Todo #5123
closed
Added by Jim Pingle about 9 years ago.
Updated about 9 years ago.
Description
After some internal discussion, it's time to remove WEP. Not only is it horribly insecure, it has been deprecated by IEEE since 2004 and most devices that can't use WPA have long since died.
The WEP options and related code need removed from interfaces.php and the backend interfaces code. There are other references to WEP among the wireless options, such as under Authentication.
Only downside is the potential to leave the interface an open AP. Though with WEP it's practically there anyhow. On upgrade, we should not attempt to bring up an interface that is configured for WEP, and file a notice letting the user know that the interface has a problem. Optionally, we could disable the interface.
If someone really needs WEP, an external AP can always be used.
- Status changed from New to Feedback
- Assignee set to Jim Pingle
WEP removed by the use of 'define("ALLOWWEP", false);' - Just in case
- Status changed from Feedback to Confirmed
- Assignee deleted (
Jim Pingle)
OK, that may take care of the GUI (at least the options) but it also needs some backend adjustments to remove support from the code that writes out the hostap config and such. Might need Renato or Luiz to look it over from here. No rush though.
- Status changed from Confirmed to Feedback
- % Done changed from 0 to 100
- Status changed from Feedback to Confirmed
- % Done changed from 100 to 30
- Tracker changed from Bug to Todo
- Project changed from Bootstrap to pfSense
- Category set to Wireless
- Affected Architecture added
- Affected Architecture deleted (
All)
moving out of bootstrap and to todo for handling the back end bits.
- Assignee set to Matthew Smith
- Status changed from Confirmed to Feedback
- % Done changed from 30 to 100
- Assignee changed from Matthew Smith to Jim Pingle
reassigned to pingle for verification and closure.
- Status changed from Feedback to Assigned
- Assignee changed from Jim Pingle to Anonymous
The upgrade code appears to work OK, I upgraded an ALIX I configured for WEP on 2.2.5 and post upgrade the interface was disabled as expected and the notice was there.
The backend code looks OK, there is still some GUI code present but disabled (Wrapped with an ALLOWWEP test) this code should probably be removed now rather than just having it skipped now that the other pieces are in place.
- Assignee changed from Anonymous to Jim Pingle
Removed as requested.
JimP to close if appropriate.
- Status changed from Assigned to Feedback
- Status changed from Feedback to Assigned
- Assignee changed from Jim Pingle to Anonymous
Looks good but now I'm also wondering if we can't get rid of all mentions of auth_algs from that page. It's listed as a hidden input now, and doesn't seem to be needed. There is one mention of it in /etc/inc/interfaces.inc also that could be removed.
- Assignee changed from Anonymous to Jim Pingle
Removed as requested.
Seems to have no adverse affects
- Status changed from Assigned to Feedback
- Status changed from Feedback to Resolved
Seems to be OK here.
Ding, dong, the WEP is dead.
Also available in: Atom
PDF
Updated by Anonymous 
Updated by 
Updated by 
Updated by 
Updated by