diff mbox

Hostapd Accounting Update on inactivity timeout for 802.1x enabled

Message ID 55CC2654.106@cdot.in
State Changes Requested
Headers show

Commit Message

Nagaraj Aug. 13, 2015, 5:08 a.m. UTC 
Hi ALL ,

I was testing the Hostapd with radius server when i found out that 
inactivity timeout received from the radius server was
not getting used ,and only the idle time out configured in the deamon  
Config file (#ap_max_inactivity=300) was used for sending accounting 
update (during inactivity ).

So i updated the following file in hostapd/src/ap folder ( patch is 
attached below) to take into account the inactivity time sent by the 
radius server.

It worked ,but would it be right way to go about it .


Regards
Nagaraj.N.Nayak

Comments

Jouni Malinen Aug. 14, 2015, 8:15 p.m. UTC | #1 
On Thu, Aug 13, 2015 at 10:38:36AM +0530, Nagaraj wrote:
> I was testing the Hostapd with radius server when i found out that
> inactivity timeout received from the radius server was
> not getting used ,and only the idle time out configured in the
> deamon  Config file (#ap_max_inactivity=300) was used for sending
> accounting update (during inactivity ).
> 
> So i updated the following file in hostapd/src/ap folder ( patch is
> attached below) to take into account the inactivity time sent by the
> radius server.
> 
> It worked ,but would it be right way to go about it .

> +void ap_sta_idle_timeout(struct hostapd_data *hapd, struct sta_info *sta,
> +			    u32 inactvity_timeout)

> +                hapd->conf->ap_max_inactivity = inactvity_timeout;

I don't think it would be a good idea to replace the ap_max_inactivity
configuration parameter (which applies to every STA in the BSS) with a
value received from RADIUS authentication server for a single STA. It
would be more flexible to store this possible available parameter in
struct sta_info and use it instead of hapd->conf->ap_max_inactivity when
the overriding value is available.
diff mbox

Patch

--- ieee802_1x.c	2015-06-08 15:36:18.000000000 +0530
+++ ieee802_1x_mod.c	2015-08-13 10:35:56.778673556 +0530
@@ -1366,8 +1366,8 @@ 
 {
 	struct hostapd_data *hapd = data;
 	struct sta_info *sta;
-	u32 session_timeout = 0, termination_action, acct_interim_interval;
-	int session_timeout_set, old_vlanid = 0;
+	u32 session_timeout = 0, termination_action, acct_interim_interval, idle_timeout =0;
+	int session_timeout_set, old_vlanid = 0 ,idle_timeout_set =0;
 	struct eapol_state_machine *sm;
 	int override_eapReq = 0;
 	struct radius_hdr *hdr = radius_msg_get_hdr(msg);
@@ -1413,6 +1413,15 @@ 
 	session_timeout_set =
 		!radius_msg_get_attr_int32(msg, RADIUS_ATTR_SESSION_TIMEOUT,
 					   &session_timeout);
+
+        idle_timeout_set = !radius_msg_get_attr_int32(msg, RADIUS_ATTR_IDLE_TIMEOUT,&idle_timeout);
+
+        hostapd_logger(hapd, sta->addr,
+				       HOSTAPD_MODULE_IEEE8021X,
+				       HOSTAPD_LEVEL_DEBUG,
+				       "Idle timeout received #1 %d",
+				       idle_timeout);
+
 	if (radius_msg_get_attr_int32(msg, RADIUS_ATTR_TERMINATION_ACTION,
 				      &termination_action))
 		termination_action = RADIUS_TERMINATION_ACTION_DEFAULT;
@@ -1468,7 +1477,18 @@ 
 		    RADIUS_TERMINATION_ACTION_RADIUS_REQUEST) {
 			sm->reAuthPeriod = session_timeout;
 		} else if (session_timeout_set)
-			ap_sta_session_timeout(hapd, sta, session_timeout);
+			ap_sta_session_timeout(hapd, sta, idle_timeout);
+
+                if((idle_timeout_set)&&(idle_timeout))
+                { 
+                     ap_sta_idle_timeout(hapd,sta,idle_timeout);
+                     hostapd_logger(hapd, sta->addr,
+				       HOSTAPD_MODULE_IEEE8021X,
+				       HOSTAPD_LEVEL_DEBUG,
+				       "starting Idle timeout timer for  %d",
+				       idle_timeout);
+
+                }
 
 		sm->eap_if->aaaSuccess = TRUE;
 		override_eapReq = 1;