NetBSD Problem Report #57026

From www@netbsd.org  Sun Sep 25 18:10:48 2022
Return-Path: <www@netbsd.org>
Received: from mail.netbsd.org (mail.netbsd.org [199.233.217.200])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits))
	(Client CN "mail.NetBSD.org", Issuer "mail.NetBSD.org CA" (not verified))
	by mollari.NetBSD.org (Postfix) with ESMTPS id BC2AF1A921F
	for <gnats-bugs@gnats.NetBSD.org>; Sun, 25 Sep 2022 18:10:48 +0000 (UTC)
Message-Id: <20220925181046.A51471A9239@mollari.NetBSD.org>
Date: Sun, 25 Sep 2022 18:10:46 +0000 (UTC)
From: jan.danielzick@gmx.de
Reply-To: jan.danielzick@gmx.de
To: gnats-bugs@NetBSD.org
Subject: Sysinst "Configure network" connects to random open WiFi when connecting to the desired network fails
X-Send-Pr-Version: www-1.0

>Number:         57026
>Category:       install
>Synopsis:       Sysinst "Configure network" connects to random open WiFi when connecting to the desired network fails
>Confidential:   no
>Severity:       non-critical
>Priority:       medium
>Responsible:    install-manager
>State:          needs-pullups
>Class:          sw-bug
>Submitter-Id:   net
>Arrival-Date:   Sun Sep 25 18:15:00 +0000 2022
>Closed-Date:    
>Last-Modified:  Mon Sep 26 07:17:42 +0000 2022
>Originator:     BodgeMaster
>Release:        9.3
>Organization:
>Environment:
NetBSD  9.3 NetBSD 9.3 (GENERIC) #0: Thu Aug  4 15:30:37 UTC 2022 mkrepo@mkrepo.NetBSD.org:/usr/src/sys/arch/amd64/compile/GENERIC amd64
>Description:
When connecting to an encrypted wireless network fails (for example due to a wrongly entered passphrase), a connection to the next best open network is established instead - automatically without asking the user and trying to fix it is impossible without restarting because the existing connection is not disconnected before trying to configure the network again.

This is a potential security risk due to the installer using plain HTTP or FTP for downloads and definitely a privacy issue because nobody needs to know that there is a laptop running this or that uncommon operating system in the area. Not to mention that it is really inconvenient because many open networks won’t let you connect to the internet without opening their login page in a web browser so the connection is useless in many cases.
>How-To-Repeat:
Prerequisites:
- a computer with a WiFi NIC
- an encrypted WiFi network using a passphrase in range
- an open WiFi network in range

(basically have a laptop and live in a densely populated area)

Steps to reproduce:
- Boot up the installer
- Follow the steps until you can select `e: Utility menu`
- `c: Configure network`
- select the WiFi interface and enter the SSID of your desired encrypted network
- intentionally enter a wrong passphrase
- select yes when asked whether to perform auto configuration

At this point, a connection to the open network will be established. Trying to use `c: Configure network` again appears to just request a new DHCP lease.
>Fix:

>Release-Note:

>Audit-Trail:
From: nia <nia@NetBSD.org>
To: gnats-bugs@netbsd.org
Cc: 
Subject: Re: install/57026: Sysinst "Configure network" connects to random
 open WiFi when connecting to the desired network fails
Date: Mon, 26 Sep 2022 06:56:57 +0000

 In CURRENT this was fixed by this commit:

 https://freshbsd.org/netbsd/src/commit/2TraFwXgm8llwkPB

 However, it wasn't pulled up to 9 because it changes the behaviour.

 In this case I'd argue that the behavior is harmful/useless
 and I'd really hope that nobody is relying on it...

State-Changed-From-To: open->needs-pullups
State-Changed-By: nia@NetBSD.org
State-Changed-When: Mon, 26 Sep 2022 07:17:42 +0000
State-Changed-Why:


>Unformatted:
NetBSD Home
NetBSD PR Database Search
(Contact us) $NetBSD: query-full-pr,v 1.47 2022/09/11 19:34:41 kim Exp $
$NetBSD: gnats_config.sh,v 1.9 2014/08/02 14:16:04 spz Exp $
Copyright © 1994-2022 The NetBSD Foundation, Inc. ALL RIGHTS RESERVED.