wpa_supplicant: Disable TLSv1.2 by default

Some Enterprise Authentication Servers do not support TLS v1.2. Move this option to Menuconfig and disable by default.
2020-04-30 11:37:42 +05:30 · 2020-04-30 11:37:42 +05:30 · bc7a34b494
commit bc7a34b494
parent ab81940982
3 changed files with 10 additions and 1 deletions
--- a/components/wpa_supplicant/CMakeLists.txt
+++ b/components/wpa_supplicant/CMakeLists.txt
@ -109,7 +109,6 @@ target_compile_definitions(${COMPONENT_LIB} PRIVATE
    ESPRESSIF_USE
    ESP32_WORKAROUND
    CONFIG_ECC
-    CONFIG_TLSV12
    CONFIG_SHA256
    CONFIG_IEEE80211W
    CONFIG_WPA3_SAE
--- a/components/wpa_supplicant/Kconfig
+++ b/components/wpa_supplicant/Kconfig
@ -6,4 +6,10 @@ menu "Supplicant"
        help
            Select this option to use MbedTLS crypto API's which utilize hardware acceleration.

+    config WPA_TLS_V12
+        bool "Enable TLS v1.2"
+        default n
+        help
+            Select this to enable TLS v1.2 for WPA2-Enterprise Authentication.
+
 endmenu
--- a/components/wpa_supplicant/port/include/supplicant_opt.h
+++ b/components/wpa_supplicant/port/include/supplicant_opt.h
@ -21,4 +21,8 @@
 #define USE_MBEDTLS_CRYPTO 1
 #endif

+#if CONFIG_WPA_TLS_V12
+#define CONFIG_TLSV12
+#endif
+
 #endif /* _SUPPLICANT_OPT_H */