Project

General

Profile

Actions

Todo #5123

closed

Remove WEP

Added by Jim Pingle about 9 years ago. Updated about 9 years ago.

Status:
Resolved
Priority:
Normal
Assignee:
Category:
Wireless
Target version:
Start date:
09/11/2015
Due date:
% Done:

100%

Estimated time:
Plus Target Version:
Release Notes:

Description

After some internal discussion, it's time to remove WEP. Not only is it horribly insecure, it has been deprecated by IEEE since 2004 and most devices that can't use WPA have long since died.

The WEP options and related code need removed from interfaces.php and the backend interfaces code. There are other references to WEP among the wireless options, such as under Authentication.

Only downside is the potential to leave the interface an open AP. Though with WEP it's practically there anyhow. On upgrade, we should not attempt to bring up an interface that is configured for WEP, and file a notice letting the user know that the interface has a problem. Optionally, we could disable the interface.

If someone really needs WEP, an external AP can always be used.

Actions #1

Updated by Anonymous about 9 years ago

  • Status changed from New to Feedback
  • Assignee set to Jim Pingle

WEP removed by the use of 'define("ALLOWWEP", false);' - Just in case

Actions #2

Updated by Jim Pingle about 9 years ago

  • Status changed from Feedback to Confirmed
  • Assignee deleted (Jim Pingle)

OK, that may take care of the GUI (at least the options) but it also needs some backend adjustments to remove support from the code that writes out the hostap config and such. Might need Renato or Luiz to look it over from here. No rush though.

Actions #3

Updated by Anonymous about 9 years ago

  • Status changed from Confirmed to Feedback
  • % Done changed from 0 to 100
Actions #4

Updated by Jim Pingle about 9 years ago

  • Status changed from Feedback to Confirmed
  • % Done changed from 100 to 30
Actions #5

Updated by Chris Buechler about 9 years ago

  • Tracker changed from Bug to Todo
  • Project changed from Bootstrap to pfSense
  • Category set to Wireless
  • Affected Architecture added
  • Affected Architecture deleted (All)

moving out of bootstrap and to todo for handling the back end bits.

Actions #6

Updated by Jim Thompson about 9 years ago

  • Assignee set to Matthew Smith
Actions #7

Updated by Matthew Smith about 9 years ago

  • Status changed from Confirmed to Feedback
  • % Done changed from 30 to 100
Actions #8

Updated by Jim Thompson about 9 years ago

  • Assignee changed from Matthew Smith to Jim Pingle

reassigned to pingle for verification and closure.

Actions #9

Updated by Jim Pingle about 9 years ago

  • Status changed from Feedback to Assigned
  • Assignee changed from Jim Pingle to Anonymous

The upgrade code appears to work OK, I upgraded an ALIX I configured for WEP on 2.2.5 and post upgrade the interface was disabled as expected and the notice was there.

The backend code looks OK, there is still some GUI code present but disabled (Wrapped with an ALLOWWEP test) this code should probably be removed now rather than just having it skipped now that the other pieces are in place.

Actions #10

Updated by Anonymous about 9 years ago

  • Assignee changed from Anonymous to Jim Pingle

Removed as requested.

JimP to close if appropriate.

Actions #11

Updated by Anonymous about 9 years ago

  • Status changed from Assigned to Feedback
Actions #12

Updated by Jim Pingle about 9 years ago

  • Status changed from Feedback to Assigned
  • Assignee changed from Jim Pingle to Anonymous

Looks good but now I'm also wondering if we can't get rid of all mentions of auth_algs from that page. It's listed as a hidden input now, and doesn't seem to be needed. There is one mention of it in /etc/inc/interfaces.inc also that could be removed.

Actions #13

Updated by Anonymous about 9 years ago

  • Assignee changed from Anonymous to Jim Pingle

Removed as requested.
Seems to have no adverse affects

Actions #14

Updated by Anonymous about 9 years ago

  • Status changed from Assigned to Feedback
Actions #15

Updated by Jim Pingle about 9 years ago

  • Status changed from Feedback to Resolved

Seems to be OK here.

Ding, dong, the WEP is dead.

Actions

Also available in: Atom PDF