search

openhab / openhabian

openHABian - empowering the smart home, for Raspberry Pi and Debian systems
https://community.openhab.org/t/13379
ISC License
818 stars 251 forks source link

Unescaped & in wifi password causes authentication failure #1770

Closed sindrebilden closed 1 year ago

sindrebilden commented 1 year ago

Hi, I'm quite new to openHAB but discovered this by a coincidence on my first setup.

Issue information:

I configured openhabian.conf with SSID and a wifi passord. When introducing an unescaped & in the wifi password the authentication fails. It is actually not listed as a character that must be escaped allthough it seems a bit obvious in aftermath. I'm aware of the similar issue and solution #767 and #841, to me it seems like the unescaped & is causing some trouble during the creation of wpa_passphrase or something.

It is solved by escaping the & and is probably not worth looking into more than adding it to the list of characters that must be escaped. Update: Authentication fails after reboot even with escaped &, everything works fine if I change to a password without & at all.

Debug information:

I have masked the SSID and password in the logs. 

# Network configuration was created by wpa_passphrase to ensure correct handling of special characters
network={
    ssid="foobar"
    #psk="foo&bar"
    psk=<generated wpa_passphrase>
    key_mgmt=WPA-PSK
}
2023-04-19_19:49:25_CEST [openHABian] The public internet is not reachable. Please check your local network environment.
                          We have launched a publicly accessible hotspot named openHABian-<n>.
                          Use a device to connect and go to http://raspberrypi.local or http://10.41.0.1/
                          and select the WiFi network you want to connect your openHABian system to.
                          After about an hour, we will continue trying to get your system installed,
                          but without proper Internet connectivity this is not guaranteed to work.
2023-04-19_19:49:25_CEST [openHABian] Waiting for dpkg/apt to get ready... OK
2023-04-19_19:49:45_CEST [openHABian] Updating repositories and upgrading installed packages... OK
bash: /boot/webserver.bash: No such file or directory
2023-04-19_19:49:55_CEST [openHABian] Updating myself from https://github.com/openhab/openhabian, openHAB3 branch... OK
2023-04-19_19:49:57_CEST [openHABian] Starting execution of 'openhabian-config unattended'... OK
2023-04-19_19:49:58_CEST [openHABian] Checking for root privileges... OK
2023-04-19_19:49:58_CEST [openHABian] Updating Linux package information... \ | / - \ | / - \ | / - \ | / - \ | / - \ | / - \ | OK
2023-04-19_19:50:12_CEST [openHABian] Loading configuration file '/etc/openhabian.conf'... /etc/openhabian.conf: line 33: bar: command not found
OK
2023-04-19_19:50:12_CEST [openHABian] Adjusting swap size to 1943 MB... OK (reboot required)

One thing that I found interesting was that the last part of my password was interpreted as a command due to the &, e.g. the password foo&bar would induce the following line:

2023-04-19_19:50:12_CEST [openHABian] Loading configuration file '/etc/openhabian.conf'... /etc/openhabian.conf: line 33: bar: command not found

System information:

I used Raspberry Pi Imager with openHABian 32 bit v1.7.5 on a RPi3B+

mstormi commented 1 year ago

Well I don't see any openHABian issue here ? Happy to take any PR that improves handling, though, if you can come up with any.