自学教程：C++ wpabuf_tailroom函数代码示例

static int eap_wsc_process_cont(struct eap_wsc_data *data,				const u8 *buf, size_t len, u8 op_code){	/* Process continuation of a pending message */	if (op_code != data->in_op_code) {		wpa_printf(MSG_DEBUG, "EAP-WSC: Unexpected Op-Code %d in "			   "fragment (expected %d)",			   op_code, data->in_op_code);		eap_wsc_state(data, FAIL);		return -1;	}	if (len > wpabuf_tailroom(data->in_buf)) {		wpa_printf(MSG_DEBUG, "EAP-WSC: Fragment overflow");		eap_wsc_state(data, FAIL);		return -1;	}	wpabuf_put_data(data->in_buf, buf, len);	wpa_printf(MSG_DEBUG, "EAP-WSC: Received %lu bytes, waiting for %lu "		   "bytes more", (unsigned long) len,		   (unsigned long) wpabuf_tailroom(data->in_buf));	return 0;}

static int p2p_add_wps_string(struct wpabuf *buf, enum wps_attribute attr,			      const char *val){	size_t len;	len = val ? os_strlen(val) : 0;	if (wpabuf_tailroom(buf) < 4 + len)		return -1;	wpabuf_put_be16(buf, attr);#ifndef CONFIG_WPS_STRICT	if (len == 0) {		/*		 * Some deployed WPS implementations fail to parse zeor-length		 * attributes. As a workaround, send a space character if the		 * device attribute string is empty.		 */		if (wpabuf_tailroom(buf) < 3)			return -1;		wpabuf_put_be16(buf, 1);		wpabuf_put_u8(buf, ' ');		return 0;	}#endif /* CONFIG_WPS_STRICT */	wpabuf_put_be16(buf, len);	if (val)		wpabuf_put_data(buf, val, len);	return 0;}

static int eap_server_tls_process_cont(struct eap_ssl_data *data,				       const u8 *buf, size_t len){	/* Process continuation of a pending message */	if (len > wpabuf_tailroom(data->tls_in)) {		wpa_printf(MSG_DEBUG, "SSL: Fragment overflow");		return -1;	}	wpabuf_put_data(data->tls_in, buf, len);	wpa_printf(MSG_DEBUG, "SSL: Received %lu bytes, waiting for %lu "		   "bytes more", (unsigned long) len,		   (unsigned long) wpabuf_tailroom(data->tls_in));	return 0;}

struct radius_attr_hdr *radius_msg_add_attr(struct radius_msg *msg, u8 type,					    const u8 *data, size_t data_len){	size_t buf_needed;	struct radius_attr_hdr *attr;	if (data_len > RADIUS_MAX_ATTR_LEN) {		printf("radius_msg_add_attr: too long attribute (%lu bytes)/n",		       (unsigned long) data_len);		return NULL;	}	buf_needed = sizeof(*attr) + data_len;	if (wpabuf_tailroom(msg->buf) < buf_needed) {		/* allocate more space for message buffer */		if (wpabuf_resize(&msg->buf, buf_needed) < 0)			return NULL;		msg->hdr = wpabuf_mhead(msg->buf);	}	attr = wpabuf_put(msg->buf, sizeof(struct radius_attr_hdr));	attr->type = type;	attr->length = sizeof(*attr) + data_len;	wpabuf_put_data(msg->buf, data, data_len);	if (radius_msg_add_attr_to_array(msg, attr))		return NULL;	return attr;}

static int eap_wsc_process_fragment(struct eap_wsc_data *data,				    u8 flags, u8 op_code, u16 message_length,				    const u8 *buf, size_t len){	/* Process a fragment that is not the last one of the message */	if (data->in_buf == NULL && !(flags & WSC_FLAGS_LF)) {		wpa_printf(MSG_DEBUG, "EAP-WSC: No Message Length "			   "field in a fragmented packet");		return -1;	}	if (data->in_buf == NULL) {		/* First fragment of the message */		data->in_buf = wpabuf_alloc(message_length);		if (data->in_buf == NULL) {			wpa_printf(MSG_DEBUG, "EAP-WSC: No memory for "				   "message");			return -1;		}		data->in_op_code = op_code;		wpabuf_put_data(data->in_buf, buf, len);		wpa_printf(MSG_DEBUG, "EAP-WSC: Received %lu bytes in "			   "first fragment, waiting for %lu bytes more",			   (unsigned long) len,			   (unsigned long) wpabuf_tailroom(data->in_buf));	}	return 0;}

