Dmitry Shmidt | 8d520ff | 2011-05-09 14:06:53 -0700 | [diff] [blame] | 1 | /* |
| 2 | * hostapd / RADIUS Accounting |
Dmitry Shmidt | d80a401 | 2015-11-05 16:35:40 -0800 | [diff] [blame] | 3 | * Copyright (c) 2002-2009, 2012-2015, Jouni Malinen <j@w1.fi> |
Dmitry Shmidt | 8d520ff | 2011-05-09 14:06:53 -0700 | [diff] [blame] | 4 | * |
Dmitry Shmidt | c5ec7f5 | 2012-03-06 16:33:24 -0800 | [diff] [blame] | 5 | * This software may be distributed under the terms of the BSD license. |
| 6 | * See README for more details. |
Dmitry Shmidt | 8d520ff | 2011-05-09 14:06:53 -0700 | [diff] [blame] | 7 | */ |
| 8 | |
| 9 | #include "utils/includes.h" |
| 10 | |
| 11 | #include "utils/common.h" |
| 12 | #include "utils/eloop.h" |
Dmitry Shmidt | fb45fd5 | 2015-01-05 13:08:17 -0800 | [diff] [blame] | 13 | #include "eapol_auth/eapol_auth_sm.h" |
| 14 | #include "eapol_auth/eapol_auth_sm_i.h" |
Dmitry Shmidt | 8d520ff | 2011-05-09 14:06:53 -0700 | [diff] [blame] | 15 | #include "radius/radius.h" |
| 16 | #include "radius/radius_client.h" |
| 17 | #include "hostapd.h" |
| 18 | #include "ieee802_1x.h" |
| 19 | #include "ap_config.h" |
| 20 | #include "sta_info.h" |
| 21 | #include "ap_drv_ops.h" |
| 22 | #include "accounting.h" |
| 23 | |
| 24 | |
| 25 | /* Default interval in seconds for polling TX/RX octets from the driver if |
| 26 | * STA is not using interim accounting. This detects wrap arounds for |
| 27 | * input/output octets and updates Acct-{Input,Output}-Gigawords. */ |
| 28 | #define ACCT_DEFAULT_UPDATE_INTERVAL 300 |
| 29 | |
Dmitry Shmidt | 61d9df3 | 2012-08-29 16:22:06 -0700 | [diff] [blame] | 30 | static void accounting_sta_interim(struct hostapd_data *hapd, |
| 31 | struct sta_info *sta); |
Dmitry Shmidt | 8d520ff | 2011-05-09 14:06:53 -0700 | [diff] [blame] | 32 | |
| 33 | |
| 34 | static struct radius_msg * accounting_msg(struct hostapd_data *hapd, |
| 35 | struct sta_info *sta, |
| 36 | int status_type) |
| 37 | { |
| 38 | struct radius_msg *msg; |
| 39 | char buf[128]; |
| 40 | u8 *val; |
| 41 | size_t len; |
| 42 | int i; |
Dmitry Shmidt | 0494959 | 2012-07-19 12:16:46 -0700 | [diff] [blame] | 43 | struct wpabuf *b; |
Dmitry Shmidt | b97e428 | 2016-02-08 10:16:07 -0800 | [diff] [blame^] | 44 | struct os_time now; |
Dmitry Shmidt | 8d520ff | 2011-05-09 14:06:53 -0700 | [diff] [blame] | 45 | |
| 46 | msg = radius_msg_new(RADIUS_CODE_ACCOUNTING_REQUEST, |
| 47 | radius_client_get_id(hapd->radius)); |
| 48 | if (msg == NULL) { |
Dmitry Shmidt | cce0666 | 2013-11-04 18:44:24 -0800 | [diff] [blame] | 49 | wpa_printf(MSG_INFO, "Could not create new RADIUS packet"); |
Dmitry Shmidt | 8d520ff | 2011-05-09 14:06:53 -0700 | [diff] [blame] | 50 | return NULL; |
| 51 | } |
| 52 | |
Dmitry Shmidt | b97e428 | 2016-02-08 10:16:07 -0800 | [diff] [blame^] | 53 | if (radius_msg_make_authenticator(msg) < 0) { |
| 54 | wpa_printf(MSG_INFO, "Could not make Request Authenticator"); |
| 55 | goto fail; |
Dmitry Shmidt | 8d520ff | 2011-05-09 14:06:53 -0700 | [diff] [blame] | 56 | } |
| 57 | |
| 58 | if (!radius_msg_add_attr_int32(msg, RADIUS_ATTR_ACCT_STATUS_TYPE, |
| 59 | status_type)) { |
Dmitry Shmidt | cce0666 | 2013-11-04 18:44:24 -0800 | [diff] [blame] | 60 | wpa_printf(MSG_INFO, "Could not add Acct-Status-Type"); |
Dmitry Shmidt | 8d520ff | 2011-05-09 14:06:53 -0700 | [diff] [blame] | 61 | goto fail; |
| 62 | } |
| 63 | |
Dmitry Shmidt | 8d520ff | 2011-05-09 14:06:53 -0700 | [diff] [blame] | 64 | if (sta) { |
Dmitry Shmidt | b97e428 | 2016-02-08 10:16:07 -0800 | [diff] [blame^] | 65 | if (!hostapd_config_get_radius_attr( |
| 66 | hapd->conf->radius_acct_req_attr, |
| 67 | RADIUS_ATTR_ACCT_AUTHENTIC) && |
| 68 | !radius_msg_add_attr_int32(msg, RADIUS_ATTR_ACCT_AUTHENTIC, |
| 69 | hapd->conf->ieee802_1x ? |
| 70 | RADIUS_ACCT_AUTHENTIC_RADIUS : |
| 71 | RADIUS_ACCT_AUTHENTIC_LOCAL)) { |
| 72 | wpa_printf(MSG_INFO, "Could not add Acct-Authentic"); |
| 73 | goto fail; |
| 74 | } |
| 75 | |
Dmitry Shmidt | 61d9df3 | 2012-08-29 16:22:06 -0700 | [diff] [blame] | 76 | /* Use 802.1X identity if available */ |
Dmitry Shmidt | 8d520ff | 2011-05-09 14:06:53 -0700 | [diff] [blame] | 77 | val = ieee802_1x_get_identity(sta->eapol_sm, &len); |
Dmitry Shmidt | 61d9df3 | 2012-08-29 16:22:06 -0700 | [diff] [blame] | 78 | |
| 79 | /* Use RADIUS ACL identity if 802.1X provides no identity */ |
| 80 | if (!val && sta->identity) { |
| 81 | val = (u8 *) sta->identity; |
| 82 | len = os_strlen(sta->identity); |
| 83 | } |
| 84 | |
| 85 | /* Use STA MAC if neither 802.1X nor RADIUS ACL provided |
| 86 | * identity */ |
Dmitry Shmidt | 8d520ff | 2011-05-09 14:06:53 -0700 | [diff] [blame] | 87 | if (!val) { |
| 88 | os_snprintf(buf, sizeof(buf), RADIUS_ADDR_FORMAT, |
| 89 | MAC2STR(sta->addr)); |
| 90 | val = (u8 *) buf; |
| 91 | len = os_strlen(buf); |
| 92 | } |
| 93 | |
| 94 | if (!radius_msg_add_attr(msg, RADIUS_ATTR_USER_NAME, val, |
| 95 | len)) { |
Dmitry Shmidt | cce0666 | 2013-11-04 18:44:24 -0800 | [diff] [blame] | 96 | wpa_printf(MSG_INFO, "Could not add User-Name"); |
Dmitry Shmidt | 8d520ff | 2011-05-09 14:06:53 -0700 | [diff] [blame] | 97 | goto fail; |
| 98 | } |
| 99 | } |
| 100 | |
Dmitry Shmidt | 61d9df3 | 2012-08-29 16:22:06 -0700 | [diff] [blame] | 101 | if (add_common_radius_attr(hapd, hapd->conf->radius_acct_req_attr, sta, |
| 102 | msg) < 0) |
Dmitry Shmidt | 8d520ff | 2011-05-09 14:06:53 -0700 | [diff] [blame] | 103 | goto fail; |
Dmitry Shmidt | 8d520ff | 2011-05-09 14:06:53 -0700 | [diff] [blame] | 104 | |
| 105 | if (sta) { |
Dmitry Shmidt | 8d520ff | 2011-05-09 14:06:53 -0700 | [diff] [blame] | 106 | for (i = 0; ; i++) { |
| 107 | val = ieee802_1x_get_radius_class(sta->eapol_sm, &len, |
| 108 | i); |
| 109 | if (val == NULL) |
| 110 | break; |
| 111 | |
| 112 | if (!radius_msg_add_attr(msg, RADIUS_ATTR_CLASS, |
| 113 | val, len)) { |
Dmitry Shmidt | cce0666 | 2013-11-04 18:44:24 -0800 | [diff] [blame] | 114 | wpa_printf(MSG_INFO, "Could not add Class"); |
Dmitry Shmidt | 8d520ff | 2011-05-09 14:06:53 -0700 | [diff] [blame] | 115 | goto fail; |
| 116 | } |
| 117 | } |
Dmitry Shmidt | 0494959 | 2012-07-19 12:16:46 -0700 | [diff] [blame] | 118 | |
| 119 | b = ieee802_1x_get_radius_cui(sta->eapol_sm); |
| 120 | if (b && |
| 121 | !radius_msg_add_attr(msg, |
| 122 | RADIUS_ATTR_CHARGEABLE_USER_IDENTITY, |
| 123 | wpabuf_head(b), wpabuf_len(b))) { |
| 124 | wpa_printf(MSG_ERROR, "Could not add CUI"); |
| 125 | goto fail; |
| 126 | } |
Dmitry Shmidt | 0494959 | 2012-07-19 12:16:46 -0700 | [diff] [blame] | 127 | |
Dmitry Shmidt | 61d9df3 | 2012-08-29 16:22:06 -0700 | [diff] [blame] | 128 | if (!b && sta->radius_cui && |
| 129 | !radius_msg_add_attr(msg, |
| 130 | RADIUS_ATTR_CHARGEABLE_USER_IDENTITY, |
| 131 | (u8 *) sta->radius_cui, |
| 132 | os_strlen(sta->radius_cui))) { |
| 133 | wpa_printf(MSG_ERROR, "Could not add CUI from ACL"); |
Dmitry Shmidt | 0494959 | 2012-07-19 12:16:46 -0700 | [diff] [blame] | 134 | goto fail; |
| 135 | } |
Dmitry Shmidt | d80a401 | 2015-11-05 16:35:40 -0800 | [diff] [blame] | 136 | |
| 137 | if (sta->ipaddr && |
| 138 | !radius_msg_add_attr_int32(msg, |
| 139 | RADIUS_ATTR_FRAMED_IP_ADDRESS, |
| 140 | be_to_host32(sta->ipaddr))) { |
| 141 | wpa_printf(MSG_ERROR, |
| 142 | "Could not add Framed-IP-Address"); |
| 143 | goto fail; |
| 144 | } |
Dmitry Shmidt | 8d520ff | 2011-05-09 14:06:53 -0700 | [diff] [blame] | 145 | } |
| 146 | |
Dmitry Shmidt | b97e428 | 2016-02-08 10:16:07 -0800 | [diff] [blame^] | 147 | os_get_time(&now); |
| 148 | if (now.sec > 1000000000 && |
| 149 | !radius_msg_add_attr_int32(msg, RADIUS_ATTR_EVENT_TIMESTAMP, |
| 150 | now.sec)) { |
| 151 | wpa_printf(MSG_INFO, "Could not add Event-Timestamp"); |
| 152 | goto fail; |
| 153 | } |
| 154 | |
Dmitry Shmidt | 8d520ff | 2011-05-09 14:06:53 -0700 | [diff] [blame] | 155 | return msg; |
| 156 | |
| 157 | fail: |
| 158 | radius_msg_free(msg); |
| 159 | return NULL; |
| 160 | } |
| 161 | |
| 162 | |
| 163 | static int accounting_sta_update_stats(struct hostapd_data *hapd, |
| 164 | struct sta_info *sta, |
| 165 | struct hostap_sta_driver_data *data) |
| 166 | { |
| 167 | if (hostapd_drv_read_sta_data(hapd, data, sta->addr)) |
| 168 | return -1; |
| 169 | |
| 170 | if (sta->last_rx_bytes > data->rx_bytes) |
| 171 | sta->acct_input_gigawords++; |
| 172 | if (sta->last_tx_bytes > data->tx_bytes) |
| 173 | sta->acct_output_gigawords++; |
| 174 | sta->last_rx_bytes = data->rx_bytes; |
| 175 | sta->last_tx_bytes = data->tx_bytes; |
| 176 | |
| 177 | hostapd_logger(hapd, sta->addr, HOSTAPD_MODULE_RADIUS, |
| 178 | HOSTAPD_LEVEL_DEBUG, "updated TX/RX stats: " |
| 179 | "Acct-Input-Octets=%lu Acct-Input-Gigawords=%u " |
| 180 | "Acct-Output-Octets=%lu Acct-Output-Gigawords=%u", |
| 181 | sta->last_rx_bytes, sta->acct_input_gigawords, |
| 182 | sta->last_tx_bytes, sta->acct_output_gigawords); |
| 183 | |
| 184 | return 0; |
| 185 | } |
| 186 | |
| 187 | |
| 188 | static void accounting_interim_update(void *eloop_ctx, void *timeout_ctx) |
| 189 | { |
| 190 | struct hostapd_data *hapd = eloop_ctx; |
| 191 | struct sta_info *sta = timeout_ctx; |
| 192 | int interval; |
| 193 | |
| 194 | if (sta->acct_interim_interval) { |
| 195 | accounting_sta_interim(hapd, sta); |
| 196 | interval = sta->acct_interim_interval; |
| 197 | } else { |
| 198 | struct hostap_sta_driver_data data; |
| 199 | accounting_sta_update_stats(hapd, sta, &data); |
| 200 | interval = ACCT_DEFAULT_UPDATE_INTERVAL; |
| 201 | } |
| 202 | |
| 203 | eloop_register_timeout(interval, 0, accounting_interim_update, |
| 204 | hapd, sta); |
| 205 | } |
| 206 | |
| 207 | |
| 208 | /** |
| 209 | * accounting_sta_start - Start STA accounting |
| 210 | * @hapd: hostapd BSS data |
| 211 | * @sta: The station |
| 212 | */ |
| 213 | void accounting_sta_start(struct hostapd_data *hapd, struct sta_info *sta) |
| 214 | { |
| 215 | struct radius_msg *msg; |
| 216 | int interval; |
| 217 | |
| 218 | if (sta->acct_session_started) |
| 219 | return; |
| 220 | |
Dmitry Shmidt | 8d520ff | 2011-05-09 14:06:53 -0700 | [diff] [blame] | 221 | hostapd_logger(hapd, sta->addr, HOSTAPD_MODULE_RADIUS, |
| 222 | HOSTAPD_LEVEL_INFO, |
Dmitry Shmidt | b97e428 | 2016-02-08 10:16:07 -0800 | [diff] [blame^] | 223 | "starting accounting session %016lX", |
| 224 | (long unsigned int) sta->acct_session_id); |
Dmitry Shmidt | 8d520ff | 2011-05-09 14:06:53 -0700 | [diff] [blame] | 225 | |
Dmitry Shmidt | fb79edc | 2014-01-10 10:45:54 -0800 | [diff] [blame] | 226 | os_get_reltime(&sta->acct_session_start); |
Dmitry Shmidt | 8d520ff | 2011-05-09 14:06:53 -0700 | [diff] [blame] | 227 | sta->last_rx_bytes = sta->last_tx_bytes = 0; |
| 228 | sta->acct_input_gigawords = sta->acct_output_gigawords = 0; |
| 229 | hostapd_drv_sta_clear_stats(hapd, sta->addr); |
| 230 | |
| 231 | if (!hapd->conf->radius->acct_server) |
| 232 | return; |
| 233 | |
| 234 | if (sta->acct_interim_interval) |
| 235 | interval = sta->acct_interim_interval; |
| 236 | else |
| 237 | interval = ACCT_DEFAULT_UPDATE_INTERVAL; |
| 238 | eloop_register_timeout(interval, 0, accounting_interim_update, |
| 239 | hapd, sta); |
| 240 | |
| 241 | msg = accounting_msg(hapd, sta, RADIUS_ACCT_STATUS_TYPE_START); |
Dmitry Shmidt | 0494959 | 2012-07-19 12:16:46 -0700 | [diff] [blame] | 242 | if (msg && |
