]> git.ipfire.org Git - thirdparty/hostap.git/blob - src/ap/ap_config.c
projects / thirdparty / hostap.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
macsec: Add configuration parameters for hostapd
[thirdparty/hostap.git] / src / ap / ap_config.c
1 /*
2 * hostapd / Configuration helper functions
3 * Copyright (c) 2003-2014, Jouni Malinen <j@w1.fi>
4 *
5 * This software may be distributed under the terms of the BSD license.
6 * See README for more details.
7 */
8
9 #include "utils/includes.h"
10
11 #include "utils/common.h"
12 #include "crypto/sha1.h"
13 #include "crypto/tls.h"
14 #include "radius/radius_client.h"
15 #include "common/ieee802_11_defs.h"
16 #include "common/ieee802_1x_defs.h"
17 #include "common/eapol_common.h"
18 #include "common/dhcp.h"
19 #include "eap_common/eap_wsc_common.h"
20 #include "eap_server/eap.h"
21 #include "wpa_auth.h"
22 #include "sta_info.h"
23 #include "airtime_policy.h"
24 #include "ap_config.h"
25
26
27 static void hostapd_config_free_vlan(struct hostapd_bss_config *bss)
28 {
29 struct hostapd_vlan *vlan, *prev;
30
31 vlan = bss->vlan;
32 prev = NULL;
33 while (vlan) {
34 prev = vlan;
35 vlan = vlan->next;
36 os_free(prev);
37 }
38
39 bss->vlan = NULL;
40 }
41
42
43 #ifndef DEFAULT_WPA_DISABLE_EAPOL_KEY_RETRIES
44 #define DEFAULT_WPA_DISABLE_EAPOL_KEY_RETRIES 0
45 #endif /* DEFAULT_WPA_DISABLE_EAPOL_KEY_RETRIES */
46
47 void hostapd_config_defaults_bss(struct hostapd_bss_config *bss)
48 {
49 dl_list_init(&bss->anqp_elem);
50
51 bss->logger_syslog_level = HOSTAPD_LEVEL_INFO;
52 bss->logger_stdout_level = HOSTAPD_LEVEL_INFO;
53 bss->logger_syslog = (unsigned int) -1;
54 bss->logger_stdout = (unsigned int) -1;
55
56 bss->auth_algs = WPA_AUTH_ALG_OPEN | WPA_AUTH_ALG_SHARED;
57
58 bss->wep_rekeying_period = 300;
59 /* use key0 in individual key and key1 in broadcast key */
60 bss->broadcast_key_idx_min = 1;
61 bss->broadcast_key_idx_max = 2;
62 bss->eap_reauth_period = 3600;
63
64 bss->wpa_group_rekey = 600;
65 bss->wpa_gmk_rekey = 86400;
66 bss->wpa_group_update_count = 4;
67 bss->wpa_pairwise_update_count = 4;
68 bss->wpa_disable_eapol_key_retries =
69 DEFAULT_WPA_DISABLE_EAPOL_KEY_RETRIES;
70 bss->wpa_key_mgmt = WPA_KEY_MGMT_PSK;
71 bss->wpa_pairwise = WPA_CIPHER_TKIP;
72 bss->wpa_group = WPA_CIPHER_TKIP;
73 bss->rsn_pairwise = 0;
74
75 bss->max_num_sta = MAX_STA_COUNT;
76
77 bss->dtim_period = 2;
78
79 bss->radius_server_auth_port = 1812;
80 bss->eap_sim_db_timeout = 1;
81 bss->ap_max_inactivity = AP_MAX_INACTIVITY;
82 bss->eapol_version = EAPOL_VERSION;
83
84 bss->max_listen_interval = 65535;
85
86 bss->pwd_group = 19; /* ECC: GF(p=256) */
87
88 #ifdef CONFIG_IEEE80211W
89 bss->assoc_sa_query_max_timeout = 1000;
90 bss->assoc_sa_query_retry_timeout = 201;
91 bss->group_mgmt_cipher = WPA_CIPHER_AES_128_CMAC;
92 #endif /* CONFIG_IEEE80211W */
93 #ifdef EAP_SERVER_FAST
94 /* both anonymous and authenticated provisioning */
95 bss->eap_fast_prov = 3;
96 bss->pac_key_lifetime = 7 * 24 * 60 * 60;
97 bss->pac_key_refresh_time = 1 * 24 * 60 * 60;
98 #endif /* EAP_SERVER_FAST */
99
100 /* Set to -1 as defaults depends on HT in setup */
101 bss->wmm_enabled = -1;
102
103 #ifdef CONFIG_IEEE80211R_AP
104 bss->ft_over_ds = 1;
105 bss->rkh_pos_timeout = 86400;
106 bss->rkh_neg_timeout = 60;
107 bss->rkh_pull_timeout = 1000;
108 bss->rkh_pull_retries = 4;
109 bss->r0_key_lifetime = 1209600;
110 #endif /* CONFIG_IEEE80211R_AP */
111
112 bss->radius_das_time_window = 300;
113
114 bss->sae_anti_clogging_threshold = 5;
115 bss->sae_sync = 5;
116
117 bss->gas_frag_limit = 1400;
118
119 #ifdef CONFIG_FILS
120 dl_list_init(&bss->fils_realms);
121 bss->fils_hlp_wait_time = 30;
122 bss->dhcp_server_port = DHCP_SERVER_PORT;
123 bss->dhcp_relay_port = DHCP_SERVER_PORT;
124 #endif /* CONFIG_FILS */
125
126 bss->broadcast_deauth = 1;
127
128 #ifdef CONFIG_MBO
129 bss->mbo_cell_data_conn_pref = -1;
130 #endif /* CONFIG_MBO */
131
132 /* Disable TLS v1.3 by default for now to avoid interoperability issue.
133 * This can be enabled by default once the implementation has been fully
134 * completed and tested with other implementations. */
135 bss->tls_flags = TLS_CONN_DISABLE_TLSv1_3;
136
137 bss->send_probe_response = 1;
138
139 #ifdef CONFIG_HS20
140 bss->hs20_release = (HS20_VERSION >> 4) + 1;
141 #endif /* CONFIG_HS20 */
142
143 #ifdef CONFIG_MACSEC
144 bss->mka_priority = DEFAULT_PRIO_NOT_KEY_SERVER;
145 bss->macsec_port = 1;
146 #endif /* CONFIG_MACSEC */
147
148 /* Default to strict CRL checking. */
149 bss->check_crl_strict = 1;
150 }
151
152
153 struct hostapd_config * hostapd_config_defaults(void)
154 {
155 #define ecw2cw(ecw) ((1 << (ecw)) - 1)
156
157 struct hostapd_config *conf;
158 struct hostapd_bss_config *bss;
159 const int aCWmin = 4, aCWmax = 10;
160 const struct hostapd_wmm_ac_params ac_bk =
161 { aCWmin, aCWmax, 7, 0, 0 }; /* background traffic */
162 const struct hostapd_wmm_ac_params ac_be =
163 { aCWmin, aCWmax, 3, 0, 0 }; /* best effort traffic */
164 const struct hostapd_wmm_ac_params ac_vi = /* video traffic */
165 { aCWmin - 1, aCWmin, 2, 3008 / 32, 0 };
166 const struct hostapd_wmm_ac_params ac_vo = /* voice traffic */
167 { aCWmin - 2, aCWmin - 1, 2, 1504 / 32, 0 };
168 const struct hostapd_tx_queue_params txq_bk =
169 { 7, ecw2cw(aCWmin), ecw2cw(aCWmax), 0 };
170 const struct hostapd_tx_queue_params txq_be =
171 { 3, ecw2cw(aCWmin), 4 * (ecw2cw(aCWmin) + 1) - 1, 0};
172 const struct hostapd_tx_queue_params txq_vi =
173 { 1, (ecw2cw(aCWmin) + 1) / 2 - 1, ecw2cw(aCWmin), 30};
174 const struct hostapd_tx_queue_params txq_vo =
175 { 1, (ecw2cw(aCWmin) + 1) / 4 - 1,
176 (ecw2cw(aCWmin) + 1) / 2 - 1, 15};
177
178 #undef ecw2cw
179
180 conf = os_zalloc(sizeof(*conf));
181 bss = os_zalloc(sizeof(*bss));
182 if (conf == NULL || bss == NULL) {
183 wpa_printf(MSG_ERROR, "Failed to allocate memory for "
184 "configuration data.");
185 os_free(conf);
186 os_free(bss);
187 return NULL;
188 }
189 conf->bss = os_calloc(1, sizeof(struct hostapd_bss_config *));
190 if (conf->bss == NULL) {
191 os_free(conf);
192 os_free(bss);
193 return NULL;
194 }
195 conf->bss[0] = bss;
196
197 bss->radius = os_zalloc(sizeof(*bss->radius));
198 if (bss->radius == NULL) {
199 os_free(conf->bss);
200 os_free(conf);
201 os_free(bss);
202 return NULL;
203 }
204
205 hostapd_config_defaults_bss(bss);
206
207 conf->num_bss = 1;
208
209 conf->beacon_int = 100;
210 conf->rts_threshold = -2; /* use driver default: 2347 */
211 conf->fragm_threshold = -2; /* user driver default: 2346 */
212 /* Set to invalid value means do not add Power Constraint IE */
213 conf->local_pwr_constraint = -1;
214
215 conf->wmm_ac_params[0] = ac_be;
216 conf->wmm_ac_params[1] = ac_bk;
217 conf->wmm_ac_params[2] = ac_vi;
218 conf->wmm_ac_params[3] = ac_vo;
219
220 conf->tx_queue[0] = txq_vo;
221 conf->tx_queue[1] = txq_vi;
222 conf->tx_queue[2] = txq_be;
223 conf->tx_queue[3] = txq_bk;
224
225 conf->ht_capab = HT_CAP_INFO_SMPS_DISABLED;
226
227 conf->ap_table_max_size = 255;
228 conf->ap_table_expiration_time = 60;
229 conf->track_sta_max_age = 180;
230
231 #ifdef CONFIG_TESTING_OPTIONS
232 conf->ignore_probe_probability = 0.0;
233 conf->ignore_auth_probability = 0.0;
234 conf->ignore_assoc_probability = 0.0;
235 conf->ignore_reassoc_probability = 0.0;
236 conf->corrupt_gtk_rekey_mic_probability = 0.0;
237 conf->ecsa_ie_only = 0;
238 #endif /* CONFIG_TESTING_OPTIONS */
239
240 conf->acs = 0;
241 conf->acs_ch_list.num = 0;
242 #ifdef CONFIG_ACS
243 conf->acs_num_scans = 5;
244 #endif /* CONFIG_ACS */
245
246 #ifdef CONFIG_IEEE80211AX
247 conf->he_op.he_rts_threshold = HE_OPERATION_RTS_THRESHOLD_MASK >>
248 HE_OPERATION_RTS_THRESHOLD_OFFSET;
249 /* Set default basic MCS/NSS set to single stream MCS 0-7 */
250 conf->he_op.he_basic_mcs_nss_set = 0xfffc;
251 #endif /* CONFIG_IEEE80211AX */
252
253 /* The third octet of the country string uses an ASCII space character
254 * by default to indicate that the regulations encompass all
255 * environments for the current frequency band in the country. */
256 conf->country[2] = ' ';
257
258 conf->rssi_reject_assoc_rssi = 0;
259 conf->rssi_reject_assoc_timeout = 30;
260
261 #ifdef CONFIG_AIRTIME_POLICY
262 conf->airtime_update_interval = AIRTIME_DEFAULT_UPDATE_INTERVAL;
263 #endif /* CONFIG_AIRTIME_POLICY */
264
265 return conf;
266 }
267
268
269 int hostapd_mac_comp(const void *a, const void *b)
270 {
271 return os_memcmp(a, b, sizeof(macaddr));
272 }
273
274
275 static int hostapd_config_read_wpa_psk(const char *fname,
276 struct hostapd_ssid *ssid)
277 {
278 FILE *f;
279 char buf[128], *pos;
280 const char *keyid;
281 char *context;
282 char *context2;
283 char *token;
