Bug 445369 - No security option to choose from when connecting to a WPA2 network
No security option to choose from when connecting to a WPA2 network
Status: CLOSED NEXTRELEASE
Product: Fedora
Classification: Fedora
Component: NetworkManager (Show other bugs)
9
All Linux
low Severity medium
: ---
: ---
Assigned To: Dan Williams
Fedora Extras Quality Assurance
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2008-05-06 10:56 EDT by Rui Matos
Modified: 2009-03-08 15:32 EDT (History)
3 users (show)

See Also:
Fixed In Version: 0.7.0.99-1.fc10
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2009-03-08 15:32:57 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Rui Matos 2008-05-06 10:56:12 EDT
I'm using version NetworkManager-0.7.0-0.6.8.svn3623.fc8.x86_64

When connecting to my university network the applet's dialog that comes up
asking for the security mode and data is empty. I.e. the combobox has no entries
to choose from.

NM itself does not log anything while nm-applet says:

** (nm-applet:28505): WARNING **: Error in sleep: Already awake

** (nm-applet:28505): WARNING **: verify_ttls: missing identity or anonymous
identity

** (nm-applet:28505): WARNING **: Invalid connection given.

** (nm-applet:28505): WARNING **: <WARN>  applet_menu_item_activate_helper():
Invalid connection; asking for more information.


** (nm-applet:28505): WARNING **: security_combo_changed: no active security
combo box item.


Before this svn version it did work (modulo random drivers disconnections),
asking for all the user data required to connect to this network.

This wpa_configuration works manually:

network={
        ssid="eduroam"
        key_mgmt=WPA-EAP
        eap=PEAP
        identity="********"
        password="********"
        phase2="auth=MSCHAPV2"
}
Comment 1 Rui Matos 2008-07-15 20:22:55 EDT
BTW, this is still the case on F9 with

NetworkManager-0.7.0-0.10.svn3747.fc9.x86_64
Comment 2 Rui Matos 2008-07-25 10:40:11 EDT
Still happening with svn3830. I've locally hacked nm-applet with this patch:

diff --git a/src/wireless-dialog.c b/src/wireless-dialog.c
index a826317..c45c525 100644
--- a/src/wireless-dialog.c
+++ b/src/wireless-dialog.c
@@ -818,6 +818,10 @@ security_combo_init (NMAWirelessDialog *self)
                }
        }
 
+        g_message ("dev_caps: %x", dev_caps);
+        g_message ("ap_flags: %x", ap_flags);
+        g_message ("ap_wpa: %x", ap_wpa);
+        g_message ("ap_rsn: %x", ap_rsn);
        if (   nm_utils_security_valid (NMU_SEC_WPA_ENTERPRISE, dev_caps,
!!priv->ap, is_adhoc, ap_flags, ap_wpa, ap_rsn)
            || nm_utils_security_valid (NMU_SEC_WPA2_ENTERPRISE, dev_caps,
!!priv->ap, is_adhoc, ap_flags, ap_wpa, ap_rsn)) {
                WirelessSecurityWPAEAP *ws_wpa_eap;

and got this output:

** Message: dev_caps: 3f
** Message: ap_flags: 0
** Message: ap_wpa: 244
** Message: ap_rsn: 0
Comment 3 Rui Matos 2008-07-25 10:55:20 EDT
Just to make sure I told it to print 2 more variables:

** (nm-applet:16524): WARNING **: Invalid connection: 'NMSetting8021x' /
'identity' invalid: 2

** (nm-applet:16524): WARNING **: <WARN>  applet_menu_item_activate_helper():
Invalid connection; asking for more information.

