Comment 62 for bug 969343

I'm pretty sure the problem I had with connecting to my 802.1x network had something to do with one of the new TLS extensions that was enabled. It was pretty clear gnutls's TLS support isn't as complete as openssl's (fewer extensions, fewer supported ciphers). My packet inspections showed the version of openssl that shipped with 12.04 enabled several new extensions when compared to the 11.10 version of openssl or gnutls.

It'd be useful if there was a version wpasupplicant that would allows easily changing which extensions are enabled so we can see which access points support which extensions.

Would it be too obnoxious to add a configuration option to wpa supplicant that allows manually twiddling flags on the SSL_set_options(conn->ssl, options); call? Or would it be better to come up some test tool that can test the various combinations of extensions with 802.1x authentication?