284 char *name;
285 char *value;
286 int line = 0, ret = 0, len, ok;
287 u8 addr[ETH_ALEN];
288 struct hostapd_wpa_psk *psk;
289
290 if (!fname)
291 return 0;
292
293 f = fopen(fname, "r");
294 if (!f) {
295 wpa_printf(MSG_ERROR, "WPA PSK file '%s' not found.", fname);
296 return -1;
297 }
298
299 while (fgets(buf, sizeof(buf), f)) {
300 int vlan_id = 0;
301
302 line++;
303
304 if (buf[0] == '#')
305 continue;
306 pos = buf;
307 while (*pos != '\0') {
308 if (*pos == '\n') {
309 *pos = '\0';
310 break;
311 }
312 pos++;
313 }
314 if (buf[0] == '\0')
315 continue;
316
317 context = NULL;
318 keyid = NULL;
319 while ((token = str_token(buf, " ", &context))) {
320 if (!os_strchr(token, '='))
321 break;
322 context2 = NULL;
323 name = str_token(token, "=", &context2);
324 if (!name)
325 break;
326 value = str_token(token, "", &context2);
327 if (!value)
328 value = "";
329 if (!os_strcmp(name, "keyid")) {
330 keyid = value;
331 } else if (!os_strcmp(name, "vlanid")) {
332 vlan_id = atoi(value);
333 } else {
334 wpa_printf(MSG_ERROR,
335 "Unrecognized '%s=%s' on line %d in '%s'",
336 name, value, line, fname);
337 ret = -1;
338 break;
339 }
340 }
341
342 if (ret == -1)
343 break;
344
345 if (!token)
346 token = "";
347 if (hwaddr_aton(token, addr)) {
348 wpa_printf(MSG_ERROR, "Invalid MAC address '%s' on "
349 "line %d in '%s'", token, line, fname);
350 ret = -1;
351 break;
352 }
353
354 psk = os_zalloc(sizeof(*psk));
355 if (psk == NULL) {
356 wpa_printf(MSG_ERROR, "WPA PSK allocation failed");
357 ret = -1;
358 break;
359 }
360 psk->vlan_id = vlan_id;
361 if (is_zero_ether_addr(addr))
362 psk->group = 1;
363 else
364 os_memcpy(psk->addr, addr, ETH_ALEN);
365
366 pos = str_token(buf, "", &context);
367 if (!pos) {
368 wpa_printf(MSG_ERROR, "No PSK on line %d in '%s'",
369 line, fname);
370 os_free(psk);
371 ret = -1;
372 break;
373 }
374
375 ok = 0;
376 len = os_strlen(pos);
377 if (len == 64 && hexstr2bin(pos, psk->psk, PMK_LEN) == 0)
378 ok = 1;
379 else if (len >= 8 && len < 64) {
380 pbkdf2_sha1(pos, ssid->ssid, ssid->ssid_len,
381 4096, psk->psk, PMK_LEN);
382 ok = 1;
383 }
384 if (!ok) {
385 wpa_printf(MSG_ERROR, "Invalid PSK '%s' on line %d in "
386 "'%s'", pos, line, fname);
387 os_free(psk);
388 ret = -1;
389 break;
390 }
391
392 if (keyid) {
393 len = os_strlcpy(psk->keyid, keyid, sizeof(psk->keyid));
394 if ((size_t) len >= sizeof(psk->keyid)) {
395 wpa_printf(MSG_ERROR,
396 "PSK keyid too long on line %d in '%s'",
397 line, fname);
398 os_free(psk);
399 ret = -1;
400 break;
401 }
402 }
403
404 psk->next = ssid->wpa_psk;
405 ssid->wpa_psk = psk;
406 }
407
408 fclose(f);
409
410 return ret;
411 }
412
413
414 static int hostapd_derive_psk(struct hostapd_ssid *ssid)
415 {
416 ssid->wpa_psk = os_zalloc(sizeof(struct hostapd_wpa_psk));
417 if (ssid->wpa_psk == NULL) {
418 wpa_printf(MSG_ERROR, "Unable to alloc space for PSK");
419 return -1;
420 }
421 wpa_hexdump_ascii(MSG_DEBUG, "SSID",
422 (u8 *) ssid->ssid, ssid->ssid_len);
423 wpa_hexdump_ascii_key(MSG_DEBUG, "PSK (ASCII passphrase)",
424 (u8 *) ssid->wpa_passphrase,
425 os_strlen(ssid->wpa_passphrase));
426 pbkdf2_sha1(ssid->wpa_passphrase,
427 ssid->ssid, ssid->ssid_len,
428 4096, ssid->wpa_psk->psk, PMK_LEN);
429 wpa_hexdump_key(MSG_DEBUG, "PSK (from passphrase)",
430 ssid->wpa_psk->psk, PMK_LEN);
431 return 0;
432 }
433
434
435 int hostapd_setup_wpa_psk(struct hostapd_bss_config *conf)
436 {
437 struct hostapd_ssid *ssid = &conf->ssid;
438
439 if (ssid->wpa_passphrase != NULL) {
440 if (ssid->wpa_psk != NULL) {
441 wpa_printf(MSG_DEBUG, "Using pre-configured WPA PSK "
442 "instead of passphrase");
443 } else {
444 wpa_printf(MSG_DEBUG, "Deriving WPA PSK based on "
445 "passphrase");
446 if (hostapd_derive_psk(ssid) < 0)
447 return -1;
448 }
449 ssid->wpa_psk->group = 1;
450 }
451
452 return hostapd_config_read_wpa_psk(ssid->wpa_psk_file, &conf->ssid);
453 }
454
455
456 static void hostapd_config_free_radius(struct hostapd_radius_server *servers,
457 int num_servers)
458 {
459 int i;
460
461 for (i = 0; i < num_servers; i++) {
462 os_free(servers[i].shared_secret);
463 }
464 os_free(servers);
465 }
466
467
468 struct hostapd_radius_attr *
469 hostapd_config_get_radius_attr(struct hostapd_radius_attr *attr, u8 type)
470 {
471 for (; attr; attr = attr->next) {
472 if (attr->type == type)
473 return attr;
474 }
475 return NULL;
476 }
477
478
479 static void hostapd_config_free_radius_attr(struct hostapd_radius_attr *attr)
480 {
481 struct hostapd_radius_attr *prev;
482
483 while (attr) {
484 prev = attr;
485 attr = attr->next;
486 wpabuf_free(prev->val);
487 os_free(prev);
488 }
489 }
490
491
492 void hostapd_config_free_eap_user(struct hostapd_eap_user *user)
493 {
494 hostapd_config_free_radius_attr(user->accept_attr);
495 os_free(user->identity);
496 bin_clear_free(user->password, user->password_len);
497 bin_clear_free(user->salt, user->salt_len);
498 os_free(user);
499 }
500
501
502 void hostapd_config_free_eap_users(struct hostapd_eap_user *user)
503 {
504 struct hostapd_eap_user *prev_user;
505
506 while (user) {
507 prev_user = user;
508 user = user->next;
509 hostapd_config_free_eap_user(prev_user);
510 }
511 }
512
513
514 static void hostapd_config_free_wep(struct hostapd_wep_keys *keys)
515 {
516 int i;
517 for (i = 0; i < NUM_WEP_KEYS; i++) {
518 bin_clear_free(keys->key[i], keys->len[i]);
519 keys->key[i] = NULL;
520 }
521 }
522
523
524 void hostapd_config_clear_wpa_psk(struct hostapd_wpa_psk **l)
525 {
526 struct hostapd_wpa_psk *psk, *tmp;
527
528 for (psk = *l; psk;) {
529 tmp = psk;
530 psk = psk->next;
531 bin_clear_free(tmp, sizeof(*tmp));
532 }
533 *l = NULL;
534 }
535
536
537 static void hostapd_config_free_anqp_elem(struct hostapd_bss_config *conf)
538 {
539 struct anqp_element *elem;
540
541 while ((elem = dl_list_first(&conf->anqp_elem, struct anqp_element,
542 list))) {
543 dl_list_del(&elem->list);
544 wpabuf_free(elem->payload);
545 os_free(elem);
546 }
547 }
548
549
550 static void hostapd_config_free_fils_realms(struct hostapd_bss_config *conf)
551 {
552 #ifdef CONFIG_FILS
553 struct fils_realm *realm;
554
555 while ((realm = dl_list_first(&conf->fils_realms, struct fils_realm,
556 list))) {
557 dl_list_del(&realm->list);
558 os_free(realm);
559 }
560 #endif /* CONFIG_FILS */
561 }
562
563
564 static void hostapd_config_free_sae_passwords(struct hostapd_bss_config *conf)
565 {
566 struct sae_password_entry *pw, *tmp;
567
568 pw = conf->sae_passwords;
569 conf->sae_passwords = NULL;
570 while (pw) {
571 tmp = pw;
572 pw = pw->next;
573 str_clear_free(tmp->password);
574 os_free(tmp->identifier);
575 os_free(tmp);
576 }
577 }
578
579
580 #ifdef CONFIG_DPP2
581 static void hostapd_dpp_controller_conf_free(struct dpp_controller_conf *conf)
582 {
583 struct dpp_controller_conf *prev;
584
585 while (conf) {
586 prev = conf;
587 conf = conf->next;
588 os_free(prev);
589 }
590 }
591 #endif /* CONFIG_DPP2 */
592
593
594 void hostapd_config_free_bss(struct hostapd_bss_config *conf)
595 {
596 if (conf == NULL)
597 return;
598
599 hostapd_config_clear_wpa_psk(&conf->ssid.wpa_psk);
600
601 str_clear_free(conf->ssid.wpa_passphrase);
602 os_free(conf->ssid.wpa_psk_file);
603 hostapd_config_free_wep(&conf->ssid.wep);
604 #ifdef CONFIG_FULL_DYNAMIC_VLAN
605 os_free(conf->ssid.vlan_tagged_interface);
606 #endif /* CONFIG_FULL_DYNAMIC_VLAN */
607
608 hostapd_config_free_eap_users(conf->eap_user);
609 os_free(conf->eap_user_sqlite);
610
611 os_free(conf->eap_req_id_text);
612 os_free(conf->erp_domain);
613 os_free(conf->accept_mac);
614 os_free(conf->deny_mac);
615 os_free(conf->nas_identifier);
616 if (conf->radius) {
617 hostapd_config_free_radius(conf->radius->auth_servers,
618 conf->radius->num_auth_servers);
619 hostapd_config_free_radius(conf->radius->acct_servers,
620 conf->radius->num_acct_servers);
621 }
622 hostapd_config_free_radius_attr(conf->radius_auth_req_attr);
623 hostapd_config_free_radius_attr(conf->radius_acct_req_attr);
624 os_free(conf->rsn_preauth_interfaces);
625 os_free(conf->ctrl_interface);
626 os_free(conf->ca_cert);
627 os_free(conf->server_cert);
628 os_free(conf->private_key);
629 os_free(conf->private_key_passwd);
630 os_free(conf->check_cert_subject);
631 os_free(conf->ocsp_stapling_response);
632 os_free(conf->ocsp_stapling_response_multi);
633 os_free(conf->dh_file);
634 os_free(conf->openssl_ciphers);
635 os_free(conf->openssl_ecdh_curves);
636 os_free(conf->pac_opaque_encr_key);
637 os_free(conf->eap_fast_a_id);
638 os_free(conf->eap_fast_a_id_info);
639 os_free(conf->eap_sim_db);
640 os_free(conf->radius_server_clients);
641 os_free(conf->radius);
642 os_free(conf->radius_das_shared_secret);
643 hostapd_config_free_vlan(conf);
644 os_free(conf->time_zone);
645
646 #ifdef CONFIG_IEEE80211R_AP
647 {
648 struct ft_remote_r0kh *r0kh, *r0kh_prev;
649 struct ft_remote_r1kh *r1kh, *r1kh_prev;
650
651 r0kh = conf->r0kh_list;
652 conf->r0kh_list = NULL;
653 while (r0kh) {
654 r0kh_prev = r0kh;
655 r0kh = r0kh->next;
656 os_free(r0kh_prev);
657 }
658
659 r1kh = conf->r1kh_list;
660 conf->r1kh_list = NULL;
661 while (r1kh) {
662 r1kh_prev = r1kh;
663 r1kh = r1kh->next;
664 os_free(r1kh_prev);
665 }
666 }
667 #endif /* CONFIG_IEEE80211R_AP */
668
669 #ifdef CONFIG_WPS
670 os_free(conf->wps_pin_requests);
671 os_free(conf->device_name);
