Ask / Submit
14

ConnMan does not support setting up anonymous or outer EAP identity for WiFi WPA Enterprise [released]

asked 2014-01-16 10:04:15 +0300

updated 2014-02-13 00:04:45 +0300

In addition to that ConnMan does not support certificate detail validation ConnMan also lacks the configuration settings for setting inner and outer EAP identity separately.

This means that the user is not able to set the outer identity in WiFi roaming networks to be for example anonymous@organisation.fi to protect user's true inner identity.

This also means that if organisation's authentication server is configured to accept only username without realm (e.g. user instead of user@organisation.fi), the user cannot configure ConnMan properly for roaming networks. This is because ConnMan seems to copy the inner identity to outer without possibility to add realm for WiFi roaming routing.

edit retag flag offensive reopen delete

The question has been closed for the following reason "released in a software update" by nthn
close date 2017-03-06 13:59:58.632295

2 Answers

Sort by » oldest newest most voted
4

answered 2015-08-27 15:20:04 +0300

jgke gravatar image

This is supposedly fixed in upstream ConnMan, in commit 1d5429.

edit flag offensive delete publish link more

Comments

hopefully this filters through soon to sailfish.

GD ( 2015-08-27 16:49:13 +0300 )edit
1

Can't tell when.. but it is included in https://github.com/mer-packages/connman/pull/237.

tigeli ( 2015-08-29 00:04:42 +0300 )edit

If all goes well this is included in the update after the update after 1.1.9.x.

tigeli ( 2015-09-10 23:42:00 +0300 )edit

so if I want to use this feature I will finally have to say goodbye to SfOS 1 :(

tad ( 2015-11-06 10:41:42 +0300 )edit
2

answered 2014-01-16 10:06:37 +0300

The solution is of course to ConnMan or Jolla to add configuration of inner and outer EAP identity to ConnMan. There are of course some other solutions also documented here.

edit flag offensive delete publish link more

Comments

3

it seemed the patched chromium connman has it and alot more https://chromium.googlesource.com/chromiumos/platform/cros/+/factory-1020.B/chromeos_network_deprecated.cc

chemist ( 2014-01-16 13:52:18 +0300 )edit

@chemist good tip

Karri Huhtanen ( 2014-01-16 14:24:55 +0300 )edit
1

@chemist getting their enhancements to upstream would be even better...

tad ( 2015-06-03 14:12:44 +0300 )edit

Question tools

Follow
5 followers

Stats

Asked: 2014-01-16 10:04:15 +0300

Seen: 1,102 times

Last updated: Aug 27 '15