** Message: dev_caps: 3f
** Message: have_ap: 1
** Message: is_adhoc: 0
** Message: ap_flags: 0
** Message: ap_wpa: 244
** Message: ap_rsn: 0

** (nm-applet:16524): WARNING **: security_combo_changed: no active security
combo box item.

And here's nm-tool's output:

[jman@hive ~]$ nm-tool 

NetworkManager Tool

State: disconnected

- Device: eth0 ----------------------------------------------------------------
  Type:              Wired
  Driver:            tg3
  State:             unavailable
  Default:           no
  HW Address:        00:1C:23:14:01:A8

  Capabilities:
    Supported:       yes
    Carrier Detect:  yes

  Wired Settings


- Device: wlan0 ----------------------------------------------------------------
  Type:              802.11 WiFi
  Driver:            iwl3945
  State:             disconnected
  Default:           no
  HW Address:        00:1B:77:DE:F9:26

  Capabilities:
    Supported:       yes

  Wireless Settings
    WEP Encryption:  yes
    WPA Encryption:  yes
    WPA2 Encryption: yes

  Wireless Access Points
    eduroam:         Infra, 00:0E:D7:90:75:90, Freq 2462 MHz, Rate 0 Mb/s,
Strength 90 WPA Enterprise

Comment 4 Dan Williams 2008-07-27 13:51:10 EDT
What's the iwlist scan output for this AP?  It looks like the AP isn't
advertising the Privacy bit in its beacon (ap_flags=0).  The iwlist scan output
would confirm that.
Comment 5 Rui Matos 2008-07-30 09:15:41 EDT
Dan, here is the 'iwlist wlan0 scan' output:

wlan0     Scan completed :
          Cell 01 - Address: 00:1F:CA:2D:02:50
                    ESSID:"eduroam"
                    Mode:Master
                    Channel:1
                    Frequency:2.412 GHz (Channel 1)
                    Quality=73/100  Signal level:-61 dBm  Noise level=-127 dBm
                    Encryption key:off
                    IE: WPA Version 1
                        Group Cipher : TKIP
                        Pairwise Ciphers (1) : TKIP
                        Authentication Suites (1) : 802.1x
                    Bit Rates:11 Mb/s; 12 Mb/s; 18 Mb/s; 24 Mb/s; 36 Mb/s
                              48 Mb/s; 54 Mb/s
                    Extra:tsf=00000005de1b10dd
                    Extra: Last beacon: 2258ms ago
          Cell 02 - Address: 00:0F:24:D6:A3:F0
                    ESSID:"eduroam"
                    Mode:Master
                    Channel:6
                    Frequency:2.437 GHz (Channel 6)
                    Quality=38/100  Signal level:-86 dBm  Noise level=-127 dBm
                    Encryption key:off
                    IE: WPA Version 1
                        Group Cipher : TKIP
                        Pairwise Ciphers (1) : TKIP
                        Authentication Suites (1) : 802.1x
                    Bit Rates:11 Mb/s; 12 Mb/s; 18 Mb/s; 24 Mb/s; 36 Mb/s
                              48 Mb/s; 54 Mb/s
                    Extra:tsf=00000005eaf2917a
                    Extra: Last beacon: 1689ms ago
          Cell 03 - Address: 00:0F:24:D6:97:A0
                    ESSID:"eduroam"
                    Mode:Master
                    Channel:6
                    Frequency:2.437 GHz (Channel 6)
                    Quality=55/100  Signal level:-75 dBm  Noise level=-127 dBm
                    Encryption key:off
                    IE: WPA Version 1
                        Group Cipher : TKIP
                        Pairwise Ciphers (1) : TKIP
                        Authentication Suites (1) : 802.1x
                    Bit Rates:11 Mb/s; 12 Mb/s; 18 Mb/s; 24 Mb/s; 36 Mb/s
                              48 Mb/s; 54 Mb/s
                    Extra:tsf=00000005e4bbf0e3
                    Extra: Last beacon: 1673ms ago
          Cell 04 - Address: 00:0F:24:D6:A0:50
                    ESSID:"eduroam"
                    Mode:Master
                    Channel:6
                    Frequency:2.437 GHz (Channel 6)
                    Quality=66/100  Signal level:-67 dBm  Noise level=-127 dBm
                    Encryption key:off
                    IE: WPA Version 1
                        Group Cipher : TKIP
                        Pairwise Ciphers (1) : TKIP
                        Authentication Suites (1) : 802.1x
                    Bit Rates:11 Mb/s; 12 Mb/s; 18 Mb/s; 24 Mb/s; 36 Mb/s
                              48 Mb/s; 54 Mb/s
                    Extra:tsf=00000005e417e0e7
                    Extra: Last beacon: 1661ms ago
          Cell 05 - Address: 00:1F:CA:46:40:D0
                    ESSID:"eduroam"
                    Mode:Master
                    Channel:48
                    Frequency:5.24 GHz (Channel 48)
                    Quality=80/100  Signal level:-50 dBm  Noise level=-82 dBm
                    Encryption key:off
                    IE: WPA Version 1
                        Group Cipher : TKIP
                        Pairwise Ciphers (1) : TKIP
                        Authentication Suites (1) : 802.1x
                    Bit Rates:6 Mb/s; 9 Mb/s; 12 Mb/s; 18 Mb/s; 24 Mb/s
                              36 Mb/s; 48 Mb/s; 54 Mb/s
                    Extra:tsf=00000005de247044
                    Extra: Last beacon: 554ms ago
Comment 6 Dan Williams 2008-07-31 10:56:27 EDT
Ok, NM's handling of this case is incorrect.  What should be happening here is
that NM should allow both unencrypted and WPA connections to the AP.
Comment 7 Rui Matos 2008-07-31 11:15:02 EDT
For the record I couldn't connect simply with:

