After an evaluation, GNOME has moved from Bugzilla to GitLab. Learn more about GitLab.
No new issues can be reported in GNOME Bugzilla anymore.
To report an issue in a GNOME project, go to GNOME GitLab.
Do not go to GNOME Gitlab for: Bluefish, Doxygen, GnuCash, GStreamer, java-gnome, LDTP, NetworkManager, Tomboy.
Bug 565065 - [enh] implement EAP-GTC phase2 auth method
[enh] implement EAP-GTC phase2 auth method
Status: RESOLVED FIXED
Product: NetworkManager
Classification: Platform
Component: general
0.7.x
Other Linux
: Normal major
: ---
Assigned To: Dan Williams
Dan Williams
Depends on:
Blocks:
 
 
Reported: 2008-12-19 04:51 UTC by David J. Orman
Modified: 2009-07-31 20:58 UTC
See Also:
GNOME target: ---
GNOME version: ---

Attachments
A working wpa_supplicant conf for GTC auth (309 bytes, text/plain)
2009-04-24 16:05 UTC, Alfonsius Knackschwanz 		Details

Description David J. Orman 2008-12-19 04:51:04 UTC 
Hi,

I am trying to use Fedora 10/Intel 5300 on a Aruba based wireless network, which uses GTC for the inner authentication. I see this option no longer exists in the version of NM that I have: NetworkManager-0.7.0-0.12.svn4326.fc10.x86_64.

Out of curiosity, I used GIT to get the latest source (as of Dec. 18, 2008), and see the following in libnm-util/nm-setting-8021x.c:

 950         { "gtc", NULL, NULL },  // FIXME: implement

So, it appears GTC is not implemented in NM, even though wpa_supplicant supports it. Are there any patches available that allow this to work? This seems to be a regression from version 0.6.x (I don't know the exact version I was using before).

Seeing this comment in the source, it seems to be a known issue. I'm filing it here as it appears to be in NM proper, not just the distribution specific version I have. Is the lack of GTC actually the case, and will this be implemented? Are there any known workarounds other than not using NM?

Respectfully,
David
Comment 1 Uri Okrent 2009-01-31 00:56:58 UTC 
Please see my comments here: http://bugzilla.gnome.org/show_bug.cgi?id=488221#c9. I have a successful and unsuccessful wpa_supplicant output posted on that bug that seems to be this problem.
Comment 2 Cameron Cope 2009-02-20 08:45:01 UTC 
Confirmed as of 02/20/2009 8:40AM GMT, libnm-util/nm-setting-8021x.c line 939 still shows gtc as unimplemented, *FIXME*. This is an important feature, many college networks use 802.1x PEAP-GTC on their wireless networks. (And of course college students are some of the most likely people to be exposed to Linux...)
Comment 3 Alfonsius Knackschwanz 2009-04-24 16:05:11 UTC 
Created attachment 133262 [details]
A working wpa_supplicant conf for GTC auth

This configuration worked for me.
However, I didn't try without the include_tls_length option.

I hope this helps.
Comment 4 Rob Adams 2009-07-29 17:57:18 UTC 
I got this working at my work by changing the infamous line in network-manager to:
	{ "gtc", need_secrets_password, verify_identity }, 

and then just adding the corresponing option to the dialog in nm-applet.  Worked first time; was very easy.
Comment 5 Dan Williams 2009-07-29 18:24:09 UTC 
Fixed:

272c6a626a27f4d3a88a1aedd7887d63f6a818d5 (nm master)
272cf183c7963dfaf019b2f5afc816c0bd2dfd73 (applet master)

272c6a626a27f4d3a88a1aedd7887d63f6a818d5 (nm 0.7)
0461fff8039ce612fb5a50ce760b782f62457d59 (applet 0.7)
Comment 6 Rob Adams 2009-07-29 22:09:00 UTC 
Thanks Dan; I was going to create a real patch but you're so fast you beat me to it :-).  Your patch looks identical to mine except I missed the change to
system-settings/plugins/ifcfg-rh/reader.c
Comment 7 Uri Okrent 2009-07-31 20:58:06 UTC 
Just curious, couldn't there be just an 'auto' option for phase 2? It seems I am able to connect using a wpa_supplicant.conf that is pretty similar to the one attached, even if I just completely comment out or remove the 'phase2=' line.