T5151: hostap: Reintroduce Debian's allow-legacy-renegotiation.patch - vyos-build.git - VyOS image build scripts (mirror of https://github.com/vyos/vyos-build.git)

diff options

author	Andrew Gunnerson <accounts+github@chiller3.com>	2023-04-09 12:16:33 -0400
committer	Andrew Gunnerson <accounts+github@chiller3.com>	2023-04-09 12:51:23 -0400
commit	c260174c5bfcdf7cc3bd6db0f2bd51cf7b1f8648 (patch)
tree	ef7eb3bf3e4a55edb55da35f7856bf8c5853046f /scripts/build-vyos-image
parent	e36e5e77ae370aa85555a6eb328b5ab59713d639 (diff)
download	vyos-build-c260174c5bfcdf7cc3bd6db0f2bd51cf7b1f8648.tar.gz vyos-build-c260174c5bfcdf7cc3bd6db0f2bd51cf7b1f8648.zip

T5151: hostap: Reintroduce Debian's allow-legacy-renegotiation.patch

The Debian 12 upgrade in T5003 caused a regression for connecting to legacy networks that only support TLSv1.0/1.1 for EAP-TLS. This commit fixes one part of the issue by adding Debian's patch for allowing legacy renegotiation (SSL_OP_LEGACY_SERVER_CONNECT flag). The flag used to be allowed by default, but that changed with the openssl 3.0 upgrade in Debian 12. (This commit also updates `build.sh` to just overwrite `debian/patches/series` and not delete patch files since dpkg-buildpackage/quilt never applies unlisted patches.) Signed-off-by: Andrew Gunnerson <accounts+github@chiller3.com>

Diffstat (limited to 'scripts/build-vyos-image')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: