PEAP wifi can't connect (ubuntu live/installer is also not working

i tried with ASUS USB-AX56 (RTL8852AU) wifi card is also not working
i think is something wrong with ubuntu 22.04
20.04 lts or windows is working + kali linux is also working
please fix this

I confirm is wpasupplicant form Ubuntu is causing issue
Beacause after I install wpasupplicant from Debian Sid then is fixed

Thank you for your bug report, that could be similar to bug #1958267

> Beacause after I install wpasupplicant from Debian Sid then is fixed

that's a bit of a weird because the current Ubuntu package is a direct sync from Debian, so you replaced by the same version and it's working? that would suggest a problem with the build, maybe another side effect of the openssl3 transition in Ubuntu

Could you reinstall the Ubuntu wpa, edit /lib/systemd/system/wpa_supplicant.service to add a '-d' to the ExecStart cmd, restart, try to connect and share the 'journalctl -b 0' log from the system?

so you replaced by the same version and it's working?
--> yes it is work as how it should (downgrade but version number is same)
and at home i CAN'T test WPA2 Enterprise, only at school i can try

plus kali linux dosen't have this issue too (I did to upgrade everything to latest)

any chance you could provide the journal log requested?

this file is full log
beacause i dont want to try to upgrade and is not working

could you try maybe from a live session if you don't want to change your system? you would just need to restart the wpa service after changing the option. The journal log you attached is not usable without debug on nor a limited entry around the time of the issue

Is i must have live session log?

Live session also have issue as what i tried

without a debug log it's going to be harder to figure out the problem so yes we need a debug log

I installed wpasupplicant_2.10-2_amd64.deb and libssl1.1_1.1.1m-1_amd64.deb from debian sid. It works.
I attached the log from journalctl -b 0 with ubuntu's wpasupplicant package.

thanks, the journal has some error, did you edit the .service to add the -d to the execstart as request? wpa doesn't seem to be in debug mode on that log

I had edited the .service file but it was deleted when I reinstalled the ubuntu packages :-)
The new log is attached.

Thanks for the Debug log, I reported the issue upstream now on http://lists.infradead.org/pipermail/hostap/2022-March/040304.html

bug #1958267 is also a similar issue

logs from live system

on the upstream mailing list it was asked if someone could get a debug log using '-ddddddddddd' instead of '-d' for even extra debugging

logs with '-ddddddddddd' from ubuntu 22.04 beta

Thanks!

Same issue here. Workarounded it by downgrading wpasupplicant from 2:2.10-6 to 2:2.9.0-21build1.

Sounds like the best option there is to set SSL_OP_LEGACY_SERVER_CONNECT which is what fedora did in https://src.fedoraproject.org/rpms/wpa_supplicant/c/2a2d1848 , we will work on an similar update for Ubuntu

There is a detailed writeup about the issue on https://bugzilla.redhat.com/show_bug.cgi?id=2072070#c24.

Hello leonpano, or anyone else affected,

Accepted wpa into jammy-proposed. The package will build now and be available at https://launchpad.net/ubuntu/+source/wpa/2:2.10-6ubuntu1 in a few hours, and then in the -proposed repository.

Please help us by testing this new package. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation on how to enable and use -proposed. Your feedback will aid us getting this update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested, what testing has been performed on the package and change the tag from verification-needed-jammy to verification-done-jammy. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-failed-jammy. In either case, without details of your testing we will not be able to proceed.

Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance for helping!

N.B. The updated package will be released to -updates after the bug(s) fixed by this package have been verified and the package has been in -proposed for a minimum of 7 days.

All autopkgtests for the newly accepted wpa (2:2.10-6ubuntu1) for jammy have finished running.
The following regressions have been reported in tests triggered by the package:

netplan.io/0.104-0ubuntu2 (arm64)
network-manager/1.36.4-2ubuntu1 (amd64)

Please visit the excuses page listed below and investigate the failures, proceeding afterwards as per the StableReleaseUpdates policy regarding autopkgtest regressions [1].

https://people.canonical.com/~ubuntu-archive/proposed-migration/jammy/update_excuses.html#wpa

[1] https://wiki.ubuntu.com/StableReleaseUpdates#Autopkgtest_Regressions

Thank you!

