mirror of
https://github.com/vanhoefm/fragattacks.git
synced 2024-11-28 10:18:21 -05:00
Document more network profile parameters
Some of the recently added wpa_supplicant network profile parameters were not documented in wpa_supplicant.conf. Add these there based on the documentation in config_ssid.h. Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
This commit is contained in:
parent
4ea4df529d
commit
bc908daace
@ -1472,6 +1472,50 @@ fast_reauth=1
|
||||
# 2: do not allow PFS to be used
|
||||
#dpp_pfs=0
|
||||
|
||||
# Whether Beacon protection is enabled
|
||||
# This depends on management frame protection (ieee80211w) being enabled.
|
||||
#beacon_prot=0
|
||||
|
||||
# OWE DH Group
|
||||
# 0: use default (19) first and then try all supported groups one by one if AP
|
||||
# rejects the selected group
|
||||
# 1-65535: DH Group to use for OWE
|
||||
# Groups 19 (NIST P-256), 20 (NIST P-384), and 21 (NIST P-521) are
|
||||
# currently supported.
|
||||
#owe_group=0
|
||||
|
||||
# OWE-only mode (disable transition mode)
|
||||
# 0: enable transition mode (allow connection to either OWE or open BSS)
|
||||
# 1 = disable transition mode (allow connection only with OWE)
|
||||
#owe_only=0
|
||||
|
||||
# OWE PTK derivation workaround
|
||||
# Initial OWE implementation used SHA256 when deriving the PTK for all
|
||||
# OWE groups. This was supposed to change to SHA384 for group 20 and
|
||||
# SHA512 for group 21. This parameter can be used to enable older
|
||||
# behavior mainly for testing purposes. There is no impact to group 19
|
||||
# behavior, but if enabled, this will make group 20 and 21 cases use
|
||||
# SHA256-based PTK derivation which will not work with the updated
|
||||
# OWE implementation on the AP side.
|
||||
#owe_ptk_workaround=0
|
||||
|
||||
# Transition Disable indication
|
||||
# The AP can notify authenticated stations to disable transition mode
|
||||
# in their network profiles when the network has completed transition
|
||||
# steps, i.e., once sufficiently large number of APs in the ESS have
|
||||
# been updated to support the more secure alternative. When this
|
||||
# indication is used, the stations are expected to automatically
|
||||
# disable transition mode and less secure security options. This
|
||||
# includes use of WEP, TKIP (including use of TKIP as the group
|
||||
# cipher), and connections without PMF.
|
||||
# Bitmap bits:
|
||||
# bit 0 (0x01): WPA3-Personal (i.e., disable WPA2-Personal = WPA-PSK
|
||||
# and only allow SAE to be used)
|
||||
# bit 1 (0x02): SAE-PK (disable SAE without use of SAE-PK)
|
||||
# bit 2 (0x04): WPA3-Enterprise (move to requiring PMF)
|
||||
# bit 3 (0x08): Enhanced Open (disable use of open network; require
|
||||
# OWE)
|
||||
|
||||
# SAE-PK only mode (disable transition mode)
|
||||
# 0: enable transition mode (allow SAE authentication without SAE-PK)
|
||||
# 1: disable transition mode (allow SAE authentication only with SAE-PK)
|
||||
|
Loading…
Reference in New Issue
Block a user