[thirdparty/hostap.git] / hostapd / accounting.c

/*
 * hostapd / RADIUS Accounting
 * Copyright (c) 2002-2008, Jouni Malinen <j@w1.fi>
 *
 * This program is free software; you can redistribute it and/or modify
 * it under the terms of the GNU General Public License version 2 as
 * published by the Free Software Foundation.
 *
 * Alternatively, this software may be distributed under the terms of BSD
 * license.
 *
 * See README and COPYING for more details.
 */

#include "includes.h"

#include "hostapd.h"
#include "radius/radius.h"
#include "radius/radius_client.h"
#include "eloop.h"
#include "accounting.h"
#include "ieee802_1x.h"
#include "driver.h"


/* Default interval in seconds for polling TX/RX octets from the driver if
 * STA is not using interim accounting. This detects wrap arounds for
 * input/output octets and updates Acct-{Input,Output}-Gigawords. */
#define ACCT_DEFAULT_UPDATE_INTERVAL 300

static void accounting_sta_get_id(struct hostapd_data *hapd,
				  struct sta_info *sta);


static struct radius_msg * accounting_msg(struct hostapd_data *hapd,
					  struct sta_info *sta,
					  int status_type)
{
	struct radius_msg *msg;
	char buf[128];
	u8 *val;
	size_t len;
	int i;

	msg = radius_msg_new(RADIUS_CODE_ACCOUNTING_REQUEST,
			     radius_client_get_id(hapd->radius));
	if (msg == NULL) {
		printf("Could not create net RADIUS packet\n");
		return NULL;
	}

	if (sta) {
		radius_msg_make_authenticator(msg, (u8 *) sta, sizeof(*sta));

		os_snprintf(buf, sizeof(buf), "%08X-%08X",
			    sta->acct_session_id_hi, sta->acct_session_id_lo);
		if (!radius_msg_add_attr(msg, RADIUS_ATTR_ACCT_SESSION_ID,
					 (u8 *) buf, os_strlen(buf))) {
			printf("Could not add Acct-Session-Id\n");
			goto fail;
		}
	} else {
		radius_msg_make_authenticator(msg, (u8 *) hapd, sizeof(*hapd));
	}

	if (!radius_msg_add_attr_int32(msg, RADIUS_ATTR_ACCT_STATUS_TYPE,
				       status_type)) {
		printf("Could not add Acct-Status-Type\n");
		goto fail;
	}

	if (!radius_msg_add_attr_int32(msg, RADIUS_ATTR_ACCT_AUTHENTIC,
				       hapd->conf->ieee802_1x ?
				       RADIUS_ACCT_AUTHENTIC_RADIUS :
				       RADIUS_ACCT_AUTHENTIC_LOCAL)) {
		printf("Could not add Acct-Authentic\n");
		goto fail;
	}

	if (sta) {
		val = ieee802_1x_get_identity(sta->eapol_sm, &len);
		if (!val) {
			os_snprintf(buf, sizeof(buf), RADIUS_ADDR_FORMAT,
				    MAC2STR(sta->addr));
			val = (u8 *) buf;
			len = os_strlen(buf);
		}

		if (!radius_msg_add_attr(msg, RADIUS_ATTR_USER_NAME, val,
					 len)) {
			printf("Could not add User-Name\n");
			goto fail;
		}
	}

	if (hapd->conf->own_ip_addr.af == AF_INET &&
	    !radius_msg_add_attr(msg, RADIUS_ATTR_NAS_IP_ADDRESS,
				 (u8 *) &hapd->conf->own_ip_addr.u.v4, 4)) {
		printf("Could not add NAS-IP-Address\n");
		goto fail;
	}

#ifdef CONFIG_IPV6
	if (hapd->conf->own_ip_addr.af == AF_INET6 &&
	    !radius_msg_add_attr(msg, RADIUS_ATTR_NAS_IPV6_ADDRESS,
				 (u8 *) &hapd->conf->own_ip_addr.u.v6, 16)) {
		printf("Could not add NAS-IPv6-Address\n");
		goto fail;
	}
#endif /* CONFIG_IPV6 */

	if (hapd->conf->nas_identifier &&
	    !radius_msg_add_attr(msg, RADIUS_ATTR_NAS_IDENTIFIER,
				 (u8 *) hapd->conf->nas_identifier,
				 os_strlen(hapd->conf->nas_identifier))) {
		printf("Could not add NAS-Identifier\n");
		goto fail;
	}

	if (sta &&
	    !radius_msg_add_attr_int32(msg, RADIUS_ATTR_NAS_PORT, sta->aid)) {
		printf("Could not add NAS-Port\n");
		goto fail;
	}

