Closed Bug 857503 Opened 11 years ago Closed 11 years ago

[Buri][WIFI]WPA-EAP

Categories

(Firefox OS Graveyard :: Wifi, defect)

Product:
Firefox OS Graveyard
Component:
Wifi
Platform:
ARM
Gonk (Firefox OS)
Type:
defect
Priority:
Not set
Severity:
normal

Tracking

(Not tracked)

Status:
RESOLVED DUPLICATE of bug 868941

People

(Reporter: sync-1, Assigned: chucklee)

References

Details

Attachments

(6 files, 2 obsolete files)

android OS show
(deleted), image/png
Details
FireFox OS show
2.89 MB, image/jpeg
Details
this is android devices set
43.87 KB, image/png
Details
android OS log
1.01 MB, text/plain
Details
FireFox OS log
550.34 KB, text/plain
Details
WIP - Force enable IEEE 802.1X support and limit to PEAP mode while using WPA-EAP encryption.
2.34 KB, patch
Details | Diff | Splinter Review 
AU_LINUX_GECKO_ICS_STRAWBERRY_V1.01.00.01.19.044
 Firefox os  v1.0.1
 Mozilla build ID: 20130319070203
 
 +++ This bug was initially created as a clone of Bug #432340 +++
 
 Created an attachment (id=378477)
 picture
 
 DEFECT DESCRIPTION:
 1.Settings->Wi-Fi->Manage networks->Join hidden network->Security:WPA-EAP
 2.I have not see WPA-EAP before,is it 802.1x EAP?If it is 802.1x EAP,I only find Identifier and Password,cann't find EAP method,Phase 2 authentication and so on;
 3.If it is 802.1x EAP ,I input SSID network name(wifi-user),Identifier(wifi-user)and password,cann't connect successfully,but I input the same SSID network name,same Identifier and password in android,can connect successfully
 REPRODUCING PROCEDURES:
 EXPECTED BEHAVIOUR:
 
 ASSOCIATE SPECIFICATION:
 
 TEST PLAN REFERENCE:
 
 TOOLS AND PLATFORMS USED:
 
 USER IMPACT:
 
 REPRODUCING RATE:5/5
 
 For FT PR, Please list reference mobile's behavior:
 
 ++++++++++ end of initial bug #432340 description ++++++++++
 
 
 
 CONTACT INFO (Name,Phone number):
 
  DEFECT DESCRIPTION:
 
  REPRODUCING PROCEDURES:
 
  EXPECTED BEHAVIOUR:
 
  ASSOCIATE SPECIFICATION:
 
  TEST PLAN REFERENCE:
 
  TOOLS AND PLATFORMS USED:
 
  USER IMPACT:
 
  REPRODUCING RATE:
 
  For FT PR, Please list reference mobile's behavior:
Chuck, please look into this bug.
Assignee: nobody → chulee
I will try to solve the bug, but need report's help to test it since I can't find an AP to reproduce this bug.
But, as far as I know, WPA-EAP is disabled for now because it's not fully supported. Maybe we need another bug to remove WPA-EAP option in "Join hidden network" for now?
Attached image android OS show (deleted) — 

    
    

    
  

      
      
      
      

        Attached image
          
        FireFox OS show
      

    


  

    
    

    
  
User doesn't have to choose EAP method in FxOS, it will select one that can connect to AP automatically.
For phase 2 authentication, it is not supported now.

    
    

    
  
(In reply to Chuck Lee [:chucklee] from comment #5)

 I have not see WPA-EAP before,is it 802.1x EAP?If it is 802.1x EAP,why I can not connect with 
 SSID network name(wifi-user),Identifier(wifi-user)and password? If is not 802.1x EAP,what is WPA-EAP and which security of AP could I connect? Thanks.

    
    

    
  
Currently "key_mgmt=WPA-EAP" is set to wpa_supplicant on WPA-EAP mode APs, I don't know what's specific type of AP it can connect, because it seems be able to connect to many APs set to WAP-EAP mode.
Based on the help file, maybe it means all AP of WPA-EAP mode, except using 8021X for authentication.
So I make a little patch to set WPA-EAP mode to "key_memg=WPA_EAP IEEE8021X", and you may test if it works.

Also I like to mention again, as far as I know, WPA-EAP mode is not supported right now.
The method you used to enable WPA-EAP mode is a bug in gaia, might be removed soon or later.

    
    

    
  


  
Add 802.1X support on all WPA-EAP mode AP.

        Attachment #737320 -
        Flags: feedback?(vchang)

        Attachment #737320 -
        Flags: feedback?(mrbkap)

    
    

    
  
Comment on attachment 737320 [details] [diff] [review]
WIP - Force enable IEEE 802.1X support while using WPA-EAP encryption.

Review of attachment 737320 [details] [diff] [review]:
-----------------------------------------------------------------

::: dom/wifi/WifiWorker.js
@@ +200,5 @@
>  
>    function setNetworkVariableCommand(netId, name, value, callback) {
> +    if (name === "key_mgmt" && value === "WPA-EAP") {
> +      value += " IEEE8021X";
> +    }

Can we move this logic to setNetworkConfiguration() function ?

        Attachment #737320 -
        Flags: feedback?(vchang)

    
    

    
  
Comment on attachment 737320 [details] [diff] [review]
WIP - Force enable IEEE 802.1X support while using WPA-EAP encryption.

Is there any reason we can't do the fixup in netFromDOM?

        Attachment #737320 -
        Flags: feedback?(mrbkap)

    
    

    
  
(In reply to Blake Kaplan (:mrbkap) from comment #10)
> Comment on attachment 737320 [details] [diff] [review]
> WIP - Force enable IEEE 802.1X support while using WPA-EAP encryption.
> 
> Is there any reason we can't do the fixup in netFromDOM?

Oops, I forgot about this function.
Thanks, Blake!

    
    

    
  


  
Address comment 10, Please test it.
Description about this patch is comment 7.

        Attachment #737320 -
        Attachment is obsolete: true
Flags: needinfo?(rll)

    
    

    
  
(In reply to Chuck Lee [:chucklee] from comment #12)

Hi Chuck,

I add this patch 738340 into source code, it also can not connect 802.1x Ap successfully when android device can connect.
Flags: needinfo?(rll)

    
    

    
  
(In reply to rayren from comment #13)
> (In reply to Chuck Lee [:chucklee] from comment #12)
> 
> Hi Chuck,
> 
> I add this patch 738340 into source code, it also can not connect 802.1x Ap
> successfully when android device can connect.

Can you tell me what's your AP and android settings? Including EAP mode, use phase 2 or not, use CA or not.

Screen shots of the settings page should be a best help.

    
    

    
  


  

    
    

    
  
(In reply to Chuck Lee [:chucklee] from comment #14)

> Can you tell me what's your AP and android settings? Including EAP mode, use
> phase 2 or not, use CA or not.
> 
> Screen shots of the settings page should be a best help.

attachment 738863 [details] is android devices settings.

    
    

    
  
(In reply to rayren from comment #16)
> (In reply to Chuck Lee [:chucklee] from comment #14)
> 
> > Can you tell me what's your AP and android settings? Including EAP mode, use
> > phase 2 or not, use CA or not.
> > 
> > Screen shots of the settings page should be a best help.
> 
> attachment 738863 [details] is android devices settings.

Hi,
  I don't know what else could result in this bug.
  Can you provide logcat of both Android and FFOS?

    
    

    
  

      
      
      
      

        Attached file
          
        android OS log
      

    


  

    
    

    
  

      
      
      
      

        Attached file
          
        FireFox OS log
      

    


  

    
    

    
  
(In reply to Chuck Lee [:chucklee] from comment #17)

> Hi,
>   I don't know what else could result in this bug.
>   Can you provide logcat of both Android and FFOS?

Hi Chunk,

this tow attachment 741204 [details] and 741206 are android and firefox log, the wifi's ssid is 'wifi-user'.

    
    

    
  
Compare the log between Android and FXOS:
AP challenges Android with EAP-FAST then PEAP.
AP challenges FXOS with EAP-FAST, TLS, then TTLS. But never PEAP.

Based on log, FXOS replies allowed methods containing MD5(4), TLS(13), MSCHAPV2(26), PEAP(25), TTLS(21), GTC(6), OTP(5), SIM(18), LEAP(17), ...
D/wpa_supplicant(  542): EAP: allowed methods - hexdump(len=11): 04 0d 1a 19 15 06 05 12 11 fe 34

It's up to AP to select the challenge method, so what I can do is provide a patch with less allowed method(only TLS, TTLS, and PEAP) for you to test.

    
    

    
  


  
Sorry for the late update.

Force WPA-EAP use PEAP mode based on Android log, for test only.
Please test if this make WPA-EAP works with your AP.

If so, then the root cause of this bug is AP doesn't select correct challenge method.
This can be resolved by narrowing down allowed method of device, but this might not be nice.

        Attachment #738340 -
        Attachment is obsolete: true
Flags: needinfo?(sync-1)

    
    

    
  
I test it with your patch, it is ok.
Flags: needinfo?(sync-1)

    
    

    
  
Hi Chuck,

Based on your comment 7, it will remove 'WPA-EAP'.Could you tell me when will it be removed?

    
    

    
  
(In reply to rayren from comment #24)
> Hi Chuck,
> 
> Based on your comment 7, it will remove 'WPA-EAP'.Could you tell me when
> will it be removed?

It's now bug 869843, I'll do it ASAP.

    
    

    
  
(In reply to Chuck Lee [:chucklee] from comment #25)

> It's now bug 869843, I'll do it ASAP.

OK, Thanks very much.

    
    

    
  
The solution for this issue is applied in bug 868941.
Status: NEW → RESOLVED
Closed: 11 years ago
Resolution: --- → DUPLICATE

          You need to log in
          before you can comment on or make changes to this bug.
        






  

    
  







  

    

      
Attachment

      

      
      
      
      
    

    

      

        

          

            
General

            

              Creator: 



            

            
Created: 

            
Updated: 

            
Size: