Launchpad has imported 6 comments from the remote bug at https://bugzilla.redhat.com/show_bug.cgi?id=798187.
If you reply to an imported comment from within Launchpad, your comment will be sent to the remote bug automatically. Read more about Launchpad's inter-bugtracker facilities at https://help.launchpad.net/InterBugTracking. ------------------------------------------------------------------------ On 2012-02-28T09:29:00+00:00 Fabrice wrote: Created attachment 566264 with openssl-1.0.0g-1.fc17.x86_64 Authentication in wpa_supplicant fails with openssl-1.0.1-0.1.beta2.fc17.x86_64 (security : wpa/wpa2 enterprise, authentication ttls). Here is the output of wpa_supplicant, debug enabled, with current openssl and with previous version. The authentication problem occurs just after the occurence of "no matching PMKID found" Reply at: https://bugs.launchpad.net/ubuntu/+source/wpasupplicant/+bug/969343/comments/0 ------------------------------------------------------------------------ On 2012-02-28T09:29:59+00:00 Fabrice wrote: Created attachment 566265 with openssl-1.0.1-0.1.beta2.fc17.x86_64 Reply at: https://bugs.launchpad.net/ubuntu/+source/wpasupplicant/+bug/969343/comments/1 ------------------------------------------------------------------------ On 2012-02-29T08:25:14+00:00 Tomas wrote: The problem is indicated by this line: EAP-TTLS: Failed to derive key This message means that eap_peer_tls_derive_key() function failed. I'd need more low level debugging output to find out which function called from OpenSSL library fails or behaves differently. I suppose it is related to the new TLS-1.2 support in openssl-1.0.1. Perhaps the wpa_supplicant should forcibly limit the TLS version to 1.0? Reassingning to wpa_supplicant for better insight from wpa_supplicant maintainers. Reply at: https://bugs.launchpad.net/ubuntu/+source/wpasupplicant/+bug/969343/comments/2 ------------------------------------------------------------------------ On 2013-04-03T14:23:34+00:00 Fedora wrote: This bug appears to have been reported against 'rawhide' during the Fedora 19 development cycle. Changing version to '19'. (As we did not run this process for some time, it could affect also pre-Fedora 19 development cycle bugs. We are very sorry. It will help us with cleanup during Fedora 19 End Of Life. Thank you.) More information and reason for this action is here: https://fedoraproject.org/wiki/BugZappers/HouseKeeping/Fedora19 Reply at: https://bugs.launchpad.net/ubuntu/+source/wpasupplicant/+bug/969343/comments/143 ------------------------------------------------------------------------ On 2015-01-09T17:02:29+00:00 Fedora wrote: This message is a notice that Fedora 19 is now at end of life. Fedora has stopped maintaining and issuing updates for Fedora 19. It is Fedora's policy to close all bug reports from releases that are no longer maintained. Approximately 4 (four) weeks from now this bug will be closed as EOL if it remains open with a Fedora 'version' of '19'. Package Maintainer: If you wish for this bug to remain open because you plan to fix it in a currently maintained version, simply change the 'version' to a later Fedora version. Thank you for reporting this issue and we are sorry that we were not able to fix it before Fedora 19 is end of life. If you would still like to see this bug fixed and are able to reproduce it against a later version of Fedora, you are encouraged change the 'version' to a later Fedora version prior this bug is closed as described in the policy above. Although we aim to fix as many bugs as possible during every release's lifetime, sometimes those efforts are overtaken by events. Often a more recent Fedora release includes newer upstream software that fixes bugs or makes them obsolete. Reply at: https://bugs.launchpad.net/ubuntu/+source/wpasupplicant/+bug/969343/comments/151 ------------------------------------------------------------------------ On 2015-01-13T12:30:14+00:00 Fabrice wrote: I cannot reproduce the bug with current versions. So closing this bz. Reply at: https://bugs.launchpad.net/ubuntu/+source/wpasupplicant/+bug/969343/comments/152 ** Changed in: wpasupplicant (Fedora) Status: Unknown => Invalid ** Changed in: wpasupplicant (Fedora) Importance: Unknown => Undecided -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to wpa in Ubuntu. https://bugs.launchpad.net/bugs/969343 Title: Unable to connect to WPA enterprise wireless Status in OEM Priority Project: Fix Released Status in OEM Priority Project precise series: Fix Released Status in OpenSSL: New Status in wpa_supplicant: In Progress Status in openssl package in Ubuntu: Invalid Status in wpa package in Ubuntu: Fix Released Status in wpasupplicant package in Ubuntu: Invalid Status in openssl source package in Precise: Invalid Status in wpa source package in Precise: Invalid Status in wpasupplicant source package in Precise: Fix Released Status in wpa package in Debian: Fix Released Status in openssl package in Fedora: New Status in wpasupplicant package in Fedora: Invalid Bug description: [Impact] Breaks 802.1x (PEAP) authentication for wireless networks using specific authentication servers and/or AP hardware. Aruba network devices specifically are known to be affected; and is a popular device type used in enterprises to secure wireless networks. [Test Case] This issue is hardware specific and may or may not be limited to Aruba authentication servers. 