Revert "Disable TLS 1.2 by default. Causes MPPE key mismatches with eapol_test."

This reverts commit d541351bba3f874bcb9d51483679970981892c49.

No longer necessary after previous commit

diff --git a/src/modules/rlm_eap/types/rlm_eap_tls/rlm_eap_tls.c b/src/modules/rlm_eap/types/rlm_eap_tls/rlm_eap_tls.c
index 5780045..a958d04 100644 (file)
--- a/src/modules/rlm_eap/types/rlm_eap_tls/rlm_eap_tls.c
+++ b/src/modules/rlm_eap/types/rlm_eap_tls/rlm_eap_tls.c
@@ -144,14 +144,9 @@ static CONF_PARSER module_config[] = {
        { "disable_tlsv1_1", PW_TYPE_BOOLEAN,
          offsetof(EAP_TLS_CONF, disable_tlsv1_1), NULL, NULL },
 #endif
-
-       /*
-        * @fixme Disabled because using TLS1.2 seems to cause MPPE key issues with eapol_test
-        * need to fix FreeRADIUS or wpa_supplicant.
-        */
 #ifdef SSL_OP_NO_TLSv1_2
        { "disable_tlsv1_2", PW_TYPE_BOOLEAN,
-         offsetof(EAP_TLS_CONF, disable_tlsv1_2), NULL, "yes" },
+         offsetof(EAP_TLS_CONF, disable_tlsv1_2), NULL, NULL },
 #endif
 
        { "cache", PW_TYPE_SUBSECTION, 0, NULL, (const void *) cache_config },
@@ -1170,7 +1165,7 @@ static SSL_CTX *init_tls_ctx(EAP_TLS_CONF *conf)
 #endif
 
 #ifdef SSL_OP_NO_TICKET
-       ctx_options |= SSL_OP_NO_TICKET;
+       ctx_options |= SSL_OP_NO_TICKET ;
 #endif
 
        /*