	os_snprintf(buf, sizeof(buf), RADIUS_802_1X_ADDR_FORMAT ":%s",
		    MAC2STR(hapd->own_addr), hapd->conf->ssid.ssid);
	if (!radius_msg_add_attr(msg, RADIUS_ATTR_CALLED_STATION_ID,
				 (u8 *) buf, os_strlen(buf))) {
		printf("Could not add Called-Station-Id\n");
		goto fail;
	}

	if (sta) {
		os_snprintf(buf, sizeof(buf), RADIUS_802_1X_ADDR_FORMAT,
			    MAC2STR(sta->addr));
		if (!radius_msg_add_attr(msg, RADIUS_ATTR_CALLING_STATION_ID,
					 (u8 *) buf, os_strlen(buf))) {
			printf("Could not add Calling-Station-Id\n");
			goto fail;
		}

		if (!radius_msg_add_attr_int32(
			    msg, RADIUS_ATTR_NAS_PORT_TYPE,
			    RADIUS_NAS_PORT_TYPE_IEEE_802_11)) {
			printf("Could not add NAS-Port-Type\n");
			goto fail;
		}

		os_snprintf(buf, sizeof(buf), "CONNECT %d%sMbps %s",
			    radius_sta_rate(hapd, sta) / 2,
			    (radius_sta_rate(hapd, sta) & 1) ? ".5" : "",
			    radius_mode_txt(hapd));
		if (!radius_msg_add_attr(msg, RADIUS_ATTR_CONNECT_INFO,
					 (u8 *) buf, os_strlen(buf))) {
			printf("Could not add Connect-Info\n");
			goto fail;
		}

		for (i = 0; ; i++) {
			val = ieee802_1x_get_radius_class(sta->eapol_sm, &len,
							  i);
			if (val == NULL)
				break;

			if (!radius_msg_add_attr(msg, RADIUS_ATTR_CLASS,
						 val, len)) {
				printf("Could not add Class\n");
				goto fail;
			}
		}
	}

	return msg;

 fail:
	radius_msg_free(msg);
	os_free(msg);
	return NULL;
}


static int accounting_sta_update_stats(struct hostapd_data *hapd,
				       struct sta_info *sta,
				       struct hostap_sta_driver_data *data)
{
	if (hostapd_read_sta_data(hapd, data, sta->addr))
		return -1;

	if (sta->last_rx_bytes > data->rx_bytes)
		sta->acct_input_gigawords++;
	if (sta->last_tx_bytes > data->tx_bytes)
		sta->acct_output_gigawords++;
	sta->last_rx_bytes = data->rx_bytes;
	sta->last_tx_bytes = data->tx_bytes;

	hostapd_logger(hapd, sta->addr, HOSTAPD_MODULE_RADIUS,
		       HOSTAPD_LEVEL_DEBUG, "updated TX/RX stats: "
		       "Acct-Input-Octets=%lu Acct-Input-Gigawords=%u "
		       "Acct-Output-Octets=%lu Acct-Output-Gigawords=%u",
		       sta->last_rx_bytes, sta->acct_input_gigawords,
		       sta->last_tx_bytes, sta->acct_output_gigawords);

	return 0;
}


static void accounting_interim_update(void *eloop_ctx, void *timeout_ctx)
{
	struct hostapd_data *hapd = eloop_ctx;
	struct sta_info *sta = timeout_ctx;
	int interval;

	if (sta->acct_interim_interval) {
		accounting_sta_interim(hapd, sta);
		interval = sta->acct_interim_interval;
	} else {
		struct hostap_sta_driver_data data;
		accounting_sta_update_stats(hapd, sta, &data);
		interval = ACCT_DEFAULT_UPDATE_INTERVAL;
	}

	eloop_register_timeout(interval, 0, accounting_interim_update,
			       hapd, sta);
}


void accounting_sta_start(struct hostapd_data *hapd, struct sta_info *sta)
{
	struct radius_msg *msg;
	int interval;

	if (sta->acct_session_started)
		return;

	accounting_sta_get_id(hapd, sta);
	hostapd_logger(hapd, sta->addr, HOSTAPD_MODULE_RADIUS,
		       HOSTAPD_LEVEL_INFO,
		       "starting accounting session %08X-%08X",
		       sta->acct_session_id_hi, sta->acct_session_id_lo);

	time(&sta->acct_session_start);
	sta->last_rx_bytes = sta->last_tx_bytes = 0;
	sta->acct_input_gigawords = sta->acct_output_gigawords = 0;
	hostapd_sta_clear_stats(hapd, sta->addr);

