chromeos/docs/onc_spec.html - Issue 12255005: Adding rule frames to the ONC spec.

Unified Diff: chromeos/docs/onc_spec.html

Issue 12255005: Adding rule frames to the ONC spec. (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src

Patch Set: Created 7 years, 10 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View side-by-side diff with in-line comments

Index: chromeos/docs/onc_spec.html

diff --git a/chromeos/docs/onc_spec.html b/chromeos/docs/onc_spec.html

index 0c44f1e0aea4bf933101f803c0426c41d8cd0199..96fc95d52ba98ce620aae4e828a45ed11b199919 100644

--- a/chromeos/docs/onc_spec.html

+++ b/chromeos/docs/onc_spec.html

@@ -214,7 +214,8 @@

</dd>

</dl>

-

+

+

At least one array (either NetworkConfigurations

and/or Certificates) must be present.

@@ -310,9 +311,9 @@

array of string

Array of strings to append to names for resolution. Items in this array

- should not start with a

- dot. Example: ["corp.acme.org", "acme.org"]. If

- not specified, DHCP values will be used.

+ should not start with a dot. Example:

+ ["corp.acme.org", "acme.org"]. If not

+ specified, DHCP values will be used.

</dd>

@@ -342,10 +343,13 @@

false, otherwise ignored)

string

- Indicates which kind of connection this is. Must be one

- of Cellular,

- Ethernet, WiFi, or

- VPN.

+

+

+ Allowed values are Cellular,

+ Ethernet, WiFi,

+ and VPN.

+

+ Indicates which kind of connection this is.

</dd>

</dl>

@@ -365,8 +369,11 @@

(optional)

string

- Either None

- or 8021X.

+

+

+ Allowed values are None and

+ 8021X.

+

</dd>

@@ -397,9 +404,12 @@

(required)

string

- Must be either IPv4

- or IPv6, describing the type of configuration

- this is.

+

+

+ Allowed values are IPv4

+ and IPv6

+

+ Describes the type of configuration this is.

</dd>

<dt class="field">IPAddress</dt>

@@ -419,8 +429,11 @@

(required)

integer

- Describes the routing prefix. This is a number in the range [1, 32] for

- IPv4 and [1, 128] for IPv6 addresses.

+

+ Must be a number in the range [1, 32] for

David Roche 2013/02/13 12:57:09 Previous lines keep the rule_id span on its own li

pneubeck (no reviews) 2013/02/13 13:09:15 Done.

+ IPv4 and [1, 128] for IPv6 addresses.

+

+ Describes the routing prefix.

</dd>

<dt class="field">Gateway</dt>

@@ -430,9 +443,9 @@

string

Describes the gateway address to use for the configuration. Must match

- address type specified in

- Type field. If not specified, DHCP values will

- be used. </dd>

+ address type specified in Type field. If not

+ specified, DHCP values will be used.

+ </dd>

<dt class="field">NameServers</dt>

<dd>

@@ -521,9 +534,13 @@

(required)

string

- One of None, WEP-PSK,

- WEP-8021X, WPA-PSK,

- WPA-EAP.

+

+ Allowed values

+ are None, WEP-PSK,

David Roche 2013/02/13 12:57:09 rule_id on own line, and separating the two value

pneubeck (no reviews) 2013/02/13 13:09:15 Done.

+ WEP-8021X,

+ WPA-PSK, and

+ WPA-EAP.

+

</dd>

@@ -613,9 +630,13 @@

(required)

string

- Type of the VPN, one of

- IPsec, L2TP-IPsec,

- or OpenVPN.

+

+

+ Allowed values are IPsec,

+ L2TP-IPsec, and

+ OpenVPN.

+

+ Type of the VPN.

</dd>

</dl>

@@ -632,7 +653,11 @@

(required)

string

- Either PSK or Cert

+

+

+ Allowed values are PSK and

+ Cert

+

</dd>

<dt class="field">ClientCertPattern</dt>

@@ -662,8 +687,11 @@

is Cert, otherwise ignored)

string

- Either Ref

- or Pattern

+

+

+ Allowed values are Ref and

+ Pattern

+

</dd>

@@ -863,8 +891,8 @@

<h1>OpenVPN connections and types</h1>

- VPN.Type must

- be OpenVPN.

+ VPN.Type must be

+ OpenVPN.

@@ -886,11 +914,17 @@

(optional, defaults to none)

string

+

+

+ Allowed values are none,

+ nointeract, and

+ interact.

+

Controls how OpenVPN responds to username/password verification

- errors. Allowed values are none (fail with

- error on retry), nointeract (retry without

- asking for authentication), and interact (ask

- again for authentication each time).

+ errors: Either fail with error on retry

+ (none), retry without asking for authentication

+ (nointeract), or ask again for authentication

+ each time (interact).

</dd>

<dt class="field">AuthNoCache</dt>

@@ -937,9 +971,13 @@

(required)

string

- Either Ref, Pattern,

- or None. None

- implies that the server is configured to not require client certificates.

+

+

+ Allowed values are Ref,

+ Pattern, and None.

+

+ None implies that the server is configured to

+ not require client certificates.

</dd>

<dt class="field">CompLZO</dt>

@@ -1041,8 +1079,12 @@

(optional, defaults to server)

string

- Require peer certificate signing based on RFC3280 TLS rules. May

- be none or server.

+

+

+ Allowed values are none and

+ server.

+

+ Require peer certificate signing based on RFC3280 TLS rules.

</dd>

<dt class="field">RenegSec</dt>

@@ -1160,9 +1202,8 @@

In order to allow clients to securely key their private keys and request

certificates through PKCS#10 format or through a web flow, we provide

- alternative CertificatePattern

- types. The CertificatePattern type contains the

- following:

+ alternative CertificatePattern types. The

+ CertificatePattern type contains the following:

@@ -1261,15 +1302,19 @@

</dd>

</dl>

+

+

+ One field in Subject,

+ Issuer, or IssuerCARef

+ must be given for a CertificatePattern typed field

+ to be valid.

+

- One field

- in Subject, Issuer,

- or IssuerCARef must be given for a

- CertificatePattern typed field to be valid. For a

- certificate to be considered matching, it must match all the fields in the

- certificate pattern. If multiple certificates match, the certificate with

- the latest issue date that is still in the past, and hence valid, will be

- used.

+ For a certificate to be considered matching, it must match all

+ the fields in the certificate pattern. If multiple certificates match, the

+ certificate with the latest issue date that is still in the past, and hence

+ valid, will be used.

@@ -1293,9 +1338,12 @@

(required)

string

- One

- of Direct, Manual,

- PAC, or WPAD.

+

+

+ Allowed values are Direct,

+ Manual, PAC, and

+ WPAD.

+

PAC indicates Proxy Auto-Configuration.

WPAD indicates Web Proxy Autodiscovery.

</dd>

@@ -1447,8 +1495,11 @@

(optional) string

- Must be either Ref

- or Pattern.

+

+

+ Allowed values are Ref, and

+ Pattern.

+

</dd>

<dt class="field">Identity</dt>

@@ -1475,9 +1526,13 @@

Automatic)

string

- Must be one of Automatic,

- MD5, MSCHAPv2,

- EAP-MSCHAPv2, PAP.

+

+

+ Allowed values are Automatic,

+ MD5, MSCHAPv2,

+ EAP-MSCHAPv2, and

+ PAP.

+

For tunneling outer protocols.

</dd>

@@ -1487,10 +1542,13 @@

(required)

string

- Must be one of LEAP,

- EAP-AKA, EAP-FAST,

- EAP-TLS, EAP-TTLS,

- EAP-SIM or PEAP.

+

+

+ Allowed values are LEAP,

+ EAP-AKA, EAP-FAST,

+ EAP-TLS, EAP-TTLS,

+ EAP-SIM and PEAP.

+

</dd>

<dt class="field">Password</dt>

@@ -1635,17 +1693,21 @@

false, otherwise ignored)

string

- One

- of Client, Server,

- or Authority. Client

- indicates the certificate is for identifying the user or device over HTTPS

- or for VPN/802.1X. Server indicates the

- certificate identifies an HTTPS or VPN/802.1X

- peer. Authority indicates the certificate is a

+

+

+ Allowed values are Client,

+ Server, and

+ Authority.

+

+ Client indicates the certificate is for

+ identifying the user or device over HTTPS or for

+ VPN/802.1X. Server indicates the certificate

+ identifies an HTTPS or VPN/802.1X peer.

+ Authority indicates the certificate is a

certificate authority and any certificates it issues should be

trusted. Note that if Type disagrees with the

- x509 v3 basic constraints or key usage attributes,

- the Type field should be honored.

+ x509 v3 basic constraints or key usage attributes, the

+ Type field should be honored.

</dd>

@@ -1789,7 +1851,8 @@

</dd>

</dl>

-

+

+

When decrypted, the ciphertext must contain a JSON object of

type UnencryptedConfiguration.

« no previous file with comments | « chromeos/docs/onc_spec.css ('k') | no next file » | no next file with comments »