Bug #351

Request: 802.11x wired network support in wpa_supplicant

Added by bastyaelvtars about 8 years ago. Updated almost 7 years ago.

Status:ClosedStart date:
Priority:LowDue date:
Assignee:-% Done:

0%

Category:-
Target version:-

Description

(Hopefully this stuff is for requests too).
Some time ago, I asked about this, and got this reply:

http://leaf.dragonflybsd.org/mailarchive/users/2006-09/msg00066.html

Has this ever been committed? (Does not seem so to me.)

History

#1 Updated by sepherosa about 8 years ago

Nope, it is not committed, since I got no reply after above post.

Best Regards,
sephe

#2 Updated by bastyaelvtars about 8 years ago

Sorry, I haven't yet found the time to try it out. I applied the patch
and built/installed wpa_supplicant, I'll do a thorough testing tonight
and post the results.

#3 Updated by bastyaelvtars almost 8 years ago

Last time I tried it, it applied fine but testing was interrupted by a
loong power breakdown in the building and I forgot about it. I'll try it
out again in the near future, but is it safe to apply it to preview?

#4 Updated by sepherosa almost 8 years ago

Yeah

haha :D

Best Regards,
sephe

#5 Updated by bastyaelvtars almost 8 years ago

OK, I did it, but maybe I am doing something wrong, because
authentication always fails, even though the credentials are OK (Aegis
2.1 connects just fine). Do I have to do something to the NIC before or
after the action?

#6 Updated by sepherosa almost 8 years ago

1) you must 'ifconfig iface up' before run the wpa_supplicant
2) try removing the "eap=MD5" line in the "network=" block, or set the
EAP to what the authenticator is using
3) try using -dd wpa_supplicant command line option to make it print
verbose debug message, and figure out what is happening :-)

Best Regards,
sephe

#7 Updated by bastyaelvtars almost 8 years ago

Sepherosa Ziehau wrote:

It's up, should I do it anyway?

It's MD5, and has always been.

It says FAIL, and the radius server says so. :S

#8 Updated by bastyaelvtars almost 8 years ago

Bah, tried all of the above and I keep getting authentication failures.
Any other ideas?

#9 Updated by bastyaelvtars almost 8 years ago

# wpa_supplicant -B -c /etc/wpa.conf -i xl0 -D wired
# wpa_cli
wpa_cli v0.4.9
Copyright (c) 2004-2005, Jouni Malinen <> and contributors

This program is free software. You can distribute it and/or modify it
under the terms of the GNU General Public License version 2.

Alternatively, this software may be distributed under the terms of the
BSD license. See README and COPYING for more details.

Selected interface 'xl0'

Interactive mode

bssid=01:80:c2:00:00:03
ssid=
pairwise_cipher=NONE
group_cipher=NONE
key_mgmt=IEEE 802.1X (no WPA)
wpa_state=ASSOCIATED
ip_address=xxx.xxx.xxx.xxx
Supplicant PAE state=CONNECTING
suppPortStatus=Unauthorized
EAP state=IDLE

and it doesn't work. Any ideas?

#10 Updated by Anonymous almost 8 years ago

# wpa_supplicant -B -dd -c /etc/wpa.conf -i xl0 -D wired
Initializing interface 'xl0' conf '/etc/wpa.conf' driver 'wired' ctrl_interface
'N/A'
Configuration file '/etc/wpa.conf' -> '/etc/wpa.conf'
Reading configuration file '/etc/wpa.conf'
ctrl_interface='/var/run/wpa_supplicant'
ctrl_interface_group=0 (from group name 'wheel')
ap_scan=0
Line: 4 - start of a new network block
key_mgmt: 0x8
eap methods - hexdump(len=2): 04 00
identity - hexdump_ascii(len=9):
62 6f 72 64 6f 70 69 63 69 bordopici
password - hexdump_ascii(len=4): [REMOVED]
eapol_flags=0 (0x0)
Priority group 0
id=0 ssid=''
Initializing interface (2) 'xl0'
EAPOL: SUPP_PAE entering state DISCONNECTED
EAPOL: KEY_RX entering state NO_KEY_RECEIVE
EAPOL: SUPP_BE entering state INITIALIZE
EAP: EAP entering state DISABLED
EAPOL: External notification - portEnabled=0
EAPOL: External notification - portValid=0
wpa_driver_wired_init: Added multicast membership with SIOCADDMULTI
Own MAC address: 00:01:02:01:84:3e
Setting scan request: 0 sec 100000 usec
Added interface xl0
Daemonize..

#11 Updated by Anonymous almost 8 years ago

EAPOL: txStart
TX EAPOL - hexdump(len=4): 01 01 00 00
EAPOL: idleWhile --> 0
EAP: EAP entering state FAILURE
CTRL-EVENT-EAP-FAILURE EAP authentication failed
EAPOL: SUPP_PAE entering state AUTHENTICATING
EAPOL: SUPP_BE entering state FAIL
EAPOL: SUPP_PAE entering state HELD
EAPOL: SUPP_BE entering state IDLE
EAPOL: startWhen --> 0
EAPOL: heldWhile --> 0
EAPOL: SUPP_PAE entering state CONNECTING
EAPOL: SUPP_PAE entering state AUTHENTICATING
EAPOL: SUPP_BE entering state FAIL
EAPOL: SUPP_PAE entering state HELD
EAPOL: SUPP_BE entering state IDLE
EAPOL: startWhen --> 0
EAPOL: heldWhile --> 0
EAPOL: SUPP_PAE entering state CONNECTING
EAPOL: SUPP_PAE entering state AUTHENTICATING
EAPOL: SUPP_BE entering state FAIL
EAPOL: SUPP_PAE entering state HELD
EAPOL: SUPP_BE entering state IDLE
EAPOL: startWhen --> 0
EAPOL: heldWhile --> 0
EAPOL: SUPP_PAE entering state CONNECTING
EAPOL: SUPP_PAE entering state AUTHENTICATING
EAPOL: SUPP_BE entering state FAIL
EAPOL: SUPP_PAE entering state HELD
EAPOL: SUPP_BE entering state IDLE
EAPOL: startWhen --> 0
EAPOL: heldWhile --> 0
EAPOL: SUPP_PAE entering state CONNECTING
EAPOL: SUPP_PAE entering state AUTHENTICATING
EAPOL: SUPP_BE entering state FAIL
EAPOL: SUPP_PAE entering state HELD
EAPOL: SUPP_BE entering state IDLE
EAPOL: startWhen --> 0
^CCTRL-EVENT-TERMINATING - signal 2 received
Removing interface xl0
State: ASSOCIATED -> DISCONNECTED
No keys have been configured - skip key clearing
EAPOL: External notification - portEnabled=0
EAPOL: SUPP_PAE entering state DISCONNECTED
EAPOL: SUPP_BE entering state INITIALIZE
EAP: EAP entering state DISABLED
EAPOL: External notification - portValid=0
No keys have been configured - skip key clearing
Cancelling scan request

It probably cannot connect, because nothing shows up in the logs. Aegis 2.1
works fine on the same port, tried with 2 different PCs.

#12 Updated by sepherosa almost 7 years ago

After wpa_supplicant-0.5.8 was imported, 802.1x authentication over wired
devices is supposed to work, however, the reporter no longer had proper
environment to test. Consider it closed for now.

Also available in: Atom PDF