RADIUS server: Add current_sessions SQLite table

This can be used to track active sessions, e.g., for the purpose of
issuing RADIUS DAS commands (Disconnect-Request or CoA-Request).

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
This commit is contained in:
Jouni Malinen 2018-06-22 00:12:07 +03:00 committed by Jouni Malinen
parent ed83029c29
commit 2122fc83aa
2 changed files with 43 additions and 0 deletions

View File

@ -30,3 +30,13 @@ CREATE TABLE pending_tc(
mac_addr TEXT PRIMARY KEY, mac_addr TEXT PRIMARY KEY,
identity TEXT identity TEXT
); );
CREATE TABLE current_sessions(
mac_addr TEXT PRIMARY KEY,
identity TEXT,
start_time TEXT,
nas TEXT,
hs20_t_c_filtering BOOLEAN,
waiting_coa_ack BOOLEAN,
coa_ack_received BOOLEAN
);

View File

@ -780,6 +780,36 @@ static void radius_srv_hs20_t_c_pending(struct radius_session *sess)
#endif /* CONFIG_HS20 */ #endif /* CONFIG_HS20 */
static void radius_server_add_session(struct radius_session *sess)
{
#ifdef CONFIG_SQLITE
char *sql;
char addr_txt[ETH_ALEN * 3];
struct os_time now;
if (!sess->server->db)
return;
os_snprintf(addr_txt, sizeof(addr_txt), MACSTR,
MAC2STR(sess->mac_addr));
os_get_time(&now);
sql = sqlite3_mprintf("INSERT OR REPLACE INTO current_sessions(mac_addr,identity,start_time,nas,hs20_t_c_filtering) VALUES (%Q,%Q,%d,%Q,%u)",
addr_txt, sess->username, now.sec,
sess->nas_ip, sess->t_c_filtering);
if (sql) {
if (sqlite3_exec(sess->server->db, sql, NULL, NULL,
NULL) != SQLITE_OK) {
RADIUS_ERROR("Failed to add current_sessions entry into sqlite database: %s",
sqlite3_errmsg(sess->server->db));
}
sqlite3_free(sql);
}
#endif /* CONFIG_SQLITE */
}
static struct radius_msg * static struct radius_msg *
radius_server_encapsulate_eap(struct radius_server_data *data, radius_server_encapsulate_eap(struct radius_server_data *data,
struct radius_client *client, struct radius_client *client,
@ -974,6 +1004,9 @@ radius_server_encapsulate_eap(struct radius_server_data *data,
RADIUS_DEBUG("Failed to add Message-Authenticator attribute"); RADIUS_DEBUG("Failed to add Message-Authenticator attribute");
} }
if (code == RADIUS_CODE_ACCESS_ACCEPT)
radius_server_add_session(sess);
return msg; return msg;
} }