Wax

Wax is a Go server listening on port 8181, it implements these main functions:

• RADIUS AAA over HTTP: ti handles Radius AAA requests from Dedalo (CoovaChilli), only HTTP GET is supported
• Social authentication
• Data gathering for marketing functions

RADIUS AAA

The RADIUS AAA requests are sent to Wax using HTTP GET request.

Each AAA request is in the form stage=<stage>&service=<service>&<param1>=<value1>...<paramN>=<valueN>.

There are 3 mandatory parameters:

• nasid: a valid and already existing name of Hotspot instance
• ap: a valid and already existing Unit MAC address
• stage: it represent the action to be performed. There are 4 available stages:
  • login
  • counters
  • temporary
  • register (not implemented)

login

This stage is invoked when a user tries to login from Wings.

Available parameters:

• service: service to restrict login access (unused)
• user: user name
• `chap_chal: random challenge for CHAP authentication
• `chap_pass: password in CHAP format
• chap_id: ? (unused)
• ap: access point MAC address (unused)
• mac: user MAC address (unused)
• ip: user local IP address given by Wings (unused)
• sessionid: unique session id (unused)
• nasid: unique name of the Hotspot unit
• md: a MD5 hash generated using the the chap_pass (unused)

Request example:

curl http://localhost:8181/?stage=login &service=login&user=aaa&chap_chal=57efc66af8df7ecb164a39758b18a407&chap_pass=47bce5c74f589f4867dbd57e9ca9f808&chap_id=0&ap=00-0D-B9-41-7C-F8&mac=84-3A-4B-11-44-D4&ip=10.1.0.3&sessionid=151335010500000001&nasid=hs-test&md=CCBA58A3D03CA1BC5D02B0E66A997914

counters

This stage is invoked for session accounting and it's associates to a status parameter.

Supported statuses:

• start: used when a new session navigation is started. It accepts the following parameters:

  • user: user name, must exists and associates with Hotspot instance passed in the nasid parameter
  • mac: MAC address of the device used by the user
  • ip: local IP address given to device by Dedalo
  • sessionid: unique session id generated by Dedalo
  • nasid: name of the associates Hotspot instance
  • ap: the MAC address of the unit where the user is connected

• stop: used to end a navigation session. It accepts the following parameters:

  • sessionid: see above
  • ap: see above
  • bytes_down: downloaded bytes during the session
  • bytes_up: uploaded bytes during the session
  • duration: duration of the session

• update: used to update data regarding an active session. Uses the same parameters of the stop status

Request examples:

curl http://localhost:8181/?stage=counters&status=stop&user=aaa&ap=00-0D-B9-41-7C-F8&mac=84-3A-4B-11-44-D4&ip=10.1.0.3&sessionid=151324185800000001&nasid=hs-test&duration=702&bytes_down=47487&pkts_down=135&bytes_up=5292&pkts_up=65&md=F2D7D9B3184E2890140C9B7FE28CC0FB
curl http://localhost:8181/?stage=counters&status=up&ap=00-0D-B9-41-7C-F8&mac=00-00-00-00-00-00&nasid=hs-test&md=F998859655817FE494BB9CEC3133BD2A
curl http://localhost:8181/?stage=counters&status=update&user=aaa&ap=00-0D-B9-41-7C-F8&mac=84-3A-4B-11-44-D4&ip=10.1.0.3&sessionid=151318184500000001&nasid=hs-test&duration=10205&bytes_down=656025&pkts_down=1655&bytes_up=164192&pkts_up=1794&md=F614C20150DCD5A8D867A977DEFF154C

temporary

TODO

Social authentication

TODO

Data gathering

TODO

Build and run

Make sure to have all required dependencies:

go get

Then build the binaries:

go build

Running

DB_USER=testuser DB_PASSWORD=testpassword DB_HOST=192.168.1.1 DB_NAME=icaro DB_PORT=3306 ./wax

Launch tests

Execute:

DB_USER=<db_user> DB_PASSWORD=<db_password> DB_HOST=<db_host>6 DB_PORT=<db_port> DB_NAME=icaro go test

Example:

DB_USER=testuser DB_PASSWORD=testpassword DB_HOST=192.168.1.1 DB_NAME=icaro DB_PORT=3306 go test