From 2122fc83aa2cc54b7e4b7b5a11d71ccff2cc3681 Mon Sep 17 00:00:00 2001
From: Jouni Malinen <jouni@codeaurora.org>
Date: Fri, 22 Jun 2018 00:12:07 +0300
Subject: [PATCH] RADIUS server: Add current_sessions SQLite table

This can be used to track active sessions, e.g., for the purpose of
issuing RADIUS DAS commands (Disconnect-Request or CoA-Request).

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
---
 hostapd/hostapd.eap_user_sqlite | 10 ++++++++++
 src/radius/radius_server.c      | 33 +++++++++++++++++++++++++++++++++
 2 files changed, 43 insertions(+)

diff --git a/hostapd/hostapd.eap_user_sqlite b/hostapd/hostapd.eap_user_sqlite
index fdae4e0c1..411b9eafa 100644
--- a/hostapd/hostapd.eap_user_sqlite
+++ b/hostapd/hostapd.eap_user_sqlite
@@ -30,3 +30,13 @@ CREATE TABLE pending_tc(
 	mac_addr TEXT PRIMARY KEY,
 	identity TEXT
 );
+
+CREATE TABLE current_sessions(
+	mac_addr TEXT PRIMARY KEY,
+	identity TEXT,
+	start_time TEXT,
+	nas TEXT,
+	hs20_t_c_filtering BOOLEAN,
+	waiting_coa_ack BOOLEAN,
+	coa_ack_received BOOLEAN
+);
diff --git a/src/radius/radius_server.c b/src/radius/radius_server.c
index 27e2050c1..fdd3609dd 100644
--- a/src/radius/radius_server.c
+++ b/src/radius/radius_server.c
@@ -780,6 +780,36 @@ static void radius_srv_hs20_t_c_pending(struct radius_session *sess)
 #endif /* CONFIG_HS20 */
 
 
+static void radius_server_add_session(struct radius_session *sess)
+{
+#ifdef CONFIG_SQLITE
+	char *sql;
+	char addr_txt[ETH_ALEN * 3];
+	struct os_time now;
+
+	if (!sess->server->db)
+		return;
+
+
+	os_snprintf(addr_txt, sizeof(addr_txt), MACSTR,
+		    MAC2STR(sess->mac_addr));
+
+	os_get_time(&now);
+	sql = sqlite3_mprintf("INSERT OR REPLACE INTO current_sessions(mac_addr,identity,start_time,nas,hs20_t_c_filtering) VALUES (%Q,%Q,%d,%Q,%u)",
+			      addr_txt, sess->username, now.sec,
+			      sess->nas_ip, sess->t_c_filtering);
+	if (sql) {
+			if (sqlite3_exec(sess->server->db, sql, NULL, NULL,
+					 NULL) != SQLITE_OK) {
+				RADIUS_ERROR("Failed to add current_sessions entry into sqlite database: %s",
+					     sqlite3_errmsg(sess->server->db));
+			}
+			sqlite3_free(sql);
+	}
+#endif /* CONFIG_SQLITE */
+}
+
+
 static struct radius_msg *
 radius_server_encapsulate_eap(struct radius_server_data *data,
 			      struct radius_client *client,
@@ -974,6 +1004,9 @@ radius_server_encapsulate_eap(struct radius_server_data *data,
 		RADIUS_DEBUG("Failed to add Message-Authenticator attribute");
 	}
 
+	if (code == RADIUS_CODE_ACCESS_ACCEPT)
+		radius_server_add_session(sess);
+
 	return msg;
 }