wpa_supplicant: DH prime sent by server is too short
Philip M. White
pmw
Thu Nov 6 09:10:13 PST 2008
I've been using wpa_supplicant 0.5.7 at my university (with EAP-PEAP) with few
minor problems. My laptop has an Intel 4965 wireless adapter, and I'm using
the latest iwlwifi firmware with kernel 2.6.27. After upgrading to
wpa_supplicant 0.6.4, I'm no longer able to complete the 802.1x authentication
at all.
I've captured the output in debug mode:
http://www.qnan.org/~pmw/bug_reports/wpa_supplicant/0.6.4-utdallas.out
Seemingly the most important lines are 239-240:
tls_connection_handshake - gnutls_handshake failed -> The Diffie Hellman prime sent by the server is not acceptable (not long enough).
EAP: method process -> ignore=FALSE methodState=MAY_CONT decision=FAIL
This is my configuration:
eapol_version=2
ap_scan=1
fast_reauth=1
network={
ssid="UTDALLAS"
key_mgmt=IEEE8021X
auth_alg=OPEN
eap=PEAP
identity="pmw033000"
password="********"
phase2="auth=MSCHAPV2"
priority=0
}
I've tried with and without a "ca_cert" directive.
--
Philip
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 2317 bytes
Desc: not available
Url : http://lists.shmoo.com/pipermail/hostap/attachments/20081106/eb168739/attachment.bin
More information about the Hostap
mailing list