Showing posts with label xpressconnect. Show all posts
Showing posts with label xpressconnect. Show all posts

29 April 2013

400. XpressConnect on Debian, Arch: step by step

Here's a step-by-step write-up of this post: http://verahill.blogspot.com.au/2013/04/393-not-fix-xpressconnect-on-ubuntu-vs.html

The 'problem' with running Xpress Connect on non-Ubuntu linux distributions is entirely artificial -- XpressConnect checks whether you are using Ubuntu, and if you're not, it refuses to run.

So the solution is simply to pretend that you are using ubuntu, however annoying that is. I wish universities would take this into account and end their association with Cloudpath, or to force them to support other distributions.

Note: XpressConnect is completely superfluous -- it doesn't do anything other than set up your wireless connection, which is something you could easily do by hand. See e.g. here for eduroam: http://verahill.blogspot.com.au/2013/04/394-eduroam-using-wicd-and-network.html

How-to get XpressConnect running
1. Create the file /etc/lsb-release and put the following in it

DISTRIB_ID=Ubuntu
DISTRIB_RELEASE=10.04
DISTRIB_CODENAME=lucid
DISTRIB_DESCRIPTION="Ubuntu 10.04.4 LTS"
If you are completely new to linux, one way of creating the file is to run
gksu gedit /etc/lsb-release

Alternatively, if you're not using gnome, try 
sudo nano /etc/lsb-release

2. Install lshw and iwlist

On debian (and clones like mint, ubuntu etc.): 
sudo apt-get install lshw wireless-tools

On arch linux
sudo pacman -S lshw wireless_tools

3. Run XpressConnect
This is the vanilla version -- replace http://hosted.cloudpath.net/Xavier/Production/tools/XpressConnect-Linux.tar with the link to your universities version. 

cd ~/Downloads
wget http://hosted.cloudpath.net/Xavier/Production/tools/XpressConnect-Linux.tar
tar xvf XpressConnect-Linux.tar
./XpressConnect-DoubleClickToRun

That's it. Simple as that.
Posted by at No comments:
Labels: , ,

20 April 2013

393. Solved: XpressConnect on Ubuntu vs Debian. Extra focus on Swinburne university (AU/Melbourne)

Update 4. It's fixed now. There are two fixes:
1. XpressConnect wants ubuntu and checks for it via /etc/lsb-release, a file that doesn't exist on debian. Set it up to pretend that you're using ubuntu, and XpressConnect works.
2. Just configure the network connection manually. This is by far the easiest, as long as you know the settings.

Either way you'll need network-manager, lshw and wireless-tools in order to use XpressConnect. See towards the end of the post for more details.

Presumably this should work on any distro (e.g. arch, centos, rhel, sles), not just debian.

Update 3: Someone at Swinburne managed to connect to the Wifi without using XpressConnect by simply manually configuring the network: http://forums.debian.net/viewtopic.php?f=10&t=103387&p=494412#p494145

Original post:

Until a few days ago I'd never heard of XpressConnect before, but apparently it's a program that sets up your wireless connection automatically, and is used by a number of universities ( http://lmgtfy.com/?q=xpressconnect+site%3A*.edu)

In short, it works on Ubuntu (32 bit 10.04 lts) but not Debian (64 bit wheezy, 32 or 64 bit squeeze). Note that Ubuntu 10.04 has Gnome 2, as does Squeeze. Wheezy has Gnome 3.

Description
You don't need to be anywhere near a uni network to reproduce the issue -- anyone, with or without a wireless card, can test it.

Note: I generated the logs with a copy of XpressConnect downloaded from Swinburne, not the generic version -- hence why it says swinwifi etc.

On debaian, first make sure to install lshw and wireless-tools, and to add /sbin to path in the terminal you're using.
sudo apt-get install lshw wireless-tools
export PATH=$PATH:/sbin

The 'installation' is simple 
cd ~/Downloads
wget http://hosted.cloudpath.net/Xavier/Production/tools/XpressConnect-Linux.tar
tar xvf XpressConnect-Linux.tar
./XpressConnect-DoubleClickToRun 


Will download x64 version...
--2013-04-18 21:11:16--  http://hosted.cloudpath.net/Xavier/Production//tools/XpressConnect-x64.tar.bz2
Resolving hosted.cloudpath.net (hosted.cloudpath.net)... 72.18.151.75
Connecting to hosted.cloudpath.net (hosted.cloudpath.net)|72.18.151.75|:80... connected.
HTTP request sent, awaiting response... 200 OK
Length: 6266475 (6.0M) [application/x-bzip2]
Saving to: `/tmp/XpressConnect-x64.tar.bz2'

100%[==============================================================================================================================>] 6,266,475    780K/s   in 10s     

2013-04-18 21:11:27 (600 KB/s) - `/tmp/XpressConnect-x64.tar.bz2' saved [6266475/6266475]

files
files/logo.jpg
network_config.xml
resources.properties
XpressConnect-x64

XpressConnect-DoubleClickToRun is a simple shell script that determines whether system is 32 or 64 bit, downloads a tar file to /tmp, untars it and launches a pre-compiled binary, XpressConnect-x64.
You can also launch XpressConnect-x64 directly by going to /tmp and running it.

Anyway, XpressConnect-x64 then makes sure that you have network-manager running, and tries to determine what your network card is. Based on this, /tmp/netdata.txt is generated. Once this is done, XpressConnect allows you to enter your credentials and sets up your network connection.
Well, that's what happens if you use ubuntu. On Debian (or Arch) you get an error message about 'network configuration' missing.

Delving a bit deeper into it, the binary fails to generate the netdata.txt on debian (and arch), and it seems to have to do with network-manager (or dbus, possibly).

The logs:
XpressConnect-x64 generates a log file (/tmp/xpressconnect.log).

On ubuntu it looks like this: 

Looking for id : 266
Looking for id : 259
Setting start page.
Moving to widget 0.
Loading configuration page.
Starting configuration parse thread.
Acquire processing lock.
Building NIC data.
Starting configuration parser.
Validating checksum.
Checking license.
License validation checked out properly.
Today is : 04/19/2013
License expires : 
The date validation checked out properly.
Checking for valid networks for this platform.
Only one network configuration found.  Auto-selecting it.
Auto-selected network 'swinwifi'.
Interface : /org/freedesktop/NetworkManager/Devices/0 is in state 8
Interface : /org/freedesktop/NetworkManager/Devices/1 is in state 3
There were no interfaces found that could be autodetected for use.  Checking that there are interfaces of the correct type available.
Found 1 possible interface(s).
Selected interface with object path of /org/freedesktop/NetworkManager/Devices/1
Int type : 2

Set profile index : 11

Going to page 3
Config parser terminated.
Set 'static' window labels.
---- Gathering Data ----
Parsing OS information...
Checking OS bit depth.
OS bits info : i686

OS is 32 bits.
Checking hardware information.
Looking for extra NIC data.
Found driver name for 'wlan0' from DBus.
   - Driver : rtl8187
Couldn't get capabilities from DBus, trying the hard way.
Attempting to release lock.
Release processing lock.
Set welcome banners.
Using DBus UUID for client ID.
Using DBus UUID for client ID.
Client ID : f3af3f95c2229c756e98556050ed0cc4
Session ID : 6980532961366355275
Upload value (1) : 0
Moving to widget 3.
And on Debian:

Looking for id : 266
Looking for id : 259
Setting start page.
Moving to widget 0.
Loading configuration page.
Starting configuration parse thread.
Acquire processing lock.
Building NIC data.
Starting configuration parser.
Validating checksum.
Checking license.
License validation checked out properly.
Today is : 04/22/2013
License expires : 
The date validation checked out properly.
Checking for valid networks for this platform.
No valid networks found in the configuration.
Config parser terminated.
Failed to parse configuration.
Set 'static' window labels.
---- Gathering Data ----
Parsing OS information...
Checking OS bit depth.
OS bits info : x86_64

OS is 64 bits.
Checking hardware information.
Looking for extra NIC data.
Found driver name for 'wlan0' from DBus.
   - Driver : rtl8187
Couldn't get capabilities from DBus, trying the hard way.
Attempting to release lock.
Release processing lock.
Set welcome banners.
Using DBus UUID for client ID.
Using DBus UUID for client ID.
Client ID : fe88ef3cf6716df910e7fa570000000b
Session ID : 13542037211366584788
Moving to widget 9.
User clicked 'Retry' on the bad config widget.
Moving to widget 1.
Selected network 'swinwifi'.
Going to page 9
Adding page 1
Moving to widget 9.
The platform bit bothers me -- is it checking for ubuntu vs other distros?

