Gentoo Forums
Gentoo Forums
Gentoo Forums
Quick Search: in
wpa_supplicant: work for [WPA2-PSK-CCMP][ESS] but not for...
View unanswered posts
View posts from last 24 hours

 
Reply to topic    Gentoo Forums Forum Index Networking & Security
View previous topic :: View next topic  
Author Message
vitaly-zdanevich
Tux's lil' helper
Tux's lil' helper


Joined: 01 Dec 2019
Posts: 106
Location: Belarus

PostPosted: Sat May 25, 2024 1:10 am    Post subject: wpa_supplicant: work for [WPA2-PSK-CCMP][ESS] but not for... Reply with quote

...but not for [WPA-PSK-CCMP+TKIP][WPA2-PSK-CCMP+TKIP][ESS]

Hi, I have this in /etc/wpa_supplicant/wpa_supplicant.conf:

Code:
network={
    ssid="network-name"
    psk="xxxxxxxx"
    scan_ssid=1
    key_mgmt=WPA-EAP WPA-PSK IEEE8021X NONE
    group=CCMP TKIP
    pairwise=CCMP TKIP
    priority=1
}


My all other networks use a config like:

Code:
network={
    ssid="network-name"
    psk="xxxxxxx"
    priority=1
}


Quote:
# emerge --info wpa_supplicant
Portage 3.0.63 (python 3.11.9-final-0, default/linux/amd64/17.1/no-multilib, gcc-13, glibc-2.39-r6, 6.6.21-gentoo+ x86_64)
=================================================================
System Settings
=================================================================
System uname: Linux-6.6.21-gentoo+-x86_64-Intel-R-_Core-TM-_i7-3840QM_CPU_@_2.80GHz-with-glibc2.39
KiB Mem: 16216932 total, 8162684 free
KiB Swap: 33554428 total, 33554428 free
Timestamp of repository gentoo: Tue, 21 May 2024 15:15:00 +0000
Head commit of repository gentoo: ebd53b058998838282dc7cc479432d637c72db4a
Head commit of repository guru: 07cb7c50faada6f5904f6aa2d4b92cb6885bf566

sh bash 5.1_p16-r6
ld GNU ld (Gentoo 2.42 p3) 2.42.0
app-misc/pax-utils: 1.3.7::gentoo
app-shells/bash: 5.1_p16-r6::gentoo
dev-build/autoconf: 2.13-r8::gentoo, 2.71-r7::gentoo
dev-build/automake: 1.16.5-r2::gentoo
dev-build/cmake: 3.28.5::gentoo
dev-build/libtool: 2.4.7-r4::gentoo
dev-build/make: 4.4.1-r1::gentoo
dev-build/meson: 1.4.0-r1::gentoo
dev-java/java-config: 2.3.3-r1::gentoo
dev-lang/perl: 5.38.2-r3::gentoo
dev-lang/python: 3.9.19_p2::gentoo, 3.11.9::gentoo, 3.12.3::gentoo
dev-lang/rust: 1.77.1::gentoo
sys-apps/baselayout: 2.15::gentoo
sys-apps/openrc: 0.54::gentoo
sys-apps/sandbox: 2.38::gentoo
sys-devel/binutils: 2.42-r1::gentoo
sys-devel/binutils-config: 5.5::gentoo
sys-devel/clang: 17.0.6::gentoo
sys-devel/gcc: 13.2.1_p20240210::gentoo
sys-devel/gcc-config: 2.11::gentoo
sys-devel/lld: 17.0.6::gentoo
sys-devel/llvm: 17.0.6::gentoo
sys-kernel/linux-headers: 6.6-r1::gentoo (virtual/os-headers)
sys-libs/glibc: 2.39-r6::gentoo
Repositories:

gentoo
location: /var/db/repos/gentoo
sync-type: rsync
sync-uri: rsync://rsync2.ru.gentoo.org/gentoo-portage/
priority: -1000
volatile: False
sync-rsync-verify-max-age: 24
sync-rsync-extra-opts:
sync-rsync-verify-jobs: 1
sync-rsync-verify-metamanifest: yes