| 243 | radius_client_send(hapd->radius, msg, RADIUS_ACCT, sta->addr) < 0) |
| 244 | radius_msg_free(msg); |
Dmitry Shmidt | 8d520ff | 2011-05-09 14:06:53 -0700 | [diff] [blame] | 245 | |
| 246 | sta->acct_session_started = 1; |
| 247 | } |
| 248 | |
| 249 | |
| 250 | static void accounting_sta_report(struct hostapd_data *hapd, |
| 251 | struct sta_info *sta, int stop) |
| 252 | { |
| 253 | struct radius_msg *msg; |
| 254 | int cause = sta->acct_terminate_cause; |
| 255 | struct hostap_sta_driver_data data; |
Dmitry Shmidt | fb79edc | 2014-01-10 10:45:54 -0800 | [diff] [blame] | 256 | struct os_reltime now_r, diff; |
Dmitry Shmidt | 8d520ff | 2011-05-09 14:06:53 -0700 | [diff] [blame] | 257 | u32 gigawords; |
| 258 | |
| 259 | if (!hapd->conf->radius->acct_server) |
| 260 | return; |
| 261 | |
| 262 | msg = accounting_msg(hapd, sta, |
| 263 | stop ? RADIUS_ACCT_STATUS_TYPE_STOP : |
| 264 | RADIUS_ACCT_STATUS_TYPE_INTERIM_UPDATE); |
| 265 | if (!msg) { |
Dmitry Shmidt | cce0666 | 2013-11-04 18:44:24 -0800 | [diff] [blame] | 266 | wpa_printf(MSG_INFO, "Could not create RADIUS Accounting message"); |
Dmitry Shmidt | 8d520ff | 2011-05-09 14:06:53 -0700 | [diff] [blame] | 267 | return; |
| 268 | } |
| 269 | |
Dmitry Shmidt | fb79edc | 2014-01-10 10:45:54 -0800 | [diff] [blame] | 270 | os_get_reltime(&now_r); |
Dmitry Shmidt | fb79edc | 2014-01-10 10:45:54 -0800 | [diff] [blame] | 271 | os_reltime_sub(&now_r, &sta->acct_session_start, &diff); |
Dmitry Shmidt | 8d520ff | 2011-05-09 14:06:53 -0700 | [diff] [blame] | 272 | if (!radius_msg_add_attr_int32(msg, RADIUS_ATTR_ACCT_SESSION_TIME, |
Dmitry Shmidt | fb79edc | 2014-01-10 10:45:54 -0800 | [diff] [blame] | 273 | diff.sec)) { |
Dmitry Shmidt | cce0666 | 2013-11-04 18:44:24 -0800 | [diff] [blame] | 274 | wpa_printf(MSG_INFO, "Could not add Acct-Session-Time"); |
Dmitry Shmidt | 8d520ff | 2011-05-09 14:06:53 -0700 | [diff] [blame] | 275 | goto fail; |
| 276 | } |
| 277 | |
| 278 | if (accounting_sta_update_stats(hapd, sta, &data) == 0) { |
| 279 | if (!radius_msg_add_attr_int32(msg, |
| 280 | RADIUS_ATTR_ACCT_INPUT_PACKETS, |
| 281 | data.rx_packets)) { |
Dmitry Shmidt | cce0666 | 2013-11-04 18:44:24 -0800 | [diff] [blame] | 282 | wpa_printf(MSG_INFO, "Could not add Acct-Input-Packets"); |
Dmitry Shmidt | 8d520ff | 2011-05-09 14:06:53 -0700 | [diff] [blame] | 283 | goto fail; |
| 284 | } |
| 285 | if (!radius_msg_add_attr_int32(msg, |
| 286 | RADIUS_ATTR_ACCT_OUTPUT_PACKETS, |
| 287 | data.tx_packets)) { |
Dmitry Shmidt | cce0666 | 2013-11-04 18:44:24 -0800 | [diff] [blame] | 288 | wpa_printf(MSG_INFO, "Could not add Acct-Output-Packets"); |
Dmitry Shmidt | 8d520ff | 2011-05-09 14:06:53 -0700 | [diff] [blame] | 289 | goto fail; |
| 290 | } |
| 291 | if (!radius_msg_add_attr_int32(msg, |
| 292 | RADIUS_ATTR_ACCT_INPUT_OCTETS, |
| 293 | data.rx_bytes)) { |
Dmitry Shmidt | cce0666 | 2013-11-04 18:44:24 -0800 | [diff] [blame] | 294 | wpa_printf(MSG_INFO, "Could not add Acct-Input-Octets"); |
Dmitry Shmidt | 8d520ff | 2011-05-09 14:06:53 -0700 | [diff] [blame] | 295 | goto fail; |
| 296 | } |
| 297 | gigawords = sta->acct_input_gigawords; |
| 298 | #if __WORDSIZE == 64 |
| 299 | gigawords += data.rx_bytes >> 32; |
| 300 | #endif |
| 301 | if (gigawords && |
| 302 | !radius_msg_add_attr_int32( |
| 303 | msg, RADIUS_ATTR_ACCT_INPUT_GIGAWORDS, |
| 304 | gigawords)) { |
Dmitry Shmidt | cce0666 | 2013-11-04 18:44:24 -0800 | [diff] [blame] | 305 | wpa_printf(MSG_INFO, "Could not add Acct-Input-Gigawords"); |
Dmitry Shmidt | 8d520ff | 2011-05-09 14:06:53 -0700 | [diff] [blame] | 306 | goto fail; |
| 307 | } |
| 308 | if (!radius_msg_add_attr_int32(msg, |
| 309 | RADIUS_ATTR_ACCT_OUTPUT_OCTETS, |
| 310 | data.tx_bytes)) { |
Dmitry Shmidt | cce0666 | 2013-11-04 18:44:24 -0800 | [diff] [blame] | 311 | wpa_printf(MSG_INFO, "Could not add Acct-Output-Octets"); |
Dmitry Shmidt | 8d520ff | 2011-05-09 14:06:53 -0700 | [diff] [blame] | 312 | goto fail; |
| 313 | } |
| 314 | gigawords = sta->acct_output_gigawords; |
| 315 | #if __WORDSIZE == 64 |
| 316 | gigawords += data.tx_bytes >> 32; |
| 317 | #endif |
| 318 | if (gigawords && |
| 319 | !radius_msg_add_attr_int32( |
| 320 | msg, RADIUS_ATTR_ACCT_OUTPUT_GIGAWORDS, |
| 321 | gigawords)) { |
Dmitry Shmidt | cce0666 | 2013-11-04 18:44:24 -0800 | [diff] [blame] | 322 | wpa_printf(MSG_INFO, "Could not add Acct-Output-Gigawords"); |
Dmitry Shmidt | 8d520ff | 2011-05-09 14:06:53 -0700 | [diff] [blame] | 323 | goto fail; |
| 324 | } |
| 325 | } |
| 326 | |
Dmitry Shmidt | 8d520ff | 2011-05-09 14:06:53 -0700 | [diff] [blame] | 327 | if (eloop_terminated()) |
| 328 | cause = RADIUS_ACCT_TERMINATE_CAUSE_ADMIN_REBOOT; |
| 329 | |
| 330 | if (stop && cause && |
| 331 | !radius_msg_add_attr_int32(msg, RADIUS_ATTR_ACCT_TERMINATE_CAUSE, |
| 332 | cause)) { |
Dmitry Shmidt | cce0666 | 2013-11-04 18:44:24 -0800 | [diff] [blame] | 333 | wpa_printf(MSG_INFO, "Could not add Acct-Terminate-Cause"); |
Dmitry Shmidt | 8d520ff | 2011-05-09 14:06:53 -0700 | [diff] [blame] | 334 | goto fail; |
| 335 | } |
| 336 | |
Dmitry Shmidt | 0494959 | 2012-07-19 12:16:46 -0700 | [diff] [blame] | 337 | if (radius_client_send(hapd->radius, msg, |
| 338 | stop ? RADIUS_ACCT : RADIUS_ACCT_INTERIM, |
| 339 | sta->addr) < 0) |
| 340 | goto fail; |
Dmitry Shmidt | 8d520ff | 2011-05-09 14:06:53 -0700 | [diff] [blame] | 341 | return; |
| 342 | |
| 343 | fail: |
| 344 | radius_msg_free(msg); |
| 345 | } |
| 346 | |
| 347 | |
| 348 | /** |
| 349 | * accounting_sta_interim - Send a interim STA accounting report |
| 350 | * @hapd: hostapd BSS data |
| 351 | * @sta: The station |
| 352 | */ |
Dmitry Shmidt | 61d9df3 | 2012-08-29 16:22:06 -0700 | [diff] [blame] | 353 | static void accounting_sta_interim(struct hostapd_data *hapd, |
| 354 | struct sta_info *sta) |
Dmitry Shmidt | 8d520ff | 2011-05-09 14:06:53 -0700 | [diff] [blame] | 355 | { |
| 356 | if (sta->acct_session_started) |
| 357 | accounting_sta_report(hapd, sta, 0); |
| 358 | } |
| 359 | |
| 360 | |
| 361 | /** |
| 362 | * accounting_sta_stop - Stop STA accounting |
| 363 | * @hapd: hostapd BSS data |
| 364 | * @sta: The station |
| 365 | */ |
| 366 | void accounting_sta_stop(struct hostapd_data *hapd, struct sta_info *sta) |
| 367 | { |
| 368 | if (sta->acct_session_started) { |
| 369 | accounting_sta_report(hapd, sta, 1); |
| 370 | eloop_cancel_timeout(accounting_interim_update, hapd, sta); |
| 371 | hostapd_logger(hapd, sta->addr, HOSTAPD_MODULE_RADIUS, |
| 372 | HOSTAPD_LEVEL_INFO, |
Dmitry Shmidt | b97e428 | 2016-02-08 10:16:07 -0800 | [diff] [blame^] | 373 | "stopped accounting session %016lX", |
| 374 | (long unsigned int) sta->acct_session_id); |
Dmitry Shmidt | 8d520ff | 2011-05-09 14:06:53 -0700 | [diff] [blame] | 375 | sta->acct_session_started = 0; |
| 376 | } |
| 377 | } |
| 378 | |
| 379 | |
Dmitry Shmidt | b97e428 | 2016-02-08 10:16:07 -0800 | [diff] [blame^] | 380 | int accounting_sta_get_id(struct hostapd_data *hapd, struct sta_info *sta) |
Dmitry Shmidt | 8d520ff | 2011-05-09 14:06:53 -0700 | [diff] [blame] | 381 | { |
Dmitry Shmidt | b97e428 | 2016-02-08 10:16:07 -0800 | [diff] [blame^] | 382 | return radius_gen_session_id((u8 *) &sta->acct_session_id, |
| 383 | sizeof(sta->acct_session_id)); |
Dmitry Shmidt | 8d520ff | 2011-05-09 14:06:53 -0700 | [diff] [blame] | 384 | } |
| 385 | |
| 386 | |
| 387 | /** |
| 388 | * accounting_receive - Process the RADIUS frames from Accounting Server |
| 389 | * @msg: RADIUS response message |
| 390 | * @req: RADIUS request message |
| 391 | * @shared_secret: RADIUS shared secret |
| 392 | * @shared_secret_len: Length of shared_secret in octets |
| 393 | * @data: Context data (struct hostapd_data *) |
| 394 | * Returns: Processing status |
| 395 | */ |
| 396 | static RadiusRxResult |
| 397 | accounting_receive(struct radius_msg *msg, struct radius_msg *req, |
| 398 | const u8 *shared_secret, size_t shared_secret_len, |
| 399 | void *data) |
| 400 | { |
| 401 | if (radius_msg_get_hdr(msg)->code != RADIUS_CODE_ACCOUNTING_RESPONSE) { |
Dmitry Shmidt | cce0666 | 2013-11-04 18:44:24 -0800 | [diff] [blame] | 402 | wpa_printf(MSG_INFO, "Unknown RADIUS message code"); |
Dmitry Shmidt | 8d520ff | 2011-05-09 14:06:53 -0700 | [diff] [blame] | 403 | return RADIUS_RX_UNKNOWN; |
| 404 | } |
| 405 | |
| 406 | if (radius_msg_verify(msg, shared_secret, shared_secret_len, req, 0)) { |
