void iwn_wapi_sm_rx_wai(struct wapi_asue_st *wpa_s, const unsigned char *src_addr, const unsigned char *buf, size_t len)
{
size_t plen;
struct wai_hdr *hdr;
u8 *wai_payload ;
int res = 0;
int frmlen = 0;
src_addr = src_addr;/*disable warnning*/
if(wpa_s->wapi_state <WAPISM_AL_ASSOC)
{
iwn_wpa_printf(MSG_DEBUG, "wpa_s->wapi_state <WAPISM_AL_ASSOC");
return ;
}
else if((wpa_s->ap_type == AUTH_TYPE_WAPI) && (iwn_eloop.has_cert == 0))
{
iwn_wpa_printf(MSG_DEBUG, "No cert");
return ;
}
hdr = (struct wai_hdr *) buf;
if(check_wai_frame(wpa_s, buf, len) != 0){
iwn_wpa_printf(MSG_DEBUG, "WPA: WAI frame is wrong");
return;
}
wai_payload = (u8 *) (hdr + 1);
GETSHORT((buf+6), frmlen);
//plen = iwn_ntohs(hdr->length) - sizeof(*hdr);
plen = frmlen - sizeof(*hdr);
iwn_wpa_printf(MSG_ERROR, "iwn_wapi_sm_rx_wai plen = '%d', hdr->length = '%d'. stype = %d\n", plen, frmlen, hdr->stype);
switch (hdr->stype) {
case WAI_AUTHACTIVE:
res = waigroup_cert_1_3(wpa_s, wai_payload, plen);
if(res == -1)
wapi_supplicant_key_negotiation_state_report(WPA_ASSOCIATED);
break;
case WAI_ACCESS_AUTH_RESPONSE:
res = waigroup_cert_3_3(wpa_s, wai_payload, plen);
if (0 == res) {
timer_reset();
} else if (-1 == res) {
timer_resend();
} else if (-2 == res) {
setPskIncorrect();
}
break;
case WAI_USK_NEGOTIATION_REQUEST:
res = waigroup_unicast_1_3(wpa_s, wai_payload, plen);
if(res == -1)
wapi_supplicant_key_negotiation_state_report(WPA_ASSOCIATED);
else if (-2 == res) {
setPskIncorrect();
}
break;
case WAI_USK_NEGOTIATION_CONFIRMATION:
res = waigroup_unicast_3_3(wpa_s, wai_payload, plen);
if (0 == res) {
timer_reset();
} else if (-1 == res) {
timer_resend();
}
break;
case WAI_MSK_ANNOUNCEMENT:
res = waigroup_multicast_1_2(wpa_s, wai_payload,plen);
break;
case WAI_STAKEY_REQUEST:
iwn_wpa_printf(MSG_DEBUG, "WPA: receive ignore frame stype %u", hdr->stype);
break;
case WAI_PREAUTH_START:
case WAI_ACCESS_AUTH_REQUEST:
case WAI_CERT_AUTH_REQUEST:
case WAI_CERT_AUTH_RESPONSE:
case WAI_USK_NEGOTIATION_RESPONSE:
case WAI_MSK_ANNOUNCEMENT_RESPONSE:
iwn_wpa_printf(MSG_DEBUG, "WPA: receive error frame stype %u", hdr->stype);
break;
default:
iwn_wpa_printf(MSG_DEBUG, "WPA: receive unknown frame stype %u", hdr->stype);
return;
}
wpa_s->rxfrag = free_rxfrag(wpa_s->rxfrag);
}
开发者ID:pocketbook,项目名称:801,代码行数:88,代码来源:wapi.c
示例2: dnsdb_find
//.........这里部分代码省略.........
