Last active
August 29, 2015 13:59
-
-
Save DigitalBrains1/10502659 to your computer and use it in GitHub Desktop.
Sailfish wpa_supplicant revert commit 51e3eaf: patch
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
diff -Npru wpa_supplicant-2.1.orig/hostap/src/crypto/tls.h wpa_supplicant-2.1/hostap/src/crypto/tls.h | |
--- wpa_supplicant-2.1.orig/hostap/src/crypto/tls.h 2014-03-13 08:53:26.000000000 +0100 | |
+++ wpa_supplicant-2.1/hostap/src/crypto/tls.h 2014-04-11 21:50:52.159397490 +0200 | |
@@ -41,8 +41,7 @@ enum tls_fail_reason { | |
TLS_FAIL_ALTSUBJECT_MISMATCH = 6, | |
TLS_FAIL_BAD_CERTIFICATE = 7, | |
TLS_FAIL_SERVER_CHAIN_PROBE = 8, | |
- TLS_FAIL_DOMAIN_SUFFIX_MISMATCH = 9, | |
- TLS_FAIL_SERVER_USED_CLIENT_CERT = 10 | |
+ TLS_FAIL_DOMAIN_SUFFIX_MISMATCH = 9 | |
}; | |
union tls_event_data { | |
diff -Npru wpa_supplicant-2.1.orig/hostap/src/crypto/tls_openssl.c wpa_supplicant-2.1/hostap/src/crypto/tls_openssl.c | |
--- wpa_supplicant-2.1.orig/hostap/src/crypto/tls_openssl.c 2014-04-11 21:44:13.163639000 +0200 | |
+++ wpa_supplicant-2.1/hostap/src/crypto/tls_openssl.c 2014-04-11 21:50:52.179418854 +0200 | |
@@ -105,7 +105,6 @@ struct tls_connection { | |
unsigned int ca_cert_verify:1; | |
unsigned int cert_probe:1; | |
unsigned int server_cert_only:1; | |
- unsigned int server:1; | |
u8 srv_cert_hash[32]; | |
@@ -1482,16 +1481,6 @@ static int tls_verify_cb(int preverify_o | |
TLS_FAIL_SERVER_CHAIN_PROBE); | |
} | |
- if (!conn->server && err_cert && preverify_ok && depth == 0 && | |
- (err_cert->ex_flags & EXFLAG_XKUSAGE) && | |
- (err_cert->ex_xkusage & XKU_SSL_CLIENT)) { | |
- wpa_printf(MSG_WARNING, "TLS: Server used client certificate"); | |
- openssl_tls_fail_event(conn, err_cert, err, depth, buf, | |
- "Server used client certificate", | |
- TLS_FAIL_SERVER_USED_CLIENT_CERT); | |
- preverify_ok = 0; | |
- } | |
- | |
if (preverify_ok && context->event_cb != NULL) | |
context->event_cb(context->cb_ctx, | |
TLS_CERT_CHAIN_SUCCESS, NULL); | |
@@ -2543,8 +2532,6 @@ openssl_handshake(struct tls_connection | |
int res; | |
struct wpabuf *out_data; | |
- conn->server = !!server; | |
- | |
/* | |
* Give TLS handshake data from the server (if available) to OpenSSL | |
* for processing. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment