diff --git a/src/iwd.network.rst b/src/iwd.network.rst index 08aea77b..cb3afc67 100644 --- a/src/iwd.network.rst +++ b/src/iwd.network.rst @@ -71,6 +71,25 @@ the group name and a ``]`` character. Whitespace is allowed before the ``[`` and after the ``]``. A group name consists of printable characters other than ``[`` and ``]``. +If a group name starts with the ``@`` sign, that group's content is handled +by a parser extension instead and does not cause the previous non-extension +group to end. The initial ``@`` sign must be followed by a non-empty +extension name, another ``@`` sign and a group name as defined above. The +extension name consists of printable characters other than ``@``. No +whitespace is allowed after the group header in this case. The extension +payload syntax and length are determined by the extension name. Normal +parsing rules defined in this section resume at the end of the payload and +any settings after the end of the payload are handled as part of the previous +non-extension group. + +Currently the only extension supported is named pem and allows embedding the +contents of a single RFC7468 PEM-formatted payload or a sequence of multiple +PEM payloads. The payload should start with the ``-----BEGIN`` string on a +line following the group header line and end with an ``-----END`` line as +specified in the RFC. Newline characters before, between and after PEM +payloads are included in the extension payload. No other extra characters +are allowed. + NAMING ====== @@ -114,15 +133,15 @@ The group ``[Settings]`` contains general settings. If enabled, the MAC address will be fully randomized on each connection. This option is only used if [General].AddressRandomization is set to - 'network'. See iwd.config. This value should not be used with + 'network'. See iwd.config. This setting should not be used with [Settings].AddressOverride, if both are set AddressOverride will be used. * - AddressOverride - MAC address string Override the MAC address used for connecting to this network. This option is only used if [General].AddressRandomization is set to 'network'. See - iwd.config. This value should not be used with - [Settings].FullAddressRandomization, if both are set AddressOverride will + iwd.config. This setting should not be used with + [Settings].AlwaysRandomizeAddress, if both are set AddressOverride will be used. Network Authentication Settings @@ -153,7 +172,12 @@ authentication configuration. * - EAP-Method - one of the following methods: - AKA, AKA', GTC, MD5, MSCHAPV2, PEAP, PWD, SIM, TLS, TTLS + AKA, AKA', MSCHAPV2, PEAP, PWD, SIM, TLS, TTLS. + + The following additional methods are allowed as TTLS/PEAP inner + methods: + + GTC, MD5. * - EAP-Identity - string @@ -248,7 +272,7 @@ authentication configuration. provided. Network Configuration Settings -------------------------------- +------------------------------ The group ``[IPv4]`` contains settings for Internet Protocol version 4 (IPv4) network configuration with the static addresses. @@ -343,7 +367,7 @@ directly. This allows IEEE 802.1x network provisioning using a single file without any references to certificates or keys on the system. An embedded PEM can appear anywhere in the settings file using the following -format (this example the PEM is named 'my_ca_cert'): +format (in this example the PEM is named 'my_ca_cert'): .. code-block:: @@ -352,7 +376,7 @@ format (this example the PEM is named 'my_ca_cert'): ----- END CERTIFICATE ----- -After this special group tag its as simple as pasting in a PEM file including +After this special group tag it's as simple as pasting in a PEM file including the BEGIN/END tags. Now 'my_ca_cert' can be used to reference the certificate elsewhere in the settings file by prefixing the value with 'embed:'