else if (type == T_TLSA)
{
uint8_t usage, selector, matching_type;
uint16_t i, payload_length;
uschar s[MAX_TLSA_EXPANDED_SIZE];
uschar * sp = s;
uschar * p = US rr->data;
usage = *p++;
selector = *p++;
matching_type = *p++;
/* What's left after removing the first 3 bytes above */
payload_length = rr->size - 3;
sp += sprintf(CS s, "%d%c%d%c%d%c", usage, *outsep2,
selector, *outsep2, matching_type, *outsep2);
/* Now append the cert/identifier, one hex char at a time */
for (i=0;
i < payload_length && sp-s < (MAX_TLSA_EXPANDED_SIZE - 4);
i++)
sp += sprintf(CS sp, "%02x", (unsigned char)p[i]);
yield = string_cat(yield, &size, &ptr, s);
}
else /* T_CNAME, T_CSA, T_MX, T_MXH, T_NS, T_PTR, T_SOA, T_SRV */
{
int priority, weight, port;
uschar s[264];
uschar * p = US rr->data;
switch (type)
{
case T_MXH:
/* mxh ignores the priority number and includes only the hostnames */
GETSHORT(priority, p);
break;
case T_MX:
GETSHORT(priority, p);
sprintf(CS s, "%d%c", priority, *outsep2);
yield = string_cat(yield, &size, &ptr, s);
break;
case T_SRV:
GETSHORT(priority, p);
GETSHORT(weight, p);
GETSHORT(port, p);
sprintf(CS s, "%d%c%d%c%d%c", priority, *outsep2,
weight, *outsep2, port, *outsep2);
yield = string_cat(yield, &size, &ptr, s);
break;
case T_CSA:
/* See acl_verify_csa() for more comments about CSA. */
GETSHORT(priority, p);
GETSHORT(weight, p);
GETSHORT(port, p);
if (priority != 1) continue; /* CSA version must be 1 */
/* If the CSA record we found is not the one we asked for, analyse
the subdomain assertions in the port field, else analyse the direct
authorization status in the weight field. */
if (Ustrcmp(found, domain) != 0)
{
if (port & 1) *s = 'X'; /* explicit authorization required */
开发者ID:ulwanski,项目名称:exim,代码行数:67,代码来源:dnsdb.c
示例3: dns_special_lookup
//.........这里部分代码省略.........
/* Do not perform the search if the top level or 2nd level domains do not
exist. This is quite common, and when it occurs all the search queries would
go to the root or TLD name servers, which is not friendly. So we check the
AUTHORITY section; if it contains the root's SOA record or the TLD's SOA then
the TLD or the 2LD (respectively) doesn't exist and we can skip the search.
If the TLD and the 2LD exist but the explicit CSA record lookup failed, then
the AUTHORITY SOA will be the 2LD's or a subdomain thereof. */
if (rc == DNS_NOMATCH)
{
/* This is really gross. The successful return value from res_search() is
the packet length, which is stored in dnsa->answerlen. If we get a
negative DNS reply then res_search() returns -1, which causes the bounds
checks for name decompression to fail when it is treated as a packet
length, which in turn causes the authority search to fail. The correct
packet length has been lost inside libresolv, so we have to guess a
replacement value. (The only way to fix this properly would be to
re-implement res_search() and res_query() so that they don't muddle their
success and packet length return values.) For added safety we only reset
the packet length if the packet header looks plausible. */
HEADER *h = (HEADER *)dnsa->answer;
if (h->qr == 1 && h->opcode == QUERY && h->tc == 0
&& (h->rcode == NOERROR || h->rcode == NXDOMAIN)
&& ntohs(h->qdcount) == 1 && ntohs(h->ancount) == 0
&& ntohs(h->nscount) >= 1)
dnsa->answerlen = MAXPACKET;
for (rr = dns_next_rr(dnsa, &dnss, RESET_AUTHORITY);
rr;
rr = dns_next_rr(dnsa, &dnss, RESET_NEXT)
)
if (rr->type != T_SOA) continue;
else if (strcmpic(rr->name, US"") == 0 ||
strcmpic(rr->name, tld) == 0) return DNS_NOMATCH;
else break;
}
for (i = 0; i < limit; i++)
{
if (ipv6)
{
