aboutsummaryrefslogtreecommitdiffstats
path: root/wpa_supplicant/wpa_supplicant.conf
diff options
context:
space:
mode:
authorJouni Malinen <j@w1.fi>2018-05-01 18:52:45 (GMT)
committerJouni Malinen <j@w1.fi>2018-05-01 19:13:38 (GMT)
commitbbbc7e8016dd559b65187cf1e9a8c04aa3aa9e07 (patch)
treec8cce4398db247d6883ecc270731904928e9d776 /wpa_supplicant/wpa_supplicant.conf
parent0d34c13a72adaf43c2fd1ea7082b6e99ecda51f3 (diff)
downloadhostap-bbbc7e8016dd559b65187cf1e9a8c04aa3aa9e07.zip
hostap-bbbc7e8016dd559b65187cf1e9a8c04aa3aa9e07.tar.gz
hostap-bbbc7e8016dd559b65187cf1e9a8c04aa3aa9e07.tar.bz2
EAP-TLS: Extend TLS version config to allow TLS v1.3 to be disabled
This may be needed to avoid interoperability issues with the new protocol version and significant changes for EAP use cases in both key derivation and handshake termination. Signed-off-by: Jouni Malinen <j@w1.fi>
Diffstat (limited to 'wpa_supplicant/wpa_supplicant.conf')
-rw-r--r--wpa_supplicant/wpa_supplicant.conf2
1 files changed, 2 insertions, 0 deletions
diff --git a/wpa_supplicant/wpa_supplicant.conf b/wpa_supplicant/wpa_supplicant.conf
index 5c478b6..892e735 100644
--- a/wpa_supplicant/wpa_supplicant.conf
+++ b/wpa_supplicant/wpa_supplicant.conf
@@ -1210,6 +1210,8 @@ fast_reauth=1
# that have issues interoperating with updated TLS version)
# tls_disable_tlsv1_2=1 - disable use of TLSv1.2 (a workaround for AAA servers
# that have issues interoperating with updated TLS version)
+# tls_disable_tlsv1_3=1 - disable use of TLSv1.3 (a workaround for AAA servers
+# that have issues interoperating with updated TLS version)
# tls_ext_cert_check=0 - No external server certificate validation (default)
# tls_ext_cert_check=1 - External server certificate validation enabled; this
# requires an external program doing validation of server certificate