[PATCH] Add some documentation relating to EAP-AKA.
greearb at candelatech.com
greearb
Fri Jan 3 16:10:16 PST 2014
From: Ben Greear <greearb at candelatech.com>
Signed-hostapd: Ben Greear <greearb at candelatech.com>
---
wpa_supplicant/defconfig | 2 +-
wpa_supplicant/wpa_supplicant.conf | 4 ++++
2 files changed, 5 insertions(+), 1 deletions(-)
diff --git a/wpa_supplicant/defconfig b/wpa_supplicant/defconfig
index 8c79eb6..0d2556d 100644
--- a/wpa_supplicant/defconfig
+++ b/wpa_supplicant/defconfig
@@ -331,7 +331,7 @@ CONFIG_PEERKEY=y
# Select TLS implementation
# openssl = OpenSSL (default)
-# gnutls = GnuTLS
+# gnutls = GnuTLS (Missing some features needed by EAP-AKA with USIM, at least)
# internal = Internal TLSv1 implementation (experimental)
# none = Empty template
#CONFIG_TLS=openssl
diff --git a/wpa_supplicant/wpa_supplicant.conf b/wpa_supplicant/wpa_supplicant.conf
index c555ca6..0ea8fd0 100644
--- a/wpa_supplicant/wpa_supplicant.conf
+++ b/wpa_supplicant/wpa_supplicant.conf
@@ -658,6 +658,8 @@ fast_reauth=1
# identity: Identity string for EAP
# This field is also used to configure user NAI for
# EAP-PSK/PAX/SAKE/GPSK.
+# For EAP-AKA, it is 1 | IMSI
+# For EAP-SIM, it is 0 | IMSI
# anonymous_identity: Anonymous identity string for EAP (to be used as the
# unencrypted identity with EAP types that support different tunnelled
# identity, e.g., EAP-TTLS). This field can also be used with
@@ -671,6 +673,8 @@ fast_reauth=1
# PSK) is also configured using this field. For EAP-GPSK, this is a
# variable length PSK. ext:<name of external password field> format can
# be used to indicate that the password is stored in external storage.
+# For EAP-AKA, the syntax is K:OPc:SQN
+# For EAP-SIM, the syntax is K:OPc
# ca_cert: File path to CA certificate file (PEM/DER). This file can have one
# or more trusted CA certificates. If ca_cert and ca_path are not
# included, server certificate will not be verified. This is insecure and
--
1.7.3.4
More information about the Hostap
mailing list