Update 4. It's fixed now. There are two fixes:
1. XpressConnect wants ubuntu and checks for it via /etc/lsb-release, a file that doesn't exist on debian. Set it up to pretend that you're using ubuntu, and XpressConnect works.
2. Just configure the network connection manually. This is by far the easiest, as long as you know the settings.
Either way you'll need
network-manager,
lshw and
wireless-tools in order to use XpressConnect. See towards the end of the post for more details.
Presumably this should work on
any distro (e.g. arch, centos, rhel, sles), not just debian.
Update 3: Someone at Swinburne managed to connect to the Wifi without using XpressConnect by simply manually configuring the network:
http://forums.debian.net/viewtopic.php?f=10&t=103387&p=494412#p494145
Original post:
Until a few days ago I'd never heard of XpressConnect before, but apparently it's a program that sets up your wireless connection automatically, and is used by a number of universities (
http://lmgtfy.com/?q=xpressconnect+site%3A*.edu)
In short, it works on Ubuntu (32 bit 10.04 lts) but not Debian (64 bit wheezy, 32 or 64 bit squeeze). Note that Ubuntu 10.04 has Gnome 2, as does Squeeze. Wheezy has Gnome 3.
Description
You don't need to be anywhere near a uni network to reproduce the issue -- anyone, with or without a wireless card, can test it.
Note: I generated the logs with a copy of XpressConnect downloaded from Swinburne, not the generic version -- hence why it says swinwifi etc.
On debaian, first make sure to install lshw and wireless-tools, and to add /sbin to path in the terminal you're using.
sudo apt-get install lshw wireless-tools
export PATH=$PATH:/sbin
The 'installation' is simple
cd ~/Downloads
wget http://hosted.cloudpath.net/Xavier/Production/tools/XpressConnect-Linux.tar
tar xvf XpressConnect-Linux.tar
./XpressConnect-DoubleClickToRun
Will download x64 version...
--2013-04-18 21:11:16-- http://hosted.cloudpath.net/Xavier/Production//tools/XpressConnect-x64.tar.bz2
Resolving hosted.cloudpath.net (hosted.cloudpath.net)... 72.18.151.75
Connecting to hosted.cloudpath.net (hosted.cloudpath.net)|72.18.151.75|:80... connected.
HTTP request sent, awaiting response... 200 OK
Length: 6266475 (6.0M) [application/x-bzip2]
Saving to: `/tmp/XpressConnect-x64.tar.bz2'
100%[==============================================================================================================================>] 6,266,475 780K/s in 10s
2013-04-18 21:11:27 (600 KB/s) - `/tmp/XpressConnect-x64.tar.bz2' saved [6266475/6266475]
files
files/logo.jpg
network_config.xml
resources.properties
XpressConnect-x64
XpressConnect-DoubleClickToRun is a simple shell script that determines whether system is 32 or 64 bit, downloads a tar file to
/tmp, untars it and launches a pre-compiled binary,
XpressConnect-x64.
You can also launch XpressConnect-x64 directly by going to /tmp and running it.
Anyway,
XpressConnect-x64 then makes sure that you have
network-manager running, and tries to determine what your network card is. Based on this,
/tmp/netdata.txt is generated. Once this is done,
XpressConnect allows you to enter your credentials and sets up your network connection.
Well, that's what happens if you use ubuntu. On Debian (or Arch) you get an error message about 'network configuration' missing.
Delving a bit deeper into it, the binary fails to generate the netdata.txt on debian (and arch), and it seems to have to do with network-manager (or dbus, possibly).
The logs:
XpressConnect-x64 generates a log file (/tmp/xpressconnect.log).
On ubuntu it looks like this:
Looking for id : 266
Looking for id : 259
Setting start page.
Moving to widget 0.
Loading configuration page.
Starting configuration parse thread.
Acquire processing lock.
Building NIC data.
Starting configuration parser.
Validating checksum.
Checking license.
License validation checked out properly.