/* Scan through the IPv6 reverse DNS in chunks of 16 bits worth of IP
address, i.e. 4 hex chars and 4 dots, i.e. 8 chars. */
namesuff -= 8;
if (namesuff <= name) return DNS_NOMATCH;
}
else
/* Find the start of the preceding domain name label. */
do
if (--namesuff <= name) return DNS_NOMATCH;
while (*namesuff != '.');
DEBUG(D_dns) debug_printf("CSA parent search at %s\n", namesuff + 1);
srvname = string_sprintf("_client._smtp.%s", namesuff + 1);
rc = dns_lookup(dnsa, srvname, T_SRV, NULL);
if (rc == DNS_AGAIN) return rc;
if (rc != DNS_SUCCEED) continue;
/* Check that the SRV record we have found is worth returning. We don't
just return the first one we find, because some lower level SRV record
might make stricter assertions than its parent domain. */
for (rr = dns_next_rr(dnsa, &dnss, RESET_ANSWERS);
rr;
rr = dns_next_rr(dnsa, &dnss, RESET_NEXT))
{
if (rr->type != T_SRV) continue;
/* Extract the numerical SRV fields (p is incremented) */
p = rr->data;
GETSHORT(priority, p);
GETSHORT(weight, p); weight = weight; /* compiler quietening */
GETSHORT(port, p);
/* Check the CSA version number */
if (priority != 1) continue;
/* If it's making an interesting assertion, return this response. */
if (port & 1)
{
*fully_qualified_name = namesuff + 1;
return DNS_SUCCEED;
}
}
}
return DNS_NOMATCH;
}
default:
if (type >= 0)
return dns_lookup(dnsa, name, type, fully_qualified_name);
}
/* Control should never reach here */
return DNS_FAIL;
}
开发者ID:loganaden,项目名称:exim,代码行数:101,代码来源:dns.c
示例4: dn_expand
static unsigned char *php_parserr(unsigned char *cp, unsigned char* end,
querybuf *answer,
int type_to_fetch, bool store,
Array &subarray) {
unsigned short type, cls ATTRIBUTE_UNUSED, dlen;
unsigned long ttl;
int64_t n, i;
unsigned short s;
unsigned char *tp, *p;
char name[255 + 2]; // IETF STD 13 section 3.1; 255 bytes
int have_v6_break = 0, in_v6_break = 0;
n = dn_expand(answer->qb2, answer->qb2+65536, cp, name, sizeof(name) - 2);
if (n < 0) {
return NULL;
}
cp += n;
CHECKCP(10);
GETSHORT(type, cp);
GETSHORT(cls, cp);
GETLONG(ttl, cp);
GETSHORT(dlen, cp);
CHECKCP(dlen);
if (type_to_fetch != T_ANY && type != type_to_fetch) {
cp += dlen;
return cp;
}
if (!store) {
cp += dlen;
return cp;
}
subarray.set(s_host, String(name, CopyString));
switch (type) {
case DNS_T_A:
CHECKCP(4);
subarray.set(s_type, s_A);
snprintf(name, sizeof(name), "%d.%d.%d.%d", cp[0], cp[1], cp[2], cp[3]);
subarray.set(s_ip, String(name, CopyString));
cp += dlen;
break;
case DNS_T_MX:
CHECKCP(2);
subarray.set(s_type, s_MX);
GETSHORT(n, cp);
subarray.set(s_pri, n);
/* no break; */
case DNS_T_CNAME:
if (type == DNS_T_CNAME) {
subarray.set(s_type, s_CNAME);
}
/* no break; */
case DNS_T_NS:
if (type == DNS_T_NS) {
subarray.set(s_type, s_NS);
}
/* no break; */
case DNS_T_PTR:
if (type == DNS_T_PTR) {
subarray.set(s_type, s_PTR);
}
n = dn_expand(answer->qb2, answer->qb2+65536, cp, name, (sizeof name) - 2);
if (n < 0) {
return NULL;
}
cp += n;
subarray.set(s_target, String(name, CopyString));
break;
case DNS_T_HINFO:
/* See RFC 1010 for values */
subarray.set(s_type, s_HINFO);
CHECKCP(1);
n = *cp & 0xFF;
cp++;
CHECKCP(n);
subarray.set(s_cpu, String((const char *)cp, n, CopyString));
cp += n;
CHECKCP(1);
n = *cp & 0xFF;
cp++;
CHECKCP(n);
subarray.set(s_os, String((const char *)cp, n, CopyString));
cp += n;
break;
case DNS_T_TXT: {
int l1 = 0, l2 = 0;
String s = String(dlen, ReserveString);
tp = (unsigned char *)s.mutableData();
while (l1 < dlen) {
n = cp[l1];
if ((n + l1) > dlen) {
// bad record, don't set anything
break;
}
memcpy(tp + l1 , cp + l1 + 1, n);
l1 = l1 + n + 1;
//.........这里部分代码省略.........
