[pkg-wpa-devel] Bug#667706: Bug#667706: openssl 1.0.1 breaks wpa_supplicant

[Stefan Lippers-Hollmann]

Control: forcemerge 561081 -1

Hi

On Monday 13 August 2012, Raghav Krishnapriyan wrote:
> Applying the upstream patch Ben Kay refers to above fixes the problem for me.

That is not an "upstream patch" (as in, it's neither appled upstream 
nor condoned to be used on production systems), but merely a debugging 
patch, to find out where the remote RADIUS implementation fails. As far
as I understand the buglog so far, and I have no access to those 
failing networks, neither wpa_supplicant nor openssl are actually 
misbehaving. Rather than a bug in Debian, it appears that this 
particular commercial (apparently from Aruba) is behaving in a weird
way that breaks interoperability.

At this moment it is not clear if wpasupplicant/ openssl or the remote 
RADIUS implementation is at fault. Given that none of the Debian 
wpasupplicant maintainers have access to affected networks, the best 
curse of action is to work with upstream to debug this further. Maybe
there is a safe way to work around this quirky RADIUS implementation,
maybe there is an actual problem that needs to be fixed in that RADIUS
implementation. However just blindly disabling those checks might 
create more problems than it does solve.

Regards
	Stefan Lippers-Hollmann
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 198 bytes
Desc: This is a digitally signed message part.
URL: <http://lists.alioth.debian.org/pipermail/pkg-wpa-devel/attachments/20120813/edb7c575/attachment.pgp>