Today is : 04/19/2013
License expires :
The date validation checked out properly.
Checking for valid networks for this platform.
Only one network configuration found. Auto-selecting it.
Auto-selected network 'swinwifi'.
Interface : /org/freedesktop/NetworkManager/Devices/0 is in state 8
Interface : /org/freedesktop/NetworkManager/Devices/1 is in state 3
There were no interfaces found that could be autodetected for use. Checking that there are interfaces of the correct type available.
Found 1 possible interface(s).
Selected interface with object path of /org/freedesktop/NetworkManager/Devices/1
Int type : 2
Set profile index : 11
Going to page 3
Config parser terminated.
Set 'static' window labels.
---- Gathering Data ----
Parsing OS information...
Checking OS bit depth.
OS bits info : i686
OS is 32 bits.
Checking hardware information.
Looking for extra NIC data.
Found driver name for 'wlan0' from DBus.
- Driver : rtl8187
Couldn't get capabilities from DBus, trying the hard way.
Attempting to release lock.
Release processing lock.
Set welcome banners.
Using DBus UUID for client ID.
Using DBus UUID for client ID.
Client ID : f3af3f95c2229c756e98556050ed0cc4
Session ID : 6980532961366355275
Upload value (1) : 0
Moving to widget 3.
And on Debian:
Looking for id : 266
Looking for id : 259
Setting start page.
Moving to widget 0.
Loading configuration page.
Starting configuration parse thread.
Acquire processing lock.
Building NIC data.
Starting configuration parser.
Validating checksum.
Checking license.
License validation checked out properly.
Today is : 04/22/2013
License expires :
The date validation checked out properly.
Checking for valid networks for this platform.
No valid networks found in the configuration.
Config parser terminated.
Failed to parse configuration.
Set 'static' window labels.
---- Gathering Data ----
Parsing OS information...
Checking OS bit depth.
OS bits info : x86_64
OS is 64 bits.
Checking hardware information.
Looking for extra NIC data.
Found driver name for 'wlan0' from DBus.
- Driver : rtl8187
Couldn't get capabilities from DBus, trying the hard way.
Attempting to release lock.
Release processing lock.
Set welcome banners.
Using DBus UUID for client ID.
Using DBus UUID for client ID.
Client ID : fe88ef3cf6716df910e7fa570000000b
Session ID : 13542037211366584788
Moving to widget 9.
User clicked 'Retry' on the bad config widget.
Moving to widget 1.
Selected network 'swinwifi'.
Going to page 9
Adding page 1
Moving to widget 9.
The
platform bit bothers me -- is it checking for ubuntu vs other distros?
XpressConnect then generates a file called
/tmp/netdata.txt:
*-network
description: Ethernet interface
product: 82540EM Gigabit Ethernet Controller
vendor: Intel Corporation
physical id: 3
bus info: pci@0000:00:03.0
logical name: eth0
version: 02
serial: 08:00:27:53:23:4c
width: 32 bits
clock: 66MHz
capabilities: bus_master cap_list ethernet physical
configuration: broadcast=yes driver=e1000 driverversion=7.3.21-k5-NAPI firmware=N/A ip=10.0.2.15 latency=64 mingnt=255 multicast=yes
resources: irq:10 memory:f0000000-f001ffff ioport:d010(size=8)
*-network
description: Wireless interface
physical id: 1
logical name: wlan0
serial: 00:11:a3:08:12:1d
capabilities: ethernet physical wireless
configuration: broadcast=yes multicast=yes wireless=IEEE 802.11bg
I also did a strace on both ubuntu and debian, but strace generates a lot of information. A major difference I observed was the presence of CLOCK_MONOTONIC in the ubuntu log, but this is to synchronize for the CA certificate (or something -- I don't know what I'm talking about). Anyway, it probably just indicates what we already know -- the binary doesn't detect the card on debian but it does on ubuntu.