XpressConnect then generates a file called /tmp/netdata.txt: 

*-network
       description: Ethernet interface
       product: 82540EM Gigabit Ethernet Controller
       vendor: Intel Corporation
       physical id: 3
       bus info: pci@0000:00:03.0
       logical name: eth0
       version: 02
       serial: 08:00:27:53:23:4c
       width: 32 bits
       clock: 66MHz
       capabilities: bus_master cap_list ethernet physical
       configuration: broadcast=yes driver=e1000 driverversion=7.3.21-k5-NAPI firmware=N/A ip=10.0.2.15 latency=64 mingnt=255 multicast=yes
       resources: irq:10 memory:f0000000-f001ffff ioport:d010(size=8)
  *-network
       description: Wireless interface
       physical id: 1
       logical name: wlan0
       serial: 00:11:a3:08:12:1d
       capabilities: ethernet physical wireless
       configuration: broadcast=yes multicast=yes wireless=IEEE 802.11bg

I also did a strace on both ubuntu and debian, but strace generates a lot of information. A major difference I observed was the presence of CLOCK_MONOTONIC in the ubuntu log, but this is to synchronize for the CA certificate (or something -- I don't know what I'm talking about). Anyway, it probably just indicates what we already know -- the binary doesn't detect the card on debian but it does on ubuntu.

ldd XpressConnect-x64 gives the following on ubuntu (32 bit):

linux-gate.so.1 =>  (0x006a3000)
 libdbus-1.so.3 => /lib/libdbus-1.so.3 (0x007b3000)
 libXrender.so.1 => /usr/lib/libXrender.so.1 (0x00c8b000)
 libfontconfig.so.1 => /usr/lib/libfontconfig.so.1 (0x008b8000)
 libfreetype.so.6 => /usr/lib/libfreetype.so.6 (0x00da4000)
 libXext.so.6 => /usr/lib/libXext.so.6 (0x00225000)
 libX11.so.6 => /usr/lib/libX11.so.6 (0x00480000)
 libz.so.1 => /lib/libz.so.1 (0x00110000)
 libdl.so.2 => /lib/tls/i686/cmov/libdl.so.2 (0x00125000)
 librt.so.1 => /lib/tls/i686/cmov/librt.so.1 (0x00665000)
 libpthread.so.0 => /lib/tls/i686/cmov/libpthread.so.0 (0x006f2000)
 libstdc++.so.6 => /usr/lib/libstdc++.so.6 (0x00ac3000)
 libm.so.6 => /lib/tls/i686/cmov/libm.so.6 (0x002d8000)
 libgcc_s.so.1 => /lib/libgcc_s.so.1 (0x00129000)
 libc.so.6 => /lib/tls/i686/cmov/libc.so.6 (0x002fe000)
 libexpat.so.1 => /lib/libexpat.so.1 (0x00148000)
 libxcb.so.1 => /usr/lib/libxcb.so.1 (0x00a12000)
 /lib/ld-linux.so.2 (0x00637000)
 libXau.so.6 => /usr/lib/libXau.so.6 (0x00c7a000)
 libXdmcp.so.6 => /usr/lib/libXdmcp.so.6 (0x0096f000)

and this on debian (64 bit):

linux-vdso.so.1 =>  (0x00007fff50dfb000)
 libdbus-1.so.3 => /lib/libdbus-1.so.3 (0x00007f2bbb807000)
 libXrender.so.1 => /usr/lib/libXrender.so.1 (0x00007f2bbb5fd000)
 libfontconfig.so.1 => /usr/lib/libfontconfig.so.1 (0x00007f2bbb3c7000)
 libfreetype.so.6 => /usr/lib/libfreetype.so.6 (0x00007f2bbb13f000)
 libXext.so.6 => /usr/lib/libXext.so.6 (0x00007f2bbaf2d000)
 libX11.so.6 => /usr/lib/libX11.so.6 (0x00007f2bbabf1000)
 libz.so.1 => /usr/lib/libz.so.1 (0x00007f2bba9da000)
 libdl.so.2 => /lib/libdl.so.2 (0x00007f2bba7d6000)
 librt.so.1 => /lib/librt.so.1 (0x00007f2bba5cd000)
 libpthread.so.0 => /lib/libpthread.so.0 (0x00007f2bba3b1000)
 libstdc++.so.6 => /usr/lib/libstdc++.so.6 (0x00007f2bba09d000)
 libm.so.6 => /lib/libm.so.6 (0x00007f2bb9e1a000)
 libgcc_s.so.1 => /lib/libgcc_s.so.1 (0x00007f2bb9c04000)
 libc.so.6 => /lib/libc.so.6 (0x00007f2bb98a2000)
 libexpat.so.1 => /usr/lib/libexpat.so.1 (0x00007f2bb9679000)
 libxcb.so.1 => /usr/lib/libxcb.so.1 (0x00007f2bb945d000)
 /lib64/ld-linux-x86-64.so.2 (0x00007f2bbba58000)
 libXau.so.6 => /usr/lib/libXau.so.6 (0x00007f2bb9259000)
 libXdmcp.so.6 => /usr/lib/libXdmcp.so.6 (0x00007f2bb9054000)
Evidence of evil and a fix

