Public bug reported: I am using Ubuntu Intrepid Ibex (8.10) with wpasupplicant version 0.6.4 (standard package provided by Ubuntu). I used to be able to connect to a WPA(2?) wireless connection in Ubuntu 7.04, yet now it won't work with 8.10. Let me give you some background info to be helpful: here is the connection/encryption details for the wireless network: (ref: http://connect.wm.edu/config_encryption/other/index.htm)
SSID W-M_Wireless_Encrypted Encryption WPA2 Enterprise 802.1x/EAP Type PEAP (Protected EAP) Authentication MS-CHAPv2 My hardware is a Dell Latitude D600 (the motherboard, at least) and the network card is an Intel IPW2200BG: /var/log # lspci 00:00.0 Host bridge: Intel Corporation 82855PM Processor to I/O Controller (rev 03) 00:01.0 PCI bridge: Intel Corporation 82855PM Processor to AGP Controller (rev 03) 00:1d.0 USB Controller: Intel Corporation 82801DB/DBL/DBM (ICH4/ICH4-L/ICH4-M) USB UHCI Controller #1 (rev 01) 00:1d.1 USB Controller: Intel Corporation 82801DB/DBL/DBM (ICH4/ICH4-L/ICH4-M) USB UHCI Controller #2 (rev 01) 00:1d.2 USB Controller: Intel Corporation 82801DB/DBL/DBM (ICH4/ICH4-L/ICH4-M) USB UHCI Controller #3 (rev 01) 00:1d.7 USB Controller: Intel Corporation 82801DB/DBM (ICH4/ICH4-M) USB2 EHCI Controller (rev 01) 00:1e.0 PCI bridge: Intel Corporation 82801 Mobile PCI Bridge (rev 81) 00:1f.0 ISA bridge: Intel Corporation 82801DBM (ICH4-M) LPC Interface Bridge (rev 01) 00:1f.1 IDE interface: Intel Corporation 82801DBM (ICH4-M) IDE Controller (rev 01) 00:1f.5 Multimedia audio controller: Intel Corporation 82801DB/DBL/DBM (ICH4/ICH4-L/ICH4-M) AC'97 Audio Controller (rev 01) 00:1f.6 Modem: Intel Corporation 82801DB/DBL/DBM (ICH4/ICH4-L/ICH4-M) AC'97 Modem Controller (rev 01) 01:00.0 VGA compatible controller: ATI Technologies Inc Radeon RV250 [Mobility FireGL 9000] (rev 02) 02:00.0 Ethernet controller: Broadcom Corporation NetXtreme BCM5705M Gigabit Ethernet (rev 03) 02:01.0 CardBus bridge: O2 Micro, Inc. OZ711EC1 SmartCardBus Controller (rev 20) 02:01.1 CardBus bridge: O2 Micro, Inc. OZ711EC1 SmartCardBus Controller (rev 20) 02:03.0 Network controller: Intel Corporation PRO/Wireless 2200BG [Calexico2] Network Connection (rev 05) I made wpa_supplicant to dump a lot of things (-ddd switch) and after a painstaking examination of the output log (/var/log/wpa_supplicant.eth1.log) I discovered that the error is in the "EAP-TLV" after the MS-CHAPv2 authenticaion was successfully done. Specifically, I use the following log output as a "bookmark": EAP: Received EAP-Request id=1 method=1 vendor=0 vendorMethod=0 where id goes up (1, 2, 3, ... etc). At id=9 the message says "success": EAP: Received EAP-Request id=9 method=25 vendor=0 vendorMethod=0 EAP: EAP entering state METHOD SSL: Received packet(len=91) - Flags 0x00 EAP-PEAP: received 85 bytes encrypted data for Phase 2 EAP-PEAP: Decrypted Phase 2 EAP - hexdump(len=47): ... (junked) EAP-PEAP: received Phase 2: code=1 identifier=9 length=51 EAP-PEAP: Phase 2 Request: type=26 EAP-MSCHAPV2: RX identifier 9 mschapv2_id 8 EAP-MSCHAPV2: Received success EAP-MSCHAPV2: Success message - hexdump_ascii(len=0): EAP-MSCHAPV2: Authentication succeeded But the next segment shows failure: EAP: Received EAP-Request id=10 method=25 vendor=0 vendorMethod= EAP: EAP entering state METHOD SSL: Received packet(len=107) - Flags 0x00 EAP-PEAP: received 101 bytes encrypted data for Phase 2 EAP-PEAP: Decrypted Phase 2 EAP - hexdump(len=71): ... (junked) EAP-PEAP: received Phase 2: code=1 identifier=10 length=71 EAP-PEAP: Phase 2 Request: type=33 EAP-TLV: Received TLVs - hexdump(len=66): ... (junked) EAP-PEAP: Cryptobinding TLV - hexdump(len=56): ... (junked) EAP-PEAP: TK - hexdump(len=60): [REMOVED] EAP-MSCHAPV2: Derived key - hexdump(len=32): [REMOVED] EAP-PEAP: ISK - hexdump(len=32): [REMOVED] EAP-PEAP: TempKey - hexdump(len=40): [REMOVED] EAP-PEAP: IMCK (IPMKj) - hexdump(len=60): [REMOVED] EAP-PEAP: IPMK (S-IPMKj) - hexdump(len=40): [REMOVED] EAP-PEAP: CMK (CMKj) - hexdump(len=20): [REMOVED] EAP-PEAP: Invalid Compound_MAC in cryptobinding TLV EAP-TLV: Result TLV - hexdump(len=2): 00 01 EAP-TLV: TLV Result - Success - EAP-TLV/Phase2 Completed EAP-TLV: Earlier failure - force failed Phase 2 See the "Invalid Compound_MAC" above? That's where the failure comes from. Looking at the source code (/tmp/wpasupplicant-0.6.4/src/eap_peer/eap_peap.c) the failure happens at subroutine eap_tlv_validate_cryptobinding. A simple web (google) search shows only the following page, which looks like relevant: http://social.technet.microsoft.com/Forums/en- US/winserverNAP/thread/a3f01cb1-4b34-4235-ad55-48b954baa5f4/ ----------- Now how come it could work in Ubuntu 7.04: A clue may be given by the following line in the verbose debugging output (also id=10): EAP-TLV: Unsupported TLV Type 12 Source file eap_common/eap_tlv_common.h gives TLV type 12 as EAP_TLV_CRYPTO_BINDING_TLV, indeed. If anything more can be supplied by me, please don't hesitate writing. I am anxious to get the WPA wireless working with Ubuntu 8.10 ! Wirawan ** Affects: wpasupplicant (Ubuntu) Importance: Undecided Status: New -- Cannot connect to Enterprise WPA2 wireless (Invalid Compound_MAC) https://bugs.launchpad.net/bugs/304126 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
