[pkg-wpa-devel] Bug#668612: Bug#668612: wpasupplicant: ssl bad certificate
Luis Fernando Llana Díaz
luis at ramonvazquez.net
Thu May 24 17:37:44 UTC 2012
Hello,
I have tried installing the ubuntu versions. I could not install any
version directly. But I have extracted the version from natty
wpasupplicant_0.7.3-0ubuntu1_i386.deb in a custom directory and it
works:
# /opt/wpa/wpa_supplicant/sbin/wpa_supplicant -Dnl80211 -iwlan0
-c /home/luis/kimba/cvs/config/wpa_eduroam.conf
Trying to authenticate with 00:1f:45:e4:e1:69 (SSID='eduroam' freq=2432
MHz)
Trying to associate with 00:1f:45:e4:e1:69 (SSID='eduroam' freq=2432
MHz)
Associated with 00:1f:45:e4:e1:69
CTRL-EVENT-EAP-STARTED EAP authentication started
CTRL-EVENT-EAP-PROPOSED-METHOD vendor=0 method=21
CTRL-EVENT-EAP-METHOD EAP vendor 0 method 21 (TTLS) selected
CTRL-EVENT-EAP-PEER-CERT depth=2 subject='/C=US/ST=UT/L=Salt Lake
City/O=The USERTRUST
Network/OU=http://www.usertrust.com/CN=UTN-USERFirst-Hardware'
CTRL-EVENT-EAP-PEER-CERT depth=2 subject='/C=US/ST=UT/L=Salt Lake
City/O=The USERTRUST
Network/OU=http://www.usertrust.com/CN=UTN-USERFirst-Hardware'
CTRL-EVENT-EAP-PEER-CERT depth=1 subject='/C=NL/O=TERENA/CN=TERENA SSL
CA'
CTRL-EVENT-EAP-PEER-CERT depth=0 subject='/C=ES/O=Universidad
Complutense de Madrid/CN=sbr.ucm.es'
CTRL-EVENT-EAP-SUCCESS EAP authentication completed successfully
WPA: Key negotiation completed with 00:1f:45:e4:e1:69 [PTK=CCMP
GTK=CCMP]
CTRL-EVENT-CONNECTED - Connection to 00:1f:45:e4:e1:69 completed (auth)
[id=0 id_str=]
Luis.
El mié, 23-05-2012 a las 01:56 +0200, Stefan Lippers-Hollmann escribió:
> reopen 668612
> forcemerge 668612 561081 579297
> tags 668612 + help
> thanks
>
> Hi
>
> On Wednesday 23 May 2012, Luis Fernando Llana DÃaz wrote:
> > Hi Stefan,
> > I am sorry, today I am a bit sick..... what I wrote is wrong
> > What I meant to say is that it worked with the old version that I
> > downloaded from squeeze. But it does NOT work with the version from
> > unstable. I am sorry for the mistake. I can help you debugging this
> > problem because I am really interested in making this work. I have tried
> > with nl80211, but it neither works.
>
> Like I mentioned in my previous mail, the best option would be to find
> a system using wpasupplicant >= 0.7.x that is working, ideally Fedora,
> OpenSuSE, eventually Mandriva/ Mageia - Ubuntu is most likely too
> similar to Debian. Ideally we could also test to build wpa 1.0 against
> libssl-dev 0.9.8 XOR gnutls and to rebuild wpasupplicant 0.6.10 against
> libssl 1.0.0, but there are a couple of changes which make this
> relatively difficult.
>
> We also can't rule out misconfiguration yet, because I don't see other
> contemporary distros packaging wpasupplicant significantly different…
> Given these bugreports and assuming that other distros are using
> comparable versions of wpasupplicant and openssl, I find it hard t
> believe that it's broken for everyone using (contemporary) linux and
> eduroam.
>
> Given that no one of us has access to eduroam installs ourselves, nor
> have enough information to recreate an eduroam test environment, we
> have very limited options to debug this particular issue.
> wpa_supplicant upstream might have more experience to debug this
> problem with you, but the imho the first attempt should be to find
> other linux users at your institution who might have some advice about
> configuration problems.
>
> Regards
> Stefan Lippers-Hollmann
More information about the Pkg-wpa-devel
mailing list