2012-02-28 19:51:01 |
Walter Mundt |
bug |
|
|
added bug |
2012-02-28 19:56:32 |
Walter Mundt |
bug watch added |
|
https://bugzilla.gnome.org/show_bug.cgi?id=670999 |
|
2012-02-28 19:56:32 |
Walter Mundt |
bug task added |
|
network-manager |
|
2012-02-28 20:34:18 |
Bug Watch Updater |
network-manager: status |
Unknown |
New |
|
2012-02-28 20:34:18 |
Bug Watch Updater |
network-manager: importance |
Unknown |
Medium |
|
2012-02-28 20:57:19 |
Tony Espy |
network-manager (Ubuntu): status |
New |
Incomplete |
|
2012-03-05 18:50:27 |
Walter Mundt |
network-manager (Ubuntu): status |
Incomplete |
New |
|
2012-03-05 21:02:21 |
Mathieu Trudel-Lapierre |
network-manager (Ubuntu): status |
New |
Confirmed |
|
2012-03-05 21:02:24 |
Mathieu Trudel-Lapierre |
network-manager (Ubuntu): importance |
Undecided |
Medium |
|
2012-07-25 17:51:38 |
Bug Watch Updater |
network-manager: status |
New |
Confirmed |
|
2012-07-25 17:51:38 |
Bug Watch Updater |
network-manager: importance |
Medium |
Wishlist |
|
2018-12-18 16:45:51 |
Sebastien Bacher |
network-manager (Ubuntu): status |
Confirmed |
Fix Released |
|
2018-12-19 15:29:39 |
Sebastien Bacher |
description |
NetworkManager does not appear to support private keys encrypted with AES. At the very least, it will not validate such a key in nm-util when setting up a WPA 802.1x TLS wifi connection.
To test:
1. Start with a working (cleartext or DES-3) private key/cert for a network. Set up a connection and verify that everything works.
2. Re-encrypt the key with AES-256 with this command: "openssl rsa -in working-key.pem -out aes-key.pem -aes256" (the output should have a line starting with "DEK-Info: AES-256-CBC,")
3. Delete the settings for the test network and attempt to reconnect using the new key. Even with the correct passphrase, the "Connect" button will remain disabled; debugging will determine that nm-util is failing to validate the private key. |
* Impact
Selecting AES-{192,256}-CBC keys to connect isn't working
* Test case
1. Start with a working (cleartext or DES-3) private key/cert for a network. Set up a connection and verify that everything works.
2. Re-encrypt the key with AES-256 with this command: "openssl rsa -in working-key.pem -out aes-key.pem -aes256" (the output should have a line starting with "DEK-Info: AES-256-CBC,")
3. Delete the settings for the test network and attempt to reconnect using the new key.
That should work
* Regression potential
That's new code for an extra type of keys, it shouldn't impact existing options
--------------
NetworkManager does not appear to support private keys encrypted with AES. At the very least, it will not validate such a key in nm-util when setting up a WPA 802.1x TLS wifi connection. |
|
2018-12-21 16:53:34 |
Brian Murray |
network-manager (Ubuntu Bionic): status |
New |
Fix Committed |
|
2018-12-21 16:53:35 |
Brian Murray |
bug |
|
|
added subscriber Ubuntu Stable Release Updates Team |
2018-12-21 16:53:38 |
Brian Murray |
bug |
|
|
added subscriber SRU Verification |
2018-12-21 16:53:41 |
Brian Murray |
tags |
|
verification-needed verification-needed-bionic |
|
2019-03-10 03:41:03 |
Mathew Hodson |
network-manager (Ubuntu Bionic): importance |
Undecided |
Medium |
|
2019-03-22 19:29:19 |
Brian Murray |
tags |
verification-needed verification-needed-bionic |
removal-candidate verification-needed verification-needed-bionic |
|
2019-03-22 20:45:23 |
Till Kamppeter |
bug |
|
|
added subscriber Ken VanDine |
2019-03-22 20:45:44 |
Till Kamppeter |
bug |
|
|
added subscriber Will Cooke |
2019-03-22 20:46:34 |
Till Kamppeter |
bug |
|
|
added subscriber Olivier Tilloy |
2019-03-22 20:51:03 |
Till Kamppeter |
tags |
removal-candidate verification-needed verification-needed-bionic |
verification-done verification-done-bionic |
|
2019-05-10 12:58:20 |
Timo Aaltonen |
tags |
verification-done verification-done-bionic |
verification-needed verification-needed-bionic |
|
2019-05-10 13:51:34 |
Till Kamppeter |
tags |
verification-needed verification-needed-bionic |
verification-done verification-done-bionic |
|
2019-05-13 14:14:02 |
Ćukasz Zemczak |
removed subscriber Ubuntu Stable Release Updates Team |
|
|
|
2019-05-13 14:14:00 |
Launchpad Janitor |
network-manager (Ubuntu Bionic): status |
Fix Committed |
Fix Released |
|
2019-05-13 14:14:00 |
Launchpad Janitor |
cve linked |
|
2018-1000135 |
|
2019-05-13 14:14:00 |
Launchpad Janitor |
cve linked |
|
2018-15688 |
|
2019-05-22 17:58:39 |
Steve Langasek |
network-manager (Ubuntu Bionic): status |
Fix Released |
In Progress |
|
2019-05-22 17:58:51 |
Steve Langasek |
tags |
verification-done verification-done-bionic |
verification-failed verification-failed-bionic |
|
2019-05-28 13:40:00 |
Sebastien Bacher |
network-manager (Ubuntu Bionic): assignee |
|
Till Kamppeter (till-kamppeter) |
|
2019-09-27 05:02:22 |
Mathew Hodson |
bug watch added |
|
https://bugzilla.gnome.org/show_bug.cgi?id=670999 |
|
2019-09-27 05:02:22 |
Mathew Hodson |
network-manager: importance |
Wishlist |
Unknown |
|
2019-09-27 05:02:22 |
Mathew Hodson |
network-manager: status |
Confirmed |
Unknown |
|
2019-09-27 05:02:22 |
Mathew Hodson |
network-manager: remote watch |
GNOME Bug Tracker #670999 |
bugzilla.gnome.org/ #670999 |
|
2019-09-27 05:02:38 |
Mathew Hodson |
bug watch removed |
https://gitlab.gnome.org/670999 |
|
|
2019-09-27 05:55:25 |
Bug Watch Updater |
network-manager: status |
Unknown |
Confirmed |
|
2019-09-27 05:55:25 |
Bug Watch Updater |
network-manager: importance |
Unknown |
Wishlist |
|
2019-12-14 00:53:45 |
Till Kamppeter |
network-manager (Ubuntu Bionic): assignee |
Till Kamppeter (till-kamppeter) |
|
|
2020-03-17 14:33:22 |
Sebastien Bacher |
bug task deleted |
network-manager (Ubuntu Bionic) |
|
|
2020-11-14 04:25:33 |
Bug Watch Updater |
network-manager: status |
Confirmed |
Expired |
|