eap-radius: Add RADIUS Accounting session ID to Access-Request messages
authorTobias Brunner <tobias@strongswan.org>
Fri, 14 Dec 2018 08:26:51 +0000 (09:26 +0100)
committerTobias Brunner <tobias@strongswan.org>
Mon, 17 Dec 2018 08:46:09 +0000 (09:46 +0100)
This allows e.g. associating database entries for IP leases and
accounting directly from the start.

Fixes #2853.

src/libcharon/plugins/eap_radius/eap_radius.c
src/libcharon/plugins/eap_radius/eap_radius_accounting.c
src/libcharon/plugins/eap_radius/eap_radius_accounting.h

index fbbf6da..ae1371b 100644 (file)
@@ -1,5 +1,5 @@
 /*
- * Copyright (C) 2012-2017 Tobias Brunner
+ * Copyright (C) 2012-2018 Tobias Brunner
  * Copyright (C) 2009 Martin Willi
  * HSR Hochschule fuer Technik Rapperswil
  *
@@ -156,7 +156,7 @@ void eap_radius_build_attributes(radius_message_t *request)
 {
        ike_sa_t *ike_sa;
        host_t *host;
-       char buf[40], *station_id_fmt;;
+       char buf[40], *station_id_fmt, *session_id;
        uint32_t value;
        chunk_t chunk;
 
@@ -202,6 +202,14 @@ void eap_radius_build_attributes(radius_message_t *request)
                host = ike_sa->get_other_host(ike_sa);
                snprintf(buf, sizeof(buf), station_id_fmt, host);
                request->add(request, RAT_CALLING_STATION_ID, chunk_from_str(buf));
+
+               session_id = eap_radius_accounting_session_id(ike_sa);
+               if (session_id)
+               {
+                       request->add(request, RAT_ACCT_SESSION_ID,
+                                                chunk_from_str(session_id));
+                       free(session_id);
+               }
        }
 }
 
index 9261149..6f35d08 100644 (file)
@@ -1070,8 +1070,27 @@ eap_radius_accounting_t *eap_radius_accounting_create()
        return &this->public;
 }
 
-/**
- * See header
+/*
+ * Described in header
+ */
+char *eap_radius_accounting_session_id(ike_sa_t *ike_sa)
+{
+       entry_t *entry;
+       char *sid = NULL;
+
+       if (singleton)
+       {
+               singleton->mutex->lock(singleton->mutex);
+               entry = get_or_create_entry(singleton, ike_sa->get_id(ike_sa),
+                                                                       ike_sa->get_unique_id(ike_sa));
+               sid = strdup(entry->sid);
+               singleton->mutex->unlock(singleton->mutex);
+       }
+       return sid;
+}
+
+/*
+ * Described in header
  */
 void eap_radius_accounting_start_interim(ike_sa_t *ike_sa, uint32_t interval)
 {
index dc1edcf..1fe1107 100644 (file)
@@ -1,5 +1,5 @@
 /*
- * Copyright (C) 2017 Tobias Brunner
+ * Copyright (C) 2017-2018 Tobias Brunner
  * HSR Hochschule fuer Technik Rapperswil
  *
  * Copyright (C) 2012 Martin Willi
@@ -50,6 +50,14 @@ struct eap_radius_accounting_t {
 eap_radius_accounting_t *eap_radius_accounting_create();
 
 /**
+ * Get the Accounting session ID for the given IKE_SA.
+ *
+ * @param ike_sa                       IKE_SA for which to determine the session ID
+ * @return                                     allocated session ID
+ */
+char *eap_radius_accounting_session_id(ike_sa_t *ike_sa);
+
+/**
  * Schedule Accounting interim updates for the given IKE_SA.
  *
  * @param ike_sa                       IKE_SA to send updates for