Gentoo Forums
Gentoo Forums
Gentoo Forums
Quick Search: in
[STOPGAP fix] problems connecting w/peap wpa_supplicant-2.4
View unanswered posts
View posts from last 24 hours

 
Reply to topic    Gentoo Forums Forum Index Networking & Security
View previous topic :: View next topic  
Author Message
zje
n00b
n00b


Joined: 06 Sep 2012
Posts: 31

PostPosted: Wed Apr 29, 2015 6:33 pm    Post subject: [STOPGAP fix] problems connecting w/peap wpa_supplicant-2.4 Reply with quote

I use wicd and wpa_supplicant to connect to an enterprise network using PEAP-GTC. After updating wpa_supplicant last night, it seems that I can no longer connect. I'm not getting much in the way of debugging information, other than "authentication failed" or "bad password" in the wicd logs.

I tried rolling back to a previous version (when I found a wired connection), but it appears that has been dropped: https://bugs.gentoo.org/show_bug.cgi?id=524928

Has anyone experienced anything similar? Aside from using an old ebuild from version control, is there anything else I can do/try here?


Last edited by zje on Fri May 01, 2015 3:13 pm; edited 2 times in total
Back to top
View user's profile Send private message
ASID
Apprentice
Apprentice


Joined: 22 Mar 2006
Posts: 195

PostPosted: Thu Apr 30, 2015 7:44 am    Post subject: Reply with quote

Exactly same issue for me :/
Back to top
View user's profile Send private message
zje
n00b
n00b


Joined: 06 Sep 2012
Posts: 31

PostPosted: Thu Apr 30, 2015 2:47 pm    Post subject: Reply with quote

I'm trying to roll back to 2.3 with a local overlay, but this is proving to be a little complicated since the files were deleted from the repository (working on checking out an older revision now, but up against some work deadlines too). Since 2.3 is unaffected by the vulnerability, what would it take to get it readded?
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-3686
Back to top
View user's profile Send private message
charles17
Advocate
Advocate


Joined: 02 Mar 2008
Posts: 2583

PostPosted: Thu Apr 30, 2015 3:02 pm    Post subject: Re: problems after updating wpa_supplicant Reply with quote

zje wrote:
I use wicd and wpa_supplicant to connect to an enterprise network using PEAP-GTC. After updating wpa_supplicant last night, it seems that I can no longer connect. I'm not getting much in the way of debugging information, other than "authentication failed" or "bad password" in the wicd logs.

Could you run wpa_supplicant in the foreground and pastebin your output? (Adjust-iwlan0 to your network interface name)
Code:
# wpa_supplicant -Dnl80211 -iwlan0 -C/var/run/wpa_supplicant/ -c/etc/wpa_supplicant/wpa_supplicant.conf -dd
Back to top
View user's profile Send private message
zje
n00b
n00b


Joined: 06 Sep 2012
Posts: 31

PostPosted: Thu Apr 30, 2015 9:20 pm    Post subject: Reply with quote

http://pastebin.com/CaMM6PAU
interesting that I got:
Code:
wlp4s0: CTRL-EVENT-EAP-SUCCESS EAP authentication completed successfully


But when I run dhcpcd , it times out after "waiting for carrier"

Thanks!
Back to top
View user's profile Send private message
charles17
Advocate
Advocate


Joined: 02 Mar 2008
Posts: 2583

PostPosted: Fri May 01, 2015 6:57 am    Post subject: Reply with quote

zje wrote:
But when I run dhcpcd , ...
???
Did you mean wpa_gui? You know you should not run dhcpcd as a service itself. Are you using Gentoo net.* scripts or dhcpcd?
Back to top
View user's profile Send private message
zje
n00b
n00b


Joined: 06 Sep 2012
Posts: 31

PostPosted: Fri May 01, 2015 2:18 pm    Post subject: Reply with quote

Normally I use wicd to manage everything, I'm running dhcpcd manually in this case since we're also running wpa_supplicant manually - just for debugging purposes. Sorry for any confusion. Just to be clear, this configuration and setup (everything with wicd) worked with wpa_supplicant-2.2. Running with dhcpcd as a service yields the same result (iwconfig after wpa_supplicant reports that I'm connected to the ESSID, but I cannot obtain an IP address).
Back to top
View user's profile Send private message
zje
n00b
n00b


Joined: 06 Sep 2012
Posts: 31

PostPosted: Fri May 01, 2015 2:51 pm    Post subject: Reply with quote

I installed wpa_supplicant 2.3 from cvs and everything works as it used to. It also appears that 2.3 is not vulnerable to the exploit for which 2.2 was removed, so I will take this as an acceptable fix.
The hardest part was working with cvs, which I haven't used in roughly a decade. For anyone interested, here's the command to get the working 2.3 version:
Code:

cvs -d :pserver:anonymous@anoncvs.gentoo.org:/var/cvsroot co -D 2015-03-03 gentoo-x86/net-wireless/wpa_supplicant


At that point, it's just a matter of adding the 2.3 ebuild and files to your local overlay and masking 2.4.

I will probably file a bug in a few weeks when I have more time to look into it, I'm up against work deadlines and couldn't have this interfering.
Back to top
View user's profile Send private message
agemo
n00b
n00b


Joined: 25 Jan 2009
Posts: 6

PostPosted: Sat Jun 13, 2015 9:41 am    Post subject: Filed bug report Reply with quote

Hello people!

I've encountered the same problem, filed the bug report at:

https://bugs.gentoo.org/show_bug.cgi?id=551958
Back to top
View user's profile Send private message
Display posts from previous:   
Reply to topic    Gentoo Forums Forum Index Networking & Security All times are GMT
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum