Fedora – Page 3 – Dan Williams’ blog

Few Surprised at New Evidence of Staging Driver Suckage

Thomas Johnson (High School Janitor)

“Oh yeah, I’ve seen that code. It’s worse than what I clean up in the bathrooms after Prom or Homecoming. The kids get high and drunk and party too hard and puke all over the place. I deal with enough vomit from 7:30 to 6; I wouldn’t touch the staging drivers with a mop twice as long as the one I have at work.”

Just Say No

Thomas just found out that none of the “staging” wifi drivers will work with hidden access points because they don’t set the IW_SCAN_CAPA_ESSID capability bit. Furthermore, the most popular “staging” drivers (for the Ralink hardware used in many netbooks) don’t even have specific SSID scanning capability at all.

Why do you care? Hidden APs don’t broadcast their network ID, which misinformed people think is more secure (hint: it’s not). Before a driver can associate to the network, it needs to discover available APs and capabilities, which requires a probe-request, which exposes the network ID to everyone anyway. But that requires driver support which none of the staging drivers have.

I fixed this issue upstream two years ago by adding IW_SCAN_CAPA_ESSID to Wireless Extensions. Of course the staging WiFi drivers that many distros enable never got fixed because the vendor it came from didn’t bother to work with the community in the first place. And people wonder why they don’t work.

Broadly speaking, staging WiFi drivers come in two flavors: (a) old dried gum from under the cafeteria table (drivers with a future), and (b) fresh vomit from the hung-over kid in your math class (those without a future).

The drivers with a future (winbond, rtl81xx) are or will based on the kernel-standard mac80211 wireless stack, which implements the 802.11 WiFi specification in the kernel. Since they use the standard mac80211 stack, they get all these nice features like probe-scanning and the correct capability bits for free. All you have to do is work on supporting the hardware itself.

The drivers without a future (rt2860, rt2870, rt3070, rt3090, wlan-ng, vt665x) are based on forks of the ancient ieee80211 stack that Intel’s ipw2x00 drivers forked from the hostap driver. Each of these drivers includes their own copy of the core ieee80211 stack forked at different times and with different hacks. When a bug shows up, that means 4x the work, and 4x the chance for the fix to slip through the cracks. Which is why these drivers have no future. They are a maintenance nightmare. Besides, they have crap like this:

pAdapter->StaCfg.bScanReqIsFromWebUI = TRUE;

It just blows my mind why people think staging wifi drivers are a great idea. There’s a reason staging drivers set the TAINT_CRAP flag in your kernel; because that’s what they literally are.

So what’s the right thing to do?

There’s one huge reason why dead-end staging drivers are a bad idea: there aren’t enough developers. So do you spend that effort on maintaining unmaintainable shit code? Or do you spend it on fixing the code that has a future? Most of the time you can’t do both.

If you choose to maintain the staging drivers, then things become worse over time since the staging code is simply less tested and less maintainable. So you continue to drop hacks and fixes onto an ever-growing steaming pile of manure. Nobody cares much about the driver (because it doesn’t use the standard kernel interfaces and thus doesn’t have a future), so your staging driver never benefits from all the great feature work and bug fixing that the mac80211 and wireless developers are doing.

But if you choose to help fix the upstream drivers that do use mac80211 (like rt2x00), and thus have a future, maybe for a few months some users won’t have great wireless. But they didn’t before either. But then 6 months later, all the users get great wireless with features like power saving, background scanning, WiFi Direct, Bluetooth 3, access-point mode, etc. Those things will never be done to the staging drivers, because those drivers are a dead-end maintenance nightmare, because their code is awful, and because they don’t use the standard kernel wireless stack.

I know I’d invest the effort where it helps users the most, even if it means a few more months of subpar driver support while the official upstream drivers get fixed and the staging drivers go untouched. That’s how things actually get better when you can’t fix everything at once.

Whipping out the pipe snake

: Can’t go home till the plumbing is done

… to get down and dirty with your wifi card. Really, get your mind out of the gutter. Lets keep this PG shall we?