	if (!hapd->conf->radius->acct_server)
		return;

	if (sta->acct_interim_interval)
		interval = sta->acct_interim_interval;
	else
		interval = ACCT_DEFAULT_UPDATE_INTERVAL;
	eloop_register_timeout(interval, 0, accounting_interim_update,
			       hapd, sta);

	msg = accounting_msg(hapd, sta, RADIUS_ACCT_STATUS_TYPE_START);
	if (msg)
		radius_client_send(hapd->radius, msg, RADIUS_ACCT, sta->addr);

	sta->acct_session_started = 1;
}


static void accounting_sta_report(struct hostapd_data *hapd,
				  struct sta_info *sta, int stop)
{
	struct radius_msg *msg;
	int cause = sta->acct_terminate_cause;
	struct hostap_sta_driver_data data;
	u32 gigawords;

	if (!hapd->conf->radius->acct_server)
		return;

	msg = accounting_msg(hapd, sta,
			     stop ? RADIUS_ACCT_STATUS_TYPE_STOP :
			     RADIUS_ACCT_STATUS_TYPE_INTERIM_UPDATE);
	if (!msg) {
		printf("Could not create RADIUS Accounting message\n");
		return;
	}

	if (!radius_msg_add_attr_int32(msg, RADIUS_ATTR_ACCT_SESSION_TIME,
				       time(NULL) - sta->acct_session_start)) {
		printf("Could not add Acct-Session-Time\n");
		goto fail;
	}

	if (accounting_sta_update_stats(hapd, sta, &data) == 0) {
		if (!radius_msg_add_attr_int32(msg,
					       RADIUS_ATTR_ACCT_INPUT_PACKETS,
					       data.rx_packets)) {
			printf("Could not add Acct-Input-Packets\n");
			goto fail;
		}
		if (!radius_msg_add_attr_int32(msg,
					       RADIUS_ATTR_ACCT_OUTPUT_PACKETS,
					       data.tx_packets)) {
			printf("Could not add Acct-Output-Packets\n");
			goto fail;
		}
		if (!radius_msg_add_attr_int32(msg,
					       RADIUS_ATTR_ACCT_INPUT_OCTETS,
					       data.rx_bytes)) {
			printf("Could not add Acct-Input-Octets\n");
			goto fail;
		}
		gigawords = sta->acct_input_gigawords;
#if __WORDSIZE == 64
		gigawords += data.rx_bytes >> 32;
#endif
		if (gigawords &&
		    !radius_msg_add_attr_int32(
			    msg, RADIUS_ATTR_ACCT_INPUT_GIGAWORDS,
			    gigawords)) {
			printf("Could not add Acct-Input-Gigawords\n");
			goto fail;
		}
		if (!radius_msg_add_attr_int32(msg,
					       RADIUS_ATTR_ACCT_OUTPUT_OCTETS,
					       data.tx_bytes)) {
			printf("Could not add Acct-Output-Octets\n");
			goto fail;
		}
		gigawords = sta->acct_output_gigawords;
#if __WORDSIZE == 64
		gigawords += data.tx_bytes >> 32;
#endif
		if (gigawords &&
		    !radius_msg_add_attr_int32(
			    msg, RADIUS_ATTR_ACCT_OUTPUT_GIGAWORDS,
			    gigawords)) {
			printf("Could not add Acct-Output-Gigawords\n");
			goto fail;
		}
	}

	if (!radius_msg_add_attr_int32(msg, RADIUS_ATTR_EVENT_TIMESTAMP,
				       time(NULL))) {
		printf("Could not add Event-Timestamp\n");
		goto fail;
	}

	if (eloop_terminated())
		cause = RADIUS_ACCT_TERMINATE_CAUSE_ADMIN_REBOOT;

	if (stop && cause &&
	    !radius_msg_add_attr_int32(msg, RADIUS_ATTR_ACCT_TERMINATE_CAUSE,
				       cause)) {
		printf("Could not add Acct-Terminate-Cause\n");
		goto fail;
	}

	radius_client_send(hapd->radius, msg,
			   stop ? RADIUS_ACCT : RADIUS_ACCT_INTERIM,
			   sta->addr);
	return;

 fail:
	radius_msg_free(msg);
	os_free(msg);
}


void accounting_sta_interim(struct hostapd_data *hapd, struct sta_info *sta)
{
	if (sta->acct_session_started)
		accounting_sta_report(hapd, sta, 0);
}


