Identity/Domain problem in PEAP
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
wicd |
Fix Released
|
High
|
David Paleino |
Bug Description
I'm using wicd 1.7 in an up-to-date (as of 11/28/11) debian testing; just moved to XFCE4 and wicd to avoid Gnome3.
Problem was that, while I could connect to my home (unsecured) wifi, I could not do so at the office (Lehigh University), using their WPA2-PEAP system.
No matter what I did I got a "bad passowrd" reply. Yes, my password is correct. I was using WPA2-PEAP settings.
I poked around, and found that the files in /var/lib/
identity=
that was the identity that it passed on to wpa_supplicant, so actually it was the identity, not the password, that was wrong. The server would of course just give back the bas-password reply.
I think that is a bug in the script for WPA2-PEAP in /etc/wicd/
identity=
and it seems that only the first part is translated to the domain.
In addition, I found a new template on the net, which is what finally worked for me, on http://
-------
name = PEAP with MSCHAPv2
author = ElitestFX
version = 1
require identity *Identity password *Password
-----
ctrl_interface=
network={
eap=PEAP
}
-------
I actually modified it to put the phase2 command at the end, which seems a bit more reliable. Then add peap-mschapv2 to /etc/wicd/
It does seem to not work every time, but if I insist, it will connect. Maybe the template needs a bit of tweaking to be more stable.
At any rate, I think the provided templates using identity=
I confirm that I have the same problem of only $_DOMAIN being replaced.
More generally, it seems that only (all the ocurrences of) the first variable to occur will be replaced. For example
$_DOMAIN $_IDENTITY $_DOMAIN $_IDENTITY
will be replaced by
mydomain $_IDENTITY mydomain $_IDENTITY
I tried to find which part of wicd takes care of this replacement to fix it, but unfortunately failed to find it.