[Bug 472828] New: knetworkmanager (kde3) does not remember/use specified CA certificate
https://bugzilla.novell.com/show_bug.cgi?id=472828 Summary: knetworkmanager (kde3) does not remember/use specified CA certificate Classification: openSUSE Product: openSUSE 11.1 Version: Final Platform: x86 OS/Version: openSUSE 11.1 Status: NEW Severity: Normal Priority: P5 - None Component: KDE3 AssignedTo: kde-maintainers@suse.de ReportedBy: robin.knapp@fujitsu-siemens.com QAContact: qa@suse.de Found By: --- User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; de; rv:1.9.0.6) Gecko/2009011913 Firefox/3.0.6 I helped a colleague to set up a wireless connection using WPA-EAP (PEAP) with a custom root CA certificate. After some hours we finally figured out that knetworkmanager does not accept the certificate. First, looking at /var/log/NetworkManager, we see that ca_cert is set to "/etc/ssl/certs". Seconds, the certificate is not stored in the knetworkmanagerrc file, editing a connection doesn't show the certificate, too. Reproducible: Always Steps to Reproduce: 1. create new wpa-eap (peap) connection 2. select a root CA certificate in binary .cer format 3a. connect and watch /var/log/NetworkManager 3b. edit saved connection 3c. view knetworkmanagerc Actual Results: 3a: /var/log/NetworkManager: ca_cert is set to /etc/ssl/certs 3b: edit connection: root ca widget is empty 3c: knetworkmanagerrc does not contain the selected cert file Expected Results: 3a: /var/log/NetworkManager: ca_cert set to custom ca file 3b: edit connection: root ca widget contains specified certificate 3c: knetworkmanagerrc contains the path to custom ca certificate I have no logs/configuration files available right now but can create some, if you really need them, but IMHO this looks like a very obvious bug in the GUI. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=472828 User robin.knapp@fujitsu-siemens.com added comment https://bugzilla.novell.com/show_bug.cgi?id=472828#c1 --- Comment #1 from Robin Knapp <robin.knapp@fujitsu-siemens.com> 2009-02-05 06:03:37 MST --- Maybe this is related: We are not using kwallet, knetworkmanager did not even ask for it if I remember correctly -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=472828 User novell@moonlightdesign.org added comment https://bugzilla.novell.com/show_bug.cgi?id=472828#c2 Steven Lawrance <novell@moonlightdesign.org> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |novell@moonlightdesign.org --- Comment #2 from Steven Lawrance <novell@moonlightdesign.org> 2009-02-16 13:38:20 MST --- This happens to me, too, though with a twist. My knetworkmanagerrc file contains the CA certificate file path, but the editor UI shows it as a blank field. Using ifup/ifdown works perfectly, and NetworkManager has been broken for me since openSUSE 11.0. I was hoping things would work in 11.1, but no such luck, unfortunately :-(. When I have more time, I'll try to examine what is problematic about knetworkmanager on my Dell and HP laptops (they exhibit the same symptoms and use different wireless network adapters). I'll also comment in the appropriate bugs after doing that. Hopefully, I'll have some patches, too. I'm guessing the latest repository exists at http://websvn.kde.org/branches/extragear/kde3/network/knetworkmanager/ , though it appears to be very old. http://download.opensuse.org/repositories/home:/hschaa/openSUSE_Factory/src/ appears to be the latest and greatest, though it also doesn't work for me. For what it's worth, I get the following errors in /var/log/NetworkManager when I try to connect to my network on my HP laptop, which uses TLS with a client certificate. It works perfectly with ifup/ifdown configured within YaST, but not so with NetworkManager. I turned off NetworkManager via YaST at the end of the log. Feb 16 12:28:56 hp NetworkManager: <info> starting... Feb 16 12:28:56 hp NetworkManager: <WARN> nm_generic_enable_loopback(): error -17 returned from rtnl_addr_add(): Sucess Feb 16 12:28:56 hp NetworkManager: nm_device_ethernet_new: assertion `driver != NULL' failed Feb 16 12:28:56 hp NetworkManager: nm_device_ethernet_new: assertion `driver != NULL' failed Feb 16 12:28:56 hp NetworkManager: <info> eth0: driver is 'forcedeth'. Feb 16 12:28:56 hp NetworkManager: <info> Found new Ethernet device 'eth0'. Feb 16 12:28:56 hp NetworkManager: <info> (eth0): exported as /org/freedesktop/Hal/devices/net_00_1b_24_cf_b2_72 Feb 16 12:28:56 hp NetworkManager: <info> wlan0: driver is 'b43-pci-bridge'. Feb 16 12:28:56 hp NetworkManager: <info> wlan0: driver supports SSID scans (scan_capa 0x01). Feb 16 12:28:56 hp NetworkManager: <info> Found new 802.11 WiFi device 'wlan0'. Feb 16 12:28:56 hp NetworkManager: <info> (wlan0): exported as /org/freedesktop/Hal/devices/net_00_1a_73_ae_c5_b3 Feb 16 12:28:57 hp NetworkManager: <WARN> connection_get_settings_cb(): connection_get_settings_cb: Invalid connection: 'NMSetting8021x' / 'client-cert' invalid: 2 Feb 16 12:28:57 hp NetworkManager: <WARN> connection_get_settings_cb(): connection_get_settings_cb: Invalid connection: 'NMSetting8021x' / 'client-cert' invalid: 2 Feb 16 12:29:00 hp NetworkManager: <info> (eth0): device state change: 1 -> 2 Feb 16 12:29:00 hp NetworkManager: <info> (eth0): bringing up device. Feb 16 12:29:00 hp NetworkManager: <info> (eth0): preparing device. Feb 16 12:29:00 hp NetworkManager: <info> (eth0): deactivating device (reason: 2). Feb 16 12:29:00 hp NetworkManager: <info> (wlan0): device state change: 1 -> 2 Feb 16 12:29:00 hp NetworkManager: <info> (wlan0): bringing up device. Feb 16 12:29:00 hp NetworkManager: <info> (wlan0): preparing device. Feb 16 12:29:00 hp NetworkManager: <info> (wlan0): deactivating device (reason: 2). Feb 16 12:29:00 hp NetworkManager: <info> (wlan0): device state change: 2 -> 3 Feb 16 12:29:00 hp NetworkManager: <info> (wlan0): supplicant interface state: starting -> ready Feb 16 12:29:39 hp NetworkManager: connection_updated_cb: assertion `old_connection != NULL' failed Feb 16 12:29:39 hp NetworkManager: connection_updated_cb: assertion `old_connection != NULL' failed Feb 16 12:29:53 hp NetworkManager: <WARN> wait_for_connection_expired(): Connection (2) /org/freedesktop/NetworkManagerSettings/Connection/1 failed to activate (timeout): (0) Connection was not provided by any settings service Feb 16 12:30:39 hp NetworkManager: <WARN> nm_signal_handler(): Caught signal 15, shutting down normally. Feb 16 12:30:39 hp NetworkManager: <info> (eth0): now unmanaged Feb 16 12:30:39 hp NetworkManager: <info> (eth0): device state change: 2 -> 1 Feb 16 12:30:39 hp NetworkManager: <info> (eth0): cleaning up... Feb 16 12:30:39 hp NetworkManager: <info> (eth0): taking down device. Feb 16 12:30:39 hp NetworkManager: <info> (wlan0): now unmanaged Feb 16 12:30:39 hp NetworkManager: <info> (wlan0): device state change: 3 -> 1 Feb 16 12:30:39 hp NetworkManager: <info> (wlan0): cleaning up... Feb 16 12:30:39 hp NetworkManager: <info> (wlan0): taking down device. Feb 16 12:30:39 hp NetworkManager: <info> disconnected by the system bus. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=472828 User robin.knapp@fujitsu-siemens.com added comment https://bugzilla.novell.com/show_bug.cgi?id=472828#c3 --- Comment #3 from Robin Knapp <robin.knapp@fujitsu-siemens.com> 2009-02-17 02:06:17 MST --- This seems to be a totally different bug. If it's a broken configuration file carried over during an update, you can try the following (as user): 1. pkill knetworkmanager 2. mv $HOME/.kde/share/config/knetworkmanagerrc{,.save} 3. knetworkmanager But that's imho not related to the CA bug, so you should open a new bug report for this problem. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=472828 User grmela@gmail.com added comment https://bugzilla.novell.com/show_bug.cgi?id=472828#c4 Jan Grmela <grmela@gmail.com> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |grmela@gmail.com --- Comment #4 from Jan Grmela <grmela@gmail.com> 2009-02-17 02:10:38 MST --- I can confirm this behaviour. On my university, we use WPA-TLS with a client and root certificate and I'm unable to connect when using NetworkManager-kde either from the mentioned OBS repository or from openSUSE-factory. The certificate fields are always blank after saving the settings. I've also tried the Gnome nm-applet, it works fine. The problem is clearly inside the KNetworkManager. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=472828 Stephan Binner <stbinner@novell.com> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |hschaa@novell.com Component|KDE3 |Mobile Devices AssignedTo|kde-maintainers@suse.de |anaumov@novell.com -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
participants (1)
-
bugzilla_noreply@novell.com