1) Attempt to connect / authenticate to a wireless, 802.1x network requiring Protected EAP (or possibly other auth mechanisms). 2) (optionally) Watch SSL traffic between the station and authentication server using wireshark/tcpdump, looking for auth failures and the extensions passed. [Regression Potential] Since this changes the SSL extensions and options used to connect to 802.1x wireless networks; some networks specifically configured to request or make use of the session ticket extension could be made impossible to successfully authenticate to; up to the point where multiple connection failures could lock the accounts used in highly-restricted networks. Also, there is a potential (again, due to the change in SSL options) for other networks (using specific AP hardware) that don't support the extensions used to fail authentication. --- Using identical settings as in 11.10, I am unable to make a wpa enterprise connection using xubuntu precise beta 2. This is a Lenovo X220 with a Centrino Advanced-N 6205 wireless interface. During the attempted logon, I am not presented with a certificate to approve, although wireless instructions for OSX suggest that I should be. However, I never had to approve a certificate when connecting with 11.10 -- I just ignored the certificate screen and everything worked. This seems like the relevant excerpt from syslog: Mar 30 10:39:01 fin8344m2 wpa_supplicant[1116]: Trying to associate with 00:11:92:3e:79:80 (SSID='Northwestern' freq=2462 MHz) Mar 30 10:39:01 fin8344m2 NetworkManager[848]: <info> (wlan0): supplicant interface state: scanning -> associating Mar 30 10:39:01 fin8344m2 kernel: [ 2201.940422] wlan0: authenticated Mar 30 10:39:01 fin8344m2 kernel: [ 2201.940974] wlan0: associate with 00:11:92:3e:79:80 (try 1) Mar 30 10:39:01 fin8344m2 kernel: [ 2201.943165] wlan0: RX ReassocResp from 00:11:92:3e:79:80 (capab=0x431 status=0 aid=222) Mar 30 10:39:01 fin8344m2 kernel: [ 2201.943174] wlan0: associated Mar 30 10:39:01 fin8344m2 wpa_supplicant[1116]: Associated with 00:11:92:3e:79:80 Mar 30 10:39:01 fin8344m2 wpa_supplicant[1116]: CTRL-EVENT-EAP-STARTED EAP authentication started Mar 30 10:39:01 fin8344m2 NetworkManager[848]: <info> (wlan0): supplicant interface state: associating -> associated Mar 30 10:39:01 fin8344m2 wpa_supplicant[1116]: CTRL-EVENT-EAP-PROPOSED-METHOD vendor=0 method=25 Mar 30 10:39:01 fin8344m2 wpa_supplicant[1116]: CTRL-EVENT-EAP-METHOD EAP vendor 0 method 25 (PEAP) selected Mar 30 10:39:01 fin8344m2 wpa_supplicant[1116]: SSL: SSL3 alert: read (remote end reported an error):fatal:bad certificate Mar 30 10:39:01 fin8344m2 wpa_supplicant[1116]: OpenSSL: openssl_handshake - SSL_connect error:14094412:SSL routines:SSL3_READ_BYTES:sslv3 alert bad certificate Mar 30 10:39:01 fin8344m2 wpa_supplicant[1116]: CTRL-EVENT-EAP-FAILURE EAP authentication failed Mar 30 10:39:01 fin8344m2 kernel: [ 2201.969742] wlan0: deauthenticated from 00:11:92:3e:79:80 (Reason: 23) ProblemType: Bug DistroRelease: Ubuntu 12.04 Package: network-manager 0.9.4.0-0ubuntu1 ProcVersionSignature: Ubuntu 3.2.0-20.33-generic 3.2.12 Uname: Linux 3.2.0-20-generic x86_64 ApportVersion: 2.0-0ubuntu1 Architecture: amd64 Date: Fri Mar 30 10:34:13 2012 IfupdownConfig: auto lo iface lo inet loopback InstallationMedia: Xubuntu 12.04 LTS "Precise Pangolin" - Beta amd64 (20120328) NetworkManager.state: [main] NetworkingEnabled=true WirelessEnabled=true WWANEnabled=true WimaxEnabled=true ProcEnviron: LANGUAGE=en_US:en TERM=xterm LANG=en_US.UTF-8 SHELL=/bin/bash RfKill: 0: phy0: Wireless LAN Soft blocked: no Hard blocked: no SourcePackage: network-manager UpgradeStatus: No upgrade log present (probably fresh install) nmcli-con: Error: command ['nmcli', '-f', 'all', 'con'] failed with exit code 1: Error: Can't obtain connections: settings service is not running. To manage notifications about this bug go to: https://bugs.launchpad.net/oem-priority/+bug/969343/+subscriptions -- Mailing list: https://launchpad.net/~desktop-packages Post to : desktop-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~desktop-packages More help : https://help.launchpad.net/ListHelp