hostapd: Add optional Chargeable-User-Identity request (RFC 4372)

radius_request_cui=1 configuration parameter can now be used to
configure hostapd to request CUI from the RADIUS server by including
Chargeable-User-Identity attribute into Access-Request packets.

Signed-hostap: Jouni Malinen <j@w1.fi>

diff --git a/hostapd/config_file.c b/hostapd/config_file.c
index 6fa53f35364586ace4be764db53055be69f01515..c8a628862626e383a64b3d1ff51558f66a8769ec 100644 (file)
--- a/hostapd/config_file.c
+++ b/hostapd/config_file.c
@@ -1,6 +1,6 @@
 /*
  * hostapd / Configuration file parser
- * Copyright (c) 2003-2009, Jouni Malinen <j@w1.fi>
+ * Copyright (c) 2003-2012, Jouni Malinen <j@w1.fi>
  *
  * This software may be distributed under the terms of the BSD license.
  * See README for more details.
@@ -1555,6 +1555,8 @@ static int hostapd_config_fill(struct hostapd_config *conf,
                } else if (os_strcmp(buf, "radius_acct_interim_interval") == 0)
                {
                        bss->acct_interim_interval = atoi(pos);
+               } else if (os_strcmp(buf, "radius_request_cui") == 0) {
+                       bss->radius_request_cui = atoi(pos);
 #endif /* CONFIG_NO_RADIUS */
                } else if (os_strcmp(buf, "auth_algs") == 0) {
                        bss->auth_algs = atoi(pos);

diff --git a/hostapd/hostapd.conf b/hostapd/hostapd.conf
index ceae0659bac817d93361dd00b7e8270c5d015440..e38a7aa02725df18583bcea966673bd2b0b5638f 100644 (file)
--- a/hostapd/hostapd.conf
+++ b/hostapd/hostapd.conf
@@ -632,6 +632,12 @@ own_ip_addr=127.0.0.1
 # 60 (1 minute).
 #radius_acct_interim_interval=600
 
+# Request Chargeable-User-Identity (RFC 4372)
+# This parameter can be used to configure hostapd to request CUI from the
+# RADIUS server by including Chargeable-User-Identity attribute into
+# Access-Request packets.
+#radius_request_cui=1
+
 # Dynamic VLAN mode; allow RADIUS authentication server to decide which VLAN
 # is used for the stations. This information is parsed from following RADIUS
 # attributes based on RFC 3580 and RFC 2868: Tunnel-Type (value 13 = VLAN),

diff --git a/src/ap/ap_config.h b/src/ap/ap_config.h
index 914ff145396b3277e59a3965d2d76fbfbb044d4d..43047729e82eafb8052e524b8a81927ecec52db7 100644 (file)
--- a/src/ap/ap_config.h
+++ b/src/ap/ap_config.h
@@ -1,6 +1,6 @@
 /*
  * hostapd / Configuration definitions and helpers functions
- * Copyright (c) 2003-2009, Jouni Malinen <j@w1.fi>
+ * Copyright (c) 2003-2012, Jouni Malinen <j@w1.fi>
  *
  * This software may be distributed under the terms of the BSD license.
  * See README for more details.
@@ -177,6 +177,7 @@ struct hostapd_bss_config {
        char *nas_identifier;
        struct hostapd_radius_servers *radius;
        int acct_interim_interval;
+       int radius_request_cui;
 
        struct hostapd_ssid ssid;
 

diff --git a/src/ap/ieee802_1x.c b/src/ap/ieee802_1x.c
index b12ed51e65582fd637898a1d4931b719f774f8f0..9bb63f538b84320f2cddbcafe93f9191f130b8d4 100644 (file)
--- a/src/ap/ieee802_1x.c
+++ b/src/ap/ieee802_1x.c
@@ -541,6 +541,25 @@ static void ieee802_1x_encapsulate_radius(struct hostapd_data *hapd,
                }
        }
 
+       if (hapd->conf->radius_request_cui) {
+               const u8 *cui;
+               size_t cui_len;
+               /* Add previously learned CUI or nul CUI to request CUI */
+               if (sm->radius_cui) {
+                       cui = wpabuf_head(sm->radius_cui);
+                       cui_len = wpabuf_len(sm->radius_cui);
+               } else {
+                       cui = (const u8 *) "\0";
+                       cui_len = 1;
+               }
+               if (!radius_msg_add_attr(msg,
+                                        RADIUS_ATTR_CHARGEABLE_USER_IDENTITY,
+                                        cui, cui_len)) {
+                       wpa_printf(MSG_ERROR, "Could not add CUI");
+                       goto fail;
+               }
+       }
+
        if (radius_client_send(hapd->radius, msg, RADIUS_AUTH, sta->addr) < 0)
                goto fail;