tazpanel view README.devel @ rev 469
Typo in hardware.cgi
| author | Pascal Bellard <pascal.bellard@slitaz.org> |
|---|---|
| date | Mon Apr 27 00:16:35 2015 +0200 (2015-04-27) |
| parents | 7ca14d55e705 |
| children | 525e6519e66b |
line source
1 Various Development Notes
2 =========================
4 --------------------------------------------------------------------------------
6 network.cgi
7 -----------
9 Goal: allow ANY symbols in the WPA PSK (Wi-Fi password).
10 We can find WPA PSK in the different places, and there are different
11 restrictions to write it.
13 a) /etc/network.conf: SliTaz system wide networking configuration;
14 b) /etc/wpa/wpa.conf: wpa_supplicant configuration file;
15 c) html input form in the TazPanel > Network > Wireless;
16 d) saved passwords for known networks in the javascript in the same place.
18 Let's see all that files/places one by one.
21 a) network.conf
23 Really "network.conf" is a shell script. It contains variables definitions, and
24 it sourced into other shell scripts to define all Wi-Fi configuration variables.
25 By default, we can see variable and its content in the double quotes:
27 WIFI_KEY="mypassword"
29 There are many pitfalls if we allow ANY symbols here:
31 Variable expansion:
32 WIFI_KEY="123$HOME"
33 WIFI_KEY="$0$#$? *"
35 Command expansion:
36 WIFI_KEY="123$(echo 456)789"
37 WIFI_KEY="`rm -rf /`"
39 Quoting problem:
40 WIFI_KEY="abc"def'ghi"
42 Seems, we'll solve the problem when escape some symbols:
43 \ → \\
44 " → \"
45 $ → \$
46 ` → \`
48 Another solution exists (and currently I stick to it): single quotes. We need no
49 escape anything but single quotes (') in the single quotes terminated string.
50 And yes, this quoting is a pain for brain:
52 Password: abc"def'ghi
53 String : WIFI_KEY='abc"def'"'"'ghi'
54 But it is simple work for sed command.
57 b) wpa.conf
59 wpa_supplicant actually connects us to our Wi-Fi networks, and it is a file
60 where we can store all our networks settings, including passwords. It is handy
61 when you have one network at home, other - at work, and another - at your
62 friends home. Really, you shouldn't to re-enter all these passwords again.
64 We can read a lot of useful information in the wpa_supplicant.conf file
65 (/etc/wpa/wpa_supplicant.conf):
67 # psk: WPA preshared key; 256-bit pre-shared key
68 # The key used in WPA-PSK mode can be entered either as 64 hex-digits, i.e.,
69 # 32 bytes or as an ASCII passphrase (in which case, the real PSK will be
70 # generated using the passphrase and SSID). ASCII passphrase must be between
71 # 8 and 63 characters (inclusive). ext:<name of external PSK field> format can
72 # be used to indicate that the PSK/passphrase is stored in external storage.
73 # This field is not needed, if WPA-EAP is used.
74 # Note: Separate tool, wpa_passphrase, can be used to generate 256-bit keys
75 # from ASCII passphrase. This process uses lot of CPU and wpa_supplicant
76 # startup and reconfiguration time can be optimized by generating the PSK only
77 # only when the passphrase or SSID has actually changed.
80 Interesting and good method to use 64 symbols "passwords", maybe we switch to it
81 sometimes. Example of using "wpa_passphrase":
82 Let network name is: my_wifi
83 Let password is : abc'def"ghi
84 Let's run utility twice - with different quoting style:
86 tux@slitaz:~$ wpa_passphrase my_wifi "abc'def\"ghi"
87 network={
88 ssid="my_wifi"
89 #psk="abc'def"ghi"
90 psk=e99c121a998a0c35419b16fd56beb38d2b471fd5519518c056af933e9daf3e30
91 }
92 tux@slitaz:~$ wpa_passphrase my_wifi 'abc'"'"'def"ghi'
93 network={
94 ssid="my_wifi"
95 #psk="abc'def"ghi"
96 psk=e99c121a998a0c35419b16fd56beb38d2b471fd5519518c056af933e9daf3e30
97 }
99 Here psk are identical, so we can use this method.
101 But I can't find advanced info about quoting style in the wpa_supplicant
102 configuration file. So, I ended with little experiment. I've created new
103 network connection in my Android smartphone and viewed my
104 /data/misc/wifi/wpa_supplicant.conf file using Root Explorer application:
106 network={
107 ssid="my_wifi"
108 scan_ssid=1
109 psk="abc'def"ghi"
110 key_mgmt=WPA-PSK
111 }
113 Yes, we can see unpaired quotes. Really don't know is it right. Maybe,
114 wpa_supplicant just readed line content between first and last quotes. Need to
115 dig into sources... And now I not quote psk in any manner.
118 c) network.cgi form input
120 Piece of html code:
122 <input type="password" name="password" value="$WIFI_KEY" id="password"/>
124 Here we free to use single quotes or double quotes, but we should escape them
125 in the html manner:
126 ' → '
127 " → "
129 Also, don't forget about these symbols:
130 & → &
131 < → <
132 > → >
135 d) network.cgi javascript database
137 Also, we store passwords in the known networks database in the form of
138 javascript to gain user experience without page to be reloaded: you can click
139 Wi-Fi network name and script will fill its password for you.
141 Here example of that script on the html page:
143 <script type="text/javascript">
144 ajax('network.cgi?wifi_list', '1', 'wifiList');
145 networks = [
146 {ssid:"my_wifi", scan_ssid:"1", psk:"my_password", key_mgmt:"WPA-PSK",
147 priority:"1"},
148 {ssid:"your_wifi", scan_ssid:"1", key_mgmt:"NONE", auth_alg:"OPEN SHARED",
149 wep_key0:"01234567890123456789abcdef", priority:"3"}
150 ];
151 </script>
153 Here we need to escape ('"&<>) symbols but in the slightly another manner:
154 \ → \\
155 " → \"
158 So, what do you think about this very special password? :=D
159 a'b"c $(echo 2)=$HOME`date`\t&#x
161 --------------------------------------------------------------------------------