672 os_free(conf->manufacturer);
673 os_free(conf->model_name);
674 os_free(conf->model_number);
675 os_free(conf->serial_number);
676 os_free(conf->config_methods);
677 os_free(conf->ap_pin);
678 os_free(conf->extra_cred);
679 os_free(conf->ap_settings);
680 hostapd_config_clear_wpa_psk(&conf->multi_ap_backhaul_ssid.wpa_psk);
681 str_clear_free(conf->multi_ap_backhaul_ssid.wpa_passphrase);
682 os_free(conf->upnp_iface);
683 os_free(conf->friendly_name);
684 os_free(conf->manufacturer_url);
685 os_free(conf->model_description);
686 os_free(conf->model_url);
687 os_free(conf->upc);
688 {
689 unsigned int i;
690
691 for (i = 0; i < MAX_WPS_VENDOR_EXTENSIONS; i++)
692 wpabuf_free(conf->wps_vendor_ext[i]);
693 }
694 wpabuf_free(conf->wps_nfc_dh_pubkey);
695 wpabuf_free(conf->wps_nfc_dh_privkey);
696 wpabuf_free(conf->wps_nfc_dev_pw);
697 #endif /* CONFIG_WPS */
698
699 os_free(conf->roaming_consortium);
700 os_free(conf->venue_name);
701 os_free(conf->venue_url);
702 os_free(conf->nai_realm_data);
703 os_free(conf->network_auth_type);
704 os_free(conf->anqp_3gpp_cell_net);
705 os_free(conf->domain_name);
706 hostapd_config_free_anqp_elem(conf);
707
708 #ifdef CONFIG_RADIUS_TEST
709 os_free(conf->dump_msk_file);
710 #endif /* CONFIG_RADIUS_TEST */
711
712 #ifdef CONFIG_HS20
713 os_free(conf->hs20_oper_friendly_name);
714 os_free(conf->hs20_wan_metrics);
715 os_free(conf->hs20_connection_capability);
716 os_free(conf->hs20_operating_class);
717 os_free(conf->hs20_icons);
718 if (conf->hs20_osu_providers) {
719 size_t i;
720 for (i = 0; i < conf->hs20_osu_providers_count; i++) {
721 struct hs20_osu_provider *p;
722 size_t j;
723 p = &conf->hs20_osu_providers[i];
724 os_free(p->friendly_name);
725 os_free(p->server_uri);
726 os_free(p->method_list);
727 for (j = 0; j < p->icons_count; j++)
728 os_free(p->icons[j]);
729 os_free(p->icons);
730 os_free(p->osu_nai);
731 os_free(p->osu_nai2);
732 os_free(p->service_desc);
733 }
734 os_free(conf->hs20_osu_providers);
735 }
736 if (conf->hs20_operator_icon) {
737 size_t i;
738
739 for (i = 0; i < conf->hs20_operator_icon_count; i++)
740 os_free(conf->hs20_operator_icon[i]);
741 os_free(conf->hs20_operator_icon);
742 }
743 os_free(conf->subscr_remediation_url);
744 os_free(conf->hs20_sim_provisioning_url);
745 os_free(conf->t_c_filename);
746 os_free(conf->t_c_server_url);
747 #endif /* CONFIG_HS20 */
748
749 wpabuf_free(conf->vendor_elements);
750 wpabuf_free(conf->assocresp_elements);
751
752 os_free(conf->sae_groups);
753 #ifdef CONFIG_OWE
754 os_free(conf->owe_groups);
755 #endif /* CONFIG_OWE */
756
757 os_free(conf->wowlan_triggers);
758
759 os_free(conf->server_id);
760
761 #ifdef CONFIG_TESTING_OPTIONS
762 wpabuf_free(conf->own_ie_override);
763 wpabuf_free(conf->sae_commit_override);
764 #endif /* CONFIG_TESTING_OPTIONS */
765
766 os_free(conf->no_probe_resp_if_seen_on);
767 os_free(conf->no_auth_if_seen_on);
768
769 hostapd_config_free_fils_realms(conf);
770
771 #ifdef CONFIG_DPP
772 os_free(conf->dpp_connector);
773 wpabuf_free(conf->dpp_netaccesskey);
774 wpabuf_free(conf->dpp_csign);
775 #ifdef CONFIG_DPP2
776 hostapd_dpp_controller_conf_free(conf->dpp_controller);
777 #endif /* CONFIG_DPP2 */
778 #endif /* CONFIG_DPP */
779
780 hostapd_config_free_sae_passwords(conf);
781
782 #ifdef CONFIG_AIRTIME_POLICY
783 {
784 struct airtime_sta_weight *wt, *wt_prev;
785
786 wt = conf->airtime_weight_list;
787 conf->airtime_weight_list = NULL;
788 while (wt) {
789 wt_prev = wt;
790 wt = wt->next;
791 os_free(wt_prev);
792 }
793 }
794 #endif /* CONFIG_AIRTIME_POLICY */
795
796 os_free(conf);
797 }
798
799
800 /**
801 * hostapd_config_free - Free hostapd configuration
802 * @conf: Configuration data from hostapd_config_read().
803 */
804 void hostapd_config_free(struct hostapd_config *conf)
805 {
806 size_t i;
807
808 if (conf == NULL)
809 return;
810
811 for (i = 0; i < conf->num_bss; i++)
812 hostapd_config_free_bss(conf->bss[i]);
813 os_free(conf->bss);
814 os_free(conf->supported_rates);
815 os_free(conf->basic_rates);
816 os_free(conf->acs_ch_list.range);
817 os_free(conf->driver_params);
818 #ifdef CONFIG_ACS
819 os_free(conf->acs_chan_bias);
820 #endif /* CONFIG_ACS */
821 wpabuf_free(conf->lci);
822 wpabuf_free(conf->civic);
823
824 os_free(conf);
825 }
826
827
828 /**
829 * hostapd_maclist_found - Find a MAC address from a list
830 * @list: MAC address list
831 * @num_entries: Number of addresses in the list
832 * @addr: Address to search for
833 * @vlan_id: Buffer for returning VLAN ID or %NULL if not needed
834 * Returns: 1 if address is in the list or 0 if not.
835 *
836 * Perform a binary search for given MAC address from a pre-sorted list.