void accounting_sta_stop(struct hostapd_data *hapd, struct sta_info *sta)
{
	if (sta->acct_session_started) {
		accounting_sta_report(hapd, sta, 1);
		eloop_cancel_timeout(accounting_interim_update, hapd, sta);
		hostapd_logger(hapd, sta->addr, HOSTAPD_MODULE_RADIUS,
			       HOSTAPD_LEVEL_INFO,
			       "stopped accounting session %08X-%08X",
			       sta->acct_session_id_hi,
			       sta->acct_session_id_lo);
		sta->acct_session_started = 0;
	}
}


static void accounting_sta_get_id(struct hostapd_data *hapd,
				  struct sta_info *sta)
{
	sta->acct_session_id_lo = hapd->acct_session_id_lo++;
	if (hapd->acct_session_id_lo == 0) {
		hapd->acct_session_id_hi++;
	}
	sta->acct_session_id_hi = hapd->acct_session_id_hi;
}


/* Process the RADIUS frames from Accounting Server */
static RadiusRxResult
accounting_receive(struct radius_msg *msg, struct radius_msg *req,
		   u8 *shared_secret, size_t shared_secret_len, void *data)
{
	if (msg->hdr->code != RADIUS_CODE_ACCOUNTING_RESPONSE) {
		printf("Unknown RADIUS message code\n");
		return RADIUS_RX_UNKNOWN;
	}

	if (radius_msg_verify(msg, shared_secret, shared_secret_len, req, 0)) {
		printf("Incoming RADIUS packet did not have correct "
		       "Authenticator - dropped\n");
		return RADIUS_RX_INVALID_AUTHENTICATOR;
	}

	return RADIUS_RX_PROCESSED;
}


static void accounting_report_state(struct hostapd_data *hapd, int on)
{
	struct radius_msg *msg;

	if (!hapd->conf->radius->acct_server || hapd->radius == NULL)
		return;

	/* Inform RADIUS server that accounting will start/stop so that the
	 * server can close old accounting sessions. */
	msg = accounting_msg(hapd, NULL,
			     on ? RADIUS_ACCT_STATUS_TYPE_ACCOUNTING_ON :
			     RADIUS_ACCT_STATUS_TYPE_ACCOUNTING_OFF);
	if (!msg)
		return;

	if (!radius_msg_add_attr_int32(msg, RADIUS_ATTR_ACCT_TERMINATE_CAUSE,
				       RADIUS_ACCT_TERMINATE_CAUSE_NAS_REBOOT))
	{
		printf("Could not add Acct-Terminate-Cause\n");
		radius_msg_free(msg);
		os_free(msg);
		return;
	}

	radius_client_send(hapd->radius, msg, RADIUS_ACCT, NULL);
}


int accounting_init(struct hostapd_data *hapd)
{
	/* Acct-Session-Id should be unique over reboots. If reliable clock is
	 * not available, this could be replaced with reboot counter, etc. */
	hapd->acct_session_id_hi = time(NULL);

	if (radius_client_register(hapd->radius, RADIUS_ACCT,
				   accounting_receive, hapd))
		return -1;

	accounting_report_state(hapd, 1);

	return 0;
}


void accounting_deinit(struct hostapd_data *hapd)
{
	accounting_report_state(hapd, 0);
}


int accounting_reconfig(struct hostapd_data *hapd,
			struct hostapd_config *oldconf)
{
	if (!hapd->radius_client_reconfigured)
		return 0;

	accounting_deinit(hapd);
	return accounting_init(hapd);
}
Commit	Line	Data
6fc6879b JM	1	/*
6fc6879b JM	2	* hostapd / RADIUS Accounting
2fc98d02	3	* Copyright (c) 2002-2008, Jouni Malinen <j@w1.fi>
6fc6879b JM	4	*
	5	* This program is free software; you can redistribute it and/or modify
	6	* it under the terms of the GNU General Public License version 2 as
	7	* published by the Free Software Foundation.
	8	*
	9	* Alternatively, this software may be distributed under the terms of BSD
	10	* license.
	11	*
	12	* See README and COPYING for more details.
	13	*/
	14
	15	#include "includes.h"
	16
	17	#include "hostapd.h"
	18	#include "radius/radius.h"
	19	#include "radius/radius_client.h"
	20	#include "eloop.h"
	21	#include "accounting.h"
	22	#include "ieee802_1x.h"
	23	#include "driver.h"
	24
	25
	26	/* Default interval in seconds for polling TX/RX octets from the driver if
	27	* STA is not using interim accounting. This detects wrap arounds for
	28	* input/output octets and updates Acct-{Input,Output}-Gigawords. */
	29	#define ACCT_DEFAULT_UPDATE_INTERVAL 300
	30
2fc98d02 JM	31	static void accounting_sta_get_id(struct hostapd_data *hapd,
	32	struct sta_info *sta);
	33
6fc6879b JM	34
	35	static struct radius_msg * accounting_msg(struct hostapd_data *hapd,
	36	struct sta_info *sta,
	37	int status_type)
	38	{
	39	struct radius_msg *msg;
	40	char buf[128];
	41	u8 *val;
	42	size_t len;
	43	int i;
	44
	45	msg = radius_msg_new(RADIUS_CODE_ACCOUNTING_REQUEST,
	46	radius_client_get_id(hapd->radius));
	47	if (msg == NULL) {
	48	printf("Could not create net RADIUS packet\n");
	49	return NULL;
	50	}
	51
	52	if (sta) {
	53	radius_msg_make_authenticator(msg, (u8 ) sta, sizeof(sta));
	54
	55	os_snprintf(buf, sizeof(buf), "%08X-%08X",
	56	sta->acct_session_id_hi, sta->acct_session_id_lo);
	57	if (!radius_msg_add_attr(msg, RADIUS_ATTR_ACCT_SESSION_ID,
	58	(u8 *) buf, os_strlen(buf))) {
	59	printf("Could not add Acct-Session-Id\n");
	60	goto fail;
	61	}
	62	} else {
	63	radius_msg_make_authenticator(msg, (u8 ) hapd, sizeof(hapd));
	64	}
	65
	66	if (!radius_msg_add_attr_int32(msg, RADIUS_ATTR_ACCT_STATUS_TYPE,
	67	status_type)) {
	68	printf("Could not add Acct-Status-Type\n");
	69	goto fail;
	70	}
	71
	72	if (!radius_msg_add_attr_int32(msg, RADIUS_ATTR_ACCT_AUTHENTIC,
	73	hapd->conf->ieee802_1x ?
	74	RADIUS_ACCT_AUTHENTIC_RADIUS :
	75	RADIUS_ACCT_AUTHENTIC_LOCAL)) {
	76	printf("Could not add Acct-Authentic\n");
	77	goto fail;
	78	}
	79
	80	if (sta) {
	81	val = ieee802_1x_get_identity(sta->eapol_sm, &len);
	82	if (!val) {
	83	os_snprintf(buf, sizeof(buf), RADIUS_ADDR_FORMAT,
	84	MAC2STR(sta->addr));
	85	val = (u8 *) buf;
	86	len = os_strlen(buf);
	87	}
	88
	89	if (!radius_msg_add_attr(msg, RADIUS_ATTR_USER_NAME, val,
	90	len)) {
	91	printf("Could not add User-Name\n");
	92	goto fail;
	93	}
	94	}
	95
	96	if (hapd->conf->own_ip_addr.af == AF_INET &&
	97	!radius_msg_add_attr(msg, RADIUS_ATTR_NAS_IP_ADDRESS,
98	(u8 *) &hapd->conf->own_ip_addr.u.v4, 4)) {
99	printf("Could not add NAS-IP-Address\n");
100	goto fail;
101	}
102
103	#ifdef CONFIG_IPV6
104	if (hapd->conf->own_ip_addr.af == AF_INET6 &&
105	!radius_msg_add_attr(msg, RADIUS_ATTR_NAS_IPV6_ADDRESS,
106	(u8 *) &hapd->conf->own_ip_addr.u.v6, 16)) {
107	printf("Could not add NAS-IPv6-Address\n");
108	goto fail;
109	}
110	#endif /* CONFIG_IPV6 */
111
112	if (hapd->conf->nas_identifier &&
113	!radius_msg_add_attr(msg, RADIUS_ATTR_NAS_IDENTIFIER,
