1245766 – Can't connect to 802.1x WPA2 Enterprise WIFI with wpa_supplicant version 2.4

Bug 1245766 - Can't connect to 802.1x WPA2 Enterprise WIFI with wpa_supplicant version 2.4

Summary: Can't connect to 802.1x WPA2 Enterprise WIFI with wpa_supplicant version 2.4

Keywords:
Status:	CLOSED DUPLICATE of bug 1241930
Alias:	None
Product:	Fedora
Classification:	Fedora
Component:	wpa_supplicant
Sub Component:
Version:	22
Hardware:	x86_64
OS:	Linux
Priority:	unspecified
Severity:	high
Target Milestone:	---
Assignee:	Dan Williams
QA Contact:	Fedora Extras Quality Assurance
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2015-07-22 17:11 UTC by Andreas Petzold
Modified:	2015-10-02 16:51 UTC (History)
CC List:	10 users (show)
Fixed In Version:
Clone Of:
Environment:
Last Closed:	2015-10-02 16:51:16 UTC
Type:	Bug
Embargoed:
Dependent Products:

Attachments	(Terms of Use)
journalctl log for NetworkManager (32.94 KB, text/plain) 2015-08-12 16:32 UTC, David Barton	no flags	Details
journalctl log for wpa_supplicant (454 bytes, text/plain) 2015-08-12 16:33 UTC, David Barton	no flags	Details
wpa_supplicant's own log (9.64 KB, text/plain) 2015-08-12 16:33 UTC, David Barton	no flags	Details
View All

Description Andreas Petzold 2015-07-22 17:11:25 UTC

Description of problem:

I can't connect to the local WPA2 Enterprise secured WIFI with wpa_supplicant 2.4. Downgrading to 2.3 fixes the problem 

Version-Release number of selected component (if applicable):

2.4-3

How reproducible:

Always

Steps to Reproduce:
1. Set up a WPA2 Enterprise WIFI connection with NetworkManager
2. Try to connect
3.

Actual results:

Connection to WIFI fails.

Expected results:

Connection to WIFI works.

Additional info:

Downgrading to 2.3-3 fixes the problem immediately.

Comment 1 Andreas Petzold 2015-07-23 12:14:01 UTC

I've found another reference to the problem:

http://lists.opensuse.org/opensuse-factory/2015-05/msg00276.html

Comment 2 David Barton 2015-08-04 10:08:57 UTC

As described in <http://www.fangxiang.tk/2015/05/11/gentoo-downgrade-package/> there are several possible solutions, the best one being that the wireless network operator upgrades their authentication server to a version with fewer bugs. Obviously we can't all do this so it would be nice to have a more graceful fallback...

Comment 3 Jirka Klimes 2015-08-11 09:14:22 UTC

Would you attach logs so that we can see what was happening?
# journalctl -b 0 -u NetworkManager
# journalctl -b 0 -u wpa_supplicant

Comment 4 David Barton 2015-08-12 16:32:49 UTC

Created attachment 1062100 [details]
journalctl log for NetworkManager

Comment 5 David Barton 2015-08-12 16:33:22 UTC

Created attachment 1062101 [details]
journalctl log for wpa_supplicant

Comment 6 David Barton 2015-08-12 16:33:59 UTC

Created attachment 1062102 [details]
wpa_supplicant's own log

Comment 7 David Barton 2015-08-12 16:35:57 UTC

Logs added as requested - it's almost certainly a server side problem due to a buggy TLS 1.2 implementation (various references are available on the web, a buggy Open Radius server or something like that); it seems particularly common at universities... Sadly I'm not at liberty to change anything server side.

Comment 8 Ville Skyttä 2015-10-02 16:51:16 UTC


*** This bug has been marked as a duplicate of bug 1241930 ***

Note You need to log in before you can comment on or make changes to this bug.