Re: WPA Enterprise (EAP-TLS) system connection

From: Rafał Lichwała <rafal siliconet pl>
To: networkmanager-list gnome org
Subject: Re: WPA Enterprise (EAP-TLS) system connection
Date: Wed, 03 Dec 2008 16:38:38 +0100

Hi,

I must confirm that what John wrote.

EAP-TLS connections also do not work at all in NetworkManager 0.7 underUbuntu 8.10 (Interpid).

Using the newest Ubuntu release 8.10 (Interpid) and Network Managertaken directly from their repositories (version:0.7~~svn20081018t105859-0ubuntu1.8.10.1) it does not allow to createEAP-TLS connection in nm-connection-editor.

When running nm-connection-editor in console I have:

** (nm-connection-editor:6098): WARNING **: Invalid setting 802.1xSecurity: Invalid 802.1x security** (nm-connection-editor:6098): WARNING **: Invalid connection:'NMSetting8021x' / 'client-cert' invalid: 2

I'd like also to check what is the difference in the latest SVN versionof NetworkManager, but...a few revisions ago everything seemed to build fine. Now (fresh SVNversion of NetworkManager revision 4359) I have the following errorduring build:


##############

if gcc -DHAVE_CONFIG_H -I. -I. -I.. -I.. -I../include -I../marshallers-I../src/named-manager -I../src/vpn-manager -I../src/dhcp-manager-I../src/supplicant-manager -I../src/dnsmasq-manager -I../libnm-util-I../callouts -I/usr/include/dbus-1.0 -I/usr/lib/dbus-1.0/include-I/usr/include/glib-2.0 -I/usr/lib/glib-2.0/include-DDBUS_VERSION_MAJOR=1 -DDBUS_VERSION_MINOR=2 -DDBUS_VERSION_MICRO=4-pthread -I/usr/include/glib-2.0 -I/usr/lib/glib-2.0/include-DDBUS_API_SUBJECT_TO_CHANGE -I/usr/include/hal -I/usr/include/dbus-1.0-I/usr/lib/dbus-1.0/include -DDBUS_API_SUBJECT_TO_CHANGE-DG_DISABLE_DEPRECATED -DBINDIR=\"/usr/bin\" -DSBINDIR=\"/usr/sbin\"-DLIBEXECDIR=\"/usr/libexec\" -DDATADIR=\"/usr/share\"-DSYSCONFDIR=\"/etc\" -DLOCALSTATEDIR=\"/var\"-DNM_RUN_DIR=\"/var/run/NetworkManager\"-DNMLOCALEDIR=\"/usr/share/locale\" -DARP_DEBUG -Wall -Werror-std=gnu89 -g -O2 -Wshadow -Wmissing-declarations -Wmissing-prototypes-Wdeclaration-after-statement -Wfloat-equal -Wno-unused-parameter-Wno-sign-compare -fno-strict-aliasing -MTNetworkManager-nm-netlink-monitor.o -MD -MP -MF".deps/NetworkManager-nm-netlink-monitor.Tpo" -c -oNetworkManager-nm-netlink-monitor.o `test -f 'nm-netlink-monitor.c' ||echo './'`nm-netlink-monitor.c; \then mv -f ".deps/NetworkManager-nm-netlink-monitor.Tpo"".deps/NetworkManager-nm-netlink-monitor.Po"; else rm -f".deps/NetworkManager-nm-netlink-monitor.Tpo"; exit 1; fi

cc1: warnings being treated as errors
nm-netlink-monitor.c: In function ‘nm_netlink_monitor_error_handler’:

nm-netlink-monitor.c:488: error: format not a string literal and noformat arguments

make[4]: *** [NetworkManager-nm-netlink-monitor.o] Error 1
###########

What's the problem?

In my company I'm able to use EAP-TLS based wired connection only, so Imust say that unfortunately NetworkManager is now completely useless forme :( I have to setup this connection manually via wpa-... stuff.

NetworkManager is a great piece of software! and I found it very usefulin other things like ppp GSM connections just out of the box.So.. please make this EAP-TLS bug with a high priority and please fix itASAP :-)


Bug described for ubuntu:

https://bugs.launchpad.net/ubuntu/+source/network-manager/+bug/245184

Best regards,
Rafal Lichwala








John S. Skogtvedt wrote:

Hello,

currently it doesn't seem possible to use either EAP-TLS or other WPA
Enterprise system connections.
(I'm using network-manager 0.7 packages from Debian Experimental.)

The connection editor doesn't allow adding a EAP-TLS connection
("Invalid connection: NMSetting8021x / client-cert invalid: 2").

I've also tried manually putting together a keyfile to put in
/etc/NetworkManager/system-connections, modeling it on the settings
visible in GConf and a (working) existing WPA-PSK keyfile. I used a
decrypted client certificate, but got an error message about missing
secrets.
This was 2 months ago, and I've since lost the keyfile. If need be I can
recreate the keyfile and do more tests.


Has anyone gotten this to work? Or can anyone offer advice on what
changes might be necessary to get it to work?


It's a very useful feature for cases where one needs to have a network
connection at the login screen, either for authentication or mounting
remote directories.


Thanks,

John.
_______________________________________________
NetworkManager-list mailing list
NetworkManager-list gnome org
http://mail.gnome.org/mailman/listinfo/networkmanager-list

Follow-Ups:
- Re: WPA Enterprise (EAP-TLS) system connection
  - From: Chuck Anderson
- Re: WPA Enterprise (EAP-TLS) system connection
  - From: Dan Williams

References:
- WPA Enterprise (EAP-TLS) system connection
  - From: John S. Skogtvedt

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]