struct wapi_rxfrag *iwn_wpa_defrag(struct wapi_asue_st *wpa_s, struct wapi_rxfrag *rxbuf)
{
u8 *buf =(u8 *)rxbuf->data;
int len = rxbuf->data_len;
struct wai_hdr *hdr = (struct wai_hdr *)buf;
u16 rxseq=0, last_rxseq=0;
u8 fragno, last_fragno;
u8 more_frag = hdr->more_frag;
struct wapi_rxfrag *wai_frame = NULL;
GETSHORT(hdr->rxseq, rxseq);
fragno = hdr->frag_sc;
/* Quick way out, if there's nothing to defragment */
if ((!more_frag) && (fragno == 0) && (wpa_s->rxfrag== NULL))
{
iwn_wpa_printf(MSG_DEBUG, "WPA: in %s:%d", __func__, __LINE__);
return rxbuf;
}
/*
* Update the time stamp. As a side effect, it
* also makes sure that the timer will not change
* ni->ni_rxfrag[0] for at least 1 second, or in
* other words, for the remaining of this function.
*/
/*
* Validate that fragment is in order and
* related to the previous ones.
*/
if (wpa_s->rxfrag) {
struct wai_hdr *hdr1;
iwn_wpa_printf(MSG_DEBUG, "WPA: in %s:%d", __func__, __LINE__);
hdr1 = (struct wai_hdr *) wpa_s->rxfrag->data;
GETSHORT(hdr1->rxseq, last_rxseq);
last_fragno = hdr1->frag_sc;
if (rxseq != last_rxseq
|| fragno != last_fragno + 1
||(wpa_s->rxfrag->maxlen - wpa_s->rxfrag->data_len< len)
/*||(time(NULL) - wpa_s->rxfragstamp >1)*/
)
{
/*
* Unrelated fragment or no space for it,
* clear current fragments
*/
wpa_s->rxfrag = free_rxfrag(wpa_s->rxfrag);
}
iwn_wpa_printf(MSG_DEBUG, "WPA: in %s:%d", __func__, __LINE__);
}
/* If this is the first fragment */
if (wpa_s->rxfrag == NULL && fragno == 0) {
/*ni->ni_rxfrag[0] = skb;*/
wpa_s->rxfrag = malloc_rxfrag(PAGE_LEN);
/* If more frags are coming */
if (more_frag) {
wpa_put_frag(wpa_s->rxfrag, buf, len);
iwn_wpa_printf(MSG_DEBUG, "WPA: in %s:%d", __func__, __LINE__);
}
}
else {
if (wpa_s->rxfrag) {
struct wai_hdr *lhdr = (struct wai_hdr *)wpa_s->rxfrag->data;
/*
* We know we have enough space to copy,
* we've verified that before
*/
/* Copy current fragment at end of previous one */
/* Update tail and length */
wpa_put_frag(wpa_s->rxfrag , buf + WAI_HDR, len - WAI_HDR);
/* Keep a copy of last sequence and fragno */
*(u16 *)lhdr->rxseq = *(u16*)hdr->rxseq;
lhdr->frag_sc = hdr->frag_sc;
}
}
if (more_frag) {
/* More to come */
wai_frame = NULL;
} else {
/* Last fragment received, we're done! */
wai_frame = wpa_s->rxfrag;
}
/* wpa_s->rxfragstamp = time(0);*/
return wai_frame;
}
客服电话
APP下载
官方微信
请发表评论