Dmitry Shmidt | cce0666 | 2013-11-04 18:44:24 -0800 | [diff] [blame] | 407 | wpa_printf(MSG_INFO, "Incoming RADIUS packet did not have correct Authenticator - dropped"); |
Dmitry Shmidt | 8d520ff | 2011-05-09 14:06:53 -0700 | [diff] [blame] | 408 | return RADIUS_RX_INVALID_AUTHENTICATOR; |
| 409 | } |
| 410 | |
| 411 | return RADIUS_RX_PROCESSED; |
| 412 | } |
| 413 | |
| 414 | |
| 415 | static void accounting_report_state(struct hostapd_data *hapd, int on) |
| 416 | { |
| 417 | struct radius_msg *msg; |
| 418 | |
| 419 | if (!hapd->conf->radius->acct_server || hapd->radius == NULL) |
| 420 | return; |
| 421 | |
| 422 | /* Inform RADIUS server that accounting will start/stop so that the |
| 423 | * server can close old accounting sessions. */ |
| 424 | msg = accounting_msg(hapd, NULL, |
| 425 | on ? RADIUS_ACCT_STATUS_TYPE_ACCOUNTING_ON : |
| 426 | RADIUS_ACCT_STATUS_TYPE_ACCOUNTING_OFF); |
| 427 | if (!msg) |
| 428 | return; |
| 429 | |
Dmitry Shmidt | b97e428 | 2016-02-08 10:16:07 -0800 | [diff] [blame^] | 430 | if (hapd->acct_session_id) { |
| 431 | char buf[20]; |
| 432 | |
| 433 | os_snprintf(buf, sizeof(buf), "%016lX", |
| 434 | (long unsigned int) hapd->acct_session_id); |
| 435 | if (!radius_msg_add_attr(msg, RADIUS_ATTR_ACCT_SESSION_ID, |
| 436 | (u8 *) buf, os_strlen(buf))) |
| 437 | wpa_printf(MSG_ERROR, "Could not add Acct-Session-Id"); |
Dmitry Shmidt | 8d520ff | 2011-05-09 14:06:53 -0700 | [diff] [blame] | 438 | } |
| 439 | |
Dmitry Shmidt | 0494959 | 2012-07-19 12:16:46 -0700 | [diff] [blame] | 440 | if (radius_client_send(hapd->radius, msg, RADIUS_ACCT, NULL) < 0) |
| 441 | radius_msg_free(msg); |
Dmitry Shmidt | 8d520ff | 2011-05-09 14:06:53 -0700 | [diff] [blame] | 442 | } |
| 443 | |
| 444 | |
| 445 | /** |
| 446 | * accounting_init: Initialize accounting |
| 447 | * @hapd: hostapd BSS data |
| 448 | * Returns: 0 on success, -1 on failure |
| 449 | */ |
| 450 | int accounting_init(struct hostapd_data *hapd) |
| 451 | { |
Dmitry Shmidt | b97e428 | 2016-02-08 10:16:07 -0800 | [diff] [blame^] | 452 | if (radius_gen_session_id((u8 *) &hapd->acct_session_id, |
| 453 | sizeof(hapd->acct_session_id)) < 0) |
| 454 | return -1; |
Dmitry Shmidt | 8d520ff | 2011-05-09 14:06:53 -0700 | [diff] [blame] | 455 | |
| 456 | if (radius_client_register(hapd->radius, RADIUS_ACCT, |
| 457 | accounting_receive, hapd)) |
| 458 | return -1; |
| 459 | |
| 460 | accounting_report_state(hapd, 1); |
| 461 | |
| 462 | return 0; |
| 463 | } |
| 464 | |
| 465 | |
| 466 | /** |
Dmitry Shmidt | 7a53dbb | 2015-06-11 13:13:53 -0700 | [diff] [blame] | 467 | * accounting_deinit: Deinitialize accounting |
Dmitry Shmidt | 8d520ff | 2011-05-09 14:06:53 -0700 | [diff] [blame] | 468 | * @hapd: hostapd BSS data |
| 469 | */ |
| 470 | void accounting_deinit(struct hostapd_data *hapd) |
| 471 | { |
| 472 | accounting_report_state(hapd, 0); |
| 473 | } |