Hello,
I can confirm the proposed package is fixing the authentication in our enterprise network where MSCHAPv2 + PEAP + No CA Cert is used as authentication.

We tested it by upgrading from wpa_supplicant 2.9 to 2:2.10-6ubuntu1

Thank you.

Thanks for testing, I'm marking the SRU as verified!

The failed n-m autopkgtest worked on retry, netplan seems flacky before that upload but was retried now

Hi,

I've tested the proposed package by only upgrading to wpa_supplicant 2:2.10-6ubuntu1 and no other proposed packages.

After rebooting I'm still not able to connect to our enterprise network. We are also using MSCHAPv2 + PEAP + No CA Cert for authentication.

Live Boot of 20.04 can connect fine.

Let me know if I can provide any more information.

Thank you.

@Michael, I think it's best at this point to do a new report using the instruction given here before so we can focus the discuss on that specific issue where here there is probably different setups and problems described.

Please report the bug using
$ ubuntu-bug wpasupplicant

then edit /lib/systemd/system/wpa_supplicant.service to add a '-d' to the ExecStart cmd, restart, try to connect and share the 'journalctl -b 0' log from the system.

This bug was fixed in the package wpa - 2:2.10-9

---------------
wpa (2:2.10-9) unstable; urgency=medium

  [ Sebastien Bacher ]
  * debian/patches/allow-legacy-renegotiation.patch:
    Allow legacy renegotiation to fix PEAP issues with some servers
    (Closes: #1010603, LP: #1962541)

 -- Andrej Shadura <email address hidden> Thu, 05 May 2022 11:23:33 +0100

Hi @Sebastien, no problem at all.

I will create a new bug report once I'm sure I've tried everything on my side.

Have a lovely day.

Thank you Seb, I had the issue reported in this bug in a WeWork today (first time connecting since updating to Jammy) and the package in -proposed resolved the issue for me as well.

Promotion from -proposed sure would be nice. I see verification has been done but a update excuses shows an netplan.io regression[1]. I'm not sure if the test is flaky but I see that seb retried it a few times[2] last week and it failed consistently, so maybe not.

I'm just curious if there's any status on the test failure.

(Also, I started writing this thinking it had been a month but it's been less than a week and I can't tell time. I know it wouldn't be promoted with less than a week in -proposed anyway.)

[1] https://people.canonical.com/~ubuntu-archive/proposed-migration/jammy/update_excuses.html#wpa
[2] https://autopkgtest.ubuntu.com/packages/netplan.io/jammy/arm64

I just installed the -proposed package and still no dice. Could someone post (here or elsewhere) a instructions for getting this working from scratch as of today?

@Anton

Please report a new bug using
$ ubuntu-bug wpasupplicant

then edit /lib/systemd/system/wpa_supplicant.service to add a '-d' to the ExecStart cmd, restart, try to connect and share the 'journalctl -b 0' log from the system.

This bug was fixed in the package wpa - 2:2.10-6ubuntu1

---------------
wpa (2:2.10-6ubuntu1) jammy; urgency=medium

  * debian/patches/allow-legacy-renegotiation.patch:
    allow legacy renegotiation to fix PEAP issues with some servers
    (lp: #1962541)

 -- Sebastien Bacher <email address hidden> Thu, 05 May 2022 11:31:26 +0200

The verification of the Stable Release Update for wpa has completed successfully and the package is now being released to -updates. Subsequently, the Ubuntu Stable Release Updates Team is being unsubscribed and will not receive messages about this bug report. In the event that you encounter a regression using the package from -updates please report a new bug using ubuntu-bug and tag the bug report regression-update so we can easily find any regressions.

Same as @melser-anton
I installed 2:2.10-6ubuntu1 from ubuntu-updates but still no luck. I followed the instructions in #35 and submitted a new bug #1974040