Re: Thinking about writing something I'm calling wifid

[Bryan Everly]

Hi everyone,

I'm looking for feedback before I burn time on this project so please 
let me know what you think.


I'm thinking about building a daemon that I'll write in C (looked at 
the httpd code in /usr.sbin/httpd as a reference) that essentially 
monitors your network connectivity in the background and, based on an 
/etc/wifid.conf file (which contains an encrypted list of nwid's and 
wpa-keys that you have loaded) looks for the presence of those nwid's 
and will connect you to them (in a particular priority order you set) 
if it finds them.  I would then write a wifictl program that would 
communicate with the daemon and allow you to manipulate the encrypted 
list, etc.


The thought is that this would give us similar behavior to other 
operating systems in making wifi more of a "set it and forget it" 
capability in the system (versus running ifconfig and dhclient any 
time I change to a new network).


The questions I have are as follows:

1.  Is there something like this already that I'm not seeing in OpenBSD?

2.  Would anyone other than me want something like this?  If not, I 
will likely write it much less "cleanly" and just use it locally for 
my needs.  Heck, I could probably write it as a shell script and just 
stuff it in my crontab.


3.  My initial thought was to do the same things in my daemon that are 
going on in the source of ifconfig.c - specifically the setifnwid(), 
setifwpakey() and setifflags() functions (as opposed to shell exec'ing 
the commands themselves).  I'd prefer not to be someone who does 
"editor reuse" and cut & paste those functions into my code, but I'm 
not sure how you would approach that from a "how we do it in OpenBSD" 
perspective.  Would I refactor that tool to put those methods I use in 
a library and then modify it to call them out of the library so we can 
both share it?


4.  Same story as #3 on sbin/dhclient/dhclient.c (seems like most of 
the code I'd lift is in the main() body and subsequent called 
functions.  I'd prefer not to duplicate it (see #3)


5.  Assuming your personal answer to #2 is yes, what do you think a 
"sane default" would be to poll the network to see if it is alive?  
There is a fine balance between not burning lots of CPU checking every 
second versus how long you go without a network connection when you 
are changing networks.


6.  Is there a way my daemon can be notified when the network becomes 
unreachable versus having to poll?  I'm thinking the answer to that is 
"no" but I've been surprised at my own ignorance before (and will 
continue to do so in the future I'm sure!) so I thought I would ask.


Thanks and sorry if this was tl;dr.

Thank you to all of the people who replied in the list and privately.  
As a result of that, it looks like someone has already done basically 
what I'm looking for at:


https://github.com/farhaven/wireless

This was written by Gregor Best, jggimi and spedru.

I will reach out to them and see if they would like to see this added to 
the ports tree and if so, will submit a patch to that list.


Thanks again everyone.

Re: Thinking about writing something I'm calling wifid

[Gilles Chehade]

On Tue, Aug 02, 2016 at 04:58:18PM +0200, Kamil Cholewi??ski wrote:
> On Tue, 02 Aug 2016, Theo de Raadt  wrote:
> > The kernel should have a better way of exporting stations it knows about
> > live, rather than userland forcing channel hops and station changes out
> > of sync with the kernel.
> 
> Perhaps overloading kevent? EVFILT_IEEE80211?
> 

:-|

-- 
Gilles Chehade

https://www.poolp.org  @poolpOrg

Re: Thinking about writing something I'm calling wifid

[Kamil Cholewiński]

On Tue, 02 Aug 2016, Theo de Raadt  wrote:
> The kernel should have a better way of exporting stations it knows about
> live, rather than userland forcing channel hops and station changes out
> of sync with the kernel.

Perhaps overloading kevent? EVFILT_IEEE80211?

Re: Thinking about writing something I'm calling wifid

[Jiri B]

On Tue, Aug 02, 2016 at 10:09:48AM -0400, Bryan Everly wrote:
> Hi everyone,
> 
> I'm looking for feedback before I burn time on this project so please let me
> know what you think.
> 
> I'm thinking about building a daemon that I'll write in C (looked at the
> httpd code in /usr.sbin/httpd as a reference) that essentially monitors your
> network connectivity in the background and, based on an /etc/wifid.conf file
> (which contains an encrypted list of nwid's and wpa-keys that you have
> loaded) looks for the presence of those nwid's and will connect you to them
> (in a particular priority order you set) if it finds them.  I would then
> write a wifictl program that would communicate with the daemon and allow you
> to manipulate the encrypted list, etc.

tl;dr but have you seen this paper?
http://www.openbsd.org/papers/eurobsdcon2015-raceless-network/index.html

j.

