From 0dd100fb40357781e747a952b68729f1f3f01d20 Mon Sep 17 00:00:00 2001
From: Jouni Malinen <jouni@qca.qualcomm.com>
Date: Wed, 21 Nov 2012 17:03:15 +0200
Subject: [PATCH] HS 2.0R2 AP: Add definition and helper function for WFA
 RADIUS VSA

These changes make it easier to add WFA vendor specific attributes
to RADIUS messages.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
---
 src/radius/radius.c | 27 +++++++++++++++++++++++++++
 src/radius/radius.h | 12 ++++++++++++
 2 files changed, 39 insertions(+)

diff --git a/src/radius/radius.c b/src/radius/radius.c
index 1070fc708..370b517fd 100644
--- a/src/radius/radius.c
+++ b/src/radius/radius.c
@@ -1220,6 +1220,33 @@ int radius_msg_add_mppe_keys(struct radius_msg *msg,
 }
 
 
+int radius_msg_add_wfa(struct radius_msg *msg, u8 subtype, const u8 *data,
+		       size_t len)
+{
+	struct radius_attr_hdr *attr;
+	u8 *buf, *pos;
+	size_t alen;
+
+	alen = 4 + 2 + len;
+	buf = os_malloc(alen);
+	if (buf == NULL)
+		return 0;
+	pos = buf;
+	WPA_PUT_BE32(pos, RADIUS_VENDOR_ID_WFA);
+	pos += 4;
+	*pos++ = subtype;
+	*pos++ = 2 + len;
+	os_memcpy(pos, data, len);
+	attr = radius_msg_add_attr(msg, RADIUS_ATTR_VENDOR_SPECIFIC,
+				   buf, alen);
+	os_free(buf);
+	if (attr == NULL)
+		return 0;
+
+	return 1;
+}
+
+
 /* Add User-Password attribute to a RADIUS message and encrypt it as specified
  * in RFC 2865, Chap. 5.2 */
 struct radius_attr_hdr *
diff --git a/src/radius/radius.h b/src/radius/radius.h
index ad65b04b8..b39aa7b0c 100644
--- a/src/radius/radius.h
+++ b/src/radius/radius.h
@@ -163,6 +163,16 @@ enum { RADIUS_VENDOR_ATTR_MS_MPPE_SEND_KEY = 16,
        RADIUS_VENDOR_ATTR_MS_MPPE_RECV_KEY = 17
 };
 
+
+/* Hotspot 2.0 - WFA Vendor-specific RADIUS Attributes */
+#define RADIUS_VENDOR_ID_WFA 40808
+
+enum {
+	RADIUS_VENDOR_ATTR_WFA_HS20_SUBSCR_REMEDIATION = 1,
+	RADIUS_VENDOR_ATTR_WFA_HS20_AP_VERSION = 2,
+	RADIUS_VENDOR_ATTR_WFA_HS20_STA_VERSION = 3,
+};
+
 #ifdef _MSC_VER
 #pragma pack(pop)
 #endif /* _MSC_VER */
@@ -237,6 +247,8 @@ int radius_msg_add_mppe_keys(struct radius_msg *msg,
 			     const u8 *secret, size_t secret_len,
 			     const u8 *send_key, size_t send_key_len,
 			     const u8 *recv_key, size_t recv_key_len);
+int radius_msg_add_wfa(struct radius_msg *msg, u8 subtype, const u8 *data,
+		       size_t len);
 struct radius_attr_hdr *
 radius_msg_add_attr_user_password(struct radius_msg *msg,
 				  const u8 *data, size_t data_len,