static int eap_tnc_process_fragment(struct eap_tnc_data *data,				    u8 flags, u32 message_length,				    const u8 *buf, size_t len){	/* Process a fragment that is not the last one of the message */	if (data->in_buf == NULL && !(flags & EAP_TNC_FLAGS_LENGTH_INCLUDED)) {		wpa_printf(MSG_DEBUG, "EAP-TNC: No Message Length field in a "			   "fragmented packet");		return -1;	}	if (data->in_buf == NULL) {		/* First fragment of the message */		data->in_buf = wpabuf_alloc(message_length);		if (data->in_buf == NULL) {			wpa_printf(MSG_DEBUG, "EAP-TNC: No memory for "				   "message");			return -1;		}		wpabuf_put_data(data->in_buf, buf, len);		wpa_printf(MSG_DEBUG, "EAP-TNC: Received %lu bytes in first "			   "fragment, waiting for %lu bytes more",			   (unsigned long) len,			   (unsigned long) wpabuf_tailroom(data->in_buf));	}	return 0;}

static int eap_tnc_process_cont(struct eap_tnc_data *data,				const u8 *buf, size_t len){	/* Process continuation of a pending message */	if (len > wpabuf_tailroom(data->in_buf)) {		wpa_printf(MSG_DEBUG, "EAP-TNC: Fragment overflow");		eap_tnc_set_state(data, FAIL);		return -1;	}	wpabuf_put_data(data->in_buf, buf, len);	wpa_printf(MSG_DEBUG, "EAP-TNC: Received %lu bytes, waiting for %lu "		   "bytes more", (unsigned long) len,		   (unsigned long) wpabuf_tailroom(data->in_buf));	return 0;}

static void p2p_client_info(struct wpabuf *ie, struct p2p_group_member *m){	if (m->client_info == NULL)		return;	if (wpabuf_tailroom(ie) < wpabuf_len(m->client_info) + 1)		return;	wpabuf_put_buf(ie, m->client_info);}

static struct wpabuf * eap_eke_build_confirm(struct eap_sm *sm,					     struct eap_eke_data *data, u8 id){	struct wpabuf *msg;	size_t plen, prot_len;	u8 nonces[2 * EAP_EKE_MAX_NONCE_LEN];	u8 *auth;	wpa_printf(MSG_DEBUG, "EAP-EKE: Request/Confirm");	plen = data->sess.pnonce_ps_len + data->sess.prf_len;	msg = eap_eke_build_msg(data, id, plen, EAP_EKE_CONFIRM);	if (msg == NULL) {		eap_eke_fail(data, EAP_EKE_FAIL_PRIVATE_INTERNAL_ERROR);		return eap_eke_build_failure(data, id);	}	if (random_get_bytes(data->nonce_s, data->sess.nonce_len)) {		wpabuf_free(msg);		eap_eke_fail(data, EAP_EKE_FAIL_PRIVATE_INTERNAL_ERROR);		return eap_eke_build_failure(data, id);	}	wpa_hexdump_key(MSG_DEBUG, "EAP-EKE: Nonce_S",			data->nonce_s, data->sess.nonce_len);	os_memcpy(nonces, data->nonce_p, data->sess.nonce_len);	os_memcpy(nonces + data->sess.nonce_len, data->nonce_s,		  data->sess.nonce_len);	prot_len = wpabuf_tailroom(msg);	if (eap_eke_prot(&data->sess, nonces, 2 * data->sess.nonce_len,			 wpabuf_put(msg, 0), &prot_len) < 0) {		wpabuf_free(msg);		eap_eke_fail(data, EAP_EKE_FAIL_PRIVATE_INTERNAL_ERROR);		return eap_eke_build_failure(data, id);	}	wpabuf_put(msg, prot_len);	if (eap_eke_derive_ka(&data->sess,			      sm->server_id, sm->server_id_len,			      data->peerid, data->peerid_len,			      data->nonce_p, data->nonce_s) < 0) {		wpabuf_free(msg);		eap_eke_fail(data, EAP_EKE_FAIL_PRIVATE_INTERNAL_ERROR);		return eap_eke_build_failure(data, id);	}	auth = wpabuf_put(msg, data->sess.prf_len);	if (eap_eke_auth(&data->sess, "EAP-EKE server", data->msgs, auth) < 0) {		wpabuf_free(msg);		eap_eke_fail(data, EAP_EKE_FAIL_PRIVATE_INTERNAL_ERROR);		return eap_eke_build_failure(data, id);	}	wpa_hexdump(MSG_DEBUG, "EAP-EKE: Auth_S", auth, data->sess.prf_len);	return msg;}

int wps_build_uuid_e(struct wpabuf *msg, const u8 *uuid){	if (wpabuf_tailroom(msg) < 4 + WPS_UUID_LEN)		return -1;	wpa_printf(MSG_DEBUG, "WPS:  * UUID-E");	wpabuf_put_be16(msg, ATTR_UUID_E);	wpabuf_put_be16(msg, WPS_UUID_LEN);	wpabuf_put_data(msg, uuid, WPS_UUID_LEN);	return 0;}

static void wpas_mbo_non_pref_chan_subelement(struct wpa_supplicant *wpa_s,					      struct wpabuf *mbo, u8 start,					      u8 end){	size_t size = end - start + 7;	if (size + 2 > wpabuf_tailroom(mbo))		return;	wpas_mbo_non_pref_chan_subelem_hdr(mbo, size);	wpas_mbo_non_pref_chan_attr_body(wpa_s, mbo, start, end);}

