Document more network profile parameters

Some of the recently added wpa_supplicant network profile parameters
were not documented in wpa_supplicant.conf. Add these there based on the
documentation in config_ssid.h.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
This commit is contained in:
Jouni Malinen 2020-06-06 11:47:12 +03:00 committed by Jouni Malinen
parent 4ea4df529d
commit bc908daace

View File

@ -1472,6 +1472,50 @@ fast_reauth=1
# 2: do not allow PFS to be used
#dpp_pfs=0
# Whether Beacon protection is enabled
# This depends on management frame protection (ieee80211w) being enabled.
#beacon_prot=0
# OWE DH Group
# 0: use default (19) first and then try all supported groups one by one if AP
# rejects the selected group
# 1-65535: DH Group to use for OWE
# Groups 19 (NIST P-256), 20 (NIST P-384), and 21 (NIST P-521) are
# currently supported.
#owe_group=0
# OWE-only mode (disable transition mode)
# 0: enable transition mode (allow connection to either OWE or open BSS)
# 1 = disable transition mode (allow connection only with OWE)
#owe_only=0
# OWE PTK derivation workaround
# Initial OWE implementation used SHA256 when deriving the PTK for all
# OWE groups. This was supposed to change to SHA384 for group 20 and
# SHA512 for group 21. This parameter can be used to enable older
# behavior mainly for testing purposes. There is no impact to group 19
# behavior, but if enabled, this will make group 20 and 21 cases use
# SHA256-based PTK derivation which will not work with the updated
# OWE implementation on the AP side.
#owe_ptk_workaround=0
# Transition Disable indication
# The AP can notify authenticated stations to disable transition mode
# in their network profiles when the network has completed transition
# steps, i.e., once sufficiently large number of APs in the ESS have
# been updated to support the more secure alternative. When this
# indication is used, the stations are expected to automatically
# disable transition mode and less secure security options. This
# includes use of WEP, TKIP (including use of TKIP as the group
# cipher), and connections without PMF.
# Bitmap bits:
# bit 0 (0x01): WPA3-Personal (i.e., disable WPA2-Personal = WPA-PSK
# and only allow SAE to be used)
# bit 1 (0x02): SAE-PK (disable SAE without use of SAE-PK)
# bit 2 (0x04): WPA3-Enterprise (move to requiring PMF)
# bit 3 (0x08): Enhanced Open (disable use of open network; require
# OWE)
# SAE-PK only mode (disable transition mode)
# 0: enable transition mode (allow SAE authentication without SAE-PK)
# 1: disable transition mode (allow SAE authentication only with SAE-PK)