114	(u8 *) hapd->conf->nas_identifier,
115	os_strlen(hapd->conf->nas_identifier))) {
116	printf("Could not add NAS-Identifier\n");
117	goto fail;
118	}
119
120	if (sta &&
121	!radius_msg_add_attr_int32(msg, RADIUS_ATTR_NAS_PORT, sta->aid)) {
122	printf("Could not add NAS-Port\n");
123	goto fail;
124	}
125
126	os_snprintf(buf, sizeof(buf), RADIUS_802_1X_ADDR_FORMAT ":%s",
127	MAC2STR(hapd->own_addr), hapd->conf->ssid.ssid);
128	if (!radius_msg_add_attr(msg, RADIUS_ATTR_CALLED_STATION_ID,
129	(u8 *) buf, os_strlen(buf))) {
130	printf("Could not add Called-Station-Id\n");
131	goto fail;
132	}
133
134	if (sta) {
135	os_snprintf(buf, sizeof(buf), RADIUS_802_1X_ADDR_FORMAT,
136	MAC2STR(sta->addr));
137	if (!radius_msg_add_attr(msg, RADIUS_ATTR_CALLING_STATION_ID,
138	(u8 *) buf, os_strlen(buf))) {
139	printf("Could not add Calling-Station-Id\n");
140	goto fail;
141	}
142
143	if (!radius_msg_add_attr_int32(
144	msg, RADIUS_ATTR_NAS_PORT_TYPE,
145	RADIUS_NAS_PORT_TYPE_IEEE_802_11)) {
146	printf("Could not add NAS-Port-Type\n");
147	goto fail;
148	}
149
150	os_snprintf(buf, sizeof(buf), "CONNECT %d%sMbps %s",
151	radius_sta_rate(hapd, sta) / 2,
152	(radius_sta_rate(hapd, sta) & 1) ? ".5" : "",
153	radius_mode_txt(hapd));
154	if (!radius_msg_add_attr(msg, RADIUS_ATTR_CONNECT_INFO,
155	(u8 *) buf, os_strlen(buf))) {
156	printf("Could not add Connect-Info\n");
157	goto fail;
158	}
159
160	for (i = 0; ; i++) {
161	val = ieee802_1x_get_radius_class(sta->eapol_sm, &len,
162	i);
163	if (val == NULL)
164	break;
165
166	if (!radius_msg_add_attr(msg, RADIUS_ATTR_CLASS,
167	val, len)) {
168	printf("Could not add Class\n");
169	goto fail;
170	}
171	}
172	}
173
174	return msg;
175
176	fail:
177	radius_msg_free(msg);
178	os_free(msg);
179	return NULL;
180	}
181
182
183	static int accounting_sta_update_stats(struct hostapd_data *hapd,
184	struct sta_info *sta,
185	struct hostap_sta_driver_data *data)
186	{
187	if (hostapd_read_sta_data(hapd, data, sta->addr))
188	return -1;
189
190	if (sta->last_rx_bytes > data->rx_bytes)
191	sta->acct_input_gigawords++;
192	if (sta->last_tx_bytes > data->tx_bytes)
193	sta->acct_output_gigawords++;
194	sta->last_rx_bytes = data->rx_bytes;
195	sta->last_tx_bytes = data->tx_bytes;
196
197	hostapd_logger(hapd, sta->addr, HOSTAPD_MODULE_RADIUS,
198	HOSTAPD_LEVEL_DEBUG, "updated TX/RX stats: "
199	"Acct-Input-Octets=%lu Acct-Input-Gigawords=%u "
200	"Acct-Output-Octets=%lu Acct-Output-Gigawords=%u",
201	sta->last_rx_bytes, sta->acct_input_gigawords,
202	sta->last_tx_bytes, sta->acct_output_gigawords);
203
204	return 0;
205	}
206
207
208	static void accounting_interim_update(void eloop_ctx, void timeout_ctx)
209	{
210	struct hostapd_data *hapd = eloop_ctx;
211	struct sta_info *sta = timeout_ctx;
212	int interval;
213
214	if (sta->acct_interim_interval) {
215	accounting_sta_interim(hapd, sta);
216	interval = sta->acct_interim_interval;
217	} else {
218	struct hostap_sta_driver_data data;
219	accounting_sta_update_stats(hapd, sta, &data);
220	interval = ACCT_DEFAULT_UPDATE_INTERVAL;
221	}
222
223	eloop_register_timeout(interval, 0, accounting_interim_update,
224	hapd, sta);
225	}
226
227
228	void accounting_sta_start(struct hostapd_data hapd, struct sta_info sta)
229	{
230	struct radius_msg *msg;
231	int interval;
232
233	if (sta->acct_session_started)
234	return;
235
2fc98d02 JM	236	accounting_sta_get_id(hapd, sta);
	237	hostapd_logger(hapd, sta->addr, HOSTAPD_MODULE_RADIUS,
	238	HOSTAPD_LEVEL_INFO,
