| Summary: |
drakx-net does not configure WPA Enterprise connections correctly. |
| Product: |
[ROSA-based products] ROSA Fresh
|
Reporter: |
Zombie Ryushu <zombie.ryushu> |
| Component: |
-Enter Bugs Here- | Assignee: |
Desktop Triage Team <triage-desktop> |
| Status: |
RESOLVED
INVALID
|
QA Contact: |
Desktop Triage Team <triage-desktop> |
| Severity: |
normal
|
|
|
| Priority: |
Normal
|
CC: |
a.ivanov, denis.silakov
|
| Version: |
Fresh | |
|
| Target Milestone: |
--- | |
|
| Hardware: |
All | |
|
| OS: |
Linux | |
|
| Whiteboard: |
|
|
Platform:
|
---
|
ROSA Vulnerability identifier:
|
|
|---|
|
RPM Package:
|
drakxtools
|
ISO-related:
|
|
|---|
|
Bad POT generating:
|
|
Upstream:
|
|
|---|
| Attachments: |
WPA Supplicant Patch.
|
Created attachment 3777 [details] WPA Supplicant Patch. Description of problem: When using mcc to configure WPA Enterprise connections the following occurs: 1. If a user enters a private key password it is shown on screen. This is inconvenient, as a unprivileged user could see the password as it's being typed in or copied. Considering that mcc hides the other passwords, it may as well hide this one. (Consistency.) 2. If a user configures the following: Private key, Private key password, or a CA cert they are not saved as strings in /etc/wpa_supplicant.conf. This means that the connection will not come up as wpa_supplicant will not parse the private key password, or the paths correctly, and will not load them as a result. I'm attaching a patch that fixes the above. How reproducible: Always. Steps to Reproduce: 1. Open mcc 2. Try to configure a WPA Enterprise network. 3. Watch the connection not come up. (And the password has been exposed.) This is part of the initiative to support FreeRadius, Samba 4, and OpenLDAP based applications better. For that reason, this is being CCed to the Samba 4 Maintainer working on both Samba 4 and OpenLDAP.