Bug 1101206

Summary: wpa_supplicant: cannot connect to EAP-TLS secured network
Product: [openSUSE] openSUSE Distribution Reporter: Sławomir Nizio <poczta-sn>
Component: NetworkAssignee: Ruediger Oertel <ro>
Status: RESOLVED DUPLICATE QA Contact: E-mail List <qa-bugs>
Severity: Normal    
Priority: P5 - None CC: karol, vcizek
Version: Leap 15.0   
Target Milestone: ---   
Hardware: Other   
OS: Other   
Whiteboard:
Found By: --- Services Priority:
Business Priority: Blocker: ---
Marketing QA Status: --- IT Deployment: ---

Description Sławomir Nizio 2018-07-13 19:13:48 UTC 
User-Agent:       Mozilla/5.0 (X11; Linux x86_64; rv:60.0) Gecko/20100101 Firefox/60.0
Build Identifier: 

Hello world!

Please excuse the lack of any logs but I am on a different system now, however the issue I'd like to report is already known so I will refer to a few sites.

After the upgrade from openSUSE Leap 42.3 to 15.0, I was able to connect to WiFi networks other than one using EAP-TLS.

The issue is exactly like here:
https://bugs.archlinux.org/task/54233

the workaround mentioned in comment https://bugs.archlinux.org/task/54233#comment158109 helped.

It has been reported to openSUSE as well: https://forums.opensuse.org/showthread.php/531623-Can-t-connect-to-EAP-TLS-secured-network

some more context with links to patches: https://github.com/openssl/openssl/issues/3594.

Based on sources used in Leap and the fact that the binary seems to link with openssl 1.1, the package is actually affected by this bug.

Reproducible: Always
Comment 1 Vítězslav Čížek 2018-07-16 09:54:03 UTC 
According to the last comment at the openssl github page, the issue was fixed in wpa_supplicant in the following commit:
https://w1.fi/cgit/hostap/commit/?id=f665c93e1d28fbab3d9127a8c3985cc32940824f
And later polished in:
https://w1.fi/cgit/hostap/commit/?id=63942cf0f309e067bc5bfef95194bd17e48bf5ef
Comment 2 Karol Babioch 2018-10-12 12:46:38 UTC 
This should be resolved by now. It is another duplicate of bug 1099835.

*** This bug has been marked as a duplicate of bug 1099835 ***