Your message dated Sat, 13 Oct 2018 19:48:46 +0200
with message-id <20181013174843.ga19...@mapreri.org>
and subject line Re: Bug#907518: wpa: problems with openssl 1.1.1
has caused the Debian Bug report #907518,
regarding New libssl1.1 1.1.1~~pre9-1 in unstable breaks connecting to some
wifi networks
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)
--
907518: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=907518
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: wpasupplicant
Version: 2:2.6-18
Severity: important
With libssl1.1 1.1.1~~pre9-1, which more aggressively deprecates smaller
key sizes by default, I can no longer connect to my office wifi network:
wpa_supplicant[523]: OpenSSL: pending error: error:0D07803A:asn1 encoding
routines:asn1_item_embed_d2i:nested asn1 error
wpa_supplicant[523]: OpenSSL: pending error: error:140C800D:SSL
routines:SSL_use_certificate_file:ASN1 lib
wpa_supplicant[523]: OpenSSL: pending error: error:140C618E:SSL
routines:SSL_use_certificate:ca md too weak
wpa_supplicant[523]: TLS: Failed to set TLS connection parameters
wpa_supplicant[523]: EAP-TLS: Failed to initialize SSL.
wpa_supplicant[523]: wlp4s0: EAP: Failed to initialize EAP method: vendor 0
method 13 (TLS)
Downgrading libssl1.1 to 1.1.0h-4 allows me to connect again. Please
adjust the defaults that wpasupplicant initializes OpenSSL with to
continue to allow connecting to such networks.
-- System Information:
Debian Release: buster/sid
APT prefers unstable
APT policy: (500, 'unstable'), (1, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386
Kernel: Linux 4.17.0-3-amd64 (SMP w/4 CPU cores)
Locale: LANG=C.UTF-8, LC_CTYPE=C.UTF-8 (charmap=UTF-8), LANGUAGE=C.UTF-8
(charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
Versions of packages wpasupplicant depends on:
ii adduser 3.117
ii libc6 2.27-5
ii libdbus-1-3 1.12.10-1
ii libnl-3-200 3.4.0-1
ii libnl-genl-3-200 3.4.0-1
ii libpcsclite1 1.8.23-3
ii libreadline7 7.0-5
ii libssl1.1 1.1.1~~pre9-1
ii lsb-base 9.20170808
wpasupplicant recommends no packages.
Versions of packages wpasupplicant suggests:
pn libengine-pkcs11-openssl <none>
pn wpagui <none>
-- no debconf information
--- End Message ---
--- Begin Message ---
On Sun, Oct 07, 2018 at 11:00:48AM +0200, Andrej Shadura wrote:
> I’m unsure what can be done to help resolve this issue from the wpa side.
Exactly.
At most somebody may write a wiki page or something for support, but
it's either the local system administrator changing the ssl settings, or
getting the network fixed by the network administrator.
openssl is unlikely to change, and so is wpa.
Closing this report.
--
regards,
Mattia Rizzolo
GPG Key: 66AE 2B4A FCCF 3F52 DA18 4D18 4B04 3FCD B944 4540 .''`.
more about me: https://mapreri.org : :' :
Launchpad user: https://launchpad.net/~mapreri `. `'`
Debian QA page: https://qa.debian.org/developer.php?login=mattia `-
signature.asc
Description: PGP signature
--- End Message ---