The Wireless Summit, LinuxCon, and Linux Plumbers Conference were all two weeks ago, where the Wireless Cartel of Awesome met to unclog the drain of Linux wireless with the righteous hand of glory. We solved world peace while simultaneously making the earth safe for Democracy, David Zeuthen’s favorite pink pony, and a bunch of cute fuzzy kittens. But that’s boring. Instead, two other things deserve your attention:

Background Scanning

As of the 2.6.32 kernel WiFi scans requested while connected to an access point are background scans. The mac80211 stack will spread the scan out over about 30 seconds, jumping back to the associated AP’s channel every so often so it doesn’t stall your traffic. We’ve actually done this in the OLPC Libertas for a long time, and now everyone on the block gets it. There’s been any number of bugs open about NetworkManager’s scan behavior, including misguided requests for huge fat “Don’t scan while connected” checkboxes in the UI. And now that’s been fixed upstream. Oh, bought a Ralink card or a Broadcom? Sorry, better luck next time. This is why you buy hardware that actually works with Linux, so that the Gods of Kernel Wireless will rock your card, and you won’t be stuck with dead-end shit that never gets better. But maybe pain floats your boat. If you bought Intel or Atheros then you’re awesome.

Sometimes people stop me on the street and ask me why we want to scan periodically. Here’s what I tell them. Besides enabling location-based services (which help me find great candle-lit bistros for dates with your mom) there’s one super-important reason: roaming. Not just between networks, but also between APs in the same network. If the wifi card doesn’t have an up-to-date scan list, you’ll take the hit anyway at the worst possible moment: when your back is against the wall, the gun’s in your face, and you have to switch APs or lose the connection entirely. So better do it while you can. Only have one AP at your place and don’t need roaming? That’s nice, but writing software is about making things work smoothly for everybody. Which is what background scanning is all about.

wpa_supplicant D-Bus Interface 2.0

Over the summer, Witold Sowa rocked AP mode support in NetworkManager (though I still have to merge it), and as part of that hugely rewrote the D-Bus interface to wpa_supplicant that I wrote back in 2007. In conjunction with the upstream mac80211-based kernel drivers (sorry Broadcom and ralink, no soup for you) we’ll get better failure information, finer-grained control over wifi connections, faster reconnections, better handling of link dropouts, AP mode support, great roaming behavior, better power-saving for awesome netbook performance, and a lot of other stuff. Jouni already merged most of the supplicant patches so soon we’ll be rocking the wifi goodness bullet train.

And just one more thing…

Did somebody say Bluetooth DUN?

On different note, I did about 75% of the work to get bluetooth Dial-Up Networking support going this weekend. It’s too late to land in a 0.8 release later this month but first on the merge list for 0.8.1. Setup will be just as smooth as PAN setup, configuring your mobile broadband provider when you pair the phone and one-click connection after that. DUN gets requested a lot, and now with ModemManager backing our mobile broadband support, there’s enough flexibility to handle most of the really crappy phones out there. Honestly PAN just works better, but whatever.

More later. Peace out kids.

Unwire with NetworkManager

Dude, it's just easier with NetworkManager... — Dude, life's just easier with NetworkManager...

I cleaned up NetworkManager’s Bluetooth PAN support (originally by Bastien) to show Bluetooth devices in the nm-applet menu. Then I put together this walk-through to show how easy life is these days. DUN support needs a bit more work (it’s more complicated but also more capable); but tons of phones have PAN so let’s get it out there. The plugin support that Bastien recently added to the gnome-bluetooth wizard got us the other 25% of the way towards seamless Bluetooth networking on your desktop.

Pairing Your Phone

So <i>that's</i> what that Bluetooth icon is for! Who'd have thought... — So that's what that Bluetooth icon is for! Who'd have thought...

Obviously we start with the Bluetooth icon, since you need to find your phone and then pair with it.

Kyle was my barista this morning... Apparently she has a MacBook. — Kyle was my barista this morning... She has a MacBook and pulls a mean espresso.

