On 2010/09/12 19:28, Damien Miller wrote: > On Sun, 12 Sep 2010, Alexander Hall wrote: > > > For upcoming changes to the installer. > > > > PRE: # ifconfig wpi0 nwid mynet wpa wpapsk `wpa-psk mynet "my secret > > passphrase"` > > > > POST: # ifconfig wpi0 nwid mynet wpa wpapsk "my secret passphrase" > > > > > > A few conflicts arises; > > > > 1. You cannot have a passphrase starting with "0x" > > 2. You cannot, as in -current, enter a 32-char string as the key (for > > those of you even aware of that possibility, I sure wasn't :) > > Are you saying it won't be possible to use a pre-generated wpa-psk key? > (i.e. the output of wpa-psk(8)) If not then this might break existing > configs.
No, that is still ok. What doesn't work with this diff is a _passphrase_ rather than a key starting 0x. (Though you can still do this if you use the wpa-psk tool to generate it..) > > 3. An nwid is required prior to supplying a passphrase to wpapsk. > > 4. If the nwid is changed afterwards, the passphrase is not adjusted. > > > > 1 and 2) These can be taken care of by breaking this out into a new > > "wpapass" option or so, if seen as real problems. > > I think that is a good idea. > > > 3 and 4) I don't see these as real problems. > > IMO it would be a good idea to warn for these cases. I agree. I think it might also make sense to clear wpapsk if the nwid is changed to a different value as they key can't possibly be correct as-is, and doing this makes it marginally easier if you move from a WPA network to an open network (no more need to "ifconfig ral0 -wpapsk").
