aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorJouni Malinen <jouni@codeaurora.org>2018-06-21 21:12:07 (GMT)
committerJouni Malinen <j@w1.fi>2018-06-22 16:37:03 (GMT)
commit2122fc83aa2cc54b7e4b7b5a11d71ccff2cc3681 (patch)
treeb8be881ff18cdd886f670bf57c7215a64cb4bc1f
parented83029c2914bbffea3b6a83095dc3337c8ea08c (diff)
downloadhostap-2122fc83aa2cc54b7e4b7b5a11d71ccff2cc3681.zip
hostap-2122fc83aa2cc54b7e4b7b5a11d71ccff2cc3681.tar.gz
hostap-2122fc83aa2cc54b7e4b7b5a11d71ccff2cc3681.tar.bz2
RADIUS server: Add current_sessions SQLite table
This can be used to track active sessions, e.g., for the purpose of issuing RADIUS DAS commands (Disconnect-Request or CoA-Request). Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
-rw-r--r--hostapd/hostapd.eap_user_sqlite10
-rw-r--r--src/radius/radius_server.c33
2 files changed, 43 insertions, 0 deletions
diff --git a/hostapd/hostapd.eap_user_sqlite b/hostapd/hostapd.eap_user_sqlite
index fdae4e0..411b9ea 100644
--- a/hostapd/hostapd.eap_user_sqlite
+++ b/hostapd/hostapd.eap_user_sqlite
@@ -30,3 +30,13 @@ CREATE TABLE pending_tc(
mac_addr TEXT PRIMARY KEY,
identity TEXT
);
+
+CREATE TABLE current_sessions(
+ mac_addr TEXT PRIMARY KEY,
+ identity TEXT,
+ start_time TEXT,
+ nas TEXT,
+ hs20_t_c_filtering BOOLEAN,
+ waiting_coa_ack BOOLEAN,
+ coa_ack_received BOOLEAN
+);
diff --git a/src/radius/radius_server.c b/src/radius/radius_server.c
index 27e2050..fdd3609 100644
--- a/src/radius/radius_server.c
+++ b/src/radius/radius_server.c
@@ -780,6 +780,36 @@ static void radius_srv_hs20_t_c_pending(struct radius_session *sess)
#endif /* CONFIG_HS20 */
+static void radius_server_add_session(struct radius_session *sess)
+{
+#ifdef CONFIG_SQLITE
+ char *sql;
+ char addr_txt[ETH_ALEN * 3];
+ struct os_time now;
+
+ if (!sess->server->db)
+ return;
+
+
+ os_snprintf(addr_txt, sizeof(addr_txt), MACSTR,
+ MAC2STR(sess->mac_addr));
+
+ os_get_time(&now);
+ sql = sqlite3_mprintf("INSERT OR REPLACE INTO current_sessions(mac_addr,identity,start_time,nas,hs20_t_c_filtering) VALUES (%Q,%Q,%d,%Q,%u)",
+ addr_txt, sess->username, now.sec,
+ sess->nas_ip, sess->t_c_filtering);
+ if (sql) {
+ if (sqlite3_exec(sess->server->db, sql, NULL, NULL,
+ NULL) != SQLITE_OK) {
+ RADIUS_ERROR("Failed to add current_sessions entry into sqlite database: %s",
+ sqlite3_errmsg(sess->server->db));
+ }
+ sqlite3_free(sql);
+ }
+#endif /* CONFIG_SQLITE */
+}
+
+
static struct radius_msg *
radius_server_encapsulate_eap(struct radius_server_data *data,
struct radius_client *client,
@@ -974,6 +1004,9 @@ radius_server_encapsulate_eap(struct radius_server_data *data,
RADIUS_DEBUG("Failed to add Message-Authenticator attribute");
}
+ if (code == RADIUS_CODE_ACCESS_ACCEPT)
+ radius_server_add_session(sess);
+
return msg;
}