path: root/wpa_supplicant/wpa_supplicant.conf
diff options
authorJouni Malinen <jouni@codeaurora.org>2018-05-19 14:28:01 (GMT)
committerJouni Malinen <j@w1.fi>2018-05-19 14:30:29 (GMT)
commit9be19d0b9c4e4948e70fbfeb9076d30af9d0071f (patch)
tree21ed8486d3cf56ec80bf1877c023b621ec9008e2 /wpa_supplicant/wpa_supplicant.conf
parentd6a65a83fb61c855e9c776e3f89278ed8b214535 (diff)
SAE: Add support for using the optional Password Identifier
This extends the SAE implementation in both infrastructure and mesh BSS cases to allow an optional Password Identifier to be used. This uses the mechanism added in P802.11REVmd/D1.0. The Password Identifier is configured in a wpa_supplicant network profile as a new string parameter sae_password_id. In hostapd configuration, the existing sae_password parameter has been extended to allow the password identifier (and also a peer MAC address) to be set. In addition, multiple sae_password entries can now be provided to hostapd to allow multiple per-peer and per-identifier passwords to be set. Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
Diffstat (limited to 'wpa_supplicant/wpa_supplicant.conf')
1 files changed, 5 insertions, 0 deletions
diff --git a/wpa_supplicant/wpa_supplicant.conf b/wpa_supplicant/wpa_supplicant.conf
index 892e735..a235ea0 100644
--- a/wpa_supplicant/wpa_supplicant.conf
+++ b/wpa_supplicant/wpa_supplicant.conf
@@ -954,6 +954,11 @@ fast_reauth=1
# used, but psk follows the WPA-PSK constraints (8..63 characters) even though
# SAE passwords do not have such constraints.
+# sae_password_id: SAE password identifier
+# This parameter can be used to set an identifier for the SAE password. By
+# default, no such identifier is used. If set, the specified identifier value
+# is used by the other peer to select which password to use for authentication.
# eapol_flags: IEEE 802.1X/EAPOL options (bit field)
# Dynamic WEP key required for non-WPA mode
# bit0 (1): require dynamically generated unicast WEP key