|
@@ -620,6 +620,17 @@ int tlsv1_client_set_cipher_list(struct tlsv1_client *conn, u8 *ciphers)
|
|
|
suites[count++] = TLS_DH_anon_WITH_3DES_EDE_CBC_SHA;
|
|
|
suites[count++] = TLS_DH_anon_WITH_RC4_128_MD5;
|
|
|
suites[count++] = TLS_DH_anon_WITH_DES_CBC_SHA;
|
|
|
+
|
|
|
+ /*
|
|
|
+ * Cisco AP (at least 350 and 1200 series) local authentication
|
|
|
+ * server does not know how to search cipher suites from the
|
|
|
+ * list and seem to require that the last entry in the list is
|
|
|
+ * the one that it wants to use. However, TLS specification
|
|
|
+ * requires the list to be in the client preference order. As a
|
|
|
+ * workaround, ass anon-DH AES-128-SHA1 again at the end of the
|
|
|
+ * list to allow the Cisco code to find it.
|
|
|
+ */
|
|
|
+ suites[count++] = TLS_DH_anon_WITH_AES_128_CBC_SHA;
|
|
|
conn->num_cipher_suites = count;
|
|
|
}
|
|
|
|