ACCEPT_KEYWORDS="amd64"
ACCEPT_LICENSE="@FREE u/FREE ipw3945"
CBUILD="x86_64-pc-linux-gnu"
CFLAGS="-O2 -march=native -pipe"
CHOST="x86_64-pc-linux-gnu"
CONFIG_PROTECT="/etc /usr/lib64/libreoffice/program/sofficerc /usr/share/config /usr/share/gnupg/qualified.txt"
CONFIG_PROTECT_MASK="/etc/ca-certificates.conf /etc/dconf /etc/env.d /etc/fonts/fonts.conf /etc/gconf /etc/gentoo-release /etc/php/apache2-php8.2/ext-active/ /etc/php/cgi-php8.2/ext-active/ /etc/php/cli-php8.2/ext-active/ /etc/php/fpm-php8.2/ext-active/ /etc/php/phpdbg-php8.2/ext-active/ /etc/revdep-rebuild /etc/sandbox.d /etc/terminfo"
CXXFLAGS="-O2 -march=native -pipe"
DISTDIR="/var/cache/distfiles"
ENV_UNSET="CARGO_HOME DBUS_SESSION_BUS_ADDRESS DISPLAY GDK_PIXBUF_MODULE_FILE GOBIN GOPATH PERL5LIB PERL5OPT PERLPREFIX PERL_CORE PERL_MB_OPT PERL_MM_OPT XAUTHORITY XDG_CACHE_HOME XDG_CONFIG_HOME XDG_DATA_HOME XDG_RUNTIME_DIR XDG_STATE_HOME"
FCFLAGS="-O2 -march=native -pipe"
FEATURES="assume-digests binpkg-docompress binpkg-dostrip binpkg-logs buildpkg-live config-protect-if-modified distlocks ebuild-locks fixlafiles ipc-sandbox merge-sync merge-wait multilib-strict network-sandbox news parallel-fetch pid-sandbox pkgdir-index-trusted preserve-libs protect-owned qa-unresolved-soname-deps sandbox sfperms strict unknown-features-warn unmerge-logs unmerge-orphans userfetch userpriv usersandbox usersync xattr"
FFLAGS="-O2 -march=native -pipe"
GENTOO_MIRRORS="http://mirror.yandex.ru/gentoo-distfiles/ http://gentoo-mirror.alexxy.name/"
LANG="C.UTF8"
LDFLAGS="-Wl,-O1 -Wl,--as-needed"
LEX="flex"
PKGDIR="/var/cache/binpkgs"
PORTAGE_CONFIGROOT="/"
PORTAGE_RSYNC_OPTS="--recursive --links --safe-links --perms --times --omit-dir-times --compress --force --whole-file --delete --stats --human-readable --timeout=180 --exclude=/distfiles --exclude=/local --exclude=/packages --exclude=/.git"
PORTAGE_TMPDIR="/var/tmp"
RUSTFLAGS="-C debuginfo=0 -C target-cpu=native -C opt-level=3"
SHELL="/bin/bash"
USE="X acl amd64 bluray bzip2 chromecast cli crypt dbus dri dvd egl elogind eme-free exif ffmpeg flac fortran gdbm gdk-pixbuf graphite grub heif iconv jpeg libtirpc lto matroska mp3 ncurses nls ogg opengl openmp opus pam pcre pgo png pulseaudio rdp readline seccomp split-usr ssl svg test-rust tiff tkip unicode v4l vaapi vpx webp x264 x265 xattr xml zlib" ABI_X86="64" ADA_TARGET="gcc_12" APACHE2_MODULES="authn_core authz_core socache_shmcb unixd actions alias auth_basic authn_anon authn_dbm authn_file authz_dbm authz_groupfile authz_host authz_owner authz_user autoindex cache cgi cgid dav dav_fs dav_lock deflate dir env expires ext_filter file_cache filter headers include info log_config logio mime mime_magic negotiation rewrite setenvif speling status unique_id userdir usertrack vhost_alias" CALLIGRA_FEATURES="karbon sheets words" COLLECTD_PLUGINS="df interface irq load memory rrdtool swap syslog" CPU_FLAGS_X86="aes avx f16c mmx mmxext pclmul popcnt rdrand sse sse2 sse3 sse4_1 sse4_2 ssse3" ELIBC="glibc" GPSD_PROTOCOLS="ashtech aivdm earthmate evermore fv18 garmin garmintxt gpsclock greis isync itrax mtk3301 ntrip navcom oceanserver oncore rtcm104v2 rtcm104v3 sirf skytraq superstar2 tsip tripmate tnt ublox" INPUT_DEVICES="libinput" KERNEL="linux" LCD_DEVICES="bayrad cfontz glk hd44780 lb216 lcdm001 mtxorb text" LLVM_TARGETS="x64" LUA_SINGLE_TARGET="lua5-1" LUA_TARGETS="lua5-1" OFFICE_IMPLEMENTATION="libreoffice" PHP_TARGETS="php8-1" POSTGRES_TARGETS="postgres15" PYTHON_SINGLE_TARGET="python3_11" PYTHON_TARGETS="python3_11" RUBY_TARGETS="ruby31 ruby32" VIDEO_CARDS="intel i965" XTABLES_ADDONS="quota2 psd pknock lscan length2 ipv4options ipp2p iface geoip fuzzy condition tarpit sysrq proto logmark ipmark dhcpmac delude chaos account"
Unset: ADDR2LINE, AR, ARFLAGS, AS, ASFLAGS, CC, CCLD, CONFIG_SHELL, CPP, CPPFLAGS, CTARGET, CXX, CXXFILT, ELFEDIT, EMERGE_DEFAULT_OPTS, EXTRA_ECONF, F77FLAGS, FC, GCOV, GPROF, INSTALL_MASK, LC_ALL, LD, LFLAGS, LIBTOOL, LINGUAS, MAKE, MAKEFLAGS, MAKEOPTS, NM, OBJCOPY, OBJDUMP, PORTAGE_BINHOST, PORTAGE_BUNZIP2_COMMAND, PORTAGE_COMPRESS, PORTAGE_COMPRESS_FLAGS, PORTAGE_RSYNC_EXTRA_OPTS, PYTHONPATH, RANLIB, READELF, SIZE, STRINGS, STRIP, YACC, YFLAGS

=================================================================
Package Settings
=================================================================

net-wireless/wpa_supplicant-2.10-r4::gentoo was built with the following:
USE="dbus fils hs2-0 mbo mesh readline tkip -ap -broadcom-sta -eap-sim -eapol-test -fasteap -macsec -p2p -privsep (-ps3) -qt5 (-selinux) -smartcard -tdls -uncommon-eap-types -wep (-wimax) -wps"
FEATURES="assume-digests binpkg-docompress binpkg-dostrip binpkg-logs buildpkg-live config-protect-if-modified distlocks ebuild-locks fixlafiles ipc-sandbox merge-sync multilib-strict network-sandbox news parallel-fetch pid-sandbox pkgdir-index-trusted preserve-libs protect-owned qa-unresolved-soname-deps sandbox sfperms strict unknown-features-warn unmerge-logs unmerge-orphans userfetch userpriv usersandbox usersync xattr"


Thanks for the help.
Back to top
View user's profile Send private message
salahx
Guru
Guru


Joined: 12 Mar 2005
Posts: 556

PostPosted: Sat May 25, 2024 1:51 am    Post subject: Reply with quote

You need to use USE="tkip" on net-wireless/wpa_supplicant to use TKIP. Its not set by default because its weak and deprecrated (in 2009).
Back to top
View user's profile Send private message
vitaly-zdanevich
Tux's lil' helper
Tux's lil' helper


Joined: 01 Dec 2019
Posts: 106
Location: Belarus

PostPosted: Sat May 25, 2024 4:39 am    Post subject: Reply with quote

I have it, as you can see from my emerge --info.
Back to top
View user's profile Send private message
vitaly-zdanevich
Tux's lil' helper
Tux's lil' helper


Joined: 01 Dec 2019
Posts: 106
Location: Belarus

PostPosted: Sat May 25, 2024 4:43 am    Post subject: Reply with quote

Also I see that tkip is enabled by default https://github.com/gentoo/gentoo/blob/c798a7172b235f6767a1f7e4117eb07cf53c3d08/net-wireless/wpa_supplicant/wpa_supplicant-2.10-r5.ebuild#L21
Back to top
View user's profile Send private message
grknight
Retired Dev
Retired Dev


Joined: 20 Feb 2015
Posts: 1921

PostPosted: Sat May 25, 2024 12:55 pm    Post subject: Reply with quote

vitaly-zdanevich wrote:
Also I see that tkip is enabled by default https://github.com/gentoo/gentoo/blob/c798a7172b235f6767a1f7e4117eb07cf53c3d08/net-wireless/wpa_supplicant/wpa_supplicant-2.10-r5.ebuild#L21

This is incorrect. It is not.
Unfortunately, I don't have any further insight into the actual problem.
Back to top
View user's profile Send private message
vitaly-zdanevich
Tux's lil' helper
Tux's lil' helper


Joined: 01 Dec 2019
Posts: 106
Location: Belarus

PostPosted: Sun May 26, 2024 1:19 am    Post subject: Reply with quote

Ops yes tkip is not enabled by default, but it enabled on my system through the global USE flag.
Back to top
View user's profile Send private message
Display posts from previous:   
Reply to topic    Gentoo Forums Forum Index Networking & Security All times are GMT
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum