mirror of
https://github.com/vyos/vyos-build.git
synced 2025-10-01 20:28:40 +02:00
54a2f0aa70
After the fixes for T4537/T4584, which added a custom hostap package, wpa_supplicant no longer allows TLSv1.0 connections, which is required for EAP-TLS with certain ISPs. Previously, VyOS allowed TLSv1.0 via Debian's `allow-tlsv1.patch` patch. This commit reintroduces that patch for the custom hostap package. Signed-off-by: Andrew Gunnerson <chillermillerlong@hotmail.com>
31 lines
814 B
Bash
Executable File
31 lines
814 B
Bash
Executable File
#!/bin/sh
|
|
CWD=$(pwd)
|
|
set -e
|
|
|
|
SRC=hostap
|
|
SRC_DEB=wpa
|
|
|
|
if [ ! -d ${SRC} ]; then
|
|
echo "${SRC} directory does not exists, please 'git clone'"
|
|
exit 1
|
|
fi
|
|
if [ ! -d ${SRC_DEB} ]; then
|
|
echo "${SRC_DEB} directory does not exists, please 'git clone'"
|
|
exit 1
|
|
fi
|
|
|
|
echo "I: Copy Debian build instructions"
|
|
cp -a ${SRC_DEB}/debian ${SRC}
|
|
# Preserve Debian's default of allowing TLSv1.0 for compatibility
|
|
find ${SRC}/debian/patches -mindepth 1 ! -name allow-tlsv1.patch -delete
|
|
echo 'allow-tlsv1.patch' > ${SRC}/debian/patches/series
|
|
|
|
# Build Debian package
|
|
cd ${SRC}
|
|
echo "I: Create new Debian Package version"
|
|
version="$(git describe --tags | tr _ .)"
|
|
dch -v ${version:7} "New version to support AES-GCM-256 for MACsec" -b
|
|
|
|
echo "I: Build Debian hostap Package"
|
|
dpkg-buildpackage -us -uc -tc -b -Ppkg.wpa.nogui
|