[Bug 34982] Re: Please apply the EAP-FAST from the wpasupplicant source

Paul bratstejskal at gmail.com
Wed Sep 4 13:07:41 UTC 2013 

Confirmed. The procedure is pretty simple really. I even recompiled my
own wpa_supplicant and created a deb file. But this didn't update
NetworkManager. Here's my test:

network={
         ssid="SSIDNAME"
         key_mgmt=WPA-EAP
         eap=FAST
         identity="USERNAME"
         password="PASSWORD"
         phase1="fast_provisioning=3"
         pac_file="/tmp/wpa_supplicant.pac"
}
Then uncheck enable wifi and do a "sudo rfkill unblock all" then "sudo wpa_supplicant -Dnl80211 -iwlan0 -c/etc/wpa_supplicant.conf"
wlan0: SME: Trying to authenticate with 58:35:d9:3a:3c:91 (SSID='SSIDNAME' freq=2412 MHz)
wlan0: Trying to associate with 58:35:d9:3a:3c:91 (SSID='SSIDNAME' freq=2412 MHz)
wlan0: Associated with 58:35:d9:3a:3c:91
wlan0: CTRL-EVENT-EAP-STARTED EAP authentication started
wlan0: CTRL-EVENT-EAP-PROPOSED-METHOD vendor=0 method=17 -> NAK
wlan0: CTRL-EVENT-EAP-PROPOSED-METHOD vendor=0 method=43
EAP-FAST: No PAC file '/tmp/wpa_supplicant.pac' - assume no PAC entries have been provisioned
wlan0: CTRL-EVENT-EAP-METHOD EAP vendor 0 method 43 (FAST) selected
wlan0: CTRL-EVENT-EAP-PEER-CERT depth=2 subject='/C=US/O=Global Security Operations/CN=NetApp Corporate Root CA'
wlan0: CTRL-EVENT-EAP-PEER-CERT depth=2 subject='/C=US/O=Global Security Operations/CN=NetApp Corporate Root CA'
wlan0: CTRL-EVENT-EAP-PEER-CERT depth=1 subject='/DC=com/DC=netapp/DC=hq/CN=NetApp Corporate Issuing CA'
wlan0: CTRL-EVENT-EAP-PEER-CERT depth=0 subject='/CN=eapfastpacs'
wlan0: CTRL-EVENT-EAP-SUCCESS EAP authentication completed successfully
wlan0: WPA: Key negotiation completed with 58:35:d9:3a:3c:91 [PTK=CCMP GTK=CCMP]
wlan0: CTRL-EVENT-CONNECTED - Connection to 58:35:d9:3a:3c:91 completed (auth) [id=0 id_str=]

How do we integrate this into NM?

-- 
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to openssl in Ubuntu.
https://bugs.launchpad.net/bugs/34982

Title:
  Please apply the EAP-FAST from the wpasupplicant source

Status in “openssl” package in Ubuntu:
  Invalid
Status in “wpasupplicant” package in Ubuntu:
  Confirmed

Bug description:
  In order for properly supporting the EAP-FAST protocol, the openssl
  source needs to be patched.

  The EAP-FAST protocol is supported by wpasupplicant, but is currently
  blocked by lacking support in the openssl library in ubuntu.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/openssl/+bug/34982/+subscriptions

More information about the foundations-bugs mailing list