Re: ifconfig & wpa keys
On Mon, Jan 08 2018, Martin Pieuchot wrote: > On 06/01/18(Sat) 09:24, Theo de Raadt wrote: >> We used to try to create ifconfig output that someone could cut'n'paste >> back in as input, when it was reasonable. Therefore ifconfig output >> was a human hint suggesting what ifconfig command takes as input. >> >> But this one doesn't bother me, since for this line it doesn't work >> and making it shorter will make the lines cleaner. >> >> Same thing for nwkey? > > Here you go. ok jca@ -- jca | PGP : 0x1524E7EE / 5135 92C1 AD36 5293 2BDF DDCC 0DFA 74AE 1524 E7EE
Re: ifconfig & wpa keys
On 06/01/18(Sat) 09:24, Theo de Raadt wrote: > We used to try to create ifconfig output that someone could cut'n'paste > back in as input, when it was reasonable. Therefore ifconfig output > was a human hint suggesting what ifconfig command takes as input. > > But this one doesn't bother me, since for this line it doesn't work > and making it shorter will make the lines cleaner. > > Same thing for nwkey? Here you go. Index: ifconfig.c === RCS file: /cvs/src/sbin/ifconfig/ifconfig.c,v retrieving revision 1.351 diff -u -p -r1.351 ifconfig.c --- ifconfig.c 17 Nov 2017 18:04:51 - 1.351 +++ ifconfig.c 8 Jan 2018 14:53:09 - @@ -2124,70 +2124,11 @@ ieee80211_status(void) } } - if (inwkey == 0 && nwkey.i_wepon > IEEE80211_NWKEY_OPEN) { - fputs(" nwkey ", stdout); - /* try to retrieve WEP keys */ - for (i = 0; i < IEEE80211_WEP_NKID; i++) { - nwkey.i_key[i].i_keydat = keybuf[i]; - nwkey.i_key[i].i_keylen = sizeof(keybuf[i]); - } - if (ioctl(s, SIOCG80211NWKEY, (caddr_t)&nwkey) == -1) { - fputs("", stdout); - } else { - nwkey_verbose = 0; - /* -* check to see non default key -* or multiple keys defined -*/ - if (nwkey.i_defkid != 1) { - nwkey_verbose = 1; - } else { - for (i = 1; i < IEEE80211_WEP_NKID; i++) { - if (nwkey.i_key[i].i_keylen != 0) { - nwkey_verbose = 1; - break; - } - } - } - /* check extra ambiguity with keywords */ - if (!nwkey_verbose) { - if (nwkey.i_key[0].i_keylen >= 2 && - isdigit((unsigned char)nwkey.i_key[0].i_keydat[0]) && - nwkey.i_key[0].i_keydat[1] == ':') - nwkey_verbose = 1; - else if (nwkey.i_key[0].i_keylen >= 7 && - strncasecmp("persist", - (char *)nwkey.i_key[0].i_keydat, 7) == 0) - nwkey_verbose = 1; - } - if (nwkey_verbose) - printf("%d:", nwkey.i_defkid); - for (i = 0; i < IEEE80211_WEP_NKID; i++) { - if (i > 0) - putchar(','); - if (nwkey.i_key[i].i_keylen < 0) { - fputs("persist", stdout); - } else { - /* -* XXX -* sanity check nwkey.i_key[i].i_keylen -*/ - print_string(nwkey.i_key[i].i_keydat, - nwkey.i_key[i].i_keylen); - } - if (!nwkey_verbose) - break; - } - } - } + if (inwkey == 0 && nwkey.i_wepon > IEEE80211_NWKEY_OPEN) + fputs(" nwkey", stdout); - if (ipsk == 0 && psk.i_enabled) { - fputs(" wpakey ", stdout); - if (psk.i_enabled == 2) - fputs("", stdout); - else - print_string(psk.i_psk, sizeof(psk.i_psk)); - } + if (ipsk == 0 && psk.i_enabled) + fputs(" wpakey", stdout); if (iwpa == 0 && wpa.i_enabled) { const char *sep;
Re: ifconfig & wpa keys
On Sat, Jan 06, 2018 at 03:03:55PM +0100, Martin Pieuchot wrote: > We're no longer exporting keys to userland, so can we stop printing > ""? > > ok? Fine with me. > > Index: ifconfig.c > === > RCS file: /cvs/src/sbin/ifconfig/ifconfig.c,v > retrieving revision 1.351 > diff -u -p -r1.351 ifconfig.c > --- ifconfig.c17 Nov 2017 18:04:51 - 1.351 > +++ ifconfig.c6 Jan 2018 13:59:33 - > @@ -2181,13 +2181,8 @@ ieee80211_status(void) > } > } > > - if (ipsk == 0 && psk.i_enabled) { > - fputs(" wpakey ", stdout); > - if (psk.i_enabled == 2) > - fputs("", stdout); > - else > - print_string(psk.i_psk, sizeof(psk.i_psk)); > - } > + if (ipsk == 0 && psk.i_enabled) > + fputs(" wpakey", stdout); > if (iwpa == 0 && wpa.i_enabled) { > const char *sep; > >
Re: ifconfig & wpa keys
We used to try to create ifconfig output that someone could cut'n'paste back in as input, when it was reasonable. Therefore ifconfig output was a human hint suggesting what ifconfig command takes as input. But this one doesn't bother me, since for this line it doesn't work and making it shorter will make the lines cleaner. Same thing for nwkey? > We're no longer exporting keys to userland, so can we stop printing > ""? > > ok? > > Index: ifconfig.c > === > RCS file: /cvs/src/sbin/ifconfig/ifconfig.c,v > retrieving revision 1.351 > diff -u -p -r1.351 ifconfig.c > --- ifconfig.c17 Nov 2017 18:04:51 - 1.351 > +++ ifconfig.c6 Jan 2018 13:59:33 - > @@ -2181,13 +2181,8 @@ ieee80211_status(void) > } > } > > - if (ipsk == 0 && psk.i_enabled) { > - fputs(" wpakey ", stdout); > - if (psk.i_enabled == 2) > - fputs("", stdout); > - else > - print_string(psk.i_psk, sizeof(psk.i_psk)); > - } > + if (ipsk == 0 && psk.i_enabled) > + fputs(" wpakey", stdout); > if (iwpa == 0 && wpa.i_enabled) { > const char *sep; > >