static void wpas_mbo_non_pref_chan_attr(struct wpa_supplicant *wpa_s,					struct wpabuf *mbo, u8 start, u8 end){	size_t size = end - start + 3;	if (size + 2 > wpabuf_tailroom(mbo))		return;	wpabuf_put_u8(mbo, MBO_ATTR_ID_NON_PREF_CHAN_REPORT);	wpabuf_put_u8(mbo, size); /* Length */	wpas_mbo_non_pref_chan_attr_body(wpa_s, mbo, start, end);}

int wps_build_version(struct wpabuf *msg){	/*	 * Note: This attribute is deprecated and set to hardcoded 0x10 for	 * backwards compatibility reasons. The real version negotiation is	 * done with Version2.	 */	if (wpabuf_tailroom(msg) < 5)		return -1;	wpa_printf(MSG_DEBUG, "WPS:  * Version (hardcoded 0x10)");	wpabuf_put_be16(msg, ATTR_VERSION);	wpabuf_put_be16(msg, 1);	wpabuf_put_u8(msg, 0x10);	return 0;}

static void anqp_add_elem(struct hostapd_data *hapd, struct wpabuf *buf,			  u16 infoid){	struct anqp_element *elem;	elem = get_anqp_elem(hapd, infoid);	if (!elem)		return;	if (wpabuf_tailroom(buf) < 2 + 2 + wpabuf_len(elem->payload)) {		wpa_printf(MSG_DEBUG, "ANQP: No room for InfoID %u payload",			   infoid);		return;	}	wpabuf_put_le16(buf, infoid);	wpabuf_put_le16(buf, wpabuf_len(elem->payload));	wpabuf_put_buf(buf, elem->payload);}

static int eap_server_tls_process_fragment(struct eap_ssl_data *data,					   u8 flags, u32 message_length,					   const u8 *buf, size_t len){	/* Process a fragment that is not the last one of the message */	if (data->tls_in == NULL && !(flags & EAP_TLS_FLAGS_LENGTH_INCLUDED)) {		wpa_printf(MSG_DEBUG, "SSL: No Message Length field in a "			   "fragmented packet");		return -1;	}	if (data->tls_in == NULL) {		/* First fragment of the message */		/* Limit length to avoid rogue peers from causing large		 * memory allocations. */		if (message_length > 65536) {			wpa_printf(MSG_INFO, "SSL: Too long TLS fragment (size"				   " over 64 kB)");			return -1;		}		if (len > message_length) {			wpa_printf(MSG_INFO, "SSL: Too much data (%d bytes) in "				   "first fragment of frame (TLS Message "				   "Length %d bytes)",				   (int) len, (int) message_length);			return -1;		}		data->tls_in = wpabuf_alloc(message_length);		if (data->tls_in == NULL) {			wpa_printf(MSG_DEBUG, "SSL: No memory for message");			return -1;		}		wpabuf_put_data(data->tls_in, buf, len);		wpa_printf(MSG_DEBUG, "SSL: Received %lu bytes in first "			   "fragment, waiting for %lu bytes more",			   (unsigned long) len,			   (unsigned long) wpabuf_tailroom(data->tls_in));	}	return 0;}

void p2p_build_wps_ie(struct p2p_data *p2p, struct wpabuf *buf, u16 pw_id,		      int all_attr){	u8 *len;	int i;	wpabuf_put_u8(buf, WLAN_EID_VENDOR_SPECIFIC);	len = wpabuf_put(buf, 1);	wpabuf_put_be32(buf, WPS_DEV_OUI_WFA);	wps_build_version(buf);	if (all_attr) {		wpabuf_put_be16(buf, ATTR_WPS_STATE);		wpabuf_put_be16(buf, 1);		wpabuf_put_u8(buf, WPS_STATE_NOT_CONFIGURED);	}	/* Device Password ID */	wpabuf_put_be16(buf, ATTR_DEV_PASSWORD_ID);	wpabuf_put_be16(buf, 2);	wpa_printf(MSG_DEBUG, "P2P: WPS IE Device Password ID: %d", pw_id);	wpabuf_put_be16(buf, pw_id);	if (all_attr) {		size_t nlen;		wpabuf_put_be16(buf, ATTR_RESPONSE_TYPE);		wpabuf_put_be16(buf, 1);		wpabuf_put_u8(buf, WPS_RESP_ENROLLEE_INFO);#if 0		/* FIX */		wps_build_uuid_e(buf, reg->wps->uuid);		wps_build_manufacturer(dev, buf);		wps_build_model_name(dev, buf);		wps_build_model_number(dev, buf);		wps_build_serial_number(dev, buf);#endif		wpabuf_put_be16(buf, ATTR_PRIMARY_DEV_TYPE);		wpabuf_put_be16(buf, WPS_DEV_TYPE_LEN);		wpabuf_put_data(buf, p2p->cfg->pri_dev_type, WPS_DEV_TYPE_LEN);		wpabuf_put_be16(buf, ATTR_DEV_NAME);		nlen = p2p->cfg->dev_name ? os_strlen(p2p->cfg->dev_name) : 0;		wpabuf_put_be16(buf, nlen);		if (p2p->cfg->dev_name)			wpabuf_put_data(buf, p2p->cfg->dev_name, nlen);		wpabuf_put_be16(buf, ATTR_CONFIG_METHODS);		wpabuf_put_be16(buf, 2);		wpabuf_put_be16(buf, 0); /* FIX: ? */	}	wps_build_wfa_ext(buf, 0, NULL, 0);	if (all_attr && p2p->cfg->num_sec_dev_types) {		wpabuf_put_be16(buf, ATTR_SECONDARY_DEV_TYPE_LIST);		wpabuf_put_be16(buf, WPS_DEV_TYPE_LEN *				p2p->cfg->num_sec_dev_types);		wpabuf_put_data(buf, p2p->cfg->sec_dev_type,				WPS_DEV_TYPE_LEN *				p2p->cfg->num_sec_dev_types);	}	/* Add the WPS vendor extensions */	for (i = 0; i < P2P_MAX_WPS_VENDOR_EXT; i++) {		if (p2p->wps_vendor_ext[i] == NULL)			break;		if (wpabuf_tailroom(buf) <		    4 + wpabuf_len(p2p->wps_vendor_ext[i]))			continue;		wpabuf_put_be16(buf, ATTR_VENDOR_EXT);		wpabuf_put_be16(buf, wpabuf_len(p2p->wps_vendor_ext[i]));		wpabuf_put_buf(buf, p2p->wps_vendor_ext[i]);	}	p2p_buf_update_ie_hdr(buf, len);}

int wps_build_wfa_ext(struct wpabuf *msg, int req_to_enroll,		      const u8 *auth_macs, size_t auth_macs_count,		      u8 multi_ap_subelem){	u8 *len;#ifdef CONFIG_WPS_TESTING	if (WPS_VERSION == 0x10)		return 0;#endif /* CONFIG_WPS_TESTING */	if (wpabuf_tailroom(msg) <	    7 + 3 + (req_to_enroll ? 3 : 0) +	    (auth_macs ? 2 + auth_macs_count * ETH_ALEN : 0))		return -1;	wpabuf_put_be16(msg, ATTR_VENDOR_EXT);	len = wpabuf_put(msg, 2); /* to be filled */	wpabuf_put_be24(msg, WPS_VENDOR_ID_WFA);	wpa_printf(MSG_DEBUG, "WPS:  * Version2 (0x%x)", WPS_VERSION);	wpabuf_put_u8(msg, WFA_ELEM_VERSION2);	wpabuf_put_u8(msg, 1);	wpabuf_put_u8(msg, WPS_VERSION);	if (req_to_enroll) {		wpa_printf(MSG_DEBUG, "WPS:  * Request to Enroll (1)");		wpabuf_put_u8(msg, WFA_ELEM_REQUEST_TO_ENROLL);		wpabuf_put_u8(msg, 1);		wpabuf_put_u8(msg, 1);	}	if (auth_macs && auth_macs_count) {		size_t i;		wpa_printf(MSG_DEBUG, "WPS:  * AuthorizedMACs (count=%d)",			   (int) auth_macs_count);		wpabuf_put_u8(msg, WFA_ELEM_AUTHORIZEDMACS);		wpabuf_put_u8(msg, auth_macs_count * ETH_ALEN);		wpabuf_put_data(msg, auth_macs, auth_macs_count * ETH_ALEN);		for (i = 0; i < auth_macs_count; i++)			wpa_printf(MSG_DEBUG, "WPS:    AuthorizedMAC: " MACSTR,				   MAC2STR(&auth_macs[i * ETH_ALEN]));	}	if (multi_ap_subelem) {		wpa_printf(MSG_DEBUG, "WPS:  * Multi-AP (0x%x)",			   multi_ap_subelem);		wpabuf_put_u8(msg, WFA_ELEM_MULTI_AP);		wpabuf_put_u8(msg, 1); /* length */		wpabuf_put_u8(msg, multi_ap_subelem);	}	WPA_PUT_BE16(len, (u8 *) wpabuf_put(msg, 0) - len - 2);#ifdef CONFIG_WPS_TESTING	if (WPS_VERSION > 0x20) {		if (wpabuf_tailroom(msg) < 5)			return -1;		wpa_printf(MSG_DEBUG, "WPS:  * Extensibility Testing - extra "			   "attribute");		wpabuf_put_be16(msg, ATTR_EXTENSIBILITY_TEST);		wpabuf_put_be16(msg, 1);		wpabuf_put_u8(msg, 42);	}#endif /* CONFIG_WPS_TESTING */	return 0;}

