Unable to connect to WPA2-Enterprise since 2.4-r1: WPA_ALG_PMK bug?

David Woodhouse dwmw2 at infradead.org
Sun Jul 12 04:52:27 EDT 2015


On Fri, 2015-07-10 at 23:10 +0300, Jouni Malinen wrote:
> Once I get a bit more information on the scale of the issue (mainly,
> whether it is only the two previously identified server components that
> have clear fixes already available or whether there are some other
> servers impacted as well with no easy fix), I'll figure out whether I
> can convince myself to accept the workaround into hostap.git..
> 
> If you do get confirmation on the authentication server (ideally
> including its version number) being from Cisco, I can also check with
> the engineers directly to avoid going through normal support requests so
> as to see if this could be fixed soon for wpa_supplicant not having to
> care too much.

The initial response was:

  "We are using Aruba ClearPass Policy Manager release 6.5.1 as our 
   RADIUS server. This release does not support TLSv1.2."

I have showed them a packet trace which clearly shows a client
authenticating using EAP-TLSv1.2. And invited further comment :)

-- 
dwmw2

-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 5691 bytes
Desc: not available
URL: <http://lists.shmoo.com/pipermail/hostap/attachments/20150712/850bde8e/attachment.bin>


More information about the HostAP mailing list