WEP isn't supported as part of WPS, it's not in the standard and the AP shouldn't support it.

That said, if we detect that the AP is in WEP mode, then we shouldn't offer WPS as a way to connect.

Dan: If you use the correct WEP encryption in that case did your Fab4 connect. Or asked differently, except for the wrong wording and too many choices, did it work?

Dean: I disagree, I know WEP and WPS isn't officially supported (and it doesn't make much sense security wise), but as long as it works why shouldn't we offer it and force people to enter the WEP key manually?

Don't we have enough customers who complain about how hard it is to enter a WEP key, don't know the length or don't know how to convert that WEP key in their router to the ascii thingy?

I think we should fix the wording on screen 7G and make sure only WEP password options show up if the user still decides to enter the WEP key manually.

I am concerned about making changes in flow this late in the release for the MP firmware, especially for an edge case. Felix, can you see how hard this would be to correct, and attach a patch to this bug for review.

Dean-- With the router configured for WEP (or any other encryption) I could successfully connect using either WEP or WPS.  Both seemed to work fine.

Felix-- The answer to your question is: it connected just fine.  It was the wrong wording and too many choices that I call attention to.

Richard-- I rather agree that this is a fringe case now, but it may become less so in the future.  If this misses MP I won't complain.

Well, the issue is that routers which allow WPS and WEP seem not to set the [WEP] flag in the beacon, but only the [WPS] one if this combination is selected.

I only have two routers which allow that combination to test with and they both do that.

And since the [WEP] flag is not set we cannot offer the proper encryption method.

Dan: Which router did you try?

There are two parts to this bug as Dan reported it.  Proposing following solutions:

1. WPA password copy on WPS screen:

We should change the copy from "Enter WPA Password" to "Enter Wireless Password". That should eliminate this part of the problem.

---------------------------------

2. As per the designed flow, if "Enter Wireless Password" is selected, the system should present the appropriate follow-up screen depending on whether WPA or WEP is being used. If WEP, go to screen 8 (choose 10 character or 26 character etc); if WPA, jump directly to screen 9 (Enter Wireless Password/Key).

It sounds like the user is currently being taken to the "7E" version, which is designed for the hidden SSID case.

http://embargo.wiki.slimdevices.com/index.php/New_Setup_Wizard

FOLLOW-UP NOTE: re: Felix's comment: if it turns out we can't always reliably detect WPA vs. WEP (is this the issue?), I'm OK with going to screen 7E, since this is a bit of an edge case.  Behavior should probably be consistent though (either always differentiate between WEP and WPA here, or if we can't reliably do that, always go to the "screen 7E" version).

Let's change the copy in comment #6.1 for MP. Leave the flow for now, and we can adjust that later.

Actually I've just tried this with my router here, and it does go to the Enter Your Password window. So I think the flow is correct, and if the router advertises the encryption method correctly we already do the right thing.

So the only actions are:
1. Fix the "Enter WPA Password" copy
2. File a bug with your router vendor

Wording fixed in r5258

While I agree that the second part of this bug can wait until post-MP, the router I tested on was a WRT54G2... arguably an extremely common router.  (to answer Felix's question.)

I was wrong in comment #5. It's not an issue with the APs but with the patch I applied to wpa_supplicant to cope with WPS. The patch assumed that the combination WEP and WPS doesn't exist and omitted the WEP flag if the WPS flag was already set.

Fixed in 7.4 r5600