Document more network profile parameters
Some of the recently added wpa_supplicant network profile parameters were not documented in wpa_supplicant.conf. Add these there based on the documentation in config_ssid.h. Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
This commit is contained in:
Jouni Malinen
Jouni Malinen
parent
4ea4df529d
commit
bc908daace
1 changed files with 44 additions and 0 deletions
|
|
@ -1472,6 +1472,50 @@ fast_reauth=1
|
||||||
# 2: do not allow PFS to be used
|
# 2: do not allow PFS to be used
|
||||||
#dpp_pfs=0
|
#dpp_pfs=0
|
||||||
|
|
||||||
|
# Whether Beacon protection is enabled
|
||||||
|
# This depends on management frame protection (ieee80211w) being enabled.
|
||||||
|
#beacon_prot=0
|
||||||
|
|
||||||
|
# OWE DH Group
|
||||||
|
# 0: use default (19) first and then try all supported groups one by one if AP
|
||||||
|
# rejects the selected group
|
||||||
|
# 1-65535: DH Group to use for OWE
|
||||||
|
# Groups 19 (NIST P-256), 20 (NIST P-384), and 21 (NIST P-521) are
|
||||||
|
# currently supported.
|
||||||
|
#owe_group=0
|
||||||
|
|
||||||
|
# OWE-only mode (disable transition mode)
|
||||||
|
# 0: enable transition mode (allow connection to either OWE or open BSS)
|
||||||
|
# 1 = disable transition mode (allow connection only with OWE)
|
||||||
|
#owe_only=0
|
||||||
|
|
||||||
|
# OWE PTK derivation workaround
|
||||||
|
# Initial OWE implementation used SHA256 when deriving the PTK for all
|
||||||
|
# OWE groups. This was supposed to change to SHA384 for group 20 and
|
||||||
|
# SHA512 for group 21. This parameter can be used to enable older
|
||||||
|
# behavior mainly for testing purposes. There is no impact to group 19
|
||||||
|
# behavior, but if enabled, this will make group 20 and 21 cases use
|
||||||
|
# SHA256-based PTK derivation which will not work with the updated
|
||||||
|
# OWE implementation on the AP side.
|
||||||
|
#owe_ptk_workaround=0
|
||||||
|
|
||||||
|
# Transition Disable indication
|
||||||
|
# The AP can notify authenticated stations to disable transition mode
|
||||||
|
# in their network profiles when the network has completed transition
|
||||||
|
# steps, i.e., once sufficiently large number of APs in the ESS have
|
||||||
|
# been updated to support the more secure alternative. When this
|
||||||
|
# indication is used, the stations are expected to automatically
|
||||||
|
# disable transition mode and less secure security options. This
|
||||||
|
# includes use of WEP, TKIP (including use of TKIP as the group
|
||||||
|
# cipher), and connections without PMF.
|
||||||
|
# Bitmap bits:
|
||||||
|
# bit 0 (0x01): WPA3-Personal (i.e., disable WPA2-Personal = WPA-PSK
|
||||||
|
# and only allow SAE to be used)
|
||||||
|
# bit 1 (0x02): SAE-PK (disable SAE without use of SAE-PK)
|
||||||
|
# bit 2 (0x04): WPA3-Enterprise (move to requiring PMF)
|
||||||
|
# bit 3 (0x08): Enhanced Open (disable use of open network; require
|
||||||
|
# OWE)
|
||||||
|
|
||||||
# SAE-PK only mode (disable transition mode)
|
# SAE-PK only mode (disable transition mode)
|
||||||
# 0: enable transition mode (allow SAE authentication without SAE-PK)
|
# 0: enable transition mode (allow SAE authentication without SAE-PK)
|
||||||
# 1: disable transition mode (allow SAE authentication only with SAE-PK)
|
# 1: disable transition mode (allow SAE authentication only with SAE-PK)
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue