自学教程：C++ wpabuf_put函数代码示例

struct wpabuf * tls_connection_decrypt2(void *tls_ctx,					struct tls_connection *conn,					const struct wpabuf *in_data,					int *need_more_data){	if (need_more_data)		*need_more_data = 0;#ifdef CONFIG_TLS_INTERNAL_CLIENT	if (conn->client) {		return tlsv1_client_decrypt(conn->client, wpabuf_head(in_data),					    wpabuf_len(in_data),					    need_more_data);	}#endif /* CONFIG_TLS_INTERNAL_CLIENT */#ifdef CONFIG_TLS_INTERNAL_SERVER	if (conn->server) {		struct wpabuf *buf;		int res;		buf = wpabuf_alloc((wpabuf_len(in_data) + 500) * 3);		if (buf == NULL)			return NULL;		res = tlsv1_server_decrypt(conn->server, wpabuf_head(in_data),					   wpabuf_len(in_data),					   wpabuf_mhead(buf),					   wpabuf_size(buf));		if (res < 0) {			wpabuf_free(buf);			return NULL;		}		wpabuf_put(buf, res);		return buf;	}#endif /* CONFIG_TLS_INTERNAL_SERVER */	return NULL;}

static struct wpabuf * eap_sake_build_msg(struct eap_sake_data *data,					  int id, size_t length, u8 subtype){	struct eap_sake_hdr *sake;	struct wpabuf *msg;	size_t plen;	plen = length + sizeof(struct eap_sake_hdr);	msg = eap_msg_alloc(EAP_VENDOR_IETF, EAP_TYPE_SAKE, plen,			    EAP_CODE_RESPONSE, id);	if (msg == NULL) {		wpa_printf(MSG_ERROR, "EAP-SAKE: Failed to allocate memory "			   "request");		return NULL;	}	sake = wpabuf_put(msg, sizeof(*sake));	sake->version = EAP_SAKE_VERSION;	sake->session_id = data->session_id;	sake->subtype = subtype;	return msg;}

/** * wps_build_assoc_resp_ie - Build WPS IE for (Re)Association Response * Returns: WPS IE or %NULL on failure * * The caller is responsible for freeing the buffer. */struct wpabuf *wps_build_assoc_resp_ie(void){	struct wpabuf *ie;	u8 *len;	wpa_printf(MSG_DEBUG, "WPS: Building WPS IE for (Re)Association " "Response");	ie = wpabuf_alloc(100);	if (ie == NULL) {		return NULL;	}	wpabuf_put_u8(ie, WLAN_EID_VENDOR_SPECIFIC);	len = wpabuf_put(ie, 1);	wpabuf_put_be32(ie, WPS_DEV_OUI_WFA);	if (wps_build_version(ie) || wps_build_resp_type(ie, WPS_RESP_AP) || wps_build_wfa_ext(ie, 0, NULL, 0)) {		wpabuf_free(ie);		return NULL;	}	*len = wpabuf_len(ie) - 2;	return ie;}

/** * wps_build_assoc_req_ie - Build WPS IE for (Re)Association Request * @req_type: Value for Request Type attribute * Returns: WPS IE or %NULL on failure * * The caller is responsible for freeing the buffer. */struct wpabuf * wps_build_assoc_req_ie(enum wps_request_type req_type) {    struct wpabuf *ie;    u8 *len;    wpa_printf(MSG_DEBUG, "WPS: Building WPS IE for (Re)Association "            "Request");    ie = wpabuf_alloc(100);    if (ie == NULL)        return NULL;    wpabuf_put_u8(ie, WLAN_EID_VENDOR_SPECIFIC);    len = wpabuf_put(ie, 1);    wpabuf_put_be32(ie, WPS_DEV_OUI_WFA);    if (wps_build_version(ie) ||            wps_build_req_type(ie, req_type)) {        wpabuf_free(ie);        return NULL;    }    *len = wpabuf_len(ie) - 2;    return ie;}

void p2p_buf_update_ie_hdr(struct wpabuf *buf, u8 *len){	/* Update P2P IE Length */	*len = (u8 *) wpabuf_put(buf, 0) - len - 1;}

static void web_connection_send_reply(struct http_request *req,				      enum http_reply_code ret,				      const char *action, int action_len,				      const struct wpabuf *reply,				      const char *replyname){	struct wpabuf *buf;	char *replydata;	char *put_length_here = NULL;	char *body_start = NULL;	if (reply) {		size_t len;		replydata = (char *) base64_encode(wpabuf_head(reply),						   wpabuf_len(reply), &len);	} else		replydata = NULL;	/* Parameters of the response:	 *      action(action_len) -- action we are responding to	 *      replyname -- a name we need for the reply	 *      replydata -- NULL or null-terminated string	 */	buf = wpabuf_alloc(1000 + (replydata ? os_strlen(replydata) : 0U) +			   (action_len > 0 ? action_len * 2 : 0));	if (buf == NULL) {		wpa_printf(MSG_INFO, "WPS UPnP: Cannot allocate reply to "			   "POST");		os_free(replydata);		http_request_deinit(req);		return;	}	/*	 * Assuming we will be successful, put in the output header first.	 * Note: we do not keep connections alive (and httpread does	 * not support it)... therefore we must have Connection: close.	 */	if (ret == HTTP_OK) {		wpabuf_put_str(buf,			       "HTTP/1.1 200 OK/r/n"			       "Content-Type: text/xml; "			       "charset=/"utf-8/"/r/n");	} else {		wpabuf_printf(buf, "HTTP/1.1 %d Error/r/n", ret);	}	wpabuf_put_str(buf, http_connection_close);	wpabuf_put_str(buf, "Content-Length: ");	/*	 * We will paste the length in later, leaving some extra whitespace.	 * HTTP code is supposed to be tolerant of extra whitespace.	 */	put_length_here = wpabuf_put(buf, 0);	wpabuf_put_str(buf, "        /r/n");	http_put_date(buf);	/* terminating empty line */	wpabuf_put_str(buf, "/r/n");	body_start = wpabuf_put(buf, 0);	if (ret == HTTP_OK) {		wpabuf_put_str(buf, soap_prefix);		wpabuf_put_str(buf, "<u:");		wpabuf_put_data(buf, action, action_len);		wpabuf_put_str(buf, "Response xmlns:u=/"");		wpabuf_put_str(buf, urn_wfawlanconfig);		wpabuf_put_str(buf, "/">/n");		if (replydata && replyname) {			/* TODO: might possibly need to escape part of reply			 * data? ...			 * probably not, unlikely to have ampersand(&) or left			 * angle bracket (<) in it...			 */			wpabuf_printf(buf, "<%s>", replyname);			wpabuf_put_str(buf, replydata);			wpabuf_printf(buf, "</%s>/n", replyname);		}		wpabuf_put_str(buf, "</u:");		wpabuf_put_data(buf, action, action_len);		wpabuf_put_str(buf, "Response>/n");		wpabuf_put_str(buf, soap_postfix);	} else {		/* Error case */		wpabuf_put_str(buf, soap_prefix);		wpabuf_put_str(buf, soap_error_prefix);		wpabuf_printf(buf, "<errorCode>%d</errorCode>/n", ret);		wpabuf_put_str(buf, soap_error_postfix);		wpabuf_put_str(buf, soap_postfix);	}	os_free(replydata);	/* Now patch in the content length at the end */	if (body_start && put_length_here) {		int body_length = (char *) wpabuf_put(buf, 0) - body_start;		char len_buf[10];		os_snprintf(len_buf, sizeof(len_buf), "%d", body_length);		os_memcpy(put_length_here, len_buf, os_strlen(len_buf));//.........这里部分代码省略.........

static struct wpabuf * eap_ikev2_build_msg(struct eap_ikev2_data *data, u8 id){	struct wpabuf *req;	u8 flags;	size_t send_len, plen, icv_len = 0;	wpa_printf(MSG_DEBUG, "EAP-IKEV2: Generating Request");	flags = 0;	send_len = wpabuf_len(data->out_buf) - data->out_used;	if (1 + send_len > data->fragment_size) {		send_len = data->fragment_size - 1;		flags |= IKEV2_FLAGS_MORE_FRAGMENTS;		if (data->out_used == 0) {			flags |= IKEV2_FLAGS_LENGTH_INCLUDED;			send_len -= 4;		}	}	plen = 1 + send_len;	if (flags & IKEV2_FLAGS_LENGTH_INCLUDED)		plen += 4;	if (data->keys_ready) {		const struct ikev2_integ_alg *integ;		wpa_printf(MSG_DEBUG, "EAP-IKEV2: Add Integrity Checksum "			   "Data");		flags |= IKEV2_FLAGS_ICV_INCLUDED;		integ = ikev2_get_integ(data->ikev2.proposal.integ);		if (integ == NULL) {			wpa_printf(MSG_DEBUG, "EAP-IKEV2: Unknown INTEG "				   "transform / cannot generate ICV");			return NULL;		}		icv_len = integ->hash_len;		plen += icv_len;	}	req = eap_msg_alloc(EAP_VENDOR_IETF, EAP_TYPE_IKEV2, plen,			    EAP_CODE_REQUEST, id);	if (req == NULL)		return NULL;	wpabuf_put_u8(req, flags); /* Flags */	if (flags & IKEV2_FLAGS_LENGTH_INCLUDED)		wpabuf_put_be32(req, wpabuf_len(data->out_buf));	wpabuf_put_data(req, wpabuf_head_u8(data->out_buf) + data->out_used,			send_len);	data->out_used += send_len;	if (flags & IKEV2_FLAGS_ICV_INCLUDED) {		const u8 *msg = wpabuf_head(req);		size_t len = wpabuf_len(req);		ikev2_integ_hash(data->ikev2.proposal.integ,				 data->ikev2.keys.SK_ai,				 data->ikev2.keys.SK_integ_len,				 msg, len, wpabuf_put(req, icv_len));	}	if (data->out_used == wpabuf_len(data->out_buf)) {		wpa_printf(MSG_DEBUG, "EAP-IKEV2: Sending out %lu bytes "			   "(message sent completely)",			   (unsigned long) send_len);		wpabuf_free(data->out_buf);		data->out_buf = NULL;		data->out_used = 0;	} else {		wpa_printf(MSG_DEBUG, "EAP-IKEV2: Sending out %lu bytes "			   "(%lu more to send)", (unsigned long) send_len,			   (unsigned long) wpabuf_len(data->out_buf) -			   data->out_used);		eap_ikev2_state(data, WAIT_FRAG_ACK);	}	return req;}

static int ikev2_build_sar1(struct ikev2_responder_data *data,			    struct wpabuf *msg, u8 next_payload){	struct ikev2_payload_hdr *phdr;	size_t plen;	struct ikev2_proposal *p;	struct ikev2_transform *t;	wpa_printf(MSG_DEBUG, "IKEV2: Adding SAr1 payload");	/* SAr1 - RFC 4306, Sect. 2.7 and 3.3 */	phdr = wpabuf_put(msg, sizeof(*phdr));	phdr->next_payload = next_payload;	phdr->flags = 0;	p = wpabuf_put(msg, sizeof(*p));#ifdef CCNS_PL	/* Seems to require that the Proposal # is 1 even though RFC 4306	 * Sect 3.3.1 has following requirement "When a proposal is accepted,	 * all of the proposal numbers in the SA payload MUST be the same and	 * MUST match the number on the proposal sent that was accepted.".	 */	p->proposal_num = 1;#else /* CCNS_PL */	p->proposal_num = data->proposal.proposal_num;#endif /* CCNS_PL */	p->protocol_id = IKEV2_PROTOCOL_IKE;	p->num_transforms = 4;	t = wpabuf_put(msg, sizeof(*t));	t->type = 3;	t->transform_type = IKEV2_TRANSFORM_ENCR;	WPA_PUT_BE16(t->transform_id, data->proposal.encr);	if (data->proposal.encr == ENCR_AES_CBC) {		/* Transform Attribute: Key Len = 128 bits */#ifdef CCNS_PL		wpabuf_put_be16(msg, 0x001d); /* ?? */#else /* CCNS_PL */		wpabuf_put_be16(msg, 0x800e); /* AF=1, AttrType=14 */#endif /* CCNS_PL */		wpabuf_put_be16(msg, 128); /* 128-bit key */	}	plen = (u8 *) wpabuf_put(msg, 0) - (u8 *) t;	WPA_PUT_BE16(t->transform_length, plen);	t = wpabuf_put(msg, sizeof(*t));	t->type = 3;	WPA_PUT_BE16(t->transform_length, sizeof(*t));	t->transform_type = IKEV2_TRANSFORM_PRF;	WPA_PUT_BE16(t->transform_id, data->proposal.prf);	t = wpabuf_put(msg, sizeof(*t));	t->type = 3;	WPA_PUT_BE16(t->transform_length, sizeof(*t));	t->transform_type = IKEV2_TRANSFORM_INTEG;	WPA_PUT_BE16(t->transform_id, data->proposal.integ);	t = wpabuf_put(msg, sizeof(*t));	WPA_PUT_BE16(t->transform_length, sizeof(*t));	t->transform_type = IKEV2_TRANSFORM_DH;	WPA_PUT_BE16(t->transform_id, data->proposal.dh);	plen = (u8 *) wpabuf_put(msg, 0) - (u8 *) p;	WPA_PUT_BE16(p->proposal_length, plen);	plen = (u8 *) wpabuf_put(msg, 0) - (u8 *) phdr;	WPA_PUT_BE16(phdr->payload_length, plen);	return 0;}

int p2p_build_wps_ie(struct p2p_data *p2p, struct wpabuf *buf, int pw_id,		     int all_attr){	u8 *len;	int i;	if (wpabuf_tailroom(buf) < 6)		return -1;	wpabuf_put_u8(buf, WLAN_EID_VENDOR_SPECIFIC);	len = wpabuf_put(buf, 1);	wpabuf_put_be32(buf, WPS_DEV_OUI_WFA);	if (wps_build_version(buf) < 0)		return -1;	if (all_attr) {		if (wpabuf_tailroom(buf) < 5)			return -1;		wpabuf_put_be16(buf, ATTR_WPS_STATE);		wpabuf_put_be16(buf, 1);		wpabuf_put_u8(buf, WPS_STATE_NOT_CONFIGURED);	}	if (pw_id >= 0) {		if (wpabuf_tailroom(buf) < 6)			return -1;		/* Device Password ID */		wpabuf_put_be16(buf, ATTR_DEV_PASSWORD_ID);		wpabuf_put_be16(buf, 2);		wpa_printf(MSG_DEBUG, "P2P: WPS IE Device Password ID: %d",			   pw_id);		wpabuf_put_be16(buf, pw_id);	}	if (all_attr) {		if (wpabuf_tailroom(buf) < 5)			return -1;		wpabuf_put_be16(buf, ATTR_RESPONSE_TYPE);		wpabuf_put_be16(buf, 1);		wpabuf_put_u8(buf, WPS_RESP_ENROLLEE_INFO);		if (wps_build_uuid_e(buf, p2p->cfg->uuid) < 0 ||		    p2p_add_wps_string(buf, ATTR_MANUFACTURER,				       p2p->cfg->manufacturer) < 0 ||		    p2p_add_wps_string(buf, ATTR_MODEL_NAME,				       p2p->cfg->model_name) < 0 ||		    p2p_add_wps_string(buf, ATTR_MODEL_NUMBER,				       p2p->cfg->model_number) < 0 ||		    p2p_add_wps_string(buf, ATTR_SERIAL_NUMBER,				       p2p->cfg->serial_number) < 0)			return -1;		if (wpabuf_tailroom(buf) < 4 + WPS_DEV_TYPE_LEN)			return -1;		wpabuf_put_be16(buf, ATTR_PRIMARY_DEV_TYPE);		wpabuf_put_be16(buf, WPS_DEV_TYPE_LEN);		wpabuf_put_data(buf, p2p->cfg->pri_dev_type, WPS_DEV_TYPE_LEN);		if (p2p_add_wps_string(buf, ATTR_DEV_NAME, p2p->cfg->dev_name)		    < 0)			return -1;		if (wpabuf_tailroom(buf) < 6)			return -1;		wpabuf_put_be16(buf, ATTR_CONFIG_METHODS);		wpabuf_put_be16(buf, 2);		wpabuf_put_be16(buf, p2p->cfg->config_methods);	}	if (wps_build_wfa_ext(buf, 0, NULL, 0) < 0)		return -1;	if (all_attr && p2p->cfg->num_sec_dev_types) {		if (wpabuf_tailroom(buf) <		    4 + WPS_DEV_TYPE_LEN * p2p->cfg->num_sec_dev_types)			return -1;		wpabuf_put_be16(buf, ATTR_SECONDARY_DEV_TYPE_LIST);		wpabuf_put_be16(buf, WPS_DEV_TYPE_LEN *				p2p->cfg->num_sec_dev_types);		wpabuf_put_data(buf, p2p->cfg->sec_dev_type,				WPS_DEV_TYPE_LEN *				p2p->cfg->num_sec_dev_types);	}	/* Add the WPS vendor extensions */	for (i = 0; i < P2P_MAX_WPS_VENDOR_EXT; i++) {		if (p2p->wps_vendor_ext[i] == NULL)			break;		if (wpabuf_tailroom(buf) <		    4 + wpabuf_len(p2p->wps_vendor_ext[i]))			continue;		wpabuf_put_be16(buf, ATTR_VENDOR_EXT);		wpabuf_put_be16(buf, wpabuf_len(p2p->wps_vendor_ext[i]));		wpabuf_put_buf(buf, p2p->wps_vendor_ext[i]);	}	p2p_buf_update_ie_hdr(buf, len);	return 0;}

static struct wpabuf * eap_pax_process_std_1(struct eap_pax_data *data,					     struct eap_method_ret *ret, u8 id,					     const struct eap_pax_hdr *req,					     size_t req_plen){	struct wpabuf *resp;	const u8 *pos;	u8 *rpos;	size_t left, plen;	wpa_printf(MSG_DEBUG, "EAP-PAX: PAX_STD-1 (received)");	if (data->state != PAX_INIT) {		wpa_printf(MSG_INFO, "EAP-PAX: PAX_STD-1 received in "			   "unexpected state (%d) - ignored", data->state);		ret->ignore = TRUE;		return NULL;	}	if (req->flags & EAP_PAX_FLAGS_CE) {		wpa_printf(MSG_INFO, "EAP-PAX: PAX_STD-1 with CE flag set - "			   "ignored");		ret->ignore = TRUE;		return NULL;	}	left = req_plen - sizeof(*req);	if (left < 2 + EAP_PAX_RAND_LEN) {		wpa_printf(MSG_INFO, "EAP-PAX: PAX_STD-1 with too short "			   "payload");		ret->ignore = TRUE;		return NULL;	}	pos = (const u8 *) (req + 1);	if (WPA_GET_BE16(pos) != EAP_PAX_RAND_LEN) {		wpa_printf(MSG_INFO, "EAP-PAX: PAX_STD-1 with incorrect A "			   "length %d (expected %d)",			   WPA_GET_BE16(pos), EAP_PAX_RAND_LEN);		ret->ignore = TRUE;		return NULL;	}	pos += 2;	left -= 2;	os_memcpy(data->rand.r.x, pos, EAP_PAX_RAND_LEN);	wpa_hexdump(MSG_MSGDUMP, "EAP-PAX: X (server rand)",		    data->rand.r.x, EAP_PAX_RAND_LEN);	pos += EAP_PAX_RAND_LEN;	left -= EAP_PAX_RAND_LEN;	if (left > 0) {		wpa_hexdump(MSG_MSGDUMP, "EAP-PAX: ignored extra payload",			    pos, left);	}	if (random_get_bytes(data->rand.r.y, EAP_PAX_RAND_LEN)) {		wpa_printf(MSG_ERROR, "EAP-PAX: Failed to get random data");		ret->ignore = TRUE;		return NULL;	}	wpa_hexdump(MSG_MSGDUMP, "EAP-PAX: Y (client rand)",		    data->rand.r.y, EAP_PAX_RAND_LEN);	if (eap_pax_initial_key_derivation(req->mac_id, data->ak, data->rand.e,					   data->mk, data->ck, data->ick,					   data->mid) < 0) {		ret->ignore = TRUE;		return NULL;	}	wpa_printf(MSG_DEBUG, "EAP-PAX: PAX_STD-2 (sending)");	plen = 2 + EAP_PAX_RAND_LEN + 2 + data->cid_len + 2 + EAP_PAX_MAC_LEN +		EAP_PAX_ICV_LEN;	resp = eap_pax_alloc_resp(req, id, EAP_PAX_OP_STD_2, plen);	if (resp == NULL)		return NULL;	wpabuf_put_be16(resp, EAP_PAX_RAND_LEN);	wpabuf_put_data(resp, data->rand.r.y, EAP_PAX_RAND_LEN);	wpa_hexdump(MSG_MSGDUMP, "EAP-PAX: B = Y (client rand)",		    data->rand.r.y, EAP_PAX_RAND_LEN);	wpabuf_put_be16(resp, data->cid_len);	wpabuf_put_data(resp, data->cid, data->cid_len);	wpa_hexdump_ascii(MSG_MSGDUMP, "EAP-PAX: CID",			  (u8 *) data->cid, data->cid_len);	wpabuf_put_be16(resp, EAP_PAX_MAC_LEN);	rpos = wpabuf_put(resp, EAP_PAX_MAC_LEN);	eap_pax_mac(req->mac_id, data->ck, EAP_PAX_CK_LEN,		    data->rand.r.x, EAP_PAX_RAND_LEN,		    data->rand.r.y, EAP_PAX_RAND_LEN,		    (u8 *) data->cid, data->cid_len, rpos);	wpa_hexdump(MSG_MSGDUMP, "EAP-PAX: MAC_CK(A, B, CID)",		    rpos, EAP_PAX_MAC_LEN);	/* Optional ADE could be added here, if needed *///.........这里部分代码省略.........

static void eap_peap_process_phase2(struct eap_sm *sm,				    struct eap_peap_data *data,				    const struct wpabuf *respData,				    struct wpabuf *in_buf){	struct wpabuf *in_decrypted;	int len_decrypted;	const struct eap_hdr *hdr;	size_t buf_len, len;	u8 *in_data;	size_t in_len;	in_data = wpabuf_mhead(in_buf);	in_len = wpabuf_len(in_buf);	wpa_printf(MSG_DEBUG, "EAP-PEAP: received %lu bytes encrypted data for"		   " Phase 2", (unsigned long) in_len);	if (data->pending_phase2_resp) {		wpa_printf(MSG_DEBUG, "EAP-PEAP: Pending Phase 2 response - "			   "skip decryption and use old data");		eap_peap_process_phase2_response(sm, data,						 data->pending_phase2_resp);		wpabuf_free(data->pending_phase2_resp);		data->pending_phase2_resp = NULL;		return;	}	buf_len = in_len;	/*	 * Even though we try to disable TLS compression, it is possible that	 * this cannot be done with all TLS libraries. Add extra buffer space	 * to handle the possibility of the decrypted data being longer than	 * input data.	 */	buf_len += 500;	buf_len *= 3;	in_decrypted = wpabuf_alloc(buf_len);	if (in_decrypted == NULL) {		wpa_printf(MSG_WARNING, "EAP-PEAP: failed to allocate memory "			   "for decryption");		return;	}	len_decrypted = tls_connection_decrypt(sm->ssl_ctx, data->ssl.conn,					       in_data, in_len,					       wpabuf_mhead(in_decrypted),					       buf_len);	if (len_decrypted < 0) {		wpa_printf(MSG_INFO, "EAP-PEAP: Failed to decrypt Phase 2 "			   "data");		wpabuf_free(in_decrypted);		eap_peap_state(data, FAILURE);		return;	}	wpabuf_put(in_decrypted, len_decrypted);	wpa_hexdump_buf_key(MSG_DEBUG, "EAP-PEAP: Decrypted Phase 2 EAP",			    in_decrypted);	hdr = wpabuf_head(in_decrypted);	if (data->peap_version == 0 && data->state != PHASE2_TLV) {		const struct eap_hdr *resp;		struct eap_hdr *nhdr;		struct wpabuf *nbuf =			wpabuf_alloc(sizeof(struct eap_hdr) +				     wpabuf_len(in_decrypted));		if (nbuf == NULL) {			wpabuf_free(in_decrypted);			return;		}		resp = wpabuf_head(respData);		nhdr = wpabuf_put(nbuf, sizeof(*nhdr));		nhdr->code = resp->code;		nhdr->identifier = resp->identifier;		nhdr->length = host_to_be16(sizeof(struct eap_hdr) +					    wpabuf_len(in_decrypted));		wpabuf_put_buf(nbuf, in_decrypted);		wpabuf_free(in_decrypted);		in_decrypted = nbuf;	} else if (data->peap_version >= 2) {		struct eap_tlv_hdr *tlv;		struct wpabuf *nmsg;		if (wpabuf_len(in_decrypted) < sizeof(*tlv) + sizeof(*hdr)) {			wpa_printf(MSG_INFO, "EAP-PEAPv2: Too short Phase 2 "				   "EAP TLV");			wpabuf_free(in_decrypted);			return;		}		tlv = wpabuf_mhead(in_decrypted);		if ((be_to_host16(tlv->tlv_type) & EAP_TLV_TYPE_MASK) !=		    EAP_TLV_EAP_PAYLOAD_TLV) {			wpa_printf(MSG_INFO, "EAP-PEAPv2: Not an EAP TLV");			wpabuf_free(in_decrypted);			return;		}//.........这里部分代码省略.........

/** * tlsv1_client_decrypt - Decrypt data from TLS tunnel * @conn: TLSv1 client connection data from tlsv1_client_init() * @in_data: Pointer to input buffer (encrypted TLS data) * @in_len: Input buffer length * @need_more_data: Set to 1 if more data would be needed to complete *	processing * Returns: Decrypted data or %NULL on failure * * This function is used after TLS handshake has been completed successfully to * receive data from the encrypted tunnel. */struct wpabuf * tlsv1_client_decrypt(struct tlsv1_client *conn,				     const u8 *in_data, size_t in_len,				     int *need_more_data){	const u8 *in_end, *pos;	int used;	u8 alert, *out_pos, ct;	size_t olen;	struct wpabuf *buf = NULL;	if (need_more_data)		*need_more_data = 0;	if (conn->partial_input) {		if (wpabuf_resize(&conn->partial_input, in_len) < 0) {			wpa_printf(MSG_DEBUG, "TLSv1: Failed to allocate "				   "memory for pending record");			alert = TLS_ALERT_INTERNAL_ERROR;			goto fail;		}		wpabuf_put_data(conn->partial_input, in_data, in_len);		in_data = wpabuf_head(conn->partial_input);		in_len = wpabuf_len(conn->partial_input);	}	pos = in_data;	in_end = in_data + in_len;	while (pos < in_end) {		ct = pos[0];		if (wpabuf_resize(&buf, in_end - pos) < 0) {			alert = TLS_ALERT_INTERNAL_ERROR;			goto fail;		}		out_pos = wpabuf_put(buf, 0);		olen = wpabuf_tailroom(buf);		used = tlsv1_record_receive(&conn->rl, pos, in_end - pos,					    out_pos, &olen, &alert);		if (used < 0) {			wpa_printf(MSG_DEBUG, "TLSv1: Record layer processing "				   "failed");			goto fail;		}		if (used == 0) {			struct wpabuf *partial;			wpa_printf(MSG_DEBUG, "TLSv1: Need more data");			partial = wpabuf_alloc_copy(pos, in_end - pos);			wpabuf_free(conn->partial_input);			conn->partial_input = partial;			if (conn->partial_input == NULL) {				wpa_printf(MSG_DEBUG, "TLSv1: Failed to "					   "allocate memory for pending "					   "record");				alert = TLS_ALERT_INTERNAL_ERROR;				goto fail;			}			if (need_more_data)				*need_more_data = 1;			return buf;		}		if (ct == TLS_CONTENT_TYPE_ALERT) {			if (olen < 2) {				wpa_printf(MSG_DEBUG, "TLSv1: Alert "					   "underflow");				alert = TLS_ALERT_DECODE_ERROR;				goto fail;			}			wpa_printf(MSG_DEBUG, "TLSv1: Received alert %d:%d",				   out_pos[0], out_pos[1]);			if (out_pos[0] == TLS_ALERT_LEVEL_WARNING) {				/* Continue processing */				pos += used;				continue;			}			alert = out_pos[1];			goto fail;		}		if (ct != TLS_CONTENT_TYPE_APPLICATION_DATA) {			wpa_printf(MSG_DEBUG, "TLSv1: Unexpected content type "				   "0x%x when decrypting application data",				   pos[0]);			alert = TLS_ALERT_UNEXPECTED_MESSAGE;			goto fail;		}//.........这里部分代码省略.........

static struct wpabuf * eap_eke_build_commit(struct eap_sm *sm,					    struct eap_eke_data *data, u8 id){	struct wpabuf *msg;	u8 pub[EAP_EKE_MAX_DH_LEN];	wpa_printf(MSG_DEBUG, "EAP-EKE: Request/Commit");	if (sm->user == NULL || sm->user->password == NULL) {		wpa_printf(MSG_INFO, "EAP-EKE: Password with not configured");		eap_eke_fail(data, EAP_EKE_FAIL_PASSWD_NOT_FOUND);		return eap_eke_build_failure(data, id);	}	if (eap_eke_derive_key(&data->sess, sm->user->password,			       sm->user->password_len,			       sm->server_id, sm->server_id_len,			       data->peerid, data->peerid_len, data->key) < 0) {		wpa_printf(MSG_INFO, "EAP-EKE: Failed to derive key");		eap_eke_fail(data, EAP_EKE_FAIL_PRIVATE_INTERNAL_ERROR);		return eap_eke_build_failure(data, id);	}	msg = eap_eke_build_msg(data, id, data->sess.dhcomp_len,				EAP_EKE_COMMIT);	if (msg == NULL) {		eap_eke_fail(data, EAP_EKE_FAIL_PRIVATE_INTERNAL_ERROR);		return eap_eke_build_failure(data, id);	}	/*	 * y_s = g ^ x_s (mod p)	 * x_s = random number 2 .. p-1	 * temp = prf(0+, password)	 * key = prf+(temp, ID_S | ID_P)	 * DHComponent_S = Encr(key, y_s)	 */	if (eap_eke_dh_init(data->sess.dhgroup, data->dh_priv, pub) < 0) {		wpa_printf(MSG_INFO, "EAP-EKE: Failed to initialize DH");		eap_eke_fail(data, EAP_EKE_FAIL_PRIVATE_INTERNAL_ERROR);		return eap_eke_build_failure(data, id);	}	if (eap_eke_dhcomp(&data->sess, data->key, pub,			   wpabuf_put(msg, data->sess.dhcomp_len))	    < 0) {		wpa_printf(MSG_INFO, "EAP-EKE: Failed to build DHComponent_S");		wpabuf_free(msg);		eap_eke_fail(data, EAP_EKE_FAIL_PRIVATE_INTERNAL_ERROR);		return eap_eke_build_failure(data, id);	}	if (wpabuf_resize(&data->msgs, wpabuf_len(msg)) < 0) {		wpabuf_free(msg);		eap_eke_fail(data, EAP_EKE_FAIL_PRIVATE_INTERNAL_ERROR);		return eap_eke_build_failure(data, id);	}	wpabuf_put_buf(data->msgs, msg);	return msg;}

static struct wpabuf * eap_psk_process_1(struct eap_psk_data *data,					 struct eap_method_ret *ret,					 const struct wpabuf *reqData){	const struct eap_psk_hdr_1 *hdr1;	struct eap_psk_hdr_2 *hdr2;	struct wpabuf *resp;	u8 *buf, *pos;	size_t buflen, len;	const u8 *cpos;	wpa_printf(MSG_DEBUG, "EAP-PSK: in INIT state");	cpos = eap_hdr_validate(EAP_VENDOR_IETF, EAP_TYPE_PSK, reqData, &len);	hdr1 = (const struct eap_psk_hdr_1 *) cpos;	if (cpos == NULL || len < sizeof(*hdr1)) {		wpa_printf(MSG_INFO, "EAP-PSK: Invalid first message "			   "length (%lu; expected %lu or more)",			   (unsigned long) len,			   (unsigned long) sizeof(*hdr1));		ret->ignore = TRUE;		return NULL;	}	wpa_printf(MSG_DEBUG, "EAP-PSK: Flags=0x%x", hdr1->flags);	if (EAP_PSK_FLAGS_GET_T(hdr1->flags) != 0) {		wpa_printf(MSG_INFO, "EAP-PSK: Unexpected T=%d (expected 0)",			   EAP_PSK_FLAGS_GET_T(hdr1->flags));		ret->methodState = METHOD_DONE;		ret->decision = DECISION_FAIL;		return NULL;	}	wpa_hexdump(MSG_DEBUG, "EAP-PSK: RAND_S", hdr1->rand_s,		    EAP_PSK_RAND_LEN);	os_free(data->id_s);	data->id_s_len = len - sizeof(*hdr1);	data->id_s = os_malloc(data->id_s_len);	if (data->id_s == NULL) {		wpa_printf(MSG_ERROR, "EAP-PSK: Failed to allocate memory for "			   "ID_S (len=%lu)", (unsigned long) data->id_s_len);		ret->ignore = TRUE;		return NULL;	}	os_memcpy(data->id_s, (u8 *) (hdr1 + 1), data->id_s_len);	wpa_hexdump_ascii(MSG_DEBUG, "EAP-PSK: ID_S",			  data->id_s, data->id_s_len);	if (os_get_random(data->rand_p, EAP_PSK_RAND_LEN)) {		wpa_printf(MSG_ERROR, "EAP-PSK: Failed to get random data");		ret->ignore = TRUE;		return NULL;	}	resp = eap_msg_alloc(EAP_VENDOR_IETF, EAP_TYPE_PSK,			     sizeof(*hdr2) + data->id_p_len, EAP_CODE_RESPONSE,			     eap_get_id(reqData));	if (resp == NULL)		return NULL;	hdr2 = wpabuf_put(resp, sizeof(*hdr2));	hdr2->flags = EAP_PSK_FLAGS_SET_T(1); /* T=1 */	os_memcpy(hdr2->rand_s, hdr1->rand_s, EAP_PSK_RAND_LEN);	os_memcpy(hdr2->rand_p, data->rand_p, EAP_PSK_RAND_LEN);	wpabuf_put_data(resp, data->id_p, data->id_p_len);	/* MAC_P = OMAC1-AES-128(AK, ID_P||ID_S||RAND_S||RAND_P) */	buflen = data->id_p_len + data->id_s_len + 2 * EAP_PSK_RAND_LEN;	buf = os_malloc(buflen);	if (buf == NULL) {		wpabuf_free(resp);		return NULL;	}	os_memcpy(buf, data->id_p, data->id_p_len);	pos = buf + data->id_p_len;	os_memcpy(pos, data->id_s, data->id_s_len);	pos += data->id_s_len;	os_memcpy(pos, hdr1->rand_s, EAP_PSK_RAND_LEN);	pos += EAP_PSK_RAND_LEN;	os_memcpy(pos, data->rand_p, EAP_PSK_RAND_LEN);	if (omac1_aes_128(data->ak, buf, buflen, hdr2->mac_p)) {		os_free(buf);		wpabuf_free(resp);		return NULL;	}	os_free(buf);	wpa_hexdump(MSG_DEBUG, "EAP-PSK: RAND_P", hdr2->rand_p,		    EAP_PSK_RAND_LEN);	wpa_hexdump(MSG_DEBUG, "EAP-PSK: MAC_P", hdr2->mac_p, EAP_PSK_MAC_LEN);	wpa_hexdump_ascii(MSG_DEBUG, "EAP-PSK: ID_P",			  data->id_p, data->id_p_len);	data->state = PSK_MAC_SENT;	return resp;}

static struct wpabuf * eap_fast_build_crypto_binding(	struct eap_sm *sm, struct eap_fast_data *data){	struct wpabuf *buf;	struct eap_tlv_result_tlv *result;	struct eap_tlv_crypto_binding_tlv *binding;	buf = wpabuf_alloc(2 * sizeof(*result) + sizeof(*binding));	if (buf == NULL)		return NULL;	if (data->send_new_pac || data->anon_provisioning ||	    data->phase2_method)		data->final_result = 0;	else		data->final_result = 1;	if (!data->final_result || data->eap_seq > 1) {		/* Intermediate-Result */		wpa_printf(MSG_DEBUG, "EAP-FAST: Add Intermediate-Result TLV "			   "(status=SUCCESS)");		result = wpabuf_put(buf, sizeof(*result));		result->tlv_type = host_to_be16(			EAP_TLV_TYPE_MANDATORY |			EAP_TLV_INTERMEDIATE_RESULT_TLV);		result->length = host_to_be16(2);		result->status = host_to_be16(EAP_TLV_RESULT_SUCCESS);	}	if (data->final_result) {		/* Result TLV */		wpa_printf(MSG_DEBUG, "EAP-FAST: Add Result TLV "			   "(status=SUCCESS)");		result = wpabuf_put(buf, sizeof(*result));		result->tlv_type = host_to_be16(EAP_TLV_TYPE_MANDATORY |						EAP_TLV_RESULT_TLV);		result->length = host_to_be16(2);		result->status = host_to_be16(EAP_TLV_RESULT_SUCCESS);	}	/* Crypto-Binding TLV */	binding = wpabuf_put(buf, sizeof(*binding));	binding->tlv_type = host_to_be16(EAP_TLV_TYPE_MANDATORY |					 EAP_TLV_CRYPTO_BINDING_TLV);	binding->length = host_to_be16(sizeof(*binding) -				       sizeof(struct eap_tlv_hdr));	binding->version = EAP_FAST_VERSION;	binding->received_version = data->peer_version;	binding->subtype = EAP_TLV_CRYPTO_BINDING_SUBTYPE_REQUEST;	if (random_get_bytes(binding->nonce, sizeof(binding->nonce)) < 0) {		wpabuf_free(buf);		return NULL;	}	/*	 * RFC 4851, Section 4.2.8:	 * The nonce in a request MUST have its least significant bit set to 0.	 */	binding->nonce[sizeof(binding->nonce) - 1] &= ~0x01;	os_memcpy(data->crypto_binding_nonce, binding->nonce,		  sizeof(binding->nonce));	/*	 * RFC 4851, Section 5.3:	 * CMK = CMK[j]	 * Compound-MAC = HMAC-SHA1( CMK, Crypto-Binding TLV )	 */	hmac_sha1(data->cmk, EAP_FAST_CMK_LEN,		  (u8 *) binding, sizeof(*binding),		  binding->compound_mac);	wpa_printf(MSG_DEBUG, "EAP-FAST: Add Crypto-Binding TLV: Version %d "		   "Received Version %d SubType %d",		   binding->version, binding->received_version,		   binding->subtype);	wpa_hexdump(MSG_MSGDUMP, "EAP-FAST: NONCE",		    binding->nonce, sizeof(binding->nonce));	wpa_hexdump(MSG_MSGDUMP, "EAP-FAST: Compound MAC",		    binding->compound_mac, sizeof(binding->compound_mac));	return buf;}

static struct wpabuf * eap_fast_build_pac(struct eap_sm *sm,					  struct eap_fast_data *data){	u8 pac_key[EAP_FAST_PAC_KEY_LEN];	u8 *pac_buf, *pac_opaque;	struct wpabuf *buf;	u8 *pos;	size_t buf_len, srv_id_info_len, pac_len;	struct eap_tlv_hdr *pac_tlv;	struct pac_tlv_hdr *pac_info;	struct eap_tlv_result_tlv *result;	struct os_time now;	if (random_get_bytes(pac_key, EAP_FAST_PAC_KEY_LEN) < 0 ||	    os_get_time(&now) < 0)		return NULL;	wpa_hexdump_key(MSG_DEBUG, "EAP-FAST: Generated PAC-Key",			pac_key, EAP_FAST_PAC_KEY_LEN);	pac_len = (2 + EAP_FAST_PAC_KEY_LEN) + (2 + 4) +		(2 + sm->identity_len) + 8;	pac_buf = os_malloc(pac_len);	if (pac_buf == NULL)		return NULL;	srv_id_info_len = os_strlen(data->srv_id_info);	pos = pac_buf;	*pos++ = PAC_OPAQUE_TYPE_KEY;	*pos++ = EAP_FAST_PAC_KEY_LEN;	os_memcpy(pos, pac_key, EAP_FAST_PAC_KEY_LEN);	pos += EAP_FAST_PAC_KEY_LEN;	*pos++ = PAC_OPAQUE_TYPE_LIFETIME;	*pos++ = 4;	WPA_PUT_BE32(pos, now.sec + data->pac_key_lifetime);	pos += 4;	if (sm->identity) {		*pos++ = PAC_OPAQUE_TYPE_IDENTITY;		*pos++ = sm->identity_len;		os_memcpy(pos, sm->identity, sm->identity_len);		pos += sm->identity_len;	}	pac_len = pos - pac_buf;	while (pac_len % 8) {		*pos++ = PAC_OPAQUE_TYPE_PAD;		pac_len++;	}	pac_opaque = os_malloc(pac_len + 8);	if (pac_opaque == NULL) {		os_free(pac_buf);		return NULL;	}	if (aes_wrap(data->pac_opaque_encr, sizeof(data->pac_opaque_encr),		     pac_len / 8, pac_buf, pac_opaque) < 0) {		os_free(pac_buf);		os_free(pac_opaque);		return NULL;	}	os_free(pac_buf);	pac_len += 8;	wpa_hexdump(MSG_DEBUG, "EAP-FAST: PAC-Opaque",		    pac_opaque, pac_len);	buf_len = sizeof(*pac_tlv) +		sizeof(struct pac_tlv_hdr) + EAP_FAST_PAC_KEY_LEN +		sizeof(struct pac_tlv_hdr) + pac_len +		data->srv_id_len + srv_id_info_len + 100 + sizeof(*result);	buf = wpabuf_alloc(buf_len);	if (buf == NULL) {		os_free(pac_opaque);		return NULL;	}	/* Result TLV */	wpa_printf(MSG_DEBUG, "EAP-FAST: Add Result TLV (status=SUCCESS)");	result = wpabuf_put(buf, sizeof(*result));	WPA_PUT_BE16((u8 *) &result->tlv_type,		     EAP_TLV_TYPE_MANDATORY | EAP_TLV_RESULT_TLV);	WPA_PUT_BE16((u8 *) &result->length, 2);	WPA_PUT_BE16((u8 *) &result->status, EAP_TLV_RESULT_SUCCESS);	/* PAC TLV */	wpa_printf(MSG_DEBUG, "EAP-FAST: Add PAC TLV");	pac_tlv = wpabuf_put(buf, sizeof(*pac_tlv));	pac_tlv->tlv_type = host_to_be16(EAP_TLV_TYPE_MANDATORY |					 EAP_TLV_PAC_TLV);	/* PAC-Key */	eap_fast_put_tlv(buf, PAC_TYPE_PAC_KEY, pac_key, EAP_FAST_PAC_KEY_LEN);	/* PAC-Opaque */	eap_fast_put_tlv(buf, PAC_TYPE_PAC_OPAQUE, pac_opaque, pac_len);	os_free(pac_opaque);	/* PAC-Info *///.........这里部分代码省略.........

static struct wpabuf * eap_pax_process_std_3(struct eap_pax_data *data,					     struct eap_method_ret *ret, u8 id,					     const struct eap_pax_hdr *req,					     size_t req_plen){	struct wpabuf *resp;	u8 *rpos, mac[EAP_PAX_MAC_LEN];	const u8 *pos;	size_t left;	wpa_printf(MSG_DEBUG, "EAP-PAX: PAX_STD-3 (received)");	if (data->state != PAX_STD_2_SENT) {		wpa_printf(MSG_INFO, "EAP-PAX: PAX_STD-3 received in "			   "unexpected state (%d) - ignored", data->state);		ret->ignore = TRUE;		return NULL;	}	if (req->flags & EAP_PAX_FLAGS_CE) {		wpa_printf(MSG_INFO, "EAP-PAX: PAX_STD-3 with CE flag set - "			   "ignored");		ret->ignore = TRUE;		return NULL;	}	left = req_plen - sizeof(*req);	if (left < 2 + EAP_PAX_MAC_LEN) {		wpa_printf(MSG_INFO, "EAP-PAX: PAX_STD-3 with too short "			   "payload");		ret->ignore = TRUE;		return NULL;	}	pos = (const u8 *) (req + 1);	if (WPA_GET_BE16(pos) != EAP_PAX_MAC_LEN) {		wpa_printf(MSG_INFO, "EAP-PAX: PAX_STD-3 with incorrect "			   "MAC_CK length %d (expected %d)",			   WPA_GET_BE16(pos), EAP_PAX_MAC_LEN);		ret->ignore = TRUE;		return NULL;	}	pos += 2;	left -= 2;	wpa_hexdump(MSG_MSGDUMP, "EAP-PAX: MAC_CK(B, CID)",		    pos, EAP_PAX_MAC_LEN);	eap_pax_mac(data->mac_id, data->ck, EAP_PAX_CK_LEN,		    data->rand.r.y, EAP_PAX_RAND_LEN,		    (u8 *) data->cid, data->cid_len, NULL, 0, mac);	if (os_memcmp_const(pos, mac, EAP_PAX_MAC_LEN) != 0) {		wpa_printf(MSG_INFO, "EAP-PAX: Invalid MAC_CK(B, CID) "			   "received");		wpa_hexdump(MSG_MSGDUMP, "EAP-PAX: expected MAC_CK(B, CID)",			    mac, EAP_PAX_MAC_LEN);		ret->methodState = METHOD_DONE;		ret->decision = DECISION_FAIL;		return NULL;	}	pos += EAP_PAX_MAC_LEN;	left -= EAP_PAX_MAC_LEN;	if (left > 0) {		wpa_hexdump(MSG_MSGDUMP, "EAP-PAX: ignored extra payload",			    pos, left);	}	wpa_printf(MSG_DEBUG, "EAP-PAX: PAX-ACK (sending)");	resp = eap_pax_alloc_resp(req, id, EAP_PAX_OP_ACK, EAP_PAX_ICV_LEN);	if (resp == NULL)		return NULL;	/* Optional ADE could be added here, if needed */	rpos = wpabuf_put(resp, EAP_PAX_ICV_LEN);	eap_pax_mac(data->mac_id, data->ick, EAP_PAX_ICK_LEN,		    wpabuf_head(resp), wpabuf_len(resp) - EAP_PAX_ICV_LEN,		    NULL, 0, NULL, 0, rpos);	wpa_hexdump(MSG_MSGDUMP, "EAP-PAX: ICV", rpos, EAP_PAX_ICV_LEN);	data->state = PAX_DONE;	ret->methodState = METHOD_DONE;	ret->decision = DECISION_UNCOND_SUCC;	ret->allowNotifications = FALSE;	return resp;}

static void eap_peap_process_phase2(struct eap_sm *sm,				    struct eap_peap_data *data,				    const struct wpabuf *respData,				    struct wpabuf *in_buf){	struct wpabuf *in_decrypted;	const struct eap_hdr *hdr;	size_t len;	wpa_printf(MSG_DEBUG, "EAP-PEAP: received %lu bytes encrypted data for"		   " Phase 2", (unsigned long) wpabuf_len(in_buf));	if (data->pending_phase2_resp) {		wpa_printf(MSG_DEBUG, "EAP-PEAP: Pending Phase 2 response - "			   "skip decryption and use old data");		eap_peap_process_phase2_response(sm, data,						 data->pending_phase2_resp);		wpabuf_free(data->pending_phase2_resp);		data->pending_phase2_resp = NULL;		return;	}	in_decrypted = tls_connection_decrypt(sm->ssl_ctx, data->ssl.conn,					      in_buf);	if (in_decrypted == NULL) {		wpa_printf(MSG_INFO, "EAP-PEAP: Failed to decrypt Phase 2 "			   "data");		eap_peap_state(data, FAILURE);		return;	}	wpa_hexdump_buf_key(MSG_DEBUG, "EAP-PEAP: Decrypted Phase 2 EAP",			    in_decrypted);	if (data->peap_version == 0 && data->state != PHASE2_TLV) {		const struct eap_hdr *resp;		struct eap_hdr *nhdr;		struct wpabuf *nbuf =			wpabuf_alloc(sizeof(struct eap_hdr) +				     wpabuf_len(in_decrypted));		if (nbuf == NULL) {			wpabuf_free(in_decrypted);			return;		}		resp = wpabuf_head(respData);		nhdr = wpabuf_put(nbuf, sizeof(*nhdr));		nhdr->code = resp->code;		nhdr->identifier = resp->identifier;		nhdr->length = host_to_be16(sizeof(struct eap_hdr) +					    wpabuf_len(in_decrypted));		wpabuf_put_buf(nbuf, in_decrypted);		wpabuf_free(in_decrypted);		in_decrypted = nbuf;	}	hdr = wpabuf_head(in_decrypted);	if (wpabuf_len(in_decrypted) < (int) sizeof(*hdr)) {		wpa_printf(MSG_INFO, "EAP-PEAP: Too short Phase 2 "			   "EAP frame (len=%lu)",			   (unsigned long) wpabuf_len(in_decrypted));		wpabuf_free(in_decrypted);		eap_peap_req_failure(sm, data);		return;	}	len = be_to_host16(hdr->length);	if (len > wpabuf_len(in_decrypted)) {		wpa_printf(MSG_INFO, "EAP-PEAP: Length mismatch in "			   "Phase 2 EAP frame (len=%lu hdr->length=%lu)",			   (unsigned long) wpabuf_len(in_decrypted),			   (unsigned long) len);		wpabuf_free(in_decrypted);		eap_peap_req_failure(sm, data);		return;	}	wpa_printf(MSG_DEBUG, "EAP-PEAP: received Phase 2: code=%d "		   "identifier=%d length=%lu", hdr->code, hdr->identifier,		   (unsigned long) len);	switch (hdr->code) {	case EAP_CODE_RESPONSE:		eap_peap_process_phase2_response(sm, data, in_decrypted);		break;	case EAP_CODE_SUCCESS:		wpa_printf(MSG_DEBUG, "EAP-PEAP: Phase 2 Success");		if (data->state == SUCCESS_REQ) {			eap_peap_state(data, SUCCESS);		}		break;	case EAP_CODE_FAILURE:		wpa_printf(MSG_DEBUG, "EAP-PEAP: Phase 2 Failure");		eap_peap_state(data, FAILURE);		break;	default:		wpa_printf(MSG_INFO, "EAP-PEAP: Unexpected code=%d in "			   "Phase 2 EAP header", hdr->code);		break;	}	wpabuf_free(in_decrypted);//.........这里部分代码省略.........

//.........这里部分代码省略.........		res = tncc_process_if_tnccs(data->tncc,					    wpabuf_head(data->in_buf),					    wpabuf_len(data->in_buf));		switch (res) {		case TNCCS_PROCESS_ERROR:			ret->ignore = TRUE;			goto fail;		case TNCCS_PROCESS_OK_NO_RECOMMENDATION:		case TNCCS_RECOMMENDATION_ERROR:			wpa_printf(MSG_DEBUG, "EAP-TNC: No "				   "TNCCS-Recommendation received");			break;		case TNCCS_RECOMMENDATION_ALLOW:			wpa_msg(sm->msg_ctx, MSG_INFO,				"TNC: Recommendation = allow");			tncs_done = 1;			break;		case TNCCS_RECOMMENDATION_NONE:			wpa_msg(sm->msg_ctx, MSG_INFO,				"TNC: Recommendation = none");			tncs_done = 1;			break;		case TNCCS_RECOMMENDATION_ISOLATE:			wpa_msg(sm->msg_ctx, MSG_INFO,				"TNC: Recommendation = isolate");			tncs_done = 1;			break;		}	}	if (data->in_buf != &tmpbuf)		wpabuf_free(data->in_buf);	data->in_buf = NULL;	ret->ignore = FALSE;	ret->methodState = METHOD_MAY_CONT;	ret->decision = DECISION_UNCOND_SUCC;	ret->allowNotifications = TRUE;	if (data->out_buf) {		data->state = PROC_MSG;		return eap_tnc_build_msg(data, ret, id);	}	if (tncs_done) {		resp = eap_msg_alloc(EAP_VENDOR_IETF, EAP_TYPE_TNC, 1,				     EAP_CODE_RESPONSE, eap_get_id(reqData));		if (resp == NULL)			return NULL;		wpabuf_put_u8(resp, EAP_TNC_VERSION);		wpa_printf(MSG_DEBUG, "EAP-TNC: TNCS done - reply with an "			   "empty ACK message");		return resp;	}	imc_len = tncc_total_send_len(data->tncc);	start_buf = tncc_if_tnccs_start(data->tncc);	if (start_buf == NULL)		return NULL;	start_len = os_strlen(start_buf);	end_buf = tncc_if_tnccs_end();	if (end_buf == NULL) {		os_free(start_buf);		return NULL;	}	end_len = os_strlen(end_buf);	rlen = start_len + imc_len + end_len;	resp = wpabuf_alloc(rlen);	if (resp == NULL) {		os_free(start_buf);		os_free(end_buf);		return NULL;	}	wpabuf_put_data(resp, start_buf, start_len);	os_free(start_buf);	rpos1 = wpabuf_put(resp, 0);	rpos = tncc_copy_send_buf(data->tncc, rpos1);	wpabuf_put(resp, rpos - rpos1);	wpabuf_put_data(resp, end_buf, end_len);	os_free(end_buf);	wpa_hexdump_ascii(MSG_MSGDUMP, "EAP-TNC: Response",			  wpabuf_head(resp), wpabuf_len(resp));	data->out_buf = resp;	data->state = PROC_MSG;	return eap_tnc_build_msg(data, ret, id);fail:	if (data->in_buf == &tmpbuf)		data->in_buf = NULL;	return NULL;}

static struct wpabuf * eap_peap_build_phase2_tlv(struct eap_sm *sm,						 struct eap_peap_data *data,						 u8 id){	struct wpabuf *buf, *encr_req;	size_t mlen;	mlen = 6; /* Result TLV */	if (data->peap_version == 0 && data->tlv_request == TLV_REQ_SUCCESS &&	    data->crypto_binding != NO_BINDING) {		mlen += 60; /* Cryptobinding TLV */#ifdef EAP_SERVER_TNC		if (data->soh_response)			mlen += wpabuf_len(data->soh_response);#endif /* EAP_SERVER_TNC */	}	buf = eap_msg_alloc(EAP_VENDOR_IETF, EAP_TYPE_TLV, mlen,			    EAP_CODE_REQUEST, id);	if (buf == NULL)		return NULL;	wpabuf_put_u8(buf, 0x80); /* Mandatory */	wpabuf_put_u8(buf, EAP_TLV_RESULT_TLV);	/* Length */	wpabuf_put_be16(buf, 2);	/* Status */	wpabuf_put_be16(buf, data->tlv_request == TLV_REQ_SUCCESS ?			EAP_TLV_RESULT_SUCCESS : EAP_TLV_RESULT_FAILURE);	if (data->peap_version == 0 && data->tlv_request == TLV_REQ_SUCCESS &&	    data->crypto_binding != NO_BINDING) {		u8 *mac;		u8 eap_type = EAP_TYPE_PEAP;		const u8 *addr[2];		size_t len[2];		u16 tlv_type;#ifdef EAP_SERVER_TNC		if (data->soh_response) {			wpa_printf(MSG_DEBUG, "EAP-PEAP: Adding MS-SOH "				   "Response TLV");			wpabuf_put_buf(buf, data->soh_response);			wpabuf_free(data->soh_response);			data->soh_response = NULL;		}#endif /* EAP_SERVER_TNC */		if (eap_peap_derive_cmk(sm, data) < 0 ||		    random_get_bytes(data->binding_nonce, 32)) {			wpabuf_free(buf);			return NULL;		}		/* Compound_MAC: HMAC-SHA1-160(cryptobinding TLV | EAP type) */		addr[0] = wpabuf_put(buf, 0);		len[0] = 60;		addr[1] = &eap_type;		len[1] = 1;		tlv_type = EAP_TLV_CRYPTO_BINDING_TLV;		wpabuf_put_be16(buf, tlv_type);		wpabuf_put_be16(buf, 56);		wpabuf_put_u8(buf, 0); /* Reserved */		wpabuf_put_u8(buf, data->peap_version); /* Version */		wpabuf_put_u8(buf, data->recv_version); /* RecvVersion */		wpabuf_put_u8(buf, 0); /* SubType: 0 = Request, 1 = Response */		wpabuf_put_data(buf, data->binding_nonce, 32); /* Nonce */		mac = wpabuf_put(buf, 20); /* Compound_MAC */		wpa_hexdump(MSG_MSGDUMP, "EAP-PEAP: Compound_MAC CMK",			    data->cmk, 20);		wpa_hexdump(MSG_MSGDUMP, "EAP-PEAP: Compound_MAC data 1",			    addr[0], len[0]);		wpa_hexdump(MSG_MSGDUMP, "EAP-PEAP: Compound_MAC data 2",			    addr[1], len[1]);		hmac_sha1_vector(data->cmk, 20, 2, addr, len, mac);		wpa_hexdump(MSG_MSGDUMP, "EAP-PEAP: Compound_MAC",			    mac, SHA1_MAC_LEN);		data->crypto_binding_sent = 1;	}	wpa_hexdump_buf_key(MSG_DEBUG, "EAP-PEAP: Encrypting Phase 2 TLV data",			    buf);	encr_req = eap_server_tls_encrypt(sm, &data->ssl, buf);	wpabuf_free(buf);	return encr_req;}

/* event_send_tx_ready -- actually write event message * * Prequisite: subscription socket descriptor has become ready to * write (because connection to subscriber has been made). * * It is also possible that we are called because the connect has failed; * it is possible to test for this, or we can just go ahead and then * the write will fail. */static void event_send_tx_ready(int sock, void *eloop_ctx, void *sock_ctx){	struct wps_event_ *e = sock_ctx;	struct subscription *s = e->s;	struct wpabuf *buf;	char *b;	assert(e == s->current_event);	assert(e->sd == sock);	buf = wpabuf_alloc(1000 + wpabuf_len(e->data));	if (buf == NULL) {		event_retry(e, 0);		goto bad;	}	wpabuf_printf(buf, "NOTIFY %s HTTP/1.1/r/n", e->addr->path);	wpabuf_put_str(buf, "SERVER: Unspecified, UPnP/1.0, Unspecified/r/n");	wpabuf_printf(buf, "HOST: %s/r/n", e->addr->domain_and_port);	wpabuf_put_str(buf, "CONTENT-TYPE: text/xml; charset=/"utf-8/"/r/n"		       "NT: upnp:event/r/n"		       "NTS: upnp:propchange/r/n");	wpabuf_put_str(buf, "SID: uuid:");	b = wpabuf_put(buf, 0);	uuid_bin2str(s->uuid, b, 80);	wpabuf_put(buf, os_strlen(b));	wpabuf_put_str(buf, "/r/n");	wpabuf_printf(buf, "SEQ: %u/r/n", e->subscriber_sequence);	wpabuf_printf(buf, "CONTENT-LENGTH: %d/r/n",		      (int) wpabuf_len(e->data));	wpabuf_put_str(buf, "/r/n"); /* terminating empty line */	wpabuf_put_buf(buf, e->data);	/* Since the message size is pretty small, we should be	 * able to get the operating system to buffer what we give it	 * and not have to come back again later to write more...	 */#if 0	/* we could: Turn blocking back on? */	fcntl(e->sd, F_SETFL, 0);#endif	wpa_printf(MSG_DEBUG, "WPS UPnP: Sending event to %s",		   e->addr->domain_and_port);	if (send_wpabuf(e->sd, buf) < 0) {		event_retry(e, 1);		goto bad;	}	wpabuf_free(buf);	buf = NULL;	if (e->sd_registered) {		e->sd_registered = 0;		eloop_unregister_sock(e->sd, EVENT_TYPE_WRITE);	}	/* Set up to read the reply */	e->hread = httpread_create(e->sd, event_got_response_handler,				   e /* cookie */,				   0 /* no data expected */,				   EVENT_TIMEOUT_SEC);	if (e->hread == NULL) {		wpa_printf(MSG_ERROR, "WPS UPnP: httpread_create failed");		event_retry(e, 0);		goto bad;	}	return;bad:	/* Schedule sending more if there is more to send */	if (s->event_queue)		event_send_all_later(s->sm);	wpabuf_free(buf);}

static struct wpabuf * eap_md5_process(struct eap_sm *sm, void *priv,				       struct eap_method_ret *ret,				       const struct wpabuf *reqData){	struct wpabuf *resp;	const u8 *pos, *challenge, *password;	u8 *rpos, id;	size_t len, challenge_len, password_len;	password = eap_get_config_password(sm, &password_len);	if (password == NULL) {		wpa_printf(MSG_INFO, "EAP-MD5: Password not configured");		eap_sm_request_password(sm);		ret->ignore = TRUE;		return NULL;	}	pos = eap_hdr_validate(EAP_VENDOR_IETF, EAP_TYPE_MD5, reqData, &len);	if (pos == NULL || len == 0) {		wpa_printf(MSG_INFO, "EAP-MD5: Invalid frame (pos=%p len=%lu)",			   pos, (unsigned long) len);		ret->ignore = TRUE;		return NULL;	}	/*	 * CHAP Challenge:	 * Value-Size (1 octet) | Value(Challenge) | Name(optional)	 */	challenge_len = *pos++;	if (challenge_len == 0 || challenge_len > len - 1) {		wpa_printf(MSG_INFO, "EAP-MD5: Invalid challenge "			   "(challenge_len=%lu len=%lu)",			   (unsigned long) challenge_len, (unsigned long) len);		ret->ignore = TRUE;		return NULL;	}	ret->ignore = FALSE;	challenge = pos;	wpa_hexdump(MSG_MSGDUMP, "EAP-MD5: Challenge",		    challenge, challenge_len);	wpa_printf(MSG_DEBUG, "EAP-MD5: Generating Challenge Response");	ret->methodState = METHOD_DONE;	ret->decision = DECISION_COND_SUCC;	ret->allowNotifications = TRUE;	resp = eap_msg_alloc(EAP_VENDOR_IETF, EAP_TYPE_MD5, 1 + CHAP_MD5_LEN,			     EAP_CODE_RESPONSE, eap_get_id(reqData));	if (resp == NULL)		return NULL;	/*	 * CHAP Response:	 * Value-Size (1 octet) | Value(Response) | Name(optional)	 */	wpabuf_put_u8(resp, CHAP_MD5_LEN);	id = eap_get_id(resp);	rpos = wpabuf_put(resp, CHAP_MD5_LEN);	chap_md5(id, password, password_len, challenge, challenge_len, rpos);	wpa_hexdump(MSG_MSGDUMP, "EAP-MD5: Response", rpos, CHAP_MD5_LEN);	return resp;}

/* Given that we have received a header w/ GET, act upon it * * Format of GET (case-insensitive): * * First line must be: *      GET /<file> HTTP/1.1 * Since we don't do anything fancy we just ignore other lines. * * Our response (if no error) which includes only required lines is: * HTTP/1.1 200 OK * Connection: close * Content-Type: text/xml * Date: <rfc1123-date> * * Header lines must end with /r/n * Per RFC 2616, content-length: is not required but connection:close * would appear to be required (given that we will be closing it!). */static void web_connection_parse_get(struct upnp_wps_device_sm *sm,				     struct http_request *hreq, char *filename){	struct wpabuf *buf; /* output buffer, allocated */	char *put_length_here;	char *body_start;	enum {		GET_DEVICE_XML_FILE,		GET_SCPD_XML_FILE	} req;	size_t extra_len = 0;	int body_length;	char len_buf[10];	struct upnp_wps_device_interface *iface;	iface = dl_list_first(&sm->interfaces,			      struct upnp_wps_device_interface, list);	if (iface == NULL) {		http_request_deinit(hreq);		return;	}	/*	 * It is not required that filenames be case insensitive but it is	 * allowed and cannot hurt here.	 */	if (os_strcasecmp(filename, UPNP_WPS_DEVICE_XML_FILE) == 0) {		wpa_printf(MSG_DEBUG, "WPS UPnP: HTTP GET for device XML");		req = GET_DEVICE_XML_FILE;		extra_len = 3000;		if (iface->wps->friendly_name)			extra_len += os_strlen(iface->wps->friendly_name);		if (iface->wps->manufacturer_url)			extra_len += os_strlen(iface->wps->manufacturer_url);		if (iface->wps->model_description)			extra_len += os_strlen(iface->wps->model_description);		if (iface->wps->model_url)			extra_len += os_strlen(iface->wps->model_url);		if (iface->wps->upc)			extra_len += os_strlen(iface->wps->upc);	} else if (!os_strcasecmp(filename, UPNP_WPS_SCPD_XML_FILE)) {		wpa_printf(MSG_DEBUG, "WPS UPnP: HTTP GET for SCPD XML");		req = GET_SCPD_XML_FILE;		extra_len = os_strlen(wps_scpd_xml);	} else {		/* File not found */		wpa_printf(MSG_DEBUG, "WPS UPnP: HTTP GET file not found: %s",			   filename);		buf = wpabuf_alloc(200);		if (buf == NULL) {			http_request_deinit(hreq);			return;		}		wpabuf_put_str(buf,			       "HTTP/1.1 404 Not Found/r/n"			       "Connection: close/r/n");		http_put_date(buf);		/* terminating empty line */		wpabuf_put_str(buf, "/r/n");		goto send_buf;	}	buf = wpabuf_alloc(1000 + extra_len);	if (buf == NULL) {		http_request_deinit(hreq);		return;	}	wpabuf_put_str(buf,		       "HTTP/1.1 200 OK/r/n"		       "Content-Type: text/xml; charset=/"utf-8/"/r/n");	wpabuf_put_str(buf, "Server: Unspecified, UPnP/1.0, Unspecified/r/n");	wpabuf_put_str(buf, "Connection: close/r/n");	wpabuf_put_str(buf, "Content-Length: ");	/*	 * We will paste the length in later, leaving some extra whitespace.	 * HTTP code is supposed to be tolerant of extra whitespace.	 */	put_length_here = wpabuf_put(buf, 0);//.........这里部分代码省略.........

static int p2p_buf_add_service_info(struct wpabuf *buf, struct p2p_data *p2p,				    u32 adv_id, u16 config_methods,				    const char *svc_name, u8 **ie_len, u8 **pos,				    size_t *total_len, u8 *attr_len){	size_t svc_len;	size_t remaining;	size_t info_len;	p2p_dbg(p2p, "Add service info for %s (adv_id=%u)", svc_name, adv_id);	svc_len = os_strlen(svc_name);	info_len = sizeof(adv_id) + sizeof(config_methods) + sizeof(u8) +		svc_len;	if (info_len + *total_len > MAX_SVC_ADV_LEN) {		p2p_dbg(p2p,			"Unsufficient buffer, failed to add advertised service info");		return -1;	}	if (svc_len > 255) {		p2p_dbg(p2p,			"Invalid service name length (%u bytes), failed to add advertised service info",			(unsigned int) svc_len);		return -1;	}	if (*ie_len) {		int ie_data_len = (*pos - *ie_len) - 1;		if (ie_data_len < 0 || ie_data_len > 255) {			p2p_dbg(p2p,				"Invalid IE length, failed to add advertised service info");			return -1;		}		remaining = 255 - ie_data_len;	} else {		/*		 * Adding new P2P IE header takes 6 extra bytes:		 * - 2 byte IE header (1 byte IE id and 1 byte length)		 * - 4 bytes of IE_VENDOR_TYPE are reduced from 255 below		 */		*ie_len = p2p_buf_add_ie_hdr(buf);		remaining = 255 - 4;	}	if (remaining < sizeof(u32) + sizeof(u16) + sizeof(u8)) {		/*		 * Split adv_id, config_methods, and svc_name_len between two		 * IEs.		 */		size_t front = remaining;		size_t back = sizeof(u32) + sizeof(u16) + sizeof(u8) - front;		u8 holder[sizeof(u32) + sizeof(u16) + sizeof(u8)];		WPA_PUT_LE32(holder, adv_id);		WPA_PUT_BE16(&holder[sizeof(u32)], config_methods);		holder[sizeof(u32) + sizeof(u16)] = svc_len;		if (front)			wpabuf_put_data(buf, holder, front);		p2p_buf_update_ie_hdr(buf, *ie_len);		*ie_len = p2p_buf_add_ie_hdr(buf);		wpabuf_put_data(buf, &holder[front], back);		remaining = 255 - 4 - (sizeof(u32) + sizeof(u16) + sizeof(u8)) -			back;	} else {		wpabuf_put_le32(buf, adv_id);		wpabuf_put_be16(buf, config_methods);		wpabuf_put_u8(buf, svc_len);		remaining -= sizeof(adv_id) + sizeof(config_methods) +			sizeof(u8);	}	if (remaining < svc_len) {		/* split svc_name between two or three IEs */		size_t front = remaining;		size_t back = svc_len - front;		if (front)			wpabuf_put_data(buf, svc_name, front);		p2p_buf_update_ie_hdr(buf, *ie_len);		*ie_len = p2p_buf_add_ie_hdr(buf);		/* In rare cases, we must split across 3 attributes */		if (back > 255 - 4) {			wpabuf_put_data(buf, &svc_name[front], 255 - 4);			back -= 255 - 4;			front += 255 - 4;			p2p_buf_update_ie_hdr(buf, *ie_len);			*ie_len = p2p_buf_add_ie_hdr(buf);		}		wpabuf_put_data(buf, &svc_name[front], back);		remaining = 255 - 4 - back;	} else {		wpabuf_put_data(buf, svc_name, svc_len);//.........这里部分代码省略.........

void p2p_build_wps_ie(struct p2p_data *p2p, struct wpabuf *buf, u16 pw_id,		      int all_attr){	u8 *len;	int i;	wpabuf_put_u8(buf, WLAN_EID_VENDOR_SPECIFIC);	len = wpabuf_put(buf, 1);	wpabuf_put_be32(buf, WPS_DEV_OUI_WFA);	wps_build_version(buf);	if (all_attr) {		wpabuf_put_be16(buf, ATTR_WPS_STATE);		wpabuf_put_be16(buf, 1);		wpabuf_put_u8(buf, WPS_STATE_NOT_CONFIGURED);	}	/* Device Password ID */	wpabuf_put_be16(buf, ATTR_DEV_PASSWORD_ID);	wpabuf_put_be16(buf, 2);	wpa_printf(MSG_DEBUG, "P2P: WPS IE Device Password ID: %d", pw_id);	wpabuf_put_be16(buf, pw_id);	if (all_attr) {		size_t nlen;		wpabuf_put_be16(buf, ATTR_RESPONSE_TYPE);		wpabuf_put_be16(buf, 1);		wpabuf_put_u8(buf, WPS_RESP_ENROLLEE_INFO);#if 0		/* FIX */		wps_build_uuid_e(buf, reg->wps->uuid);		wps_build_manufacturer(dev, buf);		wps_build_model_name(dev, buf);		wps_build_model_number(dev, buf);		wps_build_serial_number(dev, buf);#endif		wpabuf_put_be16(buf, ATTR_PRIMARY_DEV_TYPE);		wpabuf_put_be16(buf, WPS_DEV_TYPE_LEN);		wpabuf_put_data(buf, p2p->cfg->pri_dev_type, WPS_DEV_TYPE_LEN);		wpabuf_put_be16(buf, ATTR_DEV_NAME);		nlen = p2p->cfg->dev_name ? os_strlen(p2p->cfg->dev_name) : 0;		wpabuf_put_be16(buf, nlen);		if (p2p->cfg->dev_name)			wpabuf_put_data(buf, p2p->cfg->dev_name, nlen);		wpabuf_put_be16(buf, ATTR_CONFIG_METHODS);		wpabuf_put_be16(buf, 2);		wpabuf_put_be16(buf, 0); /* FIX: ? */	}	wps_build_wfa_ext(buf, 0, NULL, 0);	if (all_attr && p2p->cfg->num_sec_dev_types) {		wpabuf_put_be16(buf, ATTR_SECONDARY_DEV_TYPE_LIST);		wpabuf_put_be16(buf, WPS_DEV_TYPE_LEN *				p2p->cfg->num_sec_dev_types);		wpabuf_put_data(buf, p2p->cfg->sec_dev_type,				WPS_DEV_TYPE_LEN *				p2p->cfg->num_sec_dev_types);	}	/* Add the WPS vendor extensions */	for (i = 0; i < P2P_MAX_WPS_VENDOR_EXT; i++) {		if (p2p->wps_vendor_ext[i] == NULL)			break;		if (wpabuf_tailroom(buf) <		    4 + wpabuf_len(p2p->wps_vendor_ext[i]))			continue;		wpabuf_put_be16(buf, ATTR_VENDOR_EXT);		wpabuf_put_be16(buf, wpabuf_len(p2p->wps_vendor_ext[i]));		wpabuf_put_buf(buf, p2p->wps_vendor_ext[i]);	}	p2p_buf_update_ie_hdr(buf, len);}

void p2p_buf_add_service_instance(struct wpabuf *buf, struct p2p_data *p2p,				  u8 hash_count, const u8 *hash,				  struct p2ps_advertisement *adv_list){	struct p2ps_advertisement *adv;	int p2ps_wildcard;	size_t total_len;	struct wpabuf *tmp_buf = NULL;	u8 *pos, *attr_len, *ie_len = NULL;	if (!adv_list || !hash || !hash_count)		return;	wpa_hexdump(MSG_DEBUG, "P2PS: Probe Request service hash values",		    hash, hash_count * P2PS_HASH_LEN);	p2ps_wildcard = p2ps_wildcard_hash(p2p, hash, hash_count) &&		p2p_wfa_service_adv(p2p);	/* Allocate temp buffer, allowing for overflow of 1 instance */	tmp_buf = wpabuf_alloc(MAX_SVC_ADV_IE_LEN + 256 + P2PS_HASH_LEN);	if (!tmp_buf)		return;	/*	 * Attribute data can be split into a number of IEs. Start with the	 * first IE and the attribute headers here.	 */	ie_len = p2p_buf_add_ie_hdr(tmp_buf);	total_len = 0;	wpabuf_put_u8(tmp_buf, P2P_ATTR_ADVERTISED_SERVICE);	attr_len = wpabuf_put(tmp_buf, sizeof(u16));	WPA_PUT_LE16(attr_len, (u16) total_len);	p2p_buf_update_ie_hdr(tmp_buf, ie_len);	pos = wpabuf_put(tmp_buf, 0);	if (p2ps_wildcard) {		/* org.wi-fi.wfds match found */		p2p_buf_add_service_info(tmp_buf, p2p, 0, 0, P2PS_WILD_HASH_STR,					 &ie_len, &pos, &total_len, attr_len);	}	/* add advertised service info of matching services */	for (adv = adv_list; adv && total_len <= MAX_SVC_ADV_LEN;	     adv = adv->next) {		const u8 *test = hash;		u8 i;		for (i = 0; i < hash_count; i++) {			/* exact name hash match */			if (os_memcmp(test, adv->hash, P2PS_HASH_LEN) == 0 &&			    p2p_buf_add_service_info(tmp_buf, p2p,						     adv->id,						     adv->config_methods,						     adv->svc_name,						     &ie_len, &pos,						     &total_len,						     attr_len))				break;			test += P2PS_HASH_LEN;		}	}	if (total_len)		wpabuf_put_buf(buf, tmp_buf);	wpabuf_free(tmp_buf);}

/** * eap_tls_process_output - Process outgoing TLS message * @data: Data for TLS processing * @eap_type: EAP type (EAP_TYPE_TLS, EAP_TYPE_PEAP, ...) * @peap_version: Version number for EAP-PEAP/TTLS * @id: EAP identifier for the response * @ret: Return value to use on success * @out_data: Buffer for returning the allocated output buffer * Returns: ret (0 or 1) on success, -1 on failure */static int eap_tls_process_output(struct eap_ssl_data *data, EapType eap_type,				  int peap_version, u8 id, int ret,				  struct wpabuf **out_data){	size_t len;	u8 *flags;	int more_fragments, length_included;	if (data->tls_out == NULL)		return -1;	len = wpabuf_len(data->tls_out) - data->tls_out_pos;	wpa_printf(MSG_DEBUG, "SSL: %lu bytes left to be sent out (of total "		   "%lu bytes)",		   (unsigned long) len,		   (unsigned long) wpabuf_len(data->tls_out));	/*	 * Limit outgoing message to the configured maximum size. Fragment	 * message if needed.	 */	if (len > data->tls_out_limit) {		more_fragments = 1;		len = data->tls_out_limit;		wpa_printf(MSG_DEBUG, "SSL: sending %lu bytes, more fragments "			   "will follow", (unsigned long) len);	} else		more_fragments = 0;	length_included = data->tls_out_pos == 0 &&		(wpabuf_len(data->tls_out) > data->tls_out_limit ||		 data->include_tls_length);	if (!length_included &&	    eap_type == EAP_TYPE_PEAP && peap_version == 0 &&	    !tls_connection_established(data->eap->ssl_ctx, data->conn)) {		/*		 * Windows Server 2008 NPS really wants to have the TLS Message		 * length included in phase 0 even for unfragmented frames or		 * it will get very confused with Compound MAC calculation and		 * Outer TLVs.		 */		length_included = 1;	}	*out_data = eap_tls_msg_alloc(eap_type, 1 + length_included * 4 + len,				      EAP_CODE_RESPONSE, id);	if (*out_data == NULL)		return -1;	flags = wpabuf_put(*out_data, 1);	*flags = peap_version;	if (more_fragments)		*flags |= EAP_TLS_FLAGS_MORE_FRAGMENTS;	if (length_included) {		*flags |= EAP_TLS_FLAGS_LENGTH_INCLUDED;		wpabuf_put_be32(*out_data, wpabuf_len(data->tls_out));	}	wpabuf_put_data(*out_data,			wpabuf_head_u8(data->tls_out) + data->tls_out_pos,			len);	data->tls_out_pos += len;	if (!more_fragments)		eap_peer_tls_reset_output(data);	return ret;}