10866 – wpa_supplicant won't connect due to bad identity.

Bug 10866 - wpa_supplicant won't connect due to bad identity.

Summary: wpa_supplicant won't connect due to bad identity.

Status:	RESOLVED DUPLICATE of bug 11136

Alias:	None

Product:	Mageia
Classification:	Unclassified
Component:	RPM Packages (show other bugs)
Version:	Cauldron
Hardware:	x86_64 Linux

Priority:	Normal Severity: normal
Target Milestone:	---
Assignee:	Mageia Bug Squad
QA Contact:

URL:
Whiteboard:
Keywords:	NEEDINFO, Triaged

Depends on:
Blocks:

Reported:	2013-07-28 07:03 CEST by Patrick Hibbs
Modified:	2015-11-20 22:20 CET (History)
CC List:	3 users (show)

See Also:	11136
Source RPM:	wpa_supplicant
CVE:
Status comment:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Description Patrick Hibbs 2013-07-28 07:03:36 CEST

Description of problem:
When connecting to a WPA2 Enterprise (TLS) protected network, wpa_supplicant fails during the authentication phase with a "bad identity" error with a working config from Mageia 2. This is due to a missing identity string for the network in wpa_supplicant.conf. (This was not required in Mageia 2.)

Version-Release number of selected component (if applicable):
Any current version of wpa_supplicant.

How reproducible:
Attempt to connect to a WPA2 Enterprise (TLS) protected network without filling in the identity option in mcc or in wpa_supplicant.conf.

Steps to Reproduce:
1. Find a WPA2 Enterprise (TLS) protected network that you can access.
2. Configure wpa_supplicant. (certs, private key, key pass, etc. Do not configure identity.)
3. Attempt to connect to said network. (It will assoicate to the AP, but fail authentication due to missing string. As it never sends the client cert.)

As I already said this was not required in Maegia 2, and there is nothing documenting this new requirement. (wpa_supplicant's error log or debug log leaves much to be desired, as it does not mention that this was the real issue. Maybe it's supposed to generate the identity string from the client cert? Also wpa_supplicant's website also does not mention this etheir.)

This can be "fixed" by placing something in the identity string. (I used the name of the client cert plus the domain name.)


Reproducible: 

Steps to Reproduce:

Manuel Hiebel 2013-07-29 20:24:07 CEST

Keywords: (none) => Triaged
CC: (none) => mageia, thierry.vignaud

Comment 1 David Walser 2015-03-03 00:07:11 CET

Assuming this hasn't been addressed and fixing the version assignment.

Version: 3 => Cauldron
See Also: (none) => https://bugs.mageia.org/show_bug.cgi?id=11136

Comment 2 Thierry Vignaud 2015-06-03 11:31:24 CEST

Humm, isn't this one related to bug #11136 ?

Keywords: (none) => NEEDINFO

Comment 3 Marja Van Waes 2015-11-20 22:20:23 CET

(In reply to Thierry Vignaud from comment #2)
> Humm, isn't this one related to bug #11136 ?

Looks like it, so closing as duplicate.

@ Patrick

If it didn't get fixed, then it can't be a duplicate.
PLease reopen if the bug is still valic

*** This bug has been marked as a duplicate of bug 11136 ***

Status: NEW => RESOLVED
CC: (none) => marja11
Resolution: (none) => DUPLICATE

Note You need to log in before you can comment on or make changes to this bug.