config: Add configuration protected flag

[platform/upstream/connman.git] / doc / config-format.txt

diff --git a/doc/config-format.txt b/doc/config-format.txt
index bc5a5c1..7f23c76 100644 (file)
--- a/doc/config-format.txt
+++ b/doc/config-format.txt
@@ -3,7 +3,8 @@ Connman configuration file format
 
 Connman uses configuration files to provision existing services. Connman will
 be looking for its configuration files at STORAGEDIR which by default points
-to /var/lib/connman/.
+to /var/lib/connman/. Configuration file names must not include other
+characters than letters or numbers and must have a .config suffix.
 Those configuration files are text files with a simple format and we typically
 have one file per provisioned network.
 
@@ -15,6 +16,9 @@ These files can have an optional global entry describing the actual file.
 The 2 allowed fields for that entry are:
 - Name: Name of the network.
 - Description: Description of the network.
+- Protected: Configuration protection against being removed, modified or
+overwritten by a Manager.ProvisionService() call. By default, a configuration
+is not protected.
 
 
 Service entry [service_*]
@@ -28,7 +32,7 @@ to store the different services into an hash table.
 Allowed fields:
 - Type: Service type. We currently only support wifi.
 - SSID: An hexadecimal or a string representation of a 802.11 SSID.
-- EAP: EAP type. We currently only support tls or peap.
+- EAP: EAP type. We currently only support tls, ttls or peap.
 - CACertFile: File path to CA certificate file (PEM/DER).
 - ClientCertFile: File path to client certificate file (PEM/DER).
 - PrivateKeyFile: File path to client private key file (PEM/DER/PFX).
@@ -38,17 +42,25 @@ This is for private keys generated by using their own filesystem UUID as the
 passphrase. The PrivateKeyPassphrase field is ignored when this field is set
 to fsid.
 - Identity: Identity string for EAP.
-- Phase2: Phase2 (inner authentication with TLS tunnel) parameters.
+- Phase2: Phase2 (inner authentication with TLS tunnel) authentication method.
+Prefix the value with "EAP-" to indicate the usage of an EAP-based inner
+authentication method (should only be used with EAP = TTLS).
 - Passphrase: RSN/WPA/WPA2 Passphrase
 
 
 Example
 =======
 
-This is a configuration file for a network providing both EAP-TLS and
+This is a configuration file for a network providing EAP-TLS, EAP-TTLS and
 EAP-PEAP services.
-The respective SSIDs are tls_ssid and peap_ssid.
+The respective SSIDs are tls_ssid, ttls_ssid and peap_ssid and the file name
+is example.config.
+Please note that the SSID entry is for hexadecimal encoded SSID (e.g. "SSID =
+746c735f73736964"). If your SSID does not contain any exotic character then
+you should use the Name entry instead (e.g. "Name = tls_ssid").
 
+
+example@example:[~]$ cat /var/lib/connman/example.config
 [global]
 Name = Example
 Description = Example network configuration
@@ -63,10 +75,18 @@ PrivateKeyFile = /home/user/.certs/client.fsid.pem
 PrivateKeyPassphraseType = fsid
 Identity = user
 
+[service_ttls]
+Type = wifi
+Name = ttls_ssid
+EAP = ttls
+CACertFile = /home/user/.cert/ca.pem
+Phase2 = MSCHAPV2
+Identity = user
+
 [service_peap]
 Type = wifi
-SSID = peap_ssid
+Name = peap_ssid
 EAP = peap
-CACert = /home/user/.cert/ca.pem
+CACertFile = /home/user/.cert/ca.pem
 Phase2 = MSCHAPV2
 Identity = user