Subject: Re: Persistent WEP keys
To: None <>
From: Feico Dillema <>
List: tech-net
Date: 03/07/2001 14:27:30
On Tue, Mar 06, 2001 at 11:39:01PM -0800, Jason R Thorpe wrote:
> The intent of this message is not to debate the plusses and minuses of WEP,
Same here.
> but merely to confirm that a chunk of the wi(4) driver is totally broken.
I just have some related comments on the an driver.

The an driver maintains two types of keys; VOLATILE and PERSISTENT,
the latter can only be written, not read. My comments concer the
setting and use of the PERSISTENT keys.

First, the setting of PERSISTENT keys (even though the an driver has
the code for it) is not supported in NetBSD as there is no way to tell
ifconfig that the key given with `ifconfig nwkey <key>' is to be a
persistent one or a volatile/temporary one. Currently the key is
always assumed to be a volatile/temporary one. Would it be ok to add a
qualifier to the nwkey as argument, such that:

ifconfig <ifn> nwkey [persist|temp] <key> (with temp as default if omitted).

Second, there is currently no way to enable WEP using ifconfig without
actually setting a new (temporary) key. This is needed to support the
situation where a sysadmin has set a persistent key in a card you got,
and you want to use it (but do not know this key yourself).
This is fairly easy to fix in an_ioctl() in the an device driver, but
needs also support in the ifconfig command. Now I feel the nwkey
option is a bit overloaded, and maybe should be split in to options;
one to set keys, and one to enable/disable WEP (maybe with a key-id as

So, let's say something like:

ifconfig <ifn> nwkey [persist|temp] <key>
ifconfig <ifn> -nwkey temp     # deletes all temporary keys
ifconfig <ifn> -nwkey persist  # deletes (zeros out?) persistent key
ifconfig <ifn> wep	       # enables WEP
ifconfig <ifn> -wep	       # disables wep