Re: Thinking about writing something I'm calling wifid

[Theo de Raadt]

> 3.  My initial thought was to do the same things in my daemon that are 
> going on in the source of ifconfig.c - specifically the setifnwid(), 
> setifwpakey() and setifflags() functions (as opposed to shell exec'ing 
> the commands themselves).  I'd prefer not to be someone who does "editor 
> reuse" and cut & paste those functions into my code, but I'm not sure 
> how you would approach that from a "how we do it in OpenBSD" 
> perspective.  Would I refactor that tool to put those methods I use in a 
> library and then modify it to call them out of the library so we can 
> both share it?

There has been a lot of discussion about this.  The model is not right.

Modern wireless chips/drivers can keep track of stations as they come and
go, but they have no way to expose this information.  The old "scan" command
is an atrocity, and a daemon should not be built on top of it.

The kernel should have a better way of exporting stations it knows about
live, rather than userland forcing channel hops and station changes out
of sync with the kernel.

Re: Thinking about writing something I'm calling wifid

[Raul Miller]

On Tue, Aug 2, 2016 at 10:09 AM, Bryan Everly  wrote:
> Heck, I could probably write it as a shell script and just stuff it in my
> crontab.

Good plan.

Though, personally, if I were in your situation, I'd skip the crontab part.

I happen to like knowing when my network endpoint changes.

-- 
Raul

Thinking about writing something I'm calling wifid

[Bryan Everly]

Hi everyone,

I'm looking for feedback before I burn time on this project so please 
let me know what you think.


I'm thinking about building a daemon that I'll write in C (looked at the 
httpd code in /usr.sbin/httpd as a reference) that essentially monitors 
your network connectivity in the background and, based on an 
/etc/wifid.conf file (which contains an encrypted list of nwid's and 
wpa-keys that you have loaded) looks for the presence of those nwid's 
and will connect you to them (in a particular priority order you set) if 
it finds them.  I would then write a wifictl program that would 
communicate with the daemon and allow you to manipulate the encrypted 
list, etc.


The thought is that this would give us similar behavior to other 
operating systems in making wifi more of a "set it and forget it" 
capability in the system (versus running ifconfig and dhclient any time 
I change to a new network).


The questions I have are as follows:

1.  Is there something like this already that I'm not seeing in OpenBSD?

2.  Would anyone other than me want something like this?  If not, I will 
likely write it much less "cleanly" and just use it locally for my 
needs.  Heck, I could probably write it as a shell script and just stuff 
it in my crontab.


3.  My initial thought was to do the same things in my daemon that are 
going on in the source of ifconfig.c - specifically the setifnwid(), 
setifwpakey() and setifflags() functions (as opposed to shell exec'ing 
the commands themselves).  I'd prefer not to be someone who does "editor 
reuse" and cut & paste those functions into my code, but I'm not sure 
how you would approach that from a "how we do it in OpenBSD" 
perspective.  Would I refactor that tool to put those methods I use in a 
library and then modify it to call them out of the library so we can 
both share it?


4.  Same story as #3 on sbin/dhclient/dhclient.c (seems like most of the 
code I'd lift is in the main() body and subsequent called functions.  
I'd prefer not to duplicate it (see #3)


5.  Assuming your personal answer to #2 is yes, what do you think a 
"sane default" would be to poll the network to see if it is alive?  
There is a fine balance between not burning lots of CPU checking every 
second versus how long you go without a network connection when you are 
changing networks.


6.  Is there a way my daemon can be notified when the network becomes 
unreachable versus having to poll?  I'm thinking the answer to that is 
"no" but I've been surprised at my own ignorance before (and will 
continue to do so in the future I'm sure!) so I thought I would ask.


Thanks and sorry if this was tl;dr.