Unable to connect to WPA2-Enterprise since 2.4-r1: WPA_ALG_PMK bug?
j at w1.fi
Sun May 3 15:14:44 EDT 2015
On Mon, Apr 27, 2015 at 06:01:43PM +0200, Ralf Ramsauer wrote:
> I also tried another WPA2-Enterprise WiFi which uses TTLS/PAP instead of PEAP/MSCHAPv2 - same problem here.
Which authentication server are you using? It sounds like the main issue
here is in interoperability issue in TLS v1.2 key derivation for EAP.
The same derivation mechanism is used for both TTLS and PEAP.
Are you by any chance using FreeRADIUS with TLS v1.2 enabled but before
the key derivation fix went in (March 31, 2015)? If so, that would
explain the problem due to FreeRADIUS deriving a different MSK when
using TLS v1.2.
Newer version of wpa_supplicant just happens to trigger this by enabling
TLS v1.2 to be negotiated, but the real fix is likely needed on the
Jouni Malinen PGP id EFC895FA
More information about the HostAP