[arch-projects] [PATCH 1/2] Ensure all variables are unset before loading profile
There is a possible leak of profile info from one to the next if
profiles are loaded in sequence, due to the fact that we are running all
of this in a shared environment. Unset all currently known variables at
the start of load_profile().
This is most apparent in several functions in `src/network` which do
looping calls of profile_up or profile_down (which in turn call
load_profile). The script `wpa_actiond/netcfg-wpa_actiond` is safe due
to its use of subshells.
Signed-off-by: Dan McGee
When using the net-auto-wireless profile, it can be very helpful to
prefer certain connections over others.
Signed-off-by: Dan McGee
On Sun, Jun 19, 2011 at 10:03:38PM -0500, Dan McGee wrote:
When using the net-auto-wireless profile, it can be very helpful to prefer certain connections over others.
Signed-off-by: Dan McGee
--- This seemed like an obvious addition to me when I was trying to replace a box with a static wpa_supplicant.conf configuration and couldn't reproduce it faithfully.
This also makes me wonder if the 'wpa-configsection' option is all too restrictive, or if we should always append a CONFIGSECTION variable if it is present in a profile. This would allow people to do the HIDDEN (existing) and PRIORITY option (introduced here) in a more ad-hoc fashion as well as allowing any other WPA options we don't currently support without having to special-case each one.
-Dan
docs/wireless | 4 +++- src/8021x | 4 ++++ src/network | 2 +- 3 files changed, 8 insertions(+), 2 deletions(-)
diff --git a/docs/wireless b/docs/wireless index 2e466c7..bfe3c40 100644 --- a/docs/wireless +++ b/docs/wireless @@ -18,13 +18,15 @@ ESSID (this or AP is required) AP (this or ESSID is required) : AP (BSSID) of the network to connect to. HIDDEN (optional) -: Define this to connect to hidden ESSIDs. +: Assume the SSID of this network might not be broadcast and probe for it instead. Can be 'yes' or 'no', defaults to 'no'. ADHOC (optional) : Define this to use ad-hoc mode for wireless. TIMEOUT (optional) : Time to wait for association. Defaults to 15 seconds. SCAN (optional) : yes/no Scan for a wireless network rather than blindly attempting to connect. Hidden SSID networks do not appear in a scan. +PRIORITY (optional) +: Integer value to use as the wpa_supplicant priority value for this network. The default is '0'. IWCONFIG (optional, deprecated) : Run iwconfig with these options before attempting to configure the connection.
diff --git a/src/8021x b/src/8021x index 267a358..73a4ceb 100644 --- a/src/8021x +++ b/src/8021x @@ -222,6 +222,10 @@ make_wpa_config() { if checkyesno ${HIDDEN:-no}; then echo "scan_ssid=1" fi + + if [ ${PRIORITY:-0} -gt 0]; then
If you use proper bash syntax here, you don't have to worry about the default assigment: if (( PRIORITY > 0 )); then
+ echo "priority=$PRIORITY" + fi }
# vim: ft=sh ts=4 et sw=4 tw=0: diff --git a/src/network b/src/network index 316183e..953e502 100644 --- a/src/network +++ b/src/network @@ -10,7 +10,7 @@ load_profile() { unset ADDR AP AUTH8021X CONNECTION DESCRIPTION unset DHCP_OPTIONS DHCP_TIMEOUT DHCLIENT DNS DNS1 DNS2 DOMAIN - unset ESSID GATEWAY HIDDEN IFOPTS INTERFACE IP IPCFG + unset ESSID GATEWAY HIDDEN IFOPTS INTERFACE IP IPCFG PRIORITY unset IWCONFIG unset KEY NETMASK RFKILL RFKILL_NAME SCAN SEARCH TIMEOUT unset VLAN_ID VLAN_PHYS_DEV -- 1.7.5.2
Am 20.06.2011 05:03, schrieb Dan McGee:
+PRIORITY (optional) +: Integer value to use as the wpa_supplicant priority value for this network. The default is '0'.
ACK. Keep in mind though that setting priority overrides wpa_supplicants internal preferences (WPA over open networks and so on).
When using the net-auto-wireless profile, it can be very helpful to
prefer certain connections over others.
Signed-off-by: Dan McGee
On Thu, Jun 23, 2011 at 11:37 PM, Dan McGee
When using the net-auto-wireless profile, it can be very helpful to prefer certain connections over others.
Ping?
Signed-off-by: Dan McGee
--- docs/wireless | 4 +++- src/8021x | 5 ++++- src/network | 2 +- 3 files changed, 8 insertions(+), 3 deletions(-) diff --git a/docs/wireless b/docs/wireless index 2e466c7..8bda63b 100644 --- a/docs/wireless +++ b/docs/wireless @@ -18,13 +18,15 @@ ESSID (this or AP is required) AP (this or ESSID is required) : AP (BSSID) of the network to connect to. HIDDEN (optional) -: Define this to connect to hidden ESSIDs. +: Assume the SSID of this network might not be broadcast and probe for it instead. Can be 'yes' or 'no', defaults to 'no'. ADHOC (optional) : Define this to use ad-hoc mode for wireless. TIMEOUT (optional) : Time to wait for association. Defaults to 15 seconds. SCAN (optional) : yes/no Scan for a wireless network rather than blindly attempting to connect. Hidden SSID networks do not appear in a scan. +PRIORITY (optional) +: Integer value to use as the wpa_supplicant priority value for this network. The default is '0'. This will override the default internal preferences of wpa_supplicant. IWCONFIG (optional, deprecated) : Run iwconfig with these options before attempting to configure the connection.
diff --git a/src/8021x b/src/8021x index 267a358..a371ff8 100644 --- a/src/8021x +++ b/src/8021x @@ -222,7 +222,10 @@ make_wpa_config() { if checkyesno ${HIDDEN:-no}; then echo "scan_ssid=1" fi + + if (( $PRIORITY > 0 )); then + echo "priority=$PRIORITY" + fi }
# vim: ft=sh ts=4 et sw=4 tw=0: - diff --git a/src/network b/src/network index 316183e..953e502 100644 --- a/src/network +++ b/src/network @@ -10,7 +10,7 @@ load_profile() { unset ADDR AP AUTH8021X CONNECTION DESCRIPTION unset DHCP_OPTIONS DHCP_TIMEOUT DHCLIENT DNS DNS1 DNS2 DOMAIN - unset ESSID GATEWAY HIDDEN IFOPTS INTERFACE IP IPCFG + unset ESSID GATEWAY HIDDEN IFOPTS INTERFACE IP IPCFG PRIORITY unset IWCONFIG unset KEY NETMASK RFKILL RFKILL_NAME SCAN SEARCH TIMEOUT unset VLAN_ID VLAN_PHYS_DEV -- 1.7.5.2
On 2011/6/20 Dan McGee
This sucks a bit, but is a big failing of netcfg I found when writing my next patch. It screams "there must be a better way", but at the moment I'm not sure what that may be. The biggest problem is there is no central collection of these variables which I had to scrape from the various setup scripts. Thoughts?
I'd better say we should enforce the use of subshells whenever multiple profiles are expected to be loaded in a sequence. For example; by making load_profile a hard failure if $DESCRIPTION (or any other common variable) is already set. Rémy.
On 2011/6/20 Dan McGee
wrote: This sucks a bit, but is a big failing of netcfg I found when writing my next patch. It screams "there must be a better way", but at the moment I'm not sure what that may be. The biggest problem is there is no central collection of these variables which I had to scrape from the various setup scripts. Thoughts?
I'd better say we should enforce the use of subshells whenever multiple profiles are expected to be loaded in a sequence. Of course now it appears all calls are in subshells; this was old work, I'm not sure if something changed in the last 4 months I've had
On Mon, Jun 20, 2011 at 1:06 AM, Rémy Oudompheng
For example; by making load_profile a hard failure if $DESCRIPTION (or any other common variable) is already set. $CONNECTION is probably your best variable choice here.
-Dan
participants (4)
-
Dan McGee
-
Dave Reisner
-
Rémy Oudompheng
-
Thomas Bächler