The evidence
Here's a snippet of the strace output from ubuntu 

2200  write(8, "The date validation checked out "..., 42) = 42
2200  write(8, "Checking for valid networks for "..., 47) = 47
2200  open("/etc/lsb-release", O_RDONLY|O_LARGEFILE) = 15
2200  read(15, "DISTRIB_ID=Ubuntu\nDISTRIB_RELEAS"..., 8191) = 104
2200  read(15, "", 8191)                = 0
2200  close(15)
and here's Debian: 

3079  write(8, "The date validation checked out "..., 42) = 42
3079  write(8, "Checking for valid networks for "..., 47) = 47
3079  open("/etc/lsb-release", O_RDONLY) = -1 ENOENT (No such file or directory)
3079  open("/etc/lsb-release", O_RDONLY) = -1 ENOENT (No such file or directory)
3079  open("/etc/lsb-release", O_RDONLY) = -1 ENOENT (No such file or directory)
3079  open("/etc/lsb-release", O_RDONLY) = -1 ENOENT (No such file or directory)
3079  open("/etc/lsb-release", O_RDONLY) = -1 ENOENT (No such file or directory)
3079  open("/etc/lsb-release", O_RDONLY) = -1 ENOENT (No such file or directory)
3079  open("/etc/lsb-release", O_RDONLY) = -1 ENOENT (No such file or directory)
3079  open("/etc/lsb-release", O_RDONLY) = -1 ENOENT (No such file or directory)
3079  open("/etc/lsb-release", O_RDONLY) = -1 ENOENT (No such file or directory)
3079  open("/etc/lsb-release", O_RDONLY) = -1 ENOENT (No such file or directory)
3079  open("/etc/lsb-release", O_RDONLY) = -1 ENOENT (No such file or directory)
3079  open("/etc/lsb-release", O_RDONLY) = -1 ENOENT (No such file or directory)
3079  open("/etc/lsb-release", O_RDONLY) = -1 ENOENT (No such file or directory)
3079  open("/etc/lsb-release", O_RDONLY) = -1 ENOENT (No such file or directory)
3079  open("/etc/lsb-release", O_RDONLY) = -1 ENOENT (No such file or directory)
3079  open("/etc/lsb-release", O_RDONLY) = -1 ENOENT (No such file or directory)
3079  open("/etc/lsb-release", O_RDONLY) = -1 ENOENT (No such file or directory)
3079  write(8, "No valid networks found in the c"..., 46) = 46
3079  close(11)

The evil is that it's highly misleading -- it's not checking for valid networks, it's checking whether you've got ubuntu. And it didn't fail to find a valid network -- it failed to find /etc/lsb-release.
Here's /etc/lsb-release from ubuntu 

DISTRIB_ID=Ubuntu
DISTRIB_RELEASE=10.04
DISTRIB_CODENAME=lucid
DISTRIB_DESCRIPTION="Ubuntu 10.04.4 LTS"

The fix
Debian doesn't have an lsb-release file, so I simply copied the /etc/lsb-release file from ubuntu to debian. Guess what? XpressConnect now works on debian!

And no, having an empty /etc/lsb-release file doesn't work. Also, editing it (replacing 'ubuntu' with 'debian') also causes XpressConnect to stop working.
Another 'fix' -- manual Configuration:
XpressConnect does not do more than set up your wireless connection i.e. sets the required settings and installs the CA certificate for your particular network. In other words, you can just manually configure your network and you'll probably be fine.

