From 27bf1073abe534644cc1146397082cc78873f516 Mon Sep 17 00:00:00 2001
From: Brian Carlstrom <bdc@google.com>
Date: Wed, 25 Jul 2012 23:11:44 -0700
Subject: Use SSL_OP_NO_TLSv1_1 SSL_OP_NO_TLSv1_2 SSL_OP_NO_TICKET for better
 wpa_supplicant_8 interoperability

Bug: https://bugs.launchpad.net/ubuntu/+source/wpasupplicant/+bug/969343/comments/72
Bug: http://w1.fi/bugz/show_bug.cgi?id=447#c7
Bug: http://code.google.com/p/android/issues/detail?id=34212
Bug: 6883259
Change-Id: Ib53326cc8cd40e800454b7b92586c052bc910ba8
---
 src/crypto/tls_openssl.c | 5 +++++
 1 file changed, 5 insertions(+)

(limited to 'src')

diff --git a/src/crypto/tls_openssl.c b/src/crypto/tls_openssl.c
index aaa920b..be94e8a 100644
--- a/src/crypto/tls_openssl.c
+++ b/src/crypto/tls_openssl.c
@@ -929,6 +929,11 @@ struct tls_connection * tls_connection_init(void *ssl_ctx)
 #ifdef SSL_OP_NO_COMPRESSION
 	options |= SSL_OP_NO_COMPRESSION;
 #endif /* SSL_OP_NO_COMPRESSION */
+#ifdef ANDROID
+	options |= SSL_OP_NO_TLSv1_1;
+	options |= SSL_OP_NO_TLSv1_2;
+	options |= SSL_OP_NO_TICKET;
+#endif /* ANDROID */
 	SSL_set_options(conn->ssl, options);
 
 	conn->ssl_in = BIO_new(BIO_s_mem());
-- 
cgit v1.1