Pick your phone. Hopefully you remembered to turn Bluetooth on and make your phone visible, otherwise do it now and hit the “Rescan” button. As you can see, this is more a tutorial in gnome-bluetooth than NetworkManager right now.

The Money Note

Once you’ve paired and entered the passcode, we finally get into NetworkManager territory. nm-applet installs a gnome-bluetooth plugin that does the magic of creating a Connection for your phone in GConf. And all it takes is checking a box.

Patience! You’re one more click away from all the Facebook and Twitter and MySpace and Flickr and blogging and Googleness you crave so much. It’s just so hard being without this Internet thing for more than a few minutes.

The default connection name wants some fixin'...

How easy was that? You’ll need gnome-bluetooth >= 2.27.7.1, bluez >= 4.42, and git master of both NetworkManager and network-manager-applet. Packages for Rawhide soon.

NetworkManager and ConnMan

Lately ofono and ConnMan have been in the news, and that’s sparked some discussion about how these two projects relate to NetworkManager. I’ve mostly just been ignoring that discussion and focusing on making NetworkManager better. But at some point the discussion needs to become informed and the facts need to be straightened out.

So what makes NetworkManager great?

Flexibility: NM’s D-Bus interface provides a ton of control and information about the network connections of your machine. Developers and applications simply don’t take enough advantage of this. Imagine mail automatically pulled whenever the corporate VPN is up. Or more restrictive firewalls when connected to public networks. Yeah, you can do that today with NetworkManager.
Works everywhere: from the mainframe to the power desktop to the netbook and lower. There’s nothing stopping you from running NetworkManager on an s390 or a Palm Pre.
Integration: most users like NetworkManager’s distro integration, so it’s on by default (but can be turned off for running bare-metal). NM will read your distro’s network config files: ifcfg on Fedora, /etc/network/interfaces on Debian, etc. It doesn’t pretend the rest of the world doesn’t exist, but it can if you tell it to.
Connection Sharing: you can share your 3G connection to the wired or the wifi interface, or the other way around. How you share is completely up to you.
VPN: it’s got plugins for Cisco (vpnc), openvpn, openconnect, and pptp. An ipsec/openswan plugin is being written. It’s just easy to use the VPN of your choice.
Makes Linux better: by not working around stupid vendor drivers or other broken components, NetworkManager drives many improvements in drivers, kernel APIs, the supplicant, and desktop applications. Five years ago I posted a list of wifi problems, many of which got fixed because NetworkManager users complained about them. Stuff like WPA capability fixes, hidden SSID fixes, suspend/resume improvements, Ad-Hoc mode fixes, and lots of improvements to wpa_supplicant to name just a few. By encouraging drivers to be open, by fixing bugs in the open drivers and the stack instead of hacking around them, and by encouraging vendors to work upstream, NetworkManager makes Linux better for you.

What great stuff is coming next?

Bluetooth
IPv6
Bridging
Getting rid of HAL
ModemManager and better mobile broadband

All in all, a lot of great stuff is on the plate. NetworkManager already works well for a ton of people, but we’d like to make it work better for a lot more people. And it will.

So what about ConnMan?

I recently came across a slide deck about ConnMan which makes both disappointing and inaccurate claims about NetworkManager. It’s also worth emphasizing the philosophical differences between the two projects.

First, ConnMan primarily targets embedded devices, netbooks, and MIDs (slide #1). When ConnMan was first released in early 2008, NetworkManager 0.7 was under heavy development, and NetworkManager 0.6 clearly did not meet the requirements. But 0.7, released in November 2008, works well for a wide range of use-cases and hardware platforms.

NetworkManager scales from netbooks, MIDs, and embedded devices with custom-written UIs to desktops to large systems like IBM’s s390. You get the best of both worlds: from phenomenal cosmic power down to itty-bitty living space.

ConnMan explicitly doesn’t try to integrate with existing distributions (slide #5), partly due to it’s requirements to be as light-weight as possible. But NetworkManager will use your distro’s normal network config and startup scripts if you tell it to do (but you don’t have to). Early in NetworkManager days we tried to ignore the rest of the world too. Turns out that doesn’t work so well; users demand integration with their distribution. But ConnMan doesn’t pretend to be general purpose, and due to its embedded focus, it can wave this issue away.