837 */
838 int hostapd_maclist_found(struct mac_acl_entry *list, int num_entries,
839 const u8 *addr, struct vlan_description *vlan_id)
840 {
841 int start, end, middle, res;
842
843 start = 0;
844 end = num_entries - 1;
845
846 while (start <= end) {
847 middle = (start + end) / 2;
848 res = os_memcmp(list[middle].addr, addr, ETH_ALEN);
849 if (res == 0) {
850 if (vlan_id)
851 *vlan_id = list[middle].vlan_id;
852 return 1;
853 }
854 if (res < 0)
855 start = middle + 1;
856 else
857 end = middle - 1;
858 }
859
860 return 0;
861 }
862
863
864 int hostapd_rate_found(int *list, int rate)
865 {
866 int i;
867
868 if (list == NULL)
869 return 0;
870
871 for (i = 0; list[i] >= 0; i++)
872 if (list[i] == rate)
873 return 1;
874
875 return 0;
876 }
877
878
879 int hostapd_vlan_valid(struct hostapd_vlan *vlan,
880 struct vlan_description *vlan_desc)
881 {
882 struct hostapd_vlan *v = vlan;
883 int i;
884
885 if (!vlan_desc->notempty || vlan_desc->untagged < 0 ||
886 vlan_desc->untagged > MAX_VLAN_ID)
887 return 0;
888 for (i = 0; i < MAX_NUM_TAGGED_VLAN; i++) {
889 if (vlan_desc->tagged[i] < 0 ||
890 vlan_desc->tagged[i] > MAX_VLAN_ID)
891 return 0;
892 }
893 if (!vlan_desc->untagged && !vlan_desc->tagged[0])
894 return 0;
895
896 while (v) {
897 if (!vlan_compare(&v->vlan_desc, vlan_desc) ||
898 v->vlan_id == VLAN_ID_WILDCARD)
899 return 1;
900 v = v->next;
901 }
902 return 0;
903 }
904
905
906 const char * hostapd_get_vlan_id_ifname(struct hostapd_vlan *vlan, int vlan_id)
907 {
908 struct hostapd_vlan *v = vlan;
909 while (v) {
910 if (v->vlan_id == vlan_id)
911 return v->ifname;
912 v = v->next;
913 }
914 return NULL;
915 }
916
917
918 const u8 * hostapd_get_psk(const struct hostapd_bss_config *conf,
919 const u8 *addr, const u8 *p2p_dev_addr,
920 const u8 *prev_psk, int *vlan_id)
921 {
922 struct hostapd_wpa_psk *psk;
923 int next_ok = prev_psk == NULL;
924
925 if (vlan_id)
926 *vlan_id = 0;
927
928 if (p2p_dev_addr && !is_zero_ether_addr(p2p_dev_addr)) {
929 wpa_printf(MSG_DEBUG, "Searching a PSK for " MACSTR
930 " p2p_dev_addr=" MACSTR " prev_psk=%p",
931 MAC2STR(addr), MAC2STR(p2p_dev_addr), prev_psk);
932 addr = NULL; /* Use P2P Device Address for matching */
933 } else {
934 wpa_printf(MSG_DEBUG, "Searching a PSK for " MACSTR
935 " prev_psk=%p",
936 MAC2STR(addr), prev_psk);
937 }
938
939 for (psk = conf->ssid.wpa_psk; psk != NULL; psk = psk->next) {
940 if (next_ok &&
941 (psk->group ||
942 (addr && os_memcmp(psk->addr, addr, ETH_ALEN) == 0) ||
943 (!addr && p2p_dev_addr &&
944 os_memcmp(psk->p2p_dev_addr, p2p_dev_addr, ETH_ALEN) ==
945 0))) {
946 if (vlan_id)
947 *vlan_id = psk->vlan_id;
948 return psk->psk;
949 }
950
951 if (psk->psk == prev_psk)
952 next_ok = 1;
953 }
954
955 return NULL;
956 }
957
958
959 static int hostapd_config_check_bss(struct hostapd_bss_config *bss,
960 struct hostapd_config *conf,
961 int full_config)
962 {
963 if (full_config && bss->ieee802_1x && !bss->eap_server &&
964 !bss->radius->auth_servers) {
965 wpa_printf(MSG_ERROR, "Invalid IEEE 802.1X configuration (no "
966 "EAP authenticator configured).");
967 return -1;
968 }
969
970 if (bss->wpa) {
971 int wep, i;
972
973 wep = bss->default_wep_key_len > 0 ||
974 bss->individual_wep_key_len > 0;
975 for (i = 0; i < NUM_WEP_KEYS; i++) {
976 if (bss->ssid.wep.keys_set) {
977 wep = 1;
978 break;
979 }
980 }
981
982 if (wep) {
983 wpa_printf(MSG_ERROR, "WEP configuration in a WPA network is not supported");
984 return -1;
985 }
986 }
987
988 if (full_config && bss->wpa &&
989 bss->wpa_psk_radius != PSK_RADIUS_IGNORED &&
990 bss->macaddr_acl != USE_EXTERNAL_RADIUS_AUTH) {
991 wpa_printf(MSG_ERROR, "WPA-PSK using RADIUS enabled, but no "
992 "RADIUS checking (macaddr_acl=2) enabled.");
993 return -1;
994 }
995
996 if (full_config && bss->wpa && (bss->wpa_key_mgmt & WPA_KEY_MGMT_PSK) &&
997 bss->ssid.wpa_psk == NULL && bss->ssid.wpa_passphrase == NULL &&
998 bss->ssid.wpa_psk_file == NULL &&
999 (bss->wpa_psk_radius != PSK_RADIUS_REQUIRED ||
1000 bss->macaddr_acl != USE_EXTERNAL_RADIUS_AUTH)) {
1001 wpa_printf(MSG_ERROR, "WPA-PSK enabled, but PSK or passphrase "
1002 "is not configured.");
1003 return -1;
1004 }
1005
1006 if (full_config && !is_zero_ether_addr(bss->bssid)) {
1007 size_t i;
1008
1009 for (i = 0; i < conf->num_bss; i++) {
1010 if (conf->bss[i] != bss &&
1011 (hostapd_mac_comp(conf->bss[i]->bssid,
1012 bss->bssid) == 0)) {
1013 wpa_printf(MSG_ERROR, "Duplicate BSSID " MACSTR
1014 " on interface '%s' and '%s'.",
1015 MAC2STR(bss->bssid),
1016 conf->bss[i]->iface, bss->iface);
1017 return -1;
1018 }
1019 }
1020 }
1021
1022 #ifdef CONFIG_IEEE80211R_AP
1023 if (full_config && wpa_key_mgmt_ft(bss->wpa_key_mgmt) &&
1024 (bss->nas_identifier == NULL ||
1025 os_strlen(bss->nas_identifier) < 1 ||
1026 os_strlen(bss->nas_identifier) > FT_R0KH_ID_MAX_LEN)) {
1027 wpa_printf(MSG_ERROR, "FT (IEEE 802.11r) requires "
1028 "nas_identifier to be configured as a 1..48 octet "
1029 "string");
1030 return -1;
1031 }
1032 #endif /* CONFIG_IEEE80211R_AP */
1033
1034 #ifdef CONFIG_IEEE80211N
1035 if (full_config && conf->ieee80211n &&
1036 conf->hw_mode == HOSTAPD_MODE_IEEE80211B) {
1037 bss->disable_11n = 1;
1038 wpa_printf(MSG_ERROR, "HT (IEEE 802.11n) in 11b mode is not "
1039 "allowed, disabling HT capabilities");
1040 }
1041
1042 if (full_config && conf->ieee80211n &&
1043 bss->ssid.security_policy == SECURITY_STATIC_WEP) {
1044 bss->disable_11n = 1;
1045 wpa_printf(MSG_ERROR, "HT (IEEE 802.11n) with WEP is not "
1046 "allowed, disabling HT capabilities");
1047 }
1048
1049 if (full_config && conf->ieee80211n && bss->wpa &&
1050 !(bss->wpa_pairwise & WPA_CIPHER_CCMP) &&
1051 !(bss->rsn_pairwise & (WPA_CIPHER_CCMP | WPA_CIPHER_GCMP |
1052 WPA_CIPHER_CCMP_256 | WPA_CIPHER_GCMP_256)))
1053 {
1054 bss->disable_11n = 1;
1055 wpa_printf(MSG_ERROR, "HT (IEEE 802.11n) with WPA/WPA2 "
1056 "requires CCMP/GCMP to be enabled, disabling HT "
1057 "capabilities");
1058 }
1059 #endif /* CONFIG_IEEE80211N */
1060
1061 #ifdef CONFIG_IEEE80211AC
1062 if (full_config && conf->ieee80211ac &&
1063 bss->ssid.security_policy == SECURITY_STATIC_WEP) {
1064 bss->disable_11ac = 1;
1065 wpa_printf(MSG_ERROR,
1066 "VHT (IEEE 802.11ac) with WEP is not allowed, disabling VHT capabilities");
1067 }
1068
1069 if (full_config && conf->ieee80211ac && bss->wpa &&
1070 !(bss->wpa_pairwise & WPA_CIPHER_CCMP) &&
1071 !(bss->rsn_pairwise & (WPA_CIPHER_CCMP | WPA_CIPHER_GCMP |
1072 WPA_CIPHER_CCMP_256 | WPA_CIPHER_GCMP_256)))
1073 {
1074 bss->disable_11ac = 1;
1075 wpa_printf(MSG_ERROR,
1076 "VHT (IEEE 802.11ac) with WPA/WPA2 requires CCMP/GCMP to be enabled, disabling VHT capabilities");
1077 }
1078 #endif /* CONFIG_IEEE80211AC */
1079
1080 #ifdef CONFIG_WPS
1081 if (full_config && bss->wps_state && bss->ignore_broadcast_ssid) {
1082 wpa_printf(MSG_INFO, "WPS: ignore_broadcast_ssid "
1083 "configuration forced WPS to be disabled");
1084 bss->wps_state = 0;
1085 }
1086
1087 if (full_config && bss->wps_state &&
1088 bss->ssid.wep.keys_set && bss->wpa == 0) {
1089 wpa_printf(MSG_INFO, "WPS: WEP configuration forced WPS to be "
1090 "disabled");
1091 bss->wps_state = 0;
1092 }
1093
1094 if (full_config && bss->wps_state && bss->wpa &&
1095 (!(bss->wpa & 2) ||
1096 !(bss->rsn_pairwise & (WPA_CIPHER_CCMP | WPA_CIPHER_GCMP |
1097 WPA_CIPHER_CCMP_256 |
1098 WPA_CIPHER_GCMP_256)))) {
1099 wpa_printf(MSG_INFO, "WPS: WPA/TKIP configuration without "
1100 "WPA2/CCMP/GCMP forced WPS to be disabled");
1101 bss->wps_state = 0;
1102 }
1103 #endif /* CONFIG_WPS */
1104
1105 #ifdef CONFIG_HS20
1106 if (full_config && bss->hs20 &&
1107 (!(bss->wpa & 2) ||
1108 !(bss->rsn_pairwise & (WPA_CIPHER_CCMP | WPA_CIPHER_GCMP |
1109 WPA_CIPHER_CCMP_256 |
1110 WPA_CIPHER_GCMP_256)))) {
1111 wpa_printf(MSG_ERROR, "HS 2.0: WPA2-Enterprise/CCMP "
1112 "configuration is required for Hotspot 2.0 "
1113 "functionality");
1114 return -1;
1115 }
1116 #endif /* CONFIG_HS20 */
1117
1118 #ifdef CONFIG_MBO
1119 if (full_config && bss->mbo_enabled && (bss->wpa & 2) &&
1120 bss->ieee80211w == NO_MGMT_FRAME_PROTECTION) {
1121 wpa_printf(MSG_ERROR,
1122 "MBO: PMF needs to be enabled whenever using WPA2 with MBO");
1123 return -1;
1124 }
1125 #endif /* CONFIG_MBO */
1126
1127 #ifdef CONFIG_OCV
1128 if (full_config && bss->ieee80211w == NO_MGMT_FRAME_PROTECTION &&
1129 bss->ocv) {
1130 wpa_printf(MSG_ERROR,
1131 "OCV: PMF needs to be enabled whenever using OCV");
1132 return -1;
1133 }
1134 #endif /* CONFIG_OCV */
1135
1136 return 0;
1137 }
1138
1139
1140 static int hostapd_config_check_cw(struct hostapd_config *conf, int queue)
1141 {
1142 int tx_cwmin = conf->tx_queue[queue].cwmin;
1143 int tx_cwmax = conf->tx_queue[queue].cwmax;
1144 int ac_cwmin = conf->wmm_ac_params[queue].cwmin;
1145 int ac_cwmax = conf->wmm_ac_params[queue].cwmax;
1146
1147 if (tx_cwmin > tx_cwmax) {
1148 wpa_printf(MSG_ERROR,
1149 "Invalid TX queue cwMin/cwMax values. cwMin(%d) greater than cwMax(%d)",
1150 tx_cwmin, tx_cwmax);
1151 return -1;
1152 }
1153 if (ac_cwmin > ac_cwmax) {
1154 wpa_printf(MSG_ERROR,
1155 "Invalid WMM AC cwMin/cwMax values. cwMin(%d) greater than cwMax(%d)",
1156 ac_cwmin, ac_cwmax);
1157 return -1;
1158 }
1159 return 0;
1160 }
1161
1162
1163 int hostapd_config_check(struct hostapd_config *conf, int full_config)
1164 {
1165 size_t i;
1166
1167 if (full_config && conf->ieee80211d &&
1168 (!conf->country[0] || !conf->country[1])) {
1169 wpa_printf(MSG_ERROR, "Cannot enable IEEE 802.11d without "
1170 "setting the country_code");
1171 return -1;
1172 }
1173
1174 if (full_config && conf->ieee80211h && !conf->ieee80211d) {
1175 wpa_printf(MSG_ERROR, "Cannot enable IEEE 802.11h without "
1176 "IEEE 802.11d enabled");
1177 return -1;
1178 }
1179
1180 if (full_config && conf->local_pwr_constraint != -1 &&
1181 !conf->ieee80211d) {
1182 wpa_printf(MSG_ERROR, "Cannot add Power Constraint element without Country element");
1183 return -1;
1184 }
1185
1186 if (full_config && conf->spectrum_mgmt_required &&
1187 conf->local_pwr_constraint == -1) {
1188 wpa_printf(MSG_ERROR, "Cannot set Spectrum Management bit without Country and Power Constraint elements");
1189 return -1;
1190 }
1191
1192 #ifdef CONFIG_AIRTIME_POLICY
1193 if (full_config && conf->airtime_mode > AIRTIME_MODE_STATIC &&
1194 !conf->airtime_update_interval) {
1195 wpa_printf(MSG_ERROR, "Airtime update interval cannot be zero");
1196 return -1;
1197 }
1198 #endif /* CONFIG_AIRTIME_POLICY */
1199 for (i = 0; i < NUM_TX_QUEUES; i++) {
1200 if (hostapd_config_check_cw(conf, i))
1201 return -1;
1202 }
1203
1204 for (i = 0; i < conf->num_bss; i++) {
1205 if (hostapd_config_check_bss(conf->bss[i], conf, full_config))
1206 return -1;
1207 }
1208
1209 return 0;
1210 }
1211
1212
1213 void hostapd_set_security_params(struct hostapd_bss_config *bss,
1214 int full_config)
1215 {
1216 if (bss->individual_wep_key_len == 0) {
1217 /* individual keys are not use; can use key idx0 for
1218 * broadcast keys */
1219 bss->broadcast_key_idx_min = 0;
1220 }
1221
1222 if ((bss->wpa & 2) && bss->rsn_pairwise == 0)
1223 bss->rsn_pairwise = bss->wpa_pairwise;
1224 if (bss->group_cipher)
1225 bss->wpa_group = bss->group_cipher;
1226 else
1227 bss->wpa_group = wpa_select_ap_group_cipher(bss->wpa,
1228 bss->wpa_pairwise,
1229 bss->rsn_pairwise);
1230 if (!bss->wpa_group_rekey_set)
1231 bss->wpa_group_rekey = bss->wpa_group == WPA_CIPHER_TKIP ?
1232 600 : 86400;
1233
1234 if (full_config) {
1235 bss->radius->auth_server = bss->radius->auth_servers;
1236 bss->radius->acct_server = bss->radius->acct_servers;
1237 }
1238
1239 if (bss->wpa && bss->ieee802_1x) {
1240 bss->ssid.security_policy = SECURITY_WPA;
1241 } else if (bss->wpa) {
1242 bss->ssid.security_policy = SECURITY_WPA_PSK;
1243 } else if (bss->ieee802_1x) {
1244 int cipher = WPA_CIPHER_NONE;
1245 bss->ssid.security_policy = SECURITY_IEEE_802_1X;
1246 bss->ssid.wep.default_len = bss->default_wep_key_len;
1247 if (full_config && bss->default_wep_key_len) {
1248 cipher = bss->default_wep_key_len >= 13 ?
1249 WPA_CIPHER_WEP104 : WPA_CIPHER_WEP40;
1250 } else if (full_config && bss->ssid.wep.keys_set) {
1251 if (bss->ssid.wep.len[0] >= 13)
1252 cipher = WPA_CIPHER_WEP104;
1253 else
1254 cipher = WPA_CIPHER_WEP40;
1255 }
1256 bss->wpa_group = cipher;
1257 bss->wpa_pairwise = cipher;
1258 bss->rsn_pairwise = cipher;
1259 if (full_config)
1260 bss->wpa_key_mgmt = WPA_KEY_MGMT_IEEE8021X_NO_WPA;
1261 } else if (bss->ssid.wep.keys_set) {
1262 int cipher = WPA_CIPHER_WEP40;
1263 if (bss->ssid.wep.len[0] >= 13)
1264 cipher = WPA_CIPHER_WEP104;
1265 bss->ssid.security_policy = SECURITY_STATIC_WEP;
1266 bss->wpa_group = cipher;
1267 bss->wpa_pairwise = cipher;
1268 bss->rsn_pairwise = cipher;
1269 if (full_config)
1270 bss->wpa_key_mgmt = WPA_KEY_MGMT_NONE;
1271 } else if (bss->osen) {
1272 bss->ssid.security_policy = SECURITY_OSEN;
1273 bss->wpa_group = WPA_CIPHER_CCMP;
1274 bss->wpa_pairwise = 0;
1275 bss->rsn_pairwise = WPA_CIPHER_CCMP;
1276 } else {
1277 bss->ssid.security_policy = SECURITY_PLAINTEXT;
1278 if (full_config) {
1279 bss->wpa_group = WPA_CIPHER_NONE;
1280 bss->wpa_pairwise = WPA_CIPHER_NONE;
1281 bss->rsn_pairwise = WPA_CIPHER_NONE;
1282 bss->wpa_key_mgmt = WPA_KEY_MGMT_NONE;
1283 }
1284 }
1285 }
1286
1287
1288 int hostapd_sae_pw_id_in_use(struct hostapd_bss_config *conf)
1289 {
1290 int with_id = 0, without_id = 0;
1291 struct sae_password_entry *pw;
1292
1293 if (conf->ssid.wpa_passphrase)
1294 without_id = 1;
1295
1296 for (pw = conf->sae_passwords; pw; pw = pw->next) {
1297 if (pw->identifier)
1298 with_id = 1;
1299 else
1300 without_id = 1;
1301 if (with_id && without_id)
1302 break;
1303 }
1304
1305 if (with_id && !without_id)
1306 return 2;
1307 return with_id;
1308 }
Unnamed repository; edit this file 'description' to name the repository.