Package: wpasupplicant Version: 1.0-3 Severity: normal
In an eduroam environment (which is basically WPA-Enterprise), I can confirm disconnects without the possibility to reconnect when using wpa_supplicant wit network-manager. Killing and restarting wpa_supplicant allows a temporary reconnect. When researching the problem, I found this posting: https://bugs.launchpad.net/ubuntu/+source/wpasupplicant/+bug/429370/comments/19 It states that the problem may be actually an openssl bug which lets the rekeying process fail permamently, and recommended recompiling with gnutls instead of openssl. I did this: --- wpa-1.0/debian/config/wpasupplicant/linux 2012-10-16 21:54:27.000000000 +0200 +++ wpa-1.0-gnutls/debian/config/wpasupplicant/linux 2012-10-16 23:03:41.000000000 +0200 @@ -166,8 +166,8 @@ # EAP-PSK (experimental; this is _not_ needed for WPA-PSK) CONFIG_EAP_PSK=y -# EAP-pwd (secure authentication using only a password) -CONFIG_EAP_PWD=y +# EAP-pwd (secure authentication using only a password), requires openssl, currently does not work with gnutls +# CONFIG_EAP_PWD=y # EAP-PAX CONFIG_EAP_PAX=y @@ -327,7 +327,7 @@ # gnutls = GnuTLS # internal = Internal TLSv1 implementation (experimental) # none = Empty template -CONFIG_TLS=openssl +CONFIG_TLS=gnutls # TLS-based EAP methods require at least TLS v1.0. Newer version of TLS (v1.1) # can be enabled to get a stronger construction of messages when block ciphers (end of patch) and have been testing the modified package for about a month now, the frequent disconnects have completely disappeared. The right place for a real fix would probably be openssl, but the problem does not seem to be addressed or sufficiently researched there, so the workaround by using gnutls instead of openssl gnutls seems to be the best option for now. Please note that my system information below reflects the modified package with gnutls instead of openssl. Regards -Klaus -- System Information: Debian Release: 6.0.5 APT prefers stable APT policy: (990, 'stable'), (500, 'stable-updates'), (500, 'unstable'), (500, 'testing'), (1, 'experimental') Architecture: i386 (i686) Kernel: Linux 3.6.5 (SMP w/2 CPU cores; PREEMPT) Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/bash Versions of packages wpasupplicant depends on: ii adduser 3.112+nmu2 add and remove users and groups ii initscripts 2.88dsf-13.13 scripts for initializing and shutt ii libc6 2.13-33 Embedded GNU C Library: Shared lib ii libdbus-1-3 1.6.8-1 simple interprocess messaging syst ii libgcrypt11 1.5.0-3 LGPL Crypto library - runtime libr ii libgnutls26 2.12.20-1 GNU TLS library - runtime library ii libgpg-error0 1.10-3 library for common error values an ii libncurses5 5.7+20100313-5 shared libraries for terminal hand ii libnl-3-200 3.2.7-4 library for dealing with netlink s ii libnl-genl-3-200 3.2.7-4 library for dealing with netlink s ii libreadline5 5.2-12 GNU readline and history libraries ii lsb-base 4.1+Debian7 Linux Standard Base 4.1 init scrip wpasupplicant recommends no packages. -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org