Both ConnMan and ofono reject well-established technologies like GObject (but still uses glib) in favor of re-implementing much of GObject internally anyway. This is a curious decision as GObject is not a memory hog and not a performance drag for these cases. The NIH syndrome continues with libgppp, libgdhcp, and libgdbus, where instead of improving existing, widely-used tools like dhclient/dhcpcd, pppd, and dbus-glib, ConnMan opts to re-implement them in the name of being more “lightweight”. With embedded projects that ConnMan targets (like Maemo and Moblin) already using GObject and dhcpcd, I don’t understand why this tradeoff was made. Perhaps this visceral dislike of GObject and dbus-glib was one reason the project’s creators decided to write their own connection manager instead of helping to improve existing ones.

NetworkManager in contrast re-uses and helps improve components all over the Linux stack. Because of that, more people benefit from the fixes and improvements that NetworkManager drives in projects like avahi, wpa_supplicant, the kernel, pppd, glib, dbus-glib, ModemManager, libnl, PolicyKit, udev, etc.

Taking a look at the deck

I have things to say about most of the slides, but I’ll concentrate on the most interesting and misinformed ones instead.

Very Complex Design: a complete strawman, because it doesn’t say anything. NetworkManager 0.7 is a mature project with many useful features. NM is based around a core of objects, each one performing actions based on signals and events from other objects. It’s modular and flexible. It’s just not a ConnMan-style box of lego blocks with a rigid plugin API and all the problems that causes.
Large Dependency List: NM requires things like wpa_supplicant, udev, dbus, glib, libuuid, libnl, and a crypto library. pppd and avahi are optional. This list is certainly not large. When you take ConnMan and its optional dependencies (most of which are needed in a useful system) the list is just about the same.
Too Much Decision-making in the UI: Completely bogus and frankly incomprehensible. The core NM daemon provides a default policy which is in no way connected to the UI, and the rest is up to the user. nm-applet contains no policy whatsoever. If the objection is to nm-applet’s desktop-centric interaction model, then it’s important to know there is no lack of applets for different use-cases.
Tries to work around distro problems: this is completely a matter of perspective. Since Intel was creating its own Linux distribution (moblin), they didn’t have to work around any existing issues; these were simply waved away. Unfortunately NetworkManager lives in the world of reality and not some universe full of ponies. For users that expect it, NetworkManager integrates with your distros existing network config, init scripts, and DNS resolution. For users that don’t care, NetworkManager can run bare-metal.
Too much GNOME-like source code: seriously, what the hell? I’m not sure where to begin with this one. The NetworkManager core does not depend on GNOME. At all. Yeah, the source-code is in the Gnome style, but is that seriously an issue?

Uninformed diagram of NetworkManager architecture

(Misinformation shaded blue for your protection)

The User Settings service is contained in the applet, and it’s completely optional. The System Settings service has been merged back into the NetworkManager core daemon and is no longer a separate process. That same commit ported NM from HAL to udev; thus HAL is no longer required. NetworkManager always used HAL/udev for device detection instead of RTNL (ie, netlink). NetworkManager also hasn’t used WEXT for a long time; wpa_supplicant handles kernel wireless configuration. NetworkManager uses distro networking scripts only for service control, as does ConnMan. The rest of the slide is quite petty and just splits hairs.

Where to?

It’s unlikely that either NetworkManager or ConnMan will disappear in the near future. That means we’ll all have to live with two mutually exclusive connection managers and two completely different network configuration systems. I think that’s pretty pointless, but I don’t get the last word anyway, since that’s not how Open Source works. The users will decide which solution works best for them. And that means NetworkManager will keep getting better, keep getting more useful, and will continue to be the easiest network management solution around.

I voted

You should too. That’s how this whole community thing works.

Fedora 11 is out!!!!1111

There’s waaaay too much awesome going on in the Fedora community right now. I mean it. A TON. So much it hurts.