ldd XpressConnect-x64 gives the following on ubuntu (32 bit):
linux-gate.so.1 => (0x006a3000)
libdbus-1.so.3 => /lib/libdbus-1.so.3 (0x007b3000)
libXrender.so.1 => /usr/lib/libXrender.so.1 (0x00c8b000)
libfontconfig.so.1 => /usr/lib/libfontconfig.so.1 (0x008b8000)
libfreetype.so.6 => /usr/lib/libfreetype.so.6 (0x00da4000)
libXext.so.6 => /usr/lib/libXext.so.6 (0x00225000)
libX11.so.6 => /usr/lib/libX11.so.6 (0x00480000)
libz.so.1 => /lib/libz.so.1 (0x00110000)
libdl.so.2 => /lib/tls/i686/cmov/libdl.so.2 (0x00125000)
librt.so.1 => /lib/tls/i686/cmov/librt.so.1 (0x00665000)
libpthread.so.0 => /lib/tls/i686/cmov/libpthread.so.0 (0x006f2000)
libstdc++.so.6 => /usr/lib/libstdc++.so.6 (0x00ac3000)
libm.so.6 => /lib/tls/i686/cmov/libm.so.6 (0x002d8000)
libgcc_s.so.1 => /lib/libgcc_s.so.1 (0x00129000)
libc.so.6 => /lib/tls/i686/cmov/libc.so.6 (0x002fe000)
libexpat.so.1 => /lib/libexpat.so.1 (0x00148000)
libxcb.so.1 => /usr/lib/libxcb.so.1 (0x00a12000)
/lib/ld-linux.so.2 (0x00637000)
libXau.so.6 => /usr/lib/libXau.so.6 (0x00c7a000)
libXdmcp.so.6 => /usr/lib/libXdmcp.so.6 (0x0096f000)
and this on debian (64 bit):
linux-vdso.so.1 => (0x00007fff50dfb000)
libdbus-1.so.3 => /lib/libdbus-1.so.3 (0x00007f2bbb807000)
libXrender.so.1 => /usr/lib/libXrender.so.1 (0x00007f2bbb5fd000)
libfontconfig.so.1 => /usr/lib/libfontconfig.so.1 (0x00007f2bbb3c7000)
libfreetype.so.6 => /usr/lib/libfreetype.so.6 (0x00007f2bbb13f000)
libXext.so.6 => /usr/lib/libXext.so.6 (0x00007f2bbaf2d000)
libX11.so.6 => /usr/lib/libX11.so.6 (0x00007f2bbabf1000)
libz.so.1 => /usr/lib/libz.so.1 (0x00007f2bba9da000)
libdl.so.2 => /lib/libdl.so.2 (0x00007f2bba7d6000)
librt.so.1 => /lib/librt.so.1 (0x00007f2bba5cd000)
libpthread.so.0 => /lib/libpthread.so.0 (0x00007f2bba3b1000)
libstdc++.so.6 => /usr/lib/libstdc++.so.6 (0x00007f2bba09d000)
libm.so.6 => /lib/libm.so.6 (0x00007f2bb9e1a000)
libgcc_s.so.1 => /lib/libgcc_s.so.1 (0x00007f2bb9c04000)
libc.so.6 => /lib/libc.so.6 (0x00007f2bb98a2000)
libexpat.so.1 => /usr/lib/libexpat.so.1 (0x00007f2bb9679000)
libxcb.so.1 => /usr/lib/libxcb.so.1 (0x00007f2bb945d000)
/lib64/ld-linux-x86-64.so.2 (0x00007f2bbba58000)
libXau.so.6 => /usr/lib/libXau.so.6 (0x00007f2bb9259000)
libXdmcp.so.6 => /usr/lib/libXdmcp.so.6 (0x00007f2bb9054000)
Evidence of evil and a fix
The evidence
Here's a snippet of the strace output from ubuntu
2200 write(8, "The date validation checked out "..., 42) = 42
2200 write(8, "Checking for valid networks for "..., 47) = 47
2200 open("/etc/lsb-release", O_RDONLY|O_LARGEFILE) = 15
2200 read(15, "DISTRIB_ID=Ubuntu\nDISTRIB_RELEAS"..., 8191) = 104
2200 read(15, "", 8191) = 0
2200 close(15)
and here's Debian:
3079 write(8, "The date validation checked out "..., 42) = 42
