We need to backport the 'fragment_size' config option to RHEL5's wpa_supplicant 0.4.8. Without the ability to set the EAP fragment size to 1300 or less, we cannot successfully negotiate WPA Enterprise connections with the Cisco test hardware we have in-house; the authentication process just hangs. The change won't affect the _default_ fragment size, so default behavior is the same as before, but NetworkManager for example would set a lower fragment size than the default to ensure success on a wider range of AP hardware. Patch attached; tested with RHEL 5.1 on Dell Precision M6300 with ipw3945 and Cisco AIR-AP-1131AG.
Created attachment 291004 [details] backport of 'fragment_size' config option from 0.5.9
This request was evaluated by Red Hat Product Management for inclusion in a Red Hat Enterprise Linux maintenance release. Product Management has requested further review of this request by Red Hat Engineering, for potential inclusion in a Red Hat Enterprise Linux Update release for currently deployed products. This request is not yet committed for inclusion in an Update release.
QE: we've got all the hardware in-house and it's trivially easy to test as I've already got everything set up for WPA Enterprise stuff. Testing is just trying a wpa_supplicant config file with a network block for EAP-TLS both with and without the 'fragment_size=1300' option against a WPA-EAP setup.
Changes committed to RHEL5 branch
Verified with new NM & new wpa_supplicant on Dell precision M6300.
An advisory has been issued which should help the problem described in this bug report. This report is therefore being closed with a resolution of ERRATA. For more information on the solution and/or where to find the updated files, please follow the link below. You may reopen this bug report if the solution does not work for you. http://rhn.redhat.com/errata/RHBA-2008-0473.html