If you don't run Fedora 11 he'll eat you...

Fedora 11 released, community rejoices

It’s out, no secret. Install it. Packed with over 50 rocking features like faster startup, automatic font installation, DeviceKit, lickable kernel modesetting for Intel, ATI, and NVIDIA, Firefox 3.5, Gnome 2.26, ext4, KDE 4.2… THE AWESOME DOES NOT STOP.

So much hard work from the Fedora community went into Fedora 11 to make your life better. Mad props to the Fedora Artwork team too, the graphics in F11 are stunning. I started at Red Hat in 2003 during the Fedora Core 1 cycle, and with every Fedora release it’s been a great pleasure to watch how the community continues to grow rapidly and contributes so much more each release. Fedora has truly been a community project for years now, and Fedora 11 shows just how great the community can be when everyone pulls together. People are awesome. Which brings us to the next stage…

Packaging²

If you have the right tools, tools that help you do what you came to do and don’t get in your way. And that’s what Fedora Community is; it’s the next step in helping people make a better Fedora. Building better software like Fedora only gets you so far; to keep getting better you need to make the people that make the software better. That means giving the community the tools it needs to be more efficient, turn ideas into features, and collaborate more effectively. Fedora Community helps fill that need. It only gets better from here.

HAL is dead; all hail udev

Over the past few days I’ve exorcised HAL from NetworkManager’s ‘master’ branch. Instead, we go bare-metal with libgudev. cgit’s diffstat lies, here are the real numbers:

 86 files changed, 5244 insertions(+), 6755 deletions(-)

Net loss of 1511 lines of code. Not bad for a few days’ work. Besides killing HAL, this patch merges nm-system-settings into NetworkManager. Why do you care? Here’s why: fewer running processes, less latency, and cleaner internal code. We just keep scaling up from here. Next up: nm-applet and ModemManager.

Face transplants are the new Botox

When we were adding multiple active device support to NetworkManager 0.7, Bryan Clark and Mike Langlie redesigned much of the applet and kicked out some great mock-ups. Turns out GtkMenu doesn’t work well for multiple connections or multiple active devices. While it’s served us well, the applet’s GtkMenu-based code should be sent to the slaughterhouse and rendered down into tasty, tasty animal fat. Even though the new design work was done in January 2008, I only blogged about the mock-ups in June last year because I suck. I’ve had them sitting in my inbox for 18 months, because between getting NM 0.7 out, mobile broadband, and all the rest of the awesomeness that 0.7.1 brought, there hasn’t been any time to sit down and actually do the redesign. But that shouldn’t stop discussions about how excellent nm-applet can become.

In the Operating Room

Ignore the title bar. These are old; we don’t want a title-bar any more. Instead, just a custom widget like the Volume applet. So here you go:

The user has an active wired connection, and an inactive wireless device. Note that only your favorite wifi networks (ie, ones you’ve explicitly connected to before) appear in the list. People often see 10 or 20 wifi networks, and list all those in the menu is mostly useless. There’s a tradeoff between the easy first-time wifi network discovery, which would now take one more click (of “Show”), but only listing the networks you actually use makes the UI a lot cleaner. And nicer for netbooks. The new design also shows more relevant detail, like security settings, in plain language.

netmgr_02

Here the user has connected to a favorite network, and the wired interface is now inactive. Grouping the security information, the SSID, and the actions the user can perform gives a certain focus the old applet could not. Irrelevant information simply doesn’t show up.

netmgr_03

If you’ve used a VPN with this network before (or tied it to the wifi network) it should probably show up too. This part needs more thought, because VPNs are really independent of the underlying network connection, but often should be “tied” them to a specific connection or two. But what it gets right is to group the things you probably want to do near each other.

netmgr_05

So what if you do want to see everything? Well, hit the “Show” button and you get the list of course. We can probably do better than a scrollbar here, but whatever; they’re mockups. Maybe we can be more intelligent about scanning too.