3079 write(8, "Checking for valid networks for "..., 47) = 47
3079 open("/etc/lsb-release", O_RDONLY) = -1 ENOENT (No such file or directory)
3079 open("/etc/lsb-release", O_RDONLY) = -1 ENOENT (No such file or directory)
3079 open("/etc/lsb-release", O_RDONLY) = -1 ENOENT (No such file or directory)
3079 open("/etc/lsb-release", O_RDONLY) = -1 ENOENT (No such file or directory)
3079 open("/etc/lsb-release", O_RDONLY) = -1 ENOENT (No such file or directory)
3079 open("/etc/lsb-release", O_RDONLY) = -1 ENOENT (No such file or directory)
3079 open("/etc/lsb-release", O_RDONLY) = -1 ENOENT (No such file or directory)
3079 open("/etc/lsb-release", O_RDONLY) = -1 ENOENT (No such file or directory)
3079 open("/etc/lsb-release", O_RDONLY) = -1 ENOENT (No such file or directory)
3079 open("/etc/lsb-release", O_RDONLY) = -1 ENOENT (No such file or directory)
3079 open("/etc/lsb-release", O_RDONLY) = -1 ENOENT (No such file or directory)
3079 open("/etc/lsb-release", O_RDONLY) = -1 ENOENT (No such file or directory)
3079 open("/etc/lsb-release", O_RDONLY) = -1 ENOENT (No such file or directory)
3079 open("/etc/lsb-release", O_RDONLY) = -1 ENOENT (No such file or directory)
3079 open("/etc/lsb-release", O_RDONLY) = -1 ENOENT (No such file or directory)
3079 open("/etc/lsb-release", O_RDONLY) = -1 ENOENT (No such file or directory)
3079 open("/etc/lsb-release", O_RDONLY) = -1 ENOENT (No such file or directory)
3079 write(8, "No valid networks found in the c"..., 46) = 46
3079 close(11)
The
evil is that it's highly misleading -- it's not checking for valid networks, it's checking whether you've got ubuntu. And it didn't fail to find a valid network -- it failed to find /etc/lsb-release.
Here's /etc/lsb-release from ubuntu
DISTRIB_ID=Ubuntu
DISTRIB_RELEASE=10.04
DISTRIB_CODENAME=lucid
DISTRIB_DESCRIPTION="Ubuntu 10.04.4 LTS"
The fix
Debian doesn't have an lsb-release file, so I simply copied the
/etc/lsb-release file from ubuntu to debian. Guess what?
XpressConnect now works on debian!
And no, having an empty /etc/lsb-release file doesn't work. Also, editing it (replacing 'ubuntu' with 'debian') also causes XpressConnect to stop working.
Another 'fix' -- manual Configuration:
XpressConnect does not do more than set up your wireless connection
i.e. sets the required settings and installs the CA certificate for your particular network. In other words, you can just manually configure your network and you'll probably be fine.
Unfortunately,
I haven't found a URL for the CA cert for Swinburne, which is the example that I'm working with (based on a forum post)
I managed to extract most of that by running it in an ubuntu VM. Note that I am nowhere near Swinburne, not staff/a student there and actually can't test this to completion.
|
ubuntu -- apparently it's no longer brown... |
The settings are:
Security: WPA & WPA2 Enterprise
Authentication: Tunneled TLS
Anonymous identity: anonymous
CA certificate: swinwifi.der
Inner authentication: PAP
Username: ***@swinburne.edu
Pasword: ******
You'll need swinwifi.der. Because it is in binary I can't easily post it. However, you can generate it from the .pem file which is in ascii armour:
-----BEGIN CERTIFICATE-----
MIID9zCCA2CgAwIBAgIBADANBgkqhkiG9w0BAQQFADCBtDELMAkGA1UEBhMCQVUx
ETAPBgNVBAgTCFZpY3RvcmlhMRIwEAYDVQQHEwlNZWxib3VybmUxKzApBgNVBAoT
IlN3aW5idXJuZSBVbml2ZXJzaXR5IG9mIFRlY2hub2xvZ3kxDDAKBgNVBAsTA0lU
UzEeMBwGA1UEAxMVcmFkaXVzLmNjLnN3aW4uZWR1LmF1MSMwIQYJKoZIhvcNAQkB
FhRuZXR3b3Jrc0Bzd2luLmVkdS5hdTAeFw0wNzAxMTcwMzU3MDVaFw0xNzAxMTQw
MzU3MDVaMIG0MQswCQYDVQQGEwJBVTERMA8GA1UECBMIVmljdG9yaWExEjAQBgNV
BAcTCU1lbGJvdXJuZTErMCkGA1UEChMiU3dpbmJ1cm5lIFVuaXZlcnNpdHkgb2Yg
VGVjaG5vbG9neTEMMAoGA1UECxMDSVRTMR4wHAYDVQQDExVyYWRpdXMuY2Muc3dp
bi5lZHUuYXUxIzAhBgkqhkiG9w0BCQEWFG5ldHdvcmtzQHN3aW4uZWR1LmF1MIGf
MA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDGwvfVz2DnKxFMYTG1k0QklSHC7vk5
kjIiDkdU3sRTdQ07cQUOI/8wFN4zZXowEz0DwlO1o/YWaZqw27EP85cp9XBndwRK
ZZpIv57zrxo8nxJV/mKBpOM7MHpkclju20XoEtrQ7FwTHPbWaaKmSuaMVitWcFVg
C3CIYkvQn9pozQIDAQABo4IBFTCCAREwHQYDVR0OBBYEFEo9WNtNMY7jUvvASrE9
Z/OdaeU9MIHhBgNVHSMEgdkwgdaAFEo9WNtNMY7jUvvASrE9Z/OdaeU9oYG6pIG3
MIG0MQswCQYDVQQGEwJBVTERMA8GA1UECBMIVmljdG9yaWExEjAQBgNVBAcTCU1l
bGJvdXJuZTErMCkGA1UEChMiU3dpbmJ1cm5lIFVuaXZlcnNpdHkgb2YgVGVjaG5v
bG9neTEMMAoGA1UECxMDSVRTMR4wHAYDVQQDExVyYWRpdXMuY2Muc3dpbi5lZHUu
YXUxIzAhBgkqhkiG9w0BCQEWFG5ldHdvcmtzQHN3aW4uZWR1LmF1ggEAMAwGA1Ud
EwQFMAMBAf8wDQYJKoZIhvcNAQEEBQADgYEASFZ/5oRvTpgs0yQmdXxczUvJhUam
5KTP8MAb8owh1v65VkBFXLdJ27THEDt0SX3ZzwlYIvKcVMoiJcXjE6uLgZPI4AZv
7ogHIU5TOvQsYXWNeCqQMqOTnZtVQPvZmOcHcM1aqiBCAVX3YhIU1S04SccYdKBA
PaggsSjsagqoZvA=
-----END CERTIFICATE-----
openssl x509 -in swinwifi.pem -out swinwifi.der -outform DER
Put it in the folder
~/.certificates.
The md5sum should be
11843b7d38bc0b024e8356f11d4d7c42 swinwifi.der
I've also tried that java version of xpress connect.
Finally, do NOT as a rule download certificates from third parties! How can you trust that my intentions are good? At the moment you're choice is between trusting me and Shuttleworth though...
Why bother?
Because an increasing number of university networks have adopted this -- frankly broken -- piece of software, I think it's of some interest to users of other distros to investigate whether there are any simple solutions. This in particular since not all uni networks have instructions for manual configuration anymore. Besides, a challenge is a challenge.