//.........这里部分代码省略.........	wpa_hexdump(MSG_DEBUG, "EAP-EKE: CBValue", pos, end - pos);	/*	 * temp = prf(0+, password)	 * key = prf+(temp, ID_S | ID_P)	 */	if (eap_eke_derive_key(&data->sess, password, password_len,			       data->serverid, data->serverid_len,			       data->peerid, data->peerid_len, key) < 0) {		wpa_printf(MSG_INFO, "EAP-EKE: Failed to derive key");		return eap_eke_build_fail(data, ret, id,					  EAP_EKE_FAIL_PRIVATE_INTERNAL_ERROR);	}	/*	 * y_p = g ^ x_p (mod p)	 * x_p = random number 2 .. p-1	 */	if (eap_eke_dh_init(data->sess.dhgroup, data->dh_priv, pub) < 0) {		wpa_printf(MSG_INFO, "EAP-EKE: Failed to initialize DH");		os_memset(key, 0, sizeof(key));		return eap_eke_build_fail(data, ret, id,					  EAP_EKE_FAIL_PRIVATE_INTERNAL_ERROR);	}	if (eap_eke_shared_secret(&data->sess, key, data->dh_priv, dhcomp) < 0)	{		wpa_printf(MSG_INFO, "EAP-EKE: Failed to derive shared secret");		os_memset(key, 0, sizeof(key));		return eap_eke_build_fail(data, ret, id,					  EAP_EKE_FAIL_PRIVATE_INTERNAL_ERROR);	}	if (eap_eke_derive_ke_ki(&data->sess,				 data->serverid, data->serverid_len,				 data->peerid, data->peerid_len) < 0) {		wpa_printf(MSG_INFO, "EAP-EKE: Failed to derive Ke/Ki");		os_memset(key, 0, sizeof(key));		return eap_eke_build_fail(data, ret, id,					  EAP_EKE_FAIL_PRIVATE_INTERNAL_ERROR);	}	wpa_printf(MSG_DEBUG, "EAP-EKE: Sending EAP-EKE-Commit/Response");	resp = eap_eke_build_msg(data, id,				 data->sess.dhcomp_len + data->sess.pnonce_len,				 EAP_EKE_COMMIT);	if (resp == NULL) {		os_memset(key, 0, sizeof(key));		return eap_eke_build_fail(data, ret, id,					  EAP_EKE_FAIL_PRIVATE_INTERNAL_ERROR);	}	/* DHComponent_P = Encr(key, y_p) */	rpos = wpabuf_put(resp, data->sess.dhcomp_len);	if (eap_eke_dhcomp(&data->sess, key, pub, rpos) < 0) {		wpabuf_free(resp);		wpa_printf(MSG_INFO, "EAP-EKE: Failed to build DHComponent_P");		os_memset(key, 0, sizeof(key));		return eap_eke_build_fail(data, ret, id,					  EAP_EKE_FAIL_PRIVATE_INTERNAL_ERROR);	}	os_memset(key, 0, sizeof(key));	wpa_hexdump(MSG_DEBUG, "EAP-EKE: DHComponent_P",		    rpos, data->sess.dhcomp_len);	if (random_get_bytes(data->nonce_p, data->sess.nonce_len)) {		wpabuf_free(resp);		return eap_eke_build_fail(data, ret, id,					  EAP_EKE_FAIL_PRIVATE_INTERNAL_ERROR);	}	wpa_hexdump_key(MSG_DEBUG, "EAP-EKE: Nonce_P",			data->nonce_p, data->sess.nonce_len);	prot_len = wpabuf_tailroom(resp);	if (eap_eke_prot(&data->sess, data->nonce_p, data->sess.nonce_len,			 wpabuf_put(resp, 0), &prot_len) < 0) {		wpabuf_free(resp);		return eap_eke_build_fail(data, ret, id,					  EAP_EKE_FAIL_PRIVATE_INTERNAL_ERROR);	}	wpa_hexdump(MSG_DEBUG, "EAP-EKE: PNonce_P",		    wpabuf_put(resp, 0), prot_len);	wpabuf_put(resp, prot_len);	/* TODO: CBValue */	if (wpabuf_resize(&data->msgs, wpabuf_len(reqData) + wpabuf_len(resp))	    < 0) {		wpabuf_free(resp);		return eap_eke_build_fail(data, ret, id,					  EAP_EKE_FAIL_PRIVATE_INTERNAL_ERROR);	}	wpabuf_put_buf(data->msgs, reqData);	wpabuf_put_buf(data->msgs, resp);	eap_eke_state(data, CONFIRM);	return resp;}

