Patch wpa_supplicant to support Tradebyte wifi

Tradebyte access points use legacy crypto. This patch makes it possible to establish a network connection.
2023-02-01 21:31:51 +00:00 · 2023-02-01 21:31:51 +00:00 · f66217770b
commit f66217770b
parent 0093fdb0be
2 changed files with 25 additions and 2 deletions
--- a/modules/nix.nix
+++ b/modules/nix.nix
@ -1,4 +1,4 @@
-{ pkgs, inputs, system, ... }:
+{ config, lib, pkgs, inputs, system, ... }:

 {
  nix = {
@ -30,7 +30,21 @@
        config = prev.config;
      };
    })
+  ]
+  # Tradebyte access points use legacy crypto
+  ++ lib.optional config.myConfig.tradebyte.enable (
+    final: prev:
+      let
+        inherit (prev) callPackage;
+      in
+      {
+        wpa_supplicant = prev.wpa_supplicant.overrideAttrs (attrs: {
+          patches = attrs.patches ++ [
+            ./wpa_supplicant/SSL_CTX_set_options-SSL_OP_LEGACY_SERVER_CONNECT.patch
          ];
+        });
+      }
+  );

  environment.systemPackages = with pkgs; [
    cached-nix-shell
--- a/modules/wpa_supplicant/SSL_CTX_set_options-SSL_OP_LEGACY_SERVER_CONNECT.patch
+++ b/modules/wpa_supplicant/SSL_CTX_set_options-SSL_OP_LEGACY_SERVER_CONNECT.patch
@ -0,0 +1,9 @@
+--- wpa_supplicant-2.10/src/crypto/tls_openssl.c	2022-01-16 15:51:29.000000000 -0500
+++ src/crypto/tls_openssl.c.legacy	2022-09-29 10:10:02.999974141 -0400
+@@ -1048,7 +1048,7 @@
+
+ 	SSL_CTX_set_options(ssl, SSL_OP_NO_SSLv2);
+ 	SSL_CTX_set_options(ssl, SSL_OP_NO_SSLv3);
+-
+	SSL_CTX_set_options(ssl, SSL_OP_LEGACY_SERVER_CONNECT);
+ 	SSL_CTX_set_mode(ssl, SSL_MODE_AUTO_RETRY);