3
0
mirror of https://git.kernel.org/pub/scm/network/wireless/iwd.git synced 2024-11-22 14:49:24 +01:00

doc: Update iwd.network.5 with changes from wiki

Fix the AlwaysRandomizeAddress setting name.

Add the stricter specification of the extension syntax.

Clarify that GTC and MD5 can't be used as outer EAP methods with wifi.
This commit is contained in:
Andrew Zaborowski 2020-11-19 21:32:05 +01:00 committed by Denis Kenzior
parent 69e86f4d21
commit 7c7831b53d

View File

@ -71,6 +71,25 @@ the group name and a ``]`` character. Whitespace is allowed before the
``[`` and after the ``]``. A group name consists of printable characters
other than ``[`` and ``]``.
If a group name starts with the ``@`` sign, that group's content is handled
by a parser extension instead and does not cause the previous non-extension
group to end. The initial ``@`` sign must be followed by a non-empty
extension name, another ``@`` sign and a group name as defined above. The
extension name consists of printable characters other than ``@``. No
whitespace is allowed after the group header in this case. The extension
payload syntax and length are determined by the extension name. Normal
parsing rules defined in this section resume at the end of the payload and
any settings after the end of the payload are handled as part of the previous
non-extension group.
Currently the only extension supported is named pem and allows embedding the
contents of a single RFC7468 PEM-formatted payload or a sequence of multiple
PEM payloads. The payload should start with the ``-----BEGIN`` string on a
line following the group header line and end with an ``-----END`` line as
specified in the RFC. Newline characters before, between and after PEM
payloads are included in the extension payload. No other extra characters
are allowed.
NAMING
======
@ -114,15 +133,15 @@ The group ``[Settings]`` contains general settings.
If enabled, the MAC address will be fully randomized on each connection.
This option is only used if [General].AddressRandomization is set to
'network'. See iwd.config. This value should not be used with
'network'. See iwd.config. This setting should not be used with
[Settings].AddressOverride, if both are set AddressOverride will be used.
* - AddressOverride
- MAC address string
Override the MAC address used for connecting to this network. This option
is only used if [General].AddressRandomization is set to 'network'. See
iwd.config. This value should not be used with
[Settings].FullAddressRandomization, if both are set AddressOverride will
iwd.config. This setting should not be used with
[Settings].AlwaysRandomizeAddress, if both are set AddressOverride will
be used.
Network Authentication Settings
@ -153,7 +172,12 @@ authentication configuration.
* - EAP-Method
- one of the following methods:
AKA, AKA', GTC, MD5, MSCHAPV2, PEAP, PWD, SIM, TLS, TTLS
AKA, AKA', MSCHAPV2, PEAP, PWD, SIM, TLS, TTLS.
The following additional methods are allowed as TTLS/PEAP inner
methods:
GTC, MD5.
* - EAP-Identity
- string
@ -248,7 +272,7 @@ authentication configuration.
provided.
Network Configuration Settings
-------------------------------
------------------------------
The group ``[IPv4]`` contains settings for Internet Protocol version 4 (IPv4)
network configuration with the static addresses.
@ -343,7 +367,7 @@ directly. This allows IEEE 802.1x network provisioning using a single file
without any references to certificates or keys on the system.
An embedded PEM can appear anywhere in the settings file using the following
format (this example the PEM is named 'my_ca_cert'):
format (in this example the PEM is named 'my_ca_cert'):
.. code-block::
@ -352,7 +376,7 @@ format (this example the PEM is named 'my_ca_cert'):
<PEM data>
----- END CERTIFICATE -----
After this special group tag its as simple as pasting in a PEM file including
After this special group tag it's as simple as pasting in a PEM file including
the BEGIN/END tags. Now 'my_ca_cert' can be used to reference the certificate
elsewhere in the settings file by prefixing the value with 'embed:'