diff options
| author | rpaulo <rpaulo@FreeBSD.org> | 2010-06-14 15:37:48 +0000 |
|---|---|---|
| committer | rpaulo <rpaulo@FreeBSD.org> | 2010-06-14 15:37:48 +0000 |
| commit | ce9c8f380b1fae326c166456a15ae504dce5c1d1 (patch) | |
| tree | 14bf596282a14863f779d075d7a8f7e60c25f0a8 /contrib/wpa/src/tls/tlsv1_client.c | |
| parent | da0290f8d3606ed387adb04fec5d24de81a39032 (diff) | |
| parent | 60c44471bf25f9e84d8701afe1bbcbcc88e18c89 (diff) | |
| download | FreeBSD-src-ce9c8f380b1fae326c166456a15ae504dce5c1d1.zip FreeBSD-src-ce9c8f380b1fae326c166456a15ae504dce5c1d1.tar.gz | |
MFV hostapd & wpa_supplicant 0.6.10.
Diffstat (limited to 'contrib/wpa/src/tls/tlsv1_client.c')
| -rw-r--r-- | contrib/wpa/src/tls/tlsv1_client.c | 11 |
1 files changed, 11 insertions, 0 deletions
diff --git a/contrib/wpa/src/tls/tlsv1_client.c b/contrib/wpa/src/tls/tlsv1_client.c index 302e3ee..0bf1174 100644 --- a/contrib/wpa/src/tls/tlsv1_client.c +++ b/contrib/wpa/src/tls/tlsv1_client.c @@ -620,6 +620,17 @@ int tlsv1_client_set_cipher_list(struct tlsv1_client *conn, u8 *ciphers) suites[count++] = TLS_DH_anon_WITH_3DES_EDE_CBC_SHA; suites[count++] = TLS_DH_anon_WITH_RC4_128_MD5; suites[count++] = TLS_DH_anon_WITH_DES_CBC_SHA; + + /* + * Cisco AP (at least 350 and 1200 series) local authentication + * server does not know how to search cipher suites from the + * list and seem to require that the last entry in the list is + * the one that it wants to use. However, TLS specification + * requires the list to be in the client preference order. As a + * workaround, add anon-DH AES-128-SHA1 again at the end of the + * list to allow the Cisco code to find it. + */ + suites[count++] = TLS_DH_anon_WITH_AES_128_CBC_SHA; conn->num_cipher_suites = count; } |
