Updated the wifish script to automatically utilize wpa_passphrase for generating PSK values when configuring new WPA connections. This removes the need for manual handling of raw passphrases in some environments, improving compatibility with wpa_supplicant configuration standards. The tool continues to fall back to the raw passphrase if wpa_passphrase is unavailable.

Moved the installation directory for awk scripts from /var/lib/wifish to /usr/local/share/wifish for better compliance with the Filesystem Hierarchy Standard. The runtime script loading was also improved to iterate through an $AWK_LOCATIONS list, scanning standard installation directories and local paths for the necessary libraries. This brings more robustness and corrects static assets being stored in state directories.

Connections to WPA-EAP networks previously failed due to an incorrectly cased authentication parameter. The phase 2 authentication type was adjusted from MSCHAPv2 to MSCHAPV2 to ensure proper parsing by wpa_supplicant. Users relying on PEAP for enterprise Wi-Fi should now be able to connect reliably.

The test harness was creating temporary files with a mktemp template that works on some systems but fails with BusyBox. This change switches to a six-X suffix format, which matches BusyBox's expectations and makes the test script more portable in minimal or embedded environments. Practical effect: the test suite should now run cleanly on BusyBox-based systems instead of failing before the real assertions execute.

When using busybox, the mktemp command requires the file template to end with exactly six X characters to properly generate a temporary file. The template string for Wi-Fi scan results was updated to append XXXXXX at the end of the filename instead of having it embedded before the suffix. This minor but essential fix ensures wifish works reliably on embedded systems and minimal environments that rely on busybox.

wifish now supports passing a specific interface to wpa_cli using either the -i <INTERFACE> command-line flag or the WPA_CLI_INTERFACE environment variable. This enhancement allows the script to easily handle systems with multiple wireless interfaces rather than relying on default behavior. Providing explicit interface selection brings much-needed flexibility for users operating more complex networking setups.

The default behavior of wifish has been updated to include a short network scan automatically. By increasing the default SCAN_SECONDS from 0 to 2, the tool will now wait for a brief period to discover available networks rather than immediately relying on cached results. This small adjustment should provide a more reliable out-of-the-box experience without requiring manual configuration.

The wifish script had a classic shell redirection bug where checking for the dialog utility used 2>&1 >/dev/null, which binds stderr before stdout is redirected and causes errors to leak. We've corrected the order to >/dev/null 2>&1 so the check is completely silent. To optimize things further, the script now evaluates this once and checks a local variable instead of re-running the command in the menu function, resulting in cleaner console output.

Swapped out external awk calls for native shell parameter expansion when extracting username:password credentials in wifish. This avoids spawning unnecessary subprocesses for simple string splitting, keeping the script efficient and leaning into built-in shell features. The test suite was also tweaked to verify error handling for invalid default states.

The default SCAN_SECONDS value in wifish has been reduced from 5 to 0. Since a running wpa_supplicant generally maintains a viable list of scanned access points already, forcing a wait for scan results is usually unnecessary. This tweak eliminates a 5-second delay when pulling up the AP menu, though users experiencing issues finding access points can still restore the wait time via environment variables.

This update introduces support for WPA-EAP (PEAP/MSCHAPv2) authentication, allowing users to connect to enterprise Wi-Fi networks requiring a username and password. The prompts have been updated with a new get_userpass function to securely handle credentials input via dialog, standard text, or standard input. This resolves issue #4 and makes the tool viable for corporate and university network environments.

This update squashes a few bugs with POSIX shell syntax spacing in the interactive mode checks that were previously causing errors. It also ensures wpa_cli is properly initialized before checking its availability and introduces initial detection logic for enterprise EAP authentication. These tweaks significantly improve script stability and expand connection capabilities for users.

In preparation for EAP authentication, the WPA encryption setup has been refactored to handle different network protocols more gracefully. The password prompt for standard setups is now isolated to trigger only when WPA-PSK or WPA2-PSK is detected, rather than unconditionally upfront. This structural change ensures that upcoming EAP configurations can handle their own distinct credential logic without clashing.

This change corrects a shell variable mismatch in wifish where the save prompt initialized _yesno but read into yesno, causing the confirmation check to look at the wrong value. By reading into _yesno, the interactive save_config flow now behaves as intended when users choose whether to persist a connection. Practical effect: saving a connection from the prompt should now work reliably instead of silently ignoring input.

The wifish CLI now automatically presents an interactive menu when run without arguments, provided the dialog utility is installed on the system. If dialog isn't found, it gracefully falls back to the standard list text output. This provides a better out-of-the-box user experience without requiring manual configuration of the WIFISH_DEFAULT environment variable.