[Bug 927615] New: wpa_supplicant failing in WPA2-EAP
http://bugzilla.opensuse.org/show_bug.cgi?id=927615 Bug ID: 927615 Summary: wpa_supplicant failing in WPA2-EAP Classification: openSUSE Product: openSUSE Factory Version: 201503* Hardware: armv7 OS: openSUSE 13.2 Status: NEW Severity: Normal Priority: P5 - None Component: Network Assignee: stefan.bruens@rwth-aachen.de Reporter: bwiedemann@suse.com QA Contact: qa-bugs@suse.de CC: glin@suse.com, ro@suse.com Found By: Development Blocker: --- In the Nuremberg SUSE office, we use WPA2-EAP for our WLAN. Using the latest published armv7 Factory version, this failed with an error message about SSLv3 -- You are receiving this mail because: You are on the CC list for the bug.
http://bugzilla.opensuse.org/show_bug.cgi?id=927615
Marcus Meissner
http://bugzilla.opensuse.org/show_bug.cgi?id=927615
--- Comment #2 from Stefan Brüns
http://bugzilla.opensuse.org/show_bug.cgi?id=927615
--- Comment #3 from Bernhard Wiedemann
http://bugzilla.opensuse.org/show_bug.cgi?id=927615
Stefan Brüns
http://bugzilla.opensuse.org/show_bug.cgi?id=927615
Bernhard Wiedemann
Does it happen after a fresh install or after an upgrade? both
Does it only happen on ARM? tested now that it also happens on x86_64.
Please provide the error message, as requested by Marcus. see attachment in comment #3
could be a regression in wpa_supplicant-2.3 or from some other changes in factory (openssl, wicked) -- You are receiving this mail because: You are on the CC list for the bug.
http://bugzilla.opensuse.org/show_bug.cgi?id=927615
--- Comment #6 from Ruediger Oertel
http://bugzilla.opensuse.org/show_bug.cgi?id=927615
Bernhard Wiedemann
http://bugzilla.opensuse.org/show_bug.cgi?id=927615
Pawel Wieczorkiewicz
OK, it turns out, that WPA2-EAP works fine when using NetworkManager + nm-applet
so it is probably something like wicked not properly passing the password to wpa_supplicant
just installing libopenssl1_0_0-hmac did not help.
Do not have time now to investigate. But it works perfectly fine on my machine with wicked and wpa_supplicant (also WPA-EAP case). which version of wicked are you using? Could you provide logs as described on the Bug portal? Isn't it a duplicate of: https://bugzilla.opensuse.org/show_bug.cgi?id=921218 ? -- You are receiving this mail because: You are on the CC list for the bug.
http://bugzilla.opensuse.org/show_bug.cgi?id=927615
--- Comment #9 from Pawel Wieczorkiewicz
OK, it turns out, that WPA2-EAP works fine when using NetworkManager + nm-applet
so it is probably something like wicked not properly passing the password to wpa_supplicant
just installing libopenssl1_0_0-hmac did not help.
Do not have time now to investigate. But it works perfectly fine on my machine with wicked and wpa_supplicant (also WPA-EAP case). which version of wicked are you using? Could you provide logs as described on the Bug portal? Isn't it a duplicate of: https://bugzilla.opensuse.org/show_bug.cgi?id=921218 ? -- You are receiving this mail because: You are on the CC list for the bug.
http://bugzilla.opensuse.org/show_bug.cgi?id=927615
--- Comment #10 from Bernhard Wiedemann
http://bugzilla.opensuse.org/show_bug.cgi?id=927615
--- Comment #11 from Bernhard Wiedemann
Isn't it a duplicate of: https://bugzilla.opensuse.org/show_bug.cgi?id=921218 ?
No, it does not start to work later. and only this EAP is broken. WPA2-PSK at home works fine. -- You are receiving this mail because: You are on the CC list for the bug.
http://bugzilla.opensuse.org/show_bug.cgi?id=927615
Bernhard Wiedemann
http://bugzilla.opensuse.org/show_bug.cgi?id=927615
--- Comment #14 from Pawel Wieczorkiewicz
And wicked/wpa_supplicant could handle the empty ANY value better.
There is no ANY value handling at wpa_supplicant AFAICS. There must be particular auth=$METHOD chosen and set in order to let wpa_supplicant continue authentication. What wicked could do is to determine the right, default phase2 method based on phase1 method. But that's something for later... -- You are receiving this mail because: You are on the CC list for the bug.
http://bugzilla.opensuse.org/show_bug.cgi?id=927615
--- Comment #15 from Bernhard Wiedemann
http://bugzilla.opensuse.org/show_bug.cgi?id=927615
--- Comment #16 from Pawel Wieczorkiewicz
I looked into 13.1 how the empty (aka "ANY") value worked and found something in /etc/sysconfig/network/scripts/ifup-wireless : eval EAP_AUTH=\$WIRELESS_EAP_AUTH$SUFFIX if [ -n "$EAP_AUTH" ]; then echo " phase2=\"auth=$EAP_AUTH\"" fi
so it seems, if you dont give phase2 details to wpa_supplicant it will figure it out.
This is also the case for wicked. See the: https://github.com/openSUSE/wicked/blob/master/src/wpa-supplicant.c#L1563 -- You are receiving this mail because: You are on the CC list for the bug.
http://bugzilla.opensuse.org/show_bug.cgi?id=927615
Pawel Wieczorkiewicz
http://bugzilla.opensuse.org/show_bug.cgi?id=927615
Pawel Wieczorkiewicz
The glitch has been identified at wicked after all.
Solution under review here: https://github.com/openSUSE/wicked/pull/553
Merged to master. Should be available with wicked 0.6.19 (to be released soon). -- You are receiving this mail because: You are on the CC list for the bug.
http://bugzilla.opensuse.org/show_bug.cgi?id=927615
--- Comment #19 from Pawel Wieczorkiewicz
(In reply to Pawel Wieczorkiewicz from comment #17)
The glitch has been identified at wicked after all.
Solution under review here: https://github.com/openSUSE/wicked/pull/553
Merged to master. Should be available with wicked 0.6.19 (to be released soon).
Forgot to mention that it will be available in network:wicked:master OBS repo in a couple of minutes ;-). -- You are receiving this mail because: You are on the CC list for the bug.
http://bugzilla.opensuse.org/show_bug.cgi?id=927615
http://bugzilla.opensuse.org/show_bug.cgi?id=927615#c20
Bernhard Wiedemann
participants (1)
-
bugzilla_noreply@novell.com