static struct wpabuf * eap_eke_process_confirm(struct eap_eke_data *data,					       struct eap_method_ret *ret,					       const struct wpabuf *reqData,					       const u8 *payload,					       size_t payload_len){	struct wpabuf *resp;	const u8 *pos, *end;	size_t prot_len;	u8 nonces[2 * EAP_EKE_MAX_NONCE_LEN];	u8 auth_s[EAP_EKE_MAX_HASH_LEN];	size_t decrypt_len;	u8 *auth;	u8 id = eap_get_id(reqData);	if (data->state != CONFIRM) {		wpa_printf(MSG_DEBUG, "EAP-EKE: EAP-EKE-Confirm/Request received in unexpected state (%d)",			   data->state);		return eap_eke_build_fail(data, ret, id,					  EAP_EKE_FAIL_PROTO_ERROR);	}	wpa_printf(MSG_DEBUG, "EAP-EKE: Received EAP-EKE-Confirm/Request");	pos = payload;	end = payload + payload_len;	if (pos + data->sess.pnonce_ps_len + data->sess.prf_len > end) {		wpa_printf(MSG_DEBUG, "EAP-EKE: Too short EAP-EKE-Confirm");		return eap_eke_build_fail(data, ret, id,					  EAP_EKE_FAIL_PROTO_ERROR);	}	decrypt_len = sizeof(nonces);	if (eap_eke_decrypt_prot(&data->sess, pos, data->sess.pnonce_ps_len,				 nonces, &decrypt_len) < 0) {		wpa_printf(MSG_INFO, "EAP-EKE: Failed to decrypt PNonce_PS");		return eap_eke_build_fail(data, ret, id,					  EAP_EKE_FAIL_AUTHENTICATION_FAIL);	}	if (decrypt_len != (size_t) 2 * data->sess.nonce_len) {		wpa_printf(MSG_INFO, "EAP-EKE: PNonce_PS protected data length does not match length of Nonce_P and Nonce_S");		return eap_eke_build_fail(data, ret, id,					  EAP_EKE_FAIL_AUTHENTICATION_FAIL);	}	wpa_hexdump_key(MSG_DEBUG, "EAP-EKE: Received Nonce_P | Nonce_S",			nonces, 2 * data->sess.nonce_len);	if (os_memcmp(data->nonce_p, nonces, data->sess.nonce_len) != 0) {		wpa_printf(MSG_INFO, "EAP-EKE: Received Nonce_P does not match transmitted Nonce_P");		return eap_eke_build_fail(data, ret, id,					  EAP_EKE_FAIL_AUTHENTICATION_FAIL);	}	os_memcpy(data->nonce_s, nonces + data->sess.nonce_len,		  data->sess.nonce_len);	wpa_hexdump_key(MSG_DEBUG, "EAP-EKE: Nonce_S",			data->nonce_s, data->sess.nonce_len);	if (eap_eke_derive_ka(&data->sess, data->serverid, data->serverid_len,			      data->peerid, data->peerid_len,			      data->nonce_p, data->nonce_s) < 0) {		return eap_eke_build_fail(data, ret, id,					  EAP_EKE_FAIL_PRIVATE_INTERNAL_ERROR);	}	if (eap_eke_auth(&data->sess, "EAP-EKE server", data->msgs, auth_s) < 0)	{		return eap_eke_build_fail(data, ret, id,					  EAP_EKE_FAIL_PRIVATE_INTERNAL_ERROR);	}	wpa_hexdump(MSG_DEBUG, "EAP-EKE: Auth_S", auth_s, data->sess.prf_len);	if (os_memcmp_const(auth_s, pos + data->sess.pnonce_ps_len,			    data->sess.prf_len) != 0) {		wpa_printf(MSG_INFO, "EAP-EKE: Auth_S does not match");		return eap_eke_build_fail(data, ret, id,					  EAP_EKE_FAIL_AUTHENTICATION_FAIL);	}	wpa_printf(MSG_DEBUG, "EAP-EKE: Sending EAP-EKE-Confirm/Response");	resp = eap_eke_build_msg(data, id,				 data->sess.pnonce_len + data->sess.prf_len,				 EAP_EKE_CONFIRM);	if (resp == NULL) {		return eap_eke_build_fail(data, ret, id,					  EAP_EKE_FAIL_PRIVATE_INTERNAL_ERROR);	}	prot_len = wpabuf_tailroom(resp);	if (eap_eke_prot(&data->sess, data->nonce_s, data->sess.nonce_len,			 wpabuf_put(resp, 0), &prot_len) < 0) {		wpabuf_free(resp);		return eap_eke_build_fail(data, ret, id,					  EAP_EKE_FAIL_PRIVATE_INTERNAL_ERROR);	}	wpabuf_put(resp, prot_len);	auth = wpabuf_put(resp, data->sess.prf_len);	if (eap_eke_auth(&data->sess, "EAP-EKE peer", data->msgs, auth) < 0) {		wpabuf_free(resp);//.........这里部分代码省略.........

/* insert AMPE and encrypted MIC at @ie. * @mesh_rsn: mesh RSN context * @sta: STA we're sending to * @cat: pointer to category code in frame header. * @buf: wpabuf to add encrypted AMPE and MIC to. * */int mesh_rsn_protect_frame(struct mesh_rsn *rsn, struct sta_info *sta,			   const u8 *cat, struct wpabuf *buf){	struct ieee80211_ampe_ie *ampe;	u8 const *ie = wpabuf_head_u8(buf) + wpabuf_len(buf);	u8 *ampe_ie = NULL, *mic_ie = NULL, *mic_payload;	const u8 *aad[] = { rsn->wpa_s->own_addr, sta->addr, cat };	const size_t aad_len[] = { ETH_ALEN, ETH_ALEN, ie - cat };	int ret = 0;	if (AES_BLOCK_SIZE + 2 + sizeof(*ampe) + 2 > wpabuf_tailroom(buf)) {		wpa_printf(MSG_ERROR, "protect frame: buffer too small");		return -EINVAL;	}	ampe_ie = os_zalloc(2 + sizeof(*ampe));	if (!ampe_ie) {		wpa_printf(MSG_ERROR, "protect frame: out of memory");		return -ENOMEM;	}	mic_ie = os_zalloc(2 + AES_BLOCK_SIZE);	if (!mic_ie) {		wpa_printf(MSG_ERROR, "protect frame: out of memory");		ret = -ENOMEM;		goto free;	}	/*  IE: AMPE */	ampe_ie[0] = WLAN_EID_AMPE;	ampe_ie[1] = sizeof(*ampe);	ampe = (struct ieee80211_ampe_ie *) (ampe_ie + 2);	RSN_SELECTOR_PUT(ampe->selected_pairwise_suite,		     wpa_cipher_to_suite(WPA_PROTO_RSN, WPA_CIPHER_CCMP));	os_memcpy(ampe->local_nonce, sta->my_nonce, 32);	os_memcpy(ampe->peer_nonce, sta->peer_nonce, 32);	/* incomplete: see 13.5.4 */	/* TODO: static mgtk for now since we don't support rekeying! */	os_memcpy(ampe->mgtk, rsn->mgtk, 16);	/*  TODO: Populate Key RSC */	/*  expire in 13 decades or so */	os_memset(ampe->key_expiration, 0xff, 4);	/* IE: MIC */	mic_ie[0] = WLAN_EID_MIC;	mic_ie[1] = AES_BLOCK_SIZE;	wpabuf_put_data(buf, mic_ie, 2);	/* MIC field is output ciphertext */	/* encrypt after MIC */	mic_payload = (u8 *) wpabuf_put(buf, 2 + sizeof(*ampe) +					AES_BLOCK_SIZE);	if (aes_siv_encrypt(sta->aek, ampe_ie, 2 + sizeof(*ampe), 3,			    aad, aad_len, mic_payload)) {		wpa_printf(MSG_ERROR, "protect frame: failed to encrypt");		ret = -ENOMEM;		goto free;	}free:	os_free(ampe_ie);	os_free(mic_ie);	return ret;}

int p2p_build_wps_ie(struct p2p_data *p2p, struct wpabuf *buf, int pw_id,		     int all_attr){	u8 *len;	int i;	if (wpabuf_tailroom(buf) < 6)		return -1;	wpabuf_put_u8(buf, WLAN_EID_VENDOR_SPECIFIC);	len = wpabuf_put(buf, 1);	wpabuf_put_be32(buf, WPS_DEV_OUI_WFA);	if (wps_build_version(buf) < 0)		return -1;	if (all_attr) {		if (wpabuf_tailroom(buf) < 5)			return -1;		wpabuf_put_be16(buf, ATTR_WPS_STATE);		wpabuf_put_be16(buf, 1);		wpabuf_put_u8(buf, WPS_STATE_NOT_CONFIGURED);	}	if (pw_id >= 0) {		if (wpabuf_tailroom(buf) < 6)			return -1;		/* Device Password ID */		wpabuf_put_be16(buf, ATTR_DEV_PASSWORD_ID);		wpabuf_put_be16(buf, 2);		wpa_printf(MSG_DEBUG, "P2P: WPS IE Device Password ID: %d",			   pw_id);		wpabuf_put_be16(buf, pw_id);	}	if (all_attr) {		if (wpabuf_tailroom(buf) < 5)			return -1;		wpabuf_put_be16(buf, ATTR_RESPONSE_TYPE);		wpabuf_put_be16(buf, 1);		wpabuf_put_u8(buf, WPS_RESP_ENROLLEE_INFO);		if (wps_build_uuid_e(buf, p2p->cfg->uuid) < 0 ||		    p2p_add_wps_string(buf, ATTR_MANUFACTURER,				       p2p->cfg->manufacturer) < 0 ||		    p2p_add_wps_string(buf, ATTR_MODEL_NAME,				       p2p->cfg->model_name) < 0 ||		    p2p_add_wps_string(buf, ATTR_MODEL_NUMBER,				       p2p->cfg->model_number) < 0 ||		    p2p_add_wps_string(buf, ATTR_SERIAL_NUMBER,				       p2p->cfg->serial_number) < 0)			return -1;		if (wpabuf_tailroom(buf) < 4 + WPS_DEV_TYPE_LEN)			return -1;		wpabuf_put_be16(buf, ATTR_PRIMARY_DEV_TYPE);		wpabuf_put_be16(buf, WPS_DEV_TYPE_LEN);		wpabuf_put_data(buf, p2p->cfg->pri_dev_type, WPS_DEV_TYPE_LEN);		if (p2p_add_wps_string(buf, ATTR_DEV_NAME, p2p->cfg->dev_name)		    < 0)			return -1;		if (wpabuf_tailroom(buf) < 6)			return -1;		wpabuf_put_be16(buf, ATTR_CONFIG_METHODS);		wpabuf_put_be16(buf, 2);		wpabuf_put_be16(buf, p2p->cfg->config_methods);	}	if (wps_build_wfa_ext(buf, 0, NULL, 0) < 0)		return -1;	if (all_attr && p2p->cfg->num_sec_dev_types) {		if (wpabuf_tailroom(buf) <		    4 + WPS_DEV_TYPE_LEN * p2p->cfg->num_sec_dev_types)			return -1;		wpabuf_put_be16(buf, ATTR_SECONDARY_DEV_TYPE_LIST);		wpabuf_put_be16(buf, WPS_DEV_TYPE_LEN *				p2p->cfg->num_sec_dev_types);		wpabuf_put_data(buf, p2p->cfg->sec_dev_type,				WPS_DEV_TYPE_LEN *				p2p->cfg->num_sec_dev_types);	}	/* Add the WPS vendor extensions */	for (i = 0; i < P2P_MAX_WPS_VENDOR_EXT; i++) {		if (p2p->wps_vendor_ext[i] == NULL)			break;		if (wpabuf_tailroom(buf) <		    4 + wpabuf_len(p2p->wps_vendor_ext[i]))			continue;		wpabuf_put_be16(buf, ATTR_VENDOR_EXT);		wpabuf_put_be16(buf, wpabuf_len(p2p->wps_vendor_ext[i]));		wpabuf_put_buf(buf, p2p->wps_vendor_ext[i]);	}	p2p_buf_update_ie_hdr(buf, len);	return 0;}

/** * tlsv1_client_decrypt - Decrypt data from TLS tunnel * @conn: TLSv1 client connection data from tlsv1_client_init() * @in_data: Pointer to input buffer (encrypted TLS data) * @in_len: Input buffer length * @need_more_data: Set to 1 if more data would be needed to complete *	processing * Returns: Decrypted data or %NULL on failure * * This function is used after TLS handshake has been completed successfully to * receive data from the encrypted tunnel. */struct wpabuf * tlsv1_client_decrypt(struct tlsv1_client *conn,				     const u8 *in_data, size_t in_len,				     int *need_more_data){	const u8 *in_end, *pos;	int used;	u8 alert, *out_pos, ct;	size_t olen;	struct wpabuf *buf = NULL;	if (need_more_data)		*need_more_data = 0;	if (conn->partial_input) {		if (wpabuf_resize(&conn->partial_input, in_len) < 0) {			wpa_printf(MSG_DEBUG, "TLSv1: Failed to allocate "				   "memory for pending record");			alert = TLS_ALERT_INTERNAL_ERROR;			goto fail;		}		wpabuf_put_data(conn->partial_input, in_data, in_len);		in_data = wpabuf_head(conn->partial_input);		in_len = wpabuf_len(conn->partial_input);	}	pos = in_data;	in_end = in_data + in_len;	while (pos < in_end) {		ct = pos[0];		if (wpabuf_resize(&buf, in_end - pos) < 0) {			alert = TLS_ALERT_INTERNAL_ERROR;			goto fail;		}		out_pos = wpabuf_put(buf, 0);		olen = wpabuf_tailroom(buf);		used = tlsv1_record_receive(&conn->rl, pos, in_end - pos,					    out_pos, &olen, &alert);		if (used < 0) {			wpa_printf(MSG_DEBUG, "TLSv1: Record layer processing "				   "failed");			goto fail;		}		if (used == 0) {			struct wpabuf *partial;			wpa_printf(MSG_DEBUG, "TLSv1: Need more data");			partial = wpabuf_alloc_copy(pos, in_end - pos);			wpabuf_free(conn->partial_input);			conn->partial_input = partial;			if (conn->partial_input == NULL) {				wpa_printf(MSG_DEBUG, "TLSv1: Failed to "					   "allocate memory for pending "					   "record");				alert = TLS_ALERT_INTERNAL_ERROR;				goto fail;			}			if (need_more_data)				*need_more_data = 1;			return buf;		}		if (ct == TLS_CONTENT_TYPE_ALERT) {			if (olen < 2) {				wpa_printf(MSG_DEBUG, "TLSv1: Alert "					   "underflow");				alert = TLS_ALERT_DECODE_ERROR;				goto fail;			}			wpa_printf(MSG_DEBUG, "TLSv1: Received alert %d:%d",				   out_pos[0], out_pos[1]);			if (out_pos[0] == TLS_ALERT_LEVEL_WARNING) {				/* Continue processing */				pos += used;				continue;			}			alert = out_pos[1];			goto fail;		}		if (ct != TLS_CONTENT_TYPE_APPLICATION_DATA) {			wpa_printf(MSG_DEBUG, "TLSv1: Unexpected content type "				   "0x%x when decrypting application data",				   pos[0]);			alert = TLS_ALERT_UNEXPECTED_MESSAGE;			goto fail;		}//.........这里部分代码省略.........