Unfortunately, I haven't found a URL for the CA cert for Swinburne, which is the example that I'm working with (based on a forum post)

I managed to extract most of that by running it in an ubuntu VM. Note that I am nowhere near Swinburne, not staff/a student there and actually can't test this to completion.
ubuntu -- apparently it's no longer brown...
The settings are:

Security: WPA & WPA2 Enterprise
Authentication: Tunneled TLS
Anonymous identity: anonymous
CA certificate: swinwifi.der
Inner authentication: PAP
Username: ***@swinburne.edu
Pasword: ******

You'll need swinwifi.der. Because it is in binary I can't easily post it. However, you can generate it from the .pem file which is in ascii armour: 

-----BEGIN CERTIFICATE-----
MIID9zCCA2CgAwIBAgIBADANBgkqhkiG9w0BAQQFADCBtDELMAkGA1UEBhMCQVUx
ETAPBgNVBAgTCFZpY3RvcmlhMRIwEAYDVQQHEwlNZWxib3VybmUxKzApBgNVBAoT
IlN3aW5idXJuZSBVbml2ZXJzaXR5IG9mIFRlY2hub2xvZ3kxDDAKBgNVBAsTA0lU
UzEeMBwGA1UEAxMVcmFkaXVzLmNjLnN3aW4uZWR1LmF1MSMwIQYJKoZIhvcNAQkB
FhRuZXR3b3Jrc0Bzd2luLmVkdS5hdTAeFw0wNzAxMTcwMzU3MDVaFw0xNzAxMTQw
MzU3MDVaMIG0MQswCQYDVQQGEwJBVTERMA8GA1UECBMIVmljdG9yaWExEjAQBgNV
BAcTCU1lbGJvdXJuZTErMCkGA1UEChMiU3dpbmJ1cm5lIFVuaXZlcnNpdHkgb2Yg
VGVjaG5vbG9neTEMMAoGA1UECxMDSVRTMR4wHAYDVQQDExVyYWRpdXMuY2Muc3dp
bi5lZHUuYXUxIzAhBgkqhkiG9w0BCQEWFG5ldHdvcmtzQHN3aW4uZWR1LmF1MIGf
MA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDGwvfVz2DnKxFMYTG1k0QklSHC7vk5
kjIiDkdU3sRTdQ07cQUOI/8wFN4zZXowEz0DwlO1o/YWaZqw27EP85cp9XBndwRK
ZZpIv57zrxo8nxJV/mKBpOM7MHpkclju20XoEtrQ7FwTHPbWaaKmSuaMVitWcFVg
C3CIYkvQn9pozQIDAQABo4IBFTCCAREwHQYDVR0OBBYEFEo9WNtNMY7jUvvASrE9
Z/OdaeU9MIHhBgNVHSMEgdkwgdaAFEo9WNtNMY7jUvvASrE9Z/OdaeU9oYG6pIG3
MIG0MQswCQYDVQQGEwJBVTERMA8GA1UECBMIVmljdG9yaWExEjAQBgNVBAcTCU1l
bGJvdXJuZTErMCkGA1UEChMiU3dpbmJ1cm5lIFVuaXZlcnNpdHkgb2YgVGVjaG5v
bG9neTEMMAoGA1UECxMDSVRTMR4wHAYDVQQDExVyYWRpdXMuY2Muc3dpbi5lZHUu
YXUxIzAhBgkqhkiG9w0BCQEWFG5ldHdvcmtzQHN3aW4uZWR1LmF1ggEAMAwGA1Ud
EwQFMAMBAf8wDQYJKoZIhvcNAQEEBQADgYEASFZ/5oRvTpgs0yQmdXxczUvJhUam
5KTP8MAb8owh1v65VkBFXLdJ27THEDt0SX3ZzwlYIvKcVMoiJcXjE6uLgZPI4AZv
7ogHIU5TOvQsYXWNeCqQMqOTnZtVQPvZmOcHcM1aqiBCAVX3YhIU1S04SccYdKBA
PaggsSjsagqoZvA=
-----END CERTIFICATE-----




openssl x509 -in swinwifi.pem -out swinwifi.der -outform DER

Put it in the folder ~/.certificates.

The md5sum should be 

11843b7d38bc0b024e8356f11d4d7c42  swinwifi.der
I've also tried that java version of xpress connect.

Finally, do NOT as a rule download certificates from third parties! How can you trust that my intentions are good? At the moment you're choice is between trusting me and Shuttleworth though...


Why bother?
Because an increasing number of university networks have adopted this -- frankly broken -- piece of software, I think it's of some interest to users of other distros to investigate whether there are any simple solutions. This in particular since not all uni networks have instructions for manual configuration anymore. Besides, a challenge is a challenge.
Posted by at 1 comment:
Labels: , ,
Subscribe to: Posts (Atom)