Gentoo Forums
Gentoo Forums
Gentoo Forums
Quick Search: in
[SOLVED] wpa_supplicant-2.6-r1 and EAP/MSCHAPV2 = no joy
View unanswered posts
View posts from last 24 hours

 
Reply to topic    Gentoo Forums Forum Index Networking & Security
View previous topic :: View next topic  
Author Message
rburcham
Apprentice
Apprentice


Joined: 20 Mar 2003
Posts: 240

PostPosted: Tue Feb 21, 2017 12:21 am    Post subject: [SOLVED] wpa_supplicant-2.6-r1 and EAP/MSCHAPV2 = no joy Reply with quote

Hi. I'm the guy that uses networkmanager to connect his wifi and every so often runs into trouble. You might remember me from such hits as

https://forums.gentoo.org/viewtopic-t-1048614-highlight-.html

Hardware kernel and driver have remained constant for some time,

Quote:

4.6.3-gentoo


Quote:

# modinfo 8192cu
filename: /lib/modules/4.6.3-gentoo/kernel/drivers/net/wireless/8192cu.ko
version: v4.0.2_9000.20130911
author: Realtek Semiconductor Corp.
description: Realtek Wireless Lan Driver
license: GPL
srcversion: 70FDA6D2D4382D3AE0FCFFB


Quote:

ASUSTek Computer, Inc. USB-N13 802.11n Network Adapter (rev. B1) [Realtek RTL8192CU]


But it's worth noting that when they have changed in the past the networkmanager behavior has also remained consistent (when dealing with a nm ver <= 1.08 it works, when it doesn't it doesn't, at least until I roll back nm).

It seems that networkmanager > 1.08 simply fails to successfully authenticate/associate to EAP with MSCHAPv2. At least I can't get it to work on the command line or via wpa_cli, wpa_gui, plasma-nm, anything. I don't experience any trouble connecting to SSIDs with WPA-PSK or no auth.

Here's what it's doing:

Code:

Feb 20 18:09:51 roblt3 NetworkManager[10347]: <info>  [1487635791.8700] device (wlan1): Activation: starting connection 'MY-SSID' (394444ce-ca05-42a1-8c48-3dd53981536b)
Feb 20 18:09:51 roblt3 NetworkManager[10347]: <info>  [1487635791.8701] audit: op="connection-activate" uuid="394444ce-ca05-42a1-8c48-3dd00000000b" name="MY-SSID" pid=10815 uid=1000 result="success"
Feb 20 18:09:51 roblt3 NetworkManager[10347]: <info>  [1487635791.8702] device (wlan1): state change: disconnected -> prepare (reason 'none') [30 40 0]
Feb 20 18:09:51 roblt3 NetworkManager[10347]: <info>  [1487635791.8704] manager: NetworkManager state is now CONNECTING
Feb 20 18:09:51 roblt3 NetworkManager[10347]: <info>  [1487635791.8711] device (wlan1): state change: prepare -> config (reason 'none') [40 50 0]
Feb 20 18:09:51 roblt3 NetworkManager[10347]: <info>  [1487635791.8713] device (wlan1): Activation: (wifi) access point 'MY-SSID' has security, but secrets are required.
Feb 20 18:09:51 roblt3 NetworkManager[10347]: <info>  [1487635791.8713] device (wlan1): state change: config -> need-auth (reason 'none') [50 60 0]
Feb 20 18:09:57 roblt3 NetworkManager[10347]: <info>  [1487635797.7121] device (wlan1): state change: need-auth -> prepare (reason 'none') [60 40 0]
Feb 20 18:09:57 roblt3 NetworkManager[10347]: <info>  [1487635797.7127] device (wlan1): state change: prepare -> config (reason 'none') [40 50 0]
Feb 20 18:09:57 roblt3 NetworkManager[10347]: <info>  [1487635797.7129] device (wlan1): Activation: (wifi) connection 'MY-SSID' has security, and secrets exist.  No new secrets needed.
Feb 20 18:09:57 roblt3 NetworkManager[10347]: <info>  [1487635797.7130] Config: added 'ssid' value 'MY-SSID'
Feb 20 18:09:57 roblt3 NetworkManager[10347]: <info>  [1487635797.7130] Config: added 'scan_ssid' value '1'
Feb 20 18:09:57 roblt3 NetworkManager[10347]: <info>  [1487635797.7130] Config: added 'key_mgmt' value 'WPA-EAP'
Feb 20 18:09:57 roblt3 NetworkManager[10347]: <info>  [1487635797.7130] Config: added 'password' value '<omitted>'
Feb 20 18:09:57 roblt3 NetworkManager[10347]: <info>  [1487635797.7130] Config: added 'eap' value 'PEAP'
Feb 20 18:09:57 roblt3 NetworkManager[10347]: <info>  [1487635797.7131] Config: added 'fragment_size' value '1266'
Feb 20 18:09:57 roblt3 NetworkManager[10347]: <info>  [1487635797.7131] Config: added 'phase2' value 'auth=MSCHAPV2'
Feb 20 18:09:57 roblt3 NetworkManager[10347]: <info>  [1487635797.7131] Config: added 'identity' value 'rburcham'
Feb 20 18:09:57 roblt3 NetworkManager[10347]: <info>  [1487635797.7131] Config: added 'bgscan' value 'simple:30:-65:300'
Feb 20 18:09:57 roblt3 NetworkManager[10347]: <info>  [1487635797.7131] Config: added 'proactive_key_caching' value '1'
Feb 20 18:09:57 roblt3 NetworkManager[10347]: <info>  [1487635797.7156] sup-iface[0x21fc0a0,wlan1]: config: set interface ap_scan to 1
Feb 20 18:09:58 roblt3 NetworkManager[10347]: <info>  [1487635798.1206] device (wlan1): supplicant interface state: disconnected -> scanning
Feb 20 18:09:59 roblt3 NetworkManager[10347]: <info>  [1487635799.2575] device (wlan1): supplicant interface state: scanning -> associating
Feb 20 18:09:59 roblt3 NetworkManager[10347]: <info>  [1487635799.3286] device (wlan1): supplicant interface state: associating -> associated
Feb 20 18:10:01 roblt3 kernel: rtw_wx_set_mlme
Feb 20 18:10:01 roblt3 kernel: rtw_wx_set_mlme, cmd=0, reason=3
Feb 20 18:10:01 roblt3 NetworkManager[10347]: <warn>  [1487635801.3586] sup-iface[0x21fc0a0,wlan1]: connection disconnected (reason -3)
Feb 20 18:10:01 roblt3 NetworkManager[10347]: <info>  [1487635801.3588] device (wlan1): supplicant interface state: associated -> disconnected
Feb 20 18:10:01 roblt3 cron[3295]: (root) CMD (test -x /usr/sbin/run-crons && /usr/sbin/run-crons)
Feb 20 18:10:01 roblt3 cron[3294]: (root) CMD (/usr/lib64/sa/sa1 1 1)
Feb 20 18:10:02 roblt3 NetworkManager[10347]: <info>  [1487635802.5301] device (wlan1): supplicant interface state: disconnected -> scanning


There seems to be an association at 18:09:59, but then an instant disconnection 2 seconds later. Does anyone know the secret to getting nm to stick the landing with EAP/MSCHAPv2?


Last edited by rburcham on Wed Feb 22, 2017 4:05 am; edited 1 time in total
Back to top
View user's profile Send private message
turtles
Veteran
Veteran


Joined: 31 Dec 2004
Posts: 1646

PostPosted: Tue Feb 21, 2017 6:05 pm    Post subject: Reply with quote

I had a similar issue this AM after deep world update even wired ethernet did not work. I recompiled my kernel and that took care of it.
Hope that helps
_________________
Donate to Gentoo
Back to top
View user's profile Send private message
rburcham
Apprentice
Apprentice


Joined: 20 Mar 2003
Posts: 240

PostPosted: Tue Feb 21, 2017 6:38 pm    Post subject: Reply with quote

Hmm, see for me it's just EAP/MSCHAPv2. Other wireless auth is working.

Did you use same kernel ver or new one?
Back to top
View user's profile Send private message
rburcham
Apprentice
Apprentice


Joined: 20 Mar 2003
Posts: 240

PostPosted: Wed Feb 22, 2017 4:04 am    Post subject: [SOLVED] networkmanager-1.4.4-r1 and EAP/MSCHAPV2 = no joy Reply with quote

Turns out it's wpa_supplicant-2.6 and 2.6-r1. They both fail to authenticate with EAP/MSCHAPV2.

Of course earlier version of wpa_supplicant have been removed from portage, but on a hunch I went to the effort of recovering wpa_supplicant-2.5-r1 ebuild and files from here:

https://gitweb.gentoo.org/repo/gentoo.git/tree/net-wireless/wpa_supplicant?id=7304a9f3c5386be6a3e81f370b0cbe5cbba654ae

and put them in a portdir overlay. I then rolled back to that version and all of a sudden EAP/MSCHAPV2 works again! So I'm masking >wpa_supplicant-2.5-r1 until this gets resolved upstream.

In the meantime, how does one petition to get 2.5-r1 restored to portage proper?
Back to top
View user's profile Send private message
jburns
Veteran
Veteran


Joined: 18 Jan 2007
Posts: 1213
Location: Massachusetts USA

PostPosted: Wed Feb 22, 2017 4:55 am    Post subject: Reply with quote

The bug report Bug 596368 - net-wireless/wpa_supplicant-2.6 breaks NetworkManager WiFi comment 3 or comment 6 may have a solution.
Back to top
View user's profile Send private message
turtles
Veteran
Veteran


Joined: 31 Dec 2004
Posts: 1646

PostPosted: Wed Feb 22, 2017 5:08 am    Post subject: Reply with quote

Wow very interesting. 4.6.3-gentoo is pretty old can you update to 4.7 at least?
And post or Pastbin your emerge --info
_________________
Donate to Gentoo
Back to top
View user's profile Send private message
rburcham
Apprentice
Apprentice


Joined: 20 Mar 2003
Posts: 240

PostPosted: Wed Feb 22, 2017 2:35 pm    Post subject: Reply with quote

@jburns yes! I saw that bug last year some time when I was dealing with plasma-qt's inability to store profiles or provide password credentials to wpa_supplicant. In fact even the latest version today still cannot pass credentials if you set the config to "Always Ask." You have to store the password in the profile for it to work.

The failures as I describe them apply to both the kernel driver and the external driver. I will say though that both drivers fail to commit mac address changes to the device. Using any method, e.g. maccchanger, ip, etc. they all report success but when you examine the device again it still reports the original mac. I believe it was this bug that pointed me at disabling the mac randomization sometime last year.

@turtles Yes I have a kernel upgrade in my near future. I'm on a 2012 macbook pro retina 15 with nvidia, and I have to drive external monitors so I am using the nvidia blob, and finding healthy kernel/nvidia-drivers combos is an experiment. What's interesting is the most recent nvidia blob seems to be playing nicely with efifb again, whereas in prior versions for about the past year it would flake out with a blank screen about half the time. But that's a story for another thread.
Back to top
View user's profile Send private message
Display posts from previous:   
Reply to topic    Gentoo Forums Forum Index Networking & Security All times are GMT
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum