Sailfish wpa_supplicant revert commit 51e3eaf: patch
diff -Npru wpa_supplicant-2.1.orig/hostap/src/crypto/tls.h wpa_supplicant-2.1/hostap/src/crypto/tls.h | |
--- wpa_supplicant-2.1.orig/hostap/src/crypto/tls.h 2014-03-13 08:53:26.000000000 +0100 | |
+++ wpa_supplicant-2.1/hostap/src/crypto/tls.h 2014-04-11 21:50:52.159397490 +0200 | |
@@ -41,8 +41,7 @@ enum tls_fail_reason { | |
TLS_FAIL_ALTSUBJECT_MISMATCH = 6, | |
TLS_FAIL_BAD_CERTIFICATE = 7, | |
TLS_FAIL_SERVER_CHAIN_PROBE = 8, | |
- TLS_FAIL_DOMAIN_SUFFIX_MISMATCH = 9, | |
- TLS_FAIL_SERVER_USED_CLIENT_CERT = 10 | |
+ TLS_FAIL_DOMAIN_SUFFIX_MISMATCH = 9 | |
}; | |
union tls_event_data { | |
diff -Npru wpa_supplicant-2.1.orig/hostap/src/crypto/tls_openssl.c wpa_supplicant-2.1/hostap/src/crypto/tls_openssl.c | |
--- wpa_supplicant-2.1.orig/hostap/src/crypto/tls_openssl.c 2014-04-11 21:44:13.163639000 +0200 | |
+++ wpa_supplicant-2.1/hostap/src/crypto/tls_openssl.c 2014-04-11 21:50:52.179418854 +0200 | |
@@ -105,7 +105,6 @@ struct tls_connection { | |
unsigned int ca_cert_verify:1; | |
unsigned int cert_probe:1; | |
unsigned int server_cert_only:1; | |
- unsigned int server:1; | |
u8 srv_cert_hash[32]; | |
@@ -1482,16 +1481,6 @@ static int tls_verify_cb(int preverify_o | |
TLS_FAIL_SERVER_CHAIN_PROBE); | |
} | |
- if (!conn->server && err_cert && preverify_ok && depth == 0 && | |
- (err_cert->ex_flags & EXFLAG_XKUSAGE) && | |
- (err_cert->ex_xkusage & XKU_SSL_CLIENT)) { | |
- wpa_printf(MSG_WARNING, "TLS: Server used client certificate"); | |
- openssl_tls_fail_event(conn, err_cert, err, depth, buf, | |
- "Server used client certificate", | |
- TLS_FAIL_SERVER_USED_CLIENT_CERT); | |
- preverify_ok = 0; | |
- } | |
- | |
if (preverify_ok && context->event_cb != NULL) | |
context->event_cb(context->cb_ctx, | |
TLS_CERT_CHAIN_SUCCESS, NULL); | |
@@ -2543,8 +2532,6 @@ openssl_handshake(struct tls_connection | |
int res; | |
struct wpabuf *out_data; | |
- conn->server = !!server; | |
- | |
/* | |
* Give TLS handshake data from the server (if available) to OpenSSL | |
* for processing. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment