psk2 key with " doesn't work

Bug #180209 reported by Jan Willies on 2008-01-03
4
Affects Status Importance Assigned to Milestone
wicd
Medium
Dan O'Reilly

Bug Description

With WICD-1.3.8 I can't connect to my AP because my wpa2-key contains " and that doesn't work with WICD:

root@jan ~ # /usr/lib/wicd/daemon.py
/usr/lib/wicd
wicd daemon: pid 5045
lo no wireless extensions.

eth0 no wireless extensions.

wmaster0 no wireless extensions.

dhclient: Kein Prozess abgebrochen
dhclient3: Kein Prozess abgebrochen
wpa_supplicant: Kein Prozess abgebrochen
sh: -c: line 0: syntax error near unexpected token `)'
sh: -c: line 0: `wpa_passphrase "schnauze" "]t(8gYrOY|:/#/")"*pq>r{Oxxxxxxxxxxxxx0T"'
Nothing to flush.
Nothing to flush.
[...]

I noticed this also but that's another thing I guess:

root 5045 0.1 0.4 18304 4476 ? Sl 22:51 0:00 /usr/bin/python /usr/lib/wicd/daemon.py
root 5049 0.0 0.0 0 0 ? Z 22:51 0:00 \_ [ethtool] <defunct>

Settings for eth0:
        Supported ports: [ TP MII ]
        Supported link modes: 10baseT/Half 10baseT/Full
                                100baseT/Half 100baseT/Full
        Supports auto-negotiation: Yes
        Advertised link modes: 10baseT/Half 10baseT/Full
                                100baseT/Half 100baseT/Full
        Advertised auto-negotiation: Yes
        Speed: 10Mb/s
        Duplex: Half
        Port: MII
        PHYAD: 32
        Transceiver: internal
        Auto-negotiation: on
        Supports Wake-on: pumbg
        Wake-on: d
        Current message level: 0x00000007 (7)
        Link detected: no

Dan O'Reilly (oreilldf) wrote :

The problem you're seeing is actually a problem with wpa_passphrase. You need to escape certain characters with a '\' for the psk to be generated. Using this passphrase should work for you: "]t(8gYrOY|:/#/\")\"*pq>r{Oxxxxxxxxxxxxx0T"
Notice the '\' characters before both of the double quotations. I might go ahead an have wicd search passphrases for potential problem characters and add the '\' automatically down the line, but for now you have to add them in yourself.

Out of curiosity, what distro are you running wicd with? And how did you install it. I ask because I noticed daemon.py is running out of /usr/lib/wicd, which isn't default right now (though it will be in a future release).

Also, not sure why you're seeing the zombie ethtool. Haven't noticed that happening on my box, but I'll look into it.

Jan Willies (jan-willies) wrote :

right, it works with escaping the ". thanks!

I'm running archlinux with the wicd-package from testing (currently 1.4.0). It's a great distro :)

If you need more infos about the zombie ethtool, let me know.

Sabin Iacob (iacobs) wrote :

quotes aren't the only problem, the "!" character, for instance, is used for history expansion by bash, and when improperly quoted results in an error message; in my case the sysadmin decided to use an automatically generated string as a passphrase, and it contained '!' and '"', and the generated psk was always None. Also, a correctly crafted passphrase allows the user to run anything with root privileges, so something like this:

escape_re = re.compile('(?=[^a-zA-Z0-9_.\/\-\x7F-\xFF])')

def shell_escape(data):
    return escape_re.sub('\\\\', data)

in misc.py could be a good idea.

Dan O'Reilly (oreilldf) wrote :

I think that is a good idea. Although wouldn't we want '\\' instead of '\\\\' in the sub() method call? It seems to me that there would be an extra backslash added to the psk otherwise.

Changed in wicd:
assignee: nobody → oreilldf
importance: Undecided → Medium
status: New → Confirmed
Dan O'Reilly (oreilldf) wrote :

Ah, never mind, it won't parse correctly with just the two backslashes. I'll commit this to the experimental branch.

Dan O'Reilly (oreilldf) wrote :

Just a quick update to this, turns out there is a method built in to the re module that escapes strings for you. So just running re.escape(psk) should do the trick.

Changed in wicd:
status: Confirmed → Fix Committed
Dan O'Reilly (oreilldf) on 2008-08-13
Changed in wicd:
status: Fix Committed → Fix Released
To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers