# [STOPGAP fix] problems connecting w/peap wpa_supplicant-2.4

## zje

I use wicd and wpa_supplicant to connect to an enterprise network using PEAP-GTC.  After updating wpa_supplicant last night, it seems that I can no longer connect. I'm not getting much in the way of debugging information, other than "authentication failed" or "bad password" in the wicd logs.

I tried rolling back to a previous version (when I found a wired connection), but it appears that has been dropped: https://bugs.gentoo.org/show_bug.cgi?id=524928

Has anyone experienced anything similar? Aside from using an old ebuild from version control, is there anything else I can do/try here?Last edited by zje on Fri May 01, 2015 3:13 pm; edited 2 times in total

----------

## ASID

Exactly same issue for me :/

----------

## zje

I'm trying to roll back to 2.3 with a local overlay, but this is proving to be a little complicated since the files were deleted from the repository (working on checking out an older revision now, but up against some work deadlines too). Since 2.3 is unaffected by the vulnerability, what would it take to get it readded?

https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-3686

----------

## charles17

 *zje wrote:*   

> I use wicd and wpa_supplicant to connect to an enterprise network using PEAP-GTC.  After updating wpa_supplicant last night, it seems that I can no longer connect. I'm not getting much in the way of debugging information, other than "authentication failed" or "bad password" in the wicd logs.

 

Could you run wpa_supplicant in the foreground and pastebin your output? (Adjust-iwlan0 to your network interface name) 

```
# wpa_supplicant -Dnl80211 -iwlan0 -C/var/run/wpa_supplicant/ -c/etc/wpa_supplicant/wpa_supplicant.conf -dd
```

----------

## zje

http://pastebin.com/CaMM6PAU

interesting that I got:

```
wlp4s0: CTRL-EVENT-EAP-SUCCESS EAP authentication completed successfully
```

But when I run dhcpcd , it times out after "waiting for carrier"

Thanks!

----------

## charles17

 *zje wrote:*   

> But when I run dhcpcd , ...

 ???

Did you mean wpa_gui?  You know you should not run dhcpcd as a service itself.  Are you using Gentoo net.* scripts or dhcpcd?

----------

## zje

Normally I use wicd to manage everything, I'm running dhcpcd manually in this case since we're also running wpa_supplicant manually - just for debugging purposes. Sorry for any confusion. Just to be clear, this configuration and setup (everything with wicd) worked with wpa_supplicant-2.2.  Running with dhcpcd as a service yields the same result (iwconfig after wpa_supplicant reports that I'm connected to the ESSID, but I cannot obtain an IP address).

----------

## zje

I installed wpa_supplicant 2.3 from cvs and everything works as it used to. It also appears that 2.3 is not vulnerable to the exploit for which 2.2 was removed, so I will take this as an acceptable fix.

The hardest part was working with cvs, which I haven't used in roughly a decade. For anyone interested, here's the command to get the working 2.3 version:

```

cvs -d :pserver:anonymous@anoncvs.gentoo.org:/var/cvsroot co -D 2015-03-03 gentoo-x86/net-wireless/wpa_supplicant 

```

At that point, it's just a matter of adding the 2.3 ebuild and files to your local overlay and masking 2.4.

I will probably file a bug in a few weeks when I have more time to look into it, I'm up against work deadlines and couldn't have this interfering.

----------

## agemo

Hello people!

I've encountered the same problem, filed the bug report at:

https://bugs.gentoo.org/show_bug.cgi?id=551958

----------

