Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(386)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: components/onc/docs/onc_spec.md

Issue 2853563002: ONC: Translate EAP from Shill to ONC (Closed)
Patch Set: Test for empty EAP field and cl format Created 3 years, 7 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« chromeos/network/onc/onc_translator_shill_to_onc.cc ('K') | « chromeos/test/data/network/wifi_eap_ttls.onc ('k') | components/onc/onc_constants.h » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 # Open Network Configuration 1 # Open Network Configuration
2 2
3 [TOC] 3 [TOC]
4 4
5 ## Objective 5 ## Objective
6 6
7 We would like to create a simple, open, but complete format to describe 7 We would like to create a simple, open, but complete format to describe
8 multiple network configurations for WiFi, Ethernet, Cellular, 8 multiple network configurations for WiFi, Ethernet, Cellular,
9 Bluetooth/WiFi-Direct, and VPN connections in a single file format, in order 9 Bluetooth/WiFi-Direct, and VPN connections in a single file format, in order
10 to simplify and automate network configuration for users. 10 to simplify and automate network configuration for users.
(...skipping 1039 matching lines...) Expand 10 before | Expand all | Expand 10 after
1050 * (optional) - **string** 1050 * (optional) - **string**
1051 * Identity of user. For tunneling outer protocols 1051 * Identity of user. For tunneling outer protocols
1052 (*PEAP*, *EAP-TTLS*, and 1052 (*PEAP*, *EAP-TTLS*, and
1053 *EAP-FAST*), this is used to authenticate inside 1053 *EAP-FAST*), this is used to authenticate inside
1054 the tunnel, and **AnonymousIdentity** is used for 1054 the tunnel, and **AnonymousIdentity** is used for
1055 the EAP identity outside the tunnel. For non-tunneling outer protocols, 1055 the EAP identity outside the tunnel. For non-tunneling outer protocols,
1056 this is used for the EAP identity. This value is subject to string 1056 this is used for the EAP identity. This value is subject to string
1057 expansions. 1057 expansions.
1058 1058
1059 * **Inner** 1059 * **Inner**
1060 * (optional if **Outer** is 1060 * (optional if **Outer** is *EAP-FAST*, *EAP-TTLS* or *PEAP*, otherwise
1061 *EAP-FAST*, *EAP-TTLS* 1061 ignored, defaults to *Automatic*) - **string**
1062 or *PEAP*, otherwise ignored, defaults to *Automatic*) - **string** 1062 * `Allowed values are` *Automatic*, *MD5*, *MSCHAP*, *MSCHAPv2*, *PAP*,
1063 * `Allowed values are` *Automatic*, 1063 *CHAP* and *GTC*.
1064 *MD5*, *MSCHAPv2*,
1065 *EAP-MSCHAPv2*,
1066 *PAP*, and *GTC*.
1067 * For tunneling outer protocols. 1064 * For tunneling outer protocols.
1068 1065
1069 * **Outer** 1066 * **Outer**
1070 * (required) - **string** 1067 * (required) - **string**
1071 * `Allowed values are` *LEAP*, 1068 * `Allowed values are` *LEAP*, *EAP-AKA*, *EAP-FAST*, *EAP-TLS*, *EAP-TTLS*,
1072 *EAP-AKA*, *EAP-FAST*,
1073 *EAP-TLS*, *EAP-TTLS*,
1074 *EAP-SIM* and *PEAP*. 1069 *EAP-SIM* and *PEAP*.
1075 1070
1076 * **Password** 1071 * **Password**
1077 * (optional) - **string** 1072 * (optional) - **string**
1078 * Password of user. If not specified, defaults to prompting the user. 1073 * Password of user. If not specified, defaults to prompting the user.
1079 1074
1080 * **SaveCredentials** 1075 * **SaveCredentials**
1081 * (optional, defaults to *false*) - **boolean** 1076 * (optional, defaults to *false*) - **boolean**
1082 * If *false*, require user to enter credentials 1077 * If *false*, require user to enter credentials
1083 each time they connect. Specifying **Identity** 1078 each time they connect. Specifying **Identity**
(...skipping 19 matching lines...) Expand all
1103 * **ServerCARef** 1098 * **ServerCARef**
1104 * (optional) - **string** 1099 * (optional) - **string**
1105 * DEPRECATED, use **ServerCARefs** instead.<br/> 1100 * DEPRECATED, use **ServerCARefs** instead.<br/>
1106 Reference to a CA certificate in **Certificates**. 1101 Reference to a CA certificate in **Certificates**.
1107 * If this field is set, **ServerCARefs** must be unset. 1102 * If this field is set, **ServerCARefs** must be unset.
1108 If neither **ServerCARefs** nor **ServerCARef** is set, the client does 1103 If neither **ServerCARefs** nor **ServerCARef** is set, the client does
1109 not check that the server certificate is signed by a specific CA. 1104 not check that the server certificate is signed by a specific CA.
1110 A verification using the system's CA certificates may still apply. 1105 A verification using the system's CA certificates may still apply.
1111 See **UseSystemCAs** for this. 1106 See **UseSystemCAs** for this.
1112 1107
1108 * **SubjectMatch**
1109 * (optional) - **string**
1110 * WiFi only. A substring which a remote RADIUS service certificate subject
1111 name must contain in order to connect.
1112
1113 * **UseSystemCAs** 1113 * **UseSystemCAs**
1114 * (optional, defaults to *true*) - **boolean** 1114 * (optional, defaults to *true*) - **boolean**
1115 * Required server certificate to be signed by "system default certificate 1115 * Required server certificate to be signed by "system default certificate
1116 authorities". If both **ServerCARefs** (or **ServerCARef**) 1116 authorities". If both **ServerCARefs** (or **ServerCARef**)
1117 and **UseSystemCAs** are supplied, a server 1117 and **UseSystemCAs** are supplied, a server
1118 certificate will be allowed if it either has a chain of trust to a system 1118 certificate will be allowed if it either has a chain of trust to a system
1119 CA or to one of the given CA certificates. If **UseSystemCAs** 1119 CA or to one of the given CA certificates. If **UseSystemCAs**
1120 is *false*, and no **ServerCARef** is set, the certificate 1120 is *false*, and no **ServerCARef** is set, the certificate
1121 must be a self signed certificate, and no CA signature is required. 1121 must be a self signed certificate, and no CA signature is required.
1122 1122
(...skipping 683 matching lines...) Expand 10 before | Expand all | Expand 10 after
1806 is transmitted or saved to disk should be secure. On client device, when 1806 is transmitted or saved to disk should be secure. On client device, when
1807 user names for connections that are user-specific are persisted to disk, 1807 user names for connections that are user-specific are persisted to disk,
1808 they should be stored in a location that is encrypted. Users can also opt in 1808 they should be stored in a location that is encrypted. Users can also opt in
1809 these cases to not save their user credentials in the config file and will 1809 these cases to not save their user credentials in the config file and will
1810 instead be prompted when they are needed. 1810 instead be prompted when they are needed.
1811 1811
1812 ## Authors 1812 ## Authors
1813 1813
1814 * pneubeck@chromium.org 1814 * pneubeck@chromium.org
1815 * stevenjb@chromium.org 1815 * stevenjb@chromium.org
OLDNEW
« chromeos/network/onc/onc_translator_shill_to_onc.cc ('K') | « chromeos/test/data/network/wifi_eap_ttls.onc ('k') | components/onc/onc_constants.h » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698