allows TLSv1.0 connections, which is required for EAP-TLS with certain ISPs. Previously, VyOS allowed TLSv1.0 via Debian's `allow-tlsv1.patch` patch. This commit reintroduces that patch for the custom hostap package. Signed-off-by: Andrew Gunnerson <chillermillerlong@hotmail.com>
Diffstat (limited to 'packages')
-rwxr-xr-xpackages/hostap/build.sh4
1 files changed, 3 insertions, 1 deletions
diff --git a/packages/hostap/build.sh b/packages/hostap/build.sh
index 865571c4..4e140d80 100755
--- a/packages/hostap/build.sh
+++ b/packages/hostap/build.sh
@@ -16,7 +16,9 @@ fi
echo "I: Copy Debian build instructions"
cp -a ${SRC_DEB}/debian ${SRC}
-rm -rf ${SRC}/debian/patches
+# Preserve Debian's default of allowing TLSv1.0 for compatibility
+find ${SRC}/debian/patches -mindepth 1 ! -name allow-tlsv1.patch -delete
+echo 'allow-tlsv1.patch' > ${SRC}/debian/patches/series
# Build Debian package
cd ${SRC}