$ sudo ip link set wlan0 up
$ sudo iwconfig wlan0 essid eduroam

The drivers says:

wlan0: authenticate with AP 00:1f:ca:2c:ff:80
ADDRCONF(NETDEV_UP): wlan0: link is not ready
wlan0: authenticate with AP 00:1f:ca:2c:ff:80
wlan0: authenticated
wlan0: associate with AP 00:1f:ca:2c:ff:80
wlan0: RX AssocResp from 00:1f:ca:2c:ff:80 (capab=0x431 status=13 aid=0)
wlan0: AP denied association (code=13)
wlan0: associate with AP 00:1f:ca:2c:ff:80
wlan0: deauthenticated
wlan0: authenticate with AP 00:1f:ca:2c:ff:80
wlan0: authenticated
wlan0: associate with AP 00:1f:ca:2c:ff:80
wlan0: RX AssocResp from 00:1f:ca:2c:ff:80 (capab=0x431 status=13 aid=0)
wlan0: AP denied association (code=13)
wlan0: associate with AP 00:1f:ca:2c:ff:80
wlan0: deauthenticated

And goes on and on...

FWIW, this driver is quite flaky too, after this I ran wpa_supplicant like I
always do and it wouldn't connect. It just connected after a modprobe -r
iwl3945; modprobe iwl3945
Comment 8 Luis Medinas 2009-02-05 22:09:07 EST
Hi Rui

I've reported this bug upstream[1], please cc yourself so can Dan track this bug better. This is a really good regression from NM0.6.

[1]-http://bugzilla.gnome.org/show_bug.cgi?id=558175
Comment 9 Dan Williams 2009-02-06 17:38:18 EST
Unset Privacy bit now ignored when determining AP security if the AP broadcasts WPA or RSN information elements in the beacon.