An Updated Face for 2009

2008 is not 2009. And that’s why Jon McCann and I sat down a few weeks ago and worked through things people care about now. Hot off the whiteboard after a trip through the Gimp:

Immediately you’ll notice the strong resemblance Bryan and Mike’s work from over a year ago. To their credit, Jon and I think the same core concepts still hold. We took a look at how mobile broadband would fit in. We split out the icons to show each device type individually, though this needs more thought too, since you don’t care that much what your wifi signal strength is when you’re on 3G. But you do care how good your 3G is when it’s not connected, since you want to know whether you can even hop onto 3G or not in the first place. Thoughts? Comments? Flames?

Windows 7++?

Much to our surprise, Windows 7 looks a lot like what Bryan and Mike sketched out over 18 months ago. Sooo ahead of their time. Yeah, the coloring is different, and yeah it’s got a bunch of questionable Microsoft bling, but Windows 7’s network applet looks and feels a lot like the nm-applet mockups from January 2008. But I think we can do better, by making networking clearer and more concise. Apple’s Airport applet is probably too minimal, but Microsoft’s is probably too complex. Somewhere in the middle is where nm-applet was planning to be and should be: get you connected with a minimum of steps, and put what you need in one convenient place.

Everyday Simplicity

Sounds like something Martha Stewart would sell at K-Mart, but it’s what software should aim for. Let the users do what they came to do, then get the hell out of the way and let them do it. Don’t show options that the users don’t need on a daily basis, but make them available elsewhere in a click or two. Keep the interaction streamlined, simple, and clean. Don’t clutter it up with unnecessary options. If it’s not used on a daily basis, it probably shouldn’t be seen on a daily basis. That’s what nm-applet should do.

So let’s make it do that. Prototyping the concepts in a Python applet would be a great first step. After being kicked around the court a few times, we implement them in nm-applet. Debuting NetworkManager 0.8 with a sexy new interface would make your momma proud. Any takers?

A•B•C Delicious

Hmm, some Internets would be good here...

Sometimes You’re on a Train

And you need some internet. You know, to giggle over the funny lolcats like a vapid schoolgirl or figure out just what Bobby Love is really up to these days or God forbid, get some actual hacking done. What’s a person to do? You could pull out your iPhone, but the guy across the table with the Sierra card says AT&T is shite on this part of the corridor. Besides, you don’t have an iPhone, and the iPhone can’t tether anyway. Useless. Or, you could pull out your T-Mobile G1 Googlephone and make rlove proud. Oh wait, it can’t tether either. Nice try.

You could get out your cable and hook up a real phone that can tether, like most other phones on the planet besides the iPhone and the G1. But then again…

Wires Suck

That’s where Bluetooth tethering comes in. There’s a few reasons Bluetooth support hadn’t yet got into NetworkManager, mostly related to lack of time and good planning of the user experience. Bastien and I talked over a lot of it last summer in Portland and came up with a strategy, which was spelled out in various places, but nobody really followed it through. Bluetooth support can’t just be a hack; it shouldn’t be “Type your modem device name here”-style fail; it should be well-integrated into the desktop experience. And that requires doing the right things in the right places. The first step towards that goal was ModemManager, which pulls all the modem code out of NetworkManager into a nicely architected daemon that abstracts the hardware differences. The next step was making NetworkManager talk to Bluez.

But Bluetooth Kicks Ass

Since Bastien apparently had nothing better to do, and since his favorite team was probably losing as hard as only they can and thus pointless to watch, he showed up with a pile of patches adding Bluetooth bits to NetworkManager. At the end of the week, we’d got core Bluetooth PAN working pretty well on master, while DUN has to wait a bit until some ModemManager issues get sorted out. Next up is creating the seamless Bluetooth desktop experience from pair to air by adding the necessary bits to the applet and connection editor. But the heavy lifting on the NetworkManager side is mostly done. Thanks to Bastien, NetworkManager 0.8 will ship with native Bluetooth support that doesn’t suck.

I was told there’d be cookies?

Land of Confusion

Since NetworkManager 0.7 came out, there’s one issue that’s been causing confusion with lots of users: hashed network keys. That passphrase you type into the box when you connect to a WiFi network using any OS isn’t what actually gets used; instead it’s hashed to come up with the real key. There are a few different ways to enter an encryption key for a WiFi network, so bear with me:

Hex: works with both WEP and WPA, and is the most compatible since it actually is exactly what gets sent to the driver as the encryption key. For WEP, this is either a 10 character (for 40-bit WEP) or a 26 character (for 104-bit WEP) string composed of hexadecimal characters. For WPA it’s a 64 character hexadecimal string. Typing in 64 hexadecimal characters gets old pretty fast, which leads us to…
Passphrase: a string of arbitrary characters that is hashed into the actual key to be used. WEP passphrases have no real size restrictions, and are repeated into a 64-byte buffer before being hashed with MD5. At least the creators of WPA learned from experience, specifying that WPA passphrases are between 8 and 63 characters inclusive, which means you can actually autodetect whether it’s a passphrase or a hex key, unlike WEP passphrases. WPA passphrases are hashed using SHA-1 into the real encryption key.
ASCII key: Thanks, Lucent. The original WaveLAN cards used passphrases of 5 or 13 ASCII characters, which some drivers and people still use for God knows what reason. To hash it, take the two-byte ASCII value of each character and stuff them into a buffer. Not secure at all.
Apple passwords: in their infinite wisdom, Apple chose a completely different hashing mechanism for WEP. This means that to connect a non-Apple computer to an Airport WEP network, you need the “Compatible Network Password”, ie the hexadecimal WEP key. At least they stuck with the standard for WPA.

The huge pain with WEP is that you simply cannot autodetect what type of key the user has entered. Since WEP passphrases can also be composed of 10 or 26 hexadecimal characters, it’s impossible to differentiate between a WEP hex key, a WEP passphrase, or a WEP 104-bit ASCII key. Which means the user has to know what WEP key type they are using. FAIL. They also have to know whether the network uses 40-bit or 104-bit encryption, and whether it uses Shared Key authentication or Open System authentication. That’s 12 different possible WEP configurations.

WEP == MASSIVE USER FAIL

In any case, NetworkManager 0.7 required pre-hashed keys for reasons I don’t accurately remember, possibly related to bad trips from the NM 0.6 API that I mis-designed. So the applet hashed your passphrase right after you entered it and stored the hashed key in the keyring. Unfortunately, when the driver failed to connect and NetworkManager asked for your secrets again, all you saw was something you certainly don’t remember typing in. While this actually was your passphrase, and it would work when you hit OK, it certainly was confusing.

Change We Can Believe In

As of Saturday, you’ll always see what you typed in. The real fix is to simply connect the first time and never ask for your passphrase again, but that’s almost always due to driver and supplicant bugs that can and should be fixed; I’ve spent weeks of my life doing just that. Of course, that can only reliably happen in open-source drivers; at least when we find the bugs we can fix them. Which is why you really don’t want any of these.

You will upgrade to NetworkManager 0.7.1

It’s awesome. This guy loves it. So does your mom since I installed it on her laptop last night. That means you’ll love it too.

NetworkManager nm-applet NetworkManager-vpnc NetworkManager-openvpn NetworkManager-pptp NetworkManager-openconnect

Tons of bugs fixed and new features implemented due to popular demand.

Support for more mobile broadband devices and phones
Plays better with stupid wifi and ethernet drivers
Support for rfc3442 classless static routes
The default “Auto eth0” connection is now read/write
Compatibility fixes for 802.1x PEAP authentication and 3G/PPP connections
Reduced wakeups for power saving awesomeness
Ability to deny specific devices the default route
More correct display of wifi signal strength
Custom IPv4 settings for mobile broadband connections
More informative display of network device state
Less annoying password behavior in the vpnc plugin
OpenVPN HMAC authentication and IP configuration fixes

This release fixes more than 50 bugs, including 17 from Fedora, 22 from GNOME, 6 from Ubuntu, and 3 from Debian. Packages are already in updates-testing for Fedora. If you don’t use Fedora, and your distro doesn’t have 0.7.1 soon, then you need to harrass them until they get it