	239	"starting accounting session %08X-%08X",
	240	sta->acct_session_id_hi, sta->acct_session_id_lo);
	241
6fc6879b JM	242	time(&sta->acct_session_start);
	243	sta->last_rx_bytes = sta->last_tx_bytes = 0;
	244	sta->acct_input_gigawords = sta->acct_output_gigawords = 0;
	245	hostapd_sta_clear_stats(hapd, sta->addr);
	246
	247	if (!hapd->conf->radius->acct_server)
	248	return;
	249
	250	if (sta->acct_interim_interval)
	251	interval = sta->acct_interim_interval;
	252	else
	253	interval = ACCT_DEFAULT_UPDATE_INTERVAL;
	254	eloop_register_timeout(interval, 0, accounting_interim_update,
	255	hapd, sta);
	256
	257	msg = accounting_msg(hapd, sta, RADIUS_ACCT_STATUS_TYPE_START);
	258	if (msg)
	259	radius_client_send(hapd->radius, msg, RADIUS_ACCT, sta->addr);
	260
	261	sta->acct_session_started = 1;
	262	}
	263
	264
7e5ba1b9 JM	265	static void accounting_sta_report(struct hostapd_data *hapd,
7e5ba1b9 JM	266	struct sta_info *sta, int stop)
6fc6879b JM	267	{
	268	struct radius_msg *msg;
	269	int cause = sta->acct_terminate_cause;
	270	struct hostap_sta_driver_data data;
	271	u32 gigawords;
	272
	273	if (!hapd->conf->radius->acct_server)
	274	return;
	275
	276	msg = accounting_msg(hapd, sta,
	277	stop ? RADIUS_ACCT_STATUS_TYPE_STOP :
	278	RADIUS_ACCT_STATUS_TYPE_INTERIM_UPDATE);
	279	if (!msg) {
	280	printf("Could not create RADIUS Accounting message\n");
	281	return;
	282	}
	283
	284	if (!radius_msg_add_attr_int32(msg, RADIUS_ATTR_ACCT_SESSION_TIME,
	285	time(NULL) - sta->acct_session_start)) {
	286	printf("Could not add Acct-Session-Time\n");
	287	goto fail;
	288	}
	289
	290	if (accounting_sta_update_stats(hapd, sta, &data) == 0) {
	291	if (!radius_msg_add_attr_int32(msg,
	292	RADIUS_ATTR_ACCT_INPUT_PACKETS,
	293	data.rx_packets)) {
	294	printf("Could not add Acct-Input-Packets\n");
	295	goto fail;
	296	}
	297	if (!radius_msg_add_attr_int32(msg,
	298	RADIUS_ATTR_ACCT_OUTPUT_PACKETS,
	299	data.tx_packets)) {
	300	printf("Could not add Acct-Output-Packets\n");
	301	goto fail;
	302	}
	303	if (!radius_msg_add_attr_int32(msg,
	304	RADIUS_ATTR_ACCT_INPUT_OCTETS,
	305	data.rx_bytes)) {
	306	printf("Could not add Acct-Input-Octets\n");
	307	goto fail;
	308	}
	309	gigawords = sta->acct_input_gigawords;
	310	#if __WORDSIZE == 64
	311	gigawords += data.rx_bytes >> 32;
	312	#endif
	313	if (gigawords &&
	314	!radius_msg_add_attr_int32(
	315	msg, RADIUS_ATTR_ACCT_INPUT_GIGAWORDS,
	316	gigawords)) {
	317	printf("Could not add Acct-Input-Gigawords\n");
	318	goto fail;
	319	}
	320	if (!radius_msg_add_attr_int32(msg,
	321	RADIUS_ATTR_ACCT_OUTPUT_OCTETS,
	322	data.tx_bytes)) {
	323	printf("Could not add Acct-Output-Octets\n");
	324	goto fail;
	325	}
	326	gigawords = sta->acct_output_gigawords;
	327	#if __WORDSIZE == 64
	328	gigawords += data.tx_bytes >> 32;
	329	#endif
	330	if (gigawords &&
331	!radius_msg_add_attr_int32(
332	msg, RADIUS_ATTR_ACCT_OUTPUT_GIGAWORDS,
333	gigawords)) {
334	printf("Could not add Acct-Output-Gigawords\n");
335	goto fail;
336	}
337	}
338
339	if (!radius_msg_add_attr_int32(msg, RADIUS_ATTR_EVENT_TIMESTAMP,
340	time(NULL))) {
341	printf("Could not add Event-Timestamp\n");
342	goto fail;
343	}
344
345	if (eloop_terminated())
346	cause = RADIUS_ACCT_TERMINATE_CAUSE_ADMIN_REBOOT;
347
348	if (stop && cause &&
349	!radius_msg_add_attr_int32(msg, RADIUS_ATTR_ACCT_TERMINATE_CAUSE,
350	cause)) {
351	printf("Could not add Acct-Terminate-Cause\n");
352	goto fail;
353	}
354
355	radius_client_send(hapd->radius, msg,
356	stop ? RADIUS_ACCT : RADIUS_ACCT_INTERIM,
357	sta->addr);
358	return;
359
360	fail:
361	radius_msg_free(msg);
362	os_free(msg);
363	}
364
365
366	void accounting_sta_interim(struct hostapd_data hapd, struct sta_info sta)
367	{
368	if (sta->acct_session_started)
369	accounting_sta_report(hapd, sta, 0);
370	}
371
372
373	void accounting_sta_stop(struct hostapd_data hapd, struct sta_info sta)
374	{
375	if (sta->acct_session_started) {
376	accounting_sta_report(hapd, sta, 1);
377	eloop_cancel_timeout(accounting_interim_update, hapd, sta);
2fc98d02 JM	378	hostapd_logger(hapd, sta->addr, HOSTAPD_MODULE_RADIUS,
	379	HOSTAPD_LEVEL_INFO,
	380	"stopped accounting session %08X-%08X",
	381	sta->acct_session_id_hi,
	382	sta->acct_session_id_lo);
6fc6879b JM	383	sta->acct_session_started = 0;
	384	}
	385	}
	386
	387
2fc98d02 JM	388	static void accounting_sta_get_id(struct hostapd_data *hapd,
2fc98d02 JM	389	struct sta_info *sta)
6fc6879b JM	390	{
	391	sta->acct_session_id_lo = hapd->acct_session_id_lo++;
	392	if (hapd->acct_session_id_lo == 0) {
	393	hapd->acct_session_id_hi++;
	394	}
	395	sta->acct_session_id_hi = hapd->acct_session_id_hi;
	396	}
	397
	398
	399	/* Process the RADIUS frames from Accounting Server */
	400	static RadiusRxResult
	401	accounting_receive(struct radius_msg msg, struct radius_msg req,
	402	u8 shared_secret, size_t shared_secret_len, void data)
	403	{
	404	if (msg->hdr->code != RADIUS_CODE_ACCOUNTING_RESPONSE) {
	405	printf("Unknown RADIUS message code\n");
	406	return RADIUS_RX_UNKNOWN;
	407	}
	408
	409	if (radius_msg_verify(msg, shared_secret, shared_secret_len, req, 0)) {
	410	printf("Incoming RADIUS packet did not have correct "
	411	"Authenticator - dropped\n");
	412	return RADIUS_RX_INVALID_AUTHENTICATOR;
	413	}
	414
	415	return RADIUS_RX_PROCESSED;
	416	}
	417
	418
	419	static void accounting_report_state(struct hostapd_data *hapd, int on)
	420	{
	421	struct radius_msg *msg;
	422
	423	if (!hapd->conf->radius->acct_server \|\| hapd->radius == NULL)
	424	return;
	425
	426	/* Inform RADIUS server that accounting will start/stop so that the
	427	* server can close old accounting sessions. */
	428	msg = accounting_msg(hapd, NULL,
	429	on ? RADIUS_ACCT_STATUS_TYPE_ACCOUNTING_ON :
	430	RADIUS_ACCT_STATUS_TYPE_ACCOUNTING_OFF);
	431	if (!msg)
	432	return;
	433
	434	if (!radius_msg_add_attr_int32(msg, RADIUS_ATTR_ACCT_TERMINATE_CAUSE,
	435	RADIUS_ACCT_TERMINATE_CAUSE_NAS_REBOOT))
	436	{
	437	printf("Could not add Acct-Terminate-Cause\n");
	438	radius_msg_free(msg);
	439	os_free(msg);
	440	return;
	441	}
	442
	443	radius_client_send(hapd->radius, msg, RADIUS_ACCT, NULL);
	444	}
	445
	446
	447	int accounting_init(struct hostapd_data *hapd)
	448	{
	449	/* Acct-Session-Id should be unique over reboots. If reliable clock is
	450	* not available, this could be replaced with reboot counter, etc. */
	451	hapd->acct_session_id_hi = time(NULL);
	452
	453	if (radius_client_register(hapd->radius, RADIUS_ACCT,
454	accounting_receive, hapd))
455	return -1;
456
457	accounting_report_state(hapd, 1);
458
459	return 0;
460	}
461
462
463	void accounting_deinit(struct hostapd_data *hapd)
464	{
465	accounting_report_state(hapd, 0);
466	}
467
468
469	int accounting_reconfig(struct hostapd_data *hapd,
470	struct hostapd_config *oldconf)
471	{
472	if (!hapd->radius_client_reconfigured)
473	return 0;
474
475	accounting_deinit(hapd);
476	return accounting_init(hapd);
477	}