upstream commit a734c836a56f3170202f0555f1a03c9b2835775c
Comment 10 Fedora Update System 2009-02-07 17:22:21 EST
NetworkManager-0.7.0-2.git20090207.fc10 has been pushed to the Fedora 10 testing repository.  If problems still persist, please make note of it in this bug report.
 If you want to test the update, you can install it with 
 su -c 'yum --enablerepo=updates-testing update NetworkManager'.  You can provide feedback for this update here: http://admin.fedoraproject.org/updates/F10/FEDORA-2009-1471
Comment 11 Fedora Update System 2009-02-24 15:49:47 EST
NetworkManager-0.7.0.97-5.git20090220.fc10, NetworkManager-openconnect-0.7.0.97-1.fc10, NetworkManager-pptp-0.7.0.97-1.fc10, NetworkManager-openvpn-0.7.0.97-1.fc10, NetworkManager-vpnc-0.7.0.97-1.fc10 has been pushed to the Fedora 10 testing repository.  If problems still persist, please make note of it in this bug report.
 If you want to test the update, you can install it with 
 su -c 'yum --enablerepo=updates-testing update NetworkManager NetworkManager-openconnect NetworkManager-pptp NetworkManager-openvpn NetworkManager-vpnc'.  You can provide feedback for this update here: http://admin.fedoraproject.org/updates/F10/FEDORA-2009-1985
Comment 12 Fedora Update System 2009-02-27 22:24:19 EST
NetworkManager-0.7.0.98-1.git20090225.fc10, NetworkManager-openconnect-0.7.0.97-1.fc10, NetworkManager-pptp-0.7.0.97-1.fc10, NetworkManager-openvpn-0.7.0.97-1.fc10, NetworkManager-vpnc-0.7.0.97-1.fc10 has been pushed to the Fedora 10 testing repository.  If problems still persist, please make note of it in this bug report.
 If you want to test the update, you can install it with 
 su -c 'yum --enablerepo=updates-testing update NetworkManager NetworkManager-openconnect NetworkManager-pptp NetworkManager-openvpn NetworkManager-vpnc'.  You can provide feedback for this update here: http://admin.fedoraproject.org/updates/F10/FEDORA-2009-1985
Comment 13 Fedora Update System 2009-03-06 12:34:41 EST
NetworkManager-0.7.0.99-1.fc10,knetworkmanager-0.7-0.8.20080926svn.fc10,NetworkManager-vpnc-0.7.0.99-1.fc10,NetworkManager-openvpn-0.7.0.99-1.fc10,NetworkManager-pptp-0.7.0.99-1.fc10,NetworkManager-openconnect-0.7.0.99-1.fc10 has been submitted as an update for Fedora 10.
http://admin.fedoraproject.org/updates/NetworkManager-0.7.0.99-1.fc10,knetworkmanager-0.7-0.8.20080926svn.fc10,NetworkManager-vpnc-0.7.0.99-1.fc10,NetworkManager-openvpn-0.7.0.99-1.fc10,NetworkManager-pptp-0.7.0.99-1.fc10,NetworkManager-openconnect-0.7.0.99-1.fc10
Comment 14 Fedora Update System 2009-03-06 12:51:31 EST
NetworkManager-0.7.0.99-1.fc9,NetworkManager-vpnc-0.7.0.99-1.fc9,NetworkManager-openvpn-0.7.0.99-1.fc9,NetworkManager-pptp-0.7.0.99-1.fc9,NetworkManager-openconnect-0.7.0.99-1.fc9 has been submitted as an update for Fedora 9.
http://admin.fedoraproject.org/updates/NetworkManager-0.7.0.99-1.fc9,NetworkManager-vpnc-0.7.0.99-1.fc9,NetworkManager-openvpn-0.7.0.99-1.fc9,NetworkManager-pptp-0.7.0.99-1.fc9,NetworkManager-openconnect-0.7.0.99-1.fc9
Comment 15 Fedora Update System 2009-03-08 15:30:01 EDT
NetworkManager-0.7.0.99-1.fc9, NetworkManager-vpnc-0.7.0.99-1.fc9, NetworkManager-openvpn-0.7.0.99-1.fc9, NetworkManager-pptp-0.7.0.99-1.fc9, NetworkManager-openconnect-0.7.0.99-1.fc9 has been pushed to the Fedora 9 stable repository.  If problems still persist, please make note of it in this bug report.
Comment 16 Fedora Update System 2009-03-08 15:31:32 EDT
NetworkManager-0.7.0.99-1.fc10, knetworkmanager-0.7-0.8.20080926svn.fc10, NetworkManager-vpnc-0.7.0.99-1.fc10, NetworkManager-openvpn-0.7.0.99-1.fc10, NetworkManager-pptp-0.7.0.99-1.fc10, NetworkManager-openconnect-0.7.0.99-1.fc10 has been pushed to the Fedora 10 stable repository.  If problems still persist, please make note of it in this bug